| /freebsd/crypto/openssl/doc/man1/ |
| H A D | openssl-list.pod.in | 6 openssl-list - list algorithms and features
15 [B<-all-algorithms>]
18 [B<-digest-algorithms>]
22 -}[B<-kdf-algorithms>]
23 [B<-mac-algorithms>]
26 [B<-cipher-algorithms>]
34 [B<-key-exchange-algorithms>]
35 [B<-kem-algorithms>]
40 [B<-signature-algorithms>]
41 [B<-tls-signature-algorithms>]
[all …]
|
| H A D | openssl-speed.pod.in | 19 [B<-kem-algorithms>]
20 [B<-signature-algorithms>]
37 This command is used to test the performance of cryptographic algorithms.
66 To see the algorithms supported with this option, use
67 C<openssl list -digest-algorithms> or C<openssl list -cipher-algorithms>
103 =item B<-kem-algorithms>
105 Benchmark KEM algorithms: key generation, encapsulation, decapsulation.
107 =item B<-signature-algorithms>
109 Benchmark signature algorithms: key generation, signature, verification.
148 If any I<algorithm> is given, then those algorithms are tested, otherwise a
[all …]
|
| H A D | openssl-dgst.pod.in | 50 To see the list of supported algorithms, use C<openssl list -digest-algorithms>
89 Set the output length for XOF algorithms, such as B<shake128> and B<shake256>.
92 For OpenSSL providers it is required to set this value for shake algorithms,
121 Note that for algorithms that only support one-shot signing
123 be set. For these algorithms the input is buffered (and not digested) before
124 signing. For these algorithms, if the input is larger than 16MB an error
166 algorithm is HMAC (hash-based MAC), but there are other MAC algorithms
250 The C<openssl list -digest-algorithms> command can be used to list them.
262 A source of random numbers is required for certain signing algorithms, in
|
| H A D | openssl-pkcs8.pod.in | 38 format with a variety of PKCS#5 (v1.5 and v2.0) and PKCS#12 algorithms.
136 Some implementations may not support custom PRF algorithms and may require
177 encryption algorithms such as 56 bit DES.
179 Private keys encrypted using PKCS#5 v2.0 algorithms and high iteration
190 Various algorithms can be used with the B<-v1> command line option,
198 These algorithms were included in the original PKCS#5 v1.5 specification.
203 These algorithms are not mentioned in the original PKCS#5 v1.5 specification
210 These algorithms use the PKCS#12 password based encryption algorithm and
211 allow strong encryption algorithms like triple DES or 128 bit RC2 to be used.
265 algorithms are concerned.
|
| H A D | openssl-pkeyutl.pod.in | 72 For signature algorithms like RSA, DSA and ECDSA,
76 For EdDSA (the Ed25519 and Ed448 algorithms) this option
150 Even for other algorithms like ECDSA, where the additional B<-pkeyopt> option
207 Encapsulation is supported with a number of public key algorithms, currently:
213 The ECX and EC algorithms use the
219 hybrid ECDHE (no DHKEM) plus B<ML-KEM> algorithms, but these are intended
222 algorithms, so it is not possible to provide the required key material.
233 Decapsulation is supported with a number of public key algorithms, currently:
239 The ECX and EC algorithms use the
249 All the supported algorithms presently support only their default I<mode>, and
[all …]
|
| /freebsd/crypto/openssl/doc/designs/ |
| H A D | fetching-composite-algorithms.md | 1 Fetching composite algorithms and using them - adding the bits still missing
8 fetching composite algorithms (such as AES-128-CBC or HMAC-SHA256), and
12 However, there is one class of algorithms where the support for *using*
13 explicitly fetched algorithms is lacking: asymmetric algorithms.
49 - [Functions for explicitly fetched signature algorithms]
50 - [Functions for explicitly fetched asym-cipher algorithms] (not yet designed)
51 - [Functions for explicitly fetched keyexch algorithms] (not yet designed)
64 known as "sigalgs", but this is really broader than just signature algorithms.
84 composite algorithms, although our providers do not fully participate in
116 There are some classes of algorithms for which we have no support for using
[all …]
|
| H A D | slh-dsa.md | 6 pseudo code for all its algorithms.
20 There are 7 hash functions used. The algorithms using SHAKE have a much simpler
22 The SHA2 algorithms are much more complex and require HMAC, MGF1, as well as digests.
25 Some of the hash functions use an ADRS object. This is 32 bytes for SHAKE algorithms
35 the ADRS functions, and the parameter constants. It also contains pre fetched algorithms.
