CDC Badge OS
Firmware for the CDC Badge v1.0 hardware security key
Loading...
Searching...
No Matches
ISecureElement Class Referenceabstract

#include <ISecureElement.h>

Inheritance diagram for ISecureElement:
cdc::core::IService cdc::hal::SecureElementStub cdc::hal::Tropic01Element

Public Member Functions

virtual ~ISecureElement ()=default
virtual bool sessionStart ()=0
virtual void sessionEnd ()=0
virtual bool isSessionActive () const=0
virtual void sleep ()=0
virtual SeResult eccGenerate (uint8_t slot, EccCurve curve)=0
virtual SeResult eccImport (uint8_t slot, const uint8_t *privKey, EccCurve curve)=0
virtual SeResult eccGetPublicKey (uint8_t slot, uint8_t *pubKey, EccCurve *curve=nullptr)=0
virtual SeResult eccDelete (uint8_t slot)=0
virtual bool eccSlotUsed (uint8_t slot) const=0
virtual SeResult ecdsaSign (uint8_t slot, const uint8_t *msg, size_t msgLen, uint8_t *sig, size_t *sigLen)=0
virtual SeResult eddsaSign (uint8_t slot, const uint8_t *msg, size_t msgLen, uint8_t *sig)=0
virtual SeResult rmemRead (uint16_t slot, uint8_t *data, uint16_t maxLen, uint16_t *actualLen)=0
virtual SeResult rmemWrite (uint16_t slot, const uint8_t *data, uint16_t len)=0
virtual SeResult rmemErase (uint16_t slot)=0
virtual bool rmemSlotUsed (uint16_t slot) const=0
struct __attribute__ ((packed)) RMemHeader
virtual SeResult rmemWriteWithHeader (uint16_t slot, uint8_t moduleId, const char *name, uint8_t flags, const uint8_t *payload, uint16_t payloadLen)=0
virtual SeResult rmemReadWithHeader (uint16_t slot, RMemHeader *headerOut, uint8_t *payloadOut, uint16_t payloadMax, uint16_t *payloadLenOut)=0
virtual bool getRandom (uint8_t *buffer, uint16_t size)=0
virtual bool getRandomStrict (uint8_t *buffer, uint16_t size)=0
virtual bool getChipId (uint8_t *serialNum, uint8_t size)=0
virtual bool getFwVersion (uint8_t riscvVer[4], uint8_t spectVer[4])=0
virtual uint16_t getRmemSlotSize () const=0
Public Member Functions inherited from cdc::core::IService
virtual ~IService ()=default
virtual bool init ()=0
virtual bool start ()=0
virtual void stop ()=0
virtual ServiceState getState () const =0
virtual const char * getName () const =0

Static Public Attributes

static constexpr uint8_t ECC_SLOT_COUNT = 32
static constexpr uint16_t RMEM_SLOT_COUNT = 512
static constexpr uint16_t RMEM_SLOT_SIZE = 444
static constexpr uint16_t RMEM_SLOT_SIZE_MAX = 475
static constexpr uint8_t RMEM_NAME_LEN = 16

Detailed Description

Secure Element interface (TROPIC01)

Provides:

  • ECC key storage (32 slots)
  • ECDSA/EdDSA signing
  • R-Memory storage (512 slots, 476 bytes each)
  • Hardware TRNG

Definition at line 58 of file ISecureElement.h.

Constructor & Destructor Documentation

◆ ~ISecureElement()

virtual cdc::hal::ISecureElement::~ISecureElement ( )
virtualdefault

Member Function Documentation

◆ __attribute__()

struct cdc::hal::ISecureElement::__attribute__ ( (packed) )
inline

Definition at line 183 of file ISecureElement.h.

◆ eccDelete()

virtual SeResult cdc::hal::ISecureElement::eccDelete ( uint8_t slot)
pure virtual

Delete key from slot

◆ eccGenerate()

virtual SeResult cdc::hal::ISecureElement::eccGenerate ( uint8_t slot,
EccCurve curve )
pure virtual

Generate new ECC key pair

Parameters
slotSlot number (0-31)
curveCurve type

◆ eccGetPublicKey()

virtual SeResult cdc::hal::ISecureElement::eccGetPublicKey ( uint8_t slot,
uint8_t * pubKey,
EccCurve * curve = nullptr )
pure virtual

Get public key from slot

Parameters
slotSlot number
pubKeyOutput buffer (65 bytes for P256, 32 for Ed25519)
curveOutput: curve type of key

◆ eccImport()

virtual SeResult cdc::hal::ISecureElement::eccImport ( uint8_t slot,
const uint8_t * privKey,
EccCurve curve )
pure virtual

Import existing private key

Parameters
slotSlot number
privKeyPrivate key bytes (32 bytes)
curveCurve type

◆ eccSlotUsed()

virtual bool cdc::hal::ISecureElement::eccSlotUsed ( uint8_t slot) const
pure virtual

Check if slot has a key

◆ ecdsaSign()

virtual SeResult cdc::hal::ISecureElement::ecdsaSign ( uint8_t slot,
const uint8_t * msg,
size_t msgLen,
uint8_t * sig,
size_t * sigLen )
pure virtual

ECDSA signature (P-256). Implementation hashes the message internally with SHA-256; callers MUST NOT pre-hash.

