Deprecated Functions#
Deprecated Functions.
Modules#
Functions#
Function Documentation#
SE_initOTP#
SE_Response_t SE_initOTP (SE_OTPInit_t * otp_init)
| Type | Direction | Argument Name | Description |
|---|---|---|---|
| SE_OTPInit_t * | [in] | otp_init | SE_OTPInit_t structure containing the SE configuration. |
Initialize SE one-time-programmable (OTP) configuration.
Configuration is performed by setting the desired options in the SE_OTPInit_t structure.
This function can be used to enable secure boot, to configure flash page locking, and to enable anti-rollback protection when using the SE to perform an application upgrade, typically a Gecko bootloader upgrade.
Before secure boot can be enabled, the public key used for secure boot verification must be uploaded using SE_initPubkey().
Warnings
This command can only be executed once per device! When the configuration has been programmed it is not possible to update any of the fields.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK: when the command was executed successfully
SE_initPubkey#
SE_Response_t SE_initPubkey (uint32_t key_type, void * pubkey, uint32_t numBytes, bool signature)
| Type | Direction | Argument Name | Description |
|---|---|---|---|
| uint32_t | [in] | key_type | ID of key type to initialize. |
| void * | [in] | pubkey | Pointer to a buffer that contains the public key or signature. Must be word aligned and have a length of 64 bytes. |
| uint32_t | [in] | numBytes | Length of pubkey buffer (64 bytes). |
| bool | [in] | signature | If true, initialize signature for the specified key type instead of the public key itself. |
Init pubkey or pubkey signature.
Initialize public key stored in the SE, or its corresponding signature. The command can be used to write:
SE_KEY_TYPE_BOOT – public key used to perform secure boot
SE_KEY_TYPE_AUTH – public key used to perform secure debug
Note
These keys can not be overwritten, so this command can only be issued once per key per part.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK: when the command was executed successfully
SE_RESPONSE_TEST_FAILED: when the pubkey is not set
SE_RESPONSE_INVALID_PARAMETER: when an invalid type is passed
SE_writeUserData#
SE_Response_t SE_writeUserData (uint32_t offset, void * data, uint32_t numBytes)
| Type | Direction | Argument Name | Description |
|---|---|---|---|
| uint32_t | [in] | offset | Offset to the flash word to write to. Must be aligned to words. |
| void * | [in] | data | Data to write to flash. |
| uint32_t | [in] | numBytes | Number of bytes to write to flash. NB: Must be divisable by four. |
Writes data to User Data section in MTP. Write data must be aligned to word size and contain a number of bytes that is divisable by four.
Note
It is recommended to erase the flash page before performing a write.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK: when the command was executed successfully or a signature was successfully verified,
SE_RESPONSE_INVALID_COMMAND: when the command ID was not recognized,
SE_RESPONSE_AUTHORIZATION_ERROR: when the command is not authorized,
SE_RESPONSE_INVALID_SIGNATURE: when signature verification failed,
SE_RESPONSE_BUS_ERROR: when a bus error was thrown during the command, e.g. because of conflicting Secure/Non-Secure memory accesses,
SE_RESPONSE_CRYPTO_ERROR: on an internal SE failure, or
SE_RESPONSE_INVALID_PARAMETER: when an invalid parameter was passed
SE_eraseUserData#
SE_Response_t SE_eraseUserData (void )
| Type | Direction | Argument Name | Description |
|---|---|---|---|
| void | N/A |
Erases User Data section in MTP.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK: when the command was executed successfully or a signature was successfully verified,
SE_RESPONSE_INVALID_COMMAND: when the command ID was not recognized,
SE_RESPONSE_AUTHORIZATION_ERROR: when the command is not authorized,
SE_RESPONSE_INVALID_SIGNATURE: when signature verification failed,
SE_RESPONSE_BUS_ERROR: when a bus error was thrown during the command, e.g. because of conflicting Secure/Non-Secure memory accesses,
SE_RESPONSE_CRYPTO_ERROR: on an internal SE failure, or
SE_RESPONSE_INVALID_PARAMETER: when an invalid parameter was passed
SE_readPubkey#
SE_Response_t SE_readPubkey (uint32_t key_type, void * pubkey, uint32_t numBytes, bool signature)
| Type | Direction | Argument Name | Description |
|---|---|---|---|
| uint32_t | [in] | key_type | ID of key type to read. |
| void * | [out] | pubkey | Pointer to a buffer to contain the returned public key. Must be word aligned and have a length of 64 bytes. |
| uint32_t | [in] | numBytes | Length of pubkey buffer (64 bytes). |
| bool | [in] | signature | If true, the function will return the signature programmed for the specified public key instead of the public key itself. |
Read pubkey or pubkey signature.
