HIFN(4) AerieBSD 1.0 Refernce Manual HIFN(4)

NAME

hifn — Hifn 7751/7811/7951/7955/7956/9751 crypto accelerator

SYNOPSIS

.Cd "hifn* at pci?"

DESCRIPTION

The hifn driver supports various cards containing the Hifn 7751, Hifn 7811, Hifn 7951, Hifn 7955, Hifn 7956, or Hifn 9751 chipsets, such as
Invertex AEON
Comes as 128KB SRAM model, or 2MB DRAM model.
Hifn 7751
Reference board with 512KB SRAM.
PowerCrypt
Comes with 512KB SRAM.
PowerCrypt 5x
Contains a 7956 and supports symmetric encryption (including AES), random number, and modular exponentation operations.
XL-Crypt
Only board based on 7811 (which is faster than 7751 and has a random number generator).
NetSec 7751
7751 board with 1MB of SRAM.
Soekris Engineering vpn1201 and vpn1211
Contains a 7951 and supports symmetric encryption and random number operations.
Soekris Engineering vpn1401 and vpn1411
Contains a 7955 and supports symmetric encryption (including AES), random number, and modular exponentiation operations.
Hifn 9751
Reference board with 512KB SRAM. This is really a Hifn 7751 which only supports compression.

The Hifn 7751, Hifn 7811, Hifn 7951, Hifn 7955, and Hifn 7956 chips all support acceleration of DES, Triple-DES, ARC4, MD5, MD5-HMAC, SHA1, SHA1-HMAC, and LZS operations for ipsec(4) and crypto(4). The Hifn 7955 and Hifn 7956 chips additionally support AES-CBC. The Hifn 9751 only supports LZS.

The Hifn 7811, Hifn 7951, Hifn 7955, and Hifn 7956 will also supply data to the kernel random(4) subsystem.

SEE ALSO

crypt(3), crypto(4), intro(4), ipsec(4), pci(4), random(4), crypto(9)

HISTORY

The hifn device driver appeared in OpenBSD 2.7.

BUGS

The 7751 chip starts out at initialization by only supporting compression. A proprietary algorithm, which has been reverse engineered, is required to unlock the cryptographic functionality of the chip. It is possible for vendors to make boards which have a lock ID not known to the driver, but all vendors currently just use the obvious ID which is 13 bytes of 0.

The 7951, 7955 and 7956 have support for public key operations which are not yet supported.


AerieBSD 1.0 Reference Manual August 26 2008 HIFN(4)