Home
last modified time | relevance | path

Searched refs:policy (Results 1 – 20 of 20) sorted by relevance

/mbedtls-3.5.0/library/
Dpsa_crypto_storage.c243 uint8_t policy[sizeof(psa_key_policy_t)]; member
262 MBEDTLS_PUT_UINT32_LE(attr->policy.usage, storage_format->policy, 0); in psa_format_key_data_for_storage()
263 MBEDTLS_PUT_UINT32_LE(attr->policy.alg, storage_format->policy, sizeof(uint32_t)); in psa_format_key_data_for_storage()
264 MBEDTLS_PUT_UINT32_LE(attr->policy.alg2, storage_format->policy, 2 * sizeof(uint32_t)); in psa_format_key_data_for_storage()
322 attr->policy.usage = MBEDTLS_GET_UINT32_LE(storage_format->policy, 0); in psa_parse_key_data_from_storage()
323 attr->policy.alg = MBEDTLS_GET_UINT32_LE(storage_format->policy, sizeof(uint32_t)); in psa_parse_key_data_from_storage()
324 attr->policy.alg2 = MBEDTLS_GET_UINT32_LE(storage_format->policy, 2 * sizeof(uint32_t)); in psa_parse_key_data_from_storage()
Dpsa_crypto.c871 static psa_status_t psa_key_policy_permits(const psa_key_policy_t *policy, in psa_key_policy_permits() argument
885 if (psa_key_algorithm_permits(key_type, policy->alg, alg) || in psa_key_policy_permits()
886 psa_key_algorithm_permits(key_type, policy->alg2, alg)) { in psa_key_policy_permits()
913 psa_key_policy_t *policy, in psa_restrict_key_policy() argument
917 psa_key_policy_algorithm_intersection(key_type, policy->alg, in psa_restrict_key_policy()
920 psa_key_policy_algorithm_intersection(key_type, policy->alg2, in psa_restrict_key_policy()
922 if (intersection_alg == 0 && policy->alg != 0 && constraint->alg != 0) { in psa_restrict_key_policy()
925 if (intersection_alg2 == 0 && policy->alg2 != 0 && constraint->alg2 != 0) { in psa_restrict_key_policy()
928 policy->usage &= constraint->usage; in psa_restrict_key_policy()
929 policy->alg = intersection_alg; in psa_restrict_key_policy()
[all …]
Dpsa_crypto_slot_management.c392 psa_extend_key_usage_flags(&(*p_slot)->attr.policy.usage); in psa_get_and_lock_key_slot()
/mbedtls-3.5.0/include/psa/
Dcrypto_struct.h336 psa_key_policy_t MBEDTLS_PRIVATE(policy);
429 attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) = usage_flags; in psa_set_key_usage_flags()
435 return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage); in psa_get_key_usage_flags()
441 attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg) = alg; in psa_set_key_algorithm()
447 return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg); in psa_get_key_algorithm()
Dcrypto_extra.h76 attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2) = alg2; in psa_set_key_enrollment_algorithm()
88 return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2); in psa_get_key_enrollment_algorithm()
/mbedtls-3.5.0/tests/suites/
Dtest_suite_psa_crypto.data355 PSA import/export AES key: policy forbids export
359 PSA import/export HMAC key: policy forbids export
363 PSA import/export RSA keypair: policy forbids export (crypt)
367 PSA import/export RSA keypair: policy forbids export (sign)
483 PSA import/export AES key: policy forbids export, opaque
487 PSA import/export HMAC key: policy forbids export, opaque
491 PSA import/export RSA keypair: policy forbids export (crypt), opaque
495 PSA import/export RSA keypair: policy forbids export (sign), opaque
611 PSA key policy: AES ECB
615 PSA key policy: AES CBC
[all …]
Dtest_suite_oid.data1 OID get Any Policy certificate policy
4 OID get certificate policy invalid oid
7 OID get certificate policy wrong oid - id-ce-authorityKeyIdentifier
Dtest_suite_psa_crypto_se_driver_hal_mocks.function372 TEST_ASSERT(mock_import_data.attributes.core.policy.usage ==
487 TEST_ASSERT(mock_generate_data.attributes.core.policy.usage ==
Dtest_suite_x509parse.function317 /* Handle unknown certificate policy */
346 * Get the policy sequence
362 * Recognize exclusively the policy with OID 1
381 * Skip the optional policy qualifiers.
