Typedefs
typedef struct psa_generate_key_iop_s	psa_generate_key_iop_t

Functions
uint32_t	psa_generate_key_iop_get_num_ops (psa_generate_key_iop_t *operation)
	Get the number of ops that a key generation operation has taken so far. If the operation has completed, then this will represent the number of ops required for the entire operation. After initialization or calling `psa_generate_key_iop_abort()` on the operation, a value of 0 will be returned. More...

psa_status_t	psa_generate_key_iop_setup (psa_generate_key_iop_t operation, const psa_key_attributes_t attributes)
	Start a key generation operation, in an interruptible manner. More...

psa_status_t	psa_generate_key_iop_complete (psa_generate_key_iop_t operation, mbedtls_svc_key_id_t key)
	Continue and eventually complete the action of key generation, in an interruptible manner. More...

psa_status_t	psa_generate_key_iop_abort (psa_generate_key_iop_t *operation)
	Abort a key generation operation. More...

Detailed Description

Typedef Documentation

typedef struct psa_generate_key_iop_s psa_generate_key_iop_t

The type of the state data structure for interruptible key generation operations.

Before calling any function on an interruptible key generation object, the application must initialize it by any of the following means:

Set the structure to all-bits-zero, for example:
psa_generate_key_iop_t operation;

memset(&operation, 0, sizeof(operation));
Initialize the structure to logical zero values, for example:
psa_generate_key_iop_t operation = {0};
Initialize the structure to the initializer PSA_GENERATE_KEY_IOP_INIT, for example:
psa_generate_key_iop_t operation = PSA_GENERATE_KEY_IOP_INIT;
Assign the result of the function psa_generate_key_iop_init() to the structure, for example:
psa_generate_key_iop_t operation;

operation = psa_generate_key_iop_init();

This is an implementation-defined struct. Applications should not make any assumptions about the content of this structure. Implementation details can change in future versions without notice.

Definition at line 5289 of file crypto.h.

Function Documentation

psa_status_t psa_generate_key_iop_abort ( psa_generate_key_iop_t * operation )

Abort a key generation operation.

Warning: This is a beta API, and thus subject to change at any point. It is not bound by the usual interface stability promises.

Note: This function clears the number of ops completed as part of the operation. Please ensure you copy this value via psa_generate_key_iop_get_num_ops() if required before calling.; Aborting an operation frees all associated resources except for the operation structure itself. Once aborted, the operation object can be reused for another operation by calling psa_generate_key_iop_setup() again.; You may call this function any time after the operation object has been initialized. In particular, calling psa_generate_key_iop_abort() after the operation has already been terminated by a call to psa_generate_key_iop_abort() or psa_generate_key_iop_complete() is safe.

Parameters

[in,out] operation The psa_key_agreement_iop_t to use

Return values

PSA_SUCCESS	The operation was aborted successfully.
PSA_ERROR_BAD_STATE	The library has not been previously initialized by `psa_crypto_init()`.

psa_status_t psa_generate_key_iop_complete	(	psa_generate_key_iop_t *	operation,
		mbedtls_svc_key_id_t *	key
	)

Continue and eventually complete the action of key generation, in an interruptible manner.

See Also: psa_generate_key_iop_setup()

Warning: This is a beta API, and thus subject to change at any point. It is not bound by the usual interface stability promises.

Note: This function combined with psa_generate_key_iop_setup() is equivalent to psa_generate_key() but this function can return early and resume according to the limit set with psa_interruptible_set_max_ops() to reduce the maximum time spent in a function call.; Users should call this function on the same operation object repeatedly whilst it returns PSA_OPERATION_INCOMPLETE, stopping when it returns either PSA_SUCCESS or an error. Alternatively users can call psa_generate_key_iop_abort() at any point if they no longer want the result.; When this function returns successfully, the operation becomes inactive. If this function returns an error status, the operation enters an error state and must be aborted by calling psa_generate_key_iop_abort().

Parameters

[in,out]	operation	The `psa_generate_key_iop_t` to use. This must be initialized first, and have had `psa_generate_key_iop_setup()` called with it first.
[out]	key	On success, an identifier for the newly created key, on failure this will be set to PSA_KEY_ID_NULL.

