AES-CTR 128-bit - Only 128-bit key size is supported.
Get authentication tag from the given AES-GCM state.
Allocate and initialize AES-GCM encryption state.
Encrypt plaintext from p_src into p_dst.
Clear and free AES-GCM state.
Generates an ECDSA private key based on input random seed.
Clean up the CMAC state
Returns Hash calculation and clean up CMAC state.
Allocates and initializes CMAC state.
Updates CMAC has calculation based on the input message.
Create RSA key pair with <n_byte_size> key size and <e_byte_size> public exponent.
Create RSA private key using input buffer factors - little endian.
Create RSA private key using input buffer factors in little endian.
Create RSA public key using input buffer factors in little endian.
Generates an ECC public key based on a given ECC private key.
Checks whether the input point is a valid point on the given elliptic curve.
Parameters:
Return: sgx_status_t - SGX_SUCCESS or failure as defined sgx_error.h
Inputs: sgx_ecc_state_handle_t ecc_handle - Handle to ECC crypto system
sgx_ec256_public_t *p_point - Pointer to perform validity check on - LITTLE ENDIAN
Output: int *p_valid - Return 0 if the point is an invalid point on ECC curve
Cleans up ecc context.
Return: If context pointer is NULL, SGX_ERROR_INVALID_PARAMETER is returned.
Parameters:
Return: sgx_status_t - SGX_SUCCESS or failure as defined in sgx_error.h
Output: sgx_ecc_state_handle_t ecc_handle - Handle to the ECC crypto system
Computes DH shared key based on own (local) private key and remote public Ga Key.
NOTE: Caller code allocates memory for Shared key pointer to be populated
Populates private/public key pair.
NOTE: Caller code allocates memory for Private & Public key pointers to be populated
Elliptic Curve Cryptography based on GF(p), 256 bit.
Computes signature for data based on private key.
Verifies the signature for the given data based on the public key.
This API verifies the hash of input data verify(SHA256(p_data))
. First it’ll calculate SHA256 hash for given data
and then verify the signature for this hash.
Directly verify the signature for the given data based on the public key. (Without calculating data’s hash) see sgx_ecdsa_verify.
Clear and free RSA key which was generated by one of the Tcrypto “sgx_create_rsa_*” APIs.
Rijndael AES-GCM - Only 128-bit key AES-GCM Encryption/Decryption is supported
Message Authentication Rijndael 128 CMAC - Only 128-bit key size is supported.
NOTE: Use sgx_rijndael128_cmac_msg if the src ptr contains the complete msg to perform hash (Option 1)
Else use the Init, Update, Update, …, Final, Close procedure (Option 2)
Option 1: If the complete dataset is available for hashing, sgx_rijndael128_cmac_msg
is a single API call for generating the 128-bit hash for the given dataset.
Return: If source, key, or MAC pointer is NULL, SGX_ERROR_INVALID_PARAMETER is returned.
If out of enclave memory, SGX_ERROR_OUT_OF_MEMORY is returned.
If hash function fails then SGX_ERROR_UNEXPECTED is returned.
Option 2: If the hash is to be performed over multiple data sets, then use:
A. sgx_cmac128_init - to create the context - context memory is allocated by this function.
Return: If key pointer is NULL, SGX_ERROR_INVALID_PARAMETER is returned.
If out of enclave memory, SGX_ERROR_OUT_OF_MEMORY is returned.
If context creation fails then SGX_ERROR_UNEXPECTED is returned.
B. sgx_cmac128_update - updates hash based on input source data
This function should be called for each chunk of data to be
included in the hash including the 1st and final chunks.
Return: If source pointer or context pointer are NULL, SGX_ERROR_INVALID_PARAMETER is returned.
If hash function fails then SGX_ERROR_UNEXPECTED is returned.
C. sgx_cmac128_final - function obtains the hash value
Upon completing the process of computing a hash over a set of data or sets of data,
this function populates the hash value.
Return: If hash pointer or context pointer are NULL, SGX_ERROR_INVALID_PARAMETER is returned.
If the function fails then SGX_ERROR_UNEXPECTED is returned.
D. sgx_cmac128_close - SHOULD BE CALLED to clean up the CMAC state
Upon populating the hash value over a set of data or sets of data,
this function is used to free the CMAC state.
Return: If CMAC state pointer is NULL, SGX_ERROR_INVALID_PARAMETER is returned.
Computes signature for a given data based on RSA 3072 private key
Computes signature for a given data based on RSA 3072 private key and optional
corresponding public key.
Verifies the signature for the given data based on the RSA 3072 public key.
Decrypt ciphertext [pin_data] using RSA private key, with OAEP SHA-256
Encrypt input data [pin_data] using RSA public key, with OAEP SHA-256
Cleans up SHA state
Returns Hash calculation
Allocates and initializes sha state
SHA Hashing functions - NOTE: ONLY 256/160-bit is supported.
Updates sha calculation based on the input message