Home
last modified time | relevance | path

Searched full:nonce (Results 1 – 25 of 126) sorted by relevance

123456

/linux/include/uapi/linux/
H A Dpsp-dbc.h24 * struct dbc_user_nonce - Nonce exchange structure (input/output).
26 * 0: no authentication, PSP will return single use nonce.
27 * 1: authentication: PSP will return multi-use nonce.
28 * @nonce: 8 byte value used for future authentication (output).
30 * previous nonce (input).
34 __u8 nonce[DBC_NONCE_SIZE]; member
41 * @signature: 32 byte signature created by software using a previous nonce
54 * using a previous nonce (input)
87 * DBCIOCNONCE - Fetch a nonce from the PSP for authenticating commands.
88 * If a nonce is fetched without authentication it can only
[all …]
/linux/include/trace/events/
H A Dbpf_test_run.h12 TP_PROTO(int nonce),
14 TP_ARGS(nonce),
17 __field(int, nonce)
21 __entry->nonce = nonce;
24 TP_printk("nonce %d", __entry->nonce)
/linux/security/keys/trusted-keys/
H A Dtrusted_dcp.c32 * blob encryption key (BEK) and 128-bit nonce. The BEK and nonce are used to
36 * encryption engine with AES-128-ECB. The encrypted BEK, generated nonce,
48 * @nonce: Random nonce used for @payload encryption.
59 __u8 nonce[AES_KEYSIZE_128]; member
129 static int do_aead_crypto(u8 *in, u8 *out, size_t len, u8 *key, u8 *nonce, in do_aead_crypto() argument
166 aead_request_set_crypt(aead_req, &src_sg, &dst_sg, len, nonce); in do_aead_crypto()
215 get_random_bytes(b->nonce, AES_KEYSIZE_128); in trusted_dcp_seal()
219 b->nonce, true); in trusted_dcp_seal()
277 plain_blob_key, b->nonce, false); in trusted_dcp_unseal()
H A Dtrusted_tpm2.c198 * @nonce: the session nonce, may be NULL if not used
199 * @nonce_len: the session nonce length, may be 0 if not used
205 const u8 *nonce, u16 nonce_len, in tpm2_buf_append_auth() argument
213 if (nonce && nonce_len) in tpm2_buf_append_auth()
214 tpm_buf_append(buf, nonce, nonce_len); in tpm2_buf_append_auth()
512 * kernel so we don't known the nonce and thus can't in tpm2_unseal_cmd()
522 NULL /* nonce */, 0, 0, in tpm2_unseal_cmd()
/linux/drivers/md/dm-vdo/indexer/
H A Dconfig.h42 /* Index owner's nonce */
43 u64 nonce; member
81 /* Index owner's nonce */
82 u64 nonce; member
107 /* Index owner's nonce */
108 u64 nonce; member
/linux/net/ceph/
H A Ddecode.c28 ceph_decode_copy_safe(p, end, &addr->nonce, sizeof(addr->nonce), bad); in ceph_decode_entity_addr_versioned()
63 ceph_decode_copy_safe(p, end, &addr->nonce, sizeof(addr->nonce), bad); in ceph_decode_entity_addr_legacy()
185 sizeof(addr->nonce) + in ceph_encode_entity_addr()
188 ceph_encode_copy(p, &addr->nonce, sizeof(addr->nonce)); in ceph_encode_entity_addr()
/linux/lib/crypto/
H A Dpoly1305-donna64.c112 void poly1305_core_emit(const struct poly1305_state *state, const u32 nonce[4], in poly1305_core_emit()
163 if (likely(nonce)) { in poly1305_core_emit()
164 /* h = (h + nonce) */ in poly1305_core_emit()
165 t0 = ((u64)nonce[1] << 32) | nonce[0]; in poly1305_core_emit()
166 t1 = ((u64)nonce[3] << 32) | nonce[2]; in poly1305_core_emit()
H A Dpoly1305-donna32.c121 void poly1305_core_emit(const struct poly1305_state *state, const u32 nonce[4], in poly1305_core_emit()
189 if (likely(nonce)) { in poly1305_core_emit()
190 /* mac = (h + nonce) % (2^128) */ in poly1305_core_emit()
191 f = (u64)h0 + nonce[0]; in poly1305_core_emit()
193 f = (u64)h1 + nonce[1] + (f >> 32); in poly1305_core_emit()
195 f = (u64)h2 + nonce[2] + (f >> 32); in poly1305_core_emit()
197 f = (u64)h3 + nonce[3] + (f >> 32); in poly1305_core_emit()
/linux/include/crypto/internal/
H A Dpoly1305.h15 * full blocks, or 0 for the final block if it had to be padded. If 'nonce' is
30 void poly1305_core_emit(const struct poly1305_state *state, const u32 nonce[4],
51 const u32 nonce[4]) in poly1305_emit_generic()
53 poly1305_core_emit(state, nonce, digest); in poly1305_emit_generic()
/linux/include/net/
H A Damt.h117 __be32 nonce; member
132 __be32 nonce; member
152 __be32 nonce; member
173 __be32 nonce; member
190 __be32 nonce; member
249 __be32 nonce; member
356 __be32 nonce; member
/linux/lib/crypto/powerpc/
H A Dpoly1305.h15 asmlinkage void poly1305_emit_64(const struct poly1305_state *state, const u32 nonce[4], u8 digest[…
62 u8 digest[POLY1305_DIGEST_SIZE], const u32 nonce[4]) in poly1305_emit()
65 return poly1305_emit_generic(state, digest, nonce); in poly1305_emit()
66 poly1305_emit_64(state, nonce, digest); in poly1305_emit()
/linux/net/dccp/
H A Dackvec.h
/linux/tools/crypto/ccp/
H A Ddbc_cli.py46 choices=["get-nonce", "get-param", "set-param", "set-uid"],
96 if args.command == "get-nonce":
98 nonce = get_nonce(d, sig) variable
99 print("Nonce: %s" % _pretty_buffer(bytes(nonce)))
H A Dtest_dbc.py59 """fetch unauthenticated nonce"""
81 # 0x1 (get nonce), and invalid data
131 """fetch unauthenticated nonce"""
135 """ensure state machine always returns nonce"""
140 """fetch authenticated nonce"""
H A Ddbc.c34 memcpy(nonce_out, tmp.nonce, sizeof(tmp.nonce)); in get_nonce()
/linux/fs/crypto/
H A Dpolicy.c114 if (mode->ivsize < offsetofend(union fscrypt_iv, nonce)) { in supported_direct_key_modes()
320 * @nonce: nonce to use
323 * encryption policy. @nonce must be a new random nonce.
329 const u8 nonce[FSCRYPT_FILE_NONCE_SIZE]) in fscrypt_new_context()
347 memcpy(ctx->nonce, nonce, FSCRYPT_FILE_NONCE_SIZE); in fscrypt_new_context()
364 memcpy(ctx->nonce, nonce, FSCRYPT_FILE_NONCE_SIZE); in fscrypt_new_context()
461 u8 nonce[FSCRYPT_FILE_NONCE_SIZE]; in set_encryption_policy() local
499 get_random_bytes(nonce, FSCRYPT_FILE_NONCE_SIZE); in set_encryption_policy()
500 ctxsize = fscrypt_new_context(&ctx, policy, nonce); in set_encryption_policy()
621 /* FS_IOC_GET_ENCRYPTION_NONCE: retrieve file's encryption nonce for testing */
[all …]
/linux/lib/crypto/x86/
H A Dpoly1305.h68 const u32 nonce[4]);
71 const u32 nonce[4]);
135 u8 mac[POLY1305_DIGEST_SIZE], const u32 nonce[4]) in poly1305_emit()
138 poly1305_emit_x86_64(ctx, mac, nonce); in poly1305_emit()
140 poly1305_emit_avx(ctx, mac, nonce); in poly1305_emit()
/linux/drivers/crypto/caam/
H A Dcaamalg_desc.h20 /* Note: Nonce is counted in cdata.keylen */
63 u32 *nonce, const u32 ctx1_iv_off,
69 const bool is_rfc3686, u32 *nonce,
75 u32 *nonce, const u32 ctx1_iv_off,
