Home
last modified time | relevance | path

Searched refs:secret (Results 1 – 25 of 138) sorted by relevance

123456

/openssl/test/ssl-tests/
H A D30-extended-master-secret.cnf5 test-0 = 0-disable-extended-master-secret-server-sha
6 test-1 = 1-disable-extended-master-secret-client-sha
7 test-2 = 2-disable-extended-master-secret-both-sha
8 test-3 = 3-disable-extended-master-secret-both-resume
11 test-6 = 6-disable-extended-master-secret-both-sha2
14 [0-disable-extended-master-secret-server-sha]
17 [0-disable-extended-master-secret-server-sha-ssl]
40 [1-disable-extended-master-secret-client-sha]
66 [2-disable-extended-master-secret-both-sha]
93 [3-disable-extended-master-secret-both-resume]
[all …]
H A D30-extended-master-secret.cnf.in20 name => "disable-extended-master-secret-server-sha",
34 name => "disable-extended-master-secret-client-sha",
48 name => "disable-extended-master-secret-both-sha",
63 name => "disable-extended-master-secret-both-resume",
85 name => "disable-extended-master-secret-server-sha2",
99 name => "disable-extended-master-secret-client-sha2",
113 name => "disable-extended-master-secret-both-sha2",
/openssl/demos/keyexch/
H A Dx25519.c55 unsigned char *secret; /* allocated shared secret buffer */ member
127 local_peer->secret = NULL; in keyexch_x25519_after()
174 local_peer->secret = OPENSSL_malloc(local_peer->secret_len); in keyexch_x25519_after()
175 if (local_peer->secret == NULL) { in keyexch_x25519_after()
181 if (EVP_PKEY_derive(ctx, local_peer->secret, in keyexch_x25519_after()
196 OPENSSL_clear_free(local_peer->secret, local_peer->secret_len); in keyexch_x25519_after()
197 local_peer->secret = NULL; in keyexch_x25519_after()
241 if (CRYPTO_memcmp(peer1.secret, peer2.secret, peer1.secret_len) != 0) { in keyexch_x25519()
247 if (use_kat && CRYPTO_memcmp(peer1.secret, expected_result, in keyexch_x25519()
256 OPENSSL_clear_free(peer1.secret, peer1.secret_len); in keyexch_x25519()
[all …]
H A Decdh.c32 unsigned char *secret; /* allocated shared secret buffer */ member
108 unsigned char *secret = NULL; in generate_secret() local
151 secret = (unsigned char *)OPENSSL_malloc(secretlen); in generate_secret()
152 if (secret == NULL) in generate_secret()
160 if (EVP_PKEY_derive(derivectx, secret, &secretlen) <= 0) in generate_secret()
162 peerA->secret = secret; in generate_secret()
166 BIO_dump_indent_fp(stdout, peerA->secret, peerA->secretlen, 2); in generate_secret()
171 OPENSSL_free(secret); in generate_secret()
207 || CRYPTO_memcmp(peer1.secret, peer2.secret, peer1.secretlen) != 0) { in main()
/openssl/ssl/
H A Dtls13_enc.c34 const unsigned char *secret, in tls13_hkdf_expand_ex() argument
100 const unsigned char *secret, in tls13_hkdf_expand() argument
122 const unsigned char *secret, in tls13_derive_key() argument
137 const unsigned char *secret, in tls13_derive_iv() argument
371 secret, hashlen, 1)) { in derive_secret_key_and_iv()
439 if (!tls13_derive_key(s, md, secret, key, *keylen) in derive_secret_key_and_iv()
469 unsigned char secret[EVP_MAX_MD_SIZE]; in tls13_change_cipher_state() local
749 OPENSSL_cleanse(secret, sizeof(secret)); in tls13_change_cipher_state()
763 unsigned char secret[EVP_MAX_MD_SIZE]; in tls13_update_key() local
794 memcpy(insecret, secret, hashlen); in tls13_update_key()
[all …]
/openssl/doc/man7/
H A DEVP_KEYEXCH-DH.pod26 If padding is off then the derived shared secret may be smaller than the
27 largest possible secret size.
28 If padding is on then the derived shared secret will have its first bytes
29 filled with zeros where necessary to make the shared secret the same size as
30 the largest possible secret size.
82 To derive a shared secret on the host using the host's key and the peer's public
90 unsigned char *secret = NULL;
105 secret = OPENSSL_zalloc(secret_len);
107 EVP_PKEY_derive(dctx, secret, &secret_len);
109 OPENSSL_clear_free(secret, secret_len);
[all …]
H A DEVP_KDF-SS.pod10 SSKDF derives a key using input such as a shared secret key (that was generated
58 This parameter set the shared secret that is used for key derivation.
100 This example derives 10 bytes using H(x) = SHA-256, with the secret key "secret"
115 "secret", (size_t)6);
125 This example derives 10 bytes using H(x) = HMAC(SHA-256), with the secret key "secret",
142 "secret", (size_t)6);
154 This example derives 10 bytes using H(x) = KMAC128(x,salt,outlen), with the secret key "secret"
