-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pkg/cryptoauthlib: Update package to latest version #18137
pkg/cryptoauthlib: Update package to latest version #18137
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tested on nrf52840dk + ATECC608A
- tests/pkg_cryptoauthlib_internal-test: success.
There is an increase in memory of 36 Bytes in.data
segment and 1192 Bytes in.text
. I think it is fine (given the new functionalities) but maybe you want to leave a note in the PR discription what this functionality is.
tests/pkg_cryptoauthlib_internal-tests
# main(): This is RIOT! (Version: 2022.04-devel-1679-g795b9-HEAD)
#
# Device Selected.
#
#
# Unity test run 1 of 1
# TEST(atca_cmd_basic_test, version) PASS
# TEST(atca_cmd_basic_test, init) PASS
# TEST(atca_cmd_basic_test, doubleinit) PASS
# TEST(atca_cmd_basic_test, info) PASS
# TEST(atca_cmd_basic_test, volatile_key_permit)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_aes.c:307::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, aes_gfm) PASS
# TEST(atca_cmd_basic_test, aes_encrypt_key_tempkey) PASS
# TEST(atca_cmd_basic_test, aes_decrypt_key_tempkey) PASS
# TEST(atca_cmd_basic_test, aes_encrypt_key_slot)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_aes.c:152::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, aes_decrypt_key_slot)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_aes.c:214::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, aes_cbc_encrypt_block) PASS
# TEST(atca_cmd_basic_test, aes_cbc_decrypt_block) PASS
# TEST(atca_cmd_basic_test, aes_cmac) PASS
# TEST(atca_cmd_basic_test, aes_ctr_encrypt_block) PASS
# TEST(atca_cmd_basic_test, aes_ctr_decrypt_block) PASS
# TEST(atca_cmd_basic_test, aes_ctr_increment) PASS
# TEST(atca_cmd_basic_test, aes_cbc_mac) PASS
# TEST(atca_cmd_basic_test, aes_gcm_nist_vectors) PASS
# TEST(atca_cmd_basic_test, aes_gcm_encrypt_partial_blocks) PASS
# TEST(atca_cmd_basic_test, aes_gcm_decrypt_partial_blocks) PASS
# TEST(atca_cmd_basic_test, aes_gcm_encrypt_cavp_vectors)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_aes_gcm.c:428::IGNORE: Test only available under windows.
# TEST(atca_cmd_basic_test, aes_gcm_decrypt_cavp_vectors)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_aes_gcm.c:543::IGNORE: Test only available under windows.
# TEST(atca_cmd_basic_test, aes_ccm_auth_encrypt) PASS
# TEST(atca_cmd_basic_test, aes_ccm_auth_encrypt_partial) PASS
# TEST(atca_cmd_basic_test, aes_ccm_auth_decrypt) PASS
# TEST(atca_cmd_basic_test, aes_ccm_auth_decrypt_partial) PASS
# TEST(atca_cmd_basic_test, verify_extern) PASS
# TEST(atca_cmd_basic_test, verify_extern_mac)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_verify.c:97::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, verify_stored)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_verify.c:132::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, verify_stored_mac)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_verify.c:190::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, verify_validate)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_verify.c:249::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, verify_invalidate)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_verify.c:249::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, derivekey)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_derivekey.c:99::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, derivekey_mac)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_derivekey.c:196::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, sha) PASS
# TEST(atca_cmd_basic_test, sha_long) PASS
# TEST(atca_cmd_basic_test, sha_short) PASS
# TEST(atca_cmd_basic_test, sha2_256_nist1) PASS
# TEST(atca_cmd_basic_test, sha2_256_nist2) PASS
# TEST(atca_cmd_basic_test, sha2_256_nist_short)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_sha.c:266::IGNORE: Test only available under windows.
