Documentation

Mistake on this page? Email us
Typedefs | Enumerations | Functions
pal_rot.h File Reference

PAL ROT. This file contains the ROT (root of trust) API. More...

#include <stdint.h>

Go to the source code of this file.

Typedefs

typedef enum palDeviceKeyType palDevKeyType_t
 Device key types supported in PAL. More...
 

Enumerations

enum  palDeviceKeyType { palOsStorageEncryptionKey128Bit = 0, palOsStorageSignatureKey128Bit = 1, palOsStorageHmacSha256 = 2 }
 Device key types supported in PAL. More...
 

Functions

palStatus_t pal_osGetDeviceKey (palDevKeyType_t keyType, uint8_t *key, size_t keyLenBytes)
 
palStatus_t pal_osSetRoT (uint8_t *key, size_t keyLenBytes)
 

Detailed Description

PAL ROT. This file contains the ROT (root of trust) API.

Typedef Documentation

typedef enum palDeviceKeyType palDevKeyType_t

Device key types supported in PAL.

Enumeration Type Documentation

enum palDeviceKeyType

Device key types supported in PAL.

Enumerator
palOsStorageEncryptionKey128Bit 
palOsStorageSignatureKey128Bit 

128bit storage encryption key derived from RoT.

palOsStorageHmacSha256 

128bit storage signature key derived from RoT.

Function Documentation

palStatus_t pal_osGetDeviceKey ( palDevKeyType_t  keyType,
uint8_t *  key,
size_t  keyLenBytes 
)

Return a device unique key derived from the root of trust.

Parameters
[in]keyTypeThe type of key to derive.
[in,out]keyA 128-bit OR 256-bit buffer to hold the derived key, size is defined according to the keyType.
[in]keyLenBytesThe size of buffer to hold the 128-bit OR 256-bit key.
Returns
PAL_SUCCESS in case of success and one of the following error codes in case of failure:
PAL_ERR_GET_DEV_KEY - an error in key derivation.
PAL_ERR_INVALID_ARGUMENT - invalid parameter.
palStatus_t pal_osSetRoT ( uint8_t *  key,
size_t  keyLenBytes 
)

Sets a root of trust key. The size of the key must be 16 bytes. This function is not implemented for HW RoT configuration.

Parameters
[in]keyA 16 bytes buffer with a root of trust key to set.
[in]keyLenBytesThe size of the buffer must be 16 bytes.
Returns
PAL_SUCCESS in case of success and one of the following error codes in case of failure:
PAL_ERR_ITEM_EXIST - RoT key already exists.
PAL_ERR_INVALID_ARGUMENT - invalid parameter.
PAL_ERR_GENERIC_FAILURE - set operation failed.
PAL_ERR_NOT_IMPLEMENTED - the function is not implemented for current configuration.