RFC 9235

TCP Authentication Option (TCP-AO) Test Vectors, May 2022

File formats:

icon for HTML icon for text file icon for v3pdf icon for XML
Status:
INFORMATIONAL
Authors:
J. Touch
J. Kuusisaari
Stream:
IETF
Source:
tcpm (tsv)

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC9235

Discuss this RFC: Send questions or comments to tcpm@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 9235


Abstract

This document provides test vectors to validate implementations of the two mandatory authentication algorithms specified for the TCP Authentication Option over both IPv4 and IPv6. This includes validation of the key derivation function (KDF) based on a set of test connection parameters as well as validation of the message authentication code (MAC). Vectors are provided for both currently required pairs of KDF and MAC algorithms: KDF_HMAC_SHA1 and HMAC- SHA-1-96, and KDF_AES_128_CMAC and AES-128-CMAC-96. The vectors also validate both whole TCP segments as well as segments whose options are excluded for middlebox traversal.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.