In [None]:
%%HTML
<p id = 'heading1_p'> Symmetric Authentication – TA010-TFLXAUTH </p>
<hr id = 'hline'> </hr> 
<p id = 'heading1_p' style='font-size: 20px; font-weight: bold;'>Introduction</p>
<div id='div_element'>
<p>
    Accessory / Disposable Symmetric Authentication is a process in which a Host generate a challenge that is computed by the 
    Device (accessory / disposable) which send back a response that will be verified by Host to authenticate the Device. 
    The purpose of authentication is to prevent cloning and counterfeiting and to ensure that an accessory / disposable is 
    genuine and authorized to connect to a Host.
</p>
</div>
<p id = 'heading1_p' style='font-size: 20px; font-weight: bold;'>Several implementation are possible as:</p>
<div id='div_element'>
<ul>
    <li>
        <b>Challenge / Response authentication </b> - requires a Secure Element on the Device (Accessory / Disposable) side only, leaving the possibility for Host cloning.
        Secure Element will be provisioned with a symmetric key, Host firmware will embed one or several challenge/response pair(s)
    </li>
    <li>
        <b>Shared Key authentication </b> - requires to integrate a Secure Element on the Device (Accessory / Disposable) and 
        the Host side – both Secure Element will be provisioned with the same symmetric key.
    </li>
    <li>
        <b>Diversified Key authentication </b> - requires to integrate a Secure Element on the Device (Accessory / Disposable) and the Host side. 
        Device Secure Element will be provisioned with a unique symmetric key (derived from a root symmetric key and the Secure Element serial number. 
        Host Secure Element will be provisioned with the root symmetric key)
    </li>
</ul>
<p>This use case describes how Microchip TA010 TrustFLEX AUTH device can be used for Accessory / Disposable authentication using <b>Diversified symmetric Key authentication</b> method.</p>
</div>

<button class="collapsible" style='font-size: 20px; font-weight: bold;'>Cryptographic Asset list & Use Case implementation</button>
<div class="content">
<div id='content_element'>
<hr id = 'h_content'> </hr> 
<p style="float: left; font-size: 9pt; text-align: center; width: 30%; margin-right: 1%;">
    <img src="assets/images/symm_auth/crypto_assets.png" alt="Cryptographic Assets" style="width: 100%"><b>Cryptographic Asset list</b></p>
<p style="float: left; font-size: 9pt; text-align: center; 20em; width: 40%; margin-right: 1%;">
    <img src="assets/images/symm_auth/usecase_steps.png" alt="Use Case Steps" style="width: 100%"><b>Use Case implementation</b><br/>
    (Diversified Symmetric Key)
</p>
<p style="clear: both;">
</div>
</div>

<p id = 'heading1_p' style='margin-top:40px; font-size: 20px; font-weight: bold;'>Use Case information</p>
<hr id = 'hline'> </hr> 
<div id='div_element'>
<p> The Transaction Diagram represent all steps to be performed to successfully implement the given Use Case, during development and after product delivery to the end-user. </p>
<p><strong> For the ease of the execution, when steps are executed from transaction diagram, these are emulated in the Host-PC rather than executed in the 
Host-Microcontroller/Processor from the evaluation kit.</strong> The MPLAB-X project/C Source code includes software code to be executed in your Host-Microcontroller/Processor 
in your embedded project. </p>

<p>Select your Evaluation kit and then click on each step to execute the Use Case. Click on Usecase Help button in transaction diagram for additional details.</p>
</div>

In [None]:
import os
from tpds.usecase_diagram import ProtoBoard, UsecaseDiagram
from tpds.tp_utils.tp_settings import TPSettings
from tpds.proto_boards import get_board_path
from IPython.display import display

curr_path = os.path.abspath('')
os.sys.path.extend([os.path.join(curr_path, 'assets', 'python')])
import symm_auth

tp_settings = TPSettings()
usecase_working_dir = os.path.join(tp_settings.get_base_folder(), 'spg_ta010_symm_auth')
os.makedirs(usecase_working_dir, exist_ok=True)
boards = ProtoBoard(max_width=400)
boards.add_board(
            'DM320118', 
            os.path.join(curr_path, 'assets', 'images', 'usecase_hw.png'), 
            os.path.join(get_board_path(), 'DM320118', 'DM320118.hex'),
            os.path.join(curr_path, 'firmware', 'symm_auth_firmware', 'symmetric_auth_dm320118.X'))
boards.render_boards(0)

symmetric_authentication = symm_auth.SymmetricAuthentication(boards, accessory_symm_key_slot=0x03, host_symm_key_slot=0x05)
usecase_td = UsecaseDiagram(os.path.join(curr_path, 'assets', 'images', 'symm_auth', 'usecase_td.png'), working_dir=usecase_working_dir)
usecase_td.add_firmware(boards.get_firmware_project, tp_settings.get_mplab_paths().get('ide_path'))


generate_resources = usecase_td.add_script(234,72,35,30, symmetric_authentication.generate_resources)
generate_challenge = usecase_td.add_script(287,233,35,30, symmetric_authentication.generate_challenge_on_host, prereq_scripts = [generate_resources])
get_dev_hmac = usecase_td.add_script(287,290,35,30, symmetric_authentication.get_hmac_from_accessory_device, prereq_scripts = [generate_challenge])
compare_hmac = usecase_td.add_script(287,354,35,30, symmetric_authentication.compare_host_hmac_with_accessory_hmac, prereq_scripts = [get_dev_hmac])

usecase_td.add_image(825,201,140,25, os.path.join(curr_path, 'assets', 'images', 'symm_auth', 'c_snippet.PNG'), 'Code Snippet')
usecase_td.add_usecase_help(os.path.join(curr_path, 'assets', 'TA010_SymmAuth.md'))

display(boards.canvas)
usecase_td.display_canvas()

In [None]:
%%HTML
<button class="collapsible" style='font-size: 20px; font-weight: bold;'>Conclusion</button>
<div class="content">
<div id='content_element'>
<hr id = 'h_content'> </hr> 
<p>When ready to start the Secure Exchange Process, please fill the Secure Exchange Process questionnaire and start a support ticket (attached the questionnaire output “.yaml” file from your download folder).
Microchip will then provide you with a Custom Part Number.</p>
<p>Navigate to the TA010-TFLXAUTH configurator, select the Symmetric Authentication Use Case and populate the requested fields (slot 3).</p>
<p>Then click on “Generate Provisioning Package” under the “Production Tab”
Once done, please attach the .zip file generated from the Production Encrypted Provisioning Package button and attach it to the support case.
</p>
<p>Microchip will then enable the procurement of Verification Samples before starting mass-production.</p>
</div>
</div>