![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / sys / crypto
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.82 / (download) - annotate - [select for diffs], Tue May 3 09:18:11 2022 UTC (2 years, 1 month ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
HEAD
Changes since 1.81: +1 -2 lines
Diff to previous 1.81 (colored)
Retire CRYPTO_F_MPSAFE it is no longer of any use. The crypto framework no longer uses a callback and so there is no need to define the callback as MPSAFE. OK bluhm@
Revision 1.81 / (download) - annotate - [select for diffs], Sun Oct 24 14:50:42 2021 UTC (2 years, 7 months ago) by tobhe
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.80: +2 -12 lines
Diff to previous 1.80 (colored)
Remove crp_etype and return errors directly from crypto_invoke() ok patrick@
Revision 1.80 / (download) - annotate - [select for diffs], Sat Oct 23 15:42:35 2021 UTC (2 years, 7 months ago) by tobhe
Branch: MAIN
Changes since 1.79: +1 -7 lines
Diff to previous 1.79 (colored)
Retire asynchronous crypto API as it is no longer required by any driver and adds unnecessary complexity. Dedicated crypto offloading devices are not common anymore. Modern CPU crypto acceleration works synchronously, eliminating the need for callbacks. Replace all occurrences of crypto_dispatch() with crypto_invoke(), which is blocking and only returns after the operation has completed or an error occured. Invoke callback functions directly from the consumer (e.g. IPsec, softraid) instead of relying on the crypto driver to call crypto_done(). ok bluhm@ mvs@ patrick@
Revision 1.79 / (download) - annotate - [select for diffs], Fri Oct 22 12:30:53 2021 UTC (2 years, 7 months ago) by bluhm
Branch: MAIN
Changes since 1.78: +1 -2 lines
Diff to previous 1.78 (colored)
After deleting hifn(4) the only provider for the LZS compression algorithm is gone. Reomve all LZS references from the tree. The v42bis in isakmpd also looks unsupported. OK mvs@ patrick@ sthen@
Revision 1.78 / (download) - annotate - [select for diffs], Thu Oct 21 23:03:48 2021 UTC (2 years, 7 months ago) by tobhe
Branch: MAIN
Changes since 1.77: +1 -3 lines
Diff to previous 1.77 (colored)
Remove more dead code related to crypto task queues.
Revision 1.77 / (download) - annotate - [select for diffs], Thu Oct 21 22:59:08 2021 UTC (2 years, 7 months ago) by tobhe
Branch: MAIN
Changes since 1.76: +1 -2 lines
Diff to previous 1.76 (colored)
Remove code to run crypto operations in a task queue. The code was not reachable because all callers had set the CRYPTO_F_NOQUEUE flag. ok patrick@ mvs@ bluhm@
Revision 1.76 / (download) - annotate - [select for diffs], Wed Oct 13 22:43:44 2021 UTC (2 years, 7 months ago) by bluhm
Branch: MAIN
Changes since 1.75: +2 -2 lines
Diff to previous 1.75 (colored)
The function crypto_dispatch() never returns an error. Make it void and remove error handling in the callers. OK patrick@ mvs@
Revision 1.75 / (download) - annotate - [select for diffs], Wed Oct 13 13:08:58 2021 UTC (2 years, 7 months ago) by bluhm
Branch: MAIN
Changes since 1.74: +2 -2 lines
Diff to previous 1.74 (colored)
The kernel crypto framework sometimes returned an error, sometimes the callback was called, and sometimes both. So the caller of that API could not release resources correctly. A bunch of errors can or should not happen, replace them with an assert. Remove redundant checks. crypto_invoke() should not return the error, but pass it via callback. Some old hardware drivers keep part of their inconsistency as I cannot test them. OK mpi@
Revision 1.74 / (download) - annotate - [select for diffs], Mon Jul 26 21:27:56 2021 UTC (2 years, 10 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.73: +2 -1 lines
Diff to previous 1.73 (colored)
Do not queue crypto operations for IPsec. The packet entries in task queues were unlimited and could overflow during havy traffic. Even if we still use hardware drivers that sleep, softnet task instead of soft interrupt can handle this now. Without queues net lock is inherited and kernel lock is only needed once per packet. This results in less lock contention and faster IPsec. Also protect tdb drop counters with net lock and avoid a leak in crypto dispatch error handling. intense testing Hrvoje Popovski; OK mpi@
Revision 1.73 / (download) - annotate - [select for diffs], Fri Jul 9 20:43:28 2021 UTC (2 years, 11 months ago) by mvs
Branch: MAIN
Changes since 1.72: +1 -4 lines
Diff to previous 1.72 (colored)
Remove unused `cc_koperations' and `cc_queued' members from 'cryptocap' struct. ok bluhm@
Revision 1.72 / (download) - annotate - [select for diffs], Wed Jun 30 12:21:02 2021 UTC (2 years, 11 months ago) by bluhm
Branch: MAIN
Changes since 1.71: +2 -1 lines
Diff to previous 1.71 (colored)
Remove unused variable cryptodesc_pool. Document global variables in crypto.c and annotate locking protection. Assert kernel lock where needed. Remove dead code from crypto_get_driverid(). Move crypto_init() prototype into header file. OK mpi@
Revision 1.71 / (download) - annotate - [select for diffs], Thu Aug 10 18:57:20 2017 UTC (6 years, 10 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.70: +1 -36 lines
Diff to previous 1.70 (colored)
the userland crypto interface died long ago, can clean up the header
Revision 1.70 / (download) - annotate - [select for diffs], Tue Feb 7 17:25:46 2017 UTC (7 years, 4 months ago) by patrick
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.69: +6 -4 lines
Diff to previous 1.69 (colored)
Reduce the per-packet allocation costs for crypto operations (cryptop) by pre-allocating two cryptodesc objects and storing them in an array instead of a linked list. If more than two cryptodesc objects are required use mallocarray to fetch them. Adapt the drivers to the new API. This change results in one pool-get per ESP packet instead of three. It also simplifies softraid crypto where more cryptodesc objects are allocated than used. From, with and ok markus@, ok bluhm@ "looks sane" mpi@
Revision 1.69 / (download) - annotate - [select for diffs], Tue Feb 7 15:10:48 2017 UTC (7 years, 4 months ago) by bluhm
Branch: MAIN
Changes since 1.68: +2 -2 lines
Diff to previous 1.68 (colored)
The return code of crp_callback is never checked, so it is not useful to propagate the error. When an error occurs in an asynchronous network path, incrementing a counter is the right thing. There are four places where an error is not accounted, just add a comment for now. OK mpi@ visa@
Revision 1.68 / (download) - annotate - [select for diffs], Mon Apr 18 21:05:55 2016 UTC (8 years, 1 month ago) by kettenis
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.67: +2 -1 lines
Diff to previous 1.67 (colored)
Add a mechanism for dispatching mpsafe crypto operations. This adds a new CRYPTOCAP_F_MPSAFE flag that crypto implementations can set to indicate that their cc_process() implementation can safely run without holding the kernel lock. ok mikeb@
Revision 1.67 / (download) - annotate - [select for diffs], Thu Dec 10 21:00:51 2015 UTC (8 years, 6 months ago) by naddy
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.66: +27 -29 lines
Diff to previous 1.66 (colored)
Remove plain DES from the kernel crypto framework, including the crypto accelerator drivers. No longer used by anything. ok sthen@ mikeb@
Revision 1.66 / (download) - annotate - [select for diffs], Fri Nov 13 15:29:55 2015 UTC (8 years, 6 months ago) by naddy
Branch: MAIN
Changes since 1.65: +18 -19 lines
Diff to previous 1.65 (colored)
remove unused ARC4 support; ok mikeb@
Revision 1.65 / (download) - annotate - [select for diffs], Fri Nov 13 12:21:16 2015 UTC (8 years, 6 months ago) by mikeb
Branch: MAIN
Changes since 1.64: +18 -20 lines
Diff to previous 1.64 (colored)
Remove unused non HMAC versions of MD5 and SHA1; ok mpi, deraadt, naddy
Revision 1.64 / (download) - annotate - [select for diffs], Thu Nov 12 16:57:00 2015 UTC (8 years, 7 months ago) by mikeb
Branch: MAIN
Changes since 1.63: +1 -4 lines
Diff to previous 1.63 (colored)
remove a few unused defines
Revision 1.63 / (download) - annotate - [select for diffs], Thu Nov 12 16:50:55 2015 UTC (8 years, 7 months ago) by mikeb
Branch: MAIN
Changes since 1.62: +1 -2 lines
Diff to previous 1.62 (colored)
another define from the dsa era
Revision 1.62 / (download) - annotate - [select for diffs], Tue Nov 3 01:55:28 2015 UTC (8 years, 7 months ago) by mikeb
