summaryrefslogtreecommitdiff
path: root/usr/src/cmd/cmd-crypto
AgeCommit message (Collapse)AuthorFilesLines
2015-02-165591 initialisation inversion of component order in cmd-crypto/elfsign.cRichard PALO15-54/+50
5620 cstyle updates for cmd/cmd-crypto and lib/libkmf Reviewed by: Dan McDonald <danmcd@omniti.com> Reviewed by: David Höppner <0xffea@gmail.com> Reviewed by: Josef "Jeff" Sipek <jeffpc@josefsipek.net> Approved by: Dan McDonald <danmcd@omniti.com>
2013-10-234027 remove CLOSED_BUILDJosef 'Jeff' Sipek1-6/+0
4028 remove CLOSED_IS_PRESENT 4029 remove tonic build bits Reviewed by: Andy Stormont <andyjstormont@gmail.com> Reviewed by: Richard Lowe <richlowe@richlowe.net> Approved by: Richard Lowe <richlowe@richlowe.net>
2013-08-304072 make clobber leaves trashGordon Ross1-0/+2
Reviewed by: Albert Lee <trisk@nexenta.com> Reviewed by: Dan McDonald <danmcd@nexenta.com> Reviewed by: Marcel Telka <marcel.telka@nexenta.com> Reviewed by: Richard Lowe <richlowe@richlowe.net> Approved by: Garrett D'Amore <garrett@damore.org>
2013-08-163915 Add adjuncts support to the buildKeith M Wesolowski3-3/+4
Reviewed by: Robert Mustacchi <rm@joyent.com> Reviewed by: Richard Lowe <richlowe@richlowe.net> Approved by: Dan McDonald <danmcd@nexenta.com>
2013-07-163887 Enlarge data buffer in digest/mac to boost performanceDavid Höppner1-1/+5
Reviewed by: Saso Kiselkov <skiselkov.ml@gmail.com> Reviewed by: Garrett D'Amore <garrett@damore.org> Approved by: Dan McDonald <danmcd@nexenta.com>
2012-11-063310 root CA certs should be removed from illumos-gatePaul B. Henson146-3950/+2
Reviewed by: Garrett D'Amore <garrett@damore.org> Approved by: Dan McDonald <danmcd@nexenta.com>
2012-09-222933 compiler warning gags need better granularityRichard Lowe4-4/+9
Reviewed by: Eric Schrock <eric.schrock@delphix.com> Approved by: Garrett D'Amore <garrett@damore.org>
2012-04-241665 Illumos wont build against openssl 1.0.0Theo Schlossnagle1-1/+4
Reviewed by: Robert Mustacchi <rm@joyent.com> Reviewed by: Keith Wesolowski <keith.wesolowski@joyent.com> Reviewed by: Joshua M. Clulow <josh@sysmgr.org> Approved by: Albert Lee <trisk@nexenta.com>
2012-02-022111 begone, pkcs11_kms!Joshua M. Clulow3-223/+0
Reviewed by: Alexander Eremin <alexander.eremin@nexenta.com> Reviewed by: Jason King <jason.brian.king@gmail.com> Reviewed by: Garrett D'Amore <garrett@damore.org> Approved by: Richard Lowe <richlowe@richlowe.net>
2012-02-182077 lots of unreachable breaks in illumos gateMilan Jurik7-13/+7
Reviewed by: Dan McDonald <danmcd@nexenta.com> Reviewed by: Garrett D'Amore <garrett@damore.org> Approved by: Richard Lowe <richlowe@richlowe.net>
2011-05-181760 constant condition in elfsign annoys GCCRichard Lowe1-3/+1
Reviewed by: Dan McDonald <danmcd@nexenta.com> Reviewed by: Gordon Ross <gwr@nexenta.com> Approved by: Eric Schrock <eric.schrock@delphix.com>
2011-09-031445 Stop trusting the diginotar certRichard Lowe2-33/+0
Reviewed by: Gordon Ross <gwr@nexenta.com> Reviewed by: Dan McDonald <danmcd@nexenta.com> Approved by: Garrett D'Amore <garrett@nexenta.com>
2010-09-126 Need open kcfdGarrett D'Amore9-751/+22
Reviewed by: gwr@nexenta.com, richlowe@richlowe.net, matt@greenviolet.net Approved by: richlowe@richlowe.net
2010-08-096974684 libpkcs11 performance can be improved with less restrictive dlopen() ↵Valerie Bubb Fenwick1-1/+6
flags 6975112 libpkcs11 shouldn't try to dlclose its own metaslot
2010-07-286959099 T2 Crypto Drivers (ncp, n2cp, n2rng) need to implement self tests ↵Misaki Miyashita5-29/+451
for FIPS 140-2 compliance
2010-07-27PSARC 2010/269 KMF Certificate Validation EnhancementsWyllys Ingersoll5-8/+11
6963018 kmf_validate_cert should put more flags into the output attribute in case of an error 6939226 allow one KMF session to choose from multiple trusted anchors to validate a certificate
2010-07-226970482 cryptoadm cores when listing CKM_AES_CBC mechanismDarren J Moffat1-18/+19
2010-06-28PSARC 2010/195 PKCS11 KMS ProviderWyllys Ingersoll3-3/+225
6944296 Solaris needs a PKCS#11 provider to allow access to KMS keystore functionality
2010-06-25PSARC 2009/430 Default system CA (X.509) CertificatesHai-May Chao142-6/+3725
6661895 /etc/sfw/openssl/certs has no well known CA certificates
2010-06-11PSARC/2010/177 KMF Certificate Name mapping extensionsJan Pechanec5-25/+177
PSARC/2010/178 KMF Common Name Mapper 6942888 KMF should provide certificate to name mapping capabilities 6949176 KMF cert-to-name mapping framework needs a CN mapper
2010-06-086954451 pktool list does not pass user creds to KMF correctlyWyllys Ingersoll1-4/+3
