Maxim Integrated / Mbed OS MAXREFDES155#

DeepCover Embedded Security in IoT: Public-key Secured Data Paths

Dependencies:   MaximInterface

The MAXREFDES155# is an internet-of-things (IoT) embedded-security reference design, built to authenticate and control a sensing node using elliptic-curve-based public-key cryptography with control and notification from a web server.

The hardware includes an ARM® mbed™ shield and attached sensor endpoint. The shield contains a DS2476 DeepCover® ECDSA/SHA-2 coprocessor, Wifi communication, LCD push-button controls, and status LEDs. The sensor endpoint is attached to the shield using a 300mm cable and contains a DS28C36 DeepCover ECDSA/SHA-2 authenticator, IR-thermal sensor, and aiming laser for the IR sensor. The MAXREFDES155# is equipped with a standard Arduino® form-factor shield connector for immediate testing using an mbed board such as the MAX32600MBED#. The combination of these two devices represent an IoT device. Communication to the web server is accomplished with the shield Wifi circuitry. Communication from the shield to the attached sensor module is accomplished over I2C . The sensor module represents an IoT endpoint that generates small data with a requirement for message authenticity/integrity and secure on/off operational control.

The design is hierarchical with each mbed platform and shield communicating data from the sensor node to a web server that maintains a centralized log and dispatches notifications as necessary. The simplicity of this design enables rapid integration into any star-topology IoT network to provide security with the low overhead and cost provided by the ECDSA-P256 asymmetric-key and SHA-256 symmetric-key algorithms.

More information about the MAXREFDES155# is available on the Maxim Integrated website.

