9.2. Key types
9.2.1. Key type encoding
psa_key_type_t
(type)
Encoding of a key type.
typedef uint16_t psa_key_type_t;
This is a structured bitfield that identifies the category and type of key. The range of key type values is divided as follows:
PSA_KEY_TYPE_NONE
== 0
 Reserved as an invalid key type.
0
x0001
– 0
x7fff
 Specificationdefined key types. Key types defined by this standard always have bit 15 clear. Unallocated key type values in this range are reserved for future use.
0
x8000
– 0
xffff
 Implementationdefined key types. Implementations that define additional key types must use an encoding with bit 15 set. The related support macros will be easier to write if these key encodings also respect the bitwise structure used by standard encodings.
The Algorithm and key type encoding appendix provides a full definition of the key type encoding.
PSA_KEY_TYPE_NONE
(macro)
An invalid key type value.
#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x0000)
Zero is not the encoding of any key type.
9.2.2. Key categories
PSA_KEY_TYPE_IS_UNSTRUCTURED
(macro)
Whether a key type is an unstructured array of bytes.
#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) /* specificationdefined value */
Parameters

type
 A key type: a value of type
psa_key_type_t
.
Description
This encompasses both symmetric keys and nonkey data.
See Symmetric keys for a list of symmetric key types.
PSA_KEY_TYPE_IS_ASYMMETRIC
(macro)
Whether a key type is asymmetric: either a key pair or a public key.
#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) /* specificationdefined value */
Parameters

type
 A key type: a value of type
psa_key_type_t
.
Description
See RSA keys for a list of asymmetric key types.
PSA_KEY_TYPE_IS_PUBLIC_KEY
(macro)
Whether a key type is the public part of a key pair.
#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) /* specificationdefined value */
Parameters

type
 A key type: a value of type
psa_key_type_t
.
PSA_KEY_TYPE_IS_KEY_PAIR
(macro)
Whether a key type is a key pair containing a private part and a public part.
#define PSA_KEY_TYPE_IS_KEY_PAIR(type) /* specificationdefined value */
Parameters

