Add hardware signing and key exporting

AndrzejKurek · AndrzejKurek · commit 3eb5a8ee63b6 · 2019-05-21T05:39:48.000-04:00
diff --git a/atecc608a_se.c b/atecc608a_se.c
@@ -0,0 +1,224 @@
+#include "atecc608a_se.h"
+
+static ATCAIfaceCfg atca_iface_config = {
+    .iface_type = ATCA_I2C_IFACE,
+    .devtype = ATECC608A,
+    .atcai2c.slave_address = 0xC0,
+    .atcai2c.bus = 2,
+    .atcai2c.baud = 400000,
+    .wake_delay = 1500,
+    .rx_retries = 20,
+};
+
+int hash_sha256(const uint8_t *input, size_t input_size,
+                        const uint8_t *expected_hash, size_t expected_hash_size)
+{
+    uint8_t actual_hash[ATCA_SHA_DIGEST_SIZE] = {0};
+
+    printf("**********************************************\n");
+    printf("SHA-256:\n\n");
+    atcab_printbin_label("Input: ", (uint8_t *)input, input_size);
+    atcab_printbin_label("Expected Hash: ", (uint8_t *)expected_hash, expected_hash_size);
+    ASSERT_STATUS(atcab_init(&atca_iface_config), ATCA_SUCCESS);
+    ASSERT_STATUS(atcab_hw_sha2_256(input, input_size, actual_hash), ATCA_SUCCESS);
+    ASSERT_STATUS(atcab_release(), ATCA_SUCCESS);
+    atcab_printbin_label("Actual Hash: ", actual_hash, ATCA_SHA_DIGEST_SIZE);
+    ASSERT_STATUS(memcmp(actual_hash, expected_hash, sizeof(actual_hash)), 0);
+    printf("Success!\n\n");
+
+    return 0;
+}
+
+int read_serial_number(void)
+{
+    uint8_t serial[ATCA_SERIAL_NUM_SIZE];
+
+    printf("**********************************************\n");
+    ASSERT_STATUS(atcab_init(&atca_iface_config), ATCA_SUCCESS);
+    ASSERT_STATUS(atcab_read_serial_number(serial), ATCA_SUCCESS);
+    ASSERT_STATUS(atcab_release(), ATCA_SUCCESS);
+    printf("Serial Number:\n");
+    atcab_printbin_sp(serial, ATCA_SERIAL_NUM_SIZE);
+    printf("\n");
+
+    return 0;
+}
+
+psa_status_t atecc608a_to_psa_error(ATCA_STATUS ret)
+{
+    switch (ret)
+    {
+    case ATCA_SUCCESS:
+    case ATCA_RX_NO_RESPONSE:
+    case ATCA_WAKE_SUCCESS:
+        return PSA_SUCCESS;
+    case ATCA_BAD_PARAM:
+    case ATCA_INVALID_ID:
+    case ATCA_INVALID_SIZE:
+    case ATCA_SMALL_BUFFER:
+    case ATCA_BAD_OPCODE:
+    case ATCA_ASSERT_FAILURE:
+        return PSA_ERROR_INVALID_ARGUMENT;
+    case ATCA_RX_CRC_ERROR:
+    case ATCA_RX_FAIL:
+    case ATCA_STATUS_CRC:
+    case ATCA_RESYNC_WITH_WAKEUP:
+    case ATCA_PARITY_ERROR:
+    case ATCA_TX_TIMEOUT:
+    case ATCA_RX_TIMEOUT:
+    case ATCA_TOO_MANY_COMM_RETRIES:
+    case ATCA_COMM_FAIL:
+    case ATCA_TIMEOUT:
+    case ATCA_TX_FAIL:
+    case ATCA_NO_DEVICES:
+        return PSA_ERROR_COMMUNICATION_FAILURE;
+    case ATCA_UNIMPLEMENTED:
+        return PSA_ERROR_NOT_SUPPORTED;
+    case ATCA_ALLOC_FAILURE:
+        return PSA_ERROR_INSUFFICIENT_MEMORY;
+    case ATCA_CONFIG_ZONE_LOCKED:
+    case ATCA_DATA_ZONE_LOCKED:
+    case ATCA_NOT_LOCKED:
+    case ATCA_WAKE_FAILED:
+    case ATCA_STATUS_UNKNOWN:
+    case ATCA_STATUS_ECC:
+    case ATCA_STATUS_SELFTEST_ERROR:
+    case ATCA_CHECKMAC_VERIFY_FAILED:
+    case ATCA_PARSE_ERROR:
+    case ATCA_FUNC_FAIL:
+    case ATCA_GEN_FAIL:
+    case ATCA_EXECUTION_ERROR:
+    case ATCA_HEALTH_TEST_ERROR:
+    default:
+        return PSA_ERROR_HARDWARE_FAILURE;
+    }
+}
+
+ATCA_STATUS checkLockedZones()
+{
+    bool locked;
+    bool config_locked;
