Google Git
Sign in
coral / a71ch-crypto-support / 8dc1f1434da50a4b7361d651239c1f3f4f8cc25b / . / doc / a71ch / a71ch_miscellaneous.html
blob: d1e31f16eadd0db41f5dacc51eb951d667a5ae73 [file] [log] [blame]
<!DOCTYPE html>
<!--
Copyright 2019 NXP
This software is owned or controlled by NXP and may only be used
strictly in accordance with the applicable license terms. By expressly
accepting such terms or by downloading, installing, activating and/or
otherwise using the software, you are agreeing that you have read, and
that you agree to comply with and are bound by, such license terms. If
you do not agree to be bound by the applicable license terms, then you
may not retain, install, activate or otherwise use the software.
-->
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8" />
<title>10.2. Miscellaneous &#8212; Plug &amp; Trust MW v03.00.05 documentation</title>
<link rel="stylesheet" href="../_static/bootstrap-sphinx.css" type="text/css" />
<link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
<link rel="stylesheet" type="text/css" href="../_static/graphviz.css" />
<script id="documentation_options" data-url_root="../" src="../_static/documentation_options.js"></script>
<script src="../_static/jquery.js"></script>
<script src="../_static/underscore.js"></script>
<script src="../_static/doctools.js"></script>
<script src="../_static/language_data.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="10.3. A71CH Legacy API" href="a71ch_legacy_host_api.html" />
<link rel="prev" title="10.1. A71CH and SSS API" href="a71ch_sss.html" />
<meta charset='utf-8'>
<meta http-equiv='X-UA-Compatible' content='IE=edge,chrome=1'>
<meta name='viewport' content='width=device-width, initial-scale=1.0, maximum-scale=1'>
<meta name="apple-mobile-web-app-capable" content="yes">
<script type="text/javascript" src="../_static/js/jquery-1.11.0.min.js "></script>
<script type="text/javascript" src="../_static/js/jquery-fix.js "></script>
<script type="text/javascript" src="../_static/bootstrap-3.3.7/js/bootstrap.min.js "></script>
<script type="text/javascript" src="../_static/bootstrap-sphinx.js "></script>
</head><body>
<div id="navbar" class="navbar navbar-inverse navbar-default navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<!-- .btn-navbar is used as the toggle for collapsed navbar content -->
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="../toc.html"><span><img src="../_static/NXP_logo_JPG.jpg"></span>
MW</a>
<span class="navbar-text navbar-version pull-left"><b>v03.00.05</b></span>
</div>
<div class="collapse navbar-collapse nav-collapse">
<ul class="nav navbar-nav">
<li class="dropdown globaltoc-container">
<a role="button"
id="dLabelGlobalToc"
data-toggle="dropdown"
data-target="#"
href="../toc.html">TOC <b class="caret"></b></a>
<ul class="dropdown-menu globaltoc"
role="menu"
aria-labelledby="dLabelGlobalToc"><ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../index.html">1. NXP Plug &amp; Trust Middleware</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../organization-of-documentation.html">1.1. Organization of Documentation</a></li>
<li class="toctree-l2"><a class="reference internal" href="../folder-structure.html">1.2. Folder Structure</a></li>
<li class="toctree-l2"><a class="reference internal" href="../sw-prerequisites.html">1.3. List of Platform Prerequisites</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../changes/index.html">2. Changes</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../changes/pending.html">2.1. Pending Refactoring items</a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/pending.html#known-limitations">2.2. Known limitations</a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v03_00_05.html">2.3. Release <code class="docutils literal notranslate"><span class="pre">v03.00.05</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v03_00_04.html">2.4. Release <code class="docutils literal notranslate"><span class="pre">v03.00.04</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v03_00_03.html">2.5. Release <code class="docutils literal notranslate"><span class="pre">v03.00.03</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v03_00_02.html">2.6. Release <code class="docutils literal notranslate"><span class="pre">v03.00.02</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_16_01.html">2.7. Release <code class="docutils literal notranslate"><span class="pre">v02.16.01</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_16_00.html">2.8. Release <code class="docutils literal notranslate"><span class="pre">v02.16.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_15_00.html">2.9. Release <code class="docutils literal notranslate"><span class="pre">v02.15.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_14_00.html">2.10. Release <code class="docutils literal notranslate"><span class="pre">v02.14.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html">2.11. Release <code class="docutils literal notranslate"><span class="pre">v02.12.05</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html#release-v02-12-04">2.12. Release <code class="docutils literal notranslate"><span class="pre">v02.12.04</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html#release-v02-12-03">2.13. Release <code class="docutils literal notranslate"><span class="pre">v02.12.03</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html#release-v02-12-02">2.14. Release <code class="docutils literal notranslate"><span class="pre">v02.12.02</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html#release-v02-12-01">2.15. Release <code class="docutils literal notranslate"><span class="pre">v02.12.01</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html#release-v02-12-00">2.16. Release <code class="docutils literal notranslate"><span class="pre">v02.12.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_11_03.html">2.17. Release <code class="docutils literal notranslate"><span class="pre">v02.11.03</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_11_01.html">2.18. Internal Release <code class="docutils literal notranslate"><span class="pre">v02.11.01</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_11_00.html">2.19. Release <code class="docutils literal notranslate"><span class="pre">v02.11.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_10_00.html">2.20. Release <code class="docutils literal notranslate"><span class="pre">v02.10.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_09_00.html">2.21. Release <code class="docutils literal notranslate"><span class="pre">v02.09.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_07_00.html">2.22. Release <code class="docutils literal notranslate"><span class="pre">v02.07.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_06_00.html">2.23. Release <code class="docutils literal notranslate"><span class="pre">v02.06.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_05_00_to_v02_03_00.html">2.24. Release <code class="docutils literal notranslate"><span class="pre">v02.05.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_05_00_to_v02_03_00.html#release-v02-04-00">2.25. Release <code class="docutils literal notranslate"><span class="pre">v02.04.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_05_00_to_v02_03_00.html#release-02-03-00">2.26. Release <code class="docutils literal notranslate"><span class="pre">02.03.00</span></code></a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../stack/index.html">3. Plug &amp; Trust MW Stack</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../stack/features.html">3.1. Features</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/features.html#plug-trust-mw-block-diagram">3.2. Plug &amp; Trust MW : Block Diagram</a></li>
<li class="toctree-l2"><a class="reference internal" href="../sss-apis.html">3.3. SSS APIs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/se05xfeatures.html">3.4. SSS APIs: SE051 vs SE050</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/param_checks.html">3.5. Parameter Check &amp; Conventions</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/i2cm.html">3.6. I2CM / Secure Sensor</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/logging.html">3.7. Logging</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/feature-file.html">3.8. Feature File - <code class="docutils literal notranslate"><span class="pre">fsl_sss_ftr.h</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/platf-scp-from-fs.html">3.9. Using Platform SCP Keys from File System</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/auth/auth-objects.html">3.10. Auth Objects</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/auth/auth-objects-userid.html">3.11. Auth Objects : UserID</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/auth/auth-objects-aeskey.html">3.12. Auth Objects : AESKey</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/auth/auth-objects-eckey.html">3.13. Auth Objects : ECKey</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/key-id-range.html">3.14. Key Id Range and Purpose</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/key-id-range.html#authentication-keys">3.15. Authentication Keys</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/key-id-range.html#trust-provisioned-keyids">3.16. Trust provisioned KeyIDs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../sss/ex/doc/puf-scp03.html">3.17. SCP03 with PUF</a></li>
<li class="toctree-l2"><a class="reference internal" href="../sss/doc/sss_heap_management.html">3.18. SSS Heap Management</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../building/index.html">4. Building / Compiling</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../building/windows.html">4.1. Windows Build</a></li>
<li class="toctree-l2"><a class="reference internal" href="../building/frdm-k64f-sdk.html">4.2. Import MCUXPresso projects from SDK</a></li>
<li class="toctree-l2"><a class="reference internal" href="../building/frdm-k64f-cmake.html">4.3. Freedom K64F Build (CMake - Advanced)</a></li>
<li class="toctree-l2"><a class="reference internal" href="../building/imx6.html">4.4. i.MX Linux Build</a></li>