Branch: MAIN
Changes since 1.61: +1 -3 lines
Diff to previous 1.61 (colored)
Remove two unused defines
Revision 1.61 / (download) - annotate - [select for diffs], Tue Nov 3 01:31:36 2015 UTC (8 years, 7 months ago) by mikeb
Branch: MAIN
Changes since 1.60: +7 -4 lines
Diff to previous 1.60 (colored)
Hook up Chacha20-Poly1305 to the OpenBSD Cryptographic Framework ok naddy, jsing
Revision 1.60 / (download) - annotate - [select for diffs], Sun Dec 28 10:02:37 2014 UTC (9 years, 5 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.59: +1 -3 lines
Diff to previous 1.59 (colored)
remove KPDK. not really used, and a bad choice anyway. ok naddy
Revision 1.59 / (download) - annotate - [select for diffs], Wed Aug 20 06:23:03 2014 UTC (9 years, 9 months ago) by mikeb
Branch: MAIN
Changes since 1.58: +1 -65 lines
Diff to previous 1.58 (colored)
Bye bye /dev/crypto The interface has been disabled by default for about 4 years and currently there's not much value in having it around at all. ok deraadt
Revision 1.58 / (download) - annotate - [select for diffs], Thu Oct 31 10:32:38 2013 UTC (10 years, 7 months ago) by mikeb
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.57: +4 -4 lines
Diff to previous 1.57 (colored)
convert crypto work queue to the task_add(9) api; ok dlg
Revision 1.57 / (download) - annotate - [select for diffs], Wed Mar 27 16:42:05 2013 UTC (11 years, 2 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.56: +2 -1 lines
Diff to previous 1.56 (colored)
institute a hard cap on crypto devs instead of a useless wraparound check ok beck
Revision 1.56 / (download) - annotate - [select for diffs], Fri Jun 29 14:48:04 2012 UTC (11 years, 11 months ago) by mikeb
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.55: +11 -3 lines
Diff to previous 1.55 (colored)
Add support for the Extended (64-bit) Sequence Number as defined in RFC4302 and RFC4303. Right now only software crypto engine is capable of doing it. Replay check was rewritten to implement algorithm described in the Appendix A of RFC4303 and the window size was increased to 64. Tested against OpenBSD, Linux (strongswan) and Windows. No objection from the usual suspects.
Revision 1.55 / (download) - annotate - [select for diffs], Thu Dec 16 16:56:08 2010 UTC (13 years, 5 months ago) by jsg
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.54: +1 -3 lines
Diff to previous 1.54 (colored)
move CRYPTO_VIAC3_MAX out of cryptodev.h and into the only file it will be used from. requested by/ok mikeb@
Revision 1.54 / (download) - annotate - [select for diffs], Thu Dec 16 00:07:25 2010 UTC (13 years, 5 months ago) by jsg
Branch: MAIN
Changes since 1.53: +3 -1 lines
Diff to previous 1.53 (colored)
The VIA ciphers are added to an array of CRYPTO_ALGORITHM_MAX length which should have been declared as CRYPTO_ALGORITHM_MAX + 1, fix this and reserve enough space for the VIA additions as well. ok/comments from mikeb & deraadt
Revision 1.53 / (download) - annotate - [select for diffs], Wed Oct 6 22:19:20 2010 UTC (13 years, 8 months ago) by mikeb
Branch: MAIN
Changes since 1.52: +1 -3 lines
Diff to previous 1.52 (colored)
Retire Skipjack There's not much use for the declassified cipher from the 80's with a questionable license these days. According to the FIPS drafts, Skipjack reaches its EOL in December 2010. The libc portion will be removed after the ports hackathon. djm and thib agree, no objections from deraadt Thanks to jsg for digging up FIPS drafts.
Revision 1.52 / (download) - annotate - [select for diffs], Wed Sep 22 11:54:23 2010 UTC (13 years, 8 months ago) by mikeb
Branch: MAIN
Changes since 1.51: +7 -2 lines
Diff to previous 1.51 (colored)
OCF support for the Galois/Counter Mode (GCM) for AES as described in FIPS SP 800-38D. This implementation supports 16 byte authentication tag only, splitting transformation into two parts: encryption and authentication. Encryption is handled by the existing AES-CTR implementation, while authentication requires new AES_GMAC hash function. Additional routine is added to the software crypto driver to deal with peculiarities of a combined authentication- encryption transformation. With suggestions from reyk, naddy and toby.
Revision 1.51 / (download) - annotate - [select for diffs], Wed Jun 23 09:26:32 2010 UTC (13 years, 11 months ago) by thib
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.50: +1 -2 lines
Diff to previous 1.50 (colored)
Zap a dead prototype, crypto_thread(); Leftover since crypto was moved from a special kthread to workqs. OK dlg@
Revision 1.50 / (download) - annotate - [select for diffs], Wed Jun 9 19:38:19 2010 UTC (14 years ago) by thib
Branch: MAIN
Changes since 1.49: +2 -4 lines
Diff to previous 1.49 (colored)
Remove the CRYPTO_ALGORITHM_ALL define, fixup accordingly and make the loop invartiants <= CRYPTO_ALGORITHM_MAX Do this also for the CRK_ALGORITHM_MAX this also fixes the a bug that caused us to skip CRK_DH_COMPUTE_KEY. ok deraadt@
Revision 1.49 / (download) - annotate - [select for diffs], Sun Jan 10 12:43:07 2010 UTC (14 years, 5 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.48: +8 -2 lines
Diff to previous 1.48 (colored)
Fix two bugs in IPsec/HMAC-SHA2:
(1) use correct (message) block size of 128 byte (instead of 64
bytes) for HMAC-SHA512/384 (RFC4634).
(2) RFC4868 specifies that HMAC-SHA-{256,384,512} is truncated to
nnn/2 bits, while we still use 96 bits. 96 bits have been
specified in draft-ietf-ipsec-ciph-sha-256-00 while
draft-ietf-ipsec-ciph-sha-256-01 changed it to 128 bits.
WARNING: this change makes IPsec with SHA-256 (the default)
incompatible with older OpenBSD versions and other IPsec-implementations
that share this bug.
ok+tests naddy, fries; requested by reyk/deraadt
Revision 1.48 / (download) - annotate - [select for diffs], Thu Sep 3 07:47:27 2009 UTC (14 years, 9 months ago) by dlg
Branch: MAIN
Changes since 1.47: +6 -1 lines
Diff to previous 1.47 (colored)
crypto hardware (eg, hifn) establishes its interrupt handler at IPL_NET. when the hardware finishes some work for the crypto subsystem and therefore something in the kernel that wanted crypto done, it calls crypto_done from that interrupt handler. one of the things that uses crypto is ipsec. when crypto is done for ipsec it then pushes the packet along the network stack. the problem is that all the structures inside the network stack are only protected at splsoftnet. we could be in the middle of modifications to the pf state table or the pfsync queues when we get a hifn interrupt and then go stomp on the same structures. the solution is to defer the completions so they can do the right spl protections. this basically reverts r1.46 of src/sys/crypto/crypto.c. found by naddy@
Revision 1.47 / (download) - annotate - [select for diffs], Mon Jun 9 16:07:00 2008 UTC (16 years ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.46: +3 -2 lines
Diff to previous 1.46 (colored)
Implement the AES XTS mode of operation for the crypto(9) framework. XTS is a "tweaked" AES mode that has properties that are desirable for block device encryption and it is specified in the IEEE P1619-2007 standard for this purpose. prodded by & ok hshoexer@
Revision 1.46 / (download) - annotate - [select for diffs], Wed Nov 28 13:52:23 2007 UTC (16 years, 6 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE,
OPENBSD_4_3
Changes since 1.45: +1 -3 lines
Diff to previous 1.45 (colored)
finish conversion to workq. remove list remnants, and put spl in the right places. handle the no workq case here. ok deraadt
Revision 1.45 / (download) - annotate - [select for diffs], Sun May 27 05:33:47 2007 UTC (17 years ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_4_2_BASE,
OPENBSD_4_2
Changes since 1.44: +2 -2 lines
Diff to previous 1.44 (colored)
make crp_buf a void *. caddr_t implies bufferness, it's not. ok deraadt jason
Revision 1.44 / (download) - annotate - [select for diffs], Wed May 31 23:01:44 2006 UTC (18 years ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.43: +2 -2 lines
Diff to previous 1.43 (colored)
remove some silly casts. put spl calls after all declarations. put one splx in a better spot. make a variable size MALLOC use malloc. remove null test after malloc(M_WAITOK). add PR_NOWAIT flag to pool_get instead of 0. change callbacks to correct type. ok brad deraadt markus mickey
