Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 16 Aug 2019 20:02:31 +0700
From:      Eugene Grosbein <eugen@grosbein.net>
To:        "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject:   Re: Software IPSEC AES-CTR/SHA-256 broken
Message-ID:  <8bda0919-a5da-243a-fd33-3418a98d16f4@grosbein.net>
In-Reply-To: <9650ba58-ed9b-ec6b-8b9f-ed5cb4853f9b@grosbein.net>
References:  <9650ba58-ed9b-ec6b-8b9f-ed5cb4853f9b@grosbein.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
16.08.2019 19:45, Eugene Grosbein wrote:

Sorry for some misprints, fixes follow:

> Hi!
> 
> I used IPSEC/gif (ipencap) with static Blowfish/SHA1 keys for years for VPN tunnels between FreeBSD routers.
> 
> After recent Blowfish deprecation notice, I tried switching to AES-CTR/SHA-256 instead
> only to find that transit RDP TCP streams start to break often (every 20 minutes or so).
> I switched back to Blowfish/SHA1 and problem disappeared.
> 
> While using AES-CTR/SHA-256, "netstat -p esp -ss" shows increasing counters for:
> 
>  packets dropped; bad encryption detected
>  packets dropped; bad authentication detected
> 
> These counters stay zero when only Blowfish is used.
> Both sides have no AES-NI hardware support and aesni.ko kernel module is not even loaded.
> FreeBSD 11.2-STABLE/amd64 r343942 at one side is used and
> 11.2-STABLE/amd64 r343953 at another side.
> 
> I managed to reproduce the problem using simple ssh connection over tunnel built with commands:
> 
> ifconfig gif1 create tunnel 1.1.1.1 2.2.2.2

For this side it should be instead:

ifconfig gif1 create tunnel 2.2.2.2 1.1.1.1

> ifconfig gif1 inet 192.168.80.242 192.168.80.241 netmask 255.255.255.252 mtu 1440
> 
> And /etc/ipsec.conf:
> 
> flush;
> spdflush;
> add 1.1.1.1 2.2.2.2 esp 1013 -m transport -E aes-ctr "M28_)KDFV,iFVHNIKO-p" -A hmac-sha2-256 "rdijokg&YRDYi(I%R0oMJN%()H532d92";
> add 2.2.2.2 1.1.1.1 esp 2013 -m transport -E aes-ctr "G5of)Gbn556reg_+;mVz" -A hmac-sha2-256 "?op;_rf{89CE$DC09*3$RFgi7y9)i-e]";
> 
> spdadd 2.2.2.2/32 1.1.1.1/32 icmp -P out none;
> spdadd 2.2.2.2/32 1.1.1.1/32 esp -P out none;
> spdadd 2.2.2.2/32 1.1.1.1/32 any -P out ipsec
>   esp/transport//require;
> spdadd 1.1.1.1/32 2.2.2.2/32 any -P out ipsec
>   esp/transport//use;

Last two lines should have "in" instead of "out":

spdadd 1.1.1.1/32 2.2.2.2/32 any -P in ipsec
   esp/transport//use;

> #EOF

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8bda0919-a5da-243a-fd33-3418a98d16f4>