/mbedtls-latest/tests/suites/ |
D | test_suite_psa_crypto_not_supported.generated.data | 1 # Automatically generated by generate_psa_tests.py. Do not edit! 3 PSA import AES 128-bit not supported 7 PSA generate AES 128-bit not supported 11 PSA import AES 192-bit not supported 15 PSA generate AES 192-bit not supported 19 PSA import AES 256-bit not supported 23 PSA generate AES 256-bit not supported 27 PSA import ARIA 128-bit not supported 31 PSA generate ARIA 128-bit not supported 35 PSA import ARIA 192-bit not supported [all …]
|
D | test_suite_psa_crypto_persistent_key.data | 87 import/export persistent raw key file not exist: 1 byte 90 import/export persistent key RSA public key file not exist: 1024-bit 94 import/export persistent key RSA keypair file not exist: 1024-bit 113 import/export persistent raw key file not exist with restart: 1 byte 116 import/export persistent key RSA public key file not exist with restart: 1024-bit 120 import/export persistent key RSA keypair file not exist with restart: 1024-bit
|
D | main_test.function | 31 * enabled but the corresponding warnings are not treated as errors. 125 * parameter array and do not perform any error detection. 155 * DISPATCH_TEST_FN_NOT_FOUND if not found 156 * DISPATCH_UNSUPPORTED_SUITE if not compile time enabled. 193 * DISPATCH_TEST_FN_NOT_FOUND if not found 194 * DISPATCH_UNSUPPORTED_SUITE if not compile time enabled. 249 * not desirable and should be fixed later.
|
/mbedtls-latest/tests/scripts/ |
D | components-configuration-crypto.sh | 68 not grep mbedtls_ linking_errors.txt 348 not grep mbedtls_pk_parse_key library/pkparse.o 349 not grep mbedtls_pk_write_key_der library/pkwrite.o 375 not grep mbedtls_md_hmac library/md.o 452 not grep mbedtls_cipher_init library/cipher.o 513 not grep mbedtls_psa_cipher library/psa_crypto_cipher.o 852 not grep mbedtls_ecdsa_ library/ecdsa.o 893 not grep mbedtls_ecdh_ library/ecdh.o 931 not grep mbedtls_dhm_ library/dhm.o 985 not grep mbedtls_ecjpake_init library/ecjpake.o [all …]
|
D | components-platform.sh | 61 ./programs/test/selftest aes | not grep -q "AESNI code" 62 not grep -q "AES note: using AESNI" ./programs/test/selftest 72 ./programs/test/selftest aes | not grep -q "AES note: built-in implementation." 74 not grep -q "AES note: built-in implementation." ./programs/test/selftest 110 ./programs/test/selftest aes | not grep -q "AES note: built-in implementation." 112 not grep -q "AES note: built-in implementation." ./programs/test/selftest 113 not grep -q "AES note: using VIA Padlock" ./programs/test/selftest 114 not grep -q mbedtls_aesni_has_support ./programs/test/selftest 188 not grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' library/aesce.o 191 not grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' library/aesce.o [all …]
|
D | test_zeroize.gdb | 9 # function in platform_util.h is not being optimized out by the compiler. To do 15 # The mbedtls_platform_zeroize() test is debugger driven because there does not 22 # data structure to remove redundant code that does not have an impact on the 25 # memory that is not accessed later in the program, so removing the call to 26 # mbedtls_platform_zeroize() does not have an observable behavior. However, 28 # the block of memory was correctly zeroed would force the compiler to not 29 # eliminate the mbedtls_platform_zeroize() call. If this does not occur, then 50 echo The buffer at was not zeroized\n 60 echo The program did not terminate correctly\n
|
/mbedtls-latest/docs/architecture/testing/ |
D | invasive-testing.md | 5 …umented behavior of the product, in a realistic environment. However this is not always sufficient. 9 This is a test strategy document, not a test plan. A description of exactly what is tested is out o… 24 Always follow these rules unless you have a good reason not to. If you deviate, document the ration… 30 Do not add test-specific interfaces if there's a practical way of doing it another way. All public … 34 …eader files from `library/`. Do not define non-public interfaces in public headers. In contrast, s… 38 If test code or test data depends on internal details of the library and not just on its documented… 49 > # and not expected to be raised any time soon) is less than the maximum 58 * **Test-specific code must be guarded by `#if defined(MBEDTLS_TEST_HOOKS)`**. Do not create fine-g… 59 * **Do not use `MBEDTLS_TEST_HOOKS` for security checks or assertions.** Security checks belong in … 60 * **Merely defining `MBEDTLS_TEST_HOOKS` must not change the behavior**. It may define extra functi… [all …]
|
D | driver-interface-test-strategy.md | 42 * Make at least one test with a key that is not in a secure element that checks that the driver met… 43 * Make at least one test with a key in a secure element with a driver that does not have the requis… 44 * Make at least one test with a key in a secure element with a driver that does not have the substr… 45 …key in each driver and check that the expected driver is called. This does not need to be done for… 55 …at are invalid and must not reach the driver, call the API function with such parameters and verif… 56 …t from the expected inputs (as is often the case for cryptographic material, but not for metadata). 79 * Test that `psa_destroy_key()` does not leave any trace of the key. 90 …s can be done by e.g. using a key that is supposed to be present) and does not have any unexpected… 102 * Run the full driver validation test suite (which does not yet exist). 113 * Run the full driver validation test suite (which does not yet exist). [all …]