H A Dcaamalg_desc.c214 const bool is_rfc3686, u32 *nonce, int era) in init_sh_desc_key_aead() argument
228 * | key = {AUTH_KEY, ENC_KEY, NONCE} in init_sh_desc_key_aead()
229 * | enckeylen = encryption key size + nonce size in init_sh_desc_key_aead()
256 append_load_as_imm(desc, nonce, CTR_RFC3686_NONCE_SIZE, in init_sh_desc_key_aead()
284 * @nonce: pointer to rfc3686 nonce
292 u32 *nonce, const u32 ctx1_iv_off, const bool is_qi, in cnstr_shdsc_aead_encap() argument
296 init_sh_desc_key_aead(desc, cdata, adata, is_rfc3686, nonce, era); in cnstr_shdsc_aead_encap()
379 * @nonce: pointer to rfc3686 nonce
387 const bool is_rfc3686, u32 *nonce, in cnstr_shdsc_aead_decap() argument
391 init_sh_desc_key_aead(desc, cdata, adata, is_rfc3686, nonce, era); in cnstr_shdsc_aead_decap()
[all …]
/linux/net/rxrpc/
H A Drxgk.c646 size_t len = sizeof(*whdr) + sizeof(conn->rxgk.nonce); in rxgk_issue_challenge()
652 get_random_bytes(&conn->rxgk.nonce, sizeof(conn->rxgk.nonce)); in rxgk_issue_challenge()
655 page = rxgk_alloc_packet(sizeof(*whdr) + sizeof(conn->rxgk.nonce)); in rxgk_issue_challenge()
680 memcpy(whdr + 1, conn->rxgk.nonce, sizeof(conn->rxgk.nonce)); in rxgk_issue_challenge()
685 trace_rxrpc_tx_challenge(conn, serial, 0, *(u32 *)&conn->rxgk.nonce); in rxgk_issue_challenge()
712 u8 nonce[20]; in rxgk_validate_challenge()
727 nonce, sizeof(nonce)) < in rxgk_validate_challenge()
711 u8 nonce[20]; rxgk_validate_challenge() local
844 u8 nonce[20]; rxgk_construct_authenticator() member
[all...]
/linux/lib/crypto/riscv/
H A Dpoly1305-riscv.pl250 my ($ctx,$mac,$nonce) = ($a0,$a1,$a2);
289 lwu $tmp0,0($nonce) # load nonce
290 lwu $tmp1,4($nonce)
291 lwu $tmp2,8($nonce)
292 lwu $tmp3,12($nonce)
298 add $in0,$in0,$tmp0 # accumulate nonce
712 my ($ctx,$mac,$nonce,$tmp4) = ($a0,$a1,$a2,$a3);
767 lw $tmp0,0($nonce) # load nonce
768 lw $tmp1,4($nonce)
769 lw $tmp2,8($nonce)
[all …]
/linux/include/crypto/
H A Dchacha.h5 * XChaCha extends ChaCha's nonce to 192 bits, while provably retaining ChaCha's
22 /* 32-bit stream position, then 96-bit nonce (RFC7539 convention) */
33 /* 192-bit nonce, then 64-bit stream position */
/linux/drivers/gpu/drm/radeon/
H A Dvce_v1_0.c47 uint32_t nonce[4]; member
190 data[0] = sign->val[i].nonce[0]; in vce_v1_0_load_fw()
191 data[1] = sign->val[i].nonce[1]; in vce_v1_0_load_fw()
192 data[2] = sign->val[i].nonce[2]; in vce_v1_0_load_fw()
193 data[3] = sign->val[i].nonce[3]; in vce_v1_0_load_fw()
/linux/drivers/net/wireguard/selftest/
H A Dcounter.c15 pr_err("nonce counter self-test malloc: FAIL\n"); in wg_packet_counter_selftest()
27 pr_err("nonce counter self-test %u: FAIL\n", \ in wg_packet_counter_selftest()
107 pr_info("nonce counter self-tests: pass\n"); in wg_packet_counter_selftest()
/linux/tools/testing/selftests/tpm2/
H A Dtpm2.py251 def __init__(self, session_handle=TPM2_RS_PW, nonce=bytes(), argument
254 self.nonce = nonce
259 fmt = '>I H%us B H%us' % (len(self.nonce), len(self.hmac))
260 return struct.pack(fmt, self.session_handle, len(self.nonce),
261 self.nonce, self.session_attributes, len(self.hmac),
265 fmt = '>I H%us B H%us' % (len(self.nonce), len(self.hmac))

123456