Secure_LinkGENERAL_API

APIs for Secure link configuration and usage.

Data Structures

struct  sl_wfx_set_sl_mac_key_req_body_t
 Set the Secure Link MAC key.
 
struct  sl_wfx_set_sl_mac_key_cnf_body_t
 Confirmation for the Secure Link MAC key setting.
 
struct  sl_wfx_securelink_exchange_pub_keys_req_body_t
 Exchange Secure Link Public Keys.
 
struct  sl_wfx_securelink_exchange_pub_keys_cnf_body_t
 Confirmation for exchange of Secure Link Public Keys.
 
struct  sl_wfx_securelink_configure_req_body_t
 Configure Secure Link Layer.
 
struct  sl_wfx_securelink_configure_cnf_body_t
 Confirmation of Secure Link Layer configuration sl_wfx_securelink_configure_req_body_t.

Enumerations

enum  sl_wfx_secure_link_state_t {
  SECURE_LINK_NA_MODE = 0x0,
  SECURE_LINK_UNTRUSTED_MODE = 0x1,
  SECURE_LINK_TRUSTED_MODE = 0x2,
  SECURE_LINK_TRUSTED_ACTIVE_ENFORCED = 0x3
}
 *Secure Link' device state
 
enum  sl_wfx_securelink_mac_key_dest_t {
  SL_MAC_KEY_DEST_OTP = 0x78,
  SL_MAC_KEY_DEST_RAM = 0x87
}
 destination of the Secure Link MAC key, used by request message sl_wfx_set_sl_mac_key_req_body_t
 
enum  sl_wfx_securelink_configure_skey_invld_t {
  SL_CONFIGURE_SKEY_INVLD_INVALIDATE = 0x87,
  SL_CONFIGURE_SKEY_INVLD_NOP = 0x00
}
 used in request message sl_wfx_securelink_configure_req_body_t to trigger Session Key invalidation

Detailed Description

APIs for Secure link configuration and usage.

WFX family of product have the ability to encrypt the SDIO or SPI link.

Link to more detailed documentation about the Secure Link feature : SecureLink


Data Structure Documentation

◆ sl_wfx_set_sl_mac_key_req_body_t

struct sl_wfx_set_sl_mac_key_req_body_t

Set the Secure Link MAC key.

This API can be used for Trusted Eval devices in two contexts:

  • to set a temporary SecureLink MAC key in RAM.
  • to permanently burn the SecureLink MAC key in OTP memory. In that case, the OTP SecureLink mode will switch to Trusted Enforced mode

Definition at line 544 of file general_api.h.

Data Fields
uint8_t key_value[32] Secure Link MAC Key value.
uint8_t otp_or_ram Key destination - OTP or RAM (see enum sl_wfx_securelink_mac_key_dest_t)

◆ sl_wfx_set_sl_mac_key_cnf_body_t

struct sl_wfx_set_sl_mac_key_cnf_body_t

Confirmation for the Secure Link MAC key setting.

Definition at line 557 of file general_api.h.

Data Fields
uint32_t status Key upload status (see enum sl_wfx_status_t)

◆ sl_wfx_securelink_exchange_pub_keys_req_body_t

struct sl_wfx_securelink_exchange_pub_keys_req_body_t

Exchange Secure Link Public Keys.

This API is used by the Host to send its curve25519 public key to Device, and get back Device public key in the confirmation message. Once keys are exchanged and authenticated (using their respective MAC), each peer computes the Secure Link session key that will be used to encrypt/decrypt future Host<->Device messages.

Definition at line 575 of file general_api.h.

Data Fields
uint8_t host_pub_key[32] Host Public Key.
uint8_t host_pub_key_mac[64] Host Public Key MAC.

◆ sl_wfx_securelink_exchange_pub_keys_cnf_body_t

struct sl_wfx_securelink_exchange_pub_keys_cnf_body_t

Confirmation for exchange of Secure Link Public Keys.

Definition at line 590 of file general_api.h.

Data Fields
uint8_t ncp_pub_key[32] Device Public Key.
uint8_t ncp_pub_key_mac[64] Device Public Key MAC.
uint32_t status Request status (see enum sl_wfx_status_t)

◆ sl_wfx_securelink_configure_req_body_t

struct sl_wfx_securelink_configure_req_body_t

Configure Secure Link Layer.

This API can be used to:

  • Set/update the Secure Link encryption bitmap
  • or, Invalidate the current session key

In the later case, the encryption bitmap is left untouched.

Definition at line 620 of file general_api.h.

Data Fields
uint8_t encr_bmp[32] Encryption bitmap.
uint8_t skey_invld Invalidate Session Key (see enum sl_configure_skey_invld_t)

◆ sl_wfx_securelink_configure_cnf_body_t

struct sl_wfx_securelink_configure_cnf_body_t

Confirmation of Secure Link Layer configuration sl_wfx_securelink_configure_req_body_t.

Definition at line 633 of file general_api.h.

Data Fields
uint32_t status Request status (see enum wsm_status)

Enumeration Type Documentation

◆ sl_wfx_secure_link_state_t

*Secure Link' device state

Enumerator
SECURE_LINK_NA_MODE 

Reserved.

SECURE_LINK_UNTRUSTED_MODE 

Untrusted mode - SecureLink not available.

SECURE_LINK_TRUSTED_MODE 

Trusted (Evaluation) mode.

SECURE_LINK_TRUSTED_ACTIVE_ENFORCED 

Trusted (Enforced) mode.

Definition at line 520 of file general_api.h.

◆ sl_wfx_securelink_configure_skey_invld_t

used in request message sl_wfx_securelink_configure_req_body_t to trigger Session Key invalidation

Enumerator
SL_CONFIGURE_SKEY_INVLD_INVALIDATE 

Force invalidating session key.

SL_CONFIGURE_SKEY_INVLD_NOP 

Do not invalidate session key.

Definition at line 604 of file general_api.h.

◆ sl_wfx_securelink_mac_key_dest_t

destination of the Secure Link MAC key, used by request message sl_wfx_set_sl_mac_key_req_body_t

Enumerator
SL_MAC_KEY_DEST_OTP 

Key will be stored in OTP.

SL_MAC_KEY_DEST_RAM 

Key will be stored in RAM.

Definition at line 530 of file general_api.h.