| /linux/include/uapi/linux/ |
| H A D | psp-dbc.h | 24 * struct dbc_user_nonce - Nonce exchange structure (input/output).
26 * 0: no authentication, PSP will return single use nonce.
27 * 1: authentication: PSP will return multi-use nonce.
28 * @nonce: 8 byte value used for future authentication (output).
30 * previous nonce (input).
34 __u8 nonce[DBC_NONCE_SIZE]; member
41 * @signature: 32 byte signature created by software using a previous nonce
54 * using a previous nonce (input)
87 * DBCIOCNONCE - Fetch a nonce from the PSP for authenticating commands.
88 * If a nonce is fetched without authentication it can only
[all …]
|
| /linux/include/trace/events/ |
| H A D | bpf_test_run.h | 12 TP_PROTO(int nonce),
14 TP_ARGS(nonce),
17 __field(int, nonce)
21 __entry->nonce = nonce;
24 TP_printk("nonce %d", __entry->nonce)
|
| /linux/lib/crypto/ |
| H A D | chacha20poly1305.c | 34 const u8 *key, const u8 *nonce) in xchacha_init() argument
40 memcpy(iv + 8, nonce + 16, 8); in xchacha_init()
44 /* Compute the subkey given the original key and first 128 nonce bits */ in xchacha_init()
45 chacha_init(chacha_state, k, nonce); in xchacha_init()
91 const u64 nonce, in chacha20poly1305_encrypt() argument
101 iv[1] = cpu_to_le64(nonce); in chacha20poly1305_encrypt()
114 const u8 nonce[XCHACHA20POLY1305_NONCE_SIZE], in xchacha20poly1305_encrypt()
119 xchacha_init(&chacha_state, key, nonce); in xchacha20poly1305_encrypt()
172 const u64 nonce, in chacha20poly1305_decrypt() argument
183 iv[1] = cpu_to_le64(nonce); in chacha20poly1305_decrypt()
[all …]
|
| H A D | poly1305-donna64.c | 112 void poly1305_core_emit(const struct poly1305_state *state, const u32 nonce[4], in poly1305_core_emit()
163 if (likely(nonce)) { in poly1305_core_emit()
164 /* h = (h + nonce) */ in poly1305_core_emit()
165 t0 = ((u64)nonce[1] << 32) | nonce[0]; in poly1305_core_emit()
166 t1 = ((u64)nonce[3] << 32) | nonce[2]; in poly1305_core_emit()
|
| H A D | poly1305-donna32.c | 121 void poly1305_core_emit(const struct poly1305_state *state, const u32 nonce[4], in poly1305_core_emit()
189 if (likely(nonce)) { in poly1305_core_emit()
190 /* mac = (h + nonce) % (2^128) */ in poly1305_core_emit()
191 f = (u64)h0 + nonce[0]; in poly1305_core_emit()
193 f = (u64)h1 + nonce[1] + (f >> 32); in poly1305_core_emit()
195 f = (u64)h2 + nonce[2] + (f >> 32); in poly1305_core_emit()
197 f = (u64)h3 + nonce[3] + (f >> 32); in poly1305_core_emit()
|
| /linux/include/crypto/ |
| H A D | chacha20poly1305.h | 20 const u64 nonce,
25 const u8 *ad, const size_t ad_len, const u64 nonce,
30 const u8 nonce[XCHACHA20POLY1305_NONCE_SIZE],
35 const size_t ad_len, const u8 nonce[XCHACHA20POLY1305_NONCE_SIZE],
40 const u64 nonce,
45 const u64 nonce,
|
| /linux/security/keys/trusted-keys/ |
| H A D | trusted_dcp.c | 32 * blob encryption key (BEK) and 128-bit nonce. The BEK and nonce are used to
36 * encryption engine with AES-128-ECB. The encrypted BEK, generated nonce,
48 * @nonce: Random nonce used for @payload encryption.
59 __u8 nonce[AES_KEYSIZE_128]; member
129 static int do_aead_crypto(u8 *in, u8 *out, size_t len, u8 *key, u8 *nonce, in do_aead_crypto() argument
166 aead_request_set_crypt(aead_req, &src_sg, &dst_sg, len, nonce); in do_aead_crypto()
215 get_random_bytes(b->nonce, AES_KEYSIZE_128); in trusted_dcp_seal()
219 b->nonce, true); in trusted_dcp_seal()
277 plain_blob_key, b->nonce, false); in trusted_dcp_unseal()
|
| H A D | trusted_tpm2.c | 206 * @nonce: the session nonce, may be NULL if not used
207 * @nonce_len: the session nonce length, may be 0 if not used
213 const u8 *nonce, u16 nonce_len, in tpm2_buf_append_auth() argument
221 if (nonce && nonce_len) in tpm2_buf_append_auth()
222 tpm_buf_append(buf, nonce, nonce_len); in tpm2_buf_append_auth()
518 * kernel so we don't known the nonce and thus can't in tpm2_unseal_cmd()
528 NULL /* nonce */, 0, 0, in tpm2_unseal_cmd()
|
| /linux/drivers/md/dm-vdo/indexer/ |
| H A D | config.h | 42 /* Index owner's nonce */
43 u64 nonce; member
81 /* Index owner's nonce */
82 u64 nonce; member
107 /* Index owner's nonce */
108 u64 nonce; member
|
| H A D | config.c | 82 if (saved_config->nonce != user->nonce) { in are_matching_configurations()
83 vdo_log_error("Nonce (%llu) does not match (%llu)", in are_matching_configurations()
84 (unsigned long long) saved_config->nonce, in are_matching_configurations()
85 (unsigned long long) user->nonce); in are_matching_configurations()
135 decode_u64_le(buffer, &offset, &config.nonce); in uds_validate_config_contents()
211 encode_u64_le(buffer, &offset, config->nonce); in uds_write_config_contents()
346 config->nonce = params->nonce; in uds_make_configuration()
375 vdo_log_debug(" Nonce: %llu", (unsigned long long) config->nonce); in uds_log_configuration()
|
| H A D | index-layout.c | 54 * Each save also has a unique nonce.
