14079 remove TNF
Reviewed by: Gordon Ross <gordon.w.ross@gmail.com>
Reviewed by: Igor Kozhukhov <igor@dilos.org>
Approved by: Garrett D'Amore <garrett@damore.org>

5869 Need AES CMAC support in KCF+PKCS11
Portions contributed by: Jason King <jason.king@joyent.com>
Reviewed by: Robert Mustacchi <rm@joyent.com>
Reviewed by: Dan McDonald <danmcd@joyent

5869 Need AES CMAC support in KCF+PKCS11
Portions contributed by: Jason King <jason.king@joyent.com>
Reviewed by: Robert Mustacchi <rm@joyent.com>
Reviewed by: Dan McDonald <danmcd@joyent.com>
Approved by: Gordon Ross <gwr@nexenta.com>

show more ...

5045 use atomic_{inc,dec}_* instead of atomic_add_*
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Garrett D'Amore <garrett@damore.org>
Approved by: Robert Mustacchi <rm@j

5045 use atomic_{inc,dec}_* instead of atomic_add_*
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Garrett D'Amore <garrett@damore.org>
Approved by: Robert Mustacchi <rm@joyent.com>

show more ...

995 boot message: No randomness provider enabled for /dev/random
Reviewed by: Garrett D'Amore <garrett@damore.org>
Reviewed by: Dan McDonald <danmcd@nexenta.com>
Reviewed by: Hans Rosenfe

995 boot message: No randomness provider enabled for /dev/random
Reviewed by: Garrett D'Amore <garrett@damore.org>
Reviewed by: Dan McDonald <danmcd@nexenta.com>
Reviewed by: Hans Rosenfeld <hans.rosenfeld@nexenta.com>
Reviewed by: Boris Protopopov <boris.protopopov@nexenta.com>
Approved by: Garrett D'Amore <garrett@damore.org>

show more ...

6 Need open kcfd
Reviewed by: gwr@nexenta.com, richlowe@richlowe.net, matt@greenviolet.net
Approved by: richlowe@richlowe.net

PSARC/2010/146 EOF unnecessary elfsign and kCF options
6855881 clean up unnecessary technology from elfsign and kcf

FWARC 2008/613 KT IOS Performance Counters API
FWARC 2008/615 KT Perf Reg HV API
FWARC 2009/434 KT IOS Performance Counters API Update
FWARC 2009/567 Parallel Boot HV APIs
PSARC 2009/

FWARC 2008/613 KT IOS Performance Counters API
FWARC 2008/615 KT Perf Reg HV API
FWARC 2009/434 KT IOS Performance Counters API Update
FWARC 2009/567 Parallel Boot HV APIs
PSARC 2009/177 Solaris support for Rainbow Falls platforms
PSARC 2009/389 Sun4v faulted SP events extension
PSARC 2009/533 CRYPTO_HMAC_NO_UPDATE - A new KCF SPI flag
PSARC 2009/605 more sun4v platform-independent cpu/mem FMA events
PSARC 2009/649 Generic PCIe root complex FMA events
6704999 extend xaui enum to work in platform independent world
6773223 RFE: guest epkt for faulted SP
6773225 RFE: Diagnosis of a faulted SP
6797776 Solaris support for Rainbow Falls platforms

show more ...

PSARC/2009/447 Kernel Cryptographic Framework support for FIPS 140-2
6703950 Solaris cryptographic framework needs to implement changes for FIPS-140-2 compliance

PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode
6787364 Administration and policy configuration changes to support FIPS 140-2
6867384 Solaris Crypto Framework needs to implement se

PSARC 2009/347 cryptoadm(1M) enhancement for FIPS-140 mode
6787364 Administration and policy configuration changes to support FIPS 140-2
6867384 Solaris Crypto Framework needs to implement self tests for FIPS 140-2 compliance

show more ...

