| /Linux-v5.15/fs/ubifs/ |
| D | auth.c | 39 * ubifs_hash_calc_hmac - calculate a HMAC from a hash
41 * @hash: the node to calculate a HMAC for
42 * @hmac: the returned HMAC
47 u8 *hmac) in ubifs_hash_calc_hmac() argument
49 return crypto_shash_tfm_digest(c->hmac_tfm, hash, c->hash_len, hmac); in ubifs_hash_calc_hmac()
59 * It creates a HMAC from the given input hash and writes it to the node.
81 err = ubifs_hash_calc_hmac(c, hash, auth->hmac); in ubifs_prepare_auth_node()
276 snprintf(hmac_name, CRYPTO_MAX_ALG_NAME, "hmac(%s)", in ubifs_init_authentication()
327 ubifs_err(c, "hmac %s is bigger than maximum allowed hmac size (%d > %d)", in ubifs_init_authentication()
377 * ubifs_node_calc_hmac - calculate the HMAC of a UBIFS node
[all …]
|
| D | ubifs-media.h | 297 /* The maxmimum size of a hmac, enough for hmac(sha512) */
645 * @hmac: HMAC to authenticate the superblock node
646 * @hmac_wkm: HMAC of a well known message (the string "UBIFS") as a convenience
650 * master node does not contain a hmac
678 __u8 hmac[UBIFS_MAX_HMAC_LEN]; member
719 * @hmac: HMAC to authenticate the master node
754 __u8 hmac[UBIFS_MAX_HMAC_LEN]; member
777 * @hmac: The HMAC
781 __u8 hmac[]; member
|
| /Linux-v5.15/net/sctp/ |
| D | Kconfig | 53 prompt "Default SCTP cookie HMAC encoding"
56 This option sets the default sctp cookie hmac algorithm
60 bool "Enable optional MD5 hmac cookie generation"
62 Enable optional MD5 hmac based SCTP cookie generation
66 bool "Enable optional SHA1 hmac cookie generation"
68 Enable optional SHA1 hmac based SCTP cookie generation
72 bool "Use no hmac alg in SCTP cookie generation"
74 Use no hmac algorithm in SCTP cookie generation
79 bool "Enable optional MD5 hmac cookie generation"
81 Enable optional MD5 hmac based SCTP cookie generation
[all …]
|
| D | auth.c | 29 .hmac_name = "hmac(sha1)",
39 .hmac_name = "hmac(sha256)",
175 * The RANDOM parameter, the CHUNKS parameter and the HMAC-ALGO
301 * The RANDOM parameter, the CHUNKS parameter and the HMAC-ALGO in sctp_auth_asoc_create_secret()
501 /* Destroy the hmac tfm array */
521 /* Get an hmac description information that we can use to build
601 /* Cache the default HMAC id. This to follow this text from SCTP-AUTH:
603 * The receiver of a HMAC-ALGO parameter SHOULD use the first listed
703 * the AUTH-chunk is given by the AUTH chunk with its HMAC field set to
719 * - hmac id in sctp_auth_calculate_hmac()
[all …]
