[strongSwan] ECDSA mixed results with the Android client

Tobias Brunner tobias at strongswan.org
Mon Jul 8 09:49:27 CEST 2013


> Test 2:
> VPN gateway using an ECDSA cert signed by an RSA root
> Android using an ECDSA cert signed by the RSA root
> Android fails, log:
> "signature scheme RSA_EMSA_PKCS1_SHA1 not supported in EC"
> "failed to load private key"
> 
> Test 3:
> VPN gateway using an ECDSA cert signed by an RSA root
> Android using an ECDSA cert signed by an ECDSA root
> Android fails, log:
> "failed to load private key"
> 
> In both the ECDSA failures, it is failing during initialization, it is
> not even starting to connect to the peer

This is due to a bug in the Android API we use to access the private
keys:  http://wiki.strongswan.org/issues/349

Regards
Tobias





More information about the Users mailing list