Mbed TLS v3.6.3
|
Functions | |
psa_status_t | psa_generate_random (uint8_t *output, size_t output_size) |
Generate random bytes. | |
psa_status_t | psa_generate_key (const psa_key_attributes_t *attributes, mbedtls_svc_key_id_t *key) |
Generate a key or key pair. | |
psa_status_t | psa_generate_key_custom (const psa_key_attributes_t *attributes, const psa_custom_key_parameters_t *custom, const uint8_t *custom_data, size_t custom_data_length, mbedtls_svc_key_id_t *key) |
Generate a key or key pair using custom production parameters. | |
psa_status_t | psa_generate_key_ext (const psa_key_attributes_t *attributes, const psa_key_production_parameters_t *params, size_t params_data_length, mbedtls_svc_key_id_t *key) |
Generate a key or key pair using custom production parameters. | |
psa_status_t psa_generate_key | ( | const psa_key_attributes_t * | attributes, |
mbedtls_svc_key_id_t * | key | ||
) |
Generate a key or key pair.
The key is generated randomly. Its location, usage policy, type and size are taken from attributes
.
Implementations must reject an attempt to generate a key of size 0.
The following type-specific considerations apply:
custom_data_length == 0
(i.e. custom_data
is empty).[in] | attributes | The attributes for the new key. |
[out] | key | On success, an identifier for the newly created key. For persistent keys, this is the key identifier defined in attributes . 0 on failure. |
PSA_SUCCESS | Success. If the key is persistent, the key material and the key's metadata have been saved to persistent storage. |
PSA_ERROR_ALREADY_EXISTS | This is an attempt to create a persistent key, and there is already a persistent key with the given identifier. |
PSA_ERROR_NOT_SUPPORTED | |
PSA_ERROR_INVALID_ARGUMENT | |
PSA_ERROR_INSUFFICIENT_MEMORY | |
PSA_ERROR_INSUFFICIENT_ENTROPY | |
PSA_ERROR_COMMUNICATION_FAILURE | |
PSA_ERROR_HARDWARE_FAILURE | |
PSA_ERROR_CORRUPTION_DETECTED | |
PSA_ERROR_INSUFFICIENT_STORAGE | |
PSA_ERROR_DATA_INVALID | |
PSA_ERROR_DATA_CORRUPT | |
PSA_ERROR_STORAGE_FAILURE | |
PSA_ERROR_BAD_STATE | The library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code. |
psa_status_t psa_generate_key_custom | ( | const psa_key_attributes_t * | attributes, |
const psa_custom_key_parameters_t * | custom, | ||
const uint8_t * | custom_data, | ||
size_t | custom_data_length, | ||
mbedtls_svc_key_id_t * | key | ||
) |
Generate a key or key pair using custom production parameters.
See the description of psa_generate_key() for the operation of this function with the default production parameters. In addition, this function supports the following production customizations, described in more detail in the documentation of psa_custom_key_parameters_t:
[in] | attributes | The attributes for the new key. |
[in] | custom | Customization parameters for the key generation. When this is PSA_CUSTOM_KEY_PARAMETERS_INIT with custom_data_length = 0, this function is equivalent to psa_generate_key(). |
[in] | custom_data | Variable-length data associated with custom . |
custom_data_length | Length of custom_data in bytes. | |
[out] | key | On success, an identifier for the newly created key. For persistent keys, this is the key identifier defined in attributes . 0 on failure. |
PSA_SUCCESS | Success. If the key is persistent, the key material and the key's metadata have been saved to persistent storage. |
PSA_ERROR_ALREADY_EXISTS | This is an attempt to create a persistent key, and there is already a persistent key with the given identifier. |
PSA_ERROR_NOT_SUPPORTED | |
PSA_ERROR_INVALID_ARGUMENT | |
PSA_ERROR_INSUFFICIENT_MEMORY | |
PSA_ERROR_INSUFFICIENT_ENTROPY | |
PSA_ERROR_COMMUNICATION_FAILURE | |
PSA_ERROR_HARDWARE_FAILURE | |
PSA_ERROR_CORRUPTION_DETECTED | |
PSA_ERROR_INSUFFICIENT_STORAGE | |
PSA_ERROR_DATA_INVALID | |
PSA_ERROR_DATA_CORRUPT | |
PSA_ERROR_STORAGE_FAILURE | |
PSA_ERROR_BAD_STATE | The library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code. |
psa_status_t psa_generate_key_ext | ( | const psa_key_attributes_t * | attributes, |
const psa_key_production_parameters_t * | params, | ||
size_t | params_data_length, | ||
mbedtls_svc_key_id_t * | key | ||
) |
Generate a key or key pair using custom production parameters.
params->data
instead of a separate parameter. This function will be removed in a future version of Mbed TLS.[in] | attributes | The attributes for the new key. |
[in] | params | Customization parameters for the key generation. When this is PSA_KEY_PRODUCTION_PARAMETERS_INIT with params_data_length = 0, this function is equivalent to psa_generate_key(). |
params_data_length | Length of params->data in bytes. | |
[out] | key | On success, an identifier for the newly created key. For persistent keys, this is the key identifier defined in attributes . 0 on failure. |
PSA_SUCCESS | Success. If the key is persistent, the key material and the key's metadata have been saved to persistent storage. |
PSA_ERROR_ALREADY_EXISTS | This is an attempt to create a persistent key, and there is already a persistent key with the given identifier. |
PSA_ERROR_NOT_SUPPORTED | |
PSA_ERROR_INVALID_ARGUMENT | |
PSA_ERROR_INSUFFICIENT_MEMORY | |
PSA_ERROR_INSUFFICIENT_ENTROPY | |
PSA_ERROR_COMMUNICATION_FAILURE | |
PSA_ERROR_HARDWARE_FAILURE | |
PSA_ERROR_CORRUPTION_DETECTED | |
PSA_ERROR_INSUFFICIENT_STORAGE | |
PSA_ERROR_DATA_INVALID | |
PSA_ERROR_DATA_CORRUPT | |
PSA_ERROR_STORAGE_FAILURE | |
PSA_ERROR_BAD_STATE | The library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code. |
psa_status_t psa_generate_random | ( | uint8_t * | output, |
size_t | output_size | ||
) |
Generate random bytes.
[out] | output | Output buffer for the generated data. |
output_size | Number of bytes to generate and output. |
PSA_SUCCESS | |
PSA_ERROR_NOT_SUPPORTED | |
PSA_ERROR_INSUFFICIENT_ENTROPY | |
PSA_ERROR_INSUFFICIENT_MEMORY | |
PSA_ERROR_COMMUNICATION_FAILURE | |
PSA_ERROR_HARDWARE_FAILURE | |
PSA_ERROR_CORRUPTION_DETECTED | |
PSA_ERROR_BAD_STATE | The library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code. |