[Openswan dev] How to add own cipher to openswan

D. Hugh Redelmeier hugh at mimosa.com
Mon Jul 27 09:50:11 EDT 2009


| From: Paul Wouters <paul at xelerance.com>

| For use with IKE, one needs to add it to pluto. Look at the USE_EXTRACRYPTO?
| for an examples. For use with ESP, one needs to add it to the kernel's cryptoapi,
| and then add a new keyword for it to the userland libipsecconf library.

If you wish to add it to ESP, you probably want to teach Pluto to
negotiate tunnels that will use it.  So, in addition to what Paul
mentioned, you are going to need to invent a cipher number (unless
IETF has already done so) and add it into the proposal generating and
proposal accepting logic.


More information about the Dev mailing list