On Aug 12, 2013, Radostan Riedel wrote: > On Sun, 11. Aug 23:04, Michael Rash wrote: > > Hmm, ok. > > > > > I'm still ok just using a different digest but it remains a mistery why > > > this > > > won't work. I'm still waiting for gnupg with Eliptic-Curve Cryptography > > > then > > > most of that problems should be gone. > > > > Ah, yes, with much shorter key sizes in ECC seems like you're right. > > Another thing would help for this particular issue would be a packed binary > > protocol for SPA packet data, but that would be a major change. > > > OK I solved the mystery. It was just another stupid problem. I was always > checking my own gpg key and it was obviously 2048bit. What I didn't check was > my > fwknop-server key and it was 4096bit long. Now it's working with > Digest sha512 and HMAC digest sha256.
Excellent. > But I still can't get HMAC sha512 to work even though my packet has a size of > 1100 now. Even when I use digest md5. I'm going to add a series of tests to the test suite that involve larger key sizes to see where things break. If you have some additional time, could you check out the latest sources from the git master branch? These sources may help to shed light on particular failure conditions as a result of Hank's new error code patch. Thanks, --Mike ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite! It's a free troubleshooting tool designed for production. Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk _______________________________________________ Fwknop-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
