Merge pull request #18137 from Einhornhool/pr/update-cryptoauth-package

pkg/cryptoauthlib: Update package to latest version

boards/common/saml1x/include/board.h

@@ -28,6 +28,15 @@
 extern "C" {
 #endif
 
+/**
+ * @brief ATCA device type on SAML11 XPro boards
+ * @{
+ */
+#ifdef BOARD_SAML11_XPRO
+#define ATCA_DEVTYPE    (ATECC508A)
+#endif
+/** @} */
+
 /**
  * @name    PORT selection macros
  * @{

pkg/cryptoauthlib/Kconfig

@@ -23,6 +23,11 @@ config MODULE_CRYPTOAUTHLIB_CONTRIB
 config MODULE_CRYPTOAUTHLIB_TEST
     bool "Module for cryptoauthlib tests"
     depends on TEST_KCONFIG
+    select MODULE_CRYPTOAUTHLIB_TEST_THIRD_PARTY_UNITY
+    select MODULE_CRYPTOAUTHLIB_TEST_API_ATCAB
+    select MODULE_CRYPTOAUTHLIB_TEST_API_CALIB
+    select MODULE_CRYPTOAUTHLIB_TEST_API_CRYPTO
+    select MODULE_CRYPTOAUTHLIB_TEST_VECTORS
     select MODULE_CRYPTOAUTHLIB_TEST_JWT
     select MODULE_CRYPTOAUTHLIB_TEST_TNG
     select MODULE_CRYPTOAUTHLIB_TEST_ATCACERT
@@ -36,4 +41,19 @@ config MODULE_CRYPTOAUTHLIB_TEST_TNG
 config MODULE_CRYPTOAUTHLIB_TEST_ATCACERT
     bool
 
+config MODULE_CRYPTOAUTHLIB_TEST_THIRD_PARTY_UNITY
+    bool
+
+config MODULE_CRYPTOAUTHLIB_TEST_API_ATCAB
+    bool
+
+config MODULE_CRYPTOAUTHLIB_TEST_API_CALIB
+    bool
+
+config MODULE_CRYPTOAUTHLIB_TEST_API_CRYPTO
+    bool
+
+config MODULE_CRYPTOAUTHLIB_TEST_VECTORS
+    bool
+
 endif

pkg/cryptoauthlib/Makefile

@@ -1,6 +1,6 @@
 PKG_NAME=cryptoauthlib
 PKG_URL=https://github.com/MicrochipTech/cryptoauthlib
-PKG_VERSION=af8187776cd3f3faf8bed412eaf6ff7221862e19
+PKG_VERSION=055dd4afafb019db1f4d61880aa441832139faa2
 PKG_LICENSE=LGPL-2.1
 PKG_TEST_NAME=cryptoauthlib_test
 
@@ -23,6 +23,7 @@ CFLAGS += -Wno-type-limits
 CFLAGS += -Wno-unused-function
 CFLAGS += -Wno-unused-parameter
 CFLAGS += -Wno-unused-variable
+CFLAGS += -Wno-format-nonliteral
 
 TOOLCHAIN_FILE=$(PKG_SOURCE_DIR)/xcompile-toolchain.cmake
 
@@ -39,7 +40,6 @@ cryptoauth: $(PKG_BUILD_DIR)/Makefile
 $(PKG_BUILD_DIR)/Makefile: $(TOOLCHAIN_FILE)
 	cmake -DCMAKE_TOOLCHAIN_FILE=$(TOOLCHAIN_FILE) \
 		  -Wno-dev \
-		  -DATCA_HAL_I2C:BOOL=TRUE \
 		  -B$(PKG_BUILD_DIR) \
 		  -H$(PKG_SOURCE_DIR)/lib
 