45 Since different algorithms have different key sizes, buffers of the maximum size
133 not affect the security of the algorithms.
|
| H A D | fips_indicator.md | 167 set_ctx_params(), but some algorithms currently do checks in their init operation.
204 Since there are a lot of algorithms where indicators are needed it was decided
232 This must be put into the algorithms settable ctx_params table.
239 This should be put at the top of the algorithms set_ctx_params().
246 This must be placed in the algorithms gettable_ctx_params table
250 This must be placed in the algorithms get_ctx_params(),
252 Some existing algorithms will require set_ctx_params()/settable_ctx_params()
268 - HMAC Which applies to all algorithms that use HMAC also (e.g. HKDF, SSKDF, KBKDF)
290 Any algorithms that use a digest need to make sure that the CAVP certificate lists all supported FI…
291 This applies to the following algorithms:
[all …]
|
| /freebsd/crypto/openssl/doc/man3/ |
| H A D | SSL_CTX_set1_sigalgs.pod | 8 SSL_set1_client_sigalgs_list - set supported signature algorithms
27 algorithms for B<ctx> or B<ssl>. The array B<slist> of length B<slistlen>
29 algorithms.
32 signature algorithms for B<ctx> or B<ssl>. The B<str> parameter
45 signature algorithms related to client authentication, otherwise they are
55 If an application wishes to allow the setting of signature algorithms
59 The signature algorithms set by a client are used directly in the supported
62 The supported signature algorithms set by a server are not sent to the
63 client but are used to determine the set of shared signature algorithms
67 The client authentication signature algorithms set by a server are sent
[all …]
|
| H A D | OpenSSL_add_all_algorithms.pod | 6 add algorithms to internal table
24 OpenSSL keeps an internal table of digest algorithms and ciphers. It uses
27 OpenSSL_add_all_digests() adds all digest algorithms to the table.
29 OpenSSL_add_all_algorithms() adds all algorithms to the table (digests and
32 OpenSSL_add_all_ciphers() adds all encryption algorithms to the table including
33 password based encryption algorithms.
|
| H A D | SSL_get_shared_sigalgs.pod | 5 SSL_get_shared_sigalgs, SSL_get_sigalgs - get supported signature algorithms
22 algorithms supported by peer B<s>. The parameter B<idx> indicates the index
29 information about all signature algorithms supported by B<s> in the order
35 signature algorithms or B<0> if the B<idx> parameter is out of range.
50 signature algorithms can be determined: which can be zero.
53 signature algorithms: after a client hello (for servers) or a certificate
57 Only TLS 1.2, TLS 1.3 and DTLS 1.2 currently support signature algorithms.
61 The shared signature algorithms returned by SSL_get_shared_sigalgs() are
|
| H A D | SSL_CTX_set1_cert_comp_preference.pod | 42 to specify the preferred compression algorithms. The B<algs> argument is an array
43 of algorithms, and B<length> is number of elements in the B<algs> array. Only
44 those algorithms enabled in the library will be accepted in B<algs>, unknown
45 algorithms in B<algs> are ignored. On an error, the preference order is left
48 The following compression algorithms (B<alg> arguments) may be used:
68 B<alg> is 0, then the certificates are compressed with the algorithms specified
88 saved). As the default list includes all the enabled algorithms, not specifying
119 =item * If B<alg> is 0 and no compression algorithms are enabled.
|
| H A D | SSL_get1_builtin_sigalgs.pod | 5 SSL_get1_builtin_sigalgs - get list of built-in signature algorithms
16 algorithms.
22 algorithms can be activated, e.g., if suitable providers are missing.
|
| H A D | EVP_PKEY_CTX_set1_pbe_pass.pod | 17 These functions are generic support functions for all KDF algorithms.
25 EVP_PKEY_CTX_set1_kdf_key (to be used by the algorithms that use a
41 supported by the algorithms that use them.
|
| H A D | SSL_check_chain.pod | 34 B<CERT_PKEY_CA_SIGNATURE>: the signature algorithms of all CA certificates
44 algorithms extension).
67 algorithms may also wish to check B<CERT_PKEY_CA_SIGNATURE> too. If no
75 Since the supported signature algorithms extension is only used in TLS 1.2,
|
| /freebsd/crypto/openssl/test/ssl-tests/ |
| H A D | 01-simple.cnf | 6 test-1 = 1-Server signature algorithms bug
34 [1-Server signature algorithms bug]
35 ssl_conf = 1-Server signature algorithms bug-ssl
37 [1-Server signature algorithms bug-ssl]
38 server = 1-Server signature algorithms bug-server
39 client = 1-Server signature algorithms bug-client
41 [1-Server signature algorithms bug-server]
47 [1-Server signature algorithms bug-client]
|
| /freebsd/crypto/openssl/doc/man7/ |
| H A D | OSSL_PROVIDER-legacy.pod | 9 The OpenSSL legacy provider supplies OpenSSL implementations of algorithms
10 that have been deemed legacy. Such algorithms have commonly fallen out of
14 We can consider this the retirement home of cryptographic algorithms.
37 The OpenSSL legacy provider supports these operations and algorithms:
59 Not all of these symmetric cipher algorithms are enabled by default.
98 When algorithms for other operations start appearing, the
|
| H A D | fips_module.pod | 51 use the FIPS module for cryptographic algorithms by default.
