Date: Thu, 8 Apr 2004 13:57:23 -0400 From: Charles Swiger <cswiger@mac.com> Cc: security@freebsd.org Subject: Re: recommended SSL-friendly crypto accelerator Message-ID: <3009DCC4-8986-11D8-88D0-003065ABFD92@mac.com> In-Reply-To: <6.0.3.0.0.20040408112048.07218a00@209.112.4.2> References: <26486.1081437513@critter.freebsd.dk> <6.0.3.0.0.20040408112048.07218a00@209.112.4.2>
next in thread | previous in thread | raw e-mail | index | archive | help
On Apr 8, 2004, at 11:26 AM, Mike Tancsa wrote: > The hifn driver registers itself to accelerate DES, Triple-DES, AES > (7955 > and 7956 only), ARC4, MD5, MD5-HMAC, SHA1, and SHA1-HMAC > operations for > > And even then, openssl is not necessarily tied to the card's > functions. For sure des and aes do work, but in my limited tests > against a server with apache-ssl installed, it doesnt seem to make use > of the card. I can second/confirm Mike's observations here. I've got a pair of HI/FN 7951 cards which gets used by SSH if I select 3DES, but there is no sign that Apache attempts to use it for either the public-key RSA/DSA crypto during HTTPS session startup, nor later for the symmetric crypto. -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3009DCC4-8986-11D8-88D0-003065ABFD92>