From 5f696244fd5dcd6f35d11f97c1ffb6ac114d9221 Mon Sep 17 00:00:00 2001 From: Bryan Hunt Date: Tue, 1 Dec 2020 18:49:31 -0700 Subject: [PATCH] Release v3.2.5 (20201130) --- CMakeLists.txt | 4 +- lib/CMakeLists.txt | 10 + lib/atca_basic.c | 113 +++- lib/atca_basic.h | 32 +- lib/atca_compiler.h | 16 + lib/atca_device.h | 2 + lib/atca_version.h | 4 +- lib/crypto/atca_crypto_hw_aes.h | 23 + lib/crypto/atca_crypto_hw_aes_cbcmac.c | 161 +++++ lib/crypto/atca_crypto_hw_aes_ccm.c | 594 ++++++++++++++++++ lib/crypto/atca_crypto_sw.h | 13 + lib/crypto/atca_crypto_sw_sha2.c | 32 + lib/crypto/atca_crypto_sw_sha2.h | 2 +- lib/hal/atca_hal.h | 2 +- lib/hal/hal_i2c_start.c | 1 + lib/hal/hal_swi_uart.c | 5 +- lib/mbedtls/atca_mbedtls_wrap.c | 508 ++++++++++++++- lib/mbedtls/atca_mbedtls_wrap.h | 1 + lib/openssl/atca_openssl_interface.c | 266 +++++++- module.xml | 2 +- package.xml | 2 +- python/cryptoauthlib/atcab.py | 229 +++++++ python/tests/cryptoauthlib_mock.py | 188 ++++++ python/tests/test_atcab.py | 76 +++ release_notes.md | 16 + test/CMakeLists.txt | 5 +- test/api_atcab/atca_tests_aes_cbcmac.c | 95 +++ test/api_atcab/atca_tests_aes_ccm.c | 348 ++++++++++ test/api_atcab/atca_tests_aes_gcm.c | 2 +- test/api_atcab/atca_tests_sha.c | 2 +- test/api_talib/test_ecc_certificate_chain.c | 127 ---- test/api_talib/test_talib_aes.c | 244 ------- test/api_talib/test_talib_auth.c | 149 ----- test/api_talib/test_talib_config.c | 308 --------- test/api_talib/test_talib_counter.c | 135 ---- test/api_talib/test_talib_create.c | 263 -------- test/api_talib/test_talib_ecdh.c | 372 ----------- test/api_talib/test_talib_export_import.c | 349 ---------- test/api_talib/test_talib_genkey.c | 203 ------ test/api_talib/test_talib_info.c | 211 ------- test/api_talib/test_talib_kdf.c | 501 --------------- test/api_talib/test_talib_mac.c | 61 -- test/api_talib/test_talib_managecert.c | 221 ------- test/api_talib/test_talib_power.c | 99 --- test/api_talib/test_talib_random.c | 78 --- test/api_talib/test_talib_rsa_enc.c | 175 ------ test/api_talib/test_talib_secureboot.c | 287 --------- test/api_talib/test_talib_selftest.c | 36 -- test/api_talib/test_talib_sha.c | 168 ----- test/api_talib/test_talib_sign.c | 332 ---------- test/api_talib/test_talib_verify.c | 128 ---- test/api_talib/test_talib_write.c | 284 --------- test/atca_crypto_sw_tests.c | 209 +++++- test/atca_crypto_sw_tests.h | 6 + test/atca_test.c | 2 + test/atca_test.h | 2 + test/atca_test_config.c | 5 + test/vectors/aes_cmac_nist_vectors.c | 28 +- test/vectors/aes_cmac_nist_vectors.h | 27 +- test/vectors/aes_gcm_nist_vectors.c | 27 +- test/vectors/ecdh_nist_vectors.c | 188 ++++++ .../ecdh_nist_vectors.h} | 34 +- test/vectors/ecdsa_nist_vectors.c | 202 ++++++ .../ecdsa_nist_vectors.h} | 37 +- 64 files changed, 3421 insertions(+), 4831 deletions(-) create mode 100644 lib/crypto/atca_crypto_hw_aes_cbcmac.c create mode 100644 lib/crypto/atca_crypto_hw_aes_ccm.c create mode 100644 test/api_atcab/atca_tests_aes_cbcmac.c create mode 100644 test/api_atcab/atca_tests_aes_ccm.c delete mode 100644 test/api_talib/test_ecc_certificate_chain.c delete mode 100644 test/api_talib/test_talib_aes.c delete mode 100644 test/api_talib/test_talib_auth.c delete mode 100644 test/api_talib/test_talib_config.c delete mode 100644 test/api_talib/test_talib_counter.c delete mode 100644 test/api_talib/test_talib_create.c delete mode 100644 test/api_talib/test_talib_ecdh.c delete mode 100644 test/api_talib/test_talib_export_import.c delete mode 100644 test/api_talib/test_talib_genkey.c delete mode 100644 test/api_talib/test_talib_info.c delete mode 100644 test/api_talib/test_talib_kdf.c delete mode 100644 test/api_talib/test_talib_mac.c delete mode 100644 test/api_talib/test_talib_managecert.c delete mode 100644 test/api_talib/test_talib_power.c delete mode 100644 test/api_talib/test_talib_random.c delete mode 100644 test/api_talib/test_talib_rsa_enc.c delete mode 100644 test/api_talib/test_talib_secureboot.c delete mode 100644 test/api_talib/test_talib_selftest.c delete mode 100644 test/api_talib/test_talib_sha.c delete mode 100644 test/api_talib/test_talib_sign.c delete mode 100644 test/api_talib/test_talib_verify.c delete mode 100644 test/api_talib/test_talib_write.c create mode 100644 test/vectors/ecdh_nist_vectors.c rename test/{api_talib/test_ecc_certificate_chain.h => vectors/ecdh_nist_vectors.h} (71%) create mode 100644 test/vectors/ecdsa_nist_vectors.c rename test/{api_talib/test_talib.h => vectors/ecdsa_nist_vectors.h} (69%) diff --git a/CMakeLists.txt b/CMakeLists.txt index 00e8caecc..00963e5d6 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -2,10 +2,10 @@ cmake_minimum_required(VERSION 2.6.4) project (cryptoauthlib) # Set the current release version -set(VERSION "3.2.4") +set(VERSION "3.2.5") set(VERSION_MAJOR 3) set(VERSION_MINOR 2) -set(VERSION_PATCH 4) +set(VERSION_PATCH 5) # Build Options option(BUILD_TESTS "Create Test Application with library" OFF) diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt index c574d9fbb..39427b58f 100644 --- a/lib/CMakeLists.txt +++ b/lib/CMakeLists.txt @@ -97,6 +97,9 @@ execute_process(COMMAND ${CMAKE_COMMAND} --build . file(GLOB MBEDTLS_LIB_SRC RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} "../third_party/mbedtls/library/*.c") add_library(mbedtls STATIC ${MBEDTLS_LIB_SRC}) target_compile_definitions(mbedtls PUBLIC -DMBEDTLS_CMAC_C) +if(NOT WIN32) +target_compile_options(mbedtls PRIVATE -fPIC) +endif() include_directories(mbedtls PRIVATE ${CMAKE_CURRENT_SOURCE_DIR} ${CMAKE_CURRENT_SOURCE_DIR}/../third_party/mbedtls/include) endif() @@ -326,11 +329,18 @@ target_link_libraries(cryptoauth rt) endif(LINUX) if(DEFAULT_LIB_PATH) +if(${CMAKE_VERSION} VERSION_GREATER "3.12.0") install(TARGETS ${PROJECT_NAME} LIBRARY DESTINATION ${DEFAULT_LIB_PATH} COMPONENT Libraries NAMELINK_COMPONENT Development) +else() +install(TARGETS ${PROJECT_NAME} + LIBRARY + DESTINATION ${DEFAULT_LIB_PATH} + COMPONENT Libraries) +endif() endif(DEFAULT_LIB_PATH) if(DEFAULT_INC_PATH) diff --git a/lib/atca_basic.c b/lib/atca_basic.c index 625da032d..015a3121b 100644 --- a/lib/atca_basic.c +++ b/lib/atca_basic.c @@ -1260,21 +1260,21 @@ ATCA_STATUS atcab_genkey(uint16_t key_id, uint8_t* public_key) * * \return ATCA_SUCCESS on success, otherwise an error code. */ -ATCA_STATUS atcab_get_pubkey(uint16_t key_id, uint8_t* public_key) +ATCA_STATUS atcab_get_pubkey_ext(ATCADevice device, uint16_t key_id, uint8_t* public_key) { ATCA_STATUS status = ATCA_UNIMPLEMENTED; - ATCADeviceType dev_type = atcab_get_device_type(); + ATCADeviceType dev_type = atcab_get_device_type_ext(device); if (atcab_is_ca_device(dev_type)) { #if ATCA_CA_SUPPORT - status = calib_get_pubkey(_gDevice, key_id, public_key); + status = calib_get_pubkey(device, key_id, public_key); #endif } else if (atcab_is_ta_device(dev_type)) { #if ATCA_TA_SUPPORT - status = talib_get_pubkey_compat(_gDevice, key_id, public_key); + status = talib_get_pubkey_compat(device, key_id, public_key); #endif } else @@ -1284,6 +1284,22 @@ ATCA_STATUS atcab_get_pubkey(uint16_t key_id, uint8_t* public_key) return status; } +/** \brief Uses GenKey command to calculate the public key from an existing + * private key in a slot. + * + * \param[in] key_id Slot number of the private key. + * \param[out] public_key Public key will be returned here. Format will be + * the X and Y integers in big-endian format. + * 64 bytes for P256 curve. Set to NULL if public key + * isn't required. + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcab_get_pubkey(uint16_t key_id, uint8_t* public_key) +{ + return atcab_get_pubkey_ext(_gDevice, key_id, public_key); +} + // HMAC command functions /** \brief Issues a HMAC command, which computes an HMAC/SHA-256 digest of a @@ -3097,6 +3113,7 @@ ATCA_STATUS atcab_sign_base(uint8_t mode, uint16_t key_id, uint8_t* signature) * will be loaded into the Message Digest Buffer to the * ATECC608 device or TempKey for other devices. * + * \param[in] device Device context pointer * \param[in] key_id Slot of the private key to be used to sign the * message. * \param[in] msg 32-byte message to be signed. Typically the SHA256 @@ -3107,10 +3124,10 @@ ATCA_STATUS atcab_sign_base(uint8_t mode, uint16_t key_id, uint8_t* signature) * * \return ATCA_SUCCESS on success, otherwise an error code. */ -ATCA_STATUS atcab_sign(uint16_t key_id, const uint8_t* msg, uint8_t* signature) +ATCA_STATUS atcab_sign_ext(ATCADevice device, uint16_t key_id, const uint8_t* msg, uint8_t* signature) { ATCA_STATUS status = ATCA_UNIMPLEMENTED; - ATCADeviceType dev_type = atcab_get_device_type(); + ATCADeviceType dev_type = atcab_get_device_type_ext(device); if (atcab_is_ca_device(dev_type)) { @@ -3131,6 +3148,26 @@ ATCA_STATUS atcab_sign(uint16_t key_id, const uint8_t* msg, uint8_t* signature) return status; } +/** \brief Executes Sign command, to sign a 32-byte external message using the + * private key in the specified slot. The message to be signed + * will be loaded into the Message Digest Buffer to the + * ATECC608 device or TempKey for other devices. + * + * \param[in] key_id Slot of the private key to be used to sign the + * message. + * \param[in] msg 32-byte message to be signed. Typically the SHA256 + * hash of the full message. + * \param[out] signature Signature will be returned here. Format is R and S + * integers in big-endian format. 64 bytes for P256 + * curve. + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcab_sign(uint16_t key_id, const uint8_t* msg, uint8_t* signature) +{ + return atcab_sign_ext(_gDevice, key_id, msg, signature); +} + /** \brief Executes Sign command to sign an internally generated message. * * \param[in] key_id Slot of the private key to be used to sign the @@ -3264,6 +3301,7 @@ ATCA_STATUS atcab_verify(uint8_t mode, uint16_t key_id, const uint8_t* signature * the Message Digest Buffer to the ATECC608 device or TempKey for * other devices. * + * \param[in] device Device context pointer * \param[in] message 32 byte message to be verified. Typically * the SHA256 hash of the full message. * \param[in] signature Signature to be verified. R and S integers in @@ -3277,21 +3315,21 @@ ATCA_STATUS atcab_verify(uint8_t mode, uint16_t key_id, const uint8_t* signature * \return ATCA_SUCCESS on verification success or failure, because the * command still completed successfully. */ -ATCA_STATUS atcab_verify_extern(const uint8_t* message, const uint8_t* signature, const uint8_t* public_key, bool* is_verified) +ATCA_STATUS atcab_verify_extern_ext(ATCADevice device, const uint8_t* message, const uint8_t* signature, const uint8_t* public_key, bool* is_verified) { ATCA_STATUS status = ATCA_UNIMPLEMENTED; - ATCADeviceType dev_type = atcab_get_device_type(); + ATCADeviceType dev_type = atcab_get_device_type_ext(device); if (atcab_is_ca_device(dev_type)) { #ifdef ATCA_ECC_SUPPORT - status = calib_verify_extern(_gDevice, message, signature, public_key, is_verified); + status = calib_verify_extern(device, message, signature, public_key, is_verified); #endif } else if (atcab_is_ta_device(dev_type)) { #if ATCA_TA_SUPPORT - status = talib_verify_extern_compat(_gDevice, message, signature, public_key, is_verified); + status = talib_verify_extern_compat(device, message, signature, public_key, is_verified); #endif } else @@ -3301,6 +3339,30 @@ ATCA_STATUS atcab_verify_extern(const uint8_t* message, const uint8_t* signature return status; } +/** \brief Executes the Verify command, which verifies a signature (ECDSA + * verify operation) with all components (message, signature, and + * public key) supplied. The message to be signed will be loaded into + * the Message Digest Buffer to the ATECC608 device or TempKey for + * other devices. + * + * \param[in] message 32 byte message to be verified. Typically + * the SHA256 hash of the full message. + * \param[in] signature Signature to be verified. R and S integers in + * big-endian format. 64 bytes for P256 curve. + * \param[in] public_key The public key to be used for verification. X and + * Y integers in big-endian format. 64 bytes for + * P256 curve. + * \param[out] is_verified Boolean whether or not the message, signature, + * public key verified. + * + * \return ATCA_SUCCESS on verification success or failure, because the + * command still completed successfully. + */ +ATCA_STATUS atcab_verify_extern(const uint8_t* message, const uint8_t* signature, const uint8_t* public_key, bool* is_verified) +{ + return atcab_verify_extern_ext(_gDevice, message, signature, public_key, is_verified); +} + /** \brief Executes the Verify command with verification MAC, which verifies a * signature (ECDSA verify operation) with all components (message, * signature, and public key) supplied. This function is only available @@ -3349,6 +3411,7 @@ ATCA_STATUS atcab_verify_extern_mac(const uint8_t* message, const uint8_t* signa * message to be signed will be loaded into the Message Digest Buffer * to the ATECC608 device or TempKey for other devices. * + * \param[in] device Device context pointer * \param[in] message 32 byte message to be verified. Typically * the SHA256 hash of the full message. * \param[in] signature Signature to be verified. R and S integers in @@ -3361,21 +3424,21 @@ ATCA_STATUS atcab_verify_extern_mac(const uint8_t* message, const uint8_t* signa * \return ATCA_SUCCESS on verification success or failure, because the * command still completed successfully. */ -ATCA_STATUS atcab_verify_stored(const uint8_t* message, const uint8_t* signature, uint16_t key_id, bool* is_verified) +ATCA_STATUS atcab_verify_stored_ext(ATCADevice device, const uint8_t* message, const uint8_t* signature, uint16_t key_id, bool* is_verified) { ATCA_STATUS status = ATCA_UNIMPLEMENTED; - ATCADeviceType dev_type = atcab_get_device_type(); + ATCADeviceType dev_type = atcab_get_device_type_ext(device); if (atcab_is_ca_device(dev_type)) { #ifdef ATCA_ECC_SUPPORT - status = calib_verify_stored(_gDevice, message, signature, key_id, is_verified); + status = calib_verify_stored(device, message, signature, key_id, is_verified); #endif } else if (atcab_is_ta_device(dev_type)) { #if ATCA_TA_SUPPORT - status = talib_verify_stored_compat(_gDevice, message, signature, key_id, is_verified); + status = talib_verify_stored_compat(device, message, signature, key_id, is_verified); #endif } else @@ -3385,6 +3448,28 @@ ATCA_STATUS atcab_verify_stored(const uint8_t* message, const uint8_t* signature return status; } +/** \brief Executes the Verify command, which verifies a signature (ECDSA + * verify operation) with a public key stored in the device. The + * message to be signed will be loaded into the Message Digest Buffer + * to the ATECC608 device or TempKey for other devices. + * + * \param[in] message 32 byte message to be verified. Typically + * the SHA256 hash of the full message. + * \param[in] signature Signature to be verified. R and S integers in + * big-endian format. 64 bytes for P256 curve. + * \param[in] key_id Slot containing the public key to be used in the + * verification. + * \param[out] is_verified Boolean whether or not the message, signature, + * public key verified. + * + * \return ATCA_SUCCESS on verification success or failure, because the + * command still completed successfully. + */ +ATCA_STATUS atcab_verify_stored(const uint8_t* message, const uint8_t* signature, uint16_t key_id, bool* is_verified) +{ + return atcab_verify_stored_ext(_gDevice, message, signature, key_id, is_verified); +} + /** \brief Executes the Verify command with verification MAC, which verifies a * signature (ECDSA verify operation) with a public key stored in the * device. This function is only available on the ATECC608. diff --git a/lib/atca_basic.h b/lib/atca_basic.h index 568f323b9..1d93aa8f5 100644 --- a/lib/atca_basic.h +++ b/lib/atca_basic.h @@ -70,10 +70,14 @@ bool atcab_is_ta_device(ATCADeviceType dev_type); #include "crypto/atca_crypto_hw_aes.h" ATCA_STATUS atcab_aes_cbc_init_ext(ATCADevice device, atca_aes_cbc_ctx_t* ctx, uint16_t key_id, uint8_t key_block, const uint8_t* iv); ATCA_STATUS atcab_aes_cbc_init(atca_aes_cbc_ctx_t* ctx, uint16_t key_id, uint8_t key_block, const uint8_t* iv); -ATCA_STATUS atcab_aes_cbc_encrypt_block_ext(atca_aes_cbc_ctx_t* ctx, const uint8_t* plaintext, uint8_t* ciphertext); ATCA_STATUS atcab_aes_cbc_encrypt_block(atca_aes_cbc_ctx_t* ctx, const uint8_t* plaintext, uint8_t* ciphertext); ATCA_STATUS atcab_aes_cbc_decrypt_block(atca_aes_cbc_ctx_t* ctx, const uint8_t* ciphertext, uint8_t* plaintext); +ATCA_STATUS atcab_aes_cbcmac_init_ext(ATCADevice device, atca_aes_cbcmac_ctx_t* ctx, uint16_t key_id, uint8_t key_block); +ATCA_STATUS atcab_aes_cbcmac_init(atca_aes_cbcmac_ctx_t* ctx, uint16_t key_id, uint8_t key_block); +ATCA_STATUS atcab_aes_cbcmac_update(atca_aes_cbcmac_ctx_t* ctx, const uint8_t* data, uint32_t data_size); +ATCA_STATUS atcab_aes_cbcmac_finish(atca_aes_cbcmac_ctx_t* ctx, uint8_t* mac, uint32_t mac_size); + ATCA_STATUS atcab_aes_cmac_init_ext(ATCADevice device, atca_aes_cmac_ctx_t* ctx, uint16_t key_id, uint8_t key_block); ATCA_STATUS atcab_aes_cmac_init(atca_aes_cmac_ctx_t* ctx, uint16_t key_id, uint8_t key_block); ATCA_STATUS atcab_aes_cmac_update(atca_aes_cmac_ctx_t* ctx, const uint8_t* data, uint32_t data_size); @@ -88,7 +92,21 @@ ATCA_STATUS atcab_aes_ctr_encrypt_block(atca_aes_ctr_ctx_t* ctx, const uint8_t* ATCA_STATUS atcab_aes_ctr_decrypt_block(atca_aes_ctr_ctx_t* ctx, const uint8_t* ciphertext, uint8_t* plaintext); ATCA_STATUS atcab_aes_ctr_increment(atca_aes_ctr_ctx_t* ctx); +ATCA_STATUS atcab_aes_ccm_init_ext(ATCADevice device, atca_aes_ccm_ctx_t* ctx, uint16_t key_id, uint8_t key_block, uint8_t* iv, size_t iv_size, size_t aad_size, size_t text_size, size_t tag_size); +ATCA_STATUS atcab_aes_ccm_init(atca_aes_ccm_ctx_t* ctx, uint16_t key_id, uint8_t key_block, uint8_t* iv, size_t iv_size, size_t aad_size, size_t text_size, size_t tag_size); +ATCA_STATUS atcab_aes_ccm_init_rand_ext(ATCADevice device, atca_aes_ccm_ctx_t* ctx, uint16_t key_id, uint8_t key_block, uint8_t* iv, size_t iv_size, size_t aad_size, size_t text_size, size_t tag_size); +ATCA_STATUS atcab_aes_ccm_init_rand(atca_aes_ccm_ctx_t* ctx, uint16_t key_id, uint8_t key_block, uint8_t* iv, size_t iv_size, size_t aad_size, size_t text_size, size_t tag_size); +ATCA_STATUS atcab_aes_ccm_aad_update(atca_aes_ccm_ctx_t* ctx, const uint8_t* aad, size_t aad_size); +ATCA_STATUS atcab_aes_ccm_aad_finish(atca_aes_ccm_ctx_t* ctx); +ATCA_STATUS atcab_aes_ccm_encrypt_update(atca_aes_ccm_ctx_t* ctx, const uint8_t* plaintext, uint32_t plaintext_size, uint8_t* ciphertext); +ATCA_STATUS atcab_aes_ccm_decrypt_update(atca_aes_ccm_ctx_t* ctx, const uint8_t* ciphertext, uint32_t ciphertext_size, uint8_t* plaintext); +ATCA_STATUS atcab_aes_ccm_encrypt_finish(atca_aes_ccm_ctx_t* ctx, uint8_t* tag, uint8_t* tag_size); +ATCA_STATUS atcab_aes_ccm_decrypt_finish(atca_aes_ccm_ctx_t* ctx, const uint8_t* tag, bool* is_verified); + + + #if ATCA_CA_SUPPORT && !ATCA_TA_SUPPORT && !defined(ATCA_USE_ATCAB_FUNCTIONS) + #define atcab_wakeup() calib_wakeup(_gDevice) #define atcab_idle() calib_idle(_gDevice) #define atcab_sleep() calib_sleep(_gDevice) @@ -138,6 +156,7 @@ ATCA_STATUS atcab_aes_ctr_increment(atca_aes_ctr_ctx_t* ctx); #define atcab_genkey_base(...) calib_genkey_base(_gDevice, __VA_ARGS__) #define atcab_genkey(...) calib_genkey(_gDevice, __VA_ARGS__) #define atcab_get_pubkey(...) calib_get_pubkey(_gDevice, __VA_ARGS__) +#define atcab_get_pubkey_ext calib_get_pubkey // HMAC command functions #define atcab_hmac(...) calib_hmac(_gDevice, __VA_ARGS__) @@ -221,6 +240,7 @@ ATCA_STATUS atcab_aes_ctr_increment(atca_aes_ctr_ctx_t* ctx); // Sign command functions #define atcab_sign_base(...) calib_sign_base(_gDevice, __VA_ARGS__) #define atcab_sign(...) calib_sign(_gDevice, __VA_ARGS__) +#define atcab_sign_ext calib_sign #define atcab_sign_internal(...) calib_sign_internal(_gDevice, __VA_ARGS__) // UpdateExtra command functions @@ -229,8 +249,10 @@ ATCA_STATUS atcab_aes_ctr_increment(atca_aes_ctr_ctx_t* ctx); // Verify command functions #define atcab_verify(...) calib_verify(_gDevice, __VA_ARGS__) #define atcab_verify_extern(...) calib_verify_extern(_gDevice, __VA_ARGS__) +#define atcab_verify_extern_ext calib_verify_extern #define atcab_verify_extern_mac(...) calib_verify_extern_mac(_gDevice, __VA_ARGS__) #define atcab_verify_stored(...) calib_verify_stored(_gDevice, __VA_ARGS__) +#define atcab_verify_stored_ext calib_verify_stored #define atcab_verify_stored_mac(...) calib_verify_stored_mac(_gDevice, __VA_ARGS__) #define atcab_verify_validate(...) calib_verify_validate(_gDevice, __VA_ARGS__) #define atcab_verify_invalidate(...) calib_verify_invalidate(_gDevice, __VA_ARGS__) @@ -296,6 +318,7 @@ ATCA_STATUS atcab_aes_ctr_increment(atca_aes_ctr_ctx_t* ctx); #define atcab_genkey_base(...) (ATCA_UNIMPLEMENTED) #define atcab_genkey(...) talib_genkey_compat(_gDevice, __VA_ARGS__) #define atcab_get_pubkey(...) talib_get_pubkey_compat(_gDevice, __VA_ARGS__) +#define atcab_get_pubkey_ext talib_get_pubkey_compat // HMAC command functions #define atcab_hmac(...) (ATCA_UNIMPLEMENTED) @@ -380,6 +403,7 @@ ATCA_STATUS atcab_aes_ctr_increment(atca_aes_ctr_ctx_t* ctx); // Sign command functions #define atcab_sign_base(...) (1) #define atcab_sign(...) talib_sign_compat(_gDevice, __VA_ARGS__) +#define atcab_sign_ext talib_sign_compat #define atcab_sign_internal(...) (1) // UpdateExtra command functions @@ -388,8 +412,10 @@ ATCA_STATUS atcab_aes_ctr_increment(atca_aes_ctr_ctx_t* ctx); // Verify command functions #define atcab_verify(...) (1) #define atcab_verify_extern(...) talib_verify_extern_compat(_gDevice, __VA_ARGS__) +#define atcab_verify_extern_ext talib_verify_extern_compat #define atcab_verify_extern_mac(...) (ATCA_UNIMPLEMENTED) #define atcab_verify_stored(...) talib_verify_stored_compat(_gDevice, __VA_ARGS__) +#define atcab_verify_stored_ext talib_verify_stored_compat #define atcab_verify_stored_mac(...) (ATCA_UNIMPLEMENTED) #define atcab_verify_validate(...) (ATCA_UNIMPLEMENTED) #define atcab_verify_invalidate(...) (ATCA_UNIMPLEMENTED) @@ -466,6 +492,7 @@ ATCA_STATUS atcab_gendig(uint8_t zone, uint16_t key_id, const uint8_t* other_dat ATCA_STATUS atcab_genkey_base(uint8_t mode, uint16_t key_id, const uint8_t* other_data, uint8_t* public_key); ATCA_STATUS atcab_genkey(uint16_t key_id, uint8_t* public_key); ATCA_STATUS atcab_get_pubkey(uint16_t key_id, uint8_t* public_key); +ATCA_STATUS atcab_get_pubkey_ext(ATCADevice device, uint16_t key_id, uint8_t* public_key); // HMAC command functions ATCA_STATUS atcab_hmac(uint8_t mode, uint16_t key_id, uint8_t* digest); @@ -558,6 +585,7 @@ ATCA_STATUS atcab_sha_hmac(const uint8_t* data, size_t data_size, uint16_t key_s /* Sign command */ ATCA_STATUS atcab_sign_base(uint8_t mode, uint16_t key_id, uint8_t* signature); ATCA_STATUS atcab_sign(uint16_t key_id, const uint8_t* msg, uint8_t* signature); +ATCA_STATUS atcab_sign_ext(ATCADevice device, uint16_t key_id, const uint8_t* msg, uint8_t* signature); ATCA_STATUS atcab_sign_internal(uint16_t key_id, bool is_invalidate, bool is_full_sn, uint8_t* signature); /* UpdateExtra command */ @@ -566,8 +594,10 @@ ATCA_STATUS atcab_updateextra(uint8_t mode, uint16_t new_value); /* Verify command */ ATCA_STATUS atcab_verify(uint8_t mode, uint16_t key_id, const uint8_t* signature, const uint8_t* public_key, const uint8_t* other_data, uint8_t* mac); ATCA_STATUS atcab_verify_extern(const uint8_t* message, const uint8_t* signature, const uint8_t* public_key, bool* is_verified); +ATCA_STATUS atcab_verify_extern_ext(ATCADevice device, const uint8_t* message, const uint8_t* signature, const uint8_t* public_key, bool* is_verified); ATCA_STATUS atcab_verify_extern_mac(const uint8_t* message, const uint8_t* signature, const uint8_t* public_key, const uint8_t* num_in, const uint8_t* io_key, bool* is_verified); ATCA_STATUS atcab_verify_stored(const uint8_t* message, const uint8_t* signature, uint16_t key_id, bool* is_verified); +ATCA_STATUS atcab_verify_stored_ext(ATCADevice device, const uint8_t* message, const uint8_t* signature, uint16_t key_id, bool* is_verified); ATCA_STATUS atcab_verify_stored_mac(const uint8_t* message, const uint8_t* signature, uint16_t key_id, const uint8_t* num_in, const uint8_t* io_key, bool* is_verified); ATCA_STATUS atcab_verify_validate(uint16_t key_id, const uint8_t* signature, const uint8_t* other_data, bool* is_verified); diff --git a/lib/atca_compiler.h b/lib/atca_compiler.h index fc82d9cbc..7242d74db 100644 --- a/lib/atca_compiler.h +++ b/lib/atca_compiler.h @@ -59,6 +59,22 @@ #define SHARED_LIB_IMPORT extern #endif +#elif defined(__XC8) || defined(__XC16) +/* Microchip XC8 and XC16 Compilers ------------------------- */ +#define SIZE_MAX 65535 + +#define ATCA_UINT16_HOST_TO_LE(x) (x) +#define ATCA_UINT16_LE_TO_HOST(x) (x) +#define ATCA_UINT32_HOST_TO_LE(x) (x) +#define ATCA_UINT16_HOST_TO_BE(x) ((((x) & 0x00FF) << 8) | (((x) & 0xFF00) >> 8)) +#define ATCA_UINT16_BE_TO_HOST(x) ((((x) & 0x00FF) << 8) | (((x) & 0xFF00) >> 8)) +#define ATCA_UINT32_HOST_TO_BE(x) ((((x) & 0x000000FF) << 24) | (((x) & 0x0000FF00) << 8) | (((x) & 0x00FF0000) >> 8) | (((x) & 0xFF000000) >> 24)) +#define ATCA_UINT32_BE_TO_HOST(x) ((((x) & 0x000000FF) << 24) | (((x) & 0x0000FF00) << 8) | (((x) & 0x00FF0000) >> 8) | (((x) & 0xFF000000) >> 24)) +#define ATCA_UINT64_HOST_TO_BE(x) ((uint64_t)ATCA_UINT32_HOST_TO_BE((uint32_t)(x)) << 32 + (uint64_t)ATCA_UINT32_HOST_TO_BE((uint32_t)((x) >> 32))) +#define ATCA_UINT64_BE_TO_HOST(x) ((uint64_t)ATCA_UINT32_BE_TO_HOST((uint32_t)(x)) << 32 + (uint64_t)ATCA_UINT32_BE_TO_HOST((uint32_t)((x) >> 32))) +#define SHARED_LIB_EXPORT +#define SHARED_LIB_IMPORT extern + //#elif defined(__ICC) || defined(__INTEL_COMPILER) /* Intel ICC/ICPC. ------------------------------------------ */ diff --git a/lib/atca_device.h b/lib/atca_device.h index a0600e3d1..d52c543b5 100644 --- a/lib/atca_device.h +++ b/lib/atca_device.h @@ -144,6 +144,8 @@ struct atca_device uint16_t session_key_id; /**< Key ID used for a secure sesison */ uint8_t* session_key; /**< Session Key */ uint8_t session_key_len; /**< Length of key used for the session in bytes */ + + uint16_t options; /**< Nested command details parameter */ }; typedef struct atca_device * ATCADevice; diff --git a/lib/atca_version.h b/lib/atca_version.h index cb4fc3047..893bb4f9b 100644 --- a/lib/atca_version.h +++ b/lib/atca_version.h @@ -30,9 +30,9 @@ #define _ATCA_VERSION_H // Version format yyyymmdd -#define ATCA_LIBRARY_VERSION_DATE "20201017" +#define ATCA_LIBRARY_VERSION_DATE "20201130" #define ATCA_LIBRARY_VERSION_MAJOR 3 #define ATCA_LIBRARY_VERSION_MINOR 2 -#define ATCA_LIBRARY_VERSION_BUILD 4 +#define ATCA_LIBRARY_VERSION_BUILD 5 #endif /* _ATCA_VERSION_H */ diff --git a/lib/crypto/atca_crypto_hw_aes.h b/lib/crypto/atca_crypto_hw_aes.h index aa78c33da..99f9d525a 100644 --- a/lib/crypto/atca_crypto_hw_aes.h +++ b/lib/crypto/atca_crypto_hw_aes.h @@ -57,5 +57,28 @@ typedef struct atca_aes_ctr_ctx }atca_aes_ctr_ctx_t; +typedef struct atca_aes_cbcmac_ctx +{ + atca_aes_cbc_ctx_t cbc_ctx; //!< CBC context + uint8_t block_size; //!< Number of bytes in unprocessed block. + uint8_t block[ATCA_AES128_BLOCK_SIZE]; //!< Unprocessed message storage. +} atca_aes_cbcmac_ctx_t; + + +typedef struct atca_aes_ccm_ctx +{ + atca_aes_cbcmac_ctx_t cbc_mac_ctx; //!< CBC_MAC context + atca_aes_ctr_ctx_t ctr_ctx; //!< CTR context + uint8_t iv_size; //!< iv size + uint8_t M; //!< Tag size + uint8_t counter[ATCA_AES128_BLOCK_SIZE]; //!< Initial counter value + uint8_t partial_aad[ATCA_AES128_BLOCK_SIZE]; //!< Partial blocks of data waiting to be processed + size_t partial_aad_size; //!< Amount of data in the partial block buffer + size_t text_size; //!< Size of data to be processed + uint8_t enc_cb[ATCA_AES128_BLOCK_SIZE]; //!< Last encrypted counter block + uint32_t data_size; //!< Size of the data being encrypted/decrypted in bytes. + uint8_t ciphertext_block[ATCA_AES128_BLOCK_SIZE]; //!< Last ciphertext block +} atca_aes_ccm_ctx_t; + #endif diff --git a/lib/crypto/atca_crypto_hw_aes_cbcmac.c b/lib/crypto/atca_crypto_hw_aes_cbcmac.c new file mode 100644 index 000000000..a8f472bba --- /dev/null +++ b/lib/crypto/atca_crypto_hw_aes_cbcmac.c @@ -0,0 +1,161 @@ +/** + * \file + * \brief CryptoAuthLib Basic API methods for AES CBC_MAC mode. + * + * The AES command supports 128-bit AES encryption or decryption of small + * messages or data packets in ECB mode. Also can perform GFM (Galois Field + * Multiply) calculation in support of AES-GCM. + * + * \note List of devices that support this command - ATECC608A. Refer to device + * datasheet for full details. + * + * + * \copyright (c) 2015-2018 Microchip Technology Inc. and its subsidiaries. + * + * \page License + * + * Subject to your compliance with these terms, you may use Microchip software + * and any derivatives exclusively with Microchip products. It is your + * responsibility to comply with third party license terms applicable to your + * use of third party software (including open source software) that may + * accompany Microchip software. + * + * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER + * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED + * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A + * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, + * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE + * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF + * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE + * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL + * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED + * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR + * THIS SOFTWARE. + */ +#include "cryptoauthlib.h" + +/** \brief Initialize context for AES CBC-MAC operation. + * + * \param[in] ctx AES CBC-MAC context to be initialized + * \param[in] key_id Key location. Can either be a slot number or + * ATCA_TEMPKEY_KEYID for TempKey. + * \param[in] key_block Index of the 16-byte block to use within the key + * location for the actual key. + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcab_aes_cbcmac_init_ext(ATCADevice device, atca_aes_cbcmac_ctx_t* ctx, uint16_t key_id, uint8_t key_block) +{ + if (ctx == NULL) + { + return ATCA_BAD_PARAM; + } + + // Initializing the atca_aes_cbcmac_ctx_t structure, this will set the IV value to 0. + // IV value must be set to zero for CBC-MAC calculation + memset(ctx, 0, sizeof(*ctx)); + ctx->cbc_ctx.device = device; + ctx->cbc_ctx.key_id = key_id; + ctx->cbc_ctx.key_block = key_block; + + return ATCA_SUCCESS; +} + +/** \brief Initialize context for AES CBC-MAC operation. + * + * \param[in] ctx AES CBC-MAC context to be initialized + * \param[in] key_id Key location. Can either be a slot number or + * ATCA_TEMPKEY_KEYID for TempKey. + * \param[in] key_block Index of the 16-byte block to use within the key + * location for the actual key. + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcab_aes_cbcmac_init(atca_aes_cbcmac_ctx_t* ctx, uint16_t key_id, uint8_t key_block) +{ + return atcab_aes_cbcmac_init_ext(atcab_get_device(), ctx, key_id, key_block); +} + + +/** \brief Calculate AES CBC-MAC with key stored within ECC608A device. + * calib_aes_cbcmac_init() should be called before the first use of + * this function. + * + * \param[in] ctx AES CBC-MAC context structure. + * \param[in] data Data to be added for AES CBC-MAC calculation. + * \param[in] data_size Data length in bytes. + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcab_aes_cbcmac_update(atca_aes_cbcmac_ctx_t* ctx, const uint8_t* data, uint32_t data_size) +{ + ATCA_STATUS status = ATCA_SUCCESS; + size_t i; + uint8_t ciphertext[AES_DATA_SIZE]; + + if (data_size == 0) + { + // Nothing to do + return ATCA_SUCCESS; + } + + if (ctx == NULL || data == NULL) + { + return ATCA_BAD_PARAM; + } + + // Process full blocks of data with AES-CBC + for (i = 0; i < data_size / AES_DATA_SIZE; i++) + { + status = atcab_aes_cbc_encrypt_block(&ctx->cbc_ctx, &data[i * AES_DATA_SIZE], ciphertext); + if (status != ATCA_SUCCESS) + { + return status; + } + } + + // Store incomplete block to context structure + if ((i * AES_DATA_SIZE) < data_size) + { + memcpy(ctx->block, &data[i * AES_DATA_SIZE], data_size - i * AES_DATA_SIZE); + ctx->block_size = (uint8_t)(data_size - i * AES_DATA_SIZE); + } + else + { + ctx->block_size = 0; + } + + return ATCA_SUCCESS; +} + +/** \brief Finish a CBC-MAC operation returning the CBC-MAC value. If the data + * provided to the calib_aes_cbcmac_update() function has incomplete + * block this function will return an error code. + * + * \param[in] ctx AES-128 CBC-MAC context. + * \param[out] mac CBC-MAC is returned here. + * \param[in] mac_size Size of CBC-MAC requested in bytes (max 16 bytes). + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcab_aes_cbcmac_finish(atca_aes_cbcmac_ctx_t* ctx, uint8_t* mac, uint32_t mac_size) +{ + if (ctx == NULL || mac == NULL || mac_size > AES_DATA_SIZE) + { + return ATCA_BAD_PARAM; + } + + // Check for incomplete data block + if (ctx->block_size == 0) + { + // All processing is already done, copying the mac to result buffer + memcpy(mac, ctx->cbc_ctx.ciphertext, mac_size); + } + else + { + // Returns INVALID_SIZE if incomplete blocks are present + return ATCA_INVALID_SIZE; + } + + return ATCA_SUCCESS; +} \ No newline at end of file diff --git a/lib/crypto/atca_crypto_hw_aes_ccm.c b/lib/crypto/atca_crypto_hw_aes_ccm.c new file mode 100644 index 000000000..b3a52d4ca --- /dev/null +++ b/lib/crypto/atca_crypto_hw_aes_ccm.c @@ -0,0 +1,594 @@ +/** + * \file + * \brief CryptoAuthLib Basic API methods for AES CCM mode. + * + * The AES command supports 128-bit AES encryption or decryption of small + * messages or data packets in ECB mode. CCM mode provides security and + * authenticity to the message being processed. + * + * + * \note List of devices that support this command - ATECC608A. Refer to device + * datasheet for full details. + * + * + * \copyright (c) 2015-2018 Microchip Technology Inc. and its subsidiaries. + * + * \page License + * + * Subject to your compliance with these terms, you may use Microchip software + * and any derivatives exclusively with Microchip products. It is your + * responsibility to comply with third party license terms applicable to your + * use of third party software (including open source software) that may + * accompany Microchip software. + * + * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER + * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED + * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A + * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, + * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE + * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF + * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE + * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL + * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED + * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR + * THIS SOFTWARE. + */ + +#include "cryptoauthlib.h" + + +/** \brief Initialize context for AES CCM operation with an existing IV, which + * is common when starting a decrypt operation. + * + * \param[in] ctx AES CCM context to be initialized + * \param[in] key_id Key location. Can either be a slot number or + * ATCA_TEMPKEY_KEYID for TempKey. + * \param[in] key_block Index of the 16-byte block to use within the key + * location for the actual key. + * \param[in] iv Nonce to be fed into the AES CCM calculation. + * \param[in] iv_size Size of iv. + * \param[in] aad_size Size of Additional authtication data. + * \param[in] text_size Size of plaintext/ciphertext to be processed. + * \param[in] tag_size Prefered size of tag. + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcab_aes_ccm_init_ext(ATCADevice device, atca_aes_ccm_ctx_t* ctx, uint16_t key_id, uint8_t key_block, uint8_t* iv, size_t iv_size, size_t aad_size, size_t text_size, size_t tag_size) +{ + ATCA_STATUS status; + uint8_t M, L; + size_t i, size_left; + // First block B of 16 bytes consisting of flags, nonce and l(m). + uint8_t B[ATCA_AES128_BLOCK_SIZE]; + uint8_t counter[ATCA_AES128_BLOCK_SIZE]; + + if (ctx == NULL) + { + return ATCA_BAD_PARAM; + } + + // Length/nonce field specifications according to rfc3610. + if (iv == NULL || iv_size < 7 || iv_size > 13) + { + return ATCA_BAD_PARAM; + } + + // Auth field specifications according to rfc3610. + if (tag_size < 3 || tag_size > ATCA_AES128_BLOCK_SIZE || tag_size % 2 != 0) + { + return ATCA_BAD_PARAM; + } + + memset(ctx, 0, sizeof(*ctx)); + ctx->iv_size = (uint8_t)iv_size; + + // --------------------- Init sequence for authentication .......................// + // Encoding the number of bytes in auth field. + M = (uint8_t)(tag_size - 2) / 2; + // Encoding the number of bytes in length field. + L = (uint8_t)(ATCA_AES128_BLOCK_SIZE - iv_size - 1 - 1); + + // Store M value in ctx for later use. + ctx->M = M; + + /*---------------------- + Bit Number Contents + ---------- ---------------------- + 7 Reserved (always zero) + 6 Adata + 5 ... 3 M' + 2 ... 0 L' + -----------------------*/ + memset(B, 0, ATCA_AES128_BLOCK_SIZE); + // Formatting flag field + B[0] = L | (M << 3) | ((aad_size > 0) << 6); + + /*---------------------- + Octet Number Contents + ------------ --------- + 0 Flags + 1 ... 15-L Nonce N + 16-L ... 15 l(m) + -----------------------*/ + + // Copying the IV into the nonce field. + memcpy(&B[1], iv, iv_size); + + // Update length field in B0 block. + for (i = 0, size_left = text_size; i < (size_t)(L + 1); i++, size_left >>= 8) + { + B[15 - i] = (unsigned char)( size_left & 0xFF ); + } + + // Init CBC-MAC context + status = atcab_aes_cbcmac_init_ext(device, &ctx->cbc_mac_ctx, key_id, key_block); + if (status != ATCA_SUCCESS) + { + return status; + } + + // Processing initial block B0 through CBC-MAC. + status = atcab_aes_cbcmac_update(&ctx->cbc_mac_ctx, B, ATCA_AES128_BLOCK_SIZE); + if (status != ATCA_SUCCESS) + { + return status; + } + + // Loading AAD size in ctx buffer. + ctx->partial_aad[0] = (uint8_t)(aad_size >> 8) & 0xff; + ctx->partial_aad[1] = (uint8_t)(aad_size & 0xff); + ctx->partial_aad_size = 2; + + // --------------------- Init sequence for encryption/decryption .......................// + memset(counter, 0, ATCA_AES128_BLOCK_SIZE); + ctx->text_size = text_size; + + /*---------------------- + Bit Number Contents + ---------- ---------------------- + 7 Reserved (always zero) + 6 Reserved (always zero) + 5 ... 3 Zero + 2 ... 0 L' + -----------------------*/ + + // Updating Flags field + counter[0] = L; + /*---------------------- + Octet Number Contents + ------------ --------- + 0 Flags + 1 ... 15-L Nonce N + 16-L ... 