Group se_key_management

group se_key_management

Currently, key management is limited to importing keys in the clear, destroying keys, and exporting keys in the clear. Whether a key may be exported is determined by the key policies in place on the key slot.

Typedefs

typedef psa_status_t (*psa_drv_se_allocate_key_t)(psa_drv_se_context_t *drv_context, void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_key_slot_number_t *key_slot)

A function that allocates a slot for a key.

To create a key in a specific slot in a secure element, the core first calls this function to determine a valid slot number, then calls a function to create the key material in that slot. In nominal conditions (that is, if no error occurs), the effect of a call to a key creation function in the PSA Cryptography API with a lifetime that places the key in a secure element is the following:

  1. The core calls psa_drv_se_key_management_t::p_allocate (or in some implementations psa_drv_se_key_management_t::p_validate_slot_number). The driver selects (or validates) a suitable slot number given the key attributes and the state of the secure element.

  2. The core calls a key creation function in the driver.

The key creation functions in the PSA Cryptography API are:

In case of errors, other behaviors are possible.

  • If the PSA Cryptography subsystem dies after the first step, for example because the device has lost power abruptly, the second step may never happen, or may happen after a reset and re-initialization. Alternatively, after a reset and re-initialization, the core may call psa_drv_se_key_management_t::p_destroy on the slot number that was allocated (or validated) instead of calling a key creation function.

  • If an error occurs, the core may call psa_drv_se_key_management_t::p_destroy on the slot number that was allocated (or validated) instead of calling a key creation function.

Errors and system resets also have an impact on the driver’s persistent data. If a reset happens before the overall key creation process is completed (before or after the second step above), it is unspecified whether the persistent data after the reset is identical to what it was before or after the call to p_allocate (or p_validate_slot_number).

Param drv_context

[inout] The driver context structure.

Param persistent_data

[inout] A pointer to the persistent data that allows writing.

Param attributes

[in] Attributes of the key.

Param method

The way in which the key is being created.

Param key_slot

[out] Slot where the key will be stored. This must be a valid slot for a key of the chosen type. It must be unoccupied.

Retval PSA_SUCCESS

Success. The core will record *key_slot as the key slot where the key is stored and will update the persistent data in storage.

Retval PSA_ERROR_NOT_SUPPORTED

Retval PSA_ERROR_INSUFFICIENT_STORAGE

typedef psa_status_t (*psa_drv_se_validate_slot_number_t)(psa_drv_se_context_t *drv_context, void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_key_slot_number_t key_slot)

A function that determines whether a slot number is valid for a key.

To create a key in a specific slot in a secure element, the core first calls this function to validate the choice of slot number, then calls a function to create the key material in that slot. See the documentation of psa_drv_se_allocate_key_t for more details.

As of the PSA Cryptography API specification version 1.0, there is no way for applications to trigger a call to this function. However some implementations offer the capability to create or declare a key in a specific slot via implementation-specific means, generally for the sake of initial device provisioning or onboarding. Such a mechanism may be added to a future version of the PSA Cryptography API specification.

This function may update the driver’s persistent data through persistent_data. The core will save the updated persistent data at the end of the key creation process. See the description of psa_drv_se_allocate_key_t for more information.

Param drv_context

[inout] The driver context structure.

Param persistent_data

[inout] A pointer to the persistent data that allows writing.

Param attributes

[in] Attributes of the key.

Param method

The way in which the key is being created.

Param key_slot

[in] Slot where the key is to be stored.

Retval PSA_SUCCESS

The given slot number is valid for a key with the given attributes.

Retval PSA_ERROR_INVALID_ARGUMENT

The given slot number is not valid for a key with the given attributes. This includes the case where the slot number is not valid at all.

Retval PSA_ERROR_ALREADY_EXISTS

There is already a key with the specified slot number. Drivers may choose to return this error from the key creation function instead.

typedef psa_status_t (*psa_drv_se_import_key_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, size_t *bits)

A function that imports a key into a secure element in binary format.

This function can support any output from psa_export_key(). Refer to the documentation of psa_export_key() for the format for each key type.

Param drv_context

[inout] The driver context structure.

Param key_slot

Slot where the key will be stored. This must be a valid slot for a key of the chosen type. It must be unoccupied.

Param attributes

[in] The key attributes, including the lifetime, the key type and the usage policy. Drivers should not access the key size stored in the attributes: it may not match the data passed in data. Drivers can call psa_get_key_lifetime(), psa_get_key_type(), psa_get_key_usage_flags() and psa_get_key_algorithm() to access this information.

Param data

[in] Buffer containing the key data.

Param data_length

[in] Size of the data buffer in bytes.

Param bits

[out] On success, the key size in bits. The driver must determine this value after parsing the key according to the key type. This value is not used if the function fails.

Retval PSA_SUCCESS

Success.

typedef psa_status_t (*psa_drv_se_destroy_key_t)(psa_drv_se_context_t *drv_context, void *persistent_data, psa_key_slot_number_t key_slot)

A function that destroys a secure element key and restore the slot to its default state.

This function destroys the content of the key from a secure element. Implementations shall make a best effort to ensure that any previous content of the slot is unrecoverable.

This function returns the specified slot to its default state.

Param drv_context

[inout] The driver context structure.

Param persistent_data

[inout] A pointer to the persistent data that allows writing.

Param key_slot

The key slot to erase.

Retval PSA_SUCCESS

The slot’s content, if any, has been erased.

typedef psa_status_t (*psa_drv_se_export_key_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key, uint8_t *p_data, size_t data_size, size_t *p_data_length)

A function that exports a secure element key in binary format.

The output of this function can be passed to psa_import_key() to create an equivalent object.

If a key is created with psa_import_key() and then exported with this function, it is not guaranteed that the resulting data is identical: the implementation may choose a different representation of the same key if the format permits it.

This function should generate output in the same format that psa_export_key() does. Refer to the documentation of psa_export_key() for the format for each key type.

Param drv_context

[inout] The driver context structure.

Param key

[in] Slot whose content is to be exported. This must be an occupied key slot.

Param p_data

[out] Buffer where the key data is to be written.

Param data_size

[in] Size of the p_data buffer in bytes.

Param p_data_length

[out] On success, the number of bytes that make up the key data.

Retval PSA_SUCCESS

Retval PSA_ERROR_DOES_NOT_EXIST

Retval PSA_ERROR_NOT_PERMITTED

Retval PSA_ERROR_NOT_SUPPORTED

Retval PSA_ERROR_COMMUNICATION_FAILURE

Retval PSA_ERROR_HARDWARE_FAILURE

Retval PSA_ERROR_CORRUPTION_DETECTED

typedef psa_status_t (*psa_drv_se_generate_key_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, const psa_key_attributes_t *attributes, uint8_t *pubkey, size_t pubkey_size, size_t *pubkey_length)

A function that generates a symmetric or asymmetric key on a secure element.

If the key type type recorded in attributes is asymmetric (PSA_KEY_TYPE_IS_ASYMMETRIC(type) = 1), the driver may export the public key at the time of generation, in the format documented for psa_export_public_key() by writing it to the pubkey buffer. This is optional, intended for secure elements that output the public key at generation time and that cannot export the public key later. Drivers that do not need this feature should leave *pubkey_length set to 0 and should implement the psa_drv_key_management_t::p_export_public function. Some implementations do not support this feature, in which case pubkey is NULL and pubkey_size is 0.

Param drv_context

[inout] The driver context structure.

Param key_slot

Slot where the key will be stored. This must be a valid slot for a key of the chosen type. It must be unoccupied.

Param attributes

[in] The key attributes, including the lifetime, the key type and size, and the usage policy. Drivers can call psa_get_key_lifetime(), psa_get_key_type(), psa_get_key_bits(), psa_get_key_usage_flags() and psa_get_key_algorithm() to access this information.

Param pubkey

[out] A buffer where the driver can write the public key, when generating an asymmetric key pair. This is NULL when generating a symmetric key or if the core does not support exporting the public key at generation time.

Param pubkey_size

The size of the pubkey buffer in bytes. This is 0 when generating a symmetric key or if the core does not support exporting the public key at generation time.

Param pubkey_length

[out] On entry, this is always 0. On success, the number of bytes written to pubkey. If this is 0 or unchanged on return, the core will not read the pubkey buffer, and will instead call the driver’s psa_drv_key_management_t::p_export_public function to export the public key when needed.

Enums

enum psa_key_creation_method_t

An enumeration indicating how a key is created.

Values:

enumerator PSA_KEY_CREATION_IMPORT

During psa_import_key()

enumerator PSA_KEY_CREATION_GENERATE

During psa_generate_key()

enumerator PSA_KEY_CREATION_DERIVE

During psa_key_derivation_output_key()

enumerator PSA_KEY_CREATION_COPY

During psa_copy_key()

enumerator PSA_KEY_CREATION_REGISTER

A key is being registered with mbedtls_psa_register_se_key().

The core only passes this value to psa_drv_se_key_management_t::p_validate_slot_number, not to psa_drv_se_key_management_t::p_allocate. The call to p_validate_slot_number is not followed by any other call to the driver: the key is considered successfully registered if the call to p_validate_slot_number succeeds, or if p_validate_slot_number is null.

With this creation method, the driver must return PSA_SUCCESS if the given attributes are compatible with the existing key in the slot, and PSA_ERROR_DOES_NOT_EXIST if the driver can determine that there is no key with the specified slot number.

This is an Mbed TLS extension.

struct psa_drv_se_key_management_t
#include <crypto_se_driver.h>

A struct containing all of the function pointers needed to for secure element key management.

PSA Crypto API implementations should populate instances of the table as appropriate upon startup or at build time.

If one of the functions is not implemented, it should be set to NULL.