TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-crypto / a8992df78a641eb5008f7946d007da08aba47b6d / . / docs / html / group__policy.html
blob: 27dddcf39b65667da7761402bc02b5910c0c1575 [file] [log] [blame]
Jaeden Ameroe54e6932018-08-06 16:19:58 +0100[diff] [blame]1<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
2<html xmlns="http://www.w3.org/1999/xhtml">
3<head>
4<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
5<meta http-equiv="X-UA-Compatible" content="IE=9"/>
6<meta name="generator" content="Doxygen 1.8.13"/>
7<meta name="viewport" content="width=device-width, initial-scale=1"/>
8<title>Platform Security Architecture — cryptography and keystore interface: Key policies</title>
9<link href="tabs.css" rel="stylesheet" type="text/css"/>
10<script type="text/javascript" src="jquery.js"></script>
11<script type="text/javascript" src="dynsections.js"></script>
12<link href="search/search.css" rel="stylesheet" type="text/css"/>
13<script type="text/javascript" src="search/searchdata.js"></script>
14<script type="text/javascript" src="search/search.js"></script>
15<link href="doxygen.css" rel="stylesheet" type="text/css" />
16</head>
17<body>
18<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
19<div id="titlearea">
20<table cellspacing="0" cellpadding="0">
21 <tbody>
22 <tr style="height: 56px;">
23 <td id="projectalign" style="padding-left: 0.5em;">
24 <div id="projectname">Platform Security Architecture — cryptography and keystore interface
25 &#160;<span id="projectnumber">Working draft</span>
26 </div>
27 </td>
28 </tr>
29 </tbody>
30</table>
31</div>
32<!-- end header part -->
33<!-- Generated by Doxygen 1.8.13 -->
34<script type="text/javascript">
35var searchBox = new SearchBox("searchBox", "search",false,'Search');
36</script>
37<script type="text/javascript" src="menudata.js"></script>
38<script type="text/javascript" src="menu.js"></script>
39<script type="text/javascript">
40$(function() {
41 initMenu('',true,false,'search.php','Search');
42 $(document).ready(function() { init_search(); });
43});
44</script>
45<div id="main-nav"></div>
46</div><!-- top -->
47<!-- window showing the filter options -->
48<div id="MSearchSelectWindow"
49 onmouseover="return searchBox.OnSearchSelectShow()"
50 onmouseout="return searchBox.OnSearchSelectHide()"
51 onkeydown="return searchBox.OnSearchSelectKey(event)">
52</div>
53
54<!-- iframe showing the search results (closed by default) -->
55<div id="MSearchResultsWindow">
56<iframe src="javascript:void(0)" frameborder="0"
57 name="MSearchResults" id="MSearchResults">
58</iframe>
59</div>
60
61<div class="header">
62 <div class="summary">
63<a href="#define-members">Macros</a> &#124;
64<a href="#typedef-members">Typedefs</a> &#124;
65<a href="#func-members">Functions</a> </div>
66 <div class="headertitle">
67<div class="title">Key policies</div> </div>
68</div><!--header-->
69<div class="contents">
70<table class="memberdecls">
71<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="define-members"></a>
72Macros</h2></td></tr>
73<tr class="memitem:ga7dddccdd1303176e87a4d20c87b589ed"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__policy.html#ga7dddccdd1303176e87a4d20c87b589ed">PSA_KEY_USAGE_EXPORT</a>&#160;&#160;&#160;((<a class="el" href="group__policy.html#ga7bb9de71337e0e98de843aa7f9b55f25">psa_key_usage_t</a>)0x00000001)</td></tr>
74<tr class="separator:ga7dddccdd1303176e87a4d20c87b589ed"><td class="memSeparator" colspan="2">&#160;</td></tr>
