Random generation

Functions

psa_status_t psa_generate_random (uint8_t *output, size_t output_size)
 Generate random bytes.
 
psa_status_t psa_generate_key (const psa_key_attributes_t *attributes, psa_key_handle_t *handle)
 Generate a key or key pair.
 

Function Documentation

psa_status_t psa_generate_key ( const psa_key_attributes_t attributes,
psa_key_handle_t handle 
)

Generate a key or key pair.

The key is generated randomly. Its location, usage policy, type and size are taken from attributes.

Implementations must reject an attempt to generate a key of size 0.

The following type-specific considerations apply:

  • For RSA keys (PSA_KEY_TYPE_RSA_KEY_PAIR), the public exponent is 65537. The modulus is a product of two probabilistic primes between 2^{n-1} and 2^n where n is the bit size specified in the attributes.
Parameters
[in]attributesThe attributes for the new key.
[out]handleOn success, a handle to the newly created key. 0 on failure.
Return values
PSA_SUCCESSSuccess. If the key is persistent, the key material and the key's metadata have been saved to persistent storage.
PSA_ERROR_ALREADY_EXISTSThis is an attempt to create a persistent key, and there is already a persistent key with the given identifier.
PSA_ERROR_NOT_SUPPORTED
PSA_ERROR_INVALID_ARGUMENT
PSA_ERROR_INSUFFICIENT_MEMORY
PSA_ERROR_INSUFFICIENT_ENTROPY
PSA_ERROR_COMMUNICATION_FAILURE
PSA_ERROR_HARDWARE_FAILURE
PSA_ERROR_CORRUPTION_DETECTED
PSA_ERROR_INSUFFICIENT_STORAGE
PSA_ERROR_STORAGE_FAILURE
PSA_ERROR_BAD_STATEThe library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code.
psa_status_t psa_generate_random ( uint8_t *  output,
size_t  output_size 
)

Generate random bytes.

Warning
This function can fail! Callers MUST check the return status and MUST NOT use the content of the output buffer if the return status is not PSA_SUCCESS.
Note
To generate a key, use psa_generate_key() instead.
Parameters
[out]outputOutput buffer for the generated data.
output_sizeNumber of bytes to generate and output.
Return values
PSA_SUCCESS
PSA_ERROR_NOT_SUPPORTED
PSA_ERROR_INSUFFICIENT_ENTROPY
PSA_ERROR_INSUFFICIENT_MEMORY
PSA_ERROR_COMMUNICATION_FAILURE
PSA_ERROR_HARDWARE_FAILURE
PSA_ERROR_CORRUPTION_DETECTED
PSA_ERROR_BAD_STATEThe library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code.