summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/engine/hw_cryptodev.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Abandon the auto-ENGINE /dev/crypto interface. VIA 3des cbc receivesderaadt2014-06-101-1343/+0
| | | | | | | | | | | | | collateral damage. The syncronous nature of this mechanism has hampered performance for symmetric crypto relative to brute-force cpu. The assymetric crypto support never really materialized in drivers. So abandon the complexity. ok tedu beck mikeb some disagrement from djm but if he wants to test /dev/crypto ciphers he should do it without this this gigantic API in the way
* use memset instead of bzeroderaadt2014-06-091-2/+2
|
* malloc() result does not need a cast.deraadt2014-06-071-1/+1
| | | | ok miod
* no need for null check before free. from Brendan MacDonelltedu2014-05-301-2/+1
|
* add additional includes from eng_cryptodev.cjsg2014-05-071-0/+5
| | | | | makes this compile with OPENSSL_NO_DEPRECATED defined. ok deraadt@
* Use C99 initializers for the various FOO_METHOD structs. More readable, andmiod2014-04-271-31/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | avoid unreadable/unmaintainable constructs like that: const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = { EVP_PKEY_CMAC, EVP_PKEY_CMAC, 0, "CMAC", "OpenSSL CMAC method", 0,0,0,0, 0,0,0, cmac_size, 0, 0,0,0,0,0,0,0, cmac_key_free, 0, 0,0 }; ok matthew@ deraadt@
* Make libssl and libcrypto compile with -Werrorbeck2014-04-231-1/+1
| | | | ok miod@
* Switch to using unhyphenated VIA padlock mnemonics. VIA abandoned thematthew2013-05-301-2/+2
| | | | | | | | hyphen in their official programming guide sometime between 2003 and 2005, and Clang's integrated assembler does not support hyphenated mnemonics. ok jsg, deraadt
* move CRYPTO_VIAC3_MAX out of cryptodev.h and into the onlyjsg2010-12-161-0/+2
| | | | | | file it will be used from. requested by/ok mikeb@
* The VIA ciphers are added to an array of CRYPTO_ALGORITHM_MAX lengthjsg2010-12-161-2/+2
| | | | | | | which should have been declared as CRYPTO_ALGORITHM_MAX + 1, fix this and reserve enough space for the VIA additions as well. ok/comments from mikeb & deraadt
* More OpenSSL fixes:djm2010-10-061-7/+9
| | | | | | | | | - Update local engines for the EVP API change (len u_int => size_t) - Use hw_cryptodev.c instead of eng_cryptodev.c - Make x86_64-xlate.pl always write to the output file and not stdout, fixing "make -j" builds (spotted by naddy@) ok naddy@
* Retire Skipjackmikeb2010-10-061-1/+0
| | | | | | | | | | | There's not much use for the declassified cipher from the 80's with a questionable license these days. According to the FIPS drafts, Skipjack reaches its EOL in December 2010. The libc portion will be removed after the ports hackathon. djm and thib agree, no objections from deraadt Thanks to jsg for digging up FIPS drafts.
* VIA xcrypt for amd64, simpler version of a diff from deraadtjsg2010-06-291-6/+19
| | | | | | | | | with suggestions from miod. The codepath doesn't seem to be called yet, this will be investigated later. looks good miod@, ok deraadt@
* When running in pic mode we don't have enough general registers for alljsg2010-05-031-1/+1
| | | | | | | | | | | | the xcrypt inputs, hence the dance which is done to make this work. The constraint for the key however was "mr" which is both from memory and from a general register, it seems gcc3 went with the former and gcc4 went with the later in the pic case, so change the constraint for the key to just "m" which gives us more efficient code that both gcc3 and gcc4 are happy with. ok kettenis@
* remerge local tweaks, update per-arch configuration headers, updatedjm2008-09-061-12/+8
| | | | Makefiles, crank shlib_version
* fix memory leak (in one case of unaligned buffers); from Markus Kvetterderaadt2008-02-261-2/+3
| | | | ok markus
* potential fd leak (we will fix this before we move to cloning)deraadt2006-06-081-1/+3
|
* no need to byteswap for AES_ASM, from tom@markus2005-05-231-1/+9
|
* resolve conflictsdjm2005-04-291-2/+6
|
* adjust comment, open_dev_crypto() returns -1 on error.hshoexer2005-01-291-1/+1
| | | | ok markus@
* on error set correct pointer to NULL.hshoexer2005-01-261-2/+2
| | | | | | From phk@freebsd.org ok markus@
* machdep.xcrypt now has a different meaning: Instead of > 0 indicatingderaadt2004-06-151-14/+16
| | | | | | that AES is there, we now have 3 flag bits: C3_HAS_AES, C3_HAS_SHA (SHA1 & SHA256), and C3_HAS_MM (RSA). Change this code to only look at C3_HAS_AES for now.