|
| /Linux-v5.15/Documentation/ABI/testing/ |
| D | evm | 7 HMAC-sha1 value across the extended attributes, storing the
11 an HMAC-sha1 generated locally with a
23 0 Enable HMAC validation and creation
26 runtime. Not supported if HMAC validation and
35 will enable HMAC validation and creation
41 will enable HMAC and digital signature validation and
42 HMAC creation and disable all further modification of policy.
71 Note that once an HMAC key has been loaded, it will no longer
73 HMAC key has been loaded will clear the corresponding flag.
80 Loading an HMAC key is the only way to disable metadata
|
| /Linux-v5.15/drivers/crypto/caam/ |
| D | caamalg.c | 2077 .cra_name = "authenc(hmac(md5),"
2079 .cra_driver_name = "authenc-hmac-md5-"
2098 .cra_name = "authenc(hmac(sha1),"
2100 .cra_driver_name = "authenc-hmac-sha1-"
2119 .cra_name = "authenc(hmac(sha224),"
2121 .cra_driver_name = "authenc-hmac-sha224-"
2140 .cra_name = "authenc(hmac(sha256),"
2142 .cra_driver_name = "authenc-hmac-sha256-"
2161 .cra_name = "authenc(hmac(sha384),"
2163 .cra_driver_name = "authenc-hmac-sha384-"
[all …]
|
| D | caamalg_qi.c | 1637 .cra_name = "authenc(hmac(md5),cbc(aes))",
1638 .cra_driver_name = "authenc-hmac-md5-"
1658 .cra_name = "echainiv(authenc(hmac(md5),"
1660 .cra_driver_name = "echainiv-authenc-hmac-md5-"
1681 .cra_name = "authenc(hmac(sha1),cbc(aes))",
1682 .cra_driver_name = "authenc-hmac-sha1-"
1702 .cra_name = "echainiv(authenc(hmac(sha1),"
1705 "hmac-sha1-cbc-aes-caam-qi",
1725 .cra_name = "authenc(hmac(sha224),cbc(aes))",
1726 .cra_driver_name = "authenc-hmac-sha224-"
[all …]
|
| D | caamalg_qi2.c | 1857 .cra_name = "authenc(hmac(md5),cbc(aes))",
1858 .cra_driver_name = "authenc-hmac-md5-"
1878 .cra_name = "echainiv(authenc(hmac(md5),"
1880 .cra_driver_name = "echainiv-authenc-hmac-md5-"
1901 .cra_name = "authenc(hmac(sha1),cbc(aes))",
1902 .cra_driver_name = "authenc-hmac-sha1-"
1922 .cra_name = "echainiv(authenc(hmac(sha1),"
1925 "hmac-sha1-cbc-aes-caam-qi2",
1945 .cra_name = "authenc(hmac(sha224),cbc(aes))",
1946 .cra_driver_name = "authenc-hmac-sha224-"
[all …]
|
| /Linux-v5.15/security/integrity/evm/ |
| D | Kconfig | 21 Include filesystem UUID for HMAC calculation.
26 WARNING: changing the HMAC calculation method or adding
35 Include additional SMACK xattrs for HMAC calculation.
39 in the HMAC calculation, enabling this option includes newly defined
43 WARNING: changing the HMAC calculation method or adding
52 Allow userland to provide additional xattrs for HMAC calculation.
|
| D | evm_main.c | 111 pr_info("HMAC attrs: 0x%x\n", evm_hmac_attrs); in evm_init_config()
121 * errors, based on the ability of EVM to calculate HMACs. If the HMAC key
161 * evm_verify_hmac - calculate and compare the HMAC with the EVM xattr
163 * Compute the HMAC on the dentry's protected set of extended attributes
168 * HMAC.)
400 * Calculate the HMAC for the given dentry and verify it against the stored
402 * previously retrieved to calculate the HMAC.
564 /* Exception if the HMAC is not going to be calculated. */ in evm_protect_xattr()
584 /* Exception if the HMAC is not going to be calculated. */ in evm_protect_xattr()
620 * access to the EVM encrypted key needed to calculate the HMAC, prevent
[all …]
|
| D | evm_crypto.c | 10 * Using root's kernel master key (kmk), calculate the HMAC
38 static const char evm_hmac[] = "hmac(sha1)";
41 * evm_set_key() - set EVM HMAC key from the kernel
45 * This function allows setting the EVM HMAC key from the kernel
83 pr_err_once("HMAC key is not set\n"); in init_desc()
164 /* The hmac uid and gid must be encoded in the initial user in hmac_add_misc()
207 * Calculate the HMAC value across the set of protected security xattrs.
210 * the hmac using the requested xattr value. Don't alloc/free memory for
355 * Calculate the hmac and update security.evm xattr
409 * Get the key from the TPM for the SHA1-HMAC
|
| /Linux-v5.15/Documentation/networking/ |
| D | seg6-sysctl.rst | 20 Define HMAC policy for ingress SR-enabled packets on this interface.
22 * -1 - Ignore HMAC field
23 * 0 - Accept SR packets without HMAC, validate SR packets with HMAC
24 * 1 - Drop SR packets without HMAC, validate SR packets with HMAC
|
| /Linux-v5.15/drivers/crypto/keembay/ |
| D | keembay-ocs-hcu-core.c | 19 #include <crypto/hmac.h>
28 /* Flag marking a HMAC request. */
30 /* Flag set when HW HMAC is being used. */
32 /* Flag set when SW HMAC is being used. */
39 * @key: The key (used only for HMAC transformations).
42 * @is_hmac_tfm: Whether or not this is a HMAC transformation.
62 * @buffer: Buffer to store: partial block of data and SW HMAC
81 * Buffer is double the block size because we need space for SW HMAC
398 * Prepare IPAD for HMAC. Only done for first block. in prepare_ipad()
399 * HMAC(k,m) = H(k ^ opad || H(k ^ ipad || m)) in prepare_ipad()
[all …]
|
| D | Kconfig | 54 sm3, as well as the HMAC variant of these algorithms.
62 bool "Enable sha224 and hmac(sha224) support in Intel Keem Bay OCS HCU"
65 Enables support for sha224 and hmac(sha224) algorithms in the Intel
69 Provides OCS HCU hardware acceleration of sha224 and hmac(224).
|
| /Linux-v5.15/drivers/crypto/inside-secure/ |
| D | safexcel_hash.c | 9 #include <crypto/hmac.h>
42 bool hmac; member
161 /* Hash continuation or HMAC, setup (inner) digest from state */ in safexcel_context_control()
165 /* Compute digest count for hash/HMAC finish operations */ in safexcel_context_control()
183 /* Special case: zero length HMAC */ in safexcel_context_control()
185 /* PE HW < 4.4 cannot do HMAC continue, fake using hash */ in safexcel_context_control()
192 /* For zero-len HMAC, don't finalize, already padded! */ in safexcel_context_control()
202 /* Clear zero-length HMAC flag for next operation! */ in safexcel_context_control()
204 } else { /* HMAC */ in safexcel_context_control()
205 /* Need outer digest for HMAC finalization */ in safexcel_context_control()
[all …]
|
| D | safexcel_cipher.c | 1742 .cra_name = "authenc(hmac(sha1),cbc(aes))",
1743 .cra_driver_name = "safexcel-authenc-hmac-sha1-cbc-aes",
1778 .cra_name = "authenc(hmac(sha256),cbc(aes))",
1779 .cra_driver_name = "safexcel-authenc-hmac-sha256-cbc-aes",
1814 .cra_name = "authenc(hmac(sha224),cbc(aes))",
1815 .cra_driver_name = "safexcel-authenc-hmac-sha224-cbc-aes",
1850 .cra_name = "authenc(hmac(sha512),cbc(aes))",
1851 .cra_driver_name = "safexcel-authenc-hmac-sha512-cbc-aes",
1886 .cra_name = "authenc(hmac(sha384),cbc(aes))",
1887 .cra_driver_name = "safexcel-authenc-hmac-sha384-cbc-aes",
[all …]
|
| /Linux-v5.15/drivers/crypto/ |
| D | atmel-sha.c | 1193 /* copy ready hash (+ finalize hmac) */ in atmel_sha_final()
1608 /* hmac functions */
1690 struct atmel_sha_hmac_ctx *hmac = crypto_ahash_ctx(tfm); in atmel_sha_hmac_setup() local
1695 hmac->resume = resume; in atmel_sha_hmac_setup()
1727 if (likely(!atmel_sha_hmac_key_get(&hmac->hkey, &key, &keylen))) in atmel_sha_hmac_setup()
1735 memcpy((u8 *)hmac->ipad, key, keylen); in atmel_sha_hmac_setup()
1736 memset((u8 *)hmac->ipad + keylen, 0, bs - keylen); in atmel_sha_hmac_setup()
1751 struct atmel_sha_hmac_ctx *hmac = crypto_ahash_ctx(tfm); in atmel_sha_hmac_prehash_key_done() local
1759 hmac->ipad[i] = atmel_sha_read(dd, SHA_REG_DIGEST(i)); in atmel_sha_hmac_prehash_key_done()
1760 memset((u8 *)hmac->ipad + ds, 0, bs - ds); in atmel_sha_hmac_prehash_key_done()
[all …]
|
| D | talitos.c | 1217 /* hmac key */ in ipsec_esp()
1229 /* hmac data */ in ipsec_esp()
1248 * extent is bytes of HMAC postpended to ciphertext, in ipsec_esp()
1816 /* HMAC key */ in common_nonsnoop_hash()
1846 /* hash/HMAC out -or- hash context out */ in common_nonsnoop_hash()
2084 /* When the tfm context has a keylen, it's an HMAC. in ahash_process_req()
2085 * A first or last (ie. not middle) descriptor must request HMAC. in ahash_process_req()
2268 .cra_name = "authenc(hmac(sha1),cbc(aes))",
2269 .cra_driver_name = "authenc-hmac-sha1-"
2290 .cra_name = "authenc(hmac(sha1),cbc(aes))",
[all …]
|
| /Linux-v5.15/net/ipv6/ |
| D | seg6_hmac.c | 3 * SR-IPv6 implementation -- HMAC functions
76 .name = "hmac(sha1)",
80 .name = "hmac(sha256)",
179 /* Let's build the HMAC text on the ring buffer. The text is composed in seg6_hmac_compute()
185 * 4. HMAC Key ID (32 bits) in seg6_hmac_compute()
