#7 Cannot use RC4 encryption

racoon
closed
nobody
5
2004-10-28
2004-10-28
Anonymous
No

Hello,

I'm using ipsec-tools 0.4rc1 on Debian Linux Kernel 2.6.8,
on PowerPC (MPC7457) and I want to use RC4
encryption in IPSec. I see that racoon allows this type
of cryptography, but when requesting this in
racoon.conf, I get the following message:

ERROR: Not supported transform: 10
ERROR: /etc/racoon.conf:18: ";" algorithm RC4 not
supported by the kernel (missing module?)
ERROR: fatal parse failure (1 errors)

It seems this kernel has only the ARC4 module in the
Crypto API.
Where can I find a kernel module to support RC4 for
ipsec_tools?

Thanx,
Adrian Raileanu

adrianr@softhome.net

Discussion

  • Michal Ludvig

    Michal Ludvig - 2004-10-28

    Logged In: YES
    user_id=344740

    Unverified, but isn't ARC4 supposed to be compatible with
    RC4 but patent free? Have you got arc4 module loaded in?

    BTW Just curious - why do you want to use RC4 and not e.g. AES?

     
  • Nobody/Anonymous

    Logged In: NO

    I've tried running racoon whith arc4 module loaded, but I still
    got the same message (..not supported..).

    ARC4 is enabled in kernel:

    CONFIG_CRYPTO=y
    ...
    CONFIG_CRYPTO_ARC4=m

    In racoon.conf, I used the following line:

    encryption_algorithm rc4;

    (arc4 is not supported).

    I'm running some benchmarks on VPN with different crypto
    algs, and I really need to do this on RC4, too. I cannot
    change this...

    Thanx 4 support,
    adrianr@softhome.net

     
  • Michal Ludvig

    Michal Ludvig - 2004-10-28
    • status: open --> closed
     
  • Michal Ludvig

    Michal Ludvig - 2004-10-28

    Logged In: YES
    user_id=344740

    Quick checking reveals that the kernel XFRM interface
    doesn't have (A)RC4 support at all.

    However you could hack it in quite easily - create
    SADB_X_EALG_ARC4 macro in linux/include/linux/pfkeyv2.h, add
    appropriate entries into linux/net/xfrm/xfrm_algo.c and
    similar to racoon. Grep both racoon and kernel sources for
    e.g. SADB_X_EALG_BLOWFISHCBC to see where to make the changes.

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks