summaryrefslogtreecommitdiff
path: root/src/lib/libc/crypt (follow)
Commit message (Collapse)AuthorAgeFilesLines
* solar's testsuite revealed insufficient validation of invalid input hashes.tedu2014-02-241-8/+10
| | | | add a more complete check for the rounds parameter. ok deraadt
* remove redundant testtedu2014-02-171-3/+2
|
* sticking strlen into a char leads to wraparound at 256. fix this andtedu2014-02-171-5/+18
| | | | | | introduce a new 'b' hash minor. still generate 'a' minors for now. reported by solar designer. diff by some combination of solar and jca. ok deraadt
* pseudo-code corrections from Solar Designer <solar@openwall.com>deraadt2013-12-191-4/+4
|
* tweak previous;jmc2013-10-221-4/+2
|
* delete extra words; Henri Kemppainenderaadt2013-10-221-3/+2
|
* update documentation for these functions. They now state the case regardingderaadt2013-10-211-63/+45
| | | | | | | pthreads and chroot, and safe initialization without /dev/random and such junk. If you are in control of an arc4random in another library, please look at these pages and get caught up. ok various
* Remove arc4random_stir() and arc4random_addrandom(), which none shouldderaadt2013-10-212-28/+2
| | | | | | be using directly. Well, a few rare people cloned it upstream and it will take a bit of time for them to learn. ok various
* a couple of warning fixes and an RCS marker; ok markus@djm2013-10-041-2/+4
|
* replace rc4 with ChaCha20; inspired by Nick Mathewson's work on libottery;markus2013-10-012-98/+326
| | | | feedback and ok djm@
* use .Mt for email addresses; from Jan Stary <hans at stare dot cz>; ok jmc@schwarze2013-07-162-6/+6
|
* spacingderaadt2013-06-111-3/+2
|
* Use the fancy .In macro for includes. From Jan Klemkow. ok jmc schwarzetedu2013-06-053-10/+10
|
* tweak a few commentstedu2013-04-211-5/+7
|
* this man page is mostly about password hashing now (you really don'ttedu2013-04-211-18/+5
| | | | | want to be using DES) and some of the notes about the export controls are no longer so relevant. ok deraadt jmc
* Xr encrypt(1) to give people a hint if they just want a password stringtedu2013-04-201-2/+3
|
* add some prototypes, casts, includes, parenthesis, and whatnot totedu2013-04-171-1/+4
| | | | silence some warnings.
* Document a known bug in the DES crypt cipher implementation which we'restsp2012-11-301-2/+6
| | | | | | | | | | not going to fix in order to stay compatible with legacy password data. Nobody should use DES crypt anyway these days. See http://www.freebsd.org/security/advisories/FreeBSD-SA-12:02.crypt.asc for details about this bug. Discussed with deraadt and beck about half a year ago (I'm pruning Ms from my tree).
* arc4random_buf is the easy way to fill a buffer now. ok deraadttedu2012-09-041-10/+3
|
* remove reference to no longer existing description of nonexistent devices;naddy2012-07-261-7/+4
| | | | ok deraadt@ tedu@, wording tweaks jmc@
* Change arc4random_uniform() to calculate ``2**32 % upper_bound'' asmatthew2012-06-241-12/+3
| | | | | | | | | | ``-upper_bound % upper_bound''. Simplifies the code and makes it the same on both ILP32 and LP64 architectures, and also slightly faster on LP64 architectures by using a 32-bit remainder instead of a 64-bit remainder. Pointed out by Jorden Verwer on tech@ ok deraadt; no objections from djm or otto
* Update STANDARDS section for a few <stdlib.h> functionsguenther2012-06-021-5/+6
| | | | | | Update SYNOPSIS for setkey() to show it's in <stdlib.h> ok jmc@, millert@
* remove comment that hasn't been true for quite a while now;otto2010-12-221-6/+1
| | | | ok deraadt@ djm@
* remove skipjack and cast from the libc; ok deraadtmikeb2010-10-283-1053/+2
|
* Use MACHINE_CPU instead of MACHINE_ARCH to pick the correct machine dependentmiod2010-02-031-2/+2