type
 A key type: a value of type
psa_key_type_t
.
9.2.3. Symmetric keys
PSA_KEY_TYPE_RAW_DATA
(macro)
Raw data.
#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x1001)
A “key” of this type cannot be used for any cryptographic operation. Applications can use this type to store arbitrary data in the keystore.
The bit size of a raw key must be a nonzero multiple of 8. The maximum size of a raw key is IMPLEMENTATION DEFINED.
Compatible algorithms
PSA_ALG_HKDF
(nonsecret inputs)PSA_ALG_TLS12_PRF
(nonsecret inputs)PSA_ALG_TLS12_PSK_TO_MS
(nonsecret inputs)PSA_KEY_TYPE_HMAC
(macro)
HMAC key.
#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x1100)
The key policy determines which underlying hash algorithm the key can be used for.
The bit size of an HMAC key must be a nonzero multiple of 8. An HMAC key is typically the same size as the output of the underlying hash algorithm. An HMAC key that is longer than the block size of the underlying hash algorithm will be hashed before use.
When an HMAC key is created that is longer than the block size, it is implementation defined whether the implementation stores the original HMAC key, or the hash of the HMAC key. If the hash of the key is stored, the key size reported by psa_get_key_attributes()
will be the size of the hashed key.
Note
PSA_HASH_LENGTH
(
alg
)
provides the output size of hash algorithm alg
, in bytes.
PSA_HASH_BLOCK_LENGTH
(
alg
)
provides the block size of hash algorithm alg
, in bytes.
Compatible algorithms
PSA_KEY_TYPE_DERIVE
(macro)
A secret for key derivation.
#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x1200)
This key type is for highentropy secrets only. For lowentropy secrets, PSA_KEY_TYPE_PASSWORD
should be used instead.
These keys can be used in the PSA_KEY_DERIVATION_INPUT_SECRET
or PSA_KEY_DERIVATION_INPUT_PASSWORD
input step of key derivation algorithms.
The key policy determines which key derivation algorithm the key can be used for.
The bit size of a secret for key derivation must be a nonzero multiple of 8. The maximum size of a secret for key derivation is IMPLEMENTATION DEFINED.
Compatible algorithms
PSA_KEY_TYPE_PASSWORD
(macro)
A lowentropy secret for password hashing or key derivation.
#define PSA_KEY_TYPE_PASSWORD ((psa_key_type_t)0x1203)
This key type is suitable for passwords and passphrases which are typically intended to be memorizable by humans, and have a low entropy relative to their size.
It can be used for randomly generated or derived keys with maximum or nearmaximum entropy, but PSA_KEY_TYPE_DERIVE
is more suitable for such keys.
It is not suitable for passwords with extremely low entropy, such as numerical PINs.
These keys can be used in the PSA_KEY_DERIVATION_INPUT_PASSWORD
input step of key derivation algorithms.
Algorithms that accept such an input were designed to accept lowentropy secret and are known as password hashing or key stretching algorithms.
These keys cannot be used in the PSA_KEY_DERIVATION_INPUT_SECRET
input step of key derivation algorithms, as the algorithms expect such an input to have high entropy.
The key policy determines which key derivation algorithm the key can be used for, among the permissible subset defined above.
Compatible algorithms
PSA_ALG_PBKDF2_HMAC()
(password input)PSA_ALG_PBKDF2_AES_CMAC_PRF_128
(password input)PSA_KEY_TYPE_PASSWORD_HASH
(macro)
A secret value that can be used to verify a password hash.
#define PSA_KEY_TYPE_PASSWORD_HASH ((psa_key_type_t)0x1205)
The key policy determines which key derivation algorithm the key can be used for, among the same permissible subset as for PSA_KEY_TYPE_PASSWORD
.
Compatible algorithms
PSA_ALG_PBKDF2_HMAC()
(key output and verification)PSA_ALG_PBKDF2_AES_CMAC_PRF_128
(key output and verification)PSA_KEY_TYPE_PEPPER
(macro)
A secret value that can be used when computing a password hash.
#define PSA_KEY_TYPE_PEPPER ((psa_key_type_t)0x1206)
The key policy determines which key derivation algorithm the key can be used for, among the subset of algorithms that can use pepper.
Compatible algorithms
PSA_ALG_PBKDF2_HMAC()
(salt input)PSA_ALG_PBKDF2_AES_CMAC_PRF_128
(salt input)PSA_KEY_TYPE_AES
(macro)
Key for a cipher, AEAD or MAC algorithm based on the AES block cipher.
#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x2400)
The size of the key is related to the AES algorithm variant. For algorithms except the XTS block cipher mode, the following key sizes are used:
 AES128 uses a 16byte key :
key_bits = 128
 AES192 uses a 24byte key :
key_bits = 192
 AES256 uses a 32byte key :
key_bits = 256
For the XTS block cipher mode (PSA_ALG_XTS
), the following key sizes are used:
 AES128XTS uses two 16byte keys :
key_bits = 256
 AES192XTS uses two 24byte keys :
key_bits = 384
 AES256XTS uses two 32byte keys :
key_bits = 512
The AES block cipher is defined in FIPS Publication 197: Advanced Encryption Standard (AES) [FIPS197].
