/openbsd/libexec/login_token/ |
H A D | token.c | 125 h2cb(tr.secret, &cb); in tokenchallenge() 192 explicit_bzero(&tokenrec.secret, sizeof(tokenrec.secret)); in tokenverify() 257 TOKEN_CBlock secret; in tokenuserinit() local 263 memset(&secret, 0, sizeof(secret)); in tokenuserinit() 270 tokenseed(&secret); in tokenuserinit() 274 DES_fixup_key_parity(&secret.cb); in tokenuserinit() 289 cb2h(secret, tokenrec.secret); in tokenuserinit() 307 explicit_bzero(&secret, sizeof(secret)); in tokenuserinit() 313 username, secret.cb[0], secret.cb[1], secret.cb[2], secret.cb[3], in tokenuserinit() 314 secret.cb[4], secret.cb[5], secret.cb[6], secret.cb[7]); in tokenuserinit() [all …]
|
/openbsd/lib/libfido2/src/ |
H A D | ecdh.c | 27 HKDF(key, SHA256_DIGEST_LENGTH, md, secret->ptr, secret->len, salt, in hkdf_sha256() 45 if (secret->len > INT_MAX || strlen(info) > INT_MAX) { in hkdf_sha256() 58 EVP_PKEY_CTX_set1_hkdf_key(ctx, secret->ptr, (int)secret->len) < 1 || in hkdf_sha256() 90 SHA256(secret->ptr, secret->len, key->ptr) != key->ptr) { in kdf() 99 hkdf_sha256(key->ptr, hmac_info, secret) < 0 || in kdf() 101 secret) < 0) { in kdf() 121 fido_blob_t *secret = NULL; in do_ecdh() local 125 if ((secret = fido_blob_new()) == NULL || in do_ecdh() 140 (secret->ptr = calloc(1, secret->len)) == NULL || in do_ecdh() 141 EVP_PKEY_derive(ctx, secret->ptr, &secret->len) <= 0) { in do_ecdh() [all …]
|
H A D | aes256.c | 65 aes256_cbc_fips(const fido_blob_t *secret, const fido_blob_t *in, in aes256_cbc_fips() argument 73 if (secret->len != 64) { in aes256_cbc_fips() 75 secret->len); in aes256_cbc_fips() 93 key.ptr = secret->ptr + 32; in aes256_cbc_fips() 94 key.len = secret->len - 32; in aes256_cbc_fips() 188 aes256_cbc_enc(const fido_dev_t *dev, const fido_blob_t *secret, in aes256_cbc_enc() argument 191 return fido_dev_get_pin_protocol(dev) == 2 ? aes256_cbc_fips(secret, in aes256_cbc_enc() 192 in, out, 1) : aes256_cbc_proto1(secret, in, out, 1); in aes256_cbc_enc() 196 aes256_cbc_dec(const fido_dev_t *dev, const fido_blob_t *secret, in aes256_cbc_dec() argument 199 return fido_dev_get_pin_protocol(dev) == 2 ? aes256_cbc_fips(secret, in aes256_cbc_dec() [all …]
|
/openbsd/lib/libradius/ |
H A D | radius_mppe.c | 48 size_t slen = strlen(secret); in radius_encrypt_mppe_key_attr() 71 MD5_Update(&ctx, secret, slen); in radius_encrypt_mppe_key_attr() 89 size_t slen = strlen(secret); in radius_decrypt_mppe_key_attr() 106 MD5_Update(&ctx, secret, slen); in radius_decrypt_mppe_key_attr() 160 size_t * len, const char *secret) in radius_get_mppe_send_key_attr() argument 163 buf, len, secret)); in radius_get_mppe_send_key_attr() 168 size_t len, const char *secret) in radius_put_mppe_send_key_attr() argument 171 buf, len, secret)); in radius_put_mppe_send_key_attr() 179 buf, len, secret)); in radius_get_mppe_recv_key_attr() 184 size_t len, const char *secret) in radius_put_mppe_recv_key_attr() argument [all …]
|
H A D | radius_userpass.c | 40 const char *plain, const void *ra, const char *secret) in radius_encrypt_user_password_attr() argument 43 size_t slen = strlen(secret); in radius_encrypt_user_password_attr() 57 MD5_Update(&ctx, secret, slen); in radius_encrypt_user_password_attr() 73 size_t clen, const void *ra, const char *secret) in radius_decrypt_user_password_attr() argument 75 size_t slen = strlen(secret); in radius_decrypt_user_password_attr() 91 MD5_Update(&ctx, secret, slen); in radius_decrypt_user_password_attr() 117 size_t len, const char *secret) in radius_get_user_password_attr() argument 126 radius_get_authenticator_retval(packet), secret) != 0) in radius_get_user_password_attr() 134 const char *secret) in radius_put_user_password_attr() argument 140 radius_get_authenticator_retval(packet), secret) != 0) in radius_put_user_password_attr()
