FIPS\-140\-2 (full) in projects: OK3568_Linux_fs

Project(s)

Full Search
Definition
Symbol
File Path
History
Type

Searched +full:fips +full:- +full:140 +full:- +full:2 (Results 1 – 25 of 36) sorted by relevance

/OK3568_Linux_fs/kernel/crypto/
H A D	fips140-module.c	1 // SPDX-License-Identifier: GPL-2.0-only 8 * built-in implementations of these algorithms with its implementations. It 9 * also runs self-tests on these algorithms and verifies the integrity of its 13 * FIPS 140 and NIAP FPT_TST_EXT.1 requirements. It shouldn't be used if you 29 #include "fips140-module.h" 33 * FIPS 140-2 prefers the use of HMAC with a public key over a plain hash. 64 * All algorithms that will be declared as FIPS-approved in the module 65 * certification must be listed here, to ensure that the non-FIPS-approved 70 * well as any architecture-specific implementations. This is needed to avoid 73 * module doesn't have a C implementation of it (and it won't be FIPS-approved). [all …]
H A D	Kconfig	1 # SPDX-License-Identifier: GPL-2.0 27 bool "FIPS 200 compliance" 31 This option enables the fips boot option which is 32 required if you want the system to operate in a FIPS 200 37 # The module still needs to be built and loaded if you need FIPS 140 compliance. 43 bool "Enable FIPS 140 cryptographic module" 48 At load time, this module overrides the built-in implementations of 49 these algorithms with its implementations. It also runs self-tests on 54 meet FIPS 140 and NIAP FPT_TST_EXT.1 requirements. It shouldn't be 58 bool "Enable evaluation testing features in FIPS 140 module" [all …]
H A D	fips140-selftests.c	1 // SPDX-License-Identifier: GPL-2.0-only 8 * Self-tests of fips140.ko cryptographic functionality. These are run at 9 * module load time to fulfill FIPS 140 and NIAP FPT_TST_EXT.1 requirements. 11 * The actual requirements for these self-tests are somewhat vague, but 12 * section 9 ("Self-Tests") of the FIPS 140-2 Implementation Guidance document 13 …tps://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/fips140-… 14 * is somewhat helpful. Basically, all implementations of all FIPS approved 17 * - There are provisions for skipping tests that are already sufficiently 18 * covered by other tests. E.g., HMAC-SHA256 may cover SHA-256. 20 * - Only one test vector is required per algorithm, and it can be generated [all …]
H A D	Makefile	`1 # SPDX-License-Identifier: GPL-2.0 6 obj-$(CONFIG_CRYPTO) += crypto.o 7 crypto-y := api.o cipher.o compress.o 9 obj-$(CONFIG_CRYPTO_ENGINE) += crypto_engine.o 10 obj-$(CONFIG_CRYPTO_FIPS) += fips.o 12 crypto_algapi-$(CONFIG_PROC_FS) += proc.o 13 crypto_algapi-y := algapi.o scatterwalk.o $(crypto_algapi-y) 14 obj-$(CONFIG_CRYPTO_ALGAPI2) += crypto_algapi.o 16 obj-$(CONFIG_CRYPTO_AEAD2) += aead.o 17 obj-$(CONFIG_CRYPTO_AEAD2) += geniv.o [all …]`
H A D	jitterentropy.c	2 * Non-physical true random number generator based on timing jitter -- 5 * Copyright Stephan Mueller <smueller@chronox.de>, 2015 - 2020 21 * 2. Redistributions in binary form must reproduce the above copyright 32 * the restrictions contained in a BSD-style copyright.) 54 … be compiled with optimizations. See documentation. Use the compiler switch -O0 for compiling jitt… 90 /* Adaptive Proportion Test for a significance level of 2^-30 / 91 #define JENT_APT_CUTOFF 325 / Taken from SP800-90B sec 4.4.2 / 95 #define JENT_APT_WORD_MASK (JENT_APT_LSB - 1) 105 #define JENT_DISABLE_MEMORY_ACCESS (1<<2) / Disable memory access for more 109 /* -- error codes for init function -- */ [all …]
H A D	fips140_gen_hmac.c	1 // SPDX-License-Identifier: GPL-2.0-only 3 * Copyright (C) 2021 - Google LLC 13 * key rather than as a symmetric key signature is mandated by FIPS 140-2. 52 return -1; in get_section_idx() 62 return -1; in get_sym_idx() 80 * - the associated entry in the symbol table needs to refer to the in update_rela_ref() 82 * - the 'count' global variable in the module need to be set to the in update_rela_ref() 122 HMAC_Update(hmac, start_addr, end_addr - start_addr); in hmac_section() 135 if (argc < 2) { in main() 158 shdr = (void *)ehdr + ehdr->e_shoff; in main() [all …]
