[strongSwan-dev] Key

Martin Willi martin at strongswan.org
Thu Jul 7 08:53:01 CEST 2011

Hi Daniel,

> I need to intercept the keys "encr" "integ" during SA installation
> into the kernel.

The listener interface has a child_keys() hook for such purposes. It
contains the DH secret and the nonces, so you'd have to derive the
actual encryption/integrity keys yourself.

> I want to know: is this the only way Stronsgwan does install SA and
> Policies into the kernel?  Im asking this because I cannot see my
> debuging messages and all other functionalities I've added.

Yes, all CHILD_SAs are installed through this function.


More information about the Dev mailing list