reverting asn1mpint() as all users really just expect
unsigned integers here. also openssl seems to interpret
rsa modulus as unsigned no matter what... so keeping
it as it was before.
handle nil cipher bytes in factotum_rsa_decrypt() due
to pkcs1padbuf() failing.
apply some lessions from intels berzerk paper:
instead of parsing the decrypted digest info blob, we
generate the *expected* blob's for all digest algorithms
that match the digest size and compare the results.
provide pkcs1 pad and unpad functions that consistently
enforce minimum padding size and handles block types 1
and 2.
quick fix is to bias the rounding so the msb will always
be zero. should write proper conversion code to actually
deal with signed mpints... also for asn1mpint()... -- cinap
Make the logic around who has priority over the final
match simpler by merging the priority generation and
match fields in a smarter way. Move the creation of
new thread matches up to the top to avoid jumping all
over the place.
don't deadlock when cwgrow() detects we'r out of worm space
by releasing the cache superblock buffer.
don't allocate space beyond the worm device when dumping by
having slit() check. after cwrecur(), we check if there are
enougth blocks remaining to write the dump date directories
and superblocks.
- no need to splhi() in timerset, always called with
interrupts off.
- make timerset always update the period (next == 0)
- remove period update in fastticks(), simplify
delta calculation.
given that we only pass uchar* with constant offsets
to the s and d arguments of ENCRYPT(), we do not need
the temporary variables sp/dp and the compiler is
smart enougth to combine the const offset with the ones
from GET4() and PUT4() and emit single load and store
instructions for the byte accesses.