OCF implemented in 6Wind's Embedded Crypto System

Contributed by sean on 2006-08-10 from the OMG-OCF dept.

This article has been filtered through a few fine folks (mbalmer, Deanna Phillips, and sean):

The OpenBSD Cryptographic Framework (OCF), presented at USENIX 2003 by Angelos Keromytis, Jason Wright and Theo de Raadt, is a key feature in the latest release of 6Wind's embedded Linux network stack.

OCF is a service virtualization layer implemented inside the kernel that provides uniform access to accelerator functionality by hiding card-specific details behind a carefully-designed API. Specifically /dev/crypto which abstracts various crypto functions and offloads them to the various supported devices (should they exist) such as the hifn.

According to 6Wind, their 6WINDGate^TM 2.8 release "features a unique `fast-path-ready' software architecture supporting the OCF standard, which has been adopted by leading processor vendors for IPsec hardware crypto-accelerator."

Read more from the original paper:
http://www.thought.net/jason/ocfpaper/index.html

Edit: A representative of 6Wind requested I update the name Wingate to 6WINDGate^TM.

(Comments are closed)

Comments

By Anonymous Coward (81.57.42.108) on 2006-08-11 15:07

Does this means that the OpenBSD's hifn(4) driver crazy bugs are actually fixed or worked on ? Wow, cool !!
Comments
1. By Anonymous Coward (151.136.100.2) on 2006-08-11 16:33
  
  these are not the bugs your are looking for.
  go about your business.
2. By Jason Wright (65.202.219.66) jason@openbsd.org on 2006-08-11 17:57 http://www.thought.net/jason
  
  > Does this means that the OpenBSD's hifn(4) driver crazy bugs are actually fixed or worked on ? Wow, cool !!
  >
  
  What are you talking about?
3. By Farlies (69.180.143.157) farlies@gmail.com on 2006-08-11 18:42
  
  > Does this means that the OpenBSD's hifn(4) driver crazy bugs are actually fixed or worked on ? Wow, cool !!
  >
  
  Poster possibly referred to this issue:
  http://www.nabble.com/'Corrupted-MAC-on-input'-points-to-vpn1411-problem-t1694703.html
  http://archive.openbsd.nu/?ml=openbsd-misc&a=2006-05&t=2063486
  or something similar. Basically, userland use of hifn crypto hurls
  in fairly short order. I doubt the announcement actually supplies
  anything like a fix. It would be nice if somebody was working on this though. If nobody else has a handle on it, I might have to volunteer.
By Anonymous Coward (150.101.19.41) on 2006-08-13 16:40

What is the "OMG-OCF dept"?

Latest Articles

Thu, Apr 18
- 05:05 Coming soon to a -current system near you: parallel raw IP input (0)
Wed, Apr 17
- 05:33 In -current, default write format for tar(1) changed to "pax" (10)
Wed, Apr 10
- 18:50 OpenSMTPD 7.5.0p0 Released (2)
Tue, Apr 09
- 04:49 20 years since "and we're just starting": undeadly.org turns 20 (2024-04-09) (13)
Fri, Apr 05
- 06:16 OpenBSD 7.5 released (3)
Thu, Mar 28
- 18:18 LibreSSL 3.8.4 and 3.9.1 released (0)
Tue, Mar 12
- 06:53 OpenSSH 9.7/9.7p1 released! (0)
Mon, Mar 11
- 11:28 Game of Trees 0.97 released (0)
Sun, Mar 10
- 09:06 LibreSSL versions 3.8.3 and 3.9.0 released (0)

Credits

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]