| /optee_os/lib/libmbedtls/mbedtls/library/ |
| H A D | ssl_ciphersuites.c | 328 "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
336 "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
344 "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
352 "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
360 "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
368 "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
376 "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256",
389 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
393 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
401 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
[all …]
|
| H A D | psa_crypto_its.h | 31 #define PSA_STORAGE_FLAG_WRITE_ONCE (1 << 0) /**< The data associated with the uid will not be able…
34 * \brief A container for metadata associated with a specific uid
37 uint32_t size; /**< The size of the data associated with a uid **/
53 * \param[in] create_flags The flags that the data will be stored with
58 …The operation failed because the provided `uid` value was already created with PSA_STORAGE_FLAG_WR…
71 * \brief Retrieve the value associated with a provided uid
100 … p_info A pointer to the `psa_storage_info_t` struct that will be populated with the metadata
122 …TTED The operation failed because the provided key value was created with PSA_STORAGE_FLAG_WR…
|
| H A D | bignum_mod.h | 10 * of type #mbedtls_mpi_mod_modulus. The structure must be set up with an
18 * associated with the modulus \c N. Unless otherwise specified:
24 * they must be set up and associated with the modulus \c N. Some
55 * Residues are set up with an associated modulus, and operations are only
56 * guaranteed to work if the modulus is associated with all residue
57 * parameters. If a residue is passed with a modulus other than the one it
58 * is associated with, then it may be out of range. If an input is out of
78 /** How residues associated with a modulus are represented.
136 * The residue will be set up with the buffer \p p and modulus \p N.
143 * The modulus \p N will be the modulus associated with \p r. The residue \p r
[all …]
|
| /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ |
| H A D | cipher.h | 4 * \brief This file contains an abstraction interface for use with the cipher
87 MBEDTLS_CIPHER_AES_128_ECB, /**< AES cipher with 128-bit ECB mode. */
88 MBEDTLS_CIPHER_AES_192_ECB, /**< AES cipher with 192-bit ECB mode. */
89 MBEDTLS_CIPHER_AES_256_ECB, /**< AES cipher with 256-bit ECB mode. */
90 MBEDTLS_CIPHER_AES_128_CBC, /**< AES cipher with 128-bit CBC mode. */
91 MBEDTLS_CIPHER_AES_192_CBC, /**< AES cipher with 192-bit CBC mode. */
92 MBEDTLS_CIPHER_AES_256_CBC, /**< AES cipher with 256-bit CBC mode. */
93 MBEDTLS_CIPHER_AES_128_CFB128, /**< AES cipher with 128-bit CFB128 mode. */
94 MBEDTLS_CIPHER_AES_192_CFB128, /**< AES cipher with 192-bit CFB128 mode. */
95 MBEDTLS_CIPHER_AES_256_CFB128, /**< AES cipher with 256-bit CFB128 mode. */
[all …]
|
| H A D | chachapoly.h | 8 * with Associated Data (AEAD) that can be used to encrypt and
69 * operations with that context have been finished.
83 * \warning Decryption with the piecewise API is discouraged! Always
96 * tag received with the ciphertext.
133 * \warning You must never use the same nonce twice with the same key.
135 * guarantees for the messages encrypted with the same nonce
141 * \warning Decryption with the piecewise API is discouraged, see the
180 * \warning Decryption with the piecewise API is discouraged, see the
215 * \warning Decryption with the piecewise API is discouraged, see the
244 * \warning Decryption with the piecewise API is discouraged, see the
[all …]
|
| H A D | psa_util.h | 40 * reasons with legacy `f_rng` functions and it's ignored.
108 * associated with the given digest type.
118 * \return The PSA algorithm identifier associated with \p md_type,
128 * associated with the PSA algorithm identifier.
135 * \return The MD type associated with \p psa_alg,
152 * \param[out] der Buffer that will be filled with the converted DER
153 * output. It can overlap with raw buffer.
183 * \param[out] raw Buffer that will be filled with the converted raw
184 * signature. It can overlap with der buffer.
187 * \param[out] raw_len On success it is updated with the amount of valid
[all …]
|
| H A D | asn1.h | 30 * These error codes are combined with other error codes for
55 * These constants comply with the DER encoded ASN.1 type tags.
240 * with the requested tag.
263 * \return An ASN.1 error code if the input does not start with
282 * \return An ASN.1 error code if the input does not start with
303 * \return An ASN.1 error code if the input does not start with
326 * \return An ASN.1 error code if the input does not start with
345 * \return #MBEDTLS_ERR_ASN1_INVALID_DATA if the input starts with
346 * a valid BIT STRING with a nonzero number of unused bits.
347 * \return An ASN.1 error code if the input does not start with
[all …]
|
| H A D | md.h | 44 /* Note: these are aligned with the definitions of PSA_ALG_ macros for hashes,
63 * in all builds with both CRYPTO_C and MD_LIGHT.
103 * Fields can be accessed with #mbedtls_md_get_size,
142 * associated with the given digest type.
146 * \return The message-digest information associated with \p md_type.
189 * or non-zero: HMAC is used with this context.
266 * with mbedtls_md_setup(), and before passing data with
303 * Afterwards, you may either clear the context with
305 * the context for another digest operation with the same
320 * with respect to a configurable message-digest algorithm
[all …]
|
| /optee_os/lib/libutils/ext/include/ |
| H A D | trace.h | 44 /* Formatted trace tagged with level independent */
51 /* Formatted trace tagged with TRACE_ERROR level */
58 /* Formatted trace tagged with TRACE_INFO level */
65 /* Formatted trace tagged with TRACE_DEBUG level */
72 /* Formatted trace tagged with TRACE_FLOW level */
79 /* Formatted trace tagged with TRACE_FLOW level and prefix with '> ' */
81 /* Formatted trace tagged with TRACE_FLOW level and prefix with '< ' */
83 /* Formatted trace tagged with TRACE_FLOW level and prefix with '< ' and print
106 /* No formatted trace tagged with level independent */
113 /* No formatted trace tagged with TRACE_ERROR level */
[all …]
|
| H A D | fault_mitigation.h | 29 * To have something to work with we assume that a single glitch may affect
38 * Additionally are the following patterns also acknowledged with a few
64 * returns with for instance ftmn_return_res() it is checked that the
67 * @res is xored with FTMN_DEFAULT_HASH in order to retrieve the saved
78 * @res: stored result xored with @hash
81 * caller xored with hash of called function. Before the called function
82 * updates @res it first xors @hash with its own hash, which is supposed to
102 * before updating the argument pointer with @arg.
420 * @incr: Value to increase the checked state with
426 * state is increased with @incr. @res is checked against the saved result
[all …]
|
| H A D | memtag.h | 67 * The memory range is updated with the supplied tag. An eventual tag
72 * Returns an address with the new tag inserted to be used to access this
85 * memtag_set_random_tags() - Tag a memory range with a random tag
89 * The memory range is updated with a randomly generated tag. An eventual
95 * Returns an address with the new tag inserted to be used to access this
160 * Returns the address with the new tag inserted.
179 * Returns the address with the new tag inserted.
188 * @addr: Address with an eventual tag
|
| /optee_os/lib/libmbedtls/mbedtls/ |
| H A D | ChangeLog | 20 * On x86/amd64 platforms, with some compilers, when the library is
21 compiled with support for both AESNI and software AES and AESNI is
22 available in hardware, an adversary with fine control over which
37 with consequences ranging up to arbitrary code execution.
44 an item in the output list in an inconsistent state with val.p == NULL but
69 library or the application is built with a compiler where
79 or with compilers where "union foo x = {0}" does not initialize
82 * Resolved build issue with C++ projects using Mbed TLS 3.6 when compiling
83 with the MSVC toolset v142 and earlier. Fixes mbedtls issue #7087.
