Plug&Trust Click-Platine A5000
Plug&Trust Click-Platine A5000
Key Features
- Basierend auf der Integral Security Architecture 3.0™, sicherer und effizienter Schutz für Authentifizierungs- und Fälschungsschutzanwendungen, Common Criteria EAL6+-Zertifizierung, Unterstützung für asymmetrische ECC-Kryptografie- und symmetrische AES/3DES-Algorithmen, Deep Power-Down-Modus und mehr
- Basierend auf dem A5000 – sicherer IoT-Authentifikator von NXP Semiconductor
- Kann in IoT-Sicherheitsanwendungsfällen wie der sicheren Verbindung zu öffentlichen/privaten Clouds, der Gerät-zu-Gerät-Authentifizierung oder dem Fälschungsschutz verwendet werden
- mikroBUS: I2C-Schnittstelle
Overview
Das A5000 Plug&Trust Click Board™ ist eine kompakte Zusatzplatine, die einen gebrauchsfertigen, sicheren IoT-Authentifikator darstellt. Diese Platine verfügt über den A5000, einen Edge Lock® Secure Authenticator von NXP Semiconductors. Der A5000 bietet eine Vertrauensbasis auf IC-Ebene und verleiht einem IoT-Authentifizierungssystem modernste Sicherheitsfunktionen. Es ermöglicht die sichere Speicherung und Bereitstellung von Anmeldeinformationen und die Durchführung kryptografischer Vorgänge für sicherheitskritische Kommunikations- und Authentifizierungsfunktionen. Es verfügt über eine unabhängige Common Criteria EAL 6+-Sicherheitszertifizierung bis auf Betriebssystemebene und unterstützt asymmetrische ECC-Kryptografie- und symmetrische AES/3DES-Algorithmen. Dieses Click Board™ eignet sich für IoT-Sicherheitsanwendungsfälle wie sichere Verbindungen zu öffentlichen/privaten Clouds, Gerät-zu-Gerät-Authentifizierung oder Fälschungsschutz.
Das A5000 Plug&Trust Click Board™ wird von einer mikroSDK-kompatiblen Bibliothek unterstützt, die Funktionen enthält, die die Softwareentwicklung vereinfachen. Dieses Click Board™ wird als gründlich getestetes Produkt geliefert und ist einsatzbereit für ein System mit einer mikroBUS™-Buchse.
How Does The A5000 Plug&Trust Click Board™ Work?
The A5000 Plug&Trust Click Board™ is based on the A5000, a secure IoT authenticator based on Integral Security Architecture 3.0™ from NXP Semiconductors, providing secure and efficient protection for authentication and anti-counterfeit use cases. This Click board™ is designed to be part of an IoT system; works as an auxiliary security device attached to a host MCU. A Common Criteria EAL6+ certification proves the efficiency of the security measures. It is ideal for many authentication use cases without the need to write security code and comes with ECC asymmetric cryptographic and AES/3DES symmetric algorithms support to protect the A5000 even against sophisticated non-invasive and invasive attack scenarios.
The A5000 operates autonomously based on an integrated Java Card operating system and a full-fledged authentication applet. The Authentication Applet features a generic file system that stores secure objects and associated privilege management. Direct memory access is possible only by the NXP Authentication applet's fixed functionalities. With that, the content from memory is fully isolated from the host system.
The A5000 Plug&Trust Click Board™ communicates with MCU using the standard I2C 2-Wire interface. The communication with the A5000 authenticator follows a command/response concept. It means that after sending the entire command to the authenticator, all data must be retrieved fully to allow sending of the following command. This board also allows the user to select the appropriate I2C communication speed by onboard SMD jumpers labelled as I2C SPEED to a proper position marked as 400Kb and 1Mb. Note that all the jumpers must be lined to the same side, or else the Click board™ may become unresponsive.
Besides, the A5000 provides a special power-saving mode offering maximum power saving. The way of activation of this mode is realized with the onboard switch marked as ENA SEL. In this way, Power-Saving Mode can be activated via the EN pin, routed to the CS pin of the mikroBUS™ socket, primarily by placing the switch to the EN position and then pulling the EN pin to a logic zero level. By placing the switch in the second position marked as ON, the A5000 is in normal operation mode.
The A5000 Plug&Trust Click Board™ can be operated only with a 3.3V logic voltage level. The board must perform appropriate logic voltage level conversion before using MCUs with different logic levels. However, the Click board™ comes equipped with a library containing functions and an example code that can be used, as a reference, for further development.
SPECIFICATIONS
Type | Encryption,IoT security |
Applications | Can be used in IoT security use cases such as secure connection to public/private clouds, device-to-device authentication, or counterfeit protection |
On-board modules | A5000 - secure IoT authenticator from NXP Semiconductors |
Key Features | Based on Integral Security Architecture 3.0™, secure and efficient protection for authentication and anti-counterfeit use cases, Common Criteria EAL6+ certification, ECC asymmetric cryptographic and AES/3DES symmetric algorithms support, Deep Power-Down Mode, and more |
Interface | I2C |
Compatibility | mikroBUS |
Click board size | S (28.6 x 25.4 mm) |
Input Voltage | 3.3V |
PINOUT DIAGRAM
This table shows how the pinout of the A5000 Plug&Trust Click Board™ corresponds to the pinout on the mikroBUS™ socket (the latter shown in the two middle columns).
Notes | Pin | Pin | Notes | ||||
---|---|---|---|---|---|---|---|
NC | 1 | AN | PWM | 16 | NC | ||
Deep Power-Down Mode | EN | 2 | RST | INT | 15 | NC | |
NC | 3 | CS | RX | 14 | NC | ||
NC | 4 | SCK | TX | 13 | NC | ||
NC | 5 | MISO | SCL | 12 | SCL | I2C Clock | |
NC | 6 | MOSI | SDA | 11 | SDA | I2C Data | |
Power Supply | 3.3V | 7 | 3.3V | 5V | 10 | NC | |
Ground | GND | 8 | GND | GND | 9 | GND | Ground |
ONBOARD SETTINGS AND INDICATORS
Label | Name | Default | Description |
---|---|---|---|
LD1 | PWR | - | Power LED Indicator |
JP1-JP2 | I2C SPEED | Left | I2C Speed Selection 400Kb/1Mb: Left position 400Kb, Right position 1Mb |
SW1 | ENA SEL | Left | Deep Power-Down Mode Activation Switch EN/ON: Left position EN, Right position ON |
A5000 PLUG&TRUST CLICK ELECTRICAL SPECIFICATIONS
Description | Min | Typ | Max | Unit |
---|---|---|---|---|
Supply Voltage | - | 3.3 | - | V |
User Memory | - | - | 8 | kB |
I2C Interface Speed | 400 | - | 1000 | kHz |
Operating Temperature Range | -40 | +25 | +105 | °C |
Software Support
We provide a library for the A5000 Plug&Trust Click Board™ as well as a demo application (example), developed using MikroElektronika compilers. The demo can run on all the main MikroElektronika development boards.
The package can be downloaded/installed directly from NECTO Studio The package Manager (recommended), downloaded from our LibStock™ or found on MikroE Github account.
Library Description
This library contains API for the A5000 Plug&Trust Click Board™ driver.
Key functions
-
a5000plugntrust_apdu_write
This function writes a @b frame_data to device. -
a5000plugntrust_apdu_read
This function reads a @b frame_data from device. -
a5000plugntrust_apdu_transfer
This function writes a @b frame_data and then reads return data from device and stores it in @b frame_data.
Example Description
This application is showcasing basic functionality of the A5000 Plug&Trust Click Board™. It gets identify data from device, selects card manager and applet. Then checks free memory, reads all objects and deletes not reserved ones. After that showcases a few of functionality: Generating random data, Creating, reading and deleting binary objects, Creating AES symmetrical key and cipher with it; In the end it is showcasing funcionality in the endless loop.
void application_task ( void )
{
#define DATA_LEN 16
static uint8_t aes_value[ DATA_LEN ] = { 0x40, 0x41, 0x42, 0x43,0x44, 0x45, 0x46, 0x47,
0x48, 0x49, 0x4A, 0x4B,0x4C, 0x4D, 0x4E, 0x4F };
static uint32_t binary_id = 0xBBBBBBBB;
static uint32_t aes_id = 0xCCCCCCCC;
uint8_t random_data[ DATA_LEN ] = { 0 };
uint8_t read_data[ DATA_LEN ] = { 0 };
uint8_t encrypted_data[ DATA_LEN ] = { 0 };
uint32_t read_len = DATA_LEN;
if ( A5000PLUGNTRUST_OK == a5000plugntrust_get_random_numbers( &a5000plugntrust, random_data, DATA_LEN ) )
{
log_printf( &logger, " > Generated random data: 0x" );
log_buf_hex( random_data, DATA_LEN );
log_printf( &logger, "rn" );
}
else
{
log_error( &logger, " Random" );
}
Delay_ms( 2000 );
if ( A5000PLUGNTRUST_OBJECT_DOESNT_EXIST == a5000plugntrust_check_object_exist( &a5000plugntrust, binary_id ) )
{
log_printf( &logger, " Write random data to binary object...rn" );
if ( A5000PLUGNTRUST_OK != a5000plugntrust_write_binary_object( &a5000plugntrust, binary_id,
0, DATA_LEN, random_data ) )
{
log_error( &logger, " Write Binary" );
}
else
{
log_info( &logger, " Status OK" );
}
}
else
{
log_error( &logger, " Binary object already exist" );
}
Delay_ms( 2000 );
if ( A5000PLUGNTRUST_OBJECT_DOES_EXISTS == a5000plugntrust_check_object_exist( &a5000plugntrust, binary_id ) )
{
if ( A5000PLUGNTRUST_OK == a5000plugntrust_read_object( &a5000plugntrust, binary_id, 0, 0,
read_data, &read_len ) )
{
log_printf( &logger, " > Read data from binary object: 0x" );
log_buf_hex( read_data, read_len );
log_printf( &logger, "rn" );
}
else
{
log_error( &logger, " Read binray object" );
}
}
else
{
log_error( &logger, " Binary object doesn't exist" );
}
Delay_ms( 2000 );
log_printf( &logger, " Create AES key...rn" );
create_128_aes_key( aes_id, aes_value );
Delay_ms( 2000 );
if ( A5000PLUGNTRUST_OK == cipher_data_with_aes_key( aes_id, A5000PLUGNTRUST_P2_ENCRYPT_ONESHOT,
read_data, encrypted_data ) )
{
log_printf( &logger, " > Encrypted data: 0x" );
log_buf_hex( encrypted_data, DATA_LEN );
log_printf( &logger, "rn" );
}
else
{
log_error( &logger, " Encrypting data" );
}
Delay_ms( 2000 );
if ( A5000PLUGNTRUST_OK == cipher_data_with_aes_key( aes_id, A5000PLUGNTRUST_P2_DECRYPT_ONESHOT,
encrypted_data, read_data ) )
{
log_printf( &logger, " > Decrypted data: 0x" );
log_buf_hex( read_data, DATA_LEN );
log_printf( &logger, "rn" );
}
else
{
log_error( &logger, " Decrypting data" );
}
Delay_ms( 2000 );
log_printf( &logger, " Delete Binary and AES object...rn" );
if ( ( A5000PLUGNTRUST_OK != a5000plugntrust_delete_object( &a5000plugntrust, binary_id ) ) ||
( A5000PLUGNTRUST_OK != a5000plugntrust_delete_object( &a5000plugntrust, aes_id ) ) )
{
log_error( &logger, " Deleting objects" );
}
log_printf( &logger, "*****************************************************************************rn" );
Delay_ms( 5000 );
}
The full application code, and ready to use projects can be installed directly from NECTO Studio The package Manager (recommended), downloaded from our LibStock™ or found on MikroE Github account.
Other MikroE Libraries used in the example:
- MikroSDK.Board
- MikroSDK.Log
- Click.A5000PlugnTrust
Additional Notes and Information
Depending on the development board you are using, you may need USB UART Click Board™, USB UART 2 Click, or RS232 Click to connect to your PC, for development systems with no UART to USB interface available on the board. UART terminal is available in all MikroElektronika compilers.
MIKROSDK
The A5000 Plug&Trust Click Board™ is supported with mikroSDK - MikroElektronika Software Development Kit. To ensure proper operation of mikroSDK compliant Click board™ demo applications, mikroSDK should be downloaded from the LibStock and installed for the compiler you are using.
Software Support
We provide a library for the A5000 Plug&Trust Click Board™ as well as a demo application (example), developed using MikroElektronika compilers. The demo can run on all the main MikroElektronika development boards.
The package can be downloaded/installed directly from NECTO Studio The package Manager (recommended), downloaded from our LibStock™ or found on MikroE Github account.
Library Description
This library contains API for the A5000 Plug&Trust Click Board™ driver.
Key functions
-
a5000plugntrust_apdu_write
This function writes a @b frame_data to device. -
a5000plugntrust_apdu_read
This function reads a @b frame_data from device. -
a5000plugntrust_apdu_transfer
This function writes a @b frame_data and then reads return data from device and stores it in @b frame_data.
Example Description
This application is showcasing basic functionality of the A5000 Plug&Trust Click Board™. It gets identify data from device, selects card manager and applet. Then checks free memory, reads all objects and deletes not reserved ones. After that showcases a few of functionality: Generating random data, Creating, reading and deleting binary objects, Creating AES symmetrical key and cipher with it; In the end it is showcasing funcionality in the endless loop.
void application_task ( void )
{
#define DATA_LEN 16
static uint8_t aes_value[ DATA_LEN ] = { 0x40, 0x41, 0x42, 0x43,0x44, 0x45, 0x46, 0x47,
0x48, 0x49, 0x4A, 0x4B,0x4C, 0x4D, 0x4E, 0x4F };
static uint32_t binary_id = 0xBBBBBBBB;
static uint32_t aes_id = 0xCCCCCCCC;
uint8_t random_data[ DATA_LEN ] = { 0 };
uint8_t read_data[ DATA_LEN ] = { 0 };
uint8_t encrypted_data[ DATA_LEN ] = { 0 };
uint32_t read_len = DATA_LEN;
if ( A5000PLUGNTRUST_OK == a5000plugntrust_get_random_numbers( &a5000plugntrust, random_data, DATA_LEN ) )
{
log_printf( &logger, " > Generated random data: 0x" );
log_buf_hex( random_data, DATA_LEN );
log_printf( &logger, "rn" );
}
else
{
log_error( &logger, " Random" );
}
Delay_ms( 2000 );
if ( A5000PLUGNTRUST_OBJECT_DOESNT_EXIST == a5000plugntrust_check_object_exist( &a5000plugntrust, binary_id ) )
{
log_printf( &logger, " Write random data to binary object...rn" );
if ( A5000PLUGNTRUST_OK != a5000plugntrust_write_binary_object( &a5000plugntrust, binary_id,
0, DATA_LEN, random_data ) )
{
log_error( &logger, " Write Binary" );
}
else
{
log_info( &logger, " Status OK" );
}
}
else
{
log_error( &logger, " Binary object already exist" );
}
Delay_ms( 2000 );
if ( A5000PLUGNTRUST_OBJECT_DOES_EXISTS == a5000plugntrust_check_object_exist( &a5000plugntrust, binary_id ) )
{
if ( A5000PLUGNTRUST_OK == a5000plugntrust_read_object( &a5000plugntrust, binary_id, 0, 0,
read_data, &read_len ) )
{
log_printf( &logger, " > Read data from binary object: 0x" );
log_buf_hex( read_data, read_len );
log_printf( &logger, "rn" );
}
else
{
log_error( &logger, " Read binray object" );
}
}
else
{
log_error( &logger, " Binary object doesn't exist" );
}
Delay_ms( 2000 );
log_printf( &logger, " Create AES key...rn" );
create_128_aes_key( aes_id, aes_value );
Delay_ms( 2000 );
if ( A5000PLUGNTRUST_OK == cipher_data_with_aes_key( aes_id, A5000PLUGNTRUST_P2_ENCRYPT_ONESHOT,
read_data, encrypted_data ) )
{
log_printf( &logger, " > Encrypted data: 0x" );
log_buf_hex( encrypted_data, DATA_LEN );
log_printf( &logger, "rn" );
}
else
{
log_error( &logger, " Encrypting data" );
}
Delay_ms( 2000 );
if ( A5000PLUGNTRUST_OK == cipher_data_with_aes_key( aes_id, A5000PLUGNTRUST_P2_DECRYPT_ONESHOT,
encrypted_data, read_data ) )
{
log_printf( &logger, " > Decrypted data: 0x" );
log_buf_hex( read_data, DATA_LEN );
log_printf( &logger, "rn" );
}
else
{
log_error( &logger, " Decrypting data" );
}
Delay_ms( 2000 );
log_printf( &logger, " Delete Binary and AES object...rn" );
if ( ( A5000PLUGNTRUST_OK != a5000plugntrust_delete_object( &a5000plugntrust, binary_id ) ) ||
( A5000PLUGNTRUST_OK != a5000plugntrust_delete_object( &a5000plugntrust, aes_id ) ) )
{
log_error( &logger, " Deleting objects" );
}
log_printf( &logger, "*****************************************************************************rn" );
Delay_ms( 5000 );
}
The full application code, and ready to use projects can be installed directly from NECTO Studio The package Manager (recommended), downloaded from our LibStock™ or found on MikroE Github account.
Other MikroE Libraries used in the example:
- MikroSDK.Board
- MikroSDK.Log
- Click.A5000PlugnTrust
Additional Notes and Information
Depending on the development board you are using, you may need USB UART Click Board™, USB UART 2 Click, or RS232 Click to connect to your PC, for development systems with no UART to USB interface available on the board. UART terminal is available in all MikroElektronika compilers.
MIKROSDK
The A5000 Plug&Trust Click Board™ is supported with mikroSDK - MikroElektronika Software Development Kit. To ensure proper operation of mikroSDK compliant Click board™ demo applications, mikroSDK should be downloaded from the LibStock and installed for the compiler you are using.
Frequently Asked Questions
Have a Question?
Be the first to ask a question about this.