HAL CCB Use Cases

User application to compute ECDSA signature using software key

@startuml ==Initialization== participant "User application" as App participant "HAL CCB Driver" as CCB participant "HAL PKA Driver" as PKA App -> CCB : HAL_CCB_Init() activate CCB note right : Initialize the CCB handle and associate an instance CCB --> App : hal_status:HAL_OK or HAL_INVALID_PARAM deactivate CCB note left : return == Wrapping key == App -> CCB : HAL_CCB_ECDSA_WrapSymmetricKey() activate CCB note right : Wrap the clear text from the user with an AES-algorithm CCB --> App : hal_status:HAL_OK deactivate CCB note left : return == Blob creation == App -> CCB : HAL_CCB_ECDSA_SW_WrapPrivateKey() note right : Create the ECDSCA key blob using the wrapped key CCB --> App : hal_status:HAL_OK note left : return == Blob usage == App -> CCB : HAL_CCB_ECDSA_SW_Sign() activate CCB note right :Compute the signature (part r, part s) CCB --> App : hal_status:HAL_OK deactivate CCB note left : return group authenticity and integrity verification using HAL PKA driver App -> CCB : HAL_CCB_ECDSA_SW_ComputePublicKey() activate CCB note right :Compute public key (coordinate x, coordinate y) CCB --> App : hal_status:HAL_OK note left : return deactivate CCB App -> PKA : HAL_PKA_ECDSA_SetConfigVerifSignature() activate PKA note right :Launch verification with Elliptic curve\n\ digital signature algorithm PKA --> App : hal_status:HAL_OK deactivate PKA note left : return App -> PKA : <b>HAL_PKA</b>_Compute() activate PKA note right :PKA compute PKA --> App : hal_status:HAL_OK deactivate PKA note left : return App -> PKA : <b>HAL_PKA</b>_ECDSA_IsValidVerifSignature() note right :Retrieve computation result activate PKA PKA --> App : <b>PKA</b>_ECDSA_SIGNATURE_VALID note left : return deactivate PKA end @enduml

Called functions:

User application to compute ECDSA signature using hardware key

@startuml ==Initialization== participant "User application" as App participant "HAL CCB Driver" as CCB participant "HAL PKA Driver" as PKA App -> CCB : HAL_CCB_Init() activate CCB note right : Initialize the CCB handle and associate an instance CCB --> App : hal_status:HAL_OK or HAL_INVALID_PARAM deactivate CCB note left : return == Blob creation == App -> CCB : HAL_CCB_ECDSA_HW_WrapPrivateKey() note right : Create the ECDSCA key blob using DHUK or DHUK XOR CCB --> App : hal_status:HAL_OK note left : return == Blob usage == App -> CCB : HAL_CCB_ECDSA_HW_Sign() activate CCB note right :Compute the signature (part r, part s) CCB --> App : hal_status:HAL_OK deactivate CCB note left : return group authenticity and integrity verification using HAL PKA driver App -> CCB : HAL_CCB_ECDSA_HW_ComputePublicKey() activate CCB note right :Compute public key (coordinate x, coordinate y) CCB --> App : hal_status:HAL_OK note left : return deactivate CCB App -> PKA : HAL_PKA_ECDSA_SetConfigVerifSignature() activate PKA note right :Launch verification with Elliptic curve\n\ digital signature algorithm PKA --> App : hal_status:HAL_OK deactivate PKA note left : return App -> PKA : <b>HAL_PKA</b>_Compute() activate PKA note right :PKA compute PKA --> App : hal_status:HAL_OK deactivate PKA note left : return App -> PKA : <b>HAL_PKA</b>_ECDSA_IsValidVerifSignature() note right :Retrieve computation result activate PKA PKA --> App : <b>PKA</b>_ECDSA_SIGNATURE_VALID note left : return deactivate PKA end @enduml

Called functions:

