[strongSwan] ECDSA authentication in BSD

Riaan Kruger riaank at gmail.com
Sat Jun 30 14:30:07 CEST 2012


On Thu, Jun 28, 2012 at 6:27 AM, Andreas Steffen <
andreas.steffen at strongswan.org> wrote:

> Hi Chris,
>
> the problem is not ECDSA authentication but the configuration of
> AES-GCM in the kernel which is not possible because the PFKEY
> interface does not support the configuration of ESP authenticated
> encryption (AEAD) algorithms. I don't know whether BSD implements
> AES-GCM at all and if yes, if BSD has defined a private extension of
> the RFC 2367 PFKEYv2 interface.
>

Just for interest sake NetBSD and OpenBSD does support AES-GCM.

There are patches for aes-gcm for FreeBSD that are waiting for "approval",
I am not sure when they will be part of the base though.

Riaan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120630/46562094/attachment.html>


More information about the Users mailing list