1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
/**
* \file
* \brief Microchip Crypto Auth device command object - this is a command builder only, it does
* not send the command. The result of a command method is a fully formed packet, ready to send
* to the ATCAIFace object to dispatch.
*
* This command object supports the ATSHA and ATECC device family.
* The command list is a superset of all device commands for this family. The command object
* differentiates the packet contents based on specific device type within the family.
*
* \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries.
*
* \page License
*
* Subject to your compliance with these terms, you may use Microchip software
* and any derivatives exclusively with Microchip products. It is your
* responsibility to comply with third party license terms applicable to your
* use of third party software (including open source software) that may
* accompany Microchip software.
*
* THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER
* EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED
* WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A
* PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT,
* SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE
* OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF
* MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE
* FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL
* LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED
* THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR
* THIS SOFTWARE.
*/
/* lint --e{755} */
#ifndef ATCA_COMMAND_H
#define ATCA_COMMAND_H
#include "atca_compiler.h"
#include "atca_status.h"
#include "atca_devtypes.h"
#include <stddef.h>
#ifdef __cplusplus
extern "C" {
#endif
/** \defgroup command ATCACommand (atca_)
\brief CryptoAuthLib command builder object, ATCACommand. Member functions for the ATCACommand object.
@{ */
/** \brief atca_command is the C object backing ATCACommand.
*/
struct atca_command
{
ATCADeviceType dt;
uint8_t clock_divider;
uint16_t execution_time_msec;
};
/*--- ATCACommand ---------*/
typedef struct atca_command* ATCACommand;
ATCA_STATUS initATCACommand(ATCADeviceType device_type, ATCACommand ca_cmd);
ATCACommand newATCACommand(ATCADeviceType device_type);
void deleteATCACommand(ATCACommand *ca_cmd);
/* add ATCACommand declarations here
*
* since these are still C functions, not classes, naming is an important
* consideration to keep the namespace from colliding with other 3rd party
* libraries or even ourselves/ASF.
*
* Basic conventions:
* all methods start with the prefix 'at'
* all method names must be unique, obviously
* all method implementations should be proceeded by their Doxygen comment header
*
**/
// this is the ATCACommand parameter structure. The caller to the command method must
// initialize param1, param2 and data if appropriate. The command method will fill in the rest
// and initialize the packet so it's ready to send via the ATCAIFace.
// this particular structure mimics the ATSHA and ATECC family device's command structures
// Note: pack @ 2 is required, @ 1 causes word alignment crash (though it should not), a known bug in GCC.
// @2, the wire still has the intended byte alignment with arm-eabi. this is likely the least portable part of atca
#ifdef ATCA_NO_PRAGMA_PACK
typedef struct __attribute__ ((packed))
#else
#pragma pack( push, ATCAPacket, 2 )
typedef struct
#endif
/** \brief an ATCA packet structure. This is a superset of the packet transmitted on the wire. It's also
* used as a buffer for receiving the response
*/
{
// used for transmit/send
uint8_t _reserved; // used by HAL layer as needed (I/O tokens, Word address values)
//--- start of packet i/o frame----
uint8_t txsize;
uint8_t opcode;
uint8_t param1; // often same as mode
uint16_t param2;
uint8_t data[192]; // includes 2-byte CRC. data size is determined by largest possible data section of any
// command + crc (see: x08 verify data1 + data2 + data3 + data4)
// this is an explicit design trade-off (space) resulting in simplicity in use
// and implementation
//--- end of packet i/o frame
// used for receive
uint8_t execTime; // execution time of command by opcode
// structure should be packed since it will be transmitted over the wire
// this method varies by compiler. As new compilers are supported, add their structure packing method here
} ATCAPacket;
#ifndef ATCA_NO_PRAGMA_PACK
#pragma pack( pop, ATCAPacket)
#endif
ATCA_STATUS atCheckMAC(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atCounter(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atDeriveKey(ATCACommand ca_cmd, ATCAPacket *packet, bool has_mac);
ATCA_STATUS atECDH(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atGenDig(ATCACommand ca_cmd, ATCAPacket *packet, bool is_no_mac_key);
ATCA_STATUS atGenKey(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atHMAC(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atInfo(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atLock(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atMAC(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atNonce(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atPause(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atPrivWrite(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atRandom(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atRead(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atSecureBoot(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atSHA(ATCACommand ca_cmd, ATCAPacket *packet, uint16_t write_context_size);
ATCA_STATUS atSign(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atUpdateExtra(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atVerify(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atWrite(ATCACommand ca_cmd, ATCAPacket *packet, bool has_mac);
ATCA_STATUS atAES(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atSelfTest(ATCACommand ca_cmd, ATCAPacket *packet);
ATCA_STATUS atKDF(ATCACommand ca_cmd, ATCAPacket *packet);
bool atIsSHAFamily(ATCADeviceType device_type);
bool atIsECCFamily(ATCADeviceType device_type);
ATCA_STATUS isATCAError(uint8_t *data);
// command helpers
void atCRC(size_t length, const uint8_t *data, uint8_t *crc_le);
void atCalcCrc(ATCAPacket *pkt);
ATCA_STATUS atCheckCrc(const uint8_t *response);
/* command definitions */
//! minimum number of bytes in command (from count byte to second CRC byte)
#define ATCA_CMD_SIZE_MIN ((uint8_t)7)
//! maximum size of command packet (Verify)
#define ATCA_CMD_SIZE_MAX ((uint8_t)4 * 36 + 7)
//! status byte for success
#define CMD_STATUS_SUCCESS ((uint8_t)0x00)
//! status byte after wake-up
#define CMD_STATUS_WAKEUP ((uint8_t)0x11)
//! command parse error
#define CMD_STATUS_BYTE_PARSE ((uint8_t)0x03)
//! command ECC error
#define CMD_STATUS_BYTE_ECC ((uint8_t)0x05)
//! command execution error
#define CMD_STATUS_BYTE_EXEC ((uint8_t)0x0F)
//! communication error
#define CMD_STATUS_BYTE_COMM ((uint8_t)0xFF)
/** \name Opcodes for Crypto Authentication device commands
@{ */
#define ATCA_CHECKMAC ((uint8_t)0x28) //!< CheckMac command op-code
#define ATCA_DERIVE_KEY ((uint8_t)0x1C) //!< DeriveKey command op-code
#define ATCA_INFO ((uint8_t)0x30) //!< Info command op-code
#define ATCA_GENDIG ((uint8_t)0x15) //!< GenDig command op-code
#define ATCA_GENKEY ((uint8_t)0x40) //!< GenKey command op-code
#define ATCA_HMAC ((uint8_t)0x11) //!< HMAC command op-code
#define ATCA_LOCK ((uint8_t)0x17) //!< Lock command op-code
#define ATCA_MAC ((uint8_t)0x08) //!< MAC command op-code
#define ATCA_NONCE ((uint8_t)0x16) //!< Nonce command op-code
#define ATCA_PAUSE ((uint8_t)0x01) //!< Pause command op-code
#define ATCA_PRIVWRITE ((uint8_t)0x46) //!< PrivWrite command op-code
#define ATCA_RANDOM ((uint8_t)0x1B) //!< Random command op-code
#define ATCA_READ ((uint8_t)0x02) //!< Read command op-code
#define ATCA_SIGN ((uint8_t)0x41) //!< Sign command op-code
#define ATCA_UPDATE_EXTRA ((uint8_t)0x20) //!< UpdateExtra command op-code
#define ATCA_VERIFY ((uint8_t)0x45) //!< GenKey command op-code
#define ATCA_WRITE ((uint8_t)0x12) //!< Write command op-code
#define ATCA_ECDH ((uint8_t)0x43) //!< ECDH command op-code
#define ATCA_COUNTER ((uint8_t)0x24) //!< Counter command op-code
#define ATCA_SHA ((uint8_t)0x47) //!< SHA command op-code
#define ATCA_AES ((uint8_t)0x51) //!< AES command op-code
#define ATCA_KDF ((uint8_t)0x56) //!< KDF command op-code
#define ATCA_SECUREBOOT ((uint8_t)0x80) //!< Secure Boot command op-code
#define ATCA_SELFTEST ((uint8_t)0x77) //!< Self test command op-code
/** @} */
/** \name Definitions of Data and Packet Sizes
@{ */
#define ATCA_BLOCK_SIZE (32) //!< size of a block
#define ATCA_WORD_SIZE (4) //!< size of a word
#define ATCA_PUB_KEY_PAD (4) //!< size of the public key pad
#define ATCA_SERIAL_NUM_SIZE (9) //!< number of bytes in the device serial number
#define ATCA_RSP_SIZE_VAL ((uint8_t)7) //!< size of response packet containing four bytes of data
#define ATCA_KEY_COUNT (16) //!< number of keys
#define ATCA_ECC_CONFIG_SIZE (128) //!< size of configuration zone
#define ATCA_SHA_CONFIG_SIZE (88) //!< size of configuration zone
#define ATCA_OTP_SIZE (64) //!< size of OTP zone
#define ATCA_DATA_SIZE (ATCA_KEY_COUNT * ATCA_KEY_SIZE) //!< size of data zone
#define ATCA_AES_GFM_SIZE ATCA_BLOCK_SIZE //!< size of GFM data
#define ATCA_CHIPMODE_OFFSET (19) //!< ChipMode byte offset within the configuration zone
#define ATCA_CHIPMODE_I2C_ADDRESS_FLAG ((uint8_t)0x01) //!< ChipMode I2C Address in UserExtraAdd flag
#define ATCA_CHIPMODE_TTL_ENABLE_FLAG ((uint8_t)0x02) //!< ChipMode TTLenable flag
#define ATCA_CHIPMODE_WATCHDOG_MASK ((uint8_t)0x04) //!< ChipMode watchdog duration mask
#define ATCA_CHIPMODE_WATCHDOG_SHORT ((uint8_t)0x00) //!< ChipMode short watchdog (~1.3s)
#define ATCA_CHIPMODE_WATCHDOG_LONG ((uint8_t)0x04) //!< ChipMode long watchdog (~13s)
#define ATCA_CHIPMODE_CLOCK_DIV_MASK ((uint8_t)0xF8) //!< ChipMode clock divider mask
#define ATCA_CHIPMODE_CLOCK_DIV_M0 ((uint8_t)0x00) //!< ChipMode clock divider M0
#define ATCA_CHIPMODE_CLOCK_DIV_M1 ((uint8_t)0x28) //!< ChipMode clock divider M1
#define ATCA_CHIPMODE_CLOCK_DIV_M2 ((uint8_t)0x68) //!< ChipMode clock divider M2
#define ATCA_COUNT_SIZE ((uint8_t)1) //!< Number of bytes in the command packet Count
#define ATCA_CRC_SIZE ((uint8_t)2) //!< Number of bytes in the command packet CRC
#define ATCA_PACKET_OVERHEAD (ATCA_COUNT_SIZE + ATCA_CRC_SIZE) //!< Number of bytes in the command packet
#define ATCA_PUB_KEY_SIZE (64) //!< size of a p256 public key
#define ATCA_PRIV_KEY_SIZE (32) //!< size of a p256 private key
#define ATCA_SIG_SIZE (64) //!< size of a p256 signature
#define ATCA_KEY_SIZE (32) //!< size of a symmetric SHA key
#define RSA2048_KEY_SIZE (256) //!< size of a RSA private key
#define ATCA_RSP_SIZE_MIN ((uint8_t)4) //!< minimum number of bytes in response
#define ATCA_RSP_SIZE_4 ((uint8_t)7) //!< size of response packet containing 4 bytes data
#define ATCA_RSP_SIZE_72 ((uint8_t)75) //!< size of response packet containing 64 bytes data
#define ATCA_RSP_SIZE_64 ((uint8_t)67) //!< size of response packet containing 64 bytes data
#define ATCA_RSP_SIZE_32 ((uint8_t)35) //!< size of response packet containing 32 bytes data
#define ATCA_RSP_SIZE_16 ((uint8_t)19) //!< size of response packet containing 16 bytes data
#define ATCA_RSP_SIZE_MAX ((uint8_t)75) //!< maximum size of response packet (GenKey and Verify command)
#define OUTNONCE_SIZE (32) //!< Size of the OutNonce response expected from several commands
/** \name Definitions for Command Parameter Ranges
@{ */
#define ATCA_KEY_ID_MAX ((uint8_t)15) //!< maximum value for key id
#define ATCA_OTP_BLOCK_MAX ((uint8_t)1) //!< maximum value for OTP block
/** @} */
/** \name Definitions for Indexes Common to All Commands
@{ */
#define ATCA_COUNT_IDX (0) //!< command packet index for count
#define ATCA_OPCODE_IDX (1) //!< command packet index for op-code
#define ATCA_PARAM1_IDX (2) //!< command packet index for first parameter
#define ATCA_PARAM2_IDX (3) //!< command packet index for second parameter
#define ATCA_DATA_IDX (5) //!< command packet index for data load
#define ATCA_RSP_DATA_IDX (1) //!< buffer index of data in response
/** @} */
/** \name Definitions for Zone and Address Parameters
@{ */
#define ATCA_ZONE_CONFIG ((uint8_t)0x00) //!< Configuration zone
#define ATCA_ZONE_OTP ((uint8_t)0x01) //!< OTP (One Time Programming) zone
#define ATCA_ZONE_DATA ((uint8_t)0x02) //!< Data zone
#define ATCA_ZONE_MASK ((uint8_t)0x03) //!< Zone mask
#define ATCA_ZONE_ENCRYPTED ((uint8_t)0x40) //!< Zone bit 6 set: Write is encrypted with an unlocked data zone.
#define ATCA_ZONE_READWRITE_32 ((uint8_t)0x80) //!< Zone bit 7 set: Access 32 bytes, otherwise 4 bytes.
#define ATCA_ADDRESS_MASK_CONFIG (0x001F) //!< Address bits 5 to 7 are 0 for Configuration zone.
#define ATCA_ADDRESS_MASK_OTP (0x000F) //!< Address bits 4 to 7 are 0 for OTP zone.
#define ATCA_ADDRESS_MASK (0x007F) //!< Address bit 7 to 15 are always 0.
