Lines Matching refs:not
3 Currently, PSA Crypto API calls in Mbed TLS releases are not thread-safe.
5 …mplementations which only ever call PSA functions from a single thread are not affected by this ne…
19 …PSA Crypto API are planned to be made thread-safe in future, but currently we are not testing this.
45 We do not test or support calling other PSA API functions concurrently.
59 > * A call to `psa_destroy_key()` must not overlap with a concurrent call to any of the following f…
63 > * Concurrent calls must not use the same operation object.
67 …not apply to errors that arise from resource failures or limitations. For example, errors resultin…
69 …hich both attempt to create a new key with the same key identifier that is not already in the key …
72 > * Both calls can fail with error codes that are not `PSA_ERROR_ALREADY_EXISTS`.
78 …ns from a single thread, or which protect all PSA calls using a mutex, are not affected by this ne…
90 Much like all other API calls, `psa_destroy_key` does not block indefinitely, and when `psa_destroy…
92 1. The key identifier does not exist. This is a functional requirement for persistent keys: any thr…
107 …while holding `mbedtls_threading_psa_rngdata_mutex`. `mbedtls_psa_random_free` is not thread-safe).
121 …not arise in sequential execution. For example, multiple threads attempting to load the same persi…
143 …lobaldata_mutex`. The RNG fields within this struct are not protected by this mutex, and are not a…
150 …ust hold mutexes for as short a time as possible. In particular, they must not start expensive ope…
166 …red_readers > 0`). No thread can register to read this slot. The slot must not be wiped until the …
176 …`new_state` is not `PSA_SLOT_EMPTY`, one must call `psa_key_slot_state_transition(slot, expected_s…
194 …not currently loaded into slots is our abstraction function for the key store, any key not in this…
198 … operation fails after a different failure has been identified, the status code is not overwritten.
206 …ng its state to `PSA_SLOT_FILLING`. If not found, it will see if there are any persistent keys loa…
207 …ot`, if a slot has been found then the slot id is set. This second step is not done under the mute…
208 …loading is not done under the mutex), the thread calls `psa_finish_key_creation`. This function ta…
213 …not currently being used (`registered_readers == 0`). When attempting to use a persistent key that…
222 …g the key into a separate buffer to be used by the operation. This step is not performed under the…
225 …sters from reading the key (the operations do not access the key slots again). The copy of the key…
229 …ypto.c`. The destroying thread (the thread calling `psa_destroy_key`) does not always wipe the key…
239 …not returned. In a set of concurrent calls, it is permitted for a call c to fail with a `PSA_ERROR…
246 …_get_and_lock_key_slot`, as that is the point in which it is decided whether or not the key exists.
249 …at one shot operations and multi-part operations are not yet considered thread-safe, as we have no…
257 …est_increment_step` calls within threads can happen in any order, thus may not produce the desired…
261 Our testing is a work in progress. It is not feasible to run our traditional, single-threaded, test…
267 Currently, not every API call is tested, we also cannot feasibly test every combination of concurre…
269 Since we do not run every cryptographic operation concurrently, we do not test that operations are …
283 Key loading does somewhat run in parallel, deriving the key and copying it key into the slot is not…
296 Our plan for cryptographic operations is that they are not performed under any global mutex. One-sh…
306 `psa_destroy_key` does not block indefinitely, and when `psa_destroy_key` returns:
308 1. The key identifier does not exist. This is a functional requirement for persistent keys: any thr…
310 4. No copy of the key material exists. Rationale: this is a security requirement. We do not have th…
329 Currently, we rely on the crypto service to ensure that the same operation is not invoked concurren…
331 …ending on the compiler and the platform, the pointer assignment may or may not be atomic). This vi…
352 1. Non-thread-safe drivers must not call the core.
355 …e APIs that drivers can call. Drivers providing entry points to these must not make a call to the …
363 To make re-entrancy in non-thread-safe drivers work, thread-safe drivers must not make a call to th…
367 Thread-safe drivers must not make any assumption about the operation of the core beyond what is dis…