15 Counter i + -----------------------*/ + // Formatting to get the initial counter value + memcpy(&counter[1], iv, iv_size); + memcpy(ctx->counter, counter, ATCA_AES128_BLOCK_SIZE); + + // Init CTR mode context with the counter value obtained from previous step. + status = atcab_aes_ctr_init_ext(device, &ctx->ctr_ctx, key_id, key_block, (uint8_t)(ATCA_AES128_BLOCK_SIZE - iv_size - 1), counter); + if (status != ATCA_SUCCESS) + { + return status; + } + + // Increment the counter to skip the first block, first will be later reused to get tag. + status = atcab_aes_ctr_increment(&ctx->ctr_ctx); + if (status != ATCA_SUCCESS) + { + return status; + } + + return ATCA_SUCCESS; +} + +/** \brief Initialize context for AES CCM operation with an existing IV, which + * is common when starting a decrypt operation. + * + * \param[in] ctx AES CCM context to be initialized + * \param[in] key_id Key location. Can either be a slot number or + * ATCA_TEMPKEY_KEYID for TempKey. + * \param[in] key_block Index of the 16-byte block to use within the key + * location for the actual key. + * \param[in] iv Nonce to be fed into the AES CCM calculation. + * \param[in] iv_size Size of iv. + * \param[in] aad_size Size of Additional authtication data. + * \param[in] text_size Size of plaintext/ciphertext to be processed. + * \param[in] tag_size Prefered size of tag. + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcab_aes_ccm_init(atca_aes_ccm_ctx_t* ctx, uint16_t key_id, uint8_t key_block, uint8_t* iv, size_t iv_size, size_t aad_size, size_t text_size, size_t tag_size) +{ + return atcab_aes_ccm_init_ext(atcab_get_device(), ctx, key_id, key_block, iv, iv_size, aad_size, text_size, tag_size); +} + +/** \brief Initialize context for AES CCM operation with a random nonce + * + * \param[in] ctx AES CCM context to be initialized + * \param[in] key_id Key location. Can either be a slot number or + * ATCA_TEMPKEY_KEYID for TempKey. + * \param[in] key_block Index of the 16-byte block to use within the key + * location for the actual key. + * \param[out] iv Nonce used for AES CCM calculation is returned here. + * \param[in] iv_size Size of iv. + * \param[in] aad_size Size of Additional authtication data. + * \param[in] text_size Size of plaintext/ciphertext to be processed. + * \param[in] tag_size Prefered size of tag. + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcab_aes_ccm_init_rand_ext(ATCADevice device, atca_aes_ccm_ctx_t* ctx, uint16_t key_id, uint8_t key_block, + uint8_t* iv, size_t iv_size, size_t aad_size, + size_t text_size, size_t tag_size) +{ + ATCA_STATUS status; + uint8_t random_nonce[32]; + + // Length/nonce field specifications according to rfc3610. + if (iv_size < 7 || iv_size > 13) + { + // Generating random number to feed into calib_aes_ccm_init function. + status = atcab_random_ext(device, random_nonce); + if (status != ATCA_SUCCESS) + { + return status; + } + memcpy(iv, random_nonce, iv_size); + } + + // Pass required data along with generated random number to calib_aes_ccm_init function + status = atcab_aes_ccm_init_ext(device, ctx, key_id, key_block, iv, iv_size, aad_size, text_size, tag_size); + if (status != ATCA_SUCCESS) + { + return status; + } + + return ATCA_SUCCESS; +} + +/** \brief Initialize context for AES CCM operation with a random nonce + * + * \param[in] ctx AES CCM context to be initialized + * \param[in] key_id Key location. Can either be a slot number or + * ATCA_TEMPKEY_KEYID for TempKey. + * \param[in] key_block Index of the 16-byte block to use within the key + * location for the actual key. + * \param[out] iv Nonce used for AES CCM calculation is returned here. + * \param[in] iv_size Size of iv. + * \param[in] aad_size Size of Additional authtication data. + * \param[in] text_size Size of plaintext/ciphertext to be processed. + * \param[in] tag_size Prefered size of tag. + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcab_aes_ccm_init_rand(atca_aes_ccm_ctx_t* ctx, uint16_t key_id, uint8_t key_block, + uint8_t* iv, size_t iv_size, size_t aad_size, + size_t text_size, size_t tag_size) +{ + return atcab_aes_ccm_init_rand_ext(atcab_get_device(), ctx, key_id, key_block, iv, iv_size, aad_size, text_size, tag_size); +} + +/** \brief Process Additional Authenticated Data (AAD) using CCM mode and a + * key within the ATECC608A device. + * + * This can be called multiple times. calib_aes_ccm_init() or + * calib_aes_ccm_init_rand() should be called before the first use of this + * function. When there is AAD to include, this should be called before + * calib_aes_ccm_encrypt_update() or calib_aes_ccm_decrypt_update(). + * + * \param[in] ctx AES CCM context + * \param[in] aad Additional authenticated data to be added + * \param[in] aad_size Size of aad in bytes + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcab_aes_ccm_aad_update(atca_aes_ccm_ctx_t* ctx, const uint8_t* aad, size_t aad_size) +{ + ATCA_STATUS status; + size_t block_count; + size_t rem_size; + size_t copy_size; + + if (aad_size == 0) + { + return ATCA_SUCCESS; + } + + if (ctx == NULL || aad == NULL) + { + return ATCA_BAD_PARAM; + } + + rem_size = ATCA_AES128_BLOCK_SIZE - ctx->partial_aad_size; + copy_size = aad_size > rem_size ? rem_size : aad_size; + + // Copy data into current block + memcpy(&ctx->partial_aad[ctx->partial_aad_size], aad, copy_size); + + if (ctx->partial_aad_size + aad_size < ATCA_AES128_BLOCK_SIZE) + { + // Not enough data to finish off the current block + ctx->partial_aad_size += aad_size; + return ATCA_SUCCESS; + } + + // Process the current block + if (ATCA_SUCCESS != (status = atcab_aes_cbcmac_update(&ctx->cbc_mac_ctx, ctx->partial_aad, ATCA_AES128_BLOCK_SIZE))) + { + return status; + } + + // Process any additional blocks + aad_size -= copy_size; // Adjust to the remaining aad bytes + block_count = aad_size / ATCA_AES128_BLOCK_SIZE; + if (block_count > 0) + { + if (ATCA_SUCCESS != (status = atcab_aes_cbcmac_update(&ctx->cbc_mac_ctx, &aad[copy_size], block_count * ATCA_AES128_BLOCK_SIZE))) + { + return status; + } + } + + // Save any remaining data + ctx->partial_aad_size = aad_size % ATCA_AES128_BLOCK_SIZE; + memcpy(ctx->partial_aad, &aad[copy_size + block_count * ATCA_AES128_BLOCK_SIZE], ctx->partial_aad_size); + + return ATCA_SUCCESS; +} + +/** \brief Finish processing Additional Authenticated Data (AAD) using CCM mode. + * + * This function is called once all additional authentication data has been + * added into ccm calculation through calib_aes_ccm_aad_update() function. + * + * This is an internal function, this function is called by the calib_aes_ccm_update() + * + * \param[in] ctx AES CCM context + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcab_aes_ccm_aad_finish(atca_aes_ccm_ctx_t* ctx) +{ + ATCA_STATUS status; + + if (ctx == NULL) + { + status = ATCA_TRACE(ATCA_BAD_PARAM, "Null pointer"); + } + + // Pad and process any incomplete aad data blocks + if (ctx->partial_aad_size > 0) + { + uint8_t buffer[ATCA_AES128_BLOCK_SIZE]; + memset(buffer, 0, ATCA_AES128_BLOCK_SIZE); + memcpy(buffer, ctx->partial_aad, ctx->partial_aad_size); + + status = atcab_aes_cbcmac_update(&ctx->cbc_mac_ctx, buffer, ATCA_AES128_BLOCK_SIZE); + if (status != ATCA_SUCCESS) + { + return status; + } + // Reset ctx partial aad size variable + ctx->partial_aad_size = 0; + } + + return ATCA_SUCCESS; +} + +/** \brief Process data using CCM mode and a key within the ATECC608A device. + * calib_aes_ccm_init() or calib_aes_ccm_init_rand() should be called + * before the first use of this function. + * + * \param[in] ctx AES CCM context structure. + * \param[in] input Data to be processed. + * \param[out] output Output data is returned here. + * \param[in] is_encrypt Encrypt operation if true, otherwise decrypt. + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +static ATCA_STATUS atcab_aes_ccm_update(atca_aes_ccm_ctx_t* ctx, const uint8_t* input, size_t input_size, uint8_t* output, bool is_encrypt) +{ + ATCA_STATUS status; + uint32_t data_idx; + uint32_t i; + + if (input_size == 0) + { + // Nothing to do + return ATCA_SUCCESS; + } + + if (ctx == NULL || input == NULL || output == NULL) + { + return ATCA_BAD_PARAM; + } + + status = atcab_aes_ccm_aad_finish(ctx); + if (status != ATCA_SUCCESS) + { + return status; + } + + data_idx = 0; + while (data_idx < input_size) + { + if (ctx->data_size % ATCA_AES128_BLOCK_SIZE == 0) + { + // Need to calculate next encrypted counter block + if (ATCA_SUCCESS != (status = atcab_aes_encrypt_ext(ctx->ctr_ctx.device, ctx->ctr_ctx.key_id, ctx->ctr_ctx.key_block, ctx->ctr_ctx.cb, ctx->enc_cb))) + { + ATCA_TRACE(status, "AES CCM CB encrypt failed"); + } + + // Increment counter + if (ATCA_SUCCESS != (status = atcab_aes_ctr_increment(&ctx->ctr_ctx))) + { + ATCA_TRACE(status, "AES CCM counter increment failed"); + } + } + + // Process data with current encrypted counter block + for (i = ctx->data_size % ATCA_AES128_BLOCK_SIZE; i < ATCA_AES128_BLOCK_SIZE && data_idx < input_size; i++, data_idx++) + { + output[data_idx] = input[data_idx] ^ ctx->enc_cb[i]; + // Save the current ciphertext block depending on whether this is an encrypt or decrypt operation + ctx->ciphertext_block[i] = is_encrypt ? input[data_idx] : output[data_idx]; + ctx->data_size += 1; + } + + if (ctx->data_size % ATCA_AES128_BLOCK_SIZE == 0) + { + // Adding data to CBC-MAC to calculate tag + status = atcab_aes_cbcmac_update(&ctx->cbc_mac_ctx, ctx->ciphertext_block, ATCA_AES128_BLOCK_SIZE); + if (status != ATCA_SUCCESS) + { + return status; + } + } + } + + return ATCA_SUCCESS; +} + +/** \brief Process data using CCM mode and a key within the ATECC608A device. + * calib_aes_ccm_init() or calib_aes_ccm_init_rand() should be called + * before the first use of this function. + * + * + * \param[in] ctx AES CCM context structure. + * \param[in] plaintext Data to be processed. + * \param[out] ciphertext Output data is returned here. + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcab_aes_ccm_encrypt_update(atca_aes_ccm_ctx_t* ctx, const uint8_t* plaintext, uint32_t plaintext_size, uint8_t* ciphertext) +{ + return atcab_aes_ccm_update(ctx, plaintext, plaintext_size, ciphertext, true); +} + +/** \brief Process data using CCM mode and a key within the ATECC608A device. + * calib_aes_ccm_init() or calib_aes_ccm_init_rand() should be called + * before the first use of this function. + * + * \param[in] ctx AES CCM context structure. + * \param[in] ciphertext Data to be processed. + * \param[out] plaintext Output data is returned here. + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcab_aes_ccm_decrypt_update(atca_aes_ccm_ctx_t* ctx, const uint8_t* ciphertext, uint32_t ciphertext_size, uint8_t* plaintext) +{ + return atcab_aes_ccm_update(ctx, ciphertext, ciphertext_size, plaintext, false); +} + +/** \brief Complete a CCM operation returning the authentication tag. + * + * \param[in] ctx AES CCM context structure. + * \param[out] tag Authentication tag is returned here. + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +static ATCA_STATUS atcab_aes_ccm_finish(atca_aes_ccm_ctx_t* ctx, uint8_t* tag) +{ + ATCA_STATUS status; + + uint8_t t[ATCA_AES128_BLOCK_SIZE]; + uint8_t u[ATCA_AES128_BLOCK_SIZE]; + uint8_t buffer[ATCA_AES128_BLOCK_SIZE]; + + memset(t, 0, ATCA_AES128_BLOCK_SIZE); + memset(u, 0, ATCA_AES128_BLOCK_SIZE); + memset(buffer, 0, ATCA_AES128_BLOCK_SIZE); + + if (ctx->data_size % ATCA_AES128_BLOCK_SIZE != 0) + { + memcpy(buffer, ctx->ciphertext_block, (ctx->data_size % ATCA_AES128_BLOCK_SIZE)); + + // Adding data to CBC-MAC to calculate tag + status = atcab_aes_cbcmac_update(&ctx->cbc_mac_ctx, buffer, ATCA_AES128_BLOCK_SIZE); + if (status != ATCA_SUCCESS) + { + return status; + } + } + + status = atcab_aes_cbcmac_finish(&ctx->cbc_mac_ctx, t, (ctx->M * 2) + 2); + if (status != ATCA_SUCCESS) + { + return status; + } + + // Init CTR mode context + status = atcab_aes_ctr_init_ext(ctx->cbc_mac_ctx.cbc_ctx.device, &ctx->ctr_ctx, ctx->ctr_ctx.key_id, ctx->ctr_ctx.key_block, ATCA_AES128_BLOCK_SIZE - ctx->iv_size, ctx->counter); + if (status != ATCA_SUCCESS) + { + return status; + } + + status = atcab_aes_ctr_block(&ctx->ctr_ctx, t, u); + if (status != ATCA_SUCCESS) + { + return status; + } + + memcpy(tag, (const void*)u, (ctx->M * 2) + 2); + + return ATCA_SUCCESS; +} + +/** \brief Complete a CCM encrypt operation returning the authentication tag. + * + * \param[in] ctx AES CCM context structure. + * \param[out] tag Authentication tag is returned here. + * \param[out] tag_size Tag size in bytes. + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcab_aes_ccm_encrypt_finish(atca_aes_ccm_ctx_t* ctx, uint8_t* tag, uint8_t *tag_size) +{ + ATCA_STATUS status; + + // Finish and get the tag + status = atcab_aes_ccm_finish(ctx, tag); + if (status != ATCA_SUCCESS) + { + return status; + } + + // Update tag size + *tag_size = (ctx->M * 2) + 2; + return ATCA_SUCCESS; +} + +/** \brief Complete a CCM decrypt operation authenticating provided tag. + * + * \param[in] ctx AES CCM context structure. + * \param[in] tag Tag to be authenticated. + * \param[out] is_verified Value is set to true if the tag is authenticated else + * the value is set to false. + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcab_aes_ccm_decrypt_finish(atca_aes_ccm_ctx_t* ctx, const uint8_t* tag, bool *is_verified) +{ + ATCA_STATUS status; + uint8_t t[ATCA_AES128_BLOCK_SIZE]; + + *is_verified = 0; + + // Finish and get the tag + status = atcab_aes_ccm_finish(ctx, t); + if (status != ATCA_SUCCESS) + { + return status; + } + + // Compare with the tag calculated. + if (memcmp(t, tag, (ctx->M * 2) + 2) == 0) + { + *is_verified = 1; + } + + return ATCA_SUCCESS; +} diff --git a/lib/crypto/atca_crypto_sw.h b/lib/crypto/atca_crypto_sw.h index 8ccfc9b76..29c8f6784 100644 --- a/lib/crypto/atca_crypto_sw.h +++ b/lib/crypto/atca_crypto_sw.h @@ -55,11 +55,13 @@ extern "C" { #include #include +#include typedef mbedtls_cipher_context_t atcac_aes_cmac_ctx; typedef mbedtls_md_context_t atcac_hmac_sha256_ctx; typedef mbedtls_cipher_context_t atcac_aes_gcm_ctx; typedef mbedtls_md_context_t atcac_sha1_ctx; typedef mbedtls_md_context_t atcac_sha2_256_ctx; +typedef mbedtls_pk_context atcac_pk_ctx; #elif defined(ATCA_OPENSSL) typedef struct @@ -71,6 +73,7 @@ typedef atca_evp_ctx atcac_sha1_ctx; typedef atca_evp_ctx atcac_sha2_256_ctx; typedef atca_evp_ctx atcac_aes_cmac_ctx; typedef atca_evp_ctx atcac_hmac_sha256_ctx; +typedef atca_evp_ctx atcac_pk_ctx; #elif defined(ATCA_WOLFSSL) #include "wolfssl/wolfcrypt/types.h" #ifndef WOLFSSL_CMAC @@ -134,6 +137,16 @@ ATCA_STATUS atcac_aes_cmac_update(atcac_aes_cmac_ctx* ctx, const uint8_t* data, ATCA_STATUS atcac_aes_cmac_finish(atcac_aes_cmac_ctx* ctx, uint8_t* cmac, size_t* cmac_size); #endif +#ifdef ATCA_MBEDTLS +ATCA_STATUS atcac_pk_init(atcac_pk_ctx* ctx, uint8_t* buf, size_t buflen, uint8_t key_type, bool pubkey); +ATCA_STATUS atcac_pk_init_pem(atcac_pk_ctx* ctx, uint8_t* buf, size_t buflen, bool pubkey); +ATCA_STATUS atcac_pk_free(atcac_pk_ctx* ctx); +ATCA_STATUS atcac_pk_public(atcac_pk_ctx* ctx, uint8_t* buf, size_t* buflen); +ATCA_STATUS atcac_pk_sign(atcac_pk_ctx* ctx, uint8_t* digest, size_t dig_len, uint8_t* signature, size_t* sig_len); +ATCA_STATUS atcac_pk_verify(atcac_pk_ctx* ctx, uint8_t* digest, size_t dig_len, uint8_t* signature, size_t sig_len); +ATCA_STATUS atcac_pk_derive(atcac_pk_ctx* private_ctx, atcac_pk_ctx* public_ctx, uint8_t* buf, size_t* buflen); +#endif + #if defined(ATCA_MBEDTLS) || defined(ATCA_OPENSSL) ATCA_STATUS atcac_aes_gcm_aad_update(atcac_aes_gcm_ctx* ctx, const uint8_t* aad, const size_t aad_len); diff --git a/lib/crypto/atca_crypto_sw_sha2.c b/lib/crypto/atca_crypto_sw_sha2.c index 08ba4c16f..f1468d53f 100644 --- a/lib/crypto/atca_crypto_sw_sha2.c +++ b/lib/crypto/atca_crypto_sw_sha2.c @@ -202,3 +202,35 @@ int atcac_sw_sha2_256(const uint8_t* data, size_t data_size, uint8_t digest[ATCA return ATCA_SUCCESS; } + +/** \brief Implements SHA256 HMAC-Counter per NIST SP 800-108 used for KDF like operations */ +ATCA_STATUS atcac_sha256_hmac_counter( + atcac_hmac_sha256_ctx* ctx, + uint8_t * label, + size_t label_len, + uint8_t * data, + size_t data_len, + uint8_t * digest, + size_t diglen + ) +{ + ATCA_STATUS ret = ATCA_GEN_FAIL; + + if (ctx) + { + uint32_t tmp = 1; + + (void)atcac_sha256_hmac_update(ctx, (uint8_t*)&tmp, 1); + (void)atcac_sha256_hmac_update(ctx, label, label_len); + + tmp = 0; + (void)atcac_sha256_hmac_update(ctx, (uint8_t*)&tmp, 1); + (void)atcac_sha256_hmac_update(ctx, data, data_len); + + tmp = ATCA_UINT16_HOST_TO_BE(diglen); + (void)atcac_sha256_hmac_update(ctx, (uint8_t*)&tmp, 2); + + ret = atcac_sha256_hmac_finish(ctx, digest, &diglen); + } + return ret; +} diff --git a/lib/crypto/atca_crypto_sw_sha2.h b/lib/crypto/atca_crypto_sw_sha2.h index 6dbd2866e..be5266d06 100644 --- a/lib/crypto/atca_crypto_sw_sha2.h +++ b/lib/crypto/atca_crypto_sw_sha2.h @@ -52,7 +52,7 @@ int atcac_sw_sha2_256(const uint8_t * data, size_t data_size, uint8_t digest[ATC ATCA_STATUS atcac_sha256_hmac_init(atcac_hmac_sha256_ctx* ctx, const uint8_t* key, const uint8_t key_len); ATCA_STATUS atcac_sha256_hmac_update(atcac_hmac_sha256_ctx* ctx, const uint8_t* data, size_t data_size); ATCA_STATUS atcac_sha256_hmac_finish(atcac_hmac_sha256_ctx* ctx, uint8_t* digest, size_t* digest_len); - +ATCA_STATUS atcac_sha256_hmac_counter(atcac_hmac_sha256_ctx* ctx, uint8_t* label, size_t label_len, uint8_t* data, size_t data_len, uint8_t* digest, size_t diglen); #ifdef __cplusplus } diff --git a/lib/hal/atca_hal.h b/lib/hal/atca_hal.h index 85851d05f..53abd7ee0 100644 --- a/lib/hal/atca_hal.h +++ b/lib/hal/atca_hal.h @@ -72,7 +72,7 @@ typedef struct ATCA_STATUS (*send)(void* ctx, uint8_t* txdata, uint16_t txlen); /**< Must be a blocking send */ ATCA_STATUS (*recv)(void* ctx, uint8_t* rxdata, uint16_t* rxlen); /**< Must be a blocking receive */ void* (*packet_alloc)(size_t bytes); /**< Allocate a phy packet */ - void (*packet_free)(uint8_t* packet); /**< Free a phy packet */ + void (*packet_free)(void* packet); /**< Free a phy packet */ void* hal_data; /**< Physical layer context */ } atca_hal_kit_phy_t; diff --git a/lib/hal/hal_i2c_start.c b/lib/hal/hal_i2c_start.c index a0199b102..c267eeabb 100644 --- a/lib/hal/hal_i2c_start.c +++ b/lib/hal/hal_i2c_start.c @@ -199,6 +199,7 @@ ATCA_STATUS hal_i2c_receive(ATCAIface iface, uint8_t word_address, uint8_t *rxda .buffer = rxdata, .flags = I2C_M_SEVEN | I2C_M_RD | I2C_M_STOP, }; + if ((NULL == cfg) || (NULL == rxlength) || (NULL == rxdata)) { return ATCA_TRACE(ATCA_INVALID_POINTER, "NULL pointer encountered"); diff --git a/lib/hal/hal_swi_uart.c b/lib/hal/hal_swi_uart.c index 05d3f8706..4c250037c 100644 --- a/lib/hal/hal_swi_uart.c +++ b/lib/hal/hal_swi_uart.c @@ -234,13 +234,12 @@ ATCA_STATUS hal_swi_init(void *hal, ATCAIfaceCfg *cfg) if (data->ref_ct <= 0) { - // Bus isn't being used, enable it + // initialize the bus index + data->bus_index = cfg->atcaswi.bus; // initialize UART module for SWI interface swi_uart_init(data); - // store this for use during the release phase - data->bus_index = cfg->atcaswi.bus; // buses are shared, this is the first instance data->ref_ct = 1; } diff --git a/lib/mbedtls/atca_mbedtls_wrap.c b/lib/mbedtls/atca_mbedtls_wrap.c index 4576c6056..853802580 100644 --- a/lib/mbedtls/atca_mbedtls_wrap.c +++ b/lib/mbedtls/atca_mbedtls_wrap.c @@ -44,9 +44,12 @@ #include "mbedtls/cmac.h" #include "mbedtls/pk.h" +#include "mbedtls/ecdh.h" #include "mbedtls/ecp.h" +#include "mbedtls/bignum.h" #include "mbedtls/x509_crt.h" + /* Cryptoauthlib Includes */ #include "cryptoauthlib.h" #include "crypto/atca_crypto_sw.h" @@ -552,13 +555,492 @@ ATCA_STATUS atcac_sha256_hmac_finish( return status; } +/** \brief Set up a public/private key structure for use in asymmetric cryptographic functions + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcac_pk_init( + atcac_pk_ctx* ctx, /**< [in] pointer to a pk context */ + uint8_t* buf, /**< [in] buffer containing a pem encoded key */ + size_t buflen, /**< [in] length of the input buffer */ + uint8_t key_type, + bool pubkey /**< [in] buffer is a public key */ + ) +{ + ATCA_STATUS status = ATCA_BAD_PARAM; + + if (ctx) + { + int ret; + uint8_t temp = 1; + mbedtls_ecp_keypair* ecp = NULL; + + mbedtls_pk_init(ctx); + ret = mbedtls_pk_setup(ctx, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)); + + if (!ret) + { + ecp = mbedtls_pk_ec(*ctx); + ret = mbedtls_ecp_group_load(&ecp->grp, MBEDTLS_ECP_DP_SECP256R1); + } + + if (pubkey) + { + if (!ret) + { + ret = mbedtls_mpi_read_binary(&(ecp->Q.X), buf, buflen / 2); + } + + if (!ret) + { + ret = mbedtls_mpi_read_binary(&(ecp->Q.Y), &buf[buflen / 2], buflen / 2); + } + + if (!ret) + { + ret = mbedtls_mpi_read_binary(&(ecp->Q.Z), &temp, 1); + } + } + else + { + if (!ret) + { + ret = mbedtls_mpi_read_binary(&(ecp->d), buf, buflen); + } + } + + status = (!ret) ? ATCA_SUCCESS : ATCA_FUNC_FAIL; + } + return status; +} + +/** \brief Set up a public/private key structure for use in asymmetric cryptographic functions + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcac_pk_init_pem( + atcac_pk_ctx* ctx, /**< [in] pointer to a pk context */ + uint8_t* buf, /**< [in] buffer containing a pem encoded key */ + size_t buflen, /**< [in] length of the input buffer */ + bool pubkey /**< [in] buffer is a public key */ + ) +{ + ATCA_STATUS status = ATCA_BAD_PARAM; + + if (ctx) + { + int ret; + mbedtls_pk_init(ctx); + + if (pubkey) + { + ret = mbedtls_pk_parse_public_key(ctx, buf, buflen); + } + else + { + ret = mbedtls_pk_parse_key(ctx, buf, buflen, NULL, 0); + } + status = (!ret) ? ATCA_SUCCESS : ATCA_FUNC_FAIL; + } + return status; +} + +/** \brief Free a public/private key structure + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcac_pk_free( + atcac_pk_ctx* ctx /**< [in] pointer to a pk context */ + ) +{ + ATCA_STATUS status = ATCA_BAD_PARAM; + + if (ctx) + { + mbedtls_pk_init(ctx); + status = ATCA_SUCCESS; + } + return status; +} + +/** \brief Get the public key from the context + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcac_pk_public( + atcac_pk_ctx* ctx, + uint8_t* buf, + size_t* buflen + ) +{ + ATCA_STATUS status = ATCA_BAD_PARAM; + + if (ctx) + { + int ret = -1; + switch (mbedtls_pk_get_type(ctx)) + { + case MBEDTLS_PK_ECKEY: + /* fallthrough */ + case MBEDTLS_PK_ECDSA: + { + (void)mbedtls_mpi_write_binary(&mbedtls_pk_ec(*ctx)->Q.X, buf, 32); + ret = mbedtls_mpi_write_binary(&mbedtls_pk_ec(*ctx)->Q.Y, &buf[32], 32); + *buflen = 64; + break; + } + default: + break; + } + status = (0 == ret) ? ATCA_SUCCESS : ATCA_FUNC_FAIL; + } + return status; +} + +/** \brief Perform a signature with the private key in the context + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcac_pk_sign( + atcac_pk_ctx* ctx, + uint8_t* digest, + size_t dig_len, + uint8_t* signature, + size_t* sig_len + ) +{ + ATCA_STATUS status = ATCA_BAD_PARAM; + + if (ctx) + { + int ret = -1; + switch (mbedtls_pk_get_type(ctx)) + { + case MBEDTLS_PK_ECKEY: + /* fallthrough */ + case MBEDTLS_PK_ECDSA: + { + mbedtls_mpi r; + mbedtls_mpi s; + + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&s); + + //ret = mbedtls_ecdsa_sign(&mbedtls_pk_ec(*ctx)->grp, &r, &s, &mbedtls_pk_ec(*ctx)->d, digest, dig_len, NULL, NULL); + ret = mbedtls_ecdsa_sign_det(&mbedtls_pk_ec(*ctx)->grp, &r, &s, &mbedtls_pk_ec(*ctx)->d, digest, dig_len, MBEDTLS_MD_SHA256); + + if (!ret) + { + ret = mbedtls_mpi_write_binary(&r, signature, 32); + } + + if (!ret) + { + ret = mbedtls_mpi_write_binary(&s, &signature[32], 32); + } + + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&s); + + *sig_len = 64; + break; + } + case MBEDTLS_PK_RSA: + ret = mbedtls_pk_sign(ctx, MBEDTLS_MD_SHA256, digest, dig_len, signature, sig_len, NULL, NULL); + break; + default: + break; + } + status = (0 == ret) ? ATCA_SUCCESS : ATCA_FUNC_FAIL; + } + return status; +} + +/** \brief Perform a verify using the public key in the provided context + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcac_pk_verify( + atcac_pk_ctx* ctx, + uint8_t* digest, + size_t dig_len, + uint8_t* signature, + size_t sig_len + ) +{ + ATCA_STATUS status = ATCA_BAD_PARAM; + + if (ctx) + { + int ret = -1; + switch (mbedtls_pk_get_type(ctx)) + { + case MBEDTLS_PK_ECKEY: + /* fallthrough */ + case MBEDTLS_PK_ECDSA: + { + mbedtls_mpi r; + mbedtls_mpi s; + + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&s); + + mbedtls_mpi_read_binary(&r, signature, sig_len / 2); + mbedtls_mpi_read_binary(&s, &signature[sig_len / 2], sig_len / 2); + + ret = mbedtls_ecdsa_verify(&mbedtls_pk_ec(*ctx)->grp, digest, dig_len, &mbedtls_pk_ec(*ctx)->Q, &r, &s); + + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&s); + break; + } + case MBEDTLS_PK_RSA: + ret = mbedtls_pk_verify(ctx, MBEDTLS_MD_SHA256, digest, dig_len, signature, sig_len); + break; + default: + break; + } + status = (0 == ret) ? ATCA_SUCCESS : ATCA_FUNC_FAIL; + } + return status; +} + +/** \brief Execute the key agreement protocol for the provided keys (if they can) + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcac_pk_derive( + atcac_pk_ctx* private_ctx, + atcac_pk_ctx* public_ctx, + uint8_t* buf, + size_t* buflen + ) +{ + ATCA_STATUS status = ATCA_BAD_PARAM; + + if (private_ctx && public_ctx) + { + mbedtls_pk_type_t keytype = mbedtls_pk_get_type(private_ctx); + + if (mbedtls_pk_get_type(public_ctx) == keytype) + { + int ret = -1; + switch (keytype) + { + case MBEDTLS_PK_ECKEY: + /* fallthrough */ + case MBEDTLS_PK_ECDSA: + { + mbedtls_mpi result; + + mbedtls_mpi_init(&result); + + ret = mbedtls_ecdh_compute_shared(&mbedtls_pk_ec(*private_ctx)->grp, &result, &mbedtls_pk_ec(*public_ctx)->Q, &mbedtls_pk_ec(*private_ctx)->d, NULL, NULL); + + mbedtls_mpi_write_binary(&result, buf, *buflen); + mbedtls_mpi_free(&result); + break; + } + default: + break; + } + status = (0 == ret) ? ATCA_SUCCESS : ATCA_FUNC_FAIL; + } + } + return status; +} + + +#ifndef MBEDTLS_ECDSA_SIGN_ALT +#include "mbedtls/pk_internal.h" +#include "atcacert/atcacert_der.h" + +typedef struct atca_mbedtls_eckey_s +{ + ATCADevice device; + uint16_t handle; +} atca_mbedtls_eckey_t; + +static size_t atca_mbedtls_eckey_get_bitlen(const void * ctx) +{ + return mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)->get_bitlen(ctx); +} + +static int atca_mbedtls_eckey_can_do(mbedtls_pk_type_t type) +{ + return mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)->can_do(type); +} + +static int atca_mbedtls_eckey_verify(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len) +{ + int ret = -1; + mbedtls_ecp_keypair *ecp = (mbedtls_ecp_keypair*)ctx; + + if (ecp && hash && sig) + { + mbedtls_mpi r, s; + atca_mbedtls_eckey_t key_info; + uint8_t signature[ATCA_ECCP256_SIG_SIZE]; + + /* Signature is in ASN.1 format so we have to parse it out manually */ + size_t len; + unsigned char *ptr = (unsigned char*)sig; + const unsigned char *end = sig + sig_len; + + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&s); + + ret = mbedtls_mpi_write_binary(&ecp->d, (unsigned char*)&key_info, sizeof(atca_mbedtls_eckey_t)); + + if (!ret) + { + ret = mbedtls_asn1_get_tag(&ptr, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); + + if (ptr + len != end) + { + /* Some sort of parsing error */ + ret = -1; + } + } + + if (!ret) + { + ret = mbedtls_asn1_get_mpi(&ptr, end, &r); + } + + if (!ret) + { + ret = mbedtls_asn1_get_mpi(&ptr, end, &s); + } + + if (!ret) + { + ret = mbedtls_mpi_write_binary(&r, signature, 32); + } + + if (!ret) + { + ret = mbedtls_mpi_write_binary(&s, &signature[32], 32); + } + + if (!ret) + { + bool is_verified = false; + if (ATCA_SUCCESS == atcab_verify_stored_ext(key_info.device, hash, signature, key_info.handle, &is_verified)) + { + if (is_verified) + { + ret = 0; + } + } + ret = is_verified ? 0 : -1; + } + + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&s); + } + + return ret; +} + +static int atca_mbedtls_eckey_sign(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) +{ + int ret = -1; + mbedtls_ecp_keypair *ecp = (mbedtls_ecp_keypair*)ctx; + + if (ecp && hash && sig && sig_len) + { + mbedtls_mpi r, s; + atca_mbedtls_eckey_t key_info; + uint8_t signature[75]; + + ret = mbedtls_mpi_write_binary(&ecp->d, (unsigned char*)&key_info, sizeof(atca_mbedtls_eckey_t)); + + if (!ret) + { + if (ATCA_SUCCESS != atcab_sign_ext(key_info.device, key_info.handle, hash, &signature[10])) + { + ret = -1; + } + } + + if (!ret) + { + ret = atcacert_der_enc_ecdsa_sig_value(&signature[10], signature, sig_len); + + } + + if (!ret) + { + /* atcacert_der_enc_ecdsa_sig_value add the outer tag info so we need to not copy it + to the output buffer for mbedtls */ + *sig_len -= 3; + memcpy(sig, &signature[3], *sig_len); + } + } + return ret; +} + +static int atca_mbedtls_eckey_check_pair(const void *pub, const void *prv) +{ + return mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)->check_pair_func(pub, prv); +} + +static void * atca_mbedtls_eckey_alloc(void) +{ + return mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)->ctx_alloc_func(); +} + +static void atca_mbedtls_eckey_free(void * ctx) +{ + return mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)->ctx_free_func(ctx); +} + +static void atca_mbedtls_eckey_debug(const void *ctx, mbedtls_pk_debug_item *items) +{ + return mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)->debug_func(ctx, items); +} + +const mbedtls_pk_info_t atca_mbedtls_eckey_info = { + MBEDTLS_PK_ECKEY, + "EC", + atca_mbedtls_eckey_get_bitlen, + atca_mbedtls_eckey_can_do, + atca_mbedtls_eckey_verify, + atca_mbedtls_eckey_sign, +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + /* Required to maintain structure alignment */ + NULL, + NULL, +#endif + NULL, + NULL, + atca_mbedtls_eckey_check_pair, + atca_mbedtls_eckey_alloc, + atca_mbedtls_eckey_free, +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + /* Required to maintain structure alignment */ + NULL, + NULL, +#endif + atca_mbedtls_eckey_debug, +}; + +#endif + /** \brief Initializes an mbedtls pk context for use with EC operations * \param[in,out] pkey ptr to space to receive version string * \param[in] slotid Associated with this key * \return 0 on success, otherwise an error code. */ -int atca_mbedtls_pk_init(mbedtls_pk_context * pkey, const uint16_t slotid) +int atca_mbedtls_pk_init_ext(ATCADevice device, mbedtls_pk_context * pkey, const uint16_t slotid) { int ret = 0; uint8_t public_key[ATCA_ECCP256_SIG_SIZE]; @@ -573,9 +1055,14 @@ int atca_mbedtls_pk_init(mbedtls_pk_context * pkey, const uint16_t slotid) if (!ret) { mbedtls_pk_init(pkey); +#ifdef MBEDTLS_ECDSA_SIGN_ALT ret = mbedtls_pk_setup(pkey, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)); +#else + ret = mbedtls_pk_setup(pkey, &atca_mbedtls_eckey_info); +#endif } + if (!ret) { ecp = mbedtls_pk_ec(*pkey); @@ -584,7 +1071,7 @@ int atca_mbedtls_pk_init(mbedtls_pk_context * pkey, const uint16_t slotid) if (!ret) { - ret = atcab_get_pubkey(slotid, public_key); + ret = atcab_get_pubkey_ext(device, slotid, public_key); } if (!ret) @@ -604,12 +1091,27 @@ int atca_mbedtls_pk_init(mbedtls_pk_context * pkey, const uint16_t slotid) if (!ret) { - ret = mbedtls_mpi_lset(&ecp->d, slotid); + /* This is a bit of a hack to force a context into the mbedtls keypair structure but it should + work on any platform as it is in essence directly copying memory exactly as it appears in the + structure */ + atca_mbedtls_eckey_t key_info = { device, slotid }; + ret = mbedtls_mpi_read_binary(&ecp->d, (const unsigned char*)&key_info, + sizeof(atca_mbedtls_eckey_t)); } return ret; } +/** \brief Initializes an mbedtls pk context for use with EC operations + * \param[in,out] pkey ptr to space to receive version string + * \param[in] slotid Associated with this key + * \return 0 on success, otherwise an error code. + */ +int atca_mbedtls_pk_init(mbedtls_pk_context * pkey, const uint16_t slotid) +{ + return atca_mbedtls_pk_init_ext(atcab_get_device(), pkey, slotid); +} + #if ATCA_CA_SUPPORT /** \brief Rebuild a certificate from an atcacert_def_t structure, and then add * it to an mbedtls cert chain. diff --git a/lib/mbedtls/atca_mbedtls_wrap.h b/lib/mbedtls/atca_mbedtls_wrap.h index ae4332c78..26adfea73 100644 --- a/lib/mbedtls/atca_mbedtls_wrap.h +++ b/lib/mbedtls/atca_mbedtls_wrap.h @@ -44,6 +44,7 @@ struct mbedtls_x509_crt; struct atcacert_def_s; /* Wrapper Functions */ +int atca_mbedtls_pk_init_ext(ATCADevice device, struct mbedtls_pk_context * pkey, const uint16_t slotid); int atca_mbedtls_pk_init(struct mbedtls_pk_context * pkey, const uint16_t slotid); int atca_mbedtls_cert_add(struct mbedtls_x509_crt * cert, const struct atcacert_def_s * cert_def); diff --git a/lib/openssl/atca_openssl_interface.c b/lib/openssl/atca_openssl_interface.c index 5f2169027..62341b641 100644 --- a/lib/openssl/atca_openssl_interface.c +++ b/lib/openssl/atca_openssl_interface.c @@ -30,9 +30,13 @@ #include "crypto/atca_crypto_sw.h" #ifdef ATCA_OPENSSL +#include +#include #include +#include #include #include +#include /** \brief Update the GCM context with additional authentication data (AAD) * @@ -264,7 +268,8 @@ ATCA_STATUS atcac_aes_gcm_decrypt_finish( } /* Always try to free the context */ - EVP_CIPHER_CTX_cleanup((EVP_CIPHER_CTX*)ctx->ptr); + EVP_CIPHER_CTX_free((EVP_CIPHER_CTX*)ctx->ptr); + ctx->ptr = NULL; if (ret > 0) { @@ -553,4 +558,263 @@ ATCA_STATUS atcac_sha256_hmac_finish( return status; } +/** \brief Set up a public/private key structure for use in asymmetric cryptographic functions + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcac_pk_init( + atcac_pk_ctx* ctx, /**< [in] pointer to a pk context */ + uint8_t* buf, /**< [in] buffer containing a pem encoded key */ + size_t buflen, /**< [in] length of the input buffer */ + uint8_t key_type, + bool pubkey /**< [in] buffer is a public key */ + ) +{ + ATCA_STATUS status = ATCA_BAD_PARAM; + + if (ctx) + { + ctx->ptr = EVP_PKEY_new(); + + if (ctx->ptr) + { + int ret = EVP_PKEY_set_type((EVP_PKEY*)ctx->ptr, EVP_PKEY_EC); + + if (0 < ret) + { + EC_KEY* ec_key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); + + if (pubkey) + { + /* Configure the public key */ + EC_POINT* ec_point = EC_POINT_new(EC_KEY_get0_group(ec_key)); + BIGNUM* x = BN_bin2bn(buf, 32, NULL); + BIGNUM* y = BN_bin2bn(&buf[32], 32, NULL); + + ret = EC_POINT_set_affine_coordinates(EC_KEY_get0_group(ec_key), ec_point, x, y, NULL); + + if (0 < ret) + { + ret = EC_KEY_set_public_key(ec_key, ec_point); + } + + EC_POINT_free(ec_point); + BN_free(x); + BN_free(y); + } + else + { + /* Configure a private key */ + BIGNUM* d = BN_bin2bn(buf, buflen, NULL); + ret = EC_KEY_set_private_key(ec_key, d); + BN_free(d); + } + + if (0 < ret) + { + ret = EVP_PKEY_set1_EC_KEY((EVP_PKEY*)ctx->ptr, ec_key); + } + + /* pkey context copies the key when it is attached */ + EC_KEY_free(ec_key); + + if (0 < ret) + { + status = ATCA_SUCCESS; + } + else + { + EVP_PKEY_free((EVP_PKEY*)ctx->ptr); + status = ATCA_GEN_FAIL; + } + } + } + } + return status; +} + + +/** \brief Set up a public/private key structure for use in asymmetric cryptographic functions + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcac_pk_init_pem( + atcac_pk_ctx* ctx, /**< [in] pointer to a pk context */ + uint8_t * buf, /**< [in] buffer containing a pem encoded key */ + size_t buflen, /**< [in] length of the input buffer */ + bool pubkey /**< [in] buffer is a public key */ + ) +{ + ATCA_STATUS status = ATCA_BAD_PARAM; + + if (ctx) + { + BIO* bio = BIO_new_mem_buf((void*)buf, buflen); + if (pubkey) + { + ctx->ptr = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL); + } + else + { + ctx->ptr = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL); + } + + status = ctx->ptr ? ATCA_SUCCESS : ATCA_FUNC_FAIL; + } + return status; +} + +/** \brief Free a public/private key structure + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcac_pk_free( + atcac_pk_ctx* ctx /**< [in] pointer to a pk context */ + ) +{ + ATCA_STATUS status = ATCA_BAD_PARAM; + + if (ctx) + { + if (ctx->ptr) + { + EVP_PKEY_free(ctx->ptr); + } + status = ATCA_SUCCESS; + } + return status; +} + +/** \brief Perform a signature with the private key in the context + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcac_pk_sign( + atcac_pk_ctx* ctx, + uint8_t * digest, + size_t dig_len, + uint8_t* signature, + size_t* sig_len + ) +{ + ATCA_STATUS status = ATCA_BAD_PARAM; + int ret = 0; + + if (ctx && ctx->ptr) + { + if (EVP_PKEY_EC == EVP_PKEY_id((EVP_PKEY*)ctx->ptr)) + { + ECDSA_SIG* ec_sig = ECDSA_do_sign(digest, (int)dig_len, EVP_PKEY_get0_EC_KEY((EVP_PKEY*)ctx->ptr)); + + if (ec_sig) + { + ret = BN_bn2bin(ECDSA_SIG_get0_r(ec_sig), signature); + if (0 < ret) + { + *sig_len = ret; + ret = BN_bn2bin(ECDSA_SIG_get0_s(ec_sig), &signature[ret]); + } + if (0 < ret) + { + *sig_len += ret; + } + ECDSA_SIG_free(ec_sig); + } + } + else + { + EVP_PKEY_CTX* sign_ctx = EVP_PKEY_CTX_new((EVP_PKEY*)ctx->ptr, NULL); + + if (sign_ctx) + { + int ret = EVP_PKEY_sign_init(sign_ctx); + + if (0 < ret) + { + ret = EVP_PKEY_CTX_set_rsa_padding(sign_ctx, RSA_PKCS1_PADDING); + } + + if (0 < ret) + { + ret = EVP_PKEY_CTX_set_signature_md(sign_ctx, EVP_sha256()); + } + + if (0 < ret) + { + ret = EVP_PKEY_sign(sign_ctx, signature, sig_len, digest, dig_len); + } + + EVP_PKEY_CTX_free(sign_ctx); + } + } + status = (0 < ret) ? ATCA_SUCCESS : ATCA_FUNC_FAIL; + } + return status; +} + +/** \brief Perform a verify using the public key in the provided context + * + * \return ATCA_SUCCESS on success, otherwise an error code. + */ +ATCA_STATUS atcac_pk_verify( + atcac_pk_ctx* ctx, + uint8_t* digest, + size_t dig_len, + uint8_t* signature, + size_t sig_len + ) +{ + ATCA_STATUS status = ATCA_BAD_PARAM; + + if (ctx && ctx->ptr) + { + int ret = -1; + if (EVP_PKEY_EC == EVP_PKEY_id((EVP_PKEY*)ctx->ptr)) + { + ECDSA_SIG* ec_sig = ECDSA_SIG_new(); + BIGNUM* r = BN_bin2bn(signature, 32, NULL); + BIGNUM* s = BN_bin2bn(&signature[32], 32, NULL); + + ECDSA_SIG_set0(ec_sig, r, s); + + ret = ECDSA_do_verify(digest, dig_len, ec_sig, EVP_PKEY_get0_EC_KEY((EVP_PKEY*)ctx->ptr)); + ECDSA_SIG_free(ec_sig); + BN_free(r); + BN_free(s); + } + else + { + + EVP_PKEY_CTX* verify_ctx = EVP_PKEY_CTX_new((EVP_PKEY*)ctx->ptr, NULL); + + if (verify_ctx) + { + int ret = EVP_PKEY_verify_init(verify_ctx); + + if (0 < ret) + { + ret = EVP_PKEY_CTX_set_signature_md(verify_ctx, EVP_sha256()); + } + + if (0 < ret) + { + if (EVP_PK_RSA == EVP_PKEY_id((EVP_PKEY*)ctx->ptr)) + { + ret = EVP_PKEY_CTX_set_rsa_padding(verify_ctx, RSA_PKCS1_PADDING); + } + } + + if (0 < ret) + { + ret = EVP_PKEY_verify(verify_ctx, signature, sig_len, digest, dig_len); + } + EVP_PKEY_CTX_free(verify_ctx); + } + } + status = (0 < ret) ? ATCA_SUCCESS : ATCA_FUNC_FAIL; + } + + return status; +} + #endif /* ATCA_OPENSSL */ diff --git a/module.xml b/module.xml index 2d7f39122..6c49da8e3 100644 --- a/module.xml +++ b/module.xml @@ -1,4 +1,4 @@ - + diff --git a/package.xml b/package.xml index 03f504e16..493d68c2f 100644 --- a/package.xml +++ b/package.xml @@ -1,6 +1,6 @@ - + diff --git a/python/cryptoauthlib/atcab.py b/python/cryptoauthlib/atcab.py index c0c3575aa..2a096e33d 100644 --- a/python/cryptoauthlib/atcab.py +++ b/python/cryptoauthlib/atcab.py @@ -72,6 +72,26 @@ class atca_aes_gcm_ctx(Structure): ("enc_cb", c_char*16), ("ciphertext_block", c_char*16)] +class atca_aes_ccm_ctx(Structure): + """AES CCM Context""" + _fields_ = [("cbc_mac_ctx", atca_aes_cbc_ctx), + ("ctr_ctx", atca_aes_ctr_ctx), + ("iv_size", c_uint8), + ("M", c_uint8), + ("counter", c_char*16), + ("partial_aad", c_char*16), + ("partial_aad_size", c_uint32), + ("text_size", c_uint32), + ("enc_cb", c_char*16), + ("data_size", c_uint32), + ("ciphertext_block", c_char*16)] + +class atca_aes_cbcmac_ctx(Structure): + """AES CBCMAC Context""" + _fields_ = [("cbc_ctx", atca_aes_cbc_ctx), + ("block_size", c_uint8), + ("block", c_char*16)] + class atca_hmac_sha256_ctx(atca_sha256_ctx): """HMAC-SHA256 context""" @@ -612,6 +632,215 @@ def atcab_aes_gcm_decrypt_finish(ctx, tag, tag_size, is_verified): is_verified.value = c_is_verified.value return status +def atcab_aes_cbcmac_init(ctx, key_id, key_block): + """ + Initialize context for AES CBC-MAC operation. + + Args: + ctx AES CBC-MAC context to be initialized + key_id Key location. Can either be a slot number or + ATCA_TEMPKEY_KEYID for TempKey. + key_block Index of the 16-byte block to use within the key + location for the actual key. + + Returns: + ATCA_SUCCESS on success, otherwise an error code. + """ + status = get_cryptoauthlib().atcab_aes_cbcmac_init(byref(ctx), key_id, key_block) + return status + +def atcab_aes_cbcmac_update(ctx, data, data_size): + """ + Calculate AES CBC-MAC with key stored within ECC608A device. + atcab_aes_cbcmac_init() should be called before the first use of + this function. + + Args: + ctx AES CBC-MAC context structure. + data Data to be added for AES CBC-MAC calculation. Can be + bytearray or bytes. + data_size Data length in bytes. + + Returns: + ATCA_SUCCESS on success, otherwise