|
H A D | radius_msgauth.c | 45 radius_calc_message_authenticator(RADIUS_PACKET * packet, const char *secret, in radius_calc_message_authenticator() argument 60 if (!HMAC_Init_ex(ctx, secret, strlen(secret), EVP_md5(), NULL)) in radius_calc_message_authenticator() 106 radius_put_message_authenticator(RADIUS_PACKET * packet, const char *secret) in radius_put_message_authenticator() argument 119 return (radius_set_message_authenticator(packet, secret)); in radius_put_message_authenticator() 123 radius_set_message_authenticator(RADIUS_PACKET * packet, const char *secret) in radius_set_message_authenticator() argument 127 if (radius_calc_message_authenticator(packet, secret, ma) != 0) in radius_set_message_authenticator() 135 radius_check_message_authenticator(RADIUS_PACKET * packet, const char *secret) in radius_check_message_authenticator() argument 141 if (radius_calc_message_authenticator(packet, secret, ma0) != 0) in radius_check_message_authenticator()
|
H A D | radius.c | 235 const char *secret) in radius_calc_authenticator() argument 245 MD5_Update(&ctx, (unsigned char *)secret, strlen(secret)); in radius_calc_authenticator() 251 const RADIUS_PACKET * packet, const char *secret) in radius_calc_response_authenticator() argument 259 const char *secret) in radius_check_response_authenticator() argument 269 const char *secret) in radius_set_response_authenticator() argument 272 packet, secret); in radius_set_response_authenticator() 283 packet, zero, secret); in radius_calc_accounting_request_authenticator() 288 const char *secret) in radius_set_accounting_request_authenticator() argument 291 packet->pdata->authenticator, packet, secret); in radius_set_accounting_request_authenticator() 296 const char *secret) in radius_check_accounting_request_authenticator() argument [all …]
|
H A D | radius_eapmsk.c | 38 const char *secret) in radius_get_eap_msk() argument 49 if (radius_get_mppe_recv_key_attr(packet, buf0, &len0, secret) == 0 && in radius_get_eap_msk() 50 radius_get_mppe_send_key_attr(packet, buf1, &len1, secret) == 0) { in radius_get_eap_msk()
|
/openbsd/sys/crypto/ |
H A D | curve25519.h | 28 const uint8_t secret[CURVE25519_KEY_SIZE]); 31 curve25519_clamp_secret(uint8_t secret[CURVE25519_KEY_SIZE]) in curve25519_clamp_secret() 33 secret[0] &= 248; in curve25519_clamp_secret() 34 secret[31] = (secret[31] & 127) | 64; in curve25519_clamp_secret() 38 curve25519_generate_secret(uint8_t secret[CURVE25519_KEY_SIZE]) in curve25519_generate_secret() 40 arc4random_buf(secret, CURVE25519_KEY_SIZE); in curve25519_generate_secret() 41 curve25519_clamp_secret(secret); in curve25519_generate_secret()
|
/openbsd/lib/libssl/ |
H A D | tls13_key_schedule.c | 28 tls13_secret_init(struct tls13_secret *secret, size_t len) in tls13_secret_init() argument 30 if (secret->data != NULL) in tls13_secret_init() 33 if ((secret->data = calloc(1, len)) == NULL) in tls13_secret_init() 35 secret->len = len; in tls13_secret_init() 41 tls13_secret_cleanup(struct tls13_secret *secret) in tls13_secret_cleanup() argument 43 freezero(secret->data, secret->len); in tls13_secret_cleanup() 44 secret->data = NULL; in tls13_secret_cleanup() 45 secret->len = 0; in tls13_secret_cleanup() 160 const struct tls13_secret *secret, const char *label, in tls13_hkdf_expand_label() argument 200 secret->len, hkdf_label, hkdf_label_len); in tls13_hkdf_expand_label_with_length() [all …]
|
/openbsd/regress/lib/libc/explicit_bzero/ |
