"cdb198a7dbc3a5787edb53f5d2a256e5738d4377" (history) in projects: optee_os

Project(s)

Full Search
Definition
Symbol
File Path
History
Type

Searched hist:cdb198a7dbc3a5787edb53f5d2a256e5738d4377 (Results 1 – 7 of 7) sorted by relevance

/optee_os/core/include/tee/
H A D	tee_cryp_hkdf.h	cdb198a7dbc3a5787edb53f5d2a256e5738d4377 Thu Dec 04 14:26:47 UTC 2014 Jerome Forissier <jerome.forissier@linaro.org> Add HMAC-based extract-and-expand key derivation function (HKDF) HKDF (http://tools.ietf.org/html/rfc5869) is a key derivation algorithm. As per the RFC: A key derivation function (KDF) is a basic and essential component of cryptographic systems. Its goal is to take some source of initial keying material and derive from it one or more cryptographically strong secret keys. [...] HKDF follows the "extract-then-expand" paradigm, where the KDF logically consists of two modules. [...] The goal of the "extract" stage is to "concentrate" the possibly dispersed entropy of the input keying material into a short, but cryptographically strong, pseudorandom key. [...] The second stage "expands" the pseudorandom key to the desired length; the number and lengths of the output keys depend on the specific cryptographic algorithms for which the keys are needed. Since HKDF is not covered by the GlobalPlatform Internal API specification v1.0/v1.1, this commit introduces extensions to the specification. More specifically: it defines new algorithms, a new object type and new object attributes. This implementation supports all the usual hash functions (MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512) and may produce output keys of length up to 4096 bits (currently limited only by the maximum size allowed for an object of type TEE_TYPE_GENERIC_SECRET). Aside from minor updates to object manipulation functions to support the new data, the function TEE_DeriveKey() is mostly impacted. The file documentation/extensions/crypto_hkdf.md contains the modifications to the GP Internal API v1.0 spec in order to support HKDF. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Xiaoqiang Du <xiaoqiang.du@linaro.org> Reviewed-by: Pascal Brand <pascal.brand@linaro.org> Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform) Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
/optee_os/core/tee/
H A D	tee_cryp_hkdf.c	cdb198a7dbc3a5787edb53f5d2a256e5738d4377 Thu Dec 04 14:26:47 UTC 2014 Jerome Forissier <jerome.forissier@linaro.org> Add HMAC-based extract-and-expand key derivation function (HKDF) HKDF (http://tools.ietf.org/html/rfc5869) is a key derivation algorithm. As per the RFC: A key derivation function (KDF) is a basic and essential component of cryptographic systems. Its goal is to take some source of initial keying material and derive from it one or more cryptographically strong secret keys. [...] HKDF follows the "extract-then-expand" paradigm, where the KDF logically consists of two modules. [...] The goal of the "extract" stage is to "concentrate" the possibly dispersed entropy of the input keying material into a short, but cryptographically strong, pseudorandom key. [...] The second stage "expands" the pseudorandom key to the desired length; the number and lengths of the output keys depend on the specific cryptographic algorithms for which the keys are needed. Since HKDF is not covered by the GlobalPlatform Internal API specification v1.0/v1.1, this commit introduces extensions to the specification. More specifically: it defines new algorithms, a new object type and new object attributes. This implementation supports all the usual hash functions (MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512) and may produce output keys of length up to 4096 bits (currently limited only by the maximum size allowed for an object of type TEE_TYPE_GENERIC_SECRET). Aside from minor updates to object manipulation functions to support the new data, the function TEE_DeriveKey() is mostly impacted. The file documentation/extensions/crypto_hkdf.md contains the modifications to the GP Internal API v1.0 spec in order to support HKDF. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Xiaoqiang Du <xiaoqiang.du@linaro.org> Reviewed-by: Pascal Brand <pascal.brand@linaro.org> Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform) Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
