Tizen HAL API  1.0
Typedefs
Keys
Security

The Keys provides functions to handle keys and data related operations.

Required Header

#include <hal/hal-security-keys.h>

Overview

The Security Keys provides functions to handle keys and data related operations

The Security Keys functions provide methods to:

For more information on the Security Keys features and the macros, see HAL Security programming guides and tutorials.

Typedefs

typedef struct
_hal_backend_security_keys_funcs 		hal_backend_security_keys_funcs
 Structure for security keys functions.
typedef size_t hal_security_keys_cipher_context_t
 Type for cipher context.

Data Structure Documentation

struct _hal_backend_security_keys_funcs

Structure for security keys functions.

Since:
HAL_MODULE_SECURITY_KEYS 1.0

Data Fields

int(* context_initialize )(hal_security_keys_context_s *context)
int(* context_free )(hal_security_keys_context_s *context)
int(* create_iv )(const hal_security_keys_context_s context, hal_security_keys_data_s *iv)
int(* create_key_aes )(const hal_security_keys_context_s context, const size_t key_size_bits, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_s key_pwd, hal_security_keys_data_s *key_tag)
int(* create_key_pair_rsa )(const hal_security_keys_context_s context, const size_t key_size_bits, const hal_security_keys_data_s priv_key_id, const hal_security_keys_password_iv_s priv_key_pwd, const hal_security_keys_data_s pub_key_id, const hal_security_keys_password_iv_s pub_key_pwd, hal_security_keys_data_s *priv_key_tag, hal_security_keys_data_s *pub_key_tag)
int(* create_key_pair_dsa )(const hal_security_keys_context_s context, const size_t key_size_bits, const hal_security_keys_data_s prime, const hal_security_keys_data_s subprime, const hal_security_keys_data_s base, const hal_security_keys_data_s priv_key_id, const hal_security_keys_password_iv_s priv_key_pwd, const hal_security_keys_data_s pub_key_id, const hal_security_keys_password_iv_s pub_key_pwd, hal_security_keys_data_s *priv_key_tag, hal_security_keys_data_s *pub_key_tag)
int(* create_key_pair_ecdsa )(const hal_security_keys_context_s context, const hal_security_keys_ec_type_e ec_type, const hal_security_keys_data_s priv_key_id, const hal_security_keys_password_iv_s priv_key_pwd, const hal_security_keys_data_s pub_key_id, const hal_security_keys_password_iv_s pub_key_pwd, hal_security_keys_data_s *priv_key_tag, hal_security_keys_data_s *pub_key_tag)
int(* create_key_pair_kem )(const hal_security_keys_context_s context, const hal_security_keys_kem_type_e kem_type, const hal_security_keys_data_s priv_key_id, const hal_security_keys_password_iv_s priv_key_pwd, const hal_security_keys_data_s pub_key_id, const hal_security_keys_password_iv_s pub_key_pwd, hal_security_keys_data_s *priv_key_tag, hal_security_keys_data_s *pub_key_tag)
int(* import_wrapped_key )(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, const hal_security_keys_data_s iv, const hal_security_keys_data_s aad, const size_t ctr_len_or_tag_size_bits, const hal_security_keys_data_s wrapping_key_id, const hal_security_keys_password_iv_tag_s wrapping_key_pwd, const hal_security_keys_data_s wrapped_key, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_s key_pwd, const hal_security_keys_data_type_e key_type, hal_security_keys_data_s *key_tag)
int(* export_wrapped_key )(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, const hal_security_keys_data_s iv, const hal_security_keys_data_s aad, const size_t ctr_len_or_tag_size_bits, const hal_security_keys_data_s wrapping_key_id, const hal_security_keys_password_iv_tag_s wrapping_key_pwd, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_type_e key_type, hal_security_keys_data_s *wrapped_key)
int(* encapsulate_key )(const hal_security_keys_context_s context, const hal_security_keys_kem_type_e kem_type, const hal_security_keys_data_s pub_key_id, const hal_security_keys_password_iv_tag_s pub_key_pwd, const hal_security_keys_data_s shared_secret_id, const hal_security_keys_password_iv_s shared_secret_pwd, hal_security_keys_data_s *ciphertext, hal_security_keys_data_s *shared_secret_tag)
int(* decapsulate_key )(const hal_security_keys_context_s context, const hal_security_keys_kem_type_e kem_type, const hal_security_keys_data_s priv_key_id, const hal_security_keys_password_iv_tag_s priv_key_pwd, const hal_security_keys_data_s shared_secret_id, const hal_security_keys_password_iv_s shared_secret_pwd, const hal_security_keys_data_s ciphertext, hal_security_keys_data_s *shared_secret_tag)
int(* destroy_key )(const hal_security_keys_context_s context, const hal_security_keys_data_s key_id)
int(* import_data )(const hal_security_keys_context_s context, const hal_security_keys_data_s data_id, const hal_security_keys_password_iv_s data_pwd, const hal_security_keys_data_type_e data_type, const hal_security_keys_data_s data, const hal_security_keys_data_s data_encryption_iv, const hal_security_keys_data_s data_encryption_tag, hal_security_keys_data_s *data_tag)