# TEST(atca_cmd_basic_test, sha_context) PASS
# TEST(atca_cmd_basic_test, sha_hmac)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_sha.c:562::FAIL: Memory Mismatch. Byte 0 Expected 0x29 Was 0x32
# TEST(atca_cmd_basic_test, sha_hmac_tempkey) PASS
# TEST(atca_cmd_basic_test, sign) PASS
# TEST(atca_cmd_basic_test, sign_internal)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_sign.c:144::FAIL: Expected 1 Was 0
# TEST(atca_cmd_basic_test, read_sig)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_sign.c:150::IGNORE: Pending
# TEST(atca_cmd_basic_test, mac_key_challenge)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_mac.c:70::FAIL: Memory Mismatch. Byte 0 Expected 0x82 Was 0x2C
# TEST(atca_cmd_basic_test, mac_key_tempkey)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_mac.c:127::FAIL: Memory Mismatch. Byte 0 Expected 0x5E Was 0x02
# TEST(atca_cmd_basic_test, mac_tempkey_challenge) PASS
# TEST(atca_cmd_basic_test, mac_tempkey_tempkey) PASS
# TEST(atca_cmd_basic_test, checkmac)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_mac.c:327::FAIL: Expected 0 Was 209
# TEST(atca_cmd_basic_test, ecdh)alice slot 0 pubkey:
# 10 02 4A 4E A3 03 0B 1F 8F 9E C8 67 D5 9E 9E A4
# 8B C8 D9 7C 1A EB 0C 33 FF A8 F1 1C 56 A7 6E 3E
# F8 5C 3F F7 08 D2 BC 8D EE CD C1 CB B5 42 22 EB
# 83 B9 70 8B F9 9A 1C 5C EB 6F 04 9B C3 2C F0 22
# bob slot 2 pubkey:
# 19 F8 6E 13 F3 7F 7F 2A BA BA A6 E3 73 5E 66 1D
# C4 73 9D 58 E5 86 EC 98 52 6E 3F 83 5E 82 B3 A3
# 32 F6 64 05 F8 48 84 C7 B0 1C F8 44 E2 51 84 4C
# DE D8 6A 01 13 69 36 6F 23 AC CD 4B 0A 00 DB 31
# /media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_ecdh.c:86::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, ecdh_protection_key)alice pubkey:
# FA F4 4F 18 AB 76 EE 32 13 E7 84 4C A7 88 5A C8
# 88 1F C8 7B D7 89 A7 0B E3 12 BB 86 10 EA 50 72
# 9C EA 24 B0 9E 50 19 92 B9 52 75 F9 CE 47 70 D0
# FF 66 94 70 B5 61 2A 2B C0 15 DB 89 3A 84 7A 0E
# bob slot 2 pubkey:
# 78 C9 71 7B 8C 64 A3 C4 61 00 C1 33 F9 32 53 DD
# D0 CC 39 21 2F C4 E9 1F AF B0 8F 16 59 53 B1 57
# 0C 54 28 E5 B8 10 E2 35 60 2C B4 8F F4 A2 A5 8D
# 4D E9 C5 11 27 B6 DB 36 F5 3E FD 62 2B BD 17 DE
# alice's pms:
# 4F 86 2E 27 89 3E B5 C3 ED 91 7C 13 4B 67 E0 07
# 10 62 BD 9F 77 E5 DF AE E6 F2 8B 00 E7 DC 16 56
# bob's decrypted pms:
# 2D B3 15 BC 4C 46 B8 11 A1 1D 5D 73 01 F8 81 F7
# 85 26 62 7C D7 5C 30 F3 C0 78 01 0B 85 62 B6 6C
# /media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_ecdh.c:262::FAIL: Memory Mismatch. Byte 0 Expected 0x4F Was 0x2D
# TEST(atca_cmd_basic_test, write_boundary_conditions)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:294::IGNORE: Data zone must be unlocked for this test.
# TEST(atca_cmd_basic_test, write_invalid_block)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:294::IGNORE: Data zone must be unlocked for this test.
# TEST(atca_cmd_basic_test, write_invalid_block_len)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:294::IGNORE: Data zone must be unlocked for this test.
# TEST(atca_cmd_basic_test, write_bytes_zone_config)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:268::IGNORE: Config zone must be unlocked for this test.
# TEST(atca_cmd_basic_test, write_otp_zone_nolock)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:294::IGNORE: Data zone must be unlocked for this test.
# TEST(atca_cmd_basic_test, write_otp_zone_nolock_check)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:264::IGNORE: test_basic_write_otp_zone_nolock() wasn't run beforehand.
# TEST(atca_cmd_basic_test, write_otp_zone) PASS
# TEST(atca_cmd_basic_test, write_slot4_key)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:382::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, write_data_zone_blocks) PASS
# TEST(atca_cmd_basic_test, write_enc)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:483::FAIL: Memory Mismatch. Byte 0 Expected 0xB6 Was 0x4B
# TEST(atca_cmd_basic_test, write_enc_data_unlock)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:294::IGNORE: Data zone must be unlocked for this test.
# TEST(atca_cmd_basic_test, write_zone) PASS
# TEST(atca_cmd_basic_test, write_config_zone)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:268::IGNORE: Config zone must be unlocked for this test.
