| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
hyphen in their official programming guide sometime between 2003 and
2005, and Clang's integrated assembler does not support hyphenated
mnemonics.
ok jsg, deraadt
|
| |
|
|
|
|
| |
file it will be used from.
requested by/ok mikeb@
|
| |
|
|
|
|
|
| |
which should have been declared as CRYPTO_ALGORITHM_MAX + 1,
fix this and reserve enough space for the VIA additions as well.
ok/comments from mikeb & deraadt
|
| |
|
|
|
|
|
|
|
| |
- Update local engines for the EVP API change (len u_int => size_t)
- Use hw_cryptodev.c instead of eng_cryptodev.c
- Make x86_64-xlate.pl always write to the output file and not stdout,
fixing "make -j" builds (spotted by naddy@)
ok naddy@
|
| |
|
|
|
|
|
|
|
|
|
| |
There's not much use for the declassified cipher from the 80's
with a questionable license these days. According to the FIPS
drafts, Skipjack reaches its EOL in December 2010.
The libc portion will be removed after the ports hackathon.
djm and thib agree, no objections from deraadt
Thanks to jsg for digging up FIPS drafts.
|
| |
|
|
|
|
|
|
|
| |
with suggestions from miod.
The codepath doesn't seem to be called yet, this will be
investigated later.
looks good miod@, ok deraadt@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
the xcrypt inputs, hence the dance which is done to make this work.
The constraint for the key however was "mr" which is both from
memory and from a general register, it seems gcc3 went with the former
and gcc4 went with the later in the pic case, so change the
constraint for the key to just "m" which gives us more efficient
code that both gcc3 and gcc4 are happy with.
ok kettenis@
|
| |
|
|
| |
Makefiles, crank shlib_version
|
| |
|
|
| |
ok markus
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
ok markus@
|
| |
|
|
|
|
| |
From phk@freebsd.org
ok markus@
|
| |
|
|
|
|
| |
that AES is there, we now have 3 flag bits: C3_HAS_AES, C3_HAS_SHA
(SHA1 & SHA256), and C3_HAS_MM (RSA). Change this code to only look
at C3_HAS_AES for now.
|
| | |
|
| | |
|
| |
|
|
|
| |
hours learning that OpenSSL's internal functions for AES extended keys
generate screwy byte order swapped data..
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
yet generate 192 & 256 bit keys). Ensure that 192 and 256 are in the
nids table. This also accelerates performance for 128 a tiny bit:
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
aes-128-cbc 34921.48k 129617.82k 362059.93k 623649.81k 790397.77k
aes-192-cbc 26227.43k 99215.33k 283242.84k 509881.15k 665323.22k
aes-256-cbc 26133.22k 97458.06k 265990.84k 457824.69k 579835.09k
|
| |
|
|
|
|
|
|
| |
the machdep.xcrypt node. If they exist, use the xcrypt-cbc instruction
to accelerate aes-{128,192,256}-cbc, for more than 100x performance
increase. This code has no effect on any cpu... Tested thus far using
openssl speed command, and of course, ssh. 778MB/sec AES-128-CBC
performance at 8192 byte block size.
|
| |
|
|
| |
tested with kern.cryptodevallowsoft=1; ok deraadt@
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
for operations when /dev/crypto is missing, for instance in chroot
|
| | |
|
| |
|
|
| |
CRIOGET per EVP_Init(); ok niklas@, miod@
|
| |
|
|
| |
session_op)
|
| |
|
|
| |
ok beck@
|
| | |
|
| |
|
|
|
|
|
| |
using two mod_exp operations - otherwise we use BN_mod_exp2 entirely
in software, which makes dsa verifications glacially slow while
signatures, (which use mod_exp) are fast. This lets cards that can
only do bn_mod_exp decently offload most of dsa.
|
| | |
|
| |
|
|
|
| |
this will only be used if you both have a card that supports it
with a working driver and you set sysctl kern.userasymcrypto=1
|
| |
|
|
| |
translation between the crypto framework's format and the BN structure.
|
| | |
|
| |
|