User application to compute ECDSA signature using RNG with symmetric key

@startuml ==Initialization== participant "User application" as App participant "HAL CCB Driver" as CCB participant "HAL PKA Driver" as PKA App -> CCB : HAL_CCB_Init() activate CCB note right : Initialize the CCB handle and associate an instance CCB --> App : hal_status:HAL_OK or HAL_INVALID_PARAM deactivate CCB note left : return == Blob creation == App -> CCB : HAL_CCB_ECDSA_HW_GenerateWrapPrivateKey() note right : Create the ECDSCA key blob using RNG CCB --> App : hal_status:HAL_OK note left : return == Blob usage == App -> CCB : HAL_CCB_ECDSA_HW_Sign() activate CCB note right :Compute the signature (part r, part s) CCB --> App : hal_status:HAL_OK deactivate CCB note left : return group authenticity and integrity verification using HAL PKA driver App -> CCB : HAL_CCB_ECDSA_HW_ComputePublicKey() activate CCB note right :Compute public key (coordinate x, coordinate y) CCB --> App : hal_status:HAL_OK note left : return deactivate CCB App -> PKA : HAL_PKA_ECDSA_SetConfigVerifSignature() activate PKA note right :Launch verification with Elliptic curve\n\ digital signature algorithm PKA --> App : hal_status:HAL_OK deactivate PKA note left : return App -> PKA : <b>HAL_PKA</b>_Compute() activate PKA note right :PKA compute PKA --> App : hal_status:HAL_OK deactivate PKA note left : return App -> PKA : <b>HAL_PKA</b>_ECDSA_IsValidVerifSignature() note right :Retrieve computation result activate PKA PKA --> App : <b>PKA</b>_ECDSA_SIGNATURE_VALID note left : return deactivate PKA end @enduml

Called functions:

User application to compute ECDSA signature using RNG with software key

@startuml ==Initialization== participant "User application" as App participant "HAL CCB Driver" as CCB participant "HAL PKA Driver" as PKA App -> CCB : HAL_CCB_Init() activate CCB note right : Initialize the CCB handle and associate an instance CCB --> App : hal_status:HAL_OK or HAL_INVALID_PARAM deactivate CCB note left : return == Wrapping key == App -> CCB : HAL_CCB_ECDSA_WrapSymmetricKey() activate CCB note right : Wrap the clear text from the user with an AES-algorithm CCB --> App : hal_status:HAL_OK deactivate CCB note left : return == Blob creation == App -> CCB : HAL_CCB_ECDSA_SW_GenerateWrapPrivateKey() note right : Create the ECDSCA key blob using RNG CCB --> App : hal_status:HAL_OK note left : return == Blob usage == App -> CCB : HAL_CCB_ECDSA_SW_Sign() activate CCB note right :Compute the signature (part r, part s) CCB --> App : hal_status:HAL_OK deactivate CCB note left : return group authenticity and integrity verification using HAL PKA driver App -> CCB : HAL_CCB_ECDSA_SW_ComputePublicKey() activate CCB note right :Compute public key (coordinate x, coordinate y) CCB --> App : hal_status:HAL_OK note left : return deactivate CCB App -> PKA : HAL_PKA_ECDSA_SetConfigVerifSignature() activate PKA note right :Launch verification with Elliptic curve\n\ digital signature algorithm PKA --> App : hal_status:HAL_OK deactivate PKA note left : return App -> PKA : <b>HAL_PKA</b>_Compute() activate PKA note right :PKA compute PKA --> App : hal_status:HAL_OK deactivate PKA note left : return App -> PKA : <b>HAL_PKA</b>_ECDSA_IsValidVerifSignature() note right :Retrieve computation result activate PKA PKA --> App : <b>PKA</b>_ECDSA_SIGNATURE_VALID note left : return deactivate PKA end @enduml

Called functions:

User application to compute ECDSA signature using RNG with hardware key

@startuml ==Initialization== participant "User application" as App participant "HAL CCB Driver" as CCB participant "HAL PKA Driver" as PKA App -> CCB : HAL_CCB_Init() activate CCB note right : Initialize the CCB handle and associate an instance CCB --> App : hal_status:HAL_OK or HAL_INVALID_PARAM deactivate CCB note left : return == Wrapping key == App -> CCB : HAL_CCB_ECDSA_WrapSymmetricKey() activate CCB note right : Wrap the clear text from the user with an AES-algorithm CCB --> App : hal_status:HAL_OK deactivate CCB note left : return == Blob creation == App -> CCB : HAL_CCB_ECDSA_HW_GenerateWrapPrivateKey() note right : Create the ECDSCA key blob using RNG CCB --> App : hal_status:HAL_OK note left : return == Blob usage == App -> CCB : HAL_CCB_ECDSA_HW_Sign() activate CCB note right :Compute the signature (part r, part s) CCB --> App : hal_status:HAL_OK deactivate CCB note left : return group authenticity and integrity verification using HAL PKA driver App -> CCB : HAL_CCB_ECDSA_HW_ComputePublicKey() activate CCB note right :Compute public key (coordinate x, coordinate y) CCB --> App : hal_status:HAL_OK note left : return deactivate CCB App -> PKA : HAL_PKA_ECDSA_SetConfigVerifSignature() activate PKA note right :Launch verification with Elliptic curve\n\ digital signature algorithm PKA --> App : hal_status:HAL_OK deactivate PKA note left : return App -> PKA : <b>HAL_PKA</b>_Compute() activate PKA note right :PKA compute PKA --> App : hal_status:HAL_OK deactivate PKA note left : return App -> PKA : <b>HAL_PKA</b>_ECDSA_IsValidVerifSignature() note right :Retrieve computation result activate PKA PKA --> App : <b>PKA</b>_ECDSA_SIGNATURE_VALID note left : return deactivate PKA end @enduml

Called functions:

User application to compute ECC scalar multiplication using software key

@startuml ==Initialization== participant "User application" as App participant "HAL CCB Driver" as CCB App -> CCB : HAL_CCB_Init() activate CCB note right : Initialize the CCB handle and associate an instance CCB --> App : hal_status:HAL_OK or HAL_INVALID_PARAM deactivate CCB note left : return == Wrapping key == App -> CCB : HAL_CCB_ECC_WrapSymmetricKey() activate CCB note right : Wrapping user key using AES-algorithm CCB --> App : hal_status:HAL_OK deactivate CCB note left : return == Blob creation == App -> CCB : HAL_CCB_ECC_SW_WrapPrivateKey() note right : Create the ECC key blob using the wrapped user key CCB --> App : hal_status:HAL_OK note left : return == Blob usage == App -> CCB : HAL_CCB_ECC_SW_ComputeScalarMul() activate CCB note right :Compute the scalar multiplication CCB --> App : hal_status:HAL_OK deactivate CCB note left : return @enduml

Called functions:

User application to compute ECC scalar multiplication using hardware key

@startuml ==Initialization== participant "User application" as App participant "HAL CCB Driver" as CCB App -> CCB : HAL_CCB_Init() activate CCB note right : Initialize the CCB handle and associate an instance CCB --> App : hal_status:HAL_OK or HAL_INVALID_PARAM deactivate CCB note left : return == Blob creation == App -> CCB : HAL_CCB_ECC_HW_WrapPrivateKey() note right : Create the ECC key blob using DHUK or DHUK XOR CCB --> App : hal_status:HAL_OK note left : return == Blob usage == App -> CCB : HAL_CCB_ECC_HW_ComputeScalarMul() activate CCB note right :Compute the scalar multiplication CCB --> App : hal_status:HAL_OK deactivate CCB note left : return @enduml

Called functions:

User application to compute ECC scalar multiplication using RNG with hardware key

@startuml ==Initialization== participant "User application" as App participant "HAL CCB Driver" as CCB App -> CCB : HAL_CCB_Init() activate CCB note right : Initialize the CCB handle and associate an instance CCB --> App : hal_status:HAL_OK or HAL_INVALID_PARAM deactivate CCB note left : return == Blob creation == App -> CCB : HAL_CCB_ECC_HW_GenerateWrapPrivateKey() note right : Create the ECC key blob using RNG key CCB --> App : hal_status:HAL_OK note left : return == Blob usage == App -> CCB : HAL_CCB_ECC_HW_ComputeScalarMul() activate CCB note right :Compute the scalar multiplication CCB --> App : hal_status:HAL_OK deactivate CCB note left : return @enduml

