mbedtls/library/psa_crypto_slot_management.h

16 /** Range of volatile key identifiers.
19  *  range of key identifiers are reserved for volatile key identifiers.
21  *  If \c id is a a volatile key identifier, #PSA_KEY_ID_VOLATILE_MIN - \c id
22  *  indicates the key slot containing the volatile key definition. See
26 /** The minimum value for a volatile key identifier.
30 /** The maximum value for a volatile key identifier.
39 /** Test whether a key identifier is a volatile key identifier.
41  * \param key_id  Key identifier to test.
44  *         The key identifier is a volatile key identifier.
46  *         The key identifier is not a volatile key identifier.
54 /** Get the description of a key given its identifier and lock it.
57  * key slots. This function returns a pointer to the key slot containing the
58  * description of a key given its identifier.
60  * In case of a persistent key, the function loads the description of the key
61  * into a key slot if not already done.
63  * On success, the returned key slot has been registered for reading.
70  * \param key           Key identifier to query.
72  *                      key slot containing the description of the key
73  *                      identified by \p key.
76  *         \p *p_slot contains a pointer to the key slot containing the
77  *         description of the key identified by \p key.
78  *         The key slot counter has been incremented.
82  *         \p key is not a valid key identifier.
84  *         \p key is a persistent key identifier. The implementation does not
85  *         have sufficient resources to load the persistent key. This can be
86  *         due to a lack of empty key slot, or available memory.
88  *         There is no key with key identifier \p key.
93 psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key,
96 /** Initialize the key slot structures.
104 /* Allow test code to customize the key slice length. We use this in tests
105  * that exhaust the key store to reach a full key store in reasonable time
112  * the key store is initialized.
117 /* The number of volatile key slices. */
121 /** Delete all data from key slots in memory.
122  * This function is not thread safe, it wipes every key slot regardless of
128 /** Find a free key slot and reserve it to be filled with a key.
130  * This function finds a key slot that is free,
133  * On success, the key slot's state is PSA_SLOT_FILLING.
135  * PSA_SLOT_EMPTY/FULL once key creation has finished.
138  * global key slot mutex.
141  *                                 a persistent or built-in key.
143  *                                 a volatile key. On success,
147  *                                 responsibility to set this key identifier
153  *         There were no free key slots.
158  *         This function attempted to operate on a key slot which was in an
165 /** Return a key slot to the free list.
171  * global key slot mutex.
176  * \param slot                  The key slot.
180  *         This function attempted to operate on a key slot which was in an
187 /** Change the state of a key slot.
189  * This function changes the state of the key slot from expected_state to
194  * global key slot mutex.
196  * \param[in] slot            The key slot.
201                The key slot's state variable is new_state.
216 /** Register as a reader of a key slot.
218  * This function increments the key slot registered reader counter by one.
220  * global key slot mutex.
222  * \param[in] slot  The key slot.
225                The key slot registered reader counter was incremented.
241 /** Unregister from reading a key slot.
243  * This function decrements the key slot registered reader counter by one.
248  * global key slot mutex.
250  * \note To ease the handling of errors in retrieving a key slot
254  * \param[in] slot  The key slot.
256  *             \p slot is NULL or the key slot reader counter has been
267 /** Wrap a call to psa_unregister_read in the global key slot mutex.
271  * \note To ease the handling of errors in retrieving a key slot
275  * \param[in] slot  The key slot.
277  *             \p slot is NULL or the key slot reader counter has been
288 /** Test whether a lifetime designates a key in an external cryptoprocessor.
293  *         The lifetime designates an external key. There should be a
294  *         registered driver for this lifetime, otherwise the key cannot
297  *         The lifetime designates a key that is volatile or in internal
306 /** Validate a key's location.
308  * This function checks whether the key's attributes point to a location that
309  * is known to the PSA Core, and returns the driver function table if the key
312  * \param[in] lifetime      The key lifetime attribute.
313  * \param[out] p_drv        On success, when a key is located in external
315  *                          associated with the key's storage location.
323 /** Validate the persistence of a key.
325  * \param[in] lifetime  The key lifetime attribute.
328  * \retval #PSA_ERROR_NOT_SUPPORTED The key is persistent but persistent keys
333 /** Validate a key identifier.
335  * \param[in] key           The key identifier.
336  * \param[in] vendor_ok     Non-zero to indicate that key identifiers in the
337  *                          vendor range are allowed, volatile key identifiers
340  * \retval <> 0 if the key identifier is valid, 0 otherwise.
342 int psa_is_valid_key_id(mbedtls_svc_key_id_t key, int vendor_ok);