MTB CAT1 Peripheral driver library
Typedefs | Functions
Functions
Crypto (Cryptography) » Direct Crypto Core Access » Asymmetric Key Algorithms (RSA, ECP, ECDSA, EDDSA)

General Description

Typedefs

typedef int(* cy_func_get_random_data_t) (void *rndInfo, uint8_t *rndData, size_t rndSize)
 Pointer to a random number supplier function.
 

Functions

cy_en_crypto_status_t Cy_Crypto_Core_Rsa_Verify (CRYPTO_Type *base, cy_en_crypto_rsa_ver_result_t *verResult, cy_en_crypto_sha_mode_t digestType, uint8_t const *digest, uint8_t const *decryptedSignature, uint32_t decryptedSignatureLength)
 RSA verification with checks for content, paddings and signature format. More...
 
cy_en_crypto_status_t Cy_Crypto_Core_Rsa_Verify_Ext (CRYPTO_Type *base, cy_en_crypto_rsa_ver_result_t *verResult, cy_en_crypto_sha_mode_t digestType, uint8_t const *digest, uint32_t digestLength, uint8_t const *decryptedSignature, uint32_t decryptedSignatureLength)
 RSA verification with checks for content, paddings and signature format. More...
 
cy_en_crypto_status_t Cy_Crypto_Core_Rsa_Proc (CRYPTO_Type *base, cy_stc_crypto_rsa_pub_key_t const *key, uint8_t const *message, uint32_t messageSize, uint8_t *processedMessage)
 RSA process algorithm based on the Montgomery algorithm using Barrett reduction. More...
 
cy_en_crypto_status_t Cy_Crypto_Core_Rsa_Coef (CRYPTO_Type *base, cy_stc_crypto_rsa_pub_key_t const *key)
 Calculation constant coefficients to to speed-up Montgomery algorithm. More...
 
cy_en_crypto_status_t Cy_Crypto_Core_ECC_MakePrivateKey (CRYPTO_Type *base, cy_en_crypto_ecc_curve_id_t curveID, uint8_t *key, cy_func_get_random_data_t GetRandomDataFunc, void *randomDataInfo)
 Make a new ECC private key. More...
 
cy_en_crypto_status_t Cy_Crypto_Core_ECC_MakePublicKey (CRYPTO_Type *base, cy_en_crypto_ecc_curve_id_t curveID, const uint8_t *privateKey, cy_stc_crypto_ecc_key *publicKey)
 Make a new ECC public key. More...
 
cy_en_crypto_status_t Cy_Crypto_Core_ECC_MakeKeyPair (CRYPTO_Type *base, cy_en_crypto_ecc_curve_id_t curveID, cy_stc_crypto_ecc_key *key, cy_func_get_random_data_t GetRandomDataFunc, void *randomDataInfo)
 Make a new ECC key pair. More...
 
cy_en_crypto_status_t Cy_Crypto_Core_ECC_SignHash (CRYPTO_Type *base, const uint8_t *hash, uint32_t hashlen, uint8_t *sig, const cy_stc_crypto_ecc_key *key, const uint8_t *messageKey)
 Sign a message digest. More...
 
cy_en_crypto_status_t Cy_Crypto_Core_ECC_VerifyHash (CRYPTO_Type *base, const uint8_t *sig, const uint8_t *hash, uint32_t hashlen, uint8_t *stat, const cy_stc_crypto_ecc_key *key)
 Verify an ECC signature. More...
 
cy_en_crypto_status_t Cy_Crypto_Core_ED25519_Sign (CRYPTO_Type *base, const uint8_t *hash, uint32_t hashlen, uint8_t *sig, const cy_stc_crypto_ecc_key *key, cy_en_eddsa_sig_type_t sigType, const uint8_t *sigctx, uint32_t sigctx_len)
 Sign a message. More...
 
cy_en_crypto_status_t Cy_Crypto_Core_ED25519_PointMultiplication (CRYPTO_Type *base, cy_en_crypto_ecc_curve_id_t curveID, const uint8_t *ecpGX, const uint8_t *ecpGY, const uint8_t *ecpD, uint8_t *ecpQX, uint8_t *ecpQY)
 Edwards 25519 elliptic curve point multiplication in GF(p). More...
 
cy_en_crypto_status_t Cy_Crypto_Core_ED25519_PointDecode (CRYPTO_Type *base, cy_en_crypto_ecc_curve_id_t curveID, const uint8_t *publicKey, uint8_t *pubKey_x, uint8_t *pubKey_y)
 Decode ED25519 encoded public key in to x and y. More...
 
cy_en_crypto_status_t Cy_Crypto_Core_ED25519_Verify (CRYPTO_Type *base, uint8_t *sig, const uint8_t *hash, uint32_t hashlen, const cy_stc_crypto_ecc_key *key, uint32_t *stat, cy_en_eddsa_sig_type_t sigType, const uint8_t *sigctx, uint32_t sigctx_len)
 Verify ED25519 signed message. More...
 
cy_en_crypto_status_t Cy_Crypto_Core_ED25519_MakePublicKey (CRYPTO_Type *base, cy_en_crypto_ecc_curve_id_t curveID, const uint8_t *privateKey, cy_stc_crypto_ecc_key *publicKey)
 Make a new ED25519 public key. More...
 
cy_en_crypto_status_t Cy_Crypto_Core_EC25519_MakePublicKey (CRYPTO_Type *base, const uint8_t *privateKey, cy_stc_crypto_ecc_key *publicKey)
 Make a new EC25519 public key. More...
 
cy_en_crypto_status_t Cy_Crypto_Core_EC25519_MakePrivateKey (CRYPTO_Type *base, uint8_t *key, cy_func_get_random_data_t GetRandomDataFunc, void *randomDataInfo)
 Make a new EC25519 private key. More...
 
cy_en_crypto_status_t Cy_Crypto_Core_EC25519_PointMultiplication (CRYPTO_Type *base, uint8_t *p_r, const uint8_t *p_x, const uint8_t *p_d)
 EC25519 Elliptic curve point multiplication in GF(p). More...
 
cy_en_crypto_status_t Cy_Crypto_Core_EC_NistP_PointMultiplication (CRYPTO_Type *base, cy_en_crypto_ecc_curve_id_t curveID, const uint8_t *ecpGX, const uint8_t *ecpGY, const uint8_t *ecpD, uint8_t *ecpQX, uint8_t *ecpQY)
 Elliptic curve point multiplication in GF(p). More...
 

Function Documentation

◆ Cy_Crypto_Core_Rsa_Verify()

cy_en_crypto_status_t Cy_Crypto_Core_Rsa_Verify ( CRYPTO_Type *  base,
cy_en_crypto_rsa_ver_result_t verResult,
cy_en_crypto_sha_mode_t  digestType,
uint8_t const *  digest,
uint8_t const *  decryptedSignature,
uint32_t  decryptedSignatureLength 
)

RSA verification with checks for content, paddings and signature format.

SHA digest of the message and decrypted message should be calculated before. Supports only PKCS1-v1_5 format, inside of this format supported padding using only SHA, cases with MD2 and MD5 are not supported. PKCS1-v1_5 described here, page 31: http://www.emc.com/collateral/white-papers/h11300-pkcs-1v2-2-rsa-cryptography-standard-wp.pdf

For CAT1C & CAT1D devices when D-Cache is enabled parameter decryptedSignature must align and end in 32 byte boundary.

Returns the verification result cy_en_crypto_rsa_ver_result_t.