an error code. + """ + status = get_cryptoauthlib().atcab_aes_cbcmac_update(byref(ctx), bytes(data), data_size) + return status + +def atcab_aes_cbcmac_finish(ctx, mac, mac_size): + """ + Finish a CBC-MAC operation returning the CBC-MAC value. If the data + provided to the atcab_aes_cbcmac_update() function has incomplete + block this function will return an error code. + + Args: + ctx AES-128 CBC-MAC context. + mac CBC-MAC is returned here. + mac_size Size of CBC-MAC requested in bytes (max 16 bytes). + + Returns: + ATCA_SUCCESS on success, otherwise an error code. + """ + c_mac = create_string_buffer(16) + if not isinstance(mac, bytearray): + status = Status.ATCA_BAD_PARAM + else: + status = get_cryptoauthlib().atcab_aes_cbcmac_finish(byref(ctx), byref(c_mac), mac_size) + mac[0:] = bytes(c_mac.raw) + return status + +def atcab_aes_ccm_init(ctx, key_id, key_block, iv, iv_size, aad_size, text_size, tag_size): + """ + Initialize context for AES CCM operation with an existing IV, which + is common when starting a decrypt operation. + + Args: + ctx AES CCM context to be initialized + key_id Key location. Can either be a slot number or + ATCA_TEMPKEY_KEYID for TempKey. + key_block Index of the 16-byte block to use within the key + location for the actual key. + iv Nonce to be fed into the AES CCM calculation. + iv_size Size of iv. + aad_size Size of Additional authtication data. + text_size Size of plaintext/ciphertext to be processed. + tag_size Prefered size of tag. + """ + status = get_cryptoauthlib().atcab_aes_ccm_init(byref(ctx), key_id, key_block, + bytes(iv), iv_size, aad_size, text_size, tag_size) + return status + +def atcab_aes_ccm_init_rand(ctx, key_id, key_block, iv, iv_size, aad_size, text_size, tag_size): + """ + Initialize context for AES CCM operation with a random nonce + + Args: + ctx AES CCM context to be initialized + key_id Key location. Can either be a slot number or + ATCA_TEMPKEY_KEYID for TempKey. + key_block Index of the 16-byte block to use within the key + location for the actual key. + iv Nonce to be fed into the AES CCM calculation. + iv_size Size of iv. + aad_size Size of Additional authtication data. + text_size Size of plaintext/ciphertext to be processed. + tag_size Prefered size of tag. + """ + c_iv = create_string_buffer(16) + if not isinstance(iv, bytearray): + status = Status.ATCA_BAD_PARAM + else: + status = get_cryptoauthlib().atcab_aes_ccm_init_rand(byref(ctx), key_id, key_block, + byref(c_iv), iv_size, aad_size, text_size, tag_size) + iv[0:] = bytes(c_iv.raw) + + return status + +def atcab_aes_ccm_aad_update(ctx, aad, aad_size): + """ + Process Additional Authenticated Data (AAD) using CCM mode and a + key within the ATECC608A device + + Args: + ctx AES CCM context + aad Additional authenticated data to be added + aad_size Size of aad in bytes. + """ + status = get_cryptoauthlib().atcab_aes_ccm_aad_update(byref(ctx), bytes(aad), aad_size) + return status + +def atcab_aes_ccm_aad_finish(ctx): + """ + Finish processing Additional Authenticated Data (AAD) using CCM mode. + + Args: + ctx AES CCM context + """ + status = get_cryptoauthlib().atcab_aes_ccm_aad_finish(byref(ctx)) + return status + +def atcab_aes_ccm_encrypt_update(ctx, plaintext, plaintext_size, ciphertext): + """ + Process data using CCM mode and a key within the ATECC608A device. + atcab_aes_ccm_init() or atcab_aes_ccm_init_rand() should be called + before the first use of this function. + + Args: + ctx AES CCM context structure. + plaintext Data to be processed. + plaintext_size Size of the data to be processed. + ciphertext Output data is returned here. + """ + c_ciphertext = create_string_buffer(16) + if not isinstance(ciphertext, bytearray): + status = Status.ATCA_BAD_PARAM + else: + status = get_cryptoauthlib().atcab_aes_ccm_encrypt_update(byref(ctx), bytes(plaintext), + plaintext_size, byref(c_ciphertext)) + ciphertext[0:] = bytes(c_ciphertext.raw) + + return status + +def atcab_aes_ccm_decrypt_update(ctx, ciphertext, ciphertext_size, plaintext): + """ + Process data using CCM mode and a key within the ATECC608A device. + atcab_aes_ccm_init() or atcab_aes_ccm_init_rand() should be called + before the first use of this function. + + Args: + ctx AES CCM context structure. + ciphertext Data to be processed. + ciphertext_size Size of the data to be processed. + plaintext Output data is returned here. + """ + c_plaintext = create_string_buffer(16) + if not isinstance(plaintext, bytearray): + status = Status.ATCA_BAD_PARAM + else: + status = get_cryptoauthlib().atcab_aes_ccm_decrypt_update(byref(ctx), bytes(ciphertext), + ciphertext_size, byref(c_plaintext)) + plaintext[0:] = bytes(c_plaintext.raw) + + return status + +def atcab_aes_ccm_encrypt_finish(ctx, tag, tag_size): + """ + Complete a CCM encrypt operation returning the authentication tag. + + Args: + ctx AES CCM context structure. + tag Authentication tag is returned here. + tag_size Tag size in bytes. + + """ + c_tag = create_string_buffer(16) + c_tag_size = c_uint8() + if not isinstance(tag, bytearray) | isinstance(tag_size, bytearray): + status = Status.ATCA_BAD_PARAM + else: + status = get_cryptoauthlib().atcab_aes_ccm_encrypt_finish(byref(ctx), byref(c_tag), byref(c_tag_size)) + tag[0:] = bytes(c_tag.raw) + tag_size[0] = c_tag_size.value + return status + +def atcab_aes_ccm_decrypt_finish(ctx, tag, is_verified): + """ + Complete a CCM decrypt operation authenticating provided tag. + Args: + ctx AES CCM context structure. + tag Authentication tag is returned here. + is_verified Value is set to true if the tag is authenticated else + the value is set to false. + + """ + if not isinstance(is_verified, AtcaReference): + status = Status.ATCA_BAD_PARAM + else: + c_is_verified = c_uint8(is_verified.value) + status = get_cryptoauthlib().atcab_aes_ccm_decrypt_finish(byref(ctx), bytes(tag), byref(c_is_verified)) + is_verified.value = c_is_verified.value + return status + # CryptoAuthLib Basic API methods for CheckMAC command. # # The CheckMac command calculates a MAC response that would have been diff --git a/python/tests/cryptoauthlib_mock.py b/python/tests/cryptoauthlib_mock.py index 7091d0d1b..803062595 100644 --- a/python/tests/cryptoauthlib_mock.py +++ b/python/tests/cryptoauthlib_mock.py @@ -427,8 +427,196 @@ def atcab_aes_gcm_decrypt_finish(self, ctx, tag, tag_size, is_verified): memmove(cast(is_verified, c_void_p).value, cast(byref(self.r_is_verified), c_void_p).value, 1) return Status.ATCA_SUCCESS + #--------------------------------------------------------------------# + # atcab_aes_cbcmac_init(ctx, key_id, key_block): + + def atcab_aes_cbcmac_init(self, ctx, key_id, key_block): + + if not isinstance(key_id, int): + raise TypeError + + if not isinstance(key_block, int): + raise TypeError + + return Status.ATCA_SUCCESS #--------------------------------------------------------------------# + # atcab_aes_cbcmac_update(ctx, data, data_size): + + def atcab_aes_cbcmac_update(self, ctx, data, data_size): + + if not isinstance(data, bytes): + raise TypeError + + if not isinstance(data_size, int): + raise TypeError + + return Status.ATCA_SUCCESS + + #--------------------------------------------------------------------# + # atcab_aes_cbcmac_finish(ctx, mac, mac_size): + + r_aes_cbcmac_output = create_string_buffer(16) + r_aes_cbcmac_output.value = bytes(bytearray([0x00, 0x01, 0x02, 0x04, + 0x00, 0x01, 0x02, 0x04, + 0x00, 0x01, 0x02, 0x04, + 0x00, 0x01, 0x02, 0x04])) + + def atcab_aes_cbcmac_finish(self, ctx, mac, mac_size): + + if not isinstance(mac, c_ptr): + raise TypeError + + if not isinstance(mac_size, int): + raise TypeError + + memmove(cast(mac, c_void_p).value, cast(byref(self.r_aes_cbcmac_output), c_void_p).value, mac_size) + + return Status.ATCA_SUCCESS + + #--------------------------------------------------------------------# + # atcab_aes_ccm_init(ctx, key_id, key_block, iv, iv_size, aad_size, text_size, tag_size): + + def atcab_aes_ccm_init(self, ctx, key_id, key_block, iv, iv_size, aad_size, text_size, tag_size): + + if not isinstance(key_id, int): + raise TypeError + + if not isinstance(key_block, int): + raise TypeError + + if not isinstance(iv, bytes): + raise TypeError + + if not isinstance(iv_size, int): + raise TypeError + + if not isinstance(aad_size, int): + raise TypeError + + if not isinstance(text_size, int): + raise TypeError + + if not isinstance(tag_size, int): + raise TypeError + + return Status.ATCA_SUCCESS + + #--------------------------------------------------------------------# + # atcab_aes_ccm_init_rand(ctx, key_id, key_block, iv, iv_size, aad_size, text_size, tag_size): + + def atcab_aes_ccm_init_rand(self, ctx, key_id, key_block, iv, iv_size, aad_size, text_size, tag_size): + + if not isinstance(key_id, int): + raise TypeError + + if not isinstance(key_block, int): + raise TypeError + + if not isinstance(iv, c_ptr): + raise TypeError + + if not isinstance(iv_size, int): + raise TypeError + + if not isinstance(aad_size, int): + raise TypeError + + if not isinstance(text_size, int): + raise TypeError + + if not isinstance(tag_size, int): + raise TypeError + + memmove(cast(iv, c_void_p).value, cast(byref(self.r_iv), c_void_p).value, len(self.r_iv)) + + return Status.ATCA_SUCCESS + + #--------------------------------------------------------------------# + # atcab_aes_ccm_aad_update(ctx, aad, aad_size): + + def atcab_aes_ccm_aad_update(self, ctx, aad, aad_size): + + if not isinstance(aad, bytes): + raise TypeError + + if not isinstance(aad_size, int): + raise TypeError + + return Status.ATCA_SUCCESS + + + #--------------------------------------------------------------------# + # atcab_aes_ccm_aad_finish(ctx): + + def atcab_aes_ccm_aad_finish(self, ctx): + + return Status.ATCA_SUCCESS + + #--------------------------------------------------------------------# + # atcab_aes_ccm_encrypt_update(ctx, plaintext, plaintext_size, ciphertext): + + def atcab_aes_ccm_encrypt_update(self, ctx, plaintext, plaintext_size, ciphertext): + + if not isinstance(plaintext, bytes): + raise TypeError + + if not isinstance(plaintext_size, int): + raise TypeError + + if not isinstance(ciphertext, c_ptr): + raise TypeError + + memmove(cast(ciphertext, c_void_p).value, cast(byref(self.r_ciphertext), c_void_p).value, len(self.r_ciphertext)) + + return Status.ATCA_SUCCESS + + #--------------------------------------------------------------------# + # atcab_aes_ccm_decrypt_update(ctx, ciphertext, ciphertext_size, plaintext): + + def atcab_aes_ccm_decrypt_update(self, ctx, ciphertext, ciphertext_size, plaintext): + + if not isinstance(ciphertext, bytes): + raise TypeError + + if not isinstance(ciphertext_size, int): + raise TypeError + + if not isinstance(plaintext, c_ptr): + raise TypeError + + memmove(cast(plaintext, c_void_p).value, cast(byref(self.r_plaintext), c_void_p).value, len(self.r_plaintext)) + + return Status.ATCA_SUCCESS + + #--------------------------------------------------------------------# + # atcab_aes_ccm_encrypt_finish(ctx, tag, tag_size): + r_tag_size = c_uint8() + r_tag_size.value = 0x12 + + def atcab_aes_ccm_encrypt_finish(self, ctx, tag, tag_size): + + memmove(cast(tag, c_void_p).value, cast(byref(self.r_tag), c_void_p).value, len(self.r_tag)) + memmove(cast(tag_size, c_void_p).value, cast(byref(self.r_tag_size), c_void_p).value, 1) + + return Status.ATCA_SUCCESS + + #--------------------------------------------------------------------# + # atcab_aes_ccm_decrypt_finish(ctx, tag, is_verified): + + def atcab_aes_ccm_decrypt_finish(self, ctx, tag, is_verified): + + if not isinstance(tag, bytes): + raise TypeError + + if not isinstance(is_verified, c_ptr): + raise TypeError + + memmove(cast(is_verified, c_void_p).value, cast(byref(self.r_is_verified), c_void_p).value, 1) + + return Status.ATCA_SUCCESS + #--------------------------------------------------------------------# + # atcab_checkmac(mode, key_id, challenge, response, other_data): def atcab_checkmac(self, mode, key_id, challenge, response, other_data): diff --git a/python/tests/test_atcab.py b/python/tests/test_atcab.py index 3d5e9ab2e..e88096c63 100644 --- a/python/tests/test_atcab.py +++ b/python/tests/test_atcab.py @@ -212,7 +212,83 @@ def test_atcab_aes_gcm_decrypt_finish(test_init): assert atcab_aes_gcm_decrypt_finish(ctx, tag, tag_size, is_verified) == Status.ATCA_SUCCESS assert is_verified.value == atcab_mock.r_is_verified.value +def test_atcab_aes_cbcmac_init(test_init): + ctx = atca_aes_cbcmac_ctx() + key_id = 0 + key_block = 0 + assert atcab_aes_cbcmac_init(ctx, key_id, key_block) == Status.ATCA_SUCCESS + +def test_atcab_aes_cbcmac_update(test_init): + ctx = atca_aes_cbcmac_ctx() + data = bytearray(32) + data_size = len(data) + assert atcab_aes_cbcmac_update(ctx, data, data_size) == Status.ATCA_SUCCESS + +def test_atcab_aes_cbcmac_finish(test_init): + ctx = atca_aes_cbcmac_ctx() + mac = bytearray(16) + mac_size = len(mac) + assert atcab_aes_cbcmac_finish(ctx, mac, mac_size) == Status.ATCA_SUCCESS + assert mac == bytearray(atcab_mock.r_aes_cbcmac_output) + +def test_atcab_aes_ccm_init(test_init): + ctx = atca_aes_ccm_ctx() + key_id = 2 + key_block = 2 + iv = bytearray(16) + iv_size = len(iv) + aad_size = 2 + text_size = 2 + tag_size = 2 + assert atcab_aes_ccm_init(ctx, key_id, key_block, iv, iv_size, aad_size, text_size, tag_size) == Status.ATCA_SUCCESS + +def test_atcab_aes_ccm_init_rand(test_init): + ctx = atca_aes_ccm_ctx() + key_id = 2 + key_block = 2 + iv = bytearray(16) + iv_size = len(iv) + aad_size = 2 + text_size = 2 + tag_size = 2 + assert atcab_aes_ccm_init_rand(ctx, key_id, key_block, iv, iv_size, aad_size, text_size, tag_size) == Status.ATCA_SUCCESS + assert iv == bytearray(atcab_mock.r_iv) +def test_atcab_aes_ccm_aad_update(test_init): + ctx = atca_aes_ccm_ctx() + aad = bytearray(16) + aad_size = 2 + assert atcab_aes_ccm_aad_update(ctx, aad, aad_size) == Status.ATCA_SUCCESS + +def test_atcab_aes_ccm_encrypt_update(test_init): + ctx = atca_aes_ccm_ctx() + plaintext = bytearray(16) + plaintext_size = len(plaintext) + ciphertext = bytearray(16) + assert atcab_aes_ccm_encrypt_update(ctx, plaintext, plaintext_size, ciphertext) == Status.ATCA_SUCCESS + assert ciphertext == bytearray(atcab_mock.r_ciphertext) + +def test_atcab_aes_ccm_decrypt_update(test_init): + ctx = atca_aes_ccm_ctx() + ciphertext = bytearray(16) + ciphertext_size = len(ciphertext) + plaintext = bytearray(16) + assert atcab_aes_ccm_decrypt_update(ctx, ciphertext, ciphertext_size, plaintext) == Status.ATCA_SUCCESS + assert plaintext == bytearray(atcab_mock.r_plaintext) + +def test_atcab_aes_ccm_encrypt_finish(test_init): + ctx = atca_aes_ccm_ctx() + tag = bytearray(16) + tag_size = bytearray(1) + assert atcab_aes_ccm_encrypt_finish(ctx, tag, tag_size) == Status.ATCA_SUCCESS + assert tag_size[0] == atcab_mock.r_tag_size.value + +def test_atcab_aes_ccm_decrypt_finish(test_init): + ctx = atca_aes_ccm_ctx() + tag = bytearray(16) + is_verified = AtcaReference(2) + assert atcab_aes_ccm_decrypt_finish(ctx, tag, is_verified) == Status.ATCA_SUCCESS + assert is_verified.value == atcab_mock.r_is_verified.value # ---------------ATCA_BASIC_CHECKMAC-------------- def test_atcab_checkmac(test_init): diff --git a/release_notes.md b/release_notes.md index de597d04f..e655af62e 100644 --- a/release_notes.md +++ b/release_notes.md @@ -1,6 +1,22 @@ # Microchip Cryptoauthlib Release Notes +## Release v3.2.5 (11/30/2020) + +### New features + - TA100 ShareKey API to drive the sharekey process (requires NDA, consult + with your FAE or submit a request through your myMicrochip account) + - Additional software crypto library interface functions for asymmetric + cryptography (sign, verify, ecdh, etc) + - XC8 & XC16 compiler support + - AES CCM & CBC-MAC upper layer API using AES-ECB primatives + +### Fixes + - TA100 AES-GCM auth session tx packet length when command data is included + - PKCS11 Pin length check rejecting valid pin lengths + - aes-gcm nist vector test failed with mbedtls crypto backend due to aad + update not being executed when aad length was zero + ## Release v3.2.4 (10/17/2020) ### New features diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index e1dbf8b1e..ae4d3c63d 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -19,9 +19,12 @@ set(CRYPTOAUTH_TEST_SRC ${TEST_SRC} ${TEST_ATCACERT_SRC} ${TEST_API_ATCAB} ${TEST_API_CALIB} - ${TEST_API_TALIB} ${TEST_VECTORS_SRC}) +if(ATCA_TA100_SUPPORT) +set(CRYPTOAUTH_TEST_SRC ${CRYPTOAUTH_TEST_SRC} ${TEST_API_TALIB}) +endif(ATCA_TA100_SUPPORT) + source_group(TREE ${CMAKE_CURRENT_SOURCE_DIR} FILES ${CRYPTOAUTH_TEST_SRC}) source_group("Unity" FILES ${UNITY_SRC}) diff --git a/test/api_atcab/atca_tests_aes_cbcmac.c b/test/api_atcab/atca_tests_aes_cbcmac.c new file mode 100644 index 000000000..57da12652 --- /dev/null +++ b/test/api_atcab/atca_tests_aes_cbcmac.c @@ -0,0 +1,95 @@ +/** + * \file + * \brief Unity tests for the cryptoauthlib Basic API + * + * \copyright (c) 2015-2018 Microchip Technology Inc. and its subsidiaries. + * + * \page License + * + * Subject to your compliance with these terms, you may use Microchip software + * and any derivatives exclusively with Microchip products. It is your + * responsibility to comply with third party license terms applicable to your + * use of third party software (including open source software) that may + * accompany Microchip software. + * + * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER + * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED + * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A + * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, + * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE + * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF + * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE + * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL + * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED + * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR + * THIS SOFTWARE. + */ +#include +#ifdef _WIN32 +#include +#endif +#include "atca_test.h" + +extern const uint8_t g_aes_keys[4][16]; +extern const uint8_t g_plaintext[64]; + +#ifdef ATCA_ATECC608_SUPPORT +// Expected CBC-MACs for g_plaintext with all keys +static const uint8_t g_cbc_mac[4][16] = { + { 0xA7, 0x35, 0x6E, 0x12, 0x07, 0xBB, 0x40, 0x66, 0x39, 0xE5, 0xE5, 0xCE, 0xB9, 0xA9, 0xED, 0x93 }, + { 0xA8, 0x2D, 0xD8, 0xBE, 0x90, 0x80, 0x40, 0xBE, 0xA4, 0x56, 0x26, 0x0D, 0x0A, 0x81, 0xAE, 0x07 }, + { 0x7F, 0xE5, 0x65, 0x9C, 0xBA, 0x0E, 0x01, 0xD9, 0xCA, 0xC1, 0x6F, 0xCA, 0x1B, 0x6F, 0x66, 0x2E }, + { 0xE1, 0xD0, 0xC0, 0x85, 0x49, 0xBF, 0xF7, 0xFB, 0xA9, 0xE0, 0xCF, 0x6B, 0x49, 0x32, 0x36, 0xF1 } +}; + +TEST(atca_cmd_basic_test, aes_cbc_mac) +{ + uint8_t cbc_mac[AES_DATA_SIZE]; + uint8_t key_block; + atca_aes_cbcmac_ctx_t ctx; + ATCA_STATUS status; + + check_config_aes_enable(); + + // Load AES keys into TempKey + status = atcab_nonce_load(NONCE_MODE_TARGET_TEMPKEY, g_aes_keys[0], 64); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + // Positive test case for AES CBC-MAC with different AES keys + for (key_block = 0; key_block < 4; key_block++) + { + // Init CBC-MAC context using 1st key in TempKey + status = atcab_aes_cbcmac_init(&ctx, ATCA_TEMPKEY_KEYID, key_block); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + // Updating data in to the cbcmac function + status = atcab_aes_cbcmac_update(&ctx, g_plaintext, sizeof(g_plaintext)); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + // Finishing the cbcmac operation and getting the MAC output. + status = atcab_aes_cbcmac_finish(&ctx, cbc_mac, AES_DATA_SIZE); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + TEST_ASSERT_EQUAL_MEMORY(g_cbc_mac[key_block], cbc_mac, AES_DATA_SIZE); + } + + // Negative Test case for data set with incomplete blocks + // Init CBC-MAC context using 1st key in TempKey + status = atcab_aes_cbcmac_init(&ctx, ATCA_TEMPKEY_KEYID, key_block); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + // Updating data in to the cbcmac function with incomplete block + status = atcab_aes_cbcmac_update(&ctx, g_plaintext, sizeof(g_plaintext) - 8); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + // Check if the incomplete block is copied to the context buffer. + TEST_ASSERT_EQUAL_MEMORY(&g_plaintext[sizeof(g_plaintext) - 16], ctx.block, AES_DATA_SIZE - 8); + // cbcmac_fininsh operation should fail because of the incomplete block + status = atcab_aes_cbcmac_finish(&ctx, cbc_mac, AES_DATA_SIZE); + TEST_ASSERT_NOT_EQUAL(ATCA_SUCCESS, status); +} +#endif + + +t_test_case_info aes_cbcmac_basic_test_info[] = +{ +#ifdef ATCA_ATECC608_SUPPORT + { REGISTER_TEST_CASE(atca_cmd_basic_test, aes_cbc_mac), DEVICE_MASK(ATECC608A) }, +#endif + { (fp_test_case)NULL, (uint8_t)0 }, /* Array Termination element*/ +}; diff --git a/test/api_atcab/atca_tests_aes_ccm.c b/test/api_atcab/atca_tests_aes_ccm.c new file mode 100644 index 000000000..9b4f46f38 --- /dev/null +++ b/test/api_atcab/atca_tests_aes_ccm.c @@ -0,0 +1,348 @@ +/** + * \file + * \brief Unity tests for the cryptoauthlib Basic API + * + * \copyright (c) 2015-2018 Microchip Technology Inc. and its subsidiaries. + * + * \page License + * + * Subject to your compliance with these terms, you may use Microchip software + * and any derivatives exclusively with Microchip products. It is your + * responsibility to comply with third party license terms applicable to your + * use of third party software (including open source software) that may + * accompany Microchip software. + * + * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER + * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED + * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A + * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, + * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE + * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF + * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE + * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL + * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED + * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR + * THIS SOFTWARE. + */ +#include +#ifdef _WIN32 +#include +#endif +#include "atca_test.h" + +#ifdef ATCA_ATECC608_SUPPORT +typedef struct +{ + uint8_t key[16]; + uint8_t nonce[AES_DATA_SIZE - 2]; + uint8_t nonce_size; + uint8_t aad[48]; + uint8_t aad_size; + uint8_t plaintext[48]; + uint8_t plaintext_size; + uint8_t tag[16]; + uint8_t tag_size; + uint8_t ciphertext[48]; +}aes_ccm_test_vectors; + +const aes_ccm_test_vectors ccm_test_array[] = +{ + //https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-38c.pdf + { + // C.1 Example 1 + { 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f }, + { 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16 }, + 7, + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + 8, + { 0x20, 0x21, 0x22, 0x23 }, + 4, + { 0x4d, 0xac, 0x25, 0x5d }, + 4, + { 0x71, 0x62, 0x01, 0x5b }, + }, + { + // C.2 Example 2 + { 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f }, + { 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 }, + 8, + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, + 16, + { 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f }, + 16, + { 0x1f, 0xc6, 0x4f, 0xbf, 0xac, 0xcd }, + 6, + { 0xd2, 0xa1, 0xf0, 0xe0, 0x51, 0xea, 0x5f, 0x62, 0x08, 0x1a, 0x77, 0x92, 0x07, 0x3d, 0x59, 0x3d }, + }, + { + // C.3 Example 3 + { 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f }, + { 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b }, + 12, + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13}, + 20, + { 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37}, + 24, + { 0x48, 0x43, 0x92, 0xfb, 0xc1, 0xb0, 0x99, 0x51 }, + 8, + { 0xe3, 0xb2, 0x01, 0xa9, 0xf5, 0xb7, 0x1a, 0x7a, 0x9b, 0x1c, 0xea, 0xec, 0xcd, 0x97, 0xe7, 0x0b, 0x61, 0x76, 0xaa, 0xd9, 0xa4, 0x42, 0x8a, 0xa5}, + } +}; + +TEST(atca_cmd_basic_test, aes_ccm_auth_encrypt) +{ + ATCA_STATUS status; + uint16_t key_id = ATCA_TEMPKEY_KEYID; + uint8_t key_block = 0; + aes_ccm_test_vectors* test_data; + atca_aes_ccm_ctx_t ctx; + uint8_t ciphertext[48]; + uint8_t tag[AES_DATA_SIZE]; + uint8_t tag_size; + + for (int i = 0; i < (sizeof(ccm_test_array) / sizeof(aes_ccm_test_vectors)); i++) + { + test_data = (aes_ccm_test_vectors*)&ccm_test_array[i]; + + status = atcab_nonce_load(NONCE_MODE_TARGET_TEMPKEY, test_data->key, 32); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_init(&ctx, key_id, key_block, test_data->nonce, (size_t)test_data->nonce_size, (size_t)test_data->aad_size, (size_t)test_data->plaintext_size, (size_t)test_data->tag_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_aad_update(&ctx, test_data->aad, test_data->aad_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_encrypt_update(&ctx, test_data->plaintext, test_data->plaintext_size, ciphertext); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_encrypt_finish(&ctx, tag, &tag_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + TEST_ASSERT_EQUAL_MEMORY(test_data->tag, tag, test_data->tag_size); + TEST_ASSERT_EQUAL_MEMORY(test_data->ciphertext, ciphertext, test_data->plaintext_size); + } +} + +TEST(atca_cmd_basic_test, aes_ccm_auth_decrypt) +{ + ATCA_STATUS status; + uint16_t key_id = ATCA_TEMPKEY_KEYID; + uint8_t key_block = 0; + aes_ccm_test_vectors* test_data; + atca_aes_ccm_ctx_t ctx; + uint8_t plaintext[48]; + bool is_verified; + + for (int i = 0; i < (sizeof(ccm_test_array) / sizeof(aes_ccm_test_vectors)); i++) + { + test_data = (aes_ccm_test_vectors*)&ccm_test_array[i]; + + status = atcab_nonce_load(NONCE_MODE_TARGET_TEMPKEY, test_data->key, 32); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_init(&ctx, key_id, key_block, test_data->nonce, (size_t)test_data->nonce_size, (size_t)test_data->aad_size, (size_t)test_data->plaintext_size, (size_t)test_data->tag_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_aad_update(&ctx, test_data->aad, test_data->aad_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_decrypt_update(&ctx, test_data->ciphertext, test_data->plaintext_size, plaintext); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_decrypt_finish(&ctx, test_data->tag, &is_verified); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + TEST_ASSERT_EQUAL(true, is_verified); + + TEST_ASSERT_EQUAL_MEMORY(test_data->plaintext, plaintext, test_data->plaintext_size); + } +} + +TEST(atca_cmd_basic_test, aes_ccm_auth_encrypt_partial) +{ + ATCA_STATUS status; + uint16_t key_id = ATCA_TEMPKEY_KEYID; + uint8_t key_block = 0; + aes_ccm_test_vectors* test_data; + atca_aes_ccm_ctx_t ctx; + uint8_t ciphertext[48]; + uint8_t tag[AES_DATA_SIZE]; + uint8_t tag_size; + + test_data = (aes_ccm_test_vectors*)&ccm_test_array[0]; + + status = atcab_nonce_load(NONCE_MODE_TARGET_TEMPKEY, test_data->key, 32); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_init(&ctx, key_id, key_block, test_data->nonce, (size_t)test_data->nonce_size, (size_t)test_data->aad_size, (size_t)test_data->plaintext_size, (size_t)test_data->tag_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_aad_update(&ctx, test_data->aad, test_data->aad_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_encrypt_update(&ctx, &test_data->plaintext[0], 2, &ciphertext[0]); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_encrypt_update(&ctx, &test_data->plaintext[2], 2, &ciphertext[2]); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_encrypt_finish(&ctx, tag, &tag_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + TEST_ASSERT_EQUAL_MEMORY(test_data->tag, tag, test_data->tag_size); + TEST_ASSERT_EQUAL_MEMORY(test_data->ciphertext, ciphertext, test_data->plaintext_size); + + + test_data = (aes_ccm_test_vectors*)&ccm_test_array[1]; + + status = atcab_nonce_load(NONCE_MODE_TARGET_TEMPKEY, test_data->key, 32); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_init(&ctx, key_id, key_block, test_data->nonce, (size_t)test_data->nonce_size, (size_t)test_data->aad_size, (size_t)test_data->plaintext_size, (size_t)test_data->tag_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_aad_update(&ctx, test_data->aad, test_data->aad_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_encrypt_update(&ctx, &test_data->plaintext[0], 4, &ciphertext[0]); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_encrypt_update(&ctx, &test_data->plaintext[4], 4, &ciphertext[4]); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_encrypt_update(&ctx, &test_data->plaintext[8], 8, &ciphertext[8]); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_encrypt_finish(&ctx, tag, &tag_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + TEST_ASSERT_EQUAL_MEMORY(test_data->tag, tag, test_data->tag_size); + TEST_ASSERT_EQUAL_MEMORY(test_data->ciphertext, ciphertext, test_data->plaintext_size); + + + test_data = (aes_ccm_test_vectors*)&ccm_test_array[2]; + + status = atcab_nonce_load(NONCE_MODE_TARGET_TEMPKEY, test_data->key, 32); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_init(&ctx, key_id, key_block, test_data->nonce, (size_t)test_data->nonce_size, (size_t)test_data->aad_size, (size_t)test_data->plaintext_size, (size_t)test_data->tag_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_aad_update(&ctx, test_data->aad, test_data->aad_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_encrypt_update(&ctx, &test_data->plaintext[0], 8, &ciphertext[0]); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_encrypt_update(&ctx, &test_data->plaintext[8], 8, &ciphertext[8]); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_encrypt_update(&ctx, &test_data->plaintext[16], 8, &ciphertext[16]); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_encrypt_finish(&ctx, tag, &tag_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + TEST_ASSERT_EQUAL_MEMORY(test_data->tag, tag, test_data->tag_size); + TEST_ASSERT_EQUAL_MEMORY(test_data->ciphertext, ciphertext, test_data->plaintext_size); +} + +TEST(atca_cmd_basic_test, aes_ccm_auth_decrypt_partial) +{ + ATCA_STATUS status; + uint16_t key_id = ATCA_TEMPKEY_KEYID; + uint8_t key_block = 0; + aes_ccm_test_vectors* test_data; + atca_aes_ccm_ctx_t ctx; + uint8_t plaintext[48]; + bool is_verified; + + test_data = (aes_ccm_test_vectors*)&ccm_test_array[0]; + + status = atcab_nonce_load(NONCE_MODE_TARGET_TEMPKEY, test_data->key, 32); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_init(&ctx, key_id, key_block, test_data->nonce, (size_t)test_data->nonce_size, (size_t)test_data->aad_size, (size_t)test_data->plaintext_size, (size_t)test_data->tag_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_aad_update(&ctx, test_data->aad, test_data->aad_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_decrypt_update(&ctx, &test_data->ciphertext[0], 2, &plaintext[0]); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_decrypt_update(&ctx, &test_data->ciphertext[2], 2, &plaintext[2]); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_decrypt_finish(&ctx, test_data->tag, &is_verified); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + TEST_ASSERT_EQUAL(true, is_verified); + + TEST_ASSERT_EQUAL_MEMORY(test_data->plaintext, plaintext, test_data->plaintext_size); + + + test_data = (aes_ccm_test_vectors*)&ccm_test_array[1]; + + status = atcab_nonce_load(NONCE_MODE_TARGET_TEMPKEY, test_data->key, 32); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_init(&ctx, key_id, key_block, test_data->nonce, (size_t)test_data->nonce_size, (size_t)test_data->aad_size, (size_t)test_data->plaintext_size, (size_t)test_data->tag_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_aad_update(&ctx, test_data->aad, test_data->aad_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_decrypt_update(&ctx, &test_data->ciphertext[0], 4, &plaintext[0]); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_decrypt_update(&ctx, &test_data->ciphertext[4], 4, &plaintext[4]); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_decrypt_update(&ctx, &test_data->ciphertext[8], 8, &plaintext[8]); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_decrypt_finish(&ctx, test_data->tag, &is_verified); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + TEST_ASSERT_EQUAL(true, is_verified); + + TEST_ASSERT_EQUAL_MEMORY(test_data->plaintext, plaintext, test_data->plaintext_size); + + + test_data = (aes_ccm_test_vectors*)&ccm_test_array[2]; + + status = atcab_nonce_load(NONCE_MODE_TARGET_TEMPKEY, test_data->key, 32); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_init(&ctx, key_id, key_block, test_data->nonce, (size_t)test_data->nonce_size, (size_t)test_data->aad_size, (size_t)test_data->plaintext_size, (size_t)test_data->tag_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_aad_update(&ctx, test_data->aad, test_data->aad_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_decrypt_update(&ctx, &test_data->ciphertext[0], 8, &plaintext[0]); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_decrypt_update(&ctx, &test_data->ciphertext[8], 8, &plaintext[8]); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_decrypt_update(&ctx, &test_data->ciphertext[16], 8, &plaintext[16]); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcab_aes_ccm_decrypt_finish(&ctx, test_data->tag, &is_verified); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + TEST_ASSERT_EQUAL(true, is_verified); + + TEST_ASSERT_EQUAL_MEMORY(test_data->plaintext, plaintext, test_data->plaintext_size); +} +#endif + +t_test_case_info aes_ccm_basic_test_info[] = +{ +#ifdef ATCA_ATECC608_SUPPORT + { REGISTER_TEST_CASE(atca_cmd_basic_test, aes_ccm_auth_encrypt), DEVICE_MASK(ATECC608A) }, + { REGISTER_TEST_CASE(atca_cmd_basic_test, aes_ccm_auth_encrypt_partial), DEVICE_MASK(ATECC608A) }, + { REGISTER_TEST_CASE(atca_cmd_basic_test, aes_ccm_auth_decrypt), DEVICE_MASK(ATECC608A) }, + { REGISTER_TEST_CASE(atca_cmd_basic_test, aes_ccm_auth_decrypt_partial), DEVICE_MASK(ATECC608A) }, +#endif + { (fp_test_case)NULL, (uint8_t)0 }, /* Array Termination element*/ +}; diff --git a/test/api_atcab/atca_tests_aes_gcm.c b/test/api_atcab/atca_tests_aes_gcm.c index c49097f33..35ce91c3d 100644 --- a/test/api_atcab/atca_tests_aes_gcm.c +++ b/test/api_atcab/atca_tests_aes_gcm.c @@ -672,6 +672,6 @@ t_test_case_info aes_gcm_basic_test_info[] = #else t_test_case_info aes_gcm_basic_test_info[] = { - { (fp_test_case)NULL, (uint8_t)0 }, /* Array Termination element*/ + { (fp_test_case)NULL, (uint8_t)0 }, /* Array Termination element*/ }; #endif diff --git a/test/api_atcab/atca_tests_sha.c b/test/api_atcab/atca_tests_sha.c index bf825adb7..09e6aff24 100644 --- a/test/api_atcab/atca_tests_sha.c +++ b/test/api_atcab/atca_tests_sha.c @@ -616,7 +616,7 @@ t_test_case_info sha_basic_test_info[] = #endif { REGISTER_TEST_CASE(atca_cmd_basic_test, sha_hmac), DEVICE_MASK_ECC | DEVICE_MASK(TA100) }, #ifdef ATCA_ATECC608_SUPPORT - { REGISTER_TEST_CASE(atca_cmd_basic_test, sha_hmac_tempkey), DEVICE_MASK_ECC }, + { REGISTER_TEST_CASE(atca_cmd_basic_test, sha_hmac_tempkey), DEVICE_MASK(ATECC608) }, #endif { (fp_test_case)NULL, (uint8_t)0 }, /* Array Termination element*/ }; diff --git a/test/api_talib/test_ecc_certificate_chain.c b/test/api_talib/test_ecc_certificate_chain.c deleted file mode 100644 index 1e9b41ac2..000000000 --- a/test/api_talib/test_ecc_certificate_chain.c +++ /dev/null @@ -1,127 +0,0 @@ -/** - * \file - * \brief Tests for the TA Library API (tablib) - * - * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. - * - * \page License - * - * Subject to your compliance with these terms, you may use Microchip software - * and any derivatives exclusively with Microchip products. It is your - * responsibility to comply with third party license terms applicable to your - * use of third party software (including open source software) that may - * accompany Microchip software. - * - * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER - * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED - * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A - * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, - * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE - * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF - * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE - * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL - * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED - * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR - * THIS SOFTWARE. - */ - -#include "test_ecc_certificate_chain.h" - - -const uint8_t test_ecc_root_public_key[] = { - 0x57, 0x7c, 0xbe, 0xe3, 0x8d, 0x4c, 0xcc, 0x47, 0x27, 0x3b, 0xb0, 0x47, 0x1e, 0x81, 0x7a, 0xf9, - 0x7a, 0xf4, 0xb0, 0xf8, 0xc0, 0xc4, 0x2e, 0xf1, 0xae, 0x80, 0x66, 0xc2, 0xb0, 0xc3, 0x31, 0x74, - 0xd2, 0xbf, 0x77, 0x71, 0x20, 0xa4, 0xca, 0xee, 0x33, 0x40, 0xd0, 0xef, 0x57, 0x2a, 0x5b, 0x08, - 0x46, 0x53, 0x80, 0xff, 0x0d, 0x47, 0x45, 0x92, 0x0e, 0x9a, 0x77, 0x87, 0xb9, 0xd2, 0x24, 0x5d -}; - -const uint8_t test_ecc_signer_cert[] = { - 0x30, 0x82, 0x02, 0x37, 0x30, 0x82, 0x01, 0xDD, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x14, 0x00, - 0xAE, 0x43, 0xA0, 0xCD, 0xCA, 0x14, 0x92, 0x1B, 0x08, 0xC5, 0x24, 0xD0, 0x95, 0xEC, 0x78, 0x73, - 0x4D, 0x93, 0x0F, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, - 0x4F, 0x31, 0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x53, 0x50, 0x47, 0x31, - 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x09, 0x52, 0x6F, 0x6F, 0x74, 0x5F, 0x43, - 0x65, 0x72, 0x74, 0x31, 0x1D, 0x30, 0x1B, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x14, 0x4D, 0x69, - 0x63, 0x72, 0x6F, 0x63, 0x68, 0x69, 0x70, 0x20, 0x54, 0x65, 0x63, 0x68, 0x6E, 0x6F, 0x6C, 0x6F, - 0x67, 0x79, 0x31, 0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x03, 0x49, 0x4E, 0x44, - 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x34, 0x32, 0x32, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, - 0x5A, 0x17, 0x0D, 0x32, 0x32, 0x30, 0x34, 0x32, 0x32, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5A, - 0x30, 0x51, 0x31, 0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x03, 0x49, 0x4E, 0x44, - 0x31, 0x1D, 0x30, 0x1B, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x14, 0x4D, 0x69, 0x63, 0x72, 0x6F, - 0x63, 0x68, 0x69, 0x70, 0x20, 0x54, 0x65, 0x63, 0x68, 0x6E, 0x6F, 0x6C, 0x6F, 0x67, 0x79, 0x31, - 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0B, 0x53, 0x69, 0x67, 0x6E, 0x65, 0x72, - 0x5F, 0x43, 0x65, 0x72, 0x74, 0x31, 0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, - 0x53, 0x50, 0x47, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, - 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x67, 0xE1, - 0xAC, 0xC2, 0x2B, 0x39, 0xB9, 0x1E, 0x93, 0x93, 0x12, 0x24, 0xB8, 0x5A, 0x1F, 0xBE, 0x7F, 0xE0, - 0x11, 0x7A, 0xE4, 0x3C, 0x59, 0x13, 0xC9, 0xE6, 0xC4, 0x8B, 0x7A, 0xF0, 0x08, 0x6D, 0x8D, 0xAD, - 0xC4, 0xDA, 0xB6, 0x19, 0xA6, 0x4E, 0x7F, 0xA4, 0x4F, 0xC0, 0x7D, 0x02, 0x28, 0x9C, 0x5D, 0x8D, - 0x8F, 0xAC, 0x5F, 0x3C, 0x21, 0x0E, 0xEA, 0xCB, 0x46, 0xC3, 0x47, 0xA4, 0x91, 0xB0, 0xA3, 0x81, - 0x94, 0x30, 0x81, 0x91, 0x30, 0x4F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x48, 0x30, 0x46, 0x80, - 0x14, 0xFB, 0x64, 0x03, 0xCE, 0xC4, 0xEE, 0x85, 0xDD, 0x4E, 0x10, 0x86, 0x57, 0xAE, 0x06, 0x77, - 0xE0, 0x63, 0xC0, 0xFF, 0x6E, 0xA1, 0x18, 0xA4, 0x16, 0x30, 0x14, 0x31, 0x12, 0x30, 0x10, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x0C, 0x09, 0x52, 0x6F, 0x6F, 0x74, 0x5F, 0x43, 0x65, 0x72, 0x74, 0x82, - 0x14, 0x00, 0xE5, 0x96, 0x17, 0x42, 0xDC, 0x13, 0x45, 0x36, 0xA8, 0x41, 0x48, 0x6F, 0x2C, 0xAE, - 0x33, 0x64, 0xA7, 0xC1, 0x43, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, - 0xEB, 0xA3, 0x74, 0xF8, 0x12, 0x3B, 0x17, 0x1E, 0x2B, 0x0E, 0xC9, 0x86, 0xA6, 0x49, 0x67, 0x18, - 0xE2, 0xE9, 0x3F, 0x81, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, - 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, - 0x04, 0x03, 0x02, 0x02, 0x8C, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, - 