PSA Cryptography API 1 - GitHub Pages
PSA Cryptography API 1.0Document number:IHI 0086Release Quality:FinalIssue Number:1Confidentiality:Non-confidentialDate of Issue:27/08/2020Copyright 2018-2020, Arm Limited. All rights reserved.
ContentsAbout this documentviiRelease informationviiArm Non-Confidential Document Licence (“Licence”)viiixReferencesTerms and abbreviationsxiiiPotential for changexvConventionsTypographical conventionsNumbersxvxvxvPseudocode descriptionsxviAssembler syntax descriptionsxviFeedbackFeedback on this bookxvixvi1Introduction172Design goals172.1Suitable for constrained devices172.2A keystore interface182.3Optional isolation182.4Choice of algorithms192.5Ease of use192.62.6.12.6.22.6.32.6.42.6.52.6.62.6.7Example use casesNetwork Security (TLS)Secure StorageNetwork CredentialsDevice PairingSecure BootAttestationFactory Provisioning19191920202020203Functionality overview3.1IHI 00861.0.1Library managementCopyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Non-confidential2020Page i
3.23.2.13.2.23.2.33.2.4Key managementKey identifiersKey lifetimesKey policiesRecommendations of minimum standards for key 3.63.3.73.3.8Symmetric cryptographySingle-part FunctionsMulti-part operationsMessage digests (Hashes)Message authentication codes (MACs)Encryption and decryptionAuthenticated encryption (AEAD)Key derivationExample of the symmetric cryptography API2223232425252627283.43.4.13.4.23.4.3Asymmetric cryptographyAsymmetric encryptionHash-and-signKey agreement282929293.5Randomness and key generation294Sample architectures294.1Single-partition architecture304.2Cryptographic token and single-application processor304.3Cryptoprocessor with no key storage304.4Multi-client cryptoprocessor314.5Multi-cryptoprocessor architecture315Library conventions315.15.1.15.1.2Error handlingReturn statusBehavior on error3131325.25.2.15.2.25.2.35.2.45.2.5Parameter conventionsPointer conventionsInput buffer sizesOutput buffer sizesOverlap between parametersStability of parameters3333333334345.35.3.1Key types and algorithmsStructure of key and algorithm types35355.4Concurrent calls35IHI 00861.0.1Copyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Non-confidentialPage ii
6Implementation pecific aspects of the interfaceImplementation profileImplementation-specific typesImplementation-specific macros363636366.26.2.16.2.26.2.3Porting to a platformPlatform assumptionsPlatform-specific typesCryptographic hardware curity requirements and recommendationsError detectionIndirect object referencesMemory cleanupManaging key materialSafe outputs on errorAttack resistance383838383939406.46.4.1Other implementation considerationsPhilosophy of resource management40407Usage considerations7.17.1.17.1.27.1.38Security recommendationsAlways check for errorsShared memory and concurrencyCleaning up after useLibrary management reference4040404141418.18.1.18.1.28.1.3PSA status codesStatus typeSuccess codesError codes414142428.28.2.18.2.2PSA Crypto libraryAPI versionLibrary initialization484848Key management reference4999.19.1.1Key attributesManaging key attributes49499.29.2.19.2.29.2.39.2.4Key typesKey type encodingKey categoriesSymmetric keysRSA keys5353545558IHI 00861.0.1Copyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Non-confidentialPage iii
9.2.59.2.69.2.7Elliptic Curve keysDiffie Hellman keysAttribute y lifetimesVolatile keysPersistent keysLifetime encodingsLifetime valuesAttribute accessorsSupport macros686868697273749.49.4.19.4.2Key identifiersKey identifier typeAttribute accessors7576779.59.5.19.5.2Key policiesPermitted algorithmsKey usage flags7878809.69.6.19.6.29.6.3Key management functionsKey creationKey destructionKey export84849092Cryptographic operation reference981010.110.1.110.1.2AlgorithmsAlgorithm encodingAlgorithm 5Message digestsHash algorithmsSingle-part hashing functionsMulti-part hashing operationsSupport macrosHash suspend 4Message authentication codes (MAC)MAC algorithmsSingle-part MAC functionsMulti-part MAC operationsSupport nauthenticated ciphersCipher algorithmsSingle-part cipher functionsMulti-part cipher operationsSupport macros13513513914215110.510.5.1Authenticated encryption with associated data (AEAD)AEAD algorithms157157IHI 00861.0.1Copyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Non-confidentialPage iv
