You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: doc/crypto/api/keys/management.rst
+10-3Lines changed: 10 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -183,7 +183,7 @@ When creating a key, the attributes for the new key are specified in a `psa_key_
183
183
184
184
* For RSA keys (`PSA_KEY_TYPE_RSA_KEY_PAIR`), the public exponent is 65537. The modulus is a product of two probabilistic primes between :math:`2^{n-1}` and :math:`2^n` where :math:`n` is the bit size specified in the attributes.
185
185
186
-
If an application requires bounded execution when generating a key, it can use an interruptible key generation operation.
186
+
If an application requires bounded execution when generating a key, the implementation might provide support for interruptible key generation.
187
187
See :secref:`interruptible-generate-key`.
188
188
189
189
.. function:: psa_copy_key
@@ -584,7 +584,11 @@ Interruptible key generation
584
584
Generation of some key types can be computationally expensive.
585
585
For example, RSA keys, and elliptic curve public keys.
586
586
587
-
An interruptible key generation operation can be used instead of calling `psa_generate_key()`, in applications that have bounded execution requirements for use cases that require key generation.
587
+
For such keys, an interruptible key generation operation can be used instead of calling `psa_generate_key()`, in applications that have bounded execution requirements for use cases that require key generation.
588
+
589
+
.. note::
590
+
An implementation of the |API| does not need to provide incremental generation for all key types supported by the implementation.
591
+
Use `psa_generate_key()` to create keys for types that do not need to be incrementally generated.
588
592
589
593
An interruptible key generation operation is used as follows:
590
594
@@ -698,7 +702,10 @@ An interruptible key generation operation is used as follows:
698
702
.. retval:: PSA_ERROR_ALREADY_EXISTS
699
703
This is an attempt to create a persistent key, and there is already a persistent key with the given identifier.
700
704
.. retval:: PSA_ERROR_NOT_SUPPORTED
701
-
The key attributes, as a whole, are not supported, either by the implementation in general or in the specified storage location.
705
+
The following conditions can result in this error:
706
+
707
+
* The implementation does not support incremental generation of the requested key type.
708
+
* The key attributes, as a whole, are not supported, either by the implementation in general or in the specified storage location.
702
709
.. retval:: PSA_ERROR_INVALID_ARGUMENT
703
710
The following conditions can result in this error:
0 commit comments