#define ATCA_TEMPKEY_KEYID (0xFFFF) //!< KeyID when referencing TempKey
/** @} */
/** \name Definitions for Key types
@{ */
#define ATCA_B283_KEY_TYPE 0 //!< B283 NIST ECC key
#define ATCA_K283_KEY_TYPE 1 //!< K283 NIST ECC key
#define ATCA_P256_KEY_TYPE 4 //!< P256 NIST ECC key
#define ATCA_AES_KEY_TYPE 6 //!< AES-128 Key
#define ATCA_SHA_KEY_TYPE 7 //!< SHA key or other data
/** @} */
/** \name Definitions for the AES Command
@{ */
#define AES_MODE_IDX ATCA_PARAM1_IDX //!< AES command index for mode
#define AES_KEYID_IDX ATCA_PARAM2_IDX //!< AES command index for key id
#define AES_INPUT_IDX ATCA_DATA_IDX //!< AES command index for input data
#define AES_COUNT (23) //!< AES command packet size
#define AES_MODE_MASK ((uint8_t)0xC7) //!< AES mode bits 3 to 5 are 0
#define AES_MODE_KEY_BLOCK_MASK ((uint8_t)0xC0) //!< AES mode mask for key block field
#define AES_MODE_OP_MASK ((uint8_t)0x07) //!< AES mode operation mask
#define AES_MODE_ENCRYPT ((uint8_t)0x00) //!< AES mode: Encrypt
#define AES_MODE_DECRYPT ((uint8_t)0x01) //!< AES mode: Decrypt
#define AES_MODE_GFM ((uint8_t)0x03) //!< AES mode: GFM calculation
#define AES_MODE_KEY_BLOCK_POS (6) //!< Bit shift for key block in mode
#define AES_DATA_SIZE (16) //!< size of AES encrypt/decrypt data
#define AES_RSP_SIZE ATCA_RSP_SIZE_16 //!< AES command response packet size
/** @} */
/** \name Definitions for the CheckMac Command
@{ */
#define CHECKMAC_MODE_IDX ATCA_PARAM1_IDX //!< CheckMAC command index for mode
#define CHECKMAC_KEYID_IDX ATCA_PARAM2_IDX //!< CheckMAC command index for key identifier
#define CHECKMAC_CLIENT_CHALLENGE_IDX ATCA_DATA_IDX //!< CheckMAC command index for client challenge
#define CHECKMAC_CLIENT_RESPONSE_IDX (37) //!< CheckMAC command index for client response
#define CHECKMAC_DATA_IDX (69) //!< CheckMAC command index for other data
#define CHECKMAC_COUNT (84) //!< CheckMAC command packet size
#define CHECKMAC_MODE_CHALLENGE ((uint8_t)0x00) //!< CheckMAC mode 0: first SHA block from key id
#define CHECKMAC_MODE_BLOCK2_TEMPKEY ((uint8_t)0x01) //!< CheckMAC mode bit 0: second SHA block from TempKey
#define CHECKMAC_MODE_BLOCK1_TEMPKEY ((uint8_t)0x02) //!< CheckMAC mode bit 1: first SHA block from TempKey
#define CHECKMAC_MODE_SOURCE_FLAG_MATCH ((uint8_t)0x04) //!< CheckMAC mode bit 2: match TempKey.SourceFlag
#define CHECKMAC_MODE_INCLUDE_OTP_64 ((uint8_t)0x20) //!< CheckMAC mode bit 5: include first 64 OTP bits
#define CHECKMAC_MODE_MASK ((uint8_t)0x27) //!< CheckMAC mode bits 3, 4, 6, and 7 are 0.
#define CHECKMAC_CLIENT_CHALLENGE_SIZE (32) //!< CheckMAC size of client challenge
#define CHECKMAC_CLIENT_RESPONSE_SIZE (32) //!< CheckMAC size of client response
#define CHECKMAC_OTHER_DATA_SIZE (13) //!< CheckMAC size of "other data"
#define CHECKMAC_CLIENT_COMMAND_SIZE (4) //!< CheckMAC size of client command header size inside "other data"
#define CHECKMAC_CMD_MATCH (0) //!< CheckMAC return value when there is a match
#define CHECKMAC_CMD_MISMATCH (1) //!< CheckMAC return value when there is a mismatch
#define CHECKMAC_RSP_SIZE ATCA_RSP_SIZE_MIN //!< CheckMAC response packet size
/** @} */
/** \name Definitions for the Counter command
@{ */
#define COUNTER_COUNT ATCA_CMD_SIZE_MIN
#define COUNTER_MODE_IDX ATCA_PARAM1_IDX //!< Counter command index for mode
#define COUNTER_KEYID_IDX ATCA_PARAM2_IDX //!< Counter command index for key id
#define COUNTER_MODE_MASK ((uint8_t)0x01) //!< Counter mode bits 1 to 7 are 0
#define COUNTER_MAX_VALUE ((uint32_t)2097151) //!< Counter maximum value of the counter
#define COUNTER_MODE_READ ((uint8_t)0x00) //!< Counter command mode for reading
#define COUNTER_MODE_INCREMENT ((uint8_t)0x01) //!< Counter command mode for incrementing
#define COUNTER_RSP_SIZE ATCA_RSP_SIZE_4 //!< Counter command response packet size
#define COUNTER_SIZE ATCA_RSP_SIZE_MIN //!< Counter size in binary
/** @} */
/** \name Definitions for the DeriveKey Command
@{ */
#define DERIVE_KEY_RANDOM_IDX ATCA_PARAM1_IDX //!< DeriveKey command index for random bit
#define DERIVE_KEY_TARGETKEY_IDX ATCA_PARAM2_IDX //!< DeriveKey command index for target slot
#define DERIVE_KEY_MAC_IDX ATCA_DATA_IDX //!< DeriveKey command index for optional MAC
#define DERIVE_KEY_COUNT_SMALL ATCA_CMD_SIZE_MIN //!< DeriveKey command packet size without MAC
#define DERIVE_KEY_MODE ((uint8_t)0x04) //!< DeriveKey command mode set to 4 as in datasheet
#define DERIVE_KEY_COUNT_LARGE (39) //!< DeriveKey command packet size with MAC
#define DERIVE_KEY_RANDOM_FLAG ((uint8_t)4) //!< DeriveKey 1. parameter; has to match TempKey.SourceFlag
#define DERIVE_KEY_MAC_SIZE (32) //!< DeriveKey MAC size
#define DERIVE_KEY_RSP_SIZE ATCA_RSP_SIZE_MIN //!< DeriveKey response packet size
/** @} */
/** \name Definitions for the ECDH Command
@{ */
#define ECDH_PREFIX_MODE ((uint8_t)0x00)
#define ECDH_COUNT (ATCA_CMD_SIZE_MIN + ATCA_PUB_KEY_SIZE)
#define ECDH_MODE_SOURCE_MASK ((uint8_t)0x01)
#define ECDH_MODE_SOURCE_EEPROM_SLOT ((uint8_t)0x00)
#define ECDH_MODE_SOURCE_TEMPKEY ((uint8_t)0x01)
#define ECDH_MODE_OUTPUT_MASK ((uint8_t)0x02)
#define ECDH_MODE_OUTPUT_CLEAR ((uint8_t)0x00)
#define ECDH_MODE_OUTPUT_ENC ((uint8_t)0x02)
#define ECDH_MODE_COPY_MASK ((uint8_t)0x0C)
#define ECDH_MODE_COPY_COMPATIBLE ((uint8_t)0x00)
#define ECDH_MODE_COPY_EEPROM_SLOT ((uint8_t)0x04)
#define ECDH_MODE_COPY_TEMP_KEY ((uint8_t)0x08)
#define ECDH_MODE_COPY_OUTPUT_BUFFER ((uint8_t)0x0C)
#define ECDH_KEY_SIZE ATCA_BLOCK_SIZE //!< ECDH output data size
#define ECDH_RSP_SIZE ATCA_RSP_SIZE_64 //!< ECDH command packet size
/** @} */
/** \name Definitions for the GenDig Command
@{ */
#define GENDIG_ZONE_IDX ATCA_PARAM1_IDX //!< GenDig command index for zone
#define GENDIG_KEYID_IDX ATCA_PARAM2_IDX //!< GenDig command index for key id
#define GENDIG_DATA_IDX ATCA_DATA_IDX //!< GenDig command index for optional data
#define GENDIG_COUNT ATCA_CMD_SIZE_MIN //!< GenDig command packet size without "other data"
#define GENDIG_ZONE_CONFIG ((uint8_t)0) //!< GenDig zone id config. Use KeyID to specify any of the four 256-bit blocks of the Configuration zone.
#define GENDIG_ZONE_OTP ((uint8_t)1) //!< GenDig zone id OTP. Use KeyID to specify either the first or second 256-bit block of the OTP zone.
#define GENDIG_ZONE_DATA ((uint8_t)2) //!< GenDig zone id data. Use KeyID to specify a slot in the Data zone or a transport key in the hardware array.
#define GENDIG_ZONE_SHARED_NONCE ((uint8_t)3) //!< GenDig zone id shared nonce. KeyID specifies the location of the input value in the message generation.
#define GENDIG_ZONE_COUNTER ((uint8_t)4) //!< GenDig zone id counter. KeyID specifies the monotonic counter ID to be included in the message generation.
#define GENDIG_ZONE_KEY_CONFIG ((uint8_t)5) //!< GenDig zone id key config. KeyID specifies the slot for which the configuration information is to be included in the message generation.
#define GENDIG_RSP_SIZE ATCA_RSP_SIZE_MIN //!< GenDig command response packet size
/** @} */
/** \name Definitions for the GenKey Command
@{ */
#define GENKEY_MODE_IDX ATCA_PARAM1_IDX //!< GenKey command index for mode
#define GENKEY_KEYID_IDX ATCA_PARAM2_IDX //!< GenKey command index for key id
#define GENKEY_DATA_IDX (5) //!< GenKey command index for other data
#define GENKEY_COUNT ATCA_CMD_SIZE_MIN //!< GenKey command packet size without "other data"
#define GENKEY_COUNT_DATA (10) //!< GenKey command packet size with "other data"
#define GENKEY_OTHER_DATA_SIZE (3) //!< GenKey size of "other data"
#define GENKEY_MODE_MASK ((uint8_t)0x1C) //!< GenKey mode bits 0 to 1 and 5 to 7 are 0
#define GENKEY_MODE_PRIVATE ((uint8_t)0x04) //!< GenKey mode: private key generation
#define GENKEY_MODE_PUBLIC ((uint8_t)0x00) //!< GenKey mode: public key calculation
#define GENKEY_MODE_DIGEST ((uint8_t)0x08) //!< GenKey mode: PubKey digest will be created after the public key is calculated
#define GENKEY_MODE_PUBKEY_DIGEST ((uint8_t)0x10) //!< GenKey mode: Calculate PubKey digest on the public key in KeyId
#define GENKEY_PRIVATE_TO_TEMPKEY ((uint16_t)0xFFFF) //!< GenKey Create private key and store to tempkey (608 only)
#define GENKEY_RSP_SIZE_SHORT ATCA_RSP_SIZE_MIN //!< GenKey response packet size in Digest mode
#define GENKEY_RSP_SIZE_LONG ATCA_RSP_SIZE_64 //!< GenKey response packet size when returning a public key
/** @} */
/** \name Definitions for the HMAC Command
@{ */
#define HMAC_MODE_IDX ATCA_PARAM1_IDX //!< HMAC command index for mode
#define HMAC_KEYID_IDX ATCA_PARAM2_IDX //!< HMAC command index for key id
#define HMAC_COUNT ATCA_CMD_SIZE_MIN //!< HMAC command packet size
#define HMAC_MODE_FLAG_TK_RAND ((uint8_t)0x00) //!< HMAC mode bit 2: The value of this bit must match the value in TempKey.SourceFlag or the command will return an error.
#define HMAC_MODE_FLAG_TK_NORAND ((uint8_t)0x04) //!< HMAC mode bit 2: The value of this bit must match the value in TempKey.SourceFlag or the command will return an error.
#define HMAC_MODE_FLAG_OTP88 ((uint8_t)0x10) //!< HMAC mode bit 4: Include the first 88 OTP bits (OTP[0] through OTP[10]) in the message.; otherwise, the corresponding message bits are set to zero. Not applicable for ATECC508A.
#define HMAC_MODE_FLAG_OTP64 ((uint8_t)0x20) //!< HMAC mode bit 5: Include the first 64 OTP bits (OTP[0] through OTP[7]) in the message.; otherwise, the corresponding message bits are set to zero. If Mode[4] is set, the value of this mode bit is ignored. Not applicable for ATECC508A.
#define HMAC_MODE_FLAG_FULLSN ((uint8_t)0x40) //!< HMAC mode bit 6: If set, include the 48 bits SN[2:3] and SN[4:7] in the message.; otherwise, the corresponding message bits are set to zero.
#define HMAC_MODE_MASK ((uint8_t)0x74) //!< HMAC mode bits 0, 1, 3, and 7 are 0.
#define HMAC_DIGEST_SIZE (32) //!< HMAC size of digest response
#define HMAC_RSP_SIZE ATCA_RSP_SIZE_32 //!< HMAC command response packet size
/** @} */
/** \name Definitions for the Info Command
@{ */
#define INFO_PARAM1_IDX ATCA_PARAM1_IDX //!< Info command index for 1. parameter
#define INFO_PARAM2_IDX ATCA_PARAM2_IDX //!< Info command index for 2. parameter
#define INFO_COUNT ATCA_CMD_SIZE_MIN //!< Info command packet size
#define INFO_MODE_REVISION ((uint8_t)0x00) //!< Info mode Revision
#define INFO_MODE_KEY_VALID ((uint8_t)0x01) //!< Info mode KeyValid
#define INFO_MODE_STATE ((uint8_t)0x02) //!< Info mode State
#define INFO_MODE_GPIO ((uint8_t)0x03) //!< Info mode GPIO
#define INFO_MODE_VOL_KEY_PERMIT ((uint8_t)0x04) //!< Info mode GPIO
#define INFO_MODE_MAX ((uint8_t)0x03) //!< Info mode maximum value
#define INFO_NO_STATE ((uint8_t)0x00) //!< Info mode is not the state mode.
#define INFO_OUTPUT_STATE_MASK ((uint8_t)0x01) //!< Info output state mask
#define INFO_DRIVER_STATE_MASK ((uint8_t)0x02) //!< Info driver state mask
#define INFO_PARAM2_SET_LATCH_STATE ((uint16_t)0x0002) //!< Info param2 to set the persistent latch state.