Dtest_suite_x509parse.data157 X509 CRT information, RSA Certificate unsupported policy
161 X509 CRT information, ECDSA Certificate unsupported policy
1829 X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy invalid tag)
1833 X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy length missing)
1837 X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy length inv encoding)
1841 X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy length out of bounds)
1845 X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, empty policy)
1849 X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy invalid OID tag)
1853 X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy no OID length)
1857 X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy OID length inv encoding)
[all …]
Dtest_suite_psa_crypto_persistent_key.function34 uint8_t policy[sizeof(psa_key_policy_t)];
Dtest_suite_psa_crypto.function2169 * compatible with the policy and `payload_length_arg` is supposed to be
2171 * `exercise_alg` is supposed to be forbidden by the policy. */
2469 /* Test that the target slot has the expected content and policy. */
9758 /* Export the key if permitted by the key policy. */
9786 /* Export the key again if permitted by the key policy. */
/mbedtls-3.5.0/docs/architecture/
Dmbed-crypto-storage-specification.md56 * policy usage flags (4 bytes): `psa_key_usage_t` value
57 * policy usage algorithm (4 bytes): `psa_algorithm_t` value
194 * A new policy field, marked as [NEW:1.1.0] below.
206 * policy usage flags (4 bytes): `psa_key_usage_t` value
207 * policy usage algorithm (4 bytes): `psa_algorithm_t` value
208 * policy enrollment algorithm (4 bytes): `psa_algorithm_t` value [NEW:1.1.0]
266 * policy usage flags (4 bytes): `psa_key_usage_t` value.
267 * policy usage algorithm (4 bytes): `psa_algorithm_t` value.
268 * policy enrollment algorithm (4 bytes): `psa_algorithm_t` value.
326 * policy usage flags (4 bytes): `psa_key_usage_t` value.
[all …]
/mbedtls-3.5.0/
DCMakeLists.txt25 # https://cmake.org/cmake/help/latest/policy/CMP0011.html
26 # Setting this policy is required in CMake >= 3.18.0, otherwise a warning is generated. The OLD
27 # policy setting is deprecated, and will be removed in future versions.
29 # https://cmake.org/cmake/help/latest/policy/CMP0012.html
30 # Setting the CMP0012 policy to NEW is required for FindPython3 to work with CMake 3.18.2
31 # (there is a bug in this particular version), otherwise, setting the CMP0012 policy is required
32 # for CMake versions >= 3.18.3 otherwise a deprecated warning is generated. The OLD policy setting
DChangeLog760 This fixes a potential policy bypass or decryption oracle vulnerability
764 from the output buffer. This fixes a potential policy bypass or decryption
1333 * Implicitly add PSA_KEY_USAGE_SIGN_MESSAGE key usage policy flag when
1382 * In the PSA API, the policy for a MAC or AEAD algorithm can specify a
2182 * Add the Any Policy certificate policy oid, as defined in
2187 * Add the oid certificate policy x509 extension.
2197 RFC 5280 section 4.2.1.4. Currently, only the "Any Policy" policy is
/mbedtls-3.5.0/tests/data_files/
Dtest-ca.server1.opensslconf13 policy = policy_match
Dtest-ca.server1.future-crl.opensslconf13 policy = policy_match
Dtest-ca.server1.test_serial.opensslconf14 policy = policy_match
/mbedtls-3.5.0/tests/data_files/dir4/
DReadme1 This directory contains the certificates for the tests targeting the enforcement of the policy indi…
/mbedtls-3.5.0/docs/proposed/
Dpsa-driver-interface.md150 … macro that specifies a cryptographic algorithm or an algorithm wildcard policy defined by the PSA…
541 …ure that using it does not risk compromising B. This applies even if A's policy does not explicitl…