tech-crypto archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: VIA ACE patch
On Fri, Jan 12, 2007 at 08:42:12PM +0100, Daniel de Kok wrote:
> On Fri, 12 Jan 2007, Daniel de Kok wrote:
> >in the netbsd-3 branch. So, for applications that rely on OpenSSL, you may
> >want to use that, rather than cryptodev[1].
>
> Just for clarity: these VIA CPUs just have additional instructions, so
> the kernel opencrypto "driver" and the OpenSSL padlock engine are not
> mutually exclusive.
And that is why, as I noted yesterday, a separate opencrypto "driver"
for this functionality really doesn't seem right. I would urge you,
again, to simply add support for these instructions to the code in
/sys/crypto and merge it with the code in /sys/opencrypto that is the
algorithm implementations used by the existing opencrypto software
backend.
If you do that, _everything_ in the kernel that uses crypto wins.
If you do what you did, only things that already know how to use
opencrypto (basically nothing but fast_ipsec, since there is already
a better openssl engine for these cards than cryptodev) win...
--
Thor Lancelot Simon
tls%rek.tjls.com@localhost
"All of my opinions are consistent, but I cannot present them all
at once." -Jean-Jacques Rousseau, On The Social Contract
Home |
Main Index |
Thread Index |
Old Index