#define INFO_PARAM2_LATCH_SET ((uint16_t)0x0001) //!< Info param2 to set the persistent latch
#define INFO_PARAM2_LATCH_CLEAR ((uint16_t)0x0000) //!< Info param2 to clear the persistent latch
#define INFO_SIZE ((uint8_t)0x04) //!< Info return size
#define INFO_RSP_SIZE ATCA_RSP_SIZE_VAL //!< Info command response packet size
/** @} */
/** \name Definitions for the KDF Command
@{ */
#define KDF_MODE_IDX ATCA_PARAM1_IDX //!< KDF command index for mode
#define KDF_KEYID_IDX ATCA_PARAM2_IDX //!< KDF command index for key id
#define KDF_DETAILS_IDX ATCA_DATA_IDX //!< KDF command index for details
#define KDF_DETAILS_SIZE 4 //!< KDF details (param3) size
#define KDF_MESSAGE_IDX (ATCA_DATA_IDX + KDF_DETAILS_SIZE)
#define KDF_MODE_SOURCE_MASK ((uint8_t)0x03) //!< KDF mode source key mask
#define KDF_MODE_SOURCE_TEMPKEY ((uint8_t)0x00) //!< KDF mode source key in TempKey
#define KDF_MODE_SOURCE_TEMPKEY_UP ((uint8_t)0x01) //!< KDF mode source key in upper TempKey
#define KDF_MODE_SOURCE_SLOT ((uint8_t)0x02) //!< KDF mode source key in a slot
#define KDF_MODE_SOURCE_ALTKEYBUF ((uint8_t)0x03) //!< KDF mode source key in alternate key buffer
#define KDF_MODE_TARGET_MASK ((uint8_t)0x1C) //!< KDF mode target key mask
#define KDF_MODE_TARGET_TEMPKEY ((uint8_t)0x00) //!< KDF mode target key in TempKey
#define KDF_MODE_TARGET_TEMPKEY_UP ((uint8_t)0x04) //!< KDF mode target key in upper TempKey
#define KDF_MODE_TARGET_SLOT ((uint8_t)0x08) //!< KDF mode target key in slot
#define KDF_MODE_TARGET_ALTKEYBUF ((uint8_t)0x0C) //!< KDF mode target key in alternate key buffer
#define KDF_MODE_TARGET_OUTPUT ((uint8_t)0x10) //!< KDF mode target key in output buffer
#define KDF_MODE_TARGET_OUTPUT_ENC ((uint8_t)0x14) //!< KDF mode target key encrypted in output buffer
#define KDF_MODE_ALG_MASK ((uint8_t)0x60) //!< KDF mode algorithm mask
#define KDF_MODE_ALG_PRF ((uint8_t)0x00) //!< KDF mode PRF algorithm
#define KDF_MODE_ALG_AES ((uint8_t)0x20) //!< KDF mode AES algorithm
#define KDF_MODE_ALG_HKDF ((uint8_t)0x40) //!< KDF mode HKDF algorithm
#define KDF_DETAILS_PRF_KEY_LEN_MASK ((uint32_t)0x00000003) //!< KDF details for PRF, source key length mask
#define KDF_DETAILS_PRF_KEY_LEN_16 ((uint32_t)0x00000000) //!< KDF details for PRF, source key length is 16 bytes
#define KDF_DETAILS_PRF_KEY_LEN_32 ((uint32_t)0x00000001) //!< KDF details for PRF, source key length is 32 bytes
#define KDF_DETAILS_PRF_KEY_LEN_48 ((uint32_t)0x00000002) //!< KDF details for PRF, source key length is 48 bytes
#define KDF_DETAILS_PRF_KEY_LEN_64 ((uint32_t)0x00000003) //!< KDF details for PRF, source key length is 64 bytes
#define KDF_DETAILS_PRF_TARGET_LEN_MASK ((uint32_t)0x00000100) //!< KDF details for PRF, target length mask
#define KDF_DETAILS_PRF_TARGET_LEN_32 ((uint32_t)0x00000000) //!< KDF details for PRF, target length is 32 bytes
#define KDF_DETAILS_PRF_TARGET_LEN_64 ((uint32_t)0x00000100) //!< KDF details for PRF, target length is 64 bytes
#define KDF_DETAILS_PRF_AEAD_MASK ((uint32_t)0x00000600) //!< KDF details for PRF, AEAD processing mask
#define KDF_DETAILS_PRF_AEAD_MODE0 ((uint32_t)0x00000000) //!< KDF details for PRF, AEAD no processing
#define KDF_DETAILS_PRF_AEAD_MODE1 ((uint32_t)0x00000200) //!< KDF details for PRF, AEAD First 32 go to target, second 32 go to output buffer
#define KDF_DETAILS_AES_KEY_LOC_MASK ((uint32_t)0x00000003) //!< KDF details for AES, key location mask
#define KDF_DETAILS_HKDF_MSG_LOC_MASK ((uint32_t)0x00000003) //!< KDF details for HKDF, message location mask
#define KDF_DETAILS_HKDF_MSG_LOC_SLOT ((uint32_t)0x00000000) //!< KDF details for HKDF, message location in slot
#define KDF_DETAILS_HKDF_MSG_LOC_TEMPKEY ((uint32_t)0x00000001) //!< KDF details for HKDF, message location in TempKey
#define KDF_DETAILS_HKDF_MSG_LOC_INPUT ((uint32_t)0x00000002) //!< KDF details for HKDF, message location in input parameter
#define KDF_DETAILS_HKDF_MSG_LOC_IV ((uint32_t)0x00000003) //!< KDF details for HKDF, message location is a special IV function
#define KDF_DETAILS_HKDF_ZERO_KEY ((uint32_t)0x00000004) //!< KDF details for HKDF, key is 32 bytes of zero
/** @} */
/** \name Definitions for the Lock Command
@{ */
#define LOCK_ZONE_IDX ATCA_PARAM1_IDX //!< Lock command index for zone
#define LOCK_SUMMARY_IDX ATCA_PARAM2_IDX //!< Lock command index for summary
#define LOCK_COUNT ATCA_CMD_SIZE_MIN //!< Lock command packet size
#define LOCK_ZONE_CONFIG ((uint8_t)0x00) //!< Lock zone is Config
#define LOCK_ZONE_DATA ((uint8_t)0x01) //!< Lock zone is OTP or Data
#define LOCK_ZONE_DATA_SLOT ((uint8_t)0x02) //!< Lock slot of Data
#define LOCK_ZONE_NO_CRC ((uint8_t)0x80) //!< Lock command: Ignore summary.
#define LOCK_ZONE_MASK (0xBF) //!< Lock parameter 1 bits 6 are 0.
#define ATCA_UNLOCKED (0x55) //!< Value indicating an unlocked zone
#define ATCA_LOCKED (0x00) //!< Value indicating a locked zone
#define LOCK_RSP_SIZE ATCA_RSP_SIZE_MIN //!< Lock command response packet size
/** @} */
/** \name Definitions for the MAC Command
@{ */
#define MAC_MODE_IDX ATCA_PARAM1_IDX //!< MAC command index for mode
#define MAC_KEYID_IDX ATCA_PARAM2_IDX //!< MAC command index for key id
#define MAC_CHALLENGE_IDX ATCA_DATA_IDX //!< MAC command index for optional challenge
#define MAC_COUNT_SHORT ATCA_CMD_SIZE_MIN //!< MAC command packet size without challenge
#define MAC_COUNT_LONG (39) //!< MAC command packet size with challenge
#define MAC_MODE_CHALLENGE ((uint8_t)0x00) //!< MAC mode 0: first SHA block from data slot
#define MAC_MODE_BLOCK2_TEMPKEY ((uint8_t)0x01) //!< MAC mode bit 0: second SHA block from TempKey
#define MAC_MODE_BLOCK1_TEMPKEY ((uint8_t)0x02) //!< MAC mode bit 1: first SHA block from TempKey
#define MAC_MODE_SOURCE_FLAG_MATCH ((uint8_t)0x04) //!< MAC mode bit 2: match TempKey.SourceFlag
#define MAC_MODE_PTNONCE_TEMPKEY ((uint8_t)0x06) //!< MAC mode bit 0: second SHA block from TempKey
#define MAC_MODE_PASSTHROUGH ((uint8_t)0x07) //!< MAC mode bit 0-2: pass-through mode
#define MAC_MODE_INCLUDE_OTP_88 ((uint8_t)0x10) //!< MAC mode bit 4: include first 88 OTP bits
#define MAC_MODE_INCLUDE_OTP_64 ((uint8_t)0x20) //!< MAC mode bit 5: include first 64 OTP bits
#define MAC_MODE_INCLUDE_SN ((uint8_t)0x40) //!< MAC mode bit 6: include serial number
#define MAC_CHALLENGE_SIZE (32) //!< MAC size of challenge
#define MAC_SIZE (32) //!< MAC size of response
#define MAC_MODE_MASK ((uint8_t)0x77) //!< MAC mode bits 3 and 7 are 0.
#define MAC_RSP_SIZE ATCA_RSP_SIZE_32 //!< MAC command response packet size
/** @} */
/** \name Definitions for the Nonce Command
@{ */
#define NONCE_MODE_IDX ATCA_PARAM1_IDX //!< Nonce command index for mode
#define NONCE_PARAM2_IDX ATCA_PARAM2_IDX //!< Nonce command index for 2. parameter
#define NONCE_INPUT_IDX ATCA_DATA_IDX //!< Nonce command index for input data
#define NONCE_COUNT_SHORT (ATCA_CMD_SIZE_MIN + 20) //!< Nonce command packet size for 20 bytes of NumIn
#define NONCE_COUNT_LONG (ATCA_CMD_SIZE_MIN + 32) //!< Nonce command packet size for 32 bytes of NumIn
#define NONCE_COUNT_LONG_64 (ATCA_CMD_SIZE_MIN + 64) //!< Nonce command packet size for 64 bytes of NumIn
#define NONCE_MODE_MASK ((uint8_t)0x03) //!< Nonce mode bits 2 to 7 are 0.
#define NONCE_MODE_SEED_UPDATE ((uint8_t)0x00) //!< Nonce mode: update seed
#define NONCE_MODE_NO_SEED_UPDATE ((uint8_t)0x01) //!< Nonce mode: do not update seed
#define NONCE_MODE_INVALID ((uint8_t)0x02) //!< Nonce mode 2 is invalid.
#define NONCE_MODE_PASSTHROUGH ((uint8_t)0x03) //!< Nonce mode: pass-through
#define NONCE_MODE_INPUT_LEN_MASK ((uint8_t)0x20) //!< Nonce mode: input size mask
#define NONCE_MODE_INPUT_LEN_32 ((uint8_t)0x00) //!< Nonce mode: input size is 32 bytes
#define NONCE_MODE_INPUT_LEN_64 ((uint8_t)0x20) //!< Nonce mode: input size is 64 bytes
#define NONCE_MODE_TARGET_MASK ((uint8_t)0xC0) //!< Nonce mode: target mask
#define NONCE_MODE_TARGET_TEMPKEY ((uint8_t)0x00) //!< Nonce mode: target is TempKey
#define NONCE_MODE_TARGET_MSGDIGBUF ((uint8_t)0x40) //!< Nonce mode: target is Message Digest Buffer
#define NONCE_MODE_TARGET_ALTKEYBUF ((uint8_t)0x80) //!< Nonce mode: target is Alternate Key Buffer
#define NONCE_ZERO_CALC_MASK ((uint16_t)0x8000) //!< Nonce zero (param2): calculation mode mask
#define NONCE_ZERO_CALC_RANDOM ((uint16_t)0x0000) //!< Nonce zero (param2): calculation mode random, use RNG in calculation and return RNG output
#define NONCE_ZERO_CALC_TEMPKEY ((uint16_t)0x8000) //!< Nonce zero (param2): calculation mode TempKey, use TempKey in calculation and return new TempKey value
#define NONCE_NUMIN_SIZE (20) //!< Nonce NumIn size for random modes
#define NONCE_NUMIN_SIZE_PASSTHROUGH (32) //!< Nonce NumIn size for 32-byte pass-through mode
#define NONCE_RSP_SIZE_SHORT ATCA_RSP_SIZE_MIN //!< Nonce command response packet size with no output
#define NONCE_RSP_SIZE_LONG ATCA_RSP_SIZE_32 //!< Nonce command response packet size with output
/** @} */
/** \name Definitions for the Pause Command
@{ */
#define PAUSE_SELECT_IDX ATCA_PARAM1_IDX //!< Pause command index for Selector
#define PAUSE_PARAM2_IDX ATCA_PARAM2_IDX //!< Pause command index for 2. parameter
#define PAUSE_COUNT ATCA_CMD_SIZE_MIN //!< Pause command packet size
#define PAUSE_RSP_SIZE ATCA_RSP_SIZE_MIN //!< Pause command response packet size
/** @} */
/** \name Definitions for the PrivWrite Command
@{ */
#define PRIVWRITE_ZONE_IDX ATCA_PARAM1_IDX //!< PrivWrite command index for zone
#define PRIVWRITE_KEYID_IDX ATCA_PARAM2_IDX //!< PrivWrite command index for KeyID
#define PRIVWRITE_VALUE_IDX ( 5) //!< PrivWrite command index for value
#define PRIVWRITE_MAC_IDX (41) //!< PrivWrite command index for MAC
#define PRIVWRITE_COUNT (75) //!< PrivWrite command packet size
#define PRIVWRITE_ZONE_MASK ((uint8_t)0x40) //!< PrivWrite zone bits 0 to 5 and 7 are 0.
#define PRIVWRITE_MODE_ENCRYPT ((uint8_t)0x40) //!< PrivWrite mode: encrypted
#define PRIVWRITE_RSP_SIZE ATCA_RSP_SIZE_MIN //!< PrivWrite command response packet size
/** @} */
/** \name Definitions for the Random Command
@{ */
#define RANDOM_MODE_IDX ATCA_PARAM1_IDX //!< Random command index for mode
#define RANDOM_PARAM2_IDX ATCA_PARAM2_IDX //!< Random command index for 2. parameter
#define RANDOM_COUNT ATCA_CMD_SIZE_MIN //!< Random command packet size
#define RANDOM_SEED_UPDATE ((uint8_t)0x00) //!< Random mode for automatic seed update
#define RANDOM_NO_SEED_UPDATE ((uint8_t)0x01) //!< Random mode for no seed update
#define RANDOM_NUM_SIZE ((uint8_t)32) //!< Number of bytes in the data packet of a random command
#define RANDOM_RSP_SIZE ATCA_RSP_SIZE_32 //!< Random command response packet size
/** @} */
/** \name Definitions for the Read Command
@{ */
#define READ_ZONE_IDX ATCA_PARAM1_IDX //!< Read command index for zone
#define READ_ADDR_IDX ATCA_PARAM2_IDX //!< Read command index for address
#define READ_COUNT ATCA_CMD_SIZE_MIN //!< Read command packet size
#define READ_ZONE_MASK ((uint8_t)0x83) //!< Read zone bits 2 to 6 are 0.
