Google Git
Sign in
coral / a71ch-crypto-support / 8dc1f1434da50a4b7361d651239c1f3f4f8cc25b / . / doc / sss / doc / apis-sss_asymmetric.html
blob: 69a9072f223fbf4ca3c733299312f9cea702cdf7 [file] [log] [blame]
<!DOCTYPE html>
<!--
Copyright 2019 NXP
This software is owned or controlled by NXP and may only be used
strictly in accordance with the applicable license terms. By expressly
accepting such terms or by downloading, installing, activating and/or
otherwise using the software, you are agreeing that you have read, and
that you agree to comply with and are bound by, such license terms. If
you do not agree to be bound by the applicable license terms, then you
may not retain, install, activate or otherwise use the software.
-->
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8" />
<title>3.3.5. Asymmetric &#8212; Plug &amp; Trust MW v03.00.05 documentation</title>
<link rel="stylesheet" href="../../_static/bootstrap-sphinx.css" type="text/css" />
<link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
<link rel="stylesheet" type="text/css" href="../../_static/graphviz.css" />
<script id="documentation_options" data-url_root="../../" src="../../_static/documentation_options.js"></script>
<script src="../../_static/jquery.js"></script>
<script src="../../_static/underscore.js"></script>
<script src="../../_static/doctools.js"></script>
<script src="../../_static/language_data.js"></script>
<link rel="index" title="Index" href="../../genindex.html" />
<link rel="search" title="Search" href="../../search.html" />
<link rel="next" title="3.3.6. Policies" href="apis-sss_policy.html" />
<link rel="prev" title="3.3.4. Key Object" href="apis-sss_key_object.html" />
<meta charset='utf-8'>
<meta http-equiv='X-UA-Compatible' content='IE=edge,chrome=1'>
<meta name='viewport' content='width=device-width, initial-scale=1.0, maximum-scale=1'>
<meta name="apple-mobile-web-app-capable" content="yes">
<script type="text/javascript" src="../../_static/js/jquery-1.11.0.min.js "></script>
<script type="text/javascript" src="../../_static/js/jquery-fix.js "></script>
<script type="text/javascript" src="../../_static/bootstrap-3.3.7/js/bootstrap.min.js "></script>
<script type="text/javascript" src="../../_static/bootstrap-sphinx.js "></script>
</head><body>
<div id="navbar" class="navbar navbar-inverse navbar-default navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<!-- .btn-navbar is used as the toggle for collapsed navbar content -->
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="../../toc.html"><span><img src="../../_static/NXP_logo_JPG.jpg"></span>
MW</a>
<span class="navbar-text navbar-version pull-left"><b>v03.00.05</b></span>
</div>
<div class="collapse navbar-collapse nav-collapse">
<ul class="nav navbar-nav">
<li class="dropdown globaltoc-container">
<a role="button"
id="dLabelGlobalToc"
data-toggle="dropdown"
data-target="#"
href="../../toc.html">TOC <b class="caret"></b></a>
<ul class="dropdown-menu globaltoc"
role="menu"
aria-labelledby="dLabelGlobalToc"><ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../../index.html">1. NXP Plug &amp; Trust Middleware</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../organization-of-documentation.html">1.1. Organization of Documentation</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../folder-structure.html">1.2. Folder Structure</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../sw-prerequisites.html">1.3. List of Platform Prerequisites</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../changes/index.html">2. Changes</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../changes/pending.html">2.1. Pending Refactoring items</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/pending.html#known-limitations">2.2. Known limitations</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v03_00_05.html">2.3. Release <code class="docutils literal notranslate"><span class="pre">v03.00.05</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v03_00_04.html">2.4. Release <code class="docutils literal notranslate"><span class="pre">v03.00.04</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v03_00_03.html">2.5. Release <code class="docutils literal notranslate"><span class="pre">v03.00.03</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v03_00_02.html">2.6. Release <code class="docutils literal notranslate"><span class="pre">v03.00.02</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_16_01.html">2.7. Release <code class="docutils literal notranslate"><span class="pre">v02.16.01</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_16_00.html">2.8. Release <code class="docutils literal notranslate"><span class="pre">v02.16.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_15_00.html">2.9. Release <code class="docutils literal notranslate"><span class="pre">v02.15.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_14_00.html">2.10. Release <code class="docutils literal notranslate"><span class="pre">v02.14.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_12_00.html">2.11. Release <code class="docutils literal notranslate"><span class="pre">v02.12.05</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_12_00.html#release-v02-12-04">2.12. Release <code class="docutils literal notranslate"><span class="pre">v02.12.04</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_12_00.html#release-v02-12-03">2.13. Release <code class="docutils literal notranslate"><span class="pre">v02.12.03</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_12_00.html#release-v02-12-02">2.14. Release <code class="docutils literal notranslate"><span class="pre">v02.12.02</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_12_00.html#release-v02-12-01">2.15. Release <code class="docutils literal notranslate"><span class="pre">v02.12.01</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_12_00.html#release-v02-12-00">2.16. Release <code class="docutils literal notranslate"><span class="pre">v02.12.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_11_03.html">2.17. Release <code class="docutils literal notranslate"><span class="pre">v02.11.03</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_11_01.html">2.18. Internal Release <code class="docutils literal notranslate"><span class="pre">v02.11.01</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_11_00.html">2.19. Release <code class="docutils literal notranslate"><span class="pre">v02.11.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_10_00.html">2.20. Release <code class="docutils literal notranslate"><span class="pre">v02.10.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_09_00.html">2.21. Release <code class="docutils literal notranslate"><span class="pre">v02.09.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_07_00.html">2.22. Release <code class="docutils literal notranslate"><span class="pre">v02.07.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_06_00.html">2.23. Release <code class="docutils literal notranslate"><span class="pre">v02.06.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_05_00_to_v02_03_00.html">2.24. Release <code class="docutils literal notranslate"><span class="pre">v02.05.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_05_00_to_v02_03_00.html#release-v02-04-00">2.25. Release <code class="docutils literal notranslate"><span class="pre">v02.04.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../changes/v02_05_00_to_v02_03_00.html#release-02-03-00">2.26. Release <code class="docutils literal notranslate"><span class="pre">02.03.00</span></code></a></li>
</ul>
</li>
<li class="toctree-l1 current"><a class="reference internal" href="../../stack/index.html">3. Plug &amp; Trust MW Stack</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="../../stack/features.html">3.1. Features</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/features.html#plug-trust-mw-block-diagram">3.2. Plug &amp; Trust MW : Block Diagram</a></li>
<li class="toctree-l2 current"><a class="reference internal" href="../../sss-apis.html">3.3. SSS APIs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/se05xfeatures.html">3.4. SSS APIs: SE051 vs SE050</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/param_checks.html">3.5. Parameter Check &amp; Conventions</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/i2cm.html">3.6. I2CM / Secure Sensor</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/logging.html">3.7. Logging</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/feature-file.html">3.8. Feature File - <code class="docutils literal notranslate"><span class="pre">fsl_sss_ftr.h</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/platf-scp-from-fs.html">3.9. Using Platform SCP Keys from File System</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/auth/auth-objects.html">3.10. Auth Objects</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/auth/auth-objects-userid.html">3.11. Auth Objects : UserID</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/auth/auth-objects-aeskey.html">3.12. Auth Objects : AESKey</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/auth/auth-objects-eckey.html">3.13. Auth Objects : ECKey</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/key-id-range.html">3.14. Key Id Range and Purpose</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/key-id-range.html#authentication-keys">3.15. Authentication Keys</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/key-id-range.html#trust-provisioned-keyids">3.16. Trust provisioned KeyIDs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../ex/doc/puf-scp03.html">3.17. SCP03 with PUF</a></li>
<li class="toctree-l2"><a class="reference internal" href="sss_heap_management.html">3.18. SSS Heap Management</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../building/index.html">4. Building / Compiling</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../building/windows.html">4.1. Windows Build</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../building/frdm-k64f-sdk.html">4.2. Import MCUXPresso projects from SDK</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../building/frdm-k64f-cmake.html">4.3. Freedom K64F Build (CMake - Advanced)</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../building/imx6.html">4.4. i.MX Linux Build</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../building/rpi3.html">4.5. Raspberry Pi Build</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../building/cmake.html">4.6. CMake</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../scripts/cmake_options.html">4.7. CMake Options</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../demos/index.html">5. Demo and Examples</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#demo-list">5.1. Demo List</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#sss-api-examples">5.2. SSS API Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#cloud-demos">5.3. Cloud Demos</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#linux-specific-demos">5.4. Linux Specific Demos</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#opc-ua-example">5.5. OPC-UA Example</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#arm-psa-example">5.6. ARM PSA Example</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#se05x-examples">5.7. SE05X Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#openssl-examples">5.8. OpenSSL Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#tests-for-user-crypto">5.9. Tests for User Crypto</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#nxpnfcrdlib-examples">5.10. NXPNFCRDLIB examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#ease-of-use-examples">5.11. Ease-of-Use examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#semslite-examples">5.12. Semslite examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../demos/index.html#puf-examples">5.13. PUF examples</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../edgelock2go-agent.html">6. NXP EdgeLock 2GO Agent</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../nxp_iot_agent/doc/introduction.html">6.1. Introduction</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../nxp_iot_agent/doc/introduction.html#building-and-running-the-edgelock-2go-agent">6.2. Building and running the EdgeLock 2GO agent</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../nxp_iot_agent/doc/introduction.html#datastore-keystore">6.3. Datastore / Keystore</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../nxp_iot_agent/doc/introduction.html#connection-to-the-edgelock-2go-cloud-service">6.4. Connection to the EdgeLock 2GO cloud service</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../nxp_iot_agent/doc/introduction.html#claim-codes">6.5. Claim Codes</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../nxp_iot_agent/doc/edgelock2go_agent_apis.html">6.6. API</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../nxp_iot_agent/doc/readme_usage_examples.html">6.7. Usage Examples</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../semslite/doc/index.html">7. SEMS Lite Agent</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../semslite/doc/sems_lite_overview.html">7.1. SEMS Lite Overview (Only for SE051)</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../semslite/doc/sems_lite_package.html">7.2. Update Package</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../semslite/doc/sems_lite_usage.html">7.3. SEMS Lite Agent Usage</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../semslite/doc/sems_lite_mgmt_api.html">7.4. SEMS Lite management APIs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../semslite/doc/sems_lite_process.html">7.5. SEMS Lite Agent Package Load Process</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../semslite/doc/sems_lite_api.html">7.6. APIs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../semslite/doc/sems_lite_known_issue.html">7.7. SEMS Lite Known Issue</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../semslite/doc/demo_update.html">7.8. SEMS Lite DEMOs</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../plugins/index.html">8. Plugins / Add-ins</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../plugin/openssl/scripts/readme.html">8.1. Introduction on OpenSSL engine</a></li>
<li class="toctree-l2"><a class="reference internal" href="../plugin/mbedtls/scripts/readme.html">8.2. Introduction on mbedTLS ALT Implementation</a></li>
<li class="toctree-l2"><a class="reference internal" href="../plugin/psa/Readme.html">8.3. Platform Security Architecture</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../plugins/akm.html">8.4. Android Key master</a></li>
<li class="toctree-l2"><a class="reference internal" href="../plugin/open62541/readme.html">8.5. Introduction on Open62541 (OPC UA stack)</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../plugins/wifiEAP/wifiEAP.html">8.6. WiFi EAP Demo with Raspberry Pi3</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../plugins/pkcs11.html">8.7. PKCS#11 Standalone Library</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../cli-tool.html">9. CLI Tool</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../pycli/doc/introduction.html">9.1. Introduction</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../pycli/doc/block-diagram.html">9.2. Block Diagram</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../pycli/doc/pre-steps.html">9.3. Steps needed before running <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> tool</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../pycli/doc/running.html">9.4. Running the <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> tool - Windows</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../pycli/Provisioning/readme.html">9.5. CLI Provisioning</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../pycli/doc/readme_usage_examples.html">9.6. Usage Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../pycli/doc/cli_commands_list.html">9.7. List of <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> commands</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../pycli/doc/cli_data_format.html">9.8. CLI Data formats</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../pycli/doc/cli_object_policy.html">9.9. Object Policies Through ssscli</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../appendix/upload_se05x_using_pycli.html">9.10. Upload keys and certificates to SE05X using ssscli tool</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../a71ch.html">10. A71CH</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../a71ch/a71ch_sss.html">10.1. A71CH and SSS API</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../a71ch/a71ch_miscellaneous.html">10.2. Miscellaneous</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../a71ch/a71ch_legacy_host_api.html">10.3. A71CH Legacy API</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../a71ch/a71ch_legacy_hlse_api.html">10.4. A71CH Legacy HLSE (Generic) API</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../a71ch/a71ch_configure_tool.html">10.5. A71CH Legacy Configure Tool</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../appendix.html">11. Appendix</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../appendix/glossary.html">11.1. Glossary</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../appendix/vcom.html">11.2. APDU Commands over VCOM</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../appendix/vs2019-setup.html">11.3. Visual Studio 2019 Setup</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../appendix/ide_mcux.html">11.4. Setting up MCUXPresso IDE</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../dev-platforms.html">11.5. Development Platforms</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../appendix/se_uid.html">11.6. How to get SE Platform Information and UID</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../appendix/version_info.html">11.7. Version Information</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../demos/Certificate_Chains/Readme.html">11.8. Certificate Chains</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../appendix/rjct_server.html">11.9. JRCP_v1 Server</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../appendix/platfscp.html">11.10. Using own Platform SCP03 Keys</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../appendix/apdu_write_to_buffer.html">11.11. Write APDU to buffer</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../api/api_list.html">11.12. Plug &amp; Trust MW APIs</a></li>
</ul>
</li>
</ul>
</ul>
</li>
<li class="dropdown">
<a role="button"
id="dLabelLocalToc"
data-toggle="dropdown"
data-target="#"
href="#">Page <b class="caret"></b></a>
<ul class="dropdown-menu localtoc"
role="menu"
aria-labelledby="dLabelLocalToc"><ul>
<li><a class="reference internal" href="#">3.3.5. Asymmetric</a><ul>
<li><a class="reference internal" href="#sign">3.3.5.1. Sign</a></li>
<li><a class="reference internal" href="#verify">3.3.5.2. Verify</a></li>
<li><a class="reference internal" href="#encryption">3.3.5.3. Encryption</a></li>
<li><a class="reference internal" href="#decryption">3.3.5.4. Decryption</a></li>
<li><a class="reference internal" href="#reference-example">3.3.5.5. Reference Example</a></li>
<li><a class="reference internal" href="#rsa-encryption-algorithms-supported">3.3.5.6. RSA Encryption algorithms supported</a></li>
<li><a class="reference internal" href="#rsa-signature-algorithms-supported">3.3.5.7. RSA Signature algorithms supported</a></li>
<li><a class="reference internal" href="#ecc-signature-algorithms-supported">3.3.5.8. ECC Signature algorithms supported</a></li>
<li><a class="reference internal" href="#apis">3.3.5.9. APIs</a></li>
</ul>
</li>
</ul>
</ul>
</li>
<li>
<a href="apis-sss_key_object.html" title="Previous Chapter: 3.3.4. Key Object"><span class="glyphicon glyphicon-chevron-left visible-sm"></span><span class="hidden-sm hidden-tablet">&laquo; 3.3.4. Key Object</span>
</a>
</li>
<li>
<a href="apis-sss_policy.html" title="Next Chapter: 3.3.6. Policies"><span class="glyphicon glyphicon-chevron-right visible-sm"></span><span class="hidden-sm hidden-tablet">3.3.6. Policies &raquo;</span>
</a>
</li>
</ul>
</div>
</div>
</div>
<div class="container">
<div class="row">
<div class="col-md-3">
<div id="sidebar" class="bs-sidenav" role="complementary">
<div class="sidebar-header">
<h3>Plug &amp; Trust MW</h3>
</div>
<div class="row">
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../../index.html">1. NXP Plug &amp; Trust Middleware</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../changes/index.html">2. Changes</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="../../stack/index.html">3. Plug &amp; Trust MW Stack</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="../../stack/features.html">3.1. Features</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/features.html#plug-trust-mw-block-diagram">3.2. Plug &amp; Trust MW : Block Diagram</a></li>
<li class="toctree-l2 current"><a class="reference internal" href="../../sss-apis.html">3.3. SSS APIs</a><ul class="current">
<li class="toctree-l3"><a class="reference internal" href="introduction.html">3.3.1. SSS: Introduction</a></li>
<li class="toctree-l3"><a class="reference internal" href="apis-sss_session.html">3.3.2. Session</a></li>
<li class="toctree-l3"><a class="reference internal" href="apis-sss_key_store.html">3.3.3. Key Store</a></li>
<li class="toctree-l3"><a class="reference internal" href="apis-sss_key_object.html">3.3.4. Key Object</a></li>
<li class="toctree-l3 current"><a class="current reference internal" href="#">3.3.5. Asymmetric</a></li>
<li class="toctree-l3"><a class="reference internal" href="apis-sss_policy.html">3.3.6. Policies</a></li>
<li class="toctree-l3"><a class="reference internal" href="../ex/doc/ex-boot.html">3.3.7. Example Boot-Up</a></li>
<li class="toctree-l3"><a class="reference internal" href="apis-sss_key-format.html">3.3.8. SSS api key format (asymmetric keys)</a></li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/se05xfeatures.html">3.4. SSS APIs: SE051 vs SE050</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/param_checks.html">3.5. Parameter Check &amp; Conventions</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/i2cm.html">3.6. I2CM / Secure Sensor</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/logging.html">3.7. Logging</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/feature-file.html">3.8. Feature File - <code class="docutils literal notranslate"><span class="pre">fsl_sss_ftr.h</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/platf-scp-from-fs.html">3.9. Using Platform SCP Keys from File System</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/auth/auth-objects.html">3.10. Auth Objects</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/auth/auth-objects-userid.html">3.11. Auth Objects : UserID</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/auth/auth-objects-aeskey.html">3.12. Auth Objects : AESKey</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/auth/auth-objects-eckey.html">3.13. Auth Objects : ECKey</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/key-id-range.html">3.14. Key Id Range and Purpose</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/key-id-range.html#authentication-keys">3.15. Authentication Keys</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../stack/key-id-range.html#trust-provisioned-keyids">3.16. Trust provisioned KeyIDs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../ex/doc/puf-scp03.html">3.17. SCP03 with PUF</a></li>
<li class="toctree-l2"><a class="reference internal" href="sss_heap_management.html">3.18. SSS Heap Management</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../building/index.html">4. Building / Compiling</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../demos/index.html">5. Demo and Examples</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../edgelock2go-agent.html">6. NXP EdgeLock 2GO Agent</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../semslite/doc/index.html">7. SEMS Lite Agent</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../plugins/index.html">8. Plugins / Add-ins</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../cli-tool.html">9. CLI Tool</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../a71ch.html">10. A71CH</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../appendix.html">11. Appendix</a></li>
</ul>
</div>
<div class="row">
<form class="form" action="../../search.html" method="get">
<div class="form-group">
<label for="Search">Search:</label>
<input type="text" name="q" class="form-control" placeholder="Search" />
</div>
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div>
</div>
<div class="body col-md-9 content" role="main">
<div class="section" id="asymmetric">
<h1><span class="section-number">3.3.5. </span>Asymmetric<a class="headerlink" href="#asymmetric" title="Permalink to this headline">¶</a></h1>
<div class="section" id="sign">
<h2><span class="section-number">3.3.5.1. </span>Sign<a class="headerlink" href="#sign" title="Permalink to this headline">¶</a></h2>
<p>To perform sign operation , the sequence of APIs looks as under.</p>
<img alt="../../_images/asymm-sign.png" src="../../_images/asymm-sign.png" />
<div class="admonition note">
<p class="admonition-title">Note</p>
<ol class="arabic simple">
<li><p>To perform rsa sign and verify on plain data (with hash calculated inside SE), use sss_se05x_asymmetric_sign and sss_se05x_asymmetric_verify apis.</p></li>
<li><p>Sign / Verify operations with Twisted Edward curve is supported only on plain data with hash calculated inside SE. Use sss_se05x_asymmetric_sign and sss_se05x_asymmetric_verify apis. Only SHA512 is supported.</p></li>
</ol>
</div>
</div>
<div class="section" id="verify">
<h2><span class="section-number">3.3.5.2. </span>Verify<a class="headerlink" href="#verify" title="Permalink to this headline">¶</a></h2>
<p>To perform sign verify operation , the sequence of APIs looks as under:</p>
<img alt="../../_images/asymm-verify.png" src="../../_images/asymm-verify.png" />
</div>
<div class="section" id="encryption">
<h2><span class="section-number">3.3.5.3. </span>Encryption<a class="headerlink" href="#encryption" title="Permalink to this headline">¶</a></h2>
<p>To encrypt the data , the API sequence is as under:</p>
<img alt="../../_images/asymm-encrypt.png" src="../../_images/asymm-encrypt.png" />
</div>
<div class="section" id="decryption">
<h2><span class="section-number">3.3.5.4. </span>Decryption<a class="headerlink" href="#decryption" title="Permalink to this headline">¶</a></h2>
<p>To Decrypt the encrypted data , the API sequence is as under:</p>
<img alt="../../_images/asymm-decrypt.png" src="../../_images/asymm-decrypt.png" />
</div>
<div class="section" id="reference-example">
<h2><span class="section-number">3.3.5.5. </span>Reference Example<a class="headerlink" href="#reference-example" title="Permalink to this headline">¶</a></h2>
<p>Before we use any Cryptographic operations, we need relevent Keys
to be declared.</p>
<p>Here is a reference snippet to <em>inject</em> a key into the Secure Domain.
(If the key was already existing in the Key Store, these steps are
not needed)</p>
<div class="highlight-c notranslate"><div class="highlight"><pre><span></span> <span class="cm">/* Pre-requisite for Signing Part*/</span>
<span class="n">status</span> <span class="o">=</span> <span class="n">sss_key_object_init</span><span class="p">(</span><span class="o">&amp;</span><span class="n">keyPair</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">pCtx</span><span class="o">-&gt;</span><span class="n">ks</span><span class="p">);</span>
<span class="n">ENSURE_OR_GO_CLEANUP</span><span class="p">(</span><span class="n">status</span> <span class="o">==</span> <span class="n">kStatus_SSS_Success</span><span class="p">);</span>
<span class="n">status</span> <span class="o">=</span> <span class="n">sss_key_object_allocate_handle</span><span class="p">(</span><span class="o">&amp;</span><span class="n">keyPair</span><span class="p">,</span>
<span class="n">MAKE_TEST_ID</span><span class="p">(</span><span class="n">__LINE__</span><span class="p">),</span>
<span class="n">kSSS_KeyPart_Pair</span><span class="p">,</span>
<span class="n">kSSS_CipherType_EC_NIST_P</span><span class="p">,</span>