int(* export_data )(const hal_security_keys_context_s context, const hal_security_keys_data_s data_id, const hal_security_keys_password_iv_tag_s data_pwd, const hal_security_keys_data_type_e data_type, hal_security_keys_data_s *data)
int(* wrap_concatenated_data )(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, const hal_security_keys_data_s wrapping_key_id, const hal_security_keys_password_iv_tag_s wrapping_key_pwd, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, hal_security_keys_data_s *wrapped_key)
int(* unwrap_concatenated_data )(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, const hal_security_keys_data_s wrapping_key_id, const hal_security_keys_password_iv_tag_s wrapping_key_pwd, const hal_security_keys_data_s wrapped_key, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_s key_pwd, const hal_security_keys_data_type_e key_type, const size_t key_size_bits, hal_security_keys_data_s *data, hal_security_keys_data_s *key_tag)
int(* encrypt_data_auth )(const hal_security_keys_context_s context, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, const hal_security_keys_data_s iv, const hal_security_keys_data_s aad, const size_t tag_size_bits, hal_security_keys_data_s *tag, hal_security_keys_data_s *out)
int(* decrypt_data_auth )(const hal_security_keys_context_s context, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, const hal_security_keys_data_s iv, const hal_security_keys_data_s aad, const size_t tag_size_bits, const hal_security_keys_data_s tag, hal_security_keys_data_s *out)
int(* encrypt_data )(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, const hal_security_keys_padding_algorithm_e padding, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, const hal_security_keys_data_s iv, hal_security_keys_data_s *out)
int(* decrypt_data )(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, const hal_security_keys_padding_algorithm_e padding, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, const hal_security_keys_data_s iv, hal_security_keys_data_s *out)
int(* destroy_data )(const hal_security_keys_context_s context, const hal_security_keys_data_s data_id)
int(* cipher_initialize )(const hal_security_keys_context_s context, const bool encrypt, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s iv, const hal_security_keys_data_s aad, const size_t tag_size_bits, hal_security_keys_cipher_context_t *cipher_context)
int(* cipher_add_aad )(const hal_security_keys_context_s context, const hal_security_keys_cipher_context_t cipher_context, const hal_security_keys_data_s aad)
int(* cipher_update )(const hal_security_keys_context_s context, const hal_security_keys_cipher_context_t cipher_context, const hal_security_keys_data_s data, hal_security_keys_data_s *out)
int(* cipher_finalize )(const hal_security_keys_context_s context, const hal_security_keys_cipher_context_t cipher_context, const hal_security_keys_data_s data, hal_security_keys_data_s *out)
int(* cipher_free )(const hal_security_keys_context_s context, const hal_security_keys_cipher_context_t cipher_context)
int(* create_signature )(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, const hal_security_keys_data_s priv_key_id, const hal_security_keys_password_iv_tag_s priv_key_pwd, const hal_security_keys_data_s message, hal_security_keys_data_s *signature)
int(* verify_signature )(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, const hal_security_keys_data_s pub_key_id, const hal_security_keys_password_iv_tag_s pub_key_pwd, const hal_security_keys_data_s message, const hal_security_keys_data_s signature)
int(* derive_ecdh )(const hal_security_keys_context_s context, const hal_security_keys_ec_type_e ec_type, const hal_security_keys_data_s pub_key_x, const hal_security_keys_data_s pub_key_y, const hal_security_keys_data_s priv_key_id, const hal_security_keys_password_iv_tag_s priv_key_pwd, const hal_security_keys_data_s secret_id, const hal_security_keys_password_iv_s secret_pwd, hal_security_keys_data_s *secret_tag)
int(* derive_kbkdf )(const hal_security_keys_context_s context, const hal_security_keys_kbkdf_params_s params, const hal_security_keys_data_s secret_id, const hal_security_keys_password_iv_tag_s secret_pwd, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_s key_pwd, hal_security_keys_data_s *key_tag)
int(* derive_hybrid_kbkdf )(const hal_security_keys_context_s context, const hal_security_keys_kbkdf_params_s params, const hal_security_keys_data_s first_secret_id, const hal_security_keys_password_iv_tag_s first_secret_pwd, const hal_security_keys_data_s second_secret_id, const hal_security_keys_password_iv_tag_s second_secret_pwd, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_s key_pwd, hal_security_keys_data_s *key_tag)
int(* get_max_chunk_size )(const hal_security_keys_context_s context, size_t *chunk_size)
int(* create_key_dbp )(const bool destroy_old)
int(* encrypt_data_dbp )(const hal_security_keys_dbp_scheme_version_e dbp_scheme_version, const hal_security_keys_data_s data, const hal_security_keys_data_s iv, hal_security_keys_data_s *out)
bool(* is_tz_supported )(void)
bool(* is_se_supported )(void)