@@ -47,10 +47,15 @@ $(TOOLCHAIN_FILE): git-download
 	$(RIOTTOOLS)/cmake/generate-xcompile-toolchain.sh > $(TOOLCHAIN_FILE)
 
 build_tests:
+	$(QQ)"$(MAKE)" -C $(PKG_SOURCE_DIR)/third_party/unity -f $(RIOTBASE)/Makefile.base MODULE=$(PKG_TEST_NAME)_third_party_unity
 	$(QQ)"$(MAKE)" -C $(PKG_SOURCE_DIR)/test -f $(RIOTBASE)/Makefile.base MODULE=$(PKG_TEST_NAME)
 	$(QQ)"$(MAKE)" -C $(PKG_SOURCE_DIR)/test/jwt -f $(RIOTBASE)/Makefile.base MODULE=$(PKG_TEST_NAME)_jwt
 	$(QQ)"$(MAKE)" -C $(PKG_SOURCE_DIR)/test/tng -f $(RIOTBASE)/Makefile.base MODULE=$(PKG_TEST_NAME)_tng
 	$(QQ)"$(MAKE)" -C $(PKG_SOURCE_DIR)/test/atcacert -f $(RIOTBASE)/Makefile.base MODULE=$(PKG_TEST_NAME)_atcacert
+	$(QQ)"$(MAKE)" -C $(PKG_SOURCE_DIR)/test/api_atcab -f $(RIOTBASE)/Makefile.base MODULE=$(PKG_TEST_NAME)_api_atcab
+	$(QQ)"$(MAKE)" -C $(PKG_SOURCE_DIR)/test/api_calib -f $(RIOTBASE)/Makefile.base MODULE=$(PKG_TEST_NAME)_api_calib
+	$(QQ)"$(MAKE)" -C $(PKG_SOURCE_DIR)/test/api_crypto -f $(RIOTBASE)/Makefile.base MODULE=$(PKG_TEST_NAME)_api_crypto
+	$(QQ)"$(MAKE)" -C $(PKG_SOURCE_DIR)/test/vectors -f $(RIOTBASE)/Makefile.base MODULE=$(PKG_TEST_NAME)_vectors
 
 git-download: | ..cmake_version_supported
 

pkg/cryptoauthlib/Makefile.dep

@@ -9,6 +9,11 @@ ifneq (,$(filter cryptoauthlib_test,$(USEMODULE)))
   USEMODULE += cryptoauthlib_test_jwt
   USEMODULE += cryptoauthlib_test_tng
   USEMODULE += cryptoauthlib_test_atcacert
+  USEMODULE += cryptoauthlib_test_api_atcab
+  USEMODULE += cryptoauthlib_test_api_calib
+  USEMODULE += cryptoauthlib_test_api_crypto
+  USEMODULE += cryptoauthlib_test_vectors
+  USEMODULE += cryptoauthlib_test_third_party_unity
 endif
 
 # Some EFM32 CPU families define AES_COUNT, which is also defined by this

pkg/cryptoauthlib/Makefile.include

@@ -4,6 +4,7 @@ PKG_TESTINCLDIR = $(PKG_SOURCE_DIR)/test
 INCLUDES += -I$(PKG_SOURCE_DIR)
 INCLUDES += -I$(PKG_SOURCE_DIR)/lib
 INCLUDES += -I$(PKG_SOURCE_DIR)/app
+INCLUDES += -I$(PKG_SOURCE_DIR)/lib/calib
 INCLUDES += -I$(RIOTPKG)/cryptoauthlib/include
 
 DIRS += $(RIOTPKG)/cryptoauthlib/contrib
@@ -14,4 +15,9 @@ ifneq (,$(filter cryptoauthlib_test,$(USEMODULE)))
   INCLUDES += -I$(PKG_TESTINCLDIR)/jwt
   INCLUDES += -I$(PKG_TESTINCLDIR)/tng
   INCLUDES += -I$(PKG_TESTINCLDIR)/atcacert
+  INCLUDES += -I$(PKG_TESTINCLDIR)/api_atcab
+  INCLUDES += -I$(PKG_TESTINCLDIR)/api_calib
+  INCLUDES += -I$(PKG_TESTINCLDIR)/api_crypto
+  INCLUDES += -I$(PKG_TESTINCLDIR)/vectors
+  INCLUDES += -I$(PKG_SOURCE_DIR)/third_party/unity
 endif

pkg/cryptoauthlib/contrib/atca.c

@@ -27,6 +27,7 @@
 #include "atca.h"
 #include "atca_params.h"
 
+
 /* Timer functions */
 void atca_delay_us(uint32_t delay)
 {
@@ -44,9 +45,9 @@ void atca_delay_ms(uint32_t delay)
 }
 
