Jetson Linux API Reference

32.6.1 Release
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Groups Pages
Functions | Variables
Software-Based AES-CMAC Function

Detailed Description

Specifies a software implementation of the AES-CMAC function, very similar to the OpenSSL CMAC implementation, and based on the same concepts.

Functions

static int nist_sp_800_108_with_cmac (uint8_t *key, uint32_t key_len, char const *context, char const *label, uint32_t dk_len, uint8_t *out_dk)
 A software-based NIST-SP-800-108 KDF; derives keys from a key in a key buffer. More...
 
static int key_mgnt_derive_root_keys (void)
 
static int set_ekb_key_to_keyslot (uint32_t keyslot, uint8_t key_index)
 
static int tegra_se_cmac_self_test (void)
 
static int tegra_se_nist_800_108_kdf_self_test (void)
 
int key_mgnt_processing (void)
 

Variables

static uint8_t fv_for_ekb []
 
static uint8_t fv_for_ssk_dk []
 
static uint8_t kek2_rk_for_ekb [AES_KEY_128_SIZE] = { 0 }
 
static uint8_t ssk_rk [AES_KEY_128_SIZE] = { 0 }
 
static uint8_t demo_256_rk [AES_KEY_256_SIZE] = { 0 }
 
static uint8_t ekb_ek [AES_KEY_128_SIZE] = { 0 }
 
static uint8_t ekb_ak [AES_KEY_128_SIZE] = { 0 }
 
static uint8_t ssk_dk [AES_KEY_128_SIZE] = { 0 }
 

Function Documentation

static int key_mgnt_derive_root_keys ( void  )
static

Definition at line 198 of file key_mgnt.c.

References demo_256_rk, fv_for_ekb, fv_for_ssk_dk, kek2_rk_for_ekb, se_clear_aes_keyslots(), se_derive_root_key(), se_nist_sp_800_108_with_cmac(), and ssk_rk.

Referenced by key_mgnt_processing().

int key_mgnt_processing ( void  )

Definition at line 343 of file key_mgnt.c.

References ekb_ak, ekb_ek, kek2_rk_for_ekb, key_mgnt_derive_root_keys(), nist_sp_800_108_with_cmac(), set_ekb_key_to_keyslot(), ssk_dk, ssk_rk, tegra_se_cmac_self_test(), and tegra_se_nist_800_108_kdf_self_test().

static int nist_sp_800_108_with_cmac ( uint8_t *  key,
uint32_t  key_len,
char const *  context,
char const *  label,
uint32_t  dk_len,
uint8_t *  out_dk 
)
static

A software-based NIST-SP-800-108 KDF; derives keys from a key in a key buffer.

Note
Use this function only at run time (after the boot stage). To derive keys from the SE keyslot at boot time, use se_nist_sp_800_with_cmac(). That function is defined in the repo trusty/keystore-demo, \ in ./hwkey-agent/platform/tegra_se/include/tegra_se.h. Its KDF is implemented in hardware rather than software.
Parameters
[in]*keyInput key for derivation.
[in]key_lenLength in bytes of the input key.
[in]*contextA pointer to a NIST-SP-800-108 context string.
[in]*labelA pointer to a NIST-SP-800-108 label string.
[in]dk_lenLength of the derived key in bytes; may be 16 (128 bits) or any multiple of 16.
[out]*out_dkA pointer to the derived key. The function stores its result in this location.
Returns
NO_ERROR if successful, or ERR_NO_MEMORY if no memory is available.

Definition at line 116 of file key_mgnt.c.

Referenced by key_mgnt_processing(), and tegra_se_nist_800_108_kdf_self_test().

static int set_ekb_key_to_keyslot ( uint32_t  keyslot,
uint8_t  key_index 
)
static

Definition at line 246 of file key_mgnt.c.

References se_write_keyslot().

Referenced by key_mgnt_processing().

static int tegra_se_cmac_self_test ( void  )
static

Definition at line 259 of file key_mgnt.c.

References se_write_keyslot(), tegra_se_cmac_final(), tegra_se_cmac_free(), tegra_se_cmac_init(), tegra_se_cmac_new(), and tegra_se_cmac_update().

Referenced by key_mgnt_processing().

static int tegra_se_nist_800_108_kdf_self_test ( void  )
static

Definition at line 308 of file key_mgnt.c.

References nist_sp_800_108_with_cmac(), se_nist_sp_800_108_with_cmac(), and se_write_keyslot().

Referenced by key_mgnt_processing().

Variable Documentation

uint8_t demo_256_rk[AES_KEY_256_SIZE] = { 0 }
static

Definition at line 85 of file key_mgnt.c.

Referenced by key_mgnt_derive_root_keys().

uint8_t ekb_ak[AES_KEY_128_SIZE] = { 0 }
static

Definition at line 91 of file key_mgnt.c.

Referenced by key_mgnt_processing().

uint8_t ekb_ek[AES_KEY_128_SIZE] = { 0 }
static

Definition at line 90 of file key_mgnt.c.

Referenced by key_mgnt_processing().

uint8_t fv_for_ekb[]
static
Initial value:
= {
0xba, 0xd6, 0x6e, 0xb4, 0x48, 0x49, 0x83, 0x68,
0x4b, 0x99, 0x2f, 0xe5, 0x4a, 0x64, 0x8b, 0xb8,
}

Definition at line 65 of file key_mgnt.c.

Referenced by key_mgnt_derive_root_keys().

uint8_t fv_for_ssk_dk[]
static
Initial value:
= {
0xe4, 0x20, 0xf5, 0x8d, 0x1d, 0xea, 0xb5, 0x24,
0xc2, 0x70, 0xd8, 0xd2, 0x3e, 0xca, 0x45, 0xe8,
}

Definition at line 75 of file key_mgnt.c.

Referenced by key_mgnt_derive_root_keys().

uint8_t kek2_rk_for_ekb[AES_KEY_128_SIZE] = { 0 }
static

Definition at line 83 of file key_mgnt.c.

Referenced by key_mgnt_derive_root_keys(), and key_mgnt_processing().

uint8_t ssk_dk[AES_KEY_128_SIZE] = { 0 }
static

Definition at line 92 of file key_mgnt.c.

Referenced by key_mgnt_processing().

uint8_t ssk_rk[AES_KEY_128_SIZE] = { 0 }
static

Definition at line 84 of file key_mgnt.c.

Referenced by key_mgnt_derive_root_keys(), and key_mgnt_processing().