Key handling#
Secure Engine key handling API.
API for using cryptographic keys with the SE. Contains functionality to generate, import and export keys to and from protected types like wrapped or volatile keys.
Modules#
sl_se_custom_weierstrass_prime_domain_t
Typedefs#
Supported key types.
Key storage method.
Internal SE key slot.
Functions#
Validate key descriptor.
Generate a random key adhering to the given key descriptor.
Import a key using the SE.
Export a volatile or wrapped key back to plaintext.
Transfer a volatile or wrapped key to another protected storage.
Export the public part of an ECC keypair.
Delete a key from a volatile SE storage slot.
Returns the required storage size for the given key.
Macros#
Asymmetric key can only be used for signing (not key exchange)
Described key belongs to a custom ECC domain.
Storage buffer contains public part of an asymmetric key.
Storage buffer contains private part of an asymmetric key.
Allow usage of this key by other bus masters or TrustZone levels than the one which created/imported the key.
Old definition. Retained for backwards compatibility.
Do not allow exporting the key to plaintext.
Indicate that the key has been generated by this device.
Indicate that the key can only be used to sign SE generated content.
Mask for algorithm field in key type.
Offset of algorithm field in key type.
Mask for attributes field in key type.
Offset of attributes field in key type.
Symmetric key type.
Symmetric key type for AES-128 (16 byte key)
Symmetric key type for AES-192 (24 byte key)
Symmetric key type for AES-256 (32 byte key)
ECC Weierstrass Prime key type.
ECC Montgomery key type.
EDDSA key type.
ECC NIST P-192.
ECC NIST P-224.
ECC NIST P-256.
ECC Ed25519 key for EdDSA.
ECC X25519 key for ECDH.
Symmetric key type for ChaCha20.
ECC NIST P-384.
ECC NIST P-521.
ECC X448 key for ECDH.
ECC Ed448 key for EdDSA.
Key storage methods.
Key is stored encrypted in application memory.
Key is stored inside the SE, and will persist until system reset or explicitly deleted.
Key is one of the pre-defined keys (pre-loaded or write-once) available in the SE.
List of available internal SE key slots.
Internal volatile slot 1.
Internal volatile slot 2.
Internal volatile slot 3.
Minimum key slot value for internal keys.
Internal TrustZone root key.
Internal immutable application secure debug key.
Internal immutable application AES-128 key (bootloader key)
Internal immutable application secure boot key.
Internal immutable application attestation key.
Internal immutable SE attestation key.
Size overhead for wrapped keys.
Typedef Documentation#
sl_se_key_type_t#
typedef uint32_t sl_se_key_type_t
Supported key types.
211
of file platform/security/sl_component/se_manager/inc/sl_se_manager_types.h
sl_se_storage_method_t#
typedef uint32_t sl_se_storage_method_t
Key storage method.
Can have one of SL_SE_KEY_STORAGE_EXTERNAL_PLAINTEXT, SL_SE_KEY_STORAGE_EXTERNAL_WRAPPED, SL_SE_KEY_STORAGE_INTERNAL_VOLATILE or SL_SE_KEY_STORAGE_INTERNAL_IMMUTABLE.
217
of file platform/security/sl_component/se_manager/inc/sl_se_manager_types.h
sl_se_key_slot_t#
typedef uint32_t sl_se_key_slot_t
Internal SE key slot.
220
of file platform/security/sl_component/se_manager/inc/sl_se_manager_types.h
Function Documentation#
sl_se_validate_key#
sl_status_t sl_se_validate_key (const sl_se_key_descriptor_t * key)
Validate key descriptor.
[in] | key | The key to validate. |
Takes a key descriptor and checks if all required properties have been set for the specific key type.
Returns
Status code, sl_status.h.
80
of file platform/security/sl_component/se_manager/inc/sl_se_manager_key_handling.h
sl_se_generate_key#
sl_status_t sl_se_generate_key (sl_se_command_context_t * cmd_ctx, const sl_se_key_descriptor_t * key_out)
Generate a random key adhering to the given key descriptor.
[in] | cmd_ctx | Pointer to an SE command context object. |
[in] | key_out | Description of the key to generate. Sets key parameters and describes the storage location for the key. |
The SE takes a key descriptor and generates a key with the given properties in the location specified by the descriptor.
If the key size is not aligned to a multiple of words the key representation is padded in front of the key.
Returns
Status code, sl_status.h.
103
of file platform/security/sl_component/se_manager/inc/sl_se_manager_key_handling.h
sl_se_import_key#
sl_status_t sl_se_import_key (sl_se_command_context_t * cmd_ctx, const sl_se_key_descriptor_t * key_in, const sl_se_key_descriptor_t * key_out)
Import a key using the SE.
