| /mbedtls/library/ |
| A D | ssl_ticket.c | 83 if ((ret = ctx->f_rng(ctx->p_rng, key->name, sizeof(key->name))) != 0) { in ssl_ticket_gen_key()
101 &key->key)); in ssl_ticket_gen_key()
124 if (key->lifetime != 0) { in ssl_ticket_update_keys()
176 if ((status = psa_destroy_key(key->key)) != PSA_SUCCESS) { in mbedtls_ssl_ticket_rotate()
189 &key->key)) != PSA_SUCCESS) { in mbedtls_ssl_ticket_rotate()
206 key->lifetime = lifetime; in mbedtls_ssl_ticket_rotate()
308 mbedtls_ssl_ticket_key *key; in mbedtls_ssl_ticket_write() local
339 key = &ctx->keys[ctx->active]; in mbedtls_ssl_ticket_write()
360 if ((status = psa_aead_encrypt(key->key, key->alg, iv, TICKET_IV_BYTES, in mbedtls_ssl_ticket_write()
425 mbedtls_ssl_ticket_key *key; in mbedtls_ssl_ticket_parse() local
[all …]
|
| A D | pkwrite.c | 418 if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) { in mbedtls_pk_write_pubkey()
469 pk_type = pk_get_type_ext(key); in mbedtls_pk_write_pubkey_der()
472 if (pk_get_type_ext(key) == MBEDTLS_PK_ECKEY) { in mbedtls_pk_write_pubkey_der()
515 if (pk_get_type_ext(key) == MBEDTLS_PK_RSA) { in mbedtls_pk_write_key_der()
516 return pk_write_rsa_der(&c, buf, key); in mbedtls_pk_write_key_der()
520 if (pk_get_type_ext(key) == MBEDTLS_PK_ECKEY) { in mbedtls_pk_write_key_der()
522 if (mbedtls_pk_is_rfc8410(key)) { in mbedtls_pk_write_key_der()
526 return pk_write_ec_der(&c, buf, key); in mbedtls_pk_write_key_der()
587 if (pk_get_type_ext(key) == MBEDTLS_PK_RSA) { in mbedtls_pk_write_key_pem()
593 if (pk_get_type_ext(key) == MBEDTLS_PK_ECKEY) { in mbedtls_pk_write_key_pem()
[all …]
|
| A D | des.c | 317 key[i] = odd_parity_table[key[i] / 2]; in mbedtls_des_key_set_parity()
329 if (key[i] != odd_parity_table[key[i] / 2]) { in mbedtls_des_key_check_key_parity()
400 X = MBEDTLS_GET_UINT32_BE(key, 0); in mbedtls_des_setkey()
466 mbedtls_des_setkey(ctx->sk, key); in mbedtls_des_setkey_enc()
478 mbedtls_des_setkey(ctx->sk, key); in mbedtls_des_setkey_dec()
494 mbedtls_des_setkey(esk, key); in des3_set2key()
520 des3_set2key(ctx->sk, sk, key); in mbedtls_des3_set2key_enc()
534 des3_set2key(sk, ctx->sk, key); in mbedtls_des3_set2key_dec()
546 mbedtls_des_setkey(esk, key); in des3_set3key()
570 des3_set3key(ctx->sk, sk, key); in mbedtls_des3_set3key_enc()
[all …]
|
| /mbedtls/tests/suites/ |
| A D | test_suite_pkwrite.data | 1 Public key write check RSA
5 Public key write check RSA (DER)
9 Public key write check RSA 4096
17 Public key write check EC 192 bits
49 Public key write check EC X448
57 Private key write check RSA
129 Derive public key RSA
133 Derive public key RSA 4096
137 Derive public key EC 192 bits
149 Derive public key EC X25519
[all …]
|
| A D | test_suite_psa_crypto_persistent_key.data | 6 Format for storage: RSA private key
15 Parse storage: AES-128 key
44 Persistent key destroy
60 Persistent key import (RSA) invalid key id (VENDOR_MIN)
64 Persistent key import (RSA) invalid key id (VOLATILE_MIN)
68 Persistent key import (RSA) invalid key id (VENDOR_MAX)
79 import/export persistent key RSA public key: good, 1024-bit
90 import/export persistent key RSA public key file not exist: 1024-bit
105 import/export persistent key RSA public key with restart: good, 1024-bit
116 import/export persistent key RSA public key file not exist with restart: 1024-bit
[all …]
|
| A D | test_suite_nist_kw.function | 21 unsigned char key[16];
30 memset(key, 0, sizeof(key));
40 key, sizeof(key) * 8,
51 key, sizeof(key) * 8,
75 key, sizeof(key) * 8,
93 key, sizeof(key) * 8,
134 memset(key, 0x2A, sizeof(key));
156 memset(key, 0, sizeof(key));