75<tr class="memitem:ga75153b296d045d529d97203a6a995dad"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__policy.html#ga75153b296d045d529d97203a6a995dad">PSA_KEY_USAGE_ENCRYPT</a>&#160;&#160;&#160;((<a class="el" href="group__policy.html#ga7bb9de71337e0e98de843aa7f9b55f25">psa_key_usage_t</a>)0x00000100)</td></tr>
76<tr class="separator:ga75153b296d045d529d97203a6a995dad"><td class="memSeparator" colspan="2">&#160;</td></tr>
77<tr class="memitem:gac3f2d2e5983db1edde9f142ca9bf8e6a"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__policy.html#gac3f2d2e5983db1edde9f142ca9bf8e6a">PSA_KEY_USAGE_DECRYPT</a>&#160;&#160;&#160;((<a class="el" href="group__policy.html#ga7bb9de71337e0e98de843aa7f9b55f25">psa_key_usage_t</a>)0x00000200)</td></tr>
78<tr class="separator:gac3f2d2e5983db1edde9f142ca9bf8e6a"><td class="memSeparator" colspan="2">&#160;</td></tr>
79<tr class="memitem:ga99b9f456cf59efc4b5579465407aef5a"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__policy.html#ga99b9f456cf59efc4b5579465407aef5a">PSA_KEY_USAGE_SIGN</a>&#160;&#160;&#160;((<a class="el" href="group__policy.html#ga7bb9de71337e0e98de843aa7f9b55f25">psa_key_usage_t</a>)0x00000400)</td></tr>
80<tr class="separator:ga99b9f456cf59efc4b5579465407aef5a"><td class="memSeparator" colspan="2">&#160;</td></tr>
81<tr class="memitem:ga39b54ffd5958b69634607924fa53cea6"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__policy.html#ga39b54ffd5958b69634607924fa53cea6">PSA_KEY_USAGE_VERIFY</a>&#160;&#160;&#160;((<a class="el" href="group__policy.html#ga7bb9de71337e0e98de843aa7f9b55f25">psa_key_usage_t</a>)0x00000800)</td></tr>
82<tr class="separator:ga39b54ffd5958b69634607924fa53cea6"><td class="memSeparator" colspan="2">&#160;</td></tr>
83<tr class="memitem:gaf19022acc5ef23cf12477f632b48a0b2"><td class="memItemLeft" align="right" valign="top">#define&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__policy.html#gaf19022acc5ef23cf12477f632b48a0b2">PSA_KEY_USAGE_DERIVE</a>&#160;&#160;&#160;((<a class="el" href="group__policy.html#ga7bb9de71337e0e98de843aa7f9b55f25">psa_key_usage_t</a>)0x00001000)</td></tr>
84<tr class="separator:gaf19022acc5ef23cf12477f632b48a0b2"><td class="memSeparator" colspan="2">&#160;</td></tr>
85</table><table class="memberdecls">
86<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="typedef-members"></a>
87Typedefs</h2></td></tr>
88<tr class="memitem:ga7bb9de71337e0e98de843aa7f9b55f25"><td class="memItemLeft" align="right" valign="top"><a id="ga7bb9de71337e0e98de843aa7f9b55f25"></a>
89typedef uint32_t&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__policy.html#ga7bb9de71337e0e98de843aa7f9b55f25">psa_key_usage_t</a></td></tr>
90<tr class="memdesc:ga7bb9de71337e0e98de843aa7f9b55f25"><td class="mdescLeft">&#160;</td><td class="mdescRight">Encoding of permitted usage on a key. <br /></td></tr>
91<tr class="separator:ga7bb9de71337e0e98de843aa7f9b55f25"><td class="memSeparator" colspan="2">&#160;</td></tr>
92<tr class="memitem:gaf553efd409845b6d09ff25ce2ba36607"><td class="memItemLeft" align="right" valign="top">typedef struct psa_key_policy_s&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__policy.html#gaf553efd409845b6d09ff25ce2ba36607">psa_key_policy_t</a></td></tr>
93<tr class="separator:gaf553efd409845b6d09ff25ce2ba36607"><td class="memSeparator" colspan="2">&#160;</td></tr>
94</table><table class="memberdecls">
95<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="func-members"></a>
96Functions</h2></td></tr>
97<tr class="memitem:gad49eb85e3fcbe70f763f511ac83e762e"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__policy.html#gad49eb85e3fcbe70f763f511ac83e762e">psa_key_policy_init</a> (<a class="el" href="group__policy.html#gaf553efd409845b6d09ff25ce2ba36607">psa_key_policy_t</a> *policy)</td></tr>
