Home
last modified time | relevance | path

Searched refs:nonce (Results 1 – 25 of 93) sorted by relevance

1234

/openssl/crypto/modes/
H A Dccm128.c30 memset(ctx->nonce.c, 0, sizeof(ctx->nonce.c)); in CRYPTO_ccm128_init()
54 ctx->nonce.u[1] = 0; in CRYPTO_ccm128_setiv()
62 memcpy(&ctx->nonce.c[1], nonce, 14 - L); in CRYPTO_ccm128_setiv()
156 n |= ctx->nonce.c[i]; in CRYPTO_ccm128_encrypt()
157 ctx->nonce.c[i] = 0; in CRYPTO_ccm128_encrypt()
161 ctx->nonce.c[15] = 1; in CRYPTO_ccm128_encrypt()
210 ctx->nonce.c[i] = 0; in CRYPTO_ccm128_encrypt()
241 ctx->nonce.c[i] = 0; in CRYPTO_ccm128_decrypt()
245 ctx->nonce.c[15] = 1; in CRYPTO_ccm128_decrypt()
334 ctx->nonce.c[15] = 1; in CRYPTO_ccm128_encrypt_ccm64()
[all …]
H A Docb128.c217 unsigned char stretch[24], nonce[16]; in CRYPTO_ocb128_setiv() local
232 nonce[0] = ((taglen * 8) % 128) << 1; in CRYPTO_ocb128_setiv()
233 memset(nonce + 1, 0, 15); in CRYPTO_ocb128_setiv()
234 memcpy(nonce + 16 - len, iv, len); in CRYPTO_ocb128_setiv()
235 nonce[15 - len] |= 1; in CRYPTO_ocb128_setiv()
238 memcpy(tmp, nonce, 16); in CRYPTO_ocb128_setiv()
247 bottom = nonce[15] & 0x3f; in CRYPTO_ocb128_setiv()
/openssl/doc/man3/
H A DOCSP_request_add1_nonce.pod18 OCSP_request_add1_nonce() adds a nonce of value B<val> and length B<len> to
19 OCSP request B<req>. If B<val> is B<NULL> a random nonce is used. If B<len>
23 it adds a nonce to OCSP basic response B<resp>.
25 OCSP_check_nonce() compares the nonce value in B<req> and B<resp>.
27 OCSP_copy_nonce() copies any nonce value present in B<req> to B<resp>.
34 OCSP_copy_nonce() returns 1 if a nonce was successfully copied, 2 if no nonce
37 OCSP_check_nonce() returns the result of the nonce comparison between B<req>
46 For most purposes the nonce value in a request is set to a random value so
49 An OCSP nonce is typically added to an OCSP request to thwart replay attacks
50 by checking the same nonce value appears in the response.
[all …]
H A DEVP_chacha20.pod26 bit nonce. For example a nonce of:
51 uses a 32 bit counter and a 96 bit nonce for the IV.
/openssl/providers/implementations/ciphers/
H A Dcipher_aes_ccm_hw_s390x.inc25 sctx->ccm.s390x.nonce.b[0] = ((ctx->l - 1) & 0x7)
27 memset(sctx->ccm.s390x.nonce.b + 1, 0, sizeof(sctx->ccm.s390x.nonce.b));
40 sctx->ccm.s390x.nonce.g[1] = mlen;
41 memcpy(sctx->ccm.s390x.nonce.b + 1, nonce, 15 - ctx->l);
126 flags = sctx->ccm.s390x.nonce.b[0];
133 sctx->ccm.s390x.nonce.b[0] = l;
141 n |= sctx->ccm.s390x.nonce.b[i];
142 sctx->ccm.s390x.nonce.b[i] = 0;
145 n |= sctx->ccm.s390x.nonce.b[15];
146 sctx->ccm.s390x.nonce.b[15] = 1;
[all …]
H A Dcipher_chacha20_poly1305_hw.c37 ctx->chacha.counter[1] = ctx->nonce[0]; in chacha_poly1305_tls_init()
38 ctx->chacha.counter[2] = ctx->nonce[1] ^ CHACHA_U8TOU32(aad); in chacha_poly1305_tls_init()
39 ctx->chacha.counter[3] = ctx->nonce[2] ^ CHACHA_U8TOU32(aad+4); in chacha_poly1305_tls_init()
52 ctx->nonce[0] = ctx->chacha.counter[1] = CHACHA_U8TOU32(fixed); in chacha_poly1305_tls_iv_set_fixed()
53 ctx->nonce[1] = ctx->chacha.counter[2] = CHACHA_U8TOU32(fixed + 4); in chacha_poly1305_tls_iv_set_fixed()
54 ctx->nonce[2] = ctx->chacha.counter[3] = CHACHA_U8TOU32(fixed + 8); in chacha_poly1305_tls_iv_set_fixed()
98 ctx->nonce[0] = ctx->chacha.counter[1]; in chacha20_poly1305_initiv()
99 ctx->nonce[1] = ctx->chacha.counter[2]; in chacha20_poly1305_initiv()
