Deprecated Functions
SE - Secure Element

Description

Deprecated Functions.

Data Structures

struct  SE_OTPInit_t
 SE OTP initialization struct.
 
struct  SE_DebugStatus_t
 SE debug status.
 
struct  SE_Status_t
 SE status.
 

Functions

SE_Response_t SE_initOTP (SE_OTPInit_t *otp_init) SL_DEPRECATED_API_SDK_3_0
 
SE_Response_t SE_initPubkey (uint32_t key_type, void *pubkey, uint32_t numBytes, bool signature) SL_DEPRECATED_API_SDK_3_0
 
SE_Response_t SE_writeUserData (uint32_t offset, void *data, uint32_t numBytes)
 
SE_Response_t SE_eraseUserData ()
 
SE_Response_t SE_readPubkey (uint32_t key_type, void *pubkey, uint32_t numBytes, bool signature)
 
SE_Response_t SE_debugLockStatus (SE_DebugStatus_t *status)
 
SE_Response_t SE_debugLockApply (void)
 
SE_Response_t SE_debugSecureEnable (void)
 
SE_Response_t SE_debugSecureDisable (void)
 
SE_Response_t SE_deviceEraseDisable (void)
 
SE_Response_t SE_deviceErase (void)
 
SE_Response_t SE_getStatus (SE_Status_t *status)
 
SE_Response_t SE_serialNumber (void *serial)
 

Function Documentation

◆ SE_initOTP()

SE_Response_t SE_initOTP ( SE_OTPInit_t otp_init)

Initialize SE one-time-programmable (OTP) configuration.

Configuration is performed by setting the desired options in the SE_OTPInit_t structure.

This function can be used to enable secure boot, to configure flash page locking, and to enable anti-rollback protection when using the SE to perform an application upgrade, typically a Gecko bootloader upgrade.

Before secure boot can be enabled, the public key used for secure boot verification must be uploaded using SE_initPubkey().

Warning
This command can only be executed once per device! When the configuration has been programmed it is not possible to update any of the fields.
Parameters
[in]otp_initSE_OTPInit_t structure containing the SE configuration.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OKwhen the command was executed successfully

◆ SE_initPubkey()

SE_Response_t SE_initPubkey ( uint32_t  key_type,
void *  pubkey,
uint32_t  numBytes,
bool  signature 
)

Init pubkey or pubkey signature.

Initialize public key stored in the SE, or its corresponding signature. The command can be used to write:

  • SE_KEY_TYPE_BOOT – public key used to perform secure boot
  • SE_KEY_TYPE_AUTH – public key used to perform secure debug
Note
These keys can not be overwritten, so this command can only be issued once per key per part.
Parameters
[in]key_typeID of key type to initialize.
[in]pubkeyPointer to a buffer that contains the public key or signature. Must be word aligned and have a length of 64 bytes.
[in]numBytesLength of pubkey buffer (64 bytes).
[in]signatureIf true, initialize signature for the specified key type instead of the public key itself.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OKwhen the command was executed successfully
SE_RESPONSE_TEST_FAILEDwhen the pubkey is not set
SE_RESPONSE_INVALID_PARAMETERwhen an invalid type is passed

◆ SE_writeUserData()

SE_Response_t SE_writeUserData ( uint32_t  offset,
void *  data,
uint32_t  numBytes 
)

Writes data to User Data section in MTP. Write data must be aligned to word size and contain a number of bytes that is divisable by four.

Note
It is recommended to erase the flash page before performing a write.
Parameters
[in]offsetOffset to the flash word to write to. Must be aligned to words.
[in]dataData to write to flash.
[in]numBytesNumber of bytes to write to flash. NB: Must be divisable by four.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OKwhen the command was executed successfully or a signature was successfully verified,
SE_RESPONSE_INVALID_COMMANDwhen the command ID was not recognized,
SE_RESPONSE_AUTHORIZATION_ERRORwhen the command is not authorized,
SE_RESPONSE_INVALID_SIGNATUREwhen signature verification failed,
SE_RESPONSE_BUS_ERRORwhen a bus error was thrown during the command, e.g. because of conflicting Secure/Non-Secure memory accesses,
SE_RESPONSE_CRYPTO_ERRORon an internal SE failure, or
SE_RESPONSE_INVALID_PARAMETERwhen an invalid parameter was passed

◆ SE_eraseUserData()

SE_Response_t SE_eraseUserData ( )

Erases User Data section in MTP.

Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OKwhen the command was executed successfully or a signature was successfully verified,
SE_RESPONSE_INVALID_COMMANDwhen the command ID was not recognized,
SE_RESPONSE_AUTHORIZATION_ERRORwhen the command is not authorized,
SE_RESPONSE_INVALID_SIGNATUREwhen signature verification failed,
SE_RESPONSE_BUS_ERRORwhen a bus error was thrown during the command, e.g. because of conflicting Secure/Non-Secure memory accesses,
SE_RESPONSE_CRYPTO_ERRORon an internal SE failure, or
SE_RESPONSE_INVALID_PARAMETERwhen an invalid parameter was passed

◆ SE_readPubkey()

SE_Response_t SE_readPubkey ( uint32_t  key_type,
void *  pubkey,
uint32_t  numBytes,
bool  signature 
)

Read pubkey or pubkey signature.

Read out a public key stored in the SE, or its signature. The command can be used to read:

  • SE_KEY_TYPE_BOOT
  • SE_KEY_TYPE_AUTH
Parameters
[in]key_typeID of key type to read.
[out]pubkeyPointer to a buffer to contain the returned public key. Must be word aligned and have a length of 64 bytes.
[in]numBytesLength of pubkey buffer (64 bytes).
[in]signatureIf true, the function will return the signature programmed for the specified public key instead of the public key itself.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OKwhen the command was executed successfully
SE_RESPONSE_TEST_FAILEDwhen the pubkey is not set
SE_RESPONSE_INVALID_PARAMETERwhen an invalid type is passed

◆ SE_debugLockStatus()

SE_Response_t SE_debugLockStatus ( SE_DebugStatus_t status)

Returns the current debug lock configuration.

Parameters
[out]statusThe command returns a SE_DebugStatus_t with the current status of the debug configuration.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OKwhen the command was executed successfully.
SE_RESPONSE_INTERNAL_ERRORif there are configuration errors.

◆ SE_debugLockApply()

SE_Response_t SE_debugLockApply ( void  )

Enables the debug lock for the part.

The debug port will be closed and the only way to open it is through device erase (if enabled) or temporarily through secure debug unlock (if enabled).

Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OKwhen the command was executed successfully.
SE_RESPONSE_INTERNAL_ERRORthere was a problem locking the debug port.

◆ SE_debugSecureEnable()

SE_Response_t SE_debugSecureEnable ( void  )

Enables the secure debug functionality.

Enables the secure debug functionality. This functionality makes it possible to open a locked debug port by signing a cryptographic challenge and using the debug command interface (DCI).

This command can only be executed before the debug port is locked, and after a secure debug public key has been installed in the SE using SE_initPubkey() or the corresponding DCI command.

Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OKwhen the command was executed successfully.
SE_RESPONSE_INVALID_COMMANDif debug port is locked.
SE_RESPONSE_INVALID_PARAMETERif secure debug certificates are missing.
SE_RESPONSE_INTERNAL_ERRORif there was a problem during execution.

◆ SE_debugSecureDisable()

SE_Response_t SE_debugSecureDisable ( void  )

Disables the secure debug functionality.

Disables the secure debug functionality that can be used to open a locked debug port.

Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OKwhen the command was executed successfully.
SE_RESPONSE_INTERNAL_ERRORif there was a problem during execution.

◆ SE_deviceEraseDisable()

SE_Response_t SE_deviceEraseDisable ( void  )

Disabled device erase functionality.

This command disables the device erase command. It does not lock the debug interface to the part, but it is a permanent action for the part. If device erase is disabled and the device is debug locked, there is no way to permanently unlock the part. If secure debug unlock is enabled, secure debug unlock can still be used to temporarily open the debug port.

Warning
This command permanently disables the device erase functionality!
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OKwhen the command was executed successfully.
SE_RESPONSE_INTERNAL_ERRORif there was a problem during execution.

◆ SE_deviceErase()

SE_Response_t SE_deviceErase ( void  )

Performs a device mass erase and debug unlock.

Performs a device mass erase and resets the debug configuration to its initial unlocked state. Only available before SE_deviceEraseDisable or the corresponding DCI command has been executed.

Note
This command clears and verifies the complete flash and ram of the system, excluding the user data pages and one-time programmable commissioning information in the secure element.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OKwhen the command was executed successfully.
SE_RESPONSE_INVALID_COMMANDif device erase is disabled.
SE_RESPONSE_INTERNAL_ERRORif there was a problem during execution.

◆ SE_getStatus()

SE_Response_t SE_getStatus ( SE_Status_t status)

Returns the current boot status, versions and system configuration.

Parameters
[out]statusSE_Status_t containing current SE status.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OKupon command completion. Errors are encoded in the different parts of the returned status object.

◆ SE_serialNumber()

SE_Response_t SE_serialNumber ( void *  serial)

Read the serial number of the SE module.

Parameters
[out]serialPointer to array of size 16 bytes.
Returns
One of the SE_Response_t return codes.
Return values
SE_RESPONSE_OKwhen serial number is returned successfully,
SE_RESPONSE_INTERNAL_ERRORif not.