# TEST(atca_cmd_basic_test, write_pubkey)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:612::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, read_zone) PASS
# TEST(atca_cmd_basic_test, read_config_zone)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_read.c:107::FAIL: Memory Mismatch. Byte 2 Expected 0xA1 Was 0x00
# TEST(atca_cmd_basic_test, read_otp_zone) PASS
# TEST(atca_cmd_basic_test, read_data_zone) PASS
# TEST(atca_cmd_basic_test, genkey) PASS
# TEST(atca_cmd_basic_test, get_pubkey) PASS
# TEST(atca_cmd_basic_test, priv_write_unencrypted)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_privwrite.c:294::IGNORE: Data zone must be unlocked for this test.
# TEST(atca_cmd_basic_test, priv_write_encrypted)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_privwrite.c:91::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, lock_data_slot)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_lock.c:79::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, kdf_prf_output)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_kdf.c:93::FAIL: Expected 0 Was 210
# TEST(atca_cmd_basic_test, kdf_prf_output_encrypted)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_kdf.c:138::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, kdf_aes_output)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_kdf.c:182::FAIL: Expected 0 Was 210
# TEST(atca_cmd_basic_test, kdf_aes_output_encrypted)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_kdf.c:255::FAIL: Expected 0 Was 210
# TEST(atca_cmd_basic_test, kdf_hkdf_output)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_kdf.c:340::FAIL: Expected 0 Was 210
# TEST(atca_cmd_basic_test, kdf_hkdf_output_encrypted)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_kdf.c:402::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, sboot_digest)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_secureboot.c:86::FAIL: Expected 0 Was 210
# TEST(atca_cmd_basic_test, sboot_digest_full_encrypted)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_secureboot.c:127::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, sboot_digest_fullstore_encrypted)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_secureboot.c:160::FAIL: Expected 0 Was 244
# TEST(atca_cmd_basic_test, selftest_individual) PASS
# TEST(atca_cmd_basic_test, selftest_all) PASS
# TEST(atca_cmd_basic_test, gendig_config_otp_data)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_gendig.c:356::FAIL: Memory Mismatch. Byte 0 Expected 0xC3 Was 0x7F
# TEST(atca_cmd_basic_test, gendig_counter)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_gendig.c:267::FAIL: Memory Mismatch. Byte 0 Expected 0xED Was 0xE9
# TEST(atca_cmd_basic_test, gendig_keyconfig)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_gendig.c:190::FAIL: Memory Mismatch. Byte 0 Expected 0x06 Was 0xA9
# TEST(atca_cmd_basic_test, gendig_shared_nonce)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_gendig.c:107::FAIL: Memory Mismatch. Byte 0 Expected 0xBA Was 0x20
# TEST(atca_cmd_basic_test, random) PASS
# TEST(atca_cmd_basic_test, challenge) PASS
# TEST(atca_cmd_basic_test, counter_write_test)/media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_counter.c:268::IGNORE: Config zone must be unlocked for this test.
# TEST(atca_cmd_basic_test, counter_test) PASS
# TEST(atca_cmd_basic_test, counter_match)Starting counter 0: 63
# Incrementing counter 0 to 32-byte boundary: 63
# Setting counter match to: 64
# Counter 0 after successful sign: 63
# /media/DATA/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_counter.c:124::FAIL: Expected 64 Was 63
#
# -----------------------
# 96 Tests 37 Failures 14 Ignored
# FAIL
-> Test output looks much different than before and has 37 failures. Might be related to the device configuraiton. Could you please give it a look?
@@ -11,5 +12,6 @@ BOARD_BLACKLIST := stk3200 stk3600 stk3700 | |||
CFLAGS += -DDO_NOT_TEST_CERT | |||
USEPKG += cryptoauthlib | |||
USEMODULE += cryptoauthlib_test | |||
USEMODULE += embunit |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Needed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
About the overhead: The library now comes with an additional API to allow for the use of multiple devices in parallel. They added a bunch of test cases for that API and restructured the tests in general, resulting in more code.
I'll add that to the description.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
And no, apparently not needed. I'll remove that.
