Commit Graph

66 Commits

Author SHA1 Message Date
keihan
6979203302 s/netbsd.org/NetBSD.org/g 2003-11-28 08:56:48 +00:00
tls
1f93975cf8 Move the Skipjack algorithm from sys/opencrypto to sys/crypto/skipjack.
There are now no cryptographic algorithms in sys/opencrypto, which,
according to the comment formerly in files.opencrypto, was the original
intent.
2003-11-16 12:07:50 +00:00
itojun
1e4d96a37f bzero() 2nd arg mistake. found by openbsd guys, via kame 2003-09-04 00:11:49 +00:00
itojun
467deb61ca rijndael-api-fst.h is not needed 2003-08-28 08:38:19 +00:00
thorpej
d5d0a860bc Add missing RCS ID. 2003-08-27 14:49:44 +00:00
itojun
725b73043b simplify rijndael.c API - always schedule encrypt/decrypt key.
reviewed by thorpej
2003-08-27 14:23:25 +00:00
tron
710886efc2 Fix build problem caused by adding "const", remove "register" usage. 2003-08-27 12:17:18 +00:00
itojun
000061139d typo 2003-08-27 03:35:35 +00:00
itojun
880bf51285 check and panic if key with wrong dir is passed 2003-08-27 02:44:19 +00:00
thorpej
e77423d998 * Const poison, ANSI'ify, like newer OpenSSL Blowfish code.
* Add a BF_ecb_encrypt(), which makes for a prettier interface than
  using BF_encrypt()/BF_decrypt() directly.
2003-08-26 23:51:12 +00:00
thorpej
850a45bf66 const an array. 2003-08-26 20:15:13 +00:00
thorpej
e6430e4cf8 Const poison, use ANSI-style. 2003-08-26 20:12:22 +00:00
thorpej
793bc7ea32 Take a couple more opportunities to const poison. 2003-08-26 20:07:59 +00:00
thorpej
2d241878c0 Const poison. 2003-08-26 19:58:36 +00:00
thorpej
6de9ce0437 Move the opencrypto CAST-128 implementation to crypto/cast128, removing
the old one.  Rename the functions/structures from cast_* to cast128_*.
Adapt the KAME IPsec to use the new CAST-128 code, which has a simpler
API and smaller footprint.
2003-08-26 16:37:36 +00:00
thorpej
aa6632baa6 G/C opencrypto's local copy of rijndael. Adapt the extant rijndael
code for opencrypto's use by adding the simplified API that opencrypto
expects.
2003-08-26 14:24:05 +00:00
thorpej
633cb7d73e Make opencrypto depend on the "ripemd160" and "sha2" attributes, rather
than polluting the crypto algorithm config info with opencrypto knowledge.
2003-08-24 19:26:54 +00:00
elric
73d81f8b40 Ensure that the IV is aligned for strict alignment machines. 2003-08-18 02:36:17 +00:00
martin
99716c5d05 Make this compile for big endian archs.
Fixes PR port-sparc64/22333.
2003-08-01 22:25:55 +00:00
jonathan
33aa54035d Clean up dependencies between opencrypto framework and sys/crypto,
by making the sys/crypto transforms depend on
	(per-transform-config-keyword|opencrypto)

Thanks to  Martin Husemann for double-checking the changes.
2003-07-28 21:28:23 +00:00
he
aa96f9d39c Don't declare the sha2.c file twice, instead add opencrypto flag to
existing declaration, and leave behind a comment in files.opencrypto.
2003-07-26 13:49:52 +00:00
itojun
1b39a0b938 add ripemd160 (for AH) 2003-07-25 09:46:05 +00:00
itojun
a93a267072 make rijndael_cipherInit() to take binary IV, not hex IV, as before. 2003-07-24 14:51:34 +00:00
itojun
d64e1c8d6a add hmac-sha2 support. various cleanups (like avoid hardcoding '16').
from kame
2003-07-22 03:24:23 +00:00
itojun
d931d5d70e "make regress" work under regress/sys/crypto/rijndael 2003-07-16 05:27:49 +00:00
itojun
4d4897d334 rijndael-api-fst.c is needed for cgd. pointed out by Love 2003-07-16 05:08:08 +00:00
itojun
281d9d13a5 simplify and update rijndael code. markus@openbsd 2003-07-15 11:00:36 +00:00
drochner
2d89c22fc7 sprinkle some #ifdef __LINT__ until C9X named union member
initialization is digested
2003-02-09 16:25:27 +00:00
itojun
f2187f5675 correct panic() condition - it was backwards.
From: Rafal Boni <rafal@attbi.com>
2002-11-18 23:38:46 +00:00
itohy
f2cc0d2ae5 add non-ELF .align 2002-11-12 03:03:10 +00:00
thorpej
db1c1d81f9 Fix signed/unsigned comparison warnings. 2002-11-07 07:04:13 +00:00
thorpej
c74bb099e4 Make the length argument of arc4_setkey() unsigned. 2002-11-07 07:03:11 +00:00
perry
e4c3c3c99a /*CONTCOND*/ a sizeof comparison 2002-11-02 07:19:51 +00:00
perry
0cbafb99fa change arc4_ctx to use unsigned values -- kills lint warnings 2002-10-22 21:50:08 +00:00
thorpej
0ab79d5327 * Move config defns for the crypto algorithms into their own files.
Define an attribute for each crypto algorithm, and use that attribute
  to select the files that implement the algorithm.
* Give the "wlan" attribute a dependency on the "arc4" attribute.
* Give the "cgd" pseudo-device the "des", "blowfish", "cast128", and
  "rijndael" attributes.
* Use the new attribute-as-option-dependencies feature of config(8) to
  give the IPSEC_ESP option dependencies on the "des", "blowfish", "cast128",
  and "rijndael" attributes.
2002-10-11 01:52:04 +00:00
elric
c242f201c5 Modified to avoid compiler warnings. The specific warning related
to const BF_KEY * vars, and I chose to ``fix'' it in this file
rather than elsewhere in the framework because, although the other
fix was more appropriate, nothing seems to use the code in this
file and hence the risk of disrupting other people was lower.  In
the future, the more appropriate change would be to change blowfish.h
and bf_enc.c to have functions with signatures:

