Lines Matching refs:key
28 * [Persistent transparent keys](#key-file-format-for-0.1.0) designated by a [slot number](#key-name…
35 We do not make any promises regarding key storage, or regarding the nonvolatile random seed file on…
39 …key is stored in a dedicated file whose name is constructed from the key identifier. The way in wh…
41 The valid values for a key identifier are the range from 1 to 0xfffeffff. This limitation on the ra…
53 The layout of a key file is:
60 * key material length (4 bytes)
61 * key material: output of `psa_export_key`
75 … 1 through 0xfffeffff: [content](#key-file-format-for-0.1.0) of the [key whose identifier is the f…
83 …time configuration value `CRYPTO_STORAGE_FILE_LOCATION` allows storing the key files in a director…
86 …ATION "psa_key_slot_%lu", key_id)` [content](#key-file-format-for-0.1.0) of the [key whose identif…
105 * [Persistent transparent keys](#key-file-format-for-1.0.0) designated by a [key identifier and own…
112 …key is stored in a dedicated file designated by the key identifier. In integrations where there is…
114 …ame is constructed from the key identifier depends on the storage backend. The content of the file…
116 * Library integration: the key file name is just the key identifier as defined in the PSA crypto sp…
117 * PSA service integration: the key file name is `(uint64_t)owner_uid << 32 | key_id` where `key_id`…
121 …t is identical to [0.1.0](#key-file-format-for-0.1.0) so far. However note that the encoding of ke…
139 …hrough 0xffffffffffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the f…
145 …is is a library integration, so there is no owner. The key file identifier is identical to the key…
148 … 1 through 0xfffeffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the f…
154 …is is a library integration, so there is no owner. The key file identifier is identical to the key…
164 …ames. This is annoyingly non-uniform. For example, if we want to store non-key files, we have room…
179 * [Some changes in the key file format](#key-file-format-for-1.1.0).
185 An undocumented build-time configuration value `PSA_ITS_STORAGE_PREFIX` allows storing the key file…
188 …key or non-key file. The `key_id` in the name is the 64-bit file identifier, which is the [key ide…
194 The key file format is identical to [1.0.0](#key-file-format-for-1.0.0), except for the following c…
197 * The encoding of key types, algorithms and key material has changed, therefore the storage format …
203 The layout of a key file is:
211 * key material length (4 bytes)
212 * key material: output of `psa_export_key`
225 * The layout of a key file now has a lifetime field before the type field.
226 * Key files can store references to keys in a secure element. In such key files, the key material c…
235 …for internal use of the crypto library or crypto service. See [non-key files](#non-key-files-on-tb…
236 …hrough 0xffffffffffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the f…
242 …is is a library integration, so there is no owner. The key file identifier is identical to the key…
245 … 1 through 0xfffeffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the f…
246 …for internal use of the crypto library or crypto service. See [non-key files](#non-key-files-on-tb…
249 ### Non-key files on TBD
262 The layout of a key file is:
271 * key material length (4 bytes).
272 * key material:
273 * For a transparent key: output of `psa_export_key`.
274 * For an opaque key (unified driver interface): driver-specific opaque key blob.
275 * For an opaque key (key in a secure element): slot number (8 bytes), in platform endianness.
284 All currently existing transactions concern a key in a secure element.
290 * lifetime (4 bytes): `psa_key_lifetime_t` value that corresponds to a key in a secure element.
291 * slot number (8 bytes): `psa_key_slot_number_t` value. This is the unique designation of the key f…
292 …key identifier (4 bytes in a library integration, 8 bytes on a PSA platform): the internal represe…
296 * 0x0001: key creation. The following locations may or may not contain data about the key that is b…
298 * The file containing the key metadata designated by the key identifier.
300 * 0x0002: key destruction. The following locations may or may not still contain data about the key …
302 * The file containing the key metadata designated by the key identifier.
321 The layout of a key file is:
331 * key material length (4 bytes).
332 * key material:
333 * For a transparent key: output of `psa_export_key`.
334 * For an opaque key (unified driver interface): driver-specific opaque key blob.
335 * For an opaque key (key in a secure element): slot number (8 bytes), in platform endianness.
357 * [Persistent keys](#key-file-format-for-mbed-tls-2.25.0) designated by a [key identifier and owner…
359 …rface with statically registered drivers. The driver determines the content of the opaque key blob.
360 …PSA_CRYPTO_SE_C`). The driver picks a slot number which is stored in the place of the key material.
374 …for internal use of the crypto library or crypto service. See [non-key files](#non-key-files-on-mb…
375 …h 0xffffffffffff: [content](#key-file-format-for-mbed-tls-2.25.0) of the [key whose identifier is …
381 …is is a library integration, so there is no owner. The key file identifier is identical to the key…
384 …rough 0xfffeffff: [content](#key-file-format-for-mbed-tls-2.25.0) of the [key whose identifier is …
385 …for internal use of the crypto library or crypto service. See [non-key files](#non-key-files-on-mb…
392 An undocumented build-time configuration value `PSA_ITS_STORAGE_PREFIX` allows storing the key file…
395 …key or non-key file. The `key_id` in the name is the 64-bit file identifier, which is the [key ide…
401 …key is stored in a dedicated file designated by the key identifier. In integrations where there is…
403 …ame is constructed from the key identifier depends on the storage backend. The content of the file…
405 * Library integration: the key file name is just the key identifier as defined in the PSA crypto sp…
406 * PSA service integration: the key file name is `(uint64_t)owner_uid << 32 | key_id` where `key_id`…
412 The layout of a key file is:
422 * key material length (4 bytes).
423 * key material:
424 * For a transparent key: output of `psa_export_key`.
425 * For an opaque key (unified driver interface): driver-specific opaque key blob.
426 …* For an opaque key (key in a dynamic secure element): slot number (8 bytes), in platform endianne…
429 ### Non-key files on Mbed TLS 2.25.0
431 File identifiers that are outside the range of persistent key identifiers are reserved for internal…
448 All currently existing transactions concern a key in a dynamic secure element.
454 * lifetime (4 bytes): `psa_key_lifetime_t` value that corresponds to a key in a secure element.
455 * slot number (8 bytes): `psa_key_slot_number_t` value. This is the unique designation of the key f…
456 …key identifier (4 bytes in a library integration, 8 bytes on a PSA platform): the internal represe…
460 * 0x0001: key creation. The following locations may or may not contain data about the key that is b…
462 * The file containing the key metadata designated by the key identifier.
464 * 0x0002: key destruction. The following locations may or may not still contain data about the key …
466 * The file containing the key metadata designated by the key identifier.