Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
CRYPTO(7)	   FreeBSD Miscellaneous Information Manual	     CRYPTO(7)

NAME
     crypto -- OpenCrypto algorithms

SYNOPSIS
     In	the kernel configuration file:
     device crypto

     Or	load the crypto.ko module.

DESCRIPTION
     The following cryptographic algorithms that are part of the OpenCrypto
     framework have the	following requirements.

     Cipher algorithms:

     CRYPTO_AES_CBC
			   IV size:	 16
			   Block size:	 16
			   Key size:	 16, 24	or 32

		     This algorithm implements Cipher-block chaining.

     CRYPTO_AES_NIST_GCM_16
			   IV size:	 12
			   Block size:	 1
			   Key size:	 16, 24	or 32
			   Digest size:	 16

		     This algorithm implements Galois/Counter Mode.  This is
		     the cipher	part of	an AEAD	(Authenticated Encryption with
		     Associated	Data) mode.  This requires use of the use of a
		     proper authentication mode, one of
		     CRYPTO_AES_128_NIST_GMAC, CRYPTO_AES_192_NIST_GMAC	or
		     CRYPTO_AES_256_NIST_GMAC, that corresponds	with the num-
		     ber of bits in the	key that you are using.

		     The associated data (if any) must be provided by the
		     authentication mode op.  The authentication tag will be
		     read/written from/to the offset crd_inject	specified in
		     the descriptor for	the authentication mode.

		     Note: You must provide an IV on every call.

     CRYPTO_AES_ICM
			   IV size:	 16
			   Block size:	 1 (aesni), 16 (software)
			   Key size:	 16, 24	or 32

		     This algorithm implements Integer Counter Mode.  This is
		     similar to	what most people call counter mode, but
		     instead of	the counter being split	into a nonce and a
		     counter part, then	entire nonce is	used as	the initial
		     counter.  This does mean that if a	counter	is required
		     that rolls	over at	32 bits, the transaction need to be
		     split into	two parts where	the counter rolls over.	 The
		     counter incremented as a 128-bit big endian number.

		     Note: You must provide an IV on every call.

     CRYPTO_AES_XTS
			   IV size:	 8
			   Block size:	 16
			   Key size:	 32 or 64

		     This algorithm implements XEX Tweakable Block Cipher with
		     Ciphertext	Stealing as defined in NIST SP 800-38E.

		     NOTE: The ciphertext stealing part	is not implemented
		     which is why this cipher is listed	as having a block size
		     of	16 instead of 1.

     Authentication algorithms:

     CRYPTO_AES_128_NIST_GMAC  See CRYPTO_AES_NIST_GCM_16 in the cipher	mode
			       section.

     CRYPTO_AES_192_NIST_GMAC  See CRYPTO_AES_NIST_GCM_16 in the cipher	mode
			       section.

     CRYPTO_AES_256_NIST_GMAC  See CRYPTO_AES_NIST_GCM_16 in the cipher	mode
			       section.

SEE ALSO
     crypto(4),	crypto(9)

BUGS
     Not all the implemented algorithms	are listed.

FreeBSD	11.1			January	2, 2015			  FreeBSD 11.1

NAME | SYNOPSIS | DESCRIPTION | SEE ALSO | BUGS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=crypto&sektion=7&manpath=FreeBSD+11.1-RELEASE+and+Ports>

home | help