Defines all functions of mcuxClEls_Kdf. More...
Functions | |
MCUXCLELS_API | MCUX_CSSL_FP_PROTECTED_TYPE (mcuxClEls_Status_t) mcuxClEls_Hkdf_Rfc5869_Async(mcuxClEls_HkdfOption_t options |
Derives a key using the HKDF (HMAC-based key derivation function) according to RFC5869. More... | |
Variables | |
MCUXCLELS_API mcuxClEls_KeyIndex_t | derivationKeyIdx |
MCUXCLELS_API mcuxClEls_KeyIndex_t mcuxClEls_KeyIndex_t | targetKeyIdx |
MCUXCLELS_API mcuxClEls_KeyIndex_t mcuxClEls_KeyIndex_t mcuxClEls_KeyProp_t | targetKeyProperties |
MCUXCLELS_API mcuxClEls_KeyIndex_t mcuxClEls_KeyIndex_t mcuxClEls_KeyProp_t uint8_t const * | pDerivationData |
MCUXCLELS_API uint8_t * | pTagetKey |
MCUXCLELS_API uint8_t uint8_t const size_t | derivationDataLength |
MCUXCLELS_API mcuxClEls_KeyProp_t | keyProperties |
MCUXCLELS_API mcuxClEls_KeyProp_t mcuxClEls_KeyIndex_t | keyIdx |
Defines all functions of mcuxClEls_Kdf.
MCUXCLELS_API MCUX_CSSL_FP_PROTECTED_TYPE | ( | mcuxClEls_Status_t | ) |
Derives a key using the HKDF (HMAC-based key derivation function) according to RFC5869.
Deprecated type for mcuxClSession protected status codes.
Deprecated type for RSA protected status codes.
Deprecated type for error codes used by code-flow protected PKC component functions.
Deprecated type for error codes used by code-flow protected mcuxClMemory component functions.
Deprecated type for error codes used by code-flow protected Math component functions.
Deprecated type for Key component error codes, returned by functions with code-flow protection.
Deprecated type for ELS driver protected status codes.
Deprecated type for mcuxClEcc component return codes.
Generates TLS session keys based on a master key and derivation data, according to the TLS 1.2 specification.
Generates a TLS master key based on a pre-master key and derivation data, according to the TLS 1.2 specification.
Derives a key using the NIST SP 800-108 CMAC-based Extract-and-Expand Key Derivation Function.
Derives a key using the HKDF (HMAC-based key derivation function) according to SP800-56C one-step approach with Sha2-256.
Call #mcuxClEls_WaitForOperation to complete the operation.
[in] | options | The command options. For more information, see mcuxClEls_HkdfOption_t. |
[in] | derivationKeyIdx | Key index used for derivation. Must be a 256-bit key with HKDF property bit set to 1. |
[in] | targetKeyIdx | Key bank number of the derived key. Will be a 256-bit key, the user must ensure there is enough space in the keystore to hold the derived key. |
[in] | targetKeyProperties | Requested properties for the derived key. The ksize field will be ignored. |
[in] | pDerivationData | The algorithm-specific derivation data, the length is MCUXCLELS_HKDF_RFC5869_DERIVATIONDATA_SIZE bytes |
MCUXCLELS_STATUS_SW_INVALID_PARAM | if invalid parameters were specified |
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPT | if a running operation prevented the request |
MCUXCLELS_STATUS_OK_WAIT | on successful request |
Call #mcuxClEls_WaitForOperation to complete the operation.
[in] | derivationKeyIdx | Key index used for derivation. Must be a 256-bit key with HKDF property bit set to 1. |
[out] | pTagetKey | Memory area to store the derived key. Will be a 256-bit key, the user must ensure there is enough space in the keystore to hold the derived key. |
[in] | pDerivationData | The algorithm-specific derivation data |
[in] | derivationDataLength | Length of the derivation data |
MCUXCLELS_STATUS_SW_INVALID_PARAM | if invalid parameters were specified |
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPT | if a running operation prevented the request |
MCUXCLELS_STATUS_OK_WAIT | on successful request |
Call #mcuxClEls_WaitForOperation to complete the operation.
[in] | derivationKeyIdx | Key index used for derivation |
[in] | targetKeyIdx | Key bank number of the derived key |
[in] | targetKeyProperties | Requested properties for the derived key. Only set usage bits. |
[in] | pDerivationData | The algorithm-specific derivation data, the length is MCUXCLELS_CKDF_DERIVATIONDATA_SIZE bytes |
MCUXCLELS_STATUS_SW_INVALID_PARAM | if invalid parameters were specified |
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPT | if a running operation prevented the request |
MCUXCLELS_STATUS_OK_WAIT | on successful request |
The pre-master key is overwritten in this operation. Call #mcuxClEls_WaitForOperation to complete the operation.
[in] | pDerivationData | The TLS derivation data, consisting of Label, Client Random and Server Random from the TLS 1.2 specification. Note: The order is different from #mcuxClEls_TlsGenerateSessionKeysFromMasterKey_Async. |
[in] | keyProperties | Desired key properties. Only mcuxClEls_KeyProp_t::upprot_priv and mcuxClEls_KeyProp_t::upprot_sec are used, the rest are ignored. |
[in] | keyIdx | The index of the TLS pre-master key, which is overwritten with the master key |
MCUXCLELS_STATUS_SW_INVALID_PARAM | if invalid parameters were specified |
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPT | if a running operation prevented the request |
MCUXCLELS_STATUS_OK_WAIT | on successful request |
The master key and the following five key indices are overwritten in this operation. The keys are written in the following order:
Call #mcuxClEls_WaitForOperation to complete the operation.
[in] | pDerivationData | The TLS derivation data, consisting of Label, Server Random and Client Random from the TLS 1.2 specification. Note: The order is different from #mcuxClEls_TlsGenerateMasterKeyFromPreMasterKey_Async. |
[in] | keyProperties | Desired key properties. Only mcuxClEls_KeyProp_t::upprot_priv and mcuxClEls_KeyProp_t::upprot_sec are used, the rest are ignored. |
[in] | keyIdx | The index of the TLS master key, which is overwritten with one of the session keys. There must be three further consecutive unoccupied key indices following this index. |
MCUXCLELS_STATUS_SW_INVALID_PARAM | if invalid parameters were specified |
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPT | if a running operation prevented the request |
MCUXCLELS_STATUS_OK_WAIT | on successful request |