├── Makefile ├── README.md ├── examples ├── provision_ecc108 │ └── provision_ecc108.ino └── provision_sha204 │ └── provision_sha204.ino ├── library.properties └── src ├── CryptoAuthLib.h ├── atca_command.c ├── atca_command.h ├── atca_compiler.h ├── atca_device.c ├── atca_device.h ├── atca_devtypes.h ├── atca_iface.c ├── atca_iface.h ├── atca_status.h ├── basic ├── README.md ├── atca_basic.c ├── atca_basic.h ├── atca_helpers.c └── atca_helpers.h ├── crypto ├── README.md ├── atca_crypto_sw.h ├── atca_crypto_sw_ecdsa.c ├── atca_crypto_sw_ecdsa.h ├── atca_crypto_sw_rand.c ├── atca_crypto_sw_rand.h ├── atca_crypto_sw_sha1.c ├── atca_crypto_sw_sha1.h ├── atca_crypto_sw_sha2.c ├── atca_crypto_sw_sha2.h └── hashes │ ├── sha1_routines.c │ ├── sha1_routines.h │ ├── sha2_routines.c │ └── sha2_routines.h ├── hal ├── atca_hal.c ├── atca_hal.h ├── atca_start_config.h ├── atca_start_iface.h ├── hal_samd21_i2c_wire.cpp ├── hal_samd21_i2c_wire.h └── hal_samd21_timer_wire.cpp └── host ├── atca_host.c └── atca_host.h /Makefile: -------------------------------------------------------------------------------- 1 | all: CryptoAuthLib.zip 2 | 3 | .PHONY: CryptoAuthLib.zip 4 | CryptoAuthLib.zip: 5 | -rm CryptoAuthLib.zip 6 | -rm -rf release 7 | mkdir -p release 8 | cp -r library.properties src examples release 9 | cd release; zip -r ../CryptoAuthLib.zip * --exclude '*~' 10 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # CryptoAuthLib 2 | 3 | This is a port of the Atmel 4 | [CryptoAuthLib](http://www.atmel.com/tools/CryptoAuthLib.aspx) library 5 | for the Arduino platform. 6 | 7 | This is **beta** release, see disclaimer below. 8 | 9 | ## Installation 10 | 11 | 1. Download the CryptoAuthLib-v*xyz*.zip from the [latest release](https://github.com/sathibault/cryptoauthlib/releases) 12 | 2. From Arduino IDE menu select Sketch -> Include library -> Add .ZIP library and select the downloaded file. 13 | 14 | ## Examples 15 | 16 | See provision_sha204 for an example of provisioning a device and using 17 | it to computing challenge responses with symmetric keys with the 18 | ATSHA204A chip. 19 | 20 | See provision_ecc108 for an example of provisioning a device and using 21 | it to generate private/public key pairs, signing messages, and 22 | validating signed messages with the ATECC108A chip. 23 | 24 | ## License 25 | 26 | Redistribution and use in source and binary forms, with or without 27 | modification, are permitted provided that the following conditions are met: 28 | 29 | 1. Redistributions of source code must retain the above copyright notice, 30 | this list of conditions and the following disclaimer. 31 | 32 | 2. Redistributions in binary form must reproduce the above copyright notice, 33 | this list of conditions and the following disclaimer in the documentation 34 | and/or other materials provided with the distribution. 35 | 36 | 3. The name of Atmel may not be used to endorse or promote products derived 37 | from this software without specific prior written permission. 38 | 39 | 4. This software may only be redistributed and used in connection with an 40 | Atmel integrated circuit. 41 | 42 | THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 43 | WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 44 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 45 | EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 46 | ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 47 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 48 | OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 49 | HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 50 | STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 51 | ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 52 | POSSIBILITY OF SUCH DAMAGE. 53 | -------------------------------------------------------------------------------- /examples/provision_ecc108/provision_ecc108.ino: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | 5 | // Set to 1 to lock the data zone on success 6 | #define LOCK_DATA 0 7 | 8 | #define ECC108_I2C_ADDR 0x60 // 60h is factory default 9 | 10 | // Some slot configuration 11 | uint8_t slot_config[3][4] { 12 | {0x81, 0xA0, 0x81, 0xA0}, // slot 0 - private key, slot 1 - private key 13 | {0x81, 0xA0, 0x81, 0xA0}, // slot 2 - private key, slot 3 - private key 14 | {0x04, 0x04, 0x05, 0x05} // slot 4 - user r/w data, slot 5 - user r/w data 15 | }; 16 | 17 | // Device public keys 18 | uint8_t public_keys[2][64]; 19 | 20 | // Test message to sign 21 | const char *message = "Is this really me?"; 22 | 23 | // Intermediates for signing test 24 | uint8_t digest_tmp[32]; 25 | uint8_t signature_tmp[64]; 26 | 27 | // Helper function to initialize library for a particular device. 28 | 29 | bool config_device(ATCADeviceType dev, uint8_t addr, uint32_t baud = 400000, int retries = 25) { 30 | static ATCAIfaceCfg cfg; 31 | cfg.iface_type = ATCA_I2C_IFACE, 32 | cfg.devtype = dev; 33 | cfg.atcai2c.slave_address = addr << 1; 34 | cfg.atcai2c.baud = baud; 35 | cfg.atcai2c.bus = 0; 36 | cfg.wake_delay = (dev == ATECC108A) ? 800 : 2560; 37 | cfg.rx_retries = retries; 38 | if (atcab_init(&cfg) != ATCA_SUCCESS) 39 | return false; 40 | atcab_wakeup(); // may return error if device is already awake 41 | return true; 42 | }; 43 | 44 | // Print hex values (64 byte max) 45 | void printHex(uint8_t *ptr, int len) { 46 | char hex[4]; 47 | for (int i = 0; i < len; i++) { 48 | sprintf(hex, "%02X", ptr[i]); 49 | Serial.print(hex); 50 | } 51 | Serial.println(""); 52 | } 53 | 54 | // Provision and test ECC108A chip 55 | 56 | void setup() { 57 | int i, res; 58 | bool locked, verified; 59 | uint8_t cfg_word[4]; 60 | uint8_t response[32]; 61 | 62 | Serial.begin(9600); 63 | Wire.begin(); 64 | 65 | delay(15000); // a little time to open serial monitor please! 66 | 67 | Serial.println("Provision ECC108A"); 68 | 69 | config_device(ATECC108A, ECC108_I2C_ADDR); 70 | res = atcab_is_locked(LOCK_ZONE_CONFIG, &locked); 71 | if (res != ATCA_SUCCESS) { 72 | Serial.print("atcab_is_locked error "); 73 | Serial.println(res, HEX); 74 | return; 75 | } 76 | if (!locked) { 77 | // Not locked, configure slots 0-5 with our slot_config data. 78 | for (i = 0; i < 3; i++) { 79 | res = atcab_write_zone(ATCA_ZONE_CONFIG, 0, 0, 0x5+i, slot_config[i], 4); 80 | if (res != ATCA_SUCCESS) { 81 | Serial.print("atcab_write_zone error "); 82 | Serial.println(res, HEX); 83 | return; 84 | } 85 | } 86 | } else { 87 | Serial.println("config already locked"); 88 | } 89 | 90 | for (i = 0; i < 3; i++) { 91 | // Validate the configuration of slots 0-5 92 | res = atcab_read_zone(ATCA_ZONE_CONFIG, 0, 0, 0x5+i, cfg_word, 4); 93 | if (res != ATCA_SUCCESS) { 94 | Serial.print("atcab_read_zone error "); 95 | Serial.println(res, HEX); 96 | return; 97 | } 98 | Serial.print(0x5+i, HEX); 99 | Serial.print(": "); 100 | Serial.print(cfg_word[0], HEX); 101 | Serial.print(" "); 102 | Serial.print(cfg_word[1], HEX); 103 | Serial.print(" "); 104 | Serial.print(cfg_word[2], HEX); 105 | Serial.print(" "); 106 | Serial.println(cfg_word[3], HEX); 107 | if (memcmp(cfg_word, slot_config[i], 4) != 0) { 108 | Serial.println("read back error"); 109 | return; 110 | } 111 | } 112 | Serial.println("configuration good"); 113 | 114 | if (!locked) { 115 | // If the configuration is good, lock it down! 116 | res = atcab_lock_config_zone(response); 117 | if (res != ATCA_SUCCESS) { 118 | Serial.print("atcab_lock_config_zone error "); 119 | Serial.println(res, HEX); 120 | return; 121 | } 122 | if (response[0] != 0) { 123 | Serial.print("configuration lock failed "); 124 | Serial.println(response[0], HEX); 125 | return; 126 | } 127 | Serial.println("configuration successfully locked!"); 128 | } 129 | 130 | res = atcab_is_locked(LOCK_ZONE_DATA, &locked); 131 | if (res != ATCA_SUCCESS) { 132 | Serial.print("atcab_is_locked error "); 133 | Serial.println(res, HEX); 134 | return; 135 | } 136 | if (!locked) { 137 | // Create two signing key pairs 138 | for (i = 0; i < 2; i++) { 139 | res = atcab_genkey(i, public_keys[i]); 140 | if (res != ATCA_SUCCESS) { 141 | Serial.print("atcab_genkey error "); 142 | Serial.println(res, HEX); 143 | return; 144 | } else { 145 | Serial.print("Public key "); 146 | Serial.print(i); 147 | Serial.print(": "); 148 | printHex(public_keys[i], 64); 149 | } 150 | } 151 | } else { 152 | Serial.println("data already locked"); 153 | } 154 | 155 | // Sign test message with key 0 156 | Serial.println("test keypair 0"); 157 | res = atcab_sha(strlen(message), (const uint8_t *)message, digest_tmp); 158 | if (res != ATCA_SUCCESS) { 159 | Serial.print("atcab_sha error "); 160 | Serial.println(res, HEX); 161 | return; 162 | } 163 | Serial.print("message digest: "); 164 | printHex(digest_tmp, 32); 165 | 166 | res = atcab_sign(0 /* key # */, digest_tmp, signature_tmp); 167 | if (res != ATCA_SUCCESS) { 168 | Serial.print("atcab_sign error "); 169 | Serial.println(res, HEX); 170 | return; 171 | } 172 | Serial.print("message signature: "); 173 | printHex(signature_tmp, 64); 174 | 175 | Serial.print("public key: "); 176 | printHex(public_keys[0], 64); 177 | 178 | // Verify generated signature is good 179 | res = atcab_verify_extern(digest_tmp, signature_tmp, public_keys[0], &verified); 180 | if (res != ATCA_SUCCESS) { 181 | Serial.print("atcab_verify_extern error "); 182 | Serial.println(res, HEX); 183 | return; 184 | } 185 | if (verified) { 186 | Serial.println("TEST 1 PASSED!"); 187 | } else { 188 | Serial.println("TEST 1 FAILED"); 189 | return; 190 | } 191 | 192 | // Modify message and verify signature is NOT good 193 | digest_tmp[0] ^= 0x11; 194 | res = atcab_verify_extern(digest_tmp, signature_tmp, public_keys[0], &verified); 195 | if (res != ATCA_SUCCESS) { 196 | Serial.print("atcab_verify_extern error "); 197 | Serial.println(res, HEX); 198 | return; 199 | } 200 | if (!verified) { 201 | Serial.println("TEST 2 PASSED!"); 202 | } else { 203 | Serial.println("TEST 2 FAILED"); 204 | return; 205 | } 206 | 207 | #if LOCK_DATA 208 | res = atcab_lock_data_zone(response); 209 | if (res != ATCA_SUCCESS) { 210 | Serial.print("atcab_lock_data_zone error "); 211 | Serial.println(res, HEX); 212 | return; 213 | } 214 | if (response[0] != 0) { 215 | Serial.print("data lock failed "); 216 | Serial.println(response[0], HEX); 217 | return; 218 | } 219 | Serial.println("DATA successfully locked!"); 220 | #else 221 | Serial.println("DON'T FORGET TO LOCK DATA"); 222 | #endif 223 | } 224 | 225 | void loop() { 226 | delay(1000); 227 | } 228 | 229 | -------------------------------------------------------------------------------- /examples/provision_sha204/provision_sha204.ino: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | 5 | // Set to 1 to lock the data zone on success 6 | #define LOCK_DATA 0 7 | 8 | // Some slot configuration 9 | uint8_t slot_config[3][4] { 10 | {0x80, 0x40, 0x81, 0x41}, // slot 0 - private key, slot 1 - private key 11 | {0x82, 0x30, 0x83, 0x31}, // slot 2 - derived key from 0, slot 3 - derived key from 1 12 | {0x04, 0x04, 0x05, 0x05} // slot 4 - user r/w data, slot 5 - user r/w data 13 | }; 14 | 15 | // Private root keys. REPLACE THESE WITH SECRET KEYS 16 | uint8_t root_keys[2][32] = { 17 | {0x08,0xe6,0xe6,0x93,0x69,0x4a,0x4c,0xd7,0x84,0xf2,0x09,0xb6,0x74,0x6d,0xea,0x1e,0x8e,0x1d,0xa0,0xa8,0x21,0xaa,0x4f,0x59,0xb0,0x63,0xe7,0x80,0x93,0x69,0x2f,0x7c}, 18 | {0x16,0x90,0x16,0x64,0x1b,0xe8,0x48,0x10,0x96,0xe2,0x94,0x18,0x1b,0x34,0x72,0x6d,0x6f,0x25,0xc4,0xac,0xa3,0x3a,0x4e,0xdc,0xa0,0xb3,0x8b,0xd6,0x43,0x16,0xf6,0x0c} 19 | }; 20 | 21 | // A test challenge 22 | uint8_t challenge[32] = { 23 | 0x11,0x11,0x11,0x11,0x21,0x21,0x21,0x21,0x31,0x31,0x31,0x31,0x41,0x41,0x41,0x41,0xa2,0xa2,0xa2,0xa2,0xb2,0xb2,0xb2,0xb2,0xc2,0xc2,0xc2,0xc2,0xd2,0xd2,0xd2,0xd2 24 | }; 25 | 26 | // The expected reponse for the sample root keys and test challenge above 27 | uint8_t answers[2][32] = { 28 | {0x10,0x2a,0xd5,0xa1,0xfa,0xc1,0xfd,0x52,0xf6,0xac,0x02,0xb1,0xf7,0xd8,0x3d,0x86,0x31,0x25,0x0b,0x0c,0x9e,0xbd,0xd1,0x31,0xda,0x5e,0x59,0x36,0x4d,0xf3,0x10,0xb3}, 29 | {0x76,0xa3,0x47,0x93,0xd0,0x9c,0x25,0xaf,0x91,0xed,0x49,0x3f,0x0b,0xaa,0xb6,0xb3,0x55,0x0c,0x51,0x0a,0x26,0x13,0x00,0xbb,0xbb,0x62,0x89,0xc7,0x37,0x2f,0x79,0x1a} 30 | }; 31 | 32 | // Helper function to initialize library for a particular device. 33 | 34 | bool config_device(ATCADeviceType dev, uint8_t addr, uint32_t baud = 400000, int retries = 10) { 35 | static ATCAIfaceCfg cfg; 36 | cfg.iface_type = ATCA_I2C_IFACE, 37 | cfg.devtype = dev; 38 | cfg.atcai2c.slave_address = addr << 1; 39 | cfg.atcai2c.baud = baud; 40 | cfg.atcai2c.bus = 0; 41 | cfg.wake_delay = (dev == ATECC108A) ? 800 : 2560; 42 | cfg.rx_retries = retries; 43 | if (atcab_init(&cfg) != ATCA_SUCCESS) 44 | return false; 45 | atcab_wakeup(); // may return error if device is already awake 46 | return true; 47 | }; 48 | 49 | // Provision and test SHA204A chip 50 | 51 | void setup() { 52 | int i, res; 53 | bool locked; 54 | uint8_t cfg_word[4]; 55 | uint8_t response[32]; 56 | 57 | Serial.begin(9600); 58 | Wire.begin(); 59 | 60 | delay(15000); // a little time to open serial monitor please! 61 | 62 | Serial.println("Provision SHA204"); 63 | 64 | config_device(ATSHA204A, 0x64); 65 | res = atcab_is_locked(LOCK_ZONE_CONFIG, &locked); 66 | if (res != ATCA_SUCCESS) { 67 | Serial.print("atcab_is_locked error "); 68 | Serial.println(res, HEX); 69 | return; 70 | } 71 | if (!locked) { 72 | // Not locked, configure slots 0-5 with our slot_config data. 73 | for (i = 0; i < 3; i++) { 74 | res = atcab_write_zone(ATCA_ZONE_CONFIG, 0, 0, 0x5+i, slot_config[i], 4); 75 | if (res != ATCA_SUCCESS) { 76 | Serial.print("atcab_write_zone error "); 77 | Serial.println(res, HEX); 78 | return; 79 | } 80 | } 81 | } else { 82 | Serial.println("config already locked"); 83 | } 84 | 85 | for (i = 0; i < 3; i++) { 86 | // Validate the configuration of slots 0-5 87 | res = atcab_read_zone(ATCA_ZONE_CONFIG, 0, 0, 0x5+i, cfg_word, 4); 88 | if (res != ATCA_SUCCESS) { 89 | Serial.print("atcab_read_zone error "); 90 | Serial.println(res, HEX); 91 | return; 92 | } 93 | Serial.print(0x5+i, HEX); 94 | Serial.print(": "); 95 | Serial.print(cfg_word[0], HEX); 96 | Serial.print(" "); 97 | Serial.print(cfg_word[1], HEX); 98 | Serial.print(" "); 99 | Serial.print(cfg_word[2], HEX); 100 | Serial.print(" "); 101 | Serial.println(cfg_word[3], HEX); 102 | if (memcmp(cfg_word, slot_config[i], 4) != 0) { 103 | Serial.println("read back error"); 104 | return; 105 | } 106 | } 107 | Serial.println("configuration good"); 108 | 109 | if (!locked) { 110 | // If the configuration is good, lock it down! 111 | res = atcab_lock_config_zone(response); 112 | if (res != ATCA_SUCCESS) { 113 | Serial.print("atcab_lock_config_zone error "); 114 | Serial.println(res, HEX); 115 | return; 116 | } 117 | if (response[0] != 0) { 118 | Serial.print("configuration lock failed "); 119 | Serial.println(response[0], HEX); 120 | return; 121 | } 122 | Serial.println("configuration successfully locked!"); 123 | } 124 | 125 | res = atcab_is_locked(LOCK_ZONE_DATA, &locked); 126 | if (res != ATCA_SUCCESS) { 127 | Serial.print("atcab_is_locked error "); 128 | Serial.println(res, HEX); 129 | return; 130 | } 131 | if (!locked) { 132 | // Write our root keys to slots 0/1 133 | for (i = 0; i < 2; i++) { 134 | res = atcab_write_zone(ATCA_ZONE_DATA, i, 0, 0, root_keys[i], 32); 135 | if (res != ATCA_SUCCESS) { 136 | Serial.print("atcab_write_zone error "); 137 | Serial.println(res, HEX); 138 | return; 139 | } 140 | } 141 | } else { 142 | Serial.println("data already locked"); 143 | } 144 | 145 | // Run test with slot 0 key 146 | Serial.println("test root key 0"); 147 | atcab_mac(0x00, 0x0, challenge, response); 148 | if (res != ATCA_SUCCESS) { 149 | Serial.print("atcab_mac error "); 150 | Serial.println(res, HEX); 151 | return; 152 | } 153 | if (memcmp(response, answers[0], 32) == 0) { 154 | Serial.println("TEST 1 PASSED!"); 155 | } else { 156 | Serial.print("TEST 1 FAILED:"); 157 | for (i = 0; i < 32; i++) { 158 | Serial.print(" "); 159 | Serial.print(response[i], HEX); 160 | } 161 | Serial.println(""); 162 | return; 163 | } 164 | 165 | // Run test with slot 1 key 166 | Serial.println("test root key 1"); 167 | atcab_mac(0x00, 0x1, challenge, response); 168 | if (res != ATCA_SUCCESS) { 169 | Serial.print("atcab_mac error "); 170 | Serial.println(res, HEX); 171 | return; 172 | } 173 | if (memcmp(response, answers[1], 32) == 0) { 174 | Serial.println("TEST 2 PASSED!"); 175 | } else { 176 | Serial.print("TEST 2 FAILED:"); 177 | for (i = 0; i < 32; i++) { 178 | Serial.print(" "); 179 | Serial.print(response[i], HEX); 180 | } 181 | Serial.println(""); 182 | return; 183 | } 184 | 185 | #if LOCK_DATA 186 | res = atcab_lock_data_zone(response); 187 | if (res != ATCA_SUCCESS) { 188 | Serial.print("atcab_lock_data_zone error "); 189 | Serial.println(res, HEX); 190 | return; 191 | } 192 | if (response[0] != 0) { 193 | Serial.print("data lock failed "); 194 | Serial.println(response[0], HEX); 195 | return; 196 | } 197 | Serial.println("DATA successfully locked!"); 198 | #else 199 | Serial.println("DON'T FORGET TO LOCK DATA"); 200 | #endif 201 | } 202 | 203 | void loop() { 204 | delay(1000); 205 | } 206 | 207 | -------------------------------------------------------------------------------- /library.properties: -------------------------------------------------------------------------------- 1 | name=cryptoauthlib 2 | author=sathibault 3 | version=0.1.0 4 | maintainer=https://github.com/sathibault 5 | sentence=Library interface to Atmel CryptoAuthentication chips 6 | paragraph=Library interface to Atmel CryptoAuthentication chips 7 | category=Communication 8 | url=https://github.com/sathibault/cryptoauthlibuino 9 | architectures=samd,avr 10 | -------------------------------------------------------------------------------- /src/CryptoAuthLib.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief Single aggregation point for all CryptoAuthLib header files 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | #ifndef _ATCA_LIB_H 43 | #define _ATCA_LIB_H 44 | 45 | #include 46 | #include 47 | 48 | #define ATCA_HAL_I2C 49 | 50 | #include "hal/atca_hal.h" 51 | #include "atca_status.h" 52 | #include "atca_device.h" 53 | #include "atca_command.h" 54 | //#include "atca_cfgs.h" 55 | #include "basic/atca_basic.h" 56 | #include "basic/atca_helpers.h" 57 | 58 | //#define BREAK(status, message) break 59 | //#define DBGOUT(message) break 60 | //#define PRINT(message) break 61 | 62 | #endif 63 | -------------------------------------------------------------------------------- /src/atca_command.c: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief Atmel CryptoAuthentication device command builder - this is the main object that builds the command 4 | * byte strings for the given device. It does not execute the command. The basic flow is to call 5 | * a command method to build the command you want given the parameters and then send that byte string 6 | * through the device interface. 7 | * 8 | * The primary goal of the command builder is to wrap the given parameters with the correct packet size and CRC. 9 | * The caller should first fill in the parameters required in the ATCAPacket parameter given to the command. 10 | * The command builder will deal with the mechanics of creating a valid packet using the parameter information. 11 | * 12 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 13 | * 14 | * \atmel_crypto_device_library_license_start 15 | * 16 | * \page License 17 | * 18 | * Redistribution and use in source and binary forms, with or without 19 | * modification, are permitted provided that the following conditions are met: 20 | * 21 | * 1. Redistributions of source code must retain the above copyright notice, 22 | * this list of conditions and the following disclaimer. 23 | * 24 | * 2. Redistributions in binary form must reproduce the above copyright notice, 25 | * this list of conditions and the following disclaimer in the documentation 26 | * and/or other materials provided with the distribution. 27 | * 28 | * 3. The name of Atmel may not be used to endorse or promote products derived 29 | * from this software without specific prior written permission. 30 | * 31 | * 4. This software may only be redistributed and used in connection with an 32 | * Atmel integrated circuit. 33 | * 34 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 35 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 36 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 37 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 38 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 39 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 40 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 41 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 42 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 43 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 44 | * POSSIBILITY OF SUCH DAMAGE. 45 | * 46 | * \atmel_crypto_device_library_license_stop 47 | */ 48 | 49 | #include 50 | #include 51 | #include "atca_command.h" 52 | #include "atca_devtypes.h" 53 | 54 | /** \defgroup command ATCACommand (atca_) 55 | \brief CryptoAuthLib command builder object, ATCACommand. Member functions for the ATCACommand object. 