From owner-freebsd-hackers@FreeBSD.ORG Sat Jul 17 09:20:45 2004 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E9E7F16A4CE for ; Sat, 17 Jul 2004 09:20:45 +0000 (GMT) Received: from avscan2.sentex.ca (avscan2.sentex.ca [199.212.134.19]) by mx1.FreeBSD.org (Postfix) with ESMTP id A45F943D1D for ; Sat, 17 Jul 2004 09:20:45 +0000 (GMT) (envelope-from mike@sentex.net) Received: from localhost (localhost.sentex.ca [127.0.0.1]) by avscan2.sentex.ca (8.12.11/8.12.11) with ESMTP id i6H9KlOY015418; Sat, 17 Jul 2004 05:20:47 -0400 (EDT) (envelope-from mike@sentex.net) Received: from avscan2.sentex.ca ([127.0.0.1]) by localhost (avscan2.sentex.ca [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 14727-09; Sat, 17 Jul 2004 05:20:47 -0400 (EDT) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by avscan2.sentex.ca (8.12.11/8.12.11) with ESMTP id i6H9KkOw015412; Sat, 17 Jul 2004 05:20:46 -0400 (EDT) (envelope-from mike@sentex.net) Received: from simian.sentex.net (simeon.sentex.ca [192.168.43.27]) by lava.sentex.ca (8.12.11/8.12.11) with ESMTP id i6H9KYhB070480; Sat, 17 Jul 2004 05:20:35 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <6.1.2.0.0.20040717051945.06290030@64.7.153.2> X-Sender: mdtpop@64.7.153.2 (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 6.1.2.0 Date: Sat, 17 Jul 2004 05:24:50 -0400 To: Cor Bosman From: Mike Tancsa In-Reply-To: <20040717075944.GA67166@xs4all.nl> References: <200407162339.i6GNdvtS065629@xs1.xs4all.nl> <392hf09pbb6ca5val0aimm00sg0u8knv1d@4ax.com> <20040717075944.GA67166@xs4all.nl> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: by amavisd-new X-Virus-Scanned: by amavisd-new at avscan2b cc: freebsd-hackers@freebsd.org Subject: Re: HIFN/7955 Soekris 1401 openssl problem X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Jul 2004 09:20:46 -0000 At 03:59 AM 17/07/2004, Cor Bosman wrote: >I dont want to use it for IPSEC. One of my collegues is, and thats working >fine also. I want to use it for TLS/SSL acceleration in sendmail. > >I linked sendmail against the base openssl (libcrypto and libssl). > >When using mozilla to send a mail it negotiates the following encryption >scheme: DHE-RSA-AES256-SHA. Ive also used Kmail and outlook, which If you look at the man pages for the hifn card and for crypto, it will list what the card supports for encryption, and what crypto supports Depending on hardware being present, the following symmetric and asymmet- ric cryptographic features are potentially available from /dev/crypto: CRYPTO_DES_CBC CRYPTO_3DES_CBC CRYPTO_BLF_CBC CRYPTO_CAST_CBC CRYPTO_SKIPJACK_CBC CRYPTO_MD5_HMAC CRYPTO_SHA1_HMAC CRYPTO_RIPEMD160_HMAC CRYPTO_MD5_KPDK CRYPTO_SHA1_KPDK CRYPTO_AES_CBC CRYPTO_ARC4 CRYPTO_MD5 CRYPTO_SHA1 CRK_MOD_EXP CRK_MOD_EXP_CRT CRK_DSA_SIGN CRK_DSA_VERIFY CRK_DH_COMPUTE_KEY if its not listed there, it doesnt matter what card you have or what the card potentially can do. ---Mike