@@ -30,4 +30,4 @@ BOARD_INSUFFICIENT_MEMORY := \ | |||
stm32f7508-dk \ | |||
waspmote-pro \ | |||
zigduino \ | |||
# | |||
# |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add blank line
pkg/cryptoauthlib/Makefile
Outdated
@@ -1,6 +1,6 @@ | |||
PKG_NAME=cryptoauthlib | |||
PKG_URL=https://github.com/MicrochipTech/cryptoauthlib | |||
PKG_VERSION=af8187776cd3f3faf8bed412eaf6ff7221862e19 | |||
PKG_VERSION=9a37b8d685c351faed720d18d9610345bdaf20b0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What do you think about checking out a release?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How can I do that? Add the tag instead of the commit number?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think that should be possible, yes. Otherwise, use that commit hash.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, I like stating SHA1. Tags could be relocated - even though it's considered to be evil ;-)
select MODULE_CRYPTOAUTHLIB_TEST_API_ATCAB | ||
select MODULE_CRYPTOAUTHLIB_TEST_API_CALIB | ||
select MODULE_CRYPTOAUTHLIB_TEST_API_CRYPTO | ||
select MODULE_CRYPTOAUTHLIB_TEST_VECTORS |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you quickly explain what this is doing? Where is it utilized?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The library contains folders for different tests for all the APIs (eg. test/api/atcab, test/api/calib, etc).
For each test folder a module needs to be defined.
When building the tests with Kconfig, we need to select all the modules we want to build. Otherwise the functions are not built and linked correctly.
@@ -53,15 +54,15 @@ extern "C" { | |||
#define ATCA_RX_RETRIES (20) | |||
#endif | |||
#ifndef ATCA_DEVTYPE | |||
#define ATCA_DEVTYPE (ATECC508A) | |||
#define ATCA_DEVTYPE (ATECC608A) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is good but I just realized that this conflicts with the SAML11 boards that contain a ATECC508A (and don't expose it). Could you please include explicit parameters to the board.h file of the SAMLs please
For better analysis of the new unit test failures, this is the test output of the same device tests/pkg_cryptoauthlib_internal-tests on current master
|
As you already guessed, the devices we have at the office are configured and locked in a way that is not compatible with the tests. They use specific key slots, which need to be configured in a certain way, to work for the test cases (eg. AES tests pass, when using the TempKey register, but fail when using a key slot). |
Can you suggest a configuration (deselecting test modules via Kconfig) that should let our devices pass? If this is possible, it might be worth a note in the test README |
I checked the test configuration and as far as I can see, this is not possible. When testing the basic API, all tests are run and as for now there is no way to only test some things. |
boards/common/saml1x/include/board.h
Outdated
* @brief ATCA device type on SAML11 XPro boards | ||
* @{ | ||
*/ | ||
#if BOARD_SAML11_XPRO |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
use #ifdef
/* #undef ATCA_NO_POLL */ | ||
|
||
|
||
/* \brief How long to wait after an initial wake failure for the POST to |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- Use
@brief
- I don't understand this documentation, please rephrase
- This seems to be a configuration value, shouldn't it be exposed via Kconfig?
#endif | ||
|
||
#define ATCA_PRINTF | ||
#define ATCA_USE_ATCAB_FUNCTIONS |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In case these defines are actually required, please document them briefly.
#define ATCA_PLATFORM_MALLOC malloc | ||
#define ATCA_PLATFORM_FREE free | ||
|
||
#define atca_delay_ms hal_delay_ms |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Document
+target_include_directories(cryptoauth PUBLIC ${CMAKE_CURRENT_BINARY_DIR} ${CMAKE_CURRENT_SOURCE_DIR} ../app/tng ../third_party ../third_party/hidapi/hidapi ${USB_INCLUDE_DIR}) | ||
|
||
if(ATCA_MBEDTLS) | ||
target_link_libraries(cryptoauth mbedtls) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is this doing? AFAIK there is some mbedtls software backend behind the cryptoauthlib APIs. Do we really want that?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The mbedtls line has nothing to do with my changes. It is part of the cryptoauthlib CMakeLists file and apparently it got written into the patch when I generated it with Git.
It is there because cryptoauthlib provides alternative implementations of the mbedtls ECDH and ECDSA operations with the cryptoauth driver as the backend.
@@ -2,6 +2,7 @@ BOARD ?= nucleo-f767zi | |||
|
|||
include ../Makefile.tests_common | |||
|
|||
CFLAGS += -DTHREAD_STACKSIZE_MAIN=\(4*THREAD_STACKSIZE_DEFAULT\) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just out of curiosity, how much stack does the test require, have you checked that?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
2652 Bytes. I'll reduce it to 3*THREAD_STACKSIZE_DEFAULT.
please do
Think it could make sense to add a README to the test, what do you think? |
test output on nrf52840dk + atecc608a
|
I did. It's additional APIs and new test cases.
