|

»

freebsd-security

FreeBSD equivalent to Sun crypto framework APIs (PKCS#11) (for hardware AES-CTR)

View: New views

3 Messages — Rating Filter: Alert me

	FreeBSD equivalent to Sun crypto framework APIs (PKCS#11) (for hardware AES-CTR) by John Case :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message There are a number of hardware solutions for performing AES-CTR in hardware - for example the broadcom BCM5825, which is supported by the ubsec driver. The problem is that OpenSSL does not currently support hardware acceleration of AES-CTR. The solution on a Sun system is to use the Sun crypto framework APIs (PKCS#11) which does support AES-CTR in hardware. Is there an analagous API in FreeBSD that I could implement in my code so as to use the hardware AES-CTR of devices supported by ubsec ? Or do I need to directly manipulate ubsec with my actual application in order to do this ? _______________________________________________ freebsd-security@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@..."
	Re: FreeBSD equivalent to Sun crypto framework APIs (PKCS#11) (for hardware AES-CTR) by RW-15 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Wed, 14 Oct 2009 18:02:36 +0000 (UTC) John Case <case@...> wrote: > > There are a number of hardware solutions for performing AES-CTR in > hardware - for example the broadcom BCM5825, which is supported by > the ubsec driver. > > The problem is that OpenSSL does not currently support hardware > acceleration of AES-CTR. The solution on a Sun system is to use the > Sun crypto framework APIs (PKCS#11) which does support AES-CTR in > hardware. > > Is there an analagous API in FreeBSD that I could implement in my > code so as to use the hardware AES-CTR of devices supported by ubsec ? Aside from crypto(3) (OpenSSL), there's also crypto(9) (kernel) and crypto(4) (userland), but they don't appear to support CTR - just CBC. _______________________________________________ freebsd-security@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@..."
	RE: FreeBSD equivalent to Sun crypto framework APIs (PKCS#11) (for hardware AES-CTR) by John Case :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message > There are a number of hardware solutions for performing AES-CTR in > hardware - for example the broadcom BCM5825, which is supported by > the ubsec driver. > > The problem is that OpenSSL does not currently support hardware > acceleration of AES-CTR. The solution on a Sun system is to use the > Sun crypto framework APIs (PKCS#11) which does support AES-CTR in > hardware. > > Is there an analagous API in FreeBSD that I could implement in my > code so as to use the hardware AES-CTR of devices supported by ubsec ? > Aside from crypto(3) (OpenSSL), there's also crypto(9) (kernel) and > crypto(4) (userland), but they don't appear to support CTR - just CBC. Understood. How difficult or trivial would it be to add AES-CTR to either crypto(9) or crypto(4) ? Are those just derived from OpenSSL in some way anyway ? If not, who is responsible for this kind of work ? _______________________________________________ freebsd-security@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@..."