<li class="toctree-l2"><a class="reference internal" href="../building/rpi3.html">4.5. Raspberry Pi Build</a></li>
<li class="toctree-l2"><a class="reference internal" href="../building/cmake.html">4.6. CMake</a></li>
<li class="toctree-l2"><a class="reference internal" href="../scripts/cmake_options.html">4.7. CMake Options</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../demos/index.html">5. Demo and Examples</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../demos/index.html#demo-list">5.1. Demo List</a></li>
<li class="toctree-l2"><a class="reference internal" href="../demos/index.html#sss-api-examples">5.2. SSS API Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../demos/index.html#cloud-demos">5.3. Cloud Demos</a></li>
<li class="toctree-l2"><a class="reference internal" href="../demos/index.html#linux-specific-demos">5.4. Linux Specific Demos</a></li>
<li class="toctree-l2"><a class="reference internal" href="../demos/index.html#opc-ua-example">5.5. OPC-UA Example</a></li>
<li class="toctree-l2"><a class="reference internal" href="../demos/index.html#arm-psa-example">5.6. ARM PSA Example</a></li>
<li class="toctree-l2"><a class="reference internal" href="../demos/index.html#se05x-examples">5.7. SE05X Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../demos/index.html#openssl-examples">5.8. OpenSSL Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../demos/index.html#tests-for-user-crypto">5.9. Tests for User Crypto</a></li>
<li class="toctree-l2"><a class="reference internal" href="../demos/index.html#nxpnfcrdlib-examples">5.10. NXPNFCRDLIB examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../demos/index.html#ease-of-use-examples">5.11. Ease-of-Use examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../demos/index.html#semslite-examples">5.12. Semslite examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../demos/index.html#puf-examples">5.13. PUF examples</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../edgelock2go-agent.html">6. NXP EdgeLock 2GO Agent</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/introduction.html">6.1. Introduction</a></li>
<li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/introduction.html#building-and-running-the-edgelock-2go-agent">6.2. Building and running the EdgeLock 2GO agent</a></li>
<li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/introduction.html#datastore-keystore">6.3. Datastore / Keystore</a></li>
<li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/introduction.html#connection-to-the-edgelock-2go-cloud-service">6.4. Connection to the EdgeLock 2GO cloud service</a></li>
<li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/introduction.html#claim-codes">6.5. Claim Codes</a></li>
<li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/edgelock2go_agent_apis.html">6.6. API</a></li>
<li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/readme_usage_examples.html">6.7. Usage Examples</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../semslite/doc/index.html">7. SEMS Lite Agent</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_overview.html">7.1. SEMS Lite Overview (Only for SE051)</a></li>
<li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_package.html">7.2. Update Package</a></li>
<li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_usage.html">7.3. SEMS Lite Agent Usage</a></li>
<li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_mgmt_api.html">7.4. SEMS Lite management APIs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_process.html">7.5. SEMS Lite Agent Package Load Process</a></li>
<li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_api.html">7.6. APIs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_known_issue.html">7.7. SEMS Lite Known Issue</a></li>
<li class="toctree-l2"><a class="reference internal" href="../semslite/doc/demo_update.html">7.8. SEMS Lite DEMOs</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../plugins/index.html">8. Plugins / Add-ins</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../sss/plugin/openssl/scripts/readme.html">8.1. Introduction on OpenSSL engine</a></li>
<li class="toctree-l2"><a class="reference internal" href="../sss/plugin/mbedtls/scripts/readme.html">8.2. Introduction on mbedTLS ALT Implementation</a></li>
<li class="toctree-l2"><a class="reference internal" href="../sss/plugin/psa/Readme.html">8.3. Platform Security Architecture</a></li>
<li class="toctree-l2"><a class="reference internal" href="../plugins/akm.html">8.4. Android Key master</a></li>
<li class="toctree-l2"><a class="reference internal" href="../sss/plugin/open62541/readme.html">8.5. Introduction on Open62541 (OPC UA stack)</a></li>
<li class="toctree-l2"><a class="reference internal" href="../plugins/wifiEAP/wifiEAP.html">8.6. WiFi EAP Demo with Raspberry Pi3</a></li>
<li class="toctree-l2"><a class="reference internal" href="../plugins/pkcs11.html">8.7. PKCS#11 Standalone Library</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../cli-tool.html">9. CLI Tool</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../pycli/doc/introduction.html">9.1. Introduction</a></li>
<li class="toctree-l2"><a class="reference internal" href="../pycli/doc/block-diagram.html">9.2. Block Diagram</a></li>
<li class="toctree-l2"><a class="reference internal" href="../pycli/doc/pre-steps.html">9.3. Steps needed before running <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> tool</a></li>
<li class="toctree-l2"><a class="reference internal" href="../pycli/doc/running.html">9.4. Running the <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> tool - Windows</a></li>
<li class="toctree-l2"><a class="reference internal" href="../pycli/Provisioning/readme.html">9.5. CLI Provisioning</a></li>
<li class="toctree-l2"><a class="reference internal" href="../pycli/doc/readme_usage_examples.html">9.6. Usage Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../pycli/doc/cli_commands_list.html">9.7. List of <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> commands</a></li>
<li class="toctree-l2"><a class="reference internal" href="../pycli/doc/cli_data_format.html">9.8. CLI Data formats</a></li>
<li class="toctree-l2"><a class="reference internal" href="../pycli/doc/cli_object_policy.html">9.9. Object Policies Through ssscli</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/upload_se05x_using_pycli.html">9.10. Upload keys and certificates to SE05X using ssscli tool</a></li>
</ul>
</li>
<li class="toctree-l1 current"><a class="reference internal" href="../a71ch.html">10. A71CH</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="a71ch_sss.html">10.1. A71CH and SSS API</a></li>
<li class="toctree-l2 current"><a class="current reference internal" href="#">10.2. Miscellaneous</a></li>
<li class="toctree-l2"><a class="reference internal" href="a71ch_legacy_host_api.html">10.3. A71CH Legacy API</a></li>
<li class="toctree-l2"><a class="reference internal" href="a71ch_legacy_hlse_api.html">10.4. A71CH Legacy HLSE (Generic) API</a></li>
<li class="toctree-l2"><a class="reference internal" href="a71ch_configure_tool.html">10.5. A71CH Legacy Configure Tool</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../appendix.html">11. Appendix</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../appendix/glossary.html">11.1. Glossary</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/vcom.html">11.2. APDU Commands over VCOM</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/vs2019-setup.html">11.3. Visual Studio 2019 Setup</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/ide_mcux.html">11.4. Setting up MCUXPresso IDE</a></li>
<li class="toctree-l2"><a class="reference internal" href="../dev-platforms.html">11.5. Development Platforms</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/se_uid.html">11.6. How to get SE Platform Information and UID</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/version_info.html">11.7. Version Information</a></li>
<li class="toctree-l2"><a class="reference internal" href="../demos/Certificate_Chains/Readme.html">11.8. Certificate Chains</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/rjct_server.html">11.9. JRCP_v1 Server</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/platfscp.html">11.10. Using own Platform SCP03 Keys</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/apdu_write_to_buffer.html">11.11. Write APDU to buffer</a></li>
<li class="toctree-l2"><a class="reference internal" href="../api/api_list.html">11.12. Plug &amp; Trust MW APIs</a></li>
</ul>
</li>
</ul>
</ul>
</li>
<li class="dropdown">
<a role="button"
id="dLabelLocalToc"
data-toggle="dropdown"
data-target="#"
href="#">Page <b class="caret"></b></a>
<ul class="dropdown-menu localtoc"
role="menu"
aria-labelledby="dLabelLocalToc"><ul>
<li><a class="reference internal" href="#">10.2. Miscellaneous</a><ul>
<li><a class="reference internal" href="#demos-and-examples-supported-on-a71ch">10.2.1. Demos and examples supported on A71CH</a></li>
<li><a class="reference internal" href="#openssl-engine">10.2.2. OpenSSL Engine</a></li>
<li><a class="reference internal" href="#a71ch-and-scp03">10.2.3. A71CH and SCP03</a></li>
<li><a class="reference internal" href="#a71ch-on-raspberry-pi">10.2.4. A71CH on Raspberry Pi</a></li>
</ul>
</li>
</ul>
</ul>
</li>
<li>
<a href="a71ch_sss.html" title="Previous Chapter: 10.1. A71CH and SSS API"><span class="glyphicon glyphicon-chevron-left visible-sm"></span><span class="hidden-sm hidden-tablet">&laquo; 10.1. A71CH a...</span>
</a>
</li>
<li>
<a href="a71ch_legacy_host_api.html" title="Next Chapter: 10.3. A71CH Legacy API"><span class="glyphicon glyphicon-chevron-right visible-sm"></span><span class="hidden-sm hidden-tablet">10.3. A71CH L... &raquo;</span>
</a>
</li>
</ul>
</div>
</div>
</div>
<div class="container">
<div class="row">
<div class="col-md-3">
<div id="sidebar" class="bs-sidenav" role="complementary">
<div class="sidebar-header">
<h3>Plug &amp; Trust MW</h3>
</div>
<div class="row">
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../index.html">1. NXP Plug &amp; Trust Middleware</a></li>
<li class="toctree-l1"><a class="reference internal" href="../changes/index.html">2. Changes</a></li>
<li class="toctree-l1"><a class="reference internal" href="../stack/index.html">3. Plug &amp; Trust MW Stack</a></li>
<li class="toctree-l1"><a class="reference internal" href="../building/index.html">4. Building / Compiling</a></li>
<li class="toctree-l1"><a class="reference internal" href="../demos/index.html">5. Demo and Examples</a></li>
<li class="toctree-l1"><a class="reference internal" href="../edgelock2go-agent.html">6. NXP EdgeLock 2GO Agent</a></li>
<li class="toctree-l1"><a class="reference internal" href="../semslite/doc/index.html">7. SEMS Lite Agent</a></li>
<li class="toctree-l1"><a class="reference internal" href="../plugins/index.html">8. Plugins / Add-ins</a></li>
<li class="toctree-l1"><a class="reference internal" href="../cli-tool.html">9. CLI Tool</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="../a71ch.html">10. A71CH</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="a71ch_sss.html">10.1. A71CH and SSS API</a></li>
<li class="toctree-l2 current"><a class="current reference internal" href="#">10.2. Miscellaneous</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#demos-and-examples-supported-on-a71ch">10.2.1. Demos and examples supported on A71CH</a></li>
<li class="toctree-l3"><a class="reference internal" href="#openssl-engine">10.2.2. OpenSSL Engine</a></li>
<li class="toctree-l3"><a class="reference internal" href="#a71ch-and-scp03">10.2.3. A71CH and SCP03</a></li>
<li class="toctree-l3"><a class="reference internal" href="#a71ch-on-raspberry-pi">10.2.4. A71CH on Raspberry Pi</a></li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="a71ch_legacy_host_api.html">10.3. A71CH Legacy API</a></li>
<li class="toctree-l2"><a class="reference internal" href="a71ch_legacy_hlse_api.html">10.4. A71CH Legacy HLSE (Generic) API</a></li>
<li class="toctree-l2"><a class="reference internal" href="a71ch_configure_tool.html">10.5. A71CH Legacy Configure Tool</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../appendix.html">11. Appendix</a></li>
</ul>
</div>
<div class="row">
<form class="form" action="../search.html" method="get">
<div class="form-group">
<label for="Search">Search:</label>
<input type="text" name="q" class="form-control" placeholder="Search" />
</div>
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div>
</div>
<div class="body col-md-9 content" role="main">
<div class="section" id="miscellaneous">
<span id="se05x-a71ch-miscellaneous"></span><h1><span class="section-number">10.2. </span>Miscellaneous<a class="headerlink" href="#miscellaneous" title="Permalink to this headline"></a></h1>
<div class="section" id="demos-and-examples-supported-on-a71ch">
<h2><span class="section-number">10.2.1. </span>Demos and examples supported on A71CH<a class="headerlink" href="#demos-and-examples-supported-on-a71ch" title="Permalink to this headline"></a></h2>
<p>Refer to <a class="reference internal" href="../demos/demo-list.html#demo-list"><span class="std std-ref">DEMO List</span></a> to see the list of demo applications supported on A71CH. Make the following changes when testing with A71CH.</p>
<ol class="arabic">
<li><p>Set the Applet to A71CH and SMCOM to SCI2C in the build configuration and rebuild the middleware.</p></li>
<li><p>To provision A71CH for cloud application, change the <cite>subsystem</cite> to <cite>a71ch</cite> in …/simw-top/pycli/src/Provision/Provision_config.py file.</p>
<div class="highlight-text notranslate"><div class="highlight"><pre><span></span>SUBSYSTEM = &quot;a71ch&quot;
</pre></div>
</div>
</li>
<li><p>When testing cloud application on linux platform, set the OPENSSL_CONF to A71CH specific openssl config files - openssl_sss_a71ch.cnf (for openssl 1.0) / openssl11_sss_a71ch.cnf (for openssl 1.1).</p></li>
</ol>
</div>
<div class="section" id="openssl-engine">
<h2><span class="section-number">10.2.2. </span>OpenSSL Engine<a class="headerlink" href="#openssl-engine" title="Permalink to this headline"></a></h2>
<p>The Plug&amp;Trust MW comes with two OpenSSL Engine implementations, both implementations support OpenSSL 1.1.1:</p>
<ul class="simple">
<li><p>SSS API based (A71CH SSS OpenSSL Engine)</p></li>
<li><p>A71CH Legacy API based (A71CH Legacy OpenSSL Engine)</p></li>
</ul>
<p>The reference key format and the tools supporting the reference keys are <strong>different and incompatible</strong>.</p>
<p>The implementation using the SSS API is documented in <a class="reference internal" href="../sss/plugin/openssl/scripts/readme.html#intro-openssl-engine"><span class="std std-ref">Introduction on OpenSSL engine</span></a> and resides in
<code class="docutils literal notranslate"><span class="pre">.../sss/plugin/openssl</span></code>. The functionality of the engine is restricted to EC NIST P-256 keys.</p>
<p>The implementation using the A71CH Legacy API resides in <code class="docutils literal notranslate"><span class="pre">.../hostlib/hostlib/embSeEngine</span></code>.</p>
<p>The reference key format used by the SSS OpenSSL Engine refers to the stored EC key by SSS Object
Identifier.
