Lines Matching refs:not

6 …erence implementation of the PSA Cryptography API. At this stage, Arm does not expect major change…
35 …in cleartext; cryptoprocessors that can wrap keys with a built-in keys but not store user keys; an…
37not involve any platform-specific consideration. Driver calls are simple C function calls. Interac…
41 [Req.fallback] Accelerator drivers can specify that they do not fully support a cryptographic mecha…
43 …mechanisms they support. A driver's code will not be invoked for cryptographic mechanisms that it …
79 …river description. They may declare the entry point functions, but this is not required. They may …
82 * `"key_context"` (not permitted for transparent drivers, mandatory for opaque drivers): informatio…
83 * `"persistent_state_size"` (not permitted for transparent drivers, optional for opaque drivers, in…
84 * `"location"` (not permitted for transparent drivers, optional for opaque drivers, integer or stri…
98 …in the driver that implements the corresponding function. If a function is not listed here, name o…
99 * `"fallback"` (optional for transparent drivers, not permitted for opaque drivers, boolean). If pr…
109     * either the capability does not have an `"algorithms"` property;
113 …* or the key is opaque (its location is not `PSA_KEY_LOCATION_LOCAL_STORAGE`) and the driver is an…
115     * either the capability does not have a `"key_types"` property;
118     * either the capability does not have a `"key_sizes"` property;
129 …y declares that the driver can perform deterministic ECDSA signatures (but not signature verificat…
215 …tween input buffers, and between an input buffer and an output buffer, but not between two output …
223 …implement this entry point in addition to `"mac_compute"`, it is generally not useful because the …
248 If a driver implements a multi-part operation but not the corresponding single-part operation, the …
258 …herefore hash operation contexts must not contain any embedded pointers (except pointers to global…
266 …ine the following type and entry points (assuming that the capability does not use the `"names"` p…
312 … drivers are involved, they are not always independent: if the secret input is managed by an opaqu…
313 …s soon as the operation is set up (since `psa_key_derivation_setup()` does not determine the key i…
321 …Note that for all currently specified algorithms, the key type for the secret input does not matte…
334 …r “cooked”, i.e. non-raw-data key types; ignored for other opaque drivers; not permitted for trans…
337 …ents the `"key_derivation"` entry point family with a capability that does not use the `"names"` p…
399 …pointer passed by the core to a key derivation driver setup entry point which has not returned yet.
409 …step is valid for this particular algorithm, but it is not part of the initial inputs. This is not
410not compatible with this function or was omitted. Call `psa_crypto_driver_key_derivation_get_input…
411 …derivation_get_input_bytes` only): the output buffer is too small. This is not a fatal error and t…
425 * `alg` is the algorithm for the key derivation operation. It does not include a key agreement comp…
430 Some key derivation algorithms take long inputs which it would not be practical to pass in the [ini…
443not request output beyond the capacity of the operation, with one exception: opaque drivers that s…
451 …al to any value previously set through this entry point, and is guaranteed not to be `PSA_KEY_DERI…
453 If this entry point has not been called, the operation has an unlimited capacity.
485 …1. If the driver's capabilities indicate that its `"import_key"` entry point does not support the …
499 If the key derivation operation is not handled by an opaque driver as described above, the core cal…
508 A capability for cooked key derivation contains the following properties (this is not a subset of […
548 * Other key types: not applicable.
550 …tion”](#open-questions-around-cooked-key-derivation) for some points that may not be fully settled.
588 …in `"acme_key_agreement_to_key"`, the attributes for the shared secret are not placed near the beg…
592 …Core side is responsible for keeping inputs and core set-data functions do not have driver entry p…
613 …"` that implements the PAKE entry point family with a capability that does not use the `"names"` p…
666 Next parameters are return buffers (must not be null pointers).
670 * `PSA_ERROR_BAD_STATE`: the inputs are not ready
671 …iver_pake_get_password_key` only): the output buffer is too small. This is not a fatal error and t…
685 …vant data from the key buffer during the "pake_setup" entry point and must not store the pointer i…
739 The core checks that `input_length` is not greater than `PSA_PAKE_INPUT_SIZE(alg, prim, step)` and
791 …ttributes can be either a size specified by the caller of the API (who may not be trusted), or `0`…
797 …*bits` against the data and return `PSA_ERROR_INVALID_ARGUMENT` if it does not match. If the drive…
801 … work functionally and not to cause indirect security loss. Operation functions are supposed to re…
805not risk compromising B. This applies even if A's policy does not explicitly allow a problematic o…
806 …d material that is secured with this key. For example, RSA key import does not need to verify that…
836 …s not necessary because the entropy may be located anywhere in the buffer, so the driver may write…
844 …all of them (as well as the entry points from opaque drivers). Fallback is not applicable to `"get…
849 … `acme_get_entropy` after a short time. If this flag is clear, the core is not expecting to call t…
859 3. If the second round does not collect enough entropy, the core makes more similar rounds, until t…
871 The init entry point does not take any parameter.
892 Transparent drivers are not involved when exporting, copying or destroying keys, or when importing,…
912 …html/api/keys/management.html#c.psa_export_public_key), so if the input is not in this format, the…
934 Random generation is not parametrized by an algorithm. The choice of algorithm is up to the driver.
946 If a driver does not have an `"init_random"` entry point, the context object passed to the first ca…
971 …entropy"` entry point. If the required entropy size is zero, the core does not need to call `"add_…
985 …orm. A driver where a call to `"add_entropy"` does not affect the state of the random generator is…
1005 …if the driver's `"initial_entropy_size"` property is zero and the core did not call `"add_entropy"…
1006 …h` bytes of this buffer contain cryptographic-quality random data. The output is not used on error.
1008 …entropy as described below. The core sets this value to 0 on entry. The value is not used on error.
1014 * `PSA_ERROR_NOT_SUPPORTED`: the random generator is not available. This is only permitted if the d…
1027 …ility where the `"fallback"` property is false or omitted, the core should not include any other c…
1031 … to delegate cryptographic operations to a separate environment that might not allow exporting key…
1033 * Some cryptoprocessors do not have persistent storage for individual keys. The representation of a…
1040 …nly contain data that is meaningful after a reboot. In particular, it must not contain any pointer…
1049 …ter to function. This must be a C identifier; more complex expressions are not permitted. If the c…
1067 If the core does not support dynamic allocation for the key context or chooses not to use it, or if…
1080 * For a symmetric key (not a key pair or public key):
1090 If the key is stored in the secure element, but the secure element does not store the public part o…
1115 This section describes the key creation process for secure elements that do not store the key mater…
1117 When creating a key with an opaque driver which does not have an `"allocate_key"` or `"destroy_key"…
1144 …element and stores the identifier in the key context. This function should not modify the state of…
1159not rely solely on the key identifier in the key attributes to identify a key. Some implementation…
1162 …unter and store the current value in the key context. Destroying a key does not change the counter.
1233 The core will not update the persistent state in storage while an entry point is running except whe…
1239 Opaque drivers may declare built-in keys. Built-in keys can be accessed, but not created, through t…
1263 * `PSA_ERROR_DOES_NOT_EXIST`: the requested key does not exist.
1266 …e-element-with-storage) entry point if there is one. If built-in keys must not be destroyed, it is…
1332 This choice is partly driven by the use of the values, so they might not be uniform. Note that if t…
1375 …driver entry point does not own memory after the entry point return. This is generally necessary b…
1383 * A processor that performs the RSA exponentiation, but not the padding. The driver should be able …
1406 …educes driver portability, since a core that accepts a custom format would not work with a driver …
1418 `psa_crypto_driver_get_persistent_state` does not identify the calling driver, so the driver needs …
1422 `"derive_key"` is not a clear name. Can we use a better one?
1438 …tra parameter to indicate the amount of entropy in the data. The core must not do any conditioning.
1450 … for reproducibility, it can't use this interface anyway, since the RNG is not necessarily determi…