Macros | |
#define | PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) |
The default lifetime for volatile keys. More... | |
#define | PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) |
The default lifetime for persistent keys. More... | |
#define | PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t)0x00) |
The persistence level of volatile keys. More... | |
#define | PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t)0x01) |
The default persistence level for persistent keys. More... | |
#define | PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff) |
A persistence level indicating that a key is never destroyed. More... | |
#define | PSA_KEY_LIFETIME_IS_VOLATILE(lifetime) |
Whether a key lifetime indicates that the key is volatile. More... | |
#define | PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location) ((location) << 8 | (persistence)) |
Construct a lifetime from a persistence level and a location. More... | |
#define | PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t)0x000000) |
The local storage area for persistent keys. More... | |
#define | PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001) |
The minimum value for a key identifier chosen by the application. More... | |
#define | PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff) |
The maximum value for a key identifier chosen by the application. More... | |
#define | PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000) |
The minimum value for a key identifier chosen by the implementation. More... | |
#define | PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff) |
The maximum value for a key identifier chosen by the implementation. More... | |
#define | PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) |
The default lifetime for volatile keys. More... | |
#define | PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) |
The default lifetime for persistent keys. More... | |
#define | PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t)0x00) |
The persistence level of volatile keys. More... | |
#define | PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t)0x01) |
The default persistence level for persistent keys. More... | |
#define | PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff) |
A persistence level indicating that a key is never destroyed. More... | |
#define | PSA_KEY_LIFETIME_IS_VOLATILE(lifetime) |
Whether a key lifetime indicates that the key is volatile. More... | |
#define | PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(persistence, location) ((location) << 8 | (persistence)) |
Construct a lifetime from a persistence level and a location. More... | |
#define | PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t)0x000000) |
The local storage area for persistent keys. More... | |
#define | PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001) |
The minimum value for a key identifier chosen by the application. More... | |
#define | PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff) |
The maximum value for a key identifier chosen by the application. More... | |
#define | PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000) |
The minimum value for a key identifier chosen by the implementation. More... | |
#define | PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff) |
The maximum value for a key identifier chosen by the implementation. More... | |
#define | PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) |
A volatile key only exists as long as the handle to it is not closed. More... | |
#define | PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) |
The default storage area for persistent keys. More... | |
#define | PSA_KEY_ID_USER_MIN ((psa_app_key_id_t)0x00000001) |
The minimum value for a key identifier chosen by the application. More... | |
#define | PSA_KEY_ID_USER_MAX ((psa_app_key_id_t)0x3fffffff) |
The maximum value for a key identifier chosen by the application. More... | |
#define | PSA_KEY_ID_VENDOR_MIN ((psa_app_key_id_t)0x40000000) |
The minimum value for a key identifier chosen by the implementation. More... | |
#define | PSA_KEY_ID_VENDOR_MAX ((psa_app_key_id_t)0x7fffffff) |
The maximum value for a key identifier chosen by the implementation. More... | |
Typedefs | |
typedef uint32_t | psa_key_lifetime_t |
Encoding of key lifetimes. More... | |
typedef uint8_t | psa_key_persistence_t |
Encoding of key persistence levels. More... | |
typedef uint32_t | psa_key_location_t |
Encoding of key location indicators. More... | |
typedef uint32_t | psa_key_id_t |
Encoding of identifiers of persistent keys. More... | |
typedef uint32_t | psa_key_lifetime_t |
Encoding of key lifetimes. More... | |
typedef uint8_t | psa_key_persistence_t |
Encoding of key persistence levels. More... | |
typedef uint32_t | psa_key_location_t |
Encoding of key location indicators. More... | |
typedef uint32_t | psa_key_id_t |
Encoding of identifiers of persistent keys. More... | |
typedef uint32_t | psa_key_lifetime_t |
Encoding of key lifetimes. More... | |
typedef uint32_t | psa_key_id_t |
Encoding of identifiers of persistent keys. More... | |
Functions | |
static mbedtls_svc_key_id_t | mbedtls_svc_key_id_make (unsigned int unused, psa_key_id_t key_id) |
Utility to initialize a key identifier at runtime. More... | |
static int | mbedtls_svc_key_id_equal (mbedtls_svc_key_id_t id1, mbedtls_svc_key_id_t id2) |
Compare two key identifiers. More... | |
static int | mbedtls_svc_key_id_is_null (mbedtls_svc_key_id_t key) |
Check whether a key identifier is null. More... | |
#define PSA_KEY_ID_USER_MAX ((psa_app_key_id_t)0x3fffffff) |
The maximum value for a key identifier chosen by the application.
