@@ -443,6 +443,140 @@ psa_status_t psa_open_key(psa_key_id_t id,
443443 */
444444psa_status_t psa_close_key (psa_key_handle_t handle );
445445
446+ /** Make a copy of a key.
447+ *
448+ * Copy key material from one location to another.
449+ *
450+ * This function is primarily useful to copy a key from one location
451+ * to another, since it populates a key using the material from
452+ * another key which may have a different lifetime.
453+ *
454+ * This function may be used to share a key with a different party,
455+ * subject to implementation-defined restrictions on key sharing.
456+ *
457+ * The policy on the source key must have the usage flag
458+ * #PSA_KEY_USAGE_COPY set.
459+ * This flag is sufficient to permit the copy if the key has the lifetime
460+ * #PSA_KEY_LIFETIME_VOLATILE or #PSA_KEY_LIFETIME_PERSISTENT.
461+ * Some secure elements do not provide a way to copy a key without
462+ * making it extractable from the secure element. If a key is located
463+ * in such a secure element, then the key must have both usage flags
464+ * #PSA_KEY_USAGE_COPY and #PSA_KEY_USAGE_EXPORT in order to make
465+ * a copy of the key outside the secure element.
466+ *
467+ * The resulting key may only be used in a way that conforms to
468+ * both the policy of the original key and the policy specified in
469+ * the \p attributes parameter:
470+ * - The usage flags on the resulting key are the bitwise-and of the
471+ * usage flags on the source policy and the usage flags in \p attributes.
472+ * - If both allow the same algorithm or wildcard-based
473+ * algorithm policy, the resulting key has the same algorithm policy.
474+ * - If either of the policies allows an algorithm and the other policy
475+ * allows a wildcard-based algorithm policy that includes this algorithm,
476+ * the resulting key allows the same algorithm.
477+ * - If the policies do not allow any algorithm in common, this function
478+ * fails with the status #PSA_ERROR_INVALID_ARGUMENT.
479+ *
480+ * The effect of this function on implementation-defined attributes is
481+ * implementation-defined.
482+ *
483+ * \param source_handle The key to copy. It must be a valid key handle.
484+ * \param[in] attributes The attributes for the new key.
485+ * They are used as follows:
486+ * - The key type and size may be 0. If either is
487+ * nonzero, it must match the corresponding
488+ * attribute of the source key.
489+ * - The key location (the lifetime and, for
490+ * persistent keys, the key identifier) is
491+ * used directly.
492+ * - The policy constraints (usage flags and
493+ * algorithm policy) are combined from
494+ * the source key and \p attributes so that
495+ * both sets of restrictions apply, as
496+ * described in the documentation of this function.
497+ * \param[out] target_handle On success, a handle to the newly created key.
498+ * \c 0 on failure.
499+ *
500+ * \retval #PSA_SUCCESS
501+ * \retval #PSA_ERROR_INVALID_HANDLE
502+ * \p source_handle is invalid.
503+ * \retval #PSA_ERROR_ALREADY_EXISTS
504+ * This is an attempt to create a persistent key, and there is
505+ * already a persistent key with the given identifier.
506+ * \retval #PSA_ERROR_INVALID_ARGUMENT
507+ * The lifetime or identifier in \p attributes are invalid.
508+ * \retval #PSA_ERROR_INVALID_ARGUMENT
509+ * The policy constraints on the source and specified in
510+ * \p attributes are incompatible.
511+ * \retval #PSA_ERROR_INVALID_ARGUMENT
512+ * \p attributes specifies a key type or key size
513+ * which does not match the attributes of the source key.
514+ * \retval #PSA_ERROR_NOT_PERMITTED
515+ * The source key does not have the #PSA_KEY_USAGE_COPY usage flag.
516+ * \retval #PSA_ERROR_NOT_PERMITTED
517+ * The source key is not exportable and its lifetime does not
518+ * allow copying it to the target's lifetime.
519+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
520+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
521+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
522+ * \retval #PSA_ERROR_HARDWARE_FAILURE
523+ * \retval #PSA_ERROR_STORAGE_FAILURE
524+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
525+ * \retval #PSA_ERROR_BAD_STATE
526+ * The library has not been previously initialized by psa_crypto_init().
527+ * It is implementation-dependent whether a failure to initialize
528+ * results in this error code.
529+ */
530+ psa_status_t psa_copy_key (psa_key_handle_t source_handle ,
531+ const psa_key_attributes_t * attributes ,
532+ psa_key_handle_t * target_handle );
533+
534+
535+ /**
536+ * \brief Destroy a key.
537+ *
538+ * This function destroys a key from both volatile
539+ * memory and, if applicable, non-volatile storage. Implementations shall
540+ * make a best effort to ensure that that the key material cannot be recovered.
541+ *
542+ * This function also erases any metadata such as policies and frees
543+ * resources associated with the key. To free all resources associated with
544+ * the key, all handles to the key must be closed or destroyed.
545+ *
546+ * Destroying the key makes the handle invalid, and the key handle
547+ * must not be used again by the application. Using other open handles to the
548+ * destroyed key in a cryptographic operation will result in an error.
549+ *
550+ * If a key is currently in use in a multipart operation, then destroying the
551+ * key will cause the multipart operation to fail.
552+ *
553+ * \param handle Handle to the key to erase.
554+ *
555+ * \retval #PSA_SUCCESS
556+ * The key material has been erased.
557+ * \retval #PSA_ERROR_NOT_PERMITTED
558+ * The key cannot be erased because it is
559+ * read-only, either due to a policy or due to physical restrictions.
560+ * \retval #PSA_ERROR_INVALID_HANDLE
561+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
562+ * There was an failure in communication with the cryptoprocessor.
563+ * The key material may still be present in the cryptoprocessor.
564+ * \retval #PSA_ERROR_STORAGE_FAILURE
565+ * The storage is corrupted. Implementations shall make a best effort
566+ * to erase key material even in this stage, however applications
567+ * should be aware that it may be impossible to guarantee that the
568+ * key material is not recoverable in such cases.
569+ * \retval #PSA_ERROR_CORRUPTION_DETECTED
570+ * An unexpected condition which is not a storage corruption or
571+ * a communication failure occurred. The cryptoprocessor may have
572+ * been compromised.
573+ * \retval #PSA_ERROR_BAD_STATE
574+ * The library has not been previously initialized by psa_crypto_init().
575+ * It is implementation-dependent whether a failure to initialize
576+ * results in this error code.
577+ */
578+ psa_status_t psa_destroy_key (psa_key_handle_t handle );
579+
446580/**@}*/
447581
448582/** \defgroup import_export Key import and export
@@ -519,50 +653,7 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes,
519653 size_t data_length ,
520654 psa_key_handle_t * handle );
521655
522- /**
523- * \brief Destroy a key.
524- *
525- * This function destroys a key from both volatile
526- * memory and, if applicable, non-volatile storage. Implementations shall
527- * make a best effort to ensure that that the key material cannot be recovered.
528- *
529- * This function also erases any metadata such as policies and frees
530- * resources associated with the key. To free all resources associated with
531- * the key, all handles to the key must be closed or destroyed.
532- *
533- * Destroying the key makes the handle invalid, and the key handle
534- * must not be used again by the application. Using other open handles to the
535- * destroyed key in a cryptographic operation will result in an error.
536- *
537- * If a key is currently in use in a multipart operation, then destroying the
538- * key will cause the multipart operation to fail.
539- *
540- * \param handle Handle to the key to erase.
541- *
542- * \retval #PSA_SUCCESS
543- * The key material has been erased.
544- * \retval #PSA_ERROR_NOT_PERMITTED
545- * The key cannot be erased because it is
546- * read-only, either due to a policy or due to physical restrictions.
547- * \retval #PSA_ERROR_INVALID_HANDLE
548- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
549- * There was an failure in communication with the cryptoprocessor.
550- * The key material may still be present in the cryptoprocessor.
551- * \retval #PSA_ERROR_STORAGE_FAILURE
552- * The storage is corrupted. Implementations shall make a best effort
553- * to erase key material even in this stage, however applications
554- * should be aware that it may be impossible to guarantee that the
555- * key material is not recoverable in such cases.
556- * \retval #PSA_ERROR_CORRUPTION_DETECTED
557- * An unexpected condition which is not a storage corruption or
558- * a communication failure occurred. The cryptoprocessor may have
559- * been compromised.
560- * \retval #PSA_ERROR_BAD_STATE
561- * The library has not been previously initialized by psa_crypto_init().
562- * It is implementation-dependent whether a failure to initialize
563- * results in this error code.
564- */
565- psa_status_t psa_destroy_key (psa_key_handle_t handle );
656+
566657
567658/**
568659 * \brief Export a key in binary format.
