summaryrefslogtreecommitdiff
path: root/sys/crypto
AgeCommit message (Collapse)Author
2004-06-26Ansification of defalte-/lsz-stubs.Hans-Joerg Hoexer
ok jfb@
2004-06-20In crypto_thread(), always save return value from splimp(). We were onlyAaron Campbell
storing it once on kernel startup. Scary. "holy crap" --deraadt. art@ ok Unclear if this was actually a problem in practice, but this doesn't hurt.
2004-05-07Replace RSA-derived md5 code with code derived from Colin Plumb's PD version.Todd C. Miller
This moves md5.c out of libkern and into sys/crypto where it belongs (as requested by markus@). Note that md5.c is still mandatory (dev/rnd.c uses it). Verified with IPsec + hmac-md5 and tcp md5sig. OK henning@ and hshoexer@
2004-05-03Rev 1.4 was bogus (committed from the wrong tree), this repairs it.Todd C. Miller
2004-05-03some minor KNFTodd C. Miller
2004-04-29The data pointer passed to the transform function may not be properlyTodd C. Miller
aligned so copy it in a way that a) is endian indepenent and b) does not rely on alignment. Problem found and solution tested by hshoexer@
2004-04-28Sync userland sha2.c with kernel. The SHAXXX_End and SHAXXX_Data functionsTodd C. Miller
have been removed; we provide these in userland but not in the kernel.
2004-04-28Some KNF, made bit count u_int64_t instead of u_int32_t (similar to libc).Hans-Joerg Hoexer
Added constants for buffer lengths. ok millert@
2004-04-14leak; vgirish at tenet.res.in; via angelos; ok hshoexer, henning, deraadtMarkus Friedl
2004-03-31remove sparc64/gcc2 workaround.Brad Smith
ok millert@ deraadt@ jason@
2004-03-14disable mac for now, they are not usable with current hardware; ok deraadt@Markus Friedl
2004-02-08save kernel space; full unroll is not needed; from freebsdTheo de Raadt
2004-02-05expose two more functionsTheo de Raadt
2003-12-26- use 1/2 space for rijndael context in ipsecMarkus Friedl
- rijndael_set_key_enc_only() sets up context for encryption only - rijndael_set_key() always sets up full context - rijndaelKeySetupDec() gets back original protoype - uvm: use _enc_only() interface with hshoexer@, ok deraadt@
2003-12-14alignment fixes (e.g sparc 64); from Daniel Lucq; ok millert, henningMarkus Friedl
2003-10-07arc4 support; ok millert@, fgsch@Markus Friedl
2003-09-23Replace select backends with poll backends. selscan() and pollscan()Todd C. Miller
now call the poll backend. With this change we implement greater poll(2) functionality instead of emulating it via the select backend. Adapted from NetBSD and including some changes from FreeBSD. Tested by many, deraadt@ OK
2003-09-03zap context correctly, from Juergen Buchmueller <pullmoll at stop1984 dot com>Federico G. Schwindt
deraadt@ ok.
2003-08-14mirror change in mbufs: cuio_copyback's 4th arg is now const void *Jason Wright
2003-07-31pasto; lha@stacken.kth.seMarkus Friedl
2003-07-24increase ALG_MAX_RESULT_LEN to 64 bytes for sha2-512Markus Friedl
2003-07-24hmac-sha2-{256,384,512} support in AH/ESP auth. markus okJun-ichiro itojun Hagino
2003-06-10don't allow /dev/crypto to be opened ifndef CRYPTO (the thread hasn't beenJason Wright
started, so all operations will hang later on anyway).
2003-06-03license cleanup regarding term 4Theo de Raadt
2003-06-03Fastpath for userland crypto requests. This change makes userlandBob Beck
crypto requests attempt to call the crypto driver directly to process crypto layer requests, as opposed to queueing them in the kernel crypto thread. If we can't use the crypto devices (i.e. they're busy) we fall back to queueing the request up in the crypto thread as before. This does allow for faster performance in some cases (smaller requests, how small seems to be dependent on the card/cpu combination) where context switching is a major issue in performance. ok deraadt@ jason@
2003-05-30move max limit back down to 65536-4Jason Wright
2003-04-09makeing a local array static saves some bytes; idea from mickey@Markus Friedl
2003-02-21There's no cleaning necessary for deflate compression, so remove it fromJason Wright
the switch.
2003-02-19Copy the ENTIRE table into the supported algorithms (how the hell did thisJason Wright
work before?!)
2003-02-19lzs is lzs, lzs is not deflateJason Wright
2003-02-15skeleton support for LZS compressionJason Wright
2003-02-15CRD_F_COMP isn't so special that it needs 4 bits for a binary flagJason Wright
2003-01-08Move the rounds into separate functions on sparc64 so gcc's optimizerTodd C. Miller
doesn't blow up. This is a hack but is better than compiling sha1.c with -O0 on sparc64. From NetBSD (mrg). deraadt@ OK
2002-11-21From Angelos:Jason Wright
- simplistic load balancing across multiple cards - simplified registration process - a few style nits.
2002-11-12Add a CRYPTO_NULL xform (it's a do nothing, but nice for measuring theJason Wright
bandwidth of the kernel API). It's only available from userland and then only if kern.cryptodevallowsoft=1.
2002-10-27Use int32_t rather long on strategic places, to be more sparc64-friendly;Miod Vallat
ok jason@ a long time ago
2002-08-16fix size in MALLOC/bzero call, from sam@errno.com, ok deraadt@Daniel Hartmeier
2002-07-17I don't know why this breaks things for me when sshd starts on sparc64.Artur Grabowski
But after wasting the whole day trying to just locate the problem I don't care. Back out since this wasn't tested and showed to anyone else.
2002-07-16Double-pass over drivers, first hardware only, then software (if weAngelos D. Keromytis
are interested in software).
2002-07-16Fix a typo, cleanup on session migration code in crypto_invoke(), andAngelos D. Keromytis
add a convention that if the driver returns ERESTART as an error message of its process method, the crypto framework will unregister the driver and migrate all its sessions. After discussion with Sam Leffler and Jason Wright.
2002-07-16Add CRYPTO_ALGORITHM_ALLAngelos D. Keromytis
2002-07-10proper cdev_decl(crypto) and no private protosMichael Shalayeff
2002-07-10use right sizeof in memcpy; markus okTheo de Raadt
2002-07-02inital -> initialNathan Binkert
2002-06-19ansiTheo de Raadt
2002-06-19re-enable both crypto operationsTheo de Raadt
2002-06-12looks slightly betterTheo de Raadt
2002-06-12undo 1.46; fixes double free (the keys are freed on session close).Markus Friedl
passes regress/sys/crypto
2002-06-12so let us analyse the development process here:Theo de Raadt
- complete breakage of symmetric userland crypto - fast commit without review by other developers - no regression test run (markus points out regression crash kernel) Hence, we must disable userland crypto for now, until it gets repaired by these people who don't follow process....
2002-06-11kernel changes to make asymmetric crypto work in userlandBob Beck
- modify getfeat to return something more useful to us on devices (like lofn and everything else until jason fixes it) that can't do rsa stuff, etc and can only do mod_exp.. - error handling fixes so we correctly fail to software when we can't deal with a particular key size - add sysctl kern.userasymcrypto to turn on/off userland asymmetric crypto via /dev/crypto - 1 == on, 0 == off, default is off