Return values

PSA_SUCCESS	The operation is complete and `key` contains the new key. If the key is persistent, the key material and the key's metadata have been saved to persistent storage.
PSA_OPERATION_INCOMPLETE	Operation was interrupted due to the setting of `psa_interruptible_set_max_ops()`. There is still work to be done. Call this function again with the same operation object.
PSA_ERROR_ALREADY_EXISTS	This is an attempt to create a persistent key, and there is already a persistent key with the given identifier.
PSA_ERROR_NOT_SUPPORTED
PSA_ERROR_INVALID_ARGUMENT
PSA_ERROR_INSUFFICIENT_MEMORY
PSA_ERROR_COMMUNICATION_FAILURE
PSA_ERROR_HARDWARE_FAILURE
PSA_ERROR_CORRUPTION_DETECTED
PSA_ERROR_STORAGE_FAILURE
PSA_ERROR_DATA_CORRUPT
PSA_ERROR_DATA_INVALID
PSA_ERROR_INSUFFICIENT_ENTROPY
PSA_ERROR_BAD_STATE	The following conditions can result in this error: The library has not been previously initialized by `psa_crypto_init()`. The operation state is not valid: it must be active.

uint32_t psa_generate_key_iop_get_num_ops ( psa_generate_key_iop_t * operation )

Get the number of ops that a key generation operation has taken so far. If the operation has completed, then this will represent the number of ops required for the entire operation. After initialization or calling psa_generate_key_iop_abort() on the operation, a value of 0 will be returned.

Warning: This is a beta API, and thus subject to change at any point. It is not bound by the usual interface stability promises. This is a helper provided to help you tune the value passed to psa_interruptible_set_max_ops().

Parameters

operation The psa_generate_key_iop_t to use. This must be initialized first.

Returns: Number of ops that the operation has taken so far.

psa_status_t psa_generate_key_iop_setup	(	psa_generate_key_iop_t *	operation,
		const psa_key_attributes_t *	attributes
	)

Start a key generation operation, in an interruptible manner.

See Also: psa_generate_key_iop_complete()

Warning: This is a beta API, and thus subject to change at any point. It is not bound by the usual interface stability promises.

Note: This function combined with psa_generate_key_iop_complete() is equivalent to psa_generate_key() but psa_generate_key_iop_complete() can return early and resume according to the limit set with psa_interruptible_set_max_ops() to reduce the maximum time spent in a function.; Users should call psa_generate_key_iop_complete() repeatedly on the same operation object after a successful call to this function until psa_generate_key_iop_complete() either returns PSA_SUCCESS or an error. psa_generate_key_iop_complete() will return PSA_OPERATION_INCOMPLETE if there is more work to do. Alternatively users can call psa_generate_key_iop_abort() at any point if they no longer want the result.; This function clears the number of ops completed as part of the operation. Please ensure you copy this value via psa_generate_key_iop_get_num_ops() if required before calling.; If this function returns an error status, the operation enters an error state and must be aborted by calling psa_generate_key_iop_abort().; Only asymmetric key pairs are supported. (See attributes.)

Parameters

[in,out]	operation	The `psa_generate_key_iop_t` to use. This must be initialized as per the documentation for `psa_generate_key_iop_t`, and be inactive.
[in]	attributes	The attributes for the new key. The following attributes are required for all keys: The key type. It must be an asymmetric key-pair. The key size. It must be a valid size for the key type. The following attributes must be set for keys used in cryptographic operations: The key permitted-algorithm policy. The key usage flags. The following attributes must be set for keys that do not use the default volatile lifetime: The key lifetime. The key identifier is required for a key with a persistent lifetime,

Note: attributes is an input parameter, it is not updated with the final key attributes. The final attributes of the new key can be queried by calling psa_get_key_attributes() with the key's identifier.

Return values

PSA_SUCCESS	The operation started successfully. Call `psa_generate_key_iop_complete()` with the same context to complete the operation.
PSA_ERROR_ALREADY_EXISTS	This is an attempt to create a persistent key, and there is already a persistent key with the given identifier
PSA_ERROR_NOT_SUPPORTED	The key attributes, as a whole, are not supported, either in general or in the specified storage location.
PSA_ERROR_INVALID_ARGUMENT	The following conditions can result in this error: The key type is invalid, or is an asymmetric public key type. The key size is not valid for the key type. The key lifetime is invalid. The key identifier is not valid for the key lifetime. The key usage flags include invalid values. The key's permitted-usage algorithm is invalid. The key attributes, as a whole, are invalid.
PSA_ERROR_NOT_PERMITTED	Creating a key with the specified attributes is not permitted.
PSA_ERROR_INSUFFICIENT_MEMORY
PSA_ERROR_COMMUNICATION_FAILURE
PSA_ERROR_HARDWARE_FAILURE
PSA_ERROR_CORRUPTION_DETECTED
PSA_ERROR_STORAGE_FAILURE
PSA_ERROR_DATA_CORRUPT
PSA_ERROR_DATA_INVALID
PSA_ERROR_INSUFFICIENT_STORAGE
PSA_ERROR_BAD_STATE	The following conditions can result in this error: The library has not been previously initialized by `psa_crypto_init()`. The operation state is not valid: it must be inactive.

Typedefs

Functions

Detailed Description

Typedef Documentation

Function Documentation