BF_encrypt(BF_LONG *, const BF_KEY *);
BF_decrypt(BF_LONG *, const BF_KEY *);
2002-09-08 07:52:41 +00:00
elric
b6db42eac8 Added an include of sys/types.h to get u_int32_t and so on. 2002-09-08 07:41:01 +00:00
elric
7fbd07ccbe Include <sys/types.h> to allow compilation to occur. 2002-09-07 23:35:37 +00:00
elric
29db5af4a5 repoint include file for kernel use. 2002-09-07 22:58:04 +00:00
itojun
971ec4d861 missing IV handling in CBC mode (does not affect ESP code as we have
CBC handling in sys/netinet6/esp_core.c).  sync w/kame
2002-05-24 06:28:06 +00:00
itojun
2ff9b43758 sync blowfish function prototype between i386 assembly and C.
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
2002-02-27 01:32:17 +00:00
thorpej
9e94d2a9fe When compiling for userland, need <stdlib.h> for abort() prototype
(noticed by gcc 3.1).
2001-12-31 20:20:28 +00:00
itojun
f8321e02a6 fix cast128 with shorter key length. sync with kame 2001-11-27 11:19:36 +00:00
lukem
2565646230 don't need <sys/types.h> when including <sys/param.h> 2001-11-15 09:47:59 +00:00
lukem
4f2ad95259 add RCSIDs 2001-11-13 00:56:55 +00:00
taca
9b6c5002eb Add including <stdio.h> for compiling in user land.
This should fix compile error (really warning) in src/regress/sys/crypto/des.
2001-09-09 15:52:57 +00:00
tls
6b3afc53e0 Add asm versions of blowfish and des transforms for i386.
This also involved updating the in-kernel DES functions to correspond
to the versions in our in-tree OpenSSL, because the des_SPtrans table
has changed; the asm code will not work with the old permutation table!

C and i386 asm code for the DES, 3DES, and Blowfish CBC modes is also
included; it is not currently built as the ESP processing in esp_core.c
splits the CBC operation and the cipher transform apart.  Hopefully that
will be fixed as there is a substantial performance improvement to be had
from doing so.  It will remain necessary to use the C version of the
Blowfish CBC function on some i386 machines, however, as the asm version
uses bswapl, which ony 486 and later processors have.  The DES CBC code
doesn't have this problem.

Finally, change esp_core.c to use the ecb3_encrypt function instead of
calling ecb_encrypt three times; this improves performance a bit, in
particular in the asm case.
2001-09-09 11:03:59 +00:00
tls
3d4146e21f Add asm versions of blowfish and des transforms for i386.
This also involved updating the in-kernel DES functions to correspond
to the versions in our in-tree OpenSSL, because the des_SPtrans table
has changed; the asm code will not work with the old permutation table!

C and i386 asm code for the DES, 3DES, and Blowfish CBC modes is also
included; it is not currently built as the ESP processing in esp_core.c
splits the CBC operation and the cipher transform apart.  Hopefully that
will be fixed as there is a substantial performance improvement to be had
from doing so.  It will remain necessary to use the C version of the
Blowfish CBC function on some i386 machines, however, as the asm version
uses bswapl, which ony 486 and later processors have.  The DES CBC code
doesn't have this problem.

Finally, change esp_core.c to use the ecb3_encrypt function instead of
calling ecb_encrypt three times; this improves performance a bit, in
particular in the asm case.
2001-09-09 11:00:59 +00:00
thorpej
05b5ee3074 bzero -> memset, bcopy -> memcpy 2001-07-18 16:50:27 +00:00
itojun
7925bc6220 properl y check DES weak key. KAME PR 363 2001-07-03 14:29:45 +00:00