 |
nrfxlib API 2.8.99
|
|
nrfxlib API 2.8.99
|
The nrf_cc3xx_mbedcrypto_kmu APIs can be utilized to directly use or derive keys from KMU or KDR in ARM CryptoCell devices. More...
Macros | |
| #define | MBEDTLS_SHADOW_KEY_KDF_MAX_LABEL_SIZE_IN_BYTES (64) |
| KDF input "label" can be 0 to 64 bytes. | |
| #define | MBEDTLS_SHADOW_KEY_KDF_MAX_CONTEXT_SIZE_IN_BYTES (64) |
| KDF input "context" can be 0 to 64 bytes. | |
| #define | MBEDTLS_SHADOW_KEY_KDF_MAX_DERIVED_SIZE_IN_BYTES (4080) |
| KDF max length for derived material. | |
| #define | MBEDTLS_ERR_SHADOW_KEY_KEY_OK (0) |
| The shadow key operation was succesful. | |
| #define | MBEDTLS_ERR_SHADOW_KEY_INVALID_SLOT (-1) |
| The shadow key operation used an invalid slot. | |
| #define | MBEDTLS_ERR_SHADOW_KEY_INVALID_SIZE (-2) |
| The shadow key was of invalid size. | |
| #define | MBEDTLS_ERR_SHADOW_KEY_KDF_INVALID_LABEL (-3) |
| The KDF input label is invalid. | |
| #define | MBEDTLS_ERR_SHADOW_KEY_KDF_INVALID_CONTEXT (-4) |
| The KDF input context is invalid. | |
| #define | MBEDTLS_ERR_SHADOW_KEY_KDF_INVALID_INPUT (-5) |
| The KDF input is invalid. | |
| #define | MBEDTLS_ERR_SHADOW_KEY_INTERNAL_ERROR (-6) |
| KMU/KDF internal error. | |
Functions | |
| int | mbedtls_aes_setkey_enc_shadow_key (mbedtls_aes_context *const ctx, uint32_t slot_id, unsigned int keybits) |
| Function to configure AES to use one or more KMU key slot for encryption. | |
| int | mbedtls_aes_setkey_dec_shadow_key (mbedtls_aes_context *const ctx, uint32_t slot_id, unsigned int keybits) |
| Function to configure AES to use one or more KMU key slot for decryption. | |
| int | mbedtls_aes_setkey_enc_shadow_key_derived (mbedtls_aes_context *const ctx, uint32_t slot_id, unsigned int keybits, uint8_t const *label, size_t label_size, uint8_t const *context, size_t context_size) |
| Function to configure AES to use a key derived from one or more slots in KMU for encryption. | |
| int | mbedtls_aes_setkey_dec_shadow_key_derived (mbedtls_aes_context *const ctx, uint32_t slot_id, unsigned int keybits, uint8_t const *label, size_t label_size, uint8_t const *context, size_t context_size) |
| Function to configure AES to use a key derived from one or more slots in KMU for decryption. | |
| int | mbedtls_ccm_setkey_shadow_key (mbedtls_ccm_context *const ctx, mbedtls_cipher_id_t cipher, uint32_t slot_id, unsigned int keybits) |
| Function to configure AES CCM to use one or more KMU key slot as encryption key. | |
| int | mbedtls_ccm_setkey_shadow_key_derived (mbedtls_ccm_context *const ctx, mbedtls_cipher_id_t cipher, uint32_t slot_id, unsigned int keybits, uint8_t const *label, size_t label_size, uint8_t const *context, size_t context_size) |
| Function to configure AES CCM to use a key derived from one or more slots in KMU for encryption. | |
| int | mbedtls_gcm_setkey_shadow_key (mbedtls_gcm_context *const ctx, mbedtls_cipher_id_t cipher, uint32_t slot_id, unsigned int keybits) |
| Function to configure AES GCM to use one or more KMU key slot as encryption key. | |
| int | mbedtls_gcm_setkey_shadow_key_derived (mbedtls_gcm_context *const ctx, mbedtls_cipher_id_t cipher, uint32_t slot_id, unsigned int keybits, uint8_t const *label, size_t label_size, uint8_t const *context, size_t context_size) |
| Function to configure AES GCM to use a key derived from one or more slots in KMU for encryption. | |
| int | mbedtls_shadow_key_derive (uint32_t slot_id, unsigned int keybits, uint8_t const *label, size_t label_size, uint8_t const *context, size_t context_size, uint8_t *output, size_t output_size) |
| Function to use CMAC to derive a key stored in KMU/Kdr. | |
The nrf_cc3xx_mbedcrypto_kmu APIs can be utilized to directly use or derive keys from KMU or KDR in ARM CryptoCell devices.
1.12.0