CryptoAuthLib v3.7.6
Microchip CryptoAuthentication Library
 
Loading...
Searching...
No Matches
atca_basic.h File Reference

CryptoAuthLib Basic API methods - a simple crypto authentication API. These methods manage a global ATCADevice object behind the scenes. They also manage the wake/idle state transitions so callers don't need to. More...

Macros

#define atcab_get_addr(...)   calib_get_addr(__VA_ARGS__)
 
#define atca_execute_command(...)   calib_execute_command(__VA_ARGS__)
 
#define SHA_CONTEXT_MAX_SIZE   (109)
 

Functions

ATCA_STATUS atcab_version (char *ver_str)
 basic API methods are all prefixed with atcab_ (CryptoAuthLib Basic) the fundamental premise of the basic API is it is based on a single interface instance and that instance is global, so all basic API commands assume that one global device is the one to operate on.
 
ATCA_STATUS atcab_init_ext (ATCADevice *device, ATCAIfaceCfg *cfg)
 Creates and initializes a ATCADevice context.
 
ATCA_STATUS atcab_init (ATCAIfaceCfg *cfg)
 Creates a global ATCADevice object used by Basic API.
 
ATCA_STATUS atcab_init_device (ATCADevice ca_device)
 Initialize the global ATCADevice object to point to one of your choosing for use with all the atcab_ basic API.
 
ATCA_STATUS atcab_release_ext (ATCADevice *device)
 release (free) the an ATCADevice instance.
 
ATCA_STATUS atcab_release (void)
 release (free) the global ATCADevice instance. This must be called in order to release or free up the interface.
 
ATCADevice atcab_get_device (void)
 Get the global device object.
 
ATCADeviceType atcab_get_device_type_ext (ATCADevice device)
 Get the selected device type of rthe device context.
 
ATCADeviceType atcab_get_device_type (void)
 Get the current device type configured for the global ATCADevice.
 
uint8_t atcab_get_device_address (ATCADevice device)
 Get the current device address based on the configured device and interface.
 
bool atcab_is_ca_device (ATCADeviceType dev_type)
 Check whether the device is cryptoauth device.
 
bool atcab_is_ca2_device (ATCADeviceType dev_type)
 Check whether the device is cryptoauth device.
 
bool atcab_is_ta_device (ATCADeviceType dev_type)
 Check whether the device is Trust Anchor device.
 
ATCA_STATUS atcab_pbkdf2_sha256_ext (ATCADevice device, const uint32_t iter, const uint16_t slot, const uint8_t *salt, const size_t salt_len, uint8_t *result, size_t result_len)
 
ATCA_STATUS atcab_pbkdf2_sha256 (const uint32_t iter, const uint16_t slot, const uint8_t *salt, const size_t salt_len, uint8_t *result, size_t result_len)
 
ATCA_STATUS atcab_wakeup (void)
 wakeup the CryptoAuth device
 
ATCA_STATUS atcab_idle (void)
 idle the CryptoAuth device
 
ATCA_STATUS atcab_sleep (void)
 invoke sleep on the CryptoAuth device
 
ATCA_STATUS atcab_get_zone_size (uint8_t zone, uint16_t slot, size_t *size)
 Gets the size of the specified zone in bytes.
 
ATCA_STATUS atcab_get_zone_size_ext (ATCADevice device, uint8_t zone, uint16_t slot, size_t *size)
 Gets the size of the specified zone in bytes.
 
ATCA_STATUS atcab_aes (uint8_t mode, uint16_t key_id, const uint8_t *aes_in, uint8_t *aes_out)
 Compute the AES-128 encrypt, decrypt, or GFM calculation.
 
ATCA_STATUS atcab_aes_encrypt (uint16_t key_id, uint8_t key_block, const uint8_t *plaintext, uint8_t *ciphertext)
 Perform an AES-128 encrypt operation with a key in the device.
 
ATCA_STATUS atcab_aes_encrypt_ext (ATCADevice device, uint16_t key_id, uint8_t key_block, const uint8_t *plaintext, uint8_t *ciphertext)
 Perform an AES-128 encrypt operation with a key in the device.
 
ATCA_STATUS atcab_aes_decrypt (uint16_t key_id, uint8_t key_block, const uint8_t *ciphertext, uint8_t *plaintext)
 Perform an AES-128 decrypt operation with a key in the device.
 
