mbed TLS v3.1.0
Functions
Random generation

Functions

psa_status_t psa_generate_random (uint8_t *output, size_t output_size)
 Generate random bytes. More...
 
psa_status_t psa_generate_key (const psa_key_attributes_t *attributes, mbedtls_svc_key_id_t *key)
 Generate a key or key pair. More...
 

Detailed Description

Function Documentation

psa_status_t psa_generate_key ( const psa_key_attributes_t attributes,
mbedtls_svc_key_id_t key 
)

Generate a key or key pair.

The key is generated randomly. Its location, usage policy, type and size are taken from attributes.

Implementations must reject an attempt to generate a key of size 0.

The following type-specific considerations apply:

  • For RSA keys (PSA_KEY_TYPE_RSA_KEY_PAIR), the public exponent is 65537. The modulus is a product of two probabilistic primes between 2^{n-1} and 2^n where n is the bit size specified in the attributes.
Parameters
[in]attributesThe attributes for the new key.
[out]keyOn success, an identifier for the newly created key. For persistent keys, this is the key identifier defined in attributes. 0 on failure.
Return values
PSA_SUCCESSSuccess. If the key is persistent, the key material and the key's metadata have been saved to persistent storage.
PSA_ERROR_ALREADY_EXISTSThis is an attempt to create a persistent key, and there is already a persistent key with the given identifier.
PSA_ERROR_NOT_SUPPORTED
PSA_ERROR_INVALID_ARGUMENT
PSA_ERROR_INSUFFICIENT_MEMORY
PSA_ERROR_INSUFFICIENT_ENTROPY
PSA_ERROR_COMMUNICATION_FAILURE
PSA_ERROR_HARDWARE_FAILURE
PSA_ERROR_CORRUPTION_DETECTED
PSA_ERROR_INSUFFICIENT_STORAGE
PSA_ERROR_DATA_INVALID
PSA_ERROR_DATA_CORRUPT
PSA_ERROR_STORAGE_FAILURE
PSA_ERROR_BAD_STATEThe library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code.
psa_status_t psa_generate_random ( uint8_t *  output,
size_t  output_size 
)

Generate random bytes.

Warning
This function can fail! Callers MUST check the return status and MUST NOT use the content of the output buffer if the return status is not PSA_SUCCESS.
Note
To generate a key, use psa_generate_key() instead.
Parameters
[out]outputOutput buffer for the generated data.
output_sizeNumber of bytes to generate and output.
Return values
PSA_SUCCESS
PSA_ERROR_NOT_SUPPORTED
PSA_ERROR_INSUFFICIENT_ENTROPY
PSA_ERROR_INSUFFICIENT_MEMORY
PSA_ERROR_COMMUNICATION_FAILURE
PSA_ERROR_HARDWARE_FAILURE
PSA_ERROR_CORRUPTION_DETECTED
PSA_ERROR_BAD_STATEThe library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code.