MCUX CLNS
MCUX Crypto Library Normal Secure
mcuxClCss_Ecc.h File Reference

CSSv2 header for elliptic curve cryptography This header exposes functions that enable using the CSSv2 for elliptic curve cryptography. More...

#include <mcuxClCss_Common.h>

Go to the source code of this file.

Data Structures

union  mcuxClCss_EccSignOption_t
 Command option bit field for mcuxClCss_EccSign_Async Bit field to configure mcuxClCss_EccSign_Async. More...
 
union  mcuxClCss_EccVerifyOption_t
 Command option bit field for mcuxClCss_EccVerify_Async Bit field to configure mcuxClCss_EccVerifyOption_t. More...
 
union  mcuxClCss_EccKeyGenOption_t
 Command option bit field for mcuxClCss_EccKeyGen_Async Bit field to configure mcuxClCss_EccKeyGenOption_t. More...
 

Macros

#define MCUXCLCSS_ECC_VALUE_HASHED
 Set this option at mcuxClCss_EccSignOption_t.value or mcuxClCss_EccVerifyOption_t.value to specify input is the hash of the message. More...
 
#define MCUXCLCSS_ECC_VALUE_NOT_HASHED
 Set this option at mcuxClCss_EccSignOption_t.value or mcuxClCss_EccVerifyOption_t.value to specify input is the plain message. More...
 
#define MCUXCLCSS_ECC_VALUE_RTF
 Set this option at mcuxClCss_EccSignOption_t.value to include the RTF in the signature, only for mcuxClCss_EccSignOption_t. More...
 
#define MCUXCLCSS_ECC_VALUE_NO_RTF
 Set this option at mcuxClCss_EccSignOption_t.value to not include the RTF in the signature, only for mcuxClCss_EccSignOption_t. More...
 
#define MCUXCLCSS_KEYGEN_VALUE_SIGN_PUBLICKEY
 Set this option at mcuxClCss_EccKeyGenOption_t.value to sign the public key. More...
 
#define MCUXCLCSS_KEYGEN_VALUE_TYPE_SIGN
 Set this option at mcuxClCss_EccKeyGenOption_t.value to specify output key will be a signing key usable by mcuxClCss_EccSign_Async. More...
 
#define MCUXCLCSS_KEYGEN_VALUE_TYPE_KEYEXCHANGE
 Set this option at mcuxClCss_EccKeyGenOption_t.value to specify output key will be a Diffie Helman key usable by mcuxClCss_EccKeyExchange_Async. More...
 
#define MCUXCLCSS_KEYGEN_VALUE_DETERMINISTIC
 Set this option at mcuxClCss_EccKeyGenOption_t.value to specify output key is deterministic. More...
 
#define MCUXCLCSS_KEYGEN_VALUE_RANDOM
 Set this option at mcuxClCss_EccKeyGenOption_t.value to specify output key is random. More...
 
#define NXFCLCSS_KEYGEN_VALUE_GEN_PUB_KEY
 Set this option at mcuxClCss_EccKeyGenOption_t.value to generate a public key. More...
 
#define NXFCLCSS_KEYGEN_VALUE_NO_PUB_KEY
 Set this option at mcuxClCss_EccKeyGenOption_t.value to not generate a public key. More...
 
#define MCUXCLCSS_KEYGEN_VALUE_NO_RANDOM_DATA
 Set this option at mcuxClCss_EccKeyGenOption_t.value to not use random data for signing the public key. More...
 
#define MCUXCLCSS_KEYGEN_VALUE_USE_RANDOM_DATA
 Set this option at mcuxClCss_EccKeyGenOption_t.value to use random data for signing the public key. More...
 
#define MCUXCLCSS_ECC_HASHED
 Set this option at mcuxClCss_EccSignOption_t.echashchl or mcuxClCss_EccVerifyOption_t.echashchl to specify input is the hash of the message. More...
 
#define MCUXCLCSS_ECC_NOT_HASHED
 Set this option at mcuxClCss_EccSignOption_t.echashchl or mcuxClCss_EccVerifyOption_t.echashchl to specify input is the plain message. More...
 
#define MCUXCLCSS_ECC_RTF
 Set this option at mcuxClCss_EccSignOption_t.signrtf to include the RTF in the signature. More...
 
#define MCUXCLCSS_ECC_NO_RTF
 Set this option at mcuxClCss_EccSignOption_t.signrtf to not include the RTF in the signature. More...
 
#define MCUXCLCSS_ECC_PUBLICKEY_SIGN_ENABLE
 Set this option at mcuxClCss_EccKeyGenOption_t.kgsign to sign the public key (signature will be concatenated to the output public key) More...
 
