diff options
author | YASUOKA Masahiko <yasuoka@cvs.openbsd.org> | 2021-11-04 03:53:58 +0000 |
---|---|---|
committer | YASUOKA Masahiko <yasuoka@cvs.openbsd.org> | 2021-11-04 03:53:58 +0000 |
commit | 8f092511d0a0269c6b42bc7c609069ffd5f201e9 (patch) | |
tree | a8a0accadb6bebd6696984c3d161e01974f53de7 | |
parent | 413924069c07a25cef98b602434091e9b5dea9bf (diff) |
Clarify "aes" will accept keys which length is in 128:256 bits. Also
correct "cast" in ipsec.conf.5 to "cast128", add missing
"chacha20-poly1305", and sync iked.conf.5 and ipsec.conf.5 some
places.
ok jmc sthen
-rw-r--r-- | sbin/iked/iked.conf.5 | 8 | ||||
-rw-r--r-- | sbin/ipsecctl/ipsec.conf.5 | 30 |
2 files changed, 27 insertions, 11 deletions
diff --git a/sbin/iked/iked.conf.5 b/sbin/iked/iked.conf.5 index 7787cf851d5..6186e1825e7 100644 --- a/sbin/iked/iked.conf.5 +++ b/sbin/iked/iked.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: iked.conf.5,v 1.87 2021/10/26 17:31:22 tobhe Exp $ +.\" $OpenBSD: iked.conf.5,v 1.88 2021/11/04 03:53:57 yasuoka Exp $ .\" .\" Copyright (c) 2010 - 2014 Reyk Floeter <reyk@openbsd.org> .\" Copyright (c) 2004 Mathieu Sauve-Frankel All rights reserved. @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: October 26 2021 $ +.Dd $Mdocdate: November 4 2021 $ .Dt IKED.CONF 5 .Os .Sh NAME @@ -998,9 +998,9 @@ keyword. 3DES requires 24 bytes to form its 168-bit key. This is because the most significant bit of each byte is used for parity. .Pp -The keysize of AES-CTR is actually 128-bit. +The keysize of AES-CTR can be 128, 192, or 256 bits. However as well as the key, a 32-bit nonce has to be supplied. -Thus 160 bits of key material have to be supplied. +Thus 160, 224, or 288 bits of key material, respectively, have to be supplied. The same applies to AES-GCM, AES-GMAC and Chacha20-Poly1305, however in the latter case the keysize is 256 bit. .Pp diff --git a/sbin/ipsecctl/ipsec.conf.5 b/sbin/ipsecctl/ipsec.conf.5 index f948af81228..98acad6a4ff 100644 --- a/sbin/ipsecctl/ipsec.conf.5 +++ b/sbin/ipsecctl/ipsec.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ipsec.conf.5,v 1.160 2021/10/22 12:30:54 bluhm Exp $ +.\" $OpenBSD: ipsec.conf.5,v 1.161 2021/11/04 03:53:57 yasuoka Exp $ .\" .\" Copyright (c) 2004 Mathieu Sauve-Frankel All rights reserved. .\" @@ -22,7 +22,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: October 22 2021 $ +.Dd $Mdocdate: November 4 2021 $ .Dt IPSEC.CONF 5 .Os .Sh NAME @@ -637,10 +637,10 @@ keyword: The following cipher types are permitted with the .Ic enc keyword: -.Bl -column "aes-128-gmac" "Key Length" "Description" -offset indent +.Bl -column "chacha20-poly1305" "128-256 bits" "Description" -offset indent .It Em "Cipher" Ta Em "Key Length" Ta "" .It Li 3des Ta "168 bits" Ta "" -.It Li aes Ta "128 bits" Ta "" +.It Li aes Ta "128-256 bits" Ta "" .It Li aes-128 Ta "128 bits" Ta "" .It Li aes-192 Ta "192 bits" Ta "" .It Li aes-256 Ta "256 bits" Ta "" @@ -651,21 +651,37 @@ keyword: .It Li aes-128-gcm Ta "160 bits" Ta "[phase 2 only, IKE only]" .It Li aes-192-gcm Ta "224 bits" Ta "[phase 2 only, IKE only]" .It Li aes-256-gcm Ta "288 bits" Ta "[phase 2 only, IKE only]" +.It Li blowfish Ta "160 bits" Ta "" +.It Li cast128 Ta "128 bits" Ta "" +.It Li chacha20-poly1305 Ta "288 bits" Ta "" +.El +.Pp +The following cipher types provide only authentication, not encryption: +.Bl -column "chacha20-poly1305" "128-256 bits" "Description" -offset indent .It Li aes-128-gmac Ta "160 bits" Ta "[phase 2 only, IKE only]" .It Li aes-192-gmac Ta "224 bits" Ta "[phase 2 only, IKE only]" .It Li aes-256-gmac Ta "288 bits" Ta "[phase 2 only, IKE only]" -.It Li blowfish Ta "160 bits" Ta "" -.It Li cast Ta "128 bits" Ta "" .It Li null Ta "(none)" Ta "[phase 2 only]" .El .Pp +Transforms followed by +.Bq IKE only +can only be used with the +.Ic ike +keyword, transforms with +.Bq phase 2 only +can only be used with the +.Ic quick +keyword. +.Pp 3DES requires 24 bytes to form its 168-bit key. This is because the most significant bit of each byte is used for parity. .Pp The keysize of AES-CTR can be 128, 192, or 256 bits. However as well as the key, a 32-bit nonce has to be supplied. Thus 160, 224, or 288 bits of key material, respectively, have to be supplied. -The same applies to AES-GCM and AES-GMAC. +The same applies to AES-GCM, AES-GMAC and Chacha20-Poly1305, +however in the latter case the keysize is 256 bit. .Pp Using AES-GMAC or NULL with ESP will only provide authentication. This is useful in setups where AH cannot be used, e.g. when NAT is involved. |