Digi
/
meta-digi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

cryptoauthlib: add new cryptochip-cmd-processor test app 

https://jira.digi.com/browse/DEL-5763

Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit is contained in:
Gabriel Valcazar 2018-02-23 14:03:12 +01:00
parent 674751e268
commit 4c6689a2f8
3 changed files with 506 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
meta-digi-arm/recipes-digi/cryptoauthlib/cryptoauthlib/0003-Build-cryptochip-cmd-processor-application-along-wit.patch Normal file
View File

@ -0,0 +1,50 @@
From: Gabriel Valcazar <gabriel.valcazar@digi.com>
Date: Mon, 26 Feb 2018 11:42:50 +0100
Subject: [PATCH 1/2] Build cryptochip-cmd-processor application along with the
library
This new test application is more complete than ecc-test-main. It includes a
command line with different test runs for the chip's basic functionality,
helper functions, certificate functions and allows the configuration to be
read, among other things.
Hardcode the app to use the ATECC508A and remove all code that is specific for
other chips.
https://jira.digi.com/browse/DEL-5763
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
---
Makefile | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/Makefile b/Makefile
index a471428..c57b1bf 100644
--- a/Makefile
+++ b/Makefile
@@ -7,7 +7,7 @@ SUBDIRS= lib test
.PHONY: tgt_lib tgt_test clean
-all: tgt_lib tgt_test ecc-test
+all: tgt_lib tgt_test ecc-test cmd-processor
%.o: %.c
$(CC) $(CFLAGS) -o $@ -c $<
@@ -22,11 +22,15 @@ ecc-test: tgt_lib tgt_test
$(CC) -c ecc-test-main.c $(CFLAGS) $(LDFLAGS) -I ./lib/ -I ./test/
$(CC) -o ecc-test-main ecc-test-main.o $(LDFLAGS) test/tls/atcatls_tests.o -L lib -L test -lm -lc -lrt -lcryptoauth -lunity
+cmd-processor: tgt_lib tgt_test
+ $(CC) -o cryptochip-cmd-processor test/*.o $(LDFLAGS) test/*/*.o -L lib -L test -lcryptoauth
+
install:
for a in $(SUBDIRS); do $(MAKE) -C $$a $@; done
install -d $(DESTDIR)/usr/bin
install -m 0755 ecc-test-main $(DESTDIR)/usr/bin/
+ install -m 0755 cryptochip-cmd-processor $(DESTDIR)/usr/bin
clean:
- rm -f *.o *.a ecc-test-main
+ rm -f *.o *.a ecc-test-main cryptochip-cmd-processor
$(foreach subdir,$(basename $(SUBDIRS)),$(MAKE) -w -C $(subdir) clean;)

454
meta-digi-arm/recipes-digi/cryptoauthlib/cryptoauthlib/0004-Remove-unnecessary-code-from-cryptochip-cmd-processo.patch Normal file
View File

@ -0,0 +1,454 @@
From: Gabriel Valcazar <gabriel.valcazar@digi.com>
Date: Fri, 23 Feb 2018 13:50:29 +0100
Subject: [PATCH 2/2] Remove unnecessary code from cryptochip-cmd-processor
Some test commands apply to chips other than the ATECC508A, and can cause
errors when used incorrectly. Remove all code that doesn't apply to our
platforms.