 /* Hal I2C implementation */
-ATCA_STATUS hal_i2c_init(void *hal, ATCAIfaceCfg *cfg)
+ATCA_STATUS hal_i2c_init(ATCAIface iface, ATCAIfaceCfg *cfg)
 {
-    (void)hal;
+    (void)iface;
     if (cfg->iface_type != ATCA_I2C_IFACE) {
         return ATCA_BAD_PARAM;
     }
@@ -62,17 +63,15 @@ ATCA_STATUS hal_i2c_post_init(ATCAIface iface)
     return ATCA_SUCCESS;
 }
 
-ATCA_STATUS hal_i2c_send(ATCAIface iface, uint8_t *txdata, int txlength)
+ATCA_STATUS hal_i2c_send(ATCAIface iface, uint8_t word_address, uint8_t *txdata, int txlength)
 {
+    (void) word_address;
     ATCAIfaceCfg *cfg = atgetifacecfg(iface);
     int ret;
 
-    /* The first byte of the command package contains the word address */
-    txdata[0] = ATCA_DATA_ADDR;
-
     i2c_acquire(cfg->atcai2c.bus);
-    ret = i2c_write_bytes(cfg->atcai2c.bus, (cfg->atcai2c.slave_address >> 1),
-                          txdata, txlength + 1, 0);
+    ret = i2c_write_bytes(cfg->atcai2c.bus, (cfg->atcai2c.address >> 1),
+                          txdata, txlength, 0);
     i2c_release(cfg->atcai2c.bus);
 
     if (ret != 0) {
@@ -82,53 +81,20 @@ ATCA_STATUS hal_i2c_send(ATCAIface iface, uint8_t *txdata, int txlength)
     return ATCA_SUCCESS;
 }
 
-ATCA_STATUS hal_i2c_receive(ATCAIface iface, uint8_t *rxdata,
+ATCA_STATUS hal_i2c_receive(ATCAIface iface, uint8_t word_address, uint8_t *rxdata,
                             uint16_t *rxlength)
 {
+    (void) word_address;
     ATCAIfaceCfg *cfg = atgetifacecfg(iface);
     uint8_t retries = cfg->rx_retries;
-    uint8_t length_package = 0;
-    uint8_t bytes_to_read;
     int ret = -1;
 
-    /* Every command needs some time to be executed. We check whether the device is done
-       by polling, so we don't have to wait for the max execution time. For that there's
-       a number of retries (specified in the device descriptor). If polling is not successful
-       this function returns an error code. */
-
-    i2c_acquire(cfg->atcai2c.bus);
-    while (retries-- > 0 && ret != 0) {
-        /* read first byte (size of output data) and store it in variable length_package
-           to check if output will fit into rxdata */
-        ret = i2c_read_byte(cfg->atcai2c.bus, (cfg->atcai2c.slave_address >> 1),
-                            &length_package, 0);
-    }
-    i2c_release(cfg->atcai2c.bus);
-
-    if (ret != 0) {
-        return ATCA_RX_TIMEOUT;
-    }
-
-    bytes_to_read = length_package - 1;
-
-    if (bytes_to_read > *rxlength) {
-        return ATCA_SMALL_BUFFER;
-    }
-
-    /* CRC function calculates value of the whole output package, so to get a correct
-       result we need to include the length of the package we got before into rxdata as first byte. */
-    rxdata[0] = length_package;
-
-    /* reset ret and retries to read the rest of the output */
-    ret = -1;
-    retries = cfg->rx_retries;
-
     /* read rest of output and insert into rxdata array after first byte */
     i2c_acquire(cfg->atcai2c.bus);
     while (retries-- > 0 && ret != 0) {
         ret = i2c_read_bytes(cfg->atcai2c.bus,
-                             (cfg->atcai2c.slave_address >> 1), (rxdata + 1),
-                             bytes_to_read, 0);
+                             (cfg->atcai2c.address >> 1), (rxdata),
+                             *rxlength, 0);
     }
     i2c_release(cfg->atcai2c.bus);
 
@@ -136,8 +102,6 @@ ATCA_STATUS hal_i2c_receive(ATCAIface iface, uint8_t *rxdata,
         return ATCA_RX_TIMEOUT;
     }
 
