Add AES encrypt/decrypt support for SE05X on Arduino with two example sketches.

Author: jowin202

libraries/SE05X/examples/SE05XAESEncryptandDecrypt/SE05XAESEncryptandDecrypt.ino

@@ -0,0 +1,56 @@
+/*
+  SE05X AES Encrypt and Decrypt
+
+  This sketch uses the SE05X to encrypt and decrypt given data
+  with an AES key, which was uploaded in the SE05XWriteAESKey
+  example. This sketch encrypts 32 bytes with AES ECB Mode
+  and then decrypt this data for comparing the results.
+
+  Circuit:
+   - Portenta C33
+*/
+
+#include <SE05X.h>
+
+
+const int AES_KEY_ID = 666;
+const byte data[32] = {
+  0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
+  0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f
+};
+
+
+void print_hex(const byte in[], size_t len) {
+  for (size_t i = 0; i < len; i++) {
+    Serial.print(in[i] >> 4, HEX);
+    Serial.print(in[i] & 0x0f, HEX);
+  }
+  Serial.println();
+}
+
+void setup() {
+  Serial.begin(9600);
+  while (!Serial);
+
+
+  if (!SE05X.begin()) {
+    Serial.println("Error with secure element");
+    while(1);
+  }
+
+
+  size_t encrypted_data_len = 32;
+  size_t decrypted_data_len = 32;
+  byte encrypted_data[32];
+  byte decrypted_data[32];
+
+  int status1 = SE05X.AES_ECB_encrypt(AES_KEY_ID,           data, sizeof(data), encrypted_data, &encrypted_data_len);
+  int status2 = SE05X.AES_ECB_decrypt(AES_KEY_ID, encrypted_data, sizeof(data), decrypted_data, &decrypted_data_len);
+  print_hex(data,32);
+  print_hex(encrypted_data,32);
+  print_hex(decrypted_data,32);
+}
+
+void loop() {
+
+}

libraries/SE05X/examples/SE05XAESWriteKey/SE05XAESWriteKey.ino

@@ -0,0 +1,33 @@
+/*
+  SE05X WriteAESKey
+
+  This sketch uses the SE05X to securely store an AES key. When the key is uploaded to
+  SE05X, the sketch on the Arduino should be overwritten. 
+
+  Circuit:
+   - Portenta C33
+*/
+
+#include <SE05X.h>
+
+const int AES_KEY_ID = 666;
+const byte aes_key[32] = {
+  0xFF, 0x33, 0xFF, 0x33, 0xFF, 0x33, 0xFF, 0x33, 0xFF, 0x33, 0xFF, 0x33, 0x33, 0x33, 0xFF, 0x33,
+  0xFF, 0x33, 0xFF, 0x33, 0xFF, 0x33, 0xFF, 0x33, 0xFF, 0x33, 0xFF, 0x33, 0x33, 0x33, 0xFF, 0x44
+};
+
+void setup() {
+  Serial.begin(9600);
+  
+  if (!SE05X.begin()) {
+    Serial.println("Error with secure element");
+    while(1);
+  }
+
+  SE05X.deleteBinaryObject(AES_KEY_ID);
+  SE05X.writeAESKey(AES_KEY_ID, aes_key, sizeof(aes_key));
+}
+
+void loop() {
+
+}

libraries/SE05X/src/SE05X.cpp

@@ -595,6 +595,57 @@ int SE05XClass::readSlot(int slot, byte data[], int length)
     return readBinaryObject(slot, data, length, &size);
 }
 
+int SE05XClass::AES_ECB_encrypt(int objectId, const byte data[], size_t data_length, byte output[], size_t *output_len)
+{
+    smStatus_t status;
+    status = Se05x_API_CipherOneShot(&_se05x_session, objectId, kSE05x_CipherMode_AES_ECB_NOPAD, data, data_length, 0, 0, output, output_len, kSE05x_Cipher_Oper_OneShot_Encrypt);
+    if (status != SM_OK) {
+        SMLOG_E("Error in Se05x_API_CipherOneShot \n");
+        return 0;
+    }
+    return 1;
+}
+
+int SE05XClass::AES_ECB_decrypt(int objectId, const byte data[], size_t data_length, byte output[], size_t *output_len)
+{
+    smStatus_t status;
+    status = Se05x_API_CipherOneShot(&_se05x_session, objectId, kSE05x_CipherMode_AES_ECB_NOPAD, data, data_length, 0, 0, output, output_len, kSE05x_Cipher_Oper_OneShot_Decrypt);
+    if (status != SM_OK) {
+        SMLOG_E("Error in Se05x_API_CipherOneShot \n");
+        return 0;
+    }
+    return 1;
+}
+
+int SE05XClass::writeAESKey(int objectId, const byte data[], size_t length)
+{
+    smStatus_t      status;
+    SE05x_Result_t  result;
+    uint16_t        offset = 0;
+    uint16_t        size;
+
+    status = Se05x_API_CheckObjectExists(&_se05x_session, objectId, &result);
+    if (status != SM_OK) {
+        SMLOG_E("Error in Se05x_API_CheckObjectExists \n");
+        return 0;
+    }
+
+    if (result == kSE05x_Result_SUCCESS) {
+        SMLOG_E("Object exists \n");
+        return 0;
+    }
+
+    uint16_t left = length;
+
+    status = Se05x_API_WriteSymmKey(&_se05x_session, NULL, 3, objectId, NULL, data, length, kSE05x_INS_NA, kSE05x_SymmKeyType_AES);
+
+    if (status != SM_OK) {
+        SMLOG_E("Error in Se05x_API_WriteSymmKey \n");
+        return 0;
+    }
+    return 1;
+}
+
 int SE05XClass::writeBinaryObject(int objectId, const byte data[], size_t length)
 {
     smStatus_t      status;

libraries/SE05X/src/SE05X.h

@@ -194,6 +194,46 @@ class SE05XClass
      */    
     int readBinaryObject(int ObjectId, byte data[], size_t dataMaxLen, size_t* length);
 
+    /** AES_ECB_encrypt
+     *
+     * Enrypts something with AES ECB
+     *
+     * @param[in] ObjectId SE050 object ID
+     * @param[in] data Input data buffer
+     * @param[in] length Input data buffer size (should be a multiple of 16 bytes)
+     * @param[out] output Output data buffer
+     * @param[out] output_length Output data buffer size (same as input)
+     *
+     * @return 0 on Failure 1 on Success
+     */
+    int AES_ECB_encrypt(int objectId, const byte data[], size_t data_length, byte output[], size_t *output_len);
+
+    /** AES_ECB_decrypt
+     *
+     * Enrypts something with AES ECB
+     *
+     * @param[in] ObjectId SE050 object ID
+     * @param[in] data Input data buffer
+     * @param[in] length Input data buffer size (should be a multiple of 16 bytes)
+     * @param[out] output Output data buffer
+     * @param[out] output_length Output data buffer size (same as input)
+     *
+     * @return 0 on Failure 1 on Success
+     */
+    int AES_ECB_decrypt(int objectId, const byte data[], size_t data_length, byte output[], size_t *output_len);
+
+    /** writeAESKey
+     *
+     * Writes symmetric key into SE050 object.
+     *
+     * @param[in] ObjectId SE050 object ID
+     * @param[in] data Input data buffer
+     * @param[in] length Input data buffer size
+     *
+     * @return 0 on Failure 1 on Success
+     */
+    int writeAESKey(int ObjectId, const byte data[], size_t length);
+
     /** writeBinaryObject
      *
      * Writes binary data into SE050 object.