| | | | | | | files or directories when applicable. The inspiration and name of MACHINE_CPU come from NetBSD, although the way to provide it to Makefiles is completely different. ok kettenis@
* No point in refreshing the pid from inside arc4_stir() when thatguenther2009-12-151-6/+15
| | | | | | | | | doesn't test it, so factor out the two places that test it into a routine and do the refreshing there. With this, arch4random_buf() doesn't trigger superfluous calls to getpid() when filling large buffers. ok deraadt@, "looks nicer indeed" otto@
* s/Mhz/MHz/, MHz is a multiple of the SI unit hertz (whose symbol is Hz).sobrado2009-10-311-2/+2
|
* repair the ARC4 story; ok jmc djm millertderaadt2008-12-231-5/+7
|
* zap __arc4_getbyte(), it was only used by the old malloc; ok millert@otto2008-10-031-14/+1
| | | | kurt@
* fix an Xr, and use a more appropriate macro;jmc2008-06-091-4/+4
|
* arc4random_stir() does not use /dev/arandom anymore, but sysctl kern.arandomderaadt2008-06-081-4/+6
|
* fix math screwup that reintroduced a bias for upper_bounds in rangedjm2008-06-041-2/+2
| | | | | | | (2^30,2^31). Nothing in the tree yet requests random numbers bounded by this range. report jakob!deraadt; ok deraadt@
* Zero state buffers on return. OK deraadt@millert2008-04-021-1/+5
|
* - add NAME entries for arc4random_buf and arc4random_uniformjmc2008-03-161-2/+4
| | | | - simplify a macro call (Do/Dc -> Dq)
* Add missing MLINKSderaadt2008-03-161-1/+2
|
* diff from djm@ committed at his request:otto2008-03-162-3/+84
| | | | | | | | | | | | | | introduce two new APIs for requesting strong random numbers: arc4random_buf() - fill an arbitrary memory range with random numbers arc4random_uniform() - return a uniformly distributed random number below a specified upper bound, avoiding the bias that comes from a naive "arc4random() % upper_bound" construction. these mirror similarly-named functions in the kernel; lots of discussion deraadt@ mcbride@
* - make arc4random*() functions thread safe. Use a custom spinlock functionkurt2008-01-011-41/+56
| | | | | | | | | | | instead of the generic pthread macros since free(3) uses __arc4_getbyte() when freeing small sized allocations and the generic pthread macros call malloc(3). - eliminate passing pointers to a static variable with global scope (rs) for additional code clarity and reduction. - shlib minor bumps for libc and libpthread due to new functions. From andreas@ with some bits from me. okay tedu@ marc@ w/some spot checking from millert@
* add a RETURN VALUES section.pyr2007-10-081-9/+9
| | | | ok jmc@
* convert to new .Dd format;jmc2007-05-313-6/+6
|
* macros at start of line require a `.';jmc2007-05-021-2/+2
|
* Document the lack of error return value in arc4random.pyr2007-05-021-1/+4
| | | | Sync the documentation in getpid with arc4random's format.
* Get rid of useless #if 0 block, especially since the code is includedray2007-03-191-5/+1
| | | | | | immediately after. OK millert@.
* Change hard coded numbers to sizeof(buf). Also change someray2007-02-201-3/+3
| | | | | | | | sizeof(buf) - 1 to sizeof(buf), since fgets takes the whole buffer size. Based on diff from Charles Longeau <chl at tuxfamily dot org> long ago. OK millert@.
* provide an libc internal interface to get random bytes, to be used by mallocotto2007-02-121-3/+12
| | | | to get random data without calling getpid(), ok millert@ deraadt@
* no point mentioning functions if we have nothing useful to sayjmc2006-08-051-13/+1
| | | | | | about them; ok djm
* wording/grammar tweaks;jmc2006-07-261-3/+4
|
* better macros;jmc2006-07-261-6/+6
|
* document `iv';jmc2006-07-261-1/+4
| | | | | from eren elci; tweaked by djm ok djm
* updates from nicholas marriott;jmc2006-07-251-5/+9
| | | | re-worded and ok djm
* allocate gsalt large enough; from Matthew R. Dempsky <mrd at alkemiootto2006-07-041-2/+2
| | | | dot org>; ok djm@ deraadt@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-17 23:54:23 +0000