Re: [Ipsec-tools-devel] AES hardware acceleration
Brought to you by:
mit_warlord,
netbsd
From: Roman H. A. <rh...@op...> - 2012-09-05 12:26:20
|
Hi Yvan No pressure, but could you please provide the patch? We desperately need it for gigabit speed operations. Cheers, Roman On 24.08.2012 13:49, VANHULLEBUS Yvan wrote: > Hi. > > On Tue, Jul 24, 2012 at 01:42:30PM +0200, Roman Hoog Antink wrote: >>>> I have an short Question about Raccon and Hardware Acceleration. >>>> >>>> Is it possible to use the AES Hardware Acceleration of an CPU with >>>> Racon? How can i enabled it / is it enabled by default? >>> >>> Racoon uses openssl to do encryption. If you have proper ENGINE module >>> for openssl installed and configured, encryption should be hardware >>> accelerated automatically. >>> >>> I use this constantly with Padlock. I also have openssl patches for >>> Padlock SHA acceleration. >>> >>> -Timo >> >> You are talking about IKE only. There is the GCM variant of AES for the >> Linux kernel, which is not yet supported by racoon. I am currently >> working on a patch for GCM, based on this mailing list post from 2009: >> http://marc.info/?l=ipsec-tools-devel&m=123606045019199 > > > I forgot to commit it, but we already have a patch to have racoon be > able to negociate AES-GCM phase2, which has already been tested with a > patched FreeBSD (FreeBSD patch should also be commited "soon"). > > > I'll try to commit that on HEAD next week. > > > Yvan. > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > Ipsec-tools-devel mailing list > Ips...@li... > https://lists.sourceforge.net/lists/listinfo/ipsec-tools-devel > -- Roman Hoog Antink Dipl. Ing. ETH Senior Security Engineer Open Systems AG Räffelstrasse 29 CH-8045 Zürich t: +41 44 455 74 00 f: +41 44 455 74 01 rh...@op... http://www.open.ch |