Hardware-Accelerated Asymmetric Cryptography
Detailed Description
Since the amount of data that can (or should) be encrypted or signed using asymmetric keys is limited by the key size, hardware-accelerated asymmetric key operations must be done in single function calls.
Typedefs | |
typedef psa_status_t(* | psa_drv_accel_asymmetric_sign_t) (const uint8_t *p_key, size_t key_size, psa_algorithm_t alg, psa_key_type_t key_type, const uint8_t *p_hash, size_t hash_length, uint8_t *p_signature, size_t signature_size, size_t *p_signature_length) |
The function prototype for the hardware-accelerated asymmetric sign operation. | |
typedef psa_status_t(* | psa_drv_accel_asymmetric_verify_t) (const uint8_t *p_key, size_t key_size, psa_algorithm_t alg, psa_key_type_t key_type, const uint8_t *p_hash, size_t hash_length, const uint8_t *p_signature, size_t signature_length) |
The function prototype for the hardware-accelerated signature verify operation. | |
typedef psa_status_t(* | psa_drv_accel_asymmetric_encrypt_t) (const uint8_t *p_key, size_t key_size, psa_algorithm_t alg, psa_key_type_t key_type, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length) |
The function prototype for the hardware-accelerated asymmetric encrypt operation. | |
typedef psa_status_t(* | psa_drv_accel_asymmetric_decrypt_t) (const uint8_t *p_key, size_t key_size, psa_algorithm_t alg, psa_key_type_t key_type, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length) |
The function prototype for the hardware=acce;erated asymmetric decrypt operation. | |
Typedef Documentation
typedef psa_status_t(* psa_drv_accel_asymmetric_decrypt_t) (const uint8_t *p_key, size_t key_size, psa_algorithm_t alg, psa_key_type_t key_type, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length) |
The function prototype for the hardware=acce;erated asymmetric decrypt operation.
Functions that implement this prototype should be named in the following convention:
- ~~~~~~~~~~~~~{.c} psa_drv_accel_asymmetric_<ALGO>_decrypt
~~~~~~~~~~~~~ Where
ALGO
is the name of the encryption algorithmThis function supports any asymmetric-key output from psa_export_key() as the buffer in
p_key
. Refer to the documentation of psa_export_key() for the formats.- Parameters
-
[in] p_key
A buffer containing the private key material [in] key_size
The size in bytes of the p_key
data[in] alg
An asymmetric encryption algorithm that is compatible with the type of key
[in] p_input
The message to decrypt [in] input_length
Size of the p_input
buffer in bytes[in] p_salt
A salt or label, if supported by the encryption algorithm If the algorithm does not support a salt, pass NULL
. If the algorithm supports an optional salt and you do not want to pass a salt, passNULL
. For PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is supported[in] salt_length
Size of the p_salt
buffer in bytes Ifp_salt
isNULL
, pass 0[out] p_output
Buffer where the decrypted message is to be written [in] output_size
Size of the p_output
buffer in bytes[out] p_output_length
On success, the number of bytes that make up the returned output
- Return values
-
PSA_SUCCESS
Definition at line 805
of file crypto_accel_driver.h
.
typedef psa_status_t(* psa_drv_accel_asymmetric_encrypt_t) (const uint8_t *p_key, size_t key_size, psa_algorithm_t alg, psa_key_type_t key_type, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length) |
The function prototype for the hardware-accelerated asymmetric encrypt operation.
Functions that implement this prototype should be named in the following convention:
- ~~~~~~~~~~~~~{.c} psa_drv_accel_asymmetric_<ALGO>_encrypt
~~~~~~~~~~~~~ Where
ALGO
is the name of the encryption algorithmThis function supports any output from psa_export_public_key() as the buffer in
p_key
. Refer to the documentation of psa_export_public_key() for the format of public keys and to the documentation of psa_export_key() for the format for other key types.- Parameters
-
[in] p_key
A buffer containing the public key material [in] key_size
The size in bytes of the p_key
data[in] alg
An asymmetric encryption algorithm that is compatible with the type of key
[in] p_input
The message to encrypt [in] input_length
Size of the p_input
buffer in bytes[in] p_salt
A salt or label, if supported by the encryption algorithm If the algorithm does not support a salt, pass NULL
If the algorithm supports an optional salt and you do not want to pass a salt, passNULL
. For PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is supported.[in] salt_length
Size of the p_salt
buffer in bytes Ifp_salt
isNULL
, pass 0.[out] p_output
Buffer where the encrypted message is to be written [in] output_size
Size of the p_output
buffer in bytes[out] p_output_length
On success, the number of bytes that make up the returned output
- Return values
-
PSA_SUCCESS
Definition at line 753
of file crypto_accel_driver.h
.
typedef psa_status_t(* psa_drv_accel_asymmetric_sign_t) (const uint8_t *p_key, size_t key_size, psa_algorithm_t alg, psa_key_type_t key_type, const uint8_t *p_hash, size_t hash_length, uint8_t *p_signature, size_t signature_size, size_t *p_signature_length) |
The function prototype for the hardware-accelerated asymmetric sign operation.
Functions that implement this prototype should be named in the following convention:
- ~~~~~~~~~~~~~{.c} psa_drv_accel_asymmetric_<ALGO>_sign
~~~~~~~~~~~~~ Where
ALGO
is the name of the signing algorithmThis function supports any asymmetric-key output from psa_export_key() as the buffer in
p_key
. Refer to the documentation of psa_export_key() for the formats.- Parameters
-
[in] p_key
A buffer containing the private key material [in] key_size
The size in bytes of the p_key
data[in] alg
A signature algorithm that is compatible with the type of p_key
[in] p_hash
The hash or message to sign [in] hash_length
Size of the p_hash
buffer in bytes[out] p_signature
Buffer where the signature is to be written [in] signature_size
Size of the p_signature
buffer in bytes[out] p_signature_length
On success, the number of bytes that make up the returned signature value
- Return values
-
PSA_SUCCESS
Definition at line 664
of file crypto_accel_driver.h
.
typedef psa_status_t(* psa_drv_accel_asymmetric_verify_t) (const uint8_t *p_key, size_t key_size, psa_algorithm_t alg, psa_key_type_t key_type, const uint8_t *p_hash, size_t hash_length, const uint8_t *p_signature, size_t signature_length) |
The function prototype for the hardware-accelerated signature verify operation.
Functions that implement this prototype should be named in the following convention:
- ~~~~~~~~~~~~~{.c} psa_drv_accel_asymmetric_<ALGO>_verify
~~~~~~~~~~~~~ Where
ALGO
is the name of the signing algorithmThis function supports any output from psa_export_public_key() as the buffer in
p_key
. Refer to the documentation of psa_export_public_key() for the format of public keys and to the documentation of psa_export_key() for the format for other key types.- Parameters
-
[in] p_key
A buffer containing the public key material [in] key_size
The size in bytes of the p_key
data[in] alg
A signature algorithm that is compatible with the type of key
[in] p_hash
The hash or message whose signature is to be verified [in] hash_length
Size of the p_hash
buffer in bytes[in] p_signature
Buffer containing the signature to verify [in] signature_length
Size of the p_signature
buffer in bytes
- Return values
-
PSA_SUCCESS
The signature is valid.
Definition at line 703
of file crypto_accel_driver.h
.