103 enabled to prevent accidental use of non-FIPS validated algorithms via broken
110 cryptographic algorithms (and therefore does not impact the validation status of
111 any cryptographic operations), but does include other supporting algorithms that
136 The algorithms available in the FIPS module are a subset of the algorithms
139 If any applications attempt to use any algorithms that are not present,
221 This loads a sub-set of algorithms that are also available in the default
223 with the FIPS provider. For example this contains algorithms for encoding and
272 All algorithms implemented in a provider have this property set on them.
274 There is also the C<fips> property. All FIPS algorithms match against the
[all …]
|
| H A D | evp.pod | 29 asymmetric algorithms. To create a new EVP_PKEY see
69 All the symmetric algorithms (ciphers), digests and asymmetric algorithms
70 (public key algorithms) can be replaced by ENGINE modules providing alternative
76 Although low-level algorithm specific functions exist for many algorithms
78 versions of new algorithms cannot be accessed using the low-level functions.
79 Also makes code harder to adapt to new algorithms and some options are not
|
| H A D | OSSL_PROVIDER-base.pod | 58 The OpenSSL base provider supports these operations and algorithms:
70 In addition to this provider, the "SEED-SRC" and "JITTER" algorithms
137 In addition to this provider, all of these encoding algorithms are also
138 available in the default provider. Some of these algorithms may be used in
207 In addition to this provider, all of these decoding algorithms are also
208 available in the default provider. Some of these algorithms may be used in
221 In addition to this provider, all of these store algorithms are also
|
| H A D | EVP_CIPHER-DES.pod | 13 The following algorithms are available in the FIPS provider as well as the
24 The following algorithms are available in the default provider, but not the
43 The following algorithms are available in the legacy provider:
|
| /freebsd/tools/tools/crypto/ |
| H A D | cryptotest.c | 123 } algorithms[] = { variable
176 for (i = 0; i < nitems(algorithms); i++) in getalgbycode()
177 if (cipher == algorithms[i].code) in getalgbycode()
178 return &algorithms[i]; in getalgbycode()
187 for (i = 0; i < nitems(algorithms); i++) in getalgbyname()
188 if (streq(name, algorithms[i].name)) in getalgbyname()
189 return &algorithms[i]; in getalgbyname()
629 for (i = 0; i < nitems(algorithms); i++) { in main()
631 alg = &algorithms[i]; in main()
|
| /freebsd/contrib/libfido2/src/ |
| H A D | info.c | 314 return (decode_algorithms(val, &ci->algorithms)); in parse_reply_element()
440 fido_algo_array_free(&ci->algorithms); in fido_cbor_info_reset()
604 return (ci->algorithms.len); in fido_cbor_info_algorithm_count()
610 if (idx >= ci->algorithms.len) in fido_cbor_info_algorithm_type()
613 return (ci->algorithms.ptr[idx].type); in fido_cbor_info_algorithm_type()
619 if (idx >= ci->algorithms.len) in fido_cbor_info_algorithm_cose()
622 return (ci->algorithms.ptr[idx].cose); in fido_cbor_info_algorithm_cose()
|
| /freebsd/crypto/openssl/ |
| H A D | README-PROVIDERS.md | 43 The legacy provider is a collection of legacy algorithms that are either no
45 However, some applications may need to use these algorithms for backwards
48 may find that some algorithms are no longer available unless they load the
58 from the default provider, consisting of algorithms conforming to FIPS standards.
68 The base provider contains a small sub-set of non-cryptographic algorithms
69 available in the default provider. For example, it contains algorithms to
|
| /freebsd/sys/security/mac_veriexec/ |
| H A D | veriexec_fingerprint.c | 69 SYSCTL_PROC(_security_mac_veriexec, OID_AUTO, algorithms,
79 int algorithms, error; in sysctl_mac_veriexec_algorithms() local
81 algorithms = 0; in sysctl_mac_veriexec_algorithms()
84 if (algorithms++) in sysctl_mac_veriexec_algorithms()
|