[strongSwan] Confusing SHA256 truncation

Harald Krammer hk at hkr.at
Wed Jun 8 21:54:34 CEST 2016 

Hi all,
Currently I use Strongswan 5.2.2 (Debian 8). So far, everything is fine. 
Only with SHA256 there are weird things.

On my PC with Kernel 3.16 I got a length of 128 bits for SHA256 and the 
same version on my ARM board with Kernel 3.10 I got a length pf 96 bits.

Why does this happen?

Any notes are welcome. Below is the output of ip xfrm state and the 
configuration.

Nice greetings
Harald



Setup:
######
PC with Debian 8 x86_64 with Kernel 3.16
<----->
ARM Board imX28 Kernel 3.10 also Strongswan 5.2.2


ARM Board imX28 Kernel 3.10 also Strongswan 5.2.2:
/ # ip xfrm state
src 10.1.8.241 dst 10.1.8.240
         proto esp spi 0xc86e8c86 reqid 1 mode tunnel
         replay-window 32
         auth-trunc hmac(sha256) 
0x9954ce2e14cbf9c68ec72178859d377da19899688df13783fd728ddd9648bcb7 96
         enc ecb(cipher_null)
         sel src 0.0.0.0/0 dst 0.0.0.0/0
src 10.1.8.240 dst 10.1.8.241
         proto esp spi 0xc31d24ed reqid 1 mode tunnel
         replay-window 32
         auth-trunc hmac(sha256) 
0x0549596a5249d0ae333b9f2e56db47923aedc69252289d27796167d64db151de 96
         enc ecb(cipher_null)
         sel src 0.0.0.0/0 dst 0.0.0.0/0

PC with Debian 8 x86_64 with Kernel 3.16:
root at saturn:/home/hk# ip xfrm state
src 10.1.8.240 dst 10.1.8.241
     proto esp spi 0xc31d24ed reqid 10 mode tunnel
     replay-window 32 flag af-unspec
     auth-trunc hmac(sha256) 
0x0549596a5249d0ae333b9f2e56db47923aedc69252289d27796167d64db151de 128
     enc ecb(cipher_null)
src 10.1.8.241 dst 10.1.8.240
     proto esp spi 0xc86e8c86 reqid 10 mode tunnel
     replay-window 32 flag af-unspec
     auth-trunc hmac(sha256) 
0x9954ce2e14cbf9c68ec72178859d377da19899688df13783fd728ddd9648bcb7 128
     enc ecb(cipher_null)



Config: (is working without SHA256)
#######
conn %default
         ikelifetime=28800
         keylife=60m
         rekeymargin=3m
         keyingtries=1
         keyexchange=ikev2
         authby=secret

conn test
         left=10.1.8.240
         leftsubnet=10.1.0.0/8
         leftid=10.1.8.240
         leftfirewall=yes
         leftsourceip=%config
         right=10.1.8.241
         rightsubnet=10.1.8.241/32
         rightid=10.1.8.241
         auto=add
         type=tunnel
         ike=null-sha256-modp2048!   # null for wireshark
         esp=null-sha256-modp2048!   # null for wireshark
         dpdaction=restart
         dpddelay=20s
         dpdtimeout=10s

More information about the Users mailing list