Maxim Integrated / Mbed OS MAXREFDES155#

DeepCover Embedded Security in IoT: Public-key Secured Data Paths

Dependencies:   MaximInterface

The MAXREFDES155# is an internet-of-things (IoT) embedded-security reference design, built to authenticate and control a sensing node using elliptic-curve-based public-key cryptography with control and notification from a web server.

The hardware includes an ARM® mbed™ shield and attached sensor endpoint. The shield contains a DS2476 DeepCover® ECDSA/SHA-2 coprocessor, Wifi communication, LCD push-button controls, and status LEDs. The sensor endpoint is attached to the shield using a 300mm cable and contains a DS28C36 DeepCover ECDSA/SHA-2 authenticator, IR-thermal sensor, and aiming laser for the IR sensor. The MAXREFDES155# is equipped with a standard Arduino® form-factor shield connector for immediate testing using an mbed board such as the MAX32600MBED#. The combination of these two devices represent an IoT device. Communication to the web server is accomplished with the shield Wifi circuitry. Communication from the shield to the attached sensor module is accomplished over I2C . The sensor module represents an IoT endpoint that generates small data with a requirement for message authenticity/integrity and secure on/off operational control.

The design is hierarchical with each mbed platform and shield communicating data from the sensor node to a web server that maintains a centralized log and dispatches notifications as necessary. The simplicity of this design enables rapid integration into any star-topology IoT network to provide security with the low overhead and cost provided by the ECDSA-P256 asymmetric-key and SHA-256 symmetric-key algorithms.

More information about the MAXREFDES155# is available on the Maxim Integrated website.

Diff: SensorNode.cpp

Revision:
13:6a6225690c2e
Parent:
0:33d4e66780c0
Child:
14:dc839a69379b
--- a/SensorNode.cpp	Thu Jun 01 14:21:58 2017 -0500
+++ b/SensorNode.cpp	Mon Nov 06 18:12:27 2017 -0600
@@ -32,222 +32,203 @@
 
 #include <string>
 #include <I2C.h>
-#include "RomId.h"
-#include "HexConversions.hpp"
-#include "DS2476.hpp"
+#include <MaximInterface/Utilities/RomId.hpp>
+#include <MaximInterface/Utilities/ManId.hpp>
+#include <MaximInterface/Utilities/HexConversions.hpp>
+#include <MaximInterface/Platforms/mbed/Sleep.hpp>
 #include "Factory.hpp"
 #include "SensorNode.hpp"
 
+using namespace MaximInterface;
+
 // I2C address of the MLX90614.
 static const uint8_t mlx90614Addr = 0xB4;
 
