Home
last modified time | relevance | path

Searched refs:policy (Results 1 – 25 of 30) sorted by relevance

12

/openthread-3.7.0/third_party/mbedtls/repo/library/
Dpsa_crypto_storage.c231 uint8_t policy[sizeof(psa_key_policy_t)]; member
250 MBEDTLS_PUT_UINT32_LE(attr->policy.usage, storage_format->policy, 0); in psa_format_key_data_for_storage()
251 MBEDTLS_PUT_UINT32_LE(attr->policy.alg, storage_format->policy, sizeof(uint32_t)); in psa_format_key_data_for_storage()
252 MBEDTLS_PUT_UINT32_LE(attr->policy.alg2, storage_format->policy, 2 * sizeof(uint32_t)); in psa_format_key_data_for_storage()
310 attr->policy.usage = MBEDTLS_GET_UINT32_LE(storage_format->policy, 0); in psa_parse_key_data_from_storage()
311 attr->policy.alg = MBEDTLS_GET_UINT32_LE(storage_format->policy, sizeof(uint32_t)); in psa_parse_key_data_from_storage()
312 attr->policy.alg2 = MBEDTLS_GET_UINT32_LE(storage_format->policy, 2 * sizeof(uint32_t)); in psa_parse_key_data_from_storage()
Dpsa_crypto.c1009 static psa_status_t psa_key_policy_permits(const psa_key_policy_t *policy, in psa_key_policy_permits() argument
1023 if (psa_key_algorithm_permits(key_type, policy->alg, alg) || in psa_key_policy_permits()
1024 psa_key_algorithm_permits(key_type, policy->alg2, alg)) { in psa_key_policy_permits()
1051 psa_key_policy_t *policy, in psa_restrict_key_policy() argument
1055 psa_key_policy_algorithm_intersection(key_type, policy->alg, in psa_restrict_key_policy()
1058 psa_key_policy_algorithm_intersection(key_type, policy->alg2, in psa_restrict_key_policy()
1060 if (intersection_alg == 0 && policy->alg != 0 && constraint->alg != 0) { in psa_restrict_key_policy()
1063 if (intersection_alg2 == 0 && policy->alg2 != 0 && constraint->alg2 != 0) { in psa_restrict_key_policy()
1066 policy->usage &= constraint->usage; in psa_restrict_key_policy()
1067 policy->alg = intersection_alg; in psa_restrict_key_policy()
[all …]
Dpsa_crypto_slot_management.c432 psa_extend_key_usage_flags(&(*p_slot)->attr.policy.usage); in psa_get_and_lock_key_slot()
/openthread-3.7.0/src/cli/
Dcli_dataset.cpp1003 otSecurityPolicy policy; in ParseSecurityPolicy() local
1006 ClearAllBytes(policy); in ParseSecurityPolicy()
1008 SuccessOrExit(error = aArgs->ParseAsUint16(policy.mRotationTime)); in ParseSecurityPolicy()
1018 policy.mObtainNetworkKeyEnabled = true; in ParseSecurityPolicy()
1022 policy.mNativeCommissioningEnabled = true; in ParseSecurityPolicy()
1026 policy.mRoutersEnabled = true; in ParseSecurityPolicy()
1030 policy.mExternalCommissioningEnabled = true; in ParseSecurityPolicy()
1034 policy.mCommercialCommissioningEnabled = true; in ParseSecurityPolicy()
1038 policy.mAutonomousEnrollmentEnabled = true; in ParseSecurityPolicy()
1042 policy.mNetworkKeyProvisioningEnabled = true; in ParseSecurityPolicy()
[all …]
DREADME_DATASET.md692 Get security policy.
