From ba5f5e2424b854ffde8e4232bdfce15743d0aefc Mon Sep 17 00:00:00 2001 From: Michael Rash Date: Thu, 12 May 2016 22:23:54 -0400 Subject: [PATCH] add sha3_256 sha3_512 to man page docs --- client/fwknop.8.in | 30 +++++++++++++++++++----------- doc/fwknop.man.asciidoc | 13 ++++++++----- doc/fwknopd.man.asciidoc | 6 +++--- server/fwknopd.8.in | 14 ++++++++------ 4 files changed, 38 insertions(+), 25 deletions(-) diff --git a/client/fwknop.8.in b/client/fwknop.8.in index fc53080d..cc9020ff 100644 --- a/client/fwknop.8.in +++ b/client/fwknop.8.in @@ -1,13 +1,13 @@ '\" t .\" Title: fwknop .\" Author: [see the "AUTHORS" section] -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 04/10/2016 +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 05/12/2016 .\" Manual: Fwknop Client .\" Source: Fwknop Client .\" Language: English .\" -.TH "FWKNOP" "8" "04/10/2016" "Fwknop Client" "Fwknop Client" +.TH "FWKNOP" "8" "05/12/2016" "Fwknop Client" "Fwknop Client" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -55,7 +55,7 @@ SPA packets generated by \fBfwknop\fR leverage HMAC for authenticated encryption mode (command mode (0) or access mode (1)) if command mode => command to execute else access mode => IP,proto,port - message digest (SHA512 / SHA384 / SHA256 / SHA1 / MD5) + message digest (SHA512 / SHA384 / SHA256 / SHA1 / MD5 / SHA3_256 / SHA3_512) .fi .if n \{\ .RE @@ -388,8 +388,10 @@ Set the HMAC digest algorithm for authenticated encryption of SPA packets\&. Cho \fBSHA1\fR, \fBSHA256\fR (the default), -\fBSHA384\fR, and -\fBSHA512\fR\&. +\fBSHA384\fR, +\fBSHA512\fR, +\fBSHA3_256\fR, and +\fBSHA3_512\fR\&. .RE .PP \fB\-N, \-\-nat\-access\fR=\fI\fR @@ -629,7 +631,9 @@ Specify the message digest algorithm to use in the SPA data\&. Choices are: \fBSHA256\fR (the default), \fBSHA384\fR, and -\fBSHA512\fR\&. +\fBSHA512\fR, +\fBSHA3_256\fR, and +\fBSHA3_512\fR\&. .RE .PP \fB\-M, \-\-encryption\-mode\fR=\fI\fR @@ -854,8 +858,10 @@ Set the HMAC digest algorithm used for authenticated encryption of SPA packets\& \fBSHA1\fR, \fBSHA256\fR (the default), -\fBSHA384\fR, and -\fBSHA512\fR\&. +\fBSHA384\fR, +\fBSHA512\fR, +\fBSHA3_256\fR, and +\fBSHA3_512\fR\&. .RE .PP \fBSPA_SOURCE_PORT\fR \fI\fR @@ -929,8 +935,10 @@ Set the SPA message digest type (\fI\-m, \-\-digest\-type\fR)\&. Choices are: \fBSHA1\fR, \fBSHA256\fR (the default), -\fBSHA384\fR, and -\fBSHA512\fR\&. +\fBSHA384\fR, +\fBSHA512\fR, +\fBSHA3_256\fR, and +\fBSHA3_512\fR\&. .RE .PP \fBUSE_GPG\fR \fI\fR diff --git a/doc/fwknop.man.asciidoc b/doc/fwknop.man.asciidoc index 7da78ee1..ac180f19 100644 --- a/doc/fwknop.man.asciidoc +++ b/doc/fwknop.man.asciidoc @@ -86,7 +86,7 @@ format (before encryption and the HMAC is applied): mode (command mode (0) or access mode (1)) if command mode => command to execute else access mode => IP,proto,port - message digest (SHA512 / SHA384 / SHA256 / SHA1 / MD5) + message digest (SHA512 / SHA384 / SHA256 / SHA1 / MD5 / SHA3_256 / SHA3_512) .......................... Each of the above fields are separated by a ":" character due to the variable @@ -348,7 +348,8 @@ SPA OPTIONS *--hmac-digest-type*='':: Set the HMAC digest algorithm for authenticated encryption of SPA packets. - Choices are: *MD5*, *SHA1*, *SHA256* (the default), *SHA384*, and *SHA512*. + Choices are: *MD5*, *SHA1*, *SHA256* (the default), *SHA384*, *SHA512*, + *SHA3_256*, and *SHA3_512*. *-N, --nat-access*='':: The *fwknopd* server offers the ability to provide SPA access through @@ -500,7 +501,8 @@ SPA OPTIONS *-m, --digest-type*='':: Specify the message digest algorithm to use in the SPA data. Choices - are: *MD5*, *SHA1*, *SHA256* (the