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x21, 0x00, 0xE0, 0x00, 0x31, 0x4F, 0x83, 0x79, 0xE0, - 0xC7, 0x40, 0xFC, 0xAD, 0x91, 0xE0, 0x6C, 0xE3, 0x29, 0x37, 0x14, 0x59, 0xE4, 0x5C, 0x7B, 0xCD, - 0xA3, 0x29, 0x81, 0xD0, 0xE1, 0x8D, 0x2A, 0xB6, 0xB2, 0x02, 0x20, 0x2E, 0x10, 0x86, 0x0F, 0xB3, - 0x07, 0x1A, 0xBC, 0xFF, 0x89, 0x4A, 0x27, 0xDC, 0xAB, 0x24, 0xB5, 0xCE, 0xE7, 0xA3, 0xFD, 0xC5, - 0xA0, 0xEB, 0xCF, 0x20, 0x68, 0x18, 0x96, 0x70, 0xF7, 0xC4, 0xDA -}; - - -const uint8_t test_ecc_leaf_public_key[] = { - 0x4b, 0x7a, 0x45, 0xb6, 0x65, 0x15, 0xab, 0x5d, 0x5d, 0x5c, 0x2a, 0x83, 0xb7, 0x26, 0xf4, 0x9d, - 0x3b, 0xa9, 0x72, 0x5d, 0xec, 0xd7, 0x1d, 0xac, 0xef, 0x0a, 0xd9, 0xd9, 0x13, 0x57, 0x38, 0x7e, - 0x68, 0xb3, 0xa7, 0x61, 0x2c, 0x46, 0x0b, 0xba, 0x41, 0xa2, 0x68, 0x12, 0xe7, 0x26, 0x9d, 0x43, - 0xe5, 0x3b, 0x92, 0x2a, 0xa9, 0xbe, 0x87, 0x1b, 0xc8, 0x8c, 0x05, 0x79, 0x7b, 0x6a, 0x76, 0x89 -}; - -const uint8_t test_ecc_leaf_cert[] = { - 0x30, 0x82, 0x02, 0x71, 0x30, 0x82, 0x02, 0x17, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x14, 0x00, - 0xE7, 0x70, 0xAF, 0xDC, 0xAB, 0x2C, 0x99, 0x25, 0x01, 0xC3, 0x47, 0x8A, 0xC3, 0x1B, 0x41, 0x10, - 0x5F, 0xD3, 0x47, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, - 0x51, 0x31, 0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x53, 0x50, 0x47, 0x31, - 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0B, 0x53, 0x69, 0x67, 0x6E, 0x65, 0x72, - 0x5F, 0x43, 0x65, 0x72, 0x74, 0x31, 0x1D, 0x30, 0x1B, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x14, - 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x63, 0x68, 0x69, 0x70, 0x20, 0x54, 0x65, 0x63, 0x68, 0x6E, 0x6F, - 0x6C, 0x6F, 0x67, 0x79, 0x31, 0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x03, 0x49, - 0x4E, 0x44, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x34, 0x32, 0x32, 0x30, 0x30, 0x30, 0x30, - 0x30, 0x30, 0x5A, 0x17, 0x0D, 0x32, 0x32, 0x30, 0x34, 0x32, 0x32, 0x30, 0x30, 0x30, 0x30, 0x30, - 0x30, 0x5A, 0x30, 0x51, 0x31, 0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x03, 0x49, - 0x4E, 0x44, 0x31, 0x1D, 0x30, 0x1B, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x14, 0x4D, 0x69, 0x63, - 0x72, 0x6F, 0x63, 0x68, 0x69, 0x70, 0x20, 0x54, 0x65, 0x63, 0x68, 0x6E, 0x6F, 0x6C, 0x6F, 0x67, - 0x79, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0B, 0x44, 0x65, 0x76, 0x69, - 0x63, 0x65, 0x5F, 0x43, 0x65, 0x72, 0x74, 0x31, 0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, - 0x0C, 0x03, 0x53, 0x50, 0x47, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, - 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, - 0x4B, 0x7A, 0x45, 0xB6, 0x65, 0x15, 0xAB, 0x5D, 0x5D, 0x5C, 0x2A, 0x83, 0xB7, 0x26, 0xF4, 0x9D, - 0x3B, 0xA9, 0x72, 0x5D, 0xEC, 0xD7, 0x1D, 0xAC, 0xEF, 0x0A, 0xD9, 0xD9, 0x13, 0x57, 0x38, 0x7E, - 0x68, 0xB3, 0xA7, 0x61, 0x2C, 0x46, 0x0B, 0xBA, 0x41, 0xA2, 0x68, 0x12, 0xE7, 0x26, 0x9D, 0x43, - 0xE5, 0x3B, 0x92, 0x2A, 0xA9, 0xBE, 0x87, 0x1B, 0xC8, 0x8C, 0x05, 0x79, 0x7B, 0x6A, 0x76, 0x89, - 0xA3, 0x81, 0xCC, 0x30, 0x81, 0xC9, 0x30, 0x81, 0x8C, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, - 0x84, 0x30, 0x81, 0x81, 0x80, 0x14, 0xEB, 0xA3, 0x74, 0xF8, 0x12, 0x3B, 0x17, 0x1E, 0x2B, 0x0E, - 0xC9, 0x86, 0xA6, 0x49, 0x67, 0x18, 0xE2, 0xE9, 0x3F, 0x81, 0xA1, 0x53, 0xA4, 0x51, 0x30, 0x4F, - 0x31, 0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x53, 0x50, 0x47, 0x31, 0x12, - 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x09, 0x52, 0x6F, 0x6F, 0x74, 0x5F, 0x43, 0x65, - 0x72, 0x74, 0x31, 0x1D, 0x30, 0x1B, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x14, 0x4D, 0x69, 0x63, - 0x72, 0x6F, 0x63, 0x68, 0x69, 0x70, 0x20, 0x54, 0x65, 0x63, 0x68, 0x6E, 0x6F, 0x6C, 0x6F, 0x67, - 0x79, 0x31, 0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x03, 0x49, 0x4E, 0x44, 0x82, - 0x14, 0x00, 0xAE, 0x43, 0xA0, 0xCD, 0xCA, 0x14, 0x92, 0x1B, 0x08, 0xC5, 0x24, 0xD0, 0x95, 0xEC, - 0x78, 0x73, 0x4D, 0x93, 0x0F, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, - 0xB1, 0xA0, 0xD6, 0x59, 0xF4, 0x1D, 0x63, 0xB9, 0x26, 0xB4, 0xBA, 0x38, 0xBE, 0x89, 0x5C, 0x76, - 0x56, 0x07, 0x88, 0x84, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x03, 0x88, 0x30, - 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, - 0x02, 0x20, 0x2E, 0x64, 0xD0, 0x00, 0xE7, 0x53, 0x0D, 0x65, 0x8F, 0x2A, 0x00, 0x7E, 0xD1, 0x60, - 0x9D, 0x29, 0x68, 0x6C, 0x4B, 0x9E, 0x72, 0x8C, 0xB7, 0x20, 0x44, 0x7F, 0x89, 0xE6, 0x22, 0x8B, - 0x41, 0x0F, 0x02, 0x21, 0x00, 0xDC, 0xB7, 0x86, 0x1D, 0x68, 0x27, 0x6B, 0x76, 0xB1, 0xB5, 0x8E, - 0x3E, 0xE8, 0xE4, 0x3D, 0x14, 0xEF, 0x2F, 0xD2, 0x22, 0x43, 0x49, 0xE9, 0x13, 0xE2, 0x01, 0xD1, - 0x43, 0xC2, 0x36, 0xC5, 0x6B -}; - diff --git a/test/api_talib/test_talib_aes.c b/test/api_talib/test_talib_aes.c deleted file mode 100644 index 6d2f9caa5..000000000 --- a/test/api_talib/test_talib_aes.c +++ /dev/null @@ -1,244 +0,0 @@ - -#include "atca_config.h" -#include "cryptoauthlib.h" -#include "atca_test.h" - -#if ATCA_TA_SUPPORT - -#include "vectors/aes_gcm_nist_vectors.h" - - -/** \brief This test cases load an AES key and perform AES-GCM encryption & decryption on Nist Vectors. - * . - */ -TEST(atca_cmd_basic_test, talib_aes_gcm_nist_vectors) -{ - ATCA_STATUS status; - uint8_t test_index; - uint16_t key_id; - uint8_t aes_key_block = 0; - uint8_t ciphertext[GCM_TEST_VECTORS_DATA_SIZE_MAX]; - uint8_t plaintext[GCM_TEST_VECTORS_DATA_SIZE_MAX]; - uint8_t tag[AES_DATA_SIZE]; - - // Skip test if data zone isn't locked - test_assert_data_is_locked(); - - // Skip test if AES is not enabled - check_config_aes_enable(); - - for (test_index = 0; test_index < GCM_TEST_VECTORS_COUNT; test_index++) - { - - //Skip the test case "Test case 5" as the IV size is small. - if (test_index == 4) - { - continue; - } - - status = atca_test_config_get_id(TEST_TYPE_AES, &key_id); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Load AES keys into slot - status = atcab_write_bytes_zone(ATCA_ZONE_DATA, key_id, 0, gcm_test_cases[test_index].key, 16); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Load the AES key to the engine in device - status = talib_aes_gcm_keyload(atcab_get_device(), key_id, aes_key_block); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - ////////////////////////////////////// Encryption ///////////////////////////////////////// - - //Perform the AES-GCM encryption operation - status = talib_aes_gcm_encrypt(atcab_get_device(), gcm_test_cases[test_index].aad, gcm_test_cases[test_index].aad_size, gcm_test_cases[test_index].iv, gcm_test_cases[test_index].plaintext, gcm_test_cases[test_index].text_size, ciphertext, tag); - - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - //Verify ciphertext with expected data - if (gcm_test_cases[test_index].text_size > 0) - { - TEST_ASSERT_EQUAL_MEMORY(gcm_test_cases[test_index].ciphertext, ciphertext, gcm_test_cases[test_index].text_size); - } - - //Verify calculated tag - TEST_ASSERT_EQUAL_MEMORY(gcm_test_cases[test_index].tag, tag, sizeof(tag)); - - - ////////////////////////////////////// Decryption ///////////////////////////////////////// - - //Load the AES key to the engine in device - status = talib_aes_gcm_keyload(atcab_get_device(), key_id, aes_key_block); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Perform the AES-GCM decryption operation - status = talib_aes_gcm_decrypt(atcab_get_device(), gcm_test_cases[test_index].aad, gcm_test_cases[test_index].aad_size, gcm_test_cases[test_index].iv, gcm_test_cases[test_index].tag, gcm_test_cases[test_index].ciphertext, gcm_test_cases[test_index].text_size, plaintext); - - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Verify plaintext with expected data - if (gcm_test_cases[test_index].text_size > 0) - { - TEST_ASSERT_EQUAL_MEMORY(plaintext, gcm_test_cases[test_index].plaintext, gcm_test_cases[test_index].text_size); - } - - } -} - - -/** \brief This test cases load an AES key & 4 byte IV and perform AES-GCM encryption & decryption for Nist Vector "Test case 4" . - * The 4 IV is taken internally from the device and remaining 8 byte is given in the input buffer. - * - */ -TEST(atca_cmd_basic_test, aes_gcm_test_implicit_iv) -{ - ATCA_STATUS status; - uint16_t key_id = TA_HANDLE_VOLATILE_REGISTER2; - uint8_t aes_key_block = 0; - uint8_t iv_index; - uint8_t ciphertext[GCM_TEST_VECTORS_DATA_SIZE_MAX]; - uint8_t plaintext[GCM_TEST_VECTORS_DATA_SIZE_MAX]; - uint8_t tag[AES_DATA_SIZE]; - uint8_t test_index = 3; - uint8_t aes_key_with_iv[32] = { 0 }; - ta_element_attributes_t attr_hmac_symm_handle; - - // Skip test if data zone isn't locked - test_assert_data_is_locked(); - - // Skip test if AES is not enabled - check_config_aes_enable(); - - status = talib_handle_init_symmetric_key(&attr_hmac_symm_handle, TA_KEY_TYPE_HMAC, - TA_PROP_SYMM_KEY_USAGE_MAC); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_hmac_element_with_handle(atcab_get_device(), TA_MAC_COMMAND_HMAC_SIZE, key_id, - &attr_hmac_symm_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Copying the AES key and 4 byte to the local buffer - memcpy(aes_key_with_iv, gcm_test_cases[test_index].key, sizeof(gcm_test_cases[test_index].key)); - memcpy(&aes_key_with_iv[16], gcm_test_cases[test_index].iv, 4); - iv_index = 16; - - // Write AES key + 4 byte iv to the slot - //Note: For TLS like operation, the output of KDF( AES key + iv) to a slot is used but for simpicity we are writing to the slot. - status = atcab_write_bytes_zone(ATCA_ZONE_DATA, key_id, 0, aes_key_with_iv, 32); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Load the AES key and 4 byte iv to the engine in device - status = talib_aes_gcm_keyload_with_implicit_iv(atcab_get_device(), key_id, aes_key_block, iv_index); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - //Perform the AES-GCM encryption operation where the first 4 bytes IV is taken from inside the device and remaining 8 bytes are sent - status = talib_aes_gcm_encrypt(atcab_get_device(), gcm_test_cases[test_index].aad, gcm_test_cases[test_index].aad_size, &gcm_test_cases[test_index].iv[4], gcm_test_cases[test_index].plaintext, gcm_test_cases[test_index].text_size, ciphertext, tag); - - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Verify ciphertext with expected data - TEST_ASSERT_EQUAL_MEMORY(gcm_test_cases[test_index].ciphertext, ciphertext, gcm_test_cases[test_index].text_size); - - //Verify calculated tag - TEST_ASSERT_EQUAL_MEMORY(gcm_test_cases[test_index].tag, tag, sizeof(tag)); - - - ////////////////////////////////////// Decryption ///////////////////////////////////////// - - //Load the AES key and 4 byte iv to the engine in device - status = talib_aes_gcm_keyload_with_implicit_iv(atcab_get_device(), key_id, aes_key_block, iv_index); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Perform the AES-GCM decryption operation - status = talib_aes_gcm_decrypt(atcab_get_device(), gcm_test_cases[test_index].aad, gcm_test_cases[test_index].aad_size, &gcm_test_cases[test_index].iv[4], gcm_test_cases[test_index].tag, gcm_test_cases[test_index].ciphertext, gcm_test_cases[test_index].text_size, plaintext); - - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Verify plaintext with expected data - TEST_ASSERT_EQUAL_MEMORY(plaintext, gcm_test_cases[test_index].plaintext, gcm_test_cases[test_index].text_size); - -} - - -/** \brief This test cases load an AES key and perform AES-GCM encryption & decryption with internally generated IV. - * . - */ -TEST(atca_cmd_basic_test, aes_gcm_test_random_iv) -{ - ATCA_STATUS status; - uint16_t key_id; - uint8_t aes_key_block = 0; - uint8_t ciphertext[64]; - uint8_t plaintext[64]; - uint8_t plaintext_out[64]; - uint8_t tag[AES_DATA_SIZE]; - uint8_t aad[20]; - uint8_t iv[12]; - uint8_t aes_key[] = { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C }; - - // Skip test if data zone isn't locked - test_assert_data_is_locked(); - - // Skip test if AES is not enabled - check_config_aes_enable(); - - status = atca_test_config_get_id(TEST_TYPE_AES, &key_id); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Write AES key - status = atcab_write_bytes_zone(ATCA_ZONE_DATA, key_id, 0, aes_key, sizeof(aes_key)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Load the AES key - status = talib_aes_gcm_keyload(atcab_get_device(), key_id, aes_key_block); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Generating random plaintext to be encrypted - status = talib_random(atcab_get_device(), NULL, plaintext, sizeof(plaintext)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Generating random AAD - status = talib_random(atcab_get_device(), NULL, aad, sizeof(aad)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Perform the AES-GCM encryption operation with random 12 byte IV generated within device - status = talib_aes_gcm_encrypt(atcab_get_device(), aad, sizeof(aad), iv, plaintext, sizeof(plaintext), ciphertext, tag); - - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - ////////////////////////////////////// Decryption ///////////////////////////////////////// - - //Load the AES key - status = talib_aes_gcm_keyload(atcab_get_device(), key_id, aes_key_block); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Perform the AES-GCM decryption operation - status = talib_aes_gcm_decrypt(atcab_get_device(), aad, sizeof(aad), iv, tag, ciphertext, sizeof(ciphertext), plaintext_out); - - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Verify plaintext with expected data - TEST_ASSERT_EQUAL_MEMORY(plaintext, plaintext_out, sizeof(plaintext)); - -} - -t_test_case_info talib_aes_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, talib_aes_gcm_nist_vectors), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, aes_gcm_test_implicit_iv), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, aes_gcm_test_random_iv), DEVICE_MASK(TA100) }, - /* Array Termination element*/ - { (fp_test_case)NULL, (uint8_t)0 }, -}; - -t_test_case_info* talib_aes_tests[] = { - talib_aes_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif diff --git a/test/api_talib/test_talib_auth.c b/test/api_talib/test_talib_auth.c deleted file mode 100644 index 3e2c4147e..000000000 --- a/test/api_talib/test_talib_auth.c +++ /dev/null @@ -1,149 +0,0 @@ - -#include "atca_config.h" -#include "cryptoauthlib.h" -#include "atca_test.h" - -#if ATCA_TA_SUPPORT - -uint8_t cmac_key[] = { 0x28, 0x97, 0xcc, 0x89, 0x57, 0x0f, 0x8b, 0xa8, 0xe4, 0x92, 0x1f, 0xea, 0x9d, 0xe3, 0x44, 0xd5 }; -uint8_t cmac_i_nonce[] = { 40, 1, 45, 15, 180, 250, 79, 185, 217, 134, 94, 116, 72, 138, 202, 85 }; -uint8_t cmac_r_nonce[] = { 198, 170, 177, 175, 106, 96, 66, 21, 229, 116, 215, 229, 255, 167, 55, 103 }; - -uint8_t gcm_key[] = { 0x69, 0x71, 0xf9, 0x3b, 0x99, 0xd1, 0xdb, 0x92, 0x67, 0xb9, 0xd0, 0xe8, 0x0c, 0x96, 0xaa, 0x7e }; -uint8_t gcm_i_nonce[] = { 0x01, 0x5f, 0x68, 0xd3, 0x21, 0x4d, 0xb0, 0x13, 0x07, 0xa1, 0xc7, 0x97, 0x3d, 0x19, 0x09, 0x00 }; -uint8_t gcm_r_nonce[] = { 0x24, 0x75, 0x84, 0x05, 0x06, 0xa3, 0x20, 0x63, 0x36, 0x5e, 0x3c, 0x2b, 0xdb, 0x69, 0x8b, 0x36 }; - -uint8_t hmac_key[] = { 0xa2, 0x26, 0xe1, 0x65, 0x69, 0x01, 0x80, 0xeb, 0x1a, 0x0c, 0x9c, 0x5b, 0x64, 0x5e, 0x42, 0x02, - 0xfa, 0x2f, 0x4f, 0xfd, 0x68, 0x75 }; -uint8_t hmac_i_nonce[] = { 0xd4, 0xe4, 0x9a, 0x02, 0x9f, 0xf2, 0xca, 0xff, 0x5e, 0x7c, 0xda, 0x2f, 0x13, 0x07, 0xa8, 0xb6 }; -uint8_t hmac_r_nonce[] = { 0xad, 0x23, 0x38, 0x09, 0x4e, 0xd3, 0xbf, 0xc3, 0x89, 0xc6, 0xf6, 0x35, 0xb6, 0xcf, 0xcf, 0xf0 }; - - -TEST(atca_cmd_basic_test, auth_test_hmac) -{ - ATCA_STATUS status; - uint8_t key_buf[32] = { 0 }; - uint16_t key_id; - uint8_t revision[8] = { 0 }; - uint16_t auth_id = 0x4100; - - memcpy(key_buf, hmac_key, sizeof(hmac_key)); - - status = atca_test_config_get_id(TEST_TYPE_AUTH_HMAC, &key_id); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_auth_generate_nonce(_gDevice, auth_id, 0, hmac_i_nonce); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_auth_startup(_gDevice, key_id, TA_AUTH_ALG_ID_HMAC, 2, 32, key_buf, hmac_i_nonce, hmac_r_nonce); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -#ifdef ATCA_PRINTF - printf("\nkeyMat: "); - for (int i = 0; i < 32; i++) - { - printf("%02x", key_buf[i]); - } - printf("\n"); -#endif - - /* Execute a nested command */ - status = talib_info(_gDevice, revision); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_auth_terminate(_gDevice); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -TEST(atca_cmd_basic_test, auth_test_cmac) -{ - ATCA_STATUS status; - uint8_t key_buf[32] = { 0 }; - uint16_t key_id; - uint8_t revision[8] = { 0 }; - uint16_t auth_id = 0x4100; - - memcpy(key_buf, cmac_key, sizeof(cmac_key)); - - status = atca_test_config_get_id(TEST_TYPE_AUTH_CMAC, &key_id); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_write_element(_gDevice, key_id, sizeof(cmac_key), cmac_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_auth_generate_nonce(_gDevice, auth_id, 0, cmac_i_nonce); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_auth_startup(_gDevice, key_id, TA_AUTH_ALG_ID_CMAC, 2, 16, key_buf, cmac_i_nonce, cmac_r_nonce); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -#ifdef ATCA_PRINTF - printf("\nkeyMat: "); - for (int i = 0; i < 32; i++) - { - printf("%02x", key_buf[i]); - } - printf("\n"); -#endif - - status = talib_info(_gDevice, revision); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_auth_terminate(_gDevice); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -TEST(atca_cmd_basic_test, auth_test_gcm) -{ - ATCA_STATUS status; - uint8_t key_buf[32] = { 0 }; - uint16_t key_id; - uint8_t revision[8] = { 0 }; - - memcpy(key_buf, gcm_key, sizeof(gcm_key)); - - status = atca_test_config_get_id(TEST_TYPE_AUTH_GCM, &key_id); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_write_element(_gDevice, key_id, sizeof(gcm_key), gcm_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_auth_generate_nonce(_gDevice, 0x4100, 0, gcm_i_nonce); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_auth_startup(_gDevice, key_id, TA_AUTH_ALG_ID_GCM, 2, 16, key_buf, gcm_i_nonce, gcm_r_nonce); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -#ifdef ATCA_PRINTF - printf("\nkeyMat: "); - for (int i = 0; i < _gDevice->session_key_len; i++) - { - printf("%02x", key_buf[i]); - } - printf("\n"); -#endif - - status = talib_info(_gDevice, revision); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_auth_terminate(_gDevice); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -t_test_case_info talib_auth_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, auth_test_hmac), DEVICE_MASK(TA100) }, -#ifdef ATCA_TA100_AES_AUTH_SUPPORT - { REGISTER_TEST_CASE(atca_cmd_basic_test, auth_test_cmac), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, auth_test_gcm), DEVICE_MASK(TA100) }, -#endif - /* Array Termination element*/ - { (fp_test_case)NULL, (uint8_t)0 }, -}; - -t_test_case_info* talib_auth_tests[] = { - talib_auth_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif diff --git a/test/api_talib/test_talib_config.c b/test/api_talib/test_talib_config.c deleted file mode 100644 index c5c2662ef..000000000 --- a/test/api_talib/test_talib_config.c +++ /dev/null @@ -1,308 +0,0 @@ -/** - * \file - * \brief TA Library API (tablib) Test Configuration - * - * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. - * - * \page License - * - * Subject to your compliance with these terms, you may use Microchip software - * and any derivatives exclusively with Microchip products. It is your - * responsibility to comply with third party license terms applicable to your - * use of third party software (including open source software) that may - * accompany Microchip software. - * - * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER - * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED - * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A - * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, - * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE - * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF - * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE - * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL - * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED - * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR - * THIS SOFTWARE. - */ - -#include "atca_test.h" -#include "test_talib.h" -#include "test_ecc_certificate_chain.h" - -#if ATCA_TA_SUPPORT - -const uint8_t test_ta100_configdata[TA_CONFIG_SIZE] = { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x2e, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x01, 0x00, 0x00, 0x00, 0x01, 0x01, 0x01, 0x01, - 0x12, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 -}; - -const char test_template_text[] = "CAL Sign Internal Test"; -uint8_t test_template_tlv[] = { 0x00, 0x16, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x01, 0x02, 0x03, 0x04, 0x02, 0x81, 0x01, 0x05, 0x06, - 0x07, 0x01, 0x01, 0x08, 0x01, 0x01 }; - -static ta_element_attributes_t attr_rw_data = { 3, 72, 0, 0, 0, 0x55, 4 }; -static ta_element_attributes_t attr_template_data = { 3, 4135, 0, 0, 0, 0x11, 0 }; -static ta_element_attributes_t attr_ecc_private = { 1, 0x1700, 0, 0, 0, 0x01, 0 }; -static ta_element_attributes_t attr_ecc_public = { 0, 0x00, 0, 0, 0, 0x55, 4 }; -static ta_element_attributes_t attr_hmac_key = { 0x42, 0x0600, 0, 0, 0, 0x55, 8 }; -static ta_element_attributes_t attr_aes_key = { 0x62, 0x0600, 0, 0, 0, 0x55, 8 }; -static ta_element_attributes_t attr_ecc_root_public = { 0, 0x07FF, 0, 0, 0, 0x55, 4 }; - -uint8_t auth_hmac_key[] = { 0xa2, 0x26, 0xe1, 0x65, 0x69, 0x01, 0x80, 0xeb, 0x1a, 0x0c, 0x9c, 0x5b, 0x64, 0x5e, 0x42, 0x02, - 0xfa, 0x2f, 0x4f, 0xfd, 0x68, 0x75 }; - - -static device_object_meta_t talib_config_object_data[] = -{ - { TEST_TYPE_ECC_SIGN, 0x8102, &attr_ecc_private }, - { TEST_TYPE_ECC_VERIFY, 0x8103, &attr_ecc_public }, - { TEST_TYPE_ECC_GENKEY, TA_HANDLE_VOLATILE_REGISTER0, &attr_ecc_private }, - { TEST_TYPE_ECDH, TA_HANDLE_VOLATILE_REGISTER1, &attr_ecc_private }, - { TEST_TYPE_AES, 0x8106, &attr_aes_key }, - { TEST_TYPE_HMAC, 0x8105, &attr_hmac_key }, - { TEST_TYPE_AUTH_HMAC, 0xAB1D, &attr_hmac_key }, - { TEST_TYPE_AUTH_GCM, 0xAAD1, &attr_aes_key }, - { TEST_TYPE_AUTH_CMAC, 0x9492, &attr_aes_key }, - { TEST_TYPE_DATA, 0x8101, &attr_rw_data }, - { TEST_TYPE_ECC_ROOT_KEY, 0x8107, &attr_ecc_root_public }, - { TEST_TYPE_TEMPLATE_DATA, 0X8108, &attr_template_data }, - { 0, 0, NULL } -}; - -ATCA_STATUS talib_config_get_handle_by_test(uint8_t test_type, uint16_t* handle) -{ - ATCA_STATUS status = ATCA_UNIMPLEMENTED; - device_object_meta_t* ptr = talib_config_object_data; - - for (; ptr->test_type; ptr++) - { - if (ptr->test_type == test_type) - { - *handle = ptr->handle; - status = ATCA_SUCCESS; - break; - } - } - return status; -} - - -int talib_config_print_handles(int argc, char* argv[]) -{ - ATCA_STATUS status; - uint16_t handles[20]; - size_t handle_count = sizeof(handles) / sizeof(uint16_t); - - status = atcab_init(gCfg); - memset(handles, 0, sizeof(handles)); - - if (ATCA_SUCCESS == status) - { - status = talib_info_get_handles_array(atcab_get_device(), handles, &handle_count); - } - - if (ATCA_SMALL_BUFFER == status) - { - printf("\rTruncated List - actual %zu\r\n", handle_count); - handle_count = sizeof(handles) / sizeof(uint16_t); - status = ATCA_SUCCESS; - } - - for (int i = 0; i < (int)handle_count && !status; i++) - { - uint8_t handle_info[9]; - status = talib_info_get_handle_info(atcab_get_device(), handles[i], handle_info); - - printf("\rHandle: 0x%04x, Class: %d\r\n", handles[i], handle_info[0] & TA_HANDLE_INFO_CLASS_MASK); - } - - return 0; -} - -int talib_config_clear_handles(int argc, char* argv[]) -{ - ATCA_STATUS status; - uint16_t handles[20]; - size_t handle_count = sizeof(handles) / sizeof(uint16_t); - int i; - - status = atcab_init(gCfg); - memset(handles, 0, sizeof(handles)); - - if (ATCA_SUCCESS == status) - { - status = talib_info_get_handles_array(atcab_get_device(), handles, &handle_count); - } - - if (ATCA_SMALL_BUFFER == status) - { - printf("\rTruncated List - actual %zu\r\n", handle_count); - handle_count = sizeof(handles) / sizeof(uint16_t); - status = ATCA_SUCCESS; - } - - for (i = 0; i < (int)handle_count; i++) - { - status = talib_delete_handle(atcab_get_device(), handles[i]); - if (status) - { - printf("\n0x%04x: Failed to Delete\n", handles[i]); - } - else - { - printf("\n0x%04x: Deleted\r\n", handles[i]); - } - } - return 0; -} - -int talib_configure_device(int argc, char* argv[]) -{ - ATCA_STATUS status; - - status = atcab_init(gCfg); - - if (ATCA_SUCCESS == status) - { - device_object_meta_t * create_ptr = talib_config_object_data; - - for (; create_ptr->test_type; create_ptr++) - { - ta_element_attributes_t* attr_ptr = (ta_element_attributes_t*)create_ptr->attributes; - - if (TEST_TYPE_HMAC == create_ptr->test_type) - { - status = talib_create_hmac_element_with_handle(atcab_get_device(), 32, create_ptr->handle, attr_ptr); - - if (ATCA_SUCCESS == status) - { - status = talib_write_element(atcab_get_device(), create_ptr->handle, 32, g_slot4_key); - } - - } - else if (TEST_TYPE_AUTH_HMAC == create_ptr->test_type) - { - status = talib_create_hmac_element_with_handle(atcab_get_device(), sizeof(auth_hmac_key), create_ptr->handle, attr_ptr); - - if (ATCA_SUCCESS == status) - { - status = talib_write_element(atcab_get_device(), create_ptr->handle, sizeof(auth_hmac_key), auth_hmac_key); - } - } - - else if (TEST_TYPE_ECC_ROOT_KEY == create_ptr->test_type) - { - status = talib_create_element_with_handle(_gDevice, create_ptr->handle, attr_ptr); - - if (ATCA_SUCCESS == status) - { - status = talib_write_element(_gDevice, create_ptr->handle, sizeof(test_ecc_root_public_key), test_ecc_root_public_key); - } - } - - else if (TEST_TYPE_TEMPLATE_DATA == create_ptr->test_type) - { - bool is_locked = false; - status = talib_is_setup_locked(atcab_get_device(), &is_locked); - - if (is_locked) - { - printf("Template Handle 0x%04x Create Failed, setup must be unlocked \r\n", create_ptr->handle); - } - else - { - status = talib_create_element_with_handle(atcab_get_device(), create_ptr->handle, attr_ptr); - - if (ATCA_SUCCESS == status) - { - // copy the template text into template tlv - memcpy(&test_template_tlv[2], test_template_text, strlen(test_template_text)); - status = talib_write_element(atcab_get_device(), create_ptr->handle, sizeof(test_template_tlv), - test_template_tlv); - } - } - } - - else - { - status = talib_create_element_with_handle(atcab_get_device(), create_ptr->handle, attr_ptr); - } - - if (status && (TA_BAD_HANDLE != status)) - { - printf("Handle 0x%04x Create Failed (%x)\n", create_ptr->handle, status); - } - - if (!status && (create_ptr->test_type == TEST_TYPE_ECC_SIGN)) - { - status = talib_genkey_compat(atcab_get_device(), create_ptr->handle, NULL); - } - - } - } - - return 0; -} - -extern t_test_case_info* talib_auth_tests[]; -extern t_test_case_info* talib_create_tests[]; -extern t_test_case_info* talib_aes_tests[]; -extern t_test_case_info* talib_counter_tests[]; -extern t_test_case_info* talib_ecdh_tests[]; -extern t_test_case_info* talib_export_import_tests[]; -extern t_test_case_info* talib_genkey_tests[]; -extern t_test_case_info* talib_info_tests[]; -extern t_test_case_info* talib_kdf_tests[]; -extern t_test_case_info* talib_mac_tests[]; -extern t_test_case_info* talib_managecert_tests[]; -extern t_test_case_info* talib_power_tests[]; -extern t_test_case_info* talib_random_tests[]; -extern t_test_case_info* talib_rsa_enc_tests[]; -extern t_test_case_info* talib_secureboot_tests[]; -extern t_test_case_info* talib_selftest_tests[]; -extern t_test_case_info* talib_sha_tests[]; -extern t_test_case_info* talib_sign_tests[]; -extern t_test_case_info* talib_verify_tests[]; -extern t_test_case_info* talib_write_tests[]; - -void run_all_talib_tests(void) -{ - RunAllTests(talib_managecert_tests); - RunAllTests(talib_aes_tests); - RunAllTests(talib_auth_tests); - RunAllTests(talib_counter_tests); - RunAllTests(talib_create_tests); - RunAllTests(talib_ecdh_tests); - RunAllTests(talib_export_import_tests); - RunAllTests(talib_genkey_tests); - RunAllTests(talib_info_tests); - RunAllTests(talib_kdf_tests); - RunAllTests(talib_mac_tests); - RunAllTests(talib_power_tests); - RunAllTests(talib_random_tests); - RunAllTests(talib_rsa_enc_tests); - RunAllTests(talib_selftest_tests); - RunAllTests(talib_sha_tests); - RunAllTests(talib_sign_tests); - RunAllTests(talib_verify_tests); - RunAllTests(talib_write_tests); - RunAllTests(talib_secureboot_tests); -} - -int run_talib_tests(int argc, char* argv[]) -{ -#ifndef ATCA_NO_HEAP - hal_test_set_memory_f(unity_malloc, unity_free); -#endif - - return run_test(argc, argv, run_all_talib_tests); -} - - -#endif diff --git a/test/api_talib/test_talib_counter.c b/test/api_talib/test_talib_counter.c deleted file mode 100644 index 5553e4328..000000000 --- a/test/api_talib/test_talib_counter.c +++ /dev/null @@ -1,135 +0,0 @@ -/** - * \file - * \brief Basic test for Counter command api - TA100 - * - * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. - * - * \page License - * - * Subject to your compliance with these terms, you may use Microchip software - * and any derivatives exclusively with Microchip products. It is your - * responsibility to comply with third party license terms applicable to your - * use of third party software (including open source software) that may - * accompany Microchip software. - * - * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER - * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED - * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A - * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, - * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE - * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF - * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE - * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL - * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED - * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR - * THIS SOFTWARE. - */ - -#include "atca_test.h" -#include "test_talib.h" - -#if ATCA_TA_SUPPORT - -/** \brief This test cases read and incremnet the COUNTER 1 value. - * i) Execute counter command in read mode to read the initial value - * ii) Manually incremnent the read value by 1 - * iii) Execute counter command in increment mode and read the counter value after increment - * iv) verify both value (incremented by device and incremnted by user) - */ -TEST(atca_cmd_basic_test, ta_counter_test) -{ - ATCA_STATUS status; - uint32_t counter_value1; - uint32_t counter_value2; - - // Read current counter value - status = talib_counter_read(atcab_get_device(), TA_HANDLE_COUNTER1, &counter_value1); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Increment counter and make sure new value is 1 higher - status = talib_counter_increment(atcab_get_device(), TA_HANDLE_COUNTER1, &counter_value2); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT_EQUAL(counter_value1 + 1, counter_value2); - - // Increment again with NULL - status = talib_counter_increment(atcab_get_device(), TA_HANDLE_COUNTER1, NULL); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Re-read counter value to double check - status = talib_counter_read(atcab_get_device(), TA_HANDLE_COUNTER1, &counter_value1); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT_EQUAL(counter_value2 + 1, counter_value1); - - // Check bad counter ID - status = talib_counter_increment(atcab_get_device(), 3, NULL); - TEST_ASSERT_EQUAL(TA_BAD_HANDLE, status); -} - -/** \brief This test case assign counter2 to private key handle and counter value will be incremented for each - * use of the key and also this test cases verify counter increment is happening for every single use - * of the key. - */ -TEST(atca_cmd_basic_test, ta_counter_match) -{ - ATCA_STATUS status; - uint32_t counter2_value; - uint32_t counter_match; - uint16_t private_key_handle; - ta_element_attributes_t attr_private_key_handle; - uint8_t message[TA_SIGN_P256_MSG_SIZE]; - uint8_t signature[TA_SIGN_P256_SIG_SIZE]; - uint8_t pub_key[TA_ECC256_PUB_KEY_SIZE]; - bool is_verified = false; - - status = talib_counter_read(atcab_get_device(), TA_HANDLE_COUNTER2, &counter2_value); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - counter_match = counter2_value; - - status = talib_handle_init_private_key(&attr_private_key_handle, TA_KEY_TYPE_ECCP256, - TA_ALG_MODE_ECC_ECDSA, TA_PROP_SIGN_INT_EXT_DIGEST, - TA_PROP_NO_KEY_AGREEMENT); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - attr_private_key_handle.byte7_settings |= 0x02; // Tied counter2 to private key handle - - status = talib_create_element(atcab_get_device(), &attr_private_key_handle, &private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcab_genkey((uint32_t)private_key_handle, pub_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcab_random(message); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcab_sign(private_key_handle, message, signature); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_counter_read(atcab_get_device(), TA_HANDLE_COUNTER2, &counter2_value); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT_EQUAL(counter_match + 1, counter2_value); // Counter should now equal the counter match value - - status = atcab_verify_extern(message, signature, pub_key, &is_verified); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT(is_verified); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -// *INDENT-OFF* - Preserve formatting -t_test_case_info talib_counter_basic_test_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, ta_counter_test), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, ta_counter_match), DEVICE_MASK(TA100) }, - { (fp_test_case)NULL, (uint8_t)0 }, /* Array Termination element*/ -}; -// *INDENT-OFN* - -t_test_case_info* talib_counter_tests[] = { - talib_counter_basic_test_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif diff --git a/test/api_talib/test_talib_create.c b/test/api_talib/test_talib_create.c deleted file mode 100644 index 92635f044..000000000 --- a/test/api_talib/test_talib_create.c +++ /dev/null @@ -1,263 +0,0 @@ -/** - * \file - * \brief Basic test for Create command api - TA100 - * - * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. - * - * \page License - * - * Subject to your compliance with these terms, you may use Microchip software - * and any derivatives exclusively with Microchip products. It is your - * responsibility to comply with third party license terms applicable to your - * use of third party software (including open source software) that may - * accompany Microchip software. - * - * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER - * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED - * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A - * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, - * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE - * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF - * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE - * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL - * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED - * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR - * THIS SOFTWARE. - */ - -#include "atca_test.h" -#include "test_talib.h" - -#if ATCA_TA_SUPPORT - -/** \brief Execute create command to create handle for data element on shared data memory - */ -TEST(atca_cmd_basic_test, create_data_element_handle) -{ - ATCA_STATUS status; - ta_element_attributes_t attr_data_handle; - uint16_t data_handle; - uint8_t write_data[32]; - uint8_t read_data[32]; - uint16_t data_size = sizeof(write_data); - - // Skip test if setup isn't locked - test_assert_data_is_locked(); - - status = talib_handle_init_data(&attr_data_handle, data_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_element(atcab_get_device(), &attr_data_handle, &data_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcab_random(write_data); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_write_element(atcab_get_device(), data_handle, data_size, write_data); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_read_element(atcab_get_device(), data_handle, &data_size, read_data); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT_EQUAL_MEMORY(write_data, read_data, data_size); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)data_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief Execute create command to create handle for private key and public key on shared data memory - */ -TEST(atca_cmd_basic_test, create_priv_pub_handle) -{ - ATCA_STATUS status; - uint16_t private_key_handle; - uint16_t public_key_handle; - ta_element_attributes_t attr_private_key_handle; - ta_element_attributes_t attr_public_key_handle; - uint8_t message[TA_SIGN_P256_MSG_SIZE]; - uint8_t signature[TA_SIGN_P256_SIG_SIZE]; - uint8_t pub_key[TA_ECC256_PUB_KEY_SIZE]; - bool is_verified = false; - - status = talib_handle_init_private_key(&attr_private_key_handle, TA_KEY_TYPE_ECCP256, - TA_ALG_MODE_ECC_ECDSA, TA_PROP_SIGN_INT_EXT_DIGEST, - TA_PROP_NO_KEY_AGREEMENT); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_element(atcab_get_device(), &attr_private_key_handle, &private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_handle_init_public_key(&attr_public_key_handle, TA_KEY_TYPE_ECCP256, - TA_ALG_MODE_ECC_ECDSA, TA_PROP_VAL_NO_SECURE_BOOT_SIGN, - TA_PROP_ROOT_PUB_KEY_VERIFY); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_handle_set_permissions(&attr_public_key_handle, TA_PERM_ALWAYS, TA_PERM_ALWAYS, - TA_PERM_NEVER, TA_PERM_ALWAYS); - - status = talib_create_element(atcab_get_device(), &attr_public_key_handle, &public_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcab_genkey((uint32_t)private_key_handle, pub_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcab_write_pubkey(public_key_handle, pub_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcab_random(message); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcab_sign(private_key_handle, message, signature); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcab_verify_stored(message, signature, public_key_handle, &is_verified); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT(is_verified); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)public_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief Execute create command to create hmac handle for hmac symmetric key on shared data memory - */ -TEST(atca_cmd_basic_test, create_hmac_handle) -{ - ATCA_STATUS status; - uint16_t hmac_handle; - ta_element_attributes_t attr_hmac_symm_handle; - uint8_t hmac[ATCA_SHA256_DIGEST_SIZE]; - uint8_t data_input[] = { - 0x6f, 0xb3, 0xec, 0x66, 0xf9, 0xeb, 0x07, 0x0a, - 0x71, 0x9b, 0xeb, 0xbe, 0x70, 0x8b, 0x93, 0xa6, - 0x5b, 0x20, 0x1b, 0x78, 0xe2, 0xd2, 0x6d, 0x8c, - 0xcc, 0xdf, 0x1c, 0x33, 0xf7, 0x41, 0x90, 0x4a, - 0x9a, 0xde, 0x64, 0x0f, 0xce, 0x00, 0x0c, 0x33, - 0x4d, 0x04, 0xbb, 0x30, 0x79, 0x56, 0x83, 0xdc, - 0xa0, 0x9d, 0xbf, 0x3e, 0x7e, 0x32, 0xae, 0xa1, - 0x03, 0xd7, 0x60, 0xe8, 0x57, 0xa6, 0xd6, 0x21, - 0x1c - }; - const uint8_t hmac_ref[ATCA_SHA256_DIGEST_SIZE] = { - 0x29, 0x7f, 0x22, 0xb8, 0xd2, 0x51, 0xb0, 0x63, - 0xa7, 0xc0, 0x8d, 0xcf, 0x4d, 0xba, 0x0d, 0x1f, - 0xb3, 0x5d, 0x32, 0xa3, 0xba, 0xab, 0x15, 0xac, - 0xea, 0xf4, 0x39, 0x1c, 0x4a, 0xdb, 0x32, 0x77 - }; - - // Skip test if setup isn't locked - test_assert_data_is_locked(); - - status = talib_handle_init_symmetric_key(&attr_hmac_symm_handle, TA_KEY_TYPE_HMAC, - TA_PROP_SYMM_KEY_USAGE_MAC); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_hmac_element(atcab_get_device(), TA_MAC_COMMAND_HMAC_SIZE, &attr_hmac_symm_handle, - &hmac_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_write_element(atcab_get_device(), hmac_handle, TA_MAC_COMMAND_HMAC_SIZE, g_slot4_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Calculating HMAC using the key in hmac_handle - status = atcab_sha_hmac(data_input, sizeof(data_input), hmac_handle, hmac, SHA_MODE_TARGET_TEMPKEY); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT_EQUAL_MEMORY(hmac_ref, hmac, ATCA_SHA256_DIGEST_SIZE); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)hmac_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief Execute create command to create symmetric key handle on volatile register - */ -TEST(atca_cmd_basic_test, create_volreg_handle) -{ - ATCA_STATUS status; - ta_element_attributes_t attr_aes_handle; - const uint16_t aes_handle = TA_HANDLE_VOLATILE_REGISTER2; - const uint8_t plain_text[ATCA_AES128_BLOCK_SIZE] = { 0x1A, 0x3A, 0xA5, 0x45, 0x04, 0x94, 0x53, 0xAF, - 0xDF, 0x17, 0xE9, 0x89, 0xA4, 0x1F, 0xA0, 0x97, }; - uint8_t cipher_text[ATCA_AES128_BLOCK_SIZE]; - uint8_t plain_text_out[ATCA_AES128_BLOCK_SIZE]; - - // Skip test if setup isn't locked - test_assert_data_is_locked(); - - status = talib_handle_init_symmetric_key(&attr_aes_handle, TA_KEY_TYPE_AES128, TA_PROP_SYMM_KEY_USAGE_ANY); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_hmac_element_with_handle(atcab_get_device(), TA_KEY_TYPE_AES128_SIZE, aes_handle, - &attr_aes_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_genkey_symmetric_key(atcab_get_device(), (uint32_t)aes_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcab_aes_encrypt(aes_handle, 0, plain_text, cipher_text); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcab_aes_decrypt(aes_handle, 0, cipher_text, plain_text_out); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT_EQUAL_MEMORY(plain_text_out, plain_text, ATCA_AES128_BLOCK_SIZE); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)aes_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief Execute create command to create ephemeral key on volatile register - */ -TEST(atca_cmd_basic_test, create_ephemeral_handle) -{ - ATCA_STATUS status; - const uint16_t details = TA_CREATE_DETAILS_VOLATILE_DESTINATION | TA_CREATE_DETAILS_HMAC_KEY_LENGTH(32); - const uint16_t dev_handle = TA_HANDLE_VOLATILE_REGISTER3; - ta_element_attributes_t attr_dev_priv_key_handle; - const uint8_t host_pub_key[64] = { - 0x8F, 0x8D, 0x18, 0x2B, 0xD8, 0x19, 0x04, 0x85, 0x82, 0xA9, 0x92, 0x7E, 0xA0, 0xC5, 0x6D, 0xEF, - 0xB4, 0x15, 0x95, 0x48, 0xE1, 0x1C, 0xA5, 0xF7, 0xAB, 0xAC, 0x45, 0xBB, 0xCE, 0x76, 0x81, 0x5B, - 0xE5, 0xC6, 0x4F, 0xCD, 0x2F, 0xD1, 0x26, 0x98, 0x54, 0x4D, 0xE0, 0x37, 0x95, 0x17, 0x26, 0x66, - 0x60, 0x73, 0x04, 0x61, 0x19, 0xAD, 0x5E, 0x11, 0xA9, 0x0A, 0xA4, 0x97, 0x73, 0xAE, 0xAC, 0x86 - }; - uint8_t dev_pub_key[ATCA_ECCP256_PUBKEY_SIZE]; - - // Skip test if setup isn't locked - test_assert_data_is_locked(); - - status = talib_handle_init_symmetric_key(&attr_dev_priv_key_handle, TA_KEY_TYPE_HMAC, - TA_PROP_SYMM_KEY_USAGE_MAC); - - status = talib_create_ephemeral_element_with_handle(atcab_get_device(), details, dev_handle, - &attr_dev_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcab_genkey((uint32_t)dev_handle, dev_pub_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_ecdh_to_handle(atcab_get_device(), dev_handle, dev_handle, host_pub_key, - sizeof(host_pub_key)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)dev_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -// *INDENT-OFF* - Preserve formatting -t_test_case_info talib_create_basic_test_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, create_data_element_handle), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, create_priv_pub_handle), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, create_hmac_handle), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, create_volreg_handle), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, create_ephemeral_handle), DEVICE_MASK(TA100) }, - { (fp_test_case)NULL, (uint8_t)0 }, /* Array Termination element*/ -}; -// *INDENT-OFN* - -t_test_case_info* talib_create_tests[] = { - talib_create_basic_test_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif \ No newline at end of file diff --git a/test/api_talib/test_talib_ecdh.c b/test/api_talib/test_talib_ecdh.c deleted file mode 100644 index 8d4cfda86..000000000 --- a/test/api_talib/test_talib_ecdh.c +++ /dev/null @@ -1,372 +0,0 @@ -/** - * \file - * \brief Basic test for ECDH command api - TA100 - * - * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. - * - * \page License - * - * Subject to your compliance with these terms, you may use Microchip software - * and any derivatives exclusively with Microchip products. It is your - * responsibility to comply with third party license terms applicable to your - * use of third party software (including open source software) that may - * accompany Microchip software. - * - * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER - * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED - * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A - * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, - * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE - * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF - * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE - * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL - * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED - * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR - * THIS SOFTWARE. - */ - -#include "atca_test.h" -#include "test_talib.h" - -#if ATCA_TA_SUPPORT - -/** \brief Execute ECDH command to generate premaster secret for ECCP224 key and receive premaster secret in io buffer. - */ -TEST(atca_cmd_basic_test, ecdh_p224_io_buffer) -{ - ATCA_STATUS status; - uint16_t alice_priv_key_handle; - uint16_t bob_priv_key_handle; - ta_element_attributes_t alice_priv_key_attributes; - ta_element_attributes_t bob_priv_key_attributes; - uint8_t alice_pubkey[TA_ECC224_PUB_KEY_SIZE]; - size_t pubkey_len = sizeof(alice_pubkey); - uint8_t bob_pubkey[TA_ECC224_PUB_KEY_SIZE]; - uint8_t alice_pms[TA_ECDH_ECCP224_PMS_SIZE]; - uint8_t bob_pms[TA_ECDH_ECCP224_PMS_SIZE]; - -#ifdef ATCA_PRINTF - char displaystr[400]; - size_t displen = sizeof(displaystr); -#endif - - // Skip if setup is not locked - test_assert_data_is_locked(); - - // Generate Alice's private key handle attributes - status = talib_handle_init_private_key(&alice_priv_key_attributes, TA_KEY_TYPE_ECCP224, - TA_ALG_MODE_ECC_ECDH, TA_PROP_NO_SIGN_GENERATION, - TA_PROP_KEY_AGREEMENT_OUT_BUFF); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create Alice's private key handle - status = talib_create_element(atcab_get_device(), &alice_priv_key_attributes, &alice_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Generate Bob's private key handle attributes - status = talib_handle_init_private_key(&bob_priv_key_attributes, TA_KEY_TYPE_ECCP224, - TA_ALG_MODE_ECC_ECDH, TA_PROP_NO_SIGN_GENERATION, - TA_PROP_KEY_AGREEMENT_OUT_BUFF); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create Bob's private key handle - status = talib_create_element(atcab_get_device(), &bob_priv_key_attributes, &bob_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Generate Alice's ECCP224 private key and public key - status = talib_genkey_base(atcab_get_device(), TA_KEYGEN_MODE_NEWKEY, (uint32_t)alice_priv_key_handle, - alice_pubkey, &pubkey_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Generate Bob's ECCP224 private key and public key - status = talib_genkey_base(atcab_get_device(), TA_KEYGEN_MODE_NEWKEY, (uint32_t)bob_priv_key_handle, - bob_pubkey, &pubkey_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Generate Alice's pre master secret (only X) and get it in io buffer - status = talib_ecdh_io_buffer(atcab_get_device(), alice_priv_key_handle, bob_pubkey, pubkey_len, alice_pms); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -#ifdef ATCA_PRINTF - displen = sizeof(displaystr); - status = atcab_bin2hex(alice_pms, TA_ECDH_ECCP224_PMS_SIZE, displaystr, &displen); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - printf("alice's pms:\r\n%s\r\n", displaystr); -#endif - - // Generate Bob's pre master secret (only X) and get it in io buffer - status = talib_ecdh_io_buffer(atcab_get_device(), bob_priv_key_handle, alice_pubkey, pubkey_len, bob_pms); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -#ifdef ATCA_PRINTF - displen = sizeof(displaystr); - status = atcab_bin2hex(bob_pms, TA_ECDH_ECCP224_PMS_SIZE, displaystr, &displen); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - printf("alice's pms:\r\n%s\r\n", displaystr); -#endif - - // Verify Alice's pms and Bob's pms - TEST_ASSERT_EQUAL_MEMORY(alice_pms, bob_pms, sizeof(alice_pms)); - - // Delete Alice's private key handle - status = talib_delete_handle(atcab_get_device(), (uint32_t)alice_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Delete Bob's private key handle - status = talib_delete_handle(atcab_get_device(), (uint32_t)bob_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief Execute ECDH operation to generate premaster secret and load it in volatile register. - */ -TEST(atca_cmd_basic_test, ecdh_to_vol_reg) -{ - ATCA_STATUS status; - const uint16_t details = TA_CREATE_DETAILS_VOLATILE_DESTINATION | TA_CREATE_DETAILS_HMAC_KEY_LENGTH(32); - const uint16_t dev_handle = TA_HANDLE_VOLATILE_REGISTER3; - ta_element_attributes_t attr_dev_priv_key_handle; - const uint8_t host_pub_key[TA_ECC256_PUB_KEY_SIZE] = { - 0x8F, 0x8D, 0x18, 0x2B, 0xD8, 0x19, 0x04, 0x85, 0x82, 0xA9, 0x92, 0x7E, 0xA0, 0xC5, 0x6D, 0xEF, - 0xB4, 0x15, 0x95, 0x48, 0xE1, 0x1C, 0xA5, 0xF7, 0xAB, 0xAC, 0x45, 0xBB, 0xCE, 0x76, 0x81, 0x5B, - 0xE5, 0xC6, 0x4F, 0xCD, 0x2F, 0xD1, 0x26, 0x98, 0x54, 0x4D, 0xE0, 0x37, 0x95, 0x17, 0x26, 0x66, - 0x60, 0x73, 0x04, 0x61, 0x19, 0xAD, 0x5E, 0x11, 0xA9, 0x0A, 0xA4, 0x97, 0x73, 0xAE, 0xAC, 0x86 - }; - uint8_t dev_pub_key[TA_ECC256_PUB_KEY_SIZE]; - - // Skip test if setup isn't locked - test_assert_data_is_locked(); - - status = talib_handle_init_symmetric_key(&attr_dev_priv_key_handle, TA_KEY_TYPE_HMAC, - TA_PROP_SYMM_KEY_USAGE_MAC); - - status = talib_create_ephemeral_element_with_handle(atcab_get_device(), details, dev_handle, - &attr_dev_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcab_genkey((uint32_t)dev_handle, dev_pub_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_ecdh_to_handle(atcab_get_device(), dev_handle, dev_handle, host_pub_key, sizeof(host_pub_key)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)dev_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief Execute ECDH command to generate premaster secret for ECCP224 key and - * store premaster secret x followed by y in shared data. - */ -TEST(atca_cmd_basic_test, ecdh_to_shared_data) -{ - ATCA_STATUS status; - uint16_t alice_priv_key_handle; - uint16_t bob_priv_key_handle; - uint16_t alice_pms_handle; - ta_element_attributes_t alice_priv_key_attributes; - ta_element_attributes_t bob_priv_key_attributes; - ta_element_attributes_t alice_pms_attributes; - uint8_t alice_pubkey[TA_ECC224_PUB_KEY_SIZE]; - size_t pubkey_len = sizeof(alice_pubkey); - uint8_t bob_pubkey[TA_ECC224_PUB_KEY_SIZE]; - uint8_t alice_pms[TA_ECDH_ECCP224_XY_PMS_SIZE]; - uint16_t pms_size = sizeof(alice_pms); - uint8_t bob_pms[TA_ECDH_ECCP224_XY_PMS_SIZE]; - -#ifdef ATCA_PRINTF - char displaystr[512]; - size_t displen = sizeof(displaystr); -#endif - - // Skip if setup is not locked - test_assert_data_is_locked(); - - // Generate Alice's private key handle attributes - status = talib_handle_init_private_key(&alice_priv_key_attributes, TA_KEY_TYPE_ECCP224, - TA_ALG_MODE_ECC_ECDH, TA_PROP_NO_SIGN_GENERATION, - TA_PROP_KEY_AGREEMENT_OUT_BUFF); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create Alice's private key handle - status = talib_create_element(atcab_get_device(), &alice_priv_key_attributes, &alice_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Generate Bob's private key handle attributes - status = talib_handle_init_private_key(&bob_priv_key_attributes, TA_KEY_TYPE_ECCP224, - TA_ALG_MODE_ECC_ECDH, TA_PROP_NO_SIGN_GENERATION, - TA_PROP_KEY_AGREEMENT_OUT_BUFF); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create Bob's private key handle - status = talib_create_element(atcab_get_device(), &bob_priv_key_attributes, &bob_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Generate Alice's pre master secret key handle attributes - status = talib_handle_init_symmetric_key(&alice_pms_attributes, TA_KEY_TYPE_HMAC, - TA_PROP_SYMM_KEY_USAGE_ANY); - - // Create handle to store Alice pre master secret in shared data - status = talib_create_hmac_element(atcab_get_device(), pms_size, &alice_pms_attributes, &alice_pms_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Generate Alice's ECCP224 private and public key - status = talib_genkey_base(atcab_get_device(), TA_KEYGEN_MODE_NEWKEY, (uint32_t)alice_priv_key_handle, - alice_pubkey, &pubkey_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Generate Bob's ECCP224 private and public key - status = talib_genkey_base(atcab_get_device(), TA_KEYGEN_MODE_NEWKEY, (uint32_t)bob_priv_key_handle, - bob_pubkey, &pubkey_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Generate pre master secret x followed by y and store it in Alice pms handle - status = talib_ecdh_xy_to_handle(atcab_get_device(), alice_priv_key_handle, alice_pms_handle, bob_pubkey, - sizeof(bob_pubkey)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Read the Alice pre master secret to verify against Bob's pre master secret - status = talib_read_element(atcab_get_device(), alice_pms_handle, &pms_size, alice_pms); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -#ifdef ATCA_PRINTF - displen = sizeof(displaystr); - status = atcab_bin2hex(alice_pms, TA_ECDH_ECCP224_XY_PMS_SIZE, displaystr, &displen); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - printf("alice's pms:\r\n%s\r\n", displaystr); -#endif - - // Generate Bob's pre master secret (x followed by y) and get it in io buffer - status = talib_ecdh_xy_in_io_buffer(atcab_get_device(), bob_priv_key_handle, alice_pubkey, - pubkey_len, bob_pms); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -#ifdef ATCA_PRINTF - displen = sizeof(displaystr); - status = atcab_bin2hex(bob_pms, TA_ECDH_ECCP224_XY_PMS_SIZE, displaystr, &displen); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - printf("alice's pms:\r\n%s\r\n", displaystr); -#endif - - // Verify the Alice's pms and Bob's pms - TEST_ASSERT_EQUAL_MEMORY(alice_pms, bob_pms, sizeof(alice_pms)); - - // Delete Alice's private key handle - status = talib_delete_handle(atcab_get_device(), (uint32_t)alice_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Delete Bob's private key handle - status = talib_delete_handle(atcab_get_device(), (uint32_t)bob_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Delete Alice's pms handle - status = talib_delete_handle(atcab_get_device(), (uint32_t)alice_pms_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief Execute ECDH command to generate premaster secret for ECCP384 key and - * get premaster secret x followed by y in io buffer. - */ -TEST(atca_cmd_basic_test, ecdh_p384_xy_io_buffer) -{ - ATCA_STATUS status; - uint16_t alice_priv_key_handle; - uint16_t bob_priv_key_handle; - ta_element_attributes_t alice_priv_key_attributes; - ta_element_attributes_t bob_priv_key_attributes; - uint8_t alice_pubkey[TA_ECC384_PUB_KEY_SIZE]; - size_t pubkey_len = sizeof(alice_pubkey); - uint8_t bob_pubkey[TA_ECC384_PUB_KEY_SIZE]; - uint8_t alice_pms[TA_ECDH_ECCP384_XY_PMS_SIZE]; - uint8_t bob_pms[TA_ECDH_ECCP384_XY_PMS_SIZE]; - -#ifdef ATCA_PRINTF - char displaystr[512]; - size_t displen = sizeof(displaystr); -#endif - - // Skip if setup is not locked - test_assert_data_is_locked(); - - // Generate Alice's private key handle attributes - status = talib_handle_init_private_key(&alice_priv_key_attributes, TA_KEY_TYPE_ECCP384, - TA_ALG_MODE_ECC_ECDH, TA_PROP_NO_SIGN_GENERATION, - TA_PROP_KEY_AGREEMENT_OUT_BUFF); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create Alice's private key handle - status = talib_create_element(atcab_get_device(), &alice_priv_key_attributes, &alice_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Generate Bob's private key handle attributes - status = talib_handle_init_private_key(&bob_priv_key_attributes, TA_KEY_TYPE_ECCP384, - TA_ALG_MODE_ECC_ECDH, TA_PROP_NO_SIGN_GENERATION, - TA_PROP_KEY_AGREEMENT_OUT_BUFF); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create Bob's private key handle - status = talib_create_element(atcab_get_device(), &bob_priv_key_attributes, &bob_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Generate Alice's ECCP384 private key and public key - status = talib_genkey_base(atcab_get_device(), TA_KEYGEN_MODE_NEWKEY, (uint32_t)alice_priv_key_handle, - alice_pubkey, &pubkey_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Generate Bob's ECCP384 private key and public key - status = talib_genkey_base(atcab_get_device(), TA_KEYGEN_MODE_NEWKEY, (uint32_t)bob_priv_key_handle, - bob_pubkey, &pubkey_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Generate Alice's pre master secret x followed by y and get in io buffer - status = talib_ecdh_xy_in_io_buffer(atcab_get_device(), alice_priv_key_handle, bob_pubkey, pubkey_len, - alice_pms); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -#ifdef ATCA_PRINTF - displen = sizeof(displaystr); - status = atcab_bin2hex(alice_pms, TA_ECDH_ECCP384_XY_PMS_SIZE, displaystr, &displen); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - printf("alice's pms:\r\n%s\r\n", displaystr); -#endif - - // Generate Bob's pre master secret x followed by y and get in io buffer - status = talib_ecdh_xy_in_io_buffer(atcab_get_device(), bob_priv_key_handle, alice_pubkey, pubkey_len, - bob_pms); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -#ifdef ATCA_PRINTF - displen = sizeof(displaystr); - status = atcab_bin2hex(bob_pms, TA_ECDH_ECCP384_XY_PMS_SIZE, displaystr, &displen); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - printf("alice's pms:\r\n%s\r\n", displaystr); -#endif - - // Verify Alice's pms and Bob's pms - TEST_ASSERT_EQUAL_MEMORY(alice_pms, bob_pms, sizeof(alice_pms)); - - // Delete Alice's private key handle - status = talib_delete_handle(atcab_get_device(), (uint32_t)alice_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Delete Bob's private key handle - status = talib_delete_handle(atcab_get_device(), (uint32_t)bob_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -// *INDENT-OFF* - Preserve formatting -t_test_case_info talib_ecdh_basic_test_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, ecdh_p224_io_buffer), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, ecdh_p384_xy_io_buffer), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, ecdh_to_vol_reg), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, ecdh_to_shared_data), DEVICE_MASK(TA100) }, - { (fp_test_case)NULL, (uint8_t)0 }, /* Array Termination element*/ -}; -// *INDENT-OFN* - -t_test_case_info* talib_ecdh_tests[] = { - talib_ecdh_basic_test_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif diff --git a/test/api_talib/test_talib_export_import.c b/test/api_talib/test_talib_export_import.c deleted file mode 100644 index e295137cc..000000000 --- a/test/api_talib/test_talib_export_import.c +++ /dev/null @@ -1,349 +0,0 @@ -/** - * \file - * \brief Basic test for Export/Import command api - TA100 - * - * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. - * - * \page License - * - * Subject to your compliance with these terms, you may use Microchip software - * and any derivatives exclusively with Microchip products. It is your - * responsibility to comply with third party license terms applicable to your - * use of third party software (including open source software) that may - * accompany Microchip software. - * - * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER - * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED - * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A - * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, - * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE - * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF - * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE - * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL - * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED - * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR - * THIS SOFTWARE. - */ - -#include "atca_test.h" -#include "test_talib.h" - -#if ATCA_TA_SUPPORT - -/** \brief This test case export the private key from data handle and import it to - * different handle and verify by its public key - * NOTE: Both export and import handle should match value of its attribute fields - * except link keys (usage key, read key, write key) - */ -TEST(atca_cmd_basic_test, export_import_private_key) -{ - ATCA_STATUS status = ATCA_SUCCESS; - uint8_t encrypted_blob[TA_EXPORT_BLOB_MAX_LEN]; - uint16_t encrypted_blob_len = sizeof(encrypted_blob); - uint16_t export_priv_key_handle; - uint16_t import_priv_key_handle; - ta_element_attributes_t export_attr_priv_key_handle; - ta_element_attributes_t import_attr_priv_key_handle; - uint8_t exp_public_key[TA_ECC256_PUB_KEY_SIZE]; - uint8_t imp_public_key[TA_ECC256_PUB_KEY_SIZE]; - size_t pub_key_len = TA_ECC256_PUB_KEY_SIZE; - - // Create export and import handle without link keys and setting req attributes for handles - status = talib_handle_init_private_key(&export_attr_priv_key_handle, TA_KEY_TYPE_ECCP256, - TA_ALG_MODE_ECC_ECDSA, TA_PROP_SIGN_INT_EXT_DIGEST, - TA_PROP_NO_KEY_AGREEMENT); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - export_attr_priv_key_handle.byte7_settings |= TA_EXPORTABLE_FROM_CHIP_MASK; - - status = talib_create_element(atcab_get_device(), &export_attr_priv_key_handle, &export_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // import handle - status = talib_handle_init_private_key(&import_attr_priv_key_handle, TA_KEY_TYPE_ECCP256, - TA_ALG_MODE_ECC_ECDSA, TA_PROP_SIGN_INT_EXT_DIGEST, - TA_PROP_NO_KEY_AGREEMENT); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - import_attr_priv_key_handle.byte7_settings |= TA_EXPORTABLE_FROM_CHIP_MASK; - - status = talib_create_element(atcab_get_device(), &import_attr_priv_key_handle, &import_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - // Genarate new private key on export handle and get the public key of it - status = talib_genkey(atcab_get_device(), export_priv_key_handle, exp_public_key, &pub_key_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - status = talib_export(atcab_get_device(), export_priv_key_handle, encrypted_blob, &encrypted_blob_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_import_handle(atcab_get_device(), import_priv_key_handle, encrypted_blob, encrypted_blob_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - // verify the imported handle by match its public key - status = talib_get_pubkey_compat(atcab_get_device(), import_priv_key_handle, imp_public_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT_EQUAL_MEMORY(exp_public_key, imp_public_key, TA_ECC256_PUB_KEY_SIZE); - - - // delete handles - status = talib_delete_handle(atcab_get_device(), export_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(atcab_get_device(), import_priv_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief This test case export the data from shared data handle and import it to - * different handle - * NOTE: Both export and import handle should match value of its attribute fields - * except link keys (usage key, read key, write key) - */ -TEST(atca_cmd_basic_test, export_import_data_element_with_links) -{ - ATCA_STATUS status = ATCA_SUCCESS; - uint8_t encrypted_blob[TA_EXPORT_BLOB_MAX_LEN]; - uint16_t encrypted_blob_len = sizeof(encrypted_blob); - uint16_t write_key_handle; - uint16_t exp_data_handle; - uint16_t imp_data_handle; - ta_element_attributes_t attr_data_handle; - ta_element_attributes_t attr_write_key_handle; - uint8_t write_data[64]; - uint8_t read_data[64]; - uint16_t data_size = sizeof(write_data); - uint8_t hmac_key[] = { 0xa2, 0x26, 0xe1, 0x65, 0x69, 0x01, 0x80, 0xeb, 0x1a, 0x0c, 0x9c, 0x5b, 0x64, 0x5e, 0x42, 0x02, - 0xfa, 0x2f, 0x4f, 0xfd, 0x68, 0x75 }; - uint8_t hmac_i_nonce[] = { 0xd4, 0xe4, 0x9a, 0x02, 0x9f, 0xf2, 0xca, 0xff, 0x5e, 0x7c, 0xda, 0x2f, 0x13, 0x07, 0xa8, 0xb6 }; - uint8_t hmac_r_nonce[] = { 0xad, 0x23, 0x38, 0x09, 0x4e, 0xd3, 0xbf, 0xc3, 0x89, 0xc6, 0xf6, 0x35, 0xb6, 0xcf, 0xcf, 0xf0 }; - uint8_t key_buf[32] = { 0 }; - uint16_t auth_id = 0x4100; - uint16_t details = (uint16_t)TA_CREATE_DETAILS_HMAC_KEY_LENGTH(sizeof(hmac_key)); - - // Skip test if setup isn't locked - test_assert_data_is_locked(); - - // Create link (write) key, because export and import handle dependent on this keys - // Here only one link key is created and shared by both export and import handle - status = talib_handle_init_symmetric_key(&attr_write_key_handle, TA_KEY_TYPE_HMAC, TA_PROP_SYMM_KEY_USAGE_ANY); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - attr_write_key_handle.property |= TA_PROP_SYMM_KEY_EITHER_OPTIONAL_MASK; - - status = talib_create_linked_shared_data(atcab_get_device(), details, &attr_write_key_handle, - &write_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - // write symmetric key into link (write) key - status = talib_write_element(atcab_get_device(), write_key_handle, sizeof(hmac_key), hmac_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - // Create export and import handle and setting req attributes - status = talib_handle_init_data(&attr_data_handle, data_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_handle_set_write_permission(&attr_data_handle, TA_PERM_AUTH); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - attr_data_handle.write_key = (uint8_t)(write_key_handle & 0x00FF); - attr_data_handle.byte7_settings |= TA_EXPORTABLE_FROM_CHIP_MASK; - - status = talib_create_element(atcab_get_device(), &attr_data_handle, &exp_data_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_element(atcab_get_device(), &attr_data_handle, &imp_data_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - // Generate randome data to be written to export data handle - status = talib_random(atcab_get_device(), NULL, write_data, data_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Establish Auth session to write a data into export data handle - status = talib_auth_generate_nonce(atcab_get_device(), auth_id, 0, hmac_i_nonce); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // copying session key into key buf to start the suth session - memcpy(key_buf, hmac_key, sizeof(hmac_key)); - - status = talib_auth_startup(atcab_get_device(), write_key_handle, TA_AUTH_ALG_ID_HMAC, 2, 32, - key_buf, hmac_i_nonce, hmac_r_nonce); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_write_element(atcab_get_device(), exp_data_handle, data_size, write_data); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Terminate auth session - status = talib_auth_terminate(atcab_get_device()); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - status = talib_export(atcab_get_device(), exp_data_handle, encrypted_blob, &encrypted_blob_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_import_handle(atcab_get_device(), imp_data_handle, encrypted_blob, encrypted_blob_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - - // verifying the imported handle by reading the data from it and match with original data - status = talib_read_element(atcab_get_device(), imp_data_handle, &data_size, read_data); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT_EQUAL_MEMORY(write_data, read_data, data_size); - - - // delete handles - status = talib_delete_handle(atcab_get_device(), write_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(atcab_get_device(), exp_data_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(atcab_get_device(), imp_data_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief This test case export the symmetric key from data handle and import it to - * different handle - * NOTE: Both export and import handle should match value of its attribute fields - * except link keys (usage key, read key, write key) - */ -TEST(atca_cmd_basic_test, export_import_symm_key_with_target_links) -{ - ATCA_STATUS status = ATCA_SUCCESS; - uint16_t export_symm_key_handle; - uint16_t import_symm_key_handle; - ta_element_attributes_t export_attr_symm_key_handle; - ta_element_attributes_t import_attr_symm_key_handle; - ta_element_attributes_t attr_read_key_handle; - uint16_t exp_read_key_handle; - uint16_t imp_read_key_handle; - uint8_t encrypted_blob[TA_EXPORT_BLOB_MAX_LEN]; - uint16_t encrypted_blob_len = sizeof(encrypted_blob); - uint8_t plain_text[ATCA_AES128_BLOCK_SIZE] = { 0x1A, 0x3A, 0xA5, 0x45, 0x04, 0x94, 0x53, 0xAF, - 0xDF, 0x17, 0xE9, 0x89, 0xA4, 0x1F, 0xA0, 0x97 }; - uint8_t cipher_text[ATCA_AES128_BLOCK_SIZE]; - uint8_t plain_text_out[ATCA_AES128_BLOCK_SIZE]; - uint16_t details = (uint16_t)TA_CREATE_DETAILS_HMAC_KEY_LENGTH(TA_MAC_COMMAND_HMAC_SIZE); - - // Create link keys (read), because export and import handles are dependent on this keys. - // Here two link keys are created and shared with export and import handle respectively. - status = talib_handle_init_symmetric_key(&attr_read_key_handle, TA_KEY_TYPE_HMAC, TA_PROP_SYMM_KEY_USAGE_ANY); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_linked_shared_data(atcab_get_device(), details, &attr_read_key_handle, - &exp_read_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_linked_shared_data(atcab_get_device(), details, &attr_read_key_handle, - &imp_read_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - // write symmetric key into link read keys - status = talib_write_element(atcab_get_device(), exp_read_key_handle, TA_MAC_COMMAND_HMAC_SIZE, g_slot4_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_write_element(atcab_get_device(), imp_read_key_handle, TA_MAC_COMMAND_HMAC_SIZE, g_slot4_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - // Create export and import handle and set req attributes for handle - status = talib_handle_init_symmetric_key(&export_attr_symm_key_handle, TA_KEY_TYPE_AES128, TA_PROP_SYMM_KEY_USAGE_ANY); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_handle_set_read_permission(&export_attr_symm_key_handle, TA_PERM_AUTH); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - export_attr_symm_key_handle.read_key = (uint8_t)(exp_read_key_handle & 0x00FF); - export_attr_symm_key_handle.byte7_settings |= TA_EXPORTABLE_FROM_CHIP_MASK; - - status = talib_create_hmac_element(atcab_get_device(), TA_KEY_TYPE_AES128_SIZE, &export_attr_symm_key_handle, - &export_symm_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Import handle - status = talib_handle_init_symmetric_key(&import_attr_symm_key_handle, TA_KEY_TYPE_AES128, TA_PROP_SYMM_KEY_USAGE_ANY); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_handle_set_read_permission(&import_attr_symm_key_handle, TA_PERM_AUTH); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - import_attr_symm_key_handle.read_key = (uint8_t)(imp_read_key_handle & 0x00FF); - import_attr_symm_key_handle.byte7_settings |= TA_EXPORTABLE_FROM_CHIP_MASK; - - status = talib_create_hmac_element(atcab_get_device(), TA_KEY_TYPE_AES128_SIZE, &import_attr_symm_key_handle, - &import_symm_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - // Generate new symmetric key for the export handle - status = talib_genkey_symmetric_key(atcab_get_device(), export_symm_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Encrypt using the export handle - status = atcab_aes_encrypt(export_symm_key_handle, 0, plain_text, cipher_text); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - status = talib_export(atcab_get_device(), export_symm_key_handle, encrypted_blob, &encrypted_blob_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_import_handle_with_target_links(atcab_get_device(), import_symm_key_handle, encrypted_blob, - encrypted_blob_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - // verifying the imported handle by decrypting cipher text and match with plain text - status = atcab_aes_decrypt(import_symm_key_handle, 0, cipher_text, plain_text_out); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT_EQUAL_MEMORY(plain_text_out, plain_text, ATCA_AES128_BLOCK_SIZE); - - - // delete handles - status = talib_delete_handle(atcab_get_device(), export_symm_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(atcab_get_device(), import_symm_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(atcab_get_device(), exp_read_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(atcab_get_device(), imp_read_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -// *INDENT-OFF* - Preserve formatting -t_test_case_info talib_export_import_basic_test_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, export_import_symm_key_with_target_links), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, export_import_private_key), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, export_import_data_element_with_links), DEVICE_MASK(TA100) }, - { (fp_test_case)NULL, (uint8_t)0 }, /* Array Termination element*/ -}; -// *INDENT-OFN* - -t_test_case_info* talib_export_import_tests[] = { - talib_export_import_basic_test_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif \ No newline at end of file diff --git a/test/api_talib/test_talib_genkey.c b/test/api_talib/test_talib_genkey.c deleted file mode 100644 index eaaa3ef66..000000000 --- a/test/api_talib/test_talib_genkey.c +++ /dev/null @@ -1,203 +0,0 @@ -/** - * \file - * \brief Basic test for Key_Gen command api - TA100 - * - * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. - * - * \page License - * - * Subject to your compliance with these terms, you may use Microchip software - * and any derivatives exclusively with Microchip products. It is your - * responsibility to comply with third party license terms applicable to your - * use of third party software (including open source software) that may - * accompany Microchip software. - * - * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER - * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED - * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A - * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, - * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE - * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF - * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE - * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL - * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED - * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR - * THIS SOFTWARE. - */ - -#include "atca_test.h" -#include "test_talib.h" - -#if ATCA_TA_SUPPORT - -/** \brief Execute key gen command to generate symmetric key to do aes encrypt and decrypt. - */ -TEST(atca_cmd_basic_test, genkey_symmetric_key) -{ - ATCA_STATUS status; - ta_element_attributes_t attr_aes_handle; - const uint16_t aes_handle = TA_HANDLE_VOLATILE_REGISTER2; - const uint8_t plain_text[ATCA_AES128_BLOCK_SIZE] = { 0x1A, 0x3A, 0xA5, 0x45, 0x04, 0x94, 0x53, 0xAF, - 0xDF, 0x17, 0xE9, 0x89, 0xA4, 0x1F, 0xA0, 0x97, }; - uint8_t cipher_text[ATCA_AES128_BLOCK_SIZE]; - uint8_t plain_text_out[ATCA_AES128_BLOCK_SIZE]; - - status = talib_handle_init_symmetric_key(&attr_aes_handle, TA_KEY_TYPE_AES128, TA_PROP_SYMM_KEY_USAGE_ANY); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_hmac_element_with_handle(atcab_get_device(), TA_KEY_TYPE_AES128_SIZE, aes_handle, - &attr_aes_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_genkey_symmetric_key(atcab_get_device(), (uint32_t)aes_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcab_aes_encrypt(aes_handle, 0, plain_text, cipher_text); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcab_aes_decrypt(aes_handle, 0, cipher_text, plain_text_out); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT_EQUAL_MEMORY(plain_text_out, plain_text, ATCA_AES128_BLOCK_SIZE); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)aes_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief Execute key gen command to generate RSA2048 key. - */ -TEST(atca_cmd_basic_test, genkey_rsa_key) -{ - ATCA_STATUS status; - uint16_t private_key_handle; - ta_element_attributes_t attr_priv_key_handle; - uint8_t pub_key[TA_KEY_TYPE_RSA2048_SIZE]; - size_t pub_key_len = sizeof(pub_key); - uint8_t frag[4] = { 0x44, 0x44, 0x44, 0x44 }; - - status = talib_handle_init_private_key(&attr_priv_key_handle, TA_KEY_TYPE_RSA2048, TA_ALG_MODE_RSA_SSA_PSS, - TA_PROP_SIGN_INT_EXT_DIGEST, TA_PROP_KEY_AGREEMENT_OUT_BUFF); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_element(atcab_get_device(), &attr_priv_key_handle, &private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_genkey(atcab_get_device(), (uint32_t)private_key_handle, pub_key, &pub_key_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // spot check public key for bogus data, there should be none - // pub key is random so can't check the full content anyway. - TEST_ASSERT_NOT_EQUAL(0, memcmp(pub_key, frag, 4)); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief Execute key gen command to generate ECCP224 key. - */ -TEST(atca_cmd_basic_test, genkey_p224_key) -{ - ATCA_STATUS status; - uint16_t private_key_handle; - ta_element_attributes_t attr_priv_key_handle; - uint8_t pub_key[TA_ECC224_PUB_KEY_SIZE]; - size_t pub_key_len = sizeof(pub_key); - uint8_t frag[4] = { 0x44, 0x44, 0x44, 0x44 }; - - status = talib_handle_init_private_key(&attr_priv_key_handle, TA_KEY_TYPE_ECCP224, TA_ALG_MODE_ECC_ECDSA, - TA_PROP_SIGN_INT_EXT_DIGEST, TA_PROP_NO_KEY_AGREEMENT); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_element(atcab_get_device(), &attr_priv_key_handle, &private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_genkey(atcab_get_device(), (uint32_t)private_key_handle, pub_key, &pub_key_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // spot check public key for bogus data, there should be none - // pub key is random so can't check the full content anyway. - TEST_ASSERT_NOT_EQUAL(0, memcmp(pub_key, frag, 4)); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief Execute key gen command to generate ECCP384 key. - */ -TEST(atca_cmd_basic_test, genkey_p384_key) -{ - ATCA_STATUS status; - uint16_t private_key_handle; - ta_element_attributes_t attr_priv_key_handle; - uint8_t pub_key[TA_ECC384_PUB_KEY_SIZE]; - size_t pub_key_len = sizeof(pub_key); - uint8_t frag[4] = { 0x44, 0x44, 0x44, 0x44 }; - - status = talib_handle_init_private_key(&attr_priv_key_handle, TA_KEY_TYPE_ECCP384, TA_ALG_MODE_ECC_ECDSA, - TA_PROP_SIGN_INT_EXT_DIGEST, TA_PROP_NO_KEY_AGREEMENT); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_element(atcab_get_device(), &attr_priv_key_handle, &private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_genkey(atcab_get_device(), (uint32_t)private_key_handle, pub_key, &pub_key_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // spot check public key for bogus data, there should be none - // pub key is random so can't check the full content anyway. - TEST_ASSERT_NOT_EQUAL(0, memcmp(pub_key, frag, 4)); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief Execute key gen command to generate public key for existing private key. - */ -TEST(atca_cmd_basic_test, get_p224_pubkey) -{ - ATCA_STATUS status; - uint16_t private_key_handle; - ta_element_attributes_t attr_priv_key_handle; - uint8_t pub_key[TA_ECC224_PUB_KEY_SIZE]; - uint8_t frag[4] = { 0x44, 0x44, 0x44, 0x44 }; - size_t pub_key_len = sizeof(pub_key); - - status = talib_handle_init_private_key(&attr_priv_key_handle, TA_KEY_TYPE_ECCP224, TA_ALG_MODE_ECC_ECDSA, - TA_PROP_SIGN_INT_EXT_DIGEST, TA_PROP_NO_KEY_AGREEMENT); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_element(atcab_get_device(), &attr_priv_key_handle, &private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_genkey(atcab_get_device(), (uint32_t)private_key_handle, NULL, NULL); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_get_pubkey(atcab_get_device(), private_key_handle, pub_key, &pub_key_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // spot