Revision 1.43 / (download) - annotate - [select for diffs], Wed May 25 05:47:53 2005 UTC (19 years ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_9,
OPENBSD_3_8_BASE,
OPENBSD_3_8
Changes since 1.42: +3 -2 lines
Diff to previous 1.42 (colored)
AESCTR support for ESP (RFC 3686); ok hshoexer
Revision 1.9.2.7 / (download) - annotate - [select for diffs], Thu Feb 19 10:51:30 2004 UTC (20 years, 3 months ago) by niklas
Branch: SMP
Changes since 1.9.2.6: +7 -4 lines
Diff to previous 1.9.2.6 (colored) next main 1.10 (colored)
Merge of current from two weeks agointo the SMP branch
Revision 1.42 / (download) - annotate - [select for diffs], Thu Aug 14 15:18:05 2003 UTC (20 years, 10 months ago) by jason
Branch: MAIN
CVS Tags: SMP_SYNC_B,
SMP_SYNC_A,
OPENBSD_3_7_BASE,
OPENBSD_3_7,
OPENBSD_3_6_BASE,
OPENBSD_3_6,
OPENBSD_3_5_BASE,
OPENBSD_3_5,
OPENBSD_3_4_BASE,
OPENBSD_3_4
Changes since 1.41: +2 -2 lines
Diff to previous 1.41 (colored)
mirror change in mbufs: cuio_copyback's 4th arg is now const void *
Revision 1.41 / (download) - annotate - [select for diffs], Thu Jul 24 15:29:38 2003 UTC (20 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.40: +2 -2 lines
Diff to previous 1.40 (colored)
increase ALG_MAX_RESULT_LEN to 64 bytes for sha2-512
Revision 1.40 / (download) - annotate - [select for diffs], Thu Jul 24 08:03:19 2003 UTC (20 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.39: +5 -2 lines
Diff to previous 1.39 (colored)
hmac-sha2-{256,384,512} support in AH/ESP auth. markus ok
Revision 1.9.2.6 / (download) - annotate - [select for diffs], Sat Jun 7 11:02:27 2003 UTC (21 years ago) by ho
Branch: SMP
Changes since 1.9.2.5: +6 -6 lines
Diff to previous 1.9.2.5 (colored)
Sync SMP branch to -current
Revision 1.39 / (download) - annotate - [select for diffs], Tue Jun 3 15:51:28 2003 UTC (21 years ago) by deraadt
Branch: MAIN
Changes since 1.38: +4 -6 lines
Diff to previous 1.38 (colored)
license cleanup regarding term 4
Revision 1.38 / (download) - annotate - [select for diffs], Tue Jun 3 15:28:06 2003 UTC (21 years ago) by beck
Branch: MAIN
Changes since 1.37: +3 -1 lines
Diff to previous 1.37 (colored)
Fastpath for userland crypto requests. This change makes userland crypto requests attempt to call the crypto driver directly to process crypto layer requests, as opposed to queueing them in the kernel crypto thread. If we can't use the crypto devices (i.e. they're busy) we fall back to queueing the request up in the crypto thread as before. This does allow for faster performance in some cases (smaller requests, how small seems to be dependent on the card/cpu combination) where context switching is a major issue in performance. ok deraadt@ jason@
Revision 1.15.2.4 / (download) - annotate - [select for diffs], Mon May 19 21:53:13 2003 UTC (21 years ago) by tedu
Branch: UBC
Changes since 1.15.2.3: +23 -16 lines
Diff to previous 1.15.2.3 (colored) to branchpoint 1.15 (colored) next main 1.16 (colored)
sync
Revision 1.9.2.5 / (download) - annotate - [select for diffs], Thu Mar 27 23:53:48 2003 UTC (21 years, 2 months ago) by niklas
Branch: SMP
Changes since 1.9.2.4: +77 -40 lines
Diff to previous 1.9.2.4 (colored)
Sync the SMP branch with 3.3
Revision 1.37 / (download) - annotate - [select for diffs], Sat Feb 15 22:57:58 2003 UTC (21 years, 3 months ago) by jason
Branch: MAIN
CVS Tags: UBC_SYNC_A,
OPENBSD_3_3_BASE,
OPENBSD_3_3
Changes since 1.36: +3 -2 lines
Diff to previous 1.36 (colored)
skeleton support for LZS compression
Revision 1.36 / (download) - annotate - [select for diffs], Sat Feb 15 18:55:50 2003 UTC (21 years, 3 months ago) by jason
Branch: MAIN
Changes since 1.35: +2 -2 lines
Diff to previous 1.35 (colored)
CRD_F_COMP isn't so special that it needs 4 bits for a binary flag
Revision 1.35 / (download) - annotate - [select for diffs], Thu Nov 21 19:34:25 2002 UTC (21 years, 6 months ago) by jason
Branch: MAIN
Changes since 1.34: +19 -14 lines
Diff to previous 1.34 (colored)
From Angelos: - simplistic load balancing across multiple cards - simplified registration process - a few style nits.
