Function definitions used in OpenSSL ENGINE. More...

#include <openssl/engine.h>
#include <openssl/ossl_typ.h>
#include "atca_status.h"
#include "atcatls_cfg.h"
#include "atcatls.h"

Macros
#define	ECCX08_ENGINE_VERSION "01.00.00"

#define	NID_id_ATECCX08 (1001)

#define	TOKEN_FILE_VERSION (0x0)

#define	PRIVATE_KEY_ID (0x1)

#define	PUBLIC_KEY_ID (0x2)

#define	KEY_LIMITS_LOCKED (0x1)

#define	KEY_LIMITS_UNLOCKED (0x2)

#define	KEY_LIMITS_COUNTED (0x3)

#define	ECCX08_CMD_GET_VERSION (ENGINE_CMD_BASE)

#define	ECCX08_CMD_GET_SIGNER_CERT (ENGINE_CMD_BASE + 1)

#define	ECCX08_CMD_GET_PUB_KEY (ENGINE_CMD_BASE + 2)

#define	ECCX08_CMD_GET_DEVICE_CERT (ENGINE_CMD_BASE + 3)

#define	ECCX08_CMD_VERIFY_SIGNER_CERT (ENGINE_CMD_BASE + 4)

#define	ECCX08_CMD_VERIFY_DEVICE_CERT (ENGINE_CMD_BASE + 5)

#define	ECCX08_CMD_GET_ROOT_CERT (ENGINE_CMD_BASE + 6)

#define	ECCX08_CMD_EXTRACT_ALL_CERTS (ENGINE_CMD_BASE + 7)

#define	ECCX08_CMD_GET_PRIV_KEY (ENGINE_CMD_BASE + 8)

#define	ECCX08_SLOT8_ENC_STORE_LEN (416)

#define	MAX_RAND_BYTES (10037)

Functions
int	eccx08_debug (const char *fmt,...)

ATCA_STATUS	eccx08_get_enc_key (uint8_t *enckey, int16_t keysize)
	A user defined function that fills a raw buffer (32 bytes) with the platform-specific encryption key. More...

int	eccx08_pkey_meth_f (ENGINE e, EVP_PKEY_METHOD pkey_meth, const int *nids, int nid)
	Initialize the EVP_PKEY_METHOD method callback for ateccx08 engine. Just returns a pointer to EVP_PKEY_METHOD eccx08_pkey_meth. More...

int	eccx08_pkey_asn1_meth_f (ENGINE e, EVP_PKEY_ASN1_METHOD pkey_meth, const int *nids, int nid)
	Initialize the EVP_PKEY_ASN1_METHOD method callback for ateccx08 engine. Just returns a pointer to EVP_PKEY_METHOD eccx08_pkey_meth. More...

EVP_PKEY *	eccx08_load_privkey (ENGINE e, const char key_id, UI_METHOD ui_method, void callback_data)
	Allocates the EVP_PKEY structure, decrypt the RSA private key, and load it to the allocated EVP_PKEY structure. The encryption key is retrieved from the ECCX08 chip. See the eccx08_rsa_keygen() function from the eccx08_rsa_meth.c file for details. More...

EVP_PKEY *	eccx08_load_pubkey (ENGINE e, const char key_id, UI_METHOD ui_method, void callback_data)
	Allocates the EVP_PKEY structure and load there an ECC public key returned by the ECCX08 chip. More...

int	eccx08_destroy (ENGINE *e)
	Deinitialize the ateccx08 engine. Destructor (complements the "ENGINE_ateccx08()" constructor) More...

int	eccx08_init (ENGINE *e)
	Initialization the ateccx08 engine. More...

int	eccx08_finish (ENGINE *e)
	Complete all functions before deinitialization of the ateccx08 engine. More...

int	eccx08_ctrl (ENGINE e, int cmd, long i, void p, void(*f)())
	Call a function of the ateccx08 engine depending on provided command. This is an extension of OpenSSL: there is no openssl cli command to call this function. See run_engine_cmds() function from the tlsutils.c file for details. More...

int	eccx08_rand_init (void)
	Initialize the RAND method for ateccx08 engine. More...

int	eccx08_pkey_meth_init (void)
	Initialize the EVP_PKEY_METHOD method for ateccx08 engine. More...

int	eccx08_pkey_asn1_meth_init (void)
	Initialize the EVP_PKEY_ASN1_METHOD method for ateccx08 engine. More...

int	eccx08_ecdh_init (uint32_t use_software)
	Initialize the ECDH method for ateccx08 engine. More...

