| rfc9235v2.xml | rfc9235.xml | |||
|---|---|---|---|---|
| skipping to change at line 44 ¶ | skipping to change at line 44 ¶ | |||
| <address> | <address> | |||
| <postal> | <postal> | |||
| <street>Sinimaentie 6c</street> | <street>Sinimaentie 6c</street> | |||
| <city>Espoo</city> | <city>Espoo</city> | |||
| <code>02630</code> | <code>02630</code> | |||
| <country>Finland</country> | <country>Finland</country> | |||
| </postal> | </postal> | |||
| <email>jkuusisaari@infinera.com</email> | <email>jkuusisaari@infinera.com</email> | |||
| </address> | </address> | |||
| </author> | </author> | |||
| <date year="2022" month="April"/> | <date year="2022" month="May"/> | |||
| <area>TSV</area> | <area>TSV</area> | |||
| <workgroup>TCPM</workgroup> | <workgroup>TCPM</workgroup> | |||
| <keyword>TCP</keyword> | <keyword>TCP</keyword> | |||
| <keyword>authentication</keyword> | <keyword>authentication</keyword> | |||
| <keyword>option</keyword> | <keyword>option</keyword> | |||
| <keyword>test vector</keyword> | <keyword>test vector</keyword> | |||
| <abstract> | <abstract> | |||
| <t> | <t> | |||
| skipping to change at line 200 ¶ | skipping to change at line 200 ¶ | |||
| hexadecimal values with spacing per line representing the contents | hexadecimal values with spacing per line representing the contents | |||
| of 16 consecutive bytes, as is typical for data dumps. The IP/TCP | of 16 consecutive bytes, as is typical for data dumps. The IP/TCP | |||
| data indicates the entire IP packet, including the TCP segment and | data indicates the entire IP packet, including the TCP segment and | |||
| its options (whether covered by TCP-AO or not, as indicated), | its options (whether covered by TCP-AO or not, as indicated), | |||
| including TCP-AO.</t> | including TCP-AO.</t> | |||
| <section anchor="sect-4.1" numbered="true" toc="default"> | <section anchor="sect-4.1" numbered="true" toc="default"> | |||
| <name>HMAC-SHA-1-96 (Default - Covers TCP Options)</name> | <name>HMAC-SHA-1-96 (Default - Covers TCP Options)</name> | |||
| <section anchor="sect-4.1.1" numbered="true" toc="default"> | <section anchor="sect-4.1.1" numbered="true" toc="default"> | |||
| <name>Send (Client) SYN (Covers Options)</name> | <name>Send (Client) SYN (Covers Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Client ISN = 0xfbfbab5a | Client ISN = 0xfbfbab5a | |||
| Send_SYN_traffic_key: | Send_SYN_traffic_key: | |||
| 6d 63 ef 1b 02 fe 15 09 d4 b1 40 27 07 fd 7b 04 | 6d 63 ef 1b 02 fe 15 09 d4 b1 40 27 07 fd 7b 04 | |||
| 16 ab b7 4f | 16 ab b7 4f | |||
| IPv4/TCP: | IPv4/TCP: | |||
| 45 e0 00 4c dd 0f 40 00 ff 06 bf 6b 0a 0b 0c 0d | 45 e0 00 4c dd 0f 40 00 ff 06 bf 6b 0a 0b 0c 0d | |||
| skipping to change at line 223 ¶ | skipping to change at line 223 ¶ | |||
| 04 02 08 0a 00 15 5a b7 00 00 00 00 1d 10 3d 54 | 04 02 08 0a 00 15 5a b7 00 00 00 00 1d 10 3d 54 | |||
| 2e e4 37 c6 f8 ed e6 d7 c4 d6 02 e7 | 2e e4 37 c6 f8 ed e6 d7 c4 d6 02 e7 | |||
| MAC: | MAC: | |||
| 2e e4 37 c6 f8 ed e6 d7 c4 d6 02 e7 | 2e e4 37 c6 f8 ed e6 d7 c4 d6 02 e7 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-4.1.2" numbered="true" toc="default"> | <section anchor="sect-4.1.2" numbered="true" toc="default"> | |||
| <name>Receive (Server) SYN-ACK (Covers Options)</name> | <name>Receive (Server) SYN-ACK (Covers Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Server ISN = 0x11c14261 | Server ISN = 0x11c14261 | |||
| Receive_SYN_traffic_key: | Receive_SYN_traffic_key: | |||
| d9 e2 17 e4 83 4a 80 ca 2f 3f d8 de 2e 41 b8 e6 | d9 e2 17 e4 83 4a 80 ca 2f 3f d8 de 2e 41 b8 e6 | |||
| 79 7f ea 96 | 79 7f ea 96 | |||
| IPv4/TCP: | IPv4/TCP: | |||
| 45 e0 00 4c 65 06 40 00 ff 06 37 75 ac 1b 1c 1d | 45 e0 00 4c 65 06 40 00 ff 06 37 75 ac 1b 1c 1d | |||
| skipping to change at line 246 ¶ | skipping to change at line 246 ¶ | |||
| 04 02 08 0a 84 a5 0b eb 00 15 5a b7 1d 10 54 3d | 04 02 08 0a 84 a5 0b eb 00 15 5a b7 1d 10 54 3d | |||
| ee ab 0f e2 4c 30 10 81 51 16 b3 be | ee ab 0f e2 4c 30 10 81 51 16 b3 be | |||
| MAC: | MAC: | |||
| ee ab 0f e2 4c 30 10 81 51 16 b3 be | ee ab 0f e2 4c 30 10 81 51 16 b3 be | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-4.1.3" numbered="true" toc="default"> | <section anchor="sect-4.1.3" numbered="true" toc="default"> | |||
| <name>Send (Client) Non-SYN (Covers Options)</name> | <name>Send (Client) Non-SYN (Covers Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Send_other_traffic_key: | Send_other_traffic_key: | |||
| d2 e5 9c 65 ff c7 b1 a3 93 47 65 64 63 b7 0e dc | d2 e5 9c 65 ff c7 b1 a3 93 47 65 64 63 b7 0e dc | |||
| 24 a1 3d 71 | 24 a1 3d 71 | |||
| IPv4/TCP: | IPv4/TCP: | |||
| 45 e0 00 87 36 a1 40 00 ff 06 65 9f 0a 0b 0c 0d | 45 e0 00 87 36 a1 40 00 ff 06 65 9f 0a 0b 0c 0d | |||
| ac 1b 1c 1d e9 d7 00 b3 fb fb ab 5b 11 c1 42 62 | ac 1b 1c 1d e9 d7 00 b3 fb fb ab 5b 11 c1 42 62 | |||
| c0 18 01 04 a1 62 00 00 01 01 08 0a 00 15 5a c1 | c0 18 01 04 a1 62 00 00 01 01 08 0a 00 15 5a c1 | |||
| skipping to change at line 271 ¶ | skipping to change at line 271 ¶ | |||
