<?xmlversion='1.0' encoding='utf-8'?>version="1.0" encoding="UTF-8"?> <!DOCTYPE rfcSYSTEM "rfc2629.dtd"[ <!ENTITYRFC0791 SYSTEM "https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.0791.xml">nbsp " "> <!ENTITYRFC0793 SYSTEM "https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.0793.xml">zwsp "​"> <!ENTITYRFC2018 SYSTEM "https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2018.xml">nbhy "‑"> <!ENTITYRFC2119 SYSTEM "https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"> <!ENTITY RFC5925 SYSTEM "https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5925.xml"> <!ENTITY RFC5926 SYSTEM "https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5926.xml"> <!ENTITY RFC6978 SYSTEM "https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6978.xml"> <!ENTITY RFC7323 SYSTEM "https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7323.xml"> <!ENTITY RFC8174 SYSTEM "https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"> <!ENTITY RFC8200 SYSTEM "https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8200.xml"> <!ENTITY RFC2202 SYSTEM "https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2202.xml"> <!ENTITY RFC4493 SYSTEM "https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4493.xml"> <!ENTITY RFC9187 SYSTEM "https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.9187.xml">wj "⁠"> ]> <rfcsubmissionType="IETF"xmlns:xi="http://www.w3.org/2001/XInclude" docName="draft-ietf-tcpm-ao-test-vectors-09" number="9235" submissionType="IETF" category="info"ipr="trust200902">consensus="true" ipr="trust200902" obsoletes="" updates="" xml:lang="en" symRefs="true" sortRefs="true" tocInclude="true" version="3"> <!-- xml2rfc v2v3 conversion 3.12.2 --> <!-- Generated by id2xml 1.5.0 on 2022-03-28T23:00:23Z --><?rfc strict="yes"?> <?rfc compact="yes"?> <?rfc subcompact="no"?> <?rfc symrefs="yes"?> <?rfc sortrefs="no"?> <?rfc text-list-symbols="o*+-"?> <?rfc toc="yes"?><front><title>TCP-AO<title abbrev="TCP-AO Test Vectors">TCP Authentication Option (TCP-AO) Test Vectors</title> <seriesInfo name="RFC" value="9235"/> <author initials="J." surname="Touch" fullname="Joe Touch"> <organization abbrev="Independentconsultant"></organization> <address><postal> <street></street>Consultant"/> <address> <postal> <street/> <city>Manhattan Beach</city> <region>CA</region> <code>90266</code><country>USA</country><country>United States of America</country> </postal> <phone>+1 (310) 560-0334</phone> <email>touch@strayalpha.com</email> </address> </author> <author initials="J." surname="Kuusisaari" fullname="Juhamatti Kuusisaari"> <organization abbrev="Infinera">Infinera Corporation</organization><address><postal><street>Sinimaentie<address> <postal> <street>Sinimaentie 6c</street> <city>Espoo</city><code>FI-02630</code><code>02630</code> <country>Finland</country> </postal> <email>jkuusisaari@infinera.com</email> </address> </author> <date year="2022"month="March"/>month="May"/> <area>TSV</area> <workgroup>TCPM</workgroup><!-- [rfced] Please insert any keywords (beyond those that appear in the title) for use on https://www.rfc-editor.org/search. --> <keyword>example</keyword> <abstract><t><keyword>TCP</keyword> <keyword>authentication</keyword> <keyword>option</keyword> <keyword>test vector</keyword> <abstract> <t> This document provides test vectors to validate implementations of the two mandatory authentication algorithms specified for the TCP Authentication Option over both IPv4 and IPv6. This includes validation of the key derivation function (KDF) based on a set of test connection parameters as well as validation of the message authentication code (MAC). Vectors are provided for both currently required pairs of KDF and MAC algorithms: KDF_HMAC_SHA1 and HMAC- SHA-1-96, and KDF_AES_128_CMAC and AES-128-CMAC-96. The vectors also validate both whole TCP segments as well as segments whose options are excluded for middlebox traversal.</t> </abstract> </front> <middle> <sectiontitle="Introduction" anchor="sect-1"><t>anchor="sect-1" numbered="true" toc="default"> <name>Introduction</name> <t> This document provides test vectors to validate the correct implementation of the TCP Authentication Option (TCP-AO) <xreftarget="RFC5925"/>target="RFC5925" format="default"/> and its mandatory cryptographic algorithms defined in <xreftarget="RFC5926"/>.target="RFC5926" format="default"/>. It includes the specification of all endpoint parameters to generate the variety of TCP segments covered by different keys and MAC coverage, i.e., both the default case and the variant where TCP options are ignored for middlebox traversal. It also includes both default key derivation functions (KDFs) and MAC generation algorithms <xreftarget="RFC5926"/>target="RFC5926" format="default"/> and lists common pitfalls of implementing the algorithms correctly.</t> <t> The experimental extension to support NAT traversal <xreftarget="RFC6978"/>target="RFC6978" format="default"/> is not included in the provided test vectors.</t> <t> This document provides test vectors from multiple implementations that have been validated against each other for interoperability.</t> </section> <sectiontitle="Conventions usedanchor="sect-2" numbered="true" toc="default"> <name>Conventions Used inthis document" anchor="sect-2"><t>This Document</name> <t> The key words"MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY","<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>", "<bcp14>MAY</bcp14>", and"OPTIONAL""<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as described inBCP 14BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they appear in all capitals, as shownhere.