98<tr class="memdesc:gad49eb85e3fcbe70f763f511ac83e762e"><td class="mdescLeft">&#160;</td><td class="mdescRight">Initialize a key policy structure to a default that forbids all usage of the key. <a href="#gad49eb85e3fcbe70f763f511ac83e762e">More...</a><br /></td></tr>
99<tr class="separator:gad49eb85e3fcbe70f763f511ac83e762e"><td class="memSeparator" colspan="2">&#160;</td></tr>
100<tr class="memitem:gac16792fd6d375a5f76d372090df40607"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__policy.html#gac16792fd6d375a5f76d372090df40607">psa_key_policy_set_usage</a> (<a class="el" href="group__policy.html#gaf553efd409845b6d09ff25ce2ba36607">psa_key_policy_t</a> *policy, <a class="el" href="group__policy.html#ga7bb9de71337e0e98de843aa7f9b55f25">psa_key_usage_t</a> usage, <a class="el" href="group__crypto__types.html#gac2e4d47f1300d73c2f829a6d99252d69">psa_algorithm_t</a> alg)</td></tr>
101<tr class="memdesc:gac16792fd6d375a5f76d372090df40607"><td class="mdescLeft">&#160;</td><td class="mdescRight">Set the standard fields of a policy structure. <a href="#gac16792fd6d375a5f76d372090df40607">More...</a><br /></td></tr>
102<tr class="separator:gac16792fd6d375a5f76d372090df40607"><td class="memSeparator" colspan="2">&#160;</td></tr>
103<tr class="memitem:ga7746662b7503e484774d0ecb5d8ac2ab"><td class="memItemLeft" align="right" valign="top"><a class="el" href="group__policy.html#ga7bb9de71337e0e98de843aa7f9b55f25">psa_key_usage_t</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__policy.html#ga7746662b7503e484774d0ecb5d8ac2ab">psa_key_policy_get_usage</a> (const <a class="el" href="group__policy.html#gaf553efd409845b6d09ff25ce2ba36607">psa_key_policy_t</a> *policy)</td></tr>
104<tr class="memdesc:ga7746662b7503e484774d0ecb5d8ac2ab"><td class="mdescLeft">&#160;</td><td class="mdescRight">Retrieve the usage field of a policy structure. <a href="#ga7746662b7503e484774d0ecb5d8ac2ab">More...</a><br /></td></tr>
105<tr class="separator:ga7746662b7503e484774d0ecb5d8ac2ab"><td class="memSeparator" colspan="2">&#160;</td></tr>
106<tr class="memitem:gaadf16b89ace53e1d2cb5bcb0aef24c86"><td class="memItemLeft" align="right" valign="top"><a class="el" href="group__crypto__types.html#gac2e4d47f1300d73c2f829a6d99252d69">psa_algorithm_t</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__policy.html#gaadf16b89ace53e1d2cb5bcb0aef24c86">psa_key_policy_get_algorithm</a> (const <a class="el" href="group__policy.html#gaf553efd409845b6d09ff25ce2ba36607">psa_key_policy_t</a> *policy)</td></tr>
107<tr class="memdesc:gaadf16b89ace53e1d2cb5bcb0aef24c86"><td class="mdescLeft">&#160;</td><td class="mdescRight">Retrieve the algorithm field of a policy structure. <a href="#gaadf16b89ace53e1d2cb5bcb0aef24c86">More...</a><br /></td></tr>
108<tr class="separator:gaadf16b89ace53e1d2cb5bcb0aef24c86"><td class="memSeparator" colspan="2">&#160;</td></tr>
109<tr class="memitem:gad7faa7e64aa771f7441c44ceff21af19"><td class="memItemLeft" align="right" valign="top"><a class="el" href="group__basic.html#ga05676e70ba5c6a7565aff3c36677c1f9">psa_status_t</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__policy.html#gad7faa7e64aa771f7441c44ceff21af19">psa_set_key_policy</a> (<a class="el" href="group__platform.html#gac3da92a6b8a7f0c01dc348f8e0432e4c">psa_key_slot_t</a> key, const <a class="el" href="group__policy.html#gaf553efd409845b6d09ff25ce2ba36607">psa_key_policy_t</a> *policy)</td></tr>
110<tr class="memdesc:gad7faa7e64aa771f7441c44ceff21af19"><td class="mdescLeft">&#160;</td><td class="mdescRight">Set the usage policy on a key slot. <a href="#gad7faa7e64aa771f7441c44ceff21af19">More...</a><br /></td></tr>
111<tr class="separator:gad7faa7e64aa771f7441c44ceff21af19"><td class="memSeparator" colspan="2">&#160;</td></tr>
112<tr class="memitem:ga613f28712124f9149bd640614376ab5a"><td class="memItemLeft" align="right" valign="top"><a class="el" href="group__basic.html#ga05676e70ba5c6a7565aff3c36677c1f9">psa_status_t</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__policy.html#ga613f28712124f9149bd640614376ab5a">psa_get_key_policy</a> (<a class="el" href="group__platform.html#gac3da92a6b8a7f0c01dc348f8e0432e4c">psa_key_slot_t</a> key, <a class="el" href="group__policy.html#gaf553efd409845b6d09ff25ce2ba36607">psa_key_policy_t</a> *policy)</td></tr>
113<tr class="memdesc:ga613f28712124f9149bd640614376ab5a"><td class="mdescLeft">&#160;</td><td class="mdescRight">Get the usage policy for a key slot. <a href="#ga613f28712124f9149bd640614376ab5a">More...</a><br /></td></tr>
114<tr class="separator:ga613f28712124f9149bd640614376ab5a"><td class="memSeparator" colspan="2">&#160;</td></tr>
115</table>
116<a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2>
117<h2 class="groupheader">Macro Definition Documentation</h2>
118<a id="gac3f2d2e5983db1edde9f142ca9bf8e6a"></a>
119<h2 class="memtitle"><span class="permalink"><a href="#gac3f2d2e5983db1edde9f142ca9bf8e6a">&#9670;&nbsp;</a></span>PSA_KEY_USAGE_DECRYPT</h2>
120
121<div class="memitem">
122<div class="memproto">
123 <table class="memname">
124 <tr>
125 <td class="memname">#define PSA_KEY_USAGE_DECRYPT&#160;&#160;&#160;((<a class="el" href="group__policy.html#ga7bb9de71337e0e98de843aa7f9b55f25">psa_key_usage_t</a>)0x00000200)</td>
126 </tr>
127 </table>
128</div><div class="memdoc">
129<p>Whether the key may be used to decrypt a message.</p>
130<p>This flag allows the key to be used for a symmetric decryption operation, for an AEAD decryption-and-verification operation, or for an asymmetric decryption operation, if otherwise permitted by the key's type and policy.</p>
131<p>For a key pair, this concerns the private key. </p>
132
133</div>
134</div>
135<a id="gaf19022acc5ef23cf12477f632b48a0b2"></a>
136<h2 class="memtitle"><span class="permalink"><a href="#gaf19022acc5ef23cf12477f632b48a0b2">&#9670;&nbsp;</a></span>PSA_KEY_USAGE_DERIVE</h2>
137
138<div class="memitem">
139<div class="memproto">
140 <table class="memname">
141 <tr>
142 <td class="memname">#define PSA_KEY_USAGE_DERIVE&#160;&#160;&#160;((<a class="el" href="group__policy.html#ga7bb9de71337e0e98de843aa7f9b55f25">psa_key_usage_t</a>)0x00001000)</td>
143 </tr>
144 </table>
145</div><div class="memdoc">
146<p>Whether the key may be used to derive other keys. </p>
147
148</div>
149</div>
150<a id="ga75153b296d045d529d97203a6a995dad"></a>
151<h2 class="memtitle"><span class="permalink"><a href="#ga75153b296d045d529d97203a6a995dad">&#9670;&nbsp;</a></span>PSA_KEY_USAGE_ENCRYPT</h2>
152
153<div class="memitem">
154<div class="memproto">
155 <table class="memname">
156 <tr>
157 <td class="memname">#define PSA_KEY_USAGE_ENCRYPT&#160;&#160;&#160;((<a class="el" href="group__policy.html#ga7bb9de71337e0e98de843aa7f9b55f25">psa_key_usage_t</a>)0x00000100)</td>
158 </tr>
159 </table>
160</div><div class="memdoc">
161<p>Whether the key may be used to encrypt a message.</p>
162<p>This flag allows the key to be used for a symmetric encryption operation, for an AEAD encryption-and-authentication operation, or for an asymmetric encryption operation, if otherwise permitted by the key's type and policy.</p>
163<p>For a key pair, this concerns the public key. </p>