56 | @{ */ 57 | 58 | /** \brief atca_command is the C object backing ATCACommand. See the atca_command.h file for 59 | * details on the ATCACommand methods 60 | */ 61 | struct atca_command { 62 | ATCADeviceType dt; 63 | uint16_t *execution_times; 64 | }; 65 | 66 | 67 | /** \brief constructor for ATCACommand 68 | * \param[in] device_type - specifies which set of commands and execution times should be associated with this command object 69 | * \return ATCACommand instance 70 | */ 71 | ATCACommand newATCACommand( ATCADeviceType device_type ) // constructor 72 | { 73 | ATCA_STATUS status = ATCA_SUCCESS; 74 | ATCACommand cacmd = (ATCACommand)malloc(sizeof(struct atca_command)); 75 | 76 | cacmd->dt = device_type; 77 | status = atInitExecTimes(cacmd, device_type); // setup typical execution times for this device type 78 | 79 | if (status != ATCA_SUCCESS) { 80 | free(cacmd); 81 | cacmd = NULL; 82 | } 83 | 84 | return cacmd; 85 | } 86 | 87 | 88 | // full superset of commands goes here 89 | 90 | /** \brief ATCACommand CheckMAC method 91 | * \param[in] cacmd instance 92 | * \param[in] packet pointer to the packet containing the command being built 93 | * \return ATCA_STATUS 94 | */ 95 | ATCA_STATUS atCheckMAC(ATCACommand cacmd, ATCAPacket *packet ) 96 | { 97 | // Set the opcode & parameters 98 | packet->opcode = ATCA_CHECKMAC; 99 | packet->txsize = CHECKMAC_COUNT; 100 | packet->rxsize = CHECKMAC_RSP_SIZE; 101 | 102 | atCalcCrc( packet ); 103 | return ATCA_SUCCESS; 104 | } 105 | 106 | /** \brief ATCACommand Counter method 107 | * \param[in] cacmd instance 108 | * \param[in] packet pointer to the packet containing the command being built 109 | * \return ATCA_STATUS 110 | */ 111 | ATCA_STATUS atCounter(ATCACommand cacmd, ATCAPacket *packet ) 112 | { 113 | if ( !atIsECCFamily( cacmd->dt ) ) 114 | return ATCA_BAD_OPCODE; 115 | 116 | // Set the opcode & parameters 117 | packet->opcode = ATCA_COUNTER; 118 | packet->txsize = COUNTER_COUNT; 119 | packet->rxsize = COUNTER_RSP_SIZE; 120 | 121 | atCalcCrc( packet ); 122 | return ATCA_SUCCESS; 123 | } 124 | 125 | /** \brief ATCACommand DeriveKey method 126 | * \param[in] cacmd instance 127 | * \param[in] packet pointer to the packet containing the command being built 128 | * \param[in] hasMAC hasMAC determines if MAC data is present in the packet input 129 | * \return ATCA_STATUS 130 | */ 131 | ATCA_STATUS atDeriveKey(ATCACommand cacmd, ATCAPacket *packet, bool hasMAC ) 132 | { 133 | // Set the opcode & parameters 134 | packet->opcode = ATCA_DERIVE_KEY; 135 | 136 | // hasMAC must be given since the packet does not have any implicit information to 137 | // know if it has a mac or not unless the size is preset 138 | switch ( hasMAC ) { 139 | case true: 140 | packet->txsize = DERIVE_KEY_COUNT_LARGE; 141 | break; 142 | case false: 143 | packet->txsize = DERIVE_KEY_COUNT_SMALL; 144 | break; 145 | } 146 | 147 | packet->rxsize = DERIVE_KEY_RSP_SIZE; 148 | atCalcCrc( packet ); 149 | return ATCA_SUCCESS; 150 | } 151 | 152 | /** \brief ATCACommand ECDH method 153 | * \param[in] cacmd instance 154 | * \param[in] packet pointer to the packet containing the command being built 155 | * \return ATCA_STATUS 156 | */ 157 | ATCA_STATUS atECDH(ATCACommand cacmd, ATCAPacket *packet ) 158 | { 159 | 160 | // Set the opcode & parameters 161 | packet->opcode = ATCA_ECDH; 162 | packet->txsize = ECDH_COUNT; 163 | packet->rxsize = ECDH_RSP_SIZE; 164 | 165 | atCalcCrc( packet ); 166 | return ATCA_SUCCESS; 167 | } 168 | 169 | /** \brief ATCACommand Generate Digest method 170 | * \param[in] cacmd instance 171 | * \param[in] packet pointer to the packet containing the command being built 172 | * \param[in] hasMACKey 173 | * \return ATCA_STATUS 174 | */ 175 | ATCA_STATUS atGenDig(ATCACommand cacmd, ATCAPacket *packet, bool hasMACKey ) 176 | { 177 | 178 | // Set the opcode & parameters 179 | packet->opcode = ATCA_GENDIG; 180 | 181 | if ( packet->param1 == 0x03 ) // shared nonce mode 182 | packet->txsize = GENDIG_COUNT + 32; 183 | else if ( hasMACKey == true ) 184 | packet->txsize = GENDIG_COUNT_DATA; 185 | else 186 | packet->txsize = GENDIG_COUNT; 187 | 188 | packet->rxsize = GENDIG_RSP_SIZE; 189 | 190 | atCalcCrc( packet ); 191 | return ATCA_SUCCESS; 192 | } 193 | 194 | /** \brief ATCACommand Generate Key method 195 | * \param[in] cacmd instance 196 | * \param[in] packet pointer to the packet containing the command being built 197 | * \param[in] isPubKey indicates whether "other data" is present in packet 198 | * \return ATCA_STATUS 199 | */ 200 | ATCA_STATUS atGenKey(ATCACommand cacmd, ATCAPacket *packet, bool isPubKey ) 201 | { 202 | 203 | // Set the opcode & parameters 204 | packet->opcode = ATCA_GENKEY; 205 | 206 | switch ( isPubKey ) { 207 | case true: 208 | packet->txsize = GENKEY_COUNT_DATA; 209 | break; 210 | case false: 211 | packet->txsize = GENKEY_COUNT; 212 | break; 213 | } 214 | 215 | packet->rxsize = GENKEY_RSP_SIZE_LONG; 216 | 217 | atCalcCrc( packet ); 218 | return ATCA_SUCCESS; 219 | } 220 | 221 | /** \brief ATCACommand HMAC method 222 | * \param[in] cacmd instance 223 | * \param[in] packet pointer to the packet containing the command being built 224 | * \return ATCA_STATUS 225 | */ 226 | ATCA_STATUS atHMAC(ATCACommand cacmd, ATCAPacket *packet ) 227 | { 228 | 229 | // Set the opcode & parameters 230 | packet->opcode = ATCA_HMAC; 231 | packet->txsize = HMAC_COUNT; 232 | packet->rxsize = HMAC_RSP_SIZE; 233 | 234 | atCalcCrc( packet ); 235 | return ATCA_SUCCESS; 236 | } 237 | 238 | /** \brief ATCACommand Info method 239 | * \param[in] cacmd instance 240 | * \param[in] packet pointer to the packet containing the command being built 241 | * \return ATCA_STATUS 242 | */ 243 | ATCA_STATUS atInfo( ATCACommand cacmd, ATCAPacket *packet ) 244 | { 245 | 246 | // Set the opcode & parameters 247 | packet->opcode = ATCA_INFO; 248 | packet->txsize = INFO_COUNT; 249 | packet->rxsize = INFO_RSP_SIZE; 250 | 251 | atCalcCrc( packet ); 252 | return ATCA_SUCCESS; 253 | } 254 | 255 | /** \brief ATCACommand Lock method 256 | * \param[in] cacmd instance 257 | * \param[in] packet pointer to the packet containing the command being built 258 | * \return ATCA_STATUS 259 | */ 260 | ATCA_STATUS atLock( ATCACommand cacmd, ATCAPacket *packet ) 261 | { 262 | 263 | // Set the opcode & parameters 264 | packet->opcode = ATCA_LOCK; 265 | packet->txsize = LOCK_COUNT; 266 | packet->rxsize = LOCK_RSP_SIZE; 267 | 268 | atCalcCrc( packet ); 269 | return ATCA_SUCCESS; 270 | } 271 | 272 | /** \brief ATCACommand MAC method 273 | * \param[in] cacmd instance 274 | * \param[in] packet pointer to the packet containing the command being built 275 | * \return ATCA_STATUS 276 | */ 277 | ATCA_STATUS atMAC( ATCACommand cacmd, ATCAPacket *packet ) 278 | { 279 | 280 | // Set the opcode & parameters 281 | // variable packet size 282 | packet->opcode = ATCA_MAC; 283 | if ( packet->param1 == 0 ) 284 | packet->txsize = MAC_COUNT_LONG; 285 | else 286 | packet->txsize = MAC_COUNT_SHORT; 287 | 288 | packet->rxsize = MAC_RSP_SIZE; 289 | 290 | atCalcCrc( packet ); 291 | return ATCA_SUCCESS; 292 | } 293 | 294 | /** \brief ATCACommand Nonce method 295 | * \param[in] cacmd instance 296 | * \param[in] packet pointer to the packet containing the command being built 297 | * \return ATCA_STATUS 298 | */ 299 | ATCA_STATUS atNonce( ATCACommand cacmd, ATCAPacket *packet ) 300 | { 301 | // Set the opcode & parameters 302 | // variable packet size 303 | packet->opcode = ATCA_NONCE; 304 | int mode = packet->param1 & 0x03; 305 | 306 | if ( (mode == 0 || mode == 1) ) { // mode[0:1] == 0 | 1 then NumIn is 20 bytes 307 | packet->txsize = NONCE_COUNT_SHORT; // 20 byte challenge 308 | packet->rxsize = NONCE_RSP_SIZE_LONG; 309 | } else if ( mode == 0x03 ) { // NumIn is 32 bytes 310 | packet->txsize = NONCE_COUNT_LONG; // 32 byte challenge 311 | packet->rxsize = NONCE_RSP_SIZE_SHORT; 312 | } else 313 | return ATCA_BAD_PARAM; 314 | 315 | atCalcCrc( packet ); 316 | return ATCA_SUCCESS; 317 | } 318 | 319 | /** \brief ATCACommand Pause method 320 | * \param[in] cacmd instance 321 | * \param[in] packet pointer to the packet containing the command being built 322 | * \return ATCA_STATUS 323 | */ 324 | ATCA_STATUS atPause( ATCACommand cacmd, ATCAPacket *packet ) 325 | { 326 | // Set the opcode & parameters 327 | packet->opcode = ATCA_PAUSE; 328 | packet->txsize = PAUSE_COUNT; 329 | packet->rxsize = PAUSE_RSP_SIZE; 330 | 331 | atCalcCrc( packet ); 332 | return ATCA_SUCCESS; 333 | } 334 | 335 | /** \brief ATCACommand PrivWrite method 336 | * \param[in] cacmd instance 337 | * \param[in] packet pointer to the packet containing the command being built 338 | * \return ATCA_STATUS 339 | */ 340 | ATCA_STATUS atPrivWrite( ATCACommand cacmd, ATCAPacket *packet ) 341 | { 342 | // Set the opcode & parameters 343 | packet->opcode = ATCA_PRIVWRITE; 344 | packet->txsize = PRIVWRITE_COUNT; 345 | packet->rxsize = PRIVWRITE_RSP_SIZE; 346 | 347 | atCalcCrc( packet ); 348 | return ATCA_SUCCESS; 349 | } 350 | 351 | /** \brief ATCACommand Random method 352 | * \param[in] cacmd instance 353 | * \param[in] packet pointer to the packet containing the command being built 354 | * \return ATCA_STATUS 355 | */ 356 | ATCA_STATUS atRandom( ATCACommand cacmd, ATCAPacket *packet ) 357 | { 358 | 359 | // Set the opcode & parameters 360 | packet->opcode = ATCA_RANDOM; 361 | packet->txsize = RANDOM_COUNT; 362 | packet->rxsize = RANDOM_RSP_SIZE; 363 | 364 | atCalcCrc( packet ); 365 | return ATCA_SUCCESS; 366 | } 367 | 368 | /** \brief ATCACommand Read method 369 | * \param[in] cacmd instance 370 | * \param[in] packet pointer to the packet containing the command being built 371 | * \return ATCA_STATUS 372 | */ 373 | ATCA_STATUS atRead( ATCACommand cacmd, ATCAPacket *packet ) 374 | { 375 | 376 | // Set the opcode & parameters 377 | packet->opcode = ATCA_READ; 378 | packet->txsize = READ_COUNT; 379 | 380 | // variable response size based on read type 381 | if ((packet->param1 & 0x80) == 0 ) 382 | packet->rxsize = READ_4_RSP_SIZE; 383 | else 384 | packet->rxsize = READ_32_RSP_SIZE; 385 | 386 | atCalcCrc( packet ); 387 | return ATCA_SUCCESS; 388 | } 389 | 390 | /** \brief ATCACommand SHA method 391 | * \param[in] cacmd instance 392 | * \param[in] packet pointer to the packet containing the command being built 393 | * \return ATCA_STATUS 394 | */ 395 | ATCA_STATUS atSHA( ATCACommand cacmd, ATCAPacket *packet ) 396 | { 397 | if ( packet->param2 > SHA_BLOCK_SIZE ) 398 | return ATCA_BAD_PARAM; 399 | 400 | if ( packet->param1 == 0x01 && packet->param2 != SHA_BLOCK_SIZE ) 401 | return ATCA_BAD_PARAM; // updates should always have 64 bytes of data 402 | 403 | if ( packet->param1 == 0x02 && packet->param2 > SHA_BLOCK_SIZE - 1 ) // END should be 0-63 bytes 404 | return ATCA_BAD_PARAM; 405 | 406 | // Set the opcode & parameters 407 | packet->opcode = ATCA_SHA; 408 | 409 | switch ( packet->param1 ) { 410 | case 0x00: // START 411 | packet->rxsize = SHA_RSP_SIZE_SHORT; 412 | packet->txsize = SHA_COUNT_LONG; 413 | break; 414 | case 0x01: // UPDATE 415 | packet->rxsize = SHA_RSP_SIZE_SHORT; 416 | packet->txsize = SHA_COUNT_LONG + SHA_BLOCK_SIZE; 417 | break; 418 | case 0x02: // END 419 | packet->rxsize = SHA_RSP_SIZE_LONG; 420 | // check the given packet for a size variable in param2. If it is > 0, it should 421 | // be 0-63, incorporate that size into the packet 422 | packet->txsize = SHA_COUNT_LONG + packet->param2; 423 | break; 424 | } 425 | 426 | atCalcCrc( packet ); 427 | return ATCA_SUCCESS; 428 | } 429 | 430 | /** \brief ATCACommand Sign method 431 | * \param[in] cacmd instance 432 | * \param[in] packet pointer to the packet containing the command being built 433 | * \return ATCA_STATUS 434 | */ 435 | ATCA_STATUS atSign( ATCACommand cacmd, ATCAPacket *packet ) 436 | { 437 | 438 | // Set the opcode & parameters 439 | packet->opcode = ATCA_SIGN; 440 | packet->txsize = SIGN_COUNT; 441 | 442 | // could be a 64 or 72 byte response depending upon the key configuration for the KeyID 443 | packet->rxsize = ATCA_RSP_SIZE_64; 444 | 445 | atCalcCrc( packet ); 446 | return ATCA_SUCCESS; 447 | } 448 | 449 | /** \brief ATCACommand UpdateExtra method 450 | * \param[in] cacmd instance 451 | * \param[in] packet pointer to the packet containing the command being built 452 | * \return ATCA_STATUS 453 | */ 454 | ATCA_STATUS atUpdateExtra( ATCACommand cacmd, ATCAPacket *packet ) 455 | { 456 | 457 | // Set the opcode & parameters 458 | packet->opcode = ATCA_UPDATE_EXTRA; 459 | packet->txsize = UPDATE_COUNT; 460 | packet->rxsize = UPDATE_RSP_SIZE; 461 | 462 | atCalcCrc( packet ); 463 | return ATCA_SUCCESS; 464 | } 465 | 466 | /** \brief ATCACommand ECDSA Verify method 467 | * \param[in] cacmd instance 468 | * \param[in] packet pointer to the packet containing the command being built 469 | * \return ATCA_STATUS 470 | */ 471 | ATCA_STATUS atVerify( ATCACommand cacmd, ATCAPacket *packet ) 472 | { 473 | 474 | // Set the opcode & parameters 475 | packet->opcode = ATCA_VERIFY; 476 | 477 | // variable packet size based on mode 478 | switch ( packet->param1 ) { 479 | case 0: // Stored mode 480 | packet->txsize = VERIFY_256_STORED_COUNT; 481 | break; 482 | case 1: // ValidateExternal mode 483 | packet->txsize = VERIFY_256_EXTERNAL_COUNT; 484 | break; 485 | case 2: // External mode 486 | packet->txsize = VERIFY_256_EXTERNAL_COUNT; 487 | break; 488 | case 3: // Validate mode 489 | case 7: // Invalidate mode 490 | packet->txsize = VERIFY_256_VALIDATE_COUNT; 491 | break; 492 | default: 493 | return ATCA_BAD_PARAM; 494 | } 495 | packet->rxsize = VERIFY_RSP_SIZE; 496 | 497 | atCalcCrc( packet ); 498 | return ATCA_SUCCESS; 499 | } 500 | 501 | /** \brief ATCACommand Write method 502 | * \param[in] cacmd instance 503 | * \param[in] packet pointer to the packet containing the command being built 504 | * \return ATCA_STATUS 505 | */ 506 | ATCA_STATUS atWrite( ATCACommand cacmd, ATCAPacket *packet ) 507 | { 508 | int macsize; 509 | int writesize; 510 | 511 | // Set the opcode & parameters 512 | packet->opcode = ATCA_WRITE; 513 | 514 | macsize = ( packet->param1 & 0x40 ? 32 : 0 ); // if encrypted, use MAC 515 | writesize = ( packet->param1 & 0x80 ? 32 : 4 ); 516 | 517 | if ( macsize == 32 && writesize == 32 ) 518 | packet->txsize = WRITE_COUNT_LONG_MAC; 519 | else if ( macsize == 32 && writesize == 4 ) 520 | packet->txsize = WRITE_COUNT_SHORT_MAC; 521 | else if ( macsize == 0 && writesize == 32 ) 522 | packet->txsize = WRITE_COUNT_LONG; 523 | else if ( macsize == 0 && writesize == 4 ) 524 | packet->txsize = WRITE_COUNT_SHORT; 525 | 526 | packet->rxsize = WRITE_RSP_SIZE; 527 | atCalcCrc( packet ); 528 | return ATCA_SUCCESS; 529 | } 530 | 531 | /** \brief ATCACommand Write encrypted method 532 | * \param[in] cacmd instance 533 | * \param[in] packet pointer to the packet containing the command being built 534 | * \return ATCA_STATUS 535 | */ 536 | ATCA_STATUS atWriteEnc(ATCACommand cacmd, ATCAPacket *packet) 537 | { 538 | // Set the opcode & parameters 539 | packet->opcode = ATCA_WRITE; 540 | packet->txsize = WRITE_COUNT_LONG_MAC; 541 | packet->rxsize = WRITE_RSP_SIZE; 542 | atCalcCrc( packet ); 543 | return ATCA_SUCCESS; 544 | } 545 | 546 | /** \brief ATCACommand destructor 547 | * \param[in] cacmd instance of a command object 548 | */ 549 | 550 | void deleteATCACommand( ATCACommand *cacmd ) // destructor 551 | { 552 | if ( *cacmd ) 553 | free((void*)*cacmd); 554 | 555 | *cacmd = NULL; 556 | } 557 | 558 | 559 | /** \brief execution times for x08a family, these are based on the typical value from the datasheet 560 | */ 561 | uint16_t exectimes_x08a[] = { // in milleseconds 562 | 1, // WAKE_TWHI 563 | 13, // CMD_CHECKMAC 564 | 20, // CMD_COUNTER 565 | 50, // CMD_DERIVEKEY 566 | 58, // CMD_ECDH 567 | 11, // CMD_GENDIG 568 | 115, // CMD_GENKEY 569 | 23, // CMD_HMAC 570 | 2, // CMD_INFO 571 | 32, // CMD_LOCK 572 | 14, // CMD_MAC 573 | 29, // CMD_NONCE 574 | 3, // CMD_PAUSE 575 | 48, // CMD_PRIVWRITE 576 | 23, // CMD_RANDOM with SEED Update mode takes ~21ms, high side of range 577 | 1, // CMD_READMEM 578 | 9, // CMD_SHA 579 | 60, // CMD_SIGN 580 | 10, // CMD_UPDATEEXTRA 581 | 72, // CMD_VERIFY 582 | 26 // CMD_WRITE 583 | }; 584 | 585 | 586 | /** \brief execution times for 204a, these are based on the typical value from the datasheet 587 | */ 588 | uint16_t exectimes_204a[] = { 589 | 3, // WAKE_TWHI 590 | 38, // CMD_CHECKMAC 591 | 0, 592 | 62, // CMD_DERIVEKEY 593 | 0, 594 | 43, // CMD_GENDIG 595 | 0, 596 | 69, // CMD_HMAC 597 | 2, // CMD_DevRev 598 | 24, // CMD_LOCK 599 | 35, // CMD_MAC 600 | 60, // CMD_NONCE 601 | 2, // CMD_PAUSE 602 | 0, 603 | 50, // CMD_RANDOM 604 | 4, // CMD_READMEM 605 | 22, // CMD_SHA 606 | 0, 607 | 12, // CMD_UPDATEEXTRA 608 | 0, 609 | 42 // CMD_WRITEMEM 610 | }; 611 | 612 | /** \brief initialize the execution times for a given device type 613 | * 614 | * \param[in] cacmd - the command containing the list of execution times for the device 615 | * \param[in] device_type - the device type - execution times vary by device type 616 | * \return ATCA_STATUS 617 | */ 618 | 619 | ATCA_STATUS atInitExecTimes(ATCACommand cacmd, ATCADeviceType device_type) 620 | { 621 | switch ( device_type ) { 622 | case ATECC108A: 623 | case ATECC508A: 624 | cacmd->execution_times = exectimes_x08a; 625 | break; 626 | case ATSHA204A: 627 | cacmd->execution_times = exectimes_204a; 628 | break; 629 | default: 630 | return ATCA_BAD_PARAM; 631 | break; 632 | } 633 | 634 | return ATCA_SUCCESS; 635 | } 636 | 637 | /** \brief return the typical execution type for the given command 638 | * 639 | * \param[in] cacmd the command object for which the execution times are associated 640 | * \param[in] cmd - the specific command for which to lookup the execution time 641 | * \return typical execution time in milleseconds for the given command 642 | */ 643 | 644 | uint16_t atGetExecTime( ATCACommand cacmd, ATCA_CmdMap cmd ) 645 | { 646 | return cacmd->execution_times[cmd]; 647 | } 648 | 649 | 650 | /** \brief This function calculates CRC given raw data, puts the CRC to given pointer 651 | * 652 | * \param[in] length size of data not including the CRC byte positions 653 | * \param[in] data pointer to the data over which to compute the CRC 654 | * \param[out] crc pointer to the place where the two-bytes of CRC will be placed 655 | */ 656 | 657 | void atCRC( uint8_t length, uint8_t *data, uint8_t *crc) 658 | { 659 | uint8_t counter; 660 | uint16_t crc_register = 0; 661 | uint16_t polynom = 0x8005; 662 | uint8_t shift_register; 663 | uint8_t data_bit, crc_bit; 664 | 665 | for (counter = 0; counter < length; counter++) { 666 | for (shift_register = 0x01; shift_register > 0x00; shift_register <<= 1) { 667 | data_bit = (data[counter] & shift_register) ? 1 : 0; 668 | crc_bit = crc_register >> 15; 669 | crc_register <<= 1; 670 | if (data_bit != crc_bit) 671 | crc_register ^= polynom; 672 | } 673 | } 674 | crc[0] = (uint8_t)(crc_register & 0x00FF); 675 | crc[1] = (uint8_t)(crc_register >> 8); 676 | } 677 | 678 | 679 | /** \brief This function calculates CRC and adds it to the correct offset in the packet data 680 | * \param[in] packet Packet to calculate CRC data for 681 | */ 682 | 683 | void atCalcCrc( ATCAPacket *packet ) 684 | { 685 | uint8_t length, *crc; 686 | 687 | length = packet->txsize - ATCA_CRC_SIZE; 688 | // computer pointer to CRC in the packet 689 | crc = &(packet->txsize) + length; 690 | 691 | // stuff CRC into packet 692 | atCRC(length, &(packet->txsize), crc); 693 | } 694 | 695 | 696 | /** \brief This function checks the consistency of a response. 697 | * \param[in] response pointer to response 698 | * \return status of the consistency check 699 | */ 700 | 701 | uint8_t atCheckCrc(uint8_t *response) 702 | { 703 | uint8_t crc[ATCA_CRC_SIZE]; 704 | uint8_t count = response[ATCA_COUNT_IDX]; 705 | 706 | count -= ATCA_CRC_SIZE; 707 | atCRC(count, response, crc); 708 | 709 | return (crc[0] == response[count] && crc[1] == response[count + 1]) ? ATCA_SUCCESS : ATCA_BAD_CRC; 710 | } 711 | 712 | 713 | /** \brief determines if a given device type is a SHA device or a superset of a SHA device 714 | * \param[in] deviceType - the type of device to check for family type 715 | * \return boolean indicating whether the given device is a SHA family device. 716 | */ 717 | 718 | bool atIsSHAFamily( ATCADeviceType deviceType ) 719 | { 720 | switch (deviceType) { 721 | case ATSHA204A: 722 | case ATECC108A: 723 | case ATECC508A: 724 | return true; 725 | break; 726 | default: 727 | return false; 728 | break; 729 | } 730 | } 731 | 732 | /** \brief determines if a given device type is an ECC device or a superset of a ECC device 733 | * \param[in] deviceType - the type of device to check for family type 734 | * \return boolean indicating whether the given device is an ECC family device. 735 | */ 736 | 737 | bool atIsECCFamily( ATCADeviceType deviceType ) 738 | { 739 | switch (deviceType) { 740 | case ATECC108A: 741 | case ATECC508A: 742 | return true; 743 | break; 744 | default: 745 | return false; 746 | break; 747 | } 748 | } 749 | 750 | /** \brief checks for basic error frame in data 751 | * \param[in] data pointer to received data - expected to be in the form of a CA device response frame 752 | * \return ATCA_STATUS indicating type of error or no error 753 | */ 754 | 755 | ATCA_STATUS isATCAError( uint8_t *data ) 756 | { 757 | uint8_t good[4] = { 0x04, 0x00, 0x03, 0x40 }; 758 | 759 | if ( memcmp( data, good, 4 ) == 0 ) 760 | return ATCA_SUCCESS; 761 | 762 | if ( data[0] == 0x04 ) { // error packets are always 4 bytes long 763 | switch ( data[1] ) { 764 | case 0x01: // checkmac or verify failed 765 | return ATCA_CHECKMAC_VERIFY_FAILED; 766 | break; 767 | case 0x03: // command received byte length, opcode or parameter was illegal 768 | return ATCA_BAD_OPCODE; 769 | break; 770 | case 0x0f: // chip can't execute the command 771 | return ATCA_EXECUTION_ERROR; 772 | break; 773 | case 0x11: // chip was successfully woken up 774 | return ATCA_WAKE_SUCCESS; 775 | break; 776 | case 0xff: // bad crc found or other comm error 777 | return ATCA_STATUS_CRC; 778 | break; 779 | default: 780 | return ATCA_GEN_FAIL; 781 | break; 782 | } 783 | } else 784 | return ATCA_SUCCESS; 785 | } 786 | 787 | /** @} */ 788 | -------------------------------------------------------------------------------- /src/atca_command.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief Atmel Crypto Auth device command object - this is a command builder only, it does 4 | * not send the command. The result of a command method is a fully formed packet, ready to send 5 | * to the ATCAIFace object to dispatch. 6 | * 7 | * This command object supports the ATSHA and ATECC device family. 8 | * The command list is a superset of all device commands for this family. The command object 9 | * differentiates the packet contents based on specific device type within the family. 10 | * 11 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 12 | * 13 | * \atmel_crypto_device_library_license_start 14 | * 15 | * \page License 16 | * 17 | * Redistribution and use in source and binary forms, with or without 18 | * modification, are permitted provided that the following conditions are met: 19 | * 20 | * 1. Redistributions of source code must retain the above copyright notice, 21 | * this list of conditions and the following disclaimer. 22 | * 23 | * 2. Redistributions in binary form must reproduce the above copyright notice, 24 | * this list of conditions and the following disclaimer in the documentation 25 | * and/or other materials provided with the distribution. 26 | * 27 | * 3. The name of Atmel may not be used to endorse or promote products derived 28 | * from this software without specific prior written permission. 29 | * 30 | * 4. This software may only be redistributed and used in connection with an 31 | * Atmel integrated circuit. 32 | * 33 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 34 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 35 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 36 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 37 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 38 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 39 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 40 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 41 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 42 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 43 | * POSSIBILITY OF SUCH DAMAGE. 44 | * 45 | * \atmel_crypto_device_library_license_stop 46 | */ 47 | 48 | #ifndef ATCA_COMMAND_H 49 | #define ATCA_COMMAND_H 50 | 51 | #include "atca_compiler.h" 52 | #include "atca_status.h" 53 | #include "atca_devtypes.h" 54 | 55 | #ifdef __cplusplus 56 | extern "C" { 57 | #endif 58 | 59 | /*--- ATCACommand ---------*/ 60 | typedef struct atca_command * ATCACommand; 61 | ATCACommand newATCACommand(ATCADeviceType device_type); // constructor 62 | 63 | /* add ATCACommand declarations here 64 | * 65 | * since these are still C functions, not classes, naming is an important 66 | * consideration to keep the namespace from colliding with other 3rd party 67 | * libraries or even ourselves/ASF. 68 | * 69 | * Basic conventions: 70 | * all methods start with the prefix 'at' 71 | * all method names must be unique, obviously 72 | * all method implementations should be proceeded by their Doxygen comment header 73 | * 74 | **/ 75 | 76 | 77 | // this is the ATCACommand parameter structure. The caller to the command method must 78 | // initialize param1, param2 and data if appropriate. The command method will fill in the rest 79 | // and initialize the packet so it's ready to send via the ATCAIFace. 