ArduinoCryptoProvider Class Reference

CW_CryptoProvider implementation for the Arduino UNO R4 (RA4M1). More...

#include <ArduinoCryptoProvider.h>

Inheritance diagram for ArduinoCryptoProvider:

Collaboration diagram for ArduinoCryptoProvider:

Public Member Functions
	ArduinoCryptoProvider ()
	Construct the provider and install the RA4M1 TRNG into micro-ecc.
	ArduinoCryptoProvider (const ArduinoCryptoProvider &)=delete
ArduinoCryptoProvider &	operator= (const ArduinoCryptoProvider &)=delete
CW_CryptoProvider interface
bool	sha256 (const uint8_t *data, size_t len, uint8_t *out) override
	Compute SHA-256 over a contiguous buffer.
bool	sha512 (const uint8_t *data, size_t len, uint8_t *out) override
	Compute SHA-512 over a contiguous buffer.
uint16_t	aesCbcEncrypt (const uint8_t *in, uint16_t len, uint8_t *out, const uint8_t *key, uint8_t keyLen, uint8_t *iv, bool bitPadding) override
	AES-CBC encrypt (selectable bit / null padding).
uint16_t	aesCbcDecrypt (uint8_t *in, uint16_t len, uint8_t *out, const uint8_t *key, uint8_t keyLen, uint8_t *iv, bool bitPadding) override
	AES-CBC decrypt (selectable bit / null padding).
bool	ecdh (const uint8_t *pubKey, const uint8_t *privKey, uint8_t *secret, CW_Curve curve) override
	Compute the ECDH shared secret on a portable curve identifier.
bool	makeKey (uint8_t *pubKey, uint8_t *privKey, CW_Curve curve) override
	Generate a fresh EC keypair via micro-ecc.
bool	random (uint8_t *dest, unsigned size) override
	Fill a buffer with random bytes from the RA4M1 hardware TRNG.
bool	ecdsaVerify (const uint8_t *pubKey64, const uint8_t *hash, size_t hashLen, const uint8_t *sig, CW_Curve curve) override
	Verify a raw r||s ECDSA signature against a message hash.
Public Member Functions inherited from CW_CryptoProvider
virtual	~CW_CryptoProvider ()

Static Private Member Functions
static const uECC_Curve_t *	toUEccCurve (CW_Curve curve)
	Translate a portable CW_Curve to the matching micro-ecc descriptor.
static uint8_t	trngByte ()
	Generate one random byte from the RA4M1 hardware TRNG.
static int	trngCallback (uint8_t *dest, unsigned size)
	Static RNG callback registered with uECC_set_rng().

Private Attributes
AESLib	_aes
	AESLib engine instance reused across all aesCbc* calls.

Detailed Description

CW_CryptoProvider implementation for the Arduino UNO R4 (RA4M1).

Provides the primitives the SDK needs to talk to a Cryptnox card:

Operation	Backing library / hardware
AES-CBC encrypt / decrypt	AESLib
SHA-256 (cert verification, optional via CW_VERIFY_CERT)	Crypto / SHA256
SHA-512	Crypto / SHA512
ECDH + EC key generation + ECDSA verify	micro-ecc
Random bytes	RA4M1 on-chip True-RNG via the trng Arduino library

The constructor registers the internal static RNG callback with micro-ecc via uECC_set_rng() so the caller never needs to wire up randomness manually — without this, micro-ecc would fall back to its insecure default RNG and ECDH keypairs would be predictable.

Example

ArduinoCryptoProvider crypto;       // installs RA4M1 TRNG into micro-ecc
CW_CryptoProvider& provider = crypto;
uint8_t pub[64], priv[32];
provider.makeKey(pub, priv, CW_CURVE_SECP256R1);

Note

Non-copyable (RNG callback registration is global; cloning the provider has no useful semantics).

When CW_VERIFY_CERT is compiled to 0 the SHA-256 entry point is a no-op so the SHA256 dependency can be dropped — the SDK only needs SHA-256 for card-certificate validation.

Examples

BasicUsage.ino, Connect.ino, Sign.ino, UsdcSigning.ino, and VerifyPin.ino.

Definition at line 63 of file ArduinoCryptoProvider.h.

Constructor & Destructor Documentation

ArduinoCryptoProvider() [1/2]

ArduinoCryptoProvider::ArduinoCryptoProvider

(

)

Construct the provider and install the RA4M1 TRNG into micro-ecc.

Construct the provider and register the TRNG-backed RNG with micro-ecc.

Definition at line 27 of file ArduinoCryptoProvider.cpp.

References trngCallback().

Referenced by ArduinoCryptoProvider(), and operator=().

