embedded-crypto

Embedded cryptographic operations and secure element integration. Expert skill for hardware crypto accelerators, secure key storage, TrustZone configuration, and side-channel attack mitigation.

509 stars

bya5c-ai

View on GitHub Installation ↓

Best use case

embedded-crypto is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Embedded cryptographic operations and secure element integration. Expert skill for hardware crypto accelerators, secure key storage, TrustZone configuration, and side-channel attack mitigation.

Teams using embedded-crypto should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

You only need a quick one-off answer and do not need a reusable workflow.
You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/embedded-crypto/SKILL.md --create-dirs "https://raw.githubusercontent.com/a5c-ai/babysitter/main/library/specializations/embedded-systems/skills/embedded-crypto/SKILL.md"

Manual Installation

Download SKILL.md from GitHub
Place it in .claude/skills/embedded-crypto/SKILL.md inside your project
Restart your AI agent — it will auto-discover the skill

How embedded-crypto Compares

Feature / Agent	embedded-crypto	Standard Approach
Platform Support	Not specified	Limited / Varies
Context Awareness	High	Baseline
Installation Complexity	Unknown	N/A

Frequently Asked Questions

What does this skill do?

Embedded cryptographic operations and secure element integration. Expert skill for hardware crypto accelerators, secure key storage, TrustZone configuration, and side-channel attack mitigation.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Embedded Cryptographic Operations Skill

Expert skill for cryptographic operations in embedded systems. Provides expertise in hardware crypto accelerators, secure key storage, TrustZone configuration, and security best practices.

## Overview

The Embedded Crypto skill enables secure cryptographic implementation in embedded systems:
- Hardware crypto accelerator usage
- AES/SHA/ECC implementation
- Secure key storage configuration
- TrustZone configuration (Cortex-M33/M55)
- Secure boot chain implementation
- Certificate management
- Random number generation (TRNG)
- Side-channel attack mitigation

## Capabilities

### 1. Hardware Crypto Accelerator Integration

Leverage hardware acceleration for cryptographic operations:

```c
/**
 * @brief Initialize hardware crypto accelerator
 *
 * Enables clock and configures the crypto peripheral for
 * accelerated AES, SHA, and random number generation.
 *
 * @return CRYPTO_OK on success
 */
crypto_status_t crypto_hw_init(void)
{
    // Enable peripheral clock
    RCC->AHB2ENR |= RCC_AHB2ENR_CRYPTEN;

    // Enable AES, SHA, and RNG modules
    CRYP->CR = CRYP_CR_ALGODIR | CRYP_CR_ALGOMODE_AES_CBC;

    // Configure for interrupt or DMA mode
    CRYP->CR |= CRYP_CR_CRYPEN;

    return CRYPTO_OK;
}

/**
 * @brief Hardware-accelerated AES-128 CBC encryption
 *
 * @param[in]  key        128-bit encryption key
 * @param[in]  iv         128-bit initialization vector
 * @param[in]  plaintext  Data to encrypt
 * @param[out] ciphertext Encrypted output
 * @param[in]  length     Data length (must be multiple of 16)
 *
 * @return CRYPTO_OK on success
 */
crypto_status_t crypto_aes128_cbc_encrypt(
    const uint8_t key[16],
    const uint8_t iv[16],
    const uint8_t *plaintext,
    uint8_t *ciphertext,
    size_t length
);
```