check public key for bogus data, there should be none - // pub key is random so can't check the full content anyway. - TEST_ASSERT_NOT_EQUAL(0, memcmp(pub_key, frag, 4)); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -// *INDENT-OFF* - Preserve formatting -t_test_case_info talib_genkey_basic_test_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, genkey_symmetric_key), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, genkey_rsa_key), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, genkey_p224_key), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, genkey_p384_key), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, get_p224_pubkey), DEVICE_MASK(TA100) }, - { (fp_test_case)NULL, (uint8_t)0 }, /* Array Termination element*/ -}; -// *INDENT-OFN* - -t_test_case_info* talib_genkey_tests[] = { - talib_genkey_basic_test_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif diff --git a/test/api_talib/test_talib_info.c b/test/api_talib/test_talib_info.c deleted file mode 100644 index 682158651..000000000 --- a/test/api_talib/test_talib_info.c +++ /dev/null @@ -1,211 +0,0 @@ -/** - * \file - * \brief Basic test for Info command api - TA100 - * - * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. - * - * \page License - * - * Subject to your compliance with these terms, you may use Microchip software - * and any derivatives exclusively with Microchip products. It is your - * responsibility to comply with third party license terms applicable to your - * use of third party software (including open source software) that may - * accompany Microchip software. - * - * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER - * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED - * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A - * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, - * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE - * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF - * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE - * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL - * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED - * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR - * THIS SOFTWARE. - */ - -#include "atca_test.h" -#include "test_talib.h" - -#if ATCA_TA_SUPPORT - -/** \brief This test case read device revision number - */ -TEST(atca_cmd_basic_test, ta_info) -{ - ATCA_STATUS status; - uint8_t info[TA_REVISION_NUMBER_SIZE]; - - status = talib_info(atcab_get_device(), info); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief This test case read device serial number - */ -TEST(atca_cmd_basic_test, info_sernum) -{ - ATCA_STATUS status; - uint8_t sernum[TA_SERIAL_NUMBER_SIZE]; - - status = talib_info_serial_number(atcab_get_device(), sernum); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief This test case gives how much non volatile memory is remaining - */ -TEST(atca_cmd_basic_test, info_nv_remain) -{ - ATCA_STATUS status; - uint32_t nv_remain; - - status = talib_info_get_nv_remain(atcab_get_device(), &nv_remain); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief This test case get the dedicated memory of 16 byte - */ -TEST(atca_cmd_basic_test, info_dedicated_memory) -{ - ATCA_STATUS status; - uint8_t dedicated_memory[TA_DEDICATED_MEMORY_SIZE]; - - status = talib_info_get_dedicated_memory(atcab_get_device(), dedicated_memory); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief This test case get the device chip status (config zone, setup lock and vcc latch) - */ -TEST(atca_cmd_basic_test, info_chip_status) -{ - ATCA_STATUS status; - uint8_t chip_status[TA_CHIP_STATUS_SIZE]; - - status = talib_info_get_chip_status(atcab_get_device(), chip_status); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief This test case check whether the given volatile register id is created or not (valid or not) - */ -TEST(atca_cmd_basic_test, info_volreg_status) -{ - ATCA_STATUS status; - ta_element_attributes_t attr_aes_handle; - const uint16_t aes_handle = TA_HANDLE_VOLATILE_REGISTER2; - uint8_t volreg_id; - uint8_t is_valid; - - status = talib_handle_init_symmetric_key(&attr_aes_handle, TA_KEY_TYPE_AES128, TA_PROP_SYMM_KEY_USAGE_ANY); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_hmac_element_with_handle(atcab_get_device(), TA_KEY_TYPE_AES128_SIZE, aes_handle, - &attr_aes_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Get the last byte of volatile register id - volreg_id = aes_handle & 0x000F; - - status = talib_is_volatile_register_valid(atcab_get_device(), volreg_id, &is_valid); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT_EQUAL(1, is_valid); -} - -/** \brief This test case check whether given handle is valid or not - */ -TEST(atca_cmd_basic_test, info_handle_valid) -{ - ATCA_STATUS status; - uint16_t handle; - uint8_t is_valid; - - status = atca_test_config_get_id(TEST_TYPE_ECC_SIGN, &handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_is_handle_valid(atcab_get_device(), handle, &is_valid); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT_EQUAL(1, is_valid); -} - -/** \brief This test case get the device ROM ID - */ -TEST(atca_cmd_basic_test, info_rom_id) -{ - ATCA_STATUS status; - uint16_t rom_id; - - status = talib_info_get_rom_id(atcab_get_device(), &rom_id); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief This test case get the data handle size and verify it. - */ -TEST(atca_cmd_basic_test, info_handle_size) -{ - ATCA_STATUS status; - size_t handle_size; - uint16_t handle; - size_t expected_handle_size = 0x0048; // Decimal value 72 - - status = atca_test_config_get_id(TEST_TYPE_DATA, &handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_info_get_handle_size(atcab_get_device(), (uint32_t)handle, &handle_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT_EQUAL(expected_handle_size, handle_size); -} - -/** \brief This test case get the given handle - handle info and verify its attributes - */ -TEST(atca_cmd_basic_test, info_handle_attributes) -{ - ATCA_STATUS status; - ta_element_attributes_t rw_data_attr = { 3, 72, 0, 0, 0, 0x55, 0 }; - uint8_t handle_info[TA_HANDLE_INFO_SIZE]; - uint16_t handle; - - status = atca_test_config_get_id(TEST_TYPE_DATA, &handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_info_get_handle_info(atcab_get_device(), (uint32_t)handle, handle_info); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - TEST_ASSERT_EQUAL_MEMORY(handle_info, (uint8_t*)&rw_data_attr, 8); -} - -/** \brief This test case check the given auth id is valid or not - */ -TEST(atca_cmd_basic_test, info_auth_status) -{ - ATCA_STATUS status; - uint8_t is_valid; - - status = talib_is_auth_session_valid(atcab_get_device(), 1, &is_valid); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT_EQUAL(false, is_valid); -} - -// *INDENT-OFF* - Preserve formatting -t_test_case_info talib_info_basic_test_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, ta_info), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, info_sernum), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, info_nv_remain), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, info_auth_status), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, info_dedicated_memory), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, info_chip_status), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, info_volreg_status), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, info_handle_valid), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, info_handle_size), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, info_handle_attributes), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, info_rom_id), DEVICE_MASK(TA100) }, - { (fp_test_case)NULL, (uint8_t)0 }, /* Array Termination element*/ -}; -// *INDENT-OFN* - -t_test_case_info* talib_info_tests[] = { - talib_info_basic_test_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif diff --git a/test/api_talib/test_talib_kdf.c b/test/api_talib/test_talib_kdf.c deleted file mode 100644 index 1122f6cd2..000000000 --- a/test/api_talib/test_talib_kdf.c +++ /dev/null @@ -1,501 +0,0 @@ - -#include "atca_config.h" -#include "cryptoauthlib.h" -#include "atca_test.h" - -#if ATCA_TA_SUPPORT - -// Test case 1 in https://tools.ietf.org/html/rfc5869.html -static const uint8_t hkdf_ikm[] = { - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b -}; -static const uint8_t hkdf_salt[] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c -}; -static const uint8_t hkdf_info[] = { - 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9 -}; -static const uint8_t hkdf_okm[] = { - 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a, 0x90, 0x43, 0x4f, 0x64, - 0xd0, 0x36, 0x2f, 0x2a, 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c, - 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf, 0x34, 0x00, 0x72, 0x08, - 0xd5, 0xb8, 0x87, 0x18, 0x58, 0x65 -}; - - -//https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Component-Testing#KDF135 -static const uint8_t prf_key[] = { - 0x20, 0x2c, 0x88, 0xc0, 0x0f, 0x84, 0xa1, 0x7a, 0x20, 0x02, 0x70, 0x79, - 0x60, 0x47, 0x87, 0x46, 0x11, 0x76, 0x45, 0x55, 0x39, 0xe7, 0x05, 0xbe, - 0x73, 0x08, 0x90, 0x60, 0x2c, 0x28, 0x9a, 0x50, 0x01, 0xe3, 0x4e, 0xeb, - 0x3a, 0x04, 0x3e, 0x5d, 0x52, 0xa6, 0x5e, 0x66, 0x12, 0x51, 0x88, 0xbf -}; - -static const uint8_t prf_label_seed[] = { - 0x6b, 0x65, 0x79, 0x20, 0x65, 0x78, 0x70, 0x61, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0xae, 0x6c, 0x80, - 0x6f, 0x8a, 0xd4, 0xd8, 0x07, 0x84, 0x54, 0x9d, 0xff, 0x28, 0xa4, 0xb5, 0x8f, 0xd8, 0x37, 0x68, - 0x1a, 0x51, 0xd9, 0x28, 0xc3, 0xe3, 0x0e, 0xe5, 0xff, 0x14, 0xf3, 0x98, 0x68, 0x62, 0xe1, 0xfd, - 0x91, 0xf2, 0x3f, 0x55, 0x8a, 0x60, 0x5f, 0x28, 0x47, 0x8c, 0x58, 0xcf, 0x72, 0x63, 0x7b, 0x89, - 0x78, 0x4d, 0x95, 0x9d, 0xf7, 0xe9, 0x46, 0xd3, 0xf0, 0x7b, 0xd1, 0xb6, 0x16 -}; - - -static const uint8_t prf_output_ref[] = { - 0xd0, 0x61, 0x39, 0x88, 0x9f, 0xff, 0xac, 0x1e, 0x3a, 0x71, 0x86, 0x5f, 0x50, 0x4a, 0xa5, 0xd0, - 0xd2, 0xa2, 0xe8, 0x95, 0x06, 0xc6, 0xf2, 0x27, 0x9b, 0x67, 0x0c, 0x3e, 0x1b, 0x74, 0xf5, 0x31, - 0x01, 0x6a, 0x25, 0x30, 0xc5, 0x1a, 0x3a, 0x0f, 0x7e, 0x1d, 0x65, 0x90, 0xd0, 0xf0, 0x56, 0x6b, - 0x2f, 0x38, 0x7f, 0x8d, 0x11, 0xfd, 0x4f, 0x73, 0x1c, 0xdd, 0x57, 0x2d, 0x2e, 0xae, 0x92, 0x7f, - 0x6f, 0x2f, 0x81, 0x41, 0x0b, 0x25, 0xe6, 0x96, 0x0b, 0xe6, 0x89, 0x85, 0xad, 0xd6, 0xc3, 0x84, - 0x45, 0xad, 0x9f, 0x8c, 0x64, 0xbf, 0x80, 0x68, 0xbf, 0x9a, 0x66, 0x79, 0x48, 0x5d, 0x96, 0x6f, - 0x1a, 0xd6, 0xf6, 0x8b, 0x43, 0x49, 0x5b, 0x10, 0xa6, 0x83, 0x75, 0x5e, 0xa2, 0xb8, 0x58, 0xd7, - 0x0c, 0xca, 0xc7, 0xec, 0x8b, 0x05, 0x3c, 0x6b, 0xd4, 0x1c, 0xa2, 0x99, 0xd4, 0xe5, 0x19, 0x28 -}; - - - -/** \brief The test case perform hkdf operation on the given input data and return the output on the bus. - * - */ -TEST(atca_cmd_basic_test, kdf_hkdf_io) -{ - ATCA_STATUS status; - uint8_t hkdf_output[sizeof(hkdf_okm)]; - uint16_t hkdf_output_len = sizeof(hkdf_output); - uint16_t hmac_handle; - ta_element_attributes_t attr_symm_hmac; - - status = talib_handle_init_symmetric_key(&attr_symm_hmac, TA_KEY_TYPE_HMAC, - TA_PROP_SYMM_KEY_USAGE_KDF_SHA); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create a HMAC handle - status = talib_create_hmac_element(atcab_get_device(), sizeof(hkdf_ikm), &attr_symm_hmac, &hmac_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Write the key to the HMAC handle - status = talib_write_element(atcab_get_device(), hmac_handle, sizeof(hkdf_ikm), hkdf_ikm); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // perform the hkdf operation with the given data and key in HMAC handle - status = talib_hkdf_io(atcab_get_device(), hmac_handle, hkdf_salt, sizeof(hkdf_salt), hkdf_info, sizeof(hkdf_info), hkdf_output, &hkdf_output_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Compare the hkdf output with the reference data - TEST_ASSERT_EQUAL_MEMORY(hkdf_okm, hkdf_output, sizeof(hkdf_okm)); - - status = talib_delete_handle(_gDevice, (uint32_t)hmac_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -} - - -/** \brief The test case perform hkdf operation on the given input data and store the output to the handle. - * - */ -TEST(atca_cmd_basic_test, kdf_hkdf_stored) -{ - ATCA_STATUS status; - uint8_t hkdf_output[sizeof(hkdf_okm)]; - uint16_t hkdf_output_len = sizeof(hkdf_output); - uint16_t hmac_key_handle, hkdf_out_stored_handle; - ta_element_attributes_t attr_symm_hmac; - - // Skip test if data zone isn't locked - test_assert_data_is_locked(); - - status = talib_handle_init_symmetric_key(&attr_symm_hmac, TA_KEY_TYPE_HMAC, - TA_PROP_SYMM_KEY_USAGE_KDF_SHA); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create the HMAC handle - status = talib_create_hmac_element(atcab_get_device(), sizeof(hkdf_ikm), &attr_symm_hmac, &hmac_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create the handle for the output data - status = talib_create_hmac_element(atcab_get_device(), hkdf_output_len, &attr_symm_hmac, - &hkdf_out_stored_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Write the key to the HMAC handle - status = talib_write_element(atcab_get_device(), hmac_key_handle, sizeof(hkdf_ikm), hkdf_ikm); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // perform the hkdf operation with the given data, key in HMAC handle and store the output to handle in device. - status = talib_hkdf_stored(atcab_get_device(), hmac_key_handle, hkdf_salt, sizeof(hkdf_salt), hkdf_info, - sizeof(hkdf_info), hkdf_out_stored_handle, &hkdf_output_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Read the data from the stored handle - status = talib_read_element(atcab_get_device(), hkdf_out_stored_handle, &hkdf_output_len, hkdf_output); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Compare the hkdf output with the reference data - TEST_ASSERT_EQUAL_MEMORY(hkdf_okm, hkdf_output, sizeof(hkdf_okm)); - - status = talib_delete_handle(_gDevice, (uint32_t)hmac_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(_gDevice, (uint32_t)hkdf_out_stored_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -} - -/** \brief The test case perform kdf prf operation on the given input data and return the output on the bus. - * - */ - -TEST(atca_cmd_basic_test, kdf_prf_io) -{ - ATCA_STATUS status; - uint8_t prf_output[sizeof(prf_output_ref)]; - uint16_t prf_output_len = sizeof(prf_output); - uint16_t hmac_handle; - ta_element_attributes_t attr_symm_hmac; - - status = talib_handle_init_symmetric_key(&attr_symm_hmac, TA_KEY_TYPE_HMAC, - TA_PROP_SYMM_KEY_USAGE_KDF_SHA); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create a HMAC handle - status = talib_create_hmac_element(atcab_get_device(), sizeof(prf_key), &attr_symm_hmac, &hmac_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Write the key to the HMAC handle - status = talib_write_element(atcab_get_device(), hmac_handle, sizeof(prf_key), prf_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // perform the kdf prf operation with the given data and key in HMAC handle - status = talib_kdf_prf_io(atcab_get_device(), hmac_handle, sizeof(prf_key), prf_label_seed, - sizeof(prf_label_seed), prf_output, &prf_output_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Compare the kdf prf output with the reference data - TEST_ASSERT_EQUAL_MEMORY(prf_output_ref, prf_output, sizeof(prf_output_ref)); - - status = talib_delete_handle(_gDevice, (uint32_t)hmac_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -} - - - -/** \brief The test case perform kdf prf operation on the given input data and return the output on the bus. - * - */ -TEST(atca_cmd_basic_test, kdf_prf_stored) -{ - ATCA_STATUS status; - uint8_t prf_output[sizeof(prf_output_ref)]; - uint16_t prf_output_len = sizeof(prf_output); - uint16_t hmac_handle, data_handle; - ta_element_attributes_t attr_symm_hmac, attr_data; - - // Skip test if data zone isn't locked - test_assert_data_is_locked(); - - status = talib_handle_init_symmetric_key(&attr_symm_hmac, TA_KEY_TYPE_HMAC, - TA_PROP_SYMM_KEY_USAGE_KDF_SHA); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create the HMAC handle - status = talib_create_hmac_element(atcab_get_device(), sizeof(prf_key), &attr_symm_hmac, &hmac_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_handle_init_data(&attr_data, prf_output_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create handle for the output kdf prf operation - status = talib_create_element(atcab_get_device(), &attr_data, &data_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Write the key to the HMAC handle - status = talib_write_element(atcab_get_device(), hmac_handle, sizeof(prf_key), prf_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // perform the kdf prf operation with the given data, key in HMAC handle and store the output to handle in device. - status = talib_kdf_prf_stored(atcab_get_device(), hmac_handle, sizeof(prf_key), prf_label_seed, - sizeof(prf_label_seed), data_handle, &prf_output_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Read the data from the stored handle - status = talib_read_element(atcab_get_device(), data_handle, &prf_output_len, prf_output); - - // Compare the hkdf output with the reference data - TEST_ASSERT_EQUAL_MEMORY(prf_output_ref, prf_output, sizeof(prf_output_ref)); - - status = talib_delete_handle(_gDevice, (uint32_t)hmac_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(_gDevice, (uint32_t)data_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - - -/** \brief The test case perform HMAC-counter operation on the data and return the output on the bus. - * - */ -TEST(atca_cmd_basic_test, kdf_hmac_counter_io) -{ - ATCA_STATUS status; - uint8_t hmac_counter_output[ATCA_SHA256_DIGEST_SIZE], hmac_key[ATCA_SHA256_DIGEST_SIZE]; - uint16_t hmac_counter_output_len = sizeof(hmac_counter_output); - uint8_t label[100], context[100]; - uint16_t hmac_handle; - ta_element_attributes_t attr_symm_hmac; - - status = talib_handle_init_symmetric_key(&attr_symm_hmac, TA_KEY_TYPE_HMAC, - TA_PROP_SYMM_KEY_USAGE_KDF_SHA); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create the HMAC handle - status = talib_create_hmac_element(atcab_get_device(), sizeof(hmac_key), &attr_symm_hmac, &hmac_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - status = talib_random(atcab_get_device(), NULL, hmac_key, sizeof(hmac_key)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Write the key to the HMAC handle - status = talib_write_element(atcab_get_device(), hmac_handle, sizeof(hmac_key), hmac_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - status = talib_random(atcab_get_device(), NULL, label, sizeof(label)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_random(atcab_get_device(), NULL, context, sizeof(context)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - // perform the hmac-counter operation with the data and key in HMAC handle. - status = talib_kdf_hmac_counter_io(atcab_get_device(), hmac_handle, label, sizeof(label), context, - sizeof(context), hmac_counter_output, &hmac_counter_output_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(_gDevice, (uint32_t)hmac_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -} - - - -/** \brief The test case perform HMAC-counter operation on the data and store the output to the handle. - * - */ -TEST(atca_cmd_basic_test, kdf_hmac_counter_stored) -{ - ATCA_STATUS status; - uint8_t hmac_key[ATCA_SHA256_DIGEST_SIZE]; - uint16_t hmac_counter_output_len = ATCA_SHA256_DIGEST_SIZE; - uint8_t label[100], context[100]; - uint16_t hmac_handle, data_handle; - ta_element_attributes_t attr_symm_hmac, attr_data; - - status = talib_handle_init_symmetric_key(&attr_symm_hmac, TA_KEY_TYPE_HMAC, - TA_PROP_SYMM_KEY_USAGE_KDF_SHA); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_random(atcab_get_device(), NULL, hmac_key, sizeof(hmac_key)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create a HMAC handle - status = talib_create_hmac_element(atcab_get_device(), sizeof(hmac_key), &attr_symm_hmac, &hmac_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_handle_init_data(&attr_data, hmac_counter_output_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create the handle for the output data - status = talib_create_element(atcab_get_device(), &attr_data, &data_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Write the key to the HMAC handle - status = talib_write_element(atcab_get_device(), hmac_handle, sizeof(hmac_key), hmac_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_random(atcab_get_device(), NULL, label, sizeof(label)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_random(atcab_get_device(), NULL, context, sizeof(context)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // perform the hmac-counter operation with the given data, key in HMAC handle and store the output to handle in device. - status = talib_kdf_hmac_counter_stored(atcab_get_device(), hmac_handle, label, sizeof(label), - context, sizeof(context), data_handle, &hmac_counter_output_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(_gDevice, (uint32_t)hmac_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(_gDevice, (uint32_t)data_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -} - - -/** \brief The test case perform kdf-sha256 operation on the given input data and return the data on output buffer. - * - */ - -TEST(atca_cmd_basic_test, kdf_sha256_io) -{ - ATCA_STATUS status; - uint8_t sha_output[ATCA_SHA256_DIGEST_SIZE], sha_output_ref[ATCA_SHA256_DIGEST_SIZE], hmac_key[ATCA_SHA256_DIGEST_SIZE]; - uint16_t sha_output_len = sizeof(sha_output); - uint8_t pre_pad[100], post_pad[100]; - atcac_sha2_256_ctx ctx; - uint16_t hmac_handle; - ta_element_attributes_t attr_symm_hmac; - - status = talib_handle_init_symmetric_key(&attr_symm_hmac, TA_KEY_TYPE_HMAC, - TA_PROP_SYMM_KEY_USAGE_KDF_SHA); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_random(atcab_get_device(), NULL, hmac_key, sizeof(hmac_key)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_random(atcab_get_device(), NULL, pre_pad, sizeof(pre_pad)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_random(atcab_get_device(), NULL, post_pad, sizeof(post_pad)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create a HMAC handle - status = talib_create_hmac_element(atcab_get_device(), sizeof(hmac_key), &attr_symm_hmac, &hmac_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Write the key to the HMAC handle - status = talib_write_element(atcab_get_device(), hmac_handle, sizeof(hmac_key), hmac_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // perform the kdf-sha256 operation with the given data and key in HMAC handle - status = talib_kdf_sha256_io(atcab_get_device(), hmac_handle, pre_pad, sizeof(pre_pad), post_pad, - sizeof(post_pad), sha_output, &sha_output_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Performing the same operation on software to verify the device calcualted - status = atcac_sw_sha2_256_init(&ctx); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcac_sw_sha2_256_update(&ctx, pre_pad, sizeof(pre_pad)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcac_sw_sha2_256_update(&ctx, hmac_key, sizeof(hmac_key)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcac_sw_sha2_256_update(&ctx, post_pad, sizeof(post_pad)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcac_sw_sha2_256_finish(&ctx, sha_output_ref); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Comparing the data from device and software generated. - TEST_ASSERT_EQUAL_MEMORY(sha_output_ref, sha_output, sizeof(sha_output_ref)); - - status = talib_delete_handle(_gDevice, (uint32_t)hmac_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -} - -/** \brief The test case perform kdf-sha256 operation on the given input data and store the output to the handle. - * - */ -TEST(atca_cmd_basic_test, kdf_sha256_stored) -{ - ATCA_STATUS status; - uint8_t sha_output[ATCA_SHA256_DIGEST_SIZE], sha_output_ref[ATCA_SHA256_DIGEST_SIZE], hmac_key[ATCA_SHA256_DIGEST_SIZE]; - uint16_t sha_output_len = sizeof(sha_output); - uint8_t pre_pad[100], post_pad[100]; - atcac_sha2_256_ctx ctx; - - uint16_t hmac_handle, sha256_stored_handle; - ta_element_attributes_t attr_symm_hmac; - - // Skip test if data zone isn't locked - test_assert_data_is_locked(); - - status = talib_handle_init_symmetric_key(&attr_symm_hmac, TA_KEY_TYPE_HMAC, - TA_PROP_SYMM_KEY_USAGE_KDF_SHA); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_random(atcab_get_device(), NULL, hmac_key, sizeof(hmac_key)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_random(atcab_get_device(), NULL, pre_pad, sizeof(pre_pad)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_random(atcab_get_device(), NULL, post_pad, sizeof(post_pad)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create a HMAC handle - status = talib_create_hmac_element(atcab_get_device(), sizeof(hmac_key), &attr_symm_hmac, &hmac_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create handle for the output data to be stored - status = talib_create_hmac_element(atcab_get_device(), sizeof(hmac_key), &attr_symm_hmac, &sha256_stored_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Write the key to the HMAC handle - status = talib_write_element(atcab_get_device(), hmac_handle, sizeof(hmac_key), hmac_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // perform the kdf-sha256 operation with the given data and key in HMAC handle - status = talib_kdf_sha256_stored(atcab_get_device(), hmac_handle, pre_pad, sizeof(pre_pad), - post_pad, sizeof(post_pad), sha256_stored_handle, &sha_output_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Read the data from the output handle - status = talib_read_element(atcab_get_device(), sha256_stored_handle, &sha_output_len, sha_output); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Performing the same operation on software to verify the device calcualted - status = atcac_sw_sha2_256_init(&ctx); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcac_sw_sha2_256_update(&ctx, pre_pad, sizeof(pre_pad)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcac_sw_sha2_256_update(&ctx, hmac_key, sizeof(hmac_key)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcac_sw_sha2_256_update(&ctx, post_pad, sizeof(post_pad)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcac_sw_sha2_256_finish(&ctx, sha_output_ref); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Comparing the data from device and software generated. - TEST_ASSERT_EQUAL_MEMORY(sha_output_ref, sha_output, sizeof(sha_output_ref)); - - status = talib_delete_handle(_gDevice, (uint32_t)hmac_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(_gDevice, (uint32_t)sha256_stored_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - - -t_test_case_info talib_kdf_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, kdf_hkdf_io), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, kdf_hkdf_stored), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, kdf_prf_io), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, kdf_prf_stored), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, kdf_hmac_counter_io), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, kdf_hmac_counter_stored), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, kdf_sha256_io), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, kdf_sha256_stored), DEVICE_MASK(TA100) }, - - /* Array Termination element*/ - { (fp_test_case)NULL, (uint8_t)0 }, -}; - -t_test_case_info* talib_kdf_tests[] = { - talib_kdf_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif diff --git a/test/api_talib/test_talib_mac.c b/test/api_talib/test_talib_mac.c deleted file mode 100644 index b73b099b6..000000000 --- a/test/api_talib/test_talib_mac.c +++ /dev/null @@ -1,61 +0,0 @@ - -#include "atca_config.h" -#include "cryptoauthlib.h" -#include "atca_test.h" -#include "vectors/aes_cmac_nist_vectors.h" - -#if ATCA_TA_SUPPORT - -/** \brief This test cases load an AES key, performs CMAC operation and verifies it. - * . - */ -TEST(atca_cmd_basic_test, mac_test_cmac) -{ - ATCA_STATUS status; - uint8_t key_block; - size_t msg_index; - uint8_t cmac[ATCA_AES128_KEY_SIZE]; - uint16_t key_id; - - // Skip test if AES is not enabled - check_config_aes_enable(); - - status = atca_test_config_get_id(TEST_TYPE_AES, &key_id); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - for (key_block = 0; key_block < 4; key_block++) - { - // Load AES keys into slot - status = atcab_write_bytes_zone(ATCA_ZONE_DATA, key_id, 0, &g_aes_keys[key_block][0], 16); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Skippping the first test case as the message size is zero - for (msg_index = 1; msg_index < sizeof(g_cmac_msg_sizes) / sizeof(g_cmac_msg_sizes[0]); msg_index++) - { - - status = talib_cmac(atcab_get_device(), key_id, 0, - g_plaintext, g_cmac_msg_sizes[msg_index], cmac); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - TEST_ASSERT_EQUAL_MEMORY(g_cmacs[key_block][msg_index], cmac, sizeof(cmac)); - } - } -} - - - -t_test_case_info talib_mac_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, mac_test_cmac), DEVICE_MASK(TA100) }, - /* Array Termination element*/ - { (fp_test_case)NULL, (uint8_t)0 }, -}; - -t_test_case_info* talib_mac_tests[] = { - talib_mac_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif diff --git a/test/api_talib/test_talib_managecert.c b/test/api_talib/test_talib_managecert.c deleted file mode 100644 index 444ac72bd..000000000 --- a/test/api_talib/test_talib_managecert.c +++ /dev/null @@ -1,221 +0,0 @@ - -#include "atca_config.h" -#include "cryptoauthlib.h" -#include "atca_test.h" - -#include "test_ecc_certificate_chain.h" - -#if ATCA_TA_SUPPORT - -/** \brief It verifies the certificate in the input buffer with the root public key in device. - * - */ -TEST(atca_cmd_basic_test, managecert_verify_cert_io_buffer) -{ - ATCA_STATUS status; - uint16_t root_key_id; - - // Skip test if data zone isn't locked - test_assert_data_is_locked(); - - //Get the root public key handle - status = atca_test_config_get_id(TEST_TYPE_ECC_ROOT_KEY, &root_key_id); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Verify the given ecc signer certificate with the root public key - status = talib_verify_cert_io(atcab_get_device(), root_key_id, test_ecc_signer_cert, sizeof(test_ecc_signer_cert)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -} - - -/** \brief Stores the given certificate to the device and - * verifies it with the root public key in device. - */ -TEST(atca_cmd_basic_test, managecert_verify_cert_shared_memory) -{ - ATCA_STATUS status; - uint16_t root_key_id; - ta_element_attributes_t data_attr; - uint16_t certificate_handle; - - // Skip test if data zone isn't locked - test_assert_data_is_locked(); - - status = talib_handle_init_data(&data_attr, sizeof(test_ecc_signer_cert)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Create data handle for storing the signer certificate - status = talib_create_element(atcab_get_device(), &data_attr, &certificate_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Write the complete signer certificate to the data handle in device - status = talib_write_element(atcab_get_device(), certificate_handle, sizeof(test_ecc_signer_cert), - test_ecc_signer_cert); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Get the root public key handle - status = atca_test_config_get_id(TEST_TYPE_ECC_ROOT_KEY, &root_key_id); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Verify the ecc signer certificate stored in device with the root public key - status = talib_verify_cert(atcab_get_device(), root_key_id, certificate_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)certificate_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - - - -/** \brief This test cases verifies the certificate chain and stores leaf extracted certificate to volatile memory. - * The root public key is in the device and it verifies the certificate chain given in the input buffer. - */ -TEST(atca_cmd_basic_test, managecert_verify_cert_chain_volatile) -{ - ATCA_STATUS status; - uint16_t root_key_id; - ta_element_attributes_t extracted_cert_attr; - uint16_t extracted_cert_handle = TA_HANDLE_VOLATILE_REGISTER3; - - // Skip test if data zone isn't locked - test_assert_data_is_locked(); - - // Skip test if config zone isn't locked - test_assert_config_is_locked(); - - status = talib_handle_init_extracated_certificate(&extracted_cert_attr, TA_KEY_TYPE_ECCP256, TA_ALG_MODE_ECC_ECDSA, 0, TA_PROP_CERT_CA_OK); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Create Element for the extracted certificate storage - status = talib_create_element_with_handle(atcab_get_device(), extracted_cert_handle, &extracted_cert_attr); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Get the root public key handle - status = atca_test_config_get_id(TEST_TYPE_ECC_ROOT_KEY, &root_key_id); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Verify the given signer certificate with root public key and store the signer extracted certificate to volatile handle - status = talib_store_extracted_cert_io(atcab_get_device(), root_key_id, extracted_cert_handle, - test_ecc_signer_cert, sizeof(test_ecc_signer_cert)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //The signer extracted certificate verifies the given leaf certificate and it stores leaf extraced certificate to same volatile handle - status = talib_store_extracted_cert_io(atcab_get_device(), extracted_cert_handle, extracted_cert_handle, - test_ecc_leaf_cert, sizeof(test_ecc_leaf_cert)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - -} - - - -/** \brief This test cases verifies the certificate chain and stores signer & leaf extracted certificate to shared data memory. - * The root public key, signer and end device certificate are in device. The root verifies the certificate chain from - * shared data memory and stores signer & leaf extracted certificate in shared data memory. - */ -TEST(atca_cmd_basic_test, managecert_verify_cert_chain_data_shared_memory) -{ - ATCA_STATUS status; - uint16_t root_key_id; - ta_element_attributes_t extracted_cert_attr, data_attr; - uint16_t signer_cert_handle, leaf_cert_handle; - uint16_t signer_extracted_cert_handle, leaf_extracted_cert_handle; - uint8_t leaf_public_key[ATCA_ECCP256_PUBKEY_SIZE]; - - // Skip test if data zone isn't locked - test_assert_data_is_locked(); - - // Skip test if config zone isn't locked - test_assert_config_is_locked(); - - status = talib_handle_init_data(&data_attr, sizeof(test_ecc_signer_cert)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - /* Creating data handle for storing the complete signer certificate */ - status = talib_create_element(atcab_get_device(), &data_attr, &signer_cert_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Write the complete signer certificate to the data handle in device - status = talib_write_element(atcab_get_device(), signer_cert_handle, sizeof(test_ecc_signer_cert), test_ecc_signer_cert); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_handle_init_data(&data_attr, sizeof(test_ecc_leaf_cert)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - /* Creating data handle for storing the complete leaf certificate */ - status = talib_create_element(atcab_get_device(), &data_attr, &leaf_cert_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Write the complete leaf certificate to the data handle in device - status = talib_write_element(atcab_get_device(), leaf_cert_handle, sizeof(test_ecc_leaf_cert), - test_ecc_leaf_cert); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - status = talib_handle_init_extracated_certificate(&extracted_cert_attr, TA_KEY_TYPE_ECCP256, TA_ALG_MODE_ECC_ECDSA, 0, TA_PROP_CERT_CA_OK); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - /* Creating data handle for storing the extracted signer certificate */ - status = talib_create_element(atcab_get_device(), &extracted_cert_attr, &signer_extracted_cert_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_handle_init_extracated_certificate(&extracted_cert_attr, TA_KEY_TYPE_ECCP256, TA_ALG_MODE_ECC_ECDSA, 0, 0); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - /* Creating data handle for storing the extracted leaf certificate */ - status = talib_create_element(atcab_get_device(), &extracted_cert_attr, &leaf_extracted_cert_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Get the root public key handle - status = atca_test_config_get_id(TEST_TYPE_ECC_ROOT_KEY, &root_key_id); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Verify the signer certificate with root public key and store the signer extracted certificate to data handle - status = talib_store_extracted_cert(atcab_get_device(), root_key_id, signer_extracted_cert_handle, signer_cert_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Verify the given leaf certificate with signer extracted certificate and store its extracted certificate to handle. - status = talib_store_extracted_cert(atcab_get_device(), signer_extracted_cert_handle, leaf_extracted_cert_handle, leaf_cert_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //read the public key from the leaf extracted certificate - status = atcab_read_pubkey(leaf_extracted_cert_handle, leaf_public_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Compare the read leaf public key with the refernce key - TEST_ASSERT_EQUAL_MEMORY(test_ecc_leaf_public_key, leaf_public_key, ATCA_ECCP256_PUBKEY_SIZE); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)signer_extracted_cert_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)leaf_extracted_cert_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)signer_cert_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)leaf_cert_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -} - -t_test_case_info talib_managecert_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, managecert_verify_cert_io_buffer), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, managecert_verify_cert_shared_memory), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, managecert_verify_cert_chain_volatile), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, managecert_verify_cert_chain_data_shared_memory), DEVICE_MASK(TA100) }, - - - /* Array Termination element*/ - { (fp_test_case)NULL, (uint8_t)0 }, -}; - -t_test_case_info* talib_managecert_tests[] = { - talib_managecert_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif diff --git a/test/api_talib/test_talib_power.c b/test/api_talib/test_talib_power.c deleted file mode 100644 index 9c08293ac..000000000 --- a/test/api_talib/test_talib_power.c +++ /dev/null @@ -1,99 +0,0 @@ -/** - * \file - * \brief Basic test for Power command api - TA100 - * - * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. - * - * \page License - * - * Subject to your compliance with these terms, you may use Microchip software - * and any derivatives exclusively with Microchip products. It is your - * responsibility to comply with third party license terms applicable to your - * use of third party software (including open source software) that may - * accompany Microchip software. - * - * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER - * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED - * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A - * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, - * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE - * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF - * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE - * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL - * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED - * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR - * THIS SOFTWARE. - */ - -#include "atca_test.h" -#include "test_talib.h" - -#if ATCA_TA_SUPPORT - -/** \brief The function put the device in sleep mode - */ -TEST(atca_cmd_basic_test, power_sleep) -{ - ATCA_STATUS status = ATCA_GEN_FAIL; - - status = talib_power_sleep(atcab_get_device()); - - // wait for the device to enter into sleep mode - atca_delay_ms(2); - - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief The function reboot the device - */ -TEST(atca_cmd_basic_test, power_reboot) -{ - ATCA_STATUS status = ATCA_GEN_FAIL; - uint8_t check_config_soft_reboot_enable; - uint16_t config_size = sizeof(check_config_soft_reboot_enable); - - // skip if config is not locked - test_assert_config_is_locked(); - - // skip if setup is not locked - test_assert_data_is_locked(); - - // Read the soft reboot configuration byte - status = talib_read_partial_element(atcab_get_device(), TA_HANDLE_CONFIG_MEMORY, 29, &config_size, - &check_config_soft_reboot_enable); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - if (check_config_soft_reboot_enable & TA_POWER_SOFT_REBOOT_CONFIG) - { - status = talib_power_reboot(atcab_get_device()); - - // Wait for the device to reboot - atca_delay_ms(7); - - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - } - else - { - - TEST_IGNORE_MESSAGE("Ignoring the test as soft reboot is not enabled in configuration"); - - } -} - -// *INDENT-OFF* - Preserve formatting -t_test_case_info talib_power_basic_test_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, power_sleep), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, power_reboot), DEVICE_MASK(TA100) }, - { (fp_test_case)NULL, (uint8_t)0 }, /* Array Termination element*/ -}; -// *INDENT-OFN* - -t_test_case_info* talib_power_tests[] = { - talib_power_basic_test_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif \ No newline at end of file diff --git a/test/api_talib/test_talib_random.c b/test/api_talib/test_talib_random.c deleted file mode 100644 index 8096f5623..000000000 --- a/test/api_talib/test_talib_random.c +++ /dev/null @@ -1,78 +0,0 @@ -/** - * \file - * \brief Basic test for Random command api - TA100 - * - * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. - * - * \page License - * - * Subject to your compliance with these terms, you may use Microchip software - * and any derivatives exclusively with Microchip products. It is your - * responsibility to comply with third party license terms applicable to your - * use of third party software (including open source software) that may - * accompany Microchip software. - * - * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER - * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED - * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A - * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, - * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE - * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF - * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE - * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL - * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED - * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR - * THIS SOFTWARE. - */ - -#include "atca_test.h" -#include "test_talib.h" - -#if ATCA_TA_SUPPORT - -#ifndef RANDOM_RSP_SIZE -#define RANDOM_RSP_SIZE (32) -#endif - -/** \brief This test cases generate 256bytes random data using random command. - * . - */ -TEST(atca_cmd_basic_test, random_256bytes) -{ - ATCA_STATUS status = ATCA_GEN_FAIL; - uint8_t random[256]; - - status = talib_random(atcab_get_device(), NULL, random, (uint16_t)sizeof(random)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief This test cases generate random data using stir data as input. - * . - */ -TEST(atca_cmd_basic_test, random_with_stir_data) -{ - ATCA_STATUS status = ATCA_GEN_FAIL; - uint8_t stir_data[TA_RANDOM_STIR_DATA_LENGTH] = { 0x1A, 0x3A, 0xA5, 0x45, 0x04, 0x94, 0x53, 0xAF, - 0xDF, 0x17, 0xE9, 0x89, 0xA4, 0x1F, 0xA0, 0x97, }; - uint8_t random[RANDOM_RSP_SIZE]; - - status = talib_random(atcab_get_device(), stir_data, random, RANDOM_RSP_SIZE); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -// *INDENT-OFF* - Preserve formatting -t_test_case_info talib_random_basic_test_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, random_256bytes), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, random_with_stir_data), DEVICE_MASK(TA100) }, - { (fp_test_case)NULL, (uint8_t)0 }, /* Array Termination element*/ -}; -// *INDENT-OFN* - -t_test_case_info* talib_random_tests[] = { - talib_random_basic_test_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif diff --git a/test/api_talib/test_talib_rsa_enc.c b/test/api_talib/test_talib_rsa_enc.c deleted file mode 100644 index 9d6096c98..000000000 --- a/test/api_talib/test_talib_rsa_enc.c +++ /dev/null @@ -1,175 +0,0 @@ - -#include "atca_config.h" -#include "cryptoauthlib.h" -#include "atca_test.h" - -#if ATCA_TA_SUPPORT - -static const uint8_t rsa_public_key[] = { - 0xcc, 0xd1, 0x08, 0xae, 0x4e, 0x23, 0x9f, 0xa1, 0x64, 0x3e, 0x53, 0xdf, 0xae, 0xd8, 0xcc, 0x23, - 0x24, 0x1c, 0xcf, 0x7f, 0x6c, 0x7c, 0x3b, 0xdf, 0x38, 0x47, 0x7e, 0xd6, 0xc0, 0x9d, 0xd8, 0xd6, - 0xcb, 0xe2, 0x66, 0xc1, 0x16, 0xfb, 0xd0, 0x67, 0x29, 0xdc, 0x85, 0xd1, 0x39, 0x45, 0x1b, 0x0e, - 0xdf, 0x42, 0x18, 0xb8, 0xc7, 0x2a, 0x29, 0xd4, 0xc8, 0x44, 0x35, 0x5a, 0x81, 0x7f, 0x03, 0x38, - 0xd4, 0xa8, 0x2a, 0x9b, 0xc7, 0x95, 0xf7, 0x09, 0xec, 0xbc, 0xd0, 0xc8, 0xf8, 0x00, 0xbd, 0x1c, - 0x0b, 0x9d, 0x36, 0x1c, 0xa3, 0x89, 0x37, 0x69, 0x98, 0x27, 0xca, 0x23, 0x24, 0x4f, 0x25, 0xa6, - 0x6d, 0xce, 0x0c, 0xe8, 0xeb, 0x3e, 0xcf, 0x9f, 0xa1, 0xdb, 0x85, 0x5c, 0x45, 0x5e, 0x20, 0x89, - 0x0a, 0xa8, 0xdd, 0x90, 0x25, 0x21, 0xc8, 0x84, 0x2b, 0xd6, 0xb9, 0x06, 0x61, 0xa5, 0x01, 0xef, -}; - -static const uint8_t rsa_private_key[] = { - 0xf5, 0x7d, 0x50, 0xfe, 0x94, 0x02, 0x33, 0xe6, 0xe1, 0xdc, 0xd4, 0xbd, 0xdc, 0xa1, 0xf8, 0x38, - 0x81, 0x5d, 0x93, 0x80, 0xf5, 0x68, 0x65, 0xca, 0xec, 0x16, 0xb3, 0x86, 0xcd, 0xbd, 0x74, 0x77, - 0x48, 0xe8, 0xd1, 0x84, 0x6b, 0x67, 0xa6, 0x70, 0xd0, 0x14, 0x0d, 0x6a, 0x3c, 0xbb, 0xce, 0x10, - 0xaa, 0x7b, 0xef, 0x05, 0xb7, 0x43, 0xc8, 0x54, 0xfb, 0x26, 0x44, 0x16, 0x1a, 0x0f, 0x94, 0x81, - 0xd5, 0x95, 0xec, 0x0b, 0x48, 0xc1, 0x29, 0x37, 0x39, 0xec, 0x7c, 0x13, 0x1f, 0xeb, 0x27, 0x48, - 0x95, 0x98, 0x72, 0xcb, 0xaf, 0xc4, 0xae, 0xf3, 0xa7, 0x22, 0x90, 0x41, 0x43, 0x0a, 0x85, 0x31, - 0x7b, 0xf3, 0xcf, 0xd7, 0xfd, 0x31, 0x81, 0xa4, 0x57, 0x4f, 0x58, 0xec, 0x7d, 0x91, 0xc3, 0x43, - 0x64, 0xd6, 0x91, 0xf9, 0xad, 0x04, 0x8e, 0x57, 0x9a, 0xe3, 0x0e, 0xec, 0x29, 0x3c, 0x9e, 0x6f, -}; - -/** \brief This test cases encrypts plain text with 1024 bit RSA public key in handle - * and decrypts it with 1024 bit RSA private key in handle - * - */ -TEST(atca_cmd_basic_test, rsa_encrypt_decrypt_handle) -{ - ATCA_STATUS status; - uint8_t ciphertext[TA_RSAENC_CIPHER_TEXT_SIZE]; - uint8_t plaintext[TA_RSAENC_PLAIN_TEXT_MAX_SIZE]; - uint8_t decrypted_text[TA_RSAENC_PLAIN_TEXT_MAX_SIZE]; - ta_element_attributes_t attr_private_key, attr_public_key; - uint16_t private_key_handle, public_key_handle; - - - status = talib_handle_init_private_key(&attr_private_key, TA_KEY_TYPE_RSA1024, - TA_ALG_MODE_RSA_SSA_1_5, TA_PROP_SIGN_INT_EXT_DIGEST, - TA_PROP_NO_KEY_AGREEMENT); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_handle_set_write_permission(&attr_private_key, TA_PERM_ALWAYS); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - attr_private_key.property |= TA_PROP_KEY_AGREEMENT_OUT_BUFF_MASK; - //RSA1024 keygen is not possible, so here private key is written externally - attr_private_key.property &= ~(TA_PROP_EXECUTE_ONLY_KEY_GEN_MASK); - - //Create RSA private key handle - status = talib_create_element(atcab_get_device(), &attr_private_key, &private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Write the RSA private key to handle - status = talib_write_priv_key(atcab_get_device(), private_key_handle, sizeof(rsa_private_key), rsa_private_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_handle_init_public_key(&attr_public_key, TA_KEY_TYPE_RSA1024, - TA_ALG_MODE_RSA_SSA_1_5, 0, 0); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - //Create RSA public key handle - status = talib_create_element(atcab_get_device(), &attr_public_key, &public_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Write the RSA public key to handle - status = talib_write_element(atcab_get_device(), public_key_handle, sizeof(rsa_public_key), rsa_public_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_random(atcab_get_device(), NULL, plaintext, sizeof(plaintext)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - // Encrypt the plaintext with the rsa public key in handle - status = talib_rsaenc_encrypt(atcab_get_device(), public_key_handle, sizeof(plaintext), - plaintext, sizeof(ciphertext), ciphertext); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Decrypt the ciphertext with the rsa private key in handle - status = talib_rsaenc_decrypt(atcab_get_device(), private_key_handle, sizeof(ciphertext), - ciphertext, sizeof(decrypted_text), decrypted_text); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Compare plaintext with the decrypted text - TEST_ASSERT_EQUAL_MEMORY(plaintext, decrypted_text, TA_RSAENC_PLAIN_TEXT_MAX_SIZE); - - status = talib_delete_handle(_gDevice, (uint32_t)private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(_gDevice, (uint32_t)public_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -} - - -/** \brief This test cases encrypts plain text with an 1024 bit RSA public key in input buffer - * and decrypts it with 1024 bit RSA private key in handle - * - */ -TEST(atca_cmd_basic_test, rsa_encrypt_decrypt_io_buffer) -{ - ATCA_STATUS status; - uint8_t ciphertext[TA_RSAENC_CIPHER_TEXT_SIZE]; - uint8_t plaintext[TA_RSAENC_PLAIN_TEXT_MAX_SIZE]; - uint8_t decrypted_text[TA_RSAENC_PLAIN_TEXT_MAX_SIZE]; - ta_element_attributes_t attr_private_key; - uint16_t private_key_handle; - - - status = talib_handle_init_private_key(&attr_private_key, TA_KEY_TYPE_RSA1024, - TA_ALG_MODE_RSA_SSA_1_5, TA_PROP_SIGN_INT_EXT_DIGEST, - TA_PROP_NO_KEY_AGREEMENT); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_handle_set_write_permission(&attr_private_key, TA_PERM_ALWAYS); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - attr_private_key.property |= TA_PROP_KEY_AGREEMENT_OUT_BUFF_MASK; - //RSA1024 keygen is not possible, so here private key is written externally - attr_private_key.property &= ~(TA_PROP_EXECUTE_ONLY_KEY_GEN_MASK); - - // Create an RSA private key handle - status = talib_create_element(atcab_get_device(), &attr_private_key, &private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Write the RSA private key to handle - status = talib_write_priv_key(atcab_get_device(), private_key_handle, sizeof(rsa_private_key), rsa_private_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_random(atcab_get_device(), NULL, plaintext, sizeof(plaintext)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Encrypt the plain text with the rsa public key given in the input buffer - status = talib_rsaenc_encrypt_with_iobuffer(atcab_get_device(), rsa_public_key, - sizeof(plaintext), plaintext, sizeof(ciphertext), ciphertext); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Decrypt the cipher text with the rsa private key in handle - status = talib_rsaenc_decrypt(atcab_get_device(), private_key_handle, sizeof(ciphertext), - ciphertext, sizeof(decrypted_text), decrypted_text); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Compare plaintext with the decrypted text - TEST_ASSERT_EQUAL_MEMORY(plaintext, decrypted_text, TA_RSAENC_PLAIN_TEXT_MAX_SIZE); - - status = talib_delete_handle(_gDevice, (uint32_t)private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -} - - -// *INDENT-OFF* - Preserve formatting -t_test_case_info talib_rsa_enc_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, rsa_encrypt_decrypt_handle), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, rsa_encrypt_decrypt_io_buffer), DEVICE_MASK(TA100) }, - /* Array Termination element*/ - { (fp_test_case)NULL, (uint8_t)0 }, -}; -// *INDENT-ON* - -t_test_case_info * talib_rsa_enc_tests[] = { - talib_rsa_enc_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif diff --git a/test/api_talib/test_talib_secureboot.c b/test/api_talib/test_talib_secureboot.c deleted file mode 100644 index 32819c2ff..000000000 --- a/test/api_talib/test_talib_secureboot.c +++ /dev/null @@ -1,287 +0,0 @@ - -#include "atca_config.h" -#include "cryptoauthlib.h" -#include "atca_test.h" - -#if ATCA_TA_SUPPORT - -const uint8_t ta_sboot_dummy_image[] = -{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }; - -static const uint8_t sboot_digest[] = -{ 0xFE, 0x10, 0x74, 0xAA, 0xEC, 0x4C, 0x28, 0x72, 0x7C, 0xDC, 0x58, 0x20, 0xB2, 0xED, 0xFB, 0x3B, - 0xFF, 0xBF, 0xC4, 0x1C, 0xC4, 0x7B, 0x0E, 0xE5, 0x87, 0xC3, 0x8A, 0xBA, 0x2A, 0x49, 0x54, 0xED, }; - -static const uint8_t sboot_signature[] = -{ 0x4E, 0xEF, 0xCE, 0x5E, 0x90, 0xDC, 0x04, 0xE8, 0xAA, 0x7A, 0x6A, 0x3D, 0xC2, 0xED, 0xA6, 0xE8, - 0x8F, 0x6B, 0xA8, 0x6A, 0x47, 0xB4, 0x64, 0x30, 0x9D, 0x53, 0x82, 0xA8, 0x79, 0xB0, 0x15, 0xD8, - 0xE9, 0x23, 0x2D, 0xE3, 0x7E, 0xF2, 0x44, 0x48, 0xA2, 0x16, 0xED, 0xC4, 0x14, 0xBA, 0x1C, 0x88, - 0xF4, 0x0E, 0x6A, 0xB3, 0x2F, 0xA6, 0xA7, 0xCD, 0x3E, 0x36, 0x89, 0x83, 0xEF, 0xC3, 0x2E, 0x68, }; - -/** \brief Execute Secureboot preset phase to allocate memory to store digest in vega - * NOTE: This should run before config lock only - */ -TEST(atca_cmd_basic_test, sboot_preset) -{ - ATCA_STATUS status; - bool is_preboot_enabled = false; - - // Skip if config zone is locked - test_assert_config_is_unlocked(); - - // Preboot - if ((test_ta100_configdata[33] & TA_SECUREBOOT_CONFIG_PREBOOT_ENABLE_MASK) - == TA_SECUREBOOT_CONFIG_PREBOOT_ENABLE_MASK) - { - is_preboot_enabled = true; - status = talib_secureboot_preboot_preset(atcab_get_device(), NULL); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - } - // Full store - if ((test_ta100_configdata[32] & TA_SECUREBOOT_CONFIG_MODE_MASK) - == TA_SECUREBOOT_CONFIG_FULL_STORE_MODE) - { - status = talib_secureboot_fullstore_preset(atcab_get_device(), NULL); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - } - // Partial - else if ((test_ta100_configdata[32] & TA_SECUREBOOT_CONFIG_MODE_MASK) - == TA_SECUREBOOT_CONFIG_PARTIAL_MODE) - { - status = talib_secureboot_partial_preset(atcab_get_device()); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - } - else - { - if (!is_preboot_enabled) - { - TEST_IGNORE_MESSAGE("Ignoring the test, Secureboot is not configured"); - } - } -} - -/** \brief Execute Preboot update and boot phase. Secureboot image signature - * verified and store the digest into vega secureboot handle. - * This test case run only when Preboot is enabled in sboot config - */ -TEST(atca_cmd_basic_test, sboot_preboot) -{ - ATCA_STATUS status; - uint16_t public_key_id; - bool is_validated; - - // skip if config is not locked - test_assert_config_is_locked(); - - // skip if setup is not locked - test_assert_data_is_locked(); - - // check secureboot preboot mode is enabled - check_config_ta_sboot_preboot_enable(); - - // Get secureboot public key handle - status = atca_test_config_get_id(TEST_TYPE_ECC_ROOT_KEY, &public_key_id); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Secureboot preboot update phase - status = talib_secureboot_preboot_update(atcab_get_device(), TA_HANDLE_INPUT_BUFFER, - public_key_id, sboot_digest, sboot_signature, - TA_SIGN_P256_SIG_SIZE, &is_validated); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT(is_validated); - - - - - is_validated = false; - // Secureboot preboot boot phase - status = talib_secureboot_preboot_boot(atcab_get_device(), TA_HANDLE_INPUT_BUFFER, - sboot_digest, &is_validated); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT(is_validated); -} - -/** \brief Execute secureboot command in full asymmetric mode - */ -TEST(atca_cmd_basic_test, sboot_full_asymmetric) -{ - ATCA_STATUS status; - uint16_t public_key_id; - bool is_validated = false; - - // skip if config is not locked - test_assert_config_is_locked(); - - // skip if setup is not locked - test_assert_data_is_locked(); - - // check FULL asymmetric mode is enabled in secureboot configuration - check_config_ta_sboot_enable(TA_SECUREBOOT_CONFIG_FULL_ASYMM_MODE); - - // Get secureboot public key handle - status = atca_test_config_get_id(TEST_TYPE_ECC_ROOT_KEY, &public_key_id); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Secure boot full asymmetric - status = talib_secureboot_full_asymmetric(atcab_get_device(), TA_HANDLE_INPUT_BUFFER, - public_key_id, sboot_digest, sboot_signature, - TA_SIGN_P256_SIG_SIZE, &is_validated); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT(is_validated); -} - -/** \brief Execute Full store update and boot phase. Secureboot image signature - * verified and store the digest into vega secureboot handle. - * This test case run only when full store mode is enabled in sboot config - */ -TEST(atca_cmd_basic_test, sboot_fullstore) -{ - ATCA_STATUS status; - uint16_t public_key_id; - bool is_validated; - - // skip if config is not locked - test_assert_config_is_locked(); - - // skip if setup is not locked - test_assert_data_is_locked(); - - // Check Full store is enabled in secureboot configuration - check_config_ta_sboot_enable(TA_SECUREBOOT_CONFIG_FULL_STORE_MODE); - - - // Get secureboot public key handle - status = atca_test_config_get_id(TEST_TYPE_ECC_ROOT_KEY, &public_key_id); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Secureboot full store update phase - status = talib_secureboot_fullstore_update(atcab_get_device(), TA_HANDLE_INPUT_BUFFER, - public_key_id, sboot_digest, sboot_signature, - TA_SIGN_P256_SIG_SIZE, &is_validated); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT(is_validated); - - - - - - is_validated = false; - // Secureboot full store boot phase - status = talib_secureboot_fullstore_boot(atcab_get_device(), TA_HANDLE_INPUT_BUFFER, - sboot_digest, &is_validated); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT(is_validated); - -} - -/** \brief Execute partial code, final and complete phase to verify the secureboot image signature - * Once signature is verified, the digest will be stored in vega. - * this test can be run only when partial mode is enabled in sboot config - * NOTE: here secureboot code image size is 256 bytes. So portion_count should be one - */ -TEST(atca_cmd_basic_test, sboot_partial) -{ - ATCA_STATUS status; - uint16_t public_key_id; - uint8_t digest[TA_SHA256_DIGEST_SIZE]; - int32_t code_size = sizeof(ta_sboot_dummy_image); - uint16_t index = 0; - bool is_validated; - uint32_t begin; - uint32_t end; - - // skip if config is not locked - test_assert_config_is_locked(); - - // skip if setup is not locked - test_assert_data_is_locked(); - - // Check Full store is enabled in secureboot configuration - check_config_ta_sboot_enable(TA_SECUREBOOT_CONFIG_PARTIAL_MODE); - - // secureboot partial setup phase - status = talib_secureboot_partial_setup(atcab_get_device(), (uint32_t)code_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // secureboot partial code phase - while (code_size > TA_SECUREBOOT_PARTIAL_CODE_SIZE_MAX) - { - status = talib_secureboot_partial_code(atcab_get_device(), &ta_sboot_dummy_image[index]); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - index += TA_SECUREBOOT_PARTIAL_CODE_SIZE_MAX; - code_size -= TA_SECUREBOOT_PARTIAL_CODE_SIZE_MAX; - } - - // secureboot partial final phase - status = talib_secureboot_partial_final(atcab_get_device(), &ta_sboot_dummy_image[index], - (size_t)code_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Get secureboot public key handle - status = atca_test_config_get_id(TEST_TYPE_ECC_ROOT_KEY, &public_key_id); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // secureboot partial complete phase - verify signature - status = talib_secureboot_partial_complete(atcab_get_device(), public_key_id, sboot_signature, - TA_SIGN_P256_SIG_SIZE, &is_validated); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT(is_validated); - - - - - - - // get begin and end address - status = talib_secureboot_partial_address(atcab_get_device(), &begin, &end); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // compute digest - status = talib_sha(atcab_get_device(), (end - begin) + 1, &ta_sboot_dummy_image[begin], digest); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // secureboot partial boot phase - is_validated = false; - status = talib_secureboot_partial_boot(atcab_get_device(), TA_HANDLE_INPUT_BUFFER, - digest, &is_validated); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT(is_validated); -} - -// *INDENT-OFF* - Preserve formatting -t_test_case_info talib_secureboot_info[] = -{ - /* Dafault configuration enables pre boot and full store secureboot config mode only */ - { REGISTER_TEST_CASE(atca_cmd_basic_test, sboot_preset), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, sboot_preboot), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, sboot_full_asymmetric), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, sboot_fullstore), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, sboot_partial), DEVICE_MASK(TA100) }, - /* Array Termination element*/ - { (fp_test_case)NULL, (uint8_t)0 }, -}; -// *INDENT-ON* - -t_test_case_info* talib_secureboot_tests[] = { - talib_secureboot_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif \ No newline at end of file diff --git a/test/api_talib/test_talib_selftest.c b/test/api_talib/test_talib_selftest.c deleted file mode 100644 index 8a236a0b6..000000000 --- a/test/api_talib/test_talib_selftest.c +++ /dev/null @@ -1,36 +0,0 @@ - -#include "atca_config.h" -#include "cryptoauthlib.h" -#include "atca_test.h" - -#if ATCA_TA_SUPPORT - -/** \brief It performs the self test of most of the cryptographic algorithms in the device. - * - */ -TEST(atca_cmd_basic_test, self_test) -{ - ATCA_STATUS status; - uint32_t self_test_result; - - status = talib_selftest(atcab_get_device(), TA_SELFTEST_MODE_USEMAP, SELFTEST_MAP_ALL, &self_test_result); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - TEST_ASSERT_EQUAL(self_test_result, 0); - -} - -t_test_case_info talib_selftest_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, self_test), DEVICE_MASK(TA100) }, - /* Array Termination element*/ - { (fp_test_case)NULL, (uint8_t)0 }, -}; - -t_test_case_info* talib_selftest_tests[] = { - talib_selftest_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif diff --git a/test/api_talib/test_talib_sha.c b/test/api_talib/test_talib_sha.c deleted file mode 100644 index a4d99edc9..000000000 --- a/test/api_talib/test_talib_sha.c +++ /dev/null @@ -1,168 +0,0 @@ -/** - * \file - * \brief Basic test for SHA command api - TA100 - * - * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. - * - * \page License - * - * Subject to your compliance with these terms, you may use Microchip software - * and any derivatives exclusively with Microchip products. It is your - * responsibility to comply with third party license terms applicable to your - * use of third party software (including open source software) that may - * accompany Microchip software. - * - * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER - * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED - * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A - * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, - * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE - * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF - * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE - * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL - * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED - * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR - * THIS SOFTWARE. - */ - -#include "atca_test.h" -#include "test_talib.h" - -#if ATCA_TA_SUPPORT - -/** \brief Execute SHA command with start, update and end mode and verify the final digest with Entire - * message mode output - */ -TEST(atca_cmd_basic_test, sha_with_handle) -{ - ATCA_STATUS status; - const uint8_t nist_hash_msg1[] = "abc"; - uint8_t digest1[ATCA_SHA2_256_DIGEST_SIZE]; - uint8_t digest[ATCA_SHA2_256_DIGEST_SIZE]; - - status = talib_sha_start_with_handle(atcab_get_device(), TA_HANDLE_SHA_CONTEXT1); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_sha_update_with_handle(atcab_get_device(), TA_HANDLE_SHA_CONTEXT1, (uint16_t) - (sizeof(nist_hash_msg1) - 1), nist_hash_msg1); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_sha_end_with_handle(atcab_get_device(), TA_HANDLE_SHA_CONTEXT1, digest); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_sha_with_handle(atcab_get_device(), TA_HANDLE_SHA_CONTEXT1, (uint16_t) - (sizeof(nist_hash_msg1) - 1), nist_hash_msg1, digest1); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - TEST_ASSERT_EQUAL_MEMORY(digest1, digest, sizeof(digest1)); -} - -/** \brief This test case performs i) Start SHA operation - * ii) Update context handle with input message - * iii) Read the context from context handle - * iv) Perform SHA (END mode) and get the digest1 - * v) Perfrom SHA operation with different input - * vi) Write the read context (step iii)) into same context handle - * vii) Perform SHA (END mode) and get the digest2 - * viii) Verify the digest1 and digest2 - */ -TEST(atca_cmd_basic_test, sha_context_with_handle) -{ - ATCA_STATUS status; - uint16_t data_out_size = 0; - uint16_t context_size; - uint8_t context[SHA_CONTEXT_MAX_SIZE]; - uint8_t digest[ATCA_SHA256_DIGEST_SIZE]; - uint8_t digest1[ATCA_SHA256_DIGEST_SIZE]; - uint8_t digest2[ATCA_SHA256_DIGEST_SIZE]; - uint8_t message[ATCA_SHA256_BLOCK_SIZE]; - - uint8_t data_input[] = { - 0x01, 0x02, 0x03, 0x04, 0x05 - }; - - // Skip test if setup isn't locked - test_assert_data_is_locked(); - - //Calculating the digest for message data_input and reading the context - status = talib_sha_base(atcab_get_device(), TA_SHA_MODE_START, 0, TA_HANDLE_SHA_CONTEXT1, NULL, - NULL, NULL); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_sha_base(atcab_get_device(), TA_SHA_MODE_UPDATE, (uint16_t)sizeof(data_input), - TA_HANDLE_SHA_CONTEXT1, data_input, NULL, NULL); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - context_size = sizeof(context); - status = talib_sha_read_context_with_handle(atcab_get_device(), TA_HANDLE_SHA_CONTEXT1, context, - &context_size); //Reading the context to use it later - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_sha_base(atcab_get_device(), TA_SHA_MODE_UPDATE, (uint16_t)sizeof(data_input), - TA_HANDLE_SHA_CONTEXT1, data_input, NULL, NULL); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - data_out_size = sizeof(digest1); - status = talib_sha_base(atcab_get_device(), TA_SHA_MODE_END, 0, TA_HANDLE_SHA_CONTEXT1, NULL, - digest1, &data_out_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - //Calculating the digest for another message - memset(message, 0x5A, sizeof(message)); - status = talib_sha_base(atcab_get_device(), TA_SHA_MODE_START, 0, TA_HANDLE_SHA_CONTEXT1, NULL, - NULL, NULL); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_sha_base(atcab_get_device(), TA_SHA_MODE_UPDATE, ATCA_SHA256_BLOCK_SIZE, TA_HANDLE_SHA_CONTEXT1, - message, NULL, NULL); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_sha_base(atcab_get_device(), TA_SHA_MODE_UPDATE, ATCA_SHA256_BLOCK_SIZE, TA_HANDLE_SHA_CONTEXT1, - message, NULL, NULL); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_sha_base(atcab_get_device(), TA_SHA_MODE_UPDATE, ATCA_SHA256_BLOCK_SIZE, TA_HANDLE_SHA_CONTEXT1, - message, NULL, NULL); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - data_out_size = sizeof(digest); - status = talib_sha_base(atcab_get_device(), TA_SHA_MODE_END, 0, TA_HANDLE_SHA_CONTEXT1, NULL, digest, - &data_out_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - //Write context the data, read from read context and comparing both the digest. - status = talib_sha_write_context_with_handle(atcab_get_device(), TA_HANDLE_SHA_CONTEXT1, context, - context_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - //Calculating the digest using the write context - status = talib_sha_base(atcab_get_device(), TA_SHA_MODE_UPDATE, (uint16_t)sizeof(data_input), - TA_HANDLE_SHA_CONTEXT1, data_input, NULL, NULL); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - data_out_size = sizeof(digest2); - status = talib_sha_base(atcab_get_device(), TA_SHA_MODE_END, 0, TA_HANDLE_SHA_CONTEXT1, NULL, - digest2, &data_out_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT_EQUAL_MEMORY(digest1, digest2, ATCA_SHA256_DIGEST_SIZE); -} - -// *INDENT-OFF* - Preserve formatting -t_test_case_info talib_sha_basic_test_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, sha_with_handle), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, sha_context_with_handle), DEVICE_MASK(TA100) }, - { (fp_test_case)NULL, (uint8_t)0 }, /* Array Termination element*/ -}; -// *INDENT-OFN* - -t_test_case_info* talib_sha_tests[] = { - talib_sha_basic_test_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif diff --git a/test/api_talib/test_talib_sign.c b/test/api_talib/test_talib_sign.c deleted file mode 100644 index 394aec318..000000000 --- a/test/api_talib/test_talib_sign.c +++ /dev/null @@ -1,332 +0,0 @@ -/** - * \file - * \brief Basic test for Sign command api - TA100 - * - * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. - * - * \page License - * - * Subject to your compliance with these terms, you may use Microchip software - * and any derivatives exclusively with Microchip products. It is your - * responsibility to comply with third party license terms applicable to your - * use of third party software (including open source software) that may - * accompany Microchip software. - * - * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER - * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED - * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A - * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, - * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE - * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF - * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE - * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL - * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED - * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR - * THIS SOFTWARE. - */ - -#include "atca_test.h" -#include "test_talib.h" - -#if ATCA_TA_SUPPORT - -/** \brief Execute sign operation using RSA2048 key type and verify it with same. - */ -TEST(atca_cmd_basic_test, rsa_key_sign_extern) -{ - ATCA_STATUS status; - uint16_t private_key_handle; - ta_element_attributes_t attr_priv_key_handle; - uint8_t pub_key[TA_KEY_TYPE_RSA2048_SIZE]; - size_t pub_key_len = sizeof(pub_key); - uint8_t message[32]; - uint8_t signature[TA_KEY_TYPE_RSA2048_SIZE]; - uint16_t sign_size = sizeof(signature); - bool is_verified = false; - - status = talib_handle_init_private_key(&attr_priv_key_handle, TA_KEY_TYPE_RSA2048, TA_ALG_MODE_RSA_SSA_PSS, - TA_PROP_SIGN_INT_EXT_DIGEST, TA_PROP_KEY_AGREEMENT_OUT_BUFF); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_element(atcab_get_device(), &attr_priv_key_handle, &private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_genkey_base(atcab_get_device(), TA_KEYGEN_MODE_NEWKEY, (uint32_t)private_key_handle, - pub_key, &pub_key_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcab_random(message); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_sign_external(atcab_get_device(), TA_KEY_TYPE_RSA2048, private_key_handle, - TA_HANDLE_INPUT_BUFFER, message, (uint16_t)sizeof(message), signature, - &sign_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_verify(atcab_get_device(), TA_KEY_TYPE_RSA2048, TA_HANDLE_INPUT_BUFFER, TA_HANDLE_INPUT_BUFFER, - signature, sign_size, message, TA_VERIFY_OTHER_KEY_TYPE_MSG_SIZE, - pub_key, TA_KEY_TYPE_RSA2048_SIZE, &is_verified); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT(is_verified); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief Execute sign operation using ECCP224 key type and verify it with same. - */ -TEST(atca_cmd_basic_test, p224_key_sign_extern) -{ - ATCA_STATUS status; - uint16_t private_key_handle; - ta_element_attributes_t attr_priv_key_handle; - uint8_t pub_key[TA_ECC224_PUB_KEY_SIZE]; - size_t pub_key_len = sizeof(pub_key); - uint8_t message[TA_SIGN_P224_MSG_SIZE]; - const uint16_t message_len = sizeof(message); - uint8_t signature[TA_SIGN_P224_SIG_SIZE]; - uint16_t sign_size = sizeof(signature); - bool is_verified = false; - - status = talib_handle_init_private_key(&attr_priv_key_handle, TA_KEY_TYPE_ECCP224, TA_ALG_MODE_ECC_ECDSA, - TA_PROP_SIGN_INT_EXT_DIGEST, TA_PROP_NO_KEY_AGREEMENT); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_element(atcab_get_device(), &attr_priv_key_handle, &private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_genkey_base(atcab_get_device(), TA_KEYGEN_MODE_NEWKEY, (uint32_t)private_key_handle, - pub_key, &pub_key_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_random(atcab_get_device(), NULL, message, message_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_sign_external(atcab_get_device(), TA_KEY_TYPE_ECCP224, private_key_handle, - TA_HANDLE_INPUT_BUFFER, message, (uint16_t)sizeof(message), signature, - &sign_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_verify(atcab_get_device(), TA_KEY_TYPE_ECCP224, TA_HANDLE_INPUT_BUFFER, TA_HANDLE_INPUT_BUFFER, - signature, sign_size, message, message_len, pub_key, (uint16_t)pub_key_len, &is_verified); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT(is_verified); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief Execute sign operation using ECCP384 key type and verify it with same. - */ -TEST(atca_cmd_basic_test, p384_key_sign_extern) -{ - ATCA_STATUS status; - uint16_t private_key_handle; - ta_element_attributes_t attr_priv_key_handle; - uint8_t pub_key[TA_ECC384_PUB_KEY_SIZE]; - size_t pub_key_len = sizeof(pub_key); - uint8_t message[TA_SIGN_P384_MSG_SIZE]; - const uint16_t message_len = sizeof(message); - uint8_t signature[TA_SIGN_P384_SIG_SIZE]; - uint16_t sign_size = sizeof(signature); - bool is_verified = false; - - status = talib_handle_init_private_key(&attr_priv_key_handle, TA_KEY_TYPE_ECCP384, TA_ALG_MODE_ECC_ECDSA, - TA_PROP_SIGN_INT_EXT_DIGEST, TA_PROP_NO_KEY_AGREEMENT); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_element(atcab_get_device(), &attr_priv_key_handle, - &private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_genkey_base(atcab_get_device(), TA_KEYGEN_MODE_NEWKEY, (uint32_t)private_key_handle, - pub_key, &pub_key_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_random(atcab_get_device(), NULL, message, message_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_sign_external(atcab_get_device(), TA_KEY_TYPE_ECCP384, private_key_handle, - TA_HANDLE_INPUT_BUFFER, message, (uint16_t)sizeof(message), signature, - &sign_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_verify(atcab_get_device(), TA_KEY_TYPE_ECCP384, TA_HANDLE_INPUT_BUFFER, - TA_HANDLE_INPUT_BUFFER, signature, sign_size, message, message_len, - pub_key, (uint16_t)pub_key_len, &is_verified); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT(is_verified); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -/** \brief The test case sign the internally generated message and verify it - * -*/ -TEST(atca_cmd_basic_test, ta_sign_internal) -{ - ATCA_STATUS status; - ta_element_attributes_t attr_private_key_handle; - uint8_t template_attributes[TA_HANDLE_INFO_SIZE]; - uint8_t target_attributes[TA_HANDLE_INFO_SIZE]; - uint16_t template_handle; - uint16_t data_handle; - uint16_t target_priv_handle; - uint16_t private_key_handle; - uint32_t counter_value; - uint8_t data[72]; - uint16_t data_size = sizeof(data); - uint8_t dedicated_memory[TA_DEDICATED_MEMORY_SIZE]; - uint8_t target_pubkey[TA_ECC256_PUB_KEY_SIZE]; - uint8_t verify_pub_key[TA_ECC256_PUB_KEY_SIZE]; - const char test_template_text[] = "CAL Sign Internal Test"; - uint8_t message[194] = { 0 }; - uint8_t digest[TA_SHA256_DIGEST_SIZE]; - uint8_t signature[TA_SIGN_P256_SIG_SIZE]; - uint16_t sign_size = sizeof(signature); - bool is_verified = false; - uint8_t is_valid = false; - uint16_t msg_index = 0; - - // Get the template data handle, which will be created during config - status = atca_test_config_get_id(TEST_TYPE_TEMPLATE_DATA, &template_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Check the template data handle is being created - status = talib_is_handle_valid(atcab_get_device(), template_handle, &is_valid); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - if (!is_valid) - { - TEST_IGNORE_MESSAGE("Ignoring the test as template handle is not created, do config before running this test"); - } - - - // Get data handle and target handle - status = atca_test_config_get_id(TEST_TYPE_DATA, &data_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atca_test_config_get_id(TEST_TYPE_ECC_SIGN, &target_priv_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - // Get the known data to form internal message on host before do sign operation - // 1. target public key - // 2. get dedicated memory which consists of serial number and group number - // 3. data from data handle - // 4. target private key attributes - // 5. template attributes - // 6. counter value - // Generate public key from target private key handle - status = talib_get_pubkey_compat(atcab_get_device(), target_priv_handle, target_pubkey); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_info_get_dedicated_memory(atcab_get_device(), dedicated_memory); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_random(atcab_get_device(), NULL, data, data_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_write_element(atcab_get_device(), data_handle, data_size, data); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_info_get_handle_info(atcab_get_device(), target_priv_handle, target_attributes); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_info_get_handle_info(atcab_get_device(), template_handle, template_attributes); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_counter_read(atcab_get_device(), TA_HANDLE_COUNTER1, &counter_value); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - // Create private key handle which sign internal message and set req attributes - status = talib_handle_init_private_key(&attr_private_key_handle, TA_KEY_TYPE_ECCP256, - TA_ALG_MODE_ECC_ECDSA, TA_PROP_SIGN_ONLY_INT_DIGEST, - TA_PROP_NO_KEY_AGREEMENT); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - attr_private_key_handle.byte7_settings |= 0x01; // link counter1 to priv key handle - - status = talib_create_element(atcab_get_device(), &attr_private_key_handle, &private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - // Generate private key to sign - status = atcab_genkey(private_key_handle, verify_pub_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - // Sign the internally generated message - status = talib_sign_internal(atcab_get_device(), TA_SIGN_MODE_INTERNAL_MSG, private_key_handle, - template_handle, target_priv_handle, signature, &sign_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - // Form internal message and calculate SHA256 digest of it - memcpy(&message[msg_index], test_template_text, strlen(test_template_text)); - msg_index += strlen(test_template_text); - - memcpy(&message[msg_index], target_pubkey, sizeof(target_pubkey)); - msg_index += sizeof(target_pubkey); - - memcpy(&message[msg_index], dedicated_memory, 10); - msg_index += 10; - - memcpy(&message[msg_index], data, sizeof(data)); - msg_index += sizeof(data); - - memcpy(&message[msg_index], target_attributes, TA_HANDLE_INFO_SIZE); - msg_index += TA_HANDLE_INFO_SIZE; - - memcpy(&message[msg_index], template_attributes, TA_HANDLE_INFO_SIZE); - msg_index += TA_HANDLE_INFO_SIZE; - - counter_value += 