ArduinoCryptoProvider() [2/2]

ArduinoCryptoProvider::ArduinoCryptoProvider ( const ArduinoCryptoProvider & )

delete

References ArduinoCryptoProvider().

Member Function Documentation

aesCbcDecrypt()

uint16_t ArduinoCryptoProvider::aesCbcDecrypt ( uint8_t * in, uint16_t len, uint8_t * out, const uint8_t * key, uint8_t keyLen, uint8_t * iv, bool bitPadding )

overridevirtual

AES-CBC decrypt (selectable bit / null padding).

Parameters

[in,out]	in	Ciphertext input buffer (may be mutated by AESLib).
[in]	len	Input length in bytes.
[out]	out	Plaintext output buffer.
[in]	key	Key bytes.
[in]	keyLen	Key length in bytes.
[in,out]	iv	IV in / next-block IV out.
[in]	bitPadding	true → strip ISO/IEC 7816-4 padding.

Returns

Number of plaintext bytes written into out.

Implements CW_CryptoProvider.

Definition at line 126 of file ArduinoCryptoProvider.cpp.

References _aes.

aesCbcEncrypt()

uint16_t ArduinoCryptoProvider::aesCbcEncrypt ( const uint8_t * in, uint16_t len, uint8_t * out, const uint8_t * key, uint8_t keyLen, uint8_t * iv, bool bitPadding )

overridevirtual

AES-CBC encrypt (selectable bit / null padding).

Parameters

[in]	in	Plaintext input buffer.
[in]	len	Input length in bytes.
[out]	out	Ciphertext output buffer (caller-allocated).
[in]	key	Key bytes.
[in]	keyLen	Key length in bytes (16, 24, or 32).
[in,out]	iv	IV in / next-block IV out (16 bytes).
[in]	bitPadding	true → ISO/IEC 7816-4 bit padding, false → null padding.

Returns

Number of ciphertext bytes written into out.

Implements CW_CryptoProvider.

Definition at line 115 of file ArduinoCryptoProvider.cpp.

References _aes.

ecdh()

bool ArduinoCryptoProvider::ecdh ( const uint8_t * pubKey, const uint8_t * privKey, uint8_t * secret, CW_Curve curve )

overridevirtual

Compute the ECDH shared secret on a portable curve identifier.

ECDH shared-secret computation via micro-ecc.

Translates curve to the matching micro-ecc curve descriptor (uECC_secp256r1() / uECC_secp256k1()) and calls uECC_shared_secret().

Parameters

[in]	pubKey	Peer public key (X || Y, no leading 0x04).
[in]	privKey	Local private scalar.
[out]	secret	Output buffer for the shared X coordinate.
[in]	curve	Portable curve identifier (CW_CURVE_SECP256R1 or CW_CURVE_SECP256K1).

Returns

true on success, false if the peer's public key is not on the curve or curve is unrecognised.

Implements CW_CryptoProvider.

Definition at line 137 of file ArduinoCryptoProvider.cpp.

References toUEccCurve().

ecdsaVerify()

bool ArduinoCryptoProvider::ecdsaVerify ( const uint8_t * pubKey64, const uint8_t * hash, size_t hashLen, const uint8_t * sig, CW_Curve curve )

overridevirtual

Verify a raw r||s ECDSA signature against a message hash.

ECDSA verify (raw r||s, 64 bytes) via micro-ecc.

Translates curve to a micro-ecc descriptor and calls uECC_verify().

Parameters

[in]	pubKey64	Public key (X || Y, 64 bytes).
[in]	hash	Message hash buffer.
[in]	hashLen	Length of the hash in bytes (typically 32).
[in]	sig	Raw r||s signature (64 bytes).
[in]	curve	Portable curve identifier.

Returns

true if the signature verifies, false otherwise (bad signature, malformed key, or unrecognised curve).

Implements CW_CryptoProvider.

Definition at line 164 of file ArduinoCryptoProvider.cpp.

References toUEccCurve().

makeKey()

bool ArduinoCryptoProvider::makeKey ( uint8_t * pubKey, uint8_t * privKey, CW_Curve curve )

overridevirtual

Generate a fresh EC keypair via micro-ecc.

Generate a fresh EC keypair via micro-ecc (uses the RA4M1 TRNG).

Uses the RA4M1 TRNG installed by the constructor — without that registration, uECC_make_key() would silently call its built-in fallback RNG and the resulting key would not be cryptographically secure.

Parameters

[out]	pubKey	Public key output (X || Y).
[out]	privKey	Private scalar output.
[in]	curve	Portable curve identifier.

Returns

true on success, false if curve is unrecognised or micro-ecc rejected the generated scalar (negligible probability — retry is safe).

Implements CW_CryptoProvider.

Definition at line 147 of file ArduinoCryptoProvider.cpp.

References toUEccCurve().

operator=()

ArduinoCryptoProvider & ArduinoCryptoProvider::operator= ( const ArduinoCryptoProvider & )

delete

References ArduinoCryptoProvider().

random()

bool ArduinoCryptoProvider::random ( uint8_t * dest, unsigned size )

overridevirtual

Fill a buffer with random bytes from the RA4M1 hardware TRNG.

Fill a buffer with hardware-TRNG random bytes.

Single source of randomness for the whole SDK.

Parameters

[out]	dest	Output buffer.
[in]	size	Number of bytes to write.

Returns

true if all size bytes were generated, false on a NULL pointer or zero size.

Implements CW_CryptoProvider.

Definition at line 157 of file ArduinoCryptoProvider.cpp.

References trngCallback().

sha256()

bool ArduinoCryptoProvider::sha256 ( const uint8_t * data, size_t len, uint8_t * out )

overridevirtual

Compute SHA-256 over a contiguous buffer.

Compute SHA-256 (no-op when CW_VERIFY_CERT is 0 to drop the dependency).

Only does the work when CW_VERIFY_CERT is non-zero; otherwise the call short-circuits without touching out so the SHA256 symbol is not pulled in by the linker.

Parameters

[in]	data	Pointer to the data to hash.
[in]	len	Length of data in bytes.
[out]	out	32-byte output buffer.

Returns

true on success (including the compiled-out fast path), false on a NULL argument.

Implements CW_CryptoProvider.

Definition at line 85 of file ArduinoCryptoProvider.cpp.

sha512()

bool ArduinoCryptoProvider::sha512 ( const uint8_t * data, size_t len, uint8_t * out )

overridevirtual

Compute SHA-512 over a contiguous buffer.

Used by the secure channel layer for ECDH-derived session-key derivation; always compiled in.

Parameters

[in]	data	Pointer to the data to hash.
[in]	len	Length of data in bytes.
[out]	out	64-byte output buffer.

Returns

true on success, false on a NULL argument.

Implements CW_CryptoProvider.

Definition at line 103 of file ArduinoCryptoProvider.cpp.

toUEccCurve()

const uECC_Curve_t * ArduinoCryptoProvider::toUEccCurve ( CW_Curve curve )

staticprivate

Translate a portable CW_Curve to the matching micro-ecc descriptor.

Map a portable CW_Curve identifier to the matching micro-ecc descriptor.

Parameters

[in]

curve

Portable curve identifier.

Returns

micro-ecc curve descriptor, or NULL if curve is unknown.

uECC_secp256k1() is only available when micro-ecc is compiled with uECC_SUPPORTS_secp256k1=1. The Arduino memory-optimisation step (scripts\\enable_memory_optimization.bat) defines that to 0 to drop the curve and shave flash, so we guard the call — secp256k1 keys are still usable on the card itself (the card signs internally); the Arduino side only needs secp256r1 for the secure-channel ECDH.

Definition at line 41 of file ArduinoCryptoProvider.cpp.

References CW_CURVE_SECP256K1, and CW_CURVE_SECP256R1.

Referenced by ecdh(), ecdsaVerify(), and makeKey().

trngByte()

uint8_t ArduinoCryptoProvider::trngByte ( )

staticprivate

Generate one random byte from the RA4M1 hardware TRNG.

Read one random byte from the RA4M1 hardware TRNG (lazy init on first call).

Lazily initialises the TRNG global on first call.

Returns

A uniformly random byte in [0, 255].

Definition at line 54 of file ArduinoCryptoProvider.cpp.

Referenced by trngCallback().

trngCallback()

int ArduinoCryptoProvider::trngCallback ( uint8_t * dest, unsigned size )

staticprivate

Static RNG callback registered with uECC_set_rng().

Static RNG callback matching the micro-ecc uECC_RNG_Function signature.

Parameters

[out]	dest	Output buffer.
[in]	size	Number of bytes to produce.

Returns

1 on success, 0 on a NULL dest or zero size.

Definition at line 71 of file ArduinoCryptoProvider.cpp.

References trngByte().

Referenced by ArduinoCryptoProvider(), and random().

Member Data Documentation

_aes

AESLib ArduinoCryptoProvider::_aes

private

AESLib engine instance reused across all aesCbc* calls.

Definition at line 205 of file ArduinoCryptoProvider.h.

Referenced by aesCbcDecrypt(), and aesCbcEncrypt().

---

The documentation for this class was generated from the following files:

• src/ArduinoCryptoProvider.h
• src/ArduinoCryptoProvider.cpp