169 key, 8 * sizeof(key), 1) == 0);
204 memset(key, 0, sizeof(key));
[all …]
|
| A D | test_suite_x509write.data | 3 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0:0:0:0
7 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0:0:0:0
11 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0:0:0:0
15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0:0:0:0
19 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0:0
23 x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0:0
35 x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage_empty":MBEDTLS_MD_SHA1:0:…
43 x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type_empty":MBEDTLS_MD_SHA1:0:…
55 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256.ext":MBEDTLS_MD_SHA256:0:0:0…
67 x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-…
[all …]
|
| A D | test_suite_psa_crypto.data | 171 PSA import RSA public key: key pair
727 PSA import EC public key: key pair
1279 Copy key: RSA key pair, same usage flags
1287 Copy key: RSA key pair, fewer usage flags
1291 Copy key: RSA key pair, more usage flags
5272 PSA key derivation: HKDF-SHA-256, bad key type, key output
5310 PSA key derivation: HKDF-SHA-256, DERIVE key as salt, key output
5348 PSA key derivation: HKDF-SHA-256, duplicate secret step (key, key)
6306 # output key test: secret passed as key, other secret passed as key
7144 PSA key derivation: largest possible key
[all …]
|
| A D | test_suite_psa_crypto_se_driver_hal_mocks.data | 13 SE key importing mock test
16 SE key importing mock test: max key bits
19 SE key importing mock test: more than max key bits
22 SE key importing mock test: alloc failed
25 SE key importing mock test: import failed
28 SE key exporting mock test
31 SE key exporting mock test: export failed
34 SE public key exporting mock test
40 SE key generating mock test
43 SE key generating mock test: alloc failed
[all …]
|
| A D | test_suite_lmots.data | 2 # This test uses a fixed message, and then generates a private key, signs the
22 # the LMS key), and the same message.
47 # the LMS key), and the same message.
107 LMOTS key import / export test
113 LMOTS key import too large key test
118 LMOTS key import too small key test
123 LMOTS key import no type test
129 LMOTS key import invalid type test #1
134 LMOTS key import invalid type test #2
140 LMOTS key reuse test
[all …]
|
| A D | test_suite_psa_crypto_slot_management.function | 8 /**< Close key(s) */
11 /**< Destroy key(s) */
14 /**< Purge key(s) */
124 /* Import a key. */
269 * key.
323 * existing key.
366 /* Create a key. */
537 /* Copy the key. */
747 * key identifier as the imported key is a volatile key. Volatile
875 * Create a new persistent or volatile key. When creating the key,
[all …]
|
| A D | test_suite_lms.data | 15 # uses leaf key 0, so must be the first signature generated by the key if the
55 # uses leaf key 2, so must be the third signature generated by the key if the
87 # signature uses leaf key 0, so must be the first signature generated by the key
115 # signature uses leaf key 1, so must be the second signature generated by the key
221 LMS key import too large key test
226 LMS key import too small key test
231 LMS key import no LMS type test
237 LMS key import no LMOTS type test
243 LMS key import invalid LMS type test #1
248 LMS key import invalid LMS type test #2
[all …]
|
| A D | test_suite_psa_crypto.function | 1384 * free key slots. Each thread reserves an empty key slot,
1400 /* At this point the key must exist, test the key information. */
1405 * 1: This thread successfuly imports a persistent key skc->key.
