[strongSwan-dev] Botan plugin for strongswan

René Korthaus r.korthaus at sirrix.com
Sat Jun 17 12:00:51 CEST 2017


Hi,

for the past two years and ongoing, we have been doing a development
project for the German Federal Office for Information Security (BSI).
The goal of this project "Secure implementation of a universal
cryptographic library" [1] was to have a cryptographic library that
contains all common cryptographic primitives that are necessary for the
wide use of cryptographic operations, but at the same time follows the
recommendations of BSI's technical guidelines [2]. In this project, we
evaluated 18 open source libraries and eventually selected the Botan
cryptographic library [3]. For the past 1 1/2 years, we have made
various improvements to Botan, from security improvements and new
features to documentation and CI improvements. We also audited relevant
parts of Botan. We have contributed all of our changes to upstream, in
almost 90 pull requests up to now. We will continue supporting the Botan
project with contributions and audits for the time to come.

We started porting our products to Botan already some while ago and are
now putting efforts into adding support for Botan into other open source
software we are using. We will soon be starting to work on a Botan
plugin for libstrongswan, where we would like to contribute our work to
upstream. From talking with people from other German vendors of IT
security products I know there is an increased interest in using
strongswan with Botan in their products, too.

We already started looking into things such as the plugin build system
and the crypto test suite. We will raise any questions arising using
this list. I will probably post the first one later this day.

Any feedback is much appreciated.

Best regards,
René

[1]
https://www.bsi.bund.de/DE/Themen/Kryptotechnologie/Kryptobibliothek/kryptobibliothek_node.html
[2]
https://www.bsi.bund.de/DE/Publikationen/TechnischeRichtlinien/technischerichtlinien_node.html
[3] https://botan.randombit.net/

-- 
René Korthaus
System Developer

Rohde & Schwarz Cybersecurity

R&S Cybersecurity Sirrix GmbH
Lise-Meitner Allee 4, 44801 Bochum
Phone: + 49 681 95986-163
Email: r.korthaus at sirrix.com
PGP Key ID 0x587E74D6
Fingerprint C196 FF9D 3DDC A5E7 F98C E745 9AD0 F9FA 587E 74D6
Internet: cybersecurity.rohde-schwarz.com

Trade register: Amtsgericht Saarbrücken HRB 103442
Executive board: Christian Stüble, Norbert Schirmer
Supervisory Board: Ammar Alkassar, Reik Hesselbarth

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20170617/484eca49/attachment.sig>


More information about the Dev mailing list