Compatible algorithms
PSA_KEY_TYPE_ARIA
(macro)
Key for a cipher, AEAD or MAC algorithm based on the ARIA block cipher.
#define PSA_KEY_TYPE_ARIA ((psa_key_type_t)0x2406)
The size of the key is related to the ARIA algorithm variant. For algorithms except the XTS block cipher mode, the following key sizes are used:
 ARIA128 uses a 16byte key :
key_bits = 128
 ARIA192 uses a 24byte key :
key_bits = 192
 ARIA256 uses a 32byte key :
key_bits = 256
For the XTS block cipher mode (PSA_ALG_XTS
), the following key sizes are used:
 ARIA128XTS uses two 16byte keys :
key_bits = 256
 ARIA192XTS uses two 24byte keys :
key_bits = 384
 ARIA256XTS uses two 32byte keys :
key_bits = 512
The ARIA block cipher is defined in A Description of the ARIA Encryption Algorithm [RFC5794].
Compatible algorithms
PSA_KEY_TYPE_DES
(macro)
Key for a cipher or MAC algorithm based on DES or 3DES (TripleDES).
#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x2301)
The size of the key determines which DES algorithm is used:
 Single DES uses an 8byte key :
key_bits = 64
 2key 3DES uses a 16byte key :
key_bits = 128
 3key 3DES uses a 24byte key :
key_bits = 192
Warning
Single DES and 2key 3DES are weak and strongly deprecated and are only recommended for decrypting legacy data.
3key 3DES is weak and deprecated and is only recommended for use in legacy protocols.
The DES and 3DES block ciphers are defined in NIST Special Publication 80067: Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher [SP80067].
Compatible algorithms
PSA_KEY_TYPE_CAMELLIA
(macro)
Key for a cipher, AEAD or MAC algorithm based on the Camellia block cipher.
#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x2403)
The size of the key is related to the Camellia algorithm variant. For algorithms except the XTS block cipher mode, the following key sizes are used:
 Camellia128 uses a 16byte key :
key_bits = 128
 Camellia192 uses a 24byte key :
key_bits = 192
 Camellia256 uses a 32byte key :
key_bits = 256
For the XTS block cipher mode (PSA_ALG_XTS
), the following key sizes are used:
 Camellia128XTS uses two 16byte keys :
key_bits = 256
 Camellia192XTS uses two 24byte keys :
key_bits = 384
 Camellia256XTS uses two 32byte keys :
key_bits = 512
The Camellia block cipher is defined in Specification of Camellia — a 128bit Block Cipher [NTTCAM] and also described in A Description of the Camellia Encryption Algorithm [RFC3713].
Compatible algorithms
PSA_KEY_TYPE_SM4
(macro)
Key for a cipher, AEAD or MAC algorithm based on the SM4 block cipher.
#define PSA_KEY_TYPE_SM4 ((psa_key_type_t)0x2405)
For algorithms except the XTS block cipher mode, the SM4 key size is 128 bits (16 bytes).
For the XTS block cipher mode (PSA_ALG_XTS
), the SM4 key size is 256 bits (two 16byte keys).
The SM4 block cipher is defined in GM/T 00022012: SM4 block cipher algorithm [CSTC0002] (English version [CSTC0002/E]).
Compatible algorithms
PSA_KEY_TYPE_ARC4
(macro)
Key for the ARC4 stream cipher.
#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x2002)
Warning
The ARC4 cipher is weak and deprecated and is only recommended for use in legacy protocols.
The ARC4 cipher supports key sizes between 40 and 2048 bits, that are multiples of 8. (5 to 256 bytes)
Use algorithm PSA_ALG_STREAM_CIPHER
to use this key with the ARC4 cipher.
Compatible algorithms
PSA_KEY_TYPE_CHACHA20
(macro)
Key for the ChaCha20 stream cipher or the ChaCha20Poly1305 AEAD algorithm.
#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x2004)
The ChaCha20 key size is 256 bits (32 bytes).
 Use algorithm
PSA_ALG_STREAM_CIPHER
to use this key with the ChaCha20 cipher for unauthenticated encryption. SeePSA_ALG_STREAM_CIPHER
for details of this algorithm.  Use algorithm
PSA_ALG_CHACHA20_POLY1305
to use this key with the ChaCha20 cipher and Poly1305 authenticator for AEAD. SeePSA_ALG_CHACHA20_POLY1305
for details of this algorithm.
Compatible algorithms
9.2.4. RSA keys
PSA_KEY_TYPE_RSA_KEY_PAIR
(macro)
RSA key pair: both the private and public key.
#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x7001)
The size of an RSA key is the bit size of the modulus.
Compatible algorithms
PSA_KEY_TYPE_RSA_PUBLIC_KEY
(macro)
RSA public key.
#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x4001)
The size of an RSA key is the bit size of the modulus.
Compatible algorithms
PSA_ALG_RSA_OAEP
(encryption only)PSA_ALG_RSA_PKCS1V15_CRYPT
(encryption only)PSA_ALG_RSA_PKCS1V15_SIGN
(signature verification only)PSA_ALG_RSA_PKCS1V15_SIGN_RAW
(signature verification only)PSA_ALG_RSA_PSS
(signature verification only)PSA_ALG_RSA_PSS_ANY_SALT
(signature verification only)PSA_KEY_TYPE_IS_RSA
(macro)
Whether a key type is an RSA key. This includes both key pairs and public keys.
#define PSA_KEY_TYPE_IS_RSA(type) /* specificationdefined value */
Parameters