H A D | explicit_bzero.c | 41 static const char secret[16] = { variable 48 SECRETBYTES = SECRETCOUNT * sizeof(secret) 132 ASSERT_EQ(sizeof(secret), write(fds[1], secret, sizeof(secret))); in populate_secret() 145 if (memcmp(buf + i * sizeof(secret), secret, in count_secrets() 146 sizeof(secret)) == 0) in count_secrets()
|
/openbsd/usr.sbin/tokeninit/ |
H A D | tokeninit.c | 66 unsigned char secret[9]; in main() local 152 explicit_bzero(secret, sizeof(secret)); in main() 153 if (parse_secret(hexformat, seed, secret)) { in main() 160 switch (tokenuserinit(cmd, *argv, secret, modes)) { in main() 190 parse_secret(int hexformat, char *seed, unsigned char *secret) in parse_secret() argument 207 secret[i] = tmp[i] & 0xff; in parse_secret()
|
/openbsd/usr.sbin/pppd/ |
H A D | auth.c | 651 char secret[MAXWORDLEN]; local 679 || (secret[0] != 0 && (cryptpap || strcmp(passwd, secret) != 0) 680 && strcmp(crypt(passwd, secret), secret) != 0)) { 722 EXPLICIT_BZERO(secret, sizeof(secret)); 813 char secret[MAXWORDLEN]; local 828 EXPLICIT_BZERO(secret, sizeof(secret)); 867 EXPLICIT_BZERO(secret, sizeof(secret)); 945 char *secret; 1159 char *secret; 1244 if (secret != NULL) [all …]
|
/openbsd/usr.sbin/unbound/util/ |
H A D | edns.c | 135 edns_cookie_server_hash(const uint8_t* in, const uint8_t* secret, int v4, in edns_cookie_server_hash() argument 138 v4?siphash(in, 20, secret, hash, 8):siphash(in, 32, secret, hash, 8); in edns_cookie_server_hash() 143 edns_cookie_server_write(uint8_t* buf, const uint8_t* secret, int v4, in edns_cookie_server_write() argument 152 (void)edns_cookie_server_hash(buf, secret, v4, hash); in edns_cookie_server_write() 158 const uint8_t* secret, size_t secret_len, int v4, in edns_cookie_server_validate() argument 180 if(memcmp(edns_cookie_server_hash(hash_input, secret, v4, hash), in edns_cookie_server_validate()
|
H A D | edns.h | 127 uint8_t* edns_cookie_server_hash(const uint8_t* in, const uint8_t* secret, 148 void edns_cookie_server_write(uint8_t* buf, const uint8_t* secret, int v4, 165 size_t cookie_len, const uint8_t* secret, size_t secret_len, int v4,
|
/openbsd/sbin/unwind/libunbound/util/ |
H A D | edns.c | 135 edns_cookie_server_hash(const uint8_t* in, const uint8_t* secret, int v4, in edns_cookie_server_hash() argument 138 v4?siphash(in, 20, secret, hash, 8):siphash(in, 32, secret, hash, 8); in edns_cookie_server_hash() 143 edns_cookie_server_write(uint8_t* buf, const uint8_t* secret, int v4, in edns_cookie_server_write() argument 152 (void)edns_cookie_server_hash(buf, secret, v4, hash); in edns_cookie_server_write() 158 const uint8_t* secret, size_t secret_len, int v4, in edns_cookie_server_validate() argument 180 if(memcmp(edns_cookie_server_hash(hash_input, secret, v4, hash), in edns_cookie_server_validate()
|
H A D | edns.h | 127 uint8_t* edns_cookie_server_hash(const uint8_t* in, const uint8_t* secret, 148 void edns_cookie_server_write(uint8_t* buf, const uint8_t* secret, int v4, 165 size_t cookie_len, const uint8_t* secret, size_t secret_len, int v4,
|
/openbsd/libexec/login_radius/ |
H A D | raddauth.c | 523 char *host, *secret, buffer[PATH_MAX]; in getsecret() local 534 secret = NULL; /* Keeps gcc happy */ in getsecret() 548 memcpy(secret, host, len); in getsecret() 550 host = secret; in getsecret() 561 secret = host; in getsecret() 562 while (*secret && !isspace((unsigned char)*secret)) in getsecret() 563 ++secret; in getsecret() 564 if (*secret) in getsecret() 565 *secret++ = '\0'; in getsecret() 571 ++secret; in getsecret() [all …]
|
/openbsd/sbin/iked/ |
