/linux-6.3-rc2/include/crypto/ |
A D | curve25519.h | 29 const u8 secret[CURVE25519_KEY_SIZE]); 35 const u8 secret[CURVE25519_KEY_SIZE], in curve25519() 39 curve25519_arch(mypublic, secret, basepoint); in curve25519() 41 curve25519_generic(mypublic, secret, basepoint); in curve25519() 48 const u8 secret[CURVE25519_KEY_SIZE]) in curve25519_generate_public() 55 curve25519_base_arch(pub, secret); in curve25519_generate_public() 57 curve25519_generic(pub, secret, curve25519_base_point); in curve25519_generate_public() 63 secret[0] &= 248; in curve25519_clamp_secret() 64 secret[31] = (secret[31] & 127) | 64; in curve25519_clamp_secret() 69 get_random_bytes_wait(secret, CURVE25519_KEY_SIZE); in curve25519_generate_secret() [all …]
|
/linux-6.3-rc2/fs/crypto/ |
A D | keyring.c | 43 fscrypt_destroy_hkdf(&secret->hkdf); in wipe_master_key_secret() 44 memzero_explicit(secret, sizeof(*secret)); in wipe_master_key_secret() 534 err = fscrypt_init_hkdf(&secret->hkdf, secret->raw, in add_master_key() 535 secret->size); in add_master_key() 543 memzero_explicit(secret->raw, secret->size); in add_master_key() 648 memcpy(secret->raw, payload->raw, secret->size); in get_keyring_key() 709 memset(&secret, 0, sizeof(secret)); in fscrypt_ioctl_add_key() 720 secret.size = arg.raw_size; in fscrypt_ioctl_add_key() 722 if (copy_from_user(secret.raw, uarg->raw, secret.size)) in fscrypt_ioctl_add_key() 750 memset(secret, 0, sizeof(*secret)); in fscrypt_get_test_dummy_secret() [all …]
|
/linux-6.3-rc2/crypto/ |
A D | ecdh_helper.c | 37 struct kpp_secret secret = { in crypto_ecdh_encode_key() local 48 ptr = ecdh_pack_data(ptr, &secret, sizeof(secret)); in crypto_ecdh_encode_key() 60 struct kpp_secret secret; in crypto_ecdh_decode_key() local 65 ptr = ecdh_unpack_data(&secret, ptr, sizeof(secret)); in crypto_ecdh_decode_key() 66 if (secret.type != CRYPTO_KPP_SECRET_TYPE_ECDH) in crypto_ecdh_decode_key() 69 if (unlikely(len < secret.len)) in crypto_ecdh_decode_key() 73 if (secret.len != crypto_ecdh_key_len(params)) in crypto_ecdh_decode_key()
|
A D | dh_helper.c | 44 struct kpp_secret secret = { in crypto_dh_encode_key() local 52 ptr = dh_pack_data(ptr, end, &secret, sizeof(secret)); in crypto_dh_encode_key() 69 struct kpp_secret secret; in __crypto_dh_decode_key() local 74 ptr = dh_unpack_data(&secret, ptr, sizeof(secret)); in __crypto_dh_decode_key() 75 if (secret.type != CRYPTO_KPP_SECRET_TYPE_DH) in __crypto_dh_decode_key() 81 if (secret.len != crypto_dh_key_len(params)) in __crypto_dh_decode_key()
|
A D | curve25519-generic.c | 12 u8 *secret = kpp_tfm_ctx(tfm); in curve25519_set_secret() local 15 curve25519_generate_secret(secret); in curve25519_set_secret() 18 memcpy(secret, buf, CURVE25519_KEY_SIZE); in curve25519_set_secret() 27 const u8 *secret = kpp_tfm_ctx(tfm); in curve25519_compute_value() local 45 curve25519_generic(buf, secret, bp); in curve25519_compute_value()
|
A D | testmgr.h | 1349 .secret = 1456 .secret = 1566 .secret = 1654 .secret = 1727 .secret = 1847 .secret = 1936 .secret = 2088 .secret = 2193 .secret = 2409 .secret = [all …]
|
/linux-6.3-rc2/arch/arm/crypto/ |
A D | curve25519-glue.c | 23 const u8 secret[CURVE25519_KEY_SIZE], 43 const u8 secret[CURVE25519_KEY_SIZE]) in curve25519_base_arch() 45 return curve25519_arch(pub, secret, curve25519_base_point); in curve25519_base_arch() 52 u8 *secret = kpp_tfm_ctx(tfm); in curve25519_set_secret() local 55 curve25519_generate_secret(secret); in curve25519_set_secret() 58 memcpy(secret, buf, CURVE25519_KEY_SIZE); in curve25519_set_secret() 67 const u8 *secret = kpp_tfm_ctx(tfm); in curve25519_compute_value() local 85 curve25519_arch(buf, secret, bp); in curve25519_compute_value()
|
/linux-6.3-rc2/Documentation/ABI/testing/ |
A D | securityfs-secrets-coco | 9 platforms (such as AMD SEV and SEV-ES) for secret injection by 15 secret appears as a file under <securityfs>/secrets/coco, 18 if the EFI secret area is populated. 21 Reading the file returns the content of secret entry. 22 Unlinking the file overwrites the secret data with zeroes and 23 removes the entry from the filesystem. A secret cannot be read 35 Reading the secret data by reading a file:: 38 the-content-of-the-secret-data 40 Wiping a secret by unlinking a file:: 51 the EFI secret area".
