summaryrefslogtreecommitdiffstats
path: root/sys/crypto
Commit message (Collapse)AuthorAgeFilesLines
* Simplify session selection/allocation.pjd2008-08-091-10/+5
|
* - Fix freeing session on newsession failure.pjd2008-08-091-9/+24
| | | | - Update copyright years.
* Implify sessions freeing loop.pjd2008-08-091-2/+1
|
* We don't have to drop a lock around malloc(M_NOWAIT).pjd2008-08-091-4/+4
|
* When freeing session, restore its ID after zeroing memory.pjd2008-08-091-0/+1
| | | | Bug tracked down by: Patrick Lamaiziere <patfbsd@davenulle.org>
* Sessions in-use are at the end of the queue, so use TAILQ_FOREACH_REVERSE()pjd2008-08-091-3/+5
| | | | | | when looking for them. Idea from: Patrick Lamaiziere <patfbsd@davenulle.org>
* Convert lock that protects sessions list from a mutex to a rwlock.pjd2008-07-201-16/+16
| | | | Now we can use read lock in fast path (padlock_process()).
* Make test00 compilable again.sobomax2008-01-152-1/+3
|
* Commit the change from FAST_IPSEC to IPSEC. The FAST_IPSECgnn2007-07-031-1/+1
| | | | | | | | option is now deprecated, as well as the KAME IPsec code. What was FAST_IPSEC is now IPSEC. Approved by: re Sponsored by: Secure Computing
* Integrate the Camellia Block Cipher. For more information see RFC 4132gnn2007-05-093-0/+1459
| | | | | | | and its bibliography. Submitted by: Tomoyuki Okazaki <okazaki at kick dot gr dot jp> MFC after: 1 month
* Overhaul driver/subsystem api's:sam2007-03-211-74/+68
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | o make all crypto drivers have a device_t; pseudo drivers like the s/w crypto driver synthesize one o change the api between the crypto subsystem and drivers to use kobj; cryptodev_if.m defines this api o use the fact that all crypto drivers now have a device_t to add support for specifying which of several potential devices to use when doing crypto operations o add new ioctls that allow user apps to select a specific crypto device to use (previous ioctls maintained for compatibility) o overhaul crypto subsystem code to eliminate lots of cruft and hide implementation details from drivers o bring in numerous fixes from Michale Richardson/hifn; mostly for 795x parts o add an optional mechanism for mmap'ing the hifn 795x public key h/w to user space for use by openssl (not enabled by default) o update crypto test tools to use new ioctl's and add cmd line options to specify a device to use for tests These changes will also enable much future work on improving the core crypto subsystem; including proper load balancing and interposing code between the core and drivers to dispatch small operations to the s/w driver as appropriate. These changes were instigated by the work of Michael Richardson. Reviewed by: pjd Approved by: re
* Initialize T1 to silent gcc warning.kevlo2006-10-221-1/+1
| | | | Approved by: cognet
* Less magic.pjd2006-09-151-2/+3
| | | | MFC after: 3 days
* GCC 3.4.6 gets confused on this file and produces bogus warning.kan2006-08-261-1/+1
| | | | Shut it up.
* Remove trailing spaces.pjd2006-07-281-1/+1
|
* Use existing roundup2() macro.pjd2006-07-281-1/+1
| | | | Suggested by: njl
* Remove redundant check committed by accident.pjd2006-07-251-2/+0
|
* Avoid memory allocations when the given address is already 16 bytes aligned.pjd2006-07-251-6/+51
| | | | | | | | | | | | | | Such an address can be used directly in padlock's AES. This improves speed of geli(8) significantly: # sysctl kern.geom.zero.clear=0 # geli onetime -s 4096 gzero # dd if=/dev/gzero.eli of=/dev/null bs=1m count=1000 Before: 113MB/s After: 203MB/s BTW. If sector size is set to 128kB, I can read at 276MB/s :)
* Modify PADLOCK_ALIGN() macro, so when the given address is already 16 bytespjd2006-07-251-1/+1
| | | | aligned, it will be used directly, not 'address + 16'.
* Style fixes.pjd2006-07-254-10/+10
|
* Implement support for HMAC/SHA1 and HMAC/SHA256 acceleration found inpjd2006-07-224-335/+766
| | | | | | | | | | | new VIA CPUs. For older CPUs HMAC/SHA1 and HMAC/SHA256 (and others) will still be done in software. Move symmetric cryptography (currently only AES-CBC 128/192/256) to padlock_cipher.c file. Move HMAC cryptography to padlock_hash.c file. Hardware from: Centaur Technologies
* Correct few bzero()s.pjd2006-07-221-3/+3
| | | | MFC after: 3 days
* Set ses_ictx and ses_octx to NULL after freeing them, so we won't freepjd2006-07-221-0/+2
| | | | | | | | | them twice. This is possible for example in situation when session is used in authentication context, then freed and then used in encryption context and freed - in encryption context ses_ictx and ses_octx are not touched at newsession time, but padlock_freesession could still try to free them when they are not NULL.
