Add version 1.1.0 and make it the latest version
docs/1.1.0 obtained by running update_psa_crypto_api.sh with a directory
containing psa-crypto-api at tag psa-crypto-api-1.1.0, built inside a Docker
image built from its scripts/Dockerfile.
Update index.md and switch the "latest" version to be 1.1.0.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/docs/1.1.0/PSA_Cryptography_API_Specification.pdf b/docs/1.1.0/PSA_Cryptography_API_Specification.pdf
new file mode 100644
index 0000000..0cabca8
--- /dev/null
+++ b/docs/1.1.0/PSA_Cryptography_API_Specification.pdf
Binary files differ
diff --git a/docs/1.1.0/html/.buildinfo b/docs/1.1.0/html/.buildinfo
new file mode 100644
index 0000000..a267b8f
--- /dev/null
+++ b/docs/1.1.0/html/.buildinfo
@@ -0,0 +1,4 @@
+# Sphinx build info version 1
+# This file hashes the configuration used when building these files. When it is not found, a full rebuild will be done.
+config: fa9093c93e61a383d37639de144fbd1b
+tags: 645f666f9bcd5a90fca523b33c5a78b7
diff --git a/docs/1.1.0/html/_images/Arm_logo_blue_150LG.png b/docs/1.1.0/html/_images/Arm_logo_blue_150LG.png
new file mode 100644
index 0000000..eab259b
--- /dev/null
+++ b/docs/1.1.0/html/_images/Arm_logo_blue_150LG.png
Binary files differ
diff --git a/docs/1.1.0/html/_images/aead_fields.svg b/docs/1.1.0/html/_images/aead_fields.svg
new file mode 100644
index 0000000..189ad25
--- /dev/null
+++ b/docs/1.1.0/html/_images/aead_fields.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg baseProfile="full" height="57" id="svgcontent" version="1.1" viewBox="0 0 609 57" width="609" xmlns="http://www.w3.org/2000/svg" xmlns:ev="http://www.w3.org/2001/xml-events" xmlns:xlink="http://www.w3.org/1999/xlink"><defs /><g font-family="lato" font-size="11" font-weight="normal" text-anchor="middle" transform="translate(4.5,0.5)"><g stroke="black" stroke-linecap="round" stroke-width="1" transform="translate(0,13.0)"><line x1="0" x2="600" y1="0" y2="0" /><line x1="0" x2="0" y1="0" y2="26.0" /><line x1="0" x2="600" y1="26.0" y2="26.0" /><line x1="600.0" x2="600.0" y1="0" y2="26.0" /><line x1="581.25" x2="581.25" y1="0" y2="3.25" /><line x1="581.25" x2="581.25" y1="22.75" y2="26.0" /><line x1="562.5" x2="562.5" y1="0" y2="3.25" /><line x1="562.5" x2="562.5" y1="22.75" y2="26.0" /><line x1="543.75" x2="543.75" y1="0" y2="3.25" /><line x1="543.75" x2="543.75" y1="22.75" y2="26.0" /><line x1="525.0" x2="525.0" y1="0" y2="3.25" /><line x1="525.0" x2="525.0" y1="22.75" y2="26.0" /><line x1="506.25" x2="506.25" y1="0" y2="3.25" /><line x1="506.25" x2="506.25" y1="22.75" y2="26.0" /><line x1="487.5" x2="487.5" y1="0" y2="3.25" /><line x1="487.5" x2="487.5" y1="22.75" y2="26.0" /><line x1="468.75" x2="468.75" y1="0" y2="3.25" /><line x1="468.75" x2="468.75" y1="22.75" y2="26.0" /><line x1="450.0" x2="450.0" y1="0" y2="26.0" /><line x1="431.25" x2="431.25" y1="0" y2="3.25" /><line x1="431.25" x2="431.25" y1="22.75" y2="26.0" /><line x1="412.5" x2="412.5" y1="0" y2="3.25" /><line x1="412.5" x2="412.5" y1="22.75" y2="26.0" /><line x1="393.75" x2="393.75" y1="0" y2="3.25" /><line x1="393.75" x2="393.75" y1="22.75" y2="26.0" /><line x1="375.0" x2="375.0" y1="0" y2="3.25" /><line x1="375.0" x2="375.0" y1="22.75" y2="26.0" /><line x1="356.25" x2="356.25" y1="0" y2="3.25" /><line x1="356.25" x2="356.25" y1="22.75" y2="26.0" /><line x1="337.5" x2="337.5" y1="0" y2="3.25" /><line x1="337.5" x2="337.5" y1="22.75" y2="26.0" /><line x1="318.75" x2="318.75" y1="0" y2="26.0" /><line x1="300.0" x2="300.0" y1="0" y2="26.0" /><line x1="281.25" x2="281.25" y1="0" y2="3.25" /><line x1="281.25" x2="281.25" y1="22.75" y2="26.0" /><line x1="262.5" x2="262.5" y1="0" y2="3.25" /><line x1="262.5" x2="262.5" y1="22.75" y2="26.0" /><line x1="243.75" x2="243.75" y1="0" y2="3.25" /><line x1="243.75" x2="243.75" y1="22.75" y2="26.0" /><line x1="225.0" x2="225.0" y1="0" y2="3.25" /><line x1="225.0" x2="225.0" y1="22.75" y2="26.0" /><line x1="206.25" x2="206.25" y1="0" y2="3.25" /><line x1="206.25" x2="206.25" y1="22.75" y2="26.0" /><line x1="187.5" x2="187.5" y1="0" y2="26.0" /><line x1="168.75" x2="168.75" y1="0" y2="26.0" /><line x1="150.0" x2="150.0" y1="0" y2="26.0" /><line x1="131.25" x2="131.25" y1="0" y2="3.25" /><line x1="131.25" x2="131.25" y1="22.75" y2="26.0" /><line x1="112.5" x2="112.5" y1="0" y2="3.25" /><line x1="112.5" x2="112.5" y1="22.75" y2="26.0" /><line x1="93.75" x2="93.75" y1="0" y2="3.25" /><line x1="93.75" x2="93.75" y1="22.75" y2="26.0" /><line x1="75.0" x2="75.0" y1="0" y2="3.25" /><line x1="75.0" x2="75.0" y1="22.75" y2="26.0" /><line x1="56.25" x2="56.25" y1="0" y2="3.25" /><line x1="56.25" x2="56.25" y1="22.75" y2="26.0" /><line x1="37.5" x2="37.5" y1="0" y2="3.25" /><line x1="37.5" x2="37.5" y1="22.75" y2="26.0" /><line x1="18.75" x2="18.75" y1="0" y2="26.0" /></g><g text-anchor="middle"><g><g transform="translate(0,13.0)" /><g transform="translate(9.375,10.4)"><text x="581.25"><tspan>0</tspan></text><text x="450.0"><tspan>7</tspan></text><text x="431.25"><tspan>8</tspan></text><text x="318.75"><tspan>14</tspan></text><text x="300.0"><tspan>15</tspan></text><text x="281.25"><tspan>16</tspan></text><text x="187.5"><tspan>21</tspan></text><text x="168.75"><tspan>22</tspan></text><text x="150.0"><tspan>23</tspan></text><text x="131.25"><tspan>24</tspan></text><text x="18.75"><tspan>30</tspan></text><text x="0.0"><tspan>31</tspan></text></g><g transform="translate(9.375,30.0)"><text x="515.625"><tspan>0</tspan></text><text x="375.0"><tspan>AEAD-TYPE</tspan></text><text x="300.0"><tspan>W</tspan></text><text x="234.375"><tspan>LEN</tspan></text><text x="168.75"><tspan>B</tspan></text><text x="150.0"><tspan>0</tspan></text><text x="75.0"><tspan>0x05</tspan></text><text><tspan>0</tspan></text></g><g transform="translate(9.375,52)" /></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/algorithm_fields.svg b/docs/1.1.0/html/_images/algorithm_fields.svg
new file mode 100644
index 0000000..6d305c7
--- /dev/null
+++ b/docs/1.1.0/html/_images/algorithm_fields.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg baseProfile="full" height="57" id="svgcontent" version="1.1" viewBox="0 0 609 57" width="609" xmlns="http://www.w3.org/2000/svg" xmlns:ev="http://www.w3.org/2001/xml-events" xmlns:xlink="http://www.w3.org/1999/xlink"><defs /><g font-family="lato" font-size="11" font-weight="normal" text-anchor="middle" transform="translate(4.5,0.5)"><g stroke="black" stroke-linecap="round" stroke-width="1" transform="translate(0,13.0)"><line x1="0" x2="600" y1="0" y2="0" /><line x1="0" x2="0" y1="0" y2="26.0" /><line x1="0" x2="600" y1="26.0" y2="26.0" /><line x1="600.0" x2="600.0" y1="0" y2="26.0" /><line x1="581.25" x2="581.25" y1="0" y2="3.25" /><line x1="581.25" x2="581.25" y1="22.75" y2="26.0" /><line x1="562.5" x2="562.5" y1="0" y2="3.25" /><line x1="562.5" x2="562.5" y1="22.75" y2="26.0" /><line x1="543.75" x2="543.75" y1="0" y2="3.25" /><line x1="543.75" x2="543.75" y1="22.75" y2="26.0" /><line x1="525.0" x2="525.0" y1="0" y2="3.25" /><line x1="525.0" x2="525.0" y1="22.75" y2="26.0" /><line x1="506.25" x2="506.25" y1="0" y2="3.25" /><line x1="506.25" x2="506.25" y1="22.75" y2="26.0" /><line x1="487.5" x2="487.5" y1="0" y2="3.25" /><line x1="487.5" x2="487.5" y1="22.75" y2="26.0" /><line x1="468.75" x2="468.75" y1="0" y2="3.25" /><line x1="468.75" x2="468.75" y1="22.75" y2="26.0" /><line x1="450.0" x2="450.0" y1="0" y2="26.0" /><line x1="431.25" x2="431.25" y1="0" y2="3.25" /><line x1="431.25" x2="431.25" y1="22.75" y2="26.0" /><line x1="412.5" x2="412.5" y1="0" y2="3.25" /><line x1="412.5" x2="412.5" y1="22.75" y2="26.0" /><line x1="393.75" x2="393.75" y1="0" y2="3.25" /><line x1="393.75" x2="393.75" y1="22.75" y2="26.0" /><line x1="375.0" x2="375.0" y1="0" y2="3.25" /><line x1="375.0" x2="375.0" y1="22.75" y2="26.0" /><line x1="356.25" x2="356.25" y1="0" y2="3.25" /><line x1="356.25" x2="356.25" y1="22.75" y2="26.0" /><line x1="337.5" x2="337.5" y1="0" y2="3.25" /><line x1="337.5" x2="337.5" y1="22.75" y2="26.0" /><line x1="318.75" x2="318.75" y1="0" y2="3.25" /><line x1="318.75" x2="318.75" y1="22.75" y2="26.0" /><line x1="300.0" x2="300.0" y1="0" y2="26.0" /><line x1="281.25" x2="281.25" y1="0" y2="3.25" /><line x1="281.25" x2="281.25" y1="22.75" y2="26.0" /><line x1="262.5" x2="262.5" y1="0" y2="3.25" /><line x1="262.5" x2="262.5" y1="22.75" y2="26.0" /><line x1="243.75" x2="243.75" y1="0" y2="3.25" /><line x1="243.75" x2="243.75" y1="22.75" y2="26.0" /><line x1="225.0" x2="225.0" y1="0" y2="3.25" /><line x1="225.0" x2="225.0" y1="22.75" y2="26.0" /><line x1="206.25" x2="206.25" y1="0" y2="3.25" /><line x1="206.25" x2="206.25" y1="22.75" y2="26.0" /><line x1="187.5" x2="187.5" y1="0" y2="26.0" /><line x1="168.75" x2="168.75" y1="0" y2="26.0" /><line x1="150.0" x2="150.0" y1="0" y2="26.0" /><line x1="131.25" x2="131.25" y1="0" y2="3.25" /><line x1="131.25" x2="131.25" y1="22.75" y2="26.0" /><line x1="112.5" x2="112.5" y1="0" y2="3.25" /><line x1="112.5" x2="112.5" y1="22.75" y2="26.0" /><line x1="93.75" x2="93.75" y1="0" y2="3.25" /><line x1="93.75" x2="93.75" y1="22.75" y2="26.0" /><line x1="75.0" x2="75.0" y1="0" y2="3.25" /><line x1="75.0" x2="75.0" y1="22.75" y2="26.0" /><line x1="56.25" x2="56.25" y1="0" y2="3.25" /><line x1="56.25" x2="56.25" y1="22.75" y2="26.0" /><line x1="37.5" x2="37.5" y1="0" y2="3.25" /><line x1="37.5" x2="37.5" y1="22.75" y2="26.0" /><line x1="18.75" x2="18.75" y1="0" y2="26.0" /></g><g text-anchor="middle"><g><g transform="translate(0,13.0)" /><g transform="translate(9.375,10.4)"><text x="581.25"><tspan>0</tspan></text><text x="450.0"><tspan>7</tspan></text><text x="431.25"><tspan>8</tspan></text><text x="300.0"><tspan>15</tspan></text><text x="281.25"><tspan>16</tspan></text><text x="187.5"><tspan>21</tspan></text><text x="168.75"><tspan>22</tspan></text><text x="150.0"><tspan>23</tspan></text><text x="131.25"><tspan>24</tspan></text><text x="18.75"><tspan>30</tspan></text><text x="0.0"><tspan>31</tspan></text></g><g transform="translate(9.375,30.0)"><text x="515.625"><tspan>H</tspan></text><text x="365.625"><tspan>T1</tspan></text><text x="234.375"><tspan>LEN/T2</tspan></text><text x="168.75"><tspan>B</tspan></text><text x="150.0"><tspan>S</tspan></text><text x="75.0"><tspan>CAT</tspan></text><text><tspan>V</tspan></text></g><g transform="translate(9.375,52)" /></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/asymmetric_key_fields.svg b/docs/1.1.0/html/_images/asymmetric_key_fields.svg
new file mode 100644
index 0000000..6293729
--- /dev/null
+++ b/docs/1.1.0/html/_images/asymmetric_key_fields.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg baseProfile="full" height="57" id="svgcontent" version="1.1" viewBox="0 0 309 57" width="309" xmlns="http://www.w3.org/2000/svg" xmlns:ev="http://www.w3.org/2001/xml-events" xmlns:xlink="http://www.w3.org/1999/xlink"><defs /><g font-family="lato" font-size="11" font-weight="normal" text-anchor="middle" transform="translate(4.5,0.5)"><g stroke="black" stroke-linecap="round" stroke-width="1" transform="translate(0,13.0)"><line x1="0" x2="300" y1="0" y2="0" /><line x1="0" x2="0" y1="0" y2="26.0" /><line x1="0" x2="300" y1="26.0" y2="26.0" /><line x1="300.0" x2="300.0" y1="0" y2="26.0" /><line x1="281.25" x2="281.25" y1="0" y2="26.0" /><line x1="262.5" x2="262.5" y1="0" y2="3.25" /><line x1="262.5" x2="262.5" y1="22.75" y2="26.0" /><line x1="243.75" x2="243.75" y1="0" y2="3.25" /><line x1="243.75" x2="243.75" y1="22.75" y2="26.0" /><line x1="225.0" x2="225.0" y1="0" y2="3.25" /><line x1="225.0" x2="225.0" y1="22.75" y2="26.0" /><line x1="206.25" x2="206.25" y1="0" y2="3.25" /><line x1="206.25" x2="206.25" y1="22.75" y2="26.0" /><line x1="187.5" x2="187.5" y1="0" y2="3.25" /><line x1="187.5" x2="187.5" y1="22.75" y2="26.0" /><line x1="168.75" x2="168.75" y1="0" y2="3.25" /><line x1="168.75" x2="168.75" y1="22.75" y2="26.0" /><line x1="150.0" x2="150.0" y1="0" y2="26.0" /><line x1="131.25" x2="131.25" y1="0" y2="3.25" /><line x1="131.25" x2="131.25" y1="22.75" y2="26.0" /><line x1="112.5" x2="112.5" y1="0" y2="3.25" /><line x1="112.5" x2="112.5" y1="22.75" y2="26.0" /><line x1="93.75" x2="93.75" y1="0" y2="3.25" /><line x1="93.75" x2="93.75" y1="22.75" y2="26.0" /><line x1="75.0" x2="75.0" y1="0" y2="26.0" /><line x1="56.25" x2="56.25" y1="0" y2="3.25" /><line x1="56.25" x2="56.25" y1="22.75" y2="26.0" /><line x1="37.5" x2="37.5" y1="0" y2="26.0" /><line x1="18.75" x2="18.75" y1="0" y2="26.0" /></g><g text-anchor="middle"><g><g transform="translate(0,13.0)" /><g transform="translate(9.375,10.4)"><text x="281.25"><tspan>0</tspan></text><text x="262.5"><tspan>1</tspan></text><text x="150.0"><tspan>7</tspan></text><text x="131.25"><tspan>8</tspan></text><text x="75.0"><tspan>11</tspan></text><text x="56.25"><tspan>12</tspan></text><text x="37.5"><tspan>13</tspan></text><text x="18.75"><tspan>14</tspan></text><text x="0.0"><tspan>15</tspan></text></g><g transform="translate(9.375,30.0)"><text x="281.25"><tspan>P</tspan></text><text x="206.25"><tspan>FAMILY</tspan></text><text x="103.125"><tspan>ASYM-TYPE</tspan></text><text x="46.875"><tspan>PAIR</tspan></text><text x="18.75"><tspan>1</tspan></text><text><tspan>0</tspan></text></g><g transform="translate(9.375,52)" /></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/cipher_fields.svg b/docs/1.1.0/html/_images/cipher_fields.svg
new file mode 100644
index 0000000..30656ca
--- /dev/null
+++ b/docs/1.1.0/html/_images/cipher_fields.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg baseProfile="full" height="57" id="svgcontent" version="1.1" viewBox="0 0 609 57" width="609" xmlns="http://www.w3.org/2000/svg" xmlns:ev="http://www.w3.org/2001/xml-events" xmlns:xlink="http://www.w3.org/1999/xlink"><defs /><g font-family="lato" font-size="11" font-weight="normal" text-anchor="middle" transform="translate(4.5,0.5)"><g stroke="black" stroke-linecap="round" stroke-width="1" transform="translate(0,13.0)"><line x1="0" x2="600" y1="0" y2="0" /><line x1="0" x2="0" y1="0" y2="26.0" /><line x1="0" x2="600" y1="26.0" y2="26.0" /><line x1="600.0" x2="600.0" y1="0" y2="26.0" /><line x1="581.25" x2="581.25" y1="0" y2="3.25" /><line x1="581.25" x2="581.25" y1="22.75" y2="26.0" /><line x1="562.5" x2="562.5" y1="0" y2="3.25" /><line x1="562.5" x2="562.5" y1="22.75" y2="26.0" /><line x1="543.75" x2="543.75" y1="0" y2="3.25" /><line x1="543.75" x2="543.75" y1="22.75" y2="26.0" /><line x1="525.0" x2="525.0" y1="0" y2="3.25" /><line x1="525.0" x2="525.0" y1="22.75" y2="26.0" /><line x1="506.25" x2="506.25" y1="0" y2="3.25" /><line x1="506.25" x2="506.25" y1="22.75" y2="26.0" /><line x1="487.5" x2="487.5" y1="0" y2="3.25" /><line x1="487.5" x2="487.5" y1="22.75" y2="26.0" /><line x1="468.75" x2="468.75" y1="0" y2="3.25" /><line x1="468.75" x2="468.75" y1="22.75" y2="26.0" /><line x1="450.0" x2="450.0" y1="0" y2="26.0" /><line x1="431.25" x2="431.25" y1="0" y2="3.25" /><line x1="431.25" x2="431.25" y1="22.75" y2="26.0" /><line x1="412.5" x2="412.5" y1="0" y2="3.25" /><line x1="412.5" x2="412.5" y1="22.75" y2="26.0" /><line x1="393.75" x2="393.75" y1="0" y2="3.25" /><line x1="393.75" x2="393.75" y1="22.75" y2="26.0" /><line x1="375.0" x2="375.0" y1="0" y2="3.25" /><line x1="375.0" x2="375.0" y1="22.75" y2="26.0" /><line x1="356.25" x2="356.25" y1="0" y2="3.25" /><line x1="356.25" x2="356.25" y1="22.75" y2="26.0" /><line x1="337.5" x2="337.5" y1="0" y2="3.25" /><line x1="337.5" x2="337.5" y1="22.75" y2="26.0" /><line x1="318.75" x2="318.75" y1="0" y2="3.25" /><line x1="318.75" x2="318.75" y1="22.75" y2="26.0" /><line x1="300.0" x2="300.0" y1="0" y2="26.0" /><line x1="281.25" x2="281.25" y1="0" y2="3.25" /><line x1="281.25" x2="281.25" y1="22.75" y2="26.0" /><line x1="262.5" x2="262.5" y1="0" y2="3.25" /><line x1="262.5" x2="262.5" y1="22.75" y2="26.0" /><line x1="243.75" x2="243.75" y1="0" y2="3.25" /><line x1="243.75" x2="243.75" y1="22.75" y2="26.0" /><line x1="225.0" x2="225.0" y1="0" y2="3.25" /><line x1="225.0" x2="225.0" y1="22.75" y2="26.0" /><line x1="206.25" x2="206.25" y1="0" y2="3.25" /><line x1="206.25" x2="206.25" y1="22.75" y2="26.0" /><line x1="187.5" x2="187.5" y1="0" y2="26.0" /><line x1="168.75" x2="168.75" y1="0" y2="26.0" /><line x1="150.0" x2="150.0" y1="0" y2="26.0" /><line x1="131.25" x2="131.25" y1="0" y2="3.25" /><line x1="131.25" x2="131.25" y1="22.75" y2="26.0" /><line x1="112.5" x2="112.5" y1="0" y2="3.25" /><line x1="112.5" x2="112.5" y1="22.75" y2="26.0" /><line x1="93.75" x2="93.75" y1="0" y2="3.25" /><line x1="93.75" x2="93.75" y1="22.75" y2="26.0" /><line x1="75.0" x2="75.0" y1="0" y2="3.25" /><line x1="75.0" x2="75.0" y1="22.75" y2="26.0" /><line x1="56.25" x2="56.25" y1="0" y2="3.25" /><line x1="56.25" x2="56.25" y1="22.75" y2="26.0" /><line x1="37.5" x2="37.5" y1="0" y2="3.25" /><line x1="37.5" x2="37.5" y1="22.75" y2="26.0" /><line x1="18.75" x2="18.75" y1="0" y2="26.0" /></g><g text-anchor="middle"><g><g transform="translate(0,13.0)" /><g transform="translate(9.375,10.4)"><text x="581.25"><tspan>0</tspan></text><text x="450.0"><tspan>7</tspan></text><text x="431.25"><tspan>8</tspan></text><text x="300.0"><tspan>15</tspan></text><text x="281.25"><tspan>16</tspan></text><text x="187.5"><tspan>21</tspan></text><text x="168.75"><tspan>22</tspan></text><text x="150.0"><tspan>23</tspan></text><text x="131.25"><tspan>24</tspan></text><text x="18.75"><tspan>30</tspan></text><text x="0.0"><tspan>31</tspan></text></g><g transform="translate(9.375,30.0)"><text x="515.625"><tspan>0</tspan></text><text x="365.625"><tspan>CIPHER-TYPE</tspan></text><text x="234.375"><tspan>0</tspan></text><text x="168.75"><tspan>B</tspan></text><text x="150.0"><tspan>S</tspan></text><text x="75.0"><tspan>0x04</tspan></text><text><tspan>0</tspan></text></g><g transform="translate(9.375,52)" /></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/dfd_caller_isolation.svg b/docs/1.1.0/html/_images/dfd_caller_isolation.svg
new file mode 100644
index 0000000..784d159
--- /dev/null
+++ b/docs/1.1.0/html/_images/dfd_caller_isolation.svg
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" contentScriptType="application/ecmascript" contentStyleType="text/css" height="460px" preserveAspectRatio="none" style="width:534px;height:460px;background:#FFFFFF;" version="1.1" viewBox="0 0 534 460" width="534px" zoomAndPan="magnify"><defs/><g><rect fill="#FFFFFF" height="447" style="stroke:#8B0000;stroke-width:1.0;stroke-dasharray:7.0,7.0;" width="403" x="125" y="7"/><text fill="#000000" font-family="Lato" font-size="12" font-style="italic" lengthAdjust="spacing" textLength="94" x="279.5" y="20.8375">«System boundary»</text><rect fill="#FFFFFF" height="83" style="stroke:#8B0000;stroke-width:1.0;stroke-dasharray:7.0,7.0;" width="129" x="208" y="48"/><text fill="#000000" font-family="Lato" font-size="12" font-style="italic" lengthAdjust="spacing" textLength="113" x="216" y="61.8375">«Application boundary»</text><rect fill="#FFFFFF" height="83" style="stroke:#8B0000;stroke-width:1.0;stroke-dasharray:7.0,7.0;" width="146" x="199" y="347"/><text fill="#000000" font-family="Lato" font-size="12" font-style="italic" lengthAdjust="spacing" textLength="113" x="215.5" y="360.8375">«Application boundary»</text><rect fill="#FFFFFF" height="92" style="stroke:#8B0000;stroke-width:1.0;stroke-dasharray:7.0,7.0;" width="296" x="208" y="193"/><text fill="#000000" font-family="Lato" font-size="12" font-style="italic" lengthAdjust="spacing" textLength="138" x="287" y="206.8375">«Cryptoprocessor boundary»</text><!--MD5=[a21d1e8c45edd0a89909a726cff5f3be]
+entity nvm--><path d="M141,236 C141,226 165,226 165,226 C165,226 189,226 189,236 L189,259.3921 C189,269.3921 165,269.3921 165,269.3921 C165,269.3921 141,269.3921 141,259.3921 L141,236 " fill="#FFFFFF" style="stroke:#000000;stroke-width:1.5;"/><path d="M141,236 C141,246 165,246 165,246 C165,246 189,246 189,236 " fill="none" style="stroke:#000000;stroke-width:1.5;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="28" x="151" y="261.8375">NVM</text><!--MD5=[4541fb81c80c07473fe4b07432ef0971]
+entity app--><rect fill="#FFFFFF" height="34.3921" rx="35" ry="35" style="stroke:#000000;stroke-width:1.5;" width="81" x="231.5" y="81"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="61" x="241.5" y="102.8375">Application</text><!--MD5=[81be28259591a23f63462d93727ccfe3]
+entity app2--><rect fill="#FFFFFF" height="34.3921" rx="35" ry="35" style="stroke:#000000;stroke-width:1.5;" width="113" x="215.5" y="380"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="93" x="225.5" y="401.8375">Other application</text><!--MD5=[6cc4354bc172bfab4bc5d504e938f9dd]
+entity crypto--><rect fill="#FFFFFF" height="34.3921" rx="35" ry="35" style="stroke:#000000;stroke-width:1.5;" width="110" x="224" y="230.5"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="90" x="234" y="252.3375">Cryptoprocessor</text><!--MD5=[885534b20a890cf314c9a5b140ec18ce]
+entity keys--><path d="M418,236 C418,226 453,226 453,226 C453,226 488,226 488,236 L488,259.3921 C488,269.3921 453,269.3921 453,269.3921 C453,269.3921 418,269.3921 418,259.3921 L418,236 " fill="#FFFFFF" style="stroke:#000000;stroke-width:1.5;"/><path d="M418,236 C418,246 453,246 453,246 C453,246 488,246 488,236 " fill="none" style="stroke:#000000;stroke-width:1.5;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="50" x="428" y="261.8375">Key Store</text><!--MD5=[7c6cc8532223f11e77b82be6cbdb2ea3]
+entity ext--><rect fill="#FFFFFF" height="34.3921" style="stroke:#000000;stroke-width:1.0;" width="102" x="7" y="81"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="82" x="17" y="102.8375">External system</text><!--MD5=[38d6d73a6b49b79b00c4898ab692af99]
+entity ext2--><rect fill="#FFFFFF" height="34.3921" style="stroke:#000000;stroke-width:1.0;" width="102" x="7" y="380"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="82" x="17" y="401.8375">External system</text><!--MD5=[914486b73b535f0c4ac49a8d72533c21]
+link ext to app--><path d="M114.59,98 C149.39,98 193.4,98 226.03,98 " fill="none" id="ext-app" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="231.17,98,222.17,94,226.17,98,222.17,102,231.17,98" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="109.26,98,118.26,102,114.26,98,118.26,94,109.26,98" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="54" x="143.25" y="91.8375">ciphertext</text><!--MD5=[afa71a5be940e711015fa3b5ab6b09c3]
+link ext2 to app2--><path d="M114.57,397 C143.93,397 179.86,397 209.97,397 " fill="none" id="ext2-app2" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="215.14,397,206.14,393,210.14,397,206.14,401,215.14,397" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="109.26,397,118.26,401,114.26,397,118.26,393,109.26,397" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="54" x="135.25" y="390.8375">ciphertext</text><!--MD5=[0ee8252cc19ab4efcd3d1c5bb6f5b4c7]
+link app to nvm--><path d="M237.18,117.93 C225.4,125.69 212.97,135.55 204,147 C186.83,168.9 176.39,199.29 170.69,220.71 " fill="none" id="app-nvm" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="169.41,225.67,175.5217,217.9468,170.6529,220.8269,167.7728,215.9582,169.41,225.67" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="241.48,115.17,231.7464,116.6721,237.2741,117.8738,236.0724,123.4015,241.48,115.17" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="54" x="205" y="166.8375">ciphertext</text><!--MD5=[3f37c4ac8cf0e4d93fd6e4b712a17667]
+link nvm to app2--><path d="M173.98,274.43 C180.55,291.41 190.48,313.6 203,331 C215.38,348.22 232.79,364.58 247.02,376.57 " fill="none" id="nvm-app2" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="250.94,379.84,246.5835,371.007,247.0977,376.6405,241.4643,377.1547,250.94,379.84" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="172.05,269.34,171.491,279.173,173.8181,274.0169,178.9742,276.344,172.05,269.34" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="54" x="204" y="320.8375">ciphertext</text><!--MD5=[bee5b442cf37d2b76518bafe4d519181]
+link nvm to crypto--><!--MD5=[c58860ea05fdddc49e7d0be27b22dd37]
+link ext to ext2--><!--MD5=[4bd16bda29b8a051ff3f15cdb247d6db]
+link app to crypto--><path d="M270.72,115.43 C270.06,124.69 269.33,136.48 269,147 C268.58,160.33 268.05,163.7 269,177 C270.16,193.21 272.82,211.38 275.11,225.08 " fill="none" id="app-to-crypto" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="276,230.28,278.4257,220.7345,275.1572,225.3515,270.5401,222.0831,276,230.28" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="60" x="270" y="159.8375">PSA Crypto</text><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="39" x="280.5" y="174.2296">API call</text><!--MD5=[9f3f5bfaeffb73b5d37908f968ab49ea]
+reverse link app to crypto--><path d="M308.13,117.9 C318.77,125.42 329.13,135.14 335,147 C349.87,177.02 320.7,210.77 299.16,230.24 " fill="none" id="app-backto-crypto" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="303.88,115.02,309.0834,123.3821,308.0181,117.8265,313.5737,116.7611,303.88,115.02" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="48" x="340" y="166.8375">response</text><!--MD5=[d97952a852c713a1d6ef7ab17551ef04]
+link crypto to keys--><path d="M334.05,247.5 C359.6,247.5 389.42,247.5 412.81,247.5 " fill="none" id="crypto-to-keys" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="418,247.5,409,243.5,413,247.5,409,251.5,418,247.5" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="47" x="352.5" y="241.3375">store key</text><!--MD5=[ead8b9a19e59888a5f7d56172008e43b]
+reverse link crypto to keys--><path d="M339.35,264.79 C358.3,268.15 379.28,269.75 398.5,266.5 C404.92,265.41 411.6,263.65 417.98,261.63 " fill="none" id="crypto-backto-keys" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="334.07,263.8,342.1708,269.4015,338.9831,264.7283,343.6562,261.5406,334.07,263.8" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="43" x="354.5" y="263.3375">load key</text><!--MD5=[0f30f6033545611889b35b18e9f277bc]
+reverse link crypto to app2--><path d="M273.96,269.98 C271.99,279.44 269.97,290.71 269,301 C266.39,328.6 268.5,360.89 270.26,379.82 " fill="none" id="crypto-backto-app2" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="275.04,264.94,269.2541,272.9102,273.9992,269.8305,277.0789,274.5755,275.04,264.94" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="60" x="270" y="313.8375">PSA Crypto</text><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="39" x="280.5" y="328.2296">API call</text><!--MD5=[fb657b9af53dd689848d1316dbc300f0]
+link crypto to app2--><path d="M303.95,264.56 C315.73,273.67 328.59,286.2 335,301 C340.3,313.23 340.01,318.64 335,331 C327.67,349.08 312.64,364.92 299.09,376.43 " fill="none" id="crypto-to-app2" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="294.94,379.86,304.4264,377.2128,298.7951,376.676,299.332,371.0446,294.94,379.86" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="48" x="339" y="320.8375">response</text></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/dfd_crypto_isolation.svg b/docs/1.1.0/html/_images/dfd_crypto_isolation.svg
new file mode 100644
index 0000000..4b8a7e7
--- /dev/null
+++ b/docs/1.1.0/html/_images/dfd_crypto_isolation.svg
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" contentScriptType="application/ecmascript" contentStyleType="text/css" height="267px" preserveAspectRatio="none" style="width:728px;height:267px;background:#FFFFFF;" version="1.1" viewBox="0 0 728 267" width="728px" zoomAndPan="magnify"><defs/><g><rect fill="#FFFFFF" height="254" style="stroke:#8B0000;stroke-width:1.0;stroke-dasharray:7.0,7.0;" width="539" x="183" y="7"/><text fill="#000000" font-family="Lato" font-size="12" font-style="italic" lengthAdjust="spacing" textLength="94" x="405.5" y="20.8375">«System boundary»</text><rect fill="#FFFFFF" height="92" style="stroke:#8B0000;stroke-width:1.0;stroke-dasharray:7.0,7.0;" width="296" x="402" y="48"/><text fill="#000000" font-family="Lato" font-size="12" font-style="italic" lengthAdjust="spacing" textLength="138" x="481" y="61.8375">«Cryptoprocessor boundary»</text><!--MD5=[4541fb81c80c07473fe4b07432ef0971]
+entity app--><rect fill="#FFFFFF" height="34.3921" rx="35" ry="35" style="stroke:#000000;stroke-width:1.5;" width="81" x="199.5" y="85.5"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="61" x="209.5" y="107.3375">Application</text><!--MD5=[a21d1e8c45edd0a89909a726cff5f3be]
+entity nvm--><path d="M216,212 C216,202 240,202 240,202 C240,202 264,202 264,212 L264,235.3921 C264,245.3921 240,245.3921 240,245.3921 C240,245.3921 216,245.3921 216,235.3921 L216,212 " fill="#FFFFFF" style="stroke:#000000;stroke-width:1.5;"/><path d="M216,212 C216,222 240,222 240,222 C240,222 264,222 264,212 " fill="none" style="stroke:#000000;stroke-width:1.5;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="28" x="226" y="237.8375">NVM</text><!--MD5=[6cc4354bc172bfab4bc5d504e938f9dd]
+entity crypto--><rect fill="#FFFFFF" height="34.3921" rx="35" ry="35" style="stroke:#000000;stroke-width:1.5;" width="110" x="418" y="85.5"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="90" x="428" y="107.3375">Cryptoprocessor</text><!--MD5=[885534b20a890cf314c9a5b140ec18ce]
+entity keys--><path d="M612,91 C612,81 647,81 647,81 C647,81 682,81 682,91 L682,114.3921 C682,124.3921 647,124.3921 647,124.3921 C647,124.3921 612,124.3921 612,114.3921 L612,91 " fill="#FFFFFF" style="stroke:#000000;stroke-width:1.5;"/><path d="M612,91 C612,101 647,101 647,101 C647,101 682,101 682,91 " fill="none" style="stroke:#000000;stroke-width:1.5;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="50" x="622" y="116.8375">Key Store</text><!--MD5=[7c6cc8532223f11e77b82be6cbdb2ea3]
+entity ext--><rect fill="#FFFFFF" height="34.3921" style="stroke:#000000;stroke-width:1.0;" width="102" x="7" y="85.5"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="82" x="17" y="107.3375">External system</text><!--MD5=[914486b73b535f0c4ac49a8d72533c21]
+link ext to app--><path d="M114.25,102.5 C139.92,102.5 169.92,102.5 194.19,102.5 " fill="none" id="ext-app" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="199.27,102.5,190.27,98.5,194.27,102.5,190.27,106.5,199.27,102.5" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="109.18,102.5,118.18,106.5,114.18,102.5,118.18,98.5,109.18,102.5" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="54" x="127.25" y="96.3375">ciphertext</text><!--MD5=[4bd16bda29b8a051ff3f15cdb247d6db]
+link app to crypto--><path d="M280.59,102.5 C317.04,102.5 371.07,102.5 412.61,102.5 " fill="none" id="app-to-crypto" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="417.61,102.5,408.61,98.5,412.61,102.5,408.61,106.5,417.61,102.5" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="101" x="298.75" y="96.3375">PSA Crypto API call</text><!--MD5=[9f3f5bfaeffb73b5d37908f968ab49ea]
+reverse link app to crypto--><path d="M285.71,114.74 C298.12,117.54 311.62,120.09 324.25,121.5 C355.3,124.96 389.92,121 417.95,115.82 " fill="none" id="app-backto-crypto" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="280.83,113.62,288.7115,119.5261,285.7041,114.7349,290.4953,111.7275,280.83,113.62" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="48" x="325.25" y="118.3375">response</text><!--MD5=[d97952a852c713a1d6ef7ab17551ef04]
+link crypto to keys--><path d="M528.05,102.5 C553.6,102.5 583.42,102.5 606.81,102.5 " fill="none" id="crypto-to-keys" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="612,102.5,603,98.5,607,102.5,603,106.5,612,102.5" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="47" x="546.5" y="96.3375">store key</text><!--MD5=[ead8b9a19e59888a5f7d56172008e43b]
+reverse link crypto to keys--><path d="M533.35,119.79 C552.3,123.15 573.28,124.75 592.5,121.5 C598.92,120.41 605.6,118.65 611.98,116.63 " fill="none" id="crypto-backto-keys" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="528.07,118.8,536.1708,124.4015,532.9831,119.7283,537.6562,116.5406,528.07,118.8" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="43" x="548.5" y="118.3375">load key</text><!--MD5=[0ee8252cc19ab4efcd3d1c5bb6f5b4c7]
+link app to nvm--><path d="M240,124.55 C240,144.76 240,175.31 240,196.91 " fill="none" id="app-nvm" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="240,201.92,244,192.92,240,196.92,236,192.92,240,201.92" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="240,119.55,236,128.55,240,124.55,244,128.55,240,119.55" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="54" x="241" y="168.8375">ciphertext</text></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/dfd_no_isolation.svg b/docs/1.1.0/html/_images/dfd_no_isolation.svg
new file mode 100644
index 0000000..e5b2112
--- /dev/null
+++ b/docs/1.1.0/html/_images/dfd_no_isolation.svg
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" contentScriptType="application/ecmascript" contentStyleType="text/css" height="224px" preserveAspectRatio="none" style="width:704px;height:224px;background:#FFFFFF;" version="1.1" viewBox="0 0 704 224" width="704px" zoomAndPan="magnify"><defs/><g><rect fill="#FFFFFF" height="211" style="stroke:#8B0000;stroke-width:1.0;stroke-dasharray:7.0,7.0;" width="515" x="183" y="7"/><text fill="#000000" font-family="Lato" font-size="12" font-style="italic" lengthAdjust="spacing" textLength="94" x="393.5" y="20.8375">«System boundary»</text><!--MD5=[4541fb81c80c07473fe4b07432ef0971]
+entity app--><rect fill="#FFFFFF" height="34.3921" rx="35" ry="35" style="stroke:#000000;stroke-width:1.5;" width="81" x="199.5" y="44.5"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="61" x="209.5" y="66.3375">Application</text><!--MD5=[6cc4354bc172bfab4bc5d504e938f9dd]
+entity crypto--><rect fill="#FFFFFF" height="34.3921" rx="35" ry="35" style="stroke:#000000;stroke-width:1.5;" width="110" x="418" y="44.5"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="90" x="428" y="66.3375">Cryptoprocessor</text><!--MD5=[885534b20a890cf314c9a5b140ec18ce]
+entity keys--><path d="M612,50 C612,40 647,40 647,40 C647,40 682,40 682,50 L682,73.3921 C682,83.3921 647,83.3921 647,83.3921 C647,83.3921 612,83.3921 612,73.3921 L612,50 " fill="#FFFFFF" style="stroke:#000000;stroke-width:1.5;"/><path d="M612,50 C612,60 647,60 647,60 C647,60 682,60 682,50 " fill="none" style="stroke:#000000;stroke-width:1.5;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="50" x="622" y="75.8375">Key Store</text><!--MD5=[a21d1e8c45edd0a89909a726cff5f3be]
+entity nvm--><path d="M216,169 C216,159 240,159 240,159 C240,159 264,159 264,169 L264,192.3921 C264,202.3921 240,202.3921 240,202.3921 C240,202.3921 216,202.3921 216,192.3921 L216,169 " fill="#FFFFFF" style="stroke:#000000;stroke-width:1.5;"/><path d="M216,169 C216,179 240,179 240,179 C240,179 264,179 264,169 " fill="none" style="stroke:#000000;stroke-width:1.5;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="28" x="226" y="194.8375">NVM</text><!--MD5=[7c6cc8532223f11e77b82be6cbdb2ea3]
+entity ext--><rect fill="#FFFFFF" height="34.3921" style="stroke:#000000;stroke-width:1.0;" width="102" x="7" y="44.5"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="82" x="17" y="66.3375">External system</text><!--MD5=[914486b73b535f0c4ac49a8d72533c21]
+link ext to app--><path d="M114.25,61.5 C139.92,61.5 169.92,61.5 194.19,61.5 " fill="none" id="ext-app" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="199.27,61.5,190.27,57.5,194.27,61.5,190.27,65.5,199.27,61.5" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="109.18,61.5,118.18,65.5,114.18,61.5,118.18,57.5,109.18,61.5" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="54" x="127.25" y="55.3375">ciphertext</text><!--MD5=[4bd16bda29b8a051ff3f15cdb247d6db]
+link app to crypto--><path d="M280.59,61.5 C317.04,61.5 371.07,61.5 412.61,61.5 " fill="none" id="app-to-crypto" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="417.61,61.5,408.61,57.5,412.61,61.5,408.61,65.5,417.61,61.5" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="101" x="298.75" y="55.3375">PSA Crypto API call</text><!--MD5=[9f3f5bfaeffb73b5d37908f968ab49ea]
+reverse link app to crypto--><path d="M285.71,73.74 C298.12,76.54 311.62,79.09 324.25,80.5 C355.3,83.96 389.92,80 417.95,74.82 " fill="none" id="app-backto-crypto" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="280.83,72.62,288.7115,78.5261,285.7041,73.7349,290.4953,70.7275,280.83,72.62" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="48" x="325.25" y="77.3375">response</text><!--MD5=[d97952a852c713a1d6ef7ab17551ef04]
+link crypto to keys--><path d="M528.05,61.5 C553.6,61.5 583.42,61.5 606.81,61.5 " fill="none" id="crypto-to-keys" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="612,61.5,603,57.5,607,61.5,603,65.5,612,61.5" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="47" x="546.5" y="55.3375">store key</text><!--MD5=[ead8b9a19e59888a5f7d56172008e43b]
+reverse link crypto to keys--><path d="M533.35,78.79 C552.3,82.15 573.28,83.75 592.5,80.5 C598.92,79.41 605.6,77.65 611.98,75.63 " fill="none" id="crypto-backto-keys" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="528.07,77.8,536.1708,83.4015,532.9831,78.7283,537.6562,75.5406,528.07,77.8" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="43" x="548.5" y="77.3375">load key</text><!--MD5=[0ee8252cc19ab4efcd3d1c5bb6f5b4c7]
+link app to nvm--><path d="M240,83.92 C240,103.52 240,132.57 240,153.5 " fill="none" id="app-nvm" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="240,158.63,244,149.63,240,153.63,236,149.63,240,158.63" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="240,78.77,236,87.77,240,83.77,244,87.77,240,78.77" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="54" x="241" y="125.8375">ciphertext</text></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/dh_key_fields.svg b/docs/1.1.0/html/_images/dh_key_fields.svg
new file mode 100644
index 0000000..7f2c98f
--- /dev/null
+++ b/docs/1.1.0/html/_images/dh_key_fields.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg baseProfile="full" height="57" id="svgcontent" version="1.1" viewBox="0 0 309 57" width="309" xmlns="http://www.w3.org/2000/svg" xmlns:ev="http://www.w3.org/2001/xml-events" xmlns:xlink="http://www.w3.org/1999/xlink"><defs /><g font-family="lato" font-size="11" font-weight="normal" text-anchor="middle" transform="translate(4.5,0.5)"><g stroke="black" stroke-linecap="round" stroke-width="1" transform="translate(0,13.0)"><line x1="0" x2="300" y1="0" y2="0" /><line x1="0" x2="0" y1="0" y2="26.0" /><line x1="0" x2="300" y1="26.0" y2="26.0" /><line x1="300.0" x2="300.0" y1="0" y2="26.0" /><line x1="281.25" x2="281.25" y1="0" y2="26.0" /><line x1="262.5" x2="262.5" y1="0" y2="3.25" /><line x1="262.5" x2="262.5" y1="22.75" y2="26.0" /><line x1="243.75" x2="243.75" y1="0" y2="3.25" /><line x1="243.75" x2="243.75" y1="22.75" y2="26.0" /><line x1="225.0" x2="225.0" y1="0" y2="3.25" /><line x1="225.0" x2="225.0" y1="22.75" y2="26.0" /><line x1="206.25" x2="206.25" y1="0" y2="3.25" /><line x1="206.25" x2="206.25" y1="22.75" y2="26.0" /><line x1="187.5" x2="187.5" y1="0" y2="3.25" /><line x1="187.5" x2="187.5" y1="22.75" y2="26.0" /><line x1="168.75" x2="168.75" y1="0" y2="3.25" /><line x1="168.75" x2="168.75" y1="22.75" y2="26.0" /><line x1="150.0" x2="150.0" y1="0" y2="26.0" /><line x1="131.25" x2="131.25" y1="0" y2="3.25" /><line x1="131.25" x2="131.25" y1="22.75" y2="26.0" /><line x1="112.5" x2="112.5" y1="0" y2="3.25" /><line x1="112.5" x2="112.5" y1="22.75" y2="26.0" /><line x1="93.75" x2="93.75" y1="0" y2="3.25" /><line x1="93.75" x2="93.75" y1="22.75" y2="26.0" /><line x1="75.0" x2="75.0" y1="0" y2="26.0" /><line x1="56.25" x2="56.25" y1="0" y2="3.25" /><line x1="56.25" x2="56.25" y1="22.75" y2="26.0" /><line x1="37.5" x2="37.5" y1="0" y2="26.0" /><line x1="18.75" x2="18.75" y1="0" y2="26.0" /></g><g text-anchor="middle"><g><g transform="translate(0,13.0)" /><g transform="translate(9.375,10.4)"><text x="281.25"><tspan>0</tspan></text><text x="262.5"><tspan>1</tspan></text><text x="150.0"><tspan>7</tspan></text><text x="131.25"><tspan>8</tspan></text><text x="75.0"><tspan>11</tspan></text><text x="56.25"><tspan>12</tspan></text><text x="37.5"><tspan>13</tspan></text><text x="18.75"><tspan>14</tspan></text><text x="0.0"><tspan>15</tspan></text></g><g transform="translate(9.375,30.0)"><text x="281.25"><tspan>P</tspan></text><text x="206.25"><tspan>DH-FAMILY</tspan></text><text x="103.125"><tspan>2</tspan></text><text x="46.875"><tspan>PAIR</tspan></text><text x="18.75"><tspan>1</tspan></text><text><tspan>0</tspan></text></g><g transform="translate(9.375,52)" /></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/ecc_key_fields.svg b/docs/1.1.0/html/_images/ecc_key_fields.svg
new file mode 100644
index 0000000..74df3d6
--- /dev/null
+++ b/docs/1.1.0/html/_images/ecc_key_fields.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg baseProfile="full" height="57" id="svgcontent" version="1.1" viewBox="0 0 309 57" width="309" xmlns="http://www.w3.org/2000/svg" xmlns:ev="http://www.w3.org/2001/xml-events" xmlns:xlink="http://www.w3.org/1999/xlink"><defs /><g font-family="lato" font-size="11" font-weight="normal" text-anchor="middle" transform="translate(4.5,0.5)"><g stroke="black" stroke-linecap="round" stroke-width="1" transform="translate(0,13.0)"><line x1="0" x2="300" y1="0" y2="0" /><line x1="0" x2="0" y1="0" y2="26.0" /><line x1="0" x2="300" y1="26.0" y2="26.0" /><line x1="300.0" x2="300.0" y1="0" y2="26.0" /><line x1="281.25" x2="281.25" y1="0" y2="26.0" /><line x1="262.5" x2="262.5" y1="0" y2="3.25" /><line x1="262.5" x2="262.5" y1="22.75" y2="26.0" /><line x1="243.75" x2="243.75" y1="0" y2="3.25" /><line x1="243.75" x2="243.75" y1="22.75" y2="26.0" /><line x1="225.0" x2="225.0" y1="0" y2="3.25" /><line x1="225.0" x2="225.0" y1="22.75" y2="26.0" /><line x1="206.25" x2="206.25" y1="0" y2="3.25" /><line x1="206.25" x2="206.25" y1="22.75" y2="26.0" /><line x1="187.5" x2="187.5" y1="0" y2="3.25" /><line x1="187.5" x2="187.5" y1="22.75" y2="26.0" /><line x1="168.75" x2="168.75" y1="0" y2="3.25" /><line x1="168.75" x2="168.75" y1="22.75" y2="26.0" /><line x1="150.0" x2="150.0" y1="0" y2="26.0" /><line x1="131.25" x2="131.25" y1="0" y2="3.25" /><line x1="131.25" x2="131.25" y1="22.75" y2="26.0" /><line x1="112.5" x2="112.5" y1="0" y2="3.25" /><line x1="112.5" x2="112.5" y1="22.75" y2="26.0" /><line x1="93.75" x2="93.75" y1="0" y2="3.25" /><line x1="93.75" x2="93.75" y1="22.75" y2="26.0" /><line x1="75.0" x2="75.0" y1="0" y2="26.0" /><line x1="56.25" x2="56.25" y1="0" y2="3.25" /><line x1="56.25" x2="56.25" y1="22.75" y2="26.0" /><line x1="37.5" x2="37.5" y1="0" y2="26.0" /><line x1="18.75" x2="18.75" y1="0" y2="26.0" /></g><g text-anchor="middle"><g><g transform="translate(0,13.0)" /><g transform="translate(9.375,10.4)"><text x="281.25"><tspan>0</tspan></text><text x="262.5"><tspan>1</tspan></text><text x="150.0"><tspan>7</tspan></text><text x="131.25"><tspan>8</tspan></text><text x="75.0"><tspan>11</tspan></text><text x="56.25"><tspan>12</tspan></text><text x="37.5"><tspan>13</tspan></text><text x="18.75"><tspan>14</tspan></text><text x="0.0"><tspan>15</tspan></text></g><g transform="translate(9.375,30.0)"><text x="281.25"><tspan>P</tspan></text><text x="206.25"><tspan>ECC-FAMILY</tspan></text><text x="103.125"><tspan>1</tspan></text><text x="46.875"><tspan>PAIR</tspan></text><text x="18.75"><tspan>1</tspan></text><text><tspan>0</tspan></text></g><g transform="translate(9.375,52)" /></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/hash_fields.svg b/docs/1.1.0/html/_images/hash_fields.svg
new file mode 100644
index 0000000..5eda8c5
--- /dev/null
+++ b/docs/1.1.0/html/_images/hash_fields.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg baseProfile="full" height="57" id="svgcontent" version="1.1" viewBox="0 0 609 57" width="609" xmlns="http://www.w3.org/2000/svg" xmlns:ev="http://www.w3.org/2001/xml-events" xmlns:xlink="http://www.w3.org/1999/xlink"><defs /><g font-family="lato" font-size="11" font-weight="normal" text-anchor="middle" transform="translate(4.5,0.5)"><g stroke="black" stroke-linecap="round" stroke-width="1" transform="translate(0,13.0)"><line x1="0" x2="600" y1="0" y2="0" /><line x1="0" x2="0" y1="0" y2="26.0" /><line x1="0" x2="600" y1="26.0" y2="26.0" /><line x1="600.0" x2="600.0" y1="0" y2="26.0" /><line x1="581.25" x2="581.25" y1="0" y2="3.25" /><line x1="581.25" x2="581.25" y1="22.75" y2="26.0" /><line x1="562.5" x2="562.5" y1="0" y2="3.25" /><line x1="562.5" x2="562.5" y1="22.75" y2="26.0" /><line x1="543.75" x2="543.75" y1="0" y2="3.25" /><line x1="543.75" x2="543.75" y1="22.75" y2="26.0" /><line x1="525.0" x2="525.0" y1="0" y2="3.25" /><line x1="525.0" x2="525.0" y1="22.75" y2="26.0" /><line x1="506.25" x2="506.25" y1="0" y2="3.25" /><line x1="506.25" x2="506.25" y1="22.75" y2="26.0" /><line x1="487.5" x2="487.5" y1="0" y2="3.25" /><line x1="487.5" x2="487.5" y1="22.75" y2="26.0" /><line x1="468.75" x2="468.75" y1="0" y2="3.25" /><line x1="468.75" x2="468.75" y1="22.75" y2="26.0" /><line x1="450.0" x2="450.0" y1="0" y2="26.0" /><line x1="431.25" x2="431.25" y1="0" y2="3.25" /><line x1="431.25" x2="431.25" y1="22.75" y2="26.0" /><line x1="412.5" x2="412.5" y1="0" y2="3.25" /><line x1="412.5" x2="412.5" y1="22.75" y2="26.0" /><line x1="393.75" x2="393.75" y1="0" y2="3.25" /><line x1="393.75" x2="393.75" y1="22.75" y2="26.0" /><line x1="375.0" x2="375.0" y1="0" y2="3.25" /><line x1="375.0" x2="375.0" y1="22.75" y2="26.0" /><line x1="356.25" x2="356.25" y1="0" y2="3.25" /><line x1="356.25" x2="356.25" y1="22.75" y2="26.0" /><line x1="337.5" x2="337.5" y1="0" y2="3.25" /><line x1="337.5" x2="337.5" y1="22.75" y2="26.0" /><line x1="318.75" x2="318.75" y1="0" y2="3.25" /><line x1="318.75" x2="318.75" y1="22.75" y2="26.0" /><line x1="300.0" x2="300.0" y1="0" y2="26.0" /><line x1="281.25" x2="281.25" y1="0" y2="3.25" /><line x1="281.25" x2="281.25" y1="22.75" y2="26.0" /><line x1="262.5" x2="262.5" y1="0" y2="3.25" /><line x1="262.5" x2="262.5" y1="22.75" y2="26.0" /><line x1="243.75" x2="243.75" y1="0" y2="3.25" /><line x1="243.75" x2="243.75" y1="22.75" y2="26.0" /><line x1="225.0" x2="225.0" y1="0" y2="3.25" /><line x1="225.0" x2="225.0" y1="22.75" y2="26.0" /><line x1="206.25" x2="206.25" y1="0" y2="3.25" /><line x1="206.25" x2="206.25" y1="22.75" y2="26.0" /><line x1="187.5" x2="187.5" y1="0" y2="26.0" /><line x1="168.75" x2="168.75" y1="0" y2="26.0" /><line x1="150.0" x2="150.0" y1="0" y2="26.0" /><line x1="131.25" x2="131.25" y1="0" y2="3.25" /><line x1="131.25" x2="131.25" y1="22.75" y2="26.0" /><line x1="112.5" x2="112.5" y1="0" y2="3.25" /><line x1="112.5" x2="112.5" y1="22.75" y2="26.0" /><line x1="93.75" x2="93.75" y1="0" y2="3.25" /><line x1="93.75" x2="93.75" y1="22.75" y2="26.0" /><line x1="75.0" x2="75.0" y1="0" y2="3.25" /><line x1="75.0" x2="75.0" y1="22.75" y2="26.0" /><line x1="56.25" x2="56.25" y1="0" y2="3.25" /><line x1="56.25" x2="56.25" y1="22.75" y2="26.0" /><line x1="37.5" x2="37.5" y1="0" y2="3.25" /><line x1="37.5" x2="37.5" y1="22.75" y2="26.0" /><line x1="18.75" x2="18.75" y1="0" y2="26.0" /></g><g text-anchor="middle"><g><g transform="translate(0,13.0)" /><g transform="translate(9.375,10.4)"><text x="581.25"><tspan>0</tspan></text><text x="450.0"><tspan>7</tspan></text><text x="431.25"><tspan>8</tspan></text><text x="300.0"><tspan>15</tspan></text><text x="281.25"><tspan>16</tspan></text><text x="187.5"><tspan>21</tspan></text><text x="168.75"><tspan>22</tspan></text><text x="150.0"><tspan>23</tspan></text><text x="131.25"><tspan>24</tspan></text><text x="18.75"><tspan>30</tspan></text><text x="0.0"><tspan>31</tspan></text></g><g transform="translate(9.375,30.0)"><text x="515.625"><tspan>HASH-TYPE</tspan></text><text x="365.625"><tspan>0</tspan></text><text x="234.375"><tspan>0</tspan></text><text x="168.75"><tspan>0</tspan></text><text x="150.0"><tspan>0</tspan></text><text x="75.0"><tspan>0x02</tspan></text><text><tspan>0</tspan></text></g><g transform="translate(9.375,52)" /></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/ka_combined_fields.svg b/docs/1.1.0/html/_images/ka_combined_fields.svg
new file mode 100644
index 0000000..3c55aab
--- /dev/null
+++ b/docs/1.1.0/html/_images/ka_combined_fields.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg baseProfile="full" height="57" id="svgcontent" version="1.1" viewBox="0 0 609 57" width="609" xmlns="http://www.w3.org/2000/svg" xmlns:ev="http://www.w3.org/2001/xml-events" xmlns:xlink="http://www.w3.org/1999/xlink"><defs /><g font-family="lato" font-size="11" font-weight="normal" text-anchor="middle" transform="translate(4.5,0.5)"><g stroke="black" stroke-linecap="round" stroke-width="1" transform="translate(0,13.0)"><line x1="0" x2="600" y1="0" y2="0" /><line x1="0" x2="0" y1="0" y2="26.0" /><line x1="0" x2="600" y1="26.0" y2="26.0" /><line x1="600.0" x2="600.0" y1="0" y2="26.0" /><line x1="581.25" x2="581.25" y1="0" y2="3.25" /><line x1="581.25" x2="581.25" y1="22.75" y2="26.0" /><line x1="562.5" x2="562.5" y1="0" y2="3.25" /><line x1="562.5" x2="562.5" y1="22.75" y2="26.0" /><line x1="543.75" x2="543.75" y1="0" y2="3.25" /><line x1="543.75" x2="543.75" y1="22.75" y2="26.0" /><line x1="525.0" x2="525.0" y1="0" y2="3.25" /><line x1="525.0" x2="525.0" y1="22.75" y2="26.0" /><line x1="506.25" x2="506.25" y1="0" y2="3.25" /><line x1="506.25" x2="506.25" y1="22.75" y2="26.0" /><line x1="487.5" x2="487.5" y1="0" y2="3.25" /><line x1="487.5" x2="487.5" y1="22.75" y2="26.0" /><line x1="468.75" x2="468.75" y1="0" y2="3.25" /><line x1="468.75" x2="468.75" y1="22.75" y2="26.0" /><line x1="450.0" x2="450.0" y1="0" y2="26.0" /><line x1="431.25" x2="431.25" y1="0" y2="3.25" /><line x1="431.25" x2="431.25" y1="22.75" y2="26.0" /><line x1="412.5" x2="412.5" y1="0" y2="3.25" /><line x1="412.5" x2="412.5" y1="22.75" y2="26.0" /><line x1="393.75" x2="393.75" y1="0" y2="3.25" /><line x1="393.75" x2="393.75" y1="22.75" y2="26.0" /><line x1="375.0" x2="375.0" y1="0" y2="3.25" /><line x1="375.0" x2="375.0" y1="22.75" y2="26.0" /><line x1="356.25" x2="356.25" y1="0" y2="3.25" /><line x1="356.25" x2="356.25" y1="22.75" y2="26.0" /><line x1="337.5" x2="337.5" y1="0" y2="3.25" /><line x1="337.5" x2="337.5" y1="22.75" y2="26.0" /><line x1="318.75" x2="318.75" y1="0" y2="3.25" /><line x1="318.75" x2="318.75" y1="22.75" y2="26.0" /><line x1="300.0" x2="300.0" y1="0" y2="26.0" /><line x1="281.25" x2="281.25" y1="0" y2="3.25" /><line x1="281.25" x2="281.25" y1="22.75" y2="26.0" /><line x1="262.5" x2="262.5" y1="0" y2="3.25" /><line x1="262.5" x2="262.5" y1="22.75" y2="26.0" /><line x1="243.75" x2="243.75" y1="0" y2="3.25" /><line x1="243.75" x2="243.75" y1="22.75" y2="26.0" /><line x1="225.0" x2="225.0" y1="0" y2="3.25" /><line x1="225.0" x2="225.0" y1="22.75" y2="26.0" /><line x1="206.25" x2="206.25" y1="0" y2="3.25" /><line x1="206.25" x2="206.25" y1="22.75" y2="26.0" /><line x1="187.5" x2="187.5" y1="0" y2="26.0" /><line x1="168.75" x2="168.75" y1="0" y2="26.0" /><line x1="150.0" x2="150.0" y1="0" y2="26.0" /><line x1="131.25" x2="131.25" y1="0" y2="3.25" /><line x1="131.25" x2="131.25" y1="22.75" y2="26.0" /><line x1="112.5" x2="112.5" y1="0" y2="3.25" /><line x1="112.5" x2="112.5" y1="22.75" y2="26.0" /><line x1="93.75" x2="93.75" y1="0" y2="3.25" /><line x1="93.75" x2="93.75" y1="22.75" y2="26.0" /><line x1="75.0" x2="75.0" y1="0" y2="3.25" /><line x1="75.0" x2="75.0" y1="22.75" y2="26.0" /><line x1="56.25" x2="56.25" y1="0" y2="3.25" /><line x1="56.25" x2="56.25" y1="22.75" y2="26.0" /><line x1="37.5" x2="37.5" y1="0" y2="3.25" /><line x1="37.5" x2="37.5" y1="22.75" y2="26.0" /><line x1="18.75" x2="18.75" y1="0" y2="26.0" /></g><g text-anchor="middle"><g><g transform="translate(0,13.0)" /><g transform="translate(9.375,10.4)"><text x="581.25"><tspan>0</tspan></text><text x="450.0"><tspan>7</tspan></text><text x="431.25"><tspan>8</tspan></text><text x="300.0"><tspan>15</tspan></text><text x="281.25"><tspan>16</tspan></text><text x="187.5"><tspan>21</tspan></text><text x="168.75"><tspan>22</tspan></text><text x="150.0"><tspan>23</tspan></text><text x="131.25"><tspan>24</tspan></text><text x="18.75"><tspan>30</tspan></text><text x="0.0"><tspan>31</tspan></text></g><g transform="translate(9.375,30.0)"><text x="515.625"><tspan>HASH-TYPE</tspan></text><text x="365.625"><tspan>KDF-TYPE</tspan></text><text x="234.375"><tspan>KA-TYPE</tspan></text><text x="168.75"><tspan>0</tspan></text><text x="150.0"><tspan>0</tspan></text><text x="75.0"><tspan>0x09</tspan></text><text><tspan>0</tspan></text></g><g transform="translate(9.375,52)" /></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/ka_raw_fields.svg b/docs/1.1.0/html/_images/ka_raw_fields.svg
new file mode 100644
index 0000000..e602f77
--- /dev/null
+++ b/docs/1.1.0/html/_images/ka_raw_fields.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg baseProfile="full" height="57" id="svgcontent" version="1.1" viewBox="0 0 609 57" width="609" xmlns="http://www.w3.org/2000/svg" xmlns:ev="http://www.w3.org/2001/xml-events" xmlns:xlink="http://www.w3.org/1999/xlink"><defs /><g font-family="lato" font-size="11" font-weight="normal" text-anchor="middle" transform="translate(4.5,0.5)"><g stroke="black" stroke-linecap="round" stroke-width="1" transform="translate(0,13.0)"><line x1="0" x2="600" y1="0" y2="0" /><line x1="0" x2="0" y1="0" y2="26.0" /><line x1="0" x2="600" y1="26.0" y2="26.0" /><line x1="600.0" x2="600.0" y1="0" y2="26.0" /><line x1="581.25" x2="581.25" y1="0" y2="3.25" /><line x1="581.25" x2="581.25" y1="22.75" y2="26.0" /><line x1="562.5" x2="562.5" y1="0" y2="3.25" /><line x1="562.5" x2="562.5" y1="22.75" y2="26.0" /><line x1="543.75" x2="543.75" y1="0" y2="3.25" /><line x1="543.75" x2="543.75" y1="22.75" y2="26.0" /><line x1="525.0" x2="525.0" y1="0" y2="3.25" /><line x1="525.0" x2="525.0" y1="22.75" y2="26.0" /><line x1="506.25" x2="506.25" y1="0" y2="3.25" /><line x1="506.25" x2="506.25" y1="22.75" y2="26.0" /><line x1="487.5" x2="487.5" y1="0" y2="3.25" /><line x1="487.5" x2="487.5" y1="22.75" y2="26.0" /><line x1="468.75" x2="468.75" y1="0" y2="3.25" /><line x1="468.75" x2="468.75" y1="22.75" y2="26.0" /><line x1="450.0" x2="450.0" y1="0" y2="26.0" /><line x1="431.25" x2="431.25" y1="0" y2="3.25" /><line x1="431.25" x2="431.25" y1="22.75" y2="26.0" /><line x1="412.5" x2="412.5" y1="0" y2="3.25" /><line x1="412.5" x2="412.5" y1="22.75" y2="26.0" /><line x1="393.75" x2="393.75" y1="0" y2="3.25" /><line x1="393.75" x2="393.75" y1="22.75" y2="26.0" /><line x1="375.0" x2="375.0" y1="0" y2="3.25" /><line x1="375.0" x2="375.0" y1="22.75" y2="26.0" /><line x1="356.25" x2="356.25" y1="0" y2="3.25" /><line x1="356.25" x2="356.25" y1="22.75" y2="26.0" /><line x1="337.5" x2="337.5" y1="0" y2="3.25" /><line x1="337.5" x2="337.5" y1="22.75" y2="26.0" /><line x1="318.75" x2="318.75" y1="0" y2="3.25" /><line x1="318.75" x2="318.75" y1="22.75" y2="26.0" /><line x1="300.0" x2="300.0" y1="0" y2="26.0" /><line x1="281.25" x2="281.25" y1="0" y2="3.25" /><line x1="281.25" x2="281.25" y1="22.75" y2="26.0" /><line x1="262.5" x2="262.5" y1="0" y2="3.25" /><line x1="262.5" x2="262.5" y1="22.75" y2="26.0" /><line x1="243.75" x2="243.75" y1="0" y2="3.25" /><line x1="243.75" x2="243.75" y1="22.75" y2="26.0" /><line x1="225.0" x2="225.0" y1="0" y2="3.25" /><line x1="225.0" x2="225.0" y1="22.75" y2="26.0" /><line x1="206.25" x2="206.25" y1="0" y2="3.25" /><line x1="206.25" x2="206.25" y1="22.75" y2="26.0" /><line x1="187.5" x2="187.5" y1="0" y2="26.0" /><line x1="168.75" x2="168.75" y1="0" y2="26.0" /><line x1="150.0" x2="150.0" y1="0" y2="26.0" /><line x1="131.25" x2="131.25" y1="0" y2="3.25" /><line x1="131.25" x2="131.25" y1="22.75" y2="26.0" /><line x1="112.5" x2="112.5" y1="0" y2="3.25" /><line x1="112.5" x2="112.5" y1="22.75" y2="26.0" /><line x1="93.75" x2="93.75" y1="0" y2="3.25" /><line x1="93.75" x2="93.75" y1="22.75" y2="26.0" /><line x1="75.0" x2="75.0" y1="0" y2="3.25" /><line x1="75.0" x2="75.0" y1="22.75" y2="26.0" /><line x1="56.25" x2="56.25" y1="0" y2="3.25" /><line x1="56.25" x2="56.25" y1="22.75" y2="26.0" /><line x1="37.5" x2="37.5" y1="0" y2="3.25" /><line x1="37.5" x2="37.5" y1="22.75" y2="26.0" /><line x1="18.75" x2="18.75" y1="0" y2="26.0" /></g><g text-anchor="middle"><g><g transform="translate(0,13.0)" /><g transform="translate(9.375,10.4)"><text x="581.25"><tspan>0</tspan></text><text x="450.0"><tspan>7</tspan></text><text x="431.25"><tspan>8</tspan></text><text x="300.0"><tspan>15</tspan></text><text x="281.25"><tspan>16</tspan></text><text x="187.5"><tspan>21</tspan></text><text x="168.75"><tspan>22</tspan></text><text x="150.0"><tspan>23</tspan></text><text x="131.25"><tspan>24</tspan></text><text x="18.75"><tspan>30</tspan></text><text x="0.0"><tspan>31</tspan></text></g><g transform="translate(9.375,30.0)"><text x="515.625"><tspan>0</tspan></text><text x="365.625"><tspan>0</tspan></text><text x="234.375"><tspan>KA-TYPE</tspan></text><text x="168.75"><tspan>0</tspan></text><text x="150.0"><tspan>0</tspan></text><text x="75.0"><tspan>0x09</tspan></text><text><tspan>0</tspan></text></g><g transform="translate(9.375,52)" /></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/kdf_fields.svg b/docs/1.1.0/html/_images/kdf_fields.svg
new file mode 100644
index 0000000..f5fa50b
--- /dev/null
+++ b/docs/1.1.0/html/_images/kdf_fields.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg baseProfile="full" height="57" id="svgcontent" version="1.1" viewBox="0 0 609 57" width="609" xmlns="http://www.w3.org/2000/svg" xmlns:ev="http://www.w3.org/2001/xml-events" xmlns:xlink="http://www.w3.org/1999/xlink"><defs /><g font-family="lato" font-size="11" font-weight="normal" text-anchor="middle" transform="translate(4.5,0.5)"><g stroke="black" stroke-linecap="round" stroke-width="1" transform="translate(0,13.0)"><line x1="0" x2="600" y1="0" y2="0" /><line x1="0" x2="0" y1="0" y2="26.0" /><line x1="0" x2="600" y1="26.0" y2="26.0" /><line x1="600.0" x2="600.0" y1="0" y2="26.0" /><line x1="581.25" x2="581.25" y1="0" y2="3.25" /><line x1="581.25" x2="581.25" y1="22.75" y2="26.0" /><line x1="562.5" x2="562.5" y1="0" y2="3.25" /><line x1="562.5" x2="562.5" y1="22.75" y2="26.0" /><line x1="543.75" x2="543.75" y1="0" y2="3.25" /><line x1="543.75" x2="543.75" y1="22.75" y2="26.0" /><line x1="525.0" x2="525.0" y1="0" y2="3.25" /><line x1="525.0" x2="525.0" y1="22.75" y2="26.0" /><line x1="506.25" x2="506.25" y1="0" y2="3.25" /><line x1="506.25" x2="506.25" y1="22.75" y2="26.0" /><line x1="487.5" x2="487.5" y1="0" y2="3.25" /><line x1="487.5" x2="487.5" y1="22.75" y2="26.0" /><line x1="468.75" x2="468.75" y1="0" y2="3.25" /><line x1="468.75" x2="468.75" y1="22.75" y2="26.0" /><line x1="450.0" x2="450.0" y1="0" y2="26.0" /><line x1="431.25" x2="431.25" y1="0" y2="3.25" /><line x1="431.25" x2="431.25" y1="22.75" y2="26.0" /><line x1="412.5" x2="412.5" y1="0" y2="3.25" /><line x1="412.5" x2="412.5" y1="22.75" y2="26.0" /><line x1="393.75" x2="393.75" y1="0" y2="3.25" /><line x1="393.75" x2="393.75" y1="22.75" y2="26.0" /><line x1="375.0" x2="375.0" y1="0" y2="3.25" /><line x1="375.0" x2="375.0" y1="22.75" y2="26.0" /><line x1="356.25" x2="356.25" y1="0" y2="3.25" /><line x1="356.25" x2="356.25" y1="22.75" y2="26.0" /><line x1="337.5" x2="337.5" y1="0" y2="3.25" /><line x1="337.5" x2="337.5" y1="22.75" y2="26.0" /><line x1="318.75" x2="318.75" y1="0" y2="3.25" /><line x1="318.75" x2="318.75" y1="22.75" y2="26.0" /><line x1="300.0" x2="300.0" y1="0" y2="26.0" /><line x1="281.25" x2="281.25" y1="0" y2="3.25" /><line x1="281.25" x2="281.25" y1="22.75" y2="26.0" /><line x1="262.5" x2="262.5" y1="0" y2="3.25" /><line x1="262.5" x2="262.5" y1="22.75" y2="26.0" /><line x1="243.75" x2="243.75" y1="0" y2="3.25" /><line x1="243.75" x2="243.75" y1="22.75" y2="26.0" /><line x1="225.0" x2="225.0" y1="0" y2="3.25" /><line x1="225.0" x2="225.0" y1="22.75" y2="26.0" /><line x1="206.25" x2="206.25" y1="0" y2="3.25" /><line x1="206.25" x2="206.25" y1="22.75" y2="26.0" /><line x1="187.5" x2="187.5" y1="0" y2="26.0" /><line x1="168.75" x2="168.75" y1="0" y2="26.0" /><line x1="150.0" x2="150.0" y1="0" y2="26.0" /><line x1="131.25" x2="131.25" y1="0" y2="3.25" /><line x1="131.25" x2="131.25" y1="22.75" y2="26.0" /><line x1="112.5" x2="112.5" y1="0" y2="3.25" /><line x1="112.5" x2="112.5" y1="22.75" y2="26.0" /><line x1="93.75" x2="93.75" y1="0" y2="3.25" /><line x1="93.75" x2="93.75" y1="22.75" y2="26.0" /><line x1="75.0" x2="75.0" y1="0" y2="3.25" /><line x1="75.0" x2="75.0" y1="22.75" y2="26.0" /><line x1="56.25" x2="56.25" y1="0" y2="3.25" /><line x1="56.25" x2="56.25" y1="22.75" y2="26.0" /><line x1="37.5" x2="37.5" y1="0" y2="3.25" /><line x1="37.5" x2="37.5" y1="22.75" y2="26.0" /><line x1="18.75" x2="18.75" y1="0" y2="26.0" /></g><g text-anchor="middle"><g><g transform="translate(0,13.0)" /><g transform="translate(9.375,10.4)"><text x="581.25"><tspan>0</tspan></text><text x="450.0"><tspan>7</tspan></text><text x="431.25"><tspan>8</tspan></text><text x="300.0"><tspan>15</tspan></text><text x="281.25"><tspan>16</tspan></text><text x="187.5"><tspan>21</tspan></text><text x="168.75"><tspan>22</tspan></text><text x="150.0"><tspan>23</tspan></text><text x="131.25"><tspan>24</tspan></text><text x="18.75"><tspan>30</tspan></text><text x="0.0"><tspan>31</tspan></text></g><g transform="translate(9.375,30.0)"><text x="515.625"><tspan>HASH-TYPE</tspan></text><text x="365.625"><tspan>KDF-TYPE</tspan></text><text x="234.375"><tspan>0</tspan></text><text x="168.75"><tspan>0</tspan></text><text x="150.0"><tspan>S</tspan></text><text x="75.0"><tspan>0x08</tspan></text><text><tspan>0</tspan></text></g><g transform="translate(9.375,52)" /></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/key_type_fields.svg b/docs/1.1.0/html/_images/key_type_fields.svg
new file mode 100644
index 0000000..6336eba
--- /dev/null
+++ b/docs/1.1.0/html/_images/key_type_fields.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg baseProfile="full" height="57" id="svgcontent" version="1.1" viewBox="0 0 309 57" width="309" xmlns="http://www.w3.org/2000/svg" xmlns:ev="http://www.w3.org/2001/xml-events" xmlns:xlink="http://www.w3.org/1999/xlink"><defs /><g font-family="lato" font-size="11" font-weight="normal" text-anchor="middle" transform="translate(4.5,0.5)"><g stroke="black" stroke-linecap="round" stroke-width="1" transform="translate(0,13.0)"><line x1="0" x2="300" y1="0" y2="0" /><line x1="0" x2="0" y1="0" y2="26.0" /><line x1="0" x2="300" y1="26.0" y2="26.0" /><line x1="300.0" x2="300.0" y1="0" y2="26.0" /><line x1="281.25" x2="281.25" y1="0" y2="26.0" /><line x1="262.5" x2="262.5" y1="0" y2="3.25" /><line x1="262.5" x2="262.5" y1="22.75" y2="26.0" /><line x1="243.75" x2="243.75" y1="0" y2="3.25" /><line x1="243.75" x2="243.75" y1="22.75" y2="26.0" /><line x1="225.0" x2="225.0" y1="0" y2="3.25" /><line x1="225.0" x2="225.0" y1="22.75" y2="26.0" /><line x1="206.25" x2="206.25" y1="0" y2="3.25" /><line x1="206.25" x2="206.25" y1="22.75" y2="26.0" /><line x1="187.5" x2="187.5" y1="0" y2="3.25" /><line x1="187.5" x2="187.5" y1="22.75" y2="26.0" /><line x1="168.75" x2="168.75" y1="0" y2="3.25" /><line x1="168.75" x2="168.75" y1="22.75" y2="26.0" /><line x1="150.0" x2="150.0" y1="0" y2="3.25" /><line x1="150.0" x2="150.0" y1="22.75" y2="26.0" /><line x1="131.25" x2="131.25" y1="0" y2="3.25" /><line x1="131.25" x2="131.25" y1="22.75" y2="26.0" /><line x1="112.5" x2="112.5" y1="0" y2="3.25" /><line x1="112.5" x2="112.5" y1="22.75" y2="26.0" /><line x1="93.75" x2="93.75" y1="0" y2="3.25" /><line x1="93.75" x2="93.75" y1="22.75" y2="26.0" /><line x1="75.0" x2="75.0" y1="0" y2="26.0" /><line x1="56.25" x2="56.25" y1="0" y2="3.25" /><line x1="56.25" x2="56.25" y1="22.75" y2="26.0" /><line x1="37.5" x2="37.5" y1="0" y2="26.0" /><line x1="18.75" x2="18.75" y1="0" y2="26.0" /></g><g text-anchor="middle"><g><g transform="translate(0,13.0)" /><g transform="translate(9.375,10.4)"><text x="281.25"><tspan>0</tspan></text><text x="262.5"><tspan>1</tspan></text><text x="75.0"><tspan>11</tspan></text><text x="56.25"><tspan>12</tspan></text><text x="37.5"><tspan>13</tspan></text><text x="18.75"><tspan>14</tspan></text><text x="0.0"><tspan>15</tspan></text></g><g transform="translate(9.375,30.0)"><text x="281.25"><tspan>P</tspan></text><text x="168.75"><tspan>category-specific type</tspan></text><text x="46.875"><tspan>CAT</tspan></text><text x="18.75"><tspan>A</tspan></text><text><tspan>V</tspan></text></g><g transform="translate(9.375,52)" /></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/mac_fields.svg b/docs/1.1.0/html/_images/mac_fields.svg
new file mode 100644
index 0000000..edd6a6e
--- /dev/null
+++ b/docs/1.1.0/html/_images/mac_fields.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg baseProfile="full" height="57" id="svgcontent" version="1.1" viewBox="0 0 609 57" width="609" xmlns="http://www.w3.org/2000/svg" xmlns:ev="http://www.w3.org/2001/xml-events" xmlns:xlink="http://www.w3.org/1999/xlink"><defs /><g font-family="lato" font-size="11" font-weight="normal" text-anchor="middle" transform="translate(4.5,0.5)"><g stroke="black" stroke-linecap="round" stroke-width="1" transform="translate(0,13.0)"><line x1="0" x2="600" y1="0" y2="0" /><line x1="0" x2="0" y1="0" y2="26.0" /><line x1="0" x2="600" y1="26.0" y2="26.0" /><line x1="600.0" x2="600.0" y1="0" y2="26.0" /><line x1="581.25" x2="581.25" y1="0" y2="3.25" /><line x1="581.25" x2="581.25" y1="22.75" y2="26.0" /><line x1="562.5" x2="562.5" y1="0" y2="3.25" /><line x1="562.5" x2="562.5" y1="22.75" y2="26.0" /><line x1="543.75" x2="543.75" y1="0" y2="3.25" /><line x1="543.75" x2="543.75" y1="22.75" y2="26.0" /><line x1="525.0" x2="525.0" y1="0" y2="3.25" /><line x1="525.0" x2="525.0" y1="22.75" y2="26.0" /><line x1="506.25" x2="506.25" y1="0" y2="3.25" /><line x1="506.25" x2="506.25" y1="22.75" y2="26.0" /><line x1="487.5" x2="487.5" y1="0" y2="3.25" /><line x1="487.5" x2="487.5" y1="22.75" y2="26.0" /><line x1="468.75" x2="468.75" y1="0" y2="3.25" /><line x1="468.75" x2="468.75" y1="22.75" y2="26.0" /><line x1="450.0" x2="450.0" y1="0" y2="26.0" /><line x1="431.25" x2="431.25" y1="0" y2="3.25" /><line x1="431.25" x2="431.25" y1="22.75" y2="26.0" /><line x1="412.5" x2="412.5" y1="0" y2="3.25" /><line x1="412.5" x2="412.5" y1="22.75" y2="26.0" /><line x1="393.75" x2="393.75" y1="0" y2="3.25" /><line x1="393.75" x2="393.75" y1="22.75" y2="26.0" /><line x1="375.0" x2="375.0" y1="0" y2="3.25" /><line x1="375.0" x2="375.0" y1="22.75" y2="26.0" /><line x1="356.25" x2="356.25" y1="0" y2="3.25" /><line x1="356.25" x2="356.25" y1="22.75" y2="26.0" /><line x1="337.5" x2="337.5" y1="0" y2="3.25" /><line x1="337.5" x2="337.5" y1="22.75" y2="26.0" /><line x1="318.75" x2="318.75" y1="0" y2="26.0" /><line x1="300.0" x2="300.0" y1="0" y2="26.0" /><line x1="281.25" x2="281.25" y1="0" y2="3.25" /><line x1="281.25" x2="281.25" y1="22.75" y2="26.0" /><line x1="262.5" x2="262.5" y1="0" y2="3.25" /><line x1="262.5" x2="262.5" y1="22.75" y2="26.0" /><line x1="243.75" x2="243.75" y1="0" y2="3.25" /><line x1="243.75" x2="243.75" y1="22.75" y2="26.0" /><line x1="225.0" x2="225.0" y1="0" y2="3.25" /><line x1="225.0" x2="225.0" y1="22.75" y2="26.0" /><line x1="206.25" x2="206.25" y1="0" y2="3.25" /><line x1="206.25" x2="206.25" y1="22.75" y2="26.0" /><line x1="187.5" x2="187.5" y1="0" y2="26.0" /><line x1="168.75" x2="168.75" y1="0" y2="26.0" /><line x1="150.0" x2="150.0" y1="0" y2="26.0" /><line x1="131.25" x2="131.25" y1="0" y2="3.25" /><line x1="131.25" x2="131.25" y1="22.75" y2="26.0" /><line x1="112.5" x2="112.5" y1="0" y2="3.25" /><line x1="112.5" x2="112.5" y1="22.75" y2="26.0" /><line x1="93.75" x2="93.75" y1="0" y2="3.25" /><line x1="93.75" x2="93.75" y1="22.75" y2="26.0" /><line x1="75.0" x2="75.0" y1="0" y2="3.25" /><line x1="75.0" x2="75.0" y1="22.75" y2="26.0" /><line x1="56.25" x2="56.25" y1="0" y2="3.25" /><line x1="56.25" x2="56.25" y1="22.75" y2="26.0" /><line x1="37.5" x2="37.5" y1="0" y2="3.25" /><line x1="37.5" x2="37.5" y1="22.75" y2="26.0" /><line x1="18.75" x2="18.75" y1="0" y2="26.0" /></g><g text-anchor="middle"><g><g transform="translate(0,13.0)" /><g transform="translate(9.375,10.4)"><text x="581.25"><tspan>0</tspan></text><text x="450.0"><tspan>7</tspan></text><text x="431.25"><tspan>8</tspan></text><text x="318.75"><tspan>14</tspan></text><text x="300.0"><tspan>15</tspan></text><text x="281.25"><tspan>16</tspan></text><text x="187.5"><tspan>21</tspan></text><text x="168.75"><tspan>22</tspan></text><text x="150.0"><tspan>23</tspan></text><text x="131.25"><tspan>24</tspan></text><text x="18.75"><tspan>30</tspan></text><text x="0.0"><tspan>31</tspan></text></g><g transform="translate(9.375,30.0)"><text x="515.625"><tspan>HASH-TYPE or 0</tspan></text><text x="375.0"><tspan>MAC-TYPE</tspan></text><text x="300.0"><tspan>W</tspan></text><text x="234.375"><tspan>LEN</tspan></text><text x="168.75"><tspan>B</tspan></text><text x="150.0"><tspan>1</tspan></text><text x="75.0"><tspan>0x03</tspan></text><text><tspan>0</tspan></text></g><g transform="translate(9.375,52)" /></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/pke_fields.svg b/docs/1.1.0/html/_images/pke_fields.svg
new file mode 100644
index 0000000..df19693
--- /dev/null
+++ b/docs/1.1.0/html/_images/pke_fields.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg baseProfile="full" height="57" id="svgcontent" version="1.1" viewBox="0 0 609 57" width="609" xmlns="http://www.w3.org/2000/svg" xmlns:ev="http://www.w3.org/2001/xml-events" xmlns:xlink="http://www.w3.org/1999/xlink"><defs /><g font-family="lato" font-size="11" font-weight="normal" text-anchor="middle" transform="translate(4.5,0.5)"><g stroke="black" stroke-linecap="round" stroke-width="1" transform="translate(0,13.0)"><line x1="0" x2="600" y1="0" y2="0" /><line x1="0" x2="0" y1="0" y2="26.0" /><line x1="0" x2="600" y1="26.0" y2="26.0" /><line x1="600.0" x2="600.0" y1="0" y2="26.0" /><line x1="581.25" x2="581.25" y1="0" y2="3.25" /><line x1="581.25" x2="581.25" y1="22.75" y2="26.0" /><line x1="562.5" x2="562.5" y1="0" y2="3.25" /><line x1="562.5" x2="562.5" y1="22.75" y2="26.0" /><line x1="543.75" x2="543.75" y1="0" y2="3.25" /><line x1="543.75" x2="543.75" y1="22.75" y2="26.0" /><line x1="525.0" x2="525.0" y1="0" y2="3.25" /><line x1="525.0" x2="525.0" y1="22.75" y2="26.0" /><line x1="506.25" x2="506.25" y1="0" y2="3.25" /><line x1="506.25" x2="506.25" y1="22.75" y2="26.0" /><line x1="487.5" x2="487.5" y1="0" y2="3.25" /><line x1="487.5" x2="487.5" y1="22.75" y2="26.0" /><line x1="468.75" x2="468.75" y1="0" y2="3.25" /><line x1="468.75" x2="468.75" y1="22.75" y2="26.0" /><line x1="450.0" x2="450.0" y1="0" y2="26.0" /><line x1="431.25" x2="431.25" y1="0" y2="3.25" /><line x1="431.25" x2="431.25" y1="22.75" y2="26.0" /><line x1="412.5" x2="412.5" y1="0" y2="3.25" /><line x1="412.5" x2="412.5" y1="22.75" y2="26.0" /><line x1="393.75" x2="393.75" y1="0" y2="3.25" /><line x1="393.75" x2="393.75" y1="22.75" y2="26.0" /><line x1="375.0" x2="375.0" y1="0" y2="3.25" /><line x1="375.0" x2="375.0" y1="22.75" y2="26.0" /><line x1="356.25" x2="356.25" y1="0" y2="3.25" /><line x1="356.25" x2="356.25" y1="22.75" y2="26.0" /><line x1="337.5" x2="337.5" y1="0" y2="3.25" /><line x1="337.5" x2="337.5" y1="22.75" y2="26.0" /><line x1="318.75" x2="318.75" y1="0" y2="3.25" /><line x1="318.75" x2="318.75" y1="22.75" y2="26.0" /><line x1="300.0" x2="300.0" y1="0" y2="26.0" /><line x1="281.25" x2="281.25" y1="0" y2="3.25" /><line x1="281.25" x2="281.25" y1="22.75" y2="26.0" /><line x1="262.5" x2="262.5" y1="0" y2="3.25" /><line x1="262.5" x2="262.5" y1="22.75" y2="26.0" /><line x1="243.75" x2="243.75" y1="0" y2="3.25" /><line x1="243.75" x2="243.75" y1="22.75" y2="26.0" /><line x1="225.0" x2="225.0" y1="0" y2="3.25" /><line x1="225.0" x2="225.0" y1="22.75" y2="26.0" /><line x1="206.25" x2="206.25" y1="0" y2="3.25" /><line x1="206.25" x2="206.25" y1="22.75" y2="26.0" /><line x1="187.5" x2="187.5" y1="0" y2="26.0" /><line x1="168.75" x2="168.75" y1="0" y2="26.0" /><line x1="150.0" x2="150.0" y1="0" y2="26.0" /><line x1="131.25" x2="131.25" y1="0" y2="3.25" /><line x1="131.25" x2="131.25" y1="22.75" y2="26.0" /><line x1="112.5" x2="112.5" y1="0" y2="3.25" /><line x1="112.5" x2="112.5" y1="22.75" y2="26.0" /><line x1="93.75" x2="93.75" y1="0" y2="3.25" /><line x1="93.75" x2="93.75" y1="22.75" y2="26.0" /><line x1="75.0" x2="75.0" y1="0" y2="3.25" /><line x1="75.0" x2="75.0" y1="22.75" y2="26.0" /><line x1="56.25" x2="56.25" y1="0" y2="3.25" /><line x1="56.25" x2="56.25" y1="22.75" y2="26.0" /><line x1="37.5" x2="37.5" y1="0" y2="3.25" /><line x1="37.5" x2="37.5" y1="22.75" y2="26.0" /><line x1="18.75" x2="18.75" y1="0" y2="26.0" /></g><g text-anchor="middle"><g><g transform="translate(0,13.0)" /><g transform="translate(9.375,10.4)"><text x="581.25"><tspan>0</tspan></text><text x="450.0"><tspan>7</tspan></text><text x="431.25"><tspan>8</tspan></text><text x="300.0"><tspan>15</tspan></text><text x="281.25"><tspan>16</tspan></text><text x="187.5"><tspan>21</tspan></text><text x="168.75"><tspan>22</tspan></text><text x="150.0"><tspan>23</tspan></text><text x="131.25"><tspan>24</tspan></text><text x="18.75"><tspan>30</tspan></text><text x="0.0"><tspan>31</tspan></text></g><g transform="translate(9.375,30.0)"><text x="515.625"><tspan>HASH-TYPE or 0</tspan></text><text x="365.625"><tspan>ENCRYPT-TYPE</tspan></text><text x="234.375"><tspan>0</tspan></text><text x="168.75"><tspan>0</tspan></text><text x="150.0"><tspan>0</tspan></text><text x="75.0"><tspan>0x07</tspan></text><text><tspan>0</tspan></text></g><g transform="translate(9.375,52)" /></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/raw_key_fields.svg b/docs/1.1.0/html/_images/raw_key_fields.svg
new file mode 100644
index 0000000..09e8cf3
--- /dev/null
+++ b/docs/1.1.0/html/_images/raw_key_fields.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg baseProfile="full" height="57" id="svgcontent" version="1.1" viewBox="0 0 309 57" width="309" xmlns="http://www.w3.org/2000/svg" xmlns:ev="http://www.w3.org/2001/xml-events" xmlns:xlink="http://www.w3.org/1999/xlink"><defs /><g font-family="lato" font-size="11" font-weight="normal" text-anchor="middle" transform="translate(4.5,0.5)"><g stroke="black" stroke-linecap="round" stroke-width="1" transform="translate(0,13.0)"><line x1="0" x2="300" y1="0" y2="0" /><line x1="0" x2="0" y1="0" y2="26.0" /><line x1="0" x2="300" y1="26.0" y2="26.0" /><line x1="300.0" x2="300.0" y1="0" y2="26.0" /><line x1="281.25" x2="281.25" y1="0" y2="26.0" /><line x1="262.5" x2="262.5" y1="0" y2="3.25" /><line x1="262.5" x2="262.5" y1="22.75" y2="26.0" /><line x1="243.75" x2="243.75" y1="0" y2="3.25" /><line x1="243.75" x2="243.75" y1="22.75" y2="26.0" /><line x1="225.0" x2="225.0" y1="0" y2="3.25" /><line x1="225.0" x2="225.0" y1="22.75" y2="26.0" /><line x1="206.25" x2="206.25" y1="0" y2="3.25" /><line x1="206.25" x2="206.25" y1="22.75" y2="26.0" /><line x1="187.5" x2="187.5" y1="0" y2="3.25" /><line x1="187.5" x2="187.5" y1="22.75" y2="26.0" /><line x1="168.75" x2="168.75" y1="0" y2="3.25" /><line x1="168.75" x2="168.75" y1="22.75" y2="26.0" /><line x1="150.0" x2="150.0" y1="0" y2="26.0" /><line x1="131.25" x2="131.25" y1="0" y2="3.25" /><line x1="131.25" x2="131.25" y1="22.75" y2="26.0" /><line x1="112.5" x2="112.5" y1="0" y2="3.25" /><line x1="112.5" x2="112.5" y1="22.75" y2="26.0" /><line x1="93.75" x2="93.75" y1="0" y2="3.25" /><line x1="93.75" x2="93.75" y1="22.75" y2="26.0" /><line x1="75.0" x2="75.0" y1="0" y2="26.0" /><line x1="56.25" x2="56.25" y1="0" y2="3.25" /><line x1="56.25" x2="56.25" y1="22.75" y2="26.0" /><line x1="37.5" x2="37.5" y1="0" y2="26.0" /><line x1="18.75" x2="18.75" y1="0" y2="26.0" /></g><g text-anchor="middle"><g><g transform="translate(0,13.0)" /><g transform="translate(9.375,10.4)"><text x="281.25"><tspan>0</tspan></text><text x="262.5"><tspan>1</tspan></text><text x="150.0"><tspan>7</tspan></text><text x="131.25"><tspan>8</tspan></text><text x="75.0"><tspan>11</tspan></text><text x="56.25"><tspan>12</tspan></text><text x="37.5"><tspan>13</tspan></text><text x="18.75"><tspan>14</tspan></text><text x="0.0"><tspan>15</tspan></text></g><g transform="translate(9.375,30.0)"><text x="281.25"><tspan>P</tspan></text><text x="206.25"><tspan>SUB-TYPE</tspan></text><text x="103.125"><tspan>RAW-TYPE</tspan></text><text x="46.875"><tspan>1</tspan></text><text x="18.75"><tspan>0</tspan></text><text><tspan>0</tspan></text></g><g transform="translate(9.375,52)" /></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/rsa_key_fields.svg b/docs/1.1.0/html/_images/rsa_key_fields.svg
new file mode 100644
index 0000000..3d792da
--- /dev/null
+++ b/docs/1.1.0/html/_images/rsa_key_fields.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg baseProfile="full" height="57" id="svgcontent" version="1.1" viewBox="0 0 309 57" width="309" xmlns="http://www.w3.org/2000/svg" xmlns:ev="http://www.w3.org/2001/xml-events" xmlns:xlink="http://www.w3.org/1999/xlink"><defs /><g font-family="lato" font-size="11" font-weight="normal" text-anchor="middle" transform="translate(4.5,0.5)"><g stroke="black" stroke-linecap="round" stroke-width="1" transform="translate(0,13.0)"><line x1="0" x2="300" y1="0" y2="0" /><line x1="0" x2="0" y1="0" y2="26.0" /><line x1="0" x2="300" y1="26.0" y2="26.0" /><line x1="300.0" x2="300.0" y1="0" y2="26.0" /><line x1="281.25" x2="281.25" y1="0" y2="26.0" /><line x1="262.5" x2="262.5" y1="0" y2="3.25" /><line x1="262.5" x2="262.5" y1="22.75" y2="26.0" /><line x1="243.75" x2="243.75" y1="0" y2="3.25" /><line x1="243.75" x2="243.75" y1="22.75" y2="26.0" /><line x1="225.0" x2="225.0" y1="0" y2="3.25" /><line x1="225.0" x2="225.0" y1="22.75" y2="26.0" /><line x1="206.25" x2="206.25" y1="0" y2="3.25" /><line x1="206.25" x2="206.25" y1="22.75" y2="26.0" /><line x1="187.5" x2="187.5" y1="0" y2="3.25" /><line x1="187.5" x2="187.5" y1="22.75" y2="26.0" /><line x1="168.75" x2="168.75" y1="0" y2="3.25" /><line x1="168.75" x2="168.75" y1="22.75" y2="26.0" /><line x1="150.0" x2="150.0" y1="0" y2="26.0" /><line x1="131.25" x2="131.25" y1="0" y2="3.25" /><line x1="131.25" x2="131.25" y1="22.75" y2="26.0" /><line x1="112.5" x2="112.5" y1="0" y2="3.25" /><line x1="112.5" x2="112.5" y1="22.75" y2="26.0" /><line x1="93.75" x2="93.75" y1="0" y2="3.25" /><line x1="93.75" x2="93.75" y1="22.75" y2="26.0" /><line x1="75.0" x2="75.0" y1="0" y2="26.0" /><line x1="56.25" x2="56.25" y1="0" y2="3.25" /><line x1="56.25" x2="56.25" y1="22.75" y2="26.0" /><line x1="37.5" x2="37.5" y1="0" y2="26.0" /><line x1="18.75" x2="18.75" y1="0" y2="26.0" /></g><g text-anchor="middle"><g><g transform="translate(0,13.0)" /><g transform="translate(9.375,10.4)"><text x="281.25"><tspan>0</tspan></text><text x="262.5"><tspan>1</tspan></text><text x="150.0"><tspan>7</tspan></text><text x="131.25"><tspan>8</tspan></text><text x="75.0"><tspan>11</tspan></text><text x="56.25"><tspan>12</tspan></text><text x="37.5"><tspan>13</tspan></text><text x="18.75"><tspan>14</tspan></text><text x="0.0"><tspan>15</tspan></text></g><g transform="translate(9.375,30.0)"><text x="281.25"><tspan>1</tspan></text><text x="206.25"><tspan>0</tspan></text><text x="103.125"><tspan>0</tspan></text><text x="46.875"><tspan>PAIR</tspan></text><text x="18.75"><tspan>1</tspan></text><text><tspan>0</tspan></text></g><g transform="translate(9.375,52)" /></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/sign_fields.svg b/docs/1.1.0/html/_images/sign_fields.svg
new file mode 100644
index 0000000..d6587f2
--- /dev/null
+++ b/docs/1.1.0/html/_images/sign_fields.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg baseProfile="full" height="57" id="svgcontent" version="1.1" viewBox="0 0 609 57" width="609" xmlns="http://www.w3.org/2000/svg" xmlns:ev="http://www.w3.org/2001/xml-events" xmlns:xlink="http://www.w3.org/1999/xlink"><defs /><g font-family="lato" font-size="11" font-weight="normal" text-anchor="middle" transform="translate(4.5,0.5)"><g stroke="black" stroke-linecap="round" stroke-width="1" transform="translate(0,13.0)"><line x1="0" x2="600" y1="0" y2="0" /><line x1="0" x2="0" y1="0" y2="26.0" /><line x1="0" x2="600" y1="26.0" y2="26.0" /><line x1="600.0" x2="600.0" y1="0" y2="26.0" /><line x1="581.25" x2="581.25" y1="0" y2="3.25" /><line x1="581.25" x2="581.25" y1="22.75" y2="26.0" /><line x1="562.5" x2="562.5" y1="0" y2="3.25" /><line x1="562.5" x2="562.5" y1="22.75" y2="26.0" /><line x1="543.75" x2="543.75" y1="0" y2="3.25" /><line x1="543.75" x2="543.75" y1="22.75" y2="26.0" /><line x1="525.0" x2="525.0" y1="0" y2="3.25" /><line x1="525.0" x2="525.0" y1="22.75" y2="26.0" /><line x1="506.25" x2="506.25" y1="0" y2="3.25" /><line x1="506.25" x2="506.25" y1="22.75" y2="26.0" /><line x1="487.5" x2="487.5" y1="0" y2="3.25" /><line x1="487.5" x2="487.5" y1="22.75" y2="26.0" /><line x1="468.75" x2="468.75" y1="0" y2="3.25" /><line x1="468.75" x2="468.75" y1="22.75" y2="26.0" /><line x1="450.0" x2="450.0" y1="0" y2="26.0" /><line x1="431.25" x2="431.25" y1="0" y2="3.25" /><line x1="431.25" x2="431.25" y1="22.75" y2="26.0" /><line x1="412.5" x2="412.5" y1="0" y2="3.25" /><line x1="412.5" x2="412.5" y1="22.75" y2="26.0" /><line x1="393.75" x2="393.75" y1="0" y2="3.25" /><line x1="393.75" x2="393.75" y1="22.75" y2="26.0" /><line x1="375.0" x2="375.0" y1="0" y2="3.25" /><line x1="375.0" x2="375.0" y1="22.75" y2="26.0" /><line x1="356.25" x2="356.25" y1="0" y2="3.25" /><line x1="356.25" x2="356.25" y1="22.75" y2="26.0" /><line x1="337.5" x2="337.5" y1="0" y2="3.25" /><line x1="337.5" x2="337.5" y1="22.75" y2="26.0" /><line x1="318.75" x2="318.75" y1="0" y2="3.25" /><line x1="318.75" x2="318.75" y1="22.75" y2="26.0" /><line x1="300.0" x2="300.0" y1="0" y2="26.0" /><line x1="281.25" x2="281.25" y1="0" y2="3.25" /><line x1="281.25" x2="281.25" y1="22.75" y2="26.0" /><line x1="262.5" x2="262.5" y1="0" y2="3.25" /><line x1="262.5" x2="262.5" y1="22.75" y2="26.0" /><line x1="243.75" x2="243.75" y1="0" y2="3.25" /><line x1="243.75" x2="243.75" y1="22.75" y2="26.0" /><line x1="225.0" x2="225.0" y1="0" y2="3.25" /><line x1="225.0" x2="225.0" y1="22.75" y2="26.0" /><line x1="206.25" x2="206.25" y1="0" y2="3.25" /><line x1="206.25" x2="206.25" y1="22.75" y2="26.0" /><line x1="187.5" x2="187.5" y1="0" y2="26.0" /><line x1="168.75" x2="168.75" y1="0" y2="26.0" /><line x1="150.0" x2="150.0" y1="0" y2="26.0" /><line x1="131.25" x2="131.25" y1="0" y2="3.25" /><line x1="131.25" x2="131.25" y1="22.75" y2="26.0" /><line x1="112.5" x2="112.5" y1="0" y2="3.25" /><line x1="112.5" x2="112.5" y1="22.75" y2="26.0" /><line x1="93.75" x2="93.75" y1="0" y2="3.25" /><line x1="93.75" x2="93.75" y1="22.75" y2="26.0" /><line x1="75.0" x2="75.0" y1="0" y2="3.25" /><line x1="75.0" x2="75.0" y1="22.75" y2="26.0" /><line x1="56.25" x2="56.25" y1="0" y2="3.25" /><line x1="56.25" x2="56.25" y1="22.75" y2="26.0" /><line x1="37.5" x2="37.5" y1="0" y2="3.25" /><line x1="37.5" x2="37.5" y1="22.75" y2="26.0" /><line x1="18.75" x2="18.75" y1="0" y2="26.0" /></g><g text-anchor="middle"><g><g transform="translate(0,13.0)" /><g transform="translate(9.375,10.4)"><text x="581.25"><tspan>0</tspan></text><text x="450.0"><tspan>7</tspan></text><text x="431.25"><tspan>8</tspan></text><text x="300.0"><tspan>15</tspan></text><text x="281.25"><tspan>16</tspan></text><text x="187.5"><tspan>21</tspan></text><text x="168.75"><tspan>22</tspan></text><text x="150.0"><tspan>23</tspan></text><text x="131.25"><tspan>24</tspan></text><text x="18.75"><tspan>30</tspan></text><text x="0.0"><tspan>31</tspan></text></g><g transform="translate(9.375,30.0)"><text x="515.625"><tspan>HASH-TYPE or 0</tspan></text><text x="365.625"><tspan>SIGN-TYPE</tspan></text><text x="234.375"><tspan>0</tspan></text><text x="168.75"><tspan>0</tspan></text><text x="150.0"><tspan>0</tspan></text><text x="75.0"><tspan>0x06</tspan></text><text><tspan>0</tspan></text></g><g transform="translate(9.375,52)" /></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/symmetric_key_fields.svg b/docs/1.1.0/html/_images/symmetric_key_fields.svg
new file mode 100644
index 0000000..aceb587
--- /dev/null
+++ b/docs/1.1.0/html/_images/symmetric_key_fields.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<svg baseProfile="full" height="57" id="svgcontent" version="1.1" viewBox="0 0 309 57" width="309" xmlns="http://www.w3.org/2000/svg" xmlns:ev="http://www.w3.org/2001/xml-events" xmlns:xlink="http://www.w3.org/1999/xlink"><defs /><g font-family="lato" font-size="11" font-weight="normal" text-anchor="middle" transform="translate(4.5,0.5)"><g stroke="black" stroke-linecap="round" stroke-width="1" transform="translate(0,13.0)"><line x1="0" x2="300" y1="0" y2="0" /><line x1="0" x2="0" y1="0" y2="26.0" /><line x1="0" x2="300" y1="26.0" y2="26.0" /><line x1="300.0" x2="300.0" y1="0" y2="26.0" /><line x1="281.25" x2="281.25" y1="0" y2="26.0" /><line x1="262.5" x2="262.5" y1="0" y2="3.25" /><line x1="262.5" x2="262.5" y1="22.75" y2="26.0" /><line x1="243.75" x2="243.75" y1="0" y2="3.25" /><line x1="243.75" x2="243.75" y1="22.75" y2="26.0" /><line x1="225.0" x2="225.0" y1="0" y2="3.25" /><line x1="225.0" x2="225.0" y1="22.75" y2="26.0" /><line x1="206.25" x2="206.25" y1="0" y2="3.25" /><line x1="206.25" x2="206.25" y1="22.75" y2="26.0" /><line x1="187.5" x2="187.5" y1="0" y2="3.25" /><line x1="187.5" x2="187.5" y1="22.75" y2="26.0" /><line x1="168.75" x2="168.75" y1="0" y2="3.25" /><line x1="168.75" x2="168.75" y1="22.75" y2="26.0" /><line x1="150.0" x2="150.0" y1="0" y2="26.0" /><line x1="131.25" x2="131.25" y1="0" y2="3.25" /><line x1="131.25" x2="131.25" y1="22.75" y2="26.0" /><line x1="112.5" x2="112.5" y1="0" y2="3.25" /><line x1="112.5" x2="112.5" y1="22.75" y2="26.0" /><line x1="93.75" x2="93.75" y1="0" y2="26.0" /><line x1="75.0" x2="75.0" y1="0" y2="26.0" /><line x1="56.25" x2="56.25" y1="0" y2="3.25" /><line x1="56.25" x2="56.25" y1="22.75" y2="26.0" /><line x1="37.5" x2="37.5" y1="0" y2="26.0" /><line x1="18.75" x2="18.75" y1="0" y2="26.0" /></g><g text-anchor="middle"><g><g transform="translate(0,13.0)" /><g transform="translate(9.375,10.4)"><text x="281.25"><tspan>0</tspan></text><text x="262.5"><tspan>1</tspan></text><text x="150.0"><tspan>7</tspan></text><text x="131.25"><tspan>8</tspan></text><text x="93.75"><tspan>10</tspan></text><text x="75.0"><tspan>11</tspan></text><text x="56.25"><tspan>12</tspan></text><text x="37.5"><tspan>13</tspan></text><text x="18.75"><tspan>14</tspan></text><text x="0.0"><tspan>15</tspan></text></g><g transform="translate(9.375,30.0)"><text x="281.25"><tspan>P</tspan></text><text x="206.25"><tspan>SYM-TYPE</tspan></text><text x="112.5"><tspan>BLK</tspan></text><text x="75.0"><tspan>0</tspan></text><text x="46.875"><tspan>2</tspan></text><text x="18.75"><tspan>0</tspan></text><text><tspan>0</tspan></text></g><g transform="translate(9.375,52)" /></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_images/system-entities.svg b/docs/1.1.0/html/_images/system-entities.svg
new file mode 100644
index 0000000..ebe6c07
--- /dev/null
+++ b/docs/1.1.0/html/_images/system-entities.svg
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" contentScriptType="application/ecmascript" contentStyleType="text/css" height="91px" preserveAspectRatio="none" style="width:311px;height:91px;background:#FFFFFF;" version="1.1" viewBox="0 0 311 91" width="311px" zoomAndPan="magnify"><defs/><g><!--MD5=[e2307af040e3f87d22824e7603ca28ec]
+entity api--><ellipse cx="151.5" cy="25.0546" fill="#FFFFFF" rx="8" ry="8" style="stroke:#000000;stroke-width:1.5;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="21" x="141" y="53.8921">PSA</text><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="74" x="114.5" y="68.2842">Cryptography</text><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="19" x="142" y="82.6763">API</text><!--MD5=[4541fb81c80c07473fe4b07432ef0971]
+entity app--><rect fill="#FFFFFF" height="34.3921" style="stroke:#000000;stroke-width:1.0;" width="81" x="7" y="8.0546"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="61" x="17" y="29.8921">Application</text><!--MD5=[6cc4354bc172bfab4bc5d504e938f9dd]
+entity crypto--><rect fill="#FFFFFF" height="34.3921" style="stroke:#000000;stroke-width:1.0;" width="110" x="195.5" y="8.0546"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="90" x="205.5" y="29.8921">Cryptoprocessor</text><!--MD5=[a7d26c2f8cc5a6a8ad879278349a2334]
+link app to api--><path d="M88.01,25.0546 C105.37,25.0546 124.54,25.0546 137.22,25.0546 " fill="none" id="app-to-api" style="stroke:#000000;stroke-width:1.0;"/><polygon fill="#000000" points="142.24,25.0546,133.24,21.0546,137.24,25.0546,133.24,29.0546,142.24,25.0546" style="stroke:#000000;stroke-width:1.0;"/><text fill="#000000" font-family="Lato" font-size="12" lengthAdjust="spacing" textLength="18" x="106.25" y="18.8921">call</text><!--MD5=[6126a99ebd03231e08d11863de891bf1]
+link api to crypto--><path d="M160.78,25.0546 C172.35,25.0546 183.91,25.0546 195.48,25.0546 " fill="none" id="api-crypto" style="stroke:#000000;stroke-width:1.0;"/></g></svg>
\ No newline at end of file
diff --git a/docs/1.1.0/html/_static/ajax-loader.gif b/docs/1.1.0/html/_static/ajax-loader.gif
new file mode 100644
index 0000000..61faf8c
--- /dev/null
+++ b/docs/1.1.0/html/_static/ajax-loader.gif
Binary files differ
diff --git a/docs/1.1.0/html/_static/alabaster.css b/docs/1.1.0/html/_static/alabaster.css
new file mode 100644
index 0000000..517cb43
--- /dev/null
+++ b/docs/1.1.0/html/_static/alabaster.css
@@ -0,0 +1,607 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+@import url("basic.css");
+
+/* -- page layout ----------------------------------------------------------- */
+
+body {
+ font-family: 'goudy old style', 'minion pro', 'bell mt', Georgia, 'Hiragino Mincho Pro', serif;
+ font-size: 17px;
+ background-color: white;
+ color: #000;
+ margin: 0;
+ padding: 0;
+}
+
+
+div.document {
+ width: 940px;
+ margin: 30px auto 0 auto;
+}
+
+div.documentwrapper {
+ float: left;
+ width: 100%;
+}
+
+div.bodywrapper {
+ margin: 0 0 0 220px;
+}
+
+div.sphinxsidebar {
+ width: 220px;
+ font-size: 14px;
+ line-height: 1.5;
+}
+
+hr {
+ border: 1px solid #B1B4B6;
+}
+
+div.body {
+ background-color: #ffffff;
+ color: #3E4349;
+ padding: 0 30px 0 30px;
+}
+
+div.body > .section {
+ text-align: left;
+}
+
+div.footer {
+ width: 940px;
+ margin: 20px auto 30px auto;
+ font-size: 14px;
+ color: #888;
+ text-align: right;
+}
+
+div.footer a {
+ color: #888;
+}
+
+p.caption {
+ font-family: ;
+ font-size: inherit;
+}
+
+
+div.relations {
+ display: none;
+}
+
+
+div.sphinxsidebar a {
+ color: #444;
+ text-decoration: none;
+ border-bottom: 1px dotted #999;
+}
+
+div.sphinxsidebar a:hover {
+ border-bottom: 1px solid #999;
+}
+
+div.sphinxsidebarwrapper {
+ padding: 18px 10px;
+}
+
+div.sphinxsidebarwrapper p.logo {
+ padding: 0;
+ margin: -10px 0 0 0px;
+ text-align: center;
+}
+
+div.sphinxsidebarwrapper h1.logo {
+ margin-top: -10px;
+ text-align: center;
+ margin-bottom: 5px;
+ text-align: left;
+}
+
+div.sphinxsidebarwrapper h1.logo-name {
+ margin-top: 0px;
+}
+
+div.sphinxsidebarwrapper p.blurb {
+ margin-top: 0;
+ font-style: normal;
+}
+
+div.sphinxsidebar h3,
+div.sphinxsidebar h4 {
+ font-family: 'Garamond', 'Georgia', serif;
+ color: #444;
+ font-size: 24px;
+ font-weight: normal;
+ margin: 0 0 5px 0;
+ padding: 0;
+}
+
+div.sphinxsidebar h4 {
+ font-size: 20px;
+}
+
+div.sphinxsidebar h3 a {
+ color: #444;
+}
+
+div.sphinxsidebar p.logo a,
+div.sphinxsidebar h3 a,
+div.sphinxsidebar p.logo a:hover,
+div.sphinxsidebar h3 a:hover {
+ border: none;
+}
+
+div.sphinxsidebar p {
+ color: #555;
+ margin: 10px 0;
+}
+
+div.sphinxsidebar ul {
+ margin: 10px 0;
+ padding: 0;
+ color: #000;
+}
+
+div.sphinxsidebar ul li.toctree-l1 > a {
+ font-size: 120%;
+}
+
+div.sphinxsidebar ul li.toctree-l2 > a {
+ font-size: 110%;
+}
+
+div.sphinxsidebar input {
+ border: 1px solid #CCC;
+ font-family: 'goudy old style', 'minion pro', 'bell mt', Georgia, 'Hiragino Mincho Pro', serif;
+ font-size: 1em;
+}
+
+div.sphinxsidebar hr {
+ border: none;
+ height: 1px;
+ color: #AAA;
+ background: #AAA;
+
+ text-align: left;
+ margin-left: 0;
+ width: 50%;
+}
+
+/* -- body styles ----------------------------------------------------------- */
+
+a {
+ color: #004B6B;
+ text-decoration: underline;
+}
+
+a:hover {
+ color: #6D4100;
+ text-decoration: underline;
+}
+
+div.body h1,
+div.body h2,
+div.body h3,
+div.body h4,
+div.body h5,
+div.body h6 {
+ font-family: 'Garamond', 'Georgia', serif;
+ font-weight: normal;
+ margin: 30px 0px 10px 0px;
+ padding: 0;
+}
+
+div.body h1 { margin-top: 0; padding-top: 0; font-size: 240%; }
+div.body h2 { font-size: 180%; }
+div.body h3 { font-size: 150%; }
+div.body h4 { font-size: 130%; }
+div.body h5 { font-size: 100%; }
+div.body h6 { font-size: 100%; }
+
+a.headerlink {
+ color: #DDD;
+ padding: 0 4px;
+ text-decoration: none;
+}
+
+a.headerlink:hover {
+ color: #444;
+ background: #EAEAEA;
+}
+
+div.body p, div.body dd, div.body li {
+ line-height: 1.4em;
+}
+
+div.admonition {
+ margin: 20px 0px;
+ padding: 10px 30px;
+ background-color: #FCC;
+ border: 1px solid #FAA;
+}
+
+div.admonition tt.xref, div.admonition a tt {
+ border-bottom: 1px solid #fafafa;
+}
+
+dd div.admonition {
+ margin-left: -60px;
+ padding-left: 60px;
+}
+
+div.admonition p.admonition-title {
+ font-family: 'Garamond', 'Georgia', serif;
+ font-weight: normal;
+ font-size: 24px;
+ margin: 0 0 10px 0;
+ padding: 0;
+ line-height: 1;
+}
+
+div.admonition p.last {
+ margin-bottom: 0;
+}
+
+div.highlight {
+ background-color: white;
+}
+
+dt:target, .highlight {
+ background: #FAF3E8;
+}
+
+div.note {
+ background-color: #EEE;
+ border: 1px solid #CCC;
+}
+
+div.seealso {
+ background-color: #EEE;
+ border: 1px solid #CCC;
+}
+
+div.topic {
+ background-color: #eee;
+}
+
+p.admonition-title {
+ display: inline;
+}
+
+p.admonition-title:after {
+ content: ":";
+}
+
+pre, tt, code {
+ font-family: 'Consolas', 'Menlo', 'Deja Vu Sans Mono', 'Bitstream Vera Sans Mono', monospace;
+ font-size: 0.9em;
+}
+
+.hll {
+ background-color: #FFC;
+ margin: 0 -12px;
+ padding: 0 12px;
+ display: block;
+}
+
+img.screenshot {
+}
+
+tt.descname, tt.descclassname, code.descname, code.descclassname {
+ font-size: 0.95em;
+}
+
+tt.descname, code.descname {
+ padding-right: 0.08em;
+}
+
+img.screenshot {
+ -moz-box-shadow: 2px 2px 4px #eee;
+ -webkit-box-shadow: 2px 2px 4px #eee;
+ box-shadow: 2px 2px 4px #eee;
+}
+
+table.docutils {
+ border: 1px solid #888;
+ -moz-box-shadow: 2px 2px 4px #eee;
+ -webkit-box-shadow: 2px 2px 4px #eee;
+ box-shadow: 2px 2px 4px #eee;
+}
+
+table.docutils td, table.docutils th {
+ border: 1px solid #888;
+ padding: 0.25em 0.7em;
+}
+
+table.field-list, table.footnote {
+ border: none;
+ -moz-box-shadow: none;
+ -webkit-box-shadow: none;
+ box-shadow: none;
+}
+
+table.footnote {
+ margin: 15px 0;
+ width: 100%;
+ border: 1px solid #EEE;
+ background: #FDFDFD;
+ font-size: 0.9em;
+}
+
+table.footnote + table.footnote {
+ margin-top: -15px;
+ border-top: none;
+}
+
+table.field-list th {
+ padding: 0 0.8em 0 0;
+}
+
+table.field-list td {
+ padding: 0;
+}
+
+table.field-list p {
+ margin-bottom: 0.8em;
+}
+
+table.footnote td.label {
+ width: .1px;
+ padding: 0.3em 0 0.3em 0.5em;
+}
+
+table.footnote td {
+ padding: 0.3em 0.5em;
+}
+
+dl {
+ margin: 0;
+ padding: 0;
+}
+
+dl dd {
+ margin-left: 30px;
+}
+
+blockquote {
+ margin: 0 0 0 30px;
+ padding: 0;
+}
+
+ul, ol {
+ /* Matches the 30px from the narrow-screen "li > ul" selector below */
+ margin: 10px 0 10px 30px;
+ padding: 0;
+}
+
+pre {
+ background: #EEE;
+ padding: 7px 30px;
+ margin: 15px 0px;
+ line-height: 1.3em;
+}
+
+dl pre, blockquote pre, li pre {
+ margin-left: 0;
+ padding-left: 30px;
+}
+
+dl dl pre {
+ margin-left: -90px;
+ padding-left: 90px;
+}
+
+tt, code {
+ background-color: #ecf0f3;
+ color: #222;
+ /* padding: 1px 2px; */
+}
+
+tt.xref, code.xref, a tt {
+ background-color: #FBFBFB;
+ border-bottom: 1px solid white;
+}
+
+a.reference {
+ text-decoration: none;
+ border-bottom: 1px dotted #004B6B;
+}
+
+/* Don't put an underline on images */
+a.image-reference, a.image-reference:hover {
+ border-bottom: none;
+}
+
+a.reference:hover {
+ border-bottom: 1px solid #6D4100;
+}
+
+a.footnote-reference {
+ text-decoration: none;
+ font-size: 0.7em;
+ vertical-align: top;
+ border-bottom: 1px dotted #004B6B;
+}
+
+a.footnote-reference:hover {
+ border-bottom: 1px solid #6D4100;
+}
+
+a:hover tt, a:hover code {
+ background: #EEE;
+}
+
+
+@media screen and (max-width: 870px) {
+
+ div.sphinxsidebar {
+ display: none;
+ }
+
+ div.document {
+ width: 100%;
+
+ }
+
+ div.documentwrapper {
+ margin-left: 0;
+ margin-top: 0;
+ margin-right: 0;
+ margin-bottom: 0;
+ }
+
+ div.bodywrapper {
+ margin-top: 0;
+ margin-right: 0;
+ margin-bottom: 0;
+ margin-left: 0;
+ }
+
+ ul {
+ margin-left: 0;
+ }
+
+ li > ul {
+ /* Matches the 30px from the "ul, ol" selector above */
+ margin-left: 30px;
+ }
+
+ .document {
+ width: auto;
+ }
+
+ .footer {
+ width: auto;
+ }
+
+ .bodywrapper {
+ margin: 0;
+ }
+
+ .footer {
+ width: auto;
+ }
+
+ .github {
+ display: none;
+ }
+
+
+
+}
+
+
+
+@media screen and (max-width: 875px) {
+
+ body {
+ margin: 0;
+ padding: 20px 30px;
+ }
+
+ div.documentwrapper {
+ float: none;
+ background: white;
+ }
+
+ div.sphinxsidebar {
+ display: block;
+ float: none;
+ width: 102.5%;
+ margin: 50px -30px -20px -30px;
+ padding: 10px 20px;
+ background: #333;
+ color: #FFF;
+ }
+
+ div.sphinxsidebar h3, div.sphinxsidebar h4, div.sphinxsidebar p,
+ div.sphinxsidebar h3 a {
+ color: white;
+ }
+
+ div.sphinxsidebar a {
+ color: #AAA;
+ }
+
+ div.sphinxsidebar p.logo {
+ display: none;
+ }
+
+ div.document {
+ width: 100%;
+ margin: 0;
+ }
+
+ div.footer {
+ display: none;
+ }
+
+ div.bodywrapper {
+ margin: 0;
+ }
+
+ div.body {
+ min-height: 0;
+ padding: 0;
+ }
+
+ .rtd_doc_footer {
+ display: none;
+ }
+
+ .document {
+ width: auto;
+ }
+
+ .footer {
+ width: auto;
+ }
+
+ .footer {
+ width: auto;
+ }
+
+ .github {
+ display: none;
+ }
+}
+
+
+/* misc. */
+
+.revsys-inline {
+ display: none!important;
+}
+
+/* Make nested-list/multi-paragraph items look better in Releases changelog
+ * pages. Without this, docutils' magical list fuckery causes inconsistent
+ * formatting between different release sub-lists.
+ */
+div#changelog > div.section > ul > li > p:only-child {
+ margin-bottom: 0;
+}
+
+/* Hide fugly table cell borders in ..bibliography:: directive output */
+table.docutils.citation, table.docutils.citation td, table.docutils.citation th {
+ border: none;
+ /* Below needed in some edge cases; if not applied, bottom shadows appear */
+ -moz-box-shadow: none;
+ -webkit-box-shadow: none;
+ box-shadow: none;
+}
\ No newline at end of file
diff --git a/docs/1.1.0/html/_static/basic.css b/docs/1.1.0/html/_static/basic.css
new file mode 100644
index 0000000..607b5f5
--- /dev/null
+++ b/docs/1.1.0/html/_static/basic.css
@@ -0,0 +1,648 @@
+/*
+ * basic.css
+ * ~~~~~~~~~
+ *
+ * Sphinx stylesheet -- basic theme.
+ *
+ * :copyright: Copyright 2007-2018 by the Sphinx team, see AUTHORS.
+ * :license: BSD, see LICENSE for details.
+ *
+ */
+
+/* -- main layout ----------------------------------------------------------- */
+
+div.clearer {
+ clear: both;
+}
+
+/* -- relbar ---------------------------------------------------------------- */
+
+div.related {
+ width: 100%;
+ font-size: 90%;
+}
+
+div.related h3 {
+ display: none;
+}
+
+div.related ul {
+ margin: 0;
+ padding: 0 0 0 10px;
+ list-style: none;
+}
+
+div.related li {
+ display: inline;
+}
+
+div.related li.right {
+ float: right;
+ margin-right: 5px;
+}
+
+/* -- sidebar --------------------------------------------------------------- */
+
+div.sphinxsidebarwrapper {
+ padding: 10px 5px 0 10px;
+}
+
+div.sphinxsidebar {
+ float: left;
+ width: 230px;
+ margin-left: -100%;
+ font-size: 90%;
+ word-wrap: break-word;
+ overflow-wrap : break-word;
+}
+
+div.sphinxsidebar ul {
+ list-style: none;
+}
+
+div.sphinxsidebar ul ul,
+div.sphinxsidebar ul.want-points {
+ margin-left: 20px;
+ list-style: square;
+}
+
+div.sphinxsidebar ul ul {
+ margin-top: 0;
+ margin-bottom: 0;
+}
+
+div.sphinxsidebar form {
+ margin-top: 10px;
+}
+
+div.sphinxsidebar input {
+ border: 1px solid #98dbcc;
+ font-family: sans-serif;
+ font-size: 1em;
+}
+
+div.sphinxsidebar #searchbox input[type="text"] {
+ width: 170px;
+}
+
+img {
+ border: 0;
+ max-width: 100%;
+}
+
+/* -- search page ----------------------------------------------------------- */
+
+ul.search {
+ margin: 10px 0 0 20px;
+ padding: 0;
+}
+
+ul.search li {
+ padding: 5px 0 5px 20px;
+ background-image: url(file.png);
+ background-repeat: no-repeat;
+ background-position: 0 7px;
+}
+
+ul.search li a {
+ font-weight: bold;
+}
+
+ul.search li div.context {
+ color: #888;
+ margin: 2px 0 0 30px;
+ text-align: left;
+}
+
+ul.keywordmatches li.goodmatch a {
+ font-weight: bold;
+}
+
+/* -- index page ------------------------------------------------------------ */
+
+table.contentstable {
+ width: 90%;
+ margin-left: auto;
+ margin-right: auto;
+}
+
+table.contentstable p.biglink {
+ line-height: 150%;
+}
+
+a.biglink {
+ font-size: 1.3em;
+}
+
+span.linkdescr {
+ font-style: italic;
+ padding-top: 5px;
+ font-size: 90%;
+}
+
+/* -- general index --------------------------------------------------------- */
+
+table.indextable {
+ width: 100%;
+}
+
+table.indextable td {
+ text-align: left;
+ vertical-align: top;
+}
+
+table.indextable ul {
+ margin-top: 0;
+ margin-bottom: 0;
+ list-style-type: none;
+}
+
+table.indextable > tbody > tr > td > ul {
+ padding-left: 0em;
+}
+
+table.indextable tr.pcap {
+ height: 10px;
+}
+
+table.indextable tr.cap {
+ margin-top: 10px;
+ background-color: #f2f2f2;
+}
+
+img.toggler {
+ margin-right: 3px;
+ margin-top: 3px;
+ cursor: pointer;
+}
+
+div.modindex-jumpbox {
+ border-top: 1px solid #ddd;
+ border-bottom: 1px solid #ddd;
+ margin: 1em 0 1em 0;
+ padding: 0.4em;
+}
+
+div.genindex-jumpbox {
+ border-top: 1px solid #ddd;
+ border-bottom: 1px solid #ddd;
+ margin: 1em 0 1em 0;
+ padding: 0.4em;
+}
+
+/* -- domain module index --------------------------------------------------- */
+
+table.modindextable td {
+ padding: 2px;
+ border-collapse: collapse;
+}
+
+/* -- general body styles --------------------------------------------------- */
+
+div.body p, div.body dd, div.body li, div.body blockquote {
+ -moz-hyphens: auto;
+ -ms-hyphens: auto;
+ -webkit-hyphens: auto;
+ hyphens: auto;
+}
+
+a.headerlink {
+ visibility: hidden;
+}
+
+h1:hover > a.headerlink,
+h2:hover > a.headerlink,
+h3:hover > a.headerlink,
+h4:hover > a.headerlink,
+h5:hover > a.headerlink,
+h6:hover > a.headerlink,
+dt:hover > a.headerlink,
+caption:hover > a.headerlink,
+p.caption:hover > a.headerlink,
+div.code-block-caption:hover > a.headerlink {
+ visibility: visible;
+}
+
+div.body p.caption {
+ text-align: inherit;
+}
+
+div.body td {
+ text-align: left;
+}
+
+.first {
+ margin-top: 0 !important;
+}
+
+p.rubric {
+ margin-top: 30px;
+ font-weight: bold;
+}
+
+img.align-left, .figure.align-left, object.align-left {
+ clear: left;
+ float: left;
+ margin-right: 1em;
+}
+
+img.align-right, .figure.align-right, object.align-right {
+ clear: right;
+ float: right;
+ margin-left: 1em;
+}
+
+img.align-center, .figure.align-center, object.align-center {
+ display: block;
+ margin-left: auto;
+ margin-right: auto;
+}
+
+.align-left {
+ text-align: left;
+}
+
+.align-center {
+ text-align: center;
+}
+
+.align-right {
+ text-align: right;
+}
+
+/* -- sidebars -------------------------------------------------------------- */
+
+div.sidebar {
+ margin: 0 0 0.5em 1em;
+ border: 1px solid #ddb;
+ padding: 7px 7px 0 7px;
+ background-color: #ffe;
+ width: 40%;
+ float: right;
+}
+
+p.sidebar-title {
+ font-weight: bold;
+}
+
+/* -- topics ---------------------------------------------------------------- */
+
+div.topic {
+ border: 1px solid #ccc;
+ padding: 7px 7px 0 7px;
+ margin: 10px 0 10px 0;
+}
+
+p.topic-title {
+ font-size: 1.1em;
+ font-weight: bold;
+ margin-top: 10px;
+}
+
+/* -- admonitions ----------------------------------------------------------- */
+
+div.admonition {
+ margin-top: 10px;
+ margin-bottom: 10px;
+ padding: 7px;
+}
+
+div.admonition dt {
+ font-weight: bold;
+}
+
+div.admonition dl {
+ margin-bottom: 0;
+}
+
+p.admonition-title {
+ margin: 0px 10px 5px 0px;
+ font-weight: bold;
+}
+
+div.body p.centered {
+ text-align: center;
+ margin-top: 25px;
+}
+
+/* -- tables ---------------------------------------------------------------- */
+
+table.docutils {
+ border: 0;
+ border-collapse: collapse;
+}
+
+table.align-center {
+ margin-left: auto;
+ margin-right: auto;
+}
+
+table caption span.caption-number {
+ font-style: italic;
+}
+
+table caption span.caption-text {
+}
+
+table.docutils td, table.docutils th {
+ padding: 1px 8px 1px 5px;
+ border-top: 0;
+ border-left: 0;
+ border-right: 0;
+ border-bottom: 1px solid #aaa;
+}
+
+table.footnote td, table.footnote th {
+ border: 0 !important;
+}
+
+th {
+ text-align: left;
+ padding-right: 5px;
+}
+
+table.citation {
+ border-left: solid 1px gray;
+ margin-left: 1px;
+}
+
+table.citation td {
+ border-bottom: none;
+}
+
+/* -- figures --------------------------------------------------------------- */
+
+div.figure {
+ margin: 0.5em;
+ padding: 0.5em;
+}
+
+div.figure p.caption {
+ padding: 0.3em;
+}
+
+div.figure p.caption span.caption-number {
+ font-style: italic;
+}
+
+div.figure p.caption span.caption-text {
+}
+
+/* -- field list styles ----------------------------------------------------- */
+
+table.field-list td, table.field-list th {
+ border: 0 !important;
+}
+
+.field-list ul {
+ margin: 0;
+ padding-left: 1em;
+}
+
+.field-list p {
+ margin: 0;
+}
+
+.field-name {
+ -moz-hyphens: manual;
+ -ms-hyphens: manual;
+ -webkit-hyphens: manual;
+ hyphens: manual;
+}
+
+/* -- other body styles ----------------------------------------------------- */
+
+ol.arabic {
+ list-style: decimal;
+}
+
+ol.loweralpha {
+ list-style: lower-alpha;
+}
+
+ol.upperalpha {
+ list-style: upper-alpha;
+}
+
+ol.lowerroman {
+ list-style: lower-roman;
+}
+
+ol.upperroman {
+ list-style: upper-roman;
+}
+
+dl {
+ margin-bottom: 15px;
+}
+
+dd p {
+ margin-top: 0px;
+}
+
+dd ul, dd table {
+ margin-bottom: 10px;
+}
+
+dd {
+ margin-top: 3px;
+ margin-bottom: 10px;
+ margin-left: 30px;
+}
+
+dt:target, span.highlighted {
+ background-color: #fbe54e;
+}
+
+rect.highlighted {
+ fill: #fbe54e;
+}
+
+dl.glossary dt {
+ font-weight: bold;
+ font-size: 1.1em;
+}
+
+.optional {
+ font-size: 1.3em;
+}
+
+.sig-paren {
+ font-size: larger;
+}
+
+.versionmodified {
+ font-style: italic;
+}
+
+.system-message {
+ background-color: #fda;
+ padding: 5px;
+ border: 3px solid red;
+}
+
+.footnote:target {
+ background-color: #ffa;
+}
+
+.line-block {
+ display: block;
+ margin-top: 1em;
+ margin-bottom: 1em;
+}
+
+.line-block .line-block {
+ margin-top: 0;
+ margin-bottom: 0;
+ margin-left: 1.5em;
+}
+
+.guilabel, .menuselection {
+ font-family: sans-serif;
+}
+
+.accelerator {
+ text-decoration: underline;
+}
+
+.classifier {
+ font-style: oblique;
+}
+
+abbr, acronym {
+ border-bottom: dotted 1px;
+ cursor: help;
+}
+
+/* -- code displays --------------------------------------------------------- */
+
+pre {
+ overflow: auto;
+ overflow-y: hidden; /* fixes display issues on Chrome browsers */
+}
+
+span.pre {
+ -moz-hyphens: none;
+ -ms-hyphens: none;
+ -webkit-hyphens: none;
+ hyphens: none;
+}
+
+td.linenos pre {
+ padding: 5px 0px;
+ border: 0;
+ background-color: transparent;
+ color: #aaa;
+}
+
+table.highlighttable {
+ margin-left: 0.5em;
+}
+
+table.highlighttable td {
+ padding: 0 0.5em 0 0.5em;
+}
+
+div.code-block-caption {
+ padding: 2px 5px;
+ font-size: small;
+}
+
+div.code-block-caption code {
+ background-color: transparent;
+}
+
+div.code-block-caption + div > div.highlight > pre {
+ margin-top: 0;
+}
+
+div.code-block-caption span.caption-number {
+ padding: 0.1em 0.3em;
+ font-style: italic;
+}
+
+div.code-block-caption span.caption-text {
+}
+
+div.literal-block-wrapper {
+ padding: 1em 1em 0;
+}
+
+div.literal-block-wrapper div.highlight {
+ margin: 0;
+}
+
+code.descname {
+ background-color: transparent;
+ font-weight: bold;
+ font-size: 1.2em;
+}
+
+code.descclassname {
+ background-color: transparent;
+}
+
+code.xref, a code {
+ background-color: transparent;
+ font-weight: bold;
+}
+
+h1 code, h2 code, h3 code, h4 code, h5 code, h6 code {
+ background-color: transparent;
+}
+
+.viewcode-link {
+ float: right;
+}
+
+.viewcode-back {
+ float: right;
+ font-family: sans-serif;
+}
+
+div.viewcode-block:target {
+ margin: -1px -10px;
+ padding: 0 10px;
+}
+
+/* -- math display ---------------------------------------------------------- */
+
+img.math {
+ vertical-align: middle;
+}
+
+div.body div.math p {
+ text-align: center;
+}
+
+span.eqno {
+ float: right;
+}
+
+span.eqno a.headerlink {
+ position: relative;
+ left: 0px;
+ z-index: 1;
+}
+
+div.math:hover a.headerlink {
+ visibility: visible;
+}
+
+/* -- printout stylesheet --------------------------------------------------- */
+
+@media print {
+ div.document,
+ div.documentwrapper,
+ div.bodywrapper {
+ margin: 0 !important;
+ width: 100%;
+ }
+
+ div.sphinxsidebar,
+ div.related,
+ div.footer,
+ #top-link {
+ display: none;
+ }
+}
\ No newline at end of file
diff --git a/docs/1.1.0/html/_static/comment-bright.png b/docs/1.1.0/html/_static/comment-bright.png
new file mode 100644
index 0000000..15e27ed
--- /dev/null
+++ b/docs/1.1.0/html/_static/comment-bright.png
Binary files differ
diff --git a/docs/1.1.0/html/_static/comment-close.png b/docs/1.1.0/html/_static/comment-close.png
new file mode 100644
index 0000000..4d91bcf
--- /dev/null
+++ b/docs/1.1.0/html/_static/comment-close.png
Binary files differ
diff --git a/docs/1.1.0/html/_static/comment.png b/docs/1.1.0/html/_static/comment.png
new file mode 100644
index 0000000..dfbc0cb
--- /dev/null
+++ b/docs/1.1.0/html/_static/comment.png
Binary files differ
diff --git a/docs/1.1.0/html/_static/custom.css b/docs/1.1.0/html/_static/custom.css
new file mode 100644
index 0000000..0cc76ba
--- /dev/null
+++ b/docs/1.1.0/html/_static/custom.css
@@ -0,0 +1,245 @@
+/* CSS overrides for the html output */
+
+body {
+ font-family: Calibri, sans-serif;
+ font-size: 15px;
+}
+
+div.document {
+ width: 900px;
+}
+
+div.bodywrapper {
+ margin: 0 0 0 180px;
+}
+
+div.sphinxsidebar {
+ width: 180px;
+ font-size: 12.5px;
+}
+
+div.body h1,
+div.body h2,
+div.body h3,
+div.body h4,
+div.body h5,
+div.body h6 {
+ font-family: Calibri, sans-serif;
+ font-weight: bold;
+}
+
+div.sphinxsidebar h3,
+div.sphinxsidebar h4 {
+ font-family: Calibri, sans-serif;
+}
+
+a {
+ color: #0091BD;
+ text-decoration: none;
+}
+
+a.reference {
+ border-bottom: none;
+}
+
+a.reference:hover {
+ color: #00617E;
+ border-bottom: 1px solid #00617E;
+ background: unset;
+}
+
+tt, code {
+ font-family: 'Consolas', 'Menlo', 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', monospace;
+ font-size: 0.85em;
+ background-color: unset;
+}
+
+code.xref, a code {
+ font-weight: normal;
+ color: #0091BD;
+ background-color: unset;
+}
+
+pre {
+ font-family: 'Consolas', 'Menlo', 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', monospace;
+ font-size: 0.8em;
+ background: #F7F7F7;
+ padding: 7px 10px;
+ margin: 15px 0px 15px 15px;
+ line-height: 1.3em;
+}
+
+table.docutils {
+ border: 0;
+ width: 100%;
+ -moz-box-shadow: none;
+ -webkit-box-shadow: none;
+ box-shadow: none;
+ border-top: 1px solid #AAA;
+ border-bottom: 1px solid #AAA;
+ margin-bottom: 1em;
+}
+
+table.titletable {
+ margin-top: 40px;
+ width: auto;
+ border-top: none;
+ border-bottom: none;
+}
+
+table.docutils caption, div.figure p.caption, figcaption {
+ font-size: 90%;
+ text-align: right;
+}
+
+table.docutils caption span.caption-number, div.figure p.caption span.caption-number, figcaption span.caption-number {
+ font-weight: bold;
+ font-style: normal;
+}
+
+table.docutils td, table.docutils th {
+ border: 0;
+ padding: 0.3em 0.5em 0.3em 0.5em;
+ text-align: left;
+ vertical-align: top;
+}
+
+table.docutils td p, table.docutils th p {
+ margin-block-start: .3em;
+ margin-block-end: .3em;
+}
+
+table.docutils th > p:first-child, table.docutils td > p:first-child {
+ margin-top: 0px;
+}
+
+table.docutils th {
+ font-weight: bold;
+ font-size: 90%;
+}
+
+table.docutils th.stub {
+ border-bottom: none;
+}
+
+table.docutils th.head {
+ border-bottom: 1px solid #AAA;
+}
+
+figure {
+ margin-inline-start: 0px;
+ margin-inline-end: 0px;
+}
+
+div.figure div.legend, figcaption div.legend {
+ font-size: 80%;
+ text-align: center;
+}
+
+div.figure p.caption, div.figure div.legend p, figcaption p, figcaption div.legend {
+ margin-block-start: 0.2em;
+ margin-block-end: 0.5em;
+}
+
+div.admonition {
+ margin: 5px 15px;
+ padding: 5px 15px;
+ background-color: unset;
+ border: 0;
+ border-left: 6px solid #DDD;
+}
+
+div.admonition p.admonition-title {
+ font-family: Calibri, sans-serif;
+ font-weight: bold;
+ font-size: 90%;
+}
+
+p.admonition-title:after {
+ content: "";
+}
+
+div.admonition p {
+ margin-top: 0;
+ margin-bottom: 5px;
+}
+
+div.admonition tt.xref, div.admonition code.xref, div.admonition a tt {
+ background-color: unset;
+}
+
+div.highlight {
+ background-color: unset;
+}
+
+div.admonition div.highlight pre {
+ background-color: unset;
+}
+
+div.warning {
+ border-left: 6px solid #FBB;
+}
+
+div.warning p.admonition-title {
+ color: darkred;
+}
+
+div.banner {
+ border: 2px solid #CC0;
+ background-color: #FFB;
+}
+
+div.rationale {
+ border-left: 6px solid #BFB;
+ background-color: #EFE;
+}
+
+div.rationale p.admonition-title {
+ color: darkgreen;
+}
+
+div.admonition-todo {
+ border-left: 6px solid #CC0;
+ background-color: #FFB;
+}
+
+div.admonition-todo p.admonition-title {
+ color: #660;
+}
+
+.scterm, .sc {
+ font-variant: small-caps;
+ text-transform: lowercase;
+}
+
+.license{
+ font-size: 80%;
+}
+
+.anchor {
+ color: #0091BD;
+}
+
+.issue {
+ color: red;
+}
+
+.term {
+ font-style: italic;
+}
+
+.secref {
+ font-style: italic;
+}
+
+.sectiontitle {
+ display: block;
+ margin-top: 30px;
+ font-weight: bold;
+ font-size: 180%;
+}
+
+p.titlecopyright {
+ font-size: 70%;
+ text-align: right;
+}
diff --git a/docs/1.1.0/html/_static/doctools.js b/docs/1.1.0/html/_static/doctools.js
new file mode 100644
index 0000000..0c15c00
--- /dev/null
+++ b/docs/1.1.0/html/_static/doctools.js
@@ -0,0 +1,311 @@
+/*
+ * doctools.js
+ * ~~~~~~~~~~~
+ *
+ * Sphinx JavaScript utilities for all documentation.
+ *
+ * :copyright: Copyright 2007-2018 by the Sphinx team, see AUTHORS.
+ * :license: BSD, see LICENSE for details.
+ *
+ */
+
+/**
+ * select a different prefix for underscore
+ */
+$u = _.noConflict();
+
+/**
+ * make the code below compatible with browsers without
+ * an installed firebug like debugger
+if (!window.console || !console.firebug) {
+ var names = ["log", "debug", "info", "warn", "error", "assert", "dir",
+ "dirxml", "group", "groupEnd", "time", "timeEnd", "count", "trace",
+ "profile", "profileEnd"];
+ window.console = {};
+ for (var i = 0; i < names.length; ++i)
+ window.console[names[i]] = function() {};
+}
+ */
+
+/**
+ * small helper function to urldecode strings
+ */
+jQuery.urldecode = function(x) {
+ return decodeURIComponent(x).replace(/\+/g, ' ');
+};
+
+/**
+ * small helper function to urlencode strings
+ */
+jQuery.urlencode = encodeURIComponent;
+
+/**
+ * This function returns the parsed url parameters of the
+ * current request. Multiple values per key are supported,
+ * it will always return arrays of strings for the value parts.
+ */
+jQuery.getQueryParameters = function(s) {
+ if (typeof s === 'undefined')
+ s = document.location.search;
+ var parts = s.substr(s.indexOf('?') + 1).split('&');
+ var result = {};
+ for (var i = 0; i < parts.length; i++) {
+ var tmp = parts[i].split('=', 2);
+ var key = jQuery.urldecode(tmp[0]);
+ var value = jQuery.urldecode(tmp[1]);
+ if (key in result)
+ result[key].push(value);
+ else
+ result[key] = [value];
+ }
+ return result;
+};
+
+/**
+ * highlight a given string on a jquery object by wrapping it in
+ * span elements with the given class name.
+ */
+jQuery.fn.highlightText = function(text, className) {
+ function highlight(node, addItems) {
+ if (node.nodeType === 3) {
+ var val = node.nodeValue;
+ var pos = val.toLowerCase().indexOf(text);
+ if (pos >= 0 && !jQuery(node.parentNode).hasClass(className)) {
+ var span;
+ var isInSVG = jQuery(node).closest("body, svg, foreignObject").is("svg");
+ if (isInSVG) {
+ span = document.createElementNS("http://www.w3.org/2000/svg", "tspan");
+ } else {
+ span = document.createElement("span");
+ span.className = className;
+ }
+ span.appendChild(document.createTextNode(val.substr(pos, text.length)));
+ node.parentNode.insertBefore(span, node.parentNode.insertBefore(
+ document.createTextNode(val.substr(pos + text.length)),
+ node.nextSibling));
+ node.nodeValue = val.substr(0, pos);
+ if (isInSVG) {
+ var bbox = span.getBBox();
+ var rect = document.createElementNS("http://www.w3.org/2000/svg", "rect");
+ rect.x.baseVal.value = bbox.x;
+ rect.y.baseVal.value = bbox.y;
+ rect.width.baseVal.value = bbox.width;
+ rect.height.baseVal.value = bbox.height;
+ rect.setAttribute('class', className);
+ var parentOfText = node.parentNode.parentNode;
+ addItems.push({
+ "parent": node.parentNode,
+ "target": rect});
+ }
+ }
+ }
+ else if (!jQuery(node).is("button, select, textarea")) {
+ jQuery.each(node.childNodes, function() {
+ highlight(this, addItems);
+ });
+ }
+ }
+ var addItems = [];
+ var result = this.each(function() {
+ highlight(this, addItems);
+ });
+ for (var i = 0; i < addItems.length; ++i) {
+ jQuery(addItems[i].parent).before(addItems[i].target);
+ }
+ return result;
+};
+
+/*
+ * backward compatibility for jQuery.browser
+ * This will be supported until firefox bug is fixed.
+ */
+if (!jQuery.browser) {
+ jQuery.uaMatch = function(ua) {
+ ua = ua.toLowerCase();
+
+ var match = /(chrome)[ \/]([\w.]+)/.exec(ua) ||
+ /(webkit)[ \/]([\w.]+)/.exec(ua) ||
+ /(opera)(?:.*version|)[ \/]([\w.]+)/.exec(ua) ||
+ /(msie) ([\w.]+)/.exec(ua) ||
+ ua.indexOf("compatible") < 0 && /(mozilla)(?:.*? rv:([\w.]+)|)/.exec(ua) ||
+ [];
+
+ return {
+ browser: match[ 1 ] || "",
+ version: match[ 2 ] || "0"
+ };
+ };
+ jQuery.browser = {};
+ jQuery.browser[jQuery.uaMatch(navigator.userAgent).browser] = true;
+}
+
+/**
+ * Small JavaScript module for the documentation.
+ */
+var Documentation = {
+
+ init : function() {
+ this.fixFirefoxAnchorBug();
+ this.highlightSearchWords();
+ this.initIndexTable();
+
+ },
+
+ /**
+ * i18n support
+ */
+ TRANSLATIONS : {},
+ PLURAL_EXPR : function(n) { return n === 1 ? 0 : 1; },
+ LOCALE : 'unknown',
+
+ // gettext and ngettext don't access this so that the functions
+ // can safely bound to a different name (_ = Documentation.gettext)
+ gettext : function(string) {
+ var translated = Documentation.TRANSLATIONS[string];
+ if (typeof translated === 'undefined')
+ return string;
+ return (typeof translated === 'string') ? translated : translated[0];
+ },
+
+ ngettext : function(singular, plural, n) {
+ var translated = Documentation.TRANSLATIONS[singular];
+ if (typeof translated === 'undefined')
+ return (n == 1) ? singular : plural;
+ return translated[Documentation.PLURALEXPR(n)];
+ },
+
+ addTranslations : function(catalog) {
+ for (var key in catalog.messages)
+ this.TRANSLATIONS[key] = catalog.messages[key];
+ this.PLURAL_EXPR = new Function('n', 'return +(' + catalog.plural_expr + ')');
+ this.LOCALE = catalog.locale;
+ },
+
+ /**
+ * add context elements like header anchor links
+ */
+ addContextElements : function() {
+ $('div[id] > :header:first').each(function() {
+ $('<a class="headerlink">\u00B6</a>').
+ attr('href', '#' + this.id).
+ attr('title', _('Permalink to this headline')).
+ appendTo(this);
+ });
+ $('dt[id]').each(function() {
+ $('<a class="headerlink">\u00B6</a>').
+ attr('href', '#' + this.id).
+ attr('title', _('Permalink to this definition')).
+ appendTo(this);
+ });
+ },
+
+ /**
+ * workaround a firefox stupidity
+ * see: https://bugzilla.mozilla.org/show_bug.cgi?id=645075
+ */
+ fixFirefoxAnchorBug : function() {
+ if (document.location.hash && $.browser.mozilla)
+ window.setTimeout(function() {
+ document.location.href += '';
+ }, 10);
+ },
+
+ /**
+ * highlight the search words provided in the url in the text
+ */
+ highlightSearchWords : function() {
+ var params = $.getQueryParameters();
+ var terms = (params.highlight) ? params.highlight[0].split(/\s+/) : [];
+ if (terms.length) {
+ var body = $('div.body');
+ if (!body.length) {
+ body = $('body');
+ }
+ window.setTimeout(function() {
+ $.each(terms, function() {
+ body.highlightText(this.toLowerCase(), 'highlighted');
+ });
+ }, 10);
+ $('<p class="highlight-link"><a href="javascript:Documentation.' +
+ 'hideSearchWords()">' + _('Hide Search Matches') + '</a></p>')
+ .appendTo($('#searchbox'));
+ }
+ },
+
+ /**
+ * init the domain index toggle buttons
+ */
+ initIndexTable : function() {
+ var togglers = $('img.toggler').click(function() {
+ var src = $(this).attr('src');
+ var idnum = $(this).attr('id').substr(7);
+ $('tr.cg-' + idnum).toggle();
+ if (src.substr(-9) === 'minus.png')
+ $(this).attr('src', src.substr(0, src.length-9) + 'plus.png');
+ else
+ $(this).attr('src', src.substr(0, src.length-8) + 'minus.png');
+ }).css('display', '');
+ if (DOCUMENTATION_OPTIONS.COLLAPSE_INDEX) {
+ togglers.click();
+ }
+ },
+
+ /**
+ * helper function to hide the search marks again
+ */
+ hideSearchWords : function() {
+ $('#searchbox .highlight-link').fadeOut(300);
+ $('span.highlighted').removeClass('highlighted');
+ },
+
+ /**
+ * make the url absolute
+ */
+ makeURL : function(relativeURL) {
+ return DOCUMENTATION_OPTIONS.URL_ROOT + '/' + relativeURL;
+ },
+
+ /**
+ * get the current relative url
+ */
+ getCurrentURL : function() {
+ var path = document.location.pathname;
+ var parts = path.split(/\//);
+ $.each(DOCUMENTATION_OPTIONS.URL_ROOT.split(/\//), function() {
+ if (this === '..')
+ parts.pop();
+ });
+ var url = parts.join('/');
+ return path.substring(url.lastIndexOf('/') + 1, path.length - 1);
+ },
+
+ initOnKeyListeners: function() {
+ $(document).keyup(function(event) {
+ var activeElementType = document.activeElement.tagName;
+ // don't navigate when in search box or textarea
+ if (activeElementType !== 'TEXTAREA' && activeElementType !== 'INPUT' && activeElementType !== 'SELECT') {
+ switch (event.keyCode) {
+ case 37: // left
+ var prevHref = $('link[rel="prev"]').prop('href');
+ if (prevHref) {
+ window.location.href = prevHref;
+ return false;
+ }
+ case 39: // right
+ var nextHref = $('link[rel="next"]').prop('href');
+ if (nextHref) {
+ window.location.href = nextHref;
+ return false;
+ }
+ }
+ }
+ });
+ }
+};
+
+// quick alias for translations
+_ = Documentation.gettext;
+
+$(document).ready(function() {
+ Documentation.init();
+});
\ No newline at end of file
diff --git a/docs/1.1.0/html/_static/down-pressed.png b/docs/1.1.0/html/_static/down-pressed.png
new file mode 100644
index 0000000..5756c8c
--- /dev/null
+++ b/docs/1.1.0/html/_static/down-pressed.png
Binary files differ
diff --git a/docs/1.1.0/html/_static/down.png b/docs/1.1.0/html/_static/down.png
new file mode 100644
index 0000000..1b3bdad
--- /dev/null
+++ b/docs/1.1.0/html/_static/down.png
Binary files differ
diff --git a/docs/1.1.0/html/_static/file.png b/docs/1.1.0/html/_static/file.png
new file mode 100644
index 0000000..a858a41
--- /dev/null
+++ b/docs/1.1.0/html/_static/file.png
Binary files differ
diff --git a/docs/1.1.0/html/_static/jquery.js b/docs/1.1.0/html/_static/jquery.js
new file mode 100644
index 0000000..ba171ca
--- /dev/null
+++ b/docs/1.1.0/html/_static/jquery.js
@@ -0,0 +1,10253 @@
+/*!
+ * jQuery JavaScript Library v3.2.1
+ * https://jquery.com/
+ *
+ * Includes Sizzle.js
+ * https://sizzlejs.com/
+ *
+ * Copyright JS Foundation and other contributors
+ * Released under the MIT license
+ * https://jquery.org/license
+ *
+ * Date: 2017-09-03T00:14Z
+ */
+( function( global, factory ) {
+
+ "use strict";
+
+ if ( typeof module === "object" && typeof module.exports === "object" ) {
+
+ // For CommonJS and CommonJS-like environments where a proper `window`
+ // is present, execute the factory and get jQuery.
+ // For environments that do not have a `window` with a `document`
+ // (such as Node.js), expose a factory as module.exports.
+ // This accentuates the need for the creation of a real `window`.
+ // e.g. var jQuery = require("jquery")(window);
+ // See ticket #14549 for more info.
+ module.exports = global.document ?
+ factory( global, true ) :
+ function( w ) {
+ if ( !w.document ) {
+ throw new Error( "jQuery requires a window with a document" );
+ }
+ return factory( w );
+ };
+ } else {
+ factory( global );
+ }
+
+// Pass this if window is not defined yet
+} )( typeof window !== "undefined" ? window : this, function( window, noGlobal ) {
+
+// Edge <= 12 - 13+, Firefox <=18 - 45+, IE 10 - 11, Safari 5.1 - 9+, iOS 6 - 9.1
+// throw exceptions when non-strict code (e.g., ASP.NET 4.5) accesses strict mode
+// arguments.callee.caller (trac-13335). But as of jQuery 3.0 (2016), strict mode should be common
+// enough that all such attempts are guarded in a try block.
+
+
+var arr = [];
+
+var document = window.document;
+
+var getProto = Object.getPrototypeOf;
+
+var slice = arr.slice;
+
+var concat = arr.concat;
+
+var push = arr.push;
+
+var indexOf = arr.indexOf;
+
+var class2type = {};
+
+var toString = class2type.toString;
+
+var hasOwn = class2type.hasOwnProperty;
+
+var fnToString = hasOwn.toString;
+
+var ObjectFunctionString = fnToString.call( Object );
+
+var support = {};
+
+
+
+ function DOMEval( code, doc ) {
+ doc = doc || document;
+
+ var script = doc.createElement( "script" );
+
+ script.text = code;
+ doc.head.appendChild( script ).parentNode.removeChild( script );
+ }
+/* global Symbol */
+// Defining this global in .eslintrc.json would create a danger of using the global
+// unguarded in another place, it seems safer to define global only for this module
+
+
+
+var
+ version = "3.2.1",
+
+ // Define a local copy of jQuery
+ jQuery = function( selector, context ) {
+
+ // The jQuery object is actually just the init constructor 'enhanced'
+ // Need init if jQuery is called (just allow error to be thrown if not included)
+ return new jQuery.fn.init( selector, context );
+ },
+
+ // Support: Android <=4.0 only
+ // Make sure we trim BOM and NBSP
+ rtrim = /^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,
+
+ // Matches dashed string for camelizing
+ rmsPrefix = /^-ms-/,
+ rdashAlpha = /-([a-z])/g,
+
+ // Used by jQuery.camelCase as callback to replace()
+ fcamelCase = function( all, letter ) {
+ return letter.toUpperCase();
+ };
+
+jQuery.fn = jQuery.prototype = {
+
+ // The current version of jQuery being used
+ jquery: version,
+
+ constructor: jQuery,
+
+ // The default length of a jQuery object is 0
+ length: 0,
+
+ toArray: function() {
+ return slice.call( this );
+ },
+
+ // Get the Nth element in the matched element set OR
+ // Get the whole matched element set as a clean array
+ get: function( num ) {
+
+ // Return all the elements in a clean array
+ if ( num == null ) {
+ return slice.call( this );
+ }
+
+ // Return just the one element from the set
+ return num < 0 ? this[ num + this.length ] : this[ num ];
+ },
+
+ // Take an array of elements and push it onto the stack
+ // (returning the new matched element set)
+ pushStack: function( elems ) {
+
+ // Build a new jQuery matched element set
+ var ret = jQuery.merge( this.constructor(), elems );
+
+ // Add the old object onto the stack (as a reference)
+ ret.prevObject = this;
+
+ // Return the newly-formed element set
+ return ret;
+ },
+
+ // Execute a callback for every element in the matched set.
+ each: function( callback ) {
+ return jQuery.each( this, callback );
+ },
+
+ map: function( callback ) {
+ return this.pushStack( jQuery.map( this, function( elem, i ) {
+ return callback.call( elem, i, elem );
+ } ) );
+ },
+
+ slice: function() {
+ return this.pushStack( slice.apply( this, arguments ) );
+ },
+
+ first: function() {
+ return this.eq( 0 );
+ },
+
+ last: function() {
+ return this.eq( -1 );
+ },
+
+ eq: function( i ) {
+ var len = this.length,
+ j = +i + ( i < 0 ? len : 0 );
+ return this.pushStack( j >= 0 && j < len ? [ this[ j ] ] : [] );
+ },
+
+ end: function() {
+ return this.prevObject || this.constructor();
+ },
+
+ // For internal use only.
+ // Behaves like an Array's method, not like a jQuery method.
+ push: push,
+ sort: arr.sort,
+ splice: arr.splice
+};
+
+jQuery.extend = jQuery.fn.extend = function() {
+ var options, name, src, copy, copyIsArray, clone,
+ target = arguments[ 0 ] || {},
+ i = 1,
+ length = arguments.length,
+ deep = false;
+
+ // Handle a deep copy situation
+ if ( typeof target === "boolean" ) {
+ deep = target;
+
+ // Skip the boolean and the target
+ target = arguments[ i ] || {};
+ i++;
+ }
+
+ // Handle case when target is a string or something (possible in deep copy)
+ if ( typeof target !== "object" && !jQuery.isFunction( target ) ) {
+ target = {};
+ }
+
+ // Extend jQuery itself if only one argument is passed
+ if ( i === length ) {
+ target = this;
+ i--;
+ }
+
+ for ( ; i < length; i++ ) {
+
+ // Only deal with non-null/undefined values
+ if ( ( options = arguments[ i ] ) != null ) {
+
+ // Extend the base object
+ for ( name in options ) {
+ src = target[ name ];
+ copy = options[ name ];
+
+ // Prevent never-ending loop
+ if ( target === copy ) {
+ continue;
+ }
+
+ // Recurse if we're merging plain objects or arrays
+ if ( deep && copy && ( jQuery.isPlainObject( copy ) ||
+ ( copyIsArray = Array.isArray( copy ) ) ) ) {
+
+ if ( copyIsArray ) {
+ copyIsArray = false;
+ clone = src && Array.isArray( src ) ? src : [];
+
+ } else {
+ clone = src && jQuery.isPlainObject( src ) ? src : {};
+ }
+
+ // Never move original objects, clone them
+ target[ name ] = jQuery.extend( deep, clone, copy );
+
+ // Don't bring in undefined values
+ } else if ( copy !== undefined ) {
+ target[ name ] = copy;
+ }
+ }
+ }
+ }
+
+ // Return the modified object
+ return target;
+};
+
+jQuery.extend( {
+
+ // Unique for each copy of jQuery on the page
+ expando: "jQuery" + ( version + Math.random() ).replace( /\D/g, "" ),
+
+ // Assume jQuery is ready without the ready module
+ isReady: true,
+
+ error: function( msg ) {
+ throw new Error( msg );
+ },
+
+ noop: function() {},
+
+ isFunction: function( obj ) {
+ return jQuery.type( obj ) === "function";
+ },
+
+ isWindow: function( obj ) {
+ return obj != null && obj === obj.window;
+ },
+
+ isNumeric: function( obj ) {
+
+ // As of jQuery 3.0, isNumeric is limited to
+ // strings and numbers (primitives or objects)
+ // that can be coerced to finite numbers (gh-2662)
+ var type = jQuery.type( obj );
+ return ( type === "number" || type === "string" ) &&
+
+ // parseFloat NaNs numeric-cast false positives ("")
+ // ...but misinterprets leading-number strings, particularly hex literals ("0x...")
+ // subtraction forces infinities to NaN
+ !isNaN( obj - parseFloat( obj ) );
+ },
+
+ isPlainObject: function( obj ) {
+ var proto, Ctor;
+
+ // Detect obvious negatives
+ // Use toString instead of jQuery.type to catch host objects
+ if ( !obj || toString.call( obj ) !== "[object Object]" ) {
+ return false;
+ }
+
+ proto = getProto( obj );
+
+ // Objects with no prototype (e.g., `Object.create( null )`) are plain
+ if ( !proto ) {
+ return true;
+ }
+
+ // Objects with prototype are plain iff they were constructed by a global Object function
+ Ctor = hasOwn.call( proto, "constructor" ) && proto.constructor;
+ return typeof Ctor === "function" && fnToString.call( Ctor ) === ObjectFunctionString;
+ },
+
+ isEmptyObject: function( obj ) {
+
+ /* eslint-disable no-unused-vars */
+ // See https://github.com/eslint/eslint/issues/6125
+ var name;
+
+ for ( name in obj ) {
+ return false;
+ }
+ return true;
+ },
+
+ type: function( obj ) {
+ if ( obj == null ) {
+ return obj + "";
+ }
+
+ // Support: Android <=2.3 only (functionish RegExp)
+ return typeof obj === "object" || typeof obj === "function" ?
+ class2type[ toString.call( obj ) ] || "object" :
+ typeof obj;
+ },
+
+ // Evaluates a script in a global context
+ globalEval: function( code ) {
+ DOMEval( code );
+ },
+
+ // Convert dashed to camelCase; used by the css and data modules
+ // Support: IE <=9 - 11, Edge 12 - 13
+ // Microsoft forgot to hump their vendor prefix (#9572)
+ camelCase: function( string ) {
+ return string.replace( rmsPrefix, "ms-" ).replace( rdashAlpha, fcamelCase );
+ },
+
+ each: function( obj, callback ) {
+ var length, i = 0;
+
+ if ( isArrayLike( obj ) ) {
+ length = obj.length;
+ for ( ; i < length; i++ ) {
+ if ( callback.call( obj[ i ], i, obj[ i ] ) === false ) {
+ break;
+ }
+ }
+ } else {
+ for ( i in obj ) {
+ if ( callback.call( obj[ i ], i, obj[ i ] ) === false ) {
+ break;
+ }
+ }
+ }
+
+ return obj;
+ },
+
+ // Support: Android <=4.0 only
+ trim: function( text ) {
+ return text == null ?
+ "" :
+ ( text + "" ).replace( rtrim, "" );
+ },
+
+ // results is for internal usage only
+ makeArray: function( arr, results ) {
+ var ret = results || [];
+
+ if ( arr != null ) {
+ if ( isArrayLike( Object( arr ) ) ) {
+ jQuery.merge( ret,
+ typeof arr === "string" ?
+ [ arr ] : arr
+ );
+ } else {
+ push.call( ret, arr );
+ }
+ }
+
+ return ret;
+ },
+
+ inArray: function( elem, arr, i ) {
+ return arr == null ? -1 : indexOf.call( arr, elem, i );
+ },
+
+ // Support: Android <=4.0 only, PhantomJS 1 only
+ // push.apply(_, arraylike) throws on ancient WebKit
+ merge: function( first, second ) {
+ var len = +second.length,
+ j = 0,
+ i = first.length;
+
+ for ( ; j < len; j++ ) {
+ first[ i++ ] = second[ j ];
+ }
+
+ first.length = i;
+
+ return first;
+ },
+
+ grep: function( elems, callback, invert ) {
+ var callbackInverse,
+ matches = [],
+ i = 0,
+ length = elems.length,
+ callbackExpect = !invert;
+
+ // Go through the array, only saving the items
+ // that pass the validator function
+ for ( ; i < length; i++ ) {
+ callbackInverse = !callback( elems[ i ], i );
+ if ( callbackInverse !== callbackExpect ) {
+ matches.push( elems[ i ] );
+ }
+ }
+
+ return matches;
+ },
+
+ // arg is for internal usage only
+ map: function( elems, callback, arg ) {
+ var length, value,
+ i = 0,
+ ret = [];
+
+ // Go through the array, translating each of the items to their new values
+ if ( isArrayLike( elems ) ) {
+ length = elems.length;
+ for ( ; i < length; i++ ) {
+ value = callback( elems[ i ], i, arg );
+
+ if ( value != null ) {
+ ret.push( value );
+ }
+ }
+
+ // Go through every key on the object,
+ } else {
+ for ( i in elems ) {
+ value = callback( elems[ i ], i, arg );
+
+ if ( value != null ) {
+ ret.push( value );
+ }
+ }
+ }
+
+ // Flatten any nested arrays
+ return concat.apply( [], ret );
+ },
+
+ // A global GUID counter for objects
+ guid: 1,
+
+ // Bind a function to a context, optionally partially applying any
+ // arguments.
+ proxy: function( fn, context ) {
+ var tmp, args, proxy;
+
+ if ( typeof context === "string" ) {
+ tmp = fn[ context ];
+ context = fn;
+ fn = tmp;
+ }
+
+ // Quick check to determine if target is callable, in the spec
+ // this throws a TypeError, but we will just return undefined.
+ if ( !jQuery.isFunction( fn ) ) {
+ return undefined;
+ }
+
+ // Simulated bind
+ args = slice.call( arguments, 2 );
+ proxy = function() {
+ return fn.apply( context || this, args.concat( slice.call( arguments ) ) );
+ };
+
+ // Set the guid of unique handler to the same of original handler, so it can be removed
+ proxy.guid = fn.guid = fn.guid || jQuery.guid++;
+
+ return proxy;
+ },
+
+ now: Date.now,
+
+ // jQuery.support is not used in Core but other projects attach their
+ // properties to it so it needs to exist.
+ support: support
+} );
+
+if ( typeof Symbol === "function" ) {
+ jQuery.fn[ Symbol.iterator ] = arr[ Symbol.iterator ];
+}
+
+// Populate the class2type map
+jQuery.each( "Boolean Number String Function Array Date RegExp Object Error Symbol".split( " " ),
+function( i, name ) {
+ class2type[ "[object " + name + "]" ] = name.toLowerCase();
+} );
+
+function isArrayLike( obj ) {
+
+ // Support: real iOS 8.2 only (not reproducible in simulator)
+ // `in` check used to prevent JIT error (gh-2145)
+ // hasOwn isn't used here due to false negatives
+ // regarding Nodelist length in IE
+ var length = !!obj && "length" in obj && obj.length,
+ type = jQuery.type( obj );
+
+ if ( type === "function" || jQuery.isWindow( obj ) ) {
+ return false;
+ }
+
+ return type === "array" || length === 0 ||
+ typeof length === "number" && length > 0 && ( length - 1 ) in obj;
+}
+var Sizzle =
+/*!
+ * Sizzle CSS Selector Engine v2.3.3
+ * https://sizzlejs.com/
+ *
+ * Copyright jQuery Foundation and other contributors
+ * Released under the MIT license
+ * http://jquery.org/license
+ *
+ * Date: 2016-08-08
+ */
+(function( window ) {
+
+var i,
+ support,
+ Expr,
+ getText,
+ isXML,
+ tokenize,
+ compile,
+ select,
+ outermostContext,
+ sortInput,
+ hasDuplicate,
+
+ // Local document vars
+ setDocument,
+ document,
+ docElem,
+ documentIsHTML,
+ rbuggyQSA,
+ rbuggyMatches,
+ matches,
+ contains,
+
+ // Instance-specific data
+ expando = "sizzle" + 1 * new Date(),
+ preferredDoc = window.document,
+ dirruns = 0,
+ done = 0,
+ classCache = createCache(),
+ tokenCache = createCache(),
+ compilerCache = createCache(),
+ sortOrder = function( a, b ) {
+ if ( a === b ) {
+ hasDuplicate = true;
+ }
+ return 0;
+ },
+
+ // Instance methods
+ hasOwn = ({}).hasOwnProperty,
+ arr = [],
+ pop = arr.pop,
+ push_native = arr.push,
+ push = arr.push,
+ slice = arr.slice,
+ // Use a stripped-down indexOf as it's faster than native
+ // https://jsperf.com/thor-indexof-vs-for/5
+ indexOf = function( list, elem ) {
+ var i = 0,
+ len = list.length;
+ for ( ; i < len; i++ ) {
+ if ( list[i] === elem ) {
+ return i;
+ }
+ }
+ return -1;
+ },
+
+ booleans = "checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",
+
+ // Regular expressions
+
+ // http://www.w3.org/TR/css3-selectors/#whitespace
+ whitespace = "[\\x20\\t\\r\\n\\f]",
+
+ // http://www.w3.org/TR/CSS21/syndata.html#value-def-identifier
+ identifier = "(?:\\\\.|[\\w-]|[^\0-\\xa0])+",
+
+ // Attribute selectors: http://www.w3.org/TR/selectors/#attribute-selectors
+ attributes = "\\[" + whitespace + "*(" + identifier + ")(?:" + whitespace +
+ // Operator (capture 2)
+ "*([*^$|!~]?=)" + whitespace +
+ // "Attribute values must be CSS identifiers [capture 5] or strings [capture 3 or capture 4]"
+ "*(?:'((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\"|(" + identifier + "))|)" + whitespace +
+ "*\\]",
+
+ pseudos = ":(" + identifier + ")(?:\\((" +
+ // To reduce the number of selectors needing tokenize in the preFilter, prefer arguments:
+ // 1. quoted (capture 3; capture 4 or capture 5)
+ "('((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\")|" +
+ // 2. simple (capture 6)
+ "((?:\\\\.|[^\\\\()[\\]]|" + attributes + ")*)|" +
+ // 3. anything else (capture 2)
+ ".*" +
+ ")\\)|)",
+
+ // Leading and non-escaped trailing whitespace, capturing some non-whitespace characters preceding the latter
+ rwhitespace = new RegExp( whitespace + "+", "g" ),
+ rtrim = new RegExp( "^" + whitespace + "+|((?:^|[^\\\\])(?:\\\\.)*)" + whitespace + "+$", "g" ),
+
+ rcomma = new RegExp( "^" + whitespace + "*," + whitespace + "*" ),
+ rcombinators = new RegExp( "^" + whitespace + "*([>+~]|" + whitespace + ")" + whitespace + "*" ),
+
+ rattributeQuotes = new RegExp( "=" + whitespace + "*([^\\]'\"]*?)" + whitespace + "*\\]", "g" ),
+
+ rpseudo = new RegExp( pseudos ),
+ ridentifier = new RegExp( "^" + identifier + "$" ),
+
+ matchExpr = {
+ "ID": new RegExp( "^#(" + identifier + ")" ),
+ "CLASS": new RegExp( "^\\.(" + identifier + ")" ),
+ "TAG": new RegExp( "^(" + identifier + "|[*])" ),
+ "ATTR": new RegExp( "^" + attributes ),
+ "PSEUDO": new RegExp( "^" + pseudos ),
+ "CHILD": new RegExp( "^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\(" + whitespace +
+ "*(even|odd|(([+-]|)(\\d*)n|)" + whitespace + "*(?:([+-]|)" + whitespace +
+ "*(\\d+)|))" + whitespace + "*\\)|)", "i" ),
+ "bool": new RegExp( "^(?:" + booleans + ")$", "i" ),
+ // For use in libraries implementing .is()
+ // We use this for POS matching in `select`
+ "needsContext": new RegExp( "^" + whitespace + "*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\(" +
+ whitespace + "*((?:-\\d)?\\d*)" + whitespace + "*\\)|)(?=[^-]|$)", "i" )
+ },
+
+ rinputs = /^(?:input|select|textarea|button)$/i,
+ rheader = /^h\d$/i,
+
+ rnative = /^[^{]+\{\s*\[native \w/,
+
+ // Easily-parseable/retrievable ID or TAG or CLASS selectors
+ rquickExpr = /^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,
+
+ rsibling = /[+~]/,
+
+ // CSS escapes
+ // http://www.w3.org/TR/CSS21/syndata.html#escaped-characters
+ runescape = new RegExp( "\\\\([\\da-f]{1,6}" + whitespace + "?|(" + whitespace + ")|.)", "ig" ),
+ funescape = function( _, escaped, escapedWhitespace ) {
+ var high = "0x" + escaped - 0x10000;
+ // NaN means non-codepoint
+ // Support: Firefox<24
+ // Workaround erroneous numeric interpretation of +"0x"
+ return high !== high || escapedWhitespace ?
+ escaped :
+ high < 0 ?
+ // BMP codepoint
+ String.fromCharCode( high + 0x10000 ) :
+ // Supplemental Plane codepoint (surrogate pair)
+ String.fromCharCode( high >> 10 | 0xD800, high & 0x3FF | 0xDC00 );
+ },
+
+ // CSS string/identifier serialization
+ // https://drafts.csswg.org/cssom/#common-serializing-idioms
+ rcssescape = /([\0-\x1f\x7f]|^-?\d)|^-$|[^\0-\x1f\x7f-\uFFFF\w-]/g,
+ fcssescape = function( ch, asCodePoint ) {
+ if ( asCodePoint ) {
+
+ // U+0000 NULL becomes U+FFFD REPLACEMENT CHARACTER
+ if ( ch === "\0" ) {
+ return "\uFFFD";
+ }
+
+ // Control characters and (dependent upon position) numbers get escaped as code points
+ return ch.slice( 0, -1 ) + "\\" + ch.charCodeAt( ch.length - 1 ).toString( 16 ) + " ";
+ }
+
+ // Other potentially-special ASCII characters get backslash-escaped
+ return "\\" + ch;
+ },
+
+ // Used for iframes
+ // See setDocument()
+ // Removing the function wrapper causes a "Permission Denied"
+ // error in IE
+ unloadHandler = function() {
+ setDocument();
+ },
+
+ disabledAncestor = addCombinator(
+ function( elem ) {
+ return elem.disabled === true && ("form" in elem || "label" in elem);
+ },
+ { dir: "parentNode", next: "legend" }
+ );
+
+// Optimize for push.apply( _, NodeList )
+try {
+ push.apply(
+ (arr = slice.call( preferredDoc.childNodes )),
+ preferredDoc.childNodes
+ );
+ // Support: Android<4.0
+ // Detect silently failing push.apply
+ arr[ preferredDoc.childNodes.length ].nodeType;
+} catch ( e ) {
+ push = { apply: arr.length ?
+
+ // Leverage slice if possible
+ function( target, els ) {
+ push_native.apply( target, slice.call(els) );
+ } :
+
+ // Support: IE<9
+ // Otherwise append directly
+ function( target, els ) {
+ var j = target.length,
+ i = 0;
+ // Can't trust NodeList.length
+ while ( (target[j++] = els[i++]) ) {}
+ target.length = j - 1;
+ }
+ };
+}
+
+function Sizzle( selector, context, results, seed ) {
+ var m, i, elem, nid, match, groups, newSelector,
+ newContext = context && context.ownerDocument,
+
+ // nodeType defaults to 9, since context defaults to document
+ nodeType = context ? context.nodeType : 9;
+
+ results = results || [];
+
+ // Return early from calls with invalid selector or context
+ if ( typeof selector !== "string" || !selector ||
+ nodeType !== 1 && nodeType !== 9 && nodeType !== 11 ) {
+
+ return results;
+ }
+
+ // Try to shortcut find operations (as opposed to filters) in HTML documents
+ if ( !seed ) {
+
+ if ( ( context ? context.ownerDocument || context : preferredDoc ) !== document ) {
+ setDocument( context );
+ }
+ context = context || document;
+
+ if ( documentIsHTML ) {
+
+ // If the selector is sufficiently simple, try using a "get*By*" DOM method
+ // (excepting DocumentFragment context, where the methods don't exist)
+ if ( nodeType !== 11 && (match = rquickExpr.exec( selector )) ) {
+
+ // ID selector
+ if ( (m = match[1]) ) {
+
+ // Document context
+ if ( nodeType === 9 ) {
+ if ( (elem = context.getElementById( m )) ) {
+
+ // Support: IE, Opera, Webkit
+ // TODO: identify versions
+ // getElementById can match elements by name instead of ID
+ if ( elem.id === m ) {
+ results.push( elem );
+ return results;
+ }
+ } else {
+ return results;
+ }
+
+ // Element context
+ } else {
+
+ // Support: IE, Opera, Webkit
+ // TODO: identify versions
+ // getElementById can match elements by name instead of ID
+ if ( newContext && (elem = newContext.getElementById( m )) &&
+ contains( context, elem ) &&
+ elem.id === m ) {
+
+ results.push( elem );
+ return results;
+ }
+ }
+
+ // Type selector
+ } else if ( match[2] ) {
+ push.apply( results, context.getElementsByTagName( selector ) );
+ return results;
+
+ // Class selector
+ } else if ( (m = match[3]) && support.getElementsByClassName &&
+ context.getElementsByClassName ) {
+
+ push.apply( results, context.getElementsByClassName( m ) );
+ return results;
+ }
+ }
+
+ // Take advantage of querySelectorAll
+ if ( support.qsa &&
+ !compilerCache[ selector + " " ] &&
+ (!rbuggyQSA || !rbuggyQSA.test( selector )) ) {
+
+ if ( nodeType !== 1 ) {
+ newContext = context;
+ newSelector = selector;
+
+ // qSA looks outside Element context, which is not what we want
+ // Thanks to Andrew Dupont for this workaround technique
+ // Support: IE <=8
+ // Exclude object elements
+ } else if ( context.nodeName.toLowerCase() !== "object" ) {
+
+ // Capture the context ID, setting it first if necessary
+ if ( (nid = context.getAttribute( "id" )) ) {
+ nid = nid.replace( rcssescape, fcssescape );
+ } else {
+ context.setAttribute( "id", (nid = expando) );
+ }
+
+ // Prefix every selector in the list
+ groups = tokenize( selector );
+ i = groups.length;
+ while ( i-- ) {
+ groups[i] = "#" + nid + " " + toSelector( groups[i] );
+ }
+ newSelector = groups.join( "," );
+
+ // Expand context for sibling selectors
+ newContext = rsibling.test( selector ) && testContext( context.parentNode ) ||
+ context;
+ }
+
+ if ( newSelector ) {
+ try {
+ push.apply( results,
+ newContext.querySelectorAll( newSelector )
+ );
+ return results;
+ } catch ( qsaError ) {
+ } finally {
+ if ( nid === expando ) {
+ context.removeAttribute( "id" );
+ }
+ }
+ }
+ }
+ }
+ }
+
+ // All others
+ return select( selector.replace( rtrim, "$1" ), context, results, seed );
+}
+
+/**
+ * Create key-value caches of limited size
+ * @returns {function(string, object)} Returns the Object data after storing it on itself with
+ * property name the (space-suffixed) string and (if the cache is larger than Expr.cacheLength)
+ * deleting the oldest entry
+ */
+function createCache() {
+ var keys = [];
+
+ function cache( key, value ) {
+ // Use (key + " ") to avoid collision with native prototype properties (see Issue #157)
+ if ( keys.push( key + " " ) > Expr.cacheLength ) {
+ // Only keep the most recent entries
+ delete cache[ keys.shift() ];
+ }
+ return (cache[ key + " " ] = value);
+ }
+ return cache;
+}
+
+/**
+ * Mark a function for special use by Sizzle
+ * @param {Function} fn The function to mark
+ */
+function markFunction( fn ) {
+ fn[ expando ] = true;
+ return fn;
+}
+
+/**
+ * Support testing using an element
+ * @param {Function} fn Passed the created element and returns a boolean result
+ */
+function assert( fn ) {
+ var el = document.createElement("fieldset");
+
+ try {
+ return !!fn( el );
+ } catch (e) {
+ return false;
+ } finally {
+ // Remove from its parent by default
+ if ( el.parentNode ) {
+ el.parentNode.removeChild( el );
+ }
+ // release memory in IE
+ el = null;
+ }
+}
+
+/**
+ * Adds the same handler for all of the specified attrs
+ * @param {String} attrs Pipe-separated list of attributes
+ * @param {Function} handler The method that will be applied
+ */
+function addHandle( attrs, handler ) {
+ var arr = attrs.split("|"),
+ i = arr.length;
+
+ while ( i-- ) {
+ Expr.attrHandle[ arr[i] ] = handler;
+ }
+}
+
+/**
+ * Checks document order of two siblings
+ * @param {Element} a
+ * @param {Element} b
+ * @returns {Number} Returns less than 0 if a precedes b, greater than 0 if a follows b
+ */
+function siblingCheck( a, b ) {
+ var cur = b && a,
+ diff = cur && a.nodeType === 1 && b.nodeType === 1 &&
+ a.sourceIndex - b.sourceIndex;
+
+ // Use IE sourceIndex if available on both nodes
+ if ( diff ) {
+ return diff;
+ }
+
+ // Check if b follows a
+ if ( cur ) {
+ while ( (cur = cur.nextSibling) ) {
+ if ( cur === b ) {
+ return -1;
+ }
+ }
+ }
+
+ return a ? 1 : -1;
+}
+
+/**
+ * Returns a function to use in pseudos for input types
+ * @param {String} type
+ */
+function createInputPseudo( type ) {
+ return function( elem ) {
+ var name = elem.nodeName.toLowerCase();
+ return name === "input" && elem.type === type;
+ };
+}
+
+/**
+ * Returns a function to use in pseudos for buttons
+ * @param {String} type
+ */
+function createButtonPseudo( type ) {
+ return function( elem ) {
+ var name = elem.nodeName.toLowerCase();
+ return (name === "input" || name === "button") && elem.type === type;
+ };
+}
+
+/**
+ * Returns a function to use in pseudos for :enabled/:disabled
+ * @param {Boolean} disabled true for :disabled; false for :enabled
+ */
+function createDisabledPseudo( disabled ) {
+
+ // Known :disabled false positives: fieldset[disabled] > legend:nth-of-type(n+2) :can-disable
+ return function( elem ) {
+
+ // Only certain elements can match :enabled or :disabled
+ // https://html.spec.whatwg.org/multipage/scripting.html#selector-enabled
+ // https://html.spec.whatwg.org/multipage/scripting.html#selector-disabled
+ if ( "form" in elem ) {
+
+ // Check for inherited disabledness on relevant non-disabled elements:
+ // * listed form-associated elements in a disabled fieldset
+ // https://html.spec.whatwg.org/multipage/forms.html#category-listed
+ // https://html.spec.whatwg.org/multipage/forms.html#concept-fe-disabled
+ // * option elements in a disabled optgroup
+ // https://html.spec.whatwg.org/multipage/forms.html#concept-option-disabled
+ // All such elements have a "form" property.
+ if ( elem.parentNode && elem.disabled === false ) {
+
+ // Option elements defer to a parent optgroup if present
+ if ( "label" in elem ) {
+ if ( "label" in elem.parentNode ) {
+ return elem.parentNode.disabled === disabled;
+ } else {
+ return elem.disabled === disabled;
+ }
+ }
+
+ // Support: IE 6 - 11
+ // Use the isDisabled shortcut property to check for disabled fieldset ancestors
+ return elem.isDisabled === disabled ||
+
+ // Where there is no isDisabled, check manually
+ /* jshint -W018 */
+ elem.isDisabled !== !disabled &&
+ disabledAncestor( elem ) === disabled;
+ }
+
+ return elem.disabled === disabled;
+
+ // Try to winnow out elements that can't be disabled before trusting the disabled property.
+ // Some victims get caught in our net (label, legend, menu, track), but it shouldn't
+ // even exist on them, let alone have a boolean value.
+ } else if ( "label" in elem ) {
+ return elem.disabled === disabled;
+ }
+
+ // Remaining elements are neither :enabled nor :disabled
+ return false;
+ };
+}
+
+/**
+ * Returns a function to use in pseudos for positionals
+ * @param {Function} fn
+ */
+function createPositionalPseudo( fn ) {
+ return markFunction(function( argument ) {
+ argument = +argument;
+ return markFunction(function( seed, matches ) {
+ var j,
+ matchIndexes = fn( [], seed.length, argument ),
+ i = matchIndexes.length;
+
+ // Match elements found at the specified indexes
+ while ( i-- ) {
+ if ( seed[ (j = matchIndexes[i]) ] ) {
+ seed[j] = !(matches[j] = seed[j]);
+ }
+ }
+ });
+ });
+}
+
+/**
+ * Checks a node for validity as a Sizzle context
+ * @param {Element|Object=} context
+ * @returns {Element|Object|Boolean} The input node if acceptable, otherwise a falsy value
+ */
+function testContext( context ) {
+ return context && typeof context.getElementsByTagName !== "undefined" && context;
+}
+
+// Expose support vars for convenience
+support = Sizzle.support = {};
+
+/**
+ * Detects XML nodes
+ * @param {Element|Object} elem An element or a document
+ * @returns {Boolean} True iff elem is a non-HTML XML node
+ */
+isXML = Sizzle.isXML = function( elem ) {
+ // documentElement is verified for cases where it doesn't yet exist
+ // (such as loading iframes in IE - #4833)
+ var documentElement = elem && (elem.ownerDocument || elem).documentElement;
+ return documentElement ? documentElement.nodeName !== "HTML" : false;
+};
+
+/**
+ * Sets document-related variables once based on the current document
+ * @param {Element|Object} [doc] An element or document object to use to set the document
+ * @returns {Object} Returns the current document
+ */
+setDocument = Sizzle.setDocument = function( node ) {
+ var hasCompare, subWindow,
+ doc = node ? node.ownerDocument || node : preferredDoc;
+
+ // Return early if doc is invalid or already selected
+ if ( doc === document || doc.nodeType !== 9 || !doc.documentElement ) {
+ return document;
+ }
+
+ // Update global variables
+ document = doc;
+ docElem = document.documentElement;
+ documentIsHTML = !isXML( document );
+
+ // Support: IE 9-11, Edge
+ // Accessing iframe documents after unload throws "permission denied" errors (jQuery #13936)
+ if ( preferredDoc !== document &&
+ (subWindow = document.defaultView) && subWindow.top !== subWindow ) {
+
+ // Support: IE 11, Edge
+ if ( subWindow.addEventListener ) {
+ subWindow.addEventListener( "unload", unloadHandler, false );
+
+ // Support: IE 9 - 10 only
+ } else if ( subWindow.attachEvent ) {
+ subWindow.attachEvent( "onunload", unloadHandler );
+ }
+ }
+
+ /* Attributes
+ ---------------------------------------------------------------------- */
+
+ // Support: IE<8
+ // Verify that getAttribute really returns attributes and not properties
+ // (excepting IE8 booleans)
+ support.attributes = assert(function( el ) {
+ el.className = "i";
+ return !el.getAttribute("className");
+ });
+
+ /* getElement(s)By*
+ ---------------------------------------------------------------------- */
+
+ // Check if getElementsByTagName("*") returns only elements
+ support.getElementsByTagName = assert(function( el ) {
+ el.appendChild( document.createComment("") );
+ return !el.getElementsByTagName("*").length;
+ });
+
+ // Support: IE<9
+ support.getElementsByClassName = rnative.test( document.getElementsByClassName );
+
+ // Support: IE<10
+ // Check if getElementById returns elements by name
+ // The broken getElementById methods don't pick up programmatically-set names,
+ // so use a roundabout getElementsByName test
+ support.getById = assert(function( el ) {
+ docElem.appendChild( el ).id = expando;
+ return !document.getElementsByName || !document.getElementsByName( expando ).length;
+ });
+
+ // ID filter and find
+ if ( support.getById ) {
+ Expr.filter["ID"] = function( id ) {
+ var attrId = id.replace( runescape, funescape );
+ return function( elem ) {
+ return elem.getAttribute("id") === attrId;
+ };
+ };
+ Expr.find["ID"] = function( id, context ) {
+ if ( typeof context.getElementById !== "undefined" && documentIsHTML ) {
+ var elem = context.getElementById( id );
+ return elem ? [ elem ] : [];
+ }
+ };
+ } else {
+ Expr.filter["ID"] = function( id ) {
+ var attrId = id.replace( runescape, funescape );
+ return function( elem ) {
+ var node = typeof elem.getAttributeNode !== "undefined" &&
+ elem.getAttributeNode("id");
+ return node && node.value === attrId;
+ };
+ };
+
+ // Support: IE 6 - 7 only
+ // getElementById is not reliable as a find shortcut
+ Expr.find["ID"] = function( id, context ) {
+ if ( typeof context.getElementById !== "undefined" && documentIsHTML ) {
+ var node, i, elems,
+ elem = context.getElementById( id );
+
+ if ( elem ) {
+
+ // Verify the id attribute
+ node = elem.getAttributeNode("id");
+ if ( node && node.value === id ) {
+ return [ elem ];
+ }
+
+ // Fall back on getElementsByName
+ elems = context.getElementsByName( id );
+ i = 0;
+ while ( (elem = elems[i++]) ) {
+ node = elem.getAttributeNode("id");
+ if ( node && node.value === id ) {
+ return [ elem ];
+ }
+ }
+ }
+
+ return [];
+ }
+ };
+ }
+
+ // Tag
+ Expr.find["TAG"] = support.getElementsByTagName ?
+ function( tag, context ) {
+ if ( typeof context.getElementsByTagName !== "undefined" ) {
+ return context.getElementsByTagName( tag );
+
+ // DocumentFragment nodes don't have gEBTN
+ } else if ( support.qsa ) {
+ return context.querySelectorAll( tag );
+ }
+ } :
+
+ function( tag, context ) {
+ var elem,
+ tmp = [],
+ i = 0,
+ // By happy coincidence, a (broken) gEBTN appears on DocumentFragment nodes too
+ results = context.getElementsByTagName( tag );
+
+ // Filter out possible comments
+ if ( tag === "*" ) {
+ while ( (elem = results[i++]) ) {
+ if ( elem.nodeType === 1 ) {
+ tmp.push( elem );
+ }
+ }
+
+ return tmp;
+ }
+ return results;
+ };
+
+ // Class
+ Expr.find["CLASS"] = support.getElementsByClassName && function( className, context ) {
+ if ( typeof context.getElementsByClassName !== "undefined" && documentIsHTML ) {
+ return context.getElementsByClassName( className );
+ }
+ };
+
+ /* QSA/matchesSelector
+ ---------------------------------------------------------------------- */
+
+ // QSA and matchesSelector support
+
+ // matchesSelector(:active) reports false when true (IE9/Opera 11.5)
+ rbuggyMatches = [];
+
+ // qSa(:focus) reports false when true (Chrome 21)
+ // We allow this because of a bug in IE8/9 that throws an error
+ // whenever `document.activeElement` is accessed on an iframe
+ // So, we allow :focus to pass through QSA all the time to avoid the IE error
+ // See https://bugs.jquery.com/ticket/13378
+ rbuggyQSA = [];
+
+ if ( (support.qsa = rnative.test( document.querySelectorAll )) ) {
+ // Build QSA regex
+ // Regex strategy adopted from Diego Perini
+ assert(function( el ) {
+ // Select is set to empty string on purpose
+ // This is to test IE's treatment of not explicitly
+ // setting a boolean content attribute,
+ // since its presence should be enough
+ // https://bugs.jquery.com/ticket/12359
+ docElem.appendChild( el ).innerHTML = "<a id='" + expando + "'></a>" +
+ "<select id='" + expando + "-\r\\' msallowcapture=''>" +
+ "<option selected=''></option></select>";
+
+ // Support: IE8, Opera 11-12.16
+ // Nothing should be selected when empty strings follow ^= or $= or *=
+ // The test attribute must be unknown in Opera but "safe" for WinRT
+ // https://msdn.microsoft.com/en-us/library/ie/hh465388.aspx#attribute_section
+ if ( el.querySelectorAll("[msallowcapture^='']").length ) {
+ rbuggyQSA.push( "[*^$]=" + whitespace + "*(?:''|\"\")" );
+ }
+
+ // Support: IE8
+ // Boolean attributes and "value" are not treated correctly
+ if ( !el.querySelectorAll("[selected]").length ) {
+ rbuggyQSA.push( "\\[" + whitespace + "*(?:value|" + booleans + ")" );
+ }
+
+ // Support: Chrome<29, Android<4.4, Safari<7.0+, iOS<7.0+, PhantomJS<1.9.8+
+ if ( !el.querySelectorAll( "[id~=" + expando + "-]" ).length ) {
+ rbuggyQSA.push("~=");
+ }
+
+ // Webkit/Opera - :checked should return selected option elements
+ // http://www.w3.org/TR/2011/REC-css3-selectors-20110929/#checked
+ // IE8 throws error here and will not see later tests
+ if ( !el.querySelectorAll(":checked").length ) {
+ rbuggyQSA.push(":checked");
+ }
+
+ // Support: Safari 8+, iOS 8+
+ // https://bugs.webkit.org/show_bug.cgi?id=136851
+ // In-page `selector#id sibling-combinator selector` fails
+ if ( !el.querySelectorAll( "a#" + expando + "+*" ).length ) {
+ rbuggyQSA.push(".#.+[+~]");
+ }
+ });
+
+ assert(function( el ) {
+ el.innerHTML = "<a href='' disabled='disabled'></a>" +
+ "<select disabled='disabled'><option/></select>";
+
+ // Support: Windows 8 Native Apps
+ // The type and name attributes are restricted during .innerHTML assignment
+ var input = document.createElement("input");
+ input.setAttribute( "type", "hidden" );
+ el.appendChild( input ).setAttribute( "name", "D" );
+
+ // Support: IE8
+ // Enforce case-sensitivity of name attribute
+ if ( el.querySelectorAll("[name=d]").length ) {
+ rbuggyQSA.push( "name" + whitespace + "*[*^$|!~]?=" );
+ }
+
+ // FF 3.5 - :enabled/:disabled and hidden elements (hidden elements are still enabled)
+ // IE8 throws error here and will not see later tests
+ if ( el.querySelectorAll(":enabled").length !== 2 ) {
+ rbuggyQSA.push( ":enabled", ":disabled" );
+ }
+
+ // Support: IE9-11+
+ // IE's :disabled selector does not pick up the children of disabled fieldsets
+ docElem.appendChild( el ).disabled = true;
+ if ( el.querySelectorAll(":disabled").length !== 2 ) {
+ rbuggyQSA.push( ":enabled", ":disabled" );
+ }
+
+ // Opera 10-11 does not throw on post-comma invalid pseudos
+ el.querySelectorAll("*,:x");
+ rbuggyQSA.push(",.*:");
+ });
+ }
+
+ if ( (support.matchesSelector = rnative.test( (matches = docElem.matches ||
+ docElem.webkitMatchesSelector ||
+ docElem.mozMatchesSelector ||
+ docElem.oMatchesSelector ||
+ docElem.msMatchesSelector) )) ) {
+
+ assert(function( el ) {
+ // Check to see if it's possible to do matchesSelector
+ // on a disconnected node (IE 9)
+ support.disconnectedMatch = matches.call( el, "*" );
+
+ // This should fail with an exception
+ // Gecko does not error, returns false instead
+ matches.call( el, "[s!='']:x" );
+ rbuggyMatches.push( "!=", pseudos );
+ });
+ }
+
+ rbuggyQSA = rbuggyQSA.length && new RegExp( rbuggyQSA.join("|") );
+ rbuggyMatches = rbuggyMatches.length && new RegExp( rbuggyMatches.join("|") );
+
+ /* Contains
+ ---------------------------------------------------------------------- */
+ hasCompare = rnative.test( docElem.compareDocumentPosition );
+
+ // Element contains another
+ // Purposefully self-exclusive
+ // As in, an element does not contain itself
+ contains = hasCompare || rnative.test( docElem.contains ) ?
+ function( a, b ) {
+ var adown = a.nodeType === 9 ? a.documentElement : a,
+ bup = b && b.parentNode;
+ return a === bup || !!( bup && bup.nodeType === 1 && (
+ adown.contains ?
+ adown.contains( bup ) :
+ a.compareDocumentPosition && a.compareDocumentPosition( bup ) & 16
+ ));
+ } :
+ function( a, b ) {
+ if ( b ) {
+ while ( (b = b.parentNode) ) {
+ if ( b === a ) {
+ return true;
+ }
+ }
+ }
+ return false;
+ };
+
+ /* Sorting
+ ---------------------------------------------------------------------- */
+
+ // Document order sorting
+ sortOrder = hasCompare ?
+ function( a, b ) {
+
+ // Flag for duplicate removal
+ if ( a === b ) {
+ hasDuplicate = true;
+ return 0;
+ }
+
+ // Sort on method existence if only one input has compareDocumentPosition
+ var compare = !a.compareDocumentPosition - !b.compareDocumentPosition;
+ if ( compare ) {
+ return compare;
+ }
+
+ // Calculate position if both inputs belong to the same document
+ compare = ( a.ownerDocument || a ) === ( b.ownerDocument || b ) ?
+ a.compareDocumentPosition( b ) :
+
+ // Otherwise we know they are disconnected
+ 1;
+
+ // Disconnected nodes
+ if ( compare & 1 ||
+ (!support.sortDetached && b.compareDocumentPosition( a ) === compare) ) {
+
+ // Choose the first element that is related to our preferred document
+ if ( a === document || a.ownerDocument === preferredDoc && contains(preferredDoc, a) ) {
+ return -1;
+ }
+ if ( b === document || b.ownerDocument === preferredDoc && contains(preferredDoc, b) ) {
+ return 1;
+ }
+
+ // Maintain original order
+ return sortInput ?
+ ( indexOf( sortInput, a ) - indexOf( sortInput, b ) ) :
+ 0;
+ }
+
+ return compare & 4 ? -1 : 1;
+ } :
+ function( a, b ) {
+ // Exit early if the nodes are identical
+ if ( a === b ) {
+ hasDuplicate = true;
+ return 0;
+ }
+
+ var cur,
+ i = 0,
+ aup = a.parentNode,
+ bup = b.parentNode,
+ ap = [ a ],
+ bp = [ b ];
+
+ // Parentless nodes are either documents or disconnected
+ if ( !aup || !bup ) {
+ return a === document ? -1 :
+ b === document ? 1 :
+ aup ? -1 :
+ bup ? 1 :
+ sortInput ?
+ ( indexOf( sortInput, a ) - indexOf( sortInput, b ) ) :
+ 0;
+
+ // If the nodes are siblings, we can do a quick check
+ } else if ( aup === bup ) {
+ return siblingCheck( a, b );
+ }
+
+ // Otherwise we need full lists of their ancestors for comparison
+ cur = a;
+ while ( (cur = cur.parentNode) ) {
+ ap.unshift( cur );
+ }
+ cur = b;
+ while ( (cur = cur.parentNode) ) {
+ bp.unshift( cur );
+ }
+
+ // Walk down the tree looking for a discrepancy
+ while ( ap[i] === bp[i] ) {
+ i++;
+ }
+
+ return i ?
+ // Do a sibling check if the nodes have a common ancestor
+ siblingCheck( ap[i], bp[i] ) :
+
+ // Otherwise nodes in our document sort first
+ ap[i] === preferredDoc ? -1 :
+ bp[i] === preferredDoc ? 1 :
+ 0;
+ };
+
+ return document;
+};
+
+Sizzle.matches = function( expr, elements ) {
+ return Sizzle( expr, null, null, elements );
+};
+
+Sizzle.matchesSelector = function( elem, expr ) {
+ // Set document vars if needed
+ if ( ( elem.ownerDocument || elem ) !== document ) {
+ setDocument( elem );
+ }
+
+ // Make sure that attribute selectors are quoted
+ expr = expr.replace( rattributeQuotes, "='$1']" );
+
+ if ( support.matchesSelector && documentIsHTML &&
+ !compilerCache[ expr + " " ] &&
+ ( !rbuggyMatches || !rbuggyMatches.test( expr ) ) &&
+ ( !rbuggyQSA || !rbuggyQSA.test( expr ) ) ) {
+
+ try {
+ var ret = matches.call( elem, expr );
+
+ // IE 9's matchesSelector returns false on disconnected nodes
+ if ( ret || support.disconnectedMatch ||
+ // As well, disconnected nodes are said to be in a document
+ // fragment in IE 9
+ elem.document && elem.document.nodeType !== 11 ) {
+ return ret;
+ }
+ } catch (e) {}
+ }
+
+ return Sizzle( expr, document, null, [ elem ] ).length > 0;
+};
+
+Sizzle.contains = function( context, elem ) {
+ // Set document vars if needed
+ if ( ( context.ownerDocument || context ) !== document ) {
+ setDocument( context );
+ }
+ return contains( context, elem );
+};
+
+Sizzle.attr = function( elem, name ) {
+ // Set document vars if needed
+ if ( ( elem.ownerDocument || elem ) !== document ) {
+ setDocument( elem );
+ }
+
+ var fn = Expr.attrHandle[ name.toLowerCase() ],
+ // Don't get fooled by Object.prototype properties (jQuery #13807)
+ val = fn && hasOwn.call( Expr.attrHandle, name.toLowerCase() ) ?
+ fn( elem, name, !documentIsHTML ) :
+ undefined;
+
+ return val !== undefined ?
+ val :
+ support.attributes || !documentIsHTML ?
+ elem.getAttribute( name ) :
+ (val = elem.getAttributeNode(name)) && val.specified ?
+ val.value :
+ null;
+};
+
+Sizzle.escape = function( sel ) {
+ return (sel + "").replace( rcssescape, fcssescape );
+};
+
+Sizzle.error = function( msg ) {
+ throw new Error( "Syntax error, unrecognized expression: " + msg );
+};
+
+/**
+ * Document sorting and removing duplicates
+ * @param {ArrayLike} results
+ */
+Sizzle.uniqueSort = function( results ) {
+ var elem,
+ duplicates = [],
+ j = 0,
+ i = 0;
+
+ // Unless we *know* we can detect duplicates, assume their presence
+ hasDuplicate = !support.detectDuplicates;
+ sortInput = !support.sortStable && results.slice( 0 );
+ results.sort( sortOrder );
+
+ if ( hasDuplicate ) {
+ while ( (elem = results[i++]) ) {
+ if ( elem === results[ i ] ) {
+ j = duplicates.push( i );
+ }
+ }
+ while ( j-- ) {
+ results.splice( duplicates[ j ], 1 );
+ }
+ }
+
+ // Clear input after sorting to release objects
+ // See https://github.com/jquery/sizzle/pull/225
+ sortInput = null;
+
+ return results;
+};
+
+/**
+ * Utility function for retrieving the text value of an array of DOM nodes
+ * @param {Array|Element} elem
+ */
+getText = Sizzle.getText = function( elem ) {
+ var node,
+ ret = "",
+ i = 0,
+ nodeType = elem.nodeType;
+
+ if ( !nodeType ) {
+ // If no nodeType, this is expected to be an array
+ while ( (node = elem[i++]) ) {
+ // Do not traverse comment nodes
+ ret += getText( node );
+ }
+ } else if ( nodeType === 1 || nodeType === 9 || nodeType === 11 ) {
+ // Use textContent for elements
+ // innerText usage removed for consistency of new lines (jQuery #11153)
+ if ( typeof elem.textContent === "string" ) {
+ return elem.textContent;
+ } else {
+ // Traverse its children
+ for ( elem = elem.firstChild; elem; elem = elem.nextSibling ) {
+ ret += getText( elem );
+ }
+ }
+ } else if ( nodeType === 3 || nodeType === 4 ) {
+ return elem.nodeValue;
+ }
+ // Do not include comment or processing instruction nodes
+
+ return ret;
+};
+
+Expr = Sizzle.selectors = {
+
+ // Can be adjusted by the user
+ cacheLength: 50,
+
+ createPseudo: markFunction,
+
+ match: matchExpr,
+
+ attrHandle: {},
+
+ find: {},
+
+ relative: {
+ ">": { dir: "parentNode", first: true },
+ " ": { dir: "parentNode" },
+ "+": { dir: "previousSibling", first: true },
+ "~": { dir: "previousSibling" }
+ },
+
+ preFilter: {
+ "ATTR": function( match ) {
+ match[1] = match[1].replace( runescape, funescape );
+
+ // Move the given value to match[3] whether quoted or unquoted
+ match[3] = ( match[3] || match[4] || match[5] || "" ).replace( runescape, funescape );
+
+ if ( match[2] === "~=" ) {
+ match[3] = " " + match[3] + " ";
+ }
+
+ return match.slice( 0, 4 );
+ },
+
+ "CHILD": function( match ) {
+ /* matches from matchExpr["CHILD"]
+ 1 type (only|nth|...)
+ 2 what (child|of-type)
+ 3 argument (even|odd|\d*|\d*n([+-]\d+)?|...)
+ 4 xn-component of xn+y argument ([+-]?\d*n|)
+ 5 sign of xn-component
+ 6 x of xn-component
+ 7 sign of y-component
+ 8 y of y-component
+ */
+ match[1] = match[1].toLowerCase();
+
+ if ( match[1].slice( 0, 3 ) === "nth" ) {
+ // nth-* requires argument
+ if ( !match[3] ) {
+ Sizzle.error( match[0] );
+ }
+
+ // numeric x and y parameters for Expr.filter.CHILD
+ // remember that false/true cast respectively to 0/1
+ match[4] = +( match[4] ? match[5] + (match[6] || 1) : 2 * ( match[3] === "even" || match[3] === "odd" ) );
+ match[5] = +( ( match[7] + match[8] ) || match[3] === "odd" );
+
+ // other types prohibit arguments
+ } else if ( match[3] ) {
+ Sizzle.error( match[0] );
+ }
+
+ return match;
+ },
+
+ "PSEUDO": function( match ) {
+ var excess,
+ unquoted = !match[6] && match[2];
+
+ if ( matchExpr["CHILD"].test( match[0] ) ) {
+ return null;
+ }
+
+ // Accept quoted arguments as-is
+ if ( match[3] ) {
+ match[2] = match[4] || match[5] || "";
+
+ // Strip excess characters from unquoted arguments
+ } else if ( unquoted && rpseudo.test( unquoted ) &&
+ // Get excess from tokenize (recursively)
+ (excess = tokenize( unquoted, true )) &&
+ // advance to the next closing parenthesis
+ (excess = unquoted.indexOf( ")", unquoted.length - excess ) - unquoted.length) ) {
+
+ // excess is a negative index
+ match[0] = match[0].slice( 0, excess );
+ match[2] = unquoted.slice( 0, excess );
+ }
+
+ // Return only captures needed by the pseudo filter method (type and argument)
+ return match.slice( 0, 3 );
+ }
+ },
+
+ filter: {
+
+ "TAG": function( nodeNameSelector ) {
+ var nodeName = nodeNameSelector.replace( runescape, funescape ).toLowerCase();
+ return nodeNameSelector === "*" ?
+ function() { return true; } :
+ function( elem ) {
+ return elem.nodeName && elem.nodeName.toLowerCase() === nodeName;
+ };
+ },
+
+ "CLASS": function( className ) {
+ var pattern = classCache[ className + " " ];
+
+ return pattern ||
+ (pattern = new RegExp( "(^|" + whitespace + ")" + className + "(" + whitespace + "|$)" )) &&
+ classCache( className, function( elem ) {
+ return pattern.test( typeof elem.className === "string" && elem.className || typeof elem.getAttribute !== "undefined" && elem.getAttribute("class") || "" );
+ });
+ },
+
+ "ATTR": function( name, operator, check ) {
+ return function( elem ) {
+ var result = Sizzle.attr( elem, name );
+
+ if ( result == null ) {
+ return operator === "!=";
+ }
+ if ( !operator ) {
+ return true;
+ }
+
+ result += "";
+
+ return operator === "=" ? result === check :
+ operator === "!=" ? result !== check :
+ operator === "^=" ? check && result.indexOf( check ) === 0 :
+ operator === "*=" ? check && result.indexOf( check ) > -1 :
+ operator === "$=" ? check && result.slice( -check.length ) === check :
+ operator === "~=" ? ( " " + result.replace( rwhitespace, " " ) + " " ).indexOf( check ) > -1 :
+ operator === "|=" ? result === check || result.slice( 0, check.length + 1 ) === check + "-" :
+ false;
+ };
+ },
+
+ "CHILD": function( type, what, argument, first, last ) {
+ var simple = type.slice( 0, 3 ) !== "nth",
+ forward = type.slice( -4 ) !== "last",
+ ofType = what === "of-type";
+
+ return first === 1 && last === 0 ?
+
+ // Shortcut for :nth-*(n)
+ function( elem ) {
+ return !!elem.parentNode;
+ } :
+
+ function( elem, context, xml ) {
+ var cache, uniqueCache, outerCache, node, nodeIndex, start,
+ dir = simple !== forward ? "nextSibling" : "previousSibling",
+ parent = elem.parentNode,
+ name = ofType && elem.nodeName.toLowerCase(),
+ useCache = !xml && !ofType,
+ diff = false;
+
+ if ( parent ) {
+
+ // :(first|last|only)-(child|of-type)
+ if ( simple ) {
+ while ( dir ) {
+ node = elem;
+ while ( (node = node[ dir ]) ) {
+ if ( ofType ?
+ node.nodeName.toLowerCase() === name :
+ node.nodeType === 1 ) {
+
+ return false;
+ }
+ }
+ // Reverse direction for :only-* (if we haven't yet done so)
+ start = dir = type === "only" && !start && "nextSibling";
+ }
+ return true;
+ }
+
+ start = [ forward ? parent.firstChild : parent.lastChild ];
+
+ // non-xml :nth-child(...) stores cache data on `parent`
+ if ( forward && useCache ) {
+
+ // Seek `elem` from a previously-cached index
+
+ // ...in a gzip-friendly way
+ node = parent;
+ outerCache = node[ expando ] || (node[ expando ] = {});
+
+ // Support: IE <9 only
+ // Defend against cloned attroperties (jQuery gh-1709)
+ uniqueCache = outerCache[ node.uniqueID ] ||
+ (outerCache[ node.uniqueID ] = {});
+
+ cache = uniqueCache[ type ] || [];
+ nodeIndex = cache[ 0 ] === dirruns && cache[ 1 ];
+ diff = nodeIndex && cache[ 2 ];
+ node = nodeIndex && parent.childNodes[ nodeIndex ];
+
+ while ( (node = ++nodeIndex && node && node[ dir ] ||
+
+ // Fallback to seeking `elem` from the start
+ (diff = nodeIndex = 0) || start.pop()) ) {
+
+ // When found, cache indexes on `parent` and break
+ if ( node.nodeType === 1 && ++diff && node === elem ) {
+ uniqueCache[ type ] = [ dirruns, nodeIndex, diff ];
+ break;
+ }
+ }
+
+ } else {
+ // Use previously-cached element index if available
+ if ( useCache ) {
+ // ...in a gzip-friendly way
+ node = elem;
+ outerCache = node[ expando ] || (node[ expando ] = {});
+
+ // Support: IE <9 only
+ // Defend against cloned attroperties (jQuery gh-1709)
+ uniqueCache = outerCache[ node.uniqueID ] ||
+ (outerCache[ node.uniqueID ] = {});
+
+ cache = uniqueCache[ type ] || [];
+ nodeIndex = cache[ 0 ] === dirruns && cache[ 1 ];
+ diff = nodeIndex;
+ }
+
+ // xml :nth-child(...)
+ // or :nth-last-child(...) or :nth(-last)?-of-type(...)
+ if ( diff === false ) {
+ // Use the same loop as above to seek `elem` from the start
+ while ( (node = ++nodeIndex && node && node[ dir ] ||
+ (diff = nodeIndex = 0) || start.pop()) ) {
+
+ if ( ( ofType ?
+ node.nodeName.toLowerCase() === name :
+ node.nodeType === 1 ) &&
+ ++diff ) {
+
+ // Cache the index of each encountered element
+ if ( useCache ) {
+ outerCache = node[ expando ] || (node[ expando ] = {});
+
+ // Support: IE <9 only
+ // Defend against cloned attroperties (jQuery gh-1709)
+ uniqueCache = outerCache[ node.uniqueID ] ||
+ (outerCache[ node.uniqueID ] = {});
+
+ uniqueCache[ type ] = [ dirruns, diff ];
+ }
+
+ if ( node === elem ) {
+ break;
+ }
+ }
+ }
+ }
+ }
+
+ // Incorporate the offset, then check against cycle size
+ diff -= last;
+ return diff === first || ( diff % first === 0 && diff / first >= 0 );
+ }
+ };
+ },
+
+ "PSEUDO": function( pseudo, argument ) {
+ // pseudo-class names are case-insensitive
+ // http://www.w3.org/TR/selectors/#pseudo-classes
+ // Prioritize by case sensitivity in case custom pseudos are added with uppercase letters
+ // Remember that setFilters inherits from pseudos
+ var args,
+ fn = Expr.pseudos[ pseudo ] || Expr.setFilters[ pseudo.toLowerCase() ] ||
+ Sizzle.error( "unsupported pseudo: " + pseudo );
+
+ // The user may use createPseudo to indicate that
+ // arguments are needed to create the filter function
+ // just as Sizzle does
+ if ( fn[ expando ] ) {
+ return fn( argument );
+ }
+
+ // But maintain support for old signatures
+ if ( fn.length > 1 ) {
+ args = [ pseudo, pseudo, "", argument ];
+ return Expr.setFilters.hasOwnProperty( pseudo.toLowerCase() ) ?
+ markFunction(function( seed, matches ) {
+ var idx,
+ matched = fn( seed, argument ),
+ i = matched.length;
+ while ( i-- ) {
+ idx = indexOf( seed, matched[i] );
+ seed[ idx ] = !( matches[ idx ] = matched[i] );
+ }
+ }) :
+ function( elem ) {
+ return fn( elem, 0, args );
+ };
+ }
+
+ return fn;
+ }
+ },
+
+ pseudos: {
+ // Potentially complex pseudos
+ "not": markFunction(function( selector ) {
+ // Trim the selector passed to compile
+ // to avoid treating leading and trailing
+ // spaces as combinators
+ var input = [],
+ results = [],
+ matcher = compile( selector.replace( rtrim, "$1" ) );
+
+ return matcher[ expando ] ?
+ markFunction(function( seed, matches, context, xml ) {
+ var elem,
+ unmatched = matcher( seed, null, xml, [] ),
+ i = seed.length;
+
+ // Match elements unmatched by `matcher`
+ while ( i-- ) {
+ if ( (elem = unmatched[i]) ) {
+ seed[i] = !(matches[i] = elem);
+ }
+ }
+ }) :
+ function( elem, context, xml ) {
+ input[0] = elem;
+ matcher( input, null, xml, results );
+ // Don't keep the element (issue #299)
+ input[0] = null;
+ return !results.pop();
+ };
+ }),
+
+ "has": markFunction(function( selector ) {
+ return function( elem ) {
+ return Sizzle( selector, elem ).length > 0;
+ };
+ }),
+
+ "contains": markFunction(function( text ) {
+ text = text.replace( runescape, funescape );
+ return function( elem ) {
+ return ( elem.textContent || elem.innerText || getText( elem ) ).indexOf( text ) > -1;
+ };
+ }),
+
+ // "Whether an element is represented by a :lang() selector
+ // is based solely on the element's language value
+ // being equal to the identifier C,
+ // or beginning with the identifier C immediately followed by "-".
+ // The matching of C against the element's language value is performed case-insensitively.
+ // The identifier C does not have to be a valid language name."
+ // http://www.w3.org/TR/selectors/#lang-pseudo
+ "lang": markFunction( function( lang ) {
+ // lang value must be a valid identifier
+ if ( !ridentifier.test(lang || "") ) {
+ Sizzle.error( "unsupported lang: " + lang );
+ }
+ lang = lang.replace( runescape, funescape ).toLowerCase();
+ return function( elem ) {
+ var elemLang;
+ do {
+ if ( (elemLang = documentIsHTML ?
+ elem.lang :
+ elem.getAttribute("xml:lang") || elem.getAttribute("lang")) ) {
+
+ elemLang = elemLang.toLowerCase();
+ return elemLang === lang || elemLang.indexOf( lang + "-" ) === 0;
+ }
+ } while ( (elem = elem.parentNode) && elem.nodeType === 1 );
+ return false;
+ };
+ }),
+
+ // Miscellaneous
+ "target": function( elem ) {
+ var hash = window.location && window.location.hash;
+ return hash && hash.slice( 1 ) === elem.id;
+ },
+
+ "root": function( elem ) {
+ return elem === docElem;
+ },
+
+ "focus": function( elem ) {
+ return elem === document.activeElement && (!document.hasFocus || document.hasFocus()) && !!(elem.type || elem.href || ~elem.tabIndex);
+ },
+
+ // Boolean properties
+ "enabled": createDisabledPseudo( false ),
+ "disabled": createDisabledPseudo( true ),
+
+ "checked": function( elem ) {
+ // In CSS3, :checked should return both checked and selected elements
+ // http://www.w3.org/TR/2011/REC-css3-selectors-20110929/#checked
+ var nodeName = elem.nodeName.toLowerCase();
+ return (nodeName === "input" && !!elem.checked) || (nodeName === "option" && !!elem.selected);
+ },
+
+ "selected": function( elem ) {
+ // Accessing this property makes selected-by-default
+ // options in Safari work properly
+ if ( elem.parentNode ) {
+ elem.parentNode.selectedIndex;
+ }
+
+ return elem.selected === true;
+ },
+
+ // Contents
+ "empty": function( elem ) {
+ // http://www.w3.org/TR/selectors/#empty-pseudo
+ // :empty is negated by element (1) or content nodes (text: 3; cdata: 4; entity ref: 5),
+ // but not by others (comment: 8; processing instruction: 7; etc.)
+ // nodeType < 6 works because attributes (2) do not appear as children
+ for ( elem = elem.firstChild; elem; elem = elem.nextSibling ) {
+ if ( elem.nodeType < 6 ) {
+ return false;
+ }
+ }
+ return true;
+ },
+
+ "parent": function( elem ) {
+ return !Expr.pseudos["empty"]( elem );
+ },
+
+ // Element/input types
+ "header": function( elem ) {
+ return rheader.test( elem.nodeName );
+ },
+
+ "input": function( elem ) {
+ return rinputs.test( elem.nodeName );
+ },
+
+ "button": function( elem ) {
+ var name = elem.nodeName.toLowerCase();
+ return name === "input" && elem.type === "button" || name === "button";
+ },
+
+ "text": function( elem ) {
+ var attr;
+ return elem.nodeName.toLowerCase() === "input" &&
+ elem.type === "text" &&
+
+ // Support: IE<8
+ // New HTML5 attribute values (e.g., "search") appear with elem.type === "text"
+ ( (attr = elem.getAttribute("type")) == null || attr.toLowerCase() === "text" );
+ },
+
+ // Position-in-collection
+ "first": createPositionalPseudo(function() {
+ return [ 0 ];
+ }),
+
+ "last": createPositionalPseudo(function( matchIndexes, length ) {
+ return [ length - 1 ];
+ }),
+
+ "eq": createPositionalPseudo(function( matchIndexes, length, argument ) {
+ return [ argument < 0 ? argument + length : argument ];
+ }),
+
+ "even": createPositionalPseudo(function( matchIndexes, length ) {
+ var i = 0;
+ for ( ; i < length; i += 2 ) {
+ matchIndexes.push( i );
+ }
+ return matchIndexes;
+ }),
+
+ "odd": createPositionalPseudo(function( matchIndexes, length ) {
+ var i = 1;
+ for ( ; i < length; i += 2 ) {
+ matchIndexes.push( i );
+ }
+ return matchIndexes;
+ }),
+
+ "lt": createPositionalPseudo(function( matchIndexes, length, argument ) {
+ var i = argument < 0 ? argument + length : argument;
+ for ( ; --i >= 0; ) {
+ matchIndexes.push( i );
+ }
+ return matchIndexes;
+ }),
+
+ "gt": createPositionalPseudo(function( matchIndexes, length, argument ) {
+ var i = argument < 0 ? argument + length : argument;
+ for ( ; ++i < length; ) {
+ matchIndexes.push( i );
+ }
+ return matchIndexes;
+ })
+ }
+};
+
+Expr.pseudos["nth"] = Expr.pseudos["eq"];
+
+// Add button/input type pseudos
+for ( i in { radio: true, checkbox: true, file: true, password: true, image: true } ) {
+ Expr.pseudos[ i ] = createInputPseudo( i );
+}
+for ( i in { submit: true, reset: true } ) {
+ Expr.pseudos[ i ] = createButtonPseudo( i );
+}
+
+// Easy API for creating new setFilters
+function setFilters() {}
+setFilters.prototype = Expr.filters = Expr.pseudos;
+Expr.setFilters = new setFilters();
+
+tokenize = Sizzle.tokenize = function( selector, parseOnly ) {
+ var matched, match, tokens, type,
+ soFar, groups, preFilters,
+ cached = tokenCache[ selector + " " ];
+
+ if ( cached ) {
+ return parseOnly ? 0 : cached.slice( 0 );
+ }
+
+ soFar = selector;
+ groups = [];
+ preFilters = Expr.preFilter;
+
+ while ( soFar ) {
+
+ // Comma and first run
+ if ( !matched || (match = rcomma.exec( soFar )) ) {
+ if ( match ) {
+ // Don't consume trailing commas as valid
+ soFar = soFar.slice( match[0].length ) || soFar;
+ }
+ groups.push( (tokens = []) );
+ }
+
+ matched = false;
+
+ // Combinators
+ if ( (match = rcombinators.exec( soFar )) ) {
+ matched = match.shift();
+ tokens.push({
+ value: matched,
+ // Cast descendant combinators to space
+ type: match[0].replace( rtrim, " " )
+ });
+ soFar = soFar.slice( matched.length );
+ }
+
+ // Filters
+ for ( type in Expr.filter ) {
+ if ( (match = matchExpr[ type ].exec( soFar )) && (!preFilters[ type ] ||
+ (match = preFilters[ type ]( match ))) ) {
+ matched = match.shift();
+ tokens.push({
+ value: matched,
+ type: type,
+ matches: match
+ });
+ soFar = soFar.slice( matched.length );
+ }
+ }
+
+ if ( !matched ) {
+ break;
+ }
+ }
+
+ // Return the length of the invalid excess
+ // if we're just parsing
+ // Otherwise, throw an error or return tokens
+ return parseOnly ?
+ soFar.length :
+ soFar ?
+ Sizzle.error( selector ) :
+ // Cache the tokens
+ tokenCache( selector, groups ).slice( 0 );
+};
+
+function toSelector( tokens ) {
+ var i = 0,
+ len = tokens.length,
+ selector = "";
+ for ( ; i < len; i++ ) {
+ selector += tokens[i].value;
+ }
+ return selector;
+}
+
+function addCombinator( matcher, combinator, base ) {
+ var dir = combinator.dir,
+ skip = combinator.next,
+ key = skip || dir,
+ checkNonElements = base && key === "parentNode",
+ doneName = done++;
+
+ return combinator.first ?
+ // Check against closest ancestor/preceding element
+ function( elem, context, xml ) {
+ while ( (elem = elem[ dir ]) ) {
+ if ( elem.nodeType === 1 || checkNonElements ) {
+ return matcher( elem, context, xml );
+ }
+ }
+ return false;
+ } :
+
+ // Check against all ancestor/preceding elements
+ function( elem, context, xml ) {
+ var oldCache, uniqueCache, outerCache,
+ newCache = [ dirruns, doneName ];
+
+ // We can't set arbitrary data on XML nodes, so they don't benefit from combinator caching
+ if ( xml ) {
+ while ( (elem = elem[ dir ]) ) {
+ if ( elem.nodeType === 1 || checkNonElements ) {
+ if ( matcher( elem, context, xml ) ) {
+ return true;
+ }
+ }
+ }
+ } else {
+ while ( (elem = elem[ dir ]) ) {
+ if ( elem.nodeType === 1 || checkNonElements ) {
+ outerCache = elem[ expando ] || (elem[ expando ] = {});
+
+ // Support: IE <9 only
+ // Defend against cloned attroperties (jQuery gh-1709)
+ uniqueCache = outerCache[ elem.uniqueID ] || (outerCache[ elem.uniqueID ] = {});
+
+ if ( skip && skip === elem.nodeName.toLowerCase() ) {
+ elem = elem[ dir ] || elem;
+ } else if ( (oldCache = uniqueCache[ key ]) &&
+ oldCache[ 0 ] === dirruns && oldCache[ 1 ] === doneName ) {
+
+ // Assign to newCache so results back-propagate to previous elements
+ return (newCache[ 2 ] = oldCache[ 2 ]);
+ } else {
+ // Reuse newcache so results back-propagate to previous elements
+ uniqueCache[ key ] = newCache;
+
+ // A match means we're done; a fail means we have to keep checking
+ if ( (newCache[ 2 ] = matcher( elem, context, xml )) ) {
+ return true;
+ }
+ }
+ }
+ }
+ }
+ return false;
+ };
+}
+
+function elementMatcher( matchers ) {
+ return matchers.length > 1 ?
+ function( elem, context, xml ) {
+ var i = matchers.length;
+ while ( i-- ) {
+ if ( !matchers[i]( elem, context, xml ) ) {
+ return false;
+ }
+ }
+ return true;
+ } :
+ matchers[0];
+}
+
+function multipleContexts( selector, contexts, results ) {
+ var i = 0,
+ len = contexts.length;
+ for ( ; i < len; i++ ) {
+ Sizzle( selector, contexts[i], results );
+ }
+ return results;
+}
+
+function condense( unmatched, map, filter, context, xml ) {
+ var elem,
+ newUnmatched = [],
+ i = 0,
+ len = unmatched.length,
+ mapped = map != null;
+
+ for ( ; i < len; i++ ) {
+ if ( (elem = unmatched[i]) ) {
+ if ( !filter || filter( elem, context, xml ) ) {
+ newUnmatched.push( elem );
+ if ( mapped ) {
+ map.push( i );
+ }
+ }
+ }
+ }
+
+ return newUnmatched;
+}
+
+function setMatcher( preFilter, selector, matcher, postFilter, postFinder, postSelector ) {
+ if ( postFilter && !postFilter[ expando ] ) {
+ postFilter = setMatcher( postFilter );
+ }
+ if ( postFinder && !postFinder[ expando ] ) {
+ postFinder = setMatcher( postFinder, postSelector );
+ }
+ return markFunction(function( seed, results, context, xml ) {
+ var temp, i, elem,
+ preMap = [],
+ postMap = [],
+ preexisting = results.length,
+
+ // Get initial elements from seed or context
+ elems = seed || multipleContexts( selector || "*", context.nodeType ? [ context ] : context, [] ),
+
+ // Prefilter to get matcher input, preserving a map for seed-results synchronization
+ matcherIn = preFilter && ( seed || !selector ) ?
