mbed-crypto-storage-specification.md - OpenGrok cross reference for /mbedtls-development/docs/architecture/mbed-crypto-storage-specification.md

Lines Matching refs:a
9 …ation from this document unless it has always been incorrect or it is about a version that you are…
26 * [Persistent transparent keys](#key-file-format-for-0.1.0) designated by a [slot number](#key-name…
29 This is a beta release, and we do not promise backward compatibility, with one exception:
31 > On Mbed OS, if a device has a nonvolatile random seed file produced with Mbed OS 5.11.x and is up…
37 Information about each key is stored in a dedicated file whose name is constructed from the key ide…
39 The valid values for a key identifier are the range from 1 to 0xfffeffff. This limitation on the ra…
45 There is a shared namespace for all callers.
51 The layout of a key file is:
64 The nonvolatile random seed file contains a seed for the random generator. If present, it is rewrit…
66 The file format is just the seed as a byte string with no metadata or encoding of any kind.
70 Assumption: ITS provides a 32-bit file identifier namespace. The Crypto service can use arbitrary f…
81 …a directory other than the current directory. This value is simply prepended to the file name (so …
83 * `CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_0"`: used as a temporary file. Must be writable. May …
97 * [PSA platform](#file-namespace-on-a-psa-platform-for-1.0.0)
98 * [library using PSA ITS](#file-namespace-on-its-as-a-library-for-1.0.0)
103 * [Persistent transparent keys](#key-file-format-for-1.0.0) designated by a [key identifier and own…
110 …a dedicated file designated by the key identifier. In integrations where there is no concept of ke…
114 …name is just the key identifier as defined in the PSA crypto specification. This is a 32-bit value.
115 …lling partition identifier provided to the server by the partition manager. This is a 64-bit value.
125 ### File namespace on a PSA platform for 1.0.0
127 Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary f…
129 Assumption: the owner identifier is a nonzero value of type `int32_t`.
135 ### File namespace on ITS as a library for 1.0.0
137 Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library ca…
139 This is a library integration, so there is no owner. The key file identifier is identical to the ke…
148 This is a library integration, so there is no owner. The key file identifier is identical to the ke…
154 * Delete files 1 through 0xfffeffff, which contain keys in a format that is no longer supported.
158 …m in different ranges (0 through 0xffffffff on a PSA platform, 0xffff0000 through 0xffffffffffffff…
160 It would simplify things to always have a 32-bit owner, with a nonzero value, and thus reserve the …
183 The layout of a key file is:
205 * The layout of a key file now has a lifetime field before the type field.
206 * Key files can store references to keys in a secure element. In such key files, the key material c…
208 ### File namespace on a PSA platform on TBD
210 Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary f…
212 Assumption: the owner identifier is a nonzero value of type `int32_t`.
218 ### File namespace on ITS as a library on TBD
220 Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library ca…
222 This is a library integration, so there is no owner. The key file identifier is identical to the ke…
242 The layout of a key file is:
253     * For a transparent key: output of `psa_export_key`.
255     * For an opaque key (key in a secure element): slot number (8 bytes), in platform endianness.
264 All currently existing transactions concern a key in a secure element.
266 The layout of a transaction file is:
270 * lifetime (4 bytes): `psa_key_lifetime_t` value that corresponds to a key in a secure element.
272 …a library integration, 8 bytes on a PSA platform): the internal representation of the key identifi…
295 * The type field has been split into a type and a bits field of 2 bytes each.
301 The layout of a key file is:
313     * For a transparent key: output of `psa_export_key`.
315     * For an opaque key (key in a secure element): slot number (8 bytes), in platform endianness.