| 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 | 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 | |||
| 06 00 64 00 01 01 00 | 06 00 64 00 01 01 00 | |||
| MAC: | MAC: | |||
| 70 64 cf 99 8c c6 c3 15 c2 c2 e2 bf | 70 64 cf 99 8c c6 c3 15 c2 c2 e2 bf | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-4.1.4" numbered="true" toc="default"> | <section anchor="sect-4.1.4" numbered="true" toc="default"> | |||
| <name>Receive (Server) Non-SYN (Covers Options)</name> | <name>Receive (Server) Non-SYN (Covers Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Receive_other_traffic_key: | Receive_other_traffic_key: | |||
| d9 e2 17 e4 83 4a 80 ca 2f 3f d8 de 2e 41 b8 e6 | d9 e2 17 e4 83 4a 80 ca 2f 3f d8 de 2e 41 b8 e6 | |||
| 79 7f ea 96 | 79 7f ea 96 | |||
| IPv4/TCP: | IPv4/TCP: | |||
| 45 e0 00 87 1f a9 40 00 ff 06 7c 97 ac 1b 1c 1d | 45 e0 00 87 1f a9 40 00 ff 06 7c 97 ac 1b 1c 1d | |||
| 0a 0b 0c 0d 00 b3 e9 d7 11 c1 42 62 fb fb ab 9e | 0a 0b 0c 0d 00 b3 e9 d7 11 c1 42 62 fb fb ab 9e | |||
| c0 18 01 00 40 0c 00 00 01 01 08 0a 84 a5 0b f5 | c0 18 01 00 40 0c 00 00 01 01 08 0a 84 a5 0b f5 | |||
| skipping to change at line 299 ¶ | skipping to change at line 299 ¶ | |||
| MAC: | MAC: | |||
| a6 3f 0e cb bb 2e 63 5c 95 4d ea c7 | a6 3f 0e cb bb 2e 63 5c 95 4d ea c7 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| </section> | </section> | |||
| <section anchor="sect-4.2" numbered="true" toc="default"> | <section anchor="sect-4.2" numbered="true" toc="default"> | |||
| <name>HMAC-SHA-1-96 (Omits TCP Options)</name> | <name>HMAC-SHA-1-96 (Omits TCP Options)</name> | |||
| <section anchor="sect-4.2.1" numbered="true" toc="default"> | <section anchor="sect-4.2.1" numbered="true" toc="default"> | |||
| <name>Send (Client) SYN (Omits Options)</name> | <name>Send (Client) SYN (Omits Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Client ISN = 0xcb0efbee | Client ISN = 0xcb0efbee | |||
| Send_SYN_traffic_key: | Send_SYN_traffic_key: | |||
| 30 ea a1 56 0c f0 be 57 da b5 c0 45 22 9f b1 0a | 30 ea a1 56 0c f0 be 57 da b5 c0 45 22 9f b1 0a | |||
| 42 3c d7 ea | 42 3c d7 ea | |||
| IPv4/TCP: | IPv4/TCP: | |||
| 45 e0 00 4c 53 99 40 00 ff 06 48 e2 0a 0b 0c 0d | 45 e0 00 4c 53 99 40 00 ff 06 48 e2 0a 0b 0c 0d | |||
| skipping to change at line 322 ¶ | skipping to change at line 322 ¶ | |||
| 04 02 08 0a 00 02 4c ce 00 00 00 00 1d 10 3d 54 | 04 02 08 0a 00 02 4c ce 00 00 00 00 1d 10 3d 54 | |||
| 80 af 3c fe b8 53 68 93 7b 8f 9e c2 | 80 af 3c fe b8 53 68 93 7b 8f 9e c2 | |||
| MAC: | MAC: | |||
| 80 af 3c fe b8 53 68 93 7b 8f 9e c2 | 80 af 3c fe b8 53 68 93 7b 8f 9e c2 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-4.2.2" numbered="true" toc="default"> | <section anchor="sect-4.2.2" numbered="true" toc="default"> | |||
| <name>Receive (Server) SYN-ACK (Omits Options)</name> | <name>Receive (Server) SYN-ACK (Omits Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Server ISN = 0xacd5b5e1 | Server ISN = 0xacd5b5e1 | |||
| Receive_SYN_traffic_key: | Receive_SYN_traffic_key: | |||
| b5 b2 89 6b b3 66 4e 81 76 b0 ed c6 e7 99 52 41a | b5 b2 89 6b b3 66 4e 81 76 b0 ed c6 e7 99 52 41a | |||
| 01 a8 30 7f | 01 a8 30 7f | |||
| IPv4/TCP: | IPv4/TCP: | |||
| 45 e0 00 4c 32 84 40 00 ff 06 69 f7 ac 1b 1c 1d | 45 e0 00 4c 32 84 40 00 ff 06 69 f7 ac 1b 1c 1d | |||
| skipping to change at line 345 ¶ | skipping to change at line 345 ¶ | |||
| 04 02 08 0a 57 67 72 f3 00 02 4c ce 1d 10 54 3d | 04 02 08 0a 57 67 72 f3 00 02 4c ce 1d 10 54 3d | |||
| 09 30 6f 9a ce a6 3a 8c 68 cb 9a 70 | 09 30 6f 9a ce a6 3a 8c 68 cb 9a 70 | |||
| MAC: | MAC: | |||
| 09 30 6f 9a ce a6 3a 8c 68 cb 9a 70 | 09 30 6f 9a ce a6 3a 8c 68 cb 9a 70 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-4.2.3" numbered="true" toc="default"> | <section anchor="sect-4.2.3" numbered="true" toc="default"> | |||
| <name>Send (Client) Non-SYN (Omits Options)</name> | <name>Send (Client) Non-SYN (Omits Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Send_other_traffic_key: | Send_other_traffic_key: | |||
| f3 db 17 93 d7 91 0e cd 80 6c 34 f1 55 ea 1f 00 | f3 db 17 93 d7 91 0e cd 80 6c 34 f1 55 ea 1f 00 | |||
| 34 59 53 e3 | 34 59 53 e3 | |||
| IPv4/TCP: | IPv4/TCP: | |||
| 45 e0 00 87 a8 f5 40 00 ff 06 f3 4a 0a 0b 0c 0d | 45 e0 00 87 a8 f5 40 00 ff 06 f3 4a 0a 0b 0c 0d | |||
| ac 1b 1c 1d ff 12 00 b3 cb 0e fb ef ac d5 b5 e2 | ac 1b 1c 1d ff 12 00 b3 cb 0e fb ef ac d5 b5 e2 | |||
| c0 18 01 04 6c 45 00 00 01 01 08 0a 00 02 4c ce | c0 18 01 04 6c 45 00 00 01 01 08 0a 00 02 4c ce | |||
| skipping to change at line 370 ¶ | skipping to change at line 370 ¶ | |||
| 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 | 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 | |||
| 06 00 64 00 01 01 00 | 06 00 64 00 01 01 00 | |||
| MAC: | MAC: | |||
| 71 06 08 cc 69 6c 03 a2 71 c9 3a a5 | 71 06 08 cc 69 6c 03 a2 71 c9 3a a5 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-4.2.4" numbered="true" toc="default"> | <section anchor="sect-4.2.4" numbered="true" toc="default"> | |||
