Function esp_idf_svc::sys::mbedtls_pk_copy_from_psa

source ยท
pub unsafe extern "C" fn mbedtls_pk_copy_from_psa(
    key_id: u32,
    pk: *mut mbedtls_pk_context,
) -> i32
Expand description

\brief Create a PK context starting from a key stored in PSA. This key: - must be exportable and - must be an RSA or EC key pair or public key (FFDH is not supported in PK).

             The resulting PK object will be a transparent type:
             - #MBEDTLS_PK_RSA for RSA keys or
             - #MBEDTLS_PK_ECKEY for EC keys.

             Once this functions returns the PK object will be completely
             independent from the original PSA key that it was generated
             from.
             Calling mbedtls_pk_sign(), mbedtls_pk_verify(),
             mbedtls_pk_encrypt(), mbedtls_pk_decrypt() on the resulting
             PK context will perform the corresponding algorithm for that
             PK context type.
             * For ECDSA, the choice of deterministic vs randomized will
               be based on the compile-time setting #MBEDTLS_ECDSA_DETERMINISTIC.
             * For an RSA key, the output PK context will allow both
               encrypt/decrypt and sign/verify regardless of the original
               key's policy.
               The original key's policy determines the output key's padding
               mode: PCKS1 v2.1 is set if the PSA key policy is OAEP or PSS,
               otherwise PKCS1 v1.5 is set.

\param key_id The key identifier of the key stored in PSA. \param pk The PK context that will be filled. It must be initialized, but not set up.

\return 0 on success. \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA in case the provided input parameters are not correct.