MCUX CLNS
MCUX Crypto Library Normal Secure
mcuxClEls_Kdf_Functions

Defines all functions of mcuxClEls_Kdf. More...

Functions

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Hkdf_Rfc5869_Async (mcuxClEls_HkdfOption_t options, mcuxClEls_KeyIndex_t derivationKeyIdx, mcuxClEls_KeyIndex_t targetKeyIdx, mcuxClEls_KeyProp_t targetKeyProperties, uint8_t const *pDerivationData)
 Derives a key using the HKDF (HMAC-based key derivation function) according to RFC5869. More...
 
MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Hkdf_Sp80056c_Async (mcuxClEls_KeyIndex_t derivationKeyIdx, uint8_t *pTagetKey, uint8_t const *pDerivationData, size_t derivationDataLength)
 Derives a key using the HKDF (HMAC-based key derivation function) according to SP800-56C one-step approach with Sha2-256. More...
 
MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Ckdf_Sp800108_Async (mcuxClEls_KeyIndex_t derivationKeyIdx, mcuxClEls_KeyIndex_t targetKeyIdx, mcuxClEls_KeyProp_t targetKeyProperties, uint8_t const *pDerivationData)
 Derives a key using the NIST SP 800-108 CMAC-based Extract-and-Expand Key Derivation Function. More...
 
MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_TlsGenerateMasterKeyFromPreMasterKey_Async (uint8_t const *pDerivationData, mcuxClEls_KeyProp_t keyProperties, mcuxClEls_KeyIndex_t keyIdx)
 Generates a TLS master key based on a pre-master key and derivation data, according to the TLS 1.2 specification. More...
 
MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_TlsGenerateSessionKeysFromMasterKey_Async (uint8_t const *pDerivationData, mcuxClEls_KeyProp_t keyProperties, mcuxClEls_KeyIndex_t keyIdx)
 Generates TLS session keys based on a master key and derivation data, according to the TLS 1.2 specification. More...
 

Detailed Description

Defines all functions of mcuxClEls_Kdf.

Function Documentation

◆ mcuxClEls_Hkdf_Rfc5869_Async()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Hkdf_Rfc5869_Async ( mcuxClEls_HkdfOption_t  options,
mcuxClEls_KeyIndex_t  derivationKeyIdx,
mcuxClEls_KeyIndex_t  targetKeyIdx,
mcuxClEls_KeyProp_t  targetKeyProperties,
uint8_t const *  pDerivationData 
)

Derives a key using the HKDF (HMAC-based key derivation function) according to RFC5869.

Call mcuxClEls_WaitForOperation to complete the operation.

Parameters
[in]optionsThe command options. For more information, see mcuxClEls_HkdfOption_t.
[in]derivationKeyIdxKey index used for derivation. Must be a 256-bit key with HKDF property bit set to 1.
[in]targetKeyIdxKey bank number of the derived key. Will be a 256-bit key, the user must ensure there is enough space in the keystore to hold the derived key.
[in]targetKeyPropertiesRequested properties for the derived key. The ksize field will be ignored.
[in]pDerivationDataThe algorithm-specific derivation data, the length is MCUXCLELS_HKDF_RFC5869_DERIVATIONDATA_SIZE bytes
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_INVALID_PARAMif invalid parameters were specified
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request

◆ mcuxClEls_Hkdf_Sp80056c_Async()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Hkdf_Sp80056c_Async ( mcuxClEls_KeyIndex_t  derivationKeyIdx,
uint8_t *  pTagetKey,
uint8_t const *  pDerivationData,
size_t  derivationDataLength 
)

Derives a key using the HKDF (HMAC-based key derivation function) according to SP800-56C one-step approach with Sha2-256.

Call mcuxClEls_WaitForOperation to complete the operation.

