Key management#

Functions#

psa_purge_key(psa_key_id_t key)

Remove non-essential copies of key material from memory.

psa_copy_key(psa_key_id_t source_key, const psa_key_attributes_t *attributes, psa_key_id_t *target_key)

Make a copy of a key.

psa_destroy_key(psa_key_id_t key)

Destroy a key.

Function Documentation#

psa_purge_key#

psa_status_t psa_purge_key (psa_key_id_t key)

Remove non-essential copies of key material from memory.

Parameters
N/Akey

Identifier of the key to purge.

If the key identifier designates a volatile key, this functions does not do anything and returns successfully.

If the key identifier designates a persistent key, then this function will free all resources associated with the key in volatile memory. The key data in persistent storage is not affected and the key can still be used.


Definition at line 397 of file util/third_party/trusted-firmware-m/interface/include/psa/crypto.h

psa_copy_key#

psa_status_t psa_copy_key (psa_key_id_t source_key, const psa_key_attributes_t * attributes, psa_key_id_t * target_key)

Make a copy of a key.

Parameters
N/Asource_key

The key to copy. It must allow the usage PSA_KEY_USAGE_COPY. If a private or secret key is being copied outside of a secure element it must also allow PSA_KEY_USAGE_EXPORT.

[in]attributes

The attributes for the new key. They are used as follows:

  • The key type and size may be 0. If either is nonzero, it must match the corresponding attribute of the source key.

  • The key location (the lifetime and, for persistent keys, the key identifier) is used directly.

  • The policy constraints (usage flags and algorithm policy) are combined from the source key and attributes so that both sets of restrictions apply, as described in the documentation of this function.

[out]target_key

On success, an identifier for the newly created key. For persistent keys, this is the key identifier defined in attributes. 0 on failure.

Copy key material from one location to another.

This function is primarily useful to copy a key from one location to another, since it populates a key using the material from another key which may have a different lifetime.

This function may be used to share a key with a different party, subject to implementation-defined restrictions on key sharing.

The policy on the source key must have the usage flag PSA_KEY_USAGE_COPY set. This flag is sufficient to permit the copy if the key has the lifetime PSA_KEY_LIFETIME_VOLATILE or PSA_KEY_LIFETIME_PERSISTENT. Some secure elements do not provide a way to copy a key without making it extractable from the secure element. If a key is located in such a secure element, then the key must have both usage flags PSA_KEY_USAGE_COPY and PSA_KEY_USAGE_EXPORT in order to make a copy of the key outside the secure element.

The resulting key may only be used in a way that conforms to both the policy of the original key and the policy specified in the attributes parameter:

  • The usage flags on the resulting key are the bitwise-and of the usage flags on the source policy and the usage flags in attributes.

  • If both allow the same algorithm or wildcard-based algorithm policy, the resulting key has the same algorithm policy.

  • If either of the policies allows an algorithm and the other policy allows a wildcard-based algorithm policy that includes this algorithm, the resulting key allows the same algorithm.

  • If the policies do not allow any algorithm in common, this function fails with the status PSA_ERROR_INVALID_ARGUMENT.

The effect of this function on implementation-defined attributes is implementation-defined.

Copy key material from one location to another.

This function is primarily useful to copy a key from one location to another, since it populates a key using the material from another key which may have a different lifetime.

This function may be used to share a key with a different party, subject to implementation-defined restrictions on key sharing.

The policy on the source key must have the usage flag PSA_KEY_USAGE_COPY set. This flag is sufficient to permit the copy if the key has the lifetime PSA_KEY_LIFETIME_VOLATILE or PSA_KEY_LIFETIME_PERSISTENT. Some secure elements do not provide a way to copy a key without making it extractable from the secure element. If a key is located in such a secure element, then the key must have both usage flags PSA_KEY_USAGE_COPY and PSA_KEY_USAGE_EXPORT in order to make a copy of the key outside the secure element.

The resulting key may only be used in a way that conforms to both the policy of the original key and the policy specified in the attributes parameter:

  • The usage flags on the resulting key are the bitwise-and of the usage flags on the source policy and the usage flags in attributes.

  • If both allow the same algorithm or wildcard-based algorithm policy, the resulting key has the same algorithm policy.

  • If either of the policies allows an algorithm and the other policy allows a wildcard-based algorithm policy that includes this algorithm, the resulting key allows the same algorithm.

  • If the policies do not allow any algorithm in common, this function fails with the status PSA_ERROR_INVALID_ARGUMENT.

The effect of this function on implementation-defined attributes is implementation-defined.


Definition at line 490 of file util/third_party/trusted-firmware-m/interface/include/psa/crypto.h

psa_destroy_key#

psa_status_t psa_destroy_key (psa_key_id_t key)

Destroy a key.

Parameters
N/Akey

Identifier of the key to erase. If this is 0, do nothing and return PSA_SUCCESS.

This function destroys a key from both volatile memory and, if applicable, non-volatile storage. Implementations shall make a best effort to ensure that that the key material cannot be recovered.

This function also erases any metadata such as policies and frees resources associated with the key.

If a key is currently in use in a multipart operation, then destroying the key will cause the multipart operation to fail.

This function destroys a key from both volatile memory and, if applicable, non-volatile storage. Implementations shall make a best effort to ensure that that the key material cannot be recovered.

This function also erases any metadata such as policies and frees resources associated with the key.

If a key is currently in use in a multipart operation, then destroying the key will cause the multipart operation to fail.


Definition at line 540 of file util/third_party/trusted-firmware-m/interface/include/psa/crypto.h