 |
nrfxlib API 3.3.99
|
|
nrfxlib API 3.3.99
|
| int nrf_cc3xx_platform_kmu_shadow_key_derive | ( | uint32_t | slot_id, |
| unsigned int | keybits, | ||
| uint8_t const * | label, | ||
| size_t | label_size, | ||
| uint8_t const * | context, | ||
| size_t | context_size, | ||
| uint8_t * | output, | ||
| size_t | output_size ) |
#include <crypto/nrf_cc310_platform/include/nrf_cc3xx_platform_kmu.h>
Function to use CMAC to derive a key stored in KMU/KDR.
The KDF is using a PRF function described in the Special publication 800-108: Recommendation for Key Derivation Using Pseudorandom Functions https://csrc.nist.gov/publications/detail/sp/800-108/final.
This algorithm is described in chapter 5.1 - KDF in Counter Mode
The format of the PRF (the input) is as follows: PRF (KI, i || Label || 0x00 || Context || L)
KI: The Key derivation key i : The counter value for each iteration of the PRF represented as one byte. label: A string identifying the purpose of the derived key that is up to 64 bytes long. 0x00: A single byte delimiter. Context: Fixed information about the derived keying material that is up to 64 bytes long. L : The length of derived key material in bits represented as two bytes.
| slot_id | Identifier of the key slot. |
| keybits | Key size in bits. |
| label | Label to use for KDF. |
| label_size | Size of the label in bytes to use for KDF. |
| context | Context info to use for KDF. |
| context_size | Context info size in bytes to use for KDF. |
| output | Output buffer. |
| output_size | Size of the output buffer in bytes. |
1.12.0