10.5.210.5.310.5.4Single-part AEAD functionsMulti-part AEAD operationsSupport macros15816217610.610.6.110.6.210.6.310.6.4Key derivationKey derivation algorithmsInput step typesKey derivation functionsSupport ric signatureAsymmetric signature algorithmsAsymmetric signature functionsSupport macros19819820120710.810.8.110.8.210.8.3Asymmetric encryptionAsymmetric encryption algorithmsAsymmetric encryption functionsSupport macros21121121221510.910.9.110.9.210.9.310.9.4Key agreementKey agreement algorithmsStandalone key agreementCombining key agreement and key derivationSupport macros21721721822022110.10Other cryptographic services10.10.1 Random number generation224224A226Example header fileA.1Bpsa/crypto.hExample macro implementations226237B.1Algorithm macros237B.2Key type macros240B.3Hash suspend state macros241CChanges to the API242C.1C.1.1C.1.2C.1.3C.1.4Document change historyChanges between 1.0.0 and 1.0.1Changes between 1.0 beta 3 and 1.0.0Changes between 1.0 beta 2 and 1.0 beta 3Changes between 1.0 beta 1 and 1.0 beta 2242242243253254C.2Planned changes for version 1.0.x254C.3Future additions254IHI 00861.0.1Copyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Non-confidentialPage v
Index of API elementsIHI 00861.0.1Copyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Non-confidential256Page vi
About this documentRelease informationThe change history table lists the changes that have been made to this document.DateVersionConfidentialityChangeJanuary 20191.0 Beta 1Non-confidentialFirst public beta release.February 20191.0 Beta 2Non-confidentialUpdate for release with other PSA Dev APIspecifications.May 20191.0 Beta 3Non-confidentialUpdate for release with other PSA APIspecifications.February 20201.0 FinalNon-confidential1.0 API finalized.August 20201.0.1 FinalNon-confidentialUpdate to fix errors and provideclarifications.The detailed changes in each release are described in Document change history on page 242.IHI 00861.0.1Copyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Non-confidentialPage vii
PSA Cryptography APICopyright 2018-2020, Arm Limited or its affiliates. All rights reserved. The copyright statement reflectsthe fact that some draft issues of this document have been released, to a limited circulation.Arm Non-Confidential Document Licence (“Licence”)This Licence is a legal agreement between you and Arm Limited (“Arm”) for the use of Arm’s intellectual property (including,without limitation, any copyright) embodied in the document accompanying this Licence (“Document”). Arm licenses itsintellectual property in the Document to you on condition that you agree to the terms of this Licence. By using or copying theDocument you indicate that you agree to be bound by the terms of this Licence.“Subsidiary” means any company the majority of whose voting shares is now or hereafter owner or controlled, directly orindirectly, by you. A company shall be a Subsidiary only for the period during which such control exists.This Document is NON-CONFIDENTIAL and any use by you and your Subsidiaries (“Licensee”) is subject to the terms of thisLicence between you and Arm.Subject to the terms and conditions of this Licence, Arm hereby grants to Licensee under the intellectual property in theDocument owned or controlled by Arm, a non-exclusive, non-transferable, non-sub-licensable, royalty-free, worldwide licence to:(i) use and copy the Document for the purpose of designing and having designed products that comply with the Document;(ii) manufacture and have manufactured products which have been created under the licence granted in (i) above; and(iii) sell, supply and distribute products which have been created under the licence granted in (i) above.Licensee hereby agrees that the licences granted above shall not extend to any portion or function of a product that is not itselfcompliant with part of the Document.Except as expressly licensed above, Licensee acquires no right, title or interest in any Arm technology or any intellectual propertyembodied therein.THE DOCUMENT IS PROVIDED “AS IS”. ARM PROVIDES NO REPRESENTATIONS AND NO WARRANTIES, EXPRESS, IMPLIEDOR