demo/secure_element/se_utils.c

/*******************************************************************************
* # License
* Copyright 2019 Silicon Laboratories Inc. www.silabs.com
*******************************************************************************
*
* The licensor of this software is Silicon Laboratories Inc. Your use of this
* software is governed by the terms of Silicon Labs Master Software License
* Agreement (MSLA) available at
* www.silabs.com/about-us/legal/master-software-license-agreement. This
* software is distributed to you in Source Code format and is governed by the
* sections of the MSLA applicable to Source Code.
*
******************************************************************************/
#include "common.h"
const uint8_t secure_element_config[] =
{
0xFF, 0xFF, 0xFF, 0xFF, // SN<0:3>
0xFF, 0xFF, 0xFF, 0xFF, // RevNum
0xFF, 0xFF, 0xFF, 0xFF, // SN<4:7>
0xFF, 0xFF, 0xFF, 0xFF, // SN<8>, Reserved, I2C_Enable, Reserved
0xC0, 0x00, 0xAA, 0x00, // I2C_Address, CheckMacConfig, OTP Mode, Selector Mode
0x8F, 0x20, 0xC4, 0x44, // SlotConfig 0, SlotConfig 1
0x87, 0x20, 0x87, 0x20, // SlotConfig 2, SlotConfig 3
0x8F, 0x0F, 0xC4, 0x36, // SlotConfig 4, SlotConfig 5
0x9F, 0x0F, 0x82, 0x20, // SlotConfig 6, SlotConfig 7
0x0F, 0x0F, 0xC4, 0x44, // SlotConfig 8, SlotConfig 9
0x0F, 0x0F, 0x0F, 0x0F, // SlotConfig 10, SlotConfig 11
0x0F, 0x0F, 0x0F, 0x0F, // SlotConfig 12, SlotConfig 13
0x0F, 0x0F, 0x0F, 0x0F, // SlotConfig 14, SlotConfig 15
0xFF, 0xFF, 0xFF, 0xFF,
0x00, 0x00, 0x00, 0x00,
0xFF, 0xFF, 0xFF, 0xFF,
0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
0xFF, 0xFF, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
0x33, 0x00, 0x1C, 0x00,
0x13, 0x00, 0x13, 0x00,
0x7C, 0x00, 0x1C, 0x00,
0x3C, 0x00, 0x33, 0x00,
0x3C, 0x00, 0x3C, 0x00,
0x3C, 0x00, 0x30, 0x00,
0x3C, 0x00, 0x3C, 0x00,
0x3C, 0x00, 0x30, 0x00
};
/*************************************************************************************************
* Read the SE's metadata and determine if the generated credentials have been written to the SE
*/
gos_result_t se_is_provisioned(bool *is_provisioned)
{
gos_result_t result;
se_metadata_t metadata;
if(GOS_FAILED(result, gos_atca_read_data_zone(SE_METADATA_SLOT, &metadata, sizeof(se_metadata_t))))
{
}
else
{
*is_provisioned = (metadata.provision_flag == SLOT8_PROVISIONED_FLAG_VALUE);
}
return result;
}
/*************************************************************************************************
* Retrieve the hostname to issue HTTP requests to from the SE's metadata 'slot'
*/
gos_result_t se_get_hostname(char *hostname)
{
gos_result_t result;
se_metadata_t metadata;
if(GOS_FAILED(result, gos_atca_read_data_zone(SE_METADATA_SLOT, &metadata, sizeof(se_metadata_t))))
{
}
else
{
memcpy(hostname, metadata.hostname, metadata.hostname_size);
hostname[metadata.hostname_size] = 0;
}
return result;
}
/*************************************************************************************************
* Determine if the SE has been configured and locked
*/
gos_result_t se_is_configured(bool *is_configured)
{
gos_result_t result;
bool is_locked;
if(GOS_FAILED(result, gos_atca_compare_config_zone(secure_element_config, is_configured)))
{
}
else if(GOS_FAILED(result, gos_atca_config_zone_is_locked(&is_locked)))
{
}
else
{
// If a valid configuration has been written
// but the SE is NOT locked
// Then assume the SE is NOT configured
if(*is_configured && !is_locked)
{
*is_configured = false;
}
}
return result;
}
/*************************************************************************************************
* Configure the SE.
*
* Write the 'configuration zone' of the SE then lock it.
*
* WARN: This is irreversible!
*/
gos_result_t se_configure(void)
{
gos_result_t result;
bool is_locked;
uint8_t public_key[ATCA_PUB_KEY_SIZE];
if(GOS_FAILED(result, gos_atca_config_zone_is_locked(&is_locked)))
{
goto exit;
}
if(is_locked)
{
GOS_LOG("WARN: Cannot configure 'Config Zone', Config Zone is already locked");
GOS_LOG(" This demo may not work correctly.");
}
else
{
if(GOS_FAILED(result, gos_atca_write_config_zone(secure_element_config)))
{
GOS_LOG("Failed to write configuration");
goto exit;
}
GOS_LOG("Locking Config Zone ...");
{
GOS_LOG("WARN: Failed to lock Config Zone, err:%d", result);
}
else
{
GOS_LOG("Success");
}
}
GOS_LOG("Locking Data Zone ...");
{
GOS_LOG("WARN: Failed to lock Data Zone, err:%d", result);
}
else
{
GOS_LOG("Success");
}
// Generate the device's private key
GOS_LOG("Generating device key pair ...");
if(GOS_FAILED(result, gos_atca_generate_keypair(SE_DEVICE_KEY_SLOT, public_key)))
{
GOS_LOG("Failed to generate device key pair, err:%d", result);
goto exit;
}
else
{
GOS_LOG("Success");
}
exit:
return result;
}