OPTIGA™ Trust M
Host Library Documentation
Data Structures
optiga/include/optiga/pal/pal_crypt.h File Reference
Platform Abstraction Layer

This file provides the prototype declarations of PAL crypt. More...

#include "optiga/common/optiga_lib_types.h"
#include "optiga/pal/pal.h"
Include dependency graph for optiga/include/optiga/pal/pal_crypt.h:

Go to the source code of this file.

Data Structures

struct  pal_crypt_t
 PAL crypt context structure. More...
 
typedef struct pal_crypt_t pal_crypt_t
 PAL crypt context structure. More...
 
LIBRARY_EXPORTS pal_status_t pal_crypt_tls_prf_sha256 (pal_crypt_t *p_pal_crypt, const uint8_t *p_secret, uint16_t secret_length, const uint8_t *p_label, uint16_t label_length, const uint8_t *p_seed, uint16_t seed_length, uint8_t *p_derived_key, uint16_t derived_key_length)
 Derives the key using the TLS PRF SHA256 for a given secret. More...
 
LIBRARY_EXPORTS pal_status_t pal_crypt_encrypt_aes128_ccm (pal_crypt_t *p_pal_crypt, const uint8_t *p_plain_text, uint16_t plain_text_length, const uint8_t *p_encrypt_key, const uint8_t *p_nonce, uint16_t nonce_length, const uint8_t *p_associated_data, uint16_t associated_data_length, uint8_t mac_size, uint8_t *p_cipher_text)
 Encrypts the input plain text using AES CCM algorithm and provides the cipher text as well as MAC into output buffer. More...
 
LIBRARY_EXPORTS pal_status_t pal_crypt_decrypt_aes128_ccm (pal_crypt_t *p_pal_crypt, const uint8_t *p_cipher_text, uint16_t cipher_text_length, const uint8_t *p_decrypt_key, const uint8_t *p_nonce, uint16_t nonce_length, const uint8_t *p_associated_data, uint16_t associated_data_length, uint8_t mac_size, uint8_t *p_plain_text)
 Decrypts the cipher text using AES CCM algorithm and provides the plain text. More...
 
pal_status_t pal_crypt_version (uint8_t *p_crypt_lib_version_info, uint16_t *length)
 Gets the external crypto library version number. More...
 

Detailed Description

This file provides the prototype declarations of PAL crypt.

Author
Infineon Technologies AG

Definition in file optiga/include/optiga/pal/pal_crypt.h.

Typedef Documentation

◆ pal_crypt_t

typedef struct pal_crypt_t pal_crypt_t

PAL crypt context structure.

Function Documentation

◆ pal_crypt_decrypt_aes128_ccm()

LIBRARY_EXPORTS pal_status_t pal_crypt_decrypt_aes128_ccm ( pal_crypt_t p_pal_crypt,
const uint8_t *  p_cipher_text,
uint16_t  cipher_text_length,
const uint8_t *  p_decrypt_key,
const uint8_t *  p_nonce,
uint16_t  nonce_length,
const uint8_t *  p_associated_data,
uint16_t  associated_data_length,
uint8_t  mac_size,
uint8_t *  p_plain_text 
)

Decrypts the cipher text using AES CCM algorithm and provides the plain text.

Decrypts the cipher text using AES CCM algorithm and provides the plain text.

  • Decrypts the cipher text using the provided decryption key, nonce and associated data
  • This operation validates the MAC internally and provided the plain text if the MAC is successfully validated.
Precondition
  • None
Note
  • If mac_size is set to 8 AES128_CCM_8 algorithm will be used for decryption.
  • If mac_size is set to 16 AES128_CCM algorithm will be used for decryption.
Parameters
[in]p_pal_cryptCrypt context
[in]p_cipher_textValid pointer to the Cipher text + MAC data.
[in]cipher_text_lengthCipher text data size.
[in]p_decrypt_keyValid pointer to decrypt key.
[in]p_nonceValid pointer to Nonce data.
[in]nonce_lengthNonce size.
[in]p_associated_dataValid pointer to Associated data.
[in]associated_data_lengthAssociated data size.
[in]mac_sizeLength of MAC data.
[in,out]p_plain_textValid pointer to store plain text. Buffer length must be at-least Cipher_text_length - mac_size.
Return values
PAL_STATUS_SUCCESSIn case of success
PAL_STATUS_FAILUREIn case of failure

◆ pal_crypt_encrypt_aes128_ccm()

LIBRARY_EXPORTS pal_status_t pal_crypt_encrypt_aes128_ccm ( pal_crypt_t p_pal_crypt,
const uint8_t *  p_plain_text,
uint16_t  plain_text_length,
const uint8_t *  p_encrypt_key,
const uint8_t *  p_nonce,
uint16_t  nonce_length,
const uint8_t *  p_associated_data,
uint16_t  associated_data_length,
uint8_t  mac_size,
uint8_t *  p_cipher_text 
)

Encrypts the input plain text using AES CCM algorithm and provides the cipher text as well as MAC into output buffer.

Encrypts the input plain text using AES CCM algorithm and provides the cipher text as well as MAC into output buffer.

  • Encrypts the given plain text using the provided encryption key, nonce and associated data.
Precondition
  • None
Note
  • If mac_size is set to 8 AES128_CCM_8 algorithm will be used for encryption.
  • If mac_size is set to 16 AES128_CCM algorithm will be used for encryption.
Parameters
[in]p_pal_cryptCrypt context
[in]p_plain_textValid pointer to plain text data.
[in]plain_text_lengthPlain text data size.
[in]p_encrypt_keyValid pointer to Encrypt key .
[in]p_nonceValid pointer to Nonce data.
[in]nonce_lengthNonce data size.
[in]p_associated_dataValid pointer to Associated data.
[in]associated_data_lengthAssociated data size.
[in]mac_sizeLength of expected MAC data.
[in,out]p_cipher_textValid pointer to store cipher text and MAC output. Buffer length must be at-least plain_text_length + MAC mac_size.
Return values
PAL_STATUS_SUCCESSIn case of success
PAL_STATUS_FAILUREIn case of failure

◆ pal_crypt_tls_prf_sha256()

LIBRARY_EXPORTS pal_status_t pal_crypt_tls_prf_sha256 ( pal_crypt_t p_pal_crypt,
const uint8_t *  p_secret,
uint16_t  secret_length,
const uint8_t *  p_label,
uint16_t  label_length,
const uint8_t *  p_seed,
uint16_t  seed_length,
uint8_t *  p_derived_key,
uint16_t  derived_key_length 
)

Derives the key using the TLS PRF SHA256 for a given secret.

Derives the key using the TLS PRF SHA256 for a given secret.

  • Derives a key using the user provided secret.
Precondition
  • None
Note
  • None
Parameters
[in]p_pal_cryptCrypt context
[in]p_secretValid pointer to input shared secret.
[in]secret_lengthLength of the shared secret.
[in]p_labelValid pointer to Label for PRF calculation.
[in]label_lengthLabel length.
[in]p_seedValid pointer to the buffer which contains seed.
[in]seed_lengthseed length.
[in,out]p_derived_keyValid pointer to the buffer where PRF output to be saved.
[in]derived_key_lengthLength of the key to be derived from secret.
Return values
PAL_STATUS_SUCCESSIn case of success
PAL_STATUS_FAILUREIn case of failure

◆ pal_crypt_version()

pal_status_t pal_crypt_version ( uint8_t *  p_crypt_lib_version_info,
uint16_t *  length 
)

Gets the external crypto library version number.

Gets the external crypto library version number.

Precondition
  • None
Note
  • Format of version information : vX.Y.Z
  • mbedTLS Version: vX.Y.Z
Parameters
[in,out]p_crypt_lib_version_infoValid pointer to store the version number.
[in,out]lengthversion number size.
Return values
PAL_STATUS_SUCCESSIn case of success
PAL_STATUS_FAILUREIn case of failure
Copyright © 2021 Infineon Technologies AG