[strongSwan] ECDSA authentication in BSD
riaank at gmail.com
Sat Jun 30 14:30:07 CEST 2012
On Thu, Jun 28, 2012 at 6:27 AM, Andreas Steffen <
andreas.steffen at strongswan.org> wrote:
> Hi Chris,
> the problem is not ECDSA authentication but the configuration of
> AES-GCM in the kernel which is not possible because the PFKEY
> interface does not support the configuration of ESP authenticated
> encryption (AEAD) algorithms. I don't know whether BSD implements
> AES-GCM at all and if yes, if BSD has defined a private extension of
> the RFC 2367 PFKEYv2 interface.
Just for interest sake NetBSD and OpenBSD does support AES-GCM.
There are patches for aes-gcm for FreeBSD that are waiting for "approval",
I am not sure when they will be part of the base though.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users