Field Documentation

int(* _hal_backend_security_keys_funcs::cipher_add_aad)(const hal_security_keys_context_s context, const hal_security_keys_cipher_context_t cipher_context, const hal_security_keys_data_s aad)

Add AAD

int(* _hal_backend_security_keys_funcs::cipher_finalize)(const hal_security_keys_context_s context, const hal_security_keys_cipher_context_t cipher_context, const hal_security_keys_data_s data, hal_security_keys_data_s *out)

Finalize cipher

int(* _hal_backend_security_keys_funcs::cipher_free)(const hal_security_keys_context_s context, const hal_security_keys_cipher_context_t cipher_context)

Cleanup cipher

int(* _hal_backend_security_keys_funcs::cipher_initialize)(const hal_security_keys_context_s context, const bool encrypt, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s iv, const hal_security_keys_data_s aad, const size_t tag_size_bits, hal_security_keys_cipher_context_t *cipher_context)

Initialize cipher

int(* _hal_backend_security_keys_funcs::cipher_update)(const hal_security_keys_context_s context, const hal_security_keys_cipher_context_t cipher_context, const hal_security_keys_data_s data, hal_security_keys_data_s *out)

Update cipher

int(* _hal_backend_security_keys_funcs::context_free)(hal_security_keys_context_s *context)

Free HAL backend context

int(* _hal_backend_security_keys_funcs::context_initialize)(hal_security_keys_context_s *context)

Initialize HAL backend context

int(* _hal_backend_security_keys_funcs::create_iv)(const hal_security_keys_context_s context, hal_security_keys_data_s *iv)

Create initialization vector

int(* _hal_backend_security_keys_funcs::create_key_aes)(const hal_security_keys_context_s context, const size_t key_size_bits, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_s key_pwd, hal_security_keys_data_s *key_tag)

Create AES key

int(* _hal_backend_security_keys_funcs::create_key_dbp)(const bool destroy_old)