#define READ_4_RSP_SIZE ATCA_RSP_SIZE_VAL //!< Read command response packet size when reading 4 bytes
#define READ_32_RSP_SIZE ATCA_RSP_SIZE_32 //!< Read command response packet size when reading 32 bytes
/** @} */
/** \name Definitions for the SecureBoot Command
@{ */
#define SECUREBOOT_MODE_IDX ATCA_PARAM1_IDX //!< SecureBoot command index for mode
#define SECUREBOOT_DIGEST_SIZE (32) //!< SecureBoot digest input size
#define SECUREBOOT_SIGNATURE_SIZE (64) //!< SecureBoot signature input size
#define SECUREBOOT_COUNT_DIG (ATCA_CMD_SIZE_MIN + SECUREBOOT_DIGEST_SIZE) //!< SecureBoot command packet size for just a digest
#define SECUREBOOT_COUNT_DIG_SIG (ATCA_CMD_SIZE_MIN + SECUREBOOT_DIGEST_SIZE + SECUREBOOT_SIGNATURE_SIZE) //!< SecureBoot command packet size for a digest and signature
#define SECUREBOOT_MAC_SIZE (32) //!< SecureBoot MAC output size
#define SECUREBOOT_RSP_SIZE_NO_MAC ATCA_RSP_SIZE_MIN //!< SecureBoot response packet size for no MAC
#define SECUREBOOT_RSP_SIZE_MAC (ATCA_PACKET_OVERHEAD + SECUREBOOT_MAC_SIZE) //!< SecureBoot response packet size with MAC
#define SECUREBOOT_MODE_MASK ((uint8_t)0x07) //!< SecureBoot mode mask
#define SECUREBOOT_MODE_FULL ((uint8_t)0x05) //!< SecureBoot mode Full
#define SECUREBOOT_MODE_FULL_STORE ((uint8_t)0x06) //!< SecureBoot mode FullStore
#define SECUREBOOT_MODE_FULL_COPY ((uint8_t)0x07) //!< SecureBoot mode FullCopy
#define SECUREBOOT_MODE_PROHIBIT_FLAG ((uint8_t)0x40) //!< SecureBoot mode flag to prohibit SecureBoot until next power cycle
#define SECUREBOOT_MODE_ENC_MAC_FLAG ((uint8_t)0x80) //!< SecureBoot mode flag for encrypted digest and returning validating MAC
#define SECUREBOOTCONFIG_OFFSET (70) //!< SecureBootConfig byte offset into the configuration zone
#define SECUREBOOTCONFIG_MODE_MASK ((uint16_t)0x0003) //!< Mask for SecureBootMode field in SecureBootConfig value
#define SECUREBOOTCONFIG_MODE_DISABLED ((uint16_t)0x0000) //!< Disabled SecureBootMode in SecureBootConfig value
#define SECUREBOOTCONFIG_MODE_FULL_BOTH ((uint16_t)0x0001) //!< Both digest and signature always required SecureBootMode in SecureBootConfig value
#define SECUREBOOTCONFIG_MODE_FULL_SIG ((uint16_t)0x0002) //!< Signature stored SecureBootMode in SecureBootConfig value
#define SECUREBOOTCONFIG_MODE_FULL_DIG ((uint16_t)0x0003) //!< Digest stored SecureBootMode in SecureBootConfig value
/** @} */
/** \name Definitions for the SelfTest Command
@{ */
#define SELFTEST_MODE_IDX ATCA_PARAM1_IDX //!< SelfTest command index for mode
#define SELFTEST_COUNT ATCA_CMD_SIZE_MIN //!< SelfTest command packet size
#define SELFTEST_MODE_RNG ((uint8_t)0x01) //!< SelfTest mode RNG DRBG function
#define SELFTEST_MODE_ECDSA_SIGN_VERIFY ((uint8_t)0x02) //!< SelfTest mode ECDSA verify function
#define SELFTEST_MODE_ECDH ((uint8_t)0x08) //!< SelfTest mode ECDH function
#define SELFTEST_MODE_AES ((uint8_t)0x10) //!< SelfTest mode AES encrypt function
#define SELFTEST_MODE_SHA ((uint8_t)0x20) //!< SelfTest mode SHA function
#define SELFTEST_MODE_ALL ((uint8_t)0x3B) //!< SelfTest mode all algorithms
#define SELFTEST_RSP_SIZE ATCA_RSP_SIZE_MIN //!< SelfTest command response packet size
/** @} */
/** \name Definitions for the SHA Command
@{ */
#define SHA_COUNT_SHORT ATCA_CMD_SIZE_MIN
#define SHA_COUNT_LONG ATCA_CMD_SIZE_MIN //!< Just a starting size
#define ATCA_SHA_DIGEST_SIZE (32)
#define SHA_DATA_MAX (64)
#define ATCA_SHA256_BLOCK_SIZE (64)
#define SHA_CONTEXT_MAX_SIZE (99)
#define SHA_MODE_MASK ((uint8_t)0x07) //!< Mask the bit 0-2
#define SHA_MODE_SHA256_START ((uint8_t)0x00) //!< Initialization, does not accept a message
#define SHA_MODE_SHA256_UPDATE ((uint8_t)0x01) //!< Add 64 bytes in the meesage to the SHA context
#define SHA_MODE_SHA256_END ((uint8_t)0x02) //!< Complete the calculation and return the digest
#define SHA_MODE_SHA256_PUBLIC ((uint8_t)0x03) //!< Add 64 byte ECC public key in the slot to the SHA context
#define SHA_MODE_HMAC_START ((uint8_t)0x04) //!< Initialization, HMAC calculation
#define SHA_MODE_HMAC_UPDATE ((uint8_t)0x01) //!< Add 64 bytes in the meesage to the SHA context
#define SHA_MODE_HMAC_END ((uint8_t)0x05) //!< Complete the HMAC computation and return digest
#define SHA_MODE_608_HMAC_END ((uint8_t)0x02) //!< Complete the HMAC computation and return digest... Different command on 608
#define SHA_MODE_READ_CONTEXT ((uint8_t)0x06) //!< Read current SHA-256 context out of the device
#define SHA_MODE_WRITE_CONTEXT ((uint8_t)0x07) //!< Restore a SHA-256 context into the device
#define SHA_MODE_TARGET_MASK ((uint8_t)0xC0) //!< Resulting digest target location mask
#define SHA_MODE_TARGET_TEMPKEY ((uint8_t)0x00) //!< Place resulting digest both in Output buffer and TempKey
#define SHA_MODE_TARGET_MSGDIGBUF ((uint8_t)0x40) //!< Place resulting digest both in Output buffer and Message Digest Buffer
#define SHA_MODE_TARGET_OUT_ONLY ((uint8_t)0xC0) //!< Place resulting digest both in Output buffer ONLY
#define SHA_RSP_SIZE ATCA_RSP_SIZE_32 //!< SHA command response packet size
#define SHA_RSP_SIZE_SHORT ATCA_RSP_SIZE_MIN //!< SHA command response packet size only status code
#define SHA_RSP_SIZE_LONG ATCA_RSP_SIZE_32 //!< SHA command response packet size
/** @} */
/** @} *//** \name Definitions for the Sign Command
