Merge pull request #3 from AndrzejKurek/verification_pubkey_importing

Patater · web-flow · commit 4efab44aed1f · 2019-06-04T12:41:51.000+01:00
Add verification and public key importing
diff --git a/atecc608a_utils.c b/atecc608a_utils.c
@@ -23,7 +23,7 @@
 
 #include "atca_basic.h"
 
-psa_status_t atecc608a_get_serial_number(uint8_t* buffer,
+psa_status_t atecc608a_get_serial_number(uint8_t *buffer,
                                          size_t buffer_size,
                                          size_t *buffer_length)
 {
@@ -61,3 +61,19 @@ psa_status_t atecc608a_check_config_locked()
     }
     return status;
 }
+
+psa_status_t atecc608a_generate_key(uint16_t slot, uint8_t *pubkey, size_t pubkey_size)
+{
+    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+    if (pubkey != NULL && pubkey_size < ATCA_PUB_KEY_SIZE)
+    {
+       return PSA_ERROR_BUFFER_TOO_SMALL;
+    }
+
+    ASSERT_SUCCESS_PSA(atecc608a_init());
+    ASSERT_SUCCESS(atcab_genkey(slot, pubkey));
+
+exit:
+    atecc608a_deinit();
+    return status;
+}
diff --git a/atecc608a_utils.h b/atecc608a_utils.h
@@ -56,9 +56,11 @@
 #define ASSERT_SUCCESS_PSA(expression) ASSERT_STATUS(expression, PSA_SUCCESS, \
                                                      ASSERT_result)
 
-psa_status_t atecc608a_get_serial_number(uint8_t* buffer, size_t buffer_size,
+psa_status_t atecc608a_get_serial_number(uint8_t *buffer, size_t buffer_size,
                                          size_t *buffer_length);
 
 psa_status_t atecc608a_check_config_locked();
 
+psa_status_t atecc608a_generate_key(uint16_t slot, uint8_t *pubkey, size_t pubkey_size);
+
 #endif /* ATECC608A_SE_H */
diff --git a/main.c b/main.c
@@ -105,6 +105,18 @@ psa_status_t atecc608a_print_serial_number()
     return status;
 }
 
+psa_status_t atecc608a_print_config_zone()
+{
+    uint8_t config_buffer[ATCA_ECC_CONFIG_SIZE] = {0};
+    psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+    ASSERT_SUCCESS_PSA(atecc608a_init());
+    ASSERT_SUCCESS(atcab_read_config_zone(config_buffer));
+    atcab_printbin_label("Config zone: ", config_buffer, ATCA_ECC_CONFIG_SIZE);
+exit:
+    atecc608a_deinit();
+    return status;
+}
+
 int main(void)
 {
     enum {
@@ -131,8 +143,12 @@ int main(void)
     static uint8_t pubkey[pubkey_size];
     size_t pubkey_len = 0;
     psa_key_slot_number_t atecc608a_key_slot_device = 0;
+    psa_key_slot_number_t atecc608a_public_key_slot = 9;
 
     atecc608a_print_serial_number();
+    atecc608a_print_config_zone();
+    ASSERT_SUCCESS_PSA(atecc608a_generate_key(atecc608a_key_slot_device, pubkey, pubkey_size));
+    atcab_printbin_label("pubKey generated: ", pubkey, ATCA_PUB_KEY_SIZE);
 
     ASSERT_SUCCESS_PSA(atecc608a_hash_sha256(hash_input1,
                                              sizeof(hash_input1) - 1,
@@ -147,17 +163,27 @@ int main(void)
     ASSERT_SUCCESS_PSA(psa_crypto_init());
 
     atecc608a_print_locked_zones();
+
     /* Verify that the device has a locked config before doing anything */
     ASSERT_SUCCESS_PSA(atecc608a_check_config_locked());
 
     ASSERT_SUCCESS_PSA(atecc608a_drv_info.p_key_management->p_export(
                          atecc608a_key_slot_device, pubkey, sizeof(pubkey),
                          &pubkey_len));
 
+    ASSERT_SUCCESS_PSA(atecc608a_drv_info.p_key_management->p_import(
+                         atecc608a_public_key_slot,
+                         atecc608a_drv_info.lifetime,
+                         key_type, alg, PSA_KEY_USAGE_VERIFY, pubkey,
+                         pubkey_len));
+
     ASSERT_SUCCESS_PSA(atecc608a_drv_info.p_asym->p_sign(
                          atecc608a_key_slot_device, alg, hash, sizeof(hash),
                          signature, sizeof(signature), &signature_length));
 
+    ASSERT_SUCCESS_PSA(atecc608a_drv_info.p_asym->p_verify(
+                         atecc608a_public_key_slot, alg, hash, sizeof(hash),
+                         signature, signature_length));
     /*
      * Import the secure element's public key into a volatile key slot.
      */