| <name>Receive (Server) Non-SYN (Omits Options)</name> | <name>Receive (Server) Non-SYN (Omits Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Receive_other_traffic_key: | Receive_other_traffic_key: | |||
| b5 b2 89 6b b3 66 4e 81 76 b0 ed c6 e7 99 52 41 | b5 b2 89 6b b3 66 4e 81 76 b0 ed c6 e7 99 52 41 | |||
| 01 a8 30 7f | 01 a8 30 7f | |||
| IPv4/TCP: | IPv4/TCP: | |||
| 45 e0 00 87 54 37 40 00 ff 06 48 09 ac 1b 1c 1d | 45 e0 00 87 54 37 40 00 ff 06 48 09 ac 1b 1c 1d | |||
| 0a 0b 0c 0d 00 b3 ff 12 ac d5 b5 e2 cb 0e fc 32 | 0a 0b 0c 0d 00 b3 ff 12 ac d5 b5 e2 cb 0e fc 32 | |||
| c0 18 01 00 46 b6 00 00 01 01 08 0a 57 67 72 f3 | c0 18 01 00 46 b6 00 00 01 01 08 0a 57 67 72 f3 | |||
| skipping to change at line 410 ¶ | skipping to change at line 410 ¶ | |||
| In the following sections, all values are indicated as 2-digit | In the following sections, all values are indicated as 2-digit | |||
| hexadecimal values with spacing per line representing the contents | hexadecimal values with spacing per line representing the contents | |||
| of 16 consecutive bytes, as is typical for data dumps. The IP/TCP | of 16 consecutive bytes, as is typical for data dumps. The IP/TCP | |||
| data indicates the entire IP packet, including the TCP segment and | data indicates the entire IP packet, including the TCP segment and | |||
| its options (whether covered by TCP-AO or not, as indicated), | its options (whether covered by TCP-AO or not, as indicated), | |||
| including TCP-AO.</t> | including TCP-AO.</t> | |||
| <section anchor="sect-5.1" numbered="true" toc="default"> | <section anchor="sect-5.1" numbered="true" toc="default"> | |||
| <name>AES-128-CMAC-96 (Default - Covers TCP Options)</name> | <name>AES-128-CMAC-96 (Default - Covers TCP Options)</name> | |||
| <section anchor="sect-5.1.1" numbered="true" toc="default"> | <section anchor="sect-5.1.1" numbered="true" toc="default"> | |||
| <name>Send (Client) SYN (Covers Options)</name> | <name>Send (Client) SYN (Covers Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Client ISN = 0x787a1ddf | Client ISN = 0x787a1ddf | |||
| Send_SYN_traffic_key: | Send_SYN_traffic_key: | |||
| f5 b8 b3 d5 f3 4f db b6 eb 8d 4a b9 66 0e 60 e3 | f5 b8 b3 d5 f3 4f db b6 eb 8d 4a b9 66 0e 60 e3 | |||
| IP/TCP: | IP/TCP: | |||
| 45 e0 00 4c 7b 9f 40 00 ff 06 20 dc 0a 0b 0c 0d | 45 e0 00 4c 7b 9f 40 00 ff 06 20 dc 0a 0b 0c 0d | |||
| ac 1b 1c 1d c4 fa 00 b3 78 7a 1d df 00 00 00 00 | ac 1b 1c 1d c4 fa 00 b3 78 7a 1d df 00 00 00 00 | |||
| skipping to change at line 432 ¶ | skipping to change at line 432 ¶ | |||
| 04 02 08 0a 00 01 7e d0 00 00 00 00 1d 10 3d 54 | 04 02 08 0a 00 01 7e d0 00 00 00 00 1d 10 3d 54 | |||
| e4 77 e9 9c 80 40 76 54 98 e5 50 91 | e4 77 e9 9c 80 40 76 54 98 e5 50 91 | |||
| MAC: | MAC: | |||
| e4 77 e9 9c 80 40 76 54 98 e5 50 91 | e4 77 e9 9c 80 40 76 54 98 e5 50 91 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-5.1.2" numbered="true" toc="default"> | <section anchor="sect-5.1.2" numbered="true" toc="default"> | |||
| <name>Receive (Server) SYN-ACK (Covers Options)</name> | <name>Receive (Server) SYN-ACK (Covers Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Server ISN = 0xfadd6de9 | Server ISN = 0xfadd6de9 | |||
| Receive_SYN_traffic_key: | Receive_SYN_traffic_key: | |||
| 4b c7 57 1a 48 6f 32 64 bb d8 88 47 40 66 b4 b1 | 4b c7 57 1a 48 6f 32 64 bb d8 88 47 40 66 b4 b1 | |||
| IPv4/TCP: | IPv4/TCP: | |||
| 45 e0 00 4c 4b ad 40 00 ff 06 50 ce ac 1b 1c 1d | 45 e0 00 4c 4b ad 40 00 ff 06 50 ce ac 1b 1c 1d | |||
| 0a 0b 0c 0d 00 b3 c4 fa fa dd 6d e9 78 7a 1d e0 | 0a 0b 0c 0d 00 b3 c4 fa fa dd 6d e9 78 7a 1d e0 | |||
| skipping to change at line 454 ¶ | skipping to change at line 454 ¶ | |||
| 04 02 08 0a 93 f4 e9 e8 00 01 7e d0 1d 10 54 3d | 04 02 08 0a 93 f4 e9 e8 00 01 7e d0 1d 10 54 3d | |||
| d6 ad a7 bc 4c dd 53 6d 17 69 db 5f | d6 ad a7 bc 4c dd 53 6d 17 69 db 5f | |||
| MAC: | MAC: | |||
| d6 ad a7 bc 4c dd 53 6d 17 69 db 5f | d6 ad a7 bc 4c dd 53 6d 17 69 db 5f | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-5.1.3" numbered="true" toc="default"> | <section anchor="sect-5.1.3" numbered="true" toc="default"> | |||
| <name>Send (Client) Non-SYN (Covers Options)</name> | <name>Send (Client) Non-SYN (Covers Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Send_other_traffic_key: | Send_other_traffic_key: | |||
| 8c 8a e0 e8 37 1e c5 cb b9 7e a7 9d 90 41 83 91 | 8c 8a e0 e8 37 1e c5 cb b9 7e a7 9d 90 41 83 91 | |||
| IPv4/TCP: | IPv4/TCP: | |||
| 45 e0 00 87 fb 4f 40 00 ff 06 a0 f0 0a 0b 0c 0d | 45 e0 00 87 fb 4f 40 00 ff 06 a0 f0 0a 0b 0c 0d | |||
| ac 1b 1c 1d c4 fa 00 b3 78 7a 1d e0 fa dd 6d ea | ac 1b 1c 1d c4 fa 00 b3 78 7a 1d e0 fa dd 6d ea | |||
| c0 18 01 04 95 05 00 00 01 01 08 0a 00 01 7e d0 | c0 18 01 04 95 05 00 00 01 01 08 0a 00 01 7e d0 | |||
| 93 f4 e9 e8 1d 10 3d 54 77 41 27 42 fa 4d c4 33 | 93 f4 e9 e8 1d 10 3d 54 77 41 27 42 fa 4d c4 33 | |||
| skipping to change at line 478 ¶ | skipping to change at line 478 ¶ | |||
| 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 | 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 | |||
| 06 00 64 00 01 01 00 | 06 00 64 00 01 01 00 | |||
