| /freebsd/crypto/krb5/src/lib/krb5/krb/ |
| H A D | ser_auth.c | 33 k5_size_authenticator(krb5_authenticator *authenticator, size_t *sizep) in k5_size_authenticator() argument
48 if (authenticator != NULL) { in k5_size_authenticator()
52 if (authenticator->client) in k5_size_authenticator()
53 kret = k5_size_principal(authenticator->client, &required); in k5_size_authenticator()
58 if (!kret && authenticator->checksum) in k5_size_authenticator()
59 kret = k5_size_checksum(authenticator->checksum, &required); in k5_size_authenticator()
62 if (!kret && authenticator->subkey) in k5_size_authenticator()
63 kret = k5_size_keyblock(authenticator->subkey, &required); in k5_size_authenticator()
66 if (!kret && authenticator->authorization_data) { in k5_size_authenticator()
69 for (i=0; !kret && authenticator->authorization_data[i]; i++) { in k5_size_authenticator()
[all …]
|
| H A D | mk_req_ext.c | 58 checksum specifies the checksum to be used in the authenticator.
101 request.authenticator.ciphertext.data = NULL; in krb5_mk_req_extended()
180 /* Generate authenticator */ in krb5_mk_req_extended()
209 /* encode the authenticator */ in krb5_mk_req_extended()
217 scratch, &request.authenticator))) in krb5_mk_req_extended()
243 if (request.authenticator.ciphertext.data) { in krb5_mk_req_extended()
244 (void) memset(request.authenticator.ciphertext.data, 0, in krb5_mk_req_extended()
245 request.authenticator.ciphertext.length); in krb5_mk_req_extended()
246 free(request.authenticator.ciphertext.data); in krb5_mk_req_extended()
357 /* Set *authdata_out to appropriate authenticator authdata for the request,
|
| /freebsd/contrib/telnet/libtelnet/ |
| H A D | auth-proto.h | 55 Authenticator *findauthenticator(int, int);
64 void auth_finished(Authenticator *, int);
80 int kerberos4_init(Authenticator *, int);
81 int kerberos4_send(Authenticator *);
82 void kerberos4_is(Authenticator *, unsigned char *, int);
83 void kerberos4_reply(Authenticator *, unsigned char *, int);
84 int kerberos4_status(Authenticator *, char *, int);
89 int kerberos5_init(Authenticator *, int);
90 int kerberos5_send_mutual(Authenticator *);
91 int kerberos5_send_oneway(Authenticator *);
[all …]
|
| H A D | auth.c | 96 static Authenticator *authenticated = 0;
110 Authenticator authenticators[] = {
178 static Authenticator NoAuth = { 0, 0, 0, 0, 0, 0, 0, 0 };
183 Authenticator *
186 Authenticator *ap = authenticators; in findauthenticator()
196 Authenticator *ap = authenticators; in auth_init()
266 Authenticator *ap; in auth_onoff()
307 Authenticator *ap; in auth_status()
337 Authenticator *ap = authenticators; in auth_request()
374 Authenticator *ap; in auth_send()
[all …]
|
| /freebsd/crypto/heimdal/appl/telnet/libtelnet/ |
| H A D | auth-proto.h | 59 Authenticator *findauthenticator (int, int);
63 void auth_finished (Authenticator *, int);
83 int unsafe_init (Authenticator *, int);
84 int unsafe_send (Authenticator *);
85 void unsafe_is (Authenticator *, unsigned char *, int);
86 void unsafe_reply (Authenticator *, unsigned char *, int);
87 int unsafe_status (Authenticator *, char *, int);
92 int sra_init (Authenticator *, int);
93 int sra_send (Authenticator *);
94 void sra_is (Authenticator *, unsigned char *, int);
[all …]
|
| H A D | auth.c | 98 static Authenticator *authenticated = 0;
109 Authenticator authenticators[] = {
172 static Authenticator NoAuth = { 0 };
177 Authenticator *
180 Authenticator *ap = authenticators; in findauthenticator()
190 Authenticator *ap = authenticators; in auth_init()
260 Authenticator *ap; in auth_onoff()
301 Authenticator *ap; in auth_status()
331 Authenticator *ap = authenticators; in auth_request()
368 Authenticator *ap; in auth_send()
[all …]
|
| /freebsd/contrib/libfido2/man/ |
| H A D | fido_cbor_info_new.3 | 184 functions return pointers to the authenticator attestation GUID,
252 length in bytes supported by the authenticator as reported in
274 If the attribute is not advertised by the authenticator, the
280 function returns the maximum length in bytes of an authenticator's
287 authenticator as reported in
290 If the attribute is not advertised by the authenticator, the
305 retries are handled internally by the authenticator and the
308 If the attribute is not advertised by the authenticator,
316 supported by the authenticator, as defined in the FIDO Registry of
326 If the attribute is not advertised by the authenticator, the
[all …]
|
| H A D | fido_dev_enable_entattest.3 | 37 .Nd CTAP 2.1 configuration authenticator API