int	eccx08_cmd_defn_init (ENGINE *e)
	Initialize the CMD method for ateccx08 engine. More...

int	eccx08_cmd_ctrl (ENGINE e, int cmd, long i, void p, void(*f)(void))
	Call a function of the ateccx08 engine depending on provided command. This is an extension of OpenSSL: there is no openssl cli command to call this function. See run_engine_cmds() function from the tlsutils.c file for details. More...

int	eccx08_eckey_fill_key (char ptr, int size, uint8_t slot_id, uint8_t serial_number, int serial_len)
	Fills a raw buffer (32 bytes) with data to save into the private key structure. More...

int	eccx08_eckey_encode_in_privkey (EC_KEY eckey, uint8_t slot_id, uint8_t serial_number, int serial_len)
	Converts 32 bytes from ATECC508 format to the openssl EC_KEY structure. It allocates EC_KET structure and does not free it (must be a caller to free) More...

int	eccx08_eckey_compare_privkey (EC_KEY eckey, uint8_t slot_id, uint8_t serial_number, int serial_len)
	Checks if the private key in the openssl EC_KEY structure corresponds to the private key in the ATECCCX08 slot. More...

int	eccx08_generate_key (EC_KEY eckey, uint8_t serial_number, int serial_len)
	Generates a 32-byte private key then replaces it with token data using the eccx08_eckey_encode_in_privkey() call. More...

int	eccx08_eckey_convert (EC_KEY *p_eckey, uint8_t raw_pubkey, uint8_t *serial_number, int serial_len)
	Converts raw 64 bytes of public key (ATECC508 format) to the openssl EC_KEY structure. It allocates EC_KEY structure and does not free it (must be a caller to free) More...

int	eccx08_BN_encrypt (BIGNUM number, uint8_t iv, uint8_t *aes_key)
	Encrypt a BIGNUM data using AES-256 OFB mode. More...

int	eccx08_BN_decrypt (BIGNUM number, uint8_t iv, uint8_t *aes_key)
	Decrypt a BIGNUM data using AES-256 OFB mode. Assuming that data there was encrypted using the eccx08_BN_encrypt(). More...

const RSA_METHOD *	ECCX08_RSA_meth (void)
	Returns a pointer to eccx08 RSA method implementation. More...

Variables
ECDH_METHOD	eccx08_ecdh
	eccx08_ecdh is an OpenSSL ECDH_METHOD structure specific to the ateccx08 engine. See the crypto/ecdh/ech_locl.h file for details on the ECDH_METHOD structure. Note that ECDH method requires a patch to be applied to the openssl code.

RAND_METHOD	eccx08_rand
	eccx08_rand is an OpenSSL RAND_METHOD structure specific to the ateccx08 engine. See the crypto/rand/rand.h file for details on the struct rand_meth_st

EVP_PKEY_ASN1_METHOD	eccx08_pkey_asn1_meth
	eccx08_pkey_asn1_meth is an OpenSSL EVP_PKEY_ASN1_METHOD structure specific to the ateccx08 engine. See the crypto/asn1/asn1_locl.h file for details on the struct evp_pkey_asn1_method_st

ECDSA_METHOD	eccx08_ecdsa
	eccx08_ecdsa is an OpenSSL ECDSA_METHOD structure specific to the ateccx08 engine. See the crypto/ecdsa/ecs_locl.h file for details on the ECDSA_METHOD structure

ATCAIfaceCfg *	pCfg

uint8_t	test_priv_key [MEM_BLOCK_SIZE]

uint8_t	test_pub_key [MEM_BLOCK_SIZE *2]

Detailed Description

Function definitions used in OpenSSL ENGINE.

Function Documentation

int eccx08_BN_decrypt	(	BIGNUM *	number,
		uint8_t *	iv,
		uint8_t *	aes_key
	)

Decrypt a BIGNUM data using AES-256 OFB mode. Assuming that data there was encrypted using the eccx08_BN_encrypt().

Parameters

int eccx08_BN_encrypt	(	BIGNUM *	number,
		uint8_t *	iv,
		uint8_t *	aes_key
	)

Encrypt a BIGNUM data using AES-256 OFB mode.

Parameters

int eccx08_cmd_ctrl	(	ENGINE *	e,
		int	cmd,
		long	i,
		void *	p,
		void(*)(void)	f
	)

Call a function of the ateccx08 engine depending on provided command. This is an extension of OpenSSL: there is no openssl cli command to call this function. See run_engine_cmds() function from the tlsutils.c file for details.

