Re: Modifying Cryptography code

[Kyle Moffett]

On Sep 6, 2005, at 08:38:48, Alaa Dalghan wrote:
> What I am looking for is the portion of the C code in the kernel where
> the Decryption function is called to decrypt a received packet. When I
> find this statement, maybe i can make it conditionnal such as:  If the
> destination is me then Decrypt  else DO NOT!

You can't make this work.  First of all, the other WinXP clients would
be completely unable to decrypt your packets, because they don't have
the right key.  Secondly, the kernel cannot know what the destination
is until *after* it has decrypted the packet, because the real target
address is encrypted along with the rest of the data for security.  If
your OpenSwan box is too slow, get a faster OpenSwan box, don't try to
break the encryption to make it faster.  You cannot remove enough
encryption features to get the required extra speed without disabling
the encryption entirely.

Cheers,
Kyle Moffett

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCM/CS/IT/U d- s++: a18 C++++>$ UB/L/X/*++++(+)>$ P+++(++++)>$ L++++(+ 
++) E
W++(+) N+++(++) o? K? w--- O? M++ V? PS+() PE+(-) Y+ PGP+++ t+(+++) 5  
X R?
tv-(--) b++++(++) DI+ D+ G e->++++$ h!*()>++$ r  !y?(-)
------END GEEK CODE BLOCK------


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/