58 #define PSA_MAX_PERSISTENT_DATA_SIZE (16)
156 void *persistent_data,
217 const uint8_t *p_input,
218 size_t input_length);
239 size_t *p_mac_length);
257 const uint8_t *p_mac,
287 const uint8_t *p_input,
293 size_t *p_mac_length);
315 const uint8_t *p_input,
319 const uint8_t *p_mac,
445 const uint8_t *p_input,
449 size_t *p_output_length);
469 size_t *p_output_length);
508 const uint8_t *p_input,
575 const uint8_t *p_hash,
577 uint8_t *p_signature,
578 size_t signature_size,
579 size_t *p_signature_length);
600 const uint8_t *p_hash,
602 const uint8_t *p_signature,
603 size_t signature_length);
637 const uint8_t *p_input,
639 const uint8_t *p_salt,
643 size_t *p_output_length);
677 const uint8_t *p_input,
679 const uint8_t *p_salt,
683 size_t *p_output_length);
751 const uint8_t *p_nonce,
753 const uint8_t *p_additional_data,
754 size_t additional_data_length,
755 const uint8_t *p_plaintext,
756 size_t plaintext_length,
757 uint8_t *p_ciphertext,
758 size_t ciphertext_size,
759 size_t *p_ciphertext_length);
793 const uint8_t *p_nonce,
795 const uint8_t *p_additional_data,
796 size_t additional_data_length,
797 const uint8_t *p_ciphertext,
798 size_t ciphertext_length,
799 uint8_t *p_plaintext,
800 size_t plaintext_size,
801 size_t *p_plaintext_length);
901 void *persistent_data,
943 void *persistent_data,
1001 void *persistent_data,
1037 size_t *p_data_length);
1076 uint8_t *pubkey,
size_t pubkey_size,
1077 size_t *pubkey_length);
1195 uint32_t collateral_id,
1196 const uint8_t *p_collateral,
1197 size_t collateral_size);
1228 size_t *p_output_length);
1310 #define PSA_DRV_SE_HAL_VERSION 0x00000005
Algorithm definitions for the PSA Crypto API.
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
psa_status_t(* psa_drv_se_key_derivation_export_t)(void *op_context, uint8_t *p_output, size_t output_size, size_t *p_output_length)
A function that performs the final step of a secure element key agreement and place the generated key...
psa_status_t(* psa_drv_se_key_derivation_derive_t)(void *op_context, psa_key_slot_number_t dest_key)
A function that performs the final secure element key derivation step and place the generated key mat...
psa_status_t(* psa_drv_se_key_derivation_collateral_t)(void *op_context, uint32_t collateral_id, const uint8_t *p_collateral, size_t collateral_size)
A function that provides collateral (parameters) needed for a secure element key derivation or key ag...
psa_status_t(* psa_drv_se_key_derivation_setup_t)(psa_drv_se_context_t *drv_context, void *op_context, psa_algorithm_t kdf_alg, psa_key_slot_number_t source_key)
A function that Sets up a secure element key derivation operation by specifying the algorithm and the...
psa_status_t(* psa_drv_se_aead_encrypt_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t algorithm, const uint8_t *p_nonce, size_t nonce_length, const uint8_t *p_additional_data, size_t additional_data_length, const uint8_t *p_plaintext, size_t plaintext_length, uint8_t *p_ciphertext, size_t ciphertext_size, size_t *p_ciphertext_length)
A function that performs a secure element authenticated encryption operation.
psa_status_t(* psa_drv_se_aead_decrypt_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t algorithm, const uint8_t *p_nonce, size_t nonce_length, const uint8_t *p_additional_data, size_t additional_data_length, const uint8_t *p_ciphertext, size_t ciphertext_length, uint8_t *p_plaintext, size_t plaintext_size, size_t *p_plaintext_length)
A function that performs a secure element authenticated decryption operation.
psa_status_t(* psa_drv_se_asymmetric_decrypt_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length)
A function that decrypts a short message with an asymmetric private key in a secure element.
psa_status_t(* psa_drv_se_asymmetric_encrypt_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_input, size_t input_length, const uint8_t *p_salt, size_t salt_length, uint8_t *p_output, size_t output_size, size_t *p_output_length)
A function that encrypts a short message with an asymmetric public key in a secure element.
psa_status_t(* psa_drv_se_asymmetric_sign_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, uint8_t *p_signature, size_t signature_size, size_t *p_signature_length)
A function that signs a hash or short message with a private key in a secure element.
psa_status_t(* psa_drv_se_asymmetric_verify_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_hash, size_t hash_length, const uint8_t *p_signature, size_t signature_length)
A function that verifies the signature a hash or short message using an asymmetric public key in a se...
psa_status_t(* psa_drv_se_cipher_finish_t)(void *op_context, uint8_t *p_output, size_t output_size, size_t *p_output_length)
A function that completes a previously started secure element cipher operation.
