summaryrefslogtreecommitdiff
path: root/sys/crypto/cryptodev.c
AgeCommit message (Collapse)Author
2005-08-18do not allow 0-length transforms; from freebsdTheo de Raadt
2005-05-25AESCTR support for ESP (RFC 3686); ok hshoexerMarkus Friedl
2004-05-07Replace RSA-derived md5 code with code derived from Colin Plumb's PD version.Todd C. Miller
This moves md5.c out of libkern and into sys/crypto where it belongs (as requested by markus@). Note that md5.c is still mandatory (dev/rnd.c uses it). Verified with IPsec + hmac-md5 and tcp md5sig. OK henning@ and hshoexer@
2004-03-14disable mac for now, they are not usable with current hardware; ok deraadt@Markus Friedl
2003-09-23Replace select backends with poll backends. selscan() and pollscan()Todd C. Miller
now call the poll backend. With this change we implement greater poll(2) functionality instead of emulating it via the select backend. Adapted from NetBSD and including some changes from FreeBSD. Tested by many, deraadt@ OK
2003-06-10don't allow /dev/crypto to be opened ifndef CRYPTO (the thread hasn't beenJason Wright
started, so all operations will hang later on anyway).
2003-06-03license cleanup regarding term 4Theo de Raadt
2003-06-03Fastpath for userland crypto requests. This change makes userlandBob Beck
crypto requests attempt to call the crypto driver directly to process crypto layer requests, as opposed to queueing them in the kernel crypto thread. If we can't use the crypto devices (i.e. they're busy) we fall back to queueing the request up in the crypto thread as before. This does allow for faster performance in some cases (smaller requests, how small seems to be dependent on the card/cpu combination) where context switching is a major issue in performance. ok deraadt@ jason@
2003-05-30move max limit back down to 65536-4Jason Wright
2002-11-21From Angelos:Jason Wright
- simplistic load balancing across multiple cards - simplified registration process - a few style nits.
2002-11-12Add a CRYPTO_NULL xform (it's a do nothing, but nice for measuring theJason Wright
bandwidth of the kernel API). It's only available from userland and then only if kern.cryptodevallowsoft=1.
2002-07-10proper cdev_decl(crypto) and no private protosMichael Shalayeff
2002-06-19ansiTheo de Raadt
2002-06-19re-enable both crypto operationsTheo de Raadt
2002-06-12looks slightly betterTheo de Raadt
2002-06-12undo 1.46; fixes double free (the keys are freed on session close).Markus Friedl
passes regress/sys/crypto
2002-06-12so let us analyse the development process here:Theo de Raadt
- complete breakage of symmetric userland crypto - fast commit without review by other developers - no regression test run (markus points out regression crash kernel) Hence, we must disable userland crypto for now, until it gets repaired by these people who don't follow process....
2002-06-11kernel changes to make asymmetric crypto work in userlandBob Beck
- modify getfeat to return something more useful to us on devices (like lofn and everything else until jason fixes it) that can't do rsa stuff, etc and can only do mod_exp.. - error handling fixes so we correctly fail to software when we can't deal with a particular key size - add sysctl kern.userasymcrypto to turn on/off userland asymmetric crypto via /dev/crypto - 1 == on, 0 == off, default is off
2002-06-10You should always free the keys, not just on error --- the cryptoAngelos D. Keromytis
framework doesn't hold on to these.
2002-06-07Handle csecreate errors. deraadt@ and beck@Thomas Nordin
2002-05-18not ready to export fcrypt to userland yet; spotted by lebelTheo de Raadt
2002-05-18export struct fcrypt to userlandTheo de Raadt
2002-05-08Don't deref null pointer in failure case.Jason Wright
2002-04-2732 bit constraint is wrong, we thinkTheo de Raadt
2002-04-26disable cryptodevallowsoft again; constrain key bit sizes to % 32cryptodev.cTheo de Raadt
2002-04-24kernel API does not need the userland addresses, make them go awayTheo de Raadt
2002-04-23initial hack at a CIOCSYMFEAT ioctlTheo de Raadt
2002-04-23driver queueing & callback code for keying operationsTheo de Raadt
2002-04-08Credit DARPA/USAF appropriately.Jason Wright
2002-04-03disable userland crypto for 3.1Theo de Raadt
2002-03-14First round of __P removal in sysTodd C. Miller
2002-03-05export MD5/SHA1 via /dev/crypto; ok provos@, beck@Markus Friedl
tested with cryptosoft and kern.cryptodevallowsoft=1
2002-03-04parts that copy in PK parametersTheo de Raadt
2002-03-01sysctl for cryptodevallowsoft - /dev/crypto will allow the software engineNiels Provos
to be used if there are no hardware cards. mostly for debugging and regression.
2002-02-23sysctl kern.usercryptoTheo de Raadt
2002-02-08- Rename FILE_{,UN}USE to FREF and FRELE. USE is a bad verb and we don't haveArtur Grabowski
the same semantics as NetBSD anyway, so it's good to avoid name collissions. - Always fdremove before freeing the file, not the other way around. - falloc FREFs the file. - have FILE_SET_MATURE FRELE the file (It feels like a good ortogonality to falloc FREFing the file). - Use closef as much as possible instead of ffree in error paths of falloc:ing functions. closef is much more careful with the fd and can deal with the fd being forcibly closed by dup2. Also try to avoid manually calling *fo_close when closef can do that for us (this makes some error paths mroe complicated (sys_socketpair and sys_pipe), but others become simpler (sys_open)).
2001-11-13garbage in my last commitTheo de Raadt
2001-11-09be way more sure that software cannot be usedTheo de Raadt
2001-11-08indentTheo de Raadt
2001-10-26 - every new fd created by falloc() is marked as larval and should not be usedArtur Grabowski
any anyone. Every caller of falloc matures the fd when it's usable. - Since every lookup in the fd table must now check this flag and all of them do the same thing, move all the necessary checks into a function - fd_getfile.
2001-09-03do not screw up the reference countsTheo de Raadt
2001-08-28Getting closer to working userland MAC.ben
2001-08-24KNFTheo de Raadt
2001-08-17Add RC4 support.ben
2001-06-24Remove whitespace.Angelos D. Keromytis
2001-06-23Adjust length.Angelos D. Keromytis
2001-06-23Use C-style comments...Angelos D. Keromytis
2001-06-23Initialize crd_skipAngelos D. Keromytis
2001-06-23Remove unneeded crp_iv field, set the right flags for IV handling inAngelos D. Keromytis
the crypto device.
2001-06-23merge crypto/crypto{dev,}.h to crypto/cryptodev.h, to avoid name conflicts ↵Theo de Raadt
inside OpenSSL codebase