+ condense( elems, preMap, preFilter, context, xml ) :
+ elems,
+
+ matcherOut = matcher ?
+ // If we have a postFinder, or filtered seed, or non-seed postFilter or preexisting results,
+ postFinder || ( seed ? preFilter : preexisting || postFilter ) ?
+
+ // ...intermediate processing is necessary
+ [] :
+
+ // ...otherwise use results directly
+ results :
+ matcherIn;
+
+ // Find primary matches
+ if ( matcher ) {
+ matcher( matcherIn, matcherOut, context, xml );
+ }
+
+ // Apply postFilter
+ if ( postFilter ) {
+ temp = condense( matcherOut, postMap );
+ postFilter( temp, [], context, xml );
+
+ // Un-match failing elements by moving them back to matcherIn
+ i = temp.length;
+ while ( i-- ) {
+ if ( (elem = temp[i]) ) {
+ matcherOut[ postMap[i] ] = !(matcherIn[ postMap[i] ] = elem);
+ }
+ }
+ }
+
+ if ( seed ) {
+ if ( postFinder || preFilter ) {
+ if ( postFinder ) {
+ // Get the final matcherOut by condensing this intermediate into postFinder contexts
+ temp = [];
+ i = matcherOut.length;
+ while ( i-- ) {
+ if ( (elem = matcherOut[i]) ) {
+ // Restore matcherIn since elem is not yet a final match
+ temp.push( (matcherIn[i] = elem) );
+ }
+ }
+ postFinder( null, (matcherOut = []), temp, xml );
+ }
+
+ // Move matched elements from seed to results to keep them synchronized
+ i = matcherOut.length;
+ while ( i-- ) {
+ if ( (elem = matcherOut[i]) &&
+ (temp = postFinder ? indexOf( seed, elem ) : preMap[i]) > -1 ) {
+
+ seed[temp] = !(results[temp] = elem);
+ }
+ }
+ }
+
+ // Add elements to results, through postFinder if defined
+ } else {
+ matcherOut = condense(
+ matcherOut === results ?
+ matcherOut.splice( preexisting, matcherOut.length ) :
+ matcherOut
+ );
+ if ( postFinder ) {
+ postFinder( null, results, matcherOut, xml );
+ } else {
+ push.apply( results, matcherOut );
+ }
+ }
+ });
+}
+
+function matcherFromTokens( tokens ) {
+ var checkContext, matcher, j,
+ len = tokens.length,
+ leadingRelative = Expr.relative[ tokens[0].type ],
+ implicitRelative = leadingRelative || Expr.relative[" "],
+ i = leadingRelative ? 1 : 0,
+
+ // The foundational matcher ensures that elements are reachable from top-level context(s)
+ matchContext = addCombinator( function( elem ) {
+ return elem === checkContext;
+ }, implicitRelative, true ),
+ matchAnyContext = addCombinator( function( elem ) {
+ return indexOf( checkContext, elem ) > -1;
+ }, implicitRelative, true ),
+ matchers = [ function( elem, context, xml ) {
+ var ret = ( !leadingRelative && ( xml || context !== outermostContext ) ) || (
+ (checkContext = context).nodeType ?
+ matchContext( elem, context, xml ) :
+ matchAnyContext( elem, context, xml ) );
+ // Avoid hanging onto element (issue #299)
+ checkContext = null;
+ return ret;
+ } ];
+
+ for ( ; i < len; i++ ) {
+ if ( (matcher = Expr.relative[ tokens[i].type ]) ) {
+ matchers = [ addCombinator(elementMatcher( matchers ), matcher) ];
+ } else {
+ matcher = Expr.filter[ tokens[i].type ].apply( null, tokens[i].matches );
+
+ // Return special upon seeing a positional matcher
+ if ( matcher[ expando ] ) {
+ // Find the next relative operator (if any) for proper handling
+ j = ++i;
+ for ( ; j < len; j++ ) {
+ if ( Expr.relative[ tokens[j].type ] ) {
+ break;
+ }
+ }
+ return setMatcher(
+ i > 1 && elementMatcher( matchers ),
+ i > 1 && toSelector(
+ // If the preceding token was a descendant combinator, insert an implicit any-element `*`
+ tokens.slice( 0, i - 1 ).concat({ value: tokens[ i - 2 ].type === " " ? "*" : "" })
+ ).replace( rtrim, "$1" ),
+ matcher,
+ i < j && matcherFromTokens( tokens.slice( i, j ) ),
+ j < len && matcherFromTokens( (tokens = tokens.slice( j )) ),
+ j < len && toSelector( tokens )
+ );
+ }
+ matchers.push( matcher );
+ }
+ }
+
+ return elementMatcher( matchers );
+}
+
+function matcherFromGroupMatchers( elementMatchers, setMatchers ) {
+ var bySet = setMatchers.length > 0,
+ byElement = elementMatchers.length > 0,
+ superMatcher = function( seed, context, xml, results, outermost ) {
+ var elem, j, matcher,
+ matchedCount = 0,
+ i = "0",
+ unmatched = seed && [],
+ setMatched = [],
+ contextBackup = outermostContext,
+ // We must always have either seed elements or outermost context
+ elems = seed || byElement && Expr.find["TAG"]( "*", outermost ),
+ // Use integer dirruns iff this is the outermost matcher
+ dirrunsUnique = (dirruns += contextBackup == null ? 1 : Math.random() || 0.1),
+ len = elems.length;
+
+ if ( outermost ) {
+ outermostContext = context === document || context || outermost;
+ }
+
+ // Add elements passing elementMatchers directly to results
+ // Support: IE<9, Safari
+ // Tolerate NodeList properties (IE: "length"; Safari: <number>) matching elements by id
+ for ( ; i !== len && (elem = elems[i]) != null; i++ ) {
+ if ( byElement && elem ) {
+ j = 0;
+ if ( !context && elem.ownerDocument !== document ) {
+ setDocument( elem );
+ xml = !documentIsHTML;
+ }
+ while ( (matcher = elementMatchers[j++]) ) {
+ if ( matcher( elem, context || document, xml) ) {
+ results.push( elem );
+ break;
+ }
+ }
+ if ( outermost ) {
+ dirruns = dirrunsUnique;
+ }
+ }
+
+ // Track unmatched elements for set filters
+ if ( bySet ) {
+ // They will have gone through all possible matchers
+ if ( (elem = !matcher && elem) ) {
+ matchedCount--;
+ }
+
+ // Lengthen the array for every element, matched or not
+ if ( seed ) {
+ unmatched.push( elem );
+ }
+ }
+ }
+
+ // `i` is now the count of elements visited above, and adding it to `matchedCount`
+ // makes the latter nonnegative.
+ matchedCount += i;
+
+ // Apply set filters to unmatched elements
+ // NOTE: This can be skipped if there are no unmatched elements (i.e., `matchedCount`
+ // equals `i`), unless we didn't visit _any_ elements in the above loop because we have
+ // no element matchers and no seed.
+ // Incrementing an initially-string "0" `i` allows `i` to remain a string only in that
+ // case, which will result in a "00" `matchedCount` that differs from `i` but is also
+ // numerically zero.
+ if ( bySet && i !== matchedCount ) {
+ j = 0;
+ while ( (matcher = setMatchers[j++]) ) {
+ matcher( unmatched, setMatched, context, xml );
+ }
+
+ if ( seed ) {
+ // Reintegrate element matches to eliminate the need for sorting
+ if ( matchedCount > 0 ) {
+ while ( i-- ) {
+ if ( !(unmatched[i] || setMatched[i]) ) {
+ setMatched[i] = pop.call( results );
+ }
+ }
+ }
+
+ // Discard index placeholder values to get only actual matches
+ setMatched = condense( setMatched );
+ }
+
+ // Add matches to results
+ push.apply( results, setMatched );
+
+ // Seedless set matches succeeding multiple successful matchers stipulate sorting
+ if ( outermost && !seed && setMatched.length > 0 &&
+ ( matchedCount + setMatchers.length ) > 1 ) {
+
+ Sizzle.uniqueSort( results );
+ }
+ }
+
+ // Override manipulation of globals by nested matchers
+ if ( outermost ) {
+ dirruns = dirrunsUnique;
+ outermostContext = contextBackup;
+ }
+
+ return unmatched;
+ };
+
+ return bySet ?
+ markFunction( superMatcher ) :
+ superMatcher;
+}
+
+compile = Sizzle.compile = function( selector, match /* Internal Use Only */ ) {
+ var i,
+ setMatchers = [],
+ elementMatchers = [],
+ cached = compilerCache[ selector + " " ];
+
+ if ( !cached ) {
+ // Generate a function of recursive functions that can be used to check each element
+ if ( !match ) {
+ match = tokenize( selector );
+ }
+ i = match.length;
+ while ( i-- ) {
+ cached = matcherFromTokens( match[i] );
+ if ( cached[ expando ] ) {
+ setMatchers.push( cached );
+ } else {
+ elementMatchers.push( cached );
+ }
+ }
+
+ // Cache the compiled function
+ cached = compilerCache( selector, matcherFromGroupMatchers( elementMatchers, setMatchers ) );
+
+ // Save selector and tokenization
+ cached.selector = selector;
+ }
+ return cached;
+};
+
+/**
+ * A low-level selection function that works with Sizzle's compiled
+ * selector functions
+ * @param {String|Function} selector A selector or a pre-compiled
+ * selector function built with Sizzle.compile
+ * @param {Element} context
+ * @param {Array} [results]
+ * @param {Array} [seed] A set of elements to match against
+ */
+select = Sizzle.select = function( selector, context, results, seed ) {
+ var i, tokens, token, type, find,
+ compiled = typeof selector === "function" && selector,
+ match = !seed && tokenize( (selector = compiled.selector || selector) );
+
+ results = results || [];
+
+ // Try to minimize operations if there is only one selector in the list and no seed
+ // (the latter of which guarantees us context)
+ if ( match.length === 1 ) {
+
+ // Reduce context if the leading compound selector is an ID
+ tokens = match[0] = match[0].slice( 0 );
+ if ( tokens.length > 2 && (token = tokens[0]).type === "ID" &&
+ context.nodeType === 9 && documentIsHTML && Expr.relative[ tokens[1].type ] ) {
+
+ context = ( Expr.find["ID"]( token.matches[0].replace(runescape, funescape), context ) || [] )[0];
+ if ( !context ) {
+ return results;
+
+ // Precompiled matchers will still verify ancestry, so step up a level
+ } else if ( compiled ) {
+ context = context.parentNode;
+ }
+
+ selector = selector.slice( tokens.shift().value.length );
+ }
+
+ // Fetch a seed set for right-to-left matching
+ i = matchExpr["needsContext"].test( selector ) ? 0 : tokens.length;
+ while ( i-- ) {
+ token = tokens[i];
+
+ // Abort if we hit a combinator
+ if ( Expr.relative[ (type = token.type) ] ) {
+ break;
+ }
+ if ( (find = Expr.find[ type ]) ) {
+ // Search, expanding context for leading sibling combinators
+ if ( (seed = find(
+ token.matches[0].replace( runescape, funescape ),
+ rsibling.test( tokens[0].type ) && testContext( context.parentNode ) || context
+ )) ) {
+
+ // If seed is empty or no tokens remain, we can return early
+ tokens.splice( i, 1 );
+ selector = seed.length && toSelector( tokens );
+ if ( !selector ) {
+ push.apply( results, seed );
+ return results;
+ }
+
+ break;
+ }
+ }
+ }
+ }
+
+ // Compile and execute a filtering function if one is not provided
+ // Provide `match` to avoid retokenization if we modified the selector above
+ ( compiled || compile( selector, match ) )(
+ seed,
+ context,
+ !documentIsHTML,
+ results,
+ !context || rsibling.test( selector ) && testContext( context.parentNode ) || context
+ );
+ return results;
+};
+
+// One-time assignments
+
+// Sort stability
+support.sortStable = expando.split("").sort( sortOrder ).join("") === expando;
+
+// Support: Chrome 14-35+
+// Always assume duplicates if they aren't passed to the comparison function
+support.detectDuplicates = !!hasDuplicate;
+
+// Initialize against the default document
+setDocument();
+
+// Support: Webkit<537.32 - Safari 6.0.3/Chrome 25 (fixed in Chrome 27)
+// Detached nodes confoundingly follow *each other*
+support.sortDetached = assert(function( el ) {
+ // Should return 1, but returns 4 (following)
+ return el.compareDocumentPosition( document.createElement("fieldset") ) & 1;
+});
+
+// Support: IE<8
+// Prevent attribute/property "interpolation"
+// https://msdn.microsoft.com/en-us/library/ms536429%28VS.85%29.aspx
+if ( !assert(function( el ) {
+ el.innerHTML = "<a href='#'></a>";
+ return el.firstChild.getAttribute("href") === "#" ;
+}) ) {
+ addHandle( "type|href|height|width", function( elem, name, isXML ) {
+ if ( !isXML ) {
+ return elem.getAttribute( name, name.toLowerCase() === "type" ? 1 : 2 );
+ }
+ });
+}
+
+// Support: IE<9
+// Use defaultValue in place of getAttribute("value")
+if ( !support.attributes || !assert(function( el ) {
+ el.innerHTML = "<input/>";
+ el.firstChild.setAttribute( "value", "" );
+ return el.firstChild.getAttribute( "value" ) === "";
+}) ) {
+ addHandle( "value", function( elem, name, isXML ) {
+ if ( !isXML && elem.nodeName.toLowerCase() === "input" ) {
+ return elem.defaultValue;
+ }
+ });
+}
+
+// Support: IE<9
+// Use getAttributeNode to fetch booleans when getAttribute lies
+if ( !assert(function( el ) {
+ return el.getAttribute("disabled") == null;
+}) ) {
+ addHandle( booleans, function( elem, name, isXML ) {
+ var val;
+ if ( !isXML ) {
+ return elem[ name ] === true ? name.toLowerCase() :
+ (val = elem.getAttributeNode( name )) && val.specified ?
+ val.value :
+ null;
+ }
+ });
+}
+
+return Sizzle;
+
+})( window );
+
+
+
+jQuery.find = Sizzle;
+jQuery.expr = Sizzle.selectors;
+
+// Deprecated
+jQuery.expr[ ":" ] = jQuery.expr.pseudos;
+jQuery.uniqueSort = jQuery.unique = Sizzle.uniqueSort;
+jQuery.text = Sizzle.getText;
+jQuery.isXMLDoc = Sizzle.isXML;
+jQuery.contains = Sizzle.contains;
+jQuery.escapeSelector = Sizzle.escape;
+
+
+
+
+var dir = function( elem, dir, until ) {
+ var matched = [],
+ truncate = until !== undefined;
+
+ while ( ( elem = elem[ dir ] ) && elem.nodeType !== 9 ) {
+ if ( elem.nodeType === 1 ) {
+ if ( truncate && jQuery( elem ).is( until ) ) {
+ break;
+ }
+ matched.push( elem );
+ }
+ }
+ return matched;
+};
+
+
+var siblings = function( n, elem ) {
+ var matched = [];
+
+ for ( ; n; n = n.nextSibling ) {
+ if ( n.nodeType === 1 && n !== elem ) {
+ matched.push( n );
+ }
+ }
+
+ return matched;
+};
+
+
+var rneedsContext = jQuery.expr.match.needsContext;
+
+
+
+function nodeName( elem, name ) {
+
+ return elem.nodeName && elem.nodeName.toLowerCase() === name.toLowerCase();
+
+};
+var rsingleTag = ( /^<([a-z][^\/\0>:\x20\t\r\n\f]*)[\x20\t\r\n\f]*\/?>(?:<\/\1>|)$/i );
+
+
+
+var risSimple = /^.[^:#\[\.,]*$/;
+
+// Implement the identical functionality for filter and not
+function winnow( elements, qualifier, not ) {
+ if ( jQuery.isFunction( qualifier ) ) {
+ return jQuery.grep( elements, function( elem, i ) {
+ return !!qualifier.call( elem, i, elem ) !== not;
+ } );
+ }
+
+ // Single element
+ if ( qualifier.nodeType ) {
+ return jQuery.grep( elements, function( elem ) {
+ return ( elem === qualifier ) !== not;
+ } );
+ }
+
+ // Arraylike of elements (jQuery, arguments, Array)
+ if ( typeof qualifier !== "string" ) {
+ return jQuery.grep( elements, function( elem ) {
+ return ( indexOf.call( qualifier, elem ) > -1 ) !== not;
+ } );
+ }
+
+ // Simple selector that can be filtered directly, removing non-Elements
+ if ( risSimple.test( qualifier ) ) {
+ return jQuery.filter( qualifier, elements, not );
+ }
+
+ // Complex selector, compare the two sets, removing non-Elements
+ qualifier = jQuery.filter( qualifier, elements );
+ return jQuery.grep( elements, function( elem ) {
+ return ( indexOf.call( qualifier, elem ) > -1 ) !== not && elem.nodeType === 1;
+ } );
+}
+
+jQuery.filter = function( expr, elems, not ) {
+ var elem = elems[ 0 ];
+
+ if ( not ) {
+ expr = ":not(" + expr + ")";
+ }
+
+ if ( elems.length === 1 && elem.nodeType === 1 ) {
+ return jQuery.find.matchesSelector( elem, expr ) ? [ elem ] : [];
+ }
+
+ return jQuery.find.matches( expr, jQuery.grep( elems, function( elem ) {
+ return elem.nodeType === 1;
+ } ) );
+};
+
+jQuery.fn.extend( {
+ find: function( selector ) {
+ var i, ret,
+ len = this.length,
+ self = this;
+
+ if ( typeof selector !== "string" ) {
+ return this.pushStack( jQuery( selector ).filter( function() {
+ for ( i = 0; i < len; i++ ) {
+ if ( jQuery.contains( self[ i ], this ) ) {
+ return true;
+ }
+ }
+ } ) );
+ }
+
+ ret = this.pushStack( [] );
+
+ for ( i = 0; i < len; i++ ) {
+ jQuery.find( selector, self[ i ], ret );
+ }
+
+ return len > 1 ? jQuery.uniqueSort( ret ) : ret;
+ },
+ filter: function( selector ) {
+ return this.pushStack( winnow( this, selector || [], false ) );
+ },
+ not: function( selector ) {
+ return this.pushStack( winnow( this, selector || [], true ) );
+ },
+ is: function( selector ) {
+ return !!winnow(
+ this,
+
+ // If this is a positional/relative selector, check membership in the returned set
+ // so $("p:first").is("p:last") won't return true for a doc with two "p".
+ typeof selector === "string" && rneedsContext.test( selector ) ?
+ jQuery( selector ) :
+ selector || [],
+ false
+ ).length;
+ }
+} );
+
+
+// Initialize a jQuery object
+
+
+// A central reference to the root jQuery(document)
+var rootjQuery,
+
+ // A simple way to check for HTML strings
+ // Prioritize #id over <tag> to avoid XSS via location.hash (#9521)
+ // Strict HTML recognition (#11290: must start with <)
+ // Shortcut simple #id case for speed
+ rquickExpr = /^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]+))$/,
+
+ init = jQuery.fn.init = function( selector, context, root ) {
+ var match, elem;
+
+ // HANDLE: $(""), $(null), $(undefined), $(false)
+ if ( !selector ) {
+ return this;
+ }
+
+ // Method init() accepts an alternate rootjQuery
+ // so migrate can support jQuery.sub (gh-2101)
+ root = root || rootjQuery;
+
+ // Handle HTML strings
+ if ( typeof selector === "string" ) {
+ if ( selector[ 0 ] === "<" &&
+ selector[ selector.length - 1 ] === ">" &&
+ selector.length >= 3 ) {
+
+ // Assume that strings that start and end with <> are HTML and skip the regex check
+ match = [ null, selector, null ];
+
+ } else {
+ match = rquickExpr.exec( selector );
+ }
+
+ // Match html or make sure no context is specified for #id
+ if ( match && ( match[ 1 ] || !context ) ) {
+
+ // HANDLE: $(html) -> $(array)
+ if ( match[ 1 ] ) {
+ context = context instanceof jQuery ? context[ 0 ] : context;
+
+ // Option to run scripts is true for back-compat
+ // Intentionally let the error be thrown if parseHTML is not present
+ jQuery.merge( this, jQuery.parseHTML(
+ match[ 1 ],
+ context && context.nodeType ? context.ownerDocument || context : document,
+ true
+ ) );
+
+ // HANDLE: $(html, props)
+ if ( rsingleTag.test( match[ 1 ] ) && jQuery.isPlainObject( context ) ) {
+ for ( match in context ) {
+
+ // Properties of context are called as methods if possible
+ if ( jQuery.isFunction( this[ match ] ) ) {
+ this[ match ]( context[ match ] );
+
+ // ...and otherwise set as attributes
+ } else {
+ this.attr( match, context[ match ] );
+ }
+ }
+ }
+
+ return this;
+
+ // HANDLE: $(#id)
+ } else {
+ elem = document.getElementById( match[ 2 ] );
+
+ if ( elem ) {
+
+ // Inject the element directly into the jQuery object
+ this[ 0 ] = elem;
+ this.length = 1;
+ }
+ return this;
+ }
+
+ // HANDLE: $(expr, $(...))
+ } else if ( !context || context.jquery ) {
+ return ( context || root ).find( selector );
+
+ // HANDLE: $(expr, context)
+ // (which is just equivalent to: $(context).find(expr)
+ } else {
+ return this.constructor( context ).find( selector );
+ }
+
+ // HANDLE: $(DOMElement)
+ } else if ( selector.nodeType ) {
+ this[ 0 ] = selector;
+ this.length = 1;
+ return this;
+
+ // HANDLE: $(function)
+ // Shortcut for document ready
+ } else if ( jQuery.isFunction( selector ) ) {
+ return root.ready !== undefined ?
+ root.ready( selector ) :
+
+ // Execute immediately if ready is not present
+ selector( jQuery );
+ }
+
+ return jQuery.makeArray( selector, this );
+ };
+
+// Give the init function the jQuery prototype for later instantiation
+init.prototype = jQuery.fn;
+
+// Initialize central reference
+rootjQuery = jQuery( document );
+
+
+var rparentsprev = /^(?:parents|prev(?:Until|All))/,
+
+ // Methods guaranteed to produce a unique set when starting from a unique set
+ guaranteedUnique = {
+ children: true,
+ contents: true,
+ next: true,
+ prev: true
+ };
+
+jQuery.fn.extend( {
+ has: function( target ) {
+ var targets = jQuery( target, this ),
+ l = targets.length;
+
+ return this.filter( function() {
+ var i = 0;
+ for ( ; i < l; i++ ) {
+ if ( jQuery.contains( this, targets[ i ] ) ) {
+ return true;
+ }
+ }
+ } );
+ },
+
+ closest: function( selectors, context ) {
+ var cur,
+ i = 0,
+ l = this.length,
+ matched = [],
+ targets = typeof selectors !== "string" && jQuery( selectors );
+
+ // Positional selectors never match, since there's no _selection_ context
+ if ( !rneedsContext.test( selectors ) ) {
+ for ( ; i < l; i++ ) {
+ for ( cur = this[ i ]; cur && cur !== context; cur = cur.parentNode ) {
+
+ // Always skip document fragments
+ if ( cur.nodeType < 11 && ( targets ?
+ targets.index( cur ) > -1 :
+
+ // Don't pass non-elements to Sizzle
+ cur.nodeType === 1 &&
+ jQuery.find.matchesSelector( cur, selectors ) ) ) {
+
+ matched.push( cur );
+ break;
+ }
+ }
+ }
+ }
+
+ return this.pushStack( matched.length > 1 ? jQuery.uniqueSort( matched ) : matched );
+ },
+
+ // Determine the position of an element within the set
+ index: function( elem ) {
+
+ // No argument, return index in parent
+ if ( !elem ) {
+ return ( this[ 0 ] && this[ 0 ].parentNode ) ? this.first().prevAll().length : -1;
+ }
+
+ // Index in selector
+ if ( typeof elem === "string" ) {
+ return indexOf.call( jQuery( elem ), this[ 0 ] );
+ }
+
+ // Locate the position of the desired element
+ return indexOf.call( this,
+
+ // If it receives a jQuery object, the first element is used
+ elem.jquery ? elem[ 0 ] : elem
+ );
+ },
+
+ add: function( selector, context ) {
+ return this.pushStack(
+ jQuery.uniqueSort(
+ jQuery.merge( this.get(), jQuery( selector, context ) )
+ )
+ );
+ },
+
+ addBack: function( selector ) {
+ return this.add( selector == null ?
+ this.prevObject : this.prevObject.filter( selector )
+ );
+ }
+} );
+
+function sibling( cur, dir ) {
+ while ( ( cur = cur[ dir ] ) && cur.nodeType !== 1 ) {}
+ return cur;
+}
+
+jQuery.each( {
+ parent: function( elem ) {
+ var parent = elem.parentNode;
+ return parent && parent.nodeType !== 11 ? parent : null;
+ },
+ parents: function( elem ) {
+ return dir( elem, "parentNode" );
+ },
+ parentsUntil: function( elem, i, until ) {
+ return dir( elem, "parentNode", until );
+ },
+ next: function( elem ) {
+ return sibling( elem, "nextSibling" );
+ },
+ prev: function( elem ) {
+ return sibling( elem, "previousSibling" );
+ },
+ nextAll: function( elem ) {
+ return dir( elem, "nextSibling" );
+ },
+ prevAll: function( elem ) {
+ return dir( elem, "previousSibling" );
+ },
+ nextUntil: function( elem, i, until ) {
+ return dir( elem, "nextSibling", until );
+ },
+ prevUntil: function( elem, i, until ) {
+ return dir( elem, "previousSibling", until );
+ },
+ siblings: function( elem ) {
+ return siblings( ( elem.parentNode || {} ).firstChild, elem );
+ },
+ children: function( elem ) {
+ return siblings( elem.firstChild );
+ },
+ contents: function( elem ) {
+ if ( nodeName( elem, "iframe" ) ) {
+ return elem.contentDocument;
+ }
+
+ // Support: IE 9 - 11 only, iOS 7 only, Android Browser <=4.3 only
+ // Treat the template element as a regular one in browsers that
+ // don't support it.
+ if ( nodeName( elem, "template" ) ) {
+ elem = elem.content || elem;
+ }
+
+ return jQuery.merge( [], elem.childNodes );
+ }
+}, function( name, fn ) {
+ jQuery.fn[ name ] = function( until, selector ) {
+ var matched = jQuery.map( this, fn, until );
+
+ if ( name.slice( -5 ) !== "Until" ) {
+ selector = until;
+ }
+
+ if ( selector && typeof selector === "string" ) {
+ matched = jQuery.filter( selector, matched );
+ }
+
+ if ( this.length > 1 ) {
+
+ // Remove duplicates
+ if ( !guaranteedUnique[ name ] ) {
+ jQuery.uniqueSort( matched );
+ }
+
+ // Reverse order for parents* and prev-derivatives
+ if ( rparentsprev.test( name ) ) {
+ matched.reverse();
+ }
+ }
+
+ return this.pushStack( matched );
+ };
+} );
+var rnothtmlwhite = ( /[^\x20\t\r\n\f]+/g );
+
+
+
+// Convert String-formatted options into Object-formatted ones
+function createOptions( options ) {
+ var object = {};
+ jQuery.each( options.match( rnothtmlwhite ) || [], function( _, flag ) {
+ object[ flag ] = true;
+ } );
+ return object;
+}
+
+/*
+ * Create a callback list using the following parameters:
+ *
+ * options: an optional list of space-separated options that will change how
+ * the callback list behaves or a more traditional option object
+ *
+ * By default a callback list will act like an event callback list and can be
+ * "fired" multiple times.
+ *
+ * Possible options:
+ *
+ * once: will ensure the callback list can only be fired once (like a Deferred)
+ *
+ * memory: will keep track of previous values and will call any callback added
+ * after the list has been fired right away with the latest "memorized"
+ * values (like a Deferred)
+ *
+ * unique: will ensure a callback can only be added once (no duplicate in the list)
+ *
+ * stopOnFalse: interrupt callings when a callback returns false
+ *
+ */
+jQuery.Callbacks = function( options ) {
+
+ // Convert options from String-formatted to Object-formatted if needed
+ // (we check in cache first)
+ options = typeof options === "string" ?
+ createOptions( options ) :
+ jQuery.extend( {}, options );
+
+ var // Flag to know if list is currently firing
+ firing,
+
+ // Last fire value for non-forgettable lists
+ memory,
+
+ // Flag to know if list was already fired
+ fired,
+
+ // Flag to prevent firing
+ locked,
+
+ // Actual callback list
+ list = [],
+
+ // Queue of execution data for repeatable lists
+ queue = [],
+
+ // Index of currently firing callback (modified by add/remove as needed)
+ firingIndex = -1,
+
+ // Fire callbacks
+ fire = function() {
+
+ // Enforce single-firing
+ locked = locked || options.once;
+
+ // Execute callbacks for all pending executions,
+ // respecting firingIndex overrides and runtime changes
+ fired = firing = true;
+ for ( ; queue.length; firingIndex = -1 ) {
+ memory = queue.shift();
+ while ( ++firingIndex < list.length ) {
+
+ // Run callback and check for early termination
+ if ( list[ firingIndex ].apply( memory[ 0 ], memory[ 1 ] ) === false &&
+ options.stopOnFalse ) {
+
+ // Jump to end and forget the data so .add doesn't re-fire
+ firingIndex = list.length;
+ memory = false;
+ }
+ }
+ }
+
+ // Forget the data if we're done with it
+ if ( !options.memory ) {
+ memory = false;
+ }
+
+ firing = false;
+
+ // Clean up if we're done firing for good
+ if ( locked ) {
+
+ // Keep an empty list if we have data for future add calls
+ if ( memory ) {
+ list = [];
+
+ // Otherwise, this object is spent
+ } else {
+ list = "";
+ }
+ }
+ },
+
+ // Actual Callbacks object
+ self = {
+
+ // Add a callback or a collection of callbacks to the list
+ add: function() {
+ if ( list ) {
+
+ // If we have memory from a past run, we should fire after adding
+ if ( memory && !firing ) {
+ firingIndex = list.length - 1;
+ queue.push( memory );
+ }
+
+ ( function add( args ) {
+ jQuery.each( args, function( _, arg ) {
+ if ( jQuery.isFunction( arg ) ) {
+ if ( !options.unique || !self.has( arg ) ) {
+ list.push( arg );
+ }
+ } else if ( arg && arg.length && jQuery.type( arg ) !== "string" ) {
+
+ // Inspect recursively
+ add( arg );
+ }
+ } );
+ } )( arguments );
+
+ if ( memory && !firing ) {
+ fire();
+ }
+ }
+ return this;
+ },
+
+ // Remove a callback from the list
+ remove: function() {
+ jQuery.each( arguments, function( _, arg ) {
+ var index;
+ while ( ( index = jQuery.inArray( arg, list, index ) ) > -1 ) {
+ list.splice( index, 1 );
+
+ // Handle firing indexes
+ if ( index <= firingIndex ) {
+ firingIndex--;
+ }
+ }
+ } );
+ return this;
+ },
+
+ // Check if a given callback is in the list.
+ // If no argument is given, return whether or not list has callbacks attached.
+ has: function( fn ) {
+ return fn ?
+ jQuery.inArray( fn, list ) > -1 :
+ list.length > 0;
+ },
+
+ // Remove all callbacks from the list
+ empty: function() {
+ if ( list ) {
+ list = [];
+ }
+ return this;
+ },
+
+ // Disable .fire and .add
+ // Abort any current/pending executions
+ // Clear all callbacks and values
+ disable: function() {
+ locked = queue = [];
+ list = memory = "";
+ return this;
+ },
+ disabled: function() {
+ return !list;
+ },
+
+ // Disable .fire
+ // Also disable .add unless we have memory (since it would have no effect)
+ // Abort any pending executions
+ lock: function() {
+ locked = queue = [];
+ if ( !memory && !firing ) {
+ list = memory = "";
+ }
+ return this;
+ },
+ locked: function() {
+ return !!locked;
+ },
+
+ // Call all callbacks with the given context and arguments
+ fireWith: function( context, args ) {
+ if ( !locked ) {
+ args = args || [];
+ args = [ context, args.slice ? args.slice() : args ];
+ queue.push( args );
+ if ( !firing ) {
+ fire();
+ }
+ }
+ return this;
+ },
+
+ // Call all the callbacks with the given arguments
+ fire: function() {
+ self.fireWith( this, arguments );
+ return this;
+ },
+
+ // To know if the callbacks have already been called at least once
+ fired: function() {
+ return !!fired;
+ }
+ };
+
+ return self;
+};
+
+
+function Identity( v ) {
+ return v;
+}
+function Thrower( ex ) {
+ throw ex;
+}
+
+function adoptValue( value, resolve, reject, noValue ) {
+ var method;
+
+ try {
+
+ // Check for promise aspect first to privilege synchronous behavior
+ if ( value && jQuery.isFunction( ( method = value.promise ) ) ) {
+ method.call( value ).done( resolve ).fail( reject );
+
+ // Other thenables
+ } else if ( value && jQuery.isFunction( ( method = value.then ) ) ) {
+ method.call( value, resolve, reject );
+
+ // Other non-thenables
+ } else {
+
+ // Control `resolve` arguments by letting Array#slice cast boolean `noValue` to integer:
+ // * false: [ value ].slice( 0 ) => resolve( value )
+ // * true: [ value ].slice( 1 ) => resolve()
+ resolve.apply( undefined, [ value ].slice( noValue ) );
+ }
+
+ // For Promises/A+, convert exceptions into rejections
+ // Since jQuery.when doesn't unwrap thenables, we can skip the extra checks appearing in
+ // Deferred#then to conditionally suppress rejection.
+ } catch ( value ) {
+
+ // Support: Android 4.0 only
+ // Strict mode functions invoked without .call/.apply get global-object context
+ reject.apply( undefined, [ value ] );
+ }
+}
+
+jQuery.extend( {
+
+ Deferred: function( func ) {
+ var tuples = [
+
+ // action, add listener, callbacks,
+ // ... .then handlers, argument index, [final state]
+ [ "notify", "progress", jQuery.Callbacks( "memory" ),
+ jQuery.Callbacks( "memory" ), 2 ],
+ [ "resolve", "done", jQuery.Callbacks( "once memory" ),
+ jQuery.Callbacks( "once memory" ), 0, "resolved" ],
+ [ "reject", "fail", jQuery.Callbacks( "once memory" ),
+ jQuery.Callbacks( "once memory" ), 1, "rejected" ]
+ ],
+ state = "pending",
+ promise = {
+ state: function() {
+ return state;
+ },
+ always: function() {
+ deferred.done( arguments ).fail( arguments );
+ return this;
+ },
+ "catch": function( fn ) {
+ return promise.then( null, fn );
+ },
+
+ // Keep pipe for back-compat
+ pipe: function( /* fnDone, fnFail, fnProgress */ ) {
+ var fns = arguments;
+
+ return jQuery.Deferred( function( newDefer ) {
+ jQuery.each( tuples, function( i, tuple ) {
+
+ // Map tuples (progress, done, fail) to arguments (done, fail, progress)
+ var fn = jQuery.isFunction( fns[ tuple[ 4 ] ] ) && fns[ tuple[ 4 ] ];
+
+ // deferred.progress(function() { bind to newDefer or newDefer.notify })
+ // deferred.done(function() { bind to newDefer or newDefer.resolve })
+ // deferred.fail(function() { bind to newDefer or newDefer.reject })
+ deferred[ tuple[ 1 ] ]( function() {
+ var returned = fn && fn.apply( this, arguments );
+ if ( returned && jQuery.isFunction( returned.promise ) ) {
+ returned.promise()
+ .progress( newDefer.notify )
+ .done( newDefer.resolve )
+ .fail( newDefer.reject );
+ } else {
+ newDefer[ tuple[ 0 ] + "With" ](
+ this,
+ fn ? [ returned ] : arguments
+ );
+ }
+ } );
+ } );
+ fns = null;
+ } ).promise();
+ },
+ then: function( onFulfilled, onRejected, onProgress ) {
+ var maxDepth = 0;
+ function resolve( depth, deferred, handler, special ) {
+ return function() {
+ var that = this,
+ args = arguments,
+ mightThrow = function() {
+ var returned, then;
+
+ // Support: Promises/A+ section 2.3.3.3.3
+ // https://promisesaplus.com/#point-59
+ // Ignore double-resolution attempts
+ if ( depth < maxDepth ) {
+ return;
+ }
+
+ returned = handler.apply( that, args );
+
+ // Support: Promises/A+ section 2.3.1
+ // https://promisesaplus.com/#point-48
+ if ( returned === deferred.promise() ) {
+ throw new TypeError( "Thenable self-resolution" );
+ }
+
+ // Support: Promises/A+ sections 2.3.3.1, 3.5
+ // https://promisesaplus.com/#point-54
+ // https://promisesaplus.com/#point-75
+ // Retrieve `then` only once
+ then = returned &&
+
+ // Support: Promises/A+ section 2.3.4
+ // https://promisesaplus.com/#point-64
+ // Only check objects and functions for thenability
+ ( typeof returned === "object" ||
+ typeof returned === "function" ) &&
+ returned.then;
+
+ // Handle a returned thenable
+ if ( jQuery.isFunction( then ) ) {
+
+ // Special processors (notify) just wait for resolution
+ if ( special ) {
+ then.call(
+ returned,
+ resolve( maxDepth, deferred, Identity, special ),
+ resolve( maxDepth, deferred, Thrower, special )
+ );
+
+ // Normal processors (resolve) also hook into progress
+ } else {
+
+ // ...and disregard older resolution values
+ maxDepth++;
+
+ then.call(
+ returned,
+ resolve( maxDepth, deferred, Identity, special ),
+ resolve( maxDepth, deferred, Thrower, special ),
+ resolve( maxDepth, deferred, Identity,
+ deferred.notifyWith )
+ );
+ }
+
+ // Handle all other returned values
+ } else {
+
+ // Only substitute handlers pass on context
+ // and multiple values (non-spec behavior)
+ if ( handler !== Identity ) {
+ that = undefined;
+ args = [ returned ];
+ }
+
+ // Process the value(s)
+ // Default process is resolve
+ ( special || deferred.resolveWith )( that, args );
+ }
+ },
+
+ // Only normal processors (resolve) catch and reject exceptions
+ process = special ?
+ mightThrow :
+ function() {
+ try {
+ mightThrow();
+ } catch ( e ) {
+
+ if ( jQuery.Deferred.exceptionHook ) {
+ jQuery.Deferred.exceptionHook( e,
+ process.stackTrace );
+ }
+
+ // Support: Promises/A+ section 2.3.3.3.4.1
+ // https://promisesaplus.com/#point-61
+ // Ignore post-resolution exceptions
+ if ( depth + 1 >= maxDepth ) {
+
+ // Only substitute handlers pass on context
+ // and multiple values (non-spec behavior)
+ if ( handler !== Thrower ) {
+ that = undefined;
+ args = [ e ];
+ }
+
+ deferred.rejectWith( that, args );
+ }
+ }
+ };
+
+ // Support: Promises/A+ section 2.3.3.3.1
+ // https://promisesaplus.com/#point-57
+ // Re-resolve promises immediately to dodge false rejection from
+ // subsequent errors
+ if ( depth ) {
+ process();
+ } else {
+
+ // Call an optional hook to record the stack, in case of exception
+ // since it's otherwise lost when execution goes async
+ if ( jQuery.Deferred.getStackHook ) {
+ process.stackTrace = jQuery.Deferred.getStackHook();
+ }
+ window.setTimeout( process );
+ }
+ };
+ }
+
+ return jQuery.Deferred( function( newDefer ) {
+
+ // progress_handlers.add( ... )
+ tuples[ 0 ][ 3 ].add(
+ resolve(
+ 0,
+ newDefer,
+ jQuery.isFunction( onProgress ) ?
+ onProgress :
+ Identity,
+ newDefer.notifyWith
+ )
+ );
+
+ // fulfilled_handlers.add( ... )
+ tuples[ 1 ][ 3 ].add(
+ resolve(
+ 0,
+ newDefer,
+ jQuery.isFunction( onFulfilled ) ?
+ onFulfilled :
+ Identity
+ )
+ );
+
+ // rejected_handlers.add( ... )
+ tuples[ 2 ][ 3 ].add(
+ resolve(
+ 0,
+ newDefer,
+ jQuery.isFunction( onRejected ) ?
+ onRejected :
+ Thrower
+ )
+ );
+ } ).promise();
+ },
+
+ // Get a promise for this deferred
+ // If obj is provided, the promise aspect is added to the object
+ promise: function( obj ) {
+ return obj != null ? jQuery.extend( obj, promise ) : promise;
+ }
+ },
+ deferred = {};
+
+ // Add list-specific methods
+ jQuery.each( tuples, function( i, tuple ) {
+ var list = tuple[ 2 ],
+ stateString = tuple[ 5 ];
+
+ // promise.progress = list.add
+ // promise.done = list.add
+ // promise.fail = list.add
+ promise[ tuple[ 1 ] ] = list.add;
+
+ // Handle state
+ if ( stateString ) {
+ list.add(
+ function() {
+
+ // state = "resolved" (i.e., fulfilled)
+ // state = "rejected"
+ state = stateString;
+ },
+
+ // rejected_callbacks.disable
+ // fulfilled_callbacks.disable
+ tuples[ 3 - i ][ 2 ].disable,
+
+ // progress_callbacks.lock
+ tuples[ 0 ][ 2 ].lock
+ );
+ }
+
+ // progress_handlers.fire
+ // fulfilled_handlers.fire
+ // rejected_handlers.fire
+ list.add( tuple[ 3 ].fire );
+
+ // deferred.notify = function() { deferred.notifyWith(...) }
+ // deferred.resolve = function() { deferred.resolveWith(...) }
+ // deferred.reject = function() { deferred.rejectWith(...) }
+ deferred[ tuple[ 0 ] ] = function() {
+ deferred[ tuple[ 0 ] + "With" ]( this === deferred ? undefined : this, arguments );
+ return this;
+ };
+
+ // deferred.notifyWith = list.fireWith
+ // deferred.resolveWith = list.fireWith
+ // deferred.rejectWith = list.fireWith
+ deferred[ tuple[ 0 ] + "With" ] = list.fireWith;
+ } );
+
+ // Make the deferred a promise
+ promise.promise( deferred );
+
+ // Call given func if any
+ if ( func ) {
+ func.call( deferred, deferred );
+ }
+
+ // All done!
+ return deferred;
+ },
+
+ // Deferred helper
+ when: function( singleValue ) {
+ var
+
+ // count of uncompleted subordinates
+ remaining = arguments.length,
+
+ // count of unprocessed arguments
+ i = remaining,
+
+ // subordinate fulfillment data
+ resolveContexts = Array( i ),
+ resolveValues = slice.call( arguments ),
+
+ // the master Deferred
+ master = jQuery.Deferred(),
+
+ // subordinate callback factory
+ updateFunc = function( i ) {
+ return function( value ) {
+ resolveContexts[ i ] = this;
+ resolveValues[ i ] = arguments.length > 1 ? slice.call( arguments ) : value;
+ if ( !( --remaining ) ) {
+ master.resolveWith( resolveContexts, resolveValues );
+ }
+ };
+ };
+
+ // Single- and empty arguments are adopted like Promise.resolve
+ if ( remaining <= 1 ) {
+ adoptValue( singleValue, master.done( updateFunc( i ) ).resolve, master.reject,
+ !remaining );
+
+ // Use .then() to unwrap secondary thenables (cf. gh-3000)
+ if ( master.state() === "pending" ||
+ jQuery.isFunction( resolveValues[ i ] && resolveValues[ i ].then ) ) {
+
+ return master.then();
+ }
+ }
+
+ // Multiple arguments are aggregated like Promise.all array elements
+ while ( i-- ) {
+ adoptValue( resolveValues[ i ], updateFunc( i ), master.reject );
+ }
+
+ return master.promise();
+ }
+} );
+
+
+// These usually indicate a programmer mistake during development,
+// warn about them ASAP rather than swallowing them by default.
+var rerrorNames = /^(Eval|Internal|Range|Reference|Syntax|Type|URI)Error$/;
+
+jQuery.Deferred.exceptionHook = function( error, stack ) {
+
+ // Support: IE 8 - 9 only
+ // Console exists when dev tools are open, which can happen at any time
+ if ( window.console && window.console.warn && error && rerrorNames.test( error.name ) ) {
+ window.console.warn( "jQuery.Deferred exception: " + error.message, error.stack, stack );
+ }
+};
+
+
+
+
+jQuery.readyException = function( error ) {
+ window.setTimeout( function() {
+ throw error;
+ } );
+};
+
+
+
+
+// The deferred used on DOM ready
+var readyList = jQuery.Deferred();
+
+jQuery.fn.ready = function( fn ) {
+
+ readyList
+ .then( fn )
+
+ // Wrap jQuery.readyException in a function so that the lookup
+ // happens at the time of error handling instead of callback
+ // registration.
+ .catch( function( error ) {
+ jQuery.readyException( error );
+ } );
+
+ return this;
+};
+
+jQuery.extend( {
+
+ // Is the DOM ready to be used? Set to true once it occurs.
+ isReady: false,
+
+ // A counter to track how many items to wait for before
+ // the ready event fires. See #6781
+ readyWait: 1,
+
+ // Handle when the DOM is ready
+ ready: function( wait ) {
+
+ // Abort if there are pending holds or we're already ready
+ if ( wait === true ? --jQuery.readyWait : jQuery.isReady ) {
+ return;
+ }
+
+ // Remember that the DOM is ready
+ jQuery.isReady = true;
+
+ // If a normal DOM Ready event fired, decrement, and wait if need be
+ if ( wait !== true && --jQuery.readyWait > 0 ) {
+ return;
+ }
+
+ // If there are functions bound, to execute
+ readyList.resolveWith( document, [ jQuery ] );
+ }
+} );
+
+jQuery.ready.then = readyList.then;
+
+// The ready event handler and self cleanup method
+function completed() {
+ document.removeEventListener( "DOMContentLoaded", completed );
+ window.removeEventListener( "load", completed );
+ jQuery.ready();
+}
+
+// Catch cases where $(document).ready() is called
+// after the browser event has already occurred.
+// Support: IE <=9 - 10 only
+// Older IE sometimes signals "interactive" too soon
+if ( document.readyState === "complete" ||
+ ( document.readyState !== "loading" && !document.documentElement.doScroll ) ) {
+
+ // Handle it asynchronously to allow scripts the opportunity to delay ready
+ window.setTimeout( jQuery.ready );
+
+} else {
+
+ // Use the handy event callback
+ document.addEventListener( "DOMContentLoaded", completed );
+
+ // A fallback to window.onload, that will always work
+ window.addEventListener( "load", completed );
+}
+
+
+
+
+// Multifunctional method to get and set values of a collection
+// The value/s can optionally be executed if it's a function
+var access = function( elems, fn, key, value, chainable, emptyGet, raw ) {
+ var i = 0,
+ len = elems.length,
+ bulk = key == null;
+
+ // Sets many values
+ if ( jQuery.type( key ) === "object" ) {
+ chainable = true;
+ for ( i in key ) {
+ access( elems, fn, i, key[ i ], true, emptyGet, raw );
+ }
+
+ // Sets one value
+ } else if ( value !== undefined ) {
+ chainable = true;
+
+ if ( !jQuery.isFunction( value ) ) {
+ raw = true;
+ }
+
+ if ( bulk ) {
+
+ // Bulk operations run against the entire set
+ if ( raw ) {
+ fn.call( elems, value );
+ fn = null;
+
+ // ...except when executing function values
+ } else {
+ bulk = fn;
+ fn = function( elem, key, value ) {
+ return bulk.call( jQuery( elem ), value );
+ };
+ }
+ }
+
+ if ( fn ) {
+ for ( ; i < len; i++ ) {
+ fn(
+ elems[ i ], key, raw ?
+ value :
+ value.call( elems[ i ], i, fn( elems[ i ], key ) )
+ );
+ }
+ }
+ }
+
+ if ( chainable ) {
+ return elems;
+ }
+
+ // Gets
+ if ( bulk ) {
+ return fn.call( elems );
+ }
+
+ return len ? fn( elems[ 0 ], key ) : emptyGet;
+};
+var acceptData = function( owner ) {
+
+ // Accepts only:
+ // - Node
+ // - Node.ELEMENT_NODE
+ // - Node.DOCUMENT_NODE
+ // - Object
+ // - Any
+ return owner.nodeType === 1 || owner.nodeType === 9 || !( +owner.nodeType );
+};
+
+
+
+
+function Data() {
+ this.expando = jQuery.expando + Data.uid++;
+}
+
+Data.uid = 1;
+
+Data.prototype = {
+
+ cache: function( owner ) {
+
+ // Check if the owner object already has a cache
+ var value = owner[ this.expando ];
+
+ // If not, create one
+ if ( !value ) {
+ value = {};
+
+ // We can accept data for non-element nodes in modern browsers,
+ // but we should not, see #8335.
+ // Always return an empty object.
+ if ( acceptData( owner ) ) {
+
+ // If it is a node unlikely to be stringify-ed or looped over
+ // use plain assignment
+ if ( owner.nodeType ) {
+ owner[ this.expando ] = value;
+
+ // Otherwise secure it in a non-enumerable property
+ // configurable must be true to allow the property to be
+ // deleted when data is removed
+ } else {
+ Object.defineProperty( owner, this.expando, {
+ value: value,
+ configurable: true
+ } );
+ }
+ }
+ }
+
+ return value;
+ },
+ set: function( owner, data, value ) {
+ var prop,
+ cache = this.cache( owner );
+
+ // Handle: [ owner, key, value ] args
+ // Always use camelCase key (gh-2257)
+ if ( typeof data === "string" ) {
+ cache[ jQuery.camelCase( data ) ] = value;
+
+ // Handle: [ owner, { properties } ] args
+ } else {
+
+ // Copy the properties one-by-one to the cache object
+ for ( prop in data ) {
+ cache[ jQuery.camelCase( prop ) ] = data[ prop ];
+ }
+ }
+ return cache;
+ },
+ get: function( owner, key ) {
+ return key === undefined ?
+ this.cache( owner ) :
+
+ // Always use camelCase key (gh-2257)
+ owner[ this.expando ] && owner[ this.expando ][ jQuery.camelCase( key ) ];
+ },
+ access: function( owner, key, value ) {
+
+ // In cases where either:
+ //
+ // 1. No key was specified
+ // 2. A string key was specified, but no value provided
+ //
+ // Take the "read" path and allow the get method to determine
+ // which value to return, respectively either:
+ //
+ // 1. The entire cache object
+ // 2. The data stored at the key
+ //
+ if ( key === undefined ||
+ ( ( key && typeof key === "string" ) && value === undefined ) ) {
+
+ return this.get( owner, key );
+ }
+
+ // When the key is not a string, or both a key and value
+ // are specified, set or extend (existing objects) with either:
+ //
+ // 1. An object of properties
+ // 2. A key and value
+ //
+ this.set( owner, key, value );
+
+ // Since the "set" path can have two possible entry points
+ // return the expected data based on which path was taken[*]
+ return value !== undefined ? value : key;
+ },
+ remove: function( owner, key ) {
+ var i,
+ cache = owner[ this.expando ];
+
+ if ( cache === undefined ) {
+ return;
+ }
+
+ if ( key !== undefined ) {
+
+ // Support array or space separated string of keys
+ if ( Array.isArray( key ) ) {
+
+ // If key is an array of keys...
+ // We always set camelCase keys, so remove that.
+ key = key.map( jQuery.camelCase );
+ } else {
+ key = jQuery.camelCase( key );
+
+ // If a key with the spaces exists, use it.
+ // Otherwise, create an array by matching non-whitespace
+ key = key in cache ?
+ [ key ] :
+ ( key.match( rnothtmlwhite ) || [] );
+ }
+
+ i = key.length;
+
+ while ( i-- ) {
+ delete cache[ key[ i ] ];
+ }
+ }
+
+ // Remove the expando if there's no more data
+ if ( key === undefined || jQuery.isEmptyObject( cache ) ) {
+
+ // Support: Chrome <=35 - 45
+ // Webkit & Blink performance suffers when deleting properties
+ // from DOM nodes, so set to undefined instead
+ // https://bugs.chromium.org/p/chromium/issues/detail?id=378607 (bug restricted)
+ if ( owner.nodeType ) {
+ owner[ this.expando ] = undefined;
+ } else {
+ delete owner[ this.expando ];
+ }
+ }
+ },
+ hasData: function( owner ) {
+ var cache = owner[ this.expando ];
+ return cache !== undefined && !jQuery.isEmptyObject( cache );
+ }
+};
+var dataPriv = new Data();
+
+var dataUser = new Data();
+
+
+
+// Implementation Summary
+//
+// 1. Enforce API surface and semantic compatibility with 1.9.x branch
+// 2. Improve the module's maintainability by reducing the storage
+// paths to a single mechanism.
+// 3. Use the same single mechanism to support "private" and "user" data.
+// 4. _Never_ expose "private" data to user code (TODO: Drop _data, _removeData)
+// 5. Avoid exposing implementation details on user objects (eg. expando properties)
+// 6. Provide a clear path for implementation upgrade to WeakMap in 2014
+
+var rbrace = /^(?:\{[\w\W]*\}|\[[\w\W]*\])$/,
+ rmultiDash = /[A-Z]/g;
+
+function getData( data ) {
+ if ( data === "true" ) {
+ return true;
+ }
+
+ if ( data === "false" ) {
+ return false;
+ }
+
+ if ( data === "null" ) {
+ return null;
+ }
+
+ // Only convert to a number if it doesn't change the string
+ if ( data === +data + "" ) {
+ return +data;
+ }
+
+ if ( rbrace.test( data ) ) {
+ return JSON.parse( data );
+ }
+
+ return data;
+}
+
+function dataAttr( elem, key, data ) {
+ var name;
+
+ // If nothing was found internally, try to fetch any
+ // data from the HTML5 data-* attribute
+ if ( data === undefined && elem.nodeType === 1 ) {
+ name = "data-" + key.replace( rmultiDash, "-$&" ).toLowerCase();
+ data = elem.getAttribute( name );
+
+ if ( typeof data === "string" ) {
+ try {
+ data = getData( data );
+ } catch ( e ) {}
+
+ // Make sure we set the data so it isn't changed later
+ dataUser.set( elem, key, data );
+ } else {
+ data = undefined;
+ }
+ }
+ return data;
+}
+
+jQuery.extend( {
+ hasData: function( elem ) {
+ return dataUser.hasData( elem ) || dataPriv.hasData( elem );
+ },
+
+ data: function( elem, name, data ) {
+ return dataUser.access( elem, name, data );
+ },
+
+ removeData: function( elem, name ) {
+ dataUser.remove( elem, name );
+ },
+
+ // TODO: Now that all calls to _data and _removeData have been replaced
+ // with direct calls to dataPriv methods, these can be deprecated.
+ _data: function( elem, name, data ) {
+ return dataPriv.access( elem, name, data );
+ },
+
+ _removeData: function( elem, name ) {
+ dataPriv.remove( elem, name );
+ }
+} );
+
+jQuery.fn.extend( {
+ data: function( key, value ) {
+ var i, name, data,
+ elem = this[ 0 ],
+ attrs = elem && elem.attributes;
+
+ // Gets all values
+ if ( key === undefined ) {
+ if ( this.length ) {
+ data = dataUser.get( elem );
+
+ if ( elem.nodeType === 1 && !dataPriv.get( elem, "hasDataAttrs" ) ) {
+ i = attrs.length;
+ while ( i-- ) {
+
+ // Support: IE 11 only
+ // The attrs elements can be null (#14894)
+ if ( attrs[ i ] ) {
+ name = attrs[ i ].name;
+ if ( name.indexOf( "data-" ) === 0 ) {
+ name = jQuery.camelCase( name.slice( 5 ) );
+ dataAttr( elem, name, data[ name ] );
+ }
+ }
+ }
+ dataPriv.set( elem, "hasDataAttrs", true );
+ }
+ }
+
+ return data;
+ }
+
+ // Sets multiple values
+ if ( typeof key === "object" ) {
+ return this.each( function() {
+ dataUser.set( this, key );
+ } );
+ }
+
+ return access( this, function( value ) {
+ var data;
+
+ // The calling jQuery object (element matches) is not empty
+ // (and therefore has an element appears at this[ 0 ]) and the
+ // `value` parameter was not undefined. An empty jQuery object
+ // will result in `undefined` for elem = this[ 0 ] which will
+ // throw an exception if an attempt to read a data cache is made.
+ if ( elem && value === undefined ) {
+
+ // Attempt to get data from the cache
+ // The key will always be camelCased in Data
+ data = dataUser.get( elem, key );
+ if ( data !== undefined ) {
+ return data;
+ }
+
+ // Attempt to "discover" the data in
+ // HTML5 custom data-* attrs
+ data = dataAttr( elem, key );
+ if ( data !== undefined ) {
+ return data;
+ }
+
+ // We tried really hard, but the data doesn't exist.
+ return;
+ }
+
+ // Set the data...
+ this.each( function() {
+
+ // We always store the camelCased key
+ dataUser.set( this, key, value );
+ } );
+ }, null, value, arguments.length > 1, null, true );
+ },
+
+ removeData: function( key ) {
+ return this.each( function() {
+ dataUser.remove( this, key );
+ } );
+ }
+} );
+
+
+jQuery.extend( {
+ queue: function( elem, type, data ) {
+ var queue;
+
+ if ( elem ) {
+ type = ( type || "fx" ) + "queue";
+ queue = dataPriv.get( elem, type );
+
+ // Speed up dequeue by getting out quickly if this is just a lookup
+ if ( data ) {
+ if ( !queue || Array.isArray( data ) ) {
+ queue = dataPriv.access( elem, type, jQuery.makeArray( data ) );
+ } else {
+ queue.push( data );
+ }
+ }
+ return queue || [];
+ }
+ },
+
+ dequeue: function( elem, type ) {
+ type = type || "fx";
+
+ var queue = jQuery.queue( elem, type ),
+ startLength = queue.length,
+ fn = queue.shift(),
+ hooks = jQuery._queueHooks( elem, type ),
+ next = function() {
+ jQuery.dequeue( elem, type );
+ };
+
+ // If the fx queue is dequeued, always remove the progress sentinel
+ if ( fn === "inprogress" ) {
+ fn = queue.shift();
+ startLength--;
+ }
+
+ if ( fn ) {
+
+ // Add a progress sentinel to prevent the fx queue from being
+ // automatically dequeued
+ if ( type === "fx" ) {
+ queue.unshift( "inprogress" );
+ }
+
+ // Clear up the last queue stop function
+ delete hooks.stop;
+ fn.call( elem, next, hooks );
+ }
+
+ if ( !startLength && hooks ) {
+ hooks.empty.fire();
+ }
+ },
+
+ // Not public - generate a queueHooks object, or return the current one
+ _queueHooks: function( elem, type ) {
+ var key = type + "queueHooks";
+ return dataPriv.get( elem, key ) || dataPriv.access( elem, key, {
+ empty: jQuery.Callbacks( "once memory" ).add( function() {
+ dataPriv.remove( elem, [ type + "queue", key ] );
+ } )
+ } );
+ }
+} );
+
+jQuery.fn.extend( {
+ queue: function( type, data ) {
+ var setter = 2;
+
+ if ( typeof type !== "string" ) {
+ data = type;
+ type = "fx";
+ setter--;
+ }
+
+ if ( arguments.length < setter ) {
+ return jQuery.queue( this[ 0 ], type );
+ }
+
+ return data === undefined ?
+ this :
+ this.each( function() {
+ var queue = jQuery.queue( this, type, data );
+
+ // Ensure a hooks for this queue
+ jQuery._queueHooks( this, type );
+
+ if ( type === "fx" && queue[ 0 ] !== "inprogress" ) {
+ jQuery.dequeue( this, type );
+ }
+ } );
+ },
+ dequeue: function( type ) {
+ return this.each( function() {
+ jQuery.dequeue( this, type );
+ } );
+ },
+ clearQueue: function( type ) {
+ return this.queue( type || "fx", [] );
+ },
+
+ // Get a promise resolved when queues of a certain type
+ // are emptied (fx is the type by default)
+ promise: function( type, obj ) {
+ var tmp,
+ count = 1,
+ defer = jQuery.Deferred(),
+ elements = this,
+ i = this.length,
+ resolve = function() {
+ if ( !( --count ) ) {
+ defer.resolveWith( elements, [ elements ] );
+ }
+ };
+
+ if ( typeof type !== "string" ) {
+ obj = type;
+ type = undefined;
+ }
+ type = type || "fx";
+
+ while ( i-- ) {
+ tmp = dataPriv.get( elements[ i ], type + "queueHooks" );
+ if ( tmp && tmp.empty ) {
+ count++;
+ tmp.empty.add( resolve );
+ }
+ }
+ resolve();
+ return defer.promise( obj );
+ }
+} );
+var pnum = ( /[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/ ).source;
+
+var rcssNum = new RegExp( "^(?:([+-])=|)(" + pnum + ")([a-z%]*)$", "i" );
+
+
+var cssExpand = [ "Top", "Right", "Bottom", "Left" ];
+
+var isHiddenWithinTree = function( elem, el ) {
+
+ // isHiddenWithinTree might be called from jQuery#filter function;
+ // in that case, element will be second argument
+ elem = el || elem;
+
+ // Inline style trumps all
+ return elem.style.display === "none" ||
+ elem.style.display === "" &&
+
+ // Otherwise, check computed style
+ // Support: Firefox <=43 - 45
+ // Disconnected elements can have computed display: none, so first confirm that elem is
+ // in the document.
+ jQuery.contains( elem.ownerDocument, elem ) &&
+
+ jQuery.css( elem, "display" ) === "none";
+ };
+
+var swap = function( elem, options, callback, args ) {
+ var ret, name,
+ old = {};
+
+ // Remember the old values, and insert the new ones
+ for ( name in options ) {
+ old[ name ] = elem.style[ name ];
+ elem.style[ name ] = options[ name ];
+ }
+
+ ret = callback.apply( elem, args || [] );
+
+ // Revert the old values
+ for ( name in options ) {
+ elem.style[ name ] = old[ name ];
+ }
+
+ return ret;
+};
+
+
+
+
+function adjustCSS( elem, prop, valueParts, tween ) {
+ var adjusted,
+ scale = 1,
+ maxIterations = 20,
+ currentValue = tween ?
+ function() {
+ return tween.cur();
+ } :
+ function() {
+ return jQuery.css( elem, prop, "" );
+ },
+ initial = currentValue(),
+ unit = valueParts && valueParts[ 3 ] || ( jQuery.cssNumber[ prop ] ? "" : "px" ),
+
+ // Starting value computation is required for potential unit mismatches
+ initialInUnit = ( jQuery.cssNumber[ prop ] || unit !== "px" && +initial ) &&
+ rcssNum.exec( jQuery.css( elem, prop ) );
+
+ if ( initialInUnit && initialInUnit[ 3 ] !== unit ) {
+
+ // Trust units reported by jQuery.css
+ unit = unit || initialInUnit[ 3 ];
+
+ // Make sure we update the tween properties later on
+ valueParts = valueParts || [];
+
+ // Iteratively approximate from a nonzero starting point
+ initialInUnit = +initial || 1;
+
+ do {
+
+ // If previous iteration zeroed out, double until we get *something*.
+ // Use string for doubling so we don't accidentally see scale as unchanged below
+ scale = scale || ".5";
+
+ // Adjust and apply
+ initialInUnit = initialInUnit / scale;
+ jQuery.style( elem, prop, initialInUnit + unit );
+
+ // Update scale, tolerating zero or NaN from tween.cur()
+ // Break the loop if scale is unchanged or perfect, or if we've just had enough.
+ } while (
+ scale !== ( scale = currentValue() / initial ) && scale !== 1 && --maxIterations
+ );
+ }
+
+ if ( valueParts ) {
+ initialInUnit = +initialInUnit || +initial || 0;
+
+ // Apply relative offset (+=/-=) if specified
+ adjusted = valueParts[ 1 ] ?
+ initialInUnit + ( valueParts[ 1 ] + 1 ) * valueParts[ 2 ] :
+ +valueParts[ 2 ];
+ if ( tween ) {
+ tween.unit = unit;
+ tween.start = initialInUnit;
+ tween.end = adjusted;
+ }
+ }
+ return adjusted;
+}
+
+
+var defaultDisplayMap = {};
+
+function getDefaultDisplay( elem ) {
+ var temp,
+ doc = elem.ownerDocument,
+ nodeName = elem.nodeName,
+ display = defaultDisplayMap[ nodeName ];
+
+ if ( display ) {
+ return display;
+ }
+
+ temp = doc.body.appendChild( doc.createElement( nodeName ) );
+ display = jQuery.css( temp, "display" );
+
+ temp.parentNode.removeChild( temp );
+
+ if ( display === "none" ) {
+ display = "block";
+ }
+ defaultDisplayMap[ nodeName ] = display;
+
+ return display;
+}
+
+function showHide( elements, show ) {
+ var display, elem,
+ values = [],
+ index = 0,
+ length = elements.length;
+
+ // Determine new display value for elements that need to change
+ for ( ; index < length; index++ ) {
+ elem = elements[ index ];
+ if ( !elem.style ) {
+ continue;
+ }
+
+ display = elem.style.display;
+ if ( show ) {
+
+ // Since we force visibility upon cascade-hidden elements, an immediate (and slow)
+ // check is required in this first loop unless we have a nonempty display value (either
+ // inline or about-to-be-restored)
+ if ( display === "none" ) {
+ values[ index ] = dataPriv.get( elem, "display" ) || null;
+ if ( !values[ index ] ) {
+ elem.style.display = "";
+ }
+ }
+ if ( elem.style.display === "" && isHiddenWithinTree( elem ) ) {
+ values[ index ] = getDefaultDisplay( elem );
+ }
+ } else {
+ if ( display !== "none" ) {
+ values[ index ] = "none";
+
+ // Remember what we're overwriting
+ dataPriv.set( elem, "display", display );
+ }
+ }
+ }
+
+ // Set the display of the elements in a second loop to avoid constant reflow
+ for ( index = 0; index < length; index++ ) {
+ if ( values[ index ] != null ) {
+ elements[ index ].style.display = values[ index ];
+ }
+ }
+
+ return elements;
+}
+
+jQuery.fn.extend( {
+ show: function() {
+ return showHide( this, true );
+ },
+ hide: function() {
+ return showHide( this );
+ },
+ toggle: function( state ) {
+ if ( typeof state === "boolean" ) {
+ return state ? this.show() : this.hide();
+ }
+
+ return this.each( function() {
+ if ( isHiddenWithinTree( this ) ) {
+ jQuery( this ).show();
+ } else {
+ jQuery( this ).hide();
+ }
+ } );
+ }
+} );
+var rcheckableType = ( /^(?:checkbox|radio)$/i );
+
+var rtagName = ( /<([a-z][^\/\0>\x20\t\r\n\f]+)/i );
+
+var rscriptType = ( /^$|\/(?:java|ecma)script/i );
+
+
+
+// We have to close these tags to support XHTML (#13200)
+var wrapMap = {
+
+ // Support: IE <=9 only
+ option: [ 1, "<select multiple='multiple'>", "</select>" ],
+
+ // XHTML parsers do not magically insert elements in the
+ // same way that tag soup parsers do. So we cannot shorten
+ // this by omitting <tbody> or other required elements.
+ thead: [ 1, "<table>", "</table>" ],
+ col: [ 2, "<table><colgroup>", "</colgroup></table>" ],
+ tr: [ 2, "<table><tbody>", "</tbody></table>" ],
+ td: [ 3, "<table><tbody><tr>", "</tr></tbody></table>" ],
+
+ _default: [ 0, "", "" ]
+};
+
+// Support: IE <=9 only
+wrapMap.optgroup = wrapMap.option;
+
+wrapMap.tbody = wrapMap.tfoot = wrapMap.colgroup = wrapMap.caption = wrapMap.thead;
+wrapMap.th = wrapMap.td;
+
+
+function getAll( context, tag ) {
+
+ // Support: IE <=9 - 11 only
+ // Use typeof to avoid zero-argument method invocation on host objects (#15151)
+ var ret;
+
+ if ( typeof context.getElementsByTagName !== "undefined" ) {
+ ret = context.getElementsByTagName( tag || "*" );
+
+ } else if ( typeof context.querySelectorAll !== "undefined" ) {
+ ret = context.querySelectorAll( tag || "*" );
+
+ } else {
+ ret = [];
+ }
+
+ if ( tag === undefined || tag && nodeName( context, tag ) ) {
+ return jQuery.merge( [ context ], ret );
+ }
+
+ return ret;
+}
+
+
+// Mark scripts as having already been evaluated
+function setGlobalEval( elems, refElements ) {
+ var i = 0,
+ l = elems.length;
+
+ for ( ; i < l; i++ ) {
+ dataPriv.set(
+ elems[ i ],
+ "globalEval",
+ !refElements || dataPriv.get( refElements[ i ], "globalEval" )
+ );
+ }
+}
+
+
+var rhtml = /<|&#?\w+;/;
+
+function buildFragment( elems, context, scripts, selection, ignored ) {
+ var elem, tmp, tag, wrap, contains, j,
+ fragment = context.createDocumentFragment(),
+ nodes = [],
+ i = 0,
+ l = elems.length;
+
+ for ( ; i < l; i++ ) {
+ elem = elems[ i ];
+
+ if ( elem || elem === 0 ) {
+
+ // Add nodes directly
+ if ( jQuery.type( elem ) === "object" ) {
+
+ // Support: Android <=4.0 only, PhantomJS 1 only
+ // push.apply(_, arraylike) throws on ancient WebKit
+ jQuery.merge( nodes, elem.nodeType ? [ elem ] : elem );
+
+ // Convert non-html into a text node
+ } else if ( !rhtml.test( elem ) ) {
+ nodes.push( context.createTextNode( elem ) );
+
+ // Convert html into DOM nodes
+ } else {
+ tmp = tmp || fragment.appendChild( context.createElement( "div" ) );
+
+ // Deserialize a standard representation
+ tag = ( rtagName.exec( elem ) || [ "", "" ] )[ 1 ].toLowerCase();
+ wrap = wrapMap[ tag ] || wrapMap._default;
+ tmp.innerHTML = wrap[ 1 ] + jQuery.htmlPrefilter( elem ) + wrap[ 2 ];
+
+ // Descend through wrappers to the right content
+ j = wrap[ 0 ];
+ while ( j-- ) {
+ tmp = tmp.lastChild;
+ }
+
+ // Support: Android <=4.0 only, PhantomJS 1 only
+ // push.apply(_, arraylike) throws on ancient WebKit
+ jQuery.merge( nodes, tmp.childNodes );
+
+ // Remember the top-level container
+ tmp = fragment.firstChild;
+
+ // Ensure the created nodes are orphaned (#12392)
+ tmp.textContent = "";
+ }
+ }
+ }
+
+ // Remove wrapper from fragment
+ fragment.textContent = "";
+
+ i = 0;
+ while ( ( elem = nodes[ i++ ] ) ) {
+
+ // Skip elements already in the context collection (trac-4087)
+ if ( selection && jQuery.inArray( elem, selection ) > -1 ) {
+ if ( ignored ) {
+ ignored.push( elem );
+ }
+ continue;
+ }
+
+ contains = jQuery.contains( elem.ownerDocument, elem );
+
+ // Append to fragment
+ tmp = getAll( fragment.appendChild( elem ), "script" );
+
+ // Preserve script evaluation history
+ if ( contains ) {
+ setGlobalEval( tmp );
+ }
+
+ // Capture executables
+ if ( scripts ) {
+ j = 0;
+ while ( ( elem = tmp[ j++ ] ) ) {
+ if ( rscriptType.test( elem.type || "" ) ) {
+ scripts.push( elem );
+ }
+ }
+ }
+ }
+
+ return fragment;
+}
+
+
+( function() {
+ var fragment = document.createDocumentFragment(),
+ div = fragment.appendChild( document.createElement( "div" ) ),
+ input = document.createElement( "input" );
+
+ // Support: Android 4.0 - 4.3 only
+ // Check state lost if the name is set (#11217)
+ // Support: Windows Web Apps (WWA)
+ // `name` and `type` must use .setAttribute for WWA (#14901)
+ input.setAttribute( "type", "radio" );
+ input.setAttribute( "checked", "checked" );
+ input.setAttribute( "name", "t" );
+
+ div.appendChild( input );
+
+ // Support: Android <=4.1 only
+ // Older WebKit doesn't clone checked state correctly in fragments
+ support.checkClone = div.cloneNode( true ).cloneNode( true ).lastChild.checked;
+
+ // Support: IE <=11 only
+ // Make sure textarea (and checkbox) defaultValue is properly cloned
+ div.innerHTML = "<textarea>x</textarea>";
+ support.noCloneChecked = !!div.cloneNode( true ).lastChild.defaultValue;
+} )();
+var documentElement = document.documentElement;
+
+
+
+var
+ rkeyEvent = /^key/,
+ rmouseEvent = /^(?:mouse|pointer|contextmenu|drag|drop)|click/,
+ rtypenamespace = /^([^.]*)(?:\.(.+)|)/;
+
+function returnTrue() {
+ return true;
+}
+
+function returnFalse() {
+ return false;
+}
+
+// Support: IE <=9 only
+// See #13393 for more info
+function safeActiveElement() {
+ try {
+ return document.activeElement;
+ } catch ( err ) { }
+}
+
+function on( elem, types, selector, data, fn, one ) {
+ var origFn, type;
+
+ // Types can be a map of types/handlers
+ if ( typeof types === "object" ) {
+
+ // ( types-Object, selector, data )
+ if ( typeof selector !== "string" ) {
+
+ // ( types-Object, data )
+ data = data || selector;
+ selector = undefined;
+ }
+ for ( type in types ) {
+ on( elem, type, selector, data, types[ type ], one );
+ }
+ return elem;
+ }
+
+ if ( data == null && fn == null ) {
+
+ // ( types, fn )
+ fn = selector;
+ data = selector = undefined;
+ } else if ( fn == null ) {
+ if ( typeof selector === "string" ) {
+
+ // ( types, selector, fn )
+ fn = data;
+ data = undefined;
+ } else {
+
+ // ( types, data, fn )
+ fn = data;
+ data = selector;
+ selector = undefined;
+ }
+ }
+ if ( fn === false ) {
+ fn = returnFalse;
+ } else if ( !fn ) {
+ return elem;
+ }
+
+ if ( one === 1 ) {
+ origFn = fn;
+ fn = function( event ) {
+
+ // Can use an empty set, since event contains the info
+ jQuery().off( event );
+ return origFn.apply( this, arguments );
+ };
+
+ // Use same guid so caller can remove using origFn
+ fn.guid = origFn.guid || ( origFn.guid = jQuery.guid++ );
+ }
+ return elem.each( function() {
+ jQuery.event.add( this, types, fn, data, selector );
+ } );
+}
+
+/*
+ * Helper functions for managing events -- not part of the public interface.
+ * Props to Dean Edwards' addEvent library for many of the ideas.
+ */
+jQuery.event = {
+
+ global: {},
+
+ add: function( elem, types, handler, data, selector ) {
+
+ var handleObjIn, eventHandle, tmp,
+ events, t, handleObj,
+ special, handlers, type, namespaces, origType,
+ elemData = dataPriv.get( elem );
+
+ // Don't attach events to noData or text/comment nodes (but allow plain objects)
+ if ( !elemData ) {
+ return;
+ }
+
+ // Caller can pass in an object of custom data in lieu of the handler
+ if ( handler.handler ) {
+ handleObjIn = handler;
+ handler = handleObjIn.handler;
+ selector = handleObjIn.selector;
+ }
+
+ // Ensure that invalid selectors throw exceptions at attach time
+ // Evaluate against documentElement in case elem is a non-element node (e.g., document)
+ if ( selector ) {
+ jQuery.find.matchesSelector( documentElement, selector );
+ }
+
+ // Make sure that the handler has a unique ID, used to find/remove it later
+ if ( !handler.guid ) {
+ handler.guid = jQuery.guid++;
+ }
+
+ // Init the element's event structure and main handler, if this is the first
+ if ( !( events = elemData.events ) ) {
+ events = elemData.events = {};
+ }
+ if ( !( eventHandle = elemData.handle ) ) {
+ eventHandle = elemData.handle = function( e ) {
+
+ // Discard the second event of a jQuery.event.trigger() and
+ // when an event is called after a page has unloaded
+ return typeof jQuery !== "undefined" && jQuery.event.triggered !== e.type ?
+ jQuery.event.dispatch.apply( elem, arguments ) : undefined;
+ };
+ }
+
+ // Handle multiple events separated by a space
+ types = ( types || "" ).match( rnothtmlwhite ) || [ "" ];
+ t = types.length;
+ while ( t-- ) {
+ tmp = rtypenamespace.exec( types[ t ] ) || [];
+ type = origType = tmp[ 1 ];
+ namespaces = ( tmp[ 2 ] || "" ).split( "." ).sort();
+
+ // There *must* be a type, no attaching namespace-only handlers
+ if ( !type ) {
+ continue;
+ }
+
+ // If event changes its type, use the special event handlers for the changed type
+ special = jQuery.event.special[ type ] || {};
+
+ // If selector defined, determine special event api type, otherwise given type
+ type = ( selector ? special.delegateType : special.bindType ) || type;
+
+ // Update special based on newly reset type
+ special = jQuery.event.special[ type ] || {};
+
+ // handleObj is passed to all event handlers
+ handleObj = jQuery.extend( {
+ type: type,
+ origType: origType,
+ data: data,
+ handler: handler,
+ guid: handler.guid,
+ selector: selector,
+ needsContext: selector && jQuery.expr.match.needsContext.test( selector ),
+ namespace: namespaces.join( "." )
+ }, handleObjIn );
+
+ // Init the event handler queue if we're the first
+ if ( !( handlers = events[ type ] ) ) {
+ handlers = events[ type ] = [];
+ handlers.delegateCount = 0;
+
+ // Only use addEventListener if the special events handler returns false
+ if ( !special.setup ||
+ special.setup.call( elem, data, namespaces, eventHandle ) === false ) {
+
+ if ( elem.addEventListener ) {
+ elem.addEventListener( type, eventHandle );
+ }
+ }
+ }
+
+ if ( special.add ) {
+ special.add.call( elem, handleObj );
+
+ if ( !handleObj.handler.guid ) {
+ handleObj.handler.guid = handler.guid;
+ }
+ }
+
+ // Add to the element's handler list, delegates in front
+ if ( selector ) {
+ handlers.splice( handlers.delegateCount++, 0, handleObj );
+ } else {
+ handlers.push( handleObj );
+ }
+
+ // Keep track of which events have ever been used, for event optimization
+ jQuery.event.global[ type ] = true;
+ }
+
+ },
+
+ // Detach an event or set of events from an element
+ remove: function( elem, types, handler, selector, mappedTypes ) {
+
+ var j, origCount, tmp,
+ events, t, handleObj,
+ special, handlers, type, namespaces, origType,
+ elemData = dataPriv.hasData( elem ) && dataPriv.get( elem );
+
+ if ( !elemData || !( events = elemData.events ) ) {
+ return;
+ }
+
+ // Once for each type.namespace in types; type may be omitted
+ types = ( types || "" ).match( rnothtmlwhite ) || [ "" ];
+ t = types.length;
+ while ( t-- ) {
+ tmp = rtypenamespace.exec( types[ t ] ) || [];
+ type = origType = tmp[ 1 ];
+ namespaces = ( tmp[ 2 ] || "" ).split( "." ).sort();
+
+ // Unbind all events (on this namespace, if provided) for the element
+ if ( !type ) {
+ for ( type in events ) {
+ jQuery.event.remove( elem, type + types[ t ], handler, selector, true );
+ }
+ continue;
+ }
+
+ special = jQuery.event.special[ type ] || {};
+ type = ( selector ? special.delegateType : special.bindType ) || type;
+ handlers = events[ type ] || [];
+ tmp = tmp[ 2 ] &&
+ new RegExp( "(^|\\.)" + namespaces.join( "\\.(?:.*\\.|)" ) + "(\\.|$)" );
+
+ // Remove matching events
+ origCount = j = handlers.length;
+ while ( j-- ) {
+ handleObj = handlers[ j ];
+
+ if ( ( mappedTypes || origType === handleObj.origType ) &&
+ ( !handler || handler.guid === handleObj.guid ) &&
+ ( !tmp || tmp.test( handleObj.namespace ) ) &&
+ ( !selector || selector === handleObj.selector ||
+ selector === "**" && handleObj.selector ) ) {
+ handlers.splice( j, 1 );
+
+ if ( handleObj.selector ) {
+ handlers.delegateCount--;
+ }
+ if ( special.remove ) {
+ special.remove.call( elem, handleObj );
+ }
+ }
+ }
+
+ // Remove generic event handler if we removed something and no more handlers exist
+ // (avoids potential for endless recursion during removal of special event handlers)
+ if ( origCount && !handlers.length ) {
+ if ( !special.teardown ||
+ special.teardown.call( elem, namespaces, elemData.handle ) === false ) {
+
+ jQuery.removeEvent( elem, type, elemData.handle );
+ }
+
+ delete events[ type ];
+ }
+ }
+
+ // Remove data and the expando if it's no longer used
+ if ( jQuery.isEmptyObject( events ) ) {
+ dataPriv.remove( elem, "handle events" );
+ }
+ },
+
+ dispatch: function( nativeEvent ) {
+
+ // Make a writable jQuery.Event from the native event object
+ var event = jQuery.event.fix( nativeEvent );
+
+ var i, j, ret, matched, handleObj, handlerQueue,
+ args = new Array( arguments.length ),
+ handlers = ( dataPriv.get( this, "events" ) || {} )[ event.type ] || [],
+ special = jQuery.event.special[ event.type ] || {};
+
+ // Use the fix-ed jQuery.Event rather than the (read-only) native event
+ args[ 0 ] = event;
+
+ for ( i = 1; i < arguments.length; i++ ) {
+ args[ i ] = arguments[ i ];
+ }
+
+ event.delegateTarget = this;
+
+ // Call the preDispatch hook for the mapped type, and let it bail if desired
+ if ( special.preDispatch && special.preDispatch.call( this, event ) === false ) {
+ return;
+ }
+
+ // Determine handlers
+ handlerQueue = jQuery.event.handlers.call( this, event, handlers );
+
+ // Run delegates first; they may want to stop propagation beneath us
+ i = 0;
+ while ( ( matched = handlerQueue[ i++ ] ) && !event.isPropagationStopped() ) {
+ event.currentTarget = matched.elem;
+
+ j = 0;
+ while ( ( handleObj = matched.handlers[ j++ ] ) &&
+ !event.isImmediatePropagationStopped() ) {
+
+ // Triggered event must either 1) have no namespace, or 2) have namespace(s)
+ // a subset or equal to those in the bound event (both can have no namespace).
+ if ( !event.rnamespace || event.rnamespace.test( handleObj.namespace ) ) {
+
+ event.handleObj = handleObj;
+ event.data = handleObj.data;
+
+ ret = ( ( jQuery.event.special[ handleObj.origType ] || {} ).handle ||
+ handleObj.handler ).apply( matched.elem, args );
+
+ if ( ret !== undefined ) {
+ if ( ( event.result = ret ) === false ) {
+ event.preventDefault();
+ event.stopPropagation();
+ }
+ }
+ }
+ }
+ }
+
+ // Call the postDispatch hook for the mapped type
+ if ( special.postDispatch ) {
+ special.postDispatch.call( this, event );
+ }
+
+ return event.result;
+ },
+
+ handlers: function( event, handlers ) {
+ var i, handleObj, sel, matchedHandlers, matchedSelectors,
+ handlerQueue = [],
+ delegateCount = handlers.delegateCount,
+ cur = event.target;
+
+ // Find delegate handlers
+ if ( delegateCount &&
+
+ // Support: IE <=9
+ // Black-hole SVG <use> instance trees (trac-13180)
+ cur.nodeType &&
+
+ // Support: Firefox <=42
+ // Suppress spec-violating clicks indicating a non-primary pointer button (trac-3861)
+ // https://www.w3.org/TR/DOM-Level-3-Events/#event-type-click
+ // Support: IE 11 only
+ // ...but not arrow key "clicks" of radio inputs, which can have `button` -1 (gh-2343)
+ !( event.type === "click" && event.button >= 1 ) ) {
+
+ for ( ; cur !== this; cur = cur.parentNode || this ) {
+
+ // Don't check non-elements (#13208)
+ // Don't process clicks on disabled elements (#6911, #8165, #11382, #11764)
+ if ( cur.nodeType === 1 && !( event.type === "click" && cur.disabled === true ) ) {
+ matchedHandlers = [];
+ matchedSelectors = {};
+ for ( i = 0; i < delegateCount; i++ ) {
+ handleObj = handlers[ i ];
+
+ // Don't conflict with Object.prototype properties (#13203)
+ sel = handleObj.selector + " ";
+
+ if ( matchedSelectors[ sel ] === undefined ) {
+ matchedSelectors[ sel ] = handleObj.needsContext ?
+ jQuery( sel, this ).index( cur ) > -1 :
+ jQuery.find( sel, this, null, [ cur ] ).length;
+ }
+ if ( matchedSelectors[ sel ] ) {
+ matchedHandlers.push( handleObj );
+ }
+ }
+ if ( matchedHandlers.length ) {
+ handlerQueue.push( { elem: cur, handlers: matchedHandlers } );
+ }
+ }
+ }
+ }
+
+ // Add the remaining (directly-bound) handlers
+ cur = this;
+ if ( delegateCount < handlers.length ) {
+ handlerQueue.push( { elem: cur, handlers: handlers.slice( delegateCount ) } );
+ }
+
+ return handlerQueue;
+ },
+
+ addProp: function( name, hook ) {
+ Object.defineProperty( jQuery.Event.prototype, name, {
+ enumerable: true,
+ configurable: true,
+
+ get: jQuery.isFunction( hook ) ?
+ function() {
+ if ( this.originalEvent ) {
+ return hook( this.originalEvent );
+ }
+ } :
+ function() {
+ if ( this.originalEvent ) {
+ return this.originalEvent[ name ];
+ }
+ },
+
+ set: function( value ) {
+ Object.defineProperty( this, name, {
+ enumerable: true,
+ configurable: true,
+ writable: true,
+ value: value
+ } );
+ }
+ } );
+ },
+
+ fix: function( originalEvent ) {
+ return originalEvent[ jQuery.expando ] ?
+ originalEvent :
+ new jQuery.Event( originalEvent );
+ },
+
+ special: {
+ load: {
+
+ // Prevent triggered image.load events from bubbling to window.load
+ noBubble: true
+ },
+ focus: {
+
+ // Fire native event if possible so blur/focus sequence is correct
+ trigger: function() {
+ if ( this !== safeActiveElement() && this.focus ) {
+ this.focus();
+ return false;
+ }
+ },
+ delegateType: "focusin"
+ },
+ blur: {
+ trigger: function() {
+ if ( this === safeActiveElement() && this.blur ) {
+ this.blur();
+ return false;
+ }
+ },
+ delegateType: "focusout"
+ },
+ click: {
+
+ // For checkbox, fire native event so checked state will be right
+ trigger: function() {
+ if ( this.type === "checkbox" && this.click && nodeName( this, "input" ) ) {
+ this.click();
+ return false;
+ }
+ },
+
+ // For cross-browser consistency, don't fire native .click() on links
+ _default: function( event ) {
+ return nodeName( event.target, "a" );
+ }
+ },
+
+ beforeunload: {
+ postDispatch: function( event ) {
+
+ // Support: Firefox 20+
+ // Firefox doesn't alert if the returnValue field is not set.
+ if ( event.result !== undefined && event.originalEvent ) {
+ event.originalEvent.returnValue = event.result;
+ }
+ }
+ }
+ }
+};
+
+jQuery.removeEvent = function( elem, type, handle ) {
+
+ // This "if" is needed for plain objects
+ if ( elem.removeEventListener ) {
+ elem.removeEventListener( type, handle );
+ }
+};
+
+jQuery.Event = function( src, props ) {
+
+ // Allow instantiation without the 'new' keyword
+ if ( !( this instanceof jQuery.Event ) ) {
+ return new jQuery.Event( src, props );
+ }
+
+ // Event object
+ if ( src && src.type ) {
+ this.originalEvent = src;
+ this.type = src.type;
+
+ // Events bubbling up the document may have been marked as prevented
+ // by a handler lower down the tree; reflect the correct value.
+ this.isDefaultPrevented = src.defaultPrevented ||
+ src.defaultPrevented === undefined &&
+
+ // Support: Android <=2.3 only
+ src.returnValue === false ?
+ returnTrue :
+ returnFalse;
+
+ // Create target properties
+ // Support: Safari <=6 - 7 only
+ // Target should not be a text node (#504, #13143)
+ this.target = ( src.target && src.target.nodeType === 3 ) ?
+ src.target.parentNode :
+ src.target;
+
+ this.currentTarget = src.currentTarget;
+ this.relatedTarget = src.relatedTarget;
+
+ // Event type
+ } else {
+ this.type = src;
+ }
+
+ // Put explicitly provided properties onto the event object
+ if ( props ) {
+ jQuery.extend( this, props );
+ }
+
+ // Create a timestamp if incoming event doesn't have one
+ this.timeStamp = src && src.timeStamp || jQuery.now();
+
+ // Mark it as fixed
+ this[ jQuery.expando ] = true;
+};
+
+// jQuery.Event is based on DOM3 Events as specified by the ECMAScript Language Binding
+// https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html
+jQuery.Event.prototype = {
+ constructor: jQuery.Event,
+ isDefaultPrevented: returnFalse,
+ isPropagationStopped: returnFalse,
+ isImmediatePropagationStopped: returnFalse,
+ isSimulated: false,
+
+ preventDefault: function() {
+ var e = this.originalEvent;
+
+ this.isDefaultPrevented = returnTrue;
+
+ if ( e && !this.isSimulated ) {
+ e.preventDefault();
+ }
+ },
+ stopPropagation: function() {
+ var e = this.originalEvent;
+
+ this.isPropagationStopped = returnTrue;
+
+ if ( e && !this.isSimulated ) {
+ e.stopPropagation();
+ }
+ },
+ stopImmediatePropagation: function() {
+ var e = this.originalEvent;
+
+ this.isImmediatePropagationStopped = returnTrue;
+
+ if ( e && !this.isSimulated ) {
+ e.stopImmediatePropagation();
+ }
+
+ this.stopPropagation();
+ }
+};
+
+// Includes all common event props including KeyEvent and MouseEvent specific props
+jQuery.each( {
+ altKey: true,
+ bubbles: true,
+ cancelable: true,
+ changedTouches: true,
+ ctrlKey: true,
+ detail: true,
+ eventPhase: true,
+ metaKey: true,
+ pageX: true,
+ pageY: true,
+ shiftKey: true,
+ view: true,
+ "char": true,
+ charCode: true,
+ key: true,
+ keyCode: true,
+ button: true,
+ buttons: true,
+ clientX: true,
+ clientY: true,
+ offsetX: true,
+ offsetY: true,
+ pointerId: true,
+ pointerType: true,
+ screenX: true,
+ screenY: true,
+ targetTouches: true,
+ toElement: true,
+ touches: true,
+
+ which: function( event ) {
+ var button = event.button;
+
+ // Add which for key events
+ if ( event.which == null && rkeyEvent.test( event.type ) ) {
+ return event.charCode != null ? event.charCode : event.keyCode;
+ }
+
+ // Add which for click: 1 === left; 2 === middle; 3 === right
+ if ( !event.which && button !== undefined && rmouseEvent.test( event.type ) ) {
+ if ( button & 1 ) {
+ return 1;
+ }
+
+ if ( button & 2 ) {
+ return 3;
+ }
+
+ if ( button & 4 ) {
+ return 2;
+ }
+
+ return 0;
+ }
+
+ return event.which;
+ }
+}, jQuery.event.addProp );
+
+// Create mouseenter/leave events using mouseover/out and event-time checks
+// so that event delegation works in jQuery.
+// Do the same for pointerenter/pointerleave and pointerover/pointerout
+//
+// Support: Safari 7 only
+// Safari sends mouseenter too often; see:
+// https://bugs.chromium.org/p/chromium/issues/detail?id=470258
+// for the description of the bug (it existed in older Chrome versions as well).
+jQuery.each( {
+ mouseenter: "mouseover",
+ mouseleave: "mouseout",
+ pointerenter: "pointerover",
+ pointerleave: "pointerout"
+}, function( orig, fix ) {
+ jQuery.event.special[ orig ] = {
+ delegateType: fix,
+ bindType: fix,
+
+ handle: function( event ) {
+ var ret,
+ target = this,
+ related = event.relatedTarget,
+ handleObj = event.handleObj;
+
+ // For mouseenter/leave call the handler if related is outside the target.
+ // NB: No relatedTarget if the mouse left/entered the browser window
+ if ( !related || ( related !== target && !jQuery.contains( target, related ) ) ) {
+ event.type = handleObj.origType;
+ ret = handleObj.handler.apply( this, arguments );
+ event.type = fix;
+ }
+ return ret;
+ }
+ };
+} );
+
+jQuery.fn.extend( {
+
+ on: function( types, selector, data, fn ) {
+ return on( this, types, selector, data, fn );
+ },
+ one: function( types, selector, data, fn ) {
+ return on( this, types, selector, data, fn, 1 );
+ },
+ off: function( types, selector, fn ) {
+ var handleObj, type;
+ if ( types && types.preventDefault && types.handleObj ) {
+
+ // ( event ) dispatched jQuery.Event
+ handleObj = types.handleObj;
+ jQuery( types.delegateTarget ).off(
+ handleObj.namespace ?
+ handleObj.origType + "." + handleObj.namespace :
+ handleObj.origType,
+ handleObj.selector,
+ handleObj.handler
+ );
+ return this;
+ }
+ if ( typeof types === "object" ) {
+
+ // ( types-object [, selector] )
+ for ( type in types ) {
+ this.off( type, selector, types[ type ] );
+ }
+ return this;
+ }
+ if ( selector === false || typeof selector === "function" ) {
+
+ // ( types [, fn] )
+ fn = selector;
+ selector = undefined;
+ }
+ if ( fn === false ) {
+ fn = returnFalse;
+ }
+ return this.each( function() {
+ jQuery.event.remove( this, types, fn, selector );
+ } );
+ }
+} );
+
+
+var
+
+ /* eslint-disable max-len */
+
+ // See https://github.com/eslint/eslint/issues/3229
+ rxhtmlTag = /<(?!area|br|col|embed|hr|img|input|link|meta|param)(([a-z][^\/\0>\x20\t\r\n\f]*)[^>]*)\/>/gi,
+
+ /* eslint-enable */
+
+ // Support: IE <=10 - 11, Edge 12 - 13
+ // In IE/Edge using regex groups here causes severe slowdowns.
+ // See https://connect.microsoft.com/IE/feedback/details/1736512/
+ rnoInnerhtml = /<script|<style|<link/i,
+
+ // checked="checked" or checked
+ rchecked = /checked\s*(?:[^=]|=\s*.checked.)/i,
+ rscriptTypeMasked = /^true\/(.*)/,
+ rcleanScript = /^\s*<!(?:\[CDATA\[|--)|(?:\]\]|--)>\s*$/g;
+
+// Prefer a tbody over its parent table for containing new rows
+function manipulationTarget( elem, content ) {
+ if ( nodeName( elem, "table" ) &&
+ nodeName( content.nodeType !== 11 ? content : content.firstChild, "tr" ) ) {
+
+ return jQuery( ">tbody", elem )[ 0 ] || elem;
+ }
+
+ return elem;
+}
+
+// Replace/restore the type attribute of script elements for safe DOM manipulation
+function disableScript( elem ) {
+ elem.type = ( elem.getAttribute( "type" ) !== null ) + "/" + elem.type;
+ return elem;
+}
+function restoreScript( elem ) {
+ var match = rscriptTypeMasked.exec( elem.type );
+
+ if ( match ) {
+ elem.type = match[ 1 ];
+ } else {
+ elem.removeAttribute( "type" );
+ }
+
+ return elem;
+}
+
+function cloneCopyEvent( src, dest ) {
+ var i, l, type, pdataOld, pdataCur, udataOld, udataCur, events;
+
+ if ( dest.nodeType !== 1 ) {
+ return;
+ }
+
+ // 1. Copy private data: events, handlers, etc.
+ if ( dataPriv.hasData( src ) ) {
+ pdataOld = dataPriv.access( src );
+ pdataCur = dataPriv.set( dest, pdataOld );
+ events = pdataOld.events;
+
+ if ( events ) {
+ delete pdataCur.handle;
+ pdataCur.events = {};
+
+ for ( type in events ) {
+ for ( i = 0, l = events[ type ].length; i < l; i++ ) {
+ jQuery.event.add( dest, type, events[ type ][ i ] );
+ }
+ }
+ }
+ }
+
+ // 2. Copy user data
+ if ( dataUser.hasData( src ) ) {
+ udataOld = dataUser.access( src );
+ udataCur = jQuery.extend( {}, udataOld );
+
+ dataUser.set( dest, udataCur );
+ }
+}
+
+// Fix IE bugs, see support tests
+function fixInput( src, dest ) {
+ var nodeName = dest.nodeName.toLowerCase();
+
+ // Fails to persist the checked state of a cloned checkbox or radio button.
+ if ( nodeName === "input" && rcheckableType.test( src.type ) ) {
+ dest.checked = src.checked;
+
+ // Fails to return the selected option to the default selected state when cloning options
+ } else if ( nodeName === "input" || nodeName === "textarea" ) {
+ dest.defaultValue = src.defaultValue;
+ }
+}
+
+function domManip( collection, args, callback, ignored ) {
+
+ // Flatten any nested arrays
+ args = concat.apply( [], args );
+
+ var fragment, first, scripts, hasScripts, node, doc,
+ i = 0,
+ l = collection.length,
+ iNoClone = l - 1,
+ value = args[ 0 ],
+ isFunction = jQuery.isFunction( value );
+
+ // We can't cloneNode fragments that contain checked, in WebKit
+ if ( isFunction ||
+ ( l > 1 && typeof value === "string" &&
+ !support.checkClone && rchecked.test( value ) ) ) {
+ return collection.each( function( index ) {
+ var self = collection.eq( index );
+ if ( isFunction ) {
+ args[ 0 ] = value.call( this, index, self.html() );
+ }
+ domManip( self, args, callback, ignored );
+ } );
+ }
+
+ if ( l ) {
+ fragment = buildFragment( args, collection[ 0 ].ownerDocument, false, collection, ignored );
+ first = fragment.firstChild;
+
+ if ( fragment.childNodes.length === 1 ) {
+ fragment = first;
+ }
+
+ // Require either new content or an interest in ignored elements to invoke the callback
+ if ( first || ignored ) {
+ scripts = jQuery.map( getAll( fragment, "script" ), disableScript );
+ hasScripts = scripts.length;
+
+ // Use the original fragment for the last item
+ // instead of the first because it can end up
+ // being emptied incorrectly in certain situations (#8070).
+ for ( ; i < l; i++ ) {
+ node = fragment;
+
+ if ( i !== iNoClone ) {
+ node = jQuery.clone( node, true, true );
+
+ // Keep references to cloned scripts for later restoration
+ if ( hasScripts ) {
+
+ // Support: Android <=4.0 only, PhantomJS 1 only
+ // push.apply(_, arraylike) throws on ancient WebKit
+ jQuery.merge( scripts, getAll( node, "script" ) );
+ }
+ }
+
+ callback.call( collection[ i ], node, i );
+ }
+
+ if ( hasScripts ) {
+ doc = scripts[ scripts.length - 1 ].ownerDocument;
+
+ // Reenable scripts
+ jQuery.map( scripts, restoreScript );
+
+ // Evaluate executable scripts on first document insertion
+ for ( i = 0; i < hasScripts; i++ ) {
+ node = scripts[ i ];
+ if ( rscriptType.test( node.type || "" ) &&
+ !dataPriv.access( node, "globalEval" ) &&
+ jQuery.contains( doc, node ) ) {
+
+ if ( node.src ) {
+
+ // Optional AJAX dependency, but won't run scripts if not present
+ if ( jQuery._evalUrl ) {
+ jQuery._evalUrl( node.src );
+ }
+ } else {
+ DOMEval( node.textContent.replace( rcleanScript, "" ), doc );
+ }
+ }
+ }
+ }
+ }
+ }
+
+ return collection;
+}
+
+function remove( elem, selector, keepData ) {
+ var node,
+ nodes = selector ? jQuery.filter( selector, elem ) : elem,
+ i = 0;
+
+ for ( ; ( node = nodes[ i ] ) != null; i++ ) {
+ if ( !keepData && node.nodeType === 1 ) {
+ jQuery.cleanData( getAll( node ) );
+ }
+
+ if ( node.parentNode ) {
+ if ( keepData && jQuery.contains( node.ownerDocument, node ) ) {
+ setGlobalEval( getAll( node, "script" ) );
+ }
+ node.parentNode.removeChild( node );
+ }
+ }
+
+ return elem;
+}
+
+jQuery.extend( {
+ htmlPrefilter: function( html ) {
+ return html.replace( rxhtmlTag, "<$1></$2>" );
+ },
+
+ clone: function( elem, dataAndEvents, deepDataAndEvents ) {
+ var i, l, srcElements, destElements,
+ clone = elem.cloneNode( true ),
+ inPage = jQuery.contains( elem.ownerDocument, elem );
+
+ // Fix IE cloning issues
+ if ( !support.noCloneChecked && ( elem.nodeType === 1 || elem.nodeType === 11 ) &&
+ !jQuery.isXMLDoc( elem ) ) {
+
+ // We eschew Sizzle here for performance reasons: https://jsperf.com/getall-vs-sizzle/2
+ destElements = getAll( clone );
+ srcElements = getAll( elem );
+
+ for ( i = 0, l = srcElements.length; i < l; i++ ) {
+ fixInput( srcElements[ i ], destElements[ i ] );
+ }
+ }
+
+ // Copy the events from the original to the clone
+ if ( dataAndEvents ) {
+ if ( deepDataAndEvents ) {
+ srcElements = srcElements || getAll( elem );
+ destElements = destElements || getAll( clone );
+
+ for ( i = 0, l = srcElements.length; i < l; i++ ) {
+ cloneCopyEvent( srcElements[ i ], destElements[ i ] );
+ }
+ } else {
+ cloneCopyEvent( elem, clone );
+ }
+ }
+
+ // Preserve script evaluation history
+ destElements = getAll( clone, "script" );
+ if ( destElements.length > 0 ) {
+ setGlobalEval( destElements, !inPage && getAll( elem, "script" ) );
+ }
+
+ // Return the cloned set
+ return clone;
+ },
+
+ cleanData: function( elems ) {
+ var data, elem, type,
+ special = jQuery.event.special,
+ i = 0;
+
+ for ( ; ( elem = elems[ i ] ) !== undefined; i++ ) {
+ if ( acceptData( elem ) ) {
+ if ( ( data = elem[ dataPriv.expando ] ) ) {
+ if ( data.events ) {
+ for ( type in data.events ) {
+ if ( special[ type ] ) {
+ jQuery.event.remove( elem, type );
+
+ // This is a shortcut to avoid jQuery.event.remove's overhead
+ } else {
+ jQuery.removeEvent( elem, type, data.handle );
+ }
+ }
+ }
+
+ // Support: Chrome <=35 - 45+
+ // Assign undefined instead of using delete, see Data#remove
+ elem[ dataPriv.expando ] = undefined;
+ }
+ if ( elem[ dataUser.expando ] ) {
+
+ // Support: Chrome <=35 - 45+
+ // Assign undefined instead of using delete, see Data#remove
+ elem[ dataUser.expando ] = undefined;
+ }
+ }
+ }
+ }
+} );
+
+jQuery.fn.extend( {
+ detach: function( selector ) {
+ return remove( this, selector, true );
+ },
+
+ remove: function( selector ) {
+ return remove( this, selector );
+ },
+
+ text: function( value ) {
+ return access( this, function( value ) {
+ return value === undefined ?
+ jQuery.text( this ) :
+ this.empty().each( function() {
+ if ( this.nodeType === 1 || this.nodeType === 11 || this.nodeType === 9 ) {
+ this.textContent = value;
+ }
+ } );
+ }, null, value, arguments.length );
+ },
+
+ append: function() {
+ return domManip( this, arguments, function( elem ) {
+ if ( this.nodeType === 1 || this.nodeType === 11 || this.nodeType === 9 ) {
+ var target = manipulationTarget( this, elem );
+ target.appendChild( elem );
+ }
+ } );
+ },
+
+ prepend: function() {
+ return domManip( this, arguments, function( elem ) {
+ if ( this.nodeType === 1 || this.nodeType === 11 || this.nodeType === 9 ) {
+ var target = manipulationTarget( this, elem );
+ target.insertBefore( elem, target.firstChild );
+ }
+ } );
+ },
+
+ before: function() {
+ return domManip( this, arguments, function( elem ) {
+ if ( this.parentNode ) {
+ this.parentNode.insertBefore( elem, this );
+ }
+ } );
+ },
+
+ after: function() {
+ return domManip( this, arguments, function( elem ) {
+ if ( this.parentNode ) {
+ this.parentNode.insertBefore( elem, this.nextSibling );
+ }
+ } );
+ },
+
+ empty: function() {
+ var elem,
+ i = 0;
+
+ for ( ; ( elem = this[ i ] ) != null; i++ ) {
+ if ( elem.nodeType === 1 ) {
+
+ // Prevent memory leaks
+ jQuery.cleanData( getAll( elem, false ) );
+
+ // Remove any remaining nodes
+ elem.textContent = "";
+ }
+ }
+
+ return this;
+ },
+
+ clone: function( dataAndEvents, deepDataAndEvents ) {
+ dataAndEvents = dataAndEvents == null ? false : dataAndEvents;
+ deepDataAndEvents = deepDataAndEvents == null ? dataAndEvents : deepDataAndEvents;
+
+ return this.map( function() {
+ return jQuery.clone( this, dataAndEvents, deepDataAndEvents );
+ } );
+ },
+
+ html: function( value ) {
+ return access( this, function( value ) {
+ var elem = this[ 0 ] || {},
+ i = 0,
+ l = this.length;
+
+ if ( value === undefined && elem.nodeType === 1 ) {
+ return elem.innerHTML;
+ }
+
+ // See if we can take a shortcut and just use innerHTML
+ if ( typeof value === "string" && !rnoInnerhtml.test( value ) &&
+ !wrapMap[ ( rtagName.exec( value ) || [ "", "" ] )[ 1 ].toLowerCase() ] ) {
+
+ value = jQuery.htmlPrefilter( value );
+
+ try {
+ for ( ; i < l; i++ ) {
+ elem = this[ i ] || {};
+
+ // Remove element nodes and prevent memory leaks
+ if ( elem.nodeType === 1 ) {
+ jQuery.cleanData( getAll( elem, false ) );
+ elem.innerHTML = value;
+ }
+ }
+
+ elem = 0;
+
+ // If using innerHTML throws an exception, use the fallback method
+ } catch ( e ) {}
+ }
+
+ if ( elem ) {
+ this.empty().append( value );
+ }
+ }, null, value, arguments.length );
+ },
+
+ replaceWith: function() {
+ var ignored = [];
+
+ // Make the changes, replacing each non-ignored context element with the new content
+ return domManip( this, arguments, function( elem ) {
+ var parent = this.parentNode;
+
+ if ( jQuery.inArray( this, ignored ) < 0 ) {
+ jQuery.cleanData( getAll( this ) );
+ if ( parent ) {
+ parent.replaceChild( elem, this );
+ }
+ }
+
+ // Force callback invocation
+ }, ignored );
+ }
+} );
+
+jQuery.each( {
+ appendTo: "append",
+ prependTo: "prepend",
+ insertBefore: "before",
+ insertAfter: "after",
+ replaceAll: "replaceWith"
+}, function( name, original ) {
+ jQuery.fn[ name ] = function( selector ) {
+ var elems,
+ ret = [],
+ insert = jQuery( selector ),
+ last = insert.length - 1,
+ i = 0;
+
+ for ( ; i <= last; i++ ) {
+ elems = i === last ? this : this.clone( true );
+ jQuery( insert[ i ] )[ original ]( elems );
+
+ // Support: Android <=4.0 only, PhantomJS 1 only
+ // .get() because push.apply(_, arraylike) throws on ancient WebKit
+ push.apply( ret, elems.get() );
+ }
+
+ return this.pushStack( ret );
+ };
+} );
+var rmargin = ( /^margin/ );
+
+var rnumnonpx = new RegExp( "^(" + pnum + ")(?!px)[a-z%]+$", "i" );
+
+var getStyles = function( elem ) {
+
+ // Support: IE <=11 only, Firefox <=30 (#15098, #14150)
+ // IE throws on elements created in popups
+ // FF meanwhile throws on frame elements through "defaultView.getComputedStyle"
+ var view = elem.ownerDocument.defaultView;
+
+ if ( !view || !view.opener ) {
+ view = window;
+ }
+
+ return view.getComputedStyle( elem );
+ };
+
+
+
+( function() {
+
+ // Executing both pixelPosition & boxSizingReliable tests require only one layout
+ // so they're executed at the same time to save the second computation.
+ function computeStyleTests() {
+
+ // This is a singleton, we need to execute it only once
+ if ( !div ) {
+ return;
+ }
+
+ div.style.cssText =
+ "box-sizing:border-box;" +
+ "position:relative;display:block;" +
+ "margin:auto;border:1px;padding:1px;" +
+ "top:1%;width:50%";
+ div.innerHTML = "";
+ documentElement.appendChild( container );
+
+ var divStyle = window.getComputedStyle( div );
+ pixelPositionVal = divStyle.top !== "1%";
+
+ // Support: Android 4.0 - 4.3 only, Firefox <=3 - 44
+ reliableMarginLeftVal = divStyle.marginLeft === "2px";
+ boxSizingReliableVal = divStyle.width === "4px";
+
+ // Support: Android 4.0 - 4.3 only
+ // Some styles come back with percentage values, even though they shouldn't
+ div.style.marginRight = "50%";
+ pixelMarginRightVal = divStyle.marginRight === "4px";
+
+ documentElement.removeChild( container );
+
+ // Nullify the div so it wouldn't be stored in the memory and
+ // it will also be a sign that checks already performed
+ div = null;
+ }
+
+ var pixelPositionVal, boxSizingReliableVal, pixelMarginRightVal, reliableMarginLeftVal,
+ container = document.createElement( "div" ),
+ div = document.createElement( "div" );
+
+ // Finish early in limited (non-browser) environments
+ if ( !div.style ) {
+ return;
+ }
+
+ // Support: IE <=9 - 11 only
+ // Style of cloned element affects source element cloned (#8908)
+ div.style.backgroundClip = "content-box";
+ div.cloneNode( true ).style.backgroundClip = "";
+ support.clearCloneStyle = div.style.backgroundClip === "content-box";
+
+ container.style.cssText = "border:0;width:8px;height:0;top:0;left:-9999px;" +
+ "padding:0;margin-top:1px;position:absolute";
+ container.appendChild( div );
+
+ jQuery.extend( support, {
+ pixelPosition: function() {
+ computeStyleTests();
+ return pixelPositionVal;
+ },
+ boxSizingReliable: function() {
+ computeStyleTests();
+ return boxSizingReliableVal;
+ },
+ pixelMarginRight: function() {
+ computeStyleTests();
+ return pixelMarginRightVal;
+ },
+ reliableMarginLeft: function() {
+ computeStyleTests();
+ return reliableMarginLeftVal;
+ }
+ } );
+} )();
+
+
+function curCSS( elem, name, computed ) {
+ var width, minWidth, maxWidth, ret,
+
+ // Support: Firefox 51+
+ // Retrieving style before computed somehow
+ // fixes an issue with getting wrong values
+ // on detached elements
+ style = elem.style;
+
+ computed = computed || getStyles( elem );
+
+ // getPropertyValue is needed for:
+ // .css('filter') (IE 9 only, #12537)
+ // .css('--customProperty) (#3144)
+ if ( computed ) {
+ ret = computed.getPropertyValue( name ) || computed[ name ];
+
+ if ( ret === "" && !jQuery.contains( elem.ownerDocument, elem ) ) {
+ ret = jQuery.style( elem, name );
+ }
+
+ // A tribute to the "awesome hack by Dean Edwards"
+ // Android Browser returns percentage for some values,
+ // but width seems to be reliably pixels.
+ // This is against the CSSOM draft spec:
+ // https://drafts.csswg.org/cssom/#resolved-values
+ if ( !support.pixelMarginRight() && rnumnonpx.test( ret ) && rmargin.test( name ) ) {
+
+ // Remember the original values
+ width = style.width;
+ minWidth = style.minWidth;
+ maxWidth = style.maxWidth;
+
+ // Put in the new values to get a computed value out
+ style.minWidth = style.maxWidth = style.width = ret;
+ ret = computed.width;
+
+ // Revert the changed values
+ style.width = width;
+ style.minWidth = minWidth;
+ style.maxWidth = maxWidth;
+ }
+ }
+
+ return ret !== undefined ?
+
+ // Support: IE <=9 - 11 only
+ // IE returns zIndex value as an integer.
+ ret + "" :
+ ret;
+}
+
+
+function addGetHookIf( conditionFn, hookFn ) {
+
+ // Define the hook, we'll check on the first run if it's really needed.
+ return {
+ get: function() {
+ if ( conditionFn() ) {
+
+ // Hook not needed (or it's not possible to use it due
+ // to missing dependency), remove it.
+ delete this.get;
+ return;
+ }
+
+ // Hook needed; redefine it so that the support test is not executed again.
+ return ( this.get = hookFn ).apply( this, arguments );
+ }
+ };
+}
+
+
+var
+
+ // Swappable if display is none or starts with table
+ // except "table", "table-cell", or "table-caption"
+ // See here for display values: https://developer.mozilla.org/en-US/docs/CSS/display
+ rdisplayswap = /^(none|table(?!-c[ea]).+)/,
+ rcustomProp = /^--/,
+ cssShow = { position: "absolute", visibility: "hidden", display: "block" },
+ cssNormalTransform = {
+ letterSpacing: "0",
+ fontWeight: "400"
+ },
+
+ cssPrefixes = [ "Webkit", "Moz", "ms" ],
+ emptyStyle = document.createElement( "div" ).style;
+
+// Return a css property mapped to a potentially vendor prefixed property
+function vendorPropName( name ) {
+
+ // Shortcut for names that are not vendor prefixed
+ if ( name in emptyStyle ) {
+ return name;
+ }
+
+ // Check for vendor prefixed names
+ var capName = name[ 0 ].toUpperCase() + name.slice( 1 ),
+ i = cssPrefixes.length;
+
+ while ( i-- ) {
+ name = cssPrefixes[ i ] + capName;
+ if ( name in emptyStyle ) {
+ return name;
+ }
+ }
+}
+
+// Return a property mapped along what jQuery.cssProps suggests or to
+// a vendor prefixed property.
+function finalPropName( name ) {
+ var ret = jQuery.cssProps[ name ];
+ if ( !ret ) {
+ ret = jQuery.cssProps[ name ] = vendorPropName( name ) || name;
+ }
+ return ret;
+}
+
+function setPositiveNumber( elem, value, subtract ) {
+
+ // Any relative (+/-) values have already been
+ // normalized at this point
+ var matches = rcssNum.exec( value );
+ return matches ?
+
+ // Guard against undefined "subtract", e.g., when used as in cssHooks
+ Math.max( 0, matches[ 2 ] - ( subtract || 0 ) ) + ( matches[ 3 ] || "px" ) :
+ value;
+}
+
+function augmentWidthOrHeight( elem, name, extra, isBorderBox, styles ) {
+ var i,
+ val = 0;
+
+ // If we already have the right measurement, avoid augmentation
+ if ( extra === ( isBorderBox ? "border" : "content" ) ) {
+ i = 4;
+
+ // Otherwise initialize for horizontal or vertical properties
+ } else {
+ i = name === "width" ? 1 : 0;
+ }
+
+ for ( ; i < 4; i += 2 ) {
+
+ // Both box models exclude margin, so add it if we want it
+ if ( extra === "margin" ) {
+ val += jQuery.css( elem, extra + cssExpand[ i ], true, styles );
+ }
+
+ if ( isBorderBox ) {
+
+ // border-box includes padding, so remove it if we want content
+ if ( extra === "content" ) {
+ val -= jQuery.css( elem, "padding" + cssExpand[ i ], true, styles );
+ }
+
+ // At this point, extra isn't border nor margin, so remove border
+ if ( extra !== "margin" ) {
+ val -= jQuery.css( elem, "border" + cssExpand[ i ] + "Width", true, styles );
+ }
+ } else {
+
+ // At this point, extra isn't content, so add padding
+ val += jQuery.css( elem, "padding" + cssExpand[ i ], true, styles );
+
+ // At this point, extra isn't content nor padding, so add border
+ if ( extra !== "padding" ) {
+ val += jQuery.css( elem, "border" + cssExpand[ i ] + "Width", true, styles );
+ }
+ }
+ }
+
+ return val;
+}
+
+function getWidthOrHeight( elem, name, extra ) {
+
+ // Start with computed style
+ var valueIsBorderBox,
+ styles = getStyles( elem ),
+ val = curCSS( elem, name, styles ),
+ isBorderBox = jQuery.css( elem, "boxSizing", false, styles ) === "border-box";
+
+ // Computed unit is not pixels. Stop here and return.
+ if ( rnumnonpx.test( val ) ) {
+ return val;
+ }
+
+ // Check for style in case a browser which returns unreliable values
+ // for getComputedStyle silently falls back to the reliable elem.style
+ valueIsBorderBox = isBorderBox &&
+ ( support.boxSizingReliable() || val === elem.style[ name ] );
+
+ // Fall back to offsetWidth/Height when value is "auto"
+ // This happens for inline elements with no explicit setting (gh-3571)
+ if ( val === "auto" ) {
+ val = elem[ "offset" + name[ 0 ].toUpperCase() + name.slice( 1 ) ];
+ }
+
+ // Normalize "", auto, and prepare for extra
+ val = parseFloat( val ) || 0;
+
+ // Use the active box-sizing model to add/subtract irrelevant styles
+ return ( val +
+ augmentWidthOrHeight(
+ elem,
+ name,
+ extra || ( isBorderBox ? "border" : "content" ),
+ valueIsBorderBox,
+ styles
+ )
+ ) + "px";
+}
+
+jQuery.extend( {
+
+ // Add in style property hooks for overriding the default
+ // behavior of getting and setting a style property
+ cssHooks: {
+ opacity: {
+ get: function( elem, computed ) {
+ if ( computed ) {
+
+ // We should always get a number back from opacity
+ var ret = curCSS( elem, "opacity" );
+ return ret === "" ? "1" : ret;
+ }
+ }
+ }
+ },
+
+ // Don't automatically add "px" to these possibly-unitless properties
+ cssNumber: {
+ "animationIterationCount": true,
+ "columnCount": true,
+ "fillOpacity": true,
+ "flexGrow": true,
+ "flexShrink": true,
+ "fontWeight": true,
+ "lineHeight": true,
+ "opacity": true,
+ "order": true,
+ "orphans": true,
+ "widows": true,
+ "zIndex": true,
+ "zoom": true
+ },
+
+ // Add in properties whose names you wish to fix before
+ // setting or getting the value
+ cssProps: {
+ "float": "cssFloat"
+ },
+
+ // Get and set the style property on a DOM Node
+ style: function( elem, name, value, extra ) {
+
+ // Don't set styles on text and comment nodes
+ if ( !elem || elem.nodeType === 3 || elem.nodeType === 8 || !elem.style ) {
+ return;
+ }
+
+ // Make sure that we're working with the right name
+ var ret, type, hooks,
+ origName = jQuery.camelCase( name ),
+ isCustomProp = rcustomProp.test( name ),
+ style = elem.style;
+
+ // Make sure that we're working with the right name. We don't
+ // want to query the value if it is a CSS custom property
+ // since they are user-defined.
+ if ( !isCustomProp ) {
+ name = finalPropName( origName );
+ }
+
+ // Gets hook for the prefixed version, then unprefixed version
+ hooks = jQuery.cssHooks[ name ] || jQuery.cssHooks[ origName ];
+
+ // Check if we're setting a value
+ if ( value !== undefined ) {
+ type = typeof value;
+
+ // Convert "+=" or "-=" to relative numbers (#7345)
+ if ( type === "string" && ( ret = rcssNum.exec( value ) ) && ret[ 1 ] ) {
+ value = adjustCSS( elem, name, ret );
+
+ // Fixes bug #9237
+ type = "number";
+ }
+
+ // Make sure that null and NaN values aren't set (#7116)
+ if ( value == null || value !== value ) {
+ return;
+ }
+
+ // If a number was passed in, add the unit (except for certain CSS properties)
+ if ( type === "number" ) {
+ value += ret && ret[ 3 ] || ( jQuery.cssNumber[ origName ] ? "" : "px" );
+ }
+
+ // background-* props affect original clone's values
+ if ( !support.clearCloneStyle && value === "" && name.indexOf( "background" ) === 0 ) {
+ style[ name ] = "inherit";
+ }
+
+ // If a hook was provided, use that value, otherwise just set the specified value
+ if ( !hooks || !( "set" in hooks ) ||
+ ( value = hooks.set( elem, value, extra ) ) !== undefined ) {
+
+ if ( isCustomProp ) {
+ style.setProperty( name, value );
+ } else {
+ style[ name ] = value;
+ }
+ }
+
+ } else {
+
+ // If a hook was provided get the non-computed value from there
+ if ( hooks && "get" in hooks &&
+ ( ret = hooks.get( elem, false, extra ) ) !== undefined ) {
+
+ return ret;
+ }
+
+ // Otherwise just get the value from the style object
+ return style[ name ];
+ }
+ },
+
+ css: function( elem, name, extra, styles ) {
+ var val, num, hooks,
+ origName = jQuery.camelCase( name ),
+ isCustomProp = rcustomProp.test( name );
+
+ // Make sure that we're working with the right name. We don't
+ // want to modify the value if it is a CSS custom property
+ // since they are user-defined.
+ if ( !isCustomProp ) {
+ name = finalPropName( origName );
+ }
+
+ // Try prefixed name followed by the unprefixed name
+ hooks = jQuery.cssHooks[ name ] || jQuery.cssHooks[ origName ];
+
+ // If a hook was provided get the computed value from there
+ if ( hooks && "get" in hooks ) {
+ val = hooks.get( elem, true, extra );
+ }
+
+ // Otherwise, if a way to get the computed value exists, use that
+ if ( val === undefined ) {
+ val = curCSS( elem, name, styles );
+ }
+
+ // Convert "normal" to computed value
+ if ( val === "normal" && name in cssNormalTransform ) {
+ val = cssNormalTransform[ name ];
+ }
+
+ // Make numeric if forced or a qualifier was provided and val looks numeric
+ if ( extra === "" || extra ) {
+ num = parseFloat( val );
+ return extra === true || isFinite( num ) ? num || 0 : val;
+ }
+
+ return val;
+ }
+} );
+
+jQuery.each( [ "height", "width" ], function( i, name ) {
+ jQuery.cssHooks[ name ] = {
+ get: function( elem, computed, extra ) {
+ if ( computed ) {
+
+ // Certain elements can have dimension info if we invisibly show them
+ // but it must have a current display style that would benefit
+ return rdisplayswap.test( jQuery.css( elem, "display" ) ) &&
+
+ // Support: Safari 8+
+ // Table columns in Safari have non-zero offsetWidth & zero
+ // getBoundingClientRect().width unless display is changed.
+ // Support: IE <=11 only
+ // Running getBoundingClientRect on a disconnected node
+ // in IE throws an error.
+ ( !elem.getClientRects().length || !elem.getBoundingClientRect().width ) ?
+ swap( elem, cssShow, function() {
+ return getWidthOrHeight( elem, name, extra );
+ } ) :
+ getWidthOrHeight( elem, name, extra );
+ }
+ },
+
+ set: function( elem, value, extra ) {
+ var matches,
+ styles = extra && getStyles( elem ),
+ subtract = extra && augmentWidthOrHeight(
+ elem,
+ name,
+ extra,
+ jQuery.css( elem, "boxSizing", false, styles ) === "border-box",
+ styles
+ );
+
+ // Convert to pixels if value adjustment is needed
+ if ( subtract && ( matches = rcssNum.exec( value ) ) &&
+ ( matches[ 3 ] || "px" ) !== "px" ) {
+
+ elem.style[ name ] = value;
+ value = jQuery.css( elem, name );
+ }
+
+ return setPositiveNumber( elem, value, subtract );
+ }
+ };
+} );
+
+jQuery.cssHooks.marginLeft = addGetHookIf( support.reliableMarginLeft,
+ function( elem, computed ) {
+ if ( computed ) {
+ return ( parseFloat( curCSS( elem, "marginLeft" ) ) ||
+ elem.getBoundingClientRect().left -
+ swap( elem, { marginLeft: 0 }, function() {
+ return elem.getBoundingClientRect().left;
+ } )
+ ) + "px";
+ }
+ }
+);
+
+// These hooks are used by animate to expand properties
+jQuery.each( {
+ margin: "",
+ padding: "",
+ border: "Width"
+}, function( prefix, suffix ) {
+ jQuery.cssHooks[ prefix + suffix ] = {
+ expand: function( value ) {
+ var i = 0,
+ expanded = {},
+
+ // Assumes a single number if not a string
+ parts = typeof value === "string" ? value.split( " " ) : [ value ];
+
+ for ( ; i < 4; i++ ) {
+ expanded[ prefix + cssExpand[ i ] + suffix ] =
+ parts[ i ] || parts[ i - 2 ] || parts[ 0 ];
+ }
+
+ return expanded;
+ }
+ };
+
+ if ( !rmargin.test( prefix ) ) {
+ jQuery.cssHooks[ prefix + suffix ].set = setPositiveNumber;
+ }
+} );
+
+jQuery.fn.extend( {
+ css: function( name, value ) {
+ return access( this, function( elem, name, value ) {
+ var styles, len,
+ map = {},
+ i = 0;
+
+ if ( Array.isArray( name ) ) {
+ styles = getStyles( elem );
+ len = name.length;
+
+ for ( ; i < len; i++ ) {
+ map[ name[ i ] ] = jQuery.css( elem, name[ i ], false, styles );
+ }
+
+ return map;
+ }
+
+ return value !== undefined ?
+ jQuery.style( elem, name, value ) :
+ jQuery.css( elem, name );
+ }, name, value, arguments.length > 1 );
+ }
+} );
+
+
+function Tween( elem, options, prop, end, easing ) {
+ return new Tween.prototype.init( elem, options, prop, end, easing );
+}
+jQuery.Tween = Tween;
+
+Tween.prototype = {
+ constructor: Tween,
+ init: function( elem, options, prop, end, easing, unit ) {
+ this.elem = elem;
+ this.prop = prop;
+ this.easing = easing || jQuery.easing._default;
+ this.options = options;
+ this.start = this.now = this.cur();
+ this.end = end;
+ this.unit = unit || ( jQuery.cssNumber[ prop ] ? "" : "px" );
+ },
+ cur: function() {
+ var hooks = Tween.propHooks[ this.prop ];
+
+ return hooks && hooks.get ?
+ hooks.get( this ) :
+ Tween.propHooks._default.get( this );
+ },
+ run: function( percent ) {
+ var eased,
+ hooks = Tween.propHooks[ this.prop ];
+
+ if ( this.options.duration ) {
+ this.pos = eased = jQuery.easing[ this.easing ](
+ percent, this.options.duration * percent, 0, 1, this.options.duration
+ );
+ } else {
+ this.pos = eased = percent;
+ }
+ this.now = ( this.end - this.start ) * eased + this.start;
+
+ if ( this.options.step ) {
+ this.options.step.call( this.elem, this.now, this );
+ }
+
+ if ( hooks && hooks.set ) {
+ hooks.set( this );
+ } else {
+ Tween.propHooks._default.set( this );
+ }
+ return this;
+ }
+};
+
+Tween.prototype.init.prototype = Tween.prototype;
+
+Tween.propHooks = {
+ _default: {
+ get: function( tween ) {
+ var result;
+
+ // Use a property on the element directly when it is not a DOM element,
+ // or when there is no matching style property that exists.
+ if ( tween.elem.nodeType !== 1 ||
+ tween.elem[ tween.prop ] != null && tween.elem.style[ tween.prop ] == null ) {
+ return tween.elem[ tween.prop ];
+ }
+
+ // Passing an empty string as a 3rd parameter to .css will automatically
+ // attempt a parseFloat and fallback to a string if the parse fails.
+ // Simple values such as "10px" are parsed to Float;
+ // complex values such as "rotate(1rad)" are returned as-is.
+ result = jQuery.css( tween.elem, tween.prop, "" );
+
+ // Empty strings, null, undefined and "auto" are converted to 0.
+ return !result || result === "auto" ? 0 : result;
+ },
+ set: function( tween ) {
+
+ // Use step hook for back compat.
+ // Use cssHook if its there.
+ // Use .style if available and use plain properties where available.
+ if ( jQuery.fx.step[ tween.prop ] ) {
+ jQuery.fx.step[ tween.prop ]( tween );
+ } else if ( tween.elem.nodeType === 1 &&
+ ( tween.elem.style[ jQuery.cssProps[ tween.prop ] ] != null ||
+ jQuery.cssHooks[ tween.prop ] ) ) {
+ jQuery.style( tween.elem, tween.prop, tween.now + tween.unit );
+ } else {
+ tween.elem[ tween.prop ] = tween.now;
+ }
+ }
+ }
+};
+
+// Support: IE <=9 only
+// Panic based approach to setting things on disconnected nodes
+Tween.propHooks.scrollTop = Tween.propHooks.scrollLeft = {
+ set: function( tween ) {
+ if ( tween.elem.nodeType && tween.elem.parentNode ) {
+ tween.elem[ tween.prop ] = tween.now;
+ }
+ }
+};
+
+jQuery.easing = {
+ linear: function( p ) {
+ return p;
+ },
+ swing: function( p ) {
+ return 0.5 - Math.cos( p * Math.PI ) / 2;
+ },
+ _default: "swing"
+};
+
+jQuery.fx = Tween.prototype.init;
+
+// Back compat <1.8 extension point
+jQuery.fx.step = {};
+
+
+
+
+var
+ fxNow, inProgress,
+ rfxtypes = /^(?:toggle|show|hide)$/,
+ rrun = /queueHooks$/;
+
+function schedule() {
+ if ( inProgress ) {
+ if ( document.hidden === false && window.requestAnimationFrame ) {
+ window.requestAnimationFrame( schedule );
+ } else {
+ window.setTimeout( schedule, jQuery.fx.interval );
+ }
+
+ jQuery.fx.tick();
+ }
+}
+
+// Animations created synchronously will run synchronously
+function createFxNow() {
+ window.setTimeout( function() {
+ fxNow = undefined;
+ } );
+ return ( fxNow = jQuery.now() );
+}
+
+// Generate parameters to create a standard animation
+function genFx( type, includeWidth ) {
+ var which,
+ i = 0,
+ attrs = { height: type };
+
+ // If we include width, step value is 1 to do all cssExpand values,
+ // otherwise step value is 2 to skip over Left and Right
+ includeWidth = includeWidth ? 1 : 0;
+ for ( ; i < 4; i += 2 - includeWidth ) {
+ which = cssExpand[ i ];
+ attrs[ "margin" + which ] = attrs[ "padding" + which ] = type;
+ }
+
+ if ( includeWidth ) {
+ attrs.opacity = attrs.width = type;
+ }
+
+ return attrs;
+}
+
+function createTween( value, prop, animation ) {
+ var tween,
+ collection = ( Animation.tweeners[ prop ] || [] ).concat( Animation.tweeners[ "*" ] ),
+ index = 0,
+ length = collection.length;
+ for ( ; index < length; index++ ) {
+ if ( ( tween = collection[ index ].call( animation, prop, value ) ) ) {
+
+ // We're done with this property
+ return tween;
+ }
+ }
+}
+
+function defaultPrefilter( elem, props, opts ) {
+ var prop, value, toggle, hooks, oldfire, propTween, restoreDisplay, display,
+ isBox = "width" in props || "height" in props,
+ anim = this,
+ orig = {},
+ style = elem.style,
+ hidden = elem.nodeType && isHiddenWithinTree( elem ),
+ dataShow = dataPriv.get( elem, "fxshow" );
+
+ // Queue-skipping animations hijack the fx hooks
+ if ( !opts.queue ) {
+ hooks = jQuery._queueHooks( elem, "fx" );
+ if ( hooks.unqueued == null ) {
+ hooks.unqueued = 0;
+ oldfire = hooks.empty.fire;
+ hooks.empty.fire = function() {
+ if ( !hooks.unqueued ) {
+ oldfire();
+ }
+ };
+ }
+ hooks.unqueued++;
+
+ anim.always( function() {
+
+ // Ensure the complete handler is called before this completes
+ anim.always( function() {
+ hooks.unqueued--;
+ if ( !jQuery.queue( elem, "fx" ).length ) {
+ hooks.empty.fire();
+ }
+ } );
+ } );
+ }
+
+ // Detect show/hide animations
+ for ( prop in props ) {
+ value = props[ prop ];
+ if ( rfxtypes.test( value ) ) {
+ delete props[ prop ];
+ toggle = toggle || value === "toggle";
+ if ( value === ( hidden ? "hide" : "show" ) ) {
+
+ // Pretend to be hidden if this is a "show" and
+ // there is still data from a stopped show/hide
+ if ( value === "show" && dataShow && dataShow[ prop ] !== undefined ) {
+ hidden = true;
+
+ // Ignore all other no-op show/hide data
+ } else {
+ continue;
+ }
+ }
+ orig[ prop ] = dataShow && dataShow[ prop ] || jQuery.style( elem, prop );
+ }
+ }
+
+ // Bail out if this is a no-op like .hide().hide()
+ propTween = !jQuery.isEmptyObject( props );
+ if ( !propTween && jQuery.isEmptyObject( orig ) ) {
+ return;
+ }
+
+ // Restrict "overflow" and "display" styles during box animations
+ if ( isBox && elem.nodeType === 1 ) {
+
+ // Support: IE <=9 - 11, Edge 12 - 13
+ // Record all 3 overflow attributes because IE does not infer the shorthand
+ // from identically-valued overflowX and overflowY
+ opts.overflow = [ style.overflow, style.overflowX, style.overflowY ];
+
+ // Identify a display type, preferring old show/hide data over the CSS cascade
+ restoreDisplay = dataShow && dataShow.display;
+ if ( restoreDisplay == null ) {
+ restoreDisplay = dataPriv.get( elem, "display" );
+ }
+ display = jQuery.css( elem, "display" );
+ if ( display === "none" ) {
+ if ( restoreDisplay ) {
+ display = restoreDisplay;
+ } else {
+
+ // Get nonempty value(s) by temporarily forcing visibility
+ showHide( [ elem ], true );
+ restoreDisplay = elem.style.display || restoreDisplay;
+ display = jQuery.css( elem, "display" );
+ showHide( [ elem ] );
+ }
+ }
+
+ // Animate inline elements as inline-block
+ if ( display === "inline" || display === "inline-block" && restoreDisplay != null ) {
+ if ( jQuery.css( elem, "float" ) === "none" ) {
+
+ // Restore the original display value at the end of pure show/hide animations
+ if ( !propTween ) {
+ anim.done( function() {
+ style.display = restoreDisplay;
+ } );
+ if ( restoreDisplay == null ) {
+ display = style.display;
+ restoreDisplay = display === "none" ? "" : display;
+ }
+ }
+ style.display = "inline-block";
+ }
+ }
+ }
+
+ if ( opts.overflow ) {
+ style.overflow = "hidden";
+ anim.always( function() {
+ style.overflow = opts.overflow[ 0 ];
+ style.overflowX = opts.overflow[ 1 ];
+ style.overflowY = opts.overflow[ 2 ];
+ } );
+ }
+
+ // Implement show/hide animations
+ propTween = false;
+ for ( prop in orig ) {
+
+ // General show/hide setup for this element animation
+ if ( !propTween ) {
+ if ( dataShow ) {
+ if ( "hidden" in dataShow ) {
+ hidden = dataShow.hidden;
+ }
+ } else {
+ dataShow = dataPriv.access( elem, "fxshow", { display: restoreDisplay } );
+ }
+
+ // Store hidden/visible for toggle so `.stop().toggle()` "reverses"
+ if ( toggle ) {
+ dataShow.hidden = !hidden;
+ }
+
+ // Show elements before animating them
+ if ( hidden ) {
+ showHide( [ elem ], true );
+ }
+
+ /* eslint-disable no-loop-func */
+
+ anim.done( function() {
+
+ /* eslint-enable no-loop-func */
+
+ // The final step of a "hide" animation is actually hiding the element
+ if ( !hidden ) {
+ showHide( [ elem ] );
+ }
+ dataPriv.remove( elem, "fxshow" );
+ for ( prop in orig ) {
+ jQuery.style( elem, prop, orig[ prop ] );
+ }
+ } );
+ }
+
+ // Per-property setup
+ propTween = createTween( hidden ? dataShow[ prop ] : 0, prop, anim );
+ if ( !( prop in dataShow ) ) {
+ dataShow[ prop ] = propTween.start;
+ if ( hidden ) {
+ propTween.end = propTween.start;
+ propTween.start = 0;
+ }
+ }
+ }
+}
+
+function propFilter( props, specialEasing ) {
+ var index, name, easing, value, hooks;
+
+ // camelCase, specialEasing and expand cssHook pass
+ for ( index in props ) {
+ name = jQuery.camelCase( index );
+ easing = specialEasing[ name ];
+ value = props[ index ];
+ if ( Array.isArray( value ) ) {
+ easing = value[ 1 ];
+ value = props[ index ] = value[ 0 ];
+ }
+
+ if ( index !== name ) {
+ props[ name ] = value;
+ delete props[ index ];
+ }
+
+ hooks = jQuery.cssHooks[ name ];
+ if ( hooks && "expand" in hooks ) {
+ value = hooks.expand( value );
+ delete props[ name ];
+
+ // Not quite $.extend, this won't overwrite existing keys.
+ // Reusing 'index' because we have the correct "name"
+ for ( index in value ) {
+ if ( !( index in props ) ) {
+ props[ index ] = value[ index ];
+ specialEasing[ index ] = easing;
+ }
+ }
+ } else {
+ specialEasing[ name ] = easing;
+ }
+ }
+}
+
+function Animation( elem, properties, options ) {
+ var result,
+ stopped,
+ index = 0,
+ length = Animation.prefilters.length,
+ deferred = jQuery.Deferred().always( function() {
+
+ // Don't match elem in the :animated selector
+ delete tick.elem;
+ } ),
+ tick = function() {
+ if ( stopped ) {
+ return false;
+ }
+ var currentTime = fxNow || createFxNow(),
+ remaining = Math.max( 0, animation.startTime + animation.duration - currentTime ),
+
+ // Support: Android 2.3 only
+ // Archaic crash bug won't allow us to use `1 - ( 0.5 || 0 )` (#12497)
+ temp = remaining / animation.duration || 0,
+ percent = 1 - temp,
+ index = 0,
+ length = animation.tweens.length;
+
+ for ( ; index < length; index++ ) {
+ animation.tweens[ index ].run( percent );
+ }
+
+ deferred.notifyWith( elem, [ animation, percent, remaining ] );
+
+ // If there's more to do, yield
+ if ( percent < 1 && length ) {
+ return remaining;
+ }
+
+ // If this was an empty animation, synthesize a final progress notification
+ if ( !length ) {
+ deferred.notifyWith( elem, [ animation, 1, 0 ] );
+ }
+
+ // Resolve the animation and report its conclusion
+ deferred.resolveWith( elem, [ animation ] );
+ return false;
+ },
+ animation = deferred.promise( {
+ elem: elem,
+ props: jQuery.extend( {}, properties ),
+ opts: jQuery.extend( true, {
+ specialEasing: {},
+ easing: jQuery.easing._default
+ }, options ),
+ originalProperties: properties,
+ originalOptions: options,
+ startTime: fxNow || createFxNow(),
+ duration: options.duration,
+ tweens: [],
+ createTween: function( prop, end ) {
+ var tween = jQuery.Tween( elem, animation.opts, prop, end,
+ animation.opts.specialEasing[ prop ] || animation.opts.easing );
+ animation.tweens.push( tween );
+ return tween;
+ },
+ stop: function( gotoEnd ) {
+ var index = 0,
+
+ // If we are going to the end, we want to run all the tweens
+ // otherwise we skip this part
+ length = gotoEnd ? animation.tweens.length : 0;
+ if ( stopped ) {
+ return this;
+ }
+ stopped = true;
+ for ( ; index < length; index++ ) {
+ animation.tweens[ index ].run( 1 );
+ }
+
+ // Resolve when we played the last frame; otherwise, reject
+ if ( gotoEnd ) {
+ deferred.notifyWith( elem, [ animation, 1, 0 ] );
+ deferred.resolveWith( elem, [ animation, gotoEnd ] );
+ } else {
+ deferred.rejectWith( elem, [ animation, gotoEnd ] );
+ }
+ return this;
+ }
+ } ),
+ props = animation.props;
+
+ propFilter( props, animation.opts.specialEasing );
+
+ for ( ; index < length; index++ ) {
+ result = Animation.prefilters[ index ].call( animation, elem, props, animation.opts );
+ if ( result ) {
+ if ( jQuery.isFunction( result.stop ) ) {
+ jQuery._queueHooks( animation.elem, animation.opts.queue ).stop =
+ jQuery.proxy( result.stop, result );
+ }
+ return result;
+ }
+ }
+
+ jQuery.map( props, createTween, animation );
+
+ if ( jQuery.isFunction( animation.opts.start ) ) {
+ animation.opts.start.call( elem, animation );
+ }
+
+ // Attach callbacks from options
+ animation
+ .progress( animation.opts.progress )
+ .done( animation.opts.done, animation.opts.complete )
+ .fail( animation.opts.fail )
+ .always( animation.opts.always );
+
+ jQuery.fx.timer(
+ jQuery.extend( tick, {
+ elem: elem,
+ anim: animation,
+ queue: animation.opts.queue
+ } )
+ );
+
+ return animation;
+}
+
+jQuery.Animation = jQuery.extend( Animation, {
+
+ tweeners: {
+ "*": [ function( prop, value ) {
+ var tween = this.createTween( prop, value );
+ adjustCSS( tween.elem, prop, rcssNum.exec( value ), tween );
+ return tween;
+ } ]
+ },
+
+ tweener: function( props, callback ) {
+ if ( jQuery.isFunction( props ) ) {
+ callback = props;
+ props = [ "*" ];
+ } else {
+ props = props.match( rnothtmlwhite );
+ }
+
+ var prop,
+ index = 0,
+ length = props.length;
+
+ for ( ; index < length; index++ ) {
+ prop = props[ index ];
+ Animation.tweeners[ prop ] = Animation.tweeners[ prop ] || [];
+ Animation.tweeners[ prop ].unshift( callback );
+ }
+ },
+
+ prefilters: [ defaultPrefilter ],
+
+ prefilter: function( callback, prepend ) {
+ if ( prepend ) {
+ Animation.prefilters.unshift( callback );
+ } else {
+ Animation.prefilters.push( callback );
+ }
+ }
+} );
+
+jQuery.speed = function( speed, easing, fn ) {
+ var opt = speed && typeof speed === "object" ? jQuery.extend( {}, speed ) : {
+ complete: fn || !fn && easing ||
+ jQuery.isFunction( speed ) && speed,
+ duration: speed,
+ easing: fn && easing || easing && !jQuery.isFunction( easing ) && easing
+ };
+
+ // Go to the end state if fx are off
+ if ( jQuery.fx.off ) {
+ opt.duration = 0;
+
+ } else {
+ if ( typeof opt.duration !== "number" ) {
+ if ( opt.duration in jQuery.fx.speeds ) {
+ opt.duration = jQuery.fx.speeds[ opt.duration ];
+
+ } else {
+ opt.duration = jQuery.fx.speeds._default;
+ }
+ }
+ }
+
+ // Normalize opt.queue - true/undefined/null -> "fx"
+ if ( opt.queue == null || opt.queue === true ) {
+ opt.queue = "fx";
+ }
+
+ // Queueing
+ opt.old = opt.complete;
+
+ opt.complete = function() {
+ if ( jQuery.isFunction( opt.old ) ) {
+ opt.old.call( this );
+ }
+
+ if ( opt.queue ) {
+ jQuery.dequeue( this, opt.queue );
+ }
+ };
+
+ return opt;
+};
+
+jQuery.fn.extend( {
+ fadeTo: function( speed, to, easing, callback ) {
+
+ // Show any hidden elements after setting opacity to 0
+ return this.filter( isHiddenWithinTree ).css( "opacity", 0 ).show()
+
+ // Animate to the value specified
+ .end().animate( { opacity: to }, speed, easing, callback );
+ },
+ animate: function( prop, speed, easing, callback ) {
+ var empty = jQuery.isEmptyObject( prop ),
+ optall = jQuery.speed( speed, easing, callback ),
+ doAnimation = function() {
+
+ // Operate on a copy of prop so per-property easing won't be lost
+ var anim = Animation( this, jQuery.extend( {}, prop ), optall );
+
+ // Empty animations, or finishing resolves immediately
+ if ( empty || dataPriv.get( this, "finish" ) ) {
+ anim.stop( true );
+ }
+ };
+ doAnimation.finish = doAnimation;
+
+ return empty || optall.queue === false ?
+ this.each( doAnimation ) :
+ this.queue( optall.queue, doAnimation );
+ },
+ stop: function( type, clearQueue, gotoEnd ) {
+ var stopQueue = function( hooks ) {
+ var stop = hooks.stop;
+ delete hooks.stop;
+ stop( gotoEnd );
+ };
+
+ if ( typeof type !== "string" ) {
+ gotoEnd = clearQueue;
+ clearQueue = type;
+ type = undefined;
+ }
+ if ( clearQueue && type !== false ) {
+ this.queue( type || "fx", [] );
+ }
+
+ return this.each( function() {
+ var dequeue = true,
+ index = type != null && type + "queueHooks",
+ timers = jQuery.timers,
+ data = dataPriv.get( this );
+
+ if ( index ) {
+ if ( data[ index ] && data[ index ].stop ) {
+ stopQueue( data[ index ] );
+ }
+ } else {
+ for ( index in data ) {
+ if ( data[ index ] && data[ index ].stop && rrun.test( index ) ) {
+ stopQueue( data[ index ] );
+ }
+ }
+ }
+
+ for ( index = timers.length; index--; ) {
+ if ( timers[ index ].elem === this &&
+ ( type == null || timers[ index ].queue === type ) ) {
+
+ timers[ index ].anim.stop( gotoEnd );
+ dequeue = false;
+ timers.splice( index, 1 );
+ }
+ }
+
+ // Start the next in the queue if the last step wasn't forced.
+ // Timers currently will call their complete callbacks, which
+ // will dequeue but only if they were gotoEnd.
+ if ( dequeue || !gotoEnd ) {
+ jQuery.dequeue( this, type );
+ }
+ } );
+ },
+ finish: function( type ) {
+ if ( type !== false ) {
+ type = type || "fx";
+ }
+ return this.each( function() {
+ var index,
+ data = dataPriv.get( this ),
+ queue = data[ type + "queue" ],
+ hooks = data[ type + "queueHooks" ],
+ timers = jQuery.timers,
+ length = queue ? queue.length : 0;
+
+ // Enable finishing flag on private data
+ data.finish = true;
+
+ // Empty the queue first
+ jQuery.queue( this, type, [] );
+
+ if ( hooks && hooks.stop ) {
+ hooks.stop.call( this, true );
+ }
+
+ // Look for any active animations, and finish them
+ for ( index = timers.length; index--; ) {
+ if ( timers[ index ].elem === this && timers[ index ].queue === type ) {
+ timers[ index ].anim.stop( true );
+ timers.splice( index, 1 );
+ }
+ }
+
+ // Look for any animations in the old queue and finish them
+ for ( index = 0; index < length; index++ ) {
+ if ( queue[ index ] && queue[ index ].finish ) {
+ queue[ index ].finish.call( this );
+ }
+ }
+
+ // Turn off finishing flag
+ delete data.finish;
+ } );
+ }
+} );
+
+jQuery.each( [ "toggle", "show", "hide" ], function( i, name ) {
+ var cssFn = jQuery.fn[ name ];
+ jQuery.fn[ name ] = function( speed, easing, callback ) {
+ return speed == null || typeof speed === "boolean" ?
+ cssFn.apply( this, arguments ) :
+ this.animate( genFx( name, true ), speed, easing, callback );
+ };
+} );
+
+// Generate shortcuts for custom animations
+jQuery.each( {
+ slideDown: genFx( "show" ),
+ slideUp: genFx( "hide" ),
+ slideToggle: genFx( "toggle" ),
+ fadeIn: { opacity: "show" },
+ fadeOut: { opacity: "hide" },
+ fadeToggle: { opacity: "toggle" }
+}, function( name, props ) {
+ jQuery.fn[ name ] = function( speed, easing, callback ) {
+ return this.animate( props, speed, easing, callback );
+ };
+} );
+
+jQuery.timers = [];
+jQuery.fx.tick = function() {
+ var timer,
+ i = 0,
+ timers = jQuery.timers;
+
+ fxNow = jQuery.now();
+
+ for ( ; i < timers.length; i++ ) {
+ timer = timers[ i ];
+
+ // Run the timer and safely remove it when done (allowing for external removal)
+ if ( !timer() && timers[ i ] === timer ) {
+ timers.splice( i--, 1 );
+ }
+ }
+
+ if ( !timers.length ) {
+ jQuery.fx.stop();
+ }
+ fxNow = undefined;
+};
+
+jQuery.fx.timer = function( timer ) {
+ jQuery.timers.push( timer );
+ jQuery.fx.start();
+};
+
+jQuery.fx.interval = 13;
+jQuery.fx.start = function() {
+ if ( inProgress ) {
+ return;
+ }
+
+ inProgress = true;
+ schedule();
+};
+
+jQuery.fx.stop = function() {
+ inProgress = null;
+};
+
+jQuery.fx.speeds = {
+ slow: 600,
+ fast: 200,
+
+ // Default speed
+ _default: 400
+};
+
+
+// Based off of the plugin by Clint Helfers, with permission.
+// https://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/
+jQuery.fn.delay = function( time, type ) {
+ time = jQuery.fx ? jQuery.fx.speeds[ time ] || time : time;
+ type = type || "fx";
+
+ return this.queue( type, function( next, hooks ) {
+ var timeout = window.setTimeout( next, time );
+ hooks.stop = function() {
+ window.clearTimeout( timeout );
+ };
+ } );
+};
+
+
+( function() {
+ var input = document.createElement( "input" ),
+ select = document.createElement( "select" ),
+ opt = select.appendChild( document.createElement( "option" ) );
+
+ input.type = "checkbox";
+
+ // Support: Android <=4.3 only
+ // Default value for a checkbox should be "on"
+ support.checkOn = input.value !== "";
+
+ // Support: IE <=11 only
+ // Must access selectedIndex to make default options select
+ support.optSelected = opt.selected;
+
+ // Support: IE <=11 only
+ // An input loses its value after becoming a radio
+ input = document.createElement( "input" );
+ input.value = "t";
+ input.type = "radio";
+ support.radioValue = input.value === "t";
+} )();
+
+
+var boolHook,
+ attrHandle = jQuery.expr.attrHandle;
+
+jQuery.fn.extend( {
+ attr: function( name, value ) {
+ return access( this, jQuery.attr, name, value, arguments.length > 1 );
+ },
+
+ removeAttr: function( name ) {
+ return this.each( function() {
+ jQuery.removeAttr( this, name );
+ } );
+ }
+} );
+
+jQuery.extend( {
+ attr: function( elem, name, value ) {
+ var ret, hooks,
+ nType = elem.nodeType;
+
+ // Don't get/set attributes on text, comment and attribute nodes
+ if ( nType === 3 || nType === 8 || nType === 2 ) {
+ return;
+ }
+
+ // Fallback to prop when attributes are not supported
+ if ( typeof elem.getAttribute === "undefined" ) {
+ return jQuery.prop( elem, name, value );
+ }
+
+ // Attribute hooks are determined by the lowercase version
+ // Grab necessary hook if one is defined
+ if ( nType !== 1 || !jQuery.isXMLDoc( elem ) ) {
+ hooks = jQuery.attrHooks[ name.toLowerCase() ] ||
+ ( jQuery.expr.match.bool.test( name ) ? boolHook : undefined );
+ }
+
+ if ( value !== undefined ) {
+ if ( value === null ) {
+ jQuery.removeAttr( elem, name );
+ return;
+ }
+
+ if ( hooks && "set" in hooks &&
+ ( ret = hooks.set( elem, value, name ) ) !== undefined ) {
+ return ret;
+ }
+
+ elem.setAttribute( name, value + "" );
+ return value;
+ }
+
+ if ( hooks && "get" in hooks && ( ret = hooks.get( elem, name ) ) !== null ) {
+ return ret;
+ }
+
+ ret = jQuery.find.attr( elem, name );
+
+ // Non-existent attributes return null, we normalize to undefined
+ return ret == null ? undefined : ret;
+ },
+
+ attrHooks: {
+ type: {
+ set: function( elem, value ) {
+ if ( !support.radioValue && value === "radio" &&
+ nodeName( elem, "input" ) ) {
+ var val = elem.value;
+ elem.setAttribute( "type", value );
+ if ( val ) {
+ elem.value = val;
+ }
+ return value;
+ }
+ }
+ }
+ },
+
+ removeAttr: function( elem, value ) {
+ var name,
+ i = 0,
+
+ // Attribute names can contain non-HTML whitespace characters
+ // https://html.spec.whatwg.org/multipage/syntax.html#attributes-2
+ attrNames = value && value.match( rnothtmlwhite );
+
+ if ( attrNames && elem.nodeType === 1 ) {
+ while ( ( name = attrNames[ i++ ] ) ) {
+ elem.removeAttribute( name );
+ }
+ }
+ }
+} );
+
+// Hooks for boolean attributes
+boolHook = {
+ set: function( elem, value, name ) {
+ if ( value === false ) {
+
+ // Remove boolean attributes when set to false
+ jQuery.removeAttr( elem, name );
+ } else {
+ elem.setAttribute( name, name );
+ }
+ return name;
+ }
+};
+
+jQuery.each( jQuery.expr.match.bool.source.match( /\w+/g ), function( i, name ) {
+ var getter = attrHandle[ name ] || jQuery.find.attr;
+
+ attrHandle[ name ] = function( elem, name, isXML ) {
+ var ret, handle,
+ lowercaseName = name.toLowerCase();
+
+ if ( !isXML ) {
+
+ // Avoid an infinite loop by temporarily removing this function from the getter
+ handle = attrHandle[ lowercaseName ];
+ attrHandle[ lowercaseName ] = ret;
+ ret = getter( elem, name, isXML ) != null ?
+ lowercaseName :
+ null;
+ attrHandle[ lowercaseName ] = handle;
+ }
+ return ret;
+ };
+} );
+
+
+
+
+var rfocusable = /^(?:input|select|textarea|button)$/i,
+ rclickable = /^(?:a|area)$/i;
+
+jQuery.fn.extend( {
+ prop: function( name, value ) {
+ return access( this, jQuery.prop, name, value, arguments.length > 1 );
+ },
+
+ removeProp: function( name ) {
+ return this.each( function() {
+ delete this[ jQuery.propFix[ name ] || name ];
+ } );
+ }
+} );
+
+jQuery.extend( {
+ prop: function( elem, name, value ) {
+ var ret, hooks,
+ nType = elem.nodeType;
+
+ // Don't get/set properties on text, comment and attribute nodes
+ if ( nType === 3 || nType === 8 || nType === 2 ) {
+ return;
+ }
+
+ if ( nType !== 1 || !jQuery.isXMLDoc( elem ) ) {
+
+ // Fix name and attach hooks
+ name = jQuery.propFix[ name ] || name;
+ hooks = jQuery.propHooks[ name ];
+ }
+
+ if ( value !== undefined ) {
+ if ( hooks && "set" in hooks &&
+ ( ret = hooks.set( elem, value, name ) ) !== undefined ) {
+ return ret;
+ }
+
+ return ( elem[ name ] = value );
+ }
+
+ if ( hooks && "get" in hooks && ( ret = hooks.get( elem, name ) ) !== null ) {
+ return ret;
+ }
+
+ return elem[ name ];
+ },
+
+ propHooks: {
+ tabIndex: {
+ get: function( elem ) {
+
+ // Support: IE <=9 - 11 only
+ // elem.tabIndex doesn't always return the
+ // correct value when it hasn't been explicitly set
+ // https://web.archive.org/web/20141116233347/http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/
+ // Use proper attribute retrieval(#12072)
+ var tabindex = jQuery.find.attr( elem, "tabindex" );
+
+ if ( tabindex ) {
+ return parseInt( tabindex, 10 );
+ }
+
+ if (
+ rfocusable.test( elem.nodeName ) ||
+ rclickable.test( elem.nodeName ) &&
+ elem.href
+ ) {
+ return 0;
+ }
+
+ return -1;
+ }
+ }
+ },
+
+ propFix: {
+ "for": "htmlFor",
+ "class": "className"
+ }
+} );
+
+// Support: IE <=11 only
+// Accessing the selectedIndex property
+// forces the browser to respect setting selected
+// on the option
+// The getter ensures a default option is selected
+// when in an optgroup
+// eslint rule "no-unused-expressions" is disabled for this code
+// since it considers such accessions noop
+if ( !support.optSelected ) {
+ jQuery.propHooks.selected = {
+ get: function( elem ) {
+
+ /* eslint no-unused-expressions: "off" */
+
+ var parent = elem.parentNode;
+ if ( parent && parent.parentNode ) {
+ parent.parentNode.selectedIndex;
+ }
+ return null;
+ },
+ set: function( elem ) {
+
+ /* eslint no-unused-expressions: "off" */
+
+ var parent = elem.parentNode;
+ if ( parent ) {
+ parent.selectedIndex;
+
+ if ( parent.parentNode ) {
+ parent.parentNode.selectedIndex;
+ }
+ }
+ }
+ };
+}
+
+jQuery.each( [
+ "tabIndex",
+ "readOnly",
+ "maxLength",
+ "cellSpacing",
+ "cellPadding",
+ "rowSpan",
+ "colSpan",
+ "useMap",
+ "frameBorder",
+ "contentEditable"
+], function() {
+ jQuery.propFix[ this.toLowerCase() ] = this;
+} );
+
+
+
+
+ // Strip and collapse whitespace according to HTML spec
+ // https://html.spec.whatwg.org/multipage/infrastructure.html#strip-and-collapse-whitespace
+ function stripAndCollapse( value ) {
+ var tokens = value.match( rnothtmlwhite ) || [];
+ return tokens.join( " " );
+ }
+
+
+function getClass( elem ) {
+ return elem.getAttribute && elem.getAttribute( "class" ) || "";
+}
+
+jQuery.fn.extend( {
+ addClass: function( value ) {
+ var classes, elem, cur, curValue, clazz, j, finalValue,
+ i = 0;
+
+ if ( jQuery.isFunction( value ) ) {
+ return this.each( function( j ) {
+ jQuery( this ).addClass( value.call( this, j, getClass( this ) ) );
+ } );
+ }
+
+ if ( typeof value === "string" && value ) {
+ classes = value.match( rnothtmlwhite ) || [];
+
+ while ( ( elem = this[ i++ ] ) ) {
+ curValue = getClass( elem );
+ cur = elem.nodeType === 1 && ( " " + stripAndCollapse( curValue ) + " " );
+
+ if ( cur ) {
+ j = 0;
+ while ( ( clazz = classes[ j++ ] ) ) {
+ if ( cur.indexOf( " " + clazz + " " ) < 0 ) {
+ cur += clazz + " ";
+ }
+ }
+
+ // Only assign if different to avoid unneeded rendering.
+ finalValue = stripAndCollapse( cur );
+ if ( curValue !== finalValue ) {
+ elem.setAttribute( "class", finalValue );
+ }
+ }
+ }
+ }
+
+ return this;
+ },
+
+ removeClass: function( value ) {
+ var classes, elem, cur, curValue, clazz, j, finalValue,
+ i = 0;
+
+ if ( jQuery.isFunction( value ) ) {
+ return this.each( function( j ) {
+ jQuery( this ).removeClass( value.call( this, j, getClass( this ) ) );
+ } );
+ }
+
+ if ( !arguments.length ) {
+ return this.attr( "class", "" );
+ }
+
+ if ( typeof value === "string" && value ) {
+ classes = value.match( rnothtmlwhite ) || [];
+
+ while ( ( elem = this[ i++ ] ) ) {
+ curValue = getClass( elem );
+
+ // This expression is here for better compressibility (see addClass)
+ cur = elem.nodeType === 1 && ( " " + stripAndCollapse( curValue ) + " " );
+
+ if ( cur ) {
+ j = 0;
+ while ( ( clazz = classes[ j++ ] ) ) {
+
+ // Remove *all* instances
+ while ( cur.indexOf( " " + clazz + " " ) > -1 ) {
+ cur = cur.replace( " " + clazz + " ", " " );
+ }
+ }
+
+ // Only assign if different to avoid unneeded rendering.
+ finalValue = stripAndCollapse( cur );
+ if ( curValue !== finalValue ) {
+ elem.setAttribute( "class", finalValue );
+ }
+ }
+ }
+ }
+
+ return this;
+ },
+
+ toggleClass: function( value, stateVal ) {
+ var type = typeof value;
+
+ if ( typeof stateVal === "boolean" && type === "string" ) {
+ return stateVal ? this.addClass( value ) : this.removeClass( value );
+ }
+
+ if ( jQuery.isFunction( value ) ) {
+ return this.each( function( i ) {
+ jQuery( this ).toggleClass(
+ value.call( this, i, getClass( this ), stateVal ),
+ stateVal
+ );
+ } );
+ }
+
+ return this.each( function() {
+ var className, i, self, classNames;
+
+ if ( type === "string" ) {
+
+ // Toggle individual class names
+ i = 0;
+ self = jQuery( this );
+ classNames = value.match( rnothtmlwhite ) || [];
+
+ while ( ( className = classNames[ i++ ] ) ) {
+
+ // Check each className given, space separated list
+ if ( self.hasClass( className ) ) {
+ self.removeClass( className );
+ } else {
+ self.addClass( className );
+ }
+ }
+
+ // Toggle whole class name
+ } else if ( value === undefined || type === "boolean" ) {
+ className = getClass( this );
+ if ( className ) {
+
+ // Store className if set
+ dataPriv.set( this, "__className__", className );
+ }
+
+ // If the element has a class name or if we're passed `false`,
+ // then remove the whole classname (if there was one, the above saved it).
+ // Otherwise bring back whatever was previously saved (if anything),
+ // falling back to the empty string if nothing was stored.
+ if ( this.setAttribute ) {
+ this.setAttribute( "class",
+ className || value === false ?
+ "" :
+ dataPriv.get( this, "__className__" ) || ""
+ );
+ }
+ }
+ } );
+ },
+
+ hasClass: function( selector ) {
+ var className, elem,
+ i = 0;
+
+ className = " " + selector + " ";
+ while ( ( elem = this[ i++ ] ) ) {
+ if ( elem.nodeType === 1 &&
+ ( " " + stripAndCollapse( getClass( elem ) ) + " " ).indexOf( className ) > -1 ) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+} );
+
+
+
+
+var rreturn = /\r/g;
+
+jQuery.fn.extend( {
+ val: function( value ) {
+ var hooks, ret, isFunction,
+ elem = this[ 0 ];
+
+ if ( !arguments.length ) {
+ if ( elem ) {
+ hooks = jQuery.valHooks[ elem.type ] ||
+ jQuery.valHooks[ elem.nodeName.toLowerCase() ];
+
+ if ( hooks &&
+ "get" in hooks &&
+ ( ret = hooks.get( elem, "value" ) ) !== undefined
+ ) {
+ return ret;
+ }
+
+ ret = elem.value;
+
+ // Handle most common string cases
+ if ( typeof ret === "string" ) {
+ return ret.replace( rreturn, "" );
+ }
+
+ // Handle cases where value is null/undef or number
+ return ret == null ? "" : ret;
+ }
+
+ return;
+ }
+
+ isFunction = jQuery.isFunction( value );
+
+ return this.each( function( i ) {
+ var val;
+
+ if ( this.nodeType !== 1 ) {
+ return;
+ }
+
+ if ( isFunction ) {
+ val = value.call( this, i, jQuery( this ).val() );
+ } else {
+ val = value;
+ }
+
+ // Treat null/undefined as ""; convert numbers to string
+ if ( val == null ) {
+ val = "";
+
+ } else if ( typeof val === "number" ) {
+ val += "";
+
+ } else if ( Array.isArray( val ) ) {
+ val = jQuery.map( val, function( value ) {
+ return value == null ? "" : value + "";
+ } );
+ }
+
+ hooks = jQuery.valHooks[ this.type ] || jQuery.valHooks[ this.nodeName.toLowerCase() ];
+
+ // If set returns undefined, fall back to normal setting
+ if ( !hooks || !( "set" in hooks ) || hooks.set( this, val, "value" ) === undefined ) {
+ this.value = val;
+ }
+ } );
+ }
+} );
+
+jQuery.extend( {
+ valHooks: {
+ option: {
+ get: function( elem ) {
+
+ var val = jQuery.find.attr( elem, "value" );
+ return val != null ?
+ val :
+
+ // Support: IE <=10 - 11 only
+ // option.text throws exceptions (#14686, #14858)
+ // Strip and collapse whitespace
+ // https://html.spec.whatwg.org/#strip-and-collapse-whitespace
+ stripAndCollapse( jQuery.text( elem ) );
+ }
+ },
+ select: {
+ get: function( elem ) {
+ var value, option, i,
+ options = elem.options,
+ index = elem.selectedIndex,
+ one = elem.type === "select-one",
+ values = one ? null : [],
+ max = one ? index + 1 : options.length;
+
+ if ( index < 0 ) {
+ i = max;
+
+ } else {
+ i = one ? index : 0;
+ }
+
+ // Loop through all the selected options
+ for ( ; i < max; i++ ) {
+ option = options[ i ];
+
+ // Support: IE <=9 only
+ // IE8-9 doesn't update selected after form reset (#2551)
+ if ( ( option.selected || i === index ) &&
+
+ // Don't return options that are disabled or in a disabled optgroup
+ !option.disabled &&
+ ( !option.parentNode.disabled ||
+ !nodeName( option.parentNode, "optgroup" ) ) ) {
+
+ // Get the specific value for the option
+ value = jQuery( option ).val();
+
+ // We don't need an array for one selects
+ if ( one ) {
+ return value;
+ }
+
+ // Multi-Selects return an array
+ values.push( value );
+ }
+ }
+
+ return values;
+ },
+
+ set: function( elem, value ) {
+ var optionSet, option,
+ options = elem.options,
+ values = jQuery.makeArray( value ),
+ i = options.length;
+
+ while ( i-- ) {
+ option = options[ i ];
+
+ /* eslint-disable no-cond-assign */
+
+ if ( option.selected =
+ jQuery.inArray( jQuery.valHooks.option.get( option ), values ) > -1
+ ) {
+ optionSet = true;
+ }
+
+ /* eslint-enable no-cond-assign */
+ }
+
+ // Force browsers to behave consistently when non-matching value is set
+ if ( !optionSet ) {
+ elem.selectedIndex = -1;
+ }
+ return values;
+ }
+ }
+ }
+} );
+
+// Radios and checkboxes getter/setter
+jQuery.each( [ "radio", "checkbox" ], function() {
+ jQuery.valHooks[ this ] = {
+ set: function( elem, value ) {
+ if ( Array.isArray( value ) ) {
+ return ( elem.checked = jQuery.inArray( jQuery( elem ).val(), value ) > -1 );
+ }
+ }
+ };
+ if ( !support.checkOn ) {
+ jQuery.valHooks[ this ].get = function( elem ) {
+ return elem.getAttribute( "value" ) === null ? "on" : elem.value;
+ };
+ }
+} );
+
+
+
+
+// Return jQuery for attributes-only inclusion
+
+
+var rfocusMorph = /^(?:focusinfocus|focusoutblur)$/;
+
+jQuery.extend( jQuery.event, {
+
+ trigger: function( event, data, elem, onlyHandlers ) {
+
+ var i, cur, tmp, bubbleType, ontype, handle, special,
+ eventPath = [ elem || document ],
+ type = hasOwn.call( event, "type" ) ? event.type : event,
+ namespaces = hasOwn.call( event, "namespace" ) ? event.namespace.split( "." ) : [];
+
+ cur = tmp = elem = elem || document;
+
+ // Don't do events on text and comment nodes
+ if ( elem.nodeType === 3 || elem.nodeType === 8 ) {
+ return;
+ }
+
+ // focus/blur morphs to focusin/out; ensure we're not firing them right now
+ if ( rfocusMorph.test( type + jQuery.event.triggered ) ) {
+ return;
+ }
+
+ if ( type.indexOf( "." ) > -1 ) {
+
+ // Namespaced trigger; create a regexp to match event type in handle()
+ namespaces = type.split( "." );
+ type = namespaces.shift();
+ namespaces.sort();
+ }
+ ontype = type.indexOf( ":" ) < 0 && "on" + type;
+
+ // Caller can pass in a jQuery.Event object, Object, or just an event type string
+ event = event[ jQuery.expando ] ?
+ event :
+ new jQuery.Event( type, typeof event === "object" && event );
+
+ // Trigger bitmask: & 1 for native handlers; & 2 for jQuery (always true)
+ event.isTrigger = onlyHandlers ? 2 : 3;
+ event.namespace = namespaces.join( "." );
+ event.rnamespace = event.namespace ?
+ new RegExp( "(^|\\.)" + namespaces.join( "\\.(?:.*\\.|)" ) + "(\\.|$)" ) :
+ null;
+
+ // Clean up the event in case it is being reused
+ event.result = undefined;
+ if ( !event.target ) {
+ event.target = elem;
+ }
+
+ // Clone any incoming data and prepend the event, creating the handler arg list
+ data = data == null ?
+ [ event ] :
+ jQuery.makeArray( data, [ event ] );
+
+ // Allow special events to draw outside the lines
+ special = jQuery.event.special[ type ] || {};
+ if ( !onlyHandlers && special.trigger && special.trigger.apply( elem, data ) === false ) {
+ return;
+ }
+
+ // Determine event propagation path in advance, per W3C events spec (#9951)
+ // Bubble up to document, then to window; watch for a global ownerDocument var (#9724)
+ if ( !onlyHandlers && !special.noBubble && !jQuery.isWindow( elem ) ) {
+
+ bubbleType = special.delegateType || type;
+ if ( !rfocusMorph.test( bubbleType + type ) ) {
+ cur = cur.parentNode;
+ }
+ for ( ; cur; cur = cur.parentNode ) {
+ eventPath.push( cur );
+ tmp = cur;
+ }
+
+ // Only add window if we got to document (e.g., not plain obj or detached DOM)
+ if ( tmp === ( elem.ownerDocument || document ) ) {
+ eventPath.push( tmp.defaultView || tmp.parentWindow || window );
+ }
+ }
+
+ // Fire handlers on the event path
+ i = 0;
+ while ( ( cur = eventPath[ i++ ] ) && !event.isPropagationStopped() ) {
+
+ event.type = i > 1 ?
+ bubbleType :
+ special.bindType || type;
+
+ // jQuery handler
+ handle = ( dataPriv.get( cur, "events" ) || {} )[ event.type ] &&
+ dataPriv.get( cur, "handle" );
+ if ( handle ) {
+ handle.apply( cur, data );
+ }
+
+ // Native handler
+ handle = ontype && cur[ ontype ];
+ if ( handle && handle.apply && acceptData( cur ) ) {
+ event.result = handle.apply( cur, data );
+ if ( event.result === false ) {
+ event.preventDefault();
+ }
+ }
+ }
+ event.type = type;
+
+ // If nobody prevented the default action, do it now
+ if ( !onlyHandlers && !event.isDefaultPrevented() ) {
+
+ if ( ( !special._default ||
+ special._default.apply( eventPath.pop(), data ) === false ) &&
+ acceptData( elem ) ) {
+
+ // Call a native DOM method on the target with the same name as the event.
+ // Don't do default actions on window, that's where global variables be (#6170)
+ if ( ontype && jQuery.isFunction( elem[ type ] ) && !jQuery.isWindow( elem ) ) {
+
+ // Don't re-trigger an onFOO event when we call its FOO() method
+ tmp = elem[ ontype ];
+
+ if ( tmp ) {
+ elem[ ontype ] = null;
+ }
+
+ // Prevent re-triggering of the same event, since we already bubbled it above
+ jQuery.event.triggered = type;
+ elem[ type ]();
+ jQuery.event.triggered = undefined;
+
+ if ( tmp ) {
+ elem[ ontype ] = tmp;
+ }
+ }
+ }
+ }
+
+ return event.result;
+ },
+
+ // Piggyback on a donor event to simulate a different one
+ // Used only for `focus(in | out)` events
+ simulate: function( type, elem, event ) {
+ var e = jQuery.extend(
+ new jQuery.Event(),
+ event,
+ {
+ type: type,
+ isSimulated: true
+ }
+ );
+
+ jQuery.event.trigger( e, null, elem );
+ }
+
+} );
+
+jQuery.fn.extend( {
+
+ trigger: function( type, data ) {
+ return this.each( function() {
+ jQuery.event.trigger( type, data, this );
+ } );
+ },
+ triggerHandler: function( type, data ) {
+ var elem = this[ 0 ];
+ if ( elem ) {
+ return jQuery.event.trigger( type, data, elem, true );
+ }
+ }
+} );
+
+
+jQuery.each( ( "blur focus focusin focusout resize scroll click dblclick " +
+ "mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave " +
+ "change select submit keydown keypress keyup contextmenu" ).split( " " ),
+ function( i, name ) {
+
+ // Handle event binding
+ jQuery.fn[ name ] = function( data, fn ) {
+ return arguments.length > 0 ?
+ this.on( name, null, data, fn ) :
+ this.trigger( name );
+ };
+} );
+
+jQuery.fn.extend( {
+ hover: function( fnOver, fnOut ) {
+ return this.mouseenter( fnOver ).mouseleave( fnOut || fnOver );
+ }
+} );
+
+
+
+
+support.focusin = "onfocusin" in window;
+
+
+// Support: Firefox <=44
+// Firefox doesn't have focus(in | out) events
+// Related ticket - https://bugzilla.mozilla.org/show_bug.cgi?id=687787
+//
+// Support: Chrome <=48 - 49, Safari <=9.0 - 9.1
+// focus(in | out) events fire after focus & blur events,
+// which is spec violation - http://www.w3.org/TR/DOM-Level-3-Events/#events-focusevent-event-order
+// Related ticket - https://bugs.chromium.org/p/chromium/issues/detail?id=449857
+if ( !support.focusin ) {
+ jQuery.each( { focus: "focusin", blur: "focusout" }, function( orig, fix ) {
+
+ // Attach a single capturing handler on the document while someone wants focusin/focusout
+ var handler = function( event ) {
+ jQuery.event.simulate( fix, event.target, jQuery.event.fix( event ) );
+ };
+
+ jQuery.event.special[ fix ] = {
+ setup: function() {
+ var doc = this.ownerDocument || this,
+ attaches = dataPriv.access( doc, fix );
+
+ if ( !attaches ) {
+ doc.addEventListener( orig, handler, true );
+ }
+ dataPriv.access( doc, fix, ( attaches || 0 ) + 1 );
+ },
+ teardown: function() {
+ var doc = this.ownerDocument || this,
+ attaches = dataPriv.access( doc, fix ) - 1;
+
+ if ( !attaches ) {
+ doc.removeEventListener( orig, handler, true );
+ dataPriv.remove( doc, fix );
+
+ } else {
+ dataPriv.access( doc, fix, attaches );
+ }
+ }
+ };
+ } );
+}
+var location = window.location;
+
+var nonce = jQuery.now();
+
+var rquery = ( /\?/ );
+
+
+
+// Cross-browser xml parsing
+jQuery.parseXML = function( data ) {
+ var xml;
+ if ( !data || typeof data !== "string" ) {
+ return null;
+ }
+
+ // Support: IE 9 - 11 only
+ // IE throws on parseFromString with invalid input.
+ try {
+ xml = ( new window.DOMParser() ).parseFromString( data, "text/xml" );
+ } catch ( e ) {
+ xml = undefined;
+ }
+
+ if ( !xml || xml.getElementsByTagName( "parsererror" ).length ) {
+ jQuery.error( "Invalid XML: " + data );
+ }
+ return xml;
+};
+
+
+var
+ rbracket = /\[\]$/,
+ rCRLF = /\r?\n/g,
+ rsubmitterTypes = /^(?:submit|button|image|reset|file)$/i,
+ rsubmittable = /^(?:input|select|textarea|keygen)/i;
+
+function buildParams( prefix, obj, traditional, add ) {
+ var name;
+
+ if ( Array.isArray( obj ) ) {
+
+ // Serialize array item.
+ jQuery.each( obj, function( i, v ) {
+ if ( traditional || rbracket.test( prefix ) ) {
+
+ // Treat each array item as a scalar.
+ add( prefix, v );
+
+ } else {
+
+ // Item is non-scalar (array or object), encode its numeric index.
+ buildParams(
+ prefix + "[" + ( typeof v === "object" && v != null ? i : "" ) + "]",
+ v,
+ traditional,
+ add
+ );
+ }
+ } );
+
+ } else if ( !traditional && jQuery.type( obj ) === "object" ) {
+
+ // Serialize object item.
+ for ( name in obj ) {
+ buildParams( prefix + "[" + name + "]", obj[ name ], traditional, add );
+ }
+
+ } else {
+
+ // Serialize scalar item.
+ add( prefix, obj );
+ }
+}
+
+// Serialize an array of form elements or a set of
+// key/values into a query string
+jQuery.param = function( a, traditional ) {
+ var prefix,
+ s = [],
+ add = function( key, valueOrFunction ) {
+
+ // If value is a function, invoke it and use its return value
+ var value = jQuery.isFunction( valueOrFunction ) ?
+ valueOrFunction() :
+ valueOrFunction;
+
+ s[ s.length ] = encodeURIComponent( key ) + "=" +
+ encodeURIComponent( value == null ? "" : value );
+ };
+
+ // If an array was passed in, assume that it is an array of form elements.
+ if ( Array.isArray( a ) || ( a.jquery && !jQuery.isPlainObject( a ) ) ) {
+
+ // Serialize the form elements
+ jQuery.each( a, function() {
+ add( this.name, this.value );
+ } );
+
+ } else {
+
+ // If traditional, encode the "old" way (the way 1.3.2 or older
+ // did it), otherwise encode params recursively.
+ for ( prefix in a ) {
+ buildParams( prefix, a[ prefix ], traditional, add );
+ }
+ }
+
+ // Return the resulting serialization
+ return s.join( "&" );
+};
+
+jQuery.fn.extend( {
+ serialize: function() {
+ return jQuery.param( this.serializeArray() );
+ },
+ serializeArray: function() {
+ return this.map( function() {
+
+ // Can add propHook for "elements" to filter or add form elements
+ var elements = jQuery.prop( this, "elements" );
+ return elements ? jQuery.makeArray( elements ) : this;
+ } )
+ .filter( function() {
+ var type = this.type;
+
+ // Use .is( ":disabled" ) so that fieldset[disabled] works
+ return this.name && !jQuery( this ).is( ":disabled" ) &&
+ rsubmittable.test( this.nodeName ) && !rsubmitterTypes.test( type ) &&
+ ( this.checked || !rcheckableType.test( type ) );
+ } )
+ .map( function( i, elem ) {
+ var val = jQuery( this ).val();
+
+ if ( val == null ) {
+ return null;
+ }
+
+ if ( Array.isArray( val ) ) {
+ return jQuery.map( val, function( val ) {
+ return { name: elem.name, value: val.replace( rCRLF, "\r\n" ) };
+ } );
+ }
+
+ return { name: elem.name, value: val.replace( rCRLF, "\r\n" ) };
+ } ).get();
+ }
+} );
+
+
+var
+ r20 = /%20/g,
+ rhash = /#.*$/,
+ rantiCache = /([?&])_=[^&]*/,
+ rheaders = /^(.*?):[ \t]*([^\r\n]*)$/mg,
+
+ // #7653, #8125, #8152: local protocol detection
+ rlocalProtocol = /^(?:about|app|app-storage|.+-extension|file|res|widget):$/,
+ rnoContent = /^(?:GET|HEAD)$/,
+ rprotocol = /^\/\//,
+
+ /* Prefilters
+ * 1) They are useful to introduce custom dataTypes (see ajax/jsonp.js for an example)
+ * 2) These are called:
+ * - BEFORE asking for a transport
+ * - AFTER param serialization (s.data is a string if s.processData is true)
+ * 3) key is the dataType
+ * 4) the catchall symbol "*" can be used
+ * 5) execution will start with transport dataType and THEN continue down to "*" if needed
+ */
+ prefilters = {},
+
+ /* Transports bindings
+ * 1) key is the dataType
+ * 2) the catchall symbol "*" can be used
+ * 3) selection will start with transport dataType and THEN go to "*" if needed
+ */
+ transports = {},
+
+ // Avoid comment-prolog char sequence (#10098); must appease lint and evade compression
+ allTypes = "*/".concat( "*" ),
+
+ // Anchor tag for parsing the document origin
+ originAnchor = document.createElement( "a" );
+ originAnchor.href = location.href;
+
+// Base "constructor" for jQuery.ajaxPrefilter and jQuery.ajaxTransport
+function addToPrefiltersOrTransports( structure ) {
+
+ // dataTypeExpression is optional and defaults to "*"
+ return function( dataTypeExpression, func ) {
+
+ if ( typeof dataTypeExpression !== "string" ) {
+ func = dataTypeExpression;
+ dataTypeExpression = "*";
+ }
+
+ var dataType,
+ i = 0,
+ dataTypes = dataTypeExpression.toLowerCase().match( rnothtmlwhite ) || [];
+
+ if ( jQuery.isFunction( func ) ) {
+
+ // For each dataType in the dataTypeExpression
+ while ( ( dataType = dataTypes[ i++ ] ) ) {
+
+ // Prepend if requested
+ if ( dataType[ 0 ] === "+" ) {
+ dataType = dataType.slice( 1 ) || "*";
+ ( structure[ dataType ] = structure[ dataType ] || [] ).unshift( func );
+
+ // Otherwise append
+ } else {
+ ( structure[ dataType ] = structure[ dataType ] || [] ).push( func );
+ }
+ }
+ }
+ };
+}
+
+// Base inspection function for prefilters and transports
+function inspectPrefiltersOrTransports( structure, options, originalOptions, jqXHR ) {
+
+ var inspected = {},
+ seekingTransport = ( structure === transports );
+
+ function inspect( dataType ) {
+ var selected;
+ inspected[ dataType ] = true;
+ jQuery.each( structure[ dataType ] || [], function( _, prefilterOrFactory ) {
+ var dataTypeOrTransport = prefilterOrFactory( options, originalOptions, jqXHR );
+ if ( typeof dataTypeOrTransport === "string" &&
+ !seekingTransport && !inspected[ dataTypeOrTransport ] ) {
+
+ options.dataTypes.unshift( dataTypeOrTransport );
+ inspect( dataTypeOrTransport );
+ return false;
+ } else if ( seekingTransport ) {
+ return !( selected = dataTypeOrTransport );
+ }
+ } );
+ return selected;
+ }
+
+ return inspect( options.dataTypes[ 0 ] ) || !inspected[ "*" ] && inspect( "*" );
+}
+
+// A special extend for ajax options
+// that takes "flat" options (not to be deep extended)
+// Fixes #9887
+function ajaxExtend( target, src ) {
+ var key, deep,
+ flatOptions = jQuery.ajaxSettings.flatOptions || {};
+
+ for ( key in src ) {
+ if ( src[ key ] !== undefined ) {
+ ( flatOptions[ key ] ? target : ( deep || ( deep = {} ) ) )[ key ] = src[ key ];
+ }
+ }
+ if ( deep ) {
+ jQuery.extend( true, target, deep );
+ }
+
+ return target;
+}
+
+/* Handles responses to an ajax request:
+ * - finds the right dataType (mediates between content-type and expected dataType)
+ * - returns the corresponding response
+ */
+function ajaxHandleResponses( s, jqXHR, responses ) {
+
+ var ct, type, finalDataType, firstDataType,
+ contents = s.contents,
+ dataTypes = s.dataTypes;
+
+ // Remove auto dataType and get content-type in the process
+ while ( dataTypes[ 0 ] === "*" ) {
+ dataTypes.shift();
+ if ( ct === undefined ) {
+ ct = s.mimeType || jqXHR.getResponseHeader( "Content-Type" );
+ }
+ }
+
+ // Check if we're dealing with a known content-type
+ if ( ct ) {
+ for ( type in contents ) {
+ if ( contents[ type ] && contents[ type ].test( ct ) ) {
+ dataTypes.unshift( type );
+ break;
+ }
+ }
+ }
+
+ // Check to see if we have a response for the expected dataType
+ if ( dataTypes[ 0 ] in responses ) {
+ finalDataType = dataTypes[ 0 ];
+ } else {
+
+ // Try convertible dataTypes
+ for ( type in responses ) {
+ if ( !dataTypes[ 0 ] || s.converters[ type + " " + dataTypes[ 0 ] ] ) {
+ finalDataType = type;
+ break;
+ }
+ if ( !firstDataType ) {
+ firstDataType = type;
+ }
+ }
+
+ // Or just use first one
+ finalDataType = finalDataType || firstDataType;
+ }
+
+ // If we found a dataType
+ // We add the dataType to the list if needed
+ // and return the corresponding response
+ if ( finalDataType ) {
+ if ( finalDataType !== dataTypes[ 0 ] ) {
+ dataTypes.unshift( finalDataType );
+ }
+ return responses[ finalDataType ];
+ }
+}
+
+/* Chain conversions given the request and the original response
+ * Also sets the responseXXX fields on the jqXHR instance
+ */
+function ajaxConvert( s, response, jqXHR, isSuccess ) {
+ var conv2, current, conv, tmp, prev,
+ converters = {},
+
+ // Work with a copy of dataTypes in case we need to modify it for conversion
+ dataTypes = s.dataTypes.slice();
+
+ // Create converters map with lowercased keys
+ if ( dataTypes[ 1 ] ) {
+ for ( conv in s.converters ) {
+ converters[ conv.toLowerCase() ] = s.converters[ conv ];
+ }
+ }
+
+ current = dataTypes.shift();
+
+ // Convert to each sequential dataType
+ while ( current ) {
+
+ if ( s.responseFields[ current ] ) {
+ jqXHR[ s.responseFields[ current ] ] = response;
+ }
+
+ // Apply the dataFilter if provided
+ if ( !prev && isSuccess && s.dataFilter ) {
+ response = s.dataFilter( response, s.dataType );
+ }
+
+ prev = current;
+ current = dataTypes.shift();
+
+ if ( current ) {
+
+ // There's only work to do if current dataType is non-auto
+ if ( current === "*" ) {
+
+ current = prev;
+
+ // Convert response if prev dataType is non-auto and differs from current
+ } else if ( prev !== "*" && prev !== current ) {
+
+ // Seek a direct converter
+ conv = converters[ prev + " " + current ] || converters[ "* " + current ];
+
+ // If none found, seek a pair
+ if ( !conv ) {
+ for ( conv2 in converters ) {
+
+ // If conv2 outputs current
+ tmp = conv2.split( " " );
+ if ( tmp[ 1 ] === current ) {
+
+ // If prev can be converted to accepted input
+ conv = converters[ prev + " " + tmp[ 0 ] ] ||
+ converters[ "* " + tmp[ 0 ] ];
+ if ( conv ) {
+
+ // Condense equivalence converters
+ if ( conv === true ) {
+ conv = converters[ conv2 ];
+
+ // Otherwise, insert the intermediate dataType
+ } else if ( converters[ conv2 ] !== true ) {
+ current = tmp[ 0 ];
+ dataTypes.unshift( tmp[ 1 ] );
+ }
+ break;
+ }
+ }
+ }
+ }
+
+ // Apply converter (if not an equivalence)
+ if ( conv !== true ) {
+
+ // Unless errors are allowed to bubble, catch and return them
+ if ( conv && s.throws ) {
+ response = conv( response );
+ } else {
+ try {
+ response = conv( response );
+ } catch ( e ) {
+ return {
+ state: "parsererror",
+ error: conv ? e : "No conversion from " + prev + " to " + current
+ };
+ }
+ }
+ }
+ }
+ }
+ }
+
+ return { state: "success", data: response };
+}
+
+jQuery.extend( {
+
+ // Counter for holding the number of active queries
+ active: 0,
+
+ // Last-Modified header cache for next request
+ lastModified: {},
+ etag: {},
+
+ ajaxSettings: {
+ url: location.href,
+ type: "GET",
+ isLocal: rlocalProtocol.test( location.protocol ),
+ global: true,
+ processData: true,
+ async: true,
+ contentType: "application/x-www-form-urlencoded; charset=UTF-8",
+
+ /*
+ timeout: 0,
+ data: null,
+ dataType: null,
+ username: null,
+ password: null,
+ cache: null,
+ throws: false,
+ traditional: false,
+ headers: {},
+ */
+
+ accepts: {
+ "*": allTypes,
+ text: "text/plain",
+ html: "text/html",
+ xml: "application/xml, text/xml",
+ json: "application/json, text/javascript"
+ },
+
+ contents: {
+ xml: /\bxml\b/,
+ html: /\bhtml/,
+ json: /\bjson\b/
+ },
+
+ responseFields: {
+ xml: "responseXML",
+ text: "responseText",
+ json: "responseJSON"
+ },
+
+ // Data converters
+ // Keys separate source (or catchall "*") and destination types with a single space
+ converters: {
+
+ // Convert anything to text
+ "* text": String,
+
+ // Text to html (true = no transformation)
+ "text html": true,
+
+ // Evaluate text as a json expression
+ "text json": JSON.parse,
+
+ // Parse text as xml
+ "text xml": jQuery.parseXML
+ },
+
+ // For options that shouldn't be deep extended:
+ // you can add your own custom options here if
+ // and when you create one that shouldn't be
+ // deep extended (see ajaxExtend)
+ flatOptions: {
+ url: true,
+ context: true
+ }
+ },
+
+ // Creates a full fledged settings object into target
+ // with both ajaxSettings and settings fields.
+ // If target is omitted, writes into ajaxSettings.
+ ajaxSetup: function( target, settings ) {
+ return settings ?
+
+ // Building a settings object
+ ajaxExtend( ajaxExtend( target, jQuery.ajaxSettings ), settings ) :
+
+ // Extending ajaxSettings
+ ajaxExtend( jQuery.ajaxSettings, target );
+ },
+
+ ajaxPrefilter: addToPrefiltersOrTransports( prefilters ),
+ ajaxTransport: addToPrefiltersOrTransports( transports ),
+
+ // Main method
+ ajax: function( url, options ) {
+
+ // If url is an object, simulate pre-1.5 signature
+ if ( typeof url === "object" ) {
+ options = url;
+ url = undefined;
+ }
+
+ // Force options to be an object
+ options = options || {};
+
+ var transport,
+
+ // URL without anti-cache param
+ cacheURL,
+
+ // Response headers
+ responseHeadersString,
+ responseHeaders,
+
+ // timeout handle
+ timeoutTimer,
+
+ // Url cleanup var
+ urlAnchor,
+
+ // Request state (becomes false upon send and true upon completion)
+ completed,
+
+ // To know if global events are to be dispatched
+ fireGlobals,
+
+ // Loop variable
+ i,
+
+ // uncached part of the url
+ uncached,
+
+ // Create the final options object
+ s = jQuery.ajaxSetup( {}, options ),
+
+ // Callbacks context
+ callbackContext = s.context || s,
+
+ // Context for global events is callbackContext if it is a DOM node or jQuery collection
+ globalEventContext = s.context &&
+ ( callbackContext.nodeType || callbackContext.jquery ) ?
+ jQuery( callbackContext ) :
+ jQuery.event,
+
+ // Deferreds
+ deferred = jQuery.Deferred(),
+ completeDeferred = jQuery.Callbacks( "once memory" ),
+
+ // Status-dependent callbacks
+ statusCode = s.statusCode || {},
+
+ // Headers (they are sent all at once)
+ requestHeaders = {},
+ requestHeadersNames = {},
+
+ // Default abort message
+ strAbort = "canceled",
+
+ // Fake xhr
+ jqXHR = {
+ readyState: 0,
+
+ // Builds headers hashtable if needed
+ getResponseHeader: function( key ) {
+ var match;
+ if ( completed ) {
+ if ( !responseHeaders ) {
+ responseHeaders = {};
+ while ( ( match = rheaders.exec( responseHeadersString ) ) ) {
+ responseHeaders[ match[ 1 ].toLowerCase() ] = match[ 2 ];
+ }
+ }
+ match = responseHeaders[ key.toLowerCase() ];
+ }
+ return match == null ? null : match;
+ },
+
+ // Raw string
+ getAllResponseHeaders: function() {
+ return completed ? responseHeadersString : null;
+ },
+
+ // Caches the header
+ setRequestHeader: function( name, value ) {
+ if ( completed == null ) {
+ name = requestHeadersNames[ name.toLowerCase() ] =
+ requestHeadersNames[ name.toLowerCase() ] || name;
+ requestHeaders[ name ] = value;
+ }
+ return this;
+ },
+
+ // Overrides response content-type header
+ overrideMimeType: function( type ) {
+ if ( completed == null ) {
+ s.mimeType = type;
+ }
+ return this;
+ },
+
+ // Status-dependent callbacks
+ statusCode: function( map ) {
+ var code;
+ if ( map ) {
+ if ( completed ) {
+
+ // Execute the appropriate callbacks
+ jqXHR.always( map[ jqXHR.status ] );
+ } else {
+
+ // Lazy-add the new callbacks in a way that preserves old ones
+ for ( code in map ) {
+ statusCode[ code ] = [ statusCode[ code ], map[ code ] ];
+ }
+ }
+ }
+ return this;
+ },
+
+ // Cancel the request
+ abort: function( statusText ) {
+ var finalText = statusText || strAbort;
+ if ( transport ) {
+ transport.abort( finalText );
+ }
+ done( 0, finalText );
+ return this;
+ }
+ };
+
+ // Attach deferreds
+ deferred.promise( jqXHR );
+
+ // Add protocol if not provided (prefilters might expect it)
+ // Handle falsy url in the settings object (#10093: consistency with old signature)
+ // We also use the url parameter if available
+ s.url = ( ( url || s.url || location.href ) + "" )
+ .replace( rprotocol, location.protocol + "//" );
+
+ // Alias method option to type as per ticket #12004
+ s.type = options.method || options.type || s.method || s.type;
+
+ // Extract dataTypes list
+ s.dataTypes = ( s.dataType || "*" ).toLowerCase().match( rnothtmlwhite ) || [ "" ];
+
+ // A cross-domain request is in order when the origin doesn't match the current origin.
+ if ( s.crossDomain == null ) {
+ urlAnchor = document.createElement( "a" );
+
+ // Support: IE <=8 - 11, Edge 12 - 13
+ // IE throws exception on accessing the href property if url is malformed,
+ // e.g. http://example.com:80x/
+ try {
+ urlAnchor.href = s.url;
+
+ // Support: IE <=8 - 11 only
+ // Anchor's host property isn't correctly set when s.url is relative
+ urlAnchor.href = urlAnchor.href;
+ s.crossDomain = originAnchor.protocol + "//" + originAnchor.host !==
+ urlAnchor.protocol + "//" + urlAnchor.host;
+ } catch ( e ) {
+
+ // If there is an error parsing the URL, assume it is crossDomain,
+ // it can be rejected by the transport if it is invalid
+ s.crossDomain = true;
+ }
+ }
+
+ // Convert data if not already a string
+ if ( s.data && s.processData && typeof s.data !== "string" ) {
+ s.data = jQuery.param( s.data, s.traditional );
+ }
+
+ // Apply prefilters
+ inspectPrefiltersOrTransports( prefilters, s, options, jqXHR );
+
+ // If request was aborted inside a prefilter, stop there
+ if ( completed ) {
+ return jqXHR;
+ }
+
+ // We can fire global events as of now if asked to
+ // Don't fire events if jQuery.event is undefined in an AMD-usage scenario (#15118)
+ fireGlobals = jQuery.event && s.global;
+
+ // Watch for a new set of requests
+ if ( fireGlobals && jQuery.active++ === 0 ) {
+ jQuery.event.trigger( "ajaxStart" );
+ }
+
+ // Uppercase the type
+ s.type = s.type.toUpperCase();
+
+ // Determine if request has content
+ s.hasContent = !rnoContent.test( s.type );
+
+ // Save the URL in case we're toying with the If-Modified-Since
+ // and/or If-None-Match header later on
+ // Remove hash to simplify url manipulation
+ cacheURL = s.url.replace( rhash, "" );
+
+ // More options handling for requests with no content
+ if ( !s.hasContent ) {
+
+ // Remember the hash so we can put it back
+ uncached = s.url.slice( cacheURL.length );
+
+ // If data is available, append data to url
+ if ( s.data ) {
+ cacheURL += ( rquery.test( cacheURL ) ? "&" : "?" ) + s.data;
+
+ // #9682: remove data so that it's not used in an eventual retry
+ delete s.data;
+ }
+
+ // Add or update anti-cache param if needed
+ if ( s.cache === false ) {
+ cacheURL = cacheURL.replace( rantiCache, "$1" );
+ uncached = ( rquery.test( cacheURL ) ? "&" : "?" ) + "_=" + ( nonce++ ) + uncached;
+ }
+
+ // Put hash and anti-cache on the URL that will be requested (gh-1732)
+ s.url = cacheURL + uncached;
+
+ // Change '%20' to '+' if this is encoded form body content (gh-2658)
+ } else if ( s.data && s.processData &&
+ ( s.contentType || "" ).indexOf( "application/x-www-form-urlencoded" ) === 0 ) {
+ s.data = s.data.replace( r20, "+" );
+ }
+
+ // Set the If-Modified-Since and/or If-None-Match header, if in ifModified mode.
+ if ( s.ifModified ) {
+ if ( jQuery.lastModified[ cacheURL ] ) {
+ jqXHR.setRequestHeader( "If-Modified-Since", jQuery.lastModified[ cacheURL ] );
+ }
+ if ( jQuery.etag[ cacheURL ] ) {
+ jqXHR.setRequestHeader( "If-None-Match", jQuery.etag[ cacheURL ] );
+ }
+ }
+
+ // Set the correct header, if data is being sent
+ if ( s.data && s.hasContent && s.contentType !== false || options.contentType ) {
+ jqXHR.setRequestHeader( "Content-Type", s.contentType );
+ }
+
+ // Set the Accepts header for the server, depending on the dataType
+ jqXHR.setRequestHeader(
+ "Accept",
+ s.dataTypes[ 0 ] && s.accepts[ s.dataTypes[ 0 ] ] ?
+ s.accepts[ s.dataTypes[ 0 ] ] +
+ ( s.dataTypes[ 0 ] !== "*" ? ", " + allTypes + "; q=0.01" : "" ) :
+ s.accepts[ "*" ]
+ );
+
+ // Check for headers option
+ for ( i in s.headers ) {
+ jqXHR.setRequestHeader( i, s.headers[ i ] );
+ }
+
+ // Allow custom headers/mimetypes and early abort
+ if ( s.beforeSend &&
+ ( s.beforeSend.call( callbackContext, jqXHR, s ) === false || completed ) ) {
+
+ // Abort if not done already and return
+ return jqXHR.abort();
+ }
+
+ // Aborting is no longer a cancellation
+ strAbort = "abort";
+
+ // Install callbacks on deferreds
+ completeDeferred.add( s.complete );
+ jqXHR.done( s.success );
+ jqXHR.fail( s.error );
+
+ // Get transport
+ transport = inspectPrefiltersOrTransports( transports, s, options, jqXHR );
+
+ // If no transport, we auto-abort
+ if ( !transport ) {
+ done( -1, "No Transport" );
+ } else {
+ jqXHR.readyState = 1;
+
+ // Send global event
+ if ( fireGlobals ) {
+ globalEventContext.trigger( "ajaxSend", [ jqXHR, s ] );
+ }
+
+ // If request was aborted inside ajaxSend, stop there
+ if ( completed ) {
+ return jqXHR;
+ }
+
+ // Timeout
+ if ( s.async && s.timeout > 0 ) {
+ timeoutTimer = window.setTimeout( function() {
+ jqXHR.abort( "timeout" );
+ }, s.timeout );
+ }
+
+ try {
+ completed = false;
+ transport.send( requestHeaders, done );
+ } catch ( e ) {
+
+ // Rethrow post-completion exceptions
+ if ( completed ) {
+ throw e;
+ }
+
+ // Propagate others as results
+ done( -1, e );
+ }
+ }
+
+ // Callback for when everything is done
+ function done( status, nativeStatusText, responses, headers ) {
+ var isSuccess, success, error, response, modified,
+ statusText = nativeStatusText;
+
+ // Ignore repeat invocations
+ if ( completed ) {
+ return;
+ }
+
+ completed = true;
+
+ // Clear timeout if it exists
+ if ( timeoutTimer ) {
+ window.clearTimeout( timeoutTimer );
+ }
+
+ // Dereference transport for early garbage collection
+ // (no matter how long the jqXHR object will be used)
+ transport = undefined;
+
+ // Cache response headers
+ responseHeadersString = headers || "";
+
+ // Set readyState
+ jqXHR.readyState = status > 0 ? 4 : 0;
+
+ // Determine if successful
+ isSuccess = status >= 200 && status < 300 || status === 304;
+
+ // Get response data
+ if ( responses ) {
+ response = ajaxHandleResponses( s, jqXHR, responses );
+ }
+
+ // Convert no matter what (that way responseXXX fields are always set)
+ response = ajaxConvert( s, response, jqXHR, isSuccess );
+
+ // If successful, handle type chaining
+ if ( isSuccess ) {
+
+ // Set the If-Modified-Since and/or If-None-Match header, if in ifModified mode.
+ if ( s.ifModified ) {
+ modified = jqXHR.getResponseHeader( "Last-Modified" );
+ if ( modified ) {
+ jQuery.lastModified[ cacheURL ] = modified;
+ }
+ modified = jqXHR.getResponseHeader( "etag" );
+ if ( modified ) {
+ jQuery.etag[ cacheURL ] = modified;
+ }
+ }
+
+ // if no content
+ if ( status === 204 || s.type === "HEAD" ) {
+ statusText = "nocontent";
+
+ // if not modified
+ } else if ( status === 304 ) {
+ statusText = "notmodified";
+
+ // If we have data, let's convert it
+ } else {
+ statusText = response.state;
+ success = response.data;
+ error = response.error;
+ isSuccess = !error;
+ }
+ } else {
+
+ // Extract error from statusText and normalize for non-aborts
+ error = statusText;
+ if ( status || !statusText ) {
+ statusText = "error";
+ if ( status < 0 ) {
+ status = 0;
+ }
+ }
+ }
+
+ // Set data for the fake xhr object
+ jqXHR.status = status;
+ jqXHR.statusText = ( nativeStatusText || statusText ) + "";
+
+ // Success/Error
+ if ( isSuccess ) {
+ deferred.resolveWith( callbackContext, [ success, statusText, jqXHR ] );
+ } else {
+ deferred.rejectWith( callbackContext, [ jqXHR, statusText, error ] );
+ }
+
+ // Status-dependent callbacks
+ jqXHR.statusCode( statusCode );
+ statusCode = undefined;
+
+ if ( fireGlobals ) {
+ globalEventContext.trigger( isSuccess ? "ajaxSuccess" : "ajaxError",
+ [ jqXHR, s, isSuccess ? success : error ] );
+ }
+
+ // Complete
+ completeDeferred.fireWith( callbackContext, [ jqXHR, statusText ] );
+
+ if ( fireGlobals ) {
+ globalEventContext.trigger( "ajaxComplete", [ jqXHR, s ] );
+
+ // Handle the global AJAX counter
+ if ( !( --jQuery.active ) ) {
+ jQuery.event.trigger( "ajaxStop" );
+ }
+ }
+ }
+
+ return jqXHR;
+ },
+
+ getJSON: function( url, data, callback ) {
+ return jQuery.get( url, data, callback, "json" );
+ },
+
+ getScript: function( url, callback ) {
+ return jQuery.get( url, undefined, callback, "script" );
+ }
+} );
+
+jQuery.each( [ "get", "post" ], function( i, method ) {
+ jQuery[ method ] = function( url, data, callback, type ) {
+
+ // Shift arguments if data argument was omitted
+ if ( jQuery.isFunction( data ) ) {
+ type = type || callback;
+ callback = data;
+ data = undefined;
+ }
+
+ // The url can be an options object (which then must have .url)
+ return jQuery.ajax( jQuery.extend( {
+ url: url,
+ type: method,
+ dataType: type,
+ data: data,
+ success: callback
+ }, jQuery.isPlainObject( url ) && url ) );
+ };
+} );
+
+
+jQuery._evalUrl = function( url ) {
+ return jQuery.ajax( {
+ url: url,
+
+ // Make this explicit, since user can override this through ajaxSetup (#11264)
+ type: "GET",
+ dataType: "script",
+ cache: true,
+ async: false,
+ global: false,
+ "throws": true
+ } );
+};
+
+
+jQuery.fn.extend( {
+ wrapAll: function( html ) {
+ var wrap;
+
+ if ( this[ 0 ] ) {
+ if ( jQuery.isFunction( html ) ) {
+ html = html.call( this[ 0 ] );
+ }
+
+ // The elements to wrap the target around
+ wrap = jQuery( html, this[ 0 ].ownerDocument ).eq( 0 ).clone( true );
+
+ if ( this[ 0 ].parentNode ) {
+ wrap.insertBefore( this[ 0 ] );
+ }
+
+ wrap.map( function() {
+ var elem = this;
+
+ while ( elem.firstElementChild ) {
+ elem = elem.firstElementChild;
+ }
+
+ return elem;
+ } ).append( this );
+ }
+
+ return this;
+ },
+
+ wrapInner: function( html ) {
+ if ( jQuery.isFunction( html ) ) {
+ return this.each( function( i ) {
+ jQuery( this ).wrapInner( html.call( this, i ) );
+ } );
+ }
+
+ return this.each( function() {
+ var self = jQuery( this ),
+ contents = self.contents();
+
+ if ( contents.length ) {
+ contents.wrapAll( html );
+
+ } else {
+ self.append( html );
+ }
+ } );
+ },
+
+ wrap: function( html ) {
+ var isFunction = jQuery.isFunction( html );
+
+ return this.each( function( i ) {
+ jQuery( this ).wrapAll( isFunction ? html.call( this, i ) : html );
+ } );
+ },
+
+ unwrap: function( selector ) {
+ this.parent( selector ).not( "body" ).each( function() {
+ jQuery( this ).replaceWith( this.childNodes );
+ } );
+ return this;
+ }
+} );
+
+
+jQuery.expr.pseudos.hidden = function( elem ) {
+ return !jQuery.expr.pseudos.visible( elem );
+};
+jQuery.expr.pseudos.visible = function( elem ) {
+ return !!( elem.offsetWidth || elem.offsetHeight || elem.getClientRects().length );
+};
+
+
+
+
+jQuery.ajaxSettings.xhr = function() {
+ try {
+ return new window.XMLHttpRequest();
+ } catch ( e ) {}
+};
+
+var xhrSuccessStatus = {
+
+ // File protocol always yields status code 0, assume 200
+ 0: 200,
+
+ // Support: IE <=9 only
+ // #1450: sometimes IE returns 1223 when it should be 204
+ 1223: 204
+ },
+ xhrSupported = jQuery.ajaxSettings.xhr();
+
+support.cors = !!xhrSupported && ( "withCredentials" in xhrSupported );
+support.ajax = xhrSupported = !!xhrSupported;
+
+jQuery.ajaxTransport( function( options ) {
+ var callback, errorCallback;
+
+ // Cross domain only allowed if supported through XMLHttpRequest
+ if ( support.cors || xhrSupported && !options.crossDomain ) {
+ return {
+ send: function( headers, complete ) {
+ var i,
+ xhr = options.xhr();
+
+ xhr.open(
+ options.type,
+ options.url,
+ options.async,
+ options.username,
+ options.password
+ );
+
+ // Apply custom fields if provided
+ if ( options.xhrFields ) {
+ for ( i in options.xhrFields ) {
+ xhr[ i ] = options.xhrFields[ i ];
+ }
+ }
+
+ // Override mime type if needed
+ if ( options.mimeType && xhr.overrideMimeType ) {
+ xhr.overrideMimeType( options.mimeType );
+ }
+
+ // X-Requested-With header
+ // For cross-domain requests, seeing as conditions for a preflight are
+ // akin to a jigsaw puzzle, we simply never set it to be sure.
+ // (it can always be set on a per-request basis or even using ajaxSetup)
+ // For same-domain requests, won't change header if already provided.
+ if ( !options.crossDomain && !headers[ "X-Requested-With" ] ) {
+ headers[ "X-Requested-With" ] = "XMLHttpRequest";
+ }
+
+ // Set headers
+ for ( i in headers ) {
+ xhr.setRequestHeader( i, headers[ i ] );
+ }
+
+ // Callback
+ callback = function( type ) {
+ return function() {
+ if ( callback ) {
+ callback = errorCallback = xhr.onload =
+ xhr.onerror = xhr.onabort = xhr.onreadystatechange = null;
+
+ if ( type === "abort" ) {
+ xhr.abort();
+ } else if ( type === "error" ) {
+
+ // Support: IE <=9 only
+ // On a manual native abort, IE9 throws
+ // errors on any property access that is not readyState
+ if ( typeof xhr.status !== "number" ) {
+ complete( 0, "error" );
+ } else {
+ complete(
+
+ // File: protocol always yields status 0; see #8605, #14207
+ xhr.status,
+ xhr.statusText
+ );
+ }
+ } else {
+ complete(
+ xhrSuccessStatus[ xhr.status ] || xhr.status,
+ xhr.statusText,
+
+ // Support: IE <=9 only
+ // IE9 has no XHR2 but throws on binary (trac-11426)
+ // For XHR2 non-text, let the caller handle it (gh-2498)
+ ( xhr.responseType || "text" ) !== "text" ||
+ typeof xhr.responseText !== "string" ?
+ { binary: xhr.response } :
+ { text: xhr.responseText },
+ xhr.getAllResponseHeaders()
+ );
+ }
+ }
+ };
+ };
+
+ // Listen to events
+ xhr.onload = callback();
+ errorCallback = xhr.onerror = callback( "error" );
+
+ // Support: IE 9 only
+ // Use onreadystatechange to replace onabort
+ // to handle uncaught aborts
+ if ( xhr.onabort !== undefined ) {
+ xhr.onabort = errorCallback;
+ } else {
+ xhr.onreadystatechange = function() {
+
+ // Check readyState before timeout as it changes
+ if ( xhr.readyState === 4 ) {
+
+ // Allow onerror to be called first,
+ // but that will not handle a native abort
+ // Also, save errorCallback to a variable
+ // as xhr.onerror cannot be accessed
+ window.setTimeout( function() {
+ if ( callback ) {
+ errorCallback();
+ }
+ } );
+ }
+ };
+ }
+
+ // Create the abort callback
+ callback = callback( "abort" );
+
+ try {
+
+ // Do send the request (this may raise an exception)
+ xhr.send( options.hasContent && options.data || null );
+ } catch ( e ) {
+
+ // #14683: Only rethrow if this hasn't been notified as an error yet
+ if ( callback ) {
+ throw e;
+ }
+ }
+ },
+
+ abort: function() {
+ if ( callback ) {
+ callback();
+ }
+ }
+ };
+ }
+} );
+
+
+
+
+// Prevent auto-execution of scripts when no explicit dataType was provided (See gh-2432)
+jQuery.ajaxPrefilter( function( s ) {
+ if ( s.crossDomain ) {
+ s.contents.script = false;
+ }
+} );
+
+// Install script dataType
+jQuery.ajaxSetup( {
+ accepts: {
+ script: "text/javascript, application/javascript, " +
+ "application/ecmascript, application/x-ecmascript"
+ },
+ contents: {
+ script: /\b(?:java|ecma)script\b/
+ },
+ converters: {
+ "text script": function( text ) {
+ jQuery.globalEval( text );
+ return text;
+ }
+ }
+} );
+
+// Handle cache's special case and crossDomain
+jQuery.ajaxPrefilter( "script", function( s ) {
+ if ( s.cache === undefined ) {
+ s.cache = false;
+ }
+ if ( s.crossDomain ) {
+ s.type = "GET";
+ }
+} );
+
+// Bind script tag hack transport
+jQuery.ajaxTransport( "script", function( s ) {
+
+ // This transport only deals with cross domain requests
+ if ( s.crossDomain ) {
+ var script, callback;
+ return {
+ send: function( _, complete ) {
+ script = jQuery( "<script>" ).prop( {
+ charset: s.scriptCharset,
+ src: s.url
+ } ).on(
+ "load error",
+ callback = function( evt ) {
+ script.remove();
+ callback = null;
+ if ( evt ) {
+ complete( evt.type === "error" ? 404 : 200, evt.type );
+ }
+ }
+ );
+
+ // Use native DOM manipulation to avoid our domManip AJAX trickery
+ document.head.appendChild( script[ 0 ] );
+ },
+ abort: function() {
+ if ( callback ) {
+ callback();
+ }
+ }
+ };
+ }
+} );
+
+
+
+
+var oldCallbacks = [],
+ rjsonp = /(=)\?(?=&|$)|\?\?/;
+
+// Default jsonp settings
+jQuery.ajaxSetup( {
+ jsonp: "callback",
+ jsonpCallback: function() {
+ var callback = oldCallbacks.pop() || ( jQuery.expando + "_" + ( nonce++ ) );
+ this[ callback ] = true;
+ return callback;
+ }
+} );
+
+// Detect, normalize options and install callbacks for jsonp requests
+jQuery.ajaxPrefilter( "json jsonp", function( s, originalSettings, jqXHR ) {
+
+ var callbackName, overwritten, responseContainer,
+ jsonProp = s.jsonp !== false && ( rjsonp.test( s.url ) ?
+ "url" :
+ typeof s.data === "string" &&
+ ( s.contentType || "" )
+ .indexOf( "application/x-www-form-urlencoded" ) === 0 &&
+ rjsonp.test( s.data ) && "data"
+ );
+
+ // Handle iff the expected data type is "jsonp" or we have a parameter to set
+ if ( jsonProp || s.dataTypes[ 0 ] === "jsonp" ) {
+
+ // Get callback name, remembering preexisting value associated with it
+ callbackName = s.jsonpCallback = jQuery.isFunction( s.jsonpCallback ) ?
+ s.jsonpCallback() :
+ s.jsonpCallback;
+
+ // Insert callback into url or form data
+ if ( jsonProp ) {
+ s[ jsonProp ] = s[ jsonProp ].replace( rjsonp, "$1" + callbackName );
+ } else if ( s.jsonp !== false ) {
+ s.url += ( rquery.test( s.url ) ? "&" : "?" ) + s.jsonp + "=" + callbackName;
+ }
+
+ // Use data converter to retrieve json after script execution
+ s.converters[ "script json" ] = function() {
+ if ( !responseContainer ) {
+ jQuery.error( callbackName + " was not called" );
+ }
+ return responseContainer[ 0 ];
+ };
+
+ // Force json dataType
+ s.dataTypes[ 0 ] = "json";
+
+ // Install callback
+ overwritten = window[ callbackName ];
+ window[ callbackName ] = function() {
+ responseContainer = arguments;
+ };
+
+ // Clean-up function (fires after converters)
+ jqXHR.always( function() {
+
+ // If previous value didn't exist - remove it
+ if ( overwritten === undefined ) {
+ jQuery( window ).removeProp( callbackName );
+
+ // Otherwise restore preexisting value
+ } else {
+ window[ callbackName ] = overwritten;
+ }
+
+ // Save back as free
+ if ( s[ callbackName ] ) {
+
+ // Make sure that re-using the options doesn't screw things around
+ s.jsonpCallback = originalSettings.jsonpCallback;
+
+ // Save the callback name for future use
+ oldCallbacks.push( callbackName );
+ }
+
+ // Call if it was a function and we have a response
+ if ( responseContainer && jQuery.isFunction( overwritten ) ) {
+ overwritten( responseContainer[ 0 ] );
+ }
+
+ responseContainer = overwritten = undefined;
+ } );
+
+ // Delegate to script
+ return "script";
+ }
+} );
+
+
+
+
+// Support: Safari 8 only
+// In Safari 8 documents created via document.implementation.createHTMLDocument
+// collapse sibling forms: the second one becomes a child of the first one.
+// Because of that, this security measure has to be disabled in Safari 8.
+// https://bugs.webkit.org/show_bug.cgi?id=137337
+support.createHTMLDocument = ( function() {
+ var body = document.implementation.createHTMLDocument( "" ).body;
+ body.innerHTML = "<form></form><form></form>";
+ return body.childNodes.length === 2;
+} )();
+
+
+// Argument "data" should be string of html
+// context (optional): If specified, the fragment will be created in this context,
+// defaults to document
+// keepScripts (optional): If true, will include scripts passed in the html string
+jQuery.parseHTML = function( data, context, keepScripts ) {
+ if ( typeof data !== "string" ) {
+ return [];
+ }
+ if ( typeof context === "boolean" ) {
+ keepScripts = context;
+ context = false;
+ }
+
+ var base, parsed, scripts;
+
+ if ( !context ) {
+
+ // Stop scripts or inline event handlers from being executed immediately
+ // by using document.implementation
+ if ( support.createHTMLDocument ) {
+ context = document.implementation.createHTMLDocument( "" );
+
+ // Set the base href for the created document
+ // so any parsed elements with URLs
+ // are based on the document's URL (gh-2965)
+ base = context.createElement( "base" );
+ base.href = document.location.href;
+ context.head.appendChild( base );
+ } else {
+ context = document;
+ }
+ }
+
+ parsed = rsingleTag.exec( data );
+ scripts = !keepScripts && [];
+
+ // Single tag
+ if ( parsed ) {
+ return [ context.createElement( parsed[ 1 ] ) ];
+ }
+
+ parsed = buildFragment( [ data ], context, scripts );
+
+ if ( scripts && scripts.length ) {
+ jQuery( scripts ).remove();
+ }
+
+ return jQuery.merge( [], parsed.childNodes );
+};
+
+
+/**
+ * Load a url into a page
+ */
+jQuery.fn.load = function( url, params, callback ) {
+ var selector, type, response,
+ self = this,
+ off = url.indexOf( " " );
+
+ if ( off > -1 ) {
+ selector = stripAndCollapse( url.slice( off ) );
+ url = url.slice( 0, off );
+ }
+
+ // If it's a function
+ if ( jQuery.isFunction( params ) ) {
+
+ // We assume that it's the callback
+ callback = params;
+ params = undefined;
+
+ // Otherwise, build a param string
+ } else if ( params && typeof params === "object" ) {
+ type = "POST";
+ }
+
+ // If we have elements to modify, make the request
+ if ( self.length > 0 ) {
+ jQuery.ajax( {
+ url: url,
+
+ // If "type" variable is undefined, then "GET" method will be used.
+ // Make value of this field explicit since
+ // user can override it through ajaxSetup method
+ type: type || "GET",
+ dataType: "html",
+ data: params
+ } ).done( function( responseText ) {
+
+ // Save response for use in complete callback
+ response = arguments;
+
+ self.html( selector ?
+
+ // If a selector was specified, locate the right elements in a dummy div
+ // Exclude scripts to avoid IE 'Permission Denied' errors
+ jQuery( "<div>" ).append( jQuery.parseHTML( responseText ) ).find( selector ) :
+
+ // Otherwise use the full result
+ responseText );
+
+ // If the request succeeds, this function gets "data", "status", "jqXHR"
+ // but they are ignored because response was set above.
+ // If it fails, this function gets "jqXHR", "status", "error"
+ } ).always( callback && function( jqXHR, status ) {
+ self.each( function() {
+ callback.apply( this, response || [ jqXHR.responseText, status, jqXHR ] );
+ } );
+ } );
+ }
+
+ return this;
+};
+
+
+
+
+// Attach a bunch of functions for handling common AJAX events
+jQuery.each( [
+ "ajaxStart",
+ "ajaxStop",
+ "ajaxComplete",
+ "ajaxError",
+ "ajaxSuccess",
+ "ajaxSend"
+], function( i, type ) {
+ jQuery.fn[ type ] = function( fn ) {
+ return this.on( type, fn );
+ };
+} );
+
+
+
+
+jQuery.expr.pseudos.animated = function( elem ) {
+ return jQuery.grep( jQuery.timers, function( fn ) {
+ return elem === fn.elem;
+ } ).length;
+};
+
+
+
+
+jQuery.offset = {
+ setOffset: function( elem, options, i ) {
+ var curPosition, curLeft, curCSSTop, curTop, curOffset, curCSSLeft, calculatePosition,
+ position = jQuery.css( elem, "position" ),
+ curElem = jQuery( elem ),
+ props = {};
+
+ // Set position first, in-case top/left are set even on static elem
+ if ( position === "static" ) {
+ elem.style.position = "relative";
+ }
+
+ curOffset = curElem.offset();
+ curCSSTop = jQuery.css( elem, "top" );
+ curCSSLeft = jQuery.css( elem, "left" );
+ calculatePosition = ( position === "absolute" || position === "fixed" ) &&
+ ( curCSSTop + curCSSLeft ).indexOf( "auto" ) > -1;
+
+ // Need to be able to calculate position if either
+ // top or left is auto and position is either absolute or fixed
+ if ( calculatePosition ) {
+ curPosition = curElem.position();
+ curTop = curPosition.top;
+ curLeft = curPosition.left;
+
+ } else {
+ curTop = parseFloat( curCSSTop ) || 0;
+ curLeft = parseFloat( curCSSLeft ) || 0;
+ }
+
+ if ( jQuery.isFunction( options ) ) {
+
+ // Use jQuery.extend here to allow modification of coordinates argument (gh-1848)
+ options = options.call( elem, i, jQuery.extend( {}, curOffset ) );
+ }
+
+ if ( options.top != null ) {
+ props.top = ( options.top - curOffset.top ) + curTop;
+ }
+ if ( options.left != null ) {
+ props.left = ( options.left - curOffset.left ) + curLeft;
+ }
+
+ if ( "using" in options ) {
+ options.using.call( elem, props );
+
+ } else {
+ curElem.css( props );
+ }
+ }
+};
+
+jQuery.fn.extend( {
+ offset: function( options ) {
+
+ // Preserve chaining for setter
+ if ( arguments.length ) {
+ return options === undefined ?
+ this :
+ this.each( function( i ) {
+ jQuery.offset.setOffset( this, options, i );
+ } );
+ }
+
+ var doc, docElem, rect, win,
+ elem = this[ 0 ];
+
+ if ( !elem ) {
+ return;
+ }
+
+ // Return zeros for disconnected and hidden (display: none) elements (gh-2310)
+ // Support: IE <=11 only
+ // Running getBoundingClientRect on a
+ // disconnected node in IE throws an error
+ if ( !elem.getClientRects().length ) {
+ return { top: 0, left: 0 };
+ }
+
+ rect = elem.getBoundingClientRect();
+
+ doc = elem.ownerDocument;
+ docElem = doc.documentElement;
+ win = doc.defaultView;
+
+ return {
+ top: rect.top + win.pageYOffset - docElem.clientTop,
+ left: rect.left + win.pageXOffset - docElem.clientLeft
+ };
+ },
+
+ position: function() {
+ if ( !this[ 0 ] ) {
+ return;
+ }
+
+ var offsetParent, offset,
+ elem = this[ 0 ],
+ parentOffset = { top: 0, left: 0 };
+
+ // Fixed elements are offset from window (parentOffset = {top:0, left: 0},
+ // because it is its only offset parent
+ if ( jQuery.css( elem, "position" ) === "fixed" ) {
+
+ // Assume getBoundingClientRect is there when computed position is fixed
+ offset = elem.getBoundingClientRect();
+
+ } else {
+
+ // Get *real* offsetParent
+ offsetParent = this.offsetParent();
+
+ // Get correct offsets
+ offset = this.offset();
+ if ( !nodeName( offsetParent[ 0 ], "html" ) ) {
+ parentOffset = offsetParent.offset();
+ }
+
+ // Add offsetParent borders
+ parentOffset = {
+ top: parentOffset.top + jQuery.css( offsetParent[ 0 ], "borderTopWidth", true ),
+ left: parentOffset.left + jQuery.css( offsetParent[ 0 ], "borderLeftWidth", true )
+ };
+ }
+
+ // Subtract parent offsets and element margins
+ return {
+ top: offset.top - parentOffset.top - jQuery.css( elem, "marginTop", true ),
+ left: offset.left - parentOffset.left - jQuery.css( elem, "marginLeft", true )
+ };
+ },
+
+ // This method will return documentElement in the following cases:
+ // 1) For the element inside the iframe without offsetParent, this method will return
+ // documentElement of the parent window
+ // 2) For the hidden or detached element
+ // 3) For body or html element, i.e. in case of the html node - it will return itself
+ //
+ // but those exceptions were never presented as a real life use-cases
+ // and might be considered as more preferable results.
+ //
+ // This logic, however, is not guaranteed and can change at any point in the future
+ offsetParent: function() {
+ return this.map( function() {
+ var offsetParent = this.offsetParent;
+
+ while ( offsetParent && jQuery.css( offsetParent, "position" ) === "static" ) {
+ offsetParent = offsetParent.offsetParent;
+ }
+
+ return offsetParent || documentElement;
+ } );
+ }
+} );
+
+// Create scrollLeft and scrollTop methods
+jQuery.each( { scrollLeft: "pageXOffset", scrollTop: "pageYOffset" }, function( method, prop ) {
+ var top = "pageYOffset" === prop;
+
+ jQuery.fn[ method ] = function( val ) {
+ return access( this, function( elem, method, val ) {
+
+ // Coalesce documents and windows
+ var win;
+ if ( jQuery.isWindow( elem ) ) {
+ win = elem;
+ } else if ( elem.nodeType === 9 ) {
+ win = elem.defaultView;
+ }
+
+ if ( val === undefined ) {
+ return win ? win[ prop ] : elem[ method ];
+ }
+
+ if ( win ) {
+ win.scrollTo(
+ !top ? val : win.pageXOffset,
+ top ? val : win.pageYOffset
+ );
+
+ } else {
+ elem[ method ] = val;
+ }
+ }, method, val, arguments.length );
+ };
+} );
+
+// Support: Safari <=7 - 9.1, Chrome <=37 - 49
+// Add the top/left cssHooks using jQuery.fn.position
+// Webkit bug: https://bugs.webkit.org/show_bug.cgi?id=29084
+// Blink bug: https://bugs.chromium.org/p/chromium/issues/detail?id=589347
+// getComputedStyle returns percent when specified for top/left/bottom/right;
+// rather than make the css module depend on the offset module, just check for it here
+jQuery.each( [ "top", "left" ], function( i, prop ) {
+ jQuery.cssHooks[ prop ] = addGetHookIf( support.pixelPosition,
+ function( elem, computed ) {
+ if ( computed ) {
+ computed = curCSS( elem, prop );
+
+ // If curCSS returns percentage, fallback to offset
+ return rnumnonpx.test( computed ) ?
+ jQuery( elem ).position()[ prop ] + "px" :
+ computed;
+ }
+ }
+ );
+} );
+
+
+// Create innerHeight, innerWidth, height, width, outerHeight and outerWidth methods
+jQuery.each( { Height: "height", Width: "width" }, function( name, type ) {
+ jQuery.each( { padding: "inner" + name, content: type, "": "outer" + name },
+ function( defaultExtra, funcName ) {
+
+ // Margin is only for outerHeight, outerWidth
+ jQuery.fn[ funcName ] = function( margin, value ) {
+ var chainable = arguments.length && ( defaultExtra || typeof margin !== "boolean" ),
+ extra = defaultExtra || ( margin === true || value === true ? "margin" : "border" );
+
+ return access( this, function( elem, type, value ) {
+ var doc;
+
+ if ( jQuery.isWindow( elem ) ) {
+
+ // $( window ).outerWidth/Height return w/h including scrollbars (gh-1729)
+ return funcName.indexOf( "outer" ) === 0 ?
+ elem[ "inner" + name ] :
+ elem.document.documentElement[ "client" + name ];
+ }
+
+ // Get document width or height
+ if ( elem.nodeType === 9 ) {
+ doc = elem.documentElement;
+
+ // Either scroll[Width/Height] or offset[Width/Height] or client[Width/Height],
+ // whichever is greatest
+ return Math.max(
+ elem.body[ "scroll" + name ], doc[ "scroll" + name ],
+ elem.body[ "offset" + name ], doc[ "offset" + name ],
+ doc[ "client" + name ]
+ );
+ }
+
+ return value === undefined ?
+
+ // Get width or height on the element, requesting but not forcing parseFloat
+ jQuery.css( elem, type, extra ) :
+
+ // Set width or height on the element
+ jQuery.style( elem, type, value, extra );
+ }, type, chainable ? margin : undefined, chainable );
+ };
+ } );
+} );
+
+
+jQuery.fn.extend( {
+
+ bind: function( types, data, fn ) {
+ return this.on( types, null, data, fn );
+ },
+ unbind: function( types, fn ) {
+ return this.off( types, null, fn );
+ },
+
+ delegate: function( selector, types, data, fn ) {
+ return this.on( types, selector, data, fn );
+ },
+ undelegate: function( selector, types, fn ) {
+
+ // ( namespace ) or ( selector, types [, fn] )
+ return arguments.length === 1 ?
