/mbedtls-latest/docs/architecture/ |
D | psa-keystore-design.md | 1 PSA key store design 6 This document describes the architecture of the key storage in memory in the Mbed TLS and TF-PSA-Cr… 8 …ess key materials via a key identifier (key ID for short). Applications must first create a key ob… 14 ### Key store and key slots 16 …key store** consists of a collection of **key slots**. Each key slot contains the metadata for one… 18 A key slot has the type `psa_key_slot_t`. The key store is a global object which is private inside … 22 The following operations allocate a key slot by calling `psa_reserve_free_key_slot()`: 24 …key object, through means such as import, random generation, deterministic derivation, copy, or re… 25 …key from storage, or loading a built-in key. This is done through `psa_get_and_lock_key_slot()`, w… 27 The following operations free a key slot by calling `psa_wipe_key_slot()` and, if applicable, `psa_… [all …]
|
D | mbed-crypto-storage-specification.md | 28 * [Persistent transparent keys](#key-file-format-for-0.1.0) designated by a [slot number](#key-name… 35 We do not make any promises regarding key storage, or regarding the nonvolatile random seed file on… 39 …key is stored in a dedicated file whose name is constructed from the key identifier. The way in wh… 41 The valid values for a key identifier are the range from 1 to 0xfffeffff. This limitation on the ra… 53 The layout of a key file is: 60 * key material length (4 bytes) 61 * key material: output of `psa_export_key` 75 … 1 through 0xfffeffff: [content](#key-file-format-for-0.1.0) of the [key whose identifier is the f… 83 …time configuration value `CRYPTO_STORAGE_FILE_LOCATION` allows storing the key files in a director… 86 …ATION "psa_key_slot_%lu", key_id)` [content](#key-file-format-for-0.1.0) of the [key whose identif… [all …]
|
D | psa-storage-resilience.md | 5 …key store. It is possible to create a persistent key and read it back later. This must work even i… 19 …key creation function in the PSA Crypto API reports to the application that a key has been created… 34 …key, all key management operations (creation or destruction) on persistent keys rely on a single c… 38 * [Key management for stateful secure element keys](#designing-key-management-for-secure-element-ke… 44 ## Designing key management for secure element keys 46 …key” to mean a key stored in a stateful secure element, i.e. a secure element that stores keys. Th… 50 **Assumption: driver calls for key management in stateful secure elements are atomic and committing… 56 For a secure element key, key management requires a commitment on both sites. For example, consider… 58 1. The core sends a request to the secure element to create a key. 59 2. The secure element modifies its key store to create the key. [all …]
|
/mbedtls-latest/library/ |
D | ssl_ticket.c | 69 mbedtls_ssl_ticket_key *key = ctx->keys + index; in ssl_ticket_gen_key() local 76 key->generation_time = mbedtls_time(NULL); in ssl_ticket_gen_key() 81 key->lifetime = ctx->ticket_lifetime; in ssl_ticket_gen_key() 83 if ((ret = ctx->f_rng(ctx->p_rng, key->name, sizeof(key->name))) != 0) { in ssl_ticket_gen_key() 94 psa_set_key_algorithm(&attributes, key->alg); in ssl_ticket_gen_key() 95 psa_set_key_type(&attributes, key->key_type); in ssl_ticket_gen_key() 96 psa_set_key_bits(&attributes, key->key_bits); in ssl_ticket_gen_key() 100 PSA_BITS_TO_BYTES(key->key_bits), in ssl_ticket_gen_key() 101 &key->key)); in ssl_ticket_gen_key() 104 ret = mbedtls_cipher_setkey(&key->ctx, buf, in ssl_ticket_gen_key() [all …]
|
