Project

General

Profile

Actions

Feature #9309

closed

Allow manual selection of IPsec IKE Pseudo-Random Function (PRF)

Added by Florian K. almost 6 years ago. Updated almost 5 years ago.

Status:
Resolved
Priority:
Normal
Category:
IPsec
Target version:
Start date:
02/07/2019
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:

Description

If you want to use AES-GCM, you don't need an integrity algorithm, but you do need a pseudo random function.

See https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites :

If combined-mode (AEAD) ciphers are proposed there won't be any integrity algorithms from which to derive PRFs, so in such a proposal PRF algorithms have to be configured explicitly.

Also, please see the comment of Joel Schulze regarding phase one proposals in https://wiki.strongswan.org/issues/2808

Problem: When I configure a "Phase 1 Proposal (Encryption Algorithm)" of
- Algorithm: AES256-GCM
- Keylength: 128 bits
- Hash: SHA256
- DH-Group: 21

Then, the line `ike = aes256gcm128-sha256-ecp521!` will be created in ipsec.conf.
However, the correct value would be `ike = aes256gcm128-prfsha256-ecp521!`
(Note that sha256 is a hash function and prfsha256 is a pseudo-random-function.)

Proposal:
- Rename the label of the dropdown "Hash" to "Hash/PRF" (the values of the dropdown can fortunately stay the same)
- When a AES-GCM algorithm is selected, interpret the value in this field as PRF and therefore add the correct value as described in
"Pseudo-random Functions" of https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites .
(Basically, use the same string, but with a "prf" prefix.)


Files

Screenshot from 2019-11-09 14-58-03.png (125 KB) Screenshot from 2019-11-09 14-58-03.png WebGUI screenshot Viktor Gurov, 11/09/2019 06:00 AM
Actions

Also available in: Atom PDF