|
Platform Security Architecture — cryptography and keystore interface
Working draft
|
Macros | |
| #define | PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) |
| #define | PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) |
| #define | PSA_KEY_LIFETIME_WRITE_ONCE ((psa_key_lifetime_t)0x7fffffff) |
Typedefs | |
| typedef uint32_t | psa_key_lifetime_t |
Functions | |
| psa_status_t | psa_get_key_lifetime (psa_key_slot_t key, psa_key_lifetime_t *lifetime) |
| Retrieve the lifetime of a key slot. More... | |
| psa_status_t | psa_set_key_lifetime (psa_key_slot_t key, psa_key_lifetime_t lifetime) |
| Change the lifetime of a key slot. More... | |
| #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) |
A persistent key slot retains its content as long as it is not explicitly destroyed.
| #define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) |
A volatile key slot retains its content as long as the application is running. It is guaranteed to be erased on a power reset.
| #define PSA_KEY_LIFETIME_WRITE_ONCE ((psa_key_lifetime_t)0x7fffffff) |
A write-once key slot may not be modified once a key has been set. It will retain its content as long as the device remains operational.
| typedef uint32_t psa_key_lifetime_t |
Encoding of key lifetimes.
| psa_status_t psa_get_key_lifetime | ( | psa_key_slot_t | key, |
| psa_key_lifetime_t * | lifetime | ||
| ) |
Retrieve the lifetime of a key slot.
The assignment of lifetimes to slots is implementation-dependent.
| key | Slot to query. | |
| [out] | lifetime | On success, the lifetime value. |
| PSA_SUCCESS | Success. |
| PSA_ERROR_INVALID_ARGUMENT | The key slot is invalid. |
| PSA_ERROR_COMMUNICATION_FAILURE | |
| PSA_ERROR_HARDWARE_FAILURE | |
| PSA_ERROR_TAMPERING_DETECTED |
| psa_status_t psa_set_key_lifetime | ( | psa_key_slot_t | key, |
| psa_key_lifetime_t | lifetime | ||
| ) |
Change the lifetime of a key slot.
Whether the lifetime of a key slot can be changed at all, and if so whether the lifetime of an occupied key slot can be changed, is implementation-dependent.
| key | Slot whose lifetime is to be changed. |
| lifetime | The lifetime value to set for the given key slot. |
| PSA_SUCCESS | Success. |
| PSA_ERROR_INVALID_ARGUMENT | The key slot is invalid, or the lifetime value is invalid. |
| PSA_ERROR_NOT_SUPPORTED | The implementation does not support the specified lifetime value, at least for the specified key slot. |
| PSA_ERROR_OCCUPIED_SLOT | The slot contains a key, and the implementation does not support changing the lifetime of an occupied slot. |
| PSA_ERROR_COMMUNICATION_FAILURE | |
| PSA_ERROR_HARDWARE_FAILURE | |
| PSA_ERROR_TAMPERING_DETECTED |
1.8.13