#
# Configured ciphers
#
-# The "name" is unique name to the cipher. The "module" option can be either
-# absolute or relative to the "module_path", and it defines where the cipher
-# module is found. If omitted the built-in cipher is used. The "keylength"
-# defines the length of the key (bytes), and the "blocklength" defines the
-# block size of the cipher (bytes).
+# The "name" is unique name to the cipher. The "keylength" defines the
+# length of the key (bytes), and the "blocklength" defines the block size
+# of the cipher (bytes).
#
+cipher {
+ name = "aes-256-ctr";
+ keylength = 32;
+ blocklength = 16;
+};
cipher {
name = "aes-256-cbc";
- module = "aes.sim.so";
keylength = 32;
blocklength = 16;
};
+cipher {
+ name = "aes-192-ctr";
+ keylength = 24;
+ blocklength = 16;
+};
cipher {
name = "aes-192-cbc";
- module = "aes.sim.so";
keylength = 24;
blocklength = 16;
};
+cipher {
+ name = "aes-128-ctr";
+ keylength = 16;
+ blocklength = 16;
+};
cipher {
name = "aes-128-cbc";
- module = "aes.sim.so";
keylength = 16;
blocklength = 16;
};
cipher {
name = "twofish-256-cbc";
- module = "twofish.sim.so";
keylength = 32;
blocklength = 16;
};
cipher {
name = "twofish-192-cbc";
- module = "twofish.sim.so";
keylength = 24;
blocklength = 16;
};
cipher {
name = "twofish-128-cbc";
- module = "twofish.sim.so";
keylength = 16;
blocklength = 16;
};
-# "none" cipher should not be used
-#cipher {
-# name = "none";
-# module = "none.sim.so";
-# keylength = 0;
-# blocklength = 0;
-#};
-
#
# Configured hash functions
#
hash {
- name = "sha1";
+ name = "sha256";
blocklength = 64;
- digestlength = 20;
+ digestlength = 32;
};
hash {
- name = "sha256";
+ name = "sha1";
blocklength = 64;
- digestlength = 32;
+ digestlength = 20;
};
hash {
name = "md5";
# be configured in the hash section.
#
hmac {
- name = "hmac-sha1-96";
- hash = "sha1";
+ name = "hmac-sha256-96";
+ hash = "sha256";
maclength = 12;
};
hmac {
- name = "hmac-sha256-96";
- hash = "sha256";
+ name = "hmac-sha1-96";
+ hash = "sha1";
maclength = 12;
};
hmac {
#
# Configured PKCS
#
-PKCS {
- name = "rsa";
+PKCS {
+ name = "rsa";
};