Definition at line 1584 of file TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_values.h.
#define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff) |
The maximum value for a key identifier chosen by the application.
Definition at line 1648 of file TARGET_TFM/TARGET_TFM_LATEST/include/psa/crypto_values.h.
#define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff) |
The maximum value for a key identifier chosen by the application.
Definition at line 1654 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_values.h.
#define PSA_KEY_ID_USER_MIN ((psa_app_key_id_t)0x00000001) |
The minimum value for a key identifier chosen by the application.
Definition at line 1581 of file TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_values.h.
#define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001) |
The minimum value for a key identifier chosen by the application.
Definition at line 1645 of file TARGET_TFM/TARGET_TFM_LATEST/include/psa/crypto_values.h.
#define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001) |
The minimum value for a key identifier chosen by the application.
Definition at line 1651 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_values.h.
#define PSA_KEY_ID_VENDOR_MAX ((psa_app_key_id_t)0x7fffffff) |
The maximum value for a key identifier chosen by the implementation.
Definition at line 1590 of file TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_values.h.
#define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff) |
The maximum value for a key identifier chosen by the implementation.
Definition at line 1654 of file TARGET_TFM/TARGET_TFM_LATEST/include/psa/crypto_values.h.
#define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff) |
The maximum value for a key identifier chosen by the implementation.
Definition at line 1660 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_values.h.
#define PSA_KEY_ID_VENDOR_MIN ((psa_app_key_id_t)0x40000000) |
The minimum value for a key identifier chosen by the implementation.
Definition at line 1587 of file TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_values.h.
#define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000) |
The minimum value for a key identifier chosen by the implementation.
Definition at line 1651 of file TARGET_TFM/TARGET_TFM_LATEST/include/psa/crypto_values.h.
#define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000) |
The minimum value for a key identifier chosen by the implementation.
Definition at line 1657 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_values.h.
#define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION | ( | persistence, | |
location | |||
) | ((location) << 8 | (persistence)) |
Construct a lifetime from a persistence level and a location.
persistence | The persistence level (value of type psa_key_persistence_t). |
location | The location indicator (value of type psa_key_location_t). |
Definition at line 1629 of file TARGET_TFM/TARGET_TFM_LATEST/include/psa/crypto_values.h.
#define PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION | ( | persistence, | |
location | |||
) | ((location) << 8 | (persistence)) |
Construct a lifetime from a persistence level and a location.
persistence | The persistence level (value of type psa_key_persistence_t). |
location | The location indicator (value of type psa_key_location_t). |
Definition at line 1635 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_values.h.
#define PSA_KEY_LIFETIME_IS_VOLATILE | ( | lifetime | ) |
Whether a key lifetime indicates that the key is volatile.
A volatile key is automatically destroyed by the implementation when the application instance terminates. In particular, a volatile key is automatically destroyed on a power reset of the device.
A key that is not volatile is persistent. Persistent keys are preserved until the application explicitly destroys them or until an implementation-specific device management event occurs (for example, a factory reset).
lifetime | The lifetime value to query (value of type psa_key_lifetime_t). |
1
if the key is volatile, otherwise 0
. Definition at line 1616 of file TARGET_TFM/TARGET_TFM_LATEST/include/psa/crypto_values.h.
#define PSA_KEY_LIFETIME_IS_VOLATILE | ( | lifetime | ) |
Whether a key lifetime indicates that the key is volatile.
A volatile key is automatically destroyed by the implementation when the application instance terminates. In particular, a volatile key is automatically destroyed on a power reset of the device.
A key that is not volatile is persistent. Persistent keys are preserved until the application explicitly destroys them or until an implementation-specific device management event occurs (for example, a factory reset).
lifetime | The lifetime value to query (value of type psa_key_lifetime_t). |
1
if the key is volatile, otherwise 0
. Definition at line 1622 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_values.h.
#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) |
The default lifetime for persistent keys.
A persistent key remains in storage until it is explicitly destroyed or until the corresponding storage area is wiped. This specification does not define any mechanism to wipe a storage area, but implementations may provide their own mechanism (for example to perform a factory reset, to prepare for device refurbishment, or to uninstall an application).