Diff: SensorNode.cpp

Revision:
0:33d4e66780c0
Child:
13:6a6225690c2e
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/SensorNode.cpp	Fri Feb 24 11:23:12 2017 -0600
@@ -0,0 +1,253 @@
+/*******************************************************************************
+* Copyright (C) 2017 Maxim Integrated Products, Inc., All Rights Reserved.
+*
+* Permission is hereby granted, free of charge, to any person obtaining a
+* copy of this software and associated documentation files (the "Software"),
+* to deal in the Software without restriction, including without limitation
+* the rights to use, copy, modify, merge, publish, distribute, sublicense,
+* and/or sell copies of the Software, and to permit persons to whom the
+* Software is furnished to do so, subject to the following conditions:
+*
+* The above copyright notice and this permission notice shall be included
+* in all copies or substantial portions of the Software.
+*
+* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+* IN NO EVENT SHALL MAXIM INTEGRATED BE LIABLE FOR ANY CLAIM, DAMAGES
+* OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+* ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+* OTHER DEALINGS IN THE SOFTWARE.
+*
+* Except as contained in this notice, the name of Maxim Integrated
+* Products, Inc. shall not be used except as stated in the Maxim Integrated
+* Products, Inc. Branding Policy.
+*
+* The mere transfer of this software does not imply any licenses
+* of trade secrets, proprietary technology, copyrights, patents,
+* trademarks, maskwork rights, or any other form of intellectual
+* property whatsoever. Maxim Integrated Products, Inc. retains all
+* ownership rights.
+*******************************************************************************/
+
+#include <string>
+#include <I2C.h>
+#include "RomId.h"
+#include "HexConversions.hpp"
+#include "DS2476.hpp"
+#include "Factory.hpp"
+#include "SensorNode.hpp"
+
+// I2C address of the MLX90614.
+static const uint8_t mlx90614Addr = 0xB4;
+
+/// DS2476 derives the slave secret for a certain DS28C36 from the master secret.
+/// @param ds2476 DS2476 that will compute slave secret.
+/// @param ds28c36 DS28C36 containing the slave secret of interest.
+/// @param[out] message Contains the HMAC input used when computing the slave secret. Output to
+///     prevent redundant page reads.
+/// @param print Optional callback for displaying informational messages to the user.
+/// @returns True if the operation was successful.
+static bool setSlaveSecret(DS2476 & ds2476, DS28C36 & ds28c36, DS2476::Buffer & message,
+    const SensorNode::PrintHandler & print = SensorNode::PrintHandler())
+{
+    if (print)
+    {
+        print("Computing slave secret");
+        print("Reading DS28C36 ROM Options page for ROM ID and MAN ID");
+    }
+    DS28C36::Page page;
+    DS28C36::CmdResult result = ds28c36.readMemory(DS28C36::RomOptions, page);
+    if (result != DS28C36::Success)
+        return false;
+    message.clear();
+    message.reserve(75);
+    message.assign(page.begin() + 24, page.end());
+    OneWire::array<uint8_t, 2> manId = { page[22], page[23] };
+    if (print)
+    {
+        print("Reading User Data 0 page");
+    }
+    result = ds28c36.readMemory(DS28C36::UserData0, page);
+    if (result != DS28C36::Success)
+        return false;
+    message.insert(message.end(), page.begin(), page.end());
+    message.insert(message.end(), 32, 0x00);
+    message.insert(message.end(), DS28C36::UserData0);
+    message.insert(message.end(), manId.begin(), manId.end());
+    if (print)
+    {
+        print(("Creating HMAC message (ROM ID | Binding Data (Page Data) | Partial Secret (Buffer) | Page # | MAN ID): " +
+            byteArrayToHexString(&message[0], message.size())).c_str());
+        print("Writing HMAC message to DS2476 buffer");
+    }
+    result = ds2476.writeBuffer(message);
+    if (result != DS2476::Success)
+        return false;
+    if (print)
+    {
+        print("DS2476 computes slave secret from master secret (Secret A) and message in buffer");
+    }
+    result = ds2476.computeSha2UniqueSecret(DS2476::SecretNumA);
+    if (result != DS2476::Success)
+        return false;
+    return true;
+}
+
+SensorNode::SensorNode(mbed::I2C & i2c, DS2476 & ds2476) : i2c(i2c), ds28c36(i2c), ds2476(ds2476) { }
+
+bool SensorNode::detect()
+{
+    // Read ROM ID
+    OneWire::RomId romId;
+    return (DS28C36::readRomId(ds28c36, romId) == DS28C36::Success) && romId.valid();  
+}
+
+bool SensorNode::readTemp(TempStyle style, double & temp)
+{
+    uint8_t data[2];
+    switch (style)
+    {
+    case ObjectTemp:
+    default:
+        data[0] = 0x07;
+        break;