Parameters
baseThe pointer to the CRYPTO instance.
verResultThe pointer to the verification result cy_en_crypto_rsa_ver_result_t.
digestTypeSHA mode used for hash calculation cy_en_crypto_sha_mode_t.
digestThe pointer to the hash of the message or the message whose signature is to be verified.
decryptedSignatureThe pointer to the decrypted signature to be verified.
decryptedSignatureLengthThe length of the decrypted signature to be verified (in bytes)
Returns
cy_en_crypto_status_t
Function Usage
#define RSA_MODULO_LENGTH 2048u
#define RSA_MODULO_DATA_SIZE (RSA_MODULO_LENGTH / 8)
typedef struct
{
cy_stc_crypto_rsa_pub_key_t publicKeyStruct;
uint8_t moduloData[RSA_MODULO_DATA_SIZE];
uint8_t expData [32];
uint8_t k1Data [RSA_MODULO_DATA_SIZE+4];
uint8_t k2Data [RSA_MODULO_DATA_SIZE];
uint8_t k3Data [RSA_MODULO_DATA_SIZE];
} cy_stc_public_key_t;
/* All data arrays should be 4-byte aligned */
cy_stc_public_key_t cy_publicKey =
{
.publicKeyStruct =
{
.moduloPtr = 0,
.moduloLength = RSA_MODULO_LENGTH,
.pubExpPtr = 0,
.pubExpLength = 24,
.barretCoefPtr = NULL,
.inverseModuloPtr = NULL,
.rBarPtr = NULL
},
.moduloData =
{ /* modulus in Little Endian for a public key - rsa_public.txt */
0xD9u, 0x94u, 0x94u, 0x38u, 0xA4u, 0xE0u, 0x50u, 0xA1u,
0xADu, 0xC5u, 0xE2u, 0x66u, 0xA9u, 0x7Fu, 0xE7u, 0xD7u,
0xA8u, 0x10u, 0x87u, 0x3Au, 0xBEu, 0xB3u, 0x0Eu, 0x6Au,
0xB2u, 0x8Bu, 0x2Eu, 0x8Du, 0xC2u, 0x45u, 0x41u, 0xA6u,
0xDBu, 0xEBu, 0x90u, 0x20u, 0x56u, 0xECu, 0xFDu, 0x8Cu,
0x23u, 0x09u, 0x13u, 0x5Du, 0x65u, 0xA2u, 0xADu, 0x9Du,
0x3Bu, 0xF2u, 0x5Bu, 0xF6u, 0xABu, 0x2Eu, 0xFEu, 0xF2u,
0x69u, 0x98u, 0x29u, 0x6Du, 0xD1u, 0x2Eu, 0x91u, 0x5Au,
0x65u, 0x83u, 0xF5u, 0x7Fu, 0x8Eu, 0x73u, 0xFFu, 0xA1u,
0x8Cu, 0x70u, 0x07u, 0xDFu, 0x4Du, 0xF4u, 0x79u, 0xB7u,
0x18u, 0xC1u, 0xA3u, 0x2Bu, 0x82u, 0x5Bu, 0x9Eu, 0xE2u,
0xF0u, 0xA0u, 0xB8u, 0xDAu, 0x19u, 0xADu, 0xBBu, 0x2Bu,
0xD5u, 0x07u, 0x5Au, 0x85u, 0x12u, 0x03u, 0xD8u, 0x60u,
0x53u, 0x3Du, 0xC6u, 0x34u, 0xE2u, 0x7Fu, 0x96u, 0x4Cu,
0x26u, 0x1Eu, 0x82u, 0xB1u, 0x85u, 0xC3u, 0x0Du, 0x54u,
0x68u, 0x37u, 0x97u, 0x58u, 0x19u, 0x36u, 0x43u, 0x9Cu,
0xD9u, 0xC3u, 0x42u, 0xEBu, 0xBEu, 0xE2u, 0x8Fu, 0x72u,
0xF1u, 0x5Eu, 0x2Au, 0x15u, 0x56u, 0x52u, 0xD4u, 0x6Du,
0x61u, 0x97u, 0x16u, 0xFEu, 0xC3u, 0xF9u, 0x17u, 0x3Cu,
0x37u, 0xD5u, 0xE1u, 0xA1u, 0x0Au, 0xB7u, 0xD9u, 0x65u,
0xA1u, 0x15u, 0xECu, 0xC7u, 0x39u, 0xECu, 0xEDu, 0x39u,
0x98u, 0x96u, 0x66u, 0x50u, 0x8Cu, 0x25u, 0xC3u, 0x29u,
0xB9u, 0xF8u, 0x25u, 0x55u, 0x92u, 0x7Au, 0xBFu, 0xFBu,
0x45u, 0x2Au, 0x28u, 0x8Au, 0xF9u, 0xE5u, 0xE2u, 0x30u,
0x72u, 0x0Eu, 0x0Au, 0x1Cu, 0x25u, 0x09u, 0x86u, 0x6Fu,
0xF6u, 0x6Fu, 0x15u, 0xEDu, 0x14u, 0xE6u, 0x1Eu, 0x53u,
0x5Au, 0x15u, 0x25u, 0xB9u, 0x5Eu, 0xC9u, 0xBAu, 0x48u,
0xA3u, 0xE3u, 0x93u, 0x62u, 0x3Cu, 0x6Cu, 0x3Cu, 0x83u,
0x17u, 0x29u, 0xFBu, 0xAEu, 0x91u, 0x47u, 0xC9u, 0x41u,
0x2Fu, 0xF9u, 0x82u, 0x29u, 0x7Bu, 0xB4u, 0x5Au, 0x93u,
0x01u, 0x95u, 0xDBu, 0x08u, 0x7Eu, 0x7Bu, 0x99u, 0x1Eu,
0xD4u, 0x25u, 0xD3u, 0x2Au, 0xF4u, 0xC7u, 0x9Fu, 0xB3u,
},
/* Little endian exponent for a public key - rsa_public.txt */
.expData = { 0x01, 0x00, 0x01 },
.k1Data = { 0, },
.k2Data = { 0, },
.k3Data = { 0, },
};
/* Present encrypted signature of the image */
uint8_t rsaEncryptedSign[RSA_MODULO_DATA_SIZE] =
{
0x12u, 0xCEu, 0x13u, 0x83u, 0x4Fu, 0xFFu, 0x39u, 0x9Bu,
0x33u, 0xDEu, 0xDCu, 0xDBu, 0x7Cu, 0x62u, 0xA5u, 0x10u,
0x24u, 0x07u, 0xEAu, 0x4Cu, 0x04u, 0x4Au, 0xCEu, 0x7Bu,
0x8Cu, 0xD8u, 0xD4u, 0x64u, 0xD1u, 0x98u, 0xA2u, 0x33u,
0x2Eu, 0xFFu, 0x06u, 0x13u, 0xD6u, 0x5Au, 0x50u, 0x3Cu,
0xA2u, 0x5Eu, 0xE3u, 0x11u, 0x54u, 0x7Cu, 0x6Au, 0x49u,
0x39u, 0xA3u, 0x62u, 0x02u, 0x66u, 0xB0u, 0x19u, 0x82u,
0xFBu, 0x5Du, 0x15u, 0xB2u, 0x0Bu, 0xF7u, 0xECu, 0x6Cu,
0xBEu, 0xEBu, 0x04u, 0x1Fu, 0x0Bu, 0x5Bu, 0x18u, 0x0Eu,
0x96u, 0x03u, 0xC4u, 0x1Eu, 0x56u, 0xB6u, 0x1Fu, 0xF2u,
0x08u, 0x7Au, 0x81u, 0x96u, 0x86u, 0xA4u, 0x93u, 0x5Du,
0x66u, 0x63u, 0x10u, 0xD5u, 0x9Bu, 0xA9u, 0xD7u, 0x52u,
0xCDu, 0xEFu, 0x23u, 0xDCu, 0x58u, 0xC7u, 0x3Du, 0x72u,
0x3Fu, 0x09u, 0x5Eu, 0x3Bu, 0x03u, 0xF9u, 0x91u, 0x10u,
0x63u, 0x2Au, 0x56u, 0xFAu, 0xCEu, 0x8Cu, 0x8Au, 0xBFu,
0xB5u, 0xA1u, 0xA7u, 0x0Fu, 0xBBu, 0xD8u, 0xACu, 0x7Fu,
0x43u, 0x3Cu, 0xBFu, 0x11u, 0xD8u, 0xAEu, 0x55u, 0xE7u,
0x23u, 0xF8u, 0xA4u, 0xE0u, 0x56u, 0xCFu, 0x3Fu, 0x21u,
0xA9u, 0xB6u, 0x01u, 0x34u, 0xDFu, 0xB6u, 0xDCu, 0xAAu,
0x29u, 0xB0u, 0x97u, 0x9Du, 0xD9u, 0xAAu, 0x47u, 0xD4u,
0xD9u, 0x4Au, 0x97u, 0x52u, 0x3Cu, 0xB9u, 0x36u, 0xDAu,
0xF6u, 0xA6u, 0x14u, 0x97u, 0xDEu, 0xE6u, 0x76u, 0xBFu,
0x1Bu, 0x23u, 0xDBu, 0x68u, 0x66u, 0xEAu, 0x0Eu, 0xC6u,
0xD3u, 0x52u, 0x05u, 0x86u, 0x26u, 0x04u, 0x31u, 0xCEu,
0xCFu, 0x8Du, 0x13u, 0x84u, 0x81u, 0xF2u, 0x7Bu, 0xB7u,
0xDCu, 0x93u, 0x23u, 0x93u, 0xD1u, 0x0Cu, 0xF4u, 0xDFu,
0x37u, 0x44u, 0x3Du, 0xD7u, 0xAFu, 0xBFu, 0xAFu, 0x32u,
0xE7u, 0x31u, 0x50u, 0x70u, 0x62u, 0xC3u, 0xABu, 0x31u,
0x51u, 0x28u, 0x2Bu, 0x0Bu, 0x31u, 0xC6u, 0xD3u, 0x0Fu,
0x74u, 0xE6u, 0x31u, 0x21u, 0xF0u, 0xA3u, 0x40u, 0x5Du,
0xEDu, 0xFFu, 0xC9u, 0xEBu, 0x5Au, 0x65u, 0xF3u, 0xCBu,
0x67u, 0x50u, 0x62u, 0x2Du, 0x8Au, 0xEAu, 0xC3u, 0xBDu,
};
/* Previously calculated SHA-256 digest of the image */
uint8_t sha256Digest[CY_CRYPTO_SHA256_DIGEST_SIZE] =
{
0xf4u, 0xcbu, 0x29u, 0x53u, 0xadu, 0xc2u, 0xbdu, 0x49u,
0x6bu, 0x43u, 0x28u, 0x2bu, 0x63u, 0xb7u, 0x0du, 0x16u,
0xa9u, 0xd4u, 0x90u, 0x65u, 0x6eu, 0x7bu, 0x6du, 0xb7u,
0x0bu, 0x17u, 0xefu, 0x60u, 0x02u, 0x12u, 0x0fu, 0x90u
};
/* Temporary decryption buffer */
uint8_t rsaOutput[RSA_MODULO_DATA_SIZE];
cy_en_crypto_rsa_ver_result_t verResult;
cy_en_crypto_status_t cryptoStatus;
cy_publicKey.publicKeyStruct.moduloPtr = cy_publicKey.moduloData;
cy_publicKey.publicKeyStruct.pubExpPtr = cy_publicKey.expData;
/* Reverse the signature generated by openssl, CRYPTO IP is Little-Endian */
Cy_Crypto_Core_InvertEndianness(rsaEncryptedSign, RSA_MODULO_DATA_SIZE);
cryptoStatus = Cy_Crypto_Core_Rsa_Proc(
CRYPTO_HW, /* Pointer to Crypto instance */
&cy_publicKey.publicKeyStruct, /* Pointer to key */
rsaEncryptedSign, /* Pointer to signature */
sizeof(rsaEncryptedSign), /* size of signature */
rsaOutput); /* Pointer to decrypted signature */
/* ... check for errors... */
/* Reverse the decrypted signature */
Cy_Crypto_Core_InvertEndianness(rsaOutput, RSA_MODULO_DATA_SIZE);
/* Verify decrypted signature by calculated SHA digest from data image */
cryptoStatus = Cy_Crypto_Core_Rsa_Verify(
CRYPTO_HW,
&verResult, /* Pointer to verification result */
CY_CRYPTO_MODE_SHA256, /* Hash mode */
sha256Digest, /* Pointer to hash digest of image */
rsaOutput, /* Pointer to decrypted signature */
sizeof(rsaOutput)); /* Size of signature */
/* ... check for errors... */
if (CY_CRYPTO_RSA_VERIFY_SUCCESS == verResult)
{
/* Verification OK */
}
else
{
/* Verification FAILED */
}

