/mbedtls-latest/include/psa/ |
D | crypto_extra.h | 960 psa_algorithm_t algorithm); 1729 psa_algorithm_t algorithm; member 1739 return cipher_suite->algorithm; in psa_pake_cs_get_algorithm() 1744 psa_algorithm_t algorithm) in psa_pake_cs_set_algorithm() argument 1746 if (!PSA_ALG_IS_PAKE(algorithm)) { in psa_pake_cs_set_algorithm() 1747 cipher_suite->algorithm = 0; in psa_pake_cs_set_algorithm() 1749 cipher_suite->algorithm = algorithm; in psa_pake_cs_set_algorithm()
|
D | crypto_se_driver.h | 176 psa_algorithm_t algorithm); 382 psa_algorithm_t algorithm, 481 psa_algorithm_t algorithm, 726 psa_algorithm_t algorithm, 768 psa_algorithm_t algorithm,
|
/mbedtls-latest/docs/architecture/psa-migration/ |
D | psa-legacy-bridges.md | 92 …ontrivial data format. Therefore the only gap is with metadata, namely specifying a hash algorithm. 127 …there is no algorithm that can be used with multiple types, and PSA keys have a policy that (for t… 139 * Simultaneously supporting **a key type and an algorithm**. 141 …is made at compile time. For RSA, the choice of encryption or signature algorithm is made either b… 143 …_key_type_t` value and an algorithm which is normally encoded as policy information in a `psa_key_… 190 … ECDSA specifically, or do we provide conversion functions that take an algorithm as argument and … 192 …onvert between the PSA and the pk signature format, parametrized by the algorithm. However, it is … 244 …n crucial ways, with different splits between key type, policy information and operation algorithm. 251 …algorithm. “Same key material” is straightforward, but “same algorithm” is not, because a PK conte… 256 …algorithm, which as discussed above cannot be fully deduced from the `mbedtls_pk_context` object. … [all …]
|
D | psa-limitations.md | 96 the hash algorithm potentially used to hash the message being signed: 97 - a hash algorithm used for the encoding function 99 - most commonly MGF1, which in turn is parametrized by a hash algorithm 135 - algorithm specification: 141 - salt length: either <= hashlen (see note), or any depending on algorithm 165 - encoding hash = message hashing algorithm (may differ from MGF1 hash) 190 algorithm identifiers (for SHA-256, SHA-384 and SHA-512), depending of what 196 - the length of the salt MUST be equal to the length of the digest algorithm
|
D | md-cipher-dispatch.md | 220 * How to decide whether a specific algorithm or key type is supported (eventually based on `MBEDTLS… 227 * Some parameter indicating which algorithm to use. 242 …which hash algorithm to use based on a parameter of type `mbedtls_md_type_t`. (More generally, all… 266 …` is not enabled, but xxx is enabled through PSA, then a request to use algorithm xxx through some… 269 …algorithm is available through the legacy domain, only through the PSA domain. What does this mean… 281 * A legacy hash interface is available and the hash algorithm is implemented in software. 282 * PSA crypto is enabled and the hash algorithm is implemented via PSA. 297 … `psa_crypto_init()` has been called, without having to inspect the specifics of algorithm support. 304 Requirements: given a hash algorithm, 417 …tls_md_info_t *` because this arises when you try to use an unsupported algorithm (`mbedtls_md_inf… [all …]
|
D | strategy.md | 116 algorithm-agnostic APIs for a class of algorithms: 255 management (getting a size for a given algorithm, etc.) 256 3. Adapt compile-time guards used to query availability of a given algorithm; 319 particular algorithm is supported: using `MBEDTLS_xxx` macros, and using 327 if it is, the code want the algorithm available in PSA, otherwise, it wants it 330 As much as possible, we're trying to create for each algorithm a single new 443 It should be easy to provide the user with a bunch of `#define`s for algorithm
|
/mbedtls-latest/docs/ |
