algorithms.sh revision 1.1.2.2
1 # $NetBSD: algorithms.sh,v 1.1.2.2 2017/04/14 02:56:50 ozaki-r Exp $ 2 # 3 # Copyright (c) 2017 Internet Initiative Japan Inc. 4 # All rights reserved. 5 # 6 # Redistribution and use in source and binary forms, with or without 7 # modification, are permitted provided that the following conditions 8 # are met: 9 # 1. Redistributions of source code must retain the above copyright 10 # notice, this list of conditions and the following disclaimer. 11 # 2. Redistributions in binary form must reproduce the above copyright 12 # notice, this list of conditions and the following disclaimer in the 13 # documentation and/or other materials provided with the distribution. 14 # 15 # THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 16 # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 17 # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 18 # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 19 # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 20 # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 21 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 22 # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 23 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 24 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25 # POSSIBILITY OF SUCH DAMAGE. 26 # 27 28 ESP_ENCRYPTION_ALGORITHMS="des-cbc 3des-cbc null blowfish-cbc cast128-cbc \ 29 des-deriv rijndael-cbc aes-ctr camellia-cbc aes-gcm-16 aes-gmac" 30 31 # Valid key lengths of ESP encription algorithms 32 # des-cbc 64 33 # 3des-cbc 192 34 # null 0 to 2048 XXX only accept 0 length 35 # blowfish-cbc 40 to 448 36 # cast128-cbc 40 to 128 37 # des-deriv 64 38 # 3des-deriv 192 XXX not implemented 39 # rijndael-cbc 128/192/256 40 # twofish-cbc 0 to 256 XXX not supported 41 # aes-ctr 160/224/288 42 # camellia-cbc 128/192/256 43 # aes-gcm-16 160/224/288 44 # aes-gmac 160/224/288 45 valid_keys_descbc="64" 46 invalid_keys_descbc="56 72" 47 valid_keys_3descbc="192" 48 invalid_keys_3descbc="184 200" 49 #valid_keys_null="0 2048" 50 valid_keys_null="0" 51 invalid_keys_null="8" 52 valid_keys_blowfishcbc="40 448" 53 invalid_keys_blowfishcbc="32 456" 54 valid_keys_cast128cbc="40 128" 55 invalid_keys_cast128cbc="32 136" 56 valid_keys_desderiv="64" 57 invalid_keys_desderiv="56 72" 58 #valid_keys_3desderiv="192" 59 #invalid_keys_3desderiv="184 200" 60 valid_keys_rijndaelcbc="128 192 256" 61 invalid_keys_rijndaelcbc="120 136 184 200 248 264" 62 #valid_keys_twofishcbc="0 256" 63 #invalid_keys_twofishcbc="264" 64 valid_keys_aesctr="160 224 288" 65 invalid_keys_aesctr="152 168 216 232 280 296" 66 valid_keys_camelliacbc="128 192 256" 67 invalid_keys_camelliacbc="120 136 184 200 248 264" 68 valid_keys_aesgcm16="160 224 288" 69 invalid_keys_aesgcm16="152 168 216 232 280 296" 70 valid_keys_aesgmac="160 224 288" 71 invalid_keys_aesgmac="152 168 216 232 280 296" 72 73 AH_AUTHENTICATION_ALGORITHMS="hmac-md5 hmac-sha1 keyed-md5 keyed-sha1 null \ 74 hmac-sha256 hmac-sha384 hmac-sha512 hmac-ripemd160 aes-xcbc-mac" 75 76 # Valid key lengths of AH authentication algorithms 77 # hmac-md5 128 78 # hmac-sha1 160 79 # keyed-md5 128 80 # keyed-sha1 160 81 # null 0 to 2048 82 # hmac-sha256 256 83 # hmac-sha384 384 84 # hmac-sha512 512 85 # hmac-ripemd160 160 86 # aes-xcbc-mac 128 87 # tcp-md5 8 to 640 XXX not enabled in rump kernels 88 valid_keys_hmacmd5="128" 89 invalid_keys_hmacmd5="120 136" 90 valid_keys_hmacsha1="160" 91 invalid_keys_hmacsha1="152 168" 92 valid_keys_keyedmd5="128" 93 invalid_keys_keyedmd5="120 136" 94 valid_keys_keyedsha1="160" 95 invalid_keys_keyedsha1="152 168" 96 #valid_keys_null="0 2048" 97 valid_keys_null="0" 98 invalid_keys_null="8" 99 valid_keys_hmacsha256="256" 100 invalid_keys_hmacsha256="248 264" 101 valid_keys_hmacsha384="384" 102 invalid_keys_hmacsha384="376 392" 103 valid_keys_hmacsha512="512" 104 invalid_keys_hmacsha512="504 520" 105 valid_keys_hmacripemd160="160" 106 invalid_keys_hmacripemd160="152 168" 107 valid_keys_aesxcbcmac="128" 108 invalid_keys_aesxcbcmac="120 136" 109 #valid_keys_tcpmd5="8 640" 110 #invalid_keys_tcpmd5="648" 111 112 get_one_valid_keylen() 113 { 114 local algo=$1 115 local _algo=$(echo $algo | sed 's/-//g') 116 local len= 117 local keylengths= 118 119 eval keylengths="\$valid_keys_${_algo}" 120 121 for len in $(echo $keylengths); do 122 break; 123 done 124 125 echo $len 126 } 127 128 get_valid_keylengths() 129 { 130 local algo=$1 131 local _algo=$(echo $algo | sed 's/-//g') 132 133 eval keylengths="\$valid_keys_${_algo}" 134 echo $keylengths 135 } 136 137 get_invalid_keylengths() 138 { 139 local algo=$1 140 local _algo=$(echo $algo | sed 's/-//g') 141 142 eval keylengths="\$invalid_keys_${_algo}" 143 echo $keylengths 144 } 145 146 generate_key() 147 { 148 local keylen=$(($1 / 8)) 149 local key= 150 151 while [ $keylen -gt 0 ]; do 152 key="${key}a" 153 keylen=$((keylen - 1)) 154 done 155 if [ ! -z "$key" ]; then 156 key="\"$key\"" 157 fi 158 159 echo $key 160 } 161
Indexes created Tue Sep 30 11:09:46 GMT 2025