Re: Hifn 7955: fatal: cipher_init: EVP_CipherInit: set key failed for aes256-cbc

2007-09-14 Thread Erick Turnquist 
A new kernel with those options disabled did not change anything.


On 9/14/07, Breen Ouellette [EMAIL PROTECTED] wrote:
 I do not have experience with the net5501, but as for the vpn1411, you
 may want to check out this thread:

 http://marc.info/?l=openbsd-miscm=117826557508813w=2

 It talks about recompiling the GENERIC kernel minus a few options, which
 has the side effect of fixing SSH connection problems with the vpn1411
 and the net4801. Why? I dunno. I'm not a developer, and my understanding
 of C is roughly equivalent to the average English writing skills of
 children in junior high.

 Give it a shot, and please report back to the list if it fixes things
 with the net5501 combined with the vpn1411.

 Breeno

Hifn 7955: fatal: cipher_init: EVP_CipherInit: set key failed for aes256-cbc

2007-09-13 Thread Erick Turnquist 
I'm just installed 4.1 on a Soekris net5501 board (i386) with one of
their vpn1411 cards installed. The chip on this card is a Hifn 7955.
dmesg shows the card:

hifn0 at pci0 dev 17 function 0 Hifn 7955/7954 rev 0x00: LZS 3DES
ARC4 MD5 SHA1 RNG AES PK, 32KB dram, irq 15

But SSH connection attempts die, with fatal: cipher_init:
EVP_CipherInit: set key failed for aes256-cbc in the authlog. If I
disable the card with `sysctl -w kern.usercrypto=0` these connections
work fine. I have also tested AES192-CBC, with the same result,
however 3DES-CBC and even AES128-CBC work fine...

dmesg follows:

OpenBSD 4.1 (GENERIC) #1435: Sat Mar 10 19:07:45 MST 2007
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Geode(TM) Integrated Processor by AMD PCS (AuthenticAMD
586-class) 500 MHz
cpu0: FPU,DE,PSE,TSC,MSR,CX8,SEP,PGE,CMOV,CFLUSH,MMX
real mem  = 536440832 (523868K)
avail mem = 481771520 (470480K)
using 4278 buffers containing 26947584 bytes (26316K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+ BIOS, date 20/70/06, BIOS32 rev. 0 @ 0xfac40
pcibios0 at bios0: rev 2.0 @ 0xf/0x1
pcibios0: pcibios_get_intr_routing - function not supported
pcibios0: PCI IRQ Routing information unavailable.
pcibios0: PCI bus #0 is the last bus
bios0: ROM list: 0xc8000/0xa800
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 1 function 0 AMD Geode LX rev 0x31
glxsb0 at pci0 dev 1 function 2 AMD Geode LX Crypto rev 0x00: RNG AES
vr0 at pci0 dev 6 function 0 VIA VT6105M RhineIII rev 0x96: irq 11,
address 00:00:24:c8:e2:e8
ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI
0x004063, model 0x0034
vr1 at pci0 dev 7 function 0 VIA VT6105M RhineIII rev 0x96: irq 5,
address 00:00:24:c8:e2:e9
ukphy1 at vr1 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI
0x004063, model 0x0034
vr2 at pci0 dev 8 function 0 VIA VT6105M RhineIII rev 0x96: irq 9,
address 00:00:24:c8:e2:ea
ukphy2 at vr2 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI
0x004063, model 0x0034
vr3 at pci0 dev 9 function 0 VIA VT6105M RhineIII rev 0x96: irq 12,
address 00:00:24:c8:e2:eb
ukphy3 at vr3 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI
0x004063, model 0x0034
hifn0 at pci0 dev 17 function 0 Hifn 7955/7954 rev 0x00: LZS 3DES
ARC4 MD5 SHA1 RNG AES PK, 32KB dram, irq 15
pcib0 at pci0 dev 20 function 0 AMD CS5536 ISA rev 0x03
pciide0 at pci0 dev 20 function 2 AMD CS5536 IDE rev 0x01: DMA,
channel 0 wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: HMS360606D5CF00
wd0: 32-sector PIO, LBA, 5859MB, 12000556 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 ignored (disabled)
ohci0 at pci0 dev 20 function 4 AMD CS5536 USB rev 0x02: irq 7,
version 1.0, legacy support
usb0 at ohci0: USB revision 1.0
uhub0 at usb0
uhub0: AMD OHCI root hub, rev 1.00/1.00, addr 1
uhub0: 4 ports with 4 removable, self powered
ehci0 at pci0 dev 20 function 5 AMD CS5536 USB rev 0x02: irq 7
ehci0: pre-2.0 USB rev
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker
spkr0 at pcppi0
nsclpcsio0 at isa0 port 0x2e/2: NSC PC87366 rev 9: GPIO VLM TMS
gpio0 at nsclpcsio0: 29 pins
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom0: console
pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
biomask 65c5 netmask ffe5 ttymask ffe7
pctr: user-level cycle counter enabled
mtrr: K6-family MTRR support (2 registers)
dkcsum: wd0 matches BIOS drive 0x80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302

Re: Hifn 7955: fatal: cipher_init: EVP_CipherInit: set key failed for aes256-cbc

2007-09-13 Thread Breen Ouellette 
I do not have experience with the net5501, but as for the vpn1411, you 
may want to check out this thread:


http://marc.info/?l=openbsd-miscm=117826557508813w=2

It talks about recompiling the GENERIC kernel minus a few options, which 
has the side effect of fixing SSH connection problems with the vpn1411 
and the net4801. Why? I dunno. I'm not a developer, and my understanding 
of C is roughly equivalent to the average English writing skills of 
children in junior high.


Give it a shot, and please report back to the list if it fixes things 
with the net5501 combined with the vpn1411.


Breeno