psa_status_t(* psa_drv_se_cipher_abort_t)(void *op_context)
A function that aborts a previously started secure element cipher operation.
psa_status_t(* psa_drv_se_cipher_set_iv_t)(void *op_context, const uint8_t *p_iv, size_t iv_length)
A function that sets the initialization vector (if necessary) for an secure element cipher operation.
psa_status_t(* psa_drv_se_cipher_setup_t)(psa_drv_se_context_t *drv_context, void *op_context, psa_key_slot_number_t key_slot, psa_algorithm_t algorithm, psa_encrypt_or_decrypt_t direction)
A function that provides the cipher setup function for a secure element driver.
psa_status_t(* psa_drv_se_cipher_ecb_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, psa_algorithm_t algorithm, psa_encrypt_or_decrypt_t direction, const uint8_t *p_input, size_t input_size, uint8_t *p_output, size_t output_size)
A function that performs the ECB block mode for secure element cipher operations.
psa_status_t(* psa_drv_se_cipher_update_t)(void *op_context, const uint8_t *p_input, size_t input_size, uint8_t *p_output, size_t output_size, size_t *p_output_length)
A function that continues a previously started secure element cipher operation.
psa_status_t(* psa_drv_se_init_t)(psa_drv_se_context_t *drv_context, void *persistent_data, psa_key_location_t location)
A driver initialization function.
uint64_t psa_key_slot_number_t
Encoding of a key slot number on a secure element.
psa_status_t(* psa_drv_se_validate_slot_number_t)(psa_drv_se_context_t *drv_context, void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_key_slot_number_t key_slot)
A function that determines whether a slot number is valid for a key.
psa_status_t(* psa_drv_se_generate_key_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, const psa_key_attributes_t *attributes, uint8_t *pubkey, size_t pubkey_size, size_t *pubkey_length)
A function that generates a symmetric or asymmetric key on a secure element.
psa_key_creation_method_t
An enumeration indicating how a key is created.
psa_status_t(* psa_drv_se_import_key_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, size_t *bits)
A function that imports a key into a secure element in binary format.
psa_status_t(* psa_drv_se_allocate_key_t)(psa_drv_se_context_t *drv_context, void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_key_slot_number_t *key_slot)
A function that allocates a slot for a key.
psa_status_t(* psa_drv_se_destroy_key_t)(psa_drv_se_context_t *drv_context, void *persistent_data, psa_key_slot_number_t key_slot)
A function that destroys a secure element key and restore the slot to its default state.
psa_status_t(* psa_drv_se_export_key_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, uint8_t *p_data, size_t data_size, size_t *p_data_length)
A function that exports a secure element key in binary format.
@ PSA_KEY_CREATION_COPY
During psa_copy_key()
@ PSA_KEY_CREATION_IMPORT
During psa_import_key()
@ PSA_KEY_CREATION_DERIVE
During psa_key_derivation_output_key()
@ PSA_KEY_CREATION_GENERATE
During psa_generate_key()
psa_status_t(* psa_drv_se_mac_setup_t)(psa_drv_se_context_t *drv_context, void *op_context, psa_key_slot_number_t key_slot, psa_algorithm_t algorithm)
A function that starts a secure element MAC operation for a PSA Crypto Driver implementation.
psa_status_t(* psa_drv_se_mac_update_t)(void *op_context, const uint8_t *p_input, size_t input_length)
A function that continues a previously started secure element MAC operation.
psa_status_t(* psa_drv_se_mac_finish_verify_t)(void *op_context, const uint8_t *p_mac, size_t mac_length)
A function that completes a previously started secure element MAC operation by comparing the resultin...
psa_status_t(* psa_drv_se_mac_abort_t)(void *op_context)
A function that aborts a previous started secure element MAC operation.
psa_status_t(* psa_drv_se_mac_verify_t)(psa_drv_se_context_t *drv_context, const uint8_t *p_input, size_t input_length, psa_key_slot_number_t key_slot, psa_algorithm_t alg, const uint8_t *p_mac, size_t mac_length)
A function that performs a secure element MAC operation in one command and compares the resulting MAC...
psa_status_t(* psa_drv_se_mac_finish_t)(void *op_context, uint8_t *p_mac, size_t mac_size, size_t *p_mac_length)
A function that completes a previously started secure element MAC operation by returning the resultin...
psa_status_t(* psa_drv_se_mac_generate_t)(psa_drv_se_context_t *drv_context, const uint8_t *p_input, size_t input_length, psa_key_slot_number_t key_slot, psa_algorithm_t alg, uint8_t *p_mac, size_t mac_size, size_t *p_mac_length)
A function that performs a secure element MAC operation in one command and returns the calculated MAC...
Key ilfetime definitions for the PSA Crypto API.
uint32_t psa_key_location_t
Encoding of key location indicators.
Error definitions for the PSA Crypto API.
int32_t psa_status_t
Status code type used for all PSA Certified APIs.
A struct containing all of the function pointers needed to implement secure element Authenticated Enc...
psa_drv_se_aead_encrypt_t p_encrypt
Function that performs the AEAD encrypt operation.
psa_drv_se_aead_decrypt_t p_decrypt
Function that performs the AEAD decrypt operation.
A struct containing all of the function pointers needed to implement asymmetric cryptographic operati...
psa_drv_se_asymmetric_verify_t p_verify
Function that performs an asymmetric verify operation.
psa_drv_se_asymmetric_sign_t p_sign
Function that performs an asymmetric sign operation.
psa_drv_se_asymmetric_encrypt_t p_encrypt
Function that performs an asymmetric encrypt operation.
psa_drv_se_asymmetric_decrypt_t p_decrypt
Function that performs an asymmetric decrypt operation.
A struct containing all of the function pointers needed to implement cipher operations using secure e...
size_t context_size
The size in bytes of the hardware-specific secure element cipher context structure.
psa_drv_se_cipher_setup_t p_setup
Function that performs a cipher setup operation.
psa_drv_se_cipher_finish_t p_finish
Function that completes a cipher operation.
psa_drv_se_cipher_set_iv_t p_set_iv
Function that sets a cipher IV (if necessary)
psa_drv_se_cipher_ecb_t p_ecb
Function that performs ECB mode for a cipher operation.
psa_drv_se_cipher_abort_t p_abort
Function that aborts a cipher operation.
psa_drv_se_cipher_update_t p_update
Function that performs a cipher update operation.
Driver context structure.
uintptr_t transient_data
Driver transient data.
const void * persistent_data
A read-only pointer to the driver's persistent data.
const size_t persistent_data_size
The size of persistent_data in bytes.
A struct containing all of the function pointers needed to for secure element key derivation and agre...
psa_drv_se_key_derivation_setup_t p_setup
Function that performs a key derivation setup.
psa_drv_se_key_derivation_collateral_t p_collateral
Function that sets key derivation collateral.
psa_drv_se_key_derivation_export_t p_export
Function that perforsm a final key derivation or agreement and exports the key.
psa_drv_se_key_derivation_derive_t p_derive
Function that performs a final key derivation step.
size_t context_size
The driver-specific size of the key derivation context.
A struct containing all of the function pointers needed to for secure element key management.
psa_drv_se_export_key_t p_export
Function that performs a key export operation.
psa_drv_se_validate_slot_number_t p_validate_slot_number
Function that checks the validity of a slot for a key.
psa_drv_se_import_key_t p_import
Function that performs a key import operation.
psa_drv_se_destroy_key_t p_destroy
Function that performs a key destroy operation.
psa_drv_se_generate_key_t p_generate
Function that performs a generation.
psa_drv_se_allocate_key_t p_allocate
Function that allocates a slot for a key.
psa_drv_se_export_key_t p_export_public
Function that performs a public key export operation.
A struct containing all of the function pointers needed to perform secure element MAC operations.
psa_drv_se_mac_setup_t p_setup
Function that performs a MAC setup operation.
psa_drv_se_mac_update_t p_update
Function that performs a MAC update operation.
size_t context_size
The size in bytes of the hardware-specific secure element MAC context structure.
psa_drv_se_mac_verify_t p_mac_verify
Function that performs a MAC and verify operation in one call.
psa_drv_se_mac_finish_t p_finish
Function that completes a MAC operation.
psa_drv_se_mac_abort_t p_abort
Function that aborts a previoustly started MAC operation.
psa_drv_se_mac_finish_verify_t p_finish_verify
Function that completes a MAC operation with a verify check.
psa_drv_se_mac_generate_t p_mac
Function that performs a MAC operation in one call.
A structure containing pointers to all the entry points of a secure element driver.
size_t persistent_data_size
The size of the driver's persistent data in bytes.
const psa_drv_se_key_management_t * key_management
Key management methods.
const psa_drv_se_aead_t * aead
AEAD operation methods.
const psa_drv_se_cipher_t * cipher
Cipher operation methods.
const psa_drv_se_asymmetric_t * asymmetric
Asymmetric operation methods.
const psa_drv_se_mac_t * mac
MAC operation methods.
psa_drv_se_init_t p_init
The driver initialization function.
const psa_drv_se_key_derivation_t * derivation
Key derivation methods.
uint32_t hal_version
The version of the driver HAL that this driver implements.
Structure storing key attributes.
Cipher type definitions for the PSA Crypto API.
psa_encrypt_or_decrypt_t
For encrypt-decrypt functions, whether the operation is an encryption or a decryption.
1.9.1