Changeset View
Changeset View
Standalone View
Standalone View
share/man/man7/crypto.7
Show First 20 Lines • Show All 130 Lines • ▼ Show 20 Lines | |||||
If a consumer wishes to use an IV whose value is split into | If a consumer wishes to use an IV whose value is split into | ||||
separate nonce and counter fields (e.g., IPsec), | separate nonce and counter fields (e.g., IPsec), | ||||
the consumer is responsible for splitting requests to handle | the consumer is responsible for splitting requests to handle | ||||
counter rollover. | counter rollover. | ||||
.Pp | .Pp | ||||
.Dv CRYPTO_CHACHA20 | .Dv CRYPTO_CHACHA20 | ||||
accepts a 16 byte IV. | accepts a 16 byte IV. | ||||
The first 8 bytes are used as a nonce. | The first 8 bytes are used as a nonce. | ||||
The last 8 bytes are used as 64-bit big-endian block counter. | The last 8 bytes are used as a 64-bit little-endian block counter. | ||||
.Ss Authenticated Encryption with Associated Data Algorithms | .Ss Authenticated Encryption with Associated Data Algorithms | ||||
AEAD algorithms in OCF combine a stream cipher with an authentication | AEAD algorithms in OCF combine a stream cipher with an authentication | ||||
algorithm to provide both secrecy and authentication. | algorithm to provide both secrecy and authentication. | ||||
AEAD algorithms accept additional authentication data (AAD) | AEAD algorithms accept additional authentication data (AAD) | ||||
in addition to the ciphertext or plaintext. | in addition to the ciphertext or plaintext. | ||||
AAD is passed to the authentication algorithm as input in a method | AAD is passed to the authentication algorithm as input in a method | ||||
defined by the specific AEAD algorithm. | defined by the specific AEAD algorithm. | ||||
.Pp | .Pp | ||||
Show All 27 Lines |