Infuse security API . More...

Data Structures
struct	infuse_security_key_params
	Parameters to control key creation. More...

Functions
int	infuse_security_init (void)
	Initialise core security systems.

void	infuse_security_disable_dap (void)
	Disable the Debug-Access-Port.

psa_key_attributes_t	infuse_security_hkdf_attributes (void)
	Retrieve the key attributes required for creating a key compatible with infuse_security_derive_chacha_key.

void	infuse_security_cloud_public_key (uint8_t public_key[32])
	Retrieve current cloud public key.

void	infuse_security_device_public_key (uint8_t public_key[32])
	Retrieve current device public key.

psa_key_id_t	infuse_security_device_root_key (void)
	Get device root key identifier.

psa_key_id_t	infuse_security_device_sign_key (void)
	Get device signing key identifier.

psa_key_id_t	infuse_security_network_root_key (void)
	Get network root key identifier.

psa_key_id_t	infuse_security_secondary_network_root_key (void)
	Get secondary network root key identifier.

sec_tag_t	infuse_security_coap_dtls_tag (void)
	Get security tag for use with Infuse-IoT COAP server.

psa_key_id_t	infuse_security_derive_key (const struct infuse_security_key_params *params)
	Derive a key for use with PSA.

psa_key_id_t	infuse_security_derive_chacha_key (psa_key_id_t base_key, const void salt, size_t salt_len, const void info, size_t info_len, bool force_export)
	Derive a key for use with ChaCha20-Poly1305.

uint32_t	infuse_security_device_key_identifier (void)
	Get the current device key identifier.

uint32_t	infuse_security_network_key_identifier (void)
	Get the current network key identifier.

uint32_t	infuse_security_secondary_network_key_identifier (void)
	Get the secondary network key identifier.

Detailed Description

Infuse security API .

Function Documentation

◆ infuse_security_cloud_public_key()

void infuse_security_cloud_public_key ( uint8_t public_key[32] )

#include <infuse/security.h>

Retrieve current cloud public key.

Parameters

public_key Storage for public key

◆ infuse_security_coap_dtls_tag()

sec_tag_t infuse_security_coap_dtls_tag ( void )

#include <infuse/security.h>

Get security tag for use with Infuse-IoT COAP server.

Returns: sec_tag_t Security tag for use with zsock_setsockopt

◆ infuse_security_derive_chacha_key()

psa_key_id_t infuse_security_derive_chacha_key	(	psa_key_id_t	base_key,
		const void *	salt,
		size_t	salt_len,
		const void *	info,
		size_t	info_len,
		bool	force_export )

#include <infuse/security.h>

Derive a key for use with ChaCha20-Poly1305.

Parameters

base_key	Base key to use for HKDF
salt	Key derivation randomisation
salt_len	Length of salt
info	Optional application/usage specific array
info_len	Length of info
force_export	Force set PSA_KEY_USAGE_EXPORT attribute on generated key

Returns: psa_key_id_t Derived key identifier

◆ infuse_security_derive_key()

psa_key_id_t infuse_security_derive_key ( const struct infuse_security_key_params * params )

#include <infuse/security.h>

Derive a key for use with PSA.

Parameters

params Key parameters

Returns: psa_key_id_t Derived key identifier

◆ infuse_security_device_key_identifier()

uint32_t infuse_security_device_key_identifier ( void )

#include <infuse/security.h>

Get the current device key identifier.

The device key identifier is constructed as a CRC32 hash computed over the cloud and device public keys, truncated to 24 bits.

Returns: uint32_t 24bit device key identifier

◆ infuse_security_device_public_key()

void infuse_security_device_public_key ( uint8_t public_key[32] )

#include <infuse/security.h>

Retrieve current device public key.

Parameters

public_key Storage for public key

◆ infuse_security_device_root_key()

psa_key_id_t infuse_security_device_root_key ( void )

#include <infuse/security.h>

Get device root key identifier.

Note: This key is only valid for key derivation options through HKDF

Returns: psa_key_id_t Device root key identifier

◆ infuse_security_device_sign_key()

psa_key_id_t infuse_security_device_sign_key ( void )

#include <infuse/security.h>

Get device signing key identifier.

Note: This key is only valid for ChaCha20-Poly1305 operations

Returns: psa_key_id_t Device signing key identifier

◆ infuse_security_disable_dap()

void infuse_security_disable_dap ( void )

#include <infuse/security.h>

Disable the Debug-Access-Port.

◆ infuse_security_hkdf_attributes()

psa_key_attributes_t infuse_security_hkdf_attributes ( void )

#include <infuse/security.h>

Retrieve the key attributes required for creating a key compatible with infuse_security_derive_chacha_key.

Returns: psa_key_attributes_t Key attributes

◆ infuse_security_init()

int infuse_security_init ( void )

#include <infuse/security.h>

Initialise core security systems.

Return values

0	on success
-errno	negative error code on failure

◆ infuse_security_network_key_identifier()

uint32_t infuse_security_network_key_identifier ( void )

#include <infuse/security.h>

Get the current network key identifier.

Returns: uint32_t 24 bit network key identifier

◆ infuse_security_network_root_key()

psa_key_id_t infuse_security_network_root_key ( void )

#include <infuse/security.h>

Get network root key identifier.

Note: This key is only valid for key derivation options through HKDF

Returns: psa_key_id_t Network root key identifier

◆ infuse_security_secondary_network_key_identifier()

uint32_t infuse_security_secondary_network_key_identifier ( void )

#include <infuse/security.h>

Get the secondary network key identifier.

Depends on CONFIG_INFUSE_SECURITY_SECONDARY_NETWORK_ENABLE.

Returns: uint32_t 24 bit network key identifier

◆ infuse_security_secondary_network_root_key()

psa_key_id_t infuse_security_secondary_network_root_key ( void )

#include <infuse/security.h>

Get secondary network root key identifier.

Depends on CONFIG_INFUSE_SECURITY_SECONDARY_NETWORK_ENABLE.

Note: This key is only valid for key derivation options through HKDF

Returns: psa_key_id_t Network root key identifier

Data Structures

Functions

Detailed Description

Function Documentation

◆ infuse_security_cloud_public_key()

◆ infuse_security_coap_dtls_tag()

◆ infuse_security_derive_chacha_key()

◆ infuse_security_derive_key()

◆ infuse_security_device_key_identifier()

◆ infuse_security_device_public_key()

◆ infuse_security_device_root_key()

◆ infuse_security_device_sign_key()

◆ infuse_security_disable_dap()

◆ infuse_security_hkdf_attributes()

◆ infuse_security_init()

◆ infuse_security_network_key_identifier()

◆ infuse_security_network_root_key()

◆ infuse_security_secondary_network_key_identifier()

◆ infuse_security_secondary_network_root_key()