◆ Cy_Crypto_Core_Rsa_Verify_Ext()

cy_en_crypto_status_t Cy_Crypto_Core_Rsa_Verify_Ext ( CRYPTO_Type *  base,
cy_en_crypto_rsa_ver_result_t verResult,
cy_en_crypto_sha_mode_t  digestType,
uint8_t const *  digest,
uint32_t  digestLength,
uint8_t const *  decryptedSignature,
uint32_t  decryptedSignatureLength 
)

RSA verification with checks for content, paddings and signature format.

SHA digest of the message and decrypted message should be calculated before. Supports only PKCS1-v1_5 format, inside of this format supported padding using only SHA, cases with MD2 and MD5 are not supported. PKCS1-v1_5 described here, page 31: http://www.emc.com/collateral/white-papers/h11300-pkcs-1v2-2-rsa-cryptography-standard-wp.pdf

For CAT1C & CAT1D devices when D-Cache is enabled parameter decryptedSignature must align and end in 32 byte boundary.

Returns the verification result cy_en_crypto_rsa_ver_result_t.

Parameters
baseThe pointer to the CRYPTO instance.
verResultThe pointer to the verification result cy_en_crypto_rsa_ver_result_t.
digestTypeSHA mode used for hash calculation cy_en_crypto_sha_mode_t.
digestThe pointer to the hash of the message or the message whose signature is to be verified.
digestLengthThe length of the message whose signature is to be verified and is applicable for CY_CRYPTO_MODE_SHA_NONE mode.
decryptedSignatureThe pointer to the decrypted signature to be verified.
decryptedSignatureLengthThe length of the decrypted signature to be verified (in bytes)
Returns
cy_en_crypto_status_t
Function Usage
#define RSA_MODULO_LENGTH 2048u
#define RSA_MODULO_DATA_SIZE (RSA_MODULO_LENGTH / 8)
typedef struct
{
cy_stc_crypto_rsa_pub_key_t publicKeyStruct;
uint8_t moduloData[RSA_MODULO_DATA_SIZE];
uint8_t expData [32];
uint8_t k1Data [RSA_MODULO_DATA_SIZE+4];
uint8_t k2Data [RSA_MODULO_DATA_SIZE];
uint8_t k3Data [RSA_MODULO_DATA_SIZE];
} cy_stc_public_key_t;
/* All data arrays should be 4-byte aligned */
cy_stc_public_key_t cy_publicKey =
{
.publicKeyStruct =
{
.moduloPtr = 0,
.moduloLength = RSA_MODULO_LENGTH,
.pubExpPtr = 0,
.pubExpLength = 24,
.barretCoefPtr = NULL,
.inverseModuloPtr = NULL,
.rBarPtr = NULL
},
.moduloData =
{ /* modulus in Little Endian for a public key - rsa_public.txt */
0xD9u, 0x94u, 0x94u, 0x38u, 0xA4u, 0xE0u, 0x50u, 0xA1u,
0xADu, 0xC5u, 0xE2u, 0x66u, 0xA9u, 0x7Fu, 0xE7u, 0xD7u,
0xA8u, 0x10u, 0x87u, 0x3Au, 0xBEu, 0xB3u, 0x0Eu, 0x6Au,
0xB2u, 0x8Bu, 0x2Eu, 0x8Du, 0xC2u, 0x45u, 0x41u, 0xA6u,
0xDBu, 0xEBu, 0x90u, 0x20u, 0x56u, 0xECu, 0xFDu, 0x8Cu,
0x23u, 0x09u, 0x13u, 0x5Du, 0x65u, 0xA2u, 0xADu, 0x9Du,
0x3Bu, 0xF2u, 0x5Bu, 0xF6u, 0xABu, 0x2Eu, 0xFEu, 0xF2u,
0x69u, 0x98u, 0x29u, 0x6Du, 0xD1u, 0x2Eu, 0x91u, 0x5Au,
0x65u, 0x83u, 0xF5u, 0x7Fu, 0x8Eu, 0x73u, 0xFFu, 0xA1u,
0x8Cu, 0x70u, 0x07u, 0xDFu, 0x4Du, 0xF4u, 0x79u, 0xB7u,
0x18u, 0xC1u, 0xA3u, 0x2Bu, 0x82u, 0x5Bu, 0x9Eu, 0xE2u,
0xF0u, 0xA0u, 0xB8u, 0xDAu, 0x19u, 0xADu, 0xBBu, 0x2Bu,
0xD5u, 0x07u, 0x5Au, 0x85u, 0x12u, 0x03u, 0xD8u, 0x60u,
0x53u, 0x3Du, 0xC6u, 0x34u, 0xE2u, 0x7Fu, 0x96u, 0x4Cu,
0x26u, 0x1Eu, 0x82u, 0xB1u, 0x85u, 0xC3u, 0x0Du, 0x54u,
0x68u, 0x37u, 0x97u, 0x58u, 0x19u, 0x36u, 0x43u, 0x9Cu,
0xD9u, 0xC3u, 0x42u, 0xEBu, 0xBEu, 0xE2u, 0x8Fu, 0x72u,
0xF1u, 0x5Eu, 0x2Au, 0x15u, 0x56u, 0x52u, 0xD4u, 0x6Du,
0x61u, 0x97u, 0x16u, 0xFEu, 0xC3u, 0xF9u, 0x17u, 0x3Cu,
0x37u, 0xD5u, 0xE1u, 0xA1u, 0x0Au, 0xB7u, 0xD9u, 0x65u,
0xA1u, 0x15u, 0xECu, 0xC7u, 0x39u, 0xECu, 0xEDu, 0x39u,
0x98u, 0x96u, 0x66u, 0x50u, 0x8Cu, 0x25u, 0xC3u, 0x29u,
0xB9u, 0xF8u, 0x25u, 0x55u, 0x92u, 0x7Au, 0xBFu, 0xFBu,
0x45u, 0x2Au, 0x28u, 0x8Au, 0xF9u, 0xE5u, 0xE2u, 0x30u,
0x72u, 0x0Eu, 0x0Au, 0x1Cu, 0x25u, 0x09u, 0x86u, 0x6Fu,
0xF6u, 0x6Fu, 0x15u, 0xEDu, 0x14u, 0xE6u, 0x1Eu, 0x53u,
0x5Au, 0x15u, 0x25u, 0xB9u, 0x5Eu, 0xC9u, 0xBAu, 0x48u,
0xA3u, 0xE3u, 0x93u, 0x62u, 0x3Cu, 0x6Cu, 0x3Cu, 0x83u,
0x17u, 0x29u, 0xFBu, 0xAEu, 0x91u, 0x47u, 0xC9u, 0x41u,
