API definition of the PSA driver Oracle. More...
Go to the source code of this file.
Functions | |
psa_status_t | mcuxClPsaDriver_Oracle_ExportPublicKey (mcuxClKey_Descriptor_t *pKey, uint8_t *data, size_t data_size, size_t *data_length, bool internal_representation) |
Oracle function for exporting of the public key created in ELS during KEY_GEN command. | |
psa_status_t | mcuxClPsaDriver_Oracle_LoadKey (mcuxClKey_Descriptor_t *pKey) |
Oracle function for loading a key. | |
psa_status_t | mcuxClPsaDriver_Oracle_SuspendKey (mcuxClKey_Descriptor_t *pKey) |
Oracle function for 'suspending' a key. | |
psa_status_t | mcuxClPsaDriver_Oracle_ResumeKey (mcuxClKey_Descriptor_t *pKey) |
Oracle function for 'resuming' a previously 'suspended' key. | |
psa_status_t | mcuxClPsaDriver_Oracle_UnloadKey (mcuxClKey_Descriptor_t *pKey) |
Oracle function for 'unloading' a previously loaded key. | |
psa_status_t | mcuxClPsaDriver_Oracle_ReserveKey (mcuxClKey_Descriptor_t *pKey) |
Oracle function for allocating storage for a key that will be created by the psa driver. | |
psa_status_t | mcuxClPsaDriver_Oracle_StoreKey (mcuxClKey_Descriptor_t *pKey) |
Oracle function for saving a key. | |
psa_status_t | mcuxClPsaDriver_Oracle_ImportKey (mcuxClKey_Descriptor_t *pKey, const uint8_t *data, size_t data_length, size_t *key_buffer_length, size_t *bits) |
Oracle function for executing S50 specific activities when the import of key is done the PSA library will proceed with storing the key. | |
psa_status_t | mcuxClPsaDriver_Oracle_GetKeyBufferSizeFromKeyData (const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, size_t *key_buffer_length) |
Oracle function for determine the size required for a key buffer from the data supplied when importing a key. | |
psa_status_t | mcuxClPsaDriver_Oracle_GetBuiltinKeyBufferSize (mbedtls_svc_key_id_t key_id, size_t *key_buffer_size) |
Oracle function for making keys that are installed upon boot in S50 and keys derived from those (built-in) available to be used with PSA API. | |
psa_status_t | mcuxClPsaDriver_Oracle_GetBuiltinKeyBuffer (psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) |
Oracle function for making keys that are installed upon boot in S50 and keys derived from those (built-in) available to be used with PSA API. | |
API definition of the PSA driver Oracle.
psa_status_t mcuxClPsaDriver_Oracle_ExportPublicKey | ( | mcuxClKey_Descriptor_t * | pKey, |
uint8_t * | data, | ||
size_t | data_size, | ||
size_t * | data_length, | ||
bool | internal_representation | ||
) |
Oracle function for exporting of the public key created in ELS during KEY_GEN command.
[in] | pKey | is the reference to the key descriptor of the ELS |
[out] | data | is the buffer including the exported public key |
[in] | data_size | is the size of the allocated memory for the data buffer |
[out] | data_length | is the lenght of the exported key |
[in] | internal_representation | is the flag to indicate internal representation |
PSA_SUCCESS | The operation was succesful |
PSA_ERROR_DOES_NOT_EXIST | No key with the associated key_id found in ELS |
psa_status_t mcuxClPsaDriver_Oracle_LoadKey | ( | mcuxClKey_Descriptor_t * | pKey | ) |
Oracle function for loading a key.
This function loads an encoded or internal key to memory or the S50 key store.
PRECONDITION: The fields of pKey
are initialized as follows:
POSTCONDITION: In case the key is loaded into memory the fields of pKey
are initialized as follows:
pKey
are initialized as follows:OPERATION: Depending on the location attribute in the psa attributes, the Oracle allocates a memory location or free key slot in the S50 (the Oracle is responsible for the memory management) and loads the key there. How the location attributes map to endoding or derivation methods is entirely up to the design of the Oracle; e.g. a key could be decrypted from a blob or derived from a master key.
PSA_SUCCESS | The operation was succesful |
PSA_ERROR_NOT_SUPPORTED | The Oracle shall never return this error code |
PSA_ERROR_GENERIC_ERROR | The operation failed (other error codes can be used as well if more specific) |
psa_status_t mcuxClPsaDriver_Oracle_SuspendKey | ( | mcuxClKey_Descriptor_t * | pKey | ) |
Oracle function for 'suspending' a key.
This function indicates to the Oracle that the key will temporarily not be used by the psa driver. This allows the Oracle to perform memory management operations on this key.
PSA_SUCCESS | The operation was succesful |
PSA_ERROR_NOT_SUPPORTED | The Oracle shall never return this error code |
PSA_ERROR_GENERIC_ERROR | The operation failed (other error codes can be used as well if more specific) |
psa_status_t mcuxClPsaDriver_Oracle_ResumeKey | ( | mcuxClKey_Descriptor_t * | pKey | ) |
Oracle function for 'resuming' a previously 'suspended' key.
This function indicates to the Oracle that the key will be used agian by the psa driver. The Oracle should assure it is available again and may therefore need to re-allocate, re-load the key and update the key fields.