</t>here. </t> </section> <sectiontitle="Inputanchor="sect-3" numbered="true" toc="default"> <name>Input TestVectors" anchor="sect-3"><section title="TCPVectors</name> <section anchor="sect-3.1" numbered="true" toc="default"> <name>TCP ConnectionParameters" anchor="sect-3.1"><t>Parameters</name> <t> The following parameters are used throughout this suite of test vectors. The terms 'active' and 'passive' are used as defined for TCP <xreftarget="RFC0793"/>.</t>target="RFC0793" format="default"/>.</t> <sectiontitle="TCP-AO parameters" anchor="sect-3.1.1"><t>anchor="sect-3.1.1" numbered="true" toc="default"> <name>TCP-AO Parameters</name> <t> The following values are used for all exchanges. This suite does not test key switchover. The KeyIDs are as indicated for TCP-AO <xreftarget="RFC5925"/>.target="RFC5925" format="default"/>. The Master_Key is used to derive the traffic keys <xreftarget="RFC5926"/>. <list> <t>Activetarget="RFC5926" format="default"/>. </t> <ul empty="true" spacing="normal"> <li>Active (client) side KeyID: 61 decimal (0x3dhexadecimal)</t> <t>Passivehexadecimal)</li> <li>Passive (server) side KeyID: 84 decimal (0x54hexadecimal)</t> <t>Master_Key:hexadecimal)</li> <li>Master_Key: "testvector" (length = 10bytes)</t> </list> </t>bytes)</li> </ul> </section> <sectiontitle="Active (client) side parameters" anchor="sect-3.1.2"><t>anchor="sect-3.1.2" numbered="true" toc="default"> <name>Active (Client) Side Parameters</name> <t> The following endpoint parameters are used on the active side of the TCP connection, i.e., the side that initiates the TCP SYN.<list> <t>For</t> <ul empty="true" spacing="normal"> <li>For IPv4: 10.11.12.13 (dotteddecimal)</t> <t>Fordecimal)</li> <li>For IPv6: fd00::1 (IPv6 hexadecimal)</t> <t>TCP</li> <li>TCP port: (varies)</t> </list> </t></li> </ul> </section> <sectiontitle="Passive (server) side parameters" anchor="sect-3.1.3"><t>anchor="sect-3.1.3" numbered="true" toc="default"> <name>Passive (Server) Side Parameters</name> <t> The following endpoint parameters are used for the passive side of the TCP connection, i.e., the side that responds with a TCP SYN-ACK.<list> <t>For</t> <ul empty="true" spacing="normal"> <li>For IPv4: 172.27.28.29 (dotteddecimal)</t> <t>Fordecimal)</li> <li>For IPv6: fd00::2 (IPv6hexadecimal)</t> <t>TCPhexadecimal)</li> <li>TCP port = 179 decimal(BGP)</t> </list> </t>(BGP)</li> </ul> </section> <sectiontitle="Otheranchor="sect-3.1.4" numbered="true" toc="default"> <name>Other IPfieldsFields andoptions" anchor="sect-3.1.4"><t>Options</name> <t> No IP options are used in these test vectors.</t> <t> All IPv4 packets use the following other parameters <xref target="RFC0791"/>:DSCPDifferentiated Services Code Point (DSCP) = 111000 binary (CS7) as is typical for BGP,ECNExplicit Congestion Notification (ECN) = 00 binary, setDF,the Don't Fragment (DF) bit, and clearMF.</t>the More Fragments (MF) bit. </t> <t> IPv4 uses a TTL of 255 decimal; IPv6 uses a hop limit of 255 decimal.</t> <t> All IPv6 packets use the following other parameters <xreftarget="RFC8200"/>:target="RFC8200" format="default"/>: traffic class = 0xe0 hexadecimal (DSCP = 111000 binary CS7, as is typical for BGP, with ECN = 00 binary) and noEHs.</t>Extension Headers (EHs).</t> </section> <sectiontitle="Otheranchor="sect-3.1.5" numbered="true" toc="default"> <name>Other TCPfieldsFields andoptions" anchor="sect-3.1.5"><t>Options</name> <t> The SYN and SYN-ACK segments includeMSSMaximum Segment Size (MSS) <xreftarget="RFC0793"/>, NOP, WindowScaletarget="RFC0793" format="default"/>, No Operation (NOP), Window Scale <xreftarget="RFC7323"/>, SACK Permittedtarget="RFC7323" format="default"/>, Selective Acknowledgment (SACK) permitted <xreftarget="RFC2018"/>, TimeStamptarget="RFC2018" format="default"/>, Timestamp <xreftarget="RFC7323"/>,target="RFC7323" format="default"/>, and TCP-AO <xreftarget="RFC5925"/>,target="RFC5925" format="default"/>, in that order.</t> <t> All other example segments include NOP, NOP,TimeStamp,Timestamp, and TCP-AO, in that order.</t> <t> All segmentURGurgent (URG) pointers are zero <xreftarget="RFC0793"/>.target="RFC0793" format="default"/>. All segments with data set thePSHpush (PSH) flag <xreftarget="RFC0793"/>.</t>target="RFC0793" format="default"/>.</t> <t> Each TCP connection below uses the Initial Sequence Numbers (ISNs) as indicated at the front of each corresponding section.</t> </section> </section> </section> <sectiontitle="IPv4anchor="sect-4" numbered="true" toc="default"> <name>IPv4 SHA-1 Output TestVectors" anchor="sect-4"><t>Vectors</name> <t> The SHA-1 KDF and MAC algorithms, KDF_HMAC_SHA1 and HMAC-SHA-1-96, are computed as specified for TCP-AO <xreftarget="RFC5926"/>.</t>target="RFC5926" format="default"/>.</t> <t> In the following sections, all values are indicated as 2-digit hexadecimal values with spacing per line representing the contents of 16 consecutive bytes, as is typical for data dumps. The IP/TCP data indicates the entire IP packet, including the TCP segment and its options (whether covered by TCP-AO or not, as indicated), including TCP-AO.