Loading...
Searching...
No Matches
Secure Element Asymmetric Cryptography

Detailed Description

Since the amount of data that can (or should) be encrypted or signed using asymmetric keys is limited by the key size, asymmetric key operations using keys in a secure element must be done in single function calls.

Data Structures

struct  psa_drv_se_asymmetric_t
 A struct containing all of the function pointers needed to implement asymmetric cryptographic operations using secure elements. More...
 

Typedefs

typedef psa_status_t(* psa_drv_se_asymmetric_sign_t) (psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, uint8_t *p_signature, size_t signature_size, size_t *p_signature_length)
 A function that signs a hash or short message with a private key in a secure element.
 
typedef psa_status_t(* psa_drv_se_asymmetric_verify_t) (psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, const uint8_t *p_signature, size_t signature_length)
 A function that verifies the signature a hash or short message using an asymmetric public key in a secure element.
 
typedef psa_status_t(* psa_drv_se_asymmetric_encrypt_t) (psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length)
 A function that encrypts a short message with an asymmetric public key in a secure element.
 
typedef psa_status_t(* psa_drv_se_asymmetric_decrypt_t) (psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length)
 A function that decrypts a short message with an asymmetric private key in a secure element.
 

Typedef Documentation

◆ psa_drv_se_asymmetric_decrypt_t

typedef psa_status_t(* psa_drv_se_asymmetric_decrypt_t) (psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length)

A function that decrypts a short message with an asymmetric private key in a secure element.

Parameters
drv_contextThe driver context structure.
key_slotKey slot of an asymmetric key pair
algAn asymmetric encryption algorithm that is compatible with the type of key
p_inputThe message to decrypt
input_lengthSize of the p_input buffer in bytes
p_saltA salt or label, if supported by the encryption algorithm If the algorithm does not support a salt, pass NULL. If the algorithm supports an optional salt and you do not want to pass a salt, pass NULL. For PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is supported.
salt_lengthSize of the p_salt buffer in bytes If p_salt is NULL, pass 0.
p_outputBuffer where the decrypted message is to be written
output_sizeSize of the p_output buffer in bytes
p_output_lengthOn success, the number of bytes that make up the returned output
Returns
PSA_SUCCESS

Definition at line 671 of file psa_crypto_se_driver.h.

◆ psa_drv_se_asymmetric_encrypt_t

typedef psa_status_t(* psa_drv_se_asymmetric_encrypt_t) (psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length)

A function that encrypts a short message with an asymmetric public key in a secure element.

Parameters
drv_contextThe driver context structure.
key_slotKey slot of a public key or an asymmetric key pair
algAn asymmetric encryption algorithm that is compatible with the type of key
p_inputThe message to encrypt
input_lengthSize of the p_input buffer in bytes
p_saltA salt or label, if supported by the encryption algorithm If the algorithm does not support a salt, pass NULL. If the algorithm supports an optional salt and you do not want to pass a salt, pass NULL. For PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is supported.
salt_lengthSize of the p_salt buffer in bytes If p_salt is NULL, pass 0.
p_outputBuffer where the encrypted message is to be written
output_sizeSize of the p_output buffer in bytes
p_output_lengthOn success, the number of bytes that make up the returned output
Returns
PSA_SUCCESS

Definition at line 631 of file psa_crypto_se_driver.h.

◆ psa_drv_se_asymmetric_sign_t

typedef psa_status_t(* psa_drv_se_asymmetric_sign_t) (psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, uint8_t *p_signature, size_t signature_size, size_t *p_signature_length)

A function that signs a hash or short message with a private key in a secure element.

Parameters
drv_contextThe driver context structure.
key_slotKey slot of an asymmetric key pair
algA signature algorithm that is compatible with the type of key
p_hashThe hash to sign
hash_lengthSize of the p_hash buffer in bytes
p_signatureBuffer where the signature is to be written
signature_sizeSize of the p_signature buffer in bytes
p_signature_lengthOn success, the number of bytes that make up the returned signature value
Returns
PSA_SUCCESS

Definition at line 569 of file psa_crypto_se_driver.h.

◆ psa_drv_se_asymmetric_verify_t

typedef psa_status_t(* psa_drv_se_asymmetric_verify_t) (psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, const uint8_t *p_signature, size_t signature_length)

A function that verifies the signature a hash or short message using an asymmetric public key in a secure element.

Parameters
drv_contextThe driver context structure.
key_slotKey slot of a public key or an asymmetric key pair
algA signature algorithm that is compatible with the type of key
p_hashThe hash whose signature is to be verified
hash_lengthSize of the p_hash buffer in bytes
p_signatureBuffer containing the signature to verify
signature_lengthSize of the p_signature buffer in bytes
Returns
PSA_SUCCESS The signature is valid.

Definition at line 594 of file psa_crypto_se_driver.h.