mbed TLS v3.1.0
Macros | Typedefs | Functions
Built-in keys

Macros

#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN   ((psa_key_id_t)0x7fff0000)
 
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX   ((psa_key_id_t)0x7fffefff)
 

Typedefs

typedef uint64_t psa_drv_slot_number_t
 

Functions

static int psa_key_id_is_builtin (psa_key_id_t key_id)
 
psa_status_t mbedtls_psa_platform_get_builtin_key (mbedtls_svc_key_id_t key_id, psa_key_lifetime_t *lifetime, psa_drv_slot_number_t *slot_number)
 

Detailed Description

Macro Definition Documentation

#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX   ((psa_key_id_t)0x7fffefff)

The maximum value for a key identifier that is built into the implementation.

See MBEDTLS_PSA_KEY_ID_BUILTIN_MIN for more information.

Definition at line 742 of file crypto_extra.h.

Referenced by psa_key_id_is_builtin().

#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN   ((psa_key_id_t)0x7fff0000)

The minimum value for a key identifier that is built into the implementation.

The range of key identifiers from MBEDTLS_PSA_KEY_ID_BUILTIN_MIN to MBEDTLS_PSA_KEY_ID_BUILTIN_MAX within the range from PSA_KEY_ID_VENDOR_MIN and PSA_KEY_ID_VENDOR_MAX and must not intersect with any other set of implementation-chosen key identifiers.

This value is part of the library's ABI since changing it would invalidate the values of built-in key identifiers in applications.

Definition at line 735 of file crypto_extra.h.

Referenced by psa_key_id_is_builtin().

Typedef Documentation

typedef uint64_t psa_drv_slot_number_t

A slot number identifying a key in a driver.

Values of this type are used to identify built-in keys.

Definition at line 748 of file crypto_extra.h.

Function Documentation

psa_status_t mbedtls_psa_platform_get_builtin_key ( mbedtls_svc_key_id_t  key_id,
psa_key_lifetime_t lifetime,
psa_drv_slot_number_t slot_number 
)

Platform function to obtain the location and slot number of a built-in key.

An application-specific implementation of this function must be provided if MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled. This would typically be provided as part of a platform's system image.

MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key_id) needs to be in the range from MBEDTLS_PSA_KEY_ID_BUILTIN_MIN to MBEDTLS_PSA_KEY_ID_BUILTIN_MAX.

In a multi-application configuration (MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER is defined), this function should check that MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(key_id) is allowed to use the given key.

Parameters
key_idThe key ID for which to retrieve the location and slot attributes.
[out]lifetimeOn success, the lifetime associated with the key corresponding to key_id. Lifetime is a combination of which driver contains the key, and with what persistence level the key is intended to be used. If the platform implementation does not contain specific information about the intended key persistence level, the persistence level may be reported as PSA_KEY_PERSISTENCE_DEFAULT.
[out]slot_numberOn success, the slot number known to the driver registered at the lifetime location reported through lifetime which corresponds to the requested built-in key.
Return values
PSA_SUCCESSThe requested key identifier designates a built-in key. In a multi-application configuration, the requested owner is allowed to access it.
PSA_ERROR_DOES_NOT_EXISTThe requested key identifier is not a built-in key which is known to this function. If a key exists in the key storage with this identifier, the data from the storage will be used.
Returns
(any other error) Any other error is propagated to the function that requested the key. Common errors include:
static int psa_key_id_is_builtin ( psa_key_id_t  key_id)
inlinestatic

Test whether a key identifier belongs to the builtin key range.

Parameters
key_idKey identifier to test.
Return values
1The key identifier is a builtin key identifier.
0The key identifier is not a builtin key identifier.

Definition at line 760 of file crypto_extra.h.

References MBEDTLS_PSA_KEY_ID_BUILTIN_MAX, and MBEDTLS_PSA_KEY_ID_BUILTIN_MIN.