type
 A key type: a value of type
psa_key_type_t
.
9.2.5. Elliptic Curve keys
psa_ecc_family_t
(type)
The type of PSA elliptic curve family identifiers.
typedef uint8_t psa_ecc_family_t;
The curve identifier is required to create an ECC key using the PSA_KEY_TYPE_ECC_KEY_PAIR()
or PSA_KEY_TYPE_ECC_PUBLIC_KEY()
macros.
The specific ECC curve within a family is identified by the key_bits
attribute of the key.
The range of Elliptic curve family identifier values is divided as follows:
0
x00
– 0
x7f
 ECC family identifiers defined by this standard. Unallocated values in this range are reserved for future use.
0
x80
– 0
xff
 Implementations that define additional families must use an encoding in this range.
PSA_KEY_TYPE_ECC_KEY_PAIR
(macro)
Elliptic curve key pair: both the private and public key.
#define PSA_KEY_TYPE_ECC_KEY_PAIR(curve) /* specificationdefined value */
Parameters

curve
 A value of type
psa_ecc_family_t
that identifies the ECC curve family to be used.
Description
The size of an elliptic curve key is the bit size associated with the curve, that is, the bit size of q for a curve over a field F_{q}. See the documentation of each Elliptic curve family for details.
Compatible algorithms
Elliptic curve key pairs can be used in Asymmetric signature and Key agreement algorithms.
The set of compatible algorithms depends on the Elliptic curve key family. See the Elliptic curve family for details.
PSA_KEY_TYPE_ECC_PUBLIC_KEY
(macro)
Elliptic curve public key.
#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve) /* specificationdefined value */
Parameters