+ this.off( selector, "**" ) :
+ this.off( types, selector || "**", fn );
+ }
+} );
+
+jQuery.holdReady = function( hold ) {
+ if ( hold ) {
+ jQuery.readyWait++;
+ } else {
+ jQuery.ready( true );
+ }
+};
+jQuery.isArray = Array.isArray;
+jQuery.parseJSON = JSON.parse;
+jQuery.nodeName = nodeName;
+
+
+
+
+// Register as a named AMD module, since jQuery can be concatenated with other
+// files that may use define, but not via a proper concatenation script that
+// understands anonymous AMD modules. A named AMD is safest and most robust
+// way to register. Lowercase jquery is used because AMD module names are
+// derived from file names, and jQuery is normally delivered in a lowercase
+// file name. Do this after creating the global so that if an AMD module wants
+// to call noConflict to hide this version of jQuery, it will work.
+
+// Note that for maximum portability, libraries that are not jQuery should
+// declare themselves as anonymous modules, and avoid setting a global if an
+// AMD loader is present. jQuery is a special case. For more information, see
+// https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
+
+if ( typeof define === "function" && define.amd ) {
+ define( "jquery", [], function() {
+ return jQuery;
+ } );
+}
+
+
+
+
+var
+
+ // Map over jQuery in case of overwrite
+ _jQuery = window.jQuery,
+
+ // Map over the $ in case of overwrite
+ _$ = window.$;
+
+jQuery.noConflict = function( deep ) {
+ if ( window.$ === jQuery ) {
+ window.$ = _$;
+ }
+
+ if ( deep && window.jQuery === jQuery ) {
+ window.jQuery = _jQuery;
+ }
+
+ return jQuery;
+};
+
+// Expose jQuery and $ identifiers, even in AMD
+// (#7102#comment:10, https://github.com/jquery/jquery/pull/557)
+// and CommonJS for browser emulators (#13566)
+if ( !noGlobal ) {
+ window.jQuery = window.$ = jQuery;
+}
+
+
+
+
+return jQuery;
+} );
diff --git a/docs/1.1.0/html/_static/minus.png b/docs/1.1.0/html/_static/minus.png
new file mode 100644
index 0000000..d96755f
--- /dev/null
+++ b/docs/1.1.0/html/_static/minus.png
Binary files differ
diff --git a/docs/1.1.0/html/_static/plus.png b/docs/1.1.0/html/_static/plus.png
new file mode 100644
index 0000000..7107cec
--- /dev/null
+++ b/docs/1.1.0/html/_static/plus.png
Binary files differ
diff --git a/docs/1.1.0/html/_static/pygments.css b/docs/1.1.0/html/_static/pygments.css
new file mode 100644
index 0000000..20c4814
--- /dev/null
+++ b/docs/1.1.0/html/_static/pygments.css
@@ -0,0 +1,69 @@
+.highlight .hll { background-color: #ffffcc }
+.highlight { background: #eeffcc; }
+.highlight .c { color: #408090; font-style: italic } /* Comment */
+.highlight .err { border: 1px solid #FF0000 } /* Error */
+.highlight .k { color: #007020; font-weight: bold } /* Keyword */
+.highlight .o { color: #666666 } /* Operator */
+.highlight .ch { color: #408090; font-style: italic } /* Comment.Hashbang */
+.highlight .cm { color: #408090; font-style: italic } /* Comment.Multiline */
+.highlight .cp { color: #007020 } /* Comment.Preproc */
+.highlight .cpf { color: #408090; font-style: italic } /* Comment.PreprocFile */
+.highlight .c1 { color: #408090; font-style: italic } /* Comment.Single */
+.highlight .cs { color: #408090; background-color: #fff0f0 } /* Comment.Special */
+.highlight .gd { color: #A00000 } /* Generic.Deleted */
+.highlight .ge { font-style: italic } /* Generic.Emph */
+.highlight .gr { color: #FF0000 } /* Generic.Error */
+.highlight .gh { color: #000080; font-weight: bold } /* Generic.Heading */
+.highlight .gi { color: #00A000 } /* Generic.Inserted */
+.highlight .go { color: #333333 } /* Generic.Output */
+.highlight .gp { color: #c65d09; font-weight: bold } /* Generic.Prompt */
+.highlight .gs { font-weight: bold } /* Generic.Strong */
+.highlight .gu { color: #800080; font-weight: bold } /* Generic.Subheading */
+.highlight .gt { color: #0044DD } /* Generic.Traceback */
+.highlight .kc { color: #007020; font-weight: bold } /* Keyword.Constant */
+.highlight .kd { color: #007020; font-weight: bold } /* Keyword.Declaration */
+.highlight .kn { color: #007020; font-weight: bold } /* Keyword.Namespace */
+.highlight .kp { color: #007020 } /* Keyword.Pseudo */
+.highlight .kr { color: #007020; font-weight: bold } /* Keyword.Reserved */
+.highlight .kt { color: #902000 } /* Keyword.Type */
+.highlight .m { color: #208050 } /* Literal.Number */
+.highlight .s { color: #4070a0 } /* Literal.String */
+.highlight .na { color: #4070a0 } /* Name.Attribute */
+.highlight .nb { color: #007020 } /* Name.Builtin */
+.highlight .nc { color: #0e84b5; font-weight: bold } /* Name.Class */
+.highlight .no { color: #60add5 } /* Name.Constant */
+.highlight .nd { color: #555555; font-weight: bold } /* Name.Decorator */
+.highlight .ni { color: #d55537; font-weight: bold } /* Name.Entity */
+.highlight .ne { color: #007020 } /* Name.Exception */
+.highlight .nf { color: #06287e } /* Name.Function */
+.highlight .nl { color: #002070; font-weight: bold } /* Name.Label */
+.highlight .nn { color: #0e84b5; font-weight: bold } /* Name.Namespace */
+.highlight .nt { color: #062873; font-weight: bold } /* Name.Tag */
+.highlight .nv { color: #bb60d5 } /* Name.Variable */
+.highlight .ow { color: #007020; font-weight: bold } /* Operator.Word */
+.highlight .w { color: #bbbbbb } /* Text.Whitespace */
+.highlight .mb { color: #208050 } /* Literal.Number.Bin */
+.highlight .mf { color: #208050 } /* Literal.Number.Float */
+.highlight .mh { color: #208050 } /* Literal.Number.Hex */
+.highlight .mi { color: #208050 } /* Literal.Number.Integer */
+.highlight .mo { color: #208050 } /* Literal.Number.Oct */
+.highlight .sa { color: #4070a0 } /* Literal.String.Affix */
+.highlight .sb { color: #4070a0 } /* Literal.String.Backtick */
+.highlight .sc { color: #4070a0 } /* Literal.String.Char */
+.highlight .dl { color: #4070a0 } /* Literal.String.Delimiter */
+.highlight .sd { color: #4070a0; font-style: italic } /* Literal.String.Doc */
+.highlight .s2 { color: #4070a0 } /* Literal.String.Double */
+.highlight .se { color: #4070a0; font-weight: bold } /* Literal.String.Escape */
+.highlight .sh { color: #4070a0 } /* Literal.String.Heredoc */
+.highlight .si { color: #70a0d0; font-style: italic } /* Literal.String.Interpol */
+.highlight .sx { color: #c65d09 } /* Literal.String.Other */
+.highlight .sr { color: #235388 } /* Literal.String.Regex */
+.highlight .s1 { color: #4070a0 } /* Literal.String.Single */
+.highlight .ss { color: #517918 } /* Literal.String.Symbol */
+.highlight .bp { color: #007020 } /* Name.Builtin.Pseudo */
+.highlight .fm { color: #06287e } /* Name.Function.Magic */
+.highlight .vc { color: #bb60d5 } /* Name.Variable.Class */
+.highlight .vg { color: #bb60d5 } /* Name.Variable.Global */
+.highlight .vi { color: #bb60d5 } /* Name.Variable.Instance */
+.highlight .vm { color: #bb60d5 } /* Name.Variable.Magic */
+.highlight .il { color: #208050 } /* Literal.Number.Integer.Long */
\ No newline at end of file
diff --git a/docs/1.1.0/html/_static/searchtools.js b/docs/1.1.0/html/_static/searchtools.js
new file mode 100644
index 0000000..41b8336
--- /dev/null
+++ b/docs/1.1.0/html/_static/searchtools.js
@@ -0,0 +1,761 @@
+/*
+ * searchtools.js_t
+ * ~~~~~~~~~~~~~~~~
+ *
+ * Sphinx JavaScript utilities for the full-text search.
+ *
+ * :copyright: Copyright 2007-2018 by the Sphinx team, see AUTHORS.
+ * :license: BSD, see LICENSE for details.
+ *
+ */
+
+
+/* Non-minified version JS is _stemmer.js if file is provided */
+/**
+ * Porter Stemmer
+ */
+var Stemmer = function() {
+
+ var step2list = {
+ ational: 'ate',
+ tional: 'tion',
+ enci: 'ence',
+ anci: 'ance',
+ izer: 'ize',
+ bli: 'ble',
+ alli: 'al',
+ entli: 'ent',
+ eli: 'e',
+ ousli: 'ous',
+ ization: 'ize',
+ ation: 'ate',
+ ator: 'ate',
+ alism: 'al',
+ iveness: 'ive',
+ fulness: 'ful',
+ ousness: 'ous',
+ aliti: 'al',
+ iviti: 'ive',
+ biliti: 'ble',
+ logi: 'log'
+ };
+
+ var step3list = {
+ icate: 'ic',
+ ative: '',
+ alize: 'al',
+ iciti: 'ic',
+ ical: 'ic',
+ ful: '',
+ ness: ''
+ };
+
+ var c = "[^aeiou]"; // consonant
+ var v = "[aeiouy]"; // vowel
+ var C = c + "[^aeiouy]*"; // consonant sequence
+ var V = v + "[aeiou]*"; // vowel sequence
+
+ var mgr0 = "^(" + C + ")?" + V + C; // [C]VC... is m>0
+ var meq1 = "^(" + C + ")?" + V + C + "(" + V + ")?$"; // [C]VC[V] is m=1
+ var mgr1 = "^(" + C + ")?" + V + C + V + C; // [C]VCVC... is m>1
+ var s_v = "^(" + C + ")?" + v; // vowel in stem
+
+ this.stemWord = function (w) {
+ var stem;
+ var suffix;
+ var firstch;
+ var origword = w;
+
+ if (w.length < 3)
+ return w;
+
+ var re;
+ var re2;
+ var re3;
+ var re4;
+
+ firstch = w.substr(0,1);
+ if (firstch == "y")
+ w = firstch.toUpperCase() + w.substr(1);
+
+ // Step 1a
+ re = /^(.+?)(ss|i)es$/;
+ re2 = /^(.+?)([^s])s$/;
+
+ if (re.test(w))
+ w = w.replace(re,"$1$2");
+ else if (re2.test(w))
+ w = w.replace(re2,"$1$2");
+
+ // Step 1b
+ re = /^(.+?)eed$/;
+ re2 = /^(.+?)(ed|ing)$/;
+ if (re.test(w)) {
+ var fp = re.exec(w);
+ re = new RegExp(mgr0);
+ if (re.test(fp[1])) {
+ re = /.$/;
+ w = w.replace(re,"");
+ }
+ }
+ else if (re2.test(w)) {
+ var fp = re2.exec(w);
+ stem = fp[1];
+ re2 = new RegExp(s_v);
+ if (re2.test(stem)) {
+ w = stem;
+ re2 = /(at|bl|iz)$/;
+ re3 = new RegExp("([^aeiouylsz])\\1$");
+ re4 = new RegExp("^" + C + v + "[^aeiouwxy]$");
+ if (re2.test(w))
+ w = w + "e";
+ else if (re3.test(w)) {
+ re = /.$/;
+ w = w.replace(re,"");
+ }
+ else if (re4.test(w))
+ w = w + "e";
+ }
+ }
+
+ // Step 1c
+ re = /^(.+?)y$/;
+ if (re.test(w)) {
+ var fp = re.exec(w);
+ stem = fp[1];
+ re = new RegExp(s_v);
+ if (re.test(stem))
+ w = stem + "i";
+ }
+
+ // Step 2
+ re = /^(.+?)(ational|tional|enci|anci|izer|bli|alli|entli|eli|ousli|ization|ation|ator|alism|iveness|fulness|ousness|aliti|iviti|biliti|logi)$/;
+ if (re.test(w)) {
+ var fp = re.exec(w);
+ stem = fp[1];
+ suffix = fp[2];
+ re = new RegExp(mgr0);
+ if (re.test(stem))
+ w = stem + step2list[suffix];
+ }
+
+ // Step 3
+ re = /^(.+?)(icate|ative|alize|iciti|ical|ful|ness)$/;
+ if (re.test(w)) {
+ var fp = re.exec(w);
+ stem = fp[1];
+ suffix = fp[2];
+ re = new RegExp(mgr0);
+ if (re.test(stem))
+ w = stem + step3list[suffix];
+ }
+
+ // Step 4
+ re = /^(.+?)(al|ance|ence|er|ic|able|ible|ant|ement|ment|ent|ou|ism|ate|iti|ous|ive|ize)$/;
+ re2 = /^(.+?)(s|t)(ion)$/;
+ if (re.test(w)) {
+ var fp = re.exec(w);
+ stem = fp[1];
+ re = new RegExp(mgr1);
+ if (re.test(stem))
+ w = stem;
+ }
+ else if (re2.test(w)) {
+ var fp = re2.exec(w);
+ stem = fp[1] + fp[2];
+ re2 = new RegExp(mgr1);
+ if (re2.test(stem))
+ w = stem;
+ }
+
+ // Step 5
+ re = /^(.+?)e$/;
+ if (re.test(w)) {
+ var fp = re.exec(w);
+ stem = fp[1];
+ re = new RegExp(mgr1);
+ re2 = new RegExp(meq1);
+ re3 = new RegExp("^" + C + v + "[^aeiouwxy]$");
+ if (re.test(stem) || (re2.test(stem) && !(re3.test(stem))))
+ w = stem;
+ }
+ re = /ll$/;
+ re2 = new RegExp(mgr1);
+ if (re.test(w) && re2.test(w)) {
+ re = /.$/;
+ w = w.replace(re,"");
+ }
+
+ // and turn initial Y back to y
+ if (firstch == "y")
+ w = firstch.toLowerCase() + w.substr(1);
+ return w;
+ }
+}
+
+
+
+/**
+ * Simple result scoring code.
+ */
+var Scorer = {
+ // Implement the following function to further tweak the score for each result
+ // The function takes a result array [filename, title, anchor, descr, score]
+ // and returns the new score.
+ /*
+ score: function(result) {
+ return result[4];
+ },
+ */
+
+ // query matches the full name of an object
+ objNameMatch: 11,
+ // or matches in the last dotted part of the object name
+ objPartialMatch: 6,
+ // Additive scores depending on the priority of the object
+ objPrio: {0: 15, // used to be importantResults
+ 1: 5, // used to be objectResults
+ 2: -5}, // used to be unimportantResults
+ // Used when the priority is not in the mapping.
+ objPrioDefault: 0,
+
+ // query found in title
+ title: 15,
+ // query found in terms
+ term: 5
+};
+
+
+
+
+
+var splitChars = (function() {
+ var result = {};
+ var singles = [96, 180, 187, 191, 215, 247, 749, 885, 903, 907, 909, 930, 1014, 1648,
+ 1748, 1809, 2416, 2473, 2481, 2526, 2601, 2609, 2612, 2615, 2653, 2702,
+ 2706, 2729, 2737, 2740, 2857, 2865, 2868, 2910, 2928, 2948, 2961, 2971,
+ 2973, 3085, 3089, 3113, 3124, 3213, 3217, 3241, 3252, 3295, 3341, 3345,
+ 3369, 3506, 3516, 3633, 3715, 3721, 3736, 3744, 3748, 3750, 3756, 3761,
+ 3781, 3912, 4239, 4347, 4681, 4695, 4697, 4745, 4785, 4799, 4801, 4823,
+ 4881, 5760, 5901, 5997, 6313, 7405, 8024, 8026, 8028, 8030, 8117, 8125,
+ 8133, 8181, 8468, 8485, 8487, 8489, 8494, 8527, 11311, 11359, 11687, 11695,
+ 11703, 11711, 11719, 11727, 11735, 12448, 12539, 43010, 43014, 43019, 43587,
+ 43696, 43713, 64286, 64297, 64311, 64317, 64319, 64322, 64325, 65141];
+ var i, j, start, end;
+ for (i = 0; i < singles.length; i++) {
+ result[singles[i]] = true;
+ }
+ var ranges = [[0, 47], [58, 64], [91, 94], [123, 169], [171, 177], [182, 184], [706, 709],
+ [722, 735], [741, 747], [751, 879], [888, 889], [894, 901], [1154, 1161],
+ [1318, 1328], [1367, 1368], [1370, 1376], [1416, 1487], [1515, 1519], [1523, 1568],
+ [1611, 1631], [1642, 1645], [1750, 1764], [1767, 1773], [1789, 1790], [1792, 1807],
+ [1840, 1868], [1958, 1968], [1970, 1983], [2027, 2035], [2038, 2041], [2043, 2047],
+ [2070, 2073], [2075, 2083], [2085, 2087], [2089, 2307], [2362, 2364], [2366, 2383],
+ [2385, 2391], [2402, 2405], [2419, 2424], [2432, 2436], [2445, 2446], [2449, 2450],
+ [2483, 2485], [2490, 2492], [2494, 2509], [2511, 2523], [2530, 2533], [2546, 2547],
+ [2554, 2564], [2571, 2574], [2577, 2578], [2618, 2648], [2655, 2661], [2672, 2673],
+ [2677, 2692], [2746, 2748], [2750, 2767], [2769, 2783], [2786, 2789], [2800, 2820],
+ [2829, 2830], [2833, 2834], [2874, 2876], [2878, 2907], [2914, 2917], [2930, 2946],
+ [2955, 2957], [2966, 2968], [2976, 2978], [2981, 2983], [2987, 2989], [3002, 3023],
+ [3025, 3045], [3059, 3076], [3130, 3132], [3134, 3159], [3162, 3167], [3170, 3173],
+ [3184, 3191], [3199, 3204], [3258, 3260], [3262, 3293], [3298, 3301], [3312, 3332],
+ [3386, 3388], [3390, 3423], [3426, 3429], [3446, 3449], [3456, 3460], [3479, 3481],
+ [3518, 3519], [3527, 3584], [3636, 3647], [3655, 3663], [3674, 3712], [3717, 3718],
+ [3723, 3724], [3726, 3731], [3752, 3753], [3764, 3772], [3774, 3775], [3783, 3791],
+ [3802, 3803], [3806, 3839], [3841, 3871], [3892, 3903], [3949, 3975], [3980, 4095],
+ [4139, 4158], [4170, 4175], [4182, 4185], [4190, 4192], [4194, 4196], [4199, 4205],
+ [4209, 4212], [4226, 4237], [4250, 4255], [4294, 4303], [4349, 4351], [4686, 4687],
+ [4702, 4703], [4750, 4751], [4790, 4791], [4806, 4807], [4886, 4887], [4955, 4968],
+ [4989, 4991], [5008, 5023], [5109, 5120], [5741, 5742], [5787, 5791], [5867, 5869],
+ [5873, 5887], [5906, 5919], [5938, 5951], [5970, 5983], [6001, 6015], [6068, 6102],
+ [6104, 6107], [6109, 6111], [6122, 6127], [6138, 6159], [6170, 6175], [6264, 6271],
+ [6315, 6319], [6390, 6399], [6429, 6469], [6510, 6511], [6517, 6527], [6572, 6592],
+ [6600, 6607], [6619, 6655], [6679, 6687], [6741, 6783], [6794, 6799], [6810, 6822],
+ [6824, 6916], [6964, 6980], [6988, 6991], [7002, 7042], [7073, 7085], [7098, 7167],
+ [7204, 7231], [7242, 7244], [7294, 7400], [7410, 7423], [7616, 7679], [7958, 7959],
+ [7966, 7967], [8006, 8007], [8014, 8015], [8062, 8063], [8127, 8129], [8141, 8143],
+ [8148, 8149], [8156, 8159], [8173, 8177], [8189, 8303], [8306, 8307], [8314, 8318],
+ [8330, 8335], [8341, 8449], [8451, 8454], [8456, 8457], [8470, 8472], [8478, 8483],
+ [8506, 8507], [8512, 8516], [8522, 8525], [8586, 9311], [9372, 9449], [9472, 10101],
+ [10132, 11263], [11493, 11498], [11503, 11516], [11518, 11519], [11558, 11567],
+ [11622, 11630], [11632, 11647], [11671, 11679], [11743, 11822], [11824, 12292],
+ [12296, 12320], [12330, 12336], [12342, 12343], [12349, 12352], [12439, 12444],
+ [12544, 12548], [12590, 12592], [12687, 12689], [12694, 12703], [12728, 12783],
+ [12800, 12831], [12842, 12880], [12896, 12927], [12938, 12976], [12992, 13311],
+ [19894, 19967], [40908, 40959], [42125, 42191], [42238, 42239], [42509, 42511],
+ [42540, 42559], [42592, 42593], [42607, 42622], [42648, 42655], [42736, 42774],
+ [42784, 42785], [42889, 42890], [42893, 43002], [43043, 43055], [43062, 43071],
+ [43124, 43137], [43188, 43215], [43226, 43249], [43256, 43258], [43260, 43263],
+ [43302, 43311], [43335, 43359], [43389, 43395], [43443, 43470], [43482, 43519],
+ [43561, 43583], [43596, 43599], [43610, 43615], [43639, 43641], [43643, 43647],
+ [43698, 43700], [43703, 43704], [43710, 43711], [43715, 43738], [43742, 43967],
+ [44003, 44015], [44026, 44031], [55204, 55215], [55239, 55242], [55292, 55295],
+ [57344, 63743], [64046, 64047], [64110, 64111], [64218, 64255], [64263, 64274],
+ [64280, 64284], [64434, 64466], [64830, 64847], [64912, 64913], [64968, 65007],
+ [65020, 65135], [65277, 65295], [65306, 65312], [65339, 65344], [65371, 65381],
+ [65471, 65473], [65480, 65481], [65488, 65489], [65496, 65497]];
+ for (i = 0; i < ranges.length; i++) {
+ start = ranges[i][0];
+ end = ranges[i][1];
+ for (j = start; j <= end; j++) {
+ result[j] = true;
+ }
+ }
+ return result;
+})();
+
+function splitQuery(query) {
+ var result = [];
+ var start = -1;
+ for (var i = 0; i < query.length; i++) {
+ if (splitChars[query.charCodeAt(i)]) {
+ if (start !== -1) {
+ result.push(query.slice(start, i));
+ start = -1;
+ }
+ } else if (start === -1) {
+ start = i;
+ }
+ }
+ if (start !== -1) {
+ result.push(query.slice(start));
+ }
+ return result;
+}
+
+
+
+
+/**
+ * Search Module
+ */
+var Search = {
+
+ _index : null,
+ _queued_query : null,
+ _pulse_status : -1,
+
+ init : function() {
+ var params = $.getQueryParameters();
+ if (params.q) {
+ var query = params.q[0];
+ $('input[name="q"]')[0].value = query;
+ this.performSearch(query);
+ }
+ },
+
+ loadIndex : function(url) {
+ $.ajax({type: "GET", url: url, data: null,
+ dataType: "script", cache: true,
+ complete: function(jqxhr, textstatus) {
+ if (textstatus != "success") {
+ document.getElementById("searchindexloader").src = url;
+ }
+ }});
+ },
+
+ setIndex : function(index) {
+ var q;
+ this._index = index;
+ if ((q = this._queued_query) !== null) {
+ this._queued_query = null;
+ Search.query(q);
+ }
+ },
+
+ hasIndex : function() {
+ return this._index !== null;
+ },
+
+ deferQuery : function(query) {
+ this._queued_query = query;
+ },
+
+ stopPulse : function() {
+ this._pulse_status = 0;
+ },
+
+ startPulse : function() {
+ if (this._pulse_status >= 0)
+ return;
+ function pulse() {
+ var i;
+ Search._pulse_status = (Search._pulse_status + 1) % 4;
+ var dotString = '';
+ for (i = 0; i < Search._pulse_status; i++)
+ dotString += '.';
+ Search.dots.text(dotString);
+ if (Search._pulse_status > -1)
+ window.setTimeout(pulse, 500);
+ }
+ pulse();
+ },
+
+ /**
+ * perform a search for something (or wait until index is loaded)
+ */
+ performSearch : function(query) {
+ // create the required interface elements
+ this.out = $('#search-results');
+ this.title = $('<h2>' + _('Searching') + '</h2>').appendTo(this.out);
+ this.dots = $('<span></span>').appendTo(this.title);
+ this.status = $('<p style="display: none"></p>').appendTo(this.out);
+ this.output = $('<ul class="search"/>').appendTo(this.out);
+
+ $('#search-progress').text(_('Preparing search...'));
+ this.startPulse();
+
+ // index already loaded, the browser was quick!
+ if (this.hasIndex())
+ this.query(query);
+ else
+ this.deferQuery(query);
+ },
+
+ /**
+ * execute search (requires search index to be loaded)
+ */
+ query : function(query) {
+ var i;
+ var stopwords = ["a","and","are","as","at","be","but","by","for","if","in","into","is","it","near","no","not","of","on","or","such","that","the","their","then","there","these","they","this","to","was","will","with"];
+
+ // stem the searchterms and add them to the correct list
+ var stemmer = new Stemmer();
+ var searchterms = [];
+ var excluded = [];
+ var hlterms = [];
+ var tmp = splitQuery(query);
+ var objectterms = [];
+ for (i = 0; i < tmp.length; i++) {
+ if (tmp[i] !== "") {
+ objectterms.push(tmp[i].toLowerCase());
+ }
+
+ if ($u.indexOf(stopwords, tmp[i].toLowerCase()) != -1 || tmp[i].match(/^\d+$/) ||
+ tmp[i] === "") {
+ // skip this "word"
+ continue;
+ }
+ // stem the word
+ var word = stemmer.stemWord(tmp[i].toLowerCase());
+ // prevent stemmer from cutting word smaller than two chars
+ if(word.length < 3 && tmp[i].length >= 3) {
+ word = tmp[i];
+ }
+ var toAppend;
+ // select the correct list
+ if (word[0] == '-') {
+ toAppend = excluded;
+ word = word.substr(1);
+ }
+ else {
+ toAppend = searchterms;
+ hlterms.push(tmp[i].toLowerCase());
+ }
+ // only add if not already in the list
+ if (!$u.contains(toAppend, word))
+ toAppend.push(word);
+ }
+ var highlightstring = '?highlight=' + $.urlencode(hlterms.join(" "));
+
+ // console.debug('SEARCH: searching for:');
+ // console.info('required: ', searchterms);
+ // console.info('excluded: ', excluded);
+
+ // prepare search
+ var terms = this._index.terms;
+ var titleterms = this._index.titleterms;
+
+ // array of [filename, title, anchor, descr, score]
+ var results = [];
+ $('#search-progress').empty();
+
+ // lookup as object
+ for (i = 0; i < objectterms.length; i++) {
+ var others = [].concat(objectterms.slice(0, i),
+ objectterms.slice(i+1, objectterms.length));
+ results = results.concat(this.performObjectSearch(objectterms[i], others));
+ }
+
+ // lookup as search terms in fulltext
+ results = results.concat(this.performTermsSearch(searchterms, excluded, terms, titleterms));
+
+ // let the scorer override scores with a custom scoring function
+ if (Scorer.score) {
+ for (i = 0; i < results.length; i++)
+ results[i][4] = Scorer.score(results[i]);
+ }
+
+ // now sort the results by score (in opposite order of appearance, since the
+ // display function below uses pop() to retrieve items) and then
+ // alphabetically
+ results.sort(function(a, b) {
+ var left = a[4];
+ var right = b[4];
+ if (left > right) {
+ return 1;
+ } else if (left < right) {
+ return -1;
+ } else {
+ // same score: sort alphabetically
+ left = a[1].toLowerCase();
+ right = b[1].toLowerCase();
+ return (left > right) ? -1 : ((left < right) ? 1 : 0);
+ }
+ });
+
+ // for debugging
+ //Search.lastresults = results.slice(); // a copy
+ //console.info('search results:', Search.lastresults);
+
+ // print the results
+ var resultCount = results.length;
+ function displayNextItem() {
+ // results left, load the summary and display it
+ if (results.length) {
+ var item = results.pop();
+ var listItem = $('<li style="display:none"></li>');
+ if (DOCUMENTATION_OPTIONS.FILE_SUFFIX === '') {
+ // dirhtml builder
+ var dirname = item[0] + '/';
+ if (dirname.match(/\/index\/$/)) {
+ dirname = dirname.substring(0, dirname.length-6);
+ } else if (dirname == 'index/') {
+ dirname = '';
+ }
+ listItem.append($('<a/>').attr('href',
+ DOCUMENTATION_OPTIONS.URL_ROOT + dirname +
+ highlightstring + item[2]).html(item[1]));
+ } else {
+ // normal html builders
+ listItem.append($('<a/>').attr('href',
+ item[0] + DOCUMENTATION_OPTIONS.FILE_SUFFIX +
+ highlightstring + item[2]).html(item[1]));
+ }
+ if (item[3]) {
+ listItem.append($('<span> (' + item[3] + ')</span>'));
+ Search.output.append(listItem);
+ listItem.slideDown(5, function() {
+ displayNextItem();
+ });
+ } else if (DOCUMENTATION_OPTIONS.HAS_SOURCE) {
+ var suffix = DOCUMENTATION_OPTIONS.SOURCELINK_SUFFIX;
+ if (suffix === undefined) {
+ suffix = '.txt';
+ }
+ $.ajax({url: DOCUMENTATION_OPTIONS.URL_ROOT + '_sources/' + item[5] + (item[5].slice(-suffix.length) === suffix ? '' : suffix),
+ dataType: "text",
+ complete: function(jqxhr, textstatus) {
+ var data = jqxhr.responseText;
+ if (data !== '' && data !== undefined) {
+ listItem.append(Search.makeSearchSummary(data, searchterms, hlterms));
+ }
+ Search.output.append(listItem);
+ listItem.slideDown(5, function() {
+ displayNextItem();
+ });
+ }});
+ } else {
+ // no source available, just display title
+ Search.output.append(listItem);
+ listItem.slideDown(5, function() {
+ displayNextItem();
+ });
+ }
+ }
+ // search finished, update title and status message
+ else {
+ Search.stopPulse();
+ Search.title.text(_('Search Results'));
+ if (!resultCount)
+ Search.status.text(_('Your search did not match any documents. Please make sure that all words are spelled correctly and that you\'ve selected enough categories.'));
+ else
+ Search.status.text(_('Search finished, found %s page(s) matching the search query.').replace('%s', resultCount));
+ Search.status.fadeIn(500);
+ }
+ }
+ displayNextItem();
+ },
+
+ /**
+ * search for object names
+ */
+ performObjectSearch : function(object, otherterms) {
+ var filenames = this._index.filenames;
+ var docnames = this._index.docnames;
+ var objects = this._index.objects;
+ var objnames = this._index.objnames;
+ var titles = this._index.titles;
+
+ var i;
+ var results = [];
+
+ for (var prefix in objects) {
+ for (var name in objects[prefix]) {
+ var fullname = (prefix ? prefix + '.' : '') + name;
+ if (fullname.toLowerCase().indexOf(object) > -1) {
+ var score = 0;
+ var parts = fullname.split('.');
+ // check for different match types: exact matches of full name or
+ // "last name" (i.e. last dotted part)
+ if (fullname == object || parts[parts.length - 1] == object) {
+ score += Scorer.objNameMatch;
+ // matches in last name
+ } else if (parts[parts.length - 1].indexOf(object) > -1) {
+ score += Scorer.objPartialMatch;
+ }
+ var match = objects[prefix][name];
+ var objname = objnames[match[1]][2];
+ var title = titles[match[0]];
+ // If more than one term searched for, we require other words to be
+ // found in the name/title/description
+ if (otherterms.length > 0) {
+ var haystack = (prefix + ' ' + name + ' ' +
+ objname + ' ' + title).toLowerCase();
+ var allfound = true;
+ for (i = 0; i < otherterms.length; i++) {
+ if (haystack.indexOf(otherterms[i]) == -1) {
+ allfound = false;
+ break;
+ }
+ }
+ if (!allfound) {
+ continue;
+ }
+ }
+ var descr = objname + _(', in ') + title;
+
+ var anchor = match[3];
+ if (anchor === '')
+ anchor = fullname;
+ else if (anchor == '-')
+ anchor = objnames[match[1]][1] + '-' + fullname;
+ // add custom score for some objects according to scorer
+ if (Scorer.objPrio.hasOwnProperty(match[2])) {
+ score += Scorer.objPrio[match[2]];
+ } else {
+ score += Scorer.objPrioDefault;
+ }
+ results.push([docnames[match[0]], fullname, '#'+anchor, descr, score, filenames[match[0]]]);
+ }
+ }
+ }
+
+ return results;
+ },
+
+ /**
+ * search for full-text terms in the index
+ */
+ performTermsSearch : function(searchterms, excluded, terms, titleterms) {
+ var docnames = this._index.docnames;
+ var filenames = this._index.filenames;
+ var titles = this._index.titles;
+
+ var i, j, file;
+ var fileMap = {};
+ var scoreMap = {};
+ var results = [];
+
+ // perform the search on the required terms
+ for (i = 0; i < searchterms.length; i++) {
+ var word = searchterms[i];
+ var files = [];
+ var _o = [
+ {files: terms[word], score: Scorer.term},
+ {files: titleterms[word], score: Scorer.title}
+ ];
+
+ // no match but word was a required one
+ if ($u.every(_o, function(o){return o.files === undefined;})) {
+ break;
+ }
+ // found search word in contents
+ $u.each(_o, function(o) {
+ var _files = o.files;
+ if (_files === undefined)
+ return
+
+ if (_files.length === undefined)
+ _files = [_files];
+ files = files.concat(_files);
+
+ // set score for the word in each file to Scorer.term
+ for (j = 0; j < _files.length; j++) {
+ file = _files[j];
+ if (!(file in scoreMap))
+ scoreMap[file] = {}
+ scoreMap[file][word] = o.score;
+ }
+ });
+
+ // create the mapping
+ for (j = 0; j < files.length; j++) {
+ file = files[j];
+ if (file in fileMap)
+ fileMap[file].push(word);
+ else
+ fileMap[file] = [word];
+ }
+ }
+
+ // now check if the files don't contain excluded terms
+ for (file in fileMap) {
+ var valid = true;
+
+ // check if all requirements are matched
+ if (fileMap[file].length != searchterms.length)
+ continue;
+
+ // ensure that none of the excluded terms is in the search result
+ for (i = 0; i < excluded.length; i++) {
+ if (terms[excluded[i]] == file ||
+ titleterms[excluded[i]] == file ||
+ $u.contains(terms[excluded[i]] || [], file) ||
+ $u.contains(titleterms[excluded[i]] || [], file)) {
+ valid = false;
+ break;
+ }
+ }
+
+ // if we have still a valid result we can add it to the result list
+ if (valid) {
+ // select one (max) score for the file.
+ // for better ranking, we should calculate ranking by using words statistics like basic tf-idf...
+ var score = $u.max($u.map(fileMap[file], function(w){return scoreMap[file][w]}));
+ results.push([docnames[file], titles[file], '', null, score, filenames[file]]);
+ }
+ }
+ return results;
+ },
+
+ /**
+ * helper function to return a node containing the
+ * search summary for a given text. keywords is a list
+ * of stemmed words, hlwords is the list of normal, unstemmed
+ * words. the first one is used to find the occurrence, the
+ * latter for highlighting it.
+ */
+ makeSearchSummary : function(text, keywords, hlwords) {
+ var textLower = text.toLowerCase();
+ var start = 0;
+ $.each(keywords, function() {
+ var i = textLower.indexOf(this.toLowerCase());
+ if (i > -1)
+ start = i;
+ });
+ start = Math.max(start - 120, 0);
+ var excerpt = ((start > 0) ? '...' : '') +
+ $.trim(text.substr(start, 240)) +
+ ((start + 240 - text.length) ? '...' : '');
+ var rv = $('<div class="context"></div>').text(excerpt);
+ $.each(hlwords, function() {
+ rv = rv.highlightText(this, 'highlighted');
+ });
+ return rv;
+ }
+};
+
+$(document).ready(function() {
+ Search.init();
+});
\ No newline at end of file
diff --git a/docs/1.1.0/html/_static/underscore.js b/docs/1.1.0/html/_static/underscore.js
new file mode 100644
index 0000000..286f385
--- /dev/null
+++ b/docs/1.1.0/html/_static/underscore.js
@@ -0,0 +1,1563 @@
+// Underscore.js 1.8.3
+// http://underscorejs.org
+// (c) 2009-2015 Jeremy Ashkenas, DocumentCloud and Investigative Reporters & Editors
+// Underscore may be freely distributed under the MIT license.
+
+(function() {
+
+ // Baseline setup
+ // --------------
+
+ // Establish the root object, `window` in the browser, or `exports` on the server.
+ var root = this;
+
+ // Save the previous value of the `_` variable.
+ var previousUnderscore = root._;
+
+ // Save bytes in the minified (but not gzipped) version:
+ var ArrayProto = Array.prototype, ObjProto = Object.prototype, FuncProto = Function.prototype;
+
+ // Create quick reference variables for speed access to core prototypes.
+ var
+ push = ArrayProto.push,
+ slice = ArrayProto.slice,
+ toString = ObjProto.toString,
+ hasOwnProperty = ObjProto.hasOwnProperty;
+
+ // All **ECMAScript 5** native function implementations that we hope to use
+ // are declared here.
+ var
+ nativeIsArray = Array.isArray,
+ nativeKeys = Object.keys,
+ nativeBind = FuncProto.bind,
+ nativeCreate = Object.create;
+
+ // Naked function reference for surrogate-prototype-swapping.
+ var Ctor = function(){};
+
+ // Create a safe reference to the Underscore object for use below.
+ var _ = function(obj) {
+ if (obj instanceof _) return obj;
+ if (!(this instanceof _)) return new _(obj);
+ this._wrapped = obj;
+ };
+
+ // Export the Underscore object for **Node.js**, with
+ // backwards-compatibility for the old `require()` API. If we're in
+ // the browser, add `_` as a global object.
+ if (typeof exports !== 'undefined') {
+ if (typeof module !== 'undefined' && module.exports) {
+ exports = module.exports = _;
+ }
+ exports._ = _;
+ } else {
+ root._ = _;
+ }
+
+ // Current version.
+ _.VERSION = '1.8.3';
+
+ // Internal function that returns an efficient (for current engines) version
+ // of the passed-in callback, to be repeatedly applied in other Underscore
+ // functions.
+ var optimizeCb = function(func, context, argCount) {
+ if (context === void 0) return func;
+ switch (argCount == null ? 3 : argCount) {
+ case 1: return function(value) {
+ return func.call(context, value);
+ };
+ case 2: return function(value, other) {
+ return func.call(context, value, other);
+ };
+ case 3: return function(value, index, collection) {
+ return func.call(context, value, index, collection);
+ };
+ case 4: return function(accumulator, value, index, collection) {
+ return func.call(context, accumulator, value, index, collection);
+ };
+ }
+ return function() {
+ return func.apply(context, arguments);
+ };
+ };
+
+ // A mostly-internal function to generate callbacks that can be applied
+ // to each element in a collection, returning the desired result — either
+ // identity, an arbitrary callback, a property matcher, or a property accessor.
+ var cb = function(value, context, argCount) {
+ if (value == null) return _.identity;
+ if (_.isFunction(value)) return optimizeCb(value, context, argCount);
+ if (_.isObject(value)) return _.matcher(value);
+ return _.property(value);
+ };
+ _.iteratee = function(value, context) {
+ return cb(value, context, Infinity);
+ };
+
+ // An internal function for creating assigner functions.
+ var createAssigner = function(keysFunc, undefinedOnly) {
+ return function(obj) {
+ var length = arguments.length;
+ if (length < 2 || obj == null) return obj;
+ for (var index = 1; index < length; index++) {
+ var source = arguments[index],
+ keys = keysFunc(source),
+ l = keys.length;
+ for (var i = 0; i < l; i++) {
+ var key = keys[i];
+ if (!undefinedOnly || obj[key] === void 0) obj[key] = source[key];
+ }
+ }
+ return obj;
+ };
+ };
+
+ // An internal function for creating a new object that inherits from another.
+ var baseCreate = function(prototype) {
+ if (!_.isObject(prototype)) return {};
+ if (nativeCreate) return nativeCreate(prototype);
+ Ctor.prototype = prototype;
+ var result = new Ctor;
+ Ctor.prototype = null;
+ return result;
+ };
+
+ var property = function(key) {
+ return function(obj) {
+ return obj == null ? void 0 : obj[key];
+ };
+ };
+
+ // Helper for collection methods to determine whether a collection
+ // should be iterated as an array or as an object
+ // Related: http://people.mozilla.org/~jorendorff/es6-draft.html#sec-tolength
+ // Avoids a very nasty iOS 8 JIT bug on ARM-64. #2094
+ var MAX_ARRAY_INDEX = Math.pow(2, 53) - 1;
+ var getLength = property('length');
+ var isArrayLike = function(collection) {
+ var length = getLength(collection);
+ return typeof length == 'number' && length >= 0 && length <= MAX_ARRAY_INDEX;
+ };
+
+ // Collection Functions
+ // --------------------
+
+ // The cornerstone, an `each` implementation, aka `forEach`.
+ // Handles raw objects in addition to array-likes. Treats all
+ // sparse array-likes as if they were dense.
+ _.each = _.forEach = function(obj, iteratee, context) {
+ iteratee = optimizeCb(iteratee, context);
+ var i, length;
+ if (isArrayLike(obj)) {
+ for (i = 0, length = obj.length; i < length; i++) {
+ iteratee(obj[i], i, obj);
+ }
+ } else {
+ var keys = _.keys(obj);
+ for (i = 0, length = keys.length; i < length; i++) {
+ iteratee(obj[keys[i]], keys[i], obj);
+ }
+ }
+ return obj;
+ };
+
+ // Return the results of applying the iteratee to each element.
+ _.map = _.collect = function(obj, iteratee, context) {
+ iteratee = cb(iteratee, context);
+ var keys = !isArrayLike(obj) && _.keys(obj),
+ length = (keys || obj).length,
+ results = Array(length);
+ for (var index = 0; index < length; index++) {
+ var currentKey = keys ? keys[index] : index;
+ results[index] = iteratee(obj[currentKey], currentKey, obj);
+ }
+ return results;
+ };
+
+ // Create a reducing function iterating left or right.
+ function createReduce(dir) {
+ // Optimized iterator function as using arguments.length
+ // in the main function will deoptimize the, see #1991.
+ function iterator(obj, iteratee, memo, keys, index, length) {
+ for (; index >= 0 && index < length; index += dir) {
+ var currentKey = keys ? keys[index] : index;
+ memo = iteratee(memo, obj[currentKey], currentKey, obj);
+ }
+ return memo;
+ }
+
+ return function(obj, iteratee, memo, context) {
+ iteratee = optimizeCb(iteratee, context, 4);
+ var keys = !isArrayLike(obj) && _.keys(obj),
+ length = (keys || obj).length,
+ index = dir > 0 ? 0 : length - 1;
+ // Determine the initial value if none is provided.
+ if (arguments.length < 3) {
+ memo = obj[keys ? keys[index] : index];
+ index += dir;
+ }
+ return iterator(obj, iteratee, memo, keys, index, length);
+ };
+ }
+
+ // **Reduce** builds up a single result from a list of values, aka `inject`,
+ // or `foldl`.
+ _.reduce = _.foldl = _.inject = createReduce(1);
+
+ // The right-associative version of reduce, also known as `foldr`.
+ _.reduceRight = _.foldr = createReduce(-1);
+
+ // Return the first value which passes a truth test. Aliased as `detect`.
+ _.find = _.detect = function(obj, predicate, context) {
+ var key;
+ if (isArrayLike(obj)) {
+ key = _.findIndex(obj, predicate, context);
+ } else {
+ key = _.findKey(obj, predicate, context);
+ }
+ if (key !== void 0 && key !== -1) return obj[key];
+ };
+
+ // Return all the elements that pass a truth test.
+ // Aliased as `select`.
+ _.filter = _.select = function(obj, predicate, context) {
+ var results = [];
+ predicate = cb(predicate, context);
+ _.each(obj, function(value, index, list) {
+ if (predicate(value, index, list)) results.push(value);
+ });
+ return results;
+ };
+
+ // Return all the elements for which a truth test fails.
+ _.reject = function(obj, predicate, context) {
+ return _.filter(obj, _.negate(cb(predicate)), context);
+ };
+
+ // Determine whether all of the elements match a truth test.
+ // Aliased as `all`.
+ _.every = _.all = function(obj, predicate, context) {
+ predicate = cb(predicate, context);
+ var keys = !isArrayLike(obj) && _.keys(obj),
+ length = (keys || obj).length;
+ for (var index = 0; index < length; index++) {
+ var currentKey = keys ? keys[index] : index;
+ if (!predicate(obj[currentKey], currentKey, obj)) return false;
+ }
+ return true;
+ };
+
+ // Determine if at least one element in the object matches a truth test.
+ // Aliased as `any`.
+ _.some = _.any = function(obj, predicate, context) {
+ predicate = cb(predicate, context);
+ var keys = !isArrayLike(obj) && _.keys(obj),
+ length = (keys || obj).length;
+ for (var index = 0; index < length; index++) {
+ var currentKey = keys ? keys[index] : index;
+ if (predicate(obj[currentKey], currentKey, obj)) return true;
+ }
+ return false;
+ };
+
+ // Determine if the array or object contains a given item (using `===`).
+ // Aliased as `includes` and `include`.
+ _.contains = _.includes = _.include = function(obj, item, fromIndex, guard) {
+ if (!isArrayLike(obj)) obj = _.values(obj);
+ if (typeof fromIndex != 'number' || guard) fromIndex = 0;
+ return _.indexOf(obj, item, fromIndex) >= 0;
+ };
+
+ // Invoke a method (with arguments) on every item in a collection.
+ _.invoke = function(obj, method) {
+ var args = slice.call(arguments, 2);
+ var isFunc = _.isFunction(method);
+ return _.map(obj, function(value) {
+ var func = isFunc ? method : value[method];
+ return func == null ? func : func.apply(value, args);
+ });
+ };
+
+ // Convenience version of a common use case of `map`: fetching a property.
+ _.pluck = function(obj, key) {
+ return _.map(obj, _.property(key));
+ };
+
+ // Convenience version of a common use case of `filter`: selecting only objects
+ // containing specific `key:value` pairs.
+ _.where = function(obj, attrs) {
+ return _.filter(obj, _.matcher(attrs));
+ };
+
+ // Convenience version of a common use case of `find`: getting the first object
+ // containing specific `key:value` pairs.
+ _.findWhere = function(obj, attrs) {
+ return _.find(obj, _.matcher(attrs));
+ };
+
+ // Return the maximum element (or element-based computation).
+ _.max = function(obj, iteratee, context) {
+ var result = -Infinity, lastComputed = -Infinity,
+ value, computed;
+ if (iteratee == null && obj != null) {
+ obj = isArrayLike(obj) ? obj : _.values(obj);
+ for (var i = 0, length = obj.length; i < length; i++) {
+ value = obj[i];
+ if (value > result) {
+ result = value;
+ }
+ }
+ } else {
+ iteratee = cb(iteratee, context);
+ _.each(obj, function(value, index, list) {
+ computed = iteratee(value, index, list);
+ if (computed > lastComputed || computed === -Infinity && result === -Infinity) {
+ result = value;
+ lastComputed = computed;
+ }
+ });
+ }
+ return result;
+ };
+
+ // Return the minimum element (or element-based computation).
+ _.min = function(obj, iteratee, context) {
+ var result = Infinity, lastComputed = Infinity,
+ value, computed;
+ if (iteratee == null && obj != null) {
+ obj = isArrayLike(obj) ? obj : _.values(obj);
+ for (var i = 0, length = obj.length; i < length; i++) {
+ value = obj[i];
+ if (value < result) {
+ result = value;
+ }
+ }
+ } else {
+ iteratee = cb(iteratee, context);
+ _.each(obj, function(value, index, list) {
+ computed = iteratee(value, index, list);
+ if (computed < lastComputed || computed === Infinity && result === Infinity) {
+ result = value;
+ lastComputed = computed;
+ }
+ });
+ }
+ return result;
+ };
+
+ // Shuffle a collection, using the modern version of the
+ // [Fisher-Yates shuffle](http://en.wikipedia.org/wiki/Fisher–Yates_shuffle).
+ _.shuffle = function(obj) {
+ var set = isArrayLike(obj) ? obj : _.values(obj);
+ var length = set.length;
+ var shuffled = Array(length);
+ for (var index = 0, rand; index < length; index++) {
+ rand = _.random(0, index);
+ if (rand !== index) shuffled[index] = shuffled[rand];
+ shuffled[rand] = set[index];
+ }
+ return shuffled;
+ };
+
+ // Sample **n** random values from a collection.
+ // If **n** is not specified, returns a single random element.
+ // The internal `guard` argument allows it to work with `map`.
+ _.sample = function(obj, n, guard) {
+ if (n == null || guard) {
+ if (!isArrayLike(obj)) obj = _.values(obj);
+ return obj[_.random(obj.length - 1)];
+ }
+ return _.shuffle(obj).slice(0, Math.max(0, n));
+ };
+
+ // Sort the object's values by a criterion produced by an iteratee.
+ _.sortBy = function(obj, iteratee, context) {
+ iteratee = cb(iteratee, context);
+ return _.pluck(_.map(obj, function(value, index, list) {
+ return {
+ value: value,
+ index: index,
+ criteria: iteratee(value, index, list)
+ };
+ }).sort(function(left, right) {
+ var a = left.criteria;
+ var b = right.criteria;
+ if (a !== b) {
+ if (a > b || a === void 0) return 1;
+ if (a < b || b === void 0) return -1;
+ }
+ return left.index - right.index;
+ }), 'value');
+ };
+
+ // An internal function used for aggregate "group by" operations.
+ var group = function(behavior) {
+ return function(obj, iteratee, context) {
+ var result = {};
+ iteratee = cb(iteratee, context);
+ _.each(obj, function(value, index) {
+ var key = iteratee(value, index, obj);
+ behavior(result, value, key);
+ });
+ return result;
+ };
+ };
+
+ // Groups the object's values by a criterion. Pass either a string attribute
+ // to group by, or a function that returns the criterion.
+ _.groupBy = group(function(result, value, key) {
+ if (_.has(result, key)) result[key].push(value); else result[key] = [value];
+ });
+
+ // Indexes the object's values by a criterion, similar to `groupBy`, but for
+ // when you know that your index values will be unique.
+ _.indexBy = group(function(result, value, key) {
+ result[key] = value;
+ });
+
+ // Counts instances of an object that group by a certain criterion. Pass
+ // either a string attribute to count by, or a function that returns the
+ // criterion.
+ _.countBy = group(function(result, value, key) {
+ if (_.has(result, key)) result[key]++; else result[key] = 1;
+ });
+
+ // Safely create a real, live array from anything iterable.
+ _.toArray = function(obj) {
+ if (!obj) return [];
+ if (_.isArray(obj)) return slice.call(obj);
+ if (isArrayLike(obj)) return _.map(obj, _.identity);
+ return _.values(obj);
+ };
+
+ // Return the number of elements in an object.
+ _.size = function(obj) {
+ if (obj == null) return 0;
+ return isArrayLike(obj) ? obj.length : _.keys(obj).length;
+ };
+
+ // Split a collection into two arrays: one whose elements all satisfy the given
+ // predicate, and one whose elements all do not satisfy the predicate.
+ _.partition = function(obj, predicate, context) {
+ predicate = cb(predicate, context);
+ var pass = [], fail = [];
+ _.each(obj, function(value, key, obj) {
+ (predicate(value, key, obj) ? pass : fail).push(value);
+ });
+ return [pass, fail];
+ };
+
+ // Array Functions
+ // ---------------
+
+ // Get the first element of an array. Passing **n** will return the first N
+ // values in the array. Aliased as `head` and `take`. The **guard** check
+ // allows it to work with `_.map`.
+ _.first = _.head = _.take = function(array, n, guard) {
+ if (array == null) return void 0;
+ if (n == null || guard) return array[0];
+ return _.initial(array, array.length - n);
+ };
+
+ // Returns everything but the last entry of the array. Especially useful on
+ // the arguments object. Passing **n** will return all the values in
+ // the array, excluding the last N.
+ _.initial = function(array, n, guard) {
+ return slice.call(array, 0, Math.max(0, array.length - (n == null || guard ? 1 : n)));
+ };
+
+ // Get the last element of an array. Passing **n** will return the last N
+ // values in the array.
+ _.last = function(array, n, guard) {
+ if (array == null) return void 0;
+ if (n == null || guard) return array[array.length - 1];
+ return _.rest(array, Math.max(0, array.length - n));
+ };
+
+ // Returns everything but the first entry of the array. Aliased as `tail` and `drop`.
+ // Especially useful on the arguments object. Passing an **n** will return
+ // the rest N values in the array.
+ _.rest = _.tail = _.drop = function(array, n, guard) {
+ return slice.call(array, n == null || guard ? 1 : n);
+ };
+
+ // Trim out all falsy values from an array.
+ _.compact = function(array) {
+ return _.filter(array, _.identity);
+ };
+
+ // Internal implementation of a recursive `flatten` function.
+ var flatten = function(input, shallow, strict, startIndex) {
+ var output = [], idx = 0;
+ for (var i = startIndex || 0, length = getLength(input); i < length; i++) {
+ var value = input[i];
+ if (isArrayLike(value) && (_.isArray(value) || _.isArguments(value))) {
+ //flatten current level of array or arguments object
+ if (!shallow) value = flatten(value, shallow, strict);
+ var j = 0, len = value.length;
+ output.length += len;
+ while (j < len) {
+ output[idx++] = value[j++];
+ }
+ } else if (!strict) {
+ output[idx++] = value;
+ }
+ }
+ return output;
+ };
+
+ // Flatten out an array, either recursively (by default), or just one level.
+ _.flatten = function(array, shallow) {
+ return flatten(array, shallow, false);
+ };
+
+ // Return a version of the array that does not contain the specified value(s).
+ _.without = function(array) {
+ return _.difference(array, slice.call(arguments, 1));
+ };
+
+ // Produce a duplicate-free version of the array. If the array has already
+ // been sorted, you have the option of using a faster algorithm.
+ // Aliased as `unique`.
+ _.uniq = _.unique = function(array, isSorted, iteratee, context) {
+ if (!_.isBoolean(isSorted)) {
+ context = iteratee;
+ iteratee = isSorted;
+ isSorted = false;
+ }
+ if (iteratee != null) iteratee = cb(iteratee, context);
+ var result = [];
+ var seen = [];
+ for (var i = 0, length = getLength(array); i < length; i++) {
+ var value = array[i],
+ computed = iteratee ? iteratee(value, i, array) : value;
+ if (isSorted) {
+ if (!i || seen !== computed) result.push(value);
+ seen = computed;
+ } else if (iteratee) {
+ if (!_.contains(seen, computed)) {
+ seen.push(computed);
+ result.push(value);
+ }
+ } else if (!_.contains(result, value)) {
+ result.push(value);
+ }
+ }
+ return result;
+ };
+
+ // Produce an array that contains the union: each distinct element from all of
+ // the passed-in arrays.
+ _.union = function() {
+ return _.uniq(flatten(arguments, true, true));
+ };
+
+ // Produce an array that contains every item shared between all the
+ // passed-in arrays.
+ _.intersection = function(array) {
+ var result = [];
+ var argsLength = arguments.length;
+ for (var i = 0, length = getLength(array); i < length; i++) {
+ var item = array[i];
+ if (_.contains(result, item)) continue;
+ for (var j = 1; j < argsLength; j++) {
+ if (!_.contains(arguments[j], item)) break;
+ }
+ if (j === argsLength) result.push(item);
+ }
+ return result;
+ };
+
+ // Take the difference between one array and a number of other arrays.
+ // Only the elements present in just the first array will remain.
+ _.difference = function(array) {
+ var rest = flatten(arguments, true, true, 1);
+ return _.filter(array, function(value){
+ return !_.contains(rest, value);
+ });
+ };
+
+ // Zip together multiple lists into a single array -- elements that share
+ // an index go together.
+ _.zip = function() {
+ return _.unzip(arguments);
+ };
+
+ // Complement of _.zip. Unzip accepts an array of arrays and groups
+ // each array's elements on shared indices
+ _.unzip = function(array) {
+ var length = array && _.max(array, getLength).length || 0;
+ var result = Array(length);
+
+ for (var index = 0; index < length; index++) {
+ result[index] = _.pluck(array, index);
+ }
+ return result;
+ };
+
+ // Converts lists into objects. Pass either a single array of `[key, value]`
+ // pairs, or two parallel arrays of the same length -- one of keys, and one of
+ // the corresponding values.
+ _.object = function(list, values) {
+ var result = {};
+ for (var i = 0, length = getLength(list); i < length; i++) {
+ if (values) {
+ result[list[i]] = values[i];
+ } else {
+ result[list[i][0]] = list[i][1];
+ }
+ }
+ return result;
+ };
+
+ // Generator function to create the findIndex and findLastIndex functions
+ function createPredicateIndexFinder(dir) {
+ return function(array, predicate, context) {
+ predicate = cb(predicate, context);
+ var length = getLength(array);
+ var index = dir > 0 ? 0 : length - 1;
+ for (; index >= 0 && index < length; index += dir) {
+ if (predicate(array[index], index, array)) return index;
+ }
+ return -1;
+ };
+ }
+
+ // Returns the first index on an array-like that passes a predicate test
+ _.findIndex = createPredicateIndexFinder(1);
+ _.findLastIndex = createPredicateIndexFinder(-1);
+
+ // Use a comparator function to figure out the smallest index at which
+ // an object should be inserted so as to maintain order. Uses binary search.
+ _.sortedIndex = function(array, obj, iteratee, context) {
+ iteratee = cb(iteratee, context, 1);
+ var value = iteratee(obj);
+ var low = 0, high = getLength(array);
+ while (low < high) {
+ var mid = Math.floor((low + high) / 2);
+ if (iteratee(array[mid]) < value) low = mid + 1; else high = mid;
+ }
+ return low;
+ };
+
+ // Generator function to create the indexOf and lastIndexOf functions
+ function createIndexFinder(dir, predicateFind, sortedIndex) {
+ return function(array, item, idx) {
+ var i = 0, length = getLength(array);
+ if (typeof idx == 'number') {
+ if (dir > 0) {
+ i = idx >= 0 ? idx : Math.max(idx + length, i);
+ } else {
+ length = idx >= 0 ? Math.min(idx + 1, length) : idx + length + 1;
+ }
+ } else if (sortedIndex && idx && length) {
+ idx = sortedIndex(array, item);
+ return array[idx] === item ? idx : -1;
+ }
+ if (item !== item) {
+ idx = predicateFind(slice.call(array, i, length), _.isNaN);
+ return idx >= 0 ? idx + i : -1;
+ }
+ for (idx = dir > 0 ? i : length - 1; idx >= 0 && idx < length; idx += dir) {
+ if (array[idx] === item) return idx;
+ }
+ return -1;
+ };
+ }
+
+ // Return the position of the first occurrence of an item in an array,
+ // or -1 if the item is not included in the array.
+ // If the array is large and already in sort order, pass `true`
+ // for **isSorted** to use binary search.
+ _.indexOf = createIndexFinder(1, _.findIndex, _.sortedIndex);
+ _.lastIndexOf = createIndexFinder(-1, _.findLastIndex);
+
+ // Generate an integer Array containing an arithmetic progression. A port of
+ // the native Python `range()` function. See
+ // [the Python documentation](http://docs.python.org/library/functions.html#range).
+ _.range = function(start, stop, step) {
+ if (stop == null) {
+ stop = start || 0;
+ start = 0;
+ }
+ step = step || 1;
+
+ var length = Math.max(Math.ceil((stop - start) / step), 0);
+ var range = Array(length);
+
+ for (var idx = 0; idx < length; idx++, start += step) {
+ range[idx] = start;
+ }
+
+ return range;
+ };
+
+ // Function (ahem) Functions
+ // ------------------
+
+ // Determines whether to execute a function as a constructor
+ // or a normal function with the provided arguments
+ var executeBound = function(sourceFunc, boundFunc, context, callingContext, args) {
+ if (!(callingContext instanceof boundFunc)) return sourceFunc.apply(context, args);
+ var self = baseCreate(sourceFunc.prototype);
+ var result = sourceFunc.apply(self, args);
+ if (_.isObject(result)) return result;
+ return self;
+ };
+
+ // Create a function bound to a given object (assigning `this`, and arguments,
+ // optionally). Delegates to **ECMAScript 5**'s native `Function.bind` if
+ // available.
+ _.bind = function(func, context) {
+ if (nativeBind && func.bind === nativeBind) return nativeBind.apply(func, slice.call(arguments, 1));
+ if (!_.isFunction(func)) throw new TypeError('Bind must be called on a function');
+ var args = slice.call(arguments, 2);
+ var bound = function() {
+ return executeBound(func, bound, context, this, args.concat(slice.call(arguments)));
+ };
+ return bound;
+ };
+
+ // Partially apply a function by creating a version that has had some of its
+ // arguments pre-filled, without changing its dynamic `this` context. _ acts
+ // as a placeholder, allowing any combination of arguments to be pre-filled.
+ _.partial = function(func) {
+ var boundArgs = slice.call(arguments, 1);
+ var bound = function() {
+ var position = 0, length = boundArgs.length;
+ var args = Array(length);
+ for (var i = 0; i < length; i++) {
+ args[i] = boundArgs[i] === _ ? arguments[position++] : boundArgs[i];
+ }
+ while (position < arguments.length) args.push(arguments[position++]);
+ return executeBound(func, bound, this, this, args);
+ };
+ return bound;
+ };
+
+ // Bind a number of an object's methods to that object. Remaining arguments
+ // are the method names to be bound. Useful for ensuring that all callbacks
+ // defined on an object belong to it.
+ _.bindAll = function(obj) {
+ var i, length = arguments.length, key;
+ if (length <= 1) throw new Error('bindAll must be passed function names');
+ for (i = 1; i < length; i++) {
+ key = arguments[i];
+ obj[key] = _.bind(obj[key], obj);
+ }
+ return obj;
+ };
+
+ // Memoize an expensive function by storing its results.
+ _.memoize = function(func, hasher) {
+ var memoize = function(key) {
+ var cache = memoize.cache;
+ var address = '' + (hasher ? hasher.apply(this, arguments) : key);
+ if (!_.has(cache, address)) cache[address] = func.apply(this, arguments);
+ return cache[address];
+ };
+ memoize.cache = {};
+ return memoize;
+ };
+
+ // Delays a function for the given number of milliseconds, and then calls
+ // it with the arguments supplied.
+ _.delay = function(func, wait) {
+ var args = slice.call(arguments, 2);
+ return setTimeout(function(){
+ return func.apply(null, args);
+ }, wait);
+ };
+
+ // Defers a function, scheduling it to run after the current call stack has
+ // cleared.
+ _.defer = _.partial(_.delay, _, 1);
+
+ // Returns a function, that, when invoked, will only be triggered at most once
+ // during a given window of time. Normally, the throttled function will run
+ // as much as it can, without ever going more than once per `wait` duration;
+ // but if you'd like to disable the execution on the leading edge, pass
+ // `{leading: false}`. To disable execution on the trailing edge, ditto.
+ _.throttle = function(func, wait, options) {
+ var context, args, result;
+ var timeout = null;
+ var previous = 0;
+ if (!options) options = {};
+ var later = function() {
+ previous = options.leading === false ? 0 : _.now();
+ timeout = null;
+ result = func.apply(context, args);
+ if (!timeout) context = args = null;
+ };
+ return function() {
+ var now = _.now();
+ if (!previous && options.leading === false) previous = now;
+ var remaining = wait - (now - previous);
+ context = this;
+ args = arguments;
+ if (remaining <= 0 || remaining > wait) {
+ if (timeout) {
+ clearTimeout(timeout);
+ timeout = null;
+ }
+ previous = now;
+ result = func.apply(context, args);
+ if (!timeout) context = args = null;
+ } else if (!timeout && options.trailing !== false) {
+ timeout = setTimeout(later, remaining);
+ }
+ return result;
+ };
+ };
+
+ // Returns a function, that, as long as it continues to be invoked, will not
+ // be triggered. The function will be called after it stops being called for
+ // N milliseconds. If `immediate` is passed, trigger the function on the
+ // leading edge, instead of the trailing.
+ _.debounce = function(func, wait, immediate) {
+ var timeout, args, context, timestamp, result;
+
+ var later = function() {
+ var last = _.now() - timestamp;
+
+ if (last < wait && last >= 0) {
+ timeout = setTimeout(later, wait - last);
+ } else {
+ timeout = null;
+ if (!immediate) {
+ result = func.apply(context, args);
+ if (!timeout) context = args = null;
+ }
+ }
+ };
+
+ return function() {
+ context = this;
+ args = arguments;
+ timestamp = _.now();
+ var callNow = immediate && !timeout;
+ if (!timeout) timeout = setTimeout(later, wait);
+ if (callNow) {
+ result = func.apply(context, args);
+ context = args = null;
+ }
+
+ return result;
+ };
+ };
+
+ // Returns the first function passed as an argument to the second,
+ // allowing you to adjust arguments, run code before and after, and
+ // conditionally execute the original function.
+ _.wrap = function(func, wrapper) {
+ return _.partial(wrapper, func);
+ };
+
+ // Returns a negated version of the passed-in predicate.
+ _.negate = function(predicate) {
+ return function() {
+ return !predicate.apply(this, arguments);
+ };
+ };
+
+ // Returns a function that is the composition of a list of functions, each
+ // consuming the return value of the function that follows.
+ _.compose = function() {
+ var args = arguments;
+ var start = args.length - 1;
+ return function() {
+ var i = start;
+ var result = args[start].apply(this, arguments);
+ while (i--) result = args[i].call(this, result);
+ return result;
+ };
+ };
+
+ // Returns a function that will only be executed on and after the Nth call.
+ _.after = function(times, func) {
+ return function() {
+ if (--times < 1) {
+ return func.apply(this, arguments);
+ }
+ };
+ };
+
+ // Returns a function that will only be executed up to (but not including) the Nth call.
+ _.before = function(times, func) {
+ var memo;
+ return function() {
+ if (--times > 0) {
+ memo = func.apply(this, arguments);
+ }
+ if (times <= 1) func = null;
+ return memo;
+ };
+ };
+
+ // Returns a function that will be executed at most one time, no matter how
+ // often you call it. Useful for lazy initialization.
+ _.once = _.partial(_.before, 2);
+
+ // Object Functions
+ // ----------------
+
+ // Keys in IE < 9 that won't be iterated by `for key in ...` and thus missed.
+ var hasEnumBug = !{toString: null}.propertyIsEnumerable('toString');
+ var nonEnumerableProps = ['valueOf', 'isPrototypeOf', 'toString',
+ 'propertyIsEnumerable', 'hasOwnProperty', 'toLocaleString'];
+
+ function collectNonEnumProps(obj, keys) {
+ var nonEnumIdx = nonEnumerableProps.length;
+ var constructor = obj.constructor;
+ var proto = (_.isFunction(constructor) && constructor.prototype) || ObjProto;
+
+ // Constructor is a special case.
+ var prop = 'constructor';
+ if (_.has(obj, prop) && !_.contains(keys, prop)) keys.push(prop);
+
+ while (nonEnumIdx--) {
+ prop = nonEnumerableProps[nonEnumIdx];
+ if (prop in obj && obj[prop] !== proto[prop] && !_.contains(keys, prop)) {
+ keys.push(prop);
+ }
+ }
+ }
+
+ // Retrieve the names of an object's own properties.
+ // Delegates to **ECMAScript 5**'s native `Object.keys`
+ _.keys = function(obj) {
+ if (!_.isObject(obj)) return [];
+ if (nativeKeys) return nativeKeys(obj);
+ var keys = [];
+ for (var key in obj) if (_.has(obj, key)) keys.push(key);
+ // Ahem, IE < 9.
+ if (hasEnumBug) collectNonEnumProps(obj, keys);
+ return keys;
+ };
+
+ // Retrieve all the property names of an object.
+ _.allKeys = function(obj) {
+ if (!_.isObject(obj)) return [];
+ var keys = [];
+ for (var key in obj) keys.push(key);
+ // Ahem, IE < 9.
+ if (hasEnumBug) collectNonEnumProps(obj, keys);
+ return keys;
+ };
+
+ // Retrieve the values of an object's properties.
+ _.values = function(obj) {
+ var keys = _.keys(obj);
+ var length = keys.length;
+ var values = Array(length);
+ for (var i = 0; i < length; i++) {
+ values[i] = obj[keys[i]];
+ }
+ return values;
+ };
+
+ // Returns the results of applying the iteratee to each element of the object
+ // In contrast to _.map it returns an object
+ _.mapObject = function(obj, iteratee, context) {
+ iteratee = cb(iteratee, context);
+ var keys = _.keys(obj),
+ length = keys.length,
+ results = {},
+ currentKey;
+ for (var index = 0; index < length; index++) {
+ currentKey = keys[index];
+ results[currentKey] = iteratee(obj[currentKey], currentKey, obj);
+ }
+ return results;
+ };
+
+ // Convert an object into a list of `[key, value]` pairs.
+ _.pairs = function(obj) {
+ var keys = _.keys(obj);
+ var length = keys.length;
+ var pairs = Array(length);
+ for (var i = 0; i < length; i++) {
+ pairs[i] = [keys[i], obj[keys[i]]];
+ }
+ return pairs;
+ };
+
+ // Invert the keys and values of an object. The values must be serializable.
+ _.invert = function(obj) {
+ var result = {};
+ var keys = _.keys(obj);
+ for (var i = 0, length = keys.length; i < length; i++) {
+ result[obj[keys[i]]] = keys[i];
+ }
+ return result;
+ };
+
+ // Return a sorted list of the function names available on the object.
+ // Aliased as `methods`
+ _.functions = _.methods = function(obj) {
+ var names = [];
+ for (var key in obj) {
+ if (_.isFunction(obj[key])) names.push(key);
+ }
+ return names.sort();
+ };
+
+ // Extend a given object with all the properties in passed-in object(s).
+ _.extend = createAssigner(_.allKeys);
+
+ // Assigns a given object with all the own properties in the passed-in object(s)
+ // (https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Object/assign)
+ _.extendOwn = _.assign = createAssigner(_.keys);
+
+ // Returns the first key on an object that passes a predicate test
+ _.findKey = function(obj, predicate, context) {
+ predicate = cb(predicate, context);
+ var keys = _.keys(obj), key;
+ for (var i = 0, length = keys.length; i < length; i++) {
+ key = keys[i];
+ if (predicate(obj[key], key, obj)) return key;
+ }
+ };
+
+ // Return a copy of the object only containing the whitelisted properties.
+ _.pick = function(object, oiteratee, context) {
+ var result = {}, obj = object, iteratee, keys;
+ if (obj == null) return result;
+ if (_.isFunction(oiteratee)) {
+ keys = _.allKeys(obj);
+ iteratee = optimizeCb(oiteratee, context);
+ } else {
+ keys = flatten(arguments, false, false, 1);
+ iteratee = function(value, key, obj) { return key in obj; };
+ obj = Object(obj);
+ }
+ for (var i = 0, length = keys.length; i < length; i++) {
+ var key = keys[i];
+ var value = obj[key];
+ if (iteratee(value, key, obj)) result[key] = value;
+ }
+ return result;
+ };
+
+ // Return a copy of the object without the blacklisted properties.
+ _.omit = function(obj, iteratee, context) {
+ if (_.isFunction(iteratee)) {
+ iteratee = _.negate(iteratee);
+ } else {
+ var keys = _.map(flatten(arguments, false, false, 1), String);
+ iteratee = function(value, key) {
+ return !_.contains(keys, key);
+ };
+ }
+ return _.pick(obj, iteratee, context);
+ };
+
+ // Fill in a given object with default properties.
+ _.defaults = createAssigner(_.allKeys, true);
+
+ // Creates an object that inherits from the given prototype object.
+ // If additional properties are provided then they will be added to the
+ // created object.
+ _.create = function(prototype, props) {
+ var result = baseCreate(prototype);
+ if (props) _.extendOwn(result, props);
+ return result;
+ };
+
+ // Create a (shallow-cloned) duplicate of an object.
+ _.clone = function(obj) {
+ if (!_.isObject(obj)) return obj;
+ return _.isArray(obj) ? obj.slice() : _.extend({}, obj);
+ };
+
+ // Invokes interceptor with the obj, and then returns obj.
+ // The primary purpose of this method is to "tap into" a method chain, in
+ // order to perform operations on intermediate results within the chain.
+ _.tap = function(obj, interceptor) {
+ interceptor(obj);
+ return obj;
+ };
+
+ // Returns whether an object has a given set of `key:value` pairs.
+ _.isMatch = function(object, attrs) {
+ var keys = _.keys(attrs), length = keys.length;
+ if (object == null) return !length;
+ var obj = Object(object);
+ for (var i = 0; i < length; i++) {
+ var key = keys[i];
+ if (attrs[key] !== obj[key] || !(key in obj)) return false;
+ }
+ return true;
+ };
+
+
+ // Internal recursive comparison function for `isEqual`.
+ var eq = function(a, b, aStack, bStack) {
+ // Identical objects are equal. `0 === -0`, but they aren't identical.
+ // See the [Harmony `egal` proposal](http://wiki.ecmascript.org/doku.php?id=harmony:egal).
+ if (a === b) return a !== 0 || 1 / a === 1 / b;
+ // A strict comparison is necessary because `null == undefined`.
+ if (a == null || b == null) return a === b;
+ // Unwrap any wrapped objects.
+ if (a instanceof _) a = a._wrapped;
+ if (b instanceof _) b = b._wrapped;
+ // Compare `[[Class]]` names.
+ var className = toString.call(a);
+ if (className !== toString.call(b)) return false;
+ switch (className) {
+ // Strings, numbers, regular expressions, dates, and booleans are compared by value.
+ case '[object RegExp]':
+ // RegExps are coerced to strings for comparison (Note: '' + /a/i === '/a/i')
+ case '[object String]':
+ // Primitives and their corresponding object wrappers are equivalent; thus, `"5"` is
+ // equivalent to `new String("5")`.
+ return '' + a === '' + b;
+ case '[object Number]':
+ // `NaN`s are equivalent, but non-reflexive.
+ // Object(NaN) is equivalent to NaN
+ if (+a !== +a) return +b !== +b;
+ // An `egal` comparison is performed for other numeric values.
+ return +a === 0 ? 1 / +a === 1 / b : +a === +b;
+ case '[object Date]':
+ case '[object Boolean]':
+ // Coerce dates and booleans to numeric primitive values. Dates are compared by their
+ // millisecond representations. Note that invalid dates with millisecond representations
+ // of `NaN` are not equivalent.
+ return +a === +b;
+ }
+
+ var areArrays = className === '[object Array]';
+ if (!areArrays) {
+ if (typeof a != 'object' || typeof b != 'object') return false;
+
+ // Objects with different constructors are not equivalent, but `Object`s or `Array`s
+ // from different frames are.
+ var aCtor = a.constructor, bCtor = b.constructor;
+ if (aCtor !== bCtor && !(_.isFunction(aCtor) && aCtor instanceof aCtor &&
+ _.isFunction(bCtor) && bCtor instanceof bCtor)
+ && ('constructor' in a && 'constructor' in b)) {
+ return false;
+ }
+ }
+ // Assume equality for cyclic structures. The algorithm for detecting cyclic
+ // structures is adapted from ES 5.1 section 15.12.3, abstract operation `JO`.
+
+ // Initializing stack of traversed objects.
+ // It's done here since we only need them for objects and arrays comparison.
+ aStack = aStack || [];
+ bStack = bStack || [];
+ var length = aStack.length;
+ while (length--) {
+ // Linear search. Performance is inversely proportional to the number of
+ // unique nested structures.
+ if (aStack[length] === a) return bStack[length] === b;
+ }
+
+ // Add the first object to the stack of traversed objects.
+ aStack.push(a);
+ bStack.push(b);
+
+ // Recursively compare objects and arrays.
+ if (areArrays) {
+ // Compare array lengths to determine if a deep comparison is necessary.
+ length = a.length;
+ if (length !== b.length) return false;
+ // Deep compare the contents, ignoring non-numeric properties.
+ while (length--) {
+ if (!eq(a[length], b[length], aStack, bStack)) return false;
+ }
+ } else {
+ // Deep compare objects.
+ var keys = _.keys(a), key;
+ length = keys.length;
+ // Ensure that both objects contain the same number of properties before comparing deep equality.
+ if (_.keys(b).length !== length) return false;
+ while (length--) {
+ // Deep compare each member
+ key = keys[length];
+ if (!(_.has(b, key) && eq(a[key], b[key], aStack, bStack))) return false;
+ }
+ }
+ // Remove the first object from the stack of traversed objects.
+ aStack.pop();
+ bStack.pop();
+ return true;
+ };
+
+ // Perform a deep comparison to check if two objects are equal.
+ _.isEqual = function(a, b) {
+ return eq(a, b);
+ };
+
+ // Is a given array, string, or object empty?
+ // An "empty" object has no enumerable own-properties.
+ _.isEmpty = function(obj) {
+ if (obj == null) return true;
+ if (isArrayLike(obj) && (_.isArray(obj) || _.isString(obj) || _.isArguments(obj))) return obj.length === 0;
+ return _.keys(obj).length === 0;
+ };
+
+ // Is a given value a DOM element?
+ _.isElement = function(obj) {
+ return !!(obj && obj.nodeType === 1);
+ };
+
+ // Is a given value an array?
+ // Delegates to ECMA5's native Array.isArray
+ _.isArray = nativeIsArray || function(obj) {
+ return toString.call(obj) === '[object Array]';
+ };
+
+ // Is a given variable an object?
+ _.isObject = function(obj) {
+ var type = typeof obj;
+ return type === 'function' || type === 'object' && !!obj;
+ };
+
+ // Add some isType methods: isArguments, isFunction, isString, isNumber, isDate, isRegExp, isError.
+ _.each(['Arguments', 'Function', 'String', 'Number', 'Date', 'RegExp', 'Error'], function(name) {
+ _['is' + name] = function(obj) {
+ return toString.call(obj) === '[object ' + name + ']';
+ };
+ });
+
+ // Define a fallback version of the method in browsers (ahem, IE < 9), where
+ // there isn't any inspectable "Arguments" type.
+ if (!_.isArguments(arguments)) {
+ _.isArguments = function(obj) {
+ return _.has(obj, 'callee');
+ };
+ }
+
+ // Optimize `isFunction` if appropriate. Work around some typeof bugs in old v8,
+ // IE 11 (#1621), and in Safari 8 (#1929).
+ if (typeof /./ != 'function' && typeof Int8Array != 'object') {
+ _.isFunction = function(obj) {
+ return typeof obj == 'function' || false;
+ };
+ }
+
+ // Is a given object a finite number?
+ _.isFinite = function(obj) {
+ return isFinite(obj) && !isNaN(parseFloat(obj));
+ };
+
+ // Is the given value `NaN`? (NaN is the only number which does not equal itself).
+ _.isNaN = function(obj) {
+ return _.isNumber(obj) && obj !== +obj;
+ };
+
+ // Is a given value a boolean?
+ _.isBoolean = function(obj) {
+ return obj === true || obj === false || toString.call(obj) === '[object Boolean]';
+ };
+
+ // Is a given value equal to null?
+ _.isNull = function(obj) {
+ return obj === null;
+ };
+
+ // Is a given variable undefined?
+ _.isUndefined = function(obj) {
+ return obj === void 0;
+ };
+
+ // Shortcut function for checking if an object has a given property directly
+ // on itself (in other words, not on a prototype).
+ _.has = function(obj, key) {
+ return obj != null && hasOwnProperty.call(obj, key);
+ };
+
+ // Utility Functions
+ // -----------------
+
+ // Run Underscore.js in *noConflict* mode, returning the `_` variable to its
+ // previous owner. Returns a reference to the Underscore object.
+ _.noConflict = function() {
+ root._ = previousUnderscore;
+ return this;
+ };
+
+ // Keep the identity function around for default iteratees.
+ _.identity = function(value) {
+ return value;
+ };
+
+ // Predicate-generating functions. Often useful outside of Underscore.
+ _.constant = function(value) {
+ return function() {
+ return value;
+ };
+ };
+
+ _.noop = function(){};
+
+ _.property = property;
+
+ // Generates a function for a given object that returns a given property.
+ _.propertyOf = function(obj) {
+ return obj == null ? function(){} : function(key) {
+ return obj[key];
+ };
+ };
+
+ // Returns a predicate for checking whether an object has a given set of
+ // `key:value` pairs.
+ _.matcher = _.matches = function(attrs) {
+ attrs = _.extendOwn({}, attrs);
+ return function(obj) {
+ return _.isMatch(obj, attrs);
+ };
+ };
+
+ // Run a function **n** times.
+ _.times = function(n, iteratee, context) {
+ var accum = Array(Math.max(0, n));
+ iteratee = optimizeCb(iteratee, context, 1);
+ for (var i = 0; i < n; i++) accum[i] = iteratee(i);
+ return accum;
+ };
+
+ // Return a random integer between min and max (inclusive).
+ _.random = function(min, max) {
+ if (max == null) {
+ max = min;
+ min = 0;
+ }
+ return min + Math.floor(Math.random() * (max - min + 1));
+ };
+
+ // A (possibly faster) way to get the current timestamp as an integer.
+ _.now = Date.now || function() {
+ return new Date().getTime();
+ };
+
+ // List of HTML entities for escaping.
+ var escapeMap = {
+ '&': '&',
+ '<': '<',
+ '>': '>',
+ '"': '"',
+ "'": ''',
+ '`': '`'
+ };
+ var unescapeMap = _.invert(escapeMap);
+
+ // Functions for escaping and unescaping strings to/from HTML interpolation.
+ var createEscaper = function(map) {
+ var escaper = function(match) {
+ return map[match];
+ };
+ // Regexes for identifying a key that needs to be escaped
+ var source = '(?:' + _.keys(map).join('|') + ')';
+ var testRegexp = RegExp(source);
+ var replaceRegexp = RegExp(source, 'g');
+ return function(string) {
+ string = string == null ? '' : '' + string;
+ return testRegexp.test(string) ? string.replace(replaceRegexp, escaper) : string;
+ };
+ };
+ _.escape = createEscaper(escapeMap);
+ _.unescape = createEscaper(unescapeMap);
+
+ // If the value of the named `property` is a function then invoke it with the
+ // `object` as context; otherwise, return it.
+ _.result = function(object, property, fallback) {
+ var value = object == null ? void 0 : object[property];
+ if (value === void 0) {
+ value = fallback;
+ }
+ return _.isFunction(value) ? value.call(object) : value;
+ };
+
+ // Generate a unique integer id (unique within the entire client session).
+ // Useful for temporary DOM ids.
+ var idCounter = 0;
+ _.uniqueId = function(prefix) {
+ var id = ++idCounter + '';
+ return prefix ? prefix + id : id;
+ };
+
+ // By default, Underscore uses ERB-style template delimiters, change the
+ // following template settings to use alternative delimiters.
+ _.templateSettings = {
+ evaluate : /<%([\s\S]+?)%>/g,
+ interpolate : /<%=([\s\S]+?)%>/g,
+ escape : /<%-([\s\S]+?)%>/g
+ };
+
+ // When customizing `templateSettings`, if you don't want to define an
+ // interpolation, evaluation or escaping regex, we need one that is
+ // guaranteed not to match.
+ var noMatch = /(.)^/;
+
+ // Certain characters need to be escaped so that they can be put into a
+ // string literal.
+ var escapes = {
+ "'": "'",
+ '\\': '\\',
+ '\r': 'r',
+ '\n': 'n',
+ '\u2028': 'u2028',
+ '\u2029': 'u2029'
+ };
+
+ var escaper = /\\|'|\r|\n|\u2028|\u2029/g;
+
+ var escapeChar = function(match) {
+ return '\\' + escapes[match];
+ };
+
+ // In order to prevent third-party code injection through
+ // `_.templateSettings.variable`, we test it against the following regular
+ // expression. It is intentionally a bit more liberal than just matching valid
+ // identifiers, but still prevents possible loopholes through defaults or
+ // destructuring assignment.
+ var bareIdentifier = /^\s*(\w|\$)+\s*$/;
+
+ // JavaScript micro-templating, similar to John Resig's implementation.
+ // Underscore templating handles arbitrary delimiters, preserves whitespace,
+ // and correctly escapes quotes within interpolated code.
+ // NB: `oldSettings` only exists for backwards compatibility.
+ _.template = function(text, settings, oldSettings) {
+ if (!settings && oldSettings) settings = oldSettings;
+ settings = _.defaults({}, settings, _.templateSettings);
+
+ // Combine delimiters into one regular expression via alternation.
+ var matcher = RegExp([
+ (settings.escape || noMatch).source,
+ (settings.interpolate || noMatch).source,
+ (settings.evaluate || noMatch).source
+ ].join('|') + '|$', 'g');
+
+ // Compile the template source, escaping string literals appropriately.
+ var index = 0;
+ var source = "__p+='";
+ text.replace(matcher, function(match, escape, interpolate, evaluate, offset) {
+ source += text.slice(index, offset).replace(escaper, escapeChar);
+ index = offset + match.length;
+
+ if (escape) {
+ source += "'+\n((__t=(" + escape + "))==null?'':_.escape(__t))+\n'";
+ } else if (interpolate) {
+ source += "'+\n((__t=(" + interpolate + "))==null?'':__t)+\n'";
+ } else if (evaluate) {
+ source += "';\n" + evaluate + "\n__p+='";
+ }
+
+ // Adobe VMs need the match returned to produce the correct offest.
+ return match;
+ });
+ source += "';\n";
+
+ var argument = settings.variable;
+ if (argument) {
+ // Insure against third-party code injection.
+ if (!bareIdentifier.test(argument)) throw new Error(
+ 'variable is not a bare identifier: ' + argument
+ );
+ } else {
+ // If a variable is not specified, place data values in local scope.
+ source = 'with(obj||{}){\n' + source + '}\n';
+ argument = 'obj';
+ }
+
+ source = "var __t,__p='',__j=Array.prototype.join," +
+ "print=function(){__p+=__j.call(arguments,'');};\n" +
+ source + 'return __p;\n';
+
+ try {
+ render = new Function(argument, '_', source);
+ } catch (e) {
+ e.source = source;
+ throw e;
+ }
+
+ var template = function(data) {
+ return render.call(this, data, _);
+ };
+
+ // Provide the compiled source as a convenience for precompilation.
+ template.source = 'function(' + argument + '){\n' + source + '}';
+
+ return template;
+ };
+
+ // Add a "chain" function. Start chaining a wrapped Underscore object.
+ _.chain = function(obj) {
+ var instance = _(obj);
+ instance._chain = true;
+ return instance;
+ };
+
+ // OOP
+ // ---------------
+ // If Underscore is called as a function, it returns a wrapped object that
+ // can be used OO-style. This wrapper holds altered versions of all the
+ // underscore functions. Wrapped objects may be chained.
+
+ // Helper function to continue chaining intermediate results.
+ var result = function(instance, obj) {
+ return instance._chain ? _(obj).chain() : obj;
+ };
+
+ // Add your own custom functions to the Underscore object.
+ _.mixin = function(obj) {
+ _.each(_.functions(obj), function(name) {
+ var func = _[name] = obj[name];
+ _.prototype[name] = function() {
+ var args = [this._wrapped];
+ push.apply(args, arguments);
+ return result(this, func.apply(_, args));
+ };
+ });
+ };
+
+ // Add all of the Underscore functions to the wrapper object.
+ _.mixin(_);
+
+ // Add all mutator Array functions to the wrapper.
+ _.each(['pop', 'push', 'reverse', 'shift', 'sort', 'splice', 'unshift'], function(name) {
+ var method = ArrayProto[name];
+ _.prototype[name] = function() {
+ var obj = this._wrapped;
+ method.apply(obj, arguments);
+ if ((name === 'shift' || name === 'splice') && obj.length === 0) delete obj[0];
+ return result(this, obj);
+ };
+ });
+
+ // Add all accessor Array functions to the wrapper.
+ _.each(['concat', 'join', 'slice'], function(name) {
+ var method = ArrayProto[name];
+ _.prototype[name] = function() {
+ return result(this, method.apply(this._wrapped, arguments));
+ };
+ });
+
+ // Extracts the result from a wrapped and chained object.
+ _.prototype.value = function() {
+ return this._wrapped;
+ };
+
+ // Provide unwrapping proxy for some methods used in engine operations
+ // such as arithmetic and JSON stringification.
+ _.prototype.valueOf = _.prototype.toJSON = _.prototype.value;
+
+ _.prototype.toString = function() {
+ return '' + this._wrapped;
+ };
+
+ // AMD registration happens at the end for compatibility with AMD loaders
+ // that may not enforce next-turn semantics on modules. Even though general
+ // practice for AMD registration is to be anonymous, underscore registers
+ // as a named module because, like jQuery, it is a base library that is
+ // popular enough to be bundled in a third party lib, but not be part of
+ // an AMD load request. Those cases could generate an error when an
+ // anonymous define() is called outside of a loader request.
+ if (typeof define === 'function' && define.amd) {
+ define('underscore', [], function() {
+ return _;
+ });
+ }
+}.call(this));
diff --git a/docs/1.1.0/html/_static/up-pressed.png b/docs/1.1.0/html/_static/up-pressed.png
new file mode 100644
index 0000000..acee3b6
--- /dev/null
+++ b/docs/1.1.0/html/_static/up-pressed.png
Binary files differ
diff --git a/docs/1.1.0/html/_static/up.png b/docs/1.1.0/html/_static/up.png
new file mode 100644
index 0000000..2a940a7
--- /dev/null
+++ b/docs/1.1.0/html/_static/up.png
Binary files differ
diff --git a/docs/1.1.0/html/_static/websupport.js b/docs/1.1.0/html/_static/websupport.js
new file mode 100644
index 0000000..79b18e3
--- /dev/null
+++ b/docs/1.1.0/html/_static/websupport.js
@@ -0,0 +1,808 @@
+/*
+ * websupport.js
+ * ~~~~~~~~~~~~~
+ *
+ * sphinx.websupport utilities for all documentation.
+ *
+ * :copyright: Copyright 2007-2018 by the Sphinx team, see AUTHORS.
+ * :license: BSD, see LICENSE for details.
+ *
+ */
+
+(function($) {
+ $.fn.autogrow = function() {
+ return this.each(function() {
+ var textarea = this;
+
+ $.fn.autogrow.resize(textarea);
+
+ $(textarea)
+ .focus(function() {
+ textarea.interval = setInterval(function() {
+ $.fn.autogrow.resize(textarea);
+ }, 500);
+ })
+ .blur(function() {
+ clearInterval(textarea.interval);
+ });
+ });
+ };
+
+ $.fn.autogrow.resize = function(textarea) {
+ var lineHeight = parseInt($(textarea).css('line-height'), 10);
+ var lines = textarea.value.split('\n');
+ var columns = textarea.cols;
+ var lineCount = 0;
+ $.each(lines, function() {
+ lineCount += Math.ceil(this.length / columns) || 1;
+ });
+ var height = lineHeight * (lineCount + 1);
+ $(textarea).css('height', height);
+ };
+})(jQuery);
+
+(function($) {
+ var comp, by;
+
+ function init() {
+ initEvents();
+ initComparator();
+ }
+
+ function initEvents() {
+ $(document).on("click", 'a.comment-close', function(event) {
+ event.preventDefault();
+ hide($(this).attr('id').substring(2));
+ });
+ $(document).on("click", 'a.vote', function(event) {
+ event.preventDefault();
+ handleVote($(this));
+ });
+ $(document).on("click", 'a.reply', function(event) {
+ event.preventDefault();
+ openReply($(this).attr('id').substring(2));
+ });
+ $(document).on("click", 'a.close-reply', function(event) {
+ event.preventDefault();
+ closeReply($(this).attr('id').substring(2));
+ });
+ $(document).on("click", 'a.sort-option', function(event) {
+ event.preventDefault();
+ handleReSort($(this));
+ });
+ $(document).on("click", 'a.show-proposal', function(event) {
+ event.preventDefault();
+ showProposal($(this).attr('id').substring(2));
+ });
+ $(document).on("click", 'a.hide-proposal', function(event) {
+ event.preventDefault();
+ hideProposal($(this).attr('id').substring(2));
+ });
+ $(document).on("click", 'a.show-propose-change', function(event) {
+ event.preventDefault();
+ showProposeChange($(this).attr('id').substring(2));
+ });
+ $(document).on("click", 'a.hide-propose-change', function(event) {
+ event.preventDefault();
+ hideProposeChange($(this).attr('id').substring(2));
+ });
+ $(document).on("click", 'a.accept-comment', function(event) {
+ event.preventDefault();
+ acceptComment($(this).attr('id').substring(2));
+ });
+ $(document).on("click", 'a.delete-comment', function(event) {
+ event.preventDefault();
+ deleteComment($(this).attr('id').substring(2));
+ });
+ $(document).on("click", 'a.comment-markup', function(event) {
+ event.preventDefault();
+ toggleCommentMarkupBox($(this).attr('id').substring(2));
+ });
+ }
+
+ /**
+ * Set comp, which is a comparator function used for sorting and
+ * inserting comments into the list.
+ */
+ function setComparator() {
+ // If the first three letters are "asc", sort in ascending order
+ // and remove the prefix.
+ if (by.substring(0,3) == 'asc') {
+ var i = by.substring(3);
+ comp = function(a, b) { return a[i] - b[i]; };
+ } else {
+ // Otherwise sort in descending order.
+ comp = function(a, b) { return b[by] - a[by]; };
+ }
+
+ // Reset link styles and format the selected sort option.
+ $('a.sel').attr('href', '#').removeClass('sel');
+ $('a.by' + by).removeAttr('href').addClass('sel');
+ }
+
+ /**
+ * Create a comp function. If the user has preferences stored in
+ * the sortBy cookie, use those, otherwise use the default.
+ */
+ function initComparator() {
+ by = 'rating'; // Default to sort by rating.
+ // If the sortBy cookie is set, use that instead.
+ if (document.cookie.length > 0) {
+ var start = document.cookie.indexOf('sortBy=');
+ if (start != -1) {
+ start = start + 7;
+ var end = document.cookie.indexOf(";", start);
+ if (end == -1) {
+ end = document.cookie.length;
+ by = unescape(document.cookie.substring(start, end));
+ }
+ }
+ }
+ setComparator();
+ }
+
+ /**
+ * Show a comment div.
+ */
+ function show(id) {
+ $('#ao' + id).hide();
+ $('#ah' + id).show();
+ var context = $.extend({id: id}, opts);
+ var popup = $(renderTemplate(popupTemplate, context)).hide();
+ popup.find('textarea[name="proposal"]').hide();
+ popup.find('a.by' + by).addClass('sel');
+ var form = popup.find('#cf' + id);
+ form.submit(function(event) {
+ event.preventDefault();
+ addComment(form);
+ });
+ $('#s' + id).after(popup);
+ popup.slideDown('fast', function() {
+ getComments(id);
+ });
+ }
+
+ /**
+ * Hide a comment div.
+ */
+ function hide(id) {
+ $('#ah' + id).hide();
+ $('#ao' + id).show();
+ var div = $('#sc' + id);
+ div.slideUp('fast', function() {
+ div.remove();
+ });
+ }
+
+ /**
+ * Perform an ajax request to get comments for a node
+ * and insert the comments into the comments tree.
+ */
+ function getComments(id) {
+ $.ajax({
+ type: 'GET',
+ url: opts.getCommentsURL,
+ data: {node: id},
+ success: function(data, textStatus, request) {
+ var ul = $('#cl' + id);
+ var speed = 100;
+ $('#cf' + id)
+ .find('textarea[name="proposal"]')
+ .data('source', data.source);
+
+ if (data.comments.length === 0) {
+ ul.html('<li>No comments yet.</li>');
+ ul.data('empty', true);
+ } else {
+ // If there are comments, sort them and put them in the list.
+ var comments = sortComments(data.comments);
+ speed = data.comments.length * 100;
+ appendComments(comments, ul);
+ ul.data('empty', false);
+ }
+ $('#cn' + id).slideUp(speed + 200);
+ ul.slideDown(speed);
+ },
+ error: function(request, textStatus, error) {
+ showError('Oops, there was a problem retrieving the comments.');
+ },
+ dataType: 'json'
+ });
+ }
+
+ /**
+ * Add a comment via ajax and insert the comment into the comment tree.
+ */
+ function addComment(form) {
+ var node_id = form.find('input[name="node"]').val();
+ var parent_id = form.find('input[name="parent"]').val();
+ var text = form.find('textarea[name="comment"]').val();
+ var proposal = form.find('textarea[name="proposal"]').val();
+
+ if (text == '') {
+ showError('Please enter a comment.');
+ return;
+ }
+
+ // Disable the form that is being submitted.
+ form.find('textarea,input').attr('disabled', 'disabled');
+
+ // Send the comment to the server.
+ $.ajax({
+ type: "POST",
+ url: opts.addCommentURL,
+ dataType: 'json',
+ data: {
+ node: node_id,
+ parent: parent_id,
+ text: text,
+ proposal: proposal
+ },
+ success: function(data, textStatus, error) {
+ // Reset the form.
+ if (node_id) {
+ hideProposeChange(node_id);
+ }
+ form.find('textarea')
+ .val('')
+ .add(form.find('input'))
+ .removeAttr('disabled');
+ var ul = $('#cl' + (node_id || parent_id));
+ if (ul.data('empty')) {
+ $(ul).empty();
+ ul.data('empty', false);
+ }
+ insertComment(data.comment);
+ var ao = $('#ao' + node_id);
+ ao.find('img').attr({'src': opts.commentBrightImage});
+ if (node_id) {
+ // if this was a "root" comment, remove the commenting box
+ // (the user can get it back by reopening the comment popup)
+ $('#ca' + node_id).slideUp();
+ }
+ },
+ error: function(request, textStatus, error) {
+ form.find('textarea,input').removeAttr('disabled');
+ showError('Oops, there was a problem adding the comment.');
+ }
+ });
+ }
+
+ /**
+ * Recursively append comments to the main comment list and children
+ * lists, creating the comment tree.
+ */
+ function appendComments(comments, ul) {
+ $.each(comments, function() {
+ var div = createCommentDiv(this);
+ ul.append($(document.createElement('li')).html(div));
+ appendComments(this.children, div.find('ul.comment-children'));
+ // To avoid stagnating data, don't store the comments children in data.
+ this.children = null;
+ div.data('comment', this);
+ });
+ }
+
+ /**
+ * After adding a new comment, it must be inserted in the correct
+ * location in the comment tree.
+ */
+ function insertComment(comment) {
+ var div = createCommentDiv(comment);
+
+ // To avoid stagnating data, don't store the comments children in data.
+ comment.children = null;
+ div.data('comment', comment);
+
+ var ul = $('#cl' + (comment.node || comment.parent));
+ var siblings = getChildren(ul);
+
+ var li = $(document.createElement('li'));
+ li.hide();
+
+ // Determine where in the parents children list to insert this comment.
+ for(i=0; i < siblings.length; i++) {
+ if (comp(comment, siblings[i]) <= 0) {
+ $('#cd' + siblings[i].id)
+ .parent()
+ .before(li.html(div));
+ li.slideDown('fast');
+ return;
+ }
+ }
+
+ // If we get here, this comment rates lower than all the others,
+ // or it is the only comment in the list.
+ ul.append(li.html(div));
+ li.slideDown('fast');
+ }
+
+ function acceptComment(id) {
+ $.ajax({
+ type: 'POST',
+ url: opts.acceptCommentURL,
+ data: {id: id},
+ success: function(data, textStatus, request) {
+ $('#cm' + id).fadeOut('fast');
+ $('#cd' + id).removeClass('moderate');
+ },
+ error: function(request, textStatus, error) {
+ showError('Oops, there was a problem accepting the comment.');
+ }
+ });
+ }
+
+ function deleteComment(id) {
+ $.ajax({
+ type: 'POST',
+ url: opts.deleteCommentURL,
+ data: {id: id},
+ success: function(data, textStatus, request) {
+ var div = $('#cd' + id);
+ if (data == 'delete') {
+ // Moderator mode: remove the comment and all children immediately
+ div.slideUp('fast', function() {
+ div.remove();
+ });
+ return;
+ }
+ // User mode: only mark the comment as deleted
+ div
+ .find('span.user-id:first')
+ .text('[deleted]').end()
+ .find('div.comment-text:first')
+ .text('[deleted]').end()
+ .find('#cm' + id + ', #dc' + id + ', #ac' + id + ', #rc' + id +
+ ', #sp' + id + ', #hp' + id + ', #cr' + id + ', #rl' + id)
+ .remove();
+ var comment = div.data('comment');
+ comment.username = '[deleted]';
+ comment.text = '[deleted]';
+ div.data('comment', comment);
+ },
+ error: function(request, textStatus, error) {
+ showError('Oops, there was a problem deleting the comment.');
+ }
+ });
+ }
+
+ function showProposal(id) {
+ $('#sp' + id).hide();
+ $('#hp' + id).show();
+ $('#pr' + id).slideDown('fast');
+ }
+
+ function hideProposal(id) {
+ $('#hp' + id).hide();
+ $('#sp' + id).show();
+ $('#pr' + id).slideUp('fast');
+ }
+
+ function showProposeChange(id) {
+ $('#pc' + id).hide();
+ $('#hc' + id).show();
+ var textarea = $('#pt' + id);
+ textarea.val(textarea.data('source'));
+ $.fn.autogrow.resize(textarea[0]);
+ textarea.slideDown('fast');
+ }
+
+ function hideProposeChange(id) {
+ $('#hc' + id).hide();
+ $('#pc' + id).show();
+ var textarea = $('#pt' + id);
+ textarea.val('').removeAttr('disabled');
+ textarea.slideUp('fast');
+ }
+
+ function toggleCommentMarkupBox(id) {
+ $('#mb' + id).toggle();
+ }
+
+ /** Handle when the user clicks on a sort by link. */
+ function handleReSort(link) {
+ var classes = link.attr('class').split(/\s+/);
+ for (var i=0; i<classes.length; i++) {
+ if (classes[i] != 'sort-option') {
+ by = classes[i].substring(2);
+ }
+ }
+ setComparator();
+ // Save/update the sortBy cookie.
+ var expiration = new Date();
+ expiration.setDate(expiration.getDate() + 365);
+ document.cookie= 'sortBy=' + escape(by) +
+ ';expires=' + expiration.toUTCString();
+ $('ul.comment-ul').each(function(index, ul) {
+ var comments = getChildren($(ul), true);
+ comments = sortComments(comments);
+ appendComments(comments, $(ul).empty());
+ });
+ }
+
+ /**
+ * Function to process a vote when a user clicks an arrow.
+ */
+ function handleVote(link) {
+ if (!opts.voting) {
+ showError("You'll need to login to vote.");
+ return;
+ }
+
+ var id = link.attr('id');
+ if (!id) {
+ // Didn't click on one of the voting arrows.
+ return;
+ }
+ // If it is an unvote, the new vote value is 0,
+ // Otherwise it's 1 for an upvote, or -1 for a downvote.
+ var value = 0;
+ if (id.charAt(1) != 'u') {
+ value = id.charAt(0) == 'u' ? 1 : -1;
+ }
+ // The data to be sent to the server.
+ var d = {
+ comment_id: id.substring(2),
+ value: value
+ };
+
+ // Swap the vote and unvote links.
+ link.hide();
+ $('#' + id.charAt(0) + (id.charAt(1) == 'u' ? 'v' : 'u') + d.comment_id)
+ .show();
+
+ // The div the comment is displayed in.
+ var div = $('div#cd' + d.comment_id);
+ var data = div.data('comment');
+
+ // If this is not an unvote, and the other vote arrow has
+ // already been pressed, unpress it.
+ if ((d.value !== 0) && (data.vote === d.value * -1)) {
+ $('#' + (d.value == 1 ? 'd' : 'u') + 'u' + d.comment_id).hide();
+ $('#' + (d.value == 1 ? 'd' : 'u') + 'v' + d.comment_id).show();
+ }
+
+ // Update the comments rating in the local data.
+ data.rating += (data.vote === 0) ? d.value : (d.value - data.vote);
+ data.vote = d.value;
+ div.data('comment', data);
+
+ // Change the rating text.
+ div.find('.rating:first')
+ .text(data.rating + ' point' + (data.rating == 1 ? '' : 's'));
+
+ // Send the vote information to the server.
+ $.ajax({
+ type: "POST",
+ url: opts.processVoteURL,
+ data: d,
+ error: function(request, textStatus, error) {
+ showError('Oops, there was a problem casting that vote.');
+ }
+ });
+ }
+
+ /**
+ * Open a reply form used to reply to an existing comment.
+ */
+ function openReply(id) {
+ // Swap out the reply link for the hide link
+ $('#rl' + id).hide();
+ $('#cr' + id).show();
+
+ // Add the reply li to the children ul.
+ var div = $(renderTemplate(replyTemplate, {id: id})).hide();
+ $('#cl' + id)
+ .prepend(div)
+ // Setup the submit handler for the reply form.
+ .find('#rf' + id)
+ .submit(function(event) {
+ event.preventDefault();
+ addComment($('#rf' + id));
+ closeReply(id);
+ })
+ .find('input[type=button]')
+ .click(function() {
+ closeReply(id);
+ });
+ div.slideDown('fast', function() {
+ $('#rf' + id).find('textarea').focus();
+ });
+ }
+
+ /**
+ * Close the reply form opened with openReply.
+ */
+ function closeReply(id) {
+ // Remove the reply div from the DOM.
+ $('#rd' + id).slideUp('fast', function() {
+ $(this).remove();
+ });
+
+ // Swap out the hide link for the reply link
+ $('#cr' + id).hide();
+ $('#rl' + id).show();
+ }
+
+ /**
+ * Recursively sort a tree of comments using the comp comparator.
+ */
+ function sortComments(comments) {
+ comments.sort(comp);
+ $.each(comments, function() {
+ this.children = sortComments(this.children);
+ });
+ return comments;
+ }
+
+ /**
+ * Get the children comments from a ul. If recursive is true,
+ * recursively include childrens' children.
+ */
+ function getChildren(ul, recursive) {
+ var children = [];
+ ul.children().children("[id^='cd']")
+ .each(function() {
+ var comment = $(this).data('comment');
+ if (recursive)
+ comment.children = getChildren($(this).find('#cl' + comment.id), true);
+ children.push(comment);
+ });
+ return children;
+ }
+
+ /** Create a div to display a comment in. */
+ function createCommentDiv(comment) {
+ if (!comment.displayed && !opts.moderator) {
+ return $('<div class="moderate">Thank you! Your comment will show up '
+ + 'once it is has been approved by a moderator.</div>');
+ }
+ // Prettify the comment rating.
+ comment.pretty_rating = comment.rating + ' point' +
+ (comment.rating == 1 ? '' : 's');
+ // Make a class (for displaying not yet moderated comments differently)
+ comment.css_class = comment.displayed ? '' : ' moderate';
+ // Create a div for this comment.
+ var context = $.extend({}, opts, comment);
+ var div = $(renderTemplate(commentTemplate, context));
+
+ // If the user has voted on this comment, highlight the correct arrow.
+ if (comment.vote) {
+ var direction = (comment.vote == 1) ? 'u' : 'd';
+ div.find('#' + direction + 'v' + comment.id).hide();
+ div.find('#' + direction + 'u' + comment.id).show();
+ }
+
+ if (opts.moderator || comment.text != '[deleted]') {
+ div.find('a.reply').show();
+ if (comment.proposal_diff)
+ div.find('#sp' + comment.id).show();
+ if (opts.moderator && !comment.displayed)
+ div.find('#cm' + comment.id).show();
+ if (opts.moderator || (opts.username == comment.username))
+ div.find('#dc' + comment.id).show();
+ }
+ return div;
+ }
+
+ /**
+ * A simple template renderer. Placeholders such as <%id%> are replaced
+ * by context['id'] with items being escaped. Placeholders such as <#id#>
+ * are not escaped.
+ */
+ function renderTemplate(template, context) {
+ var esc = $(document.createElement('div'));
+
+ function handle(ph, escape) {
+ var cur = context;
+ $.each(ph.split('.'), function() {
+ cur = cur[this];
+ });
+ return escape ? esc.text(cur || "").html() : cur;
+ }
+
+ return template.replace(/<([%#])([\w\.]*)\1>/g, function() {
+ return handle(arguments[2], arguments[1] == '%' ? true : false);
+ });
+ }
+
+ /** Flash an error message briefly. */
+ function showError(message) {
+ $(document.createElement('div')).attr({'class': 'popup-error'})
+ .append($(document.createElement('div'))
+ .attr({'class': 'error-message'}).text(message))
+ .appendTo('body')
+ .fadeIn("slow")
+ .delay(2000)
+ .fadeOut("slow");
+ }
+
+ /** Add a link the user uses to open the comments popup. */
+ $.fn.comment = function() {
+ return this.each(function() {
+ var id = $(this).attr('id').substring(1);
+ var count = COMMENT_METADATA[id];
+ var title = count + ' comment' + (count == 1 ? '' : 's');
+ var image = count > 0 ? opts.commentBrightImage : opts.commentImage;
+ var addcls = count == 0 ? ' nocomment' : '';
+ $(this)
+ .append(
+ $(document.createElement('a')).attr({
+ href: '#',
+ 'class': 'sphinx-comment-open' + addcls,
+ id: 'ao' + id
+ })
+ .append($(document.createElement('img')).attr({
+ src: image,
+ alt: 'comment',
+ title: title
+ }))
+ .click(function(event) {
+ event.preventDefault();
+ show($(this).attr('id').substring(2));
+ })
+ )
+ .append(
+ $(document.createElement('a')).attr({
+ href: '#',
+ 'class': 'sphinx-comment-close hidden',
+ id: 'ah' + id
+ })
+ .append($(document.createElement('img')).attr({
+ src: opts.closeCommentImage,
+ alt: 'close',
+ title: 'close'
+ }))
+ .click(function(event) {
+ event.preventDefault();
+ hide($(this).attr('id').substring(2));
+ })
+ );
+ });
+ };
+
+ var opts = {
+ processVoteURL: '/_process_vote',
+ addCommentURL: '/_add_comment',
+ getCommentsURL: '/_get_comments',
+ acceptCommentURL: '/_accept_comment',
+ deleteCommentURL: '/_delete_comment',
+ commentImage: '/static/_static/comment.png',
+ closeCommentImage: '/static/_static/comment-close.png',
+ loadingImage: '/static/_static/ajax-loader.gif',
+ commentBrightImage: '/static/_static/comment-bright.png',
+ upArrow: '/static/_static/up.png',
+ downArrow: '/static/_static/down.png',
+ upArrowPressed: '/static/_static/up-pressed.png',
+ downArrowPressed: '/static/_static/down-pressed.png',
+ voting: false,
+ moderator: false
+ };
+
+ if (typeof COMMENT_OPTIONS != "undefined") {
+ opts = jQuery.extend(opts, COMMENT_OPTIONS);
+ }
+
+ var popupTemplate = '\
+ <div class="sphinx-comments" id="sc<%id%>">\
+ <p class="sort-options">\
+ Sort by:\
+ <a href="#" class="sort-option byrating">best rated</a>\
+ <a href="#" class="sort-option byascage">newest</a>\
+ <a href="#" class="sort-option byage">oldest</a>\
+ </p>\
+ <div class="comment-header">Comments</div>\
+ <div class="comment-loading" id="cn<%id%>">\
+ loading comments... <img src="<%loadingImage%>" alt="" /></div>\
+ <ul id="cl<%id%>" class="comment-ul"></ul>\
+ <div id="ca<%id%>">\
+ <p class="add-a-comment">Add a comment\
+ (<a href="#" class="comment-markup" id="ab<%id%>">markup</a>):</p>\
+ <div class="comment-markup-box" id="mb<%id%>">\
+ reStructured text markup: <i>*emph*</i>, <b>**strong**</b>, \
+ <code>``code``</code>, \
+ code blocks: <code>::</code> and an indented block after blank line</div>\
+ <form method="post" id="cf<%id%>" class="comment-form" action="">\
+ <textarea name="comment" cols="80"></textarea>\
+ <p class="propose-button">\
+ <a href="#" id="pc<%id%>" class="show-propose-change">\
+ Propose a change ▹\
+ </a>\
+ <a href="#" id="hc<%id%>" class="hide-propose-change">\
+ Propose a change ▿\
+ </a>\
+ </p>\
+ <textarea name="proposal" id="pt<%id%>" cols="80"\
+ spellcheck="false"></textarea>\
+ <input type="submit" value="Add comment" />\
+ <input type="hidden" name="node" value="<%id%>" />\
+ <input type="hidden" name="parent" value="" />\
+ </form>\
+ </div>\
+ </div>';
+
+ var commentTemplate = '\
+ <div id="cd<%id%>" class="sphinx-comment<%css_class%>">\
+ <div class="vote">\
+ <div class="arrow">\
+ <a href="#" id="uv<%id%>" class="vote" title="vote up">\
+ <img src="<%upArrow%>" />\
+ </a>\
+ <a href="#" id="uu<%id%>" class="un vote" title="vote up">\
+ <img src="<%upArrowPressed%>" />\
+ </a>\
+ </div>\
+ <div class="arrow">\
+ <a href="#" id="dv<%id%>" class="vote" title="vote down">\
+ <img src="<%downArrow%>" id="da<%id%>" />\
+ </a>\
+ <a href="#" id="du<%id%>" class="un vote" title="vote down">\
+ <img src="<%downArrowPressed%>" />\
+ </a>\
+ </div>\
+ </div>\
+ <div class="comment-content">\
+ <p class="tagline comment">\
+ <span class="user-id"><%username%></span>\
+ <span class="rating"><%pretty_rating%></span>\
+ <span class="delta"><%time.delta%></span>\
+ </p>\
+ <div class="comment-text comment"><#text#></div>\
+ <p class="comment-opts comment">\
+ <a href="#" class="reply hidden" id="rl<%id%>">reply ▹</a>\
+ <a href="#" class="close-reply" id="cr<%id%>">reply ▿</a>\
+ <a href="#" id="sp<%id%>" class="show-proposal">proposal ▹</a>\
+ <a href="#" id="hp<%id%>" class="hide-proposal">proposal ▿</a>\
+ <a href="#" id="dc<%id%>" class="delete-comment hidden">delete</a>\
+ <span id="cm<%id%>" class="moderation hidden">\
+ <a href="#" id="ac<%id%>" class="accept-comment">accept</a>\
+ </span>\
+ </p>\
+ <pre class="proposal" id="pr<%id%>">\
+<#proposal_diff#>\
+ </pre>\
+ <ul class="comment-children" id="cl<%id%>"></ul>\
+ </div>\
+ <div class="clearleft"></div>\
+ </div>\
+ </div>';
+
+ var replyTemplate = '\
+ <li>\
+ <div class="reply-div" id="rd<%id%>">\
+ <form id="rf<%id%>">\
+ <textarea name="comment" cols="80"></textarea>\
+ <input type="submit" value="Add reply" />\
+ <input type="button" value="Cancel" />\
+ <input type="hidden" name="parent" value="<%id%>" />\
+ <input type="hidden" name="node" value="" />\
+ </form>\
+ </div>\
+ </li>';
+
+ $(document).ready(function() {
+ init();
+ });
+})(jQuery);
+
+$(document).ready(function() {
+ // add comment anchors for all paragraphs that are commentable
+ $('.sphinx-has-comment').comment();
+
+ // highlight search words in search results
+ $("div.context").each(function() {
+ var params = $.getQueryParameters();
+ var terms = (params.q) ? params.q[0].split(/\s+/) : [];
+ var result = $(this);
+ $.each(terms, function() {
+ result.highlightText(this.toLowerCase(), 'highlighted');
+ });
+ });
+
+ // directly open comment window if requested
+ var anchor = document.location.hash;
+ if (anchor.substring(0, 9) == '#comment-') {
+ $('#ao' + anchor.substring(9)).click();
+ document.location.hash = '#s' + anchor.substring(9);
+ }
+});
diff --git a/docs/1.1.0/html/about.html b/docs/1.1.0/html/about.html
new file mode 100644
index 0000000..543c8ba
--- /dev/null
+++ b/docs/1.1.0/html/about.html
@@ -0,0 +1,669 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>About this document — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: './',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="_static/jquery.js"></script>
+ <script type="text/javascript" src="_static/underscore.js"></script>
+ <script type="text/javascript" src="_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="#" />
+ <link rel="index" title="Index" href="genindex.html" />
+ <link rel="search" title="Search" href="search.html" />
+ <link rel="next" title="1. Introduction" href="overview/intro.html" />
+ <link rel="prev" title="PSA Cryptography API 1.1" href="index.html" />
+
+ <link rel="stylesheet" href="_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="about-this-document">
+<span id="id1"></span><h1>About this document</h1>
+<div class="section" id="release-information">
+<h2>Release information</h2>
+<p>The change history table lists the changes that have been made to this document.</p>
+<table border="1" class="colwidths-given docutils">
+<colgroup>
+<col width="20%" />
+<col width="15%" />
+<col width="20%" />
+<col width="45%" />
+</colgroup>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Date</th>
+<th class="head">Version</th>
+<th class="head">Confidentiality</th>
+<th class="head">Change</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>January 2019</td>
+<td>1.0 Beta 1</td>
+<td>Non-confidential</td>
+<td>First public beta release.</td>
+</tr>
+<tr class="row-odd"><td>February 2019</td>
+<td>1.0 Beta 2</td>
+<td>Non-confidential</td>
+<td>Update for release with other PSA Dev API specifications.</td>
+</tr>
+<tr class="row-even"><td>May 2019</td>
+<td>1.0 Beta 3</td>
+<td>Non-confidential</td>
+<td>Update for release with other PSA API specifications.</td>
+</tr>
+<tr class="row-odd"><td>February 2020</td>
+<td>1.0 Final</td>
+<td>Non-confidential</td>
+<td>1.0 API finalized.</td>
+</tr>
+<tr class="row-even"><td>August 2020</td>
+<td>1.0.1 Final</td>
+<td>Non-confidential</td>
+<td>Update to fix errors and provide clarifications.</td>
+</tr>
+<tr class="row-odd"><td>February 2022</td>
+<td>1.1.0 Final</td>
+<td>Non-confidential</td>
+<td>New API for EdDSA, password hashing and key stretching.
+Many significant clarifications and improvements across the documentation.</td>
+</tr>
+</tbody>
+</table>
+<p>The detailed changes in each release are described in <a class="reference internal" href="appendix/history.html#changes"><span class="secref">Document change history</span></a>.</p>
+</div>
+<p><span class="sectiontitle">PSA Cryptography API</span></p>
+<p>Copyright © 2018-2022, Arm Limited or its affiliates. All rights reserved. The copyright statement reflects the fact that some
+draft issues of this document have been released, to a limited circulation.</p>
+<div class="section" id="arm-non-confidential-document-licence-licence">
+<h2>Arm Non-Confidential Document Licence (“Licence”)</h2>
+<div class="license docutils container">
+<p>This Licence is a legal agreement between you and Arm Limited (“<strong>Arm</strong>”) for the use of Arm’s intellectual property (including, without limitation, any copyright) embodied in the document accompanying this Licence (“<strong>Document</strong>”). Arm licenses its intellectual property in the Document to you on condition that you agree to the terms of this Licence. By using or copying the Document you indicate that you agree to be bound by the terms of this Licence.</p>
+<p>“<strong>Subsidiary</strong>” means any company the majority of whose voting shares is now or hereafter owner or controlled, directly or indirectly, by you. A company shall be a Subsidiary only for the period during which such control exists.</p>
+<p>This Document is <strong>NON-CONFIDENTIAL</strong> and any use by you and your Subsidiaries (“Licensee”) is subject to the terms of this Licence between you and Arm.</p>
+<p>Subject to the terms and conditions of this Licence, Arm hereby grants to Licensee under the intellectual property in the Document owned or controlled by Arm, a non-exclusive, non-transferable, non-sub-licensable, royalty-free, worldwide licence to:</p>
+<ol class="lowerroman simple">
+<li>use and copy the Document for the purpose of designing and having designed products that comply with the Document;</li>
+<li>manufacture and have manufactured products which have been created under the licence granted in (i) above; and</li>
+<li>sell, supply and distribute products which have been created under the licence granted in (i) above.</li>
+</ol>
+<p><strong>Licensee hereby agrees that the licences granted above shall not extend to any portion or function of a product that is not itself compliant with part of the Document.</strong></p>
+<p>Except as expressly licensed above, Licensee acquires no right, title or interest in any Arm technology or any intellectual property embodied therein.</p>
+<p>THE DOCUMENT IS PROVIDED “AS IS”. ARM PROVIDES NO REPRESENTATIONS AND NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, SATISFACTORY QUALITY, NON-INFRINGEMENT OR FITNESS FOR A PARTICULAR PURPOSE WITH RESPECT TO THE DOCUMENT. Arm may make changes to the Document at any time and without notice. For the avoidance of doubt, Arm makes no representation with respect to, and has undertaken no analysis to identify or understand the scope and content of, third party patents, copyrights, trade secrets, or other rights.</p>
+<p>NOTWITHSTANDING ANYTHING TO THE CONTRARY CONTAINED IN THIS LICENCE, TO THE FULLEST EXTENT PERMITTED BY LAW, IN NO EVENT WILL ARM BE LIABLE FOR ANY DAMAGES, IN CONTRACT, TORT OR OTHERWISE, IN CONNECTION WITH THE SUBJECT MATTER OF THIS LICENCE (INCLUDING WITHOUT LIMITATION) (I) LICENSEE’S USE OF THE DOCUMENT; AND (II) THE IMPLEMENTATION OF THE DOCUMENT IN ANY PRODUCT CREATED BY LICENSEE UNDER THIS LICENCE). THE EXISTENCE OF MORE THAN ONE CLAIM OR SUIT WILL NOT ENLARGE OR EXTEND THE LIMIT. LICENSEE RELEASES ARM FROM ALL OBLIGATIONS, LIABILITY, CLAIMS OR DEMANDS IN EXCESS OF THIS LIMITATION.</p>
+<p>This Licence shall remain in force until terminated by Licensee or by Arm. Without prejudice to any of its other rights, if Licensee is in breach of any of the terms and conditions of this Licence then Arm may terminate this Licence immediately upon giving written notice to Licensee. Licensee may terminate this Licence at any time. Upon termination of this Licence by Licensee or by Arm, Licensee shall stop using the Document and destroy all copies of the Document in its possession. Upon termination of this Licence, all terms shall survive except for the licence grants.</p>
+<p>Any breach of this Licence by a Subsidiary shall entitle Arm to terminate this Licence as if you were the party in breach. Any termination of this Licence shall be effective in respect of all Subsidiaries. Any rights granted to any Subsidiary hereunder shall automatically terminate upon such Subsidiary ceasing to be a Subsidiary.</p>
+<p>The Document consists solely of commercial items. Licensee shall be responsible for ensuring that any use, duplication or disclosure of the Document complies fully with any relevant export laws and regulations to assure that the Document or any portion thereof is not exported, directly or indirectly, in violation of such export laws.</p>
+<p>This Licence may be translated into other languages for convenience, and Licensee agrees that if there is any conflict between the English version of this Licence and any translation, the terms of the English version of this Licence shall prevail.</p>
+<p>The Arm corporate logo and words marked with ® or ™ are registered trademarks or trademarks of Arm Limited (or its subsidiaries) in the US and/or elsewhere. All rights reserved. Other brands and names mentioned in this document may be the trademarks of their respective owners. No licence, express, implied or otherwise, is granted to Licensee under this Licence, to use the Arm trade marks in connection with the Document or any products based thereon. Visit Arm’s website at <a class="reference external" href="https://www.arm.com/company/policies/trademarks">https://www.arm.com/company/policies/trademarks</a> for more information about Arm’s trademarks.</p>
+<p>The validity, construction and performance of this Licence shall be governed by English Law.</p>
+<p>Copyright © 2018-2022, Arm Limited or its affiliates. All rights reserved.</p>
+<div class="line-block">
+<div class="line">Arm Limited. Company 02557590 registered in England.</div>
+<div class="line">110 Fulbourn Road, Cambridge, England CB1 9NJ.</div>
+</div>
+<p>Arm document reference: LES-PRE-21585 version 4.0</p>
+</div>
+</div>
+<div class="section" id="references">
+<h2>References</h2>
+<p>This document refers to the following documents.</p>
+<table border="1" class="longtable colwidths-given docutils" id="id2">
+<caption><span class="caption-number">Table 1 </span><span class="caption-text">Arm documents referenced by this document</span></caption>
+<colgroup>
+<col width="19%" />
+<col width="19%" />
+<col width="62%" />
+</colgroup>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Ref</th>
+<th class="head">Document Number</th>
+<th class="head">Title</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td><span class="target" id="citation-ff-m"></span>[FF-M]</td>
+<td>ARM DEN 0063</td>
+<td><em>Arm® Platform Security Architecture Firmware Framework</em>. <a class="reference external" href="https://pages.arm.com/psa-apis">https://pages.arm.com/psa-apis</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-psa-its"></span>[PSA-ITS]</td>
+<td>ARM IHI 0087</td>
+<td><em>PSA Storage API</em>. <a class="reference external" href="https://pages.arm.com/psa-apis">https://pages.arm.com/psa-apis</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-psa-pake"></span>[PSA-PAKE]</td>
+<td>ARM AES 0058</td>
+<td><em>PSA Cryptographic API 1.1 PAKE Extension</em>. <a class="reference external" href="https://developer.arm.com/documentation/aes0058/latest">https://developer.arm.com/documentation/aes0058/latest</a></td>
+</tr>
+</tbody>
+</table>
+<table border="1" class="longtable colwidths-given docutils" id="id3">
+<caption><span class="caption-number">Table 2 </span><span class="caption-text">Other documents referenced by this document</span></caption>
+<colgroup>
+<col width="19%" />
+<col width="81%" />
+</colgroup>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Ref</th>
+<th class="head">Title</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td><span class="target" id="citation-c99"></span>[C99]</td>
+<td>ISO/IEC, <em>ISO/IEC 9899:1999 — Programming Languages — C</em>, December 1999. <a class="reference external" href="https://www.iso.org/standard/29237.html">https://www.iso.org/standard/29237.html</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-chacha20"></span>[CHACHA20]</td>
+<td>Bernstein, D., <em>ChaCha, a variant of Salsa20</em>, January 2008. <a class="reference external" href="http://cr.yp.to/chacha/chacha-20080128.pdf">http://cr.yp.to/chacha/chacha-20080128.pdf</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-clulow"></span>[CLULOW]</td>
+<td>Clulow, Jolyon, <em>On the Security of PKCS #11</em>, 2003. <a class="reference external" href="https://link.springer.com/chapter/10.1007/978-3-540-45238-6_32">https://link.springer.com/chapter/10.1007/978-3-540-45238-6_32</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-cstc0002"></span>[CSTC0002]</td>
+<td>Cryptography Standardization Technical Committee, <em>GM/T 0002-2012: SM4 block cipher algorithm</em>, March 2012. <a class="reference external" href="http://www.gmbz.org.cn/main/viewfile/20180108015408199368.html">http://www.gmbz.org.cn/main/viewfile/20180108015408199368.html</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-cstc0002-e"></span>[CSTC0002/E]</td>
+<td>Cryptography Standardization Technical Committee, <em>GM/T 0002-2012: SM4 block cipher algorithm</em>, April 2018 (English version). <a class="reference external" href="http://www.gmbz.org.cn/main/postDetail.html?id=20180404044052">http://www.gmbz.org.cn/main/postDetail.html?id=20180404044052</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-cstc0004"></span>[CSTC0004]</td>
+<td>Cryptography Standardization Technical Committee, <em>GM/T 0004-2012: SM3 cryptographic hash algorithm</em>, March 2012. <a class="reference external" href="http://www.gmbz.org.cn/main/viewfile/20180108023812835219.html">http://www.gmbz.org.cn/main/viewfile/20180108023812835219.html</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-cstc0004-e"></span>[CSTC0004/E]</td>
+<td>Cryptography Standardization Technical Committee, <em>GM/T 0004-2012: SM3 cryptographic hash algorithm</em>, July 2018 (English version). <a class="reference external" href="http://www.gmbz.org.cn/main/postDetail.html?id=20180724105928">http://www.gmbz.org.cn/main/postDetail.html?id=20180724105928</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-curve25519"></span>[Curve25519]</td>
+<td>Bernstein et al., <em>Curve25519: new Diffie-Hellman speed records</em>, LNCS 3958, 2006. <a class="reference external" href="https://www.iacr.org/archive/pkc2006/39580209/39580209.pdf">https://www.iacr.org/archive/pkc2006/39580209/39580209.pdf</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-curve448"></span>[Curve448]</td>
+<td>Hamburg, <em>Ed448-Goldilocks, a new elliptic curve</em>, NIST ECC Workshop, 2015. <a class="reference external" href="https://eprint.iacr.org/2015/625.pdf">https://eprint.iacr.org/2015/625.pdf</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-ed25519"></span>[Ed25519]</td>
+<td>Bernstein et al., <em>Twisted Edwards curves</em>, Africacrypt, 2008. <a class="reference external" href="https://eprint.iacr.org/2008/013.pdf">https://eprint.iacr.org/2008/013.pdf</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-ed448"></span>[Ed448]</td>
+<td>Hamburg, <em>Ed448-Goldilocks, a new elliptic curve</em>, NIST ECC Workshop, 2015. <a class="reference external" href="https://eprint.iacr.org/2015/625.pdf">https://eprint.iacr.org/2015/625.pdf</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-fips180-4"></span>[FIPS180-4]</td>
+<td>NIST, <em>FIPS Publication 180-4: Secure Hash Standard (SHS)</em>, August 2015. <a class="reference external" href="https://doi.org/10.6028/NIST.FIPS.180-4">https://doi.org/10.6028/NIST.FIPS.180-4</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-fips186-4"></span>[FIPS186-4]</td>
+<td>NIST, <em>FIPS Publication 186-4: Digital Signature Standard (DSS)</em>, July 2013. <a class="reference external" href="https://doi.org/10.6028/NIST.FIPS.186-4">https://doi.org/10.6028/NIST.FIPS.186-4</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-fips197"></span>[FIPS197]</td>
+<td>NIST, <em>FIPS Publication 197: Advanced Encryption Standard (AES)</em>, November 2001. <a class="reference external" href="https://doi.org/10.6028/NIST.FIPS.197">https://doi.org/10.6028/NIST.FIPS.197</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-fips202"></span>[FIPS202]</td>
+<td>NIST, <em>FIPS Publication 202: SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions</em>, August 2015. <a class="reference external" href="https://doi.org/10.6028/NIST.FIPS.202">https://doi.org/10.6028/NIST.FIPS.202</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-frp"></span>[FRP]</td>
+<td>Agence nationale de la sécurité des systèmes d’information, <em>Publication d’un paramétrage de courbe elliptique visant des applications de passeport électronique et de l’administration électronique française</em>, 21 November 2011. <a class="reference external" href="https://www.ssi.gouv.fr/agence/rayonnement-scientifique/publications-scientifiques/articles-ouvrages-actes">https://www.ssi.gouv.fr/agence/rayonnement-scientifique/publications-scientifiques/articles-ouvrages-actes</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-ieee-xts"></span>[IEEE-XTS]</td>
+<td>IEEE, <em>1619-2018 — IEEE Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices</em>, January 2019. <a class="reference external" href="https://ieeexplore.ieee.org/servlet/opac?punumber=8637986">https://ieeexplore.ieee.org/servlet/opac?punumber=8637986</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-iso10118"></span>[ISO10118]</td>
+<td>ISO/IEC, <em>ISO/IEC 10118-3:2018 IT Security techniques — Hash-functions — Part 3: Dedicated hash-functions</em>, October 2018. <a class="reference external" href="https://www.iso.org/standard/67116.html">https://www.iso.org/standard/67116.html</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-iso9797"></span>[ISO9797]</td>
+<td>ISO/IEC, <em>ISO/IEC 9797-1:2011 Information technology — Security techniques — Message Authentication Codes (MACs) — Part 1: Mechanisms using a block cipher</em>, March 2011. <a class="reference external" href="https://www.iso.org/standard/50375.html">https://www.iso.org/standard/50375.html</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-ntt-cam"></span>[NTT-CAM]</td>
+<td>NTT Corporation and Mitsubishi Electric Corporation, <em>Specification of Camellia — a 128-bit Block Cipher</em>, September 2001. <a class="reference external" href="https://info.isl.ntt.co.jp/crypt/eng/camellia/specifications">https://info.isl.ntt.co.jp/crypt/eng/camellia/specifications</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-rfc1319"></span>[RFC1319]</td>
+<td>IETF, <em>The MD2 Message-Digest Algorithm</em>, April 1992. <a class="reference external" href="https://tools.ietf.org/html/rfc1319.html">https://tools.ietf.org/html/rfc1319.html</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-rfc1320"></span>[RFC1320]</td>
+<td>IETF, <em>The MD4 Message-Digest Algorithm</em>, April 1992. <a class="reference external" href="https://tools.ietf.org/html/rfc1320.html">https://tools.ietf.org/html/rfc1320.html</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-rfc1321"></span>[RFC1321]</td>
+<td>IETF, <em>The MD5 Message-Digest Algorithm</em>, April 1992. <a class="reference external" href="https://tools.ietf.org/html/rfc1321.html">https://tools.ietf.org/html/rfc1321.html</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-rfc2104"></span>[RFC2104]</td>
+<td>IETF, <em>HMAC: Keyed-Hashing for Message Authentication</em>, February 1997. <a class="reference external" href="https://tools.ietf.org/html/rfc2104.html">https://tools.ietf.org/html/rfc2104.html</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-rfc2315"></span>[RFC2315]</td>
+<td>IETF, <em>PKCS #7: Cryptographic Message Syntax Version 1.5</em>, March 1998. <a class="reference external" href="https://tools.ietf.org/html/rfc2315.html">https://tools.ietf.org/html/rfc2315.html</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-rfc3279"></span>[RFC3279]</td>
+<td>IETF, <em>Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile</em>, April 2002. <a class="reference external" href="https://tools.ietf.org/html/rfc3279.html">https://tools.ietf.org/html/rfc3279.html</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-rfc3610"></span>[RFC3610]</td>
+<td>IETF, <em>Counter with CBC-MAC (CCM)</em>, September 2003. <a class="reference external" href="https://tools.ietf.org/html/rfc3610">https://tools.ietf.org/html/rfc3610</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-rfc3713"></span>[RFC3713]</td>
+<td>IETF, <em>A Description of the Camellia Encryption Algorithm</em>, April 2004. <a class="reference external" href="https://tools.ietf.org/html/rfc3713">https://tools.ietf.org/html/rfc3713</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-rfc4279"></span>[RFC4279]</td>
+<td>IETF, <em>Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)</em>, December 2005. <a class="reference external" href="https://tools.ietf.org/html/rfc4279.html">https://tools.ietf.org/html/rfc4279.html</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-rfc4615"></span>[RFC4615]</td>
+<td>IETF, <em>The Advanced Encryption Standard-Cipher-based Message Authentication Code-Pseudo-Random Function-128 (AES-CMAC-PRF-128) Algorithm for the Internet Key Exchange Protocol (IKE)</em>, August 2006. <a class="reference external" href="https://tools.ietf.org/html/rfc4615.html">https://tools.ietf.org/html/rfc4615.html</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-rfc5116"></span>[RFC5116]</td>
+<td>IETF, <em>An Interface and Algorithms for Authenticated Encryption</em>, January 2008. <a class="reference external" href="https://tools.ietf.org/html/rfc5116.html">https://tools.ietf.org/html/rfc5116.html</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-rfc5246"></span>[RFC5246]</td>
+<td>IETF, <em>The Transport Layer Security (TLS) Protocol Version 1.2</em>, August 2008. <a class="reference external" href="https://tools.ietf.org/html/rfc5246.html">https://tools.ietf.org/html/rfc5246.html</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-rfc5639"></span>[RFC5639]</td>
+<td>IETF, <em>Elliptic Curve Cryptography (ECC) Brainpool Standard Curves and Curve Generation</em>, March 2010. <a class="reference external" href="https://tools.ietf.org/html/rfc5639.html">https://tools.ietf.org/html/rfc5639.html</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-rfc5794"></span>[RFC5794]</td>
+<td>IETF, <em>A Description of the ARIA Encryption Algorithm</em>, March 2010. <a class="reference external" href="https://datatracker.ietf.org/doc/html/rfc5794">https://datatracker.ietf.org/doc/html/rfc5794</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-rfc5869"></span>[RFC5869]</td>
+<td>IETF, <em>HMAC-based Extract-and-Expand Key Derivation Function (HKDF)</em>, May 2010. <a class="reference external" href="https://tools.ietf.org/html/rfc5869.html">https://tools.ietf.org/html/rfc5869.html</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-rfc5915"></span>[RFC5915]</td>
+<td>IETF, <em>Elliptic Curve Private Key Structure</em>, June 2010. <a class="reference external" href="https://tools.ietf.org/html/rfc5915.html">https://tools.ietf.org/html/rfc5915.html</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-rfc6979"></span>[RFC6979]</td>
+<td>IETF, <em>Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA)</em>, August 2013. <a class="reference external" href="https://tools.ietf.org/html/rfc6979.html">https://tools.ietf.org/html/rfc6979.html</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-rfc7539"></span>[RFC7539]</td>
+<td>IETF, <em>ChaCha20 and Poly1305 for IETF Protocols</em>, May 2015. <a class="reference external" href="https://tools.ietf.org/html/rfc7539.html">https://tools.ietf.org/html/rfc7539.html</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-rfc7748"></span>[RFC7748]</td>
+<td>IETF, <em>Elliptic Curves for Security</em>, January 2016. <a class="reference external" href="https://tools.ietf.org/html/rfc7748.html">https://tools.ietf.org/html/rfc7748.html</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-rfc7919"></span>[RFC7919]</td>
+<td>IETF, <em>Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS)</em>, August 2016. <a class="reference external" href="https://tools.ietf.org/html/rfc7919.html">https://tools.ietf.org/html/rfc7919.html</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-rfc8017"></span>[RFC8017]</td>
+<td>IETF, <em>PKCS #1: RSA Cryptography Specifications Version 2.2</em>, November 2016. <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html">https://tools.ietf.org/html/rfc8017.html</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-rfc8018"></span>[RFC8018]</td>
+<td>IETF, <em>PKCS #5: Password-Based Cryptography Specification Version 2.1</em>, January 2017. <a class="reference external" href="https://tools.ietf.org/html/rfc8018.html">https://tools.ietf.org/html/rfc8018.html</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-rfc8032"></span>[RFC8032]</td>
+<td>IRTF, <em>Edwards-Curve Digital Signature Algorithm (EdDSA)</em>, January 2017. <a class="reference external" href="https://tools.ietf.org/html/rfc8032.html">https://tools.ietf.org/html/rfc8032.html</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-ripemd"></span>[RIPEMD]</td>
+<td>Dobbertin, Bosselaers and Preneel, <em>RIPEMD-160: A Strengthened Version of RIPEMD</em>, April 1996. <a class="reference external" href="https://homes.esat.kuleuven.be/~bosselae/ripemd160.html">https://homes.esat.kuleuven.be/~bosselae/ripemd160.html</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-sec1"></span>[SEC1]</td>
+<td>Standards for Efficient Cryptography, <em>SEC 1: Elliptic Curve Cryptography</em>, May 2009. <a class="reference external" href="https://www.secg.org/sec1-v2.pdf">https://www.secg.org/sec1-v2.pdf</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-sec2"></span>[SEC2]</td>
+<td>Standards for Efficient Cryptography, <em>SEC 2: Recommended Elliptic Curve Domain Parameters</em>, January 2010. <a class="reference external" href="https://www.secg.org/sec2-v2.pdf">https://www.secg.org/sec2-v2.pdf</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-sec2v1"></span>[SEC2v1]</td>
+<td>Standards for Efficient Cryptography, <em>SEC 2: Recommended Elliptic Curve Domain Parameters, Version 1.0</em>, September 2000. <a class="reference external" href="https://www.secg.org/SEC2-Ver-1.0.pdf">https://www.secg.org/SEC2-Ver-1.0.pdf</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-sp800-30"></span>[SP800-30]</td>
+<td>NIST, <em>NIST Special Publication 800-30 Revision 1: Guide for Conducting Risk Assessments</em>, September 2012. <a class="reference external" href="https://doi.org/10.6028/NIST.SP.800-30r1">https://doi.org/10.6028/NIST.SP.800-30r1</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-sp800-38a"></span>[SP800-38A]</td>
+<td>NIST, <em>NIST Special Publication 800-38A: Recommendation for Block Cipher Modes of Operation: Methods and Techniques</em>, December 2001. <a class="reference external" href="https://doi.org/10.6028/NIST.SP.800-38A">https://doi.org/10.6028/NIST.SP.800-38A</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-sp800-38b"></span>[SP800-38B]</td>
+<td>NIST, <em>NIST Special Publication 800-38B: Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication</em>, May 2005. <a class="reference external" href="https://doi.org/10.6028/NIST.SP.800-38B">https://doi.org/10.6028/NIST.SP.800-38B</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-sp800-38d"></span>[SP800-38D]</td>
+<td>NIST, <em>NIST Special Publication 800-38D: Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC</em>, November 2007. <a class="reference external" href="https://doi.org/10.6028/NIST.SP.800-38D">https://doi.org/10.6028/NIST.SP.800-38D</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-sp800-56a"></span>[SP800-56A]</td>
+<td>NIST, <em>NIST Special Publication 800-56A: Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography</em>, April 2018. <a class="reference external" href="https://doi.org/10.6028/NIST.SP.800-56Ar3">https://doi.org/10.6028/NIST.SP.800-56Ar3</a></td>
+</tr>
+<tr class="row-even"><td><span class="target" id="citation-sp800-67"></span>[SP800-67]</td>
+<td>NIST, <em>NIST Special Publication 800-67: Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher</em>, November 2017. <a class="reference external" href="https://doi.org/10.6028/NIST.SP.800-67r2">https://doi.org/10.6028/NIST.SP.800-67r2</a></td>
+</tr>
+<tr class="row-odd"><td><span class="target" id="citation-x9-62"></span>[X9-62]</td>
+<td>ANSI, <em>Public Key Cryptography For The Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA)</em>. <a class="reference external" href="https://standards.globalspec.com/std/1955141/ANSI%20X9.62">https://standards.globalspec.com/std/1955141/ANSI%20X9.62</a></td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="section" id="terms-and-abbreviations">
+<h2>Terms and abbreviations</h2>
+<p>This document uses the following terms and abbreviations.</p>
+<table border="1" class="longtable colwidths-given docutils">
+<colgroup>
+<col width="25%" />
+<col width="75%" />
+</colgroup>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Term</th>
+<th class="head">Meaning</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-aead"></span><span><span>AEAD</span></span></span></td>
+<td><span class="first last">See <a class="reference internal" href="#term-authenticated-encryption-with-associated-data"><span class="term">Authenticated Encryption with Associated Data</span></a>.</span></td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-algorithm"></span><span>Algorithm</span></span></td>
+<td><p class="first">A finite sequence of steps to perform a particular operation.</p>
+<p class="last">In this specification, an algorithm is a <a class="reference internal" href="#term-cipher"><span class="term">cipher</span></a> or a related function.
+Other texts call this a cryptographic mechanism.</p>
+</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-api"></span><span>API</span></span></td>
+<td>Application Programming Interface.</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-asymmetric"></span><span>Asymmetric</span></span></td>
+<td>See <a class="reference internal" href="#term-public-key-cryptography"><span class="term">Public-key cryptography</span></a>.</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-authenticated-encryption-with-associated-data"></span><span>Authenticated Encryption with Associated Data (AEAD)</span></span></td>
+<td>A type of encryption that
+provides confidentiality and authenticity of data using <a class="reference internal" href="#term-symmetric"><span class="term">symmetric</span></a> keys.</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-byte"></span><span>Byte</span></span></td>
+<td>In this specification, a unit of storage comprising eight bits, also called an octet.</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-caller-isolation"></span><span>Caller isolation</span></span></td>
+<td><p class="first">Property of an implementation in which there are multiple application instances, with a security
+boundary between the application instances, as well as between the cryptoprocessor and the
+application instances.</p>
+<p class="last">See <a class="reference internal" href="overview/goals.html#isolation"><span class="secref">Optional isolation</span></a>.</p>
+</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-cipher"></span><span>Cipher</span></span></td>
+<td>An algorithm used for encryption or decryption with a <a class="reference internal" href="#term-symmetric"><span class="term">symmetric</span></a> key.</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-cryptoprocessor"></span><span>Cryptoprocessor</span></span></td>
+<td>The component that performs cryptographic operations.
+A cryptoprocessor might contain a <a class="reference internal" href="#term-keystore"><span class="term">keystore</span></a> and countermeasures against a range of physical and timing attacks.</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-cryptoprocessor-isolation"></span><span>Cryptoprocessor isolation</span></span></td>
+<td><p class="first">Property of an implementation in which there is a security boundary between the application and the
+cryptoprocessor, but the cryptoprocessor does not communicate with other applications.</p>
+<p class="last">See <a class="reference internal" href="overview/goals.html#isolation"><span class="secref">Optional isolation</span></a>.</p>
+</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-hash"></span><span>Hash</span></span></td>
+<td>A cryptographic hash function, or the value returned by such a function.</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-hmac"></span><span>HMAC</span></span></td>
+<td>A type of <a class="reference internal" href="#term-mac"><span class="term">MAC</span></a> that uses a cryptographic key with a <a class="reference internal" href="#term-hash"><span class="term">hash</span></a> function.</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-implementation-defined"></span><span class="sc">Implementation defined</span></span></td>
+<td>Behavior that is not defined by the architecture, but is defined and documented by individual implementations.</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-initialization-vector"></span><span>Initialization vector (IV)</span></span></td>
+<td><p class="first">An additional input that is not part of the message. It is used to prevent an attacker from making any
+correlation between cipher text and plain text.</p>
+<p class="last">This specification uses the term for such initial inputs
+in all contexts. For example, the initial counter in CTR mode is called the IV.</p>
+</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-isolation"></span><span>Isolation</span></span></td>
+<td><p class="first">Property of an implementation in which there is a security boundary between the application and the
+cryptoprocessor.</p>
+<p class="last">See <a class="reference internal" href="overview/goals.html#isolation"><span class="secref">Optional isolation</span></a>.</p>
+</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-iv"></span><span><span>IV</span></span></span></td>
+<td><span class="first last">See <a class="reference internal" href="#term-initialization-vector"><span class="term">Initialization vector</span></a>.</span></td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-kdf"></span><span><span>KDF</span></span></span></td>
+<td><span class="first last">See <a class="reference internal" href="#term-key-derivation-function"><span class="term">Key Derivation Function</span></a>.</span></td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-key-agreement"></span><span>Key agreement</span></span></td>
+<td>An algorithm for two or more parties to establish a common secret key.</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-key-derivation-function"></span><span>Key Derivation Function (KDF)</span></span></td>
+<td>Key Derivation Function. An algorithm for deriving keys from secret material.</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-key-identifier"></span><span>Key identifier</span></span></td>
+<td>A reference to a cryptographic key. Key identifiers in the PSA Crypto API are 32-bit integers.</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-key-policy"></span><span>Key policy</span></span></td>
+<td>Key metadata that describes and restricts what a key can be used for.</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-key-size"></span><span>Key size</span></span></td>
+<td><p class="first">The size of a key as defined by common conventions for each key type.
+For keys that are built from several numbers of strings, this is the size of a particular one of these numbers or strings.</p>
+<p class="last">This specification expresses key sizes in bits.</p>
+</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-key-type"></span><span>Key type</span></span></td>
+<td>Key metadata that describes the structure and content of a key.</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-keystore"></span><span>Keystore</span></span></td>
+<td>A hardware or software component that protects, stores, and manages cryptographic keys.</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-lifetime"></span><span>Lifetime</span></span></td>
+<td>Key metadata that describes when a key is destroyed.</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-mac"></span><span><span>MAC</span></span></span></td>
+<td><span class="first last">See <a class="reference internal" href="#term-message-authentication-code"><span class="term">Message Authentication Code</span></a>.</span></td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-message-authentication-code"></span><span>Message Authentication Code (MAC)</span></span></td>
+<td>A short piece of information used to authenticate a message.
+It is created and verified using a <a class="reference internal" href="#term-symmetric"><span class="term">symmetric</span></a> key.</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-message-digest"></span><span>Message digest</span></span></td>
+<td>A <a class="reference internal" href="#term-hash"><span class="term">hash</span></a> of a message. Used to determine if a message has been tampered.</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-multi-part-operation"></span><span>Multi-part operation</span></span></td>
+<td>An <a class="reference internal" href="#term-api"><span class="term">API</span></a> which splits a single cryptographic operation into a sequence of separate steps.</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-no-isolation"></span><span>No isolation</span></span></td>
+<td><p class="first">Property of an implementation in which there is no security boundary between the application and the
+cryptoprocessor.</p>
+<p class="last">See <a class="reference internal" href="overview/goals.html#isolation"><span class="secref">Optional isolation</span></a>.</p>
+</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-non-extractable-key"></span><span>Non-extractable key</span></span></td>
+<td>A key with a <a class="reference internal" href="#term-key-policy"><span class="term">key policy</span></a> that prevents it from being read by ordinary means.</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-nonce"></span><span>Nonce</span></span></td>
+<td>Used as an input for certain <a class="reference internal" href="#term-aead"><span class="term">AEAD</span></a> algorithms.
+Nonces must not be reused with the same key because this can break a cryptographic protocol.</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-persistent-key"></span><span>Persistent key</span></span></td>
+<td><p class="first">A key that is stored in protected non-volatile memory.</p>
+<p class="last">See <a class="reference internal" href="api/keys/lifetimes.html#key-lifetimes"><span class="secref">Key lifetimes</span></a>.</p>
+</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-psa"></span><span>PSA</span></span></td>
+<td>Platform Security Architecture</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-public-key-cryptography"></span><span>Public-key cryptography</span></span></td>
+<td>A type of cryptographic system that uses key pairs. A keypair consists of a (secret) private key
+and a public key (not secret). A public key cryptographic algorithm can be used for key distribution
+and for digital signatures.</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-salt"></span><span>Salt</span></span></td>
+<td>Used as an input for certain algorithms, such as key derivations.</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-signature"></span><span>Signature</span></span></td>
+<td>The output of a digital signature scheme that uses an <a class="reference internal" href="#term-asymmetric"><span class="term">asymmetric</span></a> keypair. Used to establish who produced a message.</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-single-part-function"></span><span>Single-part function</span></span></td>
+<td>An <a class="reference internal" href="#term-api"><span class="term">API</span></a> that implements the cryptographic operation in a single function call.</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-specification-defined"></span><span class="sc">Specification defined</span></span></td>
+<td>Behavior that is defined by this specification.</td>
+</tr>
+<tr class="row-odd"><td><span class="first last"><span class="target" id="term-symmetric"></span><span>Symmetric</span></span></td>
+<td>A type of cryptographic algorithm that uses a single key. A symmetric key can be used with
+a block cipher or a stream cipher.</td>
+</tr>
+<tr class="row-even"><td><span class="first last"><span class="target" id="term-volatile-key"></span><span>Volatile key</span></span></td>
+<td><p class="first">A key that has a short lifespan and is guaranteed not to exist after a restart of an application instance.</p>
+<p class="last">See <a class="reference internal" href="api/keys/lifetimes.html#key-lifetimes"><span class="secref">Key lifetimes</span></a>.</p>
+</td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="section" id="potential-for-change">
+<h2>Potential for change</h2>
+<p>The contents of this specification are stable for version 1.1.</p>
+<p>The following may change in updates to the version 1.1 specification:</p>
+<ul class="simple">
+<li>Small optional feature additions.</li>
+<li>Clarifications.</li>
+</ul>
+<p>Significant additions, or any changes that affect the compatibility of the
+interfaces defined in this specification will only be included in a new major or
+minor version of the specification.</p>
+</div>
+<div class="section" id="conventions">
+<h2>Conventions</h2>
+<div class="section" id="typographical-conventions">
+<h3>Typographical conventions</h3>
+<p>The typographical conventions are:</p>
+<dl class="docutils">
+<dt><em>italic</em></dt>
+<dd>Introduces special terminology, and denotes citations.</dd>
+<dt><code class="docutils literal"><span class="pre">monospace</span></code></dt>
+<dd><p class="first">Used for assembler syntax descriptions, pseudocode, and source code examples.</p>
+<p class="last">Also used in the main text for instruction mnemonics and for references to
+other items appearing in assembler syntax descriptions, pseudocode, and
+source code examples.</p>
+</dd>
+<dt><span class="sc">small capitals</span></dt>
+<dd><p class="first">Used for some common terms such as <span class="sc">implementation defined</span>.</p>
+<p class="last">Used for a few terms that have specific technical meanings, and are included
+in the <em>Terms and abbreviations</em>.</p>
+</dd>
+<dt><span class="issue">Red text</span></dt>
+<dd>Indicates an open issue.</dd>
+<dt><span class="anchor">Blue text</span></dt>
+<dd><p class="first">Indicates a link. This can be</p>
+<ul class="last simple">
+<li>A cross-reference to another location within the document</li>
+<li>A URL, for example <a class="reference external" href="http://infocenter.arm.com">http://infocenter.arm.com</a></li>
+</ul>
+</dd>
+</dl>
+</div>
+<div class="section" id="numbers">
+<h3>Numbers</h3>
+<p>Numbers are normally written in decimal. Binary numbers are preceded by 0b, and
+hexadecimal numbers by <code class="docutils literal"><span class="pre">0x</span></code>.</p>
+<p>In both cases, the prefix and the associated value are written in a monospace
+font, for example <code class="docutils literal"><span class="pre">0xFFFF0000</span></code>. To improve readability, long numbers can be
+written with an underscore separator between every four characters, for example
+<code class="docutils literal"><span class="pre">0xFFFF_0000_0000_0000</span></code>. Ignore any underscores when interpreting the value of
+a number.</p>
+</div>
+</div>
+<div class="section" id="pseudocode-descriptions">
+<h2>Pseudocode descriptions</h2>
+<p>This book uses a form of pseudocode to provide precise descriptions of the
+specified functionality. This pseudocode is written in a monospace font. The
+pseudocode language is described in the Arm Architecture Reference Manual.</p>
+</div>
+<div class="section" id="assembler-syntax-descriptions">
+<h2>Assembler syntax descriptions</h2>
+<p>This book is not expected to contain assembler code or pseudo code examples.</p>
+<p>Any code examples are shown in a <code class="docutils literal"><span class="pre">monospace</span></code> font.</p>
+</div>
+<div class="section" id="feedback">
+<h2>Feedback</h2>
+<p>Arm welcomes feedback on its documentation.</p>
+<div class="section" id="feedback-on-this-book">
+<h3>Feedback on this book</h3>
+<p>If you have comments on the content of this book, send an e-mail to
+<a class="reference external" href="mailto:arm.psa-feedback%40arm.com">arm<span>.</span>psa-feedback<span>@</span>arm<span>.</span>com</a>. Give:</p>
+<ul class="simple">
+<li>The title (PSA Cryptography API).</li>
+<li>The number and issue (IHI 0086 1.1.0).</li>
+<li>The page numbers to which your comments apply.</li>
+<li>The rule identifiers to which your comments apply, if applicable.</li>
+<li>A concise explanation of your comments.</li>
+</ul>
+<p>Arm also welcomes general suggestions for additions and improvements.</p>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul class="current">
+<li class="toctree-l1 current"><a class="current reference internal" href="#">About this document</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="#release-information">Release information</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#arm-non-confidential-document-licence-licence">Arm Non-Confidential Document Licence (“Licence”)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#references">References</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#terms-and-abbreviations">Terms and abbreviations</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#potential-for-change">Potential for change</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#conventions">Conventions</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#pseudocode-descriptions">Pseudocode descriptions</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#assembler-syntax-descriptions">Assembler syntax descriptions</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#feedback">Feedback</a></li>
+</ul>
+</li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="api/library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="api/keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="api/ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/keys/attributes.html b/docs/1.1.0/html/api/keys/attributes.html
new file mode 100644
index 0000000..c4994c4
--- /dev/null
+++ b/docs/1.1.0/html/api/keys/attributes.html
@@ -0,0 +1,310 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>9.1. Key attributes — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="9.2. Key types" href="types.html" />
+ <link rel="prev" title="9. Key management reference" href="index.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="key-attributes">
+<span id="id1"></span><h1>9.1. Key attributes</h1>
+<p>Key attributes are managed in a <a class="reference internal" href="#c.psa_key_attributes_t" title="psa_key_attributes_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_attributes_t</span></code></a> object. These are used when a key is created, after which the key attributes are fixed. Attributes of an existing key can be queried using <a class="reference internal" href="#c.psa_get_key_attributes" title="psa_get_key_attributes"><code class="xref any c c-func docutils literal"><span class="pre">psa_get_key_attributes()</span></code></a>.</p>
+<p>Description of the individual attributes is found in the following sections:</p>
+<ul class="simple">
+<li><a class="reference internal" href="types.html#key-types"><span class="secref">Key types</span></a></li>
+<li><a class="reference internal" href="ids.html#key-identifiers"><span class="secref">Key identifiers</span></a></li>
+<li><a class="reference internal" href="lifetimes.html#key-lifetimes"><span class="secref">Key lifetimes</span></a></li>
+<li><a class="reference internal" href="policy.html#key-policy"><span class="secref">Key policies</span></a></li>
+</ul>
+<div class="section" id="managing-key-attributes">
+<h2>9.1.1. Managing key attributes</h2>
+<div class="section" id="psa_key_attributes_t">
+<span id="c.psa_key_attributes_t"></span><h3><code class="docutils literal"><span class="pre">psa_key_attributes_t</span></code> (type)</h3>
+<p>The type of an object containing key attributes.</p>
+<pre class="literal-block">
+typedef <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-type"><span class="std std-ref">/* implementation-defined type */</span></a></em> <a class="reference internal" href="#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a>;
+</pre>
+<p>This is the object that represents the metadata of a key object. Metadata that can be stored in attributes includes:</p>
+<ul class="simple">
+<li>The location of the key in storage, indicated by its key identifier and its lifetime.</li>
+<li>The key’s policy, comprising usage flags and a specification of the permitted algorithm(s).</li>
+<li>Information about the key itself: the key type and its size.</li>
+<li>Implementations can define additional attributes.</li>
+</ul>
+<p>The actual key material is not considered an attribute of a key. Key attributes do not contain information that is generally considered highly confidential.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p>Implementations are recommended to define the attribute object as a simple data structure, with fields corresponding to the individual key attributes. In such an implementation, each function <code class="docutils literal"><span class="pre">psa_set_key_xxx()</span></code> sets a field and the corresponding function <code class="docutils literal"><span class="pre">psa_get_key_xxx()</span></code> retrieves the value of the field.</p>
+<p class="last">An implementations can report attribute values that are equivalent to the original one, but have a different encoding. For example, an implementation can use a more compact representation for types where many bit-patterns are invalid or not supported, and store all values that it does not support as a special marker value. In such an implementation, after setting an invalid value, the corresponding get function returns an invalid value which might not be the one that was originally stored.</p>
+</div>
+<p>This is an implementation-defined type. Applications that make assumptions about the content of this object will result in in implementation-specific behavior, and are non-portable.</p>
+<p>An attribute object can contain references to auxiliary resources, for example pointers to allocated memory or indirect references to pre-calculated values. In order to free such resources, the application must call <a class="reference internal" href="#c.psa_reset_key_attributes" title="psa_reset_key_attributes"><code class="xref any c c-func docutils literal"><span class="pre">psa_reset_key_attributes()</span></code></a>. As an exception, calling <a class="reference internal" href="#c.psa_reset_key_attributes" title="psa_reset_key_attributes"><code class="xref any c c-func docutils literal"><span class="pre">psa_reset_key_attributes()</span></code></a> on an attribute object is optional if the object has only been modified by the following functions since it was initialized or last reset with <a class="reference internal" href="#c.psa_reset_key_attributes" title="psa_reset_key_attributes"><code class="xref any c c-func docutils literal"><span class="pre">psa_reset_key_attributes()</span></code></a>:</p>
+<ul class="simple">
+<li><a class="reference internal" href="ids.html#c.psa_set_key_id" title="psa_set_key_id"><code class="xref any c c-func docutils literal"><span class="pre">psa_set_key_id()</span></code></a></li>
+<li><a class="reference internal" href="lifetimes.html#c.psa_set_key_lifetime" title="psa_set_key_lifetime"><code class="xref any c c-func docutils literal"><span class="pre">psa_set_key_lifetime()</span></code></a></li>
+<li><a class="reference internal" href="types.html#c.psa_set_key_type" title="psa_set_key_type"><code class="xref any c c-func docutils literal"><span class="pre">psa_set_key_type()</span></code></a></li>
+<li><a class="reference internal" href="types.html#c.psa_set_key_bits" title="psa_set_key_bits"><code class="xref any c c-func docutils literal"><span class="pre">psa_set_key_bits()</span></code></a></li>
+<li><a class="reference internal" href="policy.html#c.psa_set_key_usage_flags" title="psa_set_key_usage_flags"><code class="xref any c c-func docutils literal"><span class="pre">psa_set_key_usage_flags()</span></code></a></li>
+<li><a class="reference internal" href="policy.html#c.psa_set_key_algorithm" title="psa_set_key_algorithm"><code class="xref any c c-func docutils literal"><span class="pre">psa_set_key_algorithm()</span></code></a></li>
+</ul>
+<p>Before calling any function on a key attribute object, the application must initialize it by any of the following means:</p>
+<ul>
+<li><p class="first">Set the object to all-bits-zero, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> attributes;
+memset(&attributes, 0, sizeof(attributes));
+</pre>
+</li>
+<li><p class="first">Initialize the object to logical zero values by declaring the object as static or global without an explicit initializer, for example:</p>
+<pre class="literal-block">
+static <a class="reference internal" href="#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> attributes;
+</pre>
+</li>
+<li><p class="first">Initialize the object to the initializer <a class="reference internal" href="#c.PSA_KEY_ATTRIBUTES_INIT" title="PSA_KEY_ATTRIBUTES_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_ATTRIBUTES_INIT</span></code></a>, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> attributes = <a class="reference internal" href="#c.PSA_KEY_ATTRIBUTES_INIT" title="PSA_KEY_ATTRIBUTES_INIT">PSA_KEY_ATTRIBUTES_INIT</a>;
+</pre>
+</li>
+<li><p class="first">Assign the result of the function <a class="reference internal" href="#c.psa_key_attributes_init" title="psa_key_attributes_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_attributes_init()</span></code></a> to the object, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> attributes;
+attributes = <a class="reference internal" href="#c.psa_key_attributes_init" title="psa_key_attributes_init">psa_key_attributes_init</a>();
+</pre>
+</li>
+</ul>
+<p>A freshly initialized attribute object contains the following values:</p>
+<table border="1" class="colwidths-auto docutils align-left">
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Attribute</th>
+<th class="head">Value</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>lifetime</td>
+<td><a class="reference internal" href="lifetimes.html#c.PSA_KEY_LIFETIME_VOLATILE" title="PSA_KEY_LIFETIME_VOLATILE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_LIFETIME_VOLATILE</span></code></a>.</td>
+</tr>
+<tr class="row-odd"><td>key identifier</td>
+<td><a class="reference internal" href="ids.html#c.PSA_KEY_ID_NULL" title="PSA_KEY_ID_NULL"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_ID_NULL</span></code></a> — which is not a valid key identifier.</td>
+</tr>
+<tr class="row-even"><td>type</td>
+<td><a class="reference internal" href="types.html#c.PSA_KEY_TYPE_NONE" title="PSA_KEY_TYPE_NONE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_NONE</span></code></a> — meaning that the type is unspecified.</td>
+</tr>
+<tr class="row-odd"><td>key size</td>
+<td><code class="docutils literal"><span class="pre">0</span></code> — meaning that the size is unspecified.</td>
+</tr>
+<tr class="row-even"><td>usage flags</td>
+<td><code class="docutils literal"><span class="pre">0</span></code> — which allows no usage except exporting a public key.</td>
+</tr>
+<tr class="row-odd"><td>algorithm</td>
+<td><a class="reference internal" href="../ops/algorithms.html#c.PSA_ALG_NONE" title="PSA_ALG_NONE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_NONE</span></code></a> — which does not allow cryptographic usage, but allows exporting.</td>
+</tr>
+</tbody>
+</table>
+<p class="rubric">Usage</p>
+<p>A typical sequence to create a key is as follows:</p>
+<ol class="arabic simple">
+<li>Create and initialize an attribute object.</li>
+<li>If the key is persistent, call <a class="reference internal" href="ids.html#c.psa_set_key_id" title="psa_set_key_id"><code class="xref any c c-func docutils literal"><span class="pre">psa_set_key_id()</span></code></a>. Also call <a class="reference internal" href="lifetimes.html#c.psa_set_key_lifetime" title="psa_set_key_lifetime"><code class="xref any c c-func docutils literal"><span class="pre">psa_set_key_lifetime()</span></code></a> to place the key in a non-default location.</li>
+<li>Set the key policy with <a class="reference internal" href="policy.html#c.psa_set_key_usage_flags" title="psa_set_key_usage_flags"><code class="xref any c c-func docutils literal"><span class="pre">psa_set_key_usage_flags()</span></code></a> and <a class="reference internal" href="policy.html#c.psa_set_key_algorithm" title="psa_set_key_algorithm"><code class="xref any c c-func docutils literal"><span class="pre">psa_set_key_algorithm()</span></code></a>.</li>
+<li>Set the key type with <a class="reference internal" href="types.html#c.psa_set_key_type" title="psa_set_key_type"><code class="xref any c c-func docutils literal"><span class="pre">psa_set_key_type()</span></code></a>. Skip this step if copying an existing key with <a class="reference internal" href="management.html#c.psa_copy_key" title="psa_copy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_copy_key()</span></code></a>.</li>
+<li>When generating a random key with <a class="reference internal" href="management.html#c.psa_generate_key" title="psa_generate_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_generate_key()</span></code></a> or deriving a key with <a class="reference internal" href="../ops/kdf.html#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a>, set the desired key size with <a class="reference internal" href="types.html#c.psa_set_key_bits" title="psa_set_key_bits"><code class="xref any c c-func docutils literal"><span class="pre">psa_set_key_bits()</span></code></a>.</li>
+<li>Call a key creation function: <a class="reference internal" href="management.html#c.psa_import_key" title="psa_import_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_import_key()</span></code></a>, <a class="reference internal" href="management.html#c.psa_generate_key" title="psa_generate_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_generate_key()</span></code></a>, <a class="reference internal" href="../ops/kdf.html#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a> or <a class="reference internal" href="management.html#c.psa_copy_key" title="psa_copy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_copy_key()</span></code></a>. This function reads the attribute object, creates a key with these attributes, and outputs an identifier for the newly created key.</li>
+<li>Optionally call <a class="reference internal" href="#c.psa_reset_key_attributes" title="psa_reset_key_attributes"><code class="xref any c c-func docutils literal"><span class="pre">psa_reset_key_attributes()</span></code></a>, now that the attribute object is no longer needed. Currently this call is not required as the attributes defined in this specification do not require additional resources beyond the object itself.</li>
+</ol>
+<p>A typical sequence to query a key’s attributes is as follows:</p>
+<ol class="arabic simple">
+<li>Call <a class="reference internal" href="#c.psa_get_key_attributes" title="psa_get_key_attributes"><code class="xref any c c-func docutils literal"><span class="pre">psa_get_key_attributes()</span></code></a>.</li>
+<li>Call <code class="docutils literal"><span class="pre">psa_get_key_xxx()</span></code> functions to retrieve the required attribute(s).</li>
+<li>Call <a class="reference internal" href="#c.psa_reset_key_attributes" title="psa_reset_key_attributes"><code class="xref any c c-func docutils literal"><span class="pre">psa_reset_key_attributes()</span></code></a> to free any resources that can be used by the attribute object.</li>
+</ol>
+<p>Once a key has been created, it is impossible to change its attributes.</p>
+</div>
+<div class="section" id="PSA_KEY_ATTRIBUTES_INIT">
+<span id="c.PSA_KEY_ATTRIBUTES_INIT"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_ATTRIBUTES_INIT</span></code> (macro)</h3>
+<p>This macro returns a suitable initializer for a key attribute object of type <a class="reference internal" href="#c.psa_key_attributes_t" title="psa_key_attributes_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_attributes_t</span></code></a>.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_ATTRIBUTES_INIT" title="PSA_KEY_ATTRIBUTES_INIT">PSA_KEY_ATTRIBUTES_INIT</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+</div>
+<div class="section" id="psa_key_attributes_init">
+<span id="c.psa_key_attributes_init"></span><h3><code class="docutils literal"><span class="pre">psa_key_attributes_init</span></code> (function)</h3>
+<p>Return an initial value for a key attribute object.</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> <a class="reference internal" href="#c.psa_key_attributes_init" title="psa_key_attributes_init">psa_key_attributes_init</a>(void);
+</pre>
+<p class="rubric">Returns: <a class="reference internal" href="#c.psa_key_attributes_t" title="psa_key_attributes_t"><code class="docutils literal"><span class="pre">psa_key_attributes_t</span></code></a></p>
+</div>
+<div class="section" id="psa_get_key_attributes">
+<span id="c.psa_get_key_attributes"></span><h3><code class="docutils literal"><span class="pre">psa_get_key_attributes</span></code> (function)</h3>
+<p>Retrieve the attributes of a key.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_get_key_attributes" title="psa_get_key_attributes">psa_get_key_attributes</a>(<a class="reference internal" href="ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to query.</dd>
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd>On entry, <code class="docutils literal"><span class="pre">*attributes</span></code> must be in a valid state. On successful return, it contains the attributes of the key. On failure, it is equivalent to a freshly-initialized attribute object.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+<code class="docutils literal"><span class="pre">attributes</span></code> contains the attributes of the key.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>This function first resets the attribute object as with <a class="reference internal" href="#c.psa_reset_key_attributes" title="psa_reset_key_attributes"><code class="xref any c c-func docutils literal"><span class="pre">psa_reset_key_attributes()</span></code></a>. It then copies the attributes of the given key into the given attribute object.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">This function clears any previous content from the attribute object and therefore expects it to be in a valid state. In particular, if this function is called on a newly allocated attribute object, the attribute object must be initialized before calling this function.</p>
+</div>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">This function might allocate memory or other resources. Once this function has been called on an attribute object, <a class="reference internal" href="#c.psa_reset_key_attributes" title="psa_reset_key_attributes"><code class="xref any c c-func docutils literal"><span class="pre">psa_reset_key_attributes()</span></code></a> must be called to free these resources.</p>
+</div>
+</div>
+<div class="section" id="psa_reset_key_attributes">
+<span id="c.psa_reset_key_attributes"></span><h3><code class="docutils literal"><span class="pre">psa_reset_key_attributes</span></code> (function)</h3>
+<p>Reset a key attribute object to a freshly initialized state.</p>
+<pre class="literal-block">
+void <a class="reference internal" href="#c.psa_reset_key_attributes" title="psa_reset_key_attributes">psa_reset_key_attributes</a>(<a class="reference internal" href="#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd>The attribute object to reset.</dd>
+</dl>
+<p class="rubric">Returns: <code class="docutils literal"><span class="pre">void</span></code></p>
+<p class="rubric">Description</p>
+<p>The attribute object must be initialized as described in the documentation of the type <a class="reference internal" href="#c.psa_key_attributes_t" title="psa_key_attributes_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_attributes_t</span></code></a> before calling this function. Once the object has been initialized, this function can be called at any time.</p>
+<p>This function frees any auxiliary resources that the object might contain.</p>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">9. Key management reference</a><ul class="current">
+<li class="toctree-l2 current"><a class="current reference internal" href="#">9.1. Key attributes</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#managing-key-attributes">9.1.1. Managing key attributes</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="types.html">9.2. Key types</a></li>
+<li class="toctree-l2"><a class="reference internal" href="lifetimes.html">9.3. Key lifetimes</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ids.html">9.4. Key identifiers</a></li>
+<li class="toctree-l2"><a class="reference internal" href="policy.html">9.5. Key policies</a></li>
+<li class="toctree-l2"><a class="reference internal" href="management.html">9.6. Key management functions</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="../ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/keys/ids.html b/docs/1.1.0/html/api/keys/ids.html
new file mode 100644
index 0000000..f566a3c
--- /dev/null
+++ b/docs/1.1.0/html/api/keys/ids.html
@@ -0,0 +1,227 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>9.4. Key identifiers — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="9.5. Key policies" href="policy.html" />
+ <link rel="prev" title="9.3. Key lifetimes" href="lifetimes.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="key-identifiers">
+<span id="id1"></span><h1>9.4. Key identifiers</h1>
+<p>Key identifiers are integral values that act as permanent names for persistent keys, or as transient references to volatile keys. Key identifiers use the <a class="reference internal" href="#c.psa_key_id_t" title="psa_key_id_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_id_t</span></code></a> type, and the range of identifier values is divided as follows:</p>
+<dl class="docutils">
+<dt><a class="reference internal" href="#c.PSA_KEY_ID_NULL" title="PSA_KEY_ID_NULL"><code class="docutils literal"><span class="pre">PSA_KEY_ID_NULL</span></code></a><code class="docutils literal"> <span class="pre">=</span> <span class="pre">0</span></code></dt>
+<dd>Reserved as an invalid key identifier.</dd>
+<dt><a class="reference internal" href="#c.PSA_KEY_ID_USER_MIN" title="PSA_KEY_ID_USER_MIN"><code class="docutils literal"><span class="pre">PSA_KEY_ID_USER_MIN</span></code></a><code class="docutils literal"> <span class="pre">–</span> </code><a class="reference internal" href="#c.PSA_KEY_ID_USER_MAX" title="PSA_KEY_ID_USER_MAX"><code class="docutils literal"><span class="pre">PSA_KEY_ID_USER_MAX</span></code></a></dt>
+<dd>Applications can freely choose persistent key identifiers in this range.</dd>
+<dt><a class="reference internal" href="#c.PSA_KEY_ID_VENDOR_MIN" title="PSA_KEY_ID_VENDOR_MIN"><code class="docutils literal"><span class="pre">PSA_KEY_ID_VENDOR_MIN</span></code></a><code class="docutils literal"> <span class="pre">–</span> </code><a class="reference internal" href="#c.PSA_KEY_ID_VENDOR_MAX" title="PSA_KEY_ID_VENDOR_MAX"><code class="docutils literal"><span class="pre">PSA_KEY_ID_VENDOR_MAX</span></code></a></dt>
+<dd>Implementations can define additional persistent key identifiers in this range, and must allocate any volatile key identifiers from this range.</dd>
+</dl>
+<p>Key identifiers outside these ranges are reserved for future use.</p>
+<p>Key identifiers are output from a successful call to one of the key creation functions. For persistent keys, this is the same identifier as the one specified in the key attributes used to create the key. The key identifier remains valid until it is invalidated by passing it to <a class="reference internal" href="management.html#c.psa_destroy_key" title="psa_destroy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_destroy_key()</span></code></a>. A volatile key identifier must not be used after it has been invalidated.</p>
+<p>If an invalid key identifier is provided as a parameter in any function, the function will return <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a>; except for the special case of calling <a class="reference internal" href="management.html#c.psa_destroy_key" title="psa_destroy_key"><code class="docutils literal"><span class="pre">psa_destroy_key</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="#c.PSA_KEY_ID_NULL" title="PSA_KEY_ID_NULL"><code class="docutils literal"><span class="pre">PSA_KEY_ID_NULL</span></code></a><code class="docutils literal"><span class="pre">)</span></code>, which has no effect and always returns <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SUCCESS</span></code></a>.</p>
+<p>Valid key identifiers must have distinct values within the same application. If the implementation provides <a class="reference internal" href="../../about.html#term-caller-isolation"><span class="term">caller isolation</span></a>, then key identifiers are local to each application. That is, the same key identifier in two applications corresponds to two different keys.</p>
+<div class="section" id="key-identifier-type">
+<h2>9.4.1. Key identifier type</h2>
+<div class="section" id="psa_key_id_t">
+<span id="c.psa_key_id_t"></span><h3><code class="docutils literal"><span class="pre">psa_key_id_t</span></code> (type)</h3>
+<p>Key identifier.</p>
+<pre class="literal-block">
+typedef uint32_t <a class="reference internal" href="#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a>;
+</pre>
+<p>A key identifier can be a permanent name for a persistent key, or a transient reference to volatile key. See <a class="reference internal" href="#key-identifiers"><span class="secref">Key identifiers</span></a>.</p>
+</div>
+<div class="section" id="PSA_KEY_ID_NULL">
+<span id="c.PSA_KEY_ID_NULL"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_ID_NULL</span></code> (macro)</h3>
+<p>The null key identifier.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_ID_NULL" title="PSA_KEY_ID_NULL">PSA_KEY_ID_NULL</a> ((<a class="reference internal" href="#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a>)0)
+</pre>
+<p>The null key identifier is always invalid, except when used without in a call to <a class="reference internal" href="management.html#c.psa_destroy_key" title="psa_destroy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_destroy_key()</span></code></a> which will return <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SUCCESS</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_KEY_ID_USER_MIN">
+<span id="c.PSA_KEY_ID_USER_MIN"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_ID_USER_MIN</span></code> (macro)</h3>
+<p>The minimum value for a key identifier chosen by the application.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_ID_USER_MIN" title="PSA_KEY_ID_USER_MIN">PSA_KEY_ID_USER_MIN</a> ((<a class="reference internal" href="#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a>)0x00000001)
+</pre>
+</div>
+<div class="section" id="PSA_KEY_ID_USER_MAX">
+<span id="c.PSA_KEY_ID_USER_MAX"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_ID_USER_MAX</span></code> (macro)</h3>
+<p>The maximum value for a key identifier chosen by the application.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_ID_USER_MAX" title="PSA_KEY_ID_USER_MAX">PSA_KEY_ID_USER_MAX</a> ((<a class="reference internal" href="#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a>)0x3fffffff)
+</pre>
+</div>
+<div class="section" id="PSA_KEY_ID_VENDOR_MIN">
+<span id="c.PSA_KEY_ID_VENDOR_MIN"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_ID_VENDOR_MIN</span></code> (macro)</h3>
+<p>The minimum value for a key identifier chosen by the implementation.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_ID_VENDOR_MIN" title="PSA_KEY_ID_VENDOR_MIN">PSA_KEY_ID_VENDOR_MIN</a> ((<a class="reference internal" href="#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a>)0x40000000)
+</pre>
+</div>
+<div class="section" id="PSA_KEY_ID_VENDOR_MAX">
+<span id="c.PSA_KEY_ID_VENDOR_MAX"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_ID_VENDOR_MAX</span></code> (macro)</h3>
+<p>The maximum value for a key identifier chosen by the implementation.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_ID_VENDOR_MAX" title="PSA_KEY_ID_VENDOR_MAX">PSA_KEY_ID_VENDOR_MAX</a> ((<a class="reference internal" href="#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a>)0x7fffffff)
+</pre>
+</div>
+</div>
+<div class="section" id="attribute-accessors">
+<h2>9.4.2. Attribute accessors</h2>
+<div class="section" id="psa_set_key_id">
+<span id="c.psa_set_key_id"></span><h3><code class="docutils literal"><span class="pre">psa_set_key_id</span></code> (function)</h3>
+<p>Declare a key as persistent and set its key identifier.</p>
+<pre class="literal-block">
+void <a class="reference internal" href="#c.psa_set_key_id" title="psa_set_key_id">psa_set_key_id</a>(<a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ <a class="reference internal" href="#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> id);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd>The attribute object to write to.</dd>
+<dt> <code class="docutils literal"><span class="pre">id</span></code></dt>
+<dd>The persistent identifier for the key.</dd>
+</dl>
+<p class="rubric">Returns: <code class="docutils literal"><span class="pre">void</span></code></p>
+<p class="rubric">Description</p>
+<p>The application must choose a value for <code class="docutils literal"><span class="pre">id</span></code> between <a class="reference internal" href="#c.PSA_KEY_ID_USER_MIN" title="PSA_KEY_ID_USER_MIN"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_ID_USER_MIN</span></code></a> and <a class="reference internal" href="#c.PSA_KEY_ID_USER_MAX" title="PSA_KEY_ID_USER_MAX"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_ID_USER_MAX</span></code></a>.</p>
+<p>If the attribute object currently declares the key as volatile, which is the default lifetime of an attribute object, this function sets the lifetime attribute to <a class="reference internal" href="lifetimes.html#c.PSA_KEY_LIFETIME_PERSISTENT" title="PSA_KEY_LIFETIME_PERSISTENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_LIFETIME_PERSISTENT</span></code></a>.</p>
+<p>This function does not access storage, it merely stores the given value in the attribute object. The persistent key will be written to storage when the attribute object is passed to a key creation function such as <a class="reference internal" href="management.html#c.psa_import_key" title="psa_import_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_import_key()</span></code></a>, <a class="reference internal" href="management.html#c.psa_generate_key" title="psa_generate_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_generate_key()</span></code></a>, <a class="reference internal" href="../ops/kdf.html#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a> or <a class="reference internal" href="management.html#c.psa_copy_key" title="psa_copy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_copy_key()</span></code></a>.</p>
+<div class="admonition-implementation-note admonition">
+<p class="first admonition-title">Implementation note</p>
+<p class="last">This is a simple accessor function that is not required to validate its inputs. It can be efficiently implemented as a <code class="docutils literal"><span class="pre">static</span> <span class="pre">inline</span></code> function or a function-like-macro.</p>
+</div>
+</div>
+<div class="section" id="psa_get_key_id">
+<span id="c.psa_get_key_id"></span><h3><code class="docutils literal"><span class="pre">psa_get_key_id</span></code> (function)</h3>
+<p>Retrieve the key identifier from key attributes.</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> <a class="reference internal" href="#c.psa_get_key_id" title="psa_get_key_id">psa_get_key_id</a>(const <a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd>The key attribute object to query.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="#c.psa_key_id_t" title="psa_key_id_t"><code class="docutils literal"><span class="pre">psa_key_id_t</span></code></a></p>
+<p>The persistent identifier stored in the attribute object. This value is unspecified if the attribute object declares the key as volatile.</p>
+<p class="rubric">Description</p>
+<div class="admonition-implementation-note admonition">
+<p class="first admonition-title">Implementation note</p>
+<p class="last">This is a simple accessor function that is not required to validate its inputs. It can be efficiently implemented as a <code class="docutils literal"><span class="pre">static</span> <span class="pre">inline</span></code> function or a function-like-macro.</p>
+</div>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">9. Key management reference</a><ul class="current">
+<li class="toctree-l2"><a class="reference internal" href="attributes.html">9.1. Key attributes</a></li>
+<li class="toctree-l2"><a class="reference internal" href="types.html">9.2. Key types</a></li>
+<li class="toctree-l2"><a class="reference internal" href="lifetimes.html">9.3. Key lifetimes</a></li>
+<li class="toctree-l2 current"><a class="current reference internal" href="#">9.4. Key identifiers</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#key-identifier-type">9.4.1. Key identifier type</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#attribute-accessors">9.4.2. Attribute accessors</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="policy.html">9.5. Key policies</a></li>
+<li class="toctree-l2"><a class="reference internal" href="management.html">9.6. Key management functions</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="../ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/keys/index.html b/docs/1.1.0/html/api/keys/index.html
new file mode 100644
index 0000000..10819c9
--- /dev/null
+++ b/docs/1.1.0/html/api/keys/index.html
@@ -0,0 +1,307 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>9. Key management reference — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="9.1. Key attributes" href="attributes.html" />
+ <link rel="prev" title="8.2. PSA Crypto library" href="../library/library.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="key-management-reference">
+<span id="key-management"></span><h1>9. Key management reference</h1>
+<div class="toctree-wrapper compound">
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="attributes.html">9.1. Key attributes</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="attributes.html#managing-key-attributes">9.1.1. Managing key attributes</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="attributes.html#psa_key_attributes_t"><code class="docutils literal"><span class="pre">psa_key_attributes_t</span></code> (type)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="attributes.html#PSA_KEY_ATTRIBUTES_INIT"><code class="docutils literal"><span class="pre">PSA_KEY_ATTRIBUTES_INIT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="attributes.html#psa_key_attributes_init"><code class="docutils literal"><span class="pre">psa_key_attributes_init</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="attributes.html#psa_get_key_attributes"><code class="docutils literal"><span class="pre">psa_get_key_attributes</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="attributes.html#psa_reset_key_attributes"><code class="docutils literal"><span class="pre">psa_reset_key_attributes</span></code> (function)</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="types.html">9.2. Key types</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="types.html#key-type-encoding">9.2.1. Key type encoding</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="types.html#psa_key_type_t"><code class="docutils literal"><span class="pre">psa_key_type_t</span></code> (type)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_NONE"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_NONE</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="types.html#key-categories">9.2.2. Key categories</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_IS_UNSTRUCTURED"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_UNSTRUCTURED</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_IS_ASYMMETRIC"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_ASYMMETRIC</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_IS_PUBLIC_KEY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_PUBLIC_KEY</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_IS_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_KEY_PAIR</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="types.html#symmetric-keys">9.2.3. Symmetric keys</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_RAW_DATA"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_RAW_DATA</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_HMAC"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_HMAC</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_DERIVE"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DERIVE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_PASSWORD"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_PASSWORD_HASH"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD_HASH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_PEPPER"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_PEPPER</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_AES"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_ARIA"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ARIA</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_DES"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DES</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_CAMELLIA"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_CAMELLIA</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_SM4"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_SM4</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_ARC4"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ARC4</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_CHACHA20"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_CHACHA20</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="types.html#rsa-keys">9.2.4. RSA keys</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_RSA_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_KEY_PAIR</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_RSA_PUBLIC_KEY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_PUBLIC_KEY</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_IS_RSA"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_RSA</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="types.html#elliptic-curve-keys">9.2.5. Elliptic Curve keys</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="types.html#psa_ecc_family_t"><code class="docutils literal"><span class="pre">psa_ecc_family_t</span></code> (type)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_ECC_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_KEY_PAIR</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_ECC_PUBLIC_KEY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_PUBLIC_KEY</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_ECC_FAMILY_SECP_K1"><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_K1</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_ECC_FAMILY_SECP_R1"><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_R1</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_ECC_FAMILY_SECP_R2"><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_R2</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_ECC_FAMILY_SECT_K1"><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_K1</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_ECC_FAMILY_SECT_R1"><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_R1</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_ECC_FAMILY_SECT_R2"><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_R2</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_ECC_FAMILY_BRAINPOOL_P_R1"><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_BRAINPOOL_P_R1</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_ECC_FAMILY_FRP"><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_FRP</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_ECC_FAMILY_MONTGOMERY"><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_MONTGOMERY</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_ECC_FAMILY_TWISTED_EDWARDS"><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_TWISTED_EDWARDS</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_IS_ECC"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_ECC</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_IS_ECC_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_ECC_KEY_PAIR</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_ECC_GET_FAMILY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_GET_FAMILY</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="types.html#diffie-hellman-keys">9.2.6. Diffie Hellman keys</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="types.html#psa_dh_family_t"><code class="docutils literal"><span class="pre">psa_dh_family_t</span></code> (type)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_DH_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DH_KEY_PAIR</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_DH_PUBLIC_KEY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DH_PUBLIC_KEY</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_DH_FAMILY_RFC7919"><code class="docutils literal"><span class="pre">PSA_DH_FAMILY_RFC7919</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_IS_DH"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_DH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_IS_DH_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_DH_KEY_PAIR</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_IS_DH_PUBLIC_KEY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_DH_PUBLIC_KEY</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#PSA_KEY_TYPE_DH_GET_FAMILY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DH_GET_FAMILY</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="types.html#attribute-accessors">9.2.7. Attribute accessors</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="types.html#psa_set_key_type"><code class="docutils literal"><span class="pre">psa_set_key_type</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#psa_get_key_type"><code class="docutils literal"><span class="pre">psa_get_key_type</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#psa_get_key_bits"><code class="docutils literal"><span class="pre">psa_get_key_bits</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="types.html#psa_set_key_bits"><code class="docutils literal"><span class="pre">psa_set_key_bits</span></code> (function)</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="lifetimes.html">9.3. Key lifetimes</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="lifetimes.html#volatile-keys">9.3.1. Volatile keys</a></li>
+<li class="toctree-l2"><a class="reference internal" href="lifetimes.html#persistent-keys">9.3.2. Persistent keys</a></li>
+<li class="toctree-l2"><a class="reference internal" href="lifetimes.html#lifetime-encodings">9.3.3. Lifetime encodings</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="lifetimes.html#psa_key_lifetime_t"><code class="docutils literal"><span class="pre">psa_key_lifetime_t</span></code> (type)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="lifetimes.html#psa_key_persistence_t"><code class="docutils literal"><span class="pre">psa_key_persistence_t</span></code> (type)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="lifetimes.html#psa_key_location_t"><code class="docutils literal"><span class="pre">psa_key_location_t</span></code> (type)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="lifetimes.html#lifetime-values">9.3.4. Lifetime values</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="lifetimes.html#PSA_KEY_LIFETIME_VOLATILE"><code class="docutils literal"><span class="pre">PSA_KEY_LIFETIME_VOLATILE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="lifetimes.html#PSA_KEY_LIFETIME_PERSISTENT"><code class="docutils literal"><span class="pre">PSA_KEY_LIFETIME_PERSISTENT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="lifetimes.html#PSA_KEY_PERSISTENCE_VOLATILE"><code class="docutils literal"><span class="pre">PSA_KEY_PERSISTENCE_VOLATILE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="lifetimes.html#PSA_KEY_PERSISTENCE_DEFAULT"><code class="docutils literal"><span class="pre">PSA_KEY_PERSISTENCE_DEFAULT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="lifetimes.html#PSA_KEY_PERSISTENCE_READ_ONLY"><code class="docutils literal"><span class="pre">PSA_KEY_PERSISTENCE_READ_ONLY</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="lifetimes.html#PSA_KEY_LOCATION_LOCAL_STORAGE"><code class="docutils literal"><span class="pre">PSA_KEY_LOCATION_LOCAL_STORAGE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="lifetimes.html#PSA_KEY_LOCATION_PRIMARY_SECURE_ELEMENT"><code class="docutils literal"><span class="pre">PSA_KEY_LOCATION_PRIMARY_SECURE_ELEMENT</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="lifetimes.html#attribute-accessors">9.3.5. Attribute accessors</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="lifetimes.html#psa_set_key_lifetime"><code class="docutils literal"><span class="pre">psa_set_key_lifetime</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="lifetimes.html#psa_get_key_lifetime"><code class="docutils literal"><span class="pre">psa_get_key_lifetime</span></code> (function)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="lifetimes.html#support-macros">9.3.6. Support macros</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="lifetimes.html#PSA_KEY_LIFETIME_GET_PERSISTENCE"><code class="docutils literal"><span class="pre">PSA_KEY_LIFETIME_GET_PERSISTENCE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="lifetimes.html#PSA_KEY_LIFETIME_GET_LOCATION"><code class="docutils literal"><span class="pre">PSA_KEY_LIFETIME_GET_LOCATION</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="lifetimes.html#PSA_KEY_LIFETIME_IS_VOLATILE"><code class="docutils literal"><span class="pre">PSA_KEY_LIFETIME_IS_VOLATILE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="lifetimes.html#PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION"><code class="docutils literal"><span class="pre">PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION</span></code> (macro)</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="ids.html">9.4. Key identifiers</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="ids.html#key-identifier-type">9.4.1. Key identifier type</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="ids.html#psa_key_id_t"><code class="docutils literal"><span class="pre">psa_key_id_t</span></code> (type)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ids.html#PSA_KEY_ID_NULL"><code class="docutils literal"><span class="pre">PSA_KEY_ID_NULL</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ids.html#PSA_KEY_ID_USER_MIN"><code class="docutils literal"><span class="pre">PSA_KEY_ID_USER_MIN</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ids.html#PSA_KEY_ID_USER_MAX"><code class="docutils literal"><span class="pre">PSA_KEY_ID_USER_MAX</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ids.html#PSA_KEY_ID_VENDOR_MIN"><code class="docutils literal"><span class="pre">PSA_KEY_ID_VENDOR_MIN</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ids.html#PSA_KEY_ID_VENDOR_MAX"><code class="docutils literal"><span class="pre">PSA_KEY_ID_VENDOR_MAX</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="ids.html#attribute-accessors">9.4.2. Attribute accessors</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="ids.html#psa_set_key_id"><code class="docutils literal"><span class="pre">psa_set_key_id</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ids.html#psa_get_key_id"><code class="docutils literal"><span class="pre">psa_get_key_id</span></code> (function)</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="policy.html">9.5. Key policies</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="policy.html#permitted-algorithms">9.5.1. Permitted algorithms</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="policy.html#psa_set_key_algorithm"><code class="docutils literal"><span class="pre">psa_set_key_algorithm</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="policy.html#psa_get_key_algorithm"><code class="docutils literal"><span class="pre">psa_get_key_algorithm</span></code> (function)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="policy.html#key-usage-flags">9.5.2. Key usage flags</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="policy.html#psa_key_usage_t"><code class="docutils literal"><span class="pre">psa_key_usage_t</span></code> (type)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="policy.html#PSA_KEY_USAGE_EXPORT"><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_EXPORT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="policy.html#PSA_KEY_USAGE_COPY"><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_COPY</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="policy.html#PSA_KEY_USAGE_CACHE"><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_CACHE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="policy.html#PSA_KEY_USAGE_ENCRYPT"><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_ENCRYPT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="policy.html#PSA_KEY_USAGE_DECRYPT"><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_DECRYPT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="policy.html#PSA_KEY_USAGE_SIGN_MESSAGE"><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="policy.html#PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="policy.html#PSA_KEY_USAGE_SIGN_HASH"><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_HASH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="policy.html#PSA_KEY_USAGE_VERIFY_HASH"><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_HASH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="policy.html#PSA_KEY_USAGE_DERIVE"><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_DERIVE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="policy.html#PSA_KEY_USAGE_VERIFY_DERIVATION"><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_DERIVATION</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="policy.html#psa_set_key_usage_flags"><code class="docutils literal"><span class="pre">psa_set_key_usage_flags</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="policy.html#psa_get_key_usage_flags"><code class="docutils literal"><span class="pre">psa_get_key_usage_flags</span></code> (function)</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="management.html">9.6. Key management functions</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="management.html#key-creation">9.6.1. Key creation</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="management.html#psa_import_key"><code class="docutils literal"><span class="pre">psa_import_key</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="management.html#psa_generate_key"><code class="docutils literal"><span class="pre">psa_generate_key</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="management.html#psa_copy_key"><code class="docutils literal"><span class="pre">psa_copy_key</span></code> (function)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="management.html#key-destruction">9.6.2. Key destruction</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="management.html#psa_destroy_key"><code class="docutils literal"><span class="pre">psa_destroy_key</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="management.html#psa_purge_key"><code class="docutils literal"><span class="pre">psa_purge_key</span></code> (function)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="management.html#key-export">9.6.3. Key export</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="management.html#psa_export_key"><code class="docutils literal"><span class="pre">psa_export_key</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="management.html#psa_export_public_key"><code class="docutils literal"><span class="pre">psa_export_public_key</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="management.html#PSA_EXPORT_KEY_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_EXPORT_KEY_OUTPUT_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="management.html#PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="management.html#PSA_EXPORT_KEY_PAIR_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_EXPORT_KEY_PAIR_MAX_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="management.html#PSA_EXPORT_PUBLIC_KEY_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_EXPORT_PUBLIC_KEY_MAX_SIZE</span></code> (macro)</a></li>
+</ul>
+</li>
+</ul>
+</li>
+</ul>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1 current"><a class="current reference internal" href="#">9. Key management reference</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="attributes.html">9.1. Key attributes</a></li>
+<li class="toctree-l2"><a class="reference internal" href="types.html">9.2. Key types</a></li>
+<li class="toctree-l2"><a class="reference internal" href="lifetimes.html">9.3. Key lifetimes</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ids.html">9.4. Key identifiers</a></li>
+<li class="toctree-l2"><a class="reference internal" href="policy.html">9.5. Key policies</a></li>
+<li class="toctree-l2"><a class="reference internal" href="management.html">9.6. Key management functions</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="../ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/keys/lifetimes.html b/docs/1.1.0/html/api/keys/lifetimes.html
new file mode 100644
index 0000000..4cad3f0
--- /dev/null
+++ b/docs/1.1.0/html/api/keys/lifetimes.html
@@ -0,0 +1,465 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>9.3. Key lifetimes — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="9.4. Key identifiers" href="ids.html" />
+ <link rel="prev" title="9.2. Key types" href="types.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="key-lifetimes">
+<span id="id1"></span><h1>9.3. Key lifetimes</h1>
+<p>The lifetime of a key indicates where it is stored and which application and system actions will create and destroy it.</p>
+<p>Lifetime values are composed from:</p>
+<ul class="simple">
+<li>A persistence level, which indicates what device management actions can cause it to be destroyed. In particular, it indicates whether the key is volatile or persistent. See <a class="reference internal" href="#c.psa_key_persistence_t" title="psa_key_persistence_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_persistence_t</span></code></a> for more information.</li>
+<li>A location indicator, which indicates where the key is stored and where operations on the key are performed. See <a class="reference internal" href="#c.psa_key_location_t" title="psa_key_location_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_location_t</span></code></a> for more information.</li>
+</ul>
+<p>There are two main types of lifetime, indicated by the persistence level: <em>volatile</em> and <em>persistent</em>.</p>
+<div class="section" id="volatile-keys">
+<h2>9.3.1. Volatile keys</h2>
+<p>Volatile keys are automatically destroyed when the application instance terminates or on a power reset of the device. Volatile keys can be explicitly destroyed by the application.</p>
+<p>Conceptually, a volatile key is stored in RAM. Volatile keys have the lifetime <a class="reference internal" href="#c.PSA_KEY_LIFETIME_VOLATILE" title="PSA_KEY_LIFETIME_VOLATILE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_LIFETIME_VOLATILE</span></code></a>.</p>
+<p>To create a volatile key:</p>
+<ol class="arabic simple">
+<li>Populate a <a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_attributes_t</span></code></a> object with the required type, size, policy and other key attributes.</li>
+<li>Create the key with one of the key creation functions. If successful, these functions output a transient <a class="reference internal" href="ids.html#key-identifiers"><span class="std std-ref">key identifier</span></a>.</li>
+</ol>
+<p>To destroy a volatile key: call <a class="reference internal" href="management.html#c.psa_destroy_key" title="psa_destroy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_destroy_key()</span></code></a> with the key identifier. There must be a matching call to <a class="reference internal" href="management.html#c.psa_destroy_key" title="psa_destroy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_destroy_key()</span></code></a> for each successful call to a create a volatile key.</p>
+</div>
+<div class="section" id="persistent-keys">
+<h2>9.3.2. Persistent keys</h2>
+<p>Persistent keys are preserved until the application explicitly destroys them or until an implementation-specific device management event occurs, for example, a factory reset.</p>
+<p>Each persistent key has a permanent key identifier, which acts as a name for the key.
+Within an application, the key identifier corresponds to a single key. The
+application specifies the key identifier when the key is created and when
+using the key.</p>
+<p>The lifetime attribute of a persistent key indicates how and where it is stored. The default lifetime value for a persistent key is <a class="reference internal" href="#c.PSA_KEY_LIFETIME_PERSISTENT" title="PSA_KEY_LIFETIME_PERSISTENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_LIFETIME_PERSISTENT</span></code></a>, which corresponds to a default storage area. This specification defines how implementations can provide other lifetime values corresponding to
+different storage areas with different retention policies, or to secure elements
+with different security characteristics.</p>
+<p>To create a persistent key:</p>
+<ol class="arabic simple">
+<li>Populate a <a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_attributes_t</span></code></a> object with the key’s type, size, policy and other attributes.</li>
+<li>In the attributes object, set the desired lifetime and persistent identifier for the key.</li>
+<li>Create the key with one of the key creation functions. If successful, these functions output the <a class="reference internal" href="ids.html#key-identifiers"><span class="std std-ref">key identifier</span></a> that was specified by the application in step 2.</li>
+</ol>
+<p>To access an existing persistent key: use the key identifier in any API that requires a key.</p>
+<p>To destroy a persistent key: call <a class="reference internal" href="management.html#c.psa_destroy_key" title="psa_destroy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_destroy_key()</span></code></a> with the key identifier. Destroying a persistent key permanently removes it from memory and storage.</p>
+<p>By default, persistent key material is removed from volatile memory when not in use. Frequently used persistent keys can benefit from caching, depending on the implementation and the application. Caching can be enabled by creating the key with the <a class="reference internal" href="policy.html#c.PSA_KEY_USAGE_CACHE" title="PSA_KEY_USAGE_CACHE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_CACHE</span></code></a> policy. Cached keys can be removed from volatile memory by calling <a class="reference internal" href="management.html#c.psa_purge_key" title="psa_purge_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_purge_key()</span></code></a>. See also <a class="reference internal" href="../../overview/implementation.html#memory-cleanup"><span class="secref">Memory cleanup</span></a> and <a class="reference internal" href="../../overview/implementation.html#key-material"><span class="secref">Managing key material</span></a>.</p>
+</div>
+<div class="section" id="lifetime-encodings">
+<h2>9.3.3. Lifetime encodings</h2>
+<div class="section" id="psa_key_lifetime_t">
+<span id="c.psa_key_lifetime_t"></span><h3><code class="docutils literal"><span class="pre">psa_key_lifetime_t</span></code> (type)</h3>
+<p>Encoding of key lifetimes.</p>
+<pre class="literal-block">
+typedef uint32_t <a class="reference internal" href="#c.psa_key_lifetime_t" title="psa_key_lifetime_t">psa_key_lifetime_t</a>;
+</pre>
+<p>The lifetime of a key indicates where it is stored and which application and system actions will create and destroy it.</p>
+<p>Lifetime values have the following structure:</p>
+<dl class="docutils">
+<dt>Bits[7:0]: Persistence level</dt>
+<dd><p class="first">This value indicates what device management actions can cause it to be destroyed. In particular, it indicates whether the key is <em>volatile</em> or <em>persistent</em>. See <a class="reference internal" href="#c.psa_key_persistence_t" title="psa_key_persistence_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_persistence_t</span></code></a> for more information.</p>
+<p class="last"><a class="reference internal" href="#c.PSA_KEY_LIFETIME_GET_PERSISTENCE" title="PSA_KEY_LIFETIME_GET_PERSISTENCE"><code class="docutils literal"><span class="pre">PSA_KEY_LIFETIME_GET_PERSISTENCE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">lifetime</span></code><code class="docutils literal"><span class="pre">)</span></code> returns the persistence level for a key <code class="docutils literal"><span class="pre">lifetime</span></code> value.</p>
+</dd>
+<dt>Bits[31:8]: Location indicator</dt>
+<dd><p class="first">This value indicates where the key material is stored (or at least where it is accessible in cleartext) and where operations on the key are performed. See <a class="reference internal" href="#c.psa_key_location_t" title="psa_key_location_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_location_t</span></code></a> for more information.</p>
+<p class="last"><a class="reference internal" href="#c.PSA_KEY_LIFETIME_GET_LOCATION" title="PSA_KEY_LIFETIME_GET_LOCATION"><code class="docutils literal"><span class="pre">PSA_KEY_LIFETIME_GET_LOCATION</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">lifetime</span></code><code class="docutils literal"><span class="pre">)</span></code> returns the location indicator for a key <code class="docutils literal"><span class="pre">lifetime</span></code> value.</p>
+</dd>
+</dl>
+<p>Volatile keys are automatically destroyed when the application instance terminates or on a power reset of the device. Persistent keys are preserved until the application explicitly destroys them or until an implementation-specific device management event occurs, for example, a factory reset.</p>
+<p>Persistent keys have a key identifier of type <a class="reference internal" href="ids.html#c.psa_key_id_t" title="psa_key_id_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_id_t</span></code></a>. This identifier remains valid throughout the lifetime of the key, even if the application instance that created the key terminates.</p>
+<p>This specification defines two basic lifetime values:</p>
+<ul class="simple">
+<li>Keys with the lifetime <a class="reference internal" href="#c.PSA_KEY_LIFETIME_VOLATILE" title="PSA_KEY_LIFETIME_VOLATILE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_LIFETIME_VOLATILE</span></code></a> are volatile. All implementations should support this lifetime.</li>
+<li>Keys with the lifetime <a class="reference internal" href="#c.PSA_KEY_LIFETIME_PERSISTENT" title="PSA_KEY_LIFETIME_PERSISTENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_LIFETIME_PERSISTENT</span></code></a> are persistent. All implementations that have access to persistent storage with appropriate security guarantees should support this lifetime.</li>
+</ul>
+</div>
+<div class="section" id="psa_key_persistence_t">
+<span id="c.psa_key_persistence_t"></span><h3><code class="docutils literal"><span class="pre">psa_key_persistence_t</span></code> (type)</h3>
+<p>Encoding of key persistence levels.</p>
+<pre class="literal-block">
+typedef uint8_t <a class="reference internal" href="#c.psa_key_persistence_t" title="psa_key_persistence_t">psa_key_persistence_t</a>;
+</pre>
+<p>What distinguishes different persistence levels is which device management events can cause keys to be destroyed. For example, power reset, transfer of device ownership, or a factory reset are device management events that can affect keys at different persistence levels. The specific management events which affect persistent keys at different levels is outside the scope of the PSA Cryptography specification.</p>
+<p>Values for persistence levels defined by this specification are shown in <span><a class="reference internal" href="#persistence-levels"><span class="numref">Table 3</span></a></span>.</p>
+<table border="1" class="colwidths-given longtable docutils align-left" id="persistence-levels">
+<caption><span class="caption-number">Table 3 </span><span class="caption-text">Key persistence level values</span></caption>
+<colgroup>
+<col width="40%" />
+<col width="60%" />
+</colgroup>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Persistence level</th>
+<th class="head">Definition</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td><code class="docutils literal"><span class="pre">0</span> <span class="pre">=</span> </code><a class="reference internal" href="#c.PSA_KEY_PERSISTENCE_VOLATILE" title="PSA_KEY_PERSISTENCE_VOLATILE"><code class="docutils literal"><span class="pre">PSA_KEY_PERSISTENCE_VOLATILE</span></code></a></td>
+<td><p class="first">Volatile key.</p>
+<p class="last">A volatile key is automatically destroyed by the implementation when the application instance terminates. In particular, a volatile key is automatically destroyed on a power reset of the device.</p>
+</td>
+</tr>
+<tr class="row-odd"><td><code class="docutils literal"><span class="pre">1</span> <span class="pre">=</span> </code><a class="reference internal" href="#c.PSA_KEY_PERSISTENCE_DEFAULT" title="PSA_KEY_PERSISTENCE_DEFAULT"><code class="docutils literal"><span class="pre">PSA_KEY_PERSISTENCE_DEFAULT</span></code></a></td>
+<td><p class="first">Persistent key with a default lifetime.</p>
+<p class="last">Implementations should support this value if they support persistent keys at all. Applications should use this value if they have no specific needs that are only met by implementation-specific features.</p>
+</td>
+</tr>
+<tr class="row-even"><td><code class="docutils literal"><span class="pre">2</span> <span class="pre">–</span> <span class="pre">127</span></code></td>
+<td><p class="first">Persistent key with a PSA-specified lifetime.</p>
+<p class="last">The PSA Cryptography specification does not define the meaning of these values, but other PSA specifications may do so.</p>
+</td>
+</tr>
+<tr class="row-odd"><td><code class="docutils literal"><span class="pre">128</span> <span class="pre">–</span> <span class="pre">254</span></code></td>
+<td><p class="first">Persistent key with a vendor-specified lifetime.</p>
+<p class="last">No PSA specification will define the meaning of these values, so implementations may choose the meaning freely. As a guideline, higher persistence levels should cause a key to survive more management events than lower levels.</p>
+</td>
+</tr>
+<tr class="row-even"><td><code class="docutils literal"><span class="pre">255</span> <span class="pre">=</span> </code><a class="reference internal" href="#c.PSA_KEY_PERSISTENCE_READ_ONLY" title="PSA_KEY_PERSISTENCE_READ_ONLY"><code class="docutils literal"><span class="pre">PSA_KEY_PERSISTENCE_READ_ONLY</span></code></a></td>
+<td><p class="first">Read-only or write-once key.</p>
+<p>A key with this persistence level cannot be destroyed. Implementations that support such keys may either allow their creation through the PSA Cryptography API, preferably only to applications with the appropriate privilege, or only expose keys created through implementation-specific means such as a factory ROM engraving process.</p>
+<p class="last">Note that keys that are read-only due to policy restrictions rather than due to physical limitations should not have this persistence level.</p>
+</td>
+</tr>
+</tbody>
+</table>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">Key persistence levels are 8-bit values. Key management interfaces operate on lifetimes (type <a class="reference internal" href="#c.psa_key_lifetime_t" title="psa_key_lifetime_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_lifetime_t</span></code></a>), and encode the persistence value as the lower 8 bits of a 32-bit value.</p>
+</div>
+</div>
+<div class="section" id="psa_key_location_t">
+<span id="c.psa_key_location_t"></span><h3><code class="docutils literal"><span class="pre">psa_key_location_t</span></code> (type)</h3>
+<p>Encoding of key location indicators.</p>
+<pre class="literal-block">
+typedef uint32_t <a class="reference internal" href="#c.psa_key_location_t" title="psa_key_location_t">psa_key_location_t</a>;
+</pre>
+<p>If an implementation of this API can make calls to external cryptoprocessors such as secure elements, the location of a key indicates which secure element performs the operations on the key. If the key material is not stored persistently inside the secure element, it must be stored in a wrapped form such that only the secure element can access the key material in cleartext.</p>
+<p>Values for location indicators defined by this specification are shown in <span><a class="reference internal" href="#location-indicators"><span class="numref">Table 4</span></a></span>.</p>
+<table border="1" class="colwidths-given longtable docutils align-left" id="location-indicators">
+<caption><span class="caption-number">Table 4 </span><span class="caption-text">Key location indicator values</span></caption>
+<colgroup>
+<col width="25%" />
+<col width="75%" />
+</colgroup>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Location indicator</th>
+<th class="head">Definition</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td><code class="docutils literal"><span class="pre">0</span></code></td>
+<td><p class="first">Primary local storage.</p>
+<p class="last">All implementations should support this value. The primary local storage is typically the same storage area that contains the key metadata.</p>
+</td>
+</tr>
+<tr class="row-odd"><td><code class="docutils literal"><span class="pre">1</span></code></td>
+<td><p class="first">Primary secure element.</p>
+<p class="last">Implementations should support this value if there is a secure element attached to the operating environment. As a guideline, secure elements may provide higher resistance against side channel and physical attacks than the primary local storage, but may have restrictions on supported key types, sizes, policies and operations and may have different performance characteristics.</p>
+</td>
+</tr>
+<tr class="row-even"><td><code class="docutils literal"><span class="pre">2</span> <span class="pre">–</span> <span class="pre">0x7fffff</span></code></td>
+<td><p class="first">Other locations defined by a PSA specification.</p>
+<p class="last">The PSA Cryptography API does not currently assign any meaning to these locations, but future versions of this specification or other PSA specifications may do so.</p>
+</td>
+</tr>
+<tr class="row-odd"><td><code class="docutils literal"><span class="pre">0x800000</span> <span class="pre">–</span> <span class="pre">0xffffff</span></code></td>
+<td><p class="first">Vendor-defined locations.</p>
+<p class="last">No PSA specification will assign a meaning to locations in this range.</p>
+</td>
+</tr>
+</tbody>
+</table>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">Key location indicators are 24-bit values. Key management interfaces operate on lifetimes (type <a class="reference internal" href="#c.psa_key_lifetime_t" title="psa_key_lifetime_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_lifetime_t</span></code></a>), and encode the location as the upper 24 bits of a 32-bit value.</p>
+</div>
+</div>
+</div>
+<div class="section" id="lifetime-values">
+<h2>9.3.4. Lifetime values</h2>
+<div class="section" id="PSA_KEY_LIFETIME_VOLATILE">
+<span id="c.PSA_KEY_LIFETIME_VOLATILE"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_LIFETIME_VOLATILE</span></code> (macro)</h3>
+<p>The default lifetime for volatile keys.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_LIFETIME_VOLATILE" title="PSA_KEY_LIFETIME_VOLATILE">PSA_KEY_LIFETIME_VOLATILE</a> ((<a class="reference internal" href="#c.psa_key_lifetime_t" title="psa_key_lifetime_t">psa_key_lifetime_t</a>) 0x00000000)
+</pre>
+<p>A volatile key only exists as long as its identifier is not destroyed. The key material is guaranteed to be erased on a power reset.</p>
+<p>A key with this lifetime is typically stored in the RAM area of the PSA Crypto subsystem. However this is an implementation choice. If an implementation stores data about the key in a non-volatile memory, it must release all the resources associated with the key and erase the key material if the calling application terminates.</p>
+</div>
+<div class="section" id="PSA_KEY_LIFETIME_PERSISTENT">
+<span id="c.PSA_KEY_LIFETIME_PERSISTENT"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_LIFETIME_PERSISTENT</span></code> (macro)</h3>
+<p>The default lifetime for persistent keys.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_LIFETIME_PERSISTENT" title="PSA_KEY_LIFETIME_PERSISTENT">PSA_KEY_LIFETIME_PERSISTENT</a> ((<a class="reference internal" href="#c.psa_key_lifetime_t" title="psa_key_lifetime_t">psa_key_lifetime_t</a>) 0x00000001)
+</pre>
+<p>A persistent key remains in storage until it is explicitly destroyed or until the corresponding storage area is wiped. This specification does not define any mechanism to wipe a storage area. Implementations are permitted to provide their own mechanism, for example, to perform a factory reset, to prepare for device refurbishment, or to uninstall an application.</p>
+<p>This lifetime value is the default storage area for the calling application. Implementations can offer other storage areas designated by other lifetime values as implementation-specific extensions.</p>
+</div>
+<div class="section" id="PSA_KEY_PERSISTENCE_VOLATILE">
+<span id="c.PSA_KEY_PERSISTENCE_VOLATILE"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_PERSISTENCE_VOLATILE</span></code> (macro)</h3>
+<p>The persistence level of volatile keys.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_PERSISTENCE_VOLATILE" title="PSA_KEY_PERSISTENCE_VOLATILE">PSA_KEY_PERSISTENCE_VOLATILE</a> ((<a class="reference internal" href="#c.psa_key_persistence_t" title="psa_key_persistence_t">psa_key_persistence_t</a>) 0x00)
+</pre>
+<p>See <a class="reference internal" href="#c.psa_key_persistence_t" title="psa_key_persistence_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_persistence_t</span></code></a> for more information.</p>
+</div>
+<div class="section" id="PSA_KEY_PERSISTENCE_DEFAULT">
+<span id="c.PSA_KEY_PERSISTENCE_DEFAULT"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_PERSISTENCE_DEFAULT</span></code> (macro)</h3>
+<p>The default persistence level for persistent keys.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_PERSISTENCE_DEFAULT" title="PSA_KEY_PERSISTENCE_DEFAULT">PSA_KEY_PERSISTENCE_DEFAULT</a> ((<a class="reference internal" href="#c.psa_key_persistence_t" title="psa_key_persistence_t">psa_key_persistence_t</a>) 0x01)
+</pre>
+<p>See <a class="reference internal" href="#c.psa_key_persistence_t" title="psa_key_persistence_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_persistence_t</span></code></a> for more information.</p>
+</div>
+<div class="section" id="PSA_KEY_PERSISTENCE_READ_ONLY">
+<span id="c.PSA_KEY_PERSISTENCE_READ_ONLY"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_PERSISTENCE_READ_ONLY</span></code> (macro)</h3>
+<p>A persistence level indicating that a key is never destroyed.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_PERSISTENCE_READ_ONLY" title="PSA_KEY_PERSISTENCE_READ_ONLY">PSA_KEY_PERSISTENCE_READ_ONLY</a> ((<a class="reference internal" href="#c.psa_key_persistence_t" title="psa_key_persistence_t">psa_key_persistence_t</a>) 0xff)
+</pre>
+<p>See <a class="reference internal" href="#c.psa_key_persistence_t" title="psa_key_persistence_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_persistence_t</span></code></a> for more information.</p>
+</div>
+<div class="section" id="PSA_KEY_LOCATION_LOCAL_STORAGE">
+<span id="c.PSA_KEY_LOCATION_LOCAL_STORAGE"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_LOCATION_LOCAL_STORAGE</span></code> (macro)</h3>
+<p>The local storage area for persistent keys.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_LOCATION_LOCAL_STORAGE" title="PSA_KEY_LOCATION_LOCAL_STORAGE">PSA_KEY_LOCATION_LOCAL_STORAGE</a> ((<a class="reference internal" href="#c.psa_key_location_t" title="psa_key_location_t">psa_key_location_t</a>) 0x000000)
+</pre>
+<p>This storage area is available on all systems that can store persistent keys without delegating the storage to a third-party cryptoprocessor.</p>
+<p>See <a class="reference internal" href="#c.psa_key_location_t" title="psa_key_location_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_location_t</span></code></a> for more information.</p>
+</div>
+<div class="section" id="PSA_KEY_LOCATION_PRIMARY_SECURE_ELEMENT">
+<span id="c.PSA_KEY_LOCATION_PRIMARY_SECURE_ELEMENT"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_LOCATION_PRIMARY_SECURE_ELEMENT</span></code> (macro)</h3>
+<p>The default secure element storage area for persistent keys.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_LOCATION_PRIMARY_SECURE_ELEMENT" title="PSA_KEY_LOCATION_PRIMARY_SECURE_ELEMENT">PSA_KEY_LOCATION_PRIMARY_SECURE_ELEMENT</a> ((<a class="reference internal" href="#c.psa_key_location_t" title="psa_key_location_t">psa_key_location_t</a>) 0x000001)
+</pre>
+<p>This storage location is available on systems that have one or more secure elements that are able to store keys.</p>
+<p>Vendor-defined locations must be provided by the system for storing keys in additional secure elements.</p>
+<p>See <a class="reference internal" href="#c.psa_key_location_t" title="psa_key_location_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_location_t</span></code></a> for more information.</p>
+</div>
+</div>
+<div class="section" id="attribute-accessors">
+<h2>9.3.5. Attribute accessors</h2>
+<div class="section" id="psa_set_key_lifetime">
+<span id="c.psa_set_key_lifetime"></span><h3><code class="docutils literal"><span class="pre">psa_set_key_lifetime</span></code> (function)</h3>
+<p>Set the location of a persistent key.</p>
+<pre class="literal-block">
+void <a class="reference internal" href="#c.psa_set_key_lifetime" title="psa_set_key_lifetime">psa_set_key_lifetime</a>(<a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ <a class="reference internal" href="#c.psa_key_lifetime_t" title="psa_key_lifetime_t">psa_key_lifetime_t</a> lifetime);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd>The attribute object to write to.</dd>
+<dt> <code class="docutils literal"><span class="pre">lifetime</span></code></dt>
+<dd>The lifetime for the key. If this is <a class="reference internal" href="#c.PSA_KEY_LIFETIME_VOLATILE" title="PSA_KEY_LIFETIME_VOLATILE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_LIFETIME_VOLATILE</span></code></a>, the key will be volatile, and the key identifier attribute is reset to <a class="reference internal" href="ids.html#c.PSA_KEY_ID_NULL" title="PSA_KEY_ID_NULL"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_ID_NULL</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns: <code class="docutils literal"><span class="pre">void</span></code></p>
+<p class="rubric">Description</p>
+<p>To make a key persistent, give it a persistent key identifier by using <a class="reference internal" href="ids.html#c.psa_set_key_id" title="psa_set_key_id"><code class="xref any c c-func docutils literal"><span class="pre">psa_set_key_id()</span></code></a>. By default, a key that has a persistent identifier is stored in the default storage area identifier by <a class="reference internal" href="#c.PSA_KEY_LIFETIME_PERSISTENT" title="PSA_KEY_LIFETIME_PERSISTENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_LIFETIME_PERSISTENT</span></code></a>. Call this function to choose a storage area, or to explicitly declare the key as volatile.</p>
+<p>This function does not access storage, it merely stores the given value in the attribute object. The persistent key will be written to storage when the attribute object is passed to a key creation function such as <a class="reference internal" href="management.html#c.psa_import_key" title="psa_import_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_import_key()</span></code></a>, <a class="reference internal" href="management.html#c.psa_generate_key" title="psa_generate_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_generate_key()</span></code></a>, <a class="reference internal" href="../ops/kdf.html#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a> or <a class="reference internal" href="management.html#c.psa_copy_key" title="psa_copy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_copy_key()</span></code></a>.</p>
+<div class="admonition-implementation-note admonition">
+<p class="first admonition-title">Implementation note</p>
+<p class="last">This is a simple accessor function that is not required to validate its inputs. It can be efficiently implemented as a <code class="docutils literal"><span class="pre">static</span> <span class="pre">inline</span></code> function or a function-like-macro.</p>
+</div>
+</div>
+<div class="section" id="psa_get_key_lifetime">
+<span id="c.psa_get_key_lifetime"></span><h3><code class="docutils literal"><span class="pre">psa_get_key_lifetime</span></code> (function)</h3>
+<p>Retrieve the lifetime from key attributes.</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_key_lifetime_t" title="psa_key_lifetime_t">psa_key_lifetime_t</a> <a class="reference internal" href="#c.psa_get_key_lifetime" title="psa_get_key_lifetime">psa_get_key_lifetime</a>(const <a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd>The key attribute object to query.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="#c.psa_key_lifetime_t" title="psa_key_lifetime_t"><code class="docutils literal"><span class="pre">psa_key_lifetime_t</span></code></a></p>
+<p>The lifetime value stored in the attribute object.</p>
+<p class="rubric">Description</p>
+<div class="admonition-implementation-note admonition">
+<p class="first admonition-title">Implementation note</p>
+<p class="last">This is a simple accessor function that is not required to validate its inputs. It can be efficiently implemented as a <code class="docutils literal"><span class="pre">static</span> <span class="pre">inline</span></code> function or a function-like-macro.</p>
+</div>
+</div>
+</div>
+<div class="section" id="support-macros">
+<h2>9.3.6. Support macros</h2>
+<div class="section" id="PSA_KEY_LIFETIME_GET_PERSISTENCE">
+<span id="c.PSA_KEY_LIFETIME_GET_PERSISTENCE"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_LIFETIME_GET_PERSISTENCE</span></code> (macro)</h3>
+<p>Extract the persistence level from a key lifetime.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_LIFETIME_GET_PERSISTENCE" title="PSA_KEY_LIFETIME_GET_PERSISTENCE">PSA_KEY_LIFETIME_GET_PERSISTENCE</a>(lifetime) \
+ ((<a class="reference internal" href="#c.psa_key_persistence_t" title="psa_key_persistence_t">psa_key_persistence_t</a>) ((lifetime) & 0x000000ff))
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">lifetime</span></code></dt>
+<dd>The lifetime value to query: a value of type <a class="reference internal" href="#c.psa_key_lifetime_t" title="psa_key_lifetime_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_lifetime_t</span></code></a>.</dd>
+</dl>
+</div>
+<div class="section" id="PSA_KEY_LIFETIME_GET_LOCATION">
+<span id="c.PSA_KEY_LIFETIME_GET_LOCATION"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_LIFETIME_GET_LOCATION</span></code> (macro)</h3>
+<p>Extract the location indicator from a key lifetime.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_LIFETIME_GET_LOCATION" title="PSA_KEY_LIFETIME_GET_LOCATION">PSA_KEY_LIFETIME_GET_LOCATION</a>(lifetime) \
+ ((<a class="reference internal" href="#c.psa_key_location_t" title="psa_key_location_t">psa_key_location_t</a>) ((lifetime) >> 8))
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">lifetime</span></code></dt>
+<dd>The lifetime value to query: a value of type <a class="reference internal" href="#c.psa_key_lifetime_t" title="psa_key_lifetime_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_lifetime_t</span></code></a>.</dd>
+</dl>
+</div>
+<div class="section" id="PSA_KEY_LIFETIME_IS_VOLATILE">
+<span id="c.PSA_KEY_LIFETIME_IS_VOLATILE"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_LIFETIME_IS_VOLATILE</span></code> (macro)</h3>
+<p>Whether a key lifetime indicates that the key is volatile.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_LIFETIME_IS_VOLATILE" title="PSA_KEY_LIFETIME_IS_VOLATILE">PSA_KEY_LIFETIME_IS_VOLATILE</a>(lifetime) \
+ (<a class="reference internal" href="#c.PSA_KEY_LIFETIME_GET_PERSISTENCE" title="PSA_KEY_LIFETIME_GET_PERSISTENCE">PSA_KEY_LIFETIME_GET_PERSISTENCE</a>(lifetime) == <a class="reference internal" href="#c.PSA_KEY_PERSISTENCE_VOLATILE" title="PSA_KEY_PERSISTENCE_VOLATILE">PSA_KEY_PERSISTENCE_VOLATILE</a>)
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">lifetime</span></code></dt>
+<dd>The lifetime value to query: a value of type <a class="reference internal" href="#c.psa_key_lifetime_t" title="psa_key_lifetime_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_lifetime_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if the key is volatile, otherwise <code class="docutils literal"><span class="pre">0</span></code>.</p>
+<p class="rubric">Description</p>
+<p>A volatile key is automatically destroyed by the implementation when the application instance terminates. In particular, a volatile key is automatically destroyed on a power reset of the device.</p>
+<p>A key that is not volatile is persistent. Persistent keys are preserved until the application explicitly destroys them or until an implementation-specific device management event occurs, for example, a factory reset.</p>
+</div>
+<div class="section" id="PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION">
+<span id="c.PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION</span></code> (macro)</h3>
+<p>Construct a lifetime from a persistence level and a location.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION" title="PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION">PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION</a>(persistence, location) \
+ ((location) << 8 | (persistence))
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">persistence</span></code></dt>
+<dd>The persistence level: a value of type <a class="reference internal" href="#c.psa_key_persistence_t" title="psa_key_persistence_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_persistence_t</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">location</span></code></dt>
+<dd>The location indicator: a value of type <a class="reference internal" href="#c.psa_key_location_t" title="psa_key_location_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_location_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The constructed lifetime value.</p>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">9. Key management reference</a><ul class="current">
+<li class="toctree-l2"><a class="reference internal" href="attributes.html">9.1. Key attributes</a></li>
+<li class="toctree-l2"><a class="reference internal" href="types.html">9.2. Key types</a></li>
+<li class="toctree-l2 current"><a class="current reference internal" href="#">9.3. Key lifetimes</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#volatile-keys">9.3.1. Volatile keys</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#persistent-keys">9.3.2. Persistent keys</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#lifetime-encodings">9.3.3. Lifetime encodings</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#lifetime-values">9.3.4. Lifetime values</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#attribute-accessors">9.3.5. Attribute accessors</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#support-macros">9.3.6. Support macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="ids.html">9.4. Key identifiers</a></li>
+<li class="toctree-l2"><a class="reference internal" href="policy.html">9.5. Key policies</a></li>
+<li class="toctree-l2"><a class="reference internal" href="management.html">9.6. Key management functions</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="../ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/keys/management.html b/docs/1.1.0/html/api/keys/management.html
new file mode 100644
index 0000000..2e277f6
--- /dev/null
+++ b/docs/1.1.0/html/api/keys/management.html
@@ -0,0 +1,795 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>9.6. Key management functions — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="10. Cryptographic operation reference" href="../ops/index.html" />
+ <link rel="prev" title="9.5. Key policies" href="policy.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="key-management-functions">
+<h1>9.6. Key management functions</h1>
+<div class="section" id="key-creation">
+<span id="id1"></span><h2>9.6.1. Key creation</h2>
+<p>New keys can be created in the following ways:</p>
+<ul class="simple">
+<li><a class="reference internal" href="#c.psa_import_key" title="psa_import_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_import_key()</span></code></a> creates a key from a data buffer provided by the application.</li>
+<li><a class="reference internal" href="#c.psa_generate_key" title="psa_generate_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_generate_key()</span></code></a> creates a key from randomly generated data.</li>
+<li><a class="reference internal" href="../ops/kdf.html#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a> creates a key from data generated by a pseudorandom derivation process. See <a class="reference internal" href="../ops/kdf.html#kdf"><span class="secref">Key derivation</span></a>.</li>
+<li><a class="reference internal" href="#c.psa_copy_key" title="psa_copy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_copy_key()</span></code></a> duplicates an existing key with a different lifetime or with a more restrictive usage policy.</li>
+</ul>
+<p>When creating a key, the attributes for the new key are specified in a <a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_attributes_t</span></code></a> object. Each key creation function defines how it uses the attributes.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p>The attributes for a key are immutable after the key has been created.</p>
+<p class="last">The application must set the key algorithm policy and the appropriate key usage flags in the attributes in order for the key to be used in any cryptographic operations.</p>
+</div>
+<div class="section" id="psa_import_key">
+<span id="c.psa_import_key"></span><h3><code class="docutils literal"><span class="pre">psa_import_key</span></code> (function)</h3>
+<p>Import a key in binary format.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_import_key" title="psa_import_key">psa_import_key</a>(const <a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ const uint8_t * data,
+ size_t data_length,
+ <a class="reference internal" href="ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> * key);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd><p class="first">The attributes for the new key.
+This function uses the attributes as follows:</p>
+<ul class="simple">
+<li>The key type is required, and determines how the <code class="docutils literal"><span class="pre">data</span></code> buffer is interpreted.</li>
+<li>The key size is always determined from the <code class="docutils literal"><span class="pre">data</span></code> buffer. If the key size in <code class="docutils literal"><span class="pre">attributes</span></code> is nonzero, it must be equal to the size determined from <code class="docutils literal"><span class="pre">data</span></code>.</li>
+<li>The key permitted-algorithm policy is required for keys that will be used for a cryptographic operation, see <a class="reference internal" href="policy.html#permitted-algorithms"><span class="secref">Permitted algorithms</span></a>.</li>
+<li>The key usage flags define what operations are permitted with the key, see <a class="reference internal" href="policy.html#key-usage-flags"><span class="secref">Key usage flags</span></a>.</li>
+<li>The key lifetime and identifier are required for a persistent key.</li>
+</ul>
+<div class="last admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">This is an input parameter: it is not updated with the final key attributes. The final attributes of the new key can be queried by calling <a class="reference internal" href="attributes.html#c.psa_get_key_attributes" title="psa_get_key_attributes"><code class="xref any c c-func docutils literal"><span class="pre">psa_get_key_attributes()</span></code></a> with the key’s identifier.</p>
+</div>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">data</span></code></dt>
+<dd>Buffer containing the key data.
+The content of this buffer is interpreted according to the type declared in <code class="docutils literal"><span class="pre">attributes</span></code>.
+All implementations must support at least the format described in the documentation of <a class="reference internal" href="#c.psa_export_key" title="psa_export_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_key()</span></code></a> or <a class="reference internal" href="#c.psa_export_public_key" title="psa_export_public_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_public_key()</span></code></a> for the chosen type.
+Implementations can support other formats, but be conservative in interpreting the key data: it is recommended that implementations reject content if it might be erroneous, for example, if it is the wrong type or is truncated.</dd>
+<dt> <code class="docutils literal"><span class="pre">data_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">data</span></code> buffer in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>On success, an identifier for the newly created key. <a class="reference internal" href="ids.html#c.PSA_KEY_ID_NULL" title="PSA_KEY_ID_NULL"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_ID_NULL</span></code></a> on failure.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+If the key is persistent, the key material and the key’s metadata have been saved to persistent storage.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The implementation does not permit creating a key with the specified attributes due to some implementation-specific policy.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_ALREADY_EXISTS" title="PSA_ERROR_ALREADY_EXISTS"><code class="docutils literal"><span class="pre">PSA_ERROR_ALREADY_EXISTS</span></code></a></dt>
+<dd>This is an attempt to create a persistent key, and there is already a persistent key with the given identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The key type is invalid.</li>
+<li>The key size is nonzero, and is incompatible with the key data in <code class="docutils literal"><span class="pre">data</span></code>.</li>
+<li>The key lifetime is invalid.</li>
+<li>The key identifier is not valid for the key lifetime.</li>
+<li>The key usage flags include invalid values.</li>
+<li>The key’s permitted-usage algorithm is invalid.</li>
+<li>The key attributes, as a whole, are invalid.</li>
+<li>The key data is not correctly formatted for the key type.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd>The key attributes, as a whole, are not supported, either by the implementation in general or in the specified storage location.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_STORAGE" title="PSA_ERROR_INSUFFICIENT_STORAGE"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_STORAGE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>This function supports any output from <a class="reference internal" href="#c.psa_export_key" title="psa_export_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_key()</span></code></a>. Refer to the documentation of <a class="reference internal" href="#c.psa_export_public_key" title="psa_export_public_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_public_key()</span></code></a> for the format of public keys and to the documentation of <a class="reference internal" href="#c.psa_export_key" title="psa_export_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_key()</span></code></a> for the format for other key types.</p>
+<p>The key data determines the key size. The attributes can optionally specify a key size; in this case it must match the size determined from the key data. A key size of <code class="docutils literal"><span class="pre">0</span></code> in <code class="docutils literal"><span class="pre">attributes</span></code> indicates that the key size is solely determined by the key data.</p>
+<p>Implementations must reject an attempt to import a key of size <code class="docutils literal"><span class="pre">0</span></code>.</p>
+<p>This specification defines a single format for each key type. Implementations can optionally support other formats in addition to the standard format. It is recommended that implementations that support other formats ensure that the formats are clearly unambiguous, to minimize the risk that an invalid input is accidentally interpreted according to a different format.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">The PSA Crypto API does not support asymmetric private key objects outside of a key pair. To import a private key, the <code class="docutils literal"><span class="pre">attributes</span></code> must specify the corresponding key pair type. Depending on the key type, either the import format contains the public key data or the implementation will reconstruct the public key from the private key as needed.</p>
+</div>
+</div>
+<div class="section" id="psa_generate_key">
+<span id="c.psa_generate_key"></span><h3><code class="docutils literal"><span class="pre">psa_generate_key</span></code> (function)</h3>
+<p>Generate a key or key pair.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_generate_key" title="psa_generate_key">psa_generate_key</a>(const <a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ <a class="reference internal" href="ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> * key);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd><p class="first">The attributes for the new key.
+This function uses the attributes as follows:</p>
+<ul class="simple">
+<li>The key type is required. It cannot be an asymmetric public key.</li>
+<li>The key size is required. It must be a valid size for the key type.</li>
+<li>The key permitted-algorithm policy is required for keys that will be used for a cryptographic operation, see <a class="reference internal" href="policy.html#permitted-algorithms"><span class="secref">Permitted algorithms</span></a>.</li>
+<li>The key usage flags define what operations are permitted with the key, see <a class="reference internal" href="policy.html#key-usage-flags"><span class="secref">Key usage flags</span></a>.</li>
+<li>The key lifetime and identifier are required for a persistent key.</li>
+</ul>
+<div class="last admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">This is an input parameter: it is not updated with the final key attributes. The final attributes of the new key can be queried by calling <a class="reference internal" href="attributes.html#c.psa_get_key_attributes" title="psa_get_key_attributes"><code class="xref any c c-func docutils literal"><span class="pre">psa_get_key_attributes()</span></code></a> with the key’s identifier.</p>
+</div>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>On success, an identifier for the newly created key. <a class="reference internal" href="ids.html#c.PSA_KEY_ID_NULL" title="PSA_KEY_ID_NULL"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_ID_NULL</span></code></a> on failure.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+If the key is persistent, the key material and the key’s metadata have been saved to persistent storage.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The implementation does not permit creating a key with the specified attributes due to some implementation-specific policy.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_ALREADY_EXISTS" title="PSA_ERROR_ALREADY_EXISTS"><code class="docutils literal"><span class="pre">PSA_ERROR_ALREADY_EXISTS</span></code></a></dt>
+<dd>This is an attempt to create a persistent key, and there is already a persistent key with the given identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The key type is invalid, or is an asymmetric public key type.</li>
+<li>The key size is not valid for the key type.</li>
+<li>The key lifetime is invalid.</li>
+<li>The key identifier is not valid for the key lifetime.</li>
+<li>The key usage flags include invalid values.</li>
+<li>The key’s permitted-usage algorithm is invalid.</li>
+<li>The key attributes, as a whole, are invalid.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd>The key attributes, as a whole, are not supported, either by the implementation in general or in the specified storage location.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_ENTROPY" title="PSA_ERROR_INSUFFICIENT_ENTROPY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_ENTROPY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_STORAGE" title="PSA_ERROR_INSUFFICIENT_STORAGE"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_STORAGE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The key is generated randomly. Its location, policy, type and size are taken from <code class="docutils literal"><span class="pre">attributes</span></code>.</p>
+<p>Implementations must reject an attempt to generate a key of size <code class="docutils literal"><span class="pre">0</span></code>.</p>
+<p>The following type-specific considerations apply:</p>
+<ul class="simple">
+<li>For RSA keys (<a class="reference internal" href="types.html#c.PSA_KEY_TYPE_RSA_KEY_PAIR" title="PSA_KEY_TYPE_RSA_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_KEY_PAIR</span></code></a>), the public exponent is 65537. The modulus is a product of two probabilistic primes between 2^{n-1} and 2^n where n is the bit size specified in the attributes.</li>
+</ul>
+</div>
+<div class="section" id="psa_copy_key">
+<span id="c.psa_copy_key"></span><h3><code class="docutils literal"><span class="pre">psa_copy_key</span></code> (function)</h3>
+<p>Make a copy of a key.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_copy_key" title="psa_copy_key">psa_copy_key</a>(<a class="reference internal" href="ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> source_key,
+ const <a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ <a class="reference internal" href="ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> * target_key);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">source_key</span></code></dt>
+<dd>The key to copy.
+It must allow the usage <a class="reference internal" href="policy.html#c.PSA_KEY_USAGE_COPY" title="PSA_KEY_USAGE_COPY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_COPY</span></code></a>.
+If a private or secret key is being copied outside of a secure element it must also allow <a class="reference internal" href="policy.html#c.PSA_KEY_USAGE_EXPORT" title="PSA_KEY_USAGE_EXPORT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_EXPORT</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd><p class="first">The attributes for the new key. This function uses the attributes as follows:</p>
+<ul class="simple">
+<li>The key type and size can be <code class="docutils literal"><span class="pre">0</span></code>. If either is nonzero, it must match the corresponding attribute of the source key.</li>
+<li>The key location (the lifetime and, for persistent keys, the key identifier) is used directly.</li>
+<li>The key policy (usage flags and permitted algorithm) are combined from the source key and <code class="docutils literal"><span class="pre">attributes</span></code> so that both sets of restrictions apply, as described in the documentation of this function.</li>
+</ul>
+<div class="last admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">This is an input parameter: it is not updated with the final key attributes. The final attributes of the new key can be queried by calling <a class="reference internal" href="attributes.html#c.psa_get_key_attributes" title="psa_get_key_attributes"><code class="xref any c c-func docutils literal"><span class="pre">psa_get_key_attributes()</span></code></a> with the key’s identifier.</p>
+</div>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">target_key</span></code></dt>
+<dd>On success, an identifier for the newly created key. <a class="reference internal" href="ids.html#c.PSA_KEY_ID_NULL" title="PSA_KEY_ID_NULL"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_ID_NULL</span></code></a> on failure.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+If the new key is persistent, the key material and the key’s metadata have been saved to persistent storage.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">source_key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">source_key</span></code> does not have the <a class="reference internal" href="policy.html#c.PSA_KEY_USAGE_COPY" title="PSA_KEY_USAGE_COPY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_COPY</span></code></a> usage flag.</li>
+<li><code class="docutils literal"><span class="pre">source_key</span></code> does not have the <a class="reference internal" href="policy.html#c.PSA_KEY_USAGE_EXPORT" title="PSA_KEY_USAGE_EXPORT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_EXPORT</span></code></a> usage flag, and its storage location does not allow copying it to the target key’s storage location.</li>
+<li>The implementation does not permit creating a key with the specified attributes due to some implementation-specific policy.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_ALREADY_EXISTS" title="PSA_ERROR_ALREADY_EXISTS"><code class="docutils literal"><span class="pre">PSA_ERROR_ALREADY_EXISTS</span></code></a></dt>
+<dd>This is an attempt to create a persistent key, and there is already a persistent key with the given identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">attributes</span></code> specifies a key type or key size which does not match the attributes of <code class="docutils literal"><span class="pre">source</span> <span class="pre">key</span></code>.</li>
+<li>The lifetime or identifier in <code class="docutils literal"><span class="pre">attributes</span></code> are invalid.</li>
+<li>The key policies from <code class="docutils literal"><span class="pre">source_key</span></code> and those specified in <code class="docutils literal"><span class="pre">attributes</span></code> are incompatible.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The <code class="docutils literal"><span class="pre">source</span> <span class="pre">key</span></code> storage location does not support copying to the target key’s storage location.</li>
+<li>The key attributes, as a whole, are not supported in the target key’s storage location.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_STORAGE" title="PSA_ERROR_INSUFFICIENT_STORAGE"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_STORAGE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>Copy key material from one location to another.</p>
+<p>This function is primarily useful to copy a key from one location to another, as it populates a key using the material from another key which can have a different lifetime.</p>
+<p>This function can be used to share a key with a different party, subject to implementation-defined restrictions on key sharing.</p>
+<p>The policy on the source key must have the usage flag <a class="reference internal" href="policy.html#c.PSA_KEY_USAGE_COPY" title="PSA_KEY_USAGE_COPY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_COPY</span></code></a> set. This flag is sufficient to permit the copy if the key has the lifetime <a class="reference internal" href="lifetimes.html#c.PSA_KEY_LIFETIME_VOLATILE" title="PSA_KEY_LIFETIME_VOLATILE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_LIFETIME_VOLATILE</span></code></a> or <a class="reference internal" href="lifetimes.html#c.PSA_KEY_LIFETIME_PERSISTENT" title="PSA_KEY_LIFETIME_PERSISTENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_LIFETIME_PERSISTENT</span></code></a>. Some secure elements do not provide a way to copy a key without making it extractable from the secure element. If a key is located in such a secure element, then the key must have both usage flags <a class="reference internal" href="policy.html#c.PSA_KEY_USAGE_COPY" title="PSA_KEY_USAGE_COPY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_COPY</span></code></a> and <a class="reference internal" href="policy.html#c.PSA_KEY_USAGE_EXPORT" title="PSA_KEY_USAGE_EXPORT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_EXPORT</span></code></a> in order to make a copy of the key outside the secure element.</p>
+<p>The resulting key can only be used in a way that conforms to both the policy of the original key and the policy specified in the <code class="docutils literal"><span class="pre">attributes</span></code> parameter:</p>
+<ul class="simple">
+<li>The usage flags on the resulting key are the bitwise-and of the usage flags on the source policy and the usage flags in <code class="docutils literal"><span class="pre">attributes</span></code>.</li>
+<li>If both permit the same algorithm or wildcard-based algorithm, the resulting key has the same permitted algorithm.</li>
+<li>If either of the policies permits an algorithm and the other policy allows a wildcard-based permitted algorithm that includes this algorithm, the resulting key uses this permitted algorithm.</li>
+<li>If the policies do not permit any algorithm in common, this function fails with the status <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a>.</li>
+</ul>
+<p>The effect of this function on implementation-defined attributes is implementation-defined.</p>
+</div>
+</div>
+<div class="section" id="key-destruction">
+<span id="id2"></span><h2>9.6.2. Key destruction</h2>
+<div class="section" id="psa_destroy_key">
+<span id="c.psa_destroy_key"></span><h3><code class="docutils literal"><span class="pre">psa_destroy_key</span></code> (function)</h3>
+<p>Destroy a key.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_destroy_key" title="psa_destroy_key">psa_destroy_key</a>(<a class="reference internal" href="ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to erase.
+If this is <a class="reference internal" href="ids.html#c.PSA_KEY_ID_NULL" title="PSA_KEY_ID_NULL"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_ID_NULL</span></code></a>, do nothing and return <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SUCCESS</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+If <code class="docutils literal"><span class="pre">key</span></code> was a valid key identifier, then the key material that it referred to has been erased.
+Alternatively, <code class="docutils literal"><span class="pre">key</span></code> was <a class="reference internal" href="ids.html#c.PSA_KEY_ID_NULL" title="PSA_KEY_ID_NULL"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_ID_NULL</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is neither a valid key identifier, nor <a class="reference internal" href="ids.html#c.PSA_KEY_ID_NULL" title="PSA_KEY_ID_NULL"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_ID_NULL</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key cannot be erased because it is read-only, either due to a policy or due to physical restrictions.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd>There was an failure in communication with the cryptoprocessor. The key material might still be present in the cryptoprocessor.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd>An unexpected condition which is not a storage corruption or a communication failure occurred. The cryptoprocessor might have been compromised.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd>The storage operation failed. Implementations must make a best effort to erase key material even in this situation, however, it might be impossible to guarantee that the key material is not recoverable in such cases.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd>The storage is corrupted. Implementations must make a best effort to erase key material even in this situation, however, it might be impossible to guarantee that the key material is not recoverable in such cases.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>This function destroys a key from both volatile memory and, if applicable, non-volatile storage. Implementations must make a best effort to ensure that that the key material cannot be recovered.</p>
+<p>This function also erases any metadata such as policies and frees resources associated with the key.</p>
+<p>Destroying the key makes the key identifier invalid, and the key identifier must not be used again by the application.</p>
+<p>If a key is currently in use in a multi-part operation, then destroying the key will cause the multi-part operation to fail.</p>
+</div>
+<div class="section" id="psa_purge_key">
+<span id="c.psa_purge_key"></span><h3><code class="docutils literal"><span class="pre">psa_purge_key</span></code> (function)</h3>
+<p>Remove non-essential copies of key material from memory.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_purge_key" title="psa_purge_key">psa_purge_key</a>(<a class="reference internal" href="ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to purge.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The key material has been removed from memory, if the key material is not currently required.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>For keys that have been created with the <a class="reference internal" href="policy.html#c.PSA_KEY_USAGE_CACHE" title="PSA_KEY_USAGE_CACHE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_CACHE</span></code></a> usage flag, an implementation is permitted to make additional copies of the key material that are not in storage and not for the purpose of ongoing operations.</p>
+<p>This function will remove these extra copies of the key material from memory.</p>
+<p>This function is not required to remove key material from memory in any of the following situations:</p>
+<ul class="simple">
+<li>The key is currently in use in a cryptographic operation.</li>
+<li>The key is volatile.</li>
+</ul>
+<p>See also <a class="reference internal" href="../../overview/implementation.html#key-material"><span class="secref">Managing key material</span></a>.</p>
+</div>
+</div>
+<div class="section" id="key-export">
+<span id="id3"></span><h2>9.6.3. Key export</h2>
+<div class="section" id="psa_export_key">
+<span id="c.psa_export_key"></span><h3><code class="docutils literal"><span class="pre">psa_export_key</span></code> (function)</h3>
+<p>Export a key in binary format.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_export_key" title="psa_export_key">psa_export_key</a>(<a class="reference internal" href="ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ uint8_t * data,
+ size_t data_size,
+ size_t * data_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to export.
+It must allow the usage <a class="reference internal" href="policy.html#c.PSA_KEY_USAGE_EXPORT" title="PSA_KEY_USAGE_EXPORT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_EXPORT</span></code></a>, unless it is a public key.</dd>
+<dt> <code class="docutils literal"><span class="pre">data</span></code></dt>
+<dd>Buffer where the key data is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">data_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">data</span></code> buffer in bytes.
+This must be appropriate for the key:</p>
+<ul class="last simple">
+<li>The required output size is <a class="reference internal" href="#c.PSA_EXPORT_KEY_OUTPUT_SIZE" title="PSA_EXPORT_KEY_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_EXPORT_KEY_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">bits</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">type</span></code> is the key type and <code class="docutils literal"><span class="pre">bits</span></code> is the key size in bits.</li>
+<li><a class="reference internal" href="#c.PSA_EXPORT_KEY_PAIR_MAX_SIZE" title="PSA_EXPORT_KEY_PAIR_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_EXPORT_KEY_PAIR_MAX_SIZE</span></code></a> evaluates to the maximum output size of any supported key pair.</li>
+<li><a class="reference internal" href="#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE" title="PSA_EXPORT_PUBLIC_KEY_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_EXPORT_PUBLIC_KEY_MAX_SIZE</span></code></a> evaluates to the maximum output size of any supported public key.</li>
+<li>This API defines no maximum size for symmetric keys. Arbitrarily large data items can be stored in the key store, for example certificates that correspond to a stored private key or input material for key derivation.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">data_length</span></code></dt>
+<dd>On success, the number of bytes that make up the key data.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*data_length)</span></code> bytes of <code class="docutils literal"><span class="pre">data</span></code> contain the exported key.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="policy.html#c.PSA_KEY_USAGE_EXPORT" title="PSA_KEY_USAGE_EXPORT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_EXPORT</span></code></a> flag.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">data</span></code> buffer is too small.
+<a class="reference internal" href="#c.PSA_EXPORT_KEY_OUTPUT_SIZE" title="PSA_EXPORT_KEY_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_EXPORT_KEY_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_EXPORT_KEY_PAIR_MAX_SIZE" title="PSA_EXPORT_KEY_PAIR_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_EXPORT_KEY_PAIR_MAX_SIZE</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The key’s storage location does not support export of the key.</li>
+<li>The implementation does not support export of keys with this key type.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The output of this function can be passed to <a class="reference internal" href="#c.psa_import_key" title="psa_import_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_import_key()</span></code></a> to create an equivalent object.</p>
+<p>If the implementation of <a class="reference internal" href="#c.psa_import_key" title="psa_import_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_import_key()</span></code></a> supports other formats beyond the format specified here, the output from <a class="reference internal" href="#c.psa_export_key" title="psa_export_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_key()</span></code></a> must use the representation specified here, not the original representation.</p>
+<p>For standard key types, the output format is as follows:</p>
+<ul>
+<li><p class="first">For symmetric keys, excluding HMAC keys, the format is the raw bytes of the key.</p>
+</li>
+<li><p class="first">For HMAC keys that are shorter than, or equal in size to, the underlying hash algorithm block size, the format is the raw bytes of the key.</p>
+<p>For HMAC keys that are longer than the underlying hash algorithm block size, the format is an <a class="reference internal" href="../../about.html#term-implementation-defined"><span class="scterm">implementation defined</span></a> choice between the following formats:</p>
+<ol class="arabic simple">
+<li>The raw bytes of the key.</li>
+<li>The raw bytes of the hash of the key, using the underlying hash algorithm.</li>
+</ol>
+<p>See also <a class="reference internal" href="types.html#c.PSA_KEY_TYPE_HMAC" title="PSA_KEY_TYPE_HMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_HMAC</span></code></a>.</p>
+</li>
+<li><p class="first">For DES, the key data consists of 8 bytes. The parity bits must be correct.</p>
+</li>
+<li><p class="first">For Triple-DES, the format is the concatenation of the two or three DES keys.</p>
+</li>
+<li><p class="first">For RSA key pairs, with key type <a class="reference internal" href="types.html#c.PSA_KEY_TYPE_RSA_KEY_PAIR" title="PSA_KEY_TYPE_RSA_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_KEY_PAIR</span></code></a>, the format is the non-encrypted DER encoding of the representation defined by in <span><em>PKCS #1: RSA Cryptography Specifications Version 2.2</em> <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a></span> as <code class="docutils literal"><span class="pre">RSAPrivateKey</span></code>, version <code class="docutils literal"><span class="pre">0</span></code>.</p>
+<div class="highlight-none"><div class="highlight"><pre><span></span>RSAPrivateKey ::= SEQUENCE {
+ version INTEGER, -- must be 0
+ modulus INTEGER, -- n
+ publicExponent INTEGER, -- e
+ privateExponent INTEGER, -- d
+ prime1 INTEGER, -- p
+ prime2 INTEGER, -- q
+ exponent1 INTEGER, -- d mod (p-1)
+ exponent2 INTEGER, -- d mod (q-1)
+ coefficient INTEGER, -- (inverse of q) mod p
+}
+</pre></div>
+</div>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">Although it is possible to define an RSA key pair or private key using a subset of these elements, the output from <a class="reference internal" href="#c.psa_export_key" title="psa_export_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_key()</span></code></a> for an RSA key pair must include all of these elements.</p>
+</div>
+</li>
+<li><p class="first">For elliptic curve key pairs, with key types for which <a class="reference internal" href="types.html#c.PSA_KEY_TYPE_IS_ECC_KEY_PAIR" title="PSA_KEY_TYPE_IS_ECC_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_IS_ECC_KEY_PAIR()</span></code></a> is true, the format is a representation of the private value.</p>
+<ul>
+<li><p class="first">For Weierstrass curve families <code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_XX</span></code>, <code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_XX</span></code>, <a class="reference internal" href="types.html#c.PSA_ECC_FAMILY_FRP" title="PSA_ECC_FAMILY_FRP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_FRP</span></code></a> and <a class="reference internal" href="types.html#c.PSA_ECC_FAMILY_BRAINPOOL_P_R1" title="PSA_ECC_FAMILY_BRAINPOOL_P_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_BRAINPOOL_P_R1</span></code></a>, the content of the <code class="docutils literal"><span class="pre">privateKey</span></code> field of the <code class="docutils literal"><span class="pre">ECPrivateKey</span></code> format defined by <span><em>Elliptic Curve Private Key Structure</em> <a class="reference internal" href="../../about.html#citation-rfc5915"><span class="cite">[RFC5915]</span></a></span>.</p>
+<p>This is a <code class="docutils literal"><span class="pre">ceiling(m/8)</span></code>-byte string in big-endian order where <code class="docutils literal"><span class="pre">m</span></code> is the key size in bits.</p>
+</li>
+<li><p class="first">For curve family <a class="reference internal" href="types.html#c.PSA_ECC_FAMILY_MONTGOMERY" title="PSA_ECC_FAMILY_MONTGOMERY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_MONTGOMERY</span></code></a>, the scalar value of the ‘private key’ in little-endian order as defined by <span><em>Elliptic Curves for Security</em> <a class="reference internal" href="../../about.html#citation-rfc7748"><span class="cite">[RFC7748]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc7748.html#section-6">§6</a>. The value must have the forced bits set to zero or one as specified by <code class="docutils literal"><span class="pre">decodeScalar25519()</span></code> and <code class="docutils literal"><span class="pre">decodeScalar448()</span></code> in <a class="reference internal" href="../../about.html#citation-rfc7748"><span class="cite">[RFC7748]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc7748.html#section-5">§5</a>.</p>
+<p>This is a <code class="docutils literal"><span class="pre">ceiling(m/8)</span></code>-byte string where <code class="docutils literal"><span class="pre">m</span></code> is the key size in bits. This is 32 bytes for Curve25519, and 56 bytes for Curve448.</p>
+</li>
+<li><p class="first">For the Twisted Edwards curve family <a class="reference internal" href="types.html#c.PSA_ECC_FAMILY_TWISTED_EDWARDS" title="PSA_ECC_FAMILY_TWISTED_EDWARDS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_TWISTED_EDWARDS</span></code></a>, the private key is defined by <span><em>Edwards-Curve Digital Signature Algorithm (EdDSA)</em> <a class="reference internal" href="../../about.html#citation-rfc8032"><span class="cite">[RFC8032]</span></a></span>.</p>
+<p>This is a 32-byte string for Edwards25519, and a 57-byte string for Edwards448.</p>
+</li>
+</ul>
+</li>
+<li><p class="first">For Diffie-Hellman key exchange key pairs, with key types for which <a class="reference internal" href="types.html#c.PSA_KEY_TYPE_IS_DH_KEY_PAIR" title="PSA_KEY_TYPE_IS_DH_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_IS_DH_KEY_PAIR()</span></code></a> is true, the format is the representation of the private key <code class="docutils literal"><span class="pre">x</span></code> as a big-endian byte string. The length of the byte string is the private key size in bytes, and leading zeroes are not stripped.</p>
+</li>
+<li><p class="first">For public keys, with key types for which <a class="reference internal" href="types.html#c.PSA_KEY_TYPE_IS_PUBLIC_KEY" title="PSA_KEY_TYPE_IS_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_IS_PUBLIC_KEY()</span></code></a> is true, the format is the same as for <a class="reference internal" href="#c.psa_export_public_key" title="psa_export_public_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_public_key()</span></code></a>.</p>
+</li>
+</ul>
+<p>The policy on the key must have the usage flag <a class="reference internal" href="policy.html#c.PSA_KEY_USAGE_EXPORT" title="PSA_KEY_USAGE_EXPORT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_EXPORT</span></code></a> set.</p>
+</div>
+<div class="section" id="psa_export_public_key">
+<span id="c.psa_export_public_key"></span><h3><code class="docutils literal"><span class="pre">psa_export_public_key</span></code> (function)</h3>
+<p>Export a public key or the public part of a key pair in binary format.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_export_public_key" title="psa_export_public_key">psa_export_public_key</a>(<a class="reference internal" href="ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ uint8_t * data,
+ size_t data_size,
+ size_t * data_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to export.</dd>
+<dt> <code class="docutils literal"><span class="pre">data</span></code></dt>
+<dd>Buffer where the key data is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">data_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">data</span></code> buffer in bytes.
+This must be appropriate for the key:</p>
+<ul class="last simple">
+<li>The required output size is <a class="reference internal" href="#c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE" title="PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">bits</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">type</span></code> is the key type and <code class="docutils literal"><span class="pre">bits</span></code> is the key size in bits.</li>
+<li><a class="reference internal" href="#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE" title="PSA_EXPORT_PUBLIC_KEY_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_EXPORT_PUBLIC_KEY_MAX_SIZE</span></code></a> evaluates to the maximum output size of any supported public key or public part of a key pair.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">data_length</span></code></dt>
+<dd>On success, the number of bytes that make up the key data.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*data_length)</span></code> bytes of <code class="docutils literal"><span class="pre">data</span></code> contain the exported public key.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">data</span></code> buffer is too small.
+<a class="reference internal" href="#c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE" title="PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE" title="PSA_EXPORT_PUBLIC_KEY_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_EXPORT_PUBLIC_KEY_MAX_SIZE</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd>The key is neither a public key nor a key pair.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The key’s storage location does not support export of the key.</li>
+<li>The implementation does not support export of keys with this key type.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The output of this function can be passed to <a class="reference internal" href="#c.psa_import_key" title="psa_import_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_import_key()</span></code></a> to create an object that is equivalent to the public key.</p>
+<p>If the implementation of <a class="reference internal" href="#c.psa_import_key" title="psa_import_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_import_key()</span></code></a> supports other formats beyond the format specified here, the output from <a class="reference internal" href="#c.psa_export_public_key" title="psa_export_public_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_public_key()</span></code></a> must use the representation specified here, not the original representation.</p>
+<p>For standard key types, the output format is as follows:</p>
+<ul>
+<li><p class="first">For RSA public keys, with key type <a class="reference internal" href="types.html#c.PSA_KEY_TYPE_RSA_PUBLIC_KEY" title="PSA_KEY_TYPE_RSA_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_PUBLIC_KEY</span></code></a>, the DER encoding of the representation defined by <span><em>Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile</em> <a class="reference internal" href="../../about.html#citation-rfc3279"><span class="cite">[RFC3279]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc3279.html#section-2.3.1">§2.3.1</a> as <code class="docutils literal"><span class="pre">RSAPublicKey</span></code>.</p>
+<div class="highlight-none"><div class="highlight"><pre><span></span>RSAPublicKey ::= SEQUENCE {
+ modulus INTEGER, -- n
+ publicExponent INTEGER } -- e
+</pre></div>
+</div>
+</li>
+<li><p class="first">For elliptic curve key pairs, with key types for which <a class="reference internal" href="types.html#c.PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY()</span></code></a> is true, the format depends on the key family:</p>
+<ul>
+<li><p class="first">For Weierstrass curve families <code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_XX</span></code>, <code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_XX</span></code>, <a class="reference internal" href="types.html#c.PSA_ECC_FAMILY_FRP" title="PSA_ECC_FAMILY_FRP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_FRP</span></code></a> and <a class="reference internal" href="types.html#c.PSA_ECC_FAMILY_BRAINPOOL_P_R1" title="PSA_ECC_FAMILY_BRAINPOOL_P_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_BRAINPOOL_P_R1</span></code></a>, the uncompressed representation of an elliptic curve point as an octet string defined in <span><em>SEC 1: Elliptic Curve Cryptography</em> <a class="reference internal" href="../../about.html#citation-sec1"><span class="cite">[SEC1]</span></a></span> §2.3.3. If <code class="docutils literal"><span class="pre">m</span></code> is the bit size associated with the curve, i.e. the bit size of <code class="docutils literal"><span class="pre">q</span></code> for a curve over <code class="docutils literal"><span class="pre">F_q</span></code>. The representation consists of:</p>
+<ul class="simple">
+<li>The byte <code class="docutils literal"><span class="pre">0x04</span></code>;</li>
+<li><code class="docutils literal"><span class="pre">x_P</span></code> as a <code class="docutils literal"><span class="pre">ceiling(m/8)</span></code>-byte string, big-endian;</li>
+<li><code class="docutils literal"><span class="pre">y_P</span></code> as a <code class="docutils literal"><span class="pre">ceiling(m/8)</span></code>-byte string, big-endian.</li>
+</ul>
+</li>
+<li><p class="first">For curve family <a class="reference internal" href="types.html#c.PSA_ECC_FAMILY_MONTGOMERY" title="PSA_ECC_FAMILY_MONTGOMERY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_MONTGOMERY</span></code></a>, the scalar value of the ‘public key’ in little-endian order as defined by <span><em>Elliptic Curves for Security</em> <a class="reference internal" href="../../about.html#citation-rfc7748"><span class="cite">[RFC7748]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc7748.html#section-6">§6</a>. This is a <code class="docutils literal"><span class="pre">ceiling(m/8)</span></code>-byte string where <code class="docutils literal"><span class="pre">m</span></code> is the key size in bits.</p>
+<ul class="simple">
+<li>This is 32 bytes for Curve25519, computed as <code class="docutils literal"><span class="pre">X25519(private_key,</span> <span class="pre">9)</span></code>.</li>
+<li>This is 56 bytes for Curve448, computed as <code class="docutils literal"><span class="pre">X448(private_key,</span> <span class="pre">5)</span></code>.</li>
+</ul>
+</li>
+<li><p class="first">For curve family <a class="reference internal" href="types.html#c.PSA_ECC_FAMILY_TWISTED_EDWARDS" title="PSA_ECC_FAMILY_TWISTED_EDWARDS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_TWISTED_EDWARDS</span></code></a>, the public key is defined by <span><em>Edwards-Curve Digital Signature Algorithm (EdDSA)</em> <a class="reference internal" href="../../about.html#citation-rfc8032"><span class="cite">[RFC8032]</span></a></span>.</p>
+<p>This is a 32-byte string for Edwards25519, and a 57-byte string for Edwards448.</p>
+</li>
+</ul>
+</li>
+<li><p class="first">For Diffie-Hellman key exchange public keys, with key types for which <a class="reference internal" href="types.html#c.PSA_KEY_TYPE_IS_DH_PUBLIC_KEY" title="PSA_KEY_TYPE_IS_DH_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_IS_DH_PUBLIC_KEY</span></code></a> is true, the format is the representation of the public key <code class="docutils literal"><span class="pre">y</span> <span class="pre">=</span> <span class="pre">g^x</span> <span class="pre">mod</span> <span class="pre">p</span></code> as a big-endian byte string. The length of the byte string is the length of the base prime <code class="docutils literal"><span class="pre">p</span></code> in bytes.</p>
+</li>
+</ul>
+<p>Exporting a public key object or the public part of a key pair is always permitted, regardless of the key’s usage flags.</p>
+</div>
+<div class="section" id="PSA_EXPORT_KEY_OUTPUT_SIZE">
+<span id="c.PSA_EXPORT_KEY_OUTPUT_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_EXPORT_KEY_OUTPUT_SIZE</span></code> (macro)</h3>
+<p>Sufficient output buffer size for <a class="reference internal" href="#c.psa_export_key" title="psa_export_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_key()</span></code></a>.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_EXPORT_KEY_OUTPUT_SIZE" title="PSA_EXPORT_KEY_OUTPUT_SIZE">PSA_EXPORT_KEY_OUTPUT_SIZE</a>(key_type, key_bits) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>A supported key type.</dd>
+<dt> <code class="docutils literal"><span class="pre">key_bits</span></code></dt>
+<dd>The size of the key in bits.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>If the parameters are valid and supported, return a buffer size in bytes that guarantees that <a class="reference internal" href="#c.psa_export_key" title="psa_export_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_key()</span></code></a> or <a class="reference internal" href="#c.psa_export_public_key" title="psa_export_public_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_public_key()</span></code></a> will not fail with <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a>. If the parameters are a valid combination that is not supported by the implementation, this macro must return either a sensible size or <code class="docutils literal"><span class="pre">0</span></code>. If the parameters are not valid, the return value is unspecified.</p>
+<p class="rubric">Description</p>
+<p>The following code illustrates how to allocate enough memory to export a key by querying the key type and size at runtime.</p>
+<pre class="literal-block">
+<a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> attributes = <a class="reference internal" href="attributes.html#c.PSA_KEY_ATTRIBUTES_INIT" title="PSA_KEY_ATTRIBUTES_INIT">PSA_KEY_ATTRIBUTES_INIT</a>;
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> status;
+status = <a class="reference internal" href="attributes.html#c.psa_get_key_attributes" title="psa_get_key_attributes">psa_get_key_attributes</a>(key, &attributes);
+if (status != <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS">PSA_SUCCESS</a>)
+ handle_error(...);
+<a class="reference internal" href="types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a> key_type = <a class="reference internal" href="types.html#c.psa_get_key_type" title="psa_get_key_type">psa_get_key_type</a>(&attributes);
+size_t key_bits = <a class="reference internal" href="types.html#c.psa_get_key_bits" title="psa_get_key_bits">psa_get_key_bits</a>(&attributes);
+size_t buffer_size = <a class="reference internal" href="#c.PSA_EXPORT_KEY_OUTPUT_SIZE" title="PSA_EXPORT_KEY_OUTPUT_SIZE">PSA_EXPORT_KEY_OUTPUT_SIZE</a>(key_type, key_bits);
+<a class="reference internal" href="attributes.html#c.psa_reset_key_attributes" title="psa_reset_key_attributes">psa_reset_key_attributes</a>(&attributes);
+uint8_t *buffer = malloc(buffer_size);
+if (buffer == NULL)
+ handle_error(...);
+size_t buffer_length;
+status = <a class="reference internal" href="#c.psa_export_key" title="psa_export_key">psa_export_key</a>(key, buffer, buffer_size, &buffer_length);
+if (status != <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS">PSA_SUCCESS</a>)
+ handle_error(...);
+</pre>
+<p>See also <a class="reference internal" href="#c.PSA_EXPORT_KEY_PAIR_MAX_SIZE" title="PSA_EXPORT_KEY_PAIR_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_EXPORT_KEY_PAIR_MAX_SIZE</span></code></a> and <a class="reference internal" href="#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE" title="PSA_EXPORT_PUBLIC_KEY_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_EXPORT_PUBLIC_KEY_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE">
+<span id="c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE</span></code> (macro)</h3>
+<p>Sufficient output buffer size for <a class="reference internal" href="#c.psa_export_public_key" title="psa_export_public_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_public_key()</span></code></a>.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE" title="PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE">PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE</a>(key_type, key_bits) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>A public key or key pair key type.</dd>
+<dt> <code class="docutils literal"><span class="pre">key_bits</span></code></dt>
+<dd>The size of the key in bits.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>If the parameters are valid and supported, return a buffer size in bytes that guarantees that <a class="reference internal" href="#c.psa_export_public_key" title="psa_export_public_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_public_key()</span></code></a> will not fail with <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a>. If the parameters are a valid combination that is not supported by the implementation, this macro must return either a sensible size or <code class="docutils literal"><span class="pre">0</span></code>. If the parameters are not valid, the return value is unspecified.</p>
+<p>If the parameters are valid and supported, it is recommended that this macro returns the same result as <a class="reference internal" href="#c.PSA_EXPORT_KEY_OUTPUT_SIZE" title="PSA_EXPORT_KEY_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_EXPORT_KEY_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="types.html#c.PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR" title="PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">),</span> </code><code class="docutils literal"><span class="pre">key_bits</span></code><code class="docutils literal"><span class="pre">)</span></code>.</p>
+<p class="rubric">Description</p>
+<p>The following code illustrates how to allocate enough memory to export a public key by querying the key type and size at runtime.</p>
+<pre class="literal-block">
+<a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> attributes = <a class="reference internal" href="attributes.html#c.PSA_KEY_ATTRIBUTES_INIT" title="PSA_KEY_ATTRIBUTES_INIT">PSA_KEY_ATTRIBUTES_INIT</a>;
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> status;
+status = <a class="reference internal" href="attributes.html#c.psa_get_key_attributes" title="psa_get_key_attributes">psa_get_key_attributes</a>(key, &attributes);
+if (status != <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS">PSA_SUCCESS</a>)
+ handle_error(...);
+<a class="reference internal" href="types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a> key_type = <a class="reference internal" href="types.html#c.psa_get_key_type" title="psa_get_key_type">psa_get_key_type</a>(&attributes);
+size_t key_bits = <a class="reference internal" href="types.html#c.psa_get_key_bits" title="psa_get_key_bits">psa_get_key_bits</a>(&attributes);
+size_t buffer_size = <a class="reference internal" href="#c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE" title="PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE">PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE</a>(key_type, key_bits);
+<a class="reference internal" href="attributes.html#c.psa_reset_key_attributes" title="psa_reset_key_attributes">psa_reset_key_attributes</a>(&attributes);
+uint8_t *buffer = malloc(buffer_size);
+if (buffer == NULL)
+ handle_error(...);
+size_t buffer_length;
+status = <a class="reference internal" href="#c.psa_export_public_key" title="psa_export_public_key">psa_export_public_key</a>(key, buffer, buffer_size, &buffer_length);
+if (status != <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS">PSA_SUCCESS</a>)
+ handle_error(...);
+</pre>
+<p>See also <a class="reference internal" href="#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE" title="PSA_EXPORT_PUBLIC_KEY_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_EXPORT_PUBLIC_KEY_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_EXPORT_KEY_PAIR_MAX_SIZE">
+<span id="c.PSA_EXPORT_KEY_PAIR_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_EXPORT_KEY_PAIR_MAX_SIZE</span></code> (macro)</h3>
+<p>Sufficient buffer size for exporting any asymmetric key pair.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_EXPORT_KEY_PAIR_MAX_SIZE" title="PSA_EXPORT_KEY_PAIR_MAX_SIZE">PSA_EXPORT_KEY_PAIR_MAX_SIZE</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>This value must be a sufficient buffer size when calling <a class="reference internal" href="#c.psa_export_key" title="psa_export_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_key()</span></code></a> to export any asymmetric key pair that is supported by the implementation, regardless of the exact key type and key size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_EXPORT_KEY_OUTPUT_SIZE" title="PSA_EXPORT_KEY_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_EXPORT_KEY_OUTPUT_SIZE()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_EXPORT_PUBLIC_KEY_MAX_SIZE">
+<span id="c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_EXPORT_PUBLIC_KEY_MAX_SIZE</span></code> (macro)</h3>
+<p>Sufficient buffer size for exporting any asymmetric public key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE" title="PSA_EXPORT_PUBLIC_KEY_MAX_SIZE">PSA_EXPORT_PUBLIC_KEY_MAX_SIZE</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>This value must be a sufficient buffer size when calling <a class="reference internal" href="#c.psa_export_key" title="psa_export_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_key()</span></code></a> or <a class="reference internal" href="#c.psa_export_public_key" title="psa_export_public_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_public_key()</span></code></a> to export any asymmetric public key that is supported by the implementation, regardless of the exact key type and key size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE" title="PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE()</span></code></a>.</p>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">9. Key management reference</a><ul class="current">
+<li class="toctree-l2"><a class="reference internal" href="attributes.html">9.1. Key attributes</a></li>
+<li class="toctree-l2"><a class="reference internal" href="types.html">9.2. Key types</a></li>
+<li class="toctree-l2"><a class="reference internal" href="lifetimes.html">9.3. Key lifetimes</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ids.html">9.4. Key identifiers</a></li>
+<li class="toctree-l2"><a class="reference internal" href="policy.html">9.5. Key policies</a></li>
+<li class="toctree-l2 current"><a class="current reference internal" href="#">9.6. Key management functions</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#key-creation">9.6.1. Key creation</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#key-destruction">9.6.2. Key destruction</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#key-export">9.6.3. Key export</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="../ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/keys/policy.html b/docs/1.1.0/html/api/keys/policy.html
new file mode 100644
index 0000000..69c06e0
--- /dev/null
+++ b/docs/1.1.0/html/api/keys/policy.html
@@ -0,0 +1,384 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>9.5. Key policies — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="9.6. Key management functions" href="management.html" />
+ <link rel="prev" title="9.4. Key identifiers" href="ids.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="key-policies">
+<span id="key-policy"></span><h1>9.5. Key policies</h1>
+<p>All keys have an associated policy that regulates which operations are permitted on the key. A key policy is composed of two elements:</p>
+<ul class="simple">
+<li>A set of usage flags. See <a class="reference internal" href="#key-usage-flags"><span class="secref">Key usage flags</span></a>.</li>
+<li>A specific algorithm that is permitted with the key. See <a class="reference internal" href="#permitted-algorithms"><span class="secref">Permitted algorithms</span></a>.</li>
+</ul>
+<p>The policy is part of the key attributes that are managed by a <a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_attributes_t</span></code></a> object.</p>
+<p>A highly constrained implementation might not be able to support all the policies that can be expressed through this interface. If an implementation cannot create a key with the required policy, it must return an appropriate error code when the key is created.</p>
+<div class="section" id="permitted-algorithms">
+<span id="id1"></span><h2>9.5.1. Permitted algorithms</h2>
+<p>The permitted algorithm is encoded using a algorithm identifier, as described in <a class="reference internal" href="../ops/algorithms.html#algorithms"><span class="secref">Algorithms</span></a>.</p>
+<p>This specification only defines policies that restrict keys to a single algorithm, which is consistent with both common practice and security good practice.</p>
+<p>The following algorithm policies are supported:</p>
+<ul class="simple">
+<li><a class="reference internal" href="../ops/algorithms.html#c.PSA_ALG_NONE" title="PSA_ALG_NONE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_NONE</span></code></a> does not permit any cryptographic operation with the key. The key can still be used for non-cryptographic actions such as exporting, if permitted by the usage flags.</li>
+<li>A specific algorithm value permits exactly that particular algorithm.</li>
+<li>A signature algorithm constructed with <a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a> permits the specified signature scheme with any hash algorithm. In addition, <a class="reference internal" href="../ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN" title="PSA_ALG_RSA_PKCS1V15_SIGN"><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a><code class="docutils literal"><span class="pre">)</span></code> also permits the <a class="reference internal" href="../ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</span></code></a> signature algorithm.</li>
+<li>A raw key agreement algorithm also permits the specified key agreement scheme to be combined with any key derivation algorithm.</li>
+<li>An algorithm built from <a class="reference internal" href="../ops/macs.html#c.PSA_ALG_AT_LEAST_THIS_LENGTH_MAC" title="PSA_ALG_AT_LEAST_THIS_LENGTH_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_AT_LEAST_THIS_LENGTH_MAC()</span></code></a> allows any MAC algorithm from the same base class (for example, CMAC) which computes or verifies a MAC length greater than or equal to the length encoded in the wildcard algorithm.</li>
+<li>An algorithm built from <a class="reference internal" href="../ops/aead.html#c.PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG" title="PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG()</span></code></a> allows any AEAD algorithm from the same base class (for example, CCM) which computes or verifies a tag length greater than or equal to the length encoded in the wildcard algorithm.</li>
+</ul>
+<p>When a key is used in a cryptographic operation, the application must supply the algorithm to use for the operation. This algorithm is checked against the key’s permitted algorithm policy.</p>
+<div class="section" id="psa_set_key_algorithm">
+<span id="c.psa_set_key_algorithm"></span><h3><code class="docutils literal"><span class="pre">psa_set_key_algorithm</span></code> (function)</h3>
+<p>Declare the permitted algorithm policy for a key.</p>
+<pre class="literal-block">
+void <a class="reference internal" href="#c.psa_set_key_algorithm" title="psa_set_key_algorithm">psa_set_key_algorithm</a>(<a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ <a class="reference internal" href="../ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd>The attribute object to write to.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The permitted algorithm to write.</dd>
+</dl>
+<p class="rubric">Returns: <code class="docutils literal"><span class="pre">void</span></code></p>
+<p class="rubric">Description</p>
+<p>The permitted algorithm policy of a key encodes which algorithm or algorithms are permitted to be used with this key.</p>
+<p>This function overwrites any permitted algorithm policy previously set in <code class="docutils literal"><span class="pre">attributes</span></code>.</p>
+<div class="admonition-implementation-note admonition">
+<p class="first admonition-title">Implementation note</p>
+<p class="last">This is a simple accessor function that is not required to validate its inputs. It can be efficiently implemented as a <code class="docutils literal"><span class="pre">static</span> <span class="pre">inline</span></code> function or a function-like-macro.</p>
+</div>
+</div>
+<div class="section" id="psa_get_key_algorithm">
+<span id="c.psa_get_key_algorithm"></span><h3><code class="docutils literal"><span class="pre">psa_get_key_algorithm</span></code> (function)</h3>
+<p>Retrieve the permitted algorithm policy from key attributes.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> <a class="reference internal" href="#c.psa_get_key_algorithm" title="psa_get_key_algorithm">psa_get_key_algorithm</a>(const <a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd>The key attribute object to query.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="docutils literal"><span class="pre">psa_algorithm_t</span></code></a></p>
+<p>The algorithm stored in the attribute object.</p>
+<p class="rubric">Description</p>
+<div class="admonition-implementation-note admonition">
+<p class="first admonition-title">Implementation note</p>
+<p class="last">This is a simple accessor function that is not required to validate its inputs. It can be efficiently implemented as a <code class="docutils literal"><span class="pre">static</span> <span class="pre">inline</span></code> function or a function-like-macro.</p>
+</div>
+</div>
+</div>
+<div class="section" id="key-usage-flags">
+<span id="id2"></span><h2>9.5.2. Key usage flags</h2>
+<p>The usage flags are encoded in a bitmask, which has the type <a class="reference internal" href="#c.psa_key_usage_t" title="psa_key_usage_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_usage_t</span></code></a>. Four kinds of usage flag can be specified:</p>
+<ul class="simple">
+<li>The extractable flag <a class="reference internal" href="#c.PSA_KEY_USAGE_EXPORT" title="PSA_KEY_USAGE_EXPORT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_EXPORT</span></code></a> determines whether the key material can be extracted.</li>
+<li>The copyable flag <a class="reference internal" href="#c.PSA_KEY_USAGE_COPY" title="PSA_KEY_USAGE_COPY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_COPY</span></code></a> determines whether the key material can be copied into a new key, which can have a different lifetime or a more restrictive policy.</li>
+<li>The cacheable flag <a class="reference internal" href="#c.PSA_KEY_USAGE_CACHE" title="PSA_KEY_USAGE_CACHE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_CACHE</span></code></a> determines whether the implementation is permitted to retain non-essential copies of the key material in RAM. This policy only applies to persistent keys. See also <a class="reference internal" href="../../overview/implementation.html#key-material"><span class="secref">Managing key material</span></a>.</li>
+<li>The other usage flags, for example, <a class="reference internal" href="#c.PSA_KEY_USAGE_ENCRYPT" title="PSA_KEY_USAGE_ENCRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_ENCRYPT</span></code></a> and <a class="reference internal" href="#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code></a>, determine whether the corresponding operation is permitted on the key.</li>
+</ul>
+<div class="section" id="psa_key_usage_t">
+<span id="c.psa_key_usage_t"></span><h3><code class="docutils literal"><span class="pre">psa_key_usage_t</span></code> (type)</h3>
+<p>Encoding of permitted usage on a key.</p>
+<pre class="literal-block">
+typedef uint32_t <a class="reference internal" href="#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>;
+</pre>
+</div>
+<div class="section" id="PSA_KEY_USAGE_EXPORT">
+<span id="c.PSA_KEY_USAGE_EXPORT"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_EXPORT</span></code> (macro)</h3>
+<p>Permission to export the key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_USAGE_EXPORT" title="PSA_KEY_USAGE_EXPORT">PSA_KEY_USAGE_EXPORT</a> ((<a class="reference internal" href="#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00000001)
+</pre>
+<p>This flag allows the use of <a class="reference internal" href="management.html#c.psa_export_key" title="psa_export_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_key()</span></code></a> to export a key from the cryptoprocessor. A public key or the public part of a key pair can always be exported regardless of the value of this permission flag.</p>
+<p>This flag can also be required to copy a key using <a class="reference internal" href="management.html#c.psa_copy_key" title="psa_copy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_copy_key()</span></code></a> outside of a secure element. See also <a class="reference internal" href="#c.PSA_KEY_USAGE_COPY" title="PSA_KEY_USAGE_COPY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_COPY</span></code></a>.</p>
+<p>If a key does not have export permission, implementations must not allow the key to be exported in plain form from the cryptoprocessor, whether through <a class="reference internal" href="management.html#c.psa_export_key" title="psa_export_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_key()</span></code></a> or through a proprietary interface. The key might still be exportable in a wrapped form, i.e. in a form where it is encrypted by another key.</p>
+</div>
+<div class="section" id="PSA_KEY_USAGE_COPY">
+<span id="c.PSA_KEY_USAGE_COPY"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_COPY</span></code> (macro)</h3>
+<p>Permission to copy the key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_USAGE_COPY" title="PSA_KEY_USAGE_COPY">PSA_KEY_USAGE_COPY</a> ((<a class="reference internal" href="#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00000002)
+</pre>
+<p>This flag allows the use of <a class="reference internal" href="management.html#c.psa_copy_key" title="psa_copy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_copy_key()</span></code></a> to make a copy of the key with the same policy or a more restrictive policy.</p>
+<p>For lifetimes for which the key is located in a secure element which enforce the non-exportability of keys, copying a key outside the secure element also requires the usage flag <a class="reference internal" href="#c.PSA_KEY_USAGE_EXPORT" title="PSA_KEY_USAGE_EXPORT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_EXPORT</span></code></a>. Copying the key inside the secure element is permitted with just <a class="reference internal" href="#c.PSA_KEY_USAGE_COPY" title="PSA_KEY_USAGE_COPY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_COPY</span></code></a> if the secure element supports it. For keys with the lifetime <a class="reference internal" href="lifetimes.html#c.PSA_KEY_LIFETIME_VOLATILE" title="PSA_KEY_LIFETIME_VOLATILE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_LIFETIME_VOLATILE</span></code></a> or <a class="reference internal" href="lifetimes.html#c.PSA_KEY_LIFETIME_PERSISTENT" title="PSA_KEY_LIFETIME_PERSISTENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_LIFETIME_PERSISTENT</span></code></a>, the usage flag <a class="reference internal" href="#c.PSA_KEY_USAGE_COPY" title="PSA_KEY_USAGE_COPY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_COPY</span></code></a> is sufficient to permit the copy.</p>
+</div>
+<div class="section" id="PSA_KEY_USAGE_CACHE">
+<span id="c.PSA_KEY_USAGE_CACHE"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_CACHE</span></code> (macro)</h3>
+<p>Permission for the implementation to cache the key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_USAGE_CACHE" title="PSA_KEY_USAGE_CACHE">PSA_KEY_USAGE_CACHE</a> ((<a class="reference internal" href="#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00000004)
+</pre>
+<p>This flag allows the implementation to make additional copies of the key material that are not in storage and not for the purpose of an ongoing operation. Applications can use it as a hint to keep the key around for repeated access.</p>
+<p>An application can request that cached key material is removed from memory by calling <a class="reference internal" href="management.html#c.psa_purge_key" title="psa_purge_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_purge_key()</span></code></a>.</p>
+<p>The presence of this usage flag when creating a key is a hint:</p>
+<ul class="simple">
+<li>An implementation is not required to cache keys that have this usage flag.</li>
+<li>An implementation must not report an error if it does not cache keys.</li>
+</ul>
+<p>If this usage flag is not present, the implementation must ensure key material is removed from memory as soon as it is not required for an operation or for maintenance of a volatile key.</p>
+<p>This flag must be preserved when reading back the attributes for all keys, regardless of key type or implementation behavior.</p>
+<p>See also <a class="reference internal" href="../../overview/implementation.html#key-material"><span class="secref">Managing key material</span></a>.</p>
+</div>
+<div class="section" id="PSA_KEY_USAGE_ENCRYPT">
+<span id="c.PSA_KEY_USAGE_ENCRYPT"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_ENCRYPT</span></code> (macro)</h3>
+<p>Permission to encrypt a message with the key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_USAGE_ENCRYPT" title="PSA_KEY_USAGE_ENCRYPT">PSA_KEY_USAGE_ENCRYPT</a> ((<a class="reference internal" href="#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00000100)
+</pre>
+<p>This flag allows the key to be used for a symmetric encryption operation, for an AEAD encryption-and-authentication operation, or for an asymmetric encryption operation, if otherwise permitted by the key’s type and policy. The flag must be present on keys used with the following APIs:</p>
+<ul class="simple">
+<li><a class="reference internal" href="../ops/ciphers.html#c.psa_cipher_encrypt" title="psa_cipher_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt()</span></code></a></li>
+<li><a class="reference internal" href="../ops/ciphers.html#c.psa_cipher_encrypt_setup" title="psa_cipher_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt_setup()</span></code></a></li>
+<li><a class="reference internal" href="../ops/aead.html#c.psa_aead_encrypt" title="psa_aead_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt()</span></code></a></li>
+<li><a class="reference internal" href="../ops/aead.html#c.psa_aead_encrypt_setup" title="psa_aead_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt_setup()</span></code></a></li>
+<li><a class="reference internal" href="../ops/pke.html#c.psa_asymmetric_encrypt" title="psa_asymmetric_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_asymmetric_encrypt()</span></code></a></li>
+</ul>
+<p>For a key pair, this concerns the public key.</p>
+</div>
+<div class="section" id="PSA_KEY_USAGE_DECRYPT">
+<span id="c.PSA_KEY_USAGE_DECRYPT"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_DECRYPT</span></code> (macro)</h3>
+<p>Permission to decrypt a message with the key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_USAGE_DECRYPT" title="PSA_KEY_USAGE_DECRYPT">PSA_KEY_USAGE_DECRYPT</a> ((<a class="reference internal" href="#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00000200)
+</pre>
+<p>This flag allows the key to be used for a symmetric decryption operation, for an AEAD decryption-and-verification operation, or for an asymmetric decryption operation, if otherwise permitted by the key’s type and policy. The flag must be present on keys used with the following APIs:</p>
+<ul class="simple">
+<li><a class="reference internal" href="../ops/ciphers.html#c.psa_cipher_decrypt" title="psa_cipher_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt()</span></code></a></li>
+<li><a class="reference internal" href="../ops/ciphers.html#c.psa_cipher_decrypt_setup" title="psa_cipher_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt_setup()</span></code></a></li>
+<li><a class="reference internal" href="../ops/aead.html#c.psa_aead_decrypt" title="psa_aead_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt()</span></code></a></li>
+<li><a class="reference internal" href="../ops/aead.html#c.psa_aead_decrypt_setup" title="psa_aead_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt_setup()</span></code></a></li>
+<li><a class="reference internal" href="../ops/pke.html#c.psa_asymmetric_decrypt" title="psa_asymmetric_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_asymmetric_decrypt()</span></code></a></li>
+</ul>
+<p>For a key pair, this concerns the private key.</p>
+</div>
+<div class="section" id="PSA_KEY_USAGE_SIGN_MESSAGE">
+<span id="c.PSA_KEY_USAGE_SIGN_MESSAGE"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code> (macro)</h3>
+<p>Permission to sign a message with the key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE">PSA_KEY_USAGE_SIGN_MESSAGE</a> ((<a class="reference internal" href="#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00000400)
+</pre>
+<p>This flag allows the key to be used for a MAC calculation operation or for an asymmetric message signature operation, if otherwise permitted by the key’s type and policy. The flag must be present on keys used with the following APIs:</p>
+<ul class="simple">
+<li><a class="reference internal" href="../ops/macs.html#c.psa_mac_compute" title="psa_mac_compute"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_compute()</span></code></a></li>
+<li><a class="reference internal" href="../ops/macs.html#c.psa_mac_sign_setup" title="psa_mac_sign_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_sign_setup()</span></code></a></li>
+<li><a class="reference internal" href="../ops/sign.html#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_message()</span></code></a></li>
+</ul>
+<p>For a key pair, this concerns the private key.</p>
+</div>
+<div class="section" id="PSA_KEY_USAGE_VERIFY_MESSAGE">
+<span id="c.PSA_KEY_USAGE_VERIFY_MESSAGE"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code> (macro)</h3>
+<p>Permission to verify a message signature with the key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE">PSA_KEY_USAGE_VERIFY_MESSAGE</a> ((<a class="reference internal" href="#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00000800)
+</pre>
+<p>This flag allows the key to be used for a MAC verification operation or for an asymmetric message signature verification operation, if otherwise permitted by the key’s type and policy. The flag must be present on keys used with the following APIs:</p>
+<ul class="simple">
+<li><a class="reference internal" href="../ops/macs.html#c.psa_mac_verify" title="psa_mac_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify()</span></code></a></li>
+<li><a class="reference internal" href="../ops/macs.html#c.psa_mac_verify_setup" title="psa_mac_verify_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify_setup()</span></code></a></li>
+<li><a class="reference internal" href="../ops/sign.html#c.psa_verify_message" title="psa_verify_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_message()</span></code></a></li>
+</ul>
+<p>For a key pair, this concerns the public key.</p>
+</div>
+<div class="section" id="PSA_KEY_USAGE_SIGN_HASH">
+<span id="c.PSA_KEY_USAGE_SIGN_HASH"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_HASH</span></code> (macro)</h3>
+<p>Permission to sign a message hash with the key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_USAGE_SIGN_HASH" title="PSA_KEY_USAGE_SIGN_HASH">PSA_KEY_USAGE_SIGN_HASH</a> ((<a class="reference internal" href="#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00001000)
+</pre>
+<p>This flag allows the key to be used to sign a message hash as part of an asymmetric signature operation, if otherwise permitted by the key’s type and policy. The flag must be present on keys used when calling <a class="reference internal" href="../ops/sign.html#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a>.</p>
+<p>This flag automatically sets <a class="reference internal" href="#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code></a>: if an application sets the flag <a class="reference internal" href="#c.PSA_KEY_USAGE_SIGN_HASH" title="PSA_KEY_USAGE_SIGN_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_HASH</span></code></a> when creating a key, then the key always has the permissions conveyed by <a class="reference internal" href="#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code></a>, and the flag <a class="reference internal" href="#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code></a> will also be present when the application queries the usage flags of the key.</p>
+<p>For a key pair, this concerns the private key.</p>
+</div>
+<div class="section" id="PSA_KEY_USAGE_VERIFY_HASH">
+<span id="c.PSA_KEY_USAGE_VERIFY_HASH"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_HASH</span></code> (macro)</h3>
+<p>Permission to verify a message hash with the key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_USAGE_VERIFY_HASH" title="PSA_KEY_USAGE_VERIFY_HASH">PSA_KEY_USAGE_VERIFY_HASH</a> ((<a class="reference internal" href="#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00002000)
+</pre>
+<p>This flag allows the key to be used to verify a message hash as part of an asymmetric signature verification operation, if otherwise permitted by the key’s type and policy. The flag must be present on keys used when calling <a class="reference internal" href="../ops/sign.html#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a>.</p>
+<p>This flag automatically sets <a class="reference internal" href="#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code></a>: if an application sets the flag <a class="reference internal" href="#c.PSA_KEY_USAGE_VERIFY_HASH" title="PSA_KEY_USAGE_VERIFY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_HASH</span></code></a> when creating a key, then the key always has the permissions conveyed by <a class="reference internal" href="#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code></a>, and the flag <a class="reference internal" href="#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code></a> will also be present when the application queries the usage flags of the key.</p>
+<p>For a key pair, this concerns the public key.</p>
+</div>
+<div class="section" id="PSA_KEY_USAGE_DERIVE">
+<span id="c.PSA_KEY_USAGE_DERIVE"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_DERIVE</span></code> (macro)</h3>
+<p>Permission to derive other keys or produce a password hash from this key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_USAGE_DERIVE" title="PSA_KEY_USAGE_DERIVE">PSA_KEY_USAGE_DERIVE</a> ((<a class="reference internal" href="#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00004000)
+</pre>
+<p>This flag allows the key to be used for a key derivation operation or for a key agreement operation, if otherwise permitted by the key’s type and policy.</p>
+<p>This flag must be present on keys used with the following APIs:</p>
+<ul class="simple">
+<li><a class="reference internal" href="../ops/ka.html#c.psa_key_derivation_key_agreement" title="psa_key_derivation_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_key_agreement()</span></code></a></li>
+<li><a class="reference internal" href="../ops/ka.html#c.psa_raw_key_agreement" title="psa_raw_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_raw_key_agreement()</span></code></a></li>
+</ul>
+<p>If this flag is present on all keys used in calls to <a class="reference internal" href="../ops/kdf.html#c.psa_key_derivation_input_key" title="psa_key_derivation_input_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_key()</span></code></a> for a key derivation operation, then it permits calling <a class="reference internal" href="../ops/kdf.html#c.psa_key_derivation_output_bytes" title="psa_key_derivation_output_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_bytes()</span></code></a> or <a class="reference internal" href="../ops/kdf.html#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a> at the end of the operation.</p>
+</div>
+<div class="section" id="PSA_KEY_USAGE_VERIFY_DERIVATION">
+<span id="c.PSA_KEY_USAGE_VERIFY_DERIVATION"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_DERIVATION</span></code> (macro)</h3>
+<p>Permission to verify the result of a key derivation, including password hashing.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_USAGE_VERIFY_DERIVATION" title="PSA_KEY_USAGE_VERIFY_DERIVATION">PSA_KEY_USAGE_VERIFY_DERIVATION</a> ((<a class="reference internal" href="#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00008000)
+</pre>
+<p>This flag allows the key to be used in a key derivation operation, if otherwise permitted by the key’s type and policy.</p>
+<p>This flag must be present on keys used with <a class="reference internal" href="../ops/kdf.html#c.psa_key_derivation_verify_key" title="psa_key_derivation_verify_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_verify_key()</span></code></a>.</p>
+<p>If this flag is present on all keys used in calls to <a class="reference internal" href="../ops/kdf.html#c.psa_key_derivation_input_key" title="psa_key_derivation_input_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_key()</span></code></a> for a key derivation operation, then it permits calling <a class="reference internal" href="../ops/kdf.html#c.psa_key_derivation_verify_bytes" title="psa_key_derivation_verify_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_verify_bytes()</span></code></a> or <a class="reference internal" href="../ops/kdf.html#c.psa_key_derivation_verify_key" title="psa_key_derivation_verify_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_verify_key()</span></code></a> at the end of the operation.</p>
+</div>
+<div class="section" id="psa_set_key_usage_flags">
+<span id="c.psa_set_key_usage_flags"></span><h3><code class="docutils literal"><span class="pre">psa_set_key_usage_flags</span></code> (function)</h3>
+<p>Declare usage flags for a key.</p>
+<pre class="literal-block">
+void <a class="reference internal" href="#c.psa_set_key_usage_flags" title="psa_set_key_usage_flags">psa_set_key_usage_flags</a>(<a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ <a class="reference internal" href="#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a> usage_flags);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd>The attribute object to write to.</dd>
+<dt> <code class="docutils literal"><span class="pre">usage_flags</span></code></dt>
+<dd>The usage flags to write.</dd>
+</dl>
+<p class="rubric">Returns: <code class="docutils literal"><span class="pre">void</span></code></p>
+<p class="rubric">Description</p>
+<p>Usage flags are part of a key’s policy. They encode what kind of operations are permitted on the key. For more details, see <a class="reference internal" href="#key-policy"><span class="secref">Key policies</span></a>.</p>
+<p>This function overwrites any usage flags previously set in <code class="docutils literal"><span class="pre">attributes</span></code>.</p>
+<div class="admonition-implementation-note admonition">
+<p class="first admonition-title">Implementation note</p>
+<p class="last">This is a simple accessor function that is not required to validate its inputs. It can be efficiently implemented as a <code class="docutils literal"><span class="pre">static</span> <span class="pre">inline</span></code> function or a function-like-macro.</p>
+</div>
+</div>
+<div class="section" id="psa_get_key_usage_flags">
+<span id="c.psa_get_key_usage_flags"></span><h3><code class="docutils literal"><span class="pre">psa_get_key_usage_flags</span></code> (function)</h3>
+<p>Retrieve the usage flags from key attributes.</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a> <a class="reference internal" href="#c.psa_get_key_usage_flags" title="psa_get_key_usage_flags">psa_get_key_usage_flags</a>(const <a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd>The key attribute object to query.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="#c.psa_key_usage_t" title="psa_key_usage_t"><code class="docutils literal"><span class="pre">psa_key_usage_t</span></code></a></p>
+<p>The usage flags stored in the attribute object.</p>
+<p class="rubric">Description</p>
+<div class="admonition-implementation-note admonition">
+<p class="first admonition-title">Implementation note</p>
+<p class="last">This is a simple accessor function that is not required to validate its inputs. It can be efficiently implemented as a <code class="docutils literal"><span class="pre">static</span> <span class="pre">inline</span></code> function or a function-like-macro.</p>
+</div>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">9. Key management reference</a><ul class="current">
+<li class="toctree-l2"><a class="reference internal" href="attributes.html">9.1. Key attributes</a></li>
+<li class="toctree-l2"><a class="reference internal" href="types.html">9.2. Key types</a></li>
+<li class="toctree-l2"><a class="reference internal" href="lifetimes.html">9.3. Key lifetimes</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ids.html">9.4. Key identifiers</a></li>
+<li class="toctree-l2 current"><a class="current reference internal" href="#">9.5. Key policies</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#permitted-algorithms">9.5.1. Permitted algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#key-usage-flags">9.5.2. Key usage flags</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="management.html">9.6. Key management functions</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="../ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/keys/types.html b/docs/1.1.0/html/api/keys/types.html
new file mode 100644
index 0000000..55c1c39
--- /dev/null
+++ b/docs/1.1.0/html/api/keys/types.html
@@ -0,0 +1,1115 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>9.2. Key types — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="9.3. Key lifetimes" href="lifetimes.html" />
+ <link rel="prev" title="9.1. Key attributes" href="attributes.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="key-types">
+<span id="id1"></span><h1>9.2. Key types</h1>
+<div class="section" id="key-type-encoding">
+<h2>9.2.1. Key type encoding</h2>
+<div class="section" id="psa_key_type_t">
+<span id="c.psa_key_type_t"></span><h3><code class="docutils literal"><span class="pre">psa_key_type_t</span></code> (type)</h3>
+<p>Encoding of a key type.</p>
+<pre class="literal-block">
+typedef uint16_t <a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>;
+</pre>
+<p>This is a structured bitfield that identifies the category and type of key. The range of key type values is divided as follows:</p>
+<dl class="docutils">
+<dt><a class="reference internal" href="#c.PSA_KEY_TYPE_NONE" title="PSA_KEY_TYPE_NONE"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_NONE</span></code></a><code class="docutils literal"> <span class="pre">==</span> <span class="pre">0</span></code></dt>
+<dd>Reserved as an invalid key type.</dd>
+<dt><code class="docutils literal"><span class="pre">0</span></code><code class="docutils literal"><span class="pre">x0001</span></code><code class="docutils literal"> <span class="pre">–</span> <span class="pre">0</span></code><code class="docutils literal"><span class="pre">x7fff</span></code></dt>
+<dd>Specification-defined key types.
+Key types defined by this standard always have bit 15 clear.
+Unallocated key type values in this range are reserved for future use.</dd>
+<dt><code class="docutils literal"><span class="pre">0</span></code><code class="docutils literal"><span class="pre">x8000</span></code><code class="docutils literal"> <span class="pre">–</span> <span class="pre">0</span></code><code class="docutils literal"><span class="pre">xffff</span></code></dt>
+<dd>Implementation-defined key types.
+Implementations that define additional key types must use an encoding with bit 15 set.
+The related support macros will be easier to write if these key encodings also respect the bitwise structure used by standard encodings.</dd>
+</dl>
+<p>The <a class="reference internal" href="../../appendix/encodings.html#appendix-encodings"><span class="secref">Algorithm and key type encoding</span></a> appendix provides a full definition of the key type encoding.</p>
+</div>
+<div class="section" id="PSA_KEY_TYPE_NONE">
+<span id="c.PSA_KEY_TYPE_NONE"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_NONE</span></code> (macro)</h3>
+<p>An invalid key type value.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_NONE" title="PSA_KEY_TYPE_NONE">PSA_KEY_TYPE_NONE</a> ((<a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x0000)
+</pre>
+<p>Zero is not the encoding of any key type.</p>
+</div>
+</div>
+<div class="section" id="key-categories">
+<h2>9.2.2. Key categories</h2>
+<div class="section" id="PSA_KEY_TYPE_IS_UNSTRUCTURED">
+<span id="c.PSA_KEY_TYPE_IS_UNSTRUCTURED"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_UNSTRUCTURED</span></code> (macro)</h3>
+<p>Whether a key type is an unstructured array of bytes.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_IS_UNSTRUCTURED" title="PSA_KEY_TYPE_IS_UNSTRUCTURED">PSA_KEY_TYPE_IS_UNSTRUCTURED</a>(type) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">type</span></code></dt>
+<dd>A key type: a value of type <a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Description</p>
+<p>This encompasses both symmetric keys and non-key data.</p>
+<p>See <a class="reference internal" href="#symmetric-keys"><span class="secref">Symmetric keys</span></a> for a list of symmetric key types.</p>
+</div>
+<div class="section" id="PSA_KEY_TYPE_IS_ASYMMETRIC">
+<span id="c.PSA_KEY_TYPE_IS_ASYMMETRIC"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_ASYMMETRIC</span></code> (macro)</h3>
+<p>Whether a key type is asymmetric: either a key pair or a public key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_IS_ASYMMETRIC" title="PSA_KEY_TYPE_IS_ASYMMETRIC">PSA_KEY_TYPE_IS_ASYMMETRIC</a>(type) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">type</span></code></dt>
+<dd>A key type: a value of type <a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Description</p>
+<p>See <a class="reference internal" href="#asymmetric-keys"><span class="secref">RSA keys</span></a> for a list of asymmetric key types.</p>
+</div>
+<div class="section" id="PSA_KEY_TYPE_IS_PUBLIC_KEY">
+<span id="c.PSA_KEY_TYPE_IS_PUBLIC_KEY"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_PUBLIC_KEY</span></code> (macro)</h3>
+<p>Whether a key type is the public part of a key pair.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_IS_PUBLIC_KEY" title="PSA_KEY_TYPE_IS_PUBLIC_KEY">PSA_KEY_TYPE_IS_PUBLIC_KEY</a>(type) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">type</span></code></dt>
+<dd>A key type: a value of type <a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a>.</dd>
+</dl>
+</div>
+<div class="section" id="PSA_KEY_TYPE_IS_KEY_PAIR">
+<span id="c.PSA_KEY_TYPE_IS_KEY_PAIR"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_KEY_PAIR</span></code> (macro)</h3>
+<p>Whether a key type is a key pair containing a private part and a public part.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_IS_KEY_PAIR" title="PSA_KEY_TYPE_IS_KEY_PAIR">PSA_KEY_TYPE_IS_KEY_PAIR</a>(type) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">type</span></code></dt>
+<dd>A key type: a value of type <a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a>.</dd>
+</dl>
+</div>
+</div>
+<div class="section" id="symmetric-keys">
+<span id="id2"></span><h2>9.2.3. Symmetric keys</h2>
+<div class="section" id="PSA_KEY_TYPE_RAW_DATA">
+<span id="c.PSA_KEY_TYPE_RAW_DATA"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_RAW_DATA</span></code> (macro)</h3>
+<p>Raw data.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_RAW_DATA" title="PSA_KEY_TYPE_RAW_DATA">PSA_KEY_TYPE_RAW_DATA</a> ((<a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x1001)
+</pre>
+<p>A “key” of this type cannot be used for any cryptographic operation. Applications can use this type to store arbitrary data in the keystore.</p>
+<p>The bit size of a raw key must be a non-zero multiple of 8. The maximum size of a raw key is <a class="reference internal" href="../../about.html#term-implementation-defined"><span class="scterm">IMPLEMENTATION DEFINED</span></a>.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/kdf.html#c.PSA_ALG_HKDF" title="PSA_ALG_HKDF"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_HKDF</span></code></a> (non-secret inputs)</div>
+<div class="line"><a class="reference internal" href="../ops/kdf.html#c.PSA_ALG_TLS12_PRF" title="PSA_ALG_TLS12_PRF"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_TLS12_PRF</span></code></a> (non-secret inputs)</div>
+<div class="line"><a class="reference internal" href="../ops/kdf.html#c.PSA_ALG_TLS12_PSK_TO_MS" title="PSA_ALG_TLS12_PSK_TO_MS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_TLS12_PSK_TO_MS</span></code></a> (non-secret inputs)</div>
+</div>
+</div>
+<div class="section" id="PSA_KEY_TYPE_HMAC">
+<span id="c.PSA_KEY_TYPE_HMAC"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_HMAC</span></code> (macro)</h3>
+<p>HMAC key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_HMAC" title="PSA_KEY_TYPE_HMAC">PSA_KEY_TYPE_HMAC</a> ((<a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x1100)
+</pre>
+<p>The key policy determines which underlying hash algorithm the key can be used for.</p>
+<p>The bit size of an HMAC key must be a non-zero multiple of 8. An HMAC key is typically the same size as the output of the underlying hash algorithm. An HMAC key that is longer than the block size of the underlying hash algorithm will be hashed before use.</p>
+<p>When an HMAC key is created that is longer than the block size, it is <a class="reference internal" href="../../about.html#term-implementation-defined"><span class="scterm">implementation defined</span></a> whether the implementation stores the original HMAC key, or the hash of the HMAC key. If the hash of the key is stored, the key size reported by <a class="reference internal" href="attributes.html#c.psa_get_key_attributes" title="psa_get_key_attributes"><code class="xref any c c-func docutils literal"><span class="pre">psa_get_key_attributes()</span></code></a> will be the size of the hashed key.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p><a class="reference internal" href="../ops/hashes.html#c.PSA_HASH_LENGTH" title="PSA_HASH_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> provides the output size of hash algorithm <code class="docutils literal"><span class="pre">alg</span></code>, in bytes.</p>
+<p class="last"><a class="reference internal" href="../ops/hashes.html#c.PSA_HASH_BLOCK_LENGTH" title="PSA_HASH_BLOCK_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_BLOCK_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> provides the block size of hash algorithm <code class="docutils literal"><span class="pre">alg</span></code>, in bytes.</p>
+</div>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/macs.html#c.PSA_ALG_HMAC" title="PSA_ALG_HMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_HMAC</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_KEY_TYPE_DERIVE">
+<span id="c.PSA_KEY_TYPE_DERIVE"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DERIVE</span></code> (macro)</h3>
+<p>A secret for key derivation.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_DERIVE" title="PSA_KEY_TYPE_DERIVE">PSA_KEY_TYPE_DERIVE</a> ((<a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x1200)
+</pre>
+<p>This key type is for high-entropy secrets only. For low-entropy secrets, <a class="reference internal" href="#c.PSA_KEY_TYPE_PASSWORD" title="PSA_KEY_TYPE_PASSWORD"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD</span></code></a> should be used instead.</p>
+<p>These keys can be used in the <a class="reference internal" href="../ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_SECRET" title="PSA_KEY_DERIVATION_INPUT_SECRET"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SECRET</span></code></a> or <a class="reference internal" href="../ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_PASSWORD" title="PSA_KEY_DERIVATION_INPUT_PASSWORD"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_PASSWORD</span></code></a> input step of key derivation algorithms.</p>
+<p>The key policy determines which key derivation algorithm the key can be used for.</p>
+<p>The bit size of a secret for key derivation must be a non-zero multiple of 8. The maximum size of a secret for key derivation is <a class="reference internal" href="../../about.html#term-implementation-defined"><span class="scterm">IMPLEMENTATION DEFINED</span></a>.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/kdf.html#c.PSA_ALG_HKDF" title="PSA_ALG_HKDF"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_HKDF</span></code></a> (secret input)</div>
+<div class="line"><a class="reference internal" href="../ops/kdf.html#c.PSA_ALG_TLS12_PRF" title="PSA_ALG_TLS12_PRF"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_TLS12_PRF</span></code></a> (secret input)</div>
+<div class="line"><a class="reference internal" href="../ops/kdf.html#c.PSA_ALG_TLS12_PSK_TO_MS" title="PSA_ALG_TLS12_PSK_TO_MS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_TLS12_PSK_TO_MS</span></code></a> (secret input)</div>
+</div>
+</div>
+<div class="section" id="PSA_KEY_TYPE_PASSWORD">
+<span id="c.PSA_KEY_TYPE_PASSWORD"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD</span></code> (macro)</h3>
+<p>A low-entropy secret for password hashing or key derivation.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_PASSWORD" title="PSA_KEY_TYPE_PASSWORD">PSA_KEY_TYPE_PASSWORD</a> ((<a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x1203)
+</pre>
+<p>This key type is suitable for passwords and passphrases which are typically intended to be memorizable by humans, and have a low entropy relative to their size.
+It can be used for randomly generated or derived keys with maximum or near-maximum entropy, but <a class="reference internal" href="#c.PSA_KEY_TYPE_DERIVE" title="PSA_KEY_TYPE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DERIVE</span></code></a> is more suitable for such keys.
+It is not suitable for passwords with extremely low entropy, such as numerical PINs.</p>
+<p>These keys can be used in the <a class="reference internal" href="../ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_PASSWORD" title="PSA_KEY_DERIVATION_INPUT_PASSWORD"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_PASSWORD</span></code></a> input step of key derivation algorithms.
+Algorithms that accept such an input were designed to accept low-entropy secret and are known as <em>password hashing</em> or <em>key stretching</em> algorithms.</p>
+<p>These keys cannot be used in the <a class="reference internal" href="../ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_SECRET" title="PSA_KEY_DERIVATION_INPUT_SECRET"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SECRET</span></code></a> input step of key derivation algorithms, as the algorithms expect such an input to have high entropy.</p>
+<p>The key policy determines which key derivation algorithm the key can be used for, among the permissible subset defined above.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/kdf.html#c.PSA_ALG_PBKDF2_HMAC" title="PSA_ALG_PBKDF2_HMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_PBKDF2_HMAC()</span></code></a> (password input)</div>
+<div class="line"><a class="reference internal" href="../ops/kdf.html#c.PSA_ALG_PBKDF2_AES_CMAC_PRF_128" title="PSA_ALG_PBKDF2_AES_CMAC_PRF_128"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_PBKDF2_AES_CMAC_PRF_128</span></code></a> (password input)</div>
+</div>
+</div>
+<div class="section" id="PSA_KEY_TYPE_PASSWORD_HASH">
+<span id="c.PSA_KEY_TYPE_PASSWORD_HASH"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD_HASH</span></code> (macro)</h3>
+<p>A secret value that can be used to verify a password hash.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_PASSWORD_HASH" title="PSA_KEY_TYPE_PASSWORD_HASH">PSA_KEY_TYPE_PASSWORD_HASH</a> ((<a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x1205)
+</pre>
+<p>The key policy determines which key derivation algorithm the key can be used for, among the same permissible subset as for <a class="reference internal" href="#c.PSA_KEY_TYPE_PASSWORD" title="PSA_KEY_TYPE_PASSWORD"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD</span></code></a>.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/kdf.html#c.PSA_ALG_PBKDF2_HMAC" title="PSA_ALG_PBKDF2_HMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_PBKDF2_HMAC()</span></code></a> (key output and verification)</div>
+<div class="line"><a class="reference internal" href="../ops/kdf.html#c.PSA_ALG_PBKDF2_AES_CMAC_PRF_128" title="PSA_ALG_PBKDF2_AES_CMAC_PRF_128"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_PBKDF2_AES_CMAC_PRF_128</span></code></a> (key output and verification)</div>
+</div>
+</div>
+<div class="section" id="PSA_KEY_TYPE_PEPPER">
+<span id="c.PSA_KEY_TYPE_PEPPER"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_PEPPER</span></code> (macro)</h3>
+<p>A secret value that can be used when computing a password hash.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_PEPPER" title="PSA_KEY_TYPE_PEPPER">PSA_KEY_TYPE_PEPPER</a> ((<a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x1206)
+</pre>
+<p>The key policy determines which key derivation algorithm the key can be used for, among the subset of algorithms that can use pepper.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/kdf.html#c.PSA_ALG_PBKDF2_HMAC" title="PSA_ALG_PBKDF2_HMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_PBKDF2_HMAC()</span></code></a> (salt input)</div>
+<div class="line"><a class="reference internal" href="../ops/kdf.html#c.PSA_ALG_PBKDF2_AES_CMAC_PRF_128" title="PSA_ALG_PBKDF2_AES_CMAC_PRF_128"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_PBKDF2_AES_CMAC_PRF_128</span></code></a> (salt input)</div>
+</div>
+</div>
+<div class="section" id="PSA_KEY_TYPE_AES">
+<span id="c.PSA_KEY_TYPE_AES"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code> (macro)</h3>
+<p>Key for a cipher, AEAD or MAC algorithm based on the AES block cipher.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES">PSA_KEY_TYPE_AES</a> ((<a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x2400)
+</pre>
+<p>The size of the key is related to the AES algorithm variant. For algorithms except the XTS block cipher mode, the following key sizes are used:</p>
+<ul class="simple">
+<li>AES-128 uses a 16-byte key : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">128</span></code></li>
+<li>AES-192 uses a 24-byte key : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">192</span></code></li>
+<li>AES-256 uses a 32-byte key : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">256</span></code></li>
+</ul>
+<p>For the XTS block cipher mode (<a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_XTS" title="PSA_ALG_XTS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_XTS</span></code></a>), the following key sizes are used:</p>
+<ul class="simple">
+<li>AES-128-XTS uses two 16-byte keys : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">256</span></code></li>
+<li>AES-192-XTS uses two 24-byte keys : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">384</span></code></li>
+<li>AES-256-XTS uses two 32-byte keys : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">512</span></code></li>
+</ul>
+<p>The AES block cipher is defined in <span><em>FIPS Publication 197: Advanced Encryption Standard (AES)</em> <a class="reference internal" href="../../about.html#citation-fips197"><span class="cite">[FIPS197]</span></a></span>.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/macs.html#c.PSA_ALG_CBC_MAC" title="PSA_ALG_CBC_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_MAC</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/macs.html#c.PSA_ALG_CMAC" title="PSA_ALG_CMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CMAC</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CTR" title="PSA_ALG_CTR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CTR</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CFB" title="PSA_ALG_CFB"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CFB</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_OFB" title="PSA_ALG_OFB"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_OFB</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_XTS" title="PSA_ALG_XTS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_XTS</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CBC_NO_PADDING" title="PSA_ALG_CBC_NO_PADDING"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_NO_PADDING</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CBC_PKCS7" title="PSA_ALG_CBC_PKCS7"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_PKCS7</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_ECB_NO_PADDING" title="PSA_ALG_ECB_NO_PADDING"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECB_NO_PADDING</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/aead.html#c.PSA_ALG_CCM" title="PSA_ALG_CCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CCM</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/aead.html#c.PSA_ALG_GCM" title="PSA_ALG_GCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_GCM</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_KEY_TYPE_ARIA">
+<span id="c.PSA_KEY_TYPE_ARIA"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ARIA</span></code> (macro)</h3>
+<p>Key for a cipher, AEAD or MAC algorithm based on the ARIA block cipher.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_ARIA" title="PSA_KEY_TYPE_ARIA">PSA_KEY_TYPE_ARIA</a> ((<a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x2406)
+</pre>
+<p>The size of the key is related to the ARIA algorithm variant. For algorithms except the XTS block cipher mode, the following key sizes are used:</p>
+<ul class="simple">
+<li>ARIA-128 uses a 16-byte key : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">128</span></code></li>
+<li>ARIA-192 uses a 24-byte key : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">192</span></code></li>
+<li>ARIA-256 uses a 32-byte key : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">256</span></code></li>
+</ul>
+<p>For the XTS block cipher mode (<a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_XTS" title="PSA_ALG_XTS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_XTS</span></code></a>), the following key sizes are used:</p>
+<ul class="simple">
+<li>ARIA-128-XTS uses two 16-byte keys : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">256</span></code></li>
+<li>ARIA-192-XTS uses two 24-byte keys : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">384</span></code></li>
+<li>ARIA-256-XTS uses two 32-byte keys : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">512</span></code></li>
+</ul>
+<p>The ARIA block cipher is defined in <span><em>A Description of the ARIA Encryption Algorithm</em> <a class="reference internal" href="../../about.html#citation-rfc5794"><span class="cite">[RFC5794]</span></a></span>.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/macs.html#c.PSA_ALG_CBC_MAC" title="PSA_ALG_CBC_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_MAC</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/macs.html#c.PSA_ALG_CMAC" title="PSA_ALG_CMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CMAC</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CTR" title="PSA_ALG_CTR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CTR</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CFB" title="PSA_ALG_CFB"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CFB</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_OFB" title="PSA_ALG_OFB"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_OFB</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_XTS" title="PSA_ALG_XTS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_XTS</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CBC_NO_PADDING" title="PSA_ALG_CBC_NO_PADDING"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_NO_PADDING</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CBC_PKCS7" title="PSA_ALG_CBC_PKCS7"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_PKCS7</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_ECB_NO_PADDING" title="PSA_ALG_ECB_NO_PADDING"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECB_NO_PADDING</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/aead.html#c.PSA_ALG_CCM" title="PSA_ALG_CCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CCM</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/aead.html#c.PSA_ALG_GCM" title="PSA_ALG_GCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_GCM</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_KEY_TYPE_DES">
+<span id="c.PSA_KEY_TYPE_DES"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DES</span></code> (macro)</h3>
+<p>Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES).</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_DES" title="PSA_KEY_TYPE_DES">PSA_KEY_TYPE_DES</a> ((<a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x2301)
+</pre>
+<p>The size of the key determines which DES algorithm is used:</p>
+<ul class="simple">
+<li>Single DES uses an 8-byte key : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">64</span></code></li>
+<li>2-key 3DES uses a 16-byte key : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">128</span></code></li>
+<li>3-key 3DES uses a 24-byte key : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">192</span></code></li>
+</ul>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p>Single DES and 2-key 3DES are weak and strongly deprecated and are only recommended for decrypting legacy data.</p>
+<p class="last">3-key 3DES is weak and deprecated and is only recommended for use in legacy protocols.</p>
+</div>
+<p>The DES and 3DES block ciphers are defined in <span><em>NIST Special Publication 800-67: Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher</em> <a class="reference internal" href="../../about.html#citation-sp800-67"><span class="cite">[SP800-67]</span></a></span>.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/macs.html#c.PSA_ALG_CBC_MAC" title="PSA_ALG_CBC_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_MAC</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/macs.html#c.PSA_ALG_CMAC" title="PSA_ALG_CMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CMAC</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CTR" title="PSA_ALG_CTR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CTR</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CFB" title="PSA_ALG_CFB"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CFB</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_OFB" title="PSA_ALG_OFB"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_OFB</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_XTS" title="PSA_ALG_XTS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_XTS</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CBC_NO_PADDING" title="PSA_ALG_CBC_NO_PADDING"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_NO_PADDING</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CBC_PKCS7" title="PSA_ALG_CBC_PKCS7"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_PKCS7</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_ECB_NO_PADDING" title="PSA_ALG_ECB_NO_PADDING"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECB_NO_PADDING</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_KEY_TYPE_CAMELLIA">
+<span id="c.PSA_KEY_TYPE_CAMELLIA"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_CAMELLIA</span></code> (macro)</h3>
+<p>Key for a cipher, AEAD or MAC algorithm based on the Camellia block cipher.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_CAMELLIA" title="PSA_KEY_TYPE_CAMELLIA">PSA_KEY_TYPE_CAMELLIA</a> ((<a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x2403)
+</pre>
+<p>The size of the key is related to the Camellia algorithm variant. For algorithms except the XTS block cipher mode, the following key sizes are used:</p>
+<ul class="simple">
+<li>Camellia-128 uses a 16-byte key : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">128</span></code></li>
+<li>Camellia-192 uses a 24-byte key : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">192</span></code></li>
+<li>Camellia-256 uses a 32-byte key : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">256</span></code></li>
+</ul>
+<p>For the XTS block cipher mode (<a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_XTS" title="PSA_ALG_XTS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_XTS</span></code></a>), the following key sizes are used:</p>
+<ul class="simple">
+<li>Camellia-128-XTS uses two 16-byte keys : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">256</span></code></li>
+<li>Camellia-192-XTS uses two 24-byte keys : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">384</span></code></li>
+<li>Camellia-256-XTS uses two 32-byte keys : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">512</span></code></li>
+</ul>
+<p>The Camellia block cipher is defined in <span><em>Specification of Camellia — a 128-bit Block Cipher</em> <a class="reference internal" href="../../about.html#citation-ntt-cam"><span class="cite">[NTT-CAM]</span></a></span> and also described in <span><em>A Description of the Camellia Encryption Algorithm</em> <a class="reference internal" href="../../about.html#citation-rfc3713"><span class="cite">[RFC3713]</span></a></span>.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/macs.html#c.PSA_ALG_CBC_MAC" title="PSA_ALG_CBC_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_MAC</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/macs.html#c.PSA_ALG_CMAC" title="PSA_ALG_CMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CMAC</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CTR" title="PSA_ALG_CTR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CTR</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CFB" title="PSA_ALG_CFB"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CFB</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_OFB" title="PSA_ALG_OFB"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_OFB</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_XTS" title="PSA_ALG_XTS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_XTS</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CBC_NO_PADDING" title="PSA_ALG_CBC_NO_PADDING"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_NO_PADDING</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CBC_PKCS7" title="PSA_ALG_CBC_PKCS7"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_PKCS7</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_ECB_NO_PADDING" title="PSA_ALG_ECB_NO_PADDING"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECB_NO_PADDING</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/aead.html#c.PSA_ALG_CCM" title="PSA_ALG_CCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CCM</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/aead.html#c.PSA_ALG_GCM" title="PSA_ALG_GCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_GCM</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_KEY_TYPE_SM4">
+<span id="c.PSA_KEY_TYPE_SM4"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_SM4</span></code> (macro)</h3>
+<p>Key for a cipher, AEAD or MAC algorithm based on the SM4 block cipher.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_SM4" title="PSA_KEY_TYPE_SM4">PSA_KEY_TYPE_SM4</a> ((<a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x2405)
+</pre>
+<p>For algorithms except the XTS block cipher mode, the SM4 key size is 128 bits (16 bytes).</p>
+<p>For the XTS block cipher mode (<a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_XTS" title="PSA_ALG_XTS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_XTS</span></code></a>), the SM4 key size is 256 bits (two 16-byte keys).</p>
+<p>The SM4 block cipher is defined in <span><em>GM/T 0002-2012: SM4 block cipher algorithm</em> <a class="reference internal" href="../../about.html#citation-cstc0002"><span class="cite">[CSTC0002]</span></a></span> (English version <a class="reference internal" href="../../about.html#citation-cstc0002-e"><span class="cite">[CSTC0002/E]</span></a>).</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/macs.html#c.PSA_ALG_CBC_MAC" title="PSA_ALG_CBC_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_MAC</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/macs.html#c.PSA_ALG_CMAC" title="PSA_ALG_CMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CMAC</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CTR" title="PSA_ALG_CTR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CTR</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CFB" title="PSA_ALG_CFB"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CFB</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_OFB" title="PSA_ALG_OFB"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_OFB</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_XTS" title="PSA_ALG_XTS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_XTS</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CBC_NO_PADDING" title="PSA_ALG_CBC_NO_PADDING"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_NO_PADDING</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_CBC_PKCS7" title="PSA_ALG_CBC_PKCS7"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_PKCS7</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_ECB_NO_PADDING" title="PSA_ALG_ECB_NO_PADDING"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECB_NO_PADDING</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/aead.html#c.PSA_ALG_CCM" title="PSA_ALG_CCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CCM</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/aead.html#c.PSA_ALG_GCM" title="PSA_ALG_GCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_GCM</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_KEY_TYPE_ARC4">
+<span id="c.PSA_KEY_TYPE_ARC4"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ARC4</span></code> (macro)</h3>
+<p>Key for the ARC4 stream cipher.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_ARC4" title="PSA_KEY_TYPE_ARC4">PSA_KEY_TYPE_ARC4</a> ((<a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x2002)
+</pre>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">The ARC4 cipher is weak and deprecated and is only recommended for use in legacy protocols.</p>
+</div>
+<p>The ARC4 cipher supports key sizes between 40 and 2048 bits, that are multiples of 8. (5 to 256 bytes)</p>
+<p>Use algorithm <a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_STREAM_CIPHER" title="PSA_ALG_STREAM_CIPHER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_STREAM_CIPHER</span></code></a> to use this key with the ARC4 cipher.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_STREAM_CIPHER" title="PSA_ALG_STREAM_CIPHER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_STREAM_CIPHER</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_KEY_TYPE_CHACHA20">
+<span id="c.PSA_KEY_TYPE_CHACHA20"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_CHACHA20</span></code> (macro)</h3>
+<p>Key for the ChaCha20 stream cipher or the ChaCha20-Poly1305 AEAD algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_CHACHA20" title="PSA_KEY_TYPE_CHACHA20">PSA_KEY_TYPE_CHACHA20</a> ((<a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x2004)
+</pre>
+<p>The ChaCha20 key size is 256 bits (32 bytes).</p>
+<ul class="simple">
+<li>Use algorithm <a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_STREAM_CIPHER" title="PSA_ALG_STREAM_CIPHER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_STREAM_CIPHER</span></code></a> to use this key with the ChaCha20 cipher for unauthenticated encryption. See <a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_STREAM_CIPHER" title="PSA_ALG_STREAM_CIPHER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_STREAM_CIPHER</span></code></a> for details of this algorithm.</li>
+<li>Use algorithm <a class="reference internal" href="../ops/aead.html#c.PSA_ALG_CHACHA20_POLY1305" title="PSA_ALG_CHACHA20_POLY1305"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CHACHA20_POLY1305</span></code></a> to use this key with the ChaCha20 cipher and Poly1305 authenticator for AEAD. See <a class="reference internal" href="../ops/aead.html#c.PSA_ALG_CHACHA20_POLY1305" title="PSA_ALG_CHACHA20_POLY1305"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CHACHA20_POLY1305</span></code></a> for details of this algorithm.</li>
+</ul>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/ciphers.html#c.PSA_ALG_STREAM_CIPHER" title="PSA_ALG_STREAM_CIPHER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_STREAM_CIPHER</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/aead.html#c.PSA_ALG_CHACHA20_POLY1305" title="PSA_ALG_CHACHA20_POLY1305"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CHACHA20_POLY1305</span></code></a></div>
+</div>
+</div>
+</div>
+<div class="section" id="rsa-keys">
+<span id="asymmetric-keys"></span><h2>9.2.4. RSA keys</h2>
+<div class="section" id="PSA_KEY_TYPE_RSA_KEY_PAIR">
+<span id="c.PSA_KEY_TYPE_RSA_KEY_PAIR"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_KEY_PAIR</span></code> (macro)</h3>
+<p>RSA key pair: both the private and public key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_RSA_KEY_PAIR" title="PSA_KEY_TYPE_RSA_KEY_PAIR">PSA_KEY_TYPE_RSA_KEY_PAIR</a> ((<a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x7001)
+</pre>
+<p>The size of an RSA key is the bit size of the modulus.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/pke.html#c.PSA_ALG_RSA_OAEP" title="PSA_ALG_RSA_OAEP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_OAEP</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/pke.html#c.PSA_ALG_RSA_PKCS1V15_CRYPT" title="PSA_ALG_RSA_PKCS1V15_CRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_CRYPT</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN" title="PSA_ALG_RSA_PKCS1V15_SIGN"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_RSA_PSS_ANY_SALT" title="PSA_ALG_RSA_PSS_ANY_SALT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS_ANY_SALT</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_KEY_TYPE_RSA_PUBLIC_KEY">
+<span id="c.PSA_KEY_TYPE_RSA_PUBLIC_KEY"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_PUBLIC_KEY</span></code> (macro)</h3>
+<p>RSA public key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_RSA_PUBLIC_KEY" title="PSA_KEY_TYPE_RSA_PUBLIC_KEY">PSA_KEY_TYPE_RSA_PUBLIC_KEY</a> ((<a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x4001)
+</pre>
+<p>The size of an RSA key is the bit size of the modulus.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/pke.html#c.PSA_ALG_RSA_OAEP" title="PSA_ALG_RSA_OAEP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_OAEP</span></code></a> (encryption only)</div>
+<div class="line"><a class="reference internal" href="../ops/pke.html#c.PSA_ALG_RSA_PKCS1V15_CRYPT" title="PSA_ALG_RSA_PKCS1V15_CRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_CRYPT</span></code></a> (encryption only)</div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN" title="PSA_ALG_RSA_PKCS1V15_SIGN"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN</span></code></a> (signature verification only)</div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</span></code></a> (signature verification only)</div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS</span></code></a> (signature verification only)</div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_RSA_PSS_ANY_SALT" title="PSA_ALG_RSA_PSS_ANY_SALT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS_ANY_SALT</span></code></a> (signature verification only)</div>
+</div>
+</div>
+<div class="section" id="PSA_KEY_TYPE_IS_RSA">
+<span id="c.PSA_KEY_TYPE_IS_RSA"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_RSA</span></code> (macro)</h3>
+<p>Whether a key type is an RSA key. This includes both key pairs and public keys.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_IS_RSA" title="PSA_KEY_TYPE_IS_RSA">PSA_KEY_TYPE_IS_RSA</a>(type) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">type</span></code></dt>
+<dd>A key type: a value of type <a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a>.</dd>
+</dl>
+</div>
+</div>
+<div class="section" id="elliptic-curve-keys">
+<h2>9.2.5. Elliptic Curve keys</h2>
+<div class="section" id="psa_ecc_family_t">
+<span id="c.psa_ecc_family_t"></span><h3><code class="docutils literal"><span class="pre">psa_ecc_family_t</span></code> (type)</h3>
+<p>The type of PSA elliptic curve family identifiers.</p>
+<pre class="literal-block">
+typedef uint8_t <a class="reference internal" href="#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>;
+</pre>
+<p>The curve identifier is required to create an ECC key using the <a class="reference internal" href="#c.PSA_KEY_TYPE_ECC_KEY_PAIR" title="PSA_KEY_TYPE_ECC_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_KEY_PAIR()</span></code></a> or <a class="reference internal" href="#c.PSA_KEY_TYPE_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_ECC_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_PUBLIC_KEY()</span></code></a> macros.</p>
+<p>The specific ECC curve within a family is identified by the <code class="docutils literal"><span class="pre">key_bits</span></code> attribute of the key.</p>
+<p>The range of Elliptic curve family identifier values is divided as follows:</p>
+<dl class="docutils">
+<dt><code class="docutils literal"><span class="pre">0</span></code><code class="docutils literal"><span class="pre">x00</span></code><code class="docutils literal"> <span class="pre">–</span> <span class="pre">0</span></code><code class="docutils literal"><span class="pre">x7f</span></code></dt>
+<dd>ECC family identifiers defined by this standard.
+Unallocated values in this range are reserved for future use.</dd>
+<dt><code class="docutils literal"><span class="pre">0</span></code><code class="docutils literal"><span class="pre">x80</span></code><code class="docutils literal"> <span class="pre">–</span> <span class="pre">0</span></code><code class="docutils literal"><span class="pre">xff</span></code></dt>
+<dd>Implementations that define additional families must use an encoding in this range.</dd>
+</dl>
+</div>
+<div class="section" id="PSA_KEY_TYPE_ECC_KEY_PAIR">
+<span id="c.PSA_KEY_TYPE_ECC_KEY_PAIR"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_KEY_PAIR</span></code> (macro)</h3>
+<p>Elliptic curve key pair: both the private and public key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_ECC_KEY_PAIR" title="PSA_KEY_TYPE_ECC_KEY_PAIR">PSA_KEY_TYPE_ECC_KEY_PAIR</a>(curve) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">curve</span></code></dt>
+<dd>A value of type <a class="reference internal" href="#c.psa_ecc_family_t" title="psa_ecc_family_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_ecc_family_t</span></code></a> that identifies the ECC curve family to be used.</dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The size of an elliptic curve key is the bit size associated with the curve, that is, the bit size of <em>q</em> for a curve over a field <em>F</em><sub>q</sub>. See the documentation of each Elliptic curve family for details.</p>
+<p class="rubric">Compatible algorithms</p>
+<p>Elliptic curve key pairs can be used in Asymmetric signature and Key agreement algorithms.</p>
+<p>The set of compatible algorithms depends on the Elliptic curve key family. See the Elliptic curve family for details.</p>
+</div>
+<div class="section" id="PSA_KEY_TYPE_ECC_PUBLIC_KEY">
+<span id="c.PSA_KEY_TYPE_ECC_PUBLIC_KEY"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_PUBLIC_KEY</span></code> (macro)</h3>
+<p>Elliptic curve public key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_ECC_PUBLIC_KEY">PSA_KEY_TYPE_ECC_PUBLIC_KEY</a>(curve) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">curve</span></code></dt>
+<dd>A value of type <a class="reference internal" href="#c.psa_ecc_family_t" title="psa_ecc_family_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_ecc_family_t</span></code></a> that identifies the ECC curve family to be used.</dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The size of an elliptic curve public key is the same as the corresponding private key. See <a class="reference internal" href="#c.PSA_KEY_TYPE_ECC_KEY_PAIR" title="PSA_KEY_TYPE_ECC_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_KEY_PAIR()</span></code></a> and the documentation of each Elliptic curve family for details.</p>
+<p class="rubric">Compatible algorithms</p>
+<p>Elliptic curve public keys can be used for verification in Asymmetric signature algorithms.</p>
+<p>The set of compatible algorithms depends on the Elliptic curve key family. See each Elliptic curve family for details.</p>
+</div>
+<div class="section" id="PSA_ECC_FAMILY_SECP_K1">
+<span id="c.PSA_ECC_FAMILY_SECP_K1"></span><h3><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_K1</span></code> (macro)</h3>
+<p>SEC Koblitz curves over prime fields.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ECC_FAMILY_SECP_K1" title="PSA_ECC_FAMILY_SECP_K1">PSA_ECC_FAMILY_SECP_K1</a> ((<a class="reference internal" href="#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x17)
+</pre>
+<p>This family comprises the following curves:</p>
+<ul class="simple">
+<li>secp192k1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">192</span></code></li>
+<li>secp224k1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">225</span></code></li>
+<li>secp256k1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">256</span></code></li>
+</ul>
+<p>They are defined in <span><em>SEC 2: Recommended Elliptic Curve Domain Parameters</em> <a class="reference internal" href="../../about.html#citation-sec2"><span class="cite">[SEC2]</span></a></span>.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ECDSA_ANY" title="PSA_ALG_ECDSA_ANY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA_ANY</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ka.html#c.PSA_ALG_ECDH" title="PSA_ALG_ECDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDH</span></code></a> (key pair only)</div>
+</div>
+</div>
+<div class="section" id="PSA_ECC_FAMILY_SECP_R1">
+<span id="c.PSA_ECC_FAMILY_SECP_R1"></span><h3><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_R1</span></code> (macro)</h3>
+<p>SEC random curves over prime fields.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ECC_FAMILY_SECP_R1" title="PSA_ECC_FAMILY_SECP_R1">PSA_ECC_FAMILY_SECP_R1</a> ((<a class="reference internal" href="#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x12)
+</pre>
+<p>This family comprises the following curves:</p>
+<ul class="simple">
+<li>secp192r1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">192</span></code></li>
+<li>secp224r1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">224</span></code></li>
+<li>secp256r1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">256</span></code></li>
+<li>secp384r1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">384</span></code></li>
+<li>secp521r1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">521</span></code></li>
+</ul>
+<p>They are defined in <a class="reference internal" href="../../about.html#citation-sec2"><span class="cite">[SEC2]</span></a>.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ECDSA_ANY" title="PSA_ALG_ECDSA_ANY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA_ANY</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ka.html#c.PSA_ALG_ECDH" title="PSA_ALG_ECDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDH</span></code></a> (key pair only)</div>
+</div>
+</div>
+<div class="section" id="PSA_ECC_FAMILY_SECP_R2">
+<span id="c.PSA_ECC_FAMILY_SECP_R2"></span><h3><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_R2</span></code> (macro)</h3>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">This family of curves is weak and deprecated.</p>
+</div>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ECC_FAMILY_SECP_R2" title="PSA_ECC_FAMILY_SECP_R2">PSA_ECC_FAMILY_SECP_R2</a> ((<a class="reference internal" href="#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x1b)
+</pre>
+<p>This family comprises the following curves:</p>
+<ul class="simple">
+<li>secp160r2 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">160</span></code> <em>(Deprecated)</em></li>
+</ul>
+<p>It is defined in the superseded <span><em>SEC 2: Recommended Elliptic Curve Domain Parameters, Version 1.0</em> <a class="reference internal" href="../../about.html#citation-sec2v1"><span class="cite">[SEC2v1]</span></a></span>.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ECDSA_ANY" title="PSA_ALG_ECDSA_ANY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA_ANY</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ka.html#c.PSA_ALG_ECDH" title="PSA_ALG_ECDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDH</span></code></a> (key pair only)</div>
+</div>
+</div>
+<div class="section" id="PSA_ECC_FAMILY_SECT_K1">
+<span id="c.PSA_ECC_FAMILY_SECT_K1"></span><h3><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_K1</span></code> (macro)</h3>
+<p>SEC Koblitz curves over binary fields.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ECC_FAMILY_SECT_K1" title="PSA_ECC_FAMILY_SECT_K1">PSA_ECC_FAMILY_SECT_K1</a> ((<a class="reference internal" href="#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x27)
+</pre>
+<p>This family comprises the following curves:</p>
+<ul class="simple">
+<li>sect163k1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">163</span></code> <em>(Deprecated)</em></li>
+<li>sect233k1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">233</span></code></li>
+<li>sect239k1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">239</span></code></li>
+<li>sect283k1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">283</span></code></li>
+<li>sect409k1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">409</span></code></li>
+<li>sect571k1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">571</span></code></li>
+</ul>
+<p>They are defined in <a class="reference internal" href="../../about.html#citation-sec2"><span class="cite">[SEC2]</span></a>.</p>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">The 163-bit curve sect163k1 is weak and deprecated and is only recommended for use in legacy protocols.</p>
+</div>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ECDSA_ANY" title="PSA_ALG_ECDSA_ANY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA_ANY</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ka.html#c.PSA_ALG_ECDH" title="PSA_ALG_ECDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDH</span></code></a> (key pair only)</div>
+</div>
+</div>
+<div class="section" id="PSA_ECC_FAMILY_SECT_R1">
+<span id="c.PSA_ECC_FAMILY_SECT_R1"></span><h3><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_R1</span></code> (macro)</h3>
+<p>SEC random curves over binary fields.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ECC_FAMILY_SECT_R1" title="PSA_ECC_FAMILY_SECT_R1">PSA_ECC_FAMILY_SECT_R1</a> ((<a class="reference internal" href="#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x22)
+</pre>
+<p>This family comprises the following curves:</p>
+<ul class="simple">
+<li>sect163r1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">163</span></code> <em>(Deprecated)</em></li>
+<li>sect233r1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">233</span></code></li>
+<li>sect283r1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">283</span></code></li>
+<li>sect409r1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">409</span></code></li>
+<li>sect571r1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">571</span></code></li>
+</ul>
+<p>They are defined in <a class="reference internal" href="../../about.html#citation-sec2"><span class="cite">[SEC2]</span></a>.</p>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">The 163-bit curve sect163r1 is weak and deprecated and is only recommended for use in legacy protocols.</p>
+</div>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ECDSA_ANY" title="PSA_ALG_ECDSA_ANY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA_ANY</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ka.html#c.PSA_ALG_ECDH" title="PSA_ALG_ECDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDH</span></code></a> (key pair only)</div>
+</div>
+</div>
+<div class="section" id="PSA_ECC_FAMILY_SECT_R2">
+<span id="c.PSA_ECC_FAMILY_SECT_R2"></span><h3><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_R2</span></code> (macro)</h3>
+<p>SEC additional random curves over binary fields.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ECC_FAMILY_SECT_R2" title="PSA_ECC_FAMILY_SECT_R2">PSA_ECC_FAMILY_SECT_R2</a> ((<a class="reference internal" href="#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x2b)
+</pre>
+<p>This family comprises the following curves:</p>
+<ul class="simple">
+<li>sect163r2 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">163</span></code> <em>(Deprecated)</em></li>
+</ul>
+<p>It is defined in <a class="reference internal" href="../../about.html#citation-sec2"><span class="cite">[SEC2]</span></a>.</p>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">The 163-bit curve sect163r2 is weak and deprecated and is only recommended for use in legacy protocols.</p>
+</div>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ECDSA_ANY" title="PSA_ALG_ECDSA_ANY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA_ANY</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ka.html#c.PSA_ALG_ECDH" title="PSA_ALG_ECDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDH</span></code></a> (key pair only)</div>
+</div>
+</div>
+<div class="section" id="PSA_ECC_FAMILY_BRAINPOOL_P_R1">
+<span id="c.PSA_ECC_FAMILY_BRAINPOOL_P_R1"></span><h3><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_BRAINPOOL_P_R1</span></code> (macro)</h3>
+<p>Brainpool P random curves.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ECC_FAMILY_BRAINPOOL_P_R1" title="PSA_ECC_FAMILY_BRAINPOOL_P_R1">PSA_ECC_FAMILY_BRAINPOOL_P_R1</a> ((<a class="reference internal" href="#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x30)
+</pre>
+<p>This family comprises the following curves:</p>
+<ul class="simple">
+<li>brainpoolP160r1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">160</span></code> <em>(Deprecated)</em></li>
+<li>brainpoolP192r1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">192</span></code></li>
+<li>brainpoolP224r1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">224</span></code></li>
+<li>brainpoolP256r1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">256</span></code></li>
+<li>brainpoolP320r1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">320</span></code></li>
+<li>brainpoolP384r1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">384</span></code></li>
+<li>brainpoolP512r1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">512</span></code></li>
+</ul>
+<p>They are defined in <span><em>Elliptic Curve Cryptography (ECC) Brainpool Standard Curves and Curve Generation</em> <a class="reference internal" href="../../about.html#citation-rfc5639"><span class="cite">[RFC5639]</span></a></span>.</p>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">The 160-bit curve brainpoolP160r1 is weak and deprecated and is only recommended for use in legacy protocols.</p>
+</div>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ECDSA_ANY" title="PSA_ALG_ECDSA_ANY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA_ANY</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ka.html#c.PSA_ALG_ECDH" title="PSA_ALG_ECDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDH</span></code></a> (key pair only)</div>
+</div>
+</div>
+<div class="section" id="PSA_ECC_FAMILY_FRP">
+<span id="c.PSA_ECC_FAMILY_FRP"></span><h3><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_FRP</span></code> (macro)</h3>
+<p>Curve used primarily in France and elsewhere in Europe.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ECC_FAMILY_FRP" title="PSA_ECC_FAMILY_FRP">PSA_ECC_FAMILY_FRP</a> ((<a class="reference internal" href="#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x33)
+</pre>
+<p>This family comprises one 256-bit curve:</p>
+<ul class="simple">
+<li>FRP256v1 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">256</span></code></li>
+</ul>
+<p>This is defined by <span><em>Publication d'un paramétrage de courbe elliptique visant des applications de passeport électronique et de l'administration électronique française</em> <a class="reference internal" href="../../about.html#citation-frp"><span class="cite">[FRP]</span></a></span>.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ECDSA_ANY" title="PSA_ALG_ECDSA_ANY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA_ANY</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/ka.html#c.PSA_ALG_ECDH" title="PSA_ALG_ECDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDH</span></code></a> (key pair only)</div>
+</div>
+</div>
+<div class="section" id="PSA_ECC_FAMILY_MONTGOMERY">
+<span id="c.PSA_ECC_FAMILY_MONTGOMERY"></span><h3><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_MONTGOMERY</span></code> (macro)</h3>
+<p>Montgomery curves.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ECC_FAMILY_MONTGOMERY" title="PSA_ECC_FAMILY_MONTGOMERY">PSA_ECC_FAMILY_MONTGOMERY</a> ((<a class="reference internal" href="#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x41)
+</pre>
+<p>This family comprises the following Montgomery curves:</p>
+<ul class="simple">
+<li>Curve25519 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">255</span></code></li>
+<li>Curve448 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">448</span></code></li>
+</ul>
+<p>Curve25519 is defined in <span><em>Curve25519: new Diffie-Hellman speed records</em> <a class="reference internal" href="../../about.html#citation-curve25519"><span class="cite">[Curve25519]</span></a></span>. Curve448 is defined in <span><em>Ed448-Goldilocks, a new elliptic curve</em> <a class="reference internal" href="../../about.html#citation-curve448"><span class="cite">[Curve448]</span></a></span>.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/ka.html#c.PSA_ALG_ECDH" title="PSA_ALG_ECDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDH</span></code></a> (key pair only)</div>
+</div>
+</div>
+<div class="section" id="PSA_ECC_FAMILY_TWISTED_EDWARDS">
+<span id="c.PSA_ECC_FAMILY_TWISTED_EDWARDS"></span><h3><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_TWISTED_EDWARDS</span></code> (macro)</h3>
+<p>Twisted Edwards curves.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ECC_FAMILY_TWISTED_EDWARDS" title="PSA_ECC_FAMILY_TWISTED_EDWARDS">PSA_ECC_FAMILY_TWISTED_EDWARDS</a> ((<a class="reference internal" href="#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x42)
+</pre>
+<p>This family comprises the following twisted Edwards curves:</p>
+<ul class="simple">
+<li>Edwards25519 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">255</span></code>. This curve is birationally equivalent to Curve25519.</li>
+<li>Edwards448 : <code class="docutils literal"><span class="pre">key_bits</span> <span class="pre">=</span> <span class="pre">448</span></code>. This curve is birationally equivalent to Curve448.</li>
+</ul>
+<p>Edwards25519 is defined in <span><em>Twisted Edwards curves</em> <a class="reference internal" href="../../about.html#citation-ed25519"><span class="cite">[Ed25519]</span></a></span>. Edwards448 is defined in <span><em>Ed448-Goldilocks, a new elliptic curve</em> <a class="reference internal" href="../../about.html#citation-curve448"><span class="cite">[Curve448]</span></a></span>.</p>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_PURE_EDDSA" title="PSA_ALG_PURE_EDDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_PURE_EDDSA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ED25519PH" title="PSA_ALG_ED25519PH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ED25519PH</span></code></a> (Edwards25519 only)</div>
+<div class="line"><a class="reference internal" href="../ops/sign.html#c.PSA_ALG_ED448PH" title="PSA_ALG_ED448PH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ED448PH</span></code></a> (Edwards448 only)</div>
+</div>
+</div>
+<div class="section" id="PSA_KEY_TYPE_IS_ECC">
+<span id="c.PSA_KEY_TYPE_IS_ECC"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_ECC</span></code> (macro)</h3>
+<p>Whether a key type is an elliptic curve key, either a key pair or a public key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_IS_ECC" title="PSA_KEY_TYPE_IS_ECC">PSA_KEY_TYPE_IS_ECC</a>(type) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">type</span></code></dt>
+<dd>A key type: a value of type <a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a>.</dd>
+</dl>
+</div>
+<div class="section" id="PSA_KEY_TYPE_IS_ECC_KEY_PAIR">
+<span id="c.PSA_KEY_TYPE_IS_ECC_KEY_PAIR"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_ECC_KEY_PAIR</span></code> (macro)</h3>
+<p>Whether a key type is an elliptic curve key pair.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_IS_ECC_KEY_PAIR" title="PSA_KEY_TYPE_IS_ECC_KEY_PAIR">PSA_KEY_TYPE_IS_ECC_KEY_PAIR</a>(type) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">type</span></code></dt>
+<dd>A key type: a value of type <a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a>.</dd>
+</dl>
+</div>
+<div class="section" id="PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY">
+<span id="c.PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY</span></code> (macro)</h3>
+<p>Whether a key type is an elliptic curve public key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY">PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY</a>(type) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">type</span></code></dt>
+<dd>A key type: a value of type <a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a>.</dd>
+</dl>
+</div>
+<div class="section" id="PSA_KEY_TYPE_ECC_GET_FAMILY">
+<span id="c.PSA_KEY_TYPE_ECC_GET_FAMILY"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_GET_FAMILY</span></code> (macro)</h3>
+<p>Extract the curve family from an elliptic curve key type.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_ECC_GET_FAMILY" title="PSA_KEY_TYPE_ECC_GET_FAMILY">PSA_KEY_TYPE_ECC_GET_FAMILY</a>(type) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">type</span></code></dt>
+<dd>An elliptic curve key type: a value of type <a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a> such that <a class="reference internal" href="#c.PSA_KEY_TYPE_IS_ECC" title="PSA_KEY_TYPE_IS_ECC"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_ECC</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">type</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="#c.psa_ecc_family_t" title="psa_ecc_family_t"><code class="docutils literal"><span class="pre">psa_ecc_family_t</span></code></a></p>
+<p>The elliptic curve family id, if <code class="docutils literal"><span class="pre">type</span></code> is a supported elliptic curve key. Unspecified if <code class="docutils literal"><span class="pre">type</span></code> is not a supported elliptic curve key.</p>
+</div>
+</div>
+<div class="section" id="diffie-hellman-keys">
+<h2>9.2.6. Diffie Hellman keys</h2>
+<div class="section" id="psa_dh_family_t">
+<span id="c.psa_dh_family_t"></span><h3><code class="docutils literal"><span class="pre">psa_dh_family_t</span></code> (type)</h3>
+<p>The type of PSA finite-field Diffie-Hellman group family identifiers.</p>
+<pre class="literal-block">
+typedef uint8_t <a class="reference internal" href="#c.psa_dh_family_t" title="psa_dh_family_t">psa_dh_family_t</a>;
+</pre>
+<p>The group family identifier is required to create a finite-field Diffie-Hellman key using the <a class="reference internal" href="#c.PSA_KEY_TYPE_DH_KEY_PAIR" title="PSA_KEY_TYPE_DH_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DH_KEY_PAIR()</span></code></a> or <a class="reference internal" href="#c.PSA_KEY_TYPE_DH_PUBLIC_KEY" title="PSA_KEY_TYPE_DH_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DH_PUBLIC_KEY()</span></code></a> macros.</p>
+<p>The specific Diffie-Hellman group within a family is identified by the <code class="docutils literal"><span class="pre">key_bits</span></code> attribute of the key.</p>
+<p>The range of Diffie-Hellman group family identifier values is divided as follows:</p>
+<dl class="docutils">
+<dt><code class="docutils literal"><span class="pre">0</span></code><code class="docutils literal"><span class="pre">x00</span></code><code class="docutils literal"> <span class="pre">–</span> <span class="pre">0</span></code><code class="docutils literal"><span class="pre">x7f</span></code></dt>
+<dd>DH group family identifiers defined by this standard.
+Unallocated values in this range are reserved for future use.</dd>
+<dt><code class="docutils literal"><span class="pre">0</span></code><code class="docutils literal"><span class="pre">x80</span></code><code class="docutils literal"> <span class="pre">–</span> <span class="pre">0</span></code><code class="docutils literal"><span class="pre">xff</span></code></dt>
+<dd>Implementations that define additional families must use an encoding in this range.</dd>
+</dl>
+</div>
+<div class="section" id="PSA_KEY_TYPE_DH_KEY_PAIR">
+<span id="c.PSA_KEY_TYPE_DH_KEY_PAIR"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DH_KEY_PAIR</span></code> (macro)</h3>
+<p>Finite-field Diffie-Hellman key pair: both the private key and public key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_DH_KEY_PAIR" title="PSA_KEY_TYPE_DH_KEY_PAIR">PSA_KEY_TYPE_DH_KEY_PAIR</a>(group) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">group</span></code></dt>
+<dd>A value of type <a class="reference internal" href="#c.psa_dh_family_t" title="psa_dh_family_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_dh_family_t</span></code></a> that identifies the Diffie-Hellman group family to be used.</dd>
+</dl>
+<p class="rubric">Compatible algorithms</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../ops/ka.html#c.PSA_ALG_FFDH" title="PSA_ALG_FFDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_FFDH</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_KEY_TYPE_DH_PUBLIC_KEY">
+<span id="c.PSA_KEY_TYPE_DH_PUBLIC_KEY"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DH_PUBLIC_KEY</span></code> (macro)</h3>
+<p>Finite-field Diffie-Hellman public key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_DH_PUBLIC_KEY" title="PSA_KEY_TYPE_DH_PUBLIC_KEY">PSA_KEY_TYPE_DH_PUBLIC_KEY</a>(group) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">group</span></code></dt>
+<dd>A value of type <a class="reference internal" href="#c.psa_dh_family_t" title="psa_dh_family_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_dh_family_t</span></code></a> that identifies the Diffie-Hellman group family to be used.</dd>
+</dl>
+<p class="rubric">Compatible algorithms</p>
+<p>None. Finite-field Diffie-Hellman public keys are exported to use in a key agreement algorithm, and the peer key is provided to the <a class="reference internal" href="../ops/ka.html#c.PSA_ALG_FFDH" title="PSA_ALG_FFDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_FFDH</span></code></a> key agreement algorithm as a buffer of key data.</p>
+</div>
+<div class="section" id="PSA_DH_FAMILY_RFC7919">
+<span id="c.PSA_DH_FAMILY_RFC7919"></span><h3><code class="docutils literal"><span class="pre">PSA_DH_FAMILY_RFC7919</span></code> (macro)</h3>
+<p>Finite-field Diffie-Hellman groups defined for TLS in RFC 7919.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_DH_FAMILY_RFC7919" title="PSA_DH_FAMILY_RFC7919">PSA_DH_FAMILY_RFC7919</a> ((<a class="reference internal" href="#c.psa_dh_family_t" title="psa_dh_family_t">psa_dh_family_t</a>) 0x03)
+</pre>
+<p>This family includes groups with the following key sizes (in bits): 2048, 3072, 4096, 6144, 8192.
+An implementation can support all of these sizes or only a subset.</p>
+<p>Keys is this group can only be used with the <a class="reference internal" href="../ops/ka.html#c.PSA_ALG_FFDH" title="PSA_ALG_FFDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_FFDH</span></code></a> key agreement algorithm.</p>
+<p>These groups are defined by <span><em>Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS)</em> <a class="reference internal" href="../../about.html#citation-rfc7919"><span class="cite">[RFC7919]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc7919.html#appendix-A">Appendix A</a>.</p>
+</div>
+<div class="section" id="PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY">
+<span id="c.PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY</span></code> (macro)</h3>
+<p>The key pair type corresponding to a public key type.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY" title="PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY">PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY</a>(type) \
+ <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">type</span></code></dt>
+<dd>A public key type or key pair type.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding key pair type. If <code class="docutils literal"><span class="pre">type</span></code> is not a public key or a key pair, the return value is undefined.</p>
+<p class="rubric">Description</p>
+<p>If <code class="docutils literal"><span class="pre">type</span></code> is a key pair type, it will be left unchanged.</p>
+</div>
+<div class="section" id="PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR">
+<span id="c.PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR</span></code> (macro)</h3>
+<p>The public key type corresponding to a key pair type.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR" title="PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR">PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR</a>(type) \
+ <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">type</span></code></dt>
+<dd>A public key type or key pair type.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding public key type. If <code class="docutils literal"><span class="pre">type</span></code> is not a public key or a key pair, the return value is undefined.</p>
+<p class="rubric">Description</p>
+<p>If <code class="docutils literal"><span class="pre">type</span></code> is a public key type, it will be left unchanged.</p>
+</div>
+<div class="section" id="PSA_KEY_TYPE_IS_DH">
+<span id="c.PSA_KEY_TYPE_IS_DH"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_DH</span></code> (macro)</h3>
+<p>Whether a key type is a Diffie-Hellman key, either a key pair or a public key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_IS_DH" title="PSA_KEY_TYPE_IS_DH">PSA_KEY_TYPE_IS_DH</a>(type) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">type</span></code></dt>
+<dd>A key type: a value of type <a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a>.</dd>
+</dl>
+</div>
+<div class="section" id="PSA_KEY_TYPE_IS_DH_KEY_PAIR">
+<span id="c.PSA_KEY_TYPE_IS_DH_KEY_PAIR"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_DH_KEY_PAIR</span></code> (macro)</h3>
+<p>Whether a key type is a Diffie-Hellman key pair.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_IS_DH_KEY_PAIR" title="PSA_KEY_TYPE_IS_DH_KEY_PAIR">PSA_KEY_TYPE_IS_DH_KEY_PAIR</a>(type) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">type</span></code></dt>
+<dd>A key type: a value of type <a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a>.</dd>
+</dl>
+</div>
+<div class="section" id="PSA_KEY_TYPE_IS_DH_PUBLIC_KEY">
+<span id="c.PSA_KEY_TYPE_IS_DH_PUBLIC_KEY"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_DH_PUBLIC_KEY</span></code> (macro)</h3>
+<p>Whether a key type is a Diffie-Hellman public key.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_IS_DH_PUBLIC_KEY" title="PSA_KEY_TYPE_IS_DH_PUBLIC_KEY">PSA_KEY_TYPE_IS_DH_PUBLIC_KEY</a>(type) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">type</span></code></dt>
+<dd>A key type: a value of type <a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a>.</dd>
+</dl>
+</div>
+<div class="section" id="PSA_KEY_TYPE_DH_GET_FAMILY">
+<span id="c.PSA_KEY_TYPE_DH_GET_FAMILY"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DH_GET_FAMILY</span></code> (macro)</h3>
+<p>Extract the group family from a Diffie-Hellman key type.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_TYPE_DH_GET_FAMILY" title="PSA_KEY_TYPE_DH_GET_FAMILY">PSA_KEY_TYPE_DH_GET_FAMILY</a>(type) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">type</span></code></dt>
+<dd>A Diffie-Hellman key type: a value of type <a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a> such that <a class="reference internal" href="#c.PSA_KEY_TYPE_IS_DH" title="PSA_KEY_TYPE_IS_DH"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_DH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">type</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="#c.psa_dh_family_t" title="psa_dh_family_t"><code class="docutils literal"><span class="pre">psa_dh_family_t</span></code></a></p>
+<p>The Diffie-Hellman group family id, if <code class="docutils literal"><span class="pre">type</span></code> is a supported Diffie-Hellman key. Unspecified if <code class="docutils literal"><span class="pre">type</span></code> is not a supported Diffie-Hellman key.</p>
+</div>
+</div>
+<div class="section" id="attribute-accessors">
+<h2>9.2.7. Attribute accessors</h2>
+<div class="section" id="psa_set_key_type">
+<span id="c.psa_set_key_type"></span><h3><code class="docutils literal"><span class="pre">psa_set_key_type</span></code> (function)</h3>
+<p>Declare the type of a key.</p>
+<pre class="literal-block">
+void <a class="reference internal" href="#c.psa_set_key_type" title="psa_set_key_type">psa_set_key_type</a>(<a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ <a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a> type);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd>The attribute object to write to.</dd>
+<dt> <code class="docutils literal"><span class="pre">type</span></code></dt>
+<dd>The key type to write. If this is <a class="reference internal" href="#c.PSA_KEY_TYPE_NONE" title="PSA_KEY_TYPE_NONE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_NONE</span></code></a>, the key type in <code class="docutils literal"><span class="pre">attributes</span></code> becomes unspecified.</dd>
+</dl>
+<p class="rubric">Returns: <code class="docutils literal"><span class="pre">void</span></code></p>
+<p class="rubric">Description</p>
+<p>This function overwrites any key type previously set in <code class="docutils literal"><span class="pre">attributes</span></code>.</p>
+<div class="admonition-implementation-note admonition">
+<p class="first admonition-title">Implementation note</p>
+<p class="last">This is a simple accessor function that is not required to validate its inputs. It can be efficiently implemented as a <code class="docutils literal"><span class="pre">static</span> <span class="pre">inline</span></code> function or a function-like-macro.</p>
+</div>
+</div>
+<div class="section" id="psa_get_key_type">
+<span id="c.psa_get_key_type"></span><h3><code class="docutils literal"><span class="pre">psa_get_key_type</span></code> (function)</h3>
+<p>Retrieve the key type from key attributes.</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a> <a class="reference internal" href="#c.psa_get_key_type" title="psa_get_key_type">psa_get_key_type</a>(const <a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd>The key attribute object to query.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="#c.psa_key_type_t" title="psa_key_type_t"><code class="docutils literal"><span class="pre">psa_key_type_t</span></code></a></p>
+<p>The key type stored in the attribute object.</p>
+<p class="rubric">Description</p>
+<div class="admonition-implementation-note admonition">
+<p class="first admonition-title">Implementation note</p>
+<p class="last">This is a simple accessor function that is not required to validate its inputs. It can be efficiently implemented as a <code class="docutils literal"><span class="pre">static</span> <span class="pre">inline</span></code> function or a function-like-macro.</p>
+</div>
+</div>
+<div class="section" id="psa_get_key_bits">
+<span id="c.psa_get_key_bits"></span><h3><code class="docutils literal"><span class="pre">psa_get_key_bits</span></code> (function)</h3>
+<p>Retrieve the key size from key attributes.</p>
+<pre class="literal-block">
+size_t <a class="reference internal" href="#c.psa_get_key_bits" title="psa_get_key_bits">psa_get_key_bits</a>(const <a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd>The key attribute object to query.</dd>
+</dl>
+<p class="rubric">Returns: <code class="docutils literal"><span class="pre">size_t</span></code></p>
+<p>The key size stored in the attribute object, in bits.</p>
+<p class="rubric">Description</p>
+<div class="admonition-implementation-note admonition">
+<p class="first admonition-title">Implementation note</p>
+<p class="last">This is a simple accessor function that is not required to validate its inputs. It can be efficiently implemented as a <code class="docutils literal"><span class="pre">static</span> <span class="pre">inline</span></code> function or a function-like-macro.</p>
+</div>
+</div>
+<div class="section" id="psa_set_key_bits">
+<span id="c.psa_set_key_bits"></span><h3><code class="docutils literal"><span class="pre">psa_set_key_bits</span></code> (function)</h3>
+<p>Declare the size of a key.</p>
+<pre class="literal-block">
+void <a class="reference internal" href="#c.psa_set_key_bits" title="psa_set_key_bits">psa_set_key_bits</a>(<a class="reference internal" href="attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ size_t bits);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd>The attribute object to write to.</dd>
+<dt> <code class="docutils literal"><span class="pre">bits</span></code></dt>
+<dd>The key size in bits. If this is <code class="docutils literal"><span class="pre">0</span></code>, the key size in <code class="docutils literal"><span class="pre">attributes</span></code> becomes unspecified. Keys of size <code class="docutils literal"><span class="pre">0</span></code> are not supported.</dd>
+</dl>
+<p class="rubric">Returns: <code class="docutils literal"><span class="pre">void</span></code></p>
+<p class="rubric">Description</p>
+<p>This function overwrites any key size previously set in <code class="docutils literal"><span class="pre">attributes</span></code>.</p>
+<div class="admonition-implementation-note admonition">
+<p class="first admonition-title">Implementation note</p>
+<p class="last">This is a simple accessor function that is not required to validate its inputs. It can be efficiently implemented as a <code class="docutils literal"><span class="pre">static</span> <span class="pre">inline</span></code> function or a function-like-macro.</p>
+</div>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">9. Key management reference</a><ul class="current">
+<li class="toctree-l2"><a class="reference internal" href="attributes.html">9.1. Key attributes</a></li>
+<li class="toctree-l2 current"><a class="current reference internal" href="#">9.2. Key types</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#key-type-encoding">9.2.1. Key type encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#key-categories">9.2.2. Key categories</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#symmetric-keys">9.2.3. Symmetric keys</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#rsa-keys">9.2.4. RSA keys</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#elliptic-curve-keys">9.2.5. Elliptic Curve keys</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#diffie-hellman-keys">9.2.6. Diffie Hellman keys</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#attribute-accessors">9.2.7. Attribute accessors</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="lifetimes.html">9.3. Key lifetimes</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ids.html">9.4. Key identifiers</a></li>
+<li class="toctree-l2"><a class="reference internal" href="policy.html">9.5. Key policies</a></li>
+<li class="toctree-l2"><a class="reference internal" href="management.html">9.6. Key management functions</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="../ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/library/index.html b/docs/1.1.0/html/api/library/index.html
new file mode 100644
index 0000000..462b59d
--- /dev/null
+++ b/docs/1.1.0/html/api/library/index.html
@@ -0,0 +1,167 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>8. Library management reference — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="8.1. PSA status codes" href="status.html" />
+ <link rel="prev" title="7. Usage considerations" href="../../overview/usage.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="library-management-reference">
+<span id="library-management"></span><span id="api-reference"></span><h1>8. Library management reference</h1>
+<div class="toctree-wrapper compound">
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="status.html">8.1. PSA status codes</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="status.html#status-type">8.1.1. Status type</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="status.html#psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code> (type)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="status.html#success-codes">8.1.2. Success codes</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="status.html#common-error-codes">8.1.3. Common error codes</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_GENERIC_ERROR"><code class="docutils literal"><span class="pre">PSA_ERROR_GENERIC_ERROR</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_ALREADY_EXISTS"><code class="docutils literal"><span class="pre">PSA_ERROR_ALREADY_EXISTS</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_DOES_NOT_EXIST"><code class="docutils literal"><span class="pre">PSA_ERROR_DOES_NOT_EXIST</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_INSUFFICIENT_STORAGE"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_STORAGE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_INSUFFICIENT_DATA"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_DATA</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_HARDWARE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_HARDWARE_FAILURE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_INVALID_SIGNATURE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="status.html#error-codes-specific-to-this-api">8.1.4. Error codes specific to this API</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_INSUFFICIENT_ENTROPY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_ENTROPY</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_INVALID_PADDING"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_PADDING</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="status.html#PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code> (macro)</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="library.html">8.2. PSA Crypto library</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="library.html#api-version">8.2.1. API version</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="library.html#PSA_CRYPTO_API_VERSION_MAJOR"><code class="docutils literal"><span class="pre">PSA_CRYPTO_API_VERSION_MAJOR</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="library.html#PSA_CRYPTO_API_VERSION_MINOR"><code class="docutils literal"><span class="pre">PSA_CRYPTO_API_VERSION_MINOR</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="library.html#library-initialization">8.2.2. Library initialization</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="library.html#psa_crypto_init"><code class="docutils literal"><span class="pre">psa_crypto_init</span></code> (function)</a></li>
+</ul>
+</li>
+</ul>
+</li>
+</ul>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1 current"><a class="current reference internal" href="#">8. Library management reference</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="status.html">8.1. PSA status codes</a></li>
+<li class="toctree-l2"><a class="reference internal" href="library.html">8.2. PSA Crypto library</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="../keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/library/library.html b/docs/1.1.0/html/api/library/library.html
new file mode 100644
index 0000000..13060b1
--- /dev/null
+++ b/docs/1.1.0/html/api/library/library.html
@@ -0,0 +1,177 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>8.2. PSA Crypto library — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="9. Key management reference" href="../keys/index.html" />
+ <link rel="prev" title="8.1. PSA status codes" href="status.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="psa-crypto-library">
+<h1>8.2. PSA Crypto library</h1>
+<div class="section" id="api-version">
+<span id="id1"></span><h2>8.2.1. API version</h2>
+<div class="section" id="PSA_CRYPTO_API_VERSION_MAJOR">
+<span id="c.PSA_CRYPTO_API_VERSION_MAJOR"></span><h3><code class="docutils literal"><span class="pre">PSA_CRYPTO_API_VERSION_MAJOR</span></code> (macro)</h3>
+<p>The major version of this implementation of the PSA Crypto API.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_CRYPTO_API_VERSION_MAJOR" title="PSA_CRYPTO_API_VERSION_MAJOR">PSA_CRYPTO_API_VERSION_MAJOR</a> 1
+</pre>
+</div>
+<div class="section" id="PSA_CRYPTO_API_VERSION_MINOR">
+<span id="c.PSA_CRYPTO_API_VERSION_MINOR"></span><h3><code class="docutils literal"><span class="pre">PSA_CRYPTO_API_VERSION_MINOR</span></code> (macro)</h3>
+<p>The minor version of this implementation of the PSA Crypto API.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_CRYPTO_API_VERSION_MINOR" title="PSA_CRYPTO_API_VERSION_MINOR">PSA_CRYPTO_API_VERSION_MINOR</a> 1
+</pre>
+</div>
+</div>
+<div class="section" id="library-initialization">
+<span id="library-init"></span><h2>8.2.2. Library initialization</h2>
+<div class="section" id="psa_crypto_init">
+<span id="c.psa_crypto_init"></span><h3><code class="docutils literal"><span class="pre">psa_crypto_init</span></code> (function)</h3>
+<p>Library initialization.</p>
+<pre class="literal-block">
+<a class="reference internal" href="status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_crypto_init" title="psa_crypto_init">psa_crypto_init</a>(void);
+</pre>
+<p class="rubric">Returns: <a class="reference internal" href="status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="status.html#c.PSA_ERROR_INSUFFICIENT_ENTROPY" title="PSA_ERROR_INSUFFICIENT_ENTROPY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_ENTROPY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>It is recommended that applications call this function before calling any other function in this module.</p>
+<p>Applications are permitted to call this function more than once. Once a call succeeds, subsequent calls are guaranteed to succeed.</p>
+<p>If the application calls any function that returns a <a class="reference internal" href="status.html#c.psa_status_t" title="psa_status_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_status_t</span></code></a> result code before calling <a class="reference internal" href="#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>, the following will occur:</p>
+<ul class="simple">
+<li>If initialization of the library is essential for secure operation of the function, the implementation must return <a class="reference internal" href="status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a> or other appropriate error.</li>
+<li>If failure to initialize the library does not compromise the security of the function, the implementation must either provide the expected result for the function, or return <a class="reference internal" href="status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a> or other appropriate error.</li>
+</ul>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p>The following scenarios are examples where an implementation can require that the library has been initialized by calling <a class="reference internal" href="#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>:</p>
+<ul class="last simple">
+<li>A client-server implementation, in which <a class="reference internal" href="#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a> establishes the communication with the server. No key management or cryptographic operation can be performed until this is done.</li>
+<li>An implementation in which <a class="reference internal" href="#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a> initializes the random bit generator, and no operations that require the RNG can be performed until this is done. For example, random data, key, IV, or nonce generation; randomized signature or encryption; and algorithms that are implemented with blinding.</li>
+</ul>
+</div>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">The set of functions that depend on successful initialization of the library is <a class="reference internal" href="../../about.html#term-implementation-defined"><span class="scterm">IMPLEMENTATION DEFINED</span></a>. Applications that rely on calling functions before initializing the library might not be portable to other implementations.</p>
+</div>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">8. Library management reference</a><ul class="current">
+<li class="toctree-l2"><a class="reference internal" href="status.html">8.1. PSA status codes</a></li>
+<li class="toctree-l2 current"><a class="current reference internal" href="#">8.2. PSA Crypto library</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#api-version">8.2.1. API version</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#library-initialization">8.2.2. Library initialization</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="../keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/library/status.html b/docs/1.1.0/html/api/library/status.html
new file mode 100644
index 0000000..76e4128
--- /dev/null
+++ b/docs/1.1.0/html/api/library/status.html
@@ -0,0 +1,367 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>8.1. PSA status codes — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="8.2. PSA Crypto library" href="library.html" />
+ <link rel="prev" title="8. Library management reference" href="index.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="psa-status-codes">
+<span id="status-codes"></span><h1>8.1. PSA status codes</h1>
+<p>Some of the API elements defined in this section are common to other PSA APIs. These elements are also defined in <code class="file docutils literal"><span class="pre">psa/error.h</span></code> from <span><em>Arm® Platform Security Architecture Firmware Framework</em> <a class="reference internal" href="../../about.html#citation-ff-m"><span class="cite">[FF-M]</span></a></span>.</p>
+<p>The description of the common error codes in this specification includes additional information that is specific to their use in the Cryptography API.</p>
+<div class="admonition-implementation-note admonition">
+<p class="first admonition-title">Implementation note</p>
+<p class="last">An implementation is permitted to define the common API elements within the <code class="file docutils literal"><span class="pre">psa/crypto.h</span></code> header, or to define them via inclusion of a <code class="file docutils literal"><span class="pre">psa/error.h</span></code> header file that is shared with other PSA APIs.</p>
+</div>
+<div class="section" id="status-type">
+<h2>8.1.1. Status type</h2>
+<p>This API is also defined in <a class="reference internal" href="../../about.html#citation-ff-m"><span class="cite psa_c psa_c-cite">[FF-M]</span></a>.</p>
+<div class="section" id="psa_status_t">
+<span id="c.psa_status_t"></span><h3><code class="docutils literal"><span class="pre">psa_status_t</span></code> (type)</h3>
+<p>Function return status.</p>
+<pre class="literal-block">
+typedef int32_t <a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>;
+</pre>
+<p>This is either <a class="reference internal" href="#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SUCCESS</span></code></a>, which is zero, indicating success; or a small negative value indicating that an error occurred. Errors are encoded as one of the <code class="docutils literal"><span class="pre">PSA_ERROR_xxx</span></code> values defined here.</p>
+</div>
+</div>
+<div class="section" id="success-codes">
+<h2>8.1.2. Success codes</h2>
+<p>This API is also defined in <a class="reference internal" href="../../about.html#citation-ff-m"><span class="cite psa_c psa_c-cite">[FF-M]</span></a>.</p>
+<div class="section" id="PSA_SUCCESS">
+<span id="c.PSA_SUCCESS"></span><h3><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code> (macro)</h3>
+<p>The action was completed successfully.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_SUCCESS" title="PSA_SUCCESS">PSA_SUCCESS</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)0)
+</pre>
+</div>
+</div>
+<div class="section" id="common-error-codes">
+<h2>8.1.3. Common error codes</h2>
+<p>These APIs are also defined in <a class="reference internal" href="../../about.html#citation-ff-m"><span class="cite psa_c psa_c-cite">[FF-M]</span></a>.</p>
+<div class="section" id="PSA_ERROR_GENERIC_ERROR">
+<span id="c.PSA_ERROR_GENERIC_ERROR"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_GENERIC_ERROR</span></code> (macro)</h3>
+<p>An error occurred that does not correspond to any defined failure cause.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_GENERIC_ERROR" title="PSA_ERROR_GENERIC_ERROR">PSA_ERROR_GENERIC_ERROR</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-132)
+</pre>
+<p>Implementations can use this error code if none of the other standard error codes are applicable.</p>
+</div>
+<div class="section" id="PSA_ERROR_NOT_PERMITTED">
+<span id="c.PSA_ERROR_NOT_PERMITTED"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code> (macro)</h3>
+<p>The requested action is denied by a policy.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED">PSA_ERROR_NOT_PERMITTED</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-133)
+</pre>
+<p>It is recommended that implementations return this error code when the parameters are recognized as valid and supported, and a policy explicitly denies the requested operation.</p>
+<p>If a subset of the parameters of a function call identify a forbidden operation, and another subset of the parameters are not valid or not supported, it is unspecified whether the function returns <a class="reference internal" href="#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a>, <a class="reference internal" href="#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a> or <a class="reference internal" href="#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_ERROR_NOT_SUPPORTED">
+<span id="c.PSA_ERROR_NOT_SUPPORTED"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code> (macro)</h3>
+<p>The requested operation or a parameter is not supported by this implementation.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED">PSA_ERROR_NOT_SUPPORTED</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-134)
+</pre>
+<p>It is recommended that implementations return this error code when an enumeration parameter such as a key type, algorithm, etc. is not recognized. If a combination of parameters is recognized and identified as not valid, return <a class="reference internal" href="#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a> instead.</p>
+</div>
+<div class="section" id="PSA_ERROR_INVALID_ARGUMENT">
+<span id="c.PSA_ERROR_INVALID_ARGUMENT"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code> (macro)</h3>
+<p>The parameters passed to the function are invalid.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT">PSA_ERROR_INVALID_ARGUMENT</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-135)
+</pre>
+<p>Implementations can return this error any time a parameter or combination of parameters are recognized as invalid.</p>
+<p>Implementations must not return this error code to indicate that a key identifier is invalid, but must return <a class="reference internal" href="#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a> instead.</p>
+</div>
+<div class="section" id="PSA_ERROR_INVALID_HANDLE">
+<span id="c.PSA_ERROR_INVALID_HANDLE"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code> (macro)</h3>
+<p>The key identifier is not valid.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE">PSA_ERROR_INVALID_HANDLE</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-136)
+</pre>
+<p>See also <a class="reference internal" href="../../overview/functionality.html#key-ids"><span class="secref">Key identifiers</span></a>.</p>
+</div>
+<div class="section" id="PSA_ERROR_BAD_STATE">
+<span id="c.PSA_ERROR_BAD_STATE"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code> (macro)</h3>
+<p>The requested action cannot be performed in the current state.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE">PSA_ERROR_BAD_STATE</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-137)
+</pre>
+<p>Multi-part operations return this error when one of the functions is called out of sequence. Refer to the function descriptions for permitted sequencing of functions.</p>
+<p>Implementations can return this error if the caller has not initialized the library by a call to <a class="reference internal" href="library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</p>
+<p>Implementations must not return this error code to indicate that a key identifier is invalid, but must return <a class="reference internal" href="#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a> instead.</p>
+</div>
+<div class="section" id="PSA_ERROR_BUFFER_TOO_SMALL">
+<span id="c.PSA_ERROR_BUFFER_TOO_SMALL"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code> (macro)</h3>
+<p>An output buffer is too small.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL">PSA_ERROR_BUFFER_TOO_SMALL</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-138)
+</pre>
+<p>Applications can call the <code class="docutils literal"><span class="pre">PSA_xxx_SIZE</span></code> macro listed in the function description to determine a sufficient buffer size.</p>
+<p>It is recommended that implementations only return this error code in cases when performing the operation with a larger output buffer would succeed. However, implementations can also return this error if a function has invalid or unsupported parameters in addition to an insufficient output buffer size.</p>
+</div>
+<div class="section" id="PSA_ERROR_ALREADY_EXISTS">
+<span id="c.PSA_ERROR_ALREADY_EXISTS"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_ALREADY_EXISTS</span></code> (macro)</h3>
+<p>Asking for an item that already exists.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_ALREADY_EXISTS" title="PSA_ERROR_ALREADY_EXISTS">PSA_ERROR_ALREADY_EXISTS</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-139)
+</pre>
+<p>It is recommended that implementations return this error code when attempting to write to a location where a key is already present.</p>
+</div>
+<div class="section" id="PSA_ERROR_DOES_NOT_EXIST">
+<span id="c.PSA_ERROR_DOES_NOT_EXIST"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_DOES_NOT_EXIST</span></code> (macro)</h3>
+<p>Asking for an item that doesn’t exist.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_DOES_NOT_EXIST" title="PSA_ERROR_DOES_NOT_EXIST">PSA_ERROR_DOES_NOT_EXIST</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-140)
+</pre>
+<p>Implementations must not return this error code to indicate that a key identifier is invalid, but must return <a class="reference internal" href="#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a> instead.</p>
+</div>
+<div class="section" id="PSA_ERROR_INSUFFICIENT_MEMORY">
+<span id="c.PSA_ERROR_INSUFFICIENT_MEMORY"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code> (macro)</h3>
+<p>There is not enough runtime memory.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY">PSA_ERROR_INSUFFICIENT_MEMORY</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-141)
+</pre>
+<p>If the action is carried out across multiple security realms, this error can refer to available memory in any of the security realms.</p>
+</div>
+<div class="section" id="PSA_ERROR_INSUFFICIENT_STORAGE">
+<span id="c.PSA_ERROR_INSUFFICIENT_STORAGE"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_STORAGE</span></code> (macro)</h3>
+<p>There is not enough persistent storage.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_INSUFFICIENT_STORAGE" title="PSA_ERROR_INSUFFICIENT_STORAGE">PSA_ERROR_INSUFFICIENT_STORAGE</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-142)
+</pre>
+<p>Functions that modify the key storage return this error code if there is insufficient storage space on the host media. In addition, many functions that do not otherwise access storage might return this error code if the implementation requires a mandatory log entry for the requested action and the log storage space is full.</p>
+</div>
+<div class="section" id="PSA_ERROR_INSUFFICIENT_DATA">
+<span id="c.PSA_ERROR_INSUFFICIENT_DATA"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_DATA</span></code> (macro)</h3>
+<p>Return this error when there’s insufficient data when attempting to read from a resource.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_INSUFFICIENT_DATA" title="PSA_ERROR_INSUFFICIENT_DATA">PSA_ERROR_INSUFFICIENT_DATA</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-143)
+</pre>
+</div>
+<div class="section" id="PSA_ERROR_COMMUNICATION_FAILURE">
+<span id="c.PSA_ERROR_COMMUNICATION_FAILURE"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code> (macro)</h3>
+<p>There was a communication failure inside the implementation.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE">PSA_ERROR_COMMUNICATION_FAILURE</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-145)
+</pre>
+<p>This can indicate a communication failure between the application and an external cryptoprocessor or between the cryptoprocessor and an external volatile or persistent memory. A communication failure can be transient or permanent depending on the cause.</p>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">If a function returns this error, it is undetermined whether the requested action has completed. Returning <a class="reference internal" href="#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SUCCESS</span></code></a> is recommended on successful completion whenever possible, however functions can return <a class="reference internal" href="#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a> if the requested action was completed successfully in an external cryptoprocessor but there was a breakdown of communication before the cryptoprocessor could report the status to the application.</p>
+</div>
+</div>
+<div class="section" id="PSA_ERROR_STORAGE_FAILURE">
+<span id="c.PSA_ERROR_STORAGE_FAILURE"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code> (macro)</h3>
+<p>There was a storage failure that might have led to data loss.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE">PSA_ERROR_STORAGE_FAILURE</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-146)
+</pre>
+<p>This error indicates that some persistent storage could not be read or written by the implementation. It does not indicate the following situations, which have specific error codes:</p>
+<ul class="simple">
+<li>A corruption of volatile memory — use <a class="reference internal" href="#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a>.</li>
+<li>A communication error between the cryptoprocessor and its external storage — use <a class="reference internal" href="#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a>.</li>
+<li>When the storage is in a valid state but is full — use <a class="reference internal" href="#c.PSA_ERROR_INSUFFICIENT_STORAGE" title="PSA_ERROR_INSUFFICIENT_STORAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_STORAGE</span></code></a>.</li>
+<li>When the storage or stored data is corrupted — use <a class="reference internal" href="#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a>.</li>
+<li>When the stored data is not valid — use <a class="reference internal" href="#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a>.</li>
+</ul>
+<p>A storage failure does not indicate that any data that was previously read is invalid. However this previously read data might no longer be readable from storage.</p>
+<p>When a storage failure occurs, it is no longer possible to ensure the global integrity of the keystore. Depending on the global integrity guarantees offered by the implementation, access to other data might fail even if the data is still readable but its integrity cannot be guaranteed.</p>
+<p>It is recommended to only use this error code to report a permanent storage corruption. However application writers must keep in mind that transient errors while reading the storage might be reported using this error code.</p>
+</div>
+<div class="section" id="PSA_ERROR_HARDWARE_FAILURE">
+<span id="c.PSA_ERROR_HARDWARE_FAILURE"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_HARDWARE_FAILURE</span></code> (macro)</h3>
+<p>A hardware failure was detected.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_HARDWARE_FAILURE" title="PSA_ERROR_HARDWARE_FAILURE">PSA_ERROR_HARDWARE_FAILURE</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-147)
+</pre>
+<p>A hardware failure can be transient or permanent depending on the cause.</p>
+</div>
+<div class="section" id="PSA_ERROR_INVALID_SIGNATURE">
+<span id="c.PSA_ERROR_INVALID_SIGNATURE"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code> (macro)</h3>
+<p>The signature, MAC or hash is incorrect.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE">PSA_ERROR_INVALID_SIGNATURE</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-149)
+</pre>
+<p>Verification functions return this error if the verification calculations completed successfully, and the value to be verified was determined to be incorrect.</p>
+<p>If the value to verify has an invalid size, implementations can return either <a class="reference internal" href="#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a> or <a class="reference internal" href="#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a>.</p>
+</div>
+</div>
+<div class="section" id="error-codes-specific-to-this-api">
+<h2>8.1.4. Error codes specific to this API</h2>
+<div class="section" id="PSA_ERROR_INSUFFICIENT_ENTROPY">
+<span id="c.PSA_ERROR_INSUFFICIENT_ENTROPY"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_ENTROPY</span></code> (macro)</h3>
+<p>There is not enough entropy to generate random data needed for the requested action.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_INSUFFICIENT_ENTROPY" title="PSA_ERROR_INSUFFICIENT_ENTROPY">PSA_ERROR_INSUFFICIENT_ENTROPY</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-148)
+</pre>
+<p>This error indicates a failure of a hardware random generator. Application writers must note that this error can be returned not only by functions whose purpose is to generate random data, such as key, IV or nonce generation, but also by functions that execute an algorithm with a randomized result, as well as functions that use randomization of intermediate computations as a countermeasure to certain attacks.</p>
+<p>It is recommended that implementations do not return this error after <a class="reference internal" href="library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a> has succeeded. This can be achieved if the implementation generates sufficient entropy during initialization and subsequently a cryptographically secure pseudorandom generator (PRNG) is used. However, implementations might return this error at any time, for example, if a policy requires the PRNG to be reseeded during normal operation.</p>
+</div>
+<div class="section" id="PSA_ERROR_INVALID_PADDING">
+<span id="c.PSA_ERROR_INVALID_PADDING"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_PADDING</span></code> (macro)</h3>
+<p>The decrypted padding is incorrect.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_INVALID_PADDING" title="PSA_ERROR_INVALID_PADDING">PSA_ERROR_INVALID_PADDING</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-150)
+</pre>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">In some protocols, when decrypting data, it is essential that the behavior of the application does not depend on whether the padding is correct, down to precise timing. Protocols that use authenticated encryption are recommended for use by applications, rather than plain encryption. If the application must perform a decryption of unauthenticated data, the application writer must take care not to reveal whether the padding is invalid.</p>
+</div>
+<p>Implementations must handle padding carefully, aiming to make it impossible for an external observer to distinguish between valid and invalid padding. In particular, it is recommended that the timing of a decryption operation does not depend on the validity of the padding.</p>
+</div>
+<div class="section" id="PSA_ERROR_CORRUPTION_DETECTED">
+<span id="c.PSA_ERROR_CORRUPTION_DETECTED"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code> (macro)</h3>
+<p>A tampering attempt was detected.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED">PSA_ERROR_CORRUPTION_DETECTED</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-151)
+</pre>
+<p>If an application receives this error code, there is no guarantee that previously accessed or computed data was correct and remains confidential. In this situation, it is recommended that applications perform no further security functions and enter a safe failure state.</p>
+<p>Implementations can return this error code if they detect an invalid state that cannot happen during normal operation and that indicates that the implementation’s security guarantees no longer hold. Depending on the implementation architecture and on its security and safety goals, the implementation might forcibly terminate the application.</p>
+<p>This error code is intended as a last resort when a security breach is detected and it is unsure whether the keystore data is still protected. Implementations must only return this error code to report an alarm from a tampering detector, to indicate that the confidentiality of stored data can no longer be guaranteed, or to indicate that the integrity of previously returned data is now considered compromised. Implementations must not use this error code to indicate a hardware failure that merely makes it impossible to perform the requested operation, instead use <a class="reference internal" href="#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a>, <a class="reference internal" href="#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a>, <a class="reference internal" href="#c.PSA_ERROR_HARDWARE_FAILURE" title="PSA_ERROR_HARDWARE_FAILURE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_HARDWARE_FAILURE</span></code></a>, <a class="reference internal" href="#c.PSA_ERROR_INSUFFICIENT_ENTROPY" title="PSA_ERROR_INSUFFICIENT_ENTROPY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_ENTROPY</span></code></a> or other applicable error code.</p>
+<p>This error indicates an attack against the application. Implementations must not return this error code as a consequence of the behavior of the application itself.</p>
+</div>
+<div class="section" id="PSA_ERROR_DATA_CORRUPT">
+<span id="c.PSA_ERROR_DATA_CORRUPT"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code> (macro)</h3>
+<p>Stored data has been corrupted.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT">PSA_ERROR_DATA_CORRUPT</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-152)
+</pre>
+<p>This error indicates that some persistent storage has suffered corruption. It does not indicate the following situations, which have specific error codes:</p>
+<ul class="simple">
+<li>A corruption of volatile memory — use <a class="reference internal" href="#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a>.</li>
+<li>A communication error between the cryptoprocessor and its external storage — use <a class="reference internal" href="#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a>.</li>
+<li>When the storage is in a valid state but is full — use <a class="reference internal" href="#c.PSA_ERROR_INSUFFICIENT_STORAGE" title="PSA_ERROR_INSUFFICIENT_STORAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_STORAGE</span></code></a>.</li>
+<li>When the storage fails for other reasons — use <a class="reference internal" href="#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a>.</li>
+<li>When the stored data is not valid — use <a class="reference internal" href="#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a>.</li>
+</ul>
+<p>Note that a storage corruption does not indicate that any data that was previously read is invalid. However this previously read data might no longer be readable from storage.</p>
+<p>When a storage failure occurs, it is no longer possible to ensure the global integrity of the keystore. Depending on the global integrity guarantees offered by the implementation, access to other data might fail even if the data is still readable but its integrity cannot be guaranteed.</p>
+<p>It is recommended to only use this error code to report when a storage component indicates that the stored data is corrupt, or fails an integrity check. For example, in situations that the <span><em>PSA Storage API</em> <a class="reference internal" href="../../about.html#citation-psa-its"><span class="cite">[PSA-ITS]</span></a></span> reports <a class="reference internal" href="#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a> or <a class="reference internal" href="#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_ERROR_DATA_INVALID">
+<span id="c.PSA_ERROR_DATA_INVALID"></span><h3><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code> (macro)</h3>
+<p>Data read from storage is not valid for the implementation.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID">PSA_ERROR_DATA_INVALID</a> ((<a class="reference internal" href="#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-153)
+</pre>
+<p>This error indicates that some data read from storage does not have a valid format. It does not indicate the following situations, which have specific error codes:</p>
+<ul class="simple">
+<li>When the storage or stored data is corrupted — use <a class="reference internal" href="#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a>.</li>
+<li>When the storage fails for other reasons — use <a class="reference internal" href="#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a>.</li>
+<li>An invalid argument to the API — use <a class="reference internal" href="#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a>.</li>
+</ul>
+<p>This error is typically a result of an integration failure, where the implementation reading the data is not compatible with the implementation that stored the data.</p>
+<p>It is recommended to only use this error code to report when data that is successfully read from storage is invalid.</p>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">8. Library management reference</a><ul class="current">
+<li class="toctree-l2 current"><a class="current reference internal" href="#">8.1. PSA status codes</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#status-type">8.1.1. Status type</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#success-codes">8.1.2. Success codes</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#common-error-codes">8.1.3. Common error codes</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#error-codes-specific-to-this-api">8.1.4. Error codes specific to this API</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="library.html">8.2. PSA Crypto library</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="../keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/ops/aead.html b/docs/1.1.0/html/api/ops/aead.html
new file mode 100644
index 0000000..a8ba135
--- /dev/null
+++ b/docs/1.1.0/html/api/ops/aead.html
@@ -0,0 +1,1463 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>10.5. Authenticated encryption with associated data (AEAD) — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="10.6. Key derivation" href="kdf.html" />
+ <link rel="prev" title="10.4. Unauthenticated ciphers" href="ciphers.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="authenticated-encryption-with-associated-data-aead">
+<span id="aead"></span><h1>10.5. Authenticated encryption with associated data (AEAD)</h1>
+<p>The single-part AEAD functions are:</p>
+<ul class="simple">
+<li><a class="reference internal" href="#c.psa_aead_encrypt" title="psa_aead_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt()</span></code></a> to encrypt a message using an authenticated symmetric cipher.</li>
+<li><a class="reference internal" href="#c.psa_aead_decrypt" title="psa_aead_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt()</span></code></a> to decrypt a message using an authenticated symmetric cipher.</li>
+</ul>
+<p>These functions follow the interface recommended by <span><em>An Interface and Algorithms for Authenticated Encryption</em> <a class="reference internal" href="../../about.html#citation-rfc5116"><span class="cite">[RFC5116]</span></a></span>.</p>
+<p>The encryption function requires a nonce to be provided. To generate a random nonce, either call <a class="reference internal" href="rng.html#c.psa_generate_random" title="psa_generate_random"><code class="xref any c c-func docutils literal"><span class="pre">psa_generate_random()</span></code></a> or use the AEAD multi-part API.</p>
+<p>The <a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_aead_operation_t</span></code></a> <a class="reference internal" href="../../overview/functionality.html#multi-part-operations"><span class="std std-ref">multi-part operation</span></a> permits alternative initialization parameters and allows messages to be processed in fragments. A multi-part AEAD operation is used as follows:</p>
+<ol class="arabic simple">
+<li>Initialize the <a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_aead_operation_t</span></code></a> object to zero, or by assigning the value of the associated macro <a class="reference internal" href="#c.PSA_AEAD_OPERATION_INIT" title="PSA_AEAD_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_OPERATION_INIT</span></code></a>.</li>
+<li>Call <a class="reference internal" href="#c.psa_aead_encrypt_setup" title="psa_aead_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt_setup()</span></code></a> or <a class="reference internal" href="#c.psa_aead_decrypt_setup" title="psa_aead_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt_setup()</span></code></a> to specify the algorithm and key.</li>
+<li>Provide additional parameters:<ul>
+<li>If the algorithm requires it, call <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a> to specify the length of the non-encrypted and encrypted inputs to the operation.</li>
+<li>When encrypting, call either <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a> or <a class="reference internal" href="#c.psa_aead_set_nonce" title="psa_aead_set_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_nonce()</span></code></a> to generate or set the nonce.</li>
+<li>When decrypting, call <a class="reference internal" href="#c.psa_aead_set_nonce" title="psa_aead_set_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_nonce()</span></code></a> to set the nonce.</li>
+</ul>
+</li>
+<li>Call <a class="reference internal" href="#c.psa_aead_update_ad" title="psa_aead_update_ad"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update_ad()</span></code></a> zero or more times with fragments of the non-encrypted additional data.</li>
+<li>Call <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a> zero or more times with fragments of the plaintext or ciphertext to encrypt or decrypt.</li>
+<li>At the end of the message, call the required finishing function:<ul>
+<li>To complete an encryption operation, call <a class="reference internal" href="#c.psa_aead_finish" title="psa_aead_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_finish()</span></code></a> to compute and return authentication tag.</li>
+<li>To complete a decryption operation, call <a class="reference internal" href="#c.psa_aead_verify" title="psa_aead_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_verify()</span></code></a> to compute the authentication tag and verify it against a reference value.</li>
+</ul>
+</li>
+</ol>
+<p>To abort the operation or recover from an error, call <a class="reference internal" href="#c.psa_aead_abort" title="psa_aead_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_abort()</span></code></a>.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p>Using a multi-part interface to authenticated encryption raises specific issues.</p>
+<ul class="last simple">
+<li>Multi-part authenticated decryption produces intermediate results that are not authenticated. Revealing unauthenticated results, either directly or indirectly through the application’s behavior, can compromise the confidentiality of all inputs that are encrypted with the same key. See the <a class="reference internal" href="#aead-multi-part-warning"><span class="std std-ref">detailed warning</span></a>.</li>
+<li>For encryption, some common algorithms cannot be processed in a streaming fashion. For SIV mode, the whole plaintext must be known before the encryption can start; the multi-part AEAD API is not meant to be usable with SIV mode. For CCM mode, the length of the plaintext must be known before the encryption can start; the application can call the function <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a> to provide these lengths before providing input.</li>
+</ul>
+</div>
+<div class="section" id="aead-algorithms">
+<span id="id1"></span><h2>10.5.1. AEAD algorithms</h2>
+<div class="section" id="PSA_ALG_CCM">
+<span id="c.PSA_ALG_CCM"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_CCM</span></code> (macro)</h3>
+<p>The <em>Counter with CBC-MAC</em> (CCM) authenticated encryption algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_CCM" title="PSA_ALG_CCM">PSA_ALG_CCM</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x05500100)
+</pre>
+<p>CCM is defined for block ciphers that have a 128-bit block size. The underlying block cipher is determined by the key type.</p>
+<p>To use <a class="reference internal" href="#c.PSA_ALG_CCM" title="PSA_ALG_CCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CCM</span></code></a> with a multi-part AEAD operation, the application must call <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a> before providing the nonce, the additional data and plaintext to the operation.</p>
+<p>CCM requires a nonce of between 7 and 13 bytes in length. The length of the nonce affects the maximum length of the plaintext than can be encrypted or decrypted. If the nonce has length <em>N</em>, then the plaintext length <em>pLen</em> is encoded in <em>L</em> = 15 - <em>N</em> octets, this requires that <em>pLen</em> < 2<sup>8L</sup>.</p>
+<p>The value for <em>L</em> that is used with <a class="reference internal" href="#c.PSA_ALG_CCM" title="PSA_ALG_CCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CCM</span></code></a> depends on the function used to provide the nonce:</p>
+<ul class="simple">
+<li>A call to <a class="reference internal" href="#c.psa_aead_encrypt" title="psa_aead_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt()</span></code></a>, <a class="reference internal" href="#c.psa_aead_decrypt" title="psa_aead_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt()</span></code></a>, or <a class="reference internal" href="#c.psa_aead_set_nonce" title="psa_aead_set_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_nonce()</span></code></a> will set <em>L</em> to 15 - <code class="docutils literal"><span class="pre">nonce_length</span></code>. If the plaintext length cannot be encoded in <em>L</em> octets, then a <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a> error is returned.</li>
+<li>A call to <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a> on a multi-part cipher operation will select <em>L</em> as the smallest integer >= 2 where <em>pLen</em> < 2<sup>8L</sup>, with <em>pLen</em> being the <code class="docutils literal"><span class="pre">plaintext_length</span></code> provided to <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a>. The call to <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a> will generate and return a random nonce of length 15 - <em>L</em> bytes.</li>
+</ul>
+<p>CCM supports authentication tag sizes of 4, 6, 8, 10, 12, 14, and 16 bytes. The default tag length is 16. Shortened tag lengths can be requested using <a class="reference internal" href="#c.PSA_ALG_AEAD_WITH_SHORTENED_TAG" title="PSA_ALG_AEAD_WITH_SHORTENED_TAG"><code class="docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_SHORTENED_TAG</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="#c.PSA_ALG_CCM" title="PSA_ALG_CCM"><code class="docutils literal"><span class="pre">PSA_ALG_CCM</span></code></a><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">tag_length</span></code><code class="docutils literal"><span class="pre">)</span></code>, where <code class="docutils literal"><span class="pre">tag_length</span></code> is a valid CCM tag length.</p>
+<p>The CCM block cipher mode is defined in <span><em>Counter with CBC-MAC (CCM)</em> <a class="reference internal" href="../../about.html#citation-rfc3610"><span class="cite">[RFC3610]</span></a></span>.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ARIA" title="PSA_KEY_TYPE_ARIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_CAMELLIA" title="PSA_KEY_TYPE_CAMELLIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CAMELLIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_SM4" title="PSA_KEY_TYPE_SM4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_SM4</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_GCM">
+<span id="c.PSA_ALG_GCM"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_GCM</span></code> (macro)</h3>
+<p>The <em>Galois/Counter Mode</em> (GCM) authenticated encryption algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_GCM" title="PSA_ALG_GCM">PSA_ALG_GCM</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x05500200)
+</pre>
+<p>GCM is defined for block ciphers that have a 128-bit block size. The underlying block cipher is determined by the key type.</p>
+<p>GCM requires a nonce of at least 1 byte in length. The maximum supported nonce size is <a class="reference internal" href="../../about.html#term-implementation-defined"><span class="scterm">implementation defined</span></a>. Calling <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a> will generate a random 12-byte nonce.</p>
+<p>GCM supports authentication tag sizes of 4, 8, 12, 13, 14, 15, and 16 bytes. The default tag length is 16. Shortened tag lengths can be requested using <a class="reference internal" href="#c.PSA_ALG_AEAD_WITH_SHORTENED_TAG" title="PSA_ALG_AEAD_WITH_SHORTENED_TAG"><code class="docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_SHORTENED_TAG</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="#c.PSA_ALG_GCM" title="PSA_ALG_GCM"><code class="docutils literal"><span class="pre">PSA_ALG_GCM</span></code></a><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">tag_length</span></code><code class="docutils literal"><span class="pre">)</span></code>, where <code class="docutils literal"><span class="pre">tag_length</span></code> is a valid GCM tag length.</p>
+<p>The GCM block cipher mode is defined in <span><em>NIST Special Publication 800-38D: Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC</em> <a class="reference internal" href="../../about.html#citation-sp800-38d"><span class="cite">[SP800-38D]</span></a></span>.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ARIA" title="PSA_KEY_TYPE_ARIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_CAMELLIA" title="PSA_KEY_TYPE_CAMELLIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CAMELLIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_SM4" title="PSA_KEY_TYPE_SM4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_SM4</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_CHACHA20_POLY1305">
+<span id="c.PSA_ALG_CHACHA20_POLY1305"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_CHACHA20_POLY1305</span></code> (macro)</h3>
+<p>The ChaCha20-Poly1305 AEAD algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_CHACHA20_POLY1305" title="PSA_ALG_CHACHA20_POLY1305">PSA_ALG_CHACHA20_POLY1305</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x05100500)
+</pre>
+<p>There are two defined variants of ChaCha20-Poly1305:</p>
+<ul class="simple">
+<li>An implementation that supports ChaCha20-Poly1305 must support the variant defined by <span><em>ChaCha20 and Poly1305 for IETF Protocols</em> <a class="reference internal" href="../../about.html#citation-rfc7539"><span class="cite">[RFC7539]</span></a></span>, which has a 96-bit nonce and 32-bit counter.</li>
+<li>An implementation can optionally also support the original variant defined by <span><em>ChaCha, a variant of Salsa20</em> <a class="reference internal" href="../../about.html#citation-chacha20"><span class="cite">[CHACHA20]</span></a></span>, which has a 64-bit nonce and 64-bit counter.</li>
+</ul>
+<p>The variant used for the AEAD encryption or decryption operation, depends on the nonce provided for an AEAD operation using <a class="reference internal" href="#c.PSA_ALG_CHACHA20_POLY1305" title="PSA_ALG_CHACHA20_POLY1305"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CHACHA20_POLY1305</span></code></a>:</p>
+<ul class="simple">
+<li>A nonce provided in a call to <a class="reference internal" href="#c.psa_aead_encrypt" title="psa_aead_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt()</span></code></a>, <a class="reference internal" href="#c.psa_aead_decrypt" title="psa_aead_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt()</span></code></a> or <a class="reference internal" href="#c.psa_aead_set_nonce" title="psa_aead_set_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_nonce()</span></code></a> must be 8 or 12 bytes. The size of nonce will select the appropriate variant of the algorithm.</li>
+<li>A nonce generated by a call to <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a> will be 12 bytes, and will use the <a class="reference internal" href="../../about.html#citation-rfc7539"><span class="cite">[RFC7539]</span></a> variant.</li>
+</ul>
+<p>Implementations must support 16-byte tags. It is recommended that truncated tag sizes are rejected.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_CHACHA20" title="PSA_KEY_TYPE_CHACHA20"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CHACHA20</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_AEAD_WITH_SHORTENED_TAG">
+<span id="c.PSA_ALG_AEAD_WITH_SHORTENED_TAG"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_SHORTENED_TAG</span></code> (macro)</h3>
+<p>Macro to build a AEAD algorithm with a shortened tag.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_AEAD_WITH_SHORTENED_TAG" title="PSA_ALG_AEAD_WITH_SHORTENED_TAG">PSA_ALG_AEAD_WITH_SHORTENED_TAG</a>(aead_alg, tag_length) \
+ <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">aead_alg</span></code></dt>
+<dd>An AEAD algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD"><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">aead_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">tag_length</span></code></dt>
+<dd>Desired length of the authentication tag in bytes.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding AEAD algorithm with the specified tag length.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">aead_alg</span></code> is not a supported AEAD algorithm or if <code class="docutils literal"><span class="pre">tag_length</span></code> is not valid for the specified AEAD algorithm.</p>
+<p class="rubric">Description</p>
+<p>An AEAD algorithm with a shortened tag is similar to the corresponding AEAD algorithm, but has an authentication tag that consists of fewer bytes. Depending on the algorithm, the tag length might affect the calculation of the ciphertext.</p>
+<p>The AEAD algorithm with a default length tag can be recovered using <a class="reference internal" href="#c.PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG" title="PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG()</span></code></a>.</p>
+<p class="rubric">Compatible key types</p>
+<p>The resulting AEAD algorithm is compatible with the same key types as the AEAD algorithm used to construct it.</p>
+</div>
+<div class="section" id="PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG">
+<span id="c.PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG</span></code> (macro)</h3>
+<p>An AEAD algorithm with the default tag length.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG" title="PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG">PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG</a>(aead_alg) \
+ <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">aead_alg</span></code></dt>
+<dd>An AEAD algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD"><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">aead_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding AEAD algorithm with the default tag length for that algorithm.</p>
+<p class="rubric">Description</p>
+<p>This macro can be used to construct the AEAD algorithm with default tag length from an AEAD algorithm with a shortened tag. See also <a class="reference internal" href="#c.PSA_ALG_AEAD_WITH_SHORTENED_TAG" title="PSA_ALG_AEAD_WITH_SHORTENED_TAG"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_SHORTENED_TAG()</span></code></a>.</p>
+<p class="rubric">Compatible key types</p>
+<p>The resulting AEAD algorithm is compatible with the same key types as the AEAD algorithm used to construct it.</p>
+</div>
+<div class="section" id="PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG">
+<span id="c.PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG</span></code> (macro)</h3>
+<p>Macro to build an AEAD minimum-tag-length wildcard algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG" title="PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG">PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG</a>(aead_alg, min_tag_length) \
+ <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">aead_alg</span></code></dt>
+<dd>An AEAD algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD"><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">aead_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">min_tag_length</span></code></dt>
+<dd>Desired minimum length of the authentication tag in bytes. This must be at least <code class="docutils literal"><span class="pre">1</span></code> and at most the largest allowed tag length of the algorithm.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding AEAD wildcard algorithm with the specified minimum tag length.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">aead_alg</span></code> is not a supported AEAD algorithm or if <code class="docutils literal"><span class="pre">min_tag_length</span></code> is less than <code class="docutils literal"><span class="pre">1</span></code> or too large for the specified AEAD algorithm.</p>
+<p class="rubric">Description</p>
+<p>A key with a minimum-tag-length AEAD wildcard algorithm as permitted algorithm policy can be used with all AEAD algorithms sharing the same base algorithm, and where the tag length of the specific algorithm is equal to or larger then the minimum tag length specified by the wildcard algorithm.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">When setting the minimum required tag length to less than the smallest tag length allowed by the base algorithm, this effectively becomes an ‘any-tag-length-allowed’ policy for that base algorithm.</p>
+</div>
+<p>The AEAD algorithm with a default length tag can be recovered using <a class="reference internal" href="#c.PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG" title="PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG()</span></code></a>.</p>
+<p class="rubric">Compatible key types</p>
+<p>The resulting wildcard AEAD algorithm is compatible with the same key types as the AEAD algorithm used to construct it.</p>
+</div>
+</div>
+<div class="section" id="single-part-aead-functions">
+<h2>10.5.2. Single-part AEAD functions</h2>
+<div class="section" id="psa_aead_encrypt">
+<span id="c.psa_aead_encrypt"></span><h3><code class="docutils literal"><span class="pre">psa_aead_encrypt</span></code> (function)</h3>
+<p>Process an authenticated encryption operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_aead_encrypt" title="psa_aead_encrypt">psa_aead_encrypt</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * nonce,
+ size_t nonce_length,
+ const uint8_t * additional_data,
+ size_t additional_data_length,
+ const uint8_t * plaintext,
+ size_t plaintext_length,
+ uint8_t * ciphertext,
+ size_t ciphertext_size,
+ size_t * ciphertext_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to use for the operation.
+It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_ENCRYPT" title="PSA_KEY_USAGE_ENCRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_ENCRYPT</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The AEAD algorithm to compute: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD"><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">nonce</span></code></dt>
+<dd>Nonce or IV to use.</dd>
+<dt> <code class="docutils literal"><span class="pre">nonce_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">nonce</span></code> buffer in bytes. This must be appropriate for the selected algorithm. The default nonce size is <a class="reference internal" href="#c.PSA_AEAD_NONCE_LENGTH" title="PSA_AEAD_NONCE_LENGTH"><code class="docutils literal"><span class="pre">PSA_AEAD_NONCE_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> is the type of <code class="docutils literal"><span class="pre">key</span></code>.</dd>
+<dt> <code class="docutils literal"><span class="pre">additional_data</span></code></dt>
+<dd>Additional data that will be authenticated but not encrypted.</dd>
+<dt> <code class="docutils literal"><span class="pre">additional_data_length</span></code></dt>
+<dd>Size of <code class="docutils literal"><span class="pre">additional_data</span></code> in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">plaintext</span></code></dt>
+<dd>Data that will be authenticated and encrypted.</dd>
+<dt> <code class="docutils literal"><span class="pre">plaintext_length</span></code></dt>
+<dd>Size of <code class="docutils literal"><span class="pre">plaintext</span></code> in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">ciphertext</span></code></dt>
+<dd>Output buffer for the authenticated and encrypted data. The additional data is not part of this output. For algorithms where the encrypted data and the authentication tag are defined as separate outputs, the authentication tag is appended to the encrypted data.</dd>
+<dt> <code class="docutils literal"><span class="pre">ciphertext_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">ciphertext</span></code> buffer in bytes. This must be appropriate for the selected algorithm and key:</p>
+<ul class="last simple">
+<li>A sufficient output size is <a class="reference internal" href="#c.PSA_AEAD_ENCRYPT_OUTPUT_SIZE" title="PSA_AEAD_ENCRYPT_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_ENCRYPT_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">plaintext_length</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> is the type of <code class="docutils literal"><span class="pre">key</span></code>.</li>
+<li><a class="reference internal" href="#c.PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">plaintext_length</span></code><code class="docutils literal"><span class="pre">)</span></code> evaluates to the maximum ciphertext size of any supported AEAD encryption.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">ciphertext_length</span></code></dt>
+<dd>On success, the size of the output in the <code class="docutils literal"><span class="pre">ciphertext</span></code> buffer.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*ciphertext_length)</span></code> bytes of <code class="docutils literal"><span class="pre">ciphertext</span></code> contain the output.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_ENCRYPT" title="PSA_KEY_USAGE_ENCRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_ENCRYPT</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">ciphertext</span></code> buffer is too small. <a class="reference internal" href="#c.PSA_AEAD_ENCRYPT_OUTPUT_SIZE" title="PSA_AEAD_ENCRYPT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_ENCRYPT_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE()</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not an AEAD algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">nonce_length</span></code> is not valid for use with <code class="docutils literal"><span class="pre">alg</span></code> and <code class="docutils literal"><span class="pre">key</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">additional_data_length</span></code> or <code class="docutils literal"><span class="pre">plaintext_length</span></code> are too large for <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not an AEAD algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">nonce_length</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code> and <code class="docutils literal"><span class="pre">key</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">additional_data_length</span></code> or <code class="docutils literal"><span class="pre">plaintext_length</span></code> are too large for the implementation.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+</div>
+<div class="section" id="psa_aead_decrypt">
+<span id="c.psa_aead_decrypt"></span><h3><code class="docutils literal"><span class="pre">psa_aead_decrypt</span></code> (function)</h3>
+<p>Process an authenticated decryption operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_aead_decrypt" title="psa_aead_decrypt">psa_aead_decrypt</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * nonce,
+ size_t nonce_length,
+ const uint8_t * additional_data,
+ size_t additional_data_length,
+ const uint8_t * ciphertext,
+ size_t ciphertext_length,
+ uint8_t * plaintext,
+ size_t plaintext_size,
+ size_t * plaintext_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to use for the operation.
+It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DECRYPT" title="PSA_KEY_USAGE_DECRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DECRYPT</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The AEAD algorithm to compute: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD"><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">nonce</span></code></dt>
+<dd>Nonce or IV to use.</dd>
+<dt> <code class="docutils literal"><span class="pre">nonce_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">nonce</span></code> buffer in bytes. This must be appropriate for the selected algorithm. The default nonce size is <a class="reference internal" href="#c.PSA_AEAD_NONCE_LENGTH" title="PSA_AEAD_NONCE_LENGTH"><code class="docutils literal"><span class="pre">PSA_AEAD_NONCE_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> is the type of <code class="docutils literal"><span class="pre">key</span></code>.</dd>
+<dt> <code class="docutils literal"><span class="pre">additional_data</span></code></dt>
+<dd>Additional data that has been authenticated but not encrypted.</dd>
+<dt> <code class="docutils literal"><span class="pre">additional_data_length</span></code></dt>
+<dd>Size of <code class="docutils literal"><span class="pre">additional_data</span></code> in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">ciphertext</span></code></dt>
+<dd>Data that has been authenticated and encrypted. For algorithms where the encrypted data and the authentication tag are defined as separate inputs, the buffer must contain the encrypted data followed by the authentication tag.</dd>
+<dt> <code class="docutils literal"><span class="pre">ciphertext_length</span></code></dt>
+<dd>Size of <code class="docutils literal"><span class="pre">ciphertext</span></code> in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">plaintext</span></code></dt>
+<dd>Output buffer for the decrypted data.</dd>
+<dt> <code class="docutils literal"><span class="pre">plaintext_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">plaintext</span></code> buffer in bytes. This must be appropriate for the selected algorithm and key:</p>
+<ul class="last simple">
+<li>A sufficient output size is <a class="reference internal" href="#c.PSA_AEAD_DECRYPT_OUTPUT_SIZE" title="PSA_AEAD_DECRYPT_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_DECRYPT_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">ciphertext_length</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> is the type of <code class="docutils literal"><span class="pre">key</span></code>.</li>
+<li><a class="reference internal" href="#c.PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">ciphertext_length</span></code><code class="docutils literal"><span class="pre">)</span></code> evaluates to the maximum plaintext size of any supported AEAD decryption.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">plaintext_length</span></code></dt>
+<dd>On success, the size of the output in the <code class="docutils literal"><span class="pre">plaintext</span></code> buffer.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*plaintext_length)</span></code> bytes of <code class="docutils literal"><span class="pre">plaintext</span></code> contain the output.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DECRYPT" title="PSA_KEY_USAGE_DECRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DECRYPT</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a></dt>
+<dd>The ciphertext is not authentic.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">plaintext</span></code> buffer is too small. <a class="reference internal" href="#c.PSA_AEAD_DECRYPT_OUTPUT_SIZE" title="PSA_AEAD_DECRYPT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_DECRYPT_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE()</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not an AEAD algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">nonce_length</span></code> is not valid for use with <code class="docutils literal"><span class="pre">alg</span></code> and <code class="docutils literal"><span class="pre">key</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">additional_data_length</span></code> or <code class="docutils literal"><span class="pre">ciphertext_length</span></code> are too large for <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not an AEAD algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">nonce_length</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code> and <code class="docutils literal"><span class="pre">key</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">additional_data_length</span></code> or <code class="docutils literal"><span class="pre">plaintext_length</span></code> are too large for the implementation.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+</div>
+</div>
+<div class="section" id="multi-part-aead-operations">
+<h2>10.5.3. Multi-part AEAD operations</h2>
+<div class="admonition warning" id="aead-multi-part-warning">
+<p class="first admonition-title">Warning</p>
+<p>When decrypting using a multi-part AEAD operation, there is no guarantee that the input or output is valid until <a class="reference internal" href="#c.psa_aead_verify" title="psa_aead_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_verify()</span></code></a> has returned <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SUCCESS</span></code></a>.</p>
+<p>A call to <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a> or <a class="reference internal" href="#c.psa_aead_update_ad" title="psa_aead_update_ad"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update_ad()</span></code></a> returning <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SUCCESS</span></code></a> <strong>does not</strong> indicate that the input and output is valid.</p>
+<p>Until an application calls <a class="reference internal" href="#c.psa_aead_verify" title="psa_aead_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_verify()</span></code></a> and it has returned <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SUCCESS</span></code></a>, the following rules apply to input and output data from a multi-part AEAD operation:</p>
+<ul class="simple">
+<li>Do not trust the input. If the application takes any action that depends on the input data, this action will need to be undone if the input turns out to be invalid.</li>
+<li>Store the output in a confidential location. In particular, the application must not copy the output to a memory or storage space which is shared.</li>
+<li>Do not trust the output. If the application takes any action that depends on the tentative decrypted data, this action will need to be undone if the input turns out to be invalid. Furthermore, if an adversary can observe that this action took place, for example, through timing, they might be able to use this fact as an oracle to decrypt any message encrypted with the same key.</li>
+</ul>
+<p class="last">An application that does not follow these rules might be vulnerable to maliciously constructed AEAD input data.</p>
+</div>
+<div class="section" id="psa_aead_operation_t">
+<span id="c.psa_aead_operation_t"></span><h3><code class="docutils literal"><span class="pre">psa_aead_operation_t</span></code> (type)</h3>
+<p>The type of the state object for multi-part AEAD operations.</p>
+<pre class="literal-block">
+typedef <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-type"><span class="std std-ref">/* implementation-defined type */</span></a></em> <a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a>;
+</pre>
+<p>Before calling any function on an AEAD operation object, the application must initialize it by any of the following means:</p>
+<ul>
+<li><p class="first">Set the object to all-bits-zero, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> operation;
+memset(&operation, 0, sizeof(operation));
+</pre>
+</li>
+<li><p class="first">Initialize the object to logical zero values by declaring the object as static or global without an explicit initializer, for example:</p>
+<pre class="literal-block">
+static <a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> operation;
+</pre>
+</li>
+<li><p class="first">Initialize the object to the initializer <a class="reference internal" href="#c.PSA_AEAD_OPERATION_INIT" title="PSA_AEAD_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_OPERATION_INIT</span></code></a>, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> operation = <a class="reference internal" href="#c.PSA_AEAD_OPERATION_INIT" title="PSA_AEAD_OPERATION_INIT">PSA_AEAD_OPERATION_INIT</a>;
+</pre>
+</li>
+<li><p class="first">Assign the result of the function <a class="reference internal" href="#c.psa_aead_operation_init" title="psa_aead_operation_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_operation_init()</span></code></a> to the object, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> operation;
+operation = <a class="reference internal" href="#c.psa_aead_operation_init" title="psa_aead_operation_init">psa_aead_operation_init</a>();
+</pre>
+</li>
+</ul>
+<p>This is an implementation-defined type. Applications that make assumptions about the content of this object will result in in implementation-specific behavior, and are non-portable.</p>
+</div>
+<div class="section" id="PSA_AEAD_OPERATION_INIT">
+<span id="c.PSA_AEAD_OPERATION_INIT"></span><h3><code class="docutils literal"><span class="pre">PSA_AEAD_OPERATION_INIT</span></code> (macro)</h3>
+<p>This macro returns a suitable initializer for an AEAD operation object of type <a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_aead_operation_t</span></code></a>.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_AEAD_OPERATION_INIT" title="PSA_AEAD_OPERATION_INIT">PSA_AEAD_OPERATION_INIT</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+</div>
+<div class="section" id="psa_aead_operation_init">
+<span id="c.psa_aead_operation_init"></span><h3><code class="docutils literal"><span class="pre">psa_aead_operation_init</span></code> (function)</h3>
+<p>Return an initial value for an AEAD operation object.</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> <a class="reference internal" href="#c.psa_aead_operation_init" title="psa_aead_operation_init">psa_aead_operation_init</a>(void);
+</pre>
+<p class="rubric">Returns: <a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t"><code class="docutils literal"><span class="pre">psa_aead_operation_t</span></code></a></p>
+</div>
+<div class="section" id="psa_aead_encrypt_setup">
+<span id="c.psa_aead_encrypt_setup"></span><h3><code class="docutils literal"><span class="pre">psa_aead_encrypt_setup</span></code> (function)</h3>
+<p>Set the key for a multi-part authenticated encryption operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_aead_encrypt_setup" title="psa_aead_encrypt_setup">psa_aead_encrypt_setup</a>(<a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ <a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The operation object to set up. It must have been initialized as per the documentation for <a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_aead_operation_t</span></code></a> and not yet in use.</dd>
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to use for the operation. It must remain valid until the operation terminates.
+It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_ENCRYPT" title="PSA_KEY_USAGE_ENCRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_ENCRYPT</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The AEAD algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD"><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be inactive.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_ENCRYPT" title="PSA_KEY_USAGE_ENCRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_ENCRYPT</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not an AEAD algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not an AEAD algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The sequence of operations to encrypt a message with authentication is as follows:</p>
+<ol class="arabic simple">
+<li>Allocate an operation object which will be passed to all the functions listed here.</li>
+<li>Initialize the operation object with one of the methods described in the documentation for <a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_aead_operation_t</span></code></a>, e.g. <a class="reference internal" href="#c.PSA_AEAD_OPERATION_INIT" title="PSA_AEAD_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_OPERATION_INIT</span></code></a>.</li>
+<li>Call <a class="reference internal" href="#c.psa_aead_encrypt_setup" title="psa_aead_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt_setup()</span></code></a> to specify the algorithm and key.</li>
+<li>If needed, call <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a> to specify the length of the inputs to the subsequent calls to <a class="reference internal" href="#c.psa_aead_update_ad" title="psa_aead_update_ad"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update_ad()</span></code></a> and <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a>. See the documentation of <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a> for details.</li>
+<li>Call either <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a> or <a class="reference internal" href="#c.psa_aead_set_nonce" title="psa_aead_set_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_nonce()</span></code></a> to generate or set the nonce. It is recommended to use <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a> unless the protocol being implemented requires a specific nonce value.</li>
+<li>Call <a class="reference internal" href="#c.psa_aead_update_ad" title="psa_aead_update_ad"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update_ad()</span></code></a> zero, one or more times, passing a fragment of the non-encrypted additional authenticated data each time.</li>
+<li>Call <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a> zero, one or more times, passing a fragment of the message to encrypt each time.</li>
+<li>Call <a class="reference internal" href="#c.psa_aead_finish" title="psa_aead_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_finish()</span></code></a>.</li>
+</ol>
+<p>If an error occurs at any step after a call to <a class="reference internal" href="#c.psa_aead_encrypt_setup" title="psa_aead_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt_setup()</span></code></a>, the operation will need to be reset by a call to <a class="reference internal" href="#c.psa_aead_abort" title="psa_aead_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_abort()</span></code></a>. The application can call <a class="reference internal" href="#c.psa_aead_abort" title="psa_aead_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_abort()</span></code></a> at any time after the operation has been initialized.</p>
+<p>After a successful call to <a class="reference internal" href="#c.psa_aead_encrypt_setup" title="psa_aead_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt_setup()</span></code></a>, the application must eventually terminate the operation. The following events terminate an operation:</p>
+<ul class="simple">
+<li>A successful call to <a class="reference internal" href="#c.psa_aead_finish" title="psa_aead_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_finish()</span></code></a>.</li>
+<li>A call to <a class="reference internal" href="#c.psa_aead_abort" title="psa_aead_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_abort()</span></code></a>.</li>
+</ul>
+</div>
+<div class="section" id="psa_aead_decrypt_setup">
+<span id="c.psa_aead_decrypt_setup"></span><h3><code class="docutils literal"><span class="pre">psa_aead_decrypt_setup</span></code> (function)</h3>
+<p>Set the key for a multi-part authenticated decryption operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_aead_decrypt_setup" title="psa_aead_decrypt_setup">psa_aead_decrypt_setup</a>(<a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ <a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The operation object to set up. It must have been initialized as per the documentation for <a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_aead_operation_t</span></code></a> and not yet in use.</dd>
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to use for the operation. It must remain valid until the operation terminates.
+It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DECRYPT" title="PSA_KEY_USAGE_DECRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DECRYPT</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The AEAD algorithm to compute: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD"><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be inactive.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DECRYPT" title="PSA_KEY_USAGE_DECRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DECRYPT</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not an AEAD algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not an AEAD algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The sequence of operations to decrypt a message with authentication is as follows:</p>
+<ol class="arabic simple">
+<li>Allocate an operation object which will be passed to all the functions listed here.</li>
+<li>Initialize the operation object with one of the methods described in the documentation for <a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_aead_operation_t</span></code></a>, e.g. <a class="reference internal" href="#c.PSA_AEAD_OPERATION_INIT" title="PSA_AEAD_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_OPERATION_INIT</span></code></a>.</li>
+<li>Call <a class="reference internal" href="#c.psa_aead_decrypt_setup" title="psa_aead_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt_setup()</span></code></a> to specify the algorithm and key.</li>
+<li>If needed, call <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a> to specify the length of the inputs to the subsequent calls to <a class="reference internal" href="#c.psa_aead_update_ad" title="psa_aead_update_ad"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update_ad()</span></code></a> and <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a>. See the documentation of <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a> for details.</li>
+<li>Call <a class="reference internal" href="#c.psa_aead_set_nonce" title="psa_aead_set_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_nonce()</span></code></a> with the nonce for the decryption.</li>
+<li>Call <a class="reference internal" href="#c.psa_aead_update_ad" title="psa_aead_update_ad"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update_ad()</span></code></a> zero, one or more times, passing a fragment of the non-encrypted additional authenticated data each time.</li>
+<li>Call <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a> zero, one or more times, passing a fragment of the ciphertext to decrypt each time.</li>
+<li>Call <a class="reference internal" href="#c.psa_aead_verify" title="psa_aead_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_verify()</span></code></a>.</li>
+</ol>
+<p>If an error occurs at any step after a call to <a class="reference internal" href="#c.psa_aead_decrypt_setup" title="psa_aead_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt_setup()</span></code></a>, the operation will need to be reset by a call to <a class="reference internal" href="#c.psa_aead_abort" title="psa_aead_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_abort()</span></code></a>. The application can call <a class="reference internal" href="#c.psa_aead_abort" title="psa_aead_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_abort()</span></code></a> at any time after the operation has been initialized.</p>
+<p>After a successful call to <a class="reference internal" href="#c.psa_aead_decrypt_setup" title="psa_aead_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt_setup()</span></code></a>, the application must eventually terminate the operation. The following events terminate an operation:</p>
+<ul class="simple">
+<li>A successful call to <a class="reference internal" href="#c.psa_aead_verify" title="psa_aead_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_verify()</span></code></a>.</li>
+<li>A call to <a class="reference internal" href="#c.psa_aead_abort" title="psa_aead_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_abort()</span></code></a>.</li>
+</ul>
+</div>
+<div class="section" id="psa_aead_set_lengths">
+<span id="c.psa_aead_set_lengths"></span><h3><code class="docutils literal"><span class="pre">psa_aead_set_lengths</span></code> (function)</h3>
+<p>Declare the lengths of the message and additional data for AEAD.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths">psa_aead_set_lengths</a>(<a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ size_t ad_length,
+ size_t plaintext_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active AEAD operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">ad_length</span></code></dt>
+<dd>Size of the non-encrypted additional authenticated data in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">plaintext_length</span></code></dt>
+<dd>Size of the plaintext to encrypt in bytes.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be active, and <a class="reference internal" href="#c.psa_aead_set_nonce" title="psa_aead_set_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_nonce()</span></code></a> and <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a> must not have been called yet.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">ad_length</span></code> or <code class="docutils literal"><span class="pre">plaintext_length</span></code> are too large for the chosen algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">ad_length</span></code> or <code class="docutils literal"><span class="pre">plaintext_length</span></code> are too large for the implementation.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The application must call this function before calling <a class="reference internal" href="#c.psa_aead_set_nonce" title="psa_aead_set_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_nonce()</span></code></a> or <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a>, if the algorithm for the operation requires it. If the algorithm does not require it, calling this function is optional, but if this function is called then the implementation must enforce the lengths.</p>
+<ul class="simple">
+<li>For <a class="reference internal" href="#c.PSA_ALG_CCM" title="PSA_ALG_CCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CCM</span></code></a>, calling this function is required.</li>
+<li>For the other AEAD algorithms defined in this specification, calling this function is not required.</li>
+<li>For vendor-defined algorithm, refer to the vendor documentation.</li>
+</ul>
+<p>If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_aead_abort" title="psa_aead_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_abort()</span></code></a>.</p>
+</div>
+<div class="section" id="psa_aead_generate_nonce">
+<span id="c.psa_aead_generate_nonce"></span><h3><code class="docutils literal"><span class="pre">psa_aead_generate_nonce</span></code> (function)</h3>
+<p>Generate a random nonce for an authenticated encryption operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce">psa_aead_generate_nonce</a>(<a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ uint8_t * nonce,
+ size_t nonce_size,
+ size_t * nonce_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active AEAD operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">nonce</span></code></dt>
+<dd>Buffer where the generated nonce is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">nonce_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">nonce</span></code> buffer in bytes. This must be appropriate for the selected algorithm and key:</p>
+<ul class="last simple">
+<li>A sufficient output size is <a class="reference internal" href="#c.PSA_AEAD_NONCE_LENGTH" title="PSA_AEAD_NONCE_LENGTH"><code class="docutils literal"><span class="pre">PSA_AEAD_NONCE_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> is the type of key and <code class="docutils literal"><span class="pre">alg</span></code> is the algorithm that were used to set up the operation.</li>
+<li><a class="reference internal" href="#c.PSA_AEAD_NONCE_MAX_SIZE" title="PSA_AEAD_NONCE_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_NONCE_MAX_SIZE</span></code></a> evaluates to a sufficient output size for any supported AEAD algorithm.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">nonce_length</span></code></dt>
+<dd>On success, the number of bytes of the generated nonce.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*nonce_length)</span></code> bytes of <code class="docutils literal"><span class="pre">nonce</span></code> contain the generated nonce.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be an active AEAD encryption operation, with no nonce set.</li>
+<li>The operation state is not valid: this is an algorithm which requires <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a> to be called before setting the nonce.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">nonce</span></code> buffer is too small. <a class="reference internal" href="#c.PSA_AEAD_NONCE_LENGTH" title="PSA_AEAD_NONCE_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_NONCE_LENGTH()</span></code></a> or <a class="reference internal" href="#c.PSA_AEAD_NONCE_MAX_SIZE" title="PSA_AEAD_NONCE_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_NONCE_MAX_SIZE</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_ENTROPY" title="PSA_ERROR_INSUFFICIENT_ENTROPY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_ENTROPY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>This function generates a random nonce for the authenticated encryption operation with an appropriate size for the chosen algorithm, key type and key size.</p>
+<p>Most algorithms generate a default-length nonce, as returned by <a class="reference internal" href="#c.PSA_AEAD_NONCE_LENGTH" title="PSA_AEAD_NONCE_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_NONCE_LENGTH()</span></code></a>. Some algorithms can return a shorter nonce from <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a>, see the individual algorithm descriptions for details.</p>
+<p>The application must call <a class="reference internal" href="#c.psa_aead_encrypt_setup" title="psa_aead_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt_setup()</span></code></a> before calling this function. If applicable for the algorithm, the application must call <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a> before calling this function.</p>
+<p>If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_aead_abort" title="psa_aead_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_abort()</span></code></a>.</p>
+</div>
+<div class="section" id="psa_aead_set_nonce">
+<span id="c.psa_aead_set_nonce"></span><h3><code class="docutils literal"><span class="pre">psa_aead_set_nonce</span></code> (function)</h3>
+<p>Set the nonce for an authenticated encryption or decryption operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_aead_set_nonce" title="psa_aead_set_nonce">psa_aead_set_nonce</a>(<a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ const uint8_t * nonce,
+ size_t nonce_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active AEAD operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">nonce</span></code></dt>
+<dd>Buffer containing the nonce to use.</dd>
+<dt> <code class="docutils literal"><span class="pre">nonce_length</span></code></dt>
+<dd>Size of the nonce in bytes. This must be a valid nonce size for the chosen algorithm. The default nonce size is <a class="reference internal" href="#c.PSA_AEAD_NONCE_LENGTH" title="PSA_AEAD_NONCE_LENGTH"><code class="docutils literal"><span class="pre">PSA_AEAD_NONCE_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> and <code class="docutils literal"><span class="pre">alg</span></code> are type of key and the algorithm respectively that were used to set up the AEAD operation.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be active, with no nonce set.</li>
+<li>The operation state is not valid: this is an algorithm which requires <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a> to be called before setting the nonce.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">nonce_length</span></code> is not valid for the chosen algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">nonce_length</span></code> is not supported for use with the operation’s algorithm and key.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>This function sets the nonce for the authenticated encryption or decryption operation.</p>
+<p>The application must call <a class="reference internal" href="#c.psa_aead_encrypt_setup" title="psa_aead_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt_setup()</span></code></a> or <a class="reference internal" href="#c.psa_aead_decrypt_setup" title="psa_aead_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt_setup()</span></code></a> before calling this function. If applicable for the algorithm, the application must call <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a> before calling this function.</p>
+<p>If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_aead_abort" title="psa_aead_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_abort()</span></code></a>.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">When encrypting, <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a> is recommended instead of using this function, unless implementing a protocol that requires a non-random IV.</p>
+</div>
+</div>
+<div class="section" id="psa_aead_update_ad">
+<span id="c.psa_aead_update_ad"></span><h3><code class="docutils literal"><span class="pre">psa_aead_update_ad</span></code> (function)</h3>
+<p>Pass additional data to an active AEAD operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_aead_update_ad" title="psa_aead_update_ad">psa_aead_update_ad</a>(<a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ const uint8_t * input,
+ size_t input_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active AEAD operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">input</span></code></dt>
+<dd>Buffer containing the fragment of additional data.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">input</span></code> buffer in bytes.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd><p class="first">Success.</p>
+<div class="last admonition warning">
+<p class="first admonition-title">Warning</p>
+<p>When decrypting, do not trust the additional data until <a class="reference internal" href="#c.psa_aead_verify" title="psa_aead_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_verify()</span></code></a> succeeds.</p>
+<p class="last">See the <a class="reference internal" href="#aead-multi-part-warning"><span class="std std-ref">detailed warning</span></a>.</p>
+</div>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be active, have a nonce set, have lengths set if required by the algorithm, and <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a> must not have been called yet.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd>Excess additional data: the total input length to <a class="reference internal" href="#c.psa_aead_update_ad" title="psa_aead_update_ad"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update_ad()</span></code></a> is greater than the additional data length that was previously specified with <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a>, or is too large for the chosen AEAD algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd>The total additional data length is too large for the implementation.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>Additional data is authenticated, but not encrypted.</p>
+<p>This function can be called multiple times to pass successive fragments of the additional data. This function must not be called after passing data to encrypt or decrypt with <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a>.</p>
+<p>The following must occur before calling this function:</p>
+<ol class="arabic simple">
+<li>Call either <a class="reference internal" href="#c.psa_aead_encrypt_setup" title="psa_aead_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt_setup()</span></code></a> or <a class="reference internal" href="#c.psa_aead_decrypt_setup" title="psa_aead_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt_setup()</span></code></a>.</li>
+<li>Set the nonce with <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a> or <a class="reference internal" href="#c.psa_aead_set_nonce" title="psa_aead_set_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_nonce()</span></code></a>.</li>
+</ol>
+<p>If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_aead_abort" title="psa_aead_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_abort()</span></code></a>.</p>
+</div>
+<div class="section" id="psa_aead_update">
+<span id="c.psa_aead_update"></span><h3><code class="docutils literal"><span class="pre">psa_aead_update</span></code> (function)</h3>
+<p>Encrypt or decrypt a message fragment in an active AEAD operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update">psa_aead_update</a>(<a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ const uint8_t * input,
+ size_t input_length,
+ uint8_t * output,
+ size_t output_size,
+ size_t * output_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active AEAD operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">input</span></code></dt>
+<dd>Buffer containing the message fragment to encrypt or decrypt.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">input</span></code> buffer in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">output</span></code></dt>
+<dd>Buffer where the output is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">output_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">output</span></code> buffer in bytes. This must be appropriate for the selected algorithm and key:</p>
+<ul class="last simple">
+<li>A sufficient output size is <a class="reference internal" href="#c.PSA_AEAD_UPDATE_OUTPUT_SIZE" title="PSA_AEAD_UPDATE_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_UPDATE_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">input_length</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> is the type of key and <code class="docutils literal"><span class="pre">alg</span></code> is the algorithm that were used to set up the operation.</li>
+<li><a class="reference internal" href="#c.PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE" title="PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">input_length</span></code><code class="docutils literal"><span class="pre">)</span></code> evaluates to the maximum output size of any supported AEAD algorithm.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">output_length</span></code></dt>
+<dd>On success, the number of bytes that make up the returned output.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd><p class="first">Success.
+The first <code class="docutils literal"><span class="pre">(*output_length)</span></code> of <code class="docutils literal"><span class="pre">output</span></code> contains the output data.</p>
+<div class="last admonition warning">
+<p class="first admonition-title">Warning</p>
+<p>When decrypting, do not use the output until <a class="reference internal" href="#c.psa_aead_verify" title="psa_aead_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_verify()</span></code></a> succeeds.</p>
+<p class="last">See the <a class="reference internal" href="#aead-multi-part-warning"><span class="std std-ref">detailed warning</span></a>.</p>
+</div>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be active, have a nonce set, and have lengths set if required by the algorithm.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">output</span></code> buffer is too small. <a class="reference internal" href="#c.PSA_AEAD_UPDATE_OUTPUT_SIZE" title="PSA_AEAD_UPDATE_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_UPDATE_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE" title="PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE()</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>Incomplete additional data: the total length of input to <a class="reference internal" href="#c.psa_aead_update_ad" title="psa_aead_update_ad"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update_ad()</span></code></a> is less than the additional data length that was previously specified with <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a>.</li>
+<li>Excess input data: the total length of input to <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a> is greater than the plaintext length that was previously specified with <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a>, or is too large for the specific AEAD algorithm.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd>The total input length is too large for the implementation.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The following must occur before calling this function:</p>
+<ol class="arabic simple">
+<li>Call either <a class="reference internal" href="#c.psa_aead_encrypt_setup" title="psa_aead_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt_setup()</span></code></a> or <a class="reference internal" href="#c.psa_aead_decrypt_setup" title="psa_aead_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt_setup()</span></code></a>. The choice of setup function determines whether this function encrypts or decrypts its input.</li>
+<li>Set the nonce with <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a> or <a class="reference internal" href="#c.psa_aead_set_nonce" title="psa_aead_set_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_nonce()</span></code></a>.</li>
+<li>Call <a class="reference internal" href="#c.psa_aead_update_ad" title="psa_aead_update_ad"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update_ad()</span></code></a> to pass all the additional data.</li>
+</ol>
+<p>If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_aead_abort" title="psa_aead_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_abort()</span></code></a>.</p>
+<p>This function does not require the input to be aligned to any particular block boundary. If the implementation can only process a whole block at a time, it must consume all the input provided, but it might delay the end of the corresponding output until a subsequent call to <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a>, <a class="reference internal" href="#c.psa_aead_finish" title="psa_aead_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_finish()</span></code></a> or <a class="reference internal" href="#c.psa_aead_verify" title="psa_aead_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_verify()</span></code></a> provides sufficient input. The amount of data that can be delayed in this way is bounded by <a class="reference internal" href="#c.PSA_AEAD_UPDATE_OUTPUT_SIZE" title="PSA_AEAD_UPDATE_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_UPDATE_OUTPUT_SIZE()</span></code></a>.</p>
+</div>
+<div class="section" id="psa_aead_finish">
+<span id="c.psa_aead_finish"></span><h3><code class="docutils literal"><span class="pre">psa_aead_finish</span></code> (function)</h3>
+<p>Finish encrypting a message in an AEAD operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_aead_finish" title="psa_aead_finish">psa_aead_finish</a>(<a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ uint8_t * ciphertext,
+ size_t ciphertext_size,
+ size_t * ciphertext_length,
+ uint8_t * tag,
+ size_t tag_size,
+ size_t * tag_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active AEAD operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">ciphertext</span></code></dt>
+<dd>Buffer where the last part of the ciphertext is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">ciphertext_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">ciphertext</span></code> buffer in bytes. This must be appropriate for the selected algorithm and key:</p>
+<ul class="last simple">
+<li>A sufficient output size is <a class="reference internal" href="#c.PSA_AEAD_FINISH_OUTPUT_SIZE" title="PSA_AEAD_FINISH_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_FINISH_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> is the type of key and <code class="docutils literal"><span class="pre">alg</span></code> is the algorithm that were used to set up the operation.</li>
+<li><a class="reference internal" href="#c.PSA_AEAD_FINISH_OUTPUT_MAX_SIZE" title="PSA_AEAD_FINISH_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_FINISH_OUTPUT_MAX_SIZE</span></code></a> evaluates to the maximum output size of any supported AEAD algorithm.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">ciphertext_length</span></code></dt>
+<dd>On success, the number of bytes of returned ciphertext.</dd>
+<dt> <code class="docutils literal"><span class="pre">tag</span></code></dt>
+<dd>Buffer where the authentication tag is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">tag_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">tag</span></code> buffer in bytes.
+This must be appropriate for the selected algorithm and key:</p>
+<ul class="last simple">
+<li>The exact tag size is <a class="reference internal" href="#c.PSA_AEAD_TAG_LENGTH" title="PSA_AEAD_TAG_LENGTH"><code class="docutils literal"><span class="pre">PSA_AEAD_TAG_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">key_bits</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> and <code class="docutils literal"><span class="pre">key_bits</span></code> are the type and bit-size of the key, and <code class="docutils literal"><span class="pre">alg</span></code> is the algorithm that were used in the call to <a class="reference internal" href="#c.psa_aead_encrypt_setup" title="psa_aead_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt_setup()</span></code></a>.</li>
+<li><a class="reference internal" href="#c.PSA_AEAD_TAG_MAX_SIZE" title="PSA_AEAD_TAG_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_TAG_MAX_SIZE</span></code></a> evaluates to the maximum tag size of any supported AEAD algorithm.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">tag_length</span></code></dt>
+<dd>On success, the number of bytes that make up the returned tag.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*tag_length)</span></code> bytes of <code class="docutils literal"><span class="pre">tag</span></code> contain the authentication tag.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be an active encryption operation with a nonce set.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">ciphertext</span></code> or <code class="docutils literal"><span class="pre">tag</span></code> buffer is too small.
+<a class="reference internal" href="#c.PSA_AEAD_FINISH_OUTPUT_SIZE" title="PSA_AEAD_FINISH_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_FINISH_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_AEAD_FINISH_OUTPUT_MAX_SIZE" title="PSA_AEAD_FINISH_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_FINISH_OUTPUT_MAX_SIZE</span></code></a> can be used to determine the required <code class="docutils literal"><span class="pre">ciphertext</span></code> buffer size.
+<a class="reference internal" href="#c.PSA_AEAD_TAG_LENGTH" title="PSA_AEAD_TAG_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_TAG_LENGTH()</span></code></a> or <a class="reference internal" href="#c.PSA_AEAD_TAG_MAX_SIZE" title="PSA_AEAD_TAG_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_TAG_MAX_SIZE</span></code></a> can be used to determine the required <code class="docutils literal"><span class="pre">tag</span></code> buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>Incomplete additional data: the total length of input to <a class="reference internal" href="#c.psa_aead_update_ad" title="psa_aead_update_ad"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update_ad()</span></code></a> is less than the additional data length that was previously specified with <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a>.</li>
+<li>Incomplete plaintext: the total length of input to <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a> is less than the plaintext length that was previously specified with <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The operation must have been set up with <a class="reference internal" href="#c.psa_aead_encrypt_setup" title="psa_aead_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt_setup()</span></code></a>.</p>
+<p>This function finishes the authentication of the additional data formed by concatenating the inputs passed to preceding calls to <a class="reference internal" href="#c.psa_aead_update_ad" title="psa_aead_update_ad"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update_ad()</span></code></a> with the plaintext formed by concatenating the inputs passed to preceding calls to <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a>.</p>
+<p>This function has two output buffers:</p>
+<ul class="simple">
+<li><code class="docutils literal"><span class="pre">ciphertext</span></code> contains trailing ciphertext that was buffered from preceding calls to <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a>.</li>
+<li><code class="docutils literal"><span class="pre">tag</span></code> contains the authentication tag.</li>
+</ul>
+<p>When this function returns successfully, the operation becomes inactive. If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_aead_abort" title="psa_aead_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_abort()</span></code></a>.</p>
+</div>
+<div class="section" id="psa_aead_verify">
+<span id="c.psa_aead_verify"></span><h3><code class="docutils literal"><span class="pre">psa_aead_verify</span></code> (function)</h3>
+<p>Finish authenticating and decrypting a message in an AEAD operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_aead_verify" title="psa_aead_verify">psa_aead_verify</a>(<a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ uint8_t * plaintext,
+ size_t plaintext_size,
+ size_t * plaintext_length,
+ const uint8_t * tag,
+ size_t tag_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active AEAD operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">plaintext</span></code></dt>
+<dd>Buffer where the last part of the plaintext is to be written. This is the remaining data from previous calls to <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a> that could not be processed until the end of the input.</dd>
+<dt> <code class="docutils literal"><span class="pre">plaintext_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">plaintext</span></code> buffer in bytes. This must be appropriate for the selected algorithm and key:</p>
+<ul class="last simple">
+<li>A sufficient output size is <a class="reference internal" href="#c.PSA_AEAD_VERIFY_OUTPUT_SIZE" title="PSA_AEAD_VERIFY_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_VERIFY_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> is the type of key and <code class="docutils literal"><span class="pre">alg</span></code> is the algorithm that were used to set up the operation.</li>
+<li><a class="reference internal" href="#c.PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE" title="PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE</span></code></a> evaluates to the maximum output size of any supported AEAD algorithm.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">plaintext_length</span></code></dt>
+<dd>On success, the number of bytes of returned plaintext.</dd>
+<dt> <code class="docutils literal"><span class="pre">tag</span></code></dt>
+<dd>Buffer containing the expected authentication tag.</dd>
+<dt> <code class="docutils literal"><span class="pre">tag_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">tag</span></code> buffer in bytes.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+For a decryption operation, it is now safe to use the additional data and the plaintext output.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be an active decryption operation with a nonce set.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a></dt>
+<dd>The calculated authentication tag does not match the value in <code class="docutils literal"><span class="pre">tag</span></code>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">plaintext</span></code> buffer is too small. <a class="reference internal" href="#c.PSA_AEAD_VERIFY_OUTPUT_SIZE" title="PSA_AEAD_VERIFY_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_VERIFY_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE" title="PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>Incomplete additional data: the total length of input to <a class="reference internal" href="#c.psa_aead_update_ad" title="psa_aead_update_ad"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update_ad()</span></code></a> is less than the additional data length that was previously specified with <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a>.</li>
+<li>Incomplete ciphertext: the total length of input to <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a> is less than the plaintext length that was previously specified with <a class="reference internal" href="#c.psa_aead_set_lengths" title="psa_aead_set_lengths"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_set_lengths()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The operation must have been set up with <a class="reference internal" href="#c.psa_aead_decrypt_setup" title="psa_aead_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt_setup()</span></code></a>.</p>
+<p>This function finishes the authenticated decryption of the message components:</p>
+<ul class="simple">
+<li>The additional data consisting of the concatenation of the inputs passed to preceding calls to <a class="reference internal" href="#c.psa_aead_update_ad" title="psa_aead_update_ad"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update_ad()</span></code></a>.</li>
+<li>The ciphertext consisting of the concatenation of the inputs passed to preceding calls to <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a>.</li>
+<li>The tag passed to this function call.</li>
+</ul>
+<p>If the authentication tag is correct, this function outputs any remaining plaintext and reports success. If the authentication tag is not correct, this function returns <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a>.</p>
+<p>When this function returns successfully, the operation becomes inactive. If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_aead_abort" title="psa_aead_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_abort()</span></code></a>.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">Implementations must make the best effort to ensure that the comparison between the actual tag and the expected tag is performed in constant time.</p>
+</div>
+</div>
+<div class="section" id="psa_aead_abort">
+<span id="c.psa_aead_abort"></span><h3><code class="docutils literal"><span class="pre">psa_aead_abort</span></code> (function)</h3>
+<p>Abort an AEAD operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_aead_abort" title="psa_aead_abort">psa_aead_abort</a>(<a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Initialized AEAD operation.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The operation object can now be discarded or reused.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>Aborting an operation frees all associated resources except for the <code class="docutils literal"><span class="pre">operation</span></code> object itself. Once aborted, the operation object can be reused for another operation by calling <a class="reference internal" href="#c.psa_aead_encrypt_setup" title="psa_aead_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt_setup()</span></code></a> or <a class="reference internal" href="#c.psa_aead_decrypt_setup" title="psa_aead_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt_setup()</span></code></a> again.</p>
+<p>This function can be called any time after the operation object has been initialized as described in <a class="reference internal" href="#c.psa_aead_operation_t" title="psa_aead_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_aead_operation_t</span></code></a>.</p>
+<p>In particular, calling <a class="reference internal" href="#c.psa_aead_abort" title="psa_aead_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_abort()</span></code></a> after the operation has been terminated by a call to <a class="reference internal" href="#c.psa_aead_abort" title="psa_aead_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_abort()</span></code></a>, <a class="reference internal" href="#c.psa_aead_finish" title="psa_aead_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_finish()</span></code></a> or <a class="reference internal" href="#c.psa_aead_verify" title="psa_aead_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_verify()</span></code></a> is safe and has no effect.</p>
+</div>
+</div>
+<div class="section" id="support-macros">
+<h2>10.5.4. Support macros</h2>
+<div class="section" id="PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER">
+<span id="c.PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER</span></code> (macro)</h3>
+<p>Whether the specified algorithm is an AEAD mode on a block cipher.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER" title="PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER">PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is an AEAD algorithm which is an AEAD mode based on a block cipher, <code class="docutils literal"><span class="pre">0</span></code> otherwise.</p>
+<p>This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+</div>
+<div class="section" id="PSA_AEAD_ENCRYPT_OUTPUT_SIZE">
+<span id="c.PSA_AEAD_ENCRYPT_OUTPUT_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_AEAD_ENCRYPT_OUTPUT_SIZE</span></code> (macro)</h3>
+<p>A sufficient ciphertext buffer size for <a class="reference internal" href="#c.psa_aead_encrypt" title="psa_aead_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt()</span></code></a>, in bytes.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_AEAD_ENCRYPT_OUTPUT_SIZE" title="PSA_AEAD_ENCRYPT_OUTPUT_SIZE">PSA_AEAD_ENCRYPT_OUTPUT_SIZE</a>(key_type, alg, plaintext_length) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>A symmetric key type that is compatible with algorithm <code class="docutils literal"><span class="pre">alg</span></code>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An AEAD algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD"><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">plaintext_length</span></code></dt>
+<dd>Size of the plaintext in bytes.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The AEAD ciphertext size for the specified key type and algorithm. If the key type or AEAD algorithm is not recognized, or the parameters are incompatible, return <code class="docutils literal"><span class="pre">0</span></code>. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or a correct size for a key type and AEAD algorithm that it recognizes, but does not support.</p>
+<p class="rubric">Description</p>
+<p>If the size of the ciphertext buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_aead_encrypt" title="psa_aead_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt()</span></code></a> will not fail due to an insufficient buffer size. Depending on the algorithm, the actual size of the ciphertext might be smaller.</p>
+<p>See also <a class="reference internal" href="#c.PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE">
+<span id="c.PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE</span></code> (macro)</h3>
+<p>A sufficient ciphertext buffer size for <a class="reference internal" href="#c.psa_aead_encrypt" title="psa_aead_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt()</span></code></a>, for any of the supported key types and AEAD algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE">PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE</a>(plaintext_length) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">plaintext_length</span></code></dt>
+<dd>Size of the plaintext in bytes.</dd>
+</dl>
+<p class="rubric">Description</p>
+<p>If the size of the ciphertext buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_aead_encrypt" title="psa_aead_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_encrypt()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_AEAD_ENCRYPT_OUTPUT_SIZE" title="PSA_AEAD_ENCRYPT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_ENCRYPT_OUTPUT_SIZE()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_AEAD_DECRYPT_OUTPUT_SIZE">
+<span id="c.PSA_AEAD_DECRYPT_OUTPUT_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_AEAD_DECRYPT_OUTPUT_SIZE</span></code> (macro)</h3>
+<p>A sufficient plaintext buffer size for <a class="reference internal" href="#c.psa_aead_decrypt" title="psa_aead_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt()</span></code></a>, in bytes.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_AEAD_DECRYPT_OUTPUT_SIZE" title="PSA_AEAD_DECRYPT_OUTPUT_SIZE">PSA_AEAD_DECRYPT_OUTPUT_SIZE</a>(key_type, alg, ciphertext_length) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>A symmetric key type that is compatible with algorithm <code class="docutils literal"><span class="pre">alg</span></code>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An AEAD algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD"><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">ciphertext_length</span></code></dt>
+<dd>Size of the ciphertext in bytes.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The AEAD plaintext size for the specified key type and algorithm. If the key type or AEAD algorithm is not recognized, or the parameters are incompatible, return <code class="docutils literal"><span class="pre">0</span></code>. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or a correct size for a key type and AEAD algorithm that it recognizes, but does not support.</p>
+<p class="rubric">Description</p>
+<p>If the size of the plaintext buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_aead_decrypt" title="psa_aead_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt()</span></code></a> will not fail due to an insufficient buffer size. Depending on the algorithm, the actual size of the plaintext might be smaller.</p>
+<p>See also <a class="reference internal" href="#c.PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE">
+<span id="c.PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE</span></code> (macro)</h3>
+<p>A sufficient plaintext buffer size for <a class="reference internal" href="#c.psa_aead_decrypt" title="psa_aead_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt()</span></code></a>, for any of the supported key types and AEAD algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE">PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE</a>(ciphertext_length) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">ciphertext_length</span></code></dt>
+<dd>Size of the ciphertext in bytes.</dd>
+</dl>
+<p class="rubric">Description</p>
+<p>If the size of the plaintext buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_aead_decrypt" title="psa_aead_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_decrypt()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_AEAD_DECRYPT_OUTPUT_SIZE" title="PSA_AEAD_DECRYPT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_DECRYPT_OUTPUT_SIZE()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_AEAD_NONCE_LENGTH">
+<span id="c.PSA_AEAD_NONCE_LENGTH"></span><h3><code class="docutils literal"><span class="pre">PSA_AEAD_NONCE_LENGTH</span></code> (macro)</h3>
+<p>The default nonce size for an AEAD algorithm, in bytes.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_AEAD_NONCE_LENGTH" title="PSA_AEAD_NONCE_LENGTH">PSA_AEAD_NONCE_LENGTH</a>(key_type, alg) <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>A symmetric key type that is compatible with algorithm <code class="docutils literal"><span class="pre">alg</span></code>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An AEAD algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD"><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The default nonce size for the specified key type and algorithm. If the key type or AEAD algorithm is not recognized, or the parameters are incompatible, return <code class="docutils literal"><span class="pre">0</span></code>. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or a correct size for a key type and AEAD algorithm that it recognizes, but does not support.</p>
+<p class="rubric">Description</p>
+<p>If the size of the nonce buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>For most AEAD algorithms, <a class="reference internal" href="#c.PSA_AEAD_NONCE_LENGTH" title="PSA_AEAD_NONCE_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_NONCE_LENGTH()</span></code></a> evaluates to the exact size of the nonce generated by <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a>.</p>
+<p>See also <a class="reference internal" href="#c.PSA_AEAD_NONCE_MAX_SIZE" title="PSA_AEAD_NONCE_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_NONCE_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_AEAD_NONCE_MAX_SIZE">
+<span id="c.PSA_AEAD_NONCE_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_AEAD_NONCE_MAX_SIZE</span></code> (macro)</h3>
+<p>A sufficient buffer size for storing the nonce generated by <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a>, for any of the supported key types and AEAD algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_AEAD_NONCE_MAX_SIZE" title="PSA_AEAD_NONCE_MAX_SIZE">PSA_AEAD_NONCE_MAX_SIZE</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>If the size of the nonce buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_AEAD_NONCE_LENGTH" title="PSA_AEAD_NONCE_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_NONCE_LENGTH()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_AEAD_UPDATE_OUTPUT_SIZE">
+<span id="c.PSA_AEAD_UPDATE_OUTPUT_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_AEAD_UPDATE_OUTPUT_SIZE</span></code> (macro)</h3>
+<p>A sufficient output buffer size for <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a>.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_AEAD_UPDATE_OUTPUT_SIZE" title="PSA_AEAD_UPDATE_OUTPUT_SIZE">PSA_AEAD_UPDATE_OUTPUT_SIZE</a>(key_type, alg, input_length) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>A symmetric key type that is compatible with algorithm <code class="docutils literal"><span class="pre">alg</span></code>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An AEAD algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD"><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the input in bytes.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>A sufficient output buffer size for the specified key type and algorithm. If the key type or AEAD algorithm is not recognized, or the parameters are incompatible, return <code class="docutils literal"><span class="pre">0</span></code>. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or a correct size for a key type and AEAD algorithm that it recognizes, but does not support.</p>
+<p class="rubric">Description</p>
+<p>If the size of the output buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a> will not fail due to an insufficient buffer size. The actual size of the output might be smaller in any given call.</p>
+<p>See also <a class="reference internal" href="#c.PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE" title="PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE">
+<span id="c.PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE</span></code> (macro)</h3>
+<p>A sufficient output buffer size for <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a>, for any of the supported key types and AEAD algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE" title="PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE">PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE</a>(input_length) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the input in bytes.</dd>
+</dl>
+<p class="rubric">Description</p>
+<p>If the size of the output buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_AEAD_UPDATE_OUTPUT_SIZE" title="PSA_AEAD_UPDATE_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_UPDATE_OUTPUT_SIZE()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_AEAD_FINISH_OUTPUT_SIZE">
+<span id="c.PSA_AEAD_FINISH_OUTPUT_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_AEAD_FINISH_OUTPUT_SIZE</span></code> (macro)</h3>
+<p>A sufficient ciphertext buffer size for <a class="reference internal" href="#c.psa_aead_finish" title="psa_aead_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_finish()</span></code></a>.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_AEAD_FINISH_OUTPUT_SIZE" title="PSA_AEAD_FINISH_OUTPUT_SIZE">PSA_AEAD_FINISH_OUTPUT_SIZE</a>(key_type, alg) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>A symmetric key type that is compatible with algorithm <code class="docutils literal"><span class="pre">alg</span></code>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An AEAD algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD"><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>A sufficient ciphertext buffer size for the specified key type and algorithm. If the key type or AEAD algorithm is not recognized, or the parameters are incompatible, return <code class="docutils literal"><span class="pre">0</span></code>. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or a correct size for a key type and AEAD algorithm that it recognizes, but does not support.</p>
+<p class="rubric">Description</p>
+<p>If the size of the ciphertext buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_aead_finish" title="psa_aead_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_finish()</span></code></a> will not fail due to an insufficient ciphertext buffer size. The actual size of the output might be smaller in any given call.</p>
+<p>See also <a class="reference internal" href="#c.PSA_AEAD_FINISH_OUTPUT_MAX_SIZE" title="PSA_AEAD_FINISH_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_FINISH_OUTPUT_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_AEAD_FINISH_OUTPUT_MAX_SIZE">
+<span id="c.PSA_AEAD_FINISH_OUTPUT_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_AEAD_FINISH_OUTPUT_MAX_SIZE</span></code> (macro)</h3>
+<p>A sufficient ciphertext buffer size for <a class="reference internal" href="#c.psa_aead_finish" title="psa_aead_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_finish()</span></code></a>, for any of the supported key types and AEAD algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_AEAD_FINISH_OUTPUT_MAX_SIZE" title="PSA_AEAD_FINISH_OUTPUT_MAX_SIZE">PSA_AEAD_FINISH_OUTPUT_MAX_SIZE</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>If the size of the ciphertext buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_aead_finish" title="psa_aead_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_finish()</span></code></a> will not fail due to an insufficient ciphertext buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_AEAD_FINISH_OUTPUT_SIZE" title="PSA_AEAD_FINISH_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_FINISH_OUTPUT_SIZE()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_AEAD_TAG_LENGTH">
+<span id="c.PSA_AEAD_TAG_LENGTH"></span><h3><code class="docutils literal"><span class="pre">PSA_AEAD_TAG_LENGTH</span></code> (macro)</h3>
+<p>The length of a tag for an AEAD algorithm, in bytes.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_AEAD_TAG_LENGTH" title="PSA_AEAD_TAG_LENGTH">PSA_AEAD_TAG_LENGTH</a>(key_type, key_bits, alg) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>The type of the AEAD key.</dd>
+<dt> <code class="docutils literal"><span class="pre">key_bits</span></code></dt>
+<dd>The size of the AEAD key in bits.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An AEAD algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD"><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The tag length for the specified algorithm and key.
