MCUX CLNS
MCUX Crypto Library Normal Secure
mcuxClEcc_Functions

Defines all functions of mcuxClEcc. More...

Functions

mcuxClEcc_Status_Protected_t mcuxClEcc_KeyGen (mcuxClSession_Handle_t pSession, const mcuxClEcc_KeyGen_Param_t *pParam)
 implements ECDSA key generation. More...
 
mcuxClEcc_Status_Protected_t mcuxClEcc_Sign (mcuxClSession_Handle_t pSession, const mcuxClEcc_Sign_Param_t *pParam)
 implements ECDSA signature generation. More...
 
mcuxClEcc_Status_Protected_t mcuxClEcc_Verify (mcuxClSession_Handle_t pSession, const mcuxClEcc_Verify_Param_t *pParam)
 implements ECDSA signature verification. More...
 
mcuxClEcc_Status_Protected_t mcuxClEcc_PointMult (mcuxClSession_Handle_t pSession, const mcuxClEcc_PointMult_Param_t *pParam)
 implements ECC point multiplication. More...
 
mcuxClEcc_Status_Protected_t mcuxClEcc_Mont_DhKeyGeneration (mcuxClSession_Handle_t session, mcuxClKey_Type_t type, mcuxClKey_Protection_t protection, mcuxClKey_Handle_t privKey, uint8_t *pPrivData, uint32_t *const pPrivDataSize, mcuxClKey_Handle_t pubKey, uint8_t *pPubData, uint32_t *const pPubDataSize)
 implements ECC key pair generation step for a MontDh key agreement according to rfc7748. More...
 
mcuxClEcc_Status_Protected_t mcuxClEcc_Mont_DhKeyAgreement (mcuxClSession_Handle_t session, mcuxClKey_Handle_t key, mcuxClKey_Handle_t otherKey, uint8_t *pOut, uint32_t *const pOutSize)
 implements ECC key agreement according to rfc7748. More...
 

Detailed Description

Defines all functions of mcuxClEcc.

Function Documentation

◆ mcuxClEcc_KeyGen()

mcuxClEcc_Status_Protected_t mcuxClEcc_KeyGen ( mcuxClSession_Handle_t  pSession,
const mcuxClEcc_KeyGen_Param_t pParam 
)

implements ECDSA key generation.

Return values
MCUXCLECC_STATUS_KEYGEN_OKif private key and public key are generated successfully;
MCUXCLECC_STATUS_KEYGEN_INVALID_PARAMSif parameter(s) is invalid;
MCUXCLECC_STATUS_KEYGEN_RNG_ERRORif random number (DRBG / PRNG) error (unexpected behavior);
MCUXCLECC_STATUS_FAULT_ATTACKif fault attack (unexpected behavior) is detected.
Attention
This function uses DRBG and PRNG. Caller needs to check if DRBG and PRNG are ready.
Parameters
[in]pSessionpointer to mcuxClSession_Descriptor.
[in]pParampointer to ECDSA Key Generation parameter structure.

◆ mcuxClEcc_Sign()

mcuxClEcc_Status_Protected_t mcuxClEcc_Sign ( mcuxClSession_Handle_t  pSession,
const mcuxClEcc_Sign_Param_t pParam 
)

implements ECDSA signature generation.

Return values
MCUXCLECC_STATUS_SIGN_OKif signature is generated successfully;
MCUXCLECC_STATUS_SIGN_INVALID_PARAMSif parameter(s) is invalid;
MCUXCLECC_STATUS_SIGN_RNG_ERRORif random number (DRBG / PRNG) error (unexpected behavior);
MCUXCLECC_STATUS_FAULT_ATTACKif fault attack (unexpected behavior) is detected.
Attention
This function uses DRBG and PRNG. Caller needs to check if DRBG and PRNG are ready.
Parameters
[in]pSessionpointer to mcuxClSession_Descriptor.
[in]pParampointer to ECDSA Sign parameter structure.

◆ mcuxClEcc_Verify()

mcuxClEcc_Status_Protected_t mcuxClEcc_Verify ( mcuxClSession_Handle_t  pSession,
const mcuxClEcc_Verify_Param_t pParam 
)

implements ECDSA signature verification.

Return values
MCUXCLECC_STATUS_VERIFY_OKif ECDSA Signature is valid;
MCUXCLECC_STATUS_VERIFY_NOT_OKif ECDSA Signature is invalid;
MCUXCLECC_STATUS_VERIFY_INVALID_PARAMSif parameter(s) is invalid;
MCUXCLECC_STATUS_FAULT_ATTACKif fault attack (unexpected behavior) is detected.
Parameters
[in]pSessionpointer to mcuxClSession_Descriptor.
[in]pParampointer to ECDSA Verify parameter structure.

◆ mcuxClEcc_PointMult()

mcuxClEcc_Status_Protected_t mcuxClEcc_PointMult ( mcuxClSession_Handle_t  pSession,
const mcuxClEcc_PointMult_Param_t pParam 
)

implements ECC point multiplication.

This API performs elliptic curve point multiplication on the given elliptic curve in short Weierstrass form. This API does not check if the curve parameters and the given point are valid or not. Invalid curve parameters or point might cause the return of MCUXCLECC_STATUS_POINTMULT_INVALID_PARAMS, invalid result, and unexpected behavior (e.g., the return of MCUXCLECC_STATUS_FAULT_ATTACK).

