FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=release%2F6.3.0 2004-04-09T15:47:10Z 2004-04-09T15:47:10Z Mark Murray markm@FreeBSD.org 2004-04-09T15:47:10Z urn:sha1:e7806b4c0eb398aba8b6e8ddeda96e6ddd9305ae can more easily be used INSTEAD OF the hard-working Yarrow. The only hardware source used at this point is the one inside the VIA C3 Nehemiah (Stepping 3 and above) CPU. More sources will be added in due course. Contributions welcome! 2002-07-15T13:58:35Z Mark Murray markm@FreeBSD.org 2002-07-15T13:58:35Z urn:sha1:bbf09ad887f1ebc18052ee12f5074c05d69a4e46 one out of a block cipher. This has 2 advantages: 1) The code is _much_ simpler 2) We aren't committing our security to one algorithm (much as we may think we trust AES). While I'm here, make an explicit reseed do a slow reseed instead of a fast; this is in line with what the original paper suggested. 2002-03-03T19:44:22Z Mark Murray markm@FreeBSD.org 2002-03-03T19:44:22Z urn:sha1:e119960112f35b3ec1179e262cccde05b59a0309 Remove unneeded includes. Deal with unused function arguments. Resolve a boatload of signed/unsigned imcompatabilities. Etc. 2001-03-10T12:51:55Z Mark Murray markm@FreeBSD.org 2001-03-10T12:51:55Z urn:sha1:02c986ab5491cfc84666b5ce658dd7b3508b6b93 o Separate the kernel stuff from the Yarrow algorithm. Yarrow is now well contained in one source file and one header. o Replace the Blowfish-based crypto routines with Rijndael-based ones. (Rijndael is the new AES algorithm). The huge improvement in Rijndael's key-agility over Blowfish means that this is an extremely dramatic improvement in speed, and makes a heck of a difference in its (lack of) CPU load. o Clean up the sysctl's. At BDE's prompting, I have gone back to static sysctls. o Bug fixes. The streamlining of the crypto stuff enabled me to find and fix some bugs. DES also found a bug in the reseed routine which is fixed. o Change the way reseeds clear "used" entropy. Previously, only the source(s) that caused a reseed were cleared. Now all sources in the relevant pool(s) are cleared. o Code tidy-up. Mostly to make it (nearly) 80-column compliant. 2000-09-10T13:52:19Z Mark Murray markm@FreeBSD.org 2000-09-10T13:52:19Z urn:sha1:4d87a031c0106945da094f3ea770ea9b4b5fcd6b from many folk. o The reseed process is now a kthread. With SMPng, kthreads are pre-emptive, so the annoying jerkiness of the mouse is gone. o The data structures are protected by mutexes now, not splfoo()/splx(). o The cryptographic routines are broken out into their own subroutines. this facilitates review, and possible replacement if that is ever found necessary. Thanks to: kris, green, peter, jasone, grog, jhb Forgotten to thank: You know who you are; no offense intended.