Trait rust_cryptoauthlib::AteccDeviceTrait
source · [−]pub trait AteccDeviceTrait {
Show 39 methods
fn random(&self, rand_out: &mut Vec<u8>) -> AtcaStatus;
fn sha(&self, message: Vec<u8>, digest: &mut Vec<u8>) -> AtcaStatus;
fn nonce(&self, target: NonceTarget, data: &[u8]) -> AtcaStatus;
fn nonce_rand(
&self,
host_nonce: &[u8],
rand_out: &mut Vec<u8>
) -> AtcaStatus;
fn gen_key(&self, key_type: KeyType, slot_id: u8) -> AtcaStatus;
fn import_key(
&self,
key_type: KeyType,
key_data: &[u8],
slot_id: u8
) -> AtcaStatus;
fn export_key(
&self,
key_type: KeyType,
key_data: &mut Vec<u8>,
slot_id: u8
) -> AtcaStatus;
fn get_public_key(
&self,
slot_id: u8,
public_key: &mut Vec<u8>
) -> AtcaStatus;
fn sign_hash(
&self,
mode: SignMode,
slot_id: u8,
signature: &mut Vec<u8>
) -> AtcaStatus;
fn verify_hash(
&self,
mode: VerifyMode,
hash: &[u8],
signature: &[u8]
) -> Result<bool, AtcaStatus>;
fn cipher_encrypt(
&self,
algorithm: CipherAlgorithm,
slot_id: u8,
data: &mut Vec<u8>
) -> AtcaStatus;
fn cipher_decrypt(
&self,
algorithm: CipherAlgorithm,
slot_id: u8,
data: &mut Vec<u8>
) -> AtcaStatus;
fn aead_encrypt(
&self,
algorithm: AeadAlgorithm,
slot_id: u8,
data: &mut Vec<u8>
) -> Result<Vec<u8>, AtcaStatus>;
fn aead_decrypt(
&self,
algorithm: AeadAlgorithm,
slot_id: u8,
data: &mut Vec<u8>
) -> Result<bool, AtcaStatus>;
fn mac_compute(
&self,
algorithm: MacAlgorithm,
slot_id: u8,
data: &[u8]
) -> Result<Vec<u8>, AtcaStatus>;
fn mac_verify(
&self,
algorithm: MacAlgorithm,
slot_id: u8,
data: &[u8]
) -> Result<bool, AtcaStatus>;
fn kdf(
&self,
algorithm: KdfAlgorithm,
parameters: KdfParams,
message: Option<&[u8]>,
message_length: usize
) -> Result<KdfResult, AtcaStatus>;
fn ecdh(
&self,
parameters: EcdhParams,
peer_public_key: &[u8]
) -> Result<EcdhResult, AtcaStatus>;
fn lock_config_zone(&self) -> AtcaStatus;
fn lock_data_zone(&self) -> AtcaStatus;
fn lock_slot(&self, slot_id: u8) -> AtcaStatus;
fn load_config_into_chip(&self, config: &[u8]) -> AtcaStatus;
fn get_device_type(&self) -> AtcaDeviceType;
fn is_configuration_locked(&self) -> bool;
fn is_data_zone_locked(&self) -> bool;
fn get_config(&self, atca_slots: &mut Vec<AtcaSlot>) -> AtcaStatus;
fn info_cmd(&self, _command: InfoCmdType) -> Result<Vec<u8>, AtcaStatus>;
fn add_access_key(&self, slot_id: u8, encryption_key: &[u8]) -> AtcaStatus;
fn flush_access_keys(&self) -> AtcaStatus;
fn get_serial_number(&self) -> [u8; 9];
fn is_aes_enabled(&self) -> bool;
fn is_kdf_aes_enabled(&self) -> bool;
fn is_kdf_iv_enabled(&self) -> bool;
fn is_io_protection_key_enabled(&self) -> bool;
fn get_ecdh_output_protection_state(&self) -> OutputProtectionState;
fn get_kdf_output_protection_state(&self) -> OutputProtectionState;
fn wakeup(&self) -> AtcaStatus;
fn sleep(&self) -> AtcaStatus;
fn release(&self) -> AtcaStatus;
}
Required methods
fn random(&self, rand_out: &mut Vec<u8>) -> AtcaStatus
fn random(&self, rand_out: &mut Vec<u8>) -> AtcaStatus
Request ATECC to generate a vector of random bytes
Request ATECC to compute a message hash (SHA256)
fn nonce(&self, target: NonceTarget, data: &[u8]) -> AtcaStatus
fn nonce(&self, target: NonceTarget, data: &[u8]) -> AtcaStatus
Execute a Nonce command in pass-through mode to load one of the device’s internal buffers with a fixed value. For the ATECC608A, available targets are TempKey (32 or 64 bytes), Message Digest Buffer (32 or 64 bytes), or the Alternate Key Buffer (32 bytes). For all other devices, only TempKey (32 bytes) is available.
