Type Alias esp_idf_sys::psa_key_persistence_t
source ยท pub type psa_key_persistence_t = u8;
Expand description
Encoding of key persistence levels.
What distinguishes different persistence levels is what device management events may cause keys to be destroyed. Volatile keys are destroyed by a power reset. Persistent keys may be destroyed by events such as a transfer of ownership or a factory reset. What management events actually affect persistent keys at different levels is outside the scope of the PSA Cryptography specification.
The PSA Cryptography specification defines the following values of persistence levels:
- \c 0 = #PSA_KEY_PERSISTENCE_VOLATILE: volatile key. A volatile key is automatically destroyed by the implementation when the application instance terminates. In particular, a volatile key is automatically destroyed on a power reset of the device.
- \c 1 = #PSA_KEY_PERSISTENCE_DEFAULT: persistent key with a default lifetime.
- \c 2-254: currently not supported by Mbed TLS.
- \c 255 = #PSA_KEY_PERSISTENCE_READ_ONLY: read-only or write-once key. A key with this persistence level cannot be destroyed. Mbed TLS does not currently offer a way to create such keys, but integrations of Mbed TLS can use it for built-in keys that the application cannot modify (for example, a hardware unique key (HUK)).
\note Key persistence levels are 8-bit values. Key management interfaces operate on lifetimes (type ::psa_key_lifetime_t) which encode the persistence as the lower 8 bits of a 32-bit value.
\note Values of this type are encoded in the persistent key store. Any changes to existing values will require bumping the storage format version and providing a translation when reading the old format.