Hello Alex, 1) add your algorithm in the enumerated type encryption_algorithm_t
http://wiki.strongswan.org/repositories/entry/strongswan/src/libstrongswan/crypto/crypters/crypter.h#L33 2)assigning a private value > 1027. Also add a character string to be used in log messages and status output: http://wiki.strongswan.org/repositories/entry/strongswan/src/libstrongswan/crypto/crypters/crypter.c#L21 3) In order to be able to define your algorithm in ike= or esp= statements in ipsec.conf, update the algorithm keyword list in http://wiki.strongswan.org/repositories/entry/strongswan/src/libstrongswan/crypto/proposal/proposal_keywords.txt#L32 4) If you checked out strongSwan from the git repository then the make command will call gperf which will automatically create a new optimized keyword hashing table. 5a) If you want use your algorithm for IKE then you should create a new plugin in the libstrongswan/plugins directory. Use the the aes or blowfish plugins as an example: http://wiki.strongswan.org/repositories/browse/strongswan/src/libstrongswan/plugins/aes In order for the plugin to be recognized by the GNU autotools make system you must add rules for your plugin in configure.in http://wiki.strongswan.org/repositories/entry/strongswan/configure.in Just grep for "aes" or "blowfish" to see the necessary entries. 5b) If you want to use your algorithm for ESP then you must write a kernel module and add it via the kernel's crypto API and the XFRM interface. You must then add the algorithm identifier used by XFRM to strongSwan's kernel_netlink interface: http://wiki.strongswan.org/repositories/entry/strongswan/src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c#L156 Regards Andreas Sasha Chashinski wrote: > Hello, > I want to add own cipher to strongSwan, is it posssible? > If yes can any one explain the procedure > > Thanks for any help... > Alex. > > --- > Прогноз погоды ТУТ - http://pogoda.tut.by ====================================================================== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]== _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
