[strongSwan] length of TRANSFORM_ATTRIBUTE substructure list invalid
martin at strongswan.org
Mon Dec 20 10:49:02 CET 2010
> Could you please find the reason why it is not responding?
The transform attribute encoding of the AES_CBC transform looks
completely wrong. I'd expect a key-length attribute.
> parsing rule 0 ATTRIBUTE_FORMAT
> => 0
The AF flag is not set, indicating that the length-or-value field
contains the length of additionally appended data. The key-length
attribute would encode the value directly, hence sets this flag to 1.
> parsing rule 1 ATTRIBUTE_TYPE
> => 7424
> parsing rule 2 ATTRIBUTE_LENGTH_OR_VALUE
> => 128
The type is not key-length (14), and the only thing correct is probably
the value (but is actually interpreted as length).
You should discuss this issue with Juniper.
More information about the Users