PSA_SUCCESS | The operation was succesful |
PSA_ERROR_NOT_SUPPORTED | The Oracle shall never return this error code |
PSA_ERROR_GENERIC_ERROR | The operation failed (other error codes can be used as well if more specific) |
psa_status_t mcuxClPsaDriver_Oracle_UnloadKey | ( | mcuxClKey_Descriptor_t * | pKey | ) |
Oracle function for 'unloading' a previously loaded key.
This function indicates to the Oracle that the key will not be used any more by the psa driver. This allows the Oracle to free the allocated storage for this key.
PSA_SUCCESS | The operation was succesful |
PSA_ERROR_NOT_SUPPORTED | The Oracle shall never return this error code |
PSA_ERROR_GENERIC_ERROR | The operation failed (other error codes can be used as well if more specific) |
psa_status_t mcuxClPsaDriver_Oracle_ReserveKey | ( | mcuxClKey_Descriptor_t * | pKey | ) |
Oracle function for allocating storage for a key that will be created by the psa driver.
This function requests storage space from the Oracle for a key that will be created by the psa driver. The Oracle shall allocate memory space or a key slot capable of holding the to be generated key.
PSA_SUCCESS | The operation was succesful |
PSA_ERROR_NOT_SUPPORTED | The Oracle shall never return this error code |
PSA_ERROR_GENERIC_ERROR | The operation failed (other error codes can be used as well if more specific) |
psa_status_t mcuxClPsaDriver_Oracle_StoreKey | ( | mcuxClKey_Descriptor_t * | pKey | ) |
Oracle function for saving a key.
This function saves a key from memory or the S50 key store to an encoded format (blob).
PSA_SUCCESS | The operation was succesful |
PSA_ERROR_NOT_SUPPORTED | The Oracle shall never return this error code |
PSA_ERROR_GENERIC_ERROR | The operation failed (other error codes can be used as well if more specific) |
psa_status_t mcuxClPsaDriver_Oracle_ImportKey | ( | mcuxClKey_Descriptor_t * | pKey, |
const uint8_t * | data, | ||
size_t | data_length, | ||
size_t * | key_buffer_length, | ||
size_t * | bits | ||
) |
Oracle function for executing S50 specific activities when the import of key is done the PSA library will proceed with storing the key.
After the evaluation the function will generate the buffer which will be stored in the memory by the PSA
[in] | attributes | defines the attributes associated with the input buffer PRECONDITION: The fields of pKey are initialized as follows:
|
[in] | pKey | is the reference to the key descriptor of the ELS |
[in] | data | is the buffer including public key for import |
[in] | data_length | is the length of data |
[out] | key_buffer_length | is the effective number of data filled in the key_buffer returned by the function |
[out] | bits | is the number of bits representing the key (e.g. 256 for the NISTP 256 key) |
PSA_SUCCESS | The operation was succesful |
PSA_ERROR_NOT_SUPPORTED | The lifetime is not supported, meaning that fallback functions will be executed by Oracle |
PSA_ERROR_INSUFFICIENT_MEMORY | The key_buffer size is not enough to include data to be stored |
psa_status_t mcuxClPsaDriver_Oracle_GetKeyBufferSizeFromKeyData | ( | const psa_key_attributes_t * | attributes, |
const uint8_t * | data, | ||
size_t | data_length, | ||
size_t * | key_buffer_length | ||
) |
Oracle function for determine the size required for a key buffer from the data supplied when importing a key.
The size of the data required to store a key is not necessarily the same as the size of the date supplied when importing a key. In particular for key recipes, the recipe gets parsed upon import and stored in an internal representation which consumes a different amount of space.
[in] | attributes | defines the attributes associated with the input buffer |
[in] | data | includes the input buffer as passed to the psa import function |
[in] | data_length | is the length of data |
[out] | key_buffer | is the buffer which will be stored by PSA in the memory |
[out] | key_buffer_length | is the required number of bytes required as key_buffer |
PSA_SUCCESS | The operation was succesful |
PSA_ERROR_NOT_SUPPORTED | The lifetime is not supported, meaning that fallback functions will be executed by Oracle |
PSA_ERROR_INSUFFICIENT_MEMORY | The key_buffer size is not enough to include data to be stored |
psa_status_t mcuxClPsaDriver_Oracle_GetBuiltinKeyBufferSize | ( | mbedtls_svc_key_id_t | key_id, |
size_t * | key_buffer_size | ||
) |
Oracle function for making keys that are installed upon boot in S50 and keys derived from those (built-in) available to be used with PSA API.
PSA does store information about such keys (either the S50 slot number or a derivation recipe). Therefore it needs to know the size to reserve for a particular key.
[in] | key_id | the PSA key id of a built-in key |
[out] | key_buffer_size | the required size of the buffer to store a built-in key |
psa_status_t mcuxClPsaDriver_Oracle_GetBuiltinKeyBuffer | ( | psa_key_attributes_t * | attributes, |
uint8_t * | key_buffer, | ||
size_t | key_buffer_size, | ||
size_t * | key_buffer_length | ||
) |
Oracle function for making keys that are installed upon boot in S50 and keys derived from those (built-in) available to be used with PSA API.
PSA does store information about such keys (either the S50 slot number or a derivation recipe). This function fills the PSA owned buffer with the required information to use the key.
[in] | attributes | defines the attributes associated with the input buffer |
[out] | key_buffer | is the buffer which will be stored by PSA in the memory |
[in] | key_buffer_size | is the size of the allocated |
[out] | key_buffer_length | is the effective number of data filled in the key_buffer by the function |