-/// DS2476 derives the slave secret for a certain DS28C36 from the master secret.
-/// @param ds2476 DS2476 that will compute slave secret.
-/// @param ds28c36 DS28C36 containing the slave secret of interest.
-/// @param[out] message Contains the HMAC input used when computing the slave secret. Output to
-///     prevent redundant page reads.
-/// @param print Optional callback for displaying informational messages to the user.
-/// @returns True if the operation was successful.
-static bool setSlaveSecret(DS2476 & ds2476, DS28C36 & ds28c36, DS2476::Buffer & message,
-    const SensorNode::PrintHandler & print = SensorNode::PrintHandler())
-{
-    if (print)
-    {
-        print("Computing slave secret");
-        print("Reading DS28C36 ROM Options page for ROM ID and MAN ID");
-    }
-    DS28C36::Page page;
-    DS28C36::CmdResult result = ds28c36.readMemory(DS28C36::RomOptions, page);
-    if (result != DS28C36::Success)
-        return false;
-    message.clear();
-    message.reserve(75);
-    message.assign(page.begin() + 24, page.end());
-    OneWire::array<uint8_t, 2> manId = { page[22], page[23] };
-    if (print)
-    {
-        print("Reading User Data 0 page");
-    }
-    result = ds28c36.readMemory(DS28C36::UserData0, page);
-    if (result != DS28C36::Success)
-        return false;
-    message.insert(message.end(), page.begin(), page.end());
-    message.insert(message.end(), 32, 0x00);
-    message.insert(message.end(), DS28C36::UserData0);
-    message.insert(message.end(), manId.begin(), manId.end());
-    if (print)
-    {
-        print(("Creating HMAC message (ROM ID | Binding Data (Page Data) | Partial Secret (Buffer) | Page # | MAN ID): " +
-            byteArrayToHexString(&message[0], message.size())).c_str());
-        print("Writing HMAC message to DS2476 buffer");
-    }
-    result = ds2476.writeBuffer(message);
-    if (result != DS2476::Success)
-        return false;
-    if (print)
-    {
-        print("DS2476 computes slave secret from master secret (Secret A) and message in buffer");
-    }
-    result = ds2476.computeSha2UniqueSecret(DS2476::SecretNumA);
-    if (result != DS2476::Success)
-        return false;
-    return true;
+SensorNode::SensorNode(I2CMaster & i2c, DS2476 & ds2476)
+    : i2c(i2c), ds28c36(MaximInterface::mbed::Sleep::instance(), i2c),
+      ds2476(ds2476) {}
+
+std::pair<SensorNode::State, error_code> SensorNode::detect() {
+  std::pair<State, error_code> result;
+  result.second = readRomIdAndManId(ds28c36, &romId, &manId);
+  if (result.second || !valid(romId)) {
+    result.first = Disconnected;
+    return result;
+  }
+
+  bool provisioned;
+  result.second = getProvisioned(provisioned);
+  if (result.second) {
+    result.first = Disconnected;
+    return result;
+  }
+  if (!provisioned) {
+    result.first = NotProvisioned;
+    return result;
+  }
+
+  result.second = authenticate();
+  if (result.second) {
+    result.first =
+        (result.second == make_error_code(DS28C36::AuthenticationError))
+            ? Invalid
+            : Disconnected;
+    return result;
+  }
+
+  bool laserEnabled;
+  result.second = getLaserEnabled(laserEnabled);
+  if (result.second) {
+    result.first = Disconnected;
+  } else {
+    result.first = laserEnabled ? ValidLaserEnabled : ValidLaserDisabled;
+  }
+  return result;
 }
 
-SensorNode::SensorNode(mbed::I2C & i2c, DS2476 & ds2476) : i2c(i2c), ds28c36(i2c), ds2476(ds2476) { }
+bool SensorNode::readTemp(TempStyle style, double & temp) {
+  uint8_t data[2];
+  switch (style) {
+  case ObjectTemp:
+  default:
+    data[0] = 0x07;
+    break;
 
-bool SensorNode::detect()
-{
-    // Read ROM ID
-    OneWire::RomId romId;
-    return (DS28C36::readRomId(ds28c36, romId) == DS28C36::Success) && romId.valid();  
+  case AmbientTemp:
+    data[0] = 0x06;
+    break;
+  }
+  error_code result = i2c.writePacket(mlx90614Addr, data, 1, false);
+  if (result) {
+    i2c.stop();
+    return false;
+  }
+  result = i2c.readPacket(mlx90614Addr, data, 2, true);
+  if (result) {
+    i2c.stop();
+    return false;
+  }
+  temp = ((static_cast<uint_fast16_t>(data[1]) << 8) | data[0]) * 0.02 - 273.15;
+  return true;
 }
 
-bool SensorNode::readTemp(TempStyle style, double & temp)
-{
-    uint8_t data[2];
-    switch (style)
-    {
-    case ObjectTemp:
-    default:
-        data[0] = 0x07;
-        break;
-        
-    case AmbientTemp:
-        data[0] = 0x06;
-        break;
-    }
-    int result = i2c.write(mlx90614Addr, reinterpret_cast<const char *>(data), 1, true);
-    if (result != 0)
-    {
-        i2c.stop();
-        return false;
-    }
-    result = i2c.read(mlx90614Addr, reinterpret_cast<char *>(data), 2, false);
-    if (result != 0)
-    {
-        i2c.stop();
-        return false;
-    }
-    temp = ((static_cast<uint_fast16_t>(data[1]) << 8) | data[0]) * 0.02 - 273.15;
-    return true;
-}
-
-bool SensorNode::getProvisioned(bool & provisioned)
-{
-    return checkAuthenticatorProvisioned(ds28c36, provisioned);
-}
-
-bool SensorNode::provision()
-{
-    return provisionAuthenticator(ds28c36);
+error_code SensorNode::getProvisioned(bool & provisioned) {
+  return checkAuthenticatorProvisioned(ds28c36, provisioned);
 }
 
