Initial version

Author: ayushev

CONTRIBUTING.md

@@ -0,0 +1,90 @@
+# Contributing
+
+When contributing to this repository, please first discuss the change you wish to make via issue,
+email, or any other method with the owners of this repository before making a change. 
+
+Please note we have a code of conduct, please follow it in all your interactions with the project.
+
+## Pull Request Process
+
+1. Ensure any install or build dependencies are removed before the end of the layer when doing a 
+   build.
+2. Update the README.md with details of changes to the interface, this includes new environment 
+   variables, useful file locations and parameters.
+3. You may merge the Pull Request in once you have the sign-off of two other developers, or if you 
+   do not have permission to do that, you may request the second reviewer to merge it for you.
+
+## Code of Conduct
+
+### Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+### Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+### Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+### Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+### Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team.
+All complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+### Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

LICENSE

@@ -0,0 +1,21 @@
+The MIT License
+
+Copyright (c) 2018 Infineon Technologies AG
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE

README.md

@@ -0,0 +1,104 @@
+# OPTIGA™ Trust X
+![TrustXPackage](https://github.com/Infineon/Assets/raw/master/Pictures/OPTIGA-Trust-X.png)
+
+Infineon's [OPTIGA™ Trust X](https://www.infineon.com/cms/en/product/security-smart-card-solutions/optiga-embedded-security-solutions/optiga-trust/optiga-trust-x-sls-32aia/) security solution library for Arduino
+
+## Summary
+[OPTIGA™ Trust X](https://www.infineon.com/dgdl/Infineon-OPTIGA%20TRUST%20X%20SLS%2032AIA-DS-v02_18-EN.pdf) is a security solution based on a secure micrcontroller.
+Each device is shipped with a unique elliptic-curve keypair and a corresponding X.509 certificate. OPTIGA™ Trust X enables easy integration into existing PKI infrastructure.
+
+
+## Key Features and Benefits
+* High-end security controller
+* Turnkey solution
+* One-way authentication using ECDSA
+* Mutual authentication using DTLS client (IETF standard RFC 6347)
+* Secure communication using DTLS
+* Compliant with the USB Type-C™ Authentication standard
+* I2C interface
+* Up to 10 KB user memory
+* Cryptographic support: ECC256, AES128, SHA-256, TRNG, DRNG
+* PG-USON-10-2 package (3 x 3 mm)
+* Standard & extended temperature ranges
+* Full system integration support
+* Common Criteria Certified EAL6+ (high) hardware
+* Cryptographic Tool Box based on ECC NIST P256, P384 and SHA256 (sign, verify, key generation, ECDH, session key derivation)      
+
+## Hardware
+The wiring to your arduino board depends on the [evaluation board](https://www.infineon.com/cms/en/product/evaluation-boards/optiga-trust-x-eval-kit/) or the 
+Shield2GO (link pending) you are using.
+
+## Installation
+
+### Integration of Library
+Please download this repository from GitHub either from the latest [release](https://github.com/Infineon/OPTIGA-Trust-X-Security-Controller/releases) of directly [here](https://github.com/Infineon/OPTIGA-Trust-X-Security-Controller/archive/V1.0.0.zip):
+![Download Library](https://raw.githubusercontent.com/Infineon/assets/master/Pictures/DL_OPTIGA_Trust_X.jpg)
+
+
+To install the OPTIGA™ Trust X library in the Arduino IDE, please go to **Sketch** > **Include Library** > **Add .ZIP Library...** in the Arduino IDE and navigate to the downloaded .ZIP file of this repository. The library will be installed in your Arduino sketch folder in libraries and you can select as well as include this one to your project under **Sketch** > **Include Library** > **OPTIGATrustX**.
+
+![Install Library](https://raw.githubusercontent.com/infineon/assets/master/Pictures/Library_Install_ZIP.png)
+
+## Supported Devices
+In general, the library should be compatible with any Arduino board, however it has been tested for the following platforms:
+* Sparkfun ESP32 Thing (Espressif Systems, ESP32, Xtensa)
+* Adafruit Feather M0 (Atmel, SAMD21, Cortex M0)
+* STM32 Nucleo (ST Microelectronics, STM32F0, Cortex M0)
+* XMC1100 2Go (Infineon Technologies, XMC1100, Cortex M0)
+* XMC4700 Relax Kit (Infineon Technologies, XMC4700, Cortex M4)
+* WEMOS D1 mini (Espressif Systems, ESP8266, Xtensa)
+
+## Usage
+The library is equiped with eight groups of examples which can be found on the following path: File->Examples>OPTIGATrustX 
+The following sections describe all the examples in more detail.
+
+### selfTest
+selfTest example demonstrates a trustX.checkChip() method usage, which authenticates the OPTIGA™ Trust X on the host MCU. 
+This method implements a simple challenge-response authentication scheme, in which the host side authenticates the OPTIGA™ Trust X security chip.  
+
+### calculateHash 
+calculateHash demonstrates example usage of the SHA256 hash, as well as a simple benchamarking for your microcontroller. 
+The performance of this benchmark test greatly depends on I2C  bus frame size (it affects mainly big blocks of data transmitted to the OPTIGA™ Trust X chip for hashing), 
+which was limited by default down to 32 bytes (in case of 32 bytes the library will perfrom fragmentation). 
+
+Please check settings for your specific platform, if you want to improve the performance of the hashing function. 
+
+### calculateSignVerifySign  
+calculateSignVerifySign demonstrates signature generation and signature verification methods of the library. 
+This example shows two modes of operation: 
+1) Calculate a signature using manufacturer private key, the result value is then verified  against the public key
+2) Generate a public-private keypair and store the latter inside one of Object IDs of the OPTIGA™ Trust X, 
+then sign the digest giving only the latter  Object ID, the result value is then verified  against the public key.  
+
+For the verification three methods are available: 
+1) with a given raw public key
+2) with Object ID pointing to the memory slot where the public key is located, 
+3) if neither Object ID nor raw public key were specified, the function will use a default Object ID with manufacturer public key certificate. 
+
+### generateKeypair
+calculateSignVerifySign demonstrates methods for keypair generation, either with a private key export, or without. 
+In the latter case the developer should specify the Object ID of the private key. 
+
+### getCertificate, getUniqueID 
+getCertificate and getUniqueID demonstrate examples of retrievieng various properties of the OPTIGA™ Trust X Chip. 
+As well as these examples the developer can also call getCurrentLimit/setCurrentLimit in order to get or modify the
+current limitation of the chip (varies from 5mA by default to maximum 15mA) 
+
+### getRandom
+getRandom demonstrates random number generator capabilities. This example outputs random numbers of various sizes (16, 32, 64, 128, 256)
+
+### testFullAPI
+testFullAPI is used to briefly test major API calls to the library. The expected output of this function can be found in Figure below. 
+*Certificate output might be different
+
+![testFullAPI expected result](https://github.com/Infineon/Assets/raw/master/Pictures/OPTIGA%20Trust%20X%20testFullAPI.png)
+
+## Available functions
+Available API is discribed in Wiki of the repository
+	
+## Contributing
+
+Please read [CONTRIBUTING.md](CONTRIBUTING.md) for details on our code of conduct and the process of submitting pull requests to us.
+
+## License
+This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details

doc/OPTIGA_Trust_X_Datasheet_v2.5.pdf

@@ -0,0 +1,156 @@
+/**
+ * MIT License
+ *
+ * Copyright (c) 2018 Infineon Technologies AG
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ *  copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE
+ *
+ * Demonstrates use of the 
+ * Infineon Technologies AG OPTIGA™ Trust X Arduino library
+ */
+
+#include "OPTIGATrustX.h"
+
+#define DATA_LENGTH       20
+#define BIGDATA_LENGTH    1024
+#define HASH_LENGTH       32
+
+#define SUPPRESSCOLLORS
+#include "fprint.h"
+
+/* Arrays to store results of operations */
+uint8_t  data[DATA_LENGTH];
+uint8_t  bigdata[BIGDATA_LENGTH];
+uint8_t  hash[HASH_LENGTH];
+
+void setup() 
+{
+  uint32_t ret = 0;
+  
+  /*
+   * Initialise a serial port for debug output
+   */
+  Serial.begin(38400);
+  Serial.println("Initializing ... ");
+
+  /*
+   * Initialise an OPTIGA™ Trust X Board
+   */
+  printGreen("Begin to trust ... ");
+  ret = trustX.begin();
+  if (ret) {
+    printlnRed("Failed");
+    while (true);
+  }
+  printlnGreen("OK");
+
+  /*
+   * Speedup the board (from 6 mA to 15 mA)
+   */
+  ret = trustX.setCurrentLimit(15);
+  if (ret) {
+    printlnRed("Failed");
+    while (true);
+  }
+  printlnGreen("OK");
+
+}
+
+static void output_result(char* tag, uint32_t tstamp, uint8_t* in, uint16_t in_len)
+{
+  printGreen("[OK] | Command executed in "); 
+  Serial.print(tstamp); 
+  Serial.println(" ms");
+  printMagenta(tag); 
+  printMagenta(" Length: ");
+  Serial.println(in_len);
+  printMagenta(tag); 
+  printlnMagenta(":");
+  HEXDUMP(in, in_len);
+}
+
+void loop()
+{
+  uint32_t ret = 0;
+  uint8_t  cntr = 10;
+  // Timestamp is used to measure the execution time of a command
+  uint32_t ts = 0;
+  
+  /*
+   * Calculate a hash of the given data
+   */
+  printGreen("\r\nCalculate One-Time Hash for ");
+  printlnGreen((char *)data);
+  ts = millis();
+  ret = trustX.sha256(data, DATA_LENGTH, hash);
+  ts = millis() - ts;
+  if (ret) {
+    printlnRed("Failed");
+    while (true);
+  }
+  output_result("Hash", ts, hash, HASH_LENGTH);
+
+  /*
+   * Calculate a hash of the given data (big input)
+   */
+  printlnGreen("\r\nCalculate One-Time Hash for 1024 bytes... ");
+  ts = millis();
+  ret = trustX.sha256(bigdata, BIGDATA_LENGTH, hash);
+  ts = millis() - ts;
+  if (ret) {
+    printlnRed("Failed");
+    while (true);
+  }
+
+  output_result("Hash", ts, hash, HASH_LENGTH);
+  printGreen("Hashrate is "); 
+  Serial.print(1024/ts); 
+  Serial.println(" kB/sec");
+
+  /*
+   * Benchmarking hash for the current microcontroller
+   */
+  printlnGreen("\r\nBenchmarking SHA256 100 times for 20 bytes data ... ");
+  ts = millis();
+  for (int i = 0; i < 100; i++) {
+     trustX.sha256(data, DATA_LENGTH, hash);
+  }
+  ts = millis() - ts;
+  if (ret) {
+    printlnRed("Failed");
+    while (true);
+  }
+
+  printGreen("Becnhmark executed in "); 
+  Serial.print(ts); 
+  Serial.println(" ms");
+  printGreen("Hashrate is "); 
+  Serial.print((1000 * 100)/ts); 
+  Serial.println(" H/sec");
+
+  /*
+   * Count down 10 seconds and restart the application
+   */
+  while(cntr) {
+    Serial.print(cntr);
+    Serial.println(" seconds untill restart.");
+    delay(1000);
+    cntr--;
+  }
+}