crypto_Kas_Status_E Crypto_Kas_Ecdh_SharedSecret(
crypto_HandlerType_E ecdhHandlerType_en,
uint8_t *ptr_privKey,
uint32_t privKeyLen,
uint8_t *ptr_pubKey,
uint32_t pubKeyLen,
uint8_t *ptr_sharedSecret,
uint32_t sharedSecretLen,
crypto_EccCurveType_E eccCurveType_en,
uint32_t ecdhSessionId
);
Description
This API is utilized to generate a shared secret using the ECDH algorithm. It
requires the ECC private key of one party and the ECC public key of another party as
inputs to generate the shared secret. These keys must adhere to the ANSI X9.63
format. Additionally, it's crucial that the ECC keys used in this API are generated
from the same curve type. The HW handler currently does not support compressed key
format.
Parameters
| No. | Argument Type | Argument Name | Type | Description |
|---|
| 1 | crypto_HandlerType_E | ecdhHandlerType_en | Input | Enum for
crypto operation handler i.e., SW, HW |
| 2 | uint8_t* | ptr_privKey | Input | Pointer to
hold private key in x9.63 format |
| 3 | uint32_t | privKeyLen | Input | Length of ECC
private key in bytes |
| 4 | uint8_t* | ptr_pubKey | Input | Pointer to
hold public key in x9.63 format |
| 4 | uint32_t | pubKeyLen | Input | Length of ECC
public key in bytes |
| 6 | uint8_t* | ptr_sharedSecret | Output | Pointer holds
the generated Shared Secret |
| 7 | uint32_t | sharedSecretLen | Input | Length of
Shared Secret in bytes |
| 8 | crypto_EccCurveType_E | eccCurveType_en | Input | Curve type
used for the ECC keys |
| 9 | uint32_t | ecdhSessionId | Input | It defines the
session ID, must be more than zero |
Returns
| Return Type | Description |
|---|
| crypto_Kas_Status_E | Function
returns the status of the API. |
Prerequisites
- To use the HW handler, the
algorithm must be enabled in Crypto v4 in MPLAB® Code Configurator.
- To use the SW handler, the
algorithm must be enabled in wolfCrypt, and linked to Crypto V4 in MPLAB® Code
Configurator.
Example
#define sessionID 1
crypto_Kas_Status_E status;
crypto_HandlerType_E handlerType_en = CRYPTO_HANDLER_HW_INTERNAL ;
uint8_t privKey[32] = {/*data*/};
uint32_t privKeyLen = sizeof(privKey);
uint8_t pubKey[65] = {/*data*/}; //64 bytes key and 1 byte compression
uint32_t pubKeyLen = sizeof(pubKey);
uint8_t sharedSecret[64];
uint32_t sharedSecretLen = sizeof(sharedSecret);
crypto_EccCurveType_E eccCurveType_en = CRYPTO_ECC_CURVE_SECP256R1;
status = Crypto_Kas_Ecdh_SharedSecret (
handlerType_en,
privKey,
privKeyLen,
pubKey,
pubKeyLen,
sharedSecret,
sharedSecretLen,
eccCurveType_en,
sessionID
);
//if using compressed key you must use the CRYPTO_HANDLER_SW_WOLFCRYPT handler.
//compressed key
handlerType_en = CRYPTO_HANDLER_SW_WOLFCRYPT;
uint8_t pubKeyCompressed[33] = {/*data*/};
uint32_t pubKeyCompressedLen = sizeof(pubKeyCompressed);
status = Crypto_Kas_Ecdh_SharedSecret (
handlerType_en,
privKey,
privKeyLen,
pubKeyCompressed,
pubKeyCompressedLen,
sharedSecret,
sharedSecretLen,
eccCurveType_en,
sessionID
);