D | des.c | 312 void mbedtls_des_key_set_parity(unsigned char key[MBEDTLS_DES_KEY_SIZE]) in mbedtls_des_key_set_parity() 317 key[i] = odd_parity_table[key[i] / 2]; in mbedtls_des_key_set_parity() 324 int mbedtls_des_key_check_key_parity(const unsigned char key[MBEDTLS_DES_KEY_SIZE]) in mbedtls_des_key_check_key_parity() 329 if (key[i] != odd_parity_table[key[i] / 2]) { in mbedtls_des_key_check_key_parity() 381 int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]) in mbedtls_des_key_check_weak() 386 if (memcmp(weak_key_table[i], key, MBEDTLS_DES_KEY_SIZE) == 0) { in mbedtls_des_key_check_weak() 395 void mbedtls_des_setkey(uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KEY_SIZE]) in mbedtls_des_setkey() 400 X = MBEDTLS_GET_UINT32_BE(key, 0); in mbedtls_des_setkey() 401 Y = MBEDTLS_GET_UINT32_BE(key, 4); in mbedtls_des_setkey() 464 int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]) in mbedtls_des_setkey_enc() [all …]
|
D | pkwrite.c | 420 const mbedtls_pk_context *key) in mbedtls_pk_write_pubkey() argument 426 if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) { in mbedtls_pk_write_pubkey() 427 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_rsa_write_pubkey(mbedtls_pk_rsa(*key), start, p)); in mbedtls_pk_write_pubkey() 431 if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) { in mbedtls_pk_write_pubkey() 432 MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_pubkey(p, start, key)); in mbedtls_pk_write_pubkey() 436 if (mbedtls_pk_get_type(key) == MBEDTLS_PK_OPAQUE) { in mbedtls_pk_write_pubkey() 437 MBEDTLS_ASN1_CHK_ADD(len, pk_write_opaque_pubkey(p, start, key)); in mbedtls_pk_write_pubkey() 445 int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *key, unsigned char *buf, size_t size) in mbedtls_pk_write_pubkey_der() argument 460 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_pk_write_pubkey(&c, buf, key)); in mbedtls_pk_write_pubkey_der() 477 pk_type = pk_get_type_ext(key); in mbedtls_pk_write_pubkey_der() [all …]
|
/mbedtls-latest/tests/suites/ |
D | test_suite_pkwrite.data | 1 Public key write check RSA 5 Public key write check RSA (DER) 9 Public key write check RSA 4096 13 Public key write check RSA 4096 (DER) 17 Public key write check EC 192 bits 21 Public key write check EC 192 bits (DER) 25 Public key write check EC 521 bits 29 Public key write check EC 521 bits (DER) 33 Public key write check EC Brainpool 512 bits 37 Public key write check EC Brainpool 512 bits (DER) [all …]
|
D | test_suite_psa_crypto_persistent_key.data | 2 # stored, this may indicate that the key store is changing in a 6 Format for storage: RSA private key 9 Format for storage: AES-128 key 12 Parse storage: RSA private key 15 Parse storage: AES-128 key 33 Parse storage: truncated key 37 Save maximum-size persistent raw key 41 Save larger than maximum-size persistent raw key 44 Persistent key destroy 48 Persistent key destroy after restart [all …]
|
D | test_suite_nist_kw.function | 21 unsigned char key[16]; 30 memset(key, 0, sizeof(key)); 40 key, sizeof(key) * 8, 51 key, sizeof(key) * 8, 75 key, sizeof(key) * 8, 93 key, sizeof(key) * 8, 129 unsigned char key[32]; 134 memset(key, 0x2A, sizeof(key)); 135 TEST_ASSERT((unsigned) key_size <= 8 * sizeof(key)); 137 ret = mbedtls_nist_kw_setkey(&ctx, cipher_id, key, key_size, is_wrap); [all …]
|
D | test_suite_psa_crypto.data | 55 PSA import AES: bad key size 59 PSA import/export RSA public key: good, 1024-bit 63 PSA import/export RSA public key: good, larger buffer (+1 byte) 67 PSA import/export RSA public key: good, larger buffer (*2-1) 71 PSA import/export RSA public key: good, larger buffer (*2) 75 PSA import/export RSA public key: good, larger buffer (*2+1) 79 PSA import/export RSA public key: export buffer too small 111 PSA import/export RSA public key: good, 1024-bit, opaque 115 PSA import/export RSA public key: good, larger buffer (+1 byte), opaque 119 PSA import/export RSA public key: good, larger buffer (*2-1), opaque [all …]
|
