Dag-Erling Smorgrav([EMAIL PROTECTED])@2001.06.24 18:20:53 +0000:
> "Karsten W. Rohrbach" <[EMAIL PROTECTED]> writes:
> > i think ipsec crypto abstraction into hardware is one side of the medal,
> > but the other side -- to be polished first -- ist getting openssl onto
> > the iron.
>
> What you're basically trying to say is that you want a userland
> interface to the crypto hardware, so that OpenSSL can take advatange
> of it if it's present?
yup, exactly. to me it seems to be a major problem to get some unified
api out of openssl adressing fucnctions on the hardware -- i simply do
not know how other crypto chipsets do it, i just investigated the
rainbow board. they got a patch against openssl 0.9.5 i think, that
glues in the driver calls instead of standard lib functions.
>
> > as i said, there is a 3.x freebsd driver, would this help?
> > i am not into writing drivers ;-)
>
> Allow me to repeat myself: "driver source does not constitute adequate
> documentation. It helps, but it's neither sufficient nor necessary."
yes yes yes ;-) you are perfectly right here. i just wanrted to mention
that there is an _existant_ driver and patch against the openssl lib,
also some test programs to look if the driver works, for freebsd 3.x.
> A 3.x driver *could* be ported forward to 4.x and 5.x, but the
> required changes are not trivial (newbus, SMPng...) and you'd still
> need sample boards for testing and debugging, and docs for reference
> when you don't understand what the existing driver is trying to do.
sure. my impression with the rainbow guys was, that they are very open
to the opensource community. they supplied a board, (user) docs and the
unreleased driver/openssl code to us and i was very impressed about
their attitude towards people hacking up their stuff *grin*.
alas, i quit the company and i did not even start really hacking on the
code to take it to a place even near to production. i see from their web
page, that they now support freebsd 4.1-release, so it sounds rather
appealing to me...
/k
--
> Captain Hook died of jock itch.
KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie
http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.net/
karsten&rohrbach.de -- alpha&ngenn.net -- alpha&scene.org -- [EMAIL PROTECTED]
GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 BF46
Please do not remove my address from To: and Cc: fields in mailing lists. 10x
PGP signature