STATUTORY, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, SATISFACTORYQUALITY, NON-INFRINGEMENT OR FITNESS FOR A PARTICULAR PURPOSE WITH RESPECT TO THE DOCUMENT. Arm maymake changes to the Document at any time and without notice. For the avoidance of doubt, Arm makes no representation withrespect to, and has undertaken no analysis to identify or understand the scope and content of, third party patents, copyrights,trade secrets, or other rights.NOTWITHSTANDING ANYTHING TO THE CONTRARY CONTAINED IN THIS LICENCE, TO THE FULLEST EXTENTPERMITTED BY LAW, IN NO EVENT WILL ARM BE LIABLE FOR ANY DAMAGES, IN CONTRACT, TORT OR OTHERWISE, INCONNECTION WITH THE SUBJECT MATTER OF THIS LICENCE (INCLUDING WITHOUT LIMITATION) (I) LICENSEE’S USE OFTHE DOCUMENT; AND (II) THE IMPLEMENTATION OF THE DOCUMENT IN ANY PRODUCT CREATED BY LICENSEE UNDERTHIS LICENCE). THE EXISTENCE OF MORE THAN ONE CLAIM OR SUIT WILL NOT ENLARGE OR EXTEND THE LIMIT.LICENSEE RELEASES ARM FROM ALL OBLIGATIONS, LIABILITY, CLAIMS OR DEMANDS IN EXCESS OF THIS LIMITATION.This Licence shall remain in force until terminated by Licensee or by Arm. Without prejudice to any of its other rights, if Licenseeis in breach of any of the terms and conditions of this Licence then Arm may terminate this Licence immediately upon givingwritten notice to Licensee. Licensee may terminate this Licence at any time. Upon termination of this Licence by Licensee or byArm, Licensee shall stop using the Document and destroy all copies of the Document in its possession. Upon termination of thisLicence, all terms shall survive except for the licence grants.Any breach of this Licence by a Subsidiary shall entitle Arm to terminate this Licence as if you were the party in breach. Anytermination of this Licence shall be effective in respect of all Subsidiaries. Any rights granted to any Subsidiary hereunder shallautomatically terminate upon such Subsidiary ceasing to be a Subsidiary.The Document consists solely of commercial items. Licensee shall be responsible for ensuring that any use, duplication ordisclosure of the Document complies fully with any relevant export laws and regulations to assure that the Document or anyportion thereof is not exported, directly or indirectly, in violation of such export laws.This Licence may be translated into other languages for convenience, and Licensee agrees that if there is any conflict between theEnglish version of this Licence and any translation, the terms of the English version of this Licence shall prevail.The Arm corporate logo and words marked with or are registered trademarks or trademarks of Arm Limited (or itssubsidiaries) in the US and/or elsewhere. All rights reserved. Other brands and names mentioned in this document may be theIHI 00861.0.1Copyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Non-confidentialPage viii
trademarks of their respective owners. No licence, express, implied or otherwise, is granted to Licensee under this Licence, to usethe Arm trade marks in connection with the Document or any products based thereon. Visit Arm’s website athttps://www.arm.com/company/policies/trademarks for more information about Arm’s trademarks.The validity, construction and performance of this Licence shall be governed by English Law.Copyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Arm Limited. Company 02557590 registered in England.110 Fulbourn Road, Cambridge, England CB1 9NJ.Arm document reference: LES-PRE-21585 version 4.0IHI 00861.0.1Copyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Non-confidentialPage ix
ReferencesThis document refers to the following documents.Table 1 Arm documents referenced by this documentRefDocument NumberTitle[PSA-ITS]ARM IHI 0087PSA Storage cumentationTable 2 Other documents referenced by this documentRefTitle[CHACHA20] Bernstein, D., ChaCha, a variant of Salsa20, January rve25519] Bernstein et al., Curve25519: new Diffie-Hellman speed records, LNCS 3958, /39580209.pdf[Curve448]Hamburg, Ed448-Goldilocks, a new elliptic curve, NIST ECC Workshop, 4]NIST, FIPS Publication 180-4: Secure Hash Standard (SHS), August 86-4]NIST, FIPS Publication 186-4: Digital Signature Standard (DSS), July 97]NIST, FIPS Publication 197: Advanced Encryption Standard (AES), November ]NIST, FIPS Publication 202: SHA-3 Standard: Permutation-Based Hash andExtendable-Output Functions, August 2015. https://doi.org/10.6028/NIST.FIPS.202[FRP]Agence nationale de la sécurité des systèmes d’information, Publication d’unparamétrage de courbe elliptique visant des applications de passeport électronique et del’administration électronique française, 21 November 2011. es-actes[IEEE-XTS]IEEE, 1619-2018 - IEEE Standard for Cryptographic Protection of Data on Block-OrientedStorage Devices, January mber 8637986[IETF-SM3]IETF, The SM3 Cryptographic Hash Function, November 3-02.html[IETF-SM4]IETF, The SM4 Blockcipher Algorithm And Its Modes Of Operations, April -sm4-10[ISO10118]ISO/IEC, ISO/IEC 10118-3:2018 IT Security techniques — Hash-functions — Part 3:Dedicated hash-functions, October 2018. https://www.iso.org/standard/67116.htmlIHI 00861.0.1Copyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Non-confidentialPage x
Table 2 (continued)RefTitle[ISO9797]ISO/IEC, ISO/IEC 9797-1:2011 Information technology — Security techniques — MessageAuthentication Codes (MACs) — Part 1: Mechanisms using a block cipher, March AM]NTT Corporation and Mitsubishi Electric Corporation, Specification of Camellia — a128-bit Block Cipher, September /specifications[PRC-SM3]Standardization Administration of the People’s Republic of China, GB/T 32905-2016:Information security techniques — SM3 cryptographic hash algorithm, August 2016. http://www.gb688.cn/bzgk/gb/newGbInfo?hcno zation Administration of the People’s Republic of China, GB/T 32907-2016:Information security technology — SM4 block cipher algorithm, August 2016. http://www.gb688.cn/bzgk/gb/newGbInfo?hcno 7803DE42D3BC5E80B0C3E5D8E873D56A[RFC1319]IETF, The MD2 Message-Digest Algorithm, April 320]IETF, The MD4 Message-Digest Algorithm, April 321]IETF, The MD5 Message-Digest Algorithm, April 104]IETF, HMAC: Keyed-Hashing for Message Authentication, February 315]IETF, PKCS #7: Cryptographic Message Syntax Version 1.5, March 279]IETF, Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificateand Certificate Revocation List (CRL) Profile, April 610]IETF, Counter with CBC-MAC (CCM), September ETF, A Description of the Camellia Encryption Algorithm, April ETF, Pre-Shared Key Ciphersuites for Transport Layer Security (TLS), December 116]IETF, An Interface and Algorithms for Authenticated Encryption, January 246]IETF, The Transport Layer Security (TLS) Protocol Version 1.2, August 639]IETF, Elliptic Curve Cryptography (ECC) Brainpool Standard Curves and Curve Generation,March 2010. https://tools.ietf.org/html/rfc5639.htmlIHI 00861.0.1Copyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Non-confidentialPage xi
Table 2 (continued)RefTitle[RFC5869]IETF, HMAC-based Extract-and-Expand Key Derivation Function (HKDF), May 915]IETF, Elliptic Curve Private Key Structure, June 979]IETF, Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve DigitalSignature Algorithm (ECDSA), August 2013. ETF, ChaCha20 and Poly1305 for IETF Protocols, May 748]IETF, Elliptic Curves for Security, January 2016. ETF, Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport LayerSecurity (TLS), August 2016. ETF, PKCS #1: RSA Cryptography Specifications Version 2.2, November MD]Dobbertin, Bosselaers and Preneel, RIPEMD-160: A Strengthened Version of RIPEMD,April 1996. https://homes.esat.kuleuven.be/ bosselae/ripemd160.html[SEC1]Standards for Efficient Cryptography, SEC 1: Elliptic Curve Cryptography, May ds for Efficient Cryptography, SEC 2: Recommended Elliptic Curve DomainParameters, January 2010. https://www.secg.org/sec2-v2.pdf[SEC2v1]Standards for Efficient Cryptography, SEC 2: Recommended Elliptic Curve DomainParameters, Version 1.0, September 2000. ST, NIST Special Publication 800-38A: Recommendation for Block Cipher Modes ofOperation: Methods and Techniques, December -38B]NIST, NIST Special Publication 800-38B: Recommendation for Block Cipher Modes ofOperation: the CMAC Mode for Authentication, May 38D]NIST, NIST Special Publication 800-38D: Recommendation for Block Cipher Modes ofOperation: Galois/Counter Mode (GCM) and GMAC, November -56A]NIST, NIST Special Publication 800-56A: Recommendation for Pair-Wise Key-EstablishmentSchemes Using Discrete Logarithm Cryptography, April 00-67]NIST, NIST Special Publication 800-67: Recommendation for the Triple Data EncryptionAlgorithm (TDEA) Block Cipher, November 2017.https://doi.org/10.6028/NIST.SP.800-67r2IHI 00861.0.1Copyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Non-confidentialPage xii
