Knight KE / Mbed OS Game_Master
Embed: (wiki syntax)

« Back to documentation index

CryptoCell Key Derivation APIs

CryptoCell Key Derivation APIs

Data Structures

struct  CRYS_KDF_OtherInfo_t

Modules

 CryptoCell Key Derivation specific errors

Enumerations

enum  CRYS_KDF_HASH_OpMode_t {
  CRYS_KDF_HASH_SHA1_mode = 0, CRYS_KDF_HASH_SHA224_mode = 1, CRYS_KDF_HASH_SHA256_mode = 2, CRYS_KDF_HASH_SHA384_mode = 3,
  CRYS_KDF_HASH_SHA512_mode = 4, CRYS_KDF_HASH_NumOfModes, CRYS_KDF_HASH_OpModeLast = 0x7FFFFFFF
}
enum  CRYS_KDF_DerivFuncMode_t {
  CRYS_KDF_ASN1_DerivMode = 0, CRYS_KDF_ConcatDerivMode = 1, CRYS_KDF_X963_DerivMode = CRYS_KDF_ConcatDerivMode, CRYS_KDF_ISO18033_KDF1_DerivMode = 3,
  CRYS_KDF_ISO18033_KDF2_DerivMode = 4, CRYS_KDF_DerivFunc_NumOfModes = 5, CRYS_KDF_DerivFuncModeLast = 0x7FFFFFFF
}

Functions

CIMPORT_C CRYSError_t CRYS_KDF_KeyDerivFunc (uint8_t *ZZSecret_ptr, uint32_t ZZSecretSize, CRYS_KDF_OtherInfo_t *OtherInfo_ptr, CRYS_KDF_HASH_OpMode_t KDFhashMode, CRYS_KDF_DerivFuncMode_t derivation_mode, uint8_t *KeyingData_ptr, uint32_t KeyingDataSizeBytes)
 CRYS_KDF_KeyDerivFunc performs key derivation according to one of the modes defined in standards: ANS X9.42-2001, ANS X9.63, ISO/IEC 18033-2.

Enumeration Type Documentation

Key derivation modes.

Enumerator:
CRYS_KDF_ASN1_DerivMode 

ASN1 key derivation mode.

CRYS_KDF_ConcatDerivMode 

Concatination key derivation mode.

CRYS_KDF_X963_DerivMode 

X963 key derivation mode.

CRYS_KDF_ISO18033_KDF1_DerivMode 

ISO 18033 KDF1 key derivation mode.

CRYS_KDF_ISO18033_KDF2_DerivMode 

ISO 18033 KDF2 key derivation mode.

CRYS_KDF_DerivFunc_NumOfModes 

Maximal number of key derivation modes.

CRYS_KDF_DerivFuncModeLast 

Reserved.

Definition at line 93 of file crys_kdf.h.

HASH operation modes

Enumerator:
CRYS_KDF_HASH_SHA1_mode 

SHA1 mode.

CRYS_KDF_HASH_SHA224_mode 

SHA224 mode.

CRYS_KDF_HASH_SHA256_mode 

SHA256 mode.

CRYS_KDF_HASH_SHA384_mode 

SHA384 mode.

CRYS_KDF_HASH_SHA512_mode 

SHA512 mode.

CRYS_KDF_HASH_NumOfModes 

Maximal number of HASH modes.

CRYS_KDF_HASH_OpModeLast 

Reserved.

Definition at line 73 of file crys_kdf.h.


Function Documentation

CIMPORT_C CRYSError_t CRYS_KDF_KeyDerivFunc ( uint8_t *  ZZSecret_ptr,
uint32_t  ZZSecretSize,
CRYS_KDF_OtherInfo_t OtherInfo_ptr,
CRYS_KDF_HASH_OpMode_t  KDFhashMode,
CRYS_KDF_DerivFuncMode_t  derivation_mode,
uint8_t *  KeyingData_ptr,
uint32_t  KeyingDataSizeBytes 
)

CRYS_KDF_KeyDerivFunc performs key derivation according to one of the modes defined in standards: ANS X9.42-2001, ANS X9.63, ISO/IEC 18033-2.

The present implementation of the function allows the following operation modes:

  • CRYS_KDF_ASN1_DerivMode - mode based on ASN.1 DER encoding;
  • CRYS_KDF_ConcatDerivMode - mode based on concatenation;
  • CRYS_KDF_X963_DerivMode = CRYS_KDF_ConcatDerivMode;
  • CRYS_KDF_ISO18033_KDF1_DerivMode - specific mode according to ECIES-KEM algorithm (ISO/IEC 18033-2).

The purpose of this function is to derive a keying data from the shared secret value and some other optional shared information (SharedInfo).

Note:
  • The length in Bytes of the hash result buffer is denoted by "hashlen".
  • All buffers arguments are represented in Big-Endian format.

Returns:
CRYS_OK on success.
A non-zero value on failure as defined crys_kdf_error.h or crys_hash_error.h.
Parameters:
[in]ZZSecret_ptrA pointer to shared secret value octet string.
[in]ZZSecretSizeThe size of the shared secret value in bytes. The maximal size is defined as: CRYS_KDF_MAX_SIZE_OF_SHARED_SECRET_VALUE.
[in]OtherInfo_ptrThe pointer to structure, containing the data, shared by two entities of agreement and the data sizes. This argument may be optional in several modes (if it is not needed - set NULL). On two ISO/IEC 18033-2 modes - set NULL. On KDF ASN1 mode the OtherInfo and its AlgorithmID entry are mandatory.
[in]KDFhashModeThe KDF identifier of hash function to be used. The hash function output must be at least 160 bits.
[in]derivation_modeSpecifies one of above described derivation modes.
[out]KeyingData_ptrA pointer to the buffer for derived keying data.
[in]KeyingDataSizeBytesThe size in bytes of the keying data to be derived. The maximal size is defined as: CRYS_KDF_MAX_SIZE_OF_KEYING_DATA.