Defines all functions of mcuxClRsa. More...
Functions | |
MCUX_CSSL_FP_PROTECTED_TYPE (mcuxClRsa_Status_t) mcuxClRsa_sign(mcuxClSession_Handle_t pSession | |
RSA sign operation. More... | |
Defines all functions of mcuxClRsa.
MCUX_CSSL_FP_PROTECTED_TYPE | ( | mcuxClRsa_Status_t | ) |
RSA sign operation.
Deprecated type for mcuxClSession protected status codes.
Deprecated type for RSA protected status codes.
Deprecated type for error codes used by code-flow protected PKC component functions.
Deprecated type for error codes used by code-flow protected mcuxClMemory component functions.
Deprecated type for error codes used by code-flow protected Math component functions.
Deprecated type for Key component error codes, returned by functions with code-flow protection.
Deprecated type for ELS driver protected status codes.
Deprecated type for mcuxClEcc component return codes.
RSA key generation of private plain key operation.
Generates an RSA key in CRT format.
RSA verify operation.
This function performs an RSA signature generation according to RSASP1, RSASSA-PSS-SIGN or RSASSA-PKCS1-v1_5-SIGN of PKCS #1 v2.2. Based on the passed key type, it is selected, whether to perform this operation using a private plain, a private CRT key, or whether to use a private CRT key and protect the operation against perturbation attacks. Based on the selection of the padding mode, it is determined, whether to perform no padding, or whether to perform one of the supported paddings based on one of the supported hash functions. The supported bit-lengths of the modulus range from 512 to 4096 in multiples of 8. The private exponent is limited to d < n.
[in] | pSession | Pointer to mcuxClSession_Descriptor |
[in] | pKey | Pointer to key structure of type mcuxClRsa_Key |
[in] | pMessageOrDigest | Pointer to buffer, which contains the input to the sign operation |
[in] | messageLength | Byte-length of MessageOrDigest |
[in] | pPaddingMode | Pointer to signing mode of type mcuxClRsa_SignVerifyMode_t |
[in] | saltLength | Byte-length of salt |
[in] | options | Options field |
[out] | pSignature | Pointer to buffer, which contains the result (signature) |
MCUXCLRSA_STATUS_SIGN_OK | Sign operation executed successfully. |
MCUXCLRSA_STATUS_INVALID_INPUT | The input parameters are not valid. |
MCUXCLRSA_STATUS_ERROR | An error occurred during the execution. In that case, expectations for the flow protection are not balanced. |
This function performs an RSA signature verification according to RSAVP1, RSASSA-PSS-VERIFY or RSASSA-PKCS1-v1_5-VERIFY of PKCS #1 v2.2. Based on the selection of the padding mode, it is determined, whether to perform no padding verification, or whether to perform one of the supported padding verifications based on one of the supported hash functions. The supported bit-lengths of the modulus range from 512 to 4096 in multiples of 8. The public exponent is limited to 2 <= e < N.
[in] | pSession | Pointer to mcuxClSession_Descriptor |
[in] | pKey | Pointer to key structure of type mcuxClRsa_Key |
[in] | pMessageOrDigest | Pointer to buffer, which contains the input to the verify operation |
[in] | messageLength | Byte-length of MessageOrDigest |
[in] | pSignature | Pointer to buffer, which contains the signature |
[in] | pVerifyMode | Pointer to verification mode of type mcuxClRsa_SignVerifyMode_t |
[in] | saltLength | Byte-length of salt |
[in] | options | Options field |
[out] | pOutput | Pointer to output buffer |
MCUXCLRSA_STATUS_VERIFY_OK | Verify operation executed successfully. |
MCUXCLRSA_STATUS_VERIFYPRIMITIVE_OK | Verification primitive operation executed successfully. |
MCUXCLRSA_STATUS_INVALID_INPUT | The input parameters are not valid. |
MCUXCLRSA_STATUS_VERIFY_FAILED | The signature verification failed. |
MCUXCLRSA_STATUS_ERROR | An error occurred during the execution. In that case, expectations for the flow protection are not balanced. |
This function for given public exponent and key size generates an RSA private key in CRT representation (p, q, dp, dq, qInv) and computes the modulus n.
