summaryrefslogtreecommitdiff
path: root/usr/src/common/crypto
AgeCommit message (Collapse)AuthorFilesLines
2020-01-22 [illumos-gate merge]Jerry Jelinek2-45/+66
commit 623c3de4b7886d5d3a70c856a27c13fe534b2b69 12221 arp: smatch errors commit 2f9f8a9bcff03868ad346b312981e5d198aafd63 11966 CTR mode tries to be both a stream and block cipher and fails at both commit 709d065fa472580d0fd685caa2fe31c61c2fa25c 12209 nvme driver will iterate beyond the end of the DMA cookie chain commit dbce3eaafc7c3dceff97b7ab4de9308eb77f5795 12215 pyzfs module does not build with python 3.7 Conflicts: usr/src/uts/common/crypto/io/aes.c usr/src/common/crypto/modes/ctr.c
2020-01-2111966 CTR mode tries to be both a stream and block cipher and fails at bothJason King3-133/+180
Reviewed by: Dan McDonald <danmcd@joyent.com> Reviewed by: Robert Mustacchi <rm@fingolfin.org> Approved by: Gordon Ross <gordon.w.ross@gmail.com>
2019-11-1211825 PKCS#11 CKM_AES_CBC_PAD decryption can failJason King1-1/+4
Reviewed by: Dan McDonald <danmcd@joyent.com> Approved by: Gordon Ross <gordon.w.ross@gmail.com>
2019-10-10OS-7964 CTR mode tries to be both a stream and block cipher and fails at bothJason King3-134/+160
Reviewed by: Dan McDonald <danmcd@joyent.com> Approved by: Dan McDonald <danmcd@joyent.com>
2019-07-18OS-7839 pkcs11_softtoken C_DecryptFinal can fail with CKM_AES_CBC_PADJason King1-1/+4
Reviewed by: Mike Gerdts <mike.gerdts@joyent.com> Reviewed by: Patrick Mooney <patrick.mooney@joyent.com> Reviewed by: Dan McDonald <danmcd@joyent.com> Approved by: Dan McDonald <danmcd@joyent.com>
2019-06-29OS-7828 add support for kernel crash dump encryptionBryan Cantrill2-9/+21
Reviewed by: Robert Mustacchi <robert.mustacchi@joyent.com> Approved by: Joshua M. Clulow <jmc@joyent.com>
2019-06-258727 Native data and metadata encryption for zfsTom Caputi2-2/+2
Portions contributed by: Jorgen Lundman <lundman@lundman.net> Portions contributed by: Jerry Jelinek <jerry.jelinek@joyent.com> Portions contributed by: Paul Zuchowski <pzuchowski@datto.com> Portions contributed by: Tim Chase <tim@chase2k.com> Portions contributed by: Matthew Ahrens <mahrens@delphix.com> Portions contributed by: ab-oe <arkadiusz.bubala@open-e.com> Portions contributed by: Brian Behlendorf <behlendorf1@llnl.gov> Portions contributed by: loli10K <ezomori.nozomu@gmail.com> Portions contributed by: Igor K <igor@dilos.org> Portions contributed by: Richard Laager <rlaager@wiktel.com> Reviewed by: Jason Cohen <jwittlincohen@gmail.com> Reviewed by: Allan Jude <allanjude@freebsd.org> Reviewed by: George Melikov <mail@gmelikov.ru> Reviewed by: Paul Dagnelie <pcd@delphix.com> Reviewed by: RageLtMan <rageltman@sempervictus> Reviewed by: Matthew Thode <prometheanfire@gentoo.org> Reviewed by: Giuseppe Di Natale <dinatale2@llnl.gov> Reviewed by: Kash Pande <kash@tripleback.net> Reviewed by: Alek Pinchuk <apinchuk@datto.com> Reviewed by: Dan Kimmel <dan.kimmel@delphix.com> Reviewed by: David Quigley <david.quigley@intel.com> Reviewed by: Jorgen Lundman <lundman@lundman.net> Reviewed by: Matthew Ahrens <mahrens@delphix.com> Reviewed by: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed by: Toomas Soome <tsoome@me.com> Reviewed by: C Fraire <cfraire@me.com> Reviewed by: Jason King <jason.king@joyent.com> Reviewed by: Andy Stormont <astormont@racktopsystems.com> Approved by: Garrett D'Amore <garrett@damore.org>
2019-06-0210210 libmd should leverage SHA extensionsRobert Mustacchi6-0/+762
Reviewed by: Dan McDonald <danmcd@joyent.com> Reviewed by: John Levon <john.levon@joyent.com> Approved by: Hans Rosenfeld <hans.rosenfeld@joyent.com>
2018-12-201228 Add CCM and GCM mode support to AES in pkcs11_softtokenJason King4-10/+28
Reviewed by: Dan McDonald <danmcd@joyent.com> Reviewed by: Robert Mustacchi <rm@joyent.com> Reviewed by: Igor Kozhukhov <igor@dilos.org> Approved by: Richard Lowe <richlowe@richlowe.net>
2018-12-0710026 common/sha1: update for loader buildToomas Soome1-0/+15
Reviewed by: Gergő Mihály Doma <domag02@gmail.com> Approved by: Dan McDonald <danmcd@joyent.com>
2018-06-198904 common/crypto: make skein and edonr loader friendlyToomas Soome2-1/+18
Reviewed by: Yuri Pankov <yuripv@yuripv.net> Reviewed by: C Fraire <cfraire@me.com> Approved by: Dan McDonald <danmcd@joyent.com>
