Home
last modified time | relevance | path

Searched full:secret (Results 1 – 25 of 710) sorted by relevance

12345678910>>...29

/freebsd/crypto/openssl/test/ssl-tests/
H A D30-extended-master-secret.cnf5 test-0 = 0-disable-extended-master-secret-server-sha
6 test-1 = 1-disable-extended-master-secret-client-sha
7 test-2 = 2-disable-extended-master-secret-both-sha
8 test-3 = 3-disable-extended-master-secret-both-resume
9 test-4 = 4-disable-extended-master-secret-server-sha2
10 test-5 = 5-disable-extended-master-secret-client-sha2
11 test-6 = 6-disable-extended-master-secret-both-sha2
14 [0-disable-extended-master-secret-server-sha]
15 ssl_conf = 0-disable-extended-master-secret-server-sha-ssl
17 [0-disable-extended-master-secret-server-sha-ssl]
[all …]
/freebsd/crypto/libecc/src/examples/sss/
H A Dsss.c16 * (Shamir's Secret Sharing) scheme based on libecc arithmetic
20 * Secret sharing allows to combine some shares (at least k among n >= k)
21 * to regenerate a secret. The current code also ensures the integrity
70 * that all our shares and secret lie in Fp, and hence are < p,
115 /* Cleanup secret data */ in _sss_derive_seed()
124 /* SSS shares and secret generation */
125 …tatic int _sss_raw_generate(sss_share *shares, u16 k, u16 n, sss_secret *secret, boolean input_sec… in _sss_raw_generate() argument
142 MUST_HAVE((shares != NULL) && (secret != NULL), ret, err); in _sss_raw_generate()
153 /* Generate a secret seed of the size of the secret that will be our base to in _sss_raw_generate()
158 * source, we prefer to derive them from a single secret seed in order to optimize in _sss_raw_generate()
[all …]
H A Dsss.h37 /* The final secret size in bytes, corresponding to the
44 unsigned char secret[SSS_SECRET_SIZE]; member
57 /* Security wrapper for the secret for "secured" SSS */
65 /* SSS shares and secret generation:
68 * - k: the quorum of shares to regenerate the secret (of course k <= n)
69 * - secret: the secret value when input_secret is set to 'true'
72 * - secret: the secret value when input_secret is set to 'false', this
75 …erate(sss_share *shares, unsigned short k, unsigned short n, sss_secret *secret, boolean input_sec…
77 /* SSS shares and secret combination
79 * - k: the quorum of shares to regenerate the secret
[all …]
/freebsd/contrib/llvm-project/llvm/lib/Support/
H A Dxxhash.cpp226 const uint8_t *secret, uint64_t seed) { in XXH3_len_1to3_64b() argument
233 (uint64_t)(endian::read32le(secret) ^ endian::read32le(secret + 4)) + in XXH3_len_1to3_64b()
239 const uint8_t *secret, uint64_t seed) { in XXH3_len_4to8_64b() argument
244 (endian::read64le(secret + 8) ^ endian::read64le(secret + 16)) - seed; in XXH3_len_4to8_64b()
256 const uint8_t *secret, uint64_t const seed) { in XXH3_len_9to16_64b() argument
258 (endian::read64le(secret + 24) ^ endian::read64le(secret + 32)) + seed; in XXH3_len_9to16_64b()
260 (endian::read64le(secret + 40) ^ endian::read64le(secret + 48)) - seed; in XXH3_len_9to16_64b()
270 const uint8_t *secret, uint64_t const seed) { in XXH3_len_0to16_64b() argument
272 return XXH3_len_9to16_64b(input, len, secret, seed); in XXH3_len_0to16_64b()
274 return XXH3_len_4to8_64b(input, len, secret, seed); in XXH3_len_0to16_64b()
[all …]
/freebsd/contrib/unbound/util/
H A Dedns.c140 edns_cookie_server_hash(const uint8_t* in, const uint8_t* secret, int v4, in edns_cookie_server_hash() argument
143 v4?siphash(in, 20, secret, hash, 8):siphash(in, 32, secret, hash, 8); in edns_cookie_server_hash()
148 edns_cookie_server_write(uint8_t* buf, const uint8_t* secret, int v4, in edns_cookie_server_write() argument
157 (void)edns_cookie_server_hash(buf, secret, v4, hash); in edns_cookie_server_write()
163 const uint8_t* secret, size_t secret_len, int v4, in edns_cookie_server_validate() argument
185 if(memcmp(edns_cookie_server_hash(hash_input, secret, v4, hash), in edns_cookie_server_validate()
222 /** Read the cookie secret file */
227 char secret[UNBOUND_COOKIE_SECRET_SIZE * 2 + 2/*'\n' and '\0'*/]; in cookie_secret_file_read() local
238 log_err("Could not read cookie-secret-file '%s': %s", in cookie_secret_file_read()
244 /* cookie secret file exists and is readable */ in cookie_secret_file_read()
[all …]
H A Dedns.h84 /** cookie secret */
89 * The cookie secrets from the cookie-secret-file.
