summaryrefslogtreecommitdiff
path: root/static/freebsd/man7/crypto.7 3.html
diff options
context:
space:
mode:
Diffstat (limited to 'static/freebsd/man7/crypto.7 3.html')
-rw-r--r--static/freebsd/man7/crypto.7 3.html327
1 files changed, 327 insertions, 0 deletions
diff --git a/static/freebsd/man7/crypto.7 3.html b/static/freebsd/man7/crypto.7 3.html
new file mode 100644
index 00000000..5b52df72
--- /dev/null
+++ b/static/freebsd/man7/crypto.7 3.html
@@ -0,0 +1,327 @@
+<table class="head">
+ <tr>
+ <td class="head-ltitle">CRYPTO(7)</td>
+ <td class="head-vol">Miscellaneous Information Manual</td>
+ <td class="head-rtitle">CRYPTO(7)</td>
+ </tr>
+</table>
+<div class="manual-text">
+<section class="Sh">
+<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
+<p class="Pp"><code class="Nm">crypto</code> &#x2014;
+ <span class="Nd">OpenCrypto algorithms</span></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
+<p class="Pp">The in-kernel OpenCrypto framework supports several different
+ encryption and authentication algorithms. This document describes the
+ parameters and requirements of these algorithms. Unless otherwise noted, all
+ sizes listed below are in bytes.</p>
+<section class="Ss">
+<h2 class="Ss" id="Authenticators"><a class="permalink" href="#Authenticators">Authenticators</a></h2>
+<p class="Pp">Authenticators compute a value (also known as a digest, hash, or
+ tag) over an input of bytes. In-kernel requests can either compute the value
+ for a given input, or verify if a given tag matches the computed tag for a
+ given input. The following authentication algorithms are supported:</p>
+<table class="Bl-column">
+ <tr id="Name">
+ <td><a class="permalink" href="#Name"><b class="Sy">Name</b></a></td>
+ <td><a class="permalink" href="#Nonce"><b class="Sy" id="Nonce">Nonce</b></a></td>
+ <td><a class="permalink" href="#Key"><b class="Sy" id="Key">Key
+ Sizes</b></a></td>
+ <td><a class="permalink" href="#Digest"><b class="Sy" id="Digest">Digest</b></a></td>
+ <td><a class="permalink" href="#Description"><b class="Sy" id="Description">Description</b></a></td>
+ </tr>
+ <tr id="CRYPTO_AES_CCM_CBC_MAC">
+ <td><a class="permalink" href="#CRYPTO_AES_CCM_CBC_MAC"><code class="Dv">CRYPTO_AES_CCM_CBC_MAC</code></a></td>
+ <td>12</td>
+ <td>16, 24, 32</td>
+ <td>16</td>
+ <td>Authentication-only mode of AES-CCM</td>
+ </tr>
+ <tr id="CRYPTO_AES_NIST_GMAC">
+ <td><a class="permalink" href="#CRYPTO_AES_NIST_GMAC"><code class="Dv">CRYPTO_AES_NIST_GMAC</code></a></td>
+ <td>12</td>
+ <td>16, 24, 32</td>
+ <td>16</td>
+ <td>Galois message authentication code</td>
+ </tr>
+ <tr id="CRYPTO_BLAKE2B">
+ <td><a class="permalink" href="#CRYPTO_BLAKE2B"><code class="Dv">CRYPTO_BLAKE2B</code></a></td>
+ <td></td>
+ <td>0, 64</td>
+ <td>64</td>
+ <td>Blake2b</td>
+ </tr>
+ <tr id="CRYPTO_BLAKE2S">
+ <td><a class="permalink" href="#CRYPTO_BLAKE2S"><code class="Dv">CRYPTO_BLAKE2S</code></a></td>
+ <td></td>
+ <td>0, 32</td>
+ <td>32</td>
+ <td>Blake2s</td>
+ </tr>
+ <tr id="CRYPTO_NULL_HMAC">
+ <td><a class="permalink" href="#CRYPTO_NULL_HMAC"><code class="Dv">CRYPTO_NULL_HMAC</code></a></td>
+ <td></td>
+ <td></td>
+ <td>12</td>
+ <td>IPsec NULL HMAC</td>
+ </tr>
+ <tr id="CRYPTO_POLY1305">