Table 2 (continued)RefTitle[X9-62]ANSI, Public Key Cryptography For The Financial Services Industry: The Elliptic Curve DigitalSignature Algorithm 41/ANSI%20X9.62Terms and abbreviationsThis document uses the following terms and abbreviations.TermMeaningAEADSee Authenticated Encryption with Associated Data.AlgorithmA finite sequence of steps to perform a particular operation.In this specification, an algorithm is a cipher or a related function. Other textscall this a cryptographic mechanism.APIApplication Programming Interface.AsymmetricSee Public-key cryptography.AuthenticatedEncryption withAssociated Data(AEAD)A type of encryption that provides confidentiality and authenticity of datausing symmetric keys.ByteIn this specification, a unit of storage comprising eight bits, also called anoctet.CipherAn algorithm used for encryption or decryption with a symmetric key.CryptoprocessorThe component that performs cryptographic operations. A cryptoprocessormight contain a keystore and countermeasures against a range of physical andtiming attacks.HashA cryptographic hash function, or the value returned by such a function.HMACA type of MAC that uses a cryptographic key with a hash function.IMPLEMENTATION DEFINEDBehavior that is not defined by the architecture, but is defined anddocumented by individual implementations.Initialization vector (IV)An additional input that is not part of the message. It is used to prevent anattacker from making any correlation between cipher text and plain text.This specification uses the term for such initial inputs in all contexts. Forexample, the initial counter in CTR mode is called the IV.IVSee Initialization vector.KDFSee Key Derivation Function.Key agreementAn algorithm for two or more parties to establish a common secret key.IHI 00861.0.1Copyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Non-confidentialPage xiii
Table 3 (continued)TermMeaningKey DerivationFunction (KDF)Key Derivation Function. An algorithm for deriving keys from secret material.Key identifierA reference to a cryptographic key. Key identifiers in the PSA Crypto API are32-bit integers.Key policyKey metadata that describes and restricts what a key can be used for.Key sizeThe size of a key as defined by common conventions for each key type. Forkeys that are built from several numbers of strings, this is the size of aparticular one of these numbers or strings.This specification expresses key sizes in bits.Key typeKey metadata that describes the structure and content of a key.KeystoreA hardware or software component that protects, stores, and managescryptographic keys.LifetimeKey metadata that describes when a key is destroyed.MACSee Message Authentication Code.MessageAuthentication Code(MAC)A short piece of information used to authenticate a message. It is createdand verified using a symmetric key.Message digestA hash of a message. Used to determine if a message has been tampered.Multi-part operationAn API which splits a single cryptographic operation into a sequence ofseparate steps.Non-extractable keyA key with a key policy that prevents it from being read by ordinary means.NonceUsed as an input for certain AEAD algorithms. Nonces must not be reusedwith the same key because this can break a cryptographic protocol.Persistent keyA key that is stored in protected non-volatile memory.PSAPlatform Security ArchitecturePublic-keycryptographyA type of cryptographic system that uses key pairs. A keypair consists of a(secret) private key and a public key (not secret). A public key cryptographicalgorithm can be used for key distribution and for digital signatures.SaltUsed as an input for certain algorithms, such as key derivations.SignatureThe output of a digital signature scheme that uses an asymmetric keypair.Used to establish who produced a message.Single-part functionAn API that implements the cryptographic operation in a single function call.SPECIFICATION DEFINEDBehavior that is defined by this specification.SymmetricA type of cryptographic algorithm that uses a single key. A symmetric keycan be used with a block cipher or a stream cipher.IHI 00861.0.1Copyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Non-confidentialPage xiv