80 | // this particular structure mimics the ATSHA and ATECC family device's command structures 81 | 82 | // Note: pack @ 2 is required, @ 1 causes word alignment crash (though it should not), a known bug in GCC. 83 | // @2, the wire still has the intended byte alignment with arm-eabi. this is likely the least portable part of atca 84 | 85 | #pragma pack( push, ATCAPacket, 2 ) 86 | /** \brief an ATCA packet structure. This is a superset of the packet transmitted on the wire. It's also 87 | * used as a buffer for receiving the response 88 | */ 89 | typedef struct { 90 | 91 | // used for transmit/send 92 | uint8_t _reserved; // used by HAL layer as needed (I/O tokens, Word address values) 93 | 94 | //--- start of packet i/o frame---- 95 | uint8_t txsize; 96 | uint8_t opcode; 97 | uint8_t param1; // often same as mode 98 | uint16_t param2; 99 | uint8_t data[130]; // includes 2-byte CRC. data size is determined by largest possible data section of any 100 | // command + crc (see: x08 verify data1 + data2 + data3 + data4) 101 | // this is an explicit design trade-off (space) resulting in simplicity in use 102 | // and implementation 103 | //--- end of packet i/o frame 104 | 105 | // used for receive 106 | uint8_t execTime; // execution time of command by opcode 107 | uint16_t rxsize; // expected response size, response is held in data member 108 | 109 | // structure should be packed since it will be transmitted over the wire 110 | // this method varies by compiler. As new compilers are supported, add their structure packing method here 111 | 112 | } ATCAPacket; 113 | #pragma pack( pop, ATCAPacket) 114 | 115 | ATCA_STATUS atCheckMAC(ATCACommand cacmd, ATCAPacket *packet); 116 | ATCA_STATUS atCounter(ATCACommand cacmd, ATCAPacket *packet ); 117 | ATCA_STATUS atDeriveKey(ATCACommand cacmd, ATCAPacket *packet, bool hasMAC ); 118 | ATCA_STATUS atECDH(ATCACommand cacmd, ATCAPacket *packet ); 119 | ATCA_STATUS atGenDig(ATCACommand cacmd, ATCAPacket *packet, bool hasMACKey ); 120 | ATCA_STATUS atGenKey(ATCACommand cacmd, ATCAPacket *packet, bool isPubKey ); 121 | ATCA_STATUS atHMAC(ATCACommand cacmd, ATCAPacket *packet ); 122 | ATCA_STATUS atInfo(ATCACommand cacmd, ATCAPacket *packet ); 123 | ATCA_STATUS atLock(ATCACommand cacmd, ATCAPacket *packet ); 124 | ATCA_STATUS atMAC(ATCACommand cacmd, ATCAPacket *packet ); 125 | ATCA_STATUS atNonce(ATCACommand cacmd, ATCAPacket *packet ); 126 | ATCA_STATUS atPause(ATCACommand cacmd, ATCAPacket *packet ); 127 | ATCA_STATUS atPrivWrite(ATCACommand cacmd, ATCAPacket *packet ); 128 | ATCA_STATUS atRandom(ATCACommand cacmd, ATCAPacket *packet ); 129 | ATCA_STATUS atRead(ATCACommand cacmd, ATCAPacket *packet ); 130 | ATCA_STATUS atSHA(ATCACommand cacmd, ATCAPacket *packet ); 131 | ATCA_STATUS atSign(ATCACommand cacmd, ATCAPacket *packet); 132 | ATCA_STATUS atUpdateExtra(ATCACommand cacmd, ATCAPacket *packet); 133 | ATCA_STATUS atVerify(ATCACommand cacmd, ATCAPacket *packet); 134 | ATCA_STATUS atWrite(ATCACommand cacmd, ATCAPacket *packet); 135 | ATCA_STATUS atWriteEnc(ATCACommand cacmd, ATCAPacket *packet); 136 | 137 | bool atIsSHAFamily( ATCADeviceType deviceType ); 138 | bool atIsECCFamily( ATCADeviceType deviceType ); 139 | ATCA_STATUS isATCAError( uint8_t *data ); 140 | 141 | // this map is used to index into an array of execution times 142 | typedef enum { 143 | WAKE_TWHI, 144 | CMD_CHECKMAC, 145 | CMD_COUNTER, 146 | CMD_DERIVEKEY, 147 | CMD_ECDH, 148 | CMD_GENDIG, 149 | CMD_GENKEY, 150 | CMD_HMAC, 151 | CMD_INFO, 152 | CMD_LOCK, 153 | CMD_MAC, 154 | CMD_NONCE, 155 | CMD_PAUSE, 156 | CMD_PRIVWRITE, 157 | CMD_RANDOM, 158 | CMD_READMEM, 159 | CMD_SHA, 160 | CMD_SIGN, 161 | CMD_UPDATEEXTRA, 162 | CMD_VERIFY, 163 | CMD_WRITEMEM, 164 | CMD_LASTCOMMAND // placeholder 165 | } ATCA_CmdMap; 166 | 167 | ATCA_STATUS atInitExecTimes(ATCACommand cacmd, ATCADeviceType device_type); 168 | uint16_t atGetExecTime( ATCACommand cacmd, ATCA_CmdMap cmd ); 169 | 170 | void deleteATCACommand( ATCACommand * ); // destructor 171 | /*---- end of ATCACommand ----*/ 172 | 173 | // command helpers 174 | void atCRC( uint8_t length, uint8_t *data, uint8_t *crc); 175 | void atCalcCrc( ATCAPacket *pkt); 176 | uint8_t atCheckCrc(uint8_t *response); 177 | 178 | 179 | /* command definitions */ 180 | 181 | //! minimum number of bytes in command (from count byte to second CRC byte) 182 | #define ATCA_CMD_SIZE_MIN ((uint8_t)7) 183 | //! maximum size of command packet (Verify) 184 | #define ATCA_CMD_SIZE_MAX ((uint8_t)4 * 36 + 7) 185 | //! status byte for success 186 | #define CMD_STATUS_SUCCESS ((uint8_t)0x00) 187 | //! status byte after wake-up 188 | #define CMD_STATUS_WAKEUP ((uint8_t)0x11) 189 | //! command parse error 190 | #define CMD_STATUS_BYTE_PARSE ((uint8_t)0x03) 191 | //! command ECC error 192 | #define CMD_STATUS_BYTE_ECC ((uint8_t)0x05) 193 | //! command execution error 194 | #define CMD_STATUS_BYTE_EXEC ((uint8_t)0x0F) 195 | //! communication error 196 | #define CMD_STATUS_BYTE_COMM ((uint8_t)0xFF) 197 | 198 | /** \brief 199 | @{ */ 200 | 201 | /** \name opcodes for ATATECC Commands 202 | @{ */ 203 | #define ATCA_CHECKMAC ((uint8_t)0x28) //!< CheckMac command op-code 204 | #define ATCA_DERIVE_KEY ((uint8_t)0x1C) //!< DeriveKey command op-code 205 | #define ATCA_INFO ((uint8_t)0x30) //!< Info command op-code 206 | #define ATCA_GENDIG ((uint8_t)0x15) //!< GenDig command op-code 207 | #define ATCA_GENKEY ((uint8_t)0x40) //!< GenKey command op-code 208 | #define ATCA_HMAC ((uint8_t)0x11) //!< HMAC command op-code 209 | #define ATCA_LOCK ((uint8_t)0x17) //!< Lock command op-code 210 | #define ATCA_MAC ((uint8_t)0x08) //!< MAC command op-code 211 | #define ATCA_NONCE ((uint8_t)0x16) //!< Nonce command op-code 212 | #define ATCA_PAUSE ((uint8_t)0x01) //!< Pause command op-code 213 | #define ATCA_PRIVWRITE ((uint8_t)0x46) //!< PrivWrite command op-code 214 | #define ATCA_RANDOM ((uint8_t)0x1B) //!< Random command op-code 215 | #define ATCA_READ ((uint8_t)0x02) //!< Read command op-code 216 | #define ATCA_SIGN ((uint8_t)0x41) //!< Sign command op-code 217 | #define ATCA_UPDATE_EXTRA ((uint8_t)0x20) //!< UpdateExtra command op-code 218 | #define ATCA_VERIFY ((uint8_t)0x45) //!< GenKey command op-code 219 | #define ATCA_WRITE ((uint8_t)0x12) //!< Write command op-code 220 | #define ATCA_ECDH ((uint8_t)0x43) //!< ECDH command op-code 221 | #define ATCA_COUNTER ((uint8_t)0x24) //!< Counter command op-code 222 | #define ATCA_SHA ((uint8_t)0x47) //!< SHA command op-code 223 | /** @} */ 224 | 225 | 226 | /** \name Definitions of Data and Packet Sizes 227 | @{ */ 228 | #define ATCA_BLOCK_SIZE (32) //!< size of a block 229 | #define ATCA_WORD_SIZE (4) //!< size of a word 230 | #define ATCA_PUB_KEY_PAD (4) //!< size of the public key pad 231 | #define ATCA_SERIAL_NUM_SIZE (9) //!< number of bytes in the device serial number 232 | #define ATCA_RSP_SIZE_VAL ((uint8_t)7) //!< size of response packet containing four bytes of data 233 | #define ATCA_KEY_COUNT (16) //!< number of keys 234 | #define ATCA_CONFIG_SIZE (128) //!< size of configuration zone 235 | #define ATCA_SHA_CONFIG_SIZE (88) //!< size of configuration zone 236 | #define ATCA_OTP_SIZE (64) //!< size of OTP zone 237 | #define ATCA_DATA_SIZE (ATCA_KEY_COUNT * ATCA_KEY_SIZE) //!< size of data zone 238 | 239 | #define ATCA_COUNT_SIZE ((uint8_t)1) //!< Number of bytes in the command packet Count 240 | #define ATCA_CRC_SIZE ((uint8_t)2) //!< Number of bytes in the command packet CRC 241 | #define ATCA_PACKET_OVERHEAD (ATCA_COUNT_SIZE + ATCA_CRC_SIZE) //!< Number of bytes in the command packet 242 | 243 | #define ATCA_PUB_KEY_SIZE (64) //!< size of a p256 public key 244 | #define ATCA_PRIV_KEY_SIZE (32) //!< size of a p256 private key 245 | #define ATCA_SIG_SIZE (64) //!< size of a p256 signature 246 | #define ATCA_KEY_SIZE (32) //!< size of a symmetric SHA key 247 | #define RSA2048_KEY_SIZE (256) //!< size of a RSA private key 248 | 249 | #define ATCA_RSP_SIZE_MIN ((uint8_t)4) //!< minimum number of bytes in response 250 | #define ATCA_RSP_SIZE_4 ((uint8_t)7) //!< size of response packet containing 4 bytes data 251 | #define ATCA_RSP_SIZE_72 ((uint8_t)75) //!< size of response packet containing 64 bytes data 252 | #define ATCA_RSP_SIZE_64 ((uint8_t)67) //!< size of response packet containing 64 bytes data 253 | #define ATCA_RSP_SIZE_32 ((uint8_t)35) //!< size of response packet containing 32 bytes data 254 | #define ATCA_RSP_SIZE_MAX ((uint8_t)75) //!< maximum size of response packet (GenKey and Verify command) 255 | 256 | /** \name Definitions for Command Parameter Ranges 257 | @{ */ 258 | #define ATCA_KEY_ID_MAX ((uint8_t)15) //!< maximum value for key id 259 | #define ATCA_OTP_BLOCK_MAX ((uint8_t)1) //!< maximum value for OTP block 260 | /** @} */ 261 | 262 | /** \name Definitions for Indexes Common to All Commands 263 | @{ */ 264 | #define ATCA_COUNT_IDX (0) //!< command packet index for count 265 | #define ATCA_OPCODE_IDX (1) //!< command packet index for op-code 266 | #define ATCA_PARAM1_IDX (2) //!< command packet index for first parameter 267 | #define ATCA_PARAM2_IDX (3) //!< command packet index for second parameter 268 | #define ATCA_DATA_IDX (5) //!< command packet index for data load 269 | #define ATCA_RSP_DATA_IDX (1) //!< buffer index of data in response 270 | /** @} */ 271 | 272 | /** \name Definitions for Zone and Address Parameters 273 | @{ */ 274 | #define ATCA_ZONE_CONFIG ((uint8_t)0x00) //!< Configuration zone 275 | #define ATCA_ZONE_OTP ((uint8_t)0x01) //!< OTP (One Time Programming) zone 276 | #define ATCA_ZONE_DATA ((uint8_t)0x02) //!< Data zone 277 | #define ATCA_ZONE_MASK ((uint8_t)0x03) //!< Zone mask 278 | #define ATCA_ZONE_READWRITE_32 ((uint8_t)0x80) //!< Zone bit 7 set: Access 32 bytes, otherwise 4 bytes. 279 | #define ATCA_ZONE_ACCESS_4 ((uint8_t)4) //!< Read or write 4 bytes. 280 | #define ATCA_ZONE_ACCESS_32 ((uint8_t)32) //!< Read or write 32 bytes. 281 | #define ATCA_ADDRESS_MASK_CONFIG (0x001F) //!< Address bits 5 to 7 are 0 for Configuration zone. 282 | #define ATCA_ADDRESS_MASK_OTP (0x000F) //!< Address bits 4 to 7 are 0 for OTP zone. 283 | #define ATCA_ADDRESS_MASK (0x007F) //!< Address bit 7 to 15 are always 0. 284 | /** @} */ 285 | 286 | /** \name Definitions for ECC Key type 287 | @{ */ 288 | #define ATCA_B283_KEY_TYPE 0 //!< B283 NIST ECC key 289 | #define ATCA_K283_KEY_TYPE 1 //!< K283 NIST ECC key 290 | #define ATCA_P256_KEY_TYPE 4 //!< P256 NIST ECC key 291 | /** @} */ 292 | 293 | /** \name Definitions for the ECDH Command 294 | @{ */ 295 | #define ECDH_PREFIX_MODE ((uint8_t)0x00) 296 | #define ECDH_COUNT (71) 297 | #define ECDH_PUBKEYIN_SIZE (64) 298 | /** @} */ 299 | 300 | /** \name Definitions for the COUNTER Command 301 | @{ */ 302 | #define COUNTER_COUNT ATCA_CMD_SIZE_MIN 303 | #define COUNTER_MODE_IDX ATCA_PARAM1_IDX //!< COUNTER command index for mode 304 | #define COUNTER_KEYID_IDX ATCA_PARAM2_IDX //!< COUNTER command index for key id 305 | #define COUNTER_CHALLENGE_IDX ATCA_DATA_IDX //!< COUNTER command index for optional challenge 306 | #define COUNTER_COUNT_LONG (70) //!< COUNTER command packet size without challenge 307 | #define COUNTER_MODE_MASK ((uint8_t)0x01) //!< COUNTER mode bits 1 to 7 are 0 308 | typedef enum { 309 | COUNTER_MODE_READ = 0, 310 | COUNTER_MODE_INCREASE = 1 311 | } enum_counter_mode; 312 | /** @} */ 313 | 314 | /** \name Definitions for the SHA Command 315 | @{ */ 316 | #define SHA_COUNT_SHORT ATCA_CMD_SIZE_MIN 317 | #define SHA_COUNT_LONG (7) 318 | #define ATCA_SHA_DIGEST_SIZE (32) 319 | #define SHA_DATA_MAX (64) 320 | #define SHA_BLOCK_SIZE (64) 321 | 322 | typedef enum { 323 | SHA_MODE_SHA256_START = ((uint8_t) 0x00), //!< Initialization, does not accept a message 324 | SHA_MODE_SHA256_UPDATE = ((uint8_t) 0x01), //!< Add 64 bytes in the meesage to the SHA context 325 | SHA_MODE_SHA256_END = ((uint8_t) 0x02), //!< Complete the calculation and load the digest 326 | SHA_MODE_SHA256_PUBLIC = ((uint8_t) 0x03), //!< Add 64 bytes in the slot to the SHA context 327 | SHA_MODE_HMAC_START = ((uint8_t) 0x04), //!< Initialization 328 | SHA_MODE_HMAC_UPDATE = ((uint8_t) 0x05), //!< 329 | SHA_MODE_HMAC_END = ((uint8_t) 0x04) //!< 330 | } enum_sha_mode; 331 | #define SHA_SHA256_START_MASK ((uint8_t)0x00) //!< Initialization, does not accept a message 332 | #define SHA_SHA256_UPDATE_MASK ((uint8_t)0x01) //!< Add 64 bytes in the meesage to the SHA context 333 | #define SHA_SHA256_END_MASK ((uint8_t)0x02) //!< Complete the calculation and load the digest 334 | #define SHA_SHA256_PUBLIC_MASK ((uint8_t)0x03) //!< Add 64 bytes in the slot to the SHA context 335 | #define SHA_HMAC_START_MASK ((uint8_t)0x04) //!< Initialization 336 | #define SHA_HMAC_END_MASK ((uint8_t)0x05) //!< Complete the HMAC/SHA256 computation 337 | /** @} */ 338 | 339 | 340 | /** \name Definitions for the CheckMac Command 341 | @{ */ 342 | #define CHECKMAC_MODE_IDX ATCA_PARAM1_IDX //!< CheckMAC command index for mode 343 | #define CHECKMAC_KEYID_IDX ATCA_PARAM2_IDX //!< CheckMAC command index for key identifier 344 | #define CHECKMAC_CLIENT_CHALLENGE_IDX ATCA_DATA_IDX //!< CheckMAC command index for client challenge 345 | #define CHECKMAC_CLIENT_RESPONSE_IDX (37) //!< CheckMAC command index for client response 346 | #define CHECKMAC_DATA_IDX (69) //!< CheckMAC command index for other data 347 | #define CHECKMAC_COUNT (84) //!< CheckMAC command packet size 348 | #define CHECKMAC_MODE_CHALLENGE ((uint8_t)0x00) //!< CheckMAC mode 0: first SHA block from key id 349 | #define CHECKMAC_MODE_BLOCK2_TEMPKEY ((uint8_t)0x01) //!< CheckMAC mode bit 0: second SHA block from TempKey 350 | #define CHECKMAC_MODE_BLOCK1_TEMPKEY ((uint8_t)0x02) //!< CheckMAC mode bit 1: first SHA block from TempKey 351 | #define CHECKMAC_MODE_SOURCE_FLAG_MATCH ((uint8_t)0x04) //!< CheckMAC mode bit 2: match TempKey.SourceFlag 352 | #define CHECKMAC_MODE_INCLUDE_OTP_64 ((uint8_t)0x20) //!< CheckMAC mode bit 5: include first 64 OTP bits 353 | #define CHECKMAC_MODE_MASK ((uint8_t)0x27) //!< CheckMAC mode bits 3, 4, 6, and 7 are 0. 354 | #define CHECKMAC_CLIENT_CHALLENGE_SIZE (32) //!< CheckMAC size of client challenge 355 | #define CHECKMAC_CLIENT_RESPONSE_SIZE (32) //!< CheckMAC size of client response 356 | #define CHECKMAC_OTHER_DATA_SIZE (13) //!< CheckMAC size of "other data" 357 | #define CHECKMAC_CLIENT_COMMAND_SIZE (4) //!< CheckMAC size of client command header size inside "other data" 358 | #define CHECKMAC_CMD_MATCH (0) //!< CheckMAC return value when there is a match 359 | #define CHECKMAC_CMD_MISMATCH (1) //!< CheckMAC return value when there is a mismatch 360 | /** @} */ 361 | 362 | /** \name Definitions for the DeriveKey Command 363 | @{ */ 364 | #define DERIVE_KEY_RANDOM_IDX ATCA_PARAM1_IDX //!< DeriveKey command index for random bit 365 | #define DERIVE_KEY_TARGETKEY_IDX ATCA_PARAM2_IDX //!< DeriveKey command index for target slot 366 | #define DERIVE_KEY_MAC_IDX ATCA_DATA_IDX //!< DeriveKey command index for optional MAC 367 | #define DERIVE_KEY_COUNT_SMALL ATCA_CMD_SIZE_MIN //!< DeriveKey command packet size without MAC 368 | #define DERIVE_KEY_COUNT_LARGE (39) //!< DeriveKey command packet size with MAC 369 | #define DERIVE_KEY_RANDOM_FLAG ((uint8_t)4) //!< DeriveKey 1. parameter; has to match TempKey.SourceFlag 370 | #define DERIVE_KEY_MAC_SIZE (32) //!< DeriveKey MAC size 371 | /** @} */ 372 | 373 | /** \name Definitions for the GenDig Command 374 | @{ */ 375 | #define GENDIG_ZONE_IDX ATCA_PARAM1_IDX //!< GenDig command index for zone 376 | #define GENDIG_KEYID_IDX ATCA_PARAM2_IDX //!< GenDig command index for key id 377 | #define GENDIG_DATA_IDX ATCA_DATA_IDX //!< GenDig command index for optional data 378 | #define GENDIG_COUNT ATCA_CMD_SIZE_MIN //!< GenDig command packet size without "other data" 379 | #define GENDIG_COUNT_DATA (11) //!< GenDig command packet size with "other data" 380 | #define GENDIG_OTHER_DATA_SIZE (32) //!< GenDig size of "other data". Is 4 bytes for SHA204, can be either 4 or 32 for ECC 381 | #define GENDIG_ZONE_CONFIG ((uint8_t)0) //!< GenDig zone id config 382 | #define GENDIG_ZONE_OTP ((uint8_t)1) //!< GenDig zone id OTP 383 | #define GENDIG_ZONE_DATA ((uint8_t)2) //!< GenDig zone id data 384 | /** @} */ 385 | 386 | /** \name Definitions for the GenKey Command 387 | @{ */ 388 | #define GENKEY_MODE_IDX ATCA_PARAM1_IDX //!< GenKey command index for mode 389 | #define GENKEY_KEYID_IDX ATCA_PARAM2_IDX //!< GenKey command index for key id 390 | #define GENKEY_DATA_IDX (5) //!< GenKey command index for other data 391 | #define GENKEY_COUNT ATCA_CMD_SIZE_MIN //!< GenKey command packet size without "other data" 392 | #define GENKEY_COUNT_DATA (10) //!< GenKey command packet size with "other data" 393 | #define GENKEY_OTHER_DATA_SIZE (3) //!< GenKey size of "other data" 394 | #define GENKEY_MODE_MASK ((uint8_t)0x1C) //!< GenKey mode bits 0 to 1 and 5 to 7 are 0 395 | #define GENKEY_MODE_PRIVATE ((uint8_t)0x04) //!< GenKey mode: private key generation 396 | #define GENKEY_MODE_PUBLIC ((uint8_t)0x00) //!< GenKey mode: public key calculation 397 | #define GENKEY_MODE_DIGEST ((uint8_t)0x10) //!< GenKey mode: digest calculation 398 | #define GENKEY_MODE_ADD_DIGEST ((uint8_t)0x08) //!< GenKey mode: additional digest calculation 399 | typedef enum { 400 | GENKEY_MODE_PRIVATE_KEY_GENERATE = ((uint8_t) 0x04), //!< Private Key Creation 401 | GENKEY_MODE_PUBLIC_KEY_DIGEST = ((uint8_t) 0x08), //!< Public Key Computation 402 | GENKEY_MODE_DIGEST_IN_TEMPKEY = ((uint8_t) 0x10) //!< Digest Calculation 403 | } enum_genkey_mode; 404 | /** @} */ 405 | /** \name Definitions for the GENKEY Command 406 | @{ */ 407 | /** @} */ 408 | 409 | 410 | /** \name Definitions for the HMAC Command 411 | @{ */ 412 | #define HMAC_MODE_IDX ATCA_PARAM1_IDX //!< HMAC command index for mode 413 | #define HMAC_KEYID_IDX ATCA_PARAM2_IDX //!< HMAC command index for key id 414 | #define HMAC_COUNT ATCA_CMD_SIZE_MIN //!< HMAC command packet size 415 | #define HMAC_MODE_SOURCE_FLAG_MATCH ((uint8_t)0x04) //!< HMAC mode bit 2: match TempKey.SourceFlag 416 | #define HMAC_MODE_MASK ((uint8_t)0x74) //!< HMAC mode bits 0, 1, 3, and 7 are 0. 417 | /** @} */ 418 | 419 | /** \name Definitions for the Info Command 420 | @{ */ 421 | #define INFO_PARAM1_IDX ATCA_PARAM1_IDX //!< Info command index for 1. parameter 422 | #define INFO_PARAM2_IDX ATCA_PARAM2_IDX //!< Info command index for 2. parameter 423 | #define INFO_COUNT ATCA_CMD_SIZE_MIN //!< Info command packet size 424 | #define INFO_MODE_REVISION ((uint8_t)0x00) //!< Info mode Revision 425 | #define INFO_MODE_KEY_VALID ((uint8_t)0x01) //!< Info mode KeyValid 426 | #define INFO_MODE_STATE ((uint8_t)0x02) //!< Info mode State 427 | #define INFO_MODE_GPIO ((uint8_t)0x03) //!< Info mode GPIO 428 | #define INFO_MODE_MAX ((uint8_t)0x03) //!< Info mode maximum value 429 | #define INFO_NO_STATE ((uint8_t)0x00) //!< Info mode is not the state mode. 430 | #define INFO_OUTPUT_STATE_MASK ((uint8_t)0x01) //!< Info output state mask 431 | #define INFO_DRIVER_STATE_MASK ((uint8_t)0x02) //!< Info driver state mask 432 | #define INFO_PARAM2_MAX ((uint8_t)0x03) //!< Info param2 (state) maximum value 433 | #define INFO_SIZE ((uint8_t)0x04) //!< Info param2 (state) maximum value 434 | /** @} */ 435 | 436 | /** \name Definitions for the Lock Command 437 | @{ */ 438 | #define LOCK_ZONE_IDX ATCA_PARAM1_IDX //!< Lock command index for zone 439 | #define LOCK_SUMMARY_IDX ATCA_PARAM2_IDX //!< Lock command index for summary 440 | #define LOCK_COUNT ATCA_CMD_SIZE_MIN //!< Lock command packet size 441 | #define LOCK_ZONE_CONFIG ((uint8_t)0x00) //!< Lock zone is Config 442 | #define LOCK_ZONE_DATA ((uint8_t)0x01) //!< Lock zone is OTP or Data 443 | #define LOCK_ZONE_DATA_SLOT ((uint8_t)0x02) //!< Lock slot of Data 444 | #define LOCK_ZONE_NO_CRC ((uint8_t)0x80) //!< Lock command: Ignore summary. 445 | #define LOCK_ZONE_MASK (0xBF) //!< Lock parameter 1 bits 6 are 0. 446 | /** @} */ 447 | 448 | /** \name Definitions for the MAC Command 449 | @{ */ 450 | #define MAC_MODE_IDX ATCA_PARAM1_IDX //!< MAC command index for mode 451 | #define MAC_KEYID_IDX ATCA_PARAM2_IDX //!< MAC command index for key id 452 | #define MAC_CHALLENGE_IDX ATCA_DATA_IDX //!< MAC command index for optional challenge 453 | #define MAC_COUNT_SHORT ATCA_CMD_SIZE_MIN //!< MAC command packet size without challenge 454 | #define MAC_COUNT_LONG (39) //!< MAC command packet size with challenge 455 | #define MAC_MODE_CHALLENGE ((uint8_t)0x00) //!< MAC mode 0: first SHA block from data slot 456 | #define MAC_MODE_BLOCK2_TEMPKEY ((uint8_t)0x01) //!< MAC mode bit 0: second SHA block from TempKey 457 | #define MAC_MODE_BLOCK1_TEMPKEY ((uint8_t)0x02) //!< MAC mode bit 1: first SHA block from TempKey 458 | #define MAC_MODE_SOURCE_FLAG_MATCH ((uint8_t)0x04) //!< MAC mode bit 2: match TempKey.SourceFlag 459 | #define MAC_MODE_PTNONCE_TEMPKEY ((uint8_t)0x06) //!< MAC mode bit 0: second SHA block from TempKey 460 | #define MAC_MODE_PASSTHROUGH ((uint8_t)0x07) //!< MAC mode bit 0-2: pass-through mode 461 | #define MAC_MODE_INCLUDE_OTP_88 ((uint8_t)0x10) //!< MAC mode bit 4: include first 88 OTP bits 462 | #define MAC_MODE_INCLUDE_OTP_64 ((uint8_t)0x20) //!< MAC mode bit 5: include first 64 OTP bits 463 | #define MAC_MODE_INCLUDE_SN ((uint8_t)0x40) //!< MAC mode bit 6: include serial number 464 | #define MAC_CHALLENGE_SIZE (32) //!< MAC size of challenge 465 | #define MAC_SIZE (32) //!< MAC size of response 466 | #define MAC_MODE_MASK ((uint8_t)0x77) //!< MAC mode bits 3 and 7 are 0. 467 | /** @} */ 468 | 469 | /** \name Definitions for the Nonce Command 470 | @{ */ 471 | #define NONCE_MODE_IDX ATCA_PARAM1_IDX //!< Nonce command index for mode 472 | #define NONCE_PARAM2_IDX ATCA_PARAM2_IDX //!< Nonce command index for 2. parameter 473 | #define NONCE_INPUT_IDX ATCA_DATA_IDX //!< Nonce command index for input data 474 | #define NONCE_COUNT_SHORT (27) //!< Nonce command packet size for 20 bytes of data 475 | #define NONCE_COUNT_LONG (39) //!< Nonce command packet size for 32 bytes of data 476 | #define NONCE_MODE_MASK ((uint8_t)0x03) //!< Nonce mode bits 2 to 7 are 0. 477 | #define NONCE_MODE_SEED_UPDATE ((uint8_t)0x00) //!< Nonce mode: update seed 478 | #define NONCE_MODE_NO_SEED_UPDATE ((uint8_t)0x01) //!< Nonce mode: do not update seed 479 | #define NONCE_MODE_INVALID ((uint8_t)0x02) //!< Nonce mode 2 is invalid. 480 | #define NONCE_MODE_PASSTHROUGH ((uint8_t)0x03) //!< Nonce mode: pass-through 481 | #define NONCE_MODE_RANDOM_OUT ((uint16_t)0x0000) //!< Nonce mode: output RandOut or single byte of zero 482 | #define NONCE_MODE_TEMPKEY_OUT ((uint16_t)0x0080) //!< Nonce mode: output RandOut or single byte of zero 483 | #define NONCE_NUMIN_SIZE (20) //!< Nonce data length 484 | #define NONCE_NUMIN_SIZE_PASSTHROUGH (32) //!< Nonce data length in pass-through mode (mode = 3) 485 | /** @} */ 486 | 487 | /** \name Definitions for the Pause Command 488 | @{ */ 489 | #define PAUSE_SELECT_IDX ATCA_PARAM1_IDX //!< Pause command index for Selector 490 | #define PAUSE_PARAM2_IDX ATCA_PARAM2_IDX //!< Pause command index for 2. parameter 491 | #define PAUSE_COUNT ATCA_CMD_SIZE_MIN //!< Pause command packet size 492 | /** @} */ 493 | 494 | /** \name Definitions for the PrivWrite Command 495 | @{ */ 496 | #define PRIVWRITE_ZONE_IDX ATCA_PARAM1_IDX //!< PrivWrite command index for zone 497 | #define PRIVWRITE_KEYID_IDX ATCA_PARAM2_IDX //!< PrivWrite command index for KeyID 498 | #define PRIVWRITE_VALUE_IDX ( 5) //!< PrivWrite command index for value 499 | #define PRIVWRITE_MAC_IDX (41) //!< PrivWrite command index for MAC 500 | #define PRIVWRITE_COUNT (75) //!< PrivWrite command packet size 501 | #define PRIVWRITE_ZONE_MASK ((uint8_t)0x40) //!< PrivWrite zone bits 0 to 5 and 7 are 0. 502 | #define PRIVWRITE_MODE_ENCRYPT ((uint8_t)0x40) //!< PrivWrite mode: encrypted 503 | /** @} */ 504 | 505 | /** \name Definitions for the Random Command 506 | @{ */ 507 | #define RANDOM_MODE_IDX ATCA_PARAM1_IDX //!< Random command index for mode 508 | #define RANDOM_PARAM2_IDX ATCA_PARAM2_IDX //!< Random command index for 2. parameter 509 | #define RANDOM_COUNT ATCA_CMD_SIZE_MIN //!< Random command packet size 510 | #define RANDOM_SEED_UPDATE ((uint8_t)0x00) //!< Random mode for automatic seed update 511 | #define RANDOM_NO_SEED_UPDATE ((uint8_t)0x01) //!< Random mode for no seed update 512 | #define RANDOM_NUM_SIZE ((uint8_t)0x20) //!< Number of bytes in the data packet of a random command 513 | /** @} */ 514 | 515 | /** \name Definitions for the Read Command 516 | @{ */ 517 | #define READ_ZONE_IDX ATCA_PARAM1_IDX //!< Read command index for zone 518 | #define READ_ADDR_IDX ATCA_PARAM2_IDX //!< Read command index for address 519 | #define READ_COUNT ATCA_CMD_SIZE_MIN //!< Read command packet size 520 | #define READ_ZONE_MASK ((uint8_t)0x83) //!< Read zone bits 2 to 6 are 0. 521 | /** @} */ 522 | 523 | /** \name Definitions for the Sign Command 524 | @{ */ 525 | #define SIGN_MODE_IDX ATCA_PARAM1_IDX //!< Sign command index for mode 526 | #define SIGN_KEYID_IDX ATCA_PARAM2_IDX //!< Sign command index for key id 527 | #define SIGN_COUNT ATCA_CMD_SIZE_MIN //!< Sign command packet size 528 | #define SIGN_MODE_MASK ((uint8_t)0xC0) //!