6861521 panic in kcf when calling kcf_free_provider_desc

6836582 kcf_limit_hwrng tunable can be removed

4781345 me_mutex lock in kcf_mech_entry_t can be broken up
6771819 Use of atomic increment in KCF causes scaling problems on multi-socket T2 systems
6705174 C_EncryptInit scaling issues on T2

4781345 me_mutex lock in kcf_mech_entry_t can be broken up
6771819 Use of atomic increment in KCF causes scaling problems on multi-socket T2 systems
6705174 C_EncryptInit scaling issues on T2plus
6813873 assertion failed: (prov_desc)->pd_refcnt != 0, file: ../../common/crypto/core/kcf_prov_tabs.c, line

show more ...

6803803 rnd_chpoll() should not reject (EINVAL) events==0

6722032 symmetric crypto scalability issues on batoka

6559619 Enhance n2cp to support CCM mode
6637487 put algorithm mode code and other common code into kcf module
6648214 need CKM_AES_CTR for softtoken

--HG--
rename : usr/src/comm

6559619 Enhance n2cp to support CCM mode
6637487 put algorithm mode code and other common code into kcf module
6648214 need CKM_AES_CTR for softtoken

--HG--
rename : usr/src/common/crypto/aes/aes_cbc_crypt.c => deleted_files/usr/src/common/crypto/aes/aes_cbc_crypt.c
rename : usr/src/common/crypto/aes/aes_cbc_crypt.h => deleted_files/usr/src/common/crypto/aes/aes_cbc_crypt.h
rename : usr/src/common/crypto/blowfish/blowfish_cbc_crypt.c => deleted_files/usr/src/common/crypto/blowfish/blowfish_cbc_crypt.c
rename : usr/src/common/crypto/blowfish/blowfish_cbc_crypt.h => deleted_files/usr/src/common/crypto/blowfish/blowfish_cbc_crypt.h
rename : usr/src/common/crypto/des/des_cbc_crypt.c => deleted_files/usr/src/common/crypto/des/des_cbc_crypt.c
rename : usr/src/common/crypto/des/des_cbc_crypt.h => deleted_files/usr/src/common/crypto/des/des_cbc_crypt.h

show more ...

6604363 Bulk encryption and digest algorithms have poor scalability on T5140/T5240

6568352 IPsec performance does not scale using hardware crypto providers

6548905 ncp crypto registration during attach deadlocks in devfs during boot

PSARC 2007/092 key generation and derivation for providers without keystore
6462782 Metaslot needs to generate a token object from a session object.
6462780 Softtoken keystore needs to store

PSARC 2007/092 key generation and derivation for providers without keystore
6462782 Metaslot needs to generate a token object from a session object.
6462780 Softtoken keystore needs to store keys ECC objects
6339802 support keygen operations by acceleration only providers

show more ...

PSARC/2007/213 Support KCF Providers with Limited Digest Capability
6473274 pkcs11_kernel should support multipart ops even for hardware that has only single part
6534615 For extra credit, dp

PSARC/2007/213 Support KCF Providers with Limited Digest Capability
6473274 pkcs11_kernel should support multipart ops even for hardware that has only single part
6534615 For extra credit, dprov could make HMAC mechanisms work for PKCS #11 clients
6541772 usr/src/cmd/mdb/common/modules/crypto/sched_impl.c should not include stdlib.h
6542759 HMAC mechanisms broken in sha2 kernel module

show more ...

6533554 crypto_buffer_check() is still expensive

PSARC/2007/093 Crypto Context sharing between providers
6494834 support check for threshold when using hardware providers even for multi-part requests

5039325 pkcs11_kernel should be caching mechanism numbers from kCF
6480505 crypto_mech2id_common() could go faster

PSARC/2006/540 Crypto event notification update
6385143 Support usage of non-extractable keys
6466686 need events to support session based clients
6466693 need a routine to get provider i

PSARC/2006/540 Crypto event notification update
6385143 Support usage of non-extractable keys
6466686 need events to support session based clients
6466693 need a routine to get provider information given a provider handle
6465847 ksslcfg reports service to be online even when there is an error
6469846 dprov needs to set CKF_LOGIN_REQUIRED

show more ...

PSARC 2006/214 Crypto Framework random number API/SPI update
6374503 C_SeedRandom is too slow causing poor performance with Apache/OpenSSL when using pkcs11