From e35a282eef077d8cc91e8e5fd7b7a1dcf91750c4 Mon Sep 17 00:00:00 2001 From: Jeff Leung Date: Fri, 4 Dec 2015 23:49:35 -0500 Subject: Add ChaCha20 Poly1305 cipher as an available cipher for IKE exchanges. Starting with strongSwan 5.3.3, chacha20poly1305 is a supported cipher for IKE and ESP configurations with an IKEv2 configuration. --- .../vpn/ipsec/esp-group/node.tag/proposal/node.tag/encryption/node.def | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'templates/vpn/ipsec/esp-group') diff --git a/templates/vpn/ipsec/esp-group/node.tag/proposal/node.tag/encryption/node.def b/templates/vpn/ipsec/esp-group/node.tag/proposal/node.tag/encryption/node.def index 1c02803..05aa407 100644 --- a/templates/vpn/ipsec/esp-group/node.tag/proposal/node.tag/encryption/node.def +++ b/templates/vpn/ipsec/esp-group/node.tag/proposal/node.tag/encryption/node.def @@ -1,7 +1,8 @@ help: Encryption algorithm type: txt default: "aes128" -syntax:expression: $VAR(@) in "aes128", "aes256", "3des"; "must be aes128, or aes256, or 3des" +syntax:expression: $VAR(@) in "aes128", "aes256", "3des", "chacha20poly1305"; "must be aes128, aes256, 3des, or chacha20poly1305" val_help: aes128; AES-128 encryption (default) val_help: aes256; AES-256 encryption val_help: 3des; 3DES encryption +val_help: chacha20poly1305; ChaCha20-Poly1305 encryption -- cgit v1.2.3 From fcab32f8c5cc416829dc054a41e578eae45951fa Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Mon, 4 May 2015 00:35:54 +0200 Subject: Bug #469: add options for AES-128/256-GCM mode. --- .../ipsec/esp-group/node.tag/proposal/node.tag/encryption/node.def | 4 +++- .../ipsec/ike-group/node.tag/proposal/node.tag/encryption/node.def | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) (limited to 'templates/vpn/ipsec/esp-group') diff --git a/templates/vpn/ipsec/esp-group/node.tag/proposal/node.tag/encryption/node.def b/templates/vpn/ipsec/esp-group/node.tag/proposal/node.tag/encryption/node.def index 05aa407..ba66828 100644 --- a/templates/vpn/ipsec/esp-group/node.tag/proposal/node.tag/encryption/node.def +++ b/templates/vpn/ipsec/esp-group/node.tag/proposal/node.tag/encryption/node.def @@ -1,8 +1,10 @@ help: Encryption algorithm type: txt default: "aes128" -syntax:expression: $VAR(@) in "aes128", "aes256", "3des", "chacha20poly1305"; "must be aes128, aes256, 3des, or chacha20poly1305" +syntax:expression: $VAR(@) in "aes128", "aes256", "aes128gcm128", "aes256gcm128", "3des", "chacha20poly1305"; "must be aes128, aes256, 3des, or chacha20poly1305" val_help: aes128; AES-128 encryption (default) val_help: aes256; AES-256 encryption +val_help: aes128gcm128; AES-128 encryption with Galois Counter Mode 128-bit +val_help: aes256gcm128; AES-256 encryption with Galois Counter Mode 128-bit val_help: 3des; 3DES encryption val_help: chacha20poly1305; ChaCha20-Poly1305 encryption diff --git a/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/encryption/node.def b/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/encryption/node.def index 05aa407..ba66828 100644 --- a/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/encryption/node.def +++ b/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/encryption/node.def @@ -1,8 +1,10 @@ help: Encryption algorithm type: txt default: "aes128" -syntax:expression: $VAR(@) in "aes128", "aes256", "3des", "chacha20poly1305"; "must be aes128, aes256, 3des, or chacha20poly1305" +syntax:expression: $VAR(@) in "aes128", "aes256", "aes128gcm128", "aes256gcm128", "3des", "chacha20poly1305"; "must be aes128, aes256, 3des, or chacha20poly1305" val_help: aes128; AES-128 encryption (default) val_help: aes256; AES-256 encryption +val_help: aes128gcm128; AES-128 encryption with Galois Counter Mode 128-bit +val_help: aes256gcm128; AES-256 encryption with Galois Counter Mode 128-bit val_help: 3des; 3DES encryption val_help: chacha20poly1305; ChaCha20-Poly1305 encryption -- cgit v1.2.3