default), *SHA384*, and *SHA512*. + are: *MD5*, *SHA1*, *SHA256* (the default), *SHA384*, and *SHA512*, + *SHA3_256*, and *SHA3_512*. *-M, --encryption-mode*='':: Specify the encryption mode when AES is used for encrypting SPA packets. @@ -685,7 +687,7 @@ description and its matching command-line option(s): *HMAC_DIGEST_TYPE* '':: Set the HMAC digest algorithm used for authenticated encryption of SPA packets. Choices are: *MD5*, *SHA1*, *SHA256* (the default), *SHA384*, - and *SHA512*. + *SHA512*, *SHA3_256*, and *SHA3_512*. *SPA_SOURCE_PORT* '':: Set the source port to use for sending the SPA packet ('-S, --source-port'). @@ -727,7 +729,8 @@ description and its matching command-line option(s): *DIGEST_TYPE* '':: Set the SPA message digest type ('-m, --digest-type'). Choices are: *MD5*, - *SHA1*, *SHA256* (the default), *SHA384*, and *SHA512*. + *SHA1*, *SHA256* (the default), *SHA384*, *SHA512*, *SHA3_256*, and + *SHA3_512*. *USE_GPG* '':: Set to 'Y' to specify the use of GPG for encryption ('--gpg-encryption'). diff --git a/doc/fwknopd.man.asciidoc b/doc/fwknopd.man.asciidoc index c19364fa..6a165a0b 100644 --- a/doc/fwknopd.man.asciidoc +++ b/doc/fwknopd.man.asciidoc @@ -550,9 +550,9 @@ directive starts a new stanza. *HMAC_DIGEST_TYPE* '':: Specify the digest algorithm for incoming SPA packet authentication. Must - be one of *MD5*, *SHA1*, *SHA256*, *SHA384*, or *SHA512*. This is an - optional field, and if not specified then *fwknopd* defaults to using - SHA256 if the access stanza requires an HMAC. + be one of *MD5*, *SHA1*, *SHA256*, *SHA384*, *SHA512*, *SHA3_256*, or + *SHA3_512*. This is an optional field, and if not specified then *fwknopd* + defaults to using SHA256 if the access stanza requires an HMAC. *ACCESS_EXPIRE* '':: Defines an expiration date for the access stanza in MM/DD/YYYY format. diff --git a/server/fwknopd.8.in b/server/fwknopd.8.in index 5120e331..a83535ae 100644 --- a/server/fwknopd.8.in +++ b/server/fwknopd.8.in @@ -1,13 +1,13 @@ '\" t .\" Title: fwknopd .\" Author: [see the "AUTHORS" section] -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 12/24/2015 +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 05/12/2016 .\" Manual: Fwknop Server .\" Source: Fwknop Server .\" Language: English .\" -.TH "FWKNOPD" "8" "12/24/2015" "Fwknop Server" "Fwknop Server" +.TH "FWKNOPD" "8" "05/12/2016" "Fwknop Server" "Fwknop Server" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -41,7 +41,7 @@ The main application of this program is to conceal services such as \fISSH\fR wi The main configuration for \fBfwknopd\fR is maintained within two files: \fIfwknopd\&.conf\fR and \fIaccess\&.conf\fR\&. The default location for these files is determined at package configuration (typically \fI@sysconfdir@/fwknop\fR)\&. The configuration variables within these files are described below\&. .sp Additional information may be found in the tutorial \(lqSingle Packet Authorization: A Comprehensive Guide to Strong Service Concealment with fwknop\(rq available online (see: \fIhttp://www\&.cipherdyne\&.org/fwknop/docs/fwknop\-tutorial\&.html\fR)\&. -.SH "COMMAND-LINE OPTIONS" +.SH "COMMAND\-LINE OPTIONS" .PP \fB\-i, \-\-interface\fR=\fI\fR .RS 4 @@ -697,8 +697,10 @@ Specify the digest algorithm for incoming SPA packet authentication\&. Must be o \fBMD5\fR, \fBSHA1\fR, \fBSHA256\fR, -\fBSHA384\fR, or -\fBSHA512\fR\&. This is an optional field, and if not specified then +\fBSHA384\fR, +\fBSHA512\fR, +\fBSHA3_256\fR, or +\fBSHA3_512\fR\&. This is an optional field, and if not specified then \fBfwknopd\fR defaults to using SHA256 if the access stanza requires an HMAC\&. .RE