fn nonce_rand(&self, host_nonce: &[u8], rand_out: &mut Vec<u8>) -> AtcaStatus
fn nonce_rand(&self, host_nonce: &[u8], rand_out: &mut Vec<u8>) -> AtcaStatus
Execute a Nonce command to generate a random nonce combining a host nonce and a device random number.
fn gen_key(&self, key_type: KeyType, slot_id: u8) -> AtcaStatus
fn gen_key(&self, key_type: KeyType, slot_id: u8) -> AtcaStatus
Request ATECC to generate a cryptographic key
fn import_key(
&self,
key_type: KeyType,
key_data: &[u8],
slot_id: u8
) -> AtcaStatus
fn import_key(
&self,
key_type: KeyType,
key_data: &[u8],
slot_id: u8
) -> AtcaStatus
Request ATECC to import a cryptographic key
fn export_key(
&self,
key_type: KeyType,
key_data: &mut Vec<u8>,
slot_id: u8
) -> AtcaStatus
fn export_key(
&self,
key_type: KeyType,
key_data: &mut Vec<u8>,
slot_id: u8
) -> AtcaStatus
Request ATECC to export a cryptographic key. For cryptographic security reasons, with KeyType = P256EccKey this function exports only public key
fn get_public_key(&self, slot_id: u8, public_key: &mut Vec<u8>) -> AtcaStatus
fn get_public_key(&self, slot_id: u8, public_key: &mut Vec<u8>) -> AtcaStatus
Depending on the socket configuration, this function calculates public key based on an existing private key in the socket or exports the public key directly
Request ATECC to generate an ECDSA signature
fn verify_hash(
&self,
mode: VerifyMode,
hash: &[u8],
signature: &[u8]
) -> Result<bool, AtcaStatus>
fn verify_hash(
&self,
mode: VerifyMode,
hash: &[u8],
signature: &[u8]
) -> Result<bool, AtcaStatus>
Request ATECC to verify ECDSA signature
fn cipher_encrypt(
&self,
algorithm: CipherAlgorithm,
slot_id: u8,
data: &mut Vec<u8>
) -> AtcaStatus
fn cipher_encrypt(
&self,
algorithm: CipherAlgorithm,
slot_id: u8,
data: &mut Vec<u8>
) -> AtcaStatus
Data encryption function in AES unauthenticated cipher alhorithms modes
fn cipher_decrypt(
&self,
algorithm: CipherAlgorithm,
slot_id: u8,
data: &mut Vec<u8>
) -> AtcaStatus
fn cipher_decrypt(
&self,
algorithm: CipherAlgorithm,
slot_id: u8,
data: &mut Vec<u8>
) -> AtcaStatus
Data decryption function in AES unauthenticated cipher alhorithms modes
fn aead_encrypt(
&self,
algorithm: AeadAlgorithm,
slot_id: u8,
data: &mut Vec<u8>
) -> Result<Vec<u8>, AtcaStatus>
fn aead_encrypt(
&self,
algorithm: AeadAlgorithm,
slot_id: u8,
data: &mut Vec<u8>
) -> Result<Vec<u8>, AtcaStatus>
Data encryption function in AES AEAD (authenticated encryption with associated data) modes
fn aead_decrypt(
&self,
algorithm: AeadAlgorithm,
slot_id: u8,
data: &mut Vec<u8>
) -> Result<bool, AtcaStatus>
fn aead_decrypt(
&self,
algorithm: AeadAlgorithm,
slot_id: u8,
data: &mut Vec<u8>
) -> Result<bool, AtcaStatus>
Data decryption function in AES AEAD (authenticated encryption with associated data) modes
fn mac_compute(
&self,
algorithm: MacAlgorithm,
slot_id: u8,
data: &[u8]
) -> Result<Vec<u8>, AtcaStatus>
fn mac_compute(
&self,
algorithm: MacAlgorithm,
slot_id: u8,
data: &[u8]
) -> Result<Vec<u8>, AtcaStatus>
A function that calculates the MAC (Message Authentication Code) value for a message
fn mac_verify(
&self,
algorithm: MacAlgorithm,
slot_id: u8,
data: &[u8]
) -> Result<bool, AtcaStatus>
fn mac_verify(
&self,
algorithm: MacAlgorithm,
slot_id: u8,
data: &[u8]
) -> Result<bool, AtcaStatus>
A function that verifies the value of MAC (Message Authentication Code) for a message
KDF command function, which derives a new key in PRF, AES, or HKDF modes. According to RFC-5869, the HKDF mode consists of two steps, extract and expand. The “HMAC-Hash” base operation is implemented in the ATECC608x chip, so to perform full HKDF operation, proceed as described in chapter 2 of RFC-5869, first calculate PRK = HMAC-Hash(salt, IKM) and then use obtained PRK to obtain the resulting OKM, again using the same “HMAC-Hash” function, i.e. this “fn kdf”, according to the algorithm from section 2.3 of RFC-5869.
