algorithms.sh revision 1.1.4.2
1 1.1.4.2 pgoyette # $NetBSD: algorithms.sh,v 1.1.4.2 2017/04/26 02:53:34 pgoyette Exp $ 2 1.1.4.2 pgoyette # 3 1.1.4.2 pgoyette # Copyright (c) 2017 Internet Initiative Japan Inc. 4 1.1.4.2 pgoyette # All rights reserved. 5 1.1.4.2 pgoyette # 6 1.1.4.2 pgoyette # Redistribution and use in source and binary forms, with or without 7 1.1.4.2 pgoyette # modification, are permitted provided that the following conditions 8 1.1.4.2 pgoyette # are met: 9 1.1.4.2 pgoyette # 1. Redistributions of source code must retain the above copyright 10 1.1.4.2 pgoyette # notice, this list of conditions and the following disclaimer. 11 1.1.4.2 pgoyette # 2. Redistributions in binary form must reproduce the above copyright 12 1.1.4.2 pgoyette # notice, this list of conditions and the following disclaimer in the 13 1.1.4.2 pgoyette # documentation and/or other materials provided with the distribution. 14 1.1.4.2 pgoyette # 15 1.1.4.2 pgoyette # THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 16 1.1.4.2 pgoyette # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 17 1.1.4.2 pgoyette # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 18 1.1.4.2 pgoyette # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 19 1.1.4.2 pgoyette # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 20 1.1.4.2 pgoyette # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 21 1.1.4.2 pgoyette # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 22 1.1.4.2 pgoyette # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 23 1.1.4.2 pgoyette # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 24 1.1.4.2 pgoyette # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25 1.1.4.2 pgoyette # POSSIBILITY OF SUCH DAMAGE. 26 1.1.4.2 pgoyette # 27 1.1.4.2 pgoyette 28 1.1.4.2 pgoyette ESP_ENCRYPTION_ALGORITHMS="des-cbc 3des-cbc null blowfish-cbc cast128-cbc \ 29 1.1.4.2 pgoyette des-deriv rijndael-cbc aes-ctr camellia-cbc aes-gcm-16 aes-gmac" 30 1.1.4.2 pgoyette 31 1.1.4.2 pgoyette # Valid key lengths of ESP encription algorithms 32 1.1.4.2 pgoyette # des-cbc 64 33 1.1.4.2 pgoyette # 3des-cbc 192 34 1.1.4.2 pgoyette # null 0 to 2048 XXX only accept 0 length 35 1.1.4.2 pgoyette # blowfish-cbc 40 to 448 36 1.1.4.2 pgoyette # cast128-cbc 40 to 128 37 1.1.4.2 pgoyette # des-deriv 64 38 1.1.4.2 pgoyette # 3des-deriv 192 XXX not implemented 39 1.1.4.2 pgoyette # rijndael-cbc 128/192/256 40 1.1.4.2 pgoyette # twofish-cbc 0 to 256 XXX not supported 41 1.1.4.2 pgoyette # aes-ctr 160/224/288 42 1.1.4.2 pgoyette # camellia-cbc 128/192/256 43 1.1.4.2 pgoyette # aes-gcm-16 160/224/288 44 1.1.4.2 pgoyette # aes-gmac 160/224/288 45 1.1.4.2 pgoyette valid_keys_descbc="64" 46 1.1.4.2 pgoyette invalid_keys_descbc="56 72" 47 1.1.4.2 pgoyette valid_keys_3descbc="192" 48 1.1.4.2 pgoyette invalid_keys_3descbc="184 200" 49 1.1.4.2 pgoyette #valid_keys_null="0 2048" 50 1.1.4.2 pgoyette valid_keys_null="0" 51 1.1.4.2 pgoyette invalid_keys_null="8" 52 1.1.4.2 pgoyette valid_keys_blowfishcbc="40 448" 53 1.1.4.2 pgoyette invalid_keys_blowfishcbc="32 456" 54 1.1.4.2 pgoyette valid_keys_cast128cbc="40 128" 55 1.1.4.2 pgoyette invalid_keys_cast128cbc="32 136" 56 1.1.4.2 pgoyette valid_keys_desderiv="64" 57 1.1.4.2 pgoyette invalid_keys_desderiv="56 72" 58 1.1.4.2 pgoyette #valid_keys_3desderiv="192" 59 1.1.4.2 pgoyette #invalid_keys_3desderiv="184 200" 60 1.1.4.2 pgoyette valid_keys_rijndaelcbc="128 192 256" 61 1.1.4.2 pgoyette invalid_keys_rijndaelcbc="120 136 184 200 248 264" 62 1.1.4.2 pgoyette #valid_keys_twofishcbc="0 256" 63 1.1.4.2 pgoyette #invalid_keys_twofishcbc="264" 64 1.1.4.2 pgoyette valid_keys_aesctr="160 224 288" 65 1.1.4.2 pgoyette invalid_keys_aesctr="152 168 216 232 280 296" 66 1.1.4.2 pgoyette valid_keys_camelliacbc="128 192 256" 67 1.1.4.2 pgoyette invalid_keys_camelliacbc="120 136 184 200 248 264" 68 1.1.4.2 pgoyette valid_keys_aesgcm16="160 224 288" 69 1.1.4.2 pgoyette invalid_keys_aesgcm16="152 168 216 232 280 296" 70 1.1.4.2 pgoyette valid_keys_aesgmac="160 224 288" 71 1.1.4.2 pgoyette invalid_keys_aesgmac="152 168 216 232 280 296" 72 1.1.4.2 pgoyette 73 1.1.4.2 pgoyette AH_AUTHENTICATION_ALGORITHMS="hmac-md5 hmac-sha1 keyed-md5 keyed-sha1 null \ 74 1.1.4.2 pgoyette hmac-sha256 hmac-sha384 hmac-sha512 hmac-ripemd160 aes-xcbc-mac" 75 1.1.4.2 pgoyette 76 1.1.4.2 pgoyette # Valid key lengths of AH authentication algorithms 77 1.1.4.2 pgoyette # hmac-md5 128 78 1.1.4.2 pgoyette # hmac-sha1 160 79 1.1.4.2 pgoyette # keyed-md5 128 80 1.1.4.2 pgoyette # keyed-sha1 160 81 1.1.4.2 pgoyette # null 0 to 2048 82 1.1.4.2 pgoyette # hmac-sha256 256 83 1.1.4.2 pgoyette # hmac-sha384 384 84 1.1.4.2 pgoyette # hmac-sha512 512 85 1.1.4.2 pgoyette # hmac-ripemd160 160 86 1.1.4.2 pgoyette # aes-xcbc-mac 128 87 1.1.4.2 pgoyette # tcp-md5 8 to 640 XXX not enabled in rump kernels 88 1.1.4.2 pgoyette valid_keys_hmacmd5="128" 89 1.1.4.2 pgoyette invalid_keys_hmacmd5="120 136" 90 1.1.4.2 pgoyette valid_keys_hmacsha1="160" 91 1.1.4.2 pgoyette invalid_keys_hmacsha1="152 168" 92 1.1.4.2 pgoyette valid_keys_keyedmd5="128" 93 1.1.4.2 pgoyette invalid_keys_keyedmd5="120 136" 94 1.1.4.2 pgoyette valid_keys_keyedsha1="160" 95 1.1.4.2 pgoyette invalid_keys_keyedsha1="152 168" 96 1.1.4.2 pgoyette #valid_keys_null="0 2048" 97 1.1.4.2 pgoyette valid_keys_null="0" 98 1.1.4.2 pgoyette invalid_keys_null="8" 99 1.1.4.2 pgoyette valid_keys_hmacsha256="256" 100 1.1.4.2 pgoyette invalid_keys_hmacsha256="248 264" 101 1.1.4.2 pgoyette valid_keys_hmacsha384="384" 102 1.1.4.2 pgoyette invalid_keys_hmacsha384="376 392" 103 1.1.4.2 pgoyette valid_keys_hmacsha512="512" 104 1.1.4.2 pgoyette invalid_keys_hmacsha512="504 520" 105 1.1.4.2 pgoyette valid_keys_hmacripemd160="160" 106 1.1.4.2 pgoyette invalid_keys_hmacripemd160="152 168" 107 1.1.4.2 pgoyette valid_keys_aesxcbcmac="128" 108 1.1.4.2 pgoyette invalid_keys_aesxcbcmac="120 136" 109 1.1.4.2 pgoyette #valid_keys_tcpmd5="8 640" 110 1.1.4.2 pgoyette #invalid_keys_tcpmd5="648" 111 1.1.4.2 pgoyette 112 1.1.4.2 pgoyette get_one_valid_keylen() 113 1.1.4.2 pgoyette { 114 1.1.4.2 pgoyette local algo=$1 115 1.1.4.2 pgoyette local _algo=$(echo $algo | sed 's/-//g') 116 1.1.4.2 pgoyette local len= 117 1.1.4.2 pgoyette local keylengths= 118 1.1.4.2 pgoyette 119 1.1.4.2 pgoyette eval keylengths="\$valid_keys_${_algo}" 120 1.1.4.2 pgoyette 121 1.1.4.2 pgoyette for len in $(echo $keylengths); do 122 1.1.4.2 pgoyette break; 123 1.1.4.2 pgoyette done 124 1.1.4.2 pgoyette 125 1.1.4.2 pgoyette echo $len 126 1.1.4.2 pgoyette } 127 1.1.4.2 pgoyette 128 1.1.4.2 pgoyette get_valid_keylengths() 129 1.1.4.2 pgoyette { 130 1.1.4.2 pgoyette local algo=$1 131 1.1.4.2 pgoyette local _algo=$(echo $algo | sed 's/-//g') 132 1.1.4.2 pgoyette 133 1.1.4.2 pgoyette eval keylengths="\$valid_keys_${_algo}" 134 1.1.4.2 pgoyette echo $keylengths 135 1.1.4.2 pgoyette } 136 1.1.4.2 pgoyette 137 1.1.4.2 pgoyette get_invalid_keylengths() 138 1.1.4.2 pgoyette { 139 1.1.4.2 pgoyette local algo=$1 140 1.1.4.2 pgoyette local _algo=$(echo $algo | sed 's/-//g') 141 1.1.4.2 pgoyette 142 1.1.4.2 pgoyette eval keylengths="\$invalid_keys_${_algo}" 143 1.1.4.2 pgoyette echo $keylengths 144 1.1.4.2 pgoyette } 145 1.1.4.2 pgoyette 146 1.1.4.2 pgoyette generate_key() 147 1.1.4.2 pgoyette { 148 1.1.4.2 pgoyette local keylen=$(($1 / 8)) 149 1.1.4.2 pgoyette local key= 150 1.1.4.2 pgoyette 151 1.1.4.2 pgoyette while [ $keylen -gt 0 ]; do 152 1.1.4.2 pgoyette key="${key}a" 153 1.1.4.2 pgoyette keylen=$((keylen - 1)) 154 1.1.4.2 pgoyette done 155 1.1.4.2 pgoyette if [ ! -z "$key" ]; then 156 1.1.4.2 pgoyette key="\"$key\"" 157 1.1.4.2 pgoyette fi 158 1.1.4.2 pgoyette 159 1.1.4.2 pgoyette echo $key 160 1.1.4.2 pgoyette } 161
Indexes created Tue Sep 30 17:09:57 GMT 2025