D | test_suite_psa_crypto_slot_management.function | 8 /**< Close key(s) */ 11 /**< Destroy key(s) */ 14 /**< Purge key(s) */ 20 /**< Close key(s) then terminate and re-initialize */ 23 /**< Destroy key(s) then terminate and re-initialize */ 26 /**< Purge key(s) then terminate and re-initialize */ 43 /** Apply \p invalidate_method to invalidate the specified key: 47 mbedtls_svc_key_id_t key) 50 /* Closing the key invalidate only volatile keys, not persistent ones. */ 53 PSA_ASSERT(psa_close_key(key)); [all …]
|
D | test_suite_x509write.data | 3 x509_csr_check:"../framework/data_files/server1.key":"../framework/data_files/server1.req.sha1":MBE… 7 x509_csr_check:"../framework/data_files/server1.key":"../framework/data_files/server1.req.sha224":M… 11 x509_csr_check:"../framework/data_files/server1.key":"../framework/data_files/server1.req.sha256":M… 15 x509_csr_check:"../framework/data_files/server1.key":"../framework/data_files/server1.req.sha384":M… 19 x509_csr_check:"../framework/data_files/server1.key":"../framework/data_files/server1.req.sha512":M… 23 x509_csr_check:"../framework/data_files/server1.key":"../framework/data_files/server1.req.md5":MBED… 27 x509_csr_check:"../framework/data_files/server1.key":"../framework/data_files/server1.req.key_usage… 31 x509_csr_check_opaque:"../framework/data_files/server1.key":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL… 35 x509_csr_check:"../framework/data_files/server1.key":"../framework/data_files/server1.req.key_usage… 39 x509_csr_check:"../framework/data_files/server1.key":"../framework/data_files/server1.req.cert_type… [all …]
|
D | test_suite_lms.data | 2 # This test uses a fixed message, and then generates a private key, signs the 7 # This test uses a NULL zero-length message, and then generates a private key, 13 # limited amount of available test vectors for LMS. The private key is stored in 15 # uses leaf key 0, so must be the first signature generated by the key if the 18 # word at the start of the key/sig. We strip these 4 bytes from the signature 19 # and the public key before including them in a the test data. 21 # To produce another signature with this message and key (note that the actual 39 # The signature uses leaf key 1, so must be the second signature generated by 40 # the key if the signature is to be reproduced. 42 # To produce another signature with this message and key (note that the actual [all …]
|
D | test_suite_rsa.data | 37 # Bad padding after performing the public key operation 279 RSA Check empty private key 282 RSA Check Private key #1 (Correct) 285 RSA Check Private key #2 (No P) 288 RSA Check Private key #3 (No Q) 291 RSA Check Private key #4 (No N) 294 RSA Check Private key #5 (No E) 297 RSA Check Private key #6 (No D) 300 RSA Check Private key #7 (No DP) 304 RSA Check Private key #8 (No DQ) [all …]
|
D | test_suite_lmots.data | 2 # This test uses a fixed message, and then generates a private key, signs the 7 # This test uses a fixed message, and then generates a private key, signs the 12 # This test uses a NULL zero-length message, and then generates a private key, 20 # key is stored in ../framework/data_files/lms_hsslms_sha256_m32_h5_lmots_sha256_n32_w8_prv. 21 # This test uses the same OTS key as the LMS hsslms interop test 1 (leaf 0 of 22 # the LMS key), and the same message. 24 # To produce another signature with this message and key (note that the actual 45 # key is stored in ../framework/data_files/lms_hsslms_sha256_m32_h5_lmots_sha256_n32_w8_prv. 46 # This test uses the same OTS key as the LMS hsslms interop test 2 (leaf 1 of 47 # the LMS key), and the same message. [all …]
|
