SE Manager Secure Identity

This example uses the SE Manager API and Mbed TLS to perform the secure identity on the supported Series 2 Secure Vault device.

This example uses the CRYPTO engine in the SE to accelerate the X.509 API functions of Mbed TLS. The Private Device Key in the Secure Key Storage on the chip is used to sign the challenge from the remote device.

The CRYPTO hardware acceleration on Mbed TLS can be switched off by defining the NO_CRYPTO_ACCELERATION symbol in the IDE setting (Preprocessor->Defined symbols). Increase the heap size to 10240 (sl_memory_config.h) to use this option in IAR Embedded Workbench.

The example redirects standard I/O to the virtual serial port (VCOM) of the kit. By default, the serial port setting is 115200 bps and 8-N-1 configuration.

The example has been instrumented with code to count the number of clock cycles spent in different operations. The results are printed on the VCOM serial port console. This feature can be disabled by defining SE_MANAGER_PRINT=0 (default is 1) in the IDE setting (Preprocessor->Defined symbols).

The certificates are printed on the VCOM serial port console. This feature can be disabled by defining SE_MANAGER_PRINT_CERT=0 (default is 1) in the IDE setting (Preprocessor->Defined symbols).

SE Manager API

The following SE Manager APIs are used in this example:

Getting Started

  1. Upgrade the kit’s firmware to the latest version (see Adapter Firmware under General Device Information in Simplicity Studio 5 Users Guide).
  2. Upgrade the device’s SE firmware to the latest version (see Secure Firmware under General Device Information in Simplicity Studio 5 Users Guide).
  3. Open any terminal program and connect to the kit’s VCOM port.
  4. Create this platform example project in the Simplicity IDE (see Examples in Simplicity Studio 5 Users Guide, check Platform() checkbox to browse the platform examples).
  5. Build the example and download it to the kit (see Simple Build and Flash Programmer in Simplicity Studio 5 Users Guide).
  6. Run the example and the console should display the process steps of this example.

Additional Information

  1. The default optimization level is Optimize for debugging (-Og) on Simplicity IDE and None on IAR Embedded Workbench.

Resources

AN1268: Authenticating Silicon Labs Devices Using Device Certificates