chacha20poly1305 cipher name mismatch on proposals
Android Client sends proposal:
charon: 07[CFG] received proposals: IKE:CHACHA20_POLY1305/PRF_HMAC_SHA2_256/MODP_2048
This cipher is configured on the server but goes by name CHACHA20_POLY1305_256:
charon: 07[CFG] configured proposals: IKE:AES_GCM_8_128/AES_GCM_8_256/CHACHA20_POLY1305_256/PR..
As a result Chacha cipher cannot be optionally selected in Android app.
#1 Updated by Martin Willi 2 months ago
- Status changed from New to Feedback
Up to version 5.6.2, strongSwan unfortunately used a invalid transform encoding for this algorithm. This has been fixed with 5.6.3, requiring an change that brings an incompatibility between versions.
To support newer clients on your server, you'll need to update to at least 5.6.3. You can then use both the chacha20poly1305 and the chacha20poly1305compat algorithm on the server to support both old and new clients.
#3 Updated by Tobias Brunner about 2 months ago
- Category set to configuration
Could you please recommend some specific repository with the latest stable strongSwan I should use?
I guess you could try installing the .deb files from a newer Ubuntu release (e.g. 18.10/cosmic comes with 5.6.3). Or install a newer version from source (make sure to uninstall the strongSwan packages before doing that).