1+ /**
2+ * \file atecc608a_se.c
3+ * \brief Secure element driver implementation for ATECC508A and ATECC509A.
4+ */
5+
6+ /*
7+ * Copyright (C) 2019, ARM Limited, All Rights Reserved
8+ * SPDX-License-Identifier: Apache-2.0
9+ *
10+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
11+ * not use this file except in compliance with the License.
12+ * You may obtain a copy of the License at
13+ *
14+ * http://www.apache.org/licenses/LICENSE-2.0
15+ *
16+ * Unless required by applicable law or agreed to in writing, software
17+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
18+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19+ * See the License for the specific language governing permissions and
20+ * limitations under the License.
21+ */
122#include "atecc608a_se.h"
223
3- #include "atca_status.h"
4- #include "atca_devtypes.h"
5- #include "atca_iface.h"
6- #include "atca_command.h"
24+ #include "psa/crypto.h"
25+
726#include "atca_basic.h"
827#include "atca_helpers.h"
928
10- /* Uncomment to print results on success */
11- //#define DEBUG_PRINT
12-
1329#ifdef DEBUG_PRINT
1430#include <stdio.h>
1531#endif
32+
1633#include <stdbool.h>
34+ #include <stdint.h>
35+
36+ /* Uncomment to print results on success */
37+ //#define DEBUG_PRINT
1738
1839#define ATCAB_INIT () \
1940 do \
2546 } \
2647 } while(0)
2748
49+ /** `atcab_release()` might return `ATCA_BAD_PARAM` if there is no global device
50+ * initialized via `atcab_init()`. HAL might return an error if an i2c device
51+ * cannot be released, but in current implementations it always returns
52+ * `ATCA_SUCCESS` - therefore we are ignoring the return code. */
2853#define ATCAB_DEINIT () \
2954 do \
3055 { \
3156 atcab_release(); \
3257 } while(0)
3358
59+ /** This macro checks if the result of an `expression` is equal to an
60+ * `expected` value and sets a `status` variable of type `psa_status_t` to
61+ * `PSA_SUCCESS`. If they are not equal, the `status` is set to
62+ * `psa_error instead`, and the code jumps to the `exit` label. */
3463#define ASSERT_STATUS (expression , expected , psa_error ) \
3564 do \
3665 { \
4473 status = PSA_SUCCESS; \
4574 } while(0)
4675
47- #define ASSERT_SUCCESS (expression ) ASSERT_STATUS(expression,ATCA_SUCCESS, \
76+ #define ASSERT_SUCCESS (expression ) ASSERT_STATUS(expression, ATCA_SUCCESS, \
4877 atecc608a_to_psa_error(ASSERT_result))
4978
50- ATCAIfaceCfg atca_iface_config = {
79+ static ATCAIfaceCfg atca_iface_config = {
5180 .iface_type = ATCA_I2C_IFACE ,
5281 .devtype = ATECC608A ,
5382 .atcai2c .slave_address = 0xC0 ,
@@ -109,47 +138,9 @@ static psa_status_t atecc608a_to_psa_error(ATCA_STATUS ret)
109138 }
110139}
111140
112- psa_status_t atecc608a_get_serial_number (uint8_t * buffer , size_t buffer_size ,
113- size_t * buffer_length )
114- {
115- psa_status_t status = PSA_ERROR_GENERIC_ERROR ;
116-
117- if (buffer_size < ATCA_SERIAL_NUM_SIZE )
118- {
119- return PSA_ERROR_BUFFER_TOO_SMALL ;
120- }
121-
122- ATCAB_INIT ();
123-
124- ASSERT_SUCCESS (atcab_read_serial_number (buffer ));