-    *rxlength = length_package;
-
     return ATCA_SUCCESS;
 }
 
@@ -173,7 +137,7 @@ ATCA_STATUS hal_i2c_wake(ATCAIface iface)
     i2c_acquire(cfg->atcai2c.bus);
     while (retries-- > 0 && status != 0) {
         status = i2c_read_bytes(cfg->atcai2c.bus,
-                                (cfg->atcai2c.slave_address >> 1),
+                                (cfg->atcai2c.address >> 1),
                                 &data[0], 4, 0);
     }
     i2c_release(cfg->atcai2c.bus);
@@ -181,7 +145,6 @@ ATCA_STATUS hal_i2c_wake(ATCAIface iface)
     if (status != ATCA_SUCCESS) {
         return ATCA_COMM_FAIL;
     }
-
     return hal_check_wake(data, 4);
 }
 
@@ -190,7 +153,7 @@ ATCA_STATUS hal_i2c_idle(ATCAIface iface)
     ATCAIfaceCfg *cfg = atgetifacecfg(iface);
 
     i2c_acquire(cfg->atcai2c.bus);
-    i2c_write_byte(cfg->atcai2c.bus, (cfg->atcai2c.slave_address >> 1),
+    i2c_write_byte(cfg->atcai2c.bus, (cfg->atcai2c.address >> 1),
                    ATCA_IDLE_ADDR, 0);
     i2c_release(cfg->atcai2c.bus);
     return ATCA_SUCCESS;
@@ -201,12 +164,34 @@ ATCA_STATUS hal_i2c_sleep(ATCAIface iface)
     ATCAIfaceCfg *cfg = atgetifacecfg(iface);
 
     i2c_acquire(cfg->atcai2c.bus);
-    i2c_write_byte(cfg->atcai2c.bus, (cfg->atcai2c.slave_address >> 1),
+    i2c_write_byte(cfg->atcai2c.bus, (cfg->atcai2c.address >> 1),
                    ATCA_SLEEP_ADDR, 0);
     i2c_release(cfg->atcai2c.bus);
     return ATCA_SUCCESS;
 }
 
+ATCA_STATUS hal_i2c_control(ATCAIface iface, uint8_t option, void* param, size_t paramlen)
+{
+    (void) param;
+    (void) paramlen;
+    switch (option) {
+        case ATCA_HAL_CONTROL_WAKE:
+            return hal_i2c_wake(iface);
+        case ATCA_HAL_CONTROL_IDLE:
+            return hal_i2c_idle(iface);
+        case ATCA_HAL_CONTROL_SLEEP:
+            return hal_i2c_sleep(iface);
+        case ATCA_HAL_CHANGE_BAUD:
+            return ATCA_UNIMPLEMENTED;
+        case ATCA_HAL_CONTROL_SELECT:
+        case ATCA_HAL_CONTROL_DESELECT:
+            return ATCA_SUCCESS;
+        default:
+            return ATCA_BAD_PARAM;
+    }
+    return ATCA_UNIMPLEMENTED;
+}
+
 ATCA_STATUS hal_i2c_release(void *hal_data)
 {
     (void)hal_data;

pkg/cryptoauthlib/include/atca_config.h

@@ -0,0 +1,52 @@
+/*
+ * Copyright (C) 2022 HAW Hamburg
+ *
+ * This file is subject to the terms and conditions of the GNU Lesser
+ * General Public License v2.1. See the file LICENSE in the top level
+ * directory for more details.
+ */
+
+/**
+ * @ingroup     pkg_cryptoauthlib
+ * @{
+ *
+ * @file
+ * @brief       Minimal configuration for the library build.
+ *              For documentation please see https://github.com/MicrochipTech/cryptoauthlib#readme
+ *
+ * @author      Lena Boeckmann <lena.boeckmann@haw-hamburg.de>
+ *
+ */
+
+#ifndef ATCA_CONFIG_H
+#define ATCA_CONFIG_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @brief ATECC508A device support
+ */
+#define ATCA_ATECC508A_SUPPORT
+
+/**
+ * @brief ATECC608A device support
+ */
+#define ATCA_ATECC608A_SUPPORT
+
+/**
+ * @brief Map atca delay function to hal delay ms implementation
+ */
+#define atca_delay_ms   hal_delay_ms
+
+/**
+ * @brief Map atca delay function to hal delay us implementation
+ */
+#define atca_delay_us   hal_delay_us
+
+#ifdef __cplusplus
+}
+#endif
+#endif /* ATCA_CONFIG_H */
+/** @} */