ATCA_STATUS atcab_aes_decrypt_ext (ATCADevice device, uint16_t key_id, uint8_t key_block, const uint8_t *ciphertext, uint8_t *plaintext)
 Perform an AES-128 decrypt operation with a key in the device.
 
ATCA_STATUS atcab_aes_gfm (const uint8_t *h, const uint8_t *input, uint8_t *output)
 Perform a Galois Field Multiply (GFM) operation.
 
ATCA_STATUS atcab_aes_gcm_init (atca_aes_gcm_ctx_t *ctx, uint16_t key_id, uint8_t key_block, const uint8_t *iv, size_t iv_size)
 Initialize context for AES GCM operation with an existing IV, which is common when starting a decrypt operation.
 
ATCA_STATUS atcab_aes_gcm_init_ext (ATCADevice device, atca_aes_gcm_ctx_t *ctx, uint16_t key_id, uint8_t key_block, const uint8_t *iv, size_t iv_size)
 Initialize context for AES GCM operation with an existing IV, which is common when starting a decrypt operation.
 
ATCA_STATUS atcab_aes_gcm_init_rand (atca_aes_gcm_ctx_t *ctx, uint16_t key_id, uint8_t key_block, size_t rand_size, const uint8_t *free_field, size_t free_field_size, uint8_t *iv)
 Initialize context for AES GCM operation with a IV composed of a random and optional fixed(free) field, which is common when starting an encrypt operation.
 
ATCA_STATUS atcab_aes_gcm_aad_update (atca_aes_gcm_ctx_t *ctx, const uint8_t *aad, uint32_t aad_size)
 Process Additional Authenticated Data (AAD) using GCM mode and a key within the ATECC608 device.
 
ATCA_STATUS atcab_aes_gcm_aad_update_ext (ATCADevice device, atca_aes_gcm_ctx_t *ctx, const uint8_t *aad, uint32_t aad_size)
 Process Additional Authenticated Data (AAD) using GCM mode and a key within the ATECC608 device.
 
ATCA_STATUS atcab_aes_gcm_encrypt_update (atca_aes_gcm_ctx_t *ctx, const uint8_t *plaintext, uint32_t plaintext_size, uint8_t *ciphertext)
 Encrypt data using GCM mode and a key within the ATECC608 device. atcab_aes_gcm_init() or atcab_aes_gcm_init_rand() should be called before the first use of this function.
 
ATCA_STATUS atcab_aes_gcm_encrypt_update_ext (ATCADevice device, atca_aes_gcm_ctx_t *ctx, const uint8_t *plaintext, uint32_t plaintext_size, uint8_t *ciphertext)
 Encrypt data using GCM mode and a key within the ATECC608 device. atcab_aes_gcm_init() or atcab_aes_gcm_init_rand() should be called before the first use of this function.
 
ATCA_STATUS atcab_aes_gcm_encrypt_finish (atca_aes_gcm_ctx_t *ctx, uint8_t *tag, size_t tag_size)
 Complete a GCM encrypt operation returning the authentication tag.
 
ATCA_STATUS atcab_aes_gcm_encrypt_finish_ext (ATCADevice device, atca_aes_gcm_ctx_t *ctx, uint8_t *tag, size_t tag_size)
 Complete a GCM encrypt operation returning the authentication tag.
 
ATCA_STATUS atcab_aes_gcm_decrypt_update (atca_aes_gcm_ctx_t *ctx, const uint8_t *ciphertext, uint32_t ciphertext_size, uint8_t *plaintext)
 Decrypt data using GCM mode and a key within the ATECC608 device. atcab_aes_gcm_init() or atcab_aes_gcm_init_rand() should be called before the first use of this function.
 
ATCA_STATUS atcab_aes_gcm_decrypt_update_ext (ATCADevice device, atca_aes_gcm_ctx_t *ctx, const uint8_t *ciphertext, uint32_t ciphertext_size, uint8_t *plaintext)
 Decrypt data using GCM mode and a key within the ATECC608 device. atcab_aes_gcm_init() or atcab_aes_gcm_init_rand() should be called before the first use of this function.
 
ATCA_STATUS atcab_aes_gcm_decrypt_finish (atca_aes_gcm_ctx_t *ctx, const uint8_t *tag, size_t tag_size, bool *is_verified)
 Complete a GCM decrypt operation verifying the authentication tag.
 