0x2Fu, 0xF9u, 0x82u, 0x29u, 0x7Bu, 0xB4u, 0x5Au, 0x93u,
0x01u, 0x95u, 0xDBu, 0x08u, 0x7Eu, 0x7Bu, 0x99u, 0x1Eu,
0xD4u, 0x25u, 0xD3u, 0x2Au, 0xF4u, 0xC7u, 0x9Fu, 0xB3u,
},
/* Little endian exponent for a public key - rsa_public.txt */
.expData = { 0x01, 0x00, 0x01 },
.k1Data = { 0, },
.k2Data = { 0, },
.k3Data = { 0, },
};
/* Present encrypted signature of the image */
uint8_t rsaEncryptedSign[RSA_MODULO_DATA_SIZE] =
{
0x12u, 0xCEu, 0x13u, 0x83u, 0x4Fu, 0xFFu, 0x39u, 0x9Bu,
0x33u, 0xDEu, 0xDCu, 0xDBu, 0x7Cu, 0x62u, 0xA5u, 0x10u,
0x24u, 0x07u, 0xEAu, 0x4Cu, 0x04u, 0x4Au, 0xCEu, 0x7Bu,
0x8Cu, 0xD8u, 0xD4u, 0x64u, 0xD1u, 0x98u, 0xA2u, 0x33u,
0x2Eu, 0xFFu, 0x06u, 0x13u, 0xD6u, 0x5Au, 0x50u, 0x3Cu,
0xA2u, 0x5Eu, 0xE3u, 0x11u, 0x54u, 0x7Cu, 0x6Au, 0x49u,
0x39u, 0xA3u, 0x62u, 0x02u, 0x66u, 0xB0u, 0x19u, 0x82u,
0xFBu, 0x5Du, 0x15u, 0xB2u, 0x0Bu, 0xF7u, 0xECu, 0x6Cu,
0xBEu, 0xEBu, 0x04u, 0x1Fu, 0x0Bu, 0x5Bu, 0x18u, 0x0Eu,
0x96u, 0x03u, 0xC4u, 0x1Eu, 0x56u, 0xB6u, 0x1Fu, 0xF2u,
0x08u, 0x7Au, 0x81u, 0x96u, 0x86u, 0xA4u, 0x93u, 0x5Du,
0x66u, 0x63u, 0x10u, 0xD5u, 0x9Bu, 0xA9u, 0xD7u, 0x52u,
0xCDu, 0xEFu, 0x23u, 0xDCu, 0x58u, 0xC7u, 0x3Du, 0x72u,
0x3Fu, 0x09u, 0x5Eu, 0x3Bu, 0x03u, 0xF9u, 0x91u, 0x10u,
0x63u, 0x2Au, 0x56u, 0xFAu, 0xCEu, 0x8Cu, 0x8Au, 0xBFu,
0xB5u, 0xA1u, 0xA7u, 0x0Fu, 0xBBu, 0xD8u, 0xACu, 0x7Fu,
0x43u, 0x3Cu, 0xBFu, 0x11u, 0xD8u, 0xAEu, 0x55u, 0xE7u,
0x23u, 0xF8u, 0xA4u, 0xE0u, 0x56u, 0xCFu, 0x3Fu, 0x21u,
0xA9u, 0xB6u, 0x01u, 0x34u, 0xDFu, 0xB6u, 0xDCu, 0xAAu,
0x29u, 0xB0u, 0x97u, 0x9Du, 0xD9u, 0xAAu, 0x47u, 0xD4u,
0xD9u, 0x4Au, 0x97u, 0x52u, 0x3Cu, 0xB9u, 0x36u, 0xDAu,
0xF6u, 0xA6u, 0x14u, 0x97u, 0xDEu, 0xE6u, 0x76u, 0xBFu,
0x1Bu, 0x23u, 0xDBu, 0x68u, 0x66u, 0xEAu, 0x0Eu, 0xC6u,
0xD3u, 0x52u, 0x05u, 0x86u, 0x26u, 0x04u, 0x31u, 0xCEu,
0xCFu, 0x8Du, 0x13u, 0x84u, 0x81u, 0xF2u, 0x7Bu, 0xB7u,
0xDCu, 0x93u, 0x23u, 0x93u, 0xD1u, 0x0Cu, 0xF4u, 0xDFu,
0x37u, 0x44u, 0x3Du, 0xD7u, 0xAFu, 0xBFu, 0xAFu, 0x32u,
0xE7u, 0x31u, 0x50u, 0x70u, 0x62u, 0xC3u, 0xABu, 0x31u,
0x51u, 0x28u, 0x2Bu, 0x0Bu, 0x31u, 0xC6u, 0xD3u, 0x0Fu,
0x74u, 0xE6u, 0x31u, 0x21u, 0xF0u, 0xA3u, 0x40u, 0x5Du,
0xEDu, 0xFFu, 0xC9u, 0xEBu, 0x5Au, 0x65u, 0xF3u, 0xCBu,
0x67u, 0x50u, 0x62u, 0x2Du, 0x8Au, 0xEAu, 0xC3u, 0xBDu,
};
/* Previously calculated SHA-256 digest of the image */
uint8_t sha256Digest[CY_CRYPTO_SHA256_DIGEST_SIZE] =
{
0xf4u, 0xcbu, 0x29u, 0x53u, 0xadu, 0xc2u, 0xbdu, 0x49u,
0x6bu, 0x43u, 0x28u, 0x2bu, 0x63u, 0xb7u, 0x0du, 0x16u,
0xa9u, 0xd4u, 0x90u, 0x65u, 0x6eu, 0x7bu, 0x6du, 0xb7u,
0x0bu, 0x17u, 0xefu, 0x60u, 0x02u, 0x12u, 0x0fu, 0x90u
};
/* Temporary decryption buffer */
uint8_t rsaOutput[RSA_MODULO_DATA_SIZE];
cy_en_crypto_rsa_ver_result_t verResult;
cy_en_crypto_status_t cryptoStatus;
cy_publicKey.publicKeyStruct.moduloPtr = cy_publicKey.moduloData;
cy_publicKey.publicKeyStruct.pubExpPtr = cy_publicKey.expData;
/* Reverse the signature generated by openssl, CRYPTO IP is Little-Endian */
Cy_Crypto_Core_InvertEndianness(rsaEncryptedSign, RSA_MODULO_DATA_SIZE);
cryptoStatus = Cy_Crypto_Core_Rsa_Proc(
CRYPTO_HW, /* Pointer to Crypto instance */
&cy_publicKey.publicKeyStruct, /* Pointer to key */
rsaEncryptedSign, /* Pointer to signature */
sizeof(rsaEncryptedSign), /* size of signature */
rsaOutput); /* Pointer to decrypted signature */
/* ... check for errors... */
/* Reverse the decrypted signature */
Cy_Crypto_Core_InvertEndianness(rsaOutput, RSA_MODULO_DATA_SIZE);
/* Verify decrypted signature by calculated SHA digest from data image */
cryptoStatus = Cy_Crypto_Core_Rsa_Verify(
CRYPTO_HW,
&verResult, /* Pointer to verification result */
CY_CRYPTO_MODE_SHA256, /* Hash mode */
sha256Digest, /* Pointer to hash digest of image */
rsaOutput, /* Pointer to decrypted signature */
sizeof(rsaOutput)); /* Size of signature */
/* ... check for errors... */
if (CY_CRYPTO_RSA_VERIFY_SUCCESS == verResult)
{
/* Verification OK */
}
else
{
/* Verification FAILED */
}

