Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
0db13a33ab
NetBSD/share/man
History
drochner b4da53f1e6 make the use of SHA2-HMAC by FAST_IPSEC compliant to current standards: 
-RFC2104 says that the block size of the hash algorithm must be used
 for key/ipad/opad calculations. While formerly all ciphers used a block
 length of 64, SHA384 and SHA512 use 128 bytes. So we can't use the
 HMAC_BLOCK_LEN constant anymore. Add a new field to "struct auth_hash"
 for the per-cipher blocksize.
-Due to this, there can't be a single "CRYPTO_SHA2_HMAC" external name
 anymore. Replace this by 3 for the 3 different keysizes.
 This was done by Open/FreeBSD before.
-Also fix the number of authenticator bits used tor ESP and AH to
 conform to RFC4868, and remove uses of AH_HMAC_HASHLEN which did
 assume a fixed authenticator size of 12 bytes.

FAST_IPSEC will not interoperate with KAME IPSEC anymore if sha2 is used,
because the latter doesn't implement these standards. It should
interoperate with at least modern Free/OpenBSD now.
(I've only tested with NetBSD-current/FAST_IPSEC on both ends.)
2011-02-25 20:13:10 +00:00
..
man0 Add support for the Extensible MIPS ("eMIPS") platform. The 2011-01-26 01:18:43 +00:00
man1 Proper markup. 2010-05-14 21:50:05 +00:00
man2 fix typo. 2010-07-26 12:50:52 +00:00
man3 Explain "Cannot dlopen non-loadable /usr/lib/libpthread.so.1". 2011-02-13 16:01:39 +00:00
man4 make the use of SHA2-HMAC by FAST_IPSEC compliant to current standards: 2011-02-25 20:13:10 +00:00
man5 Typo in macro. 2011-02-21 18:12:26 +00:00
man6 Fix preamble 2009-03-11 13:52:11 +00:00
man7 Remove trailing whitespace. 2011-02-02 09:07:32 +00:00
man8 add missing license notice as suggested by wiz@. 2011-01-27 11:33:43 +00:00
man9 Notify that the file system has to be mounted first before modules can 2011-02-13 16:50:16 +00:00
tools Revert previous: this is a list of wrong spellings. 2006-12-23 08:00:37 +00:00
Makefile