<span class="k">sizeof</span><span class="p">(</span><span class="n">keyPairData</span><span class="p">),</span>
<span class="n">kKeyObject_Mode_Persistent</span><span class="p">);</span>
<span class="n">ENSURE_OR_GO_CLEANUP</span><span class="p">(</span><span class="n">status</span> <span class="o">==</span> <span class="n">kStatus_SSS_Success</span><span class="p">);</span>
<span class="n">status</span> <span class="o">=</span> <span class="n">sss_key_store_set_key</span><span class="p">(</span><span class="o">&amp;</span><span class="n">pCtx</span><span class="o">-&gt;</span><span class="n">ks</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">keyPair</span><span class="p">,</span> <span class="n">keyPairData</span><span class="p">,</span> <span class="k">sizeof</span><span class="p">(</span><span class="n">keyPairData</span><span class="p">),</span> <span class="n">EC_KEY_BIT_LEN</span><span class="p">,</span> <span class="nb">NULL</span><span class="p">,</span> <span class="mi">0</span><span class="p">);</span>
<span class="n">ENSURE_OR_GO_CLEANUP</span><span class="p">(</span><span class="n">status</span> <span class="o">==</span> <span class="n">kStatus_SSS_Success</span><span class="p">);</span>
</pre></div>
</div>
<p>Signing on a <code class="samp docutils literal notranslate"><span class="pre">digest</span></code> of length <code class="samp docutils literal notranslate"><span class="pre">digestLen</span></code> is performed
as below.</p>
<div class="highlight-c notranslate"><div class="highlight"><pre><span></span> <span class="n">status</span> <span class="o">=</span> <span class="n">sss_asymmetric_context_init</span><span class="p">(</span><span class="o">&amp;</span><span class="n">ctx_asymm</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">pCtx</span><span class="o">-&gt;</span><span class="n">session</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">keyPair</span><span class="p">,</span> <span class="n">kAlgorithm_SSS_SHA256</span><span class="p">,</span> <span class="n">kMode_SSS_Sign</span><span class="p">);</span>
<span class="n">ENSURE_OR_GO_CLEANUP</span><span class="p">(</span><span class="n">status</span> <span class="o">==</span> <span class="n">kStatus_SSS_Success</span><span class="p">);</span>
<span class="n">signatureLen</span> <span class="o">=</span> <span class="k">sizeof</span><span class="p">(</span><span class="n">signature</span><span class="p">);</span>
<span class="cm">/* Do Signing */</span>
<span class="n">LOG_I</span><span class="p">(</span><span class="s">&quot;Do Signing&quot;</span><span class="p">);</span>
<span class="n">LOG_MAU8_I</span><span class="p">(</span><span class="s">&quot;digest&quot;</span><span class="p">,</span> <span class="n">digest</span><span class="p">,</span> <span class="n">digestLen</span><span class="p">);</span>
<span class="n">status</span> <span class="o">=</span> <span class="n">sss_asymmetric_sign_digest</span><span class="p">(</span><span class="o">&amp;</span><span class="n">ctx_asymm</span><span class="p">,</span> <span class="n">digest</span><span class="p">,</span> <span class="n">digestLen</span><span class="p">,</span> <span class="n">signature</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">signatureLen</span><span class="p">);</span>
<span class="n">ENSURE_OR_GO_CLEANUP</span><span class="p">(</span><span class="n">status</span> <span class="o">==</span> <span class="n">kStatus_SSS_Success</span><span class="p">);</span>
<span class="n">LOG_MAU8_I</span><span class="p">(</span><span class="s">&quot;signature&quot;</span><span class="p">,</span> <span class="n">signature</span><span class="p">,</span> <span class="n">signatureLen</span><span class="p">);</span>
<span class="n">LOG_I</span><span class="p">(</span><span class="s">&quot;Signing Successful !!!&quot;</span><span class="p">);</span>
<span class="n">sss_asymmetric_context_free</span><span class="p">(</span><span class="o">&amp;</span><span class="n">ctx_asymm</span><span class="p">);</span>
</pre></div>
</div>
<p>After the above operation, <code class="samp docutils literal notranslate"><span class="pre">signature</span></code> has the signature using
the key object <code class="samp docutils literal notranslate"><span class="pre">keyPair</span></code>.</p>
</div>
<div class="section" id="rsa-encryption-algorithms-supported">
<h2><span class="section-number">3.3.5.6. </span>RSA Encryption algorithms supported<a class="headerlink" href="#rsa-encryption-algorithms-supported" title="Permalink to this headline">¶</a></h2>
<p>Supported rsa encyption / decryption algotithms - <code class="docutils literal notranslate"><span class="pre">PKCS1_OAEP</span></code> and <code class="docutils literal notranslate"><span class="pre">PKCS1_V1_5</span></code>.</p>
<div class="highlight-c notranslate"><div class="highlight"><pre><span></span> <span class="n">kAlgorithm_SSS_RSAES_PKCS1_OAEP_SHA1</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSAES_PKCS1_OAEP</span><span class="p">,</span> <span class="mh">0x01</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_RSAES_PKCS1_OAEP_SHA224</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSAES_PKCS1_OAEP</span><span class="p">,</span> <span class="mh">0x02</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_RSAES_PKCS1_OAEP_SHA256</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSAES_PKCS1_OAEP</span><span class="p">,</span> <span class="mh">0x03</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_RSAES_PKCS1_OAEP_SHA384</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSAES_PKCS1_OAEP</span><span class="p">,</span> <span class="mh">0x04</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_RSAES_PKCS1_OAEP_SHA512</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSAES_PKCS1_OAEP</span><span class="p">,</span> <span class="mh">0x05</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_RSAES_PKCS1_V1_5</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSAES_PKCS1_V1_5</span><span class="p">,</span> <span class="mh">0x01</span><span class="p">),</span>
</pre></div>
</div>
</div>
<div class="section" id="rsa-signature-algorithms-supported">
<h2><span class="section-number">3.3.5.7. </span>RSA Signature algorithms supported<a class="headerlink" href="#rsa-signature-algorithms-supported" title="Permalink to this headline">¶</a></h2>
<p>Supported rsa sign / verify algotithms - <code class="docutils literal notranslate"><span class="pre">PKCS1_PSS_MGF1</span></code> , <code class="docutils literal notranslate"><span class="pre">PKCS1_V1_5</span></code> and <code class="docutils literal notranslate"><span class="pre">No_Padding</span></code>.</p>
<p>Hash algorithms supported for sign/verify - <code class="docutils literal notranslate"><span class="pre">SHA1,</span> <span class="pre">SHA224,</span> <span class="pre">SHA256,</span> <span class="pre">SHA384,</span> <span class="pre">SHA512</span></code></p>
