| #
4d92dbe9 |
| 23-Jul-2024 |
riastradh <riastradh@NetBSD.org> |
libcrypt: Nix trailing whitespace.
No functional change intended.
Prompted by tying up loose ends around PR lib/57895.
|
| #
f9151ba9 |
| 16-Oct-2021 |
nia <nia@NetBSD.org> |
libcrypt: Hide more private symbols by default. Fix style.
|
| #
1239c2bb |
| 28-Aug-2013 |
riastradh <riastradh@NetBSD.org> |
Publish explicit_memset and consttime_memequal in userland libc.
Remove the double-underscore from the userland versions, and do the
weak alias dance instead, now that these are public parts of libc
Publish explicit_memset and consttime_memequal in userland libc.
Remove the double-underscore from the userland versions, and do the
weak alias dance instead, now that these are public parts of libc.
As discussed on tech-userlevel:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
(option 3)
show more ...
|
| #
82db4b98 |
| 24-Jun-2013 |
riastradh <riastradh@NetBSD.org> |
Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp.
explicit_memset is to memset as explicit_bzero was to bcmp.
Pa
Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp.
explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots,
so please let me know.
show more ...
|
| #
8588929d |
| 30-Aug-2012 |
drochner <drochner@NetBSD.org> |
Add "consttime_bcmp" and "explicit_bzero" functions for both kernel
abd userland, as proposed on tech-security, with explicit_bzero using
a volatile function pointer as suggested by Alan Barrett.
Bot
Add "consttime_bcmp" and "explicit_bzero" functions for both kernel
abd userland, as proposed on tech-security, with explicit_bzero using
a volatile function pointer as suggested by Alan Barrett.
Both do what the name says. For userland, both are prefixed by "__"
to keep them out of the user namespace.
Change some memset/memcmp uses to the new functions where it makes
sense -- these are just some examples, more to come.
show more ...
|
| #
7babedb7 |
| 29-Nov-2011 |
drochner <drochner@NetBSD.org> |
remove the option to build this against openssl - this hasn't been used
in the NetBSD build
since the libc version of MD5Final zeroes out the context, replace
the bzero introduced in the previous com
remove the option to build this against openssl - this hasn't been used
in the NetBSD build
since the libc version of MD5Final zeroes out the context, replace
the bzero introduced in the previous commit by comments telling that
show more ...
|
| #
487c0196 |
| 29-Nov-2011 |
drochner <drochner@NetBSD.org> |
zero out hash context after use, to avoid traces in RAM
(hint from "Solar Designer")
|
| #
55ac93d3 |
| 17-Jan-2007 |
hubertf <hubertf@NetBSD.org> |
Remove more duplicate #includes, and a few spurious whitespaces at EOL
From Slava Semushin <slava.semushin@gmail.com>
|
| #
3a0c68ed |
| 02-Jul-2004 |
sjg <sjg@NetBSD.org> |
Add support for SHA1 hashed passwords.
The algorithm used is essentially PBKDF1 from RFC 2898 but using
hmac_sha1 rather than SHA1 directly (suggested by smb@research.att.com).
* The format of the
Add support for SHA1 hashed passwords.
The algorithm used is essentially PBKDF1 from RFC 2898 but using
hmac_sha1 rather than SHA1 directly (suggested by smb@research.att.com).
* The format of the encrypted password is:
* $<tag>$<iterations>$<salt>$<digest>
*
* where:
* <tag> is "sha1"
* <iterations> is an unsigned int identifying how many rounds
* have been applied to <digest>. The number
* should vary slightly for each password to make
* it harder to generate a dictionary of
* pre-computed hashes. See crypt_sha1_iterations.
* <salt> up to 64 bytes of random data, 8 bytes is
* currently considered more than enough.
* <digest> the hashed password.
hmac.c implementes HMAC as defined in RFC 2104 and includes a unit
test for both hmac_sha1 and hmac_sha1 using a selection of the Known
Answer Tests from RFC 2202.
It is worth noting that to be FIPS compliant the hmac key (password)
should be 10-20 chars.
show more ...
|
| #
9caa6d54 |
| 06-Aug-2003 |
jdolecek <jdolecek@NetBSD.org> |
make itoa64[] const
|
| #
fcfc71fc |
| 14-Jul-2003 |
itojun <itojun@NetBSD.org> |
use strlcat
|
| #
d1bb0be3 |
| 17-Apr-2003 |
thorpej <thorpej@NetBSD.org> |
If libcrypto is defined, use the MD5 routines from libcrypto, rather
than from libc.
|
| #
e5afda7b |
| 10-Sep-2001 |
ad <ad@NetBSD.org> |
Ensure that the salt is always terminated properly with '$'. Makes Cyrus'
pwcheck (which either modifies the buffer or was passing bad password
strings) happy. Noted by Cillian Sharkey <cns@redbrick.
Ensure that the salt is always terminated properly with '$'. Makes Cyrus'
pwcheck (which either modifies the buffer or was passing bad password
strings) happy. Noted by Cillian Sharkey <cns@redbrick.dcu.ie>.
show more ...
|
| #
c9305d1d |
| 03-Dec-2000 |
ad <ad@NetBSD.org> |
Fix comment.
|
| #
684eb807 |
| 03-Aug-2000 |
ad <ad@NetBSD.org> |
Cosmetic nits.
|
| #
49de2aa1 |
| 06-Jul-2000 |
ad <ad@NetBSD.org> |
Add __md5crypt(), for internal use by libcrypt. This behaves for the most
part like crypt() but uses a proprietry encryption scheme that utilises MD5.
From FreeBSD via OpenBSD.
|