Mbed OS Reference
|
Use this singleton if you need to derive a new key from the device root of trust. More...
#include <DeviceKey.h>
Public Member Functions | |
int | generate_derived_key (const unsigned char *isalt, size_t isalt_size, unsigned char *output, uint16_t ikey_type) |
Derive a new key based on the salt string. More... | |
int | device_inject_root_of_trust (uint32_t *value, size_t isize) |
Set a device key into the KVStore. More... | |
int | generate_root_of_trust (size_t key_size=16) |
Generate Root of Trust. More... | |
Static Public Member Functions | |
static DeviceKey & | get_instance () |
As a singleton, return the single instance of the class. More... | |
Use this singleton if you need to derive a new key from the device root of trust.
Definition at line 67 of file DeviceKey.h.
|
static |
As a singleton, return the single instance of the class.
Reason for this class being a singleton is the following:
Definition at line 78 of file DeviceKey.h.
int generate_derived_key | ( | const unsigned char * | isalt, |
size_t | isalt_size, | ||
unsigned char * | output, | ||
uint16_t | ikey_type | ||
) |
Derive a new key based on the salt string.
isalt | Input buffer used to create the new key. Same input always generates the same key |
isalt_size | Size of the data in salt buffer. |
output | Buffer to receive the derived key. Size must be 16 bytes or 32 bytes according to the ikey_type parameter |
ikey_type | Type of the required key. Must be 16 bytes or 32 bytes. |
int device_inject_root_of_trust | ( | uint32_t * | value, |
size_t | isize | ||
) |
Set a device key into the KVStore.
If entropy support is missing, call this method before calling device_key_derived_key. This method should be called only once!
value | Input buffer contain the key. |
isize | Size of the supplied key. Must be 16 bytes or 32 bytes. |
int generate_root_of_trust | ( | size_t | key_size = 16 | ) |
Generate Root of Trust.
Uses TRNG or various other entropy sources to generate random device key and inject it into device's KVStore. Device Key can only be generated once.
key_size | Size of key in bytes to generate. Must be 16 bytes or 32 bytes. Default is 16 bytes. |