[strongSwan-dev] Botan plugin for strongswan

Andreas Steffen andreas.steffen at strongswan.org
Sat Jun 17 13:24:48 CEST 2017


Hi  René,

we sincerely appreciate your effort to port Botan to strongSwan since
we think it is of utmost importance to have a robust crypto library
supporting the latest cryptographic algorithms as an alternative
to openssl. If you are going to contribute the source code for a
libstrongswan botan plugin then the strongSwan project mandates that you
should do that under an MIT license (preferred) or any BSD-type license.

If you have any questions concerning the libstrongswan crypto interface
or the plugin registration mechanism just contact either me or Tobias
Brunner.

Best regards

Andreas

On 17.06.2017 12:00, René Korthaus wrote:
> Hi,
> 
> for the past two years and ongoing, we have been doing a development
> project for the German Federal Office for Information Security (BSI).
> The goal of this project "Secure implementation of a universal
> cryptographic library" [1] was to have a cryptographic library that
> contains all common cryptographic primitives that are necessary for the
> wide use of cryptographic operations, but at the same time follows the
> recommendations of BSI's technical guidelines [2]. In this project, we
> evaluated 18 open source libraries and eventually selected the Botan
> cryptographic library [3]. For the past 1 1/2 years, we have made
> various improvements to Botan, from security improvements and new
> features to documentation and CI improvements. We also audited relevant
> parts of Botan. We have contributed all of our changes to upstream, in
> almost 90 pull requests up to now. We will continue supporting the Botan
> project with contributions and audits for the time to come.
> 
> We started porting our products to Botan already some while ago and are
> now putting efforts into adding support for Botan into other open source
> software we are using. We will soon be starting to work on a Botan
> plugin for libstrongswan, where we would like to contribute our work to
> upstream. From talking with people from other German vendors of IT
> security products I know there is an increased interest in using
> strongswan with Botan in their products, too.
> 
> We already started looking into things such as the plugin build system
> and the crypto test suite. We will raise any questions arising using
> this list. I will probably post the first one later this day.
> 
> Any feedback is much appreciated.
> 
> Best regards,
> René
> 
> [1]
> https://www.bsi.bund.de/DE/Themen/Kryptotechnologie/Kryptobibliothek/kryptobibliothek_node.html
> [2]
> https://www.bsi.bund.de/DE/Publikationen/TechnischeRichtlinien/technischerichtlinien_node.html
> [3] https://botan.randombit.net/
> 

======================================================================
Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Networked Solutions
HSR University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[INS-HSR]==

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3859 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20170617/cb4acbb2/attachment.bin>


More information about the Dev mailing list