![]() |
![]() |
Macros | |
#define | KEYSTORE_PSA_KEY_USAGE_EXPORT ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_EXPORT) |
#define | KEYSTORE_PSA_KEY_USAGE_COPY ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_COPY) |
#define | KEYSTORE_PSA_KEY_USAGE_ENCRYPT ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_ENCRYPT) |
#define | KEYSTORE_PSA_KEY_USAGE_DECRYPT ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_DECRYPT) |
#define | KEYSTORE_PSA_KEY_USAGE_SIGN_MESSAGE ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_SIGN_MESSAGE) |
#define | KEYSTORE_PSA_KEY_USAGE_VERIFY_MESSAGE ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_VERIFY_MESSAGE) |
#define | KEYSTORE_PSA_KEY_USAGE_SIGN_HASH ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_SIGN_HASH) |
#define | KEYSTORE_PSA_KEY_USAGE_VERIFY_HASH ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_VERIFY_HASH) |
#define | KEYSTORE_PSA_KEY_USAGE_DERIVE ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_DERIVE) |
#define KEYSTORE_PSA_KEY_USAGE_EXPORT ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_EXPORT) |
Whether the key may be exported.
A public key or the public part of a key pair may always be exported regardless of the value of this permission flag.
If a key does not have export permission, implementations shall not allow the key to be exported in plain form from the cryptoprocessor, whether through KeyStore_PSA_exportKey() or through a proprietary interface. The key may however be exportable in a wrapped form, i.e. in a form where it is encrypted by another key.
#define KEYSTORE_PSA_KEY_USAGE_COPY ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_COPY) |
Whether the key may be copied.
This flag allows the use of KeyStore_PSA_copyKey() to make a copy of the key with the same policy or a more restrictive policy.
For lifetimes for which the key is located in a secure element which enforce the non-exportability of keys, copying a key outside the secure element also requires the usage flag KEYSTORE_PSA_KEY_USAGE_EXPORT. Copying the key inside the secure element is permitted with just KEYSTORE_PSA_KEY_USAGE_COPY if the secure element supports it. For keys with the lifetime KEYSTORE_PSA_KEY_LIFETIME_VOLATILE or KEYSTORE_PSA_KEY_LIFETIME_PERSISTENT, the usage flag KEYSTORE_PSA_KEY_USAGE_COPY is sufficient to permit the copy.
#define KEYSTORE_PSA_KEY_USAGE_ENCRYPT ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_ENCRYPT) |
Whether the key may be used to encrypt a message.
This flag allows the key to be used for a symmetric encryption operation, for an AEAD encryption-and-authentication operation, or for an asymmetric encryption operation, if otherwise permitted by the key's type and policy.
For a key pair, this concerns the public key.
#define KEYSTORE_PSA_KEY_USAGE_DECRYPT ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_DECRYPT) |
Whether the key may be used to decrypt a message.
This flag allows the key to be used for a symmetric decryption operation, for an AEAD decryption-and-verification operation, or for an asymmetric decryption operation, if otherwise permitted by the key's type and policy.
For a key pair, this concerns the private key.
#define KEYSTORE_PSA_KEY_USAGE_SIGN_MESSAGE ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_SIGN_MESSAGE) |
Whether the key may be used to sign a message.
This flag allows the key to be used for a MAC calculation operation or for an asymmetric message signature operation, if otherwise permitted by the keys type and policy.
For a key pair, this concerns the private key.
#define KEYSTORE_PSA_KEY_USAGE_VERIFY_MESSAGE ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_VERIFY_MESSAGE) |
Whether the key may be used to verify a message.
This flag allows the key to be used for a MAC verification operation or for an asymmetric message signature verification operation, if otherwise permitted by the keys type and policy.
For a key pair, this concerns the public key.
#define KEYSTORE_PSA_KEY_USAGE_SIGN_HASH ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_SIGN_HASH) |
Whether the key may be used to sign a message hash.
This flag allows the key to be used for an asymmetric signature operation, if otherwise permitted by the key's type and policy.
For a key pair, this concerns the private key.
#define KEYSTORE_PSA_KEY_USAGE_VERIFY_HASH ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_VERIFY_HASH) |
Whether the key may be used to verify a message hash.
This flag allows the key to be used for an asymmetric signature verification operation, if otherwise permitted by by the key's type and policy.
For a key pair, this concerns the public key.
#define KEYSTORE_PSA_KEY_USAGE_DERIVE ((KeyStore_PSA_KeyUsage)PSA_KEY_USAGE_DERIVE) |
Whether the key may be used to derive other keys.