Using OpenBSD Problem-Solving Resources


Let's pick a common question and use the OpenBSD resources to solve it. We'll use several different methods to find an answer. One topic that comes up frequently is that of hardware-accelerated cryptography: how does it work, and what does OpenBSD do to support it? Here's how you find information on this topic from each of the information sources the OpenBSD Project provides.

www.OpenBSD.org

If you look at the main page of the OpenBSD website, you'll find a link pointing to "Integrated Crypto." That leads you in turn to "Cryptographic Hardware Support." Read, learn, and enjoy.

Man Pages

If you just type "man cryptography" you won't get any matches; there is no "cryptography" man page. It's frequently called "crypto," however, and if you try "man crypto" you'll get something.

 crypto(3)          OpenSSL          crypto(3) NAME     crypto - OpenSSL cryptographic library SYNOPSIS DESCRIPTION     The OpenSSL crypto library implements a wide range of     cryptographic algorithms used in various Internet stan-     dards. The services provided by this library are used by     the OpenSSL implementations of SSL, TLS and S/MIME, and     they have also been used to implement SSH, OpenPGP, and     other cryptographic standards. OVERVIEW     libcrypto consists of a number of sub-libraries that ... 

Well, that's not what we want. It's nice to have OpenSSL documentation on a system that includes OpenSSL, but it doesn't answer our question. You might give up here, but that's not what you want to do either. Notice that this manual this page falls in Section 3. Information on hardware belongs in Section 4 of the manual. When multiple man pages share a name, and you don't give man(1) a section number, the page in the lowest section number is displayed. Try "apropos crypto" to look for all the man pages that include the word "crypto." You'll notice the following.

 ... crypto (3) - OpenSSL cryptographic library crypto (4) - hardware crypto access driver crypto (9) - API for cryptographic services in the kernel ... 

There are three different crypto man pages, each in a different section. Crypto(3) is for programmers who want to use the OpenSSL cryptographic interface; crypto(9) is for programmers who want to access crypto routines within the kernel; and crypto(4) is for cryptographic accelerator hardware. Type "man 4 crypto" and you'll see what you want.

 CRYPTO(4)        OpenBSD Programmer's Manual        CRYPTO(4) NAME    crypto - hardware crypto access driver SYNOPSIS    pseudo-device crypto [count] DESCRIPTION   The crypto driver provides userland applications access to hardware cryp-   to support via the kernel. The /dev/crypto device node primarily oper-   ates in an ioctl(2) based model, permitting a variety of applications to   query device capabilities, submit transactions, and get results.   If count given in the specification, and is greater than 0, a maximum of ... 

You may have to wade through some dense technical information, but everything you need to know is right here.

Checking the Internet

Go to Google and enter "OpenBSD crypto hardware support." On the day I wrote this, the first page of results gave me a direct link to the relevant OpenBSD web page, a link to a mailing list archive result, and a couple of third-party web pages discussing OpenBSD's hardware crypto support.




Absolute Openbsd(c) Unix for the Practical Paranoid
Absolute OpenBSD: Unix for the Practical Paranoid
ISBN: 1886411999
EAN: 2147483647
Year: 2005
Pages: 298

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net