-bool SensorNode::authenticate()
-{
-    // Compute slave secret on coprocessor.
-    DS2476::Buffer message;
-    if (!setSlaveSecret(ds2476, ds28c36, message))
-        return false;
-        
-    // Compute HMAC on coprocessor.
-    // ROM ID, Page 0, and MAN ID are already in message.
-    DS2476::Buffer challenge;
-    DS2476::CmdResult result = ds2476.readRng(32, challenge);
-    if (result != DS2476::Success)
-        return false;
-    std::copy(challenge.begin(), challenge.end(), message.begin() + 40);
-    result = ds2476.writeBuffer(message);
-    if (result != DS2476::Success)
-        return false;
-    DS2476::HMAC computedHmac;
-    result = ds2476.computeSha2Hmac(computedHmac);
-    if (result != DS2476::Success)
-        return false;
-    
-    // Compute HMAC on device.
-    result = ds28c36.writeBuffer(challenge);
-    if (result != DS28C36::Success)
-        return false;
-    DS28C36::HMAC deviceHmac;
-    result = ds28c36.computeAndReadHmacPageAuthentication(DS28C36::UserData0, DS28C36::SecretNumA, deviceHmac);
-    if (result != DS28C36::Success)
-        return false;
-        
-    return computedHmac == deviceHmac;
+error_code SensorNode::provision() { return provisionAuthenticator(ds28c36); }
+
+error_code SensorNode::authenticate() {
+  // Compute slave secret on coprocessor.
+  DS28C36::Page page;
+  error_code result = ds28c36.readMemory(DS28C36::UserData0, page);
+  if (result)
+    return result;
+  DS28C36::Page challenge = {};
+  DS2476::PageAuthenticationData message = DS2476::createPageAuthenticationData(
+      romId, page, challenge, DS28C36::UserData0, manId);
+  result = ds2476.writeBuffer(message.data(), message.size());
+  if (result)
+    return result;
+  result = ds2476.computeSha2UniqueSecret(DS2476::SecretNumA);
+  if (result)
+    return result;
+
+  // Compute HMAC on coprocessor.
+  // ROM ID, Page 0, and MAN ID are already in message.
+  result = readRng(ds2476, challenge.data(), challenge.size());
+  if (result)
+    return result;
+  std::copy(challenge.begin(), challenge.end(), message.begin() + 40);
+  result = ds2476.writeBuffer(message.data(), message.size());
+  if (result)
+    return result;
+  Sha256::Hash computedHmac;
+  result = ds2476.computeSha2Hmac(computedHmac);
+  if (result)
+    return result;
+
+  // Compute HMAC on device.
+  result = ds28c36.writeBuffer(challenge.data(), challenge.size());
+  if (result)
+    return result;
+  Sha256::Hash deviceHmac;
+  result = ds28c36.computeAndReadHmacPageAuthentication(
+      DS28C36::UserData0, DS28C36::SecretNumA, deviceHmac);
+  if (result)
+    return result;
+
+  if (computedHmac != deviceHmac)
+    result = make_error_code(DS28C36::AuthenticationError);
+  return result;
 }
 
