| /external/bouncycastle/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ |
| BaseCipherSpi.java | 15 import javax.crypto.Cipher;
168 if (wrappedKeyType == Cipher.SECRET_KEY)
172 else if (wrappedKeyAlgorithm.equals("") && wrappedKeyType == Cipher.PRIVATE_KEY)
204 if (wrappedKeyType == Cipher.PUBLIC_KEY)
208 else if (wrappedKeyType == Cipher.PRIVATE_KEY)
|
| /external/conscrypt/src/main/java/org/conscrypt/ |
| OpenSSLCipher.java | 39 import javax.crypto.Cipher;
56 * Modes that a block cipher may support.
66 * Paddings that a block cipher may support.
75 * The current cipher mode.
80 * The current cipher padding.
85 * May be used when reseting the cipher instance after calling
91 * The Initial Vector (IV) used for the current cipher.
96 * Current cipher mode: encrypting or decrypting.
101 * The block size of the current cipher.
115 * API-specific implementation of initializing the cipher. Th
[all...] |
| OpenSSLCipherRSA.java | 38 import javax.crypto.Cipher;
58 * Current cipher mode: encrypting or decrypting.
139 throw new IllegalStateException("cipher is not initialized");
155 if (opmode == Cipher.ENCRYPT_MODE || opmode == Cipher.WRAP_MODE) {
157 } else if (opmode == Cipher.DECRYPT_MODE || opmode == Cipher.UNWRAP_MODE) {
327 if (wrappedKeyType == Cipher.PUBLIC_KEY) {
330 } else if (wrappedKeyType == Cipher.PRIVATE_KEY) {
333 } else if (wrappedKeyType == Cipher.SECRET_KEY)
[all...] |
| /external/wpa_supplicant_8/src/tls/ |
| tlsv1_client.c | 118 * Cipher option 2a.
548 * tlsv1_client_get_cipher - Get current cipher name
550 * @buf: Buffer for the cipher name
554 * Get the name of the currently used cipher.
559 char *cipher; local
563 cipher = "RC4-MD5";
566 cipher = "RC4-SHA";
569 cipher = "DES-CBC-SHA";
572 cipher = "DES-CBC3-SHA";
575 cipher = "DHE-RSA-DES-CBC-SHA"
[all...] |
| tlsv1_server.c | 493 * tlsv1_server_get_cipher - Get current cipher name
495 * @buf: Buffer for the cipher name
499 * Get the name of the currently used cipher.
504 char *cipher; local
508 cipher = "RC4-MD5";
511 cipher = "RC4-SHA";
514 cipher = "DES-CBC-SHA";
517 cipher = "DES-CBC3-SHA";
520 cipher = "DHE-RSA-DES-CBC-SHA";
523 cipher = "DHE-RSA-DES-CBC3-SHA"
[all...] |
| tlsv1_record.c | 20 * tlsv1_record_set_cipher_suite - TLS record layer: Set cipher suite
22 * @cipher_suite: New cipher suite
25 * This function is used to prepare TLS record layer for cipher suite change.
36 wpa_printf(MSG_DEBUG, "TLSv1: Selected cipher suite: 0x%04x",
55 data = tls_get_cipher_data(suite->cipher);
68 * tlsv1_record_change_write_cipher - TLS record layer: Change write cipher
70 * Returns: 0 on success (cipher changed), -1 on failure
72 * This function changes TLS record layer to use the new cipher suite
77 wpa_printf(MSG_DEBUG, "TLSv1: Record Layer - New write cipher suite "
92 "cipher");
[all...] |
| /libcore/ojluni/src/main/java/sun/security/internal/spec/ |
| TlsKeyMaterialParameterSpec.java | 66 * @param cipherAlgorithm the algorithm name of the cipher keys to
68 * @param cipherKeyLength if 0, no cipher keys will be generated;
69 * otherwise, the length in bytes of cipher keys to be
70 * generated for domestic cipher suites; for cipher suites defined as
72 * @param expandedCipherKeyLength 0 for domestic cipher suites; for
73 * exportable cipher suites the length in bytes of the key to be
173 * Returns the cipher algorithm.