D | test_suite_psa_crypto.function | 120 * Or, for a public key, the same structure with only 163 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 169 PSA_ASSERT(psa_import_key(&attributes, key_bytes, key_length, &key)); 171 *status = psa_mac_sign_setup(operation, key, alg); 177 TEST_EQUAL(psa_mac_sign_setup(operation, key, alg), *status); 180 psa_destroy_key(key); 184 psa_destroy_key(key); 195 mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; 201 PSA_ASSERT(psa_import_key(&attributes, key_bytes, key_length, &key)); 203 *status = psa_cipher_encrypt_setup(operation, key, alg); [all …]
|
D | test_suite_ccm.function | 6 * The context must have been set up with the key. */ 82 unsigned char key[32]; 88 memset(key, 0x2A, sizeof(key)); 89 TEST_ASSERT((unsigned) key_size <= 8 * sizeof(key)); 91 ret = mbedtls_ccm_setkey(&ctx, cipher_id, key, key_size); 104 unsigned char key[16]; 116 memset(key, 0, sizeof(key)); 123 key, 8 * sizeof(key)) == 0); 149 unsigned char key[16]; 160 memset(key, 0, sizeof(key)); [all …]
|
D | test_suite_psa_crypto_slot_management.data | 125 # We need to avoid existing volatile key IDs. Normally there aren't any 128 # volatile key during initialization for its own use. At the time of 131 # Pick a key id that's in the middle of the volatile key ID range. 133 # volatile key IDs are assigned starting with the lowest value, and when 134 # MBEDTLS_PSA_KEY_STORE_DYNAMIC is disabled and volatile key IDs are assigned 142 Create failure: read-only key 146 Create failure: invalid location for a persistent key 150 Create failure: invalid location for a volatile key 154 Create failure: invalid key id (0) for a persistent key 158 Create failure: invalid key id (1) for a volatile key [all …]
|
D | test_suite_psa_crypto_se_driver_hal_mocks.data | 13 SE key importing mock test 16 SE key importing mock test: max key bits 19 SE key importing mock test: more than max key bits 22 SE key importing mock test: alloc failed 25 SE key importing mock test: import failed 28 SE key exporting mock test 31 SE key exporting mock test: export failed 34 SE public key exporting mock test 37 SE public key exporting mock test: export failed 40 SE key generating mock test [all …]
|
/mbedtls-latest/docs/proposed/ |
D | psa-driver-interface.md | 16 … of a **core** and zero or more **drivers**. The core handles key management, enforces key usage p… 24 …lable for a particular combination of parameters (cryptographic algorithm, key type and size, etc.… 25 …oked for the specific [key location](#lifetimes-and-locations) that the driver is registered for: … 35 …ap keys with a built-in keys but not store user keys; and cryptoprocessors that store key material. 82 …atory for opaque drivers): information about the [representation of keys](#key-format-for-opaque-d… 90 … certain class of cryptographic mechanisms. The capability specifies which key types and algorithm… 96 …key type specification](#key-type-specifications). If specified, the core will invoke this capabil… 97 … involving a key with one of the specified key sizes. If omitted, the core will invoke this capabi… 111 * If the mechanism involves a key: 112 …* either the key is transparent (its location is `PSA_KEY_LOCATION_LOCAL_STORAGE`) and the driver … [all …]
|
/mbedtls-latest/tests/src/ |
D | psa_exercise_key.c | 41 static int check_key_attributes_sanity(mbedtls_svc_key_id_t key, in check_key_attributes_sanity() argument 50 psa_status_t status = psa_get_key_attributes(key, &attributes); in check_key_attributes_sanity() 120 static int exercise_mac_key(mbedtls_svc_key_id_t key, in exercise_mac_key() argument 136 status = psa_mac_sign_setup(&operation, key, alg); in exercise_mac_key() 155 status = psa_mac_verify_setup(&operation, key, alg); in exercise_mac_key() 175 static int exercise_cipher_key(mbedtls_svc_key_id_t key, in exercise_cipher_key() argument 192 PSA_ASSERT(psa_get_key_attributes(key, &attributes)); in exercise_cipher_key() 197 status = psa_cipher_encrypt_setup(&operation, key, alg); in exercise_cipher_key() 225 status = psa_cipher_decrypt_setup(&operation, key, alg); in exercise_cipher_key() 263 static int exercise_aead_key(mbedtls_svc_key_id_t key, in exercise_aead_key() argument [all …]