-bool SensorNode::setLaserEnabled(bool enabled, const PrintHandler & print)
-{   
-    if (print)
-    {
-        print((std::string(enabled ? "Enabling" : "Disabling") + " laser").c_str());
-    }
-     
-    // Compute slave secret on coprocessor.
-    DS2476::Buffer message;
-    if (!setSlaveSecret(ds2476, ds28c36, message, print))
-        return false;
-    
-    // Compute write HMAC.
-    // ROM ID and MAN ID are already in message.
-    if (print)
-    {
-        print("Reading GPIO Control page");
-        print((std::string("Modify copy of GPIO Control page to set GPIO B state to ") +
-            (enabled ? "conducting" : "high-impedance")).c_str());
-    }
-    DS28C36::Page page;
-    DS28C36::CmdResult result = ds28c36.readMemory(DS28C36::GpioControl, page);
-    if (result != DS28C36::Success)
-        return false;
-    std::copy(page.begin(), page.end(), message.begin() + 8);
-    page[1] = (enabled ? 0xAA : 0x55);
-    std::copy(page.begin(), page.end(), message.begin() + 40);
-    message[72] = DS28C36::GpioControl;
-    if (print)
-    {
-        print(("Creating HMAC message (ROM ID | Old Page Data | New Page Data | Page # | MAN ID): " +
-            byteArrayToHexString(&message[0], message.size())).c_str());
-        print("Writing HMAC message to DS2476 buffer");
-    }
-    result = ds2476.writeBuffer(message);
-    if (result != DS2476::Success)
-        return false;
-    DS2476::HMAC hmac;
-    result = ds2476.computeSha2Hmac(hmac);
-    if (result != DS2476::Success)
-        return false;
-        
-    if (print)
-    {
-        print(("DS2476 computes write authentication HMAC from slave secret (Secret S) and message in buffer: " +
-            byteArrayToHexString(hmac.data(), hmac.size())).c_str());
-        print("Write authentication HMAC is written to DS28C36 buffer");
-        print("DS28C36 computes an HMAC to compare to the write authentication HMAC after receiving Page # and New Page Data");
-    }
-    
-    // Write page data.
-    result = ds28c36.writeBuffer(DS28C36::Buffer(hmac.begin(), hmac.end()));
-    if (result != DS28C36::Success)
-        return false;
-    result = ds28c36.authenticatedSha2WriteMemory(DS28C36::GpioControl, DS28C36::SecretNumA, page);
-    if (result != DS28C36::Success)
-        return false;
-    if (print)
-    {
-        print("DS28C36 updates page data which changes GPIO B state");
-        print((std::string("Laser is now ") + (enabled ? "enabled" : "disabled")).c_str());
-    }
-    return true;
+error_code SensorNode::setLaserEnabled(bool enabled,
+                                       const PrintHandler & print) {
+  if (print) {
+    print((std::string(enabled ? "Enabling" : "Disabling") + " laser").c_str());
+  }
+
+  // Compute write HMAC.
+  // ROM ID and MAN ID are already in message.
+  if (print) {
+    print("Reading GPIO Control page");
+    print((std::string(
+               "Modify copy of GPIO Control page to set GPIO B state to ") +
+           (enabled ? "conducting" : "high-impedance")).c_str());
+  }
+  DS28C36::Page oldPage;
+  error_code result = ds28c36.readMemory(DS28C36::GpioControl, oldPage);
+  if (result)
+    return result;
+  DS28C36::Page newPage = oldPage;
+  newPage[1] = (enabled ? 0xAA : 0x55);
+  const DS2476::PageAuthenticationData message =
+      DS2476::createPageAuthenticationData(romId, oldPage, newPage,
+                                           DS28C36::GpioControl, manId);
+  if (print) {
+    print(("Creating HMAC message (ROM ID | Old Page Data | New Page Data | "
+           "Page # | MAN ID): " +
+           byteArrayToHexString(&message[0], message.size())).c_str());
+    print("Writing HMAC message to DS2476 buffer");
+  }
+  result = ds2476.writeBuffer(message.data(), message.size());
+  if (result)
+    return result;
+  Sha256::Hash hmac;
+  result = ds2476.computeSha2Hmac(hmac);
+  if (result)
+    return result;
+
+  if (print) {
+    print(("DS2476 computes write authentication HMAC from slave secret "
+           "(Secret S) and message in buffer: " +
+           byteArrayToHexString(hmac.data(), hmac.size())).c_str());
+    print("Write authentication HMAC is written to DS28C36 buffer");
+    print("DS28C36 computes an HMAC to compare to the write authentication "
+          "HMAC after receiving Page # and New Page Data");
+  }
+
+  // Write page data.
+  result = ds28c36.writeBuffer(hmac.data(), hmac.size());
+  if (result)
+    return result;
+  result = ds28c36.authenticatedSha2WriteMemory(DS28C36::GpioControl,
+                                                DS28C36::SecretNumA, newPage);
+  if (result)
+    return result;
+  if (print) {
+    print("DS28C36 updates page data which changes GPIO B state");
+    print((std::string("Laser is now ") + (enabled ? "enabled" : "disabled"))
+              .c_str());
+  }
+  return result;
 }
 
-bool SensorNode::getLaserEnabled(bool & enabled)
-{
-    DS28C36::Page page;
-    DS28C36::CmdResult result = ds28c36.readMemory(DS28C36::GpioControl, page);
-    if (result != DS28C36::Success)
-        return false;
+error_code SensorNode::getLaserEnabled(bool & enabled) {
+  DS28C36::Page page;
+  const error_code result = ds28c36.readMemory(DS28C36::GpioControl, page);
+  if (!result)
     enabled = (page[1] == 0xAA);
-    return true;
+  return result;
 }