Lines Matching refs:point
57 * An object file compiled for the target platform defining the entry point functions specified by t…
79 …onstants referenced by the driver description. They may declare the entry point functions, but thi…
94 … element is the name of a [driver entry point](#driver-entry-points) or driver entry point family.…
98 …point names described by the `"entry_points"` property, to the name of the C function in the drive…
105 A driver is considered available for a cryptographic mechanism that invokes a given entry point if …
107 …y_points"` list either includes the entry point or includes an entry point family that includes th…
121 …point, algorithm, key type and key size, and all the capabilities map the entry point to the same …
123 If multiple transparent drivers have applicable capabilities for a given combination of entry point…
185 …point generally looks like the signature of the PSA Cryptography API that it implements, with some…
201 …milies that must be implemented as a whole. If a driver supports an entry point family, it must pr…
203 …ent and opaque drivers can have [entropy collection entry points](#entropy-collection-entry-point).
205 #### General considerations on driver entry point parameters
221 … `psa_hash_compare()`, the core calls the driver's `"hash_compute"` entry point and compares the r…
222 …ver's `"mac_verify"` entry point if there is one, otherwise the core calls an applicable driver's …
223 …point is mainly useful for drivers of secure elements that verify a MAC without revealing the corr…
230 …point if there is one, otherwise the core calls an applicable driver's `"hash_compute"` entry poin…
231 …point if there is one, otherwise the core calls an applicable driver's `"hash_compute"` entry poin…
243 … entry point for this operation family. If this fails, the core destroys the operation context obj…
245 …point fails, the core calls the driver's `xxx_abort` entry point for this operation family, then d…
246 1. If a “finish” entry point fails, the core destroys the operation context object without calling …
250 #### Multi-part operation entry point family `"hash_multipart"`
264 …_hash_verify()`, the core calls the driver's *prefix*`_hash_finish` entry point and compares the r…
266 …point family must define the following type and entry points (assuming that the capability does no…
322 …alls the secure element driver's [`"export_key"`](#key-management-with-opaque-drivers) entry point.
330 * `"key_derivation_setup"` (mandatory): always the first entry point to be called. This entry point…
331 …rwise ignored): provide an extra input for the key derivation. This entry point is only mandatory …
335 * `"key_derivation_abort"` (mandatory): always the last entry point to be called.
337 …_derivation"` entry point family with a capability that does not use the `"names"` property to dec…
399 …st be a pointer passed by the core to a key derivation driver setup entry point which has not retu…
403 …r the duration of the driver entry point. If the driver needs to access the key context after the …
416 A key derivation driver must implement the following entry point:
430 …point. The core calls this entry point for all the long inputs after calling `"acme_key_derivation…
445 …request that exceeds the operation's capacity. Such drivers must provide the following entry point:
451 `capacity` is guaranteed to be less or equal to any value previously set through this entry point, …
453 If this entry point has not been called, the operation has an unlimited capacity.
457 A key derivation driver must provide the following entry point:
478 The core calls a key derivation driver's output entry point when the application calls `psa_key_der…
484 …_derivation_output_key"` entry point, call that entry point. If the driver has no such entry point…
485 …1. If the driver's capabilities indicate that its `"import_key"` entry point does not support the …
489 1. If the driver has a `"key_derivation_verify_key"` entry point, call it and stop.
490 …1. Call the driver's `"export_key"` entry point on the key object that contains the expected value…
493 …1. If the driver has a `"key_derivation_verify_bytes"` entry point, call that entry point on the e…
497 …1. Call the `"key_derivation_output_bytes"` entry point. The core may call this entry point multip…
501 …ome key types, the core calls a transparent driver's `"derive_key"` entry point. See [“Transparent…
502 …e derived key is in a secure element, call that secure element driver's `"import_key"` entry point.