53 CTAP 2.1 authenticator.
62 instructs the authenticator to include uniquely identifying
77 authenticator level for all known credentials.
81 the authenticator do not allow protection of U2F credentials, the
82 U2F subsystem will be disabled by the authenticator.
125 supported by the authenticator can be obtained using
129 authenticator in response to a
|
| H A D | fido2-assert.1 | 109 signed by the authenticator.
132 signed by the authenticator.
154 Asks the authenticator for user presence to be enabled or disabled.
156 Asks the authenticator for user verification to be enabled or
171 will use FIDO2 if supported by the authenticator, and fallback to
175 user verification from the authenticator.
177 was signed by the authenticator.
227 authenticator data (base64 blob);
251 authenticator data (base64 blob);
275 obtain an assertion from an authenticator a
[all...] |
| H A D | fido_dev_largeblob_get.3 | 55 allows binary blobs residing on a CTAP 2.1 authenticator to be
82 CBOR array is opaque to the authenticator.
90 function retrieves the authenticator's
117 and inserts the result in the authenticator's
141 function retrieves the authenticator's
158 function retrieves the authenticator's
171 function sets the authenticator's
214 encryption key is transmitted in the clear, and an authenticator's
|
| H A D | fido_assert_new.3 | 187 only be returned by the authenticator if user verification was
188 performed by the authenticator and multiple resident/discoverable
201 functions return pointers to the CBOR-encoded and raw authenticator data,
203 count, and authenticator data flags of statement
218 user verification was performed by the authenticator.
258 The authenticator data and signature parts of an assertion
261 The authenticator data returned by
263 is a CBOR-encoded byte string, as obtained from the authenticator.
|
| H A D | fido2-cred.1 | 69 When making a credential, the authenticator may require the user
131 level was signed by the authenticator as
141 signed by the authenticator.
174 will use FIDO2 if supported by the authenticator, and fallback to
179 was signed by the authenticator.
221 authenticator data (base64 blob);
251 authenticator data (base64 blob);
294 In the case of Basic Attestation, the validity of the authenticator's
|
| H A D | fido_cred_new.3 | 246 functions return pointers to the CBOR-encoded and raw authenticator
247 data, client data hash, ID, authenticator attestation GUID,
268 The authenticator data, x509 certificate, and signature parts of a
278 function returns the authenticator data flags of
283 function returns the authenticator data signature counter of
286 The authenticator data returned by
288 is a CBOR-encoded byte string, as obtained from the authenticator.
