[Swan] NetKey vs KLIPS
Paul Wouters
paul at nohats.ca
Thu Sep 11 19:28:59 EEST 2014
On Thu, 11 Sep 2014, Nick Howitt wrote:
>>> KLIPS is able to use the kernel crypto drivers and other crypto hardware
>>> modules via OCF (see Paul's mail).
>>
>> There are some "native" crypto hardware drivers in the kernel, but I
>> believe it is missing the cards deployed by many vendors (HiFn, safenet,
>> intel). But I have not looked at the current state for netkey and those
>> drivers in a while.
>
> A bit o/t, but are the processor AES-NI instructions used, if available and
> assuming the kernel was compiled with them?
Yes, use the cryptosoft OCF driver. So it does require you compile the
OCF kernel module and KLIPS with OCF support. You do not need the part
of the OCF patch that requires a kernel recompile - just building the
module is good enough.
Paul
More information about the Swan
mailing list