< Sign mode bits 0 to 5 are 0 529 | #define SIGN_MODE_INTERNAL ((uint8_t)0x00) //!< Sign mode 0: internal 530 | #define SIGN_MODE_INCLUDE_SN ((uint8_t)0x40) //!< Sign mode bit 6: include serial number 531 | #define SIGN_MODE_EXTERNAL ((uint8_t)0x80) //!< Sign mode bit 7: external 532 | /** @} */ 533 | 534 | /** \name Definitions for the UpdateExtra Command 535 | @{ */ 536 | #define UPDATE_MODE_IDX ATCA_PARAM1_IDX //!< UpdateExtra command index for mode 537 | #define UPDATE_VALUE_IDX ATCA_PARAM2_IDX //!< UpdateExtra command index for new value 538 | #define UPDATE_COUNT ATCA_CMD_SIZE_MIN //!< UpdateExtra command packet size 539 | #define UPDATE_CONFIG_BYTE_85 ((uint8_t)0x01) //!< UpdateExtra mode: update Config byte 85 540 | /** @} */ 541 | 542 | /** \name Definitions for the Verify Command 543 | @{ */ 544 | #define VERIFY_MODE_IDX ATCA_PARAM1_IDX //!< Verify command index for mode 545 | #define VERIFY_KEYID_IDX ATCA_PARAM2_IDX //!< Verify command index for key id 546 | #define VERIFY_DATA_IDX ( 5) //!< Verify command index for data 547 | #define VERIFY_256_STORED_COUNT ( 71) //!< Verify command packet size for 256-bit key in stored mode 548 | #define VERIFY_283_STORED_COUNT ( 79) //!< Verify command packet size for 283-bit key in stored mode 549 | #define VERIFY_256_VALIDATE_COUNT ( 90) //!< Verify command packet size for 256-bit key in validate mode 550 | #define VERIFY_283_VALIDATE_COUNT ( 98) //!< Verify command packet size for 283-bit key in validate mode 551 | #define VERIFY_256_EXTERNAL_COUNT (135) //!< Verify command packet size for 256-bit key in external mode 552 | #define VERIFY_283_EXTERNAL_COUNT (151) //!< Verify command packet size for 283-bit key in external mode 553 | #define VERIFY_256_KEY_SIZE ( 64) //!< Verify key size for 256-bit key 554 | #define VERIFY_283_KEY_SIZE ( 72) //!< Verify key size for 283-bit key 555 | #define VERIFY_256_SIGNATURE_SIZE ( 64) //!< Verify signature size for 256-bit key 556 | #define VERIFY_283_SIGNATURE_SIZE ( 72) //!< Verify signature size for 283-bit key 557 | #define VERIFY_OTHER_DATA_SIZE ( 19) //!< Verify size of "other data" 558 | #define VERIFY_MODE_MASK ((uint8_t)0x03) //!< Verify mode bits 2 to 7 are 0 559 | #define VERIFY_MODE_STORED ((uint8_t)0x00) //!< Verify mode: stored 560 | #define VERIFY_MODE_VALIDATEEXTERNAL ((uint8_t)0x01) //!< Verify mode: validate external 561 | #define VERIFY_MODE_EXTERNAL ((uint8_t)0x02) //!< Verify mode: external 562 | #define VERIFY_MODE_VALIDATE ((uint8_t)0x03) //!< Verify mode: validate 563 | #define VERIFY_MODE_INVALIDATE ((uint8_t)0x07) //!< Verify mode: invalidate 564 | #define VERIFY_KEY_B283 ((uint16_t)0x0000) //!< Verify key type: B283 565 | #define VERIFY_KEY_K283 ((uint16_t)0x0001) //!< Verify key type: K283 566 | #define VERIFY_KEY_P256 ((uint16_t)0x0004) //!< Verify key type: P256 567 | /** @} */ 568 | 569 | /** \name Definitions for the Write Command 570 | @{ */ 571 | #define WRITE_ZONE_IDX ATCA_PARAM1_IDX //!< Write command index for zone 572 | #define WRITE_ADDR_IDX ATCA_PARAM2_IDX //!< Write command index for address 573 | #define WRITE_VALUE_IDX ATCA_DATA_IDX //!< Write command index for data 574 | #define WRITE_MAC_VS_IDX ( 9) //!< Write command index for MAC following short data 575 | #define WRITE_MAC_VL_IDX (37) //!< Write command index for MAC following long data 576 | #define WRITE_COUNT_SHORT (11) //!< Write command packet size with short data and no MAC 577 | #define WRITE_COUNT_LONG (39) //!< Write command packet size with long data and no MAC 578 | #define WRITE_COUNT_SHORT_MAC (43) //!< Write command packet size with short data and MAC 579 | #define WRITE_COUNT_LONG_MAC (71) //!< Write command packet size with long data and MAC 580 | #define WRITE_MAC_SIZE (32) //!< Write MAC size 581 | #define WRITE_ZONE_MASK ((uint8_t)0xC3) //!< Write zone bits 2 to 5 are 0. 582 | #define WRITE_ZONE_WITH_MAC ((uint8_t)0x40) //!< Write zone bit 6: write encrypted with MAC 583 | #define WRITE_ZONE_OTP ((uint8_t)1) //!< WRITE zone id OTP 584 | #define WRITE_ZONE_DATA ((uint8_t)2) //!< WRITE zone id data 585 | /** @} */ 586 | 587 | /** \name Response Size Definitions 588 | @{ */ 589 | #define CHECKMAC_RSP_SIZE ATCA_RSP_SIZE_MIN //!< response size of DeriveKey command 590 | #define DERIVE_KEY_RSP_SIZE ATCA_RSP_SIZE_MIN //!< response size of DeriveKey command 591 | #define GENDIG_RSP_SIZE ATCA_RSP_SIZE_MIN //!< response size of GenDig command 592 | #define GENKEY_RSP_SIZE_SHORT ATCA_RSP_SIZE_MIN //!< response size of GenKey command in Digest mode 593 | #define GENKEY_RSP_SIZE_LONG ATCA_RSP_SIZE_72 //!< response size of GenKey command when generating key 594 | #define HMAC_RSP_SIZE ATCA_RSP_SIZE_32 //!< response size of HMAC command 595 | #define INFO_RSP_SIZE ATCA_RSP_SIZE_VAL //!< response size of Info command returns 4 bytes 596 | #define LOCK_RSP_SIZE ATCA_RSP_SIZE_MIN //!< response size of Lock command 597 | #define MAC_RSP_SIZE ATCA_RSP_SIZE_32 //!< response size of MAC command 598 | #define NONCE_RSP_SIZE_SHORT ATCA_RSP_SIZE_MIN //!< response size of Nonce command with mode[0:1] = 3 599 | #define NONCE_RSP_SIZE_LONG ATCA_RSP_SIZE_32 //!< response size of Nonce command 600 | #define PAUSE_RSP_SIZE ATCA_RSP_SIZE_MIN //!< response size of Pause command 601 | #define PRIVWRITE_RSP_SIZE ATCA_RSP_SIZE_MIN //!< response size of PrivWrite command 602 | #define RANDOM_RSP_SIZE ATCA_RSP_SIZE_32 //!< response size of Random command 603 | #define READ_4_RSP_SIZE ATCA_RSP_SIZE_VAL //!< response size of Read command when reading 4 bytes 604 | #define READ_32_RSP_SIZE ATCA_RSP_SIZE_32 //!< response size of Read command when reading 32 bytes 605 | #define SIGN_RSP_SIZE ATCA_RSP_SIZE_MAX //!< response size of Sign command 606 | #define SHA_RSP_SIZE ATCA_RSP_SIZE_32 //!< response size of SHA command 607 | #define UPDATE_RSP_SIZE ATCA_RSP_SIZE_MIN //!< response size of UpdateExtra command 608 | #define VERIFY_RSP_SIZE ATCA_RSP_SIZE_MIN //!< response size of UpdateExtra command 609 | #define WRITE_RSP_SIZE ATCA_RSP_SIZE_MIN //!< response size of Write command 610 | 611 | #define ECDH_KEY_SIZE ATCA_BLOCK_SIZE //!< response size of ECDH command 612 | #define ECDH_RSP_SIZE ATCA_RSP_SIZE_32 //!< response size of ECDH command 613 | #define COUNTER_RSP_SIZE ATCA_RSP_SIZE_4 //!< response size of COUNTER command 614 | #define SHA_RSP_SIZE_SHORT ATCA_RSP_SIZE_MIN //!< response size of SHA command 615 | #define SHA_RSP_SIZE_LONG ATCA_RSP_SIZE_32 //!< response size of SHA command 616 | /** @} */ 617 | #ifdef __cplusplus 618 | } 619 | #endif 620 | #endif 621 | 622 | -------------------------------------------------------------------------------- /src/atca_compiler.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief ATCA is meant to be portable across architectures, even non-Atmel architectures and compiler environments. 4 | * This file is for isolating compiler specific macros. 5 | * 6 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 7 | * 8 | * \atmel_crypto_device_library_license_start 9 | * 10 | * \page License 11 | * 12 | * Redistribution and use in source and binary forms, with or without 13 | * modification, are permitted provided that the following conditions are met: 14 | * 15 | * 1. Redistributions of source code must retain the above copyright notice, 16 | * this list of conditions and the following disclaimer. 17 | * 18 | * 2. Redistributions in binary form must reproduce the above copyright notice, 19 | * this list of conditions and the following disclaimer in the documentation 20 | * and/or other materials provided with the distribution. 21 | * 22 | * 3. The name of Atmel may not be used to endorse or promote products derived 23 | * from this software without specific prior written permission. 24 | * 25 | * 4. This software may only be redistributed and used in connection with an 26 | * Atmel integrated circuit. 27 | * 28 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 29 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 30 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 31 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 32 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 36 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 37 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 38 | * POSSIBILITY OF SUCH DAMAGE. 39 | * 40 | * \atmel_crypto_device_library_license_stop 41 | */ 42 | 43 | 44 | #ifndef ATCA_COMPILER_H_ 45 | #define ATCA_COMPILER_H_ 46 | 47 | #if defined(__clang__) 48 | /* Clang/LLVM. ---------------------------------------------- */ 49 | 50 | #elif defined(__ICC) || defined(__INTEL_COMPILER) 51 | /* Intel ICC/ICPC. ------------------------------------------ */ 52 | 53 | #elif defined(__GNUC__) || defined(__GNUG__) 54 | /* GNU GCC/G++. --------------------------------------------- */ 55 | 56 | #elif defined(__HP_cc) || defined(__HP_aCC) 57 | /* Hewlett-Packard C/aC++. ---------------------------------- */ 58 | 59 | #elif defined(__IBMC__) || defined(__IBMCPP__) 60 | /* IBM XL C/C++. -------------------------------------------- */ 61 | 62 | #elif defined(_MSC_VER) 63 | /* Microsoft Visual Studio. --------------------------------- */ 64 | 65 | #elif defined(__PGI) 66 | /* Portland Group PGCC/PGCPP. ------------------------------- */ 67 | 68 | #elif defined(__SUNPRO_C) || defined(__SUNPRO_CC) 69 | /* Oracle Solaris Studio. ----------------------------------- */ 70 | 71 | #endif 72 | 73 | #endif /* ATCA_COMPILER_H_ */ -------------------------------------------------------------------------------- /src/atca_device.c: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief Atmel CryptoAuth device object 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | #include 43 | #include "atca_device.h" 44 | 45 | /** \defgroup device ATCADevice (atca_) 46 | * \brief ATCADevice object - composite of command and interface objects 47 | @{ */ 48 | 49 | /** \brief atca_device is the C object backing ATCADevice. See the atca_device.h file for 50 | * details on the ATCADevice methods 51 | */ 52 | 53 | struct atca_device { 54 | ATCACommand mCommands; // has-a command set to support a given CryptoAuth device 55 | ATCAIface mIface; // has-a physical interface 56 | }; 57 | 58 | /** \brief constructor for an Atmel CryptoAuth device 59 | * \param[in] cfg pointer to an interface configuration object 60 | * \return reference to a new ATCADevice 61 | */ 62 | 63 | ATCADevice newATCADevice(ATCAIfaceCfg *cfg ) 64 | { 65 | ATCADevice cadev = NULL; 66 | 67 | if (cfg == NULL) 68 | return NULL; 69 | 70 | cadev = (ATCADevice)malloc(sizeof(struct atca_device)); 71 | cadev->mCommands = (ATCACommand)newATCACommand(cfg->devtype); 72 | cadev->mIface = (ATCAIface)newATCAIface(cfg); 73 | 74 | if (cadev->mCommands == NULL || cadev->mIface == NULL) { 75 | free(cadev); 76 | cadev = NULL; 77 | } 78 | 79 | return cadev; 80 | } 81 | 82 | /** \brief returns a reference to the ATCACommand object for the device 83 | * \param[in] dev reference to a device 84 | * \return reference to the ATCACommand object for the device 85 | */ 86 | ATCACommand atGetCommands( ATCADevice dev ) 87 | { 88 | return dev->mCommands; 89 | } 90 | 91 | /** \brief returns a reference to the ATCAIface interface object for the device 92 | * \param[in] dev reference to a device 93 | * \return reference to the ATCAIface object for the device 94 | */ 95 | 96 | ATCAIface atGetIFace( ATCADevice dev ) 97 | { 98 | return dev->mIface; 99 | } 100 | 101 | /** \brief destructor for a device NULLs reference after object is freed 102 | * \param[in] cadev pointer to a reference to a device 103 | * 104 | */ 105 | 106 | void deleteATCADevice( ATCADevice *cadev ) // destructor 107 | { 108 | struct atca_device *dev = *cadev; 109 | 110 | if ( *cadev ) { 111 | deleteATCACommand( (ATCACommand*)&(dev->mCommands)); 112 | deleteATCAIface((ATCAIface*)&(dev->mIface)); 113 | free((void*)*cadev); 114 | } 115 | 116 | *cadev = NULL; 117 | } 118 | 119 | /** @} */ 120 | -------------------------------------------------------------------------------- /src/atca_device.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * 4 | * \brief Atmel Crypto Auth device object 5 | * 6 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 7 | * 8 | * \atmel_crypto_device_library_license_start 9 | * 10 | * \page License 11 | * 12 | * Redistribution and use in source and binary forms, with or without 13 | * modification, are permitted provided that the following conditions are met: 14 | * 15 | * 1. Redistributions of source code must retain the above copyright notice, 16 | * this list of conditions and the following disclaimer. 17 | * 18 | * 2. Redistributions in binary form must reproduce the above copyright notice, 19 | * this list of conditions and the following disclaimer in the documentation 20 | * and/or other materials provided with the distribution. 21 | * 22 | * 3. The name of Atmel may not be used to endorse or promote products derived 23 | * from this software without specific prior written permission. 24 | * 25 | * 4. This software may only be redistributed and used in connection with an 26 | * Atmel integrated circuit. 27 | * 28 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 29 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 30 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 31 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 32 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 36 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 37 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 38 | * POSSIBILITY OF SUCH DAMAGE. 39 | * 40 | * \atmel_crypto_device_library_license_stop 41 | */ 42 | 43 | #ifndef ATCA_DEVICE_H 44 | #define ATCA_DEVICE_H 45 | 46 | #include "atca_command.h" 47 | #include "atca_iface.h" 48 | /** \defgroup device ATCADevice (atca_) 49 | @{ */ 50 | 51 | #ifdef __cplusplus 52 | extern "C" { 53 | #endif 54 | 55 | typedef struct atca_device * ATCADevice; 56 | ATCADevice newATCADevice(ATCAIfaceCfg *cfg ); // constructor 57 | 58 | /* member functions here */ 59 | ATCACommand atGetCommands( ATCADevice dev ); 60 | ATCAIface atGetIFace( ATCADevice dev ); 61 | 62 | void deleteATCADevice( ATCADevice *dev ); // destructor 63 | /*---- end of OATCADevice ----*/ 64 | 65 | #ifdef __cplusplus 66 | } 67 | #endif 68 | /** @} */ 69 | #endif 70 | -------------------------------------------------------------------------------- /src/atca_devtypes.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief Atmel Crypto Auth 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | 43 | #ifndef ATCA_DEVTYPES_H_ 44 | #define ATCA_DEVTYPES_H_ 45 | 46 | /** \defgroup device ATCADevice (atca_) 47 | @{ */ 48 | 49 | #ifdef __cplusplus 50 | extern "C" { 51 | #endif 52 | 53 | typedef enum { 54 | ATSHA204A, 55 | ATECC108A, 56 | ATECC508A, 57 | ATCA_DEV_UNKNOWN = 0x20 58 | } ATCADeviceType; 59 | 60 | #ifdef __cplusplus 61 | } 62 | #endif 63 | /** @} */ 64 | #endif /* ATCA_DEVTYPES_H_ */ -------------------------------------------------------------------------------- /src/atca_iface.c: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * 4 | * \brief Atmel Crypto Auth hardware interface object 5 | * 6 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 7 | * 8 | * \atmel_crypto_device_library_license_start 9 | * 10 | * \page License 11 | * 12 | * Redistribution and use in source and binary forms, with or without 13 | * modification, are permitted provided that the following conditions are met: 14 | * 15 | * 1. Redistributions of source code must retain the above copyright notice, 16 | * this list of conditions and the following disclaimer. 17 | * 18 | * 2. Redistributions in binary form must reproduce the above copyright notice, 19 | * this list of conditions and the following disclaimer in the documentation 20 | * and/or other materials provided with the distribution. 21 | * 22 | * 3. The name of Atmel may not be used to endorse or promote products derived 23 | * from this software without specific prior written permission. 24 | * 25 | * 4. This software may only be redistributed and used in connection with an 26 | * Atmel integrated circuit. 27 | * 28 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 29 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 30 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 31 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 32 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 36 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 37 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 38 | * POSSIBILITY OF SUCH DAMAGE. 39 | * 40 | * \atmel_crypto_device_library_license_stop 41 | */ 42 | 43 | #include 44 | #include "atca_iface.h" 45 | #include "hal/atca_hal.h" 46 | 47 | /** \defgroup interface ATCAIface (atca_) 48 | * \brief Abstract interface to all CryptoAuth device types. This interface 49 | * connects to the HAL implementation and abstracts the physical details of the 50 | * device communication from all the upper layers of CryptoAuthLib 51 | @{ */ 52 | 53 | /** \brief atca_iface is the C object backing ATCAIface. See the atca_iface.h file for 54 | * details on the ATCAIface methods 55 | */ 56 | 57 | struct atca_iface { 58 | ATCAIfaceType mType; 59 | ATCAIfaceCfg *mIfaceCFG; // points to previous defined/given Cfg object, caller manages this 60 | 61 | ATCA_STATUS (*atinit)(void *hal, ATCAIfaceCfg *); 62 | ATCA_STATUS (*atpostinit)(ATCAIface hal); 63 | ATCA_STATUS (*atsend)(ATCAIface hal, uint8_t *txdata, int txlength); 64 | ATCA_STATUS (*atreceive)( ATCAIface hal, uint8_t *rxdata, uint16_t *rxlength); 65 | ATCA_STATUS (*atwake)(ATCAIface hal); 66 | ATCA_STATUS (*atidle)(ATCAIface hal); 67 | ATCA_STATUS (*atsleep)(ATCAIface hal); 68 | 69 | // treat as private 70 | void *hal_data; // generic pointer used by HAL to point to architecture specific structure 71 | // no ATCA object should touch this except HAL, HAL manages this pointer and memory it points to 72 | }; 73 | 74 | ATCA_STATUS _atinit(ATCAIface caiface, ATCAHAL_t *hal); 75 | 76 | /** \brief constructor for ATCAIface objects 77 | * \param[in] cfg points to the logical configuration for the interface 78 | * \return ATCAIface 79 | */ 80 | 81 | ATCAIface newATCAIface(ATCAIfaceCfg *cfg) // constructor 82 | { 83 | ATCAIface caiface = (ATCAIface)malloc(sizeof(struct atca_iface)); 84 | 85 | caiface->mType = cfg->iface_type; 86 | caiface->mIfaceCFG = cfg; 87 | 88 | if (atinit(caiface) != ATCA_SUCCESS) { 89 | free(caiface); 90 | caiface = NULL; 91 | } 92 | 93 | return caiface; 94 | } 95 | 96 | // public ATCAIface methods 97 | 98 | ATCA_STATUS atinit(ATCAIface caiface) 99 | { 100 | ATCA_STATUS status = ATCA_COMM_FAIL; 101 | ATCAHAL_t hal; 102 | 103 | _atinit( caiface, &hal ); 104 | 105 | status = caiface->atinit( &hal, caiface->mIfaceCFG ); 106 | if (status == ATCA_SUCCESS) { 107 | caiface->hal_data = hal.hal_data; 108 | 109 | // Perform the post init 110 | status = caiface->atpostinit( caiface ); 111 | } 112 | 113 | return status; 114 | } 115 | 116 | ATCA_STATUS atsend(ATCAIface caiface, uint8_t *txdata, int txlength) 117 | { 118 | return caiface->atsend(caiface, txdata, txlength); 119 | } 120 | 121 | ATCA_STATUS atreceive( ATCAIface caiface, uint8_t *rxdata, uint16_t *rxlength) 122 | { 123 | return caiface->atreceive(caiface, rxdata, rxlength); 124 | } 125 | 126 | ATCA_STATUS atwake(ATCAIface caiface) 127 | { 128 | return caiface->atwake(caiface); 129 | } 130 | 131 | ATCA_STATUS atidle(ATCAIface caiface) 132 | { 133 | atca_delay_ms(1); 134 | return caiface->atidle(caiface); 135 | } 136 | 137 | ATCA_STATUS atsleep(ATCAIface caiface) 138 | { 139 | atca_delay_ms(1); 140 | return caiface->atsleep(caiface); 141 | } 142 | 143 | ATCAIfaceCfg * atgetifacecfg(ATCAIface caiface) 144 | { 145 | return caiface->mIfaceCFG; 146 | } 147 | 148 | void* atgetifacehaldat(ATCAIface caiface) 149 | { 150 | return caiface->hal_data; 151 | } 152 | 153 | void deleteATCAIface(ATCAIface *caiface) // destructor 154 | { 155 | if ( *caiface ) { 156 | hal_iface_release( (*caiface)->mType, (*caiface)->hal_data); // let HAL clean up and disable physical level interface if ref count is 0 157 | free((void*)*caiface); 158 | } 159 | 160 | *caiface = NULL; 161 | } 162 | 163 | ATCA_STATUS _atinit(ATCAIface caiface, ATCAHAL_t *hal) 164 | { 165 | // get method mapping to HAL methods for this interface 166 | hal_iface_init( caiface->mIfaceCFG, hal ); 167 | caiface->atinit = hal->halinit; 168 | caiface->atpostinit = hal->halpostinit; 169 | caiface->atsend = hal->halsend; 170 | caiface->atreceive = hal->halreceive; 171 | caiface->atwake = hal->halwake; 172 | caiface->atsleep = hal->halsleep; 173 | caiface->atidle = hal->halidle; 174 | caiface->hal_data = hal->hal_data; 175 | 176 | return ATCA_SUCCESS; 177 | } 178 | /** @} */ 179 | -------------------------------------------------------------------------------- /src/atca_iface.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * 4 | * \brief Atmel Crypto Auth hardware interface object 5 | * 6 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 7 | * 8 | * \atmel_crypto_device_library_license_start 9 | * 10 | * \page License 11 | * 12 | * Redistribution and use in source and binary forms, with or without 13 | * modification, are permitted provided that the following conditions are met: 14 | * 15 | * 1. Redistributions of source code must retain the above copyright notice, 16 | * this list of conditions and the following disclaimer. 17 | * 18 | * 2. Redistributions in binary form must reproduce the above copyright notice, 19 | * this list of conditions and the following disclaimer in the documentation 20 | * and/or other materials provided with the distribution. 21 | * 22 | * 3. The name of Atmel may not be used to endorse or promote products derived 23 | * from this software without specific prior written permission. 24 | * 25 | * 4. This software may only be redistributed and used in connection with an 26 | * Atmel integrated circuit. 27 | * 28 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 29 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 30 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 31 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 32 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 36 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 37 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 38 | * POSSIBILITY OF SUCH DAMAGE. 39 | * 40 | * \atmel_crypto_device_library_license_stop 41 | */ 42 | 43 | #ifndef ATCA_IFACE_H 44 | #define ATCA_IFACE_H 45 | 46 | /** \defgroup interface ATCAIface (atca_) 47 | * \brief Abstract interface to all CryptoAuth device types. This interface 48 | * connects to the HAL implementation and abstracts the physical details of the 49 | * device communication from all the upper layers of CryptoAuthLib 50 | @{ */ 51 | 52 | #ifdef __cplusplus 53 | extern "C" { 54 | #endif 55 | 56 | #include "atca_command.h" 57 | 58 | typedef enum { 59 | ATCA_I2C_IFACE, 60 | ATCA_SWI_IFACE, 61 | ATCA_UART_IFACE, 62 | ATCA_SPI_IFACE, 63 | ATCA_HID_IFACE 64 | // additional physical interface types here 65 | } ATCAIfaceType; 66 | 67 | /* ATCAIfaceCfg is a mediator object between a completely abstract notion of a physical interface and an actual physical interface. 