</t> <sectiontitle="HMAC-SHA-1-96 (defaultanchor="sect-4.1" numbered="true" toc="default"> <name>HMAC-SHA-1-96 (Default -coversCovers TCPoptions)" anchor="sect-4.1"><section title="Send (client)Options)</name> <section anchor="sect-4.1.1" numbered="true" toc="default"> <name>Send (Client) SYN(covers options)" anchor="sect-4.1.1"> <figure><artwork><![CDATA[(Covers Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Client ISN = 0xfbfbab5a Send_SYN_traffic_key: 6d 63 ef 1b 02 fe 15 09 d4 b1 40 27 07 fd 7b 04 16 ab b7 4f IPv4/TCP: 45 e0 00 4c dd 0f 40 00 ff 06 bf 6b 0a 0b 0c 0d ac 1b 1c 1d e9 d7 00 b3 fb fb ab 5a 00 00 00 00 e0 02 ff ff ca c4 00 00 02 04 05 b4 01 03 03 08 04 02 08 0a 00 15 5a b7 00 00 00 00 1d 10 3d 54 2e e4 37 c6 f8 ed e6 d7 c4 d6 02 e7 MAC: 2e e4 37 c6 f8 ed e6 d7 c4 d6 02 e7]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Receive (server)anchor="sect-4.1.2" numbered="true" toc="default"> <name>Receive (Server) SYN-ACK(covers options)" anchor="sect-4.1.2"> <figure><artwork><![CDATA[(Covers Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Server ISN = 0x11c14261 Receive_SYN_traffic_key: d9 e2 17 e4 83 4a 80 ca 2f 3f d8 de 2e 41 b8 e6 79 7f ea 96 IPv4/TCP: 45 e0 00 4c 65 06 40 00 ff 06 37 75 ac 1b 1c 1d 0a 0b 0c 0d 00 b3 e9 d7 11 c1 42 61 fb fb ab 5b e0 12 ff ff 37 76 00 00 02 04 05 b4 01 03 03 08 04 02 08 0a 84 a5 0b eb 00 15 5a b7 1d 10 54 3d ee ab 0f e2 4c 30 10 81 51 16 b3 be MAC: ee ab 0f e2 4c 30 10 81 51 16 b3 be]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Send (client) non-SYN (covers options)" anchor="sect-4.1.3"> <figure><artwork><![CDATA[anchor="sect-4.1.3" numbered="true" toc="default"> <name>Send (Client) Non-SYN (Covers Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Send_other_traffic_key: d2 e5 9c 65 ff c7 b1 a3 93 47 65 64 63 b7 0e dc 24 a1 3d 71 IPv4/TCP: 45 e0 00 87 36 a1 40 00 ff 06 65 9f 0a 0b 0c 0d ac 1b 1c 1d e9 d7 00 b3 fb fb ab 5b 11 c1 42 62 c0 18 01 04 a1 62 00 00 01 01 08 0a 00 15 5a c1 84 a5 0b eb 1d 10 3d 54 70 64 cf 99 8c c6 c3 15 c2 c2 e2 bf ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 43 01 04 da bf 00 b4 0a 0b 0c 0d 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 06 00 64 00 01 01 00 MAC: 70 64 cf 99 8c c6 c3 15 c2 c2 e2 bf]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Receive (server) non-SYN (covers options)" anchor="sect-4.1.4"> <figure><artwork><![CDATA[anchor="sect-4.1.4" numbered="true" toc="default"> <name>Receive (Server) Non-SYN (Covers Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Receive_other_traffic_key: d9 e2 17 e4 83 4a 80 ca 2f 3f d8 de 2e 41 b8 e6 79 7f ea 96 IPv4/TCP: 45 e0 00 87 1f a9 40 00 ff 06 7c 97 ac 1b 1c 1d 0a 0b 0c 0d 00 b3 e9 d7 11 c1 42 62 fb fb ab 9e c0 18 01 00 40 0c 00 00 01 01 08 0a 84 a5 0b f5 00 15 5a c1 1d 10 54 3d a6 3f 0e cb bb 2e 63 5c 95 4d ea c7 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 43 01 04 da c0 00 b4 ac 1b 1c 1d 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 da c0 02 08 40 06 00 64 00 01 01 00 MAC: a6 3f 0e cb bb 2e 63 5c 95 4d ea c7]]></artwork></figure>]]></sourcecode> </section> </section> <sectiontitle="HMAC-SHA-1-96 (omitsanchor="sect-4.2" numbered="true" toc="default"> <name>HMAC-SHA-1-96 (Omits TCPoptions)" anchor="sect-4.2"><section title="Send (client)Options)</name> <section anchor="sect-4.2.1" numbered="true" toc="default"> <name>Send (Client) SYN(omits options)" anchor="sect-4.2.1"> <figure><artwork><![CDATA[(Omits Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Client ISN = 0xcb0efbee Send_SYN_traffic_key: 30 ea a1 56 0c f0 be 57 da b5 c0 45 22 9f b1 0a 42 3c d7 ea IPv4/TCP: 45 e0 00 4c 53 99 40 00 ff 06 48 e2 0a 0b 0c 0d ac 1b 1c 1d ff 12 00 b3 cb 0e fb ee 00 00 00 00 e0 02 ff ff 54 1f 00 00 02 04 05 b4 01 03 03 08 04 02 08 0a 00 02 4c ce 00 00 00 00 1d 10 3d 54 80 af 3c fe b8 53 68 93 7b 8f 9e c2 MAC: 80 af 3c fe b8 53 68 93 7b 8f 9e c2]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Receive (server)anchor="sect-4.2.2" numbered="true" toc="default"> <name>Receive (Server) SYN-ACK(omits options)" anchor="sect-4.2.2"> <figure><artwork><![CDATA[(Omits Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Server ISN = 0xacd5b5e1 Receive_SYN_traffic_key: b5 b2 89 6b b3 66 4e 81 76 b0 ed c6 e7 99 52 41a 01 a8 30 7f IPv4/TCP: 45 e0 00 4c 32 84 40 00 ff 06 69 f7 ac 1b 1c 1d 0a 0b 0c 0d 00 b3 ff 12 ac d5 b5 e1 cb 0e fb ef e0 12 ff ff 38 8e 00 00 02 04 05 b4 01 03 03 08 04 02 08 0a 57 67 72 f3 00 02 4c ce 1d 10 54 3d 09 30 6f 9a ce a6 3a 8c 68 cb 9a 70 MAC: 09 30 6f 9a ce a6 3a 8c 68 cb 9a 70]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Send (client) non-SYN (omits options)" anchor="sect-4.2.3"> <figure><artwork><![CDATA[anchor="sect-4.2.3" numbered="true" toc="default"> <name>Send (Client) Non-SYN (Omits Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Send_other_traffic_key: f3 db 17 93 d7 91 0e cd 80 6c 34 f1 55 ea 1f 00 34 59 53 e3 IPv4/TCP: 45 e0 00 87 a8 f5 40 00 ff 06 f3 4a 0a 0b 0c 0d ac 1b 1c 1d ff 12 00 b3 cb 0e fb ef ac d5 b5 e2 c0 18 01 04 6c 45 00 00 01 01 08 0a 00 02 4c ce 57 67 72 f3 1d 10 3d 54 71 06 08 cc 69 6c 03 a2 71 c9 3a a5 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 43 01 04 da bf 00 b4 0a 0b 0c 0d 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 06 00 64 00 01 01 00 MAC: 71 06 08 cc 69 6c 03 a2 71 c9 3a a5]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Receive (server) non-SYN (omits options)" anchor="sect-4.2.4"> <figure><artwork><![CDATA[anchor="sect-4.2.4" numbered="true" toc="default"> <name>Receive (Server) Non-SYN (Omits Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Receive_other_traffic_key: b5 b2 89 6b b3 66 4e 81 76 b0 ed c6 e7 99 52 41 01 a8 30 7f IPv4/TCP: 45 e0 00 87 54 37 40 00 ff 06 48 09 ac 1b 1c 1d 0a 0b 0c 0d 00 b3 ff 12 ac d5 b5 e2 cb 0e fc 32 c0 18 01 00 46 b6 00 00 01 01 08 0a 57 67 72 f3 00 02 4c ce 1d 10 54 3d 97 76 6e 48 ac 26 2d e9 ae 61 b4 f9 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 43 01 04 da c0 00 b4 ac 1b 1c 1d 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 da c0 02 08 40 06 00 64 00 01 01 00 MAC: 97 76 6e 48 ac 26 2d e9 ae 61 b4 f9]]></artwork></figure>]]></sourcecode> </section> </section> </section> <sectiontitle="IPv4anchor="sect-5" numbered="true" toc="default"> <name>IPv4 AES-128 Output TestVectors" anchor="sect-5"><t>Vectors</name> <t> The AES-128 KDF and MAC algorithms, KDF_AES_128_CMAC andAES-128- CMAC-96,AES-128-CMAC-96, are computed as specified for TCP-AO <xreftarget="RFC5926"/>.</t>target="RFC5926" format="default"/>.</t> <t> In the following sections, all values are indicated as 2-digit hexadecimal values with spacing per line representing the contents of 16 consecutive bytes, as is typical for data dumps. The IP/TCP data indicates the entire IP packet, including the TCP segment and its options (whether covered by TCP-AO or not, as indicated), including TCP-AO.</t> <sectiontitle="AES-128-CMAC-96 (defaultanchor="sect-5.1" numbered="true" toc="default"> <name>AES-128-CMAC-96 (Default -coversCovers TCPoptions)" anchor="sect-5.1"><section title="Send (client)Options)</name> <section anchor="sect-5.1.1" numbered="true" toc="default"> <name>Send (Client) SYN(covers options)" anchor="sect-5.1.1"> <figure><artwork><![CDATA[(Covers Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Client ISN = 0x787a1ddf Send_SYN_traffic_key: f5 b8 b3 d5 f3 4f db b6 eb 8d 4a b9 66 0e 60 e3 IP/TCP: 45 e0 00 4c 7b 9f 40 00 ff 06 20 dc 0a 0b 0c 0d ac 1b 1c 1d c4 fa 00 b3 78 7a 1d df 00 00 00 00 e0 02 ff ff 5a 0f 00 00 02 04 05 b4 01 03 03 08 04 02 08 0a 00 01 7e d0 00 00 00 00 1d 10 3d 54 e4 77 e9 9c 80 40 76 54 98 e5 50 91 MAC: e4 77 e9 9c 80 40 76 54 98 e5 50 91]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Receive (server)anchor="sect-5.1.2" numbered="true" toc="default"> <name>Receive (Server) SYN-ACK(covers options)" anchor="sect-5.1.2"> <figure><artwork><![CDATA[(Covers Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Server ISN = 0xfadd6de9 Receive_SYN_traffic_key: 4b c7 57 1a 48 6f 32 64 bb d8 88 47 40 66 b4 b1 IPv4/TCP: 45 e0 00 4c 4b ad 40 00 ff 06 50 ce ac 1b 1c 1d 0a 0b 0c 0d 00 b3 c4 fa fa dd 6d e9 78 7a 1d e0 e0 12 ff ff f3 f2 00 00 02 04 05 b4 01 03 03 08 04 02 08 0a 93 f4 e9 e8 00 01 7e d0 1d 10 54 3d d6 ad a7 bc 4c dd 53 6d 17 69 db 5f MAC: d6 ad a7 bc 4c dd 53 6d 17 69 db 5f]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Send (client) non-SYN (covers options)" anchor="sect-5.1.3"> <figure><artwork><![CDATA[anchor="sect-5.1.3" numbered="true" toc="default"> <name>Send (Client) Non-SYN (Covers Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Send_other_traffic_key: 8c 8a e0 e8 37 1e c5 cb b9 7e a7 9d 90 41 83 91 IPv4/TCP: 45 e0 00 87 fb 4f 40 00 ff 06 a0 f0 0a 0b 0c 0d ac 1b 1c 1d c4 fa 00 b3 78 7a 1d e0 fa dd 6d ea c0 18 01 04 95 05 00 00 01 01 08 0a 00 01 7e d0 93 f4 e9 e8 1d 10 3d 54 77 41 27 42 fa 4d c4 33 ef f0 97 3e ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 43 01 04 da bf 00 b4 0a 0b 0c 0d 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 06 00 64 00 01 01 00 MAC: 77 41 27 42 fa 4d c4 33 ef f0 97 3e]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Receive (server) non-SYN (covers options)" anchor="sect-5.1.4"> <figure><artwork><![CDATA[anchor="sect-5.1.4" numbered="true" toc="default"> <name>Receive (Server) Non-SYN (Covers Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Receive_other_traffic_key: 4b c7 57 1a 48 6f 32 64 bb d8 88 47 40 66 b4 b1 IPv4/TCP: 45 e0 00 87 b9 14 40 00 ff 06 e3 2b ac 1b 1c 1d 0a 0b 0c 0d 00 b3 c4 fa fa dd 6d ea 78 7a 1e 23 c0 18 01 00 e7 db 00 00 01 01 08 0a 93 f4 e9 e8 00 01 7e d0 1d 10 54 3d f6 d9 65 a7 83 82 a7 48 45 f7 2d ac ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 43 01 04 da c0 00 b4 ac 1b 1c 1d 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 da c0 02 08 40 06 00 64 00 01 01 00 MAC: f6 d9 65 a7 83 82 a7 48 45 f7 2d ac]]></artwork></figure>]]></sourcecode> </section> </section> <sectiontitle="AES-128-CMAC-96 (omitsanchor="sect-5.2" numbered="true" toc="default"> <name>AES-128-CMAC-96 (Omits TCPoptions)" anchor="sect-5.2"><section title="Send (client)Options)</name> <section anchor="sect-5.2.1" numbered="true" toc="default"> <name>Send (Client) SYN(omits options)" anchor="sect-5.2.1"> <figure><artwork><![CDATA[(Omits Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Client ISN = 0x389bed71 Send_SYN_traffic_key: 2c db ae 13 92 c4 94 49 fa 92 c4 50 97 35 d5 0e IPv4/TCP: 45 e0 00 4c f2 2e 40 00 ff 06 aa 4c 0a 0b 0c 0d ac 1b 1c 1d da 1c 00 b3 38 9b ed 71 00 00 00 00 e0 02 ff ff 70 bf 00 00 02 04 05 b4 01 03 03 08 04 02 08 0a 00 01 85 e1 00 00 00 00 1d 10 3d 54 c4 4e 60 cb 31 f7 c0 b1 de 3d 27 49 MAC: c4 4e 60 cb 31 f7 c0 b1 de 3d 27 49]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Receive (server)anchor="sect-5.2.2" numbered="true" toc="default"> <name>Receive (Server) SYN-ACK(omits options)" anchor="sect-5.2.2"> <figure><artwork><![CDATA[(Omits Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Server ISN = 0xd3844a6f Receive_SYN_traffic_key: 3c e6 7a 55 18 69 50 6b 63 47 b6 33 c5 0a 62 4a IPv4/TCP: 45 e0 00 4c 6c c0 40 00 ff 06 2f bb ac 1b 1c 1d 0a 0b 0c 0d 00 b3 da 1c d3 84 4a 6f 38 9b ed 72 e0 12 ff ff e4 45 00 00 02 04 05 b4 01 03 03 08 04 02 08 0a ce 45 98 38 00 01 85 e1 1d 10 54 3d 3a 6a bb 20 7e 49 b1 be 71 36 db 90 MAC: 3a 6a bb 20 7e 49 b1 be 71 36 db 90]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Send (client) non-SYN (omits options)" anchor="sect-5.2.3"> <figure><artwork><![CDATA[anchor="sect-5.2.3" numbered="true" toc="default"> <name>Send (Client) Non-SYN (Omits Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Send_other_traffic_key: 03 5b c4 00 a3 41 ff e5 95 f5 9f 58 00 50 06 ca IPv4/TCP: 45 e0 00 87 ee 91 40 00 ff 06 ad ae 0a 0b 0c 0d ac 1b 1c 1d da 1c 00 b3 38 9b ed 72 d3 84 4a 70 c0 18 01 04 88 51 00 00 01 01 08 0a 00 01 85 e1 ce 45 98 38 1d 10 3d 54 75 85 e9 e9 d5 c3 ec 85 7b 96 f8 37 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 43 01 04 da bf 00 b4 0a 0b 0c 0d 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 06 00 64 00 01 01 00 MAC: 75 85 e9 e9 d5 c3 ec 85 7b 96 f8 37]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Receive (server) non-SYN (omits options)" anchor="sect-5.2.4"> <figure><artwork><![CDATA[anchor="sect-5.2.4" numbered="true" toc="default"> <name>Receive (Server) Non-SYN (Omits Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Receive_other_traffic_key: 3c e6 7a 55 18 69 50 6b 63 47 b6 33 c5 0a 62 4a IPv4/TCP: 45 e0 00 87 6a 21 40 00 ff 06 32 1f ac 1b 1c 1d 0a 0b 0c 0d 00 b3 da 1c d3 84 4a 70 38 9b ed 72 c0 18 01 00 04 49 00 00 01 01 08 0a ce 45 98 38 00 01 85 e1 1d 10 54 3d 5c 04 0f d9 23 33 04 76 5c 09 82 f4 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 43 01 04 da c0 00 b4 ac 1b 1c 1d 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 da c0 02 08 40 06 00 64 00 01 01 00 MAC: 5c 04 0f d9 23 33 04 76 5c 09 82 f4]]></artwork></figure>]]></sourcecode> </section> </section> </section> <sectiontitle="IPv6anchor="sect-6" numbered="true" toc="default"> <name>IPv6 SHA-1 Output TestVectors" anchor="sect-6"><t>Vectors</name> <t keepWithNext="true"> The SHA-1 KDF and MAC algorithms, KDF_HMAC_SHA1 and HMAC-SHA-1-96, are computed as specified for TCP-AO <xreftarget="RFC5926"/>.</t>target="RFC5926" format="default"/>.</t> <sectiontitle="HMAC-SHA-1-96 (defaultanchor="sect-6.1" numbered="true" toc="default"> <name>HMAC-SHA-1-96 (Default -coversCovers TCPoptions)" anchor="sect-6.1"><section title="Send (client)Options)</name> <section anchor="sect-6.1.1" numbered="true" toc="default"> <name>Send (Client) SYN(covers options)" anchor="sect-6.1.1"> <figure><artwork><![CDATA[(Covers Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Client ISN = 0x176a833f Send_SYN_traffic_key: 62 5e c0 9d 57 58 36 ed c9 b6 42 84 18 bb f0 69 89 a3 61 bb IPv6/TCP: 6e 08 91 dc 00 38 06 40 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 f7 e4 00 b3 17 6a 83 3f 00 00 00 00 e0 02 ff ff 47 21 00 00 02 04 05 a0 01 03 03 08 04 02 08 0a 00 41 d0 87 00 00 00 00 1d 10 3d 54 90 33 ec 3d 73 34 b6 4c 5e dd 03 9f MAC: 90 33 ec 3d 73 34 b6 4c 5e dd 03 9f]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Receive (server)anchor="sect-6.1.2" numbered="true" toc="default"> <name>Receive (Server) SYN-ACK(covers options)" anchor="sect-6.1.2"> <figure><artwork><![CDATA[(Covers Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Server ISN = 0x3f51994b Receive_SYN_traffic_key: e4 a3 7a da 2a 0a fc a8 71 14 34 91 3f e1 38 c7 71 eb cb 4a IPv6/TCP: 6e 01 00 9e 00 38 06 40 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b3 f7 e4 3f 51 99 4b 17 6a 83 40 e0 12 ff ff bf ec 00 00 02 04 05 a0 01 03 03 08 04 02 08 0a bd 33 12 9b 00 41 d0 87 1d 10 54 3d f1 cb a3 46 c3 52 61 63 f7 1f 1f 55 MAC: f1 cb a3 46 c3 52 61 63 f7 1f 1f 55]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Send (client) non-SYN (covers options)" anchor="sect-6.1.3"> <figure><artwork><![CDATA[anchor="sect-6.1.3" numbered="true" toc="default"> <name>Send (Client) Non-SYN (Covers Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Send_other_traffic_key: 1e d8 29 75 f4 ea 44 4c 61 58 0c 5b d9 0d bd 61 bb c9 1b 7e IPv6/TCP: 6e 08 91 dc 00 73 06 40 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 f7 e4 00 b3 17 6a 83 40 3f 51 99 4c c0 18 01 00 32 9c 00 00 01 01 08 0a 00 41 d0 91 bd 33 12 9b 1d 10 3d 54 bf 08 05 fe b4 ac 7b 16 3d 6f cd f2 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 01 01 01 79 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd e8 02 08 40 06 00 64 00 01 01 00 MAC: bf 08 05 fe b4 ac 7b 16 3d 6f cd f2]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Receive (server) non-SYN (covers options)" anchor="sect-6.1.4"> <figure><artwork><![CDATA[anchor="sect-6.1.4" numbered="true" toc="default"> <name>Receive (Server) Non-SYN (Covers Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Receive_other_traffic_key: e4 a3 7a da 2a 0a fc a8 71 14 34 91 3f e1 38 c7 71 eb cb 4a IPv6/TCP: 6e 01 00 9e 00 73 06 40 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b3 f7 e4 3f 51 99 4c 17 6a 83 83 c0 18 01 00 ee 6e 00 00 01 01 08 0a bd 33 12 a5 00 41 d0 91 1d 10 54 3d 6c 48 12 5c 11 33 5b ab 9a 07 a7 97 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 01 01 01 7a 