[Openswan dev] using proprietary encryption algorithm with openswan

Paul Wouters paul at xelerance.com
Wed Jul 16 13:07:36 EDT 2008

On Wed, 16 Jul 2008, hiren joshi wrote:

> I have a proprietary encryption algorithm.
> Is it possible to use it with Openswan? If yes, How?

Only using crypto api, since if you are modifying he code extensively for a new
cipher, and distribute your derivative product, you are bound by the GPL license.

> I guess it should be possible by integrating the algorithm in cryptoapi framework.
> I am not that familiar with nitty-gritty of the same - so a confirmation and details on how to go about it
> would be of great help.

Check the kernel documentation for crypto api. You will find the hooks for
various crypto api ciphers in openswan (eg programs/pluto/kernel_netlink.c).
Since there is no function to ask the kernel to give us a list of supported
ciphers, you will have to somehow add your cipher hardcoded into this file
like the other ciphers. Though you should be able to freely redistribute that
code change, since it does not do anything new but call a crypto function by a
new name.

> Also  curious on current  status of OCF  support  in  Openswan. Is it  supported? From which version?

OCF support has been integrated in 2.6.15, there are currently "dr" releases
you can use for testing.


More information about the Dev mailing list