Lines Matching +full:for +full:- +full:in
5 Key storage was originally introduced in a product called Mbed Crypto, which was re-distributed via…
14 -----------------
16 Tags: mbedcrypto-0.1.0b, mbedcrypto-0.1.0b2
18 Released in November 2018. <br>
19 Integrated in Mbed OS 5.11.
23 * [PSA ITS](#file-namespace-on-its-for-0.1.0)
24 * [C stdio](#file-namespace-on-stdio-for-0.1.0)
28 * [Persistent transparent keys](#key-file-format-for-0.1.0) designated by a [slot number](#key-name…
29 * [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0) on ITS only.
37 ### Key names for 0.1.0
39 …in a dedicated file whose name is constructed from the key identifier. The way in which the file n…
41 …for a key identifier are the range from 1 to 0xfffeffff. This limitation on the range is not docum…
43 The code uses the following constant in an internal header (note that despite the name, this value …
47 There is a shared namespace for all callers.
49 ### Key file format for 0.1.0
51 All integers are encoded in little-endian order in 8-bit bytes.
64 ### Nonvolatile random seed file format for 0.1.0
66 The nonvolatile random seed file contains a seed for the random generator. If present, it is rewrit…
70 ### File namespace on ITS for 0.1.0
72 Assumption: ITS provides a 32-bit file identifier namespace. The Crypto service can use arbitrary f…
75 …ugh 0xfffeffff: [content](#key-file-format-for-0.1.0) of the [key whose identifier is the file ide…
76 …O_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0).
79 ### File namespace on stdio for 0.1.0
83 …-time configuration value `CRYPTO_STORAGE_FILE_LOCATION` allows storing the key files in a directo…
86 …psa_key_slot_%lu", key_id)` [content](#key-file-format-for-0.1.0) of the [key whose identifier](#k…
90 -----------------
92 Tags: mbedcrypto-1.0.0d4, mbedcrypto-1.0.0
94 Released in February 2019. <br>
95 Integrated in Mbed OS 5.12.
99 * [PSA platform](#file-namespace-on-a-psa-platform-for-1.0.0)
100 * [library using PSA ITS](#file-namespace-on-its-as-a-library-for-1.0.0)
101 * [library using C stdio](#file-namespace-on-stdio-for-1.0.0)
105 … [Persistent transparent keys](#key-file-format-for-1.0.0) designated by a [key identifier and own…
106 * [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-1.0.0) on ITS only.
110 ### Key names for 1.0.0
112 …in a dedicated file designated by the key identifier. In integrations where there is no concept of…
114 …in which the file name is constructed from the key identifier depends on the storage backend. The …
116 … key file name is just the key identifier as defined in the PSA crypto specification. This is a 32…
117 …lling partition identifier provided to the server by the partition manager. This is a 64-bit value.
119 ### Key file format for 1.0.0
121 …-file-format-for-0.1.0) so far. However note that the encoding of key types, algorithms and key ma…
123 ### Nonvolatile random seed file format for 1.0.0
125 The nonvolatile random seed file contains a seed for the random generator. If present, it is rewrit…
129 … unchanged since [the feature was introduced in Mbed Crypto 0.1.0](#nonvolatile-random-seed-file-f…
131 ### File namespace on a PSA platform for 1.0.0
133 Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary f…
137 * Files 0 through 0xffffff51, 0xffffff53 through 0xffffffff: unused, reserved for internal use of t…
138 …O_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-0.1.0).
139 …0xffffffffffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the file ide…
141 ### File namespace on ITS as a library for 1.0.0
143 Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library ca…
148 …ugh 0xfffeffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the file ide…
149 …O_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-1.0.0).
152 ### File namespace on stdio for 1.0.0
156 [Identical to 0.1.0](#file-namespace-on-stdio-for-0.1.0).
160 * Delete files 1 through 0xfffeffff, which contain keys in a format that is no longer supported.
164 …-uniform. For example, if we want to store non-key files, we have room in different ranges (0 thro…
166 …ld simplify things to always have a 32-bit owner, with a nonzero value, and thus reserve the range…
169 -----------------
171 Tags: mbedcrypto-1.1.0
173 Released in early June 2019. <br>
174 Integrated in Mbed OS 5.13.
176 Changes since [1.0.0](#mbed-crypto-1.0.0):
178 * The stdio backend for storage has been replaced by an implementation of [PSA ITS over stdio](#fil…
179 * [Some changes in the key file format](#key-file-format-for-1.1.0).
181 ### File namespace on stdio for 1.1.0
185 …-time configuration value `PSA_ITS_STORAGE_PREFIX` allows storing the key files in a directory oth…
188 …-key file. The `key_id` in the name is the 64-bit file identifier, which is the [key identifier](#…
192 ### Key file format for 1.1.0
194 The key file format is identical to [1.0.0](#key-file-format-for-1.0.0), except for the following c…
197 …erefore the storage format is not compatible (despite using the same value in the version field so…
199 A self-contained description of the file layout follows.
201 All integers are encoded in little-endian order in 8-bit bytes.
216 ---------------
220 Released in TBD 2019. <br>
221 Integrated in Mbed OS TBD.
223 ### Changes introduced in TBD
226 * Key files can store references to keys in a secure element. In such key files, the key material c…
230 Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary f…
235 …hrough 0xffffffff: reserved for internal use of the crypto library or crypto service. See [non-key…
236 …0xffffffffffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the file ide…
240 Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library ca…
245 …ugh 0xfffeffff: [content](#key-file-format-for-1.0.0) of the [key whose identifier is the file ide…
246 …hrough 0xffffffff: reserved for internal use of the crypto library or crypto service. See [non-key…
249 ### Non-key files on TBD
251 File identifiers in the range 0xffff0000 through 0xffffffff are reserved for internal use in Mbed C…
254 …O_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-1.0.0).
255 …xffffff54 (`PSA_CRYPTO_ITS_TRANSACTION_UID`): [transaction file](#transaction-file-format-for-tbd).
256 * Other files are unused and reserved for future use.
258 ### Key file format for TBD
260 All integers are encoded in little-endian order in 8-bit bytes except where otherwise indicated.
273 * For a transparent key: output of `psa_export_key`.
274 * For an opaque key (unified driver interface): driver-specific opaque key blob.
275 * For an opaque key (key in a secure element): slot number (8 bytes), in platform endianness.
278 ### Transaction file format for TBD
282 All integers are encoded in platform endianness.
284 All currently existing transactions concern a key in a secure element.
288 * type (2 bytes): the [transaction type](#transaction-types-on-tbd).
290 * lifetime (4 bytes): `psa_key_lifetime_t` value that corresponds to a key in a secure element.
291 …: `psa_key_slot_number_t` value. This is the unique designation of the key for the secure element …
292 …in a library integration, 8 bytes on a PSA platform): the internal representation of the key ident…
297 * The slot in the secure element designated by the slot number.
301 * The slot in the secure element designated by the slot number.
306 ---------------
310 Released in TBD 2020. <br>
311 Integrated in Mbed OS TBD.
313 ### Changes introduced in TBD
317 ### Key file format for TBD
319 All integers are encoded in little-endian order in 8-bit bytes except where otherwise indicated.
333 * For a transparent key: output of `psa_export_key`.
334 * For an opaque key (unified driver interface): driver-specific opaque key blob.
335 * For an opaque key (key in a secure element): slot number (8 bytes), in platform endianness.
339 ---------------
341 Tags: `mbedtls-2.25.0`, `mbedtls-2.26.0`, `mbedtls-2.27.0`, `mbedtls-2.28.0`, `mbedtls-3.0.0`, `mbe…
343 First released in December 2020.
347 …d compatibility for stored keys when Mbed TLS is upgraded from x to y if x >= 2.25 and y < 4. See …
351 * [PSA platform](#file-namespace-on-a-psa-platform-on-mbed-tls-2.25.0)
352 * [library using PSA ITS](#file-namespace-on-its-as-a-library-on-mbed-tls-2.25.0)
353 * [library using C stdio](#file-namespace-on-stdio-for-mbed-tls-2.25.0)
357 * [Persistent keys](#key-file-format-for-mbed-tls-2.25.0) designated by a [key identifier and owner…
358 * Transparent, stored in the export format.
360 …`MBEDTLS_PSA_CRYPTO_SE_C`). The driver picks a slot number which is stored in the place of the key…
361 * [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-mbed-tls-2.25.0) on ITS only.
363 ### Changes introduced in Mbed TLS 2.25.0
369 Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary f…
374 …gh 0xffffffff: reserved for internal use of the crypto library or crypto service. See [non-key fil…
375 …fffff: [content](#key-file-format-for-mbed-tls-2.25.0) of the [key whose identifier is the file id…
379 Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library ca…
384 …effff: [content](#key-file-format-for-mbed-tls-2.25.0) of the [key whose identifier is the file id…
385 …gh 0xffffffff: reserved for internal use of the crypto library or crypto service. See [non-key fil…
388 ### File namespace on stdio for Mbed TLS 2.25.0
392 …-time configuration value `PSA_ITS_STORAGE_PREFIX` allows storing the key files in a directory oth…
395 …-key file. The `key_id` in the name is the 64-bit file identifier, which is the [key identifier](#…
399 ### Key names for Mbed TLS 2.25.0
401 …in a dedicated file designated by the key identifier. In integrations where there is no concept of…
403 …in which the file name is constructed from the key identifier depends on the storage backend. The …
405 …e is just the key identifier as defined in the PSA crypto specification. This is a 32-bit value wh…
406 …lling partition identifier provided to the server by the partition manager. This is a 64-bit value.
408 ### Key file format for Mbed TLS 2.25.0
410 All integers are encoded in little-endian order in 8-bit bytes except where otherwise indicated.
424 * For a transparent key: output of `psa_export_key`.
425 * For an opaque key (unified driver interface): driver-specific opaque key blob.
426 …* For an opaque key (key in a dynamic secure element): slot number (8 bytes), in platform endianne…
429 ### Non-key files on Mbed TLS 2.25.0
431 …of persistent key identifiers are reserved for internal use by the library. The only identifiers c…
434 …RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-mbed-tls-2.2…
435 …PSA_CRYPTO_ITS_TRANSACTION_UID`): [transaction file](#transaction-file-format-for-mbed-tls-2.25.0).
436 * Other files are unused and reserved for future use.
438 ### Nonvolatile random seed file format for Mbed TLS 2.25.0
440 [Identical to Mbed Crypto 0.1.0](#nonvolatile-random-seed-file-format-for-0.1.0).
442 ### Transaction file format for Mbed TLS 2.25.0
446 All integers are encoded in platform endianness.
448 All currently existing transactions concern a key in a dynamic secure element.
452 * type (2 bytes): the [transaction type](#transaction-types-on-mbed-tls-2.25.0).
454 * lifetime (4 bytes): `psa_key_lifetime_t` value that corresponds to a key in a secure element.
455 …: `psa_key_slot_number_t` value. This is the unique designation of the key for the secure element …
456 …in a library integration, 8 bytes on a PSA platform): the internal representation of the key ident…
461 * The slot in the secure element designated by the slot number.
465 * The slot in the secure element designated by the slot number.