+        
+    case AmbientTemp:
+        data[0] = 0x06;
+        break;
+    }
+    int result = i2c.write(mlx90614Addr, reinterpret_cast<const char *>(data), 1, true);
+    if (result != 0)
+    {
+        i2c.stop();
+        return false;
+    }
+    result = i2c.read(mlx90614Addr, reinterpret_cast<char *>(data), 2, false);
+    if (result != 0)
+    {
+        i2c.stop();
+        return false;
+    }
+    temp = ((static_cast<uint_fast16_t>(data[1]) << 8) | data[0]) * 0.02 - 273.15;
+    return true;
+}
+
+bool SensorNode::getProvisioned(bool & provisioned)
+{
+    return checkAuthenticatorProvisioned(ds28c36, provisioned);
+}
+
+bool SensorNode::provision()
+{
+    return provisionAuthenticator(ds28c36);
+}
+
+bool SensorNode::authenticate()
+{
+    // Compute slave secret on coprocessor.
+    DS2476::Buffer message;
+    if (!setSlaveSecret(ds2476, ds28c36, message))
+        return false;
+        
+    // Compute HMAC on coprocessor.
+    // ROM ID, Page 0, and MAN ID are already in message.
+    DS2476::Buffer challenge;
+    DS2476::CmdResult result = ds2476.readRng(32, challenge);
+    if (result != DS2476::Success)
+        return false;
+    std::copy(challenge.begin(), challenge.end(), message.begin() + 40);
+    result = ds2476.writeBuffer(message);
+    if (result != DS2476::Success)
+        return false;
+    DS2476::HMAC computedHmac;
+    result = ds2476.computeSha2Hmac(computedHmac);
+    if (result != DS2476::Success)
+        return false;
+    
+    // Compute HMAC on device.
+    result = ds28c36.writeBuffer(challenge);
+    if (result != DS28C36::Success)
+        return false;
+    DS28C36::HMAC deviceHmac;
+    result = ds28c36.computeAndReadHmacPageAuthentication(DS28C36::UserData0, DS28C36::SecretNumA, deviceHmac);
+    if (result != DS28C36::Success)
+        return false;
+        
+    return computedHmac == deviceHmac;
+}
+
+bool SensorNode::setLaserEnabled(bool enabled, const PrintHandler & print)
+{   
+    if (print)
+    {
+        print((std::string(enabled ? "Enabling" : "Disabling") + " laser").c_str());
+    }
+     
+    // Compute slave secret on coprocessor.
+    DS2476::Buffer message;
+    if (!setSlaveSecret(ds2476, ds28c36, message, print))
+        return false;
+    
+    // Compute write HMAC.
+    // ROM ID and MAN ID are already in message.
+    if (print)
+    {
+        print("Reading GPIO Control page");
+        print((std::string("Modify copy of GPIO Control page to set GPIO B state to ") +
+            (enabled ? "conducting" : "high-impedance")).c_str());
+    }
+    DS28C36::Page page;
+    DS28C36::CmdResult result = ds28c36.readMemory(DS28C36::GpioControl, page);
+    if (result != DS28C36::Success)
+        return false;
+    std::copy(page.begin(), page.end(), message.begin() + 8);
+    page[1] = (enabled ? 0xAA : 0x55);
+    std::copy(page.begin(), page.end(), message.begin() + 40);
+    message[72] = DS28C36::GpioControl;
+    if (print)
+    {
+        print(("Creating HMAC message (ROM ID | Old Page Data | New Page Data | Page # | MAN ID): " +
+            byteArrayToHexString(&message[0], message.size())).c_str());
+        print("Writing HMAC message to DS2476 buffer");
+    }
+    result = ds2476.writeBuffer(message);
+    if (result != DS2476::Success)
+        return false;
+    DS2476::HMAC hmac;
+    result = ds2476.computeSha2Hmac(hmac);
+    if (result != DS2476::Success)
+        return false;
+        
+    if (print)
+    {
+        print(("DS2476 computes write authentication HMAC from slave secret (Secret S) and message in buffer: " +
+            byteArrayToHexString(hmac.data(), hmac.size())).c_str());
+        print("Write authentication HMAC is written to DS28C36 buffer");
+        print("DS28C36 computes an HMAC to compare to the write authentication HMAC after receiving Page # and New Page Data");
+    }
+    
+    // Write page data.
+    result = ds28c36.writeBuffer(DS28C36::Buffer(hmac.begin(), hmac.end()));
+    if (result != DS28C36::Success)
+        return false;
+    result = ds28c36.authenticatedSha2WriteMemory(DS28C36::GpioControl, DS28C36::SecretNumA, page);
+    if (result != DS28C36::Success)
+        return false;
+    if (print)
+    {
+        print("DS28C36 updates page data which changes GPIO B state");
+        print((std::string("Laser is now ") + (enabled ? "enabled" : "disabled")).c_str());
+    }
+    return true;
+}
+
+bool SensorNode::getLaserEnabled(bool & enabled)
+{
+    DS28C36::Page page;
+    DS28C36::CmdResult result = ds28c36.readMemory(DS28C36::GpioControl, page);
+    if (result != DS28C36::Success)
+        return false;
+    enabled = (page[1] == 0xAA);
+    return true;
+}