summaryrefslogtreecommitdiff
path: root/static/freebsd/man7/crypto.7 3.html
diff options
context:
space:
mode:
Diffstat (limited to 'static/freebsd/man7/crypto.7 3.html')
-rw-r--r--static/freebsd/man7/crypto.7 3.html327
1 files changed, 0 insertions, 327 deletions
diff --git a/static/freebsd/man7/crypto.7 3.html b/static/freebsd/man7/crypto.7 3.html
deleted file mode 100644
index 5b52df72..00000000
--- a/static/freebsd/man7/crypto.7 3.html
+++ /dev/null
@@ -1,327 +0,0 @@
-<table class="head">
- <tr>
- <td class="head-ltitle">CRYPTO(7)</td>
- <td class="head-vol">Miscellaneous Information Manual</td>
- <td class="head-rtitle">CRYPTO(7)</td>
- </tr>
-</table>
-<div class="manual-text">
-<section class="Sh">
-<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
-<p class="Pp"><code class="Nm">crypto</code> &#x2014;
- <span class="Nd">OpenCrypto algorithms</span></p>
-</section>
-<section class="Sh">
-<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
-<p class="Pp">The in-kernel OpenCrypto framework supports several different
- encryption and authentication algorithms. This document describes the
- parameters and requirements of these algorithms. Unless otherwise noted, all
- sizes listed below are in bytes.</p>
-<section class="Ss">
-<h2 class="Ss" id="Authenticators"><a class="permalink" href="#Authenticators">Authenticators</a></h2>
-<p class="Pp">Authenticators compute a value (also known as a digest, hash, or
- tag) over an input of bytes. In-kernel requests can either compute the value
- for a given input, or verify if a given tag matches the computed tag for a
- given input. The following authentication algorithms are supported:</p>
-<table class="Bl-column">
- <tr id="Name">
- <td><a class="permalink" href="#Name"><b class="Sy">Name</b></a></td>
- <td><a class="permalink" href="#Nonce"><b class="Sy" id="Nonce">Nonce</b></a></td>
- <td><a class="permalink" href="#Key"><b class="Sy" id="Key">Key
- Sizes</b></a></td>
- <td><a class="permalink" href="#Digest"><b class="Sy" id="Digest">Digest</b></a></td>
- <td><a class="permalink" href="#Description"><b class="Sy" id="Description">Description</b></a></td>
- </tr>
- <tr id="CRYPTO_AES_CCM_CBC_MAC">
- <td><a class="permalink" href="#CRYPTO_AES_CCM_CBC_MAC"><code class="Dv">CRYPTO_AES_CCM_CBC_MAC</code></a></td>
- <td>12</td>
- <td>16, 24, 32</td>
- <td>16</td>
- <td>Authentication-only mode of AES-CCM</td>
- </tr>
- <tr id="CRYPTO_AES_NIST_GMAC">
- <td><a class="permalink" href="#CRYPTO_AES_NIST_GMAC"><code class="Dv">CRYPTO_AES_NIST_GMAC</code></a></td>
- <td>12</td>
- <td>16, 24, 32</td>
- <td>16</td>
- <td>Galois message authentication code</td>
- </tr>
- <tr id="CRYPTO_BLAKE2B">
- <td><a class="permalink" href="#CRYPTO_BLAKE2B"><code class="Dv">CRYPTO_BLAKE2B</code></a></td>
- <td></td>
- <td>0, 64</td>
- <td>64</td>
- <td>Blake2b</td>
- </tr>
- <tr id="CRYPTO_BLAKE2S">
- <td><a class="permalink" href="#CRYPTO_BLAKE2S"><code class="Dv">CRYPTO_BLAKE2S</code></a></td>
- <td></td>
- <td>0, 32</td>
- <td>32</td>
- <td>Blake2s</td>
- </tr>
- <tr id="CRYPTO_NULL_HMAC">
- <td><a class="permalink" href="#CRYPTO_NULL_HMAC"><code class="Dv">CRYPTO_NULL_HMAC</code></a></td>
- <td></td>
- <td></td>
- <td>12</td>
- <td>IPsec NULL HMAC</td>
- </tr>
- <tr id="CRYPTO_POLY1305">
- <td><a class="permalink" href="#CRYPTO_POLY1305"><code class="Dv">CRYPTO_POLY1305</code></a></td>
- <td></td>
- <td>32</td>
- <td>16</td>
- <td>Poly1305 authenticator</td>
- </tr>
- <tr id="CRYPTO_RIPEMD160">
- <td><a class="permalink" href="#CRYPTO_RIPEMD160"><code class="Dv">CRYPTO_RIPEMD160</code></a></td>
- <td></td>
- <td></td>
- <td>20</td>
- <td>RIPE Message Digest-160</td>
- </tr>
- <tr id="CRYPTO_RIPEMD160_HMAC">
- <td><a class="permalink" href="#CRYPTO_RIPEMD160_HMAC"><code class="Dv">CRYPTO_RIPEMD160_HMAC</code></a></td>
- <td></td>
- <td>64</td>
- <td>20</td>
- <td>RIPE Message Digest-160 HMAC</td>
- </tr>
- <tr id="CRYPTO_SHA1">
- <td><a class="permalink" href="#CRYPTO_SHA1"><code class="Dv">CRYPTO_SHA1</code></a></td>
- <td></td>
- <td></td>
- <td>20</td>
- <td>SHA-1</td>
- </tr>
- <tr id="CRYPTO_SHA1_HMAC">
- <td><a class="permalink" href="#CRYPTO_SHA1_HMAC"><code class="Dv">CRYPTO_SHA1_HMAC</code></a></td>
- <td></td>
- <td>64</td>
- <td>20</td>
- <td>SHA-1 HMAC</td>
- </tr>
- <tr id="CRYPTO_SHA2_224">
- <td><a class="permalink" href="#CRYPTO_SHA2_224"><code class="Dv">CRYPTO_SHA2_224</code></a></td>
- <td></td>
- <td></td>
- <td>28</td>
- <td>SHA-2 224</td>
- </tr>
- <tr id="CRYPTO_SHA2_224_HMAC">
- <td><a class="permalink" href="#CRYPTO_SHA2_224_HMAC"><code class="Dv">CRYPTO_SHA2_224_HMAC</code></a></td>
- <td></td>
- <td>64</td>
- <td>28</td>
- <td>SHA-2 224 HMAC</td>
- </tr>
- <tr id="CRYPTO_SHA2_256">
- <td><a class="permalink" href="#CRYPTO_SHA2_256"><code class="Dv">CRYPTO_SHA2_256</code></a></td>
- <td></td>
- <td></td>
- <td>32</td>
- <td>SHA-2 256</td>
- </tr>
- <tr id="CRYPTO_SHA2_256_HMAC">
- <td><a class="permalink" href="#CRYPTO_SHA2_256_HMAC"><code class="Dv">CRYPTO_SHA2_256_HMAC</code></a></td>
- <td></td>
- <td>64</td>
- <td>32</td>
- <td>SHA-2 256 HMAC</td>
- </tr>
- <tr id="CRYPTO_SHA2_384">
- <td><a class="permalink" href="#CRYPTO_SHA2_384"><code class="Dv">CRYPTO_SHA2_384</code></a></td>
- <td></td>
- <td></td>
- <td>48</td>
- <td>SHA-2 384</td>
- </tr>
- <tr id="CRYPTO_SHA2_384_HMAC">
- <td><a class="permalink" href="#CRYPTO_SHA2_384_HMAC"><code class="Dv">CRYPTO_SHA2_384_HMAC</code></a></td>
- <td></td>
- <td>128</td>
- <td>48</td>
- <td>SHA-2 384 HMAC</td>
- </tr>
- <tr id="CRYPTO_SHA2_512">
- <td><a class="permalink" href="#CRYPTO_SHA2_512"><code class="Dv">CRYPTO_SHA2_512</code></a></td>
- <td></td>
- <td></td>
- <td>64</td>
- <td>SHA-2 512</td>
- </tr>
- <tr id="CRYPTO_SHA2_512_HMAC">
- <td><a class="permalink" href="#CRYPTO_SHA2_512_HMAC"><code class="Dv">CRYPTO_SHA2_512_HMAC</code></a></td>
- <td></td>
- <td>128</td>
- <td>64</td>
- <td>SHA-2 512 HMAC</td>
- </tr>
-</table>
-</section>
-<section class="Ss">
-<h2 class="Ss" id="Block_Ciphers"><a class="permalink" href="#Block_Ciphers">Block
- Ciphers</a></h2>
-<p class="Pp">Block ciphers in OCF can only operate on messages whose length is
- an exact multiple of the cipher's block size. OCF supports the following
- block ciphers:</p>
-<table class="Bl-column">
- <tr id="Name~2">
- <td><a class="permalink" href="#Name~2"><b class="Sy">Name</b></a></td>
- <td><a class="permalink" href="#IV"><b class="Sy" id="IV">IV
- Size</b></a></td>
- <td><a class="permalink" href="#Block"><b class="Sy" id="Block">Block