ATCA_STATUS atcab_aes_gcm_decrypt_finish_ext (ATCADevice device, atca_aes_gcm_ctx_t *ctx, const uint8_t *tag, size_t tag_size, bool *is_verified)
 Complete a GCM decrypt operation verifying the authentication tag.
 
ATCA_STATUS atcab_checkmac (uint8_t mode, uint16_t key_id, const uint8_t *challenge, const uint8_t *response, const uint8_t *other_data)
 Compares a MAC response with input values.
 
ATCA_STATUS atcab_checkmac_with_response_mac (uint8_t mode, const uint8_t *challenge, const uint8_t *response, const uint8_t *other_data, uint8_t *mac)
 Compares a MAC response with input values.SHA105 device can generate optional mac Output response mac mode only supports in SHA105 device.
 
ATCA_STATUS atcab_counter (uint8_t mode, uint16_t counter_id, uint32_t *counter_value)
 Compute the Counter functions.
 
ATCA_STATUS atcab_counter_increment (uint16_t counter_id, uint32_t *counter_value)
 Increments one of the device's monotonic counters.
 
ATCA_STATUS atcab_counter_read (uint16_t counter_id, uint32_t *counter_value)
 Read one of the device's monotonic counters.
 
ATCA_STATUS atcab_derivekey (uint8_t mode, uint16_t key_id, const uint8_t *mac)
 Executes the DeviveKey command for deriving a new key from a nonce (TempKey) and an existing key.
 
ATCA_STATUS atcab_derivekey_ext (ATCADevice device, uint8_t mode, uint16_t key_id, const uint8_t *mac)
 Executes the DeviveKey command for deriving a new key from a nonce (TempKey) and an existing key.
 
ATCA_STATUS atcab_ecdh_base (uint8_t mode, uint16_t key_id, const uint8_t *public_key, uint8_t *pms, uint8_t *out_nonce)
 Base function for generating premaster secret key using ECDH.
 
ATCA_STATUS atcab_ecdh (uint16_t key_id, const uint8_t *public_key, uint8_t *pms)
 ECDH command with a private key in a slot and the premaster secret is returned in the clear.
 
ATCA_STATUS atcab_ecdh_enc (uint16_t key_id, const uint8_t *public_key, uint8_t *pms, const uint8_t *read_key, uint16_t read_key_id, const uint8_t num_in[(20)])
 ECDH command with a private key in a slot and the premaster secret is read from the next slot.
 
ATCA_STATUS atcab_ecdh_ioenc (uint16_t key_id, const uint8_t *public_key, uint8_t *pms, const uint8_t *io_key)
 ECDH command with a private key in a slot and the premaster secret is returned encrypted using the IO protection key.
 
ATCA_STATUS atcab_ecdh_tempkey (const uint8_t *public_key, uint8_t *pms)
 ECDH command with a private key in TempKey and the premaster secret is returned in the clear.
 
ATCA_STATUS atcab_ecdh_tempkey_ioenc (const uint8_t *public_key, uint8_t *pms, const uint8_t *io_key)
 ECDH command with a private key in TempKey and the premaster secret is returned encrypted using the IO protection key.
 
ATCA_STATUS atcab_gendig (uint8_t zone, uint16_t key_id, const uint8_t *other_data, uint8_t other_data_size)
 Issues a GenDig command, which performs a SHA256 hash on the source data indicated by zone with the contents of TempKey. See the CryptoAuth datasheet for your chip to see what the values of zone correspond to.
 
ATCA_STATUS atcab_gendivkey (const uint8_t *other_data)
 Issues a GenDivKey command to generate the equivalent diversified key as that programmed into the client side device.
 
ATCA_STATUS atcab_genkey_base (uint8_t mode, uint16_t key_id, const uint8_t *other_data, uint8_t *public_key)
 Issues GenKey command, which can generate a private key, compute a public key, nd/or compute a digest of a public key.
 
ATCA_STATUS atcab_genkey (uint16_t key_id, uint8_t *public_key)
 Issues GenKey command, which generates a new random private key in slot/handle and returns the public key.
 
ATCA_STATUS atcab_genkey_ext (ATCADevice device, uint16_t key_id, uint8_t *public_key)
 Issues GenKey command, which generates a new random private key in slot/handle and returns the public key.
 