506 …point, except when deriving a key entirely inside a secure element as described in [“Key derivatio…
508 …ntains the following properties (this is not a subset of [the usual entry point properties](#capab…
514 * `"names"` (optional, object). A mapping from entry point names to C function and type names, as u…
530 …ay use to store data between successive calls of the `"derive_key"` entry point to derive the same…
534 This entry point may return the following statuses:
538 * `PSA_ERROR_INSUFFICIENT_DATA`: the core must call the `"derive_key"` entry point again with the s…
541 The core calls the `"derive_key"` entry point in a loop until it returns a status other than `PSA_E…
543 For standard key types, the `"derive_key"` entry point is called with a certain input length as fol…
556 …vate key is in a secure element that has a `"key_agreement_to_key"` entry point which is applicabl…
558 1. Call the `"key_agreement_to_key"` entry point to create a key object containing the shared secre…
559 2. Call the `"key_derivation_setup"` entry point, passing the resulting key object .
560 …st of the key derivation, up to and including the call to the `"key_derivation_abort"` entry point.
561 4. Call the `"destroy_key"` entry point to destroy the key containing the key object.
596 …"` or `"psa_pake_input"` is called for the first time `"pake_setup"` driver entry point is invoked.
602 - the core calls the `"pake_setup"` entry point of the secure element driver and subsequent entry p…
607 * `"pake_setup"` (mandatory): always the first entry point to be called. It is called when all inpu…
611 * `"pake_abort"` (mandatory): always the last entry point to be called.
613 …ents the PAKE entry point family with a capability that does not use the `"names"` property to dec…
665 …e first parameter `inputs` must be a pointer passed by the core to a PAKE driver setup entry point.
685 … "pake_setup" entry point returns. Opaque drivers must copy all relevant data from the key buffer …
775 …create key material through their [`"derive_key"`](#transparent-cooked-key-derivation) entry point.
780 * For the `"import_key"` entry point, the input in the `data` buffer is either the export format or…
782 …er with an `"allocate_key"` entry point, the content of the key data buffer on entry is the output…
783 * The `"import_key"` entry point must determine or validate the key size and set `*bits` as describ…
789 The `"import_key"` entry point must determine or validate the key size.
793 …point to process a call to `psa_import_key`, it passes an `attributes` structure such that `psa_ge…
795 … core sets `*bits` to `psa_get_key_bits(attributes)` before calling the `"import_key"` entry point.
797 …rn `PSA_ERROR_INVALID_ARGUMENT` if it does not match. If the driver entry point changes `*bits` to…
816 …s (`PSA_KEY_TYPE_ECC_PUBLIC_KEY`), check the size and range, and that the point is on the curve. T…
818 ### Entropy collection entry point
820 A driver can declare an entropy source by providing a `"get_entropy"` entry point. This entry point…
838 The entry point may return the following statuses:
844 Unlike most other entry points, if multiple transparent drivers include a `"get_entropy"` point, th…
849 …lag is clear, the core is not expecting to call the `"get_entropy"` entry point again within a sho…
865 …point in a capability with no algorithm, key type or key size. If so, the core calls this entry po…
867 …point, the order in which they are called is unspecified. It is also unspecified whether other dri…
871 The init entry point does not take any parameter.
907 This entry point has several roles:
909 …he driver must support the export format for the key types that the entry point is declared for. I…
912 …l#c.psa_export_public_key), so if the input is not in this format, the entry point must convert it.
919 …enerating random data, declare it as an [entropy driver](#entropy-collection-entry-point) instead.)