+    printf("--- Device locks information ---\n");
+    ASSERT_STATUS(atcab_init(&atca_iface_config), ATCA_SUCCESS);
+    ASSERT_STATUS(atcab_is_locked(LOCK_ZONE_CONFIG, &config_locked), ATCA_SUCCESS);
+    printf("  - Config locked: %d\n", config_locked);
+    ASSERT_STATUS(atcab_is_locked(LOCK_ZONE_DATA, &locked), ATCA_SUCCESS);
+    printf("  - Data locked: %d\n", locked);
+    for(uint8_t i=0; i < 16; i++)
+    {
+        ASSERT_STATUS(atcab_is_slot_locked(i, &locked), ATCA_SUCCESS);
+        printf("  - Slot %d locked: %d\n", i, locked);
+    }
+    ASSERT_STATUS(atcab_release(), ATCA_SUCCESS);
+    printf("--------------------------------\n");
+    if(!config_locked)
+    {
+        printf("Config is not locked! Cannot use private keys.\n");
+        return ATCA_NOT_LOCKED;
+    }
+    return ATCA_CONFIG_ZONE_LOCKED;
+}
+
+psa_status_t atecc608a_export_key(psa_key_slot_number_t key,
+                                         uint8_t *p_data,
+                                         size_t data_size,
+                                         size_t *p_data_length)
+{
+    ATCA_STATUS ret = ATCA_SUCCESS;
+    uint16_t slot = key;
+    size_t key_data_len = 65;
+    if(data_size < key_data_len)
+    {
+        printf("FAILED! Key buffer too small.\n");
+        return PSA_ERROR_INVALID_ARGUMENT;
+    }
+    ASSERT_STATUS(atcab_init(&atca_iface_config), ATCA_SUCCESS);
+
+    ret = atcab_get_pubkey(slot, &p_data[1]);
+    if (ret != ATCA_SUCCESS)
+    {
+        printf("FAILED! atcab_get_pubkey: %d\n", ret);
+        return atecc608a_to_psa_error(ret);
+    }
+    p_data[0] = 4;
+    *p_data_length = key_data_len;
+    printf("atecc608a_export_key - pubkey size %d:\n", *p_data_length);
+    atcab_printbin_sp(p_data, *p_data_length);
+    ASSERT_STATUS(atcab_release(), ATCA_SUCCESS);
+}
+
+psa_status_t atecc608a_asymmetric_sign(psa_key_slot_number_t key_slot,
+                                       psa_algorithm_t alg,
+                                       const uint8_t *p_hash,
+                                       size_t hash_length,
+                                       uint8_t *p_signature,
+                                       size_t signature_size,
+                                       size_t *p_signature_length)
+{
+    ATCA_STATUS ret = ATCA_SUCCESS;
+    uint16_t key_id = key_slot;
+
+    /* We can only do ECDSA on SHA-256 */
+    /* PSA_ALG_ECDSA(PSA_ALG_SHA_256) */
+    if(!PSA_ALG_IS_ECDSA(alg))
+    {
+        printf("FAILED! PSA_ALG_IS_ECDSA:\n");
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    if (hash_length != 32)
+    {
+        printf("FAILED! hash_length:\n");
+        /* The driver only supports signing things of length 32. */
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    if (!PSA_ALG_IS_RANDOMIZED_ECDSA(alg))
+    {
+        printf("FAILED! PSA_ALG_IS_RANDOMIZED_ECDSA:\n");
+        /* The hardware only supports randomized ECDSA */
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
+
+    /* XXX how to check the curve? */
+    //PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1);
+    //PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256K1);
+
+    ASSERT_STATUS(atcab_init(&atca_iface_config), ATCA_SUCCESS);
+
+    /* Signature will be returned here. Format is R and S integers in