Create DBP key

int(* _hal_backend_security_keys_funcs::create_key_pair_dsa)(const hal_security_keys_context_s context, const size_t key_size_bits, const hal_security_keys_data_s prime, const hal_security_keys_data_s subprime, const hal_security_keys_data_s base, const hal_security_keys_data_s priv_key_id, const hal_security_keys_password_iv_s priv_key_pwd, const hal_security_keys_data_s pub_key_id, const hal_security_keys_password_iv_s pub_key_pwd, hal_security_keys_data_s *priv_key_tag, hal_security_keys_data_s *pub_key_tag)

Create DSA key pair

int(* _hal_backend_security_keys_funcs::create_key_pair_ecdsa)(const hal_security_keys_context_s context, const hal_security_keys_ec_type_e ec_type, const hal_security_keys_data_s priv_key_id, const hal_security_keys_password_iv_s priv_key_pwd, const hal_security_keys_data_s pub_key_id, const hal_security_keys_password_iv_s pub_key_pwd, hal_security_keys_data_s *priv_key_tag, hal_security_keys_data_s *pub_key_tag)

Create ECDSA key pair

int(* _hal_backend_security_keys_funcs::create_key_pair_kem)(const hal_security_keys_context_s context, const hal_security_keys_kem_type_e kem_type, const hal_security_keys_data_s priv_key_id, const hal_security_keys_password_iv_s priv_key_pwd, const hal_security_keys_data_s pub_key_id, const hal_security_keys_password_iv_s pub_key_pwd, hal_security_keys_data_s *priv_key_tag, hal_security_keys_data_s *pub_key_tag)

Create KEM key pair

int(* _hal_backend_security_keys_funcs::create_key_pair_rsa)(const hal_security_keys_context_s context, const size_t key_size_bits, const hal_security_keys_data_s priv_key_id, const hal_security_keys_password_iv_s priv_key_pwd, const hal_security_keys_data_s pub_key_id, const hal_security_keys_password_iv_s pub_key_pwd, hal_security_keys_data_s *priv_key_tag, hal_security_keys_data_s *pub_key_tag)

Create RSA key pair

int(* _hal_backend_security_keys_funcs::create_signature)(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, const hal_security_keys_data_s priv_key_id, const hal_security_keys_password_iv_tag_s priv_key_pwd, const hal_security_keys_data_s message, hal_security_keys_data_s *signature)

Create signature

int(* _hal_backend_security_keys_funcs::decapsulate_key)(const hal_security_keys_context_s context, const hal_security_keys_kem_type_e kem_type, const hal_security_keys_data_s priv_key_id, const hal_security_keys_password_iv_tag_s priv_key_pwd, const hal_security_keys_data_s shared_secret_id, const hal_security_keys_password_iv_s shared_secret_pwd, const hal_security_keys_data_s ciphertext, hal_security_keys_data_s *shared_secret_tag)

Decapsulate key

int(* _hal_backend_security_keys_funcs::decrypt_data)(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, const hal_security_keys_padding_algorithm_e padding, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, const hal_security_keys_data_s iv, hal_security_keys_data_s *out)

Decrypt data

int(* _hal_backend_security_keys_funcs::decrypt_data_auth)(const hal_security_keys_context_s context, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, const hal_security_keys_data_s iv, const hal_security_keys_data_s aad, const size_t tag_size_bits, const hal_security_keys_data_s tag, hal_security_keys_data_s *out)

Authenticated data decryption

int(* _hal_backend_security_keys_funcs::derive_ecdh)(const hal_security_keys_context_s context, const hal_security_keys_ec_type_e ec_type, const hal_security_keys_data_s pub_key_x, const hal_security_keys_data_s pub_key_y, const hal_security_keys_data_s priv_key_id, const hal_security_keys_password_iv_tag_s priv_key_pwd, const hal_security_keys_data_s secret_id, const hal_security_keys_password_iv_s secret_pwd, hal_security_keys_data_s *secret_tag)

Derive ECDH

int(* _hal_backend_security_keys_funcs::derive_hybrid_kbkdf)(const hal_security_keys_context_s context, const hal_security_keys_kbkdf_params_s params, const hal_security_keys_data_s first_secret_id, const hal_security_keys_password_iv_tag_s first_secret_pwd, const hal_security_keys_data_s second_secret_id, const hal_security_keys_password_iv_tag_s second_secret_pwd, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_s key_pwd, hal_security_keys_data_s *key_tag)

