Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
CryptoCell Key Derivation APIs
Enumeration Type Documentation
Key derivation modes.
- Enumerator:
Definition at line 93 of file crys_kdf.h.
HASH operation modes
- Enumerator:
Definition at line 73 of file crys_kdf.h.
Function Documentation
CIMPORT_C CRYSError_t CRYS_KDF_KeyDerivFunc | ( | uint8_t * | ZZSecret_ptr, |
uint32_t | ZZSecretSize, | ||
CRYS_KDF_OtherInfo_t * | OtherInfo_ptr, | ||
CRYS_KDF_HASH_OpMode_t | KDFhashMode, | ||
CRYS_KDF_DerivFuncMode_t | derivation_mode, | ||
uint8_t * | KeyingData_ptr, | ||
uint32_t | KeyingDataSizeBytes | ||
) |
CRYS_KDF_KeyDerivFunc performs key derivation according to one of the modes defined in standards: ANS X9.42-2001, ANS X9.63, ISO/IEC 18033-2.
The present implementation of the function allows the following operation modes:
- CRYS_KDF_ASN1_DerivMode - mode based on ASN.1 DER encoding;
- CRYS_KDF_ConcatDerivMode - mode based on concatenation;
- CRYS_KDF_X963_DerivMode = CRYS_KDF_ConcatDerivMode;
- CRYS_KDF_ISO18033_KDF1_DerivMode - specific mode according to ECIES-KEM algorithm (ISO/IEC 18033-2).
The purpose of this function is to derive a keying data from the shared secret value and some other optional shared information (SharedInfo).
- Note:
- The length in Bytes of the hash result buffer is denoted by "hashlen".
-
All buffers arguments are represented in Big-Endian format.
- Returns:
- CRYS_OK on success.
- A non-zero value on failure as defined crys_kdf_error.h or crys_hash_error.h.
- Parameters:
-
[in] ZZSecret_ptr A pointer to shared secret value octet string. [in] ZZSecretSize The size of the shared secret value in bytes. The maximal size is defined as: CRYS_KDF_MAX_SIZE_OF_SHARED_SECRET_VALUE. [in] OtherInfo_ptr The pointer to structure, containing the data, shared by two entities of agreement and the data sizes. This argument may be optional in several modes (if it is not needed - set NULL). On two ISO/IEC 18033-2 modes - set NULL. On KDF ASN1 mode the OtherInfo and its AlgorithmID entry are mandatory. [in] KDFhashMode The KDF identifier of hash function to be used. The hash function output must be at least 160 bits. [in] derivation_mode Specifies one of above described derivation modes. [out] KeyingData_ptr A pointer to the buffer for derived keying data. [in] KeyingDataSizeBytes The size in bytes of the keying data to be derived. The maximal size is defined as: CRYS_KDF_MAX_SIZE_OF_KEYING_DATA.
Generated on Tue Jul 12 2022 12:46:37 by