+If the AEAD algorithm does not have an identified tag that can be distinguished from the rest of the ciphertext, return <code class="docutils literal"><span class="pre">0</span></code>. If the AEAD algorithm is not recognized, return <code class="docutils literal"><span class="pre">0</span></code>. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or a correct size for an AEAD algorithm that it recognizes, but does not support.</p>
+<p class="rubric">Description</p>
+<p>This is the size of the tag output from <a class="reference internal" href="#c.psa_aead_finish" title="psa_aead_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_finish()</span></code></a>.</p>
+<p>If the size of the tag buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_aead_finish" title="psa_aead_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_finish()</span></code></a> will not fail due to an insufficient tag buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_AEAD_TAG_MAX_SIZE" title="PSA_AEAD_TAG_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_TAG_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_AEAD_TAG_MAX_SIZE">
+<span id="c.PSA_AEAD_TAG_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_AEAD_TAG_MAX_SIZE</span></code> (macro)</h3>
+<p>A sufficient buffer size for storing the tag output by <a class="reference internal" href="#c.psa_aead_finish" title="psa_aead_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_finish()</span></code></a>, for any of the supported key types and AEAD algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_AEAD_TAG_MAX_SIZE" title="PSA_AEAD_TAG_MAX_SIZE">PSA_AEAD_TAG_MAX_SIZE</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>If the size of the tag buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_aead_finish" title="psa_aead_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_finish()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_AEAD_TAG_LENGTH" title="PSA_AEAD_TAG_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_TAG_LENGTH()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_AEAD_VERIFY_OUTPUT_SIZE">
+<span id="c.PSA_AEAD_VERIFY_OUTPUT_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_AEAD_VERIFY_OUTPUT_SIZE</span></code> (macro)</h3>
+<p>A sufficient plaintext buffer size for <a class="reference internal" href="#c.psa_aead_verify" title="psa_aead_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_verify()</span></code></a>, in bytes.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_AEAD_VERIFY_OUTPUT_SIZE" title="PSA_AEAD_VERIFY_OUTPUT_SIZE">PSA_AEAD_VERIFY_OUTPUT_SIZE</a>(key_type, alg) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>A symmetric key type that is compatible with algorithm <code class="docutils literal"><span class="pre">alg</span></code>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An AEAD algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD"><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>A sufficient plaintext buffer size for the specified key type and algorithm. If the key type or AEAD algorithm is not recognized, or the parameters are incompatible, return <code class="docutils literal"><span class="pre">0</span></code>. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or a correct size for a key type and AEAD algorithm that it recognizes, but does not support.</p>
+<p class="rubric">Description</p>
+<p>If the size of the plaintext buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_aead_verify" title="psa_aead_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_verify()</span></code></a> will not fail due to an insufficient plaintext buffer size. The actual size of the output might be smaller in any given call.</p>
+<p>See also <a class="reference internal" href="#c.PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE" title="PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE">
+<span id="c.PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE</span></code> (macro)</h3>
+<p>A sufficient plaintext buffer size for <a class="reference internal" href="#c.psa_aead_verify" title="psa_aead_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_verify()</span></code></a>, for any of the supported key types and AEAD algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE" title="PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE">PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>If the size of the plaintext buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_aead_verify" title="psa_aead_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_verify()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_AEAD_VERIFY_OUTPUT_SIZE" title="PSA_AEAD_VERIFY_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_VERIFY_OUTPUT_SIZE()</span></code></a>.</p>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">10. Cryptographic operation reference</a><ul class="current">
+<li class="toctree-l2"><a class="reference internal" href="algorithms.html">10.1. Algorithms</a></li>
+<li class="toctree-l2"><a class="reference internal" href="hashes.html">10.2. Message digests (Hashes)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="macs.html">10.3. Message authentication codes (MAC)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ciphers.html">10.4. Unauthenticated ciphers</a></li>
+<li class="toctree-l2 current"><a class="current reference internal" href="#">10.5. Authenticated encryption with associated data (AEAD)</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#aead-algorithms">10.5.1. AEAD algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#single-part-aead-functions">10.5.2. Single-part AEAD functions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#multi-part-aead-operations">10.5.3. Multi-part AEAD operations</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#support-macros">10.5.4. Support macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="kdf.html">10.6. Key derivation</a></li>
+<li class="toctree-l2"><a class="reference internal" href="sign.html">10.7. Asymmetric signature</a></li>
+<li class="toctree-l2"><a class="reference internal" href="pke.html">10.8. Asymmetric encryption</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ka.html">10.9. Key agreement</a></li>
+<li class="toctree-l2"><a class="reference internal" href="rng.html">10.10. Other cryptographic services</a></li>
+</ul>
+</li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/ops/algorithms.html b/docs/1.1.0/html/api/ops/algorithms.html
new file mode 100644
index 0000000..7373bb0
--- /dev/null
+++ b/docs/1.1.0/html/api/ops/algorithms.html
@@ -0,0 +1,354 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>10.1. Algorithms — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="10.2. Message digests (Hashes)" href="hashes.html" />
+ <link rel="prev" title="10. Cryptographic operation reference" href="index.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="algorithms">
+<span id="id1"></span><h1>10.1. Algorithms</h1>
+<p>This specification encodes algorithms into a structured 32-bit integer value.</p>
+<p>Algorithm identifiers are used for two purposes in this API:</p>
+<ol class="arabic simple">
+<li>To specify a specific algorithm to use in a cryptographic operation. These are all defined in <a class="reference internal" href="index.html#crypto-operations"><span class="secref">Cryptographic operation reference</span></a>.</li>
+<li>To specify the policy for a key, identifying the permitted algorithm for use with the key. This use is described in <a class="reference internal" href="../keys/policy.html#key-policy"><span class="secref">Key policies</span></a>.</li>
+</ol>
+<p>The specific algorithm identifiers are described alongside the cryptographic operation functions to which they apply:</p>
+<ul class="simple">
+<li><a class="reference internal" href="hashes.html#hash-algorithms"><span class="secref">Hash algorithms</span></a></li>
+<li><a class="reference internal" href="macs.html#mac-algorithms"><span class="secref">MAC algorithms</span></a></li>
+<li><a class="reference internal" href="ciphers.html#cipher-algorithms"><span class="secref">Cipher algorithms</span></a></li>
+<li><a class="reference internal" href="aead.html#aead-algorithms"><span class="secref">AEAD algorithms</span></a></li>
+<li><a class="reference internal" href="kdf.html#key-derivation-algorithms"><span class="secref">Key derivation algorithms</span></a></li>
+<li><a class="reference internal" href="sign.html#sign-algorithms"><span class="secref">Asymmetric signature algorithms</span></a></li>
+<li><a class="reference internal" href="pke.html#asymmetric-encryption-algorithms"><span class="secref">Asymmetric encryption algorithms</span></a></li>
+<li><a class="reference internal" href="ka.html#key-agreement-algorithms"><span class="secref">Key agreement algorithms</span></a></li>
+</ul>
+<div class="section" id="algorithm-encoding">
+<h2>10.1.1. Algorithm encoding</h2>
+<div class="section" id="psa_algorithm_t">
+<span id="c.psa_algorithm_t"></span><h3><code class="docutils literal"><span class="pre">psa_algorithm_t</span></code> (type)</h3>
+<p>Encoding of a cryptographic algorithm.</p>
+<pre class="literal-block">
+typedef uint32_t <a class="reference internal" href="#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>;
+</pre>
+<p>This is a structured bitfield that identifies the category and type of algorithm. The range of algorithm identifier values is divided as follows:</p>
+<dl class="docutils">
+<dt><code class="docutils literal"><span class="pre">0</span></code><code class="docutils literal"><span class="pre">x00000000</span></code></dt>
+<dd>Reserved as an invalid algorithm identifier.</dd>
+<dt><code class="docutils literal"><span class="pre">0</span></code><code class="docutils literal"><span class="pre">x00000001</span></code><code class="docutils literal"> <span class="pre">–</span> <span class="pre">0</span></code><code class="docutils literal"><span class="pre">x7fffffff</span></code></dt>
+<dd>Specification-defined algorithm identifiers.
+Algorithm identifiers defined by this standard always have bit 31 clear.
+Unallocated algorithm identifier values in this range are reserved for future use.</dd>
+<dt><code class="docutils literal"><span class="pre">0</span></code><code class="docutils literal"><span class="pre">x80000000</span></code><code class="docutils literal"> <span class="pre">–</span> <span class="pre">0</span></code><code class="docutils literal"><span class="pre">xffffffff</span></code></dt>
+<dd>Implementation-defined algorithm identifiers.
+Implementations that define additional algorithms must use an encoding with bit 31 set.
+The related support macros will be easier to write if these algorithm identifier encodings also respect the bitwise structure used by standard encodings.</dd>
+</dl>
+<p>For algorithms that can be applied to multiple key types, this identifier does not encode the key type. For example, for symmetric ciphers based on a block cipher, <a class="reference internal" href="#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> encodes the block cipher mode and the padding mode while the block cipher itself is encoded via <a class="reference internal" href="../keys/types.html#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a>.</p>
+<p>The <a class="reference internal" href="../../appendix/encodings.html#appendix-encodings"><span class="secref">Algorithm and key type encoding</span></a> appendix provides a full definition of the algorithm identifier encoding.</p>
+</div>
+<div class="section" id="PSA_ALG_NONE">
+<span id="c.PSA_ALG_NONE"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_NONE</span></code> (macro)</h3>
+<p>An invalid algorithm identifier value.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_NONE" title="PSA_ALG_NONE">PSA_ALG_NONE</a> ((<a class="reference internal" href="#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0)
+</pre>
+<p>Zero is not the encoding of any algorithm.</p>
+</div>
+</div>
+<div class="section" id="algorithm-categories">
+<h2>10.1.2. Algorithm categories</h2>
+<div class="section" id="PSA_ALG_IS_HASH">
+<span id="c.PSA_ALG_IS_HASH"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code> (macro)</h3>
+<p>Whether the specified algorithm is a hash algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH">PSA_ALG_IS_HASH</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a hash algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>See <a class="reference internal" href="hashes.html#hash-algorithms"><span class="secref">Hash algorithms</span></a> for a list of defined hash algorithms.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_MAC">
+<span id="c.PSA_ALG_IS_MAC"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_MAC</span></code> (macro)</h3>
+<p>Whether the specified algorithm is a MAC algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC">PSA_ALG_IS_MAC</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a MAC algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>See <a class="reference internal" href="macs.html#mac-algorithms"><span class="secref">MAC algorithms</span></a> for a list of defined MAC algorithms.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_CIPHER">
+<span id="c.PSA_ALG_IS_CIPHER"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_CIPHER</span></code> (macro)</h3>
+<p>Whether the specified algorithm is a symmetric cipher algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_CIPHER" title="PSA_ALG_IS_CIPHER">PSA_ALG_IS_CIPHER</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a symmetric cipher algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>See <a class="reference internal" href="ciphers.html#cipher-algorithms"><span class="secref">Cipher algorithms</span></a> for a list of defined cipher algorithms.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_AEAD">
+<span id="c.PSA_ALG_IS_AEAD"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD</span></code> (macro)</h3>
+<p>Whether the specified algorithm is an authenticated encryption with associated data (AEAD) algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD">PSA_ALG_IS_AEAD</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is an AEAD algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>See <a class="reference internal" href="aead.html#aead-algorithms"><span class="secref">AEAD algorithms</span></a> for a list of defined AEAD algorithms.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_SIGN">
+<span id="c.PSA_ALG_IS_SIGN"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_SIGN</span></code> (macro)</h3>
+<p>Whether the specified algorithm is an asymmetric signature algorithm, also known as public-key signature algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_SIGN" title="PSA_ALG_IS_SIGN">PSA_ALG_IS_SIGN</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is an asymmetric signature algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>See <a class="reference internal" href="sign.html#sign-algorithms"><span class="secref">Asymmetric signature algorithms</span></a> for a list of defined signature algorithms.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_ASYMMETRIC_ENCRYPTION">
+<span id="c.PSA_ALG_IS_ASYMMETRIC_ENCRYPTION"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_ASYMMETRIC_ENCRYPTION</span></code> (macro)</h3>
+<p>Whether the specified algorithm is an asymmetric encryption algorithm, also known as public-key encryption algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_ASYMMETRIC_ENCRYPTION" title="PSA_ALG_IS_ASYMMETRIC_ENCRYPTION">PSA_ALG_IS_ASYMMETRIC_ENCRYPTION</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is an asymmetric encryption algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>See <a class="reference internal" href="pke.html#asymmetric-encryption-algorithms"><span class="secref">Asymmetric encryption algorithms</span></a> for a list of defined asymmetric encryption algorithms.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_KEY_AGREEMENT">
+<span id="c.PSA_ALG_IS_KEY_AGREEMENT"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_KEY_AGREEMENT</span></code> (macro)</h3>
+<p>Whether the specified algorithm is a key agreement algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_KEY_AGREEMENT" title="PSA_ALG_IS_KEY_AGREEMENT">PSA_ALG_IS_KEY_AGREEMENT</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a key agreement algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>See <a class="reference internal" href="ka.html#key-agreement-algorithms"><span class="secref">Key agreement algorithms</span></a> for a list of defined key agreement algorithms.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_KEY_DERIVATION">
+<span id="c.PSA_ALG_IS_KEY_DERIVATION"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_KEY_DERIVATION</span></code> (macro)</h3>
+<p>Whether the specified algorithm is a key derivation algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_KEY_DERIVATION" title="PSA_ALG_IS_KEY_DERIVATION">PSA_ALG_IS_KEY_DERIVATION</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a key derivation algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>See <a class="reference internal" href="kdf.html#key-derivation-algorithms"><span class="secref">Key derivation algorithms</span></a> for a list of defined key derivation algorithms.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_WILDCARD">
+<span id="c.PSA_ALG_IS_WILDCARD"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_WILDCARD</span></code> (macro)</h3>
+<p>Whether the specified algorithm encoding is a wildcard.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_WILDCARD" title="PSA_ALG_IS_WILDCARD">PSA_ALG_IS_WILDCARD</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a wildcard algorithm encoding.</p>
+<p><code class="docutils literal"><span class="pre">0</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a non-wildcard algorithm encoding that is suitable for an operation.</p>
+<p>This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>Wildcard algorithm values can only be used to set the permitted algorithm field in a key policy, wildcard values cannot be used to perform an operation.</p>
+<p>See <a class="reference internal" href="sign.html#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a> for example of how a wildcard algorithm can be used in a key policy.</p>
+</div>
+<div class="section" id="PSA_ALG_GET_HASH">
+<span id="c.PSA_ALG_GET_HASH"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_GET_HASH</span></code> (macro)</h3>
+<p>Get the hash used by a composite algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_GET_HASH" title="PSA_ALG_GET_HASH">PSA_ALG_GET_HASH</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The underlying hash algorithm if <code class="docutils literal"><span class="pre">alg</span></code> is a composite algorithm that uses a hash algorithm.</p>
+<p><a class="reference internal" href="#c.PSA_ALG_NONE" title="PSA_ALG_NONE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_NONE</span></code></a> if <code class="docutils literal"><span class="pre">alg</span></code> is not a composite algorithm that uses a hash.</p>
+<p class="rubric">Description</p>
+<p>The following composite algorithms require a hash algorithm:</p>
+<ul class="simple">
+<li><a class="reference internal" href="sign.html#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA()</span></code></a></li>
+<li><a class="reference internal" href="kdf.html#c.PSA_ALG_HKDF" title="PSA_ALG_HKDF"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_HKDF()</span></code></a></li>
+<li><a class="reference internal" href="macs.html#c.PSA_ALG_HMAC" title="PSA_ALG_HMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_HMAC()</span></code></a></li>
+<li><a class="reference internal" href="pke.html#c.PSA_ALG_RSA_OAEP" title="PSA_ALG_RSA_OAEP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_OAEP()</span></code></a></li>
+<li><a class="reference internal" href="sign.html#c.PSA_ALG_IS_RSA_PKCS1V15_SIGN" title="PSA_ALG_IS_RSA_PKCS1V15_SIGN"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_RSA_PKCS1V15_SIGN()</span></code></a></li>
+<li><a class="reference internal" href="sign.html#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS()</span></code></a></li>
+<li><a class="reference internal" href="sign.html#c.PSA_ALG_RSA_PSS_ANY_SALT" title="PSA_ALG_RSA_PSS_ANY_SALT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS_ANY_SALT()</span></code></a></li>
+<li><a class="reference internal" href="kdf.html#c.PSA_ALG_TLS12_PRF" title="PSA_ALG_TLS12_PRF"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_TLS12_PRF()</span></code></a></li>
+<li><a class="reference internal" href="kdf.html#c.PSA_ALG_TLS12_PSK_TO_MS" title="PSA_ALG_TLS12_PSK_TO_MS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_TLS12_PSK_TO_MS()</span></code></a></li>
+<li><a class="reference internal" href="kdf.html#c.PSA_ALG_PBKDF2_HMAC" title="PSA_ALG_PBKDF2_HMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_PBKDF2_HMAC()</span></code></a></li>
+</ul>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">10. Cryptographic operation reference</a><ul class="current">
+<li class="toctree-l2 current"><a class="current reference internal" href="#">10.1. Algorithms</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#algorithm-encoding">10.1.1. Algorithm encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#algorithm-categories">10.1.2. Algorithm categories</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="hashes.html">10.2. Message digests (Hashes)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="macs.html">10.3. Message authentication codes (MAC)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ciphers.html">10.4. Unauthenticated ciphers</a></li>
+<li class="toctree-l2"><a class="reference internal" href="aead.html">10.5. Authenticated encryption with associated data (AEAD)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="kdf.html">10.6. Key derivation</a></li>
+<li class="toctree-l2"><a class="reference internal" href="sign.html">10.7. Asymmetric signature</a></li>
+<li class="toctree-l2"><a class="reference internal" href="pke.html">10.8. Asymmetric encryption</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ka.html">10.9. Key agreement</a></li>
+<li class="toctree-l2"><a class="reference internal" href="rng.html">10.10. Other cryptographic services</a></li>
+</ul>
+</li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/ops/ciphers.html b/docs/1.1.0/html/api/ops/ciphers.html
new file mode 100644
index 0000000..509bd73
--- /dev/null
+++ b/docs/1.1.0/html/api/ops/ciphers.html
@@ -0,0 +1,1231 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>10.4. Unauthenticated ciphers — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="10.5. Authenticated encryption with associated data (AEAD)" href="aead.html" />
+ <link rel="prev" title="10.3. Message authentication codes (MAC)" href="macs.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="unauthenticated-ciphers">
+<span id="ciphers"></span><h1>10.4. Unauthenticated ciphers</h1>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p>The unauthenticated cipher API is provided to implement legacy protocols and for use cases where the data integrity and authenticity is guaranteed by non-cryptographic means.</p>
+<p class="last">It is recommended that newer protocols use <a class="reference internal" href="aead.html#aead"><span class="secref">Authenticated encryption with associated data (AEAD)</span></a>.</p>
+</div>
+<p>The single-part functions for encrypting or decrypting a message using an unauthenticated symmetric cipher are:</p>
+<ul class="simple">
+<li><a class="reference internal" href="#c.psa_cipher_encrypt" title="psa_cipher_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt()</span></code></a> to encrypt a message using an unauthenticated symmetric cipher. The encryption function generates a random initialization vector (IV). Use the multi-part API to provide a deterministic IV: this is not secure in general, but can be secure in some conditions that depend on the algorithm.</li>
+<li><a class="reference internal" href="#c.psa_cipher_decrypt" title="psa_cipher_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt()</span></code></a> to decrypt a message using an unauthenticated symmetric cipher.</li>
+</ul>
+<p>The <a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_cipher_operation_t</span></code></a> <a class="reference internal" href="../../overview/functionality.html#multi-part-operations"><span class="std std-ref">multi-part operation</span></a> permits alternative initialization parameters and allows messages to be processed in fragments. A multi-part cipher operation is used as follows:</p>
+<ol class="arabic simple">
+<li>Initialize the <a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_cipher_operation_t</span></code></a> object to zero, or by assigning the value of the associated macro <a class="reference internal" href="#c.PSA_CIPHER_OPERATION_INIT" title="PSA_CIPHER_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_OPERATION_INIT</span></code></a>.</li>
+<li>Call <a class="reference internal" href="#c.psa_cipher_encrypt_setup" title="psa_cipher_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt_setup()</span></code></a> or <a class="reference internal" href="#c.psa_cipher_decrypt_setup" title="psa_cipher_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt_setup()</span></code></a> to specify the algorithm and key.</li>
+<li>Provide additional parameters:<ul>
+<li>When encrypting data, generate or set an IV, nonce, or similar initial value such as an initial counter value. To generate a random IV, which is recommended in most protocols, call <a class="reference internal" href="#c.psa_cipher_generate_iv" title="psa_cipher_generate_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_generate_iv()</span></code></a>. To set the IV, call <a class="reference internal" href="#c.psa_cipher_set_iv" title="psa_cipher_set_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_set_iv()</span></code></a>.</li>
+<li>When decrypting, set the IV or nonce. To set the IV, call <a class="reference internal" href="#c.psa_cipher_set_iv" title="psa_cipher_set_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_set_iv()</span></code></a>.</li>
+</ul>
+</li>
+<li>Call the <a class="reference internal" href="#c.psa_cipher_update" title="psa_cipher_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_update()</span></code></a> function on successive chunks of the message.</li>
+<li>Call <a class="reference internal" href="#c.psa_cipher_finish" title="psa_cipher_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_finish()</span></code></a> to complete the operation and return any final output.</li>
+</ol>
+<p>To abort the operation or recover from an error, call <a class="reference internal" href="#c.psa_cipher_abort" title="psa_cipher_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_abort()</span></code></a>.</p>
+<div class="section" id="cipher-algorithms">
+<span id="id1"></span><h2>10.4.1. Cipher algorithms</h2>
+<div class="section" id="PSA_ALG_STREAM_CIPHER">
+<span id="c.PSA_ALG_STREAM_CIPHER"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_STREAM_CIPHER</span></code> (macro)</h3>
+<p>The stream cipher mode of a stream cipher algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_STREAM_CIPHER" title="PSA_ALG_STREAM_CIPHER">PSA_ALG_STREAM_CIPHER</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x04800100)
+</pre>
+<p>The underlying stream cipher is determined by the key type. The ARC4 and ChaCha20 ciphers use this algorithm identifier.</p>
+<p class="rubric">ARC4</p>
+<p>To use ARC4, use a key type of <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ARC4" title="PSA_KEY_TYPE_ARC4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARC4</span></code></a> and algorithm id <a class="reference internal" href="#c.PSA_ALG_STREAM_CIPHER" title="PSA_ALG_STREAM_CIPHER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_STREAM_CIPHER</span></code></a>.</p>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">The ARC4 cipher is weak and deprecated and is only recommended for use in legacy protocols.</p>
+</div>
+<p>The ARC4 cipher does not use an initialization vector (IV). When using a multi-part cipher operation with the <a class="reference internal" href="#c.PSA_ALG_STREAM_CIPHER" title="PSA_ALG_STREAM_CIPHER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_STREAM_CIPHER</span></code></a> algorithm and an ARC4 key, <a class="reference internal" href="#c.psa_cipher_generate_iv" title="psa_cipher_generate_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_generate_iv()</span></code></a> and <a class="reference internal" href="#c.psa_cipher_set_iv" title="psa_cipher_set_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_set_iv()</span></code></a> must not be called.</p>
+<p class="rubric">ChaCha20</p>
+<p>To use ChaCha20, use a key type of <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_CHACHA20" title="PSA_KEY_TYPE_CHACHA20"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CHACHA20</span></code></a> and algorithm id <a class="reference internal" href="#c.PSA_ALG_STREAM_CIPHER" title="PSA_ALG_STREAM_CIPHER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_STREAM_CIPHER</span></code></a>.</p>
+<p>Implementations must support the variant that is defined in <span><em>ChaCha20 and Poly1305 for IETF Protocols</em> <a class="reference internal" href="../../about.html#citation-rfc7539"><span class="cite">[RFC7539]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc7539.html#section-2.4">§2.4</a>, which has a 96-bit nonce and a 32-bit counter. Implementations can optionally also support the original variant, as defined in <span><em>ChaCha, a variant of Salsa20</em> <a class="reference internal" href="../../about.html#citation-chacha20"><span class="cite">[CHACHA20]</span></a></span>, which has a 64-bit nonce and a 64-bit counter. Except where noted, the <a class="reference internal" href="../../about.html#citation-rfc7539"><span class="cite">[RFC7539]</span></a> variant must be used.</p>
+<p>ChaCha20 defines a nonce and an initial counter to be provided to the encryption and decryption operations. When using a ChaCha20 key with the <a class="reference internal" href="#c.PSA_ALG_STREAM_CIPHER" title="PSA_ALG_STREAM_CIPHER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_STREAM_CIPHER</span></code></a> algorithm, these values are provided using the initialization vector (IV) functions in the following ways:</p>
+<ul class="simple">
+<li>A call to <a class="reference internal" href="#c.psa_cipher_encrypt" title="psa_cipher_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt()</span></code></a> will generate a random 12-byte nonce, and set the counter value to zero. The random nonce is output as a 12-byte IV value in the output.</li>
+<li>A call to <a class="reference internal" href="#c.psa_cipher_decrypt" title="psa_cipher_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt()</span></code></a> will use first 12 bytes of the input buffer as the nonce and set the counter value to zero.</li>
+<li>A call to <a class="reference internal" href="#c.psa_cipher_generate_iv" title="psa_cipher_generate_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_generate_iv()</span></code></a> on a multi-part cipher operation will generate and return a random 12-byte nonce and set the counter value to zero.</li>
+<li>A call to <a class="reference internal" href="#c.psa_cipher_set_iv" title="psa_cipher_set_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_set_iv()</span></code></a> on a multi-part cipher operation can support the following IV sizes:<ul>
+<li>12 bytes: the provided IV is used as the nonce, and the counter value is set to zero.</li>
+<li>16 bytes: the first four bytes of the IV are used as the counter value (encoded as little-endian), and the remaining 12 bytes is used as the nonce.</li>
+<li>8 bytes: the cipher operation uses the original <a class="reference internal" href="../../about.html#citation-chacha20"><span class="cite">[CHACHA20]</span></a> definition of ChaCha20: the provided IV is used as the 64-bit nonce, and the 64-bit counter value is set to zero.</li>
+<li>It is recommended that implementations do not support other sizes of IV.</li>
+</ul>
+</li>
+</ul>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ARC4" title="PSA_KEY_TYPE_ARC4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARC4</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_CHACHA20" title="PSA_KEY_TYPE_CHACHA20"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CHACHA20</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_CTR">
+<span id="c.PSA_ALG_CTR"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_CTR</span></code> (macro)</h3>
+<p>A stream cipher built using the Counter (CTR) mode of a block cipher.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_CTR" title="PSA_ALG_CTR">PSA_ALG_CTR</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x04c01000)
+</pre>
+<p>CTR is a stream cipher which is built from a block cipher. The underlying block cipher is determined by the key type. For example, to use AES-128-CTR, use this algorithm with a key of type <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a> and a size of 128 bits (16 bytes).</p>
+<p>The CTR block cipher mode is defined in <span><em>NIST Special Publication 800-38A: Recommendation for Block Cipher Modes of Operation: Methods and Techniques</em> <a class="reference internal" href="../../about.html#citation-sp800-38a"><span class="cite">[SP800-38A]</span></a></span>.</p>
+<p>CTR mode requires a <em>counter block</em> which is the same size as the cipher block length. The counter block is updated for each block (or a partial final block) that is encrypted or decrypted.</p>
+<p>A counter block value must only be used once across all messages encrypted using the same key value. This is typically achieved by splitting the counter block into a nonce, which is unique among all message encrypted with the key, and a counter which is incremented for each block of a message.</p>
+<p>For example, when using AES-CTR encryption, which uses a 16-byte block, the application can provide a 12-byte nonce when setting the IV. This leaves 4 bytes for the counter, allowing up to 2^32 blocks (64GB) of message data to be encrypted in each message.</p>
+<p>The first counter block is constructed from the initialization vector (IV). The initial counter block is is constructed in the following ways:</p>
+<ul class="simple">
+<li>A call to <a class="reference internal" href="#c.psa_cipher_encrypt" title="psa_cipher_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt()</span></code></a> will generate a random counter block value. This is the first block of output.</li>
+<li>A call to <a class="reference internal" href="#c.psa_cipher_decrypt" title="psa_cipher_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt()</span></code></a> will use first block of the input buffer as the initial counter block value.</li>
+<li>A call to <a class="reference internal" href="#c.psa_cipher_generate_iv" title="psa_cipher_generate_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_generate_iv()</span></code></a> on a multi-part cipher operation will generate and return a random counter block value.</li>
+<li>A call to <a class="reference internal" href="#c.psa_cipher_set_iv" title="psa_cipher_set_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_set_iv()</span></code></a> on a multi-part cipher operation requires an IV that is between <code class="docutils literal"><span class="pre">1</span></code> and <em>n</em> bytes in length, where <em>n</em> is the cipher block length. The counter block is initialized using the IV, and padded with zero bytes up to the block length.</li>
+</ul>
+<p>During the counter block update operation, the counter block is treated as a single big-endian encoded integer and the update operation increments this integer by <code class="docutils literal"><span class="pre">1</span></code>.</p>
+<p>This scheme meets the recommendations in Appendix B of <a class="reference internal" href="../../about.html#citation-sp800-38a"><span class="cite psa_c psa_c-cite">[SP800-38A]</span></a>.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">The cipher block length can be determined using <a class="reference internal" href="#c.PSA_BLOCK_CIPHER_BLOCK_LENGTH" title="PSA_BLOCK_CIPHER_BLOCK_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_BLOCK_CIPHER_BLOCK_LENGTH()</span></code></a>.</p>
+</div>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ARIA" title="PSA_KEY_TYPE_ARIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DES" title="PSA_KEY_TYPE_DES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_CAMELLIA" title="PSA_KEY_TYPE_CAMELLIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CAMELLIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_SM4" title="PSA_KEY_TYPE_SM4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_SM4</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_CFB">
+<span id="c.PSA_ALG_CFB"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_CFB</span></code> (macro)</h3>
+<p>A stream cipher built using the Cipher Feedback (CFB) mode of a block cipher.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_CFB" title="PSA_ALG_CFB">PSA_ALG_CFB</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x04c01100)
+</pre>
+<p>The underlying block cipher is determined by the key type. This is the variant of CFB where each iteration encrypts or decrypts a segment of the input that is the same length as the cipher block size. For example, using <a class="reference internal" href="#c.PSA_ALG_CFB" title="PSA_ALG_CFB"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CFB</span></code></a> with a key of type <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a> will result in the AES-CFB-128 cipher.</p>
+<p>CFB mode requires an initialization vector (IV) that is the same size as the cipher block length.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">The cipher block length can be determined using <a class="reference internal" href="#c.PSA_BLOCK_CIPHER_BLOCK_LENGTH" title="PSA_BLOCK_CIPHER_BLOCK_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_BLOCK_CIPHER_BLOCK_LENGTH()</span></code></a>.</p>
+</div>
+<p>The CFB block cipher mode is defined in <span><em>NIST Special Publication 800-38A: Recommendation for Block Cipher Modes of Operation: Methods and Techniques</em> <a class="reference internal" href="../../about.html#citation-sp800-38a"><span class="cite">[SP800-38A]</span></a></span>, using a segment size <em>s</em> equal to the block size <em>b</em>. The definition in <a class="reference internal" href="../../about.html#citation-sp800-38a"><span class="cite psa_c psa_c-cite">[SP800-38A]</span></a> is extended to allow an incomplete final block of input, in which case the algorithm discards the final bytes of the key stream when encrypting or decrypting the final partial block.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ARIA" title="PSA_KEY_TYPE_ARIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DES" title="PSA_KEY_TYPE_DES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_CAMELLIA" title="PSA_KEY_TYPE_CAMELLIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CAMELLIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_SM4" title="PSA_KEY_TYPE_SM4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_SM4</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_OFB">
+<span id="c.PSA_ALG_OFB"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_OFB</span></code> (macro)</h3>
+<p>A stream cipher built using the Output Feedback (OFB) mode of a block cipher.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_OFB" title="PSA_ALG_OFB">PSA_ALG_OFB</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x04c01200)
+</pre>
+<p>The underlying block cipher is determined by the key type.</p>
+<p>OFB mode requires an initialization vector (IV) that is the same size as the cipher block length. OFB mode requires that the IV is a nonce, and must be unique for each use of the mode with the same key.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">The cipher block length can be determined using <a class="reference internal" href="#c.PSA_BLOCK_CIPHER_BLOCK_LENGTH" title="PSA_BLOCK_CIPHER_BLOCK_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_BLOCK_CIPHER_BLOCK_LENGTH()</span></code></a>.</p>
+</div>
+<p>The OFB block cipher mode is defined in <span><em>NIST Special Publication 800-38A: Recommendation for Block Cipher Modes of Operation: Methods and Techniques</em> <a class="reference internal" href="../../about.html#citation-sp800-38a"><span class="cite">[SP800-38A]</span></a></span>.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ARIA" title="PSA_KEY_TYPE_ARIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DES" title="PSA_KEY_TYPE_DES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_CAMELLIA" title="PSA_KEY_TYPE_CAMELLIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CAMELLIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_SM4" title="PSA_KEY_TYPE_SM4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_SM4</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_XTS">
+<span id="c.PSA_ALG_XTS"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_XTS</span></code> (macro)</h3>
+<p>The XEX with Ciphertext Stealing (XTS) cipher mode of a block cipher.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_XTS" title="PSA_ALG_XTS">PSA_ALG_XTS</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x0440ff00)
+</pre>
+<p>XTS is a cipher mode which is built from a block cipher, designed for use in disk encryption. It requires at least one full cipher block length of input, but beyond this minimum the input does not need to be a whole number of blocks.</p>
+<p>XTS mode uses two keys for the underlying block cipher. These are provided by using a key that is twice the normal key size for the cipher. For example, to use AES-256-XTS the application must create a key with type <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a> and bit size <code class="docutils literal"><span class="pre">512</span></code>.</p>
+<p>XTS mode requires an initialization vector (IV) that is the same size as the cipher block length. The IV for XTS is typically defined to be the sector number of the disk block being encrypted or decrypted.</p>
+<p>The XTS block cipher mode is defined in <span><em>1619-2018 --- IEEE Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices</em> <a class="reference internal" href="../../about.html#citation-ieee-xts"><span class="cite">[IEEE-XTS]</span></a></span>.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ARIA" title="PSA_KEY_TYPE_ARIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DES" title="PSA_KEY_TYPE_DES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_CAMELLIA" title="PSA_KEY_TYPE_CAMELLIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CAMELLIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_SM4" title="PSA_KEY_TYPE_SM4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_SM4</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_ECB_NO_PADDING">
+<span id="c.PSA_ALG_ECB_NO_PADDING"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_ECB_NO_PADDING</span></code> (macro)</h3>
+<p>The Electronic Codebook (ECB) mode of a block cipher, with no padding.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_ECB_NO_PADDING" title="PSA_ALG_ECB_NO_PADDING">PSA_ALG_ECB_NO_PADDING</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x04404400)
+</pre>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">ECB mode does not protect the confidentiality of the encrypted data except in extremely narrow circumstances. It is recommended that applications only use ECB if they need to construct an operating mode that the implementation does not provide. Implementations are encouraged to provide the modes that applications need in preference to supporting direct access to ECB.</p>
+</div>
+<p>The underlying block cipher is determined by the key type.</p>
+<p>This symmetric cipher mode can only be used with messages whose lengths are a multiple of the block size of the chosen block cipher.</p>
+<p>ECB mode does not accept an initialization vector (IV). When using a multi-part cipher operation with this algorithm, <a class="reference internal" href="#c.psa_cipher_generate_iv" title="psa_cipher_generate_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_generate_iv()</span></code></a> and <a class="reference internal" href="#c.psa_cipher_set_iv" title="psa_cipher_set_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_set_iv()</span></code></a> must not be called.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">The cipher block length can be determined using <a class="reference internal" href="#c.PSA_BLOCK_CIPHER_BLOCK_LENGTH" title="PSA_BLOCK_CIPHER_BLOCK_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_BLOCK_CIPHER_BLOCK_LENGTH()</span></code></a>.</p>
+</div>
+<p>The ECB block cipher mode is defined in <span><em>NIST Special Publication 800-38A: Recommendation for Block Cipher Modes of Operation: Methods and Techniques</em> <a class="reference internal" href="../../about.html#citation-sp800-38a"><span class="cite">[SP800-38A]</span></a></span>.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ARIA" title="PSA_KEY_TYPE_ARIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DES" title="PSA_KEY_TYPE_DES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_CAMELLIA" title="PSA_KEY_TYPE_CAMELLIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CAMELLIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_SM4" title="PSA_KEY_TYPE_SM4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_SM4</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_CBC_NO_PADDING">
+<span id="c.PSA_ALG_CBC_NO_PADDING"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_CBC_NO_PADDING</span></code> (macro)</h3>
+<p>The Cipher Block Chaining (CBC) mode of a block cipher, with no padding.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_CBC_NO_PADDING" title="PSA_ALG_CBC_NO_PADDING">PSA_ALG_CBC_NO_PADDING</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x04404000)
+</pre>
+<p>The underlying block cipher is determined by the key type.</p>
+<p>This symmetric cipher mode can only be used with messages whose lengths are a multiple of the block size of the chosen block cipher.</p>
+<p>CBC mode requires an initialization vector (IV) that is the same size as the cipher block length.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">The cipher block length can be determined using <a class="reference internal" href="#c.PSA_BLOCK_CIPHER_BLOCK_LENGTH" title="PSA_BLOCK_CIPHER_BLOCK_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_BLOCK_CIPHER_BLOCK_LENGTH()</span></code></a>.</p>
+</div>
+<p>The CBC block cipher mode is defined in <span><em>NIST Special Publication 800-38A: Recommendation for Block Cipher Modes of Operation: Methods and Techniques</em> <a class="reference internal" href="../../about.html#citation-sp800-38a"><span class="cite">[SP800-38A]</span></a></span>.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ARIA" title="PSA_KEY_TYPE_ARIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DES" title="PSA_KEY_TYPE_DES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_CAMELLIA" title="PSA_KEY_TYPE_CAMELLIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CAMELLIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_SM4" title="PSA_KEY_TYPE_SM4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_SM4</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_CBC_PKCS7">
+<span id="c.PSA_ALG_CBC_PKCS7"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_CBC_PKCS7</span></code> (macro)</h3>
+<p>The Cipher Block Chaining (CBC) mode of a block cipher, with PKCS#7 padding.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_CBC_PKCS7" title="PSA_ALG_CBC_PKCS7">PSA_ALG_CBC_PKCS7</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x04404100)
+</pre>
+<p>The underlying block cipher is determined by the key type.</p>
+<p>CBC mode requires an initialization vector (IV) that is the same size as the cipher block length.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">The cipher block length can be determined using <a class="reference internal" href="#c.PSA_BLOCK_CIPHER_BLOCK_LENGTH" title="PSA_BLOCK_CIPHER_BLOCK_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_BLOCK_CIPHER_BLOCK_LENGTH()</span></code></a>.</p>
+</div>
+<p>The CBC block cipher mode is defined in <span><em>NIST Special Publication 800-38A: Recommendation for Block Cipher Modes of Operation: Methods and Techniques</em> <a class="reference internal" href="../../about.html#citation-sp800-38a"><span class="cite">[SP800-38A]</span></a></span>. The padding operation is defined by <span><em>PKCS #7: Cryptographic Message Syntax Version 1.5</em> <a class="reference internal" href="../../about.html#citation-rfc2315"><span class="cite">[RFC2315]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc2315.html#section-10.3">§10.3</a>.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ARIA" title="PSA_KEY_TYPE_ARIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DES" title="PSA_KEY_TYPE_DES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_CAMELLIA" title="PSA_KEY_TYPE_CAMELLIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CAMELLIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_SM4" title="PSA_KEY_TYPE_SM4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_SM4</span></code></a></div>
+</div>
+</div>
+</div>
+<div class="section" id="single-part-cipher-functions">
+<h2>10.4.2. Single-part cipher functions</h2>
+<div class="section" id="psa_cipher_encrypt">
+<span id="c.psa_cipher_encrypt"></span><h3><code class="docutils literal"><span class="pre">psa_cipher_encrypt</span></code> (function)</h3>
+<p>Encrypt a message using a symmetric cipher.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_cipher_encrypt" title="psa_cipher_encrypt">psa_cipher_encrypt</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ uint8_t * output,
+ size_t output_size,
+ size_t * output_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to use for the operation.
+It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_ENCRYPT" title="PSA_KEY_USAGE_ENCRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_ENCRYPT</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The cipher algorithm to compute: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_CIPHER" title="PSA_ALG_IS_CIPHER"><code class="docutils literal"><span class="pre">PSA_ALG_IS_CIPHER</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">input</span></code></dt>
+<dd>Buffer containing the message to encrypt.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">input</span></code> buffer in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">output</span></code></dt>
+<dd>Buffer where the output is to be written. The output contains the IV followed by the ciphertext proper.</dd>
+<dt> <code class="docutils literal"><span class="pre">output_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">output</span></code> buffer in bytes. This must be appropriate for the selected algorithm and key:</p>
+<ul class="last simple">
+<li>A sufficient output size is <a class="reference internal" href="#c.PSA_CIPHER_ENCRYPT_OUTPUT_SIZE" title="PSA_CIPHER_ENCRYPT_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_CIPHER_ENCRYPT_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">input_length</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> is the type of <code class="docutils literal"><span class="pre">key</span></code>.</li>
+<li><a class="reference internal" href="#c.PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">input_length</span></code><code class="docutils literal"><span class="pre">)</span></code> evaluates to the maximum output size of any supported cipher encryption.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">output_length</span></code></dt>
+<dd>On success, the number of bytes that make up the output.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*output_length)</span></code> bytes of <code class="docutils literal"><span class="pre">output</span></code> contain the encrypted output.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_ENCRYPT" title="PSA_KEY_USAGE_ENCRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_ENCRYPT</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">output</span></code> buffer is too small. <a class="reference internal" href="#c.PSA_CIPHER_ENCRYPT_OUTPUT_SIZE" title="PSA_CIPHER_ENCRYPT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_ENCRYPT_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE()</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not a cipher algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li>The <code class="docutils literal"><span class="pre">input_length</span></code> is not valid for the algorithm and key type. For example, the algorithm is a based on block cipher and requires a whole number of blocks, but the total input size is not a multiple of the block size.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not a cipher algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> is too large for the implementation.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>This function encrypts a message with a random initialization vector (IV).
+The length of the IV is <a class="reference internal" href="#c.PSA_CIPHER_IV_LENGTH" title="PSA_CIPHER_IV_LENGTH"><code class="docutils literal"><span class="pre">PSA_CIPHER_IV_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> is the type of <code class="docutils literal"><span class="pre">key</span></code>.
+The output of <a class="reference internal" href="#c.psa_cipher_encrypt" title="psa_cipher_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt()</span></code></a> is the IV followed by the ciphertext.</p>
+<p>Use the multi-part operation interface with a <a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_cipher_operation_t</span></code></a> object to provide other forms of IV or to manage the IV and ciphertext independently.</p>
+</div>
+<div class="section" id="psa_cipher_decrypt">
+<span id="c.psa_cipher_decrypt"></span><h3><code class="docutils literal"><span class="pre">psa_cipher_decrypt</span></code> (function)</h3>
+<p>Decrypt a message using a symmetric cipher.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_cipher_decrypt" title="psa_cipher_decrypt">psa_cipher_decrypt</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ uint8_t * output,
+ size_t output_size,
+ size_t * output_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to use for the operation. It must remain valid until the operation terminates.
+It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DECRYPT" title="PSA_KEY_USAGE_DECRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DECRYPT</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The cipher algorithm to compute: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_CIPHER" title="PSA_ALG_IS_CIPHER"><code class="docutils literal"><span class="pre">PSA_ALG_IS_CIPHER</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">input</span></code></dt>
+<dd>Buffer containing the message to decrypt. This consists of the IV followed by the ciphertext proper.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">input</span></code> buffer in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">output</span></code></dt>
+<dd>Buffer where the plaintext is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">output_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">output</span></code> buffer in bytes. This must be appropriate for the selected algorithm and key:</p>
+<ul class="last simple">
+<li>A sufficient output size is <a class="reference internal" href="#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE" title="PSA_CIPHER_DECRYPT_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_CIPHER_DECRYPT_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">input_length</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> is the type of <code class="docutils literal"><span class="pre">key</span></code>.</li>
+<li><a class="reference internal" href="#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">input_length</span></code><code class="docutils literal"><span class="pre">)</span></code> evaluates to the maximum output size of any supported cipher decryption.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">output_length</span></code></dt>
+<dd>On success, the number of bytes that make up the output.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*output_length)</span></code> bytes of <code class="docutils literal"><span class="pre">output</span></code> contain the plaintext.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DECRYPT" title="PSA_KEY_USAGE_DECRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DECRYPT</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">output</span></code> buffer is too small. <a class="reference internal" href="#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE" title="PSA_CIPHER_DECRYPT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_DECRYPT_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE()</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_PADDING" title="PSA_ERROR_INVALID_PADDING"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_PADDING</span></code></a></dt>
+<dd>The algorithm uses padding, and the input does not contain valid padding.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not a cipher algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li>The <code class="docutils literal"><span class="pre">input_length</span></code> is not valid for the algorithm and key type. For example, the algorithm is a based on block cipher and requires a whole number of blocks, but the total input size is not a multiple of the block size.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not a cipher algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> is too large for the implementation.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>This function decrypts a message encrypted with a symmetric cipher.</p>
+<p>The input to this function must contain the IV followed by the ciphertext, as output by <a class="reference internal" href="#c.psa_cipher_encrypt" title="psa_cipher_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt()</span></code></a>. The IV must be <a class="reference internal" href="#c.PSA_CIPHER_IV_LENGTH" title="PSA_CIPHER_IV_LENGTH"><code class="docutils literal"><span class="pre">PSA_CIPHER_IV_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> bytes in length, where <code class="docutils literal"><span class="pre">key_type</span></code> is the type of <code class="docutils literal"><span class="pre">key</span></code>.</p>
+<p>Use the multi-part operation interface with a <a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_cipher_operation_t</span></code></a> object to decrypt data which is not in the expected input format.</p>
+</div>
+</div>
+<div class="section" id="multi-part-cipher-operations">
+<h2>10.4.3. Multi-part cipher operations</h2>
+<div class="section" id="psa_cipher_operation_t">
+<span id="c.psa_cipher_operation_t"></span><h3><code class="docutils literal"><span class="pre">psa_cipher_operation_t</span></code> (type)</h3>
+<p>The type of the state object for multi-part cipher operations.</p>
+<pre class="literal-block">
+typedef <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-type"><span class="std std-ref">/* implementation-defined type */</span></a></em> <a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a>;
+</pre>
+<p>Before calling any function on a cipher operation object, the application must initialize it by any of the following means:</p>
+<ul>
+<li><p class="first">Set the object to all-bits-zero, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> operation;
+memset(&operation, 0, sizeof(operation));
+</pre>
+</li>
+<li><p class="first">Initialize the object to logical zero values by declaring the object as static or global without an explicit initializer, for example:</p>
+<pre class="literal-block">
+static <a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> operation;
+</pre>
+</li>
+<li><p class="first">Initialize the object to the initializer <a class="reference internal" href="#c.PSA_CIPHER_OPERATION_INIT" title="PSA_CIPHER_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_OPERATION_INIT</span></code></a>, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> operation = <a class="reference internal" href="#c.PSA_CIPHER_OPERATION_INIT" title="PSA_CIPHER_OPERATION_INIT">PSA_CIPHER_OPERATION_INIT</a>;
+</pre>
+</li>
+<li><p class="first">Assign the result of the function <a class="reference internal" href="#c.psa_cipher_operation_init" title="psa_cipher_operation_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_operation_init()</span></code></a> to the object, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> operation;
+operation = <a class="reference internal" href="#c.psa_cipher_operation_init" title="psa_cipher_operation_init">psa_cipher_operation_init</a>();
+</pre>
+</li>
+</ul>
+<p>This is an implementation-defined type. Applications that make assumptions about the content of this object will result in in implementation-specific behavior, and are non-portable.</p>
+</div>
+<div class="section" id="PSA_CIPHER_OPERATION_INIT">
+<span id="c.PSA_CIPHER_OPERATION_INIT"></span><h3><code class="docutils literal"><span class="pre">PSA_CIPHER_OPERATION_INIT</span></code> (macro)</h3>
+<p>This macro returns a suitable initializer for a cipher operation object of type <a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_cipher_operation_t</span></code></a>.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_CIPHER_OPERATION_INIT" title="PSA_CIPHER_OPERATION_INIT">PSA_CIPHER_OPERATION_INIT</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+</div>
+<div class="section" id="psa_cipher_operation_init">
+<span id="c.psa_cipher_operation_init"></span><h3><code class="docutils literal"><span class="pre">psa_cipher_operation_init</span></code> (function)</h3>
+<p>Return an initial value for a cipher operation object.</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> <a class="reference internal" href="#c.psa_cipher_operation_init" title="psa_cipher_operation_init">psa_cipher_operation_init</a>(void);
+</pre>
+<p class="rubric">Returns: <a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t"><code class="docutils literal"><span class="pre">psa_cipher_operation_t</span></code></a></p>
+</div>
+<div class="section" id="psa_cipher_encrypt_setup">
+<span id="c.psa_cipher_encrypt_setup"></span><h3><code class="docutils literal"><span class="pre">psa_cipher_encrypt_setup</span></code> (function)</h3>
+<p>Set the key for a multi-part symmetric encryption operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_cipher_encrypt_setup" title="psa_cipher_encrypt_setup">psa_cipher_encrypt_setup</a>(<a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> * operation,
+ <a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The operation object to set up. It must have been initialized as per the documentation for <a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_cipher_operation_t</span></code></a> and not yet in use.</dd>
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to use for the operation. It must remain valid until the operation terminates.
+It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_ENCRYPT" title="PSA_KEY_USAGE_ENCRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_ENCRYPT</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The cipher algorithm to compute: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_CIPHER" title="PSA_ALG_IS_CIPHER"><code class="docutils literal"><span class="pre">PSA_ALG_IS_CIPHER</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be inactive.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_ENCRYPT" title="PSA_KEY_USAGE_ENCRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_ENCRYPT</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not a cipher algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not a cipher algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The sequence of operations to encrypt a message with a symmetric cipher is as follows:</p>
+<ol class="arabic simple">
+<li>Allocate an operation object which will be passed to all the functions listed here.</li>
+<li>Initialize the operation object with one of the methods described in the documentation for <a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_cipher_operation_t</span></code></a>, e.g. <a class="reference internal" href="#c.PSA_CIPHER_OPERATION_INIT" title="PSA_CIPHER_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_OPERATION_INIT</span></code></a>.</li>
+<li>Call <a class="reference internal" href="#c.psa_cipher_encrypt_setup" title="psa_cipher_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt_setup()</span></code></a> to specify the algorithm and key.</li>
+<li>Call either <a class="reference internal" href="#c.psa_cipher_generate_iv" title="psa_cipher_generate_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_generate_iv()</span></code></a> or <a class="reference internal" href="#c.psa_cipher_set_iv" title="psa_cipher_set_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_set_iv()</span></code></a> to generate or set the initialization vector (IV), if the algorithm requires one. It is recommended to use <a class="reference internal" href="#c.psa_cipher_generate_iv" title="psa_cipher_generate_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_generate_iv()</span></code></a> unless the protocol being implemented requires a specific IV value.</li>
+<li>Call <a class="reference internal" href="#c.psa_cipher_update" title="psa_cipher_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_update()</span></code></a> zero, one or more times, passing a fragment of the message each time.</li>
+<li>Call <a class="reference internal" href="#c.psa_cipher_finish" title="psa_cipher_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_finish()</span></code></a>.</li>
+</ol>
+<p>If an error occurs at any step after a call to <a class="reference internal" href="#c.psa_cipher_encrypt_setup" title="psa_cipher_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt_setup()</span></code></a>, the operation will need to be reset by a call to <a class="reference internal" href="#c.psa_cipher_abort" title="psa_cipher_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_abort()</span></code></a>. The application can call <a class="reference internal" href="#c.psa_cipher_abort" title="psa_cipher_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_abort()</span></code></a> at any time after the operation has been initialized.</p>
+<p>After a successful call to <a class="reference internal" href="#c.psa_cipher_encrypt_setup" title="psa_cipher_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt_setup()</span></code></a>, the application must eventually terminate the operation. The following events terminate an operation:</p>
+<ul class="simple">
+<li>A successful call to <a class="reference internal" href="#c.psa_cipher_finish" title="psa_cipher_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_finish()</span></code></a>.</li>
+<li>A call to <a class="reference internal" href="#c.psa_cipher_abort" title="psa_cipher_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_abort()</span></code></a>.</li>
+</ul>
+</div>
+<div class="section" id="psa_cipher_decrypt_setup">
+<span id="c.psa_cipher_decrypt_setup"></span><h3><code class="docutils literal"><span class="pre">psa_cipher_decrypt_setup</span></code> (function)</h3>
+<p>Set the key for a multi-part symmetric decryption operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_cipher_decrypt_setup" title="psa_cipher_decrypt_setup">psa_cipher_decrypt_setup</a>(<a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> * operation,
+ <a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The operation object to set up. It must have been initialized as per the documentation for <a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_cipher_operation_t</span></code></a> and not yet in use.</dd>
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to use for the operation. It must remain valid until the operation terminates.
+It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DECRYPT" title="PSA_KEY_USAGE_DECRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DECRYPT</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The cipher algorithm to compute: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_CIPHER" title="PSA_ALG_IS_CIPHER"><code class="docutils literal"><span class="pre">PSA_ALG_IS_CIPHER</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be inactive.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DECRYPT" title="PSA_KEY_USAGE_DECRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DECRYPT</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not a cipher algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not a cipher algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The sequence of operations to decrypt a message with a symmetric cipher is as follows:</p>
+<ol class="arabic simple">
+<li>Allocate an operation object which will be passed to all the functions listed here.</li>
+<li>Initialize the operation object with one of the methods described in the documentation for <a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_cipher_operation_t</span></code></a>, e.g. <a class="reference internal" href="#c.PSA_CIPHER_OPERATION_INIT" title="PSA_CIPHER_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_OPERATION_INIT</span></code></a>.</li>
+<li>Call <a class="reference internal" href="#c.psa_cipher_decrypt_setup" title="psa_cipher_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt_setup()</span></code></a> to specify the algorithm and key.</li>
+<li>Call <a class="reference internal" href="#c.psa_cipher_set_iv" title="psa_cipher_set_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_set_iv()</span></code></a> with the initialization vector (IV) for the decryption, if the algorithm requires one. This must match the IV used for the encryption.</li>
+<li>Call <a class="reference internal" href="#c.psa_cipher_update" title="psa_cipher_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_update()</span></code></a> zero, one or more times, passing a fragment of the message each time.</li>
+<li>Call <a class="reference internal" href="#c.psa_cipher_finish" title="psa_cipher_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_finish()</span></code></a>.</li>
+</ol>
+<p>If an error occurs at any step after a call to <a class="reference internal" href="#c.psa_cipher_decrypt_setup" title="psa_cipher_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt_setup()</span></code></a>, the operation will need to be reset by a call to <a class="reference internal" href="#c.psa_cipher_abort" title="psa_cipher_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_abort()</span></code></a>. The application can call <a class="reference internal" href="#c.psa_cipher_abort" title="psa_cipher_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_abort()</span></code></a> at any time after the operation has been initialized.</p>
+<p>After a successful call to <a class="reference internal" href="#c.psa_cipher_decrypt_setup" title="psa_cipher_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt_setup()</span></code></a>, the application must eventually terminate the operation. The following events terminate an operation:</p>
+<ul class="simple">
+<li>A successful call to <a class="reference internal" href="#c.psa_cipher_finish" title="psa_cipher_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_finish()</span></code></a>.</li>
+<li>A call to <a class="reference internal" href="#c.psa_cipher_abort" title="psa_cipher_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_abort()</span></code></a>.</li>
+</ul>
+</div>
+<div class="section" id="psa_cipher_generate_iv">
+<span id="c.psa_cipher_generate_iv"></span><h3><code class="docutils literal"><span class="pre">psa_cipher_generate_iv</span></code> (function)</h3>
+<p>Generate an initialization vector (IV) for a symmetric encryption operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_cipher_generate_iv" title="psa_cipher_generate_iv">psa_cipher_generate_iv</a>(<a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> * operation,
+ uint8_t * iv,
+ size_t iv_size,
+ size_t * iv_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active cipher operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">iv</span></code></dt>
+<dd>Buffer where the generated IV is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">iv_size</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">iv</span></code> buffer in bytes. This must be at least <a class="reference internal" href="#c.PSA_CIPHER_IV_LENGTH" title="PSA_CIPHER_IV_LENGTH"><code class="docutils literal"><span class="pre">PSA_CIPHER_IV_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> and <code class="docutils literal"><span class="pre">alg</span></code> are type of key and the algorithm respectively that were used to set up the cipher operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">iv_length</span></code></dt>
+<dd>On success, the number of bytes of the generated IV.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*iv_length)</span></code> bytes of <code class="docutils literal"><span class="pre">iv</span></code> contain the generated IV.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The cipher algorithm does not use an IV.</li>
+<li>The operation state is not valid: it must be active, with no IV set.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">iv</span></code> buffer is too small. <a class="reference internal" href="#c.PSA_CIPHER_IV_LENGTH" title="PSA_CIPHER_IV_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_IV_LENGTH()</span></code></a> or <a class="reference internal" href="#c.PSA_CIPHER_IV_MAX_SIZE" title="PSA_CIPHER_IV_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_IV_MAX_SIZE</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_ENTROPY" title="PSA_ERROR_INSUFFICIENT_ENTROPY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_ENTROPY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>This function generates a random IV, nonce or initial counter value for the encryption operation as appropriate for the chosen algorithm, key type and key size.</p>
+<p>The generated IV is always the default length for the key and algorithm: <a class="reference internal" href="#c.PSA_CIPHER_IV_LENGTH" title="PSA_CIPHER_IV_LENGTH"><code class="docutils literal"><span class="pre">PSA_CIPHER_IV_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code>, where <code class="docutils literal"><span class="pre">key_type</span></code> is the type of key and <code class="docutils literal"><span class="pre">alg</span></code> is the algorithm that were used to set up the operation. To generate different lengths of IV, use <a class="reference internal" href="rng.html#c.psa_generate_random" title="psa_generate_random"><code class="xref any c c-func docutils literal"><span class="pre">psa_generate_random()</span></code></a> and <a class="reference internal" href="#c.psa_cipher_set_iv" title="psa_cipher_set_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_set_iv()</span></code></a>.</p>
+<p>If the cipher algorithm does not use an IV, calling this function returns a <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a> error. For these algorithms, <a class="reference internal" href="#c.PSA_CIPHER_IV_LENGTH" title="PSA_CIPHER_IV_LENGTH"><code class="docutils literal"><span class="pre">PSA_CIPHER_IV_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> will be zero.</p>
+<p>The application must call <a class="reference internal" href="#c.psa_cipher_encrypt_setup" title="psa_cipher_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt_setup()</span></code></a> before calling this function.</p>
+<p>If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_cipher_abort" title="psa_cipher_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_abort()</span></code></a>.</p>
+</div>
+<div class="section" id="psa_cipher_set_iv">
+<span id="c.psa_cipher_set_iv"></span><h3><code class="docutils literal"><span class="pre">psa_cipher_set_iv</span></code> (function)</h3>
+<p>Set the initialization vector (IV) for a symmetric encryption or decryption operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_cipher_set_iv" title="psa_cipher_set_iv">psa_cipher_set_iv</a>(<a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> * operation,
+ const uint8_t * iv,
+ size_t iv_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active cipher operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">iv</span></code></dt>
+<dd>Buffer containing the IV to use.</dd>
+<dt> <code class="docutils literal"><span class="pre">iv_length</span></code></dt>
+<dd>Size of the IV in bytes.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The cipher algorithm does not use an IV.</li>
+<li>The operation state is not valid: it must be an active cipher encrypt operation, with no IV set.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The chosen algorithm does not use an IV.</li>
+<li><code class="docutils literal"><span class="pre">iv_length</span></code> is not valid for the chosen algorithm.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">iv_length</span></code> is not supported for use with the operation’s algorithm and key.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>This function sets the IV, nonce or initial counter value for the encryption or decryption operation.</p>
+<p>If the cipher algorithm does not use an IV, calling this function returns a <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a> error. For these algorithms, <a class="reference internal" href="#c.PSA_CIPHER_IV_LENGTH" title="PSA_CIPHER_IV_LENGTH"><code class="docutils literal"><span class="pre">PSA_CIPHER_IV_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> will be zero.</p>
+<p>The application must call <a class="reference internal" href="#c.psa_cipher_encrypt_setup" title="psa_cipher_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt_setup()</span></code></a> or <a class="reference internal" href="#c.psa_cipher_decrypt_setup" title="psa_cipher_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt_setup()</span></code></a> before calling this function.</p>
+<p>If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_cipher_abort" title="psa_cipher_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_abort()</span></code></a>.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">When encrypting, <a class="reference internal" href="#c.psa_cipher_generate_iv" title="psa_cipher_generate_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_generate_iv()</span></code></a> is recommended instead of using this function, unless implementing a protocol that requires a non-random IV.</p>
+</div>
+</div>
+<div class="section" id="psa_cipher_update">
+<span id="c.psa_cipher_update"></span><h3><code class="docutils literal"><span class="pre">psa_cipher_update</span></code> (function)</h3>
+<p>Encrypt or decrypt a message fragment in an active cipher operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_cipher_update" title="psa_cipher_update">psa_cipher_update</a>(<a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> * operation,
+ const uint8_t * input,
+ size_t input_length,
+ uint8_t * output,
+ size_t output_size,
+ size_t * output_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active cipher operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">input</span></code></dt>
+<dd>Buffer containing the message fragment to encrypt or decrypt.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">input</span></code> buffer in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">output</span></code></dt>
+<dd>Buffer where the output is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">output_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">output</span></code> buffer in bytes. This must be appropriate for the selected algorithm and key:</p>
+<ul class="last simple">
+<li>A sufficient output size is <a class="reference internal" href="#c.PSA_CIPHER_UPDATE_OUTPUT_SIZE" title="PSA_CIPHER_UPDATE_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_CIPHER_UPDATE_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">input_length</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> is the type of key and <code class="docutils literal"><span class="pre">alg</span></code> is the algorithm that were used to set up the operation.</li>
+<li><a class="reference internal" href="#c.PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE" title="PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">input_length</span></code><code class="docutils literal"><span class="pre">)</span></code> evaluates to the maximum output size of any supported cipher algorithm.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">output_length</span></code></dt>
+<dd>On success, the number of bytes that make up the returned output.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*output_length)</span></code> bytes of <code class="docutils literal"><span class="pre">output</span></code> contain the output data.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be active, with an IV set if required for the algorithm.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">output</span></code> buffer is too small. <a class="reference internal" href="#c.PSA_CIPHER_UPDATE_OUTPUT_SIZE" title="PSA_CIPHER_UPDATE_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_UPDATE_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE" title="PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE()</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd>The total input size passed to this operation is too large for this particular algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd>The total input size passed to this operation is too large for the implementation.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The following must occur before calling this function:</p>
+<ol class="arabic simple">
+<li>Call either <a class="reference internal" href="#c.psa_cipher_encrypt_setup" title="psa_cipher_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt_setup()</span></code></a> or <a class="reference internal" href="#c.psa_cipher_decrypt_setup" title="psa_cipher_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt_setup()</span></code></a>. The choice of setup function determines whether this function encrypts or decrypts its input.</li>
+<li>If the algorithm requires an IV, call <a class="reference internal" href="#c.psa_cipher_generate_iv" title="psa_cipher_generate_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_generate_iv()</span></code></a> or <a class="reference internal" href="#c.psa_cipher_set_iv" title="psa_cipher_set_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_set_iv()</span></code></a>. <a class="reference internal" href="#c.psa_cipher_generate_iv" title="psa_cipher_generate_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_generate_iv()</span></code></a> is recommended when encrypting.</li>
+</ol>
+<p>If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_cipher_abort" title="psa_cipher_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_abort()</span></code></a>.</p>
+</div>
+<div class="section" id="psa_cipher_finish">
+<span id="c.psa_cipher_finish"></span><h3><code class="docutils literal"><span class="pre">psa_cipher_finish</span></code> (function)</h3>
+<p>Finish encrypting or decrypting a message in a cipher operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_cipher_finish" title="psa_cipher_finish">psa_cipher_finish</a>(<a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> * operation,
+ uint8_t * output,
+ size_t output_size,
+ size_t * output_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active cipher operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">output</span></code></dt>
+<dd>Buffer where the output is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">output_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">output</span></code> buffer in bytes. This must be appropriate for the selected algorithm and key:</p>
+<ul class="last simple">
+<li>A sufficient output size is <a class="reference internal" href="#c.PSA_CIPHER_FINISH_OUTPUT_SIZE" title="PSA_CIPHER_FINISH_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_CIPHER_FINISH_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> is the type of key and <code class="docutils literal"><span class="pre">alg</span></code> is the algorithm that were used to set up the operation.</li>
+<li><a class="reference internal" href="#c.PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE" title="PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE</span></code></a> evaluates to the maximum output size of any supported cipher algorithm.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">output_length</span></code></dt>
+<dd>On success, the number of bytes that make up the returned output.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*output_length)</span></code> bytes of <code class="docutils literal"><span class="pre">output</span></code> contain the final output.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be active, with an IV set if required for the algorithm.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">output</span></code> buffer is too small. <a class="reference internal" href="#c.PSA_CIPHER_FINISH_OUTPUT_SIZE" title="PSA_CIPHER_FINISH_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_FINISH_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE" title="PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_PADDING" title="PSA_ERROR_INVALID_PADDING"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_PADDING</span></code></a></dt>
+<dd>This is a decryption operation for an algorithm that includes padding, and the ciphertext does not contain valid padding.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd>The total input size passed to this operation is not valid for this particular algorithm. For example, the algorithm is a based on block cipher and requires a whole number of blocks, but the total input size is not a multiple of the block size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The application must call <a class="reference internal" href="#c.psa_cipher_encrypt_setup" title="psa_cipher_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt_setup()</span></code></a> or <a class="reference internal" href="#c.psa_cipher_decrypt_setup" title="psa_cipher_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt_setup()</span></code></a> before calling this function. The choice of setup function determines whether this function encrypts or decrypts its input.</p>
+<p>This function finishes the encryption or decryption of the message formed by concatenating the inputs passed to preceding calls to <a class="reference internal" href="#c.psa_cipher_update" title="psa_cipher_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_update()</span></code></a>.</p>
+<p>When this function returns successfully, the operation becomes inactive. If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_cipher_abort" title="psa_cipher_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_abort()</span></code></a>.</p>
+</div>
+<div class="section" id="psa_cipher_abort">
+<span id="c.psa_cipher_abort"></span><h3><code class="docutils literal"><span class="pre">psa_cipher_abort</span></code> (function)</h3>
+<p>Abort a cipher operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_cipher_abort" title="psa_cipher_abort">psa_cipher_abort</a>(<a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> * operation);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Initialized cipher operation.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The operation object can now be discarded or reused.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>Aborting an operation frees all associated resources except for the <code class="docutils literal"><span class="pre">operation</span></code> object itself. Once aborted, the operation object can be reused for another operation by calling <a class="reference internal" href="#c.psa_cipher_encrypt_setup" title="psa_cipher_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt_setup()</span></code></a> or <a class="reference internal" href="#c.psa_cipher_decrypt_setup" title="psa_cipher_decrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt_setup()</span></code></a> again.</p>
+<p>This function can be called any time after the operation object has been initialized as described in <a class="reference internal" href="#c.psa_cipher_operation_t" title="psa_cipher_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_cipher_operation_t</span></code></a>.</p>
+<p>In particular, calling <a class="reference internal" href="#c.psa_cipher_abort" title="psa_cipher_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_abort()</span></code></a> after the operation has been terminated by a call to <a class="reference internal" href="#c.psa_cipher_abort" title="psa_cipher_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_abort()</span></code></a> or <a class="reference internal" href="#c.psa_cipher_finish" title="psa_cipher_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_finish()</span></code></a> is safe and has no effect.</p>
+</div>
+</div>
+<div class="section" id="support-macros">
+<h2>10.4.4. Support macros</h2>
+<div class="section" id="PSA_ALG_IS_STREAM_CIPHER">
+<span id="c.PSA_ALG_IS_STREAM_CIPHER"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_STREAM_CIPHER</span></code> (macro)</h3>
+<p>Whether the specified algorithm is a stream cipher.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_STREAM_CIPHER" title="PSA_ALG_IS_STREAM_CIPHER">PSA_ALG_IS_STREAM_CIPHER</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a stream cipher algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier or if it is not a symmetric cipher algorithm.</p>
+<p class="rubric">Description</p>
+<p>A stream cipher is a symmetric cipher that encrypts or decrypts messages by applying a bitwise-xor with a stream of bytes that is generated from a key.</p>
+</div>
+<div class="section" id="PSA_CIPHER_ENCRYPT_OUTPUT_SIZE">
+<span id="c.PSA_CIPHER_ENCRYPT_OUTPUT_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_CIPHER_ENCRYPT_OUTPUT_SIZE</span></code> (macro)</h3>
+<p>A sufficient output buffer size for <a class="reference internal" href="#c.psa_cipher_encrypt" title="psa_cipher_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt()</span></code></a>, in bytes.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_CIPHER_ENCRYPT_OUTPUT_SIZE" title="PSA_CIPHER_ENCRYPT_OUTPUT_SIZE">PSA_CIPHER_ENCRYPT_OUTPUT_SIZE</a>(key_type, alg, input_length) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>A symmetric key type that is compatible with algorithm <code class="docutils literal"><span class="pre">alg</span></code>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>A cipher algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_CIPHER" title="PSA_ALG_IS_CIPHER"><code class="docutils literal"><span class="pre">PSA_ALG_IS_CIPHER</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the input in bytes.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>A sufficient output size for the specified key type and algorithm. If the key type or cipher algorithm is not recognized, or the parameters are incompatible, return <code class="docutils literal"><span class="pre">0</span></code>. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or a correct size for a key type and cipher algorithm that it recognizes, but does not support.</p>
+<p class="rubric">Description</p>
+<p>If the size of the output buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_cipher_encrypt" title="psa_cipher_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt()</span></code></a> will not fail due to an insufficient buffer size. Depending on the algorithm, the actual size of the output might be smaller.</p>
+<p>See also <a class="reference internal" href="#c.PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE">
+<span id="c.PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE</span></code> (macro)</h3>
+<p>A sufficient output buffer size for <a class="reference internal" href="#c.psa_cipher_encrypt" title="psa_cipher_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt()</span></code></a>, for any of the supported key types and cipher algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE">PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE</a>(input_length) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the input in bytes.</dd>
+</dl>
+<p class="rubric">Description</p>
+<p>If the size of the output buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_cipher_encrypt" title="psa_cipher_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_CIPHER_ENCRYPT_OUTPUT_SIZE" title="PSA_CIPHER_ENCRYPT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_ENCRYPT_OUTPUT_SIZE()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_CIPHER_DECRYPT_OUTPUT_SIZE">
+<span id="c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_CIPHER_DECRYPT_OUTPUT_SIZE</span></code> (macro)</h3>
+<p>A sufficient output buffer size for <a class="reference internal" href="#c.psa_cipher_decrypt" title="psa_cipher_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt()</span></code></a>, in bytes.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE" title="PSA_CIPHER_DECRYPT_OUTPUT_SIZE">PSA_CIPHER_DECRYPT_OUTPUT_SIZE</a>(key_type, alg, input_length) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>A symmetric key type that is compatible with algorithm <code class="docutils literal"><span class="pre">alg</span></code>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>A cipher algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_CIPHER" title="PSA_ALG_IS_CIPHER"><code class="docutils literal"><span class="pre">PSA_ALG_IS_CIPHER</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the input in bytes.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>A sufficient output size for the specified key type and algorithm. If the key type or cipher algorithm is not recognized, or the parameters are incompatible, return <code class="docutils literal"><span class="pre">0</span></code>. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or a correct size for a key type and cipher algorithm that it recognizes, but does not support.</p>
+<p class="rubric">Description</p>
+<p>If the size of the output buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_cipher_decrypt" title="psa_cipher_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt()</span></code></a> will not fail due to an insufficient buffer size. Depending on the algorithm, the actual size of the output might be smaller.</p>
+<p>See also <a class="reference internal" href="#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE">
+<span id="c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE</span></code> (macro)</h3>
+<p>A sufficient output buffer size for <a class="reference internal" href="#c.psa_cipher_decrypt" title="psa_cipher_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt()</span></code></a>, for any of the supported key types and cipher algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE">PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE</a>(input_length) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the input in bytes.</dd>
+</dl>
+<p class="rubric">Description</p>
+<p>If the size of the output buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_cipher_decrypt" title="psa_cipher_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE" title="PSA_CIPHER_DECRYPT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_DECRYPT_OUTPUT_SIZE()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_CIPHER_IV_LENGTH">
+<span id="c.PSA_CIPHER_IV_LENGTH"></span><h3><code class="docutils literal"><span class="pre">PSA_CIPHER_IV_LENGTH</span></code> (macro)</h3>
+<p>The default IV size for a cipher algorithm, in bytes.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_CIPHER_IV_LENGTH" title="PSA_CIPHER_IV_LENGTH">PSA_CIPHER_IV_LENGTH</a>(key_type, alg) <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>A symmetric key type that is compatible with algorithm <code class="docutils literal"><span class="pre">alg</span></code>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>A cipher algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_CIPHER" title="PSA_ALG_IS_CIPHER"><code class="docutils literal"><span class="pre">PSA_ALG_IS_CIPHER</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The default IV size for the specified key type and algorithm.
+If the algorithm does not use an IV, return <code class="docutils literal"><span class="pre">0</span></code>.
+If the key type or cipher algorithm is not recognized, or the parameters are incompatible, return <code class="docutils literal"><span class="pre">0</span></code>.
+An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or a correct size for a key type and cipher algorithm that it recognizes, but does not support.</p>
+<p class="rubric">Description</p>
+<p>The IV that is generated as part of a call to <a class="reference internal" href="#c.psa_cipher_encrypt" title="psa_cipher_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt()</span></code></a> is always the default IV length for the algorithm.</p>
+<p>This macro can be used to allocate a buffer of sufficient size to store the IV output from <a class="reference internal" href="#c.psa_cipher_generate_iv" title="psa_cipher_generate_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_generate_iv()</span></code></a> when using a multi-part cipher operation.</p>
+<p>See also <a class="reference internal" href="#c.PSA_CIPHER_IV_MAX_SIZE" title="PSA_CIPHER_IV_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_IV_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_CIPHER_IV_MAX_SIZE">
+<span id="c.PSA_CIPHER_IV_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_CIPHER_IV_MAX_SIZE</span></code> (macro)</h3>
+<p>A sufficient buffer size for storing the IV generated by <a class="reference internal" href="#c.psa_cipher_generate_iv" title="psa_cipher_generate_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_generate_iv()</span></code></a>, for any of the supported key types and cipher algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_CIPHER_IV_MAX_SIZE" title="PSA_CIPHER_IV_MAX_SIZE">PSA_CIPHER_IV_MAX_SIZE</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>If the size of the IV buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_cipher_generate_iv" title="psa_cipher_generate_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_generate_iv()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_CIPHER_IV_LENGTH" title="PSA_CIPHER_IV_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_IV_LENGTH()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_CIPHER_UPDATE_OUTPUT_SIZE">
+<span id="c.PSA_CIPHER_UPDATE_OUTPUT_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_CIPHER_UPDATE_OUTPUT_SIZE</span></code> (macro)</h3>
+<p>A sufficient output buffer size for <a class="reference internal" href="#c.psa_cipher_update" title="psa_cipher_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_update()</span></code></a>, in bytes.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_CIPHER_UPDATE_OUTPUT_SIZE" title="PSA_CIPHER_UPDATE_OUTPUT_SIZE">PSA_CIPHER_UPDATE_OUTPUT_SIZE</a>(key_type, alg, input_length) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>A symmetric key type that is compatible with algorithm <code class="docutils literal"><span class="pre">alg</span></code>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>A cipher algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_CIPHER" title="PSA_ALG_IS_CIPHER"><code class="docutils literal"><span class="pre">PSA_ALG_IS_CIPHER</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the input in bytes.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>A sufficient output size for the specified key type and algorithm. If the key type or cipher algorithm is not recognized, or the parameters are incompatible, return <code class="docutils literal"><span class="pre">0</span></code>. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or a correct size for a key type and cipher algorithm that it recognizes, but does not support.</p>
+<p class="rubric">Description</p>
+<p>If the size of the output buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_cipher_update" title="psa_cipher_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_update()</span></code></a> will not fail due to an insufficient buffer size. The actual size of the output might be smaller in any given call.</p>
+<p>See also <a class="reference internal" href="#c.PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE" title="PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE">
+<span id="c.PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE</span></code> (macro)</h3>
+<p>A sufficient output buffer size for <a class="reference internal" href="#c.psa_cipher_update" title="psa_cipher_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_update()</span></code></a>, for any of the supported key types and cipher algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE" title="PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE">PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE</a>(input_length) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the input in bytes.</dd>
+</dl>
+<p class="rubric">Description</p>
+<p>If the size of the output buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_cipher_update" title="psa_cipher_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_update()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_CIPHER_UPDATE_OUTPUT_SIZE" title="PSA_CIPHER_UPDATE_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_UPDATE_OUTPUT_SIZE()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_CIPHER_FINISH_OUTPUT_SIZE">
+<span id="c.PSA_CIPHER_FINISH_OUTPUT_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_CIPHER_FINISH_OUTPUT_SIZE</span></code> (macro)</h3>
+<p>A sufficient output buffer size for <a class="reference internal" href="#c.psa_cipher_finish" title="psa_cipher_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_finish()</span></code></a>.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_CIPHER_FINISH_OUTPUT_SIZE" title="PSA_CIPHER_FINISH_OUTPUT_SIZE">PSA_CIPHER_FINISH_OUTPUT_SIZE</a>(key_type, alg) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>A symmetric key type that is compatible with algorithm <code class="docutils literal"><span class="pre">alg</span></code>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>A cipher algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_CIPHER" title="PSA_ALG_IS_CIPHER"><code class="docutils literal"><span class="pre">PSA_ALG_IS_CIPHER</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>A sufficient output size for the specified key type and algorithm. If the key type or cipher algorithm is not recognized, or the parameters are incompatible, return <code class="docutils literal"><span class="pre">0</span></code>. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or a correct size for a key type and cipher algorithm that it recognizes, but does not support.</p>
+<p class="rubric">Description</p>
+<p>If the size of the output buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_cipher_finish" title="psa_cipher_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_finish()</span></code></a> will not fail due to an insufficient buffer size. The actual size of the output might be smaller in any given call.</p>
+<p>See also <a class="reference internal" href="#c.PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE" title="PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE">
+<span id="c.PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE</span></code> (macro)</h3>
+<p>A sufficient output buffer size for <a class="reference internal" href="#c.psa_cipher_finish" title="psa_cipher_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_finish()</span></code></a>, for any of the supported key types and cipher algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE" title="PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE">PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>If the size of the output buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_cipher_finish" title="psa_cipher_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_finish()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_CIPHER_FINISH_OUTPUT_SIZE" title="PSA_CIPHER_FINISH_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_FINISH_OUTPUT_SIZE()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_BLOCK_CIPHER_BLOCK_LENGTH">
+<span id="c.PSA_BLOCK_CIPHER_BLOCK_LENGTH"></span><h3><code class="docutils literal"><span class="pre">PSA_BLOCK_CIPHER_BLOCK_LENGTH</span></code> (macro)</h3>
+<p>The block size of a block cipher.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_BLOCK_CIPHER_BLOCK_LENGTH" title="PSA_BLOCK_CIPHER_BLOCK_LENGTH">PSA_BLOCK_CIPHER_BLOCK_LENGTH</a>(type) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">type</span></code></dt>
+<dd>A cipher key type: a value of type <a class="reference internal" href="../keys/types.html#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The block size for a block cipher, or <code class="docutils literal"><span class="pre">1</span></code> for a stream cipher. The return value is undefined if <code class="docutils literal"><span class="pre">type</span></code> is not a supported cipher key type.</p>
+<p class="rubric">Description</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">It is possible to build stream cipher algorithms on top of a block cipher, for example CTR mode (<a class="reference internal" href="#c.PSA_ALG_CTR" title="PSA_ALG_CTR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CTR</span></code></a>). This macro only takes the key type into account, so it cannot be used to determine the size of the data that <a class="reference internal" href="#c.psa_cipher_update" title="psa_cipher_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_update()</span></code></a> might buffer for future processing in general.</p>
+</div>
+<p>See also <a class="reference internal" href="#c.PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE" title="PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE">
+<span id="c.PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE</span></code> (macro)</h3>
+<p>The maximum block size of a block cipher supported by the implementation.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE" title="PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE">PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>See also <a class="reference internal" href="#c.PSA_BLOCK_CIPHER_BLOCK_LENGTH" title="PSA_BLOCK_CIPHER_BLOCK_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_BLOCK_CIPHER_BLOCK_LENGTH()</span></code></a>.</p>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">10. Cryptographic operation reference</a><ul class="current">
+<li class="toctree-l2"><a class="reference internal" href="algorithms.html">10.1. Algorithms</a></li>
+<li class="toctree-l2"><a class="reference internal" href="hashes.html">10.2. Message digests (Hashes)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="macs.html">10.3. Message authentication codes (MAC)</a></li>
+<li class="toctree-l2 current"><a class="current reference internal" href="#">10.4. Unauthenticated ciphers</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#cipher-algorithms">10.4.1. Cipher algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#single-part-cipher-functions">10.4.2. Single-part cipher functions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#multi-part-cipher-operations">10.4.3. Multi-part cipher operations</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#support-macros">10.4.4. Support macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="aead.html">10.5. Authenticated encryption with associated data (AEAD)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="kdf.html">10.6. Key derivation</a></li>
+<li class="toctree-l2"><a class="reference internal" href="sign.html">10.7. Asymmetric signature</a></li>
+<li class="toctree-l2"><a class="reference internal" href="pke.html">10.8. Asymmetric encryption</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ka.html">10.9. Key agreement</a></li>
+<li class="toctree-l2"><a class="reference internal" href="rng.html">10.10. Other cryptographic services</a></li>
+</ul>
+</li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/ops/hashes.html b/docs/1.1.0/html/api/ops/hashes.html
new file mode 100644
index 0000000..40d8bb7
--- /dev/null
+++ b/docs/1.1.0/html/api/ops/hashes.html
@@ -0,0 +1,1122 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>10.2. Message digests (Hashes) — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="10.3. Message authentication codes (MAC)" href="macs.html" />
+ <link rel="prev" title="10.1. Algorithms" href="algorithms.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="message-digests-hashes">
+<span id="hashes"></span><h1>10.2. Message digests (Hashes)</h1>
+<p>The single-part hash functions are:</p>
+<ul class="simple">
+<li><a class="reference internal" href="#c.psa_hash_compute" title="psa_hash_compute"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_compute()</span></code></a> to calculate the hash of a message.</li>
+<li><a class="reference internal" href="#c.psa_hash_compare" title="psa_hash_compare"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_compare()</span></code></a> to compare the hash of a message with a reference value.</li>
+</ul>
+<p>The <a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_hash_operation_t</span></code></a> <a class="reference internal" href="../../overview/functionality.html#multi-part-operations"><span class="std std-ref">multi-part operation</span></a> allows messages to be processed in fragments. A multi-part hash operation is used as follows:</p>
+<ol class="arabic simple">
+<li>Initialize the <a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_hash_operation_t</span></code></a> object to zero, or by assigning the value of the associated macro <a class="reference internal" href="#c.PSA_HASH_OPERATION_INIT" title="PSA_HASH_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_OPERATION_INIT</span></code></a>.</li>
+<li>Call <a class="reference internal" href="#c.psa_hash_setup" title="psa_hash_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_setup()</span></code></a> to specify the required hash algorithm, call <a class="reference internal" href="#c.psa_hash_clone" title="psa_hash_clone"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_clone()</span></code></a> to duplicate the state of <em>active</em> <a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_hash_operation_t</span></code></a> object, or call <a class="reference internal" href="#c.psa_hash_resume" title="psa_hash_resume"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_resume()</span></code></a> to restart a hash operation with the output from a previously suspended hash operation.</li>
+<li>Call the <a class="reference internal" href="#c.psa_hash_update" title="psa_hash_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_update()</span></code></a> function on successive chunks of the message.</li>
+<li>At the end of the message, call the required finishing function:<ul>
+<li>To suspend the hash operation and extract a hash suspend state, call <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a>. The output state can subsequently be used to resume the hash operation.</li>
+<li>To calculate the digest of a message, call <a class="reference internal" href="#c.psa_hash_finish" title="psa_hash_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_finish()</span></code></a>.</li>
+<li>To verify the digest of a message against a reference value, call <a class="reference internal" href="#c.psa_hash_verify" title="psa_hash_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_verify()</span></code></a>.</li>
+</ul>
+</li>
+</ol>
+<p>To abort the operation or recover from an error, call <a class="reference internal" href="#c.psa_hash_abort" title="psa_hash_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_abort()</span></code></a>.</p>
+<div class="section" id="hash-algorithms">
+<span id="id1"></span><h2>10.2.1. Hash algorithms</h2>
+<div class="section" id="PSA_ALG_MD2">
+<span id="c.PSA_ALG_MD2"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_MD2</span></code> (macro)</h3>
+<p>The MD2 message-digest algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_MD2" title="PSA_ALG_MD2">PSA_ALG_MD2</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000001)
+</pre>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">The MD2 hash is weak and deprecated and is only recommended for use in legacy protocols.</p>
+</div>
+<p>MD2 is defined in <span><em>The MD2 Message-Digest Algorithm</em> <a class="reference internal" href="../../about.html#citation-rfc1319"><span class="cite">[RFC1319]</span></a></span>.</p>
+</div>
+<div class="section" id="PSA_ALG_MD4">
+<span id="c.PSA_ALG_MD4"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_MD4</span></code> (macro)</h3>
+<p>The MD4 message-digest algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_MD4" title="PSA_ALG_MD4">PSA_ALG_MD4</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000002)
+</pre>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">The MD4 hash is weak and deprecated and is only recommended for use in legacy protocols.</p>
+</div>
+<p>MD4 is defined in <span><em>The MD4 Message-Digest Algorithm</em> <a class="reference internal" href="../../about.html#citation-rfc1320"><span class="cite">[RFC1320]</span></a></span>.</p>
+</div>
+<div class="section" id="PSA_ALG_MD5">
+<span id="c.PSA_ALG_MD5"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_MD5</span></code> (macro)</h3>
+<p>The MD5 message-digest algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_MD5" title="PSA_ALG_MD5">PSA_ALG_MD5</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000003)
+</pre>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">The MD5 hash is weak and deprecated and is only recommended for use in legacy protocols.</p>
+</div>
+<p>MD5 is defined in <span><em>The MD5 Message-Digest Algorithm</em> <a class="reference internal" href="../../about.html#citation-rfc1321"><span class="cite">[RFC1321]</span></a></span>.</p>
+</div>
+<div class="section" id="PSA_ALG_RIPEMD160">
+<span id="c.PSA_ALG_RIPEMD160"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_RIPEMD160</span></code> (macro)</h3>
+<p>The RIPEMD-160 message-digest algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_RIPEMD160" title="PSA_ALG_RIPEMD160">PSA_ALG_RIPEMD160</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000004)
+</pre>
+<p>RIPEMD-160 is defined in <span><em>RIPEMD-160: A Strengthened Version of RIPEMD</em> <a class="reference internal" href="../../about.html#citation-ripemd"><span class="cite">[RIPEMD]</span></a></span>, and also in <span><em>ISO/IEC 10118-3:2018 IT Security techniques — Hash-functions — Part 3: Dedicated hash-functions</em> <a class="reference internal" href="../../about.html#citation-iso10118"><span class="cite">[ISO10118]</span></a></span>.</p>
+</div>
+<div class="section" id="PSA_ALG_SHA_1">
+<span id="c.PSA_ALG_SHA_1"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_SHA_1</span></code> (macro)</h3>
+<p>The SHA-1 message-digest algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_SHA_1" title="PSA_ALG_SHA_1">PSA_ALG_SHA_1</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000005)
+</pre>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">The SHA-1 hash is weak and deprecated and is only recommended for use in legacy protocols.</p>
+</div>
+<p>SHA-1 is defined in <span><em>FIPS Publication 180-4: Secure Hash Standard (SHS)</em> <a class="reference internal" href="../../about.html#citation-fips180-4"><span class="cite">[FIPS180-4]</span></a></span>.</p>
+</div>
+<div class="section" id="PSA_ALG_SHA_224">
+<span id="c.PSA_ALG_SHA_224"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_SHA_224</span></code> (macro)</h3>
+<p>The SHA-224 message-digest algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_SHA_224" title="PSA_ALG_SHA_224">PSA_ALG_SHA_224</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000008)
+</pre>
+<p>SHA-224 is defined in <a class="reference internal" href="../../about.html#citation-fips180-4"><span class="cite">[FIPS180-4]</span></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_SHA_256">
+<span id="c.PSA_ALG_SHA_256"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_SHA_256</span></code> (macro)</h3>
+<p>The SHA-256 message-digest algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_SHA_256" title="PSA_ALG_SHA_256">PSA_ALG_SHA_256</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000009)
+</pre>
+<p>SHA-256 is defined in <a class="reference internal" href="../../about.html#citation-fips180-4"><span class="cite">[FIPS180-4]</span></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_SHA_384">
+<span id="c.PSA_ALG_SHA_384"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_SHA_384</span></code> (macro)</h3>
+<p>The SHA-384 message-digest algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_SHA_384" title="PSA_ALG_SHA_384">PSA_ALG_SHA_384</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x0200000a)
+</pre>
+<p>SHA-384 is defined in <a class="reference internal" href="../../about.html#citation-fips180-4"><span class="cite">[FIPS180-4]</span></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_SHA_512">
+<span id="c.PSA_ALG_SHA_512"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_SHA_512</span></code> (macro)</h3>
+<p>The SHA-512 message-digest algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_SHA_512" title="PSA_ALG_SHA_512">PSA_ALG_SHA_512</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x0200000b)
+</pre>
+<p>SHA-512 is defined in <a class="reference internal" href="../../about.html#citation-fips180-4"><span class="cite">[FIPS180-4]</span></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_SHA_512_224">
+<span id="c.PSA_ALG_SHA_512_224"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_SHA_512_224</span></code> (macro)</h3>
+<p>The SHA-512/224 message-digest algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_SHA_512_224" title="PSA_ALG_SHA_512_224">PSA_ALG_SHA_512_224</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x0200000c)
+</pre>
+<p>SHA-512/224 is defined in <a class="reference internal" href="../../about.html#citation-fips180-4"><span class="cite">[FIPS180-4]</span></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_SHA_512_256">
+<span id="c.PSA_ALG_SHA_512_256"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_SHA_512_256</span></code> (macro)</h3>
+<p>The SHA-512/256 message-digest algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_SHA_512_256" title="PSA_ALG_SHA_512_256">PSA_ALG_SHA_512_256</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x0200000d)
+</pre>
+<p>SHA-512/256 is defined in <a class="reference internal" href="../../about.html#citation-fips180-4"><span class="cite">[FIPS180-4]</span></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_SHA3_224">
+<span id="c.PSA_ALG_SHA3_224"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_SHA3_224</span></code> (macro)</h3>
+<p>The SHA3-224 message-digest algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_SHA3_224" title="PSA_ALG_SHA3_224">PSA_ALG_SHA3_224</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000010)
+</pre>
+<p>SHA3-224 is defined in <span><em>FIPS Publication 202: SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions</em> <a class="reference internal" href="../../about.html#citation-fips202"><span class="cite">[FIPS202]</span></a></span>.</p>
+</div>
+<div class="section" id="PSA_ALG_SHA3_256">
+<span id="c.PSA_ALG_SHA3_256"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_SHA3_256</span></code> (macro)</h3>
+<p>The SHA3-256 message-digest algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_SHA3_256" title="PSA_ALG_SHA3_256">PSA_ALG_SHA3_256</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000011)
+</pre>
+<p>SHA3-256 is defined in <a class="reference internal" href="../../about.html#citation-fips202"><span class="cite">[FIPS202]</span></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_SHA3_384">
+<span id="c.PSA_ALG_SHA3_384"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_SHA3_384</span></code> (macro)</h3>
+<p>The SHA3-384 message-digest algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_SHA3_384" title="PSA_ALG_SHA3_384">PSA_ALG_SHA3_384</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000012)
+</pre>
+<p>SHA3-384 is defined in <a class="reference internal" href="../../about.html#citation-fips202"><span class="cite">[FIPS202]</span></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_SHA3_512">
+<span id="c.PSA_ALG_SHA3_512"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_SHA3_512</span></code> (macro)</h3>
+<p>The SHA3-512 message-digest algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_SHA3_512" title="PSA_ALG_SHA3_512">PSA_ALG_SHA3_512</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000013)
+</pre>
+<p>SHA3-512 is defined in <a class="reference internal" href="../../about.html#citation-fips202"><span class="cite">[FIPS202]</span></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_SHAKE256_512">
+<span id="c.PSA_ALG_SHAKE256_512"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_SHAKE256_512</span></code> (macro)</h3>
+<p>The first 512 bits (64 bytes) of the SHAKE256 output.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_SHAKE256_512" title="PSA_ALG_SHAKE256_512">PSA_ALG_SHAKE256_512</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000015)
+</pre>
+<p>This is the prehashing for Ed448ph (see <a class="reference internal" href="sign.html#c.PSA_ALG_ED448PH" title="PSA_ALG_ED448PH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ED448PH</span></code></a>).</p>
+<p>SHAKE256 is defined in <a class="reference internal" href="../../about.html#citation-fips202"><span class="cite">[FIPS202]</span></a>.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">For other scenarios where a hash function based on SHA3 or SHAKE is required, SHA3-512 is recommended. SHA3-512 has the same output size, and a theoretically higher security strength.</p>
+</div>
+</div>
+<div class="section" id="PSA_ALG_SM3">
+<span id="c.PSA_ALG_SM3"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_SM3</span></code> (macro)</h3>
+<p>The SM3 message-digest algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_SM3" title="PSA_ALG_SM3">PSA_ALG_SM3</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000014)
+</pre>
+<p>SM3 is defined in <span><em>ISO/IEC 10118-3:2018 IT Security techniques — Hash-functions — Part 3: Dedicated hash-functions</em> <a class="reference internal" href="../../about.html#citation-iso10118"><span class="cite">[ISO10118]</span></a></span>, and also in <span><em>GM/T 0004-2012: SM3 cryptographic hash algorithm</em> <a class="reference internal" href="../../about.html#citation-cstc0004"><span class="cite">[CSTC0004]</span></a></span> (English version <a class="reference internal" href="../../about.html#citation-cstc0004-e"><span class="cite">[CSTC0004/E]</span></a>).</p>
+</div>
+</div>
+<div class="section" id="single-part-hashing-functions">
+<h2>10.2.2. Single-part hashing functions</h2>
+<div class="section" id="psa_hash_compute">
+<span id="c.psa_hash_compute"></span><h3><code class="docutils literal"><span class="pre">psa_hash_compute</span></code> (function)</h3>
+<p>Calculate the hash (digest) of a message.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_hash_compute" title="psa_hash_compute">psa_hash_compute</a>(<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ uint8_t * hash,
+ size_t hash_size,
+ size_t * hash_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The hash algorithm to compute: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">input</span></code></dt>
+<dd>Buffer containing the message to hash.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">input</span></code> buffer in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash</span></code></dt>
+<dd>Buffer where the hash is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash_size</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">hash</span></code> buffer in bytes.
+This must be at least <a class="reference internal" href="#c.PSA_HASH_LENGTH" title="PSA_HASH_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code>.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash_length</span></code></dt>
+<dd>On success, the number of bytes that make up the hash value. This is always <a class="reference internal" href="#c.PSA_HASH_LENGTH" title="PSA_HASH_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code>.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*hash_length)</span></code> bytes of <code class="docutils literal"><span class="pre">hash</span></code> contain the hash value.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">hash</span></code> buffer is too small.
+<a class="reference internal" href="#c.PSA_HASH_LENGTH" title="PSA_HASH_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_LENGTH()</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not a hash algorithm.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> is too large for <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not a hash algorithm.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> is too large for the implementation.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">To verify the hash of a message against an expected value, use <a class="reference internal" href="#c.psa_hash_compare" title="psa_hash_compare"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_compare()</span></code></a> instead.</p>
+</div>
+</div>
+<div class="section" id="psa_hash_compare">
+<span id="c.psa_hash_compare"></span><h3><code class="docutils literal"><span class="pre">psa_hash_compare</span></code> (function)</h3>
+<p>Calculate the hash (digest) of a message and compare it with a reference value.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_hash_compare" title="psa_hash_compare">psa_hash_compare</a>(<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ const uint8_t * hash,
+ size_t hash_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The hash algorithm to compute: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">input</span></code></dt>
+<dd>Buffer containing the message to hash.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">input</span></code> buffer in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash</span></code></dt>
+<dd>Buffer containing the expected hash value.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">hash</span></code> buffer in bytes.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The expected hash is identical to the actual hash of the input.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a></dt>
+<dd>The calculated hash of the message does not match the value in <code class="docutils literal"><span class="pre">hash</span></code>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not a hash algorithm.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> is too large for <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not a hash algorithm.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> is too large for the implementation.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+</div>
+</div>
+<div class="section" id="multi-part-hashing-operations">
+<span id="hash-mp"></span><h2>10.2.3. Multi-part hashing operations</h2>
+<div class="section" id="psa_hash_operation_t">
+<span id="c.psa_hash_operation_t"></span><h3><code class="docutils literal"><span class="pre">psa_hash_operation_t</span></code> (type)</h3>
+<p>The type of the state object for multi-part hash operations.</p>
+<pre class="literal-block">
+typedef <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-type"><span class="std std-ref">/* implementation-defined type */</span></a></em> <a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a>;
+</pre>
+<p>Before calling any function on a hash operation object, the application must initialize it by any of the following means:</p>
+<ul>
+<li><p class="first">Set the object to all-bits-zero, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> operation;
+memset(&operation, 0, sizeof(operation));
+</pre>
+</li>
+<li><p class="first">Initialize the object to logical zero values by declaring the object as static or global without an explicit initializer, for example:</p>
+<pre class="literal-block">
+static <a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> operation;
+</pre>
+</li>
+<li><p class="first">Initialize the object to the initializer <a class="reference internal" href="#c.PSA_HASH_OPERATION_INIT" title="PSA_HASH_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_OPERATION_INIT</span></code></a>, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> operation = <a class="reference internal" href="#c.PSA_HASH_OPERATION_INIT" title="PSA_HASH_OPERATION_INIT">PSA_HASH_OPERATION_INIT</a>;
+</pre>
+</li>
+<li><p class="first">Assign the result of the function <a class="reference internal" href="#c.psa_hash_operation_init" title="psa_hash_operation_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_operation_init()</span></code></a> to the object, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> operation;
+operation = <a class="reference internal" href="#c.psa_hash_operation_init" title="psa_hash_operation_init">psa_hash_operation_init</a>();
+</pre>
+</li>
+</ul>
+<p>This is an implementation-defined type. Applications that make assumptions about the content of this object will result in in implementation-specific behavior, and are non-portable.</p>
+</div>
+<div class="section" id="PSA_HASH_OPERATION_INIT">
+<span id="c.PSA_HASH_OPERATION_INIT"></span><h3><code class="docutils literal"><span class="pre">PSA_HASH_OPERATION_INIT</span></code> (macro)</h3>
+<p>This macro returns a suitable initializer for a hash operation object of type <a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_hash_operation_t</span></code></a>.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_HASH_OPERATION_INIT" title="PSA_HASH_OPERATION_INIT">PSA_HASH_OPERATION_INIT</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+</div>
+<div class="section" id="psa_hash_operation_init">
+<span id="c.psa_hash_operation_init"></span><h3><code class="docutils literal"><span class="pre">psa_hash_operation_init</span></code> (function)</h3>
+<p>Return an initial value for a hash operation object.</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> <a class="reference internal" href="#c.psa_hash_operation_init" title="psa_hash_operation_init">psa_hash_operation_init</a>(void);
+</pre>
+<p class="rubric">Returns: <a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t"><code class="docutils literal"><span class="pre">psa_hash_operation_t</span></code></a></p>
+</div>
+<div class="section" id="psa_hash_setup">
+<span id="c.psa_hash_setup"></span><h3><code class="docutils literal"><span class="pre">psa_hash_setup</span></code> (function)</h3>
+<p>Set up a multi-part hash operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_hash_setup" title="psa_hash_setup">psa_hash_setup</a>(<a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * operation,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The operation object to set up. It must have been initialized as per the documentation for <a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_hash_operation_t</span></code></a> and not yet in use.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The hash algorithm to compute: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be inactive.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">alg</span></code> is not a hash algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not a hash algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The sequence of operations to calculate a hash (message digest) is as follows:</p>
+<ol class="arabic simple">
+<li>Allocate an operation object which will be passed to all the functions listed here.</li>
+<li>Initialize the operation object with one of the methods described in the documentation for <a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_hash_operation_t</span></code></a>, e.g. <a class="reference internal" href="#c.PSA_HASH_OPERATION_INIT" title="PSA_HASH_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_OPERATION_INIT</span></code></a>.</li>
+<li>Call <a class="reference internal" href="#c.psa_hash_setup" title="psa_hash_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_setup()</span></code></a> to specify the algorithm.</li>
+<li>Call <a class="reference internal" href="#c.psa_hash_update" title="psa_hash_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_update()</span></code></a> zero, one or more times, passing a fragment of the message each time. The hash that is calculated is the hash of the concatenation of these messages in order.</li>
+<li>To calculate the hash, call <a class="reference internal" href="#c.psa_hash_finish" title="psa_hash_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_finish()</span></code></a>. To compare the hash with an expected value, call <a class="reference internal" href="#c.psa_hash_verify" title="psa_hash_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_verify()</span></code></a>. To suspend the hash operation and extract the current state, call <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a>.</li>
+</ol>
+<p>If an error occurs at any step after a call to <a class="reference internal" href="#c.psa_hash_setup" title="psa_hash_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_setup()</span></code></a>, the operation will need to be reset by a call to <a class="reference internal" href="#c.psa_hash_abort" title="psa_hash_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_abort()</span></code></a>. The application can call <a class="reference internal" href="#c.psa_hash_abort" title="psa_hash_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_abort()</span></code></a> at any time after the operation has been initialized.</p>
+<p>After a successful call to <a class="reference internal" href="#c.psa_hash_setup" title="psa_hash_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_setup()</span></code></a>, the application must eventually terminate the operation. The following events terminate an operation:</p>
+<ul class="simple">
+<li>A successful call to <a class="reference internal" href="#c.psa_hash_finish" title="psa_hash_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_finish()</span></code></a> or <a class="reference internal" href="#c.psa_hash_verify" title="psa_hash_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_verify()</span></code></a> or <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a>.</li>
+<li>A call to <a class="reference internal" href="#c.psa_hash_abort" title="psa_hash_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_abort()</span></code></a>.</li>
+</ul>
+</div>
+<div class="section" id="psa_hash_update">
+<span id="c.psa_hash_update"></span><h3><code class="docutils literal"><span class="pre">psa_hash_update</span></code> (function)</h3>
+<p>Add a message fragment to a multi-part hash operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_hash_update" title="psa_hash_update">psa_hash_update</a>(<a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * operation,
+ const uint8_t * input,
+ size_t input_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active hash operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">input</span></code></dt>
+<dd>Buffer containing the message fragment to hash.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">input</span></code> buffer in bytes.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be active.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd>The total input for the operation is too large for the hash algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd>The total input for the operation is too large for the implementation.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The application must call <a class="reference internal" href="#c.psa_hash_setup" title="psa_hash_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_setup()</span></code></a> or <a class="reference internal" href="#c.psa_hash_resume" title="psa_hash_resume"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_resume()</span></code></a> before calling this function.</p>
+<p>If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_hash_abort" title="psa_hash_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_abort()</span></code></a>.</p>
+</div>
+<div class="section" id="psa_hash_finish">
+<span id="c.psa_hash_finish"></span><h3><code class="docutils literal"><span class="pre">psa_hash_finish</span></code> (function)</h3>
+<p>Finish the calculation of the hash of a message.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_hash_finish" title="psa_hash_finish">psa_hash_finish</a>(<a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * operation,
+ uint8_t * hash,
+ size_t hash_size,
+ size_t * hash_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active hash operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash</span></code></dt>
+<dd>Buffer where the hash is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash_size</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">hash</span></code> buffer in bytes. This must be at least <a class="reference internal" href="#c.PSA_HASH_LENGTH" title="PSA_HASH_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">alg</span></code> is the algorithm that the operation performs.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash_length</span></code></dt>
+<dd>On success, the number of bytes that make up the hash value. This is always <a class="reference internal" href="#c.PSA_HASH_LENGTH" title="PSA_HASH_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">alg</span></code> is the hash algorithm that the operation performs.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*hash_length)</span></code> bytes of <code class="docutils literal"><span class="pre">hash</span></code> contain the hash value.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be active.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">hash</span></code> buffer is too small.
+<a class="reference internal" href="#c.PSA_HASH_LENGTH" title="PSA_HASH_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_LENGTH()</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The application must call <a class="reference internal" href="#c.psa_hash_setup" title="psa_hash_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_setup()</span></code></a> or <a class="reference internal" href="#c.psa_hash_resume" title="psa_hash_resume"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_resume()</span></code></a> before calling this function. This function calculates the hash of the message formed by concatenating the inputs passed to preceding calls to <a class="reference internal" href="#c.psa_hash_update" title="psa_hash_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_update()</span></code></a>.</p>
+<p>When this function returns successfully, the operation becomes inactive. If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_hash_abort" title="psa_hash_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_abort()</span></code></a>.</p>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p>It is not recommended to use this function when a specific value is expected for the hash. Call <a class="reference internal" href="#c.psa_hash_verify" title="psa_hash_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_verify()</span></code></a> instead with the expected hash value.</p>
+<p class="last">Comparing integrity or authenticity data such as hash values with a function such as <code class="docutils literal"><span class="pre">memcmp()</span></code> is risky because the time taken by the comparison might leak information about the hashed data which could allow an attacker to guess a valid hash and thereby bypass security controls.</p>
+</div>
+</div>
+<div class="section" id="psa_hash_verify">
+<span id="c.psa_hash_verify"></span><h3><code class="docutils literal"><span class="pre">psa_hash_verify</span></code> (function)</h3>
+<p>Finish the calculation of the hash of a message and compare it with an expected value.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_hash_verify" title="psa_hash_verify">psa_hash_verify</a>(<a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * operation,
+ const uint8_t * hash,
+ size_t hash_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active hash operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash</span></code></dt>
+<dd>Buffer containing the expected hash value.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">hash</span></code> buffer in bytes.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The expected hash is identical to the actual hash of the message.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be active.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a></dt>
+<dd>The calculated hash of the message does not match the value in <code class="docutils literal"><span class="pre">hash</span></code>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The application must call <a class="reference internal" href="#c.psa_hash_setup" title="psa_hash_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_setup()</span></code></a> before calling this function. This function calculates the hash of the message formed by concatenating the inputs passed to preceding calls to <a class="reference internal" href="#c.psa_hash_update" title="psa_hash_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_update()</span></code></a>. It then compares the calculated hash with the expected hash passed as a parameter to this function.</p>
+<p>When this function returns successfully, the operation becomes inactive. If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_hash_abort" title="psa_hash_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_abort()</span></code></a>.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">Implementations must make the best effort to ensure that the comparison between the actual hash and the expected hash is performed in constant time.</p>
+</div>
+</div>
+<div class="section" id="psa_hash_abort">
+<span id="c.psa_hash_abort"></span><h3><code class="docutils literal"><span class="pre">psa_hash_abort</span></code> (function)</h3>
+<p>Abort a hash operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_hash_abort" title="psa_hash_abort">psa_hash_abort</a>(<a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * operation);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Initialized hash operation.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The operation object can now be discarded or reused.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>Aborting an operation frees all associated resources except for the <code class="docutils literal"><span class="pre">operation</span></code> object itself. Once aborted, the operation object can be reused for another operation by calling <a class="reference internal" href="#c.psa_hash_setup" title="psa_hash_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_setup()</span></code></a> again.</p>
+<p>This function can be called any time after the operation object has been initialized by one of the methods described in <a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_hash_operation_t</span></code></a>.</p>
+<p>In particular, calling <a class="reference internal" href="#c.psa_hash_abort" title="psa_hash_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_abort()</span></code></a> after the operation has been terminated by a call to <a class="reference internal" href="#c.psa_hash_abort" title="psa_hash_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_abort()</span></code></a>, <a class="reference internal" href="#c.psa_hash_finish" title="psa_hash_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_finish()</span></code></a> or <a class="reference internal" href="#c.psa_hash_verify" title="psa_hash_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_verify()</span></code></a> is safe and has no effect.</p>
+</div>
+<div class="section" id="psa_hash_suspend">
+<span id="c.psa_hash_suspend"></span><h3><code class="docutils literal"><span class="pre">psa_hash_suspend</span></code> (function)</h3>
+<p>Halt the hash operation and extract the intermediate state of the hash computation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend">psa_hash_suspend</a>(<a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * operation,
+ uint8_t * hash_state,
+ size_t hash_state_size,
+ size_t * hash_state_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active hash operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash_state</span></code></dt>
+<dd>Buffer where the hash suspend state is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash_state_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">hash_state</span></code> buffer in bytes.
+This must be appropriate for the selected algorithm:</p>
+<ul class="last simple">
+<li>A sufficient output size is <a class="reference internal" href="#c.PSA_HASH_SUSPEND_OUTPUT_SIZE" title="PSA_HASH_SUSPEND_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_HASH_SUSPEND_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">alg</span></code> is the algorithm that was used to set up the operation.</li>
+<li><a class="reference internal" href="#c.PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE" title="PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE</span></code></a> evaluates to the maximum output size of any supported hash algorithm.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">hash_state_length</span></code></dt>
+<dd>On success, the number of bytes that make up the hash suspend state.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*hash_state_length)</span></code> bytes of <code class="docutils literal"><span class="pre">hash_state</span></code> contain the intermediate hash state.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be active.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">hash_state</span></code> buffer is too small.
+<a class="reference internal" href="#c.PSA_HASH_SUSPEND_OUTPUT_SIZE" title="PSA_HASH_SUSPEND_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_SUSPEND_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE" title="PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd>The hash algorithm being computed does not support suspend and resume.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The application must call <a class="reference internal" href="#c.psa_hash_setup" title="psa_hash_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_setup()</span></code></a> or <a class="reference internal" href="#c.psa_hash_resume" title="psa_hash_resume"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_resume()</span></code></a> before calling this function. This function extracts an intermediate state of the hash computation of the message formed by concatenating the inputs passed to preceding calls to <a class="reference internal" href="#c.psa_hash_update" title="psa_hash_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_update()</span></code></a>.</p>
+<p>This function can be used to halt a hash operation, and then resume the hash operation at a later time, or in another application, by transferring the extracted hash suspend state to a call to <a class="reference internal" href="#c.psa_hash_resume" title="psa_hash_resume"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_resume()</span></code></a>.</p>
+<p>When this function returns successfully, the operation becomes inactive. If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_hash_abort" title="psa_hash_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_abort()</span></code></a>.</p>
+<p>Hash suspend and resume is not defined for the SHA3 family of hash algorithms. <a class="reference internal" href="#hash-suspend-state"><span class="secref">Hash suspend state</span></a> defines the format of the output from <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a>.</p>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">Applications must not use any of the hash suspend state as if it was a hash output. Instead, the suspend state must only be used to resume a hash operation, and <a class="reference internal" href="#c.psa_hash_finish" title="psa_hash_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_finish()</span></code></a> or <a class="reference internal" href="#c.psa_hash_verify" title="psa_hash_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_verify()</span></code></a> can then calculate or verify the final hash value.</p>
+</div>
+<p class="rubric">Usage</p>
+<p>The sequence of operations to suspend and resume a hash operation is as follows:</p>
+<ol class="arabic simple">
+<li>Compute the first part of the hash.<ol class="loweralpha">
+<li>Allocate an operation object and initialize it as described in the documentation for <a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_hash_operation_t</span></code></a>.</li>
+<li>Call <a class="reference internal" href="#c.psa_hash_setup" title="psa_hash_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_setup()</span></code></a> to specify the algorithm.</li>
+<li>Call <a class="reference internal" href="#c.psa_hash_update" title="psa_hash_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_update()</span></code></a> zero, one or more times, passing a fragment of the message each time.</li>
+<li>Call <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a> to extract the hash suspend state into a buffer.</li>
+</ol>
+</li>
+<li>Pass the hash state buffer to the application which will resume the operation.</li>
+<li>Compute the rest of the hash.<ol class="loweralpha">
+<li>Allocate an operation object and initialize it as described in the documentation for <a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_hash_operation_t</span></code></a>.</li>
+<li>Call <a class="reference internal" href="#c.psa_hash_resume" title="psa_hash_resume"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_resume()</span></code></a> with the extracted hash state.</li>
+<li>Call <a class="reference internal" href="#c.psa_hash_update" title="psa_hash_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_update()</span></code></a> zero, one or more times, passing a fragment of the message each time.</li>
+<li>To calculate the hash, call <a class="reference internal" href="#c.psa_hash_finish" title="psa_hash_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_finish()</span></code></a>. To compare the hash with an expected value, call <a class="reference internal" href="#c.psa_hash_verify" title="psa_hash_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_verify()</span></code></a>.</li>
+</ol>
+</li>
+</ol>
+<p>If an error occurs at any step after a call to <a class="reference internal" href="#c.psa_hash_setup" title="psa_hash_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_setup()</span></code></a> or <a class="reference internal" href="#c.psa_hash_resume" title="psa_hash_resume"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_resume()</span></code></a>, the operation will need to be reset by a call to <a class="reference internal" href="#c.psa_hash_abort" title="psa_hash_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_abort()</span></code></a>. The application can call <a class="reference internal" href="#c.psa_hash_abort" title="psa_hash_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_abort()</span></code></a> at any time after the operation has been initialized.</p>
+</div>
+<div class="section" id="psa_hash_resume">
+<span id="c.psa_hash_resume"></span><h3><code class="docutils literal"><span class="pre">psa_hash_resume</span></code> (function)</h3>
+<p>Set up a multi-part hash operation using the hash suspend state from a previously suspended hash operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_hash_resume" title="psa_hash_resume">psa_hash_resume</a>(<a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * operation,
+ const uint8_t * hash_state,
+ size_t hash_state_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The operation object to set up. It must have been initialized as per the documentation for <a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_hash_operation_t</span></code></a> and not yet in use.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash_state</span></code></dt>
+<dd>A buffer containing the suspended hash state which is to be resumed. This must be in the format output by <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a>, which is described in <a class="reference internal" href="#hash-suspend-state-format"><span class="secref">Hash suspend state format</span></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash_state_length</span></code></dt>
+<dd>Length of <code class="docutils literal"><span class="pre">hash_state</span></code> in bytes.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be inactive.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">hash_state</span></code> does not correspond to a valid hash suspend state. See <a class="reference internal" href="#hash-suspend-state-format"><span class="secref">Hash suspend state format</span></a> for the definition.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd>The provided hash suspend state is for an algorithm that is not supported.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>See <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a> for an example of how to use this function to suspend and resume a hash operation.</p>
+<p>After a successful call to <a class="reference internal" href="#c.psa_hash_resume" title="psa_hash_resume"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_resume()</span></code></a>, the application must eventually terminate the operation. The following events terminate an operation:</p>
+<ul class="simple">
+<li>A successful call to <a class="reference internal" href="#c.psa_hash_finish" title="psa_hash_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_finish()</span></code></a>, <a class="reference internal" href="#c.psa_hash_verify" title="psa_hash_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_verify()</span></code></a> or <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a>.</li>
+<li>A call to <a class="reference internal" href="#c.psa_hash_abort" title="psa_hash_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_abort()</span></code></a>.</li>
+</ul>
+</div>
+<div class="section" id="psa_hash_clone">
+<span id="c.psa_hash_clone"></span><h3><code class="docutils literal"><span class="pre">psa_hash_clone</span></code> (function)</h3>
+<p>Clone a hash operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_hash_clone" title="psa_hash_clone">psa_hash_clone</a>(const <a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * source_operation,
+ <a class="reference internal" href="#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * target_operation);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">source_operation</span></code></dt>
+<dd>The active hash operation to clone.</dd>
+<dt> <code class="docutils literal"><span class="pre">target_operation</span></code></dt>
+<dd>The operation object to set up. It must be initialized but not active.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+<code class="docutils literal"><span class="pre">target_operation</span></code> is ready to continue the same hash operation as <code class="docutils literal"><span class="pre">source_operation</span></code>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The <code class="docutils literal"><span class="pre">source_operation</span></code> state is not valid: it must be active.</li>
+<li>The <code class="docutils literal"><span class="pre">target_operation</span></code> state is not valid: it must be inactive.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>This function copies the state of an ongoing hash operation to a new operation object. In other words, this function is equivalent to calling <a class="reference internal" href="#c.psa_hash_setup" title="psa_hash_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_setup()</span></code></a> on <code class="docutils literal"><span class="pre">target_operation</span></code> with the same algorithm that <code class="docutils literal"><span class="pre">source_operation</span></code> was set up for, then <a class="reference internal" href="#c.psa_hash_update" title="psa_hash_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_update()</span></code></a> on <code class="docutils literal"><span class="pre">target_operation</span></code> with the same input that that was passed to <code class="docutils literal"><span class="pre">source_operation</span></code>. After this function returns, the two objects are independent, i.e. subsequent calls involving one of the objects do not affect the other object.</p>
+</div>
+</div>
+<div class="section" id="support-macros">
+<h2>10.2.4. Support macros</h2>
+<div class="section" id="PSA_HASH_LENGTH">
+<span id="c.PSA_HASH_LENGTH"></span><h3><code class="docutils literal"><span class="pre">PSA_HASH_LENGTH</span></code> (macro)</h3>
+<p>The size of the output of <a class="reference internal" href="#c.psa_hash_compute" title="psa_hash_compute"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_compute()</span></code></a> and <a class="reference internal" href="#c.psa_hash_finish" title="psa_hash_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_finish()</span></code></a>, in bytes.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_HASH_LENGTH" title="PSA_HASH_LENGTH">PSA_HASH_LENGTH</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>A hash algorithm or an HMAC algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span> <span class="pre">||</span> </code><a class="reference internal" href="macs.html#c.PSA_ALG_IS_HMAC" title="PSA_ALG_IS_HMAC"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HMAC</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">))</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The hash length for the specified hash algorithm. If the hash algorithm is not recognized, return <code class="docutils literal"><span class="pre">0</span></code>. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or the correct size for a hash algorithm that it recognizes, but does not support.</p>
+<p class="rubric">Description</p>
+<p>This is also the hash length that <a class="reference internal" href="#c.psa_hash_compare" title="psa_hash_compare"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_compare()</span></code></a> and <a class="reference internal" href="#c.psa_hash_verify" title="psa_hash_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_verify()</span></code></a> expect.</p>
+<p>See also <a class="reference internal" href="#c.PSA_HASH_MAX_SIZE" title="PSA_HASH_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_HASH_MAX_SIZE">
+<span id="c.PSA_HASH_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_HASH_MAX_SIZE</span></code> (macro)</h3>
+<p>Maximum size of a hash.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_HASH_MAX_SIZE" title="PSA_HASH_MAX_SIZE">PSA_HASH_MAX_SIZE</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>It is recommended that this value is the maximum size of a hash supported by the implementation, in bytes. The value must not be smaller than this maximum.</p>
+<p>See also <a class="reference internal" href="#c.PSA_HASH_LENGTH" title="PSA_HASH_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_LENGTH()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_HASH_SUSPEND_OUTPUT_SIZE">
+<span id="c.PSA_HASH_SUSPEND_OUTPUT_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_HASH_SUSPEND_OUTPUT_SIZE</span></code> (macro)</h3>
+<p>A sufficient hash suspend state buffer size for <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a>, in bytes.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_HASH_SUSPEND_OUTPUT_SIZE" title="PSA_HASH_SUSPEND_OUTPUT_SIZE">PSA_HASH_SUSPEND_OUTPUT_SIZE</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>A hash algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>A sufficient output size for the algorithm. If the hash algorithm is not recognized, or is not supported by <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a>, return <code class="docutils literal"><span class="pre">0</span></code>. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or a correct size for a hash algorithm that it recognizes, but does not support.</p>
+<p>For a supported hash algorithm <code class="docutils literal"><span class="pre">alg</span></code>, the following expression is true:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.PSA_HASH_SUSPEND_OUTPUT_SIZE" title="PSA_HASH_SUSPEND_OUTPUT_SIZE">PSA_HASH_SUSPEND_OUTPUT_SIZE</a>(alg) == <a class="reference internal" href="#c.PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH" title="PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH">PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH</a> +
+ <a class="reference internal" href="#c.PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH" title="PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH">PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH</a>(alg) +
+ <a class="reference internal" href="#c.PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH" title="PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH">PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH</a>(alg) +
+ <a class="reference internal" href="#c.PSA_HASH_BLOCK_LENGTH" title="PSA_HASH_BLOCK_LENGTH">PSA_HASH_BLOCK_LENGTH</a>(alg) - 1
+</pre>
+<p class="rubric">Description</p>
+<p>If the size of the hash state buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a> will not fail due to an insufficient buffer size. The actual size of the output might be smaller in any given call.</p>
+<p>See also <a class="reference internal" href="#c.PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE" title="PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE">
+<span id="c.PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE</span></code> (macro)</h3>
+<p>A sufficient hash suspend state buffer size for <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a>, for any supported hash algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE" title="PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE">PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>If the size of the hash state buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_HASH_SUSPEND_OUTPUT_SIZE" title="PSA_HASH_SUSPEND_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_SUSPEND_OUTPUT_SIZE()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH">
+<span id="c.PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH"></span><h3><code class="docutils literal"><span class="pre">PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH</span></code> (macro)</h3>
+<p>The size of the <em>algorithm</em> field that is part of the output of <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a>, in bytes.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH" title="PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH">PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH</a> ((size_t)4)
+</pre>
+<p>Applications can use this value to unpack the hash suspend state that is output by <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH">
+<span id="c.PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH"></span><h3><code class="docutils literal"><span class="pre">PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH</span></code> (macro)</h3>
+<p>The size of the <em>input-length</em> field that is part of the output of <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a>, in bytes.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH" title="PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH">PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH</a>(alg) \
+ <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>A hash algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The size, in bytes, of the <em>input-length</em> field of the hash suspend state for the specified hash algorithm. If the hash algorithm is not recognized, return <code class="docutils literal"><span class="pre">0</span></code>. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or the correct size for a hash algorithm that it recognizes, but does not support.</p>
+<p>The algorithm-specific values are defined in <a class="reference internal" href="#hash-suspend-state-constants"><span class="secref">Hash suspend state field sizes</span></a>.</p>
+<p class="rubric">Description</p>
+<p>Applications can use this value to unpack the hash suspend state that is output by <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH">
+<span id="c.PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH"></span><h3><code class="docutils literal"><span class="pre">PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH</span></code> (macro)</h3>
+<p>The size of the <em>hash-state</em> field that is part of the output of <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a>, in bytes.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH" title="PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH">PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH</a>(alg) \
+ <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>A hash algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The size, in bytes, of the <em>hash-state</em> field of the hash suspend state for the specified hash algorithm. If the hash algorithm is not recognized, return <code class="docutils literal"><span class="pre">0</span></code>. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or the correct size for a hash algorithm that it recognizes, but does not support.</p>
+<p>The algorithm-specific values are defined in <a class="reference internal" href="#hash-suspend-state-constants"><span class="secref">Hash suspend state field sizes</span></a>.</p>
+<p class="rubric">Description</p>
+<p>Applications can use this value to unpack the hash suspend state that is output by <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_HASH_BLOCK_LENGTH">
+<span id="c.PSA_HASH_BLOCK_LENGTH"></span><h3><code class="docutils literal"><span class="pre">PSA_HASH_BLOCK_LENGTH</span></code> (macro)</h3>
+<p>The input block size of a hash algorithm, in bytes.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_HASH_BLOCK_LENGTH" title="PSA_HASH_BLOCK_LENGTH">PSA_HASH_BLOCK_LENGTH</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>A hash algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The block size in bytes for the specified hash algorithm. If the hash algorithm is not recognized, return <code class="docutils literal"><span class="pre">0</span></code>. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or the correct size for a hash algorithm that it recognizes, but does not support.</p>
+<p class="rubric">Description</p>
+<p>Hash algorithms process their input data in blocks. Hash operations will retain any partial blocks until they have enough input to fill the block or until the operation is finished.</p>
+<p>This affects the output from <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a>.</p>
+</div>
+</div>
+<div class="section" id="hash-suspend-state">
+<span id="id2"></span><h2>10.2.5. Hash suspend state</h2>
+<p>The hash suspend state is output by <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a> and input to <a class="reference internal" href="#c.psa_hash_resume" title="psa_hash_resume"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_resume()</span></code></a>.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">Hash suspend and resume is not defined for the SM3 algorithm and the SHA3 family of hash algorithms.</p>
+</div>
+<div class="section" id="hash-suspend-state-format">
+<span id="id3"></span><h3>Hash suspend state format</h3>
+<p>The hash suspend state has the following format:</p>
+<p><em>hash-suspend-state</em> = <em>algorithm</em> || <em>input-length</em> || <em>hash-state</em> || <em>unprocessed-input</em></p>
+<p>The fields in the hash suspend state are defined as follows:</p>
+<dl class="docutils">
+<dt><em>algorithm</em></dt>
+<dd><p class="first">A big-endian 32-bit unsigned integer.</p>
+<p>The PSA Crypto API algorithm identifier value.</p>
+<p class="last">The byte length of the <em>algorithm</em> field can be evaluated using <a class="reference internal" href="#c.PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH" title="PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH</span></code></a>.</p>
+</dd>
+<dt><em>input-length</em></dt>
+<dd><p class="first">A big-endian unsigned integer</p>
+<p>The content of this field is algorithm-specific:</p>
+<ul class="simple">
+<li>For MD2, this is the number of bytes in the <em>unprocessed-input</em>.</li>
+<li>For all other hash algorithms, this is the total number of bytes of input to the hash computation. This includes the <em>unprocessed-input</em> bytes.</li>
+</ul>
+<p>The size of this field is algorithm-specific:</p>
+<ul class="simple">
+<li>For MD2: <em>input-length</em> is an 8-bit unsigned integer.</li>
+<li>For MD4, MD5, RIPEMD-160, SHA-1, SHA-224, and SHA-256: <em>input-length</em> is a 64-bit unsigned integer.</li>
+<li>For SHA-512/224, SHA-512/256, SHA-384, and SHA-512: <em>input-length</em> is a 128-bit unsigned integer.</li>
+</ul>
+<p class="last">The length, in bytes, of the <em>input-length</em> field can be calculated using <a class="reference internal" href="#c.PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH" title="PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">alg</span></code> is a hash algorithm.
+See <a class="reference internal" href="#hash-suspend-state-constants"><span class="secref">Hash suspend state field sizes</span></a>.</p>
+</dd>
+<dt><em>hash-state</em></dt>
+<dd><p class="first">An array of bytes</p>
+<p>Algorithm-specific intermediate hash state:</p>
+<ul class="simple">
+<li>For MD2: 16 bytes of internal checksum, then 48 bytes of intermediate digest.</li>
+<li>For MD4 and MD5: 4x 32-bit integers, in little-endian encoding.</li>
+<li>For RIPEMD-160: 5x 32-bit integers, in little-endian encoding.</li>
+<li>For SHA-1: 5x 32-bit integers, in big-endian encoding.</li>
+<li>For SHA-224 and SHA-256: 8x 32-bit integers, in big-endian encoding.</li>
+<li>For SHA-512/224, SHA-512/256, SHA-384, and SHA-512: 8x 64-bit integers, in big-endian encoding.</li>
+</ul>
+<p class="last">The length of this field is specific to the algorithm.
+The length, in bytes, of the <em>hash-state</em> field can be calculated using <a class="reference internal" href="#c.PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH" title="PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">alg</span></code> is a hash algorithm.
+See <a class="reference internal" href="#hash-suspend-state-constants"><span class="secref">Hash suspend state field sizes</span></a>.</p>
+</dd>
+<dt><em>unprocessed-input</em></dt>
+<dd><p class="first">0 to (<em>hash-block-size</em>-1) bytes</p>
+<p>A partial block of unprocessed input data. This is between zero and <em>hash-block-size</em>-1 bytes of data, the length can be calculated by:</p>
+<p><code class="docutils literal"><span class="pre">length(</span></code><em>unprocessed-input</em><code class="docutils literal"><span class="pre">)</span></code> <code class="docutils literal"><span class="pre">=</span></code> <em>input-length</em> <code class="docutils literal"><span class="pre">%</span></code> <em>hash-block-size</em>.</p>
+<p class="last">The <em>hash-block-size</em> is specific to the algorithm.
+The size of a hash block can be calculated using <a class="reference internal" href="#c.PSA_HASH_BLOCK_LENGTH" title="PSA_HASH_BLOCK_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_BLOCK_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">alg</span></code> is a hash algorithm.
+See <a class="reference internal" href="#hash-suspend-state-constants"><span class="secref">Hash suspend state field sizes</span></a>.</p>
+</dd>
+</dl>
+</div>
+<div class="section" id="hash-suspend-state-field-sizes">
+<span id="hash-suspend-state-constants"></span><h3>Hash suspend state field sizes</h3>
+<p>The following table defines the algorithm-specific field lengths for the hash suspend state returned by <a class="reference internal" href="#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a>. All of the field lengths are in bytes. To compute the field lengths for algorithm <code class="docutils literal"><span class="pre">alg</span></code>, use the following expressions:</p>
+<ul class="simple">
+<li><a class="reference internal" href="#c.PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH" title="PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH</span></code></a> returns the length of the <em>algorithm</em> field.</li>
+<li><a class="reference internal" href="#c.PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH" title="PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> returns the length of the <em>input-length</em> field.</li>
+<li><a class="reference internal" href="#c.PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH" title="PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> returns the length of the <em>hash-state</em> field.</li>
+<li><a class="reference internal" href="#c.PSA_HASH_BLOCK_LENGTH" title="PSA_HASH_BLOCK_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_BLOCK_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)-1</span></code> is the maximum length of the <em>unprocessed-bytes</em> field.</li>
+<li><a class="reference internal" href="#c.PSA_HASH_SUSPEND_OUTPUT_SIZE" title="PSA_HASH_SUSPEND_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_HASH_SUSPEND_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> returns the maximum size of the hash suspend state.</li>
+</ul>
+<table border="1" class="colwidths-auto docutils align-left">
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Hash algorithm</th>
+<th class="head"><em>input-length</em> size (bytes)</th>
+<th class="head"><em>hash-state</em> length (bytes)</th>
+<th class="head"><em>unprocessed-bytes</em> length (bytes)</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td><a class="reference internal" href="#c.PSA_ALG_MD2" title="PSA_ALG_MD2"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_MD2</span></code></a></td>
+<td>1</td>
+<td>64</td>
+<td>0 – 15</td>
+</tr>
+<tr class="row-odd"><td><a class="reference internal" href="#c.PSA_ALG_MD4" title="PSA_ALG_MD4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_MD4</span></code></a></td>
+<td>8</td>
+<td>16</td>
+<td>0 – 63</td>
+</tr>
+<tr class="row-even"><td><a class="reference internal" href="#c.PSA_ALG_MD5" title="PSA_ALG_MD5"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_MD5</span></code></a></td>
+<td>8</td>
+<td>16</td>
+<td>0 – 63</td>
+</tr>
+<tr class="row-odd"><td><a class="reference internal" href="#c.PSA_ALG_RIPEMD160" title="PSA_ALG_RIPEMD160"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RIPEMD160</span></code></a></td>
+<td>8</td>
+<td>20</td>
+<td>0 – 63</td>
+</tr>
+<tr class="row-even"><td><a class="reference internal" href="#c.PSA_ALG_SHA_1" title="PSA_ALG_SHA_1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_1</span></code></a></td>
+<td>8</td>
+<td>20</td>
+<td>0 – 63</td>
+</tr>
+<tr class="row-odd"><td><a class="reference internal" href="#c.PSA_ALG_SHA_224" title="PSA_ALG_SHA_224"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_224</span></code></a></td>
+<td>8</td>
+<td>32</td>
+<td>0 – 63</td>
+</tr>
+<tr class="row-even"><td><a class="reference internal" href="#c.PSA_ALG_SHA_256" title="PSA_ALG_SHA_256"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_256</span></code></a></td>
+<td>8</td>
+<td>32</td>
+<td>0 – 63</td>
+</tr>
+<tr class="row-odd"><td><a class="reference internal" href="#c.PSA_ALG_SHA_512_224" title="PSA_ALG_SHA_512_224"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_512_224</span></code></a></td>
+<td>16</td>
+<td>64</td>
+<td>0 – 127</td>
+</tr>
+<tr class="row-even"><td><a class="reference internal" href="#c.PSA_ALG_SHA_512_256" title="PSA_ALG_SHA_512_256"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_512_256</span></code></a></td>
+<td>16</td>
+<td>64</td>
+<td>0 – 127</td>
+</tr>
+<tr class="row-odd"><td><a class="reference internal" href="#c.PSA_ALG_SHA_384" title="PSA_ALG_SHA_384"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_384</span></code></a></td>
+<td>16</td>
+<td>64</td>
+<td>0 – 127</td>
+</tr>
+<tr class="row-even"><td><a class="reference internal" href="#c.PSA_ALG_SHA_512" title="PSA_ALG_SHA_512"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_512</span></code></a></td>
+<td>16</td>
+<td>64</td>
+<td>0 – 127</td>
+</tr>
+</tbody>
+</table>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">10. Cryptographic operation reference</a><ul class="current">
+<li class="toctree-l2"><a class="reference internal" href="algorithms.html">10.1. Algorithms</a></li>
+<li class="toctree-l2 current"><a class="current reference internal" href="#">10.2. Message digests (Hashes)</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#hash-algorithms">10.2.1. Hash algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#single-part-hashing-functions">10.2.2. Single-part hashing functions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#multi-part-hashing-operations">10.2.3. Multi-part hashing operations</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#support-macros">10.2.4. Support macros</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#hash-suspend-state">10.2.5. Hash suspend state</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="macs.html">10.3. Message authentication codes (MAC)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ciphers.html">10.4. Unauthenticated ciphers</a></li>
+<li class="toctree-l2"><a class="reference internal" href="aead.html">10.5. Authenticated encryption with associated data (AEAD)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="kdf.html">10.6. Key derivation</a></li>
+<li class="toctree-l2"><a class="reference internal" href="sign.html">10.7. Asymmetric signature</a></li>
+<li class="toctree-l2"><a class="reference internal" href="pke.html">10.8. Asymmetric encryption</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ka.html">10.9. Key agreement</a></li>
+<li class="toctree-l2"><a class="reference internal" href="rng.html">10.10. Other cryptographic services</a></li>
+</ul>
+</li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/ops/index.html b/docs/1.1.0/html/api/ops/index.html
new file mode 100644
index 0000000..db4e98a
--- /dev/null
+++ b/docs/1.1.0/html/api/ops/index.html
@@ -0,0 +1,484 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>10. Cryptographic operation reference — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="10.1. Algorithms" href="algorithms.html" />
+ <link rel="prev" title="9.6. Key management functions" href="../keys/management.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="cryptographic-operation-reference">
+<span id="crypto-operations"></span><h1>10. Cryptographic operation reference</h1>
+<div class="toctree-wrapper compound">
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="algorithms.html">10.1. Algorithms</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="algorithms.html#algorithm-encoding">10.1.1. Algorithm encoding</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="algorithms.html#psa_algorithm_t"><code class="docutils literal"><span class="pre">psa_algorithm_t</span></code> (type)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="algorithms.html#PSA_ALG_NONE"><code class="docutils literal"><span class="pre">PSA_ALG_NONE</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="algorithms.html#algorithm-categories">10.1.2. Algorithm categories</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="algorithms.html#PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="algorithms.html#PSA_ALG_IS_MAC"><code class="docutils literal"><span class="pre">PSA_ALG_IS_MAC</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="algorithms.html#PSA_ALG_IS_CIPHER"><code class="docutils literal"><span class="pre">PSA_ALG_IS_CIPHER</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="algorithms.html#PSA_ALG_IS_AEAD"><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="algorithms.html#PSA_ALG_IS_SIGN"><code class="docutils literal"><span class="pre">PSA_ALG_IS_SIGN</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="algorithms.html#PSA_ALG_IS_ASYMMETRIC_ENCRYPTION"><code class="docutils literal"><span class="pre">PSA_ALG_IS_ASYMMETRIC_ENCRYPTION</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="algorithms.html#PSA_ALG_IS_KEY_AGREEMENT"><code class="docutils literal"><span class="pre">PSA_ALG_IS_KEY_AGREEMENT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="algorithms.html#PSA_ALG_IS_KEY_DERIVATION"><code class="docutils literal"><span class="pre">PSA_ALG_IS_KEY_DERIVATION</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="algorithms.html#PSA_ALG_IS_WILDCARD"><code class="docutils literal"><span class="pre">PSA_ALG_IS_WILDCARD</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="algorithms.html#PSA_ALG_GET_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_GET_HASH</span></code> (macro)</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="hashes.html">10.2. Message digests (Hashes)</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="hashes.html#hash-algorithms">10.2.1. Hash algorithms</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_ALG_MD2"><code class="docutils literal"><span class="pre">PSA_ALG_MD2</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_ALG_MD4"><code class="docutils literal"><span class="pre">PSA_ALG_MD4</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_ALG_MD5"><code class="docutils literal"><span class="pre">PSA_ALG_MD5</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_ALG_RIPEMD160"><code class="docutils literal"><span class="pre">PSA_ALG_RIPEMD160</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_ALG_SHA_1"><code class="docutils literal"><span class="pre">PSA_ALG_SHA_1</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_ALG_SHA_224"><code class="docutils literal"><span class="pre">PSA_ALG_SHA_224</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_ALG_SHA_256"><code class="docutils literal"><span class="pre">PSA_ALG_SHA_256</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_ALG_SHA_384"><code class="docutils literal"><span class="pre">PSA_ALG_SHA_384</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_ALG_SHA_512"><code class="docutils literal"><span class="pre">PSA_ALG_SHA_512</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_ALG_SHA_512_224"><code class="docutils literal"><span class="pre">PSA_ALG_SHA_512_224</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_ALG_SHA_512_256"><code class="docutils literal"><span class="pre">PSA_ALG_SHA_512_256</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_ALG_SHA3_224"><code class="docutils literal"><span class="pre">PSA_ALG_SHA3_224</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_ALG_SHA3_256"><code class="docutils literal"><span class="pre">PSA_ALG_SHA3_256</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_ALG_SHA3_384"><code class="docutils literal"><span class="pre">PSA_ALG_SHA3_384</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_ALG_SHA3_512"><code class="docutils literal"><span class="pre">PSA_ALG_SHA3_512</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_ALG_SHAKE256_512"><code class="docutils literal"><span class="pre">PSA_ALG_SHAKE256_512</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_ALG_SM3"><code class="docutils literal"><span class="pre">PSA_ALG_SM3</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="hashes.html#single-part-hashing-functions">10.2.2. Single-part hashing functions</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#psa_hash_compute"><code class="docutils literal"><span class="pre">psa_hash_compute</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#psa_hash_compare"><code class="docutils literal"><span class="pre">psa_hash_compare</span></code> (function)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="hashes.html#multi-part-hashing-operations">10.2.3. Multi-part hashing operations</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#psa_hash_operation_t"><code class="docutils literal"><span class="pre">psa_hash_operation_t</span></code> (type)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_HASH_OPERATION_INIT"><code class="docutils literal"><span class="pre">PSA_HASH_OPERATION_INIT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#psa_hash_operation_init"><code class="docutils literal"><span class="pre">psa_hash_operation_init</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#psa_hash_setup"><code class="docutils literal"><span class="pre">psa_hash_setup</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#psa_hash_update"><code class="docutils literal"><span class="pre">psa_hash_update</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#psa_hash_finish"><code class="docutils literal"><span class="pre">psa_hash_finish</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#psa_hash_verify"><code class="docutils literal"><span class="pre">psa_hash_verify</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#psa_hash_abort"><code class="docutils literal"><span class="pre">psa_hash_abort</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#psa_hash_suspend"><code class="docutils literal"><span class="pre">psa_hash_suspend</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#psa_hash_resume"><code class="docutils literal"><span class="pre">psa_hash_resume</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#psa_hash_clone"><code class="docutils literal"><span class="pre">psa_hash_clone</span></code> (function)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="hashes.html#support-macros">10.2.4. Support macros</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_HASH_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_LENGTH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_HASH_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_HASH_MAX_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_HASH_SUSPEND_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_HASH_SUSPEND_OUTPUT_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#PSA_HASH_BLOCK_LENGTH"><code class="docutils literal"><span class="pre">PSA_HASH_BLOCK_LENGTH</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="hashes.html#hash-suspend-state">10.2.5. Hash suspend state</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#hash-suspend-state-format">Hash suspend state format</a></li>
+<li class="toctree-l3"><a class="reference internal" href="hashes.html#hash-suspend-state-field-sizes">Hash suspend state field sizes</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="macs.html">10.3. Message authentication codes (MAC)</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="macs.html#mac-algorithms">10.3.1. MAC algorithms</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#PSA_ALG_HMAC"><code class="docutils literal"><span class="pre">PSA_ALG_HMAC</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#PSA_ALG_CBC_MAC"><code class="docutils literal"><span class="pre">PSA_ALG_CBC_MAC</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#PSA_ALG_CMAC"><code class="docutils literal"><span class="pre">PSA_ALG_CMAC</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#PSA_ALG_TRUNCATED_MAC"><code class="docutils literal"><span class="pre">PSA_ALG_TRUNCATED_MAC</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#PSA_ALG_FULL_LENGTH_MAC"><code class="docutils literal"><span class="pre">PSA_ALG_FULL_LENGTH_MAC</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#PSA_ALG_AT_LEAST_THIS_LENGTH_MAC"><code class="docutils literal"><span class="pre">PSA_ALG_AT_LEAST_THIS_LENGTH_MAC</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="macs.html#single-part-mac-functions">10.3.2. Single-part MAC functions</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#psa_mac_compute"><code class="docutils literal"><span class="pre">psa_mac_compute</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#psa_mac_verify"><code class="docutils literal"><span class="pre">psa_mac_verify</span></code> (function)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="macs.html#multi-part-mac-operations">10.3.3. Multi-part MAC operations</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#psa_mac_operation_t"><code class="docutils literal"><span class="pre">psa_mac_operation_t</span></code> (type)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#PSA_MAC_OPERATION_INIT"><code class="docutils literal"><span class="pre">PSA_MAC_OPERATION_INIT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#psa_mac_operation_init"><code class="docutils literal"><span class="pre">psa_mac_operation_init</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#psa_mac_sign_setup"><code class="docutils literal"><span class="pre">psa_mac_sign_setup</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#psa_mac_verify_setup"><code class="docutils literal"><span class="pre">psa_mac_verify_setup</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#psa_mac_update"><code class="docutils literal"><span class="pre">psa_mac_update</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#psa_mac_sign_finish"><code class="docutils literal"><span class="pre">psa_mac_sign_finish</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#psa_mac_verify_finish"><code class="docutils literal"><span class="pre">psa_mac_verify_finish</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#psa_mac_abort"><code class="docutils literal"><span class="pre">psa_mac_abort</span></code> (function)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="macs.html#support-macros">10.3.4. Support macros</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#PSA_ALG_IS_HMAC"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HMAC</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#PSA_ALG_IS_BLOCK_CIPHER_MAC"><code class="docutils literal"><span class="pre">PSA_ALG_IS_BLOCK_CIPHER_MAC</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#PSA_MAC_LENGTH"><code class="docutils literal"><span class="pre">PSA_MAC_LENGTH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="macs.html#PSA_MAC_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_MAC_MAX_SIZE</span></code> (macro)</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="ciphers.html">10.4. Unauthenticated ciphers</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="ciphers.html#cipher-algorithms">10.4.1. Cipher algorithms</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_ALG_STREAM_CIPHER"><code class="docutils literal"><span class="pre">PSA_ALG_STREAM_CIPHER</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_ALG_CTR"><code class="docutils literal"><span class="pre">PSA_ALG_CTR</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_ALG_CFB"><code class="docutils literal"><span class="pre">PSA_ALG_CFB</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_ALG_OFB"><code class="docutils literal"><span class="pre">PSA_ALG_OFB</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_ALG_XTS"><code class="docutils literal"><span class="pre">PSA_ALG_XTS</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_ALG_ECB_NO_PADDING"><code class="docutils literal"><span class="pre">PSA_ALG_ECB_NO_PADDING</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_ALG_CBC_NO_PADDING"><code class="docutils literal"><span class="pre">PSA_ALG_CBC_NO_PADDING</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_ALG_CBC_PKCS7"><code class="docutils literal"><span class="pre">PSA_ALG_CBC_PKCS7</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="ciphers.html#single-part-cipher-functions">10.4.2. Single-part cipher functions</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#psa_cipher_encrypt"><code class="docutils literal"><span class="pre">psa_cipher_encrypt</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#psa_cipher_decrypt"><code class="docutils literal"><span class="pre">psa_cipher_decrypt</span></code> (function)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="ciphers.html#multi-part-cipher-operations">10.4.3. Multi-part cipher operations</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#psa_cipher_operation_t"><code class="docutils literal"><span class="pre">psa_cipher_operation_t</span></code> (type)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_CIPHER_OPERATION_INIT"><code class="docutils literal"><span class="pre">PSA_CIPHER_OPERATION_INIT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#psa_cipher_operation_init"><code class="docutils literal"><span class="pre">psa_cipher_operation_init</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#psa_cipher_encrypt_setup"><code class="docutils literal"><span class="pre">psa_cipher_encrypt_setup</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#psa_cipher_decrypt_setup"><code class="docutils literal"><span class="pre">psa_cipher_decrypt_setup</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#psa_cipher_generate_iv"><code class="docutils literal"><span class="pre">psa_cipher_generate_iv</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#psa_cipher_set_iv"><code class="docutils literal"><span class="pre">psa_cipher_set_iv</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#psa_cipher_update"><code class="docutils literal"><span class="pre">psa_cipher_update</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#psa_cipher_finish"><code class="docutils literal"><span class="pre">psa_cipher_finish</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#psa_cipher_abort"><code class="docutils literal"><span class="pre">psa_cipher_abort</span></code> (function)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="ciphers.html#support-macros">10.4.4. Support macros</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_ALG_IS_STREAM_CIPHER"><code class="docutils literal"><span class="pre">PSA_ALG_IS_STREAM_CIPHER</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_CIPHER_ENCRYPT_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_CIPHER_ENCRYPT_OUTPUT_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_CIPHER_DECRYPT_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_CIPHER_DECRYPT_OUTPUT_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_CIPHER_IV_LENGTH"><code class="docutils literal"><span class="pre">PSA_CIPHER_IV_LENGTH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_CIPHER_IV_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_CIPHER_IV_MAX_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_CIPHER_UPDATE_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_CIPHER_UPDATE_OUTPUT_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_CIPHER_FINISH_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_CIPHER_FINISH_OUTPUT_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_BLOCK_CIPHER_BLOCK_LENGTH"><code class="docutils literal"><span class="pre">PSA_BLOCK_CIPHER_BLOCK_LENGTH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ciphers.html#PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE</span></code> (macro)</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="aead.html">10.5. Authenticated encryption with associated data (AEAD)</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="aead.html#aead-algorithms">10.5.1. AEAD algorithms</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_ALG_CCM"><code class="docutils literal"><span class="pre">PSA_ALG_CCM</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_ALG_GCM"><code class="docutils literal"><span class="pre">PSA_ALG_GCM</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_ALG_CHACHA20_POLY1305"><code class="docutils literal"><span class="pre">PSA_ALG_CHACHA20_POLY1305</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_ALG_AEAD_WITH_SHORTENED_TAG"><code class="docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_SHORTENED_TAG</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG"><code class="docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG"><code class="docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="aead.html#single-part-aead-functions">10.5.2. Single-part AEAD functions</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#psa_aead_encrypt"><code class="docutils literal"><span class="pre">psa_aead_encrypt</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#psa_aead_decrypt"><code class="docutils literal"><span class="pre">psa_aead_decrypt</span></code> (function)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="aead.html#multi-part-aead-operations">10.5.3. Multi-part AEAD operations</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#psa_aead_operation_t"><code class="docutils literal"><span class="pre">psa_aead_operation_t</span></code> (type)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_AEAD_OPERATION_INIT"><code class="docutils literal"><span class="pre">PSA_AEAD_OPERATION_INIT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#psa_aead_operation_init"><code class="docutils literal"><span class="pre">psa_aead_operation_init</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#psa_aead_encrypt_setup"><code class="docutils literal"><span class="pre">psa_aead_encrypt_setup</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#psa_aead_decrypt_setup"><code class="docutils literal"><span class="pre">psa_aead_decrypt_setup</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#psa_aead_set_lengths"><code class="docutils literal"><span class="pre">psa_aead_set_lengths</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#psa_aead_generate_nonce"><code class="docutils literal"><span class="pre">psa_aead_generate_nonce</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#psa_aead_set_nonce"><code class="docutils literal"><span class="pre">psa_aead_set_nonce</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#psa_aead_update_ad"><code class="docutils literal"><span class="pre">psa_aead_update_ad</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#psa_aead_update"><code class="docutils literal"><span class="pre">psa_aead_update</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#psa_aead_finish"><code class="docutils literal"><span class="pre">psa_aead_finish</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#psa_aead_verify"><code class="docutils literal"><span class="pre">psa_aead_verify</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#psa_aead_abort"><code class="docutils literal"><span class="pre">psa_aead_abort</span></code> (function)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="aead.html#support-macros">10.5.4. Support macros</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER"><code class="docutils literal"><span class="pre">PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_AEAD_ENCRYPT_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_ENCRYPT_OUTPUT_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_AEAD_DECRYPT_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_DECRYPT_OUTPUT_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_AEAD_NONCE_LENGTH"><code class="docutils literal"><span class="pre">PSA_AEAD_NONCE_LENGTH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_AEAD_NONCE_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_NONCE_MAX_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_AEAD_UPDATE_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_UPDATE_OUTPUT_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_AEAD_FINISH_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_FINISH_OUTPUT_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_AEAD_FINISH_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_FINISH_OUTPUT_MAX_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_AEAD_TAG_LENGTH"><code class="docutils literal"><span class="pre">PSA_AEAD_TAG_LENGTH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_AEAD_TAG_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_TAG_MAX_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_AEAD_VERIFY_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_VERIFY_OUTPUT_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="aead.html#PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE</span></code> (macro)</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="kdf.html">10.6. Key derivation</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="kdf.html#key-derivation-algorithms">10.6.1. Key derivation algorithms</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_ALG_HKDF"><code class="docutils literal"><span class="pre">PSA_ALG_HKDF</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_ALG_TLS12_PRF"><code class="docutils literal"><span class="pre">PSA_ALG_TLS12_PRF</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_ALG_TLS12_PSK_TO_MS"><code class="docutils literal"><span class="pre">PSA_ALG_TLS12_PSK_TO_MS</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_ALG_PBKDF2_HMAC"><code class="docutils literal"><span class="pre">PSA_ALG_PBKDF2_HMAC</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_ALG_PBKDF2_AES_CMAC_PRF_128"><code class="docutils literal"><span class="pre">PSA_ALG_PBKDF2_AES_CMAC_PRF_128</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="kdf.html#input-step-types">10.6.2. Input step types</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#psa_key_derivation_step_t"><code class="docutils literal"><span class="pre">psa_key_derivation_step_t</span></code> (type)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_KEY_DERIVATION_INPUT_SECRET"><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SECRET</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_KEY_DERIVATION_INPUT_PASSWORD"><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_PASSWORD</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_KEY_DERIVATION_INPUT_LABEL"><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_LABEL</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_KEY_DERIVATION_INPUT_CONTEXT"><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_CONTEXT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_KEY_DERIVATION_INPUT_SALT"><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SALT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_KEY_DERIVATION_INPUT_INFO"><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_INFO</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_KEY_DERIVATION_INPUT_SEED"><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SEED</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_KEY_DERIVATION_INPUT_COST"><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_COST</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="kdf.html#key-derivation-functions">10.6.3. Key derivation functions</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#psa_key_derivation_operation_t"><code class="docutils literal"><span class="pre">psa_key_derivation_operation_t</span></code> (type)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_KEY_DERIVATION_OPERATION_INIT"><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_OPERATION_INIT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#psa_key_derivation_operation_init"><code class="docutils literal"><span class="pre">psa_key_derivation_operation_init</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#psa_key_derivation_setup"><code class="docutils literal"><span class="pre">psa_key_derivation_setup</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#psa_key_derivation_get_capacity"><code class="docutils literal"><span class="pre">psa_key_derivation_get_capacity</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#psa_key_derivation_set_capacity"><code class="docutils literal"><span class="pre">psa_key_derivation_set_capacity</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#psa_key_derivation_input_bytes"><code class="docutils literal"><span class="pre">psa_key_derivation_input_bytes</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#psa_key_derivation_input_integer"><code class="docutils literal"><span class="pre">psa_key_derivation_input_integer</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#psa_key_derivation_input_key"><code class="docutils literal"><span class="pre">psa_key_derivation_input_key</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#psa_key_derivation_output_bytes"><code class="docutils literal"><span class="pre">psa_key_derivation_output_bytes</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#psa_key_derivation_output_key"><code class="docutils literal"><span class="pre">psa_key_derivation_output_key</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#psa_key_derivation_verify_bytes"><code class="docutils literal"><span class="pre">psa_key_derivation_verify_bytes</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#psa_key_derivation_verify_key"><code class="docutils literal"><span class="pre">psa_key_derivation_verify_key</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#psa_key_derivation_abort"><code class="docutils literal"><span class="pre">psa_key_derivation_abort</span></code> (function)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="kdf.html#support-macros">10.6.4. Support macros</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_ALG_IS_KEY_DERIVATION_STRETCHING"><code class="docutils literal"><span class="pre">PSA_ALG_IS_KEY_DERIVATION_STRETCHING</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_ALG_IS_HKDF"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HKDF</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_ALG_IS_TLS12_PRF"><code class="docutils literal"><span class="pre">PSA_ALG_IS_TLS12_PRF</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_ALG_IS_TLS12_PSK_TO_MS"><code class="docutils literal"><span class="pre">PSA_ALG_IS_TLS12_PSK_TO_MS</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_ALG_IS_PBKDF2_HMAC"><code class="docutils literal"><span class="pre">PSA_ALG_IS_PBKDF2_HMAC</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_KEY_DERIVATION_UNLIMITED_CAPACITY"><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_UNLIMITED_CAPACITY</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="kdf.html#PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE</span></code> (macro)</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="sign.html">10.7. Asymmetric signature</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="sign.html#asymmetric-signature-algorithms">10.7.1. Asymmetric signature algorithms</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_RSA_PKCS1V15_SIGN"><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_RSA_PKCS1V15_SIGN_RAW"><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_RSA_PSS"><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PSS</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_RSA_PSS_ANY_SALT"><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PSS_ANY_SALT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_ECDSA"><code class="docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_ECDSA_ANY"><code class="docutils literal"><span class="pre">PSA_ALG_ECDSA_ANY</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_DETERMINISTIC_ECDSA"><code class="docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_PURE_EDDSA"><code class="docutils literal"><span class="pre">PSA_ALG_PURE_EDDSA</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_ED25519PH"><code class="docutils literal"><span class="pre">PSA_ALG_ED25519PH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_ED448PH"><code class="docutils literal"><span class="pre">PSA_ALG_ED448PH</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="sign.html#asymmetric-signature-functions">10.7.2. Asymmetric signature functions</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#psa_sign_message"><code class="docutils literal"><span class="pre">psa_sign_message</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#psa_verify_message"><code class="docutils literal"><span class="pre">psa_verify_message</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#psa_sign_hash"><code class="docutils literal"><span class="pre">psa_sign_hash</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#psa_verify_hash"><code class="docutils literal"><span class="pre">psa_verify_hash</span></code> (function)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="sign.html#support-macros">10.7.3. Support macros</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_IS_SIGN_MESSAGE"><code class="docutils literal"><span class="pre">PSA_ALG_IS_SIGN_MESSAGE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_IS_SIGN_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_SIGN_HASH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_IS_RSA_PKCS1V15_SIGN"><code class="docutils literal"><span class="pre">PSA_ALG_IS_RSA_PKCS1V15_SIGN</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_IS_RSA_PSS"><code class="docutils literal"><span class="pre">PSA_ALG_IS_RSA_PSS</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_IS_RSA_PSS_ANY_SALT"><code class="docutils literal"><span class="pre">PSA_ALG_IS_RSA_PSS_ANY_SALT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_IS_RSA_PSS_STANDARD_SALT"><code class="docutils literal"><span class="pre">PSA_ALG_IS_RSA_PSS_STANDARD_SALT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_IS_ECDSA"><code class="docutils literal"><span class="pre">PSA_ALG_IS_ECDSA</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_IS_DETERMINISTIC_ECDSA"><code class="docutils literal"><span class="pre">PSA_ALG_IS_DETERMINISTIC_ECDSA</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_IS_RANDOMIZED_ECDSA"><code class="docutils literal"><span class="pre">PSA_ALG_IS_RANDOMIZED_ECDSA</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_IS_HASH_EDDSA"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH_EDDSA</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_IS_HASH_AND_SIGN"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH_AND_SIGN</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_ALG_ANY_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_SIGN_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_SIGN_OUTPUT_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="sign.html#PSA_SIGNATURE_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_SIGNATURE_MAX_SIZE</span></code> (macro)</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="pke.html">10.8. Asymmetric encryption</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="pke.html#asymmetric-encryption-algorithms">10.8.1. Asymmetric encryption algorithms</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="pke.html#PSA_ALG_RSA_PKCS1V15_CRYPT"><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_CRYPT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="pke.html#PSA_ALG_RSA_OAEP"><code class="docutils literal"><span class="pre">PSA_ALG_RSA_OAEP</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="pke.html#asymmetric-encryption-functions">10.8.2. Asymmetric encryption functions</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="pke.html#psa_asymmetric_encrypt"><code class="docutils literal"><span class="pre">psa_asymmetric_encrypt</span></code> (function)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="pke.html#psa_asymmetric_decrypt"><code class="docutils literal"><span class="pre">psa_asymmetric_decrypt</span></code> (function)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="pke.html#support-macros">10.8.3. Support macros</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="pke.html#PSA_ALG_IS_RSA_OAEP"><code class="docutils literal"><span class="pre">PSA_ALG_IS_RSA_OAEP</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="pke.html#PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="pke.html#PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="pke.html#PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="pke.html#PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE</span></code> (macro)</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="ka.html">10.9. Key agreement</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="ka.html#key-agreement-algorithms">10.9.1. Key agreement algorithms</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="ka.html#PSA_ALG_FFDH"><code class="docutils literal"><span class="pre">PSA_ALG_FFDH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ka.html#PSA_ALG_ECDH"><code class="docutils literal"><span class="pre">PSA_ALG_ECDH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ka.html#PSA_ALG_KEY_AGREEMENT"><code class="docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT</span></code> (macro)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="ka.html#standalone-key-agreement">10.9.2. Standalone key agreement</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="ka.html#psa_raw_key_agreement"><code class="docutils literal"><span class="pre">psa_raw_key_agreement</span></code> (function)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="ka.html#combining-key-agreement-and-key-derivation">10.9.3. Combining key agreement and key derivation</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="ka.html#psa_key_derivation_key_agreement"><code class="docutils literal"><span class="pre">psa_key_derivation_key_agreement</span></code> (function)</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="ka.html#support-macros">10.9.4. Support macros</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="ka.html#PSA_ALG_KEY_AGREEMENT_GET_BASE"><code class="docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT_GET_BASE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ka.html#PSA_ALG_KEY_AGREEMENT_GET_KDF"><code class="docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT_GET_KDF</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ka.html#PSA_ALG_IS_RAW_KEY_AGREEMENT"><code class="docutils literal"><span class="pre">PSA_ALG_IS_RAW_KEY_AGREEMENT</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ka.html#PSA_ALG_IS_FFDH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_FFDH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ka.html#PSA_ALG_IS_ECDH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_ECDH</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ka.html#PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE</span></code> (macro)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="ka.html#PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE"><code class="docutils literal"><span class="pre">PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE</span></code> (macro)</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="rng.html">10.10. Other cryptographic services</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="rng.html#random-number-generation">10.10.1. Random number generation</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="rng.html#psa_generate_random"><code class="docutils literal"><span class="pre">psa_generate_random</span></code> (function)</a></li>
+</ul>
+</li>
+</ul>
+</li>
+</ul>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1 current"><a class="current reference internal" href="#">10. Cryptographic operation reference</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="algorithms.html">10.1. Algorithms</a></li>
+<li class="toctree-l2"><a class="reference internal" href="hashes.html">10.2. Message digests (Hashes)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="macs.html">10.3. Message authentication codes (MAC)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ciphers.html">10.4. Unauthenticated ciphers</a></li>
+<li class="toctree-l2"><a class="reference internal" href="aead.html">10.5. Authenticated encryption with associated data (AEAD)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="kdf.html">10.6. Key derivation</a></li>
+<li class="toctree-l2"><a class="reference internal" href="sign.html">10.7. Asymmetric signature</a></li>
+<li class="toctree-l2"><a class="reference internal" href="pke.html">10.8. Asymmetric encryption</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ka.html">10.9. Key agreement</a></li>
+<li class="toctree-l2"><a class="reference internal" href="rng.html">10.10. Other cryptographic services</a></li>
+</ul>
+</li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/ops/ka.html b/docs/1.1.0/html/api/ops/ka.html
new file mode 100644
index 0000000..a7edfe6
--- /dev/null
+++ b/docs/1.1.0/html/api/ops/ka.html
@@ -0,0 +1,498 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>10.9. Key agreement — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="10.10. Other cryptographic services" href="rng.html" />
+ <link rel="prev" title="10.8. Asymmetric encryption" href="pke.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="key-agreement">
+<span id="id1"></span><h1>10.9. Key agreement</h1>
+<p>Two functions are provided for a Diffie-Hellman-style key agreement where each party combines its own private key with the peer’s public key.</p>
+<ul class="simple">
+<li>The recommended approach is to use a <a class="reference internal" href="kdf.html#kdf"><span class="std std-ref">key derivation operation</span></a> with the <a class="reference internal" href="#c.psa_key_derivation_key_agreement" title="psa_key_derivation_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_key_agreement()</span></code></a> input function, which calculates a shared secret for the key derivation function.</li>
+<li>Where an application needs direct access to the shared secret, it can call <a class="reference internal" href="#c.psa_raw_key_agreement" title="psa_raw_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_raw_key_agreement()</span></code></a> instead. Note that in general the shared secret is not directly suitable for use as a key because it is biased.</li>
+</ul>
+<div class="section" id="key-agreement-algorithms">
+<span id="id2"></span><h2>10.9.1. Key agreement algorithms</h2>
+<div class="section" id="PSA_ALG_FFDH">
+<span id="c.PSA_ALG_FFDH"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_FFDH</span></code> (macro)</h3>
+<p>The finite-field Diffie-Hellman (DH) key agreement algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_FFDH" title="PSA_ALG_FFDH">PSA_ALG_FFDH</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x09010000)
+</pre>
+<p>This algorithm can be used directly in a call to <a class="reference internal" href="#c.psa_raw_key_agreement" title="psa_raw_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_raw_key_agreement()</span></code></a>, or combined with a key derivation operation using <a class="reference internal" href="#c.PSA_ALG_KEY_AGREEMENT" title="PSA_ALG_KEY_AGREEMENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT()</span></code></a> for use with <a class="reference internal" href="#c.psa_key_derivation_key_agreement" title="psa_key_derivation_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_key_agreement()</span></code></a>.</p>
+<p>When used as a key’s permitted algorithm policy, the following uses are permitted:</p>
+<ul class="simple">
+<li>In a call to <a class="reference internal" href="#c.psa_raw_key_agreement" title="psa_raw_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_raw_key_agreement()</span></code></a>, with algorithm <a class="reference internal" href="#c.PSA_ALG_FFDH" title="PSA_ALG_FFDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_FFDH</span></code></a>.</li>
+<li>In a call to <a class="reference internal" href="#c.psa_key_derivation_key_agreement" title="psa_key_derivation_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_key_agreement()</span></code></a>, with any combined key agreement and key derivation algorithm constructed with <a class="reference internal" href="#c.PSA_ALG_FFDH" title="PSA_ALG_FFDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_FFDH</span></code></a>.</li>
+</ul>
+<p>When used as part of a multi-part key derivation operation, this implements a Diffie-Hellman key agreement scheme using a single Diffie-Hellman key-pair for each participant. This includes the <em>dhEphem</em>, <em>dhOneFlow</em>, and <em>dhStatic</em> schemes. The input step <a class="reference internal" href="kdf.html#c.PSA_KEY_DERIVATION_INPUT_SECRET" title="PSA_KEY_DERIVATION_INPUT_SECRET"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SECRET</span></code></a> is used when providing the secret and peer keys to the operation.</p>
+<p>The shared secret produced by this key agreement algorithm is <code class="docutils literal"><span class="pre">g^{ab}</span></code> in big-endian format. It is <code class="docutils literal"><span class="pre">ceiling(m</span> <span class="pre">/</span> <span class="pre">8)</span></code> bytes long where <code class="docutils literal"><span class="pre">m</span></code> is the size of the prime <code class="docutils literal"><span class="pre">p</span></code> in bits.</p>
+<p>This key agreement scheme is defined by <span><em>NIST Special Publication 800-56A: Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography</em> <a class="reference internal" href="../../about.html#citation-sp800-56a"><span class="cite">[SP800-56A]</span></a></span> §5.7.1.1 under the name FFC DH.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DH_KEY_PAIR" title="PSA_KEY_TYPE_DH_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DH_KEY_PAIR()</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_ECDH">
+<span id="c.PSA_ALG_ECDH"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_ECDH</span></code> (macro)</h3>
+<p>The elliptic curve Diffie-Hellman (ECDH) key agreement algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_ECDH" title="PSA_ALG_ECDH">PSA_ALG_ECDH</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x09020000)
+</pre>
+<p>This algorithm can be used directly in a call to <a class="reference internal" href="#c.psa_raw_key_agreement" title="psa_raw_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_raw_key_agreement()</span></code></a>, or combined with a key derivation operation using <a class="reference internal" href="#c.PSA_ALG_KEY_AGREEMENT" title="PSA_ALG_KEY_AGREEMENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT()</span></code></a> for use with <a class="reference internal" href="#c.psa_key_derivation_key_agreement" title="psa_key_derivation_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_key_agreement()</span></code></a>.</p>
+<p>When used as a key’s permitted algorithm policy, the following uses are permitted:</p>
+<ul class="simple">
+<li>In a call to <a class="reference internal" href="#c.psa_raw_key_agreement" title="psa_raw_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_raw_key_agreement()</span></code></a>, with algorithm <a class="reference internal" href="#c.PSA_ALG_ECDH" title="PSA_ALG_ECDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDH</span></code></a>.</li>
+<li>In a call to <a class="reference internal" href="#c.psa_key_derivation_key_agreement" title="psa_key_derivation_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_key_agreement()</span></code></a>, with any combined key agreement and key derivation algorithm constructed with <a class="reference internal" href="#c.PSA_ALG_ECDH" title="PSA_ALG_ECDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDH</span></code></a>.</li>
+</ul>
+<p>When used as part of a multi-part key derivation operation, this implements a Diffie-Hellman key agreement scheme using a single elliptic curve key-pair for each participant. This includes the <em>Ephemeral unified model</em>, the <em>Static unified model</em>, and the <em>One-pass Diffie-Hellman</em> schemes. The input step <a class="reference internal" href="kdf.html#c.PSA_KEY_DERIVATION_INPUT_SECRET" title="PSA_KEY_DERIVATION_INPUT_SECRET"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SECRET</span></code></a> is used when providing the secret and peer keys to the operation.</p>
+<p>The shared secret produced by key agreement is the x-coordinate of the shared secret point. It is always <code class="docutils literal"><span class="pre">ceiling(m</span> <span class="pre">/</span> <span class="pre">8)</span></code> bytes long where <code class="docutils literal"><span class="pre">m</span></code> is the bit size associated with the curve, i.e. the bit size of the order of the curve’s coordinate field. When <code class="docutils literal"><span class="pre">m</span></code> is not a multiple of 8, the byte containing the most significant bit of the shared secret is padded with zero bits. The byte order is either little-endian or big-endian depending on the curve type.</p>
+<ul>
+<li><p class="first">For Montgomery curves (curve family <a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_MONTGOMERY" title="PSA_ECC_FAMILY_MONTGOMERY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_MONTGOMERY</span></code></a>), the shared secret is the x-coordinate of <code class="docutils literal"><span class="pre">Z</span> <span class="pre">=</span> <span class="pre">d_A</span> <span class="pre">Q_B</span> <span class="pre">=</span> <span class="pre">d_B</span> <span class="pre">Q_A</span></code> in little-endian byte order.</p>
+<ul class="simple">
+<li>For Curve25519, this is the X25519 function defined in <span><em>Curve25519: new Diffie-Hellman speed records</em> <a class="reference internal" href="../../about.html#citation-curve25519"><span class="cite">[Curve25519]</span></a></span>. The bit size <code class="docutils literal"><span class="pre">m</span></code> is 255.</li>
+<li>For Curve448, this is the X448 function defined in <span><em>Ed448-Goldilocks, a new elliptic curve</em> <a class="reference internal" href="../../about.html#citation-curve448"><span class="cite">[Curve448]</span></a></span>. The bit size <code class="docutils literal"><span class="pre">m</span></code> is 448.</li>
+</ul>
+</li>
+<li><p class="first">For Weierstrass curves (curve families <code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_XX</span></code>, <code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_XX</span></code>, <a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_BRAINPOOL_P_R1" title="PSA_ECC_FAMILY_BRAINPOOL_P_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_BRAINPOOL_P_R1</span></code></a> and <a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_FRP" title="PSA_ECC_FAMILY_FRP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_FRP</span></code></a>) the shared secret is the x-coordinate of <code class="docutils literal"><span class="pre">Z</span> <span class="pre">=</span> <span class="pre">h</span> <span class="pre">d_A</span> <span class="pre">Q_B</span> <span class="pre">=</span> <span class="pre">h</span> <span class="pre">d_B</span> <span class="pre">Q_A</span></code> in big-endian byte order. This is the Elliptic Curve Cryptography Cofactor Diffie-Hellman primitive defined by <span><em>SEC 1: Elliptic Curve Cryptography</em> <a class="reference internal" href="../../about.html#citation-sec1"><span class="cite">[SEC1]</span></a></span> §3.3.2 as, and also as ECC CDH by <span><em>NIST Special Publication 800-56A: Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography</em> <a class="reference internal" href="../../about.html#citation-sp800-56a"><span class="cite">[SP800-56A]</span></a></span> §5.7.1.2.</p>
+<ul class="simple">
+<li>Over prime fields (curve families <code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_XX</span></code>, <a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_BRAINPOOL_P_R1" title="PSA_ECC_FAMILY_BRAINPOOL_P_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_BRAINPOOL_P_R1</span></code></a> and <a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_FRP" title="PSA_ECC_FAMILY_FRP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_FRP</span></code></a>), the bit size is <code class="docutils literal"><span class="pre">m</span> <span class="pre">=</span> <span class="pre">ceiling(log_2(p))</span></code> for the field <code class="docutils literal"><span class="pre">F_p</span></code>.</li>
+<li>Over binary fields (curve families <code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_XX</span></code>), the bit size is <code class="docutils literal"><span class="pre">m</span></code> for the field <code class="docutils literal"><span class="pre">F_{2^m}</span></code>.</li>
+</ul>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">The cofactor Diffie-Hellman primitive is equivalent to the standard elliptic curve Diffie-Hellman calculation <code class="docutils literal"><span class="pre">Z</span> <span class="pre">=</span> <span class="pre">d_A</span> <span class="pre">Q_B</span> <span class="pre">=</span> <span class="pre">d_B</span> <span class="pre">Q_A</span></code> (<a class="reference internal" href="../../about.html#citation-sec1"><span class="cite psa_c psa_c-cite">[SEC1]</span></a> §3.3.1) for curves where the cofactor <code class="docutils literal"><span class="pre">h</span></code> is <code class="docutils literal"><span class="pre">1</span></code>. This is true for all curves in the <code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_XX</span></code>, <a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_BRAINPOOL_P_R1" title="PSA_ECC_FAMILY_BRAINPOOL_P_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_BRAINPOOL_P_R1</span></code></a>, and <a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_FRP" title="PSA_ECC_FAMILY_FRP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_FRP</span></code></a> families.</p>
+</div>
+</li>
+</ul>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ECC_KEY_PAIR" title="PSA_KEY_TYPE_ECC_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_KEY_PAIR</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">family</span></code><code class="docutils literal"><span class="pre">)</span></code></div>
+</div>
+<p>where <code class="docutils literal"><span class="pre">family</span></code> is a Weierstrass or Montgomery Elliptic curve family. That is, one of the following values:</p>
+<ul class="simple">
+<li><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_XX</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_XX</span></code></li>
+<li><a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_FRP" title="PSA_ECC_FAMILY_FRP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_FRP</span></code></a></li>
+<li><a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_BRAINPOOL_P_R1" title="PSA_ECC_FAMILY_BRAINPOOL_P_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_BRAINPOOL_P_R1</span></code></a></li>
+<li><a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_MONTGOMERY" title="PSA_ECC_FAMILY_MONTGOMERY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_MONTGOMERY</span></code></a></li>
+</ul>
+</div>
+<div class="section" id="PSA_ALG_KEY_AGREEMENT">
+<span id="c.PSA_ALG_KEY_AGREEMENT"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT</span></code> (macro)</h3>
+<p>Macro to build a combined algorithm that chains a key agreement with a key derivation.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_KEY_AGREEMENT" title="PSA_ALG_KEY_AGREEMENT">PSA_ALG_KEY_AGREEMENT</a>(ka_alg, kdf_alg) \
+ <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">ka_alg</span></code></dt>
+<dd>A key agreement algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_KEY_AGREEMENT" title="PSA_ALG_IS_KEY_AGREEMENT"><code class="docutils literal"><span class="pre">PSA_ALG_IS_KEY_AGREEMENT</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">ka_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">kdf_alg</span></code></dt>
+<dd>A key derivation algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_KEY_DERIVATION" title="PSA_ALG_IS_KEY_DERIVATION"><code class="docutils literal"><span class="pre">PSA_ALG_IS_KEY_DERIVATION</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">kdf_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding key agreement and derivation algorithm.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">ka_alg</span></code> is not a supported key agreement algorithm or <code class="docutils literal"><span class="pre">kdf_alg</span></code> is not a supported key derivation algorithm.</p>
+<p class="rubric">Description</p>
+<p>A combined key agreement algorithm is used with a multi-part key derivation operation, using a call to <a class="reference internal" href="#c.psa_key_derivation_key_agreement" title="psa_key_derivation_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_key_agreement()</span></code></a>.</p>
+<p>The component parts of a key agreement algorithm can be extracted using <a class="reference internal" href="#c.PSA_ALG_KEY_AGREEMENT_GET_BASE" title="PSA_ALG_KEY_AGREEMENT_GET_BASE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT_GET_BASE()</span></code></a> and <a class="reference internal" href="#c.PSA_ALG_KEY_AGREEMENT_GET_KDF" title="PSA_ALG_KEY_AGREEMENT_GET_KDF"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT_GET_KDF()</span></code></a>.</p>
+<p class="rubric">Compatible key types</p>
+<p>The resulting combined key agreement algorithm is compatible with the same key types as the raw key agreement algorithm used to construct it.</p>
+</div>
+</div>
+<div class="section" id="standalone-key-agreement">
+<h2>10.9.2. Standalone key agreement</h2>
+<div class="section" id="psa_raw_key_agreement">
+<span id="c.psa_raw_key_agreement"></span><h3><code class="docutils literal"><span class="pre">psa_raw_key_agreement</span></code> (function)</h3>
+<p>Perform a key agreement and return the raw shared secret.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_raw_key_agreement" title="psa_raw_key_agreement">psa_raw_key_agreement</a>(<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ <a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> private_key,
+ const uint8_t * peer_key,
+ size_t peer_key_length,
+ uint8_t * output,
+ size_t output_size,
+ size_t * output_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The key agreement algorithm to compute: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="#c.PSA_ALG_IS_RAW_KEY_AGREEMENT" title="PSA_ALG_IS_RAW_KEY_AGREEMENT"><code class="docutils literal"><span class="pre">PSA_ALG_IS_RAW_KEY_AGREEMENT</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">private_key</span></code></dt>
+<dd>Identifier of the private key to use.
+It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DERIVE" title="PSA_KEY_USAGE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DERIVE</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">peer_key</span></code></dt>
+<dd>Public key of the peer. The peer key must be in the same format that <a class="reference internal" href="../keys/management.html#c.psa_import_key" title="psa_import_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_import_key()</span></code></a> accepts for the public key type corresponding to the type of <code class="docutils literal"><span class="pre">private_key</span></code>. That is, this function performs the equivalent of <a class="reference internal" href="../keys/management.html#c.psa_import_key" title="psa_import_key"><code class="docutils literal"><span class="pre">psa_import_key</span></code></a><code class="docutils literal"><span class="pre">(...,</span> </code><code class="docutils literal"><span class="pre">peer_key</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">peer_key_length</span></code><code class="docutils literal"><span class="pre">)</span></code>, with key attributes indicating the public key type corresponding to the type of <code class="docutils literal"><span class="pre">private_key</span></code>. For example, for ECC keys, this means that peer_key is interpreted as a point on the curve that the private key is on. The standard formats for public keys are documented in the documentation of <a class="reference internal" href="../keys/management.html#c.psa_export_public_key" title="psa_export_public_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_public_key()</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">peer_key_length</span></code></dt>
+<dd>Size of <code class="docutils literal"><span class="pre">peer_key</span></code> in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">output</span></code></dt>
+<dd>Buffer where the raw shared secret is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">output_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">output</span></code> buffer in bytes.
+This must be appropriate for the keys:</p>
+<ul class="last simple">
+<li>The required output size is <a class="reference internal" href="#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE" title="PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">bits</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">type</span></code> is the type of <code class="docutils literal"><span class="pre">private_key</span></code> and <code class="docutils literal"><span class="pre">bits</span></code> is the bit-size of either <code class="docutils literal"><span class="pre">private_key</span></code> or the <code class="docutils literal"><span class="pre">peer_key</span></code>.</li>
+<li><a class="reference internal" href="#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE" title="PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE</span></code></a> evaluates to the maximum output size of any supported raw key agreement algorithm.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">output_length</span></code></dt>
+<dd>On success, the number of bytes that make up the returned output.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*output_length)</span></code> bytes of <code class="docutils literal"><span class="pre">output</span></code> contain the raw shared secret.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">private_key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">private_key</span></code> does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DERIVE" title="PSA_KEY_USAGE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DERIVE</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">output</span></code> buffer is too small.
+<a class="reference internal" href="#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE" title="PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE" title="PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not a key agreement algorithm.</li>
+<li><code class="docutils literal"><span class="pre">private_key</span></code> is not compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">peer_key</span></code> is not a valid public key corresponding to <code class="docutils literal"><span class="pre">private_key</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not a key agreement algorithm.</li>
+<li><code class="docutils literal"><span class="pre">private_key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">The raw result of a key agreement algorithm such as finite-field Diffie-Hellman or elliptic curve Diffie-Hellman has biases, and is not suitable for use as key material. Instead it is recommended that the result is used as input to a key derivation algorithm. To chain a key agreement with a key derivation, use <a class="reference internal" href="#c.psa_key_derivation_key_agreement" title="psa_key_derivation_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_key_agreement()</span></code></a> and other functions from the key derivation interface.</p>
+</div>
+</div>
+</div>
+<div class="section" id="combining-key-agreement-and-key-derivation">
+<h2>10.9.3. Combining key agreement and key derivation</h2>
+<div class="section" id="psa_key_derivation_key_agreement">
+<span id="c.psa_key_derivation_key_agreement"></span><h3><code class="docutils literal"><span class="pre">psa_key_derivation_key_agreement</span></code> (function)</h3>
+<p>Perform a key agreement and use the shared secret as input to a key derivation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_key_derivation_key_agreement" title="psa_key_derivation_key_agreement">psa_key_derivation_key_agreement</a>(<a class="reference internal" href="kdf.html#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ <a class="reference internal" href="kdf.html#c.psa_key_derivation_step_t" title="psa_key_derivation_step_t">psa_key_derivation_step_t</a> step,
+ <a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> private_key,
+ const uint8_t * peer_key,
+ size_t peer_key_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd><p class="first">The key derivation operation object to use. It must have been set up with <a class="reference internal" href="kdf.html#c.psa_key_derivation_setup" title="psa_key_derivation_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_setup()</span></code></a> with a key agreement and derivation algorithm <code class="docutils literal"><span class="pre">alg</span></code>: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_KEY_AGREEMENT" title="PSA_ALG_IS_KEY_AGREEMENT"><code class="docutils literal"><span class="pre">PSA_ALG_IS_KEY_AGREEMENT</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true and <a class="reference internal" href="#c.PSA_ALG_IS_RAW_KEY_AGREEMENT" title="PSA_ALG_IS_RAW_KEY_AGREEMENT"><code class="docutils literal"><span class="pre">PSA_ALG_IS_RAW_KEY_AGREEMENT</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is false.</p>
+<p class="last">The operation must be ready for an input of the type given by <code class="docutils literal"><span class="pre">step</span></code>.</p>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">step</span></code></dt>
+<dd>Which step the input data is for.</dd>
+<dt> <code class="docutils literal"><span class="pre">private_key</span></code></dt>
+<dd>Identifier of the private key to use.
+It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DERIVE" title="PSA_KEY_USAGE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DERIVE</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">peer_key</span></code></dt>
+<dd>Public key of the peer. The peer key must be in the same format that <a class="reference internal" href="../keys/management.html#c.psa_import_key" title="psa_import_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_import_key()</span></code></a> accepts for the public key type corresponding to the type of <code class="docutils literal"><span class="pre">private_key</span></code>. That is, this function performs the equivalent of <a class="reference internal" href="../keys/management.html#c.psa_import_key" title="psa_import_key"><code class="docutils literal"><span class="pre">psa_import_key</span></code></a><code class="docutils literal"><span class="pre">(...,</span> </code><code class="docutils literal"><span class="pre">peer_key</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">peer_key_length</span></code><code class="docutils literal"><span class="pre">)</span></code>, with key attributes indicating the public key type corresponding to the type of <code class="docutils literal"><span class="pre">private_key</span></code>. For example, for ECC keys, this means that peer_key is interpreted as a point on the curve that the private key is on. The standard formats for public keys are documented in the documentation of <a class="reference internal" href="../keys/management.html#c.psa_export_public_key" title="psa_export_public_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_public_key()</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">peer_key_length</span></code></dt>
+<dd>Size of <code class="docutils literal"><span class="pre">peer_key</span></code> in bytes.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid for this key agreement <code class="docutils literal"><span class="pre">step</span></code>.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">private_key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">private_key</span></code> does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DERIVE" title="PSA_KEY_USAGE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DERIVE</span></code></a> flag, or it does not permit the operation’s algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation’s algorithm is not a key agreement algorithm.</li>
+<li><code class="docutils literal"><span class="pre">step</span></code> does not allow an input resulting from a key agreement.</li>
+<li><code class="docutils literal"><span class="pre">private_key</span></code> is not compatible with the operation’s algorithm.</li>
+<li><code class="docutils literal"><span class="pre">peer_key</span></code> is not a valid public key corresponding to <code class="docutils literal"><span class="pre">private_key</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">private_key</span></code> is not supported for use with the operation’s algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>A key agreement algorithm takes two inputs: a private key <code class="docutils literal"><span class="pre">private_key</span></code>, and a public key <code class="docutils literal"><span class="pre">peer_key</span></code>. The result of this function is passed as input to the key derivation operation. The output of this key derivation can be extracted by reading from the resulting operation to produce keys and other cryptographic material.</p>
+<p>If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="kdf.html#c.psa_key_derivation_abort" title="psa_key_derivation_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_abort()</span></code></a>.</p>
+</div>
+</div>
+<div class="section" id="support-macros">
+<h2>10.9.4. Support macros</h2>
+<div class="section" id="PSA_ALG_KEY_AGREEMENT_GET_BASE">
+<span id="c.PSA_ALG_KEY_AGREEMENT_GET_BASE"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT_GET_BASE</span></code> (macro)</h3>
+<p>Get the raw key agreement algorithm from a full key agreement algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_KEY_AGREEMENT_GET_BASE" title="PSA_ALG_KEY_AGREEMENT_GET_BASE">PSA_ALG_KEY_AGREEMENT_GET_BASE</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>A key agreement algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_KEY_AGREEMENT" title="PSA_ALG_IS_KEY_AGREEMENT"><code class="docutils literal"><span class="pre">PSA_ALG_IS_KEY_AGREEMENT</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The underlying raw key agreement algorithm if <code class="docutils literal"><span class="pre">alg</span></code> is a key agreement algorithm.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">alg</span></code> is not a key agreement algorithm or if it is not supported by the implementation.</p>
+<p class="rubric">Description</p>
+<p>See also <a class="reference internal" href="#c.PSA_ALG_KEY_AGREEMENT" title="PSA_ALG_KEY_AGREEMENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT()</span></code></a> and <a class="reference internal" href="#c.PSA_ALG_KEY_AGREEMENT_GET_KDF" title="PSA_ALG_KEY_AGREEMENT_GET_KDF"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT_GET_KDF()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_KEY_AGREEMENT_GET_KDF">
+<span id="c.PSA_ALG_KEY_AGREEMENT_GET_KDF"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT_GET_KDF</span></code> (macro)</h3>
+<p>Get the key derivation algorithm used in a full key agreement algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_KEY_AGREEMENT_GET_KDF" title="PSA_ALG_KEY_AGREEMENT_GET_KDF">PSA_ALG_KEY_AGREEMENT_GET_KDF</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>A key agreement algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_KEY_AGREEMENT" title="PSA_ALG_IS_KEY_AGREEMENT"><code class="docutils literal"><span class="pre">PSA_ALG_IS_KEY_AGREEMENT</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The underlying key derivation algorithm if <code class="docutils literal"><span class="pre">alg</span></code> is a key agreement algorithm.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">alg</span></code> is not a key agreement algorithm or if it is not supported by the implementation.</p>
+<p class="rubric">Description</p>
+<p>See also <a class="reference internal" href="#c.PSA_ALG_KEY_AGREEMENT" title="PSA_ALG_KEY_AGREEMENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT()</span></code></a> and <a class="reference internal" href="#c.PSA_ALG_KEY_AGREEMENT_GET_BASE" title="PSA_ALG_KEY_AGREEMENT_GET_BASE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT_GET_BASE()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_RAW_KEY_AGREEMENT">
+<span id="c.PSA_ALG_IS_RAW_KEY_AGREEMENT"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_RAW_KEY_AGREEMENT</span></code> (macro)</h3>
+<p>Whether the specified algorithm is a raw key agreement algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_RAW_KEY_AGREEMENT" title="PSA_ALG_IS_RAW_KEY_AGREEMENT">PSA_ALG_IS_RAW_KEY_AGREEMENT</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a raw key agreement algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>A raw key agreement algorithm is one that does not specify a key derivation function. Usually, raw key agreement algorithms are constructed directly with a <code class="docutils literal"><span class="pre">PSA_ALG_xxx</span></code> macro while non-raw key agreement algorithms are constructed with <a class="reference internal" href="#c.PSA_ALG_KEY_AGREEMENT" title="PSA_ALG_KEY_AGREEMENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT()</span></code></a>.</p>
+<p>The raw key agreement algorithm can be extracted from a full key agreement algorithm identifier using <a class="reference internal" href="#c.PSA_ALG_KEY_AGREEMENT_GET_BASE" title="PSA_ALG_KEY_AGREEMENT_GET_BASE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT_GET_BASE()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_FFDH">
+<span id="c.PSA_ALG_IS_FFDH"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_FFDH</span></code> (macro)</h3>
+<p>Whether the specified algorithm is a finite field Diffie-Hellman algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_FFDH" title="PSA_ALG_IS_FFDH">PSA_ALG_IS_FFDH</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a finite field Diffie-Hellman algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported key agreement algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>This includes the raw finite field Diffie-Hellman algorithm as well as finite-field Diffie-Hellman followed by any supported key derivation algorithm.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_ECDH">
+<span id="c.PSA_ALG_IS_ECDH"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_ECDH</span></code> (macro)</h3>
+<p>Whether the specified algorithm is an elliptic curve Diffie-Hellman algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_ECDH" title="PSA_ALG_IS_ECDH">PSA_ALG_IS_ECDH</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is an elliptic curve Diffie-Hellman algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported key agreement algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>This includes the raw elliptic curve Diffie-Hellman algorithm as well as elliptic curve Diffie-Hellman followed by any supporter key derivation algorithm.</p>
+</div>
+<div class="section" id="PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE">
+<span id="c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE</span></code> (macro)</h3>
+<p>Sufficient output buffer size for <a class="reference internal" href="#c.psa_raw_key_agreement" title="psa_raw_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_raw_key_agreement()</span></code></a>.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE" title="PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE">PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE</a>(key_type, key_bits) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>A supported key type.</dd>
+<dt> <code class="docutils literal"><span class="pre">key_bits</span></code></dt>
+<dd>The size of the key in bits.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>A sufficient output buffer size for the specified key type and size. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or a correct size for a key type and size that it recognizes, but does not support. If the parameters are not valid, the return value is unspecified.</p>
+<p class="rubric">Description</p>
+<p>If the size of the output buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_raw_key_agreement" title="psa_raw_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_raw_key_agreement()</span></code></a> will not fail due to an insufficient buffer size. The actual size of the output might be smaller in any given call.</p>
+<p>See also <a class="reference internal" href="#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE" title="PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE">
+<span id="c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE</span></code> (macro)</h3>
+<p>Sufficient output buffer size for <a class="reference internal" href="#c.psa_raw_key_agreement" title="psa_raw_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_raw_key_agreement()</span></code></a>, for any of the supported key types and key agreement algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE" title="PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE">PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE</a> \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>If the size of the output buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_raw_key_agreement" title="psa_raw_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_raw_key_agreement()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE" title="PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE()</span></code></a>.</p>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">10. Cryptographic operation reference</a><ul class="current">
+<li class="toctree-l2"><a class="reference internal" href="algorithms.html">10.1. Algorithms</a></li>
+<li class="toctree-l2"><a class="reference internal" href="hashes.html">10.2. Message digests (Hashes)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="macs.html">10.3. Message authentication codes (MAC)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ciphers.html">10.4. Unauthenticated ciphers</a></li>
+<li class="toctree-l2"><a class="reference internal" href="aead.html">10.5. Authenticated encryption with associated data (AEAD)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="kdf.html">10.6. Key derivation</a></li>
+<li class="toctree-l2"><a class="reference internal" href="sign.html">10.7. Asymmetric signature</a></li>
+<li class="toctree-l2"><a class="reference internal" href="pke.html">10.8. Asymmetric encryption</a></li>
+<li class="toctree-l2 current"><a class="current reference internal" href="#">10.9. Key agreement</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#key-agreement-algorithms">10.9.1. Key agreement algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#standalone-key-agreement">10.9.2. Standalone key agreement</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#combining-key-agreement-and-key-derivation">10.9.3. Combining key agreement and key derivation</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#support-macros">10.9.4. Support macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="rng.html">10.10. Other cryptographic services</a></li>
+</ul>
+</li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/ops/kdf.html b/docs/1.1.0/html/api/ops/kdf.html
new file mode 100644
index 0000000..503f49e
--- /dev/null
+++ b/docs/1.1.0/html/api/ops/kdf.html
@@ -0,0 +1,1293 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>10.6. Key derivation — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="10.7. Asymmetric signature" href="sign.html" />
+ <link rel="prev" title="10.5. Authenticated encryption with associated data (AEAD)" href="aead.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="key-derivation">
+<span id="kdf"></span><h1>10.6. Key derivation</h1>
+<p>A key derivation encodes a deterministic method to generate a finite stream of bytes. This data stream is computed by the cryptoprocessor and extracted in chunks. If two key derivation operations are constructed with the same parameters, then they produce the same output.</p>
+<p>A key derivation consists of two phases:</p>
+<ol class="arabic simple">
+<li>Input collection. This is sometimes known as <em>extraction</em>: the operation “extracts” information from the inputs to generate a pseudorandom intermediate secret value.</li>
+<li>Output generation. This is sometimes known as <em>expansion</em>: the operation “expands” the intermediate secret value to the desired output length.</li>
+</ol>
+<p>The specification defines a <a class="reference internal" href="../../overview/functionality.html#multi-part-operations"><span class="std std-ref">multi-part operation</span></a> API for key derivation that allows:</p>
+<ul class="simple">
+<li>Multiple key and non-key outputs to be produced from a single derivation operation object.</li>
+<li>Key and non-key outputs can be extracted from the key derivation object, or compared with existing key and non-key values.</li>
+<li>Algorithms that require high-entropy secret inputs. For example <a class="reference internal" href="#c.PSA_ALG_HKDF" title="PSA_ALG_HKDF"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_HKDF</span></code></a>.</li>
+<li>Algorithms that work with low-entropy secret inputs, or passwords. For example <a class="reference internal" href="#c.PSA_ALG_PBKDF2_HMAC" title="PSA_ALG_PBKDF2_HMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_PBKDF2_HMAC()</span></code></a>.</li>
+</ul>
+<p>An implementation with <a class="reference internal" href="../../about.html#term-isolation"><span class="term">isolation</span></a> has the following properties:</p>
+<ul class="simple">
+<li>The intermediate state of the key derivation is not visible to the caller.</li>
+<li>If an output of the derivation is a non-exportable key, then this key cannot be recovered outside the isolation boundary.</li>
+<li>If an output of the derivation is compared using <a class="reference internal" href="#c.psa_key_derivation_verify_bytes" title="psa_key_derivation_verify_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_verify_bytes()</span></code></a> or <a class="reference internal" href="#c.psa_key_derivation_verify_key" title="psa_key_derivation_verify_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_verify_key()</span></code></a>, then the output is not visible to the caller.</li>
+</ul>
+<p>Applications use the <a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_derivation_operation_t</span></code></a> type to create key derivation operations. The operation object is used as follows:</p>
+<ol class="arabic">
+<li><p class="first">Initialize a <a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_derivation_operation_t</span></code></a> object to zero or to <a class="reference internal" href="#c.PSA_KEY_DERIVATION_OPERATION_INIT" title="PSA_KEY_DERIVATION_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_OPERATION_INIT</span></code></a>.</p>
+</li>
+<li><p class="first">Call <a class="reference internal" href="#c.psa_key_derivation_setup" title="psa_key_derivation_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_setup()</span></code></a> to select a key derivation algorithm.</p>
+</li>
+<li><p class="first">Call the functions <a class="reference internal" href="#c.psa_key_derivation_input_key" title="psa_key_derivation_input_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_key()</span></code></a> or <a class="reference internal" href="ka.html#c.psa_key_derivation_key_agreement" title="psa_key_derivation_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_key_agreement()</span></code></a> to provide the secret inputs, and <a class="reference internal" href="#c.psa_key_derivation_input_bytes" title="psa_key_derivation_input_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_bytes()</span></code></a> or <a class="reference internal" href="#c.psa_key_derivation_input_integer" title="psa_key_derivation_input_integer"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_integer()</span></code></a> to provide the non-secret inputs, to the key derivation algorithm. Many key derivation algorithms take multiple inputs; the <code class="docutils literal"><span class="pre">step</span></code> parameter to these functions indicates which input is being provided. The documentation for each key derivation algorithm describes the expected inputs for that algorithm and in what order to pass them.</p>
+</li>
+<li><p class="first">Optionally, call <a class="reference internal" href="#c.psa_key_derivation_set_capacity" title="psa_key_derivation_set_capacity"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_set_capacity()</span></code></a> to set a limit on the amount of data that can be output from the key derivation operation.</p>
+</li>
+<li><p class="first">Call an output or verification function:</p>
+<ul class="simple">
+<li><a class="reference internal" href="#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a> to create a derived key.</li>
+<li><a class="reference internal" href="#c.psa_key_derivation_output_bytes" title="psa_key_derivation_output_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_bytes()</span></code></a> to export the derived data.</li>
+<li><a class="reference internal" href="#c.psa_key_derivation_verify_key" title="psa_key_derivation_verify_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_verify_key()</span></code></a> to compare a derived key with an existing key value.</li>
+<li><a class="reference internal" href="#c.psa_key_derivation_verify_bytes" title="psa_key_derivation_verify_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_verify_bytes()</span></code></a> to compare derived data with a buffer.</li>
+</ul>
+<p>These functions can be called multiple times to read successive output from the key derivation, until the stream is exhausted when its capacity has been reached.</p>
+</li>
+<li><p class="first">Key derivation does not finish in the same way as other multi-part operations. Call <a class="reference internal" href="#c.psa_key_derivation_abort" title="psa_key_derivation_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_abort()</span></code></a> to release the key derivation operation memory when the object is no longer required.</p>
+</li>
+</ol>
+<p>To recover from an error, call <a class="reference internal" href="#c.psa_key_derivation_abort" title="psa_key_derivation_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_abort()</span></code></a> to release the key derivation operation memory.</p>
+<p>A key derivation operation cannot be rewound. Once a part of the stream has been output, it cannot be output again. This ensures that the same part of the output will not be used for different purposes.</p>
+<div class="section" id="key-derivation-algorithms">
+<span id="id1"></span><h2>10.6.1. Key derivation algorithms</h2>
+<div class="section" id="PSA_ALG_HKDF">
+<span id="c.PSA_ALG_HKDF"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_HKDF</span></code> (macro)</h3>
+<p>Macro to build an HKDF algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_HKDF" title="PSA_ALG_HKDF">PSA_ALG_HKDF</a>(hash_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">hash_alg</span></code></dt>
+<dd>A hash algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding HKDF algorithm. For example, <a class="reference internal" href="#c.PSA_ALG_HKDF" title="PSA_ALG_HKDF"><code class="docutils literal"><span class="pre">PSA_ALG_HKDF</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="hashes.html#c.PSA_ALG_SHA_256" title="PSA_ALG_SHA_256"><code class="docutils literal"><span class="pre">PSA_ALG_SHA_256</span></code></a><code class="docutils literal"><span class="pre">)</span></code> is HKDF using HMAC-SHA-256.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">hash_alg</span></code> is not a supported hash algorithm.</p>
+<p class="rubric">Description</p>
+<p>This is the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) specified by <span><em>HMAC-based Extract-and-Expand Key Derivation Function (HKDF)</em> <a class="reference internal" href="../../about.html#citation-rfc5869"><span class="cite">[RFC5869]</span></a></span>.</p>
+<p>This key derivation algorithm uses the following inputs:</p>
+<ul class="simple">
+<li><a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_SALT" title="PSA_KEY_DERIVATION_INPUT_SALT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SALT</span></code></a> is the salt used in the “extract” step. It is optional; if omitted, the derivation uses an empty salt.</li>
+<li><a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_SECRET" title="PSA_KEY_DERIVATION_INPUT_SECRET"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SECRET</span></code></a> is the secret key used in the “extract” step.</li>
+<li><a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_INFO" title="PSA_KEY_DERIVATION_INPUT_INFO"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_INFO</span></code></a> is the info string used in the “expand” step.</li>
+</ul>
+<p>If <a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_SALT" title="PSA_KEY_DERIVATION_INPUT_SALT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SALT</span></code></a> is provided, it must be before <a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_SECRET" title="PSA_KEY_DERIVATION_INPUT_SECRET"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SECRET</span></code></a>. <a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_INFO" title="PSA_KEY_DERIVATION_INPUT_INFO"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_INFO</span></code></a> can be provided at any time after setup and before starting to generate output.</p>
+<p>Each input may only be passed once.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DERIVE" title="PSA_KEY_TYPE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DERIVE</span></code></a> (for the secret key)</div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RAW_DATA" title="PSA_KEY_TYPE_RAW_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RAW_DATA</span></code></a> (for the other inputs)</div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_TLS12_PRF">
+<span id="c.PSA_ALG_TLS12_PRF"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_TLS12_PRF</span></code> (macro)</h3>
+<p>Macro to build a TLS-1.2 PRF algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_TLS12_PRF" title="PSA_ALG_TLS12_PRF">PSA_ALG_TLS12_PRF</a>(hash_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">hash_alg</span></code></dt>
+<dd>A hash algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding TLS-1.2 PRF algorithm. For example, <a class="reference internal" href="#c.PSA_ALG_TLS12_PRF" title="PSA_ALG_TLS12_PRF"><code class="docutils literal"><span class="pre">PSA_ALG_TLS12_PRF</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="hashes.html#c.PSA_ALG_SHA_256" title="PSA_ALG_SHA_256"><code class="docutils literal"><span class="pre">PSA_ALG_SHA_256</span></code></a><code class="docutils literal"><span class="pre">)</span></code> represents the TLS 1.2 PRF using HMAC-SHA-256.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">hash_alg</span></code> is not a supported hash algorithm.</p>
+<p class="rubric">Description</p>
+<p>TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, specified in <span><em>The Transport Layer Security (TLS) Protocol Version 1.2</em> <a class="reference internal" href="../../about.html#citation-rfc5246"><span class="cite">[RFC5246]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc5246.html#section-5">§5</a>. It is based on HMAC and can be used with either SHA-256 or SHA-384.</p>
+<p>This key derivation algorithm uses the following inputs, which must be passed in the order given here:</p>
+<ul class="simple">
+<li><a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_SEED" title="PSA_KEY_DERIVATION_INPUT_SEED"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SEED</span></code></a> is the seed.</li>
+<li><a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_SECRET" title="PSA_KEY_DERIVATION_INPUT_SECRET"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SECRET</span></code></a> is the secret key.</li>
+<li><a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_LABEL" title="PSA_KEY_DERIVATION_INPUT_LABEL"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_LABEL</span></code></a> is the label.</li>
+</ul>
+<p>Each input may only be passed once.</p>
+<p>For the application to TLS-1.2 key expansion:</p>
+<ul class="simple">
+<li>The seed is the concatenation of <code class="docutils literal"><span class="pre">ServerHello.Random</span> <span class="pre">+</span> <span class="pre">ClientHello.Random</span></code>.</li>
+<li>The label is <code class="docutils literal"><span class="pre">"key</span> <span class="pre">expansion"</span></code>.</li>
+</ul>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DERIVE" title="PSA_KEY_TYPE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DERIVE</span></code></a> (for the secret key)</div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RAW_DATA" title="PSA_KEY_TYPE_RAW_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RAW_DATA</span></code></a> (for the other inputs)</div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_TLS12_PSK_TO_MS">
+<span id="c.PSA_ALG_TLS12_PSK_TO_MS"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_TLS12_PSK_TO_MS</span></code> (macro)</h3>
+<p>Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_TLS12_PSK_TO_MS" title="PSA_ALG_TLS12_PSK_TO_MS">PSA_ALG_TLS12_PSK_TO_MS</a>(hash_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">hash_alg</span></code></dt>
+<dd>A hash algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding TLS-1.2 PSK to MS algorithm. For example, <a class="reference internal" href="#c.PSA_ALG_TLS12_PSK_TO_MS" title="PSA_ALG_TLS12_PSK_TO_MS"><code class="docutils literal"><span class="pre">PSA_ALG_TLS12_PSK_TO_MS</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="hashes.html#c.PSA_ALG_SHA_256" title="PSA_ALG_SHA_256"><code class="docutils literal"><span class="pre">PSA_ALG_SHA_256</span></code></a><code class="docutils literal"><span class="pre">)</span></code> represents the TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">hash_alg</span></code> is not a supported hash algorithm.</p>
+<p class="rubric">Description</p>
+<p>In a pure-PSK handshake in TLS 1.2, the master secret (MS) is derived from the pre-shared key (PSK) through the application of padding (<span><em>Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)</em> <a class="reference internal" href="../../about.html#citation-rfc4279"><span class="cite">[RFC4279]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc4279.html#section-2">§2</a>) and the TLS-1.2 PRF (<span><em>The Transport Layer Security (TLS) Protocol Version 1.2</em> <a class="reference internal" href="../../about.html#citation-rfc5246"><span class="cite">[RFC5246]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc5246.html#section-5">§5</a>). The latter is based on HMAC and can be used with either SHA-256 or SHA-384.</p>
+<p>This key derivation algorithm uses the following inputs, which must be passed in the order given here:</p>
+<ul class="simple">
+<li><a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_SEED" title="PSA_KEY_DERIVATION_INPUT_SEED"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SEED</span></code></a> is the seed.</li>
+<li><a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_SECRET" title="PSA_KEY_DERIVATION_INPUT_SECRET"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SECRET</span></code></a> is the PSK. The PSK must not be larger than <a class="reference internal" href="#c.PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE" title="PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE</span></code></a>.</li>
+<li><a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_LABEL" title="PSA_KEY_DERIVATION_INPUT_LABEL"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_LABEL</span></code></a> is the label.</li>
+</ul>
+<p>Each input may only be passed once.</p>
+<p>For the application to TLS-1.2:</p>
+<ul class="simple">
+<li>The seed, which is forwarded to the TLS-1.2 PRF, is the concatenation of the <code class="docutils literal"><span class="pre">ClientHello.Random</span> <span class="pre">+</span> <span class="pre">ServerHello.Random</span></code>.</li>
+<li>The label is <code class="docutils literal"><span class="pre">"master</span> <span class="pre">secret"</span></code> or <code class="docutils literal"><span class="pre">"extended</span> <span class="pre">master</span> <span class="pre">secret"</span></code>.</li>
+</ul>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DERIVE" title="PSA_KEY_TYPE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DERIVE</span></code></a> (for the PSK)</div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RAW_DATA" title="PSA_KEY_TYPE_RAW_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RAW_DATA</span></code></a> (for the other inputs)</div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_PBKDF2_HMAC">
+<span id="c.PSA_ALG_PBKDF2_HMAC"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_PBKDF2_HMAC</span></code> (macro)</h3>
+<p>Macro to build a PBKDF2-HMAC password-hashing or key-stretching algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_PBKDF2_HMAC" title="PSA_ALG_PBKDF2_HMAC">PSA_ALG_PBKDF2_HMAC</a>(hash_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">hash_alg</span></code></dt>
+<dd>A hash algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding PBKDF2-HMAC-XXX algorithm. For example, <a class="reference internal" href="#c.PSA_ALG_PBKDF2_HMAC" title="PSA_ALG_PBKDF2_HMAC"><code class="docutils literal"><span class="pre">PSA_ALG_PBKDF2_HMAC</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="hashes.html#c.PSA_ALG_SHA_256" title="PSA_ALG_SHA_256"><code class="docutils literal"><span class="pre">PSA_ALG_SHA_256</span></code></a><code class="docutils literal"><span class="pre">)</span></code> is the algorithm identifier for PBKDF2-HMAC-SHA-256.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">hash_alg</span></code> is not a supported hash algorithm.</p>
+<p class="rubric">Description</p>
+<p>PBKDF2 is specified by <span><em>PKCS #5: Password-Based Cryptography Specification Version 2.1</em> <a class="reference internal" href="../../about.html#citation-rfc8018"><span class="cite">[RFC8018]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc8018.html#section-5.2">§5.2</a>. This macro constructs a PBKDF2 algorithm that uses a pseudo-random function based on HMAC with the specified hash.</p>
+<p>This key derivation algorithm uses the following inputs, which must be provided in the following order:</p>
+<ul class="simple">
+<li><a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_COST" title="PSA_KEY_DERIVATION_INPUT_COST"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_COST</span></code></a> is the iteration count.
+This input step must be used exactly once.</li>
+<li><a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_SALT" title="PSA_KEY_DERIVATION_INPUT_SALT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SALT</span></code></a> is the salt.
+This input step must be used one or more times; if used several times, the inputs will be concatenated.
+This can be used to build the final salt from multiple sources, both public and secret (also known as pepper).</li>
+<li><a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_PASSWORD" title="PSA_KEY_DERIVATION_INPUT_PASSWORD"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_PASSWORD</span></code></a> is the password to be hashed.
+This input step must be used exactly once.</li>
+</ul>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DERIVE" title="PSA_KEY_TYPE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DERIVE</span></code></a> (for password input)</div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_PASSWORD" title="PSA_KEY_TYPE_PASSWORD"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD</span></code></a> (for password input)</div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_PEPPER" title="PSA_KEY_TYPE_PEPPER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PEPPER</span></code></a> (for salt input)</div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RAW_DATA" title="PSA_KEY_TYPE_RAW_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RAW_DATA</span></code></a> (for salt input)</div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_PASSWORD_HASH" title="PSA_KEY_TYPE_PASSWORD_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD_HASH</span></code></a> (for key verification)</div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_PBKDF2_AES_CMAC_PRF_128">
+<span id="c.PSA_ALG_PBKDF2_AES_CMAC_PRF_128"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_PBKDF2_AES_CMAC_PRF_128</span></code> (macro)</h3>
+<p>The PBKDF2-AES-CMAC-PRF-128 password-hashing or key-stretching algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_PBKDF2_AES_CMAC_PRF_128" title="PSA_ALG_PBKDF2_AES_CMAC_PRF_128">PSA_ALG_PBKDF2_AES_CMAC_PRF_128</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x08800200)
+</pre>
+<p>PBKDF2 is specified by <span><em>PKCS #5: Password-Based Cryptography Specification Version 2.1</em> <a class="reference internal" href="../../about.html#citation-rfc8018"><span class="cite">[RFC8018]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc8018.html#section-5.2">§5.2</a>. This algorithm specifies the PBKDF2 algorithm using the AES-CMAC-PRF-128 pseudo-random function specified by <a class="reference internal" href="../../about.html#citation-rfc4615"><span class="cite">[RFC4615]</span></a></p>
+<p>This key derivation algorithm uses the same inputs as <a class="reference internal" href="#c.PSA_ALG_PBKDF2_HMAC" title="PSA_ALG_PBKDF2_HMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_PBKDF2_HMAC()</span></code></a> with the same constraints.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DERIVE" title="PSA_KEY_TYPE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DERIVE</span></code></a> (for password input)</div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_PASSWORD" title="PSA_KEY_TYPE_PASSWORD"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD</span></code></a> (for password input)</div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_PEPPER" title="PSA_KEY_TYPE_PEPPER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PEPPER</span></code></a> (for salt input)</div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RAW_DATA" title="PSA_KEY_TYPE_RAW_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RAW_DATA</span></code></a> (for salt input)</div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_PASSWORD_HASH" title="PSA_KEY_TYPE_PASSWORD_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD_HASH</span></code></a> (for key verification)</div>
+</div>
+</div>
+</div>
+<div class="section" id="input-step-types">
+<h2>10.6.2. Input step types</h2>
+<div class="section" id="psa_key_derivation_step_t">
+<span id="c.psa_key_derivation_step_t"></span><h3><code class="docutils literal"><span class="pre">psa_key_derivation_step_t</span></code> (type)</h3>
+<p>Encoding of the step of a key derivation.</p>
+<pre class="literal-block">
+typedef uint16_t <a class="reference internal" href="#c.psa_key_derivation_step_t" title="psa_key_derivation_step_t">psa_key_derivation_step_t</a>;
+</pre>
+</div>
+<div class="section" id="PSA_KEY_DERIVATION_INPUT_SECRET">
+<span id="c.PSA_KEY_DERIVATION_INPUT_SECRET"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SECRET</span></code> (macro)</h3>
+<p>A high-entropy secret input for key derivation.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_SECRET" title="PSA_KEY_DERIVATION_INPUT_SECRET">PSA_KEY_DERIVATION_INPUT_SECRET</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>This is typically a key of type <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DERIVE" title="PSA_KEY_TYPE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DERIVE</span></code></a> passed to <a class="reference internal" href="#c.psa_key_derivation_input_key" title="psa_key_derivation_input_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_key()</span></code></a>, or the shared secret resulting from a key agreement obtained via <a class="reference internal" href="ka.html#c.psa_key_derivation_key_agreement" title="psa_key_derivation_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_key_agreement()</span></code></a>.</p>
+<p>The secret can also be a direct input passed to <a class="reference internal" href="#c.psa_key_derivation_input_bytes" title="psa_key_derivation_input_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_bytes()</span></code></a>. In this case, the derivation operation cannot be used to derive keys: the operation will not allow a call to <a class="reference internal" href="#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_KEY_DERIVATION_INPUT_PASSWORD">
+<span id="c.PSA_KEY_DERIVATION_INPUT_PASSWORD"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_PASSWORD</span></code> (macro)</h3>
+<p>A low-entropy secret input for password hashing or key stretching.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_PASSWORD" title="PSA_KEY_DERIVATION_INPUT_PASSWORD">PSA_KEY_DERIVATION_INPUT_PASSWORD</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>This is usually a key of type <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_PASSWORD" title="PSA_KEY_TYPE_PASSWORD"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD</span></code></a> passed to <a class="reference internal" href="#c.psa_key_derivation_input_key" title="psa_key_derivation_input_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_key()</span></code></a> or a direct input passed to <a class="reference internal" href="#c.psa_key_derivation_input_bytes" title="psa_key_derivation_input_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_bytes()</span></code></a> that is a password or passphrase. It can also be high-entropy secret, for example, a key of type <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DERIVE" title="PSA_KEY_TYPE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DERIVE</span></code></a>, or the shared secret resulting from a key agreement.</p>
+<p>If the secret is a direct input, the derivation operation cannot be used to derive keys: the operation will not allow a call to <a class="reference internal" href="#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_KEY_DERIVATION_INPUT_LABEL">
+<span id="c.PSA_KEY_DERIVATION_INPUT_LABEL"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_LABEL</span></code> (macro)</h3>
+<p>A label for key derivation.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_LABEL" title="PSA_KEY_DERIVATION_INPUT_LABEL">PSA_KEY_DERIVATION_INPUT_LABEL</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>This is typically a direct input. It can also be a key of type <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RAW_DATA" title="PSA_KEY_TYPE_RAW_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RAW_DATA</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_KEY_DERIVATION_INPUT_CONTEXT">
+<span id="c.PSA_KEY_DERIVATION_INPUT_CONTEXT"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_CONTEXT</span></code> (macro)</h3>
+<p>A context for key derivation.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_CONTEXT" title="PSA_KEY_DERIVATION_INPUT_CONTEXT">PSA_KEY_DERIVATION_INPUT_CONTEXT</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>This is typically a direct input. It can also be a key of type <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RAW_DATA" title="PSA_KEY_TYPE_RAW_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RAW_DATA</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_KEY_DERIVATION_INPUT_SALT">
+<span id="c.PSA_KEY_DERIVATION_INPUT_SALT"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SALT</span></code> (macro)</h3>
+<p>A salt for key derivation.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_SALT" title="PSA_KEY_DERIVATION_INPUT_SALT">PSA_KEY_DERIVATION_INPUT_SALT</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>This is typically a direct input. It can also be a key of type <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RAW_DATA" title="PSA_KEY_TYPE_RAW_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RAW_DATA</span></code></a> or <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_PEPPER" title="PSA_KEY_TYPE_PEPPER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PEPPER</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_KEY_DERIVATION_INPUT_INFO">
+<span id="c.PSA_KEY_DERIVATION_INPUT_INFO"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_INFO</span></code> (macro)</h3>
+<p>An information string for key derivation.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_INFO" title="PSA_KEY_DERIVATION_INPUT_INFO">PSA_KEY_DERIVATION_INPUT_INFO</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>This is typically a direct input. It can also be a key of type <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RAW_DATA" title="PSA_KEY_TYPE_RAW_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RAW_DATA</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_KEY_DERIVATION_INPUT_SEED">
+<span id="c.PSA_KEY_DERIVATION_INPUT_SEED"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SEED</span></code> (macro)</h3>
+<p>A seed for key derivation.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_SEED" title="PSA_KEY_DERIVATION_INPUT_SEED">PSA_KEY_DERIVATION_INPUT_SEED</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>This is typically a direct input. It can also be a key of type <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RAW_DATA" title="PSA_KEY_TYPE_RAW_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RAW_DATA</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_KEY_DERIVATION_INPUT_COST">
+<span id="c.PSA_KEY_DERIVATION_INPUT_COST"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_COST</span></code> (macro)</h3>
+<p>A cost parameter for password hashing or key stretching.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_COST" title="PSA_KEY_DERIVATION_INPUT_COST">PSA_KEY_DERIVATION_INPUT_COST</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>This must be a direct input, passed to <a class="reference internal" href="#c.psa_key_derivation_input_integer" title="psa_key_derivation_input_integer"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_integer()</span></code></a>.</p>
+</div>
+</div>
+<div class="section" id="key-derivation-functions">
+<h2>10.6.3. Key derivation functions</h2>
+<div class="section" id="psa_key_derivation_operation_t">
+<span id="c.psa_key_derivation_operation_t"></span><h3><code class="docutils literal"><span class="pre">psa_key_derivation_operation_t</span></code> (type)</h3>
+<p>The type of the state object for key derivation operations.</p>
+<pre class="literal-block">
+typedef <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-type"><span class="std std-ref">/* implementation-defined type */</span></a></em> <a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a>;
+</pre>
+<p>Before calling any function on a key derivation operation object, the application must initialize it by any of the following means:</p>
+<ul>
+<li><p class="first">Set the object to all-bits-zero, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> operation;
+memset(&operation, 0, sizeof(operation));
+</pre>
+</li>
+<li><p class="first">Initialize the object to logical zero values by declaring the object as static or global without an explicit initializer, for example:</p>
+<pre class="literal-block">
+static <a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> operation;
+</pre>
+</li>
+<li><p class="first">Initialize the object to the initializer <a class="reference internal" href="#c.PSA_KEY_DERIVATION_OPERATION_INIT" title="PSA_KEY_DERIVATION_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_OPERATION_INIT</span></code></a>, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> operation = <a class="reference internal" href="#c.PSA_KEY_DERIVATION_OPERATION_INIT" title="PSA_KEY_DERIVATION_OPERATION_INIT">PSA_KEY_DERIVATION_OPERATION_INIT</a>;
+</pre>
+</li>
+<li><p class="first">Assign the result of the function <a class="reference internal" href="#c.psa_key_derivation_operation_init" title="psa_key_derivation_operation_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_operation_init()</span></code></a> to the object, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> operation;
+operation = <a class="reference internal" href="#c.psa_key_derivation_operation_init" title="psa_key_derivation_operation_init">psa_key_derivation_operation_init</a>();
+</pre>
+</li>
+</ul>
+<p>This is an implementation-defined type. Applications that make assumptions about the content of this object will result in in implementation-specific behavior, and are non-portable.</p>
+</div>
+<div class="section" id="PSA_KEY_DERIVATION_OPERATION_INIT">
+<span id="c.PSA_KEY_DERIVATION_OPERATION_INIT"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_OPERATION_INIT</span></code> (macro)</h3>
+<p>This macro returns a suitable initializer for a key derivation operation object of type <a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_derivation_operation_t</span></code></a>.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_DERIVATION_OPERATION_INIT" title="PSA_KEY_DERIVATION_OPERATION_INIT">PSA_KEY_DERIVATION_OPERATION_INIT</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+</div>
+<div class="section" id="psa_key_derivation_operation_init">
+<span id="c.psa_key_derivation_operation_init"></span><h3><code class="docutils literal"><span class="pre">psa_key_derivation_operation_init</span></code> (function)</h3>
+<p>Return an initial value for a key derivation operation object.</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> <a class="reference internal" href="#c.psa_key_derivation_operation_init" title="psa_key_derivation_operation_init">psa_key_derivation_operation_init</a>(void);
+</pre>
+<p class="rubric">Returns: <a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t"><code class="docutils literal"><span class="pre">psa_key_derivation_operation_t</span></code></a></p>
+</div>
+<div class="section" id="psa_key_derivation_setup">
+<span id="c.psa_key_derivation_setup"></span><h3><code class="docutils literal"><span class="pre">psa_key_derivation_setup</span></code> (function)</h3>
+<p>Set up a key derivation operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_key_derivation_setup" title="psa_key_derivation_setup">psa_key_derivation_setup</a>(<a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The key derivation operation object to set up. It must have been initialized but not set up yet.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd><p class="first">The algorithm to compute. This must be one of the following:</p>
+<ul class="last simple">
+<li>A key derivation algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_KEY_DERIVATION" title="PSA_ALG_IS_KEY_DERIVATION"><code class="docutils literal"><span class="pre">PSA_ALG_IS_KEY_DERIVATION</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</li>
+<li>A key agreement and derivation algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_KEY_AGREEMENT" title="PSA_ALG_IS_KEY_AGREEMENT"><code class="docutils literal"><span class="pre">PSA_ALG_IS_KEY_AGREEMENT</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true and <a class="reference internal" href="ka.html#c.PSA_ALG_IS_RAW_KEY_AGREEMENT" title="PSA_ALG_IS_RAW_KEY_AGREEMENT"><code class="docutils literal"><span class="pre">PSA_ALG_IS_RAW_KEY_AGREEMENT</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is false.</li>
+</ul>
+</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be inactive.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">alg</span></code> is neither a key derivation algorithm, nor a key agreement and derivation algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not a key derivation algorithm, or a key agreement and derivation algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>A key derivation algorithm takes some inputs and uses them to generate a byte stream in a deterministic way. This byte stream can be used to produce keys and other cryptographic material.</p>
+<p>A key agreement and derivation algorithm uses a key agreement protocol to provide a shared secret which is used for the key derivation. See <a class="reference internal" href="ka.html#c.psa_key_derivation_key_agreement" title="psa_key_derivation_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_key_agreement()</span></code></a>.</p>
+<p>To derive a key:</p>
+<ol class="arabic simple">
+<li>Start with an initialized object of type <a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_derivation_operation_t</span></code></a>.</li>
+<li>Call <a class="reference internal" href="#c.psa_key_derivation_setup" title="psa_key_derivation_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_setup()</span></code></a> to select the algorithm.</li>
+<li>Provide the inputs for the key derivation by calling <a class="reference internal" href="#c.psa_key_derivation_input_bytes" title="psa_key_derivation_input_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_bytes()</span></code></a> or <a class="reference internal" href="#c.psa_key_derivation_input_key" title="psa_key_derivation_input_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_key()</span></code></a> as appropriate. Which inputs are needed, in what order, whether keys are permitted, and what type of keys depends on the algorithm.</li>
+<li>Optionally set the operation’s maximum capacity with <a class="reference internal" href="#c.psa_key_derivation_set_capacity" title="psa_key_derivation_set_capacity"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_set_capacity()</span></code></a>. This can be done before, in the middle of, or after providing inputs. For some algorithms, this step is mandatory because the output depends on the maximum capacity.</li>
+<li>To derive a key, call <a class="reference internal" href="#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a>. To derive a byte string for a different purpose, call <a class="reference internal" href="#c.psa_key_derivation_output_bytes" title="psa_key_derivation_output_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_bytes()</span></code></a>. Successive calls to these functions use successive output bytes calculated by the key derivation algorithm.</li>
+<li>Clean up the key derivation operation object with <a class="reference internal" href="#c.psa_key_derivation_abort" title="psa_key_derivation_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_abort()</span></code></a>.</li>
+</ol>
+<p>If this function returns an error, the key derivation operation object is not changed.</p>
+<p>If an error occurs at any step after a call to <a class="reference internal" href="#c.psa_key_derivation_setup" title="psa_key_derivation_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_setup()</span></code></a>, the operation will need to be reset by a call to <a class="reference internal" href="#c.psa_key_derivation_abort" title="psa_key_derivation_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_abort()</span></code></a>.</p>
+<p>Implementations must reject an attempt to derive a key of size <code class="docutils literal"><span class="pre">0</span></code>.</p>
+</div>
+<div class="section" id="psa_key_derivation_get_capacity">
+<span id="c.psa_key_derivation_get_capacity"></span><h3><code class="docutils literal"><span class="pre">psa_key_derivation_get_capacity</span></code> (function)</h3>
+<p>Retrieve the current capacity of a key derivation operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_key_derivation_get_capacity" title="psa_key_derivation_get_capacity">psa_key_derivation_get_capacity</a>(const <a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ size_t * capacity);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The operation to query.</dd>
+<dt> <code class="docutils literal"><span class="pre">capacity</span></code></dt>
+<dd>On success, the capacity of the operation.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The maximum number of bytes that this key derivation can return is <code class="docutils literal"><span class="pre">(*capacity)</span></code>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be active.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The capacity of a key derivation is the maximum number of bytes that it can return. Reading <em>N</em> bytes of output from a key derivation operation reduces its capacity by at least <em>N</em>. The capacity can be reduced by more than <em>N</em> in the following situations:</p>
+<ul class="simple">
+<li>Calling <a class="reference internal" href="#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a> can reduce the capacity by more than the key size, depending on the type of key being generated. See <a class="reference internal" href="#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a> for details of the key derivation process.</li>
+<li>When the <a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_derivation_operation_t</span></code></a> object is operating as a deterministic random bit generator (DBRG), which reduces capacity in whole blocks, even when less than a block is read.</li>
+</ul>
+</div>
+<div class="section" id="psa_key_derivation_set_capacity">
+<span id="c.psa_key_derivation_set_capacity"></span><h3><code class="docutils literal"><span class="pre">psa_key_derivation_set_capacity</span></code> (function)</h3>
+<p>Set the maximum capacity of a key derivation operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_key_derivation_set_capacity" title="psa_key_derivation_set_capacity">psa_key_derivation_set_capacity</a>(<a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ size_t capacity);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The key derivation operation object to modify.</dd>
+<dt> <code class="docutils literal"><span class="pre">capacity</span></code></dt>
+<dd>The new capacity of the operation. It must be less or equal to the operation’s current capacity.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be active.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">capacity</span></code> is larger than the operation’s current capacity. In this case, the operation object remains valid and its capacity remains unchanged.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The capacity of a key derivation operation is the maximum number of bytes that the key derivation operation can return from this point onwards.</p>
+</div>
+<div class="section" id="psa_key_derivation_input_bytes">
+<span id="c.psa_key_derivation_input_bytes"></span><h3><code class="docutils literal"><span class="pre">psa_key_derivation_input_bytes</span></code> (function)</h3>
+<p>Provide an input for key derivation or key agreement.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_key_derivation_input_bytes" title="psa_key_derivation_input_bytes">psa_key_derivation_input_bytes</a>(<a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ <a class="reference internal" href="#c.psa_key_derivation_step_t" title="psa_key_derivation_step_t">psa_key_derivation_step_t</a> step,
+ const uint8_t * data,
+ size_t data_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The key derivation operation object to use. It must have been set up with <a class="reference internal" href="#c.psa_key_derivation_setup" title="psa_key_derivation_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_setup()</span></code></a> and must not have produced any output yet.</dd>
+<dt> <code class="docutils literal"><span class="pre">step</span></code></dt>
+<dd>Which step the input data is for.</dd>
+<dt> <code class="docutils literal"><span class="pre">data</span></code></dt>
+<dd>Input data to use.</dd>
+<dt> <code class="docutils literal"><span class="pre">data_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">data</span></code> buffer in bytes.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid for this input <code class="docutils literal"><span class="pre">step</span></code>. This can happen if the application provides a step out of order or repeats a step that may not be repeated.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">step</span></code> is not compatible with the operation’s algorithm.</li>
+<li><code class="docutils literal"><span class="pre">step</span></code> does not allow direct inputs.</li>
+<li><code class="docutils literal"><span class="pre">data_length</span></code> is too small or too large for <code class="docutils literal"><span class="pre">step</span></code> in this particular algorithm.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">step</span></code> is not supported with the operation’s algorithm.</li>
+<li><code class="docutils literal"><span class="pre">data_length</span></code> is is not supported for <code class="docutils literal"><span class="pre">step</span></code> in this particular algorithm.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>Which inputs are required and in what order depends on the algorithm. Refer to the documentation of each key derivation or key agreement algorithm for information.</p>
+<p>This function passes direct inputs, which is usually correct for non-secret inputs. To pass a secret input, which is normally in a key object, call <a class="reference internal" href="#c.psa_key_derivation_input_key" title="psa_key_derivation_input_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_key()</span></code></a> instead of this function. Refer to the documentation of individual step types (<code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_xxx</span></code> values of type <a class="reference internal" href="#c.psa_key_derivation_step_t" title="psa_key_derivation_step_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_derivation_step_t</span></code></a>) for more information.</p>
+<p>If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_key_derivation_abort" title="psa_key_derivation_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_abort()</span></code></a>.</p>
+</div>
+<div class="section" id="psa_key_derivation_input_integer">
+<span id="c.psa_key_derivation_input_integer"></span><h3><code class="docutils literal"><span class="pre">psa_key_derivation_input_integer</span></code> (function)</h3>
+<p>Provide a numeric input for key derivation or key agreement.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_key_derivation_input_integer" title="psa_key_derivation_input_integer">psa_key_derivation_input_integer</a>(<a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ <a class="reference internal" href="#c.psa_key_derivation_step_t" title="psa_key_derivation_step_t">psa_key_derivation_step_t</a> step,
+ uint64_t value);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The key derivation operation object to use. It must have been set up with <a class="reference internal" href="#c.psa_key_derivation_setup" title="psa_key_derivation_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_setup()</span></code></a> and must not have produced any output yet.</dd>
+<dt> <code class="docutils literal"><span class="pre">step</span></code></dt>
+<dd>Which step the input data is for.</dd>
+<dt> <code class="docutils literal"><span class="pre">value</span></code></dt>
+<dd>The value of the numeric input.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid for this input <code class="docutils literal"><span class="pre">step</span></code>. This can happen if the application provides a step out of order or repeats a step that may not be repeated.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">step</span></code> is not compatible with the operation’s algorithm.</li>
+<li><code class="docutils literal"><span class="pre">step</span></code> does not allow numerical inputs.</li>
+<li><code class="docutils literal"><span class="pre">value</span></code> is not valid for <code class="docutils literal"><span class="pre">step</span></code> in the operation’s algorithm.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">step</span></code> is not supported with the operation’s algorithm.</li>
+<li><code class="docutils literal"><span class="pre">value</span></code> is not supported for <code class="docutils literal"><span class="pre">step</span></code> in the operation’s algorithm.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>Which inputs are required and in what order depends on the algorithm.
+However, when an algorithm requires a particular order, numeric inputs usually come first as they tend to be configuration parameters.
+Refer to the documentation of each key derivation or key agreement algorithm for information.</p>
+<p>This function is used for inputs which are fixed-size non-negative integers.</p>
+<p>If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_key_derivation_abort" title="psa_key_derivation_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_abort()</span></code></a>.</p>
+</div>
+<div class="section" id="psa_key_derivation_input_key">
+<span id="c.psa_key_derivation_input_key"></span><h3><code class="docutils literal"><span class="pre">psa_key_derivation_input_key</span></code> (function)</h3>
+<p>Provide an input for key derivation in the form of a key.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_key_derivation_input_key" title="psa_key_derivation_input_key">psa_key_derivation_input_key</a>(<a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ <a class="reference internal" href="#c.psa_key_derivation_step_t" title="psa_key_derivation_step_t">psa_key_derivation_step_t</a> step,
+ <a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The key derivation operation object to use. It must have been set up with <a class="reference internal" href="#c.psa_key_derivation_setup" title="psa_key_derivation_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_setup()</span></code></a> and must not have produced any output yet.</dd>
+<dt> <code class="docutils literal"><span class="pre">step</span></code></dt>
+<dd>Which step the input data is for.</dd>
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key. The key must have an appropriate type for <code class="docutils literal"><span class="pre">step</span></code>, it must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DERIVE" title="PSA_KEY_USAGE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DERIVE</span></code></a> or <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_DERIVATION" title="PSA_KEY_USAGE_VERIFY_DERIVATION"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_DERIVATION</span></code></a> (see <a class="reference internal" href="#note">note</a>), and it must permit the algorithm used by the operation.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid for this input <code class="docutils literal"><span class="pre">step</span></code>. This can happen if the application provides a step out of order or repeats a step that may not be repeated.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key has neither the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DERIVE" title="PSA_KEY_USAGE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DERIVE</span></code></a> nor the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_DERIVATION" title="PSA_KEY_USAGE_VERIFY_DERIVATION"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_DERIVATION</span></code></a> usage flag, or it does not permit the operation’s algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">step</span></code> is not compatible with the operation’s algorithm.</li>
+<li><code class="docutils literal"><span class="pre">step</span></code> does not allow key inputs of the given type, or does not allow key inputs at all.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">step</span></code> is not supported with the operation’s algorithm.</li>
+<li>Key inputs of the given type are not supported for <code class="docutils literal"><span class="pre">step</span></code> in the operation’s algorithm.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>Which inputs are required and in what order depends on the algorithm. Refer to the documentation of each key derivation or key agreement algorithm for information.</p>
+<p>This function obtains input from a key object, which is usually correct for secret inputs or for non-secret personalization strings kept in the key store. To pass a non-secret parameter which is not in the key store, call <a class="reference internal" href="#c.psa_key_derivation_input_bytes" title="psa_key_derivation_input_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_bytes()</span></code></a> instead of this function. Refer to the documentation of individual step types (<code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_xxx</span></code> values of type <a class="reference internal" href="#c.psa_key_derivation_step_t" title="psa_key_derivation_step_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_derivation_step_t</span></code></a>) for more information.</p>
+<div class="admonition note" id="note">
+<p class="first admonition-title">Note</p>
+<p>Once all inputs steps are completed, the following operations are permitted:</p>
+<ul class="last simple">
+<li><a class="reference internal" href="#c.psa_key_derivation_output_bytes" title="psa_key_derivation_output_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_bytes()</span></code></a> — if each input was either a direct input or a key with usage flag <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DERIVE" title="PSA_KEY_USAGE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DERIVE</span></code></a>.</li>
+<li><a class="reference internal" href="#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a> — if the input for step <a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_SECRET" title="PSA_KEY_DERIVATION_INPUT_SECRET"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SECRET</span></code></a> or <a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_PASSWORD" title="PSA_KEY_DERIVATION_INPUT_PASSWORD"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_PASSWORD</span></code></a> was a key with usage flag <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DERIVE" title="PSA_KEY_USAGE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DERIVE</span></code></a>, and every other input was either a direct input or a key with usage flag <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DERIVE" title="PSA_KEY_USAGE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DERIVE</span></code></a>.</li>
+<li><a class="reference internal" href="#c.psa_key_derivation_verify_bytes" title="psa_key_derivation_verify_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_verify_bytes()</span></code></a> — if each input was either a direct input or a key with usage flag <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_DERIVATION" title="PSA_KEY_USAGE_VERIFY_DERIVATION"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_DERIVATION</span></code></a>.</li>
+<li><a class="reference internal" href="#c.psa_key_derivation_verify_key" title="psa_key_derivation_verify_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_verify_key()</span></code></a> — under the same conditions as <a class="reference internal" href="#c.psa_key_derivation_verify_bytes" title="psa_key_derivation_verify_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_verify_bytes()</span></code></a>.</li>
+</ul>
+</div>
+<p>If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_key_derivation_abort" title="psa_key_derivation_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_abort()</span></code></a>.</p>
+</div>
+<div class="section" id="psa_key_derivation_output_bytes">
+<span id="c.psa_key_derivation_output_bytes"></span><h3><code class="docutils literal"><span class="pre">psa_key_derivation_output_bytes</span></code> (function)</h3>
+<p>Read some data from a key derivation operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_key_derivation_output_bytes" title="psa_key_derivation_output_bytes">psa_key_derivation_output_bytes</a>(<a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ uint8_t * output,
+ size_t output_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The key derivation operation object to read from.</dd>
+<dt> <code class="docutils literal"><span class="pre">output</span></code></dt>
+<dd>Buffer where the output will be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">output_length</span></code></dt>
+<dd>Number of bytes to output.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">output_length</span></code> bytes of <code class="docutils literal"><span class="pre">output</span></code> contain the derived data.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be active, with all required input steps complete.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>One of the inputs was a key whose policy did not allow <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DERIVE" title="PSA_KEY_USAGE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DERIVE</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_DATA" title="PSA_ERROR_INSUFFICIENT_DATA"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_DATA</span></code></a></dt>
+<dd><p class="first">The operation’s capacity was less than <code class="docutils literal"><span class="pre">output_length</span></code> bytes. In this case, the following occurs:</p>
+<ul class="last simple">
+<li>No output is written to the output buffer.</li>
+<li>The operation’s capacity is set to zero — subsequent calls to this function will not succeed, even with a smaller output buffer.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>This function calculates output bytes from a key derivation algorithm and returns those bytes. If the key derivation’s output is viewed as a stream of bytes, this function consumes the requested number of bytes from the stream and returns them to the caller. The operation’s capacity decreases by the number of bytes read.</p>
+<p>If this function returns an error status other than <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_DATA" title="PSA_ERROR_INSUFFICIENT_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_DATA</span></code></a>, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_key_derivation_abort" title="psa_key_derivation_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_abort()</span></code></a>.</p>
+</div>
+<div class="section" id="psa_key_derivation_output_key">
+<span id="c.psa_key_derivation_output_key"></span><h3><code class="docutils literal"><span class="pre">psa_key_derivation_output_key</span></code> (function)</h3>
+<p>Derive a key from an ongoing key derivation operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key">psa_key_derivation_output_key</a>(const <a class="reference internal" href="../keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ <a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ <a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> * key);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">attributes</span></code></dt>
+<dd><p class="first">The attributes for the new key.
+This function uses the attributes as follows:</p>
+<ul>
+<li><p class="first">The key type is required. It cannot be an asymmetric public key.</p>
+</li>
+<li><p class="first">The key size is required. It must be a valid size for the key type.</p>
+</li>
+<li><p class="first">The key permitted-algorithm policy is required for keys that will be used for a cryptographic operation, see <a class="reference internal" href="../keys/policy.html#permitted-algorithms"><span class="secref">Permitted algorithms</span></a>.</p>
+<p>If the key type to be created is <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_PASSWORD_HASH" title="PSA_KEY_TYPE_PASSWORD_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD_HASH</span></code></a>, then the permitted-algorithm policy must be the same as the current operation’s algorithm.</p>
+</li>
+<li><p class="first">The key usage flags define what operations are permitted with the key, see <a class="reference internal" href="../keys/policy.html#key-usage-flags"><span class="secref">Key usage flags</span></a>.</p>
+</li>
+<li><p class="first">The key lifetime and identifier are required for a persistent key.</p>
+</li>
+</ul>
+<div class="last admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">This is an input parameter: it is not updated with the final key attributes. The final attributes of the new key can be queried by calling <a class="reference internal" href="../keys/attributes.html#c.psa_get_key_attributes" title="psa_get_key_attributes"><code class="xref any c c-func docutils literal"><span class="pre">psa_get_key_attributes()</span></code></a> with the key’s identifier.</p>
+</div>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The key derivation operation object to read from.</dd>
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>On success, an identifier for the newly created key. <a class="reference internal" href="../keys/ids.html#c.PSA_KEY_ID_NULL" title="PSA_KEY_ID_NULL"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_ID_NULL</span></code></a> on failure.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+If the key is persistent, the key material and the key’s metadata have been saved to persistent storage.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be active, with all required input steps complete.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The <a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_SECRET" title="PSA_KEY_DERIVATION_INPUT_SECRET"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SECRET</span></code></a> input step was neither provided through a key, nor the result of a key agreement.</li>
+<li>One of the inputs was a key whose policy did not allow <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DERIVE" title="PSA_KEY_USAGE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DERIVE</span></code></a>.</li>
+<li>The implementation does not permit creating a key with the specified attributes due to some implementation-specific policy.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_ALREADY_EXISTS" title="PSA_ERROR_ALREADY_EXISTS"><code class="docutils literal"><span class="pre">PSA_ERROR_ALREADY_EXISTS</span></code></a></dt>
+<dd>This is an attempt to create a persistent key, and there is already a persistent key with the given identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_DATA" title="PSA_ERROR_INSUFFICIENT_DATA"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_DATA</span></code></a></dt>
+<dd><p class="first">There was not enough data to create the desired key. In this case, the following occurs:</p>
+<ul class="last simple">
+<li>No key is generated.</li>
+<li>The operation’s capacity is set to zero — subsequent calls to this function will not succeed, even if they require less data.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The key type is invalid, or is an asymmetric public key type.</li>
+<li>The key type is <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_PASSWORD_HASH" title="PSA_KEY_TYPE_PASSWORD_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD_HASH</span></code></a>, and the permitted-algorithm policy is not the same as the current operation’s algorithm.</li>
+<li>The key size is not valid for the key type.</li>
+<li>The key lifetime is invalid.</li>
+<li>The key identifier is not valid for the key lifetime.</li>
+<li>The key usage flags include invalid values.</li>
+<li>The key’s permitted-usage algorithm is invalid.</li>
+<li>The key attributes, as a whole, are invalid.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd>The key attributes, as a whole, are not supported, either by the implementation in general or in the specified storage location.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_STORAGE" title="PSA_ERROR_INSUFFICIENT_STORAGE"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_STORAGE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>This function calculates output bytes from a key derivation algorithm and uses those bytes to generate a key deterministically. The key’s location, policy, type and size are taken from <code class="docutils literal"><span class="pre">attributes</span></code>.</p>
+<p>If the key derivation’s output is viewed as a stream of bytes, this function consumes the required number of bytes from the stream. The operation’s capacity decreases by the number of bytes used to derive the key.</p>
+<p>If this function returns an error status other than <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_DATA" title="PSA_ERROR_INSUFFICIENT_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_DATA</span></code></a>, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_key_derivation_abort" title="psa_key_derivation_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_abort()</span></code></a>.</p>
+<p>How much output is produced and consumed from the operation, and how the key is derived, depends on the key type. <span><a class="reference internal" href="#std-key-derivation"><span class="numref">Table 5</span></a></span> describes the required key derivation procedures for standard key derivation algorithms. Implementations can use other methods for implementation-specific algorithms.</p>
+<p>In all cases, the data that is read is discarded from the operation. The operation’s capacity is decreased by the number of bytes read.</p>
+<table border="1" class="colwidths-given longtable docutils align-right" id="std-key-derivation">
+<caption><span class="caption-number">Table 5 </span><span class="caption-text">Standard key derivation process</span></caption>
+<colgroup>
+<col width="29%" />
+<col width="71%" />
+</colgroup>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Key type</th>
+<th class="head">Key type details and derivation procedure</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td><p class="first">AES</p>
+<p>ARC4</p>
+<p>ARIA</p>
+<p>CAMELLIA</p>
+<p>ChaCha20</p>
+<p>SM4</p>
+<p>Secrets for derivation</p>
+<p>HMAC</p>
+<p class="last">Password hashes</p>
+</td>
+<td><p class="first"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a></p>
+<p><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ARC4" title="PSA_KEY_TYPE_ARC4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARC4</span></code></a></p>
+<p><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ARIA" title="PSA_KEY_TYPE_ARIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARIA</span></code></a></p>
+<p><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_CAMELLIA" title="PSA_KEY_TYPE_CAMELLIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CAMELLIA</span></code></a></p>
+<p><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_CHACHA20" title="PSA_KEY_TYPE_CHACHA20"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CHACHA20</span></code></a></p>
+<p><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_SM4" title="PSA_KEY_TYPE_SM4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_SM4</span></code></a></p>
+<p><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DERIVE" title="PSA_KEY_TYPE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DERIVE</span></code></a></p>
+<p><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_HMAC" title="PSA_KEY_TYPE_HMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_HMAC</span></code></a></p>
+<p><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_PASSWORD_HASH" title="PSA_KEY_TYPE_PASSWORD_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD_HASH</span></code></a></p>
+<p class="last">For key types for which the key is an arbitrary sequence of bytes of a given size, this function is functionally equivalent to calling <a class="reference internal" href="#c.psa_key_derivation_output_bytes" title="psa_key_derivation_output_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_bytes()</span></code></a> and passing the resulting output to <a class="reference internal" href="../keys/management.html#c.psa_import_key" title="psa_import_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_import_key()</span></code></a>. However, this function has a security benefit: if the implementation provides an isolation boundary then the key material is not exposed outside the isolation boundary. As a consequence, for these key types, this function always consumes exactly <code class="docutils literal"><span class="pre">(bits/8)</span></code> bytes from the operation.</p>
+</td>
+</tr>
+<tr class="row-odd"><td>DES</td>
+<td><p class="first"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DES" title="PSA_KEY_TYPE_DES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DES</span></code></a>, 64 bits.</p>
+<p>This function generates a key using the following process:</p>
+<ol class="last arabic simple">
+<li>Draw an 8-byte string.</li>
+<li>Set/clear the parity bits in each byte.</li>
+<li>If the result is a forbidden weak key, discard the result and return to step 1.</li>
+<li>Output the string.</li>
+</ol>
+</td>
+</tr>
+<tr class="row-even"><td><p class="first">2-key 3DES</p>
+<p class="last">3-key 3DES</p>
+</td>
+<td><p class="first"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DES" title="PSA_KEY_TYPE_DES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DES</span></code></a>, 192 bits.</p>
+<p><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DES" title="PSA_KEY_TYPE_DES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DES</span></code></a>, 128 bits.</p>
+<p>The two or three keys are generated by repeated application of the process used to generate a DES key.</p>
+<p class="last">For example, for 3-key 3DES, if the first 8 bytes specify a weak key and the next 8 bytes do not, discard the first 8 bytes, use the next 8 bytes as the first key, and continue reading output from the operation to derive the other two keys.</p>
+</td>
+</tr>
+<tr class="row-odd"><td><p class="first">Finite-field Diffie-Hellman keys</p>
+<p class="last">ECC keys on a Weierstrass elliptic curve</p>
+</td>
+<td><p class="first"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DH_KEY_PAIR" title="PSA_KEY_TYPE_DH_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DH_KEY_PAIR</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">dh_family</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">dh_family</span></code> designates any Diffie-Hellman family.</p>
+<p><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ECC_KEY_PAIR" title="PSA_KEY_TYPE_ECC_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_KEY_PAIR</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">ecc_family</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">ecc_family</span></code> designates a Weierstrass curve family.</p>
+<p>These key types require the generation of a private key which is an integer in the range [1, <em>N</em> - 1], where <em>N</em> is the boundary of the private key domain: <em>N</em> is the prime <em>p</em> for Diffie-Hellman, or the order of the curve’s base point for ECC.</p>
+<p>Let <code class="docutils literal"><span class="pre">m</span></code> be the bit size of <em>N</em>, such that <code class="docutils literal"><span class="pre">2^m</span></code> > <em>N</em> >= <code class="docutils literal"><span class="pre">2^(m-1)</span></code>. This function generates the private key using the following process:</p>
+<ol class="arabic simple">
+<li>Draw a byte string of length <code class="docutils literal"><span class="pre">ceiling(m/8)</span></code> bytes.</li>
+<li>If <code class="docutils literal"><span class="pre">m</span></code> is not a multiple of <code class="docutils literal"><span class="pre">8</span></code>, set the most significant <code class="docutils literal"><span class="pre">(8</span> <span class="pre">*</span> <span class="pre">ceiling(m/8)</span> <span class="pre">-</span> <span class="pre">m)</span></code> bits of the first byte in the string to zero.</li>
+<li>Convert the string to integer <em>k</em> by decoding it as a big-endian byte string.</li>
+<li>If <em>k</em> > <em>N</em> - <code class="docutils literal"><span class="pre">2</span></code>, discard the result and return to step 1.</li>
+<li>Output <em>k</em> + <code class="docutils literal"><span class="pre">1</span></code> as the private key.</li>
+</ol>
+<p>This method allows compliance to NIST standards, specifically the methods titled <em>Key-Pair Generation by Testing Candidates</em> in the following publications:</p>
+<ul class="last simple">
+<li><span><em>NIST Special Publication 800-56A: Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography</em> <a class="reference internal" href="../../about.html#citation-sp800-56a"><span class="cite">[SP800-56A]</span></a></span> §5.6.1.1.4 for Diffie-Hellman keys.</li>
+<li><a class="reference internal" href="../../about.html#citation-sp800-56a"><span class="cite">[SP800-56A]</span></a> §5.6.1.2.2 or <span><em>FIPS Publication 186-4: Digital Signature Standard (DSS)</em> <a class="reference internal" href="../../about.html#citation-fips186-4"><span class="cite">[FIPS186-4]</span></a></span> §B.4.2 for elliptic curve keys.</li>
+</ul>
+</td>
+</tr>
+<tr class="row-even"><td>ECC keys on a Montgomery elliptic curve</td>
+<td><p class="first"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ECC_KEY_PAIR" title="PSA_KEY_TYPE_ECC_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_KEY_PAIR</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_MONTGOMERY" title="PSA_ECC_FAMILY_MONTGOMERY"><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_MONTGOMERY</span></code></a><code class="docutils literal"><span class="pre">)</span></code></p>
+<p>This function always draws a byte string whose length is determined by the curve, and sets the mandatory bits accordingly. That is:</p>
+<ul class="last simple">
+<li>Curve25519 (<a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_MONTGOMERY" title="PSA_ECC_FAMILY_MONTGOMERY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_MONTGOMERY</span></code></a>, 255 bits): draw a 32-byte string and process it as specified in <span><em>Elliptic Curves for Security</em> <a class="reference internal" href="../../about.html#citation-rfc7748"><span class="cite">[RFC7748]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc7748.html#section-5">§5</a>.</li>
+<li>Curve448 (<a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_MONTGOMERY" title="PSA_ECC_FAMILY_MONTGOMERY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_MONTGOMERY</span></code></a>, 448 bits): draw a 56-byte string and process it as specified in <a class="reference internal" href="../../about.html#citation-rfc7748"><span class="cite">[RFC7748]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc7748.html#section-5">§5</a>.</li>
+</ul>
+</td>
+</tr>
+<tr class="row-odd"><td><em>Other key types</em></td>
+<td><p class="first">This includes <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RSA_KEY_PAIR" title="PSA_KEY_TYPE_RSA_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_KEY_PAIR</span></code></a>.</p>
+<p class="last">The way in which the operation output is consumed is implementation-defined.</p>
+</td>
+</tr>
+</tbody>
+</table>
+<p>For algorithms that take an input step <a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_SECRET" title="PSA_KEY_DERIVATION_INPUT_SECRET"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SECRET</span></code></a>, the input to that step must be provided with <a class="reference internal" href="#c.psa_key_derivation_input_key" title="psa_key_derivation_input_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_key()</span></code></a>. Future versions of this specification might include additional restrictions on the derived key based on the attributes and strength of the secret key.</p>
+</div>
+<div class="section" id="psa_key_derivation_verify_bytes">
+<span id="c.psa_key_derivation_verify_bytes"></span><h3><code class="docutils literal"><span class="pre">psa_key_derivation_verify_bytes</span></code> (function)</h3>
+<p>Compare output data from a key derivation operation to an expected value.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_key_derivation_verify_bytes" title="psa_key_derivation_verify_bytes">psa_key_derivation_verify_bytes</a>(<a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ const uint8_t *expected_output,
+ size_t output_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The key derivation operation object to read from.</dd>
+<dt> <code class="docutils literal"><span class="pre">expected_output</span></code></dt>
+<dd>Buffer containing the expected derivation output.</dd>
+<dt> <code class="docutils literal"><span class="pre">output_length</span></code></dt>
+<dd>Length ot the expected output. This is also the number of bytes that will be read.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The output of the key derivation operation matches <code class="docutils literal"><span class="pre">expected_output</span></code>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be active, with all required input steps complete.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>One of the inputs is a key whose policy does not permit <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_DERIVATION" title="PSA_KEY_USAGE_VERIFY_DERIVATION"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_DERIVATION</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a></dt>
+<dd>The output of the key derivation operation does not match the value in <code class="docutils literal"><span class="pre">expected_output</span></code>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_DATA" title="PSA_ERROR_INSUFFICIENT_DATA"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_DATA</span></code></a></dt>
+<dd>The operation’s capacity was less than <code class="docutils literal"><span class="pre">output_length</span></code> bytes. In this case, the operation’s capacity is set to zero — subsequent calls to this function will not succeed, even with a smaller expected output length.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>This function calculates output bytes from a key derivation algorithm and compares those bytes to an expected value.
+If the key derivation’s output is viewed as a stream of bytes, this function destructively reads <code class="docutils literal"><span class="pre">output_length</span></code> bytes from the stream before comparing them with <code class="docutils literal"><span class="pre">expected_output</span></code>.
+The operation’s capacity decreases by the number of bytes read.</p>
+<p>This is functionally equivalent to the following code:</p>
+<pre class="literal-block">
+uint8_t tmp[output_length];
+<a class="reference internal" href="#c.psa_key_derivation_output_bytes" title="psa_key_derivation_output_bytes">psa_key_derivation_output_bytes</a>(operation, tmp, output_length);
+if (memcmp(expected_output, tmp, output_length) != 0)
+ return <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE">PSA_ERROR_INVALID_SIGNATURE</a>;
+</pre>
+<p>However, calling <a class="reference internal" href="#c.psa_key_derivation_verify_bytes" title="psa_key_derivation_verify_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_verify_bytes()</span></code></a> works even if the key’s policy does not allow output of the bytes.</p>
+<p>If this function returns an error status other than <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_DATA" title="PSA_ERROR_INSUFFICIENT_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_DATA</span></code></a> or <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a>, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_key_derivation_abort" title="psa_key_derivation_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_abort()</span></code></a>.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">Implementations must make the best effort to ensure that the comparison between the actual key derivation output and the expected output is performed in constant time.</p>
+</div>
+</div>
+<div class="section" id="psa_key_derivation_verify_key">
+<span id="c.psa_key_derivation_verify_key"></span><h3><code class="docutils literal"><span class="pre">psa_key_derivation_verify_key</span></code> (function)</h3>
+<p>Compare output data from a key derivation operation to an expected value stored in a key.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_key_derivation_verify_key" title="psa_key_derivation_verify_key">psa_key_derivation_verify_key</a>(<a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ <a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> expected);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The key derivation operation object to read from.</dd>
+<dt> <code class="docutils literal"><span class="pre">expected</span></code></dt>
+<dd><p class="first">A key of type <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_PASSWORD_HASH" title="PSA_KEY_TYPE_PASSWORD_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD_HASH</span></code></a> containing the expected output.
+The key must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_DERIVATION" title="PSA_KEY_USAGE_VERIFY_DERIVATION"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_DERIVATION</span></code></a>, and the permitted algorithm must match the operation’s algorithm.</p>
+<p class="last">The value of this key is typically computed by a previous call to psa_key_derivation_output_key().</p>
+</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The output of the key derivation operation matches the <code class="docutils literal"><span class="pre">expected</span></code> key value.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be active, with all required input steps complete.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">expected</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_DERIVATION" title="PSA_KEY_USAGE_VERIFY_DERIVATION"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_DERIVATION</span></code></a> flag, or it does not permit the requested algorithm.</li>
+<li>One of the inputs is a key whose policy does not permit <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_DERIVATION" title="PSA_KEY_USAGE_VERIFY_DERIVATION"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_DERIVATION</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a></dt>
+<dd>The output of the key derivation operation does not match the value of the <code class="docutils literal"><span class="pre">expected</span></code> key.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_DATA" title="PSA_ERROR_INSUFFICIENT_DATA"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_DATA</span></code></a></dt>
+<dd>The operation’s capacity was less than the length of the <code class="docutils literal"><span class="pre">expected</span></code> key. In this case, the operation’s capacity is set to zero — subsequent calls to this function will not succeed, even with a smaller expected key length.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd>The key type is not <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_PASSWORD_HASH" title="PSA_KEY_TYPE_PASSWORD_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD_HASH</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>This function calculates output bytes from a key derivation algorithm and compares those bytes to an expected value, provided as key of type <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_PASSWORD_HASH" title="PSA_KEY_TYPE_PASSWORD_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD_HASH</span></code></a>.
+If the key derivation’s output is viewed as a stream of bytes, this function destructively reads the number of bytes corresponding to the length of the <code class="docutils literal"><span class="pre">expected</span></code> key from the stream before comparing them with the key value.
+The operation’s capacity decreases by the number of bytes read.</p>
+<p>This is functionally equivalent to exporting the <code class="docutils literal"><span class="pre">expected</span></code> key and calling <a class="reference internal" href="#c.psa_key_derivation_verify_bytes" title="psa_key_derivation_verify_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_verify_bytes()</span></code></a> on the result, except that it works when the key cannot be exported.</p>
+<p>If this function returns an error status other than <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_DATA" title="PSA_ERROR_INSUFFICIENT_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_DATA</span></code></a> or <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a>, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_key_derivation_abort" title="psa_key_derivation_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_abort()</span></code></a>.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">Implementations must make the best effort to ensure that the comparison between the actual key derivation output and the expected output is performed in constant time.</p>
+</div>
+</div>
+<div class="section" id="psa_key_derivation_abort">
+<span id="c.psa_key_derivation_abort"></span><h3><code class="docutils literal"><span class="pre">psa_key_derivation_abort</span></code> (function)</h3>
+<p>Abort a key derivation operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_key_derivation_abort" title="psa_key_derivation_abort">psa_key_derivation_abort</a>(<a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The operation to abort.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The operation object can now be discarded or reused.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>Aborting an operation frees all associated resources except for the <code class="docutils literal"><span class="pre">operation</span></code> object itself. Once aborted, the operation object can be reused for another operation by calling <a class="reference internal" href="#c.psa_key_derivation_setup" title="psa_key_derivation_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_setup()</span></code></a> again.</p>
+<p>This function can be called at any time after the operation object has been initialized as described in <a class="reference internal" href="#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_derivation_operation_t</span></code></a>.</p>
+<p>In particular, it is valid to call <a class="reference internal" href="#c.psa_key_derivation_abort" title="psa_key_derivation_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_abort()</span></code></a> twice, or to call <a class="reference internal" href="#c.psa_key_derivation_abort" title="psa_key_derivation_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_abort()</span></code></a> on an operation that has not been set up.</p>
+</div>
+</div>
+<div class="section" id="support-macros">
+<h2>10.6.4. Support macros</h2>
+<div class="section" id="PSA_ALG_IS_KEY_DERIVATION_STRETCHING">
+<span id="c.PSA_ALG_IS_KEY_DERIVATION_STRETCHING"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_KEY_DERIVATION_STRETCHING</span></code> (macro)</h3>
+<p>Whether the specified algorithm is a key-stretching or password-hashing algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_KEY_DERIVATION_STRETCHING" title="PSA_ALG_IS_KEY_DERIVATION_STRETCHING">PSA_ALG_IS_KEY_DERIVATION_STRETCHING</a>(alg) \
+ <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a key-stretching or password-hashing algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise.
+This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported key derivation algorithm algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>A key-stretching or password-hashing algorithm is a key derivation algorithm that is suitable for use with a low-entropy secret such as a password.
+Equivalently, it’s a key derivation algorithm that uses a <a class="reference internal" href="#c.PSA_KEY_DERIVATION_INPUT_PASSWORD" title="PSA_KEY_DERIVATION_INPUT_PASSWORD"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_PASSWORD</span></code></a> input step.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_HKDF">
+<span id="c.PSA_ALG_IS_HKDF"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_HKDF</span></code> (macro)</h3>
+<p>Whether the specified algorithm is an HKDF algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_HKDF" title="PSA_ALG_IS_HKDF">PSA_ALG_IS_HKDF</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is an HKDF algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported key derivation algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>HKDF is a family of key derivation algorithms that are based on a hash function and the HMAC construction.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_TLS12_PRF">
+<span id="c.PSA_ALG_IS_TLS12_PRF"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_TLS12_PRF</span></code> (macro)</h3>
+<p>Whether the specified algorithm is a TLS-1.2 PRF algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_TLS12_PRF" title="PSA_ALG_IS_TLS12_PRF">PSA_ALG_IS_TLS12_PRF</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a TLS-1.2 PRF algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported key derivation algorithm identifier.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_TLS12_PSK_TO_MS">
+<span id="c.PSA_ALG_IS_TLS12_PSK_TO_MS"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_TLS12_PSK_TO_MS</span></code> (macro)</h3>
+<p>Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_TLS12_PSK_TO_MS" title="PSA_ALG_IS_TLS12_PSK_TO_MS">PSA_ALG_IS_TLS12_PSK_TO_MS</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a TLS-1.2 PSK to MS algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported key derivation algorithm identifier.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_PBKDF2_HMAC">
+<span id="c.PSA_ALG_IS_PBKDF2_HMAC"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_PBKDF2_HMAC</span></code> (macro)</h3>
+<p>Whether the specified algorithm is a PBKDF2-HMAC algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_PBKDF2_HMAC" title="PSA_ALG_IS_PBKDF2_HMAC">PSA_ALG_IS_PBKDF2_HMAC</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a PBKDF2-HMAC algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported key derivation algorithm identifier.</p>
+</div>
+<div class="section" id="PSA_KEY_DERIVATION_UNLIMITED_CAPACITY">
+<span id="c.PSA_KEY_DERIVATION_UNLIMITED_CAPACITY"></span><h3><code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_UNLIMITED_CAPACITY</span></code> (macro)</h3>
+<p>Use the maximum possible capacity for a key derivation operation.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_KEY_DERIVATION_UNLIMITED_CAPACITY" title="PSA_KEY_DERIVATION_UNLIMITED_CAPACITY">PSA_KEY_DERIVATION_UNLIMITED_CAPACITY</a> \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>Use this value as the capacity argument when setting up a key derivation to specify that the operation will use the maximum possible capacity. The value of the maximum possible capacity depends on the key derivation algorithm.</p>
+</div>
+<div class="section" id="PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE">
+<span id="c.PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE</span></code> (macro)</h3>
+<p>This macro returns the maximum supported length of the PSK for the TLS-1.2 PSK-to-MS key derivation.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE" title="PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE">PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>This implementation-defined value specifies the maximum length for the PSK input used with a <a class="reference internal" href="#c.PSA_ALG_TLS12_PSK_TO_MS" title="PSA_ALG_TLS12_PSK_TO_MS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_TLS12_PSK_TO_MS()</span></code></a> key agreement algorithm.</p>
+<p>Quoting <span><em>Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)</em> <a class="reference internal" href="../../about.html#citation-rfc4279"><span class="cite">[RFC4279]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc4279.html#section-5.3">§5.3</a>:</p>
+<blockquote>
+<div>TLS implementations supporting these cipher suites MUST support arbitrary PSK identities up to 128 octets in length, and arbitrary PSKs up to 64 octets in length. Supporting longer identities and keys is RECOMMENDED.</div></blockquote>
+<p>Therefore, it is recommended that implementations define <a class="reference internal" href="#c.PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE" title="PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE</span></code></a> with a value greater than or equal to <code class="docutils literal"><span class="pre">64</span></code>.</p>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">10. Cryptographic operation reference</a><ul class="current">
+<li class="toctree-l2"><a class="reference internal" href="algorithms.html">10.1. Algorithms</a></li>
+<li class="toctree-l2"><a class="reference internal" href="hashes.html">10.2. Message digests (Hashes)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="macs.html">10.3. Message authentication codes (MAC)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ciphers.html">10.4. Unauthenticated ciphers</a></li>
+<li class="toctree-l2"><a class="reference internal" href="aead.html">10.5. Authenticated encryption with associated data (AEAD)</a></li>
+<li class="toctree-l2 current"><a class="current reference internal" href="#">10.6. Key derivation</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#key-derivation-algorithms">10.6.1. Key derivation algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#input-step-types">10.6.2. Input step types</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#key-derivation-functions">10.6.3. Key derivation functions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#support-macros">10.6.4. Support macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="sign.html">10.7. Asymmetric signature</a></li>
+<li class="toctree-l2"><a class="reference internal" href="pke.html">10.8. Asymmetric encryption</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ka.html">10.9. Key agreement</a></li>
+<li class="toctree-l2"><a class="reference internal" href="rng.html">10.10. Other cryptographic services</a></li>
+</ul>
+</li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/ops/macs.html b/docs/1.1.0/html/api/ops/macs.html
new file mode 100644
index 0000000..d34ce9c
--- /dev/null
+++ b/docs/1.1.0/html/api/ops/macs.html
@@ -0,0 +1,906 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>10.3. Message authentication codes (MAC) — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="10.4. Unauthenticated ciphers" href="ciphers.html" />
+ <link rel="prev" title="10.2. Message digests (Hashes)" href="hashes.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="message-authentication-codes-mac">
+<span id="macs"></span><h1>10.3. Message authentication codes (MAC)</h1>
+<p>The single-part MAC functions are:</p>
+<ul class="simple">
+<li><a class="reference internal" href="#c.psa_mac_compute" title="psa_mac_compute"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_compute()</span></code></a> to calculate the MAC of a message.</li>
+<li><a class="reference internal" href="#c.psa_mac_verify" title="psa_mac_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify()</span></code></a> to compare the MAC of a message with a reference value.</li>
+</ul>
+<p>The <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_mac_operation_t</span></code></a> <a class="reference internal" href="../../overview/functionality.html#multi-part-operations"><span class="std std-ref">multi-part operation</span></a> allows messages to be processed in fragments. A multi-part MAC operation is used as follows:</p>
+<ol class="arabic simple">
+<li>Initialize the <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_mac_operation_t</span></code></a> object to zero, or by assigning the value of the associated macro <a class="reference internal" href="#c.PSA_MAC_OPERATION_INIT" title="PSA_MAC_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_MAC_OPERATION_INIT</span></code></a>.</li>
+<li>Call <a class="reference internal" href="#c.psa_mac_sign_setup" title="psa_mac_sign_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_sign_setup()</span></code></a> or <a class="reference internal" href="#c.psa_mac_verify_setup" title="psa_mac_verify_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify_setup()</span></code></a> to specify the algorithm and key.</li>
+<li>Call the <a class="reference internal" href="#c.psa_mac_update" title="psa_mac_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_update()</span></code></a> function on successive chunks of the message.</li>
+<li>At the end of the message, call the required finishing function:<ul>
+<li>To calculate the MAC of the message, call <a class="reference internal" href="#c.psa_mac_sign_finish" title="psa_mac_sign_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_sign_finish()</span></code></a>.</li>
+<li>To verify the MAC of the message against a reference value, call <a class="reference internal" href="#c.psa_mac_verify_finish" title="psa_mac_verify_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify_finish()</span></code></a>.</li>
+</ul>
+</li>
+</ol>
+<p>To abort the operation or recover from an error, call <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_abort()</span></code></a>.</p>
+<div class="section" id="mac-algorithms">
+<span id="id1"></span><h2>10.3.1. MAC algorithms</h2>
+<div class="section" id="PSA_ALG_HMAC">
+<span id="c.PSA_ALG_HMAC"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_HMAC</span></code> (macro)</h3>
+<p>Macro to build an HMAC message-authentication-code algorithm from an underlying hash algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_HMAC" title="PSA_ALG_HMAC">PSA_ALG_HMAC</a>(hash_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">hash_alg</span></code></dt>
+<dd>A hash algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding HMAC algorithm.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">hash_alg</span></code> is not a supported hash algorithm.</p>
+<p class="rubric">Description</p>
+<p>For example, <a class="reference internal" href="#c.PSA_ALG_HMAC" title="PSA_ALG_HMAC"><code class="docutils literal"><span class="pre">PSA_ALG_HMAC</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="hashes.html#c.PSA_ALG_SHA_256" title="PSA_ALG_SHA_256"><code class="docutils literal"><span class="pre">PSA_ALG_SHA_256</span></code></a><code class="docutils literal"><span class="pre">)</span></code> is HMAC-SHA-256.</p>
+<p>The HMAC construction is defined in <span><em>HMAC: Keyed-Hashing for Message Authentication</em> <a class="reference internal" href="../../about.html#citation-rfc2104"><span class="cite">[RFC2104]</span></a></span>.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_HMAC" title="PSA_KEY_TYPE_HMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_HMAC</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_CBC_MAC">
+<span id="c.PSA_ALG_CBC_MAC"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_CBC_MAC</span></code> (macro)</h3>
+<p>The CBC-MAC message-authentication-code algorithm, constructed over a block cipher.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_CBC_MAC" title="PSA_ALG_CBC_MAC">PSA_ALG_CBC_MAC</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x03c00100)
+</pre>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">CBC-MAC is insecure in many cases. A more secure mode, such as <a class="reference internal" href="#c.PSA_ALG_CMAC" title="PSA_ALG_CMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CMAC</span></code></a>, is recommended.</p>
+</div>
+<p>The CBC-MAC algorithm must be used with a key for a block cipher. For example, one of <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a>.</p>
+<p>CBC-MAC is defined as <em>MAC Algorithm 1</em> in <span><em>ISO/IEC 9797-1:2011 Information technology — Security techniques — Message Authentication Codes (MACs) — Part 1: Mechanisms using a block cipher</em> <a class="reference internal" href="../../about.html#citation-iso9797"><span class="cite">[ISO9797]</span></a></span>.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ARIA" title="PSA_KEY_TYPE_ARIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DES" title="PSA_KEY_TYPE_DES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_CAMELLIA" title="PSA_KEY_TYPE_CAMELLIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CAMELLIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_SM4" title="PSA_KEY_TYPE_SM4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_SM4</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_CMAC">
+<span id="c.PSA_ALG_CMAC"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_CMAC</span></code> (macro)</h3>
+<p>The CMAC message-authentication-code algorithm, constructed over a block cipher.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_CMAC" title="PSA_ALG_CMAC">PSA_ALG_CMAC</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x03c00200)
+</pre>
+<p>The CMAC algorithm must be used with a key for a block cipher. For example, when used with a key with type <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a>, the resulting operation is AES-CMAC.</p>
+<p>CMAC is defined in <span><em>NIST Special Publication 800-38B: Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication</em> <a class="reference internal" href="../../about.html#citation-sp800-38b"><span class="cite">[SP800-38B]</span></a></span>.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ARIA" title="PSA_KEY_TYPE_ARIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_DES" title="PSA_KEY_TYPE_DES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DES</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_CAMELLIA" title="PSA_KEY_TYPE_CAMELLIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CAMELLIA</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_SM4" title="PSA_KEY_TYPE_SM4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_SM4</span></code></a></div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_TRUNCATED_MAC">
+<span id="c.PSA_ALG_TRUNCATED_MAC"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_TRUNCATED_MAC</span></code> (macro)</h3>
+<p>Macro to build a truncated MAC algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_TRUNCATED_MAC" title="PSA_ALG_TRUNCATED_MAC">PSA_ALG_TRUNCATED_MAC</a>(mac_alg, mac_length) \
+ <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">mac_alg</span></code></dt>
+<dd>A MAC algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC"><code class="docutils literal"><span class="pre">PSA_ALG_IS_MAC</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">mac_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true. This can be a truncated or untruncated MAC algorithm.</dd>
+<dt> <code class="docutils literal"><span class="pre">mac_length</span></code></dt>
+<dd>Desired length of the truncated MAC in bytes. This must be at most the untruncated length of the MAC and must be at least an implementation-specified minimum. The implementation-specified minimum must not be zero.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding MAC algorithm with the specified length.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">mac_alg</span></code> is not a supported MAC algorithm or if <code class="docutils literal"><span class="pre">mac_length</span></code> is too small or too large for the specified MAC algorithm.</p>
+<p class="rubric">Description</p>
+<p>A truncated MAC algorithm is identical to the corresponding MAC algorithm except that the MAC value for the truncated algorithm consists of only the first <code class="docutils literal"><span class="pre">mac_length</span></code> bytes of the MAC value for the untruncated algorithm.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">This macro might allow constructing algorithm identifiers that are not valid, either because the specified length is larger than the untruncated MAC or because the specified length is smaller than permitted by the implementation.</p>
+</div>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">It is implementation-defined whether a truncated MAC that is truncated to the same length as the MAC of the untruncated algorithm is considered identical to the untruncated algorithm for policy comparison purposes.</p>
+</div>
+<p>The untruncated MAC algorithm can be recovered using <a class="reference internal" href="#c.PSA_ALG_FULL_LENGTH_MAC" title="PSA_ALG_FULL_LENGTH_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_FULL_LENGTH_MAC()</span></code></a>.</p>
+<p class="rubric">Compatible key types</p>
+<p>The resulting truncated MAC algorithm is compatible with the same key types as the MAC algorithm used to construct it.</p>
+</div>
+<div class="section" id="PSA_ALG_FULL_LENGTH_MAC">
+<span id="c.PSA_ALG_FULL_LENGTH_MAC"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_FULL_LENGTH_MAC</span></code> (macro)</h3>
+<p>Macro to construct the MAC algorithm with an untruncated MAC, from a truncated MAC algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_FULL_LENGTH_MAC" title="PSA_ALG_FULL_LENGTH_MAC">PSA_ALG_FULL_LENGTH_MAC</a>(mac_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">mac_alg</span></code></dt>
+<dd>A MAC algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC"><code class="docutils literal"><span class="pre">PSA_ALG_IS_MAC</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">mac_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true. This can be a truncated or untruncated MAC algorithm.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding MAC algorithm with an untruncated MAC.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">mac_alg</span></code> is not a supported MAC algorithm.</p>
+<p class="rubric">Compatible key types</p>
+<p>The resulting untruncated MAC algorithm is compatible with the same key types as the MAC algorithm used to construct it.</p>
+</div>
+<div class="section" id="PSA_ALG_AT_LEAST_THIS_LENGTH_MAC">
+<span id="c.PSA_ALG_AT_LEAST_THIS_LENGTH_MAC"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_AT_LEAST_THIS_LENGTH_MAC</span></code> (macro)</h3>
+<p>Macro to build a MAC minimum-MAC-length wildcard algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_AT_LEAST_THIS_LENGTH_MAC" title="PSA_ALG_AT_LEAST_THIS_LENGTH_MAC">PSA_ALG_AT_LEAST_THIS_LENGTH_MAC</a>(mac_alg, min_mac_length) \
+ <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">mac_alg</span></code></dt>
+<dd>A MAC algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC"><code class="docutils literal"><span class="pre">PSA_ALG_IS_MAC</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true. This can be a truncated or untruncated MAC algorithm.</dd>
+<dt> <code class="docutils literal"><span class="pre">min_mac_length</span></code></dt>
+<dd>Desired minimum length of the message authentication code in bytes. This must be at most the untruncated length of the MAC and must be at least <code class="docutils literal"><span class="pre">1</span></code>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding MAC wildcard algorithm with the specified minimum MAC length.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">mac_alg</span></code> is not a supported MAC algorithm or if <code class="docutils literal"><span class="pre">min_mac_length</span></code> is less than <code class="docutils literal"><span class="pre">1</span></code> or too large for the specified MAC algorithm.</p>
+<p class="rubric">Description</p>
+<p>A key with a minimum-MAC-length MAC wildcard algorithm as permitted algorithm policy can be used with all MAC algorithms sharing the same base algorithm, and where the (potentially truncated) MAC length of the specific algorithm is equal to or larger then the wildcard algorithm’s minimum MAC length.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">When setting the minimum required MAC length to less than the smallest MAC length allowed by the base algorithm, this effectively becomes an ‘any-MAC-length-allowed’ policy for that base algorithm.</p>
+</div>
+<p>The untruncated MAC algorithm can be recovered using <a class="reference internal" href="#c.PSA_ALG_FULL_LENGTH_MAC" title="PSA_ALG_FULL_LENGTH_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_FULL_LENGTH_MAC()</span></code></a>.</p>
+<p class="rubric">Compatible key types</p>
+<p>The resulting wildcard MAC algorithm is compatible with the same key types as the MAC algorithm used to construct it.</p>
+</div>
+</div>
+<div class="section" id="single-part-mac-functions">
+<h2>10.3.2. Single-part MAC functions</h2>
+<div class="section" id="psa_mac_compute">
+<span id="c.psa_mac_compute"></span><h3><code class="docutils literal"><span class="pre">psa_mac_compute</span></code> (function)</h3>
+<p>Calculate the message authentication code (MAC) of a message.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_mac_compute" title="psa_mac_compute">psa_mac_compute</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ uint8_t * mac,
+ size_t mac_size,
+ size_t * mac_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to use for the operation.
+It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The MAC algorithm to compute: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC"><code class="docutils literal"><span class="pre">PSA_ALG_IS_MAC</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">input</span></code></dt>
+<dd>Buffer containing the input message.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">input</span></code> buffer in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">mac</span></code></dt>
+<dd>Buffer where the MAC value is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">mac_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">mac</span></code> buffer in bytes.
+This must be appropriate for the selected algorithm and key:</p>
+<ul class="last simple">
+<li>The exact MAC size is <a class="reference internal" href="#c.PSA_MAC_LENGTH" title="PSA_MAC_LENGTH"><code class="docutils literal"><span class="pre">PSA_MAC_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">key_bits</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> and <code class="docutils literal"><span class="pre">key_bits</span></code> are attributes of the key used to compute the MAC.</li>
+<li><a class="reference internal" href="#c.PSA_MAC_MAX_SIZE" title="PSA_MAC_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_MAC_MAX_SIZE</span></code></a> evaluates to the maximum MAC size of any supported MAC algorithm.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">mac_length</span></code></dt>
+<dd>On success, the number of bytes that make up the MAC value.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*mac_length)</span></code> bytes of <code class="docutils literal"><span class="pre">mac</span></code> contain the MAC value.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">mac</span></code> buffer is too small.
+<a class="reference internal" href="#c.PSA_MAC_LENGTH" title="PSA_MAC_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_MAC_LENGTH()</span></code></a> or <a class="reference internal" href="#c.PSA_MAC_MAX_SIZE" title="PSA_MAC_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_MAC_MAX_SIZE</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not a MAC algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> is too large for <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not a MAC algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> is too large for the implementation.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">To verify the MAC of a message against an expected value, use <a class="reference internal" href="#c.psa_mac_verify" title="psa_mac_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify()</span></code></a> instead. Beware that comparing integrity or authenticity data such as MAC values with a function such as <code class="docutils literal"><span class="pre">memcmp()</span></code> is risky because the time taken by the comparison might leak information about the MAC value which could allow an attacker to guess a valid MAC and thereby bypass security controls.</p>
+</div>
+</div>
+<div class="section" id="psa_mac_verify">
+<span id="c.psa_mac_verify"></span><h3><code class="docutils literal"><span class="pre">psa_mac_verify</span></code> (function)</h3>
+<p>Calculate the MAC of a message and compare it with a reference value.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_mac_verify" title="psa_mac_verify">psa_mac_verify</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ const uint8_t * mac,
+ size_t mac_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to use for the operation.
+It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The MAC algorithm to compute: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC"><code class="docutils literal"><span class="pre">PSA_ALG_IS_MAC</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">input</span></code></dt>
+<dd>Buffer containing the input message.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">input</span></code> buffer in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">mac</span></code></dt>
+<dd>Buffer containing the expected MAC value.</dd>
+<dt> <code class="docutils literal"><span class="pre">mac_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">mac</span></code> buffer in bytes.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The expected MAC is identical to the actual MAC of the input.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a></dt>
+<dd>The calculated MAC of the message does not match the value in <code class="docutils literal"><span class="pre">mac</span></code>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not a MAC algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> is too large for <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not a MAC algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> is too large for the implementation.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+</div>
+</div>
+<div class="section" id="multi-part-mac-operations">
+<h2>10.3.3. Multi-part MAC operations</h2>
+<div class="section" id="psa_mac_operation_t">
+<span id="c.psa_mac_operation_t"></span><h3><code class="docutils literal"><span class="pre">psa_mac_operation_t</span></code> (type)</h3>
+<p>The type of the state object for multi-part MAC operations.</p>
+<pre class="literal-block">
+typedef <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-type"><span class="std std-ref">/* implementation-defined type */</span></a></em> <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a>;
+</pre>
+<p>Before calling any function on a MAC operation object, the application must initialize it by any of the following means:</p>
+<ul>
+<li><p class="first">Set the object to all-bits-zero, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> operation;
+memset(&operation, 0, sizeof(operation));
+</pre>
+</li>
+<li><p class="first">Initialize the object to logical zero values by declaring the object as static or global without an explicit initializer, for example:</p>
+<pre class="literal-block">
+static <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> operation;
+</pre>
+</li>
+<li><p class="first">Initialize the object to the initializer <a class="reference internal" href="#c.PSA_MAC_OPERATION_INIT" title="PSA_MAC_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_MAC_OPERATION_INIT</span></code></a>, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> operation = <a class="reference internal" href="#c.PSA_MAC_OPERATION_INIT" title="PSA_MAC_OPERATION_INIT">PSA_MAC_OPERATION_INIT</a>;
+</pre>
+</li>
+<li><p class="first">Assign the result of the function <a class="reference internal" href="#c.psa_mac_operation_init" title="psa_mac_operation_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_operation_init()</span></code></a> to the object, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> operation;
+operation = <a class="reference internal" href="#c.psa_mac_operation_init" title="psa_mac_operation_init">psa_mac_operation_init</a>();
+</pre>
+</li>
+</ul>
+<p>This is an implementation-defined type. Applications that make assumptions about the content of this object will result in in implementation-specific behavior, and are non-portable.</p>
+</div>
+<div class="section" id="PSA_MAC_OPERATION_INIT">
+<span id="c.PSA_MAC_OPERATION_INIT"></span><h3><code class="docutils literal"><span class="pre">PSA_MAC_OPERATION_INIT</span></code> (macro)</h3>
+<p>This macro returns a suitable initializer for a MAC operation object of type <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_mac_operation_t</span></code></a>.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_MAC_OPERATION_INIT" title="PSA_MAC_OPERATION_INIT">PSA_MAC_OPERATION_INIT</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+</div>
+<div class="section" id="psa_mac_operation_init">
+<span id="c.psa_mac_operation_init"></span><h3><code class="docutils literal"><span class="pre">psa_mac_operation_init</span></code> (function)</h3>
+<p>Return an initial value for a MAC operation object.</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> <a class="reference internal" href="#c.psa_mac_operation_init" title="psa_mac_operation_init">psa_mac_operation_init</a>(void);
+</pre>
+<p class="rubric">Returns: <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t"><code class="docutils literal"><span class="pre">psa_mac_operation_t</span></code></a></p>
+</div>
+<div class="section" id="psa_mac_sign_setup">
+<span id="c.psa_mac_sign_setup"></span><h3><code class="docutils literal"><span class="pre">psa_mac_sign_setup</span></code> (function)</h3>
+<p>Set up a multi-part MAC calculation operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_mac_sign_setup" title="psa_mac_sign_setup">psa_mac_sign_setup</a>(<a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation,
+ <a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The operation object to set up. It must have been initialized as per the documentation for <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_mac_operation_t</span></code></a> and not yet in use.</dd>
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to use for the operation. It must remain valid until the operation terminates.
+It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The MAC algorithm to compute: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC"><code class="docutils literal"><span class="pre">PSA_ALG_IS_MAC</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be inactive.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not a MAC algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not a MAC algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>This function sets up the calculation of the message authentication code (MAC) of a byte string. To verify the MAC of a message against an expected value, use <a class="reference internal" href="#c.psa_mac_verify_setup" title="psa_mac_verify_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify_setup()</span></code></a> instead.</p>
+<p>The sequence of operations to calculate a MAC is as follows:</p>
+<ol class="arabic simple">
+<li>Allocate an operation object which will be passed to all the functions listed here.</li>
+<li>Initialize the operation object with one of the methods described in the documentation for <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_mac_operation_t</span></code></a>, e.g. <a class="reference internal" href="#c.PSA_MAC_OPERATION_INIT" title="PSA_MAC_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_MAC_OPERATION_INIT</span></code></a>.</li>
+<li>Call <a class="reference internal" href="#c.psa_mac_sign_setup" title="psa_mac_sign_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_sign_setup()</span></code></a> to specify the algorithm and key.</li>
+<li>Call <a class="reference internal" href="#c.psa_mac_update" title="psa_mac_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_update()</span></code></a> zero, one or more times, passing a fragment of the message each time. The MAC that is calculated is the MAC of the concatenation of these messages in order.</li>
+<li>At the end of the message, call <a class="reference internal" href="#c.psa_mac_sign_finish" title="psa_mac_sign_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_sign_finish()</span></code></a> to finish calculating the MAC value and retrieve it.</li>
+</ol>
+<p>If an error occurs at any step after a call to <a class="reference internal" href="#c.psa_mac_sign_setup" title="psa_mac_sign_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_sign_setup()</span></code></a>, the operation will need to be reset by a call to <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_abort()</span></code></a>. The application can call <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_abort()</span></code></a> at any time after the operation has been initialized.</p>
+<p>After a successful call to <a class="reference internal" href="#c.psa_mac_sign_setup" title="psa_mac_sign_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_sign_setup()</span></code></a>, the application must eventually terminate the operation through one of the following methods:</p>
+<ul class="simple">
+<li>A successful call to <a class="reference internal" href="#c.psa_mac_sign_finish" title="psa_mac_sign_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_sign_finish()</span></code></a>.</li>
+<li>A call to <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_abort()</span></code></a>.</li>
+</ul>
+</div>
+<div class="section" id="psa_mac_verify_setup">
+<span id="c.psa_mac_verify_setup"></span><h3><code class="docutils literal"><span class="pre">psa_mac_verify_setup</span></code> (function)</h3>
+<p>Set up a multi-part MAC verification operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_mac_verify_setup" title="psa_mac_verify_setup">psa_mac_verify_setup</a>(<a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation,
+ <a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>The operation object to set up. It must have been initialized as per the documentation for <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_mac_operation_t</span></code></a> and not yet in use.</dd>
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to use for the operation. It must remain valid until the operation terminates.
+It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The MAC algorithm to compute: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC"><code class="docutils literal"><span class="pre">PSA_ALG_IS_MAC</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be inactive.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not a MAC algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not a MAC algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>This function sets up the verification of the message authentication code (MAC) of a byte string against an expected value.</p>
+<p>The sequence of operations to verify a MAC is as follows:</p>
+<ol class="arabic simple">
+<li>Allocate an operation object which will be passed to all the functions listed here.</li>
+<li>Initialize the operation object with one of the methods described in the documentation for <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_mac_operation_t</span></code></a>, e.g. <a class="reference internal" href="#c.PSA_MAC_OPERATION_INIT" title="PSA_MAC_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_MAC_OPERATION_INIT</span></code></a>.</li>
+<li>Call <a class="reference internal" href="#c.psa_mac_verify_setup" title="psa_mac_verify_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify_setup()</span></code></a> to specify the algorithm and key.</li>
+<li>Call <a class="reference internal" href="#c.psa_mac_update" title="psa_mac_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_update()</span></code></a> zero, one or more times, passing a fragment of the message each time. The MAC that is calculated is the MAC of the concatenation of these messages in order.</li>
+<li>At the end of the message, call <a class="reference internal" href="#c.psa_mac_verify_finish" title="psa_mac_verify_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify_finish()</span></code></a> to finish calculating the actual MAC of the message and verify it against the expected value.</li>
+</ol>
+<p>If an error occurs at any step after a call to <a class="reference internal" href="#c.psa_mac_verify_setup" title="psa_mac_verify_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify_setup()</span></code></a>, the operation will need to be reset by a call to <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_abort()</span></code></a>. The application can call <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_abort()</span></code></a> at any time after the operation has been initialized.</p>
+<p>After a successful call to <a class="reference internal" href="#c.psa_mac_verify_setup" title="psa_mac_verify_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify_setup()</span></code></a>, the application must eventually terminate the operation through one of the following methods:</p>
+<ul class="simple">
+<li>A successful call to <a class="reference internal" href="#c.psa_mac_verify_finish" title="psa_mac_verify_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify_finish()</span></code></a>.</li>
+<li>A call to <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_abort()</span></code></a>.</li>
+</ul>
+</div>
+<div class="section" id="psa_mac_update">
+<span id="c.psa_mac_update"></span><h3><code class="docutils literal"><span class="pre">psa_mac_update</span></code> (function)</h3>
+<p>Add a message fragment to a multi-part MAC operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_mac_update" title="psa_mac_update">psa_mac_update</a>(<a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation,
+ const uint8_t * input,
+ size_t input_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active MAC operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">input</span></code></dt>
+<dd>Buffer containing the message fragment to add to the MAC calculation.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">input</span></code> buffer in bytes.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be active.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd>The total input for the operation is too large for the MAC algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd>The total input for the operation is too large for the implementation.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The application must call <a class="reference internal" href="#c.psa_mac_sign_setup" title="psa_mac_sign_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_sign_setup()</span></code></a> or <a class="reference internal" href="#c.psa_mac_verify_setup" title="psa_mac_verify_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify_setup()</span></code></a> before calling this function.</p>
+<p>If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_abort()</span></code></a>.</p>
+</div>
+<div class="section" id="psa_mac_sign_finish">
+<span id="c.psa_mac_sign_finish"></span><h3><code class="docutils literal"><span class="pre">psa_mac_sign_finish</span></code> (function)</h3>
+<p>Finish the calculation of the MAC of a message.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_mac_sign_finish" title="psa_mac_sign_finish">psa_mac_sign_finish</a>(<a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation,
+ uint8_t * mac,
+ size_t mac_size,
+ size_t * mac_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active MAC operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">mac</span></code></dt>
+<dd>Buffer where the MAC value is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">mac_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">mac</span></code> buffer in bytes.
+This must be appropriate for the selected algorithm and key:</p>
+<ul class="last simple">
+<li>The exact MAC size is <a class="reference internal" href="#c.PSA_MAC_LENGTH" title="PSA_MAC_LENGTH"><code class="docutils literal"><span class="pre">PSA_MAC_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">key_bits</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> and <code class="docutils literal"><span class="pre">key_bits</span></code> are attributes of the key, and <code class="docutils literal"><span class="pre">alg</span></code> is the algorithm used to compute the MAC.</li>
+<li><a class="reference internal" href="#c.PSA_MAC_MAX_SIZE" title="PSA_MAC_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_MAC_MAX_SIZE</span></code></a> evaluates to the maximum MAC size of any supported MAC algorithm.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">mac_length</span></code></dt>
+<dd>On success, the number of bytes that make up the MAC value.
+This is always <a class="reference internal" href="#c.PSA_MAC_LENGTH" title="PSA_MAC_LENGTH"><code class="docutils literal"><span class="pre">PSA_MAC_LENGTH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">key_bits</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> and <code class="docutils literal"><span class="pre">key_bits</span></code> are attributes of the key, and <code class="docutils literal"><span class="pre">alg</span></code> is the algorithm used to compute the MAC.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*mac_length)</span></code> bytes of <code class="docutils literal"><span class="pre">mac</span></code> contain the MAC value.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be an active mac sign operation.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">mac</span></code> buffer is too small.
+<a class="reference internal" href="#c.PSA_MAC_LENGTH" title="PSA_MAC_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_MAC_LENGTH()</span></code></a> or <a class="reference internal" href="#c.PSA_MAC_MAX_SIZE" title="PSA_MAC_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_MAC_MAX_SIZE</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The application must call <a class="reference internal" href="#c.psa_mac_sign_setup" title="psa_mac_sign_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_sign_setup()</span></code></a> before calling this function. This function calculates the MAC of the message formed by concatenating the inputs passed to preceding calls to <a class="reference internal" href="#c.psa_mac_update" title="psa_mac_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_update()</span></code></a>.</p>
+<p>When this function returns successfully, the operation becomes inactive. If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_abort()</span></code></a>.</p>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p>It is not recommended to use this function when a specific value is expected for the MAC. Call <a class="reference internal" href="#c.psa_mac_verify_finish" title="psa_mac_verify_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify_finish()</span></code></a> instead with the expected MAC value.</p>
+<p class="last">Comparing integrity or authenticity data such as MAC values with a function such as <code class="docutils literal"><span class="pre">memcmp()</span></code> is risky because the time taken by the comparison might leak information about the hashed data which could allow an attacker to guess a valid MAC and thereby bypass security controls.</p>
+</div>
+</div>
+<div class="section" id="psa_mac_verify_finish">
+<span id="c.psa_mac_verify_finish"></span><h3><code class="docutils literal"><span class="pre">psa_mac_verify_finish</span></code> (function)</h3>
+<p>Finish the calculation of the MAC of a message and compare it with an expected value.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_mac_verify_finish" title="psa_mac_verify_finish">psa_mac_verify_finish</a>(<a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation,
+ const uint8_t * mac,
+ size_t mac_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Active MAC operation.</dd>
+<dt> <code class="docutils literal"><span class="pre">mac</span></code></dt>
+<dd>Buffer containing the expected MAC value.</dd>
+<dt> <code class="docutils literal"><span class="pre">mac_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">mac</span></code> buffer in bytes.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The expected MAC is identical to the actual MAC of the message.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li>The operation state is not valid: it must be an active mac verify operation.</li>
+<li>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a></dt>
+<dd>The calculated MAC of the message does not match the value in <code class="docutils literal"><span class="pre">mac</span></code>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>The application must call <a class="reference internal" href="#c.psa_mac_verify_setup" title="psa_mac_verify_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify_setup()</span></code></a> before calling this function. This function calculates the MAC of the message formed by concatenating the inputs passed to preceding calls to <a class="reference internal" href="#c.psa_mac_update" title="psa_mac_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_update()</span></code></a>. It then compares the calculated MAC with the expected MAC passed as a parameter to this function.</p>
+<p>When this function returns successfully, the operation becomes inactive. If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_abort()</span></code></a>.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">Implementations must make the best effort to ensure that the comparison between the actual MAC and the expected MAC is performed in constant time.</p>
+</div>
+</div>
+<div class="section" id="psa_mac_abort">
+<span id="c.psa_mac_abort"></span><h3><code class="docutils literal"><span class="pre">psa_mac_abort</span></code> (function)</h3>
+<p>Abort a MAC operation.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort">psa_mac_abort</a>(<a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">operation</span></code></dt>
+<dd>Initialized MAC operation.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The operation object can now be discarded or reused.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>Aborting an operation frees all associated resources except for the <code class="docutils literal"><span class="pre">operation</span></code> object itself. Once aborted, the operation object can be reused for another operation by calling <a class="reference internal" href="#c.psa_mac_sign_setup" title="psa_mac_sign_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_sign_setup()</span></code></a> or <a class="reference internal" href="#c.psa_mac_verify_setup" title="psa_mac_verify_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify_setup()</span></code></a> again.</p>
+<p>This function can be called any time after the operation object has been initialized by one of the methods described in <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_mac_operation_t</span></code></a>.</p>
+<p>In particular, calling <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_abort()</span></code></a> after the operation has been terminated by a call to <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_abort()</span></code></a>, <a class="reference internal" href="#c.psa_mac_sign_finish" title="psa_mac_sign_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_sign_finish()</span></code></a> or <a class="reference internal" href="#c.psa_mac_verify_finish" title="psa_mac_verify_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify_finish()</span></code></a> is safe and has no effect.</p>
+</div>
+</div>
+<div class="section" id="support-macros">
+<h2>10.3.4. Support macros</h2>
+<div class="section" id="PSA_ALG_IS_HMAC">
+<span id="c.PSA_ALG_IS_HMAC"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_HMAC</span></code> (macro)</h3>
+<p>Whether the specified algorithm is an HMAC algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_HMAC" title="PSA_ALG_IS_HMAC">PSA_ALG_IS_HMAC</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is an HMAC algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>HMAC is a family of MAC algorithms that are based on a hash function.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_BLOCK_CIPHER_MAC">
+<span id="c.PSA_ALG_IS_BLOCK_CIPHER_MAC"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_BLOCK_CIPHER_MAC</span></code> (macro)</h3>
+<p>Whether the specified algorithm is a MAC algorithm based on a block cipher.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_BLOCK_CIPHER_MAC" title="PSA_ALG_IS_BLOCK_CIPHER_MAC">PSA_ALG_IS_BLOCK_CIPHER_MAC</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a MAC algorithm based on a block cipher, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+</div>
+<div class="section" id="PSA_MAC_LENGTH">
+<span id="c.PSA_MAC_LENGTH"></span><h3><code class="docutils literal"><span class="pre">PSA_MAC_LENGTH</span></code> (macro)</h3>
+<p>The size of the output of <a class="reference internal" href="#c.psa_mac_compute" title="psa_mac_compute"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_compute()</span></code></a> and <a class="reference internal" href="#c.psa_mac_sign_finish" title="psa_mac_sign_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_sign_finish()</span></code></a>, in bytes.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_MAC_LENGTH" title="PSA_MAC_LENGTH">PSA_MAC_LENGTH</a>(key_type, key_bits, alg) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>The type of the MAC key.</dd>
+<dt> <code class="docutils literal"><span class="pre">key_bits</span></code></dt>
+<dd>The size of the MAC key in bits.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>A MAC algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC"><code class="docutils literal"><span class="pre">PSA_ALG_IS_MAC</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The MAC length for the specified algorithm with the specified key parameters.</p>
+<p><code class="docutils literal"><span class="pre">0</span></code> if the MAC algorithm is not recognized.</p>
+<p>Either <code class="docutils literal"><span class="pre">0</span></code> or the correct length for a MAC algorithm that the implementation recognizes, but does not support.</p>
+<p>Unspecified if the key parameters are not consistent with the algorithm.</p>
+<p class="rubric">Description</p>
+<p>If the size of the MAC buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_mac_compute" title="psa_mac_compute"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_compute()</span></code></a> and <a class="reference internal" href="#c.psa_mac_sign_finish" title="psa_mac_sign_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_sign_finish()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>This is also the MAC length that <a class="reference internal" href="#c.psa_mac_verify" title="psa_mac_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify()</span></code></a> and <a class="reference internal" href="#c.psa_mac_verify_finish" title="psa_mac_verify_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify_finish()</span></code></a> expect.</p>
+<p>See also <a class="reference internal" href="#c.PSA_MAC_MAX_SIZE" title="PSA_MAC_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_MAC_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_MAC_MAX_SIZE">
+<span id="c.PSA_MAC_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_MAC_MAX_SIZE</span></code> (macro)</h3>
+<p>A sufficient buffer size for storing the MAC output by <a class="reference internal" href="#c.psa_mac_verify" title="psa_mac_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify()</span></code></a> and <a class="reference internal" href="#c.psa_mac_verify_finish" title="psa_mac_verify_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify_finish()</span></code></a>, for any of the supported key types and MAC algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_MAC_MAX_SIZE" title="PSA_MAC_MAX_SIZE">PSA_MAC_MAX_SIZE</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>If the size of the MAC buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_mac_verify" title="psa_mac_verify"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify()</span></code></a> and <a class="reference internal" href="#c.psa_mac_verify_finish" title="psa_mac_verify_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_mac_verify_finish()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_MAC_LENGTH" title="PSA_MAC_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_MAC_LENGTH()</span></code></a>.</p>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">10. Cryptographic operation reference</a><ul class="current">
+<li class="toctree-l2"><a class="reference internal" href="algorithms.html">10.1. Algorithms</a></li>
+<li class="toctree-l2"><a class="reference internal" href="hashes.html">10.2. Message digests (Hashes)</a></li>
+<li class="toctree-l2 current"><a class="current reference internal" href="#">10.3. Message authentication codes (MAC)</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#mac-algorithms">10.3.1. MAC algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#single-part-mac-functions">10.3.2. Single-part MAC functions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#multi-part-mac-operations">10.3.3. Multi-part MAC operations</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#support-macros">10.3.4. Support macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="ciphers.html">10.4. Unauthenticated ciphers</a></li>
+<li class="toctree-l2"><a class="reference internal" href="aead.html">10.5. Authenticated encryption with associated data (AEAD)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="kdf.html">10.6. Key derivation</a></li>
+<li class="toctree-l2"><a class="reference internal" href="sign.html">10.7. Asymmetric signature</a></li>
+<li class="toctree-l2"><a class="reference internal" href="pke.html">10.8. Asymmetric encryption</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ka.html">10.9. Key agreement</a></li>
+<li class="toctree-l2"><a class="reference internal" href="rng.html">10.10. Other cryptographic services</a></li>
+</ul>
+</li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/ops/pke.html b/docs/1.1.0/html/api/ops/pke.html
new file mode 100644
index 0000000..d56d46e
--- /dev/null
+++ b/docs/1.1.0/html/api/ops/pke.html
@@ -0,0 +1,442 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>10.8. Asymmetric encryption — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="10.9. Key agreement" href="ka.html" />
+ <link rel="prev" title="10.7. Asymmetric signature" href="sign.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="asymmetric-encryption">
+<span id="pke"></span><h1>10.8. Asymmetric encryption</h1>
+<p>Asymmetric encryption is provided through the functions <a class="reference internal" href="#c.psa_asymmetric_encrypt" title="psa_asymmetric_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_asymmetric_encrypt()</span></code></a> and <a class="reference internal" href="#c.psa_asymmetric_decrypt" title="psa_asymmetric_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_asymmetric_decrypt()</span></code></a>.</p>
+<div class="section" id="asymmetric-encryption-algorithms">
+<span id="id1"></span><h2>10.8.1. Asymmetric encryption algorithms</h2>
+<div class="section" id="PSA_ALG_RSA_PKCS1V15_CRYPT">
+<span id="c.PSA_ALG_RSA_PKCS1V15_CRYPT"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_CRYPT</span></code> (macro)</h3>
+<p>The RSA PKCS#1 v1.5 asymmetric encryption algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_RSA_PKCS1V15_CRYPT" title="PSA_ALG_RSA_PKCS1V15_CRYPT">PSA_ALG_RSA_PKCS1V15_CRYPT</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x07000200)
+</pre>
+<p>This encryption scheme is defined by <span><em>PKCS #1: RSA Cryptography Specifications Version 2.2</em> <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html#section-7.2">§7.2</a> under the name RSAES-PKCS-v1_5.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RSA_KEY_PAIR" title="PSA_KEY_TYPE_RSA_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_KEY_PAIR</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RSA_PUBLIC_KEY" title="PSA_KEY_TYPE_RSA_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_PUBLIC_KEY</span></code></a> (asymmetric encryption only)</div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_RSA_OAEP">
+<span id="c.PSA_ALG_RSA_OAEP"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_RSA_OAEP</span></code> (macro)</h3>
+<p>The RSA OAEP asymmetric encryption algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_RSA_OAEP" title="PSA_ALG_RSA_OAEP">PSA_ALG_RSA_OAEP</a>(hash_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">hash_alg</span></code></dt>
+<dd>A hash algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true. The hash algorithm is used for <em>MGF1</em>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding RSA OAEP encryption algorithm.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">hash_alg</span></code> is not a supported hash algorithm.</p>
+<p class="rubric">Description</p>
+<p>This encryption scheme is defined by <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html#section-7.1">§7.1</a> under the name RSAES-OAEP, with the following options:</p>
+<ul class="simple">
+<li>The mask generation function <em>MGF1</em> defined in <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html#appendix-B.2.1">Appendix B.2.1</a>.</li>
+<li>The specified hash algorithm is used to hash the label, and for the mask generation function.</li>
+</ul>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RSA_KEY_PAIR" title="PSA_KEY_TYPE_RSA_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_KEY_PAIR</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RSA_PUBLIC_KEY" title="PSA_KEY_TYPE_RSA_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_PUBLIC_KEY</span></code></a> (asymmetric encryption only)</div>
+</div>
+</div>
+</div>
+<div class="section" id="asymmetric-encryption-functions">
+<h2>10.8.2. Asymmetric encryption functions</h2>
+<div class="section" id="psa_asymmetric_encrypt">
+<span id="c.psa_asymmetric_encrypt"></span><h3><code class="docutils literal"><span class="pre">psa_asymmetric_encrypt</span></code> (function)</h3>
+<p>Encrypt a short message with a public key.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_asymmetric_encrypt" title="psa_asymmetric_encrypt">psa_asymmetric_encrypt</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ const uint8_t * salt,
+ size_t salt_length,
+ uint8_t * output,
+ size_t output_size,
+ size_t * output_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifer of the key to use for the operation. It must be a public key or an asymmetric key pair.
+It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_ENCRYPT" title="PSA_KEY_USAGE_ENCRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_ENCRYPT</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The asymmetric encryption algorithm to compute: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_ASYMMETRIC_ENCRYPTION" title="PSA_ALG_IS_ASYMMETRIC_ENCRYPTION"><code class="docutils literal"><span class="pre">PSA_ALG_IS_ASYMMETRIC_ENCRYPTION</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">input</span></code></dt>
+<dd>The message to encrypt.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">input</span></code> buffer in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">salt</span></code></dt>
+<dd>A salt or label, if supported by the encryption algorithm. If the algorithm does not support a salt, pass <code class="docutils literal"><span class="pre">NULL</span></code>. If the algorithm supports an optional salt, pass <code class="docutils literal"><span class="pre">NULL</span></code> to indicate that there is no salt.</dd>
+<dt> <code class="docutils literal"><span class="pre">salt_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">salt</span></code> buffer in bytes. If <code class="docutils literal"><span class="pre">salt</span></code> is <code class="docutils literal"><span class="pre">NULL</span></code>, pass <code class="docutils literal"><span class="pre">0</span></code>.</dd>
+<dt> <code class="docutils literal"><span class="pre">output</span></code></dt>
+<dd>Buffer where the encrypted message is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">output_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">output</span></code> buffer in bytes.
+This must be appropriate for the selected algorithm and key:</p>
+<ul class="last simple">
+<li>The required output size is <a class="reference internal" href="#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE" title="PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">key_bits</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> and <code class="docutils literal"><span class="pre">key_bits</span></code> are the type and bit-size respectively of <code class="docutils literal"><span class="pre">key</span></code>.</li>
+<li><a class="reference internal" href="#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE</span></code></a> evaluates to the maximum output size of any supported asymmetric encryption.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">output_length</span></code></dt>
+<dd>On success, the number of bytes that make up the returned output.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*output_length)</span></code> bytes of <code class="docutils literal"><span class="pre">output</span></code> contain the encrypted output.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_ENCRYPT" title="PSA_KEY_USAGE_ENCRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_ENCRYPT</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">output</span></code> buffer is too small.
+<a class="reference internal" href="#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE" title="PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not an asymmetric encryption algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not a public key or an asymmetric key pair, that is compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> is not valid for the algorithm and key type.</li>
+<li><code class="docutils literal"><span class="pre">salt_length</span></code> is not valid for the algorithm and key type.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not an asymmetric encryption algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> or <code class="docutils literal"><span class="pre">salt_length</span></code> are too large for the implementation.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_ENTROPY" title="PSA_ERROR_INSUFFICIENT_ENTROPY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_ENTROPY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<ul class="simple">
+<li>For <a class="reference internal" href="#c.PSA_ALG_RSA_PKCS1V15_CRYPT" title="PSA_ALG_RSA_PKCS1V15_CRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_CRYPT</span></code></a>, no salt is supported.</li>
+</ul>
+</div>
+<div class="section" id="psa_asymmetric_decrypt">
+<span id="c.psa_asymmetric_decrypt"></span><h3><code class="docutils literal"><span class="pre">psa_asymmetric_decrypt</span></code> (function)</h3>
+<p>Decrypt a short message with a private key.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_asymmetric_decrypt" title="psa_asymmetric_decrypt">psa_asymmetric_decrypt</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ const uint8_t * salt,
+ size_t salt_length,
+ uint8_t * output,
+ size_t output_size,
+ size_t * output_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to use for the operation. It must be an asymmetric key pair.
+It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DECRYPT" title="PSA_KEY_USAGE_DECRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DECRYPT</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The asymmetric encryption algorithm to compute: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_ASYMMETRIC_ENCRYPTION" title="PSA_ALG_IS_ASYMMETRIC_ENCRYPTION"><code class="docutils literal"><span class="pre">PSA_ALG_IS_ASYMMETRIC_ENCRYPTION</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">input</span></code></dt>
+<dd>The message to decrypt.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">input</span></code> buffer in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">salt</span></code></dt>
+<dd>A salt or label, if supported by the encryption algorithm. If the algorithm does not support a salt, pass <code class="docutils literal"><span class="pre">NULL</span></code>. If the algorithm supports an optional salt, pass <code class="docutils literal"><span class="pre">NULL</span></code> to indicate that there is no salt.</dd>
+<dt> <code class="docutils literal"><span class="pre">salt_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">salt</span></code> buffer in bytes. If <code class="docutils literal"><span class="pre">salt</span></code> is <code class="docutils literal"><span class="pre">NULL</span></code>, pass <code class="docutils literal"><span class="pre">0</span></code>.</dd>
+<dt> <code class="docutils literal"><span class="pre">output</span></code></dt>
+<dd>Buffer where the decrypted message is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">output_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">output</span></code> buffer in bytes.
+This must be appropriate for the selected algorithm and key:</p>
+<ul class="last simple">
+<li>The required output size is <a class="reference internal" href="#c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE" title="PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">key_bits</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> and <code class="docutils literal"><span class="pre">key_bits</span></code> are the type and bit-size respectively of <code class="docutils literal"><span class="pre">key</span></code>.</li>
+<li><a class="reference internal" href="#c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE</span></code></a> evaluates to the maximum output size of any supported asymmetric decryption.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">output_length</span></code></dt>
+<dd>On success, the number of bytes that make up the returned output.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*output_length)</span></code> bytes of <code class="docutils literal"><span class="pre">output</span></code> contain the decrypted output.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_DECRYPT" title="PSA_KEY_USAGE_DECRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DECRYPT</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">output</span></code> buffer is too small.
+<a class="reference internal" href="#c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE" title="PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_PADDING" title="PSA_ERROR_INVALID_PADDING"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_PADDING</span></code></a></dt>
+<dd>The algorithm uses padding, and the input does not contain valid padding.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not an asymmetric encryption algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not an asymmetric key pair, that is compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> is not valid for the algorithm and key type.</li>
+<li><code class="docutils literal"><span class="pre">salt_length</span></code> is not valid for the algorithm and key type.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not an asymmetric encryption algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> or <code class="docutils literal"><span class="pre">salt_length</span></code> are too large for the implementation.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_ENTROPY" title="PSA_ERROR_INSUFFICIENT_ENTROPY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_ENTROPY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<ul class="simple">
+<li>For <a class="reference internal" href="#c.PSA_ALG_RSA_PKCS1V15_CRYPT" title="PSA_ALG_RSA_PKCS1V15_CRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_CRYPT</span></code></a>, no salt is supported.</li>
+</ul>
+</div>
+</div>
+<div class="section" id="support-macros">
+<h2>10.8.3. Support macros</h2>
+<div class="section" id="PSA_ALG_IS_RSA_OAEP">
+<span id="c.PSA_ALG_IS_RSA_OAEP"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_RSA_OAEP</span></code> (macro)</h3>
+<p>Whether the specified algorithm is an RSA OAEP encryption algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_RSA_OAEP" title="PSA_ALG_IS_RSA_OAEP">PSA_ALG_IS_RSA_OAEP</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is an RSA OAEP algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise.</p>
+<p>This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+</div>
+<div class="section" id="PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE">
+<span id="c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE</span></code> (macro)</h3>
+<p>Sufficient output buffer size for <a class="reference internal" href="#c.psa_asymmetric_encrypt" title="psa_asymmetric_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_asymmetric_encrypt()</span></code></a>.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE" title="PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE">PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE</a>(key_type, key_bits, alg) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>An asymmetric key type, either a key pair or a public key.</dd>
+<dt> <code class="docutils literal"><span class="pre">key_bits</span></code></dt>
+<dd>The size of the key in bits.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An asymmetric encryption algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_ASYMMETRIC_ENCRYPTION" title="PSA_ALG_IS_ASYMMETRIC_ENCRYPTION"><code class="docutils literal"><span class="pre">PSA_ALG_IS_ASYMMETRIC_ENCRYPTION</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>A sufficient output buffer size for the specified asymmetric encryption algorithm and key parameters. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or a correct size for an asymmetric encryption algorithm and key parameters that it recognizes, but does not support. If the parameters are not valid, the return value is unspecified.</p>
+<p class="rubric">Description</p>
+<p>If the size of the output buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_asymmetric_encrypt" title="psa_asymmetric_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_asymmetric_encrypt()</span></code></a> will not fail due to an insufficient buffer size. The actual size of the output might be smaller in any given call.</p>
+<p>See also <a class="reference internal" href="#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE">
+<span id="c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE</span></code> (macro)</h3>
+<p>A sufficient output buffer size for <a class="reference internal" href="#c.psa_asymmetric_encrypt" title="psa_asymmetric_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_asymmetric_encrypt()</span></code></a>, for any of the supported key types and asymmetric encryption algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE">PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE</a> \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>If the size of the output buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_asymmetric_encrypt" title="psa_asymmetric_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_asymmetric_encrypt()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE" title="PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE">
+<span id="c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE</span></code> (macro)</h3>
+<p>Sufficient output buffer size for <a class="reference internal" href="#c.psa_asymmetric_decrypt" title="psa_asymmetric_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_asymmetric_decrypt()</span></code></a>.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE" title="PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE">PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE</a>(key_type, key_bits, alg) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>An asymmetric key type, either a key pair or a public key.</dd>
+<dt> <code class="docutils literal"><span class="pre">key_bits</span></code></dt>
+<dd>The size of the key in bits.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An asymmetric encryption algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_ASYMMETRIC_ENCRYPTION" title="PSA_ALG_IS_ASYMMETRIC_ENCRYPTION"><code class="docutils literal"><span class="pre">PSA_ALG_IS_ASYMMETRIC_ENCRYPTION</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>A sufficient output buffer size for the specified asymmetric encryption algorithm and key parameters. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or a correct size for an asymmetric encryption algorithm and key parameters that it recognizes, but does not support. If the parameters are not valid, the return value is unspecified.</p>
+<p class="rubric">Description</p>
+<p>If the size of the output buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_asymmetric_decrypt" title="psa_asymmetric_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_asymmetric_decrypt()</span></code></a> will not fail due to an insufficient buffer size. The actual size of the output might be smaller in any given call.</p>
+<p>See also <a class="reference internal" href="#c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE">
+<span id="c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE</span></code> (macro)</h3>
+<p>A sufficient output buffer size for <a class="reference internal" href="#c.psa_asymmetric_decrypt" title="psa_asymmetric_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_asymmetric_decrypt()</span></code></a>, for any of the supported key types and asymmetric encryption algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE">PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE</a> \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>If the size of the output buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_asymmetric_decrypt" title="psa_asymmetric_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_asymmetric_decrypt()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE" title="PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE()</span></code></a>.</p>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">10. Cryptographic operation reference</a><ul class="current">
+<li class="toctree-l2"><a class="reference internal" href="algorithms.html">10.1. Algorithms</a></li>
+<li class="toctree-l2"><a class="reference internal" href="hashes.html">10.2. Message digests (Hashes)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="macs.html">10.3. Message authentication codes (MAC)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ciphers.html">10.4. Unauthenticated ciphers</a></li>
+<li class="toctree-l2"><a class="reference internal" href="aead.html">10.5. Authenticated encryption with associated data (AEAD)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="kdf.html">10.6. Key derivation</a></li>
+<li class="toctree-l2"><a class="reference internal" href="sign.html">10.7. Asymmetric signature</a></li>
+<li class="toctree-l2 current"><a class="current reference internal" href="#">10.8. Asymmetric encryption</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#asymmetric-encryption-algorithms">10.8.1. Asymmetric encryption algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#asymmetric-encryption-functions">10.8.2. Asymmetric encryption functions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#support-macros">10.8.3. Support macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="ka.html">10.9. Key agreement</a></li>
+<li class="toctree-l2"><a class="reference internal" href="rng.html">10.10. Other cryptographic services</a></li>
+</ul>
+</li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/ops/rng.html b/docs/1.1.0/html/api/ops/rng.html
new file mode 100644
index 0000000..3be3040
--- /dev/null
+++ b/docs/1.1.0/html/api/ops/rng.html
@@ -0,0 +1,169 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>10.10. Other cryptographic services — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="Example header file" href="../../appendix/example_header.html" />
+ <link rel="prev" title="10.9. Key agreement" href="ka.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="other-cryptographic-services">
+<h1>10.10. Other cryptographic services</h1>
+<div class="section" id="random-number-generation">
+<span id="rng"></span><h2>10.10.1. Random number generation</h2>
+<div class="section" id="psa_generate_random">
+<span id="c.psa_generate_random"></span><h3><code class="docutils literal"><span class="pre">psa_generate_random</span></code> (function)</h3>
+<p>Generate random bytes.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_generate_random" title="psa_generate_random">psa_generate_random</a>(uint8_t * output,
+ size_t output_size);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">output</span></code></dt>
+<dd>Output buffer for the generated data.</dd>
+<dt> <code class="docutils literal"><span class="pre">output_size</span></code></dt>
+<dd>Number of bytes to generate and output.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+<code class="docutils literal"><span class="pre">output</span></code> contains <code class="docutils literal"><span class="pre">output_size</span></code> bytes of generated random data.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_ENTROPY" title="PSA_ERROR_INSUFFICIENT_ENTROPY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_ENTROPY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<div class="admonition warning">
+<p class="first admonition-title">Warning</p>
+<p class="last">This function <strong>can</strong> fail! Callers MUST check the return status and MUST NOT use the content of the output buffer if the return status is not <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SUCCESS</span></code></a>.</p>
+</div>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">To generate a key, use <a class="reference internal" href="../keys/management.html#c.psa_generate_key" title="psa_generate_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_generate_key()</span></code></a> instead.</p>
+</div>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">10. Cryptographic operation reference</a><ul class="current">
+<li class="toctree-l2"><a class="reference internal" href="algorithms.html">10.1. Algorithms</a></li>
+<li class="toctree-l2"><a class="reference internal" href="hashes.html">10.2. Message digests (Hashes)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="macs.html">10.3. Message authentication codes (MAC)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ciphers.html">10.4. Unauthenticated ciphers</a></li>
+<li class="toctree-l2"><a class="reference internal" href="aead.html">10.5. Authenticated encryption with associated data (AEAD)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="kdf.html">10.6. Key derivation</a></li>
+<li class="toctree-l2"><a class="reference internal" href="sign.html">10.7. Asymmetric signature</a></li>
+<li class="toctree-l2"><a class="reference internal" href="pke.html">10.8. Asymmetric encryption</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ka.html">10.9. Key agreement</a></li>
+<li class="toctree-l2 current"><a class="current reference internal" href="#">10.10. Other cryptographic services</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#random-number-generation">10.10.1. Random number generation</a></li>
+</ul>
+</li>
+</ul>
+</li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/api/ops/sign.html b/docs/1.1.0/html/api/ops/sign.html
new file mode 100644
index 0000000..595dd9f
--- /dev/null
+++ b/docs/1.1.0/html/api/ops/sign.html
@@ -0,0 +1,1008 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>10.7. Asymmetric signature — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../../_static/jquery.js"></script>
+ <script type="text/javascript" src="../../_static/underscore.js"></script>
+ <script type="text/javascript" src="../../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../../about.html" />
+ <link rel="index" title="Index" href="../../genindex.html" />
+ <link rel="search" title="Search" href="../../search.html" />
+ <link rel="next" title="10.8. Asymmetric encryption" href="pke.html" />
+ <link rel="prev" title="10.6. Key derivation" href="kdf.html" />
+
+ <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="asymmetric-signature">
+<span id="sign"></span><h1>10.7. Asymmetric signature</h1>
+<p>There are two pairs of single-part functions for asymmetric signature:</p>
+<ul>
+<li><p class="first">The signature and verification functions <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_message()</span></code></a> and <a class="reference internal" href="#c.psa_verify_message" title="psa_verify_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_message()</span></code></a> take a message as one of their inputs and perform a hash-and-sign algorithm.</p>
+</li>
+<li><p class="first">The functions <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a> and <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a> take a message hash as one of their inputs. This is useful for signing pre-computed hashes, or for implementing hash-and-sign using a <a class="reference internal" href="hashes.html#hash-mp"><span class="std std-ref">multi-part hash operation</span></a> before signing the resulting hash. To determine which hash algorithm to use, call the macro <a class="reference internal" href="algorithms.html#c.PSA_ALG_GET_HASH" title="PSA_ALG_GET_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_GET_HASH()</span></code></a> on the corresponding signature algorithm.</p>
+<p>Some hash-and-sign algorithms add padding to the message hash before completing the signing operation. The format of the padding that is used depends on the algorithm used to construct the signature.</p>
+</li>
+</ul>
+<div class="section" id="asymmetric-signature-algorithms">
+<span id="sign-algorithms"></span><h2>10.7.1. Asymmetric signature algorithms</h2>
+<div class="section" id="PSA_ALG_RSA_PKCS1V15_SIGN">
+<span id="c.PSA_ALG_RSA_PKCS1V15_SIGN"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN</span></code> (macro)</h3>
+<p>The RSA PKCS#1 v1.5 message signature scheme, with hashing.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_RSA_PKCS1V15_SIGN" title="PSA_ALG_RSA_PKCS1V15_SIGN">PSA_ALG_RSA_PKCS1V15_SIGN</a>(hash_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">hash_alg</span></code></dt>
+<dd>A hash algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true. This includes <a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a> when specifying the algorithm in a key policy.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding RSA PKCS#1 v1.5 signature algorithm.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">hash_alg</span></code> is not a supported hash algorithm.</p>
+<p class="rubric">Description</p>
+<p>This algorithm can be used with both the message and hash signature functions.</p>
+<p>This signature scheme is defined by <span><em>PKCS #1: RSA Cryptography Specifications Version 2.2</em> <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html#section-8.2">§8.2</a> under the name RSASSA-PKCS1-v1_5.</p>
+<p>When used with <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a> or <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a>, the provided <code class="docutils literal"><span class="pre">hash</span></code> parameter is used as <em>H</em> from step 2 onwards in the message encoding algorithm <code class="docutils literal"><span class="pre">EMSA-PKCS1-V1_5-ENCODE()</span></code> in <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html#section-9.2">§9.2</a>. <em>H</em> is usually the message digest, using the <code class="docutils literal"><span class="pre">hash_alg</span></code> hash algorithm.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RSA_KEY_PAIR" title="PSA_KEY_TYPE_RSA_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_KEY_PAIR</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RSA_PUBLIC_KEY" title="PSA_KEY_TYPE_RSA_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_PUBLIC_KEY</span></code></a> (signature verification only)</div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_RSA_PKCS1V15_SIGN_RAW">
+<span id="c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</span></code> (macro)</h3>
+<p>The raw RSA PKCS#1 v1.5 signature algorithm, without hashing.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) 0x06000200)
+</pre>
+<p>This algorithm can be only used with the <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a> and <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a> functions.</p>
+<p>This signature scheme is defined by <span><em>PKCS #1: RSA Cryptography Specifications Version 2.2</em> <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html#section-8.2">§8.2</a> under the name RSASSA-PKCS1-v1_5.</p>
+<p>The <code class="docutils literal"><span class="pre">hash</span></code> parameter to <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a> or <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a> is used as <em>T</em> from step 3 onwards in the message encoding algorithm <code class="docutils literal"><span class="pre">EMSA-PKCS1-V1_5-ENCODE()</span></code> in <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html#section-9.2">§9.2</a>. <em>T</em> is the DER encoding of the <em>DigestInfo</em> structure normally produced by step 2 in the message encoding algorithm.</p>
+<p>The wildcard key policy <a class="reference internal" href="#c.PSA_ALG_RSA_PKCS1V15_SIGN" title="PSA_ALG_RSA_PKCS1V15_SIGN"><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a><code class="docutils literal"><span class="pre">)</span></code> also permits a key to be used with the <a class="reference internal" href="#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</span></code></a> signature algorithm.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RSA_KEY_PAIR" title="PSA_KEY_TYPE_RSA_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_KEY_PAIR</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RSA_PUBLIC_KEY" title="PSA_KEY_TYPE_RSA_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_PUBLIC_KEY</span></code></a> (signature verification only)</div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_RSA_PSS">
+<span id="c.PSA_ALG_RSA_PSS"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PSS</span></code> (macro)</h3>
+<p>The RSA PSS message signature scheme, with hashing.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS">PSA_ALG_RSA_PSS</a>(hash_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">hash_alg</span></code></dt>
+<dd>A hash algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true. This includes <a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a> when specifying the algorithm in a key policy.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding RSA PSS signature algorithm.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">hash_alg</span></code> is not a supported hash algorithm.</p>
+<p class="rubric">Description</p>
+<p>This algorithm can be used with both the message and hash signature functions.</p>
+<p>This algorithm is randomized: each invocation returns a different, equally valid signature.</p>
+<p>This is the signature scheme defined by <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html#section-8.1">§8.1</a> under the name RSASSA-PSS, with the following options:</p>
+<ul class="simple">
+<li>The mask generation function is <em>MGF1</em> defined by <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html#appendix-B">Appendix B</a>.</li>
+<li>When creating a signature, the salt length is equal to the length of the hash, or the largest possible salt length for the algorithm and key size if that is smaller than the hash length.</li>
+<li>When verifying a signature, the salt length must be equal to the length of the hash, or the largest possible salt length for the algorithm and key size if that is smaller than the hash length.</li>
+<li>The specified hash algorithm is used to hash the input message, to create the salted hash, and for the mask generation.</li>
+</ul>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">The <a class="reference internal" href="#c.PSA_ALG_RSA_PSS_ANY_SALT" title="PSA_ALG_RSA_PSS_ANY_SALT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS_ANY_SALT()</span></code></a> algorithm is equivalent to <a class="reference internal" href="#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS()</span></code></a> when creating a signature, but permits any salt length when verifying a signature.</p>
+</div>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RSA_KEY_PAIR" title="PSA_KEY_TYPE_RSA_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_KEY_PAIR</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RSA_PUBLIC_KEY" title="PSA_KEY_TYPE_RSA_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_PUBLIC_KEY</span></code></a> (signature verification only)</div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_RSA_PSS_ANY_SALT">
+<span id="c.PSA_ALG_RSA_PSS_ANY_SALT"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PSS_ANY_SALT</span></code> (macro)</h3>
+<p>The RSA PSS message signature scheme, with hashing.
+This variant permits any salt length for signature verification.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_RSA_PSS_ANY_SALT" title="PSA_ALG_RSA_PSS_ANY_SALT">PSA_ALG_RSA_PSS_ANY_SALT</a>(hash_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">hash_alg</span></code></dt>
+<dd>A hash algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true. This includes <a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a> when specifying the algorithm in a key policy.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding RSA PSS signature algorithm.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">hash_alg</span></code> is not a supported hash algorithm.</p>
+<p class="rubric">Description</p>
+<p>This algorithm can be used with both the message and hash signature functions.</p>
+<p>This algorithm is randomized: each invocation returns a different, equally valid signature.</p>
+<p>This is the signature scheme defined by <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html#section-8.1">§8.1</a> under the name RSASSA-PSS, with the following options:</p>
+<ul class="simple">
+<li>The mask generation function is <em>MGF1</em> defined by <a class="reference internal" href="../../about.html#citation-rfc8017"><span class="cite">[RFC8017]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc8017.html#appendix-B">Appendix B</a>.</li>
+<li>When creating a signature, the salt length is equal to the length of the hash, or the largest possible salt length for the algorithm and key size if that is smaller than the hash length.</li>
+<li>When verifying a signature, any salt length permitted by the RSASSA-PSS signature algorithm is accepted.</li>
+<li>The specified hash algorithm is used to hash the input message, to create the salted hash, and for the mask generation.</li>
+</ul>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">The <a class="reference internal" href="#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS()</span></code></a> algorithm is equivalent to <a class="reference internal" href="#c.PSA_ALG_RSA_PSS_ANY_SALT" title="PSA_ALG_RSA_PSS_ANY_SALT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS_ANY_SALT()</span></code></a> when creating a signature, but is strict about the permitted salt length when verifying a signature.</p>
+</div>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RSA_KEY_PAIR" title="PSA_KEY_TYPE_RSA_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_KEY_PAIR</span></code></a></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_RSA_PUBLIC_KEY" title="PSA_KEY_TYPE_RSA_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_PUBLIC_KEY</span></code></a> (signature verification only)</div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_ECDSA">
+<span id="c.PSA_ALG_ECDSA"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code> (macro)</h3>
+<p>The randomized ECDSA signature scheme, with hashing.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA">PSA_ALG_ECDSA</a>(hash_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">hash_alg</span></code></dt>
+<dd>A hash algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true. This includes <a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a> when specifying the algorithm in a key policy.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding randomized ECDSA signature algorithm.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">hash_alg</span></code> is not a supported hash algorithm.</p>
+<p class="rubric">Description</p>
+<p>This algorithm can be used with both the message and hash signature functions.</p>
+<p>This algorithm is randomized: each invocation returns a different, equally valid signature.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p>When based on the same hash algorithm, the verification operations for <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a> and <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a> are identical. A signature created using <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a> can be verified with the same key using either <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a> or <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a>. Similarly, a signature created using <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a> can be verified with the same key using either <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a> or <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a>.</p>
+<p class="last">In particular, it is impossible to determine whether a signature was produced with deterministic ECDSA or with randomized ECDSA: it is only possible to verify that a signature was made with ECDSA with the private key corresponding to the public key used for the verification.</p>
+</div>
+<p>This signature scheme is defined by <span><em>SEC 1: Elliptic Curve Cryptography</em> <a class="reference internal" href="../../about.html#citation-sec1"><span class="cite">[SEC1]</span></a></span>, and also by <span><em>Public Key Cryptography For The Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA)</em> <a class="reference internal" href="../../about.html#citation-x9-62"><span class="cite">[X9-62]</span></a></span>, with a random per-message secret number <em>k</em>.</p>
+<p>The representation of the signature as a byte string consists of the concatenation of the signature values <em>r</em> and <em>s</em>. Each of <em>r</em> and <em>s</em> is encoded as an <em>N</em>-octet string, where <em>N</em> is the length of the base point of the curve in octets. Each value is represented in big-endian order, with the most significant octet first.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ECC_KEY_PAIR" title="PSA_KEY_TYPE_ECC_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_KEY_PAIR</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">family</span></code><code class="docutils literal"><span class="pre">)</span></code></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_ECC_PUBLIC_KEY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_PUBLIC_KEY</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">family</span></code><code class="docutils literal"><span class="pre">)</span></code> (signature verification only)</div>
+</div>
+<p>where <code class="docutils literal"><span class="pre">family</span></code> is a Weierstrass Elliptic curve family. That is, one of the following values:</p>
+<ul class="simple">
+<li><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_XX</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_XX</span></code></li>
+<li><a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_FRP" title="PSA_ECC_FAMILY_FRP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_FRP</span></code></a></li>
+<li><a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_BRAINPOOL_P_R1" title="PSA_ECC_FAMILY_BRAINPOOL_P_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_BRAINPOOL_P_R1</span></code></a></li>
+</ul>
+</div>
+<div class="section" id="PSA_ALG_ECDSA_ANY">
+<span id="c.PSA_ALG_ECDSA_ANY"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_ECDSA_ANY</span></code> (macro)</h3>
+<p>The randomized ECDSA signature scheme, without hashing.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_ECDSA_ANY" title="PSA_ALG_ECDSA_ANY">PSA_ALG_ECDSA_ANY</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) 0x06000600)
+</pre>
+<p>This algorithm can be only used with the <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a> and <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a> functions.</p>
+<p>This algorithm is randomized: each invocation returns a different, equally valid signature.</p>
+<p>This is the same signature scheme as <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA()</span></code></a>, but without specifying a hash algorithm, and skipping the message hashing operation.</p>
+<p>This algorithm is only recommended to sign or verify a sequence of bytes that are an already-calculated hash. Note that the input is padded with zeros on the left or truncated on the right as required to fit the curve size.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ECC_KEY_PAIR" title="PSA_KEY_TYPE_ECC_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_KEY_PAIR</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">family</span></code><code class="docutils literal"><span class="pre">)</span></code></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_ECC_PUBLIC_KEY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_PUBLIC_KEY</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">family</span></code><code class="docutils literal"><span class="pre">)</span></code> (signature verification only)</div>
+</div>
+<p>where <code class="docutils literal"><span class="pre">family</span></code> is a Weierstrass Elliptic curve family. That is, one of the following values:</p>
+<ul class="simple">
+<li><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_XX</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_XX</span></code></li>
+<li><a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_FRP" title="PSA_ECC_FAMILY_FRP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_FRP</span></code></a></li>
+<li><a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_BRAINPOOL_P_R1" title="PSA_ECC_FAMILY_BRAINPOOL_P_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_BRAINPOOL_P_R1</span></code></a></li>
+</ul>
+</div>
+<div class="section" id="PSA_ALG_DETERMINISTIC_ECDSA">
+<span id="c.PSA_ALG_DETERMINISTIC_ECDSA"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code> (macro)</h3>
+<p>Deterministic ECDSA signature scheme, with hashing.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA">PSA_ALG_DETERMINISTIC_ECDSA</a>(hash_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">hash_alg</span></code></dt>
+<dd>A hash algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true. This includes <a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a> when specifying the algorithm in a key policy.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>The corresponding deterministic ECDSA signature algorithm.</p>
+<p>Unspecified if <code class="docutils literal"><span class="pre">hash_alg</span></code> is not a supported hash algorithm.</p>
+<p class="rubric">Description</p>
+<p>This algorithm can be used with both the message and hash signature functions.</p>
+<p>This is the deterministic ECDSA signature scheme defined by <span><em>Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA)</em> <a class="reference internal" href="../../about.html#citation-rfc6979"><span class="cite">[RFC6979]</span></a></span>.</p>
+<p>The representation of a signature is the same as with <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA()</span></code></a>.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p>When based on the same hash algorithm, the verification operations for <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a> and <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a> are identical. A signature created using <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a> can be verified with the same key using either <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a> or <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a>. Similarly, a signature created using <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a> can be verified with the same key using either <a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a> or <a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a>.</p>
+<p class="last">In particular, it is impossible to determine whether a signature was produced with deterministic ECDSA or with randomized ECDSA: it is only possible to verify that a signature was made with ECDSA with the private key corresponding to the public key used for the verification.</p>
+</div>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ECC_KEY_PAIR" title="PSA_KEY_TYPE_ECC_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_KEY_PAIR</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">family</span></code><code class="docutils literal"><span class="pre">)</span></code></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_ECC_PUBLIC_KEY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_PUBLIC_KEY</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">family</span></code><code class="docutils literal"><span class="pre">)</span></code> (signature verification only)</div>
+</div>
+<p>where <code class="docutils literal"><span class="pre">family</span></code> is a Weierstrass Elliptic curve family. That is, one of the following values:</p>
+<ul class="simple">
+<li><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_XX</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_XX</span></code></li>
+<li><a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_FRP" title="PSA_ECC_FAMILY_FRP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_FRP</span></code></a></li>
+<li><a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_BRAINPOOL_P_R1" title="PSA_ECC_FAMILY_BRAINPOOL_P_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_BRAINPOOL_P_R1</span></code></a></li>
+</ul>
+</div>
+<div class="section" id="PSA_ALG_PURE_EDDSA">
+<span id="c.PSA_ALG_PURE_EDDSA"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_PURE_EDDSA</span></code> (macro)</h3>
+<p>Edwards-curve digital signature algorithm without prehashing (PureEdDSA), using standard parameters.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_PURE_EDDSA" title="PSA_ALG_PURE_EDDSA">PSA_ALG_PURE_EDDSA</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) 0x06000800)
+</pre>
+<p>This algorithm can be only used with the <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_message()</span></code></a> and <a class="reference internal" href="#c.psa_verify_message" title="psa_verify_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_message()</span></code></a> functions.</p>
+<p>This is the PureEdDSA digital signature algorithm defined by <span><em>Edwards-Curve Digital Signature Algorithm (EdDSA)</em> <a class="reference internal" href="../../about.html#citation-rfc8032"><span class="cite">[RFC8032]</span></a></span>, using standard parameters.</p>
+<p>PureEdDSA requires an elliptic curve key on a twisted Edwards curve. The following curves are supported:</p>
+<ul class="simple">
+<li>Edwards25519: the Ed25519 algorithm is computed. The output signature is a 64-byte string: the concatenation of <em>R</em> and <em>S</em> as defined by <a class="reference internal" href="../../about.html#citation-rfc8032"><span class="cite">[RFC8032]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc8032.html#section-5.1.6">§5.1.6</a>.</li>
+<li>Edwards448: the Ed448 algorithm is computed with an empty string as the context. The output signature is a 114-byte string: the concatenation of <em>R</em> and <em>S</em> as defined by <a class="reference internal" href="../../about.html#citation-rfc8032"><span class="cite">[RFC8032]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc8032.html#section-5.2.6">§5.2.6</a>.</li>
+</ul>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">Contexts are not supported in the current version of this specification because there is no suitable signature interface that can take the context as a parameter. A future version of this specification may add suitable functions and extend this algorithm to support contexts.</p>
+</div>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p>To sign or verify the pre-computed hash of a message using EdDSA, the HashEdDSA algorithms (<a class="reference internal" href="#c.PSA_ALG_ED25519PH" title="PSA_ALG_ED25519PH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ED25519PH</span></code></a> and <a class="reference internal" href="#c.PSA_ALG_ED448PH" title="PSA_ALG_ED448PH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ED448PH</span></code></a>) can be used with <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a> and <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a>.</p>
+<p class="last">The signature produced by HashEdDSA is distinct from that produced by PureEdDSA.</p>
+</div>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ECC_KEY_PAIR" title="PSA_KEY_TYPE_ECC_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_KEY_PAIR</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_TWISTED_EDWARDS" title="PSA_ECC_FAMILY_TWISTED_EDWARDS"><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_TWISTED_EDWARDS</span></code></a><code class="docutils literal"><span class="pre">)</span></code></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_ECC_PUBLIC_KEY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_PUBLIC_KEY</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_TWISTED_EDWARDS" title="PSA_ECC_FAMILY_TWISTED_EDWARDS"><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_TWISTED_EDWARDS</span></code></a><code class="docutils literal"><span class="pre">)</span></code> (signature verification only)</div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_ED25519PH">
+<span id="c.PSA_ALG_ED25519PH"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_ED25519PH</span></code> (macro)</h3>
+<p>Edwards-curve digital signature algorithm with prehashing (HashEdDSA), using the Edwards25519 curve.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_ED25519PH" title="PSA_ALG_ED25519PH">PSA_ALG_ED25519PH</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) 0x0600090B)
+</pre>
+<p>This algorithm can be used with both the message and hash signature functions.</p>
+<p>This computes the Ed25519ph algorithm as specified in <span><em>Edwards-Curve Digital Signature Algorithm (EdDSA)</em> <a class="reference internal" href="../../about.html#citation-rfc8032"><span class="cite">[RFC8032]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc8032.html#section-5.1">§5.1</a>, and requires an Edwards25519 curve key. An empty string is used as the context. The prehash function is SHA-512.</p>
+<div class="admonition-implementation-note admonition">
+<p class="first admonition-title">Implementation note</p>
+<p class="last">When used with <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a> or <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a>, the <code class="docutils literal"><span class="pre">hash</span></code> parameter to the call should be used as <code class="docutils literal"><span class="pre">PH(M)</span></code> in the algorithms defined in <a class="reference internal" href="../../about.html#citation-rfc8032"><span class="cite">[RFC8032]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc8032.html#section-5.1">§5.1</a>.</p>
+</div>
+<p class="rubric">Usage</p>
+<p>This is a hash-and-sign algorithm. To calculate a signature, use one of the following approaches:</p>
+<ul class="simple">
+<li>Call <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_message()</span></code></a> with the message.</li>
+<li>Calculate the SHA-512 hash of the message with <a class="reference internal" href="hashes.html#c.psa_hash_compute" title="psa_hash_compute"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_compute()</span></code></a>, or with a multi-part hash operation, using the hash algorithm <a class="reference internal" href="hashes.html#c.PSA_ALG_SHA_512" title="PSA_ALG_SHA_512"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_512</span></code></a>. Then sign the calculated hash with <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a>.</li>
+</ul>
+<p>Verifying a signature is similar, using <a class="reference internal" href="#c.psa_verify_message" title="psa_verify_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_message()</span></code></a> or <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a> instead of the signature function.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ECC_KEY_PAIR" title="PSA_KEY_TYPE_ECC_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_KEY_PAIR</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_TWISTED_EDWARDS" title="PSA_ECC_FAMILY_TWISTED_EDWARDS"><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_TWISTED_EDWARDS</span></code></a><code class="docutils literal"><span class="pre">)</span></code></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_ECC_PUBLIC_KEY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_PUBLIC_KEY</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_TWISTED_EDWARDS" title="PSA_ECC_FAMILY_TWISTED_EDWARDS"><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_TWISTED_EDWARDS</span></code></a><code class="docutils literal"><span class="pre">)</span></code> (signature verification only)</div>
+</div>
+</div>
+<div class="section" id="PSA_ALG_ED448PH">
+<span id="c.PSA_ALG_ED448PH"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_ED448PH</span></code> (macro)</h3>
+<p>Edwards-curve digital signature algorithm with prehashing (HashEdDSA), using the Edwards448 curve.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_ED448PH" title="PSA_ALG_ED448PH">PSA_ALG_ED448PH</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) 0x06000915)
+</pre>
+<p>This algorithm can be used with both the message and hash signature functions.</p>
+<p>This computes the Ed448ph algorithm as specified in <span><em>Edwards-Curve Digital Signature Algorithm (EdDSA)</em> <a class="reference internal" href="../../about.html#citation-rfc8032"><span class="cite">[RFC8032]</span></a></span> <a class="reference external" href="https://tools.ietf.org/html/rfc8032.html#section-5.2">§5.2</a>, and requires an Edwards448 curve key. An empty string is used as the context. The prehash function is the first 64 bytes of the output from SHAKE256.</p>
+<div class="admonition-implementation-note admonition">
+<p class="first admonition-title">Implementation note</p>
+<p class="last">When used with <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a> or <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a>, the <code class="docutils literal"><span class="pre">hash</span></code> parameter to the call should be used as <code class="docutils literal"><span class="pre">PH(M)</span></code> in the algorithms defined in <a class="reference internal" href="../../about.html#citation-rfc8032"><span class="cite">[RFC8032]</span></a> <a class="reference external" href="https://tools.ietf.org/html/rfc8032.html#section-5.2">§5.2</a>.</p>
+</div>
+<p class="rubric">Usage</p>
+<p>This is a hash-and-sign algorithm. To calculate a signature, use one of the following approaches:</p>
+<ul class="simple">
+<li>Call <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_message()</span></code></a> with the message.</li>
+<li>Calculate the first 64 bytes of the SHAKE256 output of the message with <a class="reference internal" href="hashes.html#c.psa_hash_compute" title="psa_hash_compute"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_compute()</span></code></a>, or with a multi-part hash operation, using the hash algorithm <a class="reference internal" href="hashes.html#c.PSA_ALG_SHAKE256_512" title="PSA_ALG_SHAKE256_512"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHAKE256_512</span></code></a>. Then sign the calculated hash with <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a>.</li>
+</ul>
+<p>Verifying a signature is similar, using <a class="reference internal" href="#c.psa_verify_message" title="psa_verify_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_message()</span></code></a> or <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a> instead of the signature function.</p>
+<p class="rubric">Compatible key types</p>
+<div class="line-block">
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ECC_KEY_PAIR" title="PSA_KEY_TYPE_ECC_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_KEY_PAIR</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_TWISTED_EDWARDS" title="PSA_ECC_FAMILY_TWISTED_EDWARDS"><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_TWISTED_EDWARDS</span></code></a><code class="docutils literal"><span class="pre">)</span></code></div>
+<div class="line"><a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_ECC_PUBLIC_KEY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_PUBLIC_KEY</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="../keys/types.html#c.PSA_ECC_FAMILY_TWISTED_EDWARDS" title="PSA_ECC_FAMILY_TWISTED_EDWARDS"><code class="docutils literal"><span class="pre">PSA_ECC_FAMILY_TWISTED_EDWARDS</span></code></a><code class="docutils literal"><span class="pre">)</span></code> (signature verification only)</div>
+</div>
+</div>
+</div>
+<div class="section" id="asymmetric-signature-functions">
+<h2>10.7.2. Asymmetric signature functions</h2>
+<div class="section" id="psa_sign_message">
+<span id="c.psa_sign_message"></span><h3><code class="docutils literal"><span class="pre">psa_sign_message</span></code> (function)</h3>
+<p>Sign a message with a private key. For hash-and-sign algorithms, this includes the hashing step.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message">psa_sign_message</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ uint8_t * signature,
+ size_t signature_size,
+ size_t * signature_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to use for the operation. It must be an asymmetric key pair. The key must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An asymmetric signature algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="#c.PSA_ALG_IS_SIGN_MESSAGE" title="PSA_ALG_IS_SIGN_MESSAGE"><code class="docutils literal"><span class="pre">PSA_ALG_IS_SIGN_MESSAGE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">input</span></code></dt>
+<dd>The input message to sign.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">input</span></code> buffer in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">signature</span></code></dt>
+<dd>Buffer where the signature is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">signature_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">signature</span></code> buffer in bytes.
+This must be appropriate for the selected algorithm and key:</p>
+<ul class="last simple">
+<li>The required signature size is <a class="reference internal" href="#c.PSA_SIGN_OUTPUT_SIZE" title="PSA_SIGN_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_SIGN_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">key_bits</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> and <code class="docutils literal"><span class="pre">key_bits</span></code> are the type and bit-size respectively of <code class="docutils literal"><span class="pre">key</span></code>.</li>
+<li><a class="reference internal" href="#c.PSA_SIGNATURE_MAX_SIZE" title="PSA_SIGNATURE_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SIGNATURE_MAX_SIZE</span></code></a> evaluates to the maximum signature size of any supported signature algorithm.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">signature_length</span></code></dt>
+<dd>On success, the number of bytes that make up the returned signature value.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*signature_length)</span></code> bytes of <code class="docutils literal"><span class="pre">signature</span></code> contain the signature value.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">signature</span></code> buffer is too small.
+<a class="reference internal" href="#c.PSA_SIGN_OUTPUT_SIZE" title="PSA_SIGN_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SIGN_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_SIGNATURE_MAX_SIZE" title="PSA_SIGNATURE_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SIGNATURE_MAX_SIZE</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not an asymmetric signature algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not an asymmetric key pair, that is compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> is too large for the algorithm and key type.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not an asymmetric signature algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> is too large for the implementation.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_ENTROPY" title="PSA_ERROR_INSUFFICIENT_ENTROPY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_ENTROPY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">To perform a multi-part hash-and-sign signature algorithm, first use a <a class="reference internal" href="hashes.html#hash-mp"><span class="std std-ref">multi-part hash operation</span></a> and then pass the resulting hash to <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a>. <a class="reference internal" href="algorithms.html#c.PSA_ALG_GET_HASH" title="PSA_ALG_GET_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_GET_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> can be used to determine the hash algorithm to use.</p>
+</div>
+</div>
+<div class="section" id="psa_verify_message">
+<span id="c.psa_verify_message"></span><h3><code class="docutils literal"><span class="pre">psa_verify_message</span></code> (function)</h3>
+<p>Verify the signature of a message with a public key. For hash-and-sign algorithms, this includes the hashing step.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_verify_message" title="psa_verify_message">psa_verify_message</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ const uint8_t * signature,
+ size_t signature_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to use for the operation. It must be a public key or an asymmetric key pair. The key must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An asymmetric signature algorithm: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="#c.PSA_ALG_IS_SIGN_MESSAGE" title="PSA_ALG_IS_SIGN_MESSAGE"><code class="docutils literal"><span class="pre">PSA_ALG_IS_SIGN_MESSAGE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">input</span></code></dt>
+<dd>The message whose signature is to be verified.</dd>
+<dt> <code class="docutils literal"><span class="pre">input_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">input</span></code> buffer in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">signature</span></code></dt>
+<dd>Buffer containing the signature to verify.</dd>
+<dt> <code class="docutils literal"><span class="pre">signature_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">signature</span></code> buffer in bytes.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The signature is valid.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">signature</span></code> is not the result of signing the <code class="docutils literal"><span class="pre">input</span></code> message with algorithm <code class="docutils literal"><span class="pre">alg</span></code> using the private key corresponding to <code class="docutils literal"><span class="pre">key</span></code>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not an asymmetric signature algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not a public key or an asymmetric key pair, that is compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> is too large for the algorithm and key type.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not an asymmetric signature algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">input_length</span></code> is too large for the implementation.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">To perform a multi-part hash-and-sign signature verification algorithm, first use a <a class="reference internal" href="hashes.html#hash-mp"><span class="std std-ref">multi-part hash operation</span></a> to hash the message and then pass the resulting hash to <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a>. <a class="reference internal" href="algorithms.html#c.PSA_ALG_GET_HASH" title="PSA_ALG_GET_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_GET_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> can be used to determine the hash algorithm to use.</p>
+</div>
+</div>
+<div class="section" id="psa_sign_hash">
+<span id="c.psa_sign_hash"></span><h3><code class="docutils literal"><span class="pre">psa_sign_hash</span></code> (function)</h3>
+<p>Sign an already-calculated hash with a private key.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash">psa_sign_hash</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * hash,
+ size_t hash_length,
+ uint8_t * signature,
+ size_t signature_size,
+ size_t * signature_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to use for the operation. It must be an asymmetric key pair. The key must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_HASH" title="PSA_KEY_USAGE_SIGN_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_HASH</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An asymmetric signature algorithm that separates the hash and sign operations: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="#c.PSA_ALG_IS_SIGN_HASH" title="PSA_ALG_IS_SIGN_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_SIGN_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash</span></code></dt>
+<dd>The input to sign. This is usually the hash of a message. See the detailed description of this function and the description of individual signature algorithms for a detailed description of acceptable inputs.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">hash</span></code> buffer in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">signature</span></code></dt>
+<dd>Buffer where the signature is to be written.</dd>
+<dt> <code class="docutils literal"><span class="pre">signature_size</span></code></dt>
+<dd><p class="first">Size of the <code class="docutils literal"><span class="pre">signature</span></code> buffer in bytes.
+This must be appropriate for the selected algorithm and key:</p>
+<ul class="last simple">
+<li>The required signature size is <a class="reference internal" href="#c.PSA_SIGN_OUTPUT_SIZE" title="PSA_SIGN_OUTPUT_SIZE"><code class="docutils literal"><span class="pre">PSA_SIGN_OUTPUT_SIZE</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key_type</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">key_bits</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> where <code class="docutils literal"><span class="pre">key_type</span></code> and <code class="docutils literal"><span class="pre">key_bits</span></code> are the type and bit-size respectively of <code class="docutils literal"><span class="pre">key</span></code>.</li>
+<li><a class="reference internal" href="#c.PSA_SIGNATURE_MAX_SIZE" title="PSA_SIGNATURE_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SIGNATURE_MAX_SIZE</span></code></a> evaluates to the maximum signature size of any supported signature algorithm.</li>
+</ul>
+</dd>
+<dt> <code class="docutils literal"><span class="pre">signature_length</span></code></dt>
+<dd>On success, the number of bytes that make up the returned signature value.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The first <code class="docutils literal"><span class="pre">(*signature_length)</span></code> bytes of <code class="docutils literal"><span class="pre">signature</span></code> contain the signature value.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_HASH" title="PSA_KEY_USAGE_SIGN_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_HASH</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt>
+<dd>The size of the <code class="docutils literal"><span class="pre">signature</span></code> buffer is too small.
+<a class="reference internal" href="#c.PSA_SIGN_OUTPUT_SIZE" title="PSA_SIGN_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SIGN_OUTPUT_SIZE()</span></code></a> or <a class="reference internal" href="#c.PSA_SIGNATURE_MAX_SIZE" title="PSA_SIGNATURE_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SIGNATURE_MAX_SIZE</span></code></a> can be used to determine a sufficient buffer size.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not an asymmetric signature algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not an asymmetric key pair, that is compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">hash_length</span></code> is not valid for the algorithm and key type.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not an asymmetric signature algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_ENTROPY" title="PSA_ERROR_INSUFFICIENT_ENTROPY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_ENTROPY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>With most signature mechanisms that follow the hash-and-sign paradigm, the hash input to this function is the hash of the message to sign. The hash algorithm is encoded in the signature algorithm.</p>
+<p>Some hash-and-sign mechanisms apply a padding or encoding to the hash. In such cases, the encoded hash must be passed to this function. The current version of this specification defines one such signature algorithm: <a class="reference internal" href="#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</span></code></a>.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p>To perform a hash-and-sign signature algorithm, the hash must be calculated before passing it to this function. This can be done by calling <a class="reference internal" href="hashes.html#c.psa_hash_compute" title="psa_hash_compute"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_compute()</span></code></a> or with a multi-part hash operation. The correct hash algorithm to use can be determined using <a class="reference internal" href="algorithms.html#c.PSA_ALG_GET_HASH" title="PSA_ALG_GET_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_GET_HASH()</span></code></a>.</p>
+<p class="last">Alternatively, to hash and sign a message in a single call, use <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_message()</span></code></a>.</p>
+</div>
+</div>
+<div class="section" id="psa_verify_hash">
+<span id="c.psa_verify_hash"></span><h3><code class="docutils literal"><span class="pre">psa_verify_hash</span></code> (function)</h3>
+<p>Verify the signature of a hash or short message using a public key.</p>
+<pre class="literal-block">
+<a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash">psa_verify_hash</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * hash,
+ size_t hash_length,
+ const uint8_t * signature,
+ size_t signature_length);
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key</span></code></dt>
+<dd>Identifier of the key to use for the operation. It must be a public key or an asymmetric key pair. The key must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_HASH" title="PSA_KEY_USAGE_VERIFY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_HASH</span></code></a>.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An asymmetric signature algorithm that separates the hash and sign operations: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="#c.PSA_ALG_IS_SIGN_HASH" title="PSA_ALG_IS_SIGN_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_IS_SIGN_HASH</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash</span></code></dt>
+<dd>The input whose signature is to be verified. This is usually the hash of a message. See the detailed description of this function and the description of individual signature algorithms for a detailed description of acceptable inputs.</dd>
+<dt> <code class="docutils literal"><span class="pre">hash_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">hash</span></code> buffer in bytes.</dd>
+<dt> <code class="docutils literal"><span class="pre">signature</span></code></dt>
+<dd>Buffer containing the signature to verify.</dd>
+<dt> <code class="docutils literal"><span class="pre">signature_length</span></code></dt>
+<dd>Size of the <code class="docutils literal"><span class="pre">signature</span></code> buffer in bytes.</dd>
+</dl>
+<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal"><span class="pre">psa_status_t</span></code></a></p>
+<dl class="docutils">
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal"><span class="pre">PSA_SUCCESS</span></code></a></dt>
+<dd>Success.
+The signature is valid.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt>
+<dd>The library requires initializing by a call to <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">key</span></code> is not a valid key identifier.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt>
+<dd>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_HASH" title="PSA_KEY_USAGE_VERIFY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_HASH</span></code></a> flag, or it does not permit the requested algorithm.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a></dt>
+<dd><code class="docutils literal"><span class="pre">signature</span></code> is not the result of signing <code class="docutils literal"><span class="pre">hash</span></code> with algorithm <code class="docutils literal"><span class="pre">alg</span></code> using the private key corresponding to <code class="docutils literal"><span class="pre">key</span></code>.</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not an asymmetric signature algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not a public key or an asymmetric key pair, that is compatible with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">hash_length</span></code> is not valid for the algorithm and key type.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt>
+<dd><p class="first">The following conditions can result in this error:</p>
+<ul class="last simple">
+<li><code class="docutils literal"><span class="pre">alg</span></code> is not supported or is not an asymmetric signature algorithm.</li>
+<li><code class="docutils literal"><span class="pre">key</span></code> is not supported for use with <code class="docutils literal"><span class="pre">alg</span></code>.</li>
+</ul>
+</dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt>
+<dd></dd>
+<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt>
+<dd></dd>
+</dl>
+<p class="rubric">Description</p>
+<p>With most signature mechanisms that follow the hash-and-sign paradigm, the hash input to this function is the hash of the message to sign. The hash algorithm is encoded in the signature algorithm.</p>
+<p>Some hash-and-sign mechanisms apply a padding or encoding to the hash. In such cases, the encoded hash must be passed to this function. The current version of this specification defines one such signature algorithm: <a class="reference internal" href="#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</span></code></a>.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p>To perform a hash-and-sign verification algorithm, the hash must be calculated before passing it to this function. This can be done by calling <a class="reference internal" href="hashes.html#c.psa_hash_compute" title="psa_hash_compute"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_compute()</span></code></a> or with a multi-part hash operation. The correct hash algorithm to use can be determined using <a class="reference internal" href="algorithms.html#c.PSA_ALG_GET_HASH" title="PSA_ALG_GET_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_GET_HASH()</span></code></a>.</p>
+<p class="last">Alternatively, to hash and verify a message in a single call, use <a class="reference internal" href="#c.psa_verify_message" title="psa_verify_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_message()</span></code></a>.</p>
+</div>
+</div>
+</div>
+<div class="section" id="support-macros">
+<h2>10.7.3. Support macros</h2>
+<div class="section" id="PSA_ALG_IS_SIGN_MESSAGE">
+<span id="c.PSA_ALG_IS_SIGN_MESSAGE"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_SIGN_MESSAGE</span></code> (macro)</h3>
+<p>Whether the specified algorithm is a signature algorithm that can be used with <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_message()</span></code></a> and <a class="reference internal" href="#c.psa_verify_message" title="psa_verify_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_message()</span></code></a>.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_SIGN_MESSAGE" title="PSA_ALG_IS_SIGN_MESSAGE">PSA_ALG_IS_SIGN_MESSAGE</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a signature algorithm that can be used to sign a message. <code class="docutils literal"><span class="pre">0</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a signature algorithm that can only be used to sign an already-calculated hash. <code class="docutils literal"><span class="pre">0</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a signature algorithm. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_SIGN_HASH">
+<span id="c.PSA_ALG_IS_SIGN_HASH"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_SIGN_HASH</span></code> (macro)</h3>
+<p>Whether the specified algorithm is a signature algorithm that can be used with <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a> and <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a>.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_SIGN_HASH" title="PSA_ALG_IS_SIGN_HASH">PSA_ALG_IS_SIGN_HASH</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a signature algorithm that can be used to sign a hash. <code class="docutils literal"><span class="pre">0</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a signature algorithm that can only be used to sign a message. <code class="docutils literal"><span class="pre">0</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a signature algorithm. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>This includes all algorithms such that <a class="reference internal" href="#c.PSA_ALG_IS_HASH_AND_SIGN" title="PSA_ALG_IS_HASH_AND_SIGN"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_HASH_AND_SIGN()</span></code></a> is true, as well as signature algorithms for which the input to <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a> or <a class="reference internal" href="#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a> is not directly a hash, such as <a class="reference internal" href="#c.PSA_ALG_IS_RSA_PKCS1V15_SIGN" title="PSA_ALG_IS_RSA_PKCS1V15_SIGN"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_RSA_PKCS1V15_SIGN</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_RSA_PKCS1V15_SIGN">
+<span id="c.PSA_ALG_IS_RSA_PKCS1V15_SIGN"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_RSA_PKCS1V15_SIGN</span></code> (macro)</h3>
+<p>Whether the specified algorithm is an RSA PKCS#1 v1.5 signature algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_RSA_PKCS1V15_SIGN" title="PSA_ALG_IS_RSA_PKCS1V15_SIGN">PSA_ALG_IS_RSA_PKCS1V15_SIGN</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is an RSA PKCS#1 v1.5 signature algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise.</p>
+<p>This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_RSA_PSS">
+<span id="c.PSA_ALG_IS_RSA_PSS"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_RSA_PSS</span></code> (macro)</h3>
+<p>Whether the specified algorithm is an RSA PSS signature algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_RSA_PSS" title="PSA_ALG_IS_RSA_PSS">PSA_ALG_IS_RSA_PSS</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is an RSA PSS signature algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise.</p>
+<p>This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>This macro returns <code class="docutils literal"><span class="pre">1</span></code> for algorithms constructed using either <a class="reference internal" href="#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS()</span></code></a> or <a class="reference internal" href="#c.PSA_ALG_RSA_PSS_ANY_SALT" title="PSA_ALG_RSA_PSS_ANY_SALT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS_ANY_SALT()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_RSA_PSS_ANY_SALT">
+<span id="c.PSA_ALG_IS_RSA_PSS_ANY_SALT"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_RSA_PSS_ANY_SALT</span></code> (macro)</h3>
+<p>Whether the specified algorithm is an RSA PSS signature algorithm that permits any salt length.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_RSA_PSS_ANY_SALT" title="PSA_ALG_IS_RSA_PSS_ANY_SALT">PSA_ALG_IS_RSA_PSS_ANY_SALT</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is an RSA PSS signature algorithm that permits any salt length, <code class="docutils literal"><span class="pre">0</span></code> otherwise.</p>
+<p>This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>An RSA PSS signature algorithm that permits any salt length is constructed using <a class="reference internal" href="#c.PSA_ALG_RSA_PSS_ANY_SALT" title="PSA_ALG_RSA_PSS_ANY_SALT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS_ANY_SALT()</span></code></a>.</p>
+<p>See also <a class="reference internal" href="#c.PSA_ALG_IS_RSA_PSS" title="PSA_ALG_IS_RSA_PSS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_RSA_PSS()</span></code></a> and <a class="reference internal" href="#c.PSA_ALG_IS_RSA_PSS_STANDARD_SALT" title="PSA_ALG_IS_RSA_PSS_STANDARD_SALT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_RSA_PSS_STANDARD_SALT()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_RSA_PSS_STANDARD_SALT">
+<span id="c.PSA_ALG_IS_RSA_PSS_STANDARD_SALT"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_RSA_PSS_STANDARD_SALT</span></code> (macro)</h3>
+<p>Whether the specified algorithm is an RSA PSS signature algorithm that requires the standard salt length.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_RSA_PSS_STANDARD_SALT" title="PSA_ALG_IS_RSA_PSS_STANDARD_SALT">PSA_ALG_IS_RSA_PSS_STANDARD_SALT</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is an RSA PSS signature algorithm that requires the standard salt length, <code class="docutils literal"><span class="pre">0</span></code> otherwise.</p>
+<p>This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>An RSA PSS signature algorithm that requires the standard salt length is constructed using <a class="reference internal" href="#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS()</span></code></a>.</p>
+<p>See also <a class="reference internal" href="#c.PSA_ALG_IS_RSA_PSS" title="PSA_ALG_IS_RSA_PSS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_RSA_PSS()</span></code></a> and <a class="reference internal" href="#c.PSA_ALG_IS_RSA_PSS_ANY_SALT" title="PSA_ALG_IS_RSA_PSS_ANY_SALT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_RSA_PSS_ANY_SALT()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_ECDSA">
+<span id="c.PSA_ALG_IS_ECDSA"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_ECDSA</span></code> (macro)</h3>
+<p>Whether the specified algorithm is ECDSA.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_ECDSA" title="PSA_ALG_IS_ECDSA">PSA_ALG_IS_ECDSA</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is an ECDSA algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise.</p>
+<p>This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_DETERMINISTIC_ECDSA">
+<span id="c.PSA_ALG_IS_DETERMINISTIC_ECDSA"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_DETERMINISTIC_ECDSA</span></code> (macro)</h3>
+<p>Whether the specified algorithm is deterministic ECDSA.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_DETERMINISTIC_ECDSA" title="PSA_ALG_IS_DETERMINISTIC_ECDSA">PSA_ALG_IS_DETERMINISTIC_ECDSA</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a deterministic ECDSA algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise.</p>
+<p>This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>See also <a class="reference internal" href="#c.PSA_ALG_IS_ECDSA" title="PSA_ALG_IS_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_ECDSA()</span></code></a> and <a class="reference internal" href="#c.PSA_ALG_IS_RANDOMIZED_ECDSA" title="PSA_ALG_IS_RANDOMIZED_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_RANDOMIZED_ECDSA()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_RANDOMIZED_ECDSA">
+<span id="c.PSA_ALG_IS_RANDOMIZED_ECDSA"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_RANDOMIZED_ECDSA</span></code> (macro)</h3>
+<p>Whether the specified algorithm is randomized ECDSA.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_RANDOMIZED_ECDSA" title="PSA_ALG_IS_RANDOMIZED_ECDSA">PSA_ALG_IS_RANDOMIZED_ECDSA</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a randomized ECDSA algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise.</p>
+<p>This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p class="rubric">Description</p>
+<p>See also <a class="reference internal" href="#c.PSA_ALG_IS_ECDSA" title="PSA_ALG_IS_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_ECDSA()</span></code></a> and <a class="reference internal" href="#c.PSA_ALG_IS_DETERMINISTIC_ECDSA" title="PSA_ALG_IS_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_DETERMINISTIC_ECDSA()</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_HASH_EDDSA">
+<span id="c.PSA_ALG_IS_HASH_EDDSA"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH_EDDSA</span></code> (macro)</h3>
+<p>Whether the specified algorithm is HashEdDSA.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_HASH_EDDSA" title="PSA_ALG_IS_HASH_EDDSA">PSA_ALG_IS_HASH_EDDSA</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a HashEdDSA algorithm, <code class="docutils literal"><span class="pre">0</span></code> otherwise.</p>
+<p>This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+</div>
+<div class="section" id="PSA_ALG_IS_HASH_AND_SIGN">
+<span id="c.PSA_ALG_IS_HASH_AND_SIGN"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH_AND_SIGN</span></code> (macro)</h3>
+<p>Whether the specified algorithm is a hash-and-sign algorithm that signs exactly the hash value.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_IS_HASH_AND_SIGN" title="PSA_ALG_IS_HASH_AND_SIGN">PSA_ALG_IS_HASH_AND_SIGN</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>An algorithm identifier: a value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p><code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is a hash-and-sign algorithm that signs exactly the hash value, <code class="docutils literal"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal"><span class="pre">0</span></code> or <code class="docutils literal"><span class="pre">1</span></code> if <code class="docutils literal"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
+<p>A wildcard signature algorithm policy, using <a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a>, returns the same value as the signature algorithm parameterised with a valid hash algorithm.</p>
+<p class="rubric">Description</p>
+<p>This macro identifies algorithms that can be used with <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a> that use the exact message hash value as an input the signature operation. For example, if <a class="reference internal" href="#c.PSA_ALG_IS_HASH_AND_SIGN" title="PSA_ALG_IS_HASH_AND_SIGN"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH_AND_SIGN</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true, the following call sequence is equivalent to <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message"><code class="docutils literal"><span class="pre">psa_sign_message</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">key</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">msg</span></code><code class="docutils literal"><span class="pre">,</span> </code><code class="docutils literal"><span class="pre">msg_len</span></code><code class="docutils literal"><span class="pre">,</span> <span class="pre">...)</span></code>:</p>
+<pre class="literal-block">
+<a class="reference internal" href="hashes.html#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> op = {0};
+uint8_t hash[<a class="reference internal" href="hashes.html#c.PSA_HASH_MAX_SIZE" title="PSA_HASH_MAX_SIZE">PSA_HASH_MAX_SIZE</a>];
+size_t hash_len;
+<a class="reference internal" href="hashes.html#c.psa_hash_setup" title="psa_hash_setup">psa_hash_setup</a>(&op, <a class="reference internal" href="algorithms.html#c.PSA_ALG_GET_HASH" title="PSA_ALG_GET_HASH">PSA_ALG_GET_HASH</a>(alg));
+<a class="reference internal" href="hashes.html#c.psa_hash_update" title="psa_hash_update">psa_hash_update</a>(&op, msg, msg_len);
+<a class="reference internal" href="hashes.html#c.psa_hash_finish" title="psa_hash_finish">psa_hash_finish</a>(&op, hash, sizeof(hash), &hash_len);
+<a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash">psa_sign_hash</a>(key, alg, hash, hash_len, ...);
+</pre>
+<p>This excludes hash-and-sign algorithms that require a encoded or modified hash for the signature step in the algorithm, such as <a class="reference internal" href="#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</span></code></a>. For such algorithms, <a class="reference internal" href="#c.PSA_ALG_IS_SIGN_HASH" title="PSA_ALG_IS_SIGN_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_SIGN_HASH()</span></code></a> is true but <a class="reference internal" href="#c.PSA_ALG_IS_HASH_AND_SIGN" title="PSA_ALG_IS_HASH_AND_SIGN"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_HASH_AND_SIGN()</span></code></a> is false.</p>
+</div>
+<div class="section" id="PSA_ALG_ANY_HASH">
+<span id="c.PSA_ALG_ANY_HASH"></span><h3><code class="docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code> (macro)</h3>
+<p>When setting a hash-and-sign algorithm in a key policy, permit any hash algorithm.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH">PSA_ALG_ANY_HASH</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x020000ff)
+</pre>
+<p>This value can be used to form the permitted algorithm attribute of a key policy for a signature algorithm that is parametrized by a hash. A key with this policy can then be used to perform operations using the same signature algorithm parametrized with any supported hash.
+A signature algorithm created using this macro is a wildcard algorithm, and <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_WILDCARD" title="PSA_ALG_IS_WILDCARD"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_WILDCARD()</span></code></a> will return true.</p>
+<p>This value must not be used to build other algorithms that are parametrized over a hash. For any valid use of this macro to build an algorithm <code class="docutils literal"><span class="pre">alg</span></code>, <a class="reference internal" href="#c.PSA_ALG_IS_HASH_AND_SIGN" title="PSA_ALG_IS_HASH_AND_SIGN"><code class="docutils literal"><span class="pre">PSA_ALG_IS_HASH_AND_SIGN</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">alg</span></code><code class="docutils literal"><span class="pre">)</span></code> is true.</p>
+<p>This value must not be used to build an algorithm specification to perform an operation. It is only valid for setting the permitted algorithm in a key policy.</p>
+<p class="rubric">Usage</p>
+<p>For example, suppose that <code class="docutils literal"><span class="pre">PSA_xxx_SIGNATURE</span></code> is one of the following macros:</p>
+<ul class="simple">
+<li><a class="reference internal" href="#c.PSA_ALG_RSA_PKCS1V15_SIGN" title="PSA_ALG_RSA_PKCS1V15_SIGN"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN</span></code></a></li>
+<li><a class="reference internal" href="#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS</span></code></a></li>
+<li><a class="reference internal" href="#c.PSA_ALG_RSA_PSS_ANY_SALT" title="PSA_ALG_RSA_PSS_ANY_SALT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS_ANY_SALT</span></code></a></li>
+<li><a class="reference internal" href="#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a></li>
+<li><a class="reference internal" href="#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a></li>
+</ul>
+<p>The following sequence of operations shows how <a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a> can be used in a key policy:</p>
+<ol class="arabic">
+<li><p class="first">Set the key usage flags using <a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a>, for example:</p>
+<pre class="literal-block">
+<a class="reference internal" href="../keys/policy.html#c.psa_set_key_usage_flags" title="psa_set_key_usage_flags">psa_set_key_usage_flags</a>(&attributes, <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE">PSA_KEY_USAGE_SIGN_MESSAGE</a>); // or VERIFY_MESSAGE
+<a class="reference internal" href="../keys/policy.html#c.psa_set_key_algorithm" title="psa_set_key_algorithm">psa_set_key_algorithm</a>(&attributes, PSA_xxx_SIGNATURE(<a class="reference internal" href="#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH">PSA_ALG_ANY_HASH</a>));
+</pre>
+</li>
+<li><p class="first">Import or generate key material.</p>
+</li>
+<li><p class="first">Call <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_message()</span></code></a> or <a class="reference internal" href="#c.psa_verify_message" title="psa_verify_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_message()</span></code></a>, passing an algorithm built from <code class="docutils literal"><span class="pre">PSA_xxx_SIGNATURE</span></code> and a specific hash. Each call to sign or verify a message can use a different hash algorithm.</p>
+<pre class="literal-block">
+<a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message">psa_sign_message</a>(key, PSA_xxx_SIGNATURE(<a class="reference internal" href="hashes.html#c.PSA_ALG_SHA_256" title="PSA_ALG_SHA_256">PSA_ALG_SHA_256</a>), ...);
+<a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message">psa_sign_message</a>(key, PSA_xxx_SIGNATURE(<a class="reference internal" href="hashes.html#c.PSA_ALG_SHA_512" title="PSA_ALG_SHA_512">PSA_ALG_SHA_512</a>), ...);
+<a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message">psa_sign_message</a>(key, PSA_xxx_SIGNATURE(<a class="reference internal" href="hashes.html#c.PSA_ALG_SHA3_256" title="PSA_ALG_SHA3_256">PSA_ALG_SHA3_256</a>), ...);
+</pre>
+</li>
+</ol>
+</div>
+<div class="section" id="PSA_SIGN_OUTPUT_SIZE">
+<span id="c.PSA_SIGN_OUTPUT_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_SIGN_OUTPUT_SIZE</span></code> (macro)</h3>
+<p>Sufficient signature buffer size for <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_message()</span></code></a> and <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a>.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_SIGN_OUTPUT_SIZE" title="PSA_SIGN_OUTPUT_SIZE">PSA_SIGN_OUTPUT_SIZE</a>(key_type, key_bits, alg) \
+ <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p class="rubric">Parameters</p>
+<dl class="docutils">
+<dt> <code class="docutils literal"><span class="pre">key_type</span></code></dt>
+<dd>An asymmetric key type. This can be a key pair type or a public key type.</dd>
+<dt> <code class="docutils literal"><span class="pre">key_bits</span></code></dt>
+<dd>The size of the key in bits.</dd>
+<dt> <code class="docutils literal"><span class="pre">alg</span></code></dt>
+<dd>The signature algorithm.</dd>
+</dl>
+<p class="rubric">Returns</p>
+<p>A sufficient signature buffer size for the specified asymmetric signature algorithm and key parameters. An implementation can return either <code class="docutils literal"><span class="pre">0</span></code> or a correct size for an asymmetric signature algorithm and key parameters that it recognizes, but does not support. If the parameters are not valid, the return value is unspecified.</p>
+<p class="rubric">Description</p>
+<p>If the size of the signature buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_message()</span></code></a> and <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a> will not fail due to an insufficient buffer size. The actual size of the output might be smaller in any given call.</p>
+<p>See also <a class="reference internal" href="#c.PSA_SIGNATURE_MAX_SIZE" title="PSA_SIGNATURE_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SIGNATURE_MAX_SIZE</span></code></a>.</p>
+</div>
+<div class="section" id="PSA_SIGNATURE_MAX_SIZE">
+<span id="c.PSA_SIGNATURE_MAX_SIZE"></span><h3><code class="docutils literal"><span class="pre">PSA_SIGNATURE_MAX_SIZE</span></code> (macro)</h3>
+<p>A sufficient signature buffer size for <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_message()</span></code></a> and <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a>, for any of the supported key types and asymmetric signature algorithms.</p>
+<pre class="literal-block">
+#define <a class="reference internal" href="#c.PSA_SIGNATURE_MAX_SIZE" title="PSA_SIGNATURE_MAX_SIZE">PSA_SIGNATURE_MAX_SIZE</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+</pre>
+<p>If the size of the signature buffer is at least this large, it is guaranteed that <a class="reference internal" href="#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_message()</span></code></a> and <a class="reference internal" href="#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a> will not fail due to an insufficient buffer size.</p>
+<p>See also <a class="reference internal" href="#c.PSA_SIGN_OUTPUT_SIZE" title="PSA_SIGN_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SIGN_OUTPUT_SIZE()</span></code></a>.</p>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1 current"><a class="reference internal" href="index.html">10. Cryptographic operation reference</a><ul class="current">
+<li class="toctree-l2"><a class="reference internal" href="algorithms.html">10.1. Algorithms</a></li>
+<li class="toctree-l2"><a class="reference internal" href="hashes.html">10.2. Message digests (Hashes)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="macs.html">10.3. Message authentication codes (MAC)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ciphers.html">10.4. Unauthenticated ciphers</a></li>
+<li class="toctree-l2"><a class="reference internal" href="aead.html">10.5. Authenticated encryption with associated data (AEAD)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="kdf.html">10.6. Key derivation</a></li>
+<li class="toctree-l2 current"><a class="current reference internal" href="#">10.7. Asymmetric signature</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#asymmetric-signature-algorithms">10.7.1. Asymmetric signature algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#asymmetric-signature-functions">10.7.2. Asymmetric signature functions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#support-macros">10.7.3. Support macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="pke.html">10.8. Asymmetric encryption</a></li>
+<li class="toctree-l2"><a class="reference internal" href="ka.html">10.9. Key agreement</a></li>
+<li class="toctree-l2"><a class="reference internal" href="rng.html">10.10. Other cryptographic services</a></li>
+</ul>
+</li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/appendix/encodings.html b/docs/1.1.0/html/appendix/encodings.html
new file mode 100644
index 0000000..6bbad22
--- /dev/null
+++ b/docs/1.1.0/html/appendix/encodings.html
@@ -0,0 +1,1145 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>Algorithm and key type encoding — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../_static/jquery.js"></script>
+ <script type="text/javascript" src="../_static/underscore.js"></script>
+ <script type="text/javascript" src="../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../about.html" />
+ <link rel="index" title="Index" href="../genindex.html" />
+ <link rel="search" title="Search" href="../search.html" />
+ <link rel="next" title="Example macro implementations" href="specdef_values.html" />
+ <link rel="prev" title="Example header file" href="example_header.html" />
+
+ <link rel="stylesheet" href="../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="algorithm-and-key-type-encoding">
+<span id="appendix-encodings"></span><h1>Algorithm and key type encoding</h1>
+<p>Algorithm identifiers (<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>) and key types (<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a>) in the PSA Crypto API are structured integer values.</p>
+<ul class="simple">
+<li><a class="reference internal" href="#algorithm-encoding"><span class="secref">Algorithm identifier encoding</span></a> describes the encoding scheme for algorithm identifiers</li>
+<li><a class="reference internal" href="#key-type-encoding"><span class="secref">Key type encoding</span></a> describes the encoding scheme for key types</li>
+</ul>
+<div class="section" id="algorithm-identifier-encoding">
+<span id="algorithm-encoding"></span><h2>Algorithm identifier encoding</h2>
+<p>Algorithm identifiers are 32-bit integer values of the type <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>. Algorithm identifier values have the structure shown in <span><a class="reference internal" href="#fig-algorithm-fields"><span class="numref">Figure 1</span></a></span>.</p>
+<div class="figure" id="fig-algorithm-fields">
+<img alt="../_images/algorithm_fields.svg" src="../_images/algorithm_fields.svg" /><p class="caption"><span class="caption-number">Figure 1 </span><span class="caption-text">Encoding of <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a></span></p>
+</div>
+<p><span><a class="reference internal" href="#table-algorithm-fields"><span class="numref">Table 6</span></a></span> describes the meaning of the bit-fields — some of the bit-fields are used in different ways by different algorithm categories.</p>
+<table border="1" class="colwidths-given longtable docutils align-right" id="table-algorithm-fields">
+<caption><span class="caption-number">Table 6 </span><span class="caption-text">Bit fields in an algorithm identifier</span></caption>
+<colgroup>
+<col width="10%" />
+<col width="10%" />
+<col width="81%" />
+</colgroup>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Field</th>
+<th class="head">Bits</th>
+<th class="head">Description</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>V</td>
+<td>[31]</td>
+<td><p class="first">Flag to indicate an implementation-defined algorithm identifier, when V=1.</p>
+<p class="last">Algorithm identifiers defined by this specification always have V=0.</p>
+</td>
+</tr>
+<tr class="row-odd"><td>CAT</td>
+<td>[30:24]</td>
+<td>Algorithm category. See <a class="reference internal" href="#algorithm-category"><span class="secref">Algorithm categories</span></a>.</td>
+</tr>
+<tr class="row-even"><td>S</td>
+<td>[23]</td>
+<td><p class="first">For a cipher algorithm, this flag indicates a stream cipher when S=1.</p>
+<p class="last">For a key derivation algorithm, this flag indicates a key-stretching or password-hashing algorithm when S=1.</p>
+</td>
+</tr>
+<tr class="row-odd"><td>B</td>
+<td>[22]</td>
+<td>Flag to indicate an algorithm built on a block cipher, when B=1.</td>
+</tr>
+<tr class="row-even"><td>LEN/T2</td>
+<td>[21:16]</td>
+<td>LEN is the length of a MAC or AEAD tag, T2 is a key agreement algorithm sub-type.</td>
+</tr>
+<tr class="row-odd"><td>T1</td>
+<td>[15:8]</td>
+<td>Algorithm sub-type for most algorithm categories.</td>
+</tr>
+<tr class="row-even"><td>H</td>
+<td>[7:0]</td>
+<td>Hash algorithm sub-type, also used in any algorithm that is parameterized by a hash.</td>
+</tr>
+</tbody>
+</table>
+<div class="section" id="algorithm-categories">
+<span id="algorithm-category"></span><h3>Algorithm categories</h3>
+<p>The CAT field in an algorithm identifier takes the values shown in <span><a class="reference internal" href="#table-algorithm-category"><span class="numref">Table 7</span></a></span>.</p>
+<table border="1" class="colwidths-auto docutils align-left" id="table-algorithm-category">
+<caption><span class="caption-number">Table 7 </span><span class="caption-text">Algorithm identifier categories</span></caption>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Algorithm category</th>
+<th class="head">CAT</th>
+<th class="head">Category details</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>None</td>
+<td><code class="docutils literal"><span class="pre">0x00</span></code></td>
+<td>See <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_NONE" title="PSA_ALG_NONE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_NONE</span></code></a></td>
+</tr>
+<tr class="row-odd"><td>Hash</td>
+<td><code class="docutils literal"><span class="pre">0x02</span></code></td>
+<td>See <a class="reference internal" href="#hash-encoding"><span class="secref">Hash algorithm encoding</span></a></td>
+</tr>
+<tr class="row-even"><td>MAC</td>
+<td><code class="docutils literal"><span class="pre">0x03</span></code></td>
+<td>See <a class="reference internal" href="#mac-encoding"><span class="secref">MAC algorithm encoding</span></a></td>
+</tr>
+<tr class="row-odd"><td>Cipher</td>
+<td><code class="docutils literal"><span class="pre">0x04</span></code></td>
+<td>See <a class="reference internal" href="#cipher-encoding"><span class="secref">Cipher algorithm encoding</span></a></td>
+</tr>
+<tr class="row-even"><td>AEAD</td>
+<td><code class="docutils literal"><span class="pre">0x05</span></code></td>
+<td>See <a class="reference internal" href="#aead-encoding"><span class="secref">AEAD algorithm encoding</span></a></td>
+</tr>
+<tr class="row-odd"><td>Key derivation</td>
+<td><code class="docutils literal"><span class="pre">0x08</span></code></td>
+<td>See <a class="reference internal" href="#kdf-encoding"><span class="secref">Key derivation algorithm encoding</span></a></td>
+</tr>
+<tr class="row-even"><td>Asymmetric signature</td>
+<td><code class="docutils literal"><span class="pre">0x06</span></code></td>
+<td>See <a class="reference internal" href="#sign-encoding"><span class="secref">Asymmetric signature algorithm encoding</span></a></td>
+</tr>
+<tr class="row-odd"><td>Asymmetric encryption</td>
+<td><code class="docutils literal"><span class="pre">0x07</span></code></td>
+<td>See <a class="reference internal" href="#pke-encoding"><span class="secref">Asymmetric encryption algorithm encoding</span></a></td>
+</tr>
+<tr class="row-even"><td>Key agreement</td>
+<td><code class="docutils literal"><span class="pre">0x09</span></code></td>
+<td>See <a class="reference internal" href="#ka-encoding"><span class="secref">Key agreement algorithm encoding</span></a></td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="section" id="hash-algorithm-encoding">
+<span id="hash-encoding"></span><h3>Hash algorithm encoding</h3>
+<p>The algorithm identifier for hash algorithms defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-hash-fields"><span class="numref">Figure 2</span></a></span>.</p>
+<div class="figure" id="fig-hash-fields">
+<img alt="../_images/hash_fields.svg" src="../_images/hash_fields.svg" /><p class="caption"><span class="caption-number">Figure 2 </span><span class="caption-text">Hash algorithm encoding</span></p>
+</div>
+<p>The defined values for HASH-TYPE are shown in <span><a class="reference internal" href="#table-hash-type"><span class="numref">Table 8</span></a></span>.</p>
+<table border="1" class="colwidths-auto docutils align-left" id="table-hash-type">
+<caption><span class="caption-number">Table 8 </span><span class="caption-text">Hash algorithm sub-type values</span></caption>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Hash algorithm</th>
+<th class="head">HASH-TYPE</th>
+<th class="head">Algorithm identifier</th>
+<th class="head">Algorithm value</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>MD2</td>
+<td><code class="docutils literal"><span class="pre">0x01</span></code></td>
+<td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD2" title="PSA_ALG_MD2"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_MD2</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x02000001</span></code></td>
+</tr>
+<tr class="row-odd"><td>MD4</td>
+<td><code class="docutils literal"><span class="pre">0x02</span></code></td>
+<td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD4" title="PSA_ALG_MD4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_MD4</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x02000002</span></code></td>
+</tr>
+<tr class="row-even"><td>MD5</td>
+<td><code class="docutils literal"><span class="pre">0x03</span></code></td>
+<td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD5" title="PSA_ALG_MD5"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_MD5</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x02000003</span></code></td>
+</tr>
+<tr class="row-odd"><td>RIPEMD-160</td>
+<td><code class="docutils literal"><span class="pre">0x04</span></code></td>
+<td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_RIPEMD160" title="PSA_ALG_RIPEMD160"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RIPEMD160</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x02000004</span></code></td>
+</tr>
+<tr class="row-even"><td>SHA1</td>
+<td><code class="docutils literal"><span class="pre">0x05</span></code></td>
+<td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_1" title="PSA_ALG_SHA_1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_1</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x02000005</span></code></td>
+</tr>
+<tr class="row-odd"><td>SHA-224</td>
+<td><code class="docutils literal"><span class="pre">0x08</span></code></td>
+<td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_224" title="PSA_ALG_SHA_224"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_224</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x02000008</span></code></td>
+</tr>
+<tr class="row-even"><td>SHA-256</td>
+<td><code class="docutils literal"><span class="pre">0x09</span></code></td>
+<td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_256" title="PSA_ALG_SHA_256"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_256</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x02000009</span></code></td>
+</tr>
+<tr class="row-odd"><td>SHA-384</td>
+<td><code class="docutils literal"><span class="pre">0x0A</span></code></td>
+<td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_384" title="PSA_ALG_SHA_384"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_384</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x0200000A</span></code></td>
+</tr>
+<tr class="row-even"><td>SHA-512</td>
+<td><code class="docutils literal"><span class="pre">0x0B</span></code></td>
+<td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512" title="PSA_ALG_SHA_512"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_512</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x0200000B</span></code></td>
+</tr>
+<tr class="row-odd"><td>SHA-512/224</td>
+<td><code class="docutils literal"><span class="pre">0x0C</span></code></td>
+<td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512_224" title="PSA_ALG_SHA_512_224"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_512_224</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x0200000C</span></code></td>
+</tr>
+<tr class="row-even"><td>SHA-512/256</td>
+<td><code class="docutils literal"><span class="pre">0x0D</span></code></td>
+<td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512_256" title="PSA_ALG_SHA_512_256"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_512_256</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x0200000D</span></code></td>
+</tr>
+<tr class="row-odd"><td>SHA3-224</td>
+<td><code class="docutils literal"><span class="pre">0x10</span></code></td>
+<td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA3_224" title="PSA_ALG_SHA3_224"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA3_224</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x02000010</span></code></td>
+</tr>
+<tr class="row-even"><td>SHA3-256</td>
+<td><code class="docutils literal"><span class="pre">0x11</span></code></td>
+<td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA3_256" title="PSA_ALG_SHA3_256"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA3_256</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x02000011</span></code></td>
+</tr>
+<tr class="row-odd"><td>SHA3-384</td>
+<td><code class="docutils literal"><span class="pre">0x12</span></code></td>
+<td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA3_384" title="PSA_ALG_SHA3_384"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA3_384</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x02000012</span></code></td>
+</tr>
+<tr class="row-even"><td>SHA3-512</td>
+<td><code class="docutils literal"><span class="pre">0x13</span></code></td>
+<td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA3_512" title="PSA_ALG_SHA3_512"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA3_512</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x02000013</span></code></td>
+</tr>
+<tr class="row-odd"><td>SM3</td>
+<td><code class="docutils literal"><span class="pre">0x14</span></code></td>
+<td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SM3" title="PSA_ALG_SM3"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SM3</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x02000014</span></code></td>
+</tr>
+<tr class="row-even"><td>SHAKE256-512</td>
+<td><code class="docutils literal"><span class="pre">0x15</span></code></td>
+<td><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHAKE256_512" title="PSA_ALG_SHAKE256_512"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHAKE256_512</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x02000015</span></code></td>
+</tr>
+<tr class="row-odd"><td><em>wildcard</em> <sup>a</sup></td>
+<td><code class="docutils literal"><span class="pre">0xFF</span></code></td>
+<td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x020000FF</span></code></td>
+</tr>
+</tbody>
+</table>
+<ol class="loweralpha simple">
+<li>The wildcard hash <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a> can be used to parameterize a signature algorithm which defines a key usage policy, allowing any hash algorithm to be specified in a signature operation using the key.</li>
+</ol>
+</div>
+<div class="section" id="mac-algorithm-encoding">
+<span id="mac-encoding"></span><h3>MAC algorithm encoding</h3>
+<p>The algorithm identifier for MAC algorithms defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-mac-fields"><span class="numref">Figure 3</span></a></span>.</p>
+<div class="figure" id="fig-mac-fields">
+<img alt="../_images/mac_fields.svg" src="../_images/mac_fields.svg" /><p class="caption"><span class="caption-number">Figure 3 </span><span class="caption-text">MAC algorithm encoding</span></p>
+</div>
+<p>The defined values for B and MAC-TYPE are shown in <span><a class="reference internal" href="#table-mac-type"><span class="numref">Table 9</span></a></span>.</p>
+<p>LEN = 0 specifies a default length output MAC, other values for LEN specify a truncated MAC.</p>
+<p>W is a flag to indicate a wildcard permitted-algorithm policy:</p>
+<ul class="simple">
+<li>W = 0 indicates a specific MAC algorithm and MAC length.</li>
+<li>W = 1 indicates a wildcard key usage policy, which permits the MAC algorithm with a MAC length of at least LEN to be specified in a MAC operation using the key. LEN must not be zero.</li>
+</ul>
+<p>H = HASH-TYPE (see <span><a class="reference internal" href="#table-hash-type"><span class="numref">Table 8</span></a></span>) for hash-based MAC algorithms, otherwise H = 0.</p>
+<table border="1" class="colwidths-auto docutils align-left" id="table-mac-type">
+<caption><span class="caption-number">Table 9 </span><span class="caption-text">MAC algorithm sub-type values</span></caption>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">MAC algorithm</th>
+<th class="head">B</th>
+<th class="head">MAC-TYPE</th>
+<th class="head">Algorithm identifier</th>
+<th class="head">Algorithm value</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>HMAC</td>
+<td>0</td>
+<td><code class="docutils literal"><span class="pre">0x00</span></code></td>
+<td><a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_HMAC" title="PSA_ALG_HMAC"><code class="docutils literal"><span class="pre">PSA_ALG_HMAC</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x038000hh</span></code> <sup>a b</sup></td>
+</tr>
+<tr class="row-odd"><td>CBC-MAC <sup>c</sup></td>
+<td>1</td>
+<td><code class="docutils literal"><span class="pre">0x01</span></code></td>
+<td><a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_CBC_MAC" title="PSA_ALG_CBC_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_MAC</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x03c00100</span></code> <sup>a</sup></td>
+</tr>
+<tr class="row-even"><td>CMAC <sup>c</sup></td>
+<td>1</td>
+<td><code class="docutils literal"><span class="pre">0x02</span></code></td>
+<td><a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_CMAC" title="PSA_ALG_CMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CMAC</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x03c00200</span></code> <sup>a</sup></td>
+</tr>
+</tbody>
+</table>
+<ol class="loweralpha simple">
+<li>This is the default algorithm identifier, specifying a standard length tag. <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_TRUNCATED_MAC" title="PSA_ALG_TRUNCATED_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_TRUNCATED_MAC()</span></code></a> generates identifiers with non-default LEN values. <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_AT_LEAST_THIS_LENGTH_MAC" title="PSA_ALG_AT_LEAST_THIS_LENGTH_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_AT_LEAST_THIS_LENGTH_MAC()</span></code></a> generates permitted-algorithm policies with W = 1.</li>
+<li><code class="docutils literal"><span class="pre">hh</span></code> is the HASH-TYPE for the hash algorithm, <code class="docutils literal"><span class="pre">hash_alg</span></code>, used to construct the MAC algorithm.</li>
+<li>This is a MAC constructed using an underlying block cipher. The block cipher is determined by the key type that is provided to the MAC operation.</li>
+</ol>
+</div>
+<div class="section" id="cipher-algorithm-encoding">
+<span id="cipher-encoding"></span><h3>Cipher algorithm encoding</h3>
+<p>The algorithm identifier for CIPHER algorithms defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-cipher-fields"><span class="numref">Figure 4</span></a></span>.</p>
+<div class="figure" id="fig-cipher-fields">
+<img alt="../_images/cipher_fields.svg" src="../_images/cipher_fields.svg" /><p class="caption"><span class="caption-number">Figure 4 </span><span class="caption-text">CIPHER algorithm encoding</span></p>
+</div>
+<p>The defined values for S, B, and CIPHER-TYPE are shown in <span><a class="reference internal" href="#table-cipher-type"><span class="numref">Table 10</span></a></span>.</p>
+<table border="1" class="colwidths-auto docutils align-left" id="table-cipher-type">
+<caption><span class="caption-number">Table 10 </span><span class="caption-text">Cipher algorithm sub-type values</span></caption>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Cipher algorithm</th>
+<th class="head">S</th>
+<th class="head">B</th>
+<th class="head">CIPHER-TYPE</th>
+<th class="head">Algorithm identifier</th>
+<th class="head">Algorithm value</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td><em>Stream cipher</em> <sup>a</sup></td>
+<td>1</td>
+<td>0</td>
+<td><code class="docutils literal"><span class="pre">0x01</span></code></td>
+<td><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_STREAM_CIPHER" title="PSA_ALG_STREAM_CIPHER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_STREAM_CIPHER</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x04800100</span></code></td>
+</tr>
+<tr class="row-odd"><td>CTR mode <sup>b</sup></td>
+<td>1</td>
+<td>1</td>
+<td><code class="docutils literal"><span class="pre">0x10</span></code></td>
+<td><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_CTR" title="PSA_ALG_CTR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CTR</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x04C01000</span></code></td>
+</tr>
+<tr class="row-even"><td>CFB mode <sup>b</sup></td>
+<td>1</td>
+<td>1</td>
+<td><code class="docutils literal"><span class="pre">0x11</span></code></td>
+<td><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_CFB" title="PSA_ALG_CFB"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CFB</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x04C01100</span></code></td>
+</tr>
+<tr class="row-odd"><td>OFB mode <sup>b</sup></td>
+<td>1</td>
+<td>1</td>
+<td><code class="docutils literal"><span class="pre">0x12</span></code></td>
+<td><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_OFB" title="PSA_ALG_OFB"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_OFB</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x04C01200</span></code></td>
+</tr>
+<tr class="row-even"><td>XTS mode <sup>b</sup></td>
+<td>0</td>
+<td>1</td>
+<td><code class="docutils literal"><span class="pre">0xFF</span></code></td>
+<td><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_XTS" title="PSA_ALG_XTS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_XTS</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x0440FF00</span></code></td>
+</tr>
+<tr class="row-odd"><td>CBC mode without padding <sup>b</sup></td>
+<td>0</td>
+<td>1</td>
+<td><code class="docutils literal"><span class="pre">0x40</span></code></td>
+<td><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_CBC_NO_PADDING" title="PSA_ALG_CBC_NO_PADDING"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_NO_PADDING</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x04404000</span></code></td>
+</tr>
+<tr class="row-even"><td>CBC mode with PKCS#7 padding <sup>b</sup></td>
+<td>0</td>
+<td>1</td>
+<td><code class="docutils literal"><span class="pre">0x41</span></code></td>
+<td><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_CBC_PKCS7" title="PSA_ALG_CBC_PKCS7"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_PKCS7</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x04404100</span></code></td>
+</tr>
+<tr class="row-odd"><td>ECB mode without padding <sup>b</sup></td>
+<td>0</td>
+<td>1</td>
+<td><code class="docutils literal"><span class="pre">0x44</span></code></td>
+<td><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_ECB_NO_PADDING" title="PSA_ALG_ECB_NO_PADDING"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECB_NO_PADDING</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x04404400</span></code></td>
+</tr>
+</tbody>
+</table>
+<ol class="loweralpha simple">
+<li>The stream cipher algorithm identifier <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_STREAM_CIPHER" title="PSA_ALG_STREAM_CIPHER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_STREAM_CIPHER</span></code></a> is used with specific stream cipher key types, such as <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_CHACHA20" title="PSA_KEY_TYPE_CHACHA20"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CHACHA20</span></code></a>.</li>
+<li>This is a cipher mode of an underlying block cipher. The block cipher is determined by the key type that is provided to the cipher operation.</li>
+</ol>
+</div>
+<div class="section" id="aead-algorithm-encoding">
+<span id="aead-encoding"></span><h3>AEAD algorithm encoding</h3>
+<p>The algorithm identifier for AEAD algorithms defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-aead-fields"><span class="numref">Figure 5</span></a></span>.</p>
+<div class="figure" id="fig-aead-fields">
+<img alt="../_images/aead_fields.svg" src="../_images/aead_fields.svg" /><p class="caption"><span class="caption-number">Figure 5 </span><span class="caption-text">AEAD algorithm encoding</span></p>
+</div>
+<p>The defined values for B and AEAD-TYPE are shown in <span><a class="reference internal" href="#table-aead-type"><span class="numref">Table 11</span></a></span>.</p>
+<p>LEN = 1..31 specifies the output tag length.</p>
+<p>W is a flag to indicate a wildcard permitted-algorithm policy:</p>
+<ul class="simple">
+<li>W = 0 indicates a specific AEAD algorithm and tag length.</li>
+<li>W = 1 indicates a wildcard key usage policy, which permits the AEAD algorithm with a tag length of at least LEN to be specified in an AEAD operation using the key.</li>
+</ul>
+<table border="1" class="colwidths-auto docutils align-left" id="table-aead-type">
+<caption><span class="caption-number">Table 11 </span><span class="caption-text">AEAD algorithm sub-type values</span></caption>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">AEAD algorithm</th>
+<th class="head">B</th>
+<th class="head">AEAD-TYPE</th>
+<th class="head">Algorithm identifier</th>
+<th class="head">Algorithm value</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>CCM <sup>a</sup></td>
+<td>1</td>
+<td><code class="docutils literal"><span class="pre">0x01</span></code></td>
+<td><a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_CCM" title="PSA_ALG_CCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CCM</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x05500100</span></code> <sup>b</sup></td>
+</tr>
+<tr class="row-odd"><td>GCM <sup>a</sup></td>
+<td>1</td>
+<td><code class="docutils literal"><span class="pre">0x02</span></code></td>
+<td><a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_GCM" title="PSA_ALG_GCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_GCM</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x05500200</span></code> <sup>b</sup></td>
+</tr>
+<tr class="row-even"><td>ChaCha20-poly1305</td>
+<td>0</td>
+<td><code class="docutils literal"><span class="pre">0x05</span></code></td>
+<td><a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_CHACHA20_POLY1305" title="PSA_ALG_CHACHA20_POLY1305"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CHACHA20_POLY1305</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x05100500</span></code> <sup>b</sup></td>
+</tr>
+</tbody>
+</table>
+<ol class="loweralpha simple">
+<li>This is an AEAD mode of an underlying block cipher. The block cipher is determined by the key type that is provided to the AEAD operation.</li>
+<li>This is the default algorithm identifier, specifying the default tag length for the algorithm. <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_AEAD_WITH_SHORTENED_TAG" title="PSA_ALG_AEAD_WITH_SHORTENED_TAG"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_SHORTENED_TAG()</span></code></a> generates identifiers with alternative LEN values. <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG" title="PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG()</span></code></a> generates wildcard permitted-algorithm policies with W = 1.</li>
+</ol>
+</div>
+<div class="section" id="key-derivation-algorithm-encoding">
+<span id="kdf-encoding"></span><h3>Key derivation algorithm encoding</h3>
+<p>The algorithm identifier for key derivation algorithms defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-kdf-fields"><span class="numref">Figure 6</span></a></span>.</p>
+<div class="figure" id="fig-kdf-fields">
+<img alt="../_images/kdf_fields.svg" src="../_images/kdf_fields.svg" /><p class="caption"><span class="caption-number">Figure 6 </span><span class="caption-text">Key derivation algorithm encoding</span></p>
+</div>
+<p>The defined values for S and KDF-TYPE are shown in <span><a class="reference internal" href="#table-kdf-type"><span class="numref">Table 12</span></a></span>.</p>
+<p>The permitted values of HASH-TYPE (see <span><a class="reference internal" href="#table-hash-type"><span class="numref">Table 8</span></a></span>) depend on the specific KDF algorithm.</p>
+<table border="1" class="colwidths-auto docutils align-left" id="table-kdf-type">
+<caption><span class="caption-number">Table 12 </span><span class="caption-text">Key derivation algorithm sub-type values</span></caption>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Key derivation algorithm</th>
+<th class="head">S</th>
+<th class="head">KDF-TYPE</th>
+<th class="head">Algorithm identifier</th>
+<th class="head">Algorithm value</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>HKDF</td>
+<td>0</td>
+<td><code class="docutils literal"><span class="pre">0x01</span></code></td>
+<td><a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_HKDF" title="PSA_ALG_HKDF"><code class="docutils literal"><span class="pre">PSA_ALG_HKDF</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x080001hh</span></code> <sup>a</sup></td>
+</tr>
+<tr class="row-odd"><td>TLS-1.2 PRF</td>
+<td>0</td>
+<td><code class="docutils literal"><span class="pre">0x02</span></code></td>
+<td><a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_TLS12_PRF" title="PSA_ALG_TLS12_PRF"><code class="docutils literal"><span class="pre">PSA_ALG_TLS12_PRF</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x080002hh</span></code> <sup>a</sup></td>
+</tr>
+<tr class="row-even"><td>TLS-1.2 PSK-to-MasterSecret</td>
+<td>0</td>
+<td><code class="docutils literal"><span class="pre">0x03</span></code></td>
+<td><a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_TLS12_PSK_TO_MS" title="PSA_ALG_TLS12_PSK_TO_MS"><code class="docutils literal"><span class="pre">PSA_ALG_TLS12_PSK_TO_MS</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x080003hh</span></code> <sup>a</sup></td>
+</tr>
+<tr class="row-odd"><td>PBKDF2-HMAC</td>
+<td>1</td>
+<td><code class="docutils literal"><span class="pre">0x01</span></code></td>
+<td><a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_PBKDF2_HMAC" title="PSA_ALG_PBKDF2_HMAC"><code class="docutils literal"><span class="pre">PSA_ALG_PBKDF2_HMAC</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x088001hh</span></code> <sup>a</sup></td>
+</tr>
+<tr class="row-even"><td>PBKDF2-AES-CMAC-PRF-128</td>
+<td>1</td>
+<td><code class="docutils literal"><span class="pre">0x02</span></code></td>
+<td><a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_PBKDF2_AES_CMAC_PRF_128" title="PSA_ALG_PBKDF2_AES_CMAC_PRF_128"><code class="docutils literal"><span class="pre">PSA_ALG_PBKDF2_AES_CMAC_PRF_128</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x08800200</span></code></td>
+</tr>
+</tbody>
+</table>
+<ol class="loweralpha simple">
+<li><code class="docutils literal"><span class="pre">hh</span></code> is the HASH-TYPE for the hash algorithm, <code class="docutils literal"><span class="pre">hash_alg</span></code>, used to construct the key derivation algorithm.</li>
+</ol>
+</div>
+<div class="section" id="asymmetric-signature-algorithm-encoding">
+<span id="sign-encoding"></span><h3>Asymmetric signature algorithm encoding</h3>
+<p>The algorithm identifier for asymmetric signature algorithms defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-sign-fields"><span class="numref">Figure 7</span></a></span>.</p>
+<div class="figure" id="fig-sign-fields">
+<img alt="../_images/sign_fields.svg" src="../_images/sign_fields.svg" /><p class="caption"><span class="caption-number">Figure 7 </span><span class="caption-text">Asymmetric signature algorithm encoding</span></p>
+</div>
+<p>The defined values for SIGN-TYPE are shown in <span><a class="reference internal" href="#table-sign-type"><span class="numref">Table 13</span></a></span>.</p>
+<p>H = HASH-TYPE (see <span><a class="reference internal" href="#table-hash-type"><span class="numref">Table 8</span></a></span>) for message signature algorithms that are parameterized by a hash algorithm, otherwise H = 0.</p>
+<table border="1" class="colwidths-auto docutils align-left" id="table-sign-type">
+<caption><span class="caption-number">Table 13 </span><span class="caption-text">Asymmetric signature algorithm sub-type values</span></caption>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Signature algorithm</th>
+<th class="head">SIGN-TYPE</th>
+<th class="head">Algorithm identifier</th>
+<th class="head">Algorithm value</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>RSA PKCS#1 v1.5</td>
+<td><code class="docutils literal"><span class="pre">0x02</span></code></td>
+<td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN" title="PSA_ALG_RSA_PKCS1V15_SIGN"><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x060002hh</span></code> <sup>a</sup></td>
+</tr>
+<tr class="row-odd"><td>RSA PKCS#1 v1.5 no hash <sup>b</sup></td>
+<td><code class="docutils literal"><span class="pre">0x02</span></code></td>
+<td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x06000200</span></code></td>
+</tr>
+<tr class="row-even"><td>RSA PSS</td>
+<td><code class="docutils literal"><span class="pre">0x03</span></code></td>
+<td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS"><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PSS</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x060003hh</span></code> <sup>a</sup></td>
+</tr>
+<tr class="row-odd"><td>RSA PSS any salt length</td>
+<td><code class="docutils literal"><span class="pre">0x13</span></code></td>
+<td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PSS_ANY_SALT" title="PSA_ALG_RSA_PSS_ANY_SALT"><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PSS_ANY_SALT</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x060013hh</span></code> <sup>a</sup></td>
+</tr>
+<tr class="row-even"><td>Randomized ECDSA</td>
+<td><code class="docutils literal"><span class="pre">0x06</span></code></td>
+<td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="docutils literal"><span class="pre">PSA_ALG_ECDSA</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x060006hh</span></code> <sup>a</sup></td>
+</tr>
+<tr class="row-odd"><td>Randomized ECDSA no hash <sup>b</sup></td>
+<td><code class="docutils literal"><span class="pre">0x06</span></code></td>
+<td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ECDSA_ANY" title="PSA_ALG_ECDSA_ANY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA_ANY</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x06000600</span></code></td>
+</tr>
+<tr class="row-even"><td>Deterministic ECDSA</td>
+<td><code class="docutils literal"><span class="pre">0x07</span></code></td>
+<td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x060007hh</span></code> <sup>a</sup></td>
+</tr>
+<tr class="row-odd"><td>PureEdDSA</td>
+<td><code class="docutils literal"><span class="pre">0x08</span></code></td>
+<td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_PURE_EDDSA" title="PSA_ALG_PURE_EDDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_PURE_EDDSA</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x06000800</span></code></td>
+</tr>
+<tr class="row-even"><td>HashEdDSA</td>
+<td><code class="docutils literal"><span class="pre">0x09</span></code></td>
+<td><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ED25519PH" title="PSA_ALG_ED25519PH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ED25519PH</span></code></a> and <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ED448PH" title="PSA_ALG_ED448PH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ED448PH</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x060009hh</span></code> <sup>c</sup></td>
+</tr>
+</tbody>
+</table>
+<ol class="loweralpha simple">
+<li><code class="docutils literal"><span class="pre">hh</span></code> is the HASH-TYPE for the hash algorithm, <code class="docutils literal"><span class="pre">hash_alg</span></code>, used to construct the signature algorithm.</li>
+<li>Asymmetric signature algorithms without hashing can only be used with <a class="reference internal" href="../api/ops/sign.html#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a> and <a class="reference internal" href="../api/ops/sign.html#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a>.</li>
+<li>The HASH-TYPE for HashEdDSA is determined by the curve. SHA-512 is used for Ed25519ph, and the first 64 bytes of output from SHAKE256 is used for Ed448ph.</li>
+</ol>
+</div>
+<div class="section" id="asymmetric-encryption-algorithm-encoding">
+<span id="pke-encoding"></span><h3>Asymmetric encryption algorithm encoding</h3>
+<p>The algorithm identifier for asymmetric encryption algorithms defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-pke-fields"><span class="numref">Figure 8</span></a></span>.</p>
+<div class="figure" id="fig-pke-fields">
+<img alt="../_images/pke_fields.svg" src="../_images/pke_fields.svg" /><p class="caption"><span class="caption-number">Figure 8 </span><span class="caption-text">Asymmetric encryption algorithm encoding</span></p>
+</div>
+<p>The defined values for ENCRYPT-TYPE are shown in <span><a class="reference internal" href="#table-pke-type"><span class="numref">Table 14</span></a></span>.</p>
+<p>H = HASH-TYPE (see <span><a class="reference internal" href="#table-hash-type"><span class="numref">Table 8</span></a></span>) for asymmetric encryption algorithms that are parameterized by a hash algorithm, otherwise H = 0.</p>
+<table border="1" class="colwidths-auto docutils align-left" id="table-pke-type">
+<caption><span class="caption-number">Table 14 </span><span class="caption-text">Asymmetric encryption algorithm sub-type values</span></caption>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Asymmetric encryption algorithm</th>
+<th class="head">ENCRYPT-TYPE</th>
+<th class="head">Algorithm identifier</th>
+<th class="head">Algorithm value</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>RSA PKCS#1 v1.5</td>
+<td><code class="docutils literal"><span class="pre">0x02</span></code></td>
+<td><a class="reference internal" href="../api/ops/pke.html#c.PSA_ALG_RSA_PKCS1V15_CRYPT" title="PSA_ALG_RSA_PKCS1V15_CRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_CRYPT</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x07000200</span></code></td>
+</tr>
+<tr class="row-odd"><td>RSA OAEP</td>
+<td><code class="docutils literal"><span class="pre">0x03</span></code></td>
+<td><a class="reference internal" href="../api/ops/pke.html#c.PSA_ALG_RSA_OAEP" title="PSA_ALG_RSA_OAEP"><code class="docutils literal"><span class="pre">PSA_ALG_RSA_OAEP</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">hash_alg</span></code><code class="docutils literal"><span class="pre">)</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x070003hh</span></code> <sup>a</sup></td>
+</tr>
+</tbody>
+</table>
+<ol class="loweralpha simple">
+<li><code class="docutils literal"><span class="pre">hh</span></code> is the HASH-TYPE for the hash algorithm, <code class="docutils literal"><span class="pre">hash_alg</span></code>, used to construct the encryption algorithm.</li>
+</ol>
+</div>
+<div class="section" id="key-agreement-algorithm-encoding">
+<span id="ka-encoding"></span><h3>Key agreement algorithm encoding</h3>
+<p>A key agreement algorithm identifier can either be for the raw key agreement algorithm, or for a combined key agreement with key derivation algorithm. The former can only be used with <a class="reference internal" href="../api/ops/ka.html#c.psa_raw_key_agreement" title="psa_raw_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_raw_key_agreement()</span></code></a>, while the latter are used with <a class="reference internal" href="../api/ops/ka.html#c.psa_key_derivation_key_agreement" title="psa_key_derivation_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_key_agreement()</span></code></a> and the shared secret is not exposed to the client.</p>
+<p>The algorithm identifier for raw key agreement algorithms defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-ka-raw-fields"><span class="numref">Figure 9</span></a></span>.</p>
+<div class="figure" id="fig-ka-raw-fields">
+<img alt="../_images/ka_raw_fields.svg" src="../_images/ka_raw_fields.svg" /><p class="caption"><span class="caption-number">Figure 9 </span><span class="caption-text">Raw key agreement algorithm encoding</span></p>
+</div>
+<p>The defined values for KA-TYPE are shown in <span><a class="reference internal" href="#table-ka-type"><span class="numref">Table 15</span></a></span>.</p>
+<table border="1" class="colwidths-auto docutils align-left" id="table-ka-type">
+<caption><span class="caption-number">Table 15 </span><span class="caption-text">Key agreement algorithm sub-type values</span></caption>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Key agreement algorithm</th>
+<th class="head">KA-TYPE</th>
+<th class="head">Algorithm identifier</th>
+<th class="head">Algorithm value</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>FFDH</td>
+<td><code class="docutils literal"><span class="pre">0x01</span></code></td>
+<td><a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_FFDH" title="PSA_ALG_FFDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_FFDH</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x09010000</span></code></td>
+</tr>
+<tr class="row-odd"><td>ECDH</td>
+<td><code class="docutils literal"><span class="pre">0x02</span></code></td>
+<td><a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_ECDH" title="PSA_ALG_ECDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDH</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x09020000</span></code></td>
+</tr>
+</tbody>
+</table>
+<p>A combined key agreement is constructed by a bitwise OR of the raw key agreement algorithm identifier and the key derivation algorithm identifier. This operation is provided by the <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_KEY_AGREEMENT" title="PSA_ALG_KEY_AGREEMENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT()</span></code></a> macro.</p>
+<div class="figure" id="id7">
+<img alt="../_images/ka_combined_fields.svg" src="../_images/ka_combined_fields.svg" /><p class="caption"><span class="caption-number">Figure 10 </span><span class="caption-text">Combined key agreement algorithm encoding</span></p>
+</div>
+<p>The underlying raw key agreement algorithm can be extracted from the KA-TYPE field, and the key derivation algorithm from the KDF-TYPE and HASH-TYPE fields.</p>
+</div>
+</div>
+<div class="section" id="key-type-encoding">
+<span id="id1"></span><h2>Key type encoding</h2>
+<p>Key types are 16-bit integer values of the type <a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a>. Key type values have the structure shown in <span><a class="reference internal" href="#fig-key-type-fields"><span class="numref">Figure 11</span></a></span>.</p>
+<div class="figure" id="fig-key-type-fields">
+<img alt="../_images/key_type_fields.svg" src="../_images/key_type_fields.svg" /><p class="caption"><span class="caption-number">Figure 11 </span><span class="caption-text">Encoding of <a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a></span></p>
+</div>
+<p><span><a class="reference internal" href="#table-key-type-fields"><span class="numref">Table 16</span></a></span> describes the meaning of the bit-fields — some of bit-fields are used in different ways by different key type categories.</p>
+<table border="1" class="colwidths-given longtable docutils align-right" id="table-key-type-fields">
+<caption><span class="caption-number">Table 16 </span><span class="caption-text">Bit fields in a key type</span></caption>
+<colgroup>
+<col width="24%" />
+<col width="10%" />
+<col width="67%" />
+</colgroup>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Field</th>
+<th class="head">Bits</th>
+<th class="head">Description</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>V</td>
+<td>[15]</td>
+<td><p class="first">Flag to indicate an implementation-defined key type, when V=1.</p>
+<p class="last">Key types defined by this specification always have V=0.</p>
+</td>
+</tr>
+<tr class="row-odd"><td>A</td>
+<td>[14]</td>
+<td>Flag to indicate an asymmetric key type, when A=1.</td>
+</tr>
+<tr class="row-even"><td>CAT</td>
+<td>[13:12]</td>
+<td>Key type category. See <a class="reference internal" href="#key-type-categories"><span class="secref">Key type categories</span></a>.</td>
+</tr>
+<tr class="row-odd"><td><em>category-specific type</em></td>
+<td>[11:1]</td>
+<td>The meaning of this field is specific to each key category.</td>
+</tr>
+<tr class="row-even"><td>P</td>
+<td>[0]</td>
+<td>Parity bit. Valid key type values have even parity.</td>
+</tr>
+</tbody>
+</table>
+<div class="section" id="key-type-categories">
+<span id="id2"></span><h3>Key type categories</h3>
+<p>The A and CAT fields in a key type take the values shown in <span><a class="reference internal" href="#table-key-type-category"><span class="numref">Table 17</span></a></span>.</p>
+<table border="1" class="colwidths-auto docutils align-left" id="table-key-type-category">
+<caption><span class="caption-number">Table 17 </span><span class="caption-text">Key type categories</span></caption>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Key type category</th>
+<th class="head">A</th>
+<th class="head">CAT</th>
+<th class="head">Category details</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>None</td>
+<td>0</td>
+<td>0</td>
+<td>See <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_NONE" title="PSA_KEY_TYPE_NONE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_NONE</span></code></a></td>
+</tr>
+<tr class="row-odd"><td>Raw data</td>
+<td>0</td>
+<td>1</td>
+<td>See <a class="reference internal" href="#raw-key-encoding"><span class="secref">Raw key encoding</span></a></td>
+</tr>
+<tr class="row-even"><td>Symmetric key</td>
+<td>0</td>
+<td>2</td>
+<td>See <a class="reference internal" href="#symmetric-key-encoding"><span class="secref">Symmetric key encoding</span></a></td>
+</tr>
+<tr class="row-odd"><td>Asymmetric public key</td>
+<td>1</td>
+<td>0</td>
+<td>See <a class="reference internal" href="#asymmetric-key-encoding"><span class="secref">Asymmetric key encoding</span></a></td>
+</tr>
+<tr class="row-even"><td>Asymmetric key pair</td>
+<td>1</td>
+<td>3</td>
+<td>See <a class="reference internal" href="#asymmetric-key-encoding"><span class="secref">Asymmetric key encoding</span></a></td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="section" id="raw-key-encoding">
+<span id="id3"></span><h3>Raw key encoding</h3>
+<p>The key type for raw keys defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-raw-key-fields"><span class="numref">Figure 12</span></a></span>.</p>
+<div class="figure" id="fig-raw-key-fields">
+<img alt="../_images/raw_key_fields.svg" src="../_images/raw_key_fields.svg" /><p class="caption"><span class="caption-number">Figure 12 </span><span class="caption-text">Raw key encoding</span></p>
+</div>
+<p>The defined values for RAW-TYPE, SUB-TYPE, and P are shown in <span><a class="reference internal" href="#table-raw-type"><span class="numref">Table 18</span></a></span>.</p>
+<table border="1" class="colwidths-auto docutils align-left" id="table-raw-type">
+<caption><span class="caption-number">Table 18 </span><span class="caption-text">Raw key sub-type values</span></caption>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Raw key type</th>
+<th class="head">RAW-TYPE</th>
+<th class="head">SUB-TYPE</th>
+<th class="head">P</th>
+<th class="head">Key type</th>
+<th class="head">Key type value</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>Raw data</td>
+<td>0</td>
+<td>0</td>
+<td>1</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_RAW_DATA" title="PSA_KEY_TYPE_RAW_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RAW_DATA</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x1001</span></code></td>
+</tr>
+<tr class="row-odd"><td>HMAC</td>
+<td>1</td>
+<td>0</td>
+<td>0</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_HMAC" title="PSA_KEY_TYPE_HMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_HMAC</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x1100</span></code></td>
+</tr>
+<tr class="row-even"><td>Derivation secret</td>
+<td>2</td>
+<td>0</td>
+<td>0</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DERIVE" title="PSA_KEY_TYPE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DERIVE</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x1200</span></code></td>
+</tr>
+<tr class="row-odd"><td>Password</td>
+<td>2</td>
+<td>1</td>
+<td>1</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PASSWORD" title="PSA_KEY_TYPE_PASSWORD"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x1203</span></code></td>
+</tr>
+<tr class="row-even"><td>Password hash</td>
+<td>2</td>
+<td>2</td>
+<td>1</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PASSWORD_HASH" title="PSA_KEY_TYPE_PASSWORD_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD_HASH</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x1205</span></code></td>
+</tr>
+<tr class="row-odd"><td>Derivation pepper</td>
+<td>2</td>
+<td>3</td>
+<td>0</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PEPPER" title="PSA_KEY_TYPE_PEPPER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PEPPER</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x1206</span></code></td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="section" id="symmetric-key-encoding">
+<span id="id4"></span><h3>Symmetric key encoding</h3>
+<p>The key type for symmetric keys defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-symmetric-key-fields"><span class="numref">Figure 13</span></a></span>.</p>
+<div class="figure" id="fig-symmetric-key-fields">
+<img alt="../_images/symmetric_key_fields.svg" src="../_images/symmetric_key_fields.svg" /><p class="caption"><span class="caption-number">Figure 13 </span><span class="caption-text">Symmetric key encoding</span></p>
+</div>
+<p>For block-based cipher keys, the block size for the cipher algorithm is 2<sup>BLK</sup>.</p>
+<p>The defined values for BLK, SYM-TYPE and P are shown in <span><a class="reference internal" href="#table-symmetric-type"><span class="numref">Table 19</span></a></span>.</p>
+<table border="1" class="colwidths-auto docutils align-left" id="table-symmetric-type">
+<caption><span class="caption-number">Table 19 </span><span class="caption-text">Symmetric key sub-type values</span></caption>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Symmetric key type</th>
+<th class="head">BLK</th>
+<th class="head">SYM-TYPE</th>
+<th class="head">P</th>
+<th class="head">Key type</th>
+<th class="head">Key type value</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>ARC4</td>
+<td>0</td>
+<td>1</td>
+<td>0</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ARC4" title="PSA_KEY_TYPE_ARC4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARC4</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x2002</span></code></td>
+</tr>
+<tr class="row-odd"><td>ChaCha20</td>
+<td>0</td>
+<td>2</td>
+<td>0</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_CHACHA20" title="PSA_KEY_TYPE_CHACHA20"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CHACHA20</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x2004</span></code></td>
+</tr>
+<tr class="row-even"><td>DES</td>
+<td>3</td>
+<td>0</td>
+<td>1</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DES" title="PSA_KEY_TYPE_DES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DES</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x2301</span></code></td>
+</tr>
+<tr class="row-odd"><td>AES</td>
+<td>4</td>
+<td>0</td>
+<td>0</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x2400</span></code></td>
+</tr>
+<tr class="row-even"><td>CAMELLIA</td>
+<td>4</td>
+<td>1</td>
+<td>1</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_CAMELLIA" title="PSA_KEY_TYPE_CAMELLIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CAMELLIA</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x2403</span></code></td>
+</tr>
+<tr class="row-odd"><td>SM4</td>
+<td>4</td>
+<td>2</td>
+<td>1</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_SM4" title="PSA_KEY_TYPE_SM4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_SM4</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x2405</span></code></td>
+</tr>
+<tr class="row-even"><td>ARIA</td>
+<td>4</td>
+<td>3</td>
+<td>0</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ARIA" title="PSA_KEY_TYPE_ARIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARIA</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x2406</span></code></td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="section" id="asymmetric-key-encoding">
+<span id="id5"></span><h3>Asymmetric key encoding</h3>
+<p>The key type for asymmetric keys defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-asymmetric-key-fields"><span class="numref">Figure 14</span></a></span>.</p>
+<div class="figure" id="fig-asymmetric-key-fields">
+<img alt="../_images/asymmetric_key_fields.svg" src="../_images/asymmetric_key_fields.svg" /><p class="caption"><span class="caption-number">Figure 14 </span><span class="caption-text">Asymmetric key encoding</span></p>
+</div>
+<p>PAIR is either 0 for a public key, or 3 for a key pair.</p>
+<p>The defined values for ASYM-TYPE are shown in <span><a class="reference internal" href="#table-asymmetric-type"><span class="numref">Table 20</span></a></span>.</p>
+<table border="1" class="colwidths-auto docutils align-left" id="table-asymmetric-type">
+<caption><span class="caption-number">Table 20 </span><span class="caption-text">Asymmetric key sub-type values</span></caption>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Asymmetric key type</th>
+<th class="head">ASYM-TYPE</th>
+<th class="head">Details</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>RSA</td>
+<td>0</td>
+<td>See <a class="reference internal" href="#rsa-key-encoding"><span class="secref">RSA key encoding</span></a></td>
+</tr>
+<tr class="row-odd"><td>Elliptic Curve</td>
+<td>1</td>
+<td>See <a class="reference internal" href="#ecc-key-encoding"><span class="secref">Elliptic Curve key encoding</span></a></td>
+</tr>
+<tr class="row-even"><td>Diffie-Hellman</td>
+<td>2</td>
+<td>See <a class="reference internal" href="#dh-key-encoding"><span class="secref">Diffie Hellman key encoding</span></a></td>
+</tr>
+</tbody>
+</table>
+<div class="section" id="rsa-key-encoding">
+<span id="id6"></span><h4>RSA key encoding</h4>
+<p>The key type for RSA keys defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-rsa-key-fields"><span class="numref">Figure 15</span></a></span>.</p>
+<div class="figure" id="fig-rsa-key-fields">
+<img alt="../_images/rsa_key_fields.svg" src="../_images/rsa_key_fields.svg" /><p class="caption"><span class="caption-number">Figure 15 </span><span class="caption-text">RSA key encoding</span></p>
+</div>
+<p>PAIR is either 0 for a public key, or 3 for a key pair.</p>
+<p>The defined values for RSA keys are shown in <span><a class="reference internal" href="#table-rsa-type"><span class="numref">Table 21</span></a></span>.</p>
+<table border="1" class="colwidths-auto docutils align-left" id="table-rsa-type">
+<caption><span class="caption-number">Table 21 </span><span class="caption-text">RSA key values</span></caption>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">RSA key type</th>
+<th class="head">Key type</th>
+<th class="head">Key type value</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>Public key</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_RSA_PUBLIC_KEY" title="PSA_KEY_TYPE_RSA_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_PUBLIC_KEY</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x4001</span></code></td>
+</tr>
+<tr class="row-odd"><td>Key pair</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_RSA_KEY_PAIR" title="PSA_KEY_TYPE_RSA_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_KEY_PAIR</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x7001</span></code></td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="section" id="elliptic-curve-key-encoding">
+<span id="ecc-key-encoding"></span><h4>Elliptic Curve key encoding</h4>
+<p>The key type for Elliptic Curve keys defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-ecc-key-fields"><span class="numref">Figure 16</span></a></span>.</p>
+<div class="figure" id="fig-ecc-key-fields">
+<img alt="../_images/ecc_key_fields.svg" src="../_images/ecc_key_fields.svg" /><p class="caption"><span class="caption-number">Figure 16 </span><span class="caption-text">Elliptic Curve key encoding</span></p>
+</div>
+<p>PAIR is either 0 for a public key, or 3 for a key pair.</p>
+<p>The defined values for ECC-FAMILY and P are shown in <span><a class="reference internal" href="#table-ecc-type"><span class="numref">Table 22</span></a></span>.</p>
+<table border="1" class="colwidths-auto docutils align-left" id="table-ecc-type">
+<caption><span class="caption-number">Table 22 </span><span class="caption-text">ECC key family values</span></caption>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">ECC key family</th>
+<th class="head">ECC-FAMILY</th>
+<th class="head">P</th>
+<th class="head">ECC family <sup>a</sup></th>
+<th class="head">Public key value</th>
+<th class="head">Key pair value</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>SECP K1</td>
+<td>0x0B</td>
+<td>1</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECP_K1" title="PSA_ECC_FAMILY_SECP_K1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_K1</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x4117</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x7117</span></code></td>
+</tr>
+<tr class="row-odd"><td>SECP R1</td>
+<td>0x09</td>
+<td>0</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECP_R1" title="PSA_ECC_FAMILY_SECP_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_R1</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x4112</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x7112</span></code></td>
+</tr>
+<tr class="row-even"><td>SECP R2</td>
+<td>0x0D</td>
+<td>1</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECP_R2" title="PSA_ECC_FAMILY_SECP_R2"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_R2</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x411B</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x711B</span></code></td>
+</tr>
+<tr class="row-odd"><td>SECT K1</td>
+<td>0x13</td>
+<td>1</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECT_K1" title="PSA_ECC_FAMILY_SECT_K1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_K1</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x4127</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x7127</span></code></td>
+</tr>
+<tr class="row-even"><td>SECT R1</td>
+<td>0x11</td>
+<td>0</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECT_R1" title="PSA_ECC_FAMILY_SECT_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_R1</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x4122</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x7122</span></code></td>
+</tr>
+<tr class="row-odd"><td>SECT R2</td>
+<td>0x15</td>
+<td>1</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECT_R2" title="PSA_ECC_FAMILY_SECT_R2"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_R2</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x412B</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x712B</span></code></td>
+</tr>
+<tr class="row-even"><td>Brainpool-P R1</td>
+<td>0x18</td>
+<td>0</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_BRAINPOOL_P_R1" title="PSA_ECC_FAMILY_BRAINPOOL_P_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_BRAINPOOL_P_R1</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x4130</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x7130</span></code></td>
+</tr>
+<tr class="row-odd"><td>FRP</td>
+<td>0x19</td>
+<td>1</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_FRP" title="PSA_ECC_FAMILY_FRP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_FRP</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x4133</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x7133</span></code></td>
+</tr>
+<tr class="row-even"><td>Montgomery</td>
+<td>0x20</td>
+<td>1</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_MONTGOMERY" title="PSA_ECC_FAMILY_MONTGOMERY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_MONTGOMERY</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x4141</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x7141</span></code></td>
+</tr>
+<tr class="row-odd"><td>Twisted Edwards</td>
+<td>0x21</td>
+<td>0</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_TWISTED_EDWARDS" title="PSA_ECC_FAMILY_TWISTED_EDWARDS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_TWISTED_EDWARDS</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x4142</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x7142</span></code></td>
+</tr>
+</tbody>
+</table>
+<ol class="loweralpha simple">
+<li>The key type value is constructed from the Elliptic Curve family using either <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_ECC_PUBLIC_KEY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_PUBLIC_KEY</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">family</span></code><code class="docutils literal"><span class="pre">)</span></code> or <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ECC_KEY_PAIR" title="PSA_KEY_TYPE_ECC_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_KEY_PAIR</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">family</span></code><code class="docutils literal"><span class="pre">)</span></code> as required.</li>
+</ol>
+</div>
+<div class="section" id="diffie-hellman-key-encoding">
+<span id="dh-key-encoding"></span><h4>Diffie Hellman key encoding</h4>
+<p>The key type for Diffie Hellman keys defined in this specification are encoded as shown in <span><a class="reference internal" href="#fig-dh-key-fields"><span class="numref">Figure 17</span></a></span>.</p>
+<div class="figure" id="fig-dh-key-fields">
+<img alt="../_images/dh_key_fields.svg" src="../_images/dh_key_fields.svg" /><p class="caption"><span class="caption-number">Figure 17 </span><span class="caption-text">Diffie Hellman key encoding</span></p>
+</div>
+<p>PAIR is either 0 for a public key, or 3 for a key pair.</p>
+<p>The defined values for DH-FAMILY and P are shown in <span><a class="reference internal" href="#table-dh-type"><span class="numref">Table 23</span></a></span>.</p>
+<table border="1" class="colwidths-auto docutils align-left" id="table-dh-type">
+<caption><span class="caption-number">Table 23 </span><span class="caption-text">Diffie Hellman key group values</span></caption>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">DH key group</th>
+<th class="head">DH-FAMILY</th>
+<th class="head">P</th>
+<th class="head">DH group <sup>a</sup></th>
+<th class="head">Public key value</th>
+<th class="head">Key pair value</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>RFC7919</td>
+<td>0x01</td>
+<td>1</td>
+<td><a class="reference internal" href="../api/keys/types.html#c.PSA_DH_FAMILY_RFC7919" title="PSA_DH_FAMILY_RFC7919"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_DH_FAMILY_RFC7919</span></code></a></td>
+<td><code class="docutils literal"><span class="pre">0x4203</span></code></td>
+<td><code class="docutils literal"><span class="pre">0x7203</span></code></td>
+</tr>
+</tbody>
+</table>
+<ol class="loweralpha simple">
+<li>The key type value is constructed from the Diffie Hellman family using either <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DH_PUBLIC_KEY" title="PSA_KEY_TYPE_DH_PUBLIC_KEY"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DH_PUBLIC_KEY</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">family</span></code><code class="docutils literal"><span class="pre">)</span></code> or <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DH_KEY_PAIR" title="PSA_KEY_TYPE_DH_KEY_PAIR"><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DH_KEY_PAIR</span></code></a><code class="docutils literal"><span class="pre">(</span></code><code class="docutils literal"><span class="pre">family</span></code><code class="docutils literal"><span class="pre">)</span></code> as required.</li>
+</ol>
+</div>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../about.html">About this document</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="example_header.html">Example header file</a></li>
+<li class="toctree-l1 current"><a class="current reference internal" href="#">Algorithm and key type encoding</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="#algorithm-identifier-encoding">Algorithm identifier encoding</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#algorithm-categories">Algorithm categories</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#hash-algorithm-encoding">Hash algorithm encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#mac-algorithm-encoding">MAC algorithm encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#cipher-algorithm-encoding">Cipher algorithm encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#aead-algorithm-encoding">AEAD algorithm encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#key-derivation-algorithm-encoding">Key derivation algorithm encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#asymmetric-signature-algorithm-encoding">Asymmetric signature algorithm encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#asymmetric-encryption-algorithm-encoding">Asymmetric encryption algorithm encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#key-agreement-algorithm-encoding">Key agreement algorithm encoding</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#key-type-encoding">Key type encoding</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#key-type-categories">Key type categories</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#raw-key-encoding">Raw key encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#symmetric-key-encoding">Symmetric key encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#asymmetric-key-encoding">Asymmetric key encoding</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/appendix/example_header.html b/docs/1.1.0/html/appendix/example_header.html
new file mode 100644
index 0000000..29cb346
--- /dev/null
+++ b/docs/1.1.0/html/appendix/example_header.html
@@ -0,0 +1,735 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>Example header file — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../_static/jquery.js"></script>
+ <script type="text/javascript" src="../_static/underscore.js"></script>
+ <script type="text/javascript" src="../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../about.html" />
+ <link rel="index" title="Index" href="../genindex.html" />
+ <link rel="search" title="Search" href="../search.html" />
+ <link rel="next" title="Algorithm and key type encoding" href="encodings.html" />
+ <link rel="prev" title="10.10. Other cryptographic services" href="../api/ops/rng.html" />
+
+ <link rel="stylesheet" href="../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="example-header-file">
+<span id="appendix-example-header"></span><h1>Example header file</h1>
+<p>Each implementation of the PSA Crypto API must provide a header file named <code class="file docutils literal"><span class="pre">psa/crypto.h</span></code>, in which the API elements in this specification are defined.</p>
+<p>This appendix provides a example of the <code class="file docutils literal"><span class="pre">psa/crypto.h</span></code> header file with all of the API elements. This can be used as a starting point or reference for an implementation.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p>Not all of the API elements are fully defined. An implementation must provide the full definition.</p>
+<p class="last">The header will not compile without these missing definitions, and might require reordering to satisfy C compilation rules.</p>
+</div>
+<div class="section" id="psa-crypto-h">
+<h2>psa/crypto.h</h2>
+<pre class="literal-block">
+typedef <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-type"><span class="std std-ref">/* implementation-defined type */</span></a></em> <a class="reference internal" href="../api/ops/aead.html#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a>;
+typedef uint32_t <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>;
+typedef <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-type"><span class="std std-ref">/* implementation-defined type */</span></a></em> <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a>;
+typedef uint8_t <a class="reference internal" href="../api/keys/types.html#c.psa_dh_family_t" title="psa_dh_family_t">psa_dh_family_t</a>;
+typedef uint8_t <a class="reference internal" href="../api/keys/types.html#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>;
+typedef <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-type"><span class="std std-ref">/* implementation-defined type */</span></a></em> <a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a>;
+typedef <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-type"><span class="std std-ref">/* implementation-defined type */</span></a></em> <a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a>;
+typedef <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-type"><span class="std std-ref">/* implementation-defined type */</span></a></em> <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a>;
+typedef uint16_t <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_step_t" title="psa_key_derivation_step_t">psa_key_derivation_step_t</a>;
+typedef uint32_t <a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a>;
+typedef uint32_t <a class="reference internal" href="../api/keys/lifetimes.html#c.psa_key_lifetime_t" title="psa_key_lifetime_t">psa_key_lifetime_t</a>;
+typedef uint32_t <a class="reference internal" href="../api/keys/lifetimes.html#c.psa_key_location_t" title="psa_key_location_t">psa_key_location_t</a>;
+typedef uint8_t <a class="reference internal" href="../api/keys/lifetimes.html#c.psa_key_persistence_t" title="psa_key_persistence_t">psa_key_persistence_t</a>;
+typedef uint16_t <a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>;
+typedef uint32_t <a class="reference internal" href="../api/keys/policy.html#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>;
+typedef <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-type"><span class="std std-ref">/* implementation-defined type */</span></a></em> <a class="reference internal" href="../api/ops/macs.html#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a>;
+typedef int32_t <a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>;
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE">PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE</a>(ciphertext_length) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_DECRYPT_OUTPUT_SIZE" title="PSA_AEAD_DECRYPT_OUTPUT_SIZE">PSA_AEAD_DECRYPT_OUTPUT_SIZE</a>(key_type, alg, ciphertext_length) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE">PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE</a>(plaintext_length) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_ENCRYPT_OUTPUT_SIZE" title="PSA_AEAD_ENCRYPT_OUTPUT_SIZE">PSA_AEAD_ENCRYPT_OUTPUT_SIZE</a>(key_type, alg, plaintext_length) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_FINISH_OUTPUT_MAX_SIZE" title="PSA_AEAD_FINISH_OUTPUT_MAX_SIZE">PSA_AEAD_FINISH_OUTPUT_MAX_SIZE</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_FINISH_OUTPUT_SIZE" title="PSA_AEAD_FINISH_OUTPUT_SIZE">PSA_AEAD_FINISH_OUTPUT_SIZE</a>(key_type, alg) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_NONCE_LENGTH" title="PSA_AEAD_NONCE_LENGTH">PSA_AEAD_NONCE_LENGTH</a>(key_type, alg) <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_NONCE_MAX_SIZE" title="PSA_AEAD_NONCE_MAX_SIZE">PSA_AEAD_NONCE_MAX_SIZE</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_OPERATION_INIT" title="PSA_AEAD_OPERATION_INIT">PSA_AEAD_OPERATION_INIT</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_TAG_LENGTH" title="PSA_AEAD_TAG_LENGTH">PSA_AEAD_TAG_LENGTH</a>(key_type, key_bits, alg) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_TAG_MAX_SIZE" title="PSA_AEAD_TAG_MAX_SIZE">PSA_AEAD_TAG_MAX_SIZE</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE" title="PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE">PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE</a>(input_length) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_UPDATE_OUTPUT_SIZE" title="PSA_AEAD_UPDATE_OUTPUT_SIZE">PSA_AEAD_UPDATE_OUTPUT_SIZE</a>(key_type, alg, input_length) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE" title="PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE">PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_VERIFY_OUTPUT_SIZE" title="PSA_AEAD_VERIFY_OUTPUT_SIZE">PSA_AEAD_VERIFY_OUTPUT_SIZE</a>(key_type, alg) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG" title="PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG">PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG</a>(aead_alg, min_tag_length) \
+ <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG" title="PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG">PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG</a>(aead_alg) \
+ <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_AEAD_WITH_SHORTENED_TAG" title="PSA_ALG_AEAD_WITH_SHORTENED_TAG">PSA_ALG_AEAD_WITH_SHORTENED_TAG</a>(aead_alg, tag_length) \
+ <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH">PSA_ALG_ANY_HASH</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x020000ff)
+#define <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_AT_LEAST_THIS_LENGTH_MAC" title="PSA_ALG_AT_LEAST_THIS_LENGTH_MAC">PSA_ALG_AT_LEAST_THIS_LENGTH_MAC</a>(mac_alg, min_mac_length) \
+ <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_CBC_MAC" title="PSA_ALG_CBC_MAC">PSA_ALG_CBC_MAC</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x03c00100)
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_CBC_NO_PADDING" title="PSA_ALG_CBC_NO_PADDING">PSA_ALG_CBC_NO_PADDING</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x04404000)
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_CBC_PKCS7" title="PSA_ALG_CBC_PKCS7">PSA_ALG_CBC_PKCS7</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x04404100)
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_CCM" title="PSA_ALG_CCM">PSA_ALG_CCM</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x05500100)
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_CFB" title="PSA_ALG_CFB">PSA_ALG_CFB</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x04c01100)
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_CHACHA20_POLY1305" title="PSA_ALG_CHACHA20_POLY1305">PSA_ALG_CHACHA20_POLY1305</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x05100500)
+#define <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_CMAC" title="PSA_ALG_CMAC">PSA_ALG_CMAC</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x03c00200)
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_CTR" title="PSA_ALG_CTR">PSA_ALG_CTR</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x04c01000)
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA">PSA_ALG_DETERMINISTIC_ECDSA</a>(hash_alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_ECB_NO_PADDING" title="PSA_ALG_ECB_NO_PADDING">PSA_ALG_ECB_NO_PADDING</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x04404400)
+#define <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_ECDH" title="PSA_ALG_ECDH">PSA_ALG_ECDH</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x09020000)
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA">PSA_ALG_ECDSA</a>(hash_alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ECDSA_ANY" title="PSA_ALG_ECDSA_ANY">PSA_ALG_ECDSA_ANY</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) 0x06000600)
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ED25519PH" title="PSA_ALG_ED25519PH">PSA_ALG_ED25519PH</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) 0x0600090B)
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ED448PH" title="PSA_ALG_ED448PH">PSA_ALG_ED448PH</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) 0x06000915)
+#define <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_FFDH" title="PSA_ALG_FFDH">PSA_ALG_FFDH</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x09010000)
+#define <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_FULL_LENGTH_MAC" title="PSA_ALG_FULL_LENGTH_MAC">PSA_ALG_FULL_LENGTH_MAC</a>(mac_alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_GCM" title="PSA_ALG_GCM">PSA_ALG_GCM</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x05500200)
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_GET_HASH" title="PSA_ALG_GET_HASH">PSA_ALG_GET_HASH</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_HKDF" title="PSA_ALG_HKDF">PSA_ALG_HKDF</a>(hash_alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_HMAC" title="PSA_ALG_HMAC">PSA_ALG_HMAC</a>(hash_alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD">PSA_ALG_IS_AEAD</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER" title="PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER">PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_ASYMMETRIC_ENCRYPTION" title="PSA_ALG_IS_ASYMMETRIC_ENCRYPTION">PSA_ALG_IS_ASYMMETRIC_ENCRYPTION</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_IS_BLOCK_CIPHER_MAC" title="PSA_ALG_IS_BLOCK_CIPHER_MAC">PSA_ALG_IS_BLOCK_CIPHER_MAC</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_CIPHER" title="PSA_ALG_IS_CIPHER">PSA_ALG_IS_CIPHER</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_DETERMINISTIC_ECDSA" title="PSA_ALG_IS_DETERMINISTIC_ECDSA">PSA_ALG_IS_DETERMINISTIC_ECDSA</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_IS_ECDH" title="PSA_ALG_IS_ECDH">PSA_ALG_IS_ECDH</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_ECDSA" title="PSA_ALG_IS_ECDSA">PSA_ALG_IS_ECDSA</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_IS_FFDH" title="PSA_ALG_IS_FFDH">PSA_ALG_IS_FFDH</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH">PSA_ALG_IS_HASH</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_HASH_AND_SIGN" title="PSA_ALG_IS_HASH_AND_SIGN">PSA_ALG_IS_HASH_AND_SIGN</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_HASH_EDDSA" title="PSA_ALG_IS_HASH_EDDSA">PSA_ALG_IS_HASH_EDDSA</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_IS_HKDF" title="PSA_ALG_IS_HKDF">PSA_ALG_IS_HKDF</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_IS_HMAC" title="PSA_ALG_IS_HMAC">PSA_ALG_IS_HMAC</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_KEY_AGREEMENT" title="PSA_ALG_IS_KEY_AGREEMENT">PSA_ALG_IS_KEY_AGREEMENT</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_KEY_DERIVATION" title="PSA_ALG_IS_KEY_DERIVATION">PSA_ALG_IS_KEY_DERIVATION</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_IS_KEY_DERIVATION_STRETCHING" title="PSA_ALG_IS_KEY_DERIVATION_STRETCHING">PSA_ALG_IS_KEY_DERIVATION_STRETCHING</a>(alg) \
+ <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC">PSA_ALG_IS_MAC</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_IS_PBKDF2_HMAC" title="PSA_ALG_IS_PBKDF2_HMAC">PSA_ALG_IS_PBKDF2_HMAC</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RANDOMIZED_ECDSA" title="PSA_ALG_IS_RANDOMIZED_ECDSA">PSA_ALG_IS_RANDOMIZED_ECDSA</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_IS_RAW_KEY_AGREEMENT" title="PSA_ALG_IS_RAW_KEY_AGREEMENT">PSA_ALG_IS_RAW_KEY_AGREEMENT</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/pke.html#c.PSA_ALG_IS_RSA_OAEP" title="PSA_ALG_IS_RSA_OAEP">PSA_ALG_IS_RSA_OAEP</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RSA_PKCS1V15_SIGN" title="PSA_ALG_IS_RSA_PKCS1V15_SIGN">PSA_ALG_IS_RSA_PKCS1V15_SIGN</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RSA_PSS" title="PSA_ALG_IS_RSA_PSS">PSA_ALG_IS_RSA_PSS</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RSA_PSS_ANY_SALT" title="PSA_ALG_IS_RSA_PSS_ANY_SALT">PSA_ALG_IS_RSA_PSS_ANY_SALT</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RSA_PSS_STANDARD_SALT" title="PSA_ALG_IS_RSA_PSS_STANDARD_SALT">PSA_ALG_IS_RSA_PSS_STANDARD_SALT</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_SIGN" title="PSA_ALG_IS_SIGN">PSA_ALG_IS_SIGN</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_SIGN_HASH" title="PSA_ALG_IS_SIGN_HASH">PSA_ALG_IS_SIGN_HASH</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_SIGN_MESSAGE" title="PSA_ALG_IS_SIGN_MESSAGE">PSA_ALG_IS_SIGN_MESSAGE</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_IS_STREAM_CIPHER" title="PSA_ALG_IS_STREAM_CIPHER">PSA_ALG_IS_STREAM_CIPHER</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_IS_TLS12_PRF" title="PSA_ALG_IS_TLS12_PRF">PSA_ALG_IS_TLS12_PRF</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_IS_TLS12_PSK_TO_MS" title="PSA_ALG_IS_TLS12_PSK_TO_MS">PSA_ALG_IS_TLS12_PSK_TO_MS</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_WILDCARD" title="PSA_ALG_IS_WILDCARD">PSA_ALG_IS_WILDCARD</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_KEY_AGREEMENT" title="PSA_ALG_KEY_AGREEMENT">PSA_ALG_KEY_AGREEMENT</a>(ka_alg, kdf_alg) \
+ <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_KEY_AGREEMENT_GET_BASE" title="PSA_ALG_KEY_AGREEMENT_GET_BASE">PSA_ALG_KEY_AGREEMENT_GET_BASE</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_KEY_AGREEMENT_GET_KDF" title="PSA_ALG_KEY_AGREEMENT_GET_KDF">PSA_ALG_KEY_AGREEMENT_GET_KDF</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD2" title="PSA_ALG_MD2">PSA_ALG_MD2</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000001)
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD4" title="PSA_ALG_MD4">PSA_ALG_MD4</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000002)
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD5" title="PSA_ALG_MD5">PSA_ALG_MD5</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000003)
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_NONE" title="PSA_ALG_NONE">PSA_ALG_NONE</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0)
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_OFB" title="PSA_ALG_OFB">PSA_ALG_OFB</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x04c01200)
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_PBKDF2_AES_CMAC_PRF_128" title="PSA_ALG_PBKDF2_AES_CMAC_PRF_128">PSA_ALG_PBKDF2_AES_CMAC_PRF_128</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x08800200)
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_PBKDF2_HMAC" title="PSA_ALG_PBKDF2_HMAC">PSA_ALG_PBKDF2_HMAC</a>(hash_alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_PURE_EDDSA" title="PSA_ALG_PURE_EDDSA">PSA_ALG_PURE_EDDSA</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) 0x06000800)
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_RIPEMD160" title="PSA_ALG_RIPEMD160">PSA_ALG_RIPEMD160</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000004)
+#define <a class="reference internal" href="../api/ops/pke.html#c.PSA_ALG_RSA_OAEP" title="PSA_ALG_RSA_OAEP">PSA_ALG_RSA_OAEP</a>(hash_alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/pke.html#c.PSA_ALG_RSA_PKCS1V15_CRYPT" title="PSA_ALG_RSA_PKCS1V15_CRYPT">PSA_ALG_RSA_PKCS1V15_CRYPT</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x07000200)
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN" title="PSA_ALG_RSA_PKCS1V15_SIGN">PSA_ALG_RSA_PKCS1V15_SIGN</a>(hash_alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) 0x06000200)
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS">PSA_ALG_RSA_PSS</a>(hash_alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PSS_ANY_SALT" title="PSA_ALG_RSA_PSS_ANY_SALT">PSA_ALG_RSA_PSS_ANY_SALT</a>(hash_alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA3_224" title="PSA_ALG_SHA3_224">PSA_ALG_SHA3_224</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000010)
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA3_256" title="PSA_ALG_SHA3_256">PSA_ALG_SHA3_256</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000011)
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA3_384" title="PSA_ALG_SHA3_384">PSA_ALG_SHA3_384</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000012)
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA3_512" title="PSA_ALG_SHA3_512">PSA_ALG_SHA3_512</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000013)
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHAKE256_512" title="PSA_ALG_SHAKE256_512">PSA_ALG_SHAKE256_512</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000015)
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_1" title="PSA_ALG_SHA_1">PSA_ALG_SHA_1</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000005)
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_224" title="PSA_ALG_SHA_224">PSA_ALG_SHA_224</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000008)
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_256" title="PSA_ALG_SHA_256">PSA_ALG_SHA_256</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000009)
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_384" title="PSA_ALG_SHA_384">PSA_ALG_SHA_384</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x0200000a)
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512" title="PSA_ALG_SHA_512">PSA_ALG_SHA_512</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x0200000b)
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512_224" title="PSA_ALG_SHA_512_224">PSA_ALG_SHA_512_224</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x0200000c)
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512_256" title="PSA_ALG_SHA_512_256">PSA_ALG_SHA_512_256</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x0200000d)
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SM3" title="PSA_ALG_SM3">PSA_ALG_SM3</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x02000014)
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_STREAM_CIPHER" title="PSA_ALG_STREAM_CIPHER">PSA_ALG_STREAM_CIPHER</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x04800100)
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_TLS12_PRF" title="PSA_ALG_TLS12_PRF">PSA_ALG_TLS12_PRF</a>(hash_alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_TLS12_PSK_TO_MS" title="PSA_ALG_TLS12_PSK_TO_MS">PSA_ALG_TLS12_PSK_TO_MS</a>(hash_alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_TRUNCATED_MAC" title="PSA_ALG_TRUNCATED_MAC">PSA_ALG_TRUNCATED_MAC</a>(mac_alg, mac_length) \
+ <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_XTS" title="PSA_ALG_XTS">PSA_ALG_XTS</a> ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x0440ff00)
+#define <a class="reference internal" href="../api/ops/pke.html#c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE">PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE</a> \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/pke.html#c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE" title="PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE">PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE</a>(key_type, key_bits, alg) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/pke.html#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE">PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE</a> \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/pke.html#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE" title="PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE">PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE</a>(key_type, key_bits, alg) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_BLOCK_CIPHER_BLOCK_LENGTH" title="PSA_BLOCK_CIPHER_BLOCK_LENGTH">PSA_BLOCK_CIPHER_BLOCK_LENGTH</a>(type) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE" title="PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE">PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE">PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE</a>(input_length) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE" title="PSA_CIPHER_DECRYPT_OUTPUT_SIZE">PSA_CIPHER_DECRYPT_OUTPUT_SIZE</a>(key_type, alg, input_length) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE">PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE</a>(input_length) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_ENCRYPT_OUTPUT_SIZE" title="PSA_CIPHER_ENCRYPT_OUTPUT_SIZE">PSA_CIPHER_ENCRYPT_OUTPUT_SIZE</a>(key_type, alg, input_length) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE" title="PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE">PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_FINISH_OUTPUT_SIZE" title="PSA_CIPHER_FINISH_OUTPUT_SIZE">PSA_CIPHER_FINISH_OUTPUT_SIZE</a>(key_type, alg) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_IV_LENGTH" title="PSA_CIPHER_IV_LENGTH">PSA_CIPHER_IV_LENGTH</a>(key_type, alg) <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_IV_MAX_SIZE" title="PSA_CIPHER_IV_MAX_SIZE">PSA_CIPHER_IV_MAX_SIZE</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_OPERATION_INIT" title="PSA_CIPHER_OPERATION_INIT">PSA_CIPHER_OPERATION_INIT</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE" title="PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE">PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE</a>(input_length) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_UPDATE_OUTPUT_SIZE" title="PSA_CIPHER_UPDATE_OUTPUT_SIZE">PSA_CIPHER_UPDATE_OUTPUT_SIZE</a>(key_type, alg, input_length) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/library/library.html#c.PSA_CRYPTO_API_VERSION_MAJOR" title="PSA_CRYPTO_API_VERSION_MAJOR">PSA_CRYPTO_API_VERSION_MAJOR</a> 1
+#define <a class="reference internal" href="../api/library/library.html#c.PSA_CRYPTO_API_VERSION_MINOR" title="PSA_CRYPTO_API_VERSION_MINOR">PSA_CRYPTO_API_VERSION_MINOR</a> 1
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_DH_FAMILY_RFC7919" title="PSA_DH_FAMILY_RFC7919">PSA_DH_FAMILY_RFC7919</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_dh_family_t" title="psa_dh_family_t">psa_dh_family_t</a>) 0x03)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_BRAINPOOL_P_R1" title="PSA_ECC_FAMILY_BRAINPOOL_P_R1">PSA_ECC_FAMILY_BRAINPOOL_P_R1</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x30)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_FRP" title="PSA_ECC_FAMILY_FRP">PSA_ECC_FAMILY_FRP</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x33)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_MONTGOMERY" title="PSA_ECC_FAMILY_MONTGOMERY">PSA_ECC_FAMILY_MONTGOMERY</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x41)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECP_K1" title="PSA_ECC_FAMILY_SECP_K1">PSA_ECC_FAMILY_SECP_K1</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x17)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECP_R1" title="PSA_ECC_FAMILY_SECP_R1">PSA_ECC_FAMILY_SECP_R1</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x12)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECP_R2" title="PSA_ECC_FAMILY_SECP_R2">PSA_ECC_FAMILY_SECP_R2</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x1b)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECT_K1" title="PSA_ECC_FAMILY_SECT_K1">PSA_ECC_FAMILY_SECT_K1</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x27)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECT_R1" title="PSA_ECC_FAMILY_SECT_R1">PSA_ECC_FAMILY_SECT_R1</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x22)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECT_R2" title="PSA_ECC_FAMILY_SECT_R2">PSA_ECC_FAMILY_SECT_R2</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x2b)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_TWISTED_EDWARDS" title="PSA_ECC_FAMILY_TWISTED_EDWARDS">PSA_ECC_FAMILY_TWISTED_EDWARDS</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) 0x42)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_ALREADY_EXISTS" title="PSA_ERROR_ALREADY_EXISTS">PSA_ERROR_ALREADY_EXISTS</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-139)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE">PSA_ERROR_BAD_STATE</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-137)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL">PSA_ERROR_BUFFER_TOO_SMALL</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-138)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE">PSA_ERROR_COMMUNICATION_FAILURE</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-145)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED">PSA_ERROR_CORRUPTION_DETECTED</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-151)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT">PSA_ERROR_DATA_CORRUPT</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-152)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID">PSA_ERROR_DATA_INVALID</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-153)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_DOES_NOT_EXIST" title="PSA_ERROR_DOES_NOT_EXIST">PSA_ERROR_DOES_NOT_EXIST</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-140)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_GENERIC_ERROR" title="PSA_ERROR_GENERIC_ERROR">PSA_ERROR_GENERIC_ERROR</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-132)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_HARDWARE_FAILURE" title="PSA_ERROR_HARDWARE_FAILURE">PSA_ERROR_HARDWARE_FAILURE</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-147)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_INSUFFICIENT_DATA" title="PSA_ERROR_INSUFFICIENT_DATA">PSA_ERROR_INSUFFICIENT_DATA</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-143)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_INSUFFICIENT_ENTROPY" title="PSA_ERROR_INSUFFICIENT_ENTROPY">PSA_ERROR_INSUFFICIENT_ENTROPY</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-148)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY">PSA_ERROR_INSUFFICIENT_MEMORY</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-141)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_INSUFFICIENT_STORAGE" title="PSA_ERROR_INSUFFICIENT_STORAGE">PSA_ERROR_INSUFFICIENT_STORAGE</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-142)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT">PSA_ERROR_INVALID_ARGUMENT</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-135)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE">PSA_ERROR_INVALID_HANDLE</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-136)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_INVALID_PADDING" title="PSA_ERROR_INVALID_PADDING">PSA_ERROR_INVALID_PADDING</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-150)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE">PSA_ERROR_INVALID_SIGNATURE</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-149)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED">PSA_ERROR_NOT_PERMITTED</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-133)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED">PSA_ERROR_NOT_SUPPORTED</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-134)
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE">PSA_ERROR_STORAGE_FAILURE</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)-146)
+#define <a class="reference internal" href="../api/keys/management.html#c.PSA_EXPORT_KEY_OUTPUT_SIZE" title="PSA_EXPORT_KEY_OUTPUT_SIZE">PSA_EXPORT_KEY_OUTPUT_SIZE</a>(key_type, key_bits) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/management.html#c.PSA_EXPORT_KEY_PAIR_MAX_SIZE" title="PSA_EXPORT_KEY_PAIR_MAX_SIZE">PSA_EXPORT_KEY_PAIR_MAX_SIZE</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/management.html#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE" title="PSA_EXPORT_PUBLIC_KEY_MAX_SIZE">PSA_EXPORT_PUBLIC_KEY_MAX_SIZE</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/management.html#c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE" title="PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE">PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE</a>(key_type, key_bits) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_BLOCK_LENGTH" title="PSA_HASH_BLOCK_LENGTH">PSA_HASH_BLOCK_LENGTH</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_LENGTH" title="PSA_HASH_LENGTH">PSA_HASH_LENGTH</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_MAX_SIZE" title="PSA_HASH_MAX_SIZE">PSA_HASH_MAX_SIZE</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_OPERATION_INIT" title="PSA_HASH_OPERATION_INIT">PSA_HASH_OPERATION_INIT</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH" title="PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH">PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH</a> ((size_t)4)
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH" title="PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH">PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH</a>(alg) \
+ <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH" title="PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH">PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH</a>(alg) \
+ <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE" title="PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE">PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_SUSPEND_OUTPUT_SIZE" title="PSA_HASH_SUSPEND_OUTPUT_SIZE">PSA_HASH_SUSPEND_OUTPUT_SIZE</a>(alg) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/attributes.html#c.PSA_KEY_ATTRIBUTES_INIT" title="PSA_KEY_ATTRIBUTES_INIT">PSA_KEY_ATTRIBUTES_INIT</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_CONTEXT" title="PSA_KEY_DERIVATION_INPUT_CONTEXT">PSA_KEY_DERIVATION_INPUT_CONTEXT</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_COST" title="PSA_KEY_DERIVATION_INPUT_COST">PSA_KEY_DERIVATION_INPUT_COST</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_INFO" title="PSA_KEY_DERIVATION_INPUT_INFO">PSA_KEY_DERIVATION_INPUT_INFO</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_LABEL" title="PSA_KEY_DERIVATION_INPUT_LABEL">PSA_KEY_DERIVATION_INPUT_LABEL</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_PASSWORD" title="PSA_KEY_DERIVATION_INPUT_PASSWORD">PSA_KEY_DERIVATION_INPUT_PASSWORD</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_SALT" title="PSA_KEY_DERIVATION_INPUT_SALT">PSA_KEY_DERIVATION_INPUT_SALT</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_SECRET" title="PSA_KEY_DERIVATION_INPUT_SECRET">PSA_KEY_DERIVATION_INPUT_SECRET</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_SEED" title="PSA_KEY_DERIVATION_INPUT_SEED">PSA_KEY_DERIVATION_INPUT_SEED</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_OPERATION_INIT" title="PSA_KEY_DERIVATION_OPERATION_INIT">PSA_KEY_DERIVATION_OPERATION_INIT</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_UNLIMITED_CAPACITY" title="PSA_KEY_DERIVATION_UNLIMITED_CAPACITY">PSA_KEY_DERIVATION_UNLIMITED_CAPACITY</a> \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/ids.html#c.PSA_KEY_ID_NULL" title="PSA_KEY_ID_NULL">PSA_KEY_ID_NULL</a> ((<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a>)0)
+#define <a class="reference internal" href="../api/keys/ids.html#c.PSA_KEY_ID_USER_MAX" title="PSA_KEY_ID_USER_MAX">PSA_KEY_ID_USER_MAX</a> ((<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a>)0x3fffffff)
+#define <a class="reference internal" href="../api/keys/ids.html#c.PSA_KEY_ID_USER_MIN" title="PSA_KEY_ID_USER_MIN">PSA_KEY_ID_USER_MIN</a> ((<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a>)0x00000001)
+#define <a class="reference internal" href="../api/keys/ids.html#c.PSA_KEY_ID_VENDOR_MAX" title="PSA_KEY_ID_VENDOR_MAX">PSA_KEY_ID_VENDOR_MAX</a> ((<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a>)0x7fffffff)
+#define <a class="reference internal" href="../api/keys/ids.html#c.PSA_KEY_ID_VENDOR_MIN" title="PSA_KEY_ID_VENDOR_MIN">PSA_KEY_ID_VENDOR_MIN</a> ((<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a>)0x40000000)
+#define <a class="reference internal" href="../api/keys/lifetimes.html#c.PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION" title="PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION">PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION</a>(persistence, location) \
+ ((location) << 8 | (persistence))
+#define <a class="reference internal" href="../api/keys/lifetimes.html#c.PSA_KEY_LIFETIME_GET_LOCATION" title="PSA_KEY_LIFETIME_GET_LOCATION">PSA_KEY_LIFETIME_GET_LOCATION</a>(lifetime) \
+ ((<a class="reference internal" href="../api/keys/lifetimes.html#c.psa_key_location_t" title="psa_key_location_t">psa_key_location_t</a>) ((lifetime) >> 8))
+#define <a class="reference internal" href="../api/keys/lifetimes.html#c.PSA_KEY_LIFETIME_GET_PERSISTENCE" title="PSA_KEY_LIFETIME_GET_PERSISTENCE">PSA_KEY_LIFETIME_GET_PERSISTENCE</a>(lifetime) \
+ ((<a class="reference internal" href="../api/keys/lifetimes.html#c.psa_key_persistence_t" title="psa_key_persistence_t">psa_key_persistence_t</a>) ((lifetime) & 0x000000ff))
+#define <a class="reference internal" href="../api/keys/lifetimes.html#c.PSA_KEY_LIFETIME_IS_VOLATILE" title="PSA_KEY_LIFETIME_IS_VOLATILE">PSA_KEY_LIFETIME_IS_VOLATILE</a>(lifetime) \
+ (<a class="reference internal" href="../api/keys/lifetimes.html#c.PSA_KEY_LIFETIME_GET_PERSISTENCE" title="PSA_KEY_LIFETIME_GET_PERSISTENCE">PSA_KEY_LIFETIME_GET_PERSISTENCE</a>(lifetime) == <a class="reference internal" href="../api/keys/lifetimes.html#c.PSA_KEY_PERSISTENCE_VOLATILE" title="PSA_KEY_PERSISTENCE_VOLATILE">PSA_KEY_PERSISTENCE_VOLATILE</a>)
+#define <a class="reference internal" href="../api/keys/lifetimes.html#c.PSA_KEY_LIFETIME_PERSISTENT" title="PSA_KEY_LIFETIME_PERSISTENT">PSA_KEY_LIFETIME_PERSISTENT</a> ((<a class="reference internal" href="../api/keys/lifetimes.html#c.psa_key_lifetime_t" title="psa_key_lifetime_t">psa_key_lifetime_t</a>) 0x00000001)
+#define <a class="reference internal" href="../api/keys/lifetimes.html#c.PSA_KEY_LIFETIME_VOLATILE" title="PSA_KEY_LIFETIME_VOLATILE">PSA_KEY_LIFETIME_VOLATILE</a> ((<a class="reference internal" href="../api/keys/lifetimes.html#c.psa_key_lifetime_t" title="psa_key_lifetime_t">psa_key_lifetime_t</a>) 0x00000000)
+#define <a class="reference internal" href="../api/keys/lifetimes.html#c.PSA_KEY_LOCATION_LOCAL_STORAGE" title="PSA_KEY_LOCATION_LOCAL_STORAGE">PSA_KEY_LOCATION_LOCAL_STORAGE</a> ((<a class="reference internal" href="../api/keys/lifetimes.html#c.psa_key_location_t" title="psa_key_location_t">psa_key_location_t</a>) 0x000000)
+#define <a class="reference internal" href="../api/keys/lifetimes.html#c.PSA_KEY_LOCATION_PRIMARY_SECURE_ELEMENT" title="PSA_KEY_LOCATION_PRIMARY_SECURE_ELEMENT">PSA_KEY_LOCATION_PRIMARY_SECURE_ELEMENT</a> ((<a class="reference internal" href="../api/keys/lifetimes.html#c.psa_key_location_t" title="psa_key_location_t">psa_key_location_t</a>) 0x000001)
+#define <a class="reference internal" href="../api/keys/lifetimes.html#c.PSA_KEY_PERSISTENCE_DEFAULT" title="PSA_KEY_PERSISTENCE_DEFAULT">PSA_KEY_PERSISTENCE_DEFAULT</a> ((<a class="reference internal" href="../api/keys/lifetimes.html#c.psa_key_persistence_t" title="psa_key_persistence_t">psa_key_persistence_t</a>) 0x01)
+#define <a class="reference internal" href="../api/keys/lifetimes.html#c.PSA_KEY_PERSISTENCE_READ_ONLY" title="PSA_KEY_PERSISTENCE_READ_ONLY">PSA_KEY_PERSISTENCE_READ_ONLY</a> ((<a class="reference internal" href="../api/keys/lifetimes.html#c.psa_key_persistence_t" title="psa_key_persistence_t">psa_key_persistence_t</a>) 0xff)
+#define <a class="reference internal" href="../api/keys/lifetimes.html#c.PSA_KEY_PERSISTENCE_VOLATILE" title="PSA_KEY_PERSISTENCE_VOLATILE">PSA_KEY_PERSISTENCE_VOLATILE</a> ((<a class="reference internal" href="../api/keys/lifetimes.html#c.psa_key_persistence_t" title="psa_key_persistence_t">psa_key_persistence_t</a>) 0x00)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES">PSA_KEY_TYPE_AES</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x2400)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ARC4" title="PSA_KEY_TYPE_ARC4">PSA_KEY_TYPE_ARC4</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x2002)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ARIA" title="PSA_KEY_TYPE_ARIA">PSA_KEY_TYPE_ARIA</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x2406)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_CAMELLIA" title="PSA_KEY_TYPE_CAMELLIA">PSA_KEY_TYPE_CAMELLIA</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x2403)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_CHACHA20" title="PSA_KEY_TYPE_CHACHA20">PSA_KEY_TYPE_CHACHA20</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x2004)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DERIVE" title="PSA_KEY_TYPE_DERIVE">PSA_KEY_TYPE_DERIVE</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x1200)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DES" title="PSA_KEY_TYPE_DES">PSA_KEY_TYPE_DES</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x2301)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DH_GET_FAMILY" title="PSA_KEY_TYPE_DH_GET_FAMILY">PSA_KEY_TYPE_DH_GET_FAMILY</a>(type) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DH_KEY_PAIR" title="PSA_KEY_TYPE_DH_KEY_PAIR">PSA_KEY_TYPE_DH_KEY_PAIR</a>(group) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DH_PUBLIC_KEY" title="PSA_KEY_TYPE_DH_PUBLIC_KEY">PSA_KEY_TYPE_DH_PUBLIC_KEY</a>(group) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ECC_GET_FAMILY" title="PSA_KEY_TYPE_ECC_GET_FAMILY">PSA_KEY_TYPE_ECC_GET_FAMILY</a>(type) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ECC_KEY_PAIR" title="PSA_KEY_TYPE_ECC_KEY_PAIR">PSA_KEY_TYPE_ECC_KEY_PAIR</a>(curve) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_ECC_PUBLIC_KEY">PSA_KEY_TYPE_ECC_PUBLIC_KEY</a>(curve) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_HMAC" title="PSA_KEY_TYPE_HMAC">PSA_KEY_TYPE_HMAC</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x1100)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_ASYMMETRIC" title="PSA_KEY_TYPE_IS_ASYMMETRIC">PSA_KEY_TYPE_IS_ASYMMETRIC</a>(type) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_DH" title="PSA_KEY_TYPE_IS_DH">PSA_KEY_TYPE_IS_DH</a>(type) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_DH_KEY_PAIR" title="PSA_KEY_TYPE_IS_DH_KEY_PAIR">PSA_KEY_TYPE_IS_DH_KEY_PAIR</a>(type) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_DH_PUBLIC_KEY" title="PSA_KEY_TYPE_IS_DH_PUBLIC_KEY">PSA_KEY_TYPE_IS_DH_PUBLIC_KEY</a>(type) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_ECC" title="PSA_KEY_TYPE_IS_ECC">PSA_KEY_TYPE_IS_ECC</a>(type) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_ECC_KEY_PAIR" title="PSA_KEY_TYPE_IS_ECC_KEY_PAIR">PSA_KEY_TYPE_IS_ECC_KEY_PAIR</a>(type) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY">PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY</a>(type) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_KEY_PAIR" title="PSA_KEY_TYPE_IS_KEY_PAIR">PSA_KEY_TYPE_IS_KEY_PAIR</a>(type) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_PUBLIC_KEY" title="PSA_KEY_TYPE_IS_PUBLIC_KEY">PSA_KEY_TYPE_IS_PUBLIC_KEY</a>(type) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_RSA" title="PSA_KEY_TYPE_IS_RSA">PSA_KEY_TYPE_IS_RSA</a>(type) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_UNSTRUCTURED" title="PSA_KEY_TYPE_IS_UNSTRUCTURED">PSA_KEY_TYPE_IS_UNSTRUCTURED</a>(type) <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY" title="PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY">PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY</a>(type) \
+ <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_NONE" title="PSA_KEY_TYPE_NONE">PSA_KEY_TYPE_NONE</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x0000)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PASSWORD" title="PSA_KEY_TYPE_PASSWORD">PSA_KEY_TYPE_PASSWORD</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x1203)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PASSWORD_HASH" title="PSA_KEY_TYPE_PASSWORD_HASH">PSA_KEY_TYPE_PASSWORD_HASH</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x1205)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PEPPER" title="PSA_KEY_TYPE_PEPPER">PSA_KEY_TYPE_PEPPER</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x1206)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR" title="PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR">PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR</a>(type) \
+ <em><a class="reference internal" href="../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_RAW_DATA" title="PSA_KEY_TYPE_RAW_DATA">PSA_KEY_TYPE_RAW_DATA</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x1001)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_RSA_KEY_PAIR" title="PSA_KEY_TYPE_RSA_KEY_PAIR">PSA_KEY_TYPE_RSA_KEY_PAIR</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x7001)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_RSA_PUBLIC_KEY" title="PSA_KEY_TYPE_RSA_PUBLIC_KEY">PSA_KEY_TYPE_RSA_PUBLIC_KEY</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x4001)
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_SM4" title="PSA_KEY_TYPE_SM4">PSA_KEY_TYPE_SM4</a> ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>)0x2405)
+#define <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_CACHE" title="PSA_KEY_USAGE_CACHE">PSA_KEY_USAGE_CACHE</a> ((<a class="reference internal" href="../api/keys/policy.html#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00000004)
+#define <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_COPY" title="PSA_KEY_USAGE_COPY">PSA_KEY_USAGE_COPY</a> ((<a class="reference internal" href="../api/keys/policy.html#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00000002)
+#define <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_DECRYPT" title="PSA_KEY_USAGE_DECRYPT">PSA_KEY_USAGE_DECRYPT</a> ((<a class="reference internal" href="../api/keys/policy.html#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00000200)
+#define <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_DERIVE" title="PSA_KEY_USAGE_DERIVE">PSA_KEY_USAGE_DERIVE</a> ((<a class="reference internal" href="../api/keys/policy.html#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00004000)
+#define <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_ENCRYPT" title="PSA_KEY_USAGE_ENCRYPT">PSA_KEY_USAGE_ENCRYPT</a> ((<a class="reference internal" href="../api/keys/policy.html#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00000100)
+#define <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_EXPORT" title="PSA_KEY_USAGE_EXPORT">PSA_KEY_USAGE_EXPORT</a> ((<a class="reference internal" href="../api/keys/policy.html#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00000001)
+#define <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_SIGN_HASH" title="PSA_KEY_USAGE_SIGN_HASH">PSA_KEY_USAGE_SIGN_HASH</a> ((<a class="reference internal" href="../api/keys/policy.html#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00001000)
+#define <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE">PSA_KEY_USAGE_SIGN_MESSAGE</a> ((<a class="reference internal" href="../api/keys/policy.html#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00000400)
+#define <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_VERIFY_DERIVATION" title="PSA_KEY_USAGE_VERIFY_DERIVATION">PSA_KEY_USAGE_VERIFY_DERIVATION</a> ((<a class="reference internal" href="../api/keys/policy.html#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00008000)
+#define <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_VERIFY_HASH" title="PSA_KEY_USAGE_VERIFY_HASH">PSA_KEY_USAGE_VERIFY_HASH</a> ((<a class="reference internal" href="../api/keys/policy.html#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00002000)
+#define <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE">PSA_KEY_USAGE_VERIFY_MESSAGE</a> ((<a class="reference internal" href="../api/keys/policy.html#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a>)0x00000800)
+#define <a class="reference internal" href="../api/ops/macs.html#c.PSA_MAC_LENGTH" title="PSA_MAC_LENGTH">PSA_MAC_LENGTH</a>(key_type, key_bits, alg) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/macs.html#c.PSA_MAC_MAX_SIZE" title="PSA_MAC_MAX_SIZE">PSA_MAC_MAX_SIZE</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/macs.html#c.PSA_MAC_OPERATION_INIT" title="PSA_MAC_OPERATION_INIT">PSA_MAC_OPERATION_INIT</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ka.html#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE" title="PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE">PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE</a> \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/ka.html#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE" title="PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE">PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE</a>(key_type, key_bits) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_SIGNATURE_MAX_SIZE" title="PSA_SIGNATURE_MAX_SIZE">PSA_SIGNATURE_MAX_SIZE</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_SIGN_OUTPUT_SIZE" title="PSA_SIGN_OUTPUT_SIZE">PSA_SIGN_OUTPUT_SIZE</a>(key_type, key_bits, alg) \
+ <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+#define <a class="reference internal" href="../api/library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS">PSA_SUCCESS</a> ((<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a>)0)
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE" title="PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE">PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE</a> <em><a class="reference internal" href="../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/aead.html#c.psa_aead_abort" title="psa_aead_abort">psa_aead_abort</a>(<a class="reference internal" href="../api/ops/aead.html#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/aead.html#c.psa_aead_decrypt" title="psa_aead_decrypt">psa_aead_decrypt</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * nonce,
+ size_t nonce_length,
+ const uint8_t * additional_data,
+ size_t additional_data_length,
+ const uint8_t * ciphertext,
+ size_t ciphertext_length,
+ uint8_t * plaintext,
+ size_t plaintext_size,
+ size_t * plaintext_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/aead.html#c.psa_aead_decrypt_setup" title="psa_aead_decrypt_setup">psa_aead_decrypt_setup</a>(<a class="reference internal" href="../api/ops/aead.html#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ <a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/aead.html#c.psa_aead_encrypt" title="psa_aead_encrypt">psa_aead_encrypt</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * nonce,
+ size_t nonce_length,
+ const uint8_t * additional_data,
+ size_t additional_data_length,
+ const uint8_t * plaintext,
+ size_t plaintext_length,
+ uint8_t * ciphertext,
+ size_t ciphertext_size,
+ size_t * ciphertext_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/aead.html#c.psa_aead_encrypt_setup" title="psa_aead_encrypt_setup">psa_aead_encrypt_setup</a>(<a class="reference internal" href="../api/ops/aead.html#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ <a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/aead.html#c.psa_aead_finish" title="psa_aead_finish">psa_aead_finish</a>(<a class="reference internal" href="../api/ops/aead.html#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ uint8_t * ciphertext,
+ size_t ciphertext_size,
+ size_t * ciphertext_length,
+ uint8_t * tag,
+ size_t tag_size,
+ size_t * tag_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/aead.html#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce">psa_aead_generate_nonce</a>(<a class="reference internal" href="../api/ops/aead.html#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ uint8_t * nonce,
+ size_t nonce_size,
+ size_t * nonce_length);
+<a class="reference internal" href="../api/ops/aead.html#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> <a class="reference internal" href="../api/ops/aead.html#c.psa_aead_operation_init" title="psa_aead_operation_init">psa_aead_operation_init</a>(void);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/aead.html#c.psa_aead_set_lengths" title="psa_aead_set_lengths">psa_aead_set_lengths</a>(<a class="reference internal" href="../api/ops/aead.html#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ size_t ad_length,
+ size_t plaintext_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/aead.html#c.psa_aead_set_nonce" title="psa_aead_set_nonce">psa_aead_set_nonce</a>(<a class="reference internal" href="../api/ops/aead.html#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ const uint8_t * nonce,
+ size_t nonce_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/aead.html#c.psa_aead_update" title="psa_aead_update">psa_aead_update</a>(<a class="reference internal" href="../api/ops/aead.html#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ const uint8_t * input,
+ size_t input_length,
+ uint8_t * output,
+ size_t output_size,
+ size_t * output_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/aead.html#c.psa_aead_update_ad" title="psa_aead_update_ad">psa_aead_update_ad</a>(<a class="reference internal" href="../api/ops/aead.html#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ const uint8_t * input,
+ size_t input_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/aead.html#c.psa_aead_verify" title="psa_aead_verify">psa_aead_verify</a>(<a class="reference internal" href="../api/ops/aead.html#c.psa_aead_operation_t" title="psa_aead_operation_t">psa_aead_operation_t</a> * operation,
+ uint8_t * plaintext,
+ size_t plaintext_size,
+ size_t * plaintext_length,
+ const uint8_t * tag,
+ size_t tag_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/pke.html#c.psa_asymmetric_decrypt" title="psa_asymmetric_decrypt">psa_asymmetric_decrypt</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ const uint8_t * salt,
+ size_t salt_length,
+ uint8_t * output,
+ size_t output_size,
+ size_t * output_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/pke.html#c.psa_asymmetric_encrypt" title="psa_asymmetric_encrypt">psa_asymmetric_encrypt</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ const uint8_t * salt,
+ size_t salt_length,
+ uint8_t * output,
+ size_t output_size,
+ size_t * output_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_abort" title="psa_cipher_abort">psa_cipher_abort</a>(<a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> * operation);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_decrypt" title="psa_cipher_decrypt">psa_cipher_decrypt</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ uint8_t * output,
+ size_t output_size,
+ size_t * output_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_decrypt_setup" title="psa_cipher_decrypt_setup">psa_cipher_decrypt_setup</a>(<a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> * operation,
+ <a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_encrypt" title="psa_cipher_encrypt">psa_cipher_encrypt</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ uint8_t * output,
+ size_t output_size,
+ size_t * output_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_encrypt_setup" title="psa_cipher_encrypt_setup">psa_cipher_encrypt_setup</a>(<a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> * operation,
+ <a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_finish" title="psa_cipher_finish">psa_cipher_finish</a>(<a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> * operation,
+ uint8_t * output,
+ size_t output_size,
+ size_t * output_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_generate_iv" title="psa_cipher_generate_iv">psa_cipher_generate_iv</a>(<a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> * operation,
+ uint8_t * iv,
+ size_t iv_size,
+ size_t * iv_length);
+<a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_operation_init" title="psa_cipher_operation_init">psa_cipher_operation_init</a>(void);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_set_iv" title="psa_cipher_set_iv">psa_cipher_set_iv</a>(<a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> * operation,
+ const uint8_t * iv,
+ size_t iv_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_update" title="psa_cipher_update">psa_cipher_update</a>(<a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_operation_t" title="psa_cipher_operation_t">psa_cipher_operation_t</a> * operation,
+ const uint8_t * input,
+ size_t input_length,
+ uint8_t * output,
+ size_t output_size,
+ size_t * output_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/keys/management.html#c.psa_copy_key" title="psa_copy_key">psa_copy_key</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> source_key,
+ const <a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ <a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> * target_key);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/library/library.html#c.psa_crypto_init" title="psa_crypto_init">psa_crypto_init</a>(void);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/keys/management.html#c.psa_destroy_key" title="psa_destroy_key">psa_destroy_key</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/keys/management.html#c.psa_export_key" title="psa_export_key">psa_export_key</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ uint8_t * data,
+ size_t data_size,
+ size_t * data_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/keys/management.html#c.psa_export_public_key" title="psa_export_public_key">psa_export_public_key</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ uint8_t * data,
+ size_t data_size,
+ size_t * data_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/keys/management.html#c.psa_generate_key" title="psa_generate_key">psa_generate_key</a>(const <a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ <a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> * key);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/rng.html#c.psa_generate_random" title="psa_generate_random">psa_generate_random</a>(uint8_t * output,
+ size_t output_size);
+<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> <a class="reference internal" href="../api/keys/policy.html#c.psa_get_key_algorithm" title="psa_get_key_algorithm">psa_get_key_algorithm</a>(const <a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/keys/attributes.html#c.psa_get_key_attributes" title="psa_get_key_attributes">psa_get_key_attributes</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes);
+size_t <a class="reference internal" href="../api/keys/types.html#c.psa_get_key_bits" title="psa_get_key_bits">psa_get_key_bits</a>(const <a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes);
+<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> <a class="reference internal" href="../api/keys/ids.html#c.psa_get_key_id" title="psa_get_key_id">psa_get_key_id</a>(const <a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes);
+<a class="reference internal" href="../api/keys/lifetimes.html#c.psa_key_lifetime_t" title="psa_key_lifetime_t">psa_key_lifetime_t</a> <a class="reference internal" href="../api/keys/lifetimes.html#c.psa_get_key_lifetime" title="psa_get_key_lifetime">psa_get_key_lifetime</a>(const <a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes);
+<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a> <a class="reference internal" href="../api/keys/types.html#c.psa_get_key_type" title="psa_get_key_type">psa_get_key_type</a>(const <a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes);
+<a class="reference internal" href="../api/keys/policy.html#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a> <a class="reference internal" href="../api/keys/policy.html#c.psa_get_key_usage_flags" title="psa_get_key_usage_flags">psa_get_key_usage_flags</a>(const <a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_abort" title="psa_hash_abort">psa_hash_abort</a>(<a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * operation);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_clone" title="psa_hash_clone">psa_hash_clone</a>(const <a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * source_operation,
+ <a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * target_operation);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_compare" title="psa_hash_compare">psa_hash_compare</a>(<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ const uint8_t * hash,
+ size_t hash_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_compute" title="psa_hash_compute">psa_hash_compute</a>(<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ uint8_t * hash,
+ size_t hash_size,
+ size_t * hash_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_finish" title="psa_hash_finish">psa_hash_finish</a>(<a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * operation,
+ uint8_t * hash,
+ size_t hash_size,
+ size_t * hash_length);
+<a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> <a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_operation_init" title="psa_hash_operation_init">psa_hash_operation_init</a>(void);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_resume" title="psa_hash_resume">psa_hash_resume</a>(<a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * operation,
+ const uint8_t * hash_state,
+ size_t hash_state_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_setup" title="psa_hash_setup">psa_hash_setup</a>(<a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * operation,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_suspend" title="psa_hash_suspend">psa_hash_suspend</a>(<a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * operation,
+ uint8_t * hash_state,
+ size_t hash_state_size,
+ size_t * hash_state_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_update" title="psa_hash_update">psa_hash_update</a>(<a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * operation,
+ const uint8_t * input,
+ size_t input_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_verify" title="psa_hash_verify">psa_hash_verify</a>(<a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_operation_t" title="psa_hash_operation_t">psa_hash_operation_t</a> * operation,
+ const uint8_t * hash,
+ size_t hash_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/keys/management.html#c.psa_import_key" title="psa_import_key">psa_import_key</a>(const <a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ const uint8_t * data,
+ size_t data_length,
+ <a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> * key);
+<a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> <a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_init" title="psa_key_attributes_init">psa_key_attributes_init</a>(void);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_abort" title="psa_key_derivation_abort">psa_key_derivation_abort</a>(<a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_get_capacity" title="psa_key_derivation_get_capacity">psa_key_derivation_get_capacity</a>(const <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ size_t * capacity);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_input_bytes" title="psa_key_derivation_input_bytes">psa_key_derivation_input_bytes</a>(<a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_step_t" title="psa_key_derivation_step_t">psa_key_derivation_step_t</a> step,
+ const uint8_t * data,
+ size_t data_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_input_integer" title="psa_key_derivation_input_integer">psa_key_derivation_input_integer</a>(<a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_step_t" title="psa_key_derivation_step_t">psa_key_derivation_step_t</a> step,
+ uint64_t value);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_input_key" title="psa_key_derivation_input_key">psa_key_derivation_input_key</a>(<a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_step_t" title="psa_key_derivation_step_t">psa_key_derivation_step_t</a> step,
+ <a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/ka.html#c.psa_key_derivation_key_agreement" title="psa_key_derivation_key_agreement">psa_key_derivation_key_agreement</a>(<a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_step_t" title="psa_key_derivation_step_t">psa_key_derivation_step_t</a> step,
+ <a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> private_key,
+ const uint8_t * peer_key,
+ size_t peer_key_length);
+<a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_init" title="psa_key_derivation_operation_init">psa_key_derivation_operation_init</a>(void);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_output_bytes" title="psa_key_derivation_output_bytes">psa_key_derivation_output_bytes</a>(<a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ uint8_t * output,
+ size_t output_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key">psa_key_derivation_output_key</a>(const <a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ <a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> * key);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_set_capacity" title="psa_key_derivation_set_capacity">psa_key_derivation_set_capacity</a>(<a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ size_t capacity);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_setup" title="psa_key_derivation_setup">psa_key_derivation_setup</a>(<a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_verify_bytes" title="psa_key_derivation_verify_bytes">psa_key_derivation_verify_bytes</a>(<a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ const uint8_t *expected_output,
+ size_t output_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_verify_key" title="psa_key_derivation_verify_key">psa_key_derivation_verify_key</a>(<a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t">psa_key_derivation_operation_t</a> * operation,
+ <a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> expected);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/macs.html#c.psa_mac_abort" title="psa_mac_abort">psa_mac_abort</a>(<a class="reference internal" href="../api/ops/macs.html#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/macs.html#c.psa_mac_compute" title="psa_mac_compute">psa_mac_compute</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ uint8_t * mac,
+ size_t mac_size,
+ size_t * mac_length);
+<a class="reference internal" href="../api/ops/macs.html#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> <a class="reference internal" href="../api/ops/macs.html#c.psa_mac_operation_init" title="psa_mac_operation_init">psa_mac_operation_init</a>(void);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/macs.html#c.psa_mac_sign_finish" title="psa_mac_sign_finish">psa_mac_sign_finish</a>(<a class="reference internal" href="../api/ops/macs.html#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation,
+ uint8_t * mac,
+ size_t mac_size,
+ size_t * mac_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/macs.html#c.psa_mac_sign_setup" title="psa_mac_sign_setup">psa_mac_sign_setup</a>(<a class="reference internal" href="../api/ops/macs.html#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation,
+ <a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/macs.html#c.psa_mac_update" title="psa_mac_update">psa_mac_update</a>(<a class="reference internal" href="../api/ops/macs.html#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation,
+ const uint8_t * input,
+ size_t input_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/macs.html#c.psa_mac_verify" title="psa_mac_verify">psa_mac_verify</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ const uint8_t * mac,
+ size_t mac_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/macs.html#c.psa_mac_verify_finish" title="psa_mac_verify_finish">psa_mac_verify_finish</a>(<a class="reference internal" href="../api/ops/macs.html#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation,
+ const uint8_t * mac,
+ size_t mac_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/macs.html#c.psa_mac_verify_setup" title="psa_mac_verify_setup">psa_mac_verify_setup</a>(<a class="reference internal" href="../api/ops/macs.html#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation,
+ <a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/keys/management.html#c.psa_purge_key" title="psa_purge_key">psa_purge_key</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/ka.html#c.psa_raw_key_agreement" title="psa_raw_key_agreement">psa_raw_key_agreement</a>(<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ <a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> private_key,
+ const uint8_t * peer_key,
+ size_t peer_key_length,
+ uint8_t * output,
+ size_t output_size,
+ size_t * output_length);
+void <a class="reference internal" href="../api/keys/attributes.html#c.psa_reset_key_attributes" title="psa_reset_key_attributes">psa_reset_key_attributes</a>(<a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes);
+void <a class="reference internal" href="../api/keys/policy.html#c.psa_set_key_algorithm" title="psa_set_key_algorithm">psa_set_key_algorithm</a>(<a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);
+void <a class="reference internal" href="../api/keys/types.html#c.psa_set_key_bits" title="psa_set_key_bits">psa_set_key_bits</a>(<a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ size_t bits);
+void <a class="reference internal" href="../api/keys/ids.html#c.psa_set_key_id" title="psa_set_key_id">psa_set_key_id</a>(<a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ <a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> id);
+void <a class="reference internal" href="../api/keys/lifetimes.html#c.psa_set_key_lifetime" title="psa_set_key_lifetime">psa_set_key_lifetime</a>(<a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ <a class="reference internal" href="../api/keys/lifetimes.html#c.psa_key_lifetime_t" title="psa_key_lifetime_t">psa_key_lifetime_t</a> lifetime);
+void <a class="reference internal" href="../api/keys/types.html#c.psa_set_key_type" title="psa_set_key_type">psa_set_key_type</a>(<a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ <a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a> type);
+void <a class="reference internal" href="../api/keys/policy.html#c.psa_set_key_usage_flags" title="psa_set_key_usage_flags">psa_set_key_usage_flags</a>(<a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t">psa_key_attributes_t</a> * attributes,
+ <a class="reference internal" href="../api/keys/policy.html#c.psa_key_usage_t" title="psa_key_usage_t">psa_key_usage_t</a> usage_flags);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/sign.html#c.psa_sign_hash" title="psa_sign_hash">psa_sign_hash</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * hash,
+ size_t hash_length,
+ uint8_t * signature,
+ size_t signature_size,
+ size_t * signature_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/sign.html#c.psa_sign_message" title="psa_sign_message">psa_sign_message</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ uint8_t * signature,
+ size_t signature_size,
+ size_t * signature_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/sign.html#c.psa_verify_hash" title="psa_verify_hash">psa_verify_hash</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * hash,
+ size_t hash_length,
+ const uint8_t * signature,
+ size_t signature_length);
+<a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="../api/ops/sign.html#c.psa_verify_message" title="psa_verify_message">psa_verify_message</a>(<a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
+ <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
+ const uint8_t * input,
+ size_t input_length,
+ const uint8_t * signature,
+ size_t signature_length);
+
+</pre>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../about.html">About this document</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1 current"><a class="current reference internal" href="#">Example header file</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="#psa-crypto-h">psa/crypto.h</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/appendix/history.html b/docs/1.1.0/html/appendix/history.html
new file mode 100644
index 0000000..e4d6e21
--- /dev/null
+++ b/docs/1.1.0/html/appendix/history.html
@@ -0,0 +1,797 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>Changes to the API — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../_static/jquery.js"></script>
+ <script type="text/javascript" src="../_static/underscore.js"></script>
+ <script type="text/javascript" src="../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../about.html" />
+ <link rel="index" title="Index" href="../genindex.html" />
+ <link rel="search" title="Search" href="../search.html" />
+ <link rel="prev" title="Security Risk Assessment" href="sra.html" />
+
+ <link rel="stylesheet" href="../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="changes-to-the-api">
+<h1>Changes to the API</h1>
+<div class="section" id="document-change-history">
+<span id="changes"></span><h2>Document change history</h2>
+<p>This section provides the detailed changes made between published version of the document.</p>
+<div class="section" id="changes-between-1-0-1-and-1-1-0">
+<h3>Changes between <em>1.0.1</em> and <em>1.1.0</em></h3>
+<div class="section" id="id1">
+<h4>Changes to the API</h4>
+<ul class="simple">
+<li>Relaxation when a raw key agreement is used as a key’s permitted algorithm policy. This now also permits the key agreement to be combined with any key derivation algorithm. See <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_FFDH" title="PSA_ALG_FFDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_FFDH</span></code></a> and <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_ECDH" title="PSA_ALG_ECDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDH</span></code></a>.</li>
+<li>Provide wildcard permitted-algorithm polices for MAC and AEAD that can specify a minimum MAC or tag length. The following elements are added to the API:<ul>
+<li><a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_AT_LEAST_THIS_LENGTH_MAC" title="PSA_ALG_AT_LEAST_THIS_LENGTH_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_AT_LEAST_THIS_LENGTH_MAC()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG" title="PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG()</span></code></a></li>
+</ul>
+</li>
+<li>Added support for password-hashing and key-stretching algorithms, as key derivation operations.<ul>
+<li>Added key types <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PASSWORD" title="PSA_KEY_TYPE_PASSWORD"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD</span></code></a>, <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PASSWORD_HASH" title="PSA_KEY_TYPE_PASSWORD_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PASSWORD_HASH</span></code></a> and <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PEPPER" title="PSA_KEY_TYPE_PEPPER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PEPPER</span></code></a>, to support use of these new types of algorithm.</li>
+<li>Add key derivation input steps <a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_PASSWORD" title="PSA_KEY_DERIVATION_INPUT_PASSWORD"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_PASSWORD</span></code></a> and <a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_COST" title="PSA_KEY_DERIVATION_INPUT_COST"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_COST</span></code></a>.</li>
+<li>Added <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_input_integer" title="psa_key_derivation_input_integer"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_integer()</span></code></a> to support numerical inputs to a key derivation operation.</li>
+<li>Added functions <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_verify_bytes" title="psa_key_derivation_verify_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_verify_bytes()</span></code></a> and <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_verify_key" title="psa_key_derivation_verify_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_verify_key()</span></code></a> to compare derivation output data within the cryptoprocessor.</li>
+<li>Added usage flag <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_VERIFY_DERIVATION" title="PSA_KEY_USAGE_VERIFY_DERIVATION"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_DERIVATION</span></code></a> for using keys with the new verification functions.</li>
+<li>Modified the description of existing key derivation APIs to enable the use of key derivation functionality.</li>
+</ul>
+</li>
+<li>Added algorithms <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_PBKDF2_HMAC" title="PSA_ALG_PBKDF2_HMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_PBKDF2_HMAC()</span></code></a> and <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_PBKDF2_AES_CMAC_PRF_128" title="PSA_ALG_PBKDF2_AES_CMAC_PRF_128"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_PBKDF2_AES_CMAC_PRF_128</span></code></a> to implement the PBKDF2 password-hashing algorithm.</li>
+<li>Add support for twisted Edwards Elliptic curve keys, and the associated EdDSA signature algorithms. The following elements are added to the API:<ul>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_TWISTED_EDWARDS" title="PSA_ECC_FAMILY_TWISTED_EDWARDS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_TWISTED_EDWARDS</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_PURE_EDDSA" title="PSA_ALG_PURE_EDDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_PURE_EDDSA</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ED25519PH" title="PSA_ALG_ED25519PH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ED25519PH</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ED448PH" title="PSA_ALG_ED448PH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ED448PH</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHAKE256_512" title="PSA_ALG_SHAKE256_512"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHAKE256_512</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_HASH_EDDSA" title="PSA_ALG_IS_HASH_EDDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_HASH_EDDSA()</span></code></a></li>
+</ul>
+</li>
+<li>Added an identifier for <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ARIA" title="PSA_KEY_TYPE_ARIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARIA</span></code></a>.</li>
+<li>Added <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PSS_ANY_SALT" title="PSA_ALG_RSA_PSS_ANY_SALT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS_ANY_SALT()</span></code></a>, which creates the same signatures as <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS()</span></code></a>, but permits any salt length when verifying a signature. Also added the helper macros <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RSA_PSS_ANY_SALT" title="PSA_ALG_IS_RSA_PSS_ANY_SALT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_RSA_PSS_ANY_SALT()</span></code></a> and <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RSA_PSS_STANDARD_SALT" title="PSA_ALG_IS_RSA_PSS_STANDARD_SALT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_RSA_PSS_STANDARD_SALT()</span></code></a>, and extended <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RSA_PSS" title="PSA_ALG_IS_RSA_PSS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_RSA_PSS()</span></code></a> to detect both variants of the RSA-PSS algorithm.</li>
+</ul>
+</div>
+<div class="section" id="clarifications-and-fixes">
+<h4>Clarifications and fixes</h4>
+<ul class="simple">
+<li>Described the use of header files and the general API conventions. See <a class="reference internal" href="../overview/conventions.html#library-conventions"><span class="secref">Library conventions</span></a>.</li>
+<li>Added details for SHA-512/224 to the hash suspend state. See <a class="reference internal" href="../api/ops/hashes.html#hash-suspend-state"><span class="secref">Hash suspend state</span></a>.</li>
+<li>Removed ambiguities from support macros that provide buffer sizes, and improved consistency of parameter domain definition.</li>
+<li>Clarified the length of salt used for creating <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS()</span></code></a> signatures, and that verification requires the same length of salt in the signature.</li>
+<li>Documented the use of <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a> when the input data to an operation exceeds the limit specified by the algorithm.</li>
+<li>Clarified how the <a class="reference internal" href="../api/ops/pke.html#c.PSA_ALG_RSA_OAEP" title="PSA_ALG_RSA_OAEP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_OAEP()</span></code></a> algorithm uses the hash algorithm parameter.</li>
+<li>Fixed error in <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_setup" title="psa_key_derivation_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_setup()</span></code></a> documentation: combined key agreement and key derivation algorithms are valid for this API.</li>
+<li>Added and clarified documentation for error conditions across the API.</li>
+<li>Clarified the distinction between <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_HASH_AND_SIGN" title="PSA_ALG_IS_HASH_AND_SIGN"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_HASH_AND_SIGN()</span></code></a> and <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_SIGN_HASH" title="PSA_ALG_IS_SIGN_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_SIGN_HASH()</span></code></a>.</li>
+<li>Clarified the behavior of <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_HASH_AND_SIGN" title="PSA_ALG_IS_HASH_AND_SIGN"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_HASH_AND_SIGN()</span></code></a> with a wildcard algorithm policy parameter.</li>
+<li>Documented the use of <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</span></code></a> with the <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN" title="PSA_ALG_RSA_PKCS1V15_SIGN"><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a><code class="docutils literal"><span class="pre">)</span></code> wildcard policy.</li>
+<li>Clarified the way that <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_CCM" title="PSA_ALG_CCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CCM</span></code></a> determines the value of the CCM configuration parameter <em>L</em>. Clarified that nonces generated by <a class="reference internal" href="../api/ops/aead.html#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a> can be shorter than the default nonce length provided by <a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_NONCE_LENGTH" title="PSA_AEAD_NONCE_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_NONCE_LENGTH()</span></code></a>.</li>
+</ul>
+</div>
+<div class="section" id="other-changes">
+<h4>Other changes</h4>
+<ul class="simple">
+<li>Add new appendix describing the encoding of algorithm identifiers and key types. See <a class="reference internal" href="encodings.html#appendix-encodings"><span class="secref">Algorithm and key type encoding</span></a>.</li>
+<li>Migrated cryptographic operation summaries to the start of the appropriate operation section, and out of the <a class="reference internal" href="../overview/functionality.html#functionality-overview"><span class="secref">Functionality overview</span></a>.</li>
+<li>Included a Security Risk Assessment for the PSA Cryptography API.</li>
+</ul>
+</div>
+</div>
+<div class="section" id="changes-between-1-0-0-and-1-0-1">
+<h3>Changes between <em>1.0.0</em> and <em>1.0.1</em></h3>
+<div class="section" id="id2">
+<h4>Changes to the API</h4>
+<ul class="simple">
+<li>Added subtypes <a class="reference internal" href="../api/keys/lifetimes.html#c.psa_key_persistence_t" title="psa_key_persistence_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_persistence_t</span></code></a> and <a class="reference internal" href="../api/keys/lifetimes.html#c.psa_key_location_t" title="psa_key_location_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_location_t</span></code></a> for key lifetimes, and defined standard values for these attributes.</li>
+<li>Added identifiers for <a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SM3" title="PSA_ALG_SM3"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SM3</span></code></a> and <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_SM4" title="PSA_KEY_TYPE_SM4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_SM4</span></code></a>.</li>
+</ul>
+</div>
+<div class="section" id="id3">
+<h4>Clarifications and fixes</h4>
+<ul class="simple">
+<li>Provided citation references for all cryptographic algorithms in the specification.</li>
+<li>Provided precise key size information for all key types.</li>
+<li>Permitted implementations to store and export long HMAC keys in hashed form.</li>
+<li>Provided details for initialization vectors in all unauthenticated cipher algorithms.</li>
+<li>Provided details for nonces in all AEAD algorithms.</li>
+<li>Clarified the input steps for HKDF.</li>
+<li>Provided details of signature algorithms, include requirements when using with <a class="reference internal" href="../api/ops/sign.html#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a> and <a class="reference internal" href="../api/ops/sign.html#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a>.</li>
+<li>Provided details of key agreement algorithms, and how to use them.</li>
+<li>Aligned terminology relating to key policies, to clarify the combination of the usage flags and permitted algorithm in the policy.</li>
+<li>Clarified the use of the individual key attributes for all of the key creation functions.</li>
+<li>Restructured the description for <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a>, to clarify the handling of the excess bits in ECC key generation when needing a string of bits whose length is not a multiple of <code class="docutils literal"><span class="pre">8</span></code>.</li>
+<li>Referenced the correct buffer size macros for <a class="reference internal" href="../api/keys/management.html#c.psa_export_key" title="psa_export_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_key()</span></code></a>.</li>
+<li>Removed the use of the <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_DOES_NOT_EXIST" title="PSA_ERROR_DOES_NOT_EXIST"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_DOES_NOT_EXIST</span></code></a> error.</li>
+<li>Clarified concurrency rules.</li>
+<li>Document that <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a> does not return <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a> if the secret input is the result of a key agreement. This matches what was already documented for <a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_SECRET" title="PSA_KEY_DERIVATION_INPUT_SECRET"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SECRET</span></code></a>.</li>
+<li>Relax the requirement to use the defined key derivation methods in <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a>: implementation-specific KDF algorithms can use implementation-defined methods to derive the key material.</li>
+</ul>
+</div>
+<div class="section" id="id4">
+<h4>Other changes</h4>
+<ul class="simple">
+<li>Provided a glossary of terms.</li>
+<li>Provided a table of references.</li>
+<li>Restructured the <a class="reference internal" href="../api/keys/index.html#key-management"><span class="secref">Key management reference</span></a> chapter.<ul>
+<li>Moved individual attribute types, values and accessor functions into their own sections.</li>
+<li>Placed permitted algorithms and usage flags into <a class="reference internal" href="../api/keys/policy.html#key-policy"><span class="secref">Key policies</span></a>.</li>
+<li>Moved most introductory material from the <a class="reference internal" href="../overview/functionality.html#functionality-overview"><span class="secref">Functionality overview</span></a> into the relevant API sections.</li>
+</ul>
+</li>
+</ul>
+</div>
+</div>
+<div class="section" id="changes-between-1-0-beta-3-and-1-0-0">
+<h3>Changes between <em>1.0 beta 3</em> and <em>1.0.0</em></h3>
+<div class="section" id="id5">
+<h4>Changes to the API</h4>
+<ul>
+<li><p class="first">Added <a class="reference internal" href="../api/library/library.html#c.PSA_CRYPTO_API_VERSION_MAJOR" title="PSA_CRYPTO_API_VERSION_MAJOR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CRYPTO_API_VERSION_MAJOR</span></code></a> and <a class="reference internal" href="../api/library/library.html#c.PSA_CRYPTO_API_VERSION_MINOR" title="PSA_CRYPTO_API_VERSION_MINOR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CRYPTO_API_VERSION_MINOR</span></code></a> to report the PSA Crypto API version.</p>
+</li>
+<li><p class="first">Removed <code class="docutils literal"><span class="pre">PSA_ALG_GMAC</span></code> algorithm identifier.</p>
+</li>
+<li><p class="first">Removed internal implementation macros from the API specification:</p>
+<ul class="simple">
+<li><code class="docutils literal"><span class="pre">PSA_AEAD_TAG_LENGTH_OFFSET</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_AEAD_FROM_BLOCK_FLAG</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_AEAD_TAG_LENGTH_MASK</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_CATEGORY_AEAD</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_CATEGORY_CIPHER</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_CATEGORY_HASH</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_CATEGORY_KEY_AGREEMENT</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_CATEGORY_KEY_DERIVATION</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_CATEGORY_MAC</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_CATEGORY_MASK</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_CATEGORY_SIGN</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_CIPHER_FROM_BLOCK_FLAG</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_CIPHER_MAC_BASE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_CIPHER_STREAM_FLAG</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA_BASE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_ECDSA_BASE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_ECDSA_IS_DETERMINISTIC</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_HASH_MASK</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_HKDF_BASE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_HMAC_BASE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_IS_KEY_DERIVATION_OR_AGREEMENT</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_IS_VENDOR_DEFINED</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT_MASK</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_KEY_DERIVATION_MASK</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_MAC_SUBCATEGORY_MASK</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_MAC_TRUNCATION_MASK</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_RSA_OAEP_BASE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_BASE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_RSA_PSS_BASE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_TLS12_PRF_BASE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_TLS12_PSK_TO_MS_BASE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_VENDOR_FLAG</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_BITS_TO_BYTES</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_BYTES_TO_BITS</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECDSA_SIGNATURE_SIZE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_HMAC_MAX_HASH_BLOCK_SIZE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_CATEGORY_FLAG_PAIR</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_CATEGORY_KEY_PAIR</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_CATEGORY_MASK</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_CATEGORY_RAW</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_CATEGORY_SYMMETRIC</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DH_GROUP_MASK</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DH_KEY_PAIR_BASE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_CURVE_MASK</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_KEY_PAIR_BASE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_IS_VENDOR_DEFINED</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_VENDOR_FLAG</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_MAC_TRUNCATED_LENGTH</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_MAC_TRUNCATION_OFFSET</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ROUND_UP_TO_MULTIPLE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_RSA_MINIMUM_PADDING_SIZE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_VENDOR_ECC_MAX_CURVE_BITS</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_VENDOR_RSA_MAX_KEY_BITS</span></code></li>
+</ul>
+</li>
+<li><p class="first">Remove the definition of implementation-defined macros from the specification, and clarified the implementation requirements for these macros in <a class="reference internal" href="../overview/implementation.html#implementation-specific-macro"><span class="secref">Implementation-specific macros</span></a>.</p>
+<ul class="simple">
+<li>Macros with implementation-defined values are indicated by <code class="docutils literal"><span class="pre">/*</span> <span class="pre">implementation-defined</span> <span class="pre">value</span> <span class="pre">*/</span></code> in the API prototype.
