algorithms.sh revision 1.3
1 # $NetBSD: algorithms.sh,v 1.3 2017/04/27 08:06:59 ozaki-r Exp $ 2 # 3 # Copyright (c) 2017 Internet Initiative Japan Inc. 4 # All rights reserved. 5 # 6 # Redistribution and use in source and binary forms, with or without 7 # modification, are permitted provided that the following conditions 8 # are met: 9 # 1. Redistributions of source code must retain the above copyright 10 # notice, this list of conditions and the following disclaimer. 11 # 2. Redistributions in binary form must reproduce the above copyright 12 # notice, this list of conditions and the following disclaimer in the 13 # documentation and/or other materials provided with the distribution. 14 # 15 # THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 16 # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 17 # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 18 # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 19 # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 20 # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 21 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 22 # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 23 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 24 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25 # POSSIBILITY OF SUCH DAMAGE. 26 # 27 28 ESP_ENCRYPTION_ALGORITHMS="des-cbc 3des-cbc null blowfish-cbc cast128-cbc \ 29 des-deriv rijndael-cbc aes-ctr camellia-cbc aes-gcm-16 aes-gmac" 30 ESP_ENCRYPTION_ALGORITHMS_MINIMUM="null rijndael-cbc" 31 32 # Valid key lengths of ESP encription algorithms 33 # des-cbc 64 34 # 3des-cbc 192 35 # null 0 to 2048 XXX only accept 0 length 36 # blowfish-cbc 40 to 448 37 # cast128-cbc 40 to 128 38 # des-deriv 64 39 # 3des-deriv 192 XXX not implemented 40 # rijndael-cbc 128/192/256 41 # twofish-cbc 0 to 256 XXX not supported 42 # aes-ctr 160/224/288 43 # camellia-cbc 128/192/256 44 # aes-gcm-16 160/224/288 45 # aes-gmac 160/224/288 46 valid_keys_descbc="64" 47 invalid_keys_descbc="56 72" 48 valid_keys_3descbc="192" 49 invalid_keys_3descbc="184 200" 50 #valid_keys_null="0 2048" 51 valid_keys_null="0" 52 invalid_keys_null="8" 53 valid_keys_blowfishcbc="40 448" 54 invalid_keys_blowfishcbc="32 456" 55 valid_keys_cast128cbc="40 128" 56 invalid_keys_cast128cbc="32 136" 57 valid_keys_desderiv="64" 58 invalid_keys_desderiv="56 72" 59 #valid_keys_3desderiv="192" 60 #invalid_keys_3desderiv="184 200" 61 valid_keys_rijndaelcbc="128 192 256" 62 invalid_keys_rijndaelcbc="120 136 184 200 248 264" 63 #valid_keys_twofishcbc="0 256" 64 #invalid_keys_twofishcbc="264" 65 valid_keys_aesctr="160 224 288" 66 invalid_keys_aesctr="152 168 216 232 280 296" 67 valid_keys_camelliacbc="128 192 256" 68 invalid_keys_camelliacbc="120 136 184 200 248 264" 69 valid_keys_aesgcm16="160 224 288" 70 invalid_keys_aesgcm16="152 168 216 232 280 296" 71 valid_keys_aesgmac="160 224 288" 72 invalid_keys_aesgmac="152 168 216 232 280 296" 73 74 AH_AUTHENTICATION_ALGORITHMS="hmac-md5 hmac-sha1 keyed-md5 keyed-sha1 null \ 75 hmac-sha256 hmac-sha384 hmac-sha512 hmac-ripemd160 aes-xcbc-mac" 76 AH_AUTHENTICATION_ALGORITHMS_MINIMUM="null hmac-sha512" 77 78 # Valid key lengths of AH authentication algorithms 79 # hmac-md5 128 80 # hmac-sha1 160 81 # keyed-md5 128 82 # keyed-sha1 160 83 # null 0 to 2048 84 # hmac-sha256 256 85 # hmac-sha384 384 86 # hmac-sha512 512 87 # hmac-ripemd160 160 88 # aes-xcbc-mac 128 89 # tcp-md5 8 to 640 XXX not enabled in rump kernels 90 valid_keys_hmacmd5="128" 91 invalid_keys_hmacmd5="120 136" 92 valid_keys_hmacsha1="160" 93 invalid_keys_hmacsha1="152 168" 94 valid_keys_keyedmd5="128" 95 invalid_keys_keyedmd5="120 136" 96 valid_keys_keyedsha1="160" 97 invalid_keys_keyedsha1="152 168" 98 #valid_keys_null="0 2048" 99 valid_keys_null="0" 100 invalid_keys_null="8" 101 valid_keys_hmacsha256="256" 102 invalid_keys_hmacsha256="248 264" 103 valid_keys_hmacsha384="384" 104 invalid_keys_hmacsha384="376 392" 105 valid_keys_hmacsha512="512" 106 invalid_keys_hmacsha512="504 520" 107 valid_keys_hmacripemd160="160" 108 invalid_keys_hmacripemd160="152 168" 109 valid_keys_aesxcbcmac="128" 110 invalid_keys_aesxcbcmac="120 136" 111 #valid_keys_tcpmd5="8 640" 112 #invalid_keys_tcpmd5="648" 113 114 get_one_valid_keylen() 115 { 116 local algo=$1 117 local _algo=$(echo $algo | sed 's/-//g') 118 local len= 119 local keylengths= 120 121 eval keylengths="\$valid_keys_${_algo}" 122 123 for len in $(echo $keylengths); do 124 break; 125 done 126 127 echo $len 128 } 129 130 get_valid_keylengths() 131 { 132 local algo=$1 133 local _algo=$(echo $algo | sed 's/-//g') 134 135 eval keylengths="\$valid_keys_${_algo}" 136 echo $keylengths 137 } 138 139 get_invalid_keylengths() 140 { 141 local algo=$1 142 local _algo=$(echo $algo | sed 's/-//g') 143 144 eval keylengths="\$invalid_keys_${_algo}" 145 echo $keylengths 146 } 147 148 generate_key() 149 { 150 local keylen=$(($1 / 8)) 151 local key= 152 153 while [ $keylen -gt 0 ]; do 154 key="${key}a" 155 keylen=$((keylen - 1)) 156 done 157 if [ ! -z "$key" ]; then 158 key="\"$key\"" 159 fi 160 161 echo $key 162 } 163
Indexes created Tue Sep 23 22:09:46 GMT 2025