curve
 A value of type
psa_ecc_family_t
that identifies the ECC curve family to be used.
Description
The size of an elliptic curve public key is the same as the corresponding private key. See PSA_KEY_TYPE_ECC_KEY_PAIR()
and the documentation of each Elliptic curve family for details.
Compatible algorithms
Elliptic curve public keys can be used for verification in Asymmetric signature algorithms.
The set of compatible algorithms depends on the Elliptic curve key family. See each Elliptic curve family for details.
PSA_ECC_FAMILY_SECP_K1
(macro)
SEC Koblitz curves over prime fields.
#define PSA_ECC_FAMILY_SECP_K1 ((psa_ecc_family_t) 0x17)
This family comprises the following curves:
 secp192k1 :
key_bits = 192
 secp224k1 :
key_bits = 225
 secp256k1 :
key_bits = 256
They are defined in SEC 2: Recommended Elliptic Curve Domain Parameters [SEC2].
Compatible algorithms
PSA_ECC_FAMILY_SECP_R1
(macro)
SEC random curves over prime fields.
#define PSA_ECC_FAMILY_SECP_R1 ((psa_ecc_family_t) 0x12)
This family comprises the following curves:
 secp192r1 :
key_bits = 192
 secp224r1 :
key_bits = 224
 secp256r1 :
key_bits = 256
 secp384r1 :
key_bits = 384
 secp521r1 :
key_bits = 521
They are defined in [SEC2].
Compatible algorithms
PSA_ECC_FAMILY_SECP_R2
(macro)
Warning
This family of curves is weak and deprecated.
#define PSA_ECC_FAMILY_SECP_R2 ((psa_ecc_family_t) 0x1b)
This family comprises the following curves:
 secp160r2 :
key_bits = 160
(Deprecated)
It is defined in the superseded SEC 2: Recommended Elliptic Curve Domain Parameters, Version 1.0 [SEC2v1].
Compatible algorithms
PSA_ECC_FAMILY_SECT_K1
(macro)
SEC Koblitz curves over binary fields.
#define PSA_ECC_FAMILY_SECT_K1 ((psa_ecc_family_t) 0x27)
This family comprises the following curves:
 sect163k1 :
key_bits = 163
(Deprecated)  sect233k1 :
key_bits = 233
 sect239k1 :
key_bits = 239
 sect283k1 :
key_bits = 283
 sect409k1 :
key_bits = 409
 sect571k1 :
key_bits = 571
They are defined in [SEC2].
Warning
The 163bit curve sect163k1 is weak and deprecated and is only recommended for use in legacy protocols.
Compatible algorithms
PSA_ECC_FAMILY_SECT_R1
(macro)
SEC random curves over binary fields.
#define PSA_ECC_FAMILY_SECT_R1 ((psa_ecc_family_t) 0x22)
This family comprises the following curves:
 sect163r1 :
key_bits = 163
(Deprecated)  sect233r1 :
key_bits = 233
 sect283r1 :
key_bits = 283
 sect409r1 :
key_bits = 409
 sect571r1 :
key_bits = 571
They are defined in [SEC2].
Warning
The 163bit curve sect163r1 is weak and deprecated and is only recommended for use in legacy protocols.
Compatible algorithms
PSA_ECC_FAMILY_SECT_R2
(macro)
SEC additional random curves over binary fields.
#define PSA_ECC_FAMILY_SECT_R2 ((psa_ecc_family_t) 0x2b)
This family comprises the following curves:
 sect163r2 :
key_bits = 163
(Deprecated)
It is defined in [SEC2].
Warning
The 163bit curve sect163r2 is weak and deprecated and is only recommended for use in legacy protocols.
Compatible algorithms
PSA_ECC_FAMILY_BRAINPOOL_P_R1
(macro)
Brainpool P random curves.
#define PSA_ECC_FAMILY_BRAINPOOL_P_R1 ((psa_ecc_family_t) 0x30)
This family comprises the following curves:
 brainpoolP160r1 :
key_bits = 160
(Deprecated)  brainpoolP192r1 :
key_bits = 192
 brainpoolP224r1 :
key_bits = 224
 brainpoolP256r1 :
key_bits = 256
 brainpoolP320r1 :
key_bits = 320
 brainpoolP384r1 :
key_bits = 384
 brainpoolP512r1 :
key_bits = 512
They are defined in Elliptic Curve Cryptography (ECC) Brainpool Standard Curves and Curve Generation [RFC5639].
Warning
The 160bit curve brainpoolP160r1 is weak and deprecated and is only recommended for use in legacy protocols.
Compatible algorithms
PSA_ECC_FAMILY_FRP
(macro)
Curve used primarily in France and elsewhere in Europe.
#define PSA_ECC_FAMILY_FRP ((psa_ecc_family_t) 0x33)
This family comprises one 256bit curve:
 FRP256v1 :
key_bits = 256
This is defined by Publication d'un paramétrage de courbe elliptique visant des applications de passeport électronique et de l'administration électronique française [FRP].
Compatible algorithms
PSA_ECC_FAMILY_MONTGOMERY
(macro)
Montgomery curves.
#define PSA_ECC_FAMILY_MONTGOMERY ((psa_ecc_family_t) 0x41)
This family comprises the following Montgomery curves:
 Curve25519 :
key_bits = 255
 Curve448 :
key_bits = 448
Curve25519 is defined in Curve25519: new DiffieHellman speed records [Curve25519]. Curve448 is defined in Ed448Goldilocks, a new elliptic curve [Curve448].
Compatible algorithms
PSA_ALG_ECDH
(key pair only)PSA_ECC_FAMILY_TWISTED_EDWARDS
(macro)
Twisted Edwards curves.
#define PSA_ECC_FAMILY_TWISTED_EDWARDS ((psa_ecc_family_t) 0x42)
This family comprises the following twisted Edwards curves:
 Edwards25519 :
key_bits = 255
. This curve is birationally equivalent to Curve25519.  Edwards448 :
key_bits = 448
. This curve is birationally equivalent to Curve448.
Edwards25519 is defined in Twisted Edwards curves [Ed25519]. Edwards448 is defined in Ed448Goldilocks, a new elliptic curve [Curve448].
Compatible algorithms
PSA_KEY_TYPE_IS_ECC
(macro)
Whether a key type is an elliptic curve key, either a key pair or a public key.
#define PSA_KEY_TYPE_IS_ECC(type) /* specificationdefined value */
Parameters

