Keil Studio Cloud
Mistake on this page?
Report an issue in GitHub or email us
psa_crypto_slot_management.h
1 /*
2  * PSA crypto layer on top of Mbed TLS crypto
3  */
4 /*
5  * Copyright The Mbed TLS Contributors
6  * SPDX-License-Identifier: Apache-2.0
7  *
8  * Licensed under the Apache License, Version 2.0 (the "License"); you may
9  * not use this file except in compliance with the License.
10  * You may obtain a copy of the License at
11  *
12  * http://www.apache.org/licenses/LICENSE-2.0
13  *
14  * Unless required by applicable law or agreed to in writing, software
15  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17  * See the License for the specific language governing permissions and
18  * limitations under the License.
19  */
20 
21 #ifndef PSA_CRYPTO_SLOT_MANAGEMENT_H
22 #define PSA_CRYPTO_SLOT_MANAGEMENT_H
23 
24 #include "psa/crypto.h"
25 #include "psa_crypto_se.h"
26 
27 /* Number of key slots (plus one because 0 is not used).
28  * The value is a compile-time constant for now, for simplicity. */
29 #define PSA_KEY_SLOT_COUNT 32
30 
31 /** Access a key slot at the given handle.
32  *
33  * \param handle Key handle to query.
34  * \param[out] p_slot On success, `*p_slot` contains a pointer to the
35  * key slot in memory designated by \p handle.
36  *
37  * \retval PSA_SUCCESS
38  * Success: \p handle is a handle to `*p_slot`. Note that `*p_slot`
39  * may be empty or occupied.
40  * \retval PSA_ERROR_INVALID_HANDLE
41  * \p handle is out of range or is not in use.
42  * \retval PSA_ERROR_BAD_STATE
43  * The library has not been initialized.
44  */
45 psa_status_t psa_get_key_slot( psa_key_handle_t handle,
46  psa_key_slot_t **p_slot );
47 
48 /** Initialize the key slot structures.
49  *
50  * \retval PSA_SUCCESS
51  * Currently this function always succeeds.
52  */
53 psa_status_t psa_initialize_key_slots( void );
54 
55 /** Delete all data from key slots in memory.
56  *
57  * This does not affect persistent storage. */
58 void psa_wipe_all_key_slots( void );
59 
60 /** Find a free key slot.
61  *
62  * This function returns a key slot that is available for use and is in its
63  * ground state (all-bits-zero).
64  *
65  * \param[out] handle On success, a slot number that can be used as a
66  * handle to the slot.
67  * \param[out] p_slot On success, a pointer to the slot.
68  *
69  * \retval #PSA_SUCCESS
70  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
71  * \retval #PSA_ERROR_BAD_STATE
72  */
73 psa_status_t psa_get_empty_key_slot( psa_key_handle_t *handle,
74  psa_key_slot_t **p_slot );
75 
76 /** Test whether a lifetime designates a key in an external cryptoprocessor.
77  *
78  * \param lifetime The lifetime to test.
79  *
80  * \retval 1
81  * The lifetime designates an external key. There should be a
82  * registered driver for this lifetime, otherwise the key cannot
83  * be created or manipulated.
84  * \retval 0
85  * The lifetime designates a key that is volatile or in internal
86  * storage.
87  */
88 static inline int psa_key_lifetime_is_external( psa_key_lifetime_t lifetime )
89 {
90  return( PSA_KEY_LIFETIME_GET_LOCATION( lifetime )
91  != PSA_KEY_LOCATION_LOCAL_STORAGE );
92 }
93 
94 /** Validate a key's location.
95  *
96  * This function checks whether the key's attributes point to a location that
97  * is known to the PSA Core, and returns the driver function table if the key
98  * is to be found in an external location.
99  *
100  * \param[in] lifetime The key lifetime attribute.
101  * \param[out] p_drv On success, when a key is located in external
102  * storage, returns a pointer to the driver table
103  * associated with the key's storage location.
104  *
105  * \retval #PSA_SUCCESS
106  * \retval #PSA_ERROR_INVALID_ARGUMENT
107  */
108 psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime,
109  psa_se_drv_table_entry_t **p_drv );
110 
111 /** Validate that a key's persistence attributes are valid.
112  *
113  * This function checks whether a key's declared persistence level and key ID
114  * attributes are valid and known to the PSA Core in its actual configuration.
115  *
116  * \param[in] lifetime The key lifetime attribute.
117  * \param[in] key_id The key ID attribute
118  *
119  * \retval #PSA_SUCCESS
120  * \retval #PSA_ERROR_INVALID_ARGUMENT
121  */
122 psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime,
123  psa_key_id_t key_id );
124 
125 
126 #endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */
psa_key_id_t
uint32_t psa_key_id_t
Encoding of identifiers of persistent keys.
Definition: TARGET_MBED_PSA_SRV/inc/psa/crypto_types.h:235
psa_key_lifetime_t
uint32_t psa_key_lifetime_t
Encoding of key lifetimes.
Definition: TARGET_MBED_PSA_SRV/inc/psa/crypto_types.h:139
psa_status_t
int32_t psa_status_t
Function return status.
Definition: TARGET_MBED_PSA_SRV/inc/psa/crypto_types.h:53
PSA_KEY_LOCATION_LOCAL_STORAGE
#define PSA_KEY_LOCATION_LOCAL_STORAGE
The local storage area for persistent keys.
Definition: TARGET_MBED_PSA_SRV/inc/psa/crypto_values.h:1633
psa_key_slot_t
The data structure representing a key slot, containing key material and metadata for one key...
Definition: psa_crypto_core.h:36
Important Information for this Arm website

This site uses cookies to store information on your computer. By continuing to use our site, you consent to our cookies. If you are not happy with the use of these cookies, please review our Cookie Policy to learn how they can be disabled. By disabling cookies, some features of the site will not work.