Deprecated Functions
SE - Secure Element

Description

Deprecated Functions.

Data Structures

struct SE_OTPInit_t
SE OTP initialization struct.
struct SE_DebugStatus_t
SE debug status.
struct SE_Status_t
SE status.

Functions

SE_Response_t SE_initPubkey (uint32_t key_type, void *pubkey, uint32_t numBytes, bool signature)
SE_Response_t SE_initOTP ( SE_OTPInit_t *otp_init)
SE_Response_t SE_writeUserData (uint32_t offset, void *data, uint32_t numBytes)
SE_Response_t SE_eraseUserData ()
SE_Response_t SE_getStatus ( SE_Status_t *status)
SE_Response_t SE_serialNumber (void *serial)
SE_Response_t SE_readPubkey (uint32_t key_type, void *pubkey, uint32_t numBytes, bool signature)
SE_Response_t SE_debugLockStatus ( SE_DebugStatus_t *status)
SE_Response_t SE_debugLockApply (void)
SE_Response_t SE_debugSecureEnable (void)
SE_Response_t SE_debugSecureDisable (void)
SE_Response_t SE_deviceErase (void)
SE_Response_t SE_deviceEraseDisable (void)

Function Documentation

SE_initPubkey()

SE_Response_t SE_initPubkey ( uint32_t key_type,
void * pubkey,
uint32_t numBytes,
bool signature
)

Init pubkey or pubkey signature.

Initialize public key stored in the SE, or its corresponding signature. The command can be used to write:

  • SE_KEY_TYPE_BOOT – public key used to perform secure boot
  • SE_KEY_TYPE_AUTH – public key used to perform secure debug
Note
These keys can not be overwritten, so this command can only be issued once per key per part.
Parameters
[in] key_type ID of key type to initialize.
[in] pubkey Pointer to a buffer that contains the public key or signature. Must be word aligned and have a length of 64 bytes.
[in] numBytes Length of pubkey buffer (64 bytes).
[in] signature If true, initialize signature for the specified key type instead of the public key itself.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK when the command was executed successfully
SE_RESPONSE_TEST_FAILED when the pubkey is not set
SE_RESPONSE_INVALID_PARAMETER when an invalid type is passed

SE_initOTP()

SE_Response_t SE_initOTP ( SE_OTPInit_t * otp_init )

Initialize SE one-time-programmable (OTP) configuration.

Configuration is performed by setting the desired options in the SE_OTPInit_t structure.

This function can be used to enable secure boot, to configure flash page locking, and to enable anti-rollback protection when using the SE to perform an application upgrade, typically a Gecko bootloader upgrade.

Before secure boot can be enabled, the public key used for secure boot verification must be uploaded using SE_initPubkey() .

Warning
This command can only be executed once per device! When the configuration has been programmed it is not possible to update any of the fields.
Parameters
[in] otp_init SE_OTPInit_t structure containing the SE configuration.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK when the command was executed successfully

SE_writeUserData()

SE_Response_t SE_writeUserData ( uint32_t offset,
void * data,
uint32_t numBytes
)

Writes data to User Data section in MTP. Write data must be aligned to word size and contain a number of bytes that is divisable by four.

Note
It is recommended to erase the flash page before performing a write.
Parameters
[in] offset Offset to the flash word to write to. Must be aligned to words.
[in] data Data to write to flash.
[in] numBytes Number of bytes to write to flash. NB: Must be divisable by four.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK when the command was executed successfully or a signature was successfully verified,
SE_RESPONSE_INVALID_COMMAND when the command ID was not recognized,
SE_RESPONSE_AUTHORIZATION_ERROR when the command is not authorized,
SE_RESPONSE_INVALID_SIGNATURE when signature verification failed,
SE_RESPONSE_BUS_ERROR when a bus error was thrown during the command, e.g. because of conflicting Secure/Non-Secure memory accesses,
SE_RESPONSE_CRYPTO_ERROR on an internal SE failure, or
SE_RESPONSE_INVALID_PARAMETER when an invalid parameter was passed

SE_eraseUserData()

SE_Response_t SE_eraseUserData ( )

Erases User Data section in MTP.

Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK when the command was executed successfully or a signature was successfully verified,
SE_RESPONSE_INVALID_COMMAND when the command ID was not recognized,
SE_RESPONSE_AUTHORIZATION_ERROR when the command is not authorized,
SE_RESPONSE_INVALID_SIGNATURE when signature verification failed,
SE_RESPONSE_BUS_ERROR when a bus error was thrown during the command, e.g. because of conflicting Secure/Non-Secure memory accesses,
SE_RESPONSE_CRYPTO_ERROR on an internal SE failure, or
SE_RESPONSE_INVALID_PARAMETER when an invalid parameter was passed

SE_getStatus()

SE_Response_t SE_getStatus ( SE_Status_t * status )

Returns the current boot status, versions and system configuration.

Parameters
[out] status SE_Status_t containing current SE status.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK upon command completion. Errors are encoded in the different parts of the returned status object.

SE_serialNumber()

SE_Response_t SE_serialNumber ( void * serial )

Read the serial number of the SE module.

Parameters
[out] serial Pointer to array of size 16 bytes.
Returns
One of the SE_Response_t return codes.
Return values
SE_RESPONSE_OK when serial number is returned successfully,
SE_RESPONSE_INTERNAL_ERROR if not.

SE_readPubkey()

SE_Response_t SE_readPubkey ( uint32_t key_type,
void * pubkey,
uint32_t numBytes,
bool signature
)

Read pubkey or pubkey signature.

Read out a public key stored in the SE, or its signature. The command can be used to read:

  • SE_KEY_TYPE_BOOT
  • SE_KEY_TYPE_AUTH
Parameters
[in] key_type ID of key type to read.
[out] pubkey Pointer to a buffer to contain the returned public key. Must be word aligned and have a length of 64 bytes.
[in] numBytes Length of pubkey buffer (64 bytes).
[in] signature If true, the function will return the signature programmed for the specified public key instead of the public key itself.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK when the command was executed successfully
SE_RESPONSE_TEST_FAILED when the pubkey is not set
SE_RESPONSE_INVALID_PARAMETER when an invalid type is passed

SE_debugLockStatus()

SE_Response_t SE_debugLockStatus ( SE_DebugStatus_t * status )

Returns the current debug lock configuration.

Parameters
[out] status The command returns a SE_DebugStatus_t with the current status of the debug configuration.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK when the command was executed successfully.
SE_RESPONSE_INTERNAL_ERROR if there are configuration errors.

SE_debugLockApply()

SE_Response_t SE_debugLockApply ( void )

Enables the debug lock for the part.

The debug port will be closed and the only way to open it is through device erase (if enabled) or temporarily through secure debug unlock (if enabled).

Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK when the command was executed successfully.
SE_RESPONSE_INTERNAL_ERROR there was a problem locking the debug port.

SE_debugSecureEnable()

SE_Response_t SE_debugSecureEnable ( void )

Enables the secure debug functionality.

Enables the secure debug functionality. This functionality makes it possible to open a locked debug port by signing a cryptographic challenge and using the debug command interface (DCI).

This command can only be executed before the debug port is locked, and after a secure debug public key has been installed in the SE using SE_initPubkey() or the corresponding DCI command.

Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK when the command was executed successfully.
SE_RESPONSE_INVALID_COMMAND if debug port is locked.
SE_RESPONSE_INVALID_PARAMETER if secure debug certificates are missing.
SE_RESPONSE_INTERNAL_ERROR if there was a problem during execution.

SE_debugSecureDisable()

SE_Response_t SE_debugSecureDisable ( void )

Disables the secure debug functionality.

Disables the secure debug functionality that can be used to open a locked debug port.

Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK when the command was executed successfully.
SE_RESPONSE_INTERNAL_ERROR if there was a problem during execution.

SE_deviceErase()

SE_Response_t SE_deviceErase ( void )

Performs a device mass erase and debug unlock.

Performs a device mass erase and resets the debug configuration to its initial unlocked state. Only available before SE_deviceEraseDisable or the corresponding DCI command has been executed.

Note
This command clears and verifies the complete flash and ram of the system, excluding the user data pages and one-time programmable commissioning information in the secure element.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK when the command was executed successfully.
SE_RESPONSE_INVALID_COMMAND if device erase is disabled.
SE_RESPONSE_INTERNAL_ERROR if there was a problem during execution.

SE_deviceEraseDisable()

SE_Response_t SE_deviceEraseDisable ( void )

Disabled device erase functionality.

This command disables the device erase command. It does not lock the debug interface to the part, but it is a permanent action for the part. If device erase is disabled and the device is debug locked, there is no way to permanently unlock the part. If secure debug unlock is enabled, secure debug unlock can still be used to temporarily open the debug port.

Warning
This command permanently disables the device erase functionality!
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK when the command was executed successfully.
SE_RESPONSE_INTERNAL_ERROR if there was a problem during execution.