700 Set security policy.
/openthread-3.7.0/third_party/mbedtls/repo/include/psa/
Dcrypto_struct.h277 psa_key_policy_t MBEDTLS_PRIVATE(policy);
372 attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) = usage_flags; in psa_set_key_usage_flags()
378 return attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage); in psa_get_key_usage_flags()
384 attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg) = alg; in psa_set_key_algorithm()
390 return attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg); in psa_get_key_algorithm()
Dcrypto_extra.h62 attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2) = alg2; in psa_set_key_enrollment_algorithm()
74 return attributes->MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2); in psa_get_key_enrollment_algorithm()
/openthread-3.7.0/third_party/mbedtls/repo/docs/architecture/psa-migration/
Dpsa-legacy-bridges.md127 Since there is no algorithm that can be used with multiple types, and PSA keys have a policy that (…
143 …s a `psa_key_type_t` value and an algorithm which is normally encoded as policy information in a `…
244 …psa_key_type_t` plus policy information? The two APIs are different in crucial ways, with differen…
251 …creates the PSA key needs extra information to indicate which algorithm to put in the key's policy.
259 …lexible, or just different usage policy, unlike the default-then-copy approach which only allows r…
261 …ly two algorithms, and also allows the caller to benefit from default for the policy in more cases.
275 …the lifetime-related alone, since its job is to set the type-related and policy-related attributes.
283 * `mbedtls_pk_get_psa_attributes` sets the algorithm usage policy based on information in the key o…
284 …* For an RSA key with the `MBEDTLS_RSA_PKCS_V15` padding mode, the algorithm policy is `PSA_ALG_RS…
285 …* For an RSA key with the `MBEDTLS_RSA_PKCS_V21` padding mode, the algorithm policy is `PSA_ALG_RS…
[all …]
/openthread-3.7.0/third_party/mbedtls/repo/tests/suites/
Dtest_suite_psa_crypto.data355 PSA import/export AES key: policy forbids export
359 PSA import/export HMAC key: policy forbids export
363 PSA import/export RSA keypair: policy forbids export (crypt)
367 PSA import/export RSA keypair: policy forbids export (sign)
483 PSA import/export AES key: policy forbids export, opaque
487 PSA import/export HMAC key: policy forbids export, opaque
491 PSA import/export RSA keypair: policy forbids export (crypt), opaque
495 PSA import/export RSA keypair: policy forbids export (sign), opaque
765 PSA key policy: AES ECB
769 PSA key policy: AES CBC
[all …]
Dtest_suite_oid.data1 OID get Any Policy certificate policy
4 OID get certificate policy invalid oid
7 OID get certificate policy wrong oid - id-ce-authorityKeyIdentifier
Dtest_suite_psa_crypto_se_driver_hal_mocks.function372 TEST_ASSERT(mock_import_data.attributes.policy.usage ==
487 TEST_ASSERT(mock_generate_data.attributes.policy.usage ==
Dtest_suite_x509parse.function328 /* Handle unknown certificate policy */
357 * Get the policy sequence
373 * Recognize exclusively the policy with OID 1
392 * Skip the optional policy qualifiers.
Dtest_suite_psa_crypto_persistent_key.function32 uint8_t policy[sizeof(psa_key_policy_t)];
Dtest_suite_x509parse.data165 X509 CRT information, RSA Certificate unsupported policy
169 X509 CRT information, ECDSA Certificate unsupported policy
2004 X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy invalid tag)
2008 X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy length missing)
2012 X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy length inv encoding)
2016 X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy length out of bounds)
2020 X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, empty policy)
2024 X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy invalid OID tag)
2028 X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy no OID length)
2032 X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy OID length inv encoding)
[all …]
Dtest_suite_pk.data1065 PSA attributes for pk: opaque RSA pair, 0 & SIGN_MESSAGE (bad policy)
1100 PSA attributes for pk: opaque RSA pair, SIGN_MESSAGE & SIGN_HASH (bad policy)
1105 # key's algorithm policy. Just this time, test with a few different algorithms.
