summaryrefslogtreecommitdiff
path: root/src/lib/libc/crypt (follow)
Commit message (Collapse)AuthorAgeFilesLines
* use $2b in the bcrypt example, ok tedusthen2014-05-161-3/+3
|
* remove md5crypt.tedu2014-05-125-195/+65
| | | | | | while changing things, add a crypt_checkpass wrapper that handles most of the edge cases. (not quite ready for production, though.) ok deraadt
* missing NULL checks to see if init is needed. found hard way by deraadt.tedu2014-05-061-3/+3
|
* fix stupid committedu2014-05-061-5/+5
|
* use explicit_bzerotedu2014-05-061-5/+5
|
* clear a stack buffer with explicit_bzerotedu2014-05-061-2/+2
|
* move chacha context and buffer out of bss and allow mmap to place themtedu2014-05-061-6/+16
| | | | wherever it decides it would like them. first step. ok deraadt dlg djm
* delete useless test codederaadt2014-05-041-23/+1
|
* now that 5.5 has been released with compatibility for 2b hashes,tedu2014-05-031-2/+2
| | | | switch to generating them by default. prodded by deraadt and sthen
* 1. Drop support for no minor. This variant doesn't exist anymore.tedu2014-05-031-44/+30
| | | | | | | | | | 2. Pull up the actual minor processing code into the switch that parses it. 3. atoi is actually simpler than strtonum in this case, but check the input beforehand so we don't get unexpected results. 4. Slightly more consistent style between various parse and check and increment operations on salt. ok deraadt
* one small tweak to avoid ever going off the end of a string.tedu2014-04-191-4/+6
|
* improved checking for invalid hashes. from solar designertedu2014-04-191-6/+10
|
* use char * for strings, saving casts. add return codes to base64 functionstedu2014-04-081-15/+26
|
* I have discussed these licenses with Poul-Henning Kamp and he has agreed tobeck2014-04-031-8/+17
| | | | this license change. We will remember that we all still like beer.
* oops, merge errortedu2014-03-241-2/+2
|
* clear stack variables, suggested by djmtedu2014-03-231-1/+4
|
* some improvements suggested by djm.tedu2014-03-231-4/+6
| | | | | | use better constant for salt size. always copy ":" to gerror, in case somebody is dumb enough to overwrite it timingsafe_bcmp before somebody whines about strcmp
* two functions don't need to be exportedtedu2014-03-231-3/+3
|
* minimal change to implementation of bcrypt to not require static globals.tedu2014-03-231-39/+88
| | | | | | add some friendlier functions. move the classic static data api into wrapper functions. a few more changes to come...
* switch to shorter ISC license. this was ok with Niels Provos.tedu2014-03-221-27/+12
|
* consolidate the base64 code in one place, and remove inadequate test codetedu2014-03-191-86/+56
|
* right or wrong, bcrypt() is declared in pwd.h, not unistd.htedu2014-03-191-2/+3
|
* solar's testsuite revealed insufficient validation of invalid input hashes.tedu2014-02-241-8/+10
| | | | add a more complete check for the rounds parameter. ok deraadt
* remove redundant testtedu2014-02-171-3/+2
|
* sticking strlen into a char leads to wraparound at 256. fix this andtedu2014-02-171-5/+18
| | | | | | introduce a new 'b' hash minor. still generate 'a' minors for now. reported by solar designer. diff by some combination of solar and jca. ok deraadt
* pseudo-code corrections from Solar Designer <solar@openwall.com>deraadt2013-12-191-4/+4
|
* tweak previous;jmc2013-10-221-4/+2
|
* delete extra words; Henri Kemppainenderaadt2013-10-221-3/+2
|
* update documentation for these functions. They now state the case regardingderaadt2013-10-211-63/+45
| | | | | | | pthreads and chroot, and safe initialization without /dev/random and such junk. If you are in control of an arc4random in another library, please look at these pages and get caught up. ok various
* Remove arc4random_stir() and arc4random_addrandom(), which none shouldderaadt2013-10-212-28/+2
| | | | | | be using directly. Well, a few rare people cloned it upstream and it will take a bit of time for them to learn. ok various
* a couple of warning fixes and an RCS marker; ok markus@djm2013-10-041-2/+4
|
* replace rc4 with ChaCha20; inspired by Nick Mathewson's work on libottery;markus2013-10-012-98/+326
| | | | feedback and ok djm@
* use .Mt for email addresses; from Jan Stary <hans at stare dot cz>; ok jmc@schwarze2013-07-162-6/+6
|
* spacingderaadt2013-06-111-3/+2
|
* Use the fancy .In macro for includes. From Jan Klemkow. ok jmc schwarzetedu2013-06-053-10/+10
|
* tweak a few commentstedu2013-04-211-5/+7
|
* this man page is mostly about password hashing now (you really don'ttedu2013-04-211-18/+5
| | | | | want to be using DES) and some of the notes about the export controls are no longer so relevant. ok deraadt jmc
* Xr encrypt(1) to give people a hint if they just want a password stringtedu2013-04-201-2/+3
|
* add some prototypes, casts, includes, parenthesis, and whatnot totedu2013-04-171-1/+4
| | | | silence some warnings.
* Document a known bug in the DES crypt cipher implementation which we'restsp2012-11-301-2/+6
| | | | | | | | | | not going to fix in order to stay compatible with legacy password data. Nobody should use DES crypt anyway these days. See http://www.freebsd.org/security/advisories/FreeBSD-SA-12:02.crypt.asc for details about this bug. Discussed with deraadt and beck about half a year ago (I'm pruning Ms from my tree).
* arc4random_buf is the easy way to fill a buffer now. ok deraadttedu2012-09-041-10/+3
|
* remove reference to no longer existing description of nonexistent devices;naddy2012-07-261-7/+4
| | | | ok deraadt@ tedu@, wording tweaks jmc@
* Change arc4random_uniform() to calculate ``2**32 % upper_bound'' asmatthew2012-06-241-12/+3
| | | | | | | | | | ``-upper_bound % upper_bound''. Simplifies the code and makes it the same on both ILP32 and LP64 architectures, and also slightly faster on LP64 architectures by using a 32-bit remainder instead of a 64-bit remainder. Pointed out by Jorden Verwer on tech@ ok deraadt; no objections from djm or otto
* Update STANDARDS section for a few <stdlib.h> functionsguenther2012-06-021-5/+6
| | | | | | Update SYNOPSIS for setkey() to show it's in <stdlib.h> ok jmc@, millert@
* remove comment that hasn't been true for quite a while now;otto2010-12-221-6/+1
| | | | ok deraadt@ djm@
* remove skipjack and cast from the libc; ok deraadtmikeb2010-10-283-1053/+2
|
* Use MACHINE_CPU instead of MACHINE_ARCH to pick the correct machine dependentmiod2010-02-031-2/+2
| | | | | | | files or directories when applicable. The inspiration and name of MACHINE_CPU come from NetBSD, although the way to provide it to Makefiles is completely different. ok kettenis@
* No point in refreshing the pid from inside arc4_stir() when thatguenther2009-12-151-6/+15
| | | | | | | | | doesn't test it, so factor out the two places that test it into a routine and do the refreshing there. With this, arch4random_buf() doesn't trigger superfluous calls to getpid() when filling large buffers. ok deraadt@, "looks nicer indeed" otto@
* s/Mhz/MHz/, MHz is a multiple of the SI unit hertz (whose symbol is Hz).sobrado2009-10-311-2/+2
|
* repair the ARC4 story; ok jmc djm millertderaadt2008-12-231-5/+7
|