|
/mbedtls-latest/docs/architecture/ |
D | psa-storage-resilience.md | 15 …iven point in time, the system is either in a state where the function has not started yet, or in … 17 …rformed. For example, there will never be a situation where $M_2$ has been performed but not $M_1$. 19 The committing property is important not only for sequences of operations, but also when reporting … 26 * `remove()` removes a file (returning a specific error code if the file does not exist). 30 …of a file is always a version that was previously passed to `set()`. We do not try to handle the c… 34 …not have its own key store: in this case, the core stores a wrapped (i.e. encrypted) copy of the k… 40 …n-the-underlying-file-storage). We do not need to take any special precautions in the library desi… 63 …not exist yet. This is fine from an application's perspective since the core has not committed to … 74 …o the key identifier _A_ used by the application interface. This step must not modify the state of… 82 * Before step 3: the system state has not changed at all. As far as the world is concerned, the key… [all …]
|
D | psa-shared-memory.md | 12 … specification). Legacy crypto, X.509, TLS, or any other function which is not called `psa_xxx` is… 35 …his models an ideal world where the content of input and output buffers is not accessible outside … 58 …s the calculation, leading to an outcome that would not be possible if the intermediate data had n… 60 …badly formatted data into the buffer, so that the private-key operation is not a valid signature (… 62 …are under the attestation application's control, and the final client must not be able to obtain a… 72 …encrypts some data, and lets its clients store the ciphertext. Clients may not have access to the … 74 …vice on behalf of multiple clients, using a single shared key. Clients are not allowed to access e… 84 … This is a security violation if the key policy only allowed the client to encrypt, not to decrypt. 96 …ly with whole-program optimization) may optimize the copy away, if it does not understand that cop… 107 …rcumstances. It is ok to write data that is independent of the inputs (and not otherwise confident… [all …]
|
D | tls13-support.md | 95 Most of the Mbed TLS SSL/TLS related options are not supported or not 142 exchange mode enabled, the TLS 1.3 implementation does not contain any code 147 mode enabled, the TLS 1.3 implementation does not contain any code related 156 exchange mode enabled, the TLS 1.3 implementation does not contain any code 241 check that we do not write or read past the end of a data buffer. The 265 - We prefer grouping "related statement lines" by not adding blank lines 291 the pointer name not appended to the pointer type: 299 - string literals can extend beyond 80 characters as we do not want to 351 The implementation does not go systematically through all states as this would 352 result in too many checks of whether something needs to be done or not in a [all …]
|
D | psa-keystore-design.md | 44 * `PSA_SLOT_EMPTY`: a slot that occupies memory but does not currently contain a key. 53 …protected by a reader-writer lock. (In earlier versions, the key store was not thread-safe.) The l… 55 * `EMPTY` or `FULL` state, `registered_readers == 0`: the slot is not in use by any thread. 61 Note that a slot must not be moved in memory while it is being read or written. 70 …KEY_SLOT_BUFFER_SIZE` bytes. This is intended for very constrained devices that do not have a heap. 71 …are larger. This is intended for higher-end devices where applications are not expected to have a … 77 …not using the supplied `mbedtls_config.h`, as explained above), to minimize the risk of bugs and t… 79 …eys larger than some threshold require the use of heap memory. The reasons not to do this in Mbed … 81 …ng unused memory more aggressively, which could make the dynamic key store not detrimental in RAM … 137 …ce_index | slot_index` where the bits set in `BASE`, `slice_index` and `slot_index` do not overlap. [all …]
|
D | alternative-implementations.md | 6 This document is an overview. It is not exhaustive. Please consult the documentation of individual … 22 …working, the `net_sockets` module does not currently support alternative implementations. If this … 30 …not all operations support drivers yet. The configuration option `MBEDTLS_USE_PSA_CRYPTO` causes p… 47 …not need to be at the same position in the structure. Furthermore, unless otherwise indicated, onl… 64 …context or to a part of a context does not remain valid across function calls. Alternative impleme… 72 …onding option is enabled, the built-in implementation of the function will not be compiled, and yo… 89 Merely enabling `MBEDTLS_PLATFORM_XXX_ALT` does not change the behavior: by default, `mbedtls_xxx` …