◆ Cy_Crypto_Core_Rsa_Proc()

cy_en_crypto_status_t Cy_Crypto_Core_Rsa_Proc ( CRYPTO_Type *  base,
cy_stc_crypto_rsa_pub_key_t const *  key,
uint8_t const *  message,
uint32_t  messageSize,
uint8_t *  processedMessage 
)

RSA process algorithm based on the Montgomery algorithm using Barrett reduction.

For CAT1C & CAT1D devices when D-Cache is enabled parameters message, processedMessage and key(pubExpPtr, moduloPtr, barretCoefPtr, inverseModuloPtr and rBarPtr) must align and end in 32 byte boundary.

https://en.wikipedia.org/wiki/RSA_%28cryptosystem%29

Parameters
baseThe pointer to the CRYPTO instance.
keyThe pointer to the cy_stc_crypto_rsa_pub_key_t structure that stores public key.
messageThe pointer to the message to be processed.
messageSizeThe length of the message to be processed.
processedMessageThe pointer to processed message.
Returns
cy_en_crypto_status_t
Function Usage
#define RSA_MODULO_LENGTH 2048u
#define RSA_MODULO_DATA_SIZE (RSA_MODULO_LENGTH / 8)
typedef struct
{
cy_stc_crypto_rsa_pub_key_t publicKeyStruct;
uint8_t moduloData[RSA_MODULO_DATA_SIZE];
uint8_t expData [32];
uint8_t k1Data [RSA_MODULO_DATA_SIZE+4];
uint8_t k2Data [RSA_MODULO_DATA_SIZE];
uint8_t k3Data [RSA_MODULO_DATA_SIZE];
} cy_stc_public_key_t;
/* All data arrays should be 4-byte aligned */
cy_stc_public_key_t cy_publicKey =
{
.publicKeyStruct =
{
.moduloPtr = 0,
.moduloLength = RSA_MODULO_LENGTH,
.pubExpPtr = 0,
.pubExpLength = 24,
.barretCoefPtr = NULL,
.inverseModuloPtr = NULL,
.rBarPtr = NULL
},
.moduloData =
{ /* modulus in Little Endian for a public key - rsa_public.txt */
0xD9u, 0x94u, 0x94u, 0x38u, 0xA4u, 0xE0u, 0x50u, 0xA1u,
0xADu, 0xC5u, 0xE2u, 0x66u, 0xA9u, 0x7Fu, 0xE7u, 0xD7u,
0xA8u, 0x10u, 0x87u, 0x3Au, 0xBEu, 0xB3u, 0x0Eu, 0x6Au,
0xB2u, 0x8Bu, 0x2Eu, 0x8Du, 0xC2u, 0x45u, 0x41u, 0xA6u,
0xDBu, 0xEBu, 0x90u, 0x20u, 0x56u, 0xECu, 0xFDu, 0x8Cu,
0x23u, 0x09u, 0x13u, 0x5Du, 0x65u, 0xA2u, 0xADu, 0x9Du,
0x3Bu, 0xF2u, 0x5Bu, 0xF6u, 0xABu, 0x2Eu, 0xFEu, 0xF2u,
0x69u, 0x98u, 0x29u, 0x6Du, 0xD1u, 0x2Eu, 0x91u, 0x5Au,
0x65u, 0x83u, 0xF5u, 0x7Fu, 0x8Eu, 0x73u, 0xFFu, 0xA1u,
0x8Cu, 0x70u, 0x07u, 0xDFu, 0x4Du, 0xF4u, 0x79u, 0xB7u,
0x18u, 0xC1u, 0xA3u, 0x2Bu, 0x82u, 0x5Bu, 0x9Eu, 0xE2u,
0xF0u, 0xA0u, 0xB8u, 0xDAu, 0x19u, 0xADu, 0xBBu, 0x2Bu,
0xD5u, 0x07u, 0x5Au, 0x85u, 0x12u, 0x03u, 0xD8u, 0x60u,
0x53u, 0x3Du, 0xC6u, 0x34u, 0xE2u, 0x7Fu, 0x96u, 0x4Cu,
0x26u, 0x1Eu, 0x82u, 0xB1u, 0x85u, 0xC3u, 0x0Du, 0x54u,
0x68u, 0x37u, 0x97u, 0x58u, 0x19u, 0x36u, 0x43u, 0x9Cu,
0xD9u, 0xC3u, 0x42u, 0xEBu, 0xBEu, 0xE2u, 0x8Fu, 0x72u,
0xF1u, 0x5Eu, 0x2Au, 0x15u, 0x56u, 0x52u, 0xD4u, 0x6Du,
0x61u, 0x97u, 0x16u, 0xFEu, 0xC3u, 0xF9u, 0x17u, 0x3Cu,
0x37u, 0xD5u, 0xE1u, 0xA1u, 0x0Au, 0xB7u, 0xD9u, 0x65u,
0xA1u, 0x15u, 0xECu, 0xC7u, 0x39u, 0xECu, 0xEDu, 0x39u,
0x98u, 0x96u, 0x66u, 0x50u, 0x8Cu, 0x25u, 0xC3u, 0x29u,
0xB9u, 0xF8u, 0x25u, 0x55u, 0x92u, 0x7Au, 0xBFu, 0xFBu,
0x45u, 0x2Au, 0x28u, 0x8Au, 0xF9u, 0xE5u, 0xE2u, 0x30u,
0x72u, 0x0Eu, 0x0Au, 0x1Cu, 0x25u, 0x09u, 0x86u, 0x6Fu,
0xF6u, 0x6Fu, 0x15u, 0xEDu, 0x14u, 0xE6u, 0x1Eu, 0x53u,
0x5Au, 0x15u, 0x25u, 0xB9u, 0x5Eu, 0xC9u, 0xBAu, 0x48u,
0xA3u, 0xE3u, 0x93u, 0x62u, 0x3Cu, 0x6Cu, 0x3Cu, 0x83u,
0x17u, 0x29u, 0xFBu, 0xAEu, 0x91u, 0x47u, 0xC9u, 0x41u,
0x2Fu, 0xF9u, 0x82u, 0x29u, 0x7Bu, 0xB4u, 0x5Au, 0x93u,
0x01u, 0x95u, 0xDBu, 0x08u, 0x7Eu, 0x7Bu, 0x99u, 0x1Eu,
0xD4u, 0x25u, 0xD3u, 0x2Au, 0xF4u, 0xC7u, 0x9Fu, 0xB3u,
},
/* Little endian exponent for a public key - rsa_public.txt */
.expData = { 0x01, 0x00, 0x01 },
.k1Data = { 0, },
.k2Data = { 0, },
.k3Data = { 0, },
};
/* Present encrypted signature of the image */
uint8_t rsaEncryptedSign[RSA_MODULO_DATA_SIZE] =
{
0x12u, 0xCEu, 0x13u, 0x83u, 0x4Fu, 0xFFu, 0x39u, 0x9Bu,
0x33u, 0xDEu, 0xDCu, 0xDBu, 0x7Cu, 0x62u, 0xA5u, 0x10u,
0x24u, 0x07u, 0xEAu, 0x4Cu, 0x04u, 0x4Au, 0xCEu, 0x7Bu,
0x8Cu, 0xD8u, 0xD4u, 0x64u, 0xD1u, 0x98u, 0xA2u, 0x33u,
0x2Eu, 0xFFu, 0x06u, 0x13u, 0xD6u, 0x5Au, 0x50u, 0x3Cu,
0xA2u, 0x5Eu, 0xE3u, 0x11u, 0x54u, 0x7Cu, 0x6Au, 0x49u,
0x39u, 0xA3u, 0x62u, 0x02u, 0x66u, 0xB0u, 0x19u, 0x82u,
0xFBu, 0x5Du, 0x15u, 0xB2u, 0x0Bu, 0xF7u, 0xECu, 0x6Cu,
0xBEu, 0xEBu, 0x04u, 0x1Fu, 0x0Bu, 0x5Bu, 0x18u, 0x0Eu,
0x96u, 0x03u, 0xC4u, 0x1Eu, 0x56u, 0xB6u, 0x1Fu, 0xF2u,
0x08u, 0x7Au, 0x81u, 0x96u, 0x86u, 0xA4u, 0x93u, 0x5Du,
0x66u, 0x63u, 0x10u, 0xD5u, 0x9Bu, 0xA9u, 0xD7u, 0x52u,
0xCDu, 0xEFu, 0x23u, 0xDCu, 0x58u, 0xC7u, 0x3Du, 0x72u,
0x3Fu, 0x09u, 0x5Eu, 0x3Bu, 0x03u, 0xF9u, 0x91u, 0x10u,
0x63u, 0x2Au, 0x56u, 0xFAu, 0xCEu, 0x8Cu, 0x8Au, 0xBFu,
0xB5u, 0xA1u, 0xA7u, 0x0Fu, 0xBBu, 0xD8u, 0xACu, 0x7Fu,
0x43u, 0x3Cu, 0xBFu, 0x11u, 0xD8u, 0xAEu, 0x55u, 0xE7u,
0x23u, 0xF8u, 0xA4u, 0xE0u, 0x56u, 0xCFu, 0x3Fu, 0x21u,
0xA9u, 0xB6u, 0x01u, 0x34u, 0xDFu, 0xB6u, 0xDCu, 0xAAu,
0x29u, 0xB0u, 0x97u, 0x9Du, 0xD9u, 0xAAu, 0x47u, 0xD4u,
0xD9u, 0x4Au, 0x97u, 0x52u, 0x3Cu, 0xB9u, 0x36u, 0xDAu,
0xF6u, 0xA6u, 0x14u, 0x97u, 0xDEu, 0xE6u, 0x76u, 0xBFu,
0x1Bu, 0x23u, 0xDBu, 0x68u, 0x66u, 0xEAu, 0x0Eu, 0xC6u,
0xD3u, 0x52u, 0x05u, 0x86u, 0x26u, 0x04u, 0x31u, 0xCEu,
0xCFu, 0x8Du, 0x13u, 0x84u, 0x81u, 0xF2u, 0x7Bu, 0xB7u,
0xDCu, 0x93u, 0x23u, 0x93u, 0xD1u, 0x0Cu, 0xF4u, 0xDFu,
0x37u, 0x44u, 0x3Du, 0xD7u, 0xAFu, 0xBFu, 0xAFu, 0x32u,
0xE7u, 0x31u, 0x50u, 0x70u, 0x62u, 0xC3u, 0xABu, 0x31u,
0x51u, 0x28u, 0x2Bu, 0x0Bu, 0x31u, 0xC6u, 0xD3u, 0x0Fu,
0x74u, 0xE6u, 0x31u, 0x21u, 0xF0u, 0xA3u, 0x40u, 0x5Du,
0xEDu, 0xFFu, 0xC9u, 0xEBu, 0x5Au, 0x65u, 0xF3u, 0xCBu,
0x67u, 0x50u, 0x62u, 0x2Du, 0x8Au, 0xEAu, 0xC3u, 0xBDu,
};
/* Previously calculated SHA-256 digest of the image */
uint8_t sha256Digest[CY_CRYPTO_SHA256_DIGEST_SIZE] =
{
0xf4u, 0xcbu, 0x29u, 0x53u, 0xadu, 0xc2u, 0xbdu, 0x49u,
0x6bu, 0x43u, 0x28u, 0x2bu, 0x63u, 0xb7u, 0x0du, 0x16u,
0xa9u, 0xd4u, 0x90u, 0x65u, 0x6eu, 0x7bu, 0x6du, 0xb7u,
0x0bu, 0x17u, 0xefu, 0x60u, 0x02u, 0x12u, 0x0fu, 0x90u
};
/* Temporary decryption buffer */
uint8_t rsaOutput[RSA_MODULO_DATA_SIZE];
cy_en_crypto_rsa_ver_result_t verResult;
cy_en_crypto_status_t cryptoStatus;
cy_publicKey.publicKeyStruct.moduloPtr = cy_publicKey.moduloData;
cy_publicKey.publicKeyStruct.pubExpPtr = cy_publicKey.expData;
/* Reverse the signature generated by openssl, CRYPTO IP is Little-Endian */
Cy_Crypto_Core_InvertEndianness(rsaEncryptedSign, RSA_MODULO_DATA_SIZE);
cryptoStatus = Cy_Crypto_Core_Rsa_Proc(
CRYPTO_HW, /* Pointer to Crypto instance */
&cy_publicKey.publicKeyStruct, /* Pointer to key */
rsaEncryptedSign, /* Pointer to signature */
sizeof(rsaEncryptedSign), /* size of signature */
rsaOutput); /* Pointer to decrypted signature */
/* ... check for errors... */
/* Reverse the decrypted signature */
Cy_Crypto_Core_InvertEndianness(rsaOutput, RSA_MODULO_DATA_SIZE);
/* Verify decrypted signature by calculated SHA digest from data image */
cryptoStatus = Cy_Crypto_Core_Rsa_Verify(
CRYPTO_HW,
&verResult, /* Pointer to verification result */
CY_CRYPTO_MODE_SHA256, /* Hash mode */
sha256Digest, /* Pointer to hash digest of image */
rsaOutput, /* Pointer to decrypted signature */
sizeof(rsaOutput)); /* Size of signature */
/* ... check for errors... */
if (CY_CRYPTO_RSA_VERIFY_SUCCESS == verResult)
{
/* Verification OK */
}
else
{
/* Verification FAILED */
}

◆ Cy_Crypto_Core_Rsa_Coef()

cy_en_crypto_status_t Cy_Crypto_Core_Rsa_Coef ( CRYPTO_Type *  base,
cy_stc_crypto_rsa_pub_key_t const *  key 
)

Calculation constant coefficients to to speed-up Montgomery algorithm.

These coefficients are: coefficient for Barrett reduction, binary inverse of the modulo, result of (2^moduloLength mod modulo)

For CAT1C & CAT1D(CM55) devices when D-Cache is enabled parameters key(moduloPtr, barretCoefPtr, inverseModuloPtr and rBarPtr) must align and end in 32 byte boundary.

Parameters
baseThe pointer to the CRYPTO instance.
keyThe pointer to the cy_stc_crypto_rsa_pub_key_t structure that stores a public key.
Returns
cy_en_crypto_status_t

◆ Cy_Crypto_Core_ECC_MakePrivateKey()

cy_en_crypto_status_t Cy_Crypto_Core_ECC_MakePrivateKey ( CRYPTO_Type *  base,
cy_en_crypto_ecc_curve_id_t  curveID,
uint8_t *  key,
cy_func_get_random_data_t  GetRandomDataFunc,
void *  randomDataInfo 
)

Make a new ECC private key.

For CAT1C & CAT1D devices when D-Cache is enabled parameter key must align and end in 32 byte boundary.

Parameters
baseThe pointer to a Crypto instance.
curveIDSee cy_en_crypto_ecc_curve_id_t.
key[out] Destination of the newly created key.
GetRandomDataFuncSee cy_func_get_random_data_t.
randomDataInfo
Returns
status code. See cy_en_crypto_status_t.

◆ Cy_Crypto_Core_ECC_MakePublicKey()

cy_en_crypto_status_t Cy_Crypto_Core_ECC_MakePublicKey ( CRYPTO_Type *  base,
cy_en_crypto_ecc_curve_id_t  curveID,
const uint8_t *  privateKey,
cy_stc_crypto_ecc_key publicKey 
)

Make a new ECC public key.

For CAT1C & CAT1D devices when D-Cache is enabled parameters privateKey and x & y of publicKey must align and end in 32 byte boundary.

Parameters
baseThe pointer to a Crypto instance.
curveIDSee cy_en_crypto_ecc_curve_id_t.
privateKey[out] Destination of the newly created key.
publicKeySee cy_stc_crypto_ecc_key.
Returns
status code. See cy_en_crypto_status_t.

◆ Cy_Crypto_Core_ECC_MakeKeyPair()

cy_en_crypto_status_t Cy_Crypto_Core_ECC_MakeKeyPair ( CRYPTO_Type *  base,
cy_en_crypto_ecc_curve_id_t  curveID,
cy_stc_crypto_ecc_key key,
cy_func_get_random_data_t  GetRandomDataFunc,
void *  randomDataInfo 
)

Make a new ECC key pair.

Parameters
baseThe pointer to a Crypto instance.
curveIDSee cy_en_crypto_ecc_curve_id_t.
key[out] Destination of the newly created key. See cy_stc_crypto_ecc_key.
GetRandomDataFuncSee cy_func_get_random_data_t.
randomDataInfo
Returns
status code. See cy_en_crypto_status_t.

◆ Cy_Crypto_Core_ECC_SignHash()

cy_en_crypto_status_t Cy_Crypto_Core_ECC_SignHash ( CRYPTO_Type *  base,
const uint8_t *  hash,
uint32_t  hashlen,
uint8_t *  sig,
const cy_stc_crypto_ecc_key key,
const uint8_t *  messageKey 
)

Sign a message digest.

For CAT1C & CAT1D devices when D-Cache is enabled parameters hash, sign, messageKey and key( k, x&y of pubkey) must align and end in 32 byte boundary.

Parameters
baseThe pointer to a Crypto instance.
hashThe message digest to sign. Provided as is in data buffer.
hashlenThe length of the digest in bytes.
sig[out] The destination for the signature, 'r' followed by 's'.
keyKey used for signature generation. See cy_stc_crypto_ecc_key.
messageKeyMessage key.
Returns
status code. See cy_en_crypto_status_t.

◆ Cy_Crypto_Core_ECC_VerifyHash()

cy_en_crypto_status_t Cy_Crypto_Core_ECC_VerifyHash ( CRYPTO_Type *  base,
const uint8_t *  sig,
const uint8_t *  hash,
uint32_t  hashlen,
uint8_t *  stat,
const cy_stc_crypto_ecc_key key 
)

Verify an ECC signature.

For CAT1C & CAT1D devices when D-Cache is enabled parameters sig, hash and key( x&y of pubkey) must align and end in 32 byte boundary.

Parameters
baseThe pointer to a Crypto instance.
sigThe signature to verify, 'R' followed by 'S'.
hashThe hash (message digest) that was signed.
hashlenThe length of the hash (octets).
statResult of signature, 1==valid, 0==invalid.
keyThe corresponding public ECC key. See cy_stc_crypto_ecc_key.
Returns
status code. See cy_en_crypto_status_t.

◆ Cy_Crypto_Core_ED25519_Sign()

cy_en_crypto_status_t Cy_Crypto_Core_ED25519_Sign ( CRYPTO_Type *  base,
const uint8_t *  hash,
uint32_t  hashlen,
uint8_t *  sig,
const cy_stc_crypto_ecc_key key,
cy_en_eddsa_sig_type_t  sigType,
const uint8_t *  sigctx,
uint32_t  sigctx_len 
)

Sign a message.

For CAT1C & CAT1D devices with DCache enabled this API is not supported.