131 u64 nonce; member
169 u64 nonce; member
178 u64 nonce; member
281 /* Generate a primary nonce from the provided data. */
288 * Deterministically generate a secondary nonce from an existing nonce and some arbitrary data by
289 * hashing the original nonce and the data to produce a new nonce.
291 static u64 generate_secondary_nonce(u64 nonce, const void *data, size_t len) in generate_secondary_nonce() argument
293 return hash_stuff(nonce + 1, data, len); in generate_secondary_nonce()
333 super->nonce = generate_primary_nonce(super->nonce_info, in generate_super_block_data()
[all …]
|
| /linux/net/ceph/ |
| H A D | decode.c | 28 ceph_decode_copy_safe(p, end, &addr->nonce, sizeof(addr->nonce), bad); in ceph_decode_entity_addr_versioned()
63 ceph_decode_copy_safe(p, end, &addr->nonce, sizeof(addr->nonce), bad); in ceph_decode_entity_addr_legacy()
185 sizeof(addr->nonce) + in ceph_encode_entity_addr()
188 ceph_encode_copy(p, &addr->nonce, sizeof(addr->nonce)); in ceph_encode_entity_addr()
|
| /linux/drivers/md/dm-vdo/ |
| H A D | encodings.h | 95 /* The nonce of this volume */
96 nonce_t nonce; member
111 /* The nonce of this volume */
112 nonce_t nonce; member
154 __le64 nonce; member
312 nonce_t nonce; /* A given VDO instance's nonce */ member
335 /* A given VDO instance's 64-bit nonce */
336 __le64 nonce; member
475 /* The nonce for a given VDO instance */
476 nonce_t nonce; member
[all …]
|
| H A D | encodings.c | 253 nonce_t nonce; in decode_volume_geometry() local
261 decode_u64_le(buffer, offset, &nonce); in decode_volume_geometry()
262 geometry->nonce = nonce; in decode_volume_geometry()
335 struct block_map_page *vdo_format_block_map_page(void *buffer, nonce_t nonce, in vdo_format_block_map_page() argument
343 page->header.nonce = __cpu_to_le64(nonce); in vdo_format_block_map_page()
350 nonce_t nonce, in vdo_validate_block_map_page() argument
357 !page->header.initialized || (nonce != __le64_to_cpu(page->header.nonce))) in vdo_validate_block_map_page()
1107 .nonce = __cpu_to_le64(component.nonce), in pack_vdo_component()
1153 .nonce = __le64_to_cpu(component.nonce), in unpack_vdo_component_41_0()
1363 * @geometry_nonce: The nonce from the geometry block.
[all …]
|
| /linux/include/crypto/internal/ |
| H A D | poly1305.h | 15 * full blocks, or 0 for the final block if it had to be padded. If 'nonce' is
30 void poly1305_core_emit(const struct poly1305_state *state, const u32 nonce[4],
51 const u32 nonce[4]) in poly1305_emit_generic()
53 poly1305_core_emit(state, nonce, digest); in poly1305_emit_generic()
|
| /linux/lib/crypto/powerpc/ |
| H A D | poly1305.h | 15 asmlinkage void poly1305_emit_64(const struct poly1305_state *state, const u32 nonce[4], u8 digest[…
62 u8 digest[POLY1305_DIGEST_SIZE], const u32 nonce[4]) in poly1305_emit()
65 return poly1305_emit_generic(state, digest, nonce); in poly1305_emit()
66 poly1305_emit_64(state, nonce, digest); in poly1305_emit()
|
| /linux/include/net/ |
| H A D | amt.h | 117 __be32 nonce; member
132 __be32 nonce; member
152 __be32 nonce; member
173 __be32 nonce; member
190 __be32 nonce; member
249 __be32 nonce; member
356 __be32 nonce; member
|
| /linux/net/dccp/ |
| H A D | ackvec.h | |
| /linux/tools/crypto/ccp/ |
| H A D | dbc_cli.py | 46 choices=["get-nonce", "get-param", "set-param", "set-uid"],
96 if args.command == "get-nonce":
98 nonce = get_nonce(d, sig) variable
99 print("Nonce: %s" % _pretty_buffer(bytes(nonce)))
|
| /linux/fs/crypto/ |
| H A D | policy.c | 114 if (mode->ivsize < offsetofend(union fscrypt_iv, nonce)) { in supported_direct_key_modes()
320 * @nonce: nonce to use
323 * encryption policy. @nonce must be a new random nonce.