Sure |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fine with me! Please squash.
tests/pkg_cryptoauthlib_compare_sha25 on saml11-xpro (includes atecc508)
2022-06-28 19:55:44,853 # main(): This is RIOT! (Version: 2022.04-devel-1683-g683a1-HEAD)
2022-06-28 19:55:44,855 # RIOT SHA256: Success
2022-06-28 19:55:44,879 # ATCA SHA256: Success
tests/pkg_cryptoauthlib_internal-tests on nrf52840dk + atecc608a
2022-06-28 19:58:27,570 # main(): This is RIOT! (Version: 2022.04-devel-1683-g683a1-HEAD)
2022-06-28 19:58:27,571 #
2022-06-28 19:58:27,572 # Device Selected.
2022-06-28 19:58:27,573 #
2022-06-28 19:58:27,573 #
2022-06-28 19:58:27,591 # Unity test run 1 of 1
2022-06-28 19:58:27,605 # TEST(atca_cmd_basic_test, version) PASS
2022-06-28 19:58:27,619 # TEST(atca_cmd_basic_test, init) PASS
2022-06-28 19:58:27,654 # TEST(atca_cmd_basic_test, doubleinit) PASS
2022-06-28 19:58:27,673 # TEST(atca_cmd_basic_test, info) PASS
2022-06-28 19:58:27,726 # TEST(atca_cmd_basic_test, volatile_key_permit)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_aes.c:307::FAIL: Expected 0 Was 244
2022-06-28 19:58:27,750 # TEST(atca_cmd_basic_test, aes_gfm) PASS
2022-06-28 19:58:27,922 # TEST(atca_cmd_basic_test, aes_encrypt_key_tempkey) PASS
2022-06-28 19:58:28,130 # TEST(atca_cmd_basic_test, aes_decrypt_key_tempkey) PASS
2022-06-28 19:58:28,210 # TEST(atca_cmd_basic_test, aes_encrypt_key_slot)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_aes.c:152::FAIL: Expected 0 Was 244
2022-06-28 19:58:28,290 # TEST(atca_cmd_basic_test, aes_decrypt_key_slot)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_aes.c:214::FAIL: Expected 0 Was 244
2022-06-28 19:58:28,360 # TEST(atca_cmd_basic_test, aes_cbc_encrypt_block) PASS
2022-06-28 19:58:28,439 # TEST(atca_cmd_basic_test, aes_cbc_decrypt_block) PASS
2022-06-28 19:58:28,882 # TEST(atca_cmd_basic_test, aes_cmac) PASS
2022-06-28 19:58:28,952 # TEST(atca_cmd_basic_test, aes_ctr_encrypt_block) PASS
2022-06-28 19:58:29,022 # TEST(atca_cmd_basic_test, aes_ctr_decrypt_block) PASS
2022-06-28 19:58:29,091 # TEST(atca_cmd_basic_test, aes_ctr_increment) PASS
2022-06-28 19:58:29,288 # TEST(atca_cmd_basic_test, aes_cbc_mac) PASS
2022-06-28 19:58:32,879 # TEST(atca_cmd_basic_test, aes_gcm_nist_vectors) PASS
2022-06-28 19:58:33,223 # TEST(atca_cmd_basic_test, aes_gcm_encrypt_partial_blocks) PASS
2022-06-28 19:58:33,567 # TEST(atca_cmd_basic_test, aes_gcm_decrypt_partial_blocks) PASS
2022-06-28 19:58:33,593 # TEST(atca_cmd_basic_test, aes_gcm_encrypt_cavp_vectors)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_aes_gcm.c:428::IGNORE: Test only available under windows.
2022-06-28 19:58:33,619 # TEST(atca_cmd_basic_test, aes_gcm_decrypt_cavp_vectors)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_aes_gcm.c:543::IGNORE: Test only available under windows.
