| /mbedtls/library/ |
| A D | hkdf.c | 68 size_t where = 0; in mbedtls_hkdf_expand() local
148 num_to_copy = i != n ? hash_len : okm_len - where; in mbedtls_hkdf_expand()
149 memcpy(okm + where, t, num_to_copy); in mbedtls_hkdf_expand()
150 where += hash_len; in mbedtls_hkdf_expand()
|
| /mbedtls/ChangeLog.d/ |
| A D | 00README.md | 70 the present tense. Use the imperative where applicable. For example: “Fix a
73 Include GitHub issue numbers where relevant. Use the format “#1234” for an
74 Mbed TLS issue. Add other external references such as CVE numbers where
77 Credit bug reporters where applicable.
|
| /mbedtls/docs/ |
| A D | psa-driver-example-and-guide.md | 10 [Process for Entry Points where auto-generation is implemented](#process-for-entry-points-where-aut…
11 [Process for Entry Points where auto-generation is not implemented](#process-for-entry-points-where…
37 ### Process for Entry Points where auto-generation is implemented
48 ### Process for Entry Points where auto-generation is not implemented
50 …ntry points are not present in the table, a different process is followed where the developer manu…
180 … config, p256-m's implementations of key generation, ECDH, and ECDSA will be used where applicable.
|
| A D | tls13-early-data.md | 33 where ssl is the SSL context to use, data_to_write the address of the data
158 For example, a typical code to establish a TLS connection, where ssl is the SSL
|
| A D | driver-only-builds.md | 1 This document explains how to create builds of Mbed TLS where some
75 work in the same way as if the mechanisms where built-in, except as documented
194 `mbedtls/build_info.h` where xxx can take the same values as for
207 - `MBEDTLS_PK_PARSE_EC_COMPRESSED` - support for parsing ECC keys where the
209 - `MBEDTLS_PK_PARSE_EC_EXTENDED` - support for parsing ECC keys where the
|
| A D | psa-transition.md | 15 1. [Where can I find documentation?](#where-can-i-find-documentation)
343 …functions for encryption and decryption, while the PSA API has separate functions where applicable.
369 For a one-shot operation (where the whole plaintext or ciphertext is passed as a single input), the…
396 …crypt_ext` or `mbedtls_cipher_auth_decrypt_ext` for a one-shot operation (where the whole plaintex…
454 …_types/#group__crypto__types_1ga70f397425684b3efcde1e0e34c28261f)`(hash)` where `hash` is the unde…
531 …functions for encryption and decryption, while the PSA API has separate functions where applicable.
727 …_crypto__types/#group__crypto__types_1gad54c03d3b47020e571a72cd01d978cf2) where `curve` is a curve…
762 …_crypto__types/#group__crypto__types_1gab4f857c4cd56f5fe65ded421e61bcc8c) where `group` is a group…
975 …ed for highly constrained devices where long cryptographic calculations need to be broken up to po…
1095 …es_1ga78bb81cffb87a635c247725eeb2a2682) if the key will be used as part of a key derivation, where:
[all …]
|
| /mbedtls/docs/architecture/psa-migration/ |
| A D | psa-legacy-bridges.md | 15 * [OPEN] Open question: a specific aspect of the design where there are several plausible decisions.
25 …rom the legacy API to the PSA API. Mbed TLS 4.0 will be the first version where the PSA API is con…
63 * Manipulating data formats, other than keys, where the PSA API is lacking.
73 …specially enums and functions) that they provide, listing PSA equivalents where they exist. There …
78 Based on “[Where mixing happens](#where-mixing-happens)”, we focus the gap analysis on two topics: …
147 There are several scenarios where an application has a legacy key pair or public key (`mbedtls_pk_c…
149 Reasons for first creating a legacy key object, where it's impossible or impractical to directly cr…
151 * A very common case where the input is a legacy key object is parsing. PSA does not (yet) have an …
211 * Mention it where relevant in the PSA transition guide.
