[strongSwan] OCF-linux strongswan availability
Martin Willi
martin at strongswan.org
Fri Jun 1 12:49:40 CEST 2012
Hi,
> Does anybody know if there is a OCF-linux accelerated strongswan
> available?
strongSwan provides the userland components (IKE) of IPsec only and does
not have direct support for OCF. We have a crypto backend that uses
OpenSSL, though, and it might be possible to use OCF in userland through
this plugin. And we support the new AF_ALG interface, which allows you
to use any kernel level crypto driver in the Linux Crypto API.
Using OCF for ESP packet processing in kernel is a completely different
story. The default IPsec stack in Linux (Netkey) uses the Linux crypto
API, not OCF. But that crypto API gets support for more and more
hardware accelerators.
Regards
Martin
More information about the Users
mailing list