| crypto.9 (147647) | crypto.9 (157635) |
|---|---|
| 1.\" $OpenBSD: crypto.9,v 1.19 2002/07/16 06:31:57 angelos Exp $ 2.\" 3.\" The author of this manual page is Angelos D. Keromytis (angelos@cis.upenn.edu) 4.\" 5.\" Copyright (c) 2000, 2001 Angelos D. Keromytis 6.\" 7.\" Permission to use, copy, and modify this software with or without fee 8.\" is hereby granted, provided that this entire notice is included in 9.\" all source code copies of any software which is or includes a copy or 10.\" modification of this software. 11.\" 12.\" THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR 13.\" IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY 14.\" REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE 15.\" MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR 16.\" PURPOSE. 17.\" | 1.\" $OpenBSD: crypto.9,v 1.19 2002/07/16 06:31:57 angelos Exp $ 2.\" 3.\" The author of this manual page is Angelos D. Keromytis (angelos@cis.upenn.edu) 4.\" 5.\" Copyright (c) 2000, 2001 Angelos D. Keromytis 6.\" 7.\" Permission to use, copy, and modify this software with or without fee 8.\" is hereby granted, provided that this entire notice is included in 9.\" all source code copies of any software which is or includes a copy or 10.\" modification of this software. 11.\" 12.\" THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR 13.\" IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY 14.\" REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE 15.\" MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR 16.\" PURPOSE. 17.\" |
| 18.\" $FreeBSD: head/share/man/man9/crypto.9 147647 2005-06-28 20:15:19Z hmp $ | 18.\" $FreeBSD: head/share/man/man9/crypto.9 157635 2006-04-10 18:17:43Z pjd $ |
| 19.\" 20.Dd October 14, 2002 21.Dt CRYPTO 9 22.Os 23.Sh NAME 24.Nm crypto 25.Nd API for cryptographic services in the kernel 26.Sh SYNOPSIS --- 286 unchanged lines hidden (view full) --- 313For encryption algorithms, this is where the initialization vector 314(IV) will be inserted when encrypting or where it can be found when 315decrypting (subject to 316.Va crd_flags ) . 317For MAC algorithms, this is where the result of the keyed hash will be 318inserted. 319.It Va crd_flags 320The following flags are defined: | 19.\" 20.Dd October 14, 2002 21.Dt CRYPTO 9 22.Os 23.Sh NAME 24.Nm crypto 25.Nd API for cryptographic services in the kernel 26.Sh SYNOPSIS --- 286 unchanged lines hidden (view full) --- 313For encryption algorithms, this is where the initialization vector 314(IV) will be inserted when encrypting or where it can be found when 315decrypting (subject to 316.Va crd_flags ) . 317For MAC algorithms, this is where the result of the keyed hash will be 318inserted. 319.It Va crd_flags 320The following flags are defined: |
| 321.Bl -tag -width ".Dv CRD_F_IV_EXPLICIT" | 321.Bl -tag -width ".Dv CRD" |
| 322.It Dv CRD_F_ENCRYPT 323For encryption algorithms, this bit is set when encryption is required 324(when not set, decryption is performed). 325.It Dv CRD_F_IV_PRESENT 326For encryption algorithms, this bit is set when the IV already 327precedes the data, so the 328.Va crd_inject 329value will be ignored and no IV will be written in the buffer. --- 9 unchanged lines hidden (view full) --- 339can use this flag to indicate that the IV should not be written on the packet. 340This flag is typically used in conjunction with the 341.Dv CRD_F_IV_EXPLICIT 342flag. 343.It Dv CRD_F_IV_EXPLICIT 344For encryption algorithms, this bit is set when the IV is explicitly 345provided by the consumer in the 346.Va cri_iv | 322.It Dv CRD_F_ENCRYPT 323For encryption algorithms, this bit is set when encryption is required 324(when not set, decryption is performed). 325.It Dv CRD_F_IV_PRESENT 326For encryption algorithms, this bit is set when the IV already 327precedes the data, so the 328.Va crd_inject 329value will be ignored and no IV will be written in the buffer. --- 9 unchanged lines hidden (view full) --- 339can use this flag to indicate that the IV should not be written on the packet. 340This flag is typically used in conjunction with the 341.Dv CRD_F_IV_EXPLICIT 342flag. 343.It Dv CRD_F_IV_EXPLICIT 344For encryption algorithms, this bit is set when the IV is explicitly 345provided by the consumer in the 346.Va cri_iv |
| 347fields. | 347field. |
| 348Otherwise, for encryption operations the IV is provided for by 349the driver used to perform the operation, whereas for decryption 350operations it is pointed to by the 351.Va crd_inject 352field. 353This flag is typically used when the IV is calculated 354.Dq "on the fly" 355by the consumer, and does not precede the data (some 356.Xr ipsec 4 357configurations, and the encrypted swap are two such examples). | 348Otherwise, for encryption operations the IV is provided for by 349the driver used to perform the operation, whereas for decryption 350operations it is pointed to by the 351.Va crd_inject 352field. 353This flag is typically used when the IV is calculated 354.Dq "on the fly" 355by the consumer, and does not precede the data (some 356.Xr ipsec 4 357configurations, and the encrypted swap are two such examples). |
| 358.It Dv CRD_F_KEY_EXPLICIT 359For encryption algorithms, this bit is set when the key is explicitly 360provided by the consumer in the 361.Va cri_key 362field for the given operation. 363Otherwise, the key is taken from at newsession time from the same field. |
|
| 358.It Dv CRD_F_COMP 359For compression algorithms, this bit is set when compression is required (when 360not set, decompression is performed). 361.El 362.It Va CRD_INI 363This 364.Vt cryptoini 365structure will not be modified by the framework or the device drivers. --- 252 unchanged lines hidden --- | 364.It Dv CRD_F_COMP 365For compression algorithms, this bit is set when compression is required (when 366not set, decompression is performed). 367.El 368.It Va CRD_INI 369This 370.Vt cryptoini 371structure will not be modified by the framework or the device drivers. --- 252 unchanged lines hidden --- |