Derive hybrid KBKDF

int(* _hal_backend_security_keys_funcs::derive_kbkdf)(const hal_security_keys_context_s context, const hal_security_keys_kbkdf_params_s params, const hal_security_keys_data_s secret_id, const hal_security_keys_password_iv_tag_s secret_pwd, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_s key_pwd, hal_security_keys_data_s *key_tag)

Derive KBKDF

int(* _hal_backend_security_keys_funcs::destroy_data)(const hal_security_keys_context_s context, const hal_security_keys_data_s data_id)

Destroy data

int(* _hal_backend_security_keys_funcs::destroy_key)(const hal_security_keys_context_s context, const hal_security_keys_data_s key_id)

Destroy key

int(* _hal_backend_security_keys_funcs::encapsulate_key)(const hal_security_keys_context_s context, const hal_security_keys_kem_type_e kem_type, const hal_security_keys_data_s pub_key_id, const hal_security_keys_password_iv_tag_s pub_key_pwd, const hal_security_keys_data_s shared_secret_id, const hal_security_keys_password_iv_s shared_secret_pwd, hal_security_keys_data_s *ciphertext, hal_security_keys_data_s *shared_secret_tag)

Encapsulate key

int(* _hal_backend_security_keys_funcs::encrypt_data)(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, const hal_security_keys_padding_algorithm_e padding, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, const hal_security_keys_data_s iv, hal_security_keys_data_s *out)

Encrypt data

int(* _hal_backend_security_keys_funcs::encrypt_data_auth)(const hal_security_keys_context_s context, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, const hal_security_keys_data_s iv, const hal_security_keys_data_s aad, const size_t tag_size_bits, hal_security_keys_data_s *tag, hal_security_keys_data_s *out)

Authenticated data encryption

int(* _hal_backend_security_keys_funcs::encrypt_data_dbp)(const hal_security_keys_dbp_scheme_version_e dbp_scheme_version, const hal_security_keys_data_s data, const hal_security_keys_data_s iv, hal_security_keys_data_s *out)

Encrypt data with DBP key

int(* _hal_backend_security_keys_funcs::export_data)(const hal_security_keys_context_s context, const hal_security_keys_data_s data_id, const hal_security_keys_password_iv_tag_s data_pwd, const hal_security_keys_data_type_e data_type, hal_security_keys_data_s *data)

Export data

int(* _hal_backend_security_keys_funcs::export_wrapped_key)(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, const hal_security_keys_data_s iv, const hal_security_keys_data_s aad, const size_t ctr_len_or_tag_size_bits, const hal_security_keys_data_s wrapping_key_id, const hal_security_keys_password_iv_tag_s wrapping_key_pwd, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_type_e key_type, hal_security_keys_data_s *wrapped_key)

Export wrapped key

int(* _hal_backend_security_keys_funcs::get_max_chunk_size)(const hal_security_keys_context_s context, size_t *chunk_size)

Get max chunk size

int(* _hal_backend_security_keys_funcs::import_data)(const hal_security_keys_context_s context, const hal_security_keys_data_s data_id, const hal_security_keys_password_iv_s data_pwd, const hal_security_keys_data_type_e data_type, const hal_security_keys_data_s data, const hal_security_keys_data_s data_encryption_iv, const hal_security_keys_data_s data_encryption_tag, hal_security_keys_data_s *data_tag)

Import data

int(* _hal_backend_security_keys_funcs::import_wrapped_key)(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, const hal_security_keys_data_s iv, const hal_security_keys_data_s aad, const size_t ctr_len_or_tag_size_bits, const hal_security_keys_data_s wrapping_key_id, const hal_security_keys_password_iv_tag_s wrapping_key_pwd, const hal_security_keys_data_s wrapped_key, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_s key_pwd, const hal_security_keys_data_type_e key_type, hal_security_keys_data_s *key_tag)

Import wrapped key

bool(* _hal_backend_security_keys_funcs::is_se_supported)(void)