100 ctx->nonce[2] = ctx->chacha.counter[3]; in chacha20_poly1305_initiv()
H A Dciphercommon_ccm_hw.c13 int ossl_ccm_generic_setiv(PROV_CCM_CTX *ctx, const unsigned char *nonce, in ossl_ccm_generic_setiv() argument
16 return CRYPTO_ccm128_setiv(&ctx->ccm_ctx, nonce, nlen, mlen) == 0; in ossl_ccm_generic_setiv()
/openssl/crypto/ts/
H A Dts_req_utils.c100 int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce) in TS_REQ_set_nonce() argument
104 if (a->nonce == nonce) in TS_REQ_set_nonce()
106 new_nonce = ASN1_INTEGER_dup(nonce); in TS_REQ_set_nonce()
111 ASN1_INTEGER_free(a->nonce); in TS_REQ_set_nonce()
112 a->nonce = new_nonce; in TS_REQ_set_nonce()
118 return a->nonce; in TS_REQ_get_nonce()
H A Dts_verify_ctx.c130 ASN1_INTEGER_free(ctx->nonce); in TS_VERIFY_CTX_cleanup()
144 const ASN1_INTEGER *nonce; in TS_REQ_to_TS_VERIFY_CTX() local
172 if ((nonce = req->nonce) != NULL) { in TS_REQ_to_TS_VERIFY_CTX()
173 if ((ret->nonce = ASN1_INTEGER_dup(nonce)) == NULL) in TS_REQ_to_TS_VERIFY_CTX()
H A Dts_rsp_utils.c251 int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce) in TS_TST_INFO_set_nonce() argument
255 if (a->nonce == nonce) in TS_TST_INFO_set_nonce()
257 new_nonce = ASN1_INTEGER_dup(nonce); in TS_TST_INFO_set_nonce()
262 ASN1_INTEGER_free(a->nonce); in TS_TST_INFO_set_nonce()
263 a->nonce = new_nonce; in TS_TST_INFO_set_nonce()
269 return a->nonce; in TS_TST_INFO_get_nonce()
H A Dts_local.h46 ASN1_INTEGER *nonce; member
90 ASN1_INTEGER *nonce; member
149 ASN1_INTEGER *nonce; member
H A Dts_req_print.c39 if (a->nonce == NULL) in TS_REQ_print_bio()
42 TS_ASN1_INTEGER_print_bio(bio, a->nonce); in TS_REQ_print_bio()
/openssl/crypto/poly1305/
H A Dpoly1305.c214 const u32 nonce[4]) in poly1305_emit()
240 h0 = (u64)(t = (u128)h0 + nonce[0] + ((u64)nonce[1]<<32)); in poly1305_emit()
241 h1 = (u64)(t = (u128)h1 + nonce[2] + ((u64)nonce[3]<<32) + (t >> 64)); in poly1305_emit()
380 const u32 nonce[4]) in poly1305_emit()
414 h0 = (u32)(t = (u64)h0 + nonce[0]); in poly1305_emit()
430 const unsigned int nonce[4]);
435 ctx->nonce[0] = U8TOU32(&key[16]); in Poly1305_Init()
436 ctx->nonce[1] = U8TOU32(&key[20]); in Poly1305_Init()
437 ctx->nonce[2] = U8TOU32(&key[24]); in Poly1305_Init()
438 ctx->nonce[3] = U8TOU32(&key[28]); in Poly1305_Init()
[all …]
H A Dpoly1305_ppc.c19 const unsigned int nonce[4]);
24 const unsigned int nonce[4]);
29 const unsigned int nonce[4]);
H A Dpoly1305_base2_44.c135 void poly1305_emit(void *ctx, unsigned char mac[16], const u32 nonce[4]) in poly1305_emit()
166 h0 = (u64)(t = (u128)h0 + nonce[0] + ((u64)nonce[1]<<32)); in poly1305_emit()
167 h1 = (u64)(t = (u128)h1 + nonce[2] + ((u64)nonce[3]<<32) + (t >> 64)); in poly1305_emit()
/openssl/providers/implementations/kdfs/
H A Dhmacdrbg_kdf.c35 unsigned char *entropy, *nonce; member
65 OPENSSL_clear_free(ctx->nonce, ctx->noncelen); in hmac_drbg_kdf_reset()
104 || !ossl_prov_memdup(src->nonce, src->noncelen, in hmac_drbg_kdf_dup()
105 &dst->nonce, &dst->noncelen)) in hmac_drbg_kdf_dup()
128 || ctx->nonce == NULL in hmac_drbg_kdf_derive()
131 ctx->nonce, ctx->noncelen, NULL, 0)) in hmac_drbg_kdf_derive()
206 OPENSSL_free(hmac->nonce); in hmac_drbg_kdf_set_ctx_params()
207 hmac->nonce = ptr; in hmac_drbg_kdf_set_ctx_params()
/openssl/ssl/record/methods/
H A Dtls13_meth.c37 rl->nonce = OPENSSL_malloc(ivlen); in tls13_set_crypto_state()