169 "secret", (size_t)6);
H A DEVP_KDF-TLS1_PRF.pod36 =item "secret" (B<OSSL_KDF_PARAM_SECRET>) <octet string>
38 This parameter sets the secret value of the TLS PRF.
39 Any existing secret value is replaced.
62 "master secret" is used instead of "extended master secret" Setting this to zero
98 The digest, secret value and seed must be set before a key is derived otherwise
106 This example derives 10 bytes using SHA-256 with the secret key "secret"
121 "secret", (size_t)6);
H A DEVP_KDF-X963.pod11 derive a key using input such as a shared secret key and shared info.
32 The shared secret used for key derivation.
33 This parameter sets the secret.
79 X963KDF appends the counter to the secret, whereas SSKDF prepends the counter.
91 This example derives 10 bytes, with the secret key "secret" and sharedinfo
106 "secret", (size_t)6);
H A DEVP_KDF-X942-ASN1.pod11 a shared secret key and other info. The other info is DER encoded data that
33 =item "secret" (B<OSSL_KDF_PARAM_SECRET>) <octet string>
35 The shared secret used for key derivation. This parameter sets the secret.
92 This example derives 24 bytes, with the secret key "secret" and random user
114 "secret", (size_t)6);
/openssl/doc/man3/
H A DSSL_set_session_secret_cb.pod6 - set the session secret callback
12 typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len,
22 SSL_set_session_secret_cb() sets the session secret callback to be used
30 The callback is expected to set the master secret to be used by filling in the
31 data pointed to by I<*secret>. The size of the secret buffer is initially
52 secret. A return value of 0 indicates that the secret has not been set. On the
H A DSSL_get_extms_support.pod5 SSL_get_extms_support - extended master secret support
16 master secret.
23 master secret, 0 if it did not and -1 if a handshake is currently in
24 progress i.e. it is not possible to determine if extended master secret
H A DEVP_PKEY_CTX_set_tls1_prf_md.pod29 EVP_PKEY_CTX_set_tls1_prf_secret() sets the secret value of the TLS PRF
30 to B<seclen> bytes of the buffer B<sec>. Any existing secret value is replaced
42 The B<type> parameters "secret" and "seed" use the supplied B<value> parameter
43 as a secret or seed value.
53 The digest, secret value and seed must be set before a key is derived or an
73 This example derives 10 bytes using SHA-256 with the secret key "secret"
85 if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, "secret", 6) <= 0)
H A DEVP_PKEY_decapsulate.pod34 If I<unwrapped> is NULL then the maximum size of the output secret buffer
36 call is successful then the decapsulated secret data is written to I<unwrapped>
64 unsigned char *secret = NULL;;
80 secret = OPENSSL_malloc(secretlen);
81 if (secret == NULL)
84 /* Decapsulated secret data is secretlen bytes long */
85 if (EVP_PKEY_decapsulate(ctx, secret, &secretlen, in, inlen) <= 0)
H A DEVP_PKEY_encapsulate.pod33 The symmetric secret generated in I<genkey> can be used as key material.
70 unsigned char *out = NULL, *secret = NULL;
86 secret = OPENSSL_malloc(secretlen);
87 if (out == NULL || secret == NULL)
91 * The generated 'secret' can be used as key material.
93 * decapsulate it using their private key to retrieve the 'secret'.
95 if (EVP_PKEY_encapsulate(ctx, out, &outlen, secret, &secretlen) <= 0)
H A DEVP_PKEY_derive.pod7 - derive public key algorithm shared secret
23 shared secret derivation using the algorithm given when the context was created
38 EVP_PKEY_derive() derives a shared secret using I<ctx>.
42 successful the shared secret is written to I<key> and the amount of data
63 Derive shared secret (for example DH or EC keys):
95 /* Shared secret is skey bytes written to buffer skey */
/openssl/crypto/ec/
H A Decx_key.c108 unsigned char *secret, size_t *secretlen, size_t outlen) in ossl_ecx_compute_key() argument
123 if (secret == NULL) { in ossl_ecx_compute_key()
136 if (s390x_x25519_mul(secret, peer->pubkey, priv->privkey) == 0) { in ossl_ecx_compute_key()
142 if (ossl_x25519(secret, priv->privkey, peer->pubkey) == 0) { in ossl_ecx_compute_key()
150 if (s390x_x448_mul(secret, peer->pubkey, priv->privkey) == 0) { in ossl_ecx_compute_key()
156 if (ossl_x448(secret, priv->privkey, peer->pubkey) == 0) { in ossl_ecx_compute_key()
/openssl/test/recipes/30-test_evp_data/
H A Devpkdf_tls12_prf.txt20 Ctrl.label = seed:master secret
