Defines all functions of mcuxClEls_Rng. More...
Functions | |
MCUXCLELS_API | MCUX_CSSL_FP_PROTECTED_TYPE (mcuxClEls_Status_t) mcuxClEls_Rng_DrbgRequest_Async(uint8_t *pOutput |
Writes random data from the ELS DRBG to the given buffer. More... | |
Variables | |
MCUXCLELS_API size_t | outputLength |
MCUXCLELS_API uint8_t * | pOutput |
MCUXCLELS_API size_t | dataLength |
MCUXCLELS_API size_t uint8_t const * | pIvKey |
Defines all functions of mcuxClEls_Rng.
MCUXCLELS_API MCUX_CSSL_FP_PROTECTED_TYPE | ( | mcuxClEls_Status_t | ) |
Writes random data from the ELS DRBG to the given buffer.
Deprecated type for mcuxClSession protected status codes.
Deprecated type for RSA protected status codes.
Deprecated type for error codes used by code-flow protected PKC component functions.
Deprecated type for error codes used by code-flow protected mcuxClMemory component functions.
Deprecated type for error codes used by code-flow protected Math component functions.
Deprecated type for Key component error codes, returned by functions with code-flow protection.
Deprecated type for ELS driver protected status codes.
Deprecated type for mcuxClEcc component return codes.
Writes random data from the ELS PRNG to the given buffer.
Returns one random word from the ELS PRNG.
Performs characterization of the ELS DTRNG.
Loads a configuration of the ELS DTRNG.
Encrypts data using the AES-CTR engine of the DRBG.
Encrypts data using the AES-ECB engine of the DRBG.
Performs a DRBG extraction.
Instantiates the DRBG in test mode.
This function fills a buffer with random values from the DRBG. The DRBG provides 128 bits of security strength.
Before execution, ELS will wait until mcuxClEls_HwState_t.drbgentlvl == MCUXCLELS_STATUS_DRBGENTLVL_HIGH. This can lead to a delay if the DRBG is in a state with less security strength at the time of the call.
If the random values from the DRBG are later used as a cryptographic key, the security strength of the cryptographic operation using the generated key should not exceed that of the DRBG.
To name a few examples, this means (as per NIST SP 800-57 Part 1 Rev. 5):
Call #mcuxClEls_WaitForOperation to complete the operation.
[out] | pOutput | Pointer to the beginning of the memory area to fill with random data |
[in] | outputLength | Number of requested random bytes |
outputLength
MCUXCLELS_STATUS_SW_INVALID_PARAM | if invalid parameters were specified |
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPT | if a running operation prevented the request |
MCUXCLELS_STATUS_OK_WAIT | on successful request |
This function is a support function for FIPS CAVP testing. This function turns the ELS internal DRBG in test mode by loading known entropy from system memory. Call #mcuxClEls_WaitForOperation to complete the operation. Note that this function will alter the ELS internal entropy state which needs to be updated by the TRNG to use the DRBG in normal mode. The update process is majorly impacted by the time the TRNG needs to provide fresh entropy.
[in] | pEntropy | Pointer to the input entropy data |
MCUXCLELS_STATUS_SW_INVALID_PARAM | if invalid parameters were specified |
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPT | if a running operation prevented the request |
MCUXCLELS_STATUS_OK_WAIT | on successful request |
This function is a support function for FIPS CAVP testing. This function mimics the behavior of #mcuxClEls_Rng_DrbgRequest_Async and fills a buffer with random data when DRBG is in test mode. Call #mcuxClEls_WaitForOperation to complete the operation. Note that this function will alter the ELS internal entropy state which needs to be updated by the TRNG to use the DRBG in normal mode. The update process is majorly impacted by the time the TRNG needs to provide fresh entropy.
[out] | pOutput | Pointer to the output random number |
[in] | outputLength | Length of the random number |
outputLength
MCUXCLELS_STATUS_SW_INVALID_PARAM | if invalid parameters were specified |
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPT | if a running operation prevented the request |
MCUXCLELS_STATUS_OK_WAIT | on successful request |
This function is a support function for FIPS CAVP testing. This function performs an AES-ECB encryption on system data to evaluate the encryption engine of the DRBG. Call #mcuxClEls_WaitForOperation to complete the operation. Note that this function will alter the ELS internal entropy state which needs to be updated by the TRNG to use the DRBG in normal mode. The update process is majorly impacted by the time the TRNG needs to provide fresh entropy.
[in] | pDataKey | Pointer to the data and key |
[out] | pOutput | Pointer to the encrypted output |
MCUXCLELS_STATUS_SW_INVALID_PARAM | if invalid parameters were specified |
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPT | if a running operation prevented the request |
MCUXCLELS_STATUS_OK_WAIT | on successful request |
This function is a support function for FIPS CAVP testing. This function performs an AES-CTR encryption on system data to evaluate the encryption engine of the DRBG in test mode. Call #mcuxClEls_WaitForOperation to complete the operation. Note that this function will alter the ELS internal entropy state which needs to be updated by the TRNG to use the DRBG in normal mode. The update process is majorly impacted by the time the TRNG needs to provide fresh entropy.
[in] | pData | Pointer to the data to be encrypted |
[in] | dataLength | Length of the data to be encrypted |
[in] | pIvKey | Pointer to the IV and key |
[out] | pOutput | Pointer to the encrypted output |
MCUXCLELS_STATUS_SW_INVALID_PARAM | if invalid parameters were specified |
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPT | if a running operation prevented the request |
MCUXCLELS_STATUS_OK_WAIT | on successful request |
This function overwrites the default DTRNG configuration in order to optimize or fine tune the DTRNG entropy gathering process. Call #mcuxClEls_WaitForOperation to complete the operation. Note that the TRNG configuration set by this function is non-persistent and any reset of the ELS (e.g. a power-cycle or calling #mcuxClEls_Reset_Async) will resets the DTRNG configuration to its default value.
[in] | pInput | The pointer to DTRNG initialization data |
pInput
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPT | if a running operation prevented the request |
MCUXCLELS_STATUS_OK_WAIT | on successful request |
This function evaluates a DTRNG configuration for device specific characterization. The configuration used for characterization has to be placed in system memory. Call #mcuxClEls_WaitForOperation to complete the operation.
[in] | pInput | The pointer to DTRNG initialization data |
[out] | pOutput | The pointer to the evaluation result |
pInput
pOutput
MCUXCLELS_STATUS_SW_INVALID_PARAM | if invalid parameters were specified |
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPT | if a running operation prevented the request |
MCUXCLELS_STATUS_OK_WAIT | on successful request |
This function returns one low-quality random CPU word gathered from the PRNG.
[out] | pWord | The pointer to the random word |
MCUXCLELS_STATUS_OK | on successful request |
MCUXCLELS_STATUS_HW_PRNG | in case of insufficient entropy |
This function fills a buffer with low-quality random values gathered from the PRNG.
[out] | pOutput | Pointer to the beginning of the memory area to fill with random data from PRNG |
[in] | outputLength | Size of pOutput in bytes |
MCUXCLELS_STATUS_OK | on successful request |
MCUXCLELS_STATUS_HW_PRNG | in case of insufficient entropy |