Parameters

[in]	e	a pointer to the ENGINE structure
[in]	cmd	a command to execute. For the full list of commands see ECCX08_CMD_* defines in the ecc_meth.h file
[in]	i	an integer parameter of the command
[in,out]	p	a string parameter of the command
[in]	f	a function pointer parameter of the command

Returns: 1 for success

int eccx08_cmd_defn_init ( ENGINE * e )

Initialize the CMD method for ateccx08 engine.

Parameters

[in] e a pointer to the ENGINE structure

Returns: 1 for success

int eccx08_ctrl	(	ENGINE *	e,
		int	cmd,
		long	i,
		void *	p,
		void(*)()	f
	)

Call a function of the ateccx08 engine depending on provided command. This is an extension of OpenSSL: there is no openssl cli command to call this function. See run_engine_cmds() function from the tlsutils.c file for details.

Parameters

[in]	e	A pointer to the ENGINE structure
[in]	cmd	A command to execute. For the full list of commands see ECCX08_CMD_* defines in the ecc_meth.h file
[in]	i	An integer parameter of the command
[in,out]	p	A string parameter of the command
[in]	f	A function pointer parameter of the command

Returns: ATCA_SUCCESS for success

int eccx08_destroy ( ENGINE * e )

Deinitialize the ateccx08 engine. Destructor (complements the "ENGINE_ateccx08()" constructor)

Parameters

[in] e A pointer to Engine structure that completely describes the engine

Returns: For success return 1

int eccx08_ecdh_init ( uint32_t use_software )

Initialize the ECDH method for ateccx08 engine.

Returns: 1 for success

int eccx08_eckey_compare_privkey	(	EC_KEY *	eckey,
		uint8_t	slot_id,
		uint8_t *	serial_number,
		int	serial_len
	)

Checks if the private key in the openssl EC_KEY structure corresponds to the private key in the ATECCCX08 slot.

eccx08_eckey_compare_privkey()

Parameters

[in,out]	eckey	Pointer to EC_KEY with Private key token on success
[in]	slot_id	ATECCX08 slot ID
[in]	serial_number	9 bytes of ATECCX08 serial number
[in]	serial_len	Size of the ATECCX08 serial number buffer

Returns: 1 on success, 0 on error

int eccx08_eckey_convert	(	EC_KEY **	p_eckey,
		uint8_t *	raw_pubkey,
		uint8_t *	serial_number,
		int	serial_len
	)

Converts raw 64 bytes of public key (ATECC508 format) to the openssl EC_KEY structure. It allocates EC_KEY structure and does not free it (must be a caller to free)

eccx08_eckey_convert()

Parameters

[out]	p_eckey	Pointer to EC_KEY with Public Key on success
[in]	raw_pubkey	Raw public key, 64 bytes length 32-byte X following with 32-byte Y
[in]	serial_number	9 bytes of ATECCX08 serial number
[in]	serial_len	Size of the ATECCX08 serial number buffer

Returns: 1 on success, 0 on error

int eccx08_eckey_encode_in_privkey	(	EC_KEY *	eckey,
		uint8_t	slot_id,
		uint8_t *	serial_number,
		int	serial_len
	)

Converts 32 bytes from ATECC508 format to the openssl EC_KEY structure. It allocates EC_KET structure and does not free it (must be a caller to free)

eccx08_eckey_encode_in_privkey()

Parameters

int eccx08_eckey_fill_key	(	char *	ptr,
		int	size,
		uint8_t	slot_id,
		uint8_t *	serial_number,
		int	serial_len
	)

Fills a raw buffer (32 bytes) with data to save into the private key structure.

eccx08_eckey_fill_key()

Parameters

[in,out]	ptr	Pointer to a buffer to fill the key data
[in]	slot_id	ATECCX08 slot ID
[in]	serial_number	9 bytes of ATECCX08 serial number
[in]	serial_len	Size of the ATECCX08 serial number buffer

Returns: 1 on success, 0 on error

int eccx08_finish ( ENGINE * e )

Complete all functions before deinitialization of the ateccx08 engine.

Parameters

[in] e A pointer to Engine structure that completely describes the engine

Returns: 1 for success

int eccx08_generate_key	(	EC_KEY *	eckey,
		uint8_t *	serial_number,
		int	serial_len
	)

Generates a 32-byte private key then replaces it with token data using the eccx08_eckey_encode_in_privkey() call.

eccx08_generate_key()

Parameters

[out]	p_eckey	Pointer to EC_KEY with Public Key on success
[in]	serial_number	9 bytes of ATECCX08 serial number
[in]	serial_len	Size of the ATECCX08 serial number buffer

Returns: 1 on success, 0 on error

ATCA_STATUS eccx08_get_enc_key	(	uint8_t *	enckey,
		int16_t	keysize
	)

A user defined function that fills a raw buffer (32 bytes) with the platform-specific encryption key.

