d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
126,603 Commits 4 Branches 49 Tags 2 GiB
a1d5a9ece3
Commit Graph

75 Commits

Author SHA1 Message Date
kan
6ef43dbb8f GCC 3.4.6 gets confused on this file and produces bogus warning. 
Shut it up.
 2006-08-26 21:48:00 +00:00
pjd
f422bef855 Remove trailing spaces. 2006-07-28 14:48:30 +00:00
pjd
cea88d1e47 Use existing roundup2() macro. 
Suggested by:	njl
 2006-07-28 14:46:19 +00:00
pjd
773098d748 Remove redundant check committed by accident. 2006-07-25 20:00:55 +00:00
pjd
054c4a83dd Avoid memory allocations when the given address is already 16 bytes aligned. 
Such an address can be used directly in padlock's AES.
This improves speed of geli(8) significantly:

	# sysctl kern.geom.zero.clear=0
	# geli onetime -s 4096 gzero
	# dd if=/dev/gzero.eli of=/dev/null bs=1m count=1000

Before:	113MB/s
After:	203MB/s

BTW. If sector size is set to 128kB, I can read at 276MB/s :)
 2006-07-25 19:32:58 +00:00
pjd
90aa974bdf Modify PADLOCK_ALIGN() macro, so when the given address is already 16 bytes 
aligned, it will be used directly, not 'address + 16'.
 2006-07-25 19:06:54 +00:00
pjd
1bdee6da83 Style fixes. 2006-07-25 19:04:26 +00:00
pjd
90eb685fca Implement support for HMAC/SHA1 and HMAC/SHA256 acceleration found in 
new VIA CPUs.
For older CPUs HMAC/SHA1 and HMAC/SHA256 (and others) will still be done
in software.

Move symmetric cryptography (currently only AES-CBC 128/192/256) to
padlock_cipher.c file. Move HMAC cryptography to padlock_hash.c file.

Hardware from:	Centaur Technologies
 2006-07-22 16:18:47 +00:00
pjd
361a0884e4 Correct few bzero()s. 
MFC after:	3 days
 2006-07-22 13:14:11 +00:00
pjd
0495e43729 Set ses_ictx and ses_octx to NULL after freeing them, so we won't free 
them twice.
This is possible for example in situation when session is used in
authentication context, then freed and then used in encryption context
and freed - in encryption context ses_ictx and ses_octx are not touched
at newsession time, but padlock_freesession could still try to free them
when they are not NULL.
 2006-07-22 10:04:47 +00:00
mr
4af607ffd5 Use the already stored VIA RNG probe information 
instead of probing again.
Adjust style(9) somewhat in probe.c

Reviewed by:	pjd
MFC after:	1 week
 2006-07-13 09:15:14 +00:00
pjd
e9425270e5 Fix gratuitous compiler warning. 
Reported by:	Rong-en Fan <grafan@gmail.com>
 2006-06-08 17:40:02 +00:00
pjd
87e654aa04 - Pretend to accelerate various HMAC algorithms, so padlock(4) can be used 
with fast_ipsec(4) and geli(8) authentication (comming soon).
  If consumer requests only for HMAC algorithm (without encryption), return
  EINVAL.
- Add support for the CRD_F_KEY_EXPLICIT flag, for both encryption and
  authentication.
 2006-06-05 16:22:04 +00:00
pjd
a4071b836a padlock(4) doesn't support explicitly provided keys yet. 
Return an error instead of encrypting/decrypting data with a wrong key.
 2006-04-20 06:31:44 +00:00
pjd
7f664ed13a On padlock initialization, allocate memory with M_WAITOK. 2006-04-12 12:13:34 +00:00
pjd
352b6c307b Add VIA/ACE "PadLock" support as a crypto(9) driver. 
HW donated by:			Mike Tancsa <mike@sentex.net>
Most of the code obtained from:	OpenBSD
MFC after:			3 days
 2005-08-18 00:30:22 +00:00
pjd
bb000dd3d5 Assert proper key size also in userland by defining KASSERT in !_KERNEL case. 2005-08-17 07:59:07 +00:00
cperciva
bdfa6fbbb1 Unbreak the world build (in sbin/gbde). This file is used by both 
kernel and world, so KASSERT() needs to be wrapped within an #ifdef
_KERNEL / #endif pair.

Reported by:	krion, tinderbox
 2005-08-17 00:24:20 +00:00
pjd
372c5a7d07 Check key size for rijndael, as invalid key size can lead to kernel panic. 
It checked other algorithms against this bug and it seems they aren't
affected.

Reported by:	Mike Tancsa <mike@sentex.net>
PR:		i386/84860
Reviewed by:	phk, cperciva(x2)
 2005-08-16 18:59:00 +00:00
ume
5f96af1a75 gbde(8) is also rejndael user. 
Reported by:	phk
 2005-03-11 22:07:04 +00:00
ume
5ce7e2e80a just use crypto/rijndael, and nuke opencrypto/rindael.[ch]. 
the two became almost identical since latest KAME merge.