2010-05-04PSARC/2010/146 EOF unnecessary elfsign and kCF optionsValerie Bubb Fenwick1-417/+9
6855881 clean up unnecessary technology from elfsign and kcf
2010-04-236944179 kmf_sign_cert needs more info about signing algorithmWyllys Ingersoll7-68/+64
6944121 KMF should add Basic-Constraint when keyCertSign EKU is set 6943253 pktool should ask to overwrite a CSR file if it already exists 6943234 pktool online help wrongly suggests we can delete a key based on its subject-DN 6940180 certClass should be called privClass (or just class) in KMFPK11_FindPrikeyByCert() 6940146 kmf_sign_data() returns KMF_ERR_INTERNAL but the PKCS#11 plugin returns KMF_ERR_MISSING_ERRCODE 6938522 kmf_openssl.so.1 clobbers OpenSSL locking callbacks
2010-03-22PSARC 2010/032 EC and SHA2 for KMFWyllys Ingersoll9-373/+937
6902640 pktool/KMF needs to support ECDSA keys and certificates 6787016 pktool can offer the ability to generate RSA keypairs
2010-02-266927569 cryptoadm unload doesn't perform as expected on freshly-installed ↵Dan OpenSolaris Anderson1-15/+28
systems
2010-01-196910806 Remove warning after enabling fips by cryptoadmHai-May Chao1-5/+1
2010-01-086862532 "cryptoadm: failed to parse configuration" errorDan OpenSolaris Anderson2-37/+59
6353443 domestic (crypt) source build leaves stuff it shouldn't 6818180 mac(1) printed "invalid key" error message when user input an invalid passphrase
2009-12-036857427 remove the unused key and certificate files from the gateValerie Bubb Fenwick2-51/+1
2009-11-166895727 tpmadm command needs to set prompts correctly for auth commandScott Rotondo3-29/+55
2009-11-056897371 cryptoadm needs changes in order to support fips-140 mode in local zonesHai-May Chao7-222/+148
6897374 Memory leaking in kernel algorithm modules and softtoken dsa with fips enabled
2009-10-236894413 tpmadm needs more explanation in its error messagesScott Rotondo1-0/+15
2009-10-206889197 libkmf uses realloc incorrectlyWyllys Ingersoll1-0/+5
6889730 pktool fails to add EKUs to CSR and Cert requests 6889224 pktool incorrectly generates SAN
2009-10-086887337 pktool gencert should use SHA1 instead of MD5Wyllys Ingersoll3-7/+7
2009-10-07PSARC/2009/447 Kernel Cryptographic Framework support for FIPS 140-2Anthony Scarpino1-6/+4
6703950 Solaris cryptographic framework needs to implement changes for FIPS-140-2 compliance
2009-09-286606040 elfsign should use new KMF APIsJohn.Zolnowsky@Sun.COM1-53/+95
2009-09-11PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 modeHai-May Chao7-243/+612
6787364 Administration and policy configuration changes to support FIPS 140-2 6867384 Solaris Crypto Framework needs to implement self tests for FIPS 140-2 compliance
2009-09-026796585 Array overrun in libkmfWyllys Ingersoll1-2/+8
6874082 KMF fails to create generic AES keys for NSS 6869630 pktool export is broken after CR 6860037 was integrated
2009-08-196855414 Deliver SPARC support for TPMWyllys Ingersoll2-13/+6
6865428 pkcs11_tpm should be installed by default, or it won't be used
2009-08-17backout 6855414: breaks buildjmcp2-6/+13
2009-08-176855414 Deliver SPARC support for TPMWyllys Ingersoll2-13/+6
6865428 pkcs11_tpm should be installed by default, or it won't be used
2009-08-016860037 pktool can't find certificate when there is only one on the tokenWyllys Ingersoll4-30/+63
6794511 Improved pktool Error Reporting 6744775 pktool error message for non-existant file could be better
2009-07-296864230 hiho, hiho, it'ch chtime for CH to gojmcp2-19/+2
Portions contributed by Rich Lowe
2009-07-246847622 Segmentation faults when running pktool in snv_116Huie-Ying Lee1-3/+2
2009-07-016846615 Enlarge data buffer in encrypt/decrypt to boost T2 HW accelerator ↵Krishna Yenduri1-4/+8
performance
2009-05-186823839 encrypt utility can cause loss of dataValerie Bubb Fenwick1-2/+5
2009-03-236814522 pktool gencert/gencsr should remove keypair if there is an errorHuie-Ying Lee2-10/+83
2009-03-206666204 meta slot opens and closes /dev/urandom needlessly for every readDina K Nimeh1-3/+3
6722460 finish moving /dev/random and /dev/urandom seeding and usage to libcryptoutil
2009-03-20PSARC 2008/725 TPM SupportWyllys Ingersoll10-25/+1232
6771298 Solaris needs a PKCS11 provider for the TPM 6771289 Solaris needs TCG support
2009-01-096790251 cryptosvc shouldn't depend on filesystem/root:defaultJohn.Zolnowsky@Sun.COM1-2/+2
2008-12-186698202 encrypt(1)/mac(1) should prompt twice for the passphraseDina K Nimeh1-3/+4
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-28 20:56:05 +0000