Primes p and q are generated based on the method specified in the FIPS 186-4, Appendix B.3.3 using probabilistic primality test with the probability of not being prime less than 2^(-125). The public exponent is restricted to (FIPS compliant) odd values in the range 2^16 < e < 2^256 (i.e. including 0x10001). The bit-length of the key size is limited to 2048, 3072 and 4096. The keys generated by this function are FIPS 186-4 compliant provided their length is either 2048 or 3072 bits and the exponent value is an odd integer between 2^16 and 2^256.
[in] | pSession | Pointer to mcuxClSession_Descriptor |
[in] | type | Type of the key |
[in] | protection | Protection and flush mechanism that must be applied to the generated key. |
[out] | privKey | Key handle for the generated private key |
[out] | pPrivData | Pointer to the buffer where the generated private CRT key data needs to be written |
[out] | pPrivDataLength | Will be set by the number of bytes of data that have been written to the pPrivData buffer |
[out] | pubKey | Key handle for the generated public key |
[out] | pPubData | Pointer to the buffer where the generated public key data needs to be written |
[out] | pPubDataLength | Will be set by the number of bytes of data that have been written to the pPubData buffer |
pPrivData
buffer. pPubData
buffer. MCUXCLRSA_STATUS_KEYGENERATION_OK | RSA key generation operation executed successfully. |
MCUXCLRSA_STATUS_INVALID_INPUT | The input parameters are not valid. |
MCUXCLRSA_STATUS_KEYGENERATION_ITERATIONSEXCEEDED | RSA key generation exceeds the limit of iterations to generate a prime. |
MCUXCLRSA_STATUS_ERROR | An error occurred during the execution. In that case, expectations for the flow protection are not balanced. |
This function for given public exponent and key size generates RSA private key in in plain from (d, n).
Private exponent d is computed with the requirements specified in the FIPS 186-4, Appendix B.3.1. Primes p and q are generated based on the method specified in the FIPS 186-4, Appendix B.3.3 using probabilistic primality test with the probability of not being prime less than 2^(-125). The public exponent is restricted to (FIPS compliant) odd values in the range 2^16 < e < 2^256 (i.e. including 0x10001). The bit-length of the key size is limited to 2048, 3072 and 4096. The keys generated by this function are FIPS 186-4 compliant provided their length is either 2048 or 3072 bits and the exponent value is an odd integer between 2^16 and 2^256.
[in] | pSession | Pointer to mcuxClSession_Descriptor |
[in] | type | Type of the key |
[in] | protection | Protection and flush mechanism that must be applied to the generated key |
[out] | privKey | Key handle for the generated private key |
[out] | pPrivData | Pointer to the buffer where the generated private plain key data needs to be written |
[out] | pPrivDataLength | Will be set by the number of bytes of data that have been written to the pPrivData buffer |
[out] | pubKey | Key handle for the generated public key |
[out] | pPubData | Pointer to the buffer where the generated public key data needs to be written |
[out] | pPubDataLength | Will be set by the number of bytes of data that have been written to the pPubData buffer |
pPrivData
buffer. pPubData
buffer. MCUXCLRSA_STATUS_KEYGENERATION_OK | RSA key generation operation executed successfully. |
MCUXCLRSA_STATUS_INVALID_INPUT | The input parameters are not valid. |
MCUXCLRSA_STATUS_KEYGENERATION_ITERATIONSEXCEEDED | RSA key generation exceeds the limit of iterations to generate a prime. |
MCUXCLRSA_STATUS_ERROR | An error occurred during the execution. In that case, expectations for the flow protection are not balanced. |