pkg/cryptoauthlib/include/atca_params.h

@@ -21,6 +21,7 @@
 #define ATCA_PARAMS_H
 
 #include "board.h"
+#include "periph/i2c.h"
 #include "cryptoauthlib.h"
 
 #ifdef __cplusplus
@@ -53,15 +54,15 @@ extern "C" {
 #define ATCA_RX_RETRIES          (20)
 #endif
 #ifndef ATCA_DEVTYPE
-#define ATCA_DEVTYPE            (ATECC508A)
+#define ATCA_DEVTYPE            (ATECC608A)
 #endif
 
 #ifndef ATCA_PARAMS
 #define ATCA_PARAMS                {    .iface_type = ATCA_I2C_IFACE, \
                                         .devtype = ATCA_DEVTYPE, \
-                                        .atcai2c.slave_address = ATCA_PARAM_ADDR, \
+                                        .atcai2c.address = ATCA_PARAM_ADDR, \
                                         .atcai2c.bus = ATCA_PARAM_I2C, \
-                                        .atcai2c.baud = -1,                        /**< Not used in RIOT */ \
+                                        .atcai2c.baud = -1, /**< Not used in RIOT */ \
                                         .wake_delay = 1500, \
                                         .rx_retries = ATCA_RX_RETRIES }
 #endif

pkg/cryptoauthlib/include/cryptoauthlib_test.h

@@ -32,15 +32,7 @@ extern "C" {
  *          This function is defined in the cryptoauth library via patch.
  *          It is used to pass commands to run built-in unit tests of the library.
  */
-int atca_run_cmd(const char *command);
-
-/**
- * @brief   Function switches the default cfg in cryptoauthlib test to RIOT cfg
- */
-void riot_switch_cfg(ATCAIfaceCfg *cfg)
-{
-    *cfg = atca_params[0];
-}
+int atca_run_cmd(char *command, size_t len);
 
 #ifdef __cplusplus
 }

tests/pkg_cryptoauthlib_internal-tests/Makefile

@@ -2,6 +2,7 @@ BOARD ?= nucleo-f767zi
 
 include ../Makefile.tests_common
 
+CFLAGS += -DTHREAD_STACKSIZE_MAIN=\(3*THREAD_STACKSIZE_DEFAULT\)
 # Test fails to build for these boards fails due to
 # redefinition of define AES_COUNT in library, which
 # is also defined in board header files

tests/pkg_cryptoauthlib_internal-tests/README.md

@@ -0,0 +1,5 @@
+Tests provided by the cryptoauthlib driver
+==========================================
+
+Some of the tests require the device config zone to be locked.
+Test that require the use of key slots will fail, if the slot configuration differs from the default configuration.

tests/pkg_cryptoauthlib_internal-tests/main.c

@@ -20,22 +20,29 @@
 
 #include <stdio.h>
 #include "cryptoauthlib_test.h"
+#include "atca_test.h"
+
+const char atecc508[] = "ecc508";
+const char atecc608[] = "ecc608";
+const char unit[] = "basic";
 
 int main(void)
 {
+    atca_test_config_set_ifacecfg((ATCAIfaceCfg *) &atca_params[0]);
+
     /* Set device to ATECC508A */
     if (ATCA_DEVTYPE == ATECC608A) {
-        atca_run_cmd("608");
+        atca_run_cmd((char *) atecc608, sizeof(atecc608));
     }
     else if (ATCA_DEVTYPE == ATECC508A) {
-        atca_run_cmd("508");
+        atca_run_cmd((char *) atecc508, sizeof(atecc508));
     }
     else {
         printf("This device is currently not supported.");
         return 0;
     }
 
-    atca_run_cmd("unit");
+    atca_run_cmd((char *) unit, sizeof(unit));
 
     return 0;
 }