[in] | cmd_ctx | Pointer to an SE command context object. |
[in] | key_in | A plaintext key. |
[in] | key_out | Either a volatile or a wrapped key with similar properties as key_in. |
Protect a key using the SE. Import a plaintext key and store it either in a volatile slot or as a wrapped key.
Returns
Status code, sl_status.h.
126
of file platform/security/sl_component/se_manager/inc/sl_se_manager_key_handling.h
sl_se_export_key#
sl_status_t sl_se_export_key (sl_se_command_context_t * cmd_ctx, const sl_se_key_descriptor_t * key_in, const sl_se_key_descriptor_t * key_out)
Export a volatile or wrapped key back to plaintext.
[in] | cmd_ctx | Pointer to an SE command context object. |
[in] | key_in | Either a volatile or a wrapped key with similar properties as key_out. |
[in] | key_out | The exported key in plaintext. |
Attempt to have the SE export a volatile or wrapped key back to plaintext if allowed.
Returns
Status code, sl_status.h. SL_STATUS_INVALID_PARAMETER if key does not exist.
151
of file platform/security/sl_component/se_manager/inc/sl_se_manager_key_handling.h
sl_se_transfer_key#
sl_status_t sl_se_transfer_key (sl_se_command_context_t * cmd_ctx, const sl_se_key_descriptor_t * key_in, const sl_se_key_descriptor_t * key_out)
Transfer a volatile or wrapped key to another protected storage.
[in] | cmd_ctx | Pointer to an SE command context object. |
[in] | key_in | Either a volatile or a wrapped key with similar properties as key_out. |
[in] | key_out | Either a volatile or a wrapped key with similar properties as key_in. |
Attempt to have the SE transfer a volatile or wrapped key if allowed.
Note
The key stored in the source protected storage will not be deleted.
Transferring a key between the same volatile slot is not allowed.
Returns
Status code, sl_status.h. SL_STATUS_INVALID_PARAMETER if key does not exist.
180
of file platform/security/sl_component/se_manager/inc/sl_se_manager_key_handling.h
sl_se_export_public_key#
sl_status_t sl_se_export_public_key (sl_se_command_context_t * cmd_ctx, const sl_se_key_descriptor_t * key_in, const sl_se_key_descriptor_t * key_out)
Export the public part of an ECC keypair.
[in] | cmd_ctx | Pointer to an SE command context object. |
[in] | key_in | An asymmetric key with either a private or public part. |
[out] | key_out | Describes output key parameters. Should only be set to contain the public part of the key. |
The output key must be specified to only contain a public key.
Returns
Status code, sl_status.h.
204
of file platform/security/sl_component/se_manager/inc/sl_se_manager_key_handling.h
sl_se_delete_key#
sl_status_t sl_se_delete_key (sl_se_command_context_t * cmd_ctx, const sl_se_key_descriptor_t * key)
Delete a key from a volatile SE storage slot.
[in] | cmd_ctx | Pointer to an SE command context object. |
[in] | key | Key to delete. |
The given key will be removed from the SE. The key descriptor is not modified and can be used to generate a new key without any updates.
Returns
Status code, sl_status.h.
225
of file platform/security/sl_component/se_manager/inc/sl_se_manager_key_handling.h
sl_se_get_storage_size#
sl_status_t sl_se_get_storage_size (const sl_se_key_descriptor_t * key, uint32_t * storage_size)
Returns the required storage size for the given key.
[in] | key | The sl_se_key_descriptor_t to find the required storage size for. |
[out] | storage_size | The required storage size in bytes. |
Finds the total storage size required for a given key. This includes storage for the public and private part of asymmetric keys, as well as overhead for wrapping keys.
Returns
Status code, sl_status.h.
246
of file platform/security/sl_component/se_manager/inc/sl_se_manager_key_handling.h
Macro Definition Documentation#
SL_SE_KEY_FLAG_ASYMMETRIC_SIGNING_ONLY#
#define SL_SE_KEY_FLAG_ASYMMETRIC_SIGNING_ONLYValue:
(1UL << 10)
Asymmetric key can only be used for signing (not key exchange)
115
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_FLAG_ASYMMETRIC_USES_CUSTOM_DOMAIN#
#define SL_SE_KEY_FLAG_ASYMMETRIC_USES_CUSTOM_DOMAINValue:
(1UL << 12)
Described key belongs to a custom ECC domain.
117
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PUBLIC_KEY#
#define SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PUBLIC_KEYValue:
(1UL << 13)
Storage buffer contains public part of an asymmetric key.
119
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PRIVATE_KEY#
#define SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PRIVATE_KEYValue:
(1UL << 14)
Storage buffer contains private part of an asymmetric key.
121
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_FLAG_ALLOW_ANY_ACCESS#
#define SL_SE_KEY_FLAG_ALLOW_ANY_ACCESSValue:
(1UL << 15)
Allow usage of this key by other bus masters or TrustZone levels than the one which created/imported the key.
124
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_FLAG_ASYMMMETRIC_SIGNING_ONLY#
#define SL_SE_KEY_FLAG_ASYMMMETRIC_SIGNING_ONLYValue:
(SL_SE_KEY_FLAG_ASYMMETRIC_SIGNING_ONLY)
Old definition. Retained for backwards compatibility.
126
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_FLAG_NON_EXPORTABLE#
#define SL_SE_KEY_FLAG_NON_EXPORTABLEValue:
(1UL << 24)
Do not allow exporting the key to plaintext.
130
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_FLAG_IS_DEVICE_GENERATED#
#define SL_SE_KEY_FLAG_IS_DEVICE_GENERATEDValue:
(1UL << 25)
Indicate that the key has been generated by this device.
This flag is only valid when using the SE to generate a key and makes it non-exportable.
133
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_FLAG_IS_RESTRICTED#
#define SL_SE_KEY_FLAG_IS_RESTRICTEDValue:
(1UL << 25 | 1UL << 24)
Indicate that the key can only be used to sign SE generated content.
This flag is only valid when using the SE to generate a key and makes it non-exportable.
137
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_ALGORITHM_MASK#
#define SL_SE_KEY_TYPE_ALGORITHM_MASKValue:
0xf0000000
Mask for algorithm field in key type.
140
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_ALGORITHM_OFFSET#
#define SL_SE_KEY_TYPE_ALGORITHM_OFFSETValue:
28
Offset of algorithm field in key type.
142
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_ATTRIBUTES_MASK#
#define SL_SE_KEY_TYPE_ATTRIBUTES_MASKValue:
0x00007fff
Mask for attributes field in key type.
144
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_ATTRIBUTES_OFFSET#
#define SL_SE_KEY_TYPE_ATTRIBUTES_OFFSETValue:
0
Offset of attributes field in key type.
146
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_SYMMETRIC#
#define SL_SE_KEY_TYPE_SYMMETRICValue:
0x00000000
Symmetric key type.
149
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_AES_128#
#define SL_SE_KEY_TYPE_AES_128Value:
0x00000010
Symmetric key type for AES-128 (16 byte key)
151
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_AES_192#
#define SL_SE_KEY_TYPE_AES_192Value:
0x00000018
Symmetric key type for AES-192 (24 byte key)
153
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_AES_256#
#define SL_SE_KEY_TYPE_AES_256Value:
0x00000020
Symmetric key type for AES-256 (32 byte key)
155
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_ECC_WEIERSTRASS_PRIME_CUSTOM#
#define SL_SE_KEY_TYPE_ECC_WEIERSTRASS_PRIME_CUSTOMValue:
(0x8U << SL_SE_KEY_TYPE_ALGORITHM_OFFSET)
ECC Weierstrass Prime key type.
158
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_ECC_MONTGOMERY#
#define SL_SE_KEY_TYPE_ECC_MONTGOMERYValue:
(0xbU << SL_SE_KEY_TYPE_ALGORITHM_OFFSET)
ECC Montgomery key type.
160
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_ECC_EDDSA#
#define SL_SE_KEY_TYPE_ECC_EDDSAValue:
(0xcU << SL_SE_KEY_TYPE_ALGORITHM_OFFSET)
EDDSA key type.
162
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_ECC_P192#
#define SL_SE_KEY_TYPE_ECC_P192Value:
(SL_SE_KEY_TYPE_ECC_WEIERSTRASS_PRIME_CUSTOM | (0x18))
ECC NIST P-192.
165
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_ECC_P224#
#define SL_SE_KEY_TYPE_ECC_P224Value:
(SL_SE_KEY_TYPE_ECC_WEIERSTRASS_PRIME_CUSTOM | (0x1C))
ECC NIST P-224.
167
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_ECC_P256#
#define SL_SE_KEY_TYPE_ECC_P256Value:
(SL_SE_KEY_TYPE_ECC_WEIERSTRASS_PRIME_CUSTOM | (0x20))
ECC NIST P-256.
169
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_ECC_ED25519#
#define SL_SE_KEY_TYPE_ECC_ED25519Value:
(SL_SE_KEY_TYPE_ECC_EDDSA | (0x20))
ECC Ed25519 key for EdDSA.
172
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_ECC_X25519#
#define SL_SE_KEY_TYPE_ECC_X25519Value:
(SL_SE_KEY_TYPE_ECC_MONTGOMERY | (0x20))
ECC X25519 key for ECDH.
175
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_CHACHA20#
#define SL_SE_KEY_TYPE_CHACHA20Value:
0x00000020
Symmetric key type for ChaCha20.
179
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_ECC_P384#
#define SL_SE_KEY_TYPE_ECC_P384Value:
(SL_SE_KEY_TYPE_ECC_WEIERSTRASS_PRIME_CUSTOM | (0x30))
ECC NIST P-384.