@{ */
#define SIGN_MODE_IDX ATCA_PARAM1_IDX //!< Sign command index for mode
#define SIGN_KEYID_IDX ATCA_PARAM2_IDX //!< Sign command index for key id
#define SIGN_COUNT ATCA_CMD_SIZE_MIN //!< Sign command packet size
#define SIGN_MODE_MASK ((uint8_t)0xE1) //!< Sign mode bits 1 to 4 are 0
#define SIGN_MODE_INTERNAL ((uint8_t)0x00) //!< Sign mode 0: internal
#define SIGN_MODE_INVALIDATE ((uint8_t)0x01) //!< Sign mode bit 1: Signature will be used for Verify(Invalidate)
#define SIGN_MODE_INCLUDE_SN ((uint8_t)0x40) //!< Sign mode bit 6: include serial number
#define SIGN_MODE_EXTERNAL ((uint8_t)0x80) //!< Sign mode bit 7: external
#define SIGN_MODE_SOURCE_MASK ((uint8_t)0x20) //!< Sign mode message source mask
#define SIGN_MODE_SOURCE_TEMPKEY ((uint8_t)0x00) //!< Sign mode message source is TempKey
#define SIGN_MODE_SOURCE_MSGDIGBUF ((uint8_t)0x20) //!< Sign mode message source is the Message Digest Buffer
#define SIGN_RSP_SIZE ATCA_RSP_SIZE_MAX //!< Sign command response packet size
/** @} */
/** \name Definitions for the UpdateExtra Command
@{ */
#define UPDATE_MODE_IDX ATCA_PARAM1_IDX //!< UpdateExtra command index for mode
#define UPDATE_VALUE_IDX ATCA_PARAM2_IDX //!< UpdateExtra command index for new value
#define UPDATE_COUNT ATCA_CMD_SIZE_MIN //!< UpdateExtra command packet size
#define UPDATE_MODE_USER_EXTRA ((uint8_t)0x00) //!< UpdateExtra mode update UserExtra (config byte 84)
#define UPDATE_MODE_SELECTOR ((uint8_t)0x01) //!< UpdateExtra mode update Selector (config byte 85)
#define UPDATE_MODE_USER_EXTRA_ADD UPDATE_MODE_SELECTOR //!< UpdateExtra mode update UserExtraAdd (config byte 85)
#define UPDATE_MODE_DEC_COUNTER ((uint8_t)0x02) //!< UpdateExtra mode: decrement counter
#define UPDATE_RSP_SIZE ATCA_RSP_SIZE_MIN //!< UpdateExtra command response packet size
/** @} */
/** \name Definitions for the Verify Command
@{ */
#define VERIFY_MODE_IDX ATCA_PARAM1_IDX //!< Verify command index for mode
#define VERIFY_KEYID_IDX ATCA_PARAM2_IDX //!< Verify command index for key id
#define VERIFY_DATA_IDX ( 5) //!< Verify command index for data
#define VERIFY_256_STORED_COUNT ( 71) //!< Verify command packet size for 256-bit key in stored mode
#define VERIFY_283_STORED_COUNT ( 79) //!< Verify command packet size for 283-bit key in stored mode
#define VERIFY_256_VALIDATE_COUNT ( 90) //!< Verify command packet size for 256-bit key in validate mode
#define VERIFY_283_VALIDATE_COUNT ( 98) //!< Verify command packet size for 283-bit key in validate mode
#define VERIFY_256_EXTERNAL_COUNT (135) //!< Verify command packet size for 256-bit key in external mode
#define VERIFY_283_EXTERNAL_COUNT (151) //!< Verify command packet size for 283-bit key in external mode
#define VERIFY_256_KEY_SIZE ( 64) //!< Verify key size for 256-bit key
#define VERIFY_283_KEY_SIZE ( 72) //!< Verify key size for 283-bit key
#define VERIFY_256_SIGNATURE_SIZE ( 64) //!< Verify signature size for 256-bit key
#define VERIFY_283_SIGNATURE_SIZE ( 72) //!< Verify signature size for 283-bit key
#define VERIFY_OTHER_DATA_SIZE ( 19) //!< Verify size of "other data"
#define VERIFY_MODE_MASK ((uint8_t)0x07) //!< Verify mode bits 3 to 7 are 0
#define VERIFY_MODE_STORED ((uint8_t)0x00) //!< Verify mode: stored
#define VERIFY_MODE_VALIDATE_EXTERNAL ((uint8_t)0x01) //!< Verify mode: validate external
#define VERIFY_MODE_EXTERNAL ((uint8_t)0x02) //!< Verify mode: external
#define VERIFY_MODE_VALIDATE ((uint8_t)0x03) //!< Verify mode: validate
#define VERIFY_MODE_INVALIDATE ((uint8_t)0x07) //!< Verify mode: invalidate
#define VERIFY_MODE_SOURCE_MASK ((uint8_t)0x20) //!< Verify mode message source mask
#define VERIFY_MODE_SOURCE_TEMPKEY ((uint8_t)0x00) //!< Verify mode message source is TempKey
#define VERIFY_MODE_SOURCE_MSGDIGBUF ((uint8_t)0x20) //!< Verify mode message source is the Message Digest Buffer
#define VERIFY_MODE_MAC_FLAG ((uint8_t)0x80) //!< Verify mode: MAC
#define VERIFY_KEY_B283 ((uint16_t)0x0000) //!< Verify key type: B283
#define VERIFY_KEY_K283 ((uint16_t)0x0001) //!< Verify key type: K283
#define VERIFY_KEY_P256 ((uint16_t)0x0004) //!< Verify key type: P256
#define VERIFY_RSP_SIZE ATCA_RSP_SIZE_MIN //!< Verify command response packet size
#define VERIFY_RSP_SIZE_MAC ATCA_RSP_SIZE_32 //!< Verify command response packet size with validating MAC
/** @} */
/** \name Definitions for the Write Command
@{ */
#define WRITE_ZONE_IDX ATCA_PARAM1_IDX //!< Write command index for zone
#define WRITE_ADDR_IDX ATCA_PARAM2_IDX //!< Write command index for address
#define WRITE_VALUE_IDX ATCA_DATA_IDX //!< Write command index for data
#define WRITE_MAC_VS_IDX ( 9) //!< Write command index for MAC following short data
#define WRITE_MAC_VL_IDX (37) //!< Write command index for MAC following long data
#define WRITE_MAC_SIZE (32) //!< Write MAC size
#define WRITE_ZONE_MASK ((uint8_t)0xC3) //!< Write zone bits 2 to 5 are 0.
#define WRITE_ZONE_WITH_MAC ((uint8_t)0x40) //!< Write zone bit 6: write encrypted with MAC
#define WRITE_ZONE_OTP ((uint8_t)1) //!< Write zone id OTP
#define WRITE_ZONE_DATA ((uint8_t)2) //!< Write zone id data
#define WRITE_RSP_SIZE ATCA_RSP_SIZE_MIN //!< Write command response packet size
/** @} */
#ifdef __cplusplus
}
#endif
#endif