Parameters
[in]derivationKeyIdxKey index used for derivation. Must be a 256-bit key with HKDF property bit set to 1.
[out]pTagetKeyMemory area to store the derived key. Will be a 256-bit key, the user must ensure there is enough space in the keystore to hold the derived key.
[in]pDerivationDataThe algorithm-specific derivation data
[in]derivationDataLengthLength of the derivation data
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_INVALID_PARAMif invalid parameters were specified
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request

◆ mcuxClEls_Ckdf_Sp800108_Async()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_Ckdf_Sp800108_Async ( mcuxClEls_KeyIndex_t  derivationKeyIdx,
mcuxClEls_KeyIndex_t  targetKeyIdx,
mcuxClEls_KeyProp_t  targetKeyProperties,
uint8_t const *  pDerivationData 
)

Derives a key using the NIST SP 800-108 CMAC-based Extract-and-Expand Key Derivation Function.

Call mcuxClEls_WaitForOperation to complete the operation.

Parameters
[in]derivationKeyIdxKey index used for derivation
[in]targetKeyIdxKey bank number of the derived key
[in]targetKeyPropertiesRequested properties for the derived key. Only set usage bits.
[in]pDerivationDataThe algorithm-specific derivation data, the length is MCUXCLELS_CKDF_DERIVATIONDATA_SIZE bytes
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_INVALID_PARAMif invalid parameters were specified
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request

◆ mcuxClEls_TlsGenerateMasterKeyFromPreMasterKey_Async()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_TlsGenerateMasterKeyFromPreMasterKey_Async ( uint8_t const *  pDerivationData,
mcuxClEls_KeyProp_t  keyProperties,
mcuxClEls_KeyIndex_t  keyIdx 
)

Generates a TLS master key based on a pre-master key and derivation data, according to the TLS 1.2 specification.

The pre-master key is overwritten in this operation. Call mcuxClEls_WaitForOperation to complete the operation.

Parameters
[in]pDerivationDataThe TLS derivation data, consisting of Label, Client Random and Server Random from the TLS 1.2 specification. Note: The order is different from mcuxClEls_TlsGenerateSessionKeysFromMasterKey_Async.
[in]keyPropertiesDesired key properties. Only mcuxClEls_KeyProp_t::upprot_priv and mcuxClEls_KeyProp_t::upprot_sec are used, the rest are ignored.
[in]keyIdxThe index of the TLS pre-master key, which is overwritten with the master key
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_INVALID_PARAMif invalid parameters were specified
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request
Examples
mcuxClEls_Tls_Master_Key_Session_Keys_example.c.

◆ mcuxClEls_TlsGenerateSessionKeysFromMasterKey_Async()

MCUXCLELS_API mcuxClEls_Status_t mcuxClEls_TlsGenerateSessionKeysFromMasterKey_Async ( uint8_t const *  pDerivationData,
mcuxClEls_KeyProp_t  keyProperties,
mcuxClEls_KeyIndex_t  keyIdx 
)

Generates TLS session keys based on a master key and derivation data, according to the TLS 1.2 specification.

The master key and the following five key indices are overwritten in this operation. The keys are written in the following order:

  1. Client Encryption Key
  2. Client Message Authentication Key
  3. Server Encryption Key
  4. Server Message Authentication Key

Call mcuxClEls_WaitForOperation to complete the operation.

Parameters
[in]pDerivationDataThe TLS derivation data, consisting of Label, Server Random and Client Random from the TLS 1.2 specification. Note: The order is different from mcuxClEls_TlsGenerateMasterKeyFromPreMasterKey_Async.
[in]keyPropertiesDesired key properties. Only mcuxClEls_KeyProp_t::upprot_priv and mcuxClEls_KeyProp_t::upprot_sec are used, the rest are ignored.
[in]keyIdxThe index of the TLS master key, which is overwritten with one of the session keys. There must be three further consecutive unoccupied key indices following this index.
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_INVALID_PARAMif invalid parameters were specified
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request
Examples
mcuxClEls_Tls_Master_Key_Session_Keys_example.c.