Parameters
baseThe pointer to a Crypto instance.
hashThe message to sign. Provided as is in data buffer. This is usually the hash of the original data to be signed.
hashlenThe length of the message in bytes.
sig[out] The destination for the signature, 'r' followed by 's'.
keyKey used for signature generation. See cy_stc_crypto_ecc_key.
sigTypesignature Type. CY_CRYPTO_EDDSA_PURE,CY_CRYPTO_EDDSA_CTX or CY_CRYPTO_EDDSA_PREHASH
sigctxsignature context. can be NULL if EDDSA_PURE is used or if no context is provided.
sigctx_lenThe length of the signature context
Returns
status code. See cy_en_crypto_status_t.

◆ Cy_Crypto_Core_ED25519_PointMultiplication()

cy_en_crypto_status_t Cy_Crypto_Core_ED25519_PointMultiplication ( CRYPTO_Type *  base,
cy_en_crypto_ecc_curve_id_t  curveID,
const uint8_t *  ecpGX,
const uint8_t *  ecpGY,
const uint8_t *  ecpD,
uint8_t *  ecpQX,
uint8_t *  ecpQY 
)

Edwards 25519 elliptic curve point multiplication in GF(p).

For CAT1C & CAT1D devices with DCache enabled this API is not supported.

Parameters
baseThe pointer to a Crypto instance.
curveIDSee cy_en_crypto_ecc_curve_id_t.
ecpGXX coordinate of base point.
ecpGYY coordinate of base point.
ecpDmultiplication scalar value.
ecpQXX coordinate of result point.
ecpQYY coordinate of result point.
Returns
status code. See cy_en_crypto_status_t.

◆ Cy_Crypto_Core_ED25519_PointDecode()

cy_en_crypto_status_t Cy_Crypto_Core_ED25519_PointDecode ( CRYPTO_Type *  base,
cy_en_crypto_ecc_curve_id_t  curveID,
const uint8_t *  publicKey,
uint8_t *  pubKey_x,
uint8_t *  pubKey_y 
)

Decode ED25519 encoded public key in to x and y.

For CAT1C & CAT1D devices with DCache enabled this API is not supported.

Parameters
baseThe pointer to a Crypto instance.
curveIDSee cy_en_crypto_ecc_curve_id_t.
publicKey[in] encoded 32 byte Public key.
pubKey_x[out] Decoded 32 bytes Public key x in little-endian format.
pubKey_y[out] Decoded 32 bytes Public key y in little-endian format.
Returns
status code. See cy_en_crypto_status_t.

◆ Cy_Crypto_Core_ED25519_Verify()

cy_en_crypto_status_t Cy_Crypto_Core_ED25519_Verify ( CRYPTO_Type *  base,
uint8_t *  sig,
const uint8_t *  hash,
uint32_t  hashlen,
const cy_stc_crypto_ecc_key key,
uint32_t *  stat,
cy_en_eddsa_sig_type_t  sigType,
const uint8_t *  sigctx,
uint32_t  sigctx_len 
)

Verify ED25519 signed message.

For CAT1C & CAT1D devices with DCache enabled this API is not supported.

Parameters
baseThe pointer to a Crypto instance.
sigThe signature to verify, 'R' followed by 'S'.
hashThe hash or message that was signed.
hashlenThe length of the hash or message (octets).
statResult of signature verification, 0xA1A1A1A1==valid, 0x00BADBAD==invalid.
keyThe corresponding uncompressed public key to use (little-endian). See cy_stc_crypto_ecc_key.
sigTypesignature Type. CY_CRYPTO_EDDSA_PURE,CY_CRYPTO_EDDSA_CTX or CY_CRYPTO_EDDSA_PREHASH
sigctxsignature context. can be NULL if EDDSA_PURE is used or if no context is provided.
sigctx_lenThe length of the signature context
Returns
status code. See cy_en_crypto_status_t.

◆ Cy_Crypto_Core_ED25519_MakePublicKey()

cy_en_crypto_status_t Cy_Crypto_Core_ED25519_MakePublicKey ( CRYPTO_Type *  base,
cy_en_crypto_ecc_curve_id_t  curveID,
const uint8_t *  privateKey,
cy_stc_crypto_ecc_key publicKey 
)

Make a new ED25519 public key.

For CAT1C & CAT1D devices with DCache enabled this API is not supported.

Parameters
baseThe pointer to a Crypto instance.
curveIDSee cy_en_crypto_ecc_curve_id_t.
privateKey[in] Private key.
publicKey[out] Newly created Public key. See cy_stc_crypto_ecc_key.
Returns
status code. See cy_en_crypto_status_t.

◆ Cy_Crypto_Core_EC25519_MakePublicKey()

cy_en_crypto_status_t Cy_Crypto_Core_EC25519_MakePublicKey ( CRYPTO_Type *  base,
const uint8_t *  privateKey,
cy_stc_crypto_ecc_key publicKey 
)

Make a new EC25519 public key.

For CAT1C & CAT1D devices when D-Cache is enabled parameters privateKey and x of publicKey must align and end in 32 byte boundary.

Parameters
baseThe pointer to a Crypto instance.
privateKey[out] Destination of the newly created key.
publicKeySee cy_stc_crypto_ecc_key.
Returns
status code. See cy_en_crypto_status_t.

◆ Cy_Crypto_Core_EC25519_MakePrivateKey()

cy_en_crypto_status_t Cy_Crypto_Core_EC25519_MakePrivateKey ( CRYPTO_Type *  base,
uint8_t *  key,
cy_func_get_random_data_t  GetRandomDataFunc,
void *  randomDataInfo 
)

Make a new EC25519 private key.

For CAT1C & CAT1D devices when D-Cache is enabled parameter key must align and end in 32 byte boundary.

Parameters
baseThe pointer to a Crypto instance.
key[out] Destination of the newly created key.
GetRandomDataFuncSee cy_func_get_random_data_t.
randomDataInfo
Returns
status code. See cy_en_crypto_status_t.

◆ Cy_Crypto_Core_EC25519_PointMultiplication()

cy_en_crypto_status_t Cy_Crypto_Core_EC25519_PointMultiplication ( CRYPTO_Type *  base,
uint8_t *  p_r,
const uint8_t *  p_x,
const uint8_t *  p_d 
)

EC25519 Elliptic curve point multiplication in GF(p).

Parameters
baseThe pointer to a Crypto instance.
p_rPointer to result point.
p_xPointer to X coordinate of base point.
p_dPointer to Scalar multiplication value.
Returns
status code. See cy_en_crypto_status_t.

◆ Cy_Crypto_Core_EC_NistP_PointMultiplication()

cy_en_crypto_status_t Cy_Crypto_Core_EC_NistP_PointMultiplication ( CRYPTO_Type *  base,
cy_en_crypto_ecc_curve_id_t  curveID,
const uint8_t *  ecpGX,
const uint8_t *  ecpGY,
const uint8_t *  ecpD,
uint8_t *  ecpQX,
uint8_t *  ecpQY 
)

Elliptic curve point multiplication in GF(p).

For CAT1C & CAT1D devices when D-Cache is enabled parameter ecpGX, ecpGY, ecpD, ecpQX & ecpQY must align and end in 32 byte boundary.

Parameters
baseThe pointer to a Crypto instance.
curveIDSee cy_en_crypto_ecc_curve_id_t.
ecpGXRegister index for affine X coordinate of base point.
ecpGYRegister index for affine Y coordinate of base point.
ecpDRegister index for multiplication value.
ecpQXRegister index for affine X coordinate of result point.
ecpQYRegister index for affine Y coordinate of result point.
Returns
status code. See cy_en_crypto_status_t.