Called functions:

User application to compute ECC scalar multiplication using RNG with software key

@startuml ==Initialization== participant "User application" as App participant "HAL CCB Driver" as CCB App -> CCB : HAL_CCB_Init() activate CCB note right : Initialize the CCB handle and associate an instance CCB --> App : hal_status:HAL_OK or HAL_INVALID_PARAM deactivate CCB note left : return == Wrapping key == App -> CCB : HAL_CCB_ECC_WrapSymmetricKey() activate CCB note right : Wrapping user key using AES-algorithm CCB --> App : hal_status:HAL_OK deactivate CCB note left : return == Blob creation == App -> CCB : HAL_CCB_ECC_SW_GenerateWrapPrivateKey() note right : Create the ECC key blob using RNG key CCB --> App : hal_status:HAL_OK note left : return == Blob usage == App -> CCB : HAL_CCB_ECC_SW_ComputeScalarMul() activate CCB note right :Compute the scalar multiplication CCB --> App : hal_status:HAL_OK deactivate CCB note left : return @enduml

Called functions:

User application to compute RSA modular exponentiation using software key

@startuml ==Initialization== participant "User application" as App participant "HAL CCB Driver" as CCB App -> CCB : HAL_CCB_Init() activate CCB note right : Initialize the CCB handle and associate an instance CCB --> App : hal_status:HAL_OK or HAL_INVALID_PARAM deactivate CCB note left : return == Wrapping key == App -> CCB : HAL_CCB_RSA_WrapSymmetricKey() activate CCB note right : Wrapping user key using AES-algorithm CCB --> App : hal_status:HAL_OK deactivate CCB note left : return == Blob creation == App -> CCB : HAL_CCB_RSA_SW_WrapPrivateKey() note right : Create the RSA key blob using the wrapped key CCB --> App : hal_status:HAL_OK note left : return == Blob usage == App -> CCB : HAL_CCB_RSA_SW_ComputeModularExp() activate CCB note right :Compute the modular exponentiation CCB --> App : hal_status:HAL_OK deactivate CCB note left : return @enduml

Called functions:

User application to compute RSA modular exponentiation using hardware key

@startuml ==Initialization== participant "User application" as App participant "HAL CCB Driver" as CCB App -> CCB : HAL_CCB_Init() activate CCB note right : Initialize the CCB handle and associate an instance CCB --> App : hal_status:HAL_OK or HAL_INVALID_PARAM deactivate CCB note left : return == Blob creation == App -> CCB : HAL_CCB_RSA_HW_WrapPrivateKey() note right : Create the RSA key blob using DHUK or DHUK XOR CCB --> App : hal_status:HAL_OK note left : return == Blob usage == App -> CCB : HAL_CCB_RSA_HW_ComputeModularExp() activate CCB note right :Compute the modular exponentiation CCB --> App : hal_status:HAL_OK deactivate CCB note left : return @enduml

Called functions:

User application with error management

@startuml ==Initialization== participant "User application" as App participant "HAL CCB Driver" as CCB App -> CCB : HAL_CCB_Init() activate CCB note right : Initialize the CCB handle and associate an instance CCB --> App : hal_status:HAL_OK or HAL_INVALID_PARAM deactivate CCB note left : return == Blob creation == App -> CCB : HAL_CCB_ECDSA_HW_WrapPrivateKey() CCB --> App :hal_status:HAL_ERROR App -> CCB : HAL_CCB_GetLastErrorCodes() note right : Retrieve the operation error App -> CCB : HAL_CCB_Reset() activate CCB note right : The application must clear IPRST to be able to use again the CCB and recover CCB --> App : hal_status:HAL_OK deactivate CCB @enduml

Called functions: