Feature #2427
Implementing RFC 8247
Description
RFC 8247 mandates that support for certain algorithms is removed and for certain others is added for IKEv2:
Removed: E.g. prf-md5, hmac-md5, null encryption, modp1024s160, modp768
Added: E.g. RSASSA-PSS
Somebody will ineviteably ask for it.
Related issues
Associated revisions
proposal: Remove MODP-1024 from default IKE proposal
RFC 8247 demoted it to SHOULD NOT. This might break connections with
Windows clients unless they are configured to use a stronger group or
matching weak proposals are configured explicitly on the server.
References #2427.
ikev2: Don't use SHA-1 for RFC 7427 signature authentication
RFC 8247 demoted it to MUST NOT.
References #2427.
Merge branch 'rsassa-pss'
This adds support for RSASSA-PSS signatures in IKEv2 digital signature
authentication (RFC 7427), certificates and CRLs etc., and when signing
credentials via pki tool. For interoperability with older versions, the
default is to use classic PKCS#1 signatures. To use PSS padding either enable
rsa_pss via strongswan.conf or explicitly use it either via ike:rsa/pss...
auth token or the --rsa-padding option of the pki tool.
References #2427.
History
#1 Updated by Tobias Brunner over 4 years ago
- Related to Feature #2367: Android client - RSASSA-PSS added
#2 Updated by Tobias Brunner over 4 years ago
- Tracker changed from Issue to Feature
- Status changed from New to Closed
- Assignee set to Tobias Brunner
- Target version set to 5.6.1
- Resolution set to Fixed
proposal: Remove MD5 from default IKE proposal
RFC 8247 demoted MD5 to MUST NOT.
References #2427.