PsaRawKeyAgreement
Perform a key agreement and return the raw shared secret. Opcode: 19 (0x0013)
Parameters
| Name | Type | Description |
|---|---|---|
alg | RawKeyAgreement | The key agreement algorithm to compute |
private_key_name | String | Name of the private key to use |
peer_key | Vector of unsigned bytes | Public key of the peer |
private_key_namemust allow the usage flagderive.peer_keymust be in the same format that PsaImportKey accepts.
Results
| Name | Type | Description |
|---|---|---|
shared_secret | Vector of unsigned bytes | The raw shared secret |
Specific response status codes
PsaErrorNotPermitted: The key does not have thederiveusage flag, or does not permit the requested algorithm.PsaErrorInvalidArgument:private_key_nameis not compatible withalg, orpeer_key_nameis not valid foralgor not compatible withprivate_key_name.PsaErrorNotSupported:algis not a supported key agreement algorithm.
Description
Warning: The raw result of a key agreement algorithm such as finite-field Diffie-Hellman or elliptic curve Diffie-Hellman has biases, and is not suitable for use as key material. Instead it is recommended that the result is used as input to a key derivation algorithm. To chain a key agreement with a key derivation, use psa_key_derivation_key_agreement() and other functions from the key derivation interface.
Contract
Copyright 2020 Contributors to the Parsec project.