Home
last modified time | relevance | path

Searched refs:not (Results 1 – 25 of 169) sorted by relevance

1234567

/mbedtls-latest/tests/suites/
Dtest_suite_psa_crypto_not_supported.generated.data1 # Automatically generated by generate_psa_tests.py. Do not edit!
3 PSA import AES 128-bit not supported
7 PSA generate AES 128-bit not supported
11 PSA import AES 192-bit not supported
15 PSA generate AES 192-bit not supported
19 PSA import AES 256-bit not supported
23 PSA generate AES 256-bit not supported
27 PSA import ARIA 128-bit not supported
31 PSA generate ARIA 128-bit not supported
35 PSA import ARIA 192-bit not supported
[all …]
Dtest_suite_psa_crypto_persistent_key.data87 import/export persistent raw key file not exist: 1 byte
90 import/export persistent key RSA public key file not exist: 1024-bit
94 import/export persistent key RSA keypair file not exist: 1024-bit
113 import/export persistent raw key file not exist with restart: 1 byte
116 import/export persistent key RSA public key file not exist with restart: 1024-bit
120 import/export persistent key RSA keypair file not exist with restart: 1024-bit
Dmain_test.function31 * enabled but the corresponding warnings are not treated as errors.
125 * parameter array and do not perform any error detection.
155 * DISPATCH_TEST_FN_NOT_FOUND if not found
156 * DISPATCH_UNSUPPORTED_SUITE if not compile time enabled.
193 * DISPATCH_TEST_FN_NOT_FOUND if not found
194 * DISPATCH_UNSUPPORTED_SUITE if not compile time enabled.
249 * not desirable and should be fixed later.
/mbedtls-latest/tests/scripts/
Dcomponents-configuration-crypto.sh68 not grep mbedtls_ linking_errors.txt
348 not grep mbedtls_pk_parse_key library/pkparse.o
349 not grep mbedtls_pk_write_key_der library/pkwrite.o
375 not grep mbedtls_md_hmac library/md.o
452 not grep mbedtls_cipher_init library/cipher.o
513 not grep mbedtls_psa_cipher library/psa_crypto_cipher.o
852 not grep mbedtls_ecdsa_ library/ecdsa.o
893 not grep mbedtls_ecdh_ library/ecdh.o
931 not grep mbedtls_dhm_ library/dhm.o
985 not grep mbedtls_ecjpake_init library/ecjpake.o
[all …]
Dcomponents-platform.sh61 ./programs/test/selftest aes | not grep -q "AESNI code"
62 not grep -q "AES note: using AESNI" ./programs/test/selftest
72 ./programs/test/selftest aes | not grep -q "AES note: built-in implementation."
74 not grep -q "AES note: built-in implementation." ./programs/test/selftest
110 ./programs/test/selftest aes | not grep -q "AES note: built-in implementation."
112 not grep -q "AES note: built-in implementation." ./programs/test/selftest
113 not grep -q "AES note: using VIA Padlock" ./programs/test/selftest
114 not grep -q mbedtls_aesni_has_support ./programs/test/selftest
188 not grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' library/aesce.o
191 not grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' library/aesce.o
[all …]
Dtest_zeroize.gdb9 # function in platform_util.h is not being optimized out by the compiler. To do
15 # The mbedtls_platform_zeroize() test is debugger driven because there does not
22 # data structure to remove redundant code that does not have an impact on the
25 # memory that is not accessed later in the program, so removing the call to
26 # mbedtls_platform_zeroize() does not have an observable behavior. However,
28 # the block of memory was correctly zeroed would force the compiler to not
29 # eliminate the mbedtls_platform_zeroize() call. If this does not occur, then
50 echo The buffer at was not zeroized\n
60 echo The program did not terminate correctly\n
/mbedtls-latest/docs/architecture/testing/
Dinvasive-testing.md5 …umented behavior of the product, in a realistic environment. However this is not always sufficient.
9 This is a test strategy document, not a test plan. A description of exactly what is tested is out o…
24 Always follow these rules unless you have a good reason not to. If you deviate, document the ration…
30 Do not add test-specific interfaces if there's a practical way of doing it another way. All public …
34 …eader files from `library/`. Do not define non-public interfaces in public headers. In contrast, s…
38 If test code or test data depends on internal details of the library and not just on its documented…
49 > # and not expected to be raised any time soon) is less than the maximum
58 * **Test-specific code must be guarded by `#if defined(MBEDTLS_TEST_HOOKS)`**. Do not create fine-g…
59 * **Do not use `MBEDTLS_TEST_HOOKS` for security checks or assertions.** Security checks belong in …
60 * **Merely defining `MBEDTLS_TEST_HOOKS` must not change the behavior**. It may define extra functi…
[all …]
Ddriver-interface-test-strategy.md42 * Make at least one test with a key that is not in a secure element that checks that the driver met…
43 * Make at least one test with a key in a secure element with a driver that does not have the requis…
44 * Make at least one test with a key in a secure element with a driver that does not have the substr…
45 …key in each driver and check that the expected driver is called. This does not need to be done for…
55 …at are invalid and must not reach the driver, call the API function with such parameters and verif…
56 …t from the expected inputs (as is often the case for cryptographic material, but not for metadata).