+The implementation must provide the implementation.</li>
+<li>Macros for algorithm and key type construction and inspection have specification-defined values.
+This is indicated by <code class="docutils literal"><span class="pre">/*</span> <span class="pre">specification-defined</span> <span class="pre">value</span> <span class="pre">*/</span></code> in the API prototype.
+Example definitions of these macros is provided in <a class="reference internal" href="specdef_values.html#appendix-specdef-values"><span class="secref">Example macro implementations</span></a>.</li>
+</ul>
+</li>
+<li><p class="first">Changed the semantics of multi-part operations.</p>
+<ul class="simple">
+<li>Formalize the standard pattern for multi-part operations.</li>
+<li>Require all errors to result in an error state, requiring a call to <code class="docutils literal"><span class="pre">psa_xxx_abort()</span></code> to reset the object.</li>
+<li>Define behavior in illegal and impossible operation states, and for copying and reusing operation objects.</li>
+</ul>
+<p>Although the API signatures have not changed, this change requires modifications to application flows that handle error conditions in multi-part operations.</p>
+</li>
+<li><p class="first">Merge the key identifier and key handle concepts in the API.</p>
+<ul class="simple">
+<li>Replaced all references to key handles with key identifiers, or something similar.</li>
+<li>Replaced all uses of <code class="docutils literal"><span class="pre">psa_key_handle_t</span></code> with <a class="reference internal" href="../api/keys/ids.html#c.psa_key_id_t" title="psa_key_id_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_id_t</span></code></a> in the API, and removes the <code class="docutils literal"><span class="pre">psa_key_handle_t</span></code> type.</li>
+<li>Removed <code class="docutils literal"><span class="pre">psa_open_key</span></code> and <code class="docutils literal"><span class="pre">psa_close_key</span></code>.</li>
+<li>Added <a class="reference internal" href="../api/keys/ids.html#c.PSA_KEY_ID_NULL" title="PSA_KEY_ID_NULL"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_ID_NULL</span></code></a> for the never valid zero key identifier.</li>
+<li>Document rules related to destroying keys whilst in use.</li>
+<li>Added the <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_CACHE" title="PSA_KEY_USAGE_CACHE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_CACHE</span></code></a> usage flag and the related <a class="reference internal" href="../api/keys/management.html#c.psa_purge_key" title="psa_purge_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_purge_key()</span></code></a> API.</li>
+<li>Added clarification about caching keys to non-volatile memory.</li>
+</ul>
+</li>
+<li><p class="first">Renamed <code class="docutils literal"><span class="pre">PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN</span></code> to <a class="reference internal" href="../api/ops/kdf.html#c.PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE" title="PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE</span></code></a>.</p>
+</li>
+<li><p class="first">Relax definition of implementation-defined types.</p>
+<ul class="simple">
+<li>This is indicated in the specification by <code class="docutils literal"><span class="pre">/*</span> <span class="pre">implementation-defined</span> <span class="pre">type</span> <span class="pre">*/</span></code> in the type definition.</li>
+<li>The specification only defines the name of implementation-defined types, and does not require that the implementation is a C struct.</li>
+</ul>
+</li>
+<li><p class="first">Zero-length keys are not permitted. Attempting to create one will now result in an error.</p>
+</li>
+<li><p class="first">Relax the constraints on inputs to key derivation:</p>
+<ul class="simple">
+<li><a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_input_bytes" title="psa_key_derivation_input_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_bytes()</span></code></a> can be used for secret input steps. This is necessary if a zero-length input is required by the application.</li>
+<li><a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_input_key" title="psa_key_derivation_input_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_key()</span></code></a> can be used for non-secret input steps.</li>
+</ul>
+</li>
+<li><p class="first">Multi-part cipher operations now require that the IV is passed using <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_set_iv" title="psa_cipher_set_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_set_iv()</span></code></a>, the option to provide this as part of the input to <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_update" title="psa_cipher_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_update()</span></code></a> has been removed.</p>
+<p>The format of the output from <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_encrypt" title="psa_cipher_encrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt()</span></code></a>, and input to <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_decrypt" title="psa_cipher_decrypt"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_decrypt()</span></code></a>, is documented.</p>
+</li>
+<li><p class="first">Support macros to calculate the size of output buffers, IVs and nonces.</p>
+<ul class="simple">
+<li>Macros to calculate a key and/or algorithm specific result are provided for all output buffers. The new macros are:<ul>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_NONCE_LENGTH" title="PSA_AEAD_NONCE_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_NONCE_LENGTH()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_ENCRYPT_OUTPUT_SIZE" title="PSA_CIPHER_ENCRYPT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_ENCRYPT_OUTPUT_SIZE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE" title="PSA_CIPHER_DECRYPT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_DECRYPT_OUTPUT_SIZE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_UPDATE_OUTPUT_SIZE" title="PSA_CIPHER_UPDATE_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_UPDATE_OUTPUT_SIZE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_FINISH_OUTPUT_SIZE" title="PSA_CIPHER_FINISH_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_FINISH_OUTPUT_SIZE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_IV_LENGTH" title="PSA_CIPHER_IV_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_IV_LENGTH()</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/management.html#c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE" title="PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ka.html#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE" title="PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE()</span></code></a></li>
+</ul>
+</li>
+<li>Macros that evaluate to a maximum type-independent buffer size are provided. The new macros are:<ul>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE" title="PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_FINISH_OUTPUT_MAX_SIZE" title="PSA_AEAD_FINISH_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_FINISH_OUTPUT_MAX_SIZE</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE" title="PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_NONCE_MAX_SIZE" title="PSA_AEAD_NONCE_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_NONCE_MAX_SIZE</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_TAG_MAX_SIZE" title="PSA_AEAD_TAG_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_TAG_MAX_SIZE</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/pke.html#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/pke.html#c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE" title="PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE" title="PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE" title="PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE" title="PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_IV_MAX_SIZE" title="PSA_CIPHER_IV_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_IV_MAX_SIZE</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/management.html#c.PSA_EXPORT_KEY_PAIR_MAX_SIZE" title="PSA_EXPORT_KEY_PAIR_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_EXPORT_KEY_PAIR_MAX_SIZE</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/management.html#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE" title="PSA_EXPORT_PUBLIC_KEY_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_EXPORT_PUBLIC_KEY_MAX_SIZE</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ka.html#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE" title="PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE</span></code></a></li>
+</ul>
+</li>
+<li>AEAD output buffer size macros are now parameterized on the key type as well as the algorithm:<ul>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_ENCRYPT_OUTPUT_SIZE" title="PSA_AEAD_ENCRYPT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_ENCRYPT_OUTPUT_SIZE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_DECRYPT_OUTPUT_SIZE" title="PSA_AEAD_DECRYPT_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_DECRYPT_OUTPUT_SIZE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_UPDATE_OUTPUT_SIZE" title="PSA_AEAD_UPDATE_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_UPDATE_OUTPUT_SIZE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_FINISH_OUTPUT_SIZE" title="PSA_AEAD_FINISH_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_FINISH_OUTPUT_SIZE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_TAG_LENGTH" title="PSA_AEAD_TAG_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_TAG_LENGTH()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_VERIFY_OUTPUT_SIZE" title="PSA_AEAD_VERIFY_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_VERIFY_OUTPUT_SIZE()</span></code></a></li>
+</ul>
+</li>
+<li>Some existing macros have been renamed to ensure that the name of the support macros are consistent. The following macros have been renamed:<ul>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH()</span></code> → <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG" title="PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG()</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_TAG_LENGTH()</span></code> → <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_AEAD_WITH_SHORTENED_TAG" title="PSA_ALG_AEAD_WITH_SHORTENED_TAG"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_SHORTENED_TAG()</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_EXPORT_MAX_SIZE()</span></code> → <a class="reference internal" href="../api/keys/management.html#c.PSA_EXPORT_KEY_OUTPUT_SIZE" title="PSA_EXPORT_KEY_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_EXPORT_KEY_OUTPUT_SIZE()</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">PSA_HASH_SIZE()</span></code> → <a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_LENGTH" title="PSA_HASH_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_LENGTH()</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">PSA_MAC_FINAL_SIZE()</span></code> → <a class="reference internal" href="../api/ops/macs.html#c.PSA_MAC_LENGTH" title="PSA_MAC_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_MAC_LENGTH()</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">PSA_BLOCK_CIPHER_BLOCK_SIZE()</span></code> → <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_BLOCK_CIPHER_BLOCK_LENGTH" title="PSA_BLOCK_CIPHER_BLOCK_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_BLOCK_CIPHER_BLOCK_LENGTH()</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE</span></code> → <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE" title="PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE</span></code></a></li>
+</ul>
+</li>
+<li>Documentation of the macros and of related APIs has been updated to reference the related API elements.</li>
+</ul>
+</li>
+<li><p class="first">Provide hash-and-sign operations as well as sign-the-hash operations. The API for asymmetric signature has been changed to clarify the use of the new functions.</p>
+<ul class="simple">
+<li>The existing asymmetric signature API has been renamed to clarify that this is for signing a hash that is already computed:<ul>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN</span></code> → <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_SIGN_HASH" title="PSA_KEY_USAGE_SIGN_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_HASH</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY</span></code> → <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_VERIFY_HASH" title="PSA_KEY_USAGE_VERIFY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_HASH</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">psa_asymmetric_sign()</span></code> → <a class="reference internal" href="../api/ops/sign.html#c.psa_sign_hash" title="psa_sign_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_hash()</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">psa_asymmetric_verify()</span></code> → <a class="reference internal" href="../api/ops/sign.html#c.psa_verify_hash" title="psa_verify_hash"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_hash()</span></code></a></li>
+</ul>
+</li>
+<li>New APIs added to provide the complete message signing operation:<ul>
+<li><a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.psa_sign_message" title="psa_sign_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_sign_message()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.psa_verify_message" title="psa_verify_message"><code class="xref any c c-func docutils literal"><span class="pre">psa_verify_message()</span></code></a></li>
+</ul>
+</li>
+<li>New Support macros to identify which algorithms can be used in which signing API:<ul>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_SIGN_HASH" title="PSA_ALG_IS_SIGN_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_SIGN_HASH()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_SIGN_MESSAGE" title="PSA_ALG_IS_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_SIGN_MESSAGE()</span></code></a></li>
+</ul>
+</li>
+<li>Renamed support macros that apply to both signing APIs:<ul>
+<li><code class="docutils literal"><span class="pre">PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE()</span></code> → <a class="reference internal" href="../api/ops/sign.html#c.PSA_SIGN_OUTPUT_SIZE" title="PSA_SIGN_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SIGN_OUTPUT_SIZE()</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE</span></code> → <a class="reference internal" href="../api/ops/sign.html#c.PSA_SIGNATURE_MAX_SIZE" title="PSA_SIGNATURE_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SIGNATURE_MAX_SIZE</span></code></a></li>
+</ul>
+</li>
+<li>The usage flag values have been changed, including for <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_DERIVE" title="PSA_KEY_USAGE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_DERIVE</span></code></a>.</li>
+</ul>
+</li>
+<li><p class="first">Restructure <a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a> and reassign all key type values.</p>
+<ul class="simple">
+<li><a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a> changes from 32-bit to 16-bit integer.</li>
+<li>Reassigned the key type categories.</li>
+<li>Add a parity bit to the key type to ensure that valid key type values differ by at least 2 bits.</li>
+<li>16-bit elliptic curve ids (<code class="docutils literal"><span class="pre">psa_ecc_curve_t</span></code>) replaced by 8-bit ECC curve family ids (<a class="reference internal" href="../api/keys/types.html#c.psa_ecc_family_t" title="psa_ecc_family_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_ecc_family_t</span></code></a>).
+16-bit Diffie-Hellman group ids (<code class="docutils literal"><span class="pre">psa_dh_group_t</span></code>) replaced by 8-bit DH group family ids (<a class="reference internal" href="../api/keys/types.html#c.psa_dh_family_t" title="psa_dh_family_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_dh_family_t</span></code></a>).<ul>
+<li>These ids are no longer related to the IANA Group Registry specification.</li>
+<li>The new key type values do not encode the key size for ECC curves or DH groups. The key bit size from the key attributes identify a specific ECC curve or DH group within the family.</li>
+</ul>
+</li>
+<li>The following macros have been removed:<ul>
+<li><code class="docutils literal"><span class="pre">PSA_DH_GROUP_FFDHE2048</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_DH_GROUP_FFDHE3072</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_DH_GROUP_FFDHE4096</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_DH_GROUP_FFDHE6144</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_DH_GROUP_FFDHE8192</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_BITS</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_BRAINPOOL_P256R1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_BRAINPOOL_P384R1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_BRAINPOOL_P512R1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_CURVE25519</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_CURVE448</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECP160K1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECP160R1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECP160R2</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECP192K1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECP192R1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECP224K1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECP224R1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECP256K1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECP256R1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECP384R1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECP521R1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECT163K1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECT163R1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECT163R2</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECT193R1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECT193R2</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECT233K1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECT233R1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECT239K1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECT283K1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECT283R1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECT409K1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECT409R1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECT571K1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ECC_CURVE_SECT571R1</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_GET_CURVE</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_KEY_TYPE_GET_GROUP</span></code></li>
+</ul>
+</li>
+<li>The following macros have been added:<ul>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_DH_FAMILY_RFC7919" title="PSA_DH_FAMILY_RFC7919"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_DH_FAMILY_RFC7919</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_BRAINPOOL_P_R1" title="PSA_ECC_FAMILY_BRAINPOOL_P_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_BRAINPOOL_P_R1</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECP_K1" title="PSA_ECC_FAMILY_SECP_K1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_K1</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECP_R1" title="PSA_ECC_FAMILY_SECP_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_R1</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECP_R2" title="PSA_ECC_FAMILY_SECP_R2"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECP_R2</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECT_K1" title="PSA_ECC_FAMILY_SECT_K1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_K1</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECT_R1" title="PSA_ECC_FAMILY_SECT_R1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_R1</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_SECT_R2" title="PSA_ECC_FAMILY_SECT_R2"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_SECT_R2</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_MONTGOMERY" title="PSA_ECC_FAMILY_MONTGOMERY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_MONTGOMERY</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DH_GET_FAMILY" title="PSA_KEY_TYPE_DH_GET_FAMILY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DH_GET_FAMILY</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ECC_GET_FAMILY" title="PSA_KEY_TYPE_ECC_GET_FAMILY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_GET_FAMILY</span></code></a></li>
+</ul>
+</li>
+<li>The following macros have new values:<ul>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ARC4" title="PSA_KEY_TYPE_ARC4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ARC4</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_CAMELLIA" title="PSA_KEY_TYPE_CAMELLIA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CAMELLIA</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_CHACHA20" title="PSA_KEY_TYPE_CHACHA20"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_CHACHA20</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DERIVE" title="PSA_KEY_TYPE_DERIVE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DERIVE</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DES" title="PSA_KEY_TYPE_DES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DES</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_HMAC" title="PSA_KEY_TYPE_HMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_HMAC</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_NONE" title="PSA_KEY_TYPE_NONE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_NONE</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_RAW_DATA" title="PSA_KEY_TYPE_RAW_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RAW_DATA</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_RSA_KEY_PAIR" title="PSA_KEY_TYPE_RSA_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_KEY_PAIR</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_RSA_PUBLIC_KEY" title="PSA_KEY_TYPE_RSA_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_RSA_PUBLIC_KEY</span></code></a></li>
+</ul>
+</li>
+<li>The following macros with specification-defined values have new example implementations:<ul>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_BLOCK_CIPHER_BLOCK_LENGTH" title="PSA_BLOCK_CIPHER_BLOCK_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_BLOCK_CIPHER_BLOCK_LENGTH</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DH_KEY_PAIR" title="PSA_KEY_TYPE_DH_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DH_KEY_PAIR</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DH_PUBLIC_KEY" title="PSA_KEY_TYPE_DH_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_DH_PUBLIC_KEY</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ECC_KEY_PAIR" title="PSA_KEY_TYPE_ECC_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_KEY_PAIR</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_ECC_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_ECC_PUBLIC_KEY</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_ASYMMETRIC" title="PSA_KEY_TYPE_IS_ASYMMETRIC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_IS_ASYMMETRIC</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_DH" title="PSA_KEY_TYPE_IS_DH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_IS_DH</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_DH_KEY_PAIR" title="PSA_KEY_TYPE_IS_DH_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_IS_DH_KEY_PAIR</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_DH_PUBLIC_KEY" title="PSA_KEY_TYPE_IS_DH_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_IS_DH_PUBLIC_KEY</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_ECC" title="PSA_KEY_TYPE_IS_ECC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_IS_ECC</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_ECC_KEY_PAIR" title="PSA_KEY_TYPE_IS_ECC_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_IS_ECC_KEY_PAIR</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_KEY_PAIR" title="PSA_KEY_TYPE_IS_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_IS_KEY_PAIR</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_PUBLIC_KEY" title="PSA_KEY_TYPE_IS_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_IS_PUBLIC_KEY</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_RSA" title="PSA_KEY_TYPE_IS_RSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_IS_RSA</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_UNSTRUCTURED" title="PSA_KEY_TYPE_IS_UNSTRUCTURED"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_IS_UNSTRUCTURED</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY" title="PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR" title="PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR</span></code></a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li><p class="first">Add ECC family <a class="reference internal" href="../api/keys/types.html#c.PSA_ECC_FAMILY_FRP" title="PSA_ECC_FAMILY_FRP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ECC_FAMILY_FRP</span></code></a> for the FRP256v1 curve.</p>
+</li>
+<li><p class="first">Restructure <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> encoding, to increase consistency across algorithm categories.</p>
+<ul class="simple">
+<li>Algorithms that include a hash operation all use the same structure to encode the hash algorithm. The following <code class="docutils literal"><span class="pre">PSA_ALG_XXXX_GET_HASH()</span></code> macros have all been replaced by a single macro <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_GET_HASH" title="PSA_ALG_GET_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_GET_HASH()</span></code></a>:<ul>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_HKDF_GET_HASH()</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_HMAC_GET_HASH()</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_RSA_OAEP_GET_HASH()</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_SIGN_GET_HASH()</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_TLS12_PRF_GET_HASH()</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_ALG_TLS12_PSK_TO_MS_GET_HASH()</span></code></li>
+</ul>
+</li>
+<li>Stream cipher algorithm macros have been removed; the key type indicates which cipher to use. Instead of <code class="docutils literal"><span class="pre">PSA_ALG_ARC4</span></code> and <code class="docutils literal"><span class="pre">PSA_ALG_CHACHA20</span></code>, use <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_STREAM_CIPHER" title="PSA_ALG_STREAM_CIPHER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_STREAM_CIPHER</span></code></a>.</li>
+</ul>
+<p>All of the other <code class="docutils literal"><span class="pre">PSA_ALG_XXX</span></code> macros have updated values or updated example implementations.</p>
+<ul class="simple">
+<li>The following macros have new values:<ul>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ANY_HASH</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_CBC_MAC" title="PSA_ALG_CBC_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_MAC</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_CBC_NO_PADDING" title="PSA_ALG_CBC_NO_PADDING"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_NO_PADDING</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_CBC_PKCS7" title="PSA_ALG_CBC_PKCS7"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CBC_PKCS7</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_CCM" title="PSA_ALG_CCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CCM</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_CFB" title="PSA_ALG_CFB"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CFB</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_CHACHA20_POLY1305" title="PSA_ALG_CHACHA20_POLY1305"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CHACHA20_POLY1305</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_CMAC" title="PSA_ALG_CMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CMAC</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_CTR" title="PSA_ALG_CTR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_CTR</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_ECDH" title="PSA_ALG_ECDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDH</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ECDSA_ANY" title="PSA_ALG_ECDSA_ANY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA_ANY</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_FFDH" title="PSA_ALG_FFDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_FFDH</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_GCM" title="PSA_ALG_GCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_GCM</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD2" title="PSA_ALG_MD2"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_MD2</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD4" title="PSA_ALG_MD4"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_MD4</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD5" title="PSA_ALG_MD5"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_MD5</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_OFB" title="PSA_ALG_OFB"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_OFB</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_RIPEMD160" title="PSA_ALG_RIPEMD160"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RIPEMD160</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/pke.html#c.PSA_ALG_RSA_PKCS1V15_CRYPT" title="PSA_ALG_RSA_PKCS1V15_CRYPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_CRYPT</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_1" title="PSA_ALG_SHA_1"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_1</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_224" title="PSA_ALG_SHA_224"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_224</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_256" title="PSA_ALG_SHA_256"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_256</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_384" title="PSA_ALG_SHA_384"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_384</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512" title="PSA_ALG_SHA_512"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_512</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512_224" title="PSA_ALG_SHA_512_224"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_512_224</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512_256" title="PSA_ALG_SHA_512_256"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA_512_256</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA3_224" title="PSA_ALG_SHA3_224"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA3_224</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA3_256" title="PSA_ALG_SHA3_256"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA3_256</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA3_384" title="PSA_ALG_SHA3_384"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA3_384</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA3_512" title="PSA_ALG_SHA3_512"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_SHA3_512</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_XTS" title="PSA_ALG_XTS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_XTS</span></code></a></li>
+</ul>
+</li>
+<li>The following macros with specification-defined values have new example implementations:<ul>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG" title="PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_AEAD_WITH_SHORTENED_TAG" title="PSA_ALG_AEAD_WITH_SHORTENED_TAG"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_AEAD_WITH_SHORTENED_TAG()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_DETERMINISTIC_ECDSA()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECDSA()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_FULL_LENGTH_MAC" title="PSA_ALG_FULL_LENGTH_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_FULL_LENGTH_MAC()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_HKDF" title="PSA_ALG_HKDF"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_HKDF()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_HMAC" title="PSA_ALG_HMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_HMAC()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_AEAD()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER" title="PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_ASYMMETRIC_ENCRYPTION" title="PSA_ALG_IS_ASYMMETRIC_ENCRYPTION"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_ASYMMETRIC_ENCRYPTION()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_IS_BLOCK_CIPHER_MAC" title="PSA_ALG_IS_BLOCK_CIPHER_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_BLOCK_CIPHER_MAC()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_CIPHER" title="PSA_ALG_IS_CIPHER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_CIPHER()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_DETERMINISTIC_ECDSA" title="PSA_ALG_IS_DETERMINISTIC_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_DETERMINISTIC_ECDSA()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_IS_ECDH" title="PSA_ALG_IS_ECDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_ECDH()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_ECDSA" title="PSA_ALG_IS_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_ECDSA()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_IS_FFDH" title="PSA_ALG_IS_FFDH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_FFDH()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_HASH()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_HASH_AND_SIGN" title="PSA_ALG_IS_HASH_AND_SIGN"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_HASH_AND_SIGN()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_IS_HKDF" title="PSA_ALG_IS_HKDF"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_HKDF()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_IS_HMAC" title="PSA_ALG_IS_HMAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_HMAC()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_KEY_AGREEMENT" title="PSA_ALG_IS_KEY_AGREEMENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_KEY_AGREEMENT()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_KEY_DERIVATION" title="PSA_ALG_IS_KEY_DERIVATION"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_KEY_DERIVATION()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_MAC()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RANDOMIZED_ECDSA" title="PSA_ALG_IS_RANDOMIZED_ECDSA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_RANDOMIZED_ECDSA()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_IS_RAW_KEY_AGREEMENT" title="PSA_ALG_IS_RAW_KEY_AGREEMENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_RAW_KEY_AGREEMENT()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/pke.html#c.PSA_ALG_IS_RSA_OAEP" title="PSA_ALG_IS_RSA_OAEP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_RSA_OAEP()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RSA_PKCS1V15_SIGN" title="PSA_ALG_IS_RSA_PKCS1V15_SIGN"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_RSA_PKCS1V15_SIGN()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RSA_PSS" title="PSA_ALG_IS_RSA_PSS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_RSA_PSS()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_SIGN" title="PSA_ALG_IS_SIGN"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_SIGN()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_SIGN_MESSAGE" title="PSA_ALG_IS_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_SIGN_MESSAGE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_IS_STREAM_CIPHER" title="PSA_ALG_IS_STREAM_CIPHER"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_STREAM_CIPHER()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_IS_TLS12_PRF" title="PSA_ALG_IS_TLS12_PRF"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_TLS12_PRF()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_IS_TLS12_PSK_TO_MS" title="PSA_ALG_IS_TLS12_PSK_TO_MS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_TLS12_PSK_TO_MS()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_WILDCARD" title="PSA_ALG_IS_WILDCARD"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_IS_WILDCARD()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_KEY_AGREEMENT" title="PSA_ALG_KEY_AGREEMENT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_KEY_AGREEMENT_GET_BASE" title="PSA_ALG_KEY_AGREEMENT_GET_BASE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT_GET_BASE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_KEY_AGREEMENT_GET_KDF" title="PSA_ALG_KEY_AGREEMENT_GET_KDF"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_KEY_AGREEMENT_GET_KDF()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/pke.html#c.PSA_ALG_RSA_OAEP" title="PSA_ALG_RSA_OAEP"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_OAEP()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN" title="PSA_ALG_RSA_PKCS1V15_SIGN"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PKCS1V15_SIGN()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_RSA_PSS()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_TLS12_PRF" title="PSA_ALG_TLS12_PRF"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_TLS12_PRF()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_TLS12_PSK_TO_MS" title="PSA_ALG_TLS12_PSK_TO_MS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_TLS12_PSK_TO_MS()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_TRUNCATED_MAC" title="PSA_ALG_TRUNCATED_MAC"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_TRUNCATED_MAC()</span></code></a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li><p class="first">Added ECB block cipher mode, with no padding, as <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_ECB_NO_PADDING" title="PSA_ALG_ECB_NO_PADDING"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_ECB_NO_PADDING</span></code></a>.</p>
+</li>
+<li><p class="first">Add functions to suspend and resume hash operations:</p>
+<ul class="simple">
+<li><a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_suspend" title="psa_hash_suspend"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_suspend()</span></code></a> halts the current operation and outputs a hash suspend state.</li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_resume" title="psa_hash_resume"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_resume()</span></code></a> continues a previously suspended hash operation.</li>
+</ul>
+<p>The format of the hash suspend state is documented in <a class="reference internal" href="../api/ops/hashes.html#hash-suspend-state"><span class="secref">Hash suspend state</span></a>, and supporting macros are provided for using this API:</p>
+<ul class="simple">
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_SUSPEND_OUTPUT_SIZE" title="PSA_HASH_SUSPEND_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_SUSPEND_OUTPUT_SIZE()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE" title="PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH" title="PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH" title="PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH" title="PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_BLOCK_LENGTH" title="PSA_HASH_BLOCK_LENGTH"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_HASH_BLOCK_LENGTH()</span></code></a></li>
+</ul>
+</li>
+<li><p class="first">Complement <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a> with new error codes <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a> and <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a>. These permit an implementation to distinguish different causes of failure when reading from key storage.</p>
+</li>
+<li><p class="first">Added input step <a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_CONTEXT" title="PSA_KEY_DERIVATION_INPUT_CONTEXT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_CONTEXT</span></code></a> for key derivation, supporting obvious mapping from the step identifiers to common KDF constructions.</p>
+</li>
+</ul>
+</div>
+<div class="section" id="clarifications">
+<h4>Clarifications</h4>
+<ul class="simple">
+<li>Clarified rules regarding modification of parameters in concurrent environments.</li>
+<li>Guarantee that <a class="reference internal" href="../api/keys/management.html#c.psa_destroy_key" title="psa_destroy_key"><code class="docutils literal"><span class="pre">psa_destroy_key</span></code></a><code class="docutils literal"><span class="pre">(</span></code><a class="reference internal" href="../api/keys/ids.html#c.PSA_KEY_ID_NULL" title="PSA_KEY_ID_NULL"><code class="docutils literal"><span class="pre">PSA_KEY_ID_NULL</span></code></a><code class="docutils literal"><span class="pre">)</span></code> always returns <a class="reference internal" href="../api/library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SUCCESS</span></code></a>.</li>
+<li>Clarified the TLS PSK to MS key agreement algorithm.</li>
+<li>Document the key policy requirements for all APIs that accept a key parameter.</li>
+<li>Document more of the error codes for each function.</li>
+</ul>
+</div>
+<div class="section" id="id6">
+<h4>Other changes</h4>
+<ul class="simple">
+<li>Require C99 for this specification instead of C89.</li>
+<li>Removed references to non-standard mbed-crypto header files. The only header file that applications need to include is <code class="file docutils literal"><span class="pre">psa/crypto.h</span></code>.</li>
+<li>Reorganized the API reference, grouping the elements in a more natural way.</li>
+<li>Improved the cross referencing between all of the document sections, and from code snippets to API element descriptions.</li>
+</ul>
+</div>
+</div>
+<div class="section" id="changes-between-1-0-beta-2-and-1-0-beta-3">
+<h3>Changes between <em>1.0 beta 2</em> and <em>1.0 beta 3</em></h3>
+<div class="section" id="id7">
+<h4>Changes to the API</h4>
+<ul class="simple">
+<li>Change the value of error codes, and some names, to align
+with other PSA specifications. The name changes are:<ul>
+<li><code class="docutils literal"><span class="pre">PSA_ERROR_UNKNOWN_ERROR</span></code> → <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_GENERIC_ERROR" title="PSA_ERROR_GENERIC_ERROR"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_GENERIC_ERROR</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">PSA_ERROR_OCCUPIED_SLOT</span></code> → <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_ALREADY_EXISTS" title="PSA_ERROR_ALREADY_EXISTS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_ALREADY_EXISTS</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">PSA_ERROR_EMPTY_SLOT</span></code> → <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_DOES_NOT_EXIST" title="PSA_ERROR_DOES_NOT_EXIST"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_DOES_NOT_EXIST</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_CAPACITY</span></code> → <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_INSUFFICIENT_DATA" title="PSA_ERROR_INSUFFICIENT_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_DATA</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">PSA_ERROR_TAMPERING_DETECTED</span></code> → <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></li>
+</ul>
+</li>
+<li>Change the way keys are created to avoid “half-filled” handles
+that contained key metadata, but no key material.
+Now, to create a key, first fill in a data structure containing
+its attributes, then pass this structure to a function that
+both allocates resources for the key and fills in the key
+material. This affects the following functions:<ul>
+<li><a class="reference internal" href="../api/keys/management.html#c.psa_import_key" title="psa_import_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_import_key()</span></code></a>, <a class="reference internal" href="../api/keys/management.html#c.psa_generate_key" title="psa_generate_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_generate_key()</span></code></a>, <code class="docutils literal"><span class="pre">psa_generator_import_key()</span></code>
+and <a class="reference internal" href="../api/keys/management.html#c.psa_copy_key" title="psa_copy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_copy_key()</span></code></a> now take an attribute structure, as
+a pointer to <a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_attributes_t</span></code></a>, to specify key metadata.
+This replaces the previous method of passing arguments to
+<code class="docutils literal"><span class="pre">psa_create_key()</span></code> or to the key material creation function
+or calling <code class="docutils literal"><span class="pre">psa_set_key_policy()</span></code>.</li>
+<li><code class="docutils literal"><span class="pre">psa_key_policy_t</span></code> and functions operating on that type
+no longer exist. A key’s policy is now accessible as part of
+its attributes.</li>
+<li><code class="docutils literal"><span class="pre">psa_get_key_information()</span></code> is also replaced by accessing the
+key’s attributes, retrieved with <a class="reference internal" href="../api/keys/attributes.html#c.psa_get_key_attributes" title="psa_get_key_attributes"><code class="xref any c c-func docutils literal"><span class="pre">psa_get_key_attributes()</span></code></a>.</li>
+<li><code class="docutils literal"><span class="pre">psa_create_key()</span></code> no longer exists. Instead, set the key id
+attribute and the lifetime attribute before creating the
+key material.</li>
+</ul>
+</li>
+<li>Allow <a class="reference internal" href="../api/ops/aead.html#c.psa_aead_update" title="psa_aead_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_update()</span></code></a> to buffer data.</li>
+<li>New buffer size calculation macros.</li>
+<li>Key identifiers are no longer specific to a given lifetime value. <code class="docutils literal"><span class="pre">psa_open_key()</span></code> no longer takes a <code class="docutils literal"><span class="pre">lifetime</span></code> parameter.</li>
+<li>Define a range of key identifiers for use by applications and a separate range for use by implementations.</li>
+<li>Avoid the unusual terminology “generator”: call them
+“key derivation operations” instead. Rename a number of functions
+and other identifiers related to for clarity and consistency:<ul>
+<li><code class="docutils literal"><span class="pre">psa_crypto_generator_t</span></code> → <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_derivation_operation_t</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">PSA_CRYPTO_GENERATOR_INIT</span></code> → <a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_OPERATION_INIT" title="PSA_KEY_DERIVATION_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_OPERATION_INIT</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">psa_crypto_generator_init()</span></code> → <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_init" title="psa_key_derivation_operation_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_operation_init()</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">PSA_GENERATOR_UNBRIDLED_CAPACITY</span></code> → <a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_UNLIMITED_CAPACITY" title="PSA_KEY_DERIVATION_UNLIMITED_CAPACITY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_UNLIMITED_CAPACITY</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">psa_set_generator_capacity()</span></code> → <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_set_capacity" title="psa_key_derivation_set_capacity"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_set_capacity()</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">psa_get_generator_capacity()</span></code> → <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_get_capacity" title="psa_key_derivation_get_capacity"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_get_capacity()</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">psa_key_agreement()</span></code> → <a class="reference internal" href="../api/ops/ka.html#c.psa_key_derivation_key_agreement" title="psa_key_derivation_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_key_agreement()</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">psa_generator_read()</span></code> → <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_output_bytes" title="psa_key_derivation_output_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_bytes()</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">psa_generate_derived_key()</span></code> → <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">psa_generator_abort()</span></code> → <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_abort" title="psa_key_derivation_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_abort()</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">psa_key_agreement_raw_shared_secret()</span></code> → <a class="reference internal" href="../api/ops/ka.html#c.psa_raw_key_agreement" title="psa_raw_key_agreement"><code class="xref any c c-func docutils literal"><span class="pre">psa_raw_key_agreement()</span></code></a></li>
+<li><code class="docutils literal"><span class="pre">PSA_KDF_STEP_xxx</span></code> → <code class="docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_xxx</span></code></li>
+<li><code class="docutils literal"><span class="pre">PSA_xxx_KEYPAIR</span></code> → <code class="docutils literal"><span class="pre">PSA_xxx_KEY_PAIR</span></code></li>
+</ul>
+</li>
+<li>Convert TLS1.2 KDF descriptions to multi-part key derivation.</li>
+</ul>
+</div>
+<div class="section" id="id8">
+<h4>Clarifications</h4>
+<ul class="simple">
+<li>Specify <code class="docutils literal"><span class="pre">psa_generator_import_key()</span></code> for most key types.</li>
+<li>Clarify the behavior in various corner cases.</li>
+<li>Document more error conditions.</li>
+</ul>
+</div>
+</div>
+<div class="section" id="changes-between-1-0-beta-1-and-1-0-beta-2">
+<h3>Changes between <em>1.0 beta 1</em> and <em>1.0 beta 2</em></h3>
+<div class="section" id="id9">
+<h4>Changes to the API</h4>
+<ul class="simple">
+<li>Remove obsolete definition <code class="docutils literal"><span class="pre">PSA_ALG_IS_KEY_SELECTION</span></code>.</li>
+<li><a class="reference internal" href="../api/ops/aead.html#c.PSA_AEAD_FINISH_OUTPUT_SIZE" title="PSA_AEAD_FINISH_OUTPUT_SIZE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_AEAD_FINISH_OUTPUT_SIZE</span></code></a>: remove spurious parameter <code class="docutils literal"><span class="pre">plaintext_length</span></code>.</li>
+</ul>
+</div>
+<div class="section" id="id10">
+<h4>Clarifications</h4>
+<ul class="simple">
+<li><code class="docutils literal"><span class="pre">psa_key_agreement()</span></code>: document <code class="docutils literal"><span class="pre">alg</span></code> parameter.</li>
+</ul>
+</div>
+<div class="section" id="id11">
+<h4>Other changes</h4>
+<ul class="simple">
+<li>Document formatting improvements.</li>
+</ul>
+</div>
+</div>
+</div>
+<div class="section" id="planned-changes-for-version-1-1-x">
+<h2>Planned changes for version 1.1.x</h2>
+<p>Future versions of this specification that use a 1.0.x version will describe the same API as this specification. Any changes will not affect application compatibility and will not introduce major features. These updates are intended to add minor requirements on implementations, introduce optional definitions, make corrections, clarify potential or actual ambiguities, or improve the documentation.</p>
+<p>These are the changes that we are currently planning to make for version 1.1.x:</p>
+<ul class="simple">
+<li>Declare identifiers for additional cryptographic algorithms.</li>
+<li>Mandate certain checks when importing some types of asymmetric keys.</li>
+<li>Specify the computation of algorithm and key type values.</li>
+<li>Further clarifications on API usage and implementation.</li>
+</ul>
+</div>
+<div class="section" id="future-additions">
+<span id="future"></span><h2>Future additions</h2>
+<p>Major additions to the API will be defined in future drafts and editions of a 1.x or 2.x version of this specification. Features that are being considered include:</p>
+<ul class="simple">
+<li>Multi-part operations for hybrid cryptography. For example, this includes hash-and-sign for EdDSA, and hybrid encryption for ECIES.</li>
+<li>Key wrapping mechanisms to extract and import keys in an encrypted and authenticated form.</li>
+<li>Key discovery mechanisms. This would enable an application to locate a key by its name or attributes.</li>
+<li>Implementation capability description. This would enable an application to determine the algorithms, key types and storage lifetimes that the implementation provides.</li>
+<li>An ownership and access control mechanism allowing a multi-client implementation to have privileged clients that are able to manage keys of other clients.</li>
+</ul>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../about.html">About this document</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1 current"><a class="current reference internal" href="#">Changes to the API</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="#document-change-history">Document change history</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#changes-between-1-0-1-and-1-1-0">Changes between <em>1.0.1</em> and <em>1.1.0</em></a></li>
+<li class="toctree-l3"><a class="reference internal" href="#changes-between-1-0-0-and-1-0-1">Changes between <em>1.0.0</em> and <em>1.0.1</em></a></li>
+<li class="toctree-l3"><a class="reference internal" href="#changes-between-1-0-beta-3-and-1-0-0">Changes between <em>1.0 beta 3</em> and <em>1.0.0</em></a></li>
+<li class="toctree-l3"><a class="reference internal" href="#changes-between-1-0-beta-2-and-1-0-beta-3">Changes between <em>1.0 beta 2</em> and <em>1.0 beta 3</em></a></li>
+<li class="toctree-l3"><a class="reference internal" href="#changes-between-1-0-beta-1-and-1-0-beta-2">Changes between <em>1.0 beta 1</em> and <em>1.0 beta 2</em></a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#planned-changes-for-version-1-1-x">Planned changes for version 1.1.x</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#future-additions">Future additions</a></li>
+</ul>
+</li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/appendix/specdef_values.html b/docs/1.1.0/html/appendix/specdef_values.html
new file mode 100644
index 0000000..4d6bfb2
--- /dev/null
+++ b/docs/1.1.0/html/appendix/specdef_values.html
@@ -0,0 +1,388 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>Example macro implementations — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../_static/jquery.js"></script>
+ <script type="text/javascript" src="../_static/underscore.js"></script>
+ <script type="text/javascript" src="../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../about.html" />
+ <link rel="index" title="Index" href="../genindex.html" />
+ <link rel="search" title="Search" href="../search.html" />
+ <link rel="next" title="Security Risk Assessment" href="sra.html" />
+ <link rel="prev" title="Algorithm and key type encoding" href="encodings.html" />
+
+ <link rel="stylesheet" href="../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="example-macro-implementations">
+<span id="appendix-specdef-values"></span><h1>Example macro implementations</h1>
+<p>This appendix provides example implementations of the function-like macros that have specification-defined values.</p>
+<div class="admonition note">
+<p class="first admonition-title">Note</p>
+<p class="last">In a future version of this specification, these example implementations will be replaced with a pseudo-code representation of the macro’s computation in the macro description.</p>
+</div>
+<p>The examples here provide correct results for the valid inputs defined by each API, for an implementation that supports all of the defined algorithms and key types. An implementation can provide alternative definitions of these macros:</p>
+<ul class="simple">
+<li>If the implementation does not support all of the algorithms or key types, it can provide a simpler definition of applicable macros.</li>
+<li>If the implementation provides vendor-specific algorithms or key types, it needs to extend the definitions of applicable macros.</li>
+</ul>
+<div class="section" id="algorithm-macros">
+<h2>Algorithm macros</h2>
+<pre class="literal-block">
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG" title="PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG">PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG</a>(aead_alg) \
+ ((((aead_alg) & ~0x003f8000) == 0x05400100) ? <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_CCM" title="PSA_ALG_CCM">PSA_ALG_CCM</a> : \
+ (((aead_alg) & ~0x003f8000) == 0x05400200) ? <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_GCM" title="PSA_ALG_GCM">PSA_ALG_GCM</a> : \
+ (((aead_alg) & ~0x003f8000) == 0x05000500) ? <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_CHACHA20_POLY1305" title="PSA_ALG_CHACHA20_POLY1305">PSA_ALG_CHACHA20_POLY1305</a> : \
+ <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_NONE" title="PSA_ALG_NONE">PSA_ALG_NONE</a>)
+
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG" title="PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG">PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG</a>(aead_alg, min_tag_length) \
+ ( <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_AEAD_WITH_SHORTENED_TAG" title="PSA_ALG_AEAD_WITH_SHORTENED_TAG">PSA_ALG_AEAD_WITH_SHORTENED_TAG</a>(aead_alg, min_tag_length) | 0x00008000 )
+
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_AEAD_WITH_SHORTENED_TAG" title="PSA_ALG_AEAD_WITH_SHORTENED_TAG">PSA_ALG_AEAD_WITH_SHORTENED_TAG</a>(aead_alg, tag_length) \
+ ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) (((aead_alg) & ~0x003f8000) | (((tag_length) & 0x3f) << 16)))
+
+#define <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_AT_LEAST_THIS_LENGTH_MAC" title="PSA_ALG_AT_LEAST_THIS_LENGTH_MAC">PSA_ALG_AT_LEAST_THIS_LENGTH_MAC</a>(mac_alg, min_mac_length) \
+ ( <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_TRUNCATED_MAC" title="PSA_ALG_TRUNCATED_MAC">PSA_ALG_TRUNCATED_MAC</a>(mac_alg, min_mac_length) | 0x00008000 )
+
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_DETERMINISTIC_ECDSA" title="PSA_ALG_DETERMINISTIC_ECDSA">PSA_ALG_DETERMINISTIC_ECDSA</a>(hash_alg) \
+ ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) (0x06000700 | ((hash_alg) & 0x000000ff)))
+
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ECDSA" title="PSA_ALG_ECDSA">PSA_ALG_ECDSA</a>(hash_alg) \
+ ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) (0x06000600 | ((hash_alg) & 0x000000ff)))
+
+#define <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_FULL_LENGTH_MAC" title="PSA_ALG_FULL_LENGTH_MAC">PSA_ALG_FULL_LENGTH_MAC</a>(mac_alg) \
+ ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) ((mac_alg) & ~0x003f8000))
+
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_GET_HASH" title="PSA_ALG_GET_HASH">PSA_ALG_GET_HASH</a>(alg) \
+ (((alg) & 0x000000ff) == 0 ? <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_NONE" title="PSA_ALG_NONE">PSA_ALG_NONE</a> : 0x02000000 | ((alg) & 0x000000ff))
+
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_HKDF" title="PSA_ALG_HKDF">PSA_ALG_HKDF</a>(hash_alg) \
+ ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) (0x08000100 | ((hash_alg) & 0x000000ff)))
+
+#define <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_HMAC" title="PSA_ALG_HMAC">PSA_ALG_HMAC</a>(hash_alg) \
+ ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) (0x03800000 | ((hash_alg) & 0x000000ff)))
+
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_AEAD" title="PSA_ALG_IS_AEAD">PSA_ALG_IS_AEAD</a>(alg) \
+ (((alg) & 0x7f000000) == 0x05000000)
+
+#define <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER" title="PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER">PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER</a>(alg) \
+ (((alg) & 0x7f400000) == 0x05400000)
+
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_ASYMMETRIC_ENCRYPTION" title="PSA_ALG_IS_ASYMMETRIC_ENCRYPTION">PSA_ALG_IS_ASYMMETRIC_ENCRYPTION</a>(alg) \
+ (((alg) & 0x7f000000) == 0x07000000)
+
+#define <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_IS_BLOCK_CIPHER_MAC" title="PSA_ALG_IS_BLOCK_CIPHER_MAC">PSA_ALG_IS_BLOCK_CIPHER_MAC</a>(alg) \
+ (((alg) & 0x7fc00000) == 0x03c00000)
+
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_CIPHER" title="PSA_ALG_IS_CIPHER">PSA_ALG_IS_CIPHER</a>(alg) \
+ (((alg) & 0x7f000000) == 0x04000000)
+
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_DETERMINISTIC_ECDSA" title="PSA_ALG_IS_DETERMINISTIC_ECDSA">PSA_ALG_IS_DETERMINISTIC_ECDSA</a>(alg) \
+ (((alg) & ~0x000000ff) == 0x06000700)
+
+#define <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_IS_ECDH" title="PSA_ALG_IS_ECDH">PSA_ALG_IS_ECDH</a>(alg) \
+ (((alg) & 0x7fff0000) == 0x09020000)
+
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_ECDSA" title="PSA_ALG_IS_ECDSA">PSA_ALG_IS_ECDSA</a>(alg) \
+ (((alg) & ~0x000001ff) == 0x06000600)
+
+#define <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_IS_FFDH" title="PSA_ALG_IS_FFDH">PSA_ALG_IS_FFDH</a>(alg) \
+ (((alg) & 0x7fff0000) == 0x09010000)
+
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH">PSA_ALG_IS_HASH</a>(alg) \
+ (((alg) & 0x7f000000) == 0x02000000)
+
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_HASH_AND_SIGN" title="PSA_ALG_IS_HASH_AND_SIGN">PSA_ALG_IS_HASH_AND_SIGN</a>(alg) \
+ (<a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RSA_PSS" title="PSA_ALG_IS_RSA_PSS">PSA_ALG_IS_RSA_PSS</a>(alg) || <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RSA_PKCS1V15_SIGN" title="PSA_ALG_IS_RSA_PKCS1V15_SIGN">PSA_ALG_IS_RSA_PKCS1V15_SIGN</a>(alg) || \
+ <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_ECDSA" title="PSA_ALG_IS_ECDSA">PSA_ALG_IS_ECDSA</a>(alg) || <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_HASH_EDDSA" title="PSA_ALG_IS_HASH_EDDSA">PSA_ALG_IS_HASH_EDDSA</a>(alg))
+
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_HASH_EDDSA" title="PSA_ALG_IS_HASH_EDDSA">PSA_ALG_IS_HASH_EDDSA</a>(alg) \
+ (((alg) & ~0x000000ff) == 0x06000900)
+
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_IS_HKDF" title="PSA_ALG_IS_HKDF">PSA_ALG_IS_HKDF</a>(alg) \
+ (((alg) & ~0x000000ff) == 0x08000100)
+
+#define <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_IS_HMAC" title="PSA_ALG_IS_HMAC">PSA_ALG_IS_HMAC</a>(alg) \
+ (((alg) & 0x7fc0ff00) == 0x03800000)
+
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_KEY_AGREEMENT" title="PSA_ALG_IS_KEY_AGREEMENT">PSA_ALG_IS_KEY_AGREEMENT</a>(alg) \
+ (((alg) & 0x7f000000) == 0x09000000)
+
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_KEY_DERIVATION" title="PSA_ALG_IS_KEY_DERIVATION">PSA_ALG_IS_KEY_DERIVATION</a>(alg) \
+ (((alg) & 0x7f000000) == 0x08000000)
+
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_IS_KEY_DERIVATION_STRETCHING" title="PSA_ALG_IS_KEY_DERIVATION_STRETCHING">PSA_ALG_IS_KEY_DERIVATION_STRETCHING</a>(alg) \
+ (((alg) & 0x7f800000) == 0x08800000)
+
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC">PSA_ALG_IS_MAC</a>(alg) \
+ (((alg) & 0x7f000000) == 0x03000000)
+
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_IS_PBKDF2_HMAC" title="PSA_ALG_IS_PBKDF2_HMAC">PSA_ALG_IS_PBKDF2_HMAC</a>(alg) \
+ (((alg) & ~0x000000ff) == 0x08800100)
+
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RANDOMIZED_ECDSA" title="PSA_ALG_IS_RANDOMIZED_ECDSA">PSA_ALG_IS_RANDOMIZED_ECDSA</a>(alg) \
+ (((alg) & ~0x000000ff) == 0x06000600)
+
+#define <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_IS_RAW_KEY_AGREEMENT" title="PSA_ALG_IS_RAW_KEY_AGREEMENT">PSA_ALG_IS_RAW_KEY_AGREEMENT</a>(alg) \
+ (((alg) & 0x7f00ffff) == 0x09000000)
+
+#define <a class="reference internal" href="../api/ops/pke.html#c.PSA_ALG_IS_RSA_OAEP" title="PSA_ALG_IS_RSA_OAEP">PSA_ALG_IS_RSA_OAEP</a>(alg) \
+ (((alg) & ~0x000000ff) == 0x07000300)
+
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RSA_PKCS1V15_SIGN" title="PSA_ALG_IS_RSA_PKCS1V15_SIGN">PSA_ALG_IS_RSA_PKCS1V15_SIGN</a>(alg) \
+ (((alg) & ~0x000000ff) == 0x06000200)
+
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RSA_PSS" title="PSA_ALG_IS_RSA_PSS">PSA_ALG_IS_RSA_PSS</a>(alg) \
+ (((alg) & ~0x000010ff) == 0x06000300)
+
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RSA_PSS_ANY_SALT" title="PSA_ALG_IS_RSA_PSS_ANY_SALT">PSA_ALG_IS_RSA_PSS_ANY_SALT</a>(alg) \
+ (((alg) & ~0x000000ff) == 0x06001300)
+
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_RSA_PSS_STANDARD_SALT" title="PSA_ALG_IS_RSA_PSS_STANDARD_SALT">PSA_ALG_IS_RSA_PSS_STANDARD_SALT</a>(alg) \
+ (((alg) & ~0x000000ff) == 0x06000300)
+
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_SIGN" title="PSA_ALG_IS_SIGN">PSA_ALG_IS_SIGN</a>(alg) \
+ (((alg) & 0x7f000000) == 0x06000000)
+
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_SIGN_HASH" title="PSA_ALG_IS_SIGN_HASH">PSA_ALG_IS_SIGN_HASH</a>(alg) \
+ <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_SIGN" title="PSA_ALG_IS_SIGN">PSA_ALG_IS_SIGN</a>(alg)
+
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_IS_SIGN_MESSAGE" title="PSA_ALG_IS_SIGN_MESSAGE">PSA_ALG_IS_SIGN_MESSAGE</a>(alg) \
+ (<a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_SIGN" title="PSA_ALG_IS_SIGN">PSA_ALG_IS_SIGN</a>(alg) && \
+ (alg) != <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ECDSA_ANY" title="PSA_ALG_ECDSA_ANY">PSA_ALG_ECDSA_ANY</a> && (alg) != <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW" title="PSA_ALG_RSA_PKCS1V15_SIGN_RAW">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</a>)
+
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_ALG_IS_STREAM_CIPHER" title="PSA_ALG_IS_STREAM_CIPHER">PSA_ALG_IS_STREAM_CIPHER</a>(alg) \
+ (((alg) & 0x7f800000) == 0x04800000)
+
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_IS_TLS12_PRF" title="PSA_ALG_IS_TLS12_PRF">PSA_ALG_IS_TLS12_PRF</a>(alg) \
+ (((alg) & ~0x000000ff) == 0x08000200)
+
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_IS_TLS12_PSK_TO_MS" title="PSA_ALG_IS_TLS12_PSK_TO_MS">PSA_ALG_IS_TLS12_PSK_TO_MS</a>(alg) \
+ (((alg) & ~0x000000ff) == 0x08000300)
+
+#define <a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_IS_WILDCARD" title="PSA_ALG_IS_WILDCARD">PSA_ALG_IS_WILDCARD</a>(alg) \
+ ((<a class="reference internal" href="../api/ops/algorithms.html#c.PSA_ALG_GET_HASH" title="PSA_ALG_GET_HASH">PSA_ALG_GET_HASH</a>(alg) == <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_ANY_HASH" title="PSA_ALG_ANY_HASH">PSA_ALG_ANY_HASH</a>) || \
+ (((alg) & 0x7f008000) == 0x03008000) || \
+ (((alg) & 0x7f008000) == 0x05008000))
+
+#define <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_KEY_AGREEMENT" title="PSA_ALG_KEY_AGREEMENT">PSA_ALG_KEY_AGREEMENT</a>(ka_alg, kdf_alg) \
+ ((ka_alg) | (kdf_alg))
+
+#define <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_KEY_AGREEMENT_GET_BASE" title="PSA_ALG_KEY_AGREEMENT_GET_BASE">PSA_ALG_KEY_AGREEMENT_GET_BASE</a>(alg) \
+ ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)((alg) & 0xffff0000))
+
+#define <a class="reference internal" href="../api/ops/ka.html#c.PSA_ALG_KEY_AGREEMENT_GET_KDF" title="PSA_ALG_KEY_AGREEMENT_GET_KDF">PSA_ALG_KEY_AGREEMENT_GET_KDF</a>(alg) \
+ ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)((alg) & 0xfe00ffff))
+
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_PBKDF2_HMAC" title="PSA_ALG_PBKDF2_HMAC">PSA_ALG_PBKDF2_HMAC</a>(hash_alg) \
+ ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)(0x08800100 | ((hash_alg) & 0x000000ff)))
+
+#define <a class="reference internal" href="../api/ops/pke.html#c.PSA_ALG_RSA_OAEP" title="PSA_ALG_RSA_OAEP">PSA_ALG_RSA_OAEP</a>(hash_alg) \
+ ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)(0x07000300 | ((hash_alg) & 0x000000ff)))
+
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN" title="PSA_ALG_RSA_PKCS1V15_SIGN">PSA_ALG_RSA_PKCS1V15_SIGN</a>(hash_alg) \
+ ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)(0x06000200 | ((hash_alg) & 0x000000ff)))
+
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PSS" title="PSA_ALG_RSA_PSS">PSA_ALG_RSA_PSS</a>(hash_alg) \
+ ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)(0x06000300 | ((hash_alg) & 0x000000ff)))
+
+#define <a class="reference internal" href="../api/ops/sign.html#c.PSA_ALG_RSA_PSS_ANY_SALT" title="PSA_ALG_RSA_PSS_ANY_SALT">PSA_ALG_RSA_PSS_ANY_SALT</a>(hash_alg) \
+ ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)(0x06001300 | ((hash_alg) & 0x000000ff)))
+
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_TLS12_PRF" title="PSA_ALG_TLS12_PRF">PSA_ALG_TLS12_PRF</a>(hash_alg) \
+ ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) (0x08000200 | ((hash_alg) & 0x000000ff)))
+
+#define <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_TLS12_PSK_TO_MS" title="PSA_ALG_TLS12_PSK_TO_MS">PSA_ALG_TLS12_PSK_TO_MS</a>(hash_alg) \
+ ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) (0x08000300 | ((hash_alg) & 0x000000ff)))
+
+#define <a class="reference internal" href="../api/ops/macs.html#c.PSA_ALG_TRUNCATED_MAC" title="PSA_ALG_TRUNCATED_MAC">PSA_ALG_TRUNCATED_MAC</a>(mac_alg, mac_length) \
+ ((<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>) (((mac_alg) & ~0x003f8000) | (((mac_length) & 0x3f) << 16)))
+</pre>
+</div>
+<div class="section" id="key-type-macros">
+<h2>Key type macros</h2>
+<pre class="literal-block">
+#define <a class="reference internal" href="../api/ops/ciphers.html#c.PSA_BLOCK_CIPHER_BLOCK_LENGTH" title="PSA_BLOCK_CIPHER_BLOCK_LENGTH">PSA_BLOCK_CIPHER_BLOCK_LENGTH</a>(type) \
+ (1u << (((type) >> 8) & 7))
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DH_GET_FAMILY" title="PSA_KEY_TYPE_DH_GET_FAMILY">PSA_KEY_TYPE_DH_GET_FAMILY</a>(type) \
+ ((<a class="reference internal" href="../api/keys/types.html#c.psa_dh_family_t" title="psa_dh_family_t">psa_dh_family_t</a>) ((type) & 0x00ff))
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DH_KEY_PAIR" title="PSA_KEY_TYPE_DH_KEY_PAIR">PSA_KEY_TYPE_DH_KEY_PAIR</a>(group) \
+ ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>) (0x7200 | (group)))
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_DH_PUBLIC_KEY" title="PSA_KEY_TYPE_DH_PUBLIC_KEY">PSA_KEY_TYPE_DH_PUBLIC_KEY</a>(group) \
+ ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>) (0x4200 | (group)))
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ECC_GET_FAMILY" title="PSA_KEY_TYPE_ECC_GET_FAMILY">PSA_KEY_TYPE_ECC_GET_FAMILY</a>(type) \
+ ((<a class="reference internal" href="../api/keys/types.html#c.psa_ecc_family_t" title="psa_ecc_family_t">psa_ecc_family_t</a>) ((type) & 0x00ff))
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ECC_KEY_PAIR" title="PSA_KEY_TYPE_ECC_KEY_PAIR">PSA_KEY_TYPE_ECC_KEY_PAIR</a>(curve) \
+ ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>) (0x7100 | (curve)))
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_ECC_PUBLIC_KEY">PSA_KEY_TYPE_ECC_PUBLIC_KEY</a>(curve) \
+ ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>) (0x4100 | (curve)))
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_ASYMMETRIC" title="PSA_KEY_TYPE_IS_ASYMMETRIC">PSA_KEY_TYPE_IS_ASYMMETRIC</a>(type) \
+ (((type) & 0x4000) == 0x4000)
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_DH" title="PSA_KEY_TYPE_IS_DH">PSA_KEY_TYPE_IS_DH</a>(type) \
+ ((<a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR" title="PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR">PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR</a>(type) & 0xff00) == 0x4200)
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_DH_KEY_PAIR" title="PSA_KEY_TYPE_IS_DH_KEY_PAIR">PSA_KEY_TYPE_IS_DH_KEY_PAIR</a>(type) \
+ (((type) & 0xff00) == 0x7200)
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_DH_PUBLIC_KEY" title="PSA_KEY_TYPE_IS_DH_PUBLIC_KEY">PSA_KEY_TYPE_IS_DH_PUBLIC_KEY</a>(type) \
+ (((type) & 0xff00) == 0x4200)
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_ECC" title="PSA_KEY_TYPE_IS_ECC">PSA_KEY_TYPE_IS_ECC</a>(type) \
+ ((<a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR" title="PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR">PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR</a>(type) & 0xff00) == 0x4100)
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_ECC_KEY_PAIR" title="PSA_KEY_TYPE_IS_ECC_KEY_PAIR">PSA_KEY_TYPE_IS_ECC_KEY_PAIR</a>(type) \
+ (((type) & 0xff00) == 0x7100)
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY" title="PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY">PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY</a>(type) \
+ (((type) & 0xff00) == 0x4100)
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_KEY_PAIR" title="PSA_KEY_TYPE_IS_KEY_PAIR">PSA_KEY_TYPE_IS_KEY_PAIR</a>(type) \
+ (((type) & 0x7000) == 0x7000)
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_PUBLIC_KEY" title="PSA_KEY_TYPE_IS_PUBLIC_KEY">PSA_KEY_TYPE_IS_PUBLIC_KEY</a>(type) \
+ (((type) & 0x7000) == 0x4000)
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_RSA" title="PSA_KEY_TYPE_IS_RSA">PSA_KEY_TYPE_IS_RSA</a>(type) \
+ (<a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR" title="PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR">PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR</a>(type) == 0x4001)
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_IS_UNSTRUCTURED" title="PSA_KEY_TYPE_IS_UNSTRUCTURED">PSA_KEY_TYPE_IS_UNSTRUCTURED</a>(type) \
+ (((type) & 0x7000) == 0x1000 || ((type) & 0x7000) == 0x2000)
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY" title="PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY">PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY</a>(type) \
+ ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>) ((type) | 0x3000))
+
+#define <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR" title="PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR">PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR</a>(type) \
+ ((<a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t">psa_key_type_t</a>) ((type) & ~0x3000))
+</pre>
+</div>
+<div class="section" id="hash-suspend-state-macros">
+<h2>Hash suspend state macros</h2>
+<pre class="literal-block">
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH" title="PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH">PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH</a>(alg) \
+ ((alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD2" title="PSA_ALG_MD2">PSA_ALG_MD2</a> ? 64 : \
+ (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD4" title="PSA_ALG_MD4">PSA_ALG_MD4</a> || (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD5" title="PSA_ALG_MD5">PSA_ALG_MD5</a> ? 16 : \
+ (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_RIPEMD160" title="PSA_ALG_RIPEMD160">PSA_ALG_RIPEMD160</a> || (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_1" title="PSA_ALG_SHA_1">PSA_ALG_SHA_1</a> ? 20 : \
+ (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_224" title="PSA_ALG_SHA_224">PSA_ALG_SHA_224</a> || (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_256" title="PSA_ALG_SHA_256">PSA_ALG_SHA_256</a> ? 32 : \
+ (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512" title="PSA_ALG_SHA_512">PSA_ALG_SHA_512</a> || (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_384" title="PSA_ALG_SHA_384">PSA_ALG_SHA_384</a> || \
+ (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512_224" title="PSA_ALG_SHA_512_224">PSA_ALG_SHA_512_224</a> || (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512_256" title="PSA_ALG_SHA_512_256">PSA_ALG_SHA_512_256</a> ? 64 : \
+ 0)
+
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH" title="PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH">PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH</a>(alg) \
+ ((alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD2" title="PSA_ALG_MD2">PSA_ALG_MD2</a> ? 1 : \
+ (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD4" title="PSA_ALG_MD4">PSA_ALG_MD4</a> || (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_MD5" title="PSA_ALG_MD5">PSA_ALG_MD5</a> || (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_RIPEMD160" title="PSA_ALG_RIPEMD160">PSA_ALG_RIPEMD160</a> || \
+ (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_1" title="PSA_ALG_SHA_1">PSA_ALG_SHA_1</a> || (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_224" title="PSA_ALG_SHA_224">PSA_ALG_SHA_224</a> || (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_256" title="PSA_ALG_SHA_256">PSA_ALG_SHA_256</a> ? 8 : \
+ (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512" title="PSA_ALG_SHA_512">PSA_ALG_SHA_512</a> || (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_384" title="PSA_ALG_SHA_384">PSA_ALG_SHA_384</a> || \
+ (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512_224" title="PSA_ALG_SHA_512_224">PSA_ALG_SHA_512_224</a> || (alg)==<a class="reference internal" href="../api/ops/hashes.html#c.PSA_ALG_SHA_512_256" title="PSA_ALG_SHA_512_256">PSA_ALG_SHA_512_256</a> ? 16 : \
+ 0)
+
+#define <a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_SUSPEND_OUTPUT_SIZE" title="PSA_HASH_SUSPEND_OUTPUT_SIZE">PSA_HASH_SUSPEND_OUTPUT_SIZE</a>(alg) \
+ (<a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH" title="PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH">PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH</a> + \
+ <a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH" title="PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH">PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH</a>(alg) + \
+ <a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH" title="PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH">PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH</a>(alg) + \
+ <a class="reference internal" href="../api/ops/hashes.html#c.PSA_HASH_BLOCK_LENGTH" title="PSA_HASH_BLOCK_LENGTH">PSA_HASH_BLOCK_LENGTH</a>(alg) - 1)
+</pre>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../about.html">About this document</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1 current"><a class="current reference internal" href="#">Example macro implementations</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="#algorithm-macros">Algorithm macros</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#key-type-macros">Key type macros</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#hash-suspend-state-macros">Hash suspend state macros</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/appendix/sra.html b/docs/1.1.0/html/appendix/sra.html
new file mode 100644
index 0000000..b902d71
--- /dev/null
+++ b/docs/1.1.0/html/appendix/sra.html
@@ -0,0 +1,733 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>Security Risk Assessment — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../_static/jquery.js"></script>
+ <script type="text/javascript" src="../_static/underscore.js"></script>
+ <script type="text/javascript" src="../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../about.html" />
+ <link rel="index" title="Index" href="../genindex.html" />
+ <link rel="search" title="Search" href="../search.html" />
+ <link rel="next" title="Changes to the API" href="history.html" />
+ <link rel="prev" title="Example macro implementations" href="specdef_values.html" />
+
+ <link rel="stylesheet" href="../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="security-risk-assessment">
+<span id="sra"></span><h1>Security Risk Assessment</h1>
+<p>This Security Risk Assessment (SRA) analyses the security of the PSA Cryptography API itself, not of any specific implementation of the API, or any specific use of the API. However, the security of an implementation of this API depends on the implementation design, the capabilities of the system in which it is deployed, and the need to address some of the threats identified in this assessment.</p>
+<p>To enable this API to be suitable for a wider range of security use cases, this SRA considers a broad range of adversarial models and threats to the application and the implementation, as well as to the API.</p>
+<p>This approach allows the assessment to identify API design requirements that affect the ability for an implementation to mitigate threats that do not directly attack the API.</p>
+<p>The scope is described in <a class="reference internal" href="#adversarial-models"><span class="secref">Adversarial models</span></a>.</p>
+<div class="section" id="architecture">
+<h2>Architecture</h2>
+<div class="section" id="system-definition">
+<h3>System definition</h3>
+<p><span><a class="reference internal" href="#fig-system-entities"><span class="numref">Figure 18</span></a></span> shows the PSA Cryptography API as the defined interface that an Application uses to interact with the Cryptoprocessor.</p>
+<div class="figure" id="fig-system-entities">
+<img alt="../_images/system-entities.svg" src="../_images/system-entities.svg" /><p class="caption"><span class="caption-number">Figure 18 </span><span class="caption-text">PSA Cryptography API</span></p>
+</div>
+<div class="section" id="assumptions-constraints-and-interacting-entities">
+<h4>Assumptions, constraints, and interacting entities</h4>
+<p>This SRA makes the following assumptions about the PSA Cryptography API design:</p>
+<ul class="simple">
+<li>The API does not provide arguments that identify the caller, because they can be spoofed easily, and cannot be relied upon. It is assumed that the implementation of the API can determine the caller identity, where this is required. See <a class="reference internal" href="../overview/goals.html#isolation"><span class="secref">Optional isolation</span></a>.</li>
+<li>The API should not prevent the use of mitigations that are required by an implementation of the API. See <a class="reference internal" href="#remediation"><span class="secref">Remediation & residual risk</span></a>.</li>
+<li>The API follows best-practices for C interface design, reducing the risk of exploitable errors in the application and implementation code. See <a class="reference internal" href="../overview/goals.html#usability"><span class="secref">Ease of use</span></a>.</li>
+</ul>
+</div>
+<div class="section" id="trust-boundaries-and-information-flow">
+<span id="dfd"></span><h4>Trust boundaries and information flow</h4>
+<p>The PSA Cryptography API is the interface available to the programmer, and is the main attack surface that is analysed here. However, to ensure that the API enables the mitigation of other threats to an implementation, we also consider the system context in which the PSA Cryptography API is used.</p>
+<p><span><a class="reference internal" href="#fig-dfd-no-isolation"><span class="numref">Figure 19</span></a></span> shows the data flow for a typical application usage of the PSA Cryptography API, for example, to exchange ciphertext with an external system, or for at rest protection in system non-volatile storage. The Application uses the PSA Cryptography API to interact with the Cryptoprocessor. The Cryptoprocessor stores persistent keys in a Key Store.</p>
+<div class="figure" id="fig-dfd-no-isolation">
+<img alt="../_images/dfd_no_isolation.svg" src="../_images/dfd_no_isolation.svg" /><p class="caption"><span class="caption-number">Figure 19 </span><span class="caption-text">PSA Cryptography API dataflow diagram for an implementation with no isolation</span></p>
+</div>
+<p>For some adversarial models, <a class="reference internal" href="../about.html#term-cryptoprocessor-isolation"><span class="term">Cryptoprocessor isolation</span></a> or <a class="reference internal" href="../about.html#term-caller-isolation"><span class="term">Caller isolation</span></a> is required in the implementation to achieve the security goals. See <a class="reference internal" href="#security-goals"><span class="secref">Security goals</span></a>, and remediations R.1 and R.2 in <a class="reference internal" href="#remediation"><span class="secref">Remediation & residual risk</span></a>.</p>
+<p>The Cryptoprocessor can optionally include a trust boundary within its implementation of the API. The trust boundary shown in <span><a class="reference internal" href="#fig-dfd-crypto-isolation"><span class="numref">Figure 20</span></a></span> corresponds to Cryptoprocessor isolation.</p>
+<div class="figure" id="fig-dfd-crypto-isolation">
+<img alt="../_images/dfd_crypto_isolation.svg" src="../_images/dfd_crypto_isolation.svg" /><p class="caption"><span class="caption-number">Figure 20 </span><span class="caption-text">PSA Cryptography API dataflow diagram for an implementation with cryptoprocessor isolation</span></p>
+</div>
+<p>If the implementation supports multiple, independent client Applications within the system, each Application has its own view of the Cryptoprocessor and key store. The additional trust boundaries for a caller isolated implementation are shown in <span><a class="reference internal" href="#fig-dfd-caller-isolation"><span class="numref">Figure 21</span></a></span>.</p>
+<div class="figure" id="fig-dfd-caller-isolation">
+<img alt="../_images/dfd_caller_isolation.svg" src="../_images/dfd_caller_isolation.svg" /><p class="caption"><span class="caption-number">Figure 21 </span><span class="caption-text">PSA Cryptography API dataflow diagram for an implementation with caller isolation</span></p>
+</div>
+</div>
+</div>
+<div class="section" id="assets-and-stakeholders">
+<h3>Assets and stakeholders</h3>
+<ol class="arabic">
+<li><p class="first">Cryptographic keys and key-related assets. This includes the key properties, such as the key type, identity and policies.</p>
+<p>Stakeholders can include the SiP, the OEM, the system or application owner. Owners of a key need to be able to use the key for cryptographic operations, such as encryption or signature, and where permitted, delete, copy or extract the key.</p>
+<p>Disclosure of the cryptographic key material to an attacker defeats the protection that the use of cryptography provides. Modification of cryptographic key material or key properties by an attacker has the same end result. These allow an attacker access to the assets that are protected by the key.</p>
+</li>
+<li><p class="first">Other cryptographic assets, for example, intermediate calculation values and RNG state.</p>
+<p>Disclosure or modification of these assets can enable recovery of cryptographic keys, and loss of cryptographic protection.</p>
+</li>
+<li><p class="first">Application input/output data and cryptographic operation state.</p>
+<p>Application data is only provided to the Cryptoprocessor for cryptographic operations, and its stakeholder is the application owner.</p>
+<p>Disclosure of this data — whether it is plaintext, or other data or state — to an attacker defeats the protection that the use of cryptography provides. Modification of this data can have the same effect.</p>
+</li>
+</ol>
+</div>
+<div class="section" id="security-goals">
+<span id="id1"></span><h3>Security goals</h3>
+<p>Using cryptography is a mitigation in response to the risk of disclosure or tampering with data assets that require protection, where isolation of the attacker from the data asset is unavailable or inadequate.</p>
+<p>Using cryptography introduces other security threats. <span><a class="reference internal" href="#table-sg"><span class="numref">Table 24</span></a></span> lists the security goals for the PSA Cryptography API to address these threats.</p>
+<table border="1" class="colwidths-given longtable docutils align-right" id="table-sg">
+<caption><span class="caption-number">Table 24 </span><span class="caption-text">Security goals</span></caption>
+<colgroup>
+<col width="10%" />
+<col width="90%" />
+</colgroup>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Id</th>
+<th class="head">Description</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>G.1</td>
+<td>An attacker shall not be able to disclose the plaintext corresponding to a ciphertext for which they do not own the correct key.</td>
+</tr>
+<tr class="row-odd"><td>G.2</td>
+<td>An attacker shall not be able to generate authenticated material for which they do not own the correct key.</td>
+</tr>
+<tr class="row-even"><td>G.3</td>
+<td>An attacker shall not be able to exfiltrate keys or other private information stored by the PSA Cryptography API.</td>
+</tr>
+<tr class="row-odd"><td>G.4</td>
+<td>An attacker shall not be able to alter any state held by the implementation of the PSA Cryptography API, such as internal keys or other private information (for example, certificates, signatures, etc.).</td>
+</tr>
+</tbody>
+</table>
+</div>
+</div>
+<div class="section" id="threat-model">
+<h2>Threat Model</h2>
+<div class="section" id="adversarial-models">
+<span id="id2"></span><h3>Adversarial models</h3>
+<p>The API itself has limited ability to mitigate threats. However, mitigation of some of the threats within the cryptoprocessor can place requirements on the API design. This analysis considers a broad attack surface, to also identify requirements that enable the mitigation of specific threats within a cryptoprocessor implementation.</p>
+<p><span><a class="reference internal" href="#table-adversaries"><span class="numref">Table 25</span></a></span> describes the adversarial models that are considered in this assessment.</p>
+<p>A specific implementation of the PSA Cryptography API might not include all of these attacker capabilities within its own threat model. In this case, the related threats, risks, and mitigations might not be required for that implementation.</p>
+<table border="1" class="colwidths-given longtable docutils align-right" id="table-adversaries">
+<caption><span class="caption-number">Table 25 </span><span class="caption-text">Adversarial models</span></caption>
+<colgroup>
+<col width="10%" />
+<col width="90%" />
+</colgroup>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Id</th>
+<th class="head">Description</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>M.1</td>
+<td>The Adversary is capable of accessing data that is outside the logical or physical boundaries of the system, such as messages in transit or data in storage. The adversary aims to compromise the security properties of this data, for example, revealing encrypted plaintext or injecting forged authenticated data.</td>
+</tr>
+<tr class="row-odd"><td>M.2</td>
+<td><p class="first">The Adversary is capable of deploying and running software within the boundaries of the system with limited privileges, in order to compromise other parts of the system or gain access to protected assets.</p>
+<p class="last">This includes the use of the PSA Cryptography API, mounting timing attacks, glitching by abusing exposed power control interfaces, and other attacks which are mounted exclusively by running uncompromised software.</p>
+</td>
+</tr>
+<tr class="row-even"><td>M.3</td>
+<td>The Adversary is capable of compromising a target application, in order to extract or manipulate data, or abuse the PSA Cryptography API from the application.</td>
+</tr>
+<tr class="row-odd"><td>M.4</td>
+<td>The Adversary is capable of inducing faults or glitches during the application or cryptoprocessor operation.</td>
+</tr>
+<tr class="row-even"><td>M.5</td>
+<td>The Adversary is capable of performing hardware-assisted side-channel analysis. For example, power analysis, or measurements of EM or photonic emissions.</td>
+</tr>
+</tbody>
+</table>
+<p>The following adversarial models are not considered in this assessment:</p>
+<ul class="simple">
+<li>The Adversary is capable of interposing the memory interface to observe and modify the memory contents.</li>
+<li>The Adversary is capable of performing sophisticated hardware analysis and reverse engineering.</li>
+</ul>
+</div>
+<div class="section" id="threats-and-attacks">
+<h3>Threats and attacks</h3>
+<p><span><a class="reference internal" href="#table-threats"><span class="numref">Table 26</span></a></span> describes threats to the Security Goals, and provides examples of corresponding attacks. This table identifies which Security goals are affected by the attacks, and which Adversarial model or models are required to execute the attack.</p>
+<p>See <a class="reference internal" href="#risk-assessment"><span class="secref">Risk assessment</span></a> for an evaluation of the risks posed by these threats, <a class="reference internal" href="#mitigations"><span class="secref">Mitigations</span></a> for mitigation requirements in the API design, and <a class="reference internal" href="#remediation"><span class="secref">Remediation & residual risk</span></a> for mitigation recommendations in the cryptoprocessor implementation.</p>
+<table border="1" class="colwidths-given longtable docutils align-right" id="table-threats">
+<caption><span class="caption-number">Table 26 </span><span class="caption-text">Threats and attacks</span></caption>
+<colgroup>
+<col width="8%" />
+<col width="20%" />
+<col width="8%" />
+<col width="8%" />
+<col width="56%" />
+</colgroup>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Threat</th>
+<th class="head"> </th>
+<th class="head"> </th>
+<th class="head"> </th>
+<th class="head">Attack (Examples)</th>
+</tr>
+<tr class="row-even"><th class="head">Id</th>
+<th class="head">Description</th>
+<th class="head">Goals</th>
+<th class="head">Models</th>
+<th class="head">Id: Description</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-odd"><td>T.1</td>
+<td>Use of insecure or incorrectly implemented cryptography</td>
+<td>G.1 G.2</td>
+<td>M.1</td>
+<td><p class="first"><strong>A.C1</strong>: Using a cryptographic algorithm that is not adequately secure for the application use case can permit an attacker to recover the application plaintext from attacker-accessible data.</p>
+<p><strong>A.C2</strong>: Using a cryptographic algorithm that is not adequately secure for the application use case can permit an attacker to inject forged authenticated material into application data in transit or in storage.</p>
+<p class="last"><strong>A.C3</strong>: Using an insecure cryptographic algorithm, or one that is incorrectly implemented can permit an attacker to recover the cryptographic key. Key recovery enables the attacker to reveal encrypted plaintexts, and inject forged authenticated data.</p>
+</td>
+</tr>
+<tr class="row-even"><td>T.2</td>
+<td>Misuse of cryptographic algorithms</td>
+<td>G.1 G.2</td>
+<td>M.1</td>
+<td><strong>A.C4</strong>: Reusing a cryptographic key with different algorithms can result in cryptanalysis attacks on the ciphertexts or signatures which enable an attacker to recover the plaintext, or the key itself.</td>
+</tr>
+<tr class="row-odd"><td>T.3</td>
+<td>Recover non-extractable key through the API</td>
+<td>G.3</td>
+<td>M.2 or M.3</td>
+<td><p class="first"><strong>A.C5</strong>: The attacker uses an indirect mechanism provided by the API to extract a key that is not intended to be extractable.</p>
+<p class="last"><strong>A.C6</strong>: The attacker uses a mechanism provided by the API to enable brute-force recovery of a non-extractable key. For example, <span><em>On the Security of PKCS #11</em> <a class="reference internal" href="../about.html#citation-clulow"><span class="cite">[CLULOW]</span></a></span> describes various flaws in the design of the PKCS #11 interface standard that enable an attacker to recover secret and non-extractable keys.</p>
+</td>
+</tr>
+<tr class="row-even"><td>T.4</td>
+<td>Illegal inputs to the API</td>
+<td>G.3 G.4</td>
+<td>M.2 or M.3</td>
+<td><p class="first"><strong>A.60</strong>: Using a pointer to memory that does not belong to the application, in an attempt to make the cryptoprocessor read or write memory that is inaccessible to the application.</p>
+<p><strong>A.70</strong>: Passing out-of-range values, or incorrectly formatted data, to provoke incorrect behavior in the cryptoprocessor.</p>
+<p><strong>A.61</strong>: Providing invalid buffer lengths to cause out-of-bounds read or write access within the cryptoprocessor.</p>
+<p class="last"><strong>A.62</strong>: Call API functions in an invalid sequence to provoke incorrect operation of the cryptoprocessor.</p>
+</td>
+</tr>
+<tr class="row-odd"><td>T.5</td>
+<td>Direct access to cryptoprocessor state</td>
+<td>G.3 G.4</td>
+<td>M.2 or M.3</td>
+<td><p class="first"><strong>A.C7</strong>: Without a cryptoprocessor boundary, an attacker can directly access the cryptoprocessor state from an application. See <span><a class="reference internal" href="#fig-dfd-no-isolation"><span class="numref">Figure 19</span></a></span>.</p>
+<p class="last"><strong>A.C8</strong>: A misconfigured cryptoprocessor boundary can allow an attacker to directly access the cryptoprocessor state from an Application.</p>
+</td>
+</tr>
+<tr class="row-even"><td>T.6</td>
+<td>Access and use another application’s assets</td>
+<td>G.1 G.2</td>
+<td>M.2 or M.3</td>
+<td><p class="first"><strong>A.C9</strong>: Without application boundaries, the cryptoprocessor provides a unified view of the application assets. All keys are accessible to all callers of the PSA Cryptography API. See <span><a class="reference internal" href="#fig-dfd-caller-isolation"><span class="numref">Figure 21</span></a></span>.</p>
+<p class="last"><strong>A.C10</strong>: The attacker can spoof the application identity within a caller-isolated implementation to gain access to another application’s assets.</p>
+</td>
+</tr>
+<tr class="row-odd"><td>T.7</td>
+<td>Data-dependent timing</td>
+<td>G.1 G.3</td>
+<td>M.2 or M.3</td>
+<td><strong>A.C11</strong> Measuring the time for operations in the cryptoprocessor or the application, and using the differential in results to assist in recovery of the key or plaintext.</td>
+</tr>
+<tr class="row-even"><td>T.8</td>
+<td>Memory manipulation</td>
+<td>G.4</td>
+<td>M.4</td>
+<td><strong>A.19</strong>: Corrupt application or cryptoprocessor state via a fault, causing incorrect operation of the cryptoprocessor.</td>
+</tr>
+<tr class="row-odd"><td> </td>
+<td> </td>
+<td> </td>
+<td>M.2 or M.3</td>
+<td><strong>A.59</strong>: Modifying function parameters in memory, while the cryptoprocessor is accessing the parameter memory, to cause incorrect operation of the cryptoprocessor.</td>
+</tr>
+<tr class="row-even"><td>T.9</td>
+<td>Side channels</td>
+<td>G.1 G.3</td>
+<td>M.5</td>
+<td><strong>A.C12</strong> Taking measurements from physical side-channels during cryptoprocessor operation, and using this data to recover keys or plaintext. For example, using power or EM measurements.</td>
+</tr>
+<tr class="row-odd"><td> </td>
+<td> </td>
+<td> </td>
+<td>M.2 or M.3</td>
+<td><strong>A.C13</strong> Taking measurements from shared-resource side-channels during cryptoprocessor operation, and using this data to recover keys or plaintext. For example, attacks using a shared cache.</td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="section" id="risk-assessment">
+<span id="id3"></span><h3>Risk assessment</h3>
+<p>The risk ratings in <span><a class="reference internal" href="#table-risks"><span class="numref">Table 27</span></a></span> follow a version of the risk assessment scheme in <span><em>NIST Special Publication 800-30 Revision 1: Guide for Conducting Risk Assessments</em> <a class="reference internal" href="../about.html#citation-sp800-30"><span class="cite">[SP800-30]</span></a></span>. Likelihood of an attack and its impact are evaluated independently, and then they are combined to obtain the overall risk of the attack.</p>
+<p>The risk assessment is used to prioritize the threats that require mitigation. This helps to identify the mitigations that have the highest priority for implementation. Mitigations are described in <a class="reference internal" href="#mitigations"><span class="secref">Mitigations</span></a> and <a class="reference internal" href="#remediation"><span class="secref">Remediation & residual risk</span></a>.</p>
+<p>It is recommended that this assessment is repeated for a specific implementation or product, taking into consideration the Adversarial models that are within scope, and re-evaluating the impact based on the assets at risk.</p>
+<table border="1" class="colwidths-given longtable docutils align-right" id="table-risks">
+<caption><span class="caption-number">Table 27 </span><span class="caption-text">Risk assessment</span></caption>
+<colgroup>
+<col width="20%" />
+<col width="20%" />
+<col width="20%" />
+<col width="20%" />
+<col width="20%" />
+</colgroup>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Adversarial Model <sup>a</sup></th>
+<th class="head">Threat/Attack</th>
+<th class="head">Likelihood</th>
+<th class="head">Impact <sup>b</sup></th>
+<th class="head">Risk</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>M.1</td>
+<td>T.1</td>
+<td>High</td>
+<td>Medium</td>
+<td>Medium</td>
+</tr>
+<tr class="row-odd"><td>M.1</td>
+<td>T.2</td>
+<td>High</td>
+<td>Medium</td>
+<td>Medium</td>
+</tr>
+<tr class="row-even"><td>M.2 or M.3</td>
+<td>T.3</td>
+<td>Medium</td>
+<td>High</td>
+<td>Medium</td>
+</tr>
+<tr class="row-odd"><td>M.2 or M.3</td>
+<td>T.4</td>
+<td>High</td>
+<td>Medium</td>
+<td>Medium</td>
+</tr>
+<tr class="row-even"><td>M.2 or M.3</td>
+<td>T.5</td>
+<td>High</td>
+<td>Very high</td>
+<td>Very high</td>
+</tr>
+<tr class="row-odd"><td>M.2 or M.3</td>
+<td>T.6</td>
+<td>High</td>
+<td>High</td>
+<td>High</td>
+</tr>
+<tr class="row-even"><td>M.2 or M.3</td>
+<td>T.7</td>
+<td>Medium</td>
+<td>Medium</td>
+<td>Medium</td>
+</tr>
+<tr class="row-odd"><td>M.2 or M.3</td>
+<td>T.8/A.59</td>
+<td>Medium</td>
+<td>Medium</td>
+<td>Medium</td>
+</tr>
+<tr class="row-even"><td>M.4</td>
+<td>T.8/A.19</td>
+<td>Low</td>
+<td>Medium</td>
+<td>Low</td>
+</tr>
+<tr class="row-odd"><td>M.5</td>
+<td>T.9/A.C12</td>
+<td>Low</td>
+<td>High</td>
+<td>Medium</td>
+</tr>
+<tr class="row-even"><td>M.2 or M.3</td>
+<td>T.9/A.C12</td>
+<td>Medium</td>
+<td>High</td>
+<td>Medium</td>
+</tr>
+</tbody>
+</table>
+<ol class="loweralpha simple">
+<li>This repeats the association in <span><a class="reference internal" href="#table-threats"><span class="numref">Table 26</span></a></span> between an Adversarial model and the Threats that it enables. This aids filtering of the assessment based on the models that are in scope for a specific implementation.</li>
+<li>The impact of an attack is dependent on the impact of the disclosure or modification of the application data that is cryptographically protected. This is ultimately determined by the requirements and risk assessment for the product which is using this API. <span><a class="reference internal" href="#table-risks"><span class="numref">Table 27</span></a></span> allocates the impact as follows:<ul>
+<li>‘Medium’ if unspecified cryptoprocessor state or application data assets are affected.</li>
+<li>‘High’ if an application’s cryptographic assets are affected.</li>
+<li>‘Very High’ if all cryptoprocessor assets are affected.</li>
+</ul>
+</li>
+</ol>
+</div>
+</div>
+<div class="section" id="mitigations">
+<span id="id4"></span><h2>Mitigations</h2>
+<div class="section" id="objectives">
+<h3>Objectives</h3>
+<p>The objectives in <span><a class="reference internal" href="#table-objectives"><span class="numref">Table 28</span></a></span> are a high-level description of what the design must achieve in order to mitigate the threats. Detailed requirements that describe how the API or cryptoprocessor implementation can deliver the objectives are provided in <a class="reference internal" href="#mitigation-requirements"><span class="secref">Requirements</span></a> and <a class="reference internal" href="#remediation"><span class="secref">Remediation & residual risk</span></a>.</p>
+<table border="1" class="colwidths-given longtable docutils align-right" id="table-objectives">
+<caption><span class="caption-number">Table 28 </span><span class="caption-text">Mitigation objectives</span></caption>
+<colgroup>
+<col width="8%" />
+<col width="54%" />
+<col width="38%" />
+</colgroup>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Id</th>
+<th class="head">Description</th>
+<th class="head">Threats addressed</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>O.1</td>
+<td>Hide keys from the application</td>
+<td> </td>
+</tr>
+<tr class="row-odd"><td> </td>
+<td>Keys are never directly manipulated by application software. Instead keys are referred to by handle, removing the need to deal with sensitive key material inside applications. This form of API is also suitable for secure elements, based on tamper-resistant hardware, that never reveal cryptographic keys.</td>
+<td><p class="first">T.1 T.2 T.3 — see <a class="reference internal" href="../overview/goals.html#keystore"><span class="secref">A keystore interface</span></a>.</p>
+<p class="last">T.5 T.6 — to mitigate T.5 and T.6, the implementation must provide some form of isolation. See <a class="reference internal" href="../overview/goals.html#isolation"><span class="secref">Optional isolation</span></a>.</p>
+</td>
+</tr>
+<tr class="row-even"><td>O.2</td>
+<td>Limit key usage</td>
+<td> </td>
+</tr>
+<tr class="row-odd"><td> </td>
+<td>Associate each key with a policy that limits the use of the key. The policy is defined by the application when the key is created, after which it is immutable.</td>
+<td>T.2 T.3 — see <a class="reference internal" href="../api/keys/policy.html#key-policy"><span class="secref">Key policies</span></a>.</td>
+</tr>
+<tr class="row-even"><td>O.3</td>
+<td>Best-practice cryptography</td>
+<td> </td>
+</tr>
+<tr class="row-odd"><td> </td>
+<td>An application developer-oriented API to achieve practical cryptography: the PSA Cryptography API offers services that are oriented towards the application of cryptographic methods like encrypt, sign, verify. This enables the implementation to focus on best-practice implementation of the cryptographic primitive, and the application developer on correct selection and use of those primitives.</td>
+<td>T.1 T.2 T.7 T.8 — see <a class="reference internal" href="../overview/goals.html#usability"><span class="secref">Ease of use</span></a>.</td>
+</tr>
+<tr class="row-even"><td>O.4</td>
+<td>Algorithm agility</td>
+<td> </td>
+</tr>
+<tr class="row-odd"><td> </td>
+<td>Cryptographic functions are not tied to a specific cryptographic algorithm. Primitives are designated at run-time. This simplifies updating an application to use a more secure algorithm, and makes it easier to implement dynamic selection of cryptographic algorithms within an application.</td>
+<td>T.1 — see <a class="reference internal" href="../overview/goals.html#algorithm-agility"><span class="secref">Choice of algorithms</span></a>.</td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="section" id="requirements">
+<span id="mitigation-requirements"></span><h3>Requirements</h3>
+<p>The design of the API can mitigate, or enable a cryptoprocessor to mitigate, some of the identified attacks. <span><a class="reference internal" href="#tab-security-requirements"><span class="numref">Table 29</span></a></span> describes these mitigations. Mitigations that are delegated to the cryptoprocessor or application are described in <a class="reference internal" href="#remediation"><span class="secref">Remediation & residual risk</span></a>.</p>
+<table border="1" class="colwidths-given longtable docutils align-right" id="tab-security-requirements">
+<caption><span class="caption-number">Table 29 </span><span class="caption-text">Security requirements</span></caption>
+<colgroup>
+<col width="8%" />
+<col width="31%" />
+<col width="31%" />
+<col width="31%" />
+</colgroup>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Id</th>
+<th class="head">Description</th>
+<th class="head">API impact</th>
+<th class="head">Threats/attacks addressed</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>SR.1 (O.1)</td>
+<td>Key values are not exposed by the API, except when importing or exporting a key.</td>
+<td>The full key policy must be provided at the time a key is created. See <a class="reference internal" href="../overview/functionality.html#key-overview"><span class="secref">Key management</span></a>.</td>
+<td>T.3/A.C5 — key values are hidden by the API.</td>
+</tr>
+<tr class="row-odd"><td>SR.2 (O.2)</td>
+<td>The policy for a key must be set when the key is created, and be immutable afterward.</td>
+<td>The full key policy must be provided at the time a key is created. See <a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_attributes_t</span></code></a>.</td>
+<td><p class="first">T.3/A.C5 — once created, the key usage permissions cannot be changed to permit export.</p>
+<p class="last">T.2/A.C4— once created, a key cannot be repurposed by changing its policy.</p>
+</td>
+</tr>
+<tr class="row-even"><td>SR.3 (O.2)</td>
+<td>The key policy must control the algorithms that the key can be used with, and the functions of the API that the key can be used with.</td>
+<td>The key policy must include usage permissions, and permitted-algorithm attributes. See <a class="reference internal" href="../api/keys/policy.html#key-policy"><span class="secref">Key policies</span></a>.</td>
+<td>T.2/A.C4 — a key cannot be reused with different algorithms.</td>
+</tr>
+<tr class="row-odd"><td>SR.4 (O.1)</td>
+<td>Key export must be controlled by the key policy.</td>
+<td>See <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_EXPORT" title="PSA_KEY_USAGE_EXPORT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_EXPORT</span></code></a>.</td>
+<td>T.3/A.C5 — a key can only be extracted from the cryptoprocessor if explicitly permitted by the key creator.</td>
+</tr>
+<tr class="row-even"><td>SR.5 (O.1)</td>
+<td>The policy of a copied key must not provide rights that are not permitted by the original key policy.</td>
+<td>See <a class="reference internal" href="../api/keys/management.html#c.psa_copy_key" title="psa_copy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_copy_key()</span></code></a>.</td>
+<td><p class="first">T.3/A.C5 — a copy of a key cannot be exported if the original could not be exported.</p>
+<p class="last">T.3/A.C4 — a copy of a key cannot be used in different algorithm to the original.</p>
+</td>
+</tr>
+<tr class="row-odd"><td>SR.6 (O.3)</td>
+<td>Unless explicitly required by the use case, the API must not define cryptographic algorithms with known security weaknesses. If possible, deprecated algorithms should not be included.</td>
+<td>Algorithm inclusion is based on use cases. Warnings are provided for algorithms and operations with known security weaknesses, and recommendations made to use alternative algorithms.</td>
+<td>T.1/A.C1 A.C2 A.C3</td>
+</tr>
+<tr class="row-even"><td>SR.7 (O.4)</td>
+<td>The API design must make it easy to change to a different algorithm of the same type.</td>
+<td>Cryptographic operation functions select the specific algorithm based on parameters passed at runtime. See <a class="reference internal" href="../api/keys/types.html#key-types"><span class="secref">Key types</span></a> and <a class="reference internal" href="../api/ops/algorithms.html#algorithms"><span class="secref">Algorithms</span></a>.</td>
+<td>T.1/A.C1 A.C2 A.C3</td>
+</tr>
+<tr class="row-odd"><td>SR.8 (O.1)</td>
+<td>Key derivation functions that expose part of the key value, or make part of the key value easily recoverable, must not be provided in the API.</td>
+<td> </td>
+<td>T.3/A.C6</td>
+</tr>
+<tr class="row-even"><td>SR.9 (O.3)</td>
+<td>Constant values defined by the API must be designed to resist bit faults.</td>
+<td><p class="first">Key type values explicitly consider single-bit faults, see <a class="reference internal" href="encodings.html#key-type-encoding"><span class="secref">Key type encoding</span></a>. <sup>a</sup></p>
+<p class="last">Success and error status codes differ by multiple bits, see <a class="reference internal" href="../api/library/status.html#status-codes"><span class="secref">PSA status codes</span></a>. <sup>b</sup></p>
+</td>
+<td>T.8/A.19 — enablement only, mitigation is delegated to the implementation.</td>
+</tr>
+<tr class="row-odd"><td>SR.10 (O.3)</td>
+<td>The API design must permit the implementation of operations with data-independent timing.</td>
+<td>Provision of comparison functions for MAC, hash and key derivation operations.</td>
+<td>T.7/A.C11 — enablement only, mitigation is delegated to the implementation.</td>
+</tr>
+<tr class="row-even"><td>SR.11 (O.3)</td>
+<td>Specify behavior for memory shared between the application and cryptoprocessor, including where multiple parameters overlap.</td>
+<td>Standardize the result when parameters overlap, see <a class="reference internal" href="../overview/conventions.html#buffer-overlap"><span class="secref">Overlap between parameters</span></a>.</td>
+<td>T.8/A.59 — enablement only, mitigation is delegated to the implementation.</td>
+</tr>
+<tr class="row-odd"><td>SR.12 (O.1) (O.2)</td>
+<td>The API must permit the implementation to isolate the cryptoprocessor, to prevent access to keys without using the API.</td>
+<td>No use of shared memory between application and cryptoprocessor, except as function parameters.</td>
+<td>T.5/A.C7 — enablement only, mitigation is delegated to the implementation.</td>
+</tr>
+<tr class="row-even"><td>SR.13 (O.3)</td>
+<td>The API design must permit the implementation of operations using mitigation techniques that resist side-channel attacks.</td>
+<td><p class="first">Operations that use random blinding to resist side-channel attacks, can return RNG-specific error codes.</p>
+<p class="last">See also SR.12, which enables the cryptoprocessor to be fully isolated, and implemented within a separate security processor.</p>
+</td>
+<td>T.9 — enablement only, mitigation is delegated to the implementation.</td>
+</tr>
+</tbody>
+</table>
+<ol class="loweralpha simple">
+<li>Limited resistance to bit faults is still valuable in systems where memory may be susceptible to single-bit flip attacks, for example, Rowhammer on some types of DRAM.</li>
+<li>Unlike key type values, algorithm identifiers used in cryptographic operations are verified against a the permitted-algorithm in the key policy. This provides a mitigation for a bit fault in an algorithm identifier value, without requiring error detection within the algorithm identifier itself.</li>
+</ol>
+</div>
+</div>
+<div class="section" id="remediation-residual-risk">
+<span id="remediation"></span><h2>Remediation & residual risk</h2>
+<div class="section" id="implementation-remediations">
+<h3>Implementation remediations</h3>
+<p><span><a class="reference internal" href="#tab-remediation"><span class="numref">Table 30</span></a></span> includes all recommended remediations for an implementation, assuming the full adversarial model described in <a class="reference internal" href="#adversarial-models"><span class="secref">Adversarial models</span></a>. When an implementation has a subset of the adversarial models, then individual remediations can be excluded from an implementation, if the associated threat is not relevant for that implementation.</p>
+<table border="1" class="colwidths-given longtable docutils align-right" id="tab-remediation">
+<caption><span class="caption-number">Table 30 </span><span class="caption-text">Implementation remediations</span></caption>
+<colgroup>
+<col width="8%" />
+<col width="31%" />
+<col width="62%" />
+</colgroup>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Id</th>
+<th class="head">Identified gap</th>
+<th class="head">Suggested remediation</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>R.1 (O.1) (O.3)</td>
+<td>T.5 — direct access to cryptoprocessor state.</td>
+<td>The cryptoprocessor implementation provides <a class="reference internal" href="../about.html#term-cryptoprocessor-isolation"><span class="term">cryptoprocessor isolation</span></a> or <a class="reference internal" href="../about.html#term-caller-isolation"><span class="term">caller isolation</span></a>, to isolate the application from the cryptoprocessor state, and from volatile and persistent key material.</td>
+</tr>
+<tr class="row-odd"><td>R.2 (O.1) (O.3)</td>
+<td>T.6 — access and use another application’s assets.</td>
+<td><p class="first">The cryptoprocessor implementation provides <a class="reference internal" href="../about.html#term-caller-isolation"><span class="term">caller isolation</span></a>, and maintains separate cryptoprocessor state for each application. Each application must only be able to access its own keys and ongoing operations.</p>
+<p class="last">Caller isolation requires that the implementation can securely identify the caller of the PSA Cryptography API.</p>
+</td>
+</tr>
+<tr class="row-even"><td>R.3 (O.3)</td>
+<td>T.4/A.60 A.61 — using illegal memory inputs.</td>
+<td>The cryptoprocessor implementation validates that memory buffers provided by the application are accessible by the application.</td>
+</tr>
+<tr class="row-odd"><td>R.4 (O.3)</td>
+<td>T.4/A.70 — providing invalid formatted data.</td>
+<td>The cryptoprocessor implementation checks that imported key data is valid before use.</td>
+</tr>
+<tr class="row-even"><td>R.5 (O.3)</td>
+<td>T.4/A.62 — call the API in an invalid operation sequence.</td>
+<td>The cryptoprocessor implementation enforces the correct sequencing of calls in multi-part operations. See <a class="reference internal" href="../overview/functionality.html#multi-part-operations"><span class="secref">Multi-part operations</span></a>.</td>
+</tr>
+<tr class="row-odd"><td>R.6 (O.1) (O.3)</td>
+<td>T.3/A.C5 A.C6 — indirect key disclosure via the API.</td>
+<td>Cryptoprocessor implementation-specific extensions to the API must avoid providing mechanisms that can extract or recover key values, such as trivial key derivation algorithms.</td>
+</tr>
+<tr class="row-even"><td>R.8 (O.3)</td>
+<td>T.8/A.59 — concurrent modification of parameter memory.</td>
+<td>The cryptoprocessor implementation treats application memory as untrusted and volatile, typically by not reading the same memory location twice. See <a class="reference internal" href="../overview/conventions.html#stability-of-parameters"><span class="secref">Stability of parameters</span></a>.</td>
+</tr>
+<tr class="row-odd"><td>R.9 (O.3)</td>
+<td>T.2/A.C4 — incorrect cryptographic parameters.</td>
+<td>The cryptoprocessor implementation validates the key attributes and other parameters used for a cryptographic operation, to ensure these conform to the API specification and to the specification of the algorithm itself.</td>
+</tr>
+<tr class="row-even"><td>R.10 (O.3)</td>
+<td>T.1/A.C1 A.C2 A.C3 — insecure cryptographic algorithms.</td>
+<td>The cryptoprocessor does not support deprecated cryptographic algorithms, unless justified by specific use case requirements.</td>
+</tr>
+<tr class="row-odd"><td>R.11 (O.3)</td>
+<td>T.7/A.C11 — data-independent timing.</td>
+<td>The cryptoprocessor implements cryptographic operations with data-independent timing.</td>
+</tr>
+<tr class="row-even"><td>R.12 (O.3)</td>
+<td>T.9 — side-channels.</td>
+<td>The cryptoprocessor implements resistance to side-channels.</td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="section" id="residual-risk">
+<h3>Residual risk</h3>
+<p><span><a class="reference internal" href="#tab-residual-risk"><span class="numref">Table 31</span></a></span> describes the remaining risks that cannot be mitigated fully by the API or cryptoprocessor implementation. Responsibility for managing these risks lies with the application developers and system integrators.</p>
+<table border="1" class="colwidths-given longtable docutils align-right" id="tab-residual-risk">
+<caption><span class="caption-number">Table 31 </span><span class="caption-text">Residual risk</span></caption>
+<colgroup>
+<col width="8%" />
+<col width="31%" />
+<col width="62%" />
+</colgroup>
+<thead valign="bottom">
+<tr class="row-odd"><th class="head">Id</th>
+<th class="head">Threat/attack</th>
+<th class="head">Suggested remediations</th>
+</tr>
+</thead>
+<tbody valign="top">
+<tr class="row-even"><td>RR.1</td>
+<td>T.1</td>
+<td>Selection of appropriately secure protocols, algorithms and key sizes is the responsibility of the application developer.</td>
+</tr>
+<tr class="row-odd"><td>RR.2</td>
+<td>T.5</td>
+<td>Correct isolation of the cryptoprocessor is the responsibility of the cryptoprocessor and system implementation.</td>
+</tr>
+<tr class="row-even"><td>RR.3</td>
+<td>T.6</td>
+<td>Correct identification of the application client is the responsibility of the cryptoprocessor and system implementation.</td>
+</tr>
+</tbody>
+</table>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../about.html">About this document</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1 current"><a class="current reference internal" href="#">Security Risk Assessment</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="#architecture">Architecture</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#system-definition">System definition</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#assets-and-stakeholders">Assets and stakeholders</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#security-goals">Security goals</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#threat-model">Threat Model</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#adversarial-models">Adversarial models</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#threats-and-attacks">Threats and attacks</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#risk-assessment">Risk assessment</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#mitigations">Mitigations</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#objectives">Objectives</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#requirements">Requirements</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#remediation-residual-risk">Remediation & residual risk</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#implementation-remediations">Implementation remediations</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#residual-risk">Residual risk</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/genindex.html b/docs/1.1.0/html/genindex.html
new file mode 100644
index 0000000..e4a018d
--- /dev/null
+++ b/docs/1.1.0/html/genindex.html
@@ -0,0 +1,111 @@
+
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>Index — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: './',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="_static/jquery.js"></script>
+ <script type="text/javascript" src="_static/underscore.js"></script>
+ <script type="text/javascript" src="_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="about.html" />
+ <link rel="index" title="Index" href="#" />
+ <link rel="search" title="Search" href="search.html" />
+
+ <link rel="stylesheet" href="_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+
+<h1 id="index">Index</h1>
+
+<div class="genindex-jumpbox">
+
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="about.html">About this document</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="api/library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="api/keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="api/ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/index.html b/docs/1.1.0/html/index.html
new file mode 100644
index 0000000..99f7d5f
--- /dev/null
+++ b/docs/1.1.0/html/index.html
@@ -0,0 +1,467 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>PSA Cryptography API 1.1 — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: './',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="_static/jquery.js"></script>
+ <script type="text/javascript" src="_static/underscore.js"></script>
+ <script type="text/javascript" src="_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="about.html" />
+ <link rel="index" title="Index" href="genindex.html" />
+ <link rel="search" title="Search" href="search.html" />
+ <link rel="next" title="About this document" href="about.html" />
+
+ <link rel="stylesheet" href="_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <a class="reference internal image-reference" href="_images/Arm_logo_blue_150LG.png"><img alt="_images/Arm_logo_blue_150LG.png" class="align-right" src="_images/Arm_logo_blue_150LG.png" style="width: 5cm;" /></a>
+<div class="section" id="doctitle-docversion">
+<h1>PSA Cryptography API 1.1</h1>
+<table border="1" class="titletable docutils align-left">
+<colgroup>
+<col width="50%" />
+<col width="50%" />
+</colgroup>
+<tbody valign="top">
+<tr class="row-odd"><td>Document number:</td>
+<td>IHI 0086</td>
+</tr>
+<tr class="row-even"><td>Release Quality:</td>
+<td>Final</td>
+</tr>
+<tr class="row-odd"><td>Issue Number:</td>
+<td>0</td>
+</tr>
+<tr class="row-even"><td>Confidentiality:</td>
+<td>Non-confidential</td>
+</tr>
+<tr class="row-odd"><td>Date of Issue:</td>
+<td>10/02/2022</td>
+</tr>
+</tbody>
+</table>
+<p class="titlecopyright">Copyright © 2018-2022, Arm Limited. All rights reserved.</p>
+<p><span class="sectiontitle">Contents</span></p>
+<div class="toctree-wrapper compound">
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="about.html">About this document</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="about.html#release-information">Release information</a></li>
+<li class="toctree-l2"><a class="reference internal" href="about.html#arm-non-confidential-document-licence-licence">Arm Non-Confidential Document Licence (“Licence”)</a></li>
+<li class="toctree-l2"><a class="reference internal" href="about.html#references">References</a></li>
+<li class="toctree-l2"><a class="reference internal" href="about.html#terms-and-abbreviations">Terms and abbreviations</a></li>
+<li class="toctree-l2"><a class="reference internal" href="about.html#potential-for-change">Potential for change</a></li>
+<li class="toctree-l2"><a class="reference internal" href="about.html#conventions">Conventions</a></li>
+<li class="toctree-l2"><a class="reference internal" href="about.html#pseudocode-descriptions">Pseudocode descriptions</a></li>
+<li class="toctree-l2"><a class="reference internal" href="about.html#assembler-syntax-descriptions">Assembler syntax descriptions</a></li>
+<li class="toctree-l2"><a class="reference internal" href="about.html#feedback">Feedback</a></li>
+</ul>
+</li>
+</ul>
+</div>
+<div class="toctree-wrapper compound">
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/goals.html">2. Design goals</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="overview/goals.html#suitable-for-constrained-devices">2.1. Suitable for constrained devices</a></li>
+<li class="toctree-l2"><a class="reference internal" href="overview/goals.html#a-keystore-interface">2.2. A keystore interface</a></li>
+<li class="toctree-l2"><a class="reference internal" href="overview/goals.html#optional-isolation">2.3. Optional isolation</a></li>
+<li class="toctree-l2"><a class="reference internal" href="overview/goals.html#choice-of-algorithms">2.4. Choice of algorithms</a></li>
+<li class="toctree-l2"><a class="reference internal" href="overview/goals.html#ease-of-use">2.5. Ease of use</a></li>
+<li class="toctree-l2"><a class="reference internal" href="overview/goals.html#example-use-cases">2.6. Example use cases</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="overview/goals.html#network-security-tls">2.6.1. Network Security (TLS)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/goals.html#secure-storage">2.6.2. Secure Storage</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/goals.html#network-credentials">2.6.3. Network Credentials</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/goals.html#device-pairing">2.6.4. Device Pairing</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/goals.html#secure-boot">2.6.5. Secure Boot</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/goals.html#attestation">2.6.6. Attestation</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/goals.html#factory-provisioning">2.6.7. Factory Provisioning</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="overview/functionality.html">3. Functionality overview</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="overview/functionality.html#library-management">3.1. Library management</a></li>
+<li class="toctree-l2"><a class="reference internal" href="overview/functionality.html#key-management">3.2. Key management</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="overview/functionality.html#key-types">3.2.1. Key types</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/functionality.html#key-identifiers">3.2.2. Key identifiers</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/functionality.html#key-lifetimes">3.2.3. Key lifetimes</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/functionality.html#key-policies">3.2.4. Key policies</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/functionality.html#recommendations-of-minimum-standards-for-key-management">3.2.5. Recommendations of minimum standards for key management</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="overview/functionality.html#symmetric-cryptography">3.3. Symmetric cryptography</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="overview/functionality.html#single-part-functions">3.3.1. Single-part Functions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/functionality.html#multi-part-operations">3.3.2. Multi-part operations</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/functionality.html#example-of-the-symmetric-cryptography-api">3.3.3. Example of the symmetric cryptography API</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="overview/functionality.html#asymmetric-cryptography">3.4. Asymmetric cryptography</a></li>
+<li class="toctree-l2"><a class="reference internal" href="overview/functionality.html#randomness-and-key-generation">3.5. Randomness and key generation</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="overview/sample-arch.html">4. Sample architectures</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="overview/sample-arch.html#single-partition-architecture">4.1. Single-partition architecture</a></li>
+<li class="toctree-l2"><a class="reference internal" href="overview/sample-arch.html#cryptographic-token-and-single-application-processor">4.2. Cryptographic token and single-application processor</a></li>
+<li class="toctree-l2"><a class="reference internal" href="overview/sample-arch.html#cryptoprocessor-with-no-key-storage">4.3. Cryptoprocessor with no key storage</a></li>
+<li class="toctree-l2"><a class="reference internal" href="overview/sample-arch.html#multi-client-cryptoprocessor">4.4. Multi-client cryptoprocessor</a></li>
+<li class="toctree-l2"><a class="reference internal" href="overview/sample-arch.html#multi-cryptoprocessor-architecture">4.5. Multi-cryptoprocessor architecture</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="overview/conventions.html">5. Library conventions</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="overview/conventions.html#header-files">5.1. Header files</a></li>
+<li class="toctree-l2"><a class="reference internal" href="overview/conventions.html#api-conventions">5.2. API conventions</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="overview/conventions.html#identifier-names">5.2.1. Identifier names</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/conventions.html#basic-types">5.2.2. Basic types</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/conventions.html#data-types">5.2.3. Data types</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/conventions.html#constants">5.2.4. Constants</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/conventions.html#function-like-macros">5.2.5. Function-like macros</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/conventions.html#functions">5.2.6. Functions</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="overview/conventions.html#error-handling">5.3. Error handling</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="overview/conventions.html#return-status">5.3.1. Return status</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/conventions.html#behavior-on-error">5.3.2. Behavior on error</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="overview/conventions.html#parameter-conventions">5.4. Parameter conventions</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="overview/conventions.html#pointer-conventions">5.4.1. Pointer conventions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/conventions.html#input-buffer-sizes">5.4.2. Input buffer sizes</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/conventions.html#output-buffer-sizes">5.4.3. Output buffer sizes</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/conventions.html#overlap-between-parameters">5.4.4. Overlap between parameters</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/conventions.html#stability-of-parameters">5.4.5. Stability of parameters</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="overview/conventions.html#key-types-and-algorithms">5.5. Key types and algorithms</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="overview/conventions.html#structure-of-key-types-and-algorithms">5.5.1. Structure of key types and algorithms</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="overview/conventions.html#concurrent-calls">5.6. Concurrent calls</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="overview/implementation.html">6. Implementation considerations</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="overview/implementation.html#implementation-specific-aspects-of-the-interface">6.1. Implementation-specific aspects of the interface</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="overview/implementation.html#implementation-profile">6.1.1. Implementation profile</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/implementation.html#implementation-specific-types">6.1.2. Implementation-specific types</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/implementation.html#implementation-specific-macros">6.1.3. Implementation-specific macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="overview/implementation.html#porting-to-a-platform">6.2. Porting to a platform</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="overview/implementation.html#platform-assumptions">6.2.1. Platform assumptions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/implementation.html#platform-specific-types">6.2.2. Platform-specific types</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/implementation.html#cryptographic-hardware-support">6.2.3. Cryptographic hardware support</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="overview/implementation.html#security-requirements-and-recommendations">6.3. Security requirements and recommendations</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="overview/implementation.html#error-detection">6.3.1. Error detection</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/implementation.html#indirect-object-references">6.3.2. Indirect object references</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/implementation.html#memory-cleanup">6.3.3. Memory cleanup</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/implementation.html#managing-key-material">6.3.4. Managing key material</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/implementation.html#safe-outputs-on-error">6.3.5. Safe outputs on error</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/implementation.html#attack-resistance">6.3.6. Attack resistance</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="overview/implementation.html#other-implementation-considerations">6.4. Other implementation considerations</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="overview/implementation.html#philosophy-of-resource-management">6.4.1. Philosophy of resource management</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="overview/usage.html">7. Usage considerations</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="overview/usage.html#security-recommendations">7.1. Security recommendations</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="overview/usage.html#always-check-for-errors">7.1.1. Always check for errors</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/usage.html#shared-memory-and-concurrency">7.1.2. Shared memory and concurrency</a></li>
+<li class="toctree-l3"><a class="reference internal" href="overview/usage.html#cleaning-up-after-use">7.1.3. Cleaning up after use</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="api/library/index.html">8. Library management reference</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="api/library/status.html">8.1. PSA status codes</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/library/status.html#status-type">8.1.1. Status type</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/library/status.html#success-codes">8.1.2. Success codes</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/library/status.html#common-error-codes">8.1.3. Common error codes</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/library/status.html#error-codes-specific-to-this-api">8.1.4. Error codes specific to this API</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="api/library/library.html">8.2. PSA Crypto library</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/library/library.html#api-version">8.2.1. API version</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/library/library.html#library-initialization">8.2.2. Library initialization</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="api/keys/index.html">9. Key management reference</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="api/keys/attributes.html">9.1. Key attributes</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/attributes.html#managing-key-attributes">9.1.1. Managing key attributes</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="api/keys/types.html">9.2. Key types</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/types.html#key-type-encoding">9.2.1. Key type encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/types.html#key-categories">9.2.2. Key categories</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/types.html#symmetric-keys">9.2.3. Symmetric keys</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/types.html#rsa-keys">9.2.4. RSA keys</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/types.html#elliptic-curve-keys">9.2.5. Elliptic Curve keys</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/types.html#diffie-hellman-keys">9.2.6. Diffie Hellman keys</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/types.html#attribute-accessors">9.2.7. Attribute accessors</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="api/keys/lifetimes.html">9.3. Key lifetimes</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/lifetimes.html#volatile-keys">9.3.1. Volatile keys</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/lifetimes.html#persistent-keys">9.3.2. Persistent keys</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/lifetimes.html#lifetime-encodings">9.3.3. Lifetime encodings</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/lifetimes.html#lifetime-values">9.3.4. Lifetime values</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/lifetimes.html#attribute-accessors">9.3.5. Attribute accessors</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/lifetimes.html#support-macros">9.3.6. Support macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="api/keys/ids.html">9.4. Key identifiers</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/ids.html#key-identifier-type">9.4.1. Key identifier type</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/ids.html#attribute-accessors">9.4.2. Attribute accessors</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="api/keys/policy.html">9.5. Key policies</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/policy.html#permitted-algorithms">9.5.1. Permitted algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/policy.html#key-usage-flags">9.5.2. Key usage flags</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="api/keys/management.html">9.6. Key management functions</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/management.html#key-creation">9.6.1. Key creation</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/management.html#key-destruction">9.6.2. Key destruction</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/keys/management.html#key-export">9.6.3. Key export</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="api/ops/index.html">10. Cryptographic operation reference</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="api/ops/algorithms.html">10.1. Algorithms</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/algorithms.html#algorithm-encoding">10.1.1. Algorithm encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/algorithms.html#algorithm-categories">10.1.2. Algorithm categories</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="api/ops/hashes.html">10.2. Message digests (Hashes)</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/hashes.html#hash-algorithms">10.2.1. Hash algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/hashes.html#single-part-hashing-functions">10.2.2. Single-part hashing functions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/hashes.html#multi-part-hashing-operations">10.2.3. Multi-part hashing operations</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/hashes.html#support-macros">10.2.4. Support macros</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/hashes.html#hash-suspend-state">10.2.5. Hash suspend state</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="api/ops/macs.html">10.3. Message authentication codes (MAC)</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/macs.html#mac-algorithms">10.3.1. MAC algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/macs.html#single-part-mac-functions">10.3.2. Single-part MAC functions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/macs.html#multi-part-mac-operations">10.3.3. Multi-part MAC operations</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/macs.html#support-macros">10.3.4. Support macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="api/ops/ciphers.html">10.4. Unauthenticated ciphers</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/ciphers.html#cipher-algorithms">10.4.1. Cipher algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/ciphers.html#single-part-cipher-functions">10.4.2. Single-part cipher functions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/ciphers.html#multi-part-cipher-operations">10.4.3. Multi-part cipher operations</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/ciphers.html#support-macros">10.4.4. Support macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="api/ops/aead.html">10.5. Authenticated encryption with associated data (AEAD)</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/aead.html#aead-algorithms">10.5.1. AEAD algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/aead.html#single-part-aead-functions">10.5.2. Single-part AEAD functions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/aead.html#multi-part-aead-operations">10.5.3. Multi-part AEAD operations</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/aead.html#support-macros">10.5.4. Support macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="api/ops/kdf.html">10.6. Key derivation</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/kdf.html#key-derivation-algorithms">10.6.1. Key derivation algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/kdf.html#input-step-types">10.6.2. Input step types</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/kdf.html#key-derivation-functions">10.6.3. Key derivation functions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/kdf.html#support-macros">10.6.4. Support macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="api/ops/sign.html">10.7. Asymmetric signature</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/sign.html#asymmetric-signature-algorithms">10.7.1. Asymmetric signature algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/sign.html#asymmetric-signature-functions">10.7.2. Asymmetric signature functions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/sign.html#support-macros">10.7.3. Support macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="api/ops/pke.html">10.8. Asymmetric encryption</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/pke.html#asymmetric-encryption-algorithms">10.8.1. Asymmetric encryption algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/pke.html#asymmetric-encryption-functions">10.8.2. Asymmetric encryption functions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/pke.html#support-macros">10.8.3. Support macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="api/ops/ka.html">10.9. Key agreement</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/ka.html#key-agreement-algorithms">10.9.1. Key agreement algorithms</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/ka.html#standalone-key-agreement">10.9.2. Standalone key agreement</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/ka.html#combining-key-agreement-and-key-derivation">10.9.3. Combining key agreement and key derivation</a></li>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/ka.html#support-macros">10.9.4. Support macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="api/ops/rng.html">10.10. Other cryptographic services</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="api/ops/rng.html#random-number-generation">10.10.1. Random number generation</a></li>
+</ul>
+</li>
+</ul>
+</li>
+</ul>
+</div>
+<div class="toctree-wrapper compound">
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="appendix/example_header.html">Example header file</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="appendix/example_header.html#psa-crypto-h">psa/crypto.h</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/encodings.html">Algorithm and key type encoding</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="appendix/encodings.html#algorithm-identifier-encoding">Algorithm identifier encoding</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="appendix/encodings.html#algorithm-categories">Algorithm categories</a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/encodings.html#hash-algorithm-encoding">Hash algorithm encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/encodings.html#mac-algorithm-encoding">MAC algorithm encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/encodings.html#cipher-algorithm-encoding">Cipher algorithm encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/encodings.html#aead-algorithm-encoding">AEAD algorithm encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/encodings.html#key-derivation-algorithm-encoding">Key derivation algorithm encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/encodings.html#asymmetric-signature-algorithm-encoding">Asymmetric signature algorithm encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/encodings.html#asymmetric-encryption-algorithm-encoding">Asymmetric encryption algorithm encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/encodings.html#key-agreement-algorithm-encoding">Key agreement algorithm encoding</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="appendix/encodings.html#key-type-encoding">Key type encoding</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="appendix/encodings.html#key-type-categories">Key type categories</a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/encodings.html#raw-key-encoding">Raw key encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/encodings.html#symmetric-key-encoding">Symmetric key encoding</a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/encodings.html#asymmetric-key-encoding">Asymmetric key encoding</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/specdef_values.html">Example macro implementations</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="appendix/specdef_values.html#algorithm-macros">Algorithm macros</a></li>
+<li class="toctree-l2"><a class="reference internal" href="appendix/specdef_values.html#key-type-macros">Key type macros</a></li>
+<li class="toctree-l2"><a class="reference internal" href="appendix/specdef_values.html#hash-suspend-state-macros">Hash suspend state macros</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/sra.html">Security Risk Assessment</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="appendix/sra.html#architecture">Architecture</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="appendix/sra.html#system-definition">System definition</a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/sra.html#assets-and-stakeholders">Assets and stakeholders</a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/sra.html#security-goals">Security goals</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="appendix/sra.html#threat-model">Threat Model</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="appendix/sra.html#adversarial-models">Adversarial models</a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/sra.html#threats-and-attacks">Threats and attacks</a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/sra.html#risk-assessment">Risk assessment</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="appendix/sra.html#mitigations">Mitigations</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="appendix/sra.html#objectives">Objectives</a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/sra.html#requirements">Requirements</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="appendix/sra.html#remediation-residual-risk">Remediation & residual risk</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="appendix/sra.html#implementation-remediations">Implementation remediations</a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/sra.html#residual-risk">Residual risk</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/history.html">Changes to the API</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="appendix/history.html#document-change-history">Document change history</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="appendix/history.html#changes-between-1-0-1-and-1-1-0">Changes between <em>1.0.1</em> and <em>1.1.0</em></a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/history.html#changes-between-1-0-0-and-1-0-1">Changes between <em>1.0.0</em> and <em>1.0.1</em></a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/history.html#changes-between-1-0-beta-3-and-1-0-0">Changes between <em>1.0 beta 3</em> and <em>1.0.0</em></a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/history.html#changes-between-1-0-beta-2-and-1-0-beta-3">Changes between <em>1.0 beta 2</em> and <em>1.0 beta 3</em></a></li>
+<li class="toctree-l3"><a class="reference internal" href="appendix/history.html#changes-between-1-0-beta-1-and-1-0-beta-2">Changes between <em>1.0 beta 1</em> and <em>1.0 beta 2</em></a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="appendix/history.html#planned-changes-for-version-1-1-x">Planned changes for version 1.1.x</a></li>
+<li class="toctree-l2"><a class="reference internal" href="appendix/history.html#future-additions">Future additions</a></li>
+</ul>
+</li>
+</ul>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="#"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="about.html">About this document</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="api/library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="api/keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="api/ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/objects.inv b/docs/1.1.0/html/objects.inv
new file mode 100644
index 0000000..c3db08d
--- /dev/null
+++ b/docs/1.1.0/html/objects.inv
Binary files differ
diff --git a/docs/1.1.0/html/overview/conventions.html b/docs/1.1.0/html/overview/conventions.html
new file mode 100644
index 0000000..9d2d4ea
--- /dev/null
+++ b/docs/1.1.0/html/overview/conventions.html
@@ -0,0 +1,464 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>5. Library conventions — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../_static/jquery.js"></script>
+ <script type="text/javascript" src="../_static/underscore.js"></script>
+ <script type="text/javascript" src="../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../about.html" />
+ <link rel="index" title="Index" href="../genindex.html" />
+ <link rel="search" title="Search" href="../search.html" />
+ <link rel="next" title="6. Implementation considerations" href="implementation.html" />
+ <link rel="prev" title="4. Sample architectures" href="sample-arch.html" />
+
+ <link rel="stylesheet" href="../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="library-conventions">
+<span id="id1"></span><h1>5. Library conventions</h1>
+<div class="section" id="header-files">
+<h2>5.1. Header files</h2>
+<p>The header file for the PSA Cryptography API has the name <code class="file docutils literal"><span class="pre">psa/crypto.h</span></code>. All of the API elements that are provided by an implementation must be visible to an application program that includes this header file.</p>
+<div class="highlight-none"><div class="highlight"><pre><span></span>#include "psa/crypto.h"
+</pre></div>
+</div>
+<p>Implementations must provide their own version of the <code class="file docutils literal"><span class="pre">psa/crypto.h</span></code> header file. Implementations can provide a subset of the API defined in this specification and a subset of the available algorithms. <a class="reference internal" href="../appendix/example_header.html#appendix-example-header"><span class="secref">Example header file</span></a> provides an incomplete, example header file which includes all of the API elements. See also <a class="reference internal" href="implementation.html#implementation-considerations"><span class="secref">Implementation considerations</span></a>.</p>
+<p>This API uses some of the common status codes that are defined by <span><em>Arm® Platform Security Architecture Firmware Framework</em> <a class="reference internal" href="../about.html#citation-ff-m"><span class="cite">[FF-M]</span></a></span> as part of the <code class="file docutils literal"><span class="pre">psa/error.h</span></code> header file. Applications are not required to explicitly include the <code class="file docutils literal"><span class="pre">psa/error.h</span></code> header file when using these status codes with the PSA Crypto API. See <a class="reference internal" href="../api/library/status.html#status-codes"><span class="secref">PSA status codes</span></a>.</p>
+</div>
+<div class="section" id="api-conventions">
+<span id="id2"></span><h2>5.2. API conventions</h2>
+<p>The interface in this specification is defined in terms of C macros, data types, and functions.</p>
+<div class="section" id="identifier-names">
+<h3>5.2.1. Identifier names</h3>
+<p>All of the identifiers defined in this API begin with the prefix <code class="docutils literal"><span class="pre">psa_</span></code>, for types and functions, or <code class="docutils literal"><span class="pre">PSA_</span></code> for macros.</p>
+<p>Future versions of this specification will use the same prefix for additional API elements. It is recommended that applications and implementations do not use this prefix for their own identifiers, to avoid a potential conflict with a future version of the PSA Crypto API.</p>
+</div>
+<div class="section" id="basic-types">
+<h3>5.2.2. Basic types</h3>
+<p>This specification makes use of standard C data types, including the fixed-width integer types from the ISO C99 specification update <a class="reference internal" href="../about.html#citation-c99"><span class="cite">[C99]</span></a>. The following standard C types are used:</p>
+<table border="1" class="colwidths-auto docutils align-left">
+<tbody valign="top">
+<tr class="row-odd"><td><code class="docutils literal"><span class="pre">int32_t</span></code></td>
+<td>a 32-bit signed integer</td>
+</tr>
+<tr class="row-even"><td><code class="docutils literal"><span class="pre">uint8_t</span></code></td>
+<td>an 8-bit unsigned integer</td>
+</tr>
+<tr class="row-odd"><td><code class="docutils literal"><span class="pre">uint16_t</span></code></td>
+<td>a 16-bit unsigned integer</td>
+</tr>
+<tr class="row-even"><td><code class="docutils literal"><span class="pre">uint32_t</span></code></td>
+<td>a 32-bit unsigned integer</td>
+</tr>
+<tr class="row-odd"><td><code class="docutils literal"><span class="pre">uint64_t</span></code></td>
+<td>a 64-bit unsigned integer</td>
+</tr>
+<tr class="row-even"><td><code class="docutils literal"><span class="pre">size_t</span></code></td>
+<td>an unsigned integer large enough to hold the size of an object in memory</td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="section" id="data-types">
+<h3>5.2.3. Data types</h3>
+<p>Integral types are defined for specific API elements to provide clarity in the interface definition, and to improve code readability. For example, <a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a> and <a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_status_t</span></code></a>.</p>
+<p>Structure types are declared using <code class="docutils literal"><span class="pre">typedef</span></code> instead of a <code class="docutils literal"><span class="pre">struct</span></code> tag, also to improve code readability.</p>
+<p>Fully-defined types must be declared exactly as defined in this specification. Types that are not fully defined in this specification must be defined by an implementation. See <a class="reference internal" href="implementation.html#implementation-defined-type"><span class="secref">Implementation-specific types</span></a>.</p>
+</div>
+<div class="section" id="constants">
+<h3>5.2.4. Constants</h3>
+<p>Constant values are defined using C macros. Constants defined in this specification have names that are all upper-case.</p>
+<p>A constant macro evaluates to a compile-time constant expression.</p>
+</div>
+<div class="section" id="function-like-macros">
+<h3>5.2.5. Function-like macros</h3>
+<p>Function-like macros are C macros that take parameters, providing supporting functionality in the API. Function-like macros defined in this specification have names that are all upper-case.</p>
+<p>Function-like macros are permitted to evaluate each argument multiple times or zero times. Providing arguments that have side effects will result in <a class="reference internal" href="../about.html#term-implementation-defined"><span class="scterm">IMPLEMENTATION DEFINED</span></a> behavior, and is non-portable.</p>
+<p>If all of the arguments to a function-like macro are compile-time constant expressions, the then result evaluates to a compile-time constant expression.</p>
+<p>If an argument to a function-like macro has an invalid value (for example, a value outside the domain of the function-like macro), then the result is <a class="reference internal" href="../about.html#term-implementation-defined"><span class="scterm">IMPLEMENTATION DEFINED</span></a>.</p>
+</div>
+<div class="section" id="functions">
+<h3>5.2.6. Functions</h3>
+<p>Functions defined in this specification have names that are all lower-case.</p>
+<p>An implementation is permitted to declare any API function with <code class="docutils literal"><span class="pre">static</span> <span class="pre">inline</span></code> linkage, instead of the default <code class="docutils literal"><span class="pre">extern</span></code> linkage.</p>
+<p>An implementation is permitted to also define a function-like macro with the same name as a function in this specification. If an implementation defines a function-like macro for a function from this specification, then:</p>
+<ul class="simple">
+<li>The implementation must also provide a definition of the function. This enables an application to take the address of a function defined in this specification.</li>
+<li>The function-like macro must expand to code that evaluates each of its arguments exactly once, as if the call was made to a C function. This enables an application to safely use arbitrary expressions as arguments to a function defined in this specification.</li>
+</ul>
+<p>If a non-pointer argument to a function has an invalid value (for example, a value outside the domain of the function), then the function will normally return an error, as specified in the function definition. See also <a class="reference internal" href="#error-handling"><span class="secref">Error handling</span></a>.</p>
+<p>If a pointer argument to a function has an invalid value (for example, a pointer outside the address space of the program, or a null pointer), the result is <a class="reference internal" href="../about.html#term-implementation-defined"><span class="scterm">IMPLEMENTATION DEFINED</span></a>. See also <a class="reference internal" href="#pointer-conventions"><span class="secref">Pointer conventions</span></a>.</p>
+</div>
+</div>
+<div class="section" id="error-handling">
+<span id="id3"></span><h2>5.3. Error handling</h2>
+<div class="section" id="return-status">
+<h3>5.3.1. Return status</h3>
+<p>Almost all functions return a status indication of type <a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_status_t</span></code></a>. This
+is an enumeration of integer values, with <code class="docutils literal"><span class="pre">0</span></code> (<a class="reference internal" href="../api/library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SUCCESS</span></code></a>) indicating
+successful operation and other values indicating errors. The exceptions are
+functions which only access objects that are intended to be implemented as
+simple data structures. Such functions cannot fail and either return
+<code class="docutils literal"><span class="pre">void</span></code> or a data value.</p>
+<p>Unless specified otherwise, if multiple error conditions apply, an
+implementation is free to return any of the applicable error codes. The choice
+of error code is considered an implementation quality issue. Different
+implementations can make different choices, for example to favor code size over
+ease of debugging or vice versa.</p>
+<p>If the behavior is undefined, for example, if a function receives an invalid
+pointer as a parameter, this specification makes no guarantee that the function
+will return an error. Implementations are encouraged to return an error or halt
+the application in a manner that is appropriate for the platform if the
+undefined behavior condition can be detected. However, application developers need to be aware that undefined behavior conditions cannot be detected in general.</p>
+</div>
+<div class="section" id="behavior-on-error">
+<h3>5.3.2. Behavior on error</h3>
+<p>All function calls must be implemented atomically:</p>
+<ul class="simple">
+<li>When a function returns a type other than <a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_status_t</span></code></a>, the requested
+action has been carried out.</li>
+<li>When a function returns the status <a class="reference internal" href="../api/library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SUCCESS</span></code></a>, the requested action has
+been carried out.</li>
+<li>When a function returns another status of type <a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_status_t</span></code></a>, no action
+has been carried out. The content of the output parameters is undefined, but
+otherwise the state of the system has not changed, except as described below.</li>
+</ul>
+<p>In general, functions that modify the system state, for example, creating or
+destroying a key, must leave the system state unchanged if they return an error
+code. There are specific conditions that can result in different behavior:</p>
+<ul class="simple">
+<li>The status <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a> indicates that a parameter was not in a
+valid state for the requested action. This parameter might have been modified
+by the call and is now in an undefined state. The only valid action on an
+object in an undefined state is to abort it with the appropriate
+<code class="docutils literal"><span class="pre">psa_abort_xxx()</span></code> function.</li>
+<li>The status <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_INSUFFICIENT_DATA" title="PSA_ERROR_INSUFFICIENT_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_DATA</span></code></a> indicates that a key
+derivation object has reached its maximum capacity. The key derivation
+operation might have been modified by the call. Any further attempt to obtain
+output from the key derivation operation will return
+<a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_INSUFFICIENT_DATA" title="PSA_ERROR_INSUFFICIENT_DATA"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_DATA</span></code></a>.</li>
+<li>The status <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a> indicates that the
+communication between the application and the cryptoprocessor has broken
+down. In this case, the cryptoprocessor must either finish the requested
+action successfully, or interrupt the action and roll back the system to its
+original state. Because it is often impossible to report the outcome to the
+application after a communication failure, this specification does not
+provide a way for the application to determine whether the action was
+successful.</li>
+<li>The statuses <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a>, <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a>, <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_HARDWARE_FAILURE" title="PSA_ERROR_HARDWARE_FAILURE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_HARDWARE_FAILURE</span></code></a>
+and <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a> might indicate data corruption in the
+system state. When a function returns one of these statuses, the system state
+might have changed from its previous state before the function call, even
+though the function call failed.</li>
+<li>Some system states cannot be rolled back, for example, the internal state of
+the random number generator or the content of access logs.</li>
+</ul>
+<p>Unless otherwise documented, the content of output parameters is not defined
+when a function returns a status other than <a class="reference internal" href="../api/library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_SUCCESS</span></code></a>. It is recommended
+that implementations set output parameters to safe defaults to avoid leaking
+confidential data and limit risk, in case an application does not properly
+handle all errors.</p>
+</div>
+</div>
+<div class="section" id="parameter-conventions">
+<h2>5.4. Parameter conventions</h2>
+<div class="section" id="pointer-conventions">
+<span id="id4"></span><h3>5.4.1. Pointer conventions</h3>
+<p>Unless explicitly stated in the documentation of a function, all pointers must
+be valid pointers to an object of the specified type.</p>
+<p>A parameter is considered a <strong>buffer</strong> if it points to an array of bytes. A
+buffer parameter always has the type <code class="docutils literal"><span class="pre">uint8_t</span> <span class="pre">*</span></code> or <code class="docutils literal"><span class="pre">const</span> <span class="pre">uint8_t</span> <span class="pre">*</span></code>, and
+always has an associated parameter indicating the size of the array. Note that a
+parameter of type <code class="docutils literal"><span class="pre">void</span> <span class="pre">*</span></code> is never considered a buffer.</p>
+<p>All parameters of pointer type must be valid non-null pointers, unless the
+pointer is to a buffer of length <code class="docutils literal"><span class="pre">0</span></code> or the function’s documentation
+explicitly describes the behavior when the pointer is null. Passing a null
+pointer as a function parameter in other cases is expected to abort the caller
+on implementations where this is the normal behavior for a null pointer
+dereference.</p>
+<p>Pointers to input parameters can be in read-only memory. Output parameters must
+be in writable memory. Output parameters that are not buffers must also be
+readable, and the implementation must be able to write to a non-buffer output
+parameter and read back the same value, as explained in
+<a class="reference internal" href="#stability-of-parameters"><span class="secref">Stability of parameters</span></a>.</p>
+</div>
+<div class="section" id="input-buffer-sizes">
+<h3>5.4.2. Input buffer sizes</h3>
+<p>For input buffers, the parameter convention is:</p>
+<dl class="docutils">
+<dt><code class="docutils literal"><span class="pre">const</span> <span class="pre">uint8_t</span> <span class="pre">*foo</span></code></dt>
+<dd>Pointer to the first byte of the data. The pointer
+can be invalid if the buffer size is <code class="docutils literal"><span class="pre">0</span></code>.</dd>
+<dt><code class="docutils literal"><span class="pre">size_t</span> <span class="pre">foo_length</span></code></dt>
+<dd>Size of the buffer in bytes.</dd>
+</dl>
+<p>The interface never uses input-output buffers.</p>
+</div>
+<div class="section" id="output-buffer-sizes">
+<span id="output-buffers"></span><h3>5.4.3. Output buffer sizes</h3>
+<p>For output buffers, the parameter convention is:</p>
+<dl class="docutils">
+<dt><code class="docutils literal"><span class="pre">uint8_t</span> <span class="pre">*foo</span></code></dt>
+<dd>Pointer to the first byte of the data. The pointer can be
+invalid if the buffer size is <code class="docutils literal"><span class="pre">0</span></code>.</dd>
+<dt><code class="docutils literal"><span class="pre">size_t</span> <span class="pre">foo_size</span></code></dt>
+<dd>The size of the buffer in bytes.</dd>
+<dt><code class="docutils literal"><span class="pre">size_t</span> <span class="pre">*foo_length</span></code></dt>
+<dd>On successful return, contains the length of the
+output in bytes.</dd>
+</dl>
+<p>The content of the data buffer and of <code class="docutils literal"><span class="pre">*foo_length</span></code> on errors is unspecified,
+unless explicitly mentioned in the function description. They might be unmodified
+or set to a safe default. On successful completion, the content of the buffer
+between the offsets <code class="docutils literal"><span class="pre">*foo_length</span></code> and <code class="docutils literal"><span class="pre">foo_size</span></code> is also unspecified.</p>
+<p>Functions return <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a> if the buffer size is
+insufficient to carry out the requested operation. The interface defines macros
+to calculate a sufficient buffer size for each operation that has an output
+buffer. These macros return compile-time constants if their arguments are
+compile-time constants, so they are suitable for static or stack allocation.
+Refer to an individual function’s documentation for the associated output size
+macro.</p>
+<p>Some functions always return exactly as much data as the size of the output
+buffer. In this case, the parameter convention changes to:</p>
+<dl class="docutils">
+<dt><code class="docutils literal"><span class="pre">uint8_t</span> <span class="pre">*foo</span></code></dt>
+<dd>Pointer to the first byte of the output. The pointer can be
+invalid if the buffer size is <code class="docutils literal"><span class="pre">0</span></code>.</dd>
+<dt><code class="docutils literal"><span class="pre">size_t</span> <span class="pre">foo_length</span></code></dt>
+<dd>The number of bytes to return in <code class="docutils literal"><span class="pre">foo</span></code> if
+successful.</dd>
+</dl>
+</div>
+<div class="section" id="overlap-between-parameters">
+<span id="buffer-overlap"></span><h3>5.4.4. Overlap between parameters</h3>
+<p>Output parameters that are not buffers must not overlap with any input buffer or
+with any other output parameter. Otherwise, the behavior is undefined.</p>
+<p>Output buffers can overlap with input buffers. In this event, the implementation
+must return the same result as if the buffers did not overlap. The
+implementation must behave as if it had copied all the inputs into temporary
+memory, as far as the result is concerned. However, it is possible that overlap
+between parameters will affect the performance of a function call. Overlap might
+also affect memory management security if the buffer is located in memory that
+the caller shares with another security context, as described in
+<a class="reference internal" href="#stability-of-parameters"><span class="secref">Stability of parameters</span></a>.</p>
+</div>
+<div class="section" id="stability-of-parameters">
+<span id="id5"></span><h3>5.4.5. Stability of parameters</h3>
+<p>In some environments, it is possible for the content of a parameter to change
+while a function is executing. It might also be possible for the content of an
+output parameter to be read before the function terminates. This can happen if
+the application is multithreaded. In some implementations, memory can be shared
+between security contexts, for example, between tasks in a multitasking
+operating system, between a user land task and the kernel, or between the
+Non-secure world and the Secure world of a trusted execution environment.</p>
+<p>This section describes the assumptions that an implementation can make about
+function parameters, and the guarantees that the implementation must provide
+about how it accesses parameters.</p>
+<p>Parameters that are not buffers are assumed to be under the caller’s full
+control. In a shared memory environment, this means that the parameter must be
+in memory that is exclusively accessible by the application. In a multithreaded
+environment, this means that the parameter must not be modified during the
+execution, and the value of an output parameter is undetermined until the
+function returns. The implementation can read an input parameter that is not a
+buffer multiple times and expect to read the same data. The implementation can
+write to an output parameter that is not a buffer and expect to read back the
+value that it last wrote. The implementation has the same permissions on buffers
+that overlap with a buffer in the opposite direction.</p>
+<p>In an environment with multiple threads or with shared memory, the
+implementation carefully accesses non-overlapping buffer parameters in order to
+prevent any security risk resulting from the content of the buffer being
+modified or observed during the execution of the function. In an input buffer
+that does not overlap with an output buffer, the implementation reads each byte
+of the input once, at most. The implementation does not read from an output
+buffer that does not overlap with an input buffer. Additionally, the
+implementation does not write data to a non-overlapping output buffer if this
+data is potentially confidential and the implementation has not yet verified
+that outputting this data is authorized.</p>
+<p>Unless otherwise specified, the implementation must not keep a reference to any
+parameter once a function call has returned.</p>
+</div>
+</div>
+<div class="section" id="key-types-and-algorithms">
+<h2>5.5. Key types and algorithms</h2>
+<p>Types of cryptographic keys and cryptographic algorithms are encoded separately.
+Each is encoded by using an integral type: <a class="reference internal" href="../api/keys/types.html#c.psa_key_type_t" title="psa_key_type_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_type_t</span></code></a> and
+<a class="reference internal" href="../api/ops/algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_algorithm_t</span></code></a>, respectively.</p>
+<p>There is some overlap in the information conveyed by key types and algorithms.
+Both types contain enough information, so that the meaning of an algorithm type
+value does not depend on what type of key it is used with, and vice versa.
+However, the particular instance of an algorithm might depend on the key type. For
+example, the algorithm <a class="reference internal" href="../api/ops/aead.html#c.PSA_ALG_GCM" title="PSA_ALG_GCM"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_GCM</span></code></a> can be instantiated as any AEAD algorithm
+using the GCM mode over a block cipher. The underlying block cipher is
+determined by the key type.</p>
+<p>Key types do not encode the key size. For example, AES-128, AES-192 and AES-256
+share a key type <a class="reference internal" href="../api/keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_TYPE_AES</span></code></a>.</p>
+<div class="section" id="structure-of-key-types-and-algorithms">
+<h3>5.5.1. Structure of key types and algorithms</h3>
+<p>Both types use a partial bitmask structure, which allows the analysis and
+building of values from parts. However, the interface defines constants, so that
+applications do not need to depend on the encoding, and an implementation might
+only care about the encoding for code size optimization.</p>
+<p>The encodings follows a few conventions:</p>
+<ul class="simple">
+<li>The highest bit is a vendor flag. Current and future versions of this
+specification will only define values where this bit is clear.
+Implementations that wish to define additional implementation-specific values
+must use values where this bit is set, to avoid conflicts with future
+versions of this specification.</li>
+<li>The next few highest bits indicate the algorithm or key category:
+hash, MAC, symmetric cipher, asymmetric encryption, and so on.</li>
+<li>The following bits identify a family of algorithms or keys in a category-dependent
+manner.</li>
+<li>In some categories and algorithm families, the lowest-order bits indicate a
+variant in a systematic way. For example, algorithm families that are
+parametrized around a hash function encode the hash in the 8 lowest bits.</li>
+</ul>
+<p>The <a class="reference internal" href="../appendix/encodings.html#appendix-encodings"><span class="secref">Algorithm and key type encoding</span></a> appendix provides a full definition of the encoding of key types and algorithm identifiers.</p>
+</div>
+</div>
+<div class="section" id="concurrent-calls">
+<span id="concurrency"></span><h2>5.6. Concurrent calls</h2>
+<p>In some environments, an application can make calls to the PSA crypto API in
+separate threads. In such an environment, <em>concurrent calls</em> are two or more
+calls to the API whose execution can overlap in time.</p>
+<p>Concurrent calls are performed correctly, as if the calls were executed in
+sequence, provided that they obey the following constraints:</p>
+<ul class="simple">
+<li>There is no overlap between an output parameter of one call and an input or
+output parameter of another call. Overlap between input parameters is
+permitted.</li>
+<li>A call to destroy a key must not overlap with a concurrent call to any of
+the following functions:<ul>
+<li>Any call where the same key identifier is a parameter to the call.</li>
+<li>Any call in a multi-part operation, where the same key identifier was
+used as a parameter to a previous step in the multi-part operation.</li>
+</ul>
+</li>
+<li>Concurrent calls must not use the same operation object.</li>
+</ul>
+<p>If any of these constraints are violated, the behavior is undefined.</p>
+<p>If the application modifies an input parameter while a function call is in
+progress, the behavior is undefined.</p>
+<p>Individual implementations can provide additional guarantees.</p>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1 current"><a class="current reference internal" href="#">5. Library conventions</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="#header-files">5.1. Header files</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#api-conventions">5.2. API conventions</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#identifier-names">5.2.1. Identifier names</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#basic-types">5.2.2. Basic types</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#data-types">5.2.3. Data types</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#constants">5.2.4. Constants</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#function-like-macros">5.2.5. Function-like macros</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#functions">5.2.6. Functions</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#error-handling">5.3. Error handling</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#return-status">5.3.1. Return status</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#behavior-on-error">5.3.2. Behavior on error</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#parameter-conventions">5.4. Parameter conventions</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#pointer-conventions">5.4.1. Pointer conventions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#input-buffer-sizes">5.4.2. Input buffer sizes</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#output-buffer-sizes">5.4.3. Output buffer sizes</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#overlap-between-parameters">5.4.4. Overlap between parameters</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#stability-of-parameters">5.4.5. Stability of parameters</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#key-types-and-algorithms">5.5. Key types and algorithms</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#structure-of-key-types-and-algorithms">5.5.1. Structure of key types and algorithms</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#concurrent-calls">5.6. Concurrent calls</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/overview/functionality.html b/docs/1.1.0/html/overview/functionality.html
new file mode 100644
index 0000000..0658fa6
--- /dev/null
+++ b/docs/1.1.0/html/overview/functionality.html
@@ -0,0 +1,397 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>3. Functionality overview — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../_static/jquery.js"></script>
+ <script type="text/javascript" src="../_static/underscore.js"></script>
+ <script type="text/javascript" src="../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../about.html" />
+ <link rel="index" title="Index" href="../genindex.html" />
+ <link rel="search" title="Search" href="../search.html" />
+ <link rel="next" title="4. Sample architectures" href="sample-arch.html" />
+ <link rel="prev" title="2. Design goals" href="goals.html" />
+
+ <link rel="stylesheet" href="../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="functionality-overview">
+<span id="id1"></span><h1>3. Functionality overview</h1>
+<p>This section provides a high-level overview of the functionality provided by the
+interface defined in this specification. Refer to the
+API definition for a detailed description, which begins with <a class="reference internal" href="../api/library/index.html#library-management"><span class="secref">Library management reference</span></a>.</p>
+<p><a class="reference internal" href="../appendix/history.html#future"><span class="secref">Future additions</span></a> describes features that might be included in future versions of this
+specification.</p>
+<p>Due to the modularity of the interface, almost every part of the library is
+optional. The only mandatory function is <a class="reference internal" href="../api/library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>.</p>
+<div class="section" id="library-management">
+<h2>3.1. Library management</h2>
+<p>Applications must call <a class="reference internal" href="../api/library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a> to initialize the library before
+using any other function.</p>
+</div>
+<div class="section" id="key-management">
+<span id="key-overview"></span><h2>3.2. Key management</h2>
+<p>Applications always access keys indirectly via an identifier, and can perform
+operations using a key without accessing the key material. This allows keys to
+be <em>non-extractable</em>, where an application can use a key but is not permitted to
+obtain the key material. Non-extractable keys are bound to the device, can be
+rate-limited and can have their usage restricted by policies.</p>
+<p>Each key has a set of attributes that describe the key and the policy for using
+the key. A <a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_attributes_t</span></code></a> object contains all of the attributes, which
+is used when creating a key and when querying key attributes.</p>
+<p>The key attributes include:</p>
+<ul class="simple">
+<li>A type and size that describe the key material. See <a class="reference internal" href="#key-types-intro"><span class="secref">Key types</span></a>.</li>
+<li>The key identifier that the application uses to refer to the key. See <a class="reference internal" href="#key-ids"><span class="secref">Key identifiers</span></a>.</li>
+<li>A lifetime that determines when the key material is destroyed, and where it is stored. See <a class="reference internal" href="#key-life"><span class="secref">Key lifetimes</span></a>.</li>
+<li>A policy that determines how the key can be used. See <a class="reference internal" href="#key-usage-policies"><span class="secref">Key policies</span></a>.</li>
+</ul>
+<p>Keys are created using one of the <em>key creation functions</em>:</p>
+<ul class="simple">
+<li><a class="reference internal" href="../api/keys/management.html#c.psa_import_key" title="psa_import_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_import_key()</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/management.html#c.psa_generate_key" title="psa_generate_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_generate_key()</span></code></a></li>
+<li><a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a></li>
+<li><a class="reference internal" href="../api/keys/management.html#c.psa_copy_key" title="psa_copy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_copy_key()</span></code></a></li>
+</ul>
+<p>These output the key identifier, that is used to access the key in all other parts of the API.</p>
+<p>All of the key attributes are set when the key is created and cannot be changed
+without destroying the key first. If the original key permits copying, then the
+application can specify a different lifetime or restricted policy for the
+copy of the key.</p>
+<p>A call to <a class="reference internal" href="../api/keys/management.html#c.psa_destroy_key" title="psa_destroy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_destroy_key()</span></code></a> destroys the key material, and will cause any active
+operations that are using the key to fail. Therefore an application must not
+destroy a key while an operation using that key is in progress, unless the
+application is prepared to handle a failure of the operation.</p>
+<div class="section" id="key-types">
+<span id="key-types-intro"></span><h3>3.2.1. Key types</h3>
+<p>Each cryptographic algorithm requires a key that has the right form, in terms of the size of the key material and its numerical properties. The key type and key size encode that information about a key, and determine whether the key is compatible with a cryptographic algorithm.</p>
+<p>Additional non-cryptographic key types enable applications to store other secret values in the keystore.</p>
+<p>See <a class="reference internal" href="../api/keys/types.html#key-types"><span class="secref">Key types</span></a>.</p>
+</div>
+<div class="section" id="key-identifiers">
+<span id="key-ids"></span><h3>3.2.2. Key identifiers</h3>
+<p>Key identifiers are integral values that act as permanent names for persistent keys, or as transient references to volatile keys. Key identifiers are defined by the application for persistent keys, and by the implementation for volatile keys and for built-in keys.</p>
+<p>Key identifiers are output from a successful call to one of the key creation functions.</p>
+<p>Valid key identifiers must have distinct values within the same application. If
+the implementation provides <a class="reference internal" href="../about.html#term-caller-isolation"><span class="term">caller isolation</span></a>, then key
+identifiers are local to each application.</p>
+<p>See <a class="reference internal" href="../api/keys/ids.html#key-identifiers"><span class="secref">Key identifiers</span></a>.</p>
+</div>
+<div class="section" id="key-lifetimes">
+<span id="key-life"></span><h3>3.2.3. Key lifetimes</h3>
+<p>The lifetime of a key indicates where it is stored and which application and system actions will create and destroy it.</p>
+<p>There are two main types of lifetimes: <em>volatile</em> and <em>persistent</em>.</p>
+<p>Volatile keys are automatically destroyed when the application instance terminates or on a power reset of the device. Volatile key identifiers are allocated by the implementation when the key is created. Volatile keys can be explicitly destroyed with a call to <a class="reference internal" href="../api/keys/management.html#c.psa_destroy_key" title="psa_destroy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_destroy_key()</span></code></a>.</p>
+<p>Persistent keys are preserved until the application explicitly destroys them or until an implementation-specific device management event occurs, for example, a factory reset. The key identifier for a persistent key is set by the application when creating the key, and remains valid throughout the lifetime of the key, even if the application instance that created the key terminates.</p>
+<p>See <a class="reference internal" href="../api/keys/lifetimes.html#key-lifetimes"><span class="secref">Key lifetimes</span></a>.</p>
+</div>
+<div class="section" id="key-policies">
+<span id="key-usage-policies"></span><h3>3.2.4. Key policies</h3>
+<p>All keys have an associated policy that regulates which operations are permitted on the key. Each key policy is a set of usage flags and a specific algorithm that is permitted with the key. See <a class="reference internal" href="../api/keys/policy.html#key-policy"><span class="secref">Key policies</span></a>.</p>
+</div>
+<div class="section" id="recommendations-of-minimum-standards-for-key-management">
+<h3>3.2.5. Recommendations of minimum standards for key management</h3>
+<p>Most implementations provide the following functions:</p>
+<ul class="simple">
+<li><a class="reference internal" href="../api/keys/management.html#c.psa_import_key" title="psa_import_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_import_key()</span></code></a>. The exceptions are implementations that only give access
+to a key or keys that are provisioned by proprietary means, and do not allow
+the main application to use its own cryptographic material.</li>
+<li><a class="reference internal" href="../api/keys/attributes.html#c.psa_get_key_attributes" title="psa_get_key_attributes"><code class="xref any c c-func docutils literal"><span class="pre">psa_get_key_attributes()</span></code></a> and the <code class="docutils literal"><span class="pre">psa_get_key_xxx()</span></code> accessor functions.
+They are easy to implement, and it is difficult to write applications and to
+diagnose issues without being able to check the metadata.</li>
+<li><a class="reference internal" href="../api/keys/management.html#c.psa_export_public_key" title="psa_export_public_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_public_key()</span></code></a>. This function is usually provided if the
+implementation supports any asymmetric algorithm, since public-key
+cryptography often requires the delivery of a public key that is associated
+with a protected private key.</li>
+<li><a class="reference internal" href="../api/keys/management.html#c.psa_export_key" title="psa_export_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_export_key()</span></code></a>. However, highly constrained implementations that are
+designed to work only with short-term keys, or only with long-term
+non-extractable keys, do not need to provide this function.</li>
+</ul>
+</div>
+</div>
+<div class="section" id="symmetric-cryptography">
+<h2>3.3. Symmetric cryptography</h2>
+<p>This specification defines interfaces for the following types of symmetric
+cryptographic operation:</p>
+<ul class="simple">
+<li>Message digests, commonly known as hash functions. See <a class="reference internal" href="../api/ops/hashes.html#hashes"><span class="secref">Message digests (Hashes)</span></a>.</li>
+<li>Message authentication codes (MAC). See <a class="reference internal" href="../api/ops/macs.html#macs"><span class="secref">Message authentication codes (MAC)</span></a>.</li>
+<li>Symmetric ciphers. See <a class="reference internal" href="../api/ops/ciphers.html#ciphers"><span class="secref">Unauthenticated ciphers</span></a>.</li>
+<li>Authenticated encryption with associated data (AEAD). See <a class="reference internal" href="../api/ops/aead.html#aead"><span class="secref">Authenticated encryption with associated data (AEAD)</span></a>.</li>
+<li>Key derivation. See <a class="reference internal" href="../api/ops/kdf.html#kdf"><span class="secref">Key derivation</span></a>.</li>
+</ul>
+<p>For each type of symmetric cryptographic operation, the API can include:</p>
+<ul class="simple">
+<li>A pair of <em>single-part</em> functions. For example, compute and verify, or
+encrypt and decrypt.</li>
+<li>A series of functions that permit <em>multi-part operations</em>.</li>
+</ul>
+<p>Key derivation only provides multi-part operation, to support the flexibility required by these type of algorithms.</p>
+<div class="section" id="single-part-functions">
+<h3>3.3.1. Single-part Functions</h3>
+<p>Single-part functions are APIs that implement the cryptographic operation in a
+single function call. This is the easiest API to use when all of the inputs and
+outputs fit into the application memory.</p>
+<p>Some use cases involve messages that are too large to be assembled in memory, or
+require non-default configuration of the algorithm. These use cases require the
+use of a <a class="reference internal" href="#multi-part-operations"><span class="std std-ref">multi-part operation</span></a>.</p>
+</div>
+<div class="section" id="multi-part-operations">
+<span id="id2"></span><h3>3.3.2. Multi-part operations</h3>
+<p>Multi-part operations are APIs which split a single cryptographic operation into
+a sequence of separate steps. This enables fine control over the configuration
+of the cryptographic operation, and allows the message data to be processed in
+fragments instead of all at once. For example, the following situations require
+the use of a multi-part operation:</p>
+<ul class="simple">
+<li>Processing messages that cannot be assembled in memory.</li>
+<li>Using a deterministic IV for unauthenticated encryption.</li>
+<li>Providing the IV separately for unauthenticated encryption or decryption.</li>
+<li>Separating the AEAD authentication tag from the cipher text.</li>
+</ul>
+<p>Each multi-part operation defines a specific object type to maintain the state
+of the operation. These types are implementation-defined. All multi-part
+operations follow the same pattern of use:</p>
+<ol class="arabic">
+<li><p class="first"><strong>Allocate:</strong> Allocate memory for an operation object of the appropriate
+type. The application can use any allocation strategy: stack, heap, static, etc.</p>
+</li>
+<li><p class="first"><strong>Initialize:</strong> Initialize or assign the operation object by one of the
+following methods:</p>
+<ul class="simple">
+<li>Set it to logical zero. This is automatic for static and global
+variables. Explicit initialization must use the associated
+<code class="docutils literal"><span class="pre">PSA_xxx_INIT</span></code> macro as the type is implementation-defined.</li>
+<li>Set it to all-bits zero. This is automatic if the object was
+allocated with <code class="docutils literal"><span class="pre">calloc()</span></code>.</li>
+<li>Assign the value of the associated macro <code class="docutils literal"><span class="pre">PSA_xxx_INIT</span></code>.</li>
+<li>Assign the result of calling the associated function
+<code class="docutils literal"><span class="pre">psa_xxx_init()</span></code>.</li>
+</ul>
+<p>The resulting object is now <em>inactive</em>.</p>
+<p>It is an error to initialize an operation object that is in <em>active</em> or
+<em>error</em> states. This can leak memory or other resources.</p>
+</li>
+<li><p class="first"><strong>Setup:</strong> Start a new multi-part operation on an <em>inactive</em> operation
+object. Each operation object will define one or more setup functions to
+start a specific operation.</p>
+<p>On success, a setup function will put an operation object into an <em>active</em>
+state. On failure, the operation object will remain <em>inactive</em>.</p>
+</li>
+<li><p class="first"><strong>Update:</strong> Update an <em>active</em> operation object. The update function can
+provide additional parameters, supply data for processing or generate
+outputs.</p>
+<p>On success, the operation object remains <em>active</em>. On failure, the
+operation object will enter an <em>error</em> state.</p>
+</li>
+<li><p class="first"><strong>Finish:</strong> To end the operation, call the applicable finishing function.
+This will take any final inputs, produce any final outputs, and then
+release any resources associated with the operation.</p>
+<p>On success, the operation object returns to the <em>inactive</em> state. On
+failure, the operation object will enter an <em>error</em> state.</p>
+</li>
+</ol>
+<p>An operation can be aborted at any stage during its use by calling the
+associated <code class="docutils literal"><span class="pre">psa_xxx_abort()</span></code> function. This will release any resources
+associated with the operation and return the operation object to the <em>inactive</em>
+state.</p>
+<p>Any error that occurs to an operation while it is in an <em>active</em> state will
+result in the operation entering an <em>error</em> state. The application must call the
+associated <code class="docutils literal"><span class="pre">psa_xxx_abort()</span></code> function to release the operation resources and
+return the object to the <em>inactive</em> state.</p>
+<p>Once an operation object is returned to the <em>inactive</em> state, it can be reused
+by calling one of the applicable setup functions again.</p>
+<p>If a multi-part operation object is not initialized before use, the behavior is
+undefined.</p>
+<p>If a multi-part operation function determines that the operation object is not in
+any valid state, it can return <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a>.</p>
+<p>If a multi-part operation function is called with an operation object in the
+wrong state, the function will return <a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a> and the operation
+object will enter the <em>error</em> state.</p>
+<p>It is safe to move a multi-part operation object to a different memory location,
+for example, using a bitwise copy, and then to use the object in the new
+location. For example, an application can allocate an operation object on the
+stack and return it, or the operation object can be allocated within memory
+managed by a garbage collector. However, this does not permit the following
+behaviors:</p>
+<ul class="simple">
+<li>Moving the object while a function is being called on the object. This is
+not safe. See also <a class="reference internal" href="conventions.html#concurrency"><span class="secref">Concurrent calls</span></a>.</li>
+<li>Working with both the original and the copied operation objects. This
+requires cloning the operation, which is only available for hash operations
+using <a class="reference internal" href="../api/ops/hashes.html#c.psa_hash_clone" title="psa_hash_clone"><code class="xref any c c-func docutils literal"><span class="pre">psa_hash_clone()</span></code></a>.</li>
+</ul>
+<p>Each type of multi-part operation can have multiple <em>active</em> states.
+Documentation for the specific operation describes the configuration and update
+functions, and any requirements about their usage and ordering.</p>
+</div>
+<div class="section" id="example-of-the-symmetric-cryptography-api">
+<span id="symmetric-crypto-example"></span><h3>3.3.3. Example of the symmetric cryptography API</h3>
+<p>Here is an example of a use case where a master key is used to generate both a
+message encryption key and an IV for the encryption, and the derived key and IV
+are then used to encrypt a message.</p>
+<ol class="arabic simple">
+<li>Derive the message encryption material from the master key.<ol class="loweralpha">
+<li>Initialize a <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_operation_t" title="psa_key_derivation_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_derivation_operation_t</span></code></a> object to zero or to
+<a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_OPERATION_INIT" title="PSA_KEY_DERIVATION_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_OPERATION_INIT</span></code></a>.</li>
+<li>Call <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_setup" title="psa_key_derivation_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_setup()</span></code></a> with <a class="reference internal" href="../api/ops/kdf.html#c.PSA_ALG_HKDF" title="PSA_ALG_HKDF"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ALG_HKDF</span></code></a> as the algorithm.</li>
+<li>Call <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_input_key" title="psa_key_derivation_input_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_key()</span></code></a> with the step
+<a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_SECRET" title="PSA_KEY_DERIVATION_INPUT_SECRET"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_SECRET</span></code></a> and the master key.</li>
+<li>Call <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_input_bytes" title="psa_key_derivation_input_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_input_bytes()</span></code></a> with the step
+<a class="reference internal" href="../api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_INFO" title="PSA_KEY_DERIVATION_INPUT_INFO"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_DERIVATION_INPUT_INFO</span></code></a> and a public value that uniquely
+identifies the message.</li>
+<li>Populate a <a class="reference internal" href="../api/keys/attributes.html#c.psa_key_attributes_t" title="psa_key_attributes_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_key_attributes_t</span></code></a> object with the derived message
+encryption key’s attributes.</li>
+<li>Call <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_output_key" title="psa_key_derivation_output_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_key()</span></code></a> to create the derived message key.</li>
+<li>Call <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_output_bytes" title="psa_key_derivation_output_bytes"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_output_bytes()</span></code></a> to generate the derived IV.</li>
+<li>Call <a class="reference internal" href="../api/ops/kdf.html#c.psa_key_derivation_abort" title="psa_key_derivation_abort"><code class="xref any c c-func docutils literal"><span class="pre">psa_key_derivation_abort()</span></code></a> to release the key derivation operation
+memory.</li>
+</ol>
+</li>
+<li>Encrypt the message with the derived material.<ol class="loweralpha">
+<li>Initialize a <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_operation_t" title="psa_cipher_operation_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_cipher_operation_t</span></code></a> object to zero or to
+<a class="reference internal" href="../api/ops/ciphers.html#c.PSA_CIPHER_OPERATION_INIT" title="PSA_CIPHER_OPERATION_INIT"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_CIPHER_OPERATION_INIT</span></code></a>.</li>
+<li>Call <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_encrypt_setup" title="psa_cipher_encrypt_setup"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_encrypt_setup()</span></code></a> with the derived message encryption key.</li>
+<li>Call <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_set_iv" title="psa_cipher_set_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_set_iv()</span></code></a> using the derived IV retrieved above.</li>
+<li>Call <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_update" title="psa_cipher_update"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_update()</span></code></a> one or more times to encrypt the message.</li>
+<li>Call <a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_finish" title="psa_cipher_finish"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_finish()</span></code></a> at the end of the message.</li>
+</ol>
+</li>
+<li>Call <a class="reference internal" href="../api/keys/management.html#c.psa_destroy_key" title="psa_destroy_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_destroy_key()</span></code></a> to clear the generated key.</li>
+</ol>
+</div>
+</div>
+<div class="section" id="asymmetric-cryptography">
+<h2>3.4. Asymmetric cryptography</h2>
+<p>This specification defines interfaces for the following types of asymmetric cryptographic operation:</p>
+<ul class="simple">
+<li>Asymmetric encryption (also known as public key encryption). See <a class="reference internal" href="../api/ops/pke.html#pke"><span class="secref">Asymmetric encryption</span></a>.</li>
+<li>Asymmetric signature. See <a class="reference internal" href="../api/ops/sign.html#sign"><span class="secref">Asymmetric signature</span></a>.</li>
+<li>Two-way key agreement (also known as key establishment). See <a class="reference internal" href="../api/ops/ka.html#key-agreement"><span class="secref">Key agreement</span></a>.</li>
+</ul>
+<p>For asymmetric encryption and signature, the API provides <em>single-part</em> functions. For key agreement, the API provides a single-part function and an additional input method for a key derivation operation.</p>
+</div>
+<div class="section" id="randomness-and-key-generation">
+<h2>3.5. Randomness and key generation</h2>
+<p>We strongly recommended that implementations include a random generator,
+consisting of a cryptographically secure pseudo-random generator (CSPRNG), which
+is adequately seeded with a cryptographic-quality hardware entropy source,
+commonly referred to as a true random number generator (TRNG). Constrained
+implementations can omit the random generation functionality if they do not
+implement any algorithm that requires randomness internally, and they do not
+provide a key generation functionality. For example, a special-purpose component
+for signature verification can omit this.</p>
+<p>It is recommended that applications use <a class="reference internal" href="../api/keys/management.html#c.psa_generate_key" title="psa_generate_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_generate_key()</span></code></a>,
+<a class="reference internal" href="../api/ops/ciphers.html#c.psa_cipher_generate_iv" title="psa_cipher_generate_iv"><code class="xref any c c-func docutils literal"><span class="pre">psa_cipher_generate_iv()</span></code></a> or <a class="reference internal" href="../api/ops/aead.html#c.psa_aead_generate_nonce" title="psa_aead_generate_nonce"><code class="xref any c c-func docutils literal"><span class="pre">psa_aead_generate_nonce()</span></code></a> to generate
+suitably-formatted random data, as applicable. In addition, the API includes a
+function <a class="reference internal" href="../api/ops/rng.html#c.psa_generate_random" title="psa_generate_random"><code class="xref any c c-func docutils literal"><span class="pre">psa_generate_random()</span></code></a> to generate and extract arbitrary random data.</p>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="goals.html">2. Design goals</a></li>
+<li class="toctree-l1 current"><a class="current reference internal" href="#">3. Functionality overview</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="#library-management">3.1. Library management</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#key-management">3.2. Key management</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#key-types">3.2.1. Key types</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#key-identifiers">3.2.2. Key identifiers</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#key-lifetimes">3.2.3. Key lifetimes</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#key-policies">3.2.4. Key policies</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#recommendations-of-minimum-standards-for-key-management">3.2.5. Recommendations of minimum standards for key management</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#symmetric-cryptography">3.3. Symmetric cryptography</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#single-part-functions">3.3.1. Single-part Functions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#multi-part-operations">3.3.2. Multi-part operations</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#example-of-the-symmetric-cryptography-api">3.3.3. Example of the symmetric cryptography API</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#asymmetric-cryptography">3.4. Asymmetric cryptography</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#randomness-and-key-generation">3.5. Randomness and key generation</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/overview/goals.html b/docs/1.1.0/html/overview/goals.html
new file mode 100644
index 0000000..67fb281
--- /dev/null
+++ b/docs/1.1.0/html/overview/goals.html
@@ -0,0 +1,295 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>2. Design goals — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../_static/jquery.js"></script>
+ <script type="text/javascript" src="../_static/underscore.js"></script>
+ <script type="text/javascript" src="../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../about.html" />
+ <link rel="index" title="Index" href="../genindex.html" />
+ <link rel="search" title="Search" href="../search.html" />
+ <link rel="next" title="3. Functionality overview" href="functionality.html" />
+ <link rel="prev" title="1. Introduction" href="intro.html" />
+
+ <link rel="stylesheet" href="../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="design-goals">
+<span id="id1"></span><h1>2. Design goals</h1>
+<div class="section" id="suitable-for-constrained-devices">
+<span id="scalable"></span><h2>2.1. Suitable for constrained devices</h2>
+<p>The interface is suitable for a vast range of devices: from special-purpose
+cryptographic processors that process data with a built-in key, to constrained
+devices running custom application code, such as microcontrollers, and
+multi-application devices, such as servers. Consequentially, the interface is
+scalable and modular.</p>
+<ul class="simple">
+<li><em>Scalable</em>: devices only need to implement the functionality that they will
+use.</li>
+<li><em>Modular</em>: larger devices implement larger subsets of the same interface,
+rather than different interfaces.</li>
+</ul>
+<p>In this interface, all operations on unbounded amounts of data
+allow <em>multi-part</em> processing, as long as the calculations on the data are
+performed in a streaming manner. This means that the application does not need
+to store the whole message in memory at one time. As a result, this
+specification is suitable for very constrained devices, including those where
+memory is very limited.</p>
+<p>Memory outside the keystore boundary is managed by the application. An
+implementation of the interface is not required to retain any state between
+function calls, apart from the content of the keystore and other data that must
+be kept inside the keystore security boundary.</p>
+<p>The interface does not expose the representation of keys and intermediate data,
+except when required for interchange. This allows each implementation to choose
+optimal data representations. Implementations with multiple components are also
+free to choose which memory area to use for internal data.</p>
+</div>
+<div class="section" id="a-keystore-interface">
+<span id="keystore"></span><h2>2.2. A keystore interface</h2>
+<p>The specification allows cryptographic operations to be performed on a key to
+which the application does not have direct access. Except where required for
+interchange, applications access all keys indirectly, by an identifier. The key
+material corresponding to that identifier can reside inside a security boundary
+that prevents it from being extracted, except as permitted by a policy that is
+defined when the key is created.</p>
+</div>
+<div class="section" id="optional-isolation">
+<span id="isolation"></span><h2>2.3. Optional isolation</h2>
+<p>Implementations can isolate the cryptoprocessor from the calling application,
+and can further isolate multiple calling applications. The interface allows the
+implementation to be separated between a frontend and a backend. In an isolated
+implementation, the frontend is the part of the implementation that is located
+in the same isolation boundary as the application, which the application
+accesses by function calls. The backend is the part of the implementation that
+is located in a different environment, which is protected from the frontend.
+Various technologies can provide protection, for example:</p>
+<ul class="simple">
+<li>Process isolation in an operating system.</li>
+<li>Partition isolation, either with a virtual machine or a partition manager.</li>
+<li>Physical separation between devices.</li>
+</ul>
+<p>Communication between the frontend and backend is beyond the scope of this
+specification.</p>
+<p>In an isolated implementation, the backend can serve more than one
+implementation instance. In this case, a single backend communicates with
+multiple instances of the frontend. The backend must enforce <a class="reference internal" href="../about.html#term-caller-isolation"><span class="term">caller isolation</span></a>:
+it must ensure that assets of one frontend are not visible to any
+other frontend. The mechanism for identifying callers is beyond the scope of this
+specification. An implementation that provides caller isolation must document
+the identification mechanism. An implementation that provides caller isolation must
+document any implementation-specific extension of the API that enables frontend
+instances to share data in any form.</p>
+<p>An isolated implementation that only has a single frontend provides <a class="reference internal" href="../about.html#term-cryptoprocessor-isolation"><span class="term">cryptoprocessor isolation</span></a>.</p>
+<p>In summary, there are three types of implementation:</p>
+<ul class="simple">
+<li><a class="reference internal" href="../about.html#term-no-isolation"><span class="term">No isolation</span></a>: there is no security boundary between the application and the
+cryptoprocessor. For example, a statically or dynamically linked library is
+an implementation with no isolation.</li>
+<li><a class="reference internal" href="../about.html#term-cryptoprocessor-isolation"><span class="term">Cryptoprocessor isolation</span></a>: there is a security boundary between the
+application and the cryptoprocessor, but the cryptoprocessor does not
+communicate with other applications. For example, a cryptoprocessor chip that
+is a companion to an application processor is an implementation with
+cryptoprocessor isolation.</li>
+<li><a class="reference internal" href="../about.html#term-caller-isolation"><span class="term">Caller isolation</span></a>: there are multiple application instances, with a security
+boundary between the application instances among themselves, as well as
+between the cryptoprocessor and the application instances. For example, a
+cryptography service in a multiprocess environment is an implementation with
+caller and cryptoprocessor isolation.</li>
+</ul>
+</div>
+<div class="section" id="choice-of-algorithms">
+<span id="algorithm-agility"></span><h2>2.4. Choice of algorithms</h2>
+<p>The specification defines a low-level cryptographic interface, where the caller
+explicitly chooses which algorithm and which security parameters they use. This
+is necessary to implement protocols that are inescapable in various use cases.
+The design of the interface enables applications to implement widely-used
+protocols and data exchange formats, as well as custom ones.</p>
+<p>As a consequence, all cryptographic functionality operates according to the
+precise algorithm specified by the caller. However, this does not apply to
+device-internal functionality, which does not involve any form of
+interoperability, such as random number generation. The specification does not
+include generic higher-level interfaces, where the implementation chooses the
+best algorithm for a purpose. However, higher-level libraries can be built on
+top of the PSA Crypto API.</p>
+<p>Another consequence is that the specification permits the use of algorithms, key
+sizes and other parameters that, while known to be insecure, might be necessary to
+support legacy protocols or legacy data. Where major weaknesses are known, the
+algorithm descriptions give applicable warnings. However, the lack of a warning
+both does not and cannot indicate that an algorithm is secure in all circumstances.
+Application developers need to research the security of the protocols and
+algorithms that they plan to use to determine if these meet their requirements.</p>
+<p>The interface facilitates algorithm agility. As a consequence, cryptographic
+primitives are presented through generic functions with a parameter indicating
+the specific choice of algorithm. For example, there is a single function to
+calculate a message digest, which takes a parameter that identifies the specific
+hash algorithm.</p>
+</div>
+<div class="section" id="ease-of-use">
+<span id="usability"></span><h2>2.5. Ease of use</h2>
+<p>The interface is designed to be as user-friendly as possible, given the
+aforementioned constraints on suitability for various types of devices and on
+the freedom to choose algorithms.</p>
+<p>In particular, the code flows are designed to reduce the risk of dangerous
+misuse. The interface is designed in part to make it harder to misuse. Where
+possible, it is designed so that
+typical mistakes result in test failures, rather than subtle security issues.