148 * @param secret: the server secret; implicit length of 16 octets.
153 uint8_t* edns_cookie_server_hash(const uint8_t* in, const uint8_t* secret,
170 * @param secret: the server secret; implicit length of 16 octets.
174 void edns_cookie_server_write(uint8_t* buf, const uint8_t* secret, int v4,
181 * @param secret: pointer to the server secret.
182 * @param secret_len: the length of the secret.
191 size_t cookie_len, const uint8_t* secret, size_t secret_len, int v4,
233 * Add a cookie secret. If there are no secrets yet, the secret will become
[all …]
/freebsd/contrib/bearssl/inc/
H A Dbearssl_prf.h52 * The PRF always uses as input three parameters: a "secret" (some
85 * \param secret secret value (key) for this computation.
86 * \param secret_len length of "secret" (in bytes).
89 * \param seed seed chnks for this computation (usually non-secret).
92 const void *secret, size_t secret_len, const char *label,
103 * \param secret secret value (key) for this computation.
104 * \param secret_len length of "secret" (in bytes).
107 * \param seed seed chnks for this computation (usually non-secret).
110 const void *secret, size_t secret_len, const char *label,
121 * \param secret secret value (key) for this computation.
[all …]
/freebsd/contrib/libfido2/src/
H A Decdh.c21 hkdf_sha256(uint8_t *key, const char *info, const fido_blob_t *secret) in hkdf_sha256() argument
28 HKDF(key, SHA256_DIGEST_LENGTH, md, secret->ptr, secret->len, salt, in hkdf_sha256()
36 hkdf_sha256(uint8_t *key, char *info, fido_blob_t *secret) in hkdf_sha256() argument
46 if (secret->len > INT_MAX || strlen(info) > INT_MAX) { in hkdf_sha256()
59 EVP_PKEY_CTX_set1_hkdf_key(ctx, secret->ptr, (int)secret->len) < 1 || in hkdf_sha256()
81 kdf(uint8_t prot, fido_blob_t *key, /* const */ fido_blob_t *secret) in kdf() argument
88 /* use sha256 on the resulting secret */ in kdf()
91 SHA256(secret->ptr, secret->len, key->ptr) != key->ptr) { in kdf()
97 /* use two instances of hkdf-sha256 on the resulting secret */ in kdf()
100 hkdf_sha256(key->ptr, hmac_info, secret) < 0 || in kdf()
[all …]
/freebsd/crypto/openssl/demos/keyexch/
H A Dx25519.c55 unsigned char *secret; /* allocated shared secret buffer */ member
115 * secret is pointed to by *secret. The caller must free it.
127 local_peer->secret = NULL; in keyexch_x25519_after()
157 /* Determine the secret length. */ in keyexch_x25519_after()
164 * We are using X25519, so the secret generated will always be 32 bytes. in keyexch_x25519_after()
169 fprintf(stderr, "Secret is always 32 bytes for X25519\n"); in keyexch_x25519_after()
174 local_peer->secret = OPENSSL_malloc(local_peer->secret_len); in keyexch_x25519_after()
175 if (local_peer->secret == NULL) { in keyexch_x25519_after()
176 fprintf(stderr, "Could not allocate memory for secret\n"); in keyexch_x25519_after()
180 /* Derive the shared secret. */ in keyexch_x25519_after()
[all …]
/freebsd/lib/geom/shsec/
H A Dgshsec.830 .Nd "control utility for shared secret devices"
59 utility is used for setting up a device which contains a shared secret.
60 The secret is shared between the given providers.
61 To collect the secret, all providers are needed.
69 Set up a shared secret device from the given components with the specified
73 Turn off an existing shared secret device by its
97 Force the removal of the specified shared secret device.
106 The following example shows how to create a shared secret device.
107 The secret will be split between a slice on a local disk and a USB Pen drive.
109 gshsec label -v secret /de
[all...]
/freebsd/crypto/openssl/providers/implementations/kdfs/
H A Dtls1_prf.c18 * PRF(secret, label, seed) = P_MD5(S1, label + seed) XOR
22 * two halves of the secret (with the possibility of one shared byte, in the
23 * case where the length of the original secret is odd). S1 is taken from the
24 * first half of the secret, S2 from the second half.
28 * PRF(secret, label, seed) = P_<hash>(secret, label + seed)
35 * a secret and seed into an arbitrary quantity of output:
37 * P_<hash>(secret, seed) = HMAC_<hash>(secret, A(1) + seed) +
38 * HMAC_<hash>(secret, A(2) + seed) +
39 * HMAC_<hash>(secret, A(3) + seed) + ...
46 * A(i) = HMAC_<hash>(secret, A(i-1))
[all …]
/freebsd/crypto/openssl/ssl/
H A Dtls13_enc.c28 * Given a |secret|; a |label| of length |labellen|; and |data| of length
30 * secret |outlen| bytes long and store it in the location pointed to be |out|.
34 int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret, in tls13_hkdf_expand() argument
81 (unsigned char *)secret, hashlen); in tls13_hkdf_expand()
107 * Given a |secret| generate a |key| of length |keylen| bytes. Returns 1 on
110 int tls13_derive_key(SSL *s, const EVP_MD *md, const unsigned char *secret, in tls13_derive_key() argument
119 return tls13_hkdf_expand(s, md, secret, keylabel, sizeof(keylabel) - 1, in tls13_derive_key()
124 * Given a |secret| generate an |iv| of length |ivlen| bytes. Returns 1 on
127 int tls13_derive_iv(SSL *s, const EVP_MD *md, const unsigned char *secret, in tls13_derive_iv() argument
136 return tls13_hkdf_expand(s, md, secret, ivlabel, sizeof(ivlabel) - 1, in tls13_derive_iv()
[all …]
/freebsd/contrib/wpa/src/crypto/
H A Dsha256-tlsprf.c17 * @secret: Key for PRF
29 int tls_prf_sha256(const u8 *secret, size_t secret_len, const char *label, in tls_prf_sha256() argument
48 * A(0) = seed, A(i) = HMAC(secret, A(i-1)) in tls_prf_sha256()
49 * P_hash = HMAC(secret, A(1) + seed) + HMAC(secret, A(2) + seed) + .. in tls_prf_sha256()
50 * PRF(secret, label, seed) = P_SHA256(secret, label + seed) in tls_prf_sha256()
53 if (hmac_sha256_vector(secret, secret_len, 2, &addr[1], &len[1], A) < 0) in tls_prf_sha256()
58 if (hmac_sha256_vector(secret, secret_len, 3, addr, len, P) < in tls_prf_sha256()
60 hmac_sha256(secret, secret_len, A, SHA256_MAC_LEN, A) < 0) in tls_prf_sha256()
H A Dsha384-tlsprf.c17 * @secret: Key for PRF
29 int tls_prf_sha384(const u8 *secret, size_t secret_len, const char *label, in tls_prf_sha384() argument
48 * A(0) = seed, A(i) = HMAC(secret, A(i-1)) in tls_prf_sha384()
49 * P_hash = HMAC(secret, A(1) + seed) + HMAC(secret, A(2) + seed) + .. in tls_prf_sha384()
50 * PRF(secret, label, seed) = P_SHA384(secret, label + seed) in tls_prf_sha384()
53 if (hmac_sha384_vector(secret, secret_len, 2, &addr[1], &len[1], A) < 0) in tls_prf_sha384()
58 if (hmac_sha384_vector(secret, secret_len, 3, addr, len, P) < in tls_prf_sha384()
60 hmac_sha384(secret, secret_len, A, SHA384_MAC_LEN, A) < 0) in tls_prf_sha384()
/freebsd/crypto/openssl/test/recipes/
H A D70-test_tlsextms.t51 #Test 1: By default server and client should send extended master secret
60 checkmessages(1, "Default extended master secret test", 1, 1, 1);
62 #Test 2: If client omits extended master secret extension, server should too.
70 checkmessages(2, "No client extension extended master secret test", 0, 0, 1);
79 checkmessages(3, "No ticket extended master secret test", 1, 1, 1);
88 checkmessages(4, "No ticket, no client extension extended master secret test", 0, 0, 1);
90 #Test 5: Session resumption extended master secret test
104 checkmessages(5, "Session resumption extended master secret test", 1, 1, 0);
107 #Test 6: Session resumption extended master secret test original session
122 checkmessages(6, "Session resumption extended master secret test", 1, 1, 1);
[all …]
/freebsd/sys/crypto/
H A Dcurve25519.h38 bool curve25519(uint8_t *public, const uint8_t *secret,
41 const uint8_t *secret);
44 curve25519_clamp_secret(uint8_t *secret) in curve25519_clamp_secret() argument
46 secret[0] &= 248; in curve25519_clamp_secret()
47 secret[31] &= 127; in curve25519_clamp_secret()
48 secret[31] |= 64; in curve25519_clamp_secret()
52 curve25519_generate_secret(uint8_t *secret) in curve25519_generate_secret() argument
54 arc4random_buf(secret, CURVE25519_KEY_SIZE); in curve25519_generate_secret()
55 curve25519_clamp_secret(secret); in curve25519_generate_secret()
/freebsd/crypto/openssl/test/recipes/30-test_evp_data/
H A Devppkey_kdf_tls1_prf.txt18 Ctrl.Secret = hexsecret:bded7fa5c1699c010be23dd06ada3a48349f21e5f86263d512c0c5cc379f0e780ec55d9844b…
19 Ctrl.label = seed:master secret
26 Ctrl.Secret = hexsecret:2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a…
32 # Missing secret.
43 Ctrl.Secret = hexsecret:f8938ecc9edebc5030c0c6a441e213cd24e6f770a50dda07876f8d55da062bcadb386b411fd…
44 Ctrl.label = seed:master secret
51 Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a0…
60 Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a0…
68 Ctrl.Secret = hexsecret:01
/freebsd/sys/contrib/zstd/lib/common/
H A Dxxhash.h774 * default 64-bit variant, using default secret and default seed of 0.
780 * This variant generates a custom secret on the fly
781 * based on default secret altered using the `seed` value.
788 * The bare minimum size for a custom secret.
798 * It's possible to provide any blob of bytes as a "secret" to generate the hash.
801 * However, the quality of the secret impacts the dispersion of the hash algorithm.
802 * Therefore, the secret _must_ look like a bunch of random bytes.
806 * It will generate a proper high entropy secret derived from the blob of bytes.
811 * because, when hashing _small_ inputs, only a portion of the secret is employed.
813 XXH_PUBLIC_API XXH64_hash_t XXH3_64bits_withSecret(const void* data, size_t len, const void* secret
[all …]
/freebsd/lib/librpcsvc/
H A Dxcrypt.c52 * Encrypt a secret key given passwd
53 * The secret key is passed and returned in hex notation.
57 xencrypt(char *secret, char *passwd) in xencrypt() argument
65 len = strlen(secret) / 2; in xencrypt()
70 hex2bin(len, secret, buf); in xencrypt()
79 bin2hex(len, (unsigned char *) buf, secret); in xencrypt()
85 * Decrypt secret key using passwd
86 * The secret key is passed and returned in hex notation.
90 xdecrypt(char *secret, char *passwd) in xdecrypt() argument
98 len = strlen(secret) / 2; in xdecrypt()
[all …]
/freebsd/crypto/openssl/doc/man7/
H A DEVP_KEYEXCH-DH.pod26 If padding is off then the derived shared secret may be smaller than the
27 largest possible secret size.
