Bug ID: 6578997 KSSL should use hardware acceleration for ssl3 macs when available

Bug ID	6578997
Synopsis	KSSL should use hardware acceleration for ssl3 macs when available
State	10-Fix Delivered (Fix available in build)
Category:Subcategory	kernel_ssl:other
Keywords
Responsible Engineer	Bhargava Yenduri
Reported Against
Duplicate Of
Introduced In	solaris_nevada
Commit to Fix	snv_72
Fixed In	snv_72
Release Fixed	solaris_nevada(snv_72) , solaris_10u5(s10u5_01) (Bug ID:2151710)
Related Bugs	6275859 , 4873559
Submit Date	10-July-2007
Last Update Date	31-August-2007
Description	KSSL makes use of crypto_mac* kernel API only for TLS ciphers. It uses digest interfaces to compose a SSL3 MAC operation for SSL3 ciphers. This means KSSL can not benefit from hardware acceleration from providers that implement the SSL3 MAC mechanisms. We should fix KSSL to use CKM_SSL3_SHA1_MAC and CKM_SSL3_MD5_MAC if available. Note that we can do this even if there is no software provider that offers the mechanism.
Work Around	N/A
Comments	N/A

OpenSolaris