Home
last modified time | relevance | path

Searched refs:secure (Results 1 – 25 of 32) sorted by relevance

12

/openthread-latest/third_party/mbedtls/repo/docs/architecture/
Dpsa-storage-resilience.md34 …)` for a key destruction). This also holds for an opaque key stored in a secure element that does …
38 * [Key management for stateful secure element keys](#designing-key-management-for-secure-element-ke…
44 ## Designing key management for secure element keys
46secure element key” to mean a key stored in a stateful secure element, i.e. a secure element that …
48 ### Assumptions on stateful secure elements
50 **Assumption: driver calls for key management in stateful secure elements are atomic and committing…
52 (For stateless secure elements, this assumption is vacuously true.)
56 For a secure element key, key management requires a commitment on both sites. For example, consider…
58 1. The core sends a request to the secure element to create a key.
59 2. The secure element modifies its key store to create the key.
[all …]
Dmbed-crypto-storage-specification.md226 * Key files can store references to keys in a secure element. In such key files, the key material c…
253 …YPTO_SE_DRIVER_ITS_UID_BASE + lifetime`): secure element driver storage. The content of the file i…
275 * For an opaque key (key in a secure element): slot number (8 bytes), in platform endianness.
284 All currently existing transactions concern a key in a secure element.
290 * lifetime (4 bytes): `psa_key_lifetime_t` value that corresponds to a key in a secure element.
291 …_key_slot_number_t` value. This is the unique designation of the key for the secure element driver.
297 * The slot in the secure element designated by the slot number.
301 * The slot in the secure element designated by the slot number.
335 * For an opaque key (key in a secure element): slot number (8 bytes), in platform endianness.
360 …* Opaque, using the deprecated secure element interface with dynamically registered drivers (`MBED…
[all …]
Dpsa-crypto-implementation-structure.md54 …t>() functions dispatch cryptographic operations to accelerator drivers, secure element drivers as…
130 * For transparent keys (keys that are not in a secure element), the feature is implemented by Mbed…
/openthread-latest/third_party/mbedtls/repo/docs/architecture/testing/
Ddriver-interface-test-strategy.md3 …ategy for the driver interfaces in Mbed TLS. Mbed TLS has interfaces for secure element drivers, a…
13 ….md) supports both transparent drivers (for accelerators) and opaque drivers (for secure elements).
17 #### Dynamic secure element driver interface
19 The dynamic secure element driver interface (SE interface for short) is defined by [`psa/crypto_se_…
25 This section describes unit tests that must be implemented to validate the secure element driver in…
27 …rface unit tests could be covered by running the existing API tests with a key in a secure element.
41 * Make at least one test with a key in a secure element that checks that the driver method is calle…
42 * Make at least one test with a key that is not in a secure element that checks that the driver met…
43 * Make at least one test with a key in a secure element with a driver that does not have the requis…
44 * Make at least one test with a key in a secure element with a driver that does not have the substr…
[all …]
Dpsa-storage-format-testing.md45 * [Key files](#key-storage) (files containing one key's metadata and, except for some secure elemen…
121 Only relevant for secure element support. Not yet fully implemented.
Dinvasive-testing.md104 * Key slots in a secure element (PSA SE HAL).
120 * Freeing key slots in a secure element.
324 See the [secure element driver interface test strategy](driver-interface-test-strategy.html) for mo…
/openthread-latest/third_party/mbedtls/repo/docs/proposed/
Dpsa-driver-developer-guide.md7 This document describes how to write drivers of cryptoprocessors such as accelerators and secure el…
22 …inside a protected environment such as a **secure element**, a hardware security module, a smartca…
Dpsa-driver-interface.md25 …inside a protected environment such as a **secure element**, a hardware security module, a smartca…
39 [Req.location] Applications can tell which location values correspond to which secure element drive…
223 … by `psa_mac_verify()`. This entry point is mainly useful for drivers of secure elements that veri…
319 1. If this step is passed via `psa_key_derivation_input_key()` for a key in a secure element:
320 …* If the driver for this secure element implements the `"key_derivation"` family for the specified…
322 …* Otherwise the core calls the secure element driver's [`"export_key"`](#key-management-with-opaqu…