275 …* [OPEN] Or should it reset them to 0? Resetting is more convenient for the case where the pk key …
[all …]
|
| A D | strategy.md | 18 implemented, see `docs/use-psa-crypto.md`, where new APIs are about (G2), and
84 PK/X.509/TLS in all places where we currently allow restartable operations.
147 layer; the MD layer uses a variant where it dispatches to PSA if a driver is
193 There are two variants of this strategy: one where using the new setup
270 work is divided into PRs, sometimes not. For example, in situations where it's
353 There is however a risk, especially in step 3 where we change how dependencies
380 to reduce the number of places where library code needs to be changed. It's
|
| A D | md-cipher-dispatch.md | 56 … to use PSA interfaces under the hood, without breaking code in the cases where this doesn't work.…
59 * In many scenarios, where a PSA driver is available, this allows removing the software implementat…
80 …sa_xxx` functions. Rather, the goal is to make more code call PSA drivers where available. How dis…
195 …not initialized yet, and Mbed TLS uses a custom implementation of PSA ITS where the file system is…
231 …the [the cases where PSA is not possible](#why-psa-is-not-always-possible): either make sure the c…
264 …plausible use cases where only the server has access to an accelerator so it's best to call the se…
266 …tant that the call fails. At the time of writing, I can't think of a case where we would want to g…
269 Note that it's a bit tricky to determine which algorithms are available. In the case where there is…
|
| /mbedtls/tests/suites/ |
| A D | test_suite_net.function | 79 * platforms with a Unix-like select() function, which is where
121 * is problematic on the particular platform where the code is running,
|
| A D | test_suite_psa_crypto_storage_format.function | 100 /* We test some configurations using drivers where the driver doesn't
105 * Hash-and-sign algorithms where the asymmetric part doesn't use
|
| A D | test_suite_gcm.function | 511 // Only testable on platforms where sizeof(size_t) >= 8.
528 // Only testable on platforms where sizeof(size_t) >= 8.
567 // Only testable on platforms where sizeof(size_t) >= 8
|
| A D | test_suite_ctr_drbg.function | 49 * where nonce||perso = nonce[nonce->len] */
459 // test all increments from 2^n - 1 to 2^n (i.e. where we roll over into the next bit)
|
| A D | test_suite_psa_crypto_persistent_key.data | 36 # Not specific to files, but only run this test in an environment where the maximum size could be r…
|
| A D | test_suite_bignum_core.function | 50 /* A == B, so test where A and B are aliased */
121 /* A == B, so test where A and B are aliased */
321 // Construct a test input value where the count of leading zeros and
1217 * `1 + N_limbs * (welem + 3)`, where welem is the number of elements in
1259 /* We are testing A - b, where A is an MPI and b is a scalar, expecting
|
| /mbedtls/docs/architecture/ |
| A D | alternative-implementations.md | 28 On platforms where a hardware cryptographic engine is present, you can implement a driver for this …
37 * Enable `MBEDTLS_XXX_ALT` in the compile-time configuration where XXX is the module name. For exam…
45 …ld normally be `struct` types). This section lists some known limitations where the context type n…
52 …ble, and `mbedtls_ecp_point_read_binary()` must support a group structure where only `P`, `pbits`,…
|
| A D | mbed-crypto-storage-specification.md | 112 …where there is no concept of key owner (in particular, in library integrations), the key identifie…
117 * PSA service integration: the key file name is `(uint64_t)owner_uid << 32 | key_id` where `key_id`…