#define MCUXCLCSS_ECC_PUBLICKEY_SIGN_DISABLE
 Set this option at mcuxClCss_EccKeyGenOption_t.kgsign to not sign the public key. More...
 
#define MCUXCLCSS_ECC_OUTPUTKEY_SIGN
 Set this option at mcuxClCss_EccKeyGenOption_t.kgtypedh to specify output key will be a signing key usable by mcuxClCss_EccSign_Async. More...
 
#define MCUXCLCSS_ECC_OUTPUTKEY_KEYEXCHANGE
 Set this option at mcuxClCss_EccKeyGenOption_t.kgtypedh to specify output key will be a Diffie Helman key usable by mcuxClCss_EccKeyExchange_Async. More...
 
#define MCUXCLCSS_ECC_OUTPUTKEY_DETERMINISTIC
 Set this option at mcuxClCss_EccKeyGenOption_t.kgsrc to specify output key is deterministic. More...
 
#define MCUXCLCSS_ECC_OUTPUTKEY_RANDOM
 Set this option at mcuxClCss_EccKeyGenOption_t.kgsrc to specify output key is random. More...
 
#define MCUXCLCSS_ECC_GEN_PUBLIC_KEY
 Set this option at mcuxClCss_EccKeyGenOption_t.skip_pbk to generate a public key. More...
 
#define MCUXCLCSS_ECC_SKIP_PUBLIC_KEY
 Set this option at mcuxClCss_EccKeyGenOption_t.skip_pbk to not generate a public key. More...
 
#define MCUXCLCSS_ECC_NO_RANDOM_DATA
 Set this option at mcuxClCss_EccKeyGenOption_t.kgsign_rnd to not include user provided random data for the signature. More...
 
#define MCUXCLCSS_ECC_INCLUDE_RANDOM_DATA
 Set this option at mcuxClCss_EccKeyGenOption_t.kgsign_rnd to include user provided random data for the signature. More...
 
#define MCUXCLCSS_ECC_PUBLICKEY_SIZE
 Size of the public key. More...
 
#define MCUXCLCSS_ECC_SIGNATURE_SIZE
 Size of the signature. More...
 
#define MCUXCLCSS_ECC_SIGNATURE_R_SIZE
 Size of the signature part r. More...
 

Typedefs

typedef uint8_t mcuxClCss_EccByte_t
 Data type for ECC parameters in CSS format. More...
 

Functions

MCUXCLCSS_API mcuxClCss_Status_Protected_t mcuxClCss_EccKeyGen_Async (mcuxClCss_EccKeyGenOption_t options, mcuxClCss_KeyIndex_t signingKeyIdx, mcuxClCss_KeyIndex_t privateKeyIdx, mcuxClCss_KeyProp_t generatedKeyProperties, uint8_t const *pRandomData, uint8_t *pPublicKey)
 Generates an ECC key pair on the NIST P-256 curve. More...
 
MCUXCLCSS_API mcuxClCss_Status_Protected_t mcuxClCss_EccKeyExchange_Async (mcuxClCss_KeyIndex_t privateKeyIdx, uint8_t const *pPublicKey, mcuxClCss_KeyIndex_t sharedSecretIdx, mcuxClCss_KeyProp_t sharedSecretProperties)
 Performs a Diffie-Hellman key exchange with an internal ECC private key and an external ECC public key. More...
 
MCUXCLCSS_API mcuxClCss_Status_Protected_t mcuxClCss_EccSign_Async (mcuxClCss_EccSignOption_t options, mcuxClCss_KeyIndex_t keyIdx, uint8_t const *pInputHash, uint8_t const *pInputMessage, size_t inputMessageLength, uint8_t *pOutput)
 Generates an ECDSA signature of a given message. More...
 
MCUXCLCSS_API mcuxClCss_Status_Protected_t mcuxClCss_EccVerify_Async (mcuxClCss_EccVerifyOption_t options, uint8_t const *pInputHash, uint8_t const *pInputMessage, size_t inputMessageLength, uint8_t const *pSignatureAndPubKey, uint8_t *pOutput)
 Verifies an ECDSA signature of a given message. More...
 

Detailed Description

CSSv2 header for elliptic curve cryptography This header exposes functions that enable using the CSSv2 for elliptic curve cryptography.

All functions operate on the NIST P-256 curve. The ECC operations supported are:

  • ECC key generation
  • ECC Diffie-Hellman key exchange
  • ECDSA signature generation/verification