15a36f3e9SSam Leffler.\\"- 25a36f3e9SSam Leffler.\\" Copyright (c) 2003 Sam Leffler, Errno Consulting 35a36f3e9SSam Leffler.\\" All rights reserved. 45a36f3e9SSam Leffler.\\" 55a36f3e9SSam Leffler.\\" Redistribution and use in source and binary forms, with or without 65a36f3e9SSam Leffler.\\" modification, are permitted provided that the following conditions 75a36f3e9SSam Leffler.\\" are met: 85a36f3e9SSam Leffler.\\" 1. Redistributions of source code must retain the above copyright 95a36f3e9SSam Leffler.\\" notice, this list of conditions and the following disclaimer. 105a36f3e9SSam Leffler.\\" 2. Redistributions in binary form must reproduce the above copyright 115a36f3e9SSam Leffler.\\" notice, this list of conditions and the following disclaimer in the 125a36f3e9SSam Leffler.\\" documentation and/or other materials provided with the distribution. 135a36f3e9SSam Leffler.\\" 145a36f3e9SSam Leffler.\\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 155a36f3e9SSam Leffler.\\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 165a36f3e9SSam Leffler.\\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 175a36f3e9SSam Leffler.\\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 185a36f3e9SSam Leffler.\\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 195a36f3e9SSam Leffler.\\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 205a36f3e9SSam Leffler.\\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 215a36f3e9SSam Leffler.\\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 225a36f3e9SSam Leffler.\\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 235a36f3e9SSam Leffler.\\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 245a36f3e9SSam Leffler.\\" SUCH DAMAGE. 255a36f3e9SSam Leffler.\\" 265a36f3e9SSam Leffler.\\" $FreeBSD$ 275a36f3e9SSam Leffler.\\"/ 285a36f3e9SSam Leffler.Dd May 30, 2002 295a36f3e9SSam Leffler.Dt SAFE 4 305a36f3e9SSam Leffler.Os 315a36f3e9SSam Leffler.Sh NAME 325a36f3e9SSam Leffler.Nm safe 335a36f3e9SSam Leffler.Nd SafeNet crypto accelerator 345a36f3e9SSam Leffler.Sh SYNOPSIS 355a36f3e9SSam Leffler.Nm device safe 365a36f3e9SSam Leffler.sp 375a36f3e9SSam Leffler.Cd sysctl hw.safe.debug 38c9420eccSChristian Brueffer.Cd sysctl hw.safe.dump 395a36f3e9SSam Leffler.Cd sysctl hw.safe.rnginterval 405a36f3e9SSam Leffler.Cd sysctl hw.safe.rngbufsize 415a36f3e9SSam Leffler.Cd sysctl hw.safe.rngmaxalarm 425a36f3e9SSam Leffler.Sh DESCRIPTION 435a36f3e9SSam LefflerThe 445a36f3e9SSam Leffler.Nm 455a36f3e9SSam Lefflerdriver supports cards containing any of the following chips: 465a36f3e9SSam Leffler.Bl -tag -width "SafeNet 1141" -offset indent 475a36f3e9SSam Leffler.It SafeNet 1141 485a36f3e9SSam LefflerThe original chipset. Supports DES, Triple-DES, AES, MD5, and SHA-1 495a36f3e9SSam Lefflersymmetric crypto operations, RNG, public key operations, and full IPsec 505a36f3e9SSam Lefflerpacket processing. 515a36f3e9SSam Leffler.It SafeNet 1741 525a36f3e9SSam LefflerA faster version of the 1141. 535a36f3e9SSam Leffler.El 545a36f3e9SSam Leffler.Pp 555a36f3e9SSam LefflerThe 565a36f3e9SSam Leffler.Nm 575a36f3e9SSam Lefflerdriver registers itself to accelerate DES, Triple-DES, AES, MD5-HMAC, 585a36f3e9SSam LefflerSHA1-HMAC, and NULL operations for 595a36f3e9SSam Leffler.Xr ipsec 4 605a36f3e9SSam Lefflerand 615a36f3e9SSam Leffler.Xr crypto 4 . 625a36f3e9SSam Leffler.Pp 635a36f3e9SSam LefflerOn all models, the driver registers itself to provide random data to the 645a36f3e9SSam Leffler.Xr random 4 655a36f3e9SSam Lefflersubsystem. 665a36f3e9SSam LefflerPeriodically the driver will poll the hardware RNG and retrieve 67c9420eccSChristian Bruefferdata for use by the system. 685a36f3e9SSam LefflerIf the driver detects that the hardware RNG is resonating with any local 69c9420eccSChristian Brueffersignal, it will reset the oscillators that generate random data. 705a36f3e9SSam LefflerThree sysctl settings control this procedure: 715a36f3e9SSam Leffler.Li hw.safe.rnginterval 725a36f3e9SSam Lefflerspecifies the time, in seconds, between polling operations, 735a36f3e9SSam Leffler.Li hw.safe.rngbufsize 745a36f3e9SSam Lefflerspecifies the number of 32-bit words to retrieve on each poll, 755a36f3e9SSam Lefflerand 765a36f3e9SSam Leffler.Li hw.safe.rngmaxalarm 77c9420eccSChristian Bruefferspecifies the threshold for resetting the oscillators. 785a36f3e9SSam Leffler.Pp 795a36f3e9SSam LefflerWhen the driver is compiled with 805a36f3e9SSam Leffler.Dv SAFE_DEBUG 815a36f3e9SSam Lefflerdefined, two sysctl variables are provided for debugging purposes: 825a36f3e9SSam Leffler.Li hw.safe.debug 835a36f3e9SSam Lefflercan be set to a non-zero value to enable debugging messages to be sent 845a36f3e9SSam Lefflerto the console for each cryptographic operation. 855a36f3e9SSam Leffler.Li hw.safe.dump 865a36f3e9SSam Leffleris a write-only variable that can be used to force driver state to be sent 875a36f3e9SSam Lefflerto the console. 885a36f3e9SSam LefflerSet this variable to 895a36f3e9SSam Leffler.Li ring 905a36f3e9SSam Lefflerto dump the current state of the descriptor ring, 915a36f3e9SSam Lefflerto 925a36f3e9SSam Leffler.Li dma 935a36f3e9SSam Lefflerto dump the hardware DMA registers, 945a36f3e9SSam Leffleror 955a36f3e9SSam Lefflerto 965a36f3e9SSam Leffler.Li int 975a36f3e9SSam Lefflerto dump the hardware interrupt registers. 985a36f3e9SSam Leffler.Sh SEE ALSO 995a36f3e9SSam Leffler.Xr crypt 3 , 1005a36f3e9SSam Leffler.Xr crypto 4 , 1015a36f3e9SSam Leffler.Xr intro 4 , 1025a36f3e9SSam Leffler.Xr ipsec 4 , 1035a36f3e9SSam Leffler.Xr random 4 , 1045a36f3e9SSam Leffler.Xr crypto 9 1055a36f3e9SSam Leffler.Sh BUGS 1065a36f3e9SSam LefflerPublic key support is not implemented. 107