fn ecdh(
&self,
parameters: EcdhParams,
peer_public_key: &[u8]
) -> Result<EcdhResult, AtcaStatus>
fn ecdh(
&self,
parameters: EcdhParams,
peer_public_key: &[u8]
) -> Result<EcdhResult, AtcaStatus>
Function for generating premaster secret key using ECDH
fn lock_config_zone(&self) -> AtcaStatus
fn lock_config_zone(&self) -> AtcaStatus
Execute this command prevents future modifications of the Configuration zone. This command fails if the designated area is already locked.
fn lock_data_zone(&self) -> AtcaStatus
fn lock_data_zone(&self) -> AtcaStatus
Execute this command prevents future modifications of the Data and OTP zones. This command fails if the designated area is already locked.
fn lock_slot(&self, slot_id: u8) -> AtcaStatus
fn lock_slot(&self, slot_id: u8) -> AtcaStatus
Lock an individual slot in the data zone on an ATECC device. Not available for ATSHA devices. Slot must be configured to be slot lockable slots[slot_idx].config.lockable = true. This command fails if the designated area is already locked.
fn load_config_into_chip(&self, config: &[u8]) -> AtcaStatus
fn load_config_into_chip(&self, config: &[u8]) -> AtcaStatus
Function for uploading configuration to the chip. First 16 bytes of data are skipped as they are not writable. LockValue and LockConfig are also skipped and can only be changed via the Lock command. This command may fail if UserExtra and/or Selector bytes have already been set to non-zero values.
fn get_device_type(&self) -> AtcaDeviceType
fn get_device_type(&self) -> AtcaDeviceType
Request ATECC to return own device type
fn is_configuration_locked(&self) -> bool
fn is_configuration_locked(&self) -> bool
Request ATECC to check if its configuration is locked. If true, a chip can be used for cryptographic operations
fn is_data_zone_locked(&self) -> bool
fn is_data_zone_locked(&self) -> bool
Request ATECC to check if its Data Zone is locked. If true, a chip can be used for cryptographic operations
fn get_config(&self, atca_slots: &mut Vec<AtcaSlot>) -> AtcaStatus
fn get_config(&self, atca_slots: &mut Vec<AtcaSlot>) -> AtcaStatus
Returns a structure containing configuration data read from ATECC during initialization of the AteccDevice object.
fn info_cmd(&self, _command: InfoCmdType) -> Result<Vec<u8>, AtcaStatus>
fn info_cmd(&self, _command: InfoCmdType) -> Result<Vec<u8>, AtcaStatus>
Command accesses some static or dynamic information from the ATECC chip
fn add_access_key(&self, slot_id: u8, encryption_key: &[u8]) -> AtcaStatus
fn add_access_key(&self, slot_id: u8, encryption_key: &[u8]) -> AtcaStatus
A function that adds an encryption key for securely reading or writing data that is located in a specific slot on the ATECCx08 chip. Data is not written to the ATECCx08 chip, but to the AteccDevice structure
fn flush_access_keys(&self) -> AtcaStatus
fn flush_access_keys(&self) -> AtcaStatus
A function that deletes all encryption keys for secure read or write operations performed by the ATECCx08 chip
fn get_serial_number(&self) -> [u8; 9]
fn get_serial_number(&self) -> [u8; 9]
Get serial number of the ATECC device
fn is_aes_enabled(&self) -> bool
fn is_aes_enabled(&self) -> bool
Checks if the chip supports AES encryption. (only relevant for the ATECC608x chip)
fn is_kdf_aes_enabled(&self) -> bool
fn is_kdf_aes_enabled(&self) -> bool
Checks if the chip supports AES for KDF operations (only relevant for the ATECC608x chip)
fn is_kdf_iv_enabled(&self) -> bool
fn is_kdf_iv_enabled(&self) -> bool
Checks if the special KDF Initialization Vector function is enabled (only relevant for the ATECC608x chip)
fn is_io_protection_key_enabled(&self) -> bool
fn is_io_protection_key_enabled(&self) -> bool
Checks whether transmission between chip and host is to be encrypted (IO encryption is only possible for ATECC608x chip)
Function that reads the read security settings of the ECDH function from chip (only relevant for the ATECC608x chip)
Function that reads the read security settings of the KDF function from chip (only relevant for the ATECC608x chip)
fn wakeup(&self) -> AtcaStatus
fn wakeup(&self) -> AtcaStatus
wakeup the CryptoAuth device
fn sleep(&self) -> AtcaStatus
fn sleep(&self) -> AtcaStatus
invoke sleep on the CryptoAuth device
fn release(&self) -> AtcaStatus
fn release(&self) -> AtcaStatus
ATECC device instance destructor