Summary

Adds support for Post-quantum Preshared Keys (PPK) [RFC 8784]. Strongswan version 5.7.0 added support for PPKs, and VyOS 1.3.8 had strongSwan 5.7.2 included. All later versions of VyOS should support PPKs.

Use case

Provide quantum resistant IPSEC connection when using IKEv2 until (or in addition to) quantum resistant algorithms are available, like ML-KEM and ML-DSA.

Additional information

PPKs are only used with IKEv2, so will need a check that we're using v2 if PPK is configured.

strongSwan PPK configuration reference: https://docs.strongswan.org/docs/latest/swanctl/swanctlConf.html#_connections_conn_ppk_id and https://docs.strongswan.org/docs/latest/swanctl/swanctlConf.html#_secrets_ppksuffix

Example strongSwan PPK configuration for road warriors: https://www.strongswan.org/testing/testresults/ikev2/rw-psk-ppk/index.html

Value of the PPK. It may either be an ASCII string, a hex encoded string if it has a 0x prefix or a Base64 encoded string if it has a 0s prefix in its value. Should have at least 256 bits of entropy for 128 bit security

Suggested configuration additions

Configure PPK for use

set vpn ipsec authentication ppk <name> id <value>
set vpn ipsec authentication ppk <name> secret <value>

Use PPK for RA connection

set vpn ipsec remote-access connection <name> ppk id <value>
set vpn ipsec remote-access connection <name> ppk required (optional)

Use PPK for S2S peer

set vpn ipsec site-to-site peer <name> ppk id <value>
set vpn ipsec site-to-site peer <name> ppk required (optional)

swanctl config

connections {
    peer {
        ppk_id = <value>
        ppk_required = yes [default no, only include this if ppk required in config]

secrets {
    ppk-name {
        id-ppk-name = <value>
        secret = 0xHEX or 0sBASE64 or string