| MAC: | MAC: | |||
| 77 41 27 42 fa 4d c4 33 ef f0 97 3e | 77 41 27 42 fa 4d c4 33 ef f0 97 3e | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-5.1.4" numbered="true" toc="default"> | <section anchor="sect-5.1.4" numbered="true" toc="default"> | |||
| <name>Receive (Server) Non-SYN (Covers Options)</name> | <name>Receive (Server) Non-SYN (Covers Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Receive_other_traffic_key: | Receive_other_traffic_key: | |||
| 4b c7 57 1a 48 6f 32 64 bb d8 88 47 40 66 b4 b1 | 4b c7 57 1a 48 6f 32 64 bb d8 88 47 40 66 b4 b1 | |||
| IPv4/TCP: | IPv4/TCP: | |||
| 45 e0 00 87 b9 14 40 00 ff 06 e3 2b ac 1b 1c 1d | 45 e0 00 87 b9 14 40 00 ff 06 e3 2b ac 1b 1c 1d | |||
| 0a 0b 0c 0d 00 b3 c4 fa fa dd 6d ea 78 7a 1e 23 | 0a 0b 0c 0d 00 b3 c4 fa fa dd 6d ea 78 7a 1e 23 | |||
| c0 18 01 00 e7 db 00 00 01 01 08 0a 93 f4 e9 e8 | c0 18 01 00 e7 db 00 00 01 01 08 0a 93 f4 e9 e8 | |||
| 00 01 7e d0 1d 10 54 3d f6 d9 65 a7 83 82 a7 48 | 00 01 7e d0 1d 10 54 3d f6 d9 65 a7 83 82 a7 48 | |||
| skipping to change at line 505 ¶ | skipping to change at line 505 ¶ | |||
| MAC: | MAC: | |||
| f6 d9 65 a7 83 82 a7 48 45 f7 2d ac | f6 d9 65 a7 83 82 a7 48 45 f7 2d ac | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| </section> | </section> | |||
| <section anchor="sect-5.2" numbered="true" toc="default"> | <section anchor="sect-5.2" numbered="true" toc="default"> | |||
| <name>AES-128-CMAC-96 (Omits TCP Options)</name> | <name>AES-128-CMAC-96 (Omits TCP Options)</name> | |||
| <section anchor="sect-5.2.1" numbered="true" toc="default"> | <section anchor="sect-5.2.1" numbered="true" toc="default"> | |||
| <name>Send (Client) SYN (Omits Options)</name> | <name>Send (Client) SYN (Omits Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Client ISN = 0x389bed71 | Client ISN = 0x389bed71 | |||
| Send_SYN_traffic_key: | Send_SYN_traffic_key: | |||
| 2c db ae 13 92 c4 94 49 fa 92 c4 50 97 35 d5 0e | 2c db ae 13 92 c4 94 49 fa 92 c4 50 97 35 d5 0e | |||
| IPv4/TCP: | IPv4/TCP: | |||
| 45 e0 00 4c f2 2e 40 00 ff 06 aa 4c 0a 0b 0c 0d | 45 e0 00 4c f2 2e 40 00 ff 06 aa 4c 0a 0b 0c 0d | |||
| ac 1b 1c 1d da 1c 00 b3 38 9b ed 71 00 00 00 00 | ac 1b 1c 1d da 1c 00 b3 38 9b ed 71 00 00 00 00 | |||
| skipping to change at line 527 ¶ | skipping to change at line 527 ¶ | |||
| 04 02 08 0a 00 01 85 e1 00 00 00 00 1d 10 3d 54 | 04 02 08 0a 00 01 85 e1 00 00 00 00 1d 10 3d 54 | |||
| c4 4e 60 cb 31 f7 c0 b1 de 3d 27 49 | c4 4e 60 cb 31 f7 c0 b1 de 3d 27 49 | |||
| MAC: | MAC: | |||
| c4 4e 60 cb 31 f7 c0 b1 de 3d 27 49 | c4 4e 60 cb 31 f7 c0 b1 de 3d 27 49 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-5.2.2" numbered="true" toc="default"> | <section anchor="sect-5.2.2" numbered="true" toc="default"> | |||
| <name>Receive (Server) SYN-ACK (Omits Options)</name> | <name>Receive (Server) SYN-ACK (Omits Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Server ISN = 0xd3844a6f | Server ISN = 0xd3844a6f | |||
| Receive_SYN_traffic_key: | Receive_SYN_traffic_key: | |||
| 3c e6 7a 55 18 69 50 6b 63 47 b6 33 c5 0a 62 4a | 3c e6 7a 55 18 69 50 6b 63 47 b6 33 c5 0a 62 4a | |||
| IPv4/TCP: | IPv4/TCP: | |||
| 45 e0 00 4c 6c c0 40 00 ff 06 2f bb ac 1b 1c 1d | 45 e0 00 4c 6c c0 40 00 ff 06 2f bb ac 1b 1c 1d | |||
| 0a 0b 0c 0d 00 b3 da 1c d3 84 4a 6f 38 9b ed 72 | 0a 0b 0c 0d 00 b3 da 1c d3 84 4a 6f 38 9b ed 72 | |||
| skipping to change at line 549 ¶ | skipping to change at line 549 ¶ | |||
| 04 02 08 0a ce 45 98 38 00 01 85 e1 1d 10 54 3d | 04 02 08 0a ce 45 98 38 00 01 85 e1 1d 10 54 3d | |||
| 3a 6a bb 20 7e 49 b1 be 71 36 db 90 | 3a 6a bb 20 7e 49 b1 be 71 36 db 90 | |||
| MAC: | MAC: | |||
| 3a 6a bb 20 7e 49 b1 be 71 36 db 90 | 3a 6a bb 20 7e 49 b1 be 71 36 db 90 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-5.2.3" numbered="true" toc="default"> | <section anchor="sect-5.2.3" numbered="true" toc="default"> | |||
| <name>Send (Client) Non-SYN (Omits Options)</name> | <name>Send (Client) Non-SYN (Omits Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Send_other_traffic_key: | Send_other_traffic_key: | |||
| 03 5b c4 00 a3 41 ff e5 95 f5 9f 58 00 50 06 ca | 03 5b c4 00 a3 41 ff e5 95 f5 9f 58 00 50 06 ca | |||
| IPv4/TCP: | IPv4/TCP: | |||
| 45 e0 00 87 ee 91 40 00 ff 06 ad ae 0a 0b 0c 0d | 45 e0 00 87 ee 91 40 00 ff 06 ad ae 0a 0b 0c 0d | |||
| ac 1b 1c 1d da 1c 00 b3 38 9b ed 72 d3 84 4a 70 | ac 1b 1c 1d da 1c 00 b3 38 9b ed 72 d3 84 4a 70 | |||
| c0 18 01 04 88 51 00 00 01 01 08 0a 00 01 85 e1 | c0 18 01 04 88 51 00 00 01 01 08 0a 00 01 85 e1 | |||
| ce 45 98 38 1d 10 3d 54 75 85 e9 e9 d5 c3 ec 85 | ce 45 98 38 1d 10 3d 54 75 85 e9 e9 d5 c3 ec 85 | |||
| skipping to change at line 573 ¶ | skipping to change at line 573 ¶ | |||
| 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 | 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 | |||
| 06 00 64 00 01 01 00 | 06 00 64 00 01 01 00 | |||
| MAC: | MAC: | |||
| 75 85 e9 e9 d5 c3 ec 85 7b 96 f8 37 | 75 85 e9 e9 d5 c3 ec 85 7b 96 f8 37 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-5.2.4" numbered="true" toc="default"> | <section anchor="sect-5.2.4" numbered="true" toc="default"> | |||
