summaryrefslogtreecommitdiff
path: root/sys/crypto
AgeCommit message (Collapse)Author
2007-05-27make the #defines in rijndael.h a bit more meaningfulTed Unangst
ok djm and with a hint from henning
2007-05-27make crp_buf a void *. caddr_t implies bufferness, it's not.Ted Unangst
ok deraadt jason
2007-04-10``it's'' -> ``its'' when the grammar gods require this change.Miod Vallat
2007-02-21Don't use arbitrary 128 bytes as size of the blf key array if we know exactlyAlexander von Gernler
how much blowfish takes at max, which is 72 bytes. Also define a constant for this in the include file, suggested by ray@. ok pedro@ thib@ tedu@
2007-02-19minimum blocksize for ESP is 32 bit, so adjust blocksize of NULLHans-Joerg Hoexer
encryption accordingly. Makes NULL encryption useable with ESP. Noticed by Martin Hedenfalk <martin.hedenfalk at gmail.com>. ok markus@
2006-12-29Avoid void * arithmetic, okay deraadt@, suggestions from millert@Pedro Martelletto
2006-11-19typo; from bret lambertJason McIntyre
ok pedro
2006-10-25pr5274 fix localhost dos with oversized valuesTed Unangst
ok deraadt
2006-05-31remove some silly casts. put spl calls after all declarations.Ted Unangst
put one splx in a better spot. make a variable size MALLOC use malloc. remove null test after malloc(M_WAITOK). add PR_NOWAIT flag to pool_get instead of 0. change callbacks to correct type. ok brad deraadt markus mickey
2006-03-23kill evil \r; from cedricMichael Shalayeff
2006-03-21Implementation of the Michael MIC as defined in IEEE 802.11i for TKIP.Reyk Floeter
The MIC generates a weak 64bit digest protected by an additional key. Obviously, this digest alg is required for future IEEE 802.11i/WPA support. test vectors passed on alpha amd64 mvme68k mvme88k sgi sparc sparc64 vax i386 ok djm@
2006-03-04splimp -> splvmBrad Smith
ok miod@
2005-08-18do not allow 0-length transforms; from freebsdTheo de Raadt
2005-06-13get rid of ifdef MSDOS, no binary changeHans-Joerg Hoexer
ok markus@
2005-05-25AESCTR support for ESP (RFC 3686); ok hshoexerMarkus Friedl
2005-05-10support NULL encryption for ESP; ok hshoexer, hoMarkus Friedl
2005-05-02simplify by using arc4random_bytes(), ok djm, hshoexerMarkus Friedl
2005-03-24major knfHans-Joerg Hoexer
fix spelling in comment, by rohee@ no binary change ok deraadt@
2005-03-24ansi and tiny knfHans-Joerg Hoexer
ok deraadt@
2004-12-21Don't use crypto thread for callbacks.Marco Pfatschbacher
This primarily improves IPsec performance when using crypto accelerators. With help from markus@, tested by wvdputte@. ok deraadt@, markus@
2004-12-20Allow the setkey function of a transform to fail, eg. when an insufficientHans-Joerg Hoexer
number of key bits is supplied. Only AES and DES/3DES might fail. ok and help markus@
2004-12-15minimum key length of aes is 128 bit, not 64.Hans-Joerg Hoexer
ok markus
2004-12-14indentation and some knf, no binary changeHans-Joerg Hoexer
ok + help markus
2004-06-26Ansification of defalte-/lsz-stubs.Hans-Joerg Hoexer
ok jfb@
2004-06-20In crypto_thread(), always save return value from splimp(). We were onlyAaron Campbell
storing it once on kernel startup. Scary. "holy crap" --deraadt. art@ ok Unclear if this was actually a problem in practice, but this doesn't hurt.
2004-05-07Replace RSA-derived md5 code with code derived from Colin Plumb's PD version.Todd C. Miller
This moves md5.c out of libkern and into sys/crypto where it belongs (as requested by markus@). Note that md5.c is still mandatory (dev/rnd.c uses it). Verified with IPsec + hmac-md5 and tcp md5sig. OK henning@ and hshoexer@
2004-05-03Rev 1.4 was bogus (committed from the wrong tree), this repairs it.Todd C. Miller
2004-05-03some minor KNFTodd C. Miller
2004-04-29The data pointer passed to the transform function may not be properlyTodd C. Miller
aligned so copy it in a way that a) is endian indepenent and b) does not rely on alignment. Problem found and solution tested by hshoexer@
2004-04-28Sync userland sha2.c with kernel. The SHAXXX_End and SHAXXX_Data functionsTodd C. Miller
have been removed; we provide these in userland but not in the kernel.
2004-04-28Some KNF, made bit count u_int64_t instead of u_int32_t (similar to libc).Hans-Joerg Hoexer
Added constants for buffer lengths. ok millert@
2004-04-14leak; vgirish at tenet.res.in; via angelos; ok hshoexer, henning, deraadtMarkus Friedl
2004-03-31remove sparc64/gcc2 workaround.Brad Smith
ok millert@ deraadt@ jason@
2004-03-14disable mac for now, they are not usable with current hardware; ok deraadt@Markus Friedl
2004-02-08save kernel space; full unroll is not needed; from freebsdTheo de Raadt
2004-02-05expose two more functionsTheo de Raadt
2003-12-26- use 1/2 space for rijndael context in ipsecMarkus Friedl
- rijndael_set_key_enc_only() sets up context for encryption only - rijndael_set_key() always sets up full context - rijndaelKeySetupDec() gets back original protoype - uvm: use _enc_only() interface with hshoexer@, ok deraadt@
2003-12-14alignment fixes (e.g sparc 64); from Daniel Lucq; ok millert, henningMarkus Friedl
2003-10-07arc4 support; ok millert@, fgsch@Markus Friedl
2003-09-23Replace select backends with poll backends. selscan() and pollscan()Todd C. Miller
now call the poll backend. With this change we implement greater poll(2) functionality instead of emulating it via the select backend. Adapted from NetBSD and including some changes from FreeBSD. Tested by many, deraadt@ OK
2003-09-03zap context correctly, from Juergen Buchmueller <pullmoll at stop1984 dot com>Federico G. Schwindt
deraadt@ ok.
2003-08-14mirror change in mbufs: cuio_copyback's 4th arg is now const void *Jason Wright
2003-07-31pasto; lha@stacken.kth.seMarkus Friedl
2003-07-24increase ALG_MAX_RESULT_LEN to 64 bytes for sha2-512Markus Friedl
2003-07-24hmac-sha2-{256,384,512} support in AH/ESP auth. markus okJun-ichiro itojun Hagino
2003-06-10don't allow /dev/crypto to be opened ifndef CRYPTO (the thread hasn't beenJason Wright
started, so all operations will hang later on anyway).
2003-06-03license cleanup regarding term 4Theo de Raadt
2003-06-03Fastpath for userland crypto requests. This change makes userlandBob Beck
crypto requests attempt to call the crypto driver directly to process crypto layer requests, as opposed to queueing them in the kernel crypto thread. If we can't use the crypto devices (i.e. they're busy) we fall back to queueing the request up in the crypto thread as before. This does allow for faster performance in some cases (smaller requests, how small seems to be dependent on the card/cpu combination) where context switching is a major issue in performance. ok deraadt@ jason@
2003-05-30move max limit back down to 65536-4Jason Wright
2003-04-09makeing a local array static saves some bytes; idea from mickey@Markus Friedl