[strongSwan] AES-GCM-16: payload length is not multiple of a blocksize
Mike Belopuhov
mkb at crypt.org.ru
Thu Aug 12 18:24:03 CEST 2010
Hi,
I'm sorry if this is a wrong place to ask, but I hope I'll get some
hints as I'm not a Linux guy.
So I'm using strongswan-4.4.1 on ubuntu server 10.4 with an updated
kernel: linux-image-2.6.33-02063305-generic (with fixed SHA2) on one
end and OpenBSD with isakmpd on the other.
This is a strongswan config:
conn aesgcm-test-ikev1
keyexchange=ikev1
left=172.23.61.144
leftid=172.23.61.144
right=172.23.61.156
rightid=172.23.61.156
ike=aes128-sha2_256-modp1024!
esp=aes128gcm16-modp1024!
mobike=no
authby=psk
auto=start
Now the problem is that 90% of packets sent by Linux box in the
quick mode (after establishing an IPsec connection) have a
payload which is not multiple of a cipher blocksize (16).
OpenBSD detects this early on and drops such packets (this
happens before the actual crypto processing).
Funny enough I don't see this happening with neither AES-CBC nor
AES-CTR.
Any opinions/hints/advices?
Thanks,
Mike
More information about the Users
mailing list