Secure_Link

APIs for Secure link configuration and usage.

Data Structures

struct  HiSetSlMacKeyReqBody_t
 Set the Secure Link MAC key.
 
struct  HiSetSlMacKeyCnfBody_t
 Confirmation for the Secure Link MAC key setting.
 
struct  HiSlExchangePubKeysReqBody_t
 Exchange Secure Link Public Keys.
 
struct  HiSlExchangePubKeysCnfBody_t
 Confirmation for exchange of Secure Link Public Keys.
 
struct  HiSlConfigureReqBody_t
 Configure Secure Link Layer.
 
struct  HiSlConfigureCnfBody_t
 Confirmation of Secure Link Layer configuration HiSlConfigureReqBody_t.

Enumerations

enum  SecureLinkState {
  SECURE_LINK_NA_MODE = 0x0,
  SECURE_LINK_UNTRUSTED_MODE = 0x1,
  SECURE_LINK_TRUSTED_MODE = 0x2,
  SECURE_LINK_TRUSTED_ACTIVE_ENFORCED = 0x3
}
 *Secure Link' device state
 
enum  SlMacKeyDest {
  SL_MAC_KEY_DEST_OTP = 0x78,
  SL_MAC_KEY_DEST_RAM = 0x87
}
 destination of the Secure Link MAC key, used by request message HiSetSlMacKeyReqBody_t
 
enum  SlConfigureSkeyInvld {
  SL_CONFIGURE_SKEY_INVLD_INVALIDATE = 0x87,
  SL_CONFIGURE_SKEY_INVLD_NOP = 0x00
}
 used in request message HiSlConfigureReqBody_t to trigger Session Key invalidation

Detailed Description

APIs for Secure link configuration and usage.

WFX family of product have the ability to encrypt the SDIO or SPI link.

Link to more detailed documentation about the Secure Link feature : SecureLink


Data Structure Documentation

◆ HiSetSlMacKeyReqBody_t

struct HiSetSlMacKeyReqBody_t

Set the Secure Link MAC key.

This API can be used in two contexts:

  • for Trused Eval chips : used to set a temporary SecureLink MAC key in RAM.
  • for Trused Enforced chips : used to permanently burn the SecureLink MAC key in OTP memory

Definition at line 551 of file general_api.h.

Data Fields
uint8_t KeyValue[32] Secure Link MAC Key value.
uint8_t OtpOrRam Key destination - OTP or RAM (see enum SlMacKeyDest)

◆ HiSetSlMacKeyCnfBody_t

struct HiSetSlMacKeyCnfBody_t

Confirmation for the Secure Link MAC key setting.

Definition at line 563 of file general_api.h.

Data Fields
uint32_t Status Key upload status (see enum HiStatus)

◆ HiSlExchangePubKeysReqBody_t

struct HiSlExchangePubKeysReqBody_t

Exchange Secure Link Public Keys.

This API is used by the Host to send its curve25519 public key to Device, and get back Device public key in the confirmation message. Once keys are exchanged and authenticated (using their respective MAC), each peer computes the Secure Link session key that will be used to encrypt/decrypt future Host<->Device messages.

Definition at line 581 of file general_api.h.

Data Fields
uint8_t HostPubKey[32] Host Public Key.
uint8_t HostPubKeyMac[64] Host Public Key MAC.

◆ HiSlExchangePubKeysCnfBody_t

struct HiSlExchangePubKeysCnfBody_t

Confirmation for exchange of Secure Link Public Keys.

Definition at line 595 of file general_api.h.

Data Fields
uint8_t NcpPubKey[32] Device Public Key.
uint8_t NcpPubKeyMac[64] Device Public Key MAC.
uint32_t Status Request status (see enum HiStatus)

◆ HiSlConfigureReqBody_t

struct HiSlConfigureReqBody_t

Configure Secure Link Layer.

This API can be used to:

  • Set/update the Secure Link encryption bitmap
  • Optionally (and additionally), invalidate the current session key

Upon request reception, Device will update its own encryption bitmap and return the updated value in the confirmation.

Definition at line 626 of file general_api.h.

Data Fields
uint8_t EncrBmp[32] Encryption bitmap.
uint8_t SkeyInvld Invalidate Session Key (see enum SlConfigureSkeyInvld)

◆ HiSlConfigureCnfBody_t

struct HiSlConfigureCnfBody_t

Confirmation of Secure Link Layer configuration HiSlConfigureReqBody_t.

Definition at line 639 of file general_api.h.

Data Fields
uint32_t Status Request status (see enum ::WsmStatus)

Enumeration Type Documentation

◆ SecureLinkState

*Secure Link' device state

Enumerator
SECURE_LINK_NA_MODE 

Reserved.

SECURE_LINK_UNTRUSTED_MODE 

Untrusted mode - SecureLink not available.

SECURE_LINK_TRUSTED_MODE 

Trusted (Evaluation) mode.

SECURE_LINK_TRUSTED_ACTIVE_ENFORCED 

Trusted (Enforced) mode.

Definition at line 527 of file general_api.h.

◆ SlConfigureSkeyInvld

used in request message HiSlConfigureReqBody_t to trigger Session Key invalidation

Enumerator
SL_CONFIGURE_SKEY_INVLD_INVALIDATE 

Force invalidating session key.

SL_CONFIGURE_SKEY_INVLD_NOP 

Do not invalidate session key.

Definition at line 610 of file general_api.h.

◆ SlMacKeyDest

destination of the Secure Link MAC key, used by request message HiSetSlMacKeyReqBody_t

Enumerator
SL_MAC_KEY_DEST_OTP 

Key will be stored in OTP.

SL_MAC_KEY_DEST_RAM 

Key will be stored in RAM.

Definition at line 538 of file general_api.h.