[strongSwan] SHA-256 for IKE_AUTH (IKEv2) ?

b0bsmith at beckandsmith.com b0bsmith at beckandsmith.com
Mon Jun 15 20:51:58 CEST 2015

Does StrongSwan (5.3.x) support IKEV2 authentication payload RSA signatures
using a sha-256 as the hash digest function?


The 5.3.0 change log mentions support for RFC 7427, but it’s not clear if
StrongSwan added stronger hash support for both RSA and ECDSA, or just


I’m testing against another IKE client, which is using sha256 as the digest,
and I’m getting this StrongSwan log:

       “expected hash algorithm HASH_SHA1, but found HASH_SHA256 (OID:


Of course changing the other client to a SHA1 digest works, but I’d prefer
the stronger hash.


Also came across this old email in the archives:

Hello Mugur,
strongSwan only supports SHA-1 with the RSA Digital Signature AUTH
payload but we are planning to support
as soon as the "Signature Authentication in IKEv2" RFC is goint to be
Best regards
On 28.03.2014 15:09, ABULIUS, MUGUR (MUGUR) wrote:
> Hello,
> Can you please specify if StrongSwan supports for IKEv2 Authentication
> Payload
> RSA Digital signatures using SHA-256 as hash function?
> The RFC 5596 (IKEv2) at “§3.8 Authentication Payload” makes reference to
> RSAES-PKCS1-v1_5
> signature scheme for which the RFC 3447 includes SHA-256.
> Best Regards
> Mugur
Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)






-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150615/92258adb/attachment.html>

More information about the Users mailing list