ATCA_STATUS atcab_get_pubkey (uint16_t key_id, uint8_t *public_key)
 Uses GenKey command to calculate the public key from an existing private key in a slot.
 
ATCA_STATUS atcab_get_pubkey_ext (ATCADevice device, uint16_t key_id, uint8_t *public_key)
 Uses GenKey command to calculate the public key from an existing private key in a slot.
 
ATCA_STATUS atcab_hmac (uint8_t mode, uint16_t key_id, uint8_t *digest)
 Issues a HMAC command, which computes an HMAC/SHA-256 digest of a key stored in the device, a challenge, and other information on the device.
 
ATCA_STATUS atcab_info_base (uint8_t mode, uint16_t param2, uint8_t *out_data)
 Issues an Info command, which return internal device information and can control GPIO and the persistent latch.
 
ATCA_STATUS atcab_info (uint8_t *revision)
 Use the Info command to get the device revision (DevRev).
 
ATCA_STATUS atcab_info_ext (ATCADevice device, uint8_t *revision)
 Use the Info command to get the device revision (DevRev).
 
ATCA_STATUS atcab_info_lock_status (uint16_t param2, uint8_t *is_locked)
 Use the Info command to get the lock status.
 
ATCA_STATUS atcab_info_chip_status (uint8_t *chip_status)
 Use the Info command to get the chip status.
 
ATCA_STATUS atcab_info_set_latch (bool state)
 Use the Info command to set the persistent latch state for an ATECC608 device.
 
ATCA_STATUS atcab_info_get_latch (bool *state)
 Use the Info command to get the persistent latch current state for an ATECC608 device.
 
ATCA_STATUS atcab_kdf (uint8_t mode, uint16_t key_id, const uint32_t details, const uint8_t *message, uint8_t *out_data, uint8_t *out_nonce)
 Executes the KDF command, which derives a new key in PRF, AES, or HKDF modes.
 
ATCA_STATUS atcab_lock (uint8_t mode, uint16_t summary_crc)
 The Lock command prevents future modifications of the Configuration and/or Data and OTP zones. If the device is so configured, then this command can be used to lock individual data slots. This command fails if the designated area is already locked.
 
ATCA_STATUS atcab_lock_config_zone (void)
 Unconditionally (no CRC required) lock the config zone.
 
ATCA_STATUS atcab_lock_config_zone_ext (ATCADevice device)
 Unconditionally (no CRC required) lock the config zone.
 
ATCA_STATUS atcab_lock_config_zone_crc (uint16_t summary_crc)
 Lock the config zone with summary CRC.
 
ATCA_STATUS atcab_lock_data_zone (void)
 Unconditionally (no CRC required) lock the data zone (slots and OTP). for CryptoAuth devices and lock the setup for Trust Anchor device.
 
ATCA_STATUS atcab_lock_data_zone_ext (ATCADevice device)
 Unconditionally (no CRC required) lock the data zone (slots and OTP). for CryptoAuth devices and lock the setup for Trust Anchor device.
 
ATCA_STATUS atcab_lock_data_zone_crc (uint16_t summary_crc)
 Lock the data zone (slots and OTP) with summary CRC.
 
ATCA_STATUS atcab_lock_data_slot (uint16_t slot)
 Lock an individual slot in the data zone on an ATECC device. Not available for ATSHA devices. Slot must be configured to be slot lockable (KeyConfig.Lockable=1) (for cryptoauth devices) or Lock an individual handle in shared data element on an Trust Anchor device (for Trust Anchor devices).
 
ATCA_STATUS atcab_lock_data_slot_ext (ATCADevice device, uint16_t slot)
 Lock an individual slot in the data zone on an ATECC device. Not available for ATSHA devices. Slot must be configured to be slot lockable (KeyConfig.Lockable=1) (for cryptoauth devices) or Lock an individual handle in shared data element on an Trust Anchor device (for Trust Anchor devices).
 
ATCA_STATUS atcab_mac (uint8_t mode, uint16_t key_id, const uint8_t *challenge, uint8_t *digest)
 Executes MAC command, which computes a SHA-256 digest of a key stored in the device, a challenge, and other information on the device.
 
ATCA_STATUS atcab_nonce_base (uint8_t mode, uint16_t zero, const uint8_t *num_in, uint8_t *rand_out)
 Executes Nonce command, which loads a random or fixed nonce/data into the device for use by subsequent commands.
 
