You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: doc/crypto/api/keys/management.rst
+10-3Lines changed: 10 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -159,7 +159,7 @@ When creating a key, the attributes for the new key are specified in a `psa_key_
159
159
160
160
* For RSA keys (`PSA_KEY_TYPE_RSA_KEY_PAIR`), the public exponent is 65537. The modulus is a product of two probabilistic primes between :math:`2^{n-1}` and :math:`2^n` where :math:`n` is the bit size specified in the attributes.
161
161
162
-
If an application requires bounded execution when generating a key, it can use an interruptible key generation operation.
162
+
If an application requires bounded execution when generating a key, the implementation might provide support for interruptible key generation.
163
163
See :secref:`interruptible-generate-key`.
164
164
165
165
.. function:: psa_copy_key
@@ -545,7 +545,11 @@ Interruptible key generation
545
545
Generation of some key types can be computationally expensive.
546
546
For example, RSA keys, and elliptic curve public keys.
547
547
548
-
An interruptible key generation operation can be used instead of calling `psa_generate_key()`, in applications that have bounded execution requirements for use cases that require key generation.
548
+
For such keys, an interruptible key generation operation can be used instead of calling `psa_generate_key()`, in applications that have bounded execution requirements for use cases that require key generation.
549
+
550
+
.. note::
551
+
An implementation of the |API| does not need to provide incremental generation for all key types supported by the implementation.
552
+
Use `psa_generate_key()` to create keys for types that do not need to be incrementally generated.
549
553
550
554
An interruptible key generation operation is used as follows:
551
555
@@ -659,7 +663,10 @@ An interruptible key generation operation is used as follows:
659
663
.. retval:: PSA_ERROR_ALREADY_EXISTS
660
664
This is an attempt to create a persistent key, and there is already a persistent key with the given identifier.
661
665
.. retval:: PSA_ERROR_NOT_SUPPORTED
662
-
The key attributes, as a whole, are not supported, either by the implementation in general or in the specified storage location.
666
+
The following conditions can result in this error:
667
+
668
+
* The implementation does not support incremental generation of the requested key type.
669
+
* The key attributes, as a whole, are not supported, either by the implementation in general or in the specified storage location.
663
670
.. retval:: PSA_ERROR_INVALID_ARGUMENT
664
671
The following conditions can result in this error:
0 commit comments