| /mbedtls-development/programs/ssl/ |
| A D | ssl_test_common_source.c | 35 eap_tls_keys *keys = (eap_tls_keys *)p_expkey; in eap_tls_key_derivation() local
40 if( secret_len != sizeof( keys->master_secret ) ) in eap_tls_key_derivation()
43 memcpy( keys->master_secret, secret, sizeof( keys->master_secret ) ); in eap_tls_key_derivation()
44 memcpy( keys->randbytes, client_random, 32 ); in eap_tls_key_derivation()
45 memcpy( keys->randbytes + 32, server_random, 32 ); in eap_tls_key_derivation()
46 keys->tls_prf_type = tls_prf_type; in eap_tls_key_derivation()
127 dtls_srtp_keys *keys = (dtls_srtp_keys *)p_expkey; in dtls_srtp_key_derivation() local
132 if( secret_len != sizeof( keys->master_secret ) ) in dtls_srtp_key_derivation()
135 memcpy( keys->master_secret, secret, sizeof( keys->master_secret ) ); in dtls_srtp_key_derivation()
136 memcpy( keys->randbytes, client_random, 32 ); in dtls_srtp_key_derivation()
[all …]
|
| /mbedtls-development/library/ |
| A D | ssl_ticket.c | 74 mbedtls_ssl_ticket_key *key = ctx->keys + index; in ssl_ticket_gen_key()
107 uint32_t key_time = ctx->keys[ctx->active].generation_time; in ssl_ticket_update_keys()
152 ret = mbedtls_cipher_setup_psa( &ctx->keys[0].ctx, in mbedtls_ssl_ticket_setup()
160 if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) != 0 ) in mbedtls_ssl_ticket_setup()
164 ret = mbedtls_cipher_setup_psa( &ctx->keys[1].ctx, in mbedtls_ssl_ticket_setup()
229 key = &ctx->keys[ctx->active]; in mbedtls_ssl_ticket_write()
285 for( i = 0; i < sizeof( ctx->keys ) / sizeof( *ctx->keys ); i++ ) in ssl_ticket_select_key()
286 if( memcmp( name, ctx->keys[i].name, 4 ) == 0 ) in ssl_ticket_select_key()
287 return( &ctx->keys[i] ); in ssl_ticket_select_key()
392 mbedtls_cipher_free( &ctx->keys[0].ctx ); in mbedtls_ssl_ticket_free()
[all …]
|
| A D | ssl_tls13_keys.c | 204 mbedtls_ssl_key_set *keys ) in mbedtls_ssl_tls1_3_make_traffic_keys() argument
212 keys->client_write_key, key_len ); in mbedtls_ssl_tls1_3_make_traffic_keys()
220 keys->server_write_key, key_len ); in mbedtls_ssl_tls1_3_make_traffic_keys()
228 keys->client_write_iv, iv_len ); in mbedtls_ssl_tls1_3_make_traffic_keys()
236 keys->server_write_iv, iv_len ); in mbedtls_ssl_tls1_3_make_traffic_keys()
240 keys->key_len = key_len; in mbedtls_ssl_tls1_3_make_traffic_keys()
241 keys->iv_len = iv_len; in mbedtls_ssl_tls1_3_make_traffic_keys()
|
| A D | psa_crypto_cipher.c | 186 uint8_t keys[24]; in cipher_setup() local
187 memcpy( keys, key_buffer, 16 ); in cipher_setup()
188 memcpy( keys + 16, key_buffer, 8 ); in cipher_setup()
190 keys, in cipher_setup()
|
| A D | ssl_tls13_keys.h | 155 mbedtls_ssl_key_set *keys );
|
| /mbedtls-development/tests/suites/ |
| A D | test_suite_psa_crypto_slot_management.function | 88 /* All keys must have been closed. */
823 mbedtls_svc_key_id_t *keys = NULL;
831 ASSERT_ALLOC( keys, max_keys );
842 &keys[i] );
848 TEST_ASSERT( ! mbedtls_svc_key_id_equal( keys[i], keys[j] ) );
855 PSA_ASSERT( psa_export_key( keys[i],
861 PSA_ASSERT( psa_close_key( keys[i - 1] ) );
865 mbedtls_free( keys );
956 mbedtls_svc_key_id_t *keys = NULL;
1033 PSA_ASSERT( psa_export_key( keys[i],
[all …]
|
| A D | test_suite_aes.xts.data | 35 # 128-bit keys with 32 byte sector
47 # 128-bit keys with 512 byte sector
68 # 256-bit keys with 512 byte sector
86 # 128-bit keys with sector size not evenly divisible by 16 bytes
|
| A D | test_suite_psa_crypto_storage_format.function | 122 /* Read-only keys cannot be removed through the API.
226 * guarantees backward compatibility with keys that were stored by
|
| A D | test_suite_ecjpake.function | 65 /* Load my private and public keys, and peer's public keys */
|
| A D | test_suite_ssl.function | 1223 /* Pick keys */
1273 /* Pick hash keys */
3721 mbedtls_ssl_key_set keys;
3739 keys.key_len,
3743 keys.key_len,
3747 keys.iv_len,
3751 keys.iv_len,
3959 mbedtls_ssl_key_set keys;
3978 memcpy( keys.client_write_key,
3980 memcpy( keys.client_write_iv,
[all …]
|
| /mbedtls-development/docs/architecture/testing/ |
| A D | psa-storage-format-testing.md | 31 Use a similar approach for files other than keys where possible and relevant.
39 If the way certain keys are stored changes, and we don't deliberately decide to stop supporting old…
45 …rage) (files containing one key's metadata and, except for some secure element keys, key material).
