Macros | |
#define | KEYSTORE_PSA_KEY_ATTRIBUTES_INIT PSA_KEY_ATTRIBUTES_INIT |
#define | GET_KEY_ID(keyID, ID) keyID = ID |
#define | SET_KEY_ID(ID, keyID) ID = keyID |
Typedefs | |
typedef psa_key_attributes_t | KeyStore_PSA_KeyAttributes |
#define KEYSTORE_PSA_KEY_ATTRIBUTES_INIT PSA_KEY_ATTRIBUTES_INIT |
#define GET_KEY_ID | ( | keyID, | |
ID | |||
) | keyID = ID |
Macro to assign and get keyID
It depends on MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER to assign keyID and owner if multiple partition supported by mbedtls
#define SET_KEY_ID | ( | ID, | |
keyID | |||
) | ID = keyID |
typedef psa_key_attributes_t KeyStore_PSA_KeyAttributes |
The type of a structure containing key attributes.
This is an opaque structure that can represent the metadata of a key object. Metadata that can be stored in attributes includes:
The actual key material is not considered an attribute of a key. Key attributes do not contain information that is generally considered highly confidential.
An attribute structure can be a simple data structure where each function KeyStore_PSA_setKeyXXX
sets a field and the corresponding function KeyStore_PSA_getKeyXXX
retrieves the value of the corresponding field. However, implementations may report values that are equivalent to the original one, but have a different encoding. For example, an implementation may use a more compact representation for types where many bit-patterns are invalid or not supported, and store all values that it does not support as a special marker value. In such an implementation, after setting an invalid value, the corresponding get function returns an invalid value which may not be the one that was originally stored.
An attribute structure may contain references to auxiliary resources, for example pointers to allocated memory or indirect references to pre-calculated values. In order to free such resources, the application must call KeyStore_PSA_resetKeyAttributes(). As an exception, calling KeyStore_PSA_resetKeyAttributes() on an attribute structure is optional if the structure has only been modified by the following functions since it was initialized or last reset with KeyStore_PSA_resetKeyAttributes():
Before calling any function on a key attribute structure, the application must initialize it by any of the following means:
A freshly initialized attribute structure contains the following values:
0
(which is not a valid key identifier).0
(meaning that the type is unspecified).0
(meaning that the size is unspecified).0
(which allows no usage except exporting a public key).0
(which allows no cryptographic usage, but allows exporting).A typical sequence to create a key is as follows:
A typical sequence to query a key's attributes is as follows:
KeyStore_PSA_get_key_xxx
functions to retrieve the attribute(s) that you are interested in.Once a key has been created, it is impossible to change its attributes.