1
0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2024-12-29 01:09:47 +01:00
RIOT/examples/psa_crypto
mguetschow 3255b95937
Merge pull request #20598 from mguetschow/psa-hashes-sha512-truncated
sys/psa_crypto: SHA-{384,512/{224,256}}
2024-05-17 09:20:03 +00:00
..
tests examples: Add PSA Crypto example 2023-09-04 09:58:49 +02:00
app.config.base *psa_crypto: Adapt tests/examples with removed Kconfig 2024-03-27 10:28:13 +01:00
app.config.multi_se *psa_crypto: Adapt tests/examples with removed Kconfig 2024-03-27 10:28:13 +01:00
app.config.se *psa_crypto: Adapt tests/examples with removed Kconfig 2024-03-27 10:28:13 +01:00
custom_atca_params.h examples: Add PSA Crypto example 2023-09-04 09:58:49 +02:00
example_cipher_aes_128.c examples: Add PSA Crypto example 2023-09-04 09:58:49 +02:00
example_ecdsa_p256.c sys/psa_crypto: correct use of (ECDSA) key_bits 2024-05-14 17:02:46 +02:00
example_eddsa.c sys/psa_crypto: add support for Ed25519 (EdDSA) 2023-10-09 10:21:44 +02:00
example_hash.c examples/psa_crypto: hash example 2024-05-14 17:06:39 +02:00
example_hmac_sha256.c examples: Add PSA Crypto example 2023-09-04 09:58:49 +02:00
main.c examples/psa_crypto: hash example 2024-05-14 17:06:39 +02:00
Makefile examples/psa_crypto: hash example 2024-05-14 17:06:39 +02:00
Makefile.ci boards/weact-g030f6: add new board 2024-02-05 00:45:42 +01:00
README.md *psa_crypto: Adapt tests/examples with removed Kconfig 2024-03-27 10:28:13 +01:00

Example Applications for PSA Crypto

This example application is supposed to show two things:

  1. How to use basic functions of the PSA Crypto API
  2. How to configure the implementation with Kconfig dependency resolution vs. Make dependency resolution

Basic usage of PSA Crypto

There are four example operations:

  • AES 128 CBC
  • HMAC SHA256
  • ECDSA with a P256 curve
  • EdDSA with the Ed25519 curve

Each comes in its own sourcefile called example_<operation>.c. To see which functions to call to perform each operations, please read the code.

The application measures the processing times of the example operations. The table below shows the expected runtime values for software and hardware backends as well as secure elements, measured on the nRF52840dk (this is only to show the expected difference, values will differ on other platforms).

Operations Backends Runtime [us]
HMAC SHA256 CryptoCell 310 282
RIOT Hashes 468
ATECC608A 56376
AES 128 CBC CryptoCell 310 140
RIOT Cipher 295
ATECC608A 68819
ECDSA P256 CryptoCell 310 60931
Micro-ECC 522424
ATECC608A 285542

Configuration of the API

The module selection must be done with Make but the compile-time configuration settings can be done with Kconfig and menuconfig.

If you build this without specifying anything, PSA Crypto will automatically choose a default crypto backend depending on the platform you're building for. For example when your platform is native, software implementations are built. When you specify BOARD=nrf52840dk, the hardware accelerator of the board will be built.

Instead of or in addition to the default and custom implementations you can use a secure element as a backend (see Section Using Secure Elements. Secure elements are independent of the other backends. In this application, when you choose secure elements, they are built instead of the other backends.

Please note that the build options CUSTOM_BACKEND and SECURE_ELEMENT only apply to this specific application and have nothing to do with the PSA implementation.

Using Secure Elements

NOTE: Currently this implementation only supports Microchip ATECCX08A devices. Those devices need to be configured and locked to be able to correctly use them. This implementation assumes that you have done that and that you know your device's configuration.

You can build this app either with one secure element or two secure elements (SECURE_ELEMENT=1 or SECURE_ELEMENT=2). To be able to use your device, make sure, you've completed the following procedure.

In the application folder you can find a file called custom_atca_params.h, which overwrites the device parameters in atca_params.h in the cryptoauthlib package folder. To use more than one secure element, you need to specify device parameters for both of them. This application assumes that you connect two devices with different I2C addresses on the same I2C bus. Alternatively you can connect two devices with the same address on separate buses. You can modify custom_atca_params.h according to your device configurations and requirements.

For PSA Crypto, you also need to define a location value. Here these are defined as PSA_ATCA_LOCATION_DEV0 and PSA_ATCA_LOCATION_DEV1. They can be any value between PSA_KEY_LOCATION_SE_MIN and PSA_KEY_LOCATION_SE_MAX. A special value is PSA_KEY_LOCATION_PRIMARY_SECURE_ELEMENT, which can be used when only one secure element is needed.

Below the ATCA_PARAMS definitions, you can see the slot configurations. Here you need to specify for each connected secure element what kind of key can be stored in which slot, and whether a slot is already occupied. The structure is declared in pkg/cryptoauthlib/include/atca.h and contains the following elements:

  1. key_type_allowed (takes psa_key_type_t)
  2. key_persistent (is 0, can be ignored for now, since PSA does not yet support persistent storage)
  3. slot_occupied (should be 0 at start up, PSA will use this to mark slots as occupied)

The list in custom_atca_params.h contains an example configuration. If your device configuration is not compatible, you'll need to change the values as necessary. This is required, so the implementation can allocate free key slots and can generate and import new keys. If the device configuration does not match the values in the list or if your key slots are not writeable, you will get execution errors.

The current implementation does not support the use of keys that are already stored on the device.

Note

If you need more information about the build options, please refer to the API documentation.