Google Git
Sign in
coral / a71ch-crypto-support / 8dc1f1434da50a4b7361d651239c1f3f4f8cc25b / . / doc / sss / plugin / mbedtls / scripts / readme.html
blob: a291813a5d6382ac4a6a5e80897c5f64ee69ad37 [file] [log] [blame]
<!DOCTYPE html>
<!--
Copyright 2019 NXP
This software is owned or controlled by NXP and may only be used
strictly in accordance with the applicable license terms. By expressly
accepting such terms or by downloading, installing, activating and/or
otherwise using the software, you are agreeing that you have read, and
that you agree to comply with and are bound by, such license terms. If
you do not agree to be bound by the applicable license terms, then you
may not retain, install, activate or otherwise use the software.
-->
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8" />
<title>8.2. Introduction on mbedTLS ALT Implementation &#8212; Plug &amp; Trust MW v03.00.05 documentation</title>
<link rel="stylesheet" href="../../../../_static/bootstrap-sphinx.css" type="text/css" />
<link rel="stylesheet" href="../../../../_static/pygments.css" type="text/css" />
<link rel="stylesheet" type="text/css" href="../../../../_static/graphviz.css" />
<script id="documentation_options" data-url_root="../../../../" src="../../../../_static/documentation_options.js"></script>
<script src="../../../../_static/jquery.js"></script>
<script src="../../../../_static/underscore.js"></script>
<script src="../../../../_static/doctools.js"></script>
<script src="../../../../_static/language_data.js"></script>
<link rel="index" title="Index" href="../../../../genindex.html" />
<link rel="search" title="Search" href="../../../../search.html" />
<link rel="next" title="8.3. Platform Security Architecture" href="../../psa/Readme.html" />
<link rel="prev" title="8.1. Introduction on OpenSSL engine" href="../../openssl/scripts/readme.html" />
<meta charset='utf-8'>
<meta http-equiv='X-UA-Compatible' content='IE=edge,chrome=1'>
<meta name='viewport' content='width=device-width, initial-scale=1.0, maximum-scale=1'>
<meta name="apple-mobile-web-app-capable" content="yes">
<script type="text/javascript" src="../../../../_static/js/jquery-1.11.0.min.js "></script>
<script type="text/javascript" src="../../../../_static/js/jquery-fix.js "></script>
<script type="text/javascript" src="../../../../_static/bootstrap-3.3.7/js/bootstrap.min.js "></script>
<script type="text/javascript" src="../../../../_static/bootstrap-sphinx.js "></script>
</head><body>
<div id="navbar" class="navbar navbar-inverse navbar-default navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<!-- .btn-navbar is used as the toggle for collapsed navbar content -->
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="../../../../toc.html"><span><img src="../../../../_static/NXP_logo_JPG.jpg"></span>
MW</a>
<span class="navbar-text navbar-version pull-left"><b>v03.00.05</b></span>
</div>
<div class="collapse navbar-collapse nav-collapse">
<ul class="nav navbar-nav">
<li class="dropdown globaltoc-container">
<a role="button"
id="dLabelGlobalToc"
data-toggle="dropdown"
data-target="#"
href="../../../../toc.html">TOC <b class="caret"></b></a>
<ul class="dropdown-menu globaltoc"
role="menu"
aria-labelledby="dLabelGlobalToc"><ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../../../../index.html">1. NXP Plug &amp; Trust Middleware</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../../organization-of-documentation.html">1.1. Organization of Documentation</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../folder-structure.html">1.2. Folder Structure</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../sw-prerequisites.html">1.3. List of Platform Prerequisites</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../../changes/index.html">2. Changes</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/pending.html">2.1. Pending Refactoring items</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/pending.html#known-limitations">2.2. Known limitations</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v03_00_05.html">2.3. Release <code class="docutils literal notranslate"><span class="pre">v03.00.05</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v03_00_04.html">2.4. Release <code class="docutils literal notranslate"><span class="pre">v03.00.04</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v03_00_03.html">2.5. Release <code class="docutils literal notranslate"><span class="pre">v03.00.03</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v03_00_02.html">2.6. Release <code class="docutils literal notranslate"><span class="pre">v03.00.02</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_16_01.html">2.7. Release <code class="docutils literal notranslate"><span class="pre">v02.16.01</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_16_00.html">2.8. Release <code class="docutils literal notranslate"><span class="pre">v02.16.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_15_00.html">2.9. Release <code class="docutils literal notranslate"><span class="pre">v02.15.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_14_00.html">2.10. Release <code class="docutils literal notranslate"><span class="pre">v02.14.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_12_00.html">2.11. Release <code class="docutils literal notranslate"><span class="pre">v02.12.05</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_12_00.html#release-v02-12-04">2.12. Release <code class="docutils literal notranslate"><span class="pre">v02.12.04</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_12_00.html#release-v02-12-03">2.13. Release <code class="docutils literal notranslate"><span class="pre">v02.12.03</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_12_00.html#release-v02-12-02">2.14. Release <code class="docutils literal notranslate"><span class="pre">v02.12.02</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_12_00.html#release-v02-12-01">2.15. Release <code class="docutils literal notranslate"><span class="pre">v02.12.01</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_12_00.html#release-v02-12-00">2.16. Release <code class="docutils literal notranslate"><span class="pre">v02.12.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_11_03.html">2.17. Release <code class="docutils literal notranslate"><span class="pre">v02.11.03</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_11_01.html">2.18. Internal Release <code class="docutils literal notranslate"><span class="pre">v02.11.01</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_11_00.html">2.19. Release <code class="docutils literal notranslate"><span class="pre">v02.11.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_10_00.html">2.20. Release <code class="docutils literal notranslate"><span class="pre">v02.10.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_09_00.html">2.21. Release <code class="docutils literal notranslate"><span class="pre">v02.09.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_07_00.html">2.22. Release <code class="docutils literal notranslate"><span class="pre">v02.07.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_06_00.html">2.23. Release <code class="docutils literal notranslate"><span class="pre">v02.06.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_05_00_to_v02_03_00.html">2.24. Release <code class="docutils literal notranslate"><span class="pre">v02.05.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_05_00_to_v02_03_00.html#release-v02-04-00">2.25. Release <code class="docutils literal notranslate"><span class="pre">v02.04.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../changes/v02_05_00_to_v02_03_00.html#release-02-03-00">2.26. Release <code class="docutils literal notranslate"><span class="pre">02.03.00</span></code></a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../../stack/index.html">3. Plug &amp; Trust MW Stack</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../../stack/features.html">3.1. Features</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../stack/features.html#plug-trust-mw-block-diagram">3.2. Plug &amp; Trust MW : Block Diagram</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../sss-apis.html">3.3. SSS APIs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../stack/se05xfeatures.html">3.4. SSS APIs: SE051 vs SE050</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../stack/param_checks.html">3.5. Parameter Check &amp; Conventions</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../stack/i2cm.html">3.6. I2CM / Secure Sensor</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../stack/logging.html">3.7. Logging</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../stack/feature-file.html">3.8. Feature File - <code class="docutils literal notranslate"><span class="pre">fsl_sss_ftr.h</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../stack/platf-scp-from-fs.html">3.9. Using Platform SCP Keys from File System</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../stack/auth/auth-objects.html">3.10. Auth Objects</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../stack/auth/auth-objects-userid.html">3.11. Auth Objects : UserID</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../stack/auth/auth-objects-aeskey.html">3.12. Auth Objects : AESKey</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../stack/auth/auth-objects-eckey.html">3.13. Auth Objects : ECKey</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../stack/key-id-range.html">3.14. Key Id Range and Purpose</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../stack/key-id-range.html#authentication-keys">3.15. Authentication Keys</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../stack/key-id-range.html#trust-provisioned-keyids">3.16. Trust provisioned KeyIDs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../ex/doc/puf-scp03.html">3.17. SCP03 with PUF</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../doc/sss_heap_management.html">3.18. SSS Heap Management</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../../building/index.html">4. Building / Compiling</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../../building/windows.html">4.1. Windows Build</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../building/frdm-k64f-sdk.html">4.2. Import MCUXPresso projects from SDK</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../building/frdm-k64f-cmake.html">4.3. Freedom K64F Build (CMake - Advanced)</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../building/imx6.html">4.4. i.MX Linux Build</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../building/rpi3.html">4.5. Raspberry Pi Build</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../building/cmake.html">4.6. CMake</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../scripts/cmake_options.html">4.7. CMake Options</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../../demos/index.html">5. Demo and Examples</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../../demos/index.html#demo-list">5.1. Demo List</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../demos/index.html#sss-api-examples">5.2. SSS API Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../demos/index.html#cloud-demos">5.3. Cloud Demos</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../demos/index.html#linux-specific-demos">5.4. Linux Specific Demos</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../demos/index.html#opc-ua-example">5.5. OPC-UA Example</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../demos/index.html#arm-psa-example">5.6. ARM PSA Example</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../demos/index.html#se05x-examples">5.7. SE05X Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../demos/index.html#openssl-examples">5.8. OpenSSL Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../demos/index.html#tests-for-user-crypto">5.9. Tests for User Crypto</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../demos/index.html#nxpnfcrdlib-examples">5.10. NXPNFCRDLIB examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../demos/index.html#ease-of-use-examples">5.11. Ease-of-Use examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../demos/index.html#semslite-examples">5.12. Semslite examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../demos/index.html#puf-examples">5.13. PUF examples</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../../edgelock2go-agent.html">6. NXP EdgeLock 2GO Agent</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../../nxp_iot_agent/doc/introduction.html">6.1. Introduction</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../nxp_iot_agent/doc/introduction.html#building-and-running-the-edgelock-2go-agent">6.2. Building and running the EdgeLock 2GO agent</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../nxp_iot_agent/doc/introduction.html#datastore-keystore">6.3. Datastore / Keystore</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../nxp_iot_agent/doc/introduction.html#connection-to-the-edgelock-2go-cloud-service">6.4. Connection to the EdgeLock 2GO cloud service</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../nxp_iot_agent/doc/introduction.html#claim-codes">6.5. Claim Codes</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../nxp_iot_agent/doc/edgelock2go_agent_apis.html">6.6. API</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../nxp_iot_agent/doc/readme_usage_examples.html">6.7. Usage Examples</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../../semslite/doc/index.html">7. SEMS Lite Agent</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../../semslite/doc/sems_lite_overview.html">7.1. SEMS Lite Overview (Only for SE051)</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../semslite/doc/sems_lite_package.html">7.2. Update Package</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../semslite/doc/sems_lite_usage.html">7.3. SEMS Lite Agent Usage</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../semslite/doc/sems_lite_mgmt_api.html">7.4. SEMS Lite management APIs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../semslite/doc/sems_lite_process.html">7.5. SEMS Lite Agent Package Load Process</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../semslite/doc/sems_lite_api.html">7.6. APIs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../semslite/doc/sems_lite_known_issue.html">7.7. SEMS Lite Known Issue</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../semslite/doc/demo_update.html">7.8. SEMS Lite DEMOs</a></li>
</ul>
</li>
<li class="toctree-l1 current"><a class="reference internal" href="../../../../plugins/index.html">8. Plugins / Add-ins</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="../../openssl/scripts/readme.html">8.1. Introduction on OpenSSL engine</a></li>
<li class="toctree-l2 current"><a class="current reference internal" href="#">8.2. Introduction on mbedTLS ALT Implementation</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../psa/Readme.html">8.3. Platform Security Architecture</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../plugins/akm.html">8.4. Android Key master</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../open62541/readme.html">8.5. Introduction on Open62541 (OPC UA stack)</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../plugins/wifiEAP/wifiEAP.html">8.6. WiFi EAP Demo with Raspberry Pi3</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../plugins/pkcs11.html">8.7. PKCS#11 Standalone Library</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../../cli-tool.html">9. CLI Tool</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../../pycli/doc/introduction.html">9.1. Introduction</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../pycli/doc/block-diagram.html">9.2. Block Diagram</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../pycli/doc/pre-steps.html">9.3. Steps needed before running <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> tool</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../pycli/doc/running.html">9.4. Running the <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> tool - Windows</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../pycli/Provisioning/readme.html">9.5. CLI Provisioning</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../pycli/doc/readme_usage_examples.html">9.6. Usage Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../pycli/doc/cli_commands_list.html">9.7. List of <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> commands</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../pycli/doc/cli_data_format.html">9.8. CLI Data formats</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../pycli/doc/cli_object_policy.html">9.9. Object Policies Through ssscli</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../appendix/upload_se05x_using_pycli.html">9.10. Upload keys and certificates to SE05X using ssscli tool</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../../a71ch.html">10. A71CH</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../../a71ch/a71ch_sss.html">10.1. A71CH and SSS API</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../a71ch/a71ch_miscellaneous.html">10.2. Miscellaneous</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../a71ch/a71ch_legacy_host_api.html">10.3. A71CH Legacy API</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../a71ch/a71ch_legacy_hlse_api.html">10.4. A71CH Legacy HLSE (Generic) API</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../a71ch/a71ch_configure_tool.html">10.5. A71CH Legacy Configure Tool</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../../appendix.html">11. Appendix</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../../../../appendix/glossary.html">11.1. Glossary</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../appendix/vcom.html">11.2. APDU Commands over VCOM</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../appendix/vs2019-setup.html">11.3. Visual Studio 2019 Setup</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../appendix/ide_mcux.html">11.4. Setting up MCUXPresso IDE</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../dev-platforms.html">11.5. Development Platforms</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../appendix/se_uid.html">11.6. How to get SE Platform Information and UID</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../appendix/version_info.html">11.7. Version Information</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../demos/Certificate_Chains/Readme.html">11.8. Certificate Chains</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../appendix/rjct_server.html">11.9. JRCP_v1 Server</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../appendix/platfscp.html">11.10. Using own Platform SCP03 Keys</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../appendix/apdu_write_to_buffer.html">11.11. Write APDU to buffer</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../api/api_list.html">11.12. Plug &amp; Trust MW APIs</a></li>
</ul>
</li>
</ul>
</ul>
</li>
<li class="dropdown">
<a role="button"
id="dLabelLocalToc"
data-toggle="dropdown"
data-target="#"
href="#">Page <b class="caret"></b></a>
<ul class="dropdown-menu localtoc"
role="menu"
aria-labelledby="dLabelLocalToc"><ul>
<li><a class="reference internal" href="#">8.2. Introduction on mbedTLS ALT Implementation</a><ul>
<li><a class="reference internal" href="#using-mbedtls-alt">8.2.1. Using mbedTLS ALT</a></li>
<li><a class="reference internal" href="#testing">8.2.2. Testing</a><ul>
<li><a class="reference internal" href="#building-mbedtls-ssl-dtls-server-for-testing">8.2.2.1. Building mbedTLS SSL/DTLS server for testing</a></li>
<li><a class="reference internal" href="#building-mbedtls-ssl-dtls-client-with-sss-apis-integration">8.2.2.2. Building mbedTLS SSL/DTLS client (with SSS-APIs integration)</a></li>
<li><a class="reference internal" href="#testings-mbedtls-alt">8.2.2.3. Testings mbedTLS ALT</a></li>
</ul>
</li>
<li><a class="reference internal" href="#mbedtls-alt-apis">8.2.3. mbedTLS ALT APIs</a></li>
</ul>
</li>
</ul>
</ul>
</li>
<li>
<a href="../../openssl/scripts/readme.html" title="Previous Chapter: 8.1. Introduction on OpenSSL engine"><span class="glyphicon glyphicon-chevron-left visible-sm"></span><span class="hidden-sm hidden-tablet">&laquo; 8.1. Introduc...</span>
</a>
</li>
<li>
<a href="../../psa/Readme.html" title="Next Chapter: 8.3. Platform Security Architecture"><span class="glyphicon glyphicon-chevron-right visible-sm"></span><span class="hidden-sm hidden-tablet">8.3. Platform... &raquo;</span>
</a>
</li>
</ul>
</div>
</div>
</div>
<div class="container">
<div class="row">
<div class="col-md-3">
<div id="sidebar" class="bs-sidenav" role="complementary">
<div class="sidebar-header">
<h3>Plug &amp; Trust MW</h3>
</div>
<div class="row">
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../../../../index.html">1. NXP Plug &amp; Trust Middleware</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../../changes/index.html">2. Changes</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../../stack/index.html">3. Plug &amp; Trust MW Stack</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../../building/index.html">4. Building / Compiling</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../../demos/index.html">5. Demo and Examples</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../../edgelock2go-agent.html">6. NXP EdgeLock 2GO Agent</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../../semslite/doc/index.html">7. SEMS Lite Agent</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="../../../../plugins/index.html">8. Plugins / Add-ins</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="../../openssl/scripts/readme.html">8.1. Introduction on OpenSSL engine</a></li>
<li class="toctree-l2 current"><a class="current reference internal" href="#">8.2. Introduction on mbedTLS ALT Implementation</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#using-mbedtls-alt">8.2.1. Using mbedTLS ALT</a></li>
<li class="toctree-l3"><a class="reference internal" href="#testing">8.2.2. Testing</a></li>
<li class="toctree-l3"><a class="reference internal" href="#mbedtls-alt-apis">8.2.3. mbedTLS ALT APIs</a></li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="../../psa/Readme.html">8.3. Platform Security Architecture</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../plugins/akm.html">8.4. Android Key master</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../open62541/readme.html">8.5. Introduction on Open62541 (OPC UA stack)</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../plugins/wifiEAP/wifiEAP.html">8.6. WiFi EAP Demo with Raspberry Pi3</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../../../plugins/pkcs11.html">8.7. PKCS#11 Standalone Library</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../../cli-tool.html">9. CLI Tool</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../../a71ch.html">10. A71CH</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../../appendix.html">11. Appendix</a></li>
</ul>
</div>
<div class="row">
<form class="form" action="../../../../search.html" method="get">
<div class="form-group">
<label for="Search">Search:</label>
<input type="text" name="q" class="form-control" placeholder="Search" />
</div>
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div>
</div>
<div class="body col-md-9 content" role="main">
<div class="section" id="introduction-on-mbedtls-alt-implementation">
<span id="mbedtls-alt"></span><h1><span class="section-number">8.2. </span>Introduction on mbedTLS ALT Implementation<a class="headerlink" href="#introduction-on-mbedtls-alt-implementation" title="Permalink to this headline"></a></h1>
<p>MbedTLS ALT implementation allows mbedTLS stack use the secure element
access using SSS layer. Crypto operations performed during TLS handshake
between client and server are performed using the secure element.</p>
<div class="section" id="using-mbedtls-alt">
<h2><span class="section-number">8.2.1. </span>Using mbedTLS ALT<a class="headerlink" href="#using-mbedtls-alt" title="Permalink to this headline"></a></h2>
<p>For reference, let’s look at the <code class="file docutils literal notranslate"><span class="pre">sss/ex/mbedtls/ex_sss_ssl2.c</span></code>.
The important sections of the file are.</p>
<p>Here we initialize the keys and relevent objects.</p>
<div class="highlight-c notranslate"><div class="highlight"><pre><span></span>
<span class="cm">/* pex_sss_demo_tls_ctx-&gt;obj will have the private key handle */</span>
<span class="n">status</span> <span class="o">=</span> <span class="n">sss_key_object_init</span><span class="p">(</span><span class="o">&amp;</span><span class="n">pex_sss_demo_tls_ctx</span><span class="o">-&gt;</span><span class="n">obj</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">pCtx</span><span class="o">-&gt;</span><span class="n">ks</span><span class="p">);</span>
<span class="k">if</span> <span class="p">(</span><span class="n">status</span> <span class="o">!=</span> <span class="n">kStatus_SSS_Success</span><span class="p">)</span> <span class="p">{</span>
<span class="n">printf</span><span class="p">(</span><span class="s">&quot; sss_key_object_init for keyPair Failed...</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">);</span>
<span class="k">return</span> <span class="n">kStatus_SSS_Fail</span><span class="p">;</span>
<span class="p">}</span>
<span class="n">status</span> <span class="o">=</span> <span class="n">sss_key_object_get_handle</span><span class="p">(</span><span class="o">&amp;</span><span class="n">pex_sss_demo_tls_ctx</span><span class="o">-&gt;</span><span class="n">obj</span><span class="p">,</span> <span class="n">SSS_KEYPAIR_INDEX_CLIENT_PRIVATE</span><span class="p">);</span>
<span class="k">if</span> <span class="p">(</span><span class="n">status</span> <span class="o">!=</span> <span class="n">kStatus_SSS_Success</span><span class="p">)</span> <span class="p">{</span>
<span class="n">printf</span><span class="p">(</span><span class="s">&quot; sss_key_object_get_handle for keyPair Failed...</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">);</span>
<span class="k">return</span> <span class="n">kStatus_SSS_Fail</span><span class="p">;</span>
<span class="p">}</span>
<span class="cm">/* pex_sss_demo_tls_ctx-&gt;pub_obj will have the root CA public key */</span>
<span class="n">status</span> <span class="o">=</span> <span class="n">sss_key_object_init</span><span class="p">(</span><span class="o">&amp;</span><span class="n">pex_sss_demo_tls_ctx</span><span class="o">-&gt;</span><span class="n">pub_obj</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">pCtx</span><span class="o">-&gt;</span><span class="n">ks</span><span class="p">);</span>
<span class="k">if</span> <span class="p">(</span><span class="n">status</span> <span class="o">!=</span> <span class="n">kStatus_SSS_Success</span><span class="p">)</span> <span class="p">{</span>
<span class="n">printf</span><span class="p">(</span><span class="s">&quot; sss_key_object_init for Pub key Failed...</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">);</span>
<span class="k">return</span> <span class="n">kStatus_SSS_Fail</span><span class="p">;</span>
<span class="p">}</span>
<span class="n">status</span> <span class="o">=</span> <span class="n">sss_key_object_get_handle</span><span class="p">(</span><span class="o">&amp;</span><span class="n">pex_sss_demo_tls_ctx</span><span class="o">-&gt;</span><span class="n">pub_obj</span><span class="p">,</span> <span class="n">SSS_PUBKEY_INDEX_CA</span><span class="p">);</span>
<span class="k">if</span> <span class="p">(</span><span class="n">status</span> <span class="o">!=</span> <span class="n">kStatus_SSS_Success</span><span class="p">)</span> <span class="p">{</span>
<span class="n">printf</span><span class="p">(</span><span class="s">&quot; sss_key_object_get_handle for extPubkey Failed...</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">);</span>
<span class="k">return</span> <span class="n">kStatus_SSS_Fail</span><span class="p">;</span>
<span class="p">}</span>
<span class="cm">/* pex_sss_demo_tls_ctx-&gt;dev_cert will have the our device certificate */</span>
<span class="n">status</span> <span class="o">=</span> <span class="n">sss_key_object_init</span><span class="p">(</span><span class="o">&amp;</span><span class="n">pex_sss_demo_tls_ctx</span><span class="o">-&gt;</span><span class="n">dev_cert</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">pCtx</span><span class="o">-&gt;</span><span class="n">ks</span><span class="p">);</span>
<span class="k">if</span> <span class="p">(</span><span class="n">status</span> <span class="o">!=</span> <span class="n">kStatus_SSS_Success</span><span class="p">)</span> <span class="p">{</span>
<span class="n">printf</span><span class="p">(</span><span class="s">&quot; sss_key_object_init for Pub key Failed...</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">);</span>
<span class="k">return</span> <span class="n">kStatus_SSS_Fail</span><span class="p">;</span>
<span class="p">}</span>
<span class="n">status</span> <span class="o">=</span> <span class="n">sss_key_object_get_handle</span><span class="p">(</span><span class="o">&amp;</span><span class="n">pex_sss_demo_tls_ctx</span><span class="o">-&gt;</span><span class="n">dev_cert</span><span class="p">,</span> <span class="n">SSS_CERTIFICATE_INDEX</span><span class="p">);</span>
<span class="k">if</span> <span class="p">(</span><span class="n">status</span> <span class="o">!=</span> <span class="n">kStatus_SSS_Success</span><span class="p">)</span> <span class="p">{</span>
<span class="n">printf</span><span class="p">(</span><span class="s">&quot; sss_key_object_get_handle for client Cert Failed...</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">);</span>
<span class="k">return</span> <span class="n">kStatus_SSS_Fail</span><span class="p">;</span>
<span class="p">}</span>
</pre></div>
</div>
<p>Here, we tell mbedTLS to use the root CA public key from the SE.</p>
<div class="highlight-c notranslate"><div class="highlight"><pre><span></span><span class="n">mbedtls_pk_free</span><span class="p">(</span><span class="o">&amp;</span><span class="n">cacert</span><span class="p">.</span><span class="n">pk</span><span class="p">);</span>
<span class="n">ret</span> <span class="o">=</span> <span class="n">sss_mbedtls_associate_pubkey</span><span class="p">(</span><span class="o">&amp;</span><span class="n">cacert</span><span class="p">.</span><span class="n">pk</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">pex_sss_demo_tls_ctx</span><span class="o">-&gt;</span><span class="n">pub_obj</span><span class="p">);</span>
</pre></div>
</div>
<p>Here, get certificate in DER format from the SE, and then convert it to PEM and share it with the mbedTLS stack.</p>
<div class="highlight-c notranslate"><div class="highlight"><pre><span></span><span class="kt">size_t</span> <span class="n">KeyBitLen</span> <span class="o">=</span> <span class="n">SIZE_CLIENT_CERTIFICATE</span> <span class="o">*</span> <span class="mi">8</span><span class="p">;</span>
<span class="kt">size_t</span> <span class="n">KeyByteLen</span> <span class="o">=</span> <span class="n">SIZE_CLIENT_CERTIFICATE</span><span class="p">;</span>
<span class="n">ret_code</span> <span class="o">=</span> <span class="n">sss_key_store_get_key</span><span class="p">(</span>
<span class="o">&amp;</span><span class="n">pCtx</span><span class="o">-&gt;</span><span class="n">ks</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">pex_sss_demo_tls_ctx</span><span class="o">-&gt;</span><span class="n">dev_cert</span><span class="p">,</span> <span class="n">aclient_cer</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">KeyByteLen</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">KeyBitLen</span><span class="p">);</span>
<span class="n">ret</span> <span class="o">=</span> <span class="n">mbedtls_x509_crt_parse_der</span><span class="p">(</span><span class="o">&amp;</span><span class="n">clicert</span><span class="p">,</span>
<span class="p">(</span><span class="k">const</span> <span class="kt">unsigned</span> <span class="kt">char</span> <span class="o">*</span><span class="p">)</span><span class="n">aclient_cer</span><span class="p">,</span>
<span class="k">sizeof</span><span class="p">(</span><span class="n">aclient_cer</span><span class="p">));</span>
<span class="k">if</span> <span class="p">((</span><span class="n">ret_code</span> <span class="o">==</span> <span class="n">kStatus_SSS_Success</span><span class="p">)</span> <span class="o">&amp;&amp;</span> <span class="p">(</span><span class="n">ret</span> <span class="o">==</span> <span class="mi">0</span><span class="p">))</span> <span class="p">{</span>
<span class="n">client_certificate_loaded</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span>
<span class="p">}</span>
</pre></div>
</div>
<p>Here, we tell mbedTLS to use the device private key from the SE, generally for signing any contents.</p>
<div class="highlight-c notranslate"><div class="highlight"><pre><span></span><span class="n">sss_mbedtls_associate_keypair</span><span class="p">(</span><span class="o">&amp;</span><span class="n">pkey</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">pex_sss_demo_tls_ctx</span><span class="o">-&gt;</span><span class="n">obj</span><span class="p">);</span>
</pre></div>
</div>
<p>Here, we tell mbedTLS to use the private key from the SE for ECDH handshake.</p>
<div class="highlight-c notranslate"><div class="highlight"><pre><span></span><span class="n">sss_mbedtls_associate_ecdhctx</span><span class="p">(</span><span class="n">ssl</span><span class="p">.</span><span class="n">handshake</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">pex_sss_demo_tls_ctx</span><span class="o">-&gt;</span><span class="n">obj</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">pCtx</span><span class="o">-&gt;</span><span class="n">host_ks</span><span class="p">);</span>
</pre></div>
</div>
</div>
<div class="section" id="testing">
<h2><span class="section-number">8.2.2. </span>Testing<a class="headerlink" href="#testing" title="Permalink to this headline"></a></h2>
<div class="section" id="building-mbedtls-ssl-dtls-server-for-testing">
<h3><span class="section-number">8.2.2.1. </span>Building mbedTLS SSL/DTLS server for testing<a class="headerlink" href="#building-mbedtls-ssl-dtls-server-for-testing" title="Permalink to this headline"></a></h3>
<p>Build mbedTLS server using the VS solution:
CMake configurations:
- <code class="docutils literal notranslate"><span class="pre">RTOS_Default</span></code>: ON
- <code class="docutils literal notranslate"><span class="pre">WithHostCrypto_MBEDTLS</span></code>: ON
- <code class="docutils literal notranslate"><span class="pre">WithmbedTLS_ALT_SSS</span></code>: ON</p>
<ul class="simple">
<li><p>Project: <code class="docutils literal notranslate"><span class="pre">mbedtls_ex_orig_ssl_server2</span></code> / <code class="docutils literal notranslate"><span class="pre">mbedtls_ex_orig_dtls_server</span></code></p></li>
</ul>
</div>
<div class="section" id="building-mbedtls-ssl-dtls-client-with-sss-apis-integration">
<h3><span class="section-number">8.2.2.2. </span>Building mbedTLS SSL/DTLS client (with SSS-APIs integration)<a class="headerlink" href="#building-mbedtls-ssl-dtls-client-with-sss-apis-integration" title="Permalink to this headline"></a></h3>
<p>Build mbedTLS client using the VS solution:
CMake configurations:
- <code class="docutils literal notranslate"><span class="pre">RTOS_Default</span></code>: ON
- <code class="docutils literal notranslate"><span class="pre">WithHostCrypto_MBEDTLS</span></code>: ON
- <code class="docutils literal notranslate"><span class="pre">WithmbedTLS_ALT_SSS</span></code>: ON</p>
<ul class="simple">
<li><p>Project: <code class="docutils literal notranslate"><span class="pre">mbedtls_ex_sss_ssl2_client</span></code> / <code class="docutils literal notranslate"><span class="pre">mbedtls_ex_sss_dtls_client</span></code></p></li>
</ul>
</div>
<div class="section" id="testings-mbedtls-alt">
<h3><span class="section-number">8.2.2.3. </span>Testings mbedTLS ALT<a class="headerlink" href="#testings-mbedtls-alt" title="Permalink to this headline"></a></h3>
<p>Directory <code class="docutils literal notranslate"><span class="pre">simw-top\sss\plugin\mbedtls\scripts</span></code> contains test scripts for
starting mbedTLS server and client applications with different cipher suites.
Before executing some test scripts, the secure element must first be
provisioned.</p>
<ol class="arabic">
<li><p>Complete <a class="reference internal" href="../../../../pycli/doc/pre-steps.html#cli-doc-pre-steps"><span class="std std-numref">Section 9.3</span></a> <a class="reference internal" href="../../../../pycli/doc/pre-steps.html#cli-doc-pre-steps"><span class="std std-ref">Steps needed before running ssscli tool</span></a></p></li>
<li><p>Provision secure element using python scripts in directory
<code class="docutils literal notranslate"><span class="pre">simw-top\sss\plugin\mbedtls\scripts</span></code>.
Run the following commands in virtual environment:</p>
<dl class="simple">
<dt>To provision secure element for ECC</dt><dd><p><code class="docutils literal notranslate"><span class="pre">python3</span> <span class="pre">create_and_provision_ecc_keys.py</span> <span class="pre">&lt;keyType&gt;</span> <span class="pre">&lt;connection_type&gt;</span> <span class="pre">&lt;connection_string&gt;</span> <span class="pre">&lt;iot_se</span> <span class="pre">(optional.</span> <span class="pre">Default</span> <span class="pre">-</span> <span class="pre">se050)&gt;</span> <span class="pre">&lt;auth</span> <span class="pre">(optional.</span> <span class="pre">Default</span> <span class="pre">-</span> <span class="pre">None)&gt;</span> <span class="pre">&lt;auth_key&gt;</span></code></p>
</dd>
<dt>To configure secure element for RSA</dt><dd><p><code class="docutils literal notranslate"><span class="pre">python3</span> <span class="pre">create_and_provision_rsa_keys.py</span> <span class="pre">&lt;keyType&gt;</span> <span class="pre">&lt;connection_type&gt;</span> <span class="pre">&lt;connection_string&gt;</span> <span class="pre">&lt;auth</span> <span class="pre">(optional.</span> <span class="pre">Default</span> <span class="pre">-</span> <span class="pre">None)&gt;</span> <span class="pre">&lt;auth_key&gt;</span></code></p>
</dd>
<dt>To see possible values of input arguments, run without any parameters</dt><dd><p><code class="docutils literal notranslate"><span class="pre">create_and_provision_ecc_keys.py.</span></code> or <code class="docutils literal notranslate"><span class="pre">create_and_provision_rsa_keys.py</span></code></p>
</dd>
</dl>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>Once provisioning is done the virtual environment is not needed anymore.</p>
</div>
</li>
<li><p>Starting mbedTLS SSL client and server applications:</p>
<div class="highlight-text notranslate"><div class="highlight"><pre><span></span>python3 start_ssl2_server.py &lt;ec_curve&gt;/&lt;rsa_type&gt;
python3 start_ssl2_client.py &lt;ec_curve&gt;/&lt;rsa_type&gt; &lt;cipher suite&gt; &lt;connection_string&gt;
</pre></div>
</div>
</li>
<li><p>Starting mbedTLS DTLS client and server applications:</p>
<div class="highlight-text notranslate"><div class="highlight"><pre><span></span>python3 start_dtls_server.py &lt;ec_curve&gt;/&lt;rsa_type&gt;
python3 start_dtls_client.py &lt;ec_curve&gt;/&lt;rsa_type&gt; &lt;cipher suite&gt; &lt;connection_string&gt;
</pre></div>
</div>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>Ensure that <code class="docutils literal notranslate"><span class="pre">ec_curve</span></code>/<code class="docutils literal notranslate"><span class="pre">rsa_type</span></code> used in server and client
applications is the same as used while provisioning the SE in step 2.</p>
</div>
</li>
</ol>
</div>
</div>
<div class="section" id="mbedtls-alt-apis">
<h2><span class="section-number">8.2.3. </span>mbedTLS ALT APIs<a class="headerlink" href="#mbedtls-alt-apis" title="Permalink to this headline"></a></h2>
<dl class="group">
<dt>
<em>group</em> <code class="sig-name descname">ax_mbed_tls</code></dt>
<dd><p>mbedTLS ALT implementation. </p>
<div class="breathe-sectiondef docutils container">
<p class="breathe-sectiondef-title rubric">Unnamed Group</p>
<dl class="function">
<dt>
int <code class="sig-name descname">sss_mbedtls_associate_keypair</code><span class="sig-paren">(</span>mbedtls_pk_context *<em>pkey</em>, <a class="reference internal" href="../../../../api/structsss__object__t.html#_CPPv412sss_object_t" title="sss_object_t">sss_object_t</a> *<em>pkeyObject</em><span class="sig-paren">)</span><br /></dt>
<dd><p>Associate a keypair provisioned in the secure element for subsequent operations. </p>
<p><dl class="simple">
<dt><strong>Description</strong></dt><dd><p>Implementation of key association between NXP Secure Element and mbedtls. </p>
</dd>
<dt><strong>History</strong></dt><dd><p>1.0 30-jan-2018 : Initial version </p>
</dd>
<dt><strong>Return</strong></dt><dd><p>0 if successful, or 1 if unsuccessful </p>
</dd>
<dt><strong>Parameters</strong></dt><dd><ul class="breatheparameterlist simple">
<li><p><code class="docutils literal notranslate"><span class="pre">[out]</span> <span class="pre">pkey</span></code>: Pointer to the mbedtls_pk_context which will be associated with data corresponding to the key_index</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">[in]</span> <span class="pre">pkeyObject</span></code>: The object that we are going to be use.</p></li>
</ul>
</dd>
</dl>
</p>
</dd></dl>
<dl class="function">
<dt>
int <code class="sig-name descname">sss_mbedtls_associate_pubkey</code><span class="sig-paren">(</span>mbedtls_pk_context *<em>pkey</em>, <a class="reference internal" href="../../../../api/structsss__object__t.html#_CPPv412sss_object_t" title="sss_object_t">sss_object_t</a> *<em>pkeyObject</em><span class="sig-paren">)</span><br /></dt>
<dd><p>Associate a pubkey provisioned in the secure element for subsequent operations. </p>
<p><dl class="simple">
<dt><strong>Return</strong></dt><dd><p>0 if successful, or 1 if unsuccessful </p>
</dd>
<dt><strong>Parameters</strong></dt><dd><ul class="breatheparameterlist simple">
<li><p><code class="docutils literal notranslate"><span class="pre">[out]</span> <span class="pre">pkey</span></code>: Pointer to the mbedtls_pk_context which will be associated with data corresponding to the key index</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">[in]</span> <span class="pre">pkeyObject</span></code>: The object that we are going to be use.</p></li>
</ul>
</dd>
</dl>
</p>
</dd></dl>
<dl class="function">
<dt>
int <code class="sig-name descname">sss_mbedtls_associate_ecdhctx</code><span class="sig-paren">(</span>mbedtls_ssl_handshake_params *<em>handshake</em>, <a class="reference internal" href="../../../../api/structsss__object__t.html#_CPPv412sss_object_t" title="sss_object_t">sss_object_t</a> *<em>pkeyObject</em>, <a class="reference internal" href="../../../../api/structsss__key__store__t.html#_CPPv415sss_key_store_t" title="sss_key_store_t">sss_key_store_t</a> *<em>hostKs</em><span class="sig-paren">)</span><br /></dt>
<dd><p>Update ECDSA HandShake key with given inded. </p>
<p><dl class="simple">
<dt><strong>Return</strong></dt><dd><p>0 if successful, or 1 if unsuccessful </p>
</dd>
<dt><strong>Parameters</strong></dt><dd><ul class="breatheparameterlist simple">
<li><p><code class="docutils literal notranslate"><span class="pre">[inout]</span> <span class="pre">handshake</span></code>: Pointer to the mbedtls_ssl_handshake_params which will be associated with data corresponding to the key index</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">[in]</span> <span class="pre">pkeyObject</span></code>: The object that we are going to be use.</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">[in]</span> <span class="pre">hostKs</span></code>: Keystore to host for session key.</p></li>
</ul>
</dd>
</dl>
</p>
</dd></dl>
</div>
</dd></dl>
</div>
</div>
</div>
</div>
</div>
<footer class="footer">
<div class="container">
<p class="pull-right">
<a href="#">Back to top</a>
</p>
<p>
&copy; Copyright 2018-2020, NXP.<br/>
Created using <a href="http://sphinx-doc.org/">Sphinx</a> 2.4.1.<br/>
</p>
</div>
</footer>
</body>
</html>