ATCA_STATUS atcab_nonce (const uint8_t *num_in)
 Execute a Nonce command in pass-through mode to initialize TempKey to a specified value.
 
ATCA_STATUS atcab_nonce_load (uint8_t target, const uint8_t *num_in, uint16_t num_in_size)
 Execute a Nonce command in pass-through mode to load one of the device's internal buffers with a fixed value.
 
ATCA_STATUS atcab_nonce_rand (const uint8_t *num_in, uint8_t *rand_out)
 Execute a Nonce command to generate a random nonce combining a host nonce (num_in) and a device random number.
 
ATCA_STATUS atcab_nonce_rand_ext (ATCADevice device, const uint8_t *num_in, uint8_t *rand_out)
 Execute a Nonce command to generate a random nonce combining a host nonce (num_in) and a device random number.
 
ATCA_STATUS atcab_challenge (const uint8_t *num_in)
 Execute a Nonce command in pass-through mode to initialize TempKey to a specified value.
 
ATCA_STATUS atcab_challenge_seed_update (const uint8_t *num_in, uint8_t *rand_out)
 Execute a Nonce command to generate a random challenge combining a host nonce (num_in) and a device random number.
 
ATCA_STATUS atcab_priv_write (uint16_t key_id, const uint8_t priv_key[36], uint16_t write_key_id, const uint8_t write_key[32], const uint8_t num_in[(20)])
 Executes PrivWrite command, to write externally generated ECC private keys into the device.
 
ATCA_STATUS atcab_random (uint8_t *rand_out)
 Executes Random command, which generates a 32 byte random number from the device.
 
ATCA_STATUS atcab_random_ext (ATCADevice device, uint8_t *rand_out)
 Executes Random command, which generates a 32 byte random number from the device.
 
ATCA_STATUS atcab_read_zone (uint8_t zone, uint16_t slot, uint8_t block, uint8_t offset, uint8_t *data, uint8_t len)
 Executes Read command, which reads either 4 or 32 bytes of data from a given slot, configuration zone, or the OTP zone.
 
ATCA_STATUS atcab_read_zone_ext (ATCADevice device, uint8_t zone, uint16_t slot, uint8_t block, uint8_t offset, uint8_t *data, uint8_t len)
 Executes Read command, which reads either 4 or 32 bytes of data from a given slot, configuration zone, or the OTP zone.
 
ATCA_STATUS atcab_is_locked (uint8_t zone, bool *is_locked)
 Executes Read command, which reads the configuration zone to see if the specified zone is locked.
 
ATCA_STATUS atcab_is_config_locked (bool *is_locked)
 This function check whether configuration zone is locked or not.
 
ATCA_STATUS atcab_is_config_locked_ext (ATCADevice device, bool *is_locked)
 This function check whether configuration zone is locked or not.
 
ATCA_STATUS atcab_is_data_locked (bool *is_locked)
 This function check whether data/setup zone is locked or not.
 
ATCA_STATUS atcab_is_data_locked_ext (ATCADevice device, bool *is_locked)
 This function check whether data/setup zone is locked or not.
 
ATCA_STATUS atcab_is_slot_locked (uint16_t slot, bool *is_locked)
 This function check whether slot/handle is locked or not.
 
ATCA_STATUS atcab_is_slot_locked_ext (ATCADevice device, uint16_t slot, bool *is_locked)
 This function check whether slot/handle is locked or not.
 
ATCA_STATUS atcab_is_private_ext (ATCADevice device, uint16_t slot, bool *is_private)
 Check to see if the key is a private key or not.
 
ATCA_STATUS atcab_is_private (uint16_t slot, bool *is_private)
 
ATCA_STATUS atcab_read_bytes_zone_ext (ATCADevice device, uint8_t zone, uint16_t slot, size_t offset, uint8_t *data, size_t length)
 
ATCA_STATUS atcab_read_bytes_zone (uint8_t zone, uint16_t slot, size_t offset, uint8_t *data, size_t length)
 Used to read an arbitrary number of bytes from any zone configured for clear reads.
 
ATCA_STATUS atcab_read_serial_number (uint8_t *serial_number)
 This function returns serial number of the device.
 
ATCA_STATUS atcab_read_serial_number_ext (ATCADevice device, uint8_t *serial_number)
 This function returns serial number of the device.
 