2018-02-229155 pkcs11: this statement may fall throughToomas Soome7-14/+126
Reviewed by: Jason King <jason.brian.king@gmail.com> Reviewed by: Sebastian Wiedenroth <sebastian.wiedenroth@skylime.net> Approved by: Richard Lowe <richlowe@richlowe.net>
2017-11-305869 Need AES CMAC support in KCF+PKCS11Matt Barden6-40/+412
Portions contributed by: Jason King <jason.king@joyent.com> Reviewed by: Robert Mustacchi <rm@joyent.com> Reviewed by: Dan McDonald <danmcd@joyent.com> Approved by: Gordon Ross <gwr@nexenta.com>
2016-12-226239 Add PKCS#11 v2.40 supportJason King1-5/+3
6240 pkcs11_mech2keytype returns incorrect key type for CKM_DH_PKCS_PARAMETER_GEN Reviewed by: Dan McDonald <danmcd@omniti.com> Reviewed by: Robert Mustacci <rm@joyent.com> Reviewed by: Igor Kozhukhov <igor@dilos.org> Approved by: Richard Lowe <richlowe@richlowe.net>
2016-03-146436 156 lint errors in common/crypto/edonr/edonr.cGary Mills2-4/+9
Reviewed by: Gordon Ross <gordon.w.ross@gmail.com> Reviewed by: Toomas Soome <tsoome@me.com> Approved by: Dan McDonald <danmcd@omniti.com>
2015-09-164185 add new cryptographic checksums to ZFS: SHA-512, Skein, Edon-RMatthew Ahrens10-2/+3275
Reviewed by: George Wilson <george.wilson@delphix.com> Reviewed by: Prakash Surya <prakash.surya@delphix.com> Reviewed by: Saso Kiselkov <saso.kiselkov@nexenta.com> Reviewed by: Richard Lowe <richlowe@richlowe.net> Approved by: Garrett D'Amore <garrett@damore.org>
2015-04-125830 want arc4random(3C) suiteRobert Mustacchi2-0/+271
5802 want getentropy(3C) 5803 want getrandom(2) 5804 want explicit_bzero(3C) 5805 want MC_INHERIT_ZERO 5806 uuid_generate can leak its cache in edge conditions Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com> Reviewed by: Joshua M. Clulow <josh@sysmgr.org> Reviewed by: Josef 'Jeff' Sipek <josef.sipek@nexenta.com> Reviewed by: Garrett D'Amore <garrett@damore.org> Approved by: Garrett D'Amore <garrett@damore.org>
2013-07-293882 Remove xmod & friendsJosef 'Jeff' Sipek18-406/+4
Reviewed by: Dan McDonald <danmcd@nexenta.com> Reviewed by: Richard Lowe <richlowe@richlowe.net> Approved by: Richard Lowe <richlowe@richlowe.net>
2012-12-183364 dboot should check boot archive integrityKeith Wesolowski1-2/+7
Reviewed by: Hans Rosenfeld <hans.rosenfeld@nexenta.com> Reviewed by: Dan McDonald <danmcd@nexenta.com> Reviewed by: Richard Lowe <richlowe@richlowe.net> Reviewed by: Garrett D'Amore <garrett@damore.org> Approved by: Richard Lowe <richlowe@richlowe.net>
2012-04-162115 md5 assembly doesn't compile with gas 2.22Theo Schlossnagle2-6/+14
Reviewed by: Keith Wesolowski <keith.wesolowski@joyent.com> Reviewed by: Richard Lowe <richlowe@richlowe.net> Reviewed by: Robert Mustacchi <rm@joyent.com> Approved by: Richard Lowe <richlowe@richlowe.net>
2010-10-09289 invalid padding when using java pkcs11 providerJason King2-13/+26
Reviewed by: garrett@nexenta.com, gordon.w.ross@gmail.com Approved by: richlowe@richlowe.net
2010-09-126 Need open kcfdGarrett D'Amore20-7227/+5
Reviewed by: gwr@nexenta.com, richlowe@richlowe.net, matt@greenviolet.net Approved by: richlowe@richlowe.net
2010-08-046972233 Panic is seen when fips-140 mode is enabled and rebootedMisaki Miyashita1-21/+20
2010-07-286959099 T2 Crypto Drivers (ncp, n2cp, n2rng) need to implement self tests ↵Misaki Miyashita7-461/+2517
for FIPS 140-2 compliance
2010-07-146812663 Running out of bits in x86_featureKuriakose Kuruvilla2-24/+9
2010-06-106959852 putback of 6875651 introduced unref MakefilesDina K Nimeh3-105/+0
2010-06-076875651 move asymmetric crypto to libsoftcryptoDina K Nimeh16-527/+2520
6816864 collect together padding methods used by PKCS#11 6917508 bignum library needs big random number function 6249983 softtoken based RSA/DSA slow on Niagara 6917506 arcfour lint check missing from usr/src/uts/sun4v/Makefile 6917513 move softFipsDSAUtil.c to common/crypto/fips/fips_dsa_util.c 6834849 dsa_sign() produces invalid signature when pkcs11 engine is used via openssl(1) for certain keys
2010-05-256934074 What is an ODE? Shall I compare thee, to a Makefile typo?Darren J Moffat1-3/+2
6848439 pkcs11_ObjectToKey() arg checks too strict & could be more informative 6739850 CCM fails to update data_processed_len after decrypting remainder
2010-03-126930971 gcm_decrypt_final() will loop forever if data size less than a ↵Mark Fenwick1-14/+13
single AES block.