|
/mbedtls-latest/docs/architecture/psa-thread-safety/ |
D | psa-thread-safety.md | 3 Currently, PSA Crypto API calls in Mbed TLS releases are not thread-safe. 5 …mplementations which only ever call PSA functions from a single thread are not affected by this ne… 19 …PSA Crypto API are planned to be made thread-safe in future, but currently we are not testing this. 45 We do not test or support calling other PSA API functions concurrently. 59 > * A call to `psa_destroy_key()` must not overlap with a concurrent call to any of the following f… 63 > * Concurrent calls must not use the same operation object. 67 …not apply to errors that arise from resource failures or limitations. For example, errors resultin… 69 …hich both attempt to create a new key with the same key identifier that is not already in the key … 72 > * Both calls can fail with error codes that are not `PSA_ERROR_ALREADY_EXISTS`. 78 …ns from a single thread, or which protect all PSA calls using a mutex, are not affected by this ne… [all …]
|
/mbedtls-latest/.github/ |
D | pull_request_template.md | 9 Please tick as appropriate and edit the reasons (e.g.: "backport: not needed because this is a new … 11 - [ ] **changelog** provided, or not required 12 - [ ] **3.6 backport** done, or not required 13 - [ ] **2.28 backport** done, or not required 14 - [ ] **tests** provided, or not required 27 - please do not force-push to update your PR - just add new commit(s)
|
/mbedtls-latest/ |
D | LICENSE | 35 including but not limited to software source code, documentation 40 not limited to compiled object code, generated documentation, 52 of this License, Derivative Works shall not include works that remain 63 to the Licensor or its representatives, including but not limited to 111 excluding those notices that do not pertain to any part of 117 within such NOTICE file, excluding those notices that do not 125 do not modify the License. You may add Your own attribution 146 6. Trademarks. This License does not grant permission to use the trade 168 Work (including but not limited to damages for loss of goodwill, 178 on Your own behalf and on Your sole responsibility, not on behalf [all …]
|
D | BRANCHES.md | 19 These branches will not receive any changes or updates. 35 code that's working and secure with Mbed TLS x.y.z and does not rely on 43 result in an incompatible API or ABI, although features will generally not 45 cryptographic algorithm does not break code that does not use that 50 not considered API compatibility breaks: 55 * Returning an error code that was not previously documented for a function 82 Note that this guarantee does not currently fully extend to drivers, which 86 as the use of driver state, we do not yet guarantee backward compatibility.
|
/mbedtls-latest/docs/architecture/psa-migration/ |
D | md-cipher-dispatch.md | 6 This document discusses a migration strategy for code that is not subject to `MBEDTLS_USE_PSA_CRYPT… 12 A difference between the original strategy and the current one is that in this work, we are not tre… 75 …erfaces may change without notice.” In practice, this may mean constraints not only on how to writ… 76 …not ready for production since it is not completed.” We may want to change this, for example, to a… 80 It is not a goal at this stage to make more code directly call `psa_xxx` functions. Rather, the goa… 92 * Make non-covered modules call PSA, but only [when this will actually work](#why-psa-is-not-always… 99 * Software implementations of primitive cryptographic mechanisms. These are not expected to change. 101 * Code implementing the PSA crypto interface. This is not expected to change, except perhaps to exp… 107 * **Legacy domain**: does not interact with PSA. Implementations of hashes, of cipher primitives, o… 108 * **Mixed domain**: does not currently use PSA, but should [when possible](#why-psa-is-not-always-p… [all …]
|
D | psa-legacy-bridges.md | 37 There is functionality that is tied to one API and is not directly available in the other API: 41 * The legacy API has features that are not present (yet) in PSA, notably parsing and formatting asy… 67 The goal of this document is to bridge the legacy API and the PSA API. The goal is not to provide a… 69 With respect to the legacy API, we do not consider functionality of low-level modules for individua… 75 * Where the PSA equivalents do not provide the same functionality. A typical example is parsing and… 86 …nd converting between `MBEDTLS_ERR_xxx` error codes and `PSA_ERROR_xxx` is not particularly helpfu… 92 Hashes do not involve keys, and involves no nontrivial data format. Therefore the only gap is with … 94 …atures, key derivation, etc.). Therefore metadata about hashes is relevant not only when calculati… 118 …ie-Hellman-Merkle = FFDH: finite-field Diffie-Hellman) keys, but those are not integrated in the p… 127 …a policy that (for the most part) limits them to one algorithm, there does not seem to be a need t… [all …]
|
