Sorry, I didn't follow this thread. But does this mean that OpenSSL 0.9.6g does not support the Sun card...eventhough it is really a CryptoSwift card?
Ed --- Richard Levitte - VMS Whacker <[EMAIL PROTECTED]> wrote: > In message > <[EMAIL PROTECTED]> on > Tue, 08 Oct 2002 10:45:49 +0200 (CEST), Richard > Levitte - VMS Whacker <[EMAIL PROTECTED]> said: > > levitte> In message > <[EMAIL PROTECTED]> on Mon, 07 Oct > 2002 18:13:22 +0200, Michael Voucko > <[EMAIL PROTECTED]> said: > levitte> > levitte> voucko> Without knowing which one is > supported by the engine, I'm > levitte> voucko> pretty sure that the Sun board is a > Rainbow CryptoSwift. > levitte> > levitte> It's possible that it's a revamped CSwift > card, I can't tell from the > levitte> manual I just acquired. However, it's very > much reengineered. > levitte> There's no libswift.so in sight, and the > calls to the libraries that > levitte> come with the card are very different. > levitte> > levitte> I'll see what I can scare up. > > Well, here's what I have so far: > > Looking at the libcrypto.a Sun delivers as part of > the package, I can > see that they did it very properly. Using nm, this > is what I found: > > > hw_kcl.o: > 0000000000000010 T ENGINE_kcl > 0000000000003a20 T hw_des_key_schedule > 0000000000003a9c T hw_des_ede3_cbc_encrypt > 0000000000003e24 T hw_des_ncbc_encrypt > U RSA_PKCS1_SSLeay > U DSA_OpenSSL > U DH_OpenSSL > U crypto_init > U crypto_fini > U ERR_put_error > U CRYPTO_lock > U crypto_key_fini > U nvlist_alloc > U nvlist_add_uint32 > U nvlist_add_byte_array > U crypto_key_init > U crypto_encrypt > U bn_expand2 > U BN_CTX_new > U BN_init > U BN_CTX_get > U BN_copy > U BN_mod > U BN_sub > U BN_add > U BN_mul > U BN_clear_free > U BN_CTX_free > U crypto_verify > U crypto_sign > U BN_new > U BN_num_bits > U BN_bin2bn > U DSA_SIG_new > U BN_free > U BN_ucmp > U BN_mod_mul > U perror > U nvlist_free > U strerror > U fprintf > U crypto_decrypt > U memcpy > U crypto_seed > U crypto_random > U _GLOBAL_OFFSET_TABLE_ > U __iob > > > All those symbols crypto_* and nvlist_* are defined > in libcryptography > (comes with the software for the card) and libnvpair > (standard Solaris > library, I believe, or at least available in > /usr/lib). > > The crypto_ symbols are nothing we know about. And > so far, I haven't > been able to get hold of a any information (no docs, > no header files) > on how to use them. It may be meant to be that way, > and we may be out > of luck. > > Now, this being their compile of OpenSSL 0.9.6e > [engine] (according to > the openssl binary that comes with the card), the > way they made it > makes perfect sense. I can't say there was any > other way to do it. > I'm a little amused by the way the snuck in DES > support, BTW :-). > > With OpenSSL 0.9.7, Sun will hopefully build a > dynamic engine and > simply deliver that, to be used with whatever > compilation of OpenSSL > there is. That would be the smart thing for them to > do, as it > enhances flexibility. With 0.9.8 (farther in the > future), the support > for dynamic engines will increase even more (there's > development going > on right now). > > -- > Richard Levitte \ Spannvägen 38, II \ > [EMAIL PROTECTED] > Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 > 52 47 > \ SWEDEN \ or > +46-708-26 53 44 > Procurator Odiosus Ex Infernis -- > [EMAIL PROTECTED] > Member of the OpenSSL development team: > http://www.openssl.org/ > > Unsolicited commercial email is subject to an > archival fee of $400. > See <http://www.stacken.kth.se/~levitte/mail/> for > more info. > ______________________________________________________________________ > OpenSSL Project > http://www.openssl.org > User Support Mailing List > [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] __________________________________________________ Do you Yahoo!? Y! Web Hosting - Let the expert host your web site http://webhosting.yahoo.com/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
