/fuchsia/zircon/third_party/ulib/uboringssl/include/openssl/ |
H A D | chacha.h | 30 // nonce and writes the result to |out|. If |in| and |out| alias, they must be 34 const uint8_t nonce[12], uint32_t counter);
|
H A D | aead.h | 29 // message has a unique, per-message nonce and, optionally, additional data 55 // When sealing messages, a nonce must be given. The length of the nonce is 57 // nonce must be unique for all messages with the same key*. This is critically 58 // important - nonce reuse may completely undermine the security of the AEAD. 61 // randomly. The nonce must be passed into the "open" operation by the receiver 96 // is specified to take a variable-length nonce, nonces with other lengths are 105 // is specified to take a variable-length nonce, nonces with other lengths are 116 // authentication. The nonce is 12 bytes; the bottom 32-bits are used as the 153 // EVP_AEAD_nonce_length returns the length, in bytes, of the per-message nonce [all...] |
/fuchsia/zircon/third_party/ulib/uboringssl/crypto/chacha/ |
H A D | chacha.c | 40 const uint8_t key[32], const uint8_t nonce[12], 45 counter_nonce[1] = U8TO32_LITTLE(nonce + 0); 46 counter_nonce[2] = U8TO32_LITTLE(nonce + 4); 47 counter_nonce[3] = U8TO32_LITTLE(nonce + 8); 120 const uint8_t key[32], const uint8_t nonce[12], 144 input[13] = U8TO32_LITTLE(nonce + 0); 145 input[14] = U8TO32_LITTLE(nonce + 4); 146 input[15] = U8TO32_LITTLE(nonce + 8); 39 CRYPTO_chacha_20(uint8_t *out, const uint8_t *in, size_t in_len, const uint8_t key[32], const uint8_t nonce[12], uint32_t counter) argument 119 CRYPTO_chacha_20(uint8_t *out, const uint8_t *in, size_t in_len, const uint8_t key[32], const uint8_t nonce[12], uint32_t counter) argument
|
/fuchsia/zircon/system/ulib/crypto/include/crypto/ |
H A D | aead.h | 19 // the IV and tag. A 64 bit nonce is used to seal plain texts, meaning a given key and IV can be 72 zx_status_t Open(uint64_t nonce, const Bytes& ctext, Bytes* out_ptext) { argument 73 return Open(nonce, ctext, nullptr, 0, out_ptext); 75 zx_status_t Open(uint64_t nonce, const Bytes& ctext, const Bytes& aad, Bytes* out_ptext) { argument 76 return Open(nonce, ctext, aad.get(), aad.len(), out_ptext); 91 zx_status_t Open(uint64_t nonce, const Bytes& ctext, const uint8_t* aad, size_t aad_len,
|
/fuchsia/zircon/system/utest/crypto/ |
H A D | aead.cpp | 143 uint64_t nonce; local 148 EXPECT_ZX(sealer.Seal(ptext, &nonce, &ctext), ZX_ERR_BAD_STATE); 153 EXPECT_ZX(sealer.Seal(ptext, &nonce, nullptr), ZX_ERR_INVALID_ARGS); 156 EXPECT_ZX(sealer.Open(nonce, ctext, &ptext), ZX_ERR_BAD_STATE); 159 EXPECT_OK(sealer.Seal(ptext, &nonce, &ctext)); 161 EXPECT_OK(sealer.Seal(ptext, &nonce, &ctext)); 165 EXPECT_ZX(sealer.Seal(ptext, &nonce, &ctext), ZX_ERR_BAD_STATE); 174 uint64_t nonce = 0; local 180 // ASSERT_OK(sealer.Seal(ptext, &nonce, &ctext)); 184 EXPECT_ZX(opener.Open(nonce, ctex 238 uint64_t nonce; local 479 uint64_t nonce; local [all...] |
/fuchsia/zircon/third_party/ulib/uboringssl/crypto/fipsmodule/cipher/ |
H A D | internal.h | 93 size_t max_out_len, const uint8_t *nonce, size_t nonce_len, 99 const uint8_t *nonce, size_t nonce_len, const uint8_t *in, 104 const uint8_t *nonce, size_t nonce_len, const uint8_t *in,
|