USER: Platform needs to to provide secure storage for this encryption key

Parameters

[in,out]	enckey	Pointer to a buffer to fill with the encryption key data
[in]	keysize	The size of the enckey buffer (number of bytes should be MEM_BLOCK_SIZE)

Returns: 1 on success, 0 on error

int eccx08_init ( ENGINE * e )

Initialization the ateccx08 engine.

Parameters

[in] e A pointer to Engine structure that completely describes the engine

Returns: For success return 1

EVP_PKEY* eccx08_load_privkey	(	ENGINE *	e,
		const char *	file,
		UI_METHOD *	ui_method,
		void *	callback_data
	)

Allocates the EVP_PKEY structure, decrypt the RSA private key, and load it to the allocated EVP_PKEY structure. The encryption key is retrieved from the ECCX08 chip. See the eccx08_rsa_keygen() function from the eccx08_rsa_meth.c file for details.

Parameters

[in]	e	- a pointer to the engine (ateccx08 in our case).
[in]	file	- the file name associated with the private key
[in]	ui_method	- a pointer to the UI_METHOD structure (not used by the ateccx08 engine)
[in]	callback_data	- an optional parameter to provide the callback data (not used by the ateccx08 engine)

Returns: EVP_PKEY for success, NULL otherwise

EVP_PKEY* eccx08_load_pubkey	(	ENGINE *	e,
		const char *	key_id,
		UI_METHOD *	ui_method,
		void *	callback_data
	)

Allocates the EVP_PKEY structure and load there an ECC public key returned by the ECCX08 chip.

Parameters

[in]	e	- a pointer to the engine (ateccx08 in our case).
[in]	key_id	- a string for key ID (not used by the ateccx08 engine)
[in]	ui_method	- a pointer to the UI_METHOD structure (not used by the ateccx08 engine)
[in]	callback_data	- an optional parameter to provide the callback data (not used by the ateccx08 engine)

Returns: EVP_PKEY for success, NULL otherwise

int eccx08_pkey_asn1_meth_f	(	ENGINE *	e,
		EVP_PKEY_ASN1_METHOD **	pkey_asn1_meth,
		const int **	nids,
		int	nid
	)

Initialize the EVP_PKEY_ASN1_METHOD method callback for ateccx08 engine. Just returns a pointer to EVP_PKEY_METHOD eccx08_pkey_meth.

Parameters

[in]	e	- a pointer to the engine (ateccx08 in our case).
[out]	pkey_asn1_meth	- a double pointer to EVP_PKEY_ASN1_METHOD to return the EVP_PKEY_ASN1_METHOD eccx08_pkey_asn1_meth
[out]	nids	- a double pointer to return an array of nid's (we return 0)
[in]	nid	- a number of expected nid's (we ignore this parameter)

Returns: 1 for success

int eccx08_pkey_asn1_meth_init ( void )

Initialize the EVP_PKEY_ASN1_METHOD method for ateccx08 engine.

Returns: 1 for success

int eccx08_pkey_meth_f	(	ENGINE *	e,
		EVP_PKEY_METHOD **	pkey_meth,
		const int **	nids,
		int	nid
	)

Initialize the EVP_PKEY_METHOD method callback for ateccx08 engine. Just returns a pointer to EVP_PKEY_METHOD eccx08_pkey_meth.

Parameters

[in]	e	- a pointer to the engine (ateccx08 in our case).
[out]	pkey_meth	- a double pointer to EVP_PKEY_METHOD to return the EVP_PKEY_METHOD eccx08_pkey_meth
[out]	nids	- a double pointer to return an array of nid's (we return 0)
[in]	nid	- a number of expected nid's (we ignore this parameter)

Returns: 1 for success

int eccx08_pkey_meth_init ( void )

Initialize the EVP_PKEY_METHOD method for ateccx08 engine.

Returns: 1 for success

int eccx08_rand_init ( void )

Initialize the RAND method for ateccx08 engine.

Returns: 1 for success

const RSA_METHOD* ECCX08_RSA_meth ( void )

Returns a pointer to eccx08 RSA method implementation.

Returns: a pointer to RSA_METHOD structure

Macros

Functions

Variables

Detailed Description

Function Documentation