Remove lifetime parameter from psa_open_key

Change the scope of key identifiers to be global, rather than per lifetime. As a result, you now need to specify the lifetime of a key only when creating it.
2025-07-29 11:41:15 +03:00 · 2019-05-06 18:44:55 +02:00
parent ee32cd4af6
commit 225010fdf7
7 changed files with 37 additions and 44 deletions
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@ -512,9 +512,6 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes);
 *
 * Open a handle to a key which was previously created with psa_create_key().
 *
- * \param lifetime      The lifetime of the key. This designates a storage
- *                      area where the key material is stored. This must not
- *                      be #PSA_KEY_LIFETIME_VOLATILE.
 * \param id            The persistent identifier of the key.
 * \param[out] handle   On success, a handle to a key slot which contains
 *                      the data and metadata loaded from the specified
@ -526,19 +523,16 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes);
 * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
 * \retval #PSA_ERROR_DOES_NOT_EXIST
 * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \p lifetime is invalid, for example #PSA_KEY_LIFETIME_VOLATILE.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \p id is invalid for the specified lifetime.
- * \retval #PSA_ERROR_NOT_SUPPORTED
- *         \p lifetime is not supported.
+ *         \p id is invalid.
 * \retval #PSA_ERROR_NOT_PERMITTED
 *         The specified key exists, but the application does not have the
 *         permission to access it. Note that this specification does not
 *         define any way to create such a key, but it may be possible
 *         through implementation-specific means.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_STORAGE_FAILURE
 */
-psa_status_t psa_open_key(psa_key_lifetime_t lifetime,
-                          psa_key_id_t id,
+psa_status_t psa_open_key(psa_key_id_t id,
                          psa_key_handle_t *handle);

 /** Close a key handle.
--- a/include/psa/crypto_types.h
+++ b/include/psa/crypto_types.h
@ -85,6 +85,19 @@ typedef uint32_t psa_algorithm_t;
 */

 /** Encoding of key lifetimes.
+ *
+ * The lifetime of a key indicates where it is stored and what system actions
+ * may create and destroy it.
+ *
+ * Keys with the lifetime #PSA_KEY_LIFETIME_VOLATILE are automatically
+ * destroyed when the application terminates or on a power reset.
+ *
+ * Keys with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE are said
+ * to be _persistent_.
+ * Persistent keys are preserved if the application or the system restarts.
+ * Persistent keys have a key identifier of type #psa_key_id_t.
+ * The application can call psa_open_key() to open a persistent key that
+ * it created previously.
 */
 typedef uint32_t psa_key_lifetime_t;