79 * Test that `psa_destroy_key()` does not leave any trace of the key.
90 …s can be done by e.g. using a key that is supposed to be present) and does not have any unexpected…
102 * Run the full driver validation test suite (which does not yet exist).
113 * Run the full driver validation test suite (which does not yet exist).
[all …]
/mbedtls-latest/docs/architecture/
Dpsa-storage-resilience.md15 …iven point in time, the system is either in a state where the function has not started yet, or in …
17 …rformed. For example, there will never be a situation where $M_2$ has been performed but not $M_1$.
19 The committing property is important not only for sequences of operations, but also when reporting …
26 * `remove()` removes a file (returning a specific error code if the file does not exist).
30 …of a file is always a version that was previously passed to `set()`. We do not try to handle the c…
34not have its own key store: in this case, the core stores a wrapped (i.e. encrypted) copy of the k…
40 …n-the-underlying-file-storage). We do not need to take any special precautions in the library desi…
63not exist yet. This is fine from an application's perspective since the core has not committed to …
74 …o the key identifier _A_ used by the application interface. This step must not modify the state of…
82 * Before step 3: the system state has not changed at all. As far as the world is concerned, the key…
[all …]
Dpsa-shared-memory.md12 … specification). Legacy crypto, X.509, TLS, or any other function which is not called `psa_xxx` is…
35 …his models an ideal world where the content of input and output buffers is not accessible outside …
58 …s the calculation, leading to an outcome that would not be possible if the intermediate data had n…
60 …badly formatted data into the buffer, so that the private-key operation is not a valid signature (…
62 …are under the attestation application's control, and the final client must not be able to obtain a…
72 …encrypts some data, and lets its clients store the ciphertext. Clients may not have access to the …
74 …vice on behalf of multiple clients, using a single shared key. Clients are not allowed to access e…
84 … This is a security violation if the key policy only allowed the client to encrypt, not to decrypt.
96 …ly with whole-program optimization) may optimize the copy away, if it does not understand that cop…
107 …rcumstances. It is ok to write data that is independent of the inputs (and not otherwise confident…
[all …]
Dtls13-support.md95 Most of the Mbed TLS SSL/TLS related options are not supported or not
142 exchange mode enabled, the TLS 1.3 implementation does not contain any code
147 mode enabled, the TLS 1.3 implementation does not contain any code related
156 exchange mode enabled, the TLS 1.3 implementation does not contain any code
241 check that we do not write or read past the end of a data buffer. The
265 - We prefer grouping "related statement lines" by not adding blank lines
291 the pointer name not appended to the pointer type:
299 - string literals can extend beyond 80 characters as we do not want to
351 The implementation does not go systematically through all states as this would
352 result in too many checks of whether something needs to be done or not in a
[all …]
Dpsa-keystore-design.md44 * `PSA_SLOT_EMPTY`: a slot that occupies memory but does not currently contain a key.
53 …protected by a reader-writer lock. (In earlier versions, the key store was not thread-safe.) The l…
55 * `EMPTY` or `FULL` state, `registered_readers == 0`: the slot is not in use by any thread.
61 Note that a slot must not be moved in memory while it is being read or written.
70 …KEY_SLOT_BUFFER_SIZE` bytes. This is intended for very constrained devices that do not have a heap.
71 …are larger. This is intended for higher-end devices where applications are not expected to have a …
77not using the supplied `mbedtls_config.h`, as explained above), to minimize the risk of bugs and t…
79 …eys larger than some threshold require the use of heap memory. The reasons not to do this in Mbed …
81 …ng unused memory more aggressively, which could make the dynamic key store not detrimental in RAM …
137 …ce_index | slot_index` where the bits set in `BASE`, `slice_index` and `slot_index` do not overlap.
