Function esp_idf_sys::psa_set_key_domain_parameters

source · 
pub unsafe extern "C" fn psa_set_key_domain_parameters(
    attributes: *mut psa_key_attributes_t,
    type_: psa_key_type_t,
    data: *const u8,
    data_length: usize
) -> psa_status_t
Expand description

\brief Set domain parameters for a key.

Some key types require additional domain parameters in addition to the key type identifier and the key size. Use this function instead of psa_set_key_type() when you need to specify domain parameters.

The format for the required domain parameters varies based on the key type.

  • For RSA keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY or #PSA_KEY_TYPE_RSA_KEY_PAIR), the domain parameter data consists of the public exponent, represented as a big-endian integer with no leading zeros. This information is used when generating an RSA key pair. When importing a key, the public exponent is read from the imported key data and the exponent recorded in the attribute structure is ignored. As an exception, the public exponent 65537 is represented by an empty byte string.
  • For DSA keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY or #PSA_KEY_TYPE_DSA_KEY_PAIR), the Dss-Params format as defined by RFC 3279 §2.3.2. 
    Dss-Params ::= SEQUENCE  {
   p       INTEGER,
   q       INTEGER,
   g       INTEGER
}
  • For Diffie-Hellman key exchange keys (#PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_FAMILY_CUSTOM) or #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_FAMILY_CUSTOM)), the DomainParameters format as defined by RFC 3279 §2.3.3. 
    DomainParameters ::= SEQUENCE {
   p               INTEGER,                    -- odd prime, p=jq +1
   g               INTEGER,                    -- generator, g
   q               INTEGER,                    -- factor of p-1
   j               INTEGER OPTIONAL,           -- subgroup factor
   validationParams ValidationParams OPTIONAL
}
ValidationParams ::= SEQUENCE {
   seed            BIT STRING,
   pgenCounter     INTEGER
}

\note This function may allocate memory or other resources. Once you have called this function on an attribute structure, you must call psa_reset_key_attributes() to free these resources.

\note This is an experimental extension to the interface. It may change in future versions of the library.

\param[in,out] attributes Attribute structure where the specified domain parameters will be stored. If this function fails, the content of \p attributes is not modified. \param type Key type (a \c PSA_KEY_TYPE_XXX value). \param[in] data Buffer containing the key domain parameters. The content of this buffer is interpreted according to \p type as described above. \param data_length Size of the \p data buffer in bytes.

\retval #PSA_SUCCESS \emptydescription \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription