Merge pull request #383 from pennam/sn-byte

SE050 add api to read serial number bytes
arduino · Nov 20, 2024 · 3deddbe · 3deddbe
2 parents 936a7eb + 55f37fa
commit 3deddbe
Show file tree

Hide file tree

Showing 2 changed files with 71 additions and 63 deletions.
diff --git a/libraries/SE05X/src/SE05X.cpp b/libraries/SE05X/src/SE05X.cpp
@@ -69,7 +69,6 @@
                                              SE05X_EC_SIGNATURE_RAW_LENGTH
 
 #define SE05X_SHA256_LENGTH              32
-#define SE05X_SN_LENGTH                  18
 
 #define SE05X_TEMP_OBJECT                9999
 
@@ -108,22 +107,35 @@ void SE05XClass::end()
     Se05x_API_SessionClose(&_se05x_session);
 }
 
+int SE05XClass::serialNumber(byte sn[])
+{
+    return serialNumber(sn, SE05X_SN_LENGTH);
+}
+
+int SE05XClass::serialNumber(byte sn[], size_t length)
+{
+    size_t uidLen = length;
+    const int kSE05x_AppletResID_UNIQUE_ID = 0x7FFF0206;
+    smStatus_t status;
+
+    status = Se05x_API_ReadObject(&_se05x_session, kSE05x_AppletResID_UNIQUE_ID, 0, length, sn, &uidLen);
+    if (status != SM_OK || length != uidLen) {
+        SMLOG_E("Error in Se05x_API_ReadObject \n");
+        return 0;
+    }
+    return 1;
+}
+
 String SE05XClass::serialNumber()
 {
     String result = (char*)NULL;
     byte UID[SE05X_SN_LENGTH];
-    size_t uidLen = SE05X_SN_LENGTH;
-    const int kSE05x_AppletResID_UNIQUE_ID = 0x7FFF0206,
 
-    status = Se05x_API_ReadObject(&_se05x_session, kSE05x_AppletResID_UNIQUE_ID, 0, uidLen, UID, &uidLen);
-    if (status != SM_OK) {
-        SMLOG_E("Error in Se05x_API_ReadObject \n");
-        return "";
-    }
+    serialNumber(UID, sizeof(UID));
 
-    result.reserve(uidLen * 2);
+    result.reserve(SE05X_SN_LENGTH * 2);
 
-    for (size_t i = 0; i < uidLen; i++) {
+    for (size_t i = 0; i < SE05X_SN_LENGTH; i++) {
         byte b = UID[i];
 
         if (b < 16) {
@@ -168,11 +180,11 @@ int SE05XClass::random(byte data[], size_t length)
     smStatus_t status;
     uint16_t   offset = 0;
     uint16_t   left = length;
-    
+
     while (left > 0) {
         uint16_t chunk     = (left > SE05X_MAX_CHUNK_SIZE) ? SE05X_MAX_CHUNK_SIZE : left;
         size_t max_buffer  = chunk;
-        
+
         status = Se05x_API_GetRandom(&_se05x_session, chunk, (data + offset), &max_buffer);
         if (status != SM_OK) {
             SMLOG_E("Error in Se05x_API_GetRandom \n");
@@ -337,7 +349,7 @@ int SE05XClass::beginSHA256()
 {
     smStatus_t      status;
     SE05x_CryptoModeSubType_t subtype;
-    
+
     subtype.digest = kSE05x_DigestMode_SHA256;
 
     status = Se05x_API_CreateCryptoObject(&_se05x_session, kSE05x_CryptoObject_DIGEST_SHA256, kSE05x_CryptoContext_DIGEST, subtype);
@@ -357,7 +369,7 @@ int SE05XClass::beginSHA256()
 int SE05XClass::updateSHA256(const byte in[], size_t inLen)
 {
     smStatus_t      status;
-    
+
     status = Se05x_API_DigestUpdate(&_se05x_session, kSE05x_CryptoObject_DIGEST_SHA256, in, inLen);
     if (status != SM_OK) {
         SMLOG_E("Error in Se05x_API_DigestUpdate \n");
@@ -374,7 +386,7 @@ int SE05XClass::endSHA256(byte out[], size_t* outLen)
     if (*outLen < SE05X_SHA256_LENGTH) {
         SMLOG_E("Error in endSHA256 \n");
         *outLen = 0;
-        return 0;  
+        return 0;
     }
 
     status = Se05x_API_DigestFinal(&_se05x_session, kSE05x_CryptoObject_DIGEST_SHA256, NULL, 0, out, outLen);
@@ -530,7 +542,7 @@ int SE05XClass::ecdsaVerify(const byte message[], const byte signature[], const
     }
 
     if (!deleteBinaryObject(SE05X_TEMP_OBJECT)) {
-        SMLOG_E("ecdsaVerify failure deleting temporary object\n");     
+        SMLOG_E("ecdsaVerify failure deleting temporary object\n");
         return 0;
     }
 
@@ -574,7 +586,7 @@ int SE05XClass::readBinaryObject(int objectId, byte data[], size_t dataMaxLen, s
     while (left > 0) {
         uint16_t chunk     = (left > SE05X_MAX_CHUNK_SIZE) ? SE05X_MAX_CHUNK_SIZE : left;
         size_t max_buffer  = chunk;
-        
+
         status = Se05x_API_ReadObject(&_se05x_session, objectId, offset, chunk, (data + offset), &max_buffer);
         if (status != SM_OK) {
             SMLOG_E("Error in Se05x_API_ReadObject \n");
@@ -621,8 +633,6 @@ int SE05XClass::writeAESKey(int objectId, const byte data[], size_t length)
 {
     smStatus_t      status;
     SE05x_Result_t  result;
-    uint16_t        offset = 0;
-    uint16_t        size;
 
     status = Se05x_API_CheckObjectExists(&_se05x_session, objectId, &result);
     if (status != SM_OK) {
@@ -635,9 +645,7 @@ int SE05XClass::writeAESKey(int objectId, const byte data[], size_t length)
         return 0;
     }
 
-    uint16_t left = length;
-
-    status = Se05x_API_WriteSymmKey(&_se05x_session, NULL, 3, objectId, NULL, data, length, kSE05x_INS_NA, kSE05x_SymmKeyType_AES);
+    status = Se05x_API_WriteSymmKey(&_se05x_session, NULL, 3, objectId, SE05x_KeyID_KEK_NONE, data, length, kSE05x_INS_NA, kSE05x_SymmKeyType_AES);
 
     if (status != SM_OK) {
         SMLOG_E("Error in Se05x_API_WriteSymmKey \n");
@@ -650,9 +658,6 @@ int SE05XClass::writeHMACKey(int objectId, const byte data[], size_t length)
 {
     smStatus_t      status;
     SE05x_Result_t  result;
-    uint8_t         exists = 0;
-    uint16_t        offset = 0;
-    uint16_t        size;
 
     status = Se05x_API_CheckObjectExists(&_se05x_session, objectId, &result);
     if (status != SM_OK) {
@@ -662,7 +667,6 @@ int SE05XClass::writeHMACKey(int objectId, const byte data[], size_t length)
 
     if (result == kSE05x_Result_SUCCESS) {
         SMLOG_E("Object exists \n");
-        exists = 1;
     }
 
     status = Se05x_API_WriteSymmKey(&_se05x_session, NULL, 0, objectId, SE05x_KeyID_KEK_NONE, data, length, kSE05x_INS_NA, kSE05x_SymmKeyType_HMAC);
@@ -784,9 +788,9 @@ int SE05XClass::getECKeyXyValuesFromDER(byte* derKey, size_t derLen, byte* rawKe
     if(*rawLen < SE05X_EC_KEY_RAW_LENGTH) {
         SMLOG_E("Error in getECKeyXyValuesFromDER \n");
         *rawLen = 0;
-        return 0;    
+        return 0;
     }
-    
+
     /* XY values are stored in the last 64 bytes of DER buffer */
     *rawLen = SE05X_EC_KEY_RAW_LENGTH;
     memcpy(rawKey, &derKey[derLen - SE05X_EC_KEY_RAW_LENGTH], SE05X_EC_KEY_RAW_LENGTH);
@@ -799,15 +803,15 @@ int SE05XClass::setECKeyXyVauesInDER(const byte* rawKey, size_t rawLen, byte* de
     if(rawLen != SE05X_EC_KEY_RAW_LENGTH) {
         SMLOG_E("Error in setECKeyXyVauesInDER invalid raw key\n");
         *derLen = 0;
-        return 0;    
+        return 0;
     }
 
     if(*derLen < SE05X_EC_KEY_DER_LENGTH) {
         SMLOG_E("Error in setECKeyXyVauesInDER buffer too small\n");
         *derLen = 0;
-        return 0;    
+        return 0;
     }
-    
+
     /* Copy header byte from 0 to 25 */
     memcpy(&derKey[0], &ecc_der_header_nist256[0], SE05X_EC_KEY_DER_HEADER_LENGTH);
     /* Add format byte */
@@ -827,13 +831,13 @@ int SE05XClass::getECSignatureRsValuesFromDER(byte* derSignature, size_t derLen,
     if ((derLen < SE05X_EC_SIGNATURE_MIN_DER_LENGTH) || (derLen > SE05X_EC_SIGNATURE_MAX_DER_LENGTH)) {
         SMLOG_E("Error in getECSignatureRsValuesFromDER invalid signature\n");
         *rawLen = 0;
-        return 0;  
+        return 0;
     }
 
     if (*rawLen < SE05X_EC_SIGNATURE_RAW_LENGTH) {
         SMLOG_E("Error in getECSignatureRsValuesFromDER buffer too small\n");
         *rawLen = 0;
-        return 0;  
+        return 0;
     }
 
     rLen = derSignature[3];
@@ -868,7 +872,7 @@ int SE05XClass::setECSignatureRsValuesInDER(const byte* rawSignature, size_t raw
 {
     /**
      * Always consider worst case with padding
-     * 
+     *
      * | 0x30 0x46 0x02 0x21 0x00 | R values 32 bytes | 0x02 0x21 0x00 | S values 32 bytes |
      *
      */