Check if SE backend is supported

bool(* _hal_backend_security_keys_funcs::is_tz_supported)(void)

Check if TZ backend is supported

int(* _hal_backend_security_keys_funcs::unwrap_concatenated_data)(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, const hal_security_keys_data_s wrapping_key_id, const hal_security_keys_password_iv_tag_s wrapping_key_pwd, const hal_security_keys_data_s wrapped_key, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_s key_pwd, const hal_security_keys_data_type_e key_type, const size_t key_size_bits, hal_security_keys_data_s *data, hal_security_keys_data_s *key_tag)

Unwrap concatenated data

int(* _hal_backend_security_keys_funcs::verify_signature)(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, const hal_security_keys_data_s pub_key_id, const hal_security_keys_password_iv_tag_s pub_key_pwd, const hal_security_keys_data_s message, const hal_security_keys_data_s signature)

Verify signature

int(* _hal_backend_security_keys_funcs::wrap_concatenated_data)(const hal_security_keys_context_s context, const hal_security_keys_algo_type_e algo, const hal_security_keys_hash_algorithm_e hash, const hal_security_keys_data_s wrapping_key_id, const hal_security_keys_password_iv_tag_s wrapping_key_pwd, const hal_security_keys_data_s key_id, const hal_security_keys_password_iv_tag_s key_pwd, const hal_security_keys_data_s data, hal_security_keys_data_s *wrapped_key)

Wrap concatenated data

struct hal_security_keys_context_s

Structure for security keys context.

Since:
HAL_MODULE_SECURITY_KEYS 1.0

Data Fields

void * ctx
void * session

Field Documentation

void* hal_security_keys_context_s::ctx

Backend context

void* hal_security_keys_context_s::session

Backend session

struct hal_security_keys_data_s

Structure for binary data exchange.

Since:
HAL_MODULE_SECURITY_KEYS 1.0

Data Fields

unsigned char * buffer
size_t length

Field Documentation

unsigned char* hal_security_keys_data_s::buffer

Binary data buffer

size_t hal_security_keys_data_s::length

Binary data length

struct hal_security_keys_password_iv_s

Structure for password and iv params exchange.

Since:
HAL_MODULE_SECURITY_KEYS 1.0

Data Fields

hal_security_keys_data_s password
hal_security_keys_data_s iv

Field Documentation

hal_security_keys_data_s hal_security_keys_password_iv_s::iv

Initialization vector buffer

hal_security_keys_data_s hal_security_keys_password_iv_s::password

Password buffer

struct hal_security_keys_password_iv_tag_s

Structure for password, iv and tag params exchange.

Since:
HAL_MODULE_SECURITY_KEYS 1.0

Data Fields

hal_security_keys_data_s password
hal_security_keys_data_s iv
hal_security_keys_data_s tag

Field Documentation

hal_security_keys_data_s hal_security_keys_password_iv_tag_s::iv

Initialization vector buffer

hal_security_keys_data_s hal_security_keys_password_iv_tag_s::password

Password buffer

hal_security_keys_data_s hal_security_keys_password_iv_tag_s::tag

Tag buffer

struct hal_security_keys_kbkdf_params_s

Structure for KBKDF params exchange.

Since:
HAL_MODULE_SECURITY_KEYS 1.0

Data Fields

hal_security_keys_kdf_prf_type_e prf
size_t length
hal_security_keys_kbkdf_mode_e mode
hal_security_keys_data_s label
hal_security_keys_data_s context
hal_security_keys_data_s fixed
hal_security_keys_kbkdf_counter_location_e location
size_t rlen
size_t llen
bool no_separator

Field Documentation

hal_security_keys_data_s hal_security_keys_kbkdf_params_s::context

Information related to the derived key

hal_security_keys_data_s hal_security_keys_kbkdf_params_s::fixed

KBKDF fixed input replacing context and label

hal_security_keys_data_s hal_security_keys_kbkdf_params_s::label

Purpose for the derived key

size_t hal_security_keys_kbkdf_params_s::length

Length of the derived key in bytes

size_t hal_security_keys_kbkdf_params_s::llen

Specifies the extent of the length suffix representation in bits

hal_security_keys_kbkdf_counter_location_e hal_security_keys_kbkdf_params_s::location