Parameters
slotKey slot
Message transfer (badge-to-badge)Message to sign (arbitrary length)
msgLenMessage length in bytes
sigOutput signature (raw R||S, 64 bytes)
sigLenOutput signature length

◆ eddsaSign()

virtual SeResult cdc::hal::ISecureElement::eddsaSign ( uint8_t slot,
const uint8_t * msg,
size_t msgLen,
uint8_t * sig )
pure virtual

EdDSA signature (Ed25519)

Parameters
slotKey slot
Message transfer (badge-to-badge)Message to sign
msgLenMessage length
sigOutput signature (64 bytes)

◆ getChipId()

virtual bool cdc::hal::ISecureElement::getChipId ( uint8_t * serialNum,
uint8_t size )
pure virtual

Get chip serial number

◆ getFwVersion()

virtual bool cdc::hal::ISecureElement::getFwVersion ( uint8_t riscvVer[4],
uint8_t spectVer[4] )
pure virtual

Get firmware version. Buffers receive the 4-byte version as reported by the chip: index 3 = major, 2 = minor, 1 = patch, 0 = build.

◆ getRandom()

virtual bool cdc::hal::ISecureElement::getRandom ( uint8_t * buffer,
uint16_t size )
pure virtual

Get random bytes from hardware TRNG, with ESP32 TRNG fallback when the secure-element session is unavailable. A WARN is logged on fallback.

Parameters
bufferOutput buffer
sizeNumber of bytes
Returns
true if the buffer was filled (from either source)

◆ getRandomStrict()

virtual bool cdc::hal::ISecureElement::getRandomStrict ( uint8_t * buffer,
uint16_t size )
pure virtual

Get random bytes from hardware TRNG without falling back. Returns false (and leaves the buffer untouched) when the TROPIC TRNG cannot be reached or returns an error. Use for keys/seeds where software RNG is unacceptable.

Parameters
bufferOutput buffer
sizeNumber of bytes
Returns
true only when bytes originated from the secure-element TRNG

◆ getRmemSlotSize()

virtual uint16_t cdc::hal::ISecureElement::getRmemSlotSize ( ) const
pure virtual

Get the user-data R-Memory slot size in bytes as reported by the chip for the running Application FW. Always >= RMEM_SLOT_SIZE and <= RMEM_SLOT_SIZE_MAX.

◆ isSessionActive()

virtual bool cdc::hal::ISecureElement::isSessionActive ( ) const
pure virtual

Check if session is active

◆ rmemErase()

virtual SeResult cdc::hal::ISecureElement::rmemErase ( uint16_t slot)
pure virtual

Erase R-Memory slot

◆ rmemRead()

virtual SeResult cdc::hal::ISecureElement::rmemRead ( uint16_t slot,
uint8_t * data,
uint16_t maxLen,
uint16_t * actualLen )
pure virtual

Read from R-Memory slot

Parameters
slotSlot number (0-511)
dataOutput buffer
maxLenBuffer size
actualLenOutput: actual data length

◆ rmemReadWithHeader()

virtual SeResult cdc::hal::ISecureElement::rmemReadWithHeader ( uint16_t slot,
RMemHeader * headerOut,
uint8_t * payloadOut,
uint16_t payloadMax,
uint16_t * payloadLenOut )
pure virtual

Read R-Memory slot with common header + payload

◆ rmemSlotUsed()

virtual bool cdc::hal::ISecureElement::rmemSlotUsed ( uint16_t slot) const
pure virtual

Check if R-Memory slot has data

◆ rmemWrite()

virtual SeResult cdc::hal::ISecureElement::rmemWrite ( uint16_t slot,
const uint8_t * data,
uint16_t len )
pure virtual

Write to R-Memory slot

Parameters
slotSlot number
dataData to write
lenData length (max 476 bytes)

◆ rmemWriteWithHeader()

virtual SeResult cdc::hal::ISecureElement::rmemWriteWithHeader ( uint16_t slot,
uint8_t moduleId,
const char * name,
uint8_t flags,
const uint8_t * payload,
uint16_t payloadLen )
pure virtual

Write R-Memory slot with common header + payload

◆ sessionEnd()

virtual void cdc::hal::ISecureElement::sessionEnd ( )
pure virtual

End secure session

◆ sessionStart()

virtual bool cdc::hal::ISecureElement::sessionStart ( )
pure virtual

Start secure session (required before operations)

◆ sleep()

virtual void cdc::hal::ISecureElement::sleep ( )
pure virtual

Put chip to sleep

Member Data Documentation

◆ ECC_SLOT_COUNT

uint8_t cdc::hal::ISecureElement::ECC_SLOT_COUNT = 32
staticconstexpr

Definition at line 61 of file ISecureElement.h.

◆ RMEM_NAME_LEN

uint8_t cdc::hal::ISecureElement::RMEM_NAME_LEN = 16
staticconstexpr

Definition at line 70 of file ISecureElement.h.

◆ RMEM_SLOT_COUNT

uint16_t cdc::hal::ISecureElement::RMEM_SLOT_COUNT = 512
staticconstexpr

Definition at line 62 of file ISecureElement.h.

◆ RMEM_SLOT_SIZE

uint16_t cdc::hal::ISecureElement::RMEM_SLOT_SIZE = 444
staticconstexpr

Definition at line 67 of file ISecureElement.h.

◆ RMEM_SLOT_SIZE_MAX

uint16_t cdc::hal::ISecureElement::RMEM_SLOT_SIZE_MAX = 475
staticconstexpr

Definition at line 69 of file ISecureElement.h.

The documentation for this class was generated from the following file: