MCUXpresso SDK API Reference Manual  Rev 2.15.000
NXP Semiconductors
 All Data Structures Functions Variables Typedefs Enumerations Enumerator Groups Pages
Functions
CAU3 Blob driver
CAU3

Overview

This section describes the programming interface of the CAU3 Blob driver.

Functions

status_t CAU3_KeyBlobUnwrap (CAU3_Type *base, cau3_key_slot_t keySlot, const uint8_t *keyBlob, uint32_t numberOfBlocks, cau3_key_slot_t dstContext)
 Perform an RFC3394 key blob unwrap. More...
 

Function Documentation

status_t CAU3_KeyBlobUnwrap ( CAU3_Type *  base,
cau3_key_slot_t  keySlot,
const uint8_t *  keyBlob,
uint32_t  numberOfBlocks,
cau3_key_slot_t  dstContext 
)

Perform an RFC3394 unwrap of an AES encrypted key blob. The unwrapped key blob is loaded into the specified key slot [1-3]. The initial special hardware KEK contained in key slot 0 is typically used for the unwrapping operation. The destination context number must be different than the keySlot used for unwrapping. Implements the algorithm at RFC 3394 to AES key unwrap. The current implementation allows to unwrap up to 512 bits, with the restriction of nblocks=2 or =4 or n=8(means it unwraps only 128bits, 256bits or two 256 bits keys (512)). It is allowed input key of 128 and 256bits only (passed using the keyslot). The function also assumes the CAU3_LoadSpecialKeyContext was called before. It returns error and clear the destination context in case parameters are not inside aceptable values. In case n>4 && n!=8 it clears both destination contexts (the dstContext and the adjacent/next context) In case of n=8, the first unwraped key will be stored in the dstContext slot, and the second key will be saved in the next context (E.g: if dstContext=1, then first key goes to slot 1 and second key to slot 2. If dstContext=3 then first key goes to slot 3 and second key goes to slot 1). Examples of n usage. E.g.: n = 2 means a unwraped key of 128 bits (2 * 64) E.g.: n = 4 means a unwraped key of 256 bits (4 * 64) E.g.: n = 8 means two unwraped keys of 256 bits (8 * 64)

The function is blocking, it uses the polling task done signaling.

Parameters
baseCAU3 peripheral base address
keySlotis the key used to unwrap the key blob [0-3]
keyBlob0-mod-4 aligned pointer is the RFC3394 wrapped key blob.
numberOfBlocksis the unwrapped keyBlob length as multiple of 64-bit blocks
dstContextis the destination key context for unwrapped blob [0-3]
Return values
statuscheck from task completion