Lines Matching refs:key

5 As of Mbed TLS 3.6, an MVP for making the [PSA Crypto key management API](https://arm-software.gith…
10 …- Slot states are described in the [Key slot states](#key-slot-states) section. They guarantee saf…
11 …l mutex, as described in [Key store consistency and abstraction function](#key-store-consistency-a…
12 …destruction guarantees](#key-destruction-guarantees), with an implementation discussed in [Key des…
15 - Some multithreaded testing of the key management API has been added, this is outlined in [Testing…
25 * The [Current strategy](#current-strategy) section describes how thread-safety of key management a…
43 …onditions, deadlocks or livelocks when concurrently calling any set of PSA key management function…
49 When only considering key management functions: Mbed TLS 3.6 abides by the minimum expectation for …
53 …PSA 1.2 specification, Mbed TLS 3.6 abides by these when only considering [key management function…
60 >     - Any call where the same key identifier is a parameter to the call.
61 >     - Any call in a multi-part operation, where the same key identifier was used as a parameter t…
69 …currently which both attempt to create a new key with the same key identifier that is not already …
92 1. The key identifier does not exist. This is a functional requirement for persistent keys: any thr…
93 2. The resources from the key have been freed. This allows threads to create similar keys immediate…
95 …lled on a key that is in use, guarantee 2 may be violated. This is consistent with the PSA specifi…
97 … to enforce stronger requirements for key destruction, see [Long term key destruction requirements…
101 …an concurrently call entry points using the same key, there is also no protection from destroying …
115 …tiple threads each calling `psa_crypto_init` followed by a call to any PSA key management function…
119 … a key via a key management API call the key can be used by any thread. If multiple threads attemp…
121key can lead to some threads returning `PSA_ERROR_INSUFFICIENT_MEMORY` if the key is not currently…
144 …t.c` has two fields: `key_slots` is protected as described in [Key slots](#key-slots), `key_slots_…
155 Keys are stored internally in a global array of key slots known as the "key store", defined in `lib…
159 Each key slot has a state variable and a `registered_readers` counter. These two variables dictate …
161 There are four possible states for a key slot:
165 * `PSA_SLOT_FULL`: the slot contains a key, and any thread is able to use the key after registering…
166 * `PSA_SLOT_PENDING_DELETION`: the key within the slot has been destroyed or marked for destruction…
169 ![](key-slot-state-transitions.png)
176 The state of a key slot is updated via the internal function `psa_key_slot_state_transition`. To ch…
178 …`PSA_SLOT_EMPTY` is done via `psa_wipe_key_slot`, this function wipes the entirety of the key slot.
184 The key store is protected by a single global mutex `mbedtls_threading_key_slot_mutex`.
186 We maintain the consistency of the key store by ensuring that all reads and writes to `slot->state`…
188 A thread can only traverse the key store while holding `mbedtls_threading_key_slot_mutex`, the set …
194key store, any key not in this union does not currently exist as far as the code is concerned (eve…
204 To load a new key into a slot, the following internal utility functions are used:
206key store to find a slot whose state is `PSA_SLOT_EMPTY`. If found, it reserves the slot by settin…
208key have been loaded (again this loading is not done under the mutex), the thread calls `psa_finis…
209key creation stage, this clean-up function takes the mutex, wipes the slot, and releases the mutex…
213key slot array provided they are not currently being used (`registered_readers == 0`). When attemp…
215 If `psa_reserve_free_key_slot` cannot find a suitable slot, the key cannot be loaded back in. This …
219 One-shot operations follow a standard pattern when using an existing key:
221 * They call one of the `psa_get_and_lock_key_slot_X` functions, which then finds the key and regist…
222 …erate on the key slot, usually copying the key into a separate buffer to be used by the operation.…
225key is passed in, these functions follow the above pattern. The key is copied into the `operation`…
229key slot. The destroying thread registers to read the key, sets the slot's state to `PSA_SLOT_PEN…
231 …he door" approach. The final thread to unregister from reading a destroyed key will automatically …
243 …utex unlock within `psa_finish_key_creation`; it is at this point that the key becomes visible to …
244 … the slot is now in the state `PSA_SLOT_PENDING_DELETION` meaning that the key has been destroyed.…
246 …_get_and_lock_key_slot`, as that is the point in which it is decided whether or not the key exists.
247key input function is the final unlock of the mutex within `psa_get_and_lock_key_slot`. All other …
249 …have not yet tested whether they rely on unprotected global resources. The key slot access in thes…
265 …ocs/ThreadSanitizer.html) to detect data races. We test the key store, and test that our key slot …
267 …ernal key management functions in the same order - it is the internal functions that are in charge…
283 Key loading does somewhat run in parallel, deriving the key and copying it key into the slot is not…
296 …ations will each only hold the global mutex for finding the relevant key in the key slot, and unre…
300 ### Long term key destruction requirements
302key-destruction) mandates that implementations make a best effort to ensure that the key material …
304 Here are our long term key destruction goals:
308 1. The key identifier does not exist. This is a functional requirement for persistent keys: any thr…
309 2. The resources from the key have been freed. This allows threads to create similar keys immediate…
310 4. No copy of the key material exists. Rationale: this is a security requirement. We do not have th…
316 …able us to fulfil the final requirement in [Long term key destruction requirements](#long-term-key
324 …ations will need to remain registered as readers of their key slot until their copy of the key is …
325 …* The functionality where `psa_unregister_read` can wipe the key slot will need to be removed, slo…
341 * Even with a thread-safe driver, the core never starts the destruction of a key while there are op…