GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
CRYPTO(7) FreeBSD Miscellaneous Information Manual CRYPTO(7)

crypto
OpenCrypto algorithms

In the kernel configuration file:
device crypto
Or load the crypto.ko module.

The following cryptographic algorithms that are part of the OpenCrypto framework have the following requirements.
Cipher algorithms:
IV size:
16
Block size:
16
Key size:
16, 24 or 32
This algorithm implements Cipher-block chaining.
IV size:
12
Block size:
1
Key size:
16, 24 or 32
Digest size:
16
This algorithm implements Galois/Counter Mode. This is the cipher part of an AEAD (Authenticated Encryption with Associated Data) mode. This requires use of the use of a proper authentication mode, one of CRYPTO_AES_128_NIST_GMAC, CRYPTO_AES_192_NIST_GMAC or CRYPTO_AES_256_NIST_GMAC, that corresponds with the number of bits in the key that you are using.
The associated data (if any) must be provided by the authentication mode op. The authentication tag will be read/written from/to the offset crd_inject specified in the descriptor for the authentication mode.
Note: You must provide an IV on every call.
IV size:
16
Block size:
1 (aesni), 16 (software)
Key size:
16, 24 or 32
This algorithm implements Integer Counter Mode. This is similar to what most people call counter mode, but instead of the counter being split into a nonce and a counter part, then entire nonce is used as the initial counter. This does mean that if a counter is required that rolls over at 32 bits, the transaction need to be split into two parts where the counter rolls over. The counter incremented as a 128-bit big endian number.
Note: You must provide an IV on every call.
IV size:
8
Block size:
16
Key size:
32 or 64
This algorithm implements XEX Tweakable Block Cipher with Ciphertext Stealing as defined in NIST SP 800-38E.
NOTE: The ciphertext stealing part is not implemented which is why this cipher is listed as having a block size of 16 instead of 1.
Authentication algorithms:
CRYPTO_AES_128_NIST_GMAC
See CRYPTO_AES_NIST_GCM_16 in the cipher mode section.
CRYPTO_AES_192_NIST_GMAC
See CRYPTO_AES_NIST_GCM_16 in the cipher mode section.
CRYPTO_AES_256_NIST_GMAC
See CRYPTO_AES_NIST_GCM_16 in the cipher mode section.

crypto(4), crypto(9)

Not all the implemented algorithms are listed.
January 2, 2015 FreeBSD 12.0-RELEASE

Search for    or go to Top of page |  Section 7 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.