H A D	drbg.c	3 * Based on NIST Recommended DRBG from NIST SP800-90A with the following 5 * * CTR DRBG with DF with AES-128, AES-192, AES-256 cores 6 * * Hash DRBG with DF with SHA-1, SHA-256, SHA-384, SHA-512 cores 7 * * HMAC DRBG with DF with SHA-1, SHA-256, SHA-384, SHA-512 cores 18 * 2. Redistributions in binary form must reproduce the above copyright 29 * the restrictions contained in a BSD-style copyright.) 46 * The SP 800-90A DRBG allows the user to specify a personalization string 52 * --------------------------------- 63 * ------------------------------------------------------- 68 * char personalization[11] = "some-string"; [all …]
/OK3568_Linux_fs/kernel/Documentation/devicetree/bindings/rng/
H A D	silex-insight,ba431-rng.yaml	`1 # SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) 3 --- 4 $id: http://devicetree.org/schemas/rng/silex-insight,ba431-rng.yaml# 5 $schema: http://devicetree.org/meta-schemas/core.yaml# 10 The BA431 hardware random number generator is an IP that is FIPS-140-2/3 14 - Olivier Sobrie <olivier.sobrie@silexinsight.com> 18 const: silex-insight,ba431-rng 24 - compatible 25 - reg 30 - \| [all …]`
/OK3568_Linux_fs/kernel/include/crypto/
H A D	drbg.h	2 * DRBG based on NIST SP800-90A 12 * 2. Redistributions in binary form must reproduce the above copyright 23 * the restrictions contained in a BSD-style copyright.) 52 #include <linux/fips.h> 60 * SP800-90A requires the concatenation of different data. To avoid copying 76 string->buf = buf; in drbg_string_fill() 77 string->len = len; in drbg_string_fill() 78 INIT_LIST_HEAD(&string->list); in drbg_string_fill() 121 /* Number of RNG requests since last reseed -- 10.1.1.1 1c) / 139 unsigned char prev; /* FIPS 140-2 continuous test value */ [all …]
/OK3568_Linux_fs/external/security/rk_tee_user/v2/host/openssl/include/openssl/
H A D	rsa.h	2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 9 * This library is free for commercial and non-commercial use as long as 28 * 2. Redistributions in binary form must reproduce the above copyright 36 * being used are not cryptographic related :-). 124 * If this callback is NULL, the builtin software RSA key-gen will be 140 /* functional reference if 'meth' is ENGINE-provided / 205 new with 0.9.6j and 0.9.7b; the built-in 212 * new with 0.9.8f; the built-in RSA 226 * new with 0.9.7h; the built-in RSA 237 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \ [all …]
H A D	evp.h	2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 9 * This library is free for commercial and non-commercial use as long as 28 * 2. Redistributions in binary form must reproduce the above copyright 36 * being used are not cryptographic related :-). 78 /- 126 Type needs to be a bit field Sub-type needs to be for variations on the 178 int ctx_size; /* how big does the ctx->md_data need to be / 222 / Note if suitable for use in FIPS mode / 271 ENGINE-provided / 286 # define EVP_MD_CTX_FLAG_REUSE 0x0004/ Don't free up ctx->md_data [all …]
/OK3568_Linux_fs/kernel/arch/s390/crypto/
H A D	prng.c	1 // SPDX-License-Identifier: GPL-2.0 13 #include <linux/fips.h> 38 #define PRNG_MODE_SHA512 2 42 MODULE_PARM_DESC(prng_mode, "PRNG mode: 0 - auto, 1 - TDES, 2 - SHA512"); 68 * of course, in a state of sin. -- John von Neumann 74 #define PRNG_SELFTEST_FAILED 2 120 * the random bytes given back is assumed to have at least 50% - meaning 121 * a 64 bytes buffer has at least 64 * 8 / 2 = 256 bits of entropy. 128 * here we use the lower 4 bytes and exor the values into 2k of bufferspace. 131 * get_random_bytes(), so this function consumes 2k of urandom for each [all …]
/OK3568_Linux_fs/external/security/rk_tee_user/v1/export-user_ta/host_include/openssl/
H A D	ec_key.h	3 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. 12 * 2. Redistributions in binary form must reproduce the above copyright 25 * openssl-core@openssl.org. 82 // ec_key.h contains functions that handle elliptic-curve points that are 141 // bitwise-OR of \|EC_PKEY_\| values. 145 // bitwise-OR of \|EC_PKEY_\| values. 162 // EC_KEY_check_fips performs a signing pairwise consistency test (FIPS 140-2 163 // 4.9.2). It returns one if it passes and zero otherwise. 181 // additional checks for FIPS compliance. 187 // EC_KEY_parse_private_key parses a DER-encoded ECPrivateKey structure (RFC [all …]
H A D	rsa.h	1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 8 * This library is free for commercial and non-commercial use as long as 27 * 2. Redistributions in binary form must reproduce the above copyright 35 * being used are not cryptographic related :-). 92 // RSA_get0_key sets \|out_n\|, \|out_e\|, and \|out_d\|, if non-NULL, to \|rsa\|'s 98 // RSA_get0_factors sets \|out_p\| and \|*out_q\|, if non-NULL, to \|rsa\|'s prime 104 // non-NULL, to \|rsa\|'s CRT parameters. These are d (mod p-1), d (mod q-1) and 105 // q^-1 (mod p), respectively. If \|rsa\| is a public key, each parameter will be 112 // \|n\|, \|e\|, and \|d\| respectively, if non-NULL. On success, it takes ownership 115 // \|d\| may be NULL, but \|n\| and \|e\| must either be non-NULL or already [all …]
/OK3568_Linux_fs/external/security/rk_tee_user/v1/export-user_ta/include/openssl/
H A D	ec_key.h	3 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. 12 * 2. Redistributions in binary form must reproduce the above copyright 25 * openssl-core@openssl.org. 82 // ec_key.h contains functions that handle elliptic-curve points that are 141 // bitwise-OR of \|EC_PKEY_\| values. 145 // bitwise-OR of \|EC_PKEY_\| values. 162 // EC_KEY_check_fips performs a signing pairwise consistency test (FIPS 140-2 163 // 4.9.2). It returns one if it passes and zero otherwise. 181 // additional checks for FIPS compliance. 187 // EC_KEY_parse_private_key parses a DER-encoded ECPrivateKey structure (RFC [all …]
H A D	rsa.h	1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 8 * This library is free for commercial and non-commercial use as long as 27 * 2. Redistributions in binary form must reproduce the above copyright 35 * being used are not cryptographic related :-). 92 // RSA_get0_key sets \|out_n\|, \|out_e\|, and \|out_d\|, if non-NULL, to \|rsa\|'s 98 // RSA_get0_factors sets \|out_p\| and \|*out_q\|, if non-NULL, to \|rsa\|'s prime 104 // non-NULL, to \|rsa\|'s CRT parameters. These are d (mod p-1), d (mod q-1) and 105 // q^-1 (mod p), respectively. If \|rsa\| is a public key, each parameter will be 112 // \|n\|, \|e\|, and \|d\| respectively, if non-NULL. On success, it takes ownership 115 // \|d\| may be NULL, but \|n\| and \|e\| must either be non-NULL or already [all …]
/OK3568_Linux_fs/external/security/rk_tee_user/v2/export-ta_arm64/host_include/openssl/
H A D	ec_key.h	3 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. 12 * 2. Redistributions in binary form must reproduce the above copyright 25 * openssl-core@openssl.org. 82 // ec_key.h contains functions that handle elliptic-curve points that are 89 // be used concurrently on multiple threads by non-mutating functions, provided 91 // documented, functions which take a \|const\| pointer are non-mutating and 92 // functions which take a non-\|const\| pointer are mutating. 112 // not mutate \|key\| for thread-safety purposes and may be used concurrently. 149 // bitwise-OR of \|EC_PKEY_\| values. 153 // bitwise-OR of \|EC_PKEY_\| values. [all …]
H A D	rsa.h	1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 8 * This library is free for commercial and non-commercial use as long as 27 * 2. Redistributions in binary form must reproduce the above copyright 35 * being used are not cryptographic related :-). 77 // used concurrently on multiple threads by non-mutating functions, provided no 79 // documented, functions which take a \|const\| pointer are non-mutating and 80 // functions which take a non-\|const\| pointer are mutating. 93 // not mutate \|rsa\| for thread-safety purposes and may be used concurrently. 120 // RSA_get0_dmp1 returns d (mod p-1) for \|rsa\|. If \|rsa\| is a public key or 124 // RSA_get0_dmq1 returns d (mod q-1) for \|rsa\|. If \|rsa\| is a public key or [all …]
/OK3568_Linux_fs/external/security/rk_tee_user/v2/export-ta_arm32/host_include/openssl/
H A D	ec_key.h	3 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. 12 * 2. Redistributions in binary form must reproduce the above copyright 25 * openssl-core@openssl.org. 82 // ec_key.h contains functions that handle elliptic-curve points that are 89 // be used concurrently on multiple threads by non-mutating functions, provided 91 // documented, functions which take a \|const\| pointer are non-mutating and 92 // functions which take a non-\|const\| pointer are mutating. 112 // not mutate \|key\| for thread-safety purposes and may be used concurrently. 149 // bitwise-OR of \|EC_PKEY_\| values. 153 // bitwise-OR of \|EC_PKEY_\| values. [all …]