|
/mbedtls-latest/include/psa/ |
D | crypto.h | 137 mbedtls_svc_key_id_t key); 381 psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key, 425 psa_status_t psa_purge_key(mbedtls_svc_key_id_t key); 570 psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key); 652 mbedtls_svc_key_id_t *key); 744 psa_status_t psa_export_key(mbedtls_svc_key_id_t key, 819 psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key, 1214 psa_status_t psa_mac_compute(mbedtls_svc_key_id_t key, 1255 psa_status_t psa_mac_verify(mbedtls_svc_key_id_t key, 1362 mbedtls_svc_key_id_t key, [all …]
|
/mbedtls-latest/docs/ |
D | psa-transition.md | 35 * Mbed TLS legacy APIs require key material to be present in the application memory. The PSA Crypto… 80 Apart from keys, as described in “[Key management](#key-management)” below, APIs that need to prese… 88 …key take a parameter of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/deve… 90 To use a key: 92 …key object with a key creation function. The two most common ones are [`psa_import_key`](https://m… 93 2. Use the key as desired, passing the key identifier obtained during the key creation. 94 3. Finally destroy the key object with [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects… 96 …key management](#cipher-key-management)”, “[MAC key management](#mac-key-management)”, “[Key lifec… 98 …key material, call [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/… 100 Note that a key consumes a key store entry, which is distinct from heap memory, until it is destroy… [all …]
|
/mbedtls-latest/docs/architecture/psa-migration/ |
D | psa-legacy-bridges.md | 61 * Creating a key with the legacy API and consuming it in the PSA API. 62 * Creating a key with the PSA API and consuming it in the legacy API. 94 Hashes are often used as building blocks for other mechanisms (HMAC, signatures, key derivation, et… 118 The legacy API only has generic support for two key types: RSA and ECC, via the pk module. ECC keys… 120 An RSA or ECC key can potentially be used for different algorithms in the scope of the pk module: 123 * ECC: ECDSA signature (randomized or deterministic), ECDH key agreement (via `mbedtls_pk_ec`). 127 …re does not seem to be a need to convert between legacy and PSA asymmetric key types on their own.… 139 * Simultaneously supporting **a key type and an algorithm**. 145 #### Using a legacy key pair or public key with PSA 147 …rios where an application has a legacy key pair or public key (`mbedtls_pk_context`) and needs to … [all …]
|
/mbedtls-latest/docs/architecture/psa-thread-safety/ |
D | psa-thread-safety.md | 5 As of Mbed TLS 3.6, an MVP for making the [PSA Crypto key management API](https://arm-software.gith… 10 …- Slot states are described in the [Key slot states](#key-slot-states) section. They guarantee saf… 11 …l mutex, as described in [Key store consistency and abstraction function](#key-store-consistency-a… 12 …destruction guarantees](#key-destruction-guarantees), with an implementation discussed in [Key des… 15 - Some multithreaded testing of the key management API has been added, this is outlined in [Testing… 25 * The [Current strategy](#current-strategy) section describes how thread-safety of key management a… 43 …onditions, deadlocks or livelocks when concurrently calling any set of PSA key management function… 49 When only considering key management functions: Mbed TLS 3.6 abides by the minimum expectation for … 53 …PSA 1.2 specification, Mbed TLS 3.6 abides by these when only considering [key management function… 60 > - Any call where the same key identifier is a parameter to the call. [all …]
|