Secure Element Asymmetric Cryptography#
Since the amount of data that can (or should) be encrypted or signed using asymmetric keys is limited by the key size, asymmetric key operations using keys in a secure element must be done in single function calls.
Modules#
Typedefs#
A function that signs a hash or short message with a private key in a secure element.
A function that verifies the signature a hash or short message using an asymmetric public key in a secure element.
A function that encrypts a short message with an asymmetric public key in a secure element.
A function that decrypts a short message with an asymmetric private key in a secure element.
Typedef Documentation#
psa_drv_se_asymmetric_sign_t#
typedef psa_status_t(* psa_drv_se_asymmetric_sign_t) (psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, uint8_t *p_signature, size_t signature_size, size_t *p_signature_length) )(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, uint8_t *p_signature, size_t signature_size, size_t *p_signature_length)
A function that signs a hash or short message with a private key in a secure element.
| [inout] | drv_context | The driver context structure. |
| [in] | key_slot | Key slot of an asymmetric key pair |
| [in] | alg | A signature algorithm that is compatible with the type of |
| [in] | p_hash | The hash to sign |
| [in] | hash_length | Size of the |
| [out] | p_signature | Buffer where the signature is to be written |
| [in] | signature_size | Size of the |
| [out] | p_signature_length | On success, the number of bytes that make up the returned signature value |
559 of file util/third_party/mbedtls/include/psa/crypto_se_driver.hpsa_drv_se_asymmetric_verify_t#
typedef psa_status_t(* psa_drv_se_asymmetric_verify_t) (psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, const uint8_t *p_signature, size_t signature_length) )(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, const uint8_t *p_signature, size_t signature_length)
A function that verifies the signature a hash or short message using an asymmetric public key in a secure element.
| [inout] | drv_context | The driver context structure. |
| [in] | key_slot | Key slot of a public key or an asymmetric key pair |
| [in] | alg | A signature algorithm that is compatible with the type of |
| [in] | p_hash | The hash whose signature is to be verified |
| [in] | hash_length | Size of the |
| [in] | p_signature | Buffer containing the signature to verify |
| [in] | signature_length | Size of the |
585 of file util/third_party/mbedtls/include/psa/crypto_se_driver.hpsa_drv_se_asymmetric_encrypt_t#
typedef psa_status_t(* psa_drv_se_asymmetric_encrypt_t) (psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length) )(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length)
A function that encrypts a short message with an asymmetric public key in a secure element.
| [inout] | drv_context | The driver context structure. |
| [in] | key_slot | Key slot of a public key or an asymmetric key pair |
| [in] | alg | An asymmetric encryption algorithm that is compatible with the type of |
| [in] | p_input | The message to encrypt |
| [in] | input_length | Size of the |
| [in] | p_salt | A salt or label, if supported by the encryption algorithm If the algorithm does not support a salt, pass |
| [in] | salt_length | Size of the |
| [out] | p_output | Buffer where the encrypted message is to be written |
| [in] | output_size | Size of the |
| [out] | p_output_length | On success, the number of bytes that make up the returned output |
623 of file util/third_party/mbedtls/include/psa/crypto_se_driver.hpsa_drv_se_asymmetric_decrypt_t#
typedef psa_status_t(* psa_drv_se_asymmetric_decrypt_t) (psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length) )(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length)
A function that decrypts a short message with an asymmetric private key in a secure element.
| [inout] | drv_context | The driver context structure. |
| [in] | key_slot | Key slot of an asymmetric key pair |
| [in] | alg | An asymmetric encryption algorithm that is compatible with the type of |
| [in] | p_input | The message to decrypt |
| [in] | input_length | Size of the |
| [in] | p_salt | A salt or label, if supported by the encryption algorithm If the algorithm does not support a salt, pass |
| [in] | salt_length | Size of the |
| [out] | p_output | Buffer where the decrypted message is to be written |
| [in] | output_size | Size of the |
| [out] | p_output_length | On success, the number of bytes that make up the returned output |
663 of file util/third_party/mbedtls/include/psa/crypto_se_driver.h