testing: make curve25519 the default DH group

2025-12-05 00:01:49 -05:00 · 2016-11-08 13:50:14 +01:00 · 2016-11-08 13:50:14 +01:00 · 99c03e9a11
commit 99c03e9a11
parent 549b325d9d
820 changed files with 1050 additions and 1072 deletions
--- a/src/starter/confread.c
+++ b/src/starter/confread.c
@ -40,7 +40,7 @@
 #define SA_REPLACEMENT_RETRIES_DEFAULT   3
 #define SA_REPLAY_WINDOW_DEFAULT        -1 /* use charon.replay_window */

-static const char ike_defaults[] = "aes128-sha256-modp3072";
+static const char ike_defaults[] = "aes128-sha256-curve25519";
 static const char esp_defaults[] = "aes128-sha256";

 static const char firewall_defaults[] = IPSEC_SCRIPT " _updown iptables";
--- a/testing/tests/ha/active-passive/hosts/alice/etc/strongswan.conf
+++ b/testing/tests/ha/active-passive/hosts/alice/etc/strongswan.conf
@ -1,7 +1,8 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default ha 
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default ha
+
  plugins {
    ha {
      local = PH_IP_ALICE
--- a/testing/tests/ha/active-passive/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ha/active-passive/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc ctr ccm gcm stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ha/active-passive/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ha/active-passive/hosts/dave/etc/strongswan.conf
@ -1,6 +1,6 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc ctr ccm gcm stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }

--- a/testing/tests/ha/active-passive/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ha/active-passive/hosts/moon/etc/strongswan.conf
@ -1,7 +1,8 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default ha
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default ha
+
  plugins {
    ha {
      local = PH_IP_MOON1
--- a/testing/tests/ha/both-active/hosts/alice/etc/strongswan.conf
+++ b/testing/tests/ha/both-active/hosts/alice/etc/strongswan.conf
@ -1,7 +1,8 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default ha 
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default ha
+
  plugins {
    ha {
      local = PH_IP_ALICE
--- a/testing/tests/ha/both-active/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ha/both-active/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc ctr ccm gcm stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ha/both-active/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ha/both-active/hosts/dave/etc/strongswan.conf
@ -1,6 +1,6 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc ctr ccm gcm stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }

--- a/testing/tests/ha/both-active/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ha/both-active/hosts/moon/etc/strongswan.conf
@ -1,7 +1,8 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default ha
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default ha
+
  plugins {
    ha {
      local = PH_IP_MOON1
--- a/testing/tests/ike/rw-cert/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ike/rw-cert/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default
 }
--- a/testing/tests/ike/rw-cert/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ike/rw-cert/hosts/dave/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default
 }
--- a/testing/tests/ike/rw-cert/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ike/rw-cert/hosts/moon/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default
 }
--- a/testing/tests/ike/rw_v1-net_v2/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ike/rw_v1-net_v2/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac x509 curl revocation stroke kernel-netlink socket-default
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp hmac x509 curl revocation stroke kernel-netlink socket-default
 }
--- a/testing/tests/ike/rw_v1-net_v2/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ike/rw_v1-net_v2/hosts/moon/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac x509 curl revocation stroke kernel-netlink socket-default
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp hmac x509 curl revocation stroke kernel-netlink socket-default
 }
--- a/testing/tests/ike/rw_v1-net_v2/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/ike/rw_v1-net_v2/hosts/sun/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac x509 curl revocation stroke kernel-netlink socket-default
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp hmac x509 curl revocation stroke kernel-netlink socket-default
 }
--- a/testing/tests/ikev1/alg-3des-md5/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/alg-3des-md5/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes des sha1 sha2 md5 pem pkcs1 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/alg-3des-md5/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/alg-3des-md5/hosts/moon/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce des sha1 sha2 md5 pem pkcs1 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/alg-blowfish/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/alg-blowfish/hosts/carol/etc/strongswan.conf
@ -1,6 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  dh_exponent_ansi_x9_42 = no
-  load = aes des blowfish md5 sha1 sha2 pem pkcs1 gmp curl random nonce x509 revocation hmac stroke kernel-netlink socket-default updown
+  load = random nonce aes blowfish md5 sha1 sha2 pem pkcs1 gmp curl x509 revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/alg-blowfish/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/alg-blowfish/hosts/dave/etc/strongswan.conf
@ -1,6 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  dh_exponent_ansi_x9_42 = no
-  load = aes des blowfish md5 sha1 sha2 pem pkcs1 gmp curl random nonce x509 revocation hmac stroke kernel-netlink socket-default updown
+  load = random nonce blowfish sha1 sha2 pem pkcs1 gmp curl x509 revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/alg-blowfish/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/alg-blowfish/hosts/moon/etc/strongswan.conf
@ -1,6 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  dh_exponent_ansi_x9_42 = no
-  load = aes des blowfish md5 sha1 sha2 pem pkcs1 gmp curl random nonce x509 revocation hmac stroke kernel-netlink socket-default updown
+  load = random nonce blowfish sha1 sha2 pem pkcs1 gmp curl x509 revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/alg-modp-subgroup/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/alg-modp-subgroup/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/alg-modp-subgroup/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/alg-modp-subgroup/hosts/dave/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/alg-modp-subgroup/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/alg-modp-subgroup/hosts/moon/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/alg-sha256/description.txt
+++ b/testing/tests/ikev1/alg-sha256/description.txt
@ -1,4 +1,4 @@
 Roadwarrior <b>carol</b> proposes to gateway <b>moon</b> the ESP cipher suite
-<b>AES_CBC_128 / HMAC_SHA2_256_128</b> by defining <b>esp=aes128-sha256-modp2048!</b>
+<b>AES_CBC_128 / HMAC_SHA2_256_128</b> by defining <b>esp=aes128-sha256-curve25519!</b>
 in ipsec.conf. The same cipher suite is used for IKE.
 A ping from <b>carol</b> to <b>alice</b> successfully checks the established tunnel.
--- a/testing/tests/ikev1/alg-sha256/evaltest.dat
+++ b/testing/tests/ikev1/alg-sha256/evaltest.dat
@ -2,11 +2,11 @@ moon:: ipsec status 2> /dev/null::rw.*ESTABLISHED.*moon.strongswan.org.*carol@st
 carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
 moon:: ipsec status 2> /dev/null::rw.*INSTALLED, TUNNEL::YES
 carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
-moon:: ipsec statusall 2> /dev/null::rw.*IKE proposal.*AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072::YES
-carol::ipsec statusall 2> /dev/null::home.*IKE proposal.*AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072::YES
+moon:: ipsec statusall 2> /dev/null::rw.*IKE proposal.*AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519::YES
+carol::ipsec statusall 2> /dev/null::home.*IKE proposal.*AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519::YES
 carol::ping -c 1 -s 120 -p deadbeef PH_IP_ALICE::128 bytes from PH_IP_ALICE: icmp_.eq=1::YES
-moon:: ipsec statusall 2> /dev/null::rw.*AES_CBC_128/HMAC_SHA2_256_128/MODP_3072,::YES
-carol::ipsec statusall 2> /dev/null::home.*AES_CBC_128/HMAC_SHA2_256_128/MODP_3072,::YES
+moon:: ipsec statusall 2> /dev/null::rw.*AES_CBC_128/HMAC_SHA2_256_128/CURVE_25519,::YES
+carol::ipsec statusall 2> /dev/null::home.*AES_CBC_128/HMAC_SHA2_256_128/CURVE_25519,::YES
 moon:: ip xfrm state::auth-trunc hmac(sha256)::YES
 carol::ip xfrm state::auth-trunc hmac(sha256)::YES
 moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP.*length 200::YES
--- a/testing/tests/ikev1/alg-sha256/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/alg-sha256/hosts/carol/etc/ipsec.conf
@ -8,8 +8,8 @@ conn %default
 	rekeymargin=3m
 	keyingtries=1
 	keyexchange=ikev1
-	ike=aes128-sha256-modp3072!
-	esp=aes128-sha256-modp3072!
+	ike=aes128-sha256-curve25519!
+	esp=aes128-sha256-curve25519!

