Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: TYBLE16_simple_data_logger TYBLE16_MP3_Air
Secure Element Asymmetric Cryptography
Since the amount of data that can (or should) be encrypted or signed using asymmetric keys is limited by the key size, asymmetric key operations using keys in a secure element must be done in single function calls. More...
Data Structures | |
| struct | psa_drv_se_asymmetric_t |
| A struct containing all of the function pointers needed to implement asymmetric cryptographic operations using secure elements. More... | |
Typedefs | |
| typedef psa_status_t(* | psa_drv_se_asymmetric_sign_t )(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, uint8_t *p_signature, size_t signature_size, size_t *p_signature_length) |
| A function that signs a hash or short message with a private key in a secure element. | |
| typedef psa_status_t(* | psa_drv_se_asymmetric_verify_t )(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, const uint8_t *p_signature, size_t signature_length) |
| A function that verifies the signature a hash or short message using an asymmetric public key in a secure element. | |
| typedef psa_status_t(* | psa_drv_se_asymmetric_encrypt_t )(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length) |
| A function that encrypts a short message with an asymmetric public key in a secure element. | |
| typedef psa_status_t(* | psa_drv_se_asymmetric_decrypt_t )(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length) |
| A function that decrypts a short message with an asymmetric private key in a secure element. | |
Detailed Description
Since the amount of data that can (or should) be encrypted or signed using asymmetric keys is limited by the key size, asymmetric key operations using keys in a secure element must be done in single function calls.
Typedef Documentation
| typedef psa_status_t(* psa_drv_se_asymmetric_decrypt_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length) |
A function that decrypts a short message with an asymmetric private key in a secure element.
- Parameters:
-
[in,out] drv_context The driver context structure. [in] key_slot Key slot of an asymmetric key pair [in] alg An asymmetric encryption algorithm that is compatible with the type of `key` [in] p_input The message to decrypt [in] input_length Size of the `p_input` buffer in bytes [in] p_salt A salt or label, if supported by the encryption algorithm If the algorithm does not support a salt, pass `NULL`. If the algorithm supports an optional salt and you do not want to pass a salt, pass `NULL`. For PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is supported. [in] salt_length Size of the `p_salt` buffer in bytes If `p_salt` is `NULL`, pass 0. [out] p_output Buffer where the decrypted message is to be written [in] output_size Size of the `p_output` buffer in bytes [out] p_output_length On success, the number of bytes that make up the returned output
- Return values:
-
PSA_SUCCESS
Definition at line 660 of file crypto_se_driver.h.
| typedef psa_status_t(* psa_drv_se_asymmetric_encrypt_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length) |
A function that encrypts a short message with an asymmetric public key in a secure element.
- Parameters:
-
[in,out] drv_context The driver context structure. [in] key_slot Key slot of a public key or an asymmetric key pair [in] alg An asymmetric encryption algorithm that is compatible with the type of `key` [in] p_input The message to encrypt [in] input_length Size of the `p_input` buffer in bytes [in] p_salt A salt or label, if supported by the encryption algorithm If the algorithm does not support a salt, pass `NULL`. If the algorithm supports an optional salt and you do not want to pass a salt, pass `NULL`. For PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is supported. [in] salt_length Size of the `p_salt` buffer in bytes If `p_salt` is `NULL`, pass 0. [out] p_output Buffer where the encrypted message is to be written [in] output_size Size of the `p_output` buffer in bytes [out] p_output_length On success, the number of bytes that make up the returned output
- Return values:
-
PSA_SUCCESS
Definition at line 620 of file crypto_se_driver.h.
| typedef psa_status_t(* psa_drv_se_asymmetric_sign_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, uint8_t *p_signature, size_t signature_size, size_t *p_signature_length) |
A function that signs a hash or short message with a private key in a secure element.
- Parameters:
-
[in,out] drv_context The driver context structure. [in] key_slot Key slot of an asymmetric key pair [in] alg A signature algorithm that is compatible with the type of `key` [in] p_hash The hash to sign [in] hash_length Size of the `p_hash` buffer in bytes [out] p_signature Buffer where the signature is to be written [in] signature_size Size of the `p_signature` buffer in bytes [out] p_signature_length On success, the number of bytes that make up the returned signature value
- Return values:
-
PSA_SUCCESS
Definition at line 556 of file crypto_se_driver.h.
| typedef psa_status_t(* psa_drv_se_asymmetric_verify_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, const uint8_t *p_signature, size_t signature_length) |
A function that verifies the signature a hash or short message using an asymmetric public key in a secure element.
- Parameters:
-
[in,out] drv_context The driver context structure. [in] key_slot Key slot of a public key or an asymmetric key pair [in] alg A signature algorithm that is compatible with the type of `key` [in] p_hash The hash whose signature is to be verified [in] hash_length Size of the `p_hash` buffer in bytes [in] p_signature Buffer containing the signature to verify [in] signature_length Size of the `p_signature` buffer in bytes
- Return values:
-
PSA_SUCCESS The signature is valid.
Definition at line 582 of file crypto_se_driver.h.
Generated on Tue Jul 12 2022 13:55:24 by
1.7.2