ATCA_STATUS atcab_read_pubkey (uint16_t slot, uint8_t *public_key)
 Executes Read command to read an ECC P256 public key from a slot configured for clear reads.
 
ATCA_STATUS atcab_read_pubkey_ext (ATCADevice device, uint16_t slot, uint8_t *public_key)
 Executes Read command to read an ECC P256 public key from a slot configured for clear reads.
 
ATCA_STATUS atcab_read_sig (uint16_t slot, uint8_t *sig)
 Executes Read command to read a 64 byte ECDSA P256 signature from a slot configured for clear reads.
 
ATCA_STATUS atcab_read_config_zone (uint8_t *config_data)
 Executes Read command to read the complete device configuration zone.
 
ATCA_STATUS atcab_read_config_zone_ext (ATCADevice device, uint8_t *config_data)
 Executes Read command to read the complete device configuration zone.
 
ATCA_STATUS atcab_cmp_config_zone (uint8_t *config_data, bool *same_config)
 Compares a specified configuration zone with the configuration zone currently on the device.
 
ATCA_STATUS atcab_read_enc (uint16_t key_id, uint8_t block, uint8_t *data, const uint8_t *enc_key, const uint16_t enc_key_id, const uint8_t num_in[(20)])
 Executes Read command on a slot configured for encrypted reads and decrypts the data to return it as plaintext.
 
ATCA_STATUS atcab_secureboot (uint8_t mode, uint16_t param2, const uint8_t *digest, const uint8_t *signature, uint8_t *mac)
 Executes Secure Boot command, which provides support for secure boot of an external MCU or MPU.
 
ATCA_STATUS atcab_secureboot_mac (uint8_t mode, const uint8_t *digest, const uint8_t *signature, const uint8_t *num_in, const uint8_t *io_key, bool *is_verified)
 Executes Secure Boot command with encrypted digest and validated MAC response using the IO protection key.
 
ATCA_STATUS atcab_selftest (uint8_t mode, uint16_t param2, uint8_t *result)
 Executes the SelfTest command, which performs a test of one or more of the cryptographic engines within the ATECC608 chip.
 
ATCA_STATUS atcab_sha_base (uint8_t mode, uint16_t length, const uint8_t *data_in, uint8_t *data_out, uint16_t *data_out_size)
 Executes SHA command, which computes a SHA-256 or HMAC/SHA-256 digest for general purpose use by the host system.
 
ATCA_STATUS atcab_sha_start (void)
 Executes SHA command to initialize SHA-256 calculation engine.
 
ATCA_STATUS atcab_sha_update (const uint8_t *message)
 Executes SHA command to add 64 bytes of message data to the current context.
 
ATCA_STATUS atcab_sha_end (uint8_t *digest, uint16_t length, const uint8_t *message)
 Executes SHA command to complete SHA-256 or HMAC/SHA-256 operation.
 
ATCA_STATUS atcab_sha_read_context (uint8_t *context, uint16_t *context_size)
 Executes SHA command to read the SHA-256 context back. Only for ATECC608 with SHA-256 contexts. HMAC not supported.
 
ATCA_STATUS atcab_sha_write_context (const uint8_t *context, uint16_t context_size)
 Executes SHA command to write (restore) a SHA-256 context into the the device. Only supported for ATECC608 with SHA-256 contexts.
 
ATCA_STATUS atcab_sha (uint16_t length, const uint8_t *message, uint8_t *digest)
 Use the SHA command to compute a SHA-256 digest.
 
ATCA_STATUS atcab_hw_sha2_256 (const uint8_t *data, size_t data_size, uint8_t *digest)
 Use the SHA command to compute a SHA-256 digest.
 
ATCA_STATUS atcab_hw_sha2_256_init (atca_sha256_ctx_t *ctx)
 Initialize a SHA context for performing a hardware SHA-256 operation on a device. Note that only one SHA operation can be run at a time.
 
ATCA_STATUS atcab_hw_sha2_256_update (atca_sha256_ctx_t *ctx, const uint8_t *data, size_t data_size)
 Add message data to a SHA context for performing a hardware SHA-256 operation on a device.
 
ATCA_STATUS atcab_hw_sha2_256_finish (atca_sha256_ctx_t *ctx, uint8_t *digest)
 Finish SHA-256 digest for a SHA context for performing a hardware SHA-256 operation on a device.
 
