Feature #9531
closed[IPSEC] Add additional curve-based DH Groups (31+)
100%
Description
DH Group 31/32 (incl. curve25519) variants are available in Strongswan and it would be nice to have them as additions to the DH Group dropdown.
Updated by Jim Pingle over 5 years ago
- Status changed from New to In Progress
- Assignee set to Jim Pingle
- Target version set to 2.5.0
Updated by Jim Pingle over 5 years ago
Group 31 (curve25519) works. Group 32 (curve448) does not. Appears to be a strongSwan issue, I raised a bug report upstream: https://wiki.strongswan.org/issues/3064
Commit coming shortly which enables the curve25519 plugin and group 31.
Updated by Jim Pingle over 5 years ago
- Status changed from In Progress to Feedback
- % Done changed from 0 to 100
Applied in changeset 4fc267484e604509b072b398642f19cb6797ef21.
Updated by Jim Pingle over 5 years ago
- Status changed from Feedback to In Progress
That was quick. Fix is in upstream: https://wiki.strongswan.org/projects/strongswan/repository/revisions/97708f7ff7571a159ca9a3d03804ffc506469449/diff
Will test with that after 2.4.4-p3 ships and we have 2.5.0 snapshots going again.
Updated by Jim Pingle over 5 years ago
- Status changed from In Progress to Feedback
Looks good on the current snapshot with group 31 and 32
Updated by Jens Groh over 5 years ago
Just curious: would the changeset be appliable to 2.4.4-p3 when released?
I have a current customer that would like to upgrade his IPSEC tunnel to curve 25519 so an appliable patch via System Patches would be fine as an interim solution ;)
Updated by Jim Pingle over 5 years ago
Jens Groh wrote:
Just curious: would the changeset be appliable to 2.4.4-p3 when released?
The first patch to add group 31 might, but the 32 would not since it requires a patch to strongSwan. I only tested on 2.5.0.
Updated by Jens Groh over 5 years ago
Jim Pingle wrote:
The first patch to add group 31 might, but the 32 would not since it requires a patch to strongSwan. I only tested on 2.5.0.
Not trying to add complexity to this. But a patch for DH31 capability I'd take for sure ;)
As german BSI recommends using elliptic curve ciphers like 25519-based, brainpool or secpxxxRy that would help against people using bad/old/unsafe cipher suites and settings (had to shout one down recently that tried to sneak a 3DES one in).
But really appreciate the fast response on that on in general! Thanks a lot!
Updated by Jim Pingle over 5 years ago
The first patch above, 4fc267484e604509b072b398642f19cb6797ef21, applies cleanly to 2.4.4-p2 and 2.4.4-p3 and adds only group 31. I didn't test it, but the libstrongswan curve25519 plugin is there, so it should work.
Updated by Jens Groh over 5 years ago
Alright will test within our lab setup and try it with the customer if that works. Will report back!
Updated by Jens Groh over 5 years ago
Just as feedback: we had the first two tunnels set up with EC25519 / DH31 as Phase1 (and in one case Phase2, too) and as of yet all is well an normal as expected. :)
Updated by Jim Pingle over 5 years ago
- Status changed from Feedback to Resolved
Updated by Jim Pingle about 5 years ago
- Status changed from Resolved to Feedback
- Target version changed from 2.5.0 to 2.4.5
I picked back the Group 31 change only to 2.4.5 to test since it was reported to function. If it works, re-target this back to 2.5.0 and close it again since it's already been tested there.
Updated by Jens Groh about 5 years ago
Jim Pingle wrote:
I picked back the Group 31 change only to 2.4.5 to test since it was reported to function. If it works, re-target this back to 2.5.0 and close it again since it's already been tested there.
Don't know if that helps but as stated above, I'm running the DH31 changeset added through patches system in 2.4.4-p3 without a hitch with 3 IPSEC peers smoothly for months now and don't expect any issues.
Updated by Jim Pingle about 5 years ago
- Status changed from Feedback to Resolved
- Target version changed from 2.4.5 to 2.5.0
Group 31 can be selected and works when chosen on 2.4.5.
2.4.5.a.20191217.0637