Man

Command Section
CRYPTO(7)          FreeBSD Miscellaneous Information Manual          CRYPTO(7)

NAME
     crypto - OpenCrypto algorithms

SYNOPSIS
     In the kernel configuration file:
     device crypto

     Or load the crypto.ko module.

DESCRIPTION
     The following cryptographic algorithms that are part of the OpenCrypto
     framework have the following requirements.

     Cipher algorithms:

     CRYPTO_AES_CBC
                               IV size:      16
                               Block size:   16
                               Key size:     16, 24 or 32

                         This algorithm implements Cipher-block chaining.

     CRYPTO_AES_NIST_GCM_16
                               IV size:      12
                               Block size:   1
                               Key size:     16, 24 or 32
                               Digest size:  16

                         This algorithm implements Galois/Counter Mode.  This
                         is the cipher part of an AEAD (Authenticated
                         Encryption with Associated Data) mode.  This requires
                         use of the use of a proper authentication mode, one
                         of CRYPTO_AES_128_NIST_GMAC, CRYPTO_AES_192_NIST_GMAC
                         or CRYPTO_AES_256_NIST_GMAC, that corresponds with
                         the number of bits in the key that you are using.

                         The associated data (if any) must be provided by the
                         authentication mode op.  The authentication tag will
                         be read/written from/to the offset crd_inject
                         specified in the descriptor for the authentication
                         mode.

                         Note: You must provide an IV on every call.

     CRYPTO_AES_ICM
                               IV size:      16
                               Block size:   1 (aesni), 16 (software)
                               Key size:     16, 24 or 32

                         This algorithm implements Integer Counter Mode.  This
                         is similar to what most people call counter mode, but
                         instead of the counter being split into a nonce and a
                         counter part, then entire nonce is used as the
                         initial counter.  This does mean that if a counter is
                         required that rolls over at 32 bits, the transaction
                         need to be split into two parts where the counter
                         rolls over.  The counter incremented as a 128-bit big
                         endian number.

                         Note: You must provide an IV on every call.

     CRYPTO_AES_XTS
                               IV size:      8
                               Block size:   16
                               Key size:     32 or 64

                         This algorithm implements XEX Tweakable Block Cipher
                         with Ciphertext Stealing as defined in NIST SP
                         800-38E.

                         NOTE: The ciphertext stealing part is not implemented
                         which is why this cipher is listed as having a block
                         size of 16 instead of 1.

     Authentication algorithms:

     CRYPTO_AES_128_NIST_GMAC      See CRYPTO_AES_NIST_GCM_16 in the cipher
                                   mode section.

     CRYPTO_AES_192_NIST_GMAC      See CRYPTO_AES_NIST_GCM_16 in the cipher
                                   mode section.

     CRYPTO_AES_256_NIST_GMAC      See CRYPTO_AES_NIST_GCM_16 in the cipher
                                   mode section.

SEE ALSO
     crypto(4), crypto(9)

BUGS
     Not all the implemented algorithms are listed.

FreeBSD 11.1-RELEASE-p4         January 2, 2015        FreeBSD 11.1-RELEASE-p4
Command Section