Secure Element Key Management#
Currently, key management is limited to importing keys in the clear, destroying keys, and exporting keys in the clear.
Whether a key may be exported is determined by the key policies in place on the key slot.
Modules#
Enumerations#
An enumeration indicating how a key is created.
Typedefs#
A function that allocates a slot for a key.
A function that determines whether a slot number is valid for a key.
A function that imports a key into a secure element in binary format.
A function that destroys a secure element key and restore the slot to its default state.
A function that exports a secure element key in binary format.
A function that generates a symmetric or asymmetric key on a secure element.
Enumeration Documentation#
psa_key_creation_method_t#
psa_key_creation_method_t
An enumeration indicating how a key is created.
| Enumerator | |
|---|---|
| PSA_KEY_CREATION_IMPORT | During psa_import_key() |
| PSA_KEY_CREATION_GENERATE | During psa_generate_key() |
| PSA_KEY_CREATION_DERIVE | |
| PSA_KEY_CREATION_COPY | During psa_copy_key() |
| PSA_KEY_CREATION_REGISTER | A key is being registered with mbedtls_psa_register_se_key(). |
818 of file util/third_party/mbedtls/include/psa/crypto_se_driver.hTypedef Documentation#
psa_drv_se_allocate_key_t#
typedef psa_status_t(* psa_drv_se_allocate_key_t) (psa_drv_se_context_t *drv_context, void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_key_slot_number_t *key_slot) )(psa_drv_se_context_t *drv_context, void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_key_slot_number_t *key_slot)
A function that allocates a slot for a key.
| [inout] | drv_context | The driver context structure. |
| [inout] | persistent_data | A pointer to the persistent data that allows writing. |
| [in] | attributes | Attributes of the key. |
| N/A | method | The way in which the key is being created. |
| [out] | key_slot | Slot where the key will be stored. This must be a valid slot for a key of the chosen type. It must be unoccupied. |
To create a key in a specific slot in a secure element, the core first calls this function to determine a valid slot number, then calls a function to create the key material in that slot. In nominal conditions (that is, if no error occurs), the effect of a call to a key creation function in the PSA Cryptography API with a lifetime that places the key in a secure element is the following:
The core calls psa_drv_se_key_management_t::p_allocate (or in some implementations psa_drv_se_key_management_t::p_validate_slot_number). The driver selects (or validates) a suitable slot number given the key attributes and the state of the secure element.
The core calls a key creation function in the driver.
The key creation functions in the PSA Cryptography API are:
psa_import_key(), which causes a call to
p_allocatewithmethod= PSA_KEY_CREATION_IMPORT then a call to psa_drv_se_key_management_t::p_import.psa_generate_key(), which causes a call to
p_allocatewithmethod= PSA_KEY_CREATION_GENERATE then a call to psa_drv_se_key_management_t::p_import.psa_key_derivation_output_key(), which causes a call to
p_allocatewithmethod= PSA_KEY_CREATION_DERIVE then a call to psa_drv_se_key_derivation_t::p_derive.psa_copy_key(), which causes a call to
p_allocatewithmethod= PSA_KEY_CREATION_COPY then a call to psa_drv_se_key_management_t::p_export.
In case of errors, other behaviors are possible.
If the PSA Cryptography subsystem dies after the first step, for example because the device has lost power abruptly, the second step may never happen, or may happen after a reset and re-initialization. Alternatively, after a reset and re-initialization, the core may call psa_drv_se_key_management_t::p_destroy on the slot number that was allocated (or validated) instead of calling a key creation function.
If an error occurs, the core may call psa_drv_se_key_management_t::p_destroy on the slot number that was allocated (or validated) instead of calling a key creation function.
Errors and system resets also have an impact on the driver's persistent data. If a reset happens before the overall key creation process is completed (before or after the second step above), it is unspecified whether the persistent data after the reset is identical to what it was before or after the call to p_allocate (or p_validate_slot_number).
911 of file util/third_party/mbedtls/include/psa/crypto_se_driver.hpsa_drv_se_validate_slot_number_t#
typedef psa_status_t(* psa_drv_se_validate_slot_number_t) (psa_drv_se_context_t *drv_context, void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_key_slot_number_t key_slot) )(psa_drv_se_context_t *drv_context, void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_key_slot_number_t key_slot)
A function that determines whether a slot number is valid for a key.
| [inout] | drv_context | The driver context structure. |
| [inout] | persistent_data | A pointer to the persistent data that allows writing. |
| [in] | attributes | Attributes of the key. |
| N/A | method | The way in which the key is being created. |
| [in] | key_slot | Slot where the key is to be stored. |
To create a key in a specific slot in a secure element, the core first calls this function to validate the choice of slot number, then calls a function to create the key material in that slot. See the documentation of psa_drv_se_allocate_key_t for more details.