Table 3 (continued)TermMeaningVolatile keyA key that has a short lifespan and is guaranteed not to exist after a restart ofan application instance.Potential for changeThe contents of this specification are stable for version 1.0.The following may change in updates to the version 1.0 specification: Small optional feature additions. Clarifications.Significant additions, or any changes that affect the compatibility of the interfaces defined in thisspecification will only be included in a new major or minor version of the specification.ConventionsTypographical conventionsThe typographical conventions are:italicIntroduces special terminology, and denotes citations.monospaceUsed for assembler syntax descriptions, pseudocode, and source code examples.Also used in the main text for instruction mnemonics and for references to other itemsappearing in assembler syntax descriptions, pseudocode, and source code examples.SMALL CAPITALSUsed for some common terms such as IMPLEMENTATION DEFINED.Used for a few terms that have specific technical meanings, and are included in the Termsand abbreviations.Red textIndicates an open issue.Blue textIndicates a link. This can be A cross-reference to another location within the document A URL, for example http://infocenter.arm.comNumbersNumbers are normally written in decimal. Binary numbers are preceded by 0b, and hexadecimal numbersby 0x.In both cases, the prefix and the associated value are written in a monospace font, for example 0xFFFF0000.To improve readability, long numbers can be written with an underscore separator between every fourcharacters, for example 0xFFFF 0000 0000 0000. Ignore any underscores when interpreting the value of anumber.IHI 00861.0.1Copyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Non-confidentialPage xv
Pseudocode descriptionsThis book uses a form of pseudocode to provide precise descriptions of the specified functionality. Thispseudocode is written in a monospace font. The pseudocode language is described in the ArmArchitecture Reference Manual.Assembler syntax descriptionsThis book is not expected to contain assembler code or pseudo code examples.Any code examples are shown in a monospace font.FeedbackArm welcomes feedback on its documentation.Feedback on this bookIf you have comments on the content of this book, send an e-mail to arm.psa-feedback@arm.com. Give: The title (PSA Cryptography API). The number and issue (IHI 0086 1.0.1). The page numbers to which your comments apply. The rule identifiers to which your comments apply, if applicable. A concise explanation of your comments.Arm also welcomes general suggestions for additions and improvements.IHI 00861.0.1Copyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Non-confidentialPage xvi
1 IntroductionArm’s Platform Security Architecture (PSA) is a holistic set of threat models, security analyses, hardwareand firmware architecture specifications, an open source firmware reference implementation, and anindependent evaluation and certification scheme. PSA provides a recipe, based on industry best practice,that allows security to be consistently designed in, at both a hardware and firmware level.The PSA Cryptographic API (Crypto API) described in this document is an important PSA component thatprovides a portable interface to cryptographic operations on a wide range of hardware. The interface isuser-friendly, while still providing access to the low-level primitives used in modern cryptography. It doesnot require that the user has access to the key material. Instead, it uses opaque key identifiers.This document is part of the PSA family of specifications. It defines an interface for cryptographic services,including cryptography primitives and a key storage functionality.This document includes: A rationale for the design. A high-level overview of the functionality provided by the interface. A description of typical architectures of implementations