164
165</div>
166</div>
167<a id="ga7dddccdd1303176e87a4d20c87b589ed"></a>
168<h2 class="memtitle"><span class="permalink"><a href="#ga7dddccdd1303176e87a4d20c87b589ed">&#9670;&nbsp;</a></span>PSA_KEY_USAGE_EXPORT</h2>
169
170<div class="memitem">
171<div class="memproto">
172 <table class="memname">
173 <tr>
174 <td class="memname">#define PSA_KEY_USAGE_EXPORT&#160;&#160;&#160;((<a class="el" href="group__policy.html#ga7bb9de71337e0e98de843aa7f9b55f25">psa_key_usage_t</a>)0x00000001)</td>
175 </tr>
176 </table>
177</div><div class="memdoc">
178<p>Whether the key may be exported.</p>
179<p>A public key or the public part of a key pair may always be exported regardless of the value of this permission flag.</p>
180<p>If a key does not have export permission, implementations shall not allow the key to be exported in plain form from the cryptoprocessor, whether through <a class="el" href="group__key__management.html#gaa67bc459b20028b268f3d75a05afe022" title="Export a key in binary format. ">psa_export_key()</a> or through a proprietary interface. The key may however be exportable in a wrapped form, i.e. in a form where it is encrypted by another key. </p>
181
182</div>
183</div>
184<a id="ga99b9f456cf59efc4b5579465407aef5a"></a>
185<h2 class="memtitle"><span class="permalink"><a href="#ga99b9f456cf59efc4b5579465407aef5a">&#9670;&nbsp;</a></span>PSA_KEY_USAGE_SIGN</h2>
186
187<div class="memitem">
188<div class="memproto">
189 <table class="memname">
190 <tr>
191 <td class="memname">#define PSA_KEY_USAGE_SIGN&#160;&#160;&#160;((<a class="el" href="group__policy.html#ga7bb9de71337e0e98de843aa7f9b55f25">psa_key_usage_t</a>)0x00000400)</td>
192 </tr>
193 </table>
194</div><div class="memdoc">
195<p>Whether the key may be used to sign a message.</p>
196<p>This flag allows the key to be used for a MAC calculation operation or for an asymmetric signature operation, if otherwise permitted by the key's type and policy.</p>
197<p>For a key pair, this concerns the private key. </p>
198
199</div>
200</div>
201<a id="ga39b54ffd5958b69634607924fa53cea6"></a>
202<h2 class="memtitle"><span class="permalink"><a href="#ga39b54ffd5958b69634607924fa53cea6">&#9670;&nbsp;</a></span>PSA_KEY_USAGE_VERIFY</h2>
203
204<div class="memitem">
205<div class="memproto">
206 <table class="memname">
207 <tr>
208 <td class="memname">#define PSA_KEY_USAGE_VERIFY&#160;&#160;&#160;((<a class="el" href="group__policy.html#ga7bb9de71337e0e98de843aa7f9b55f25">psa_key_usage_t</a>)0x00000800)</td>
209 </tr>
210 </table>
211</div><div class="memdoc">
212<p>Whether the key may be used to verify a message signature.</p>
213<p>This flag allows the key to be used for a MAC verification operation or for an asymmetric signature verification operation, if otherwise permitted by by the key's type and policy.</p>
214<p>For a key pair, this concerns the public key. </p>
215
216</div>
217</div>
218<h2 class="groupheader">Typedef Documentation</h2>
219<a id="gaf553efd409845b6d09ff25ce2ba36607"></a>
220<h2 class="memtitle"><span class="permalink"><a href="#gaf553efd409845b6d09ff25ce2ba36607">&#9670;&nbsp;</a></span>psa_key_policy_t</h2>
221
222<div class="memitem">
223<div class="memproto">
224 <table class="memname">
225 <tr>
226 <td class="memname">typedef struct psa_key_policy_s <a class="el" href="group__policy.html#gaf553efd409845b6d09ff25ce2ba36607">psa_key_policy_t</a></td>
227 </tr>
228 </table>
229</div><div class="memdoc">
230<p>The type of the key policy data structure.</p>