52 # Test that "master secret" is not not used in FIPS mode
57 Ctrl.label = seed:master secret
71 Ctrl.label = seed:master secret
81 Ctrl.label = seed:extended master secret
94 Ctrl.label = seed:extended master secret
109 Ctrl.label = seed:extended master secret
121 Ctrl.label = seed:extended master secret
136 Ctrl.label = seed:extended master secret
H A Devppkey_kdf_tls1_prf.txt19 Ctrl.label = seed:master secret
32 # Missing secret.
44 Ctrl.label = seed:master secret
77 Ctrl.label = seed:extended master secret
90 Ctrl.label = seed:extended master secret
105 Ctrl.label = seed:extended master secret
116 Ctrl.label = seed:extended master secret
131 Ctrl.label = seed:extended master secret
/openssl/test/recipes/80-test_cmp_http_data/
H A Dtest_credentials.csv1 expected,description, -section,val, -ref,val, -secret,val, -cert,val, -key,val, -keypass,val, -extr…
3 1,valid secret - wrong cert/key ignored, -section,, -ref,_PBM_REF, -secret,_PBM_SECRET, -cert,root.…
4 0,secret missing arg, -section,,BLANK,, -secret,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,
5 0,wrong secret without ref, -section,,BLANK,, -secret,pass:wrong,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,…
6 0,wrong secret - correct cert, -section,,BLANK,, -secret,pass:wrong, -cert,signer.crt, -key,signer.…
12 1,valid cert and key and keypass, -section,,BLANK,,-secret,"""", -cert,signer.crt, -key,signer.p12,…
/openssl/test/recipes/
H A D81-test_cmp_cli.t72 my $secret = "pass:test";
78 "-srv_secret", $secret,
83 "-secret", $secret,
/openssl/test/
H A Devp_libctx_test.c576 unsigned char secret[256] = { 0, }; in kem_rsa_gen_recover() local
591 && TEST_int_eq(EVP_PKEY_encapsulate(dctx, ct, &ctlen, secret, in kem_rsa_gen_recover()
600 && TEST_mem_eq(unwrap, unwraplen, secret, secretlen); in kem_rsa_gen_recover()
647 unsigned char secret[256] = { 0, }; in kem_rsa_params() local
667 && TEST_int_eq(EVP_PKEY_decapsulate(pubctx, secret, &secretlen, ct, in kem_rsa_params()
669 && TEST_uchar_eq(secret[0], 0) in kem_rsa_params()
680 && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, ct, &ctlen, secret, NULL), 1) in kem_rsa_params()
684 && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, ct, NULL, secret, &secretlen), 1) in kem_rsa_params()
693 && TEST_int_eq(EVP_PKEY_encapsulate(pubctx, ct, NULL, secret, NULL), 1) in kem_rsa_params()
702 && TEST_int_eq(EVP_PKEY_decapsulate(privctx, secret, &secretlen, NULL, 0), 0) in kem_rsa_params()
[all …]
/openssl/doc/man1/
H A Dopenssl-kdf.pod.in24 The key derivation functions generate a derived key from either a secret or
76 Specifies the secret key as an alphanumeric string (use if the key contains
84 the secret key is specified in hexadecimal form (two hex digits per byte).
99 Specifies a non-secret unique cryptographic salt as an alphanumeric string
150 Use TLS1-PRF to create a hex-encoded derived key from a secret key and seed:
152 openssl kdf -keylen 16 -kdfopt digest:SHA2-256 -kdfopt key:secret \
155 Use HKDF to create a hex-encoded derived key from a secret key, salt and info:
157 openssl kdf -keylen 10 -kdfopt digest:SHA2-256 -kdfopt key:secret \
160 Use SSKDF with KMAC to create a hex-encoded derived key from a secret key, salt and info:
166 Use SSKDF with HMAC to create a hex-encoded derived key from a secret key, salt and info:
[all …]
/openssl/providers/implementations/exchange/
H A Ddh_exch.c176 unsigned char *secret, size_t *secretlen, in dh_plain_derive() argument
190 if (secret == NULL) { in dh_plain_derive()
201 ret = DH_compute_key_padded(secret, pub_key, pdhctx->dh); in dh_plain_derive()
203 ret = DH_compute_key(secret, pub_key, pdhctx->dh); in dh_plain_derive()
211 static int dh_X9_42_kdf_derive(void *vpdhctx, unsigned char *secret, in dh_X9_42_kdf_derive() argument
219 if (secret == NULL) { in dh_X9_42_kdf_derive()
237 if (!ossl_dh_kdf_X9_42_asn1(secret, pdhctx->kdf_outlen, in dh_X9_42_kdf_derive()
253 static int dh_derive(void *vpdhctx, unsigned char *secret, in dh_derive() argument
263 return dh_plain_derive(pdhctx, secret, psecretlen, outlen, in dh_derive()
266 return dh_X9_42_kdf_derive(pdhctx, secret, psecretlen, outlen); in dh_derive()
/openssl/demos/kdf/
H A Dargon2.c49 static unsigned char secret[] = { variable
126 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SECRET, secret, sizeof(secret)); in main()

Completed in 54 milliseconds

123456