for this specification. General considerations for implementers of this specification and for applications that use theinterface defined in this specification. A detailed definition of the API.Companion documents will define profiles for this specification. A profile is a minimum mandatory subsetof the interface that a compliant implementation must provide.2 Design goals2.1 Suitable for constrained devicesThe interface is suitable for a vast range of devices: from special-purpose cryptographic processors thatprocess data with a built-in key, to constrained devices running custom application code, such asmicrocontrollers, and multi-application devices, such as servers. Consequentially, the interface is scalableand modular. Scalable: devices only need to implement the functionality that they will use. Modular: larger devices implement larger subsets of the same interface, rather than differentinterfaces.In this interface, all operations on unbounded amounts of data allow multi-part processing, as long as thecalculations on the data are performed in a streaming manner. This means that the application does notneed to store the whole message in memory at one time. As a result, this specification is suitable for veryconstrained devices, including those where memory is very limited.Memory outside the keystore boundary is managed by the application. An implementation of the interfaceis not required to retain any state between function calls, apart from the content of the keystore and otherdata that must be kept inside the keystore security boundary.IHI 00861.0.1Copyright 2018-2020, Arm Limited or its affiliates. All rights reserved.Non-confidentialPage 17
The interface does not expose the representation of keys and intermediate data, except when required forinterchange. This allows each implementation to choose optimal data representations. Implementationswit
3.3.8 Example of the symmetric cryptography API 28 3.4 Asymmetric cryptography 28 3.4.1 Asymmetric encryption 29 3.4.2 Hash-and-sign 29 3.4.3 Key agreement 29 3.5 Randomness and key generation 29 4 Sam
dc-2/3. psa-120s dd-2/3/5/6/7. psa-120s dd-20. psa-120s dd-500. psa-120s df-2. psa-120s di-1. psa-120s dif-800. aci-120 psb-1u x dj-505/707m/808. psb-1u x dm-2/3 psa-120s. dn-2 psa-120s. dp-90/99
api 20 e rapid 20e api 20 ne api campy api nh api staph api 20 strep api coryne api listeriaapi 20 c aux api 20 a rapid id 32 a api 50 ch api 50 chb/e 50 chl reagents to be ordered. strips ref microorganisms suspension inoculum transfer medium i
Latest API exams,latest API-571 dumps,API-571 pdf,API-571 vce,API-571 dumps,API-571 exam questions,API-571 new questions,API-571 actual tests,API-571 practice tests,API-571 real exam questions Created Date
Cryptography and Java Java provides cryptographic functionality using two APIs: JCA - Java Cryptography Architecture - security framework integrated with the core Java API JCE - Java Cryptography Extension - Extensions for strong encryption (exported after 2000 US export policy)
3 API Industry Guide on API Design Apiary - Apiary jump-started the modern API design movement by making API definitions more than just about API documentation, allowing API designers to define APIs in the machine-readable API definition format API blueprint, then mock, share, and publish
The Shadowhunter Circular Exhibition of Art Photography is divided into 6 sections, all digital: 1 A Shadowhunter PSA PID Colour * 2 B Life of man PSA PID Colour 3 C Nature PSA ND ** 4 D Open Colour PSA PID Colour 5 E Open Monochrome PSA PID Mono *** DEFINITIONS * Shadowhunter
1.0 Background to Ethiopia Private Sector Assessment 1.1. Global Finance Facility and the Private Health Sector 1.2. Rationale for PSA 1.3. Target Audience and Use of PSA 1.4. PSA Methodology 1.5. PSA Framework - A Health Market Systems Approach 1.6. Limitations 1.7. PSA Organization 2.0 Ethiopia Overview 2.1 Ethiopia Socio-Economic Indicators
advanced accounting program. Understanding students’ intentions in pursuing their studies to higher level of accounting courses is an important step to attract students to accounting courses. Beside intention, students’ perception on advanced accounting programs and professional courses may
