Hello
Basically I'm trying to add my custom cipher (it's a dummy cipher called Panther) to be used with IKE/ESP to encrypt traffic using strongswan. I know how to do this in linux, but this is quite different on FreeBSD. I understand this is a complicated process esp that strongswan is not fully supported on FreeBSD but I'm trying to deal with one problem at a time. I'm only using IKEv2 and I have done this same customization on linux, so I know it's possible.
Now, the thing is, to use Panther in ESP, I need to create a kernel module and load it and use it. So I took my shiny panther source files and placed them in a directory alongside the other standard kernel ciphers blowfish aes...etc. I then modified some files in the netipsec/ directory like the xform_esp.c among others. Basically I looked in the kernel for all occurrences of blowfish, and then added a similar entry for panther. I finally compiled my kernel with no problems. I just don't know if my module is working or no. How do I check that? Is there any way I could use my custom cipher without strongswan or setkey (not that I haven't tried) but I'm just not sure whether the errors are from strongswan/setkey not recognizing panther or from the module itself. I tried kldstat but that's not it. In linux I could just lsmod and it would show whenever it's invoked.
Any help on how to customize a new cipher into FreeBSD is appreciated thanks.
Basically I'm trying to add my custom cipher (it's a dummy cipher called Panther) to be used with IKE/ESP to encrypt traffic using strongswan. I know how to do this in linux, but this is quite different on FreeBSD. I understand this is a complicated process esp that strongswan is not fully supported on FreeBSD but I'm trying to deal with one problem at a time. I'm only using IKEv2 and I have done this same customization on linux, so I know it's possible.
Now, the thing is, to use Panther in ESP, I need to create a kernel module and load it and use it. So I took my shiny panther source files and placed them in a directory alongside the other standard kernel ciphers blowfish aes...etc. I then modified some files in the netipsec/ directory like the xform_esp.c among others. Basically I looked in the kernel for all occurrences of blowfish, and then added a similar entry for panther. I finally compiled my kernel with no problems. I just don't know if my module is working or no. How do I check that? Is there any way I could use my custom cipher without strongswan or setkey (not that I haven't tried) but I'm just not sure whether the errors are from strongswan/setkey not recognizing panther or from the module itself. I tried kldstat but that's not it. In linux I could just lsmod and it would show whenever it's invoked.
Any help on how to customize a new cipher into FreeBSD is appreciated thanks.