type
 A key type: a value of type
psa_key_type_t
.
PSA_KEY_TYPE_IS_ECC_KEY_PAIR
(macro)
Whether a key type is an elliptic curve key pair.
#define PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type) /* specificationdefined value */
Parameters

type
 A key type: a value of type
psa_key_type_t
.
PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY
(macro)
Whether a key type is an elliptic curve public key.
#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) /* specificationdefined value */
Parameters

type
 A key type: a value of type
psa_key_type_t
.
PSA_KEY_TYPE_ECC_GET_FAMILY
(macro)
Extract the curve family from an elliptic curve key type.
#define PSA_KEY_TYPE_ECC_GET_FAMILY(type) /* specificationdefined value */
Parameters

type
 An elliptic curve key type: a value of type
psa_key_type_t
such thatPSA_KEY_TYPE_IS_ECC
(
type
)
is true.
Returns: psa_ecc_family_t
The elliptic curve family id, if type
is a supported elliptic curve key. Unspecified if type
is not a supported elliptic curve key.
9.2.6. Diffie Hellman keys
psa_dh_family_t
(type)
The type of PSA finitefield DiffieHellman group family identifiers.
typedef uint8_t psa_dh_family_t;
The group family identifier is required to create a finitefield DiffieHellman key using the PSA_KEY_TYPE_DH_KEY_PAIR()
or PSA_KEY_TYPE_DH_PUBLIC_KEY()
macros.
The specific DiffieHellman group within a family is identified by the key_bits
attribute of the key.
The range of DiffieHellman group family identifier values is divided as follows:
0
x00
– 0
x7f
 DH group family identifiers defined by this standard. Unallocated values in this range are reserved for future use.
0
x80
– 0
xff
 Implementations that define additional families must use an encoding in this range.
PSA_KEY_TYPE_DH_KEY_PAIR
(macro)
Finitefield DiffieHellman key pair: both the private key and public key.
#define PSA_KEY_TYPE_DH_KEY_PAIR(group) /* specificationdefined value */
Parameters

group
 A value of type
psa_dh_family_t
that identifies the DiffieHellman group family to be used.
Compatible algorithms
PSA_KEY_TYPE_DH_PUBLIC_KEY
(macro)
Finitefield DiffieHellman public key.
#define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) /* specificationdefined value */
Parameters

group
 A value of type
psa_dh_family_t
that identifies the DiffieHellman group family to be used.
Compatible algorithms
None. Finitefield DiffieHellman public keys are exported to use in a key agreement algorithm, and the peer key is provided to the PSA_ALG_FFDH
key agreement algorithm as a buffer of key data.
PSA_DH_FAMILY_RFC7919
(macro)
Finitefield DiffieHellman groups defined for TLS in RFC 7919.
#define PSA_DH_FAMILY_RFC7919 ((psa_dh_family_t) 0x03)
This family includes groups with the following key sizes (in bits): 2048, 3072, 4096, 6144, 8192. An implementation can support all of these sizes or only a subset.
Keys is this group can only be used with the PSA_ALG_FFDH
key agreement algorithm.
These groups are defined by Negotiated Finite Field DiffieHellman Ephemeral Parameters for Transport Layer Security (TLS) [RFC7919] Appendix A.
PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY
(macro)
The key pair type corresponding to a public key type.
#define PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type) \ /* specificationdefined value */
Parameters