87 keys with a different LMS or LM-OTS types on some platforms. Specifically,
[all …]
|
| H A D | README.md | 47 You need the following tools to build the library with the provided makefiles:
50 * A C99 toolchain (compiler, linker, archiver). We actively test with GCC 5.4, Clang 3.8, Arm Compi…
79 * If not cross-compiling, running `make` with any target, or just `make`, will automatically genera…
99 … and Perl to be run. If you don't have one of them installed, you can skip building the tests with:
103 You'll still be able to run a much smaller set of tests with:
111 … `-O2` and setting `WARNING_CFLAGS` overrides its default value (starting with `-Wall -Wextra`), s…
129 …be executed. If you don't have one of these installed, you'll want to disable the test suites with:
133 …the test suites, but kept the programs enabled, you can still run a much smaller set of tests with:
146 …with AddressSanitizer to check for memory errors. (This includes LeakSanitizer, with recent versio…
147 - `ASanDbg`. Same as ASan but slower, with debug information and better stack traces.
[all …]
|
| H A D | LICENSE | 25 control with that entity. For the purposes of this definition,
89 with the Work to which such Contribution(s) was submitted. If You
98 Work or Derivative Works thereof in any medium, with or without
121 documentation, if provided along with the Derivative Works; or,
135 reproduction, and distribution of the Work otherwise complies with
144 with Licensor regarding such Contributions.
159 risks associated with Your exercise of permissions under this License.
176 or other liability obligations and/or rights consistent with this
189 boilerplate notice, with the fields enclosed by brackets "[]"
190 replaced with your own identifying information. (Don't include
[all …]
|
| /optee_os/lib/libutils/isoc/ |
| H A D | bget.doc | 40 with NDEBUG defined, yielding a version of BGET with minimal size and
73 allocated. Machines with a linear address architecture, such as the
78 GETTING STARTED WITH BGET
82 three basic ways of working with BGET. The functions mentioned below
93 environment, simply call bpool() with the start address and length of
94 the buffer pool area in RAM, then allocate buffers with bget() and
95 release them with brel(). Embedded applications with very limited RAM
104 program), or otherwise unsuitable, you can replace it with BGET.
105 Initially define a buffer pool of an appropriate size with
107 low-level memory allocator. Then allocate buffers with bget(), bgetz(),
[all …]
|
| /optee_os/core/arch/arm/kernel/ |
| H A D | tlb_helpers_a32.S | 12 dsb ishst /* Sync with table update */
14 dsb ish /* Sync with tlb invalidation completion */
21 dsb ishst /* Sync with table update */
23 dsb ish /* Sync with tlb invalidation completion */
30 dsb ishst /* Sync with table update */
34 dsb ish /* Sync with tlb invalidation completion */
|
| H A D | tlb_helpers_a64.S | 12 dsb ishst /* Sync with table update */
14 dsb ish /* Sync with tlb invalidation completion */
22 dsb ishst /* Sync with table update */
24 dsb ish /* Sync with tlb invalidation completion */
32 dsb ishst /* Sync with table update */
36 dsb ish /* Sync with tlb invalidation completion */
|
| /optee_os/lib/libutils/compiler-rt/ |
| H A D | LICENSE.TXT | 2 The LLVM Project is under the Apache License v2.0 with LLVM Exceptions:
21 control with that entity. For the purposes of this definition,
85 with the Work to which such Contribution(s) was submitted. If You
94 Work or Derivative Works thereof in any medium, with or without
117 documentation, if provided along with the Derivative Works; or,
131 reproduction, and distribution of the Work otherwise complies with
140 with Licensor regarding such Contributions.
155 risks associated with Your exercise of permissions under this License.
172 or other liability obligations and/or rights consistent with this
185 boilerplate notice, with the fields enclosed by brackets "[]"
[all …]
|
| /optee_os/core/include/kernel/ |
| H A D | thread.h | 70 * initialize the number of threads to @thread_count if configured with
84 * set the number of supported cores to @core_count if configured with
182 * This functions enters user mode with the argument described above,
203 * This function is closely coupled with thread_enter_user_mode() since it
258 * Allocates data for payload buffers shared with a non-secure user space
259 * application. Ensure consistency with the enumeration
269 * Free physical memory previously allocated with thread_rpc_alloc_payload()
276 * Allocate data for payload buffers shared with the non-secure kernel.
277 * Ensure consistency with the enumeration THREAD_SHM_TYPE_KERNEL_PRIVATE.
286 * Free physical memory previously allocated with
[all …]
|
| H A D | boot.h | 24 * in sync with that script. The struct and the following data is loaded
27 * If configured with CFG_WITH_PAGER=y the struct with data is following
28 * init part, this is together with the init part moved by the primary CPU
32 * If configured with CFG_WITH_PAGER=n following the struct with data is
115 * and address cells registered with boot_mem_add_reloc() during virtual
|
| /optee_os/core/lib/qcbor/ |
| H A D | README.md | 15 **Implemented in C with minimal dependency** – Dependent only
43 **Supports most of RFC 8949** – With some size limits, all data types
66 with the test suite. The test suite dependencies are minimal and the
76 descended into with QCBORDecode_EnterMap(). When a map has been
109 remains to support map searching with indefinite length strings.)
143 items with duplicate labels. This makes the code for decoding CBOR
156 performed with full proper error detection of overflow and underflow.
159 treats this similar to entering an array with one item. This is
181 through CAF](https://source.codeaurora.org/quic/QCBOR/QCBOR/) with a
188 the "Building with CMake" section for more information.
[all …]
|
| /optee_os/core/lib/zlib/ |
| H A D | zlib.h | 65 with an interface similar to that of stdio using the functions that start
66 with "gz". The gzip format is different from the zlib format. gzip is a
159 the library with -DMAX_WBITS=14 (see zconf.h).
206 #define Z_ASCII Z_TEXT /* for compatibility with 1.2.2 and earlier */
216 /* for compatibility with versions < 1.0.2 */
224 compatible with the zlib.h header file used by the application. This check
245 with the version assumed by the caller (ZLIB_VERSION). msg is set to null
277 == 0), or after each call of deflate(). If deflate returns Z_OK and with
293 completes the current deflate block and follows it with an empty stored block
300 This completes the current deflate block and follows it with an empty fixed
[all …]
|
| /optee_os/lib/libmbedtls/mbedtls/include/psa/ |
| H A D | crypto_values.h | 46 * value, check with the Arm PSA framework group to pick one that other
94 * in cases when performing the operation with a larger output
240 * an algorithm with a randomized result, as well as functions that
332 * still has work to do, thus the user should call the function again with the
362 * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should
439 * This size can be calculated with #PSA_HASH_LENGTH(\c alg) where
460 * their size. It can be used for randomly generated or derived keys with
462 * for such keys. It is not suitable for passwords with extremely low entropy,
528 * with the initial counter value 1, you can process and discard a
552 * The size of an elliptic curve key is the bit size associated with the curve,
[all …]
|
| H A D | crypto.h | 173 * with psa_set_key_id(). By default, a key that has a persistent identifier
262 * algorithms are permitted to be used with this key. The following
264 * - 0 does not allow any cryptographic operation with the key. The key
269 * signature scheme with any hash algorithm.
367 * This function first resets the attribute structure as with
422 * free all resources associated with the key in volatile memory. The key
447 * This function may be used to share a key with a different party,
471 * fails with the status #PSA_ERROR_INVALID_ARGUMENT.
503 * already a persistent key with the given identifier.
540 * resources associated with the key.
[all …]
|
| /optee_os/mk/ |
| H A D | config.mk | 58 # CFG_CC_OPT_LEVEL sets compiler optimization level passed with -O directive.
82 # If user-mode library libutils.a is built with CFG_TEE_TA_LOG_LEVEL=0,
98 # - To debug user-mode (TA) allocations: build OP-TEE *and* the TA with:
100 # - To debug TEE core allocations: build OP-TEE with:
108 # Mask to select which messages are prefixed with long debugging information
130 # with limited depth not including any tag, so there is really no guarantee
200 # With caching, we constantly require up to
260 # etc. Such functions typically come with compiler runtime libraires (GCC
273 # nothing with ` -mgeneral-regs-only`)
274 # With CFG_TA_FLOAT_SUPPORT enabled TA code is free use floating point types
[all …]
|