H A D | dh.c | 71 uint8_t secret[CURVE25519_SIZE]; member 89 uint8_t secret[crypto_kem_sntrup761_SECRETKEYBYTES]; member 495 ret = DH_compute_key(secret, ex, group->dh); in modp_create_shared() 502 bcopy(secret, secret + (len - ret), ret); in modp_create_shared() 503 bzero(secret, len - ret); in modp_create_shared() 590 ret = ec_point2raw(group, secretp, secret, ec_secretlen(group), in ec_create_shared() 729 arc4random_buf(curve25519->secret, CURVE25519_SIZE); in ec25519_init() 731 curve25519->secret, basepoint); in ec25519_init() 797 crypto_kem_sntrup761_keypair(kemsx->public, kemsx->secret); in kemsx_create_exchange2() 860 crypto_kem_sntrup761_dec(kemsx->kemkey, cp, kemsx->secret); in kemsx_create_shared2() [all …]
|
/openbsd/usr.sbin/radiusctl/ |
H A D | radiusctl.c | 166 res->secret); in radius_test() 234 radius_put_message_authenticator(reqpkt, res->secret); in radius_test() 254 radius_dump(stdout, reqpkt, false, res->secret); in radius_test() 264 explicit_bzero((char *)res->secret, strlen(res->secret)); in radius_test() 324 radius_dump(stdout, respkt, true, test->res->secret); in radius_test_recv() 344 radius_dump(FILE *out, RADIUS_PACKET *pkt, bool resp, const char *secret) in radius_dump() argument 356 if (resp && secret) { in radius_dump() 358 (radius_check_response_authenticator(pkt, secret) == 0) in radius_dump() 363 : (radius_check_message_authenticator(pkt, secret) == 0) in radius_dump() 371 if (secret && in radius_dump() [all …]
|
/openbsd/etc/examples/ |
H A D | radiusd.conf | 7 secret "secret" 13 secret "secret" 20 module set radius secret "testing123"
|
/openbsd/usr.sbin/npppd/npppd/ |
H A D | radius_req.c | 66 char secret[MAX_RADIUS_SECRET]; member 243 memcpy(lap->secret, setting->server[setting->curr_server].secret, in radius_prepare_socket() 244 sizeof(lap->secret)); in radius_prepare_socket() 332 memset(lap->secret, 0x41, sizeof(lap->secret)); in radius_cancel_request() 346 return lap->secret; in radius_get_server_secret() 442 } else if (lap->secret[0] == '\0') { in radius_request_io_event() 448 lap->secret)) in radius_request_io_event() 452 else if (radius_check_message_authenticator(respkt, lap->secret) == 0) in radius_request_io_event()
|
/openbsd/usr.sbin/radiusd/ |
H A D | radiusd.c | 325 explicit_bzero(client->secret, sizeof(client->secret)); in radiusd_free() 627 q->client->secret) != 0) { in radiusd_access_request_answer() 635 q->client->secret) != 0) { in radiusd_access_request_answer() 854 MD5Update(&md5ctx, secret, strlen(secret)); in radius_attr_hide() 879 MD5Update(&md5ctx, secret, strlen(secret)); in radius_attr_unhide() 1048 if (module->secret != NULL) { in radiusd_module_stop() 1049 freezero(module->secret, strlen(module->secret)); in radiusd_module_stop() 1050 module->secret = NULL; in radiusd_module_stop() 1190 if (module->secret == NULL) in radiusd_module_imsg() 1226 q->client->secret); in radiusd_module_imsg() [all …]
|
/openbsd/lib/libcrypto/hkdf/ |
H A D | hkdf.c | 32 const uint8_t *secret, size_t secret_len, const uint8_t *salt, in HKDF() argument 38 if (!HKDF_extract(prk, &prk_len, digest, secret, secret_len, salt, in HKDF() 52 const EVP_MD *digest, const uint8_t *secret, size_t secret_len, in HKDF_extract() argument 61 if (HMAC(digest, salt, salt_len, secret, secret_len, out_key, &len) == in HKDF_extract()
|
/openbsd/lib/libcrypto/ecdh/ |
H A D | ecdh.c | 229 unsigned char *secret = NULL; in ECDH_compute_key() local 243 if (!eckey->meth->compute_key(&secret, &secret_len, pub_key, eckey)) in ECDH_compute_key() 248 if (KDF(secret, secret_len, out, &out_len) == NULL) { in ECDH_compute_key() 259 memcpy(out, secret, out_len); in ECDH_compute_key() 270 freezero(secret, secret_len); in ECDH_compute_key()
|