 conn home
 	left=PH_IP_CAROL
--- a/testing/tests/ikev1/alg-sha256/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/alg-sha256/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/alg-sha256/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/alg-sha256/hosts/moon/etc/ipsec.conf
@ -8,8 +8,8 @@ conn %default
 	rekeymargin=3m
 	keyingtries=1
 	keyexchange=ikev1
-	ike=aes128-sha256-modp3072!
-	esp=aes128-sha256-modp3072!
+	ike=aes128-sha256-curve25519!
+	esp=aes128-sha256-curve25519!

 conn rw
 	left=PH_IP_MOON
--- a/testing/tests/ikev1/alg-sha256/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/alg-sha256/hosts/moon/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/alg-sha384/description.txt
+++ b/testing/tests/ikev1/alg-sha384/description.txt
@ -1,4 +1,4 @@
 Roadwarrior <b>carol</b> proposes to gateway <b>moon</b> the ESP cipher suite
-<b>AES_CBC_192 / HMAC_SHA2_384_192</b> by defining <b>esp=aes192-sha384-modp3072!</b>
+<b>AES_CBC_192 / HMAC_SHA2_384_192</b> by defining <b>esp=aes192-sha384-curve25519!</b>
 in ipsec.conf. The same cipher suite is used for IKE.
 A ping from <b>carol</b> to <b>alice</b> successfully checks the established tunnel.
--- a/testing/tests/ikev1/alg-sha384/evaltest.dat
+++ b/testing/tests/ikev1/alg-sha384/evaltest.dat
@ -2,11 +2,11 @@ moon:: ipsec status 2> /dev/null::rw.*ESTABLISHED.*moon.strongswan.org.*carol@st
 carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
 moon:: ipsec status 2> /dev/null::rw.*INSTALLED, TUNNEL::YES
 carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
-moon:: ipsec statusall 2> /dev/null::rw.*IKE proposal.*AES_CBC_192/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_3072::YES
-carol::ipsec statusall 2> /dev/null::home.*IKE proposal.*AES_CBC_192/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_3072::YES
+moon:: ipsec statusall 2> /dev/null::rw.*IKE proposal.*AES_CBC_192/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/CURVE_25519::YES
+carol::ipsec statusall 2> /dev/null::home.*IKE proposal.*AES_CBC_192/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/CURVE_25519::YES
 carol::ping -c 1 -s 120 -p deadbeef PH_IP_ALICE::128 bytes from PH_IP_ALICE: icmp_.eq=1::YES
-moon:: ipsec statusall 2> /dev/null::rw.*AES_CBC_192/HMAC_SHA2_384_192/MODP_3072,::YES
-carol::ipsec statusall 2> /dev/null::home.*AES_CBC_192/HMAC_SHA2_384_192/MODP_3072,::YES
+moon:: ipsec statusall 2> /dev/null::rw.*AES_CBC_192/HMAC_SHA2_384_192/CURVE_25519,::YES
+carol::ipsec statusall 2> /dev/null::home.*AES_CBC_192/HMAC_SHA2_384_192/CURVE_25519,::YES
 moon:: ip xfrm state::auth-trunc hmac(sha384)::YES
 carol::ip xfrm state::auth-trunc hmac(sha384)::YES
 moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP.*length 208::YES
--- a/testing/tests/ikev1/alg-sha384/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/alg-sha384/hosts/carol/etc/ipsec.conf
@ -8,8 +8,8 @@ conn %default
 	rekeymargin=3m
 	keyingtries=1
 	keyexchange=ikev1
-	ike=aes192-sha384-modp3072!
-	esp=aes192-sha384-modp3072!
+	ike=aes192-sha384-curve25519!
+	esp=aes192-sha384-curve25519!

 conn home
 	left=PH_IP_CAROL
--- a/testing/tests/ikev1/alg-sha384/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/alg-sha384/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/alg-sha384/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/alg-sha384/hosts/moon/etc/ipsec.conf
@ -8,8 +8,8 @@ conn %default
 	rekeymargin=3m
 	keyingtries=1
 	keyexchange=ikev1
-	ike=aes192-sha384-modp3072!
-	esp=aes192-sha384-modp3072!
+	ike=aes192-sha384-curve25519!
+	esp=aes192-sha384-curve25519!

