[strongSwan] Augment the "esp cipher suites" with foreign not standard ciphers
Martin Willi
martin at strongswan.org
Fri Oct 8 10:01:51 CEST 2010
Hi Mugur,
>
> need to support with strongSwan an "exotic" cipher implemented both by
> the NPU and the remote system.
Adding a new ESP cipher is possible, but not straight forward. You'll
need to add support in several layers:
- First, of course, the kernel needs support for this algorithm in the
crypto API
- The kernel needs support for the new algorithm in the XFRM subsystem
- Choose an IKEv2 algorithm identifier (in private space?) for your
algorithm
- Add a proposal configuration option for the algorithm identifier
- Extend the kernel interface by the new cipher
Regards
Martin
More information about the Users
mailing list