* merge 0.9.7dmarkus2004-04-081-1/+4
|
* remove some debug code and cleanup..deraadt2004-02-041-18/+6
|
* OK, this time the AES soft keys work with ssh and such. I spent over 3deraadt2004-02-031-16/+63
| | | | | hours learning that OpenSSL's internal functions for AES extended keys generate screwy byte order swapped data..
* oops, software key gen bugderaadt2004-02-031-35/+10
|
* Switch to using software generated extended keys (because the cpu cannotderaadt2004-02-031-10/+35
| | | | | | | | | | yet generate 192 & 256 bit keys). Ensure that 192 and 256 are in the nids table. This also accelerates performance for 128 a tiny bit: type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-128-cbc 34921.48k 129617.82k 362059.93k 623649.81k 790397.77k aes-192-cbc 26227.43k 99215.33k 283242.84k 509881.15k 665323.22k aes-256-cbc 26133.22k 97458.06k 265990.84k 457824.69k 579835.09k
* If on an i386, detect existance of the VIA C3 xcrypt-* using sysctl ofderaadt2004-02-031-4/+174
| | | | | | | | the machdep.xcrypt node. If they exist, use the xcrypt-cbc instruction to accelerate aes-{128,192,256}-cbc, for more than 100x performance increase. This code has no effect on any cpu... Tested thus far using openssl speed command, and of course, ssh. 778MB/sec AES-128-CBC performance at 8192 byte block size.
* support AES with 192 and 256 bit keys, too.markus2003-08-071-58/+60
| | | | tested with kern.cryptodevallowsoft=1; ok deraadt@
* nuke term 3, since we're all in ~deraadt/terms and I clued in now.beck2003-06-031-3/+0
|
* merge 0.9.7b with local changes; crank majors for libssl/libcryptomarkus2003-05-121-9/+34
|
* remove printf("bar\n");markus2003-04-081-1/+0
|
* remove support for RC4 via /dev/crypto, suggested by Niels; ok provos@markus2002-06-201-18/+0
|
* do not syslog from libraries!deraadt2002-06-191-10/+1
|
* KNF, -Wall, and other cleanups. still does not failover 100% correctlyderaadt2002-06-191-22/+52
| | | | for operations when /dev/crypto is missing, for instance in chroot
* stupid stupid bug ja ja ja jaderaadt2002-06-191-1/+1
|
* unbreak sshd with privsep: open /dev/crypto, keep fd, and callmarkus2002-06-181-5/+20
| | | | CRIOGET per EVP_Init(); ok niklas@, miod@
* per-evp state is now sizeof(struct dev_crypto_state) instead sizeof(struct ↵markus2002-06-181-6/+6
| | | | session_op)
* keep a FD per EVP_init, use a global FD for all asym operations;markus2002-06-131-83/+85
| | | | ok beck@
* KNFderaadt2002-06-111-19/+16
|
* add "dsa_dsa_mod_exp" - This mimics the software dsa_mod_exp funtionbeck2002-06-111-3/+37
| | | | | | | using two mod_exp operations - otherwise we use BN_mod_exp2 entirely in software, which makes dsa verifications glacially slow while signatures, (which use mod_exp) are fast. This lets cards that can only do bn_mod_exp decently offload most of dsa.
* Make DSA work now... at least for things that can do bn_mod_exp.beck2002-06-111-7/+4
|
* Make asymmetric crypto work in userlandbeck2002-06-111-36/+114
| | | | | this will only be used if you both have a card that supports it with a working driver and you set sysctl kern.userasymcrypto=1
* Pass the right arguments for RSA, DSA, and modexp operations. Fix theangelos2002-06-091-30/+37
| | | | translation between the crypto framework's format and the BN structure.
* add aes/bf/cast; ok deraadt@markus2002-05-161-2/+50
|
* OpenSSL 0.9.7 stable 2002 05 08 mergebeck2002-05-151-0/+926
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 11:15:40 +0000