Bug #3064: curve448 does not appear to be recognized as valid in ike or esp config - strongSwan

Bug #3064

curve448 does not appear to be recognized as valid in ike or esp config

Added by Jim Pingle about 1 year ago. Updated about 1 year ago.

Status:

Closed

Priority:

Normal

Assignee:

Tobias Brunner

Category:

libstrongswan

Target version:

5.8.0

Start date:

17.05.2019

Due date:

Estimated time:

Affected version:

dr|rc|master

Resolution:

Fixed

Description

On FreeBSD 12 with strongSwan 5.8.0.d2, I can use curve25519 with IKEv1 and IKEv2 when the curve25519 plugin is loaded, but curve448 does not work with either IKEv1 or IKEv2.

In ipsec.conf, I specified it like this:

    ike = aes256-sha1-curve448!
    esp = aes256-sha256-curve448!

That syntax works if I use curve25519 instead, but when attempting to use curve448, strongSwan acts as though no DH was selected:

configured proposals: ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ

I also don't see curve448 listed in https://github.com/strongswan/strongswan/blob/master/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt along with the others, though it is listed on https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites which says it should be a valid keyword for ike or esp.

It's also missing from https://wiki.strongswan.org/projects/strongswan/wiki/IKEv1CipherSuites but that may be intentional, though curve25519 is listed there as well.

Related issues

Associated revisions

Revision fbfe5a27 (diff)
Added by Tobias Brunner about 1 year ago

proposal: Add missing curve448/x448 keywords

Fixes #3064.

History

#1 Updated by Tobias Brunner about 1 year ago

Status changed from New to Feedback
Assignee set to Tobias Brunner
Target version set to 5.8.1
Resolution set to Fixed

Thanks for the report. Fix is in the 3064-curve448-keyword branch.

It's also missing from https://wiki.strongswan.org/projects/strongswan/wiki/IKEv1CipherSuites but that may be intentional, though curve25519 is listed there as well.

Yeah, didn't update that page in a while (using either of these algorithms with IKEv1 is not standardized anyway).

#2 Updated by Tobias Brunner about 1 year ago

Related to Issue #3065: Error building 5.8.0rc1 without gperf added

#3 Updated by Jim Pingle about 1 year ago

It works as expected with the change from that branch, thanks!

Log entries:

charon[31462]: 15[CFG] <2> received proposals: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/CURVE_448
charon[31462]: 15[CFG] <2> configured proposals: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/CURVE_448
charon[31462]: 15[CFG] <2> selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/CURVE_448

ipsec statusall output:

con5000[2]: IKE proposal: AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/CURVE_448

#4 Updated by Tobias Brunner about 1 year ago

Status changed from Feedback to Closed
Target version changed from 5.8.1 to 5.8.0

Also available in: Atom PDF

Project

General

Profile

strongSwan

Issues

New issues