|
/linux-6.3-rc2/Documentation/security/secrets/ |
A D | coco.rst | 7 This document describes how Confidential Computing secret injection is handled 18 secret injection is performed early in the VM launch process, before the 28 The guest firmware may reserve a designated memory area for secret injection, 38 Guest Owner secret data should be a GUIDed table of secret values; the binary 40 "Structure of the EFI secret area". 44 Later it checks if the secret area is populated: it maps the area and checks 46 (``1e74f542-71dd-4d66-963e-ef4287ff173b``). If the secret area is populated, 56 provides the decryption key (= secret) using the secret injection mechanism. 57 The guest application reads the secret from the efi_secret filesystem and 63 it is passed using the secret injection mechanism (= secure channel). [all …]
|
/linux-6.3-rc2/drivers/virt/coco/efi_secret/ |
A D | Kconfig | 3 tristate "EFI secret area securityfs support" 8 This is a driver for accessing the EFI secret area via securityfs. 9 The EFI secret area is a memory area designated by the firmware for 10 confidential computing secret injection (for example for AMD SEV 13 a file wipes the secret from memory).
|
/linux-6.3-rc2/drivers/nvme/common/ |
A D | auth.c | 153 struct nvme_dhchap_key *nvme_auth_extract_key(unsigned char *secret, in nvme_auth_extract_key() argument 160 size_t allocated_len = strlen(secret); in nvme_auth_extract_key() 163 p = strrchr(secret, ':'); in nvme_auth_extract_key() 165 allocated_len = p - secret; in nvme_auth_extract_key() 175 key_len = base64_decode(secret, allocated_len, key->key); in nvme_auth_extract_key() 458 int nvme_auth_generate_key(u8 *secret, struct nvme_dhchap_key **ret_key) in nvme_auth_generate_key() argument 463 if (!secret) { in nvme_auth_generate_key() 468 if (sscanf(secret, "DHHC-1:%hhd:%*s:", &key_hash) != 1) in nvme_auth_generate_key() 472 key = nvme_auth_extract_key(secret + 10, key_hash); in nvme_auth_generate_key()
|
/linux-6.3-rc2/net/sctp/ |
A D | auth.c | 258 struct sctp_auth_bytes *secret; in sctp_auth_asoc_set_secret() local 266 secret = sctp_auth_create_key(auth_len, gfp); in sctp_auth_asoc_set_secret() 267 if (!secret) in sctp_auth_asoc_set_secret() 271 memcpy(secret->data, ep_key->key->data, ep_key->key->len); in sctp_auth_asoc_set_secret() 280 return secret; in sctp_auth_asoc_set_secret() 295 struct sctp_auth_bytes *secret = NULL; in sctp_auth_asoc_create_secret() local 346 return secret; in sctp_auth_asoc_create_secret() 385 struct sctp_auth_bytes *secret; in sctp_auth_asoc_init_active_key() local 403 secret = sctp_auth_asoc_create_secret(asoc, ep_key, gfp); in sctp_auth_asoc_init_active_key() 404 if (!secret) in sctp_auth_asoc_init_active_key() [all …]
|
/linux-6.3-rc2/security/keys/ |
A D | dh.c | 136 uint8_t *secret; in __keyctl_dh_compute() local 201 secret = kmalloc(secretlen, GFP_KERNEL); in __keyctl_dh_compute() 202 if (!secret) { in __keyctl_dh_compute() 206 ret = crypto_dh_encode_key(secret, secretlen, &dh_inputs); in __keyctl_dh_compute() 216 ret = crypto_kpp_set_secret(tfm, secret, secretlen); in __keyctl_dh_compute() 292 kfree_sensitive(secret); in __keyctl_dh_compute()
|
/linux-6.3-rc2/net/bluetooth/ |
A D | ecdh_helper.c | 45 u8 secret[32]) in compute_ecdh_secret() 67 sg_init_one(&dst, secret, 32); in compute_ecdh_secret() 80 swap_digits((u64 *)secret, (u64 *)tmp, 4); in compute_ecdh_secret() 81 memcpy(secret, tmp, 32); in compute_ecdh_secret()
|
A D | ecdh_helper.h | 27 u8 secret[32]);
|
/linux-6.3-rc2/arch/x86/crypto/ |
A D | curve25519-x86_64.c | 1595 const u8 secret[CURVE25519_KEY_SIZE], in curve25519_arch() 1599 curve25519_ever64(mypublic, secret, basepoint); in curve25519_arch() 1606 const u8 secret[CURVE25519_KEY_SIZE]) in curve25519_base_arch() 1609 curve25519_ever64_base(pub, secret); in curve25519_base_arch() 1618 u8 *secret = kpp_tfm_ctx(tfm); in curve25519_set_secret() local 1621 curve25519_generate_secret(secret); in curve25519_set_secret() 1624 memcpy(secret, buf, CURVE25519_KEY_SIZE); in curve25519_set_secret() 1633 const u8 *secret = kpp_tfm_ctx(tfm); in curve25519_generate_public_key() local 1640 curve25519_base_arch(buf, secret); in curve25519_generate_public_key() 1655 const u8 *secret = kpp_tfm_ctx(tfm); in curve25519_compute_shared_secret() local [all …]
|
/linux-6.3-rc2/net/ceph/ |
A D | auth_x.c | 57 static int ceph_x_encrypt(struct ceph_crypto_key *secret, void *buf, in ceph_x_encrypt() argument 105 ret = __ceph_x_decrypt(secret, *p, ciphertext_len); in ceph_x_decrypt() 161 struct ceph_crypto_key *secret, in process_one_ticket() argument 197 ret = ceph_x_decrypt(secret, p, end); in process_one_ticket() 271 struct ceph_crypto_key *secret, in ceph_x_proc_ticket_reply() argument 286 ret = process_one_ticket(ac, secret, p, end); in ceph_x_proc_ticket_reply() 612 ret = ceph_x_proc_ticket_reply(ac, &xi->secret, p, end); in handle_auth_session_key() 800 ret = __ceph_x_decrypt(secret, challenge, challenge_len); in decrypt_authorizer_challenge() 853 ret = ceph_x_decrypt(secret, p, end); in decrypt_authorizer_reply() 919 ceph_crypto_key_destroy(&xi->secret); in ceph_x_destroy() [all …]
|
A D | auth_x.h | 41 struct ceph_crypto_key secret; member
|
/linux-6.3-rc2/include/linux/ |
A D | nvme-auth.h | 27 struct nvme_dhchap_key *nvme_auth_extract_key(unsigned char *secret, 31 int nvme_auth_generate_key(u8 *secret, struct nvme_dhchap_key **ret_key);
|
/linux-6.3-rc2/include/keys/ |
A D | trusted_tpm.h | 23 unsigned char secret[SHA1_DIGEST_SIZE]; member 71 16, 1, &s->secret, SHA1_DIGEST_SIZE, 0); in dump_sess()
|
/linux-6.3-rc2/net/ipv6/ |
A D | seg6.c | 158 char *secret; in seg6_genl_sethmac() local 205 secret = (char *)nla_data(info->attrs[SEG6_ATTR_SECRET]); in seg6_genl_sethmac() 213 memcpy(hinfo->secret, secret, slen); in seg6_genl_sethmac() 306 nla_put(msg, SEG6_ATTR_SECRET, hinfo->slen, hinfo->secret) || in __seg6_hmac_fill_info()
|
/linux-6.3-rc2/Documentation/security/keys/ |
A D | ecryptfs.rst | 70 into the '/secret' directory:: 73 ecryptfs_cipher=aes,ecryptfs_key_bytes=32 /secret /secret
|
/linux-6.3-rc2/drivers/gpu/drm/nouveau/nvkm/engine/ |
A D | falcon.c | 141 falcon->secret = (falcon->addr == 0x087000) ? 1 : 0; in nvkm_falcon_oneinit() 145 falcon->secret = (caps & 0x00000030) >> 4; in nvkm_falcon_oneinit() 153 nvkm_debug(subdev, "secret level: %d\n", falcon->secret); in nvkm_falcon_oneinit() 171 if (falcon->secret && falcon->version < 4) { in nvkm_falcon_init()
|
/linux-6.3-rc2/drivers/net/wireguard/ |
A D | cookie.c | 24 get_random_bytes(checker->secret, NOISE_HASH_LEN); in wg_cookie_checker_init() 100 get_random_bytes(checker->secret, NOISE_HASH_LEN); in make_cookie() 106 blake2s_init_key(&state, COOKIE_LEN, checker->secret, NOISE_HASH_LEN); in make_cookie()
|
/linux-6.3-rc2/include/net/ |
A D | seg6_hmac.h | 30 char secret[SEG6_HMAC_SECRET_LEN]; member
|