Specification of Crypto Service Manager - AUTOSAR

Specification of Crypto Service Manager AUTOSAR CP Release 4.3.1

Document Title

Document Owner Document Responsibility Document Identification No

Document Status Part of AUTOSAR Standard Part of Standard Release

Specification of Crypto Service Manager

AUTOSAR AUTOSAR 402

Final Classic Platform 4.3.1

Document Change History

Date 2017-12-08

Release 4.3.1

Changed by AUTOSAR Release Management

2016-11-30

4.3.0

AUTOSAR Release Management

2015-07-31

4.2.2

AUTOSAR Release Management

2014-10-31

4.2.1

AUTOSAR Release Management

Change Description Added definition for asymmetric key formats Error fixing and consistency improvements Editorial changes Introduced crypto job concept Introduced key management concept Removed Cry_XXX functions from the Csm and introduced two new layers in the crypto stack: Crypto Interface (CryIf) and Crypto Driver (Crypto) Changed return type from Csm_ReturnType to Std_Types in all API functions Added detailed description of RTE interfaces Debugging support marked as obsolete Error fixing and consistency improvements Obsolete configuration elements removed Error fixing and consistency improvements Editorial changes

1 of 233

Document ID 402: AUTOSAR_SWS_CryptoServiceManager

- AUTOSAR confidential -

Specification of Crypto Service Manager AUTOSAR CP Release 4.3.1

Document Change History

Date 2017-12-08

Release 4.3.1

Changed by AUTOSAR Release Management

2014-03-31 2013-10-31

4.1.3 4.1.2

AUTOSAR Release Management

AUTOSAR Release Management

2013-03-15

4.1.1 AUTOSAR Administration

2011-12-22

4.0.3 AUTOSAR Administration

2010-09-30

3.1.5 AUTOSAR Administration

2010-02-02

3.1.4 AUTOSAR Administration

Change Description Added definition for asymmetric key formats Error fixing and consistency improvements Editorial changes Error fixing and consistency improvements Editorial changes Error fixing and consistency improvements Editorial changes Removed chapter(s) on change documentation Services for compression/decompression added Services for key update added (Concept `CSM extension') Services for symmetric key generation added (Concept `CSM extension') Service state machine changed to cope with terminated users by releasing of locked resources Production errors restructured Fixed issues with AUTOSAR Port Interfaces Complete Configuration parameters Complete API specifications Add support for secure key storage Integration of support for key transport services Introduction of new DET error (checking of the null pointer in getversion info). Initial release

2 of 233

Document ID 402: AUTOSAR_SWS_CryptoServiceManager

- AUTOSAR confidential -

Specification of Crypto Service Manager AUTOSAR CP Release 4.3.1

Disclaimer

This work (specification and/or software implementation) and the material contained in it, as released by AUTOSAR, is for the purpose of information only. AUTOSAR and the companies that have contributed to it shall not be liable for any use of the work.

The material contained in this work is protected by copyright and other types of intellectual property rights. The commercial exploitation of the material contained in this work requires a license to such intellectual property rights.

This work may be utilized or reproduced without any modification, in any form or by any means, for informational purposes only. For any other purpose, no part of the work may be utilized or reproduced, in any form or by any means, without permission in writing from the publisher.

The work has been developed for automotive applications only. It has neither been developed, nor tested for non-automotive applications.

The word AUTOSAR and the AUTOSAR logo are registered trademarks.

3 of 233

Document ID 402: AUTOSAR_SWS_CryptoServiceManager

- AUTOSAR confidential -

Specification of Crypto Service Manager AUTOSAR CP Release 4.3.1

Table of Contents

1 Introduction and Functional Overview ................................................................ 7

2 Acronyms and Abbreviations.............................................................................. 8

2.1 Glossary of Terms ........................................................................................ 8

3 Related documentation .................................................................................... 10

3.1 Input Documents ........................................................................................ 10 3.2 Related standards and norms .................................................................... 11 3.3 Related specification .................................................................................. 11

4 Constraints and Assumptions........................................................................... 12

4.1 Limitations .................................................................................................. 12 4.2 Applicability to Car Domains....................................................................... 12 4.3 Security Implications................................................................................... 12

5 Dependencies to other Modules....................................................................... 13

5.1 File Structure .............................................................................................. 13 5.1.1 Code File Structure ............................................................................. 13 5.1.2 Header File Structure .......................................................................... 13

6 Requirements Traceability................................................................................ 15

7 Functional specification .................................................................................... 20

7.1 Basic Architecture Guidelines..................................................................... 20 7.2 General Behavior........................................................................................ 20

7.2.1 Normal Operation ................................................................................ 21 7.2.2 Design Notes....................................................................................... 24 7.3 Error Classification ..................................................................................... 31 7.3.1 Development Errors ............................................................................ 31 7.3.2 Runtime Errors .................................................................................... 32 7.3.3 Transient Faults .................................................................................. 32 7.3.4 Production Errors ................................................................................ 32 7.3.5 Extended Production Errors ................................................................ 32 7.4 Error detection ............................................................................................ 32

8 API Specification .............................................................................................. 34

8.1 Imported types............................................................................................ 34 8.2 Type Definitions.......................................................................................... 34

8.2.1 Crypto_AlgorithmFamilyType .............................................................. 34 8.2.2 Crypto_AlgorithmModeType................................................................ 35 8.3 Function Definitions .................................................................................... 36 8.3.1 General Interface ................................................................................ 36 8.3.2 Hash Interface..................................................................................... 37 8.3.3 MAC interface ..................................................................................... 41 8.3.4 Cipher Interface................................................................................... 47 8.3.5 Authenticated Encryption with Associated Data (AEAD) Interface ...... 61 8.3.6 Signature Interface .............................................................................. 63 8.3.7 Secure Counter Interface .................................................................... 68 8.3.8 Random Interface................................................................................ 69 8.3.9 Key Management Interface ................................................................. 70

4 of 233

Document ID 402: AUTOSAR_SWS_CryptoServiceManager

- AUTOSAR confidential -

Specification of Crypto Service Manager AUTOSAR CP Release 4.3.1

8.3.10 Job Cancellation Interface................................................................... 83 8.3.11 Callback Notifications .......................................................................... 84 8.3.12 Scheduled functions............................................................................ 86 8.4 Expected Interfaces.................................................................................... 86 8.4.1 Interfaces to Standard Software Modules ........................................... 86 8.5 Mandatory Interfaces.................................................................................. 86 8.6 Optional Interfaces ..................................................................................... 86 8.7 Service Interface......................................................................................... 86 8.7.1 Client-Server-Interfaces ...................................................................... 87 8.7.2 Implementation Data Types .............................................................. 136 8.7.3 Ports.................................................................................................. 161

9 Sequence Diagrams....................................................................................... 172

9.1.1 Asynchronous Calls .......................................................................... 172 9.1.2 Synchronous Calls ............................................................................ 173

10 Configuration.................................................................................................. 174

10.1 How to Read this Chapter ........................................................................ 174

10.2 Containers and Configuration Parameters ............................................... 174

10.2.1 Csm................................................................................................... 180

10.2.2 CsmGeneral ...................................................................................... 180

10.2.3 CsmJobs ........................................................................................... 183

10.2.4 CsmJob ............................................................................................. 183

10.2.5 CsmKeys........................................................................................... 186

10.2.6 CsmKey ............................................................................................ 186

10.2.7 CsmPrimitives ................................................................................... 187

10.2.8 CsmQueues ...................................................................................... 188

10.2.9 CsmQueue ........................................................................................ 188

10.2.10 CsmHash .......................................................................................... 189

10.2.11 CsmHashConfig ................................................................................ 189

10.2.12 CsmMacGenerate ............................................................................. 193

10.2.13 CsmMacGenerateConfig................................................................... 193

10.2.14 CsmMacVerify................................................................................... 197

10.2.15 CsmMacVerifyConfig ........................................................................ 198

10.2.16 CsmEncrypt....................................................................................... 202

10.2.17 CsmEncryptConfig ............................................................................ 202

10.2.18 CsmDecrypt ...................................................................................... 206

10.2.19 CsmDecryptConfig ............................................................................ 206

10.2.20 CsmAEADEncrypt ............................................................................. 210

10.2.21 CsmAEADEncryptConfig .................................................................. 210

10.2.22 CsmAEADDecrypt............................................................................. 214

10.2.23 CsmAEADDecryptConfig .................................................................. 215

10.2.24 CsmSignatureGenerate .................................................................... 219

10.2.25 CsmSignatureGenerateConfig .......................................................... 219

10.2.26 CsmSignatureVerify .......................................................................... 223

10.2.27 CsmSignatureVerifyConfig ................................................................ 223

10.2.28 CsmSecureCounter........................................................................... 227

10.2.29 CsmSecureCounterConfig ................................................................ 228

10.2.30 CsmRandomGenerate ...................................................................... 228

10.2.31 CsmRandomGenerateConfig ............................................................ 228

10.2.32 CsmCallbacks ................................................................................... 232

5 of 233

Document ID 402: AUTOSAR_SWS_CryptoServiceManager

- AUTOSAR confidential -

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download