H A D	sub.mk	cdb198a7dbc3a5787edb53f5d2a256e5738d4377 Thu Dec 04 14:26:47 UTC 2014 Jerome Forissier <jerome.forissier@linaro.org> Add HMAC-based extract-and-expand key derivation function (HKDF) HKDF (http://tools.ietf.org/html/rfc5869) is a key derivation algorithm. As per the RFC: A key derivation function (KDF) is a basic and essential component of cryptographic systems. Its goal is to take some source of initial keying material and derive from it one or more cryptographically strong secret keys. [...] HKDF follows the "extract-then-expand" paradigm, where the KDF logically consists of two modules. [...] The goal of the "extract" stage is to "concentrate" the possibly dispersed entropy of the input keying material into a short, but cryptographically strong, pseudorandom key. [...] The second stage "expands" the pseudorandom key to the desired length; the number and lengths of the output keys depend on the specific cryptographic algorithms for which the keys are needed. Since HKDF is not covered by the GlobalPlatform Internal API specification v1.0/v1.1, this commit introduces extensions to the specification. More specifically: it defines new algorithms, a new object type and new object attributes. This implementation supports all the usual hash functions (MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512) and may produce output keys of length up to 4096 bits (currently limited only by the maximum size allowed for an object of type TEE_TYPE_GENERIC_SECRET). Aside from minor updates to object manipulation functions to support the new data, the function TEE_DeriveKey() is mostly impacted. The file documentation/extensions/crypto_hkdf.md contains the modifications to the GP Internal API v1.0 spec in order to support HKDF. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Xiaoqiang Du <xiaoqiang.du@linaro.org> Reviewed-by: Pascal Brand <pascal.brand@linaro.org> Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform) Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
H A D	tee_svc_cryp.c	cdb198a7dbc3a5787edb53f5d2a256e5738d4377 Thu Dec 04 14:26:47 UTC 2014 Jerome Forissier <jerome.forissier@linaro.org> Add HMAC-based extract-and-expand key derivation function (HKDF) HKDF (http://tools.ietf.org/html/rfc5869) is a key derivation algorithm. As per the RFC: A key derivation function (KDF) is a basic and essential component of cryptographic systems. Its goal is to take some source of initial keying material and derive from it one or more cryptographically strong secret keys. [...] HKDF follows the "extract-then-expand" paradigm, where the KDF logically consists of two modules. [...] The goal of the "extract" stage is to "concentrate" the possibly dispersed entropy of the input keying material into a short, but cryptographically strong, pseudorandom key. [...] The second stage "expands" the pseudorandom key to the desired length; the number and lengths of the output keys depend on the specific cryptographic algorithms for which the keys are needed. Since HKDF is not covered by the GlobalPlatform Internal API specification v1.0/v1.1, this commit introduces extensions to the specification. More specifically: it defines new algorithms, a new object type and new object attributes. This implementation supports all the usual hash functions (MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512) and may produce output keys of length up to 4096 bits (currently limited only by the maximum size allowed for an object of type TEE_TYPE_GENERIC_SECRET). Aside from minor updates to object manipulation functions to support the new data, the function TEE_DeriveKey() is mostly impacted. The file documentation/extensions/crypto_hkdf.md contains the modifications to the GP Internal API v1.0 spec in order to support HKDF. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Xiaoqiang Du <xiaoqiang.du@linaro.org> Reviewed-by: Pascal Brand <pascal.brand@linaro.org> Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform) Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
/optee_os/lib/libutee/include/
H A D	tee_api_defines_extensions.h	cdb198a7dbc3a5787edb53f5d2a256e5738d4377 Thu Dec 04 14:26:47 UTC 2014 Jerome Forissier <jerome.forissier@linaro.org> Add HMAC-based extract-and-expand key derivation function (HKDF) HKDF (http://tools.ietf.org/html/rfc5869) is a key derivation algorithm. As per the RFC: A key derivation function (KDF) is a basic and essential component of cryptographic systems. Its goal is to take some source of initial keying material and derive from it one or more cryptographically strong secret keys. [...] HKDF follows the "extract-then-expand" paradigm, where the KDF logically consists of two modules. [...] The goal of the "extract" stage is to "concentrate" the possibly dispersed entropy of the input keying material into a short, but cryptographically strong, pseudorandom key. [...] The second stage "expands" the pseudorandom key to the desired length; the number and lengths of the output keys depend on the specific cryptographic algorithms for which the keys are needed. Since HKDF is not covered by the GlobalPlatform Internal API specification v1.0/v1.1, this commit introduces extensions to the specification. More specifically: it defines new algorithms, a new object type and new object attributes. This implementation supports all the usual hash functions (MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512) and may produce output keys of length up to 4096 bits (currently limited only by the maximum size allowed for an object of type TEE_TYPE_GENERIC_SECRET). Aside from minor updates to object manipulation functions to support the new data, the function TEE_DeriveKey() is mostly impacted. The file documentation/extensions/crypto_hkdf.md contains the modifications to the GP Internal API v1.0 spec in order to support HKDF. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Xiaoqiang Du <xiaoqiang.du@linaro.org> Reviewed-by: Pascal Brand <pascal.brand@linaro.org> Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform) Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
H A D	utee_defines.h	cdb198a7dbc3a5787edb53f5d2a256e5738d4377 Thu Dec 04 14:26:47 UTC 2014 Jerome Forissier <jerome.forissier@linaro.org> Add HMAC-based extract-and-expand key derivation function (HKDF) HKDF (http://tools.ietf.org/html/rfc5869) is a key derivation algorithm. As per the RFC: A key derivation function (KDF) is a basic and essential component of cryptographic systems. Its goal is to take some source of initial keying material and derive from it one or more cryptographically strong secret keys. [...] HKDF follows the "extract-then-expand" paradigm, where the KDF logically consists of two modules. [...] The goal of the "extract" stage is to "concentrate" the possibly dispersed entropy of the input keying material into a short, but cryptographically strong, pseudorandom key. [...] The second stage "expands" the pseudorandom key to the desired length; the number and lengths of the output keys depend on the specific cryptographic algorithms for which the keys are needed. Since HKDF is not covered by the GlobalPlatform Internal API specification v1.0/v1.1, this commit introduces extensions to the specification. More specifically: it defines new algorithms, a new object type and new object attributes. This implementation supports all the usual hash functions (MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512) and may produce output keys of length up to 4096 bits (currently limited only by the maximum size allowed for an object of type TEE_TYPE_GENERIC_SECRET). Aside from minor updates to object manipulation functions to support the new data, the function TEE_DeriveKey() is mostly impacted. The file documentation/extensions/crypto_hkdf.md contains the modifications to the GP Internal API v1.0 spec in order to support HKDF. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Xiaoqiang Du <xiaoqiang.du@linaro.org> Reviewed-by: Pascal Brand <pascal.brand@linaro.org> Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform) Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
/optee_os/lib/libutee/
H A D	tee_api_operations.c	cdb198a7dbc3a5787edb53f5d2a256e5738d4377 Thu Dec 04 14:26:47 UTC 2014 Jerome Forissier <jerome.forissier@linaro.org> Add HMAC-based extract-and-expand key derivation function (HKDF) HKDF (http://tools.ietf.org/html/rfc5869) is a key derivation algorithm. As per the RFC: A key derivation function (KDF) is a basic and essential component of cryptographic systems. Its goal is to take some source of initial keying material and derive from it one or more cryptographically strong secret keys. [...] HKDF follows the "extract-then-expand" paradigm, where the KDF logically consists of two modules. [...] The goal of the "extract" stage is to "concentrate" the possibly dispersed entropy of the input keying material into a short, but cryptographically strong, pseudorandom key. [...] The second stage "expands" the pseudorandom key to the desired length; the number and lengths of the output keys depend on the specific cryptographic algorithms for which the keys are needed. Since HKDF is not covered by the GlobalPlatform Internal API specification v1.0/v1.1, this commit introduces extensions to the specification. More specifically: it defines new algorithms, a new object type and new object attributes. This implementation supports all the usual hash functions (MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512) and may produce output keys of length up to 4096 bits (currently limited only by the maximum size allowed for an object of type TEE_TYPE_GENERIC_SECRET). Aside from minor updates to object manipulation functions to support the new data, the function TEE_DeriveKey() is mostly impacted. The file documentation/extensions/crypto_hkdf.md contains the modifications to the GP Internal API v1.0 spec in order to support HKDF. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Xiaoqiang Du <xiaoqiang.du@linaro.org> Reviewed-by: Pascal Brand <pascal.brand@linaro.org> Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform) Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org>