Yoav Nir writes:
> I'm sorry I just noticed this, but is this even allowed? Can you
> include multiple key length attributes in the same transform?
Yes, you are right, you cannot include multiple key length attributes,
as they would be AND for all of them. So yes, they need to be separate
transform each of them.
Here is my fixed proposal picture:
----------------------------------------------------------------------
SA Payload
|
+------------------+---------------------------+
| |
| |
Proposal #1 Proposal #2
Proto ID = ESP (3) Proto ID = ESP (3)
SPI size = 4 SPI size = 4
7 transforms 4 transforms
SPI = 0x95903423 SPI = 0x12345678
| |
+------+-+----+------+------+------+------+ +------+------+------+
| | | | | | | | | | |
Trans Trans Trans Trans Trans Trans Trans Trans Trans Trans Trans
form form form form form form form form form form form
ENCR INTEG ENCR INTEG ENCR ESN ESN ENCR ESN ENCR ESN
ENCR AUTH ENCR AUTH ENCR No Use AES- No AES- Use
_AES _HMAC _AES _AES _AES ESN ESN GCM ESN GCM ESN
_CBC _SHA1 _CBC _XCBC _CBC 0 1 w/8 0 w/8 1
| _96 | _96 | octet octet
| | | ICV ICV
| | | | |
| | | | |
Attribute Attribute Attribute Attribute Attribute
Key Length Key Length Key Length Key Length Key Length
128 192 256 128 256
----------------------------------------------------------------------
> The initiator of an exchange MUST check that the
> accepted offer is consistent with one of its proposals, and if not
> that response MUST be rejected.
>
> BTW: how do you reject a response?
Silently drop the negotiation (or just the packet if this is
IKE_SA_INIT) with the peer, as it is clearly not following the
specification, and this is not a problem that will be fixed by
changing configuration or similar, it does require software update of
the other end.
--
kivi...@iki.fi
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
