pub struct Atecc508a<'a> { /* private fields */ }
Implementations§
Source§impl<'a> Atecc508a<'a>
impl<'a> Atecc508a<'a>
pub fn new( i2c: &'a dyn I2CDevice, buffer: &'static mut [u8], entropy_buffer: &'static mut [u8; 32], digest_buffer: &'static mut [u8; 64], wakeup_device: fn(), ) -> Self
Sourcepub fn read_config_zone(&self) -> Result<(), ErrorCode>
pub fn read_config_zone(&self) -> Result<(), ErrorCode>
Read information from the configuration zone and print it This will work while the device is either locked or unlocked
Sourcepub fn setup_tock_config(&self) -> Result<(), ErrorCode>
pub fn setup_tock_config(&self) -> Result<(), ErrorCode>
Setup the device keys and config
This will only work on an unlocked device and will lock the device!
The slots will be configured as below
Slot 0: 0x2083
- ReadKey: External signatures of arbitrary messages are enabled
Internal signatures of messages generated by GenDig or GenKey are enabled
- IsSecret: The contents of this slot are secret
- WriteConfig: PubInvalid
Key Config: 0x33
- Private: The key slot contains an ECC private key
- PubInfo: The public version of this key can always be generated
- KeyType: P256 NIST ECC key
- Lockable: Slot can be individually locked using the Lock command
Slot 1: 0x2083
- ReadKey: External signatures of arbitrary messages are enabled
Internal signatures of messages generated by GenDig or GenKey are enabled
- IsSecret: The contents of this slot are secret
- WriteConfig: PubInvalid
Key Config: 0x33
- Private: The key slot contains an ECC private key
- PubInfo: The public version of this key can always be generated
- KeyType: P256 NIST ECC key
- Lockable: Slot can be individually locked using the Lock command
Slot 2:
- ReadKey: Then this slot can be the source for the CheckMac/Copy operation
- WriteConfig: Always
Sourcepub fn lock_zone_config(&self) -> Result<(), ErrorCode>
pub fn lock_zone_config(&self) -> Result<(), ErrorCode>
Lock the zone config
Sourcepub fn create_key_pair(&self, slot: u16) -> Result<(), ErrorCode>
pub fn create_key_pair(&self, slot: u16) -> Result<(), ErrorCode>
Create a key pair in the slot
Sourcepub fn get_public_key(
&'a self,
_slot: u16,
) -> Result<&'a OptionalCell<[u8; 64]>, ErrorCode>
pub fn get_public_key( &'a self, _slot: u16, ) -> Result<&'a OptionalCell<[u8; 64]>, ErrorCode>
Retrieve the public key from the slot.
This can be called only after create_key_pair()
has completed
Sourcepub fn set_public_key(
&'a self,
public_key: Option<&'static mut [u8; 64]>,
) -> Option<&'static mut [u8; 64]>
pub fn set_public_key( &'a self, public_key: Option<&'static mut [u8; 64]>, ) -> Option<&'static mut [u8; 64]>
Set the public key to use for the verify
command, if using an
external key.
This will return the previous key if one was stored. Pass in
None
to retrieve the key without providing a new one.
Sourcepub fn lock_data_and_otp(&self) -> Result<(), ErrorCode>
pub fn lock_data_and_otp(&self) -> Result<(), ErrorCode>
Lock the data and OTP
Sourcepub fn lock_slot0(&self) -> Result<(), ErrorCode>
pub fn lock_slot0(&self) -> Result<(), ErrorCode>
Lock the slot0 config
Sourcepub fn device_locked(&self) -> bool
pub fn device_locked(&self) -> bool
Check is the device configuration is locked
Trait Implementations§
Source§impl<'a> DigestData<'a, 32> for Atecc508a<'a>
impl<'a> DigestData<'a, 32> for Atecc508a<'a>
Source§fn clear_data(&self)
fn clear_data(&self)
This will reset the device to clear the data
This is an async operation though, as it requires the I2C operation
to complete and the I2C callback to occur, but the clear_data()
definition is syncronous, so this can race.
Source§fn set_data_client(&'a self, _client: &'a dyn ClientData<32>)
fn set_data_client(&'a self, _client: &'a dyn ClientData<32>)
add_data_done
and add_mut_data_done
callbacks.Source§fn add_data(
&self,
data: SubSlice<'static, u8>,
) -> Result<(), (ErrorCode, SubSlice<'static, u8>)>
fn add_data( &self, data: SubSlice<'static, u8>, ) -> Result<(), (ErrorCode, SubSlice<'static, u8>)>
Ok
indicates all of the active bytes in data
will be added.
There is no guarantee the data has been added to the digest
until the add_data_done()
callback is called. On error the
cause of the error is returned along with the SubSlice
unchanged (it has the same range of active bytes as the call).
Valid ErrorCode
values are: Read moreSource§fn add_mut_data(
&self,
data: SubSliceMut<'static, u8>,
) -> Result<(), (ErrorCode, SubSliceMut<'static, u8>)>
fn add_mut_data( &self, data: SubSliceMut<'static, u8>, ) -> Result<(), (ErrorCode, SubSliceMut<'static, u8>)>
Ok
indicates all of the active bytes in data
will be added.
There is no guarantee the data has been added to the digest
until the add_mut_data_done()
callback is called. On error
the cause of the error is returned along with the
SubSlice unchanged (it has the same range of active
bytes as the call). Valid ErrorCode
values are: Read moreSource§impl<'a> DigestDataHash<'a, 32> for Atecc508a<'a>
impl<'a> DigestDataHash<'a, 32> for Atecc508a<'a>
Source§fn set_client(&'a self, client: &'a dyn ClientDataHash<32>)
fn set_client(&'a self, client: &'a dyn ClientDataHash<32>)
hash_done()
and
add_data_done()
callbacks.Source§impl<'a> DigestHash<'a, 32> for Atecc508a<'a>
impl<'a> DigestHash<'a, 32> for Atecc508a<'a>
Source§fn set_hash_client(&'a self, _client: &'a dyn ClientHash<32>)
fn set_hash_client(&'a self, _client: &'a dyn ClientHash<32>)
hash_done()
callback.Source§fn run(
&'a self,
digest: &'static mut [u8; 32],
) -> Result<(), (ErrorCode, &'static mut [u8; 32])>
fn run( &'a self, digest: &'static mut [u8; 32], ) -> Result<(), (ErrorCode, &'static mut [u8; 32])>
add_data
and
add_data_mut
, storing the computed value in digest
. The
computed value is returned in a hash_done
callback. On
error the return value will contain a return code and the
slice passed in digest
. Valid ErrorCode
values are: Read moreSource§impl<'a> SignatureVerify<'a, 32, 64> for Atecc508a<'a>
impl<'a> SignatureVerify<'a, 32, 64> for Atecc508a<'a>
Source§fn verify(
&self,
hash: &'static mut [u8; 32],
signature: &'static mut [u8; 64],
) -> Result<(), (ErrorCode, &'static mut [u8; 32], &'static mut [u8; 64])>
fn verify( &self, hash: &'static mut [u8; 32], signature: &'static mut [u8; 64], ) -> Result<(), (ErrorCode, &'static mut [u8; 32], &'static mut [u8; 64])>
Check the signature against the external public key loaded via
set_public_key()
.
Verifying that a message was signed by the device is not support yet.
Source§fn set_verify_client(&self, client: &'a dyn ClientVerify<32, 64>)
fn set_verify_client(&self, client: &'a dyn ClientVerify<32, 64>)
verification_done()
callback.