to (reference) in projects: mbedtls-development

Project(s)

Full Search
Definition
Symbol
File Path
Type

Searched refs:to (Results 1 – 25 of 138) sorted by relevance

12 3 4 5 6

/mbedtls-development/doxygen/
A D	mbedtls.doxyfile	84 # Set to NO to disable this. 149 # the reader which header file to include in order to use a class. 434 # Set it to YES to include the internal documentation. 442 # and Mac users are advised to set this option to NO. 504 # Note: This option applies only to the class list, not to the 654 # to stderr. 775 # files to browse (i.e. when SOURCE_BROWSER is set to YES). 846 # which an include is specified. Set to NO to disable this. 1182 # to force them to be regenerated. 1840 # If DOT_IMAGE_FORMAT is set to svg, then this option can be set to YES to [all …]
/mbedtls-development/docs/
A D	getting_started.md	48 * Perl to run the tests. 70 Prerequisites to importing keys: 169 printf("Failed to sign\n"); 194 1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions. 195 1. Initialize the operation structure to zero or to `PSA_CIPHER_OPERATION_INIT`. 196 1. Call `psa_cipher_encrypt_setup()` to specify the algorithm and the key to be used. 278 1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions. 279 1. Initialize the operation structure to zero or to `PSA_CIPHER_OPERATION_INIT`. 280 1. Call `psa_cipher_decrypt_setup()` to specify the algorithm and the key to be used. 386 1. Allocate an operation structure (`psa_hash_operation_t`) to pass to the hash functions. [all …]
A D	3.0-migration-guide.md	3 This guide details the steps required to migrate from Mbed TLS version 2.x to 6 need to change their own code in order to make it work with Mbed TLS 3.0. 85 The default reaction to a failed check was to call a function 195 you will need to add `#define MBEDTLS_SHA224_C` option to your config. 343 to `mbedtls_rsa_init()`, to call `mbedtls_rsa_set_padding()` to set it. 438 The migration path is to pass the correct value to those functions. 527 ### Change the API to allow adding critical extensions to CSRs 593 If you used to rely on this module in order to store your private keys 737 - It is no longer bound to an SSL configuration, but to an 754 Users which require access to the raw keys used to secure application [all …]
A D	use-psa-crypto.md	13 `MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER` to be disabled. 27 Some of these APIs are meant for the application to use in place of 28 pre-existing APIs, in order to get access to the benefits; in the sub-sections 31 to pick up the improvements. 36 X.509) layers to pick up the improvements. 54 using the new API in order to get the benefits; it can then pass the 55 resulting context to the following existing APIs: 85 APIs to get the benefits. 90 that will call PSA to store the key and perform the operations. 120 Scope: `mbedtls_pk_verify()` will call to PSA for ECDSA signature [all …]
/mbedtls-development/
A D	CONTRIBUTING.md	3 …ons from the community. There are some requirements we need to fulfill in order to be able to inte… 28 …to minimise the impact on users upgrading to newer versions of the library and it should not be ne… 30 …to users, where a change to the interface is required, all changes to the ABI or API, even on the … 36 …to the definition of functions in the public interface which will change the API. Instead the inte… 44 When backporting to these branches please observe the following rules: 46 1. Any change to the library which changes the API or ABI cannot be backported. 47 …to that LTS branch. If a bug fix introduces a change to the API such as a new function, the fix sh… 48 … backporting is required. Exceptions to this may be additional test cases or quality improvements … 50 It would be highly appreciated if contributions are backported to LTS branches in addition to the [… 68 …est.sh` is available to show test coverage of the library. New code contributions should provide a… [all …]
A D	README.md	49 * Python 3.6 to generate the test code, and to generate sample programs in the development branch. 50 * Perl to run the tests, and to generate some source files in the development branch. 85 In order to run the tests, enter: 111 mkdir /path/to/build_dir && cd /path/to/build_dir 112 cmake /path/to/mbedtls_source 115 In order to run the tests, enter: 119 The test suites need Python to be built and Perl to be executed. If you don't have one of these ins… 158 If you already invoked cmake and want to change those settings, you need to 169 If you want to change `CC` or `CFLAGS` afterwards, you will need to remove the 248 - [Porting Mbed TLS to a new environment or OS](https://tls.mbed.org/kb/how-to/how-do-i-port-mbed… [all …]