ATCA_STATUS atcab_sha_hmac_init (atca_hmac_sha256_ctx_t *ctx, uint16_t key_slot)
 Executes SHA command to start an HMAC/SHA-256 operation.
 
ATCA_STATUS atcab_sha_hmac_update (atca_hmac_sha256_ctx_t *ctx, const uint8_t *data, size_t data_size)
 Executes SHA command to add an arbitrary amount of message data to a HMAC/SHA-256 operation.
 
ATCA_STATUS atcab_sha_hmac_finish (atca_hmac_sha256_ctx_t *ctx, uint8_t *digest, uint8_t target)
 Executes SHA command to complete a HMAC/SHA-256 operation.
 
ATCA_STATUS atcab_sha_hmac (const uint8_t *data, size_t data_size, uint16_t key_slot, uint8_t *digest, uint8_t target)
 Use the SHA command to compute an HMAC/SHA-256 operation.
 
ATCA_STATUS atcab_sha_hmac_ext (ATCADevice device, const uint8_t *data, size_t data_size, uint16_t key_slot, uint8_t *digest, uint8_t target)
 Use the SHA command to compute an HMAC/SHA-256 operation.
 
ATCA_STATUS atcab_sign_base (uint8_t mode, uint16_t key_id, uint8_t *signature)
 Executes the Sign command, which generates a signature using the ECDSA algorithm.
 
ATCA_STATUS atcab_sign (uint16_t key_id, const uint8_t *msg, uint8_t *signature)
 Executes Sign command, to sign a 32-byte external message using the private key in the specified slot. The message to be signed will be loaded into the Message Digest Buffer to the ATECC608 device or TempKey for other devices.
 
ATCA_STATUS atcab_sign_ext (ATCADevice device, uint16_t key_id, const uint8_t *msg, uint8_t *signature)
 Executes Sign command, to sign a 32-byte external message using the private key in the specified slot. The message to be signed will be loaded into the Message Digest Buffer to the ATECC608 device or TempKey for other devices.
 
ATCA_STATUS atcab_sign_internal (uint16_t key_id, bool is_invalidate, bool is_full_sn, uint8_t *signature)
 Executes Sign command to sign an internally generated message.
 
ATCA_STATUS atcab_updateextra (uint8_t mode, uint16_t new_value)
 Executes UpdateExtra command to update the values of the two extra bytes within the Configuration zone (bytes 84 and 85).
 
ATCA_STATUS atcab_verify (uint8_t mode, uint16_t key_id, const uint8_t *signature, const uint8_t *public_key, const uint8_t *other_data, uint8_t *mac)
 Executes the Verify command, which takes an ECDSA [R,S] signature and verifies that it is correctly generated from a given message and public key. In all cases, the signature is an input to the command.
 
ATCA_STATUS atcab_verify_extern (const uint8_t *message, const uint8_t *signature, const uint8_t *public_key, bool *is_verified)
 Executes the Verify command, which verifies a signature (ECDSA verify operation) with all components (message, signature, and public key) supplied. The message to be signed will be loaded into the Message Digest Buffer to the ATECC608 device or TempKey for other devices.
 
ATCA_STATUS atcab_verify_extern_ext (ATCADevice device, const uint8_t *message, const uint8_t *signature, const uint8_t *public_key, bool *is_verified)
 Executes the Verify command, which verifies a signature (ECDSA verify operation) with all components (message, signature, and public key) supplied. The message to be signed will be loaded into the Message Digest Buffer to the ATECC608 device or TempKey for other devices.
 
ATCA_STATUS atcab_verify_extern_mac (const uint8_t *message, const uint8_t *signature, const uint8_t *public_key, const uint8_t *num_in, const uint8_t *io_key, bool *is_verified)
 Executes the Verify command with verification MAC, which verifies a signature (ECDSA verify operation) with all components (message, signature, and public key) supplied. This function is only available on the ATECC608.
 
ATCA_STATUS atcab_verify_stored (const uint8_t *message, const uint8_t *signature, uint16_t key_id, bool *is_verified)
 Executes the Verify command, which verifies a signature (ECDSA verify operation) with a public key stored in the device. The message to be signed will be loaded into the Message Digest Buffer to the ATECC608 device or TempKey for other devices.
 