Specifies location of the counter

hal_security_keys_kbkdf_mode_e hal_security_keys_kbkdf_params_s::mode

KDF mode

bool hal_security_keys_kbkdf_params_s::no_separator

Skip the zero octet separator between label and context

hal_security_keys_kdf_prf_type_e hal_security_keys_kbkdf_params_s::prf

Pseudo-random function

size_t hal_security_keys_kbkdf_params_s::rlen

Specifies the length of the counter representation in bits

Typedef Documentation

typedef struct _hal_backend_security_keys_funcs hal_backend_security_keys_funcs

Structure for security keys functions.

Since:
HAL_MODULE_SECURITY_KEYS 1.0
typedef size_t hal_security_keys_cipher_context_t

Type for cipher context.

Since:
HAL_MODULE_SECURITY_KEYS 1.0

Enumeration Type Documentation

enum hal_security_keys_algo_type_e

Enumeration for algorithm type.

Since:
HAL_MODULE_SECURITY_KEYS 1.0
Enumerator:
HAL_SECURITY_KEYS_ALGO_TYPE_AES_CTR 

AES CTR

HAL_SECURITY_KEYS_ALGO_TYPE_AES_CBC 

AES CBC

HAL_SECURITY_KEYS_ALGO_TYPE_AES_GCM 

AES GCM

HAL_SECURITY_KEYS_ALGO_TYPE_AES_CFB 

AES CFB

HAL_SECURITY_KEYS_ALGO_TYPE_RSA_OAEP 

RSA OAEP

HAL_SECURITY_KEYS_ALGO_TYPE_RSA 

RSA

HAL_SECURITY_KEYS_ALGO_TYPE_DSA 

DSA

HAL_SECURITY_KEYS_ALGO_TYPE_ECDSA 

ECDSA

enum hal_security_keys_data_type_e

Enumeration for data type.

Since:
HAL_MODULE_SECURITY_KEYS 1.0
Enumerator:
HAL_SECURITY_KEYS_DATA_TYPE_BINARY_DATA 

Binary data

HAL_SECURITY_KEYS_DATA_TYPE_KEY_AES 

AES key

HAL_SECURITY_KEYS_DATA_TYPE_KEY_RSA_PUBLIC 

Public RSA key

HAL_SECURITY_KEYS_DATA_TYPE_KEY_RSA_PRIVATE 

Private RSA key

HAL_SECURITY_KEYS_DATA_TYPE_KEY_DSA_PUBLIC 

Public DSA key

HAL_SECURITY_KEYS_DATA_TYPE_KEY_DSA_PRIVATE 

Private DSA key

HAL_SECURITY_KEYS_DATA_TYPE_KEY_ECDSA_PUBLIC 

Public ECDSA key

HAL_SECURITY_KEYS_DATA_TYPE_KEY_ECDSA_PRIVATE 

Private ECDSA key

HAL_SECURITY_KEYS_DATA_TYPE_KEY_KEM_PUBLIC 

Public KEM key

HAL_SECURITY_KEYS_DATA_TYPE_KEY_KEM_PRIVATE 

Private KEM key

enum hal_security_keys_dbp_scheme_version_e

Enumeration for DBP scheme version.

Since:
HAL_MODULE_SECURITY_KEYS 1.0
Enumerator:
HAL_SECURITY_KEYS_DBP_SCHEME_VERSION_1 

Database protection scheme version 1 (AES-256-CBC)

enum hal_security_keys_ec_type_e

Enumeration for elliptic curve type.

Since:
HAL_MODULE_SECURITY_KEYS 1.0
Enumerator:
HAL_SECURITY_KEYS_EC_TYPE_PRIME192V1 

PRIME192V1

HAL_SECURITY_KEYS_EC_TYPE_PRIME256V1 

PRIME256V1

HAL_SECURITY_KEYS_EC_TYPE_SECP384R1 

SECP384R1

enum hal_security_keys_error_e

Enumeration for security keys errors.