This lifetime value is the default storage area for the calling application. Implementations may offer other storage areas designated by other lifetime values as implementation-specific extensions. See psa_key_lifetime_t for more information.
Definition at line 1574 of file TARGET_TFM/TARGET_TFM_LATEST/include/psa/crypto_values.h.
#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) |
The default storage area for persistent keys.
A persistent key remains in storage until it is explicitly destroyed or until the corresponding storage area is wiped. This specification does not define any mechanism to wipe a storage area, but implementations may provide their own mechanism (for example to perform a factory reset, to prepare for device refurbishment, or to uninstall an application).
This lifetime value is the default storage area for the calling application. Implementations may offer other storage areas designated by other lifetime values as implementation-specific extensions.
Definition at line 1577 of file TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_values.h.
#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) |
The default lifetime for persistent keys.
A persistent key remains in storage until it is explicitly destroyed or until the corresponding storage area is wiped. This specification does not define any mechanism to wipe a storage area, but implementations may provide their own mechanism (for example to perform a factory reset, to prepare for device refurbishment, or to uninstall an application).
This lifetime value is the default storage area for the calling application. Implementations may offer other storage areas designated by other lifetime values as implementation-specific extensions. See psa_key_lifetime_t for more information.
Definition at line 1580 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_values.h.
#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) |
The default lifetime for volatile keys.
A volatile key only exists as long as the identifier to it is not destroyed. The key material is guaranteed to be erased on a power reset.
A key with this lifetime is typically stored in the RAM area of the PSA Crypto subsystem. However this is an implementation choice. If an implementation stores data about the key in a non-volatile memory, it must release all the resources associated with the key and erase the key material if the calling application terminates.
Definition at line 1559 of file TARGET_TFM/TARGET_TFM_LATEST/include/psa/crypto_values.h.
#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) |
A volatile key only exists as long as the handle to it is not closed.
The key material is guaranteed to be erased on a power reset.
Definition at line 1563 of file TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_values.h.
#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) |
The default lifetime for volatile keys.
A volatile key only exists as long as the identifier to it is not destroyed. The key material is guaranteed to be erased on a power reset.
A key with this lifetime is typically stored in the RAM area of the PSA Crypto subsystem. However this is an implementation choice. If an implementation stores data about the key in a non-volatile memory, it must release all the resources associated with the key and erase the key material if the calling application terminates.
Definition at line 1565 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_values.h.
#define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t)0x000000) |
The local storage area for persistent keys.
This storage area is available on all systems that can store persistent keys without delegating the storage to a third-party cryptoprocessor.
See psa_key_location_t for more information.
Definition at line 1639 of file TARGET_TFM/TARGET_TFM_LATEST/include/psa/crypto_values.h.
#define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t)0x000000) |
The local storage area for persistent keys.
This storage area is available on all systems that can store persistent keys without delegating the storage to a third-party cryptoprocessor.
See psa_key_location_t for more information.
Definition at line 1645 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_values.h.
#define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t)0x01) |
The default persistence level for persistent keys.
See psa_key_persistence_t for more information.
Definition at line 1586 of file TARGET_TFM/TARGET_TFM_LATEST/include/psa/crypto_values.h.
#define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t)0x01) |
The default persistence level for persistent keys.
See psa_key_persistence_t for more information.
Definition at line 1592 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_values.h.
#define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff) |
A persistence level indicating that a key is never destroyed.
See psa_key_persistence_t for more information.
Definition at line 1592 of file TARGET_TFM/TARGET_TFM_LATEST/include/psa/crypto_values.h.
#define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff) |
A persistence level indicating that a key is never destroyed.
See psa_key_persistence_t for more information.
Definition at line 1598 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_values.h.
#define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t)0x00) |
The persistence level of volatile keys.
See psa_key_persistence_t for more information.
Definition at line 1580 of file TARGET_TFM/TARGET_TFM_LATEST/include/psa/crypto_values.h.
#define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t)0x00) |
The persistence level of volatile keys.
See psa_key_persistence_t for more information.
Definition at line 1586 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_values.h.
typedef uint32_t psa_key_id_t |
Encoding of identifiers of persistent keys.
Definition at line 187 of file TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_types.h.
typedef uint32_t psa_key_id_t |
Encoding of identifiers of persistent keys.
Definition at line 219 of file TARGET_TFM/TARGET_TFM_LATEST/include/psa/crypto_types.h.
typedef uint32_t psa_key_id_t |
Encoding of identifiers of persistent keys.