Parameters
[in]pSessionpointer to mcuxClSession_Descriptor.
[in]pParampointer to ECC point multiplication parameter structure.
Parameter properties
pParam.curveParam.pG
the base point is not used in this API. This pointer can be left unspecified.
Returns
A code-flow protected error code (see MCUXCLECC_STATUS_)
Return values
MCUXCLECC_STATUS_POINTMULT_OKif point multiplication is calculated successfully, and the result is not the neutral point;
MCUXCLECC_STATUS_POINTMULT_INVALID_PARAMSif parameter(s) is invalid;
MCUXCLECC_STATUS_POINTMULT_NEUTRAL_POINTif result is the neutral point;
MCUXCLECC_STATUS_FAULT_ATTACKif fault attack (unexpected behavior) is detected.
Attention
This function uses PRNG. Caller needs to check if PRNG is ready.

◆ mcuxClEcc_Mont_DhKeyGeneration()

mcuxClEcc_Status_Protected_t mcuxClEcc_Mont_DhKeyGeneration ( mcuxClSession_Handle_t  session,
mcuxClKey_Type_t  type,
mcuxClKey_Protection_t  protection,
mcuxClKey_Handle_t  privKey,
uint8_t *  pPrivData,
uint32_t *const  pPrivDataSize,
mcuxClKey_Handle_t  pubKey,
uint8_t *  pPubData,
uint32_t *const  pPubDataSize 
)

implements ECC key pair generation step for a MontDh key agreement according to rfc7748.

This API performs elliptic curve key generation of the private key and calculates corresponding public key for MontDh key agreement This API does not check if the curve parameters are correct. This API might return MCUXCLECC_STATUS_MONT_RNG_ERROR when RNG behave in unexpected way Unexpected behavior will return MCUXCLECC_STATUS_FAULT_ATTACK.

Parameters
[in]sessionmcuxClSession_Descriptor structure
[in]typetype structure specifying requested key type to be generated. Also contains domain parameters
[in]protectionmcuxClKey_Protection structure
[out]privKeyprivate key handling structure
[out]pPrivDatabuffer for private key of the MCUXCLECC_MONT_CURVE25519_SIZE_PRIVATEKEY length
[out]pPrivDataSizeprivate key length
[out]pubKeypublic key handling structure
[out]pPubDatabuffer for public key x-coordinate of MCUXCLECC_MONT_CURVE25519_SIZE_PUBLICKEY length
[out]pPubDataSizepublic key x-coordinate length
Returns
A code-flow protected error code (see MCUXCLECC_STATUS_ and MCUXCLECC_MONT_STATUS_)
Return values
MCUXCLECC_STATUS_MONT_DHKEYGENERATION_OKif key generation correctly calculate private and public keys, public key does not belong to the small subgroup.
MCUXCLECC_STATUS_MONT_RNG_ERRORif RNG return an error.
MCUXCLECC_STATUS_FAULT_ATTACKif fault attack (unexpected behavior) is detected.
Attention
This function uses PRNG. Caller needs to check if PRNG is ready.
Examples
mcuxClEcc_Mont_example.c.

◆ mcuxClEcc_Mont_DhKeyAgreement()

mcuxClEcc_Status_Protected_t mcuxClEcc_Mont_DhKeyAgreement ( mcuxClSession_Handle_t  session,
mcuxClKey_Handle_t  key,
mcuxClKey_Handle_t  otherKey,
uint8_t *  pOut,
uint32_t *const  pOutSize 
)

implements ECC key agreement according to rfc7748.

This API performs elliptic curve key agreement to compute shared secret between two parties using the function X25519 This API does not check if the curve parameters are correct. This API might return MCUXCLECC_STATUS_MONT_RNG_ERROR when RNG behave in unexpected way This API might return MCUXCLECC_STATUS_MONT_DHKEYAGREEMENT_ERROR_SMALL_SUBGROUP if generated public key lies in the small subgroup Unexpected behavior will return MCUXCLECC_STATUS_FAULT_ATTACK.

Parameters
[in]sessionpointer to mcuxClSession_Descriptor.
[in]keyprivate key handling structure
[in]otherKeypublic key handling structure
[out]pOutbuffer for shared secret of length MCUXCLECC_MONT_CURVE25519_SIZE_SHAREDSECRET
[out]pOutSizeshared secret length
Returns
A code-flow protected error code (see MCUXCLECC_STATUS_ and MCUXCLECC_MONT_STATUS_)
Return values
MCUXCLECC_STATUS_MONT_DHKEYAGREEMENT_OKif key generation correctly calculate private and public keys, public key does not belong to the small subgroup.
MCUXCLECC_STATUS_MONT_RNG_ERRORif RNG return an error.
MCUXCLECC_STATUS_MONT_DHKEYAGREEMENT_ERROR_SMALL_SUBGROUPif calculated public key lies in small subgroup.
MCUXCLECC_STATUS_FAULT_ATTACKif fault attack (unexpected behavior) is detected.
Attention
This function uses PRNG. Caller needs to check if PRNG is ready.
Examples
mcuxClEcc_Mont_example.c.