Revision 1.34 / (download) - annotate - [select for diffs], Tue Nov 12 18:23:13 2002 UTC (21 years, 7 months ago) by jason
Branch: MAIN
Changes since 1.33: +3 -2 lines
Diff to previous 1.33 (colored)
Add a CRYPTO_NULL xform (it's a do nothing, but nice for measuring the bandwidth of the kernel API). It's only available from userland and then only if kern.cryptodevallowsoft=1.
Revision 1.15.2.3 / (download) - annotate - [select for diffs], Tue Oct 29 00:30:52 2002 UTC (21 years, 7 months ago) by art
Branch: UBC
Changes since 1.15.2.2: +11 -8 lines
Diff to previous 1.15.2.2 (colored) to branchpoint 1.15 (colored)
sync to -current
Revision 1.33 / (download) - annotate - [select for diffs], Wed Jul 17 23:52:39 2002 UTC (21 years, 10 months ago) by art
Branch: MAIN
CVS Tags: UBC_SYNC_B,
OPENBSD_3_2_BASE,
OPENBSD_3_2
Changes since 1.32: +0 -2 lines
Diff to previous 1.32 (colored)
I don't know why this breaks things for me when sshd starts on sparc64. But after wasting the whole day trying to just locate the problem I don't care. Back out since this wasn't tested and showed to anyone else.
Revision 1.32 / (download) - annotate - [select for diffs], Tue Jul 16 06:10:58 2002 UTC (21 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.31: +3 -1 lines
Diff to previous 1.31 (colored)
Add CRYPTO_ALGORITHM_ALL
Revision 1.31 / (download) - annotate - [select for diffs], Tue Jun 11 11:14:29 2002 UTC (22 years ago) by beck
Branch: MAIN
Changes since 1.30: +8 -5 lines
Diff to previous 1.30 (colored)
kernel changes to make asymmetric crypto work in userland - modify getfeat to return something more useful to us on devices (like lofn and everything else until jason fixes it) that can't do rsa stuff, etc and can only do mod_exp.. - error handling fixes so we correctly fail to software when we can't deal with a particular key size - add sysctl kern.userasymcrypto to turn on/off userland asymmetric crypto via /dev/crypto - 1 == on, 0 == off, default is off
Revision 1.15.2.2 / (download) - annotate - [select for diffs], Tue Jun 11 03:28:34 2002 UTC (22 years ago) by art
Branch: UBC
Changes since 1.15.2.1: +87 -154 lines
Diff to previous 1.15.2.1 (colored) to branchpoint 1.15 (colored)
Sync UBC branch to -current
Revision 1.30 / (download) - annotate - [select for diffs], Sun Jun 9 22:23:17 2002 UTC (22 years ago) by angelos
Branch: MAIN
Changes since 1.29: +4 -4 lines
Diff to previous 1.29 (colored)
Don't use an int for the flags, when the structure uses u_int8_t. Also, make sure the logic is correct (bad theo!)
Revision 1.29 / (download) - annotate - [select for diffs], Sat May 18 17:00:33 2002 UTC (22 years ago) by deraadt
Branch: MAIN
Changes since 1.28: +0 -30 lines
Diff to previous 1.28 (colored)
not ready to export fcrypt to userland yet; spotted by lebel
Revision 1.28 / (download) - annotate - [select for diffs], Sat May 18 09:58:12 2002 UTC (22 years ago) by deraadt
Branch: MAIN
Changes since 1.27: +31 -1 lines
Diff to previous 1.27 (colored)
export struct fcrypt to userland
Revision 1.27 / (download) - annotate - [select for diffs], Wed Apr 24 23:24:32 2002 UTC (22 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.26: +2 -6 lines
Diff to previous 1.26 (colored)
kernel API does not need the userland addresses, make them go away
Revision 1.26 / (download) - annotate - [select for diffs], Tue Apr 23 22:20:47 2002 UTC (22 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.25: +2 -1 lines
Diff to previous 1.25 (colored)
initial hack at a CIOCSYMFEAT ioctl
Revision 1.25 / (download) - annotate - [select for diffs], Tue Apr 23 19:13:04 2002 UTC (22 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.24: +47 -22 lines
Diff to previous 1.24 (colored)
driver queueing & callback code for keying operations
Revision 1.24 / (download) - annotate - [select for diffs], Mon Apr 8 17:49:42 2002 UTC (22 years, 2 months ago) by jason
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE,
OPENBSD_3_1
Changes since 1.23: +6 -1 lines
Diff to previous 1.23 (colored)
Credit DARPA/USAF appropriately.
