Function esp_idf_sys::psa_key_derivation_key_agreement

source ·
pub unsafe extern "C" fn psa_key_derivation_key_agreement(
    operation: *mut psa_key_derivation_operation_t,
    step: psa_key_derivation_step_t,
    private_key: mbedtls_svc_key_id_t,
    peer_key: *const u8,
    peer_key_length: usize,
) -> psa_status_t
Expand description

Perform a key agreement and use the shared secret as input to a key derivation.

A key agreement algorithm takes two inputs: a private key \p private_key a public key \p peer_key. The result of this function is passed as input to a key derivation. The output of this key derivation can be extracted by reading from the resulting operation to produce keys and other cryptographic material.

If this function returns an error status, the operation enters an error state and must be aborted by calling psa_key_derivation_abort().

\param[in,out] operation The key derivation operation object to use. It must have been set up with psa_key_derivation_setup() with a key agreement and derivation algorithm \c alg (\c PSA_ALG_XXX value such that #PSA_ALG_IS_KEY_AGREEMENT(\c alg) is true and #PSA_ALG_IS_RAW_KEY_AGREEMENT(\c alg) is false). The operation must be ready for an input of the type given by \p step. \param step Which step the input data is for. \param private_key Identifier of the private key to use. It must allow the usage #PSA_KEY_USAGE_DERIVE. \param[in] peer_key Public key of the peer. The peer key must be in the same format that psa_import_key() accepts for the public key type corresponding to the type of private_key. That is, this function performs the equivalent of #psa_import_key(…, peer_key, peer_key_length) where with key attributes indicating the public key type corresponding to the type of private_key. For example, for EC keys, this means that peer_key is interpreted as a point on the curve that the private key is on. The standard formats for public keys are documented in the documentation of psa_export_public_key(). \param peer_key_length Size of \p peer_key in bytes.

\retval #PSA_SUCCESS Success. \retval #PSA_ERROR_INVALID_HANDLE \emptydescription \retval #PSA_ERROR_NOT_PERMITTED \emptydescription \retval #PSA_ERROR_INVALID_ARGUMENT \c private_key is not compatible with \c alg, or \p peer_key is not valid for \c alg or not compatible with \c private_key, or \c step does not allow an input resulting from a key agreement. \retval #PSA_ERROR_NOT_SUPPORTED \c alg is not supported or is not a key derivation algorithm. \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription \retval #PSA_ERROR_BAD_STATE The operation state is not valid for this key agreement \p step, or the library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code.