1122 PSA attributes for pk: opaque RSA pair, 0 & DECRYPT (bad policy)
1154 PSA attributes for pk: opaque ECC pair, 0 & SIGN_MESSAGE (bad policy)
/openthread-3.7.0/third_party/mbedtls/repo/tests/data_files/
Dtest-ca.server1.opensslconf13 policy = policy_match
Dtest-ca.server1.future-crl.opensslconf13 policy = policy_match
Dtest-ca.server1.test_serial.opensslconf14 policy = policy_match
/openthread-3.7.0/third_party/mbedtls/repo/docs/architecture/
Dmbed-crypto-storage-specification.md58 * policy usage flags (4 bytes): `psa_key_usage_t` value
59 * policy usage algorithm (4 bytes): `psa_algorithm_t` value
196 * A new policy field, marked as [NEW:1.1.0] below.
208 * policy usage flags (4 bytes): `psa_key_usage_t` value
209 * policy usage algorithm (4 bytes): `psa_algorithm_t` value
210 * policy enrollment algorithm (4 bytes): `psa_algorithm_t` value [NEW:1.1.0]
268 * policy usage flags (4 bytes): `psa_key_usage_t` value.
269 * policy usage algorithm (4 bytes): `psa_algorithm_t` value.
270 * policy enrollment algorithm (4 bytes): `psa_algorithm_t` value.
328 * policy usage flags (4 bytes): `psa_key_usage_t` value.
[all …]
/openthread-3.7.0/third_party/mbedtls/repo/
DCMakeLists.txt25 # https://cmake.org/cmake/help/latest/policy/CMP0011.html
26 # Setting this policy is required in CMake >= 3.18.0, otherwise a warning is generated. The OLD
27 # policy setting is deprecated, and will be removed in future versions.
29 # https://cmake.org/cmake/help/latest/policy/CMP0012.html
30 # Setting the CMP0012 policy to NEW is required for FindPython3 to work with CMake 3.18.2
31 # (there is a bug in this particular version), otherwise, setting the CMP0012 policy is required
32 # for CMake versions >= 3.18.3 otherwise a deprecated warning is generated. The OLD policy setting
/openthread-3.7.0/third_party/mbedtls/repo/tests/data_files/dir4/
DReadme1 This directory contains the certificates for the tests targeting the enforcement of the policy indi…
/openthread-3.7.0/tools/harness-thci/
DOpenThread_WpanCtl.py2409 policy = str(hex(rotationTime))[2:]
2411 if len(policy) < 4:
2412 policy = policy.zfill(4)
2414 setRawTLVCmd += policy
DOpenThread.py2580 policy = str(hex(rotationTime))[2:]
2582 if len(policy) < 4:
2583 policy = policy.zfill(4)
2585 cmd += policy
/openthread-3.7.0/third_party/mbedtls/repo/docs/architecture/psa-thread-safety/
Dpsa-thread-safety.md17 - The core makes no additional guarantees for drivers. See [Driver policy](#driver-policy) for deta…
47 …API call completes in a finite number of steps regardless of the locking policy of the underlying …
99 ### Driver policy
337 A future policy we may wish to enforce for drivers is:
/openthread-3.7.0/third_party/mbedtls/repo/docs/
Dpsa-transition.md351 … the flag mask `PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT`. The same policy flags cover authen…
681 A key's policy indicates what algorithm(s) it can be used with (usage algorithm policy) and what op…
699 …be used to sign messages with multiple different hashes. In an algorithm policy, you can use [`PSA…
714 …se a private key for operations on the corresponding public key (as long as the policy permits it).
730 …se a private key for operations on the corresponding public key (as long as the policy permits it).
819 …oup__attributes_1gaffa134b74aa52aa3ed9397fcab4005aa) to change the key's policy (by default, it al…
895policy from its attributes with [`psa_get_key_usage_flags`](https://mbed-tls.readthedocs.io/projec…
899 …port_1ga668e35be8d2852ad3feeef74ac6f75bf). If the key is a key pair, its policy must allow `PSA_KE…
901 …port_1gaf22ae73312217aaede2ea02cdebb6062). This is always permitted regardless of the key's policy.
913 …or ECC key. The PK object can only be used as permitted by the PSA key's policy. The PK object con…
[all …]

12