MCUX CLNS
MCUX Crypto Library Normal Secure
 
Loading...
Searching...
No Matches
mcuxClEls_Rng_Functions

Defines all functions of mcuxClEls_Rng. More...

Functions

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Rng_DrbgRequest_Async (uint8_t *pOutput, size_t outputLength)
 Writes random data from the ELS DRBG to the given buffer.
 
MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Rng_DrbgTestInstantiate_Async (uint8_t const *pEntropy)
 Instantiates the DRBG in test mode.
 
MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Rng_DrbgTestExtract_Async (uint8_t *pOutput, size_t outputLength)
 Performs a DRBG extraction.
 
MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Rng_DrbgTestAesEcb_Async (uint8_t const *pDataKey, uint8_t *pOutput)
 Encrypts data using the AES-ECB engine of the DRBG.
 
MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Rng_DrbgTestAesCtr_Async (uint8_t const *pData, size_t dataLength, uint8_t const *pIvKey, uint8_t *pOutput)
 Encrypts data using the AES-CTR engine of the DRBG.
 
MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Rng_Dtrng_ConfigLoad_Async (uint8_t const *pInput)
 Loads a configuration of the ELS DTRNG.
 
MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Rng_Dtrng_ConfigEvaluate_Async (uint8_t const *pInput, uint8_t *pOutput)
 Performs characterization of the ELS DTRNG.
 
MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Prng_GetRandomWord (uint32_t *pWord)
 Returns one random word from the ELS PRNG.
 
MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Prng_GetRandom (uint8_t *pOutput, size_t outputLength)
 Writes random data from the ELS PRNG to the given buffer.
 

Detailed Description

Defines all functions of mcuxClEls_Rng.

Function Documentation

◆ mcuxClEls_Rng_DrbgRequest_Async()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Rng_DrbgRequest_Async ( uint8_t *  pOutput,
size_t  outputLength 
)

Writes random data from the ELS DRBG to the given buffer.

This function fills a buffer with random values from the DRBG. The DRBG provides 128 bits of security strength.

Before execution, ELS will wait until mcuxClEls_HwState_t.drbgentlvl == MCUXCLELS_STATUS_DRBGENTLVL_HIGH. This can lead to a delay if the DRBG is in a state with less security strength at the time of the call.

If the random values from the DRBG are later used as a cryptographic key, the security strength of the cryptographic operation using the generated key should not exceed that of the DRBG.

To name a few examples, this means (as per NIST SP 800-57 Part 1 Rev. 5):

  • AES-192 or AES-256 keys generated with this function will provide only 128 bits of security strength
  • RSA keys longer than 3072 bits will provide only 128 bits of security strength
  • ECC keys longer than 383 bits will provide only 128 bits of security strength

Call mcuxClEls_WaitForOperation to complete the operation.

Parameters
[out]pOutputPointer to the beginning of the memory area to fill with random data
[in]outputLengthNumber of requested random bytes
Parameter properties
outputLength
supported values are MCUXCLELS_RNG_DRBG_TEST_EXTRACT_OUTPUT_MIN_SIZE bytes up to MCUXCLELS_RNG_DRBG_TEST_EXTRACT_OUTPUT_MAX_SIZE bytes. The size must be a multiple of 4.
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_SW_FAULTin case of an internal error
MCUXCLELS_STATUS_OK_WAITon successful request

◆ mcuxClEls_Rng_DrbgTestInstantiate_Async()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Rng_DrbgTestInstantiate_Async ( uint8_t const *  pEntropy)

Instantiates the DRBG in test mode.

This function is a support function for FIPS CAVP testing. This function turns the ELS internal DRBG in test mode by loading known entropy from system memory. Call mcuxClEls_WaitForOperation to complete the operation. Note that this function will alter the ELS internal entropy state which needs to be updated by the TRNG to use the DRBG in normal mode. The update process is majorly impacted by the time the TRNG needs to provide fresh entropy.

Parameters
[in]pEntropyPointer to the input entropy data
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request

◆ mcuxClEls_Rng_DrbgTestExtract_Async()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Rng_DrbgTestExtract_Async ( uint8_t *  pOutput,
size_t  outputLength 
)

Performs a DRBG extraction.

This function is a support function for FIPS CAVP testing. This function mimics the behavior of mcuxClEls_Rng_DrbgRequest_Async and fills a buffer with random data when DRBG is in test mode. Call mcuxClEls_WaitForOperation to complete the operation. Note that this function will alter the ELS internal entropy state which needs to be updated by the TRNG to use the DRBG in normal mode. The update process is majorly impacted by the time the TRNG needs to provide fresh entropy.

Attention
mcuxClEls_Rng_DrbgTestInstantiate_Async must be called prior to this function.
Parameters
[out]pOutputPointer to the output random number
[in]outputLengthLength of the random number
Parameter properties
outputLength
supported values are MCUXCLELS_RNG_DRBG_TEST_EXTRACT_OUTPUT_MIN_SIZE bytes up to MCUXCLELS_RNG_DRBG_TEST_EXTRACT_OUTPUT_MAX_SIZE bytes. The size must be a multiple of 4.
Returns
An error code (see MCUXCLELS_STATUS_)
Return values
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request

◆ mcuxClEls_Rng_DrbgTestAesEcb_Async()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Rng_DrbgTestAesEcb_Async ( uint8_t const *  pDataKey,
uint8_t *  pOutput 
)

Encrypts data using the AES-ECB engine of the DRBG.

This function is a support function for FIPS CAVP testing. This function performs an AES-ECB encryption on system data to evaluate the encryption engine of the DRBG. Call mcuxClEls_WaitForOperation to complete the operation. Note that this function will alter the ELS internal entropy state which needs to be updated by the TRNG to use the DRBG in normal mode. The update process is majorly impacted by the time the TRNG needs to provide fresh entropy.

Parameters
[in]pDataKeyPointer to the data and key
[out]pOutputPointer to the encrypted output
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request

◆ mcuxClEls_Rng_DrbgTestAesCtr_Async()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Rng_DrbgTestAesCtr_Async ( uint8_t const *  pData,
size_t  dataLength,
uint8_t const *  pIvKey,
uint8_t *  pOutput 
)

Encrypts data using the AES-CTR engine of the DRBG.

This function is a support function for FIPS CAVP testing. This function performs an AES-CTR encryption on system data to evaluate the encryption engine of the DRBG in test mode. Call mcuxClEls_WaitForOperation to complete the operation. Note that this function will alter the ELS internal entropy state which needs to be updated by the TRNG to use the DRBG in normal mode. The update process is majorly impacted by the time the TRNG needs to provide fresh entropy.

Parameters
[in]pDataPointer to the data to be encrypted
[in]dataLengthLength of the data to be encrypted
[in]pIvKeyPointer to the IV and key
[out]pOutputPointer to the encrypted output
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request

◆ mcuxClEls_Rng_Dtrng_ConfigLoad_Async()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Rng_Dtrng_ConfigLoad_Async ( uint8_t const *  pInput)

Loads a configuration of the ELS DTRNG.

This function overwrites the default DTRNG configuration in order to optimize or fine tune the DTRNG entropy gathering process. Call mcuxClEls_WaitForOperation to complete the operation. Note that the TRNG configuration set by this function is non-persistent and any reset of the ELS (e.g. a power-cycle or calling mcuxClEls_Reset_Async) will resets the DTRNG configuration to its default value.

Parameters
[in]pInputThe pointer to DTRNG initialization data
Parameter properties
pInput
The size is MCUXCLELS_RNG_DTRNG_CONFIG_SIZE bytes.
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request

◆ mcuxClEls_Rng_Dtrng_ConfigEvaluate_Async()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Rng_Dtrng_ConfigEvaluate_Async ( uint8_t const *  pInput,
uint8_t *  pOutput 
)

Performs characterization of the ELS DTRNG.

This function evaluates a DTRNG configuration for device specific characterization. The configuration used for characterization has to be placed in system memory. Call mcuxClEls_WaitForOperation to complete the operation.

Attention
If this function is called once, all other ELS commands except mcuxClEls_Rng_Dtrng_ConfigEvaluate_Async are blocked until any reset of the ELS (e.g. a power-cycle or calling mcuxClEls_Reset_Async) is triggered.
Parameters
[in]pInputThe pointer to DTRNG initialization data
[out]pOutputThe pointer to the evaluation result
Parameter properties
pInput
The size is MCUXCLELS_RNG_DTRNG_EVAL_CONFIG_SIZE bytes.
pOutput
The size is MCUXCLELS_RNG_DTRNG_EVAL_RESULT_SIZE bytes.
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request

◆ mcuxClEls_Prng_GetRandomWord()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Prng_GetRandomWord ( uint32_t *  pWord)

Returns one random word from the ELS PRNG.

This function returns one low-quality random CPU word gathered from the PRNG.

Attention
PRNG has to be initialized prior to the first time calling this function.
Parameters
[out]pWordThe pointer to the random word
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_OKon successful request
MCUXCLELS_STATUS_HW_PRNGin case of insufficient entropy
Examples
mcuxClEls_Rng_Prng_Get_Random_example.c.

◆ mcuxClEls_Prng_GetRandom()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Prng_GetRandom ( uint8_t *  pOutput,
size_t  outputLength 
)

Writes random data from the ELS PRNG to the given buffer.

This function fills a buffer with low-quality random values gathered from the PRNG.

Attention
PRNG has to be initialized prior to the first time calling this function.
Parameters
[out]pOutputPointer to the beginning of the memory area to fill with random data from PRNG
[in]outputLengthSize of pOutput in bytes
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_OKon successful request
MCUXCLELS_STATUS_HW_PRNGin case of insufficient entropy
Examples
mcuxClEls_Rng_Prng_Get_Random_example.c, and mcuxClEls_Tls_Master_Key_Session_Keys_example.c.