type
 A public key type or key pair type.
Returns
The corresponding key pair type. If type
is not a public key or a key pair, the return value is undefined.
Description
If type
is a key pair type, it will be left unchanged.
PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR
(macro)
The public key type corresponding to a key pair type.
#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) \ /* specificationdefined value */
Parameters

type
 A public key type or key pair type.
Returns
The corresponding public key type. If type
is not a public key or a key pair, the return value is undefined.
Description
If type
is a public key type, it will be left unchanged.
PSA_KEY_TYPE_IS_DH
(macro)
Whether a key type is a DiffieHellman key, either a key pair or a public key.
#define PSA_KEY_TYPE_IS_DH(type) /* specificationdefined value */
Parameters

type
 A key type: a value of type
psa_key_type_t
.
PSA_KEY_TYPE_IS_DH_KEY_PAIR
(macro)
Whether a key type is a DiffieHellman key pair.
#define PSA_KEY_TYPE_IS_DH_KEY_PAIR(type) /* specificationdefined value */
Parameters

type
 A key type: a value of type
psa_key_type_t
.
PSA_KEY_TYPE_IS_DH_PUBLIC_KEY
(macro)
Whether a key type is a DiffieHellman public key.
#define PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) /* specificationdefined value */
Parameters

type
 A key type: a value of type
psa_key_type_t
.
PSA_KEY_TYPE_DH_GET_FAMILY
(macro)
Extract the group family from a DiffieHellman key type.
#define PSA_KEY_TYPE_DH_GET_FAMILY(type) /* specificationdefined value */
Parameters

type
 A DiffieHellman key type: a value of type
psa_key_type_t
such thatPSA_KEY_TYPE_IS_DH
(
type
)
is true.
Returns: psa_dh_family_t
The DiffieHellman group family id, if type
is a supported DiffieHellman key. Unspecified if type
is not a supported DiffieHellman key.
9.2.7. Attribute accessors
psa_set_key_type
(function)
Declare the type of a key.
void psa_set_key_type(psa_key_attributes_t * attributes, psa_key_type_t type);
Parameters

attributes
 The attribute object to write to.

type
 The key type to write. If this is
PSA_KEY_TYPE_NONE
, the key type inattributes
becomes unspecified.
Returns: void
Description
This function overwrites any key type previously set in attributes
.
Implementation note
This is a simple accessor function that is not required to validate its inputs. It can be efficiently implemented as a static inline
function or a functionlikemacro.
psa_get_key_type
(function)
Retrieve the key type from key attributes.
psa_key_type_t psa_get_key_type(const psa_key_attributes_t * attributes);
Parameters

attributes
 The key attribute object to query.
Returns: psa_key_type_t
The key type stored in the attribute object.
Description
Implementation note
This is a simple accessor function that is not required to validate its inputs. It can be efficiently implemented as a static inline
function or a functionlikemacro.
psa_get_key_bits
(function)
Retrieve the key size from key attributes.
size_t psa_get_key_bits(const psa_key_attributes_t * attributes);
Parameters

attributes
 The key attribute object to query.
Returns: size_t
The key size stored in the attribute object, in bits.
Description
Implementation note
This is a simple accessor function that is not required to validate its inputs. It can be efficiently implemented as a static inline
function or a functionlikemacro.
psa_set_key_bits
(function)
Declare the size of a key.
void psa_set_key_bits(psa_key_attributes_t * attributes, size_t bits);
Parameters

attributes
 The attribute object to write to.

bits
 The key size in bits. If this is
0
, the key size inattributes
becomes unspecified. Keys of size0
are not supported.
Returns: void
Description
This function overwrites any key size previously set in attributes
.
Implementation note
This is a simple accessor function that is not required to validate its inputs. It can be efficiently implemented as a static inline
function or a functionlikemacro.