[strongSwan] Strongswan AUTH payload signature hash algorithm for certificate based authentication

Kalyani Garigipati (kagarigi) kagarigi at cisco.com
Tue Oct 11 19:20:49 CEST 2016


I am trying to bring up ikev2 sa between strongswan and cisco router.
The authentication method used is certificates and prf algorithm is SHA256.

·         I wanted to know what is the hash algorithm that is used while generating the signature in AUTH payload for strongswan.
Is it SHA1 or SHA256 ?

·         I observed that if I generate the signature in AUTH payload using SHA256, it fails the signature validation
If I generate the signature in authentication payload using SHA1 , it passes the signature validation.

RFC quotes below in page 94 of 5996

RSA Digital Signature                  1
      Computed as specified in Section 2.15<https://tools.ietf.org/html/rfc5996#section-2.15> using an RSA private key
      with RSASSA-PKCS1-v1_5 signature scheme specified in [PKCS1<https://tools.ietf.org/html/rfc5996#ref-PKCS1>]
      (implementers should note that IKEv1 used a different method for
      RSA signatures).  To promote interoperability, implementations
      that support this type SHOULD support signatures that use SHA-1
      as the hash function and SHOULD use SHA-1 as the default hash
      function when generating signatures


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20161011/2ad7a96d/attachment-0001.html>

More information about the Users mailing list