Since:
HAL_MODULE_SECURITY_KEYS 1.0
Enumerator:
HAL_SECURITY_KEYS_ERROR_NONE 

Successful

HAL_SECURITY_KEYS_ERROR_INVALID_PARAMETER 

Invalid input parameter

HAL_SECURITY_KEYS_ERROR_OUT_OF_MEMORY 

Out of memory

HAL_SECURITY_KEYS_ERROR_NOT_SUPPORTED 

Operation not supported

HAL_SECURITY_KEYS_ERROR_AUTHENTICATION_FAILED 

Authentication failed

HAL_SECURITY_KEYS_ERROR_VERIFICATION_FAILED 

Verification failed

HAL_SECURITY_KEYS_ERROR_INTERNAL_ERROR 

Internal error

HAL_SECURITY_KEYS_ERROR_TARGET_DEAD 

Target dead

HAL_SECURITY_KEYS_ERROR_NO_KEY 

No key available

HAL_SECURITY_KEYS_ERROR_NOT_PERMITTED 

Operation not permitted

enum hal_security_keys_hash_algorithm_e

Enumeration for hash algorithm.

Since:
HAL_MODULE_SECURITY_KEYS 1.0
Enumerator:
HAL_SECURITY_KEYS_HASH_ALGORITHM_NONE 

None

HAL_SECURITY_KEYS_HASH_ALGORITHM_SHA1 

SHA1

HAL_SECURITY_KEYS_HASH_ALGORITHM_SHA256 

SHA256

HAL_SECURITY_KEYS_HASH_ALGORITHM_SHA384 

SHA384

HAL_SECURITY_KEYS_HASH_ALGORITHM_SHA512 

SHA512

enum hal_security_keys_kbkdf_counter_location_e

Enumeration for KBKDF counter location.

Since:
HAL_MODULE_SECURITY_KEYS 1.0
Enumerator:
HAL_SECURITY_KEYS_KBKDF_COUNTER_LOCATION_BEFORE_FIXED 

Before fixed

HAL_SECURITY_KEYS_KBKDF_COUNTER_LOCATION_AFTER_FIXED 

After fixed

HAL_SECURITY_KEYS_KBKDF_COUNTER_LOCATION_MIDDLE_FIXED 

Middle fixed

enum hal_security_keys_kbkdf_mode_e

Enumeration for KBKDF mode.

Since:
HAL_MODULE_SECURITY_KEYS 1.0
Enumerator:
HAL_SECURITY_KEYS_KBKDF_MODE_COUNTER 

Counter mode

enum hal_security_keys_kdf_prf_type_e

Enumeration for KDF PRF type.

Since:
HAL_MODULE_SECURITY_KEYS 1.0
Enumerator:
HAL_SECURITY_KEYS_PRF_TYPE_HMAC_SHA256 

HMAC_SHA256

HAL_SECURITY_KEYS_PRF_TYPE_HMAC_SHA384 

HMAC_SHA384

HAL_SECURITY_KEYS_PRF_TYPE_HMAC_SHA512 

HMAC_SHA512

enum hal_security_keys_kem_type_e

Enumeration for ML KEM type.

Since:
HAL_MODULE_SECURITY_KEYS 1.0
Enumerator:
HAL_SECURITY_KEYS_ML_KEM_768 

ML KEM 768

HAL_SECURITY_KEYS_ML_KEM_1024 

ML KEM 1024

enum hal_security_keys_padding_algorithm_e

Enumeration for padding algorithm.

Since:
HAL_MODULE_SECURITY_KEYS 1.0
Enumerator:
HAL_SECURITY_KEYS_PADDING_ALGORITHM_NONE 

None

HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS7 

PKCS#7

HAL_SECURITY_KEYS_PADDING_ALGORITHM_ISO9797_M2 

ISO9797 method 2 padding

HAL_SECURITY_KEYS_PADDING_ALGORITHM_PKCS1 

PKCS#1

HAL_SECURITY_KEYS_PADDING_ALGORITHM_X931 

X391