diff options
Diffstat (limited to 'testing/tests/ikev1/alg-blowfish')
4 files changed, 28 insertions, 6 deletions
diff --git a/testing/tests/ikev1/alg-blowfish/description.txt b/testing/tests/ikev1/alg-blowfish/description.txt index cff0a1915..7d8f245ab 100644 --- a/testing/tests/ikev1/alg-blowfish/description.txt +++ b/testing/tests/ikev1/alg-blowfish/description.txt @@ -1,4 +1,4 @@ Roadwarrior <b>carol</b> proposes to gateway <b>moon</b> the strong cipher suite -<b>BLOWFISH_CBC_256-SHA2_512-MODP4096</b> for the IKE protocol and -<b>BLOWFISH_256-HMAC_SHA2_256</b> for ESP packets. A ping from <b>carol</b> to +<b>BLOWFISH_CBC_256 / HMAC_SHA2_512 / MODP_4096</b> for the IKE protocol and +<b>BLOWFISH_CBC_256 / HMAC_SHA2_256</b> for ESP packets. A ping from <b>carol</b> to <b>alice</b> successfully checks the established tunnel. diff --git a/testing/tests/ikev1/alg-blowfish/evaltest.dat b/testing/tests/ikev1/alg-blowfish/evaltest.dat index a2ae3ff6b..fd46cdb9d 100644 --- a/testing/tests/ikev1/alg-blowfish/evaltest.dat +++ b/testing/tests/ikev1/alg-blowfish/evaltest.dat @@ -1,9 +1,9 @@ carol::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::YES moon::ipsec status::rw.*STATE_QUICK_R2.*IPsec SA established::YES -carol::ipsec statusall::IKE algorithm newest: BLOWFISH_CBC_256-SHA2_512-MODP4096::YES -moon::ipsec statusall::IKE algorithm newest: BLOWFISH_CBC_256-SHA2_512-MODP4096::YES -carol::ipsec statusall::ESP algorithm newest: BLOWFISH_256-HMAC_SHA2_256::YES -moon::ipsec statusall::ESP algorithm newest: BLOWFISH_256-HMAC_SHA2_256::YES +carol::ipsec statusall::IKE proposal: BLOWFISH_CBC_256/HMAC_SHA2_512/MODP_4096::YES +moon::ipsec statusall::IKE proposal: BLOWFISH_CBC_256/HMAC_SHA2_512/MODP_4096::YES +carol::ipsec statusall::ESP proposal: BLOWFISH_CBC_256/HMAC_SHA2_256::YES +moon::ipsec statusall::ESP proposal: BLOWFISH_CBC_256/HMAC_SHA2_256::YES carol::ip xfrm state::enc cbc(blowfish)::YES moon::ip xfrm state::enc cbc(blowfish)::YES carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES diff --git a/testing/tests/ikev1/alg-blowfish/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/alg-blowfish/hosts/carol/etc/strongswan.conf new file mode 100644 index 000000000..f5401f260 --- /dev/null +++ b/testing/tests/ikev1/alg-blowfish/hosts/carol/etc/strongswan.conf @@ -0,0 +1,11 @@ +# /etc/strongswan.conf - strongSwan configuration file + +pluto { + load = sha1 sha2 md5 aes des blowfish hmac gmp pubkey random curl +} + +# pluto uses optimized DH exponent sizes (RFC 3526) + +libstrongswan { + dh_exponent_ansi_x9_42 = no +} diff --git a/testing/tests/ikev1/alg-blowfish/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/alg-blowfish/hosts/moon/etc/strongswan.conf new file mode 100644 index 000000000..f5401f260 --- /dev/null +++ b/testing/tests/ikev1/alg-blowfish/hosts/moon/etc/strongswan.conf @@ -0,0 +1,11 @@ +# /etc/strongswan.conf - strongSwan configuration file + +pluto { + load = sha1 sha2 md5 aes des blowfish hmac gmp pubkey random curl +} + +# pluto uses optimized DH exponent sizes (RFC 3526) + +libstrongswan { + dh_exponent_ansi_x9_42 = no +} |