A D	ChangeLog	12 https://tls.mbed.org/kb/how-to/add-entropy-sources-to-entropy-pool for 65 by MBEDTLS_GCM_ALT may delay partial blocks to the next call to 67 no longer pass the associated data to mbedtls_gcm_starts(), but to the 413 * Fix which alert is sent in some cases to conform to the 451 mbedtls_config.h is intended to be edited by end users wishing to 641 of up to 15 bytes, with consequences ranging up to arbitrary code 754 PSA_KEY_TYPE_GET_CURVE renamed to to PSA_KEY_TYPE_ECC_GET_FAMILY 2927 You now need to link to all of them if you use TLS for example. 3130 entropy_free() to crash (thanks to Rafał Przywara). 4033 * Moved out_msg to out_hdr + 32 to support hardware acceleration [all …]
A D	LICENSE	19 "control" means (i) the power, direct or indirect, to cause the 28 including but not limited to software source code, documentation 33 not limited to compiled object code, generated documentation, 34 and conversions to other media types. 38 copyright notice that is included in or attached to the work 51 to that Work or Derivative Works thereof, that is intentionally 56 to the Licensor or its representatives, including but not limited to 70 copyright license to reproduce, prepare Derivative Works of, 104 excluding those notices that do not pertain to any part of 145 agreed to in writing, Licensor provides the Work (and each [all …]
A D	dco.txt	`9 Everyone is permitted to copy and distribute verbatim copies of this 15 By making a contribution to this project, I certify that: 18 have the right to submit it under the open source license 21 (b) The contribution is based upon previous work that, to the best 23 license and I have the right under that license to submit that 26 permitted to submit under a different license), as indicated 29 (c) The contribution was provided directly to me by some other`
A D	BRANCHES.md	21 compatibility on major version changes (e.g. from 3.x to 4.0). We also maintain 28 undocumented features, then you should be able to re-compile it without 38 * Adding items to an enum. 43 * Changing the behavior of a function from failing to succeeding, when the 49 crypto that was found to be weak) may need to be changed. In case security 51 but always attempt to provide a compatibility option. 55 For the LTS branches, additionally we try very hard to also maintain ABI 57 re-compiling) and to avoid any increase in code size or RAM usage, or in the 58 minimum version of tools needed to build the code. The only exception, as 61 had to break ABI compatibility in an LTS branch, but we occasionally had to [all …]
/mbedtls-development/docs/proposed/
A D	psa-driver-integration-guide.md	6 This document describes how to build Mbed TLS with additional cryptoprocessor drivers that follow t… 12 …e provides a way to build Mbed TLS with additional code that implements certain cryptographic prim… 16 …N format and some code to include in the build. The driver code can either be provided in binary f… 18 ## How to build Mbed TLS with drivers 25 cd /path/to/mbedtls 32 cd /path/to/mbedtls 33 make PSA_DRIVERS="/path/to/acme/driver.json /path/to/nadir/driver.json" lib 39 cd /path/to/application 40 …ld myapp.o -L/path/to/acme -lacmedriver -L/path/to/nadir -lnadirdriver -L/path/to/mbedtls -lmbedcr…
A D	psa-conditional-inclusion-c.md	44 [Limitation.size] There is no requirement to include only support for certain key sizes. 46 …] Where there are multiple ways to perform an operation, for example single-part and multi-part, t… 66 * If the symbol is defined to a preprocessor expression with the value `1`, the corresponding featu… 74 …ry code using `MBEDTLS_USE_PSA_CRYPTO`, for example in TLS to determine which cipher suites to ena… 91 …fied by the fact that it is very common to wish to include only certain curves in a family, and th… 158 …to application code or driver code, since they are not part of the public interface of the library… 164 A mechanism similar to `mbedtls/check_config.h` detects errors such as enabling ECDSA but no curve. 188 …to capability specifications of transparent drivers. The same JSON properties that are used to mea… 190 ### From JSON to C 196 …to a list of JSON capabilities: for each included algorithm, include a capability with that algori… [all …]
A D	psa-driver-interface.md	236 1. The core initializes operation context objects to either all-bits-zero or to logical zero (`{0}`… 248 This family applies to transparent drivers only. 364 …nteed to work functionally and not to cause indirect security loss. Operation functions are suppos… 438 …to provide two driver descriptions, one for a transparent driver and one for an opaque driver. You… 523 …irst call to `"add_entropy"`, this object has been initialized by a call to the driver's `"init_ra… 531 * Before the first call to the `"get_random"` entry point, to supply `"initial_entropy_size"` bytes… 729 TODO: some of the above doesn't apply to volatile keys 829 …to destroy a built-in key to the [`"destroy_key"`](#key-management-in-a-secure-element-with-storag… 831 ## How to use drivers from an application 930 Should drivers really have to cope with overlap? [all …]
/mbedtls-development/programs/
A D	README.md	24 …writer.c): loads a PEM or DER public key or private key file and writes it to a new PEM or DER fil… 36 * [`pkey/rsa_genkey.c`](pkey/rsa_genkey.c): generates an RSA key and writes it to a file that can b… 44 …This pair of programs illustrates how to set up a secure channel using RSA for authentication and … 50 * [`pkey/dh_genprime.c`](pkey/dh_genprime.c): shows how to use the bignum (`mpi`) interface to gene… 56 * [`random/gen_entropy.c`](random/gen_entropy.c): shows how to use the default entropy sources to g… 57 …Note: most applications should only use the entropy generator to seed a cryptographic pseudorandom… 59 …rbg.c): shows how to use the default entropy sources to seed a pseudorandom generator, and how to … 65 …ssl/dtls_client.c): a simple DTLS client program, which sends one datagram to the server and reads… 89 …to providing options for testing client-side features, the `ssl_client2` program has options that … 105 * [`util/strerror.c`](util/strerror.c): prints the error description corresponding to an integer st… [all …]
/mbedtls-development/docs/architecture/
A D	alternative-implementations.md	4 This document describes how parts of the Mbed TLS functionality can be replaced at compile time to … 30 …to change, and not all operations support drivers yet. The configuration option `MBEDTLS_USE_PSA_C… 45 …to any C type except incomplete and array types (although they would normally be `struct` types). … 47 …to have a certain field, the field must have the same type and semantics as in the built-in implem… 64 …at a pointer to a context or to a part of a context does not remain valid across function calls. A… 74 …es_encrypt()` to provide an accelerated implementation of AES encryption that is compatible with t… 76 …DTLS_SHA256_PROCESS_ALT` and implement `mbedtls_internal_sha256_process()` to provide an accelerat… 78 …xt objects as the built-in implementation. If you want to use different context types, you need to… 85 * During the initialization of your application, set the global variable `mbedtls_xxx` to an altern… 87 For example, to provide a custom `printf` function at run time, enable `MBEDTLS_PLATFORM_PRINTF_ALT… [all …]
A D	psa-crypto-implementation-structure.md	8 … the Mbed TLS PSA Cryptography API implementation which is tightly related to the PSA driver inter… 15 …h complexity. The core and its dispatching to software and hardware implementations are consequent… 18 …eliverables for a driver to be included into the Mbed TLS PSA Cryptography implementation. This pr… 26 * checking PSA API arguments and translating them into valid arguments for the necessary calls to t… 27 * dispatching the cryptographic operations to the appropriate PSA drivers. 36 * of arguments for the call to the driver interface, ... / 40 / Call to the driver interface / 46 by the driver, finalization of the values to return to the caller, 50 …to match precisely the above layout. However, it is likely that the code structure of some APIs wi… 54 …) functions dispatch cryptographic operations to accelerator drivers, secure element drivers as we… [all …]
A D	tls13-experimental.md	96 see the comment associated to the `key_share` extension below. 148 has been built to support both TLS 1.3 and TLS 1.2: just set the 149 maximum of the minor version of the SSL configuration to 176 not supported or not applicable to the TLS 1.3 MVP: 242 internal to C modules. 279 of another one which could potentially lead to some nasty issues. 295 - the macro to check for space when writing into an output buffer 297 - the macro to check for data when reading from an input buffer 313 to read/write past the end of a data buffer. 361 the pointer name not appended to the pointer type: [all …]
/mbedtls-development/docs/architecture/testing/
A D	invasive-testing.md	7 The goal of this document is to identify areas where black-box testing is insufficient and to propo… 55 If the most practical way to test something is to add code to the product that is only useful for t… 65 …to replace a library function `mbedtls_foo()` by alternative code for test purposes. That is, libr… 73 In unit test code that needs to modify the internal behavior: 85 * Coverage: we need to test behaviors which are not easy to trigger by using the API or which canno… 109 Storage can fail, either due to hardware errors or to active attacks on trusted storage. How does t… 125 Sometimes it is useful to peek or poke internal data. 133 Key to requirement tables: 254 …to have confidence that we're testing what we mean to test, even in the face of compiler optimizat… 270 …hat are currently used for invasive testing, or planned to be used. This list is not intended to b… [all …]
A D	driver-interface-test-strategy.md	15 Drivers exposing this interface need to be registered at compile time by declaring their JSON descr… 31 This applies to dynamic drivers only. 34 * Make at least one failing call to `psa_register_se_driver` followed by a successful call. 35 * Make at least one test that successfully registers the maximum number of drivers and fails to reg… 37 #### Dispatch to SE driver 45 …This does not need to be done for all operations (use a white-box approach to determine if operati… 56 …n a test that checks the outputs if the only realistic way to obtain the correct outputs is to sta… 60 For each API function that leads to a driver call, call it with parameters that cause a driver to b… 89 * Two things need to be tested: the key that is being created or destroyed, and the driver's persis… 92 …her to force it to fail at each point or to record successive storage states and replay each of th… [all …]
A D	psa-storage-format-testing.md	7 …to define a test strategy for the key store that not only validates that it's possible to load a k… 9 …SA crypto implementations are not intended to have compatible storage formats. Downgrading is not … 15 The goal of storage format stability testing is: as a user of Mbed TLS, I want to store a key under… 17 Doing the testing this way would be difficult because we'd need to have version V of Mbed TLS avail… 23 …f Mbed TLS, where the test case parameters include both the parameters to pass to key creation and… 27 …on W ≥ V, it creates and reads back a storage state which is known to be identical to the state th… 50 For a more detailed description, refer to the [Mbed Crypto storage specification](../mbed-crypto-st… 60 Objective: test that the key file name corresponds to the key identifier. 72 Objective: ensure that the coverage is sufficient to have assurance that all keys are stored correc… 85 …s and some knowledge of what attributes (sizes, algorithms, …) and content to use for keys of a ce… [all …]
/mbedtls-development/tests/scripts/
A D	test_zeroize.gdb	12 # Unless required by applicable law or agreed to in writing, software 20 # Run a test using the debugger to check that the mbedtls_platform_zeroize() 24 # hit, the debugger manually checks the contents to be zeroized and checks that 28 # seem to be a mechanism to reliably check whether the zeroize calls are being 30 # problem is that a compiler would typically remove what it considers to be 33 # reads and writes to variables (among other situations). It will then use this 34 # data structure to remove redundant code that does not have an impact on the 37 # memory that is not accessed later in the program, so removing the call to 39 # inserting a test after a call to mbedtls_platform_zeroize() to check whether 40 # the block of memory was correctly zeroed would force the compiler to not
/mbedtls-development/.github/
A D	pull_request_template.md	2 …ach commit must have at least one `Signed-off-by:` line from the committer to certify that the con… 3 * This is just a template, so feel free to use/remove the unnecessary things 12 When there is a bug fix, it should be backported to all maintained and supported branches. 13 Changes do not have to be backported if: 15 - This PR contains changes in the API. If this is true, and there is a need for the fix to be backp… 35 ## Steps to test or reproduce 36 Outline the steps to test or reproduce the PR here.
/mbedtls-development/tests/suites/
A D	test_suite_psa_crypto_slot_management.data	`108 Attempt to overwrite: keep open 170 Copy volatile to volatile 173 Copy volatile to persistent 177 Copy persistent to volatile 181 Copy persistent to persistent 193 Copy volatile to occupied 197 Copy persistent to occupied 201 Copy persistent to same 220 # Eviction from a key slot to be able to import a new persistent key. 224 # Eviction from a key slot to be able to import a new volatile key. [all …]`
/mbedtls-development/ChangeLog.d/
A D	psa_gcm_buffer_limitation.txt	`4 psa_aead_finish() and psa_aead_verify() does not apply to the built-in 6 * Move GCM's update output buffer length verification from PSA AEAD to 8 The requirement for output buffer size to be equal or greater then 14 Alternative GCM implementations are expected to verify 15 the length of the provided output buffers and to return the`
/mbedtls-development/scripts/
A D	windows_msbuild.bat	`3 @rem RETARGET: version of Visual Studio to emulate 4 @rem https://docs.microsoft.com/en-us/cpp/build/how-to-modify-the-target-framework-and-… 14 @rem vcvarsall.bat will silently change the directory to that directory. 15 @rem Setting the VSCMD_START_DIR environment variable causes it to change 16 @rem to that directory instead.`

Completed in 49 milliseconds

12 3 4 5 6