freebsd-nq/share/man/man4/safe.4

.\"-
.\" Copyright (c) 2003	Sam Leffler, Errno Consulting
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $FreeBSD$
.\"/
.Dd September 12, 2004
.Dt SAFE 4
.Os
.Sh NAME
.Nm safe
.Nd SafeNet crypto accelerator
.Sh SYNOPSIS
.Cd "device safe"
.Pp
.Nm sysctl Va hw.safe.debug
.Nm sysctl Va hw.safe.dump
.Nm sysctl Va hw.safe.rnginterval
.Nm sysctl Va hw.safe.rngbufsize
.Nm sysctl Va hw.safe.rngmaxalarm
.Sh DESCRIPTION
The
.Nm
driver supports cards containing SafeNet crypto accelerator chips.
.Pp
The
.Nm
driver registers itself to accelerate DES, Triple-DES, AES, MD5-HMAC,
SHA1-HMAC, and NULL operations for
.Xr ipsec 4
and
.Xr crypto 4 .
.Pp
On all models, the driver registers itself to provide random data to the
.Xr random 4
subsystem.
Periodically the driver will poll the hardware RNG and retrieve
data for use by the system.
If the driver detects that the hardware RNG is resonating with any local
signal, it will reset the oscillators that generate random data.
Three
.Xr sysctl 8
settings control this procedure:
.Va hw.safe.rnginterval
specifies the time, in seconds, between polling operations,
.Va hw.safe.rngbufsize
specifies the number of 32-bit words to retrieve on each poll,
and
.Va hw.safe.rngmaxalarm
specifies the threshold for resetting the oscillators.
.Pp
When the driver is compiled with
.Dv SAFE_DEBUG
defined, two
.Xr sysctl 8
variables are provided for debugging purposes:
.Va hw.safe.debug
can be set to a non-zero value to enable debugging messages to be sent
to the console for each cryptographic operation,
.Va hw.safe.dump
is a write-only variable that can be used to force driver state to be sent
to the console.
Set this variable to
.Dq Li ring
to dump the current state of the descriptor ring,
to
.Dq Li dma
to dump the hardware DMA registers,
or
to
.Dq Li int
to dump the hardware interrupt registers.
.Sh HARDWARE
The
.Nm
driver supports cards containing any of the following chips:
.Bl -tag -width "SafeNet 1141" -offset indent
.It SafeNet 1141
The original chipset.
Supports DES, Triple-DES, AES, MD5, and SHA-1
symmetric crypto operations, RNG, public key operations, and full IPsec
packet processing.
.It SafeNet 1741
A faster version of the 1141.
.El
.Sh SEE ALSO
.Xr crypt 3 ,
.Xr crypto 4 ,
.Xr intro 4 ,
.Xr ipsec 4 ,
.Xr random 4 ,
.Xr crypto 9
.Sh BUGS
Public key support is not implemented.
Fixed comments. 2004-07-02 19:54:39 +00:00			`.\"-`
			`.\" Copyright (c) 2003 Sam Leffler, Errno Consulting`
			`.\" All rights reserved.`
			`.\"`
			`.\" Redistribution and use in source and binary forms, with or without`
			`.\" modification, are permitted provided that the following conditions`
			`.\" are met:`
			`.\" 1. Redistributions of source code must retain the above copyright`
			`.\" notice, this list of conditions and the following disclaimer.`
			`.\" 2. Redistributions in binary form must reproduce the above copyright`
			`.\" notice, this list of conditions and the following disclaimer in the`
			`.\" documentation and/or other materials provided with the distribution.`
			`.\"`
			.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
			`.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE`
			`.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE`
			`.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE`
			`.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL`
			`.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS`
			`.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)`
			`.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT`
			`.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY`
			`.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF`
			`.\" SUCH DAMAGE.`
			`.\"`
			`.\" $FreeBSD$`
			`.\"/`
- Add a HARDWARE section which lists supported devices. MFC after: 3 days 2004-09-12 19:39:09 +00:00			`.Dd September 12, 2004`
safenet driver Sponsored by: Global Technology Associates, Inc. 2003-07-21 21:52:14 +00:00			`.Dt SAFE 4`
			`.Os`
			`.Sh NAME`
			`.Nm safe`
			`.Nd SafeNet crypto accelerator`
			`.Sh SYNOPSIS`
Fixed markup. 2004-07-08 07:19:46 +00:00			`.Cd "device safe"`
			`.Pp`
			`.Nm sysctl Va hw.safe.debug`
			`.Nm sysctl Va hw.safe.dump`
			`.Nm sysctl Va hw.safe.rnginterval`
			`.Nm sysctl Va hw.safe.rngbufsize`
			`.Nm sysctl Va hw.safe.rngmaxalarm`
safenet driver Sponsored by: Global Technology Associates, Inc. 2003-07-21 21:52:14 +00:00			`.Sh DESCRIPTION`
			`The`
			`.Nm`
- Add a HARDWARE section which lists supported devices. MFC after: 3 days 2004-09-12 19:39:09 +00:00			`driver supports cards containing SafeNet crypto accelerator chips.`
safenet driver Sponsored by: Global Technology Associates, Inc. 2003-07-21 21:52:14 +00:00			`.Pp`
			`The`
			`.Nm`
			`driver registers itself to accelerate DES, Triple-DES, AES, MD5-HMAC,`
			`SHA1-HMAC, and NULL operations for`
			`.Xr ipsec 4`
			`and`
			`.Xr crypto 4 .`
			`.Pp`
			`On all models, the driver registers itself to provide random data to the`
			`.Xr random 4`
			`subsystem.`
			`Periodically the driver will poll the hardware RNG and retrieve`
o add missing sysctl to synopsis o remove some useless words o fix spelling MFC after: 5 days 2003-12-27 15:45:08 +00:00			`data for use by the system.`
safenet driver Sponsored by: Global Technology Associates, Inc. 2003-07-21 21:52:14 +00:00			`If the driver detects that the hardware RNG is resonating with any local`
o add missing sysctl to synopsis o remove some useless words o fix spelling MFC after: 5 days 2003-12-27 15:45:08 +00:00			`signal, it will reset the oscillators that generate random data.`
Fixed markup. 2004-07-08 07:19:46 +00:00			`Three`
			`.Xr sysctl 8`
			`settings control this procedure:`
			`.Va hw.safe.rnginterval`
safenet driver Sponsored by: Global Technology Associates, Inc. 2003-07-21 21:52:14 +00:00			`specifies the time, in seconds, between polling operations,`
Fixed markup. 2004-07-08 07:19:46 +00:00			`.Va hw.safe.rngbufsize`
safenet driver Sponsored by: Global Technology Associates, Inc. 2003-07-21 21:52:14 +00:00			`specifies the number of 32-bit words to retrieve on each poll,`
			`and`
Fixed markup. 2004-07-08 07:19:46 +00:00			`.Va hw.safe.rngmaxalarm`
o add missing sysctl to synopsis o remove some useless words o fix spelling MFC after: 5 days 2003-12-27 15:45:08 +00:00			`specifies the threshold for resetting the oscillators.`
safenet driver Sponsored by: Global Technology Associates, Inc. 2003-07-21 21:52:14 +00:00			`.Pp`
			`When the driver is compiled with`
			`.Dv SAFE_DEBUG`
Fixed markup. 2004-07-08 07:19:46 +00:00			`defined, two`
			`.Xr sysctl 8`
			`variables are provided for debugging purposes:`
			`.Va hw.safe.debug`
safenet driver Sponsored by: Global Technology Associates, Inc. 2003-07-21 21:52:14 +00:00			`can be set to a non-zero value to enable debugging messages to be sent`
Fixed markup. 2004-07-08 07:19:46 +00:00			`to the console for each cryptographic operation,`
			`.Va hw.safe.dump`
safenet driver Sponsored by: Global Technology Associates, Inc. 2003-07-21 21:52:14 +00:00			`is a write-only variable that can be used to force driver state to be sent`
			`to the console.`
			`Set this variable to`
Fixed markup. 2004-07-08 07:19:46 +00:00			`.Dq Li ring`
safenet driver Sponsored by: Global Technology Associates, Inc. 2003-07-21 21:52:14 +00:00			`to dump the current state of the descriptor ring,`
			`to`
Fixed markup. 2004-07-08 07:19:46 +00:00			`.Dq Li dma`
safenet driver Sponsored by: Global Technology Associates, Inc. 2003-07-21 21:52:14 +00:00			`to dump the hardware DMA registers,`
			`or`
			`to`
Fixed markup. 2004-07-08 07:19:46 +00:00			`.Dq Li int`
safenet driver Sponsored by: Global Technology Associates, Inc. 2003-07-21 21:52:14 +00:00			`to dump the hardware interrupt registers.`
- Add a HARDWARE section which lists supported devices. MFC after: 3 days 2004-09-12 19:39:09 +00:00			`.Sh HARDWARE`
			`The`
			`.Nm`
			`driver supports cards containing any of the following chips:`
			`.Bl -tag -width "SafeNet 1141" -offset indent`
			`.It SafeNet 1141`
			`The original chipset.`
			`Supports DES, Triple-DES, AES, MD5, and SHA-1`
			`symmetric crypto operations, RNG, public key operations, and full IPsec`
			`packet processing.`
			`.It SafeNet 1741`
			`A faster version of the 1141.`
			`.El`
safenet driver Sponsored by: Global Technology Associates, Inc. 2003-07-21 21:52:14 +00:00			`.Sh SEE ALSO`
			`.Xr crypt 3 ,`
			`.Xr crypto 4 ,`
			`.Xr intro 4 ,`
			`.Xr ipsec 4 ,`
			`.Xr random 4 ,`
			`.Xr crypto 9`
			`.Sh BUGS`
			`Public key support is not implemented.`