From owner-freebsd-hackers@FreeBSD.ORG Sat Jul 17 09:48:37 2004 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C8EB016A4CE for ; Sat, 17 Jul 2004 09:48:37 +0000 (GMT) Received: from smtp-vbr10.xs4all.nl (smtp-vbr10.xs4all.nl [194.109.24.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4BEE843D3F for ; Sat, 17 Jul 2004 09:48:37 +0000 (GMT) (envelope-from cor@xs4all.nl) Received: from xs1.xs4all.nl (xs1.xs4all.nl [194.109.21.2]) i6H9mar4084446; Sat, 17 Jul 2004 11:48:36 +0200 (CEST) (envelope-from cor@xs4all.nl) Received: from xs1.xs4all.nl (cor@localhost.xs4all.nl [127.0.0.1]) by xs1.xs4all.nl (8.12.10/8.12.10) with ESMTP id i6H9mZfr090397; Sat, 17 Jul 2004 11:48:35 +0200 (CEST) (envelope-from cor@xs4all.nl) Received: (from cor@localhost) by xs1.xs4all.nl (8.12.10/8.12.9/Submit) id i6H9mZ1U090396; Sat, 17 Jul 2004 11:48:35 +0200 (CEST) (envelope-from cor) Date: Sat, 17 Jul 2004 11:48:35 +0200 From: Cor Bosman To: Mike Tancsa Message-ID: <20040717094835.GB87292@xs4all.nl> References: <200407162339.i6GNdvtS065629@xs1.xs4all.nl> <392hf09pbb6ca5val0aimm00sg0u8knv1d@4ax.com> <20040717075944.GA67166@xs4all.nl> <6.1.2.0.0.20040717051945.06290030@64.7.153.2> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <6.1.2.0.0.20040717051945.06290030@64.7.153.2> User-Agent: Mutt/1.4.1i X-NCC-Regid: nl.xs4all X-Virus-Scanned: by XS4ALL Virus Scanner cc: freebsd-hackers@freebsd.org cc: Cor Bosman Subject: Re: HIFN/7955 Soekris 1401 openssl problem X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Jul 2004 09:48:37 -0000 > >When using mozilla to send a mail it negotiates the following encryption > >scheme: DHE-RSA-AES256-SHA. Ive also used Kmail and outlook, which > > > If you look at the man pages for the hifn card and for crypto, it will list > what the card supports for encryption, and what crypto supports > > Depending on hardware being present, the following symmetric and asymmet- > ric cryptographic features are potentially available from /dev/crypto: > > CRYPTO_DES_CBC > CRYPTO_3DES_CBC > CRYPTO_BLF_CBC > CRYPTO_CAST_CBC > CRYPTO_SKIPJACK_CBC > CRYPTO_MD5_HMAC > CRYPTO_SHA1_HMAC > CRYPTO_RIPEMD160_HMAC > CRYPTO_MD5_KPDK > CRYPTO_SHA1_KPDK > CRYPTO_AES_CBC > CRYPTO_ARC4 > CRYPTO_MD5 > CRYPTO_SHA1 > CRK_MOD_EXP > CRK_MOD_EXP_CRT > CRK_DSA_SIGN > CRK_DSA_VERIFY > CRK_DH_COMPUTE_KEY > > if its not listed there, it doesnt matter what card you have or what the > card potentially can do. Yeah, i figured this was the problem. The driver/card only registered the following schemes: RSA, DSA, DH, DES-CBC, DES-EDE3-CBC, AES-128-CBC If i understand you and the manual correctly, no matter what the card supports, crytodev only supports the list you mentioned above? How do you read such a list. Does that mean a scheme like DES-CBC-SHA could possibly be supported? Or can only the 2 seperate schemes of DES_CBC and SHA1 be accelerated? If the latter, is there a way to find out what schemes different cards will register before buying them? :) Some cards have their own engine, so are seperate from cryptodev.. right? Cor