Android Question Advanced cryptography for ATMEL chip

pierpa

Member
Licensed User
Longtime User
Hello,

I am cloning an app following ATMEL guidelines.

I need to clone this app: https://play.google.com/store/apps/details?id=net.nanmu.atmel.smartplug

This app configures and operates this ATMEL reference design device : http://www.atmel.com/tools/smart-plug-reference-design.aspx

The problem is that ATMEL release _everything_ (PCB, schematic, even BOM and firmware source) about this design, but they refuse to give the sources of the app.

So, I need to make it from scratch.

The most difficult part is to ensure excrypted communication with the ATECC508A chip: http://www.atmel.com/devices/ATECC508A.aspx

what i need now is to create a Elliptic curve key pair.

I found that in Android this is done through the piece of code described at this page: https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.html

B4X:
 KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(
         KeyProperties.KEY_ALGORITHM_EC, "AndroidKeyStore");
keyPairGenerator.initialize(
         new KeyGenParameterSpec.Builder(
                 "key1",
                 KeyProperties.PURPOSE_SIGN)
                 .setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1"))
                 .setDigests(KeyProperties.DIGEST_SHA256,
                         KeyProperties.DIGEST_SHA384,
                         KeyProperties.DIGEST_SHA512)
                 // Only permit the private key to be used if the user authenticated
                 // within the last five minutes.
                 .setUserAuthenticationRequired(true)
                 .setUserAuthenticationValidityDurationSeconds(5 * 60)
                 .build());
KeyPair keyPair = keyPairGenerator.generateKeyPair();
Signature signature = Signature.getInstance("SHA256withECDSA");
signature.initSign(keyPair.getPrivate());
...

// The key pair can also be obtained from the Android Keystore any time as follows:
KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
keyStore.load(null);
PrivateKey privateKey = (PrivateKey) keyStore.getKey("key1", null);
PublicKey publicKey = keyStore.getCertificate("key1").getPublicKey();

Since I am not still very proficient in Reflection, I need help in turning this piece of conde inside B4A

I attached the whole communication process schematic.

I can follow all of the async communication.

Please, help.

Regards,

Pierpaolo
 

Attachments

  • Screenshot 2017-02-06 00.55.56.png
    Screenshot 2017-02-06 00.55.56.png
    283.9 KB · Views: 232
Last edited:

Erel

B4X founder
Staff member
Licensed User
Longtime User
You can use inline Java to run this code. Note that KeyProperties is only available in Android 6+.

The imports that you need to add are:
B4X:
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.ECGenParameterSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyProperties;
 
Upvote 0
Top