Function esp_idf_svc::hal::sys::psa_key_derivation_key_agreement
source · pub unsafe extern "C" fn psa_key_derivation_key_agreement(
operation: *mut psa_key_derivation_s,
step: u16,
private_key: u32,
peer_key: *const u8,
peer_key_length: usize,
) -> i32
Expand description
Perform a key agreement and use the shared secret as input to a key derivation.
A key agreement algorithm takes two inputs: a private key \p private_key a public key \p peer_key. The result of this function is passed as input to a key derivation. The output of this key derivation can be extracted by reading from the resulting operation to produce keys and other cryptographic material.
If this function returns an error status, the operation enters an error state and must be aborted by calling psa_key_derivation_abort().
\param[in,out] operation The key derivation operation object to use.
It must have been set up with
psa_key_derivation_setup() with a
key agreement and derivation algorithm
\c alg (\c PSA_ALG_XXX value such that
#PSA_ALG_IS_KEY_AGREEMENT(\c alg) is true
and #PSA_ALG_IS_RAW_KEY_AGREEMENT(\c alg)
is false).
The operation must be ready for an
input of the type given by \p step.
\param step Which step the input data is for.
\param private_key Identifier of the private key to use. It must
allow the usage #PSA_KEY_USAGE_DERIVE.
\param[in] peer_key Public key of the peer. The peer key must be in the
same format that psa_import_key() accepts for the
public key type corresponding to the type of
private_key. That is, this function performs the
equivalent of
#psa_import_key(…,
peer_key
, peer_key_length
) where
with key attributes indicating the public key
type corresponding to the type of private_key
.
For example, for EC keys, this means that peer_key
is interpreted as a point on the curve that the
private key is on. The standard formats for public
keys are documented in the documentation of
psa_export_public_key().
\param peer_key_length Size of \p peer_key in bytes.
\retval #PSA_SUCCESS Success. \retval #PSA_ERROR_INVALID_HANDLE \emptydescription \retval #PSA_ERROR_NOT_PERMITTED \emptydescription \retval #PSA_ERROR_INVALID_ARGUMENT \c private_key is not compatible with \c alg, or \p peer_key is not valid for \c alg or not compatible with \c private_key, or \c step does not allow an input resulting from a key agreement. \retval #PSA_ERROR_NOT_SUPPORTED \c alg is not supported or is not a key derivation algorithm. \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription \retval #PSA_ERROR_BAD_STATE The operation state is not valid for this key agreement \p step, or the library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code.