[Openswan dev] RSA in IKE?
cshue at cs.indiana.edu
Thu Apr 14 21:53:14 CEST 2005
I attempting to research the cryptography operations used in the IKE
portion of Openswan and could use a little insight on the RSA portion
(I'm testing openswan 2.3.1dr3).
In programs/pluto/keys.c, there are a number of RSA key management
operations, but I am not finding any kind of encryption or decryption
routines (which I'm interested in timing) there.
In programs/pluto/ipsec_doi.c, I notice there are RSA functions for
signing a hash and for verifying such a signature. However, if my
understanding is correct, the nonce values exchanged between the
initiator and responder must be encrypted with the public key other the
other party. So, where does this encryption occur (and it's
corresponding decryption) and why is RSA signing and verification occurring?
Any and all assistance is greatly appreciated!
More information about the Dev