182
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_ECC_P521#
#define SL_SE_KEY_TYPE_ECC_P521Value:
(SL_SE_KEY_TYPE_ECC_WEIERSTRASS_PRIME_CUSTOM | (0x42))
ECC NIST P-521.
184
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_ECC_X448#
#define SL_SE_KEY_TYPE_ECC_X448Value:
(SL_SE_KEY_TYPE_ECC_MONTGOMERY | (0x38))
ECC X448 key for ECDH.
187
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_TYPE_ECC_ED448#
#define SL_SE_KEY_TYPE_ECC_ED448Value:
(SL_SE_KEY_TYPE_ECC_EDDSA | (0x38))
ECC Ed448 key for EdDSA.
190
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_STORAGE_EXTERNAL_PLAINTEXT#
#define SL_SE_KEY_STORAGE_EXTERNAL_PLAINTEXTValue:
0x00
Key storage methods.
Key is stored in a plaintext buffer in application memory. Application can save its in-memory buffer to non-volatile memory as needed to provide key persistence.
199
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_STORAGE_EXTERNAL_WRAPPED#
#define SL_SE_KEY_STORAGE_EXTERNAL_WRAPPEDValue:
0x01
Key is stored encrypted in application memory.
This ensures the key in wrapped form is only usable on a specific device. If the key additionally needs to be prevented from ever being output as plaintext, also set the corresponding permission bit. Application can save its in-memory buffer to non-volatile memory as needed to provide key persistence. Keys stored in this way should use the flag SL_SE_KEY_FLAG_NON_EXPORTABLE unless there is a specific need to access the key value outside the SE.
210
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_STORAGE_INTERNAL_VOLATILE#
#define SL_SE_KEY_STORAGE_INTERNAL_VOLATILEValue:
0x02
Key is stored inside the SE, and will persist until system reset or explicitly deleted.
Keys stored in this way should use the flag SL_SE_KEY_FLAG_NON_EXPORTABLE unless there is a specific need to access the key value outside the SE.
216
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_STORAGE_INTERNAL_IMMUTABLE#
#define SL_SE_KEY_STORAGE_INTERNAL_IMMUTABLEValue:
0x03
Key is one of the pre-defined keys (pre-loaded or write-once) available in the SE.
See documentation for a list of available keys.
220
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_SLOT_VOLATILE_0#
#define SL_SE_KEY_SLOT_VOLATILE_0Value:
0x00
List of available internal SE key slots.
Internal volatile slot 0
224
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_SLOT_VOLATILE_1#
#define SL_SE_KEY_SLOT_VOLATILE_1Value:
0x01
Internal volatile slot 1.
225
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_SLOT_VOLATILE_2#
#define SL_SE_KEY_SLOT_VOLATILE_2Value:
0x02
Internal volatile slot 2.
226
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_SLOT_VOLATILE_3#
#define SL_SE_KEY_SLOT_VOLATILE_3Value:
0x03
Internal volatile slot 3.
227
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_SLOT_INTERNAL_MIN#
#define SL_SE_KEY_SLOT_INTERNAL_MINValue:
0xF7
Minimum key slot value for internal keys.
237
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_SLOT_TRUSTZONE_ROOT_KEY#
#define SL_SE_KEY_SLOT_TRUSTZONE_ROOT_KEYValue:
0xF7
Internal TrustZone root key.
240
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_SLOT_APPLICATION_SECURE_DEBUG_KEY#
#define SL_SE_KEY_SLOT_APPLICATION_SECURE_DEBUG_KEYValue:
0xF8
Internal immutable application secure debug key.
242
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_SLOT_APPLICATION_AES_128_KEY#
#define SL_SE_KEY_SLOT_APPLICATION_AES_128_KEYValue:
0xFA
Internal immutable application AES-128 key (bootloader key)
244
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_SLOT_APPLICATION_SECURE_BOOT_KEY#
#define SL_SE_KEY_SLOT_APPLICATION_SECURE_BOOT_KEYValue:
0xFC
Internal immutable application secure boot key.
246
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_SLOT_APPLICATION_ATTESTATION_KEY#
#define SL_SE_KEY_SLOT_APPLICATION_ATTESTATION_KEYValue:
0xFE
Internal immutable application attestation key.
248
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SL_SE_KEY_SLOT_SE_ATTESTATION_KEY#
#define SL_SE_KEY_SLOT_SE_ATTESTATION_KEYValue:
0xFF
Internal immutable SE attestation key.
250
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h
SLI_SE_WRAPPED_KEY_OVERHEAD#
#define SLI_SE_WRAPPED_KEY_OVERHEADValue:
(12 + 16)
Size overhead for wrapped keys.
253
of file platform/security/sl_component/se_manager/inc/sl_se_manager_defines.h