2022-06-28 19:58:33,823 # TEST(atca_cmd_basic_test, aes_ccm_auth_encrypt) PASS
2022-06-28 19:58:34,027 # TEST(atca_cmd_basic_test, aes_ccm_auth_encrypt_partial) PASS
2022-06-28 19:58:34,230 # TEST(atca_cmd_basic_test, aes_ccm_auth_decrypt) PASS
2022-06-28 19:58:34,434 # TEST(atca_cmd_basic_test, aes_ccm_auth_decrypt_partial) PASS
2022-06-28 19:58:34,739 # TEST(atca_cmd_basic_test, verify_extern) PASS
2022-06-28 19:58:35,016 # TEST(atca_cmd_basic_test, verify_extern_mac)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_verify.c:97::FAIL: Expected 0 Was 244
2022-06-28 19:58:35,143 # TEST(atca_cmd_basic_test, verify_stored)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_verify.c:132::FAIL: Expected 0 Was 244
2022-06-28 19:58:35,491 # TEST(atca_cmd_basic_test, verify_stored_mac)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_verify.c:190::FAIL: Expected 0 Was 244
2022-06-28 19:58:35,651 # TEST(atca_cmd_basic_test, verify_validate)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_verify.c:249::FAIL: Expected 0 Was 244
2022-06-28 19:58:35,812 # TEST(atca_cmd_basic_test, verify_invalidate)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_verify.c:249::FAIL: Expected 0 Was 244
2022-06-28 19:58:35,939 # TEST(atca_cmd_basic_test, derivekey)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_derivekey.c:99::FAIL: Expected 0 Was 244
2022-06-28 19:58:36,007 # TEST(atca_cmd_basic_test, derivekey_mac)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_derivekey.c:196::FAIL: Expected 0 Was 244
2022-06-28 19:58:36,097 # TEST(atca_cmd_basic_test, sha) PASS
2022-06-28 19:58:36,146 # TEST(atca_cmd_basic_test, sha_long) PASS
2022-06-28 19:58:36,176 # TEST(atca_cmd_basic_test, sha_short) PASS
2022-06-28 19:58:36,205 # TEST(atca_cmd_basic_test, sha2_256_nist1) PASS
2022-06-28 19:58:36,242 # TEST(atca_cmd_basic_test, sha2_256_nist2) PASS
2022-06-28 19:58:36,267 # TEST(atca_cmd_basic_test, sha2_256_nist_short)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_sha.c:266::IGNORE: Test only available under windows.
2022-06-28 19:58:36,390 # TEST(atca_cmd_basic_test, sha_context) PASS
2022-06-28 19:58:36,461 # TEST(atca_cmd_basic_test, sha_hmac)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_sha.c:562::FAIL: Memory Mismatch. Byte 0 Expected 0x29 Was 0x32
2022-06-28 19:58:36,527 # TEST(atca_cmd_basic_test, sha_hmac_tempkey) PASS
2022-06-28 19:58:36,814 # TEST(atca_cmd_basic_test, sign) PASS
2022-06-28 19:58:37,140 # TEST(atca_cmd_basic_test, sign_internal)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_sign.c:144::FAIL: Expected 1 Was 0
2022-06-28 19:58:37,162 # TEST(atca_cmd_basic_test, read_sig)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_sign.c:150::IGNORE: Pending
2022-06-28 19:58:37,238 # TEST(atca_cmd_basic_test, mac_key_challenge)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_mac.c:70::FAIL: Memory Mismatch. Byte 0 Expected 0xDD Was 0xD4
2022-06-28 19:58:37,316 # TEST(atca_cmd_basic_test, mac_key_tempkey)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_mac.c:127::FAIL: Memory Mismatch. Byte 0 Expected 0xA2 Was 0xE7
2022-06-28 19:58:37,401 # TEST(atca_cmd_basic_test, mac_tempkey_challenge) PASS
2022-06-28 19:58:37,472 # TEST(atca_cmd_basic_test, mac_tempkey_tempkey) PASS
2022-06-28 19:58:37,600 # TEST(atca_cmd_basic_test, checkmac)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_mac.c:327::FAIL: Expected 0 Was 209
2022-06-28 19:58:37,814 # TEST(atca_cmd_basic_test, ecdh)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_ecdh.c:86::FAIL: Expected 0 Was 244
2022-06-28 19:58:38,106 # TEST(atca_cmd_basic_test, ecdh_protection_key)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_ecdh.c:262::FAIL: Memory Mismatch. Byte 0 Expected 0x9D Was 0x34
2022-06-28 19:58:38,144 # TEST(atca_cmd_basic_test, write_boundary_conditions)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:294::IGNORE: Data zone must be unlocked for this test.
2022-06-28 19:58:38,181 # TEST(atca_cmd_basic_test, write_invalid_block)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:294::IGNORE: Data zone must be unlocked for this test.
2022-06-28 19:58:38,219 # TEST(atca_cmd_basic_test, write_invalid_block_len)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:294::IGNORE: Data zone must be unlocked for this test.
2022-06-28 19:58:38,252 # TEST(atca_cmd_basic_test, write_bytes_zone_config)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:268::IGNORE: Config zone must be unlocked for this test.
