Menu
▾
▴
[Devil-Linux-discuss] AMD Geode LX and HW crypto
|
From: Marcello D. <m.d...@st...> - 2008-07-11 10:12:21
|
I'm experimenting (see previous message) with an ALIX 2C3 board. The board is based on an AMD Geode LX 800 CPU which features both hw chipher (128 bit AES CBC/ECB) and Random Number Generator. After installing devil-linux on it, I'm wondering how to take advantage of this hardware features. I'm mainly interested in ssl-based applications (ssh and openvpn), so if I could get openssl to load the required libraries (?) on startup it would be enough. Reading around I understand that to achieve this I need: 1) a kernel driver for the hardware 2) an openssl engine which uses the driver 3) a patch to openssl which loads the engine at lib startup Now, point 1 is solved by geode_aes module, point 3 doesn't seem to be hard to solve (I guess it shouldn't be much different from the "padlock" engine patch), while point 2 seems critical (or it looks critical to me, at least). I've not been able to find any reference to a specific "geode" engine (like the padlock one). The only solution I've found seems to be going through the ocf-linux framework. I don't like this solution very much: 1) I don't like patching the kernel 2) I don't like adding a whole (and second) cryptographic framework just to get an openssl engine 3) latest ocf-linux patches are targeted to 2.6.23 kernel Is this the only available solution to have openssl support the geode crypto subsystem? Any comment would be welcomed. Ciao Marcello Desantis Storming Sas |
