 |
MCUXpresso SDK API Reference Manual
Rev. 0
NXP Semiconductors
|
|
MCUXpresso SDK API Reference Manual
Rev. 0
NXP Semiconductors
|
This section describes the programming interface of the CAU3 Blob driver.
Functions | |
| status_t | CAU3_KeyBlobUnwrap (CAU3_Type *base, cau3_key_slot_t keySlot, const uint8_t *keyBlob, uint32_t numberOfBlocks, cau3_key_slot_t dstContext) |
| Perform an RFC3394 key blob unwrap. More... | |
| status_t CAU3_KeyBlobUnwrap | ( | CAU3_Type * | base, |
| cau3_key_slot_t | keySlot, | ||
| const uint8_t * | keyBlob, | ||
| uint32_t | numberOfBlocks, | ||
| cau3_key_slot_t | dstContext | ||
| ) |
Perform an RFC3394 unwrap of an AES encrypted key blob. The unwrapped key blob is loaded into the specified key slot [1-3]. The initial special hardware KEK contained in key slot 0 is typically used for the unwrapping operation. The destination context number must be different than the keySlot used for unwrapping. Implements the algorithm at RFC 3394 to AES key unwrap. The current implementation allows to unwrap up to 512 bits, with the restriction of nblocks=2 or =4 or n=8(means it unwraps only 128bits, 256bits or two 256 bits keys (512)). It is allowed input key of 128 and 256bits only (passed using the keyslot). The function also assumes the CAU3_LoadSpecialKeyContext was called before. It returns error and clear the destination context in case parameters are not inside aceptable values. In case n>4 && n!=8 it clears both destination contexts (the dstContext and the adjacent/next context) In case of n=8, the first unwraped key will be stored in the dstContext slot, and the second key will be saved in the next context (E.g: if dstContext=1, then first key goes to slot 1 and second key to slot 2. If dstContext=3 then first key goes to slot 3 and second key goes to slot 1). Examples of n usage. E.g.: n = 2 means a unwraped key of 128 bits (2 * 64) E.g.: n = 4 means a unwraped key of 256 bits (4 * 64) E.g.: n = 8 means two unwraped keys of 256 bits (8 * 64)
The function is blocking, it uses the polling task done signaling.
| base | CAU3 peripheral base address |
| keySlot | is the key used to unwrap the key blob [0-3] |
| keyBlob | 0-mod-4 aligned pointer is the RFC3394 wrapped key blob. |
| numberOfBlocks | is the unwrapped keyBlob length as multiple of 64-bit blocks |
| dstContext | is the destination key context for unwrapped blob [0-3] |
| status | check from task completion |