 conn rw
 	left=PH_IP_MOON
--- a/testing/tests/ikev1/alg-sha384/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/alg-sha384/hosts/moon/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/alg-sha512/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/alg-sha512/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/alg-sha512/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/alg-sha512/hosts/moon/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/compress/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/compress/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default
 }
--- a/testing/tests/ikev1/compress/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/compress/hosts/moon/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default
 }
--- a/testing/tests/ikev1/config-payload-push/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/config-payload-push/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown resolve
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown resolve
 }
--- a/testing/tests/ikev1/config-payload-push/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/config-payload-push/hosts/dave/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown resolve
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown resolve
 }
--- a/testing/tests/ikev1/config-payload-push/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/config-payload-push/hosts/moon/etc/strongswan.conf
@ -1,7 +1,7 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown attr
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown attr

  dns1 = PH_IP_WINNETOU
  dns2 = PH_IP_VENUS
--- a/testing/tests/ikev1/config-payload/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/config-payload/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown resolve
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown resolve
 }
--- a/testing/tests/ikev1/config-payload/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/config-payload/hosts/dave/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown resolve
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown resolve
 }
--- a/testing/tests/ikev1/config-payload/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/config-payload/hosts/moon/etc/strongswan.conf
@ -1,7 +1,7 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown attr
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown attr

  dns1 = PH_IP_WINNETOU
  dns2 = PH_IP_VENUS
--- a/testing/tests/ikev1/double-nat-net/hosts/alice/etc/strongswan.conf
+++ b/testing/tests/ikev1/double-nat-net/hosts/alice/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/double-nat-net/hosts/bob/etc/strongswan.conf
+++ b/testing/tests/ikev1/double-nat-net/hosts/bob/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/double-nat/hosts/alice/etc/strongswan.conf
+++ b/testing/tests/ikev1/double-nat/hosts/alice/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/double-nat/hosts/bob/etc/strongswan.conf
+++ b/testing/tests/ikev1/double-nat/hosts/bob/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/dpd-clear/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/dpd-clear/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/dpd-clear/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/dpd-clear/hosts/moon/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default
 }
--- a/testing/tests/ikev1/dpd-restart/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/dpd-restart/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/dpd-restart/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/dpd-restart/hosts/moon/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default
 }
--- a/testing/tests/ikev1/dynamic-initiator/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-initiator/hosts/carol/etc/strongswan.conf
@ -1,7 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown
-
-  dh_exponent_ansi_x9_42 = no
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/dynamic-initiator/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-initiator/hosts/dave/etc/strongswan.conf
@ -1,7 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown
-
-  dh_exponent_ansi_x9_42 = no
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/dynamic-initiator/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-initiator/hosts/moon/etc/strongswan.conf
@ -1,7 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown
-
-  dh_exponent_ansi_x9_42 = no
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/dynamic-responder/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-responder/hosts/carol/etc/strongswan.conf
@ -1,7 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown
-
-  dh_exponent_ansi_x9_42 = no
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/dynamic-responder/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-responder/hosts/dave/etc/strongswan.conf
@ -1,7 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown
-
-  dh_exponent_ansi_x9_42 = no
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/dynamic-responder/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-responder/hosts/moon/etc/strongswan.conf
@ -1,7 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown
-
-  dh_exponent_ansi_x9_42 = no
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/dynamic-two-peers/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-two-peers/hosts/carol/etc/strongswan.conf
@ -1,7 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown
-
-  dh_exponent_ansi_x9_42 = no
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/dynamic-two-peers/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-two-peers/hosts/dave/etc/strongswan.conf
@ -1,7 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown
-
-  dh_exponent_ansi_x9_42 = no
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/dynamic-two-peers/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-two-peers/hosts/moon/etc/strongswan.conf
@ -1,7 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-netlink socket-default updown
-
-  dh_exponent_ansi_x9_42 = no
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/esp-alg-aes-ccm/description.txt
+++ b/testing/tests/ikev1/esp-alg-aes-ccm/description.txt
@ -1,4 +1,4 @@
 Roadwarrior <b>carol</b> proposes to gateway <b>moon</b> the ESP cipher suite
-<b>AES_CCM_12_128</b> by defining <b>esp=aes128ccm12-modp2048</b> or alternatively
-<b>esp=aes128ccm96-modp2048</b> in ipsec.conf.
+<b>AES_CCM_12_128</b> by defining <b>esp=aes128ccm12-curve25519</b> or alternatively
+<b>esp=aes128ccm96-curve25519</b> in ipsec.conf.
 A ping from <b>carol</b> to <b>alice</b> successfully checks the established tunnel.
--- a/testing/tests/ikev1/esp-alg-aes-ccm/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/esp-alg-aes-ccm/hosts/carol/etc/ipsec.conf
@ -8,8 +8,8 @@ conn %default
 	rekeymargin=3m
 	keyingtries=1
 	keyexchange=ikev1
-	ike=aes128-sha256-modp2048!
-	esp=aes128ccm96-modp2048!
+	ike=aes128-sha256-curve25519!
+	esp=aes128ccm96-curve25519!