+     * big-endian format. 64 bytes for P256 curve. */
+    ret = atcab_sign(key_id, p_hash, p_signature);
+    if (ret != ATCA_SUCCESS)
+    {
+        printf("FAILED! atcab_sign: %d\n", ret);
+        return atecc608a_to_psa_error(ret);
+    }
+
+    *p_signature_length = 64;
+    ASSERT_STATUS(atcab_release(), ATCA_SUCCESS);
+
+    printf("atecc608a_asymmetric_sign - signature size %d:\n", *p_signature_length);
+    atcab_printbin_sp(p_signature, *p_signature_length);
+    return atecc608a_to_psa_error(ret);
+}
+
+psa_drv_se_asymmetric_t atecc608a_asymmetric =
+{
+    .p_sign = atecc608a_asymmetric_sign,
+    .p_verify = 0,
+    .p_encrypt = 0,
+    .p_decrypt = 0,
+};
+
+psa_drv_se_key_management_t atecc608a_key_management = {
+    .p_export = &atecc608a_export_key,
+};
+
+psa_drv_se_info_t atecc608a_drv_info = {
+    .lifetime = PSA_ATECC608A_LIFETIME,
+    .p_asym = &atecc608a_asymmetric,
+    .p_key_management = &atecc608a_key_management,
+    .slot_min = 0,
+    .slot_max = 0,
+};
diff --git a/atecc608a_se.h b/atecc608a_se.h
@@ -0,0 +1,72 @@
+/**
+ * \file atecc508a_se
+ * \brief Secure element implementation for ATECC508A and ATECC509A
+ */
+
+/*
+ *  Copyright (C) 2019, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+#ifndef ATECC608A_SE_H
+#define ATECC608A_SE_H
+
+#include "psa/crypto.h"
+
+#include "atca_status.h"
+#include "atca_devtypes.h"
+#include "atca_iface.h"
+#include "atca_command.h"
+#include "atca_basic.h"
+#include "atca_helpers.h"
+
+#define ASSERT_STATUS(actual, expected)                             \
+    do                                                              \
+    {                                                               \
+        if ((actual) != (expected))                                 \
+        {                                                           \
+            printf("assertion failed at %s:%d "                     \
+                   "(actual=%d expected=%d)\n", __FILE__, __LINE__, \
+                   (int)actual, (int)expected);                     \
+            return -1;                                                 \
+        }                                                           \
+    } while(0)
+#define USE_SE_DIRECTLY 0
+
+#define PSA_ATECC608A_LIFETIME 0xdeadbeefU
+
+int hash_sha256(const uint8_t *input, size_t input_size,
+                        const uint8_t *expected_hash, size_t expected_hash_size);
+
+int read_serial_number(void);
+
+psa_status_t atecc608a_to_psa_error(ATCA_STATUS ret);
+
+ATCA_STATUS checkLockedZones();
+
+psa_status_t atecc608a_export_key(psa_key_slot_number_t key,
+                                         uint8_t *p_data,
+                                         size_t data_size,
+                                         size_t *p_data_length);
+
+psa_status_t atecc608a_asymmetric_sign(psa_key_slot_number_t key_slot,
+                                       psa_algorithm_t alg,
+                                       const uint8_t *p_hash,
+                                       size_t hash_length,
+                                       uint8_t *p_signature,
+                                       size_t signature_size,
+                                       size_t *p_signature_length);
+
+#endif /* ATECC608A_SE_H */
diff --git a/main.c b/main.c
