Commit 01b1f84d authored by Mikhail Vataleu's avatar Mikhail Vataleu
Browse files

Add initial components overview

parent c631e4b4
# a71ch-usage
# NXP A71CH secure element usage on Cascade-500 (ubuntu-core)
This repo contains notes and guides for developers which want to use features of the A71CH module built-in Rigado Cascade-500 gateways.
_Disclaimer: This guide based on A71CH OpenSSL Engine and OpenSSL example scripts which you can find in [A71CH Host Software Package: Bash Installer for e.g. Linux or Cygwin](https://www.nxp.com/webapp/Download?colCode=A71CH_01.06.00_20190318)_
## Please Read First
#### NXP A71CH Docs
* [NXP A71CH: Product overview](https://www.nxp.com/products/security-and-authentication/authentication/plug-and-trust-the-fast-easy-way-to-deploy-secure-iot-connections:A71CH)
* [AN12133: A71CH Host software package documentation](https://www.nxp.com/docs/en/application-note/AN12133.pdf)
* [A71CH Host Software Package: Bash Installer for e.g. Linux or Cygwin](https://www.nxp.com/webapp/Download?colCode=A71CH_01.06.00_20190318)
#### Snap Docs
* [Snapcraft: Getting started](https://snapcraft.io/docs/getting-started)
* [Snapcraft: snapcraft.yaml reference](https://snapcraft.io/docs/snapcraft-yaml-reference)
* [Snapcraft: Slots and plugs](https://snapcraft.io/docs/interface-management)
* [Snapcraft: interface type `content`](https://forum.snapcraft.io/t/the-content-interface/1074)
## Components Overview
#### A71CH Host API usage example using A71CH Host API functions
![alt text][A71CH Host API usage]
* **A71CH microcontroller** - The A71CH is a ready-to-use solution enabling ease-of-use security for IoT device makers. It is a secure element capable of securely storing and provisioning credentials, securely connecting IoT devices to public or private clouds and performing cryptographic device authentication
* **Host Library** - A71CH Host Library behaves as the interface between a host microcontroller application and the A71CH security IC. The A71CH executes the different APDUs and gives back the results to the Host Library through the same interface. The complete set of A71CH Host Library functions can be called from communication stacks like TLS or an application running on the host.
* **A71CH Host API** - It is the implementation of the API dealing with A71CH security IC specific functionality. These source files implement the core functionality of the Host Library and provide a C interface abstracting the underlying APDU exchange mechanism between the Host MCU and the A71CH security module.
* **APDU layer** - It is the layer in charge of translating the A71CH Host API function calls to the APDU commands that are delivered to the A71CH via the host interface.
* **OpenSSL** - is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.
* **OpenSSL engine** - With OpenSSL 0.9.6, a new component was added to support alternative cryptography implementations, most commonly for interfacing with external crypto devices (eg. accelerator cards).
#### Secure client use OpenSSL with A71CH
![alt text][OpenSSL client call-stack]
#### A71CH Host API Usage via Snaps on Cascade-500
![alt text][Snaps Host API usage]
* [rigado-hsm-server snap](https://git.rigado.com/cascade/rigado-hsm-server) - NXP A71CH JRCP server and configuration tools for Rigado gateway. This snap implements A71CH Host API functions and configuration tools.
* **a71ch-custom snap** - custom snap which want to use AC71CH features (with OpenSSL). Example: [a71ch-aws-client](https://git.rigado.com/cascade/a71ch-aws-client)
[Snaps Host API usage]: images/snaps.png "A71CH Host API Usage via Snaps on Cascade-500"
[A71CH Host API usage]: images/nxp.png "A71CH Host API usage example using A71CH Host API functions"
[OpenSSL client call-stack]: images/flow.png "OpenSSL Client Call-Stack"
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment