Module pka

Expand description

Public Key Accelerator (PKA)

This module provides hardware-accelerated public key cryptographic operations using the PKA peripheral. The PKA can accelerate:

ECDSA: Signature generation and verification
ECDH: Elliptic Curve Diffie-Hellman key agreement (via scalar multiplication)
RSA: Encryption, decryption, and signing (via modular exponentiation)
Arithmetic: Modular operations, Montgomery multiplication

§Supported Operations

Operation	Mode	Description
Modular Exponentiation	0x00	RSA encryption/decryption
Montgomery Parameter	0x01	Compute Montgomery parameter for RSA
RSA CRT Exponentiation	0x07	Fast RSA with Chinese Remainder Theorem
Modular Inversion	0x08	Compute modular inverse
ECC Scalar Multiplication	0x20	ECDH key agreement, point multiplication
ECDSA Sign	0x24	Generate ECDSA signatures
ECDSA Verify	0x26	Verify ECDSA signatures
Point Check	0x28	Validate point is on curve

§Example - ECDSA Signature Verification

use embassy_stm32::pka::{Pka, EcdsaCurveParams, EcdsaPublicKey, EcdsaSignature};

let mut pka = Pka::new_blocking(p.PKA, Irqs);
let params = EcdsaCurveParams::nist_p256();

let public_key = EcdsaPublicKey {
    x: &pub_key_x,
    y: &pub_key_y,
};

let signature = EcdsaSignature {
    r: &sig_r,
    s: &sig_s,
};

let valid = pka.ecdsa_verify(&params, &public_key, &signature, &hash)?;

§Example - ECDH Key Agreement

use embassy_stm32::pka::{Pka, EccMulParams, EccPoint};

let mut pka = Pka::new_blocking(p.PKA, Irqs);
let params = EccMulParams::nist_p256();

// Compute shared_secret = private_key * peer_public_key
let peer_public = EccPoint { x: &peer_x, y: &peer_y };
let shared_point = pka.ecc_mul(&params, &private_key, &peer_public)?;

§Security Notes

Always use cryptographically secure random numbers for ECDSA k values
Validate all public keys before use (use point_check)
Use constant-time operations when possible (hardware provides this)
Clear sensitive data from memory after use

Structs§

EccPoint: ECC point (for scalar multiplication results)
EcdsaCurveParams: ECDSA/ECC curve parameters
EcdsaPublicKey: ECDSA public key
EcdsaSignature: ECDSA signature
InterruptHandler: PKA interrupt handler.
Pka: PKA driver
RsaCrtParams: RSA CRT parameters for fast decryption
RsaParams: RSA operation parameters

Enums§

Error: PKA error
PkaMode: PKA operation modes

Traits§

Instance: PKA instance trait.

Crates

Versions

Flavors

Module pka

Module pka Copy item path

§Supported Operations

§Example - ECDSA Signature Verification

§Example - ECDH Key Agreement

§Security Notes

Structs§

Enums§

Traits§

Module pka