920 …ripheral can be declared as an [entropy source](#entropy-collection-entry-point) instead of a rand…
923 If no driver implements the random generation entry point family, the core provides an unspecified …
928 * `"init_random"` (entry point, optional): if this function is present, [the core calls it once](#r…
929 …point, optional): the core calls this function to [inject entropy](#entropy-injection). This entry…
930 …t_random"` (entry point, mandatory): the core calls this function whenever it needs to [obtain ran…
938 The `"init_random"` entry point has the following prototype for a driver with the prefix `"acme"`:
944 The core calls this entry point once after allocating a random generation context. Initially, the c…
946 If a driver does not have an `"init_random"` entry point, the context object passed to the first ca…
950 The `"add_entropy"` entry point has the following prototype for a driver with the prefix `"acme"`:
960 …ject has been initialized by a call to the driver's `"init_random"` entry point if one is present,…
962 …r random data, in which case the core will call the `"add_entropy"` entry point again to supply mo…
968 * Before the first call to the `"get_random"` entry point, to supply `"initial_entropy_size"` bytes…
969 * After a call to the `"get_random"` entry point returns less than the required amount of random da…
971 … supply it with one or more successive calls to the `"add_entropy"` entry point. If the required e…
975 …collection-entry-point) (each having a `"get_entropy"` entry point) with a random generation drive…
985 …capability to inject additional entropy through the `"add_entropy"` entry point. This ensures that…
987 …point. This limits the driver's portability: implementations of the PSA Cryptography specification…
992 #### The `"get_random"` entry point
994 The `"get_random"` entry point has the following prototype for a driver with the prefix `"acme"`:
1005 …d not call `"add_entropy"`, or if the driver has no `"add_entropy"` entry point, the core must hav…
1013 … core must supply additional entropy by calling the `"add_entropy"` entry point with at least `"re…
1022 If a transparent driver entry point is part of a capability which has a true `"fallback"` property …
1027 If a transparent driver entry point is part of a capability where the `"fallback"` property is fals…
1050 …, this overrides all other methods (including the `"size_function"` entry point) to determine the …
1090 …the public key to the key context and retrieve it on demand in its `export_public_key` entry point.
1101 …core to obtain the public key of a key pair. The core may call this entry point at any time to obt…
1115 …l store. A driver for such a secure element has no `"allocate_key"` or `"destroy_key"` entry point.
1117 …a key with an opaque driver which does not have an `"allocate_key"` or `"destroy_key"` entry point:
1120 2. The core calls the driver's import, generate, derive or copy entry point.
1142 When creating a persistent key with an opaque driver which has an `"allocate_key"` entry point:
1144 1. The core calls the driver's `"allocate_key"` entry point. This function typically allocates an i…
1148 1. The core calls the driver's key creation entry point.
1152 … the `"allocate_key"` step but before the call to the second driver entry point, the core will do …
1154 … in particular, if the device loses power immediately after the key allocation entry point returns.
1155 * Call the driver's `"destroy_key"` entry point.
1157 To destroy a key, the core calls the driver's `"destroy_key"` entry point.
1186 …point](#key-management-in-a-secure-element-with-storage), the core calls the `"allocate_key"` entr…
1217 The core loads the persistent state in memory before it calls the driver's [init entry point](#driv…
1229 …point. Once the entry point returns, the pointer is no longer valid. The core guarantees that call…
1231 …dating the persistent state in memory and before returning from the entry point, otherwise it is u…
1233 …point is running except when the entry point calls `psa_crypto_driver_commit_persistent_state`. It…
1235 …nt, the driver may only call these two functions from the thread that is executing the entry point.
1241 …point to retrieve the key data and metadata. The core calls this entry point when it needs to acce…
1253 …th which the platform is attempting to register the key. The driver entry point may choose to chan…
1257 …-storage). A driver may have built-in keys even if it doesn't have an `"allocate_key"` entry point.
1259 This entry point may return the following status values:
1266 …[`"destroy_key"`](#key-management-in-a-secure-element-with-storage) entry point if there is one. I…
1375 …point does not own memory after the entry point return. This is generally necessary because an API…
1402 Should the entry point be called for symmetric keys as well?
1408 …ng the bit-size of the key is part of the job of the `"import_key"` entry point. For standard key …
1424 …erive_key"` entry point, how does the core choose `input_length`? Doesn't the driver know better? …
1436 Should the input to the [`"add_entropy"` entry point](#entropy-injection) be a full-entropy buffer …