* Use the already stored VIA RNG probe informationmr2006-07-131-16/+5
| | | | | | | | instead of probing again. Adjust style(9) somewhat in probe.c Reviewed by: pjd MFC after: 1 week
* Fix gratuitous compiler warning.pjd2006-06-081-1/+2
| | | | Reported by: Rong-en Fan <grafan@gmail.com>
* - Pretend to accelerate various HMAC algorithms, so padlock(4) can be usedpjd2006-06-051-91/+266
| | | | | | | | with fast_ipsec(4) and geli(8) authentication (comming soon). If consumer requests only for HMAC algorithm (without encryption), return EINVAL. - Add support for the CRD_F_KEY_EXPLICIT flag, for both encryption and authentication.
* padlock(4) doesn't support explicitly provided keys yet.pjd2006-04-201-0/+4
| | | | Return an error instead of encrypting/decrypting data with a wrong key.
* On padlock initialization, allocate memory with M_WAITOK.pjd2006-04-121-5/+1
|
* Add VIA/ACE "PadLock" support as a crypto(9) driver.pjd2005-08-181-0/+504
| | | | | | HW donated by: Mike Tancsa <mike@sentex.net> Most of the code obtained from: OpenBSD MFC after: 3 days
* Assert proper key size also in userland by defining KASSERT in !_KERNEL case.pjd2005-08-171-2/+2
|
* Unbreak the world build (in sbin/gbde). This file is used by bothcperciva2005-08-171-0/+2
| | | | | | | kernel and world, so KASSERT() needs to be wrapped within an #ifdef _KERNEL / #endif pair. Reported by: krion, tinderbox
* Check key size for rijndael, as invalid key size can lead to kernel panic.pjd2005-08-161-0/+2
| | | | | | | | | It checked other algorithms against this bug and it seems they aren't affected. Reported by: Mike Tancsa <mike@sentex.net> PR: i386/84860 Reviewed by: phk, cperciva(x2)
* gbde(8) is also rejndael user.ume2005-03-111-2/+0
| | | | Reported by: phk
* just use crypto/rijndael, and nuke opencrypto/rindael.[ch].ume2005-03-111-5/+0
| | | | | | the two became almost identical since latest KAME merge. Discussed with: sam
* integrate rijndael-alg-fst.h into rijndael.h.ume2005-03-115-44/+14
|
* stop including rijndael-api-fst.h from rijndael.h.ume2005-03-111-1/+0
| | | | this is required to integrate opencrypto into crypto.
* sys/crypto/md5.[ch] is used from nowhere. So, just nuke them.ume2005-03-112-382/+0
|
* refer opencrypto/cast.h directly.ume2005-03-111-17/+0
|
* use cast128 in opencrypto to nuke duplicate code.ume2005-03-103-811/+9
|
* Start the dreaded NOFOO -> NO_FOO conversion.ru2004-12-211-1/+1
| | | | OK'ed by: core
* Initiate deorbit burn sequence for 80386 support in FreeBSD: Removejhb2004-11-161-1/+1
| | | | 80386 (I386_CPU) support from the kernel.
* For variables that are only checked with defined(), don't provideru2004-10-241-1/+1
| | | | any fake value.
* Use __FBSDID().obrien2004-06-143-3/+13
|
* Fix a reentrancy issue in md5_calc().des2004-01-271-4/+1
|
* avoid module name conflict with opencrypto/rijndael.c.ume2003-11-121-0/+0
| | | | Reported by: tinderbox
* cleanup rijndael API.ume2003-11-112-1/+107
| | | | | | | since there are naming conflicts with opencrypto, #define was added to rename functions intend to avoid conflicts. Obtained from: KAME
* rijndael-alg-fst.[ch]:ume2003-11-104-1634/+1332
| | | | | | | | | | | - redo updating. rijndael-api-fst.[ch]: - switch to use new low level rijndael api. - stop using u8, u16 and u32. - space cleanup. Tested by: gbde(8) and phk's test program
* Add a testcase which validates that the same buffer can be passed tophk2003-10-192-0/+87
| | | | | | | | | | rijndael_blockDecrypt() as both input and output. This property is important because inside rijndael we can get away with allocating just a 16 byte "work" buffer on the stack (which is very cheap), whereas the calling code would need to allocate the full sized buffer, and in all likelyhood would have to do so with an expensive malloc(9).
* - revert to old rijndael code. new rijndael code broke gbde.ume2003-10-194-1424/+1702
| | | | | - since aes-xcbc-mac and aes-ctr require functions in new rijndael code, aes-xcbc-mac and aes-ctr are disabled for now.
* Fix alignment problem on 64 bit arch.ume2003-10-141-0/+49
| | | | | | | I only tested if it doesn't break anything on i368. Since I have no 64 bit machine, I cannot test it, actually. Reported by: jmallett
OpenPOWER on IntegriCloud