68 | 69 | The main purpose of it is to keep hardware specifics from bleeding into the higher levels - hardware specifics could include 70 | things like framework specific items (ASF SERCOM) vs a non-Atmel I2C library constant that defines an I2C port. But I2C has 71 | roughly the same parameters regardless of architecture and framework. I2C 72 | */ 73 | 74 | struct ATCAI2C { 75 | uint8_t slave_address; // 8-bit slave address 76 | uint8_t bus; // logical i2c bus number, 0-based - HAL will map this to a pin pair for SDA SCL 77 | uint32_t baud; // typically 400000 78 | }; 79 | 80 | struct ATCASWI { 81 | uint8_t bus; // logical SWI bus - HAL will map this to a pin or uart port 82 | }; 83 | 84 | struct ATCAUART { 85 | int port; // logic port number 86 | uint32_t baud; // typically 115200 87 | uint8_t wordsize; // usually 8 88 | uint8_t parity; // 0 == even, 1 == odd, 2 == none 89 | uint8_t stopbits; // 0,1,2 90 | }; 91 | 92 | struct ATCAHID { 93 | int idx; // HID enumeration index 94 | uint32_t vid; // Vendor ID of kit (0x03EB for CK101) 95 | uint32_t pid; // Product ID of kit (0x2312 for CK101) 96 | uint32_t packetsize; // Size of the USB packet 97 | uint8_t guid[16]; // The GUID for this HID device 98 | }; 99 | 100 | typedef struct { 101 | ATCAIfaceType iface_type; // active iface - how to interpret the union below 102 | ATCADeviceType devtype; // explicit device type 103 | 104 | union { // each instance of an iface cfg defines a single type of interface 105 | struct ATCAI2C atcai2c; 106 | struct ATCASWI atcaswi; 107 | struct ATCAUART atcauart; 108 | struct ATCAHID atcahid; 109 | }; 110 | 111 | uint16_t wake_delay; // microseconds of tWHI + tWLO which varies based on chip type 112 | int rx_retries; // the number of retries to attempt for receiving bytes 113 | void *cfg_data; // opaque data used by HAL in device discovery 114 | } ATCAIfaceCfg; 115 | 116 | typedef struct atca_iface * ATCAIface; 117 | ATCAIface newATCAIface(ATCAIfaceCfg *cfg); // constructor 118 | // IFace methods 119 | ATCA_STATUS atinit(ATCAIface caiface); 120 | ATCA_STATUS atpostinit(ATCAIface caiface); 121 | ATCA_STATUS atsend(ATCAIface caiface, uint8_t *txdata, int txlength); 122 | ATCA_STATUS atreceive(ATCAIface caiface, uint8_t *rxdata, uint16_t *rxlength); 123 | ATCA_STATUS atwake(ATCAIface caiface); 124 | ATCA_STATUS atidle(ATCAIface caiface); 125 | ATCA_STATUS atsleep(ATCAIface caiface); 126 | 127 | // accessors 128 | ATCAIfaceCfg * atgetifacecfg(ATCAIface caiface); 129 | void* atgetifacehaldat(ATCAIface caiface); 130 | 131 | void deleteATCAIface( ATCAIface *dev ); // destructor 132 | /*---- end of OATCAIface ----*/ 133 | 134 | #ifdef __cplusplus 135 | } 136 | #endif 137 | /** @} */ 138 | #endif 139 | 140 | 141 | 142 | -------------------------------------------------------------------------------- /src/atca_status.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * 4 | * \brief Atmel Crypto Auth status codes 5 | * 6 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 7 | * 8 | * \atmel_crypto_device_library_license_start 9 | * 10 | * \page License 11 | * 12 | * Redistribution and use in source and binary forms, with or without 13 | * modification, are permitted provided that the following conditions are met: 14 | * 15 | * 1. Redistributions of source code must retain the above copyright notice, 16 | * this list of conditions and the following disclaimer. 17 | * 18 | * 2. Redistributions in binary form must reproduce the above copyright notice, 19 | * this list of conditions and the following disclaimer in the documentation 20 | * and/or other materials provided with the distribution. 21 | * 22 | * 3. The name of Atmel may not be used to endorse or promote products derived 23 | * from this software without specific prior written permission. 24 | * 25 | * 4. This software may only be redistributed and used in connection with an 26 | * Atmel integrated circuit. 27 | * 28 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 29 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 30 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 31 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 32 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 36 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 37 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 38 | * POSSIBILITY OF SUCH DAMAGE. 39 | * 40 | * \atmel_crypto_device_library_license_stop 41 | */ 42 | 43 | #ifndef _ATCA_STATUS_H 44 | #define _ATCA_STATUS_H 45 | 46 | #include 47 | #include 48 | 49 | #ifdef __cplusplus 50 | extern "C" { 51 | #endif 52 | 53 | /* all status codes for the ATCA lib are defined here */ 54 | 55 | typedef enum { 56 | ATCA_SUCCESS = 0x00, //!< Function succeeded. 57 | ATCA_CONFIG_ZONE_LOCKED = 0x01, 58 | ATCA_DATA_ZONE_LOCKED = 0x02, 59 | ATCA_WAKE_FAILED = 0xD0, //!< response status byte indicates CheckMac failure (status byte = 0x01) 60 | ATCA_CHECKMAC_VERIFY_FAILED = 0xD1, //!< response status byte indicates CheckMac failure (status byte = 0x01) 61 | ATCA_PARSE_ERROR = 0xD2, //!< response status byte indicates parsing error (status byte = 0x03) 62 | ATCA_STATUS_CRC = 0xD4, //!< response status byte indicates CRC error (status byte = 0xFF) 63 | ATCA_STATUS_UNKNOWN = 0xD5, //!< response status byte is unknown 64 | ATCA_STATUS_ECC = 0xD6, //!< response status byte is ECC fault (status byte = 0x05) 65 | ATCA_FUNC_FAIL = 0xE0, //!< Function could not execute due to incorrect condition / state. 66 | ATCA_GEN_FAIL = 0xE1, //!< unspecified error 67 | ATCA_BAD_PARAM = 0xE2, //!< bad argument (out of range, null pointer, etc.) 68 | ATCA_INVALID_ID = 0xE3, //!< invalid device id, id not set 69 | ATCA_INVALID_SIZE = 0xE4, //!< Count value is out of range or greater than buffer size. 70 | ATCA_BAD_CRC = 0xE5, //!< incorrect CRC received 71 | ATCA_RX_FAIL = 0xE6, //!< Timed out while waiting for response. Number of bytes received is > 0. 72 | ATCA_RX_NO_RESPONSE = 0xE7, //!< Not an error while the Command layer is polling for a command response. 73 | ATCA_RESYNC_WITH_WAKEUP = 0xE8, //!< Re-synchronization succeeded, but only after generating a Wake-up 74 | ATCA_PARITY_ERROR = 0xE9, //!< for protocols needing parity 75 | ATCA_TX_TIMEOUT = 0xEA, //!< for Atmel PHY protocol, timeout on transmission waiting for master 76 | ATCA_RX_TIMEOUT = 0xEB, //!< for Atmel PHY protocol, timeout on receipt waiting for master 77 | ATCA_COMM_FAIL = 0xF0, //!< Communication with device failed. Same as in hardware dependent modules. 78 | ATCA_TIMEOUT = 0xF1, //!< Timed out while waiting for response. Number of bytes received is 0. 79 | ATCA_BAD_OPCODE = 0xF2, //!< opcode is not supported by the device 80 | ATCA_WAKE_SUCCESS = 0xF3, //!< received proper wake token 81 | ATCA_EXECUTION_ERROR = 0xF4, //!< chip was in a state where it could not execute the command, response status byte indicates command execution error (status byte = 0x0F) 82 | ATCA_UNIMPLEMENTED = 0xF5, //!< Function or some element of it hasn't been implemented yet 83 | ATCA_ASSERT_FAILURE = 0xF6, //!< Code failed run-time consistency check 84 | ATCA_TX_FAIL = 0xF7, //!< Failed to write 85 | ATCA_NOT_LOCKED = 0xF8, //!< required zone was not locked 86 | ATCA_NO_DEVICES = 0xF9, //!< For protocols that support device discovery (kit protocol), no devices were found 87 | } ATCA_STATUS; 88 | 89 | #ifdef __cplusplus 90 | } 91 | #endif 92 | #endif 93 | -------------------------------------------------------------------------------- /src/basic/README.md: -------------------------------------------------------------------------------- 1 | basic directory - Purpose 2 | ========================= 3 | The purpose of this directory is to contain the files implementing the APIs for a basic 4 | interface to the core CryptoAuthLib library. 5 | 6 | High-level functions like these make it very convenient to use the library when standard configurations 7 | and defaults are in play. They are the easiest to use when developing examples or trying to 8 | understand the "flow" of an authentication operation without getting overwhelmed by the details. 9 | 10 | This makes simple jobs easy and if you need more sophistication and power, you can employ 11 | the full power of the CryptoAuthLib object model. 12 | 13 | See the Doxygen documentation in cryptoauthlib/docs for details on the API of the Basic commands. 14 | -------------------------------------------------------------------------------- /src/basic/atca_basic.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief CryptoAuthLib Basic API methods - a simple crypto authentication api. 4 | * These methods manage a global ATCADevice object behind the scenes. They also 5 | * manage the wake/idle state transitions so callers don't need to. 6 | * 7 | * \copyright Copyright (c) 2015 Atmel Corporation. All rights reserved. 8 | * 9 | * \atmel_crypto_device_library_license_start 10 | * 11 | * \page License 12 | * 13 | * Redistribution and use in source and binary forms, with or without 14 | * modification, are permitted provided that the following conditions are met: 15 | * 16 | * 1. Redistributions of source code must retain the above copyright notice, 17 | * this list of conditions and the following disclaimer. 18 | * 19 | * 2. Redistributions in binary form must reproduce the above copyright notice, 20 | * this list of conditions and the following disclaimer in the documentation 21 | * and/or other materials provided with the distribution. 22 | * 23 | * 3. The name of Atmel may not be used to endorse or promote products derived 24 | * from this software without specific prior written permission. 25 | * 26 | * 4. This software may only be redistributed and used in connection with an 27 | * Atmel integrated circuit. 28 | * 29 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 30 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 31 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 32 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 33 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 34 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 35 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 36 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 37 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 38 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 39 | * POSSIBILITY OF SUCH DAMAGE. 40 | * 41 | * \atmel_crypto_device_library_license_stop 42 | */ 43 | 44 | #include "cryptoauthlib.h" 45 | 46 | #ifndef ATCA_BASIC_H_ 47 | #define ATCA_BASIC_H_ 48 | 49 | #define TBD void 50 | 51 | /** \defgroup atcab_ Basic Crypto API methods (atcab_) 52 | * 53 | * \brief 54 | * These methods provide the most convenient, simple API to CryptoAuth chips 55 | * 56 | @{ */ 57 | 58 | #ifdef __cplusplus 59 | extern "C" { 60 | #endif 61 | 62 | // basic global device object methods 63 | ATCA_STATUS atcab_version( char *verstr ); 64 | ATCA_STATUS atcab_init(ATCAIfaceCfg *cfg); 65 | ATCA_STATUS atcab_init_device(ATCADevice cadevice); 66 | ATCA_STATUS atcab_release(void); 67 | ATCADevice atcab_getDevice(void); 68 | 69 | ATCA_STATUS atcab_wakeup(void); 70 | ATCA_STATUS atcab_idle(void); 71 | ATCA_STATUS atcab_sleep(void); 72 | 73 | // discovery 74 | ATCA_STATUS atcab_cfg_discover( ATCAIfaceCfg cfgArray[], int max); 75 | 76 | // basic crypto API 77 | ATCA_STATUS atcab_info(uint8_t *revision); 78 | ATCA_STATUS atcab_challenge(const uint8_t *challenge); 79 | ATCA_STATUS atcab_challenge_seed_update(const uint8_t *seed, uint8_t* rand_out); 80 | ATCA_STATUS atcab_nonce(const uint8_t *tempkey); 81 | ATCA_STATUS atcab_nonce_rand(const uint8_t *seed, uint8_t* rand_out); 82 | ATCA_STATUS atcab_random(uint8_t *rand_out); 83 | 84 | ATCA_STATUS atcab_is_locked(uint8_t zone, bool *lock_state); 85 | ATCA_STATUS atcab_is_slot_locked(uint8_t slot, bool *lock_state); 86 | 87 | ATCA_STATUS atcab_get_addr(uint8_t zone, uint8_t slot, uint8_t block, uint8_t offset, uint16_t* addr); 88 | ATCA_STATUS atcab_read_zone(uint8_t zone, uint8_t slot, uint8_t block, uint8_t offset, uint8_t *data, uint8_t len); 89 | ATCA_STATUS atcab_write_zone(uint8_t zone, uint8_t slot, uint8_t block, uint8_t offset, const uint8_t *data, uint8_t len); 90 | ATCA_STATUS atcab_write_bytes_slot(uint8_t slot, uint16_t offset, const uint8_t *data, uint8_t len); 91 | ATCA_STATUS atcab_write_bytes_zone(ATCADeviceType dev_type, uint8_t zone, uint16_t address, const uint8_t *data, uint8_t len); 92 | ATCA_STATUS atcab_read_bytes_zone(ATCADeviceType dev_type, uint8_t zone, uint16_t address, uint8_t len, uint8_t *data); 93 | 94 | ATCA_STATUS atcab_read_serial_number(uint8_t* serial_number); 95 | ATCA_STATUS atcab_read_pubkey(uint8_t slot8toF, uint8_t *pubkey); 96 | ATCA_STATUS atcab_write_pubkey(uint8_t slot8toF, uint8_t *pubkey); 97 | ATCA_STATUS atcab_read_sig(uint8_t slot8toF, uint8_t *sig); 98 | ATCA_STATUS atcab_read_ecc_config_zone(uint8_t* config_data); 99 | ATCA_STATUS atcab_write_ecc_config_zone(const uint8_t* config_data); 100 | ATCA_STATUS atcab_read_sha_config_zone( uint8_t* config_data); 101 | ATCA_STATUS atcab_write_sha_config_zone(const uint8_t* config_data); 102 | ATCA_STATUS atcab_read_config_zone(ATCADeviceType dev_type, uint8_t* config_data); 103 | ATCA_STATUS atcab_write_config_zone(ATCADeviceType dev_type, const uint8_t* config_data); 104 | ATCA_STATUS atcab_cmp_config_zone(uint8_t* config_data, bool* same_config); 105 | 106 | ATCA_STATUS atcab_read_enc(uint8_t slotid, uint8_t block, uint8_t *data, const uint8_t* enckey, const uint16_t enckeyid); 107 | ATCA_STATUS atcab_write_enc(uint8_t slotid, uint8_t block, const uint8_t *data, const uint8_t* enckey, const uint16_t enckeyid); 108 | 109 | ATCA_STATUS atcab_lock_config_zone(uint8_t* lock_response); 110 | ATCA_STATUS atcab_lock_data_zone(uint8_t* lock_response); 111 | ATCA_STATUS atcab_lock_data_slot(uint8_t slot, uint8_t* lock_response); 112 | 113 | ATCA_STATUS atcab_priv_write(uint8_t slot, const uint8_t priv_key[36], uint8_t write_key_slot, const uint8_t write_key[32]); 114 | ATCA_STATUS atcab_genkey( int slot, uint8_t *pubkey ); 115 | ATCA_STATUS atcab_get_pubkey(uint8_t privSlotId, uint8_t *pubkey); 116 | ATCA_STATUS atcab_calc_pubkey(uint8_t privSlotId, uint8_t *pubkey); 117 | ATCA_STATUS atcab_sign(uint16_t slot, const uint8_t *msg, uint8_t *signature); 118 | ATCA_STATUS atcab_verify_extern(const uint8_t *message, const uint8_t *signature, const uint8_t *pubkey, bool *verified); 119 | ATCA_STATUS atcab_ecdh(uint16_t key_id, const uint8_t* pub_key, uint8_t* ret_ecdh); 120 | ATCA_STATUS atcab_ecdh_enc(uint16_t slotid, const uint8_t* pubkey, uint8_t* ret_ecdh, const uint8_t* enckey, const uint8_t enckeyid); 121 | ATCA_STATUS atcab_gendig(uint8_t zone, uint16_t key_id); 122 | ATCA_STATUS atcab_gendig_host(uint8_t zone, uint16_t key_id, uint8_t *other_data, uint8_t len); 123 | ATCA_STATUS atcab_mac( uint8_t mode, uint16_t key_id, const uint8_t* challenge, uint8_t* digest ); 124 | ATCA_STATUS atcab_checkmac( uint8_t mode, uint16_t key_id, const uint8_t *challenge, const uint8_t *response, const uint8_t *other_data); 125 | 126 | ATCA_STATUS atcab_sha_start(void); 127 | ATCA_STATUS atcab_sha_update(uint16_t length, const uint8_t *message); 128 | ATCA_STATUS atcab_sha_end(uint8_t *digest, uint16_t length, const uint8_t *message); 129 | ATCA_STATUS atcab_sha(uint16_t length, const uint8_t *message, uint8_t *digest); 130 | 131 | #ifdef __cplusplus 132 | } 133 | #endif 134 | 135 | /** @} */ 136 | 137 | #endif /* ATCA_BASIC_H_ */ -------------------------------------------------------------------------------- /src/basic/atca_helpers.c: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief Helpers to support the CryptoAuthLib Basic API methods 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | #include "atca_helpers.h" 43 | #include 44 | 45 | 46 | #ifdef ATCAPRINTF 47 | 48 | #include 49 | 50 | /** \brief convert a binary buffer to a hex string suitable for human reading 51 | * \param[in] binary input buffer to convert 52 | * \param[in] binLen length of buffer to convert 53 | * \param[out] asciihex buffer that receives hex string 54 | * \param[out] hexlen the length of the asciihex buffer 55 | * \return ATCA_STATUS 56 | */ 57 | ATCA_STATUS atcab_bin2hex(const uint8_t* binary, int binLen, char* asciihex, int* asciihexlen) 58 | { 59 | return atcab_bin2hex_(binary, binLen, asciihex, asciihexlen, true); 60 | } 61 | 62 | /** \brief convert a binary buffer to a hex string suitable for human reading 63 | * \param[in] inbuff input buffer to convert 64 | * \param[in] inbuffLen length of buffer to convert 65 | * \param[out] asciihex buffer that receives hex string 66 | * \param[inout] asciihexlen the length of the asciihex buffer 67 | * \param[inout] addspace indicates whether spaces and returns should be added for pretty printing 68 | * \return ATCA_STATUS 69 | */ 70 | ATCA_STATUS atcab_bin2hex_(const uint8_t* binary, int binLen, char* asciihex, int* asciihexlen, bool addspace) 71 | { 72 | int i; 73 | int hexlen = 0; 74 | 75 | // Verify the inputs 76 | if ((binary == NULL) || (asciihex == NULL) || (asciihexlen == NULL)) 77 | return ATCA_BAD_PARAM; 78 | 79 | // Initialize the return bytes to all 0s 80 | memset(asciihex, 0, *asciihexlen); 81 | 82 | // Convert one byte at a time 83 | for (i = 0; i < binLen; i++) { 84 | if (hexlen > *asciihexlen) break; 85 | if ((i % 16 == 0 && i != 0) && addspace) { 86 | sprintf(&asciihex[hexlen], "\r\n"); 87 | hexlen += 2; 88 | } 89 | if (addspace) { 90 | sprintf(&asciihex[hexlen], "%02X ", *binary++); 91 | hexlen += 3; 92 | }else { 93 | sprintf(&asciihex[hexlen], "%02X", *binary++); 94 | hexlen += 2; 95 | } 96 | } 97 | *asciihexlen = (int)strlen(asciihex); 98 | 99 | return ATCA_SUCCESS; 100 | } 101 | 102 | /** \brief convert a binary buffer to a hex string suitable for human reading 103 | * \param[in] inbuff input buffer to convert 104 | * \param[in] inbuffLen length of buffer to convert 105 | * \param[out] outbuff buffer that receives hex string 106 | * \return string length of the output buffer 107 | */ 108 | ATCA_STATUS atcab_hex2bin(const char* asciiHex, int asciiHexLen, uint8_t* binary, int* binLen) 109 | { 110 | int i = 0; 111 | int j = 0; 112 | uint32_t byt; 113 | char* packedHex = NULL; 114 | int packedLen = asciiHexLen; 115 | char hexByte[3]; 116 | 117 | // Verify the inputs 118 | if ((binary == NULL) || (asciiHex == NULL) || (binLen == NULL)) 119 | return ATCA_BAD_PARAM; 120 | 121 | // Pack the bytes (remove white space & make even number of characters) 122 | packedHex = (char*)malloc(packedLen); 123 | memset(packedHex, 0, packedLen); 124 | packHex(asciiHex, asciiHexLen, packedHex, &packedLen); 125 | 126 | // Initialize the binary buffer to all 0s 127 | memset(binary, 0, *binLen); 128 | memset(hexByte, 0, 3); 129 | 130 | // Convert the ascii bytes to binary 131 | for (i = 0, j = 0; i < packedLen; i += 2, j++) { 132 | if (i > packedLen || j > *binLen) break; 133 | // Copy two characters to be scanned 134 | memcpy(hexByte, &packedHex[i], 2); 135 | sscanf(hexByte, "%x", (unsigned int*)&byt); 136 | // take the msb of the uint32_t 137 | binary[j] = byt; 138 | } 139 | *binLen = j; 140 | free(packedHex); 141 | return ATCA_SUCCESS; 142 | } 143 | 144 | //#else 145 | 146 | 147 | #endif 148 | 149 | #if 0 150 | /** 151 | * \brief Checks to see if a character is an ASCII representation of a digit ((c ge '0') and (c le '9')) 152 | * \param[in] c character to check 153 | * \return True if the character is a digit 154 | */ 155 | bool isDigit(char c) 156 | { 157 | return (c >= '0') && (c <= '9'); 158 | } 159 | 160 | /** 161 | * \brief Checks to see if a character is whitespace ((c == '\n') || (c == '\r') || (c == '\t') || (c == ' ')) 162 | * \param[in] c character to check 163 | * \return True if the character is whitespace 164 | */ 165 | bool isWhiteSpace(char c) 166 | { 167 | return (c == '\n') || (c == '\r') || (c == '\t') || (c == ' '); 168 | } 169 | 170 | /** 171 | * \brief Checks to see if a character is an ASCII representation of hex ((c ge 'A') and (c le 'F')) || ((c ge 'a') and (c le 'f')) 172 | * \param[in] c character to check 173 | * \return True if the character is a hex 174 | */ 175 | bool isHexAlpha(char c) 176 | { 177 | return ((c >= 'A') && (c <= 'F')) || ((c >= 'a') && (c <= 'f')); 178 | } 179 | 180 | /** 181 | * \brief Returns true if this character is a valid hex character or if this is whitespace (The character can be 182 | * included in a valid hexstring). 183 | * \param[in] c character to check 184 | * \return True if the character can be included in a valid hexstring 185 | */ 186 | bool isHex(char c) 187 | { 188 | return isDigit(c) || isWhiteSpace(c) || isHexAlpha(c); 189 | } 190 | 191 | /** 192 | * \brief Returns true if this character is a valid hex character. 193 | * \param[in] c character to check 194 | * \return True if the character can be included in a valid hexstring 195 | */ 196 | bool isHexDigit(char c) 197 | { 198 | return isDigit(c) || isHexAlpha(c); 199 | } 200 | #endif 201 | 202 | ATCA_STATUS packHex(const char* asciiHex, int asciiHexLen, char* packedHex, int* packedLen) 203 | { 204 | int i = 0; 205 | int j = 0; 206 | 207 | // Verify the inputs 208 | if ((asciiHex == NULL) || (packedHex == NULL) || (packedLen == NULL)) 209 | return ATCA_BAD_PARAM; 210 | 211 | // Loop through each character and only add the hex characters 212 | for (i = 0; i < asciiHexLen; i++) { 213 | if (isHexDigit(asciiHex[i])) { 214 | if (j > *packedLen) break; 215 | packedHex[j++] = asciiHex[i]; 216 | } 217 | } 218 | // If there are not an even number of characters, then pad with a '0' 219 | 220 | return ATCA_SUCCESS; 221 | } 222 | 223 | -------------------------------------------------------------------------------- /src/basic/atca_helpers.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief Helpers to support the CryptoAuthLib Basic API methods 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | #ifndef ATCA_HELPERS_H_ 43 | #define ATCA_HELPERS_H_ 44 | 45 | #include "cryptoauthlib.h" 46 | 47 | /** \defgroup atcab_ Basic Crypto API methods (atcab_) 48 | * 49 | * \brief 50 | * These methods provide the most convenient, simple API to CryptoAuth chips 51 | * 52 | @{ */ 53 | 54 | #ifdef __cplusplus 55 | extern "C" { 56 | #endif 57 | 58 | #ifdef ATCAPRINTF 59 | ATCA_STATUS atcab_bin2hex(const uint8_t* binary, int binLen, char* asciiHex, int* asciiHexLen); 60 | ATCA_STATUS atcab_bin2hex_(const uint8_t* binary, int binLen, char* asciiHex, int* asciiHexLen, bool addSpace); 61 | ATCA_STATUS atcab_hex2bin(const char* asciiHex, int asciiHexLen, uint8_t* binary, int* binLen); 62 | #else 63 | 64 | #define atcab_bin2hex 65 | 66 | #endif 67 | 68 | ATCA_STATUS packHex(const char* asciiHex, int asciiHexLen, char* packedHex, int* packedLen); 69 | #if 0 70 | bool isDigit(char c); 71 | bool isWhiteSpace(char c); 72 | bool isHexAlpha(char c); 73 | bool isHex(char c); 74 | bool isHexDigit(char c); 75 | #endif 76 | 77 | #ifdef __cplusplus 78 | } 79 | #endif 80 | 81 | /** @} */ 82 | #endif /* ATCA_HELPERS_H_ */ 83 | -------------------------------------------------------------------------------- /src/crypto/README.md: -------------------------------------------------------------------------------- 1 | crypto directory - Purpose 2 | =========================== 3 | This directory contains software implementations of cryptographics functions. The functions at the 4 | base level are wrappers that will point to the final implementations of the software crypto 5 | functions. 6 | 7 | -------------------------------------------------------------------------------- /src/crypto/atca_crypto_sw.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief Common defines for CryptoAuthLib software crypto wrappers. 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | #ifndef ATCA_CRYPTO_SW_H 43 | #define ATCA_CRYPTO_SW_H 44 | 45 | #include "atca_status.h" 46 | 47 | #endif -------------------------------------------------------------------------------- /src/crypto/atca_crypto_sw_ecdsa.c: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief API wrapper for software ECDSA verify. Currently unimplemented but could be 4 | * implemented via a 3rd party library such as MicroECC. 5 | * 6 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 7 | * 8 | * \atmel_crypto_device_library_license_start 9 | * 10 | * \page License 11 | * 12 | * Redistribution and use in source and binary forms, with or without 13 | * modification, are permitted provided that the following conditions are met: 14 | * 15 | * 1. Redistributions of source code must retain the above copyright notice, 16 | * this list of conditions and the following disclaimer. 17 | * 18 | * 2. Redistributions in binary form must reproduce the above copyright notice, 19 | * this list of conditions and the following disclaimer in the documentation 20 | * and/or other materials provided with the distribution. 