 conn home
 	left=PH_IP_CAROL
--- a/testing/tests/ikev1/esp-alg-aes-ccm/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/esp-alg-aes-ccm/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc ccm stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac ccm stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/esp-alg-aes-ccm/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/esp-alg-aes-ccm/hosts/moon/etc/ipsec.conf
@ -8,8 +8,8 @@ conn %default
 	rekeymargin=3m
 	keyingtries=1
 	keyexchange=ikev1
-	ike=aes128-sha256-modp2048!
-	esp=aes128ccm12-modp2048!
+	ike=aes128-sha256-curve25519!
+	esp=aes128ccm12-curve25519!

 conn rw
 	left=PH_IP_MOON
--- a/testing/tests/ikev1/esp-alg-aes-ccm/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/esp-alg-aes-ccm/hosts/moon/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc ccm stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac ccm stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/esp-alg-aes-ctr/description.txt
+++ b/testing/tests/ikev1/esp-alg-aes-ctr/description.txt
@ -1,3 +1,3 @@
 Roadwarrior <b>carol</b> proposes to gateway <b>moon</b> the ESP cipher suite
-<b>AES_CTR_256 / AES_XCBC_96</b> by defining <b>esp=aes256ctr-aesxcbc-modp2048</b> in ipsec.conf.
+<b>AES_CTR_256 / AES_XCBC_96</b> by defining <b>esp=aes256ctr-aesxcbc-curve25519</b> in ipsec.conf.
 A ping from <b>carol</b> to <b>alice</b> successfully checks the established tunnel.
--- a/testing/tests/ikev1/esp-alg-aes-ctr/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/esp-alg-aes-ctr/hosts/carol/etc/ipsec.conf
@ -8,8 +8,8 @@ conn %default
 	rekeymargin=3m
 	keyingtries=1
 	keyexchange=ikev1
-	ike=aes256-sha512-modp2048!
-	esp=aes256ctr-aesxcbc-modp2048!
+	ike=aes256-sha512-curve25519!
+	esp=aes256ctr-aesxcbc-curve25519!

 conn home
 	left=PH_IP_CAROL
--- a/testing/tests/ikev1/esp-alg-aes-ctr/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/esp-alg-aes-ctr/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc ctr stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac ctr stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/esp-alg-aes-ctr/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/esp-alg-aes-ctr/hosts/moon/etc/ipsec.conf
@ -8,8 +8,8 @@ conn %default
 	rekeymargin=3m
 	keyingtries=1
 	keyexchange=ikev1
-	ike=aes256-sha512-modp2048!
-	esp=aes256ctr-aesxcbc-modp2048!
+	ike=aes256-sha512-curve25519!
+	esp=aes256ctr-aesxcbc-curve25519!

 conn rw
 	left=PH_IP_MOON
--- a/testing/tests/ikev1/esp-alg-aes-ctr/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/esp-alg-aes-ctr/hosts/moon/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc ctr stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac ctr stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/esp-alg-aes-gcm/description.txt
+++ b/testing/tests/ikev1/esp-alg-aes-gcm/description.txt
@ -1,4 +1,4 @@
 Roadwarrior <b>carol</b> proposes to gateway <b>moon</b> the ESP cipher suite
-<b>AES_GCM_16_256</b> by defining <b>esp=aes256gcm16-modp2048</b> or alternatively
-<b>esp=aes256gcm128-modp2048</b> in ipsec.conf.
+<b>AES_GCM_16_256</b> by defining <b>esp=aes256gcm16-curve25519</b> or alternatively
+<b>esp=aes256gcm128-curve25519</b> in ipsec.conf.
 A ping from <b>carol</b> to <b>alice</b> successfully checks the established tunnel.
--- a/testing/tests/ikev1/esp-alg-aes-gcm/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/esp-alg-aes-gcm/hosts/carol/etc/ipsec.conf
@ -8,8 +8,8 @@ conn %default
 	rekeymargin=3m
 	keyingtries=1
 	keyexchange=ikev1
-	ike=aes256-sha512-modp2048!
-	esp=aes256gcm128-modp2048!
+	ike=aes256-sha512-curve25519!
+	esp=aes256gcm128-curve25519!

 conn home
 	left=PH_IP_CAROL
--- a/testing/tests/ikev1/esp-alg-aes-gcm/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/esp-alg-aes-gcm/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc gcm stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac gcm stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/esp-alg-aes-gcm/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/esp-alg-aes-gcm/hosts/moon/etc/ipsec.conf
@ -8,8 +8,8 @@ conn %default
 	rekeymargin=3m
 	keyingtries=1
 	keyexchange=ikev1
-	ike=aes256-sha512-modp2048!
-	esp=aes256gcm16-modp2048!
+	ike=aes256-sha512-curve25519!
+	esp=aes256gcm16-curve25519!

 conn rw
 	left=PH_IP_MOON
--- a/testing/tests/ikev1/esp-alg-aes-gcm/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/esp-alg-aes-gcm/hosts/moon/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc gcm stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac gcm stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/esp-alg-aes-gmac/description.txt
+++ b/testing/tests/ikev1/esp-alg-aes-gmac/description.txt
@ -1,4 +1,4 @@
 Roadwarrior <b>carol</b> proposes to gateway <b>moon</b> the authentication-only
-ESP cipher suite <b>NULL_AES_GMAC_256</b> by defining <b>esp=aes256gmac-modp2048!</b>
+ESP cipher suite <b>NULL_AES_GMAC_256</b> by defining <b>esp=aes256gmac-curve25519!</b>
 in ipsec.conf. A ping from <b>carol</b> to <b>alice</b> successfully checks
 the established tunnel.
--- a/testing/tests/ikev1/esp-alg-aes-gmac/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/esp-alg-aes-gmac/hosts/carol/etc/ipsec.conf
@ -8,8 +8,8 @@ conn %default
 	rekeymargin=3m
 	keyingtries=1
 	keyexchange=ikev1
-	ike=aes256-sha256-modp2048!
-	esp=aes256gmac-modp2048!
+	ike=aes256-sha256-curve25519!
+	esp=aes256gmac-curve25519!

 conn home
 	left=PH_IP_CAROL
--- a/testing/tests/ikev1/esp-alg-aes-gmac/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/esp-alg-aes-gmac/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/esp-alg-aes-gmac/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/esp-alg-aes-gmac/hosts/moon/etc/ipsec.conf
@ -8,8 +8,8 @@ conn %default
 	rekeymargin=3m
 	keyingtries=1
 	keyexchange=ikev1
-	ike=aes256-sha256-modp2048!
-	esp=aes256gmac-modp2048!
+	ike=aes256-sha256-curve25519!
+	esp=aes256gmac-curve25519!

 conn rw
 	left=PH_IP_MOON
--- a/testing/tests/ikev1/esp-alg-aes-gmac/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/esp-alg-aes-gmac/hosts/moon/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/esp-alg-aes-xcbc/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/esp-alg-aes-xcbc/hosts/carol/etc/ipsec.conf
@ -8,7 +8,7 @@ conn %default
 	rekeymargin=3m
 	keyingtries=1
 	keyexchange=ikev1
-	ike=aes256-sha256-modp2048!
+	ike=aes256-sha256-curve25519!
 	esp=aes256-aesxcbc!

 conn home
--- a/testing/tests/ikev1/esp-alg-aes-xcbc/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/esp-alg-aes-xcbc/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/esp-alg-aes-xcbc/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/esp-alg-aes-xcbc/hosts/moon/etc/ipsec.conf
@ -8,7 +8,7 @@ conn %default
 	rekeymargin=3m
 	keyingtries=1
 	keyexchange=ikev1
-	ike=aes256-sha256-modp2048!
+	ike=aes256-sha256-curve25519!
 	esp=aes256-aesxcbc!

 conn rw
--- a/testing/tests/ikev1/esp-alg-aes-xcbc/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/esp-alg-aes-xcbc/hosts/moon/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/esp-alg-null/evaltest.dat
+++ b/testing/tests/ikev1/esp-alg-null/evaltest.dat
@ -3,9 +3,9 @@ carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.
 moon:: ipsec status 2> /dev/null::rw.*INSTALLED, TUNNEL::YES
 carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
 carol::ping -c 1 -s 120 -p deadbeef PH_IP_ALICE::128 bytes from PH_IP_ALICE: icmp_.eq=1::YES
-moon:: ipsec statusall 2> /dev/null::NULL/HMAC_SHA1_96::YES
-carol::ipsec statusall 2> /dev/null::NULL/HMAC_SHA1_96::YES
+moon:: ipsec statusall 2> /dev/null::NULL/HMAC_SHA2_256_128::YES
+carol::ipsec statusall 2> /dev/null::NULL/HMAC_SHA2_256_128::YES
 moon:: ip xfrm state::enc ecb(cipher_null)::YES
 carol::ip xfrm state::enc ecb(cipher_null)::YES
-moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP.*length 172::YES
-moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP.*length 172::YES
+moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP.*length 176::YES
+moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP.*length 176::YES
--- a/testing/tests/ikev1/esp-alg-null/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/esp-alg-null/hosts/carol/etc/ipsec.conf
@ -8,8 +8,8 @@ conn %default
 	rekeymargin=3m
 	keyingtries=1
 	keyexchange=ikev1
-	ike=aes128-sha1-modp2048!
-	esp=null-sha1!
+	ike=aes128-sha256-curve25519!
+	esp=null-sha256!

 conn home
 	left=PH_IP_CAROL
--- a/testing/tests/ikev1/esp-alg-null/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/esp-alg-null/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/esp-alg-null/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/esp-alg-null/hosts/moon/etc/ipsec.conf
@ -8,8 +8,8 @@ conn %default
 	rekeymargin=3m
 	keyingtries=1
 	keyexchange=ikev1
-	ike=aes128-sha1-modp2048!
-	esp=null-sha1!
+	ike=aes128-sha256-curve25519!
+	esp=null-sha256!

 conn rw
 	left=PH_IP_MOON
--- a/testing/tests/ikev1/esp-alg-null/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/esp-alg-null/hosts/moon/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/host2host-ah/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/host2host-ah/hosts/moon/etc/strongswan.conf
@ -1,6 +1,6 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
  multiple_authentication = no
 }
--- a/testing/tests/ikev1/host2host-ah/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/ikev1/host2host-ah/hosts/sun/etc/strongswan.conf
@ -1,6 +1,6 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
  multiple_authentication = no
 }
--- a/testing/tests/ikev1/host2host-cert/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/host2host-cert/hosts/moon/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/host2host-cert/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/ikev1/host2host-cert/hosts/sun/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
 }
--- a/testing/tests/ikev1/host2host-transport/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/host2host-transport/hosts/moon/etc/strongswan.conf
@ -1,6 +1,6 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
  multiple_authentication = no
 }
--- a/testing/tests/ikev1/host2host-transport/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/ikev1/host2host-transport/hosts/sun/etc/strongswan.conf
@ -1,6 +1,6 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
  multiple_authentication = no
 }
--- a/testing/tests/ikev1/ip-pool-db/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/ip-pool-db/hosts/carol/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown resolve
+  load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown resolve
 }
--- a/testing/tests/ikev1/ip-pool-db/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/ip-pool-db/hosts/dave/etc/strongswan.conf
@ -1,5 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown resolve
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown resolve
 }
--- a/testing/tests/ikev1/ip-pool-db/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/ip-pool-db/hosts/moon/etc/strongswan.conf
@ -1,7 +1,7 @@
 # /etc/strongswan.conf - strongSwan configuration file

 charon {
-  load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default sqlite attr-sql updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default sqlite attr-sql updown

  plugins {
    attr-sql {
--- a/Show More
+++ b/Show More