D | strategy.md | 43 - it's not fully compatible with `MBEDTLS_ECP_RESTARTABLE`: you can enable 74 Currently this option controls not only the presence of restartable APIs in 76 Crypto does not support restartable operations, there's a clear conflict: the 81 added to PSA in Mbed TLS 3.4, but support for ECDH is not present yet. 88 1. Existing applications may not be calling `psa_crypto_init()` before using 93 2. It's currently not possible to enable `MBEDTLS_PSA_CRYPTO_C` in 112 Taking advantage of the existing abstractions layers - or not 122 Note: key exchange (FFDH, ECDH) is not covered by an abstraction layer. 129 `MBEDTLS_USE_PSA_CRYPTO` is enabled. (This is not an issue for G1, G2, G3 152 This strategy is not very well suited to the Cipher layer, as the PSA [all …]
|
/mbedtls-latest/docs/proposed/ |
D | psa-conditional-inclusion-c.md | 6 This is currently a proposal for Mbed TLS. It is not currently on track for standardization in PSA. 18 …e software implementation is only included if `MBEDTLS_xxx_C` is defined but not `MBEDTLS_xxx_ALT`. 24 …not work well for asymmetric cryptography. For example, many parts of the ECC code have no `MBEDTL… 30 [Req.inclusion] If the application does not require a mechanism, a suitably configured Mbed TLS bui… 32 …river is available in the build, a suitably configured Mbed TLS build must not include the corresp… 34 …es not require tools other than a C compiler. This is necessary to allow building an application a… 65 * If the symbol is not defined, the corresponding feature is not included. 79 …not requested for inclusion in the PSA Crypto configuration file, it may still be included in the … 94 …plicitly enables import and export support for that key type, but this may not be the case in futu… 106 …not specialized for any particular group, so reducing the number of available groups at compile ti… [all …]
|
D | psa-driver-interface.md | 6 …erence implementation of the PSA Cryptography API. At this stage, Arm does not expect major change… 35 …in cleartext; cryptoprocessors that can wrap keys with a built-in keys but not store user keys; an… 37 …not involve any platform-specific consideration. Driver calls are simple C function calls. Interac… 41 [Req.fallback] Accelerator drivers can specify that they do not fully support a cryptographic mecha… 43 …mechanisms they support. A driver's code will not be invoked for cryptographic mechanisms that it … 79 …river description. They may declare the entry point functions, but this is not required. They may … 82 * `"key_context"` (not permitted for transparent drivers, mandatory for opaque drivers): informatio… 83 * `"persistent_state_size"` (not permitted for transparent drivers, optional for opaque drivers, in… 84 * `"location"` (not permitted for transparent drivers, optional for opaque drivers, integer or stri… 98 …in the driver that implements the corresponding function. If a function is not listed here, name o… [all …]
|
/mbedtls-latest/docs/ |
D | driver-only-builds.md | 39 `mbedtls/mbedtls_config.h`. This ensures the built-in implementation is not 94 to low-level hash APIs (`mbedtls_sha256()` etc.) are not possible for the 122 (`mbedtls_sha256()` etc.) will not be possible for the legacy modules that 129 `PSA_WANT_ALG_DETERMINISTIC_ECDSA` on the PSA one) to be not available. 183 - direct calls to APIs from the disabled modules are not possible; 184 - PK, X.509 and TLS will not support restartable ECC operations (see 210 curve is identified not by name, but by explicit parameters; 217 result in some code size savings, but not as much as when none of the 228 consequence these are not supported in builds without `MBEDTLS_ECDSA_C`. 231 are not supported without `ECDH_C`. See also limitations regarding [all …]
|
D | 3.0-migration-guide.md | 25 migration path is not provided in prior documentation, changes made and the 34 suffixed with `_ret`. In Mbed TLS 3.x, this change may not be required, as most 64 …headers is no longer supported. In Mbed TLS 3, the layout of structures is not considered part of … 70 If you were accessing structure fields directly, and these fields are not documented as public, you… 92 This change does not affect users who use the default configuration; it only 99 that the pointer is non-null. With the feature disabled, a null pointer is not 111 not used in X.509, TLS or in PSA crypto, and it was not implemented in all 118 Validation of enum-like values is somewhat useful, but not extremely important, 125 This does not affect users who use the default `mbedtls_config.h`, as this option was 139 This only affects users who called the HAVEGE modules directly (not [all …]
|
/mbedtls-latest/ChangeLog.d/ |
D | 00README.md | 3 This directory contains changelog entries that have not yet been merged 15 that are documented as experimental may or may not be announced, depending 30 changelog entry, but not for deciding whether to write one. 79 **Explain why, not how**. Remember that the audience is the users of the 80 library, not its developers. In particular, for a bug fix, explain the 81 consequences of the bug, not how the bug was fixed. For a new feature, explain
|