Open
Bug 479744
Opened 12 years ago
Updated 7 years ago
RFE : VIA Padlock ACE support (hardware RNG, AES, SHA1 and SHA256)
Categories
(NSS :: Libraries, enhancement)
Tracking
(Not tracked)
NEW
People
(Reporter: basic, Unassigned)
References
()
Details
VIA Padlock ACE support. VIA CPUs are found on many netbooks nowadays. This could give a boost to SSL/TLS on those platforms. note: openssl has support for padlock ACE. see: http://cvs.openssl.org/fileview?f=openssl/engines/e_padlock.c&v=1.6
Comment 1•12 years ago
|
||
The model used by NSS for over 10 years now is that ALL crypto hardware is supported through the industry-standard PKCS#11 API. It's up to each HW vendor to supply a PKCS#11 software module for their hardware. When they do that, their hardware will work with NSS without any change to NSS. The development of PKCS#11 modules for any specific vendor's hardware is outside of the scope of NSS. It is the hardware vendor's responsibility. Please check with the VIA people to see if they have a PKCS#11 software module, and if not, suggest to them that they develop one. NSS offers open source code for a PKCS#11 "framework", a bare bones PKCS#11 module, with which they could start, and add their own source code to directly support their own hardware.
Comment 2•12 years ago
|
||
This RFE could be asking for treatment similar to bug 459248, in which NSS supports Intel AES instructions directly in lib/freebl, bypassing the PKCS #11 API.
Status: UNCONFIRMED → NEW
Ever confirmed: true
hi,has someone already been fixed the bug? (In reply to Nelson Bolyard (seldom reads bugmail) from comment #1) > The model used by NSS for over 10 years now is that ALL crypto hardware is > supported through the industry-standard PKCS#11 API. It's up to each HW > vendor to supply a PKCS#11 software module for their hardware. When they > do that, their hardware will work with NSS without any change to NSS. > > The development of PKCS#11 modules for any specific vendor's hardware is > outside of the scope of NSS. It is the hardware vendor's responsibility. > > Please check with the VIA people to see if they have a PKCS#11 software > module, and if not, suggest to them that they develop one. NSS offers > open source code for a PKCS#11 "framework", a bare bones PKCS#11 module, > with which they could start, and add their own source code to directly > support their own hardware.
hi,has someone already been fixed the bug? recently, i want add Hardware AES cipher to NSS module,But, always make some mistakes!I am a green hand, Could you give me some suggestion。 (In reply to basic from comment #0) > VIA Padlock ACE support. VIA CPUs are found on many netbooks nowadays. This > could give a boost to SSL/TLS on those platforms. > > note: openssl has support for padlock ACE. see: > http://cvs.openssl.org/fileview?f=openssl/engines/e_padlock.c&v=1.6
hi,has someone already been fixed the bug? recently, i want add Hardware AES cipher to NSS module,But, always make some mistakes
(In reply to 404103360 from comment #5) > hi,has someone already been fixed the bug? > recently, i want add Via Padlock Hardware AES cipher to NSS module,But, always make some > mistakes
在 2014年1月10日星期五UTC+8上午11时04分21秒,njut...@gmail.com写道: > hi,has someone already been fixed the bug? > > recently, I want add Via Padlock Hardware AES cipher to NSS module,But, always make some mistakes In Nss project, I use clipher to test aes_cbc -E aes_cbc -D the following is the print log Software AES clipher log: input is : 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, output is : 0xa0, 0x92, 0xe0, 0x3b, 0x36, 0x75, 0x1a, 0x25, 0xad, 0xdc, 0x31, 0xa8, 0xda, 0xc3, 0xca, 0x68, input is : 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, output is : 0xe9, 0xf2, 0x1a, 0xe4, 0x73, 0xe6, 0xc6, 0x70, 0x98, 0x3c, 0xa7, 0xe1, 0xdb, 0xc0, 0xa9, 0xdf, Encryption self-test for aes_cbc passed. cipher.sh: #1: AES CBC Encrypt - PASSED input is : 0xa0, 0x92, 0xe0, 0x3b, 0x36, 0x75, 0x1a, 0x25, 0xad, 0xdc, 0x31, 0xa8, 0xda, 0xc3, 0xca, 0x68, output is : 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, $$$$$$$$$$$$$AES_Decrypt$$$$$$$$$$$$$$$$ input is : 0xe9, 0xf2, 0x1a, 0xe4, 0x73, 0xe6, 0xc6, 0x70, 0x98, 0x3c, 0xa7, 0xe1, 0xdb, 0xc0, 0xa9, 0xdf, output is : 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, Decryption self-test for aes_cbc passed. cipher.sh: #1: AES CBC Decrypt - PASSED VIA Hardware Aes clipher log: #########encrypt is : 1########## #####via padlock ace is available liuwei##### mode is :1 key is :0x66, 0x65, 0x64, 0x63, 0x62, 0x61, 0x39, 0x38, 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x30, iv is : 0x71, 0x77, 0x65, 0x72, 0x74, 0x79, 0x75, 0x69, 0x6f, 0x70, 0x61, 0x73, 0x64, 0x66, 0x67, 0x68, 0x66, 0x65, 0x64, 0x63, 0x62, 0x61, 0x39, 0x38, 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x30, #######aes_via_InitContext() Success##### Via Encrypt in the via_aes_encrypt inlen: 16 blocksize : 16 input is : 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, output is : 0xa0, 0x92, 0xe0, 0x3b, 0x36, 0x75, 0x1a, 0x25, 0xad, 0xdc, 0x31, 0xa8, 0xda, 0xc3, 0xca, 0x68, Via Encrypt in the via_aes_encrypt inlen: 16 blocksize : 16 input is : 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, output is : 0xe9, 0xf2, 0x1a, 0xe4, 0x73, 0xe6, 0xc6, 0x70, 0x98, 0x3c, 0xa7, 0xe1, 0xdb, 0xc0, 0xa9, 0xdf, via_AES_DestroyContext liuwei Encryption self-test for aes_cbc passed. cipher.sh: #1: AES CBC Encrypt - PASSED #########encrypt is : 0########## #####via padlock ace is available liuwei##### mode is :1 key is :0x66, 0x65, 0x64, 0x63, 0x62, 0x61, 0x39, 0x38, 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x30, iv is : 0x71, 0x77, 0x65, 0x72, 0x74, 0x79, 0x75, 0x69, 0x6f, 0x70, 0x61, 0x73, 0x64, 0x66, 0x67, 0x68, 0x66, 0x65, 0x64, 0x63, 0x62, 0x61, 0x39, 0x38, 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x30, #######aes_via_InitContext() Success##### $$$$$$$$$$$$$AES_Decrypt$$$$$$$$$$$$$$$$ Via Decrypt in the via_aes_decrypt inlen: 16 blocksize : 16 input is : 0xa0, 0x92, 0xe0, 0x3b, 0x36, 0x75, 0x1a, 0x25, 0xad, 0xdc, 0x31, 0xa8, 0xda, 0xc3, 0xca, 0x68, output is : 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, $$$$$$$$$$$$$AES_Decrypt$$$$$$$$$$$$$$$$ Via Decrypt in the via_aes_decrypt inlen: 16 blocksize : 16 input is : 0xe9, 0xf2, 0x1a, 0xe4, 0x73, 0xe6, 0xc6, 0x70, 0x98, 0x3c, 0xa7, 0xe1, 0xdb, 0xc0, 0xa9, 0xdf, output is : 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, via_AES_DestroyContext liuwei Decryption self-test for aes_cbc passed. cipher.sh: #1: AES CBC Decrypt - PASSED the software crypt data and VIA Hardware crypt data are the same But when i excute the NSS module in Firefox , The always make a mistake the Brower is broken.
You need to log in
before you can comment on or make changes to this bug.
Description
•