Revision 1.9.2.4 / (download) - annotate - [select for diffs], Thu Mar 28 11:43:03 2002 UTC (22 years, 2 months ago) by niklas
Branch: SMP
Changes since 1.9.2.3: +2 -2 lines
Diff to previous 1.9.2.3 (colored)
Merge in -current from about a week ago
Revision 1.23 / (download) - annotate - [select for diffs], Thu Mar 14 01:26:51 2002 UTC (22 years, 3 months ago) by millert
Branch: MAIN
Changes since 1.22: +3 -3 lines
Diff to previous 1.22 (colored)
First round of __P removal in sys
Revision 1.9.2.3 / (download) - annotate - [select for diffs], Wed Mar 6 02:07:09 2002 UTC (22 years, 3 months ago) by niklas
Branch: SMP
Changes since 1.9.2.2: +56 -153 lines
Diff to previous 1.9.2.2 (colored)
Merge in trunk
Revision 1.22 / (download) - annotate - [select for diffs], Mon Mar 4 21:24:11 2002 UTC (22 years, 3 months ago) by deraadt
Branch: MAIN
Changes since 1.21: +36 -44 lines
Diff to previous 1.21 (colored)
remove old PK stuff
Revision 1.21 / (download) - annotate - [select for diffs], Sat Mar 2 23:00:30 2002 UTC (22 years, 3 months ago) by deraadt
Branch: MAIN
Changes since 1.20: +15 -15 lines
Diff to previous 1.20 (colored)
do some more renaming
Revision 1.20 / (download) - annotate - [select for diffs], Sat Mar 2 19:15:11 2002 UTC (22 years, 3 months ago) by deraadt
Branch: MAIN
Changes since 1.19: +33 -122 lines
Diff to previous 1.19 (colored)
initial cut at crypto_sop definitions for symmetric crypto
Revision 1.19 / (download) - annotate - [select for diffs], Fri Mar 1 02:50:02 2002 UTC (22 years, 3 months ago) by provos
Branch: MAIN
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)
remove CRYPTO_BUF_CONTIG and convert to handle iovs. okay deraadt@
Revision 1.18 / (download) - annotate - [select for diffs], Fri Mar 1 02:46:57 2002 UTC (22 years, 3 months ago) by provos
Branch: MAIN
Changes since 1.17: +4 -1 lines
Diff to previous 1.17 (colored)
helper functions for uio (cuio_apply and cuio_getptr) okay deraadt@
Revision 1.17 / (download) - annotate - [select for diffs], Sun Feb 24 00:30:00 2002 UTC (22 years, 3 months ago) by deraadt
Branch: MAIN
Changes since 1.16: +2 -2 lines
Diff to previous 1.16 (colored)
license repair, angelos ok
Revision 1.15.2.1 / (download) - annotate - [select for diffs], Thu Jan 31 22:55:29 2002 UTC (22 years, 4 months ago) by niklas
Branch: UBC
Changes since 1.15: +1 -4 lines
Diff to previous 1.15 (colored)
Merge in -current, builds on i386, otherwise untested
Revision 1.16 / (download) - annotate - [select for diffs], Tue Jan 29 15:48:29 2002 UTC (22 years, 4 months ago) by jason
Branch: MAIN
Changes since 1.15: +1 -4 lines
Diff to previous 1.15 (colored)
Remove the iov2pages/mbuf2pages API... All of the relevant arch's support bus_dma(9) which actually does this job correctly.
Revision 1.14.2.1 / (download) - annotate - [select for diffs], Fri Dec 14 21:48:07 2001 UTC (22 years, 6 months ago) by jason
Branch: OPENBSD_3_0
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored) next main 1.15 (colored)
Pull in patch from current: Fix (deraadt): be way more sure that software cannot be used
Revision 1.9.2.2 / (download) - annotate - [select for diffs], Tue Nov 13 21:05:48 2001 UTC (22 years, 7 months ago) by niklas
Branch: SMP
Changes since 1.9.2.1: +2 -2 lines
Diff to previous 1.9.2.1 (colored)
Merge in -current
Revision 1.15 / (download) - annotate - [select for diffs], Fri Nov 9 03:11:38 2001 UTC (22 years, 7 months ago) by deraadt
Branch: MAIN
CVS Tags: UBC_BASE
Branch point for: UBC
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)
be way more sure that software cannot be used
Revision 1.9.2.1 / (download) - annotate - [select for diffs], Wed Oct 31 03:11:47 2001 UTC (22 years, 7 months ago) by nate
Branch: SMP
Changes since 1.9: +15 -6 lines
Diff to previous 1.9 (colored)
Sync the SMP branch to something just after 3.0
Revision 1.14 / (download) - annotate - [select for diffs], Tue Aug 28 12:20:43 2001 UTC (22 years, 9 months ago) by ben
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE
Branch point for: OPENBSD_3_0
Changes since 1.13: +5 -4 lines
Diff to previous 1.13 (colored)
Getting closer to working userland MAC.
Revision 1.13 / (download) - annotate - [select for diffs], Wed Aug 22 17:34:35 2001 UTC (22 years, 9 months ago) by deraadt
Branch: MAIN
Changes since 1.12: +4 -2 lines
Diff to previous 1.12 (colored)
add RC4 and SHA1 support
Revision 1.12 / (download) - annotate - [select for diffs], Sun Aug 5 09:36:38 2001 UTC (22 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.11: +4 -2 lines
Diff to previous 1.11 (colored)
put in tags for ARC4 to please ben, who now has no excuses
Revision 1.11 / (download) - annotate - [select for diffs], Thu Jul 5 08:34:12 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.10: +4 -4 lines
Diff to previous 1.10 (colored)
Stylistic changes.
Revision 1.10 / (download) - annotate - [select for diffs], Thu Jul 5 08:26:05 2001 UTC (22 years, 11 months ago) by jjbg
Branch: MAIN
Changes since 1.9: +7 -3 lines
Diff to previous 1.9 (colored)
Compression support for IPComp. Include files only. angelos@ ok.
Revision 1.9 / (download) - annotate - [select for diffs], Mon Jun 25 17:52:37 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Branch point for: SMP
Changes since 1.8: +2 -1 lines
Diff to previous 1.8 (colored)
Add crypto_check_alg(), from jgarfiel@seas.upenn.edu
Revision 1.8 / (download) - annotate - [select for diffs], Mon Jun 25 17:35:47 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.7: +5 -6 lines
Diff to previous 1.7 (colored)
Update comments.
Revision 1.7 / (download) - annotate - [select for diffs], Sun Jun 24 22:11:02 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.6: +12 -9 lines
Diff to previous 1.6 (colored)
Fix RSA structure.
Revision 1.6 / (download) - annotate - [select for diffs], Sat Jun 23 21:57:00 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.5: +1 -2 lines
Diff to previous 1.5 (colored)
Remove unneeded crp_iv field, set the right flags for IV handling in the crypto device.
Revision 1.5 / (download) - annotate - [select for diffs], Sat Jun 23 21:00:49 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.4: +148 -8 lines
Diff to previous 1.4 (colored)
New prototype for crypto_register(), to take into account maximum key length (for PK operations) and various flags. Structures for public key operations (DH, RSA, DSA). A lot of this work was done by jgarfiel@seas.upenn.edu
Revision 1.4 / (download) - annotate - [select for diffs], Sat Jun 23 18:30:36 2001 UTC (22 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.3: +168 -1 lines
Diff to previous 1.3 (colored)
merge crypto/crypto{dev,}.h to crypto/cryptodev.h, to avoid name conflicts inside OpenSSL codebase
Revision 1.3 / (download) - annotate - [select for diffs], Fri Jun 1 23:51:27 2001 UTC (23 years ago) by deraadt
Branch: MAIN
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)
CRIOGET is a _IOWR ioctl
Revision 1.2 / (download) - annotate - [select for diffs], Sun May 13 16:52:33 2001 UTC (23 years, 1 month ago) by jason
Branch: MAIN
Changes since 1.1: +29 -0 lines
Diff to previous 1.1 (colored)
copyrights and $OpenBSD$ tags
Revision 1.1 / (download) - annotate - [select for diffs], Sun May 13 15:39:27 2001 UTC (23 years, 1 month ago) by deraadt
Branch: MAIN
initial cut at /dev/crypto support. takes original mbuf "try, and discard if we fail" semantics and extends to two varients of data movement: mbuf, or an iovec style block.