Tool/software:
Hello,
My environment is as follows:
Board: CC2745R10-Q1
Debugger: XDS110
SDK: SimpleLink Lowpower f3 ver.9.10.00.83
IDE: IAR Embedded Workbench for ARM 9.60.3.7274
I'm considering storing my keys in an HSM.
In the test code below,
I set the second argument of psa_set_key_lifetime to PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_HSM_ASSET_STORE, PSA_KEY_LOCATION_LOCAL_STORAGE).
When I debug it, psa_import_key returned error code -135.
When I set the second argument of psa_set_key_lifetime to PSA_KEY_LIFETIME_PERSISTENT, psa_import_key completed successfully.
Could you explain why the -135 error code is returned?
Also, if possible, please tell me how to resolve this issue.
#define KEY_HSM_LIFETIME PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_HSM_ASSET_STORE, PSA_KEY_LOCATION_LOCAL_STORAGE) static void vos_store_test( void ) { uint8_t u1t_Key16Data[16] = {0x00, 0xBF, 0x85, 0x49, 0xC3, 0x79, 0xE4, 0x04, 0xED, 0xA1, 0x08, 0xA5, 0x51, 0xF8, 0x36, 0x23}; psa_key_id_t key_id = PSA_KEY_ID_USER_MIN; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; int_fast16_t s2s_status; s2s_status = psa_crypto_init(); if (s2s_status != PSA_SUCCESS) { while(1); } s2s_status = HSMLPF3_provisionHUK(); if (s2s_status != HSMLPF3_STATUS_SUCCESS) { while(1); } psa_set_key_id(&attributes, key_id); psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); psa_set_key_usage_flags(&attributes, (PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT)); psa_set_key_algorithm(&attributes, PSA_ALG_CCM); psa_set_key_lifetime(&attributes, KEY_HSM_LIFETIME); psa_set_key_bits(&attributes, 128); s2s_status = psa_import_key(&attributes, u1t_Key16Data, sizeof(u1t_Key16Data), &key_id); if (s2s_status != PSA_SUCCESS) { while(1); } psa_reset_key_attributes(&attributes); psa_destroy_key(key_id); }
Best,