Definition at line 231 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_types.h.
typedef uint32_t psa_key_lifetime_t |
Encoding of key lifetimes.
The lifetime of a key indicates where it is stored and what system actions may create and destroy it.
Lifetime values have the following structure:
lifetime
)): persistence level. This value indicates what device management actions can cause it to be destroyed. In particular, it indicates whether the key is volatile or persistent. See psa_key_persistence_t for more information.lifetime
)): location indicator. This value indicates where the key is stored and where operations on the key are performed. See psa_key_location_t for more information.Volatile keys are automatically destroyed when the application instance terminates or on a power reset of the device. Persistent keys are preserved until the application explicitly destroys them or until an implementation-specific device management event occurs (for example, a factory reset).
Persistent keys have a key identifier of type psa_key_id_t. This identifier remains valid throughout the lifetime of the key, even if the application instance that created the key terminates. The application can call psa_open_key() to open a persistent key that it created previously.
This specification defines two basic lifetime values:
Definition at line 129 of file TARGET_TFM/TARGET_TFM_LATEST/include/psa/crypto_types.h.
typedef uint32_t psa_key_lifetime_t |
Encoding of key lifetimes.
The lifetime of a key indicates where it is stored and what system actions may create and destroy it.
Lifetime values have the following structure:
lifetime
)): persistence level. This value indicates what device management actions can cause it to be destroyed. In particular, it indicates whether the key is volatile or persistent. See psa_key_persistence_t for more information.lifetime
)): location indicator. This value indicates where the key is stored and where operations on the key are performed. See psa_key_location_t for more information.Volatile keys are automatically destroyed when the application instance terminates or on a power reset of the device. Persistent keys are preserved until the application explicitly destroys them or until an implementation-specific device management event occurs (for example, a factory reset).
Persistent keys have a key identifier of type #mbedtls_svc_key_id_t. This identifier remains valid throughout the lifetime of the key, even if the application instance that created the key terminates. The application can call psa_open_key() to open a persistent key that it created previously.
This specification defines two basic lifetime values:
Definition at line 141 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_types.h.
typedef uint32_t psa_key_lifetime_t |
Encoding of key lifetimes.
The lifetime of a key indicates where it is stored and what system actions may create and destroy it.
Keys with the lifetime PSA_KEY_LIFETIME_VOLATILE are automatically destroyed when the application terminates or on a power reset.
Keys with a lifetime other than PSA_KEY_LIFETIME_VOLATILE are said to be persistent. Persistent keys are preserved if the application or the system restarts. Persistent keys have a key identifier of type psa_key_id_t. The application can call psa_open_key() to open a persistent key that it created previously.
Definition at line 176 of file TARGET_TFM/TARGET_TFM_V1_0/include/psa/crypto_types.h.
typedef uint32_t psa_key_location_t |
Encoding of key location indicators.
If an implementation of this API can make calls to external cryptoprocessors such as secure elements, the location of a key indicates which secure element performs the operations on the key. If an implementation offers multiple physical locations for persistent storage, the location indicator reflects at which physical location the key is stored.
This specification defines the following values of location indicators:
0
: primary local storage. All implementations should support this value. The primary local storage is typically the same storage area that contains the key metadata.1
: primary secure element. Implementations should support this value if there is a secure element attached to the operating environment. As a guideline, secure elements may provide higher resistance against side channel and physical attacks than the primary local storage, but may have restrictions on supported key types, sizes, policies and operations and may have different performance characteristics.2-0x7fffff
: other locations defined by a PSA specification. The PSA Cryptography API does not currently assign any meaning to these locations, but future versions of this specification or other PSA specifications may do so.0x800000-0xffffff
: vendor-defined locations. No PSA specification will assign a meaning to locations in this range.Definition at line 208 of file TARGET_TFM/TARGET_TFM_LATEST/include/psa/crypto_types.h.
typedef uint32_t psa_key_location_t |
Encoding of key location indicators.
If an implementation of this API can make calls to external cryptoprocessors such as secure elements, the location of a key indicates which secure element performs the operations on the key. If an implementation offers multiple physical locations for persistent storage, the location indicator reflects at which physical location the key is stored.