H A D	rsa.h	1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 8 * This library is free for commercial and non-commercial use as long as 27 * 2. Redistributions in binary form must reproduce the above copyright 35 * being used are not cryptographic related :-). 77 // used concurrently on multiple threads by non-mutating functions, provided no 79 // documented, functions which take a \|const\| pointer are non-mutating and 80 // functions which take a non-\|const\| pointer are mutating. 93 // not mutate \|rsa\| for thread-safety purposes and may be used concurrently. 120 // RSA_get0_dmp1 returns d (mod p-1) for \|rsa\|. If \|rsa\| is a public key or 124 // RSA_get0_dmq1 returns d (mod q-1) for \|rsa\|. If \|rsa\| is a public key or [all …]
/OK3568_Linux_fs/external/security/rk_tee_user/v2/export-ta_arm32/include/openssl/
H A D	ec_key.h	3 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. 12 * 2. Redistributions in binary form must reproduce the above copyright 25 * openssl-core@openssl.org. 82 // ec_key.h contains functions that handle elliptic-curve points that are 89 // be used concurrently on multiple threads by non-mutating functions, provided 91 // documented, functions which take a \|const\| pointer are non-mutating and 92 // functions which take a non-\|const\| pointer are mutating. 112 // not mutate \|key\| for thread-safety purposes and may be used concurrently. 149 // bitwise-OR of \|EC_PKEY_\| values. 153 // bitwise-OR of \|EC_PKEY_\| values. [all …]
H A D	rsa.h	1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 8 * This library is free for commercial and non-commercial use as long as 27 * 2. Redistributions in binary form must reproduce the above copyright 35 * being used are not cryptographic related :-). 77 // used concurrently on multiple threads by non-mutating functions, provided no 79 // documented, functions which take a \|const\| pointer are non-mutating and 80 // functions which take a non-\|const\| pointer are mutating. 93 // not mutate \|rsa\| for thread-safety purposes and may be used concurrently. 120 // RSA_get0_dmp1 returns d (mod p-1) for \|rsa\|. If \|rsa\| is a public key or 124 // RSA_get0_dmq1 returns d (mod q-1) for \|rsa\|. If \|rsa\| is a public key or [all …]
/OK3568_Linux_fs/external/security/rk_tee_user/v2/export-ta_arm64/include/openssl/
H A D	ec_key.h	3 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. 12 * 2. Redistributions in binary form must reproduce the above copyright 25 * openssl-core@openssl.org. 82 // ec_key.h contains functions that handle elliptic-curve points that are 89 // be used concurrently on multiple threads by non-mutating functions, provided 91 // documented, functions which take a \|const\| pointer are non-mutating and 92 // functions which take a non-\|const\| pointer are mutating. 112 // not mutate \|key\| for thread-safety purposes and may be used concurrently. 149 // bitwise-OR of \|EC_PKEY_\| values. 153 // bitwise-OR of \|EC_PKEY_\| values. [all …]
H A D	rsa.h	1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 8 * This library is free for commercial and non-commercial use as long as 27 * 2. Redistributions in binary form must reproduce the above copyright 35 * being used are not cryptographic related :-). 77 // used concurrently on multiple threads by non-mutating functions, provided no 79 // documented, functions which take a \|const\| pointer are non-mutating and 80 // functions which take a non-\|const\| pointer are mutating. 93 // not mutate \|rsa\| for thread-safety purposes and may be used concurrently. 120 // RSA_get0_dmp1 returns d (mod p-1) for \|rsa\|. If \|rsa\| is a public key or 124 // RSA_get0_dmq1 returns d (mod q-1) for \|rsa\|. If \|rsa\| is a public key or [all …]
/OK3568_Linux_fs/external/security/librkcrypto/test/c_mode/
H A D	des_core.c	2 * FIPS-46-3 compliant Triple-DES implementation 4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved 5 * SPDX-License-Identifier: Apache-2.0 11 * http://www.apache.org/licenses/LICENSE-2.0 25 * http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf 42 volatile unsigned char p = (unsigned char)v; while( n-- ) p++ = 0; in mbedtls_zeroize() 46 32-bit integer manipulation macros (big endian) 53 \| ( (uint32_t) (b)[(i) + 2] << 8 ) \ 63 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ 69 * Expanded DES S-boxes [all …]