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd e8 02 08 40 06 00 64 00 01 01 00 MAC: 6c 48 12 5c 11 33 5b ab 9a 07 a7 97]]></artwork></figure>]]></sourcecode> </section> </section> <sectiontitle="HMAC-SHA-1-96 (omitsanchor="sect-6.2" numbered="true" toc="default"> <name>HMAC-SHA-1-96 (Omits TCPoptions)" anchor="sect-6.2"><section title="Send (client)Options)</name> <section anchor="sect-6.2.1" numbered="true" toc="default"> <name>Send (Client) SYN(omits options)" anchor="sect-6.2.1"> <figure><artwork><![CDATA[(Omits Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Client ISN = 0x020c1e69 Send_SYN_traffic_key: 31 a3 fa f6 9e ff ae 52 93 1b 7f 84 54 67 31 5c 27 0a 4e dc IPv6/TCP: 6e 07 8f cd 00 38 06 40 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 c6 cd 00 b3 02 0c 1e 69 00 00 00 00 e0 02 ff ff a4 1a 00 00 02 04 05 a0 01 03 03 08 04 02 08 0a 00 9d b9 5b 00 00 00 00 1d 10 3d 54 88 56 98 b0 53 0e d4 d5 a1 5f 83 46 MAC: 88 56 98 b0 53 0e d4 d5 a1 5f 83 46]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Receive (server)anchor="sect-6.2.2" numbered="true" toc="default"> <name>Receive (Server) SYN-ACK(omits options)" anchor="sect-6.2.2"> <figure><artwork><![CDATA[(Omits Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Server ISN = 0xeba3734d Receive_SYN_traffic_key: 40 51 08 94 7f 99 65 75 e7 bd bc 26 d4 02 16 a2 c7 fa 91 bd IPv6/TCP: 6e 0a 7e 1f 00 38 06 40 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b3 c6 cd eb a3 73 4d 02 0c 1e 6a e0 12 ff ff 77 4d 00 00 02 04 05 a0 01 03 03 08 04 02 08 0a 5e c9 9b 70 00 9d b9 5b 1d 10 54 3d 3c 54 6b ad 97 43 f1 2d f8 b8 01 0d MAC: 3c 54 6b ad 97 43 f1 2d f8 b8 01 0d]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Send (client) non-SYN (omits options)" anchor="sect-6.2.3"> <figure><artwork><![CDATA[anchor="sect-6.2.3" numbered="true" toc="default"> <name>Send (Client) Non-SYN (Omits Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Send_other_traffic_key: b3 4e ed 6a 93 96 a6 69 f1 c4 f4 f5 76 18 f3 65 6f 52 c7 ab IPv6/TCP: 6e 07 8f cd 00 73 06 40 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 c6 cd 00 b3 02 0c 1e 6a eb a3 73 4e c0 18 01 00 83 e6 00 00 01 01 08 0a 00 9d b9 65 5e c9 9b 70 1d 10 3d 54 48 bd 09 3b 19 24 e0 01 19 2f 5b f0 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 01 01 01 79 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd e8 02 08 40 06 00 64 00 01 01 00 MAC: 48 bd 09 3b 19 24 e0 01 19 2f 5b f0]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Receive (server) non-SYN (omits options)" anchor="sect-6.2.4"> <figure><artwork><![CDATA[anchor="sect-6.2.4" numbered="true" toc="default"> <name>Receive (Server) Non-SYN (Omits Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Receive_other_traffic_key: 40 51 08 94 7f 99 65 75 e7 bd bc 26 d4 02 16 a2 c7 fa 91 bd IPv6/TCP: 6e 0a 7e 1f 00 73 06 40 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b3 c6 cd eb a3 73 4e 02 0c 1e ad c0 18 01 00 71 6a 00 00 01 01 08 0a 5e c9 9b 7a 00 9d b9 65 1d 10 54 3d 55 9a 81 94 45 b4 fd e9 8d 9e 13 17 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 01 01 01 7a 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd e8 02 08 40 06 00 64 00 01 01 00 MAC: 55 9a 81 94 45 b4 fd e9 8d 9e 13 17]]></artwork></figure>]]></sourcecode> </section> </section> </section> <sectiontitle="IPv6anchor="sect-7" numbered="true" toc="default"> <name>IPv6 AES-128 Output TestVectors" anchor="sect-7"><t>Vectors</name> <t keepWithNext="true"> The AES-128 KDF and MAC algorithms, KDF_AES_128_CMAC andAES-128- CMAC-96,AES-128-CMAC-96, are computed as specified for TCP-AO <xreftarget="RFC5926"/>.</t>target="RFC5926" format="default"/>.</t> <sectiontitle="AES-128-CMAC-96 (defaultanchor="sect-7.1" numbered="true" toc="default"> <name>AES-128-CMAC-96 (Default -coversCovers TCPoptions)" anchor="sect-7.1"><section title="Send (client)Options)</name> <section anchor="sect-7.1.1" numbered="true" toc="default"> <name>Send (Client) SYN(covers options)" anchor="sect-7.1.1"> <figure><artwork><![CDATA[(Covers Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Client ISN = 0x193cccec Send_SYN_traffic_key: fa 5a 21 08 88 2d 39 d0 c7 19 29 17 5a b1 b7 b8 IP/TCP: 6e 04 a7 06 00 38 06 40 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 f8 5a 00 b3 19 3c cc ec 00 00 00 00 e0 02 ff ff de 5d 00 00 02 04 05 a0 01 03 03 08 04 02 08 0a 13 e4 ab 99 00 00 00 00 1d 10 3d 54 59 b5 88 10 74 81 ac 6d c3 92 70 40 MAC: 59 b5 88 10 74 81 ac 6d c3 92 70 40]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Receive (server)anchor="sect-7.1.2" numbered="true" toc="default"> <name>Receive (Server) SYN-ACK(covers options)" anchor="sect-7.1.2"> <figure><artwork><![CDATA[(Covers Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Server ISN = 0xa6744ecb Receive_SYN_traffic_key: cf 1b 1e 22 5e 06 a6 36 16 76 4a 06 7b 46 f4 b1 IPv6/TCP: 6e 06 15 20 00 38 06 40 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b3 f8 5a a6 74 4e cb 19 3c cc ed e0 12 ff ff ea bb 00 00 02 04 05 a0 01 03 03 08 04 02 08 0a 71 da ab c8 13 e4 ab 99 1d 10 54 3d dc 28 43 a8 4e 78 a6 bc fd c5 ed 80 MAC: dc 28 43 a8 4e 78 a6 bc fd c5 ed 80]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Send (client) non-SYN (covers options)" anchor="sect-7.1.3"> <figure><artwork><![CDATA[anchor="sect-7.1.3" numbered="true" toc="default"> <name>Send (Client) Non-SYN (Covers Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Send_other_traffic_key: 