@@ -722,93 +813,7 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle,
722813 size_t data_size ,
723814 size_t * data_length );
724815
725- /** Make a copy of a key.
726- *
727- * Copy key material from one location to another.
728- *
729- * This function is primarily useful to copy a key from one location
730- * to another, since it populates a key using the material from
731- * another key which may have a different lifetime.
732- *
733- * This function may be used to share a key with a different party,
734- * subject to implementation-defined restrictions on key sharing.
735- *
736- * The policy on the source key must have the usage flag
737- * #PSA_KEY_USAGE_COPY set.
738- * This flag is sufficient to permit the copy if the key has the lifetime
739- * #PSA_KEY_LIFETIME_VOLATILE or #PSA_KEY_LIFETIME_PERSISTENT.
740- * Some secure elements do not provide a way to copy a key without
741- * making it extractable from the secure element. If a key is located
742- * in such a secure element, then the key must have both usage flags
743- * #PSA_KEY_USAGE_COPY and #PSA_KEY_USAGE_EXPORT in order to make
744- * a copy of the key outside the secure element.
745- *
746- * The resulting key may only be used in a way that conforms to
747- * both the policy of the original key and the policy specified in
748- * the \p attributes parameter:
749- * - The usage flags on the resulting key are the bitwise-and of the
750- * usage flags on the source policy and the usage flags in \p attributes.
751- * - If both allow the same algorithm or wildcard-based
752- * algorithm policy, the resulting key has the same algorithm policy.
753- * - If either of the policies allows an algorithm and the other policy
754- * allows a wildcard-based algorithm policy that includes this algorithm,
755- * the resulting key allows the same algorithm.
756- * - If the policies do not allow any algorithm in common, this function
757- * fails with the status #PSA_ERROR_INVALID_ARGUMENT.
758- *
759- * The effect of this function on implementation-defined attributes is
760- * implementation-defined.
761- *
762- * \param source_handle The key to copy. It must be a valid key handle.
763- * \param[in] attributes The attributes for the new key.
764- * They are used as follows:
765- * - The key type and size may be 0. If either is
766- * nonzero, it must match the corresponding
767- * attribute of the source key.
768- * - The key location (the lifetime and, for
769- * persistent keys, the key identifier) is
770- * used directly.
771- * - The policy constraints (usage flags and
772- * algorithm policy) are combined from
773- * the source key and \p attributes so that
774- * both sets of restrictions apply, as
775- * described in the documentation of this function.
776- * \param[out] target_handle On success, a handle to the newly created key.
777- * \c 0 on failure.
778- *
779- * \retval #PSA_SUCCESS
780- * \retval #PSA_ERROR_INVALID_HANDLE
781- * \p source_handle is invalid.
782- * \retval #PSA_ERROR_ALREADY_EXISTS
783- * This is an attempt to create a persistent key, and there is
784- * already a persistent key with the given identifier.
785- * \retval #PSA_ERROR_INVALID_ARGUMENT
786- * The lifetime or identifier in \p attributes are invalid.
787- * \retval #PSA_ERROR_INVALID_ARGUMENT
788- * The policy constraints on the source and specified in
789- * \p attributes are incompatible.
790- * \retval #PSA_ERROR_INVALID_ARGUMENT
791- * \p attributes specifies a key type or key size
792- * which does not match the attributes of the source key.
793- * \retval #PSA_ERROR_NOT_PERMITTED
794- * The source key does not have the #PSA_KEY_USAGE_COPY usage flag.
795- * \retval #PSA_ERROR_NOT_PERMITTED
796- * The source key is not exportable and its lifetime does not
797- * allow copying it to the target's lifetime.
798- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
799- * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
800- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
801- * \retval #PSA_ERROR_HARDWARE_FAILURE
802- * \retval #PSA_ERROR_STORAGE_FAILURE
803- * \retval #PSA_ERROR_CORRUPTION_DETECTED
804- * \retval #PSA_ERROR_BAD_STATE
805- * The library has not been previously initialized by psa_crypto_init().
806- * It is implementation-dependent whether a failure to initialize
807- * results in this error code.
808- */
809- psa_status_t psa_copy_key (psa_key_handle_t source_handle ,
810- const psa_key_attributes_t * attributes ,
811- psa_key_handle_t * target_handle );
816+
812817
813818/**@}*/
814819
0 commit comments