2022-06-28 19:58:38,290 # TEST(atca_cmd_basic_test, write_otp_zone_nolock)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:294::IGNORE: Data zone must be unlocked for this test.
2022-06-28 19:58:38,318 # TEST(atca_cmd_basic_test, write_otp_zone_nolock_check)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:264::IGNORE: test_basic_write_otp_zone_nolock() wasn't run beforehand.
2022-06-28 19:58:38,350 # TEST(atca_cmd_basic_test, write_otp_zone) PASS
2022-06-28 19:58:38,388 # TEST(atca_cmd_basic_test, write_slot4_key)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:382::FAIL: Expected 0 Was 244
2022-06-28 19:58:38,628 # TEST(atca_cmd_basic_test, write_data_zone_blocks) PASS
2022-06-28 19:58:38,796 # TEST(atca_cmd_basic_test, write_enc)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:483::FAIL: Memory Mismatch. Byte 0 Expected 0xAF Was 0xAE
2022-06-28 19:58:38,835 # TEST(atca_cmd_basic_test, write_enc_data_unlock)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:294::IGNORE: Data zone must be unlocked for this test.
2022-06-28 19:58:38,849 # TEST(atca_cmd_basic_test, write_zone) PASS
2022-06-28 19:58:38,881 # TEST(atca_cmd_basic_test, write_config_zone)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:268::IGNORE: Config zone must be unlocked for this test.
2022-06-28 19:58:38,919 # TEST(atca_cmd_basic_test, write_pubkey)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_write.c:612::FAIL: Expected 0 Was 244
2022-06-28 19:58:38,956 # TEST(atca_cmd_basic_test, read_zone) PASS
2022-06-28 19:58:39,015 # TEST(atca_cmd_basic_test, read_config_zone)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_read.c:107::FAIL: Memory Mismatch. Byte 2 Expected 0xA1 Was 0x00
2022-06-28 19:58:39,052 # TEST(atca_cmd_basic_test, read_otp_zone) PASS
2022-06-28 19:58:39,082 # TEST(atca_cmd_basic_test, read_data_zone) PASS
2022-06-28 19:58:39,195 # TEST(atca_cmd_basic_test, genkey) PASS
2022-06-28 19:58:39,270 # TEST(atca_cmd_basic_test, get_pubkey) PASS
2022-06-28 19:58:39,309 # TEST(atca_cmd_basic_test, priv_write_unencrypted)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_privwrite.c:294::IGNORE: Data zone must be unlocked for this test.
2022-06-28 19:58:39,399 # TEST(atca_cmd_basic_test, priv_write_encrypted)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_privwrite.c:91::FAIL: Expected 0 Was 244
2022-06-28 19:58:39,445 # TEST(atca_cmd_basic_test, lock_data_slot)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_lock.c:79::FAIL: Expected 0 Was 244
2022-06-28 19:58:39,646 # TEST(atca_cmd_basic_test, kdf_prf_output)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_kdf.c:93::FAIL: Expected 0 Was 210
2022-06-28 19:58:39,827 # TEST(atca_cmd_basic_test, kdf_prf_output_encrypted)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_kdf.c:138::FAIL: Expected 0 Was 244
2022-06-28 19:58:39,881 # TEST(atca_cmd_basic_test, kdf_aes_output)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_kdf.c:182::FAIL: Expected 0 Was 210
2022-06-28 19:58:39,935 # TEST(atca_cmd_basic_test, kdf_aes_output_encrypted)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_kdf.c:255::FAIL: Expected 0 Was 210
2022-06-28 19:58:40,059 # TEST(atca_cmd_basic_test, kdf_hkdf_output)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_kdf.c:340::FAIL: Expected 0 Was 210
2022-06-28 19:58:40,158 # TEST(atca_cmd_basic_test, kdf_hkdf_output_encrypted)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_kdf.c:402::FAIL: Expected 0 Was 244
2022-06-28 19:58:40,452 # TEST(atca_cmd_basic_test, sboot_digest)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_secureboot.c:86::FAIL: Expected 0 Was 210
2022-06-28 19:58:40,633 # TEST(atca_cmd_basic_test, sboot_digest_full_encrypted)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_secureboot.c:127::FAIL: Expected 0 Was 244
2022-06-28 19:58:40,811 # TEST(atca_cmd_basic_test, sboot_digest_fullstore_encrypted)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_secureboot.c:160::FAIL: Expected 0 Was 244