231<p>This is an implementation-defined <code>struct</code>. Applications should not make any assumptions about the content of this structure except as directed by the documentation of a specific implementation. </p>
232
233</div>
234</div>
235<h2 class="groupheader">Function Documentation</h2>
236<a id="ga613f28712124f9149bd640614376ab5a"></a>
237<h2 class="memtitle"><span class="permalink"><a href="#ga613f28712124f9149bd640614376ab5a">&#9670;&nbsp;</a></span>psa_get_key_policy()</h2>
238
239<div class="memitem">
240<div class="memproto">
241 <table class="memname">
242 <tr>
243 <td class="memname"><a class="el" href="group__basic.html#ga05676e70ba5c6a7565aff3c36677c1f9">psa_status_t</a> psa_get_key_policy </td>
244 <td>(</td>
245 <td class="paramtype"><a class="el" href="group__platform.html#gac3da92a6b8a7f0c01dc348f8e0432e4c">psa_key_slot_t</a>&#160;</td>
246 <td class="paramname"><em>key</em>, </td>
247 </tr>
248 <tr>
249 <td class="paramkey"></td>
250 <td></td>
251 <td class="paramtype"><a class="el" href="group__policy.html#gaf553efd409845b6d09ff25ce2ba36607">psa_key_policy_t</a> *&#160;</td>
252 <td class="paramname"><em>policy</em>&#160;</td>
253 </tr>
254 <tr>
255 <td></td>
256 <td>)</td>
257 <td></td><td></td>
258 </tr>
259 </table>
260</div><div class="memdoc">
261
262<p>Get the usage policy for a key slot. </p>
263<dl class="params"><dt>Parameters</dt><dd>
264 <table class="params">
265 <tr><td class="paramdir"></td><td class="paramname">key</td><td>The key slot whose policy is being queried. </td></tr>
266 <tr><td class="paramdir">[out]</td><td class="paramname">policy</td><td>On success, the key's policy.</td></tr>
267 </table>
268 </dd>
269</dl>
270<dl class="retval"><dt>Return values</dt><dd>
271 <table class="retval">
272 <tr><td class="paramname"><a class="el" href="group__basic.html#ga4cc859e2c66ca381c7418db3527a65e1">PSA_SUCCESS</a></td><td></td></tr>
273 <tr><td class="paramname"><a class="el" href="group__basic.html#ga5cdb6948371d49e916106249020ea3f7">PSA_ERROR_COMMUNICATION_FAILURE</a></td><td></td></tr>
274 <tr><td class="paramname"><a class="el" href="group__basic.html#ga08b10e70fa5ff0b05c631d9f8f6b2c6b">PSA_ERROR_HARDWARE_FAILURE</a></td><td></td></tr>
275 <tr><td class="paramname"><a class="el" href="group__basic.html#ga2c5dda1485cb54f2385cb9c1279a7004">PSA_ERROR_TAMPERING_DETECTED</a></td><td></td></tr>
276 </table>
277 </dd>
278</dl>
279
280</div>
281</div>
282<a id="gaadf16b89ace53e1d2cb5bcb0aef24c86"></a>
283<h2 class="memtitle"><span class="permalink"><a href="#gaadf16b89ace53e1d2cb5bcb0aef24c86">&#9670;&nbsp;</a></span>psa_key_policy_get_algorithm()</h2>
284
285<div class="memitem">
286<div class="memproto">
287 <table class="memname">
288 <tr>
289 <td class="memname"><a class="el" href="group__crypto__types.html#gac2e4d47f1300d73c2f829a6d99252d69">psa_algorithm_t</a> psa_key_policy_get_algorithm </td>
290 <td>(</td>
291 <td class="paramtype">const <a class="el" href="group__policy.html#gaf553efd409845b6d09ff25ce2ba36607">psa_key_policy_t</a> *&#160;</td>
292 <td class="paramname"><em>policy</em></td><td>)</td>
293 <td></td>
294 </tr>
295 </table>
296</div><div class="memdoc">
297
298<p>Retrieve the algorithm field of a policy structure. </p>
299<dl class="params"><dt>Parameters</dt><dd>
300 <table class="params">
301 <tr><td class="paramdir">[in]</td><td class="paramname">policy</td><td>The policy object to query.</td></tr>
302 </table>
303 </dd>
304</dl>
305<dl class="section return"><dt>Returns</dt><dd>The permitted algorithm for a key with this policy. </dd></dl>
306
307</div>
308</div>
309<a id="ga7746662b7503e484774d0ecb5d8ac2ab"></a>
310<h2 class="memtitle"><span class="permalink"><a href="#ga7746662b7503e484774d0ecb5d8ac2ab">&#9670;&nbsp;</a></span>psa_key_policy_get_usage()</h2>
311
312<div class="memitem">
313<div class="memproto">
314 <table class="memname">
315 <tr>
316 <td class="memname"><a class="el" href="group__policy.html#ga7bb9de71337e0e98de843aa7f9b55f25">psa_key_usage_t</a> psa_key_policy_get_usage </td>
317 <td>(</td>
318 <td class="paramtype">const <a class="el" href="group__policy.html#gaf553efd409845b6d09ff25ce2ba36607">psa_key_policy_t</a> *&#160;</td>
319 <td class="paramname"><em>policy</em></td><td>)</td>
320 <td></td>
321 </tr>
322 </table>
323</div><div class="memdoc">
324
325<p>Retrieve the usage field of a policy structure. </p>
326<dl class="params"><dt>Parameters</dt><dd>
327 <table class="params">
328 <tr><td class="paramdir">[in]</td><td class="paramname">policy</td><td>The policy object to query.</td></tr>
329 </table>
330 </dd>
331</dl>
332<dl class="section return"><dt>Returns</dt><dd>The permitted uses for a key with this policy. </dd></dl>
333
334</div>
335</div>
336<a id="gad49eb85e3fcbe70f763f511ac83e762e"></a>
337<h2 class="memtitle"><span class="permalink"><a href="#gad49eb85e3fcbe70f763f511ac83e762e">&#9670;&nbsp;</a></span>psa_key_policy_init()</h2>
338
339<div class="memitem">
340<div class="memproto">
341 <table class="memname">
342 <tr>
343 <td class="memname">void psa_key_policy_init </td>
344 <td>(</td>
345 <td class="paramtype"><a class="el" href="group__policy.html#gaf553efd409845b6d09ff25ce2ba36607">psa_key_policy_t</a> *&#160;</td>
346 <td class="paramname"><em>policy</em></td><td>)</td>
347 <td></td>
348 </tr>
349 </table>
350</div><div class="memdoc">
351
352<p>Initialize a key policy structure to a default that forbids all usage of the key. </p>
353<dl class="params"><dt>Parameters</dt><dd>
354 <table class="params">
355 <tr><td class="paramdir">[out]</td><td class="paramname">policy</td><td>The policy object to initialize. </td></tr>
356 </table>
357 </dd>
358</dl>
359
360</div>
361</div>
362<a id="gac16792fd6d375a5f76d372090df40607"></a>
363<h2 class="memtitle"><span class="permalink"><a href="#gac16792fd6d375a5f76d372090df40607">&#9670;&nbsp;</a></span>psa_key_policy_set_usage()</h2>
364
365<div class="memitem">
366<div class="memproto">
367 <table class="memname">
368 <tr>
369 <td class="memname">void psa_key_policy_set_usage </td>
370 <td>(</td>
371 <td class="paramtype"><a class="el" href="group__policy.html#gaf553efd409845b6d09ff25ce2ba36607">psa_key_policy_t</a> *&#160;</td>
372 <td class="paramname"><em>policy</em>, </td>
373 </tr>
374 <tr>
375 <td class="paramkey"></td>
376 <td></td>
377 <td class="paramtype"><a class="el" href="group__policy.html#ga7bb9de71337e0e98de843aa7f9b55f25">psa_key_usage_t</a>&#160;</td>
378 <td class="paramname"><em>usage</em>, </td>
379 </tr>
380 <tr>
381 <td class="paramkey"></td>
382 <td></td>
383 <td class="paramtype"><a class="el" href="group__crypto__types.html#gac2e4d47f1300d73c2f829a6d99252d69">psa_algorithm_t</a>&#160;</td>
384 <td class="paramname"><em>alg</em>&#160;</td>
385 </tr>
386 <tr>
387 <td></td>
388 <td>)</td>
389 <td></td><td></td>
390 </tr>
391 </table>
392</div><div class="memdoc">
393
394<p>Set the standard fields of a policy structure. </p>
395<p>Note that this function does not make any consistency check of the parameters. The values are only checked when applying the policy to a key slot with <a class="el" href="group__policy.html#gad7faa7e64aa771f7441c44ceff21af19" title="Set the usage policy on a key slot. ">psa_set_key_policy()</a>.</p>
396<dl class="params"><dt>Parameters</dt><dd>
397 <table class="params">
