diff --git a/examples/CertificateSigningRequest/CertificateSigningRequest.ino b/examples/CertificateSigningRequest/CertificateSigningRequest.ino index 226da43..88dd35c 100644 --- a/examples/CertificateSigningRequest/CertificateSigningRequest.ino +++ b/examples/CertificateSigningRequest/CertificateSigningRequest.ino @@ -4,7 +4,7 @@ This sketch can be used to generate a CSR for a private key generated in an ECC508/ECC608 or SE050 crypto chip slot. - If the ECC508/ECC608 is not configured and locked it prompts + If the SecureElement is not configured and locked it prompts the user to configure and lock the chip with a default TLS configuration. diff --git a/examples/ConfigurationLocking/ConfigurationLocking.ino b/examples/ConfigurationLocking/ConfigurationLocking.ino new file mode 100644 index 0000000..bd18226 --- /dev/null +++ b/examples/ConfigurationLocking/ConfigurationLocking.ino @@ -0,0 +1,111 @@ +/* + Configure and Lock your ATECCX08 SecureElement + + This sketch can be used to apply default configuration and lock + yout ATECCX08 Secure Element. + Default configuration can be found here: + https://github.com/arduino-libraries/ArduinoECCX08/blob/master/src/utility/ECCX08DefaultTLSConfig.h + + SE050 do not have EEPROM configuration and do not need to be locked + to work correctly. secureElement.locked() always returns true for SE050 + and the sketch does nothing. + + The circuit: + - A board equipped with ECC508 or ECC608 or SE050 chip + + This example code is in the public domain. +*/ + +#include + +void setup() { + Serial.begin(9600); + while (!Serial); + + SecureElement secureElement; + + if (!secureElement.begin()) { + Serial.println("No SecureElement present!"); + while (1); + } + + String serialNumber = secureElement.serialNumber(); + + Serial.print("SecureElement Serial Number = "); + Serial.println(serialNumber); + Serial.println(); + + if (!secureElement.locked()) { + String lock = promptAndReadLine("The SecureElement on your board is not locked, would you like to PERMANENTLY configure and lock it now? (y/N)", "N"); + lock.toLowerCase(); + + if (!lock.startsWith("y")) { + Serial.println("Unfortunately you can't proceed without locking it :("); + while (1); + } + + if (!secureElement.writeConfiguration()) { + Serial.println("Writing SecureElement configuration failed!"); + while (1); + } + + if (!secureElement.lock()) { + Serial.println("Locking SecureElement configuration failed!"); + while (1); + } + + Serial.println("SecureElement locked successfully"); + Serial.println(); + } else { +#if defined(SECURE_ELEMENT_IS_ECCX08) + Serial.println("SecureElement already locked!"); + Serial.println(); +#else + Serial.println("SecureElement does not need to be locked!"); + Serial.println(); +#endif + } + +} + +void loop() { + // do nothing +} + +String promptAndReadLine(const char* prompt, const char* defaultValue) { + Serial.print(prompt); + Serial.print(" ["); + Serial.print(defaultValue); + Serial.print("]: "); + + String s = readLine(); + + if (s.length() == 0) { + s = defaultValue; + } + + Serial.println(s); + + return s; +} + +String readLine() { + String line; + + while (1) { + if (Serial.available()) { + char c = Serial.read(); + + if (c == '\r') { + // ignore + continue; + } else if (c == '\n') { + break; + } + + line += c; + } + } + + return line; +} diff --git a/examples/RandomNumber/RandomNumber.ino b/examples/RandomNumber/RandomNumber.ino index 55404da..650ae8f 100644 --- a/examples/RandomNumber/RandomNumber.ino +++ b/examples/RandomNumber/RandomNumber.ino @@ -1,9 +1,13 @@ /* - secureElement Random Number + SecureElement Random Number This sketch uses the ECC508/ECC608 or SE050 to generate a random number every second and print it to the Serial Monitor + If the SecureElement is not configured and locked the ConfigurationLocking + example should be used before running this sketch to setup the chip with a + default TLS configuration. + Circuit: - A board equipped with ECC508 or ECC608 or SE050 chip @@ -19,12 +23,12 @@ void setup() { while (!Serial); if (!secureElement.begin()) { - Serial.println("Failed to communicate with ECC508/ECC608!"); + Serial.println("Failed to communicate with SecureElement!"); while (1); } if (!secureElement.locked()) { - Serial.println("The ECC508/ECC608 is not locked!"); + Serial.println("The SecureElement is not locked!"); while (1); } } @@ -35,4 +39,3 @@ void loop() { delay(1000); } - diff --git a/examples/SelfSignedCertificate/SelfSignedCertificate.ino b/examples/SelfSignedCertificate/SelfSignedCertificate.ino index c859d73..6c8adf2 100644 --- a/examples/SelfSignedCertificate/SelfSignedCertificate.ino +++ b/examples/SelfSignedCertificate/SelfSignedCertificate.ino @@ -4,7 +4,7 @@ This sketch can be used to generate a self signed certificate for a private key generated in an ECC508/ECC608 or SE050 crypto chip slot. - If the crypto chip is not configured and locked it prompts + If the SecureElement is not configured and locked it prompts the user to configure and lock the chip with a default TLS configuration. @@ -145,4 +145,4 @@ String readLine() { } return line; -} \ No newline at end of file +}