2022-06-28 19:58:41,032 # TEST(atca_cmd_basic_test, selftest_individual) PASS
2022-06-28 19:58:41,214 # TEST(atca_cmd_basic_test, selftest_all) PASS
2022-06-28 19:58:41,358 # TEST(atca_cmd_basic_test, gendig_config_otp_data)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_gendig.c:356::FAIL: Memory Mismatch. Byte 0 Expected 0x1C Was 0x4B
2022-06-28 19:58:41,453 # TEST(atca_cmd_basic_test, gendig_counter)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_gendig.c:267::FAIL: Memory Mismatch. Byte 0 Expected 0x0A Was 0xD2
2022-06-28 19:58:41,581 # TEST(atca_cmd_basic_test, gendig_keyconfig)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_gendig.c:190::FAIL: Memory Mismatch. Byte 0 Expected 0x5B Was 0xDB
2022-06-28 19:58:41,676 # TEST(atca_cmd_basic_test, gendig_shared_nonce)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_gendig.c:107::FAIL: Memory Mismatch. Byte 0 Expected 0xAC Was 0xFB
2022-06-28 19:58:41,706 # TEST(atca_cmd_basic_test, random) PASS
2022-06-28 19:58:41,750 # TEST(atca_cmd_basic_test, challenge) PASS
2022-06-28 19:58:41,782 # TEST(atca_cmd_basic_test, counter_write_test)/RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_counter.c:268::IGNORE: Config zone must be unlocked for this test.
2022-06-28 19:58:41,834 # TEST(atca_cmd_basic_test, counter_test) PASS
2022-06-28 19:58:41,866 # TEST(atca_cmd_basic_test, counter_match)Starting counter 0: 63
2022-06-28 19:58:41,870 # Incrementing counter 0 to 32-byte boundary: 63
2022-06-28 19:58:41,890 # Setting counter match to: 64
2022-06-28 19:58:42,104 # Counter 0 after successful sign: 63
2022-06-28 19:58:42,116 # /RIOT/build/pkg/cryptoauthlib/test/api_atcab/atca_tests_counter.c:124::FAIL: Expected 64 Was 63
2022-06-28 19:58:42,116 #
2022-06-28 19:58:42,118 # -----------------------
2022-06-28 19:58:42,121 # 96 Tests 37 Failures 14 Ignored
2022-06-28 19:58:42,121 # FAIL
2022-06-28 19:58:42,122 #
pkg/cryptoauthlib/contrib/atca.c
Outdated
@@ -43,10 +44,11 @@ void atca_delay_ms(uint32_t delay) | |||
ztimer_sleep(ZTIMER_USEC, delay * US_PER_MS); | |||
} | |||
|
|||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please remove this and the upper blank line
PS: please check the test outputs, once again, carefully. I am not very happy with the test output as is, but this is not on our side... |
683a194
to
aef2eb7
Compare
stiatic doc check fails already
|
7e96663
to
fd597cf
Compare
I am assuming you did notice the CI errors already (?) |
Yes. The errors were thrown when building the package's tests for 8-bit CPUs. Apparently they shift an 8-bit number by another 8-bit number, which could result in an overflow. I added a patch to cast the shifted value to 32 bits. |
Please squash or add a prefix to your second commit, like "pkg/cryptoauthlib:". In the latter case, make sure your commit message is not getting too long. |
baa6b07
to
422d81a
Compare
It seems this PR is responsible for the nightlies failing the Kconfig tests. The Kconfig resolution fails to compile as the
|
To see the failure run:
|
It does seem like there are some symbols that may contribute to this but I am not so sure: snippet from pkg#if !defined(ATCA_NO_HEAP) && defined(ATCA_TESTS_ENABLED) && defined(ATCA_PLATFORM_MALLOC)
void* (*g_hal_malloc_f)(size_t) = ATCA_PLATFORM_MALLOC;
void (*g_hal_free_f)(void*) = ATCA_PLATFORM_FREE;
void* hal_malloc(size_t size)
{
return g_hal_malloc_f(size);
}
void hal_free(void* ptr)
{
g_hal_free_f(ptr);
} |
ping @Einhornhool you have a solution I think, can you make a quick PR to fix? |
Here it is: |
Contribution description
This updates the Cryptoauth Library to the latest version.
This version includes a new API that facilitates the use of multiple devices in parallel. It also comes with added test cases for the new API and a restructured testing system in general.
Testing procedure
Run tests/pkg_cryptoauthlib_internal_tests and tests/pkg_cryptoauthlib_compare_sha256