21 | * 22 | * 3. The name of Atmel may not be used to endorse or promote products derived 23 | * from this software without specific prior written permission. 24 | * 25 | * 4. This software may only be redistributed and used in connection with an 26 | * Atmel integrated circuit. 27 | * 28 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 29 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 30 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 31 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 32 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 36 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 37 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 38 | * POSSIBILITY OF SUCH DAMAGE. 39 | * 40 | * \atmel_crypto_device_library_license_stop 41 | */ 42 | 43 | 44 | #include "atca_crypto_sw_ecdsa.h" 45 | 46 | /** \brief return software generated ECDSA verification result 47 | * \param[in] msg ptr to message or challenge 48 | * \param[in] signature ptr to the signature to verify 49 | * \param[in] public_key ptr to public key of device which signed the challenge 50 | * return ATCA_STATUS 51 | */ 52 | 53 | int atcac_sw_ecdsa_verify_p256( const uint8_t msg[ATCA_ECC_P256_FIELD_SIZE], 54 | const uint8_t signature[ATCA_ECC_P256_SIGNATURE_SIZE], 55 | const uint8_t public_key[ATCA_ECC_P256_PUBLIC_KEY_SIZE]) 56 | { 57 | return ATCA_UNIMPLEMENTED; 58 | } -------------------------------------------------------------------------------- /src/crypto/atca_crypto_sw_ecdsa.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | 43 | #ifndef ATCA_CRYPTO_SW_ECDSA_H 44 | #define ATCA_CRYPTO_SW_ECDSA_H 45 | 46 | #include "atca_crypto_sw.h" 47 | #include 48 | #include 49 | 50 | /** \defgroup atcac_ Software crypto methods (atcac_) 51 | * 52 | * \brief 53 | * These methods provide a software implementation of various crypto 54 | * algorithms 55 | * 56 | @{ */ 57 | 58 | #define ATCA_ECC_P256_FIELD_SIZE (256 / 8) 59 | #define ATCA_ECC_P256_PRIVATE_KEY_SIZE (ATCA_ECC_P256_FIELD_SIZE) 60 | #define ATCA_ECC_P256_PUBLIC_KEY_SIZE (ATCA_ECC_P256_FIELD_SIZE * 2) 61 | #define ATCA_ECC_P256_SIGNATURE_SIZE (ATCA_ECC_P256_FIELD_SIZE * 2) 62 | 63 | #ifdef __cplusplus 64 | extern "C" { 65 | #endif 66 | 67 | int atcac_sw_ecdsa_verify_p256( const uint8_t msg[ATCA_ECC_P256_FIELD_SIZE], 68 | const uint8_t signature[ATCA_ECC_P256_SIGNATURE_SIZE], 69 | const uint8_t public_key[ATCA_ECC_P256_PUBLIC_KEY_SIZE]); 70 | 71 | #ifdef __cplusplus 72 | } 73 | #endif 74 | 75 | /** @} */ 76 | #endif -------------------------------------------------------------------------------- /src/crypto/atca_crypto_sw_rand.c: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief API wrapper for software random 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | #include "atca_crypto_sw_rand.h" 43 | 44 | /** \brief return software generated random number 45 | * \param[out] data ptr to space to receive the random number 46 | * \param[in] data_size size of data buffer 47 | * return ATCA_STATUS 48 | */ 49 | 50 | int atcac_sw_random(uint8_t* data, size_t data_size) 51 | { 52 | return ATCA_UNIMPLEMENTED; 53 | } -------------------------------------------------------------------------------- /src/crypto/atca_crypto_sw_rand.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | #ifndef ATCA_CRYPTO_SW_RAND_H 43 | #define ATCA_CRYPTO_SW_RAND_H 44 | 45 | #include "atca_crypto_sw.h" 46 | #include 47 | #include 48 | 49 | /** \defgroup atcac_ Software crypto methods (atcac_) 50 | * 51 | * \brief 52 | * These methods provide a software implementation of various crypto 53 | * algorithms 54 | * 55 | @{ */ 56 | #ifdef __cplusplus 57 | extern "C" { 58 | #endif 59 | 60 | int atcac_sw_random(uint8_t* data, size_t data_size); 61 | 62 | #ifdef __cplusplus 63 | } 64 | #endif 65 | /** @} */ 66 | 67 | #endif -------------------------------------------------------------------------------- /src/crypto/atca_crypto_sw_sha1.c: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief Wrapper API for SHA 1 routines 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | 43 | #include "atca_crypto_sw_sha1.h" 44 | #include "hashes/sha1_routines.h" 45 | 46 | int atcac_sw_sha1_init(atcac_sha1_ctx* ctx) 47 | { 48 | if (sizeof(CL_HashContext) > sizeof(atcac_sha1_ctx)) 49 | return ATCA_ASSERT_FAILURE; // atcac_sha1_ctx isn't large enough for this implementation 50 | CL_hashInit((CL_HashContext*)ctx); 51 | 52 | return ATCA_SUCCESS; 53 | } 54 | 55 | int atcac_sw_sha1_update(atcac_sha1_ctx* ctx, const uint8_t* data, size_t data_size) 56 | { 57 | CL_hashUpdate((CL_HashContext*)ctx, data, (int)data_size); 58 | 59 | return ATCA_SUCCESS; 60 | } 61 | 62 | int atcac_sw_sha1_finish(atcac_sha1_ctx* ctx, uint8_t digest[ATCA_SHA1_DIGEST_SIZE]) 63 | { 64 | CL_hashFinal((CL_HashContext*)ctx, digest); 65 | 66 | return ATCA_SUCCESS; 67 | } 68 | 69 | int atcac_sw_sha1(const uint8_t* data, size_t data_size, uint8_t digest[ATCA_SHA1_DIGEST_SIZE]) 70 | { 71 | int ret; 72 | atcac_sha1_ctx ctx; 73 | 74 | ret = atcac_sw_sha1_init(&ctx); 75 | if (ret != ATCA_SUCCESS) 76 | return ret; 77 | 78 | ret = atcac_sw_sha1_update(&ctx, data, data_size); 79 | if (ret != ATCA_SUCCESS) 80 | return ret; 81 | 82 | ret = atcac_sw_sha1_finish(&ctx, digest); 83 | if (ret != ATCA_SUCCESS) 84 | return ret; 85 | 86 | return ATCA_SUCCESS; 87 | } -------------------------------------------------------------------------------- /src/crypto/atca_crypto_sw_sha1.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief Wrapper API for SHA 1 routines 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | #ifndef ATCA_CRYPTO_SW_SHA1_H 43 | #define ATCA_CRYPTO_SW_SHA1_H 44 | 45 | #include "atca_crypto_sw.h" 46 | #include 47 | #include 48 | 49 | /** \defgroup atcac_ Software crypto methods (atcac_) 50 | * 51 | * \brief 52 | * These methods provide a software implementation of various crypto 53 | * algorithms 54 | * 55 | @{ */ 56 | 57 | #define ATCA_SHA1_DIGEST_SIZE (20) 58 | 59 | typedef struct { 60 | uint32_t pad[32]; //!< Filler value to make sure the actual implementation has enough room to store its context. uint32_t is used to remove some alignment warnings. 61 | } atcac_sha1_ctx; 62 | 63 | #ifdef __cplusplus 64 | extern "C" { 65 | #endif 66 | 67 | int atcac_sw_sha1_init(atcac_sha1_ctx* ctx); 68 | int atcac_sw_sha1_update(atcac_sha1_ctx* ctx, const uint8_t* data, size_t data_size); 69 | int atcac_sw_sha1_finish(atcac_sha1_ctx * ctx, uint8_t digest[ATCA_SHA1_DIGEST_SIZE]); 70 | int atcac_sw_sha1(const uint8_t * data, size_t data_size, uint8_t digest[ATCA_SHA1_DIGEST_SIZE]); 71 | 72 | #ifdef __cplusplus 73 | } 74 | #endif 75 | 76 | /** @} */ 77 | #endif -------------------------------------------------------------------------------- /src/crypto/atca_crypto_sw_sha2.c: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief Wrapper API for software SHA 256 routines 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | #include "atca_crypto_sw_sha2.h" 43 | #include "hashes/sha2_routines.h" 44 | 45 | /** \brief initializes the SHA256 software 46 | * \param[in] ctx ptr to context data structure 47 | * \return ATCA_STATUS value 48 | */ 49 | 50 | int atcac_sw_sha2_256_init(atcac_sha2_256_ctx* ctx) 51 | { 52 | if (sizeof(sw_sha256_ctx) > sizeof(atcac_sha2_256_ctx)) 53 | return ATCA_ASSERT_FAILURE; // atcac_sha1_ctx isn't large enough for this implementation 54 | sw_sha256_init((sw_sha256_ctx*)ctx); 55 | 56 | return ATCA_SUCCESS; 57 | } 58 | 59 | /** \brief updates the running hash with the next block of data, called iteratively for the entire 60 | stream of data to be hashed 61 | \param[in] ctx ptr to SHA context data structure 62 | \param[in] data ptr to next block of data to hash 63 | \param[in] data_size size amount of data to hash in the given block, in bytes 64 | \return ATCA_STATUS 65 | */ 66 | 67 | int atcac_sw_sha2_256_update(atcac_sha2_256_ctx* ctx, const uint8_t* data, size_t data_size) 68 | { 69 | sw_sha256_update((sw_sha256_ctx*)ctx, data, (uint32_t)data_size); 70 | 71 | return ATCA_SUCCESS; 72 | } 73 | 74 | /** \brief completes the final SHA calculation and returns the final digest/hash 75 | * \param[in] ctx ptr to context data structure 76 | * \param[out] digest receives the computed digest of the SHA 256 has 77 | * \return ATCA_STATUS 78 | */ 79 | 80 | int atcac_sw_sha2_256_finish(atcac_sha2_256_ctx* ctx, uint8_t digest[ATCA_SHA2_256_DIGEST_SIZE]) 81 | { 82 | sw_sha256_final((sw_sha256_ctx*)ctx, digest); 83 | 84 | return ATCA_SUCCESS; 85 | } 86 | 87 | 88 | /** \brief single call convenience function to comput SHA256 of given data 89 | * \param[in] data pointer to stream of data to hash 90 | * \param[in] data_size size of data stream to hash 91 | * \param[out] digest result 92 | * \return ATCA_STATUS 93 | */ 94 | 95 | int atcac_sw_sha2_256(const uint8_t* data, size_t data_size, uint8_t digest[ATCA_SHA2_256_DIGEST_SIZE]) 96 | { 97 | int ret; 98 | atcac_sha2_256_ctx ctx; 99 | 100 | ret = atcac_sw_sha2_256_init(&ctx); 101 | if (ret != ATCA_SUCCESS) 102 | return ret; 103 | 104 | ret = atcac_sw_sha2_256_update(&ctx, data, data_size); 105 | if (ret != ATCA_SUCCESS) 106 | return ret; 107 | 108 | ret = atcac_sw_sha2_256_finish(&ctx, digest); 109 | if (ret != ATCA_SUCCESS) 110 | return ret; 111 | 112 | return ATCA_SUCCESS; 113 | } -------------------------------------------------------------------------------- /src/crypto/atca_crypto_sw_sha2.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief Wrapper API for software SHA 256 routines 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | #ifndef ATCA_CRYPTO_SW_SHA2_H 43 | #define ATCA_CRYPTO_SW_SHA2_H 44 | 45 | #include "atca_crypto_sw.h" 46 | #include 47 | #include 48 | 49 | /** \defgroup atcac_ Software crypto methods (atcac_) 50 | * 51 | * \brief 52 | * These methods provide a software implementation of various crypto 53 | * algorithms 54 | * 55 | @{ */ 56 | 57 | #define ATCA_SHA2_256_DIGEST_SIZE (32) 58 | 59 | typedef struct { 60 | uint32_t pad[48]; //!< Filler value to make sure the actual implementation has enough room to store its context. uint32_t is used to remove some alignment warnings. 61 | } atcac_sha2_256_ctx; 62 | 63 | #ifdef __cplusplus 64 | extern "C" { 65 | #endif 66 | 67 | int atcac_sw_sha2_256_init(atcac_sha2_256_ctx* ctx); 68 | int atcac_sw_sha2_256_update(atcac_sha2_256_ctx* ctx, const uint8_t* data, size_t data_size); 69 | int atcac_sw_sha2_256_finish(atcac_sha2_256_ctx * ctx, uint8_t digest[ATCA_SHA2_256_DIGEST_SIZE]); 70 | int atcac_sw_sha2_256(const uint8_t * data, size_t data_size, uint8_t digest[ATCA_SHA2_256_DIGEST_SIZE]); 71 | 72 | #ifdef __cplusplus 73 | } 74 | #endif 75 | 76 | /** @} */ 77 | #endif -------------------------------------------------------------------------------- /src/crypto/hashes/sha1_routines.c: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief Software implementation of the SHA1 algorithm. 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | #include "sha1_routines.h" 43 | #include 44 | 45 | void CL_hashInit(CL_HashContext *ctx) 46 | { 47 | static const U32 hashContext_h_init[] = { 48 | 0x67452301, 49 | 0xefcdab89, 50 | 0x98badcfe, 51 | 0x10325476, 52 | 0xc3d2e1f0 53 | }; 54 | 55 | // Initialize context 56 | memset(ctx, 0, sizeof(*ctx)); 57 | memcpy_P(ctx->h, hashContext_h_init, sizeof(ctx->h)); 58 | } 59 | 60 | void CL_hashUpdate(CL_HashContext *ctx, const U8 *src, int nbytes) 61 | { 62 | 63 | /* 64 | Digest src bytes, updating context. 65 | */ 66 | 67 | U8 i, freeBytes; 68 | U32 temp32; 69 | 70 | typedef struct { 71 | U8 buf[64]; 72 | } Buf64; 73 | 74 | // We are counting on the fact that Buf64 is 64 bytes long. In 75 | // principle the compiler may make Buf64 bigger 64 bytes, but this 76 | // seems unlikely. Add an assertion check to be sure. Beware that 77 | // assert may not be active in release versions. 78 | // 79 | //assert(sizeof(Buf64) == 64); 80 | 81 | // Get number of free bytes in the buf 82 | freeBytes = (U8)(ctx->byteCount); 83 | freeBytes &= 63; 84 | freeBytes = (U8)(64 - freeBytes); 85 | 86 | while (nbytes > 0) { 87 | 88 | // Get i, number of bytes to transfer from src 89 | i = freeBytes; 90 | if (nbytes < i) i = (U8)nbytes; 91 | 92 | // Copy src bytes to buf 93 | if (i == 64) 94 | // This seems to be much faster on IAR than memcpy(). 95 | *(Buf64*)(ctx->buf) = *(Buf64*)src; 96 | else 97 | // Have to use memcpy, size is other than 64 bytes. 98 | memcpy(((U8*)ctx->buf) + 64 - freeBytes, src, i); 99 | 100 | // Adjust for transferred bytes 101 | src += i; 102 | nbytes -= i; 103 | freeBytes -= i; 104 | 105 | // Do SHA crunch if buf is full 106 | if (freeBytes == 0) 107 | shaEngine(ctx->buf, ctx->h); 108 | 109 | // Update 64-bit byte count 110 | temp32 = (ctx->byteCount += i); 111 | if (temp32 == 0) ++ctx->byteCountHi; 112 | 113 | // Set up for next iteration 114 | freeBytes = 64; 115 | } 116 | } 117 | 118 | void CL_hashFinal(CL_HashContext *ctx, U8 *dest) 119 | { 120 | 121 | /* 122 | Finish a hash calculation and put result in dest. 123 | */ 124 | 125 | U8 i; 126 | U8 nbytes; 127 | U32 temp; 128 | U8 *ptr; 129 | 130 | /* Append pad byte, clear trailing bytes */ 131 | nbytes = (U8)(ctx->byteCount) & 63; 132 | ((U8*)ctx->buf)[nbytes] = 0x80; 133 | for (i = (nbytes + 1); i < 64; i++) ((U8*)ctx->buf)[i] = 0; 134 | 135 | /* 136 | If no room for an 8-byte count at end of buf, digest the buf, 137 | then clear it 138 | */ 139 | if (nbytes > (64 - 9)) { 140 | shaEngine(ctx->buf, ctx->h); 141 | memset(ctx->buf, 0, 64); 142 | } 143 | 144 | /* 145 | Put the 8-byte bit count at end of buf. We have been tracking 146 | bytes, not bits, so we left-shift our byte count by 3 as we do 147 | this. 148 | */ 149 | temp = ctx->byteCount << 3; // low 4 bytes of bit count 150 | ptr = &((U8*)ctx->buf)[63]; // point to low byte of bit count 151 | for (i = 0; i < 4; i++) { 152 | *ptr-- = (U8)temp; 153 | temp >>= 8; 154 | } 155 | // 156 | temp = ctx->byteCountHi << 3; 157 | temp |= ctx->byteCount >> (32 - 3); // high 4 bytes of bit count 158 | for (i = 0; i < 4; i++) { 159 | *ptr-- = (U8)temp; 160 | temp >>= 8; 161 | } 162 | //show("final SHA crunch", ctx->buf, 64); 163 | 164 | /* Final digestion */ 165 | shaEngine(ctx->buf, ctx->h); 166 | 167 | /* Unpack chaining variables to dest bytes. */ 168 | memcpy(dest, ctx->h, 20); 169 | for (i = 0; i < 5; i++) { 170 | dest[i * 4 + 0] = (ctx->h[i] >> 24) & 0xFF; 171 | dest[i * 4 + 1] = (ctx->h[i] >> 16) & 0xFF; 172 | dest[i * 4 + 2] = (ctx->h[i] >> 8) & 0xFF; 173 | dest[i * 4 + 3] = (ctx->h[i] >> 0) & 0xFF; 174 | } 175 | } 176 | 177 | 178 | void CL_hash(U8 *msg, int msgBytes, U8 *dest) 179 | { 180 | CL_HashContext ctx; 181 | 182 | CL_hashInit(&ctx); 183 | CL_hashUpdate(&ctx, msg, msgBytes); 184 | CL_hashFinal(&ctx, dest); 185 | } 186 | 187 | void shaEngine(U32 *buf, U32 *h) 188 | { 189 | 190 | /* 191 | SHA-1 Engine. From FIPS 180. 192 | 193 | On entry, buf[64] contains the 64 bytes to digest. These bytes 194 | are destroyed. 195 | 196 | _H[20] contains the 5 chaining variables. They must have the 197 | proper value on entry and are updated on exit. 198 | 199 | The order of bytes in buf[] and _h[] matches that used by the 200 | hardware SHA engine. 201 | */ 202 | 203 | U8 t; 204 | U32 a, b, c, d, e; 205 | U32 temp = 0; 206 | U8 *p; 207 | U32 *w = (U32*)buf; 208 | 209 | /* 210 | Pack first 64 bytes of buf into w[0,...,15]. Within a word, 211 | bytes are big-endian. Do this in place -- buf[0,...,63] 212 | overlays w[0,...,15]. 213 | */ 214 | p = (U8*)w; 215 | for (t = 0; t < 16; t++) { 216 | temp = (temp << 8) | *p++; 217 | temp = (temp << 8) | *p++; 218 | temp = (temp << 8) | *p++; 219 | temp = (temp << 8) | *p++; 220 | w[t] = temp; 221 | } 222 | 223 | /* 224 | Pack the 20 bytes of _h[] into h[0,...,4]. Do in place using 225 | same convention as for buidling w[]. 226 | */ 227 | //p = (U8*)h; 228 | //for (t = 0; t < 5; t++) { 229 | //temp = (temp << 8) | *p++; 230 | //temp = (temp << 8) | *p++; 231 | //temp = (temp << 8) | *p++; 232 | //temp = (temp << 8) | *p++; 233 | //h[t] = temp; 234 | //} 235 | 236 | /* Copy the chaining variables to a, b, c, d, e */ 237 | a = h[0]; 238 | b = h[1]; 239 | c = h[2]; 240 | d = h[3]; 241 | e = h[4]; 242 | 243 | /* Now do the 80 rounds */ 244 | for (t = 0; t < 80; t++) { 245 | 246 | temp = a; 247 | leftRotate(temp, 5); 248 | temp += e; 249 | temp += w[t & 0xf]; 250 | 251 | if (t < 20) { 252 | temp += (b & c) | (~b & d); 253 | temp += 0x5a827999L; 254 | }else if (t < 40) { 255 | temp += b ^ c ^ d; 256 | temp += 0x6ed9eba1L; 257 | }else if (t < 60) { 258 | temp += (b & c) | (b & d) | (c & d); 259 | temp += 0x8f1bbcdcL; 260 | }else { 261 | temp += b ^ c ^ d; 262 | temp += 0xca62c1d6L; 263 | } 264 | 265 | e = d; 266 | d = c; 267 | c = b; leftRotate(c, 30); 268 | b = a; 269 | a = temp; 270 | 271 | temp = w[t & 0xf] ^ w[(t - 3) & 0xf] ^ w[(t - 8) & 0xf] ^ w[(t - 14) & 0xf]; 272 | leftRotate(temp, 1); 273 | w[t & 0xf] = temp; 274 | 275 | } 276 | 277 | /* Update the chaining variables */ 278 | h[0] += a; 279 | h[1] += b; 280 | h[2] += c; 281 | h[3] += d; 282 | h[4] += e; 283 | 284 | /* Unpack the chaining variables into _h[] buffer. */ 285 | //p = (U8*)h; 286 | //for (t = 0; t < 5; t++) { 287 | //temp = h[t]; 288 | //p[3] = (U8)temp; temp >>= 8; 289 | //p[2] = (U8)temp; temp >>= 8; 290 | //p[1] = (U8)temp; temp >>= 8; 291 | //p[0] = (U8)temp; 292 | //p += 4; 293 | //} 294 | 295 | } -------------------------------------------------------------------------------- /src/crypto/hashes/sha1_routines.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief Software implementation of the SHA1 algorithm. 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | #ifndef __SHA1_ROUTINES_DOT_H__ 43 | #define __SHA1_ROUTINES_DOT_H__ 44 | 45 | #include 46 | #include 47 | #include 48 | 49 | #ifdef WIN32 50 | #include 51 | #include 52 | #endif 53 | 54 | #include 55 | 56 | 57 | #ifndef U8 58 | #define U8 uint8_t 59 | #endif 60 | 61 | #ifndef U16 62 | #define U16 uint16_t 63 | #endif 64 | 65 | #ifndef U32 66 | #define U32 uint32_t 67 | #endif 68 | 69 | 70 | #ifndef memcpy_P 71 | #define memcpy_P memmove 72 | #endif 73 | 74 | #ifndef strcpy_P 75 | #define strcpy_P strcpy 76 | #endif 77 | 78 | #ifndef _WDRESET 79 | #define _WDRESET() 80 | #define _NOP() 81 | #endif 82 | 83 | typedef struct { 84 | U32 h[20 / 4]; // Ensure it's word aligned 85 | U32 buf[64 / 4]; // Ensure it's word aligned 86 | U32 byteCount; 87 | U32 byteCountHi; 88 | } CL_HashContext; 89 | 90 | #define leftRotate(x, n) (x) = (((x) << (n)) | ((x) >> (32 - (n)))) 91 | 92 | void shaEngine(U32 *buf, U32 *h); 93 | void CL_hashInit(CL_HashContext *ctx); 94 | void CL_hashUpdate(CL_HashContext *ctx, const U8 *src, int nbytes); 95 | void CL_hashFinal(CL_HashContext *ctx, U8 *dest); 96 | void CL_hash(U8 *msg, int msgBytes, U8 *dest); 97 | 98 | #endif // __SHA1_ROUTINES_DOT_H__ 99 | 100 | -------------------------------------------------------------------------------- /src/crypto/hashes/sha2_routines.c: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief Software implementation of the SHA256 algorithm. 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | #include 43 | #include "sha2_routines.h" 44 | 45 | #define rotate_right(value, places) ((value >> places) | (value << (32 - places))) 46 | 47 | /** 48 | * \brief Processes whole blocks (64 bytes) of data. 49 | * 50 | * \param[in] ctx SAH256 hash context 51 | * \param[in] blocks Raw blocks to be processed 52 | * \param[in] block_count Number of 64-byte blocks to process 53 | */ 54 | static void sw_sha256_process(sw_sha256_ctx* ctx, const uint8_t* blocks, uint32_t block_count) 55 | { 56 | int i = 0; 57 | uint32_t block = 0; 58 | 59 | union { 60 | uint32_t w_word[SHA256_BLOCK_SIZE]; 61 | uint8_t w_byte[SHA256_BLOCK_SIZE * sizeof(uint32_t)]; 62 | } w_union; 63 | 64 | static const uint32_t k[] = { 65 | 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 66 | 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 67 | 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 68 | 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, 69 | 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 70 | 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, 71 | 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, 72 | 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 73 | }; 74 | 75 | // Loop through all the blocks to process 76 | for (block = 0; block < block_count; block++) { 77 | uint32_t w_index; 78 | uint32_t word_value; 79 | uint32_t s0, s1; 80 | uint32_t t1, t2; 81 | uint32_t maj, ch; 82 | uint32_t rotate_register[8]; 83 | const uint8_t* cur_msg_block = &blocks[block * SHA256_BLOCK_SIZE]; 84 | 85 | // Swap word bytes 86 | for (i = 0; i < SHA256_BLOCK_SIZE; i += 4) { 87 | w_union.w_byte[i + 3] = cur_msg_block[i + 0]; 88 | w_union.w_byte[i + 2] = cur_msg_block[i + 1]; 89 | w_union.w_byte[i + 1] = cur_msg_block[i + 2]; 90 | w_union.w_byte[i + 0] = cur_msg_block[i + 3]; 91 | } 92 | 93 | w_index = 16; 94 | while (w_index < SHA256_BLOCK_SIZE) { 95 | // right rotate for 32-bit variable in C: (value >> places) | (value << 32 - places) 96 | word_value = w_union.w_word[w_index - 15]; 97 | s0 = rotate_right(word_value, 7) ^ rotate_right(word_value, 18) ^ (word_value >> 3); 98 | 99 | word_value = w_union.w_word[w_index - 2]; 100 | s1 = rotate_right(word_value, 17) ^ rotate_right(word_value, 19) ^ (word_value >> 10); 101 | 102 | w_union.w_word[w_index] = w_union.w_word[w_index - 16] + s0 + w_union.w_word[w_index - 7] + s1; 103 | 104 | w_index++; 105 | } 106 | 107 | // Initialize hash value for this chunk. 108 | for (i = 0; i < 8; i++) 109 | rotate_register[i] = ctx->hash[i]; 110 | 111 | // hash calculation loop 112 | for (i = 0; i < SHA256_BLOCK_SIZE; i++) { 113 | s0 = rotate_right(rotate_register[0], 2) 114 | ^ rotate_right(rotate_register[0], 13) 115 | ^ rotate_right(rotate_register[0], 22); 116 | maj = (rotate_register[0] & rotate_register[1]) 117 | ^ (rotate_register[0] & rotate_register[2]) 118 | ^ (rotate_register[1] & rotate_register[2]); 119 | t2 = s0 + maj; 120 | s1 = rotate_right(rotate_register[4], 6) 121 | ^ rotate_right(rotate_register[4], 11) 122 | ^ rotate_right(rotate_register[4], 25); 123 | ch = (rotate_register[4] & rotate_register[5]) 124 | ^ (~rotate_register[4] & rotate_register[6]); 125 | t1 = rotate_register[7] + s1 + ch + k[i] + w_union.w_word[i]; 126 | 127 | rotate_register[7] = rotate_register[6]; 128 | rotate_register[6] = rotate_register[5]; 129 | rotate_register[5] = rotate_register[4]; 130 | rotate_register[4] = rotate_register[3] + t1; 131 | rotate_register[3] = rotate_register[2]; 132 | rotate_register[2] = rotate_register[1]; 133 | rotate_register[1] = rotate_register[0]; 134 | rotate_register[0] = t1 + t2; 135 | } 136 | 137 | // Add the hash of this block to current result. 