Modules#
Crypto - Platform#
This module includes the platform abstraction for Crypto.
Enumerations#
This enumeration defines the key types.
This enumeration defines the key algorithms.
This enumeration defines the key usage flags.
This enumeration defines the key storage types.
Typedefs#
This datatype represents the key reference.
This structure represents a SHA-256 hash.
Variables#
Functions#
Initialize the Crypto module.
Import a key into PSA ITS.
Export a key stored in PSA ITS.
Destroy a key stored in PSA ITS.
Check if the key ref passed has an associated key in PSA ITS.
Initialize the HMAC operation.
Uninitialize the HMAC operation.
Start HMAC operation.
Update the HMAC operation with new input.
Complete the HMAC operation.
Initialise the AES operation.
Set the key for AES operation.
Encrypt the given data.
Free the AES context.
Initialise the HKDF context.
Perform HKDF Expand step.
Perform HKDF Extract step.
Uninitialize the HKDF context.
Initialise the SHA-256 operation.
Uninitialize the SHA-256 operation.
Start SHA-256 operation.
Update SHA-256 operation with new input.
Finish SHA-256 operation.
Initialize cryptographically-secure pseudorandom number generator (CSPRNG).
Deinitialize cryptographically-secure pseudorandom number generator (CSPRNG).
Fills a given buffer with cryptographically secure random bytes.
Generate and populate the output buffer with a new ECDSA key-pair.
Get the associated public key from the input context.
Calculate the ECDSA signature for a hashed message using the private key from the input context.
Use the key from the input context to verify the ECDSA signature of a hashed message.
Calculate the ECDSA signature for a hashed message using the Key reference passed.
Get the associated public key from the key reference passed.
Generate and import a new ECDSA key-pair at reference passed.
Use the keyref to verify the ECDSA signature of a hashed message.
Perform PKCS#5 PBKDF2 using CMAC (AES-CMAC-PRF-128).
Macros#
Length of SHA256 hash (in bytes).
Max buffer size (in bytes) for representing the EDCSA key-pair in DER format.
Buffer size (in bytes) for representing the EDCSA public key.
Buffer size (in bytes) for representing the EDCSA signature.
Max PBKDF2 SALT length: salt prefix (6) + extended panid (8) + network name (16)
Enumeration Documentation#
otCryptoKeyType#
otCryptoKeyType
This enumeration defines the key types.
Enumerator | |
---|---|
OT_CRYPTO_KEY_TYPE_RAW | Key Type: Raw Data. |
OT_CRYPTO_KEY_TYPE_AES | Key Type: AES. |
OT_CRYPTO_KEY_TYPE_HMAC | Key Type: HMAC. |
OT_CRYPTO_KEY_TYPE_ECDSA | Key Type: ECDSA. |
61
of file include/openthread/platform/crypto.h
otCryptoKeyAlgorithm#
otCryptoKeyAlgorithm
This enumeration defines the key algorithms.
Enumerator | |
---|---|
OT_CRYPTO_KEY_ALG_VENDOR | Key Algorithm: Vendor Defined. |
OT_CRYPTO_KEY_ALG_AES_ECB | Key Algorithm: AES ECB. |
OT_CRYPTO_KEY_ALG_HMAC_SHA_256 | Key Algorithm: HMAC SHA-256. |
OT_CRYPTO_KEY_ALG_ECDSA | Key Algorithm: ECDSA. |
73
of file include/openthread/platform/crypto.h
@12#
@12
This enumeration defines the key usage flags.
Enumerator | |
---|---|
OT_CRYPTO_KEY_USAGE_NONE | Key Usage: Key Usage is empty. |
OT_CRYPTO_KEY_USAGE_EXPORT | Key Usage: Key can be exported. |
OT_CRYPTO_KEY_USAGE_ENCRYPT | Key Usage: Encryption (vendor defined). |
OT_CRYPTO_KEY_USAGE_DECRYPT | Key Usage: AES ECB. |
OT_CRYPTO_KEY_USAGE_SIGN_HASH | Key Usage: Sign Hash. |
OT_CRYPTO_KEY_USAGE_VERIFY_HASH | Key Usage: Verify Hash. |
85
of file include/openthread/platform/crypto.h
otCryptoKeyStorage#
otCryptoKeyStorage
This enumeration defines the key storage types.