It relies upon the <code class="docutils literal notranslate"><span class="pre">SSS</span> <span class="pre">Object</span> <span class="pre">Identifier</span> <span class="pre">to</span> <span class="pre">A71CH</span> <span class="pre">Internal</span> <span class="pre">storage</span> <span class="pre">mapping</span> <span class="pre">table</span></code> (<a class="reference internal" href="a71ch_sss.html#se05x-a71ch-sss"><span class="std std-ref">A71CH and SSS API</span></a>)
to locate the stored EC key in the attached A71CH.</p>
<p>The reference key format used by the A71CH Legacy OpenSSL Engine refers to the stored EC key by
key class and key index. Both key class and index are specific to the A71CH secure element.
The following provides an example of reference key format used by the A71CH Legacy OpenSSL Engine.
The value reserved for the private key has been used to contain:</p>
<ul class="simple">
<li><p>a pattern of <code class="docutils literal notranslate"><span class="pre">0x10..00</span></code> to fill up the datastructure MSB side to the desired key length</p></li>
<li><p>a 64 bit magic number (always <code class="docutils literal notranslate"><span class="pre">0xA5A6B5B6A5A6B5B6</span></code>)</p></li>
<li><p>a byte (0xkk) to contain the key class (<code class="docutils literal notranslate"><span class="pre">0x10</span></code> for key pair and <code class="docutils literal notranslate"><span class="pre">0x20</span></code> for public key)</p></li>
<li><p>a byte (0xii) to contain the key index (<code class="docutils literal notranslate"><span class="pre">0x00</span> <span class="pre">to</span> <span class="pre">0x03</span></code> for key pair and <code class="docutils literal notranslate"><span class="pre">0x00</span> <span class="pre">to</span> <span class="pre">0x02</span></code> for public key)</p></li>
</ul>
<div class="highlight-text notranslate"><div class="highlight"><pre><span></span>Private-Key: (256 bit)
priv:
10:00:00:00:00:00:00:00:00:00:00:00:00:00:00:
00:00:00:00:00:00:00:A5:A6:B5:B6:A5:A6:B5:B6:
kk:ii
pub:
04:1C:93:08:8B:26:27:BA:EA:03:D1:BE:DB:1B:DF:
8E:CC:87:EF:95:D2:9D:FC:FC:3A:82:6F:C6:E1:70:
A0:50:D4:B7:1F:F2:A3:EC:F8:92:17:41:60:48:74:
F2:DB:3D:B4:BC:2B:F8:FA:E8:54:72:F6:72:74:8C:
9E:5F:D3:D6:D4
ASN1 OID: prime256v1
</pre></div>
</div>
</div>
<div class="section" id="a71ch-and-scp03">
<h2><span class="section-number">10.2.3. </span>A71CH and SCP03<a class="headerlink" href="#a71ch-and-scp03" title="Permalink to this headline"></a></h2>
<p>Enabling SCP03 channel encryption on the A71CH is a two step process:</p>
<ul class="simple">
<li><p>[Phase-0] First the SCP03 keys must be set on the A71CH. The SCP03 keys can only be set once!</p></li>
<li><p>[Phase-1] Once the SCP03 keys are set on the A71CH an SCP03 channel can be established between Host and A71CH. In case an SCP03 channel
has been established successfully, the use of SCP03 becomes mandatory for all subsequent communication between Host and A71CH.</p></li>
</ul>
<p>In the SSS API based example applications, two utility functions are used to support SCP03 channel encryption:</p>
<ul class="simple">
<li><p><code class="docutils literal notranslate"><span class="pre">ex_a71ch_SetSeScp03Keys</span></code> is used to set the keys as required for [Phase-0]</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">SCP_Authenticate</span></code> is used to establish the SCP03 channel [Phase-1]</p></li>
</ul>
<p>The example code (<code class="docutils literal notranslate"><span class="pre">sss/ex/inc/ex_sss_main_inc.h</span></code>) always combines these two steps and depends on the ‘Debug Reset’ command for this.
