Key Derivation#
Key Derivation extensions to the PSA Crypto API.
Functions#
Perform a single-shot key derivation operation and output the resulting key.
Function Documentation#
sl_psa_key_derivation_single_shot#
psa_status_t sl_psa_key_derivation_single_shot (psa_algorithm_t alg, mbedtls_svc_key_id_t key_in, const uint8_t * info, size_t info_length, const uint8_t * salt, size_t salt_length, size_t iterations, const psa_key_attributes_t * key_out_attributes, mbedtls_svc_key_id_t * key_out)
Perform a single-shot key derivation operation and output the resulting key.
| N/A | alg | The key derivation algorithm to compute ( |
| N/A | key_in | Identifier of the secret key to input to the operation. It must allow the usage PSA_KEY_USAGE_DERIVE and be of a symmetric type. |
| [in] | info | A context- and application specific information string. Only used for HKDF, but can be omitted. |
| N/A | info_length | The length of the provided info in bytes. |
| [in] | salt | An optional salt value (a non-secret random value). Used for both HKDF and PBKDF2. Recommended for PBKDF2. |
| N/A | salt_length | The length of the provided salt in bytes. |
| N/A | iterations | The number of iterations to use. Maximum supported value is 16384. Only used for PBKDF2. |
| [in] | key_out_attributes | The attributes for the new key output by the derivation operation. The key must be of a symmetric type. |
| [out] | key_out | The identifier of the new key output by the derivation operation. |
This function supports HKDF and PBKDF2.
Note
PBKDF2-CMAC is not suported on xG21
PBKDF2-CMAC is only KDF supported for xG27
This function obtains its secret input from a key object, and any additional inputs such as buffers and integers. The output of this function is a key object containing the output of the selected key derivation function.
164 of file platform/security/sl_component/sl_mbedtls_support/inc/sl_psa_crypto.h