H A D | aead.c | 116 size_t max_out_len, const uint8_t *nonce, 136 max_out_len - in_len, nonce, nonce_len, in, 152 *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce, size_t 169 nonce, nonce_len, in, in_len, extra_in, 184 size_t max_out_len, const uint8_t *nonce, 193 if (!ctx->aead->open(ctx, out, out_len, max_out_len, nonce, nonce_len, in, 214 if (EVP_AEAD_CTX_open_gather(ctx, out, nonce, nonce_len, in, plaintext_len, 230 const uint8_t *nonce, size_t nonce_len, 244 if (ctx->aead->open_gather(ctx, out, nonce, nonce_len, in, in_len, in_tag, 115 EVP_AEAD_CTX_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t *out_len, size_t max_out_len, const uint8_t *nonce, size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *ad, size_t ad_len) argument 150 EVP_AEAD_CTX_seal_scatter( const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t *out_tag, size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce, size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *extra_in, size_t extra_in_len, const uint8_t *ad, size_t ad_len) argument 183 EVP_AEAD_CTX_open(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t *out_len, size_t max_out_len, const uint8_t *nonce, size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *ad, size_t ad_len) argument 229 EVP_AEAD_CTX_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out, const uint8_t *nonce, size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *in_tag, size_t in_tag_len, const uint8_t *ad, size_t ad_len) argument
|
H A D | e_aes.c | 938 const uint8_t *nonce, size_t nonce_len, 962 CRYPTO_gcm128_setiv(&gcm, key, nonce, nonce_len); 999 const uint8_t *nonce, size_t nonce_len, 1020 CRYPTO_gcm128_setiv(&gcm, key, nonce, nonce_len); 1105 size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce, 1116 OPENSSL_memcpy(&given_counter, nonce + nonce_len - sizeof(given_counter), 1128 max_out_tag_len, nonce, nonce_len, in, 1194 size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce, 1205 // of the TLS 1.3 nonce construction. 1207 OPENSSL_memcpy(&given_counter, nonce 935 aead_aes_gcm_seal_scatter(const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t *out_tag, size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce, size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *extra_in, size_t extra_in_len, const uint8_t *ad, size_t ad_len) argument 998 aead_aes_gcm_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out, const uint8_t *nonce, size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *in_tag, size_t in_tag_len, const uint8_t *ad, size_t ad_len) argument 1103 aead_aes_gcm_tls12_seal_scatter( const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t *out_tag, size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce, size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *extra_in, size_t extra_in_len, const uint8_t *ad, size_t ad_len) argument 1192 aead_aes_gcm_tls13_seal_scatter( const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t *out_tag, size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce, size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *extra_in, size_t extra_in_len, const uint8_t *ad, size_t ad_len) argument [all...] |
/fuchsia/zircon/kernel/lib/crypto/ |
H A D | prng.cpp | 87 uint128_t nonce; local 90 nonce = 0; 94 nonce = ++nonce_; 97 ASSERT(nonce < kNonceOverflow); 99 uint8_t* nonce_u8 = reinterpret_cast<uint8_t*>(&nonce); 103 // the caller, and a 96-bit nonce that changes on each call. We don't zero
|
/fuchsia/zircon/system/ulib/trace-engine/ |
H A D | rules.mk | 16 $(LOCAL_DIR)/nonce.cpp
|
/fuchsia/zircon/third_party/ulib/uboringssl/crypto/cipher_extra/ |
H A D | e_aesgcmsiv.c | 149 // |key_schedule| and the nonce in |nonce|. Note that, while only 12 bytes of 150 // the nonce are used, 16 bytes are read and so the value must be 152 extern void aes128gcmsiv_kdf(const uint8_t nonce[16], 157 extern void aes256gcmsiv_kdf(const uint8_t nonce[16], 222 const uint8_t nonce[12]) { 272 out_tag[i] ^= nonce[i]; 310 // keys given the |nonce|. 314 const uint8_t nonce[12]) { 316 OPENSSL_memcpy(padded_nonce, nonce, 1 219 gcm_siv_asm_polyval(uint8_t out_tag[16], const uint8_t *in, size_t in_len, const uint8_t *ad, size_t ad_len, const uint8_t auth_key[16], const uint8_t nonce[12]) argument 311 aead_aes_gcm_siv_kdf( int is_128_bit, const struct aead_aes_gcm_siv_asm_ctx *gcm_siv_ctx, uint64_t out_record_auth_key[2], uint64_t out_record_enc_key[4], const uint8_t nonce[12]) argument 335 aead_aes_gcm_siv_asm_seal_scatter( const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t *out_tag, size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce, size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *extra_in, size_t extra_in_len, const uint8_t *ad, size_t ad_len) argument 405 aead_aes_gcm_siv_asm_open(const EVP_AEAD_CTX *ctx, uint8_t *out, size_t *out_len, size_t max_out_len, const uint8_t *nonce, size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *ad, size_t ad_len) argument 636 gcm_siv_polyval( uint8_t out_tag[16], const uint8_t *in, size_t in_len, const uint8_t *ad, size_t ad_len, const uint8_t auth_key[16], const uint8_t nonce[EVP_AEAD_AES_GCM_SIV_NONCE_LEN]) argument 691 gcm_siv_keys( const struct aead_aes_gcm_siv_ctx *gcm_siv_ctx, struct gcm_siv_record_keys *out_keys, const uint8_t nonce[EVP_AEAD_AES_GCM_SIV_NONCE_LEN]) argument 716 aead_aes_gcm_siv_seal_scatter( const EVP_AEAD_CTX *ctx, uint8_t *out, uint8_t *out_tag, size_t *out_tag_len, size_t max_out_tag_len, const uint8_t *nonce, size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *extra_in, size_t extra_in_len, const uint8_t *ad, size_t ad_len) argument 757 aead_aes_gcm_siv_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out, const uint8_t *nonce, size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *in_tag, size_t in_tag_len, const uint8_t *ad, size_t ad_len) argument [all...] |
/fuchsia/zircon/system/ulib/crypto/ |
H A D | aead.cpp | 148 // Increment nonce 149 uint64_t nonce = iv_[0]; local 156 *out_nonce = nonce; 160 zx_status_t AEAD::Open(uint64_t nonce, const Bytes& ctext, const uint8_t* aad, size_t aad_len, Bytes* out_ptext) { argument 179 // Inject nonce 180 iv_[0] = nonce;
|
/fuchsia/zircon/system/ulib/zxcrypt/ |
H A D | volume.cpp | 597 zx_off_t nonce; local 607 (rc = aead.Seal(ptext, header_, &nonce, &ctext)) != ZX_OK) { 611 if (memcmp(&nonce, wrap_iv_.get(), sizeof(nonce)) != 0) { 612 xprintf("unexpected nonce: %" PRIu64 "\n", nonce); 668 // Extract nonce from IV. 669 zx_off_t nonce; local 670 memcpy(&nonce, wrap_iv_.get(), sizeof(nonce)); [all...] |
/fuchsia/zircon/third_party/ulib/uboringssl/crypto/fipsmodule/modes/ |
H A D | internal.h | 196 // CRYPTO_gcm128_setiv sets the IV (nonce) for |ctx|. The |key| must be the 222 // a CTR function that only handles the bottom 32 bits of the nonce, like 232 // a CTR function that only handles the bottom 32 bits of the nonce, like 274 const uint8_t *nonce, size_t nonce_len, 283 const uint8_t *nonce, size_t nonce_len,
|