8.2. PSA Crypto library

8.2.1. API version

PSA_CRYPTO_API_VERSION_MAJOR (macro)

The major version of this implementation of the PSA Crypto API.

#define PSA_CRYPTO_API_VERSION_MAJOR 1

PSA_CRYPTO_API_VERSION_MINOR (macro)

The minor version of this implementation of the PSA Crypto API.

#define PSA_CRYPTO_API_VERSION_MINOR 1

8.2.2. Library initialization

psa_crypto_init (function)

Library initialization.

psa_status_t psa_crypto_init(void);

Returns: psa_status_t

PSA_SUCCESS
Success.
PSA_ERROR_INSUFFICIENT_ENTROPY
PSA_ERROR_INSUFFICIENT_MEMORY
PSA_ERROR_COMMUNICATION_FAILURE
PSA_ERROR_CORRUPTION_DETECTED

Description

It is recommended that applications call this function before calling any other function in this module.

Applications are permitted to call this function more than once. Once a call succeeds, subsequent calls are guaranteed to succeed.

If the application calls any function that returns a psa_status_t result code before calling psa_crypto_init(), the following will occur:

  • If initialization of the library is essential for secure operation of the function, the implementation must return PSA_ERROR_BAD_STATE or other appropriate error.
  • If failure to initialize the library does not compromise the security of the function, the implementation must either provide the expected result for the function, or return PSA_ERROR_BAD_STATE or other appropriate error.

Note

The following scenarios are examples where an implementation can require that the library has been initialized by calling psa_crypto_init():

  • A client-server implementation, in which psa_crypto_init() establishes the communication with the server. No key management or cryptographic operation can be performed until this is done.
  • An implementation in which psa_crypto_init() initializes the random bit generator, and no operations that require the RNG can be performed until this is done. For example, random data, key, IV, or nonce generation; randomized signature or encryption; and algorithms that are implemented with blinding.

Warning

The set of functions that depend on successful initialization of the library is IMPLEMENTATION DEFINED. Applications that rely on calling functions before initializing the library might not be portable to other implementations.