<div class="highlight-c notranslate"><div class="highlight"><pre><span></span> <span class="n">kAlgorithm_SSS_RSASSA_PKCS1_V1_5_NO_HASH</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSASSA_PKCS1_V1_5</span><span class="p">,</span> <span class="mh">0x01</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_RSASSA_PKCS1_V1_5_SHA1</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSASSA_PKCS1_V1_5</span><span class="p">,</span> <span class="mh">0x02</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_RSASSA_PKCS1_V1_5_SHA224</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSASSA_PKCS1_V1_5</span><span class="p">,</span> <span class="mh">0x03</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_RSASSA_PKCS1_V1_5_SHA256</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSASSA_PKCS1_V1_5</span><span class="p">,</span> <span class="mh">0x04</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_RSASSA_PKCS1_V1_5_SHA384</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSASSA_PKCS1_V1_5</span><span class="p">,</span> <span class="mh">0x05</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_RSASSA_PKCS1_V1_5_SHA512</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSASSA_PKCS1_V1_5</span><span class="p">,</span> <span class="mh">0x06</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_RSASSA_PKCS1_PSS_MGF1_SHA1</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSASSA_PKCS1_PSS_MGF1</span><span class="p">,</span> <span class="mh">0x01</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_RSASSA_PKCS1_PSS_MGF1_SHA224</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSASSA_PKCS1_PSS_MGF1</span><span class="p">,</span> <span class="mh">0x02</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_RSASSA_PKCS1_PSS_MGF1_SHA256</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSASSA_PKCS1_PSS_MGF1</span><span class="p">,</span> <span class="mh">0x03</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_RSASSA_PKCS1_PSS_MGF1_SHA384</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSASSA_PKCS1_PSS_MGF1</span><span class="p">,</span> <span class="mh">0x04</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_RSASSA_PKCS1_PSS_MGF1_SHA512</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSASSA_PKCS1_PSS_MGF1</span><span class="p">,</span> <span class="mh">0x05</span><span class="p">),</span>
</pre></div>
</div>
<div class="highlight-c notranslate"><div class="highlight"><pre><span></span> <span class="n">kAlgorithm_SSS_RSASSA_NO_PADDING</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">RSASSA_NO_PADDING</span><span class="p">,</span> <span class="mh">0x01</span><span class="p">),</span>
</pre></div>
</div>
<p>When using <code class="docutils literal notranslate"><span class="pre">PKCS1_PSS_MGF1</span></code> padding, there are few limitations on hash algorithm with rsa key size as below,</p>
<table class="colwidths-given docutils align-default">
<colgroup>
<col style="width: 29%" />
<col style="width: 71%" />
</colgroup>
<thead>
<tr class="row-odd"><th class="head"><p>RSA Bit Length</p></th>
<th class="head"><p>Valid Hash Algorithm</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td><p>512</p></td>
<td><p>SHA1, SHA224</p></td>
</tr>
<tr class="row-odd"><td><p>1024</p></td>
<td><p>SHA1, SHA224, SHA256, SHA384</p></td>
</tr>
<tr class="row-even"><td><p>1152</p></td>
<td><p>SHA1, SHA224, SHA256, SHA384, SHA512</p></td>
</tr>
<tr class="row-odd"><td><p>2048</p></td>
<td><p>SHA1, SHA224, SHA256, SHA384, SHA512</p></td>
</tr>
<tr class="row-even"><td><p>3072</p></td>
<td><p>SHA1, SHA224, SHA256, SHA384, SHA512</p></td>
</tr>
<tr class="row-odd"><td><p>4096</p></td>
<td><p>SHA1, SHA224, SHA256, SHA384, SHA512</p></td>
</tr>
</tbody>
</table>
</div>
<div class="section" id="ecc-signature-algorithms-supported">
<h2><span class="section-number">3.3.5.8. </span>ECC Signature algorithms supported<a class="headerlink" href="#ecc-signature-algorithms-supported" title="Permalink to this headline">¶</a></h2>
<p>Supported hash values for ecc sign / verify - <code class="docutils literal notranslate"><span class="pre">SHA1,</span> <span class="pre">SHA224,</span> <span class="pre">SHA256,</span> <span class="pre">SHA384,</span> <span class="pre">SHA512</span></code></p>
<div class="highlight-c notranslate"><div class="highlight"><pre><span></span> <span class="n">kAlgorithm_SSS_ECDSA_SHA1</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">ECDSA</span><span class="p">,</span> <span class="mh">0x01</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_ECDSA_SHA224</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">ECDSA</span><span class="p">,</span> <span class="mh">0x02</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_ECDSA_SHA256</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">ECDSA</span><span class="p">,</span> <span class="mh">0x03</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_ECDSA_SHA384</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">ECDSA</span><span class="p">,</span> <span class="mh">0x04</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_ECDSA_SHA512</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">ECDSA</span><span class="p">,</span> <span class="mh">0x05</span><span class="p">),</span>
</pre></div>
</div>
<p>OR</p>
<div class="highlight-c notranslate"><div class="highlight"><pre><span></span> <span class="n">kAlgorithm_SSS_SHA1</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">SHA</span><span class="p">,</span> <span class="mh">0x01</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_SHA224</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">SHA</span><span class="p">,</span> <span class="mh">0x02</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_SHA256</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">SHA</span><span class="p">,</span> <span class="mh">0x03</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_SHA384</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">SHA</span><span class="p">,</span> <span class="mh">0x04</span><span class="p">),</span>
<span class="n">kAlgorithm_SSS_SHA512</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">SHA</span><span class="p">,</span> <span class="mh">0x05</span><span class="p">),</span>
</pre></div>
</div>
<p>ECDAA algorithm</p>
<div class="highlight-c notranslate"><div class="highlight"><pre><span></span> <span class="n">kAlgorithm_SSS_ECDAA</span> <span class="o">=</span> <span class="n">SSS_ENUM_ALGORITHM</span><span class="p">(</span><span class="n">ECDAA</span><span class="p">,</span> <span class="mh">0x01</span><span class="p">),</span>
</pre></div>
</div>
</div>
<div class="section" id="apis">
<h2><span class="section-number">3.3.5.9. </span>APIs<a class="headerlink" href="#apis" title="Permalink to this headline">¶</a></h2>
<dl class="group">
<dt>
<em>group</em> <code class="sig-name descname">sss_crypto_asymmetric</code></dt>
<dd><p>Asymmetric cryptographic operations like <code class="docutils literal notranslate"><span class="pre">RSA</span></code> / <code class="docutils literal notranslate"><span class="pre">ECC/etc</span></code>. </p>
<div class="breathe-sectiondef docutils container">
<p class="breathe-sectiondef-title rubric">Functions</p>
<dl class="function">