333 … opaque drivers only): derive key material which remains inside the same secure element. See [“Key…
480 …EY_DERIVATION_INPUT_SECRET` input is in a secure element and the derivation operation is handled b…
484 …1. If the derived key is in the same secure element, if the driver has an `"key_derivation_output_…
502 …_key_derivation_output_key()` where the derived key is in a secure element, call that secure eleme…
[all …]
/openthread-latest/src/cli/
DREADME_COAPS.md13 CoAPS uses DTLS to establish a secure, end-to-end connection.
266 Indicates whether or not the CoAP secure service is connected.
276 Indicates whether or not the CoAP secure service connection is active (already connected or establi…
286 Indicates whether or not the CoAP secure service is closed.
/openthread-latest/tests/scripts/thread-cert/
Dmle.py141 def __init__(self, receiver, secure, device_type, network_data): argument
143 self._secure = secure
152 def secure(self): member in Mode
166 return (self.receiver == other.receiver and self.secure == other.secure and
171 self.receiver, self.secure, self.device_type, self.network_data)
179 secure = (mode >> 2) & 0x01
182 return Mode(receiver, secure, device_type, network_data)
Dtest_mle.py435 secure = any_secure()
437 mode = mle.Mode(any_receiver(), secure, any_device_type(), any_network_data())
440 actual_secure = mode.secure
443 self.assertEqual(secure, actual_secure)
486 self.assertEqual(mode_map[mode]["secure"], actual_mode.secure)
1692 …self.assertEqual(mle.Mode(receiver=1, secure=1, device_type=0, network_data=1), actual_mle_command…
1743 self.assertEqual(mle.Mode(receiver=1, secure=1, device_type=0, network_data=1),
/openthread-latest/third_party/mbedtls/repo/3rdparty/p256-m/
DREADME.md4 It should be noted that p256-m deliberately does not supply its own cryptographically secure RNG fu…
/openthread-latest/third_party/mbedtls/repo/
DBRANCHES.md35 code that's working and secure with Mbed TLS x.y.z and does not rely on
38 number, and your code will still build, be secure, and work.
DREADME.md281 …d in a PSA-compliant platform to build services, such as secure boot, secure storage and secure co…
302 Mbed TLS supports drivers for cryptographic accelerators, secure elements and random generators. Th…
DSECURITY.md132 - Add a secure alternative implementation (typically hardware acceleration) for
DCONTRIBUTING.md20 - The code should be secure, and will be reviewed from a security point of view as well.
/openthread-latest/tools/tcat_ble_client/
DREADME.md48 The application will connect to the first matching device discovered and set up a secure TLS channe…
/openthread-latest/third_party/mbedtls/repo/programs/
DREADME.md44 …r.c`](pkey/dh_server.c): secure channel demonstrators (client, server). This pair of programs illu…
/openthread-latest/third_party/mbedtls/repo/3rdparty/p256-m/p256-m/
DREADME.md100 As a result, p256-m should be secure against the following classes of attackers:
113 (Note: p256-m should actually be secure against SPA, by virtue of being fully
117 function is not cryptographically secure, then neither is p256-m's key
146 - A secure RNG function needs to be provided externally, see
291 attacking a secure enclave); on the other hand TinyCrypt includes coordinate
/openthread-latest/third_party/mbedtls/repo/tests/suites/
Dtest_suite_psa_crypto_se_driver_hal.function21 /** The minimum valid location value for a secure element driver. */
560 /* The key is not in a secure element. */
563 /* The key is in a secure element. If it had been created
775 * specific to dynamic secure elements. */
1355 * the mock secure element storage. */
/openthread-latest/src/posix/platform/
DCMakeLists.txt80 option(OT_POSIX_SECURE_SETTINGS "enable secure settings" OFF)
/openthread-latest/etc/gn/
Dopenthread.gni111 # Enable secure coap api support
/openthread-latest/etc/cmake/
Doptions.cmake189 ot_option(OT_COAPS OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE "secure coap")
239 …M_KEY_REF OPENTHREAD_CONFIG_PLATFORM_KEY_REFERENCES_ENABLE "platform key reference secure storage")
/openthread-latest/third_party/mbedtls/repo/docs/architecture/psa-migration/
Dpsa-legacy-bridges.md39 * Only PSA fully supports PSA accelerators and secure element integration.
40 * Only PSA supports isolating cryptographic material in a secure service.
164 … Typically, there is an existing key in the PSA key store (possibly in a secure element and non-ex…
314 …or example to benefit from a PSA accelerator driver, or to start using a secure element), without …
/openthread-latest/third_party/mbedtls/repo/docs/
Dpsa-driver-example-and-guide.md20 …inside a protected environment such as a **secure element**, a hardware security module, a smartca…

12