|
| /freebsd/contrib/wpa/hostapd/ |
| H A D | README | 2 Authenticator and RADIUS authentication server
57 server for MAC address based access control, IEEE 802.1X Authenticator
59 Authenticator and dynamic TKIP/CCMP keying.
108 IEEE 802.1X uses elements called Supplicant, Authenticator, Port
111 Server. An access point includes an Authenticator that relays the packets
113 Port Access Entity (PAE) with Authenticator functionality for
118 between a Supplicant and an Authenticator are sent using EAP over LAN
119 (EAPOL) and the Authenticator relays these frames to the Authentication
122 Authenticator, in which case there is no need for additional protocol
131 frames to be passed between the Supplicant and the Authenticator even
[all …]
|
| /freebsd/crypto/krb5/src/lib/krad/ |
| H A D | packet.c | 150 /* Generate a random authenticator field. */
169 /* Generate a response authenticator field. */
185 * authenticator and the secret at the end. */ in auth_generate_response()
226 /* Determine if a packet requires a Message-Authenticator attribute. */
231 * Message-Authenticator is required only on UDP and TCP connections. */ in requires_msgauth()
237 * Message-Authenticator is required in Access-Request packets and all in requires_msgauth()
245 /* Check if the packet has a Message-Authenticator attribute. */
253 /* Return the beginning of the Message-Authenticator attribute in pkt, or NULL
273 * Calculate the message authenticator MAC for pkt as specified in RFC 2869
274 * section 5.14, placing the result in mac_out. Use the provided authenticator
[all …]
|
| /freebsd/crypto/heimdal/lib/krb5/ |
| H A D | auth_context.c | 48 ALLOC(p->authenticator, 1); in krb5_auth_con_init()
49 if (!p->authenticator) { in krb5_auth_con_init()
54 memset (p->authenticator, 0, sizeof(*p->authenticator)); in krb5_auth_con_init()
72 krb5_free_authenticator(context, &auth_context->authenticator); in krb5_auth_con_free()
452 krb5_authenticator *authenticator) in krb5_auth_con_getauthenticator() argument
454 *authenticator = malloc(sizeof(**authenticator)); in krb5_auth_con_getauthenticator()
455 if (*authenticator == NULL) { in krb5_auth_con_getauthenticator()
460 copy_Authenticator(auth_context->authenticator, in krb5_auth_con_getauthenticator()
461 *authenticator); in krb5_auth_con_getauthenticator()
468 krb5_authenticator *authenticator) in krb5_free_authenticator() argument
[all …]
|
| H A D | rd_req.c | 73 Authenticator *authenticator, in decrypt_authenticator() argument
101 authenticator, &len); in decrypt_authenticator()
185 ad = auth_context->authenticator->authorization_data; in find_etypelist()
280 krb5_authenticator authenticator; in krb5_verify_authenticator_checksum() local
285 &authenticator); in krb5_verify_authenticator_checksum()
288 if(authenticator->cksum == NULL) { in krb5_verify_authenticator_checksum()
289 krb5_free_authenticator(context, &authenticator); in krb5_verify_authenticator_checksum()
294 krb5_free_authenticator(context, &authenticator); in krb5_verify_authenticator_checksum()
305 authenticator->cksum); in krb5_verify_authenticator_checksum()
308 krb5_free_authenticator(context, &authenticator); in krb5_verify_authenticator_checksum()
[all …]
|
| H A D | build_ap_req.c | 41 krb5_data authenticator, in krb5_build_ap_req() argument
63 ap.authenticator.etype = enctype; in krb5_build_ap_req()
64 ap.authenticator.kvno = NULL; in krb5_build_ap_req()
65 ap.authenticator.cipher = authenticator; in krb5_build_ap_req()
|
| /freebsd/contrib/wpa/src/eapol_auth/ |
| H A D | eapol_auth_sm_i.h | 2 * IEEE 802.1X-2004 Authenticator - EAPOL state machine (internal definitions)
25 * struct eapol_authenticator - Global EAPOL authenticator data
37 * struct eapol_state_machine - Per-Supplicant Authenticator state machines
64 /* Authenticator PAE state machine */
114 /* Authenticator Key Transmit state machine */
130 /* Authenticator Statistics Table */
147 /* EAPOL/AAA <-> EAP full authenticator interface */
|
| /freebsd/contrib/wpa/src/radius/ |
| H A D | radius.c | 230 { RADIUS_ATTR_MESSAGE_AUTHENTICATOR, "Message-Authenticator",
436 "WARNING: Could not add Message-Authenticator"); in radius_msg_add_msg_auth()
452 /* Use already added Message-Authenticator attribute */ in radius_msg_auth_pos()
456 /* Add a Message-Authenticator attribute */ in radius_msg_auth_pos()
497 os_memcpy(msg->hdr->authenticator, req_authenticator, in radius_msg_finish_srv()
498 sizeof(msg->hdr->authenticator)); in radius_msg_finish_srv()
512 md5_vector(4, addr, len, msg->hdr->authenticator); in radius_msg_finish_srv()
536 os_memcpy(msg->hdr->authenticator, req_hdr->authenticator, 16); in radius_msg_finish_das_resp()
546 if (md5_vector(2, addr, len, msg->hdr->authenticator) < 0) in radius_msg_finish_das_resp()
565 os_memset(msg->hdr->authenticator, 0, MD5_MAC_LEN); in radius_msg_finish_acct()
[all …]
|
| /freebsd/crypto/openssh/ |
| H A D | ssh-keygen.1 | 392 Download resident keys from a FIDO authenticator.