398 <tr><td class="paramdir">[out]</td><td class="paramname">policy</td><td>The policy object to modify. </td></tr>
399 <tr><td class="paramdir"></td><td class="paramname">usage</td><td>The permitted uses for the key. </td></tr>
400 <tr><td class="paramdir"></td><td class="paramname">alg</td><td>The algorithm that the key may be used for. </td></tr>
401 </table>
402 </dd>
403</dl>
404
405</div>
406</div>
407<a id="gad7faa7e64aa771f7441c44ceff21af19"></a>
408<h2 class="memtitle"><span class="permalink"><a href="#gad7faa7e64aa771f7441c44ceff21af19">&#9670;&nbsp;</a></span>psa_set_key_policy()</h2>
409
410<div class="memitem">
411<div class="memproto">
412 <table class="memname">
413 <tr>
414 <td class="memname"><a class="el" href="group__basic.html#ga05676e70ba5c6a7565aff3c36677c1f9">psa_status_t</a> psa_set_key_policy </td>
415 <td>(</td>
416 <td class="paramtype"><a class="el" href="group__platform.html#gac3da92a6b8a7f0c01dc348f8e0432e4c">psa_key_slot_t</a>&#160;</td>
417 <td class="paramname"><em>key</em>, </td>
418 </tr>
419 <tr>
420 <td class="paramkey"></td>
421 <td></td>
422 <td class="paramtype">const <a class="el" href="group__policy.html#gaf553efd409845b6d09ff25ce2ba36607">psa_key_policy_t</a> *&#160;</td>
423 <td class="paramname"><em>policy</em>&#160;</td>
424 </tr>
425 <tr>
426 <td></td>
427 <td>)</td>
428 <td></td><td></td>
429 </tr>
430 </table>
431</div><div class="memdoc">
432
433<p>Set the usage policy on a key slot. </p>
434<p>This function must be called on an empty key slot, before importing, generating or creating a key in the slot. Changing the policy of an existing key is not permitted.</p>
435<p>Implementations may set restrictions on supported key policies depending on the key type and the key slot.</p>
436<dl class="params"><dt>Parameters</dt><dd>
437 <table class="params">
438 <tr><td class="paramdir"></td><td class="paramname">key</td><td>The key slot whose policy is to be changed. </td></tr>
439 <tr><td class="paramdir">[in]</td><td class="paramname">policy</td><td>The policy object to query.</td></tr>
440 </table>
441 </dd>
442</dl>
443<dl class="retval"><dt>Return values</dt><dd>
444 <table class="retval">
445 <tr><td class="paramname"><a class="el" href="group__basic.html#ga4cc859e2c66ca381c7418db3527a65e1">PSA_SUCCESS</a></td><td></td></tr>
446 <tr><td class="paramname"><a class="el" href="group__basic.html#gac2fee3a51249fbea45360aaa911f3e58">PSA_ERROR_OCCUPIED_SLOT</a></td><td></td></tr>
447 <tr><td class="paramname"><a class="el" href="group__basic.html#ga1dcc6d130633ed5db8942257581b55dd">PSA_ERROR_NOT_SUPPORTED</a></td><td></td></tr>
448 <tr><td class="paramname"><a class="el" href="group__basic.html#ga798df25a505ebf931f7bec1f80f1f85f">PSA_ERROR_INVALID_ARGUMENT</a></td><td></td></tr>
449 <tr><td class="paramname"><a class="el" href="group__basic.html#ga5cdb6948371d49e916106249020ea3f7">PSA_ERROR_COMMUNICATION_FAILURE</a></td><td></td></tr>
450 <tr><td class="paramname"><a class="el" href="group__basic.html#ga08b10e70fa5ff0b05c631d9f8f6b2c6b">PSA_ERROR_HARDWARE_FAILURE</a></td><td></td></tr>
451 <tr><td class="paramname"><a class="el" href="group__basic.html#ga2c5dda1485cb54f2385cb9c1279a7004">PSA_ERROR_TAMPERING_DETECTED</a></td><td></td></tr>
452 </table>
453 </dd>
454</dl>
455
456</div>
457</div>
458</div><!-- contents -->
459<!-- start footer part -->
460<hr class="footer"/><address class="footer"><small>
461Generated by &#160;<a href="http://www.doxygen.org/index.html">
462<img class="footer" src="doxygen.png" alt="doxygen"/>
463</a> 1.8.13
464</small></address>
465</body>
466</html>