In a product deployment the two phases must be distinct.
[Phase-0] is only executed once. Ensure that the SCP03 keys are securely and persistently stored on the host.</p>
<p>To enable SCP03 in the SSS API examples one must set the following Cmake options:</p>
<div class="highlight-text notranslate"><div class="highlight"><pre><span></span>-DA71CH_AUTH=SCP03
-DSCP=SCP03_HostCrypto
</pre></div>
</div>
<p>Please refer to <a class="reference internal" href="../scripts/cmake_options.html#se05x-cmake-options"><span class="std std-ref">CMake Options</span></a> for more details and an overview of all available Cmake options.</p>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>The Plug&amp;Trust MW also contains example code illustrating the setting up of an SCP03 channel between Host and Secure Element
for applications based upon the A71CH API: please refer to <code class="docutils literal notranslate"><span class="pre">hostlib/a71ch/ex/mainA71CH.c</span></code></p>
</div>
</div>
<div class="section" id="a71ch-on-raspberry-pi">
<h2><span class="section-number">10.2.4. </span>A71CH on Raspberry Pi<a class="headerlink" href="#a71ch-on-raspberry-pi" title="Permalink to this headline"></a></h2>
<p>When building the stack for A71CH on Raspberry Pi, set the following cmake options</p>
<div class="highlight-text notranslate"><div class="highlight"><pre><span></span>cmake -DApplet=A71CH -DSMCOM=SCI2C .
</pre></div>
</div>
<p>The default i2c master of Raspberry Pi doesn’t support the SMBUS ‘block read’ feature
required for the sci2c protocol.
As a workaround a software implementation of an i2c master must be used.</p>
<p>Add the following line to <code class="docutils literal notranslate"><span class="pre">/boot/config.txt</span></code> on the Raspberry Pi SD card and reboot:</p>
<div class="highlight-text notranslate"><div class="highlight"><pre><span></span>dtoverlay=i2c-gpio,bus=4,i2c_gpio_delay_us=1,_i2c_gpio_sda=23,i2c_gpio_scl=24
</pre></div>
</div>
<p>This will create a <code class="docutils literal notranslate"><span class="pre">/dev/i2c-4</span></code> i2c port on Raspberry Pi.</p>
<p>Modify <code class="docutils literal notranslate"><span class="pre">.../simw-top/hostlib/hostLib/platform/linux/i2c_a7.c</span></code> for correct i2c port</p>
<div class="highlight-text notranslate"><div class="highlight"><pre><span></span>static char* default_axSmDevice_name = &quot;/dev/i2c-4&quot;;
</pre></div>
</div>
<p>The following table illustrates the connections to make between the Raspberry Pi Header and the A71CH.</p>
<table class="docutils align-default" id="id1">
<caption><span class="caption-text">A71CH pin connections</span><a class="headerlink" href="#id1" title="Permalink to this table"></a></caption>
<colgroup>
<col style="width: 65%" />
<col style="width: 35%" />
</colgroup>
<thead>
<tr class="row-odd"><th class="head"><p>Raspberry Pi Header</p></th>
<th class="head"><p>A71CH</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td><p>Pin# 1</p></td>
<td><p>Power</p></td>
</tr>
<tr class="row-odd"><td><p>Pin# 6</p></td>
<td><p>Ground</p></td>
</tr>
<tr class="row-even"><td><p>Pin# 16</p></td>
<td><p>I2C Data</p></td>
</tr>
<tr class="row-odd"><td><p>Pin# 18</p></td>
<td><p>I2C Clock</p></td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</div>
</div>
<footer class="footer">
<div class="container">
<p class="pull-right">
<a href="#">Back to top</a>
</p>
<p>
&copy; Copyright 2018-2020, NXP.<br/>
Created using <a href="http://sphinx-doc.org/">Sphinx</a> 2.4.1.<br/>
</p>
</div>
</footer>
</body>
</html>