+Implementations avoid leaking data when a function is called with invalid
+parameters, to the extent allowed by the C language and by implementation size
+constraints.</p>
+</div>
+<div class="section" id="example-use-cases">
+<h2>2.6. Example use cases</h2>
+<p>This section lists some of the use cases that were considered during the design
+of this API. This list is not exhaustive, nor are all implementations required to
+support all use cases.</p>
+<div class="section" id="network-security-tls">
+<h3>2.6.1. Network Security (TLS)</h3>
+<p>The API provides all of the cryptographic primitives needed to establish TLS
+connections.</p>
+</div>
+<div class="section" id="secure-storage">
+<h3>2.6.2. Secure Storage</h3>
+<p>The API provides all primitives related to storage encryption, block or
+file-based, with master encryption keys stored inside a key store.</p>
+</div>
+<div class="section" id="network-credentials">
+<h3>2.6.3. Network Credentials</h3>
+<p>The API provides network credential management inside a key store, for example,
+for X.509-based authentication or pre-shared keys on enterprise networks.</p>
+</div>
+<div class="section" id="device-pairing">
+<h3>2.6.4. Device Pairing</h3>
+<p>The API provides support for key agreement protocols that are often used for
+secure pairing of devices over wireless channels. For example, the pairing of an
+NFC token or a Bluetooth device might use key agreement protocols upon
+first use.</p>
+</div>
+<div class="section" id="secure-boot">
+<h3>2.6.5. Secure Boot</h3>
+<p>The API provides primitives for use during firmware integrity and authenticity
+validation, during a secure or trusted boot process.</p>
+</div>
+<div class="section" id="attestation">
+<h3>2.6.6. Attestation</h3>
+<p>The API provides primitives used in attestation activities. Attestation is the
+ability for a device to sign an array of bytes with a device private key and
+return the result to the caller. There are several use cases; ranging from attestation
+of the device state, to the ability to generate a key pair and prove that it has
+been generated inside a secure key store. The API provides access to the
+algorithms commonly used for attestation.</p>
+</div>
+<div class="section" id="factory-provisioning">
+<h3>2.6.7. Factory Provisioning</h3>
+<p>Most IoT devices receive a unique identity during the factory provisioning
+process, or once they have been deployed to the field. This API provides the APIs necessary for
+populating a device with keys that represent that identity.</p>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="intro.html">1. Introduction</a></li>
+<li class="toctree-l1 current"><a class="current reference internal" href="#">2. Design goals</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="#suitable-for-constrained-devices">2.1. Suitable for constrained devices</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#a-keystore-interface">2.2. A keystore interface</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#optional-isolation">2.3. Optional isolation</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#choice-of-algorithms">2.4. Choice of algorithms</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#ease-of-use">2.5. Ease of use</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#example-use-cases">2.6. Example use cases</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#network-security-tls">2.6.1. Network Security (TLS)</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#secure-storage">2.6.2. Secure Storage</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#network-credentials">2.6.3. Network Credentials</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#device-pairing">2.6.4. Device Pairing</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#secure-boot">2.6.5. Secure Boot</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#attestation">2.6.6. Attestation</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#factory-provisioning">2.6.7. Factory Provisioning</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/overview/implementation.html b/docs/1.1.0/html/overview/implementation.html
new file mode 100644
index 0000000..61d40b1
--- /dev/null
+++ b/docs/1.1.0/html/overview/implementation.html
@@ -0,0 +1,376 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>6. Implementation considerations — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../_static/jquery.js"></script>
+ <script type="text/javascript" src="../_static/underscore.js"></script>
+ <script type="text/javascript" src="../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../about.html" />
+ <link rel="index" title="Index" href="../genindex.html" />
+ <link rel="search" title="Search" href="../search.html" />
+ <link rel="next" title="7. Usage considerations" href="usage.html" />
+ <link rel="prev" title="5. Library conventions" href="conventions.html" />
+
+ <link rel="stylesheet" href="../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="implementation-considerations">
+<span id="id1"></span><h1>6. Implementation considerations</h1>
+<div class="section" id="implementation-specific-aspects-of-the-interface">
+<h2>6.1. Implementation-specific aspects of the interface</h2>
+<div class="section" id="implementation-profile">
+<h3>6.1.1. Implementation profile</h3>
+<p>Implementations can implement a subset of the API and a subset of the available
+algorithms. The implemented subset is known as the implementation’s profile. The
+documentation for each implementation must describe the profile that it
+implements. This specification’s companion documents also define a number of
+standard profiles.</p>
+</div>
+<div class="section" id="implementation-specific-types">
+<span id="implementation-defined-type"></span><h3>6.1.2. Implementation-specific types</h3>
+<p>This specification defines a number of implementation-specific types, which
+represent objects whose content depends on the implementation. These are defined
+as C <code class="docutils literal"><span class="pre">typedef</span></code> types in this specification, with a comment
+<em><a class="reference internal" href="#implementation-defined-type"><span class="std std-ref">/* implementation-defined type */</span></a></em> in place of the underlying type
+definition. For some types the specification constrains the type, for example,
+by requiring that the type is a <code class="docutils literal"><span class="pre">struct</span></code>, or that it is convertible to and
+from an unsigned integer. In the implementation’s version of <code class="file docutils literal"><span class="pre">psa/crypto.h</span></code>,
+these types need to be defined as complete C types so that objects of these
+types can be instantiated by application code.</p>
+<p>Applications that rely on the implementation specific definition of any of these
+types might not be portable to other implementations of this specification.</p>
+</div>
+<div class="section" id="implementation-specific-macros">
+<span id="implementation-specific-macro"></span><h3>6.1.3. Implementation-specific macros</h3>
+<p>Some macro constants and function-like macros are precisely defined by this
+specification. The use of an exact definition is essential if the definition can
+appear in more than one header file within a compilation.</p>
+<p>Other macros that are defined by this specification have a macro body that is
+implementation-specific. The description of an implementation-specific macro can
+optionally specify each of the following requirements:</p>
+<ul class="simple">
+<li>Input domains: the macro must be valid for arguments within the input domain.</li>
+<li>A return type: the macro result must be compatible with this type.</li>
+<li>Output range: the macro result must lie in the output range.</li>
+<li>Computed value: A precise mapping of valid input to output values.</li>
+</ul>
+<p>Each implementation-specific macro is in one of following categories:</p>
+<dl class="docutils" id="specification-defined-value">
+<dt><em>Specification-defined value</em></dt>
+<dd><p class="first">The result type and computed value of the macro expression is defined by
+this specification, but the definition of the macro body is provided by the
+implementation.</p>
+<p>These macros are indicated in this specification using the comment
+<em><a class="reference internal" href="#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em>.</p>
+<p>For function-like macros with specification-defined values:</p>
+<ul class="last simple">
+<li>Example implementations are provided in an appendix to this specification.
+See <a class="reference internal" href="../appendix/specdef_values.html#appendix-specdef-values"><span class="secref">Example macro implementations</span></a>.</li>
+<li>The expected computation for valid and supported input arguments will be
+defined as pseudo-code in a future version of this specification.</li>
+</ul>
+</dd>
+</dl>
+<dl class="docutils" id="implementation-defined-value">
+<dt><em>Implementation-defined value</em></dt>
+<dd><p class="first">The value of the macro expression is implementation-defined.</p>
+<p>For some macros, the computed value is derived from the specification of one
+or more cryptographic algorithms. In these cases, the result must exactly
+match the value in those external specifications.</p>
+<p class="last">These macros are indicated in this specification using the comment
+<em><a class="reference internal" href="#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em>.</p>
+</dd>
+</dl>
+<p>Some of these macros compute a result based on an algorithm or key type.
+If an implementation defines vendor-specific algorithms or
+key types, then it must provide an implementation for such macros that takes all
+relevant algorithms and types into account. Conversely, an implementation that
+does not support a certain algorithm or key type can define such macros in a
+simpler way that does not take unsupported argument values into account.</p>
+<p>Some macros define the minimum sufficient output buffer size for certain
+functions. In some cases, an implementation is allowed to require a buffer size
+that is larger than the theoretical minimum. An implementation must define
+minimum-size macros in such a way that it guarantees that the buffer of the
+resulting size is sufficient for the output of the corresponding function. Refer
+to each macro’s documentation for the applicable requirements.</p>
+</div>
+</div>
+<div class="section" id="porting-to-a-platform">
+<h2>6.2. Porting to a platform</h2>
+<div class="section" id="platform-assumptions">
+<h3>6.2.1. Platform assumptions</h3>
+<p>This specification is designed for a C99 platform. The interface is defined in
+terms of C macros, functions and objects.</p>
+<p>The specification assumes 8-bit bytes, and “byte” and “octet” are used
+synonymously.</p>
+</div>
+<div class="section" id="platform-specific-types">
+<h3>6.2.2. Platform-specific types</h3>
+<p>The specification makes use of some types defined in C99. These types must be
+defined in the implementation version of <code class="file docutils literal"><span class="pre">psa/crypto.h</span></code> or by a header
+included in this file. The following C99 types are used:</p>
+<dl class="docutils">
+<dt><code class="docutils literal"><span class="pre">uint8_t</span></code>, <code class="docutils literal"><span class="pre">uint16_t</span></code>, <code class="docutils literal"><span class="pre">uint32_t</span></code></dt>
+<dd>Unsigned integer types with 8, 16 and 32 value bits respectively.
+These types are defined by the C99 header <code class="file docutils literal"><span class="pre">stdint.h</span></code>.</dd>
+</dl>
+</div>
+<div class="section" id="cryptographic-hardware-support">
+<h3>6.2.3. Cryptographic hardware support</h3>
+<p>Implementations are encouraged to make use of hardware accelerators where
+available. A future version of this specification will define a function
+interface that calls drivers for hardware accelerators and external
+cryptographic hardware.</p>
+</div>
+</div>
+<div class="section" id="security-requirements-and-recommendations">
+<h2>6.3. Security requirements and recommendations</h2>
+<div class="section" id="error-detection">
+<h3>6.3.1. Error detection</h3>
+<p>Implementations that provide <a class="reference internal" href="../about.html#term-isolation"><span class="term">isolation</span></a> between the caller and the cryptography
+processing environment must validate parameters to ensure that the cryptography
+processing environment is protected from attacks caused by passing invalid
+parameters.</p>
+<p>Even implementations that do not provide isolation are recommended to detect bad
+parameters and fail-safe where possible.</p>
+</div>
+<div class="section" id="indirect-object-references">
+<h3>6.3.2. Indirect object references</h3>
+<p>Implementations can use different strategies for allocating key identifiers,
+and other types of indirect object reference.</p>
+<p>Implementations that provide isolation between the caller and the cryptography
+processing environment must consider the threats relating to abuse and misuse
+of key identifiers and other indirect resource references. For example,
+multi-part operations can be implemented as backend state to which the client
+only maintains an indirect reference in the application’s multi-part operation
+object.</p>
+<p>An implementation that supports multiple callers must implement strict isolation
+of API resources between different callers. For example, a client must not be
+able to obtain a reference to another client’s key by guessing the key
+identifier value. Isolation of key identifiers can be achieved in several ways.
+For example:</p>
+<ul class="simple">
+<li>There is a single identifier namespace for all clients, and the
+implementation verifies that the client is the owner of the identifier when
+looking up the key.</li>
+<li>Each client has an independent identifier namespace, and the implementation
+uses a client specific identifier-to-key mapping when looking up the key.</li>
+</ul>
+<p>After a volatile key identifier is destroyed, it is recommended that the
+implementation does not immediately reuse the same identifier value for a
+different key. This reduces the risk of an attack that is able to exploit a key
+identifier reuse vulnerability within an application.</p>
+</div>
+<div class="section" id="memory-cleanup">
+<span id="id2"></span><h3>6.3.3. Memory cleanup</h3>
+<p>Implementations must wipe all sensitive data from memory when it is no longer
+used. It is recommended that they wipe this sensitive data as soon as possible. All
+temporary data used during the execution of a function, such as stack buffers,
+must be wiped before the function returns. All data associated with an object,
+such as a multi-part operation, must be wiped, at the latest, when the object
+becomes inactive, for example, when a multi-part operation is aborted.</p>
+<p>The rationale for this non-functional requirement is to minimize impact if the
+system is compromised. If sensitive data is wiped immediately after use, only
+data that is currently in use can be leaked. It does not compromise past data.</p>
+</div>
+<div class="section" id="managing-key-material">
+<span id="key-material"></span><h3>6.3.4. Managing key material</h3>
+<p>In implementations that have limited volatile memory for keys, the
+implementation is permitted to store a <a class="reference internal" href="../about.html#term-volatile-key"><span class="term">volatile key</span></a> to a
+temporary location in non-volatile memory. The implementation must delete any
+non-volatile copies when the key is destroyed, and it is recommended that these copies
+are deleted as soon as the key is reloaded into volatile memory. An
+implementation that uses this method must clear any stored volatile key material
+on startup.</p>
+<p>Implementing the memory cleanup rule (see <a class="reference internal" href="#memory-cleanup"><span class="secref">Memory cleanup</span></a>) for a <a class="reference internal" href="../about.html#term-persistent-key"><span class="term">persistent key</span></a>
+can result in inefficiencies when the same persistent key is used sequentially
+in multiple cryptographic operations. The inefficiency stems from loading the
+key from non-volatile storage on each use of the key. The <a class="reference internal" href="../api/keys/policy.html#c.PSA_KEY_USAGE_CACHE" title="PSA_KEY_USAGE_CACHE"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_KEY_USAGE_CACHE</span></code></a>
+usage flag in a key policy allows an application to request that the implementation does not cleanup
+non-essential copies of persistent key material, effectively suspending the
+cleanup rules for that key. The effects of this policy depend on the
+implementation and the key, for example:</p>
+<ul class="simple">
+<li>For volatile keys or keys in a secure element with no open/close mechanism,
+this is likely to have no effect.</li>
+<li>For persistent keys that are not in a secure element, this allows the
+implementation to keep the key in a memory cache outside of the memory used
+by ongoing operations.</li>
+<li>For keys in a secure element with an open/close mechanism, this is a hint to
+keep the key open in the secure element.</li>
+</ul>
+<p>The application can indicate when it has finished using the key by calling
+<a class="reference internal" href="../api/keys/management.html#c.psa_purge_key" title="psa_purge_key"><code class="xref any c c-func docutils literal"><span class="pre">psa_purge_key()</span></code></a>, to request that the key material is cleaned from memory.</p>
+</div>
+<div class="section" id="safe-outputs-on-error">
+<h3>6.3.5. Safe outputs on error</h3>
+<p>Implementations must ensure that confidential data is not written to output
+parameters before validating that the disclosure of this confidential data is
+authorized. This requirement is particularly important for implementations where
+the caller can share memory with another security context, as described in
+<a class="reference internal" href="conventions.html#stability-of-parameters"><span class="secref">Stability of parameters</span></a>.</p>
+<p>In most cases, the specification does not define the content of output
+parameters when an error occurs. It is recommended that implementations try to
+ensure that the content of output parameters is as safe as possible, in case an
+application flaw or a data leak causes it to be used. In particular, Arm
+recommends that implementations avoid placing partial output in output buffers
+when an action is interrupted. The meaning of “safe as possible” depends on the
+implementation, as different environments require different compromises between
+implementation complexity, overall robustness and performance. Some common
+strategies are to leave output parameters unchanged, in case of errors, or
+zeroing them out.</p>
+</div>
+<div class="section" id="attack-resistance">
+<h3>6.3.6. Attack resistance</h3>
+<p>Cryptographic code tends to manipulate high-value secrets, from which other
+secrets can be unlocked. As such, it is a high-value target for attacks. There
+is a vast body of literature on attack types, such as side channel attacks and
+glitch attacks. Typical side channels include timing, cache access patterns,
+branch-prediction access patterns, power consumption, radio emissions and more.</p>
+<p>This specification does not specify particular requirements for attack
+resistance. Implementers are encouraged to consider the attack resistance
+desired in each use case and design their implementation accordingly. Security
+standards for attack resistance for particular targets might be applicable in
+certain use cases.</p>
+</div>
+</div>
+<div class="section" id="other-implementation-considerations">
+<h2>6.4. Other implementation considerations</h2>
+<div class="section" id="philosophy-of-resource-management">
+<h3>6.4.1. Philosophy of resource management</h3>
+<p>The specification allows most functions to return
+<a class="reference internal" href="../api/library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="xref any c c-macro docutils literal"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a>. This gives implementations the freedom to
+manage memory as they please.</p>
+<p>Alternatively, the interface is also designed for conservative strategies of
+memory management. An implementation can avoid dynamic memory allocation
+altogether by obeying certain restrictions:</p>
+<ul class="simple">
+<li>Pre-allocate memory for a predefined number of keys, each with sufficient
+memory for all key types that can be stored.</li>
+<li>For multi-part operations, in an implementation with <a class="reference internal" href="../about.html#term-no-isolation"><span class="term">no isolation</span></a>, place all
+the data that needs to be carried over from one step to the next in the
+operation object. The application is then fully in control of how memory is
+allocated for the operation.</li>
+<li>In an implementation with <a class="reference internal" href="../about.html#term-isolation"><span class="term">isolation</span></a>, pre-allocate memory for a predefined
+number of operations inside the cryptoprocessor.</li>
+</ul>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1 current"><a class="current reference internal" href="#">6. Implementation considerations</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="#implementation-specific-aspects-of-the-interface">6.1. Implementation-specific aspects of the interface</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#implementation-profile">6.1.1. Implementation profile</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#implementation-specific-types">6.1.2. Implementation-specific types</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#implementation-specific-macros">6.1.3. Implementation-specific macros</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#porting-to-a-platform">6.2. Porting to a platform</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#platform-assumptions">6.2.1. Platform assumptions</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#platform-specific-types">6.2.2. Platform-specific types</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#cryptographic-hardware-support">6.2.3. Cryptographic hardware support</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#security-requirements-and-recommendations">6.3. Security requirements and recommendations</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#error-detection">6.3.1. Error detection</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#indirect-object-references">6.3.2. Indirect object references</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#memory-cleanup">6.3.3. Memory cleanup</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#managing-key-material">6.3.4. Managing key material</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#safe-outputs-on-error">6.3.5. Safe outputs on error</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#attack-resistance">6.3.6. Attack resistance</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#other-implementation-considerations">6.4. Other implementation considerations</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#philosophy-of-resource-management">6.4.1. Philosophy of resource management</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/overview/intro.html b/docs/1.1.0/html/overview/intro.html
new file mode 100644
index 0000000..59fbe08
--- /dev/null
+++ b/docs/1.1.0/html/overview/intro.html
@@ -0,0 +1,136 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>1. Introduction — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../_static/jquery.js"></script>
+ <script type="text/javascript" src="../_static/underscore.js"></script>
+ <script type="text/javascript" src="../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../about.html" />
+ <link rel="index" title="Index" href="../genindex.html" />
+ <link rel="search" title="Search" href="../search.html" />
+ <link rel="next" title="2. Design goals" href="goals.html" />
+ <link rel="prev" title="About this document" href="../about.html" />
+
+ <link rel="stylesheet" href="../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="introduction">
+<h1>1. Introduction</h1>
+<p>Arm’s Platform Security Architecture (PSA) is a holistic set of threat models,
+security analyses, hardware and firmware architecture specifications, an
+open source firmware reference implementation, and an independent evaluation
+and certification scheme. PSA provides a recipe, based on
+industry best practice, that allows security to be consistently designed in, at
+both a hardware and firmware level.</p>
+<p>The PSA Cryptographic API (Crypto API) described in this document is an
+important PSA component that provides a portable interface to cryptographic operations
+on a wide range of hardware. The interface is user-friendly, while still
+providing access to the low-level primitives used in modern cryptography. It
+does not require that the user has access to the key material. Instead, it uses
+opaque key identifiers.</p>
+<p>This document is part of the PSA family of specifications. It defines an
+interface for cryptographic services, including cryptography primitives and a
+key storage functionality.</p>
+<p>This document includes:</p>
+<ul class="simple">
+<li>A rationale for the design. See <a class="reference internal" href="goals.html#design-goals"><span class="secref">Design goals</span></a>.</li>
+<li>A high-level overview of the functionality provided by the interface. See <a class="reference internal" href="functionality.html#functionality-overview"><span class="secref">Functionality overview</span></a>.</li>
+<li>A description of typical architectures of implementations for this specification. See <a class="reference internal" href="sample-arch.html#architectures"><span class="secref">Sample architectures</span></a>.</li>
+<li>General considerations for implementers of this specification, and for applications that use the interface defined in this specification. See <a class="reference internal" href="implementation.html#implementation-considerations"><span class="secref">Implementation considerations</span></a> and <a class="reference internal" href="usage.html#usage-considerations"><span class="secref">Usage considerations</span></a>.</li>
+<li>A detailed definition of the API. See <a class="reference internal" href="../api/library/index.html#library-management"><span class="secref">Library management reference</span></a>, <a class="reference internal" href="../api/keys/index.html#key-management"><span class="secref">Key management reference</span></a>, and <a class="reference internal" href="../api/ops/index.html#crypto-operations"><span class="secref">Cryptographic operation reference</span></a>.</li>
+</ul>
+<p><span><em>PSA Cryptographic API 1.1 PAKE Extension</em> <a class="reference internal" href="../about.html#citation-psa-pake"><span class="cite">[PSA-PAKE]</span></a></span> is a companion document for version 1.1 of this specification. <a class="reference internal" href="../about.html#citation-psa-pake"><span class="cite">[PSA-PAKE]</span></a> defines a new API for Password Authenticated Key Establishment (PAKE) algorithms. The PAKE API is an initial proposal at BETA status. The API defined by <a class="reference internal" href="../about.html#citation-psa-pake"><span class="cite">[PSA-PAKE]</span></a> is provided in a separate specification to reflect the different status of this API, and indicate that a future version can include incompatible changes to the PAKE API. When the PAKE API is stable, it will be included in a future version of the PSA Cryptographic API specification.</p>
+<p>In future, other companion documents will define <em>profiles</em> for this specification. A profile is
+a minimum mandatory subset of the interface that a compliant implementation must
+provide.</p>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1 current"><a class="current reference internal" href="#">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/overview/sample-arch.html b/docs/1.1.0/html/overview/sample-arch.html
new file mode 100644
index 0000000..68b4971
--- /dev/null
+++ b/docs/1.1.0/html/overview/sample-arch.html
@@ -0,0 +1,218 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>4. Sample architectures — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../_static/jquery.js"></script>
+ <script type="text/javascript" src="../_static/underscore.js"></script>
+ <script type="text/javascript" src="../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../about.html" />
+ <link rel="index" title="Index" href="../genindex.html" />
+ <link rel="search" title="Search" href="../search.html" />
+ <link rel="next" title="5. Library conventions" href="conventions.html" />
+ <link rel="prev" title="3. Functionality overview" href="functionality.html" />
+
+ <link rel="stylesheet" href="../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="sample-architectures">
+<span id="architectures"></span><h1>4. Sample architectures</h1>
+<p>This section describes some example architectures that can be used for
+implementations of the interface described in this specification. This list is
+not exhaustive and the section is entirely non-normative.</p>
+<div class="section" id="single-partition-architecture">
+<h2>4.1. Single-partition architecture</h2>
+<p>In the single-partition architecture, there is no security boundary inside the system. The
+application code can access all the system memory, including the memory used by
+the cryptographic services described in this specification. Thus, the
+architecture provides <a class="reference internal" href="../about.html#term-no-isolation"><span class="term">no isolation</span></a>.</p>
+<p>This architecture does not conform to the Arm <em>Platform Security Architecture
+Security Model</em>. However, it is useful for providing cryptographic services
+that use the same interface, even on devices that cannot support any security
+boundary. So, while this architecture is not the primary design goal of the API
+defined in the present specification, it is supported.</p>
+<p>The functions in this specification simply execute the underlying algorithmic
+code. Security checks can be kept to a minimum, since the cryptoprocessor cannot
+defend against a malicious application. Key import and export copy data inside
+the same memory space.</p>
+<p>This architecture also describes a subset of some larger systems, where the
+cryptographic services are implemented inside a high-security partition,
+separate from the code of the main application, though it shares this
+high-security partition with other platform security services.</p>
+</div>
+<div class="section" id="cryptographic-token-and-single-application-processor">
+<span id="isolated-cryptoprocessor"></span><h2>4.2. Cryptographic token and single-application processor</h2>
+<p>This system is composed of two partitions: one is a cryptoprocessor and the
+other partition runs an application. There is a security boundary between the
+two partitions, so that the application cannot access the cryptoprocessor,
+except through its public interface. Thus, the architecture provides
+<a class="reference internal" href="../about.html#term-cryptoprocessor-isolation"><span class="term">cryptoprocessor isolation</span></a>. The cryptoprocessor has
+some non-volatile storage, a TRNG, and possibly, some cryptographic accelerators.</p>
+<p>There are a number of potential physical realizations: the cryptoprocessor might
+be a separate chip, a separate processor on the same chip, or a logical
+partition using a combination of hardware and software to provide the isolation.
+These realizations are functionally equivalent in terms of the offered software
+interface, but they would typically offer different levels of security
+guarantees.</p>
+<p>The PSA crypto API in the application processor consists of a thin layer of code
+that translates function calls to remote procedure calls in the cryptoprocessor.
+All cryptographic computations are, therefore, performed inside the
+cryptoprocessor. Non-volatile keys are stored inside the cryptoprocessor.</p>
+</div>
+<div class="section" id="cryptoprocessor-with-no-key-storage">
+<h2>4.3. Cryptoprocessor with no key storage</h2>
+<p>As in the <a class="reference internal" href="#isolated-cryptoprocessor"><span class="secref">Cryptographic token and single-application processor</span></a> architecture, this system
+is also composed of two partitions separated by a security boundary and also
+provides <a class="reference internal" href="../about.html#term-cryptoprocessor-isolation"><span class="term">cryptoprocessor isolation</span></a>.
+However, unlike the previous architecture, in this system, the cryptoprocessor
+does not have any secure, persistent storage that could be used to store
+application keys.</p>
+<p>If the cryptoprocessor is not capable of storing cryptographic material, then
+there is little use for a separate cryptoprocessor, since all data would have to
+be imported by the application.</p>
+<p>The cryptoprocessor can provide useful services if it is able to store at least
+one key. This might be a hardware unique key that is burnt to one-time
+programmable memory during the manufacturing of the device. This key can be used
+for one or more purposes:</p>
+<ul class="simple">
+<li>Encrypt and authenticate data stored in the application processor.</li>
+<li>Communicate with a paired device.</li>
+<li>Allow the application to perform operations with keys that are derived from
+the hardware unique key.</li>
+</ul>
+</div>
+<div class="section" id="multi-client-cryptoprocessor">
+<h2>4.4. Multi-client cryptoprocessor</h2>
+<p>This is an expanded variant of
+<a class="reference internal" href="#isolated-cryptoprocessor"><span class="secref">Cryptographic token and single-application processor</span></a>. In this
+variant, the cryptoprocessor serves multiple applications that are mutually
+untrustworthy. This architecture provides <a class="reference internal" href="../about.html#term-caller-isolation"><span class="term">caller isolation</span></a>.</p>
+<p>In this architecture, API calls are translated to remote procedure calls, which
+encode the identity of the client application. The cryptoprocessor carefully
+segments its internal storage to ensure that a client’s data is never leaked to
+another client.</p>
+</div>
+<div class="section" id="multi-cryptoprocessor-architecture">
+<h2>4.5. Multi-cryptoprocessor architecture</h2>
+<p>This system includes multiple cryptoprocessors. There are several reasons to
+have multiple cryptoprocessors:</p>
+<ul class="simple">
+<li>Different compromises between security and performance for different keys.
+Typically, this means a cryptoprocessor that runs on the same hardware as the
+main application and processes short-term secrets, a secure element or a
+similar separate chip that retains long-term secrets.</li>
+<li>Independent provisioning of certain secrets.</li>
+<li>A combination of a non-removable cryptoprocessor and removable ones, for
+example, a smartcard or HSM.</li>
+<li>Cryptoprocessors managed by different stakeholders who do not trust each
+other.</li>
+</ul>
+<p>The keystore implementation needs to dispatch each request to the correct
+processor. For example:</p>
+<ul class="simple">
+<li>All requests involving a non-extractable key must be processed in the
+cryptoprocessor that holds that key.</li>
+<li>Requests involving a persistent key must be processed in the cryptoprocessor
+that corresponds to the key’s lifetime value.</li>
+<li>Requests involving a volatile key might target a cryptoprocessor based on
+parameters supplied by the application, or based on considerations such as
+performance inside the implementation.</li>
+</ul>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1 current"><a class="current reference internal" href="#">4. Sample architectures</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="#single-partition-architecture">4.1. Single-partition architecture</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#cryptographic-token-and-single-application-processor">4.2. Cryptographic token and single-application processor</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#cryptoprocessor-with-no-key-storage">4.3. Cryptoprocessor with no key storage</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#multi-client-cryptoprocessor">4.4. Multi-client cryptoprocessor</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#multi-cryptoprocessor-architecture">4.5. Multi-cryptoprocessor architecture</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/overview/usage.html b/docs/1.1.0/html/overview/usage.html
new file mode 100644
index 0000000..f2d8d5b
--- /dev/null
+++ b/docs/1.1.0/html/overview/usage.html
@@ -0,0 +1,177 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>7. Usage considerations — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="../_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: '../',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="../_static/jquery.js"></script>
+ <script type="text/javascript" src="../_static/underscore.js"></script>
+ <script type="text/javascript" src="../_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="../about.html" />
+ <link rel="index" title="Index" href="../genindex.html" />
+ <link rel="search" title="Search" href="../search.html" />
+ <link rel="next" title="8. Library management reference" href="../api/library/index.html" />
+ <link rel="prev" title="6. Implementation considerations" href="implementation.html" />
+
+ <link rel="stylesheet" href="../_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <div class="section" id="usage-considerations">
+<span id="id1"></span><h1>7. Usage considerations</h1>
+<div class="section" id="security-recommendations">
+<h2>7.1. Security recommendations</h2>
+<div class="section" id="always-check-for-errors">
+<h3>7.1.1. Always check for errors</h3>
+<p>Most functions in this API can return errors. All functions that can fail have
+the return type <a class="reference internal" href="../api/library/status.html#c.psa_status_t" title="psa_status_t"><code class="xref any c c-type docutils literal"><span class="pre">psa_status_t</span></code></a>. A few functions cannot fail, and thus, return
+<code class="docutils literal"><span class="pre">void</span></code> or some other type.</p>
+<p>If an error occurs, unless otherwise specified, the content of the output
+parameters is undefined and must not be used.</p>
+<p>Some common causes of errors include:</p>
+<ul class="simple">
+<li>In implementations where the keys are stored and processed in a separate
+environment from the application, all functions that need to access the
+cryptography processing environment might fail due to an error in the
+communication between the two environments.</li>
+<li>If an algorithm is implemented with a hardware accelerator, which is
+logically separate from the application processor, the accelerator might fail,
+even when the application processor keeps running normally.</li>
+<li>Most functions might fail due to a lack of resources. However, some
+implementations guarantee that certain functions always have sufficient
+memory.</li>
+<li>All functions that access persistent keys might fail due to a storage failure.</li>
+<li>All functions that require randomness might fail due to a lack of entropy.
+Implementations are encouraged to seed the random generator with sufficient
+entropy during the execution of <a class="reference internal" href="../api/library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal"><span class="pre">psa_crypto_init()</span></code></a>. However, some security
+standards require periodic reseeding from a hardware random generator, which
+can fail.</li>
+</ul>
+</div>
+<div class="section" id="shared-memory-and-concurrency">
+<h3>7.1.2. Shared memory and concurrency</h3>
+<p>Some environments allow applications to be multithreaded, while others do not.
+In some environments, applications can share memory with a different security
+context. In environments with multithreaded applications or shared memory,
+applications must be written carefully to avoid data corruption or leakage. This
+specification requires the application to obey certain constraints.</p>
+<p>In general, this API allows either one writer or any number of simultaneous
+readers, on any given object. In other words, if two or more calls access the
+same object concurrently, then the behavior is only well-defined if all the
+calls are only reading from the object and do not modify it. Read accesses
+include reading memory by input parameters and reading keystore content by using
+a key. For more details, refer to <a class="reference internal" href="conventions.html#concurrency"><span class="secref">Concurrent calls</span></a>.</p>
+<p>If an application shares memory with another security context, it can pass
+shared memory blocks as input buffers or output buffers, but not as non-buffer
+parameters. For more details, refer to <a class="reference internal" href="conventions.html#stability-of-parameters"><span class="secref">Stability of parameters</span></a>.</p>
+</div>
+<div class="section" id="cleaning-up-after-use">
+<h3>7.1.3. Cleaning up after use</h3>
+<p>To minimize impact if the system is compromised, it is recommended that
+applications wipe all sensitive data from memory when it is no longer used. That
+way, only data that is currently in use can be leaked, and past data is not
+compromised.</p>
+<p>Wiping sensitive data includes:</p>
+<ul class="simple">
+<li>Clearing temporary buffers in the stack or on the heap.</li>
+<li>Aborting operations if they will not be finished.</li>
+<li>Destroying keys that are no longer used.</li>
+</ul>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="../index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../about.html">About this document</a></li>
+</ul>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1 current"><a class="current reference internal" href="#">7. Usage considerations</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="#security-recommendations">7.1. Security recommendations</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#always-check-for-errors">7.1.1. Always check for errors</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#shared-memory-and-concurrency">7.1.2. Shared memory and concurrency</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#cleaning-up-after-use">7.1.3. Cleaning up after use</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="../api/library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../api/ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="../search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/psa_c-identifiers.html b/docs/1.1.0/html/psa_c-identifiers.html
new file mode 100644
index 0000000..35d177c
--- /dev/null
+++ b/docs/1.1.0/html/psa_c-identifiers.html
@@ -0,0 +1,1975 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>Index of API elements — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: './',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="_static/jquery.js"></script>
+ <script type="text/javascript" src="_static/underscore.js"></script>
+ <script type="text/javascript" src="_static/doctools.js"></script>
+ <link rel="author" title="About these documents" href="about.html" />
+ <link rel="index" title="Index" href="genindex.html" />
+ <link rel="search" title="Search" href="search.html" />
+
+
+ <link rel="stylesheet" href="_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+
+ <h1>Index of API elements</h1>
+
+ <div class="modindex-jumpbox">
+ <a href="#cap-PSA_A"><strong>PSA_A</strong></a> |
+ <a href="#cap-PSA_B"><strong>PSA_B</strong></a> |
+ <a href="#cap-PSA_C"><strong>PSA_C</strong></a> |
+ <a href="#cap-PSA_D"><strong>PSA_D</strong></a> |
+ <a href="#cap-PSA_E"><strong>PSA_E</strong></a> |
+ <a href="#cap-PSA_G"><strong>PSA_G</strong></a> |
+ <a href="#cap-PSA_H"><strong>PSA_H</strong></a> |
+ <a href="#cap-PSA_I"><strong>PSA_I</strong></a> |
+ <a href="#cap-PSA_K"><strong>PSA_K</strong></a> |
+ <a href="#cap-PSA_M"><strong>PSA_M</strong></a> |
+ <a href="#cap-PSA_P"><strong>PSA_P</strong></a> |
+ <a href="#cap-PSA_R"><strong>PSA_R</strong></a> |
+ <a href="#cap-PSA_S"><strong>PSA_S</strong></a> |
+ <a href="#cap-PSA_T"><strong>PSA_T</strong></a> |
+ <a href="#cap-PSA_V"><strong>PSA_V</strong></a>
+ </div>
+
+ <table class="indextable modindextable">
+ <tr class="pcap"><td></td><td> </td><td></td></tr>
+ <tr class="cap" id="cap-PSA_A"><td></td><td>
+ <strong>PSA_A</strong></td><td></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE"><code class="xref">PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_AEAD_DECRYPT_OUTPUT_SIZE"><code class="xref">PSA_AEAD_DECRYPT_OUTPUT_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE"><code class="xref">PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_AEAD_ENCRYPT_OUTPUT_SIZE"><code class="xref">PSA_AEAD_ENCRYPT_OUTPUT_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_AEAD_FINISH_OUTPUT_MAX_SIZE"><code class="xref">PSA_AEAD_FINISH_OUTPUT_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_AEAD_FINISH_OUTPUT_SIZE"><code class="xref">PSA_AEAD_FINISH_OUTPUT_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_AEAD_NONCE_LENGTH"><code class="xref">PSA_AEAD_NONCE_LENGTH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_AEAD_NONCE_MAX_SIZE"><code class="xref">PSA_AEAD_NONCE_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_AEAD_OPERATION_INIT"><code class="xref">PSA_AEAD_OPERATION_INIT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_AEAD_TAG_LENGTH"><code class="xref">PSA_AEAD_TAG_LENGTH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_AEAD_TAG_MAX_SIZE"><code class="xref">PSA_AEAD_TAG_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE"><code class="xref">PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_AEAD_UPDATE_OUTPUT_SIZE"><code class="xref">PSA_AEAD_UPDATE_OUTPUT_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE"><code class="xref">PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_AEAD_VERIFY_OUTPUT_SIZE"><code class="xref">PSA_AEAD_VERIFY_OUTPUT_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG"><code class="xref">PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG"><code class="xref">PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_ALG_AEAD_WITH_SHORTENED_TAG"><code class="xref">PSA_ALG_AEAD_WITH_SHORTENED_TAG</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_ANY_HASH"><code class="xref">PSA_ALG_ANY_HASH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.PSA_ALG_AT_LEAST_THIS_LENGTH_MAC"><code class="xref">PSA_ALG_AT_LEAST_THIS_LENGTH_MAC</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.PSA_ALG_CBC_MAC"><code class="xref">PSA_ALG_CBC_MAC</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_ALG_CBC_NO_PADDING"><code class="xref">PSA_ALG_CBC_NO_PADDING</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_ALG_CBC_PKCS7"><code class="xref">PSA_ALG_CBC_PKCS7</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_ALG_CCM"><code class="xref">PSA_ALG_CCM</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_ALG_CFB"><code class="xref">PSA_ALG_CFB</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_ALG_CHACHA20_POLY1305"><code class="xref">PSA_ALG_CHACHA20_POLY1305</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.PSA_ALG_CMAC"><code class="xref">PSA_ALG_CMAC</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_ALG_CTR"><code class="xref">PSA_ALG_CTR</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_DETERMINISTIC_ECDSA"><code class="xref">PSA_ALG_DETERMINISTIC_ECDSA</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_ALG_ECB_NO_PADDING"><code class="xref">PSA_ALG_ECB_NO_PADDING</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ka.html#c.PSA_ALG_ECDH"><code class="xref">PSA_ALG_ECDH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_ECDSA"><code class="xref">PSA_ALG_ECDSA</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_ECDSA_ANY"><code class="xref">PSA_ALG_ECDSA_ANY</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_ED25519PH"><code class="xref">PSA_ALG_ED25519PH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_ED448PH"><code class="xref">PSA_ALG_ED448PH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ka.html#c.PSA_ALG_FFDH"><code class="xref">PSA_ALG_FFDH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.PSA_ALG_FULL_LENGTH_MAC"><code class="xref">PSA_ALG_FULL_LENGTH_MAC</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_ALG_GCM"><code class="xref">PSA_ALG_GCM</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/algorithms.html#c.PSA_ALG_GET_HASH"><code class="xref">PSA_ALG_GET_HASH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_ALG_HKDF"><code class="xref">PSA_ALG_HKDF</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.PSA_ALG_HMAC"><code class="xref">PSA_ALG_HMAC</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/algorithms.html#c.PSA_ALG_IS_AEAD"><code class="xref">PSA_ALG_IS_AEAD</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER"><code class="xref">PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/algorithms.html#c.PSA_ALG_IS_ASYMMETRIC_ENCRYPTION"><code class="xref">PSA_ALG_IS_ASYMMETRIC_ENCRYPTION</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.PSA_ALG_IS_BLOCK_CIPHER_MAC"><code class="xref">PSA_ALG_IS_BLOCK_CIPHER_MAC</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/algorithms.html#c.PSA_ALG_IS_CIPHER"><code class="xref">PSA_ALG_IS_CIPHER</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_IS_DETERMINISTIC_ECDSA"><code class="xref">PSA_ALG_IS_DETERMINISTIC_ECDSA</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ka.html#c.PSA_ALG_IS_ECDH"><code class="xref">PSA_ALG_IS_ECDH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_IS_ECDSA"><code class="xref">PSA_ALG_IS_ECDSA</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ka.html#c.PSA_ALG_IS_FFDH"><code class="xref">PSA_ALG_IS_FFDH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/algorithms.html#c.PSA_ALG_IS_HASH"><code class="xref">PSA_ALG_IS_HASH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_IS_HASH_AND_SIGN"><code class="xref">PSA_ALG_IS_HASH_AND_SIGN</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_IS_HASH_EDDSA"><code class="xref">PSA_ALG_IS_HASH_EDDSA</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_ALG_IS_HKDF"><code class="xref">PSA_ALG_IS_HKDF</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.PSA_ALG_IS_HMAC"><code class="xref">PSA_ALG_IS_HMAC</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/algorithms.html#c.PSA_ALG_IS_KEY_AGREEMENT"><code class="xref">PSA_ALG_IS_KEY_AGREEMENT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/algorithms.html#c.PSA_ALG_IS_KEY_DERIVATION"><code class="xref">PSA_ALG_IS_KEY_DERIVATION</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_ALG_IS_KEY_DERIVATION_STRETCHING"><code class="xref">PSA_ALG_IS_KEY_DERIVATION_STRETCHING</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/algorithms.html#c.PSA_ALG_IS_MAC"><code class="xref">PSA_ALG_IS_MAC</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_ALG_IS_PBKDF2_HMAC"><code class="xref">PSA_ALG_IS_PBKDF2_HMAC</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_IS_RANDOMIZED_ECDSA"><code class="xref">PSA_ALG_IS_RANDOMIZED_ECDSA</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ka.html#c.PSA_ALG_IS_RAW_KEY_AGREEMENT"><code class="xref">PSA_ALG_IS_RAW_KEY_AGREEMENT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/pke.html#c.PSA_ALG_IS_RSA_OAEP"><code class="xref">PSA_ALG_IS_RSA_OAEP</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_IS_RSA_PKCS1V15_SIGN"><code class="xref">PSA_ALG_IS_RSA_PKCS1V15_SIGN</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_IS_RSA_PSS"><code class="xref">PSA_ALG_IS_RSA_PSS</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_IS_RSA_PSS_ANY_SALT"><code class="xref">PSA_ALG_IS_RSA_PSS_ANY_SALT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_IS_RSA_PSS_STANDARD_SALT"><code class="xref">PSA_ALG_IS_RSA_PSS_STANDARD_SALT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/algorithms.html#c.PSA_ALG_IS_SIGN"><code class="xref">PSA_ALG_IS_SIGN</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_IS_SIGN_HASH"><code class="xref">PSA_ALG_IS_SIGN_HASH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_IS_SIGN_MESSAGE"><code class="xref">PSA_ALG_IS_SIGN_MESSAGE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_ALG_IS_STREAM_CIPHER"><code class="xref">PSA_ALG_IS_STREAM_CIPHER</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_ALG_IS_TLS12_PRF"><code class="xref">PSA_ALG_IS_TLS12_PRF</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_ALG_IS_TLS12_PSK_TO_MS"><code class="xref">PSA_ALG_IS_TLS12_PSK_TO_MS</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/algorithms.html#c.PSA_ALG_IS_WILDCARD"><code class="xref">PSA_ALG_IS_WILDCARD</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ka.html#c.PSA_ALG_KEY_AGREEMENT"><code class="xref">PSA_ALG_KEY_AGREEMENT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ka.html#c.PSA_ALG_KEY_AGREEMENT_GET_BASE"><code class="xref">PSA_ALG_KEY_AGREEMENT_GET_BASE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ka.html#c.PSA_ALG_KEY_AGREEMENT_GET_KDF"><code class="xref">PSA_ALG_KEY_AGREEMENT_GET_KDF</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_ALG_MD2"><code class="xref">PSA_ALG_MD2</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_ALG_MD4"><code class="xref">PSA_ALG_MD4</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_ALG_MD5"><code class="xref">PSA_ALG_MD5</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/algorithms.html#c.PSA_ALG_NONE"><code class="xref">PSA_ALG_NONE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_ALG_OFB"><code class="xref">PSA_ALG_OFB</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_ALG_PBKDF2_AES_CMAC_PRF_128"><code class="xref">PSA_ALG_PBKDF2_AES_CMAC_PRF_128</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_ALG_PBKDF2_HMAC"><code class="xref">PSA_ALG_PBKDF2_HMAC</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_PURE_EDDSA"><code class="xref">PSA_ALG_PURE_EDDSA</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_ALG_RIPEMD160"><code class="xref">PSA_ALG_RIPEMD160</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/pke.html#c.PSA_ALG_RSA_OAEP"><code class="xref">PSA_ALG_RSA_OAEP</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/pke.html#c.PSA_ALG_RSA_PKCS1V15_CRYPT"><code class="xref">PSA_ALG_RSA_PKCS1V15_CRYPT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN"><code class="xref">PSA_ALG_RSA_PKCS1V15_SIGN</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW"><code class="xref">PSA_ALG_RSA_PKCS1V15_SIGN_RAW</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_RSA_PSS"><code class="xref">PSA_ALG_RSA_PSS</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_ALG_RSA_PSS_ANY_SALT"><code class="xref">PSA_ALG_RSA_PSS_ANY_SALT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_ALG_SHA3_224"><code class="xref">PSA_ALG_SHA3_224</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_ALG_SHA3_256"><code class="xref">PSA_ALG_SHA3_256</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_ALG_SHA3_384"><code class="xref">PSA_ALG_SHA3_384</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_ALG_SHA3_512"><code class="xref">PSA_ALG_SHA3_512</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_ALG_SHAKE256_512"><code class="xref">PSA_ALG_SHAKE256_512</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_ALG_SHA_1"><code class="xref">PSA_ALG_SHA_1</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_ALG_SHA_224"><code class="xref">PSA_ALG_SHA_224</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_ALG_SHA_256"><code class="xref">PSA_ALG_SHA_256</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_ALG_SHA_384"><code class="xref">PSA_ALG_SHA_384</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_ALG_SHA_512"><code class="xref">PSA_ALG_SHA_512</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_ALG_SHA_512_224"><code class="xref">PSA_ALG_SHA_512_224</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_ALG_SHA_512_256"><code class="xref">PSA_ALG_SHA_512_256</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_ALG_SM3"><code class="xref">PSA_ALG_SM3</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_ALG_STREAM_CIPHER"><code class="xref">PSA_ALG_STREAM_CIPHER</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_ALG_TLS12_PRF"><code class="xref">PSA_ALG_TLS12_PRF</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_ALG_TLS12_PSK_TO_MS"><code class="xref">PSA_ALG_TLS12_PSK_TO_MS</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.PSA_ALG_TRUNCATED_MAC"><code class="xref">PSA_ALG_TRUNCATED_MAC</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_ALG_XTS"><code class="xref">PSA_ALG_XTS</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/pke.html#c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE"><code class="xref">PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/pke.html#c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE"><code class="xref">PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/pke.html#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE"><code class="xref">PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/pke.html#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE"><code class="xref">PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.psa_aead_abort"><code class="xref">psa_aead_abort</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.psa_aead_decrypt"><code class="xref">psa_aead_decrypt</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.psa_aead_decrypt_setup"><code class="xref">psa_aead_decrypt_setup</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.psa_aead_encrypt"><code class="xref">psa_aead_encrypt</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.psa_aead_encrypt_setup"><code class="xref">psa_aead_encrypt_setup</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.psa_aead_finish"><code class="xref">psa_aead_finish</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.psa_aead_generate_nonce"><code class="xref">psa_aead_generate_nonce</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.psa_aead_operation_init"><code class="xref">psa_aead_operation_init</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.psa_aead_operation_t"><code class="xref">psa_aead_operation_t</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.psa_aead_set_lengths"><code class="xref">psa_aead_set_lengths</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.psa_aead_set_nonce"><code class="xref">psa_aead_set_nonce</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.psa_aead_update"><code class="xref">psa_aead_update</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.psa_aead_update_ad"><code class="xref">psa_aead_update_ad</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/aead.html#c.psa_aead_verify"><code class="xref">psa_aead_verify</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/algorithms.html#c.psa_algorithm_t"><code class="xref">psa_algorithm_t</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/pke.html#c.psa_asymmetric_decrypt"><code class="xref">psa_asymmetric_decrypt</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/pke.html#c.psa_asymmetric_encrypt"><code class="xref">psa_asymmetric_encrypt</code></a></td><td>
+ <em></em></td></tr>
+ <tr class="pcap"><td></td><td> </td><td></td></tr>
+ <tr class="cap" id="cap-PSA_B"><td></td><td>
+ <strong>PSA_B</strong></td><td></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_BLOCK_CIPHER_BLOCK_LENGTH"><code class="xref">PSA_BLOCK_CIPHER_BLOCK_LENGTH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE"><code class="xref">PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr class="pcap"><td></td><td> </td><td></td></tr>
+ <tr class="cap" id="cap-PSA_C"><td></td><td>
+ <strong>PSA_C</strong></td><td></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE"><code class="xref">PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE"><code class="xref">PSA_CIPHER_DECRYPT_OUTPUT_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE"><code class="xref">PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_CIPHER_ENCRYPT_OUTPUT_SIZE"><code class="xref">PSA_CIPHER_ENCRYPT_OUTPUT_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE"><code class="xref">PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_CIPHER_FINISH_OUTPUT_SIZE"><code class="xref">PSA_CIPHER_FINISH_OUTPUT_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_CIPHER_IV_LENGTH"><code class="xref">PSA_CIPHER_IV_LENGTH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_CIPHER_IV_MAX_SIZE"><code class="xref">PSA_CIPHER_IV_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_CIPHER_OPERATION_INIT"><code class="xref">PSA_CIPHER_OPERATION_INIT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE"><code class="xref">PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.PSA_CIPHER_UPDATE_OUTPUT_SIZE"><code class="xref">PSA_CIPHER_UPDATE_OUTPUT_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/library.html#c.PSA_CRYPTO_API_VERSION_MAJOR"><code class="xref">PSA_CRYPTO_API_VERSION_MAJOR</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/library.html#c.PSA_CRYPTO_API_VERSION_MINOR"><code class="xref">PSA_CRYPTO_API_VERSION_MINOR</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.psa_cipher_abort"><code class="xref">psa_cipher_abort</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.psa_cipher_decrypt"><code class="xref">psa_cipher_decrypt</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.psa_cipher_decrypt_setup"><code class="xref">psa_cipher_decrypt_setup</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.psa_cipher_encrypt"><code class="xref">psa_cipher_encrypt</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.psa_cipher_encrypt_setup"><code class="xref">psa_cipher_encrypt_setup</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.psa_cipher_finish"><code class="xref">psa_cipher_finish</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.psa_cipher_generate_iv"><code class="xref">psa_cipher_generate_iv</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.psa_cipher_operation_init"><code class="xref">psa_cipher_operation_init</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.psa_cipher_operation_t"><code class="xref">psa_cipher_operation_t</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.psa_cipher_set_iv"><code class="xref">psa_cipher_set_iv</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ciphers.html#c.psa_cipher_update"><code class="xref">psa_cipher_update</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/management.html#c.psa_copy_key"><code class="xref">psa_copy_key</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/library.html#c.psa_crypto_init"><code class="xref">psa_crypto_init</code></a></td><td>
+ <em></em></td></tr>
+ <tr class="pcap"><td></td><td> </td><td></td></tr>
+ <tr class="cap" id="cap-PSA_D"><td></td><td>
+ <strong>PSA_D</strong></td><td></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_DH_FAMILY_RFC7919"><code class="xref">PSA_DH_FAMILY_RFC7919</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/management.html#c.psa_destroy_key"><code class="xref">psa_destroy_key</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.psa_dh_family_t"><code class="xref">psa_dh_family_t</code></a></td><td>
+ <em></em></td></tr>
+ <tr class="pcap"><td></td><td> </td><td></td></tr>
+ <tr class="cap" id="cap-PSA_E"><td></td><td>
+ <strong>PSA_E</strong></td><td></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_ECC_FAMILY_BRAINPOOL_P_R1"><code class="xref">PSA_ECC_FAMILY_BRAINPOOL_P_R1</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_ECC_FAMILY_FRP"><code class="xref">PSA_ECC_FAMILY_FRP</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_ECC_FAMILY_MONTGOMERY"><code class="xref">PSA_ECC_FAMILY_MONTGOMERY</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_ECC_FAMILY_SECP_K1"><code class="xref">PSA_ECC_FAMILY_SECP_K1</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_ECC_FAMILY_SECP_R1"><code class="xref">PSA_ECC_FAMILY_SECP_R1</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_ECC_FAMILY_SECP_R2"><code class="xref">PSA_ECC_FAMILY_SECP_R2</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_ECC_FAMILY_SECT_K1"><code class="xref">PSA_ECC_FAMILY_SECT_K1</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_ECC_FAMILY_SECT_R1"><code class="xref">PSA_ECC_FAMILY_SECT_R1</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_ECC_FAMILY_SECT_R2"><code class="xref">PSA_ECC_FAMILY_SECT_R2</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_ECC_FAMILY_TWISTED_EDWARDS"><code class="xref">PSA_ECC_FAMILY_TWISTED_EDWARDS</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_ALREADY_EXISTS"><code class="xref">PSA_ERROR_ALREADY_EXISTS</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_BAD_STATE"><code class="xref">PSA_ERROR_BAD_STATE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL"><code class="xref">PSA_ERROR_BUFFER_TOO_SMALL</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE"><code class="xref">PSA_ERROR_COMMUNICATION_FAILURE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED"><code class="xref">PSA_ERROR_CORRUPTION_DETECTED</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_DATA_CORRUPT"><code class="xref">PSA_ERROR_DATA_CORRUPT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_DATA_INVALID"><code class="xref">PSA_ERROR_DATA_INVALID</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_DOES_NOT_EXIST"><code class="xref">PSA_ERROR_DOES_NOT_EXIST</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_GENERIC_ERROR"><code class="xref">PSA_ERROR_GENERIC_ERROR</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_HARDWARE_FAILURE"><code class="xref">PSA_ERROR_HARDWARE_FAILURE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_INSUFFICIENT_DATA"><code class="xref">PSA_ERROR_INSUFFICIENT_DATA</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_INSUFFICIENT_ENTROPY"><code class="xref">PSA_ERROR_INSUFFICIENT_ENTROPY</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY"><code class="xref">PSA_ERROR_INSUFFICIENT_MEMORY</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_INSUFFICIENT_STORAGE"><code class="xref">PSA_ERROR_INSUFFICIENT_STORAGE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_INVALID_ARGUMENT"><code class="xref">PSA_ERROR_INVALID_ARGUMENT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_INVALID_HANDLE"><code class="xref">PSA_ERROR_INVALID_HANDLE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_INVALID_PADDING"><code class="xref">PSA_ERROR_INVALID_PADDING</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_INVALID_SIGNATURE"><code class="xref">PSA_ERROR_INVALID_SIGNATURE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_NOT_PERMITTED"><code class="xref">PSA_ERROR_NOT_PERMITTED</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_NOT_SUPPORTED"><code class="xref">PSA_ERROR_NOT_SUPPORTED</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_ERROR_STORAGE_FAILURE"><code class="xref">PSA_ERROR_STORAGE_FAILURE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/management.html#c.PSA_EXPORT_KEY_OUTPUT_SIZE"><code class="xref">PSA_EXPORT_KEY_OUTPUT_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/management.html#c.PSA_EXPORT_KEY_PAIR_MAX_SIZE"><code class="xref">PSA_EXPORT_KEY_PAIR_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/management.html#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE"><code class="xref">PSA_EXPORT_PUBLIC_KEY_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/management.html#c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE"><code class="xref">PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.psa_ecc_family_t"><code class="xref">psa_ecc_family_t</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/management.html#c.psa_export_key"><code class="xref">psa_export_key</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/management.html#c.psa_export_public_key"><code class="xref">psa_export_public_key</code></a></td><td>
+ <em></em></td></tr>
+ <tr class="pcap"><td></td><td> </td><td></td></tr>
+ <tr class="cap" id="cap-PSA_G"><td></td><td>
+ <strong>PSA_G</strong></td><td></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/management.html#c.psa_generate_key"><code class="xref">psa_generate_key</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/rng.html#c.psa_generate_random"><code class="xref">psa_generate_random</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/policy.html#c.psa_get_key_algorithm"><code class="xref">psa_get_key_algorithm</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/attributes.html#c.psa_get_key_attributes"><code class="xref">psa_get_key_attributes</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.psa_get_key_bits"><code class="xref">psa_get_key_bits</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/ids.html#c.psa_get_key_id"><code class="xref">psa_get_key_id</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/lifetimes.html#c.psa_get_key_lifetime"><code class="xref">psa_get_key_lifetime</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.psa_get_key_type"><code class="xref">psa_get_key_type</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/policy.html#c.psa_get_key_usage_flags"><code class="xref">psa_get_key_usage_flags</code></a></td><td>
+ <em></em></td></tr>
+ <tr class="pcap"><td></td><td> </td><td></td></tr>
+ <tr class="cap" id="cap-PSA_H"><td></td><td>
+ <strong>PSA_H</strong></td><td></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_HASH_BLOCK_LENGTH"><code class="xref">PSA_HASH_BLOCK_LENGTH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_HASH_LENGTH"><code class="xref">PSA_HASH_LENGTH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_HASH_MAX_SIZE"><code class="xref">PSA_HASH_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_HASH_OPERATION_INIT"><code class="xref">PSA_HASH_OPERATION_INIT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH"><code class="xref">PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH"><code class="xref">PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH"><code class="xref">PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE"><code class="xref">PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.PSA_HASH_SUSPEND_OUTPUT_SIZE"><code class="xref">PSA_HASH_SUSPEND_OUTPUT_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.psa_hash_abort"><code class="xref">psa_hash_abort</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.psa_hash_clone"><code class="xref">psa_hash_clone</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.psa_hash_compare"><code class="xref">psa_hash_compare</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.psa_hash_compute"><code class="xref">psa_hash_compute</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.psa_hash_finish"><code class="xref">psa_hash_finish</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.psa_hash_operation_init"><code class="xref">psa_hash_operation_init</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.psa_hash_operation_t"><code class="xref">psa_hash_operation_t</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.psa_hash_resume"><code class="xref">psa_hash_resume</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.psa_hash_setup"><code class="xref">psa_hash_setup</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.psa_hash_suspend"><code class="xref">psa_hash_suspend</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.psa_hash_update"><code class="xref">psa_hash_update</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/hashes.html#c.psa_hash_verify"><code class="xref">psa_hash_verify</code></a></td><td>
+ <em></em></td></tr>
+ <tr class="pcap"><td></td><td> </td><td></td></tr>
+ <tr class="cap" id="cap-PSA_I"><td></td><td>
+ <strong>PSA_I</strong></td><td></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/management.html#c.psa_import_key"><code class="xref">psa_import_key</code></a></td><td>
+ <em></em></td></tr>
+ <tr class="pcap"><td></td><td> </td><td></td></tr>
+ <tr class="cap" id="cap-PSA_K"><td></td><td>
+ <strong>PSA_K</strong></td><td></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/attributes.html#c.PSA_KEY_ATTRIBUTES_INIT"><code class="xref">PSA_KEY_ATTRIBUTES_INIT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_CONTEXT"><code class="xref">PSA_KEY_DERIVATION_INPUT_CONTEXT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_COST"><code class="xref">PSA_KEY_DERIVATION_INPUT_COST</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_INFO"><code class="xref">PSA_KEY_DERIVATION_INPUT_INFO</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_LABEL"><code class="xref">PSA_KEY_DERIVATION_INPUT_LABEL</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_PASSWORD"><code class="xref">PSA_KEY_DERIVATION_INPUT_PASSWORD</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_SALT"><code class="xref">PSA_KEY_DERIVATION_INPUT_SALT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_SECRET"><code class="xref">PSA_KEY_DERIVATION_INPUT_SECRET</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_KEY_DERIVATION_INPUT_SEED"><code class="xref">PSA_KEY_DERIVATION_INPUT_SEED</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_KEY_DERIVATION_OPERATION_INIT"><code class="xref">PSA_KEY_DERIVATION_OPERATION_INIT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_KEY_DERIVATION_UNLIMITED_CAPACITY"><code class="xref">PSA_KEY_DERIVATION_UNLIMITED_CAPACITY</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/ids.html#c.PSA_KEY_ID_NULL"><code class="xref">PSA_KEY_ID_NULL</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/ids.html#c.PSA_KEY_ID_USER_MAX"><code class="xref">PSA_KEY_ID_USER_MAX</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/ids.html#c.PSA_KEY_ID_USER_MIN"><code class="xref">PSA_KEY_ID_USER_MIN</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/ids.html#c.PSA_KEY_ID_VENDOR_MAX"><code class="xref">PSA_KEY_ID_VENDOR_MAX</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/ids.html#c.PSA_KEY_ID_VENDOR_MIN"><code class="xref">PSA_KEY_ID_VENDOR_MIN</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/lifetimes.html#c.PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION"><code class="xref">PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/lifetimes.html#c.PSA_KEY_LIFETIME_GET_LOCATION"><code class="xref">PSA_KEY_LIFETIME_GET_LOCATION</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/lifetimes.html#c.PSA_KEY_LIFETIME_GET_PERSISTENCE"><code class="xref">PSA_KEY_LIFETIME_GET_PERSISTENCE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/lifetimes.html#c.PSA_KEY_LIFETIME_IS_VOLATILE"><code class="xref">PSA_KEY_LIFETIME_IS_VOLATILE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/lifetimes.html#c.PSA_KEY_LIFETIME_PERSISTENT"><code class="xref">PSA_KEY_LIFETIME_PERSISTENT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/lifetimes.html#c.PSA_KEY_LIFETIME_VOLATILE"><code class="xref">PSA_KEY_LIFETIME_VOLATILE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/lifetimes.html#c.PSA_KEY_LOCATION_LOCAL_STORAGE"><code class="xref">PSA_KEY_LOCATION_LOCAL_STORAGE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/lifetimes.html#c.PSA_KEY_LOCATION_PRIMARY_SECURE_ELEMENT"><code class="xref">PSA_KEY_LOCATION_PRIMARY_SECURE_ELEMENT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/lifetimes.html#c.PSA_KEY_PERSISTENCE_DEFAULT"><code class="xref">PSA_KEY_PERSISTENCE_DEFAULT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/lifetimes.html#c.PSA_KEY_PERSISTENCE_READ_ONLY"><code class="xref">PSA_KEY_PERSISTENCE_READ_ONLY</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/lifetimes.html#c.PSA_KEY_PERSISTENCE_VOLATILE"><code class="xref">PSA_KEY_PERSISTENCE_VOLATILE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_AES"><code class="xref">PSA_KEY_TYPE_AES</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_ARC4"><code class="xref">PSA_KEY_TYPE_ARC4</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_ARIA"><code class="xref">PSA_KEY_TYPE_ARIA</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_CAMELLIA"><code class="xref">PSA_KEY_TYPE_CAMELLIA</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_CHACHA20"><code class="xref">PSA_KEY_TYPE_CHACHA20</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_DERIVE"><code class="xref">PSA_KEY_TYPE_DERIVE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_DES"><code class="xref">PSA_KEY_TYPE_DES</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_DH_GET_FAMILY"><code class="xref">PSA_KEY_TYPE_DH_GET_FAMILY</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_DH_KEY_PAIR"><code class="xref">PSA_KEY_TYPE_DH_KEY_PAIR</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_DH_PUBLIC_KEY"><code class="xref">PSA_KEY_TYPE_DH_PUBLIC_KEY</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_ECC_GET_FAMILY"><code class="xref">PSA_KEY_TYPE_ECC_GET_FAMILY</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_ECC_KEY_PAIR"><code class="xref">PSA_KEY_TYPE_ECC_KEY_PAIR</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_ECC_PUBLIC_KEY"><code class="xref">PSA_KEY_TYPE_ECC_PUBLIC_KEY</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_HMAC"><code class="xref">PSA_KEY_TYPE_HMAC</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_IS_ASYMMETRIC"><code class="xref">PSA_KEY_TYPE_IS_ASYMMETRIC</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_IS_DH"><code class="xref">PSA_KEY_TYPE_IS_DH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_IS_DH_KEY_PAIR"><code class="xref">PSA_KEY_TYPE_IS_DH_KEY_PAIR</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_IS_DH_PUBLIC_KEY"><code class="xref">PSA_KEY_TYPE_IS_DH_PUBLIC_KEY</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_IS_ECC"><code class="xref">PSA_KEY_TYPE_IS_ECC</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_IS_ECC_KEY_PAIR"><code class="xref">PSA_KEY_TYPE_IS_ECC_KEY_PAIR</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY"><code class="xref">PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_IS_KEY_PAIR"><code class="xref">PSA_KEY_TYPE_IS_KEY_PAIR</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_IS_PUBLIC_KEY"><code class="xref">PSA_KEY_TYPE_IS_PUBLIC_KEY</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_IS_RSA"><code class="xref">PSA_KEY_TYPE_IS_RSA</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_IS_UNSTRUCTURED"><code class="xref">PSA_KEY_TYPE_IS_UNSTRUCTURED</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY"><code class="xref">PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_NONE"><code class="xref">PSA_KEY_TYPE_NONE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_PASSWORD"><code class="xref">PSA_KEY_TYPE_PASSWORD</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_PASSWORD_HASH"><code class="xref">PSA_KEY_TYPE_PASSWORD_HASH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_PEPPER"><code class="xref">PSA_KEY_TYPE_PEPPER</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR"><code class="xref">PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_RAW_DATA"><code class="xref">PSA_KEY_TYPE_RAW_DATA</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_RSA_KEY_PAIR"><code class="xref">PSA_KEY_TYPE_RSA_KEY_PAIR</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_RSA_PUBLIC_KEY"><code class="xref">PSA_KEY_TYPE_RSA_PUBLIC_KEY</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.PSA_KEY_TYPE_SM4"><code class="xref">PSA_KEY_TYPE_SM4</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/policy.html#c.PSA_KEY_USAGE_CACHE"><code class="xref">PSA_KEY_USAGE_CACHE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/policy.html#c.PSA_KEY_USAGE_COPY"><code class="xref">PSA_KEY_USAGE_COPY</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/policy.html#c.PSA_KEY_USAGE_DECRYPT"><code class="xref">PSA_KEY_USAGE_DECRYPT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/policy.html#c.PSA_KEY_USAGE_DERIVE"><code class="xref">PSA_KEY_USAGE_DERIVE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/policy.html#c.PSA_KEY_USAGE_ENCRYPT"><code class="xref">PSA_KEY_USAGE_ENCRYPT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/policy.html#c.PSA_KEY_USAGE_EXPORT"><code class="xref">PSA_KEY_USAGE_EXPORT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/policy.html#c.PSA_KEY_USAGE_SIGN_HASH"><code class="xref">PSA_KEY_USAGE_SIGN_HASH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/policy.html#c.PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref">PSA_KEY_USAGE_SIGN_MESSAGE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/policy.html#c.PSA_KEY_USAGE_VERIFY_DERIVATION"><code class="xref">PSA_KEY_USAGE_VERIFY_DERIVATION</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/policy.html#c.PSA_KEY_USAGE_VERIFY_HASH"><code class="xref">PSA_KEY_USAGE_VERIFY_HASH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/policy.html#c.PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="xref">PSA_KEY_USAGE_VERIFY_MESSAGE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/attributes.html#c.psa_key_attributes_init"><code class="xref">psa_key_attributes_init</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/attributes.html#c.psa_key_attributes_t"><code class="xref">psa_key_attributes_t</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.psa_key_derivation_abort"><code class="xref">psa_key_derivation_abort</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.psa_key_derivation_get_capacity"><code class="xref">psa_key_derivation_get_capacity</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.psa_key_derivation_input_bytes"><code class="xref">psa_key_derivation_input_bytes</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.psa_key_derivation_input_integer"><code class="xref">psa_key_derivation_input_integer</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.psa_key_derivation_input_key"><code class="xref">psa_key_derivation_input_key</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ka.html#c.psa_key_derivation_key_agreement"><code class="xref">psa_key_derivation_key_agreement</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.psa_key_derivation_operation_init"><code class="xref">psa_key_derivation_operation_init</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.psa_key_derivation_operation_t"><code class="xref">psa_key_derivation_operation_t</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.psa_key_derivation_output_bytes"><code class="xref">psa_key_derivation_output_bytes</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.psa_key_derivation_output_key"><code class="xref">psa_key_derivation_output_key</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.psa_key_derivation_set_capacity"><code class="xref">psa_key_derivation_set_capacity</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.psa_key_derivation_setup"><code class="xref">psa_key_derivation_setup</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.psa_key_derivation_step_t"><code class="xref">psa_key_derivation_step_t</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.psa_key_derivation_verify_bytes"><code class="xref">psa_key_derivation_verify_bytes</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.psa_key_derivation_verify_key"><code class="xref">psa_key_derivation_verify_key</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/ids.html#c.psa_key_id_t"><code class="xref">psa_key_id_t</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/lifetimes.html#c.psa_key_lifetime_t"><code class="xref">psa_key_lifetime_t</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/lifetimes.html#c.psa_key_location_t"><code class="xref">psa_key_location_t</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/lifetimes.html#c.psa_key_persistence_t"><code class="xref">psa_key_persistence_t</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.psa_key_type_t"><code class="xref">psa_key_type_t</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/policy.html#c.psa_key_usage_t"><code class="xref">psa_key_usage_t</code></a></td><td>
+ <em></em></td></tr>
+ <tr class="pcap"><td></td><td> </td><td></td></tr>
+ <tr class="cap" id="cap-PSA_M"><td></td><td>
+ <strong>PSA_M</strong></td><td></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.PSA_MAC_LENGTH"><code class="xref">PSA_MAC_LENGTH</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.PSA_MAC_MAX_SIZE"><code class="xref">PSA_MAC_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.PSA_MAC_OPERATION_INIT"><code class="xref">PSA_MAC_OPERATION_INIT</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.psa_mac_abort"><code class="xref">psa_mac_abort</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.psa_mac_compute"><code class="xref">psa_mac_compute</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.psa_mac_operation_init"><code class="xref">psa_mac_operation_init</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.psa_mac_operation_t"><code class="xref">psa_mac_operation_t</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.psa_mac_sign_finish"><code class="xref">psa_mac_sign_finish</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.psa_mac_sign_setup"><code class="xref">psa_mac_sign_setup</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.psa_mac_update"><code class="xref">psa_mac_update</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.psa_mac_verify"><code class="xref">psa_mac_verify</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.psa_mac_verify_finish"><code class="xref">psa_mac_verify_finish</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/macs.html#c.psa_mac_verify_setup"><code class="xref">psa_mac_verify_setup</code></a></td><td>
+ <em></em></td></tr>
+ <tr class="pcap"><td></td><td> </td><td></td></tr>
+ <tr class="cap" id="cap-PSA_P"><td></td><td>
+ <strong>PSA_P</strong></td><td></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/management.html#c.psa_purge_key"><code class="xref">psa_purge_key</code></a></td><td>
+ <em></em></td></tr>
+ <tr class="pcap"><td></td><td> </td><td></td></tr>
+ <tr class="cap" id="cap-PSA_R"><td></td><td>
+ <strong>PSA_R</strong></td><td></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ka.html#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE"><code class="xref">PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ka.html#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE"><code class="xref">PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/ka.html#c.psa_raw_key_agreement"><code class="xref">psa_raw_key_agreement</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/attributes.html#c.psa_reset_key_attributes"><code class="xref">psa_reset_key_attributes</code></a></td><td>
+ <em></em></td></tr>
+ <tr class="pcap"><td></td><td> </td><td></td></tr>
+ <tr class="cap" id="cap-PSA_S"><td></td><td>
+ <strong>PSA_S</strong></td><td></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_SIGNATURE_MAX_SIZE"><code class="xref">PSA_SIGNATURE_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.PSA_SIGN_OUTPUT_SIZE"><code class="xref">PSA_SIGN_OUTPUT_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.PSA_SUCCESS"><code class="xref">PSA_SUCCESS</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/policy.html#c.psa_set_key_algorithm"><code class="xref">psa_set_key_algorithm</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.psa_set_key_bits"><code class="xref">psa_set_key_bits</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/ids.html#c.psa_set_key_id"><code class="xref">psa_set_key_id</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/lifetimes.html#c.psa_set_key_lifetime"><code class="xref">psa_set_key_lifetime</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/types.html#c.psa_set_key_type"><code class="xref">psa_set_key_type</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/keys/policy.html#c.psa_set_key_usage_flags"><code class="xref">psa_set_key_usage_flags</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.psa_sign_hash"><code class="xref">psa_sign_hash</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.psa_sign_message"><code class="xref">psa_sign_message</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/library/status.html#c.psa_status_t"><code class="xref">psa_status_t</code></a></td><td>
+ <em></em></td></tr>
+ <tr class="pcap"><td></td><td> </td><td></td></tr>
+ <tr class="cap" id="cap-PSA_T"><td></td><td>
+ <strong>PSA_T</strong></td><td></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/kdf.html#c.PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE"><code class="xref">PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE</code></a></td><td>
+ <em></em></td></tr>
+ <tr class="pcap"><td></td><td> </td><td></td></tr>
+ <tr class="cap" id="cap-PSA_V"><td></td><td>
+ <strong>PSA_V</strong></td><td></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.psa_verify_hash"><code class="xref">psa_verify_hash</code></a></td><td>
+ <em></em></td></tr>
+ <tr>
+ <td></td>
+ <td>
+ <a href="api/ops/sign.html#c.psa_verify_message"><code class="xref">psa_verify_message</code></a></td><td>
+ <em></em></td></tr>
+ </table>
+
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="about.html">About this document</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="api/library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="api/keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="api/ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="#">Index of API elements</a></li>
+</ul>
+<div id="searchbox" style="display: none" role="search">
+ <h3>Quick search</h3>
+ <form class="search" action="search.html" method="get">
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+<script type="text/javascript">$('#searchbox').show(0);</script>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/search.html b/docs/1.1.0/html/search.html
new file mode 100644
index 0000000..358f540
--- /dev/null
+++ b/docs/1.1.0/html/search.html
@@ -0,0 +1,124 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <title>Search — PSA Crypto API 1.1.0 documentation</title>
+ <link rel="stylesheet" href="_static/alabaster.css" type="text/css" />
+ <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT: './',
+ VERSION: '1.1.0',
+ COLLAPSE_INDEX: false,
+ FILE_SUFFIX: '.html',
+ HAS_SOURCE: false,
+ SOURCELINK_SUFFIX: '.txt'
+ };
+ </script>
+ <script type="text/javascript" src="_static/jquery.js"></script>
+ <script type="text/javascript" src="_static/underscore.js"></script>
+ <script type="text/javascript" src="_static/doctools.js"></script>
+ <script type="text/javascript" src="_static/searchtools.js"></script>
+ <link rel="author" title="About these documents" href="about.html" />
+ <link rel="index" title="Index" href="genindex.html" />
+ <link rel="search" title="Search" href="#" />
+ <script type="text/javascript">
+ jQuery(function() { Search.loadIndex("searchindex.js"); });
+ </script>
+
+ <script type="text/javascript" id="searchindexloader"></script>
+
+
+ <link rel="stylesheet" href="_static/custom.css" type="text/css" />
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
+
+ </head>
+ <body>
+
+
+ <div class="document">
+ <div class="documentwrapper">
+ <div class="bodywrapper">
+ <div class="body" role="main">
+
+ <h1 id="search-documentation">Search</h1>
+ <div id="fallback" class="admonition warning">
+ <script type="text/javascript">$('#fallback').hide();</script>
+ <p>
+ Please activate JavaScript to enable the search
+ functionality.
+ </p>
+ </div>
+ <p>
+ From here you can search these documents. Enter your search
+ words into the box below and click "search". Note that the search
+ function will automatically search for all of the words. Pages
+ containing fewer words won't appear in the result list.
+ </p>
+ <form action="" method="get">
+ <input type="text" name="q" value="" />
+ <input type="submit" value="search" />
+ <span id="search-progress" style="padding-left: 10px"></span>
+ </form>
+
+ <div id="search-results">
+
+ </div>
+
+ </div>
+ </div>
+ </div>
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+ <div class="sphinxsidebarwrapper"><h3><a href="index.html"><b>PSA Crypto API</b></a></h3>
+IHI 0086<br/>
+Non-confidential<br/>
+Version 1.1.0
+<span style="color: red; font-weight: bold;"></span>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="about.html">About this document</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="overview/intro.html">1. Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/goals.html">2. Design goals</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/functionality.html">3. Functionality overview</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/sample-arch.html">4. Sample architectures</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/conventions.html">5. Library conventions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/implementation.html">6. Implementation considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="overview/usage.html">7. Usage considerations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="api/library/index.html">8. Library management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="api/keys/index.html">9. Key management reference</a></li>
+<li class="toctree-l1"><a class="reference internal" href="api/ops/index.html">10. Cryptographic operation reference</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="appendix/example_header.html">Example header file</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/encodings.html">Algorithm and key type encoding</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/specdef_values.html">Example macro implementations</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/sra.html">Security Risk Assessment</a></li>
+<li class="toctree-l1"><a class="reference internal" href="appendix/history.html">Changes to the API</a></li>
+</ul>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="psa_c-identifiers.html">Index of API elements</a></li>
+</ul>
+ </div>
+ </div>
+ <div class="clearer"></div>
+ </div>
+ <div class="footer">
+ © 2018-2022, Arm Limited or its affiliates. All rights reserved.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
+ & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>
+
+ </div>
+
+
+
+
+ </body>
+</html>
\ No newline at end of file
diff --git a/docs/1.1.0/html/searchindex.js b/docs/1.1.0/html/searchindex.js
new file mode 100644
index 0000000..7d08ae0
--- /dev/null
+++ b/docs/1.1.0/html/searchindex.js
@@ -0,0 +1 @@
+Search.setIndex({docnames:["about","api/keys/attributes","api/keys/ids","api/keys/index","api/keys/lifetimes","api/keys/management","api/keys/policy","api/keys/types","api/library/index","api/library/library","api/library/status","api/ops/aead","api/ops/algorithms","api/ops/ciphers","api/ops/hashes","api/ops/index","api/ops/ka","api/ops/kdf","api/ops/macs","api/ops/pke","api/ops/rng","api/ops/sign","appendix/encodings","appendix/example_header","appendix/history","appendix/specdef_values","appendix/sra","index","overview/conventions","overview/functionality","overview/goals","overview/implementation","overview/intro","overview/sample-arch","overview/usage"],envversion:53,filenames:["about.rst","api/keys/attributes.rst","api/keys/ids.rst","api/keys/index.rst","api/keys/lifetimes.rst","api/keys/management.rst","api/keys/policy.rst","api/keys/types.rst","api/library/index.rst","api/library/library.rst","api/library/status.rst","api/ops/aead.rst","api/ops/algorithms.rst","api/ops/ciphers.rst","api/ops/hashes.rst","api/ops/index.rst","api/ops/ka.rst","api/ops/kdf.rst","api/ops/macs.rst","api/ops/pke.rst","api/ops/rng.rst","api/ops/sign.rst","appendix/encodings.rst","appendix/example_header.rst","appendix/history.rst","appendix/specdef_values.rst","appendix/sra.rst","index.rst","overview/conventions.rst","overview/functionality.rst","overview/goals.rst","overview/implementation.rst","overview/intro.rst","overview/sample-arch.rst","overview/usage.rst"],objects:{"":{PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE:[11,0,1,"c.PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE"],PSA_AEAD_DECRYPT_OUTPUT_SIZE:[11,0,1,"c.PSA_AEAD_DECRYPT_OUTPUT_SIZE"],PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE:[11,0,1,"c.PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE"],PSA_AEAD_ENCRYPT_OUTPUT_SIZE:[11,0,1,"c.PSA_AEAD_ENCRYPT_OUTPUT_SIZE"],PSA_AEAD_FINISH_OUTPUT_MAX_SIZE:[11,0,1,"c.PSA_AEAD_FINISH_OUTPUT_MAX_SIZE"],PSA_AEAD_FINISH_OUTPUT_SIZE:[11,0,1,"c.PSA_AEAD_FINISH_OUTPUT_SIZE"],PSA_AEAD_NONCE_LENGTH:[11,0,1,"c.PSA_AEAD_NONCE_LENGTH"],PSA_AEAD_NONCE_MAX_SIZE:[11,0,1,"c.PSA_AEAD_NONCE_MAX_SIZE"],PSA_AEAD_OPERATION_INIT:[11,0,1,"c.PSA_AEAD_OPERATION_INIT"],PSA_AEAD_TAG_LENGTH:[11,0,1,"c.PSA_AEAD_TAG_LENGTH"],PSA_AEAD_TAG_MAX_SIZE:[11,0,1,"c.PSA_AEAD_TAG_MAX_SIZE"],PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE:[11,0,1,"c.PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE"],PSA_AEAD_UPDATE_OUTPUT_SIZE:[11,0,1,"c.PSA_AEAD_UPDATE_OUTPUT_SIZE"],PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE:[11,0,1,"c.PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE"],PSA_AEAD_VERIFY_OUTPUT_SIZE:[11,0,1,"c.PSA_AEAD_VERIFY_OUTPUT_SIZE"],PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG:[11,0,1,"c.PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG"],PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG:[11,0,1,"c.PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG"],PSA_ALG_AEAD_WITH_SHORTENED_TAG:[11,0,1,"c.PSA_ALG_AEAD_WITH_SHORTENED_TAG"],PSA_ALG_ANY_HASH:[21,0,1,"c.PSA_ALG_ANY_HASH"],PSA_ALG_AT_LEAST_THIS_LENGTH_MAC:[18,0,1,"c.PSA_ALG_AT_LEAST_THIS_LENGTH_MAC"],PSA_ALG_CBC_MAC:[18,0,1,"c.PSA_ALG_CBC_MAC"],PSA_ALG_CBC_NO_PADDING:[13,0,1,"c.PSA_ALG_CBC_NO_PADDING"],PSA_ALG_CBC_PKCS7:[13,0,1,"c.PSA_ALG_CBC_PKCS7"],PSA_ALG_CCM:[11,0,1,"c.PSA_ALG_CCM"],PSA_ALG_CFB:[13,0,1,"c.PSA_ALG_CFB"],PSA_ALG_CHACHA20_POLY1305:[11,0,1,"c.PSA_ALG_CHACHA20_POLY1305"],PSA_ALG_CMAC:[18,0,1,"c.PSA_ALG_CMAC"],PSA_ALG_CTR:[13,0,1,"c.PSA_ALG_CTR"],PSA_ALG_DETERMINISTIC_ECDSA:[21,0,1,"c.PSA_ALG_DETERMINISTIC_ECDSA"],PSA_ALG_ECB_NO_PADDING:[13,0,1,"c.PSA_ALG_ECB_NO_PADDING"],PSA_ALG_ECDH:[16,0,1,"c.PSA_ALG_ECDH"],PSA_ALG_ECDSA:[21,0,1,"c.PSA_ALG_ECDSA"],PSA_ALG_ECDSA_ANY:[21,0,1,"c.PSA_ALG_ECDSA_ANY"],PSA_ALG_ED25519PH:[21,0,1,"c.PSA_ALG_ED25519PH"],PSA_ALG_ED448PH:[21,0,1,"c.PSA_ALG_ED448PH"],PSA_ALG_FFDH:[16,0,1,"c.PSA_ALG_FFDH"],PSA_ALG_FULL_LENGTH_MAC:[18,0,1,"c.PSA_ALG_FULL_LENGTH_MAC"],PSA_ALG_GCM:[11,0,1,"c.PSA_ALG_GCM"],PSA_ALG_GET_HASH:[12,0,1,"c.PSA_ALG_GET_HASH"],PSA_ALG_HKDF:[17,0,1,"c.PSA_ALG_HKDF"],PSA_ALG_HMAC:[18,0,1,"c.PSA_ALG_HMAC"],PSA_ALG_IS_AEAD:[12,0,1,"c.PSA_ALG_IS_AEAD"],PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER:[11,0,1,"c.PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER"],PSA_ALG_IS_ASYMMETRIC_ENCRYPTION:[12,0,1,"c.PSA_ALG_IS_ASYMMETRIC_ENCRYPTION"],PSA_ALG_IS_BLOCK_CIPHER_MAC:[18,0,1,"c.PSA_ALG_IS_BLOCK_CIPHER_MAC"],PSA_ALG_IS_CIPHER:[12,0,1,"c.PSA_ALG_IS_CIPHER"],PSA_ALG_IS_DETERMINISTIC_ECDSA:[21,0,1,"c.PSA_ALG_IS_DETERMINISTIC_ECDSA"],PSA_ALG_IS_ECDH:[16,0,1,"c.PSA_ALG_IS_ECDH"],PSA_ALG_IS_ECDSA:[21,0,1,"c.PSA_ALG_IS_ECDSA"],PSA_ALG_IS_FFDH:[16,0,1,"c.PSA_ALG_IS_FFDH"],PSA_ALG_IS_HASH:[12,0,1,"c.PSA_ALG_IS_HASH"],PSA_ALG_IS_HASH_AND_SIGN:[21,0,1,"c.PSA_ALG_IS_HASH_AND_SIGN"],PSA_ALG_IS_HASH_EDDSA:[21,0,1,"c.PSA_ALG_IS_HASH_EDDSA"],PSA_ALG_IS_HKDF:[17,0,1,"c.PSA_ALG_IS_HKDF"],PSA_ALG_IS_HMAC:[18,0,1,"c.PSA_ALG_IS_HMAC"],PSA_ALG_IS_KEY_AGREEMENT:[12,0,1,"c.PSA_ALG_IS_KEY_AGREEMENT"],PSA_ALG_IS_KEY_DERIVATION:[12,0,1,"c.PSA_ALG_IS_KEY_DERIVATION"],PSA_ALG_IS_KEY_DERIVATION_STRETCHING:[17,0,1,"c.PSA_ALG_IS_KEY_DERIVATION_STRETCHING"],PSA_ALG_IS_MAC:[12,0,1,"c.PSA_ALG_IS_MAC"],PSA_ALG_IS_PBKDF2_HMAC:[17,0,1,"c.PSA_ALG_IS_PBKDF2_HMAC"],PSA_ALG_IS_RANDOMIZED_ECDSA:[21,0,1,"c.PSA_ALG_IS_RANDOMIZED_ECDSA"],PSA_ALG_IS_RAW_KEY_AGREEMENT:[16,0,1,"c.PSA_ALG_IS_RAW_KEY_AGREEMENT"],PSA_ALG_IS_RSA_OAEP:[19,0,1,"c.PSA_ALG_IS_RSA_OAEP"],PSA_ALG_IS_RSA_PKCS1V15_SIGN:[21,0,1,"c.PSA_ALG_IS_RSA_PKCS1V15_SIGN"],PSA_ALG_IS_RSA_PSS:[21,0,1,"c.PSA_ALG_IS_RSA_PSS"],PSA_ALG_IS_RSA_PSS_ANY_SALT:[21,0,1,"c.PSA_ALG_IS_RSA_PSS_ANY_SALT"],PSA_ALG_IS_RSA_PSS_STANDARD_SALT:[21,0,1,"c.PSA_ALG_IS_RSA_PSS_STANDARD_SALT"],PSA_ALG_IS_SIGN:[12,0,1,"c.PSA_ALG_IS_SIGN"],PSA_ALG_IS_SIGN_HASH:[21,0,1,"c.PSA_ALG_IS_SIGN_HASH"],PSA_ALG_IS_SIGN_MESSAGE:[21,0,1,"c.PSA_ALG_IS_SIGN_MESSAGE"],PSA_ALG_IS_STREAM_CIPHER:[13,0,1,"c.PSA_ALG_IS_STREAM_CIPHER"],PSA_ALG_IS_TLS12_PRF:[17,0,1,"c.PSA_ALG_IS_TLS12_PRF"],PSA_ALG_IS_TLS12_PSK_TO_MS:[17,0,1,"c.PSA_ALG_IS_TLS12_PSK_TO_MS"],PSA_ALG_IS_WILDCARD:[12,0,1,"c.PSA_ALG_IS_WILDCARD"],PSA_ALG_KEY_AGREEMENT:[16,0,1,"c.PSA_ALG_KEY_AGREEMENT"],PSA_ALG_KEY_AGREEMENT_GET_BASE:[16,0,1,"c.PSA_ALG_KEY_AGREEMENT_GET_BASE"],PSA_ALG_KEY_AGREEMENT_GET_KDF:[16,0,1,"c.PSA_ALG_KEY_AGREEMENT_GET_KDF"],PSA_ALG_MD2:[14,0,1,"c.PSA_ALG_MD2"],PSA_ALG_MD4:[14,0,1,"c.PSA_ALG_MD4"],PSA_ALG_MD5:[14,0,1,"c.PSA_ALG_MD5"],PSA_ALG_NONE:[12,0,1,"c.PSA_ALG_NONE"],PSA_ALG_OFB:[13,0,1,"c.PSA_ALG_OFB"],PSA_ALG_PBKDF2_AES_CMAC_PRF_128:[17,0,1,"c.PSA_ALG_PBKDF2_AES_CMAC_PRF_128"],PSA_ALG_PBKDF2_HMAC:[17,0,1,"c.PSA_ALG_PBKDF2_HMAC"],PSA_ALG_PURE_EDDSA:[21,0,1,"c.PSA_ALG_PURE_EDDSA"],PSA_ALG_RIPEMD160:[14,0,1,"c.PSA_ALG_RIPEMD160"],PSA_ALG_RSA_OAEP:[19,0,1,"c.PSA_ALG_RSA_OAEP"],PSA_ALG_RSA_PKCS1V15_CRYPT:[19,0,1,"c.PSA_ALG_RSA_PKCS1V15_CRYPT"],PSA_ALG_RSA_PKCS1V15_SIGN:[21,0,1,"c.PSA_ALG_RSA_PKCS1V15_SIGN"],PSA_ALG_RSA_PKCS1V15_SIGN_RAW:[21,0,1,"c.PSA_ALG_RSA_PKCS1V15_SIGN_RAW"],PSA_ALG_RSA_PSS:[21,0,1,"c.PSA_ALG_RSA_PSS"],PSA_ALG_RSA_PSS_ANY_SALT:[21,0,1,"c.PSA_ALG_RSA_PSS_ANY_SALT"],PSA_ALG_SHA3_224:[14,0,1,"c.PSA_ALG_SHA3_224"],PSA_ALG_SHA3_256:[14,0,1,"c.PSA_ALG_SHA3_256"],PSA_ALG_SHA3_384:[14,0,1,"c.PSA_ALG_SHA3_384"],PSA_ALG_SHA3_512:[14,0,1,"c.PSA_ALG_SHA3_512"],PSA_ALG_SHAKE256_512:[14,0,1,"c.PSA_ALG_SHAKE256_512"],PSA_ALG_SHA_1:[14,0,1,"c.PSA_ALG_SHA_1"],PSA_ALG_SHA_224:[14,0,1,"c.PSA_ALG_SHA_224"],PSA_ALG_SHA_256:[14,0,1,"c.PSA_ALG_SHA_256"],PSA_ALG_SHA_384:[14,0,1,"c.PSA_ALG_SHA_384"],PSA_ALG_SHA_512:[14,0,1,"c.PSA_ALG_SHA_512"],PSA_ALG_SHA_512_224:[14,0,1,"c.PSA_ALG_SHA_512_224"],PSA_ALG_SHA_512_256:[14,0,1,"c.PSA_ALG_SHA_512_256"],PSA_ALG_SM3:[14,0,1,"c.PSA_ALG_SM3"],PSA_ALG_STREAM_CIPHER:[13,0,1,"c.PSA_ALG_STREAM_CIPHER"],PSA_ALG_TLS12_PRF:[17,0,1,"c.PSA_ALG_TLS12_PRF"],PSA_ALG_TLS12_PSK_TO_MS:[17,0,1,"c.PSA_ALG_TLS12_PSK_TO_MS"],PSA_ALG_TRUNCATED_MAC:[18,0,1,"c.PSA_ALG_TRUNCATED_MAC"],PSA_ALG_XTS:[13,0,1,"c.PSA_ALG_XTS"],PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE:[19,0,1,"c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE"],PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE:[19,0,1,"c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE"],PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE:[19,0,1,"c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE"],PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE:[19,0,1,"c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE"],PSA_BLOCK_CIPHER_BLOCK_LENGTH:[13,0,1,"c.PSA_BLOCK_CIPHER_BLOCK_LENGTH"],PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE:[13,0,1,"c.PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE"],PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE:[13,0,1,"c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE"],PSA_CIPHER_DECRYPT_OUTPUT_SIZE:[13,0,1,"c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE"],PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE:[13,0,1,"c.PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE"],PSA_CIPHER_ENCRYPT_OUTPUT_SIZE:[13,0,1,"c.PSA_CIPHER_ENCRYPT_OUTPUT_SIZE"],PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE:[13,0,1,"c.PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE"],PSA_CIPHER_FINISH_OUTPUT_SIZE:[13,0,1,"c.PSA_CIPHER_FINISH_OUTPUT_SIZE"],PSA_CIPHER_IV_LENGTH:[13,0,1,"c.PSA_CIPHER_IV_LENGTH"],PSA_CIPHER_IV_MAX_SIZE:[13,0,1,"c.PSA_CIPHER_IV_MAX_SIZE"],PSA_CIPHER_OPERATION_INIT:[13,0,1,"c.PSA_CIPHER_OPERATION_INIT"],PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE:[13,0,1,"c.PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE"],PSA_CIPHER_UPDATE_OUTPUT_SIZE:[13,0,1,"c.PSA_CIPHER_UPDATE_OUTPUT_SIZE"],PSA_CRYPTO_API_VERSION_MAJOR:[9,0,1,"c.PSA_CRYPTO_API_VERSION_MAJOR"],PSA_CRYPTO_API_VERSION_MINOR:[9,0,1,"c.PSA_CRYPTO_API_VERSION_MINOR"],PSA_DH_FAMILY_RFC7919:[7,0,1,"c.PSA_DH_FAMILY_RFC7919"],PSA_ECC_FAMILY_BRAINPOOL_P_R1:[7,0,1,"c.PSA_ECC_FAMILY_BRAINPOOL_P_R1"],PSA_ECC_FAMILY_FRP:[7,0,1,"c.PSA_ECC_FAMILY_FRP"],PSA_ECC_FAMILY_MONTGOMERY:[7,0,1,"c.PSA_ECC_FAMILY_MONTGOMERY"],PSA_ECC_FAMILY_SECP_K1:[7,0,1,"c.PSA_ECC_FAMILY_SECP_K1"],PSA_ECC_FAMILY_SECP_R1:[7,0,1,"c.PSA_ECC_FAMILY_SECP_R1"],PSA_ECC_FAMILY_SECP_R2:[7,0,1,"c.PSA_ECC_FAMILY_SECP_R2"],PSA_ECC_FAMILY_SECT_K1:[7,0,1,"c.PSA_ECC_FAMILY_SECT_K1"],PSA_ECC_FAMILY_SECT_R1:[7,0,1,"c.PSA_ECC_FAMILY_SECT_R1"],PSA_ECC_FAMILY_SECT_R2:[7,0,1,"c.PSA_ECC_FAMILY_SECT_R2"],PSA_ECC_FAMILY_TWISTED_EDWARDS:[7,0,1,"c.PSA_ECC_FAMILY_TWISTED_EDWARDS"],PSA_ERROR_ALREADY_EXISTS:[10,0,1,"c.PSA_ERROR_ALREADY_EXISTS"],PSA_ERROR_BAD_STATE:[10,0,1,"c.PSA_ERROR_BAD_STATE"],PSA_ERROR_BUFFER_TOO_SMALL:[10,0,1,"c.PSA_ERROR_BUFFER_TOO_SMALL"],PSA_ERROR_COMMUNICATION_FAILURE:[10,0,1,"c.PSA_ERROR_COMMUNICATION_FAILURE"],PSA_ERROR_CORRUPTION_DETECTED:[10,0,1,"c.PSA_ERROR_CORRUPTION_DETECTED"],PSA_ERROR_DATA_CORRUPT:[10,0,1,"c.PSA_ERROR_DATA_CORRUPT"],PSA_ERROR_DATA_INVALID:[10,0,1,"c.PSA_ERROR_DATA_INVALID"],PSA_ERROR_DOES_NOT_EXIST:[10,0,1,"c.PSA_ERROR_DOES_NOT_EXIST"],PSA_ERROR_GENERIC_ERROR:[10,0,1,"c.PSA_ERROR_GENERIC_ERROR"],PSA_ERROR_HARDWARE_FAILURE:[10,0,1,"c.PSA_ERROR_HARDWARE_FAILURE"],PSA_ERROR_INSUFFICIENT_DATA:[10,0,1,"c.PSA_ERROR_INSUFFICIENT_DATA"],PSA_ERROR_INSUFFICIENT_ENTROPY:[10,0,1,"c.PSA_ERROR_INSUFFICIENT_ENTROPY"],PSA_ERROR_INSUFFICIENT_MEMORY:[10,0,1,"c.PSA_ERROR_INSUFFICIENT_MEMORY"],PSA_ERROR_INSUFFICIENT_STORAGE:[10,0,1,"c.PSA_ERROR_INSUFFICIENT_STORAGE"],PSA_ERROR_INVALID_ARGUMENT:[10,0,1,"c.PSA_ERROR_INVALID_ARGUMENT"],PSA_ERROR_INVALID_HANDLE:[10,0,1,"c.PSA_ERROR_INVALID_HANDLE"],PSA_ERROR_INVALID_PADDING:[10,0,1,"c.PSA_ERROR_INVALID_PADDING"],PSA_ERROR_INVALID_SIGNATURE:[10,0,1,"c.PSA_ERROR_INVALID_SIGNATURE"],PSA_ERROR_NOT_PERMITTED:[10,0,1,"c.PSA_ERROR_NOT_PERMITTED"],PSA_ERROR_NOT_SUPPORTED:[10,0,1,"c.PSA_ERROR_NOT_SUPPORTED"],PSA_ERROR_STORAGE_FAILURE:[10,0,1,"c.PSA_ERROR_STORAGE_FAILURE"],PSA_EXPORT_KEY_OUTPUT_SIZE:[5,0,1,"c.PSA_EXPORT_KEY_OUTPUT_SIZE"],PSA_EXPORT_KEY_PAIR_MAX_SIZE:[5,0,1,"c.PSA_EXPORT_KEY_PAIR_MAX_SIZE"],PSA_EXPORT_PUBLIC_KEY_MAX_SIZE:[5,0,1,"c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE"],PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE:[5,0,1,"c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE"],PSA_HASH_BLOCK_LENGTH:[14,0,1,"c.PSA_HASH_BLOCK_LENGTH"],PSA_HASH_LENGTH:[14,0,1,"c.PSA_HASH_LENGTH"],PSA_HASH_MAX_SIZE:[14,0,1,"c.PSA_HASH_MAX_SIZE"],PSA_HASH_OPERATION_INIT:[14,0,1,"c.PSA_HASH_OPERATION_INIT"],PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH:[14,0,1,"c.PSA_HASH_SUSPEND_ALGORITHM_FIELD_LENGTH"],PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH:[14,0,1,"c.PSA_HASH_SUSPEND_HASH_STATE_FIELD_LENGTH"],PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH:[14,0,1,"c.PSA_HASH_SUSPEND_INPUT_LENGTH_FIELD_LENGTH"],PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE:[14,0,1,"c.PSA_HASH_SUSPEND_OUTPUT_MAX_SIZE"],PSA_HASH_SUSPEND_OUTPUT_SIZE:[14,0,1,"c.PSA_HASH_SUSPEND_OUTPUT_SIZE"],PSA_KEY_ATTRIBUTES_INIT:[1,0,1,"c.PSA_KEY_ATTRIBUTES_INIT"],PSA_KEY_DERIVATION_INPUT_CONTEXT:[17,0,1,"c.PSA_KEY_DERIVATION_INPUT_CONTEXT"],PSA_KEY_DERIVATION_INPUT_COST:[17,0,1,"c.PSA_KEY_DERIVATION_INPUT_COST"],PSA_KEY_DERIVATION_INPUT_INFO:[17,0,1,"c.PSA_KEY_DERIVATION_INPUT_INFO"],PSA_KEY_DERIVATION_INPUT_LABEL:[17,0,1,"c.PSA_KEY_DERIVATION_INPUT_LABEL"],PSA_KEY_DERIVATION_INPUT_PASSWORD:[17,0,1,"c.PSA_KEY_DERIVATION_INPUT_PASSWORD"],PSA_KEY_DERIVATION_INPUT_SALT:[17,0,1,"c.PSA_KEY_DERIVATION_INPUT_SALT"],PSA_KEY_DERIVATION_INPUT_SECRET:[17,0,1,"c.PSA_KEY_DERIVATION_INPUT_SECRET"],PSA_KEY_DERIVATION_INPUT_SEED:[17,0,1,"c.PSA_KEY_DERIVATION_INPUT_SEED"],PSA_KEY_DERIVATION_OPERATION_INIT:[17,0,1,"c.PSA_KEY_DERIVATION_OPERATION_INIT"],PSA_KEY_DERIVATION_UNLIMITED_CAPACITY:[17,0,1,"c.PSA_KEY_DERIVATION_UNLIMITED_CAPACITY"],PSA_KEY_ID_NULL:[2,0,1,"c.PSA_KEY_ID_NULL"],PSA_KEY_ID_USER_MAX:[2,0,1,"c.PSA_KEY_ID_USER_MAX"],PSA_KEY_ID_USER_MIN:[2,0,1,"c.PSA_KEY_ID_USER_MIN"],PSA_KEY_ID_VENDOR_MAX:[2,0,1,"c.PSA_KEY_ID_VENDOR_MAX"],PSA_KEY_ID_VENDOR_MIN:[2,0,1,"c.PSA_KEY_ID_VENDOR_MIN"],PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION:[4,0,1,"c.PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION"],PSA_KEY_LIFETIME_GET_LOCATION:[4,0,1,"c.PSA_KEY_LIFETIME_GET_LOCATION"],PSA_KEY_LIFETIME_GET_PERSISTENCE:[4,0,1,"c.PSA_KEY_LIFETIME_GET_PERSISTENCE"],PSA_KEY_LIFETIME_IS_VOLATILE:[4,0,1,"c.PSA_KEY_LIFETIME_IS_VOLATILE"],PSA_KEY_LIFETIME_PERSISTENT:[4,0,1,"c.PSA_KEY_LIFETIME_PERSISTENT"],PSA_KEY_LIFETIME_VOLATILE:[4,0,1,"c.PSA_KEY_LIFETIME_VOLATILE"],PSA_KEY_LOCATION_LOCAL_STORAGE:[4,0,1,"c.PSA_KEY_LOCATION_LOCAL_STORAGE"],PSA_KEY_LOCATION_PRIMARY_SECURE_ELEMENT:[4,0,1,"c.PSA_KEY_LOCATION_PRIMARY_SECURE_ELEMENT"],PSA_KEY_PERSISTENCE_DEFAULT:[4,0,1,"c.PSA_KEY_PERSISTENCE_DEFAULT"],PSA_KEY_PERSISTENCE_READ_ONLY:[4,0,1,"c.PSA_KEY_PERSISTENCE_READ_ONLY"],PSA_KEY_PERSISTENCE_VOLATILE:[4,0,1,"c.PSA_KEY_PERSISTENCE_VOLATILE"],PSA_KEY_TYPE_AES:[7,0,1,"c.PSA_KEY_TYPE_AES"],PSA_KEY_TYPE_ARC4:[7,0,1,"c.PSA_KEY_TYPE_ARC4"],PSA_KEY_TYPE_ARIA:[7,0,1,"c.PSA_KEY_TYPE_ARIA"],PSA_KEY_TYPE_CAMELLIA:[7,0,1,"c.PSA_KEY_TYPE_CAMELLIA"],PSA_KEY_TYPE_CHACHA20:[7,0,1,"c.PSA_KEY_TYPE_CHACHA20"],PSA_KEY_TYPE_DERIVE:[7,0,1,"c.PSA_KEY_TYPE_DERIVE"],PSA_KEY_TYPE_DES:[7,0,1,"c.PSA_KEY_TYPE_DES"],PSA_KEY_TYPE_DH_GET_FAMILY:[7,0,1,"c.PSA_KEY_TYPE_DH_GET_FAMILY"],PSA_KEY_TYPE_DH_KEY_PAIR:[7,0,1,"c.PSA_KEY_TYPE_DH_KEY_PAIR"],PSA_KEY_TYPE_DH_PUBLIC_KEY:[7,0,1,"c.PSA_KEY_TYPE_DH_PUBLIC_KEY"],PSA_KEY_TYPE_ECC_GET_FAMILY:[7,0,1,"c.PSA_KEY_TYPE_ECC_GET_FAMILY"],PSA_KEY_TYPE_ECC_KEY_PAIR:[7,0,1,"c.PSA_KEY_TYPE_ECC_KEY_PAIR"],PSA_KEY_TYPE_ECC_PUBLIC_KEY:[7,0,1,"c.PSA_KEY_TYPE_ECC_PUBLIC_KEY"],PSA_KEY_TYPE_HMAC:[7,0,1,"c.PSA_KEY_TYPE_HMAC"],PSA_KEY_TYPE_IS_ASYMMETRIC:[7,0,1,"c.PSA_KEY_TYPE_IS_ASYMMETRIC"],PSA_KEY_TYPE_IS_DH:[7,0,1,"c.PSA_KEY_TYPE_IS_DH"],PSA_KEY_TYPE_IS_DH_KEY_PAIR:[7,0,1,"c.PSA_KEY_TYPE_IS_DH_KEY_PAIR"],PSA_KEY_TYPE_IS_DH_PUBLIC_KEY:[7,0,1,"c.PSA_KEY_TYPE_IS_DH_PUBLIC_KEY"],PSA_KEY_TYPE_IS_ECC:[7,0,1,"c.PSA_KEY_TYPE_IS_ECC"],PSA_KEY_TYPE_IS_ECC_KEY_PAIR:[7,0,1,"c.PSA_KEY_TYPE_IS_ECC_KEY_PAIR"],PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY:[7,0,1,"c.PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY"],PSA_KEY_TYPE_IS_KEY_PAIR:[7,0,1,"c.PSA_KEY_TYPE_IS_KEY_PAIR"],PSA_KEY_TYPE_IS_PUBLIC_KEY:[7,0,1,"c.PSA_KEY_TYPE_IS_PUBLIC_KEY"],PSA_KEY_TYPE_IS_RSA:[7,0,1,"c.PSA_KEY_TYPE_IS_RSA"],PSA_KEY_TYPE_IS_UNSTRUCTURED:[7,0,1,"c.PSA_KEY_TYPE_IS_UNSTRUCTURED"],PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY:[7,0,1,"c.PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY"],PSA_KEY_TYPE_NONE:[7,0,1,"c.PSA_KEY_TYPE_NONE"],PSA_KEY_TYPE_PASSWORD:[7,0,1,"c.PSA_KEY_TYPE_PASSWORD"],PSA_KEY_TYPE_PASSWORD_HASH:[7,0,1,"c.PSA_KEY_TYPE_PASSWORD_HASH"],PSA_KEY_TYPE_PEPPER:[7,0,1,"c.PSA_KEY_TYPE_PEPPER"],PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR:[7,0,1,"c.PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR"],PSA_KEY_TYPE_RAW_DATA:[7,0,1,"c.PSA_KEY_TYPE_RAW_DATA"],PSA_KEY_TYPE_RSA_KEY_PAIR:[7,0,1,"c.PSA_KEY_TYPE_RSA_KEY_PAIR"],PSA_KEY_TYPE_RSA_PUBLIC_KEY:[7,0,1,"c.PSA_KEY_TYPE_RSA_PUBLIC_KEY"],PSA_KEY_TYPE_SM4:[7,0,1,"c.PSA_KEY_TYPE_SM4"],PSA_KEY_USAGE_CACHE:[6,0,1,"c.PSA_KEY_USAGE_CACHE"],PSA_KEY_USAGE_COPY:[6,0,1,"c.PSA_KEY_USAGE_COPY"],PSA_KEY_USAGE_DECRYPT:[6,0,1,"c.PSA_KEY_USAGE_DECRYPT"],PSA_KEY_USAGE_DERIVE:[6,0,1,"c.PSA_KEY_USAGE_DERIVE"],PSA_KEY_USAGE_ENCRYPT:[6,0,1,"c.PSA_KEY_USAGE_ENCRYPT"],PSA_KEY_USAGE_EXPORT:[6,0,1,"c.PSA_KEY_USAGE_EXPORT"],PSA_KEY_USAGE_SIGN_HASH:[6,0,1,"c.PSA_KEY_USAGE_SIGN_HASH"],PSA_KEY_USAGE_SIGN_MESSAGE:[6,0,1,"c.PSA_KEY_USAGE_SIGN_MESSAGE"],PSA_KEY_USAGE_VERIFY_DERIVATION:[6,0,1,"c.PSA_KEY_USAGE_VERIFY_DERIVATION"],PSA_KEY_USAGE_VERIFY_HASH:[6,0,1,"c.PSA_KEY_USAGE_VERIFY_HASH"],PSA_KEY_USAGE_VERIFY_MESSAGE:[6,0,1,"c.PSA_KEY_USAGE_VERIFY_MESSAGE"],PSA_MAC_LENGTH:[18,0,1,"c.PSA_MAC_LENGTH"],PSA_MAC_MAX_SIZE:[18,0,1,"c.PSA_MAC_MAX_SIZE"],PSA_MAC_OPERATION_INIT:[18,0,1,"c.PSA_MAC_OPERATION_INIT"],PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE:[16,0,1,"c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE"],PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE:[16,0,1,"c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE"],PSA_SIGNATURE_MAX_SIZE:[21,0,1,"c.PSA_SIGNATURE_MAX_SIZE"],PSA_SIGN_OUTPUT_SIZE:[21,0,1,"c.PSA_SIGN_OUTPUT_SIZE"],PSA_SUCCESS:[10,0,1,"c.PSA_SUCCESS"],PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE:[17,0,1,"c.PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE"],psa_aead_abort:[11,1,1,"c.psa_aead_abort"],psa_aead_decrypt:[11,1,1,"c.psa_aead_decrypt"],psa_aead_decrypt_setup:[11,1,1,"c.psa_aead_decrypt_setup"],psa_aead_encrypt:[11,1,1,"c.psa_aead_encrypt"],psa_aead_encrypt_setup:[11,1,1,"c.psa_aead_encrypt_setup"],psa_aead_finish:[11,1,1,"c.psa_aead_finish"],psa_aead_generate_nonce:[11,1,1,"c.psa_aead_generate_nonce"],psa_aead_operation_init:[11,1,1,"c.psa_aead_operation_init"],psa_aead_operation_t:[11,2,1,"c.psa_aead_operation_t"],psa_aead_set_lengths:[11,1,1,"c.psa_aead_set_lengths"],psa_aead_set_nonce:[11,1,1,"c.psa_aead_set_nonce"],psa_aead_update:[11,1,1,"c.psa_aead_update"],psa_aead_update_ad:[11,1,1,"c.psa_aead_update_ad"],psa_aead_verify:[11,1,1,"c.psa_aead_verify"],psa_algorithm_t:[12,2,1,"c.psa_algorithm_t"],psa_asymmetric_decrypt:[19,1,1,"c.psa_asymmetric_decrypt"],psa_asymmetric_encrypt:[19,1,1,"c.psa_asymmetric_encrypt"],psa_cipher_abort:[13,1,1,"c.psa_cipher_abort"],psa_cipher_decrypt:[13,1,1,"c.psa_cipher_decrypt"],psa_cipher_decrypt_setup:[13,1,1,"c.psa_cipher_decrypt_setup"],psa_cipher_encrypt:[13,1,1,"c.psa_cipher_encrypt"],psa_cipher_encrypt_setup:[13,1,1,"c.psa_cipher_encrypt_setup"],psa_cipher_finish:[13,1,1,"c.psa_cipher_finish"],psa_cipher_generate_iv:[13,1,1,"c.psa_cipher_generate_iv"],psa_cipher_operation_init:[13,1,1,"c.psa_cipher_operation_init"],psa_cipher_operation_t:[13,2,1,"c.psa_cipher_operation_t"],psa_cipher_set_iv:[13,1,1,"c.psa_cipher_set_iv"],psa_cipher_update:[13,1,1,"c.psa_cipher_update"],psa_copy_key:[5,1,1,"c.psa_copy_key"],psa_crypto_init:[9,1,1,"c.psa_crypto_init"],psa_destroy_key:[5,1,1,"c.psa_destroy_key"],psa_dh_family_t:[7,2,1,"c.psa_dh_family_t"],psa_ecc_family_t:[7,2,1,"c.psa_ecc_family_t"],psa_export_key:[5,1,1,"c.psa_export_key"],psa_export_public_key:[5,1,1,"c.psa_export_public_key"],psa_generate_key:[5,1,1,"c.psa_generate_key"],psa_generate_random:[20,1,1,"c.psa_generate_random"],psa_get_key_algorithm:[6,1,1,"c.psa_get_key_algorithm"],psa_get_key_attributes:[1,1,1,"c.psa_get_key_attributes"],psa_get_key_bits:[7,1,1,"c.psa_get_key_bits"],psa_get_key_id:[2,1,1,"c.psa_get_key_id"],psa_get_key_lifetime:[4,1,1,"c.psa_get_key_lifetime"],psa_get_key_type:[7,1,1,"c.psa_get_key_type"],psa_get_key_usage_flags:[6,1,1,"c.psa_get_key_usage_flags"],psa_hash_abort:[14,1,1,"c.psa_hash_abort"],psa_hash_clone:[14,1,1,"c.psa_hash_clone"],psa_hash_compare:[14,1,1,"c.psa_hash_compare"],psa_hash_compute:[14,1,1,"c.psa_hash_compute"],psa_hash_finish:[14,1,1,"c.psa_hash_finish"],psa_hash_operation_init:[14,1,1,"c.psa_hash_operation_init"],psa_hash_operation_t:[14,2,1,"c.psa_hash_operation_t"],psa_hash_resume:[14,1,1,"c.psa_hash_resume"],psa_hash_setup:[14,1,1,"c.psa_hash_setup"],psa_hash_suspend:[14,1,1,"c.psa_hash_suspend"],psa_hash_update:[14,1,1,"c.psa_hash_update"],psa_hash_verify:[14,1,1,"c.psa_hash_verify"],psa_import_key:[5,1,1,"c.psa_import_key"],psa_key_attributes_init:[1,1,1,"c.psa_key_attributes_init"],psa_key_attributes_t:[1,2,1,"c.psa_key_attributes_t"],psa_key_derivation_abort:[17,1,1,"c.psa_key_derivation_abort"],psa_key_derivation_get_capacity:[17,1,1,"c.psa_key_derivation_get_capacity"],psa_key_derivation_input_bytes:[17,1,1,"c.psa_key_derivation_input_bytes"],psa_key_derivation_input_integer:[17,1,1,"c.psa_key_derivation_input_integer"],psa_key_derivation_input_key:[17,1,1,"c.psa_key_derivation_input_key"],psa_key_derivation_key_agreement:[16,1,1,"c.psa_key_derivation_key_agreement"],psa_key_derivation_operation_init:[17,1,1,"c.psa_key_derivation_operation_init"],psa_key_derivation_operation_t:[17,2,1,"c.psa_key_derivation_operation_t"],psa_key_derivation_output_bytes:[17,1,1,"c.psa_key_derivation_output_bytes"],psa_key_derivation_output_key:[17,1,1,"c.psa_key_derivation_output_key"],psa_key_derivation_set_capacity:[17,1,1,"c.psa_key_derivation_set_capacity"],psa_key_derivation_setup:[17,1,1,"c.psa_key_derivation_setup"],psa_key_derivation_step_t:[17,2,1,"c.psa_key_derivation_step_t"],psa_key_derivation_verify_bytes:[17,1,1,"c.psa_key_derivation_verify_bytes"],psa_key_derivation_verify_key:[17,1,1,"c.psa_key_derivation_verify_key"],psa_key_id_t:[2,2,1,"c.psa_key_id_t"],psa_key_lifetime_t:[4,2,1,"c.psa_key_lifetime_t"],psa_key_location_t:[4,2,1,"c.psa_key_location_t"],psa_key_persistence_t:[4,2,1,"c.psa_key_persistence_t"],psa_key_type_t:[7,2,1,"c.psa_key_type_t"],psa_key_usage_t:[6,2,1,"c.psa_key_usage_t"],psa_mac_abort:[18,1,1,"c.psa_mac_abort"],psa_mac_compute:[18,1,1,"c.psa_mac_compute"],psa_mac_operation_init:[18,1,1,"c.psa_mac_operation_init"],psa_mac_operation_t:[18,2,1,"c.psa_mac_operation_t"],psa_mac_sign_finish:[18,1,1,"c.psa_mac_sign_finish"],psa_mac_sign_setup:[18,1,1,"c.psa_mac_sign_setup"],psa_mac_update:[18,1,1,"c.psa_mac_update"],psa_mac_verify:[18,1,1,"c.psa_mac_verify"],psa_mac_verify_finish:[18,1,1,"c.psa_mac_verify_finish"],psa_mac_verify_setup:[18,1,1,"c.psa_mac_verify_setup"],psa_purge_key:[5,1,1,"c.psa_purge_key"],psa_raw_key_agreement:[16,1,1,"c.psa_raw_key_agreement"],psa_reset_key_attributes:[1,1,1,"c.psa_reset_key_attributes"],psa_set_key_algorithm:[6,1,1,"c.psa_set_key_algorithm"],psa_set_key_bits:[7,1,1,"c.psa_set_key_bits"],psa_set_key_id:[2,1,1,"c.psa_set_key_id"],psa_set_key_lifetime:[4,1,1,"c.psa_set_key_lifetime"],psa_set_key_type:[7,1,1,"c.psa_set_key_type"],psa_set_key_usage_flags:[6,1,1,"c.psa_set_key_usage_flags"],psa_sign_hash:[21,1,1,"c.psa_sign_hash"],psa_sign_message:[21,1,1,"c.psa_sign_message"],psa_status_t:[10,2,1,"c.psa_status_t"],psa_verify_hash:[21,1,1,"c.psa_verify_hash"],psa_verify_message:[21,1,1,"c.psa_verify_message"]}},objnames:{"0":["c","macro","C macro"],"1":["c","function","C function"],"2":["c","type","C type"]},objtypes:{"0":"c:macro","1":"c:function","2":"c:type"},terms:{"0x00":22,"0x01":22,"0x0101":[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34],"0x02":22,"0x02000001":22,"0x02000002":22,"0x02000003":22,"0x02000004":22,"0x02000005":22,"0x02000008":22,"0x02000009":22,"0x0200000a":22,"0x0200000b":22,"0x0200000c":22,"0x0200000d":22,"0x02000010":22,"0x02000011":22,"0x02000012":22,"0x02000013":22,"0x02000014":22,"0x02000015":22,"0x020000ff":22,"0x03":22,"0x038000hh":22,"0x03c00100":22,"0x03c00200":22,"0x04":[5,22],"0x04404000":22,"0x04404100":22,"0x04404400":22,"0x0440ff00":22,"0x04800100":22,"0x04c01000":22,"0x04c01100":22,"0x04c01200":22,"0x05":22,"0x05100500":22,"0x05500100":22,"0x05500200":22,"0x06":22,"0x06000200":22,"0x060002hh":22,"0x060003hh":22,"0x06000600":22,"0x060006hh":22,"0x060007hh":22,"0x06000800":22,"0x060009hh":22,"0x060013hh":22,"0x07":22,"0x07000200":22,"0x070003hh":22,"0x08":22,"0x080001hh":22,"0x080002hh":22,"0x080003hh":22,"0x088001hh":22,"0x08800200":22,"0x09":22,"0x09010000":22,"0x09020000":22,"0x0a":22,"0x0b":22,"0x0c":22,"0x0d":22,"0x10":22,"0x1001":22,"0x11":22,"0x1100":22,"0x12":22,"0x1200":22,"0x1203":22,"0x1205":22,"0x1206":22,"0x13":22,"0x14":22,"0x15":22,"0x18":22,"0x19":22,"0x20":22,"0x2002":22,"0x2004":22,"0x21":22,"0x2301":22,"0x2400":22,"0x2403":22,"0x2405":22,"0x2406":22,"0x40":22,"0x4001":22,"0x41":22,"0x4112":22,"0x4117":22,"0x411b":22,"0x4122":22,"0x4127":22,"0x412b":22,"0x4130":22,"0x4133":22,"0x4141":22,"0x4142":22,"0x4203":22,"0x44":22,"0x7001":22,"0x7112":22,"0x7117":22,"0x711b":22,"0x7122":22,"0x7127":22,"0x712b":22,"0x7130":22,"0x7133":22,"0x7141":22,"0x7142":22,"0x7203":22,"0x7fffff":4,"0x800000":4,"0xff":22,"0xffff0000":0,"0xffff_0000_0000_0000":0,"0xffffff":4,"20x9":0,"30r1":0,"38a":[0,13],"38b":[0,18],"38d":[0,11],"3de":[7,17],"56a":[0,16,17],"56ar3":0,"64gb":13,"67r2":0,"6_32":0,"9nj":0,"\u00e9lectroniqu":[0,7],"break":0,"byte":[0,5,7,11,13,14,16,17,18,19,20,21,22,28,30,31],"case":[0,2,5,10,13,17,18,21,24,26,27,28,29,31],"class":6,"const":[2,4,5,6,7,11,13,14,16,17,18,19,21,23,28],"default":[1,2,4,11,13,22,24,28,29],"export":[0,1,3,6,7,17,24,26,27,33],"final":[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34],"fran\u00e7ais":[0,7],"function":[0,3,8,10,12,15,24,25,26,27,30,31,32,33,34],"import":[5,21,24,26,31,32,33],"long":[0,4,16,24,29,30,33],"new":[0,5,6,7,14,16,17,24,29,32],"null":[2,5,19,28],"param\u00e9trag":[0,7],"public":[0,1,5,6,7,11,12,13,14,16,17,18,19,21,22,26,29,33],"return":[0,1,2,4,5,6,7,9,10,11,12,13,14,16,17,18,19,20,21,24,26,27,29,30,31,34],"s\u00e9curit\u00e9":0,"short":[0,19,21,29,33],"static":[1,2,4,6,7,11,13,14,16,17,18,28,29,30],"syst\u00e8m":0,"transient":[2,4,10,29],"true":[5,7,11,13,14,16,17,18,19,21,29],"try":31,"void":[1,2,4,6,7,9,11,13,14,17,18,23,28,34],"while":[10,12,16,22,26,28,29,30,32,33,34],AES:[0,7,13,17,18,22,28],AND:0,Added:24,DES:[5,7,17,22],FOR:0,For:[0,1,2,4,5,6,7,9,10,11,12,13,14,16,17,18,19,21,22,24,26,28,29,30,31,33,34],IKE:0,ITS:[0,10],IVs:24,Its:5,LES:0,NOT:[0,20],Not:23,ONE:0,One:[16,17],SHS:[0,14],Such:28,THE:0,TLS:[0,7,17,22,24,27],That:[2,16,17,21,34],The:[0,1,2,4,5,6,7,9,10,11,12,13,14,16,17,18,19,20,21,22,23,24,25,26,28,29,30,31,32,33],Then:21,There:[4,5,10,11,17,21,28,29,30,31,33],These:[1,7,10,11,12,13,17,24,26,28,29,31,33],USE:0,Use:[7,13,17,26],Used:0,Using:[0,11,16,17,26,29],WILL:0,WITH:0,With:21,XTS:[0,7,13,22],abbrevi:27,abil:[26,30],abl:[4,6,11,24,26,28,29,31,33],abort:[11,13,14,16,17,18,28,29,31,34],about:[1,4,11,13,14,17,18,21,24,26,27,28,29],abov:[0,7,29],abus:[26,31],acceler:[31,33,34],accept:[7,13,16,21,24],access:[2,4,6,10,13,16,24,26,28,29,30,31,32,33,34],accessor:[3,6,24,27,29],accident:5,accompani:0,accord:[5,30],accordingli:[17,31],account:[13,31],achiev:[10,13,26,31],acquir:0,across:[0,10,13,24],act:[0,2,4,29],action:[4,6,10,11,28,29,31],activ:[11,13,14,17,18,29,30],actual:[1,11,13,14,16,17,18,19,21,24],ad_length:[11,23],add:[14,18,21,24],added:24,addit:[0,1,2,4,5,6,7,10,11,12,13,17,26,27,28,29],addition:28,additional_data:[11,23],additional_data_length:[11,23],address:[26,28],adequ:[26,29],administr:[0,7],advanc:[0,7],adversari:[11,27],aead:[0,6,7,12,13,15,24,27,28,29],aead_alg:[11,23,25],aes0058:0,affect:[0,4,11,14,24,26,28],affili:[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34],aforement:30,africacrypt:0,after:[0,1,2,5,10,11,13,14,17,18,26,27,28,31],afterward:26,again:[5,11,13,14,17,18,29],against:[0,4,6,10,11,14,18,26,33],agenc:0,agil:[26,30],agre:0,agreement:[0,6,7,12,15,17,24,27,29,30],aid:26,aim:[10,26],alarm:10,alg:[6,7,11,12,13,14,16,17,18,19,21,23,24,25],algorithm:[0,1,3,5,7,9,10,15,24,26,27,29,31,32,33,34],align:[11,24],all:[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34],alloc:[1,2,5,11,13,14,18,24,26,28,29,31],allow:[1,4,5,6,11,13,14,16,17,18,19,21,22,24,26,28,29,30,31,32,33,34],almost:[28,29],alongsid:12,alreadi:[5,10,17,21,24],also:[0,1,4,5,6,7,10,11,12,13,14,16,17,18,19,21,22,24,26,28,29,30,31,33],alter:26,altern:[5,11,13,21,22,25,26,31],although:[5,24],altogeth:31,alwai:[2,5,6,7,12,13,14,16,17,18,22,24,27,28,29],ambigu:24,among:[7,13,30],amount:[11,17,30],analys:[26,32],analysi:[0,26,28],ani:[0,1,2,4,5,6,7,9,10,11,12,13,14,16,17,18,19,21,22,24,26,28,29,30,31,33,34],anoth:[0,5,6,10,11,13,14,17,18,26,28,30,31,33,34],ansi:0,anyth:0,apart:30,api:[0,1,2,3,4,5,6,7,8,11,12,13,14,15,16,17,18,19,20,21,22,23,25,26,30,31,32,33,34],appear:[0,31],append:11,appendix:[7,12,13,19,21,23,24,25,28,31],appli:[0,5,6,11,12,13,21,24,28,30],applic:[0,1,2,4,5,6,7,9,10,11,13,14,16,17,18,24,25,26,27,28,29,30,31,32,34],approach:[16,21,26],appropri:[4,5,6,9,11,13,14,16,17,18,19,21,24,26,28,29],april:0,arbitrari:[7,17,28,29],arbitrarili:5,arc4:[7,13,17,22],architectur:[0,10,27,28,32],archiv:0,area:[4,30],argument:[10,17,24,26,28,31],aria:[0,7,17,22],arm:[1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34],around:[6,28],arrai:[7,14,28,30],articl:0,ask:10,aspect:27,assembl:[27,29],assess:[0,24,27],asset:[27,30],assign:[1,4,11,13,14,17,18,29],assist:26,associ:[0,4,5,6,7,12,13,14,15,16,17,18,24,26,27,28,29,31],assum:[26,28,31],assumpt:[1,11,13,14,17,18,27,28],assur:0,asym:22,asymmetr:[0,5,6,7,12,15,17,24,27,28],atom:28,attach:4,attack:[0,4,10,14,18,27],attempt:[5,10,17,24,26,28],attest:27,attribut:[3,5,6,16,17,18,21,23,24,26,27,29],august:0,authent:[0,6,7,10,12,13,14,15,24,26,27,29,30,32,33],author:[28,31],automat:[0,4,6,29],auxiliari:1,avail:[4,10,26,28,29,31],avoid:[0,24,26,28,30,31,34],awar:28,back:[6,28],backend:[30,31],bad:31,base:[0,5,6,7,11,12,13,14,17,18,21,22,26,30,31,32,33],basic:[4,27],becaus:[0,5,14,16,17,18,21,26,28],becom:[7,11,13,14,18,31],been:[0,1,2,5,9,10,11,13,14,16,17,18,24,28,30],befor:[1,7,9,10,11,13,14,17,18,21,24,26,28,29,31],begin:[28,29],behav:28,behavior:[0,1,6,10,11,13,14,17,18,24,26,27,29,34],being:[0,5,11,13,14,17,24,28,29,30],belong:26,below:28,benefit:[4,17],bernstein:0,best:[5,11,14,17,18,26,30,32],beta:[0,27,32],between:[0,2,5,7,10,11,13,14,17,18,26,27,30,31,33,34],bewar:18,beyond:[1,5,13,30],bias:16,big:[5,13,14,16,17,21],binari:[0,5,7,16],biration:7,bit:[0,1,4,5,7,9,11,12,13,14,16,17,18,19,21,23,24,26,28,29,31],bitfield:[7,12],bitmask:[6,28],bitwis:[5,7,12,13,22,29],blind:[9,26],blk:22,block:[0,5,7,11,12,13,14,17,18,22,24,28,30,34],blue:0,bluetooth:30,bodi:31,boot:27,bossela:0,both:[0,5,6,7,17,21,24,28,29,30,32],bound:[0,11,26,29],boundari:[0,11,17,30,33],brainpool:[0,7,22],brainpoolp160r1:7,brainpoolp192r1:7,brainpoolp224r1:7,brainpoolp256r1:7,brainpoolp320r1:7,brainpoolp384r1:7,brainpoolp512r1:7,branch:31,brand:0,breach:[0,10],breakdown:10,broad:26,broken:28,brute:26,buffer:[5,7,10,11,13,14,16,17,18,19,20,21,24,26,27,31,34],buffer_length:5,buffer_s:5,build:[11,13,16,17,18,21,28],built:[0,6,13,21,22,29,30],burnt:33,bypass:[14,18],c10:26,c11:26,c12:26,c13:26,c89:24,c99:[0,24,28,31],cach:[4,6,24,26,31],cacheabl:6,calcul:[1,6,10,11,14,16,17,18,21,24,26,28,30],call:[0,1,2,4,5,6,9,10,11,13,14,16,17,18,19,20,21,24,26,27,29,30,31,33,34],caller:[0,2,10,17,20,26,28,29,30,31,33],calloc:29,cam:[0,7],cambridg:0,camellia:[0,7,17,22],can:[0,1,2,4,5,6,7,9,10,11,12,13,14,16,17,18,19,20,21,22,23,24,25,26,28,29,30,31,32,33,34],candid:17,cannot:[4,5,6,7,10,11,12,13,17,26,28,29,30,33,34],capabl:[24,26,33],capac:[17,23,28],capit:0,care:[10,28],carefulli:[10,28,33,34],carri:[10,28,31],cat:22,categori:[3,15,24,27,28,31],caus:[4,5,10,24,26,29,31,34],cb1:0,cbc:[0,11,13,18,22],ccm:[0,6,11,22,24],cdh:16,ceas:0,ceil:[5,16,17],certain:[0,10,24,31,33,34],certif:[0,5,26,32],cfb:[13,22],chacha20:[0,7,11,13,17,22],chacha:[0,11,13],chain:[13,16],chang:[1,17,26,27,28,29,32],channel:[4,26,30,31],chapter:[0,24],charact:0,characterist:4,check:[6,10,20,24,26,27,29,33],checksum:14,chip:[30,33],choic:[4,5,11,13,26,27,28],choos:[2,4,30],chosen:[2,5,11,13],chunk:[13,14,17,18],cipher:[0,7,11,12,15,17,18,24,27,28,29],ciphersuit:[0,17],ciphertext:[11,13,23,26],ciphertext_length:[11,23],ciphertext_s:[11,23],circul:0,circumst:[13,30],citat:[0,24],claim:0,clarif:0,clarifi:24,clariti:[24,28],clean:[17,27,31],cleanup:[4,27],clear:[1,7,12,17,28,29,31,34],clearli:5,cleartext:4,client:[9,22,24,26,27,31],clienthello:17,clone:[14,29],close:31,clulow:[0,26],cmac:[0,6,17,18,22],code:[0,5,6,8,9,15,17,24,25,26,27,28,29,30,31,33],codebook:13,coeffici:5,cofactor:16,collect:17,collector:29,com:[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34],combin:[5,6,10,15,22,24,26,27,33],come:17,comment:[0,31],commerci:0,committe:0,common:[0,5,6,8,11,24,27,28,31,34],commonli:[29,30],commun:[0,5,9,10,28,30,33,34],compact:1,compani:0,companion:[30,31,32],compar:[14,17,18,24],comparison:[11,14,17,18,26],compat:[0,7,10,11,13,16,17,18,19,21,24,29,31],compil:[23,28,31],complement:24,complet:[10,11,13,17,21,24,28,31],complex:31,compli:0,complianc:17,compliant:[0,32],compon:[0,10,11,16,29,30,32],compos:[4,6,33],composit:12,compris:[0,1,7],compromis:[5,9,10,11,26,31,33,34],comput:[5,6,7,10,11,13,14,16,17,18,19,21,24,25,29,31,33],concaten:[5,11,13,14,17,18,21],concept:24,conceptu:4,concern:[6,28],concis:0,concurr:[24,26,27,29],condit:[0,5,11,13,14,16,17,18,19,21,24,28],conduct:[0,26],confidenti:[1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34],configur:[17,24,29],conflict:[0,28],conform:[5,26,33],connect:[0,30],consequ:[10,17,30],consequenti:30,conserv:[5,31],consid:[1,10,18,24,26,28,30,31],consider:[5,26,27,28,32,33],consist:[0,5,6,11,13,17,18,21,24,29,32,33],constant:[11,14,17,18,26,27,31],constrain:[6,27,29,31],constraint:[17,24,28,30,34],construct:[0,4,6,11,13,16,17,18,21,22,24],consum:[11,17],consumpt:31,contain:[0,1,4,5,7,11,13,14,16,17,18,19,20,21,24,28,29],content:[0,1,5,11,13,14,17,18,20,26,27,28,30,31,34],context:[0,17,21,26,28,31,34],continu:[14,17,24],contract:0,contrari:0,control:[0,14,18,24,26,28,29,31],convei:[6,28],conveni:0,convent:[24,27],convers:31,convert:[17,24,31],coordin:16,copi:[0,1,5,6,11,14,24,26,28,29,31,33],copyabl:6,copyright:[0,27],corner:24,corpor:0,correct:[5,10,11,13,14,16,17,18,19,21,24,25,26,33],correctli:[5,28],correl:0,correspond:[1,2,4,5,6,7,10,11,14,16,17,18,19,21,26,30,31,33],corrupt:[5,10,26,28,34],cost:17,could:[10,11,14,18,26,33],count:17,counter:[0,11,13],countermeasur:[0,10],courb:[0,7],creat:[0,1,2,4,5,6,7,13,17,21,24,26,28,29,30],creation:[1,2,3,4,24,27,29],creator:26,credenti:27,crl:[0,5],cross:[0,24],crypt:0,cryptanalysi:26,crypto:[0,4,5,8,10,14,22,24,27,28,30,31,32,33],cryptograph:[0,1,5,6,7,9,10,12,13,14,16,17,24,26,27,28,29,30,32],cryptographi:[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,28,30,31,32,33,34],cryptoprocessor:[0,4,5,6,10,17,24,26,27,28,30,31],csprng:29,cstc0002:[0,7],cstc0004:[0,14],ctr:[0,13,22],current:[1,2,4,5,10,14,17,21,24,28,31,34],curv:[0,3,5,16,17,21,23,24,25,27],curve25519:[0,5,7,16,17],curve448:[0,5,7,16,17],custom:[17,30],d_a:16,d_b:16,damag:0,danger:30,data:[0,1,4,5,7,9,10,12,13,14,15,16,17,18,20,22,23,24,26,27,29,30,31,33,34],data_length:[5,17,23],data_s:[5,23],dataflow:26,datatrack:0,date:[0,27],dbrg:17,deal:26,debug:28,decemb:0,decim:0,declar:[1,2,4,5,6,7,11,13,14,17,18,24,28],decod:17,decodescalar25519:5,decodescalar448:5,decreas:17,decrypt:[0,6,7,10,11,13,19,29],dedic:[0,14],defeat:26,defend:33,defin:[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34],definit:[4,7,12,13,14,23,24,25,27,28,29,31,32],delai:11,deleg:[4,26],delet:[26,31],deliv:26,deliveri:29,demand:0,den:0,deni:10,denot:0,depend:[4,5,7,9,10,11,13,16,17,21,22,26,28,31],deploi:[26,30],deprec:[7,13,14,26],der:[5,21],derefer:28,deriv:[0,1,5,6,7,12,15,24,26,27,28,29,31,33],des:[0,7],describ:[0,1,5,6,7,11,12,13,14,17,18,22,24,26,28,29,31,32,33],descript:[1,2,4,5,6,7,9,10,11,12,13,14,16,17,18,19,20,21,22,24,25,26,27,28,29,30,31,32],design:[0,4,7,13,17,26,27,29,31,32,33],desir:[1,4,11,17,18,31],destroi:[0,4,5,24,28,29,31,34],destruct:[3,17,27],detail:[0,6,7,11,17,21,22,24,26,29,32,34],detect:[10,24,26,27,28],detector:10,determin:[0,5,6,7,10,11,13,14,16,17,18,19,21,22,24,26,28,29,30],determinist:[0,13,17,21,22,29],dev:0,develop:[0,26,28,30],devic:[0,4,13,27,29,33],dh_famili:17,dhephem:16,dhoneflow:16,dhstatic:16,diagnos:29,diagram:26,did:[17,28],differ:[1,2,4,5,6,13,17,21,22,24,26,28,29,30,31,32,33,34],differenti:26,diffi:[0,3,5,16,17,24,27],difficult:29,digest:[0,15,21,27,29,30],digestinfo:21,digit:[0,5,17,21],direct:[13,16,17,26,28,30],directli:[0,5,11,16,21,26],discard:[11,13,14,17,18],disclos:26,disclosur:[0,26,31],discoveri:24,discret:[0,16,17],disk:13,dispatch:33,distinct:[2,21,24,29],distinguish:[4,10,11,24],distribut:0,divid:[2,7,12],dobbertin:0,doc:0,document:[1,5,7,11,13,14,16,17,18,27,28,29,30,31,32],doe:[0,1,2,4,5,6,9,10,11,12,13,14,16,17,18,19,21,24,25,26,28,29,30,31,32,33],doesn:10,doi:0,domain:[0,7,17,24,28,31],done:[9,17,21],doubt:0,down:[10,28],draft:[0,24],dram:26,draw:17,driver:31,dsa:[0,21],dss:[0,17],due:[4,5,11,13,14,16,17,18,19,21,29,34],duplic:[0,5,14],dure:[0,10,13,26,28,29,30,31,33,34],dynam:[26,30,31],each:[0,1,2,4,5,7,11,13,14,16,17,18,21,22,23,24,25,26,28,29,30,31,33],eas:[26,27,28],easi:[26,29],easier:[7,12,26],easiest:29,easili:26,ecb:[13,22,24],ecc:[0,7,16,17,24],ecc_famili:17,ecdh:[16,22],ecdsa:[0,21,22],eci:24,ecprivatekei:5,ed25519:[0,7,21],ed25519ph:[21,22],ed448:[0,7,16,21],ed448ph:[14,21,22],eddsa:[0,5,21,24],edit:24,edward:[0,5,7,21,22,24],edwards25519:[5,7,21],edwards448:[5,7,21],effect:[0,2,5,11,13,14,18,26,28,31],effici:[0,2,4,6,7],effort:[5,11,14,17,18],eight:0,either:[4,5,7,9,10,11,12,13,14,16,17,18,19,21,22,28,30,34],electr:0,electron:13,element:[4,5,6,10,23,24,26,28,31,33],ellipt:[0,3,5,16,17,21,24,27],elliptiqu:[0,7],elsewher:[0,7],embodi:0,emiss:[26,31],empti:[17,21],emsa:21,enabl:[4,24,26,28,29,30],encod:[1,3,5,6,10,11,13,14,15,17,21,24,26,27,28,29,33],encompass:7,encourag:[13,28,31,34],encrypt:[0,5,6,7,9,10,12,13,15,24,26,27,28,29,30,33],end:[6,11,14,18,26,29],endian:[5,13,14,16,17,21],enforc:[6,11,26,30],eng:0,engin:26,england:0,english:[0,7,14],engrav:4,enlarg:0,enough:[5,10,14,17,28],ensur:[0,5,6,10,11,14,17,18,24,26,30,31,33],enter:[10,11,13,14,16,17,18,29],enterpris:30,entir:33,entitl:0,entri:[1,10],entropi:[7,10,17,29,34],enumer:[10,28],environ:[4,24,28,30,31,34],ephemer:[0,7,16],eprint:0,equal:[5,6,11,13,17,18,21],equival:[1,5,7,14,16,17,21,33],eras:[4,5],erron:5,error:[0,5,6,8,9,11,13,14,16,17,18,19,21,24,26,27,29],esat:0,essenti:[5,6,9,10,31],establish:[0,9,16,17,29,30,32],etc:[10,26,29],europ:7,evalu:[5,11,13,14,16,18,19,21,24,26,28,32],even:[4,5,10,17,22,28,29,31,33,34],event:[0,4,11,13,14,28,29],eventu:[11,13,14,18],everi:[0,17,29],exact:[5,11,18,21,31],exactli:[6,17,21,28,31],exampl:[0,1,4,5,6,9,10,11,12,13,14,16,17,18,21,24,26,27,28,31,33],exce:24,except:[0,1,2,7,11,13,14,17,18,26,28,29,30,33],excess:[0,11,24],exchang:[0,5,26,30],exclud:[5,21,26],exclus:[0,26,28],execut:[10,26,28,31,33,34],exfiltr:26,exhaust:[17,30,33],exist:[0,1,4,5,10,17,24],expand:[0,17,28,33],expans:17,expect:[0,1,7,9,11,13,14,17,18,23,28,31],expected_output:[17,23],explain:28,explan:0,explicit:[1,11,13,14,17,18,29],explicitli:[4,10,26,28,29,30],exploit:[26,31],expon:5,exponent1:5,exponent2:5,expos:[4,17,22,26,30],express:[0,6,14,28,31],expressli:0,extend:[0,13,14,17,21,24,25],extens:[0,4,26,30,32],extent:[0,30],extern:[4,10,26,28,31],extra:5,extract:[0,4,5,6,7,14,16,17,22,24,26,29,30,33],extrem:[7,13],f_p:16,f_q:5,facilit:30,fact:[0,11],factori:[4,27,29],fail:[5,10,11,13,14,16,18,19,20,21,28,29,31,34],failur:[1,5,9,10,17,24,28,29,30,34],fals:[16,17,21],famili:[5,7,14,16,17,18,21,24,28,32],far:28,fashion:11,fault:26,favor:28,featur:[0,4,24,29],februari:0,feedback:[1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34],few:[0,28,34],fewer:11,ffc:16,ffdh:22,field:[0,1,5,7,12,15,16,17,30],figur:[22,26],file:[10,24,27,30,31],fill:[14,24],filter:26,financi:[0,21],fine:29,finish:[11,13,14,17,18,28,29,31,34],finit:[0,7,16,17],fip:[0,7,14,17],fips180:[0,14],fips186:[0,17],fips197:[0,7],fips202:[0,14],firmwar:[0,10,28,30,32],first:[0,1,5,11,13,14,16,17,18,19,21,22,24,28,29,30],fit:[0,21,29],fix:[0,1,17,28],flag:[1,3,5,11,13,16,17,18,19,21,22,24,27,28,29,31],flaw:[26,31],flexibl:29,flip:26,flow:[24,30],focu:26,follow:[0,1,2,4,5,6,7,9,10,11,12,13,14,16,17,18,19,21,24,26,28,29,31],font:0,foo:28,foo_length:28,foo_siz:28,forbidden:[10,17],forc:[0,5,26],forcibl:10,forg:26,form:[0,4,6,11,13,14,17,18,21,24,26,29,30],formal:24,format:[5,10,13,15,16,21,24,26,29,30],former:22,forward:17,found:1,four:[0,6,13],fragment:[11,13,14,18,29],framework:[0,10,28],franc:7,free:[0,1,5,11,13,14,17,18,28,30],freedom:[30,31],freeli:[2,4],frequent:4,freshli:1,friendli:[30,32],from:[0,1,2,4,5,6,7,10,11,13,14,16,17,18,21,22,24,26,28,29,30,31,33,34],frontend:30,frp256v1:[7,24],frp:[0,7,22],fulbourn:0,full:[7,10,12,13,16,23,26,28],fullest:0,fulli:[0,23,26,28,31],further:[10,24,28,30],furthermor:11,futur:[2,4,7,12,13,17,21,25,27,28,29,31,32],gain:26,galoi:[0,11],gap:26,garbag:29,gcm:[0,11,22,28],gener:[0,1,5,7,9,10,11,13,15,16,17,19,21,22,24,26,27,28,30,32,34],get:[1,12,16],give:[0,4,29,30,31],given:[1,2,4,5,11,13,14,16,17,19,21,24,30,34],glitch:[26,31],global:[1,10,11,13,14,17,18,29],globalspec:0,glossari:24,gmac:[0,11],gmbz:0,goal:[10,27,32,33],goldilock:[0,7,16],good:6,gouv:0,govern:0,grant:0,greater:[6,11,17],group:[7,23,24,25],guarante:[0,4,5,9,10,11,13,14,16,18,19,21,24,28,31,33,34],guess:[14,18,31],guid:[0,26],guidelin:4,had:28,half:24,halt:[14,24,28],hamburg:0,handl:[10,24,26,27,29],handle_error:5,handshak:17,happen:[10,17,28],harder:30,hardwar:[0,10,26,27,29,32,33,34],has:[0,1,2,4,5,6,9,10,11,13,14,16,17,18,24,26,28,29,30,31,32,33],hash:[0,5,6,7,10,12,15,17,18,19,21,23,24,26,27,28,29,30],hash_alg:[17,18,19,21,22,23,25],hash_len:21,hash_length:[14,21,23],hash_siz:[14,23],hash_stat:[14,23],hash_state_length:[14,23],hash_state_s:[14,23],hasheddsa:[21,22],have:[0,1,2,4,5,6,7,10,11,12,13,14,16,17,18,19,21,22,24,25,26,28,29,30,31,33,34],header:[10,24,27,31],heap:[29,34],held:26,hellman:[0,3,5,16,17,24,27],help:26,helper:24,here:[5,10,11,13,14,17,18,25,26,29],hereaft:0,herebi:0,hereund:0,hexadecim:0,hidden:26,hide:26,high:[7,17,26,29,31,32,33],higher:[4,14,30],highest:[26,28],highli:[1,6,29],hint:[6,31],histori:[0,27],hkdf:[0,17,22,24],hmac:[0,5,7,14,17,18,22,24],hold:[10,28,33],holist:32,home:0,host:10,how:[4,5,12,14,17,21,24,26,28,29,31],howev:[4,5,10,17,26,28,29,30,33,34],hsm:33,html:0,http:0,human:7,hybrid:24,iacr:0,iana:24,ident:[14,17,18,21,26,30,33],identif:[19,26,30],identifi:[0,1,3,4,5,6,7,10,11,12,13,14,16,17,18,19,21,24,26,27,30,31,32],ids:24,iec:[0,14,18],ieee:[0,13],ieeexplor:0,ietf:[0,11,13],ignor:0,ihi:[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34],illeg:[24,26],illustr:5,immedi:[0,31],immut:[5,26],impact:[26,31,34],implement:[0,1,3,5,8,9,11,12,13,14,15,16,17,18,19,20,22,23,24,27,28,29,30,32,33,34],impli:0,imposs:[1,5,10,21,24,28],improv:[0,24,28],inaccess:26,inact:[11,13,14,17,18,29,31],inadequ:26,includ:[0,1,5,6,7,10,13,14,16,17,21,24,26,28,29,30,31,32,33,34],inclus:[10,26],incompat:[5,11,13,32],incomplet:[11,13,28],incorrect:[10,26],incorrectli:26,increas:24,increment:13,independ:[13,14,24,26,31,32,33],indic:[0,1,5,10,11,16,17,19,22,24,28,29,30,31,32],indirect:[1,26,27],indirectli:[0,11,29,30],individu:[0,1,11,17,21,24,26,28],induc:26,industri:[0,21,32],ineffici:31,inescap:30,info:[0,17],infocent:0,inform:[1,4,10,14,17,18,24,27,28,29],infrastructur:[0,5],infring:0,initi:[0,1,5,8,10,11,13,14,16,17,18,19,20,21,24,27,29,32],inject:26,inlin:[2,4,6,7,28],input:[0,2,4,5,6,7,11,13,14,15,16,18,19,21,23,24,25,26,27,29,31,34],input_length:[11,13,14,18,19,21,23],insecur:[18,26,30],insid:[4,6,10,26,30,31,33],inspect:24,instanc:[0,4,28,29,30],instanti:[28,31],instead:[7,10,11,13,14,16,17,18,20,21,24,26,28,29,32],instruct:0,insuffici:[10,11,13,14,16,18,19,21,28],int32_t:[10,23,28],integ:[0,5,11,12,13,14,17,22,24,28,31],integr:[2,10,13,14,18,26,28,29,30],intellectu:0,intend:[7,10,24,26,28],interchang:30,interest:0,interfac:[0,4,6,11,13,16,21,26,27,28,29,32,33],intermedi:[10,11,14,17,26,30],intern:[14,24,26,28,29,30,33],internet:[0,5],interoper:30,interpos:26,interpret:[0,5,16],interrupt:[28,31],introduc:[0,24,26],introduct:27,introductori:24,invalid:[1,2,5,7,10,11,12,17,26,28,30,31],invers:5,invoc:21,involv:[14,29,30,33],iot:30,irtf:0,isl:0,iso10118:[0,14],iso9797:[0,18],iso:[0,14,18,28],isol:[0,2,17,26,27,29,31,33],issu:[0,11,27,28,29,30],ital:0,item:[0,5,10],iter:[13,17],its:[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34],itself:[0,1,10,11,12,13,14,17,18,26],iv_length:[13,23],iv_siz:[13,23],januari:0,jolyon:0,juli:0,june:0,just:6,justifi:26,ka_alg:[16,23,25],kdf:[0,22,24],kdf_alg:[16,23,25],keep:[6,10,28,31,34],kei:[0,9,10,11,12,13,15,18,19,20,21,23,24,26,27,30,32,34],kept:[17,30,33],kernel:28,key_bit:[5,7,11,16,18,19,21,23],key_typ:[5,11,13,16,18,19,21,23],keypair:0,keystor:[0,7,10,26,27,29,33,34],kind:6,known:[7,11,12,17,26,29,30,31],koblitz:7,kuleuven:0,label:[17,19],lack:[30,34],land:28,languag:[0,30],larg:[5,11,13,14,16,17,18,19,21,28,29],larger:[10,11,17,18,30,31,33],largest:[11,21],last:[1,10,11,28],later:14,latest:[0,31],latter:[17,22],law:0,layer:[0,7,17,33],lead:5,leak:[14,18,28,29,30,31,33,34],leakag:34,least:[4,5,11,13,14,16,17,18,19,21,22,24,33],leav:[13,28,31],led:10,left:[7,21],legaci:[7,13,14,30],legal:0,len:22,length:[5,6,11,13,14,17,18,21,22,24,26,28],less:[11,17,18],let:17,level:[26,29,30,32,33],liabil:0,liabl:0,librari:[1,5,10,11,13,14,16,17,18,19,20,21,24,27,30,32],licenc:27,licens:0,license:0,lie:31,lies:26,lifespan:0,lifetim:[0,1,2,3,5,6,17,23,24,27,33],like:[2,4,6,7,25,26,27,31],likelihood:26,limit:[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34],link:[0,30],linkag:28,list:[0,5,7,10,11,12,13,14,18,26,30,33],literatur:31,littl:[5,13,14,16,33],lnc:0,load:31,local:[2,4,29],locat:[0,1,5,6,10,11,17,23,24,26,28,29,30,31],log:[10,28],log_2:16,logarithm:[0,16,17],logic:[1,11,13,14,17,18,26,29,33,34],logo:0,longer:[1,5,7,10,17,24,31,34],look:31,loss:[10,26],low:[7,17,26,30,32],lower:[4,28],lowest:28,mac:[0,6,7,10,11,12,15,23,24,26,27,28,29],mac_alg:[18,23,25],mac_length:[18,23,25],mac_siz:[18,23],machin:30,macro:[3,8,15,22,24,27,29],made:[0,21,24,26,28],mai:[0,4,17,21,26],mail:0,main:[0,4,26,29,33],maintain:[26,29,31],mainten:6,major:[0,9,24,30],make:[0,1,4,5,6,10,11,13,14,16,17,18,19,21,24,26,28,30,31],malici:[11,33],malloc:5,manag:[0,4,6,9,13,24,26,27,28,30,32,33],mandat:24,mandatori:[10,17,29,32],mani:[0,1,10,17,18],manipul:[26,31],manner:[28,30],manual:0,manufactur:[0,33],map:[24,31],march:0,mark:0,marker:1,mask:[19,21],master:[17,29,30],mastersecret:[17,22],match:[4,5,11,13,14,17,18,24,31],materi:[0,1,4,5,6,16,17,21,24,26,27,29,30,32,33],matter:0,maximum:[2,5,7,11,13,14,16,17,18,19,21,24,28],mbed:24,md2:[0,14,22],md4:[0,14,22],md5:[0,14,22],mean:[0,1,4,11,13,14,16,17,18,22,28,29,30,31,33],meant:11,measur:26,mechan:[0,4,18,21,24,26,30,31],media:10,medium:26,meet:[13,30],memcmp:[14,17,18],memori:[0,1,4,5,6,10,11,17,24,26,27,28,29,30,33],memoriz:7,memset:[1,11,13,14,17,18],mention:[0,28],merchant:0,mere:[2,4,10],merg:24,messag:[0,6,11,13,15,19,21,22,24,26,27,29,30],met:4,metadata:[0,1,4,5,17,24,29],method:[0,11,13,14,17,18,24,26,29,31],mgf1:[19,21],microcontrol:30,middl:17,might:[0,1,5,6,9,10,11,13,14,16,17,18,19,21,23,26,28,29,30,31,33,34],migrat:24,min_mac_length:[18,23,25],min_tag_length:[11,23,25],mind:10,minim:[5,31,34],minimum:[2,11,13,18,24,27,31,32,33],minor:[0,9,24],misconfigur:26,miss:23,mistak:30,misus:[26,30,31],mitig:27,mitsubishi:0,mnemon:0,mod:5,mode:[0,7,11,12,13,18,22,24,28],model:[16,27,32,33],modern:32,modif:[24,26],modifi:[1,10,17,21,24,26,28,34],modul:9,modular:[29,30],modulu:[5,7],monospac:0,montgomeri:[7,16,17,22],more:[0,1,4,5,6,7,9,11,13,14,17,18,24,26,28,29,30,31,33,34],most:[11,13,16,17,18,21,22,24,28,29,30,31,34],mount:26,move:[24,29],msg:21,msg_len:21,much:[17,28],multi:[0,5,10,15,16,17,21,24,26,27,28,30,31],multipl:[0,7,10,11,12,13,16,17,24,26,28,29,30,31,33],multiprocess:30,multitask:28,multithread:[28,34],must:[0,1,2,4,5,6,7,9,10,11,12,13,14,16,17,18,19,20,21,22,23,24,26,28,29,30,31,32,33,34],mutual:33,name:[0,2,4,16,19,21,23,24,27,29],namespac:31,narrow:13,national:0,natur:24,necessari:[24,30],need:[1,4,5,10,11,13,14,16,17,18,24,25,26,28,29,30,31,33,34],neg:[10,17],negoti:[0,7],neither:[5,17],network:27,never:[4,24,26,28,33],newer:13,newli:[1,5,17],next:[17,28,31],nfc:30,nist:[0,7,11,13,16,17,18,26],non:[1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34],nonc:[0,9,10,11,13,23,24],nonce_length:[11,23],nonce_s:[11,23],none:[7,10,22],nonzero:5,nor:[5,17,30],norm:33,normal:[0,10,13,17,21,28,34],note:[13,16,17,28],noth:5,notic:0,notwithstand:0,novemb:0,now:[0,1,10,11,13,14,17,18,24,28,29],ntt:[0,7],number:[5,11,13,14,15,16,17,18,19,21,24,27,28,29,30,31,33,34],numer:[7,17,24,29],oaep:[19,22],obei:[28,31,34],object:[1,2,4,5,6,7,11,13,14,16,17,18,24,27,28,29,34],oblig:0,observ:[10,11,26,28],obsolet:24,obtain:[17,26,28,29,31],obviou:24,occur:[4,5,9,10,11,13,14,17,18,29,31,34],octet:[0,5,11,17,21,31],octob:0,oem:26,ofb:[13,22],offer:[4,10,26,33],offset:28,often:[28,29,30],omit:[17,29],onc:[1,4,9,11,13,14,17,18,26,28,29,30],one:[0,1,2,4,5,7,10,11,13,14,16,17,18,21,24,26,28,29,30,31,33,34],ones:[30,33],ongo:[5,6,14,17,26,31],onli:[0,1,4,5,6,7,10,11,12,13,14,17,18,19,21,22,24,26,28,29,30,31,34],onward:[17,21],opac:0,opaqu:32,open:[0,31,32],oper:[0,4,5,6,7,9,10,12,16,17,19,21,22,23,24,26,27,28,30,31,32,33,34],opposit:28,optim:[28,30],option:[0,1,5,11,13,17,19,21,24,26,27,29,31],oracl:11,order:[1,5,14,16,17,18,21,26,28,29],ordinari:0,org:0,orient:[0,13,26],origin:[1,5,7,11,13,26,28,29],other:[1,4,5,6,9,10,11,13,14,15,16,17,21,22,26,27,28,29,30,32,33,34],otherwis:[0,4,6,10,11,12,13,16,17,18,19,21,22,28,34],out:[10,11,17,24,26,28,31],outcom:28,output:[0,1,2,4,5,7,10,11,13,14,16,17,18,19,20,21,22,23,24,26,27,29,34],output_length:[11,13,16,17,19,23],output_s:[11,13,16,19,20,23],outsid:[2,4,5,6,17,26,28,30,31],ouvrag:0,over:[5,7,16,18,21,28,29,30,31],overal:[26,31],overlap:[26,27],overview:[24,27,32],overwrit:[6,7],own:[0,4,16,24,26,28,29],owner:[0,26,31],ownership:[4,24],pad:[10,12,13,16,17,19,21,22,24],page:0,pair:[0,5,6,7,16,17,19,21,22,27,29,33],pake:[0,32],paradigm:21,paramet:[0,1,2,4,5,6,7,10,11,12,13,14,16,17,18,19,20,21,24,26,27,29,30,31,33,34],parameter:[22,24],parameteris:21,parametr:[21,28],pariti:[5,17,22,24],part:[0,5,6,7,10,15,16,17,21,24,26,27,28,30,31,32],parti:[0,4,5,16],partial:[13,14,28,31],particip:16,particular:[0,1,4,6,10,11,13,14,17,18,21,28,30,31],particularli:31,partit:[27,30],pass:[2,4,5,10,11,13,14,16,17,18,19,21,24,26,28,31,34],passeport:[0,7],passphras:[7,17],password:[0,6,7,17,22,24,32],past:[31,34],patent:0,pattern:[1,24,29,31],pbkdf2:[17,22,24],pdf:0,peer:[7,16],peer_kei:[16,23],peer_key_length:[16,23],pepper:[7,17,22],per:[11,13,14,18,21],perform:[0,4,9,10,11,12,14,16,17,18,21,26,28,29,30,31,33],period:[0,34],perman:[2,4,10,29],permiss:[6,7,26,28],permit:[0,1,3,4,5,9,10,11,12,13,16,17,18,19,21,22,24,26,27,28,29,30,31],permut:[0,14],persist:[0,1,2,3,5,6,10,17,23,26,27,29,31,33,34],person:17,phase:17,philosophi:27,photon:26,physic:[0,4,5,26,30,33],piec:0,pin:7,pkc2006:0,pkc:[0,5,13,17,19,21,22,26],pkcs1:21,place:[1,11,24,26,31],plain:[0,6,10],plaintext:[11,13,23,26],plaintext_length:[11,23,24],plaintext_s:[11,23],plan:[27,30],platform:[0,10,27,28,32,33],pleas:31,plen:11,point:[5,16,17,21,23,28],pointer:[1,24,26,27],polic:24,polici:[0,1,3,4,5,7,10,11,12,16,17,18,21,22,24,26,27,30,31],poly1305:[0,7,11,13,22],popul:[4,5,29,30],port:27,portabl:[1,9,11,13,14,17,18,28,31,32],portion:0,pose:26,possess:0,possibl:[5,10,13,17,21,26,28,30,31,33],postdetail:0,potenti:[18,24,27,28,33],power:[4,26,29,31],practic:[6,26,32],pre:[0,1,17,21,30,31],preced:[0,11,13,14,18],precis:[0,10,24,30,31],predefin:31,predict:31,prefer:[4,13],prefix:[0,28],prehash:[14,21],prejudic:0,preneel:0,prepar:[4,29],presenc:6,present:[5,6,10,30,33],preserv:[4,6,29],prevail:0,prevent:[0,26,28,30],previou:[1,11,17,24,28,33],previous:[6,7,10,11,14,24],prf:[0,17,22],primari:[4,33],primarili:[5,7],prime1:5,prime2:5,prime:[5,7,16,17],primit:[16,26,30,32],priorit:26,prioriti:26,privat:[0,5,6,7,16,17,19,21,26,29,30],private_kei:[5,16,23],privateexpon:5,privatekei:5,privileg:[4,24,26],prng:10,probabilist:5,procedur:[17,33],process:[4,5,11,13,14,18,29,30,31,33,34],processor:[26,27,30,34],produc:[0,6,11,16,17,21,29],product:[0,5,26],profil:[0,5,27,32],program:[0,28],programm:[26,33],progress:[28,29],proper:13,properli:28,properti:[0,17,26,29],propos:32,proprietari:[6,29],protect:[0,10,13,26,29,30,31],protocol:[0,7,10,11,13,14,17,26,30],prototyp:24,prove:30,provid:[0,2,4,5,7,9,11,12,13,14,16,17,19,21,22,23,24,25,26,28,29,30,31,32,33],provis:[26,27,29,33],provok:26,psa:[0,1,2,3,4,5,6,7,8,11,12,13,14,15,16,17,18,19,20,21,22,24,25,26,28,29,30,31,32,33,34],psa_:28,psa__alg_aead_with_default_tag_length__cas:24,psa_abort_xxx:28,psa_aead_abort:[15,23],psa_aead_decrypt:[6,15,23],psa_aead_decrypt_output_max_s:[15,23,24],psa_aead_decrypt_output_s:[15,23,24],psa_aead_decrypt_setup:[6,15,23],psa_aead_encrypt:[6,15,23],psa_aead_encrypt_output_max_s:[15,23,24],psa_aead_encrypt_output_s:[15,23,24],psa_aead_encrypt_setup:[6,15,23],psa_aead_finish:[15,23],psa_aead_finish_output_max_s:[15,23,24],psa_aead_finish_output_s:[15,23,24],psa_aead_generate_nonc:[15,23,24,29],psa_aead_nonce_length:[15,23,24],psa_aead_nonce_max_s:[15,23,24],psa_aead_operation_init:[15,23],psa_aead_operation_t:[15,23],psa_aead_set_length:[15,23],psa_aead_set_nonc:[15,23],psa_aead_tag_length:[15,23,24],psa_aead_tag_length_offset:24,psa_aead_tag_max_s:[15,23,24],psa_aead_upd:[15,23,24],psa_aead_update_ad:[15,23],psa_aead_update_output_max_s:[15,23,24],psa_aead_update_output_s:[15,23,24],psa_aead_verifi:[15,23],psa_aead_verify_output_max_s:[15,23,24],psa_aead_verify_output_s:[15,23,24],psa_alg_aead_from_block_flag:24,psa_alg_aead_tag_length_mask:24,psa_alg_aead_with_at_least_this_length_tag:[6,15,22,23,24,25],psa_alg_aead_with_default_length_tag:[15,23,24,25],psa_alg_aead_with_default_tag_length:24,psa_alg_aead_with_shortened_tag:[15,22,23,24,25],psa_alg_aead_with_tag_length:24,psa_alg_any_hash:[6,12,15,22,23,24,25],psa_alg_arc4:24,psa_alg_at_least_this_length_mac:[6,15,22,23,24,25],psa_alg_category_aead:24,psa_alg_category_asymmetric_encrypt:24,psa_alg_category_ciph:24,psa_alg_category_hash:24,psa_alg_category_key_agr:24,psa_alg_category_key_deriv:24,psa_alg_category_mac:24,psa_alg_category_mask:24,psa_alg_category_sign:24,psa_alg_cbc_mac:[7,15,22,23,24],psa_alg_cbc_no_pad:[7,15,22,23,24],psa_alg_cbc_pkcs7:[7,15,22,23,24],psa_alg_ccm:[7,15,22,23,24,25],psa_alg_cfb:[7,15,22,23,24],psa_alg_chacha20:24,psa_alg_chacha20_poly1305:[7,15,22,23,24,25],psa_alg_cipher_from_block_flag:24,psa_alg_cipher_mac_bas:24,psa_alg_cipher_stream_flag:24,psa_alg_cmac:[7,15,22,23,24],psa_alg_ctr:[7,15,22,23,24],psa_alg_deterministic_ecdsa:[7,15,22,23,24,25],psa_alg_deterministic_ecdsa_bas:24,psa_alg_ecb_no_pad:[7,15,22,23,24],psa_alg_ecdh:[7,15,22,23,24],psa_alg_ecdsa:[7,12,15,22,23,24,25],psa_alg_ecdsa_ani:[7,15,22,23,24,25],psa_alg_ecdsa_bas:24,psa_alg_ecdsa_is_determinist:24,psa_alg_ed25519ph:[7,15,22,23,24],psa_alg_ed448ph:[7,14,15,22,23,24],psa_alg_ffdh:[7,15,22,23,24],psa_alg_full_length_mac:[15,23,24,25],psa_alg_gcm:[7,15,22,23,24,25,28],psa_alg_get_hash:[15,21,23,24,25],psa_alg_gmac:24,psa_alg_hash_mask:24,psa_alg_hkdf:[7,12,15,22,23,24,25,29],psa_alg_hkdf_bas:24,psa_alg_hkdf_get_hash:24,psa_alg_hmac:[7,12,15,22,23,24,25],psa_alg_hmac_bas:24,psa_alg_hmac_get_hash:24,psa_alg_is_aead:[11,15,23,24,25],psa_alg_is_aead_on_block_ciph:[15,23,24,25],psa_alg_is_asymmetric_encrypt:[15,19,23,24,25],psa_alg_is_block_cipher_mac:[15,23,24,25],psa_alg_is_ciph:[13,15,23,24,25],psa_alg_is_deterministic_ecdsa:[15,23,24,25],psa_alg_is_ecdh:[15,23,24,25],psa_alg_is_ecdsa:[15,23,24,25],psa_alg_is_ffdh:[15,23,24,25],psa_alg_is_hash:[14,15,17,18,19,21,23,24,25],psa_alg_is_hash_and_sign:[15,23,24,25],psa_alg_is_hash_eddsa:[15,23,24,25],psa_alg_is_hkdf:[15,23,24,25],psa_alg_is_hmac:[14,15,23,24,25],psa_alg_is_key_agr:[15,16,17,23,24,25],psa_alg_is_key_deriv:[15,16,17,23,24,25],psa_alg_is_key_derivation_or_agr:24,psa_alg_is_key_derivation_stretch:[15,23,25],psa_alg_is_key_select:24,psa_alg_is_mac:[15,18,23,24,25],psa_alg_is_pbkdf2_hmac:[15,23,25],psa_alg_is_randomized_ecdsa:[15,23,24,25],psa_alg_is_raw_key_agr:[15,17,23,24,25],psa_alg_is_rsa_oaep:[15,23,24,25],psa_alg_is_rsa_pkcs1v15_sign:[12,15,23,24,25],psa_alg_is_rsa_pss:[15,23,24,25],psa_alg_is_rsa_pss_any_salt:[15,23,24,25],psa_alg_is_rsa_pss_standard_salt:[15,23,24,25],psa_alg_is_sign:[15,23,24,25],psa_alg_is_sign_hash:[15,23,24,25],psa_alg_is_sign_messag:[15,23,24,25],psa_alg_is_stream_ciph:[15,23,24,25],psa_alg_is_tls12_prf:[15,23,24,25],psa_alg_is_tls12_psk_to_m:[15,23,24,25],psa_alg_is_vendor_defin:24,psa_alg_is_wildcard:[15,21,23,24,25],psa_alg_key_agr:[15,22,23,24,25],psa_alg_key_agreement_get_bas:[15,23,24,25],psa_alg_key_agreement_get_kdf:[15,23,24,25],psa_alg_key_agreement_mask:24,psa_alg_key_derivation_mask:24,psa_alg_mac_subcategory_mask:24,psa_alg_mac_truncation_mask:24,psa_alg_md2:[15,22,23,24,25],psa_alg_md4:[15,22,23,24,25],psa_alg_md5:[15,22,23,24,25],psa_alg_non:[1,6,15,22,23,25],psa_alg_ofb:[7,15,22,23,24],psa_alg_pbkdf2_aes_cmac_prf_128:[7,15,22,23,24],psa_alg_pbkdf2_hmac:[7,12,15,22,23,24,25],psa_alg_pure_eddsa:[7,15,22,23,24],psa_alg_ripemd160:[15,22,23,24,25],psa_alg_rsa_oaep:[7,12,15,22,23,24,25],psa_alg_rsa_oaep_bas:24,psa_alg_rsa_oaep_get_hash:24,psa_alg_rsa_pkcs1v15_crypt:[7,15,22,23,24],psa_alg_rsa_pkcs1v15_sign:[6,7,15,22,23,24,25],psa_alg_rsa_pkcs1v15_sign_bas:24,psa_alg_rsa_pkcs1v15_sign_raw:[6,7,15,22,23,24,25],psa_alg_rsa_pss:[7,12,15,22,23,24,25],psa_alg_rsa_pss_any_salt:[7,12,15,22,23,24,25],psa_alg_rsa_pss_bas:24,psa_alg_sha3_224:[15,22,23,24],psa_alg_sha3_256:[15,21,22,23,24],psa_alg_sha3_384:[15,22,23,24],psa_alg_sha3_512:[15,22,23,24],psa_alg_sha_1:[15,22,23,24,25],psa_alg_sha_224:[15,22,23,24,25],psa_alg_sha_256:[15,17,18,21,22,23,24,25],psa_alg_sha_384:[15,22,23,24,25],psa_alg_sha_512:[15,21,22,23,24,25],psa_alg_sha_512_224:[15,22,23,24,25],psa_alg_sha_512_256:[15,22,23,24,25],psa_alg_shake256_512:[15,21,22,23,24],psa_alg_sign_get_hash:24,psa_alg_sm3:[15,22,23,24],psa_alg_stream_ciph:[7,15,22,23,24],psa_alg_tls12_prf:[7,12,15,22,23,24,25],psa_alg_tls12_prf_bas:24,psa_alg_tls12_prf_get_hash:24,psa_alg_tls12_psk_to_m:[7,12,15,22,23,24,25],psa_alg_tls12_psk_to_ms_bas:24,psa_alg_tls12_psk_to_ms_get_hash:24,psa_alg_tls12_psk_to_ms_max_psk_len:24,psa_alg_truncated_mac:[15,22,23,24,25],psa_alg_vendor_flag:24,psa_alg_xt:[7,15,22,23,24],psa_alg_xxx:[16,24],psa_alg_xxxx_get_hash:24,psa_algorithm_t:[6,11,13,14,15,16,17,18,19,21,22,23,24,25,28],psa_asymmetric_decrypt:[6,15,23],psa_asymmetric_decrypt_output_max_s:[15,23,24],psa_asymmetric_decrypt_output_s:[15,23],psa_asymmetric_encrypt:[6,15,23],psa_asymmetric_encrypt_output_max_s:[15,23,24],psa_asymmetric_encrypt_output_s:[15,23],psa_asymmetric_sign:24,psa_asymmetric_sign_output_s:24,psa_asymmetric_signature_max_s:24,psa_asymmetric_verifi:24,psa_bits_to_byt:24,psa_block_cipher_block_length:[15,23,24,25],psa_block_cipher_block_max_s:[15,23,24],psa_block_cipher_block_s:24,psa_bytes_to_bit:24,psa_cipher_abort:[15,23],psa_cipher_decrypt:[6,15,23,24],psa_cipher_decrypt_output_max_s:[15,23,24],psa_cipher_decrypt_output_s:[15,23,24],psa_cipher_decrypt_setup:[6,15,23],psa_cipher_encrypt:[6,15,23,24],psa_cipher_encrypt_output_max_s:[15,23,24],psa_cipher_encrypt_output_s:[15,23,24],psa_cipher_encrypt_setup:[6,15,23,29],psa_cipher_finish:[15,23,29],psa_cipher_finish_output_max_s:[15,23,24],psa_cipher_finish_output_s:[15,23,24],psa_cipher_generate_iv:[15,23,29],psa_cipher_iv_length:[15,23,24],psa_cipher_iv_max_s:[15,23,24],psa_cipher_operation_init:[15,23,29],psa_cipher_operation_t:[15,23,29],psa_cipher_set_iv:[15,23,24,29],psa_cipher_upd:[15,23,24,29],psa_cipher_update_output_max_s:[15,23,24],psa_cipher_update_output_s:[15,23,24],psa_close_kei:24,psa_copy_kei:[1,2,3,4,6,23,24,26,29],psa_create_kei:24,psa_crypto_api_version_major:[8,23,24],psa_crypto_api_version_minor:[8,23,24],psa_crypto_generator_init:24,psa_crypto_generator_t:24,psa_crypto_init:[1,5,8,10,11,13,14,16,17,18,19,20,21,23,29,34],psa_destroy_kei:[2,3,4,23,24,29],psa_dh_family_rfc7919:[3,22,23,24],psa_dh_family_t:[3,23,24,25],psa_dh_group_ffdhe2048:24,psa_dh_group_ffdhe3072:24,psa_dh_group_ffdhe4096:24,psa_dh_group_ffdhe6144:24,psa_dh_group_ffdhe8192:24,psa_dh_group_t:24,psa_ecc_curve_bit:24,psa_ecc_curve_brainpool_p256r1:24,psa_ecc_curve_brainpool_p384r1:24,psa_ecc_curve_brainpool_p512r1:24,psa_ecc_curve_curve25519:24,psa_ecc_curve_curve448:24,psa_ecc_curve_secp160k1:24,psa_ecc_curve_secp160r1:24,psa_ecc_curve_secp160r2:24,psa_ecc_curve_secp192k1:24,psa_ecc_curve_secp192r1:24,psa_ecc_curve_secp224k1:24,psa_ecc_curve_secp224r1:24,psa_ecc_curve_secp256k1:24,psa_ecc_curve_secp256r1:24,psa_ecc_curve_secp384r1:24,psa_ecc_curve_secp521r1:24,psa_ecc_curve_sect163k1:24,psa_ecc_curve_sect163r1:24,psa_ecc_curve_sect163r2:24,psa_ecc_curve_sect193r1:24,psa_ecc_curve_sect193r2:24,psa_ecc_curve_sect233k1:24,psa_ecc_curve_sect233r1:24,psa_ecc_curve_sect239k1:24,psa_ecc_curve_sect283k1:24,psa_ecc_curve_sect283r1:24,psa_ecc_curve_sect409k1:24,psa_ecc_curve_sect409r1:24,psa_ecc_curve_sect571k1:24,psa_ecc_curve_sect571r1:24,psa_ecc_curve_t:24,psa_ecc_family_brainpool_p_r1:[3,5,16,21,22,23,24],psa_ecc_family_frp:[3,5,16,21,22,23,24],psa_ecc_family_montgomeri:[3,5,16,17,22,23,24],psa_ecc_family_secp_k1:[3,22,23,24],psa_ecc_family_secp_r1:[3,22,23,24],psa_ecc_family_secp_r2:[3,22,23,24],psa_ecc_family_secp_xx:[5,16,21],psa_ecc_family_sect_k1:[3,22,23,24],psa_ecc_family_sect_r1:[3,22,23,24],psa_ecc_family_sect_r2:[3,22,23,24],psa_ecc_family_sect_xx:[5,16,21],psa_ecc_family_t:[3,23,24,25],psa_ecc_family_twisted_edward:[3,5,21,22,23,24],psa_ecdsa_signature_s:24,psa_error_already_exist:[5,8,17,23,24],psa_error_bad_st:[1,5,8,9,11,13,14,16,17,18,19,20,21,23,28,29],psa_error_buffer_too_smal:[5,8,11,13,14,16,18,19,21,23,28],psa_error_communication_failur:[1,5,8,9,11,13,14,16,17,18,19,20,21,23,28],psa_error_corruption_detect:[1,5,8,9,11,13,14,16,17,18,19,20,21,23,24,28,29],psa_error_data_corrupt:[1,5,8,11,13,16,17,18,19,21,23,24,28],psa_error_data_invalid:[1,5,8,11,13,16,17,18,19,21,23,24],psa_error_does_not_exist:[8,23,24],psa_error_empty_slot:24,psa_error_generic_error:[8,23,24],psa_error_hardware_failur:[8,23,28],psa_error_insufficient_capac:24,psa_error_insufficient_data:[8,17,23,24,28],psa_error_insufficient_entropi:[5,8,9,11,13,19,20,21,23],psa_error_insufficient_memori:[1,5,8,9,11,13,14,16,17,18,19,20,21,23,31],psa_error_insufficient_storag:[5,8,17,23],psa_error_invalid_argu:[5,8,11,13,14,16,17,18,19,21,23,24],psa_error_invalid_handl:[1,2,5,8,11,13,16,17,18,19,21,23],psa_error_invalid_pad:[8,13,19,23],psa_error_invalid_signatur:[8,11,14,17,18,21,23],psa_error_not_permit:[5,8,11,13,16,17,18,19,21,23,24],psa_error_not_support:[5,8,11,13,14,16,17,18,19,20,21,23],psa_error_occupied_slot:24,psa_error_storage_failur:[1,5,8,11,13,16,17,18,19,21,23,24,28],psa_error_tampering_detect:24,psa_error_unknown_error:24,psa_error_xxx:10,psa_export_kei:[3,6,23,24,29],psa_export_key_output_s:[3,23,24],psa_export_key_pair_max_s:[3,23,24],psa_export_public_kei:[3,16,23,29],psa_export_public_key_max_s:[3,23,24],psa_export_public_key_output_s:[3,23,24],psa_generate_derived_kei:24,psa_generate_kei:[1,2,3,4,20,23,24,29],psa_generate_random:[11,13,15,23,29],psa_generator_abort:24,psa_generator_import_kei:24,psa_generator_read:24,psa_generator_unbridled_capac:24,psa_get_generator_capac:24,psa_get_key_algorithm:[3,23],psa_get_key_attribut:[3,5,7,17,23,24,29],psa_get_key_bit:[3,5,23],psa_get_key_id:[3,23],psa_get_key_inform:24,psa_get_key_lifetim:[3,23],psa_get_key_typ:[3,5,23],psa_get_key_usage_flag:[3,23],psa_get_key_xxx:[1,29],psa_hash_abort:[15,23],psa_hash_block_length:[7,15,23,24,25],psa_hash_clon:[15,23,29],psa_hash_compar:[15,23],psa_hash_comput:[15,21,23],psa_hash_finish:[15,21,23],psa_hash_length:[7,15,23,24],psa_hash_max_s:[15,21,23],psa_hash_operation_init:[15,23],psa_hash_operation_t:[15,21,23],psa_hash_resum:[15,23,24],psa_hash_s:24,psa_hash_setup:[15,21,23],psa_hash_suspend:[15,23,24],psa_hash_suspend_algorithm_field_length:[15,23,24,25],psa_hash_suspend_hash_state_field_length:[15,23,24,25],psa_hash_suspend_input_length_field_length:[15,23,24,25],psa_hash_suspend_output_max_s:[15,23,24],psa_hash_suspend_output_s:[15,23,24,25],psa_hash_upd:[15,21,23],psa_hash_verifi:[15,23],psa_hmac_max_hash_block_s:24,psa_import_kei:[1,2,3,4,16,17,23,24,29],psa_kdf_step_xxx:24,psa_key_agr:24,psa_key_agreement_raw_shared_secret:24,psa_key_attributes_init:[3,5,23],psa_key_attributes_t:[2,3,4,5,6,7,17,23,24,26,29],psa_key_derivation_abort:[15,16,23,24,29],psa_key_derivation_get_capac:[15,23,24],psa_key_derivation_input_byt:[15,23,24,29],psa_key_derivation_input_context:[15,23,24],psa_key_derivation_input_cost:[15,23,24],psa_key_derivation_input_info:[15,23,29],psa_key_derivation_input_integ:[15,23,24],psa_key_derivation_input_kei:[6,15,23,24,29],psa_key_derivation_input_label:[15,23],psa_key_derivation_input_password:[7,15,23,24],psa_key_derivation_input_salt:[15,23],psa_key_derivation_input_se:[15,23],psa_key_derivation_input_secret:[7,15,16,23,24,29],psa_key_derivation_input_xxx:[17,24],psa_key_derivation_key_agr:[6,15,17,22,23,24],psa_key_derivation_operation_init:[15,23,24,29],psa_key_derivation_operation_t:[15,16,23,24,29],psa_key_derivation_output_byt:[6,15,23,24,29],psa_key_derivation_output_kei:[1,2,4,5,6,15,23,24,29],psa_key_derivation_set_capac:[15,23,24],psa_key_derivation_setup:[15,16,23,24,29],psa_key_derivation_step_t:[15,16,23],psa_key_derivation_unlimited_capac:[15,23,24],psa_key_derivation_verify_byt:[6,15,23,24],psa_key_derivation_verify_kei:[6,15,23,24],psa_key_export_asn1_integer_max_s:24,psa_key_export_dsa_key_pair_max_s:24,psa_key_export_dsa_public_key_max_s:24,psa_key_export_ecc_key_pair_max_s:24,psa_key_export_ecc_public_key_max_s:24,psa_key_export_max_s:24,psa_key_export_rsa_key_pair_max_s:24,psa_key_export_rsa_public_key_max_s:24,psa_key_handle_t:24,psa_key_id_nul:[1,3,4,5,17,23,24],psa_key_id_t:[1,3,4,5,11,13,16,17,18,19,21,23,24],psa_key_id_user_max:[3,23],psa_key_id_user_min:[3,23],psa_key_id_vendor_max:[3,23],psa_key_id_vendor_min:[3,23],psa_key_lifetime_from_persistence_and_loc:[3,23],psa_key_lifetime_get_loc:[3,23],psa_key_lifetime_get_persist:[3,23],psa_key_lifetime_is_volatil:[3,23],psa_key_lifetime_persist:[2,3,5,6,23],psa_key_lifetime_t:[3,23],psa_key_lifetime_volatil:[1,3,5,6,23],psa_key_location_local_storag:[3,23],psa_key_location_primary_secure_el:[3,23],psa_key_location_t:[3,23,24],psa_key_persistence_default:[3,23],psa_key_persistence_read_onli:[3,23],psa_key_persistence_t:[3,23,24],psa_key_persistence_volatil:[3,23],psa_key_policy_t:24,psa_key_type_a:[3,11,13,17,18,22,23,24,28],psa_key_type_arc4:[3,13,17,22,23,24],psa_key_type_aria:[3,11,13,17,18,22,23,24],psa_key_type_camellia:[3,11,13,17,18,22,23,24],psa_key_type_category_flag_pair:24,psa_key_type_category_key_pair:24,psa_key_type_category_mask:24,psa_key_type_category_public_kei:24,psa_key_type_category_raw:24,psa_key_type_category_symmetr:24,psa_key_type_chacha20:[3,11,13,17,22,23,24],psa_key_type_d:[3,13,17,18,22,23,24],psa_key_type_der:[3,17,22,23,24],psa_key_type_dh_get_famili:[3,23,24,25],psa_key_type_dh_group_mask:24,psa_key_type_dh_key_pair:[3,16,17,22,23,24,25],psa_key_type_dh_key_pair_bas:24,psa_key_type_dh_public_kei:[3,22,23,24,25],psa_key_type_dh_public_key_bas:24,psa_key_type_ecc_curve_mask:24,psa_key_type_ecc_get_famili:[3,23,24,25],psa_key_type_ecc_key_pair:[3,16,17,21,22,23,24,25],psa_key_type_ecc_key_pair_bas:24,psa_key_type_ecc_public_kei:[3,21,22,23,24,25],psa_key_type_ecc_public_key_bas:24,psa_key_type_get_curv:24,psa_key_type_get_group:24,psa_key_type_hmac:[3,5,17,18,22,23,24],psa_key_type_is_asymmetr:[3,23,24,25],psa_key_type_is_dh:[3,23,24,25],psa_key_type_is_dh_key_pair:[3,5,23,24,25],psa_key_type_is_dh_public_kei:[3,5,23,24,25],psa_key_type_is_ecc:[3,23,24,25],psa_key_type_is_ecc_key_pair:[3,5,23,24,25],psa_key_type_is_ecc_public_kei:[3,5,23,24,25],psa_key_type_is_key_pair:[3,23,24,25],psa_key_type_is_public_kei:[3,5,23,24,25],psa_key_type_is_rsa:[3,23,24,25],psa_key_type_is_unstructur:[3,23,24,25],psa_key_type_is_vendor_defin:24,psa_key_type_key_pair_of_public_kei:[3,23,24,25],psa_key_type_non:[1,3,22,23,24],psa_key_type_password:[3,17,22,23,24],psa_key_type_password_hash:[3,17,22,23,24],psa_key_type_pepp:[3,17,22,23,24],psa_key_type_public_key_of_key_pair:[3,5,23,24,25],psa_key_type_raw_data:[3,17,22,23,24],psa_key_type_rsa_key_pair:[3,5,17,19,21,22,23,24],psa_key_type_rsa_public_kei:[3,5,19,21,22,23,24],psa_key_type_sm4:[3,11,13,17,18,22,23,24],psa_key_type_t:[3,5,12,13,22,23,24,25,28],psa_key_type_vendor_flag:24,psa_key_usage_cach:[3,4,5,23,24,31],psa_key_usage_copi:[3,5,23],psa_key_usage_decrypt:[3,11,13,19,23],psa_key_usage_der:[3,16,17,23,24],psa_key_usage_encrypt:[3,11,13,19,23],psa_key_usage_export:[3,5,23,26],psa_key_usage_sign:24,psa_key_usage_sign_hash:[3,21,23,24],psa_key_usage_sign_messag:[3,18,21,23,24],psa_key_usage_t:[3,23],psa_key_usage_verifi:24,psa_key_usage_verify_deriv:[3,17,23,24],psa_key_usage_verify_hash:[3,21,23,24],psa_key_usage_verify_messag:[3,18,21,23,24],psa_mac_abort:[15,23],psa_mac_comput:[6,15,23],psa_mac_final_s:24,psa_mac_length:[15,23,24],psa_mac_max_s:[15,23],psa_mac_operation_init:[15,23],psa_mac_operation_t:[15,23],psa_mac_sign_finish:[15,23],psa_mac_sign_setup:[6,15,23],psa_mac_truncated_length:24,psa_mac_truncation_offset:24,psa_mac_upd:[15,23],psa_mac_verifi:[6,15,23],psa_mac_verify_finish:[15,23],psa_mac_verify_setup:[6,15,23],psa_max_block_cipher_block_s:24,psa_open_kei:24,psa_purge_kei:[3,4,6,23,24,31],psa_raw_key_agr:[6,15,22,23,24],psa_raw_key_agreement_output_max_s:[15,23,24],psa_raw_key_agreement_output_s:[15,23,24],psa_reset_key_attribut:[3,5,23],psa_round_up_to_multipl:24,psa_rsa_minimum_padding_s:24,psa_set_generator_capac:24,psa_set_key_algorithm:[1,3,21,23],psa_set_key_bit:[1,3,23],psa_set_key_id:[1,3,4,23],psa_set_key_lifetim:[1,3,23],psa_set_key_polici:24,psa_set_key_typ:[1,3,23],psa_set_key_usage_flag:[1,3,21,23],psa_set_key_xxx:1,psa_sign_hash:[6,15,22,23,24],psa_sign_messag:[6,15,23,24],psa_sign_output_s:[15,23,24],psa_signature_max_s:[15,23,24],psa_status_t:[1,5,8,9,11,13,14,16,17,18,19,20,21,23,28,34],psa_success:[1,2,5,8,9,11,13,14,16,17,18,19,20,21,23,24,28],psa_tls12_psk_to_ms_psk_max_s:[15,23,24],psa_vendor_ecc_max_curve_bit:24,psa_vendor_rsa_max_key_bit:24,psa_verify_hash:[6,15,22,23,24],psa_verify_messag:[6,15,23,24],psa_xxx_abort:[24,29],psa_xxx_init:29,psa_xxx_key_pair:24,psa_xxx_keypair:24,psa_xxx_signatur:21,psa_xxx_siz:10,pseudo:[0,17,25,29,31],pseudocod:27,pseudorandom:[5,10,17],psk:[17,22,24],pss:[21,22,24],publicexpon:5,publish:24,punumb:0,pure:17,pureeddsa:[21,22],purg:5,purpos:[0,5,6,10,12,17,18,29,30,33],put:29,q_a:16,q_b:16,qualiti:[0,27,28,29],queri:[1,2,4,5,6,7,17,29],quot:17,radio:31,rais:11,ram:[4,6],random:[0,1,7,9,10,11,13,15,17,21,22,26,27,28,30,34],randomli:[5,7],rang:[0,2,4,7,12,17,24,26,30,31,32],rate:[26,29],rather:[4,10,30],rational:[31,32],raw:[5,6,7,16,21,24,27],rayonn:0,reach:[17,28],read:[0,1,4,5,6,10,16,17,24,26,28,34],readabl:[0,10,28],reader:34,readi:[14,16],realiz:33,realm:10,reason:[10,33],reassign:24,receiv:[10,28,30],recip:32,recogn:[10,11,13,14,16,18,19,21],recommend:[0,1,5,7,9,10,11,13,14,16,17,18,21,26,27,28],reconstruct:5,record:[0,7,16],recov:[5,11,13,14,17,18,26],recover:[5,26],recoveri:26,red:0,reduc:[17,26,30,31],ref:0,refer:[1,2,5,10,11,12,14,17,18,23,24,26,27,28,29,32,34],referenc:24,reflect:[0,32],refurbish:4,regard:24,regardless:[5,6],regist:0,registri:24,regul:[0,6,29],reject:[5,11,17],rel:7,relat:[0,7,12,24,26,30,31],relax:24,releas:[4,17,27,29],relev:[0,24,26,31],reli:[9,26,31],reload:31,remain:[0,2,4,10,11,13,17,18,26,29],remedi:27,remot:33,remov:[4,5,6,24,26,33],renam:24,reorder:23,reorgan:24,repeat:[6,17,26],replac:[24,25],report:[1,6,7,10,11,24,28],repres:[1,17,21,30,31],represent:[0,1,5,21,25,30],repurpos:26,request:[6,10,11,13,16,17,18,19,21,28,31,33],requir:[1,2,4,5,6,7,9,10,11,12,13,14,16,17,18,19,20,21,22,23,24,27,28,29,30,32,34],research:30,reseed:[10,34],reserv:[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34],reset:[1,4,11,13,14,17,18,24,29],resid:30,residu:27,resist:[4,26,27],resort:10,resourc:[1,4,5,10,11,13,14,17,18,24,26,27,29,34],respect:[0,7,11,12,13,19,21,28,31],respons:[0,26],rest:[11,14,26],restart:[0,14],restrict:[0,4,5,6,17,29,31],restructur:24,result:[1,5,6,9,10,11,13,14,16,17,18,19,21,24,25,26,28,29,30,31],resum:[14,24],retain:[6,14,30,33],retent:4,retriev:[1,2,4,6,7,17,18,24,29],reus:[0,11,13,14,17,18,24,26,29,31],reveal:[10,11,26],revers:26,revis:[0,26],revoc:[0,5],rewound:17,rfc1319:[0,14],rfc1320:[0,14],rfc1321:[0,14],rfc2104:[0,18],rfc2315:[0,13],rfc3279:[0,5],rfc3610:[0,11],rfc3713:[0,7],rfc4279:[0,17],rfc4615:[0,17],rfc5116:[0,11],rfc5246:[0,17],rfc5639:[0,7],rfc5794:[0,7],rfc5869:[0,17],rfc5915:[0,5],rfc6979:[0,21],rfc7539:[0,11,13],rfc7748:[0,5,17],rfc7919:[0,7,22],rfc8017:[0,5,19,21],rfc8018:[0,17],rfc8032:[0,5,21],rfc:7,right:[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34],ripemd160:0,ripemd:[0,14,22],risk:[0,5,24,27,28,30,31],riski:[14,18],rng:[9,26],road:0,robust:31,roll:28,rom:4,rowhamm:26,royalti:0,rsa:[0,3,5,19,21,24,27],rsae:19,rsaprivatekei:5,rsapublickei:5,rsassa:21,rule:[0,11,23,24,31],run:[26,30,33,34],runtim:[5,10,26],safe:[10,11,13,14,18,27,28,29],safeti:10,salsa20:[0,11,13],salt:[0,7,17,19,21,22,23,24],salt_length:[19,23],same:[0,2,4,5,6,7,11,13,14,16,17,18,21,24,26,28,29,30,31,33,34],sampl:[27,32],satisfactori:0,satisfi:23,save:[5,17],scalabl:30,scalar:5,scenario:[9,14],schedul:17,scheme:[0,6,13,16,17,19,21,22,26,32],scientifiqu:0,scope:[0,4,26,30],sec1:[0,5,16,21],sec2:[0,7],sec2v1:[0,7],sec:[0,5,7,16,21],secg:0,secp160r2:7,secp192k1:7,secp192r1:7,secp224k1:7,secp224r1:7,secp256k1:7,secp256r1:7,secp384r1:7,secp521r1:7,secp:22,secret:[0,5,7,16,17,21,22,24,26,29,31,33],sect163k1:7,sect163r1:7,sect163r2:7,sect233k1:7,sect233r1:7,sect239k1:7,sect283k1:7,sect283r1:7,sect409k1:7,sect409r1:7,sect571k1:7,sect571r1:7,sect:22,section:[1,10,24,28,29,30,33],sector:13,secur:[0,4,5,6,7,9,10,13,14,17,18,24,27,28,29,32,33],see:[0,2,4,5,6,7,10,11,12,13,14,16,17,18,19,21,22,24,26,28,29,31,32],seed:[17,29,34],segment:[13,33],select:[11,13,14,17,18,19,21,26],sell:0,semant:24,send:0,sensibl:5,sensit:[26,31,34],separ:[0,11,21,24,26,28,29,30,32,33,34],septemb:0,sequenc:[0,1,5,10,11,13,14,17,18,21,26,28,29],sequenti:31,seri:29,serv:[30,33],server:[9,30],serverhello:17,servic:[0,15,21,26,27,30,32,33],servlet:0,set:[1,2,4,5,6,7,9,11,12,13,14,16,17,18,21,24,26,28,29,32],setup:[11,13,17,29],sever:[0,17,30,31,33],sha1:22,sha3:[14,22],sha:[0,14,17,18,21,22,24],shake256:[14,21,22],shake:14,shall:[0,26],share:[0,5,10,11,16,17,18,22,26,27,28,30,31,33],shorten:11,shorter:[5,11,24],should:[4,7,21,26],show:[21,26],shown:[0,4,22,26],side:[4,26,28,31],sign:[6,18,21,22,24,26,28,30],signatur:[0,5,6,7,9,10,12,15,17,23,24,26,27,29],signature_length:[21,23],signature_s:[21,23],signific:[0,16,17,21],similar:[11,13,21,24,33],similarli:21,simpl:[1,2,4,6,7,28],simpler:[25,31],simpli:33,simplifi:26,simultan:34,sinc:[1,29,33],singl:[0,4,5,6,7,15,16,17,21,24,26,27,30,31],sip:26,situat:[5,10,17,29],siv:11,size:[0,1,4,5,7,10,11,13,15,16,17,18,19,21,22,24,26,27,29,30,31],size_t:[5,7,11,13,14,16,17,18,19,20,21,23,28],sizeof:[1,11,13,14,17,18,21],skip:[1,21],sm3:[0,14,22],sm4:[0,7,17,22],small:[0,5,10,11,13,14,16,17,18,19,21],smaller:[11,13,14,16,17,18,19,21],smallest:[11,18],smartcard:33,snippet:24,softwar:[0,26,33],sole:[0,5],some:[0,5,10,11,13,17,21,22,24,26,28,29,30,31,33,34],someth:24,sometim:17,soon:[6,31],sophist:26,sourc:[0,5,17,29,32],source_kei:[5,23],source_oper:[14,23],sp800:[0,7,11,13,16,17,18,26],space:[10,11,28,33],special:[0,1,2,7,11,13,16,17,18,26,29,30],specif:[0,1,4,5,6,7,8,11,12,13,14,16,17,18,19,21,22,23,24,25,26,27,28,29,30,32,33,34],specifi:[0,2,4,5,6,11,12,13,14,16,17,18,19,21,22,24,26,28,29,30,31,34],speed:[0,7,16],split:[0,13,29],spoof:26,springer:0,spuriou:24,sra:26,ssi:0,stabil:[26,27,31,34],stabl:[0,32],stack:[28,29,31,34],stage:29,stakehold:[27,33],standalon:[15,27],standard:[0,5,7,10,12,13,14,16,21,22,24,26,27,28,31,34],start:[11,17,23,24,29],startup:31,state:[1,10,11,13,15,16,17,18,24,26,27,28,29,30,31],statement:0,statu:[5,8,11,13,14,16,17,18,20,26,27,32],status:28,statutori:0,std:0,stdint:31,steal:13,stem:31,step:[0,1,4,7,11,13,14,15,16,18,21,23,24,27,28,29,31],still:[5,6,10,26,32],stop:0,storag:[0,1,2,4,5,6,10,11,13,17,24,26,27,31,32,34],store:[0,1,2,4,5,6,7,10,11,13,17,18,24,26,29,30,31,33,34],strategi:[29,31],stream:[0,7,11,13,17,22,24,30],strength:[14,17],strengthen:[0,14],stretch:[0,7,17,22,24],strict:[21,31],string:[0,5,17,18,21,24],strip:5,strongli:[7,29],struct:[24,28,31],structur:[0,1,4,5,7,12,21,22,24,27],style:16,sub:0,subject:[0,5],subsequ:[9,10,11,14,17],subset:[5,7,10,26,28,30,31,32,33],subsidiari:0,subsystem:4,subtl:30,subtyp:24,succe:[9,10,11,17],succeed:10,success:[1,2,4,5,8,9,11,13,14,16,17,18,19,20,21,26,27,28,29],successfulli:[10,11,13,14,18,28],suffer:10,suffici:[5,6,10,11,13,14,16,18,19,21,28,31,34],suggest:[0,26],suit:[0,17],suitabl:[1,7,11,12,13,14,16,17,18,21,26,27,28,29],summari:[24,30],supersed:7,suppli:[0,6,29,33],support:[1,3,5,6,7,10,12,15,24,25,26,27,28,29,30,33],suppos:21,surfac:26,surviv:[0,4],suscept:26,suspend:[15,24,27,31],sym:22,symmetr:[0,3,5,6,11,12,13,27,28],synonym:31,syntax:[13,27],system:[0,4,27,28,29,30,31,33,34],systemat:28,tabl:[0,4,14,17,22,24,26],tag:[6,11,22,23,24,28,29],tag_length:[11,23,25],tag_siz:[11,23],take:[10,11,13,16,17,21,22,24,26,28,29,30,31],taken:[5,14,17,18],tamper:[0,10,26],target:[5,26,31,33],target_kei:[5,23],target_oper:[14,23],task:28,tdea:[0,7],technic:0,techniqu:[0,13,14,18,26],technolog:[0,18,30],temporari:[28,31,34],tend:[17,31],tent:11,term:[24,27,28,29,31,33],termin:[0,4,10,11,13,14,18,28,29],terminolog:[0,24],test:[17,30],text:[0,29],than:[0,4,5,6,7,9,10,11,14,17,18,21,24,28,30,31],thei:[4,6,7,10,11,12,13,14,17,26,28,29,30,31,33,34],them:[4,10,17,24,29,31],themselv:30,theoret:[14,31],therebi:[14,18],therefor:[1,17,29,33],therein:0,thereof:0,thereon:0,thi:[1,2,4,5,6,7,8,9,11,12,13,14,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34],thin:33,third:[0,4],those:[5,17,26,30,31],though:[28,33],thread:28,threat:[27,31,32],three:[5,17,30],through:[4,6,11,17,18,19,26,30,33],throughout:[4,29],thu:[33,34],tied:26,time:[0,1,10,11,13,14,17,18,26,28,29,30,31,33],titl:[0,17],tls1:24,tmp:17,token:[27,30],too:[5,10,11,13,14,16,17,18,19,21,29],took:11,tool:0,top:[13,30],tort:0,total:[11,13,14,18],toward:26,trade:0,trademark:0,trail:11,transfer:[0,4,14],transit:26,translat:[0,33],transport:[0,7,17],treat:[13,26],tripl:[0,5,7],trivial:26,trng:[29,33],truncat:[5,11,18,21,22],trust:[11,28,30,33],turn:11,twice:[13,17,26],twist:[0,5,7,21,22,24],two:[0,2,4,5,6,7,11,12,13,14,16,17,21,28,29,33,34],type:[0,3,5,8,15,16,19,21,23,24,26,27,30,34],typedef:[1,2,4,6,7,10,11,12,13,14,17,18,23,28,31],typic:[1,4,7,10,13,17,26,30,31,32,33],uint16_t:[7,17,23,28,31],uint32_t:[2,4,6,12,23,28,31],uint64_t:[17,23,28],uint8_t:[4,5,7,11,13,14,16,17,18,19,20,21,23,28,31],ultim:26,unalloc:[7,12],unambigu:5,unauthent:[7,10,11,15,24,27,29],unavail:26,unbound:30,unchang:[7,17,28,31],uncompress:5,uncompromis:26,undefin:[7,13,28,29,34],under:[0,16,17,19,21,28],underli:[5,7,11,12,13,16,18,22,28,31,33],underscor:0,understand:0,undertaken:0,undetermin:[10,28],undon:11,unexpect:5,unifi:[16,26],uninstal:4,uniqu:[13,29,30,33],unit:0,unless:[5,11,13,26,28,29,34],unlik:[26,33],unlock:31,unmodifi:28,unpack:14,unprocess:14,unsign:[14,28,31],unspecifi:[1,2,5,7,10,11,16,17,18,19,21,26,28],unstructur:7,unsupport:[10,31],unsur:10,until:[0,2,4,9,11,13,14,17,18,28,29],untrunc:18,untrust:26,untrustworthi:33,unusu:24,updat:[0,5,13,17,24,26,28,29],upon:[0,26,30],upper:[4,28],url:0,usabl:11,usag:[0,1,3,5,11,13,14,16,17,18,19,21,22,24,26,27,29,31,32],usage_flag:[6,23],use:[0,1,2,4,5,6,7,10,11,12,13,14,16,17,18,19,20,21,24,26,27,28,29,31,32,33],used:[0,1,2,4,5,6,7,10,11,12,13,14,16,17,18,19,21,22,23,24,26,28,29,30,31,32,33,34],useful:[5,21,33],user:[28,30,32],uses:[0,5,7,12,13,16,17,19,24,26,28,29,31,32],using:[0,1,4,5,6,7,10,11,13,14,16,17,18,21,22,24,26,28,29,31,33,34],usual:[16,17,21,29],v1_5:[19,21],valid:[0,1,2,4,5,6,7,10,11,13,14,16,17,18,19,21,22,24,25,26,28,29,30,31],valu:[0,1,2,3,5,6,7,10,11,12,13,14,16,17,18,19,21,23,24,25,26,27,28,29,31,33],valuabl:26,variabl:29,variant:[0,7,11,13,21,24,28,33],variou:[24,26,30],vast:[30,31],vector:[0,13,24],vendor:[4,11,25,28,31],ver:0,veri:[26,30],verif:[6,7,10,17,18,21,24,29],verifi:[0,6,7,10,11,14,18,21,24,26,28,29,31],verify_messag:21,versa:28,version:[0,4,5,7,8,13,14,17,19,21,25,26,27,28,29,31,32],via:[10,12,17,26,29],vice:28,view:[17,26],viewfil:0,violat:[0,28],virtual:30,visant:[0,7],visibl:[17,28,30],visit:0,volatil:[0,2,3,5,6,10,24,26,27,29,31,33],vote:0,vulner:[11,31],wai:[5,11,13,17,22,24,28,29,31,34],warn:[11,26,30],warranti:0,weak:[7,13,14,17,26,30],websit:0,weierstrass:[5,16,17,21],welcom:0,well:[0,10,16,21,24,26,30,34],were:[0,7,11,13,28,30],what:[0,4,5,6,17,24,26,28],when:[0,1,2,4,5,6,7,10,11,13,14,16,17,18,21,22,24,26,28,29,30,31,32,34],whenev:10,where:[1,4,5,6,9,10,11,13,14,16,17,18,19,21,26,28,29,30,31,33,34],whether:[4,6,7,10,11,12,13,16,17,18,19,21,26,28,29],which:[0,1,2,4,5,6,7,9,10,11,12,13,14,16,17,18,21,22,23,24,26,28,29,30,31,33,34],whilst:24,who:[0,33],whole:[5,11,13,17,30],whose:[0,10,13,17,21,24,28,31],wide:[30,32],wider:26,width:28,wildcard:[5,6,11,12,18,21,22,24],wipe:[4,31,34],wireless:30,wise:[0,16,17],wish:28,within:[0,2,4,7,10,24,26,29,31],without:[0,1,2,4,5,11,13,14,17,18,21,22,23,26,29],word:[0,14,34],work:[17,29],workshop:0,world:28,worldwid:0,would:[10,24,33],wrap:[4,6,24],writabl:28,write:[2,4,6,7,10,12,26,28,29],writer:[10,34],written:[0,2,4,5,10,11,13,14,16,17,18,19,21,31,34],wrong:[5,29],wrote:28,www:0,x00000000:[4,12,23],x00000001:[2,4,6,12,23],x00000002:[6,23],x00000004:[6,23],x000000:[4,23],x000000ff:[4,23,25],x00000100:[6,23],x000001:[4,23],x000001ff:25,x00000200:[6,23],x00000400:[6,23],x00000800:[6,23],x00001000:[6,23],x000010ff:25,x00002000:[6,23],x00004000:[6,23],x00008000:[6,23,25],x0000:[7,23],x0001:7,x003f8000:25,x00:[4,7,23],x00ff:25,x01:[4,23],x02000000:25,x02000001:[14,23],x02000002:[14,23],x02000003:[14,23],x02000004:[14,23],x02000005:[14,23],x02000008:[14,23],x02000009:[14,23],x0200000a:[14,23],x0200000b:[14,23],x0200000c:[14,23],x0200000d:[14,23],x02000010:[14,23],x02000011:[14,23],x02000012:[14,23],x02000013:[14,23],x02000014:[14,23],x02000015:[14,23],x020000ff:[21,23],x03000000:25,x03008000:25,x03800000:25,x03:[7,23],x03c00000:25,x03c00100:[18,23],x03c00200:[18,23],x04000000:25,x04404000:[13,23],x04404100:[13,23],x04404400:[13,23],x0440ff00:[13,23],x04800000:25,x04800100:[13,23],x04c01000:[13,23],x04c01100:[13,23],x04c01200:[13,23],x05000000:25,x05000500:25,x05008000:25,x05100500:[11,23],x05400000:25,x05400100:25,x05400200:25,x05500100:[11,23],x05500200:[11,23],x06000000:25,x06000200:[21,23,25],x06000300:25,x06000600:[21,23,25],x06000700:25,x06000800:[21,23],x06000900:25,x0600090b:[21,23],x06000915:[21,23],x06001300:25,x07000000:25,x07000200:[19,23],x07000300:25,x08000000:25,x08000100:25,x08000200:25,x08000300:25,x08800000:25,x08800100:25,x08800200:[17,23],x09000000:25,x09010000:[16,23,25],x09020000:[16,23,25],x1000:25,x1001:[7,23],x1100:[7,23],x1200:[7,23],x1203:[7,23],x1205:[7,23],x1206:[7,23],x12:[7,23],x17:[7,23],x1b:[7,23],x2000:25,x2002:[7,23],x2004:[7,23],x22:[7,23],x2301:[7,23],x2400:[7,23],x2403:[7,23],x2405:[7,23],x2406:[7,23],x25519:[5,16],x27:[7,23],x2b:[7,23],x3000:25,x30:[7,23],x33:[7,23],x3f:25,x3fffffff:[2,23],x40000000:[2,23],x4000:25,x4001:[7,23,25],x4100:25,x41:[7,23],x4200:25,x42:[7,23],x448:[5,16],x7000:25,x7001:[7,23],x7100:25,x7200:25,x7f000000:25,x7f008000:25,x7f00ffff:25,x7f400000:25,x7f800000:25,x7f:7,x7fc00000:25,x7fc0ff00:25,x7fff0000:25,x7fff:7,x7fffffff:[2,12,23],x80000000:12,x8000:7,x80:7,x_p:5,xex:13,xfe00ffff:25,xff00:25,xff:[4,7,23],xffff0000:25,xffff:7,xffffffff:12,xor:13,xxx:17,y_p:5,yet:[11,13,14,17,18,28],you:0,your:0,zero:[1,5,7,10,11,12,13,14,16,17,18,21,22,24,28,29,31]},titles:["About this document","9.1. Key attributes","9.4. Key identifiers","9. Key management reference","9.3. Key lifetimes","9.6. Key management functions","9.5. Key policies","9.2. Key types","8. Library management reference","8.2. PSA Crypto library","8.1. PSA status codes","10.5. Authenticated encryption with associated data (AEAD)","10.1. Algorithms","10.4. Unauthenticated ciphers","10.2. Message digests (Hashes)","10. Cryptographic operation reference","10.9. Key agreement","10.6. Key derivation","10.3. Message authentication codes (MAC)","10.8. Asymmetric encryption","10.10. Other cryptographic services","10.7. Asymmetric signature","Algorithm and key type encoding","Example header file","Changes to the API","Example macro implementations","Security Risk Assessment","PSA Cryptography API 1.1","5. Library conventions","3. Functionality overview","2. Design goals","6. Implementation considerations","1. Introduction","4. Sample architectures","7. Usage considerations"],titleterms:{"case":30,"export":5,"function":[1,2,4,5,6,7,9,11,13,14,16,17,18,19,20,21,28,29],"return":28,TLS:30,abbrevi:0,about:0,accessor:[2,4,7],addit:24,adversari:26,aead:[11,22],after:34,agreement:[16,22],algorithm:[6,11,12,13,14,16,17,18,19,21,22,25,28,30],alwai:34,api:[9,10,24,27,28,29],applic:33,architectur:[26,33],arm:0,aspect:31,assembl:0,assess:26,asset:26,associ:11,assumpt:[26,31],asymmetr:[19,21,22,29],attack:[26,31],attest:30,attribut:[1,2,4,7],authent:[11,18],basic:28,behavior:28,beta:24,between:[24,28],bit:22,book:0,boot:30,boundari:26,buffer:28,call:28,categori:[7,12,22],chang:[0,24],check:34,choic:30,cipher:[13,22],clarif:24,clean:34,cleanup:31,client:33,code:[10,18],combin:16,common:10,concurr:[28,34],confidenti:0,consider:[31,34],constant:28,constrain:30,constraint:26,convent:[0,28],creation:5,credenti:30,crypto:[9,23],cryptograph:[15,20,31,33],cryptographi:[27,29],cryptoprocessor:33,curv:[7,22],data:[11,28],definit:26,deriv:[16,17,22],descript:0,design:30,destruct:5,detect:31,devic:30,diffi:[7,22],digest:14,document:[0,24],eas:30,ecc:22,ellipt:[7,22],encod:[4,7,12,22],encrypt:[11,19,22],entiti:26,error:[10,28,31,34],exampl:[23,25,29,30],factori:30,famili:22,feedback:0,field:[14,22],file:[23,28],fix:24,flag:6,flow:26,format:14,futur:24,gener:[20,29],goal:[26,30],group:22,handl:28,hardwar:31,hash:[14,22,25],header:[23,28],hellman:[7,22],histori:24,identifi:[2,22,28,29],implement:[2,4,6,7,10,21,25,26,31],indic:4,indirect:31,inform:[0,26],initi:9,input:[17,28],interact:26,interfac:[30,31],introduct:32,isol:30,kei:[1,2,3,4,5,6,7,16,17,22,25,28,29,31,33],keystor:30,level:4,librari:[8,9,28,29],licenc:0,lifetim:[4,29],like:28,locat:4,mac:[18,22],macro:[1,2,4,5,6,7,9,10,11,12,13,14,16,17,18,19,21,25,28,31],manag:[1,3,5,8,29,31],materi:31,memori:[31,34],messag:[14,18],minimum:29,mitig:26,model:26,multi:[11,13,14,18,29,33],name:28,network:30,non:0,note:[2,4,6,7,10,21],number:[0,20],object:[26,31],oper:[11,13,14,15,18,29],option:30,other:[0,20,24,31],output:[28,31],overlap:28,overview:29,pair:30,paramet:28,part:[11,13,14,18,29],partit:33,permit:6,persist:4,philosophi:31,plan:24,platform:31,pointer:28,polici:[6,29],port:31,potenti:0,process:17,processor:33,profil:31,provis:30,psa:[9,10,23,27],psa_aead_abort:11,psa_aead_decrypt:11,psa_aead_decrypt_output_max_s:11,psa_aead_decrypt_output_s:11,psa_aead_decrypt_setup:11,psa_aead_encrypt:11,psa_aead_encrypt_output_max_s:11,psa_aead_encrypt_output_s:11,psa_aead_encrypt_setup:11,psa_aead_finish:11,psa_aead_finish_output_max_s:11,psa_aead_finish_output_s:11,psa_aead_generate_nonc:11,psa_aead_nonce_length:11,psa_aead_nonce_max_s:11,psa_aead_operation_init:11,psa_aead_operation_t:11,psa_aead_set_length:11,psa_aead_set_nonc:11,psa_aead_tag_length:11,psa_aead_tag_max_s:11,psa_aead_upd:11,psa_aead_update_ad:11,psa_aead_update_output_max_s:11,psa_aead_update_output_s:11,psa_aead_verifi:11,psa_aead_verify_output_max_s:11,psa_aead_verify_output_s:11,psa_alg_aead_with_at_least_this_length_tag:11,psa_alg_aead_with_default_length_tag:11,psa_alg_aead_with_shortened_tag:11,psa_alg_any_hash:21,psa_alg_at_least_this_length_mac:18,psa_alg_cbc_mac:18,psa_alg_cbc_no_pad:13,psa_alg_cbc_pkcs7:13,psa_alg_ccm:11,psa_alg_cfb:13,psa_alg_chacha20_poly1305:11,psa_alg_cmac:18,psa_alg_ctr:13,psa_alg_deterministic_ecdsa:21,psa_alg_ecb_no_pad:13,psa_alg_ecdh:16,psa_alg_ecdsa:21,psa_alg_ecdsa_ani:21,psa_alg_ed25519ph:21,psa_alg_ed448ph:21,psa_alg_ffdh:16,psa_alg_full_length_mac:18,psa_alg_gcm:11,psa_alg_get_hash:12,psa_alg_hkdf:17,psa_alg_hmac:18,psa_alg_is_aead:12,psa_alg_is_aead_on_block_ciph:11,psa_alg_is_asymmetric_encrypt:12,psa_alg_is_block_cipher_mac:18,psa_alg_is_ciph:12,psa_alg_is_deterministic_ecdsa:21,psa_alg_is_ecdh:16,psa_alg_is_ecdsa:21,psa_alg_is_ffdh:16,psa_alg_is_hash:12,psa_alg_is_hash_and_sign:21,psa_alg_is_hash_eddsa:21,psa_alg_is_hkdf:17,psa_alg_is_hmac:18,psa_alg_is_key_agr:12,psa_alg_is_key_deriv:12,psa_alg_is_key_derivation_stretch:17,psa_alg_is_mac:12,psa_alg_is_pbkdf2_hmac:17,psa_alg_is_randomized_ecdsa:21,psa_alg_is_raw_key_agr:16,psa_alg_is_rsa_oaep:19,psa_alg_is_rsa_pkcs1v15_sign:21,psa_alg_is_rsa_pss:21,psa_alg_is_rsa_pss_any_salt:21,psa_alg_is_rsa_pss_standard_salt:21,psa_alg_is_sign:12,psa_alg_is_sign_hash:21,psa_alg_is_sign_messag:21,psa_alg_is_stream_ciph:13,psa_alg_is_tls12_prf:17,psa_alg_is_tls12_psk_to_m:17,psa_alg_is_wildcard:12,psa_alg_key_agr:16,psa_alg_key_agreement_get_bas:16,psa_alg_key_agreement_get_kdf:16,psa_alg_md2:14,psa_alg_md4:14,psa_alg_md5:14,psa_alg_non:12,psa_alg_ofb:13,psa_alg_pbkdf2_aes_cmac_prf_128:17,psa_alg_pbkdf2_hmac:17,psa_alg_pure_eddsa:21,psa_alg_ripemd160:14,psa_alg_rsa_oaep:19,psa_alg_rsa_pkcs1v15_crypt:19,psa_alg_rsa_pkcs1v15_sign:21,psa_alg_rsa_pkcs1v15_sign_raw:21,psa_alg_rsa_pss:21,psa_alg_rsa_pss_any_salt:21,psa_alg_sha3_224:14,psa_alg_sha3_256:14,psa_alg_sha3_384:14,psa_alg_sha3_512:14,psa_alg_sha_1:14,psa_alg_sha_224:14,psa_alg_sha_256:14,psa_alg_sha_384:14,psa_alg_sha_512:14,psa_alg_sha_512_224:14,psa_alg_sha_512_256:14,psa_alg_shake256_512:14,psa_alg_sm3:14,psa_alg_stream_ciph:13,psa_alg_tls12_prf:17,psa_alg_tls12_psk_to_m:17,psa_alg_truncated_mac:18,psa_alg_xt:13,psa_algorithm_t:12,psa_asymmetric_decrypt:19,psa_asymmetric_decrypt_output_max_s:19,psa_asymmetric_decrypt_output_s:19,psa_asymmetric_encrypt:19,psa_asymmetric_encrypt_output_max_s:19,psa_asymmetric_encrypt_output_s:19,psa_block_cipher_block_length:13,psa_block_cipher_block_max_s:13,psa_cipher_abort:13,psa_cipher_decrypt:13,psa_cipher_decrypt_output_max_s:13,psa_cipher_decrypt_output_s:13,psa_cipher_decrypt_setup:13,psa_cipher_encrypt:13,psa_cipher_encrypt_output_max_s:13,psa_cipher_encrypt_output_s:13,psa_cipher_encrypt_setup:13,psa_cipher_finish:13,psa_cipher_finish_output_max_s:13,psa_cipher_finish_output_s:13,psa_cipher_generate_iv:13,psa_cipher_iv_length:13,psa_cipher_iv_max_s:13,psa_cipher_operation_init:13,psa_cipher_operation_t:13,psa_cipher_set_iv:13,psa_cipher_upd:13,psa_cipher_update_output_max_s:13,psa_cipher_update_output_s:13,psa_copy_kei:5,psa_crypto_api_version_major:9,psa_crypto_api_version_minor:9,psa_crypto_init:9,psa_destroy_kei:5,psa_dh_family_rfc7919:7,psa_dh_family_t:7,psa_ecc_family_brainpool_p_r1:7,psa_ecc_family_frp:7,psa_ecc_family_montgomeri:7,psa_ecc_family_secp_k1:7,psa_ecc_family_secp_r1:7,psa_ecc_family_secp_r2:7,psa_ecc_family_sect_k1:7,psa_ecc_family_sect_r1:7,psa_ecc_family_sect_r2:7,psa_ecc_family_t:7,psa_ecc_family_twisted_edward:7,psa_error_already_exist:10,psa_error_bad_st:10,psa_error_buffer_too_smal:10,psa_error_communication_failur:10,psa_error_corruption_detect:10,psa_error_data_corrupt:10,psa_error_data_invalid:10,psa_error_does_not_exist:10,psa_error_generic_error:10,psa_error_hardware_failur:10,psa_error_insufficient_data:10,psa_error_insufficient_entropi:10,psa_error_insufficient_memori:10,psa_error_insufficient_storag:10,psa_error_invalid_argu:10,psa_error_invalid_handl:10,psa_error_invalid_pad:10,psa_error_invalid_signatur:10,psa_error_not_permit:10,psa_error_not_support:10,psa_error_storage_failur:10,psa_export_kei:5,psa_export_key_output_s:5,psa_export_key_pair_max_s:5,psa_export_public_kei:5,psa_export_public_key_max_s:5,psa_export_public_key_output_s:5,psa_generate_kei:5,psa_generate_random:20,psa_get_key_algorithm:6,psa_get_key_attribut:1,psa_get_key_bit:7,psa_get_key_id:2,psa_get_key_lifetim:4,psa_get_key_typ:7,psa_get_key_usage_flag:6,psa_hash_abort:14,psa_hash_block_length:14,psa_hash_clon:14,psa_hash_compar:14,psa_hash_comput:14,psa_hash_finish:14,psa_hash_length:14,psa_hash_max_s:14,psa_hash_operation_init:14,psa_hash_operation_t:14,psa_hash_resum:14,psa_hash_setup:14,psa_hash_suspend:14,psa_hash_suspend_algorithm_field_length:14,psa_hash_suspend_hash_state_field_length:14,psa_hash_suspend_input_length_field_length:14,psa_hash_suspend_output_max_s:14,psa_hash_suspend_output_s:14,psa_hash_upd:14,psa_hash_verifi:14,psa_import_kei:5,psa_key_attributes_init:1,psa_key_attributes_t:1,psa_key_derivation_abort:17,psa_key_derivation_get_capac:17,psa_key_derivation_input_byt:17,psa_key_derivation_input_context:17,psa_key_derivation_input_cost:17,psa_key_derivation_input_info:17,psa_key_derivation_input_integ:17,psa_key_derivation_input_kei:17,psa_key_derivation_input_label:17,psa_key_derivation_input_password:17,psa_key_derivation_input_salt:17,psa_key_derivation_input_se:17,psa_key_derivation_input_secret:17,psa_key_derivation_key_agr:16,psa_key_derivation_operation_init:17,psa_key_derivation_operation_t:17,psa_key_derivation_output_byt:17,psa_key_derivation_output_kei:17,psa_key_derivation_set_capac:17,psa_key_derivation_setup:17,psa_key_derivation_step_t:17,psa_key_derivation_unlimited_capac:17,psa_key_derivation_verify_byt:17,psa_key_derivation_verify_kei:17,psa_key_id_nul:2,psa_key_id_t:2,psa_key_id_user_max:2,psa_key_id_user_min:2,psa_key_id_vendor_max:2,psa_key_id_vendor_min:2,psa_key_lifetime_from_persistence_and_loc:4,psa_key_lifetime_get_loc:4,psa_key_lifetime_get_persist:4,psa_key_lifetime_is_volatil:4,psa_key_lifetime_persist:4,psa_key_lifetime_t:4,psa_key_lifetime_volatil:4,psa_key_location_local_storag:4,psa_key_location_primary_secure_el:4,psa_key_location_t:4,psa_key_persistence_default:4,psa_key_persistence_read_onli:4,psa_key_persistence_t:4,psa_key_persistence_volatil:4,psa_key_type_a:7,psa_key_type_arc4:7,psa_key_type_aria:7,psa_key_type_camellia:7,psa_key_type_chacha20:7,psa_key_type_d:7,psa_key_type_der:7,psa_key_type_dh_get_famili:7,psa_key_type_dh_key_pair:7,psa_key_type_dh_public_kei:7,psa_key_type_ecc_get_famili:7,psa_key_type_ecc_key_pair:7,psa_key_type_ecc_public_kei:7,psa_key_type_hmac:7,psa_key_type_is_asymmetr:7,psa_key_type_is_dh:7,psa_key_type_is_dh_key_pair:7,psa_key_type_is_dh_public_kei:7,psa_key_type_is_ecc:7,psa_key_type_is_ecc_key_pair:7,psa_key_type_is_ecc_public_kei:7,psa_key_type_is_key_pair:7,psa_key_type_is_public_kei:7,psa_key_type_is_rsa:7,psa_key_type_is_unstructur:7,psa_key_type_key_pair_of_public_kei:7,psa_key_type_non:7,psa_key_type_password:7,psa_key_type_password_hash:7,psa_key_type_pepp:7,psa_key_type_public_key_of_key_pair:7,psa_key_type_raw_data:7,psa_key_type_rsa_key_pair:7,psa_key_type_rsa_public_kei:7,psa_key_type_sm4:7,psa_key_type_t:7,psa_key_usage_cach:6,psa_key_usage_copi:6,psa_key_usage_decrypt:6,psa_key_usage_der:6,psa_key_usage_encrypt:6,psa_key_usage_export:6,psa_key_usage_sign_hash:6,psa_key_usage_sign_messag:6,psa_key_usage_t:6,psa_key_usage_verify_deriv:6,psa_key_usage_verify_hash:6,psa_key_usage_verify_messag:6,psa_mac_abort:18,psa_mac_comput:18,psa_mac_length:18,psa_mac_max_s:18,psa_mac_operation_init:18,psa_mac_operation_t:18,psa_mac_sign_finish:18,psa_mac_sign_setup:18,psa_mac_upd:18,psa_mac_verifi:18,psa_mac_verify_finish:18,psa_mac_verify_setup:18,psa_purge_kei:5,psa_raw_key_agr:16,psa_raw_key_agreement_output_max_s:16,psa_raw_key_agreement_output_s:16,psa_reset_key_attribut:1,psa_set_key_algorithm:6,psa_set_key_bit:7,psa_set_key_id:2,psa_set_key_lifetim:4,psa_set_key_typ:7,psa_set_key_usage_flag:6,psa_sign_hash:21,psa_sign_messag:21,psa_sign_output_s:21,psa_signature_max_s:21,psa_status_t:10,psa_success:10,psa_tls12_psk_to_ms_psk_max_s:17,psa_verify_hash:21,psa_verify_messag:21,pseudocod:0,random:[20,29],raw:22,recommend:[29,31,34],refer:[0,3,8,15,31],referenc:0,releas:0,remedi:26,requir:[26,31],residu:26,resist:31,resourc:31,risk:26,rsa:[7,22],safe:31,sampl:33,secur:[26,30,31,34],servic:20,share:34,signatur:[21,22],singl:[11,13,14,18,29,33],size:[14,28],specif:[10,31],stabil:28,stakehold:26,standalon:16,standard:[17,29],state:[14,25],statu:[10,28],step:17,storag:[30,33],structur:28,sub:22,success:10,suitabl:30,support:[4,11,13,14,16,17,18,19,21,31],suspend:[14,25],symmetr:[7,22,29],syntax:0,system:26,term:0,thi:[0,10],threat:26,token:33,trust:26,type:[1,2,4,6,7,10,11,12,13,14,17,18,22,25,28,29,31],typograph:0,unauthent:13,usag:[6,34],use:[30,34],valu:[4,22],version:[9,24],volatil:4}})
\ No newline at end of file
diff --git a/docs/latest b/docs/latest
index 7f20734..1cc5f65 120000
--- a/docs/latest
+++ b/docs/latest
@@ -1 +1 @@
-1.0.1
\ No newline at end of file
+1.1.0
\ No newline at end of file
diff --git a/docs/psa/index.html b/docs/psa/index.html
index 9288ff2..09ec7a9 100644
--- a/docs/psa/index.html
+++ b/docs/psa/index.html
@@ -6,6 +6,7 @@
<p>Past versions:</p>
<ul>
<li>1.0.1: <a href="../1.0.1/html/index.html">HTML</a>, <a href="../1.0.1/PSA_Cryptography_API_Specification.pdf">PDF</a></li>
+<li>1.1.0: <a href="../1.1.0/html/index.html">HTML</a>, <a href="../1.1.0/PSA_Cryptography_API_Specification.pdf">PDF</a></li>
</ul>
<p><strong>Reference implementation</strong>: <a href="https://github.com/ARMmbed/mbed-tls">Mbed TLS</a></p>
<h2 id="hardware-abstraction-layer">Hardware abstraction layer</h2>
diff --git a/docs/psa/index.md b/docs/psa/index.md
index d67ec86..25d0709 100644
--- a/docs/psa/index.md
+++ b/docs/psa/index.md
@@ -16,6 +16,9 @@
* 1.0.1:
[HTML](../1.0.1/html/index.html),
[PDF](../1.0.1/PSA_Cryptography_API_Specification.pdf)
+* 1.1.0:
+ [HTML](../1.1.0/html/index.html),
+ [PDF](../1.1.0/PSA_Cryptography_API_Specification.pdf)
**Reference implementation**: [Mbed TLS](https://github.com/ARMmbed/mbed-tls)