[strongSwan] ECDSA mixed results with the Android client
Daniel Pocock
daniel at pocock.com.au
Sat Jul 6 10:18:15 CEST 2013
Just some further observations about ECDSA with the Android client:
Test 1:
VPN gateway using an ECDSA cert signed by an RSA root
Android using an RSA cert signed by the RSA root
Working OK
Test 2:
VPN gateway using an ECDSA cert signed by an RSA root
Android using an ECDSA cert signed by the RSA root
Android fails, log:
"signature scheme RSA_EMSA_PKCS1_SHA1 not supported in EC"
"failed to load private key"
Test 3:
VPN gateway using an ECDSA cert signed by an RSA root
Android using an ECDSA cert signed by an ECDSA root
Android fails, log:
"failed to load private key"
In both the ECDSA failures, it is failing during initialization, it is
not even starting to connect to the peer
Regards,
Daniel
More information about the Users
mailing list