This specification defines the following values of location indicators:
0
: primary local storage. All implementations should support this value. The primary local storage is typically the same storage area that contains the key metadata.1
: primary secure element. Implementations should support this value if there is a secure element attached to the operating environment. As a guideline, secure elements may provide higher resistance against side channel and physical attacks than the primary local storage, but may have restrictions on supported key types, sizes, policies and operations and may have different performance characteristics.2-0x7fffff
: other locations defined by a PSA specification. The PSA Cryptography API does not currently assign any meaning to these locations, but future versions of this specification or other PSA specifications may do so.0x800000-0xffffff
: vendor-defined locations. No PSA specification will assign a meaning to locations in this range.Definition at line 220 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_types.h.
typedef uint8_t psa_key_persistence_t |
Encoding of key persistence levels.
What distinguishes different persistence levels is what device management events may cause keys to be destroyed. Volatile keys are destroyed by a power reset. Persistent keys may be destroyed by events such as a transfer of ownership or a factory reset. What management events actually affect persistent keys at different levels is outside the scope of the PSA Cryptography specification.
This specification defines the following values of persistence levels:
0
= PSA_KEY_PERSISTENCE_VOLATILE: volatile key. A volatile key is automatically destroyed by the implementation when the application instance terminates. In particular, a volatile key is automatically destroyed on a power reset of the device.1
= PSA_KEY_PERSISTENCE_DEFAULT: persistent key with a default lifetime. Implementations should support this value if they support persistent keys at all. Applications should use this value if they have no specific needs that are only met by implementation-specific features.2-127
: persistent key with a PSA-specified lifetime. The PSA Cryptography specification does not define the meaning of these values, but other PSA specifications may do so.128-254
: persistent key with a vendor-specified lifetime. No PSA specification will define the meaning of these values, so implementations may choose the meaning freely. As a guideline, higher persistence levels should cause a key to survive more management events than lower levels.255
= PSA_KEY_PERSISTENCE_READ_ONLY: read-only or write-once key. A key with this persistence level cannot be destroyed. Implementations that support such keys may either allow their creation through the PSA Cryptography API, preferably only to applications with the appropriate privilege, or only expose keys created through implementation-specific means such as a factory ROM engraving process. Note that keys that are read-only due to policy restrictions rather than due to physical limitations should not have this persistence levels.Definition at line 174 of file TARGET_TFM/TARGET_TFM_LATEST/include/psa/crypto_types.h.
typedef uint8_t psa_key_persistence_t |
Encoding of key persistence levels.
What distinguishes different persistence levels is what device management events may cause keys to be destroyed. Volatile keys are destroyed by a power reset. Persistent keys may be destroyed by events such as a transfer of ownership or a factory reset. What management events actually affect persistent keys at different levels is outside the scope of the PSA Cryptography specification.
This specification defines the following values of persistence levels:
0
= PSA_KEY_PERSISTENCE_VOLATILE: volatile key. A volatile key is automatically destroyed by the implementation when the application instance terminates. In particular, a volatile key is automatically destroyed on a power reset of the device.1
= PSA_KEY_PERSISTENCE_DEFAULT: persistent key with a default lifetime. Implementations should support this value if they support persistent keys at all. Applications should use this value if they have no specific needs that are only met by implementation-specific features.2-127
: persistent key with a PSA-specified lifetime. The PSA Cryptography specification does not define the meaning of these values, but other PSA specifications may do so.128-254
: persistent key with a vendor-specified lifetime. No PSA specification will define the meaning of these values, so implementations may choose the meaning freely. As a guideline, higher persistence levels should cause a key to survive more management events than lower levels.255
= PSA_KEY_PERSISTENCE_READ_ONLY: read-only or write-once key. A key with this persistence level cannot be destroyed. Implementations that support such keys may either allow their creation through the PSA Cryptography API, preferably only to applications with the appropriate privilege, or only expose keys created through implementation-specific means such as a factory ROM engraving process. Note that keys that are read-only due to policy restrictions rather than due to physical limitations should not have this persistence levels.Definition at line 186 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_types.h.
|
static |
Compare two key identifiers.
id1 | First key identifier. |
id2 | Second key identifier. |
Definition at line 1689 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_values.h.
|
static |
Check whether a key identifier is null.
key | Key identifier. |
Definition at line 1701 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_values.h.
|
static |
Utility to initialize a key identifier at runtime.
unused | Unused parameter. |
key_id | Identifier of the key. |
Definition at line 1674 of file TARGET_MBED_PSA_SRV/inc/psa/crypto_values.h.