[Openswan dev] Re: [Openswan Users] Hardware encryption support - VIA PadLock?

Nate Carlson natecars at natecarlson.com
Tue Jun 22 11:56:06 CEST 2004 

On Tue, 22 Jun 2004, Nate Carlson wrote:
> Ah, looks good. I'll build and test shortly.
> 
> Is the 'alg' subdirectory of linux/net/ipsec actually used? As far as I
> can tell, it's not.
> 
> Also, should the 'defconfig' still reference all the ALG stuff that
> isn't supported right now? In a lot of ways, I'd prefer to see Openswan
> go to pure CryptoAPI support, and just phase out the internal
> algorithms. (Well, that's from a layman's view, though - there could
> very well be good technical reasons to keep our the algorithms.)

OK, attached a cosmetic patch that adds the proper stuff to config-all.h
and Config.in - I'm actually building a Debian package, so I'm using my
own config-all file, but hey.  :)

Seems to work well for me - well, at least it loads properly; haven't
actually tested the CryptoAPI support yet. You still do get a conflict
while building if both AES and CryptoAPI are enabled, though.

------------------------------------------------------------------------
| nate carlson | natecars at natecarlson.com | http://www.natecarlson.com |
|       depriving some poor village of its idiot since 1981            |
------------------------------------------------------------------------
-------------- next part --------------
diff -Naur openswan-2/linux/net/ipsec/Config.in openswan-2.nate/linux/net/ipsec/Config.in
--- openswan-2/linux/net/ipsec/Config.in	2004-04-05 21:49:25.000000000 -0500
+++ openswan-2.nate/linux/net/ipsec/Config.in	2004-06-22 10:50:34.000000000 -0500
@@ -28,6 +28,7 @@
 if [ "$CONFIG_IPSEC_ESP" = "y" ]; then
   bool '      3DES encryption algorithm' CONFIG_IPSEC_ENC_3DES
   bool '      AES encryption algorithm' CONFIG_IPSEC_ENC_AES
+  bool '      CryptoAPI Support (Incompatible with AES)' CONFIG_IPSEC_ENC_AES
 fi
 
 bool '   IPSEC Modular Extensions' CONFIG_IPSEC_ALG
diff -Naur openswan-2/packaging/linus/config-all.h openswan-2.nate/packaging/linus/config-all.h
--- openswan-2/packaging/linus/config-all.h	2004-04-05 22:08:37.000000000 -0500
+++ openswan-2.nate/packaging/linus/config-all.h	2004-06-22 10:50:14.000000000 -0500
@@ -62,6 +62,10 @@
 #define CONFIG_IPSEC_ENC_AES 1
 #endif
 
+#ifndef CONFIG_IPSEC_ENC_CRYPTOAPI
+#define CONFIG_IPSEC_ENC_CRYPTOAPI 1
+#endif
+
 #define CONFIG_IPSEC_ALG_AES #error
 
 #ifndef CONFIG_IPSEC_ALG_AES_MAC

More information about the Dev mailing list