Generalization of Secure Element usage

andreagilardoni · andreagilardoni · commit 44b6f86b40c6 · 2026-05-13T09:38:35.000+02:00
tranistion from ECCX08 to SecureElement instance usage
diff --git a/src/ArduinoBearSSLConfig.h b/src/ArduinoBearSSLConfig.h
@@ -12,7 +12,7 @@
 #define ARDUINO_BEARSSL_CONFIG_H_
 
 /* Enabling this define allows the usage of ArduinoBearSSL without crypto chip. */
-//#define ARDUINO_DISABLE_ECCX08
+//#define ARDUINO_DISABLE_SECURE_ELEMENT
 
 /* Enable/Disable global instances*/
 #define ARDUINO_BEARSSL_DISABLE_AES128
diff --git a/src/tls/BearSSLClientProfile.c b/src/tls/BearSSLClientProfile.c
@@ -13,7 +13,7 @@
  ******************************************************************************/
 
 #include <AIoTC_Config.h>
-#ifdef BOARD_HAS_ECCX08
+#ifdef BOARD_HAS_SECURE_ELEMENT
 
 #include "bearssl/inner.h"
 
@@ -88,4 +88,4 @@ void aiotc_client_profile_init(br_ssl_client_context *cc, br_x509_minimal_contex
   br_ssl_engine_set_default_aes_gcm(&cc->eng);
 }
 
-#endif /* #ifdef BOARD_HAS_ECCX08 */
+#endif /* #ifdef BOARD_HAS_SECURE_ELEMENT */
diff --git a/src/tls/BearSSLClientProfile.h b/src/tls/BearSSLClientProfile.h
@@ -16,11 +16,11 @@
  ******************************************************************************/
 
 #include <AIoTC_Config.h>
-#ifdef BOARD_HAS_ECCX08
+#ifdef BOARD_HAS_SECURE_ELEMENT
 
 extern "C" void aiotc_client_profile_init(br_ssl_client_context *cc, br_x509_minimal_context *xc, const br_x509_trust_anchor *trust_anchors, size_t trust_anchors_num);
 
-#endif /* #ifdef BOARD_HAS_ECCX08 */
+#endif /* #ifdef BOARD_HAS_SECURE_ELEMENT */
 
 #endif /* _BEAR_SSL_CLIENT_PROFILE_H_ */
 
diff --git a/src/tls/BearSSLTrustAnchors.h b/src/tls/BearSSLTrustAnchors.h
@@ -16,7 +16,7 @@
  ******************************************************************************/
 
 #include <AIoTC_Config.h>
-#ifdef BOARD_HAS_ECCX08
+#ifdef BOARD_HAS_SECURE_ELEMENT
 
 #include "bearssl/bearssl_ssl.h"
 
@@ -98,6 +98,6 @@ static const br_x509_trust_anchor ArduinoIoTCloudTrustAnchor[2] = {
 
 #define ArduinoIoTCloudTrustAnchor_NUM (2)
 
-#endif /* #ifdef BOARD_HAS_ECCX08 */
+#endif /* #ifdef BOARD_HAS_SECURE_ELEMENT */
 
 #endif /* _BEAR_SSL_TRUST_ANCHOR_H_ */
diff --git a/src/tls/utility/TLSClientMqtt.cpp b/src/tls/utility/TLSClientMqtt.cpp
@@ -18,11 +18,11 @@
   #include "tls/AIoTCUPCert.h"
 #endif
 
-#if defined(BOARD_HAS_SE050) || defined(BOARD_HAS_SOFTSE)
+#if defined(BOARD_HAS_SOFTSE)
   #include "tls/AIoTCSSCert.h"
 #endif
 
-#ifdef BOARD_HAS_ECCX08
+#ifdef BOARD_HAS_SECURE_ELEMENT
   #include "tls/BearSSLTrustAnchors.h"
   #include "tls/BearSSLClientProfile.h"
   extern "C" {
@@ -38,19 +38,12 @@ void TLSClientMqtt::begin(ConnectionHandler & connection, ArduinoIoTAuthenticati
    * https://github.com/arduino/nina-fw/blob/master/arduino/libraries/ArduinoBearSSL/src/BearSSLTrustAnchors.h
    */
   (void)authMode;
-#elif defined(BOARD_HAS_ECCX08)
+#elif defined(BOARD_HAS_SECURE_ELEMENT)
   (void)authMode;
   setClient(connection.getClient());
   setProfile(aiotc_client_profile_init);
   setTrustAnchors(ArduinoIoTCloudTrustAnchor, ArduinoIoTCloudTrustAnchor_NUM);
   ArduinoBearSSL.onGetTime(getTime);
-#elif defined(ARDUINO_PORTENTA_C33)
-  (void)authMode;
-  setClient(connection.getClient());
-  setCACert(AIoTSSCert);
-#elif defined(ARDUINO_NICLA_VISION)
-  (void)authMode;
-  appendCustomCACert(AIoTSSCert);
 #elif defined(ARDUINO_EDGE_CONTROL)
   (void)authMode;
   appendCustomCACert(AIoTUPCert);
diff --git a/src/tls/utility/TLSClientMqtt.h b/src/tls/utility/TLSClientMqtt.h
@@ -26,7 +26,7 @@ enum class ArduinoIoTAuthenticationMode
    */
   #include "WiFiSSLClient.h"
   class TLSClientMqtt : public WiFiBearSSLClient {
-#elif defined(BOARD_HAS_ECCX08)
+#elif defined(BOARD_HAS_SECURE_ELEMENT)
   /*
    * Arduino MKR GSM 1400
    * Arduino MKR NB 1500
@@ -38,18 +38,6 @@ enum class ArduinoIoTAuthenticationMode
   #include <ArduinoBearSSLConfig.h>
   #include <ArduinoBearSSL.h>
   class TLSClientMqtt : public BearSSLClient {
-#elif defined(ARDUINO_PORTENTA_C33)
-  /*
-   * Arduino Portenta C33
-   */
-  #include <SSLClient.h>
-  class TLSClientMqtt : public SSLClient {
-#elif defined(ARDUINO_NICLA_VISION)
-  /*
-   * Arduino Nicla Vision
-   */
-  #include <WiFiSSLSE050Client.h>
-  class TLSClientMqtt : public WiFiSSLSE050Client {
 #elif defined(ARDUINO_EDGE_CONTROL)
   /*
    * Arduino Edge Control
diff --git a/src/tls/utility/TLSClientOta.cpp b/src/tls/utility/TLSClientOta.cpp
@@ -22,7 +22,7 @@
   #include "tls/AIoTCSSCert.h"
 #endif
 
-#ifdef BOARD_HAS_ECCX08
+#ifdef BOARD_HAS_SECURE_ELEMENT
   #include "tls/BearSSLTrustAnchors.h"
   #include "tls/BearSSLClientProfile.h"
   extern "C" {
@@ -35,16 +35,14 @@ void TLSClientOta::begin(ConnectionHandler &connection) {
   /* AWS Root CAs are configured in nina-fw
    * https://github.com/arduino/nina-fw/blob/master/data/roots.pem
    */
-#elif defined(BOARD_HAS_ECCX08)
+#elif defined(BOARD_HAS_SECURE_ELEMENT)
   setClient(*getNewClient(connection.getInterface()));
   setProfile(aiotc_client_profile_init);
   setTrustAnchors(ArduinoIoTCloudTrustAnchor, ArduinoIoTCloudTrustAnchor_NUM);
   ArduinoBearSSL.onGetTime(getTime);
 #elif defined(ARDUINO_PORTENTA_C33)
   setClient(*getNewClient(connection.getInterface()));
   setCACert(AIoTSSCert);
-#elif defined(ARDUINO_NICLA_VISION)
-  appendCustomCACert(AIoTSSCert);
 #elif defined(ARDUINO_EDGE_CONTROL)
   appendCustomCACert(AIoTUPCert);
 #elif defined(ARDUINO_UNOR4_WIFI)
diff --git a/src/tls/utility/TLSClientOta.h b/src/tls/utility/TLSClientOta.h
@@ -20,7 +20,7 @@
    */
   #include "WiFiSSLClient.h"
   class TLSClientOta : public WiFiBearSSLClient {
-#elif defined(BOARD_HAS_ECCX08)
+#elif defined(BOARD_HAS_SECURE_ELEMENT)
   /*
    * Arduino MKR GSM 1400
    * Arduino MKR NB 1500
@@ -38,12 +38,6 @@
    */
   #include <SSLClient.h>
   class TLSClientOta : public SSLClient {
-#elif defined(ARDUINO_NICLA_VISION)
-  /*
-   * Arduino Nicla Vision
-   */
-  #include <WiFiSSLSE050Client.h>
-  class TLSClientOta : public WiFiSSLSE050Client {
 #elif defined(ARDUINO_EDGE_CONTROL)
   /*
    * Arduino Edge Control
diff --git a/src/utility/time/NTPUtils.cpp b/src/utility/time/NTPUtils.cpp
@@ -18,8 +18,8 @@
 #include "NTPUtils.h"
 
 #include <Arduino.h>
-#ifdef BOARD_HAS_ECCX08
-  #include <ArduinoECCX08.h>
+#ifdef BOARD_HAS_SECURE_ELEMENT
+  #include <Arduino_SecureElement.h>
 #endif
 
 /******************************************************************************
@@ -91,8 +91,8 @@ void NTPUtils::sendNTPpacket(UDP & udp)
 
 int NTPUtils::getRandomPort(int const min_port, int const max_port)
 {
-#if defined (BOARD_HAS_ECCX08)
-  return ECCX08.random(min_port, max_port);
+#if defined (BOARD_HAS_SECURE_ELEMENT)
+  return SecureElement.random(min_port, max_port);
 #elif defined (ARDUINO_ARCH_ESP8266) || (ARDUINO_ARCH_ESP32)
   /* Uses HW Random Number Generator */
   return random(min_port, max_port);