396 the first touched authenticator.
398 .Sx FIDO AUTHENTICATOR
490 When generating FIDO authenticator-backed keys, the options listed in the
491 .Sx FIDO AUTHENTICATOR
693 FIDO authenticator-hosted keys, overriding the default of using
1029 of user presence (e.g. by having the user touch the authenticator).
1030 This option only makes sense for the FIDO authenticator algorithms
1045 This option only makes sense for the FIDO authenticator algorithms
1069 .Sh FIDO AUTHENTICATOR
[all …]
|
| /freebsd/contrib/wpa/src/wps/ |
| H A D | wps_attr_process.c | 16 int wps_process_authenticator(struct wps_data *wps, const u8 *authenticator, in wps_process_authenticator() argument
23 if (authenticator == NULL) { in wps_process_authenticator()
24 wpa_printf(MSG_DEBUG, "WPS: No Authenticator attribute " in wps_process_authenticator()
31 "validating authenticator"); in wps_process_authenticator()
35 /* Authenticator = HMAC-SHA256_AuthKey(M_prev || M_curr*) in wps_process_authenticator()
36 * (M_curr* is M_curr without the Authenticator attribute) in wps_process_authenticator()
45 os_memcmp_const(hash, authenticator, WPS_AUTHENTICATOR_LEN) != 0) { in wps_process_authenticator()
46 wpa_printf(MSG_DEBUG, "WPS: Incorrect Authenticator"); in wps_process_authenticator()
|
| /freebsd/crypto/heimdal/doc/ |
| H A D | whatis.texi | 92 Before sending a message to @var{B}, @var{A} creates an authenticator
99 contains the session key that the authenticator was encrypted with,
100 @var{B} can now also decrypt the authenticator. To verify that @var{A}
102 with that of the authenticator. If everything matches, @var{B} now
111 An impostor, @var{C} could steal the authenticator and the ticket as it
113 @var{A}. The address in the ticket and the authenticator was added to
117 authenticator, @var{C} does not have much time in which to mount the
139 authenticator. One typical procedure is to add one to the checksum,
|
| /freebsd/contrib/libfido2/examples/ |
| H A D | info.c | 165 * Auxiliary function to print an authenticator's AAGUID on stdout.
179 * Auxiliary function to print an authenticator's maximum message size on
189 * Auxiliary function to print an authenticator's maximum number of credentials
199 * Auxiliary function to print an authenticator's maximum credential ID length
209 * Auxiliary function to print the maximum size of an authenticator's
219 * Auxiliary function to print the authenticator's estimated number of
235 * authenticator.
244 * Auxiliary function to print the authenticator's preferred (platform)
254 * Auxiliary function to print an authenticator's firmware version on stdout.
|
| H A D | README.adoc | 54 was signed by the authenticator. The device's attestation certificate
76 authenticator. The -v option requests user verification and checks
77 whether the user verification bit was signed by the authenticator.
80 specified, a FIDO2 hmac-secret is requested from the authenticator,
97 If set, libfido2 will produce a log of its transactions with the authenticator.
|