recommended SSL-friendly crypto accelerator
Charles Swiger
cswiger at mac.com
Thu Apr 8 10:57:30 PDT 2004
On Apr 8, 2004, at 11:26 AM, Mike Tancsa wrote:
> The hifn driver registers itself to accelerate DES, Triple-DES, AES
> (7955
> and 7956 only), ARC4, MD5, MD5-HMAC, SHA1, and SHA1-HMAC
> operations for
>
> And even then, openssl is not necessarily tied to the card's
> functions. For sure des and aes do work, but in my limited tests
> against a server with apache-ssl installed, it doesnt seem to make use
> of the card.
I can second/confirm Mike's observations here.
I've got a pair of HI/FN 7951 cards which gets used by SSH if I select
3DES, but there is no sign that Apache attempts to use it for either
the public-key RSA/DSA crypto during HTTPS session startup, nor later
for the symmetric crypto.
--
-Chuck
More information about the freebsd-security
mailing list