Discussed with:	sam
 2005-03-11 17:24:46 +00:00
ume
8a8b13dab5 integrate rijndael-alg-fst.h into rijndael.h. 2005-03-11 16:26:10 +00:00
ume
73402ef817 stop including rijndael-api-fst.h from rijndael.h. 
this is required to integrate opencrypto into crypto.
 2005-03-11 15:42:51 +00:00
ume
f61af04d95 sys/crypto/md5.[ch] is used from nowhere. So, just nuke them. 2005-03-11 12:56:15 +00:00
ume
4319b5fb5e refer opencrypto/cast.h directly. 2005-03-11 12:37:07 +00:00
ume
4bc4328cd1 use cast128 in opencrypto to nuke duplicate code. 2005-03-10 11:40:53 +00:00
ru
cec60429bb Start the dreaded NOFOO -> NO_FOO conversion. 
OK'ed by:	core
 2004-12-21 08:47:35 +00:00
jhb
cc03c9de7d Initiate deorbit burn sequence for 80386 support in FreeBSD: Remove 
80386 (I386_CPU) support from the kernel.
 2004-11-16 20:42:32 +00:00
ru
5db2b9d5b3 For variables that are only checked with defined(), don't provide 
any fake value.
 2004-10-24 15:33:08 +00:00
obrien
18012715d9 Use __FBSDID(). 2004-06-14 00:38:54 +00:00
des
b3e7bd9f6b Fix a reentrancy issue in md5_calc(). 2004-01-27 18:57:21 +00:00
ume
88488cca11 avoid module name conflict with opencrypto/rijndael.c. 
Reported by:	tinderbox
 2003-11-12 04:22:37 +00:00
ume
7755ea7d71 cleanup rijndael API. 
since there are naming conflicts with opencrypto, #define was
added to rename functions intend to avoid conflicts.

Obtained from:	KAME
 2003-11-11 18:58:54 +00:00
ume
2545ff462c rijndael-alg-fst.[ch]: 
- redo updating.

rijndael-api-fst.[ch]:
  - switch to use new low level rijndael api.
  - stop using u8, u16 and u32.
  - space cleanup.

Tested by:	gbde(8) and phk's test program
 2003-11-10 10:33:39 +00:00
phk
9f420bf43d Add a testcase which validates that the same buffer can be passed to 
rijndael_blockDecrypt() as both input and output.

This property is important because inside rijndael we can get away
with allocating just a 16 byte "work" buffer on the stack (which
is very cheap), whereas the calling code would need to allocate the
full sized buffer, and in all likelyhood would have to do so with
an expensive malloc(9).
 2003-10-19 22:12:23 +00:00
ume
8ff2c775d4 - revert to old rijndael code. new rijndael code broke gbde. 
- since aes-xcbc-mac and aes-ctr require functions in new
  rijndael code, aes-xcbc-mac and aes-ctr are disabled for now.
 2003-10-19 21:28:34 +00:00
ume
3d011c684c Fix alignment problem on 64 bit arch. 
I only tested if it doesn't break anything on i368.  Since I
have no 64 bit machine, I cannot test it, actually.

Reported by:	jmallett
 2003-10-14 13:37:37 +00:00
ume
a89e9b5e91 use BF_ecb_encrypt(). 
Obtained from:	KAME
 2003-10-13 19:26:08 +00:00
ume
dc45666132 simplify and update rijndael code. 
Obtained from:	KAME
 2003-10-12 21:05:05 +00:00
ume
b436e75e9a use opencrypto for RMD160. 
Requested by:	sam
 2003-10-12 18:25:38 +00:00
ume
329da09a2a drop useless define. 2003-10-12 14:47:24 +00:00
ume
d56603d9be use bswap32() for big endian arch. 
Reported by:	tinderbox via kris
 2003-10-12 14:32:13 +00:00
ume
f1d14cc455 RIPEMD160 support 
Obtained from:	KAME
 2003-10-12 09:43:48 +00:00
ume
8df937af7e switch cast128 implementation to implementation by Steve Reid; 
smaller footprint.

Obtained from:	KAME
 2003-10-10 15:06:16 +00:00
ume
d850f73361 one more opossite conditiion. 
Reported by:	"lg" <zevlg@yandex.ru>
 2003-09-18 17:26:56 +00:00
ume
c724a09a95 condition of padLen check was opposite. 
Reported by:	"lg" <zevlg@yandex.ru>
Reviewed by:	Lev Walkin <vlm@netli.com>
 2003-09-17 08:51:43 +00:00
phk
1456ca5b58 Correctly bzero the entire context, not just the first sizeof(void *) bytes. 
Found by:	Juergen Buchmueller <pullmoll@stop1984.com>
 2003-09-08 18:32:33 +00:00
obrien
349c6025d0 Use __FBSDID(). 2003-06-10 21:44:29 +00:00
obrien
4054bc5e58 Assembly files put thru the C preprocessor need to have C style comments. 2003-04-21 16:30:12 +00:00
silby
5eab66f151 Remove some unnecessary casts. 2003-01-25 22:41:22 +00:00