### 2. Secure Key Storage

Configure secure key storage mechanisms:

```c
/**
 * @brief Key storage locations and protection levels
 */
typedef enum {
    KEY_STORAGE_RAM,          // Volatile, cleared on reset
    KEY_STORAGE_OTP,          // One-time programmable fuses
    KEY_STORAGE_SECURE_FLASH, // Encrypted flash with RDP
    KEY_STORAGE_TRUSTZONE,    // TrustZone secure region
    KEY_STORAGE_HSM,          // External secure element
} key_storage_t;

/**
 * @brief Key attributes for secure storage
 */
typedef struct {
    uint32_t id;              // Key identifier
    key_storage_t location;   // Storage location
    uint32_t algorithm;       // Key algorithm (AES, ECC, etc.)
    uint16_t bits;            // Key size in bits
    uint32_t usage;           // Allowed operations (encrypt, sign, etc.)
    uint32_t lifetime;        // Persistent or volatile
    uint8_t exportable;       // Can key be exported
} key_attributes_t;

/**
 * @brief Import key into secure storage
 *
 * @param[in]  attributes  Key attributes
 * @param[in]  data        Key material
 * @param[in]  length      Key length
 * @param[out] key_id      Assigned key ID
 *
 * @return CRYPTO_OK on success
 */
crypto_status_t secure_key_import(
    const key_attributes_t *attributes,
    const uint8_t *data,
    size_t length,
    uint32_t *key_id
);
```

### 3. TrustZone Configuration (ARMv8-M)

Configure TrustZone for secure/non-secure separation:

```c
/**
 * @brief TrustZone memory region configuration
 *
 * Memory Map with TrustZone:
 *
 * Address Range       | Security | Purpose
 * --------------------|----------|------------------
 * 0x00000000-0x0001FFFF | Secure  | Secure bootloader
 * 0x00020000-0x0007FFFF | NS      | Non-secure app
 * 0x10000000-0x1000FFFF | Secure  | Secure code/data
 * 0x20000000-0x20007FFF | Secure  | Secure RAM
 * 0x20008000-0x2001FFFF | NS      | Non-secure RAM
 * 0x40000000-0x4FFFFFFF | NS-call | Peripherals (SAU)
 */

/**
 * @brief Configure SAU regions for TrustZone
 */
void sau_configure(void)
{
    // Region 0: Non-secure flash (application)
    SAU->RNR = 0;
    SAU->RBAR = 0x00020000U;  // Base address
    SAU->RLAR = 0x0007FFFFU | SAU_RLAR_ENABLE_Msk;  // Non-secure

    // Region 1: Non-secure RAM
    SAU->RNR = 1;
    SAU->RBAR = 0x20008000U;
    SAU->RLAR = 0x2001FFFFU | SAU_RLAR_ENABLE_Msk;

    // Region 2: Non-secure callable (NSC) for secure API
    SAU->RNR = 2;
    SAU->RBAR = 0x0001F000U;
    SAU->RLAR = 0x0001FFFFU | SAU_RLAR_NSC_Msk | SAU_RLAR_ENABLE_Msk;

    // Enable SAU
    SAU->CTRL = SAU_CTRL_ENABLE_Msk;
}

/**
 * @brief Secure function exposed to non-secure world
 *
 * @note Function must be in NSC region
 */
__attribute__((cmse_nonsecure_entry))
int32_t secure_encrypt(uint8_t *data, size_t length)
{
    // Validate non-secure pointer
    if (cmse_check_address_range(data, length, CMSE_AU_NONSECURE) == NULL) {
        return CRYPTO_ERR_INVALID_PARAM;
    }

    // Perform encryption in secure world
    return crypto_aes128_encrypt_internal(data, length);
}
```

### 4. True Random Number Generation

Implement secure random number generation:

```c
/**
 * @brief Initialize hardware TRNG
 *
 * Configures the true random number generator with
 * health tests and conditioning.
 *
 * @return CRYPTO_OK on success, error if health test fails
 */
crypto_status_t trng_init(void)
{
    // Enable RNG clock
    RCC->AHB2ENR |= RCC_AHB2ENR_RNGEN;

    // Configure health tests
    RNG->CR |= RNG_CR_CED;  // Clock error detection
    RNG->CR |= RNG_CR_RNG_CONFIG3;  // Conditioning

    // Enable RNG
    RNG->CR |= RNG_CR_RNGEN;

    // Wait for first random number and verify
    if (!trng_health_test()) {
        return CRYPTO_ERR_HEALTH_TEST;
    }

    return CRYPTO_OK;
}

/**
 * @brief Generate cryptographically secure random bytes
 *
 * @param[out] output  Buffer to fill with random data
 * @param[in]  length  Number of random bytes to generate
 *
 * @return CRYPTO_OK on success
 *
 * @note Blocks until sufficient entropy available
 */
crypto_status_t trng_generate(uint8_t *output, size_t length);
```

### 5. Certificate Management

Handle X.509 certificates for device identity:

```c
/**
 * @brief Device certificate chain
 *
 * Chain structure:
 * 1. Device certificate (leaf)
 * 2. Intermediate CA certificate
 * 3. Root CA certificate (optional, often trusted by peer)
 */
typedef struct {
    uint8_t *device_cert;
    size_t device_cert_len;
    uint8_t *intermediate_cert;
    size_t intermediate_cert_len;
    uint8_t *root_cert;
    size_t root_cert_len;
} cert_chain_t;

/**
 * @brief Verify certificate chain validity
 *
 * @param[in] chain     Certificate chain to verify
 * @param[in] trusted   Trusted root certificates
 *
 * @return CRYPTO_OK if valid, error code otherwise
 */
crypto_status_t cert_verify_chain(
    const cert_chain_t *chain,
    const cert_store_t *trusted
);

/**
 * @brief Extract public key from certificate
 *
 * @param[in]  cert      DER-encoded certificate
 * @param[in]  cert_len  Certificate length
 * @param[out] pubkey    Extracted public key
 *
 * @return CRYPTO_OK on success
 */
crypto_status_t cert_get_public_key(
    const uint8_t *cert,
    size_t cert_len,
    public_key_t *pubkey
);
```

### 6. Side-Channel Attack Mitigation

Implement countermeasures against side-channel attacks:

```c
/**
 * @brief Side-channel resistant comparison
 *
 * Compares two buffers in constant time to prevent
 * timing attacks.
 *
 * @param[in] a       First buffer
 * @param[in] b       Second buffer
 * @param[in] length  Number of bytes to compare
 *
 * @return 0 if equal, non-zero otherwise
 */
int crypto_compare_constant_time(
    const uint8_t *a,
    const uint8_t *b,
    size_t length
)
{
    uint8_t result = 0;
    for (size_t i = 0; i < length; i++) {
        result |= a[i] ^ b[i];
    }
    return result;
}

/**
 * @brief AES with masking countermeasure
 *
 * Applies random masking to intermediate values
 * to protect against DPA attacks.
 */
typedef struct {
    uint8_t key_masked[16];
    uint8_t mask[16];
    uint8_t state_mask[16];
} aes_masked_ctx_t;

/**
 * @brief Initialize AES with random mask
 */
crypto_status_t aes_masked_init(
    aes_masked_ctx_t *ctx,
    const uint8_t key[16]
)
{
    // Generate random mask
    trng_generate(ctx->mask, 16);

    // XOR key with mask
    for (int i = 0; i < 16; i++) {
        ctx->key_masked[i] = key[i] ^ ctx->mask[i];
    }

    return CRYPTO_OK;
}
```

## Process Integration

This skill integrates with the following processes:

| Process | Integration Point |
|---------|-------------------|
| `secure-boot-implementation.js` | Crypto verification and signing |
| `functional-safety-certification.js` | Security certification aspects |
| `ota-firmware-update.js` | Update encryption and signing |

## Workflow

### 1. Security Requirements Analysis

```markdown
## Security Requirements Checklist

- [ ] Identify assets to protect (keys, data, code)
- [ ] Determine threat model (local, network, physical)
- [ ] Select appropriate algorithms (AES-128/256, ECC P-256)
- [ ] Define key management strategy
- [ ] Plan for side-channel resistance
- [ ] Identify certification requirements (PSA, SESIP, CC)
```

### 2. Hardware Capability Assessment

```bash
# Check for crypto accelerator
grep -i "crypto\|aes\|sha\|rng" device_datasheet.pdf

# Verify TrustZone support (Cortex-M33/M55)
arm-none-eabi-gcc -mcpu=cortex-m33 -print-multi-lib | grep cmse
```

### 3. Implementation

```c
// Initialize crypto subsystem
crypto_hw_init();
trng_init();

// Import device key
key_attributes_t attr = {
    .algorithm = KEY_ALG_AES,
    .bits = 128,
    .usage = KEY_USAGE_ENCRYPT | KEY_USAGE_DECRYPT,
    .location = KEY_STORAGE_TRUSTZONE
};
secure_key_import(&attr, device_key, 16, &key_id);

// Configure TrustZone (if available)
sau_configure();
```

### 4. Security Testing

```bash
# Run static analysis for crypto issues
cppcheck --enable=security src/crypto/

# Check for timing vulnerabilities
python tools/timing_analysis.py build/firmware.elf

# Verify random number quality
python tools/rng_test_suite.py
```

## Output Schema

```json
{
  "cryptoCapabilities": {
    "hardware": {
      "aes": true,
      "sha": true,
      "ecc": false,
      "trng": true
    },
    "trustzone": true,
    "secureElement": false
  },
  "keyManagement": {
    "storageLocations": ["otp", "trustzone"],
    "algorithms": ["aes-128-gcm", "ecdsa-p256"],
    "keyCount": 5
  },
  "implementation": {
    "library": "mbedtls",
    "hwAcceleration": true,
    "sideChannelProtection": true
  },
  "compliance": {
    "psaLevel": 1,
    "certifications": ["PSA Certified Level 1"]
  },
  "artifacts": [
    "src/crypto/crypto_hal.c",
    "src/crypto/trustzone_config.c",
    "src/crypto/key_storage.c",
    "docs/security-architecture.md"
  ]
}
```

## Security Best Practices

### Key Management
- Never store keys in plaintext in flash
- Use OTP fuses for root keys
- Implement key derivation for session keys
- Zeroize keys after use

### Algorithm Selection
- Use AES-GCM for authenticated encryption
- Use ECDSA P-256 for signatures
- Use SHA-256 minimum for hashing
- Avoid deprecated algorithms (DES, MD5, SHA-1)

### Implementation
- Use vetted crypto libraries (mbedTLS, wolfSSL)
- Enable hardware acceleration when available
- Implement constant-time operations
- Clear sensitive data from memory

### Testing
- Verify TRNG output quality
- Test for timing vulnerabilities
- Validate certificate handling
- Audit crypto configurations

## References

- ARM TrustZone for ARMv8-M
- mbedTLS Documentation: https://tls.mbed.org/
- wolfSSL Manual: https://www.wolfssl.com/docs/
- PSA Certified: https://www.psacertified.org/
- NIST Cryptographic Standards

## See Also

- `secure-boot-implementation.js` - Secure boot process
- `ota-firmware-update.js` - Secure updates
- SK-015: OTA Update skill
- AG-005: Embedded Security Expert agent

Related Skills

crypto-analyzer

509

from a5c-ai/babysitter

Cryptographic implementation analysis and validation for encryption algorithms, key sizes, and certificate management

embedded-docs

509

from a5c-ai/babysitter

Embedded firmware documentation generation and maintenance using Doxygen and related tools. Expert skill for API documentation, hardware interface documentation, memory maps, and integration with documentation systems.

crypto-primitives

509

from a5c-ai/babysitter

Implementation and secure usage of cryptographic primitives including ECDSA, BLS, Schnorr signatures, key derivation, secret sharing, and constant-time operations. Provides guidance for secure cryptographic implementations in blockchain applications.

process-builder

509

from a5c-ai/babysitter

Scaffold new babysitter process definitions following SDK patterns, proper structure, and best practices. Guides the 3-phase workflow from research to implementation.

Workflow & Productivity

babysitter

509

from a5c-ai/babysitter

Orchestrate via @babysitter. Use this skill when asked to babysit a run, orchestrate a process or whenever it is called explicitly. (babysit, babysitter, orchestrate, orchestrate a run, workflow, etc.)