The
nsp driver supports cards using the NSP2000 cryptographic processor, originally manufactured and sold by NetOctave, then CyberGuard, and presently (late 2008) by NBMK Encryption Technologies.
The NSP2000 is a cryptographic “packet processor” or “macro processor” featuring extensive support for protocol handshake acceleration and protocol record operations (e.g. single-pass pad-encrypt-and-hash for SSL or ESP messages). It also provides various cryptographic and mathematical primitives such as random number generation, encryption/decryption (DES, 3DES, and RC4), hash computation (MD5, SHA1, and HMAC), and an extensive set of operations for arbitrary precision arithmetic. It contains a tamper-resistant write-only memory region for storage of cryptographic keys.
The
nsp driver registers support for the following operations with
opencrypto(9):
CRYPTO_DES_CBC
DES in CBC mode.
CRYPTO_3DES_CBC
Triple-DES in CBC mode.
CRYPTO_MD5
The MD5 hash algorithm.
CRYPTO_SHA1
The SHA-1 hash algorithm.
CRYPTO_SHA1_HMAC
The HMAC message authentication code using SHA-1 as the hash function.
CRYPTO_MD5_HMAC
The HMAC message authentication code using MD5 as the hash function.
CRK_MOD
Compute x modulo y.
CRK_MOD_ADD
Modular addition.
CRK_MOD_ADDINV
Modular additive inversion.
CRK_MOD_SUB
Modular subtraction.
CRK_MOD_MULT
Modular multiplication.
CRK_MOD_MULTINV
Modular multiplicative inversion.
CRK_MOD_EXP
Modular exponentiation.
CRK_DSA_SIGN
DSA signature creation.
CRK_DSA_VERIFY
DSA signature verification.
CRK_DH_COMPUTE_KEY
Diffie-Hellman key computation.