+ <td><a class="permalink" href="#CRYPTO_POLY1305"><code class="Dv">CRYPTO_POLY1305</code></a></td>
+ <td></td>
+ <td>32</td>
+ <td>16</td>
+ <td>Poly1305 authenticator</td>
+ </tr>
+ <tr id="CRYPTO_RIPEMD160">
+ <td><a class="permalink" href="#CRYPTO_RIPEMD160"><code class="Dv">CRYPTO_RIPEMD160</code></a></td>
+ <td></td>
+ <td></td>
+ <td>20</td>
+ <td>RIPE Message Digest-160</td>
+ </tr>
+ <tr id="CRYPTO_RIPEMD160_HMAC">
+ <td><a class="permalink" href="#CRYPTO_RIPEMD160_HMAC"><code class="Dv">CRYPTO_RIPEMD160_HMAC</code></a></td>
+ <td></td>
+ <td>64</td>
+ <td>20</td>
+ <td>RIPE Message Digest-160 HMAC</td>
+ </tr>
+ <tr id="CRYPTO_SHA1">
+ <td><a class="permalink" href="#CRYPTO_SHA1"><code class="Dv">CRYPTO_SHA1</code></a></td>
+ <td></td>
+ <td></td>
+ <td>20</td>
+ <td>SHA-1</td>
+ </tr>
+ <tr id="CRYPTO_SHA1_HMAC">
+ <td><a class="permalink" href="#CRYPTO_SHA1_HMAC"><code class="Dv">CRYPTO_SHA1_HMAC</code></a></td>
+ <td></td>
+ <td>64</td>
+ <td>20</td>
+ <td>SHA-1 HMAC</td>
+ </tr>
+ <tr id="CRYPTO_SHA2_224">
+ <td><a class="permalink" href="#CRYPTO_SHA2_224"><code class="Dv">CRYPTO_SHA2_224</code></a></td>
+ <td></td>
+ <td></td>
+ <td>28</td>
+ <td>SHA-2 224</td>
+ </tr>
+ <tr id="CRYPTO_SHA2_224_HMAC">
+ <td><a class="permalink" href="#CRYPTO_SHA2_224_HMAC"><code class="Dv">CRYPTO_SHA2_224_HMAC</code></a></td>
+ <td></td>
+ <td>64</td>
+ <td>28</td>
+ <td>SHA-2 224 HMAC</td>
+ </tr>
+ <tr id="CRYPTO_SHA2_256">
+ <td><a class="permalink" href="#CRYPTO_SHA2_256"><code class="Dv">CRYPTO_SHA2_256</code></a></td>
+ <td></td>
+ <td></td>
+ <td>32</td>
+ <td>SHA-2 256</td>
+ </tr>
+ <tr id="CRYPTO_SHA2_256_HMAC">
+ <td><a class="permalink" href="#CRYPTO_SHA2_256_HMAC"><code class="Dv">CRYPTO_SHA2_256_HMAC</code></a></td>
+ <td></td>
+ <td>64</td>
+ <td>32</td>
+ <td>SHA-2 256 HMAC</td>
+ </tr>
+ <tr id="CRYPTO_SHA2_384">
+ <td><a class="permalink" href="#CRYPTO_SHA2_384"><code class="Dv">CRYPTO_SHA2_384</code></a></td>
+ <td></td>
+ <td></td>
+ <td>48</td>
+ <td>SHA-2 384</td>
+ </tr>
+ <tr id="CRYPTO_SHA2_384_HMAC">
+ <td><a class="permalink" href="#CRYPTO_SHA2_384_HMAC"><code class="Dv">CRYPTO_SHA2_384_HMAC</code></a></td>
+ <td></td>
+ <td>128</td>
+ <td>48</td>
+ <td>SHA-2 384 HMAC</td>
+ </tr>
+ <tr id="CRYPTO_SHA2_512">
+ <td><a class="permalink" href="#CRYPTO_SHA2_512"><code class="Dv">CRYPTO_SHA2_512</code></a></td>
+ <td></td>
+ <td></td>
+ <td>64</td>
+ <td>SHA-2 512</td>
+ </tr>
+ <tr id="CRYPTO_SHA2_512_HMAC">
+ <td><a class="permalink" href="#CRYPTO_SHA2_512_HMAC"><code class="Dv">CRYPTO_SHA2_512_HMAC</code></a></td>
+ <td></td>
+ <td>128</td>
+ <td>64</td>
+ <td>SHA-2 512 HMAC</td>
+ </tr>
+</table>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Block_Ciphers"><a class="permalink" href="#Block_Ciphers">Block
+ Ciphers</a></h2>
+<p class="Pp">Block ciphers in OCF can only operate on messages whose length is
+ an exact multiple of the cipher's block size. OCF supports the following
+ block ciphers:</p>
+<table class="Bl-column">
+ <tr id="Name~2">
+ <td><a class="permalink" href="#Name~2"><b class="Sy">Name</b></a></td>
+ <td><a class="permalink" href="#IV"><b class="Sy" id="IV">IV
+ Size</b></a></td>
+ <td><a class="permalink" href="#Block"><b class="Sy" id="Block">Block
+ Size</b></a></td>
+ <td><a class="permalink" href="#Key~2"><b class="Sy" id="Key~2">Key
+ Sizes</b></a></td>
+ <td><a class="permalink" href="#Description~2"><b class="Sy" id="Description~2">Description</b></a></td>
+ </tr>
+ <tr id="CRYPTO_AES_CBC">
+ <td><a class="permalink" href="#CRYPTO_AES_CBC"><code class="Dv">CRYPTO_AES_CBC</code></a></td>
+ <td>16</td>
+ <td>16</td>
+ <td>16, 24, 32</td>
+ <td>AES-CBC</td>
+ </tr>
+ <tr id="CRYPTO_AES_XTS">
+ <td><a class="permalink" href="#CRYPTO_AES_XTS"><code class="Dv">CRYPTO_AES_XTS</code></a></td>
+ <td>8</td>
+ <td>16</td>
+ <td>32, 64</td>
+ <td>AES-XTS</td>
+ </tr>
+ <tr id="CRYPTO_CAMELLIA_CBC">
+ <td><a class="permalink" href="#CRYPTO_CAMELLIA_CBC"><code class="Dv">CRYPTO_CAMELLIA_CBC</code></a></td>
+ <td>16</td>
+ <td>16</td>
+ <td>16, 24, 32</td>
+ <td>Camellia CBC</td>
+ </tr>
+ <tr id="CRYPTO_NULL_CBC">
+ <td><a class="permalink" href="#CRYPTO_NULL_CBC"><code class="Dv">CRYPTO_NULL_CBC</code></a></td>
+ <td>0</td>
+ <td>4</td>
+ <td>0-256</td>
+ <td>IPsec NULL cipher</td>
+ </tr>
+</table>
+<p class="Pp"><code class="Dv">CRYPTO_AES_XTS</code> implements XEX Tweakable
+ Block Cipher with Ciphertext Stealing as defined in NIST SP 800-38E. OCF
+ consumers provide the first 8 bytes of the IV. The remaining 8 bytes are
+ defined to be a block counter beginning at 0.</p>
+<p class="Pp">NOTE: The ciphertext stealing part is not implemented in all
+ backends which is why this cipher requires input that is a multiple of the
+ block size.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Stream_Ciphers"><a class="permalink" href="#Stream_Ciphers">Stream
+ Ciphers</a></h2>
+<p class="Pp">Stream ciphers can operate on messages with arbitrary lengths. OCF
+ supports the following stream ciphers:</p>
+<table class="Bl-column">
+ <tr id="Name~3">
+ <td><a class="permalink" href="#Name~3"><b class="Sy">Name</b></a></td>
+ <td><a class="permalink" href="#IV~2"><b class="Sy" id="IV~2">IV
+ Size</b></a></td>
+ <td><a class="permalink" href="#Key~3"><b class="Sy" id="Key~3">Key
+ Sizes</b></a></td>
+ <td><a class="permalink" href="#Description~3"><b class="Sy" id="Description~3">Description</b></a></td>
+ </tr>
+ <tr id="CRYPTO_AES_ICM">
+ <td><a class="permalink" href="#CRYPTO_AES_ICM"><code class="Dv">CRYPTO_AES_ICM</code></a></td>
+ <td>16</td>
+ <td>16, 24, 32</td>
+ <td>AES Counter Mode</td>
+ </tr>
+ <tr id="CRYPTO_CHACHA20">
+ <td><a class="permalink" href="#CRYPTO_CHACHA20"><code class="Dv">CRYPTO_CHACHA20</code></a></td>
+ <td>16</td>
+ <td>16, 32</td>
+ <td>ChaCha20</td>
+ </tr>
+</table>
+<p class="Pp">The IV for each request must be provided in
+ <var class="Fa">crp_iv</var> via the
+ <code class="Dv">CRYPTO_F_IV_SEPARATE</code> flag.</p>
+<p class="Pp"><code class="Dv">CRYPTO_AES_ICM</code> uses the entire IV as a
+ 128-bit big endian block counter. The IV sets the initial counter value for
+ a message. If a consumer wishes to use an IV whose value is split into
+ separate nonce and counter fields (e.g., IPsec), the consumer is responsible
+ for splitting requests to handle counter rollover.</p>
+<p class="Pp"><code class="Dv">CRYPTO_CHACHA20</code> accepts a 16 byte IV. The
+ first 8 bytes are used as a nonce. The last 8 bytes are used as a 64-bit
+ little-endian block counter.</p>
+</section>
+<section class="Ss">
+<h2 class="Ss" id="Authenticated_Encryption_with_Associated_Data_Algorithms"><a class="permalink" href="#Authenticated_Encryption_with_Associated_Data_Algorithms">Authenticated
+ Encryption with Associated Data Algorithms</a></h2>
+<p class="Pp">AEAD algorithms in OCF combine a stream cipher with an
+ authentication algorithm to provide both secrecy and authentication. AEAD
+ algorithms accept additional authentication data (AAD) in addition to the
+ ciphertext or plaintext. AAD is passed to the authentication algorithm as
+ input in a method defined by the specific AEAD algorithm.</p>
+<p class="Pp">AEAD algorithms in OCF accept a nonce that is combined with an
+ algorithm-defined counter to construct the IV for the underlying stream
+ cipher. This nonce must be provided in <var class="Fa">crp_iv</var> via the
+ <code class="Dv">CRYPTO_F_IV_SEPARATE</code> flag. Some AEAD algorithms
+ support multiple nonce sizes. The first size listed is the default nonce
+ size.</p>
+<p class="Pp">The following AEAD algorithms are supported:</p>
+<table class="Bl-column">
+ <tr id="Name~4">
+ <td><a class="permalink" href="#Name~4"><b class="Sy">Name</b></a></td>
+ <td><a class="permalink" href="#Nonce~2"><b class="Sy" id="Nonce~2">Nonce</b></a></td>
+ <td><a class="permalink" href="#Key~4"><b class="Sy" id="Key~4">Key
+ Sizes</b></a></td>
+ <td><a class="permalink" href="#Tag"><b class="Sy" id="Tag">Tag</b></a></td>
+ <td><a class="permalink" href="#Description~4"><b class="Sy" id="Description~4">Description</b></a></td>
+ </tr>
+ <tr id="CRYPTO_AES_NIST_GCM_16">
+ <td><a class="permalink" href="#CRYPTO_AES_NIST_GCM_16"><code class="Dv">CRYPTO_AES_NIST_GCM_16</code></a></td>
+ <td>12</td>
+ <td>16, 24, 32</td>
+ <td>16</td>
+ <td>AES Galois/Counter Mode</td>
+ </tr>
+ <tr id="CRYPTO_AES_CCM_16">
+ <td><a class="permalink" href="#CRYPTO_AES_CCM_16"><code class="Dv">CRYPTO_AES_CCM_16</code></a></td>
+ <td>12, 7-13</td>
+ <td>16, 24, 32</td>
+ <td>16</td>
+ <td>AES Counter with CBC-MAC</td>
+ </tr>
+ <tr id="CRYPTO_CHACHA20_POLY1305">
+ <td><a class="permalink" href="#CRYPTO_CHACHA20_POLY1305"><code class="Dv">CRYPTO_CHACHA20_POLY1305</code></a></td>
+ <td>12, 8</td>
+ <td>32</td>
+ <td>16</td>
+ <td>ChaCha20-Poly1305</td>
+ </tr>
+ <tr id="CRYPTO_XCHACHA20_POLY1305">
+ <td><a class="permalink" href="#CRYPTO_XCHACHA20_POLY1305"><code class="Dv">CRYPTO_XCHACHA20_POLY1305</code></a></td>
+ <td>24</td>
+ <td>32</td>
+ <td>16</td>
+ <td>XChaCha20-Poly1305</td>
+ </tr>
+</table>
+</section>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE
+ ALSO</a></h1>
+<p class="Pp"><a class="Xr">crypto(4)</a>, <a class="Xr">crypto(9)</a></p>
+</section>
+<section class="Sh">
+<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1>
+<p class="Pp">The <code class="Nm">crypto</code> manual page first appeared in
+ <span class="Ux">FreeBSD 10.1</span>.</p>
+</section>
+</div>
+<table class="foot">
+ <tr>
+ <td class="foot-date">January 11, 2022</td>
+ <td class="foot-os">FreeBSD 15.0</td>
+ </tr>
+</table>
generated by cgit v1.2.3 (git 2.46.0) at 2026-05-15 13:02:05 +0000