125- * buffer_length = ATCA_SERIAL_NUM_SIZE ;
126-
127- exit :
128- ATCAB_DEINIT ();
129- return status ;
130- }
131-
132- psa_status_t atecc608a_check_config_locked ()
133- {
134- bool config_locked ;
135- psa_status_t status = PSA_ERROR_GENERIC_ERROR ;
136-
137- ATCAB_INIT ();
138-
139- ASSERT_SUCCESS (atcab_is_locked (LOCK_ZONE_CONFIG , & config_locked ));
140-
141- exit :
142- ATCAB_DEINIT ();
143- if (status == PSA_SUCCESS )
144- {
145- status = config_locked ? PSA_SUCCESS : PSA_ERROR_HARDWARE_FAILURE ;
146- }
147- return status ;
148- }
149-
150- psa_status_t atecc608a_export_public_key (psa_key_slot_number_t key ,
151- uint8_t * p_data , size_t data_size ,
152- size_t * p_data_length )
141+ static psa_status_t atecc608a_export_public_key (psa_key_slot_number_t key ,
142+ uint8_t * p_data , size_t data_size ,
143+ size_t * p_data_length )
153144{
154145 const size_t key_data_len = 65 ;
155146 const uint16_t slot = key ;
@@ -179,13 +170,13 @@ psa_status_t atecc608a_export_public_key(psa_key_slot_number_t key,
179170 return status ;
180171}
181172
182- psa_status_t atecc608a_asymmetric_sign (psa_key_slot_number_t key_slot ,
183- psa_algorithm_t alg ,
184- const uint8_t * p_hash ,
185- size_t hash_length ,
186- uint8_t * p_signature ,
187- size_t signature_size ,
188- size_t * p_signature_length )
173+ static psa_status_t atecc608a_asymmetric_sign (psa_key_slot_number_t key_slot ,
174+ psa_algorithm_t alg ,
175+ const uint8_t * p_hash ,
176+ size_t hash_length ,
177+ uint8_t * p_signature ,
178+ size_t signature_size ,
179+ size_t * p_signature_length )
189180{
190181 const uint16_t key_id = key_slot ;
191182 psa_status_t status = PSA_ERROR_GENERIC_ERROR ;
@@ -202,7 +193,7 @@ psa_status_t atecc608a_asymmetric_sign(psa_key_slot_number_t key_slot,
202193 return PSA_ERROR_NOT_SUPPORTED ;
203194 }
204195
205- if (signature_size < ATCA_SIG_SIZE )
196+ if (signature_size < ATCA_SIG_SIZE )
206197 {
207198 return PSA_ERROR_BUFFER_TOO_SMALL ;
208199 }
@@ -224,3 +215,36 @@ psa_status_t atecc608a_asymmetric_sign(psa_key_slot_number_t key_slot,
224215 ATCAB_DEINIT ();
225216 return status ;
226217}
218+
219+
220+ #define PSA_ATECC608A_LIFETIME 0xdeadbeefU
221+
222+ static psa_drv_se_asymmetric_t atecc608a_asymmetric =
223+ {
224+ .p_sign = & atecc608a_asymmetric_sign ,
225+ .p_verify = 0 ,
226+ .p_encrypt = 0 ,
227+ .p_decrypt = 0 ,
228+ };
229+
230+ static psa_drv_se_key_management_t atecc608a_key_management =
231+ {
232+ .p_import = 0 ,
233+ .p_generate = 0 ,
234+ .p_destroy = 0 ,
235+ /* So far there is no public key export function in the API, so use this instead */
236+ .p_export = & atecc608a_export_public_key ,
237+ };
238+
239+ psa_drv_se_info_t atecc608a_drv_info =
240+ {
241+ .lifetime = PSA_ATECC608A_LIFETIME ,
242+ .p_key_management = & atecc608a_key_management ,
243+ .p_mac = 0 ,
244+ .p_cipher = 0 ,
245+ .p_asym = & atecc608a_asymmetric ,
246+ .p_aead = 0 ,
247+ .p_derive = 0 ,
248+ .slot_min = 0 ,
249+ .slot_max = 0 ,
250+ };
0 commit comments