On Thu, 25 Nov 2010 07:13:32 +0000 "John T. Bittner" <j...@xaccel.net> wrote:
> Hi Guys, > > I am looking to find out if opencryptoki can support offloading Secure RTP > and TLS for a voip project I am working on. > I was looking to use a Sun Crypto Accelerator 6000 Board in an AMD Server > running Linux. > If it is supported, is the offloading transparent to the application or does > the application need to be linked to opencryptoki. > > Any help on this is much appreciated. John, Currently opencryptoki supports 3 hardware token types, in addition to it's software (OpenSSL based) token: * The ICA token, supporting Clear-Key operations for CEX2A and CEX3A cards (System z) * The CCA token, supporting Secure-Key operations for CEX2C and CEX3C cards (also System z) * The TPM token, where the key hierarchy and some operations can be done via a Trusted Platform Module (multiple architectures). There are other "legacy" token types in the tree (bcom, aep, etc) but it's been a long time since they are un-maintained. I don't believe that the Sun Crypto Accelerator maps to any of those, but patches are (very) welcome. As to being "transparent" to the application, the application just needs to support exploiting PKCS#11 tokens. How this is done and what can be off-loaded is very application-specific. For more info about the PKCS#11 standard: http://www.rsa.com/rsalabs/node.asp?id=2133 -Klaus -- Klaus Heinrich Kiwi | kla...@br.ibm.com | http://blog.klauskiwi.com Open Source Security blog : http://www.ratliff.net/blog IBM Linux Technology Center : http://www.ibm.com/linux/ltc ------------------------------------------------------------------------------ Increase Visibility of Your 3D Game App & Earn a Chance To Win $500! Tap into the largest installed PC base & get more eyes on your game by optimizing for Intel(R) Graphics Technology. Get started today with the Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs. http://p.sf.net/sfu/intelisp-dev2dev _______________________________________________ opencryptoki-users mailing list opencryptoki-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/opencryptoki-users
