| /mbedtls-development/library/ |
| A D | chachapoly.c | 130 const unsigned char nonce[12], in mbedtls_chachapoly_starts()
136 CHACHAPOLY_VALIDATE_RET( nonce != NULL ); in mbedtls_chachapoly_starts()
139 ret = mbedtls_chacha20_starts( &ctx->chacha20_ctx, nonce, 0U ); in mbedtls_chachapoly_starts()
281 const unsigned char nonce[12], in chachapoly_crypt_and_tag()
290 ret = mbedtls_chachapoly_starts( ctx, nonce, mode ); in chachapoly_crypt_and_tag()
310 const unsigned char nonce[12], in mbedtls_chachapoly_encrypt_and_tag()
318 CHACHAPOLY_VALIDATE_RET( nonce != NULL ); in mbedtls_chachapoly_encrypt_and_tag()
325 length, nonce, aad, aad_len, in mbedtls_chachapoly_encrypt_and_tag()
331 const unsigned char nonce[12], in mbedtls_chachapoly_auth_decrypt()
343 CHACHAPOLY_VALIDATE_RET( nonce != NULL ); in mbedtls_chachapoly_auth_decrypt()
[all …]
|
| A D | psa_crypto_aead.c | 143 const uint8_t *nonce, size_t nonce_length, in mbedtls_psa_aead_encrypt() argument
188 nonce, nonce_length, in mbedtls_psa_aead_encrypt()
206 nonce, in mbedtls_psa_aead_encrypt()
254 const uint8_t *nonce, size_t nonce_length, in mbedtls_psa_aead_decrypt() argument
281 nonce, nonce_length, in mbedtls_psa_aead_decrypt()
295 nonce, nonce_length, in mbedtls_psa_aead_decrypt()
314 nonce, in mbedtls_psa_aead_decrypt()
395 const uint8_t *nonce, in mbedtls_psa_aead_set_nonce() argument
407 nonce, in mbedtls_psa_aead_set_nonce()
427 nonce, in mbedtls_psa_aead_set_nonce()
[all …]
|
| A D | chacha20.c | 218 const unsigned char nonce[12], in mbedtls_chacha20_starts()
222 CHACHA20_VALIDATE_RET( nonce != NULL ); in mbedtls_chacha20_starts()
228 ctx->state[13] = MBEDTLS_GET_UINT32_LE( nonce, 0 ); in mbedtls_chacha20_starts()
229 ctx->state[14] = MBEDTLS_GET_UINT32_LE( nonce, 4 ); in mbedtls_chacha20_starts()
230 ctx->state[15] = MBEDTLS_GET_UINT32_LE( nonce, 8 ); in mbedtls_chacha20_starts()
306 const unsigned char nonce[12], in mbedtls_chacha20_crypt()
316 CHACHA20_VALIDATE_RET( nonce != NULL ); in mbedtls_chacha20_crypt()
326 ret = mbedtls_chacha20_starts( &ctx, nonce, counter ); in mbedtls_chacha20_crypt()
|
| A D | psa_crypto_aead.h | 83 const uint8_t *nonce, size_t nonce_length,
146 const uint8_t *nonce, size_t nonce_length,
267 const uint8_t *nonce,
|
| A D | psa_crypto_driver_wrappers.h | 208 const uint8_t *nonce, size_t nonce_length,
217 const uint8_t *nonce, size_t nonce_length,
236 const uint8_t *nonce,
|
| A D | psa_crypto_driver_wrappers.c | 1468 const uint8_t *nonce, size_t nonce_length, in psa_driver_wrapper_aead_encrypt() argument
1488 nonce, nonce_length, in psa_driver_wrapper_aead_encrypt()
1502 nonce, nonce_length, in psa_driver_wrapper_aead_encrypt()
1520 const uint8_t *nonce, size_t nonce_length, in psa_driver_wrapper_aead_decrypt() argument
1540 nonce, nonce_length, in psa_driver_wrapper_aead_decrypt()
1554 nonce, nonce_length, in psa_driver_wrapper_aead_decrypt()
1668 const uint8_t *nonce, in psa_driver_wrapper_aead_set_nonce() argument
1676 nonce, in psa_driver_wrapper_aead_set_nonce()
1686 nonce, nonce_length ) ); in psa_driver_wrapper_aead_set_nonce()
1694 (void)nonce; in psa_driver_wrapper_aead_set_nonce()
|
| A D | psa_crypto.c | 3672 const uint8_t *nonce, in psa_aead_encrypt() argument
3706 nonce, nonce_length, in psa_aead_encrypt()
3722 const uint8_t *nonce, in psa_aead_decrypt() argument
3756 nonce, nonce_length, in psa_aead_decrypt()
3864 uint8_t *nonce, in psa_aead_generate_nonce() argument
3893 status = psa_generate_random( nonce, required_nonce_size ); in psa_aead_generate_nonce()
3897 status = psa_aead_set_nonce( operation, nonce, required_nonce_size ); in psa_aead_generate_nonce()
3911 const uint8_t *nonce, in psa_aead_set_nonce() argument
3935 status = psa_driver_wrapper_aead_set_nonce( operation, nonce, in psa_aead_set_nonce()
|
| /mbedtls-development/tests/suites/ |
| A D | test_suite_chachapoly.function | 73 unsigned char nonce[12];
83 memset( nonce, 0x00, sizeof( nonce ) );
111 TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT )
123 TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT )
135 TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT )
|
| A D | test_suite_ctr_drbg.function | 27 static void ctr_drbg_validate_internal( int reseed_mode, data_t * nonce,
45 /* CTR_DRBG_Instantiate(entropy[:entropy->len], nonce, perso, <ignored>)
46 * where nonce||perso = nonce[nonce->len] */
52 nonce->x, nonce->len ) == 0 );
195 /*nonce*/ MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN +
207 * for the entropy input and byte_strength/2 bytes for a nonce. */
|
| A D | test_suite_psa_crypto.function | 425 PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) );
430 PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) );
434 PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) );
3628 nonce->x, nonce->len,
3659 nonce->x, nonce->len,
3719 nonce->x, nonce->len,
3791 nonce->x, nonce->len,
4272 PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) );
4568 TEST_EQUAL( psa_aead_set_nonce( &operation, nonce->x, nonce->len ),
4716 TEST_EQUAL( psa_aead_set_nonce( &operation, nonce->x, nonce->len ),
[all …]
|
| A D | test_suite_psa_crypto_init.function | 16 * once for the initial entropy and once for a nonce. The nonce length is
24 * and once for a nonce. */
|
| A D | test_suite_psa_crypto_init.data | 37 Fake entropy: not enough for a nonce
|
| A D | test_suite_psa_crypto_driver_wrappers.function | 1020 data_t *nonce,
1061 nonce->x, nonce->len,
1089 data_t *nonce,
1124 nonce->x, nonce->len,
|
| A D | test_suite_hmac_drbg.function | 66 /* default_entropy_len of entropy, plus half as much for the nonce */
|
| A D | test_suite_psa_crypto.data | 2538 PSA AEAD decrypt: AES-CCM, invalid nonce length 6
2542 PSA AEAD decrypt: AES-CCM, invalid nonce length 14
2546 PSA AEAD decrypt: AES-CCM_8, invalid nonce length 6
2550 PSA AEAD decrypt: AES-CCM_8, invalid nonce length 14
2562 PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes, 12 byte nonce , 1
2566 PSA AEAD encrypt/decrypt, AES GCM, 19 bytes, 12 byte nonce , 2
2706 PSA AEAD decrypt: AES-GCM, nonce=0 (bad)
2710 PSA AEAD decrypt: AES-GCM, nonce=0 (bad), TAG=12
2818 PSA AEAD decrypt: ChaCha20-Poly1305 (nonce=8, not supported)
2822 PSA AEAD decrypt: ChaCha20-Poly1305 (nonce=11, too short)
[all …]
|
| A D | test_suite_ccm.data | 23 CCM lengths #2 nonce too short
26 CCM lengths #3 nonce too long
|
| /mbedtls-development/include/mbedtls/ |
| A D | chachapoly.h | 169 const unsigned char nonce[12],
301 const unsigned char nonce[12],
335 const unsigned char nonce[12],
|
| A D | chacha20.h | 129 const unsigned char nonce[12],
195 const unsigned char nonce[12],
|
| /mbedtls-development/tests/src/drivers/ |
| A D | test_driver_aead.c | 35 const uint8_t *nonce, size_t nonce_length, in mbedtls_test_transparent_aead_encrypt() argument
53 nonce, nonce_length, in mbedtls_test_transparent_aead_encrypt()
66 const uint8_t *nonce, size_t nonce_length, in mbedtls_test_transparent_aead_decrypt() argument
84 nonce, nonce_length, in mbedtls_test_transparent_aead_decrypt()
141 const uint8_t *nonce, in mbedtls_test_transparent_aead_set_nonce() argument
154 mbedtls_psa_aead_set_nonce( operation, nonce, nonce_length ); in mbedtls_test_transparent_aead_set_nonce()
|
| /mbedtls-development/tests/include/test/drivers/ |
| A D | aead.h | 63 const uint8_t *nonce, size_t nonce_length,
72 const uint8_t *nonce, size_t nonce_length,
91 const uint8_t *nonce,
|
| /mbedtls-development/include/psa/ |
| A D | crypto.h | 2132 const uint8_t *nonce,
2205 const uint8_t *nonce,
2429 uint8_t *nonce,
2470 const uint8_t *nonce,
|
| /mbedtls-development/tests/src/ |
| A D | psa_exercise_key.c | 238 unsigned char nonce[16] = {0}; in exercise_aead_key() local
239 size_t nonce_length = sizeof( nonce ); in exercise_aead_key()
268 nonce, nonce_length, in exercise_aead_key()
282 nonce, nonce_length, in exercise_aead_key()
|
| /mbedtls-development/docs/ |
| A D | getting_started.md | 690 static const uint8_t nonce[] = {
734 nonce, sizeof(nonce),
762 static const uint8_t nonce[] = {
809 nonce, sizeof(nonce),
|
| A D | 3.0-migration-guide.md | 217 * `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). Call the new function `mbedtls_…
227 * `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). The new function `mbedtls_gcm_u…
|
| /mbedtls-development/ |
| A D | ChangeLog | 310 learn partial information about the leading bits of the nonce used for the
418 maximum nonce length returned by psa_aead_generate_nonce().
519 nonce from entropy. Applications were affected if they called
523 In such cases, a random nonce was necessary to achieve the advertised
525 entropy from the nonce.
1082 entropy function to obtain entropy for a nonce if the entropy size is less
1085 nonce length to 0.
1119 * The CTR_DRBG module can grab a nonce from the entropy source during the
1120 initial seeding. The default nonce length is chosen based on the key size
|