Enumerator | |
---|---|
OT_CRYPTO_KEY_STORAGE_VOLATILE | Key Persistence: Key is volatile. |
OT_CRYPTO_KEY_STORAGE_PERSISTENT | Key Persistence: Key is persistent. |
99
of file include/openthread/platform/crypto.h
Typedef Documentation#
otCryptoKeyRef#
typedef uint32_t otCryptoKeyRef
This datatype represents the key reference.
109
of file include/openthread/platform/crypto.h
otCryptoKey#
typedef struct otCryptoKey otCryptoKey
122
of file include/openthread/platform/crypto.h
otCryptoContext#
typedef struct otCryptoContext otCryptoContext
134
of file include/openthread/platform/crypto.h
otPlatCryptoSha256Hash#
typedef struct otPlatCryptoSha256Hash otPlatCryptoSha256Hash
This structure represents a SHA-256 hash.
158
of file include/openthread/platform/crypto.h
otPlatCryptoEcdsaKeyPair#
typedef struct otPlatCryptoEcdsaKeyPair otPlatCryptoEcdsaKeyPair
178
of file include/openthread/platform/crypto.h
otPlatCryptoEcdsaPublicKey#
typedef struct otPlatCryptoEcdsaPublicKey otPlatCryptoEcdsaPublicKey
200
of file include/openthread/platform/crypto.h
otPlatCryptoEcdsaSignature#
typedef struct otPlatCryptoEcdsaSignature otPlatCryptoEcdsaSignature
223
of file include/openthread/platform/crypto.h
Variable Documentation#
OT_TOOL_PACKED_END#
OT_TOOL_PACKED_BEGIN struct otPlatCryptoEcdsaSignature OT_TOOL_PACKED_END
152
of file include/openthread/platform/crypto.h
Function Documentation#
otPlatCryptoInit#
void otPlatCryptoInit (void )
Initialize the Crypto module.
N/A |
235
of file include/openthread/platform/crypto.h
otPlatCryptoImportKey#
otError otPlatCryptoImportKey (otCryptoKeyRef * aKeyRef, otCryptoKeyType aKeyType, otCryptoKeyAlgorithm aKeyAlgorithm, int aKeyUsage, otCryptoKeyStorage aKeyPersistence, const uint8_t * aKey, size_t aKeyLen)
Import a key into PSA ITS.
[inout] | aKeyRef | Pointer to the key ref to be used for crypto operations. |
[in] | aKeyType | Key Type encoding for the key. |
[in] | aKeyAlgorithm | Key algorithm encoding for the key. |
[in] | aKeyUsage | Key Usage encoding for the key (combinations of |
[in] | aKeyPersistence | Key Persistence for this key |
[in] | aKey | Actual key to be imported. |
[in] | aKeyLen | Length of the key to be imported. |
Note
If OT_CRYPTO_KEY_STORAGE_PERSISTENT is passed for aKeyPersistence then
aKeyRef
is input and platform should use the given aKeyRef and MUST not change it.
If OT_CRYPTO_KEY_STORAGE_VOLATILE is passed for aKeyPersistence then aKeyRef
is output, the initial value does not matter and platform API MUST update it to return the new key ref.
This API is only used by OT core when OPENTHREAD_CONFIG_PLATFORM_KEY_REFERENCES_ENABLE
is enabled.
261
of file include/openthread/platform/crypto.h
otPlatCryptoExportKey#
otError otPlatCryptoExportKey (otCryptoKeyRef aKeyRef, uint8_t * aBuffer, size_t aBufferLen, size_t * aKeyLen)
Export a key stored in PSA ITS.
[in] | aKeyRef | The key ref to be used for crypto operations. |
[out] | aBuffer | Pointer to the buffer where key needs to be exported. |
[in] | aBufferLen | Length of the buffer passed to store the exported key. |
[out] | aKeyLen | Pointer to return the length of the exported key. |
Note
This API is only used by OT core when
OPENTHREAD_CONFIG_PLATFORM_KEY_REFERENCES_ENABLE
is enabled.
284
of file include/openthread/platform/crypto.h
otPlatCryptoDestroyKey#
otError otPlatCryptoDestroyKey (otCryptoKeyRef aKeyRef)
Destroy a key stored in PSA ITS.
[in] | aKeyRef | The key ref to be destroyed |
Note
This API is only used by OT core when
OPENTHREAD_CONFIG_PLATFORM_KEY_REFERENCES_ENABLE
is enabled.
297
of file include/openthread/platform/crypto.h
otPlatCryptoHasKey#
bool otPlatCryptoHasKey (otCryptoKeyRef aKeyRef)
Check if the key ref passed has an associated key in PSA ITS.
[in] | aKeyRef | The Key Ref to check. |
Note
This API is only used by OT core when
OPENTHREAD_CONFIG_PLATFORM_KEY_REFERENCES_ENABLE
is enabled.
310
of file include/openthread/platform/crypto.h
otPlatCryptoHmacSha256Init#
otError otPlatCryptoHmacSha256Init (otCryptoContext * aContext)
Initialize the HMAC operation.
[in] | aContext | Context for HMAC operation. |
Note
The platform driver shall point the context to the correct object such as psa_mac_operation_t or mbedtls_md_context_t.
325
of file include/openthread/platform/crypto.h
otPlatCryptoHmacSha256Deinit#
otError otPlatCryptoHmacSha256Deinit (otCryptoContext * aContext)
Uninitialize the HMAC operation.
[in] | aContext | Context for HMAC operation. |
337
of file include/openthread/platform/crypto.h
otPlatCryptoHmacSha256Start#
otError otPlatCryptoHmacSha256Start (otCryptoContext * aContext, const otCryptoKey * aKey)
Start HMAC operation.
[in] | aContext | Context for HMAC operation. |
[in] | aKey | Key material to be used for HMAC operation. |
350
of file include/openthread/platform/crypto.h
otPlatCryptoHmacSha256Update#
otError otPlatCryptoHmacSha256Update (otCryptoContext * aContext, const void * aBuf, uint16_t aBufLength)
Update the HMAC operation with new input.
[in] | aContext | Context for HMAC operation. |
[in] | aBuf | A pointer to the input buffer. |
[in] | aBufLength | The length of |
364
of file include/openthread/platform/crypto.h
otPlatCryptoHmacSha256Finish#
otError otPlatCryptoHmacSha256Finish (otCryptoContext * aContext, uint8_t * aBuf, size_t aBufLength)
Complete the HMAC operation.
[in] | aContext | Context for HMAC operation. |
[out] | aBuf | A pointer to the output buffer. |
[in] | aBufLength | The length of |
378
of file include/openthread/platform/crypto.h
otPlatCryptoAesInit#
otError otPlatCryptoAesInit (otCryptoContext * aContext)
Initialise the AES operation.
[in] | aContext | Context for AES operation. |
Note
The platform driver shall point the context to the correct object such as psa_key_id or mbedtls_aes_context_t.
394
of file include/openthread/platform/crypto.h
otPlatCryptoAesSetKey#
otError otPlatCryptoAesSetKey (otCryptoContext * aContext, const otCryptoKey * aKey)
Set the key for AES operation.
[in] | aContext | Context for AES operation. |
[out] | aKey | Key to use for AES operation. |
407
of file include/openthread/platform/crypto.h
otPlatCryptoAesEncrypt#
otError otPlatCryptoAesEncrypt (otCryptoContext * aContext, const uint8_t * aInput, uint8_t * aOutput)
Encrypt the given data.
[in] | aContext | Context for AES operation. |
[in] | aInput | Pointer to the input buffer. |
[in] | aOutput | Pointer to the output buffer. |
421
of file include/openthread/platform/crypto.h
otPlatCryptoAesFree#
otError otPlatCryptoAesFree (otCryptoContext * aContext)
Free the AES context.
[in] | aContext | Context for AES operation. |
433
of file include/openthread/platform/crypto.h
otPlatCryptoHkdfInit#
otError otPlatCryptoHkdfInit (otCryptoContext * aContext)
Initialise the HKDF context.
[in] | aContext | Context for HKDF operation. |
Note
The platform driver shall point the context to the correct object such as psa_key_derivation_operation_t or HmacSha256::Hash
448
of file include/openthread/platform/crypto.h
otPlatCryptoHkdfExpand#
otError otPlatCryptoHkdfExpand (otCryptoContext * aContext, const uint8_t * aInfo, uint16_t aInfoLength, uint8_t * aOutputKey, uint16_t aOutputKeyLength)
Perform HKDF Expand step.
[in] | aContext | Operation context for HKDF operation. |
[in] | aInfo | Pointer to the Info sequence. |
[in] | aInfoLength | Length of the Info sequence. |
[out] | aOutputKey | Pointer to the output Key. |
[in] | aOutputKeyLength | Size of the output key buffer. |
464
of file include/openthread/platform/crypto.h
otPlatCryptoHkdfExtract#
otError otPlatCryptoHkdfExtract (otCryptoContext * aContext, const uint8_t * aSalt, uint16_t aSaltLength, const otCryptoKey * aInputKey)
Perform HKDF Extract step.
[in] |