MCUX CLNS
MCUX Crypto Library Normal Secure
 
Loading...
Searching...
No Matches
mcuxClEls_Ecc_Functions

Defines all functions of mcuxClEls_Ecc. More...

Functions

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_EccKeyGen_Async (mcuxClEls_EccKeyGenOption_t options, mcuxClEls_KeyIndex_t signingKeyIdx, mcuxClEls_KeyIndex_t privateKeyIdx, mcuxClEls_KeyProp_t generatedKeyProperties, uint8_t const *pRandomData, uint8_t *pPublicKey)
 Generates an ECC key pair on the NIST P-256 curve.
 
MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_EccKeyExchange_Async (mcuxClEls_KeyIndex_t privateKeyIdx, uint8_t const *pPublicKey, mcuxClEls_KeyIndex_t sharedSecretIdx, mcuxClEls_KeyProp_t sharedSecretProperties)
 Performs a Diffie-Hellman key exchange with an internal ECC private key and an external ECC public key.
 
MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_EccSign_Async (mcuxClEls_EccSignOption_t options, mcuxClEls_KeyIndex_t keyIdx, uint8_t const *pInputHash, uint8_t const *pInputMessage, size_t inputMessageLength, uint8_t *pOutput)
 Generates an ECDSA signature of a given message.
 
MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_EccVerify_Async (mcuxClEls_EccVerifyOption_t options, uint8_t const *pInputHash, uint8_t const *pInputMessage, size_t inputMessageLength, uint8_t const *pSignatureAndPubKey, uint8_t *pOutput)
 Verifies an ECDSA signature of a given message.
 

Detailed Description

Defines all functions of mcuxClEls_Ecc.

Function Documentation

◆ mcuxClEls_EccKeyGen_Async()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_EccKeyGen_Async ( mcuxClEls_EccKeyGenOption_t  options,
mcuxClEls_KeyIndex_t  signingKeyIdx,
mcuxClEls_KeyIndex_t  privateKeyIdx,
mcuxClEls_KeyProp_t  generatedKeyProperties,
uint8_t const *  pRandomData,
uint8_t *  pPublicKey 
)

Generates an ECC key pair on the NIST P-256 curve.

Before execution, ELS will wait until mcuxClEls_HwState_t.drbgentlvl == MCUXCLELS_STATUS_DRBGENTLVL_HIGH. This can lead to a delay if the DRBG is in a state with less security strength at the time of the call.

Call mcuxClEls_WaitForOperation to complete the operation. The public key will be stored in the standard ANSI X9.62 byte order (big-endian).

Parameters
[in]optionsThe command options. For more information, see mcuxClEls_EccKeyGenOption_t.
[in]signingKeyIdxThe index of the key to sign the generated public key.
[in]privateKeyIdxOutput key index.
[in]generatedKeyPropertiesThe desired key properties of the generated key.
[in]pRandomDataRandom data provided by the user.
[out]pPublicKeyPointer to the memory area which receives the public key and optionally the key signature.
Parameter properties
options.kgsign == MCUXCLELS_ECC_PUBLICKEY_SIGN_DISABLE
signingKeyIdx is ignored.
options.kgsrc == MCUXCLELS_ECC_OUTPUTKEY_DETERMINISTIC
privateKeyIdx also defines the key index of the source key material. The source key material will be overwritten by the output public key.
options.kgsign_rnd == MCUXCLELS_ECC_NO_RANDOM_DATA
pRandomData is ignored.
pPublicKey must be aligned on a 4-byte boundary.
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_INVALID_PARAMif invalid parameters were specified
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request
Examples
mcuxClEls_Ecc_Keygen_Sign_Verify_example.c, and mcuxClEls_Tls_Master_Key_Session_Keys_example.c.

◆ mcuxClEls_EccKeyExchange_Async()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_EccKeyExchange_Async ( mcuxClEls_KeyIndex_t  privateKeyIdx,
uint8_t const *  pPublicKey,
mcuxClEls_KeyIndex_t  sharedSecretIdx,
mcuxClEls_KeyProp_t  sharedSecretProperties 
)

Performs a Diffie-Hellman key exchange with an internal ECC private key and an external ECC public key.

Before execution, ELS will wait until mcuxClEls_HwState_t.drbgentlvl == MCUXCLELS_STATUS_DRBGENTLVL_LOW. This can lead to a delay if the DRBG is in a state with less security strength at the time of the call.

Call mcuxClEls_WaitForOperation to complete the operation. The public key must be stored in the standard ANSI X9.62 byte order (big-endian).

Parameters
[in]privateKeyIdxThe private key index.
[in]pPublicKeyPointer to the public key of a third party.
[in]sharedSecretIdxThe index in the ELS keystore that receives the shared secret that is generated by the ECDH operation.
[in]sharedSecretPropertiesThe desired key properties of the shared secret.
Parameter properties
pPublicKey
The public key consists of the 256-bit X coordinate and the 256-bit Y coordinate. The point must lie on the NIST P-256 curve, be encoded in X9.62 format and aligned on a 4-byte boundary.
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_INVALID_PARAMif invalid parameters were specified
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request
Examples
mcuxClEls_Tls_Master_Key_Session_Keys_example.c.

◆ mcuxClEls_EccSign_Async()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_EccSign_Async ( mcuxClEls_EccSignOption_t  options,
mcuxClEls_KeyIndex_t  keyIdx,
uint8_t const *  pInputHash,
uint8_t const *  pInputMessage,
size_t  inputMessageLength,
uint8_t *  pOutput 
)

Generates an ECDSA signature of a given message.

The curve is NIST P-256. The message hash, must be stored in the standard ANSI X9.62 format. If the message is provided in plain, no prior conversion is necessary. The signature will be stored in the standard ANSI X9.62 byte order (big-endian).

Before execution, ELS will wait until mcuxClEls_HwState_t.drbgentlvl == MCUXCLELS_STATUS_DRBGENTLVL_HIGH. This can lead to a delay if the DRBG is in a state with less security strength at the time of the call.

Call mcuxClEls_WaitForOperation to complete the operation.

Parameters
[in]optionsThe command options. For more information, see mcuxClEls_EccSignOption_t.
[in]keyIdxThe private key index.
[in]pInputHashThe hash of the message to sign in X9.62 format.
[in]pInputMessageThe message to sign.
[in]inputMessageLengthSize of pInputMessage in bytes.
[out]pOutputPointer to the memory area which receives the generated signature in X9.62 format. (64 bytes)
Parameter properties
options.echashchl == MCUXCLELS_ECC_HASHED
pInputHash is used, and it must be aligned on a 4-byte boundary. pInputMessage is ignored.
options.echashchl == MCUXCLELS_ECC_NOT_HASHED
pInputHash is ignored. pInputMessage and inputMessageLength are used.
pOptput must be aligned on a 4-byte boundary.
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_INVALID_PARAMif invalid parameters were specified
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request
Examples
mcuxClEls_Ecc_Keygen_Sign_Verify_example.c.

◆ mcuxClEls_EccVerify_Async()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_EccVerify_Async ( mcuxClEls_EccVerifyOption_t  options,
uint8_t const *  pInputHash,
uint8_t const *  pInputMessage,
size_t  inputMessageLength,
uint8_t const *  pSignatureAndPubKey,
uint8_t *  pOutput 
)

Verifies an ECDSA signature of a given message.

The curve is NIST P-256. The message hash, must be stored in the standard ANSI X9.62 format. If the message is provided in plain, no prior conversion is necessary. The signature and public key must be stored in the standard ANSI X9.62 byte order (big-endian).

Before execution, ELS will wait until mcuxClEls_HwState_t.drbgentlvl == MCUXCLELS_STATUS_DRBGENTLVL_LOW. This can lead to a delay if the DRBG is in a state with less security strength at the time of the call.

Call mcuxClEls_WaitForOperation to complete the operation.

Parameters
[in]optionsThe command options. For more information, see mcuxClEls_EccVerifyOption_t.
[in]pInputHashThe hash of the signed message in X9.62 format.
[in]pInputMessageThe message to sign.
[in]inputMessageLengthSize of pInputMessage in bytes.
[in]pSignatureAndPubKeyPointer to the memory area which contains the concatenation of the signature and the public key.
[out]pOutputPointer to the memory area which will receive the recalculated value of the R component in case of a successful signature verification.
Parameter properties
options.echashchl == MCUXCLELS_ECC_HASHED
pInputHash is used, and it must be aligned on a 4-byte boundary. pInputMessage is ignored.
options.echashchl == MCUXCLELS_ECC_NOT_HASHED
pInputHash is ignored. pInputMessage and inputMessageLength are used.
pSignatureAndPubKey
It must be aligned on a 4-byte boundary. The signature to be verified consists of the 256-bit R component and the 256-bit S component. The public key is the one for verification. (Uncompressed, X and Y components) The signature and the public key are in X9.62 format.
pOutput
It must be aligned on a 4-byte boundary. The output shall be compared to the first 32 bytes stored at pSignatureAndPublicKey.
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_INVALID_PARAMif invalid parameters were specified
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request
Examples
mcuxClEls_Ecc_Keygen_Sign_Verify_example.c.