tail head cat sleep
QR code linking to this page

Manual Pages  — UBSEC


ubsec – Broadcom and BlueSteel uBsec 5x0x crypto accelerator



To compile this driver into the kernel, place the following lines in your kernel configuration file: device crypto device cryptodev device ubsec

Alternatively, to load the driver as a module at boot time, place the following line in loader.conf(5):



The ubsec driver is not present in FreeBSD 13.0 and later. The majority of crypto algorithms supported by this driver are no longer used by the kernel in FreeBSD 13.0 .


The ubsec driver supports cards containing Broadcom and BlueSteel uBsec 5x0x crypto accelerator chips.

The ubsec driver registers itself to accelerate DES, Triple-DES, MD5-HMAC, and SHA1-HMAC operations for ipsec(4) and crypto(4).

On those models which contain a public key engine (almost all of the more recent ones), this feature is registered with the crypto(4) subsystem.

On all models except the Bluesteel 5501 and Broadcom 5801, the driver registers itself to provide random data to the random(4) subsystem.


The ubsec driver supports cards containing any of the following chips:
Bluesteel 5501 The original chipset, no longer made. This extremely rare unit was not very fast, lacked an RNG, and had a number of other bugs.
Bluesteel 5601 A faster and fixed version of the original, with a random number unit and large number engine added.
Broadcom BCM5801
  A BCM5805 without public key engine or random number generator.
Broadcom BCM5802
  A slower version of the BCM5805.
Broadcom BCM5805
  Faster version of Bluesteel 5601.
Broadcom BCM5820
  64 bit version of the chip, and significantly more advanced.
Broadcom BCM5821
  Faster version of the BCM5820. This is the chip found on the Sun Crypto Accelerator 1000.
Broadcom BCM5822
  Faster version of the BCM5820.
Broadcom BCM5823
  A BCM5822 with AES capability.
Broadcom BCM5825
  Faster version of the BCM5823.


crypt(3), crypto(4), intro(4), ipsec(4), random(4), crypto(9)


The ubsec device driver appeared in OpenBSD 2.8 . The ubsec device driver was imported to FreeBSD 5.0 .


The BCM5801 and BCM5802 have not actually been tested. The AES capability of the BCM5823 is not yet supported; it is awaiting public disclosure of programming information from Broadcom.

UBSEC (4) May 14, 2020

tail head cat sleep
QR code linking to this page

Please direct any comments about this manual page service to Ben Bullock. Privacy policy.

Like a classics radio station whose play list spans decades, Unix simultaneously exhibits its mixed and dated heritage. There's Clash-era graphics interfaces; Beatles-era two-letter command names; and systems programs (for example, ps) whose terse and obscure output was designed for slow teletypes; Bing Crosby-era command editing (# and @ are still the default line editing commands), and Scott Joplin-era core dumps.
— The Unix Haters' handbook