203 /* HMAC Key ID */ in seg6_hmac_compute()
231 /* checks if an incoming SR-enabled packet's HMAC status matches
272 if (memcmp(hmac_output, tlv->hmac, SEG6_HMAC_FIELD_LEN) != 0) in seg6_hmac_validate_skb()
342 memset(tlv->hmac, 0, SEG6_HMAC_FIELD_LEN); in seg6_push_hmac()
343 err = seg6_hmac_compute(hinfo, srh, saddr, tlv->hmac); in seg6_push_hmac()
|
| /Linux-v5.15/net/mptcp/ |
| D | crypto_test.c | 35 char hmac[32], hmac_hex[65]; in mptcp_crypto_test_basic() local
42 /* mptcp hmap will convert to be before computing the hmac */ in mptcp_crypto_test_basic()
51 mptcp_crypto_hmac_sha(key1, key2, msg, 8, hmac); in mptcp_crypto_test_basic()
53 sprintf(&hmac_hex[j << 1], "%02x", hmac[j] & 0xff); in mptcp_crypto_test_basic()
|
| /Linux-v5.15/drivers/crypto/ccree/ |
| D | cc_aead.c | 52 struct cc_hmac_s hmac; member
94 } else if (ctx->auth_mode != DRV_HASH_NULL) { /* HMAC auth. */ in cc_aead_exit()
95 struct cc_hmac_s *hmac = &ctx->auth_state.hmac; in cc_aead_exit() local
97 if (hmac->ipad_opad) { in cc_aead_exit()
99 hmac->ipad_opad, in cc_aead_exit()
100 hmac->ipad_opad_dma_addr); in cc_aead_exit()
102 &hmac->ipad_opad_dma_addr); in cc_aead_exit()
103 hmac->ipad_opad_dma_addr = 0; in cc_aead_exit()
104 hmac->ipad_opad = NULL; in cc_aead_exit()
106 if (hmac->padded_authkey) { in cc_aead_exit()
[all …]
|
| /Linux-v5.15/Documentation/crypto/ |
| D | architecture.rst | 27 chaining mode, the HMAC mechanism, etc.
50 - hmac(sha1)
52 - authenc(hmac(sha1),cbc(aes))
377 For example, HMAC(SHA256) is implemented with hmac.c and
389 | (hmac) | ---+
400 The following call sequence is applicable when a caller triggers an HMAC
403 1. The AHASH API functions are invoked by the caller. The HMAC
406 During initialization of the HMAC cipher, the SHASH cipher type of
410 At one time, the HMAC implementation requires a SHA256 operation
413 2. The HMAC instance now invokes the SHASH API with the SHA256 cipher
|
| /Linux-v5.15/crypto/ |
| D | hmac.c | 5 * HMAC: Keyed-Hashing for Message Authentication (RFC2104).
10 * The HMAC implementation is derived from USAGI.
14 #include <crypto/hmac.h>
239 .name = "hmac",
258 MODULE_DESCRIPTION("HMAC hash algorithm");
259 MODULE_ALIAS_CRYPTO("hmac");
|
| /Linux-v5.15/security/keys/trusted-keys/ |
| D | trusted_tpm2.c | 196 * @hmac: the session HMAC or password, may be NULL if not used
197 * @hmac_len: the session HMAC or password length, maybe 0 if not used
202 const u8 *hmac, u16 hmac_len) in tpm2_buf_append_auth() argument
214 if (hmac && hmac_len) in tpm2_buf_append_auth()
215 tpm_buf_append(buf, hmac, hmac_len); in tpm2_buf_append_auth()
265 options->keyauth /* hmac */, in tpm2_seal_trusted()
420 options->keyauth /* hmac */, in tpm2_load_cmd()
478 options->blobauth /* hmac */, in tpm2_unseal_cmd()
|
| /Linux-v5.15/include/linux/ |
| D | sctp.h | 336 /* AUTH Section 3.3 HMAC Algorithm */
522 * chunk is received with an unsupported HMAC identifier.
527 * 0x0105 Unsupported HMAC Identifier
681 * This chunk is used to hold the result of the HMAC calculation.
688 * | Shared Key Identifier | HMAC Identifier |
691 * \ HMAC /
702 * This value holds the length of the HMAC in bytes plus 8.
707 * HMAC Identifier: 2 bytes (unsigned integer)
711 * The following Table 2 shows the currently defined values for HMAC
715 * | HMAC Identifier | Message Digest Algorithm |
[all …]
|