28 If padding is on then the derived shared secret will have its first bytes
29 filled with zeros where necessary to make the shared secret the same size as
30 the largest possible secret size.
84 To derive a shared secret on the host using the host's key and the peer's public
92 unsigned char *secret = NULL;
107 secret = OPENSSL_zalloc(secret_len);
109 EVP_PKEY_derive(dctx, secret, &secret_len);
111 OPENSSL_clear_free(secret, secret_len);
[all …]
H A DEVP_KDF-SS.pod10 SSKDF derives a key using input such as a shared secret key (that was generated
58 This parameter set the shared secret that is used for key derivation.
78 This example derives 10 bytes using H(x) = SHA-256, with the secret key "secret"
93 "secret", (size_t)6);
103 This example derives 10 bytes using H(x) = HMAC(SHA-256), with the secret key "secret",
120 "secret", (size_t)6);
132 This example derives 10 bytes using H(x) = KMAC128(x,salt,outlen), with the secret key "secret"
147 "secret", (size_t)6);
/freebsd/contrib/ntp/libntp/
H A Dauthkeys.c28 u_char * secret; /* shared secret */ member
33 size_t secretsize; /* secret octets */
38 #define symkey_payload secret
101 u_char *cache_secret; /* secret */
102 size_t cache_secretsize; /* secret length */
472 * secret must be allocated with a free-compatible allocator. It is
483 u_char * secret, in allocsymkey() argument
501 sk->secret = secret; in allocsymkey()
755 u_char * secret; MD5auth_setkey() local
[all...]
/freebsd/contrib/wpa/src/radius/
H A Dradius.h272 int radius_msg_finish(struct radius_msg *msg, const u8 *secret,
274 int radius_msg_finish_srv(struct radius_msg *msg, const u8 *secret,
276 int radius_msg_finish_das_resp(struct radius_msg *msg, const u8 *secret,
279 void radius_msg_finish_acct(struct radius_msg *msg, const u8 *secret,
281 void radius_msg_finish_acct_resp(struct radius_msg *msg, const u8 *secret,
284 int radius_msg_verify_acct_req(struct radius_msg *msg, const u8 *secret,
286 int radius_msg_verify_das_req(struct radius_msg *msg, const u8 *secret,
295 int radius_msg_verify(struct radius_msg *msg, const u8 *secret,
298 int radius_msg_verify_msg_auth(struct radius_msg *msg, const u8 *secret,
305 const u8 *secret, size_t secret_len);
[all …]
/freebsd/contrib/wireguard-tools/
H A Dcurve25519.h16 void curve25519(uint8_t mypublic[static CURVE25519_KEY_SIZE], const uint8_t secret[static CURVE2551…
17 void curve25519_generate_public(uint8_t pub[static CURVE25519_KEY_SIZE], const uint8_t secret[stati…
18 static inline void curve25519_clamp_secret(uint8_t secret[static CURVE25519_KEY_SIZE]) in curve25519_clamp_secret()
20 secret[0] &= 248; in curve25519_clamp_secret()
21 secret[31] = (secret[31] & 127) | 64; in curve25519_clamp_secret()
/freebsd/usr.sbin/ctld/
H A Duclparse.c61 const ucl_object_t *user, *secret; in uclparse_chap() local
70 secret = ucl_object_find_key(obj, "secret"); in uclparse_chap()
71 if (!secret || secret->type != UCL_STRING) { in uclparse_chap()
73 "\"secret\" string key", ag_name); in uclparse_chap()
79 ucl_object_tostring(secret))); in uclparse_chap()
85 const ucl_object_t *user, *secret, *mutual_user; in uclparse_chap_mutual() local
95 secret = ucl_object_find_key(obj, "secret"); in uclparse_chap_mutual()
96 if (!secret || secret->type != UCL_STRING) { in uclparse_chap_mutual()
98 "\"secret\" string key", ag_name); in uclparse_chap_mutual()
109 mutual_secret = ucl_object_find_key(obj, "mutual-secret"); in uclparse_chap_mutual()
[all …]

12345678910>>...29