ATCA_STATUS atcab_verify_stored_ext (ATCADevice device, const uint8_t *message, const uint8_t *signature, uint16_t key_id, bool *is_verified)
 Executes the Verify command, which verifies a signature (ECDSA verify operation) with a public key stored in the device. The message to be signed will be loaded into the Message Digest Buffer to the ATECC608 device or TempKey for other devices.
 
ATCA_STATUS atcab_verify_stored_with_tempkey (const uint8_t *signature, uint16_t key_id, bool *is_verified)
 Executes the Verify command, which verifies a signature (ECDSA verify operation) with a public key stored in the device. keyConfig.reqrandom bit should be set and the message to be signed should be already loaded into TempKey for all devices.
 
ATCA_STATUS atcab_verify_stored_mac (const uint8_t *message, const uint8_t *signature, uint16_t key_id, const uint8_t *num_in, const uint8_t *io_key, bool *is_verified)
 Executes the Verify command with verification MAC, which verifies a signature (ECDSA verify operation) with a public key stored in the device. This function is only available on the ATECC608.
 
ATCA_STATUS atcab_verify_validate (uint16_t key_id, const uint8_t *signature, const uint8_t *other_data, bool *is_verified)
 Executes the Verify command in Validate mode to validate a public key stored in a slot.
 
ATCA_STATUS atcab_verify_invalidate (uint16_t key_id, const uint8_t *signature, const uint8_t *other_data, bool *is_verified)
 Executes the Verify command in Invalidate mode which invalidates a previously validated public key stored in a slot.
 
ATCA_STATUS atcab_write (uint8_t zone, uint16_t address, const uint8_t *value, const uint8_t *mac)
 Executes the Write command, which writes either one four byte word or a 32-byte block to one of the EEPROM zones on the device. Depending upon the value of the WriteConfig byte for this slot, the data may be required to be encrypted by the system prior to being sent to the device. This command cannot be used to write slots configured as ECC private keys.
 
ATCA_STATUS atcab_write_zone (uint8_t zone, uint16_t slot, uint8_t block, uint8_t offset, const uint8_t *data, uint8_t len)
 Executes the Write command, which writes either 4 or 32 bytes of data into a device zone.
 
ATCA_STATUS atcab_write_zone_ext (ATCADevice device, uint8_t zone, uint16_t slot, uint8_t block, uint8_t offset, const uint8_t *data, uint8_t len)
 Executes the Write command, which writes either 4 or 32 bytes of data into a device zone.
 
ATCA_STATUS atcab_write_bytes_zone_ext (ATCADevice device, uint8_t zone, uint16_t slot, size_t offset_bytes, const uint8_t *data, size_t length)
 
ATCA_STATUS atcab_write_bytes_zone (uint8_t zone, uint16_t slot, size_t offset_bytes, const uint8_t *data, size_t length)
 Executes the Write command, which writes data into the configuration, otp, or data zones with a given byte offset and length. Offset and length must be multiples of a word (4 bytes).
 
ATCA_STATUS atcab_write_pubkey (uint16_t slot, const uint8_t *public_key)
 Uses the write command to write a public key to a slot in the proper format.
 
ATCA_STATUS atcab_write_pubkey_ext (ATCADevice device, uint16_t slot, const uint8_t *public_key)
 Uses the write command to write a public key to a slot in the proper format.
 
ATCA_STATUS atcab_write_config_zone (const uint8_t *config_data)
 Executes the Write command, which writes the configuration zone.
 
ATCA_STATUS atcab_write_config_zone_ext (ATCADevice device, const uint8_t *config_data)
 Executes the Write command, which writes the configuration zone.
 
ATCA_STATUS atcab_write_enc (uint16_t key_id, uint8_t block, const uint8_t *data, const uint8_t *enc_key, const uint16_t enc_key_id, const uint8_t num_in[(20)])
 Executes the Write command, which performs an encrypted write of a 32 byte block into given slot.
 
ATCA_STATUS atcab_write_config_counter (uint16_t counter_id, uint32_t counter_value)
 Initialize one of the monotonic counters in device with a specific value.
 

Variables

ATCADevice g_atcab_device_ptr
 

Detailed Description

CryptoAuthLib Basic API methods - a simple crypto authentication API. These methods manage a global ATCADevice object behind the scenes. They also manage the wake/idle state transitions so callers don't need to.