D | driver-only-builds.md | 34 means the algorithm will be available in the PSA Crypto API. 60 - finite-field Diffie-Hellman: FFDH algorithm, DH key types. 98 a hash algorithm that is provided only by a driver, as mentioned in [General 101 If you want to check at compile-time whether a certain hash algorithm is 114 - HMAC algorithm and key type, i.e. `[PSA_WANT|MBEDTLS_PSA_ACCEL]_ALG_HMAC` and 116 - Required hash algorithm(s) as explained in [Hashes](#hashes) section. 174 - and support for DH key types and the FFDH algorithm is either disabled or 250 that can be used with this algorithm are also declared as accelerated. 276 The same holds for the associated algorithm: 314 algorithm/mode you can: [all …]
|
D | psa-transition.md | 36 …er to know how large an output buffer needs to be based on the selected algorithm, whereas in the … 84 …can use `PSA_HASH_LENGTH(hash_alg)` where `hash_alg` is a specific hash algorithm, or `PSA_HASH_MA… 267 …l PSA APIs have algorithm agility, where the functions depend only on the nature of the operation … 278 The algorithm encodes the mode and if relevant the padding type: 289 …. If you need them, handle the padding in your application code and use the `NO_PADDING` algorithm. 300 …algorithm value `PSA_ALG_yyy`, the symbol `PSA_WANT_ALG_yyy` is defined with a non-zero value if t… 324 …on key type values (`psa_key_type_t`, `PSA_KEY_TYPE_xxx` constants) and algorithm values (`psa_alg… 350 …utes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98) to set the algorithm to the desired `… 364 2. Establish the operation parameters (algorithm, key, mode) with `mbedtls_cipher_setup`, `mbedtls_… 377 2. Select the key and algorithm with [`psa_cipher_encrypt_setup`](https://mbed-tls.readthedocs.io/p… [all …]
|
/mbedtls-latest/tests/suites/ |
D | test_suite_psa_crypto_se_driver_hal_mocks.function | 565 psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256); 591 psa_set_key_algorithm(&attributes, algorithm); 598 TEST_ASSERT(psa_sign_hash(id, algorithm, 626 psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256); 651 psa_set_key_algorithm(&attributes, algorithm); 658 TEST_ASSERT(psa_verify_hash(id, algorithm,
|
D | test_suite_psa_crypto_entropy.data | 5 # implementation of the algorithm that uses randomization, whether it's 6 # because the algorithm is randomized or because our implementation uses
|
D | test_suite_psa_crypto_metadata.function | 14 /* Flags for algorithm classification macros. There is a flag for every 15 * algorithm classification macro PSA_ALG_IS_xxx except for the 326 /* Check that calling PSA_ALG_TRUNCATED_MAC on an algorithm 357 /* Check that calling PSA_ALG_AT_LEAST_THIS_LENGTH_MAC on an algorithm 451 /* Check that calling PSA_ALG_AEAD_WITH_SHORTENED_TAG on an algorithm 485 * algorithm earlier constructed with PSA_ALG_AEAD_WITH_SHORTENED_TAG
|
D | test_suite_psa_crypto_op_fail.misc.data | 6 PSA hash: invalid algorithm
|
D | test_suite_psa_crypto.data | 836 PSA key policy: MAC, wrong algorithm 892 PSA key policy: HMAC, sign-verify, min-length policy, unmatched base alg (different algorithm) 896 PSA key policy: HMAC, sign-verify, min-length policy used as algorithm 916 PSA key policy: cipher, wrong algorithm 940 PSA key policy: AEAD, wrong algorithm 1000 PSA key policy: AEAD, min-length policy used as algorithm 1020 PSA key policy: asymmetric encryption, wrong algorithm (v1.5/OAEP) 1024 PSA key policy: asymmetric encryption, wrong algorithm (OAEP with different hash) 1104 PSA key policy: asymmetric signature, wrong hash algorithm 1152 PSA key policy: msg asymmetric signature, wrong hash algorithm [all …]
|
D | test_suite_psa_crypto_generate_key.function | 21 // key lifetime, usage flags, algorithm are irrelevant for this test
|
D | test_suite_psa_crypto_storage_format.function | 87 /* Mbed TLS doesn't support certain combinations of key type and algorithm 113 /* Verification only. Verification doesn't use the hash algorithm. */
|
D | test_suite_pk.data | 1105 # key's algorithm policy. Just this time, test with a few different algorithms. 1427 PSA import into PSA: opaque RSA, COPY|EXPORT, different algorithm (ok) 1431 PSA import into PSA: opaque RSA, COPY, different algorithm (bad) 1435 PSA import into PSA: opaque RSA, EXPORT, different algorithm (ok) 1496 PSA import into PSA: opaque ECC, COPY|EXPORT, different algorithm (ok) 1500 PSA import into PSA: opaque ECC, COPY, different algorithm (bad) 1504 PSA import into PSA: opaque ECC, EXPORT, different algorithm (ok) 1594 # The key's algorithm only allows ECDH, but pk_copy_from_psa() ignores this information 1600 # The key's algorithm is absolutely wrong for an EC key, but pk_copy_from_psa() 1658 # Key's algorithm is wrong for an RSA key, but pk_copy_from_psa() accepts
|
/mbedtls-latest/library/ |
D | ssl_tls13_generic.c | 231 uint16_t algorithm; in ssl_tls13_parse_certificate_verify() local 251 algorithm = MBEDTLS_GET_UINT16_BE(p, 0); in ssl_tls13_parse_certificate_verify() 270 if (!mbedtls_ssl_sig_alg_is_offered(ssl, algorithm)) { in ssl_tls13_parse_certificate_verify() 274 (unsigned int) algorithm)); in ssl_tls13_parse_certificate_verify() 279 algorithm, &sig_alg, &md_alg) != 0) { in ssl_tls13_parse_certificate_verify() 289 (unsigned int) algorithm)); in ssl_tls13_parse_certificate_verify()
|
D | psa_crypto_pake.c | 221 operation->alg = cipher_suite.algorithm; in mbedtls_psa_pake_setup() 224 if (cipher_suite.algorithm == PSA_ALG_JPAKE) { in mbedtls_psa_pake_setup()
|
D | psa_crypto_invasive.h | 73 psa_algorithm_t algorithm,
|
/mbedtls-latest/docs/architecture/ |
D | psa-crypto-implementation-structure.md | 77 Summary of files to modify when adding a new algorithm or key type: 115 Constants (algorithm identifiers, key type identifiers, etc.) and associated destructor macros (e.g… 119 …_xxx`), DH group families (`PSA_DH_FAMILY_xxx`). If Mbed TLS defines an algorithm or a key type th… 146 …ementing a new algorithm or key type, there are typically things to change in `library/crypto.c` (… 159 * Attempt to perform an operation with a combination of key type and algorithm that is not valid or… 162 When adding a new key type or algorithm:
|
D | mbed-crypto-storage-specification.md | 59 * policy usage algorithm (4 bytes): `psa_algorithm_t` value 209 * policy usage algorithm (4 bytes): `psa_algorithm_t` value 210 * policy enrollment algorithm (4 bytes): `psa_algorithm_t` value [NEW:1.1.0] 269 * policy usage algorithm (4 bytes): `psa_algorithm_t` value. 270 * policy enrollment algorithm (4 bytes): `psa_algorithm_t` value. 329 * policy usage algorithm (4 bytes): `psa_algorithm_t` value. 330 * policy enrollment algorithm (4 bytes): `psa_algorithm_t` value. 420 * policy usage algorithm (4 bytes): `psa_algorithm_t` value. 421 * policy enrollment algorithm (4 bytes): `psa_algorithm_t` value.
|
/mbedtls-latest/docs/proposed/ |
D | psa-conditional-inclusion-c.md | 110 …A_ALG_xxx`, the symbol **`PSA_WANT_ALG_xxx`** indicates that support for this algorithm is desired. 185 An entry point can be eliminated entirely if no algorithm requires it. 205 …algorithm, include a capability with that algorithm, the key types that apply to that algorithm, n… 231 …mandate a compile-time error if a key type is required, but no matching algorithm, or vice versa? … 237 This is especially relevant to suppress a mechanism completely if there is no matching algorithm. F…
|
D | psa-driver-interface.md | 24 … is available for a particular combination of parameters (cryptographic algorithm, key type and si… 95 …orithms"` (optional, list of strings). Each element is an [algorithm specification](#algorithm-spe… 108 * If the mechanism involves an algorithm: 110 …`"algorithms"` property includes an [algorithm specification](#algorithm-specifications) that matc… 116 …property includes a [key type specification](#key-type-specifications) that matches this algorithm. 121 …algorithm, key type and key size, and all the capabilities map the entry point to the same functio… 123 …rs have applicable capabilities for a given combination of entry point, algorithm, key type and ke… 129 …nistic ECDSA signatures (but not signature verification) using any hash algorithm and any curve th… 152 …algorithm specification is a string consisting of a `PSA_ALG_xxx` macro that specifies a cryptogra… 166 An algorithm specification is a string consisting of a `PSA_KEY_TYPE_xxx` macro that specifies a ke… [all …]
|
/mbedtls-latest/programs/psa/ |
D | key_ladder_demo.sh | 11 wrap some data using an AEAD algorithm.
|
/mbedtls-latest/ |
D | BRANCHES.md | 45 cryptographic algorithm does not break code that does not use that 46 algorithm).
|