HIFN/7955 Soekris 1401 openssl problem
Cor Bosman
cor at xs4all.nl
Sat Jul 17 02:48:37 PDT 2004
> >When using mozilla to send a mail it negotiates the following encryption
> >scheme: DHE-RSA-AES256-SHA. Ive also used Kmail and outlook, which
>
>
> If you look at the man pages for the hifn card and for crypto, it will list
> what the card supports for encryption, and what crypto supports
>
> Depending on hardware being present, the following symmetric and asymmet-
> ric cryptographic features are potentially available from /dev/crypto:
>
> CRYPTO_DES_CBC
> CRYPTO_3DES_CBC
> CRYPTO_BLF_CBC
> CRYPTO_CAST_CBC
> CRYPTO_SKIPJACK_CBC
> CRYPTO_MD5_HMAC
> CRYPTO_SHA1_HMAC
> CRYPTO_RIPEMD160_HMAC
> CRYPTO_MD5_KPDK
> CRYPTO_SHA1_KPDK
> CRYPTO_AES_CBC
> CRYPTO_ARC4
> CRYPTO_MD5
> CRYPTO_SHA1
> CRK_MOD_EXP
> CRK_MOD_EXP_CRT
> CRK_DSA_SIGN
> CRK_DSA_VERIFY
> CRK_DH_COMPUTE_KEY
>
> if its not listed there, it doesnt matter what card you have or what the
> card potentially can do.
Yeah, i figured this was the problem. The driver/card only registered the
following schemes: RSA, DSA, DH, DES-CBC, DES-EDE3-CBC, AES-128-CBC
If i understand you and the manual correctly, no matter what the card
supports, crytodev only supports the list you mentioned above?
How do you read such a list. Does that mean a scheme like DES-CBC-SHA
could possibly be supported? Or can only the 2 seperate schemes
of DES_CBC and SHA1 be accelerated?
If the latter, is there a way to find out what schemes different cards will
register before buying them? :) Some cards have their own engine, so are
seperate from cryptodev.. right?
Cor
More information about the freebsd-hackers
mailing list