61 74 c3 55 7a be d2 75 74 db a3 71 85 f0 03 00 IPv6/TCP: 6e 04 a7 06 00 73 06 40 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 f8 5a 00 b3 19 3c cc ed a6 74 4e cc c0 18 01 00 32 80 00 00 01 01 08 0a 13 e4 ab a3 71 da ab c8 1d 10 3d 54 7b 6a 45 5c 0d 4f 5f 01 83 5b aa b3 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 01 01 01 79 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd e8 02 08 40 06 00 64 00 01 01 00 MAC: 7b 6a 45 5c 0d 4f 5f 01 83 5b aa b3]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Receive (server) non-SYN (covers options)" anchor="sect-7.1.4"> <figure><artwork><![CDATA[anchor="sect-7.1.4" numbered="true" toc="default"> <name>Receive (Server) Non-SYN (Covers Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Receive_other_traffic_key: cf 1b 1e 22 5e 06 a6 36 16 76 4a 06 7b 46 f4 b1 IPv6/TCP: 6e 06 15 20 00 73 06 40 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b3 f8 5a a6 74 4e cc 19 3c cd 30 c0 18 01 00 52 f4 00 00 01 01 08 0a 71 da ab d3 13 e4 ab a3 1d 10 54 3d c1 06 9b 7d fd 3d 69 3a 6d f3 f2 89 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 01 01 01 7a 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd e8 02 08 40 06 00 64 00 01 01 00 MAC: c1 06 9b 7d fd 3d 69 3a 6d f3 f2 89]]></artwork></figure>]]></sourcecode> </section> </section> <sectiontitle="AES-128-CMAC-96 (omitsanchor="sect-7.2" numbered="true" toc="default"> <name>AES-128-CMAC-96 (Omits TCPoptions)" anchor="sect-7.2"><section title="Send (client)Options)</name> <section anchor="sect-7.2.1" numbered="true" toc="default"> <name>Send (Client) SYN(omits options)" anchor="sect-7.2.1"> <figure><artwork><![CDATA[(Omits Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Client ISN = 0xb01da74a Send_SYN_traffic_key: a9 4f 51 12 63 e4 09 3d 35 dd 81 8c 13 bb bf 53 IPv6/TCP: 6e 09 3d 76 00 38 06 40 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 f2 88 00 b3 b0 1d a7 4a 00 00 00 00 e0 02 ff ff 75 ff 00 00 02 04 05 a0 01 03 03 08 04 02 08 0a 14 27 5b 3b 00 00 00 00 1d 10 3d 54 3d 45 b4 34 2d e8 bb 15 30 84 78 98 MAC: 3d 45 b4 34 2d e8 bb 15 30 84 78 98]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Receive (server)anchor="sect-7.2.2" numbered="true" toc="default"> <name>Receive (Server) SYN-ACK(omits options)" anchor="sect-7.2.2"> <figure><artwork><![CDATA[(Omits Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Server ISN = 0xa6246145 Receive_SYN_traffic_key: 92 de a5 bb c7 8b 1d 9f 5b 29 52 e9 cd 30 64 2a IPv6/TCP: 6e 0c 60 0a 00 38 06 40 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b3 f2 88 a6 24 61 45 b0 1d a7 4b e0 12 ff ff a7 0c 00 00 02 04 05 a0 01 03 03 08 04 02 08 0a 17 82 24 5b 14 27 5b 3b 1d 10 54 3d 1d 01 f6 c8 7c 6f 93 ac ff a9 d4 b5 MAC: 1d 01 f6 c8 7c 6f 93 ac ff a9 d4 b5]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Send (client) non-SYN (omits options)" anchor="sect-7.2.3"> <figure><artwork><![CDATA[anchor="sect-7.2.3" numbered="true" toc="default"> <name>Send (Client) Non-SYN (Omits Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Send_other_traffic_key: 4f b2 08 6e 40 2c 67 90 79 ed 65 d4 bf 97 69 3d IPv6/TCP: 6e 09 3d 76 00 73 06 40 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 f2 88 00 b3 b0 1d a7 4b a6 24 61 46 c0 18 01 00 c3 6d 00 00 01 01 08 0a 14 27 5b 4f 17 82 24 5b 1d 10 3d 54 29 0c f4 14 cc b4 7a 33 32 76 e7 f8 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 01 01 01 79 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd e8 02 08 40 06 00 64 00 01 01 00 MAC: 29 0c f4 14 cc b4 7a 33 32 76 e7 f8]]></artwork></figure>]]></sourcecode> </section> <sectiontitle="Receive (server) non-SYN (omits options)" anchor="sect-7.2.4"> <figure><artwork><![CDATA[anchor="sect-7.2.4" numbered="true" toc="default"> <name>Receive (Server) Non-SYN (Omits Options)</name> <sourcecode type="tcp-ao-test-vectors"><![CDATA[ Receive_other_traffic_key: 92 de a5 bb c7 8b 1d 9f 5b 29 52 e9 cd 30 64 2a IPv6/TCP: 6e 0c 60 0a 00 73 06 40 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b3 f2 88 a6 24 61 46 b0 1d a7 8e c0 18 01 00 34 51 00 00 01 01 08 0a 17 82 24 65 14 27 5b 4f 1d 10 54 3d 99 51 5f fc d5 40 34 99 f6 19 fd 1b ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 01 01 01 7a 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd e8 02 08 40 06 00 64 00 01 01 00 MAC: 99 51 5f fc d5 40 34 99 f6 19 fd 1b]]></artwork></figure>]]></sourcecode> </section> </section> </section> <sectiontitle="Observedanchor="sect-8" numbered="true" toc="default"> <name>Observed ImplementationErrors" anchor="sect-8"><t>Errors</name> <t keepWithNext="true"> The following is a partial list of implementation errors that this set of test vectors is intended to validate.</t> <sectiontitle="Algorithm issues" anchor="sect-8.1"><t><list style="symbols"><t>Underlyinganchor="sect-8.1" numbered="true" toc="default"> <name>Algorithm Issues</name> <ul spacing="normal"> <li>The underlying implementation of HMAC-SHA-1-96 or AES-128-CMAC-96 does not pass their corresponding test vectors <xreftarget="RFC2202"/>target="RFC2202" format="default"/> <xreftarget="RFC4493"/></t> <t>Thetarget="RFC4493" format="default"/>.</li> <li>The SNE algorithm does not consider corner cases, possibly because the pseudocode in <xreftarget="RFC5925"/>target="RFC5925" format="default"/> was not intended as complete, as discussed in <xreftarget="RFC9187"/>,target="RFC9187" format="default"/>, the latter of which includes its own validationsequence.</t> </list> </t>sequence.</li> </ul> </section> <sectiontitle="Algorithm parameters" anchor="sect-8.2"><t><list style="symbols"><t>KDFanchor="sect-8.2" numbered="true" toc="default"> <name>Algorithm Parameters</name> <ul spacing="normal"> <li>KDF context length is incorrect, e.g., it does not include TCP header length + payload length (it should, per5.2 of TCP-AO<xreftarget="RFC5925"/>)</t> <t>KDFtarget="RFC5925" section="5.2" sectionFormat="of">TCP-AO</xref>).</li> <li>KDF calculation does not start from counter i = 1 (it should, perSec. 3.1.1 of the TCP-AO crypto algorithms<xreftarget="RFC5926"/>)</t> <t>KDFtarget="RFC5926" sectionFormat="of" section="3.1.1">TCP-AO crypto algorithms</xref>).</li> <li>KDF calculation does not include output length in bits, contained in two bytes in network byte order (it should, perSec. 3.1.1 of the<xref target="RFC5926" sectionFormat="of" section="3.1.1">the TCP-AO cryptoalgorithms <xref target="RFC5926"/>)</t> <t>KDFalgorithms</xref>).</li> <li>KDF uses keys generated from current TCP segment sequence numbers (KDF should use only local and remote ISNs or zero, as indicated inSec. 5.2 of TCP-AO<xreftarget="RFC5925"/>)</t> </list> </t>target="RFC5925" sectionFormat="of" section ="5.2">TCP-AO</xref>).</li> </ul> </section> <sectiontitle="String handling issues" anchor="sect-8.3"><t>anchor="sect-8.3" numbered="true" toc="default"> <name>String Handling Issues</name> <t> The strings indicated in TCP-AO and its algorithms are indicated as a sequence of bytes of known length. In some implementations, string lengths are indicated by a terminal value (e.g., zero in C). This terminal value is not included as part of the string for calculations.</t><t><list style="symbols"><t>Password<ul spacing="normal"> <li>The password includes the last zero-byte (it shouldnot)</t> <t>Labelnot).</li> <li>The label "TCP-AO" includes the last zero byte (it shouldnot)</t> </list> </t>not).</li> </ul> </section> <sectiontitle="Header coverage issues" anchor="sect-8.4"><t><list style="symbols"><t>TCPanchor="sect-8.4" numbered="true" toc="default"> <name>Header Coverage Issues</name> <ul spacing="normal"> <li>TCP checksum and/or MAC is not zeroed properly before calculation (both shouldbe)</t> <t>TCPbe).</li> <li>TCP header is not included in the MAC calculation (it shouldbe)</t> <t>TCPbe).</li> <li>TCP options are not included in the MAC calculation bydefault.</t> </list> </t>default.</li> </ul> <t> There is a separate parameter in the Master Key Tuple (MKT) <xreftarget="RFC5925"/>target="RFC5925" format="default"/> to ignore options; this document provides test vectors for both options-included and options-excluded cases.</t> </section> </section> <sectiontitle="Security Considerations" anchor="sect-9"><t>anchor="sect-9" numbered="true" toc="default"> <name>Security Considerations</name> <t> This document is intended to assist in the validation of implementations ofTCP-AO,TCP-AO to further enable its more widespread use as a security mechanism to authenticate not only TCP payload contents but the TCP headers and protocol.</t> <t> The Master_Key of "testvector" used here for test vector generationSHOULD NOT<bcp14>SHOULD NOT</bcp14> be used operationally.</t> </section> <sectiontitle="IANA Considerations" anchor="sect-10"><t> Thisanchor="sect-10" numbered="true" toc="default"> <name>IANA Considerations</name> <t>This documentcontainshas no IANAissues. This section should be removed upon publication as an RFC.</t>actions.</t> </section> </middle> <back><references title="Normative References"> &RFC0791; &RFC0793; &RFC2018; &RFC2119; &RFC5925; &RFC5926; &RFC6978; &RFC7323; &RFC8174; &RFC8200;<references> <name>References</name> <references> <name>Normative References</name> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.0791.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.0793.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2018.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5925.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5926.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6978.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7323.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8200.xml"/> </references> <references> <name>Informative References</name> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2202.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4493.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.9187.xml"/> </references><references title="Informative References"> &RFC2202; &RFC4493; &RFC9187;</references> <sectiontitle="Acknowledgments" anchor="sect-12"><t> This document was prepared using 2-Word-v2.0.template.dot.</t>anchor="sect-12" numbered="false" toc="default"> <name>Acknowledgments</name> <t>This workbenefittedbenefited from feedback fromRuss Housley<contact fullname="Russ Housley"/> andMichael Scharf,<contact fullname="Michael Scharf"/> as well as discussions on the IETF TCPM email list and with the IESG.</t> <t>This document was initially prepared using 2-Word-v2.0.template.dot.</t> </section> </back> <!-- [rfced] Please review the "Inclusive Language" portion of the online Style Guide <https://www.rfc-editor.org/styleguide/part2/#inclusive_language> and let us know if any changes are needed. For example, please consider whether "master" should be updated. --> </rfc>