| Age | Commit message (Collapse) | Author |
|---|
|
- rijndael_set_key_enc_only() sets up context for encryption only
- rijndael_set_key() always sets up full context
- rijndaelKeySetupDec() gets back original protoype
- uvm: use _enc_only() interface
with hshoexer@, ok deraadt@
|
|
|
|
(Look ma, I might have broken the tree)
|
|
http://www.esat.kuleuven.ac.be/~rijmen/rijndael/rijndael-fst-3.0.zip
the same code is used by ssh, so please make sure to update
usr.sbin/ssh/rijndael.c if you change this code.
tested on sparc (jason) and with swap encryption (me); ok deraadt@, provos@
|
|
|
|
|
|
This is to match (make diffs smaller) the code in NetBSD.
new gcc inlines those functions, so this could also be a performance win.
|
|
|
|
break swap paritions into sections, each section has own
encryption key. if a section's key becomes unreferenced, erase it.
|
|
|
|
|
|
via sysctl.
Pages are encrypted with the Blowfish encryption algorithm, the key
is initialized randomly on first swap out, ensuring that entropy has
accumulated in the kernel randomness pool. Eventually, swap encryption
will be decided on a process by process basis, e.g. a process that reads from
a cryptographic filesystem will enable swap encrypt for its pages. okay
art@ and deraadt@.
|