1; - counter_value = ATCA_UINT32_BE_TO_HOST(counter_value); - memcpy(&message[msg_index], (uint8_t*)&counter_value, sizeof(counter_value)); - msg_index += sizeof(counter_value); - - memcpy(&message[msg_index], (uint8_t*)&counter_value, sizeof(counter_value)); - msg_index += sizeof(counter_value); - - status = talib_sha(atcab_get_device(), msg_index, message, digest); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - - - // Verify the signature with public key (corresponding to sign private key) - status = atcab_verify_extern(digest, signature, verify_pub_key, &is_verified); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT(is_verified); - - - // delete handle - status = talib_delete_handle(atcab_get_device(), private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -// *INDENT-OFF* - Preserve formatting -t_test_case_info talib_sign_basic_test_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, rsa_key_sign_extern), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, p224_key_sign_extern), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, p384_key_sign_extern), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, ta_sign_internal), DEVICE_MASK(TA100) }, - { (fp_test_case)NULL, (uint8_t)0 }, /* Array Termination element*/ -}; -// *INDENT-OFN* - -t_test_case_info* talib_sign_tests[] = { - talib_sign_basic_test_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif diff --git a/test/api_talib/test_talib_verify.c b/test/api_talib/test_talib_verify.c deleted file mode 100644 index 6a3831e47..000000000 --- a/test/api_talib/test_talib_verify.c +++ /dev/null @@ -1,128 +0,0 @@ -/** - * \file - * \brief Basic test for Verify command api - TA100 - * - * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. - * - * \page License - * - * Subject to your compliance with these terms, you may use Microchip software - * and any derivatives exclusively with Microchip products. It is your - * responsibility to comply with third party license terms applicable to your - * use of third party software (including open source software) that may - * accompany Microchip software. - * - * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER - * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED - * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A - * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, - * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE - * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF - * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE - * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL - * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED - * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR - * THIS SOFTWARE. - */ - -#include "atca_test.h" -#include "test_talib.h" - -#if ATCA_TA_SUPPORT - -/** \brief Execute an verify command to find an Y value of public key using known X value of public key - */ -TEST(atca_cmd_basic_test, verify_point_exp) -{ - ATCA_STATUS status; - const uint8_t eccp256_pub_key[TA_ECC256_PUB_KEY_SIZE] = { - 0x8F, 0x8D, 0x18, 0x2B, 0xD8, 0x19, 0x04, 0x85, 0x82, 0xA9, 0x92, 0x7E, 0xA0, 0xC5, 0x6D, 0xEF, - 0xB4, 0x15, 0x95, 0x48, 0xE1, 0x1C, 0xA5, 0xF7, 0xAB, 0xAC, 0x45, 0xBB, 0xCE, 0x76, 0x81, 0x5B, - 0xE5, 0xC6, 0x4F, 0xCD, 0x2F, 0xD1, 0x26, 0x98, 0x54, 0x4D, 0xE0, 0x37, 0x95, 0x17, 0x26, 0x66, - 0x60, 0x73, 0x04, 0x61, 0x19, 0xAD, 0x5E, 0x11, 0xA9, 0x0A, 0xA4, 0x97, 0x73, 0xAE, 0xAC, 0x86 - }; - uint8_t x_known_val[TA_VERIFY_X_VAL_MAX_SIZE]; - uint8_t y_value[TA_VERIFY_Y_VAL_MAX_SIZE]; - - // Copy the x value - memcpy(x_known_val, eccp256_pub_key, TA_VERIFY_X_VAL_MAX_SIZE); - - status = talib_verify_point_exp(atcab_get_device(), TA_VERIFY_Y_IS_EVEN, x_known_val, y_value); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT_EQUAL_MEMORY(y_value, &eccp256_pub_key[32], sizeof(y_value)); -} - -/** \brief Execute verify operation to verify the signature using ECCP384 public key stored in shared data. - */ -TEST(atca_cmd_basic_test, verify_p384pubkey_stored) -{ - ATCA_STATUS status; - uint16_t private_key_handle; - uint16_t public_key_handle; - ta_element_attributes_t attr_priv_key_handle; - ta_element_attributes_t attr_pub_key_handle; - uint8_t pub_key[TA_ECC384_PUB_KEY_SIZE]; - size_t pub_key_len = sizeof(pub_key); - uint8_t message[TA_SIGN_P384_MSG_SIZE]; - const uint16_t message_len = sizeof(message); - uint8_t signature[TA_SIGN_P384_SIG_SIZE]; - uint16_t sign_size = sizeof(signature); - bool is_verified = false; - - status = talib_handle_init_private_key(&attr_priv_key_handle, TA_KEY_TYPE_ECCP384, TA_ALG_MODE_ECC_ECDSA, - TA_PROP_SIGN_INT_EXT_DIGEST, TA_PROP_NO_KEY_AGREEMENT); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_element(atcab_get_device(), &attr_priv_key_handle, &private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_genkey_base(atcab_get_device(), TA_KEYGEN_MODE_NEWKEY, (uint32_t)private_key_handle, - pub_key, &pub_key_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_handle_init_public_key(&attr_pub_key_handle, TA_KEY_TYPE_ECCP384, TA_ALG_MODE_ECC_ECDSA, - TA_PROP_VAL_NO_SECURE_BOOT_SIGN, TA_PROP_ROOT_PUB_KEY_VERIFY); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_element(atcab_get_device(), &attr_pub_key_handle, &public_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_write_element(atcab_get_device(), public_key_handle, TA_ECC384_PUB_KEY_SIZE, pub_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_random(atcab_get_device(), NULL, message, message_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_sign_external(atcab_get_device(), TA_KEY_TYPE_ECCP384, private_key_handle, - TA_HANDLE_INPUT_BUFFER, message, (uint16_t)sizeof(message), signature, - &sign_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_verify(atcab_get_device(), TA_KEY_TYPE_ECCP384, TA_HANDLE_INPUT_BUFFER, public_key_handle, - signature, sign_size, message, message_len, NULL, 0, &is_verified); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT(is_verified); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)public_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); -} - -// *INDENT-OFF* - Preserve formatting -t_test_case_info talib_verify_basic_test_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, verify_point_exp), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, verify_p384pubkey_stored), DEVICE_MASK(TA100) }, - { (fp_test_case)NULL, (uint8_t)0 }, /* Array Termination element*/ -}; -// *INDENT-OFN* - -t_test_case_info* talib_verify_tests[] = { - talib_verify_basic_test_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif diff --git a/test/api_talib/test_talib_write.c b/test/api_talib/test_talib_write.c deleted file mode 100644 index bc19f90d9..000000000 --- a/test/api_talib/test_talib_write.c +++ /dev/null @@ -1,284 +0,0 @@ - -#include "atca_config.h" -#include "cryptoauthlib.h" -#include "atca_test.h" -#include "test_talib.h" - - -#if ATCA_TA_SUPPORT - -/** \brief Change GPIO pin state and verify it. - * - */ -TEST(atca_cmd_basic_test, write_gpio_state) -{ - ATCA_STATUS status; - uint8_t set_gpio_state, read_gpio_state; - uint8_t check_gpio_mode; - uint16_t config_size = sizeof(check_gpio_mode); - - // Skip test if data zone isn't locked - test_assert_data_is_locked(); - - //Read the gpio3 config from the configuration memory - status = talib_read_partial_element(atcab_get_device(), TA_HANDLE_CONFIG_MEMORY, 24, &config_size, &check_gpio_mode); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - if ((check_gpio_mode & TA_GPIO_MODE_MASK) == 0x01) - { - status = talib_read_gpio_pin_state(atcab_get_device(), TA_HANDLE_GPIO3, &read_gpio_state); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - set_gpio_state = (read_gpio_state & TA_GPIO_PIN_STATE_MASK) ^ 1; - - status = talib_write_gpio_pin_state(atcab_get_device(), TA_HANDLE_GPIO3, &set_gpio_state); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Read the entire data from the element - status = talib_read_gpio_pin_state(atcab_get_device(), TA_HANDLE_GPIO3, &read_gpio_state); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - TEST_ASSERT_EQUAL(set_gpio_state, (read_gpio_state & TA_GPIO_PIN_STATE_MASK)); - } - - else - { - TEST_IGNORE_MESSAGE("Ignoring the test as GPIO mode 2 is not enabled in configuration"); - } - -} - - -/** \brief Transfer the key in volatile memory to the shared data memory and verify it. - * The symmetric key is written to the volatile memory and write command transfer the key to - * to shared memory. The symmetric operation is performed on the key in shared memory to verify it. - * to verify it. - * . - */ -TEST(atca_cmd_basic_test, write_key_transfer_volatile_shared) -{ - ATCA_STATUS status; - ta_element_attributes_t attr_symm_key_handle; - uint16_t sym_key_handle = TA_HANDLE_VOLATILE_REGISTER2; - uint16_t sym_key_transfer_handle; - uint8_t write_key[ATCA_AES128_KEY_SIZE]; - uint8_t plain_text[ATCA_AES128_BLOCK_SIZE]; - uint8_t cipher_text[ATCA_AES128_BLOCK_SIZE]; - uint8_t decrypted_text[ATCA_AES128_BLOCK_SIZE]; - uint8_t check_config_transfer_enable; - uint16_t config_size = sizeof(check_config_transfer_enable); - uint16_t data_size = sizeof(write_key); - - - - // Skip test if data zone isn't locked - test_assert_data_is_locked(); - - //Read the volatile to shared data transfer enable flag - status = talib_read_partial_element(atcab_get_device(), TA_HANDLE_CONFIG_MEMORY, 18, &config_size, - &check_config_transfer_enable); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - if ((check_config_transfer_enable & TA_COPY_VOL_REG_MASK)) - { - status = talib_handle_init_symmetric_key(&attr_symm_key_handle, TA_KEY_TYPE_AES128, TA_PROP_SYMM_KEY_USAGE_ANY); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_handle_set_read_permission(&attr_symm_key_handle, TA_PERM_NEVER); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_element_with_handle(atcab_get_device(), sym_key_handle, &attr_symm_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_create_element(atcab_get_device(), &attr_symm_key_handle, &sym_key_transfer_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Creating Random 16 key to write - status = talib_random(atcab_get_device(), NULL, write_key, sizeof(write_key)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Creating Random 16 plain text - status = talib_random(atcab_get_device(), NULL, plain_text, sizeof(plain_text)); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Write the 16 byte key to the element - status = talib_write_element(atcab_get_device(), sym_key_handle, data_size, write_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Transfer the key from Volatile memory to the shared memory - status = talib_write_volatile_shared_transfer(atcab_get_device(), sym_key_handle, sym_key_transfer_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Perform encryption option with the key in shared memory - status = atcab_aes_encrypt(sym_key_transfer_handle, 0, plain_text, cipher_text); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Perform decryption option with the key in shared memory - status = atcab_aes_decrypt(sym_key_transfer_handle, 0, cipher_text, decrypted_text); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Verify the plain and decrypted data. - TEST_ASSERT_EQUAL_MEMORY(plain_text, decrypted_text, data_size); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)sym_key_transfer_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - } - - else - { - - - TEST_IGNORE_MESSAGE("Ignoring the test as Copy_Vol_reg is not enabled in configuration"); - - - } -} - -/** \brief Write the ecc private key to the handle and verify it.The private key is written to a handle - * and corresponding public is generated. It is then compared with the reference public key. - * It is not recommended to write private key from outside. - * . - */ -TEST(atca_cmd_basic_test, write_ecc_private_key) -{ - ATCA_STATUS status; - ta_element_attributes_t attr_private_key_attr; - uint16_t private_key_handle; - uint8_t public_key[64]; - - static const uint8_t private_key[32] = { - 0x87, 0x8F, 0x0A, 0xB6, 0xA5, 0x26, 0xD7, 0x11, - 0x1C, 0x26, 0xE6, 0x17, 0x08, 0x10, 0x79, 0x6E, - 0x7B, 0x33, 0x00, 0x7F, 0x83, 0x2B, 0x8D, 0x64, - 0x46, 0x7E, 0xD6, 0xF8, 0x70, 0x53, 0x7A, 0x19 - }; - - static const uint8_t public_key_ref[64] = { - 0x8F, 0x8D, 0x18, 0x2B, 0xD8, 0x19, 0x04, 0x85, 0x82, 0xA9, 0x92, 0x7E, - 0xA0, 0xC5, 0x6D, 0xEF, 0xB4, 0x15, 0x95, 0x48, 0xE1, 0x1C, 0xA5, 0xF7, - 0xAB, 0xAC, 0x45, 0xBB, 0xCE, 0x76, 0x81, 0x5B, 0xE5, 0xC6, 0x4F, 0xCD, - 0x2F, 0xD1, 0x26, 0x98, 0x54, 0x4D, 0xE0, 0x37, 0x95, 0x17, 0x26, 0x66, - 0x60, 0x73, 0x04, 0x61, 0x19, 0xAD, 0x5E, 0x11, 0xA9, 0x0A, 0xA4, 0x97, - 0x73, 0xAE, 0xAC, 0x86 - }; - - - status = talib_handle_init_private_key(&attr_private_key_attr, TA_KEY_TYPE_ECCP256, - TA_ALG_MODE_ECC_ECDSA, TA_PROP_SIGN_INT_EXT_DIGEST, - TA_PROP_NO_KEY_AGREEMENT); - attr_private_key_attr.property &= ~TA_PROP_EXECUTE_ONLY_KEY_GEN_MASK; - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_handle_set_write_permission(&attr_private_key_attr, TA_PERM_ALWAYS); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create a private key handle - status = talib_create_element(atcab_get_device(), &attr_private_key_attr, &private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Write the 32 byte private key to the handle - status = talib_write_priv_key(atcab_get_device(), private_key_handle, sizeof(private_key), private_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Get the public key from the element - status = atcab_get_pubkey(private_key_handle, public_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Verify the generated with the reference public key. - TEST_ASSERT_EQUAL_MEMORY(public_key_ref, public_key, sizeof(public_key)); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -} - - -/** \brief Write the rsa public key to the handle and verify it. - * The rsa private key generates the signature with the given message and - * the signature is sent to the corresponding rsa public key for verifing it. - * - */ -TEST(atca_cmd_basic_test, write_rsa_public_key) -{ - ATCA_STATUS status; - uint16_t private_key_handle, public_key_handle; - ta_element_attributes_t attr_private_key, attr_public_key; - uint8_t pub_key[TA_KEY_TYPE_RSA2048_SIZE]; - size_t pub_key_len = sizeof(pub_key); - uint8_t message[32]; - uint8_t signature[TA_KEY_TYPE_RSA2048_SIZE]; - uint16_t sign_size = sizeof(signature); - bool is_verified = false; - - status = talib_handle_init_private_key(&attr_private_key, TA_KEY_TYPE_RSA2048, TA_ALG_MODE_RSA_SSA_PSS, - TA_PROP_SIGN_INT_EXT_DIGEST, TA_PROP_KEY_AGREEMENT_OUT_BUFF); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create RSA private key handle - status = talib_create_element(atcab_get_device(), &attr_private_key, &private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_handle_init_public_key(&attr_public_key, TA_KEY_TYPE_RSA2048, TA_ALG_MODE_RSA_SSA_PSS, - TA_PROP_VAL_NO_SECURE_BOOT_SIGN, TA_PROP_ROOT_PUB_KEY_VERIFY); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Create RSA public key handle - status = talib_create_element(atcab_get_device(), &attr_public_key, &public_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - - // Generate a RSA private/public key pair - status = talib_genkey_base(atcab_get_device(), TA_KEYGEN_MODE_NEWKEY, (uint32_t)private_key_handle, - pub_key, &pub_key_len); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Write the RSA public key to the handle. - status = talib_write_pub_key(atcab_get_device(), public_key_handle, (uint16_t)pub_key_len, pub_key); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = atcab_random(message); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Sign a random message with RSA private key in handle. - status = talib_sign_external(atcab_get_device(), TA_KEY_TYPE_RSA2048, private_key_handle, - TA_HANDLE_INPUT_BUFFER, message, (uint16_t)sizeof(message), signature, - &sign_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - // Verify the signature with RSA public key in handle. - status = talib_verify(atcab_get_device(), TA_KEY_TYPE_RSA2048, TA_HANDLE_INPUT_BUFFER, public_key_handle, - signature, sign_size, message, (uint16_t)sizeof(message), NULL, - TA_KEY_TYPE_RSA2048_SIZE, &is_verified); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - TEST_ASSERT(is_verified); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)private_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - - status = talib_delete_handle(atcab_get_device(), (uint32_t)public_key_handle); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - -} - - -// *INDENT-OFF* - Preserve formatting -t_test_case_info talib_write_info[] = -{ - { REGISTER_TEST_CASE(atca_cmd_basic_test, write_gpio_state), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, write_key_transfer_volatile_shared), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, write_ecc_private_key), DEVICE_MASK(TA100) }, - { REGISTER_TEST_CASE(atca_cmd_basic_test, write_rsa_public_key), DEVICE_MASK(TA100) }, - - /* Array Termination element*/ - { (fp_test_case)NULL, (uint8_t)0 }, -}; -// *INDENT-ON* - -t_test_case_info * talib_write_tests[] = { - talib_write_info, - /* Array Termination element*/ - (t_test_case_info*)NULL -}; - -#endif diff --git a/test/atca_crypto_sw_tests.c b/test/atca_crypto_sw_tests.c index a8c5c1382..f444772bc 100644 --- a/test/atca_crypto_sw_tests.c +++ b/test/atca_crypto_sw_tests.c @@ -1,6 +1,6 @@ /** * \file - * \brief Unity tests for the CryptoAuthLib software crypto API. + * \brief Tests for the CryptoAuthLib software crypto API. * * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. * @@ -39,6 +39,8 @@ #include "vectors/aes_gcm_nist_vectors.h" #include "vectors/aes_cmac_nist_vectors.h" +#include "vectors/ecdsa_nist_vectors.h" +#include "vectors/ecdh_nist_vectors.h" static const uint8_t nist_hash_msg1[] = "abc"; static const uint8_t nist_hash_msg2[] = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; @@ -55,7 +57,6 @@ int atca_crypto_sw_tests(int argc, char * argv[]) RUN_TEST(test_atcac_sw_sha1_nist_long); RUN_TEST(test_atcac_sw_sha1_nist_monte); - RUN_TEST(test_atcac_sw_sha2_256_nist1); RUN_TEST(test_atcac_sw_sha2_256_nist2); RUN_TEST(test_atcac_sw_sha2_256_nist3); @@ -63,11 +64,25 @@ int atca_crypto_sw_tests(int argc, char * argv[]) RUN_TEST(test_atcac_sw_sha2_256_nist_long); RUN_TEST(test_atcac_sw_sha2_256_nist_monte); - RUN_TEST(test_atcac_aes128_gcm); - RUN_TEST(test_atcac_aes128_cmac); RUN_TEST(test_atcac_sha256_hmac); RUN_TEST(test_atcac_sha256_hmac_nist); +#if defined(ATCA_MBEDTLS) || defined(ATCA_OPENSSL) || defined(ATCA_WOLFSSL) + RUN_TEST(test_atcac_aes128_gcm); + RUN_TEST(test_atcac_aes128_cmac); +#endif + +#ifdef ATCA_MBEDTLS + RUN_TEST(test_atcac_public); + /* Because it is not realistic to perform signature vector tests on real + systems the verify test is executed first to ensure verify is working + correctly which will then be used to bootstrap the sign test */ + RUN_TEST(test_atcac_verify_nist); + RUN_TEST(test_atcac_sign); + + RUN_TEST(test_atcac_derive_nist); +#endif + return UnityEnd(); } @@ -517,7 +532,6 @@ void test_atcac_aes128_gcm(void) for (test_index = 0; test_index < GCM_TEST_VECTORS_COUNT; test_index++) { - ////////////////////////////////////// Encryption ///////////////////////////////////////// status = atcac_aes_gcm_encrypt_start(&ctx, gcm_test_cases[test_index].key, 16, gcm_test_cases[test_index].iv, gcm_test_cases[test_index].iv_size); TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); @@ -560,11 +574,8 @@ void test_atcac_aes128_gcm(void) TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); //Add aad to gcm - if (gcm_test_cases[test_index].aad_size > 0) - { - status = atcac_aes_gcm_aad_update(&ctx, gcm_test_cases[test_index].aad, gcm_test_cases[test_index].aad_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - } + status = atcac_aes_gcm_aad_update(&ctx, gcm_test_cases[test_index].aad, gcm_test_cases[test_index].aad_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); //Encrypt data if (gcm_test_cases[test_index].text_size > 0) @@ -626,11 +637,8 @@ void test_atcac_aes128_gcm(void) TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); //Add aad to gcm -// if (gcm_test_cases[test_index].aad_size > 0) - { - status = atcac_aes_gcm_aad_update(&ctx, gcm_test_cases[test_index].aad, gcm_test_cases[test_index].aad_size); - TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); - } + status = atcac_aes_gcm_aad_update(&ctx, gcm_test_cases[test_index].aad, gcm_test_cases[test_index].aad_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); //Add ciphertext to gcm if (gcm_test_cases[test_index].text_size > 0) @@ -677,13 +685,6 @@ void test_atcac_aes128_cmac(void) } } } -#else -void test_atcac_aes128_gcm(void) -{ -}; -void test_atcac_aes128_cmac(void) -{ -}; #endif #define ATCA_SHA_DIGEST_SIZE 32 @@ -789,4 +790,166 @@ void test_atcac_sha256_hmac_nist(void) while (ret == ATCA_SUCCESS); #endif -} \ No newline at end of file +} + + +#if defined(ATCA_MBEDTLS) || defined(ATCA_OPENSSL) || defined(ATCA_WOLFSSL) +void test_atcac_verify_nist(void) +{ + uint8_t pubkey[64]; + uint8_t signature[64]; + uint8_t digest[32]; + atcac_pk_ctx pkey_ctx; + ATCA_STATUS status; + int i; + + /* Test verification using [P-256,SHA-256] vectors */ + for (i = 0; i < ecdsa_p256_test_vectors_count; i++) + { + /* Copy pubkey */ + memcpy(pubkey, ecdsa_p256_test_vectors[i].Qx, 32); + memcpy(&pubkey[32], ecdsa_p256_test_vectors[i].Qy, 32); + + /* Copy the signature */ + memcpy(signature, ecdsa_p256_test_vectors[i].R, 32); + memcpy(&signature[32], ecdsa_p256_test_vectors[i].S, 32); + + /* Hash the message */ + status = atcac_sw_sha2_256(&ecdsa_p256_test_vectors[i].Msg, sizeof(ecdsa_p256_test_vectors[i].Msg), digest); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + /* Initialize the key using the provided X,Y cordinantes */ + status = atcac_pk_init(&pkey_ctx, pubkey, sizeof(pubkey), 0, true); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + /* Perform the verification */ + status = atcac_pk_verify(&pkey_ctx, digest, sizeof(digest), signature, sizeof(signature)); + + /* Make sure to free the key before testing the result of the verify */ + atcac_pk_free(&pkey_ctx); + + /* Check verification result against the expected success/failure */ + if (ecdsa_p256_test_vectors[i].Result) + { + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + } + else + { + TEST_ASSERT_NOT_EQUAL(ATCA_SUCCESS, status); + } + } +} +#endif + +#ifdef ATCA_MBEDTLS +static uint8_t private_key_pem[] = + "-----BEGIN EC PRIVATE KEY-----\n" + "MHcCAQEEICFZhAyzqkUgyheo51bhg3mcp+qwfl+koE+Mhs/sRyzBoAoGCCqGSM49\n" + "AwEHoUQDQgAExAE2yqujppBzD0hIpdqdXmMgtlXT90QqllaQYWEVBjdf+LmY5DCf\n" + "Mx8PXEVxhbDmgo6HHbz0S4VaZjShBLMaPw==\n" + "-----END EC PRIVATE KEY-----\n"; + +static uint8_t public_key_pem[] = + "-----BEGIN PUBLIC KEY-----\n" + "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAExAE2yqujppBzD0hIpdqdXmMgtlXT\n" + "90QqllaQYWEVBjdf+LmY5DCfMx8PXEVxhbDmgo6HHbz0S4VaZjShBLMaPw==\n" + "-----END PUBLIC KEY-----\n"; + +static uint8_t public_key_bytes[64] = { + 0xc4, 0x01, 0x36, 0xca, 0xab, 0xa3, 0xa6, 0x90, 0x73, 0x0f, 0x48, 0x48, 0xa5, 0xda, 0x9d, 0x5e, + 0x63, 0x20, 0xb6, 0x55, 0xd3, 0xf7, 0x44, 0x2a, 0x96, 0x56, 0x90, 0x61, 0x61, 0x15, 0x06, 0x37, + 0x5f, 0xf8, 0xb9, 0x98, 0xe4, 0x30, 0x9f, 0x33, 0x1f, 0x0f, 0x5c, 0x45, 0x71, 0x85, 0xb0, 0xe6, + 0x82, 0x8e, 0x87, 0x1d, 0xbc, 0xf4, 0x4b, 0x85, 0x5a, 0x66, 0x34, 0xa1, 0x04, 0xb3, 0x1a, 0x3f +}; + +void test_atcac_public(void) +{ + atcac_pk_ctx priv_ctx; + uint8_t public_key[64]; + size_t public_key_size = 64; + ATCA_STATUS status; + + /* Test initialization of a private key with a pem encoded key (without password) */ + status = atcac_pk_init_pem(&priv_ctx, private_key_pem, sizeof(private_key_pem), false); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + status = atcac_pk_public(&priv_ctx, public_key, &public_key_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + TEST_ASSERT_EQUAL_MEMORY(public_key_bytes, public_key, 64); + + status = atcac_pk_free(&priv_ctx); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); +} + +void test_atcac_sign(void) +{ + atcac_pk_ctx sign_ctx; + atcac_pk_ctx verify_ctx; + uint8_t digest[32] = { 0x1A, 0x3A, 0xA5, 0x45, 0x04, 0x94, 0x53, 0xAF, + 0xDF, 0x17, 0xE9, 0x89, 0xA4, 0x1F, 0xA0, 0x97, + 0x94, 0xA5, 0x1B, 0xD5, 0xDB, 0x91, 0x36, 0x37, + 0x67, 0x55, 0x0C, 0x0F, 0x0A, 0xF3, 0x27, 0xD4 }; + uint8_t signature[128]; + size_t sig_size = sizeof(signature); + ATCA_STATUS status; + + memset(signature, 0, sig_size); + + /* Test initialization of a private key with a pem encoded key (without password) */ + status = atcac_pk_init_pem(&sign_ctx, private_key_pem, sizeof(private_key_pem), false); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + /* Test signing with the private key */ + status = atcac_pk_sign(&sign_ctx, digest, sizeof(digest), signature, &sig_size); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + /* Test initialization of a public key with a pem encoded key */ + status = atcac_pk_init_pem(&verify_ctx, public_key_pem, sizeof(public_key_pem), true); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + /* Test verification of the siguature */ + status = atcac_pk_verify(&verify_ctx, digest, sizeof(digest), &signature[sig_size - 64], 64); + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + + signature[10] ^= signature[10]; + + /* Test failure to validate a corrupted signature */ + status = atcac_pk_verify(&verify_ctx, digest, sizeof(digest), &signature[sig_size - 64], 64); + TEST_ASSERT_NOT_EQUAL(ATCA_SUCCESS, status); +} + +void test_atcac_derive_nist(void) +{ + ATCA_STATUS status; + atcac_pk_ctx pri_ctx; + atcac_pk_ctx pub_ctx; + uint8_t result[32]; + size_t result_size; + int i; + + /* Test verification using [P-256] vectors */ + for (i = 0; i < ecdh_p256_test_vectors_count; i++) + { + uint8_t pubkey[64]; + + memcpy(pubkey, ecdh_p256_test_vectors[i].QCAVSx, 32); + memcpy(&pubkey[32], ecdh_p256_test_vectors[i].QCAVSy, 32); + + (void)atcac_pk_init(&pub_ctx, pubkey, sizeof(pubkey), 0, true); + (void)atcac_pk_init(&pri_ctx, ecdh_p256_test_vectors[i].dIUT, 32, 0, false); + + result_size = sizeof(result); + status = atcac_pk_derive(&pri_ctx, &pub_ctx, result, &result_size); + + (void)atcac_pk_free(&pri_ctx); + (void)atcac_pk_free(&pub_ctx); + + /* Check Test Results */ + TEST_ASSERT_EQUAL(ATCA_SUCCESS, status); + TEST_ASSERT_EQUAL_MEMORY(ecdh_p256_test_vectors[i].ZIUT, result, 32); + } +} + + +#endif diff --git a/test/atca_crypto_sw_tests.h b/test/atca_crypto_sw_tests.h index 56a929767..603489051 100644 --- a/test/atca_crypto_sw_tests.h +++ b/test/atca_crypto_sw_tests.h @@ -50,4 +50,10 @@ void test_atcac_aes128_cmac(void); void test_atcac_sha256_hmac(void); void test_atcac_sha256_hmac_nist(void); +void test_atcac_verify_nist(void); +void test_atcac_public(void); +void test_atcac_sign(void); +void test_atcac_derive_nist(void); + + #endif \ No newline at end of file diff --git a/test/atca_test.c b/test/atca_test.c index ecf61bf31..ae028388c 100644 --- a/test/atca_test.c +++ b/test/atca_test.c @@ -113,7 +113,9 @@ t_test_case_info* basic_tests[] = aes_cbc_basic_test_info, aes_cmac_basic_test_info, aes_ctr_basic_test_info, + aes_cbcmac_basic_test_info, aes_gcm_basic_test_info, + aes_ccm_basic_test_info, verify_basic_test_info, derivekey_basic_test_info, sha_basic_test_info, diff --git a/test/atca_test.h b/test/atca_test.h index 71ce23124..72c7a05ed 100644 --- a/test/atca_test.h +++ b/test/atca_test.h @@ -97,7 +97,9 @@ extern t_test_case_info aes_basic_test_info[]; extern t_test_case_info aes_cbc_basic_test_info[]; extern t_test_case_info aes_cmac_basic_test_info[]; extern t_test_case_info aes_ctr_basic_test_info[]; +extern t_test_case_info aes_cbcmac_basic_test_info[]; extern t_test_case_info aes_gcm_basic_test_info[]; +extern t_test_case_info aes_ccm_basic_test_info[]; extern t_test_case_info verify_basic_test_info[]; extern t_test_case_info derivekey_basic_test_info[]; extern t_test_case_info sha_basic_test_info[]; diff --git a/test/atca_test_config.c b/test/atca_test_config.c index 33e20b476..61bbbb970 100644 --- a/test/atca_test_config.c +++ b/test/atca_test_config.c @@ -211,6 +211,11 @@ static int opt_iface_type(int argc, char* argv[]) if (0 == strcmp("i2c", argv[2])) { gCfg->atcahid.dev_interface = ATCA_KIT_I2C_IFACE; + if (argc >= 4 && argv[3][0] != '-') + { + uint32_t val = strtol(argv[3], NULL, 16); + gCfg->atcahid.dev_identity = (uint8_t)val; + } } else if (0 == strcmp("swi", argv[2])) { diff --git a/test/vectors/aes_cmac_nist_vectors.c b/test/vectors/aes_cmac_nist_vectors.c index 054354c0d..51f68a610 100644 --- a/test/vectors/aes_cmac_nist_vectors.c +++ b/test/vectors/aes_cmac_nist_vectors.c @@ -1,5 +1,29 @@ - - +/** + * \file + * \brief Embedded NIST vectors for the AES-CMAC algorithm + * + * \copyright (c) 2020-2020 Microchip Technology Inc. and its subsidiaries. + * + * \page License + * + * Subject to your compliance with these terms, you may use Microchip software + * and any derivatives exclusively with Microchip products. It is your + * responsibility to comply with third party license terms applicable to your + * use of third party software (including open source software) that may + * accompany Microchip software. + * + * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER + * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED + * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A + * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, + * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE + * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF + * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE + * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL + * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED + * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR + * THIS SOFTWARE. + */ #include "aes_cmac_nist_vectors.h" diff --git a/test/vectors/aes_cmac_nist_vectors.h b/test/vectors/aes_cmac_nist_vectors.h index 80b86f02b..943503908 100644 --- a/test/vectors/aes_cmac_nist_vectors.h +++ b/test/vectors/aes_cmac_nist_vectors.h @@ -1,4 +1,29 @@ - +/** + * \file + * \brief Embedded NIST vectors for the AES-CMAC algorithm + * + * \copyright (c) 2020-2020 Microchip Technology Inc. and its subsidiaries. + * + * \page License + * + * Subject to your compliance with these terms, you may use Microchip software + * and any derivatives exclusively with Microchip products. It is your + * responsibility to comply with third party license terms applicable to your + * use of third party software (including open source software) that may + * accompany Microchip software. + * + * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER + * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED + * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A + * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, + * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE + * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF + * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE + * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL + * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED + * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR + * THIS SOFTWARE. + */ #ifndef AES_CMAC_NIST_VECTORS_H #define AES_CMAC_NIST_VECTORS_H diff --git a/test/vectors/aes_gcm_nist_vectors.c b/test/vectors/aes_gcm_nist_vectors.c index 744315d0b..317ab80dd 100644 --- a/test/vectors/aes_gcm_nist_vectors.c +++ b/test/vectors/aes_gcm_nist_vectors.c @@ -1,4 +1,29 @@ - +/** + * \file + * \brief Embedded NIST vectors for the AES-GCM algorithm + * + * \copyright (c) 2020-2020 Microchip Technology Inc. and its subsidiaries. + * + * \page License + * + * Subject to your compliance with these terms, you may use Microchip software + * and any derivatives exclusively with Microchip products. It is your + * responsibility to comply with third party license terms applicable to your + * use of third party software (including open source software) that may + * accompany Microchip software. + * + * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER + * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED + * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A + * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, + * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE + * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF + * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE + * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL + * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED + * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR + * THIS SOFTWARE. + */ #include "aes_gcm_nist_vectors.h" diff --git a/test/vectors/ecdh_nist_vectors.c b/test/vectors/ecdh_nist_vectors.c new file mode 100644 index 000000000..cc24c4eed --- /dev/null +++ b/test/vectors/ecdh_nist_vectors.c @@ -0,0 +1,188 @@ +/** + * \file + * \brief Embedded NIST vectors for the ECDH algorithm + * + * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. + * + * \page License + * + * Subject to your compliance with these terms, you may use Microchip software + * and any derivatives exclusively with Microchip products. It is your + * responsibility to comply with third party license terms applicable to your + * use of third party software (including open source software) that may + * accompany Microchip software. + * + * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER + * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED + * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A + * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, + * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE + * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF + * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE + * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL + * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED + * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR + * THIS SOFTWARE. + */ + +#include "cryptoauthlib.h" +#include "ecdh_nist_vectors.h" + +const ecdh_p256_test_vector ecdh_p256_test_vectors[] = { + { + { 0x70, 0x0c, 0x48, 0xf7, 0x7f, 0x56, 0x58, 0x4c, 0x5c, 0xc6, 0x32, 0xca, 0x65, 0x64, 0x0d, 0xb9, + 0x1b, 0x6b, 0xac, 0xce, 0x3a, 0x4d, 0xf6, 0xb4, 0x2c, 0xe7, 0xcc, 0x83, 0x88, 0x33, 0xd2, 0x87 }, + { 0xdb, 0x71, 0xe5, 0x09, 0xe3, 0xfd, 0x9b, 0x06, 0x0d, 0xdb, 0x20, 0xba, 0x5c, 0x51, 0xdc, 0xc5, + 0x94, 0x8d, 0x46, 0xfb, 0xf6, 0x40, 0xdf, 0xe0, 0x44, 0x17, 0x82, 0xca, 0xb8, 0x5f, 0xa4, 0xac }, + { 0x7d, 0x7d, 0xc5, 0xf7, 0x1e, 0xb2, 0x9d, 0xda, 0xf8, 0x0d, 0x62, 0x14, 0x63, 0x2e, 0xea, 0xe0, + 0x3d, 0x90, 0x58, 0xaf, 0x1f, 0xb6, 0xd2, 0x2e, 0xd8, 0x0b, 0xad, 0xb6, 0x2b, 0xc1, 0xa5, 0x34 }, + { 0x46, 0xfc, 0x62, 0x10, 0x64, 0x20, 0xff, 0x01, 0x2e, 0x54, 0xa4, 0x34, 0xfb, 0xdd, 0x2d, 0x25, + 0xcc, 0xc5, 0x85, 0x20, 0x60, 0x56, 0x1e, 0x68, 0x04, 0x0d, 0xd7, 0x77, 0x89, 0x97, 0xbd, 0x7b }, + }, + { + { 0x80, 0x9f, 0x04, 0x28, 0x9c, 0x64, 0x34, 0x8c, 0x01, 0x51, 0x5e, 0xb0, 0x3d, 0x5c, 0xe7, 0xac,0x1a, 0x8c, 0xb9, 0x49, 0x8f, 0x5c, 0xaa, 0x50, 0x19, 0x7e, 0x58, 0xd4, 0x3a, 0x86, 0xa7, 0xae, }, + { 0xb2, 0x9d, 0x84, 0xe8, 0x11, 0x19, 0x7f, 0x25, 0xeb, 0xa8, 0xf5, 0x19, 0x40, 0x92, 0xcb, 0x6f,0xf4, 0x40, 0xe2, 0x6d, 0x44, 0x21, 0x01, 0x13, 0x72, 0x46, 0x1f, 0x57, 0x92, 0x71, 0xcd, 0xa3, }, + { 0x38, 0xf6, 0x5d, 0x6d, 0xce, 0x47, 0x67, 0x60, 0x44, 0xd5, 0x8c, 0xe5, 0x13, 0x95, 0x82, 0xd5,0x68, 0xf6, 0x4b, 0xb1, 0x60, 0x98, 0xd1, 0x79, 0xdb, 0xab, 0x07, 0x74, 0x1d, 0xd5, 0xca, 0xf5, }, + { 0x05, 0x7d, 0x63, 0x60, 0x96, 0xcb, 0x80, 0xb6, 0x7a, 0x8c, 0x03, 0x8c, 0x89, 0x0e, 0x88, 0x7d,0x1a, 0xdf, 0xa4, 0x19, 0x5e, 0x9b, 0x3c, 0xe2, 0x41, 0xc8, 0xa7, 0x78, 0xc5, 0x9c, 0xda, 0x67, } + }, + { + { 0xa2, 0x33, 0x9c, 0x12, 0xd4, 0xa0, 0x3c, 0x33, 0x54, 0x6d, 0xe5, 0x33, 0x26, 0x8b, 0x4a, 0xd6,0x67, 0xde, 0xbf, 0x45, 0x8b, 0x46, 0x4d, 0x77, 0x44, 0x36, 0x36, 0x44, 0x0e, 0xe7, 0xfe, 0xc3, }, + { 0xef, 0x48, 0xa3, 0xab, 0x26, 0xe2, 0x02, 0x20, 0xbc, 0xda, 0x2c, 0x18, 0x51, 0x07, 0x68, 0x39,0xda, 0xe8, 0x8e, 0xae, 0x96, 0x28, 0x69, 0xa4, 0x97, 0xbf, 0x73, 0xcb, 0x66, 0xfa, 0xf5, 0x36, }, + { 0x1a, 0xcc, 0xfa, 0xf1, 0xb9, 0x77, 0x12, 0xb8, 0x5a, 0x6f, 0x54, 0xb1, 0x48, 0x98, 0x5a, 0x1b,0xdc, 0x4c, 0x9b, 0xec, 0x0b, 0xd2, 0x58, 0xca, 0xd4, 0xb3, 0xd6, 0x03, 0xf4, 0x9f, 0x32, 0xc8, }, + { 0x2d, 0x45, 0x7b, 0x78, 0xb4, 0x61, 0x41, 0x32, 0x47, 0x76, 0x18, 0xa5, 0xb0, 0x77, 0x96, 0x5e,0xc9, 0x07, 0x30, 0xa8, 0xc8, 0x1a, 0x1c, 0x75, 0xd6, 0xd4, 0xec, 0x68, 0x00, 0x5d, 0x67, 0xec, }, + }, + { + { 0xdf, 0x39, 0x89, 0xb9, 0xfa, 0x55, 0x49, 0x57, 0x19, 0xb3, 0xcf, 0x46, 0xdc, 0xcd, 0x28, 0xb5,0x15, 0x3f, 0x78, 0x08, 0x19, 0x1d, 0xd5, 0x18, 0xef, 0xf0, 0xc3, 0xcf, 0xf2, 0xb7, 0x05, 0xed, }, + { 0x42, 0x22, 0x94, 0xff, 0x46, 0x00, 0x34, 0x29, 0xd7, 0x39, 0xa3, 0x32, 0x06, 0xc8, 0x75, 0x25,0x52, 0xc8, 0xba, 0x54, 0xa2, 0x70, 0xde, 0xfc, 0x06, 0xe2, 0x21, 0xe0, 0xfe, 0xaf, 0x6a, 0xc4, }, + { 0x20, 0x7c, 0x43, 0xa7, 0x9b, 0xfe, 0xe0, 0x3d, 0xb6, 0xf4, 0xb9, 0x44, 0xf5, 0x3d, 0x2f, 0xb7,0x6c, 0xc4, 0x9e, 0xf1, 0xc9, 0xc4, 0xd3, 0x4d, 0x51, 0xb6, 0xc6, 0x5c, 0x4d, 0xb6, 0x93, 0x2d, }, + { 0x96, 0x44, 0x12, 0x59, 0x53, 0x4b, 0x80, 0xf6, 0xae, 0xe3, 0xd2, 0x87, 0xa6, 0xbb, 0x17, 0xb5,0x09, 0x4d, 0xd4, 0x27, 0x7d, 0x9e, 0x29, 0x4f, 0x8f, 0xe7, 0x3e, 0x48, 0xbf, 0x2a, 0x00, 0x24, }, + }, + { + { 0x41, 0x19, 0x2d, 0x28, 0x13, 0xe7, 0x95, 0x61, 0xe6, 0xa1, 0xd6, 0xf5, 0x3c, 0x8b, 0xc1, 0xa4,0x33, 0xa1, 0x99, 0xc8, 0x35, 0xe1, 0x41, 0xb0, 0x5a, 0x74, 0xa9, 0x7b, 0x0f, 0xae, 0xb9, 0x22, }, + { 0x1a, 0xf9, 0x8c, 0xc4, 0x5e, 0x98, 0xa7, 0xe0, 0x41, 0xb0, 0x1c, 0xf3, 0x5f, 0x46, 0x2b, 0x75,0x62, 0x28, 0x13, 0x51, 0xc8, 0xeb, 0xf3, 0xff, 0xa0, 0x2e, 0x33, 0xa0, 0x72, 0x2a, 0x13, 0x28, }, + { 0x59, 0x13, 0x7e, 0x38, 0x15, 0x23, 0x50, 0xb1, 0x95, 0xc9, 0x71, 0x8d, 0x39, 0x67, 0x3d, 0x51,0x98, 0x38, 0x05, 0x5a, 0xd9, 0x08, 0xdd, 0x47, 0x57, 0x15, 0x2f, 0xd8, 0x25, 0x5c, 0x09, 0xbf, }, + { 0x19, 0xd4, 0x4c, 0x8d, 0x63, 0xe8, 0xe8, 0xdd, 0x12, 0xc2, 0x2a, 0x87, 0xb8, 0xcd, 0x4e, 0xce,0x27, 0xac, 0xdd, 0xe0, 0x4d, 0xbf, 0x47, 0xf7, 0xf2, 0x75, 0x37, 0xa6, 0x99, 0x9a, 0x8e, 0x62, }, + }, + { + { 0x33, 0xe8, 0x20, 0x92, 0xa0, 0xf1, 0xfb, 0x38, 0xf5, 0x64, 0x9d, 0x58, 0x67, 0xfb, 0xa2, 0x8b,0x50, 0x31, 0x72, 0xb7, 0x03, 0x55, 0x74, 0xbf, 0x8e, 0x5b, 0x71, 0x00, 0xa3, 0x05, 0x27, 0x92, }, + { 0xf2, 0xcf, 0x6b, 0x60, 0x1e, 0x0a, 0x05, 0x94, 0x5e, 0x33, 0x55, 0x50, 0xbf, 0x64, 0x8d, 0x78,0x2f, 0x46, 0x18, 0x6c, 0x77, 0x2c, 0x0f, 0x20, 0xd3, 0xcd, 0x0d, 0x6b, 0x8c, 0xa1, 0x4b, 0x2f, }, + { 0xf5, 0xf8, 0xe0, 0x17, 0x46, 0x10, 0xa6, 0x61, 0x27, 0x79, 0x79, 0xb5, 0x8c, 0xe5, 0xc9, 0x0f,0xee, 0x6c, 0x9b, 0x3b, 0xb3, 0x46, 0xa9, 0x0a, 0x71, 0x96, 0x25, 0x5e, 0x40, 0xb1, 0x32, 0xef, }, + { 0x66, 0x4e, 0x45, 0xd5, 0xbb, 0xa4, 0xac, 0x93, 0x1c, 0xd6, 0x5d, 0x52, 0x01, 0x7e, 0x4b, 0xe9,0xb1, 0x9a, 0x51, 0x5f, 0x66, 0x9b, 0xea, 0x47, 0x03, 0x54, 0x2a, 0x2c, 0x52, 0x5c, 0xd3, 0xd3, }, + }, + { + { 0x6a, 0x9e, 0x0c, 0x3f, 0x91, 0x6e, 0x4e, 0x31, 0x5c, 0x91, 0x14, 0x7b, 0xe5, 0x71, 0x68, 0x6d,0x90, 0x46, 0x4e, 0x8b, 0xf9, 0x81, 0xd3, 0x4a, 0x90, 0xb6, 0x35, 0x3b, 0xca, 0x6e, 0xeb, 0xa7, }, + { 0x40, 0xf9, 0xbe, 0xad, 0x39, 0xc2, 0xf2, 0xbc, 0xc2, 0x60, 0x2f, 0x75, 0xb8, 0xa7, 0x3e, 0xc7,0xbd, 0xff, 0xcb, 0xce, 0xad, 0x15, 0x9d, 0x01, 0x74, 0xc6, 0xc4, 0xd3, 0xc5, 0x35, 0x7f, 0x05, }, + { 0x3b, 0x58, 0x9a, 0xf7, 0xdb, 0x03, 0x45, 0x9c, 0x23, 0x06, 0x8b, 0x64, 0xf6, 0x3f, 0x28, 0xd3,0xc3, 0xc6, 0xbc, 0x25, 0xb5, 0xbf, 0x76, 0xac, 0x05, 0xf3, 0x54, 0x82, 0x88, 0x8b, 0x51, 0x90, }, + { 0xca, 0x34, 0x2d, 0xaa, 0x50, 0xdc, 0x09, 0xd6, 0x1b, 0xe7, 0xc1, 0x96, 0xc8, 0x5e, 0x60, 0xa8,0x0c, 0x5c, 0xb0, 0x49, 0x31, 0x74, 0x68, 0x20, 0xbe, 0x54, 0x8c, 0xdd, 0xe0, 0x55, 0x67, 0x9d, }, + }, + { + { 0xa9, 0xc0, 0xac, 0xad, 0xe5, 0x5c, 0x2a, 0x73, 0xea, 0xd1, 0xa8, 0x6f, 0xb0, 0xa9, 0x71, 0x32,0x23, 0xc8, 0x