- Size</b></a></td>
- <td><a class="permalink" href="#Key~2"><b class="Sy" id="Key~2">Key
- Sizes</b></a></td>
- <td><a class="permalink" href="#Description~2"><b class="Sy" id="Description~2">Description</b></a></td>
- </tr>
- <tr id="CRYPTO_AES_CBC">
- <td><a class="permalink" href="#CRYPTO_AES_CBC"><code class="Dv">CRYPTO_AES_CBC</code></a></td>
- <td>16</td>
- <td>16</td>
- <td>16, 24, 32</td>
- <td>AES-CBC</td>
- </tr>
- <tr id="CRYPTO_AES_XTS">
- <td><a class="permalink" href="#CRYPTO_AES_XTS"><code class="Dv">CRYPTO_AES_XTS</code></a></td>
- <td>8</td>
- <td>16</td>
- <td>32, 64</td>
- <td>AES-XTS</td>
- </tr>
- <tr id="CRYPTO_CAMELLIA_CBC">
- <td><a class="permalink" href="#CRYPTO_CAMELLIA_CBC"><code class="Dv">CRYPTO_CAMELLIA_CBC</code></a></td>
- <td>16</td>
- <td>16</td>
- <td>16, 24, 32</td>
- <td>Camellia CBC</td>
- </tr>
- <tr id="CRYPTO_NULL_CBC">
- <td><a class="permalink" href="#CRYPTO_NULL_CBC"><code class="Dv">CRYPTO_NULL_CBC</code></a></td>
- <td>0</td>
- <td>4</td>
- <td>0-256</td>
- <td>IPsec NULL cipher</td>
- </tr>
-</table>
-<p class="Pp"><code class="Dv">CRYPTO_AES_XTS</code> implements XEX Tweakable
- Block Cipher with Ciphertext Stealing as defined in NIST SP 800-38E. OCF
- consumers provide the first 8 bytes of the IV. The remaining 8 bytes are
- defined to be a block counter beginning at 0.</p>
-<p class="Pp">NOTE: The ciphertext stealing part is not implemented in all
- backends which is why this cipher requires input that is a multiple of the
- block size.</p>
-</section>
-<section class="Ss">
-<h2 class="Ss" id="Stream_Ciphers"><a class="permalink" href="#Stream_Ciphers">Stream
- Ciphers</a></h2>
-<p class="Pp">Stream ciphers can operate on messages with arbitrary lengths. OCF
- supports the following stream ciphers:</p>
-<table class="Bl-column">
- <tr id="Name~3">
- <td><a class="permalink" href="#Name~3"><b class="Sy">Name</b></a></td>
- <td><a class="permalink" href="#IV~2"><b class="Sy" id="IV~2">IV
- Size</b></a></td>
- <td><a class="permalink" href="#Key~3"><b class="Sy" id="Key~3">Key
- Sizes</b></a></td>
- <td><a class="permalink" href="#Description~3"><b class="Sy" id="Description~3">Description</b></a></td>
- </tr>
- <tr id="CRYPTO_AES_ICM">
- <td><a class="permalink" href="#CRYPTO_AES_ICM"><code class="Dv">CRYPTO_AES_ICM</code></a></td>
- <td>16</td>
- <td>16, 24, 32</td>
- <td>AES Counter Mode</td>
- </tr>
- <tr id="CRYPTO_CHACHA20">
- <td><a class="permalink" href="#CRYPTO_CHACHA20"><code class="Dv">CRYPTO_CHACHA20</code></a></td>
- <td>16</td>
- <td>16, 32</td>
- <td>ChaCha20</td>
- </tr>
-</table>
-<p class="Pp">The IV for each request must be provided in
- <var class="Fa">crp_iv</var> via the
- <code class="Dv">CRYPTO_F_IV_SEPARATE</code> flag.</p>
-<p class="Pp"><code class="Dv">CRYPTO_AES_ICM</code> uses the entire IV as a
- 128-bit big endian block counter. The IV sets the initial counter value for
- a message. If a consumer wishes to use an IV whose value is split into
- separate nonce and counter fields (e.g., IPsec), the consumer is responsible
- for splitting requests to handle counter rollover.</p>
-<p class="Pp"><code class="Dv">CRYPTO_CHACHA20</code> accepts a 16 byte IV. The
- first 8 bytes are used as a nonce. The last 8 bytes are used as a 64-bit
- little-endian block counter.</p>
-</section>
-<section class="Ss">
-<h2 class="Ss" id="Authenticated_Encryption_with_Associated_Data_Algorithms"><a class="permalink" href="#Authenticated_Encryption_with_Associated_Data_Algorithms">Authenticated
- Encryption with Associated Data Algorithms</a></h2>
-<p class="Pp">AEAD algorithms in OCF combine a stream cipher with an
- authentication algorithm to provide both secrecy and authentication. AEAD
- algorithms accept additional authentication data (AAD) in addition to the
- ciphertext or plaintext. AAD is passed to the authentication algorithm as
- input in a method defined by the specific AEAD algorithm.</p>
-<p class="Pp">AEAD algorithms in OCF accept a nonce that is combined with an
- algorithm-defined counter to construct the IV for the underlying stream
- cipher. This nonce must be provided in <var class="Fa">crp_iv</var> via the
- <code class="Dv">CRYPTO_F_IV_SEPARATE</code> flag. Some AEAD algorithms
- support multiple nonce sizes. The first size listed is the default nonce
- size.</p>
-<p class="Pp">The following AEAD algorithms are supported:</p>
-<table class="Bl-column">
- <tr id="Name~4">
- <td><a class="permalink" href="#Name~4"><b class="Sy">Name</b></a></td>
- <td><a class="permalink" href="#Nonce~2"><b class="Sy" id="Nonce~2">Nonce</b></a></td>
- <td><a class="permalink" href="#Key~4"><b class="Sy" id="Key~4">Key
- Sizes</b></a></td>
- <td><a class="permalink" href="#Tag"><b class="Sy" id="Tag">Tag</b></a></td>
- <td><a class="permalink" href="#Description~4"><b class="Sy" id="Description~4">Description</b></a></td>
- </tr>
- <tr id="CRYPTO_AES_NIST_GCM_16">
- <td><a class="permalink" href="#CRYPTO_AES_NIST_GCM_16"><code class="Dv">CRYPTO_AES_NIST_GCM_16</code></a></td>
- <td>12</td>
- <td>16, 24, 32</td>
- <td>16</td>
- <td>AES Galois/Counter Mode</td>
- </tr>
- <tr id="CRYPTO_AES_CCM_16">
- <td><a class="permalink" href="#CRYPTO_AES_CCM_16"><code class="Dv">CRYPTO_AES_CCM_16</code></a></td>
- <td>12, 7-13</td>
- <td>16, 24, 32</td>
- <td>16</td>
- <td>AES Counter with CBC-MAC</td>
- </tr>
- <tr id="CRYPTO_CHACHA20_POLY1305">
- <td><a class="permalink" href="#CRYPTO_CHACHA20_POLY1305"><code class="Dv">CRYPTO_CHACHA20_POLY1305</code></a></td>
- <td>12, 8</td>
- <td>32</td>
- <td>16</td>
- <td>ChaCha20-Poly1305</td>
- </tr>
- <tr id="CRYPTO_XCHACHA20_POLY1305">
- <td><a class="permalink" href="#CRYPTO_XCHACHA20_POLY1305"><code class="Dv">CRYPTO_XCHACHA20_POLY1305</code></a></td>
- <td>24</td>
- <td>32</td>
- <td>16</td>
- <td>XChaCha20-Poly1305</td>
- </tr>
-</table>
-</section>
-</section>
-<section class="Sh">
-<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE
- ALSO</a></h1>
-<p class="Pp"><a class="Xr">crypto(4)</a>, <a class="Xr">crypto(9)</a></p>
-</section>
-<section class="Sh">
-<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1>
-<p class="Pp">The <code class="Nm">crypto</code> manual page first appeared in
- <span class="Ux">FreeBSD 10.1</span>.</p>
-</section>
-</div>
-<table class="foot">
- <tr>
- <td class="foot-date">January 11, 2022</td>
- <td class="foot-os">FreeBSD 15.0</td>
- </tr>
-</table>
generated by cgit v1.2.3 (git 2.46.0) at 2026-05-15 11:27:17 +0000