2010-01-016719591 non-exploitable integer wraparound issue in copyin_key() [external ↵Dan OpenSolaris Anderson4-18/+23
report]
2009-12-106907733 Optimized amd64 GCM code added by CR 6826942 does not save/restore ↵Dan OpenSolaris Anderson1-2/+2
%xmm* registers
2009-11-206899006 Remove .byte asm directives and use new Intel Westmere opcodesDan OpenSolaris Anderson10-441/+250
6647055 x86_64 MD5/SHA1 assembly source should use 32-bit registers when the assembler supports it
2009-11-056897371 cryptoadm needs changes in order to support fips-140 mode in local zonesHai-May Chao5-9/+101
6897374 Memory leaking in kernel algorithm modules and softtoken dsa with fips enabled
2009-09-236826942 Need an optimized GCM leveraging Intel's PCMULQDQ instructionDan OpenSolaris Anderson3-26/+462
2009-09-11PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 modeHai-May Chao17-8/+5351
6787364 Administration and policy configuration changes to support FIPS 140-2 6867384 Solaris Crypto Framework needs to implement self tests for FIPS 140-2 compliance
2009-09-026786946 kcf should check the key sizes before passing a job to a providerVladimir Kotal2-10/+19
6831413 multiple SCF providers advertise wrong boundaries for CKM_DES3_{CBC,ECB}{,_PAD} key lengths
2009-05-046820466 CKA_PUBLIC_EXPONENT is inconsistently optional for C_GenerateKeyPair ↵Dina K Nimeh2-6/+6
for RSA keys 6820888 CKA_MODULUS_BITS attribute is sometimes missing in pkcs11_softtoken
2009-05-046834124 Export build broke in putback of 6767618 to NV114Dan OpenSolaris Anderson1-2/+2
2009-04-176767618 Need an optimized AES leveraging Intel's AES instructionsDan OpenSolaris Anderson14-256/+1532
6747587 Remove redundant code in ccm.c --HG-- rename : usr/src/common/crypto/aes/amd64/THIRDPARTYLICENSE => usr/src/common/crypto/aes/amd64/THIRDPARTYLICENSE.gladman rename : usr/src/common/crypto/aes/amd64/THIRDPARTYLICENSE.descrip => usr/src/common/crypto/aes/amd64/THIRDPARTYLICENSE.gladman.descrip
2009-04-106803836 Solaris Cryptographic Framework needs to support AES GMACMark Powers4-5/+66
2009-03-206666204 meta slot opens and closes /dev/urandom needlessly for every readDina K Nimeh2-9/+9
6722460 finish moving /dev/random and /dev/urandom seeding and usage to libcryptoutil
2009-03-196812615 64-bit RC4 has poor performance on Intel NehalemDan OpenSolaris Anderson4-160/+187
2009-01-266648742 THIRDPARTYLICENSE and THIRDPARTYLICENSE.descrip need workMark Powers2-6/+471
2009-01-156773928 n2cp should support CKM_AES_GCMMark Powers2-3/+5
2008-11-216772059 GCM atomic operations incorrectly require block multiplesMark Powers1-0/+1
2008-11-14PSARC/2006/684 libsoftcryptoAnthony Scarpino2-6/+17
4911870 pkcs11_softtoken crypto should be factored out into a new library to support $PLATFORM & $HWCAP
2008-11-066703956 Solaris cryptographic framework needs a FIPS-186-2 certifiable RNGHai-May Chao2-0/+184
2008-11-046260053 Solaris Cryptographic Framework needs to support AES in GCM modeMark Powers4-6/+738
2008-09-126693650 kernel implementation of AES lacks support for >64 bits long AES counterMark Powers4-143/+168
2008-09-106741391 ccm mode with CRYPTO_DATA_UIO trashes output bufs with more than 2 ↵Mark Powers1-12/+4
iovec_t.
generated by cgit v1.2.3 (git 2.39.1) at 2025-06-23 07:20:34 +0000