MCUX CLNS
MCUX Crypto Library Normal Secure
mcuxClEls_Kdf_Functions

Defines all functions of mcuxClEls_Kdf. More...

Functions

MCUXCLELS_API MCUX_CSSL_FP_PROTECTED_TYPE (mcuxClEls_Status_t) mcuxClEls_Hkdf_Rfc5869_Async(mcuxClEls_HkdfOption_t options
 Derives a key using the HKDF (HMAC-based key derivation function) according to RFC5869. More...
 

Variables

MCUXCLELS_API mcuxClEls_KeyIndex_t derivationKeyIdx
 
MCUXCLELS_API mcuxClEls_KeyIndex_t mcuxClEls_KeyIndex_t targetKeyIdx
 
MCUXCLELS_API mcuxClEls_KeyIndex_t mcuxClEls_KeyIndex_t mcuxClEls_KeyProp_t targetKeyProperties
 
MCUXCLELS_API mcuxClEls_KeyIndex_t mcuxClEls_KeyIndex_t mcuxClEls_KeyProp_t uint8_t const * pDerivationData
 
MCUXCLELS_API uint8_t * pTagetKey
 
MCUXCLELS_API uint8_t uint8_t const size_t derivationDataLength
 
MCUXCLELS_API mcuxClEls_KeyProp_t keyProperties
 
MCUXCLELS_API mcuxClEls_KeyProp_t mcuxClEls_KeyIndex_t keyIdx
 

Detailed Description

Defines all functions of mcuxClEls_Kdf.

Function Documentation

◆ MCUX_CSSL_FP_PROTECTED_TYPE()

MCUXCLELS_API MCUX_CSSL_FP_PROTECTED_TYPE ( mcuxClEls_Status_t  )

Derives a key using the HKDF (HMAC-based key derivation function) according to RFC5869.

Deprecated type for mcuxClSession protected status codes.

Deprecated type for RSA protected status codes.

Deprecated type for error codes used by code-flow protected PKC component functions.

Deprecated type for error codes used by code-flow protected mcuxClMemory component functions.

Deprecated type for error codes used by code-flow protected Math component functions.

Deprecated type for Key component error codes, returned by functions with code-flow protection.

Deprecated type for ELS driver protected status codes.

Deprecated type for mcuxClEcc component return codes.

Generates TLS session keys based on a master key and derivation data, according to the TLS 1.2 specification.

Generates a TLS master key based on a pre-master key and derivation data, according to the TLS 1.2 specification.

Derives a key using the NIST SP 800-108 CMAC-based Extract-and-Expand Key Derivation Function.

Derives a key using the HKDF (HMAC-based key derivation function) according to SP800-56C one-step approach with Sha2-256.

Call #mcuxClEls_WaitForOperation to complete the operation.

Parameters
[in]optionsThe command options. For more information, see mcuxClEls_HkdfOption_t.
[in]derivationKeyIdxKey index used for derivation. Must be a 256-bit key with HKDF property bit set to 1.
[in]targetKeyIdxKey bank number of the derived key. Will be a 256-bit key, the user must ensure there is enough space in the keystore to hold the derived key.
[in]targetKeyPropertiesRequested properties for the derived key. The ksize field will be ignored.
[in]pDerivationDataThe algorithm-specific derivation data, the length is MCUXCLELS_HKDF_RFC5869_DERIVATIONDATA_SIZE bytes
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_INVALID_PARAMif invalid parameters were specified
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request

Call #mcuxClEls_WaitForOperation to complete the operation.

Parameters
[in]derivationKeyIdxKey index used for derivation. Must be a 256-bit key with HKDF property bit set to 1.
[out]pTagetKeyMemory area to store the derived key. Will be a 256-bit key, the user must ensure there is enough space in the keystore to hold the derived key.
[in]pDerivationDataThe algorithm-specific derivation data
[in]derivationDataLengthLength of the derivation data
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_INVALID_PARAMif invalid parameters were specified
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request

Call #mcuxClEls_WaitForOperation to complete the operation.

Parameters
[in]derivationKeyIdxKey index used for derivation
[in]targetKeyIdxKey bank number of the derived key
[in]targetKeyPropertiesRequested properties for the derived key. Only set usage bits.
[in]pDerivationDataThe algorithm-specific derivation data, the length is MCUXCLELS_CKDF_DERIVATIONDATA_SIZE bytes
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_INVALID_PARAMif invalid parameters were specified
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request

The pre-master key is overwritten in this operation. Call #mcuxClEls_WaitForOperation to complete the operation.

Parameters
[in]pDerivationDataThe TLS derivation data, consisting of Label, Client Random and Server Random from the TLS 1.2 specification. Note: The order is different from #mcuxClEls_TlsGenerateSessionKeysFromMasterKey_Async.
[in]keyPropertiesDesired key properties. Only mcuxClEls_KeyProp_t::upprot_priv and mcuxClEls_KeyProp_t::upprot_sec are used, the rest are ignored.
[in]keyIdxThe index of the TLS pre-master key, which is overwritten with the master key
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_INVALID_PARAMif invalid parameters were specified
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request

The master key and the following five key indices are overwritten in this operation. The keys are written in the following order:

  1. Client Encryption Key
  2. Client Message Authentication Key
  3. Server Encryption Key
  4. Server Message Authentication Key

Call #mcuxClEls_WaitForOperation to complete the operation.

Parameters
[in]pDerivationDataThe TLS derivation data, consisting of Label, Server Random and Client Random from the TLS 1.2 specification. Note: The order is different from #mcuxClEls_TlsGenerateMasterKeyFromPreMasterKey_Async.
[in]keyPropertiesDesired key properties. Only mcuxClEls_KeyProp_t::upprot_priv and mcuxClEls_KeyProp_t::upprot_sec are used, the rest are ignored.
[in]keyIdxThe index of the TLS master key, which is overwritten with one of the session keys. There must be three further consecutive unoccupied key indices following this index.
Returns
An error code that can be any error code in MCUXCLELS_STATUS_, see individual documentation for more information
Return values
MCUXCLELS_STATUS_SW_INVALID_PARAMif invalid parameters were specified
MCUXCLELS_STATUS_SW_CANNOT_INTERRUPTif a running operation prevented the request
MCUXCLELS_STATUS_OK_WAITon successful request