The XilSecure library provides APIs to access hardened cryptography engines of Zynq® UltraScale+. MPSoC devices. More information can be found in the XilSecure Standalone Library Documentation.
XilSecure library provides access to SHA-3 algorithms for hashing. ZynqMP has inbuilt hardware accelerator for SHA-3/384 based hash calculation.
User can configure system to use Keccak padding.
Initialization Functions | |
---|---|
XSecure_Sha3Initialize | Initializes a specific Xsecure_Sha3 instance so that it is ready to be used |
Hash functions | |
XSecure_Sha3Start | Configure and start SHA3 engine |
XSecure_Sha3Update | Updates hash for new input data block |
XSecure_Sha3Finish | Sends the last data and padding when blocksize is not multiple of 104 bytes |
XSecure_Sha3Digest | Calculates the SHA-3 digest on the given input data |
XSecure_Sha3_ReadHash | Reads the SHA3 hash of the data. It can be called intermediately of updates also to read hashs. |
XSecure_Sha3PadSelection | This function provides an option to select the SHA-3 padding type (NIST / KECCAK) to be used while calculating the hash |
XilSecure library provides access to symmetric key based AES-GCM algorithms for encryption, decryption and authentication using GCM tag. ZynqMP has inbuilt hardware accelerator to accelerate AES-GCM algorithm.
XilSecure decryption APIs provides option to check GCM tag matching while decryption of the data. Not that GCM tag should be provided explicitly during decryption.
Initialization Function | |
---|---|
XSecure_AesInitialize | Initializes AES instance |
Encryption Functions | |
XSecure_AesEncryptInit | Initialize the AES engine for encryption |
XSecure_AesEncryptUpdate | Updates the AES engine with provided data for encryption |
XSecure_AesEncryptData | Encrypts the data provided by using hardware AES engine |
Decryption Functions | |
XSecure_AesDecryptInit | Initializes the AES engine for decryption |
XSecure_AesDecryptUpdate | Update the AES engine for decryption with provided data |
XSecure_AesDecryptData | Decrypts the encrypted data provided for decryption |
XSecure_AesDecrypt | Handles the AES-GCM Decryption of image partition |
Control Functions | |
XSecure_AesReset | Encrypts the data provided by using hardware AES engine |
XSecure_AesWaitForDone | Function waits for AES completion |
ZynqMP has inbuilt hardware accelerator to accelerate RSA algorithm. XilSecure library provides access to this hardware accelerator to run asymmetric algorithm.
XilSecure authentication APIs expect key parameters modulus, exponent and exponentiation values as an input.
Initialization Functions | |
---|---|
XSecure_RsaInitialize | Initializes RSA instance |
Encryption Functions | |
XSecure_RsaPublicEncrypt | This function handles the RSA signature encryption with public key components provide at XSecure_RsaInitialize() API |
Decryption Functions | |
XSecure_RsaDecrypt | Decrypts the input data |
XSecure_RsaPrivateDecrypt | This function handles the RSA signature decryption with private key components provide at XSecure_RsaInitialize() API |
Sign Verification Functions | |
XSecure_RsaSignVerification | Verifies the RSA decrypted data provided is matching with the provided expected hash by taking care of PKCS padding |
ZynqMP single parition image IV calculation is corrected
Table of content