Read out a public key stored in the SE, or its signature. The command can be used to read:
SE_KEY_TYPE_BOOT
SE_KEY_TYPE_AUTH
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK: when the command was executed successfully
SE_RESPONSE_TEST_FAILED: when the pubkey is not set
SE_RESPONSE_INVALID_PARAMETER: when an invalid type is passed
SE_debugLockStatus#
SE_Response_t SE_debugLockStatus (SE_DebugStatus_t * status)
| Type | Direction | Argument Name | Description |
|---|---|---|---|
| SE_DebugStatus_t * | [out] | status | The command returns a SE_DebugStatus_t with the current status of the debug configuration. |
Returns the current debug lock configuration. Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK: when the command was executed successfully.
SE_RESPONSE_INTERNAL_ERROR: if there are configuration errors.
SE_debugLockApply#
SE_Response_t SE_debugLockApply (void )
| Type | Direction | Argument Name | Description |
|---|---|---|---|
| void | N/A |
Enables the debug lock for the part.
The debug port will be closed and the only way to open it is through device erase (if enabled) or temporarily through secure debug unlock (if enabled).
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK: when the command was executed successfully.
SE_RESPONSE_INTERNAL_ERROR: there was a problem locking the debug port.
SE_debugSecureEnable#
SE_Response_t SE_debugSecureEnable (void )
| Type | Direction | Argument Name | Description |
|---|---|---|---|
| void | N/A |
Enables the secure debug functionality.
Enables the secure debug functionality. This functionality makes it possible to open a locked debug port by signing a cryptographic challenge and using the debug command interface (DCI).
This command can only be executed before the debug port is locked, and after a secure debug public key has been installed in the SE using SE_initPubkey() or the corresponding DCI command.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK: when the command was executed successfully.
SE_RESPONSE_INVALID_COMMAND: if debug port is locked.
SE_RESPONSE_INVALID_PARAMETER: if secure debug certificates are missing.
SE_RESPONSE_INTERNAL_ERROR: if there was a problem during execution.
SE_debugSecureDisable#
SE_Response_t SE_debugSecureDisable (void )
| Type | Direction | Argument Name | Description |
|---|---|---|---|
| void | N/A |
Disables the secure debug functionality.
Disables the secure debug functionality that can be used to open a locked debug port. Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK: when the command was executed successfully.
SE_RESPONSE_INTERNAL_ERROR: if there was a problem during execution.
SE_deviceEraseDisable#
SE_Response_t SE_deviceEraseDisable (void )
| Type | Direction | Argument Name | Description |
|---|---|---|---|
| void | N/A |
Disabled device erase functionality.
This command disables the device erase command. It does not lock the debug interface to the part, but it is a permanent action for the part. If device erase is disabled and the device is debug locked, there is no way to permanently unlock the part. If secure debug unlock is enabled, secure debug unlock can still be used to temporarily open the debug port.
Warnings
This command permanently disables the device erase functionality!
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK: when the command was executed successfully.
SE_RESPONSE_INTERNAL_ERROR: if there was a problem during execution.
SE_deviceErase#
SE_Response_t SE_deviceErase (void )
| Type | Direction | Argument Name | Description |
|---|---|---|---|
| void | N/A |
Performs a device mass erase and debug unlock.
Performs a device mass erase and resets the debug configuration to its initial unlocked state. Only available before SE_deviceEraseDisable or the corresponding DCI command has been executed.
Note
This command clears and verifies the complete flash and ram of the system, excluding the user data pages and one-time programmable commissioning information in the secure element.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK: when the command was executed successfully.
SE_RESPONSE_INVALID_COMMAND: if device erase is disabled.
SE_RESPONSE_INTERNAL_ERROR: if there was a problem during execution.
SE_getStatus#
SE_Response_t SE_getStatus (SE_Status_t * status)
| Type | Direction | Argument Name | Description |
|---|---|---|---|
| SE_Status_t * | [out] | status | SE_Status_t containing current SE status. |
Returns the current boot status, versions and system configuration.
Returns
One of the SE_RESPONSE return codes.
Return values
SE_RESPONSE_OK: upon command completion. Errors are encoded in the different parts of the returned status object.
SE_serialNumber#
SE_Response_t SE_serialNumber (void * serial)
| Type | Direction | Argument Name | Description |
|---|---|---|---|
| void * | [out] | serial | Pointer to array of size 16 bytes. |
Read the serial number of the SE module.
Returns
One of the SE_Response_t return codes.
Return values
SE_RESPONSE_OK: when serial number is returned successfully,
SE_RESPONSE_INTERNAL_ERROR: if not.