<dt>
void <code class="sig-name descname">sss_asymmetric_context_free</code><span class="sig-paren">(</span><a class="reference internal" href="../../api/structsss__asymmetric__t.html#_CPPv416sss_asymmetric_t" title="sss_asymmetric_t">sss_asymmetric_t</a> *<em>context</em><span class="sig-paren">)</span><br /></dt>
<dd><p>Asymmetric context release. The function frees asymmetric context. </p>
<p><dl class="simple">
<dt><strong>Parameters</strong></dt><dd><ul class="breatheparameterlist simple">
<li><p><code class="docutils literal notranslate"><span class="pre">context</span></code>: Pointer to asymmetric context. </p></li>
</ul>
</dd>
</dl>
</p>
</dd></dl>
<dl class="function">
<dt>
<a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#_CPPv412sss_status_t" title="sss_status_t">sss_status_t</a> <code class="sig-name descname">sss_asymmetric_context_init</code><span class="sig-paren">(</span><a class="reference internal" href="../../api/structsss__asymmetric__t.html#_CPPv416sss_asymmetric_t" title="sss_asymmetric_t">sss_asymmetric_t</a> *<em>context</em>, <a class="reference internal" href="../../api/structsss__session__t.html#_CPPv413sss_session_t" title="sss_session_t">sss_session_t</a> *<em>session</em>, <a class="reference internal" href="../../api/structsss__object__t.html#_CPPv412sss_object_t" title="sss_object_t">sss_object_t</a> *<em>keyObject</em>, <a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a9f0675a6f252b50493553d47164fb5b7.html#_CPPv415sss_algorithm_t" title="sss_algorithm_t">sss_algorithm_t</a> <em>algorithm</em>, <a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a85c5ee04ee7d6fc1ba71d2619a9823a3.html#_CPPv410sss_mode_t" title="sss_mode_t">sss_mode_t</a> <em>mode</em><span class="sig-paren">)</span><br /></dt>
<dd><p>Asymmetric context init. The function initializes asymmetric context with initial values. </p>
<p><dl class="simple">
<dt><strong>Return</strong></dt><dd><p>Status of the operation </p>
</dd>
<dt><strong>Parameters</strong></dt><dd><ul class="breatheparameterlist simple">
<li><p><code class="docutils literal notranslate"><span class="pre">context</span></code>: Pointer to asymmetric crypto context. </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">session</span></code>: Associate SSS session with asymmetric context. </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">keyObject</span></code>: Associate SSS key object with asymmetric context. </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">algorithm</span></code>: One of the asymmetric algorithms defined by <a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a9f0675a6f252b50493553d47164fb5b7.html#fsl__sss__api_8h_1a9f0675a6f252b50493553d47164fb5b7"><span class="std std-ref">sss_algorithm_t</span></a>. </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">mode</span></code>: One of the modes defined by <a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a85c5ee04ee7d6fc1ba71d2619a9823a3.html#fsl__sss__api_8h_1a85c5ee04ee7d6fc1ba71d2619a9823a3"><span class="std std-ref">sss_mode_t</span></a>.</p></li>
</ul>
</dd>
<dt><strong>Return Value</strong></dt><dd><ul class="breatheparameterlist simple">
<li><p><code class="docutils literal notranslate"><a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70abbddf43382dda6bce2ae5fd96fcfc97c"><span class="std std-ref"><span class="pre">kStatus_SSS_Success</span></span></a></code>: The operation has completed successfully. </p></li>
<li><p><code class="docutils literal notranslate"><a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70a32741fa0bf21fca96d56375fc8f826e2"><span class="std std-ref"><span class="pre">kStatus_SSS_Fail</span></span></a></code>: The operation has failed. </p></li>
<li><p><code class="docutils literal notranslate"><a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70aa1c9ed2c7a55af9b3a7c22927973e7d5"><span class="std std-ref"><span class="pre">kStatus_SSS_InvalidArgument</span></span></a></code>: One of the arguments is invalid for the function to execute. </p></li>
</ul>
</dd>
</dl>
</p>
</dd></dl>
<dl class="function">
<dt>
<a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#_CPPv412sss_status_t" title="sss_status_t">sss_status_t</a> <code class="sig-name descname">sss_asymmetric_decrypt</code><span class="sig-paren">(</span><a class="reference internal" href="../../api/structsss__asymmetric__t.html#_CPPv416sss_asymmetric_t" title="sss_asymmetric_t">sss_asymmetric_t</a> *<em>context</em>, <em class="property">const</em> uint8_t *<em>srcData</em>, size_t <em>srcLen</em>, uint8_t *<em>destData</em>, size_t *<em>destLen</em><span class="sig-paren">)</span><br /></dt>
<dd><p>Asymmetric decryption The function uses asymmetric algorithm to decrypt data. Private key portion of a key pair is used for decryption. </p>
<p><dl class="simple">
<dt><strong>Return</strong></dt><dd><p>Status of the operation </p>
</dd>
<dt><strong>Parameters</strong></dt><dd><ul class="breatheparameterlist simple">
<li><p><code class="docutils literal notranslate"><span class="pre">context</span></code>: Pointer to asymmetric context. </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">srcData</span></code>: Input buffer </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">srcLen</span></code>: Length of the input in bytes </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">destData</span></code>: Output buffer </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">destLen</span></code>: Length of the output in bytes</p></li>
</ul>
</dd>
<dt><strong>Return Value</strong></dt><dd><ul class="breatheparameterlist simple">
<li><p><code class="docutils literal notranslate"><a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70abbddf43382dda6bce2ae5fd96fcfc97c"><span class="std std-ref"><span class="pre">kStatus_SSS_Success</span></span></a></code>: The operation has completed successfully. </p></li>
<li><p><code class="docutils literal notranslate"><a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70a32741fa0bf21fca96d56375fc8f826e2"><span class="std std-ref"><span class="pre">kStatus_SSS_Fail</span></span></a></code>: The operation has failed. </p></li>
<li><p><code class="docutils literal notranslate"><a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70aa1c9ed2c7a55af9b3a7c22927973e7d5"><span class="std std-ref"><span class="pre">kStatus_SSS_InvalidArgument</span></span></a></code>: One of the arguments is invalid for the function to execute. </p></li>
</ul>
</dd>
</dl>
</p>
</dd></dl>
<dl class="function">
<dt>
<a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#_CPPv412sss_status_t" title="sss_status_t">sss_status_t</a> <code class="sig-name descname">sss_asymmetric_encrypt</code><span class="sig-paren">(</span><a class="reference internal" href="../../api/structsss__asymmetric__t.html#_CPPv416sss_asymmetric_t" title="sss_asymmetric_t">sss_asymmetric_t</a> *<em>context</em>, <em class="property">const</em> uint8_t *<em>srcData</em>, size_t <em>srcLen</em>, uint8_t *<em>destData</em>, size_t *<em>destLen</em><span class="sig-paren">)</span><br /></dt>
