Function esp_idf_sys::psa_key_derivation_output_key_ext

pub unsafe extern "C" fn psa_key_derivation_output_key_ext(
    attributes: *const psa_key_attributes_t,
    operation: *mut psa_key_derivation_operation_t,
    params: *const psa_key_production_parameters_t,
    params_data_length: usize,
    key: *mut mbedtls_svc_key_id_t,
) -> psa_status_t

Derive a key from an ongoing key derivation operation with custom production parameters.

See the description of psa_key_derivation_out_key() for the operation of this function with the default production parameters. Mbed TLS currently does not currently support any non-default production parameters.

\note This function is experimental and may change in future minor versions of Mbed TLS.

\param[in] attributes The attributes for the new key. If the key type to be created is #PSA_KEY_TYPE_PASSWORD_HASH then the algorithm in the policy must be the same as in the current operation. \param[in,out] operation The key derivation operation object to read from. \param[in] params Customization parameters for the key derivation. When this is #PSA_KEY_PRODUCTION_PARAMETERS_INIT with \p params_data_length = 0, this function is equivalent to psa_key_derivation_output_key(). Mbed TLS currently only supports the default production parameters, i.e. #PSA_KEY_PRODUCTION_PARAMETERS_INIT, for all key types. \param params_data_length Length of params->data in bytes. \param[out] key On success, an identifier for the newly created key. For persistent keys, this is the key identifier defined in \p attributes. \c 0 on failure.

\retval #PSA_SUCCESS Success. If the key is persistent, the key material and the key’s metadata have been saved to persistent storage. \retval #PSA_ERROR_ALREADY_EXISTS This is an attempt to create a persistent key, and there is already a persistent key with the given identifier. \retval #PSA_ERROR_INSUFFICIENT_DATA There was not enough data to create the desired key. Note that in this case, no output is written to the output buffer. The operation’s capacity is set to 0, thus subsequent calls to this function will not succeed, even with a smaller output buffer. \retval #PSA_ERROR_NOT_SUPPORTED The key type or key size is not supported, either by the implementation in general or in this particular location. \retval #PSA_ERROR_INVALID_ARGUMENT The provided key attributes are not valid for the operation. \retval #PSA_ERROR_NOT_PERMITTED The #PSA_KEY_DERIVATION_INPUT_SECRET or #PSA_KEY_DERIVATION_INPUT_PASSWORD input was not provided through a key; or one of the inputs was a key whose policy didn’t allow #PSA_KEY_USAGE_DERIVE. \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription \retval #PSA_ERROR_DATA_INVALID \emptydescription \retval #PSA_ERROR_DATA_CORRUPT \emptydescription \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription \retval #PSA_ERROR_BAD_STATE The operation state is not valid (it must be active and completed all required input steps), or the library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code.