138 | for (i = 0; i < 8; i++) 139 | ctx->hash[i] += rotate_register[i]; 140 | } 141 | } 142 | 143 | void sw_sha256_init(sw_sha256_ctx* ctx) 144 | { 145 | static const uint32_t hash_init[] = { 146 | 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 147 | 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 148 | }; 149 | int i; 150 | 151 | memset(ctx, 0, sizeof(*ctx)); 152 | for (i = 0; i < 8; i++) 153 | ctx->hash[i] = hash_init[i]; 154 | } 155 | 156 | void sw_sha256_update(sw_sha256_ctx* ctx, const uint8_t* msg, uint32_t msg_size) 157 | { 158 | uint32_t block_count; 159 | uint32_t rem_size = SHA256_BLOCK_SIZE - ctx->block_size; 160 | uint32_t copy_size = msg_size > rem_size ? rem_size : msg_size; 161 | 162 | // Copy data into current block 163 | memcpy(&ctx->block[ctx->block_size], msg, copy_size); 164 | 165 | if (ctx->block_size + msg_size < SHA256_BLOCK_SIZE) { 166 | // Not enough data to finish off the current block 167 | ctx->block_size += msg_size; 168 | return; 169 | } 170 | 171 | // Process the current block 172 | sw_sha256_process(ctx, ctx->block, 1); 173 | 174 | // Process any additional blocks 175 | msg_size -= copy_size; // Adjust to the remaining message bytes 176 | block_count = msg_size / SHA256_BLOCK_SIZE; 177 | sw_sha256_process(ctx, &msg[copy_size], block_count); 178 | 179 | // Save any remaining data 180 | ctx->total_msg_size += (block_count + 1) * SHA256_BLOCK_SIZE; 181 | ctx->block_size = msg_size % SHA256_BLOCK_SIZE; 182 | memcpy(ctx->block, &msg[copy_size + block_count * SHA256_BLOCK_SIZE], ctx->block_size); 183 | } 184 | 185 | void sw_sha256_final(sw_sha256_ctx* ctx, uint8_t digest[SHA256_DIGEST_SIZE]) 186 | { 187 | int i, j; 188 | uint32_t msg_size_bits; 189 | uint32_t pad_zero_count; 190 | 191 | // Calculate the total message size in bits 192 | ctx->total_msg_size += ctx->block_size; 193 | msg_size_bits = ctx->total_msg_size * 8; 194 | 195 | // Calculate the number of padding zero bytes required between the 1 bit byte and the 64 bit message size in bits. 196 | pad_zero_count = (SHA256_BLOCK_SIZE - ((ctx->block_size + 9) % SHA256_BLOCK_SIZE)) % SHA256_BLOCK_SIZE; 197 | 198 | // Append a single 1 bit 199 | ctx->block[ctx->block_size++] = 0x80; 200 | 201 | // Add padding zeros plus upper 4 bytes of total msg size in bits (only supporting 32bit message bit counts) 202 | memset(&ctx->block[ctx->block_size], 0, pad_zero_count + 4); 203 | ctx->block_size += pad_zero_count + 4; 204 | 205 | // Add the total message size in bits to the end of the current block. Technically this is 206 | // supposed to be 8 bytes. This shortcut will reduce the max message size to 536,870,911 bytes. 207 | ctx->block[ctx->block_size++] = (uint8_t)(msg_size_bits >> 24); 208 | ctx->block[ctx->block_size++] = (uint8_t)(msg_size_bits >> 16); 209 | ctx->block[ctx->block_size++] = (uint8_t)(msg_size_bits >> 8); 210 | ctx->block[ctx->block_size++] = (uint8_t)(msg_size_bits >> 0); 211 | 212 | sw_sha256_process(ctx, ctx->block, ctx->block_size / SHA256_BLOCK_SIZE); 213 | 214 | // All blocks have been processed. 215 | // Concatenate the hashes to produce digest, MSB of every hash first. 216 | for (i = 0; i < 8; i++) 217 | for (j = sizeof(int32_t) - 1; j >= 0; j--, ctx->hash[i] >>= 8) 218 | digest[i * sizeof(int32_t) + j] = ctx->hash[i] & 0xFF; 219 | } 220 | 221 | void sw_sha256(const uint8_t* message, unsigned int len, uint8_t digest[SHA256_DIGEST_SIZE]) 222 | { 223 | sw_sha256_ctx ctx; 224 | 225 | sw_sha256_init(&ctx); 226 | sw_sha256_update(&ctx, message, len); 227 | sw_sha256_final(&ctx, digest); 228 | } -------------------------------------------------------------------------------- /src/crypto/hashes/sha2_routines.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief Software implementation of the SHA256 algorithm. 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | #ifndef SHA2_ROUTINES_H 43 | #define SHA2_ROUTINES_H 44 | 45 | #include 46 | 47 | #define SHA256_DIGEST_SIZE (32) 48 | #define SHA256_BLOCK_SIZE (64) 49 | 50 | #ifdef __cplusplus 51 | extern "C" { 52 | #endif 53 | 54 | typedef struct { 55 | uint32_t total_msg_size; //!< Total number of message bytes processed 56 | uint32_t block_size; //!< Number of bytes in current block 57 | uint8_t block[SHA256_BLOCK_SIZE * 2]; //!< Unprocessed message storage 58 | uint32_t hash[8]; //!< Hash state 59 | } sw_sha256_ctx; 60 | 61 | void sw_sha256_init(sw_sha256_ctx* ctx); 62 | 63 | void sw_sha256_update(sw_sha256_ctx* ctx, const uint8_t* message, uint32_t len); 64 | 65 | void sw_sha256_final(sw_sha256_ctx * ctx, uint8_t digest[SHA256_DIGEST_SIZE]); 66 | 67 | void sw_sha256(const uint8_t * message, unsigned int len, uint8_t digest[SHA256_DIGEST_SIZE]); 68 | 69 | #ifdef __cplusplus 70 | } 71 | #endif 72 | 73 | #endif // SHA2_ROUTINES_H 74 | 75 | -------------------------------------------------------------------------------- /src/hal/atca_hal.c: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief low-level HAL - methods used to setup indirection to physical layer interface. 4 | * this level does the dirty work of abstracting the higher level ATCAIFace methods from the 5 | * low-level physical interfaces. Its main goal is to keep low-level details from bleeding into 6 | * the logical interface implemetation. 7 | * 8 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 9 | * 10 | * \atmel_crypto_device_library_license_start 11 | * 12 | * \page License 13 | * 14 | * Redistribution and use in source and binary forms, with or without 15 | * modification, are permitted provided that the following conditions are met: 16 | * 17 | * 1. Redistributions of source code must retain the above copyright notice, 18 | * this list of conditions and the following disclaimer. 19 | * 20 | * 2. Redistributions in binary form must reproduce the above copyright notice, 21 | * this list of conditions and the following disclaimer in the documentation 22 | * and/or other materials provided with the distribution. 23 | * 24 | * 3. The name of Atmel may not be used to endorse or promote products derived 25 | * from this software without specific prior written permission. 26 | * 27 | * 4. This software may only be redistributed and used in connection with an 28 | * Atmel integrated circuit. 29 | * 30 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 31 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 32 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 33 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 34 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 35 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 36 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 37 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 38 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 39 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 40 | * POSSIBILITY OF SUCH DAMAGE. 41 | * 42 | * \atmel_crypto_device_library_license_stop 43 | */ 44 | 45 | 46 | /* when incorporating ATCA HAL into your application, you need to adjust the #defines in atca_hal.h to include 47 | * and exclude appropriate interfaces - this optimizes memory use when not using a specific iface implementation in your application */ 48 | 49 | #include "cryptoauthlib.h" 50 | #include "atca_hal.h" 51 | 52 | /** \brief Standard HAL API for ATCA to initialize a physical interface 53 | * \param[in] cfg pointer to ATCAIfaceCfg object 54 | * \param[in] hal pointer to ATCAHAL_t intermediate datastructure 55 | */ 56 | 57 | ATCA_STATUS hal_iface_init( ATCAIfaceCfg *cfg, ATCAHAL_t *hal ) 58 | { 59 | // Because C isn't a real object oriented language or dynamically typed, some switch in the overall system is unavoidable 60 | // The key here is to provide the flexibility to include just the types of interfaces you want/need without breaking the 61 | // object model. The former is needed so in an embedded, constrained memory environment, you don't have to pay the price 62 | // (in terms of memory) for interfaces you don't use in your application. 63 | ATCA_STATUS status = ATCA_COMM_FAIL; 64 | 65 | switch (cfg->iface_type) { 66 | case ATCA_I2C_IFACE: 67 | #ifdef ATCA_HAL_I2C 68 | hal->halinit = &hal_i2c_init; 69 | hal->halpostinit = &hal_i2c_post_init; 70 | hal->halreceive = &hal_i2c_receive; 71 | hal->halsend = &hal_i2c_send; 72 | hal->halsleep = &hal_i2c_sleep; 73 | hal->halwake = &hal_i2c_wake; 74 | hal->halidle = &hal_i2c_idle; 75 | hal->halrelease = &hal_i2c_release; 76 | hal->hal_data = NULL; 77 | 78 | status = ATCA_SUCCESS; 79 | #endif 80 | break; 81 | case ATCA_SWI_IFACE: 82 | #ifdef ATCA_HAL_SWI 83 | hal->halinit = &hal_swi_init; 84 | hal->halpostinit = &hal_swi_post_init; 85 | hal->halreceive = &hal_swi_receive; 86 | hal->halsend = &hal_swi_send; 87 | hal->halsleep = &hal_swi_sleep; 88 | hal->halwake = &hal_swi_wake; 89 | hal->halidle = &hal_swi_idle; 90 | hal->halrelease = &hal_swi_release; 91 | hal->hal_data = NULL; 92 | 93 | status = ATCA_SUCCESS; 94 | #endif 95 | break; 96 | case ATCA_UART_IFACE: 97 | #ifdef ATCA_HAL_UART 98 | // TODO - initialize UART iface 99 | #endif 100 | #ifdef ATCA_HAL_KIT_CDC 101 | hal->halinit = &hal_kit_cdc_init; 102 | hal->halpostinit = &hal_kit_cdc_post_init; 103 | hal->halreceive = &hal_kit_cdc_receive; 104 | hal->halsend = &hal_kit_cdc_send; 105 | hal->halsleep = &hal_kit_cdc_sleep; 106 | hal->halwake = &hal_kit_cdc_wake; 107 | hal->halidle = &hal_kit_cdc_idle; 108 | hal->halrelease = &hal_kit_cdc_release; 109 | hal->hal_data = NULL; 110 | 111 | status = ATCA_SUCCESS; 112 | #endif 113 | break; 114 | case ATCA_SPI_IFACE: 115 | #ifdef ATCA_HAL_SPI 116 | // TODO - initialize SPI iface 117 | #endif 118 | break; 119 | case ATCA_HID_IFACE: 120 | #ifdef ATCA_HAL_KIT_HID 121 | hal->halinit = &hal_kit_hid_init; 122 | hal->halpostinit = &hal_kit_hid_post_init; 123 | hal->halreceive = &hal_kit_hid_receive; 124 | hal->halsend = &hal_kit_hid_send; 125 | hal->halsleep = &hal_kit_hid_sleep; 126 | hal->halwake = &hal_kit_hid_wake; 127 | hal->halidle = &hal_kit_hid_idle; 128 | hal->halrelease = &hal_kit_hid_release; 129 | hal->hal_data = NULL; 130 | 131 | status = ATCA_SUCCESS; 132 | #endif 133 | break; 134 | } 135 | return status; 136 | } 137 | 138 | /** \brief releases a physical interface, HAL knows how to interpret hal_data 139 | * \param[in] ifacetype - the type of physical interface to release 140 | * \param[in] hal_data - pointer to opaque hal data maintained by HAL implementation for this interface type 141 | */ 142 | 143 | ATCA_STATUS hal_iface_release( ATCAIfaceType ifacetype, void *hal_data ) 144 | { 145 | ATCA_STATUS status = ATCA_GEN_FAIL; 146 | 147 | switch (ifacetype) { 148 | case ATCA_I2C_IFACE: 149 | #ifdef ATCA_HAL_I2C 150 | status = hal_i2c_release(hal_data); 151 | #endif 152 | break; 153 | case ATCA_SWI_IFACE: 154 | #ifdef ATCA_HAL_SWI 155 | status = hal_swi_release(hal_data); 156 | #endif 157 | break; 158 | case ATCA_UART_IFACE: 159 | #ifdef ATCA_HAL_UART 160 | // TODO - release HAL UART 161 | #endif 162 | #ifdef ATCA_HAL_KIT_CDC 163 | status = hal_kit_cdc_release(hal_data); 164 | #endif 165 | break; 166 | case ATCA_SPI_IFACE: 167 | #ifdef ATCA_HAL_SPI 168 | // TODO - release HAL SPI 169 | #endif 170 | break; 171 | case ATCA_HID_IFACE: 172 | #ifdef ATCA_HAL_KIT_HID 173 | status = hal_kit_hid_release(hal_data); 174 | #endif 175 | break; 176 | } 177 | 178 | return status; 179 | } 180 | -------------------------------------------------------------------------------- /src/hal/atca_hal.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief low-level HAL - methods used to setup indirection to physical layer interface 4 | * 5 | * Copyright (c) 2015 Atmel Corporation. All rights reserved. 6 | * 7 | * \atmel_crypto_device_library_license_start 8 | * 9 | * \page License 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions are met: 13 | * 14 | * 1. Redistributions of source code must retain the above copyright notice, 15 | * this list of conditions and the following disclaimer. 16 | * 17 | * 2. Redistributions in binary form must reproduce the above copyright notice, 18 | * this list of conditions and the following disclaimer in the documentation 19 | * and/or other materials provided with the distribution. 20 | * 21 | * 3. The name of Atmel may not be used to endorse or promote products derived 22 | * from this software without specific prior written permission. 23 | * 24 | * 4. This software may only be redistributed and used in connection with an 25 | * Atmel integrated circuit. 26 | * 27 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 28 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 29 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 30 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 31 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 35 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 36 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 | * POSSIBILITY OF SUCH DAMAGE. 38 | * 39 | * \atmel_crypto_device_library_license_stop 40 | */ 41 | 42 | 43 | #ifndef ATCA_HAL_H_ 44 | #define ATCA_HAL_H_ 45 | 46 | #include "atca_status.h" 47 | #include "atca_iface.h" 48 | #include "atca_start_config.h" 49 | #include "atca_start_iface.h" 50 | 51 | /** \defgroup hal_ Hardware abstraction layer (hal_) 52 | * 53 | * \brief 54 | * These methods define the hardware abstraction layer for communicating with a CryptoAuth device 55 | * 56 | @{ */ 57 | 58 | /** \brief an intermediary data structure to allow the HAL layer to point the standard API functions 59 | used by the upper layers to the HAL implementation for the interface. This isolates the upper layers 60 | and loosely couples the ATCAIface object from the physical implementation. 61 | */ 62 | 63 | typedef struct { 64 | // interface is a group of function pointers to a specific HAL implementation for this interface type 65 | // so these function pointers are initialized in the HAL layer in order to help keep the ATCAIface object 66 | // from needing to know the low-level details, including global naming of HAL methods and physical implementation. 67 | ATCA_STATUS (*halinit)(void *hal, ATCAIfaceCfg *cfg); 68 | ATCA_STATUS (*halpostinit)(ATCAIface iface); 69 | ATCA_STATUS (*halsend)(ATCAIface iface, uint8_t *txdata, int txlength); 70 | ATCA_STATUS (*halreceive)(ATCAIface iface, uint8_t* rxdata, uint16_t* rxlength); 71 | ATCA_STATUS (*halwake)(ATCAIface iface); 72 | ATCA_STATUS (*halidle)(ATCAIface iface); 73 | ATCA_STATUS (*halsleep)(ATCAIface iface); 74 | ATCA_STATUS (*halrelease)(void* hal_data); 75 | 76 | void *hal_data; // points to whatever the HAL implementation for this interface wants it to, HAL manages. 77 | } ATCAHAL_t; 78 | 79 | #ifdef __cplusplus 80 | extern "C" { 81 | #endif 82 | 83 | extern ATCA_STATUS hal_iface_init(ATCAIfaceCfg *, ATCAHAL_t* hal); 84 | extern ATCA_STATUS hal_iface_release(ATCAIfaceType, void* hal_data); 85 | 86 | // Added one or more of the following defines to your compiler's defines to include add support for 87 | // that particular interface in your application. For example, if you're writing an I2C to SWI 88 | // bridge, add both ATCA_HAL_I2C and ATCA_HAL_SWI defines to your compiler settings and then 89 | // include implementations for both interfaces in the HAL. 90 | 91 | // At least one of these symbols will be defined in the project or makefile for each application 92 | //#define ATCA_HAL_I2C 93 | //#define ATCA_HAL_SWI 94 | //#define ATCA_HAL_SPI 95 | //#define ATCA_HAL_UART 96 | //#define ATCA_HAL_KIT_HID 97 | //#define ATCA_HAL_KIT_CDC 98 | 99 | // forward declare known physical layer APIs that must be implemented by the HAL layer (./hal/xyz) for this interface type 100 | 101 | #ifdef ATCA_HAL_I2C 102 | ATCA_STATUS hal_i2c_init( void *hal, ATCAIfaceCfg *cfg); 103 | ATCA_STATUS hal_i2c_post_init(ATCAIface iface); 104 | ATCA_STATUS hal_i2c_send(ATCAIface iface, uint8_t *txdata, int txlength); 105 | ATCA_STATUS hal_i2c_receive( ATCAIface iface, uint8_t *rxdata, uint16_t *rxlength); 106 | ATCA_STATUS hal_i2c_wake(ATCAIface iface); 107 | ATCA_STATUS hal_i2c_idle(ATCAIface iface); 108 | ATCA_STATUS hal_i2c_sleep(ATCAIface iface); 109 | ATCA_STATUS hal_i2c_release(void *hal_data ); 110 | ATCA_STATUS hal_i2c_discover_buses(int i2c_buses[], int max_buses); 111 | ATCA_STATUS hal_i2c_discover_devices(int busNum, ATCAIfaceCfg *cfg, int *found ); 112 | #endif 113 | 114 | #ifdef ATCA_HAL_SWI 115 | ATCA_STATUS hal_swi_init(void *hal, ATCAIfaceCfg *cfg); 116 | ATCA_STATUS hal_swi_post_init(ATCAIface iface); 117 | ATCA_STATUS hal_swi_send(ATCAIface iface, uint8_t *txdata, int txlength); 118 | ATCA_STATUS hal_swi_receive( ATCAIface iface, uint8_t *rxdata, uint16_t *rxlength); 119 | ATCA_STATUS hal_swi_wake(ATCAIface iface); 120 | ATCA_STATUS hal_swi_idle(ATCAIface iface); 121 | ATCA_STATUS hal_swi_sleep(ATCAIface iface); 122 | ATCA_STATUS hal_swi_release(void *hal_data ); 123 | ATCA_STATUS hal_swi_discover_buses(int swi_buses[], int max_buses); 124 | ATCA_STATUS hal_swi_discover_devices(int busNum, ATCAIfaceCfg *cfg, int *found); 125 | #endif 126 | 127 | #ifdef ATCA_HAL_UART 128 | ATCA_STATUS hal_uart_init(void *hal, ATCAIfaceCfg *cfg); 129 | ATCA_STATUS hal_uart_post_init(ATCAIface iface); 130 | ATCA_STATUS hal_uart_send(ATCAIface iface, uint8_t *txdata, int txlength); 131 | ATCA_STATUS hal_uart_receive( ATCAIface iface, uint8_t *rxdata, uint16_t *rxlength); 132 | ATCA_STATUS hal_uart_wake(ATCAIface iface); 133 | ATCA_STATUS hal_uart_idle(ATCAIface iface); 134 | ATCA_STATUS hal_uart_sleep(ATCAIface iface); 135 | ATCA_STATUS hal_uart_release(ATCAIface iface); 136 | ATCA_STATUS hal_uart_discover_buses(int uart_buses[], int max_buses); 137 | ATCA_STATUS hal_uart_discover_devices(int busNum, ATCAIfaceCfg *cfg, int *found); 138 | #endif 139 | 140 | #ifdef ATCA_HAL_KIT_CDC 141 | ATCA_STATUS hal_kit_cdc_init(void *hal, ATCAIfaceCfg *cfg); 142 | ATCA_STATUS hal_kit_cdc_post_init(ATCAIface iface); 143 | ATCA_STATUS hal_kit_cdc_send(ATCAIface iface, uint8_t *txdata, int txlength); 144 | ATCA_STATUS hal_kit_cdc_receive( ATCAIface iface, uint8_t *rxdata, uint16_t *rxlength); 145 | ATCA_STATUS hal_kit_cdc_wake(ATCAIface iface); 146 | ATCA_STATUS hal_kit_cdc_idle(ATCAIface iface); 147 | ATCA_STATUS hal_kit_cdc_sleep(ATCAIface iface); 148 | ATCA_STATUS hal_kit_cdc_release(void *hal_data); 149 | ATCA_STATUS hal_kit_cdc_discover_buses(int i2c_buses[], int max_buses); 150 | ATCA_STATUS hal_kit_cdc_discover_devices(int busNum, ATCAIfaceCfg *cfg, int *found); 151 | #endif 152 | 153 | #ifdef ATCA_HAL_KIT_HID 154 | ATCA_STATUS hal_kit_hid_init(void *hal, ATCAIfaceCfg *cfg); 155 | ATCA_STATUS hal_kit_hid_post_init(ATCAIface iface); 156 | ATCA_STATUS hal_kit_hid_send(ATCAIface iface, uint8_t *txdata, int txlength); 157 | ATCA_STATUS hal_kit_hid_receive(ATCAIface iface, uint8_t *rxdata, uint16_t *rxlength); 158 | ATCA_STATUS hal_kit_hid_wake(ATCAIface iface); 159 | ATCA_STATUS hal_kit_hid_idle(ATCAIface iface); 160 | ATCA_STATUS hal_kit_hid_sleep(ATCAIface iface); 161 | ATCA_STATUS hal_kit_hid_release(void *hal_data); 162 | ATCA_STATUS hal_kit_hid_discover_buses(int i2c_buses[], int max_buses); 163 | ATCA_STATUS hal_kit_hid_discover_devices(int busNum, ATCAIfaceCfg *cfg, int *found); 164 | #endif 165 | 166 | /** \brief Timer API implemented at the HAL level */ 167 | void atca_delay_us(uint32_t delay); 168 | void atca_delay_10us(uint32_t delay); 169 | void atca_delay_ms(uint32_t delay); 170 | 171 | #ifdef __cplusplus 172 | } 173 | #endif 174 | 175 | /** @} */ 176 | 177 | #endif /* ATCA_HAL_H_ */ -------------------------------------------------------------------------------- /src/hal/atca_start_config.h: -------------------------------------------------------------------------------- 1 | /* 2 | this is a placeholder include used to satisfy the include 3 | 4 | when used with Atmel START, this file will be overwritten 5 | with the user configuration generated by Atmel START 6 | */ 7 | -------------------------------------------------------------------------------- /src/hal/atca_start_iface.h: -------------------------------------------------------------------------------- 1 | /* 2 | this is a placeholder include used to satisfy the include 3 | 4 | when used with Atmel START, this file will be overwritten 5 | with the user configuration generated by Atmel START 6 | */ -------------------------------------------------------------------------------- /src/hal/hal_samd21_i2c_wire.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include 5 | 6 | #include "atca_hal.h" 7 | #include "atca_device.h" 8 | #include "hal_samd21_i2c_wire.h" 9 | 10 | #define DEBUG_LOG( x ) 11 | 12 | #define WIRE_BUF_MAX (SERIAL_BUFFER_SIZE-1) 13 | 14 | extern "C" ATCA_STATUS hal_i2c_init(void *hal, ATCAIfaceCfg *cfg); 15 | extern "C" ATCA_STATUS hal_i2c_wake(ATCAIface iface); 16 | extern "C" ATCA_STATUS hal_i2c_idle(ATCAIface iface); 17 | extern "C" ATCA_STATUS hal_i2c_release(void *hal_data); 18 | 19 | 20 | static bool wake_complete = false; 21 | 22 | static uint8_t revs508[1][4] = { { 0x00, 0x00, 0x50, 0x00 } }; 23 | static uint8_t revs108[2][4] = { { 0x80, 0x00, 0x10, 0x01 }, 24 | { 0x00, 0x00, 0x10, 0x05 } }; 25 | static uint8_t revs204[3][4] = { { 0x00, 0x02, 0x00, 0x08 }, 26 | { 0x00, 0x02, 0x00, 0x09 }, 27 | { 0x00, 0x04, 0x05, 0x00 } }; 28 | 29 | extern "C" void debug_out(const char *msg, int arg) { 30 | Serial.print(msg); 31 | Serial.println(arg,HEX); 32 | } 33 | 34 | extern "C" ATCA_STATUS hal_i2c_discover_devices(int busNum, ATCAIfaceCfg *cfg, int *found) 35 | { 36 | ATCAIfaceCfg *head = cfg; 37 | uint8_t slaveAddress = 0x01; 38 | ATCADevice device; 39 | ATCAIface discoverIface; 40 | ATCACommand command; 41 | ATCAPacket packet; 42 | uint32_t execution_time; 43 | ATCA_STATUS status; 44 | int i; 45 | 46 | ATCAIfaceCfg discoverCfg; 47 | discoverCfg.iface_type = ATCA_I2C_IFACE; 48 | discoverCfg.devtype = ATECC508A; 49 | discoverCfg.wake_delay = 800; 50 | discoverCfg.rx_retries = 3; 51 | discoverCfg.atcai2c = { 52 | .slave_address = 0x07, 53 | .bus = busNum, 54 | .baud = 400000 55 | }; 56 | 57 | ATCAHAL_t hal; 58 | 59 | hal_i2c_init( &hal, &discoverCfg ); 60 | device = newATCADevice( &discoverCfg ); 61 | discoverIface = atGetIFace( device ); 62 | command = atGetCommands( device ); 63 | 64 | *found = 0; 65 | for ( slaveAddress = 0x07; slaveAddress <= 0x78; slaveAddress++ ) { 66 | discoverCfg.atcai2c.slave_address = slaveAddress << 1; 67 | 68 | if ( hal_i2c_wake( discoverIface ) == ATCA_SUCCESS ) { 69 | (*found)++; 70 | memcpy( (uint8_t*)head, (uint8_t*)&discoverCfg, sizeof(ATCAIfaceCfg)); 71 | head->devtype = ATCA_DEV_UNKNOWN; 72 | 73 | memset( packet.data, 0x00, sizeof(packet.data)); 74 | 75 | atInfo( command, &packet ); 76 | execution_time = atGetExecTime(command, CMD_INFO) + 1; 77 | 78 | if ( (status = atsend( discoverIface, (uint8_t*)&packet, packet.txsize )) != ATCA_SUCCESS ) { 79 | Serial.println("packet send error"); 80 | continue; 81 | } 82 | 83 | atca_delay_ms(execution_time); 84 | 85 | if ( (status = atreceive( discoverIface, &(packet.data[0]), &(packet.rxsize) )) != ATCA_SUCCESS ) 86 | continue; 87 | 88 | if ( (status = isATCAError(packet.data)) != ATCA_SUCCESS ) { 89 | Serial.println("command response error\r\n"); 90 | continue; 91 | } 92 | 93 | for ( i = 0; i < (int)sizeof(revs508) / 4; i++ ) { 94 | if ( memcmp( &packet.data[1], &revs508[i], 4) == 0 ) { 95 | head->devtype = ATECC508A; 96 | break; 97 | } 98 | } 99 | 100 | for ( i = 0; i < (int)sizeof(revs204) / 4; i++ ) { 101 | if ( memcmp( &packet.data[1], &revs204[i], 4) == 0 ) { 102 | head->devtype = ATSHA204A; 103 | break; 104 | } 105 | } 106 | 107 | for ( i = 0; i < (int)sizeof(revs108) / 4; i++ ) { 108 | if ( memcmp( &packet.data[1], &revs108[i], 4) == 0 ) { 109 | head->devtype = ATECC108A; 110 | break; 111 | } 112 | } 113 | 114 | atca_delay_ms(15); 115 | head++; 116 | } 117 | 118 | hal_i2c_idle(discoverIface); 119 | } 120 | 121 | hal_i2c_release(&hal); 122 | 123 | return ATCA_SUCCESS; 124 | } 125 | 126 | extern "C" ATCA_STATUS hal_i2c_init(void *hal, ATCAIfaceCfg *cfg) 127 | { 128 | return ATCA_SUCCESS; 129 | } 130 | 131 | extern "C" ATCA_STATUS hal_i2c_post_init(ATCAIface iface) 132 | { 133 | return ATCA_SUCCESS; 134 | } 135 | 136 | uint8_t send_oversized(uint8_t txAddress, uint8_t *data, int size) 137 | { 138 | if (!PERIPH_WIRE.startTransmissionWIRE(txAddress, WIRE_WRITE_FLAG)) { 139 | PERIPH_WIRE.prepareCommandBitsWire(WIRE_MASTER_ACT_STOP); 140 | return 2 ; // Address error 141 | } 142 | 143 | for (int i = 0; i < size; i++) { 144 | if (!PERIPH_WIRE.sendDataMasterWIRE(data[i])) { 145 | PERIPH_WIRE.prepareCommandBitsWire(WIRE_MASTER_ACT_STOP); 146 | return 3 ; // Nack or error 147 | } 148 | } 149 | 150 | PERIPH_WIRE.prepareCommandBitsWire(WIRE_MASTER_ACT_STOP); 151 | 152 | return 0; 153 | } 154 | 155 | extern "C" ATCA_STATUS hal_i2c_send(ATCAIface iface, uint8_t *txdata, int txlength) 156 | { 157 | int res; 158 | ATCAIfaceCfg *cfg = atgetifacecfg(iface); 159 | 160 | DEBUG_LOG( Serial.print(cfg->atcai2c.slave_address >> 1, HEX); ) 161 | DEBUG_LOG( Serial.print(" > "); ) 162 | 163 | txdata[0] = 0x03; // insert the Word Address Value, Command token 164 | txlength++; 165 | 166 | if (txlength <= WIRE_BUF_MAX) { 167 | Wire.beginTransmission(cfg->atcai2c.slave_address >> 1); 168 | for (uint8_t i = 0; i < txlength; i++) { 169 | if (!Wire.write(txdata[i])) 170 | Serial.println("Wire.write overflow"); 171 | } 172 | res = Wire.endTransmission(); 173 | } else 174 | res = send_oversized(cfg->atcai2c.slave_address >> 1, txdata, txlength); 175 | if (res != 0) 176 | return ATCA_COMM_FAIL; 177 | 178 | DEBUG_LOG( Serial.println(txlength); ) 179 | 180 | return ATCA_SUCCESS; 181 | } 182 | 183 | extern "C" ATCA_STATUS hal_i2c_receive( ATCAIface iface, uint8_t *rxdata, uint16_t *rxlength) 184 | { 185 | ATCAIfaceCfg *cfg = atgetifacecfg(iface); 186 | int retries = cfg->rx_retries; 187 | 188 | DEBUG_LOG( Serial.print(cfg->atcai2c.slave_address >> 1, HEX); ) 189 | DEBUG_LOG( Serial.print(" < "); ) 190 | 191 | // Get length of response 192 | while (Wire.requestFrom(cfg->atcai2c.slave_address >> 1, 1) == 0 && 193 | retries > 0) { 194 | delay(100); 195 | retries--; 196 | } 197 | if (retries < cfg->rx_retries) { 198 | Serial.print(cfg->rx_retries - retries); 199 | Serial.print( " retries"); 200 | } 201 | if (retries == 0) { 202 | Serial.println("no reponse error"); 203 | return ATCA_COMM_FAIL; 204 | } 205 | if (Wire.available() != 1) { 206 | Serial.print("invalid response "); 207 | return ATCA_COMM_FAIL; 208 | } 209 | rxdata[0] = Wire.read(); 210 | 211 | uint8_t bufpos = 1; 212 | uint8_t todo = rxdata[0]-1; 213 | while (todo > 0) { 214 | uint8_t n = todo <= WIRE_BUF_MAX ? todo : WIRE_BUF_MAX; 215 | Wire.requestFrom(cfg->atcai2c.slave_address >> 1, n); 216 | if (Wire.available() != n) { 217 | Serial.println("response size error"); 218 | return ATCA_COMM_FAIL; 219 | } 220 | for (uint8_t i = 0; i < n && bufpos < *rxlength; i++, bufpos++) { 221 | rxdata[bufpos] = Wire.read(); 222 | DEBUG_LOG( Serial.print(":"); ) 223 | DEBUG_LOG( Serial.print(rxdata[bufpos], HEX); ) 224 | } 225 | todo -= n; 226 | } 227 | DEBUG_LOG( Serial.println(); ) 228 | 229 | return ATCA_SUCCESS; 230 | } 231 | 232 | extern "C" ATCA_STATUS hal_i2c_wake(ATCAIface iface) 233 | { 234 | int status; 235 | ATCAIfaceCfg *cfg = atgetifacecfg(iface); 236 | int retries = cfg->rx_retries; 237 | uint8_t data[4], expected[4] = {0x04, 0x11, 0x33, 0x43}; 238 | 239 | DEBUG_LOG( Serial.print("wake "); ) 240 | DEBUG_LOG( Serial.println(cfg->atcai2c.slave_address >> 1, HEX); ) 241 | 242 | Wire.beginTransmission(0x00); 243 | Wire.endTransmission(); 244 | 245 | atca_delay_us(cfg->wake_delay); 246 | 247 | while (Wire.requestFrom(cfg->atcai2c.slave_address >> 1, 4) == 0 && 248 | retries > 0) { 249 | delay(100); 250 | retries--; 251 | } 252 | if (retries == 0) { 253 | Serial.println("no response"); 254 | return ATCA_COMM_FAIL; 255 | } 256 | 257 | if (Wire.available() != 4) { 258 | Serial.print("invalid response "); 259 | Serial.println(Wire.available()); 260 | return ATCA_COMM_FAIL; 261 | } 262 | 263 | if (wake_complete) 264 | return ATCA_SUCCESS; 265 | wake_complete = true; 266 | 267 | for (int i = 0; i < 4; i++) 268 | data[i] = Wire.read(); 269 | if (memcmp(data, expected, 4) == 0) 270 | return ATCA_SUCCESS; 271 | 272 | Serial.print("incorrect response "); 273 | for (int i = 0; i < 4; i++) { 274 | Serial.print(":"); 275 | Serial.print(data[i], HEX); 276 | } 277 | Serial.println(""); 278 | 279 | return ATCA_COMM_FAIL; 280 | } 281 | 282 | extern "C" ATCA_STATUS hal_i2c_idle(ATCAIface iface) 283 | { 284 | ATCAIfaceCfg *cfg = atgetifacecfg(iface); 285 | 286 | DEBUG_LOG( Serial.print("idle "); ) 287 | DEBUG_LOG( Serial.println(cfg->atcai2c.slave_address >> 1, HEX); ) 288 | 289 | Wire.beginTransmission(cfg->atcai2c.slave_address >> 1); 290 | Wire.write(0x02); // idle word address value 291 | Wire.endTransmission(); 292 | wake_complete = false; 293 | 294 | return ATCA_SUCCESS; 295 | } 296 | 297 | extern "C" ATCA_STATUS hal_i2c_sleep(ATCAIface iface) 298 | { 299 | ATCAIfaceCfg *cfg = atgetifacecfg(iface); 300 | 301 | DEBUG_LOG( Serial.print("sleep "); ) 302 | DEBUG_LOG( Serial.println(cfg->atcai2c.slave_address >> 1, HEX); ) 303 | 304 | Wire.beginTransmission(cfg->atcai2c.slave_address >> 1); 305 | Wire.write(0x01); // sleep word address value 306 | Wire.endTransmission(); 307 | wake_complete = false; 308 | 309 | return ATCA_SUCCESS; 310 | } 311 | 312 | extern "C" ATCA_STATUS hal_i2c_release( void *hal_data ) 313 | { 314 | return ATCA_SUCCESS; 315 | } 316 | -------------------------------------------------------------------------------- /src/hal/hal_samd21_i2c_wire.h: -------------------------------------------------------------------------------- 1 | #ifndef HAL_SAMD21_I2C_WIRE_H_ 2 | #define HAL_SAMD21_I2C_WIRE_H_ 3 | 4 | #define MAX_I2C_BUSES 1 5 | 6 | typedef struct atcaI2Cmaster { 7 | int ref_ct; 8 | int bus_index; 9 | } ATCAI2CMaster_t; 10 | 11 | void change_i2c_speed( ATCAIface iface, uint32_t speed ); 12 | 13 | /** @} */ 14 | #endif /* HAL_SAMD21_I2C_WIRE_H_ */ 15 | -------------------------------------------------------------------------------- /src/hal/hal_samd21_timer_wire.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | #include "atca_hal.h" 3 | 4 | extern "C" void atca_delay_ms(uint32_t ms) 5 | { 6 | delay(ms); 7 | } 8 | 9 | extern "C" void atca_delay_us(uint32_t us) 10 | { 11 | delayMicroseconds(us); 12 | } 13 | -------------------------------------------------------------------------------- /src/host/atca_host.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file 3 | * \brief Definitions and Prototypes for ATCA Utility Functions 4 | * \author Atmel Crypto Products 5 | * 6 | * \copyright Copyright (c) 2015 Atmel Corporation. All rights reserved. 7 | * 8 | * \atmel_crypto_device_library_license_start 9 | * 10 | * \page License 11 | * 12 | * Redistribution and use in source and binary forms, with or without 13 | * modification, are permitted provided that the following conditions are met: 14 | * 15 | * 1. Redistributions of source code must retain the above copyright notice, 16 | * this list of conditions and the following disclaimer. 17 | * 18 | * 2. Redistributions in binary form must reproduce the above copyright notice, 19 | * this list of conditions and the following disclaimer in the documentation 20 | * and/or other materials provided with the distribution. 21 | * 22 | * 3. The name of Atmel may not be used to endorse or promote products derived 23 | * from this software without specific prior written permission. 24 | * 25 | * 4. This software may only be redistributed and used in connection with an 26 | * Atmel integrated circuit. 27 | * 28 | * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED 29 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 30 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE 31 | * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR 32 | * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 34 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 36 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 37 | * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 38 | * POSSIBILITY OF SUCH DAMAGE. 39 | * 40 | * \atmel_crypto_device_library_license_stop 41 | */ 42 | 43 | 44 | #ifndef ATCA_HOST_H 45 | # define ATCA_HOST_H 46 | 47 | #include "cryptoauthlib.h" // contains definitions used by chip and these routines 48 | 49 | /** \defgroup atcah Host side crypto methods (atcah_) 50 | * 51 | * \brief 52 | * Use these functions if your system does not use an ATCADevice as a host but 53 | * implements the host in firmware. The functions provide host-side cryptographic functionality 54 | * for an ATECC client device. They are intended to accompany the CryptoAuthLib functions. 55 | * They can be called directly from an application, or integrated into an API. 56 | * 57 | * Modern compilers can garbage-collect unused functions. If your compiler does not support this feature, 58 | * you can just discard this module from your project if you do use an ATECC as a host. Or, if you don't, 59 | * delete the functions you do not use. 60 | @{ */ 61 | 62 | /** \name Definitions for ATECC Message Sizes to Calculate a SHA256 Hash 63 | 64 | * \brief "||" is the concatenation operator. 65 | * The number in braces is the length of the hash input value in bytes. 66 | @{ */ 67 | 68 | //! RandOut{32} || NumIn{20} || OpCode{1} || Mode{1} || LSB of Param2{1} 69 | #define ATCA_MSG_SIZE_NONCE (55) 70 | 71 | 72 | /** \brief (Key or TempKey){32} || (Challenge or TempKey){32} || OpCode{1} || Mode{1} || Param2{2} 73 | || (OTP0_7 or 0){8} || (OTP8_10 or 0){3} || SN8{1} || (SN4_7 or 0){4} || SN0_1{2} || (SN2_3 or 0){2} 74 | */ 75 | #define ATCA_MSG_SIZE_MAC (88) 76 | 77 | /** \brief HMAC = sha(HMAC outer || HMAC inner) 78 | HMAC inner = sha((zero-padded key ^ ipad) || message) 79 | = sha256( 80 | (Key{32} || 0x36{32}) 81 | || 0{32} || Key{32} 82 | || OpCode{1} || Mode{1} || KeyId{2} 83 | || OTP0_7{8} || OTP8_10{3} || SN8{1} || SN4_7{4} || SN0_1{2} || SN2_3{2} 84 | ){32} 85 | */ 86 | #define ATCA_MSG_SIZE_HMAC_INNER (152) 87 | 88 | 89 | /** \brief HMAC = sha(HMAC outer || HMAC inner) 90 | = sha256((Key{32} || 0x5C{32}) || HMAC inner{32}) 91 | */ 92 | #define ATCA_MSG_SIZE_HMAC (96) 93 | 94 | 95 | //! KeyId{32} || OpCode{1} || Param1{1} || Param2{2} || SN8{1} || SN0_1{2} || 0{25} || TempKey{32} 96 | #define ATCA_MSG_SIZE_GEN_DIG (96) 97 | 98 | 99 | //! KeyId{32} || OpCode{1} || Param1{1} || Param2{2} || SN8{1} || SN0_1{2} || 0{25} || TempKey{32} 100 | #define ATCA_MSG_SIZE_DERIVE_KEY (96) 101 | 102 | 103 | //! KeyId{32} || OpCode{1} || Param1{1} || Param2{2} || SN8{1} || SN0_1{2} 104 | #define ATCA_MSG_SIZE_DERIVE_KEY_MAC (39) 105 | 106 | //! KeyId{32} || OpCode{1} || Param1{1} || Param2{2}|| SN8{1} || SN0_1{2} || 0{25} || TempKey{32} 107 | #define ATCA_MSG_SIZE_ENCRYPT_MAC (96) 108 | 109 | //! KeyId{32} || OpCode{1} || Param1{1} || Param2{2}|| SN8{1} || SN0_1{2} || 0{21} || PlainText{36} 110 | #define ATCA_MSG_SIZE_PRIVWRITE_MAC (96) 111 | 112 | #define ATCA_COMMAND_HEADER_SIZE ( 4) 113 | #define ATCA_GENDIG_ZEROS_SIZE (25) 114 | #define ATCA_PRIVWRITE_MAC_ZEROS_SIZE (21) 115 | #define ATCA_PLAIN_TEXT_SIZE (36) 116 | #define ATCA_DERIVE_KEY_ZEROS_SIZE (25) 117 | #define ATCA_OTP_SIZE_8 ( 8) 118 | #define ATCA_OTP_SIZE_3 ( 3) 119 | #define ATCA_SN_SIZE_4 ( 4) 120 | #define ATCA_SN_SIZE_2 ( 2) 121 | #define ATCA_OTHER_DATA_SIZE_2 ( 2) 122 | #define ATCA_OTHER_DATA_SIZE_3 ( 3) 123 | #define ATCA_OTHER_DATA_SIZE_4 ( 4) 124 | #define HMAC_BLOCK_SIZE (64) 125 | /** @} */ 126 | 127 | /** \name Fixed Byte Values of Serial Number (SN[0:1] and SN[8]) 128 | @{ */ 129 | #define ATCA_SN_0 (0x01) 130 | #define ATCA_SN_1 (0x23) 131 | #define ATCA_SN_8 (0xEE) 132 | /** @} */ 133 | 134 | 135 | /** \name Definition for TempKey Mode 136 | @{ */ 137 | //! mode mask for MAC command when using TempKey 138 | #define MAC_MODE_USE_TEMPKEY_MASK ((uint8_t)0x03) 139 | /** @} */ 140 | 141 | #define ATAC_STANDARD_KEY_SIZE 32 142 | 143 | /** \struct atca_temp_key 144 | * \brief Structure to hold TempKey fields 145 | * \var atca_temp_key::value 146 | * \brief The value of TempKey. Nonce (from nonce command) or Digest (from GenDig command) 147 | * \var atca_temp_key::key_id 148 | * \brief If TempKey was generated by GenDig (see the GenData and CheckFlag bits), these bits indicate which key was used in its computation. 149 | * \var atca_temp_key::source_flag 150 | * \brief The source of the randomness in TempKey: 0=Rand, 1=Input. 151 | * \var atca_temp_key::gen_data 152 | * \brief Indicates if TempKey has been generated by GenDig using Data zone. 153 | * \var atca_temp_key::check_flag 154 | * \brief Not used in the library. 155 | * \var atca_temp_key::valid 156 | * \brief Indicates if the information in TempKey is valid. 157 | */ 158 | typedef struct atca_temp_key { 159 | uint8_t value[ATAC_STANDARD_KEY_SIZE]; 160 | unsigned int key_id : 4; 161 | unsigned int source_flag : 1; 162 | unsigned int gen_data : 1; 163 | unsigned int check_flag : 1; 164 | unsigned int valid : 1; 165 | } atca_temp_key_t; 166 | 167 | 168 | /** \struct atca_include_data_in_out 169 | * \brief Input / output parameters for function atca_include_data(). 170 | * \var atca_include_data_in_out::p_temp 171 | * \brief [out] pointer to output buffer 172 | * \var atca_include_data_in_out::otp 173 | * \brief [in] pointer to one-time-programming data 174 | * \var atca_include_data_in_out::sn 175 | * \brief [in] pointer to serial number data 176 | */ 177 | struct atca_include_data_in_out { 178 | uint8_t *p_temp; 179 | const uint8_t *otp; 180 | const uint8_t *sn; 181 | uint8_t mode; 182 | }; 183 | 184 | 185 | /** \struct atca_nonce_in_out 186 | * \brief Input/output parameters for function atca_nonce(). 187 | * \var atca_nonce_in_out::mode 188 | * \brief [in] Mode parameter used in Nonce command (Param1). 189 | * \var atca_nonce_in_out::num_in 190 | * \brief [in] Pointer to 20-byte NumIn data used in Nonce command. 191 | * \var atca_nonce_in_out::rand_out 192 | * \brief [in] Pointer to 32-byte RandOut data from Nonce command. 193 | * \var atca_nonce_in_out::temp_key 194 | * \brief [in,out] Pointer to TempKey structure. 195 | */ 196 | typedef struct atca_nonce_in_out { 197 | uint8_t mode; 198 | const uint8_t *num_in; 199 | uint8_t *rand_out; 200 | struct atca_temp_key *temp_key; 201 | } atca_nonce_in_out_t; 202 | 203 | 204 | /** \struct atca_mac_in_out 205 | * \brief Input/output parameters for function atca_mac(). 206 | * \var atca_mac_in_out::mode 207 | * \brief [in] Mode parameter used in MAC command (Param1). 208 | * \var atca_mac_in_out::key_id 209 | * \brief [in] KeyID parameter used in MAC command (Param2). 210 | * \var atca_mac_in_out::challenge 211 | * \brief [in] Pointer to 32-byte Challenge data used in MAC command, depending on mode. 212 | * \var atca_mac_in_out::key 213 | * \brief [in] Pointer to 32-byte key used to generate MAC digest. 214 | * \var atca_mac_in_out::otp 215 | * \brief [in] Pointer to 11-byte OTP, optionally included in MAC digest, depending on mode. 216 | * \var atca_mac_in_out::sn 217 | * \brief [in] Pointer to 9-byte SN, optionally included in MAC digest, depending on mode. 218 | * \var atca_mac_in_out::response 219 | * \brief [out] Pointer to 32-byte SHA-256 digest (MAC). 220 | * \var atca_mac_in_out::temp_key 221 | * \brief [in,out] Pointer to TempKey structure. 222 | */ 223 | struct atca_mac_in_out { 224 | uint8_t mode; 225 | uint16_t key_id; 226 | const uint8_t *challenge; 227 | const uint8_t *key; 228 | const uint8_t *otp; 229 | const uint8_t *sn; 230 | uint8_t *response; 231 | struct atca_temp_key *temp_key; 232 | }; 233 | 234 | 235 | /** \struct atca_hmac_in_out 236 | * \brief Input/output parameters for function atca_hmac(). 237 | * \var atca_hmac_in_out::mode 238 | * \brief [in] Mode parameter used in HMAC command (Param1). 239 | * \var atca_hmac_in_out::key_id 240 | * \brief [in] KeyID parameter used in HMAC command (Param2). 241 | * \var atca_hmac_in_out::key 242 | * \brief [in] Pointer to 32-byte key used to generate HMAC digest. 243 | * \var atca_hmac_in_out::otp 244 | * \brief [in] Pointer to 11-byte OTP, optionally included in HMAC digest, depending on mode. 245 | * \var atca_hmac_in_out::sn 246 | * \brief [in] Pointer to 9-byte SN, optionally included in HMAC digest, depending on mode. 247 | * \var atca_hmac_in_out::response 248 | * \brief [out] Pointer to 32-byte SHA-256 HMAC digest. 249 | * \var atca_hmac_in_out::temp_key 250 | * \brief [in,out] Pointer to TempKey structure. 251 | */ 252 | struct atca_hmac_in_out { 253 | uint8_t mode; 254 | uint16_t key_id; 255 | const uint8_t *key; 256 | const uint8_t *otp; 257 | const uint8_t *sn; 258 | uint8_t *response; 259 | struct atca_temp_key *temp_key; 260 | }; 261 | 262 | 263 | /** \struct atca_gen_dig_in_out 264 | * \brief Input/output parameters for function atca_gen_dig(). 265 | * \var atca_gen_dig_in_out::zone 266 | * \brief [in] Zone parameter used in GenDig command (Param1). 267 | * \var atca_gen_dig_in_out::key_id 268 | * \brief [in] KeyID parameter used in GenDig command (Param2). 269 | * \var atca_gen_dig_in_out::stored_value 270 | * \brief [in] Pointer to 32-byte stored value, can be a data slot, OTP page, configuration zone, or hardware transport key. 271 | * \var atca_gen_dig_in_out::temp_key 272 | * \brief [in,out] Pointer to TempKey structure. 273 | */ 274 | typedef struct atca_gen_dig_in_out { 275 | uint8_t zone; 276 | uint16_t key_id; 277 | const uint8_t *stored_value; 278 | struct atca_temp_key *temp_key; 279 | } atca_gen_dig_in_out_t; 280 | 281 | /** \struct atca_write_mac_in_out 282 | * \brief Input/output parameters for function atca_auth_mac(). 283 | * \var atca_write_mac_in_out::zone 284 | * \brief [in] Zone parameter used in PrivWrite command (Param1). 285 | * \var atca_write_mac_in_out::key_id 286 | * \brief [in] KeyID parameter used in PrivWrite command (Param2). 287 | * \var atca_write_mac_in_out::encryption_key 288 | * \brief [in] Pointer to 32-byte key. 289 | * \var atca_write_mac_in_out::input_data 290 | * \brief [in] Pointer to 36-byte data value, Input cleartext data. 291 | * \var atca_write_mac_in_out::encrypted_data 292 | * \brief [out] Pointer to 32-byte data. Output encrypted data to MAC command. 293 | * \var atca_write_mac_in_out::auth_mac 294 | * \brief [out] Pointer to 32-byte Mac. 295 | * \var atca_write_mac_in_out::temp_key 296 | * \brief [in,out] Pointer to TempKey structure. 297 | */ 298 | typedef struct atca_write_mac_in_out { 299 | uint8_t zone; 300 | uint16_t key_id; 301 | const uint8_t *encryption_key; 302 | const uint8_t *input_data; 303 | uint8_t *encrypted_data; // out 304 | uint8_t *auth_mac; // out 305 | struct atca_temp_key *temp_key; // in 306 | } atca_write_mac_in_out_t; 307 | 308 | /** \struct atca_derive_key_in_out 309 | * \brief Input/output parameters for function atca_derive_key(). 310 | * \var atca_derive_key_in_out::random 311 | * \brief [in] Random parameter used in DeriveKey command (Param1). 312 | * \var atca_derive_key_in_out::target_key_id 313 | * \brief [in] KeyID to be derived, TargetKey parameter used in DeriveKey command (Param2). 314 | * \var atca_derive_key_in_out::parent_key 315 | * \brief [in] Pointer to 32-byte ParentKey. Set equal to target_key if Roll Key operation is intended. 316 | * \var atca_derive_key_in_out::target_key 317 | * \brief [out] Pointer to 32-byte TargetKey. 318 | * \var atca_derive_key_in_out::temp_key 319 | * \brief [in,out] Pointer to TempKey structure. 320 | */ 321 | struct atca_derive_key_in_out { 322 | uint8_t random; 323 | uint16_t target_key_id; 324 | const uint8_t *parent_key; 325 | uint8_t *target_key; 326 | struct atca_temp_key *temp_key; 327 | }; 328 | 329 | 330 | /** \struct atca_derive_key_mac_in_out 331 | * \brief Input/output parameters for function atca_derive_key_mac(). 332 | * \var atca_derive_key_mac_in_out::random 333 | * \brief [in] Random parameter used in DeriveKey command (Param1). 334 | * \var atca_derive_key_mac_in_out::target_key_id 335 | * \brief [in] KeyID to be derived, TargetKey parameter used in DeriveKey command (Param2). 336 | * \var atca_derive_key_mac_in_out::parent_key 337 | * \brief [in] Pointer to 32-byte ParentKey. ParentKey here is always SlotConfig[TargetKey].WriteKey, regardless whether the operation is Roll or Create. 338 | * \var atca_derive_key_mac_in_out::mac 339 | * \brief [out] Pointer to 32-byte Mac. 340 | */ 341 | struct atca_derive_key_mac_in_out { 342 | uint8_t random; 343 | uint16_t target_key_id; 344 | const uint8_t *parent_key; 345 | uint8_t *mac; 346 | }; 347 | 348 | 349 | /** \struct atca_encrypt_in_out 350 | * \brief Input/output parameters for function atca_encrypt(). 351 | * \var atca_encrypt_in_out::zone 352 | * \brief [in] Zone parameter used in Write (Param1). 353 | * \var atca_encrypt_in_out::address 354 | * \brief [in] Address parameter used in Write command (Param2). 355 | * \var atca_encrypt_in_out::crypto_data 356 | * \brief [in,out] Pointer to 32-byte data. Input cleartext data, output encrypted data to Write command (Value field). 357 | * \var atca_encrypt_in_out::mac 358 | * \brief [out] Pointer to 32-byte Mac. Can be set to NULL if input MAC is not required by the Write command (write to OTP, unlocked user zone). 359 | * \var atca_encrypt_in_out::temp_key 360 | * \brief [in,out] Pointer to TempKey structure. 361 | */ 362 | struct atca_encrypt_in_out { 363 | uint8_t zone; 364 | uint16_t address; 365 | uint8_t *crypto_data; 366 | uint8_t *mac; 367 | struct atca_temp_key *temp_key; 368 | }; 369 | 370 | 371 | /** \struct atca_decrypt_in_out 372 | * \brief Input/output parameters for function atca_decrypt(). 373 | * \var atca_decrypt_in_out::crypto_data 374 | * \brief [in,out] Pointer to 32-byte data. Input encrypted data from Read command (Contents field), output decrypted. 375 | * \var atca_decrypt_in_out::temp_key 376 | * \brief [in,out] Pointer to TempKey structure. 377 | */ 378 | struct atca_decrypt_in_out { 379 | uint8_t *crypto_data; 380 | struct atca_temp_key *temp_key; 381 | }; 382 | 383 | 384 | /** \struct atca_check_mac_in_out 385 | * \brief Input/output parameters for function atca_check_mac(). 386 | * \var atca_check_mac_in_out::mode 387 | * \brief [in] Mode parameter used in CheckMac command (Param1). 388 | * \var atca_check_mac_in_out::password 389 | * \brief [in] Pointer to 32-byte password that will be verified against Key[KeyID] in the Device. 390 | * \var atca_check_mac_in_out::other_data 391 | * \brief [in] Pointer to 13-byte OtherData that will be used in CheckMac command. 392 | * \var atca_check_mac_in_out::otp 393 | * \brief [in] Pointer to 11-byte OTP. OTP[0:7] is included in the calculation if Mode bit 5 is one. 394 | * \var atca_check_mac_in_out::target_key 395 | * \brief [in] Pointer to 32-byte TargetKey that will be copied to TempKey. 396 | * \var atca_check_mac_in_out::client_resp 397 | * \brief [out] Pointer to 32-byte ClientResp to be used in CheckMac command. 398 | * \var atca_check_mac_in_out::temp_key 399 | * \brief [in,out] Pointer to TempKey structure. 400 | */ 401 | struct atca_check_mac_in_out { 402 | uint8_t mode; 403 | const uint8_t *password; 404 | const uint8_t *other_data; 405 | const uint8_t *otp; 406 | const uint8_t *target_key; 407 | uint8_t *client_resp; 408 | struct atca_temp_key *temp_key; 409 | }; 410 | 411 | 412 | /** \struct atca_verify_in_out 413 | * \brief Input/output parameters for function atca_verify(). 414 | * \var atca_verify_in_out::curve_type 415 | * \brief [in] Curve type used in Verify command (Param2). 416 | * \var atca_verify_in_out::signature 417 | * \brief [in] Pointer to ECDSA signature to be verified 418 | * \var atca_verify_in_out::public_key 419 | * \brief [in] Pointer to the public key to be used for verification 420 | * \var atca_verify_in_out::temp_key 421 | * \brief [in,out] Pointer to TempKey structure. 422 | */ 423 | struct atca_verify_in_out { 424 | uint16_t curve_type; 425 | const uint8_t *signature; 426 | const uint8_t *public_key; 427 | struct atca_temp_key *temp_key; 428 | }; 429 | 430 | #ifdef __cplusplus 431 | extern "C" { 432 | #endif 433 | 434 | ATCA_STATUS atcah_nonce(struct atca_nonce_in_out *param); 435 | ATCA_STATUS atcah_mac(struct atca_mac_in_out *param); 436 | ATCA_STATUS atcah_check_mac(struct atca_check_mac_in_out *param); 437 | ATCA_STATUS atcah_hmac(struct atca_hmac_in_out *param); 438 | ATCA_STATUS atcah_gen_dig(struct atca_gen_dig_in_out *param); 439 | ATCA_STATUS atcah_gen_mac(struct atca_gen_dig_in_out *param); 440 | ATCA_STATUS atcah_write_auth_mac(struct atca_write_mac_in_out *param); 441 | ATCA_STATUS atcah_privwrite_auth_mac(struct atca_write_mac_in_out *param); 442 | ATCA_STATUS atcah_derive_key(struct atca_derive_key_in_out *param); 443 | ATCA_STATUS atcah_derive_key_mac(struct atca_derive_key_mac_in_out *param); 444 | ATCA_STATUS atcah_encrypt(struct atca_encrypt_in_out *param); 445 | ATCA_STATUS atcah_decrypt(struct atca_decrypt_in_out *param); 446 | ATCA_STATUS atcah_sha256(int32_t len, const uint8_t *message, uint8_t *digest); 447 | uint8_t *atcah_include_data(struct atca_include_data_in_out *param); 448 | 449 | #ifdef __cplusplus 450 | } 451 | #endif 452 | 453 | /** @} */ 454 | 455 | #endif //ATCA_HOST_H 456 | --------------------------------------------------------------------------------