175 * @return the cipher algorithm.
199 // TLS v1.1 disables the exportable weak cipher suites
[all...] |
| /prebuilts/go/darwin-x86/src/crypto/cipher/ |
| example_test.go | 9 "crypto/cipher"
39 mode := cipher.NewCBCDecrypter(block, iv)
81 mode := cipher.NewCBCEncrypter(block, iv)
108 stream := cipher.NewCFBDecrypter(block, iv)
133 stream := cipher.NewCFBEncrypter(block, iv)
158 stream := cipher.NewCTR(block, iv)
169 stream = cipher.NewCTR(block, iv)
193 stream := cipher.NewOFB(block, iv)
204 stream = cipher.NewOFB(block, iv)
228 stream := cipher.NewOFB(block, iv[:]
[all...] |
| /prebuilts/go/linux-x86/src/crypto/cipher/ |
| example_test.go | 9 "crypto/cipher"
39 mode := cipher.NewCBCDecrypter(block, iv)
81 mode := cipher.NewCBCEncrypter(block, iv)
108 stream := cipher.NewCFBDecrypter(block, iv)
133 stream := cipher.NewCFBEncrypter(block, iv)
158 stream := cipher.NewCTR(block, iv)
169 stream = cipher.NewCTR(block, iv)
193 stream := cipher.NewOFB(block, iv)
204 stream = cipher.NewOFB(block, iv)
228 stream := cipher.NewOFB(block, iv[:]
[all...] |
| /external/wpa_supplicant_8/src/common/ |
| wpa_common.c | 129 * @cipher: Negotiated pairwise cipher
144 struct wpa_ptk *ptk, int akmp, int cipher)
170 ptk->tk_len = wpa_cipher_key_len(cipher);
519 int wpa_cipher_valid_group(int cipher)
521 return wpa_cipher_valid_pairwise(cipher) ||
522 cipher == WPA_CIPHER_GTK_NOT_USED;
527 int wpa_cipher_valid_mgmt_group(int cipher)
529 return cipher == WPA_CIPHER_AES_128_CMAC ||
530 cipher == WPA_CIPHER_BIP_GMAC_128 |
[all...] |
| /external/bouncycastle/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ |
| EC.java | 162 // provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES");
163 // provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES");
164 // provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES");
165 // provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede");
166 // provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede");
167 // provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC");
168 // provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC");
169 // provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC");
170 // provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC");
172 // provider.addAlgorithm("Cipher.OldECIES", PREFIX + "IESCipher$OldECIES")
[all...] |
| /cts/apps/CtsVerifier/src/com/android/cts/verifier/security/ |
| ScreenLockBoundKeysTest.java | 47 import javax.crypto.Cipher;
147 Cipher cipher = Cipher.getInstance( local
153 cipher.init(Cipher.ENCRYPT_MODE, secretKey);
154 cipher.doFinal(SECRET_BYTE_ARRAY);
|
| /external/srtp/ |
| srtp7.vcproj | 145 RelativePath=".\crypto\cipher\aes.c">
148 RelativePath=".\crypto\cipher\aes_cbc.c">
151 RelativePath=".\crypto\cipher\aes_icm.c">
154 RelativePath=".\crypto\cipher\cipher.c">
157 RelativePath=".\crypto\cipher\null_cipher.c">
217 RelativePath=".\crypto\include\cipher.h">
|
| /prebuilts/go/darwin-x86/src/crypto/rand/ |
| rand_unix.go | 15 "crypto/cipher"
105 cipher cipher.Block
125 r.cipher, err = aes.NewCipher(r.key[0:])
148 r.cipher.Encrypt(r.time[0:], r.time[0:])
152 r.cipher.Encrypt(r.dst[0:], r.dst[0:])
156 r.cipher.Encrypt(r.seed[0:], r.seed[0:])
|
| /prebuilts/go/linux-x86/src/crypto/rand/ |
| rand_unix.go | 15 "crypto/cipher"
105 cipher cipher.Block
125 r.cipher, err = aes.NewCipher(r.key[0:])
148 r.cipher.Encrypt(r.time[0:], r.time[0:])
152 r.cipher.Encrypt(r.dst[0:], r.dst[0:])
156 r.cipher.Encrypt(r.seed[0:], r.seed[0:])
|
| /cts/tests/tests/keystore/src/android/keystore/cts/ |
| AESCipherNistCavpKatTest.java | 34 import javax.crypto.Cipher;
284 Cipher cipher = Cipher.getInstance("AES/" + mode + "/NoPadding"); local
286 int opmode = (encrypt) ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE;
288 cipher.init(opmode, key, new IvParameterSpec(testVector.iv));
290 cipher.init(opmode, key);
294 byte[] actualOutput = cipher.doFinal(input);
|
| /external/boringssl/src/crypto/cmac/ |
| cmac.c | 55 #include <openssl/cipher.h>
84 const EVP_CIPHER *cipher; local
87 cipher = EVP_aes_128_cbc();
90 cipher = EVP_aes_256_cbc();
100 const int ok = CMAC_Init(&ctx, key, key_len, cipher, NULL /* engine */) &&
146 const EVP_CIPHER *cipher, ENGINE *engine) {
149 if (EVP_CIPHER_block_size(cipher) != AES_BLOCK_SIZE ||
150 EVP_CIPHER_key_length(cipher) != key_len ||
151 !EVP_EncryptInit_ex(&ctx->cipher_ctx, cipher, NULL, key, kZeroIV) ||
|
| /external/boringssl/src/ssl/ |
| ssl_aead_ctx.c | 32 uint16_t version, const SSL_CIPHER *cipher,
38 if (!ssl_cipher_get_evp_aead(&aead, &discard, &discard, cipher, version)) {
45 /* This is a "stateful" AEAD (for compatibility with pre-AEAD cipher
65 aead_ctx->cipher = cipher;
81 if (cipher->algorithm_enc & SSL_CHACHA20POLY1305) {
92 if (cipher->algorithm_enc & (SSL_AES128GCM | SSL_AES256GCM)) {
153 /* Handle the initial NULL cipher. */
226 /* Handle the initial NULL cipher. */
|
| /external/bouncycastle/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/ |
| BaseWrapCipher.java | 18 import javax.crypto.Cipher;
190 case Cipher.WRAP_MODE:
193 case Cipher.UNWRAP_MODE:
196 case Cipher.ENCRYPT_MODE:
197 case Cipher.DECRYPT_MODE:
354 if (wrappedKeyType == Cipher.SECRET_KEY)
358 else if (wrappedKeyAlgorithm.equals("") && wrappedKeyType == Cipher.PRIVATE_KEY)
390 if (wrappedKeyType == Cipher.PUBLIC_KEY)
394 else if (wrappedKeyType == Cipher.PRIVATE_KEY)
|
| /frameworks/base/docs/html/sdk/api_diff/19/changes/ |
| javax.crypto.Cipher.html | 10 javax.crypto.Cipher
74 Class javax.crypto.<A HREF="../../../../reference/javax/crypto/Cipher.html" target="_top"><font size="+2"><code>Cipher</code></font></A>
86 <A NAME="javax.crypto.Cipher.updateAAD_added(byte[])"></A>
87 <nobr><code>void</code> <A HREF="../../../../reference/javax/crypto/Cipher.html#updateAAD(byte[])" target="_top"><code>updateAAD</code></A>(<code>byte[]</code>)</nobr>
93 <A NAME="javax.crypto.Cipher.updateAAD_added(byte[], int, int)"></A>
94 <nobr><code>void</code> <A HREF="../../../../reference/javax/crypto/Cipher.html#updateAAD(byte[], int, int)" target="_top"><code>updateAAD</code></A>(<code>byte[],</nobr> int<nobr>,</nobr> int<nobr><nobr></code>)</nobr>
100 <A NAME="javax.crypto.Cipher.updateAAD_added(java.nio.ByteBuffer)"></A>
101 <nobr><code>void</code> <A HREF="../../../../reference/javax/crypto/Cipher.html#updateAAD(java.nio.ByteBuffer)" target="_top"><code>updateAAD</code></A>(<code>ByteBuffer</code>)</nobr>
|
| /frameworks/support/v4/java/android/support/v4/hardware/fingerprint/ |
| FingerprintManagerCompat.java | 28 import javax.crypto.Cipher;
100 * framework supports {@link Signature} and {@link Cipher} objects.
105 private final Cipher mCipher;
115 public CryptoObject(Cipher cipher) {
116 mCipher = cipher;
134 * Get {@link Cipher} object.
135 * @return {@link Cipher} object or null if this doesn't contain one.
137 public Cipher getCipher() { return mCipher; }
|
| /external/srtp/crypto/test/ |
| stat_driver.c | 16 #include "cipher.h"
69 /* set buffer to cipher output */
76 /* run tests on cipher outout */
|
| /external/srtp/doc/ |
| draft-irtf-cfrg-icm-00.txt | 43
Crypto Forum Research Group David A. McGrew
Internet Draft Cisco Systems, Inc.
Expires April, 2003 October, 2002
Integer Counter Mode
<draft-irtf-cfrg-icm-00.txt>
Status of this Memo
This document is an Internet Draft and is in full conformance with
all provisions of Section 10 of RFC-2026. Internet Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas,
and working groups. Note that other groups may also distribute
working documents as Internet Drafts.
Internet Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
1. Abstract
This document specifies Integer Counter Mode (ICM), a mode of
operation of a block cipher which defines an indexed keystream
generator (which generates a keystream segment given an index).
This mode is efficient, parallelizable, and has been proven secure
given realistic assumptions about the block cipher. Test vectors
are provided for AES.
Counter Mode admits many variations. The variant specified in
this document is secure and flexible, yet it enables a single
implementation of a keystream generator to suffice in different
application domains.
McGrew [Page 1]
Internet Draft Integer Counter Mode October, 2002
2. Notational Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in
this document are to be interpreted as described in RFC-2119 [B97].
3. Introduction
Counter Mode is a way to define a pseudorandom keystream generator
using a block cipher [CTR]. The keystream can be used for additive
encryption, key derivation, or any other application requiring
pseudorandom data.
In ICM, the keystream is logically broken into segments. Each
segment is identified with a segment index, and the segments have
equal lengths. This segmentation makes ICM especially appropriate
for securing packet-based protocols.
4. ICM
In this section, ICM keystream generation and encryption are
defined.
4.1. ICM Parameters
The following parameters are used in ICM. These parameters MUST
remain fixed for any given use of a key.
Parameter Meaning
-----------------------------------------------------------------
BLOCK_LENGTH the number of octets in the cipher block
KEY_LENGTH the number of octets in the cipher key
OFFSET_LENGTH the number of octets in the offset
SEGMENT_INDEX_LENGTH the number of octets in the segment index
BLOCK_INDEX_LENGTH the number of octets in the block index
4.2. Keystream Segments
Conceptually, ICM is a keystream generator that takes a secret key
and a segment index as an input and then outputs a keystream
segment. The segmentation lends itself to packet encryption, as
each keystream segment can be used to encrypt a distinct packet.
A counter is a value containing BLOCK_LENGTH octets which is
McGrew [Page 2]
Internet Draft Integer Counter Mode October, 2002
incremented using an increment function based on integer addition,
to produce a sequence of distinct values which are used as inputs to
the block cipher. (In the context of this specification, an integer
is an octet string, the most significant of which is the first.)