[all …]
Dalternative-implementations.md6 This document is an overview. It is not exhaustive. Please consult the documentation of individual …
22 …working, the `net_sockets` module does not currently support alternative implementations. If this …
30not all operations support drivers yet. The configuration option `MBEDTLS_USE_PSA_CRYPTO` causes p…
47not need to be at the same position in the structure. Furthermore, unless otherwise indicated, onl…
64 …context or to a part of a context does not remain valid across function calls. Alternative impleme…
72 …onding option is enabled, the built-in implementation of the function will not be compiled, and yo…
89 Merely enabling `MBEDTLS_PLATFORM_XXX_ALT` does not change the behavior: by default, `mbedtls_xxx` …
/mbedtls-latest/docs/architecture/psa-thread-safety/
Dpsa-thread-safety.md3 Currently, PSA Crypto API calls in Mbed TLS releases are not thread-safe.
5 …mplementations which only ever call PSA functions from a single thread are not affected by this ne…
19 …PSA Crypto API are planned to be made thread-safe in future, but currently we are not testing this.
45 We do not test or support calling other PSA API functions concurrently.
59 > * A call to `psa_destroy_key()` must not overlap with a concurrent call to any of the following f…
63 > * Concurrent calls must not use the same operation object.
67not apply to errors that arise from resource failures or limitations. For example, errors resultin…
69 …hich both attempt to create a new key with the same key identifier that is not already in the key …
72 > * Both calls can fail with error codes that are not `PSA_ERROR_ALREADY_EXISTS`.
78 …ns from a single thread, or which protect all PSA calls using a mutex, are not affected by this ne…
[all …]
/mbedtls-latest/.github/
Dpull_request_template.md9 Please tick as appropriate and edit the reasons (e.g.: "backport: not needed because this is a new …
11 - [ ] **changelog** provided, or not required
12 - [ ] **3.6 backport** done, or not required
13 - [ ] **2.28 backport** done, or not required
14 - [ ] **tests** provided, or not required
27 - please do not force-push to update your PR - just add new commit(s)
/mbedtls-latest/
DLICENSE35 including but not limited to software source code, documentation
40 not limited to compiled object code, generated documentation,
52 of this License, Derivative Works shall not include works that remain
63 to the Licensor or its representatives, including but not limited to
111 excluding those notices that do not pertain to any part of
117 within such NOTICE file, excluding those notices that do not
125 do not modify the License. You may add Your own attribution
146 6. Trademarks. This License does not grant permission to use the trade
168 Work (including but not limited to damages for loss of goodwill,
178 on Your own behalf and on Your sole responsibility, not on behalf
[all …]
DBRANCHES.md19 These branches will not receive any changes or updates.
35 code that's working and secure with Mbed TLS x.y.z and does not rely on
43 result in an incompatible API or ABI, although features will generally not
45 cryptographic algorithm does not break code that does not use that
50 not considered API compatibility breaks:
55 * Returning an error code that was not previously documented for a function
82 Note that this guarantee does not currently fully extend to drivers, which
86 as the use of driver state, we do not yet guarantee backward compatibility.
/mbedtls-latest/docs/architecture/psa-migration/
Dmd-cipher-dispatch.md6 This document discusses a migration strategy for code that is not subject to `MBEDTLS_USE_PSA_CRYPT…
12 A difference between the original strategy and the current one is that in this work, we are not tre…
75 …erfaces may change without notice.” In practice, this may mean constraints not only on how to writ…
76not ready for production since it is not completed.” We may want to change this, for example, to a…
80 It is not a goal at this stage to make more code directly call `psa_xxx` functions. Rather, the goa…
92 * Make non-covered modules call PSA, but only [when this will actually work](#why-psa-is-not-always…
99 * Software implementations of primitive cryptographic mechanisms. These are not expected to change.
101 * Code implementing the PSA crypto interface. This is not expected to change, except perhaps to exp…
107 * **Legacy domain**: does not interact with PSA. Implementations of hashes, of cipher primitives, o…
108 * **Mixed domain**: does not currently use PSA, but should [when possible](#why-psa-is-not-always-p…
[all …]
Dpsa-legacy-bridges.md37 There is functionality that is tied to one API and is not directly available in the other API:
41 * The legacy API has features that are not present (yet) in PSA, notably parsing and formatting asy…
67 The goal of this document is to bridge the legacy API and the PSA API. The goal is not to provide a…
69 With respect to the legacy API, we do not consider functionality of low-level modules for individua…
75 * Where the PSA equivalents do not provide the same functionality. A typical example is parsing and…
86 …nd converting between `MBEDTLS_ERR_xxx` error codes and `PSA_ERROR_xxx` is not particularly helpfu…
92 Hashes do not involve keys, and involves no nontrivial data format. Therefore the only gap is with …
94 …atures, key derivation, etc.). Therefore metadata about hashes is relevant not only when calculati…
118 …ie-Hellman-Merkle = FFDH: finite-field Diffie-Hellman) keys, but those are not integrated in the p…
127 …a policy that (for the most part) limits them to one algorithm, there does not seem to be a need t…
[all …]
Dstrategy.md43 - it's not fully compatible with `MBEDTLS_ECP_RESTARTABLE`: you can enable
74 Currently this option controls not only the presence of restartable APIs in
76 Crypto does not support restartable operations, there's a clear conflict: the
81 added to PSA in Mbed TLS 3.4, but support for ECDH is not present yet.
88 1. Existing applications may not be calling `psa_crypto_init()` before using
93 2. It's currently not possible to enable `MBEDTLS_PSA_CRYPTO_C` in
112 Taking advantage of the existing abstractions layers - or not
122 Note: key exchange (FFDH, ECDH) is not covered by an abstraction layer.
129 `MBEDTLS_USE_PSA_CRYPTO` is enabled. (This is not an issue for G1, G2, G3
152 This strategy is not very well suited to the Cipher layer, as the PSA
[all …]
/mbedtls-latest/docs/proposed/
Dpsa-conditional-inclusion-c.md6 This is currently a proposal for Mbed TLS. It is not currently on track for standardization in PSA.
18 …e software implementation is only included if `MBEDTLS_xxx_C` is defined but not `MBEDTLS_xxx_ALT`.
24not work well for asymmetric cryptography. For example, many parts of the ECC code have no `MBEDTL…
30 [Req.inclusion] If the application does not require a mechanism, a suitably configured Mbed TLS bui…
32 …river is available in the build, a suitably configured Mbed TLS build must not include the corresp…
34 …es not require tools other than a C compiler. This is necessary to allow building an application a…
65 * If the symbol is not defined, the corresponding feature is not included.
79not requested for inclusion in the PSA Crypto configuration file, it may still be included in the …
94 …plicitly enables import and export support for that key type, but this may not be the case in futu…
106not specialized for any particular group, so reducing the number of available groups at compile ti…
[all …]
Dpsa-driver-interface.md6 …erence implementation of the PSA Cryptography API. At this stage, Arm does not expect major change…
35 …in cleartext; cryptoprocessors that can wrap keys with a built-in keys but not store user keys; an…
37not involve any platform-specific consideration. Driver calls are simple C function calls. Interac…
41 [Req.fallback] Accelerator drivers can specify that they do not fully support a cryptographic mecha…
43 …mechanisms they support. A driver's code will not be invoked for cryptographic mechanisms that it …
79 …river description. They may declare the entry point functions, but this is not required. They may …
82 * `"key_context"` (not permitted for transparent drivers, mandatory for opaque drivers): informatio…
83 * `"persistent_state_size"` (not permitted for transparent drivers, optional for opaque drivers, in…
84 * `"location"` (not permitted for transparent drivers, optional for opaque drivers, integer or stri…
98 …in the driver that implements the corresponding function. If a function is not listed here, name o…
[all …]
/mbedtls-latest/docs/
Ddriver-only-builds.md39 `mbedtls/mbedtls_config.h`. This ensures the built-in implementation is not
94 to low-level hash APIs (`mbedtls_sha256()` etc.) are not possible for the
122 (`mbedtls_sha256()` etc.) will not be possible for the legacy modules that
129 `PSA_WANT_ALG_DETERMINISTIC_ECDSA` on the PSA one) to be not available.
183 - direct calls to APIs from the disabled modules are not possible;
184 - PK, X.509 and TLS will not support restartable ECC operations (see
210 curve is identified not by name, but by explicit parameters;
217 result in some code size savings, but not as much as when none of the
228 consequence these are not supported in builds without `MBEDTLS_ECDSA_C`.
231 are not supported without `ECDH_C`. See also limitations regarding
[all …]
D3.0-migration-guide.md25 migration path is not provided in prior documentation, changes made and the
34 suffixed with `_ret`. In Mbed TLS 3.x, this change may not be required, as most
64 …headers is no longer supported. In Mbed TLS 3, the layout of structures is not considered part of …
70 If you were accessing structure fields directly, and these fields are not documented as public, you…
92 This change does not affect users who use the default configuration; it only
99 that the pointer is non-null. With the feature disabled, a null pointer is not
111 not used in X.509, TLS or in PSA crypto, and it was not implemented in all
118 Validation of enum-like values is somewhat useful, but not extremely important,
125 This does not affect users who use the default `mbedtls_config.h`, as this option was
139 This only affects users who called the HAVEGE modules directly (not
[all …]
/mbedtls-latest/ChangeLog.d/
D00README.md3 This directory contains changelog entries that have not yet been merged
15 that are documented as experimental may or may not be announced, depending
30 changelog entry, but not for deciding whether to write one.
79 **Explain why, not how**. Remember that the audience is the users of the
80 library, not its developers. In particular, for a bug fix, explain the
81 consequences of the bug, not how the bug was fixed. For a new feature, explain

1234567