260 All integers are encoded in little-endian order in 8-bit bytes except where otherwise indicated.
319 All integers are encoded in little-endian order in 8-bit bytes except where otherwise indicated.
401 …where there is no concept of key owner (in particular, in library integrations), the key identifie…
406 * PSA service integration: the key file name is `(uint64_t)owner_uid << 32 | key_id` where `key_id`…
410 All integers are encoded in little-endian order in 8-bit bytes except where otherwise indicated.
|
| A D | psa-storage-resilience.md | 15 …point in time, the system is either in a state where the function has not started yet, or in a sta…
17 …sequence has been performed. For example, there will never be a situation where $M_2$ has been per…
30 …n that was previously passed to `set()`. We do not try to handle the case where a file might be pa…
107 …writes are likely to dominate the runtime in some hardware configurations where storage writes are…
117 …on must transform the internal storage from a state where file `id` does not exist, to a state whe…
156 …`"get_key_attributes"` entry point. Recovery means resuming the operation where it left off. For k…
211 …t. This means following the destruction process, starting after the point where the key has been a…
236 …t. This means following the destruction process, starting after the point where the key has been a…
307 …rios, each with their own invariant: one where the transaction list contains only key identifiers,…
|
| A D | psa-shared-memory.md | 6 This document discusses the security architecture of systems where PSA API functions might receive …
21 …where our PSA Crypto implementation is running inside one partition, called the **crypto service**…
23 …r a way to do it. (Even systems that have absolute thread priorities, and where crypto has a highe…
35 … for in terms of values of inputs and outputs. This models an ideal world where the content of inp…
130 …his chapter, we will discuss how to implement this high-level requirement where it belongs: inside…
257 …e must only be reviewed for correctness in one place, rather than in all functions where it occurs.
293 Proposed general idea: have tests where the test code calling API functions allocates memory in a c…
384 Note: We are focusing on read-read inconsistencies for now, as most of the cases where we aren't co…
616 …copying is specific to systems where shared memory is passed to PSA functions, it is useful to be …
668 Poisoning code is added to these test wrappers where relevant in order to pre-poison and post-unpoi…
|
| /mbedtls/ |
| A D | BRANCHES.md | 9 this is where the next major version of Mbed TLS (version 4.0) is being
57 * Changing which error code is returned in a case where multiple error
63 There are rare exceptions where we break API compatibility: code that was
|
| A D | CONTRIBUTING.md | 35 …ruption to users, where a change to the interface is required, all changes to the ABI or API, even…
91 All new files should include the standard SPDX license identifier where possible, i.e. "SPDX-Licens…
|
| A D | ChangeLog | 755 session where the cipher suite is TLS_AES_256_GCM_SHA384.
954 * Fix ECDSA verification, where it was not always validating the
962 in TLS 1.3 (where it is forbidden).
967 * Fix bug in error reporting in dh_genprime.c where upon failure,
1206 * Fix a bug in the x25519 example program where the removal of
1244 * Fix an error in make where the absence of a generated file caused
1310 (where supported) for critical functions where ignoring the return
2008 enabled on platforms where freeing a mutex twice is not safe.
2704 stdarg.h where needed. Fixes #2656.
2754 stdarg.h where needed. Fixes #2656.
[all …]
|
| /mbedtls/docs/architecture/testing/ |
| A D | psa-storage-format-testing.md | 23 … the storage format by creating test cases under a version V of Mbed TLS, where the test case para…
31 Use a similar approach for files other than keys where possible and relevant.
66 Objective: test the format of the key file: which field goes where and how big it is.
|
| A D | driver-interface-test-strategy.md | 129 …river B, with one run where A returns `PSA_SUCCESS`, one where A returns `PSA_ERROR_NOT_SUPPORTED`…
|
| /mbedtls/docs/proposed/ |
| A D | psa-driver-interface.md | 502 * For a call to `psa_key_derivation_output_key()` where the derived key is in a secure element, cal…
546 * `PSA_KEY_TYPE_ECC_KEY_PAIR(…)`, `PSA_KEY_TYPE_DH_KEY_PAIR(…)`: $m$ bytes, where the bit-size of t…
699 * `output` buffer where the output is to be written.
752 * `output` Buffer where the implicit key is to be written.
869 …where the PSA Cryptography implementation is a subsystem of a single application, the initializati…
925 This operation family requires the following type, entry points and parameters (TODO: where exactly…
1052 …stants. A typical value for `"base_size"` is `sizeof(acme_key_context_t)` where `acme_key_context_…
1060 where `size_function` is the function named in the `"size_function"` property, `key_type` is the ke…
1073 …where `public_key_overhead = PSA_EXPORT_PUBLIC_KEY_MAX_SIZE(key_type, key_bits)` if the `"store_pu…
1084 where `key_bytes = ((key_bits + 7) / 8)` is the key size in bytes.
[all …]
|