1885 int type_arg, // key pair or public key
1960 skc.key = key_id;
3501 if (!exercise_mac_setup(key_type, key->x, key->len, alg,
3932 if (!exercise_cipher_setup(key_type, key->x, key->len, alg,
10079 /* Split threads to generate key then destroy key. */
10322 /* Export the key if permitted by the key policy. */
10338 /* Check key slot still contains key data */
[all …]
|
| A D | test_suite_rsa.data | 279 RSA Check empty private key
285 RSA Check Private key #2 (No P)
288 RSA Check Private key #3 (No Q)
291 RSA Check Private key #4 (No N)
294 RSA Check Private key #5 (No E)
297 RSA Check Private key #6 (No D)
300 RSA Check Private key #7 (No DP)
304 RSA Check Private key #8 (No DQ)
308 RSA Check Private key #9 (No QP)
401 RSA Generate Key - 1024 bit key
[all …]
|
| A D | test_suite_ccm.function | 82 unsigned char key[32];
88 memset(key, 0x2A, sizeof(key));
104 unsigned char key[16];
116 memset(key, 0, sizeof(key));
123 key, 8 * sizeof(key)) == 0);
160 memset(key, 0, sizeof(key));
168 key, 8 * sizeof(key)) == 0);
211 TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
256 TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
294 TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
[all …]
|
| /mbedtls/docs/architecture/ |
| A D | mbed-crypto-storage-specification.md | 105 * [Persistent transparent keys](#key-file-format-for-1.0.0) designated by a [key identifier and own…
179 * [Some changes in the key file format](#key-file-format-for-1.1.0).
249 ### Non-key files on TBD
272 * key material:
298 * The file containing the key metadata designated by the key identifier.
302 * The file containing the key metadata designated by the key identifier.
332 * key material:
395 …key or non-key file. The `key_id` in the name is the 64-bit file identifier, which is the [key ide…
423 * key material:
462 * The file containing the key metadata designated by the key identifier.
[all …]
|
| A D | psa-storage-resilience.md | 59 2. The secure element modifies its key store to create the key.
171 3. Write the key file.
201 4. Write the key file.
225 3. Write the key file.
238 1. Load the driver key identifier from the key file. If the key file does not exist, skip to step 4.
473 * 0: destroy key.
474 * 1: import key.
475 * 2: generate key.
476 * 3: derive key.
477 * 4: import key.
[all …]
|
| /mbedtls/include/psa/ |
| A D | crypto.h | 134 mbedtls_svc_key_id_t key);
422 psa_status_t psa_purge_key(mbedtls_svc_key_id_t key);
567 psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key);
741 psa_status_t psa_export_key(mbedtls_svc_key_id_t key,
1252 psa_status_t psa_mac_verify(mbedtls_svc_key_id_t key,
2991 psa_status_t psa_sign_hash(mbedtls_svc_key_id_t key,
3495 mbedtls_svc_key_id_t key);
3765 mbedtls_svc_key_id_t *key);
3842 mbedtls_svc_key_id_t *key);
4482 mbedtls_svc_key_id_t key, psa_algorithm_t alg,
[all …]
|
| /mbedtls/tests/src/ |
| A D | psa_exercise_key.c | 288 status = psa_aead_encrypt(key, alg, in exercise_aead_key()
306 status = psa_aead_decrypt(key, alg, in exercise_aead_key()
372 status = psa_sign_hash(key, alg, in exercise_signature_key()
388 status = psa_verify_hash(key, alg, in exercise_signature_key()
406 status = psa_sign_message(key, alg, in exercise_signature_key()
488 mbedtls_svc_key_id_t key, in mbedtls_test_psa_setup_key_derivation_wrap() argument
685 mbedtls_svc_key_id_t key, in mbedtls_test_psa_raw_key_agreement_with_self() argument
710 status = psa_export_public_key(key, in mbedtls_test_psa_raw_key_agreement_with_self()
720 status = psa_raw_key_agreement(alg, key, in mbedtls_test_psa_raw_key_agreement_with_self()
1153 ok = ok && exercise_export_key(key, in mbedtls_test_psa_exercise_key()
[all …]
|
| /mbedtls/docs/proposed/ |
| A D | psa-driver-interface.md | 189 2. `const uint8_t *key_buffer`: a key material or key context buffer.
197 1. `uint8_t *key_buffer`: a buffer for the key material or key context.
554 The core always decouples key agreement from symmetric key derivation.
561 4. Call the `"destroy_key"` entry point to destroy the key containing the key object.
790 The PSA Cryptography API exposes the key size as part of the key attributes.
812 * For symmetric key types, check that the key size is suitable for the type.
887 …`"import_key"`](#key-import-with-transparent-drivers): called by `psa_import_key()`, only when imp…
1080 * For a symmetric key (not a key pair or public key):
1288 psa_key_id_t key;
1310 To declare a volatile key:
[all …]
|
| /mbedtls/docs/ |
| A D | psa-transition.md | 90 To use a key:
93 2. Use the key as desired, passing the key identifier obtained during the key creation.
525 ### MAC key management
586 In both cases, see “[MAC key management](#mac-key-management)” for how to obtain a key identifier.
815 * `PSA_KEY_USAGE_DERIVE` for a key pair used for key agreement.
897 ### Exporting a public key or a key pair
936 The key must be a key pair allowing the usage `PSA_KEY_USAGE_SIGN_HASH` (see “[Public-key cryptogra…
941 The key must be a public key (or a key pair) allowing the usage `PSA_KEY_USAGE_VERIFY_HASH` (see “[…
1020 The key must be a public key (or a key pair) allowing the usage `PSA_KEY_USAGE_ENCRYPT` (see “[Publ…
1024 The key must be a key pair allowing the usage `PSA_KEY_USAGE_DECRYPT` (see “[Public-key cryptograph…
[all …]
|
| /mbedtls/docs/architecture/psa-migration/ |
| A D | psa-legacy-bridges.md | 145 #### Using a legacy key pair or public key with PSA
147 …rios where an application has a legacy key pair or public key (`mbedtls_pk_context`) and needs to …
157 …key with third-party interface that takes a PSA key identifier as input. (Mbed TLS itself has a fe…
162 #### Using a PSA key as a PK context
249 Based on the [gap analysis](#using-a-legacy-key-pair-or-public-key-with-psa):
253 When creating a PSA key, apart from the key material, the key is determined by attributes, which fa…
277 …key type is a key pair if the context contains a private key and the indicated usage is a private-…
289 …key restriction: if `usage` is a public-key usage, change the type to the corresponding public-key…
291 * The key type can be a public key even if the private key is available.
307 * It is an error if the key is neither a key pair nor a public key.
[all …]
|
| /mbedtls/tests/data_files/ |
| A D | Makefile | 431 cli2.key.der: cli2.key
441 server5.key.der: server5.key
445 server5.key.enc: server5.key
461 openssl req -x509 -key server5.key \
602 server10.crt: server10.key test-int-ca3.crt test-int-ca3.key
1392 server1.key.der: server1.key
1501 server2.key.der: server2.key
1505 server2.key.enc: server2.key
1572 -key $< -out $@
2090 test-ca.key \
[all …]
|
| /mbedtls/programs/psa/ |
| A D | key_ladder_demo.sh | 10 create a master key, derive a key from it and use that derived key to
18 if [ -e master.key ]; then
23 "$program" generate master=master.key
29 "$program" wrap master=master.key label=hello label=world \
34 "$program" unwrap master=master.key label=hello label=world \
41 …"$program" unwrap master=master.key input=hello_world.wrap output=hellow_orld.txt label=hellow lab…
45 "$program" save master=master.key label=hello \
46 input=hello_world.wrap output=hello.key
48 "$program" unwrap master=hello.key label=world \
|
| /mbedtls/include/mbedtls/ |
| A D | des.h | 125 void mbedtls_des_key_set_parity(unsigned char key[MBEDTLS_DES_KEY_SIZE]);
142 int mbedtls_des_key_check_key_parity(const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
156 int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
171 int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
186 int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
202 const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]);
218 const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]);
234 const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]);
250 const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]);
367 const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
|