The output blocks of the cipher are concatenated to form the
keystream segment. The first octet of the segment is the first
octet of the first output block, and so on. A schematic of this
process is shown in Figure 1.
Figure 1. The generation of a keystream segment given a segment
index and a block cipher key K. Here C[i] and S[i] denote the ith
counter and keystream block, respectively.
segment
index
|
v
C[0] -----> C[1] -----> C[2] -----> ...
| | |
v v v
+---+ +---+ +---+
K->| E | K->| E | K->| E | ...
+---+ +---+ +---+
| | |
v v v
S[0] S[1] S[2] ...
The ith counter C[i] of the keystream segment with segment index s
is defined as
C[i] = (i + s * (256^BLOCK_INDEX_LENGTH)) (+) r
where r denotes the shifted Offset, which is defined as the Offset
times 256^(BLOCK_LENGTH - OFFSET_LENGTH). (This multiplication
left-shifts the Offset so that it is aligned with the leftmost
edge of the block.) Here ^ denotes exponentiation and (+) denotes
the bitwise exclusive-or operation.
The number of blocks in any segment MUST NOT exceed
256^BLOCK_INDEX_LENGTH. The number of segments MUST NOT exceed
256^SEGMENT_INDEX_LENGTH. These restrictions ensure the uniqueness
of each block cipher input. They also imply that each segment
contains no more than (256^BLOCK_INDEX_LENGTH)*BLOCK_LENGTH octets.
The sum of SEGMENT_INDEX_LENGTH and BLOCK_INDEX_LENGTH MUST NOT
exceed BLOCK_LENGTH / 2. This requirement protects the ICM
keystream generator from potentially failing to be pseudorandom (see
McGrew [Page 3]
Internet Draft Integer Counter Mode October, 2002
the rationale).
Figure 2. An illustration of the structure of a counter with
BLOCK_LENGTH = 8, SEGMENT_INDEX_LENGTH = 2, and BLOCK_INDEX_LENGTH
= 2. The field marked `null' is not part of either the block
or segment indices.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| null |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| segment index | block index |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
4.3. ICM Encryption
Unless otherwise specified, ICM encryption consists of bitwise
exclusive-oring the keystream into the plaintext to produce
the ciphertext.
4.4 ICM KEY
An ICM key consists of the block cipher key and an Offset. The
Offset is an integer with OFFSET_LENGTH octets, which is used to
`rand (…)
[all...] |
| /libcore/ojluni/src/main/java/sun/security/ssl/ |
| Handshaker.java | 102 * contain only those protocols that have vaild cipher suites
108 * List of active cipher suites
110 * Active cipher suites is a subset of enabled cipher suites, and will
111 * contain only those cipher suites available for the active protocols.
384 * Set the enabled cipher suites. Called from
457 throw new SSLHandshakeException("No appropriate cipher suite");
551 * Get the active cipher suites.
553 * In TLS 1.1, many weak or vulnerable cipher suites were obsoleted,
555 * negotiate these cipher suites in TLS 1.1 or later mode
666 BulkCipher cipher = cipherSuite.cipher; local
686 BulkCipher cipher = cipherSuite.cipher; local
1160 BulkCipher cipher = cipherSuite.cipher; local
[all...] |
| /external/boringssl/src/crypto/cipher/ |
| e_aes.c | 53 #include <openssl/cipher.h>
296 mode = ctx->cipher->flags & EVP_CIPH_MODE_MASK;
346 OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED);
370 size_t bl = ctx->cipher->block_size;
530 gctx->ivlen = c->cipher->iv_len;
836 mode = ctx->cipher->flags & EVP_CIPH_MODE_MASK;
855 OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_AES_KEY_SETUP_FAILED);
871 size_t bl = ctx->cipher->block_size;
[all...] |