https://jira.digi.com/browse/DEL-5763
Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
---
test/cmd-processor.c | 348 ++-------------------------------------------------
1 file changed, 13 insertions(+), 335 deletions(-)
diff --git a/test/cmd-processor.c b/test/cmd-processor.c
index c8c60e0..592157e 100644
--- a/test/cmd-processor.c
+++ b/test/cmd-processor.c
@@ -92,10 +92,6 @@ static void sernum(void);
static void discover(void);
static void select_device(ATCADeviceType device_type);
static int run_test(void* fptest);
-static void select_204(void);
-static void select_108(void);
-static void select_508(void);
-static void select_608(void);
static void run_basic_tests(void);
static void run_unit_tests(void);
static void run_otpzero_tests(void);
@@ -103,20 +99,11 @@ static void run_helper_tests(void);
static void help(void);
static int parse_cmd(const char *command);
static void run_all_tests(void);
-static ATCA_STATUS set_chip_mode(uint8_t i2c_user_extra_add, uint8_t ttl_enable, uint8_t watchdog, uint8_t clock_divider);
-static void set_clock_divider_m0(void);
-static void set_clock_divider_m1(void);
-static void set_clock_divider_m2(void);
static const char* argv[] = { "manual", "-v" };
static t_menu_info mas_menu_info[] =
{
{ "help", "Display Menu", help },
- { "discover", "Discover Buses and Devices", discover },
- { "204", "Set Target Device to ATECC204A", select_204 },
- { "108", "Set Target Device to ATECC108A", select_108 },
- { "508", "Set Target Device to ATECC508A", select_508 },
- { "608", "Set Target Device to ATECC608A", select_608 },
{ "info", "Get the Chip Revision", info },
{ "sernum", "Get the Chip Serial Number", sernum },
{ "basic", "Run Basic Test on Selected Device", run_basic_tests },
@@ -135,12 +122,9 @@ static t_menu_info mas_menu_info[] =
{ "cio", "Run Unit Test on Cert I/O", (fp_menu_handler)certio_unit_tests },
#endif
#ifdef TEST_SW_CRYPTO
- { "crypto", "Run Unit Tests for Software Crypto Functions", atca_crypto_sw_tests },
+ { "crypto", "Run Unit Tests for Software Crypto Functions", (fp_menu_handler)atca_crypto_sw_tests },
#endif
{ "all", "Run all unit tests, locking as needed.", run_all_tests },
- { "clkdivm0", "Set ATECC608A to ClockDivider M0(0x00)", set_clock_divider_m0},
- { "clkdivm1", "Set ATECC608A to ClockDivider M1(0x05)", set_clock_divider_m1},
- { "clkdivm2", "Set ATECC608A to ClockDivider M2(0x0D)", set_clock_divider_m2},
{ NULL, NULL, NULL },
};
@@ -160,6 +144,8 @@ int main(int argc, char* argv[])
return 1;
}
+ select_device(ATECC508A);
+
while (true)
{
printf("$ ");
@@ -230,96 +216,13 @@ static void help(void)
}
}
-static void select_204(void)
-{
- select_device(ATSHA204A);
-}
-static void select_108(void)
-{
- select_device(ATECC108A);
-}
-static void select_508(void)
-{
- select_device(ATECC508A);
-}
-static void select_608(void)
-{
- select_device(ATECC608A);
-}
-
-static void update_chip_mode(uint8_t* chip_mode, uint8_t i2c_user_extra_add, uint8_t ttl_enable, uint8_t watchdog, uint8_t clock_divider)
-{
- if (i2c_user_extra_add != 0xFF)
- {
- *chip_mode &= ~ATCA_CHIPMODE_I2C_ADDRESS_FLAG;
- *chip_mode |= i2c_user_extra_add & ATCA_CHIPMODE_I2C_ADDRESS_FLAG;
- }
- if (ttl_enable != 0xFF)
- {
- *chip_mode &= ~ATCA_CHIPMODE_TTL_ENABLE_FLAG;
- *chip_mode |= ttl_enable & ATCA_CHIPMODE_TTL_ENABLE_FLAG;
- }
- if (watchdog != 0xFF)
- {
- *chip_mode &= ~ATCA_CHIPMODE_WATCHDOG_MASK;
- *chip_mode |= watchdog & ATCA_CHIPMODE_WATCHDOG_MASK;
- }
- if (clock_divider != 0xFF)
- {
- *chip_mode &= ~ATCA_CHIPMODE_CLOCK_DIV_MASK;
- *chip_mode |= clock_divider & ATCA_CHIPMODE_CLOCK_DIV_MASK;
- }
-}
-
-static ATCA_STATUS check_clock_divider(void)
-{
- ATCA_STATUS status;
- uint8_t chip_mode = 0;
-
- if (gCfg->devtype != ATECC608A)
- {
- printf("Current device doesn't support clock divider settings (only ATECC608A)\r\n");
- return ATCA_GEN_FAIL;
- }
-
- // Update the actual ATECC608A chip mode so it takes effect immediately
- status = atcab_init(gCfg);
- if (status != ATCA_SUCCESS)
- {
- printf("atcab_init() failed with ret=0x%08X\r\n", status);
- return status;
- }
-
- do
- {
- // Read current config values
- status = atcab_read_bytes_zone(ATCA_ZONE_CONFIG, 0, ATCA_CHIPMODE_OFFSET, &chip_mode, 1);
- if (status != ATCA_SUCCESS)
- {
- printf("atcab_read_bytes_zone() failed with ret=0x%08X\r\n", status);
- break;
- }
-
- // Update the ATECC608A test config data so all the unit tests will run with the new chip mode
- update_chip_mode(&test_ecc608_configdata[ATCA_CHIPMODE_OFFSET], 0xFF, 0xFF, chip_mode & ATCA_CHIPMODE_WATCHDOG_MASK, chip_mode & ATCA_CHIPMODE_CLOCK_DIV_MASK);
-
- } while (0);
-
- atcab_release();
- return status;
-}
-
static void run_basic_tests(void)
{
- if (gCfg->devtype == ATECC608A)
- check_clock_divider();
run_test(RunAllBasicTests);
}
static void run_unit_tests(void)
{
- if (gCfg->devtype == ATECC608A)
- check_clock_divider();
run_test(RunAllFeatureTests);
}
static void run_otpzero_tests(void)
@@ -453,37 +356,6 @@ static ATCA_STATUS do_randoms(void)
return status;
}
-static void discover(void)
-{
- ATCAIfaceCfg ifaceCfgs[10];
- int i;
- const char *devname[] = { "ATSHA204A", "ATECC108A", "ATECC508A", "ATECC608A" }; // indexed by ATCADeviceType
-
- for (i = 0; i < (int)(sizeof(ifaceCfgs) / sizeof(ATCAIfaceCfg)); i++)
- {
- ifaceCfgs[i].devtype = ATCA_DEV_UNKNOWN;
- ifaceCfgs[i].iface_type = ATCA_UNKNOWN_IFACE;
- }
-
- printf("Searching...");
- atcab_cfg_discover(ifaceCfgs, sizeof(ifaceCfgs) / sizeof(ATCAIfaceCfg));
- for (i = 0; i < (int)(sizeof(ifaceCfgs) / sizeof(ATCAIfaceCfg)); i++)
- {
- if (ifaceCfgs[i].devtype != ATCA_DEV_UNKNOWN)
- {
- printf("Found %s ", devname[ifaceCfgs[i].devtype]);
- if (ifaceCfgs[i].iface_type == ATCA_I2C_IFACE)
- {
- printf("@ bus %d addr %02x", ifaceCfgs[i].atcai2c.bus, ifaceCfgs[i].atcai2c.slave_address);
- }
- if (ifaceCfgs[i].iface_type == ATCA_SWI_IFACE)
- {
- printf("@ bus %d", ifaceCfgs[i].atcaswi.bus);
- }
- printf("\r\n");
- }
- }
-}
static void info(void)
{
ATCA_STATUS status;
@@ -636,18 +508,7 @@ static ATCA_STATUS get_serial_no(uint8_t *sernum)
static void select_device(ATCADeviceType device_type)
{
- ATCA_STATUS status;
-
- status = set_test_config(device_type);
-
- if (status == ATCA_SUCCESS)
- {
- printf("Device Selected.\r\n");
- }
- else
- {
- printf("IFace Cfg are NOT available\r\n");
- }
+ set_test_config(device_type);
}
static int run_test(void* fptest)
@@ -670,9 +531,6 @@ static void run_all_tests(void)
bool is_data_locked = false;
int fails = 0;
- if (gCfg->devtype == ATECC608A)
- check_clock_divider();
-
status = is_device_locked(LOCK_ZONE_CONFIG, &is_config_locked);
if (status != ATCA_SUCCESS)
{
@@ -814,204 +672,24 @@ static ATCA_STATUS set_test_config(ATCADeviceType deviceType)
gCfg->devtype = ATCA_DEV_UNKNOWN;
gCfg->iface_type = ATCA_UNKNOWN_IFACE;
- switch (deviceType)
- {
- case ATSHA204A:
-#if defined(ATCA_HAL_I2C)
- *gCfg = cfg_atsha204a_i2c_default;
-#elif defined(ATCA_HAL_SWI)
- *gCfg = cfg_atsha204a_swi_default;
-#elif defined(ATCA_HAL_KIT_HID)
- *gCfg = cfg_atsha204a_kithid_default;
-#elif defined(ATCA_HAL_KIT_CDC)
- *gCfg = cfg_atsha204a_kitcdc_default;
-#elif defined(ATCA_HAL_CUSTOM)
- *gCfg = g_cfg_atsha204a_custom;
-#else
-#error "HAL interface is not selected";
-#endif
- break;
-
- case ATECC108A:
-#if defined(ATCA_HAL_I2C)
- *gCfg = cfg_ateccx08a_i2c_default;
- gCfg->devtype = deviceType;
-#elif defined(ATCA_HAL_SWI)
- *gCfg = cfg_ateccx08a_swi_default;
- gCfg->devtype = deviceType;
-#elif defined(ATCA_HAL_KIT_HID)
- *gCfg = cfg_ateccx08a_kithid_default;
- gCfg->devtype = deviceType;
-#elif defined(ATCA_HAL_KIT_CDC)
- *gCfg = cfg_ateccx08a_kitcdc_default;
- gCfg->devtype = deviceType;
-#elif defined(ATCA_HAL_CUSTOM)
- *gCfg = g_cfg_atecc108a_custom;
-#else
-#error "HAL interface is not selected";
-#endif
- break;
-
- case ATECC508A:
-#if defined(ATCA_HAL_I2C)
- *gCfg = cfg_ateccx08a_i2c_default;
- gCfg->devtype = deviceType;
-#elif defined(ATCA_HAL_SWI)
- *gCfg = cfg_ateccx08a_swi_default;
- gCfg->devtype = deviceType;
-#elif defined(ATCA_HAL_KIT_HID)
- *gCfg = cfg_ateccx08a_kithid_default;
- gCfg->devtype = deviceType;
-#elif defined(ATCA_HAL_KIT_CDC)
- *gCfg = cfg_ateccx08a_kitcdc_default;
- gCfg->devtype = deviceType;
-#elif defined(ATCA_HAL_CUSTOM)
- *gCfg = g_cfg_atecc508a_custom;
-#else
-#error "HAL interface is not selected";
-#endif
- break;
-
- case ATECC608A:
#if defined(ATCA_HAL_I2C)
- *gCfg = cfg_ateccx08a_i2c_default;
- gCfg->devtype = deviceType;
+ *gCfg = cfg_ateccx08a_i2c_default;
+ gCfg->devtype = deviceType;
#elif defined(ATCA_HAL_SWI)
- *gCfg = cfg_ateccx08a_swi_default;
- gCfg->devtype = deviceType;
+ *gCfg = cfg_ateccx08a_swi_default;
+ gCfg->devtype = deviceType;
#elif defined(ATCA_HAL_KIT_HID)
- *gCfg = cfg_ateccx08a_kithid_default;
- gCfg->devtype = deviceType;
+ *gCfg = cfg_ateccx08a_kithid_default;
+ gCfg->devtype = deviceType;
#elif defined(ATCA_HAL_KIT_CDC)
- *gCfg = cfg_ateccx08a_kitcdc_default;
- gCfg->devtype = deviceType;
+ *gCfg = cfg_ateccx08a_kitcdc_default;
+ gCfg->devtype = deviceType;
#elif defined(ATCA_HAL_CUSTOM)
- *gCfg = g_cfg_atecc608a_custom;
+ *gCfg = g_cfg_atecc508a_custom;
#else
#error "HAL interface is not selected";
#endif
- break;
-
- default:
- //device type wasn't found, return with error
- return ATCA_GEN_FAIL;
- }
-
- #ifdef ATCA_RASPBERRY_PI_3
- gCfg->atcai2c.bus = 1;
- #endif
return ATCA_SUCCESS;
}
-static ATCA_STATUS set_chip_mode(uint8_t i2c_user_extra_add, uint8_t ttl_enable, uint8_t watchdog, uint8_t clock_divider)
-{
- ATCA_STATUS status;
- uint8_t config_word[ATCA_WORD_SIZE];
- bool is_config_locked = false;
-
- if (gCfg->devtype != ATECC608A)
- {
- printf("Current device doesn't support clock divider settings (only ATECC608A)\r\n");
- return ATCA_GEN_FAIL;
- }
-
- status = is_device_locked(LOCK_ZONE_CONFIG, &is_config_locked);
- if (status != ATCA_SUCCESS)
- {
- printf("is_device_locked() failed with ret=0x%08X\r\n", status);
- return status;
- }
-
- if (is_config_locked)
- {
- printf("Current device is config locked. Can't change clock divider. ");
- }
-
- // Update the actual ATECC608A chip mode so it takes effect immediately
- status = atcab_init(gCfg);
- if (status != ATCA_SUCCESS)
- {
- printf("atcab_init() failed with ret=0x%08X\r\n", status);
- return status;
- }
-
- do
- {
- // Read current config values
- status = atcab_read_bytes_zone(ATCA_ZONE_CONFIG, 0, 16, config_word, 4);
- if (status != ATCA_SUCCESS)
- {
- printf("atcab_read_bytes_zone() failed with ret=0x%08X\r\n", status);
- break;
- }
-
- if (is_config_locked)
- {
- printf("Currently set to 0x%02X.\r\n", (int)(config_word[3] >> 3));
- status = ATCA_GEN_FAIL;
- break;
- }
-
- // Update ChipMode
- update_chip_mode(&config_word[3], i2c_user_extra_add, ttl_enable, watchdog, clock_divider);
-
- // Write config values back to chip
- status = atcab_write_bytes_zone(ATCA_ZONE_CONFIG, 0, 16, config_word, 4);
- if (status != ATCA_SUCCESS)
- {
- printf("atcab_write_bytes_zone() failed with ret=0x%08X\r\n", status);
- break;
- }
-
- // Put to sleep so new values take effect
- status = atcab_wakeup();
- if (status != ATCA_SUCCESS)
- {
- printf("atcab_wakeup() failed with ret=0x%08X\r\n", status);
- break;
- }
- status = atcab_sleep();
- if (status != ATCA_SUCCESS)
- {
- printf("atcab_sleep() failed with ret=0x%08X\r\n", status);
- break;
- }
-
- // Update the ATECC608A test config data so all the unit tests will run with the new chip mode
- update_chip_mode(&test_ecc608_configdata[ATCA_CHIPMODE_OFFSET], i2c_user_extra_add, ttl_enable, watchdog, clock_divider);
-
- } while (0);
-
- atcab_release();
- return status;
-}
-
-static void set_clock_divider_m0(void)
-{
- ATCA_STATUS status = set_chip_mode(0xFF, 0xFF, ATCA_CHIPMODE_WATCHDOG_SHORT, ATCA_CHIPMODE_CLOCK_DIV_M0);
- if (status == ATCA_SUCCESS)
- {
- printf("Set device to clock divider M0 (0x%02X) and watchdog to 1.3s nominal.\r\n", ATCA_CHIPMODE_CLOCK_DIV_M0 >> 3);
- }
-}
-
-static void set_clock_divider_m1(void)
-{
- ATCA_STATUS status = set_chip_mode(0xFF, 0xFF, ATCA_CHIPMODE_WATCHDOG_SHORT, ATCA_CHIPMODE_CLOCK_DIV_M1);
- if (status == ATCA_SUCCESS)
- {
- printf("Set device to clock divider M1 (0x%02X) and watchdog to 1.3s nominal.\r\n", ATCA_CHIPMODE_CLOCK_DIV_M1 >> 3);
- }
-}
-
-static void set_clock_divider_m2(void)
-{
- // Additionally set watchdog to long settings (~13s) as some commands
- // can't complete in time on the faster watchdog setting.
- ATCA_STATUS status = set_chip_mode(0xFF, 0xFF, ATCA_CHIPMODE_WATCHDOG_LONG, ATCA_CHIPMODE_CLOCK_DIV_M2);
- if (status == ATCA_SUCCESS)
- {
- printf("Set device to clock divider M2 (0x%02X) and watchdog to 13s nominal.\r\n", ATCA_CHIPMODE_CLOCK_DIV_M2 >> 3);
- }
-}
\ No newline at end of file

2
meta-digi-arm/recipes-digi/cryptoauthlib/cryptoauthlib_git.bb
View File

@ -14,6 +14,8 @@ SRC_URI = " \
${GIT_URI};nobranch=1 \
file://0001-Port-changes-from-the-cryptoauth-engine-repo-to-the-.patch \
file://0002-Remove-unused-HAL-implementations.patch \
file://0003-Build-cryptochip-cmd-processor-application-along-wit.patch \
file://0004-Remove-unnecessary-code-from-cryptochip-cmd-processo.patch \
"
S = "${WORKDIR}/git"