| <name>Receive (Server) Non-SYN (Omits Options)</name> | <name>Receive (Server) Non-SYN (Omits Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Receive_other_traffic_key: | Receive_other_traffic_key: | |||
| 3c e6 7a 55 18 69 50 6b 63 47 b6 33 c5 0a 62 4a | 3c e6 7a 55 18 69 50 6b 63 47 b6 33 c5 0a 62 4a | |||
| IPv4/TCP: | IPv4/TCP: | |||
| 45 e0 00 87 6a 21 40 00 ff 06 32 1f ac 1b 1c 1d | 45 e0 00 87 6a 21 40 00 ff 06 32 1f ac 1b 1c 1d | |||
| 0a 0b 0c 0d 00 b3 da 1c d3 84 4a 70 38 9b ed 72 | 0a 0b 0c 0d 00 b3 da 1c d3 84 4a 70 38 9b ed 72 | |||
| c0 18 01 00 04 49 00 00 01 01 08 0a ce 45 98 38 | c0 18 01 00 04 49 00 00 01 01 08 0a ce 45 98 38 | |||
| 00 01 85 e1 1d 10 54 3d 5c 04 0f d9 23 33 04 76 | 00 01 85 e1 1d 10 54 3d 5c 04 0f d9 23 33 04 76 | |||
| skipping to change at line 606 ¶ | skipping to change at line 606 ¶ | |||
| </section> | </section> | |||
| <section anchor="sect-6" numbered="true" toc="default"> | <section anchor="sect-6" numbered="true" toc="default"> | |||
| <name>IPv6 SHA-1 Output Test Vectors</name> | <name>IPv6 SHA-1 Output Test Vectors</name> | |||
| <t keepWithNext="true"> | <t keepWithNext="true"> | |||
| The SHA-1 KDF and MAC algorithms, KDF_HMAC_SHA1 and HMAC-SHA-1-96, | The SHA-1 KDF and MAC algorithms, KDF_HMAC_SHA1 and HMAC-SHA-1-96, | |||
| are computed as specified for TCP-AO <xref target="RFC5926" format="default"/>.</t> | are computed as specified for TCP-AO <xref target="RFC5926" format="default"/>.</t> | |||
| <section anchor="sect-6.1" numbered="true" toc="default"> | <section anchor="sect-6.1" numbered="true" toc="default"> | |||
| <name>HMAC-SHA-1-96 (Default - Covers TCP Options)</name> | <name>HMAC-SHA-1-96 (Default - Covers TCP Options)</name> | |||
| <section anchor="sect-6.1.1" numbered="true" toc="default"> | <section anchor="sect-6.1.1" numbered="true" toc="default"> | |||
| <name>Send (Client) SYN (Covers Options)</name> | <name>Send (Client) SYN (Covers Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Client ISN = 0x176a833f | Client ISN = 0x176a833f | |||
| Send_SYN_traffic_key: | Send_SYN_traffic_key: | |||
| 62 5e c0 9d 57 58 36 ed c9 b6 42 84 18 bb f0 69 | 62 5e c0 9d 57 58 36 ed c9 b6 42 84 18 bb f0 69 | |||
| 89 a3 61 bb | 89 a3 61 bb | |||
| IPv6/TCP: | IPv6/TCP: | |||
| 6e 08 91 dc 00 38 06 40 fd 00 00 00 00 00 00 00 | 6e 08 91 dc 00 38 06 40 fd 00 00 00 00 00 00 00 | |||
| skipping to change at line 630 ¶ | skipping to change at line 630 ¶ | |||
| 01 03 03 08 04 02 08 0a 00 41 d0 87 00 00 00 00 | 01 03 03 08 04 02 08 0a 00 41 d0 87 00 00 00 00 | |||
| 1d 10 3d 54 90 33 ec 3d 73 34 b6 4c 5e dd 03 9f | 1d 10 3d 54 90 33 ec 3d 73 34 b6 4c 5e dd 03 9f | |||
| MAC: | MAC: | |||
| 90 33 ec 3d 73 34 b6 4c 5e dd 03 9f | 90 33 ec 3d 73 34 b6 4c 5e dd 03 9f | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-6.1.2" numbered="true" toc="default"> | <section anchor="sect-6.1.2" numbered="true" toc="default"> | |||
| <name>Receive (Server) SYN-ACK (Covers Options)</name> | <name>Receive (Server) SYN-ACK (Covers Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Server ISN = 0x3f51994b | Server ISN = 0x3f51994b | |||
| Receive_SYN_traffic_key: | Receive_SYN_traffic_key: | |||
| e4 a3 7a da 2a 0a fc a8 71 14 34 91 3f e1 38 c7 | e4 a3 7a da 2a 0a fc a8 71 14 34 91 3f e1 38 c7 | |||
| 71 eb cb 4a | 71 eb cb 4a | |||
| IPv6/TCP: | IPv6/TCP: | |||
| 6e 01 00 9e 00 38 06 40 fd 00 00 00 00 00 00 00 | 6e 01 00 9e 00 38 06 40 fd 00 00 00 00 00 00 00 | |||
| skipping to change at line 654 ¶ | skipping to change at line 654 ¶ | |||
| 01 03 03 08 04 02 08 0a bd 33 12 9b 00 41 d0 87 | 01 03 03 08 04 02 08 0a bd 33 12 9b 00 41 d0 87 | |||
| 1d 10 54 3d f1 cb a3 46 c3 52 61 63 f7 1f 1f 55 | 1d 10 54 3d f1 cb a3 46 c3 52 61 63 f7 1f 1f 55 | |||
| MAC: | MAC: | |||
| f1 cb a3 46 c3 52 61 63 f7 1f 1f 55 | f1 cb a3 46 c3 52 61 63 f7 1f 1f 55 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-6.1.3" numbered="true" toc="default"> | <section anchor="sect-6.1.3" numbered="true" toc="default"> | |||
| <name>Send (Client) Non-SYN (Covers Options)</name> | <name>Send (Client) Non-SYN (Covers Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Send_other_traffic_key: | Send_other_traffic_key: | |||
| 1e d8 29 75 f4 ea 44 4c 61 58 0c 5b d9 0d bd 61 | 1e d8 29 75 f4 ea 44 4c 61 58 0c 5b d9 0d bd 61 | |||
| bb c9 1b 7e | bb c9 1b 7e | |||
| IPv6/TCP: | IPv6/TCP: | |||
| 6e 08 91 dc 00 73 06 40 fd 00 00 00 00 00 00 00 | 6e 08 91 dc 00 73 06 40 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 02 f7 e4 00 b3 17 6a 83 40 | 00 00 00 00 00 00 00 02 f7 e4 00 b3 17 6a 83 40 | |||
| skipping to change at line 680 ¶ | skipping to change at line 680 ¶ | |||
| 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd | 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd | |||
| e8 02 08 40 06 00 64 00 01 01 00 | e8 02 08 40 06 00 64 00 01 01 00 | |||
| MAC: | MAC: | |||
| bf 08 05 fe b4 ac 7b 16 3d 6f cd f2 | bf 08 05 fe b4 ac 7b 16 3d 6f cd f2 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-6.1.4" numbered="true" toc="default"> | <section anchor="sect-6.1.4" numbered="true" toc="default"> | |||
| <name>Receive (Server) Non-SYN (Covers Options)</name> | <name>Receive (Server) Non-SYN (Covers Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Receive_other_traffic_key: | Receive_other_traffic_key: | |||
| e4 a3 7a da 2a 0a fc a8 71 14 34 91 3f e1 38 c7 | e4 a3 7a da 2a 0a fc a8 71 14 34 91 3f e1 38 c7 | |||
| 71 eb cb 4a | 71 eb cb 4a | |||
| IPv6/TCP: | IPv6/TCP: | |||
| 6e 01 00 9e 00 73 06 40 fd 00 00 00 00 00 00 00 | 6e 01 00 9e 00 73 06 40 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 01 00 b3 f7 e4 3f 51 99 4c | 00 00 00 00 00 00 00 01 00 b3 f7 e4 3f 51 99 4c | |||
| skipping to change at line 709 ¶ | skipping to change at line 709 ¶ | |||
| MAC: | MAC: | |||
| 6c 48 12 5c 11 33 5b ab 9a 07 a7 97 | 6c 48 12 5c 11 33 5b ab 9a 07 a7 97 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| </section> | </section> | |||
| <section anchor="sect-6.2" numbered="true" toc="default"> | <section anchor="sect-6.2" numbered="true" toc="default"> | |||
| <name>HMAC-SHA-1-96 (Omits TCP Options)</name> | <name>HMAC-SHA-1-96 (Omits TCP Options)</name> | |||
| <section anchor="sect-6.2.1" numbered="true" toc="default"> | <section anchor="sect-6.2.1" numbered="true" toc="default"> | |||
| <name>Send (Client) SYN (Omits Options)</name> | <name>Send (Client) SYN (Omits Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Client ISN = 0x020c1e69 | Client ISN = 0x020c1e69 | |||
| Send_SYN_traffic_key: | Send_SYN_traffic_key: | |||
| 31 a3 fa f6 9e ff ae 52 93 1b 7f 84 54 67 31 5c | 31 a3 fa f6 9e ff ae 52 93 1b 7f 84 54 67 31 5c | |||
| 27 0a 4e dc | 27 0a 4e dc | |||
| IPv6/TCP: | IPv6/TCP: | |||
| 6e 07 8f cd 00 38 06 40 fd 00 00 00 00 00 00 00 | 6e 07 8f cd 00 38 06 40 fd 00 00 00 00 00 00 00 | |||
| skipping to change at line 733 ¶ | skipping to change at line 733 ¶ | |||
| 01 03 03 08 04 02 08 0a 00 9d b9 5b 00 00 00 00 | 01 03 03 08 04 02 08 0a 00 9d b9 5b 00 00 00 00 | |||
| 1d 10 3d 54 88 56 98 b0 53 0e d4 d5 a1 5f 83 46 | 1d 10 3d 54 88 56 98 b0 53 0e d4 d5 a1 5f 83 46 | |||
| MAC: | MAC: | |||
| 88 56 98 b0 53 0e d4 d5 a1 5f 83 46 | 88 56 98 b0 53 0e d4 d5 a1 5f 83 46 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-6.2.2" numbered="true" toc="default"> | <section anchor="sect-6.2.2" numbered="true" toc="default"> | |||
| <name>Receive (Server) SYN-ACK (Omits Options)</name> | <name>Receive (Server) SYN-ACK (Omits Options)</name> | |||
| <sourcecode type="test-vectors" ><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Server ISN = 0xeba3734d | Server ISN = 0xeba3734d | |||
| Receive_SYN_traffic_key: | Receive_SYN_traffic_key: | |||
| 40 51 08 94 7f 99 65 75 e7 bd bc 26 d4 02 16 a2 | 40 51 08 94 7f 99 65 75 e7 bd bc 26 d4 02 16 a2 | |||
| c7 fa 91 bd | c7 fa 91 bd | |||
| IPv6/TCP: | IPv6/TCP: | |||
| 6e 0a 7e 1f 00 38 06 40 fd 00 00 00 00 00 00 00 | 6e 0a 7e 1f 00 38 06 40 fd 00 00 00 00 00 00 00 | |||
| skipping to change at line 757 ¶ | skipping to change at line 757 ¶ | |||
| 01 03 03 08 04 02 08 0a 5e c9 9b 70 00 9d b9 5b | 01 03 03 08 04 02 08 0a 5e c9 9b 70 00 9d b9 5b | |||
| 1d 10 54 3d 3c 54 6b ad 97 43 f1 2d f8 b8 01 0d | 1d 10 54 3d 3c 54 6b ad 97 43 f1 2d f8 b8 01 0d | |||
| MAC: | MAC: | |||
| 3c 54 6b ad 97 43 f1 2d f8 b8 01 0d | 3c 54 6b ad 97 43 f1 2d f8 b8 01 0d | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-6.2.3" numbered="true" toc="default"> | <section anchor="sect-6.2.3" numbered="true" toc="default"> | |||
| <name>Send (Client) Non-SYN (Omits Options)</name> | <name>Send (Client) Non-SYN (Omits Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Send_other_traffic_key: | Send_other_traffic_key: | |||
| b3 4e ed 6a 93 96 a6 69 f1 c4 f4 f5 76 18 f3 65 | b3 4e ed 6a 93 96 a6 69 f1 c4 f4 f5 76 18 f3 65 | |||
| 6f 52 c7 ab | 6f 52 c7 ab | |||
| IPv6/TCP: | IPv6/TCP: | |||
| 6e 07 8f cd 00 73 06 40 fd 00 00 00 00 00 00 00 | 6e 07 8f cd 00 73 06 40 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 02 c6 cd 00 b3 02 0c 1e 6a | 00 00 00 00 00 00 00 02 c6 cd 00 b3 02 0c 1e 6a | |||
| skipping to change at line 783 ¶ | skipping to change at line 783 ¶ | |||
| 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd | 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd | |||
| e8 02 08 40 06 00 64 00 01 01 00 | e8 02 08 40 06 00 64 00 01 01 00 | |||
| MAC: | MAC: | |||
| 48 bd 09 3b 19 24 e0 01 19 2f 5b f0 | 48 bd 09 3b 19 24 e0 01 19 2f 5b f0 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-6.2.4" numbered="true" toc="default"> | <section anchor="sect-6.2.4" numbered="true" toc="default"> | |||
| <name>Receive (Server) Non-SYN (Omits Options)</name> | <name>Receive (Server) Non-SYN (Omits Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Receive_other_traffic_key: | Receive_other_traffic_key: | |||
| 40 51 08 94 7f 99 65 75 e7 bd bc 26 d4 02 16 a2 | 40 51 08 94 7f 99 65 75 e7 bd bc 26 d4 02 16 a2 | |||
| c7 fa 91 bd | c7 fa 91 bd | |||
| IPv6/TCP: | IPv6/TCP: | |||
| 6e 0a 7e 1f 00 73 06 40 fd 00 00 00 00 00 00 00 | 6e 0a 7e 1f 00 73 06 40 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 01 00 b3 c6 cd eb a3 73 4e | 00 00 00 00 00 00 00 01 00 b3 c6 cd eb a3 73 4e | |||
| skipping to change at line 817 ¶ | skipping to change at line 817 ¶ | |||
| </section> | </section> | |||
| </section> | </section> | |||
| <section anchor="sect-7" numbered="true" toc="default"> | <section anchor="sect-7" numbered="true" toc="default"> | |||
| <name>IPv6 AES-128 Output Test Vectors</name> | <name>IPv6 AES-128 Output Test Vectors</name> | |||
| <t keepWithNext="true"> | <t keepWithNext="true"> | |||
| The AES-128 KDF and MAC algorithms, KDF_AES_128_CMAC and AES-128-CMAC-96, are computed as specified for TCP-AO <xref target="RFC5926" format="default"/>.</t> | The AES-128 KDF and MAC algorithms, KDF_AES_128_CMAC and AES-128-CMAC-96, are computed as specified for TCP-AO <xref target="RFC5926" format="default"/>.</t> | |||
| <section anchor="sect-7.1" numbered="true" toc="default"> | <section anchor="sect-7.1" numbered="true" toc="default"> | |||
| <name>AES-128-CMAC-96 (Default - Covers TCP Options)</name> | <name>AES-128-CMAC-96 (Default - Covers TCP Options)</name> | |||
| <section anchor="sect-7.1.1" numbered="true" toc="default"> | <section anchor="sect-7.1.1" numbered="true" toc="default"> | |||
| <name>Send (Client) SYN (Covers Options)</name> | <name>Send (Client) SYN (Covers Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Client ISN = 0x193cccec | Client ISN = 0x193cccec | |||
| Send_SYN_traffic_key: | Send_SYN_traffic_key: | |||
| fa 5a 21 08 88 2d 39 d0 c7 19 29 17 5a b1 b7 b8 | fa 5a 21 08 88 2d 39 d0 c7 19 29 17 5a b1 b7 b8 | |||
| IP/TCP: | IP/TCP: | |||
| 6e 04 a7 06 00 38 06 40 fd 00 00 00 00 00 00 00 | 6e 04 a7 06 00 38 06 40 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 | |||
| skipping to change at line 840 ¶ | skipping to change at line 840 ¶ | |||
| 01 03 03 08 04 02 08 0a 13 e4 ab 99 00 00 00 00 | 01 03 03 08 04 02 08 0a 13 e4 ab 99 00 00 00 00 | |||
| 1d 10 3d 54 59 b5 88 10 74 81 ac 6d c3 92 70 40 | 1d 10 3d 54 59 b5 88 10 74 81 ac 6d c3 92 70 40 | |||
| MAC: | MAC: | |||
| 59 b5 88 10 74 81 ac 6d c3 92 70 40 | 59 b5 88 10 74 81 ac 6d c3 92 70 40 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-7.1.2" numbered="true" toc="default"> | <section anchor="sect-7.1.2" numbered="true" toc="default"> | |||
| <name>Receive (Server) SYN-ACK (Covers Options)</name> | <name>Receive (Server) SYN-ACK (Covers Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Server ISN = 0xa6744ecb | Server ISN = 0xa6744ecb | |||
| Receive_SYN_traffic_key: | Receive_SYN_traffic_key: | |||
| cf 1b 1e 22 5e 06 a6 36 16 76 4a 06 7b 46 f4 b1 | cf 1b 1e 22 5e 06 a6 36 16 76 4a 06 7b 46 f4 b1 | |||
| IPv6/TCP: | IPv6/TCP: | |||
| 6e 06 15 20 00 38 06 40 fd 00 00 00 00 00 00 00 | 6e 06 15 20 00 38 06 40 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 | |||
| skipping to change at line 863 ¶ | skipping to change at line 863 ¶ | |||
| 01 03 03 08 04 02 08 0a 71 da ab c8 13 e4 ab 99 | 01 03 03 08 04 02 08 0a 71 da ab c8 13 e4 ab 99 | |||
| 1d 10 54 3d dc 28 43 a8 4e 78 a6 bc fd c5 ed 80 | 1d 10 54 3d dc 28 43 a8 4e 78 a6 bc fd c5 ed 80 | |||
| MAC: | MAC: | |||
| dc 28 43 a8 4e 78 a6 bc fd c5 ed 80 | dc 28 43 a8 4e 78 a6 bc fd c5 ed 80 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-7.1.3" numbered="true" toc="default"> | <section anchor="sect-7.1.3" numbered="true" toc="default"> | |||
| <name>Send (Client) Non-SYN (Covers Options)</name> | <name>Send (Client) Non-SYN (Covers Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Send_other_traffic_key: | Send_other_traffic_key: | |||
| 61 74 c3 55 7a be d2 75 74 db a3 71 85 f0 03 00 | 61 74 c3 55 7a be d2 75 74 db a3 71 85 f0 03 00 | |||
| IPv6/TCP: | IPv6/TCP: | |||
| 6e 04 a7 06 00 73 06 40 fd 00 00 00 00 00 00 00 | 6e 04 a7 06 00 73 06 40 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 02 f8 5a 00 b3 19 3c cc ed | 00 00 00 00 00 00 00 02 f8 5a 00 b3 19 3c cc ed | |||
| a6 74 4e cc c0 18 01 00 32 80 00 00 01 01 08 0a | a6 74 4e cc c0 18 01 00 32 80 00 00 01 01 08 0a | |||
| skipping to change at line 888 ¶ | skipping to change at line 888 ¶ | |||
| 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd | 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd | |||
| e8 02 08 40 06 00 64 00 01 01 00 | e8 02 08 40 06 00 64 00 01 01 00 | |||
| MAC: | MAC: | |||
| 7b 6a 45 5c 0d 4f 5f 01 83 5b aa b3 | 7b 6a 45 5c 0d 4f 5f 01 83 5b aa b3 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-7.1.4" numbered="true" toc="default"> | <section anchor="sect-7.1.4" numbered="true" toc="default"> | |||
| <name>Receive (Server) Non-SYN (Covers Options)</name> | <name>Receive (Server) Non-SYN (Covers Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Receive_other_traffic_key: | Receive_other_traffic_key: | |||
| cf 1b 1e 22 5e 06 a6 36 16 76 4a 06 7b 46 f4 b1 | cf 1b 1e 22 5e 06 a6 36 16 76 4a 06 7b 46 f4 b1 | |||
| IPv6/TCP: | IPv6/TCP: | |||
| 6e 06 15 20 00 73 06 40 fd 00 00 00 00 00 00 00 | 6e 06 15 20 00 73 06 40 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 01 00 b3 f8 5a a6 74 4e cc | 00 00 00 00 00 00 00 01 00 b3 f8 5a a6 74 4e cc | |||
| 19 3c cd 30 c0 18 01 00 52 f4 00 00 01 01 08 0a | 19 3c cd 30 c0 18 01 00 52 f4 00 00 01 01 08 0a | |||
| skipping to change at line 916 ¶ | skipping to change at line 916 ¶ | |||
| MAC: | MAC: | |||
| c1 06 9b 7d fd 3d 69 3a 6d f3 f2 89 | c1 06 9b 7d fd 3d 69 3a 6d f3 f2 89 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| </section> | </section> | |||
| <section anchor="sect-7.2" numbered="true" toc="default"> | <section anchor="sect-7.2" numbered="true" toc="default"> | |||
| <name>AES-128-CMAC-96 (Omits TCP Options)</name> | <name>AES-128-CMAC-96 (Omits TCP Options)</name> | |||
| <section anchor="sect-7.2.1" numbered="true" toc="default"> | <section anchor="sect-7.2.1" numbered="true" toc="default"> | |||
| <name>Send (Client) SYN (Omits Options)</name> | <name>Send (Client) SYN (Omits Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Client ISN = 0xb01da74a | Client ISN = 0xb01da74a | |||
| Send_SYN_traffic_key: | Send_SYN_traffic_key: | |||
| a9 4f 51 12 63 e4 09 3d 35 dd 81 8c 13 bb bf 53 | a9 4f 51 12 63 e4 09 3d 35 dd 81 8c 13 bb bf 53 | |||
| IPv6/TCP: | IPv6/TCP: | |||
| 6e 09 3d 76 00 38 06 40 fd 00 00 00 00 00 00 00 | 6e 09 3d 76 00 38 06 40 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 | |||
| skipping to change at line 939 ¶ | skipping to change at line 939 ¶ | |||
| 01 03 03 08 04 02 08 0a 14 27 5b 3b 00 00 00 00 | 01 03 03 08 04 02 08 0a 14 27 5b 3b 00 00 00 00 | |||
| 1d 10 3d 54 3d 45 b4 34 2d e8 bb 15 30 84 78 98 | 1d 10 3d 54 3d 45 b4 34 2d e8 bb 15 30 84 78 98 | |||
| MAC: | MAC: | |||
| 3d 45 b4 34 2d e8 bb 15 30 84 78 98 | 3d 45 b4 34 2d e8 bb 15 30 84 78 98 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-7.2.2" numbered="true" toc="default"> | <section anchor="sect-7.2.2" numbered="true" toc="default"> | |||
| <name>Receive (Server) SYN-ACK (Omits Options)</name> | <name>Receive (Server) SYN-ACK (Omits Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Server ISN = 0xa6246145 | Server ISN = 0xa6246145 | |||
| Receive_SYN_traffic_key: | Receive_SYN_traffic_key: | |||
| 92 de a5 bb c7 8b 1d 9f 5b 29 52 e9 cd 30 64 2a | 92 de a5 bb c7 8b 1d 9f 5b 29 52 e9 cd 30 64 2a | |||
| IPv6/TCP: | IPv6/TCP: | |||
| 6e 0c 60 0a 00 38 06 40 fd 00 00 00 00 00 00 00 | 6e 0c 60 0a 00 38 06 40 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 | |||
| skipping to change at line 962 ¶ | skipping to change at line 962 ¶ | |||
| 01 03 03 08 04 02 08 0a 17 82 24 5b 14 27 5b 3b | 01 03 03 08 04 02 08 0a 17 82 24 5b 14 27 5b 3b | |||
| 1d 10 54 3d 1d 01 f6 c8 7c 6f 93 ac ff a9 d4 b5 | 1d 10 54 3d 1d 01 f6 c8 7c 6f 93 ac ff a9 d4 b5 | |||
| MAC: | MAC: | |||
| 1d 01 f6 c8 7c 6f 93 ac ff a9 d4 b5 | 1d 01 f6 c8 7c 6f 93 ac ff a9 d4 b5 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-7.2.3" numbered="true" toc="default"> | <section anchor="sect-7.2.3" numbered="true" toc="default"> | |||
| <name>Send (Client) Non-SYN (Omits Options)</name> | <name>Send (Client) Non-SYN (Omits Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Send_other_traffic_key: | Send_other_traffic_key: | |||
| 4f b2 08 6e 40 2c 67 90 79 ed 65 d4 bf 97 69 3d | 4f b2 08 6e 40 2c 67 90 79 ed 65 d4 bf 97 69 3d | |||
| IPv6/TCP: | IPv6/TCP: | |||
| 6e 09 3d 76 00 73 06 40 fd 00 00 00 00 00 00 00 | 6e 09 3d 76 00 73 06 40 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 02 f2 88 00 b3 b0 1d a7 4b | 00 00 00 00 00 00 00 02 f2 88 00 b3 b0 1d a7 4b | |||
| a6 24 61 46 c0 18 01 00 c3 6d 00 00 01 01 08 0a | a6 24 61 46 c0 18 01 00 c3 6d 00 00 01 01 08 0a | |||
| skipping to change at line 987 ¶ | skipping to change at line 987 ¶ | |||
| 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd | 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd | |||
| e8 02 08 40 06 00 64 00 01 01 00 | e8 02 08 40 06 00 64 00 01 01 00 | |||
| MAC: | MAC: | |||
| 29 0c f4 14 cc b4 7a 33 32 76 e7 f8 | 29 0c f4 14 cc b4 7a 33 32 76 e7 f8 | |||
| ]]></sourcecode> | ]]></sourcecode> | |||
| </section> | </section> | |||
| <section anchor="sect-7.2.4" numbered="true" toc="default"> | <section anchor="sect-7.2.4" numbered="true" toc="default"> | |||
| <name>Receive (Server) Non-SYN (Omits Options)</name> | <name>Receive (Server) Non-SYN (Omits Options)</name> | |||
| <sourcecode type="test-vectors"><![CDATA[ | <sourcecode type="tcp-ao-test-vectors"><![CDATA[ | |||
| Receive_other_traffic_key: | Receive_other_traffic_key: | |||
| 92 de a5 bb c7 8b 1d 9f 5b 29 52 e9 cd 30 64 2a | 92 de a5 bb c7 8b 1d 9f 5b 29 52 e9 cd 30 64 2a | |||
| IPv6/TCP: | IPv6/TCP: | |||
| 6e 0c 60 0a 00 73 06 40 fd 00 00 00 00 00 00 00 | 6e 0c 60 0a 00 73 06 40 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 | |||
| 00 00 00 00 00 00 00 01 00 b3 f2 88 a6 24 61 46 | 00 00 00 00 00 00 00 01 00 b3 f2 88 a6 24 61 46 | |||
| b0 1d a7 8e c0 18 01 00 34 51 00 00 01 01 08 0a | b0 1d a7 8e c0 18 01 00 34 51 00 00 01 01 08 0a | |||
| End of changes. 33 change blocks. | ||||
| 33 lines changed or deleted | 33 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||