70 ### Enumeration of test cases for keys
72 Objective: ensure that the coverage is sufficient to have assurance that all keys are stored correc…
85 … knowledge of what attributes (sizes, algorithms, …) and content to use for keys of a certain type.
103 * HMAC keys longer than the block size: pre-hashed or not?
104 * DES keys: was parity enforced?
105 * RSA keys: can invalid DER encodings (e.g. leading zeros, ignored sign bit) have been stored?
106 * RSA private keys: can invalid CRT parameters have been stored?
[all …]
|
| A D | driver-interface-test-strategy.md | 72 #### Persistence of SE keys
76 * Test that keys in a secure element survive `psa_close_key(); psa_open_key()`.
77 * Test that keys in a secure element survive `mbedtls_psa_crypto_free(); psa_crypto_init()`.
90 … is supposed to be present) and does not have any unexpected content (for keys, this can be done b…
|
| /mbedtls-development/scripts/ |
| A D | generate_psa_constants.py | 276 return ''.join([make(k, d[k]) for k in sorted(d.keys())])
281 return ''.join([make(k, d[k]) for k in sorted(d.keys())])
304 return ''.join([make(k, d[k]) for k in sorted(d.keys())])
|
| A D | abi_check.py | 313 shared_modules = list(set(self.old_version.modules.keys()) &
314 set(self.new_version.modules.keys()))
|
| /mbedtls-development/tests/scripts/ |
| A D | psa_collect_statuses.py | 76 for function in sorted(self.functions.keys()):
78 names = [self.status_names[value] for value in fdata.keys()]
|
| /mbedtls-development/include/mbedtls/ |
| A D | ssl_ticket.h | 61 mbedtls_ssl_ticket_key MBEDTLS_PRIVATE(keys)[2]; /*!< ticket protection keys */
|
| /mbedtls-development/docs/ |
| A D | use-psa-crypto.md | 38 ### PSA-held (opaque) keys in the PK layer
46 Limitations: only for private keys, only ECC. (That is, only ECDSA signature
68 ### PSA-held (opaque) keys for TLS pre-shared keys (PSK)
202 - RSA PKCS#1 v1.5 signature generation (from PSA-held keys)
|
| A D | getting_started.md | 35 * [Generating and exporting keys](#generating-and-exporting-keys)
70 **Prerequisites to importing keys:**
540 Mbed Crypto provides a key derivation API that lets you derive new keys from
542 other keys and data, and functions to generate outputs, such as new keys or
669 /* Destroy the keys */
830 ### Generating and exporting keys
|
| /mbedtls-development/docs/proposed/ |
| A D | psa-driver-interface.md | 33 …celerators that operate on keys in cleartext; cryptoprocessors that can wrap keys with a built-in …
364 …ration functions are supposed to receive valid keys, and should not have to check and report inval…
378 * For elliptic curve private keys (`PSA_KEY_TYPE_ECC_KEY_PAIR`), check the size and range. TODO: wh…
379 * For elliptic curve public keys (`PSA_KEY_TYPE_ECC_PUBLIC_KEY`), check the size and range, and tha…
455 …volved when exporting, copying or destroying keys, or when importing, generating or deriving symme…
613 …or [built-in keys](#built-in-keys). This allows drivers to efficiently represent application keys …
669 …lled by functions that access a key to retrieve information about a [built-in key](#built-in-keys).
729 TODO: some of the above doesn't apply to volatile keys
800 #### Built-in keys
802 Opaque drivers may declare built-in keys. Built-in keys can be accessed, but not created, through t…
[all …]
|
| A D | psa-driver-developer-guide.md | 20 * **Transparent** drivers implement cryptographic operations on keys that are provided in cleartext…
21 * **Opaque** drivers implement cryptographic operations on keys that can only be used inside a prot…
|
| /mbedtls-development/ |
| A D | Makefile | 97 CTR_DRBG_128_BIT_KEY_WARN_L2=**** Using 128-bit keys for CTR_DRBG limits the security of generated…
98 CTR_DRBG_128_BIT_KEY_WARN_L3=**** keys and operations that use random values generated to 128-bit …
|
| A D | ChangeLog | 20 users from using unsafe keys in production.
78 a key-value store with keys being session IDs and values
134 Raw keys and IVs are no longer passed to the callback.
1625 * Add support for 128-bit keys in CTR_DRBG. Note that using keys shorter
3303 RSA keys.
3640 * Parsing Elliptic Curve keys
4294 * Parsing PEM private keys encrypted with DES and AES
4330 * Detection for DES weak keys and parity bits added
4371 * rsa_check_private() now supports PKCS1v2 keys as well
4552 * Modified the HMAC functions to handle keys larger
[all …]
|
| A D | CMakeLists.txt | 69 set(CTR_DRBG_128_BIT_KEY_WARN_L2 "**** Using 128-bit keys for CTR_DRBG limits the security of gene…
70 set(CTR_DRBG_128_BIT_KEY_WARN_L3 "**** keys and operations that use random values generated to 128…
93 # If 128-bit keys are configured for CTR_DRBG, display an appropriate warning
|
| /mbedtls-development/docs/architecture/ |
| A D | alternative-implementations.md | 28 …phic operations with transparent keys (keys available in cleartext), for cryptographic operations …
|
| A D | mbed-crypto-storage-specification.md | 26 * [Persistent transparent keys](#key-file-format-for-0.1.0) designated by a [slot number](#key-name…
81 …ed to the file name (so it must end with a directory separator to put the keys in a different dire…
103 * [Persistent transparent keys](#key-file-format-for-1.0.0) designated by a [key identifier and own…
154 * Delete files 1 through 0xfffeffff, which contain keys in a format that is no longer supported.
206 * Key files can store references to keys in a secure element. In such key files, the key material c…
|