38 if (rl->nonce == NULL) in tls13_set_crypto_state()
94 unsigned char *nonce; in tls13_cipher() local
111 nonce = rl->nonce; in tls13_cipher()
161 memcpy(nonce, staticiv, offset); in tls13_cipher()
163 nonce[offset + loop] = staticiv[offset + loop] ^ seq[loop]; in tls13_cipher()
187 || !EVP_MAC_update(mac_ctx, nonce, nonce_len) in tls13_cipher()
215 if (EVP_CipherInit_ex(enc_ctx, NULL, NULL, NULL, nonce, sending) <= 0 in tls13_cipher()
/openssl/doc/man7/
H A DEVP_RAND-TEST-RAND.pod62 Sets the bytes returned when the test generator is sent a nonce request.
63 Each nonce request will return all of the bytes.
67 If this parameter is zero, it will only emit the nonce and entropy data
88 unsigned char nonce[20] = { ... };
99 nonce, sizeof(nonce));
H A DEVP_KDF-HMAC-DRBG.pod11 to L<EVP_RAND-HMAC-DRBG(7)>, but uses fixed values for its entropy and nonce
12 values. This is used to generate deterministic nonce value required by ECDSA
36 =item "nonce" (B<OSSL_KDF_PARAM_HMACDRBG_NONCE>) <octet string>
38 Sets the nonce bytes supplied to the HMAC-DRBG.
/openssl/crypto/ocsp/
H A Dv3_ocsp.c23 static int i2r_ocsp_crlid(const X509V3_EXT_METHOD *method, void *nonce,
25 static int i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *nonce,
34 static int i2r_ocsp_nonce(const X509V3_EXT_METHOD *method, void *nonce,
215 static int i2r_ocsp_nonce(const X509V3_EXT_METHOD *method, void *nonce, in i2r_ocsp_nonce() argument
220 if (i2a_ASN1_STRING(out, nonce, V_ASN1_OCTET_STRING) <= 0) in i2r_ocsp_nonce()
/openssl/crypto/ec/curve448/
H A Deddsa.c203 uint8_t nonce[2 * EDDSA_448_PRIVATE_BYTES]; in ossl_c448_ed448_sign() local
205 if (!EVP_DigestFinalXOF(hashctx, nonce, sizeof(nonce))) in ossl_c448_ed448_sign()
207 ossl_curve448_scalar_decode_long(nonce_scalar, nonce, sizeof(nonce)); in ossl_c448_ed448_sign()
208 OPENSSL_cleanse(nonce, sizeof(nonce)); in ossl_c448_ed448_sign()
/openssl/providers/implementations/rands/
H A Dtest_rng.c48 unsigned char *entropy, *nonce; member
76 OPENSSL_free(t->nonce); in test_rng_free()
175 if (t->nonce == NULL) in test_rng_nonce()
178 memcpy(out, t->nonce, t->nonce_len); in test_rng_nonce()
254 OPENSSL_free(t->nonce); in test_rng_set_ctx_params()
255 t->nonce = ptr; in test_rng_set_ctx_params()
/openssl/include/crypto/
H A Dpoly1305.h25 const unsigned int nonce[4]);
32 unsigned int nonce[4]; member
/openssl/crypto/evp/
H A De_chacha20_poly1305.c155 unsigned int nonce[12/4]; member
192 actx->nonce[0] = actx->key.counter[1]; in chacha20_poly1305_init_key()
193 actx->nonce[1] = actx->key.counter[2]; in chacha20_poly1305_init_key()
194 actx->nonce[2] = actx->key.counter[3]; in chacha20_poly1305_init_key()
546 actx->nonce[0] = actx->key.counter[1] in chacha20_poly1305_ctrl()
548 actx->nonce[1] = actx->key.counter[2] in chacha20_poly1305_ctrl()
550 actx->nonce[2] = actx->key.counter[3] in chacha20_poly1305_ctrl()
593 actx->key.counter[1] = actx->nonce[0]; in chacha20_poly1305_ctrl()
594 actx->key.counter[2] = actx->nonce[1] ^ CHACHA_U8TOU32(aad); in chacha20_poly1305_ctrl()
595 actx->key.counter[3] = actx->nonce[2] ^ CHACHA_U8TOU32(aad+4); in chacha20_poly1305_ctrl()
/openssl/crypto/poly1305/asm/
H A Dpoly1305-mips.pl353 my ($ctx,$mac,$nonce) = ($a0,$a1,$a2);
384 lwu $tmp0,0($nonce) # load nonce
385 lwu $tmp1,4($nonce)
386 lwu $tmp2,8($nonce)
387 lwu $tmp3,12($nonce)

Completed in 36 milliseconds

1234