<dd><p>Asymmetric encryption The function uses asymmetric algorithm to encrypt data. Public key portion of a key pair is used for encryption. </p>
<p><dl class="simple">
<dt><strong>Return</strong></dt><dd><p>Status of the operation </p>
</dd>
<dt><strong>Parameters</strong></dt><dd><ul class="breatheparameterlist simple">
<li><p><code class="docutils literal notranslate"><span class="pre">context</span></code>: Pointer to asymmetric context. </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">srcData</span></code>: Input buffer </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">srcLen</span></code>: Length of the input in bytes </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">destData</span></code>: Output buffer </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">destLen</span></code>: Length of the output in bytes</p></li>
</ul>
</dd>
<dt><strong>Return Value</strong></dt><dd><ul class="breatheparameterlist simple">
<li><p><code class="docutils literal notranslate"><a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70abbddf43382dda6bce2ae5fd96fcfc97c"><span class="std std-ref"><span class="pre">kStatus_SSS_Success</span></span></a></code>: The operation has completed successfully. </p></li>
<li><p><code class="docutils literal notranslate"><a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70a32741fa0bf21fca96d56375fc8f826e2"><span class="std std-ref"><span class="pre">kStatus_SSS_Fail</span></span></a></code>: The operation has failed. </p></li>
<li><p><code class="docutils literal notranslate"><a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70aa1c9ed2c7a55af9b3a7c22927973e7d5"><span class="std std-ref"><span class="pre">kStatus_SSS_InvalidArgument</span></span></a></code>: One of the arguments is invalid for the function to execute. </p></li>
</ul>
</dd>
</dl>
</p>
</dd></dl>
<dl class="function">
<dt>
<a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#_CPPv412sss_status_t" title="sss_status_t">sss_status_t</a> <code class="sig-name descname">sss_asymmetric_sign_digest</code><span class="sig-paren">(</span><a class="reference internal" href="../../api/structsss__asymmetric__t.html#_CPPv416sss_asymmetric_t" title="sss_asymmetric_t">sss_asymmetric_t</a> *<em>context</em>, uint8_t *<em>digest</em>, size_t <em>digestLen</em>, uint8_t *<em>signature</em>, size_t *<em>signatureLen</em><span class="sig-paren">)</span><br /></dt>
<dd><p>Asymmetric signature of a message digest The function signs a message digest. </p>
<p><dl class="simple">
<dt><strong>Return</strong></dt><dd><p>Status of the operation </p>
</dd>
<dt><strong>Parameters</strong></dt><dd><ul class="breatheparameterlist simple">
<li><p><code class="docutils literal notranslate"><span class="pre">context</span></code>: Pointer to asymmetric context. </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">digest</span></code>: Input buffer containing the input message digest </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">digestLen</span></code>: Length of the digest in bytes </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">signature</span></code>: Output buffer written with the signature of the digest </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">signatureLen</span></code>: Length of the signature in bytes</p></li>
</ul>
</dd>
<dt><strong>Return Value</strong></dt><dd><ul class="breatheparameterlist simple">
<li><p><code class="docutils literal notranslate"><a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70abbddf43382dda6bce2ae5fd96fcfc97c"><span class="std std-ref"><span class="pre">kStatus_SSS_Success</span></span></a></code>: The operation has completed successfully. </p></li>
<li><p><code class="docutils literal notranslate"><a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70a32741fa0bf21fca96d56375fc8f826e2"><span class="std std-ref"><span class="pre">kStatus_SSS_Fail</span></span></a></code>: The operation has failed. </p></li>
<li><p><code class="docutils literal notranslate"><a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70aa1c9ed2c7a55af9b3a7c22927973e7d5"><span class="std std-ref"><span class="pre">kStatus_SSS_InvalidArgument</span></span></a></code>: One of the arguments is invalid for the function to execute. </p></li>
</ul>
</dd>
</dl>
</p>
</dd></dl>
<dl class="function">
<dt>
<a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#_CPPv412sss_status_t" title="sss_status_t">sss_status_t</a> <code class="sig-name descname">sss_asymmetric_verify_digest</code><span class="sig-paren">(</span><a class="reference internal" href="../../api/structsss__asymmetric__t.html#_CPPv416sss_asymmetric_t" title="sss_asymmetric_t">sss_asymmetric_t</a> *<em>context</em>, uint8_t *<em>digest</em>, size_t <em>digestLen</em>, uint8_t *<em>signature</em>, size_t <em>signatureLen</em><span class="sig-paren">)</span><br /></dt>
<dd><p>Asymmetric verify of a message digest The function verifies a message digest. </p>
<p><dl class="simple">
<dt><strong>Return</strong></dt><dd><p>Status of the operation </p>
</dd>
<dt><strong>Parameters</strong></dt><dd><ul class="breatheparameterlist simple">
<li><p><code class="docutils literal notranslate"><span class="pre">context</span></code>: Pointer to asymmetric context. </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">digest</span></code>: Input buffer containing the input message digest </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">digestLen</span></code>: Length of the digest in bytes </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">signature</span></code>: Input buffer containing the signature to verify </p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">signatureLen</span></code>: Length of the signature in bytes</p></li>
</ul>
</dd>
<dt><strong>Return Value</strong></dt><dd><ul class="breatheparameterlist simple">
<li><p><code class="docutils literal notranslate"><a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70abbddf43382dda6bce2ae5fd96fcfc97c"><span class="std std-ref"><span class="pre">kStatus_SSS_Success</span></span></a></code>: The operation has completed successfully. </p></li>
<li><p><code class="docutils literal notranslate"><a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70a32741fa0bf21fca96d56375fc8f826e2"><span class="std std-ref"><span class="pre">kStatus_SSS_Fail</span></span></a></code>: The operation has failed. </p></li>
<li><p><code class="docutils literal notranslate"><a class="reference internal" href="../../api/enum_fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70.html#fsl__sss__api_8h_1a82a023f4d1bf8b22df395d3bffb0ce70aa1c9ed2c7a55af9b3a7c22927973e7d5"><span class="std std-ref"><span class="pre">kStatus_SSS_InvalidArgument</span></span></a></code>: One of the arguments is invalid for the function to execute. </p></li>
</ul>
</dd>
</dl>
</p>
</dd></dl>
</div>
</dd></dl>
</div>
</div>
</div>
</div>
</div>
<footer class="footer">
<div class="container">
<p class="pull-right">
<a href="#">Back to top</a>
</p>
<p>
&copy; Copyright 2018-2020, NXP.<br/>
Created using <a href="http://sphinx-doc.org/">Sphinx</a> 2.4.1.<br/>
</p>
</div>
</footer>
</body>
</html>