329 const u8 nonce[FSCRYPT_FILE_NONCE_SIZE]) in fscrypt_new_context()
347 memcpy(ctx->nonce, nonce, FSCRYPT_FILE_NONCE_SIZE); in fscrypt_new_context()
364 memcpy(ctx->nonce, nonce, FSCRYPT_FILE_NONCE_SIZE); in fscrypt_new_context()
461 u8 nonce[FSCRYPT_FILE_NONCE_SIZE]; in set_encryption_policy() local
499 get_random_bytes(nonce, FSCRYPT_FILE_NONCE_SIZE); in set_encryption_policy()
500 ctxsize = fscrypt_new_context(&ctx, policy, nonce); in set_encryption_policy()
621 /* FS_IOC_GET_ENCRYPTION_NONCE: retrieve file's encryption nonce for testing */
[all …]
|
| /linux/drivers/crypto/caam/ |
| H A D | caamalg_desc.h | 20 /* Note: Nonce is counted in cdata.keylen */
60 u32 *nonce, const u32 ctx1_iv_off,
66 const bool is_rfc3686, u32 *nonce,
72 u32 *nonce, const u32 ctx1_iv_off,
|
| H A D | caamalg_desc.c | 213 const bool is_rfc3686, u32 *nonce, int era) in init_sh_desc_key_aead() argument
227 * | key = {AUTH_KEY, ENC_KEY, NONCE} in init_sh_desc_key_aead()
228 * | enckeylen = encryption key size + nonce size in init_sh_desc_key_aead()
255 append_load_as_imm(desc, nonce, CTR_RFC3686_NONCE_SIZE, in init_sh_desc_key_aead()
283 * @nonce: pointer to rfc3686 nonce
291 u32 *nonce, const u32 ctx1_iv_off, const bool is_qi, in cnstr_shdsc_aead_encap() argument
295 init_sh_desc_key_aead(desc, cdata, adata, is_rfc3686, nonce, era); in cnstr_shdsc_aead_encap()
378 * @nonce: pointer to rfc3686 nonce
386 const bool is_rfc3686, u32 *nonce, in cnstr_shdsc_aead_decap() argument
390 init_sh_desc_key_aead(desc, cdata, adata, is_rfc3686, nonce, era); in cnstr_shdsc_aead_decap()
[all …]
|
| /linux/lib/crypto/x86/ |
| H A D | poly1305.h | 68 const u32 nonce[4]);
71 const u32 nonce[4]);
135 u8 mac[POLY1305_DIGEST_SIZE], const u32 nonce[4]) in poly1305_emit()
138 poly1305_emit_x86_64(ctx, mac, nonce); in poly1305_emit()
140 poly1305_emit_avx(ctx, mac, nonce); in poly1305_emit()
|
| /linux/net/rxrpc/ |
| H A D | rxgk.c | 638 size_t len = sizeof(*whdr) + sizeof(conn->rxgk.nonce); in rxgk_issue_challenge()
644 get_random_bytes(&conn->rxgk.nonce, sizeof(conn->rxgk.nonce)); in rxgk_issue_challenge()
647 page = rxgk_alloc_packet(sizeof(*whdr) + sizeof(conn->rxgk.nonce)); in rxgk_issue_challenge()
672 memcpy(whdr + 1, conn->rxgk.nonce, sizeof(conn->rxgk.nonce)); in rxgk_issue_challenge()
677 trace_rxrpc_tx_challenge(conn, serial, 0, *(u32 *)&conn->rxgk.nonce); in rxgk_issue_challenge()
703 u8 nonce[20]; in rxgk_validate_challenge() local
718 nonce, sizeof(nonce)) < 0) { in rxgk_validate_challenge()
724 trace_rxrpc_rx_challenge(conn, sp->hdr.serial, 0, *(u32 *)nonce, 0); in rxgk_validate_challenge()
821 * opaque nonce[20];
836 u8 nonce[20]; in rxgk_construct_authenticator() member
[all …]
|
| /linux/lib/crypto/riscv/ |
| H A D | poly1305-riscv.pl | 250 my ($ctx,$mac,$nonce) = ($a0,$a1,$a2);
289 lwu $tmp0,0($nonce) # load nonce
290 lwu $tmp1,4($nonce)
291 lwu $tmp2,8($nonce)
292 lwu $tmp3,12($nonce)
298 add $in0,$in0,$tmp0 # accumulate nonce
712 my ($ctx,$mac,$nonce,$tmp4) = ($a0,$a1,$a2,$a3);
767 lw $tmp0,0($nonce) # load nonce
768 lw $tmp1,4($nonce)
769 lw $tmp2,8($nonce)
[all …]
|