As of the PSA Cryptography API specification version 1.0, there is no way for applications to trigger a call to this function. However some implementations offer the capability to create or declare a key in a specific slot via implementation-specific means, generally for the sake of initial device provisioning or onboarding. Such a mechanism may be added to a future version of the PSA Cryptography API specification.
This function may update the driver's persistent data through persistent_data. The core will save the updated persistent data at the end of the key creation process. See the description of psa_drv_se_allocate_key_t for more information.
957 of file util/third_party/mbedtls/include/psa/crypto_se_driver.hpsa_drv_se_import_key_t#
typedef psa_status_t(* psa_drv_se_import_key_t) (psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, size_t *bits) )(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, size_t *bits)
A function that imports a key into a secure element in binary format.
| [inout] | drv_context | The driver context structure. |
| N/A | key_slot | Slot where the key will be stored. This must be a valid slot for a key of the chosen type. It must be unoccupied. |
| [in] | attributes | The key attributes, including the lifetime, the key type and the usage policy. Drivers should not access the key size stored in the attributes: it may not match the data passed in |
| [in] | data | Buffer containing the key data. |
| [in] | data_length | Size of the |
| [out] | bits | On success, the key size in bits. The driver must determine this value after parsing the key according to the key type. This value is not used if the function fails. |
This function can support any output from psa_export_key(). Refer to the documentation of psa_export_key() for the format for each key type.
993 of file util/third_party/mbedtls/include/psa/crypto_se_driver.hpsa_drv_se_destroy_key_t#
typedef psa_status_t(* psa_drv_se_destroy_key_t) (psa_drv_se_context_t *drv_context, void *persistent_data, psa_key_slot_number_t key_slot) )(psa_drv_se_context_t *drv_context, void *persistent_data, psa_key_slot_number_t key_slot)
A function that destroys a secure element key and restore the slot to its default state.
| [inout] | drv_context | The driver context structure. |
| [inout] | persistent_data | A pointer to the persistent data that allows writing. |
| N/A | key_slot | The key slot to erase. |
This function destroys the content of the key from a secure element. Implementations shall make a best effort to ensure that any previous content of the slot is unrecoverable.
This function returns the specified slot to its default state.
1019 of file util/third_party/mbedtls/include/psa/crypto_se_driver.hpsa_drv_se_export_key_t#
typedef psa_status_t(* psa_drv_se_export_key_t) (psa_drv_se_context_t *drv_context, psa_key_slot_number_t key, uint8_t *p_data, size_t data_size, size_t *p_data_length) )(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key, uint8_t *p_data, size_t data_size, size_t *p_data_length)
A function that exports a secure element key in binary format.
| [inout] | drv_context | The driver context structure. |
| [in] | key | Slot whose content is to be exported. This must be an occupied key slot. |
| [out] | p_data | Buffer where the key data is to be written. |
| [in] | data_size | Size of the |
| [out] | p_data_length | On success, the number of bytes that make up the key data. |
The output of this function can be passed to psa_import_key() to create an equivalent object.
If a key is created with psa_import_key() and then exported with this function, it is not guaranteed that the resulting data is identical: the implementation may choose a different representation of the same key if the format permits it.
This function should generate output in the same format that psa_export_key() does. Refer to the documentation of psa_export_key() for the format for each key type.
1055 of file util/third_party/mbedtls/include/psa/crypto_se_driver.hpsa_drv_se_generate_key_t#
typedef psa_status_t(* psa_drv_se_generate_key_t) (psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, const psa_key_attributes_t *attributes, uint8_t *pubkey, size_t pubkey_size, size_t *pubkey_length) )(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, const psa_key_attributes_t *attributes, uint8_t *pubkey, size_t pubkey_size, size_t *pubkey_length)
A function that generates a symmetric or asymmetric key on a secure element.
| [inout] | drv_context | The driver context structure. |
| N/A | key_slot | Slot where the key will be stored. This must be a valid slot for a key of the chosen type. It must be unoccupied. |
| [in] | attributes | The key attributes, including the lifetime, the key type and size, and the usage policy. Drivers can call psa_get_key_lifetime(), psa_get_key_type(), psa_get_key_bits(), psa_get_key_usage_flags() and psa_get_key_algorithm() to access this information. |
| [out] | pubkey | A buffer where the driver can write the public key, when generating an asymmetric key pair. This is |
| N/A | pubkey_size | The size of the |
| [out] | pubkey_length | On entry, this is always 0. On success, the number of bytes written to |
If the key type type recorded in attributes is asymmetric (PSA_KEY_TYPE_IS_ASYMMETRIC(type) = 1), the driver may export the public key at the time of generation, in the format documented for psa_export_public_key() by writing it to the pubkey buffer. This is optional, intended for secure elements that output the public key at generation time and that cannot export the public key later. Drivers that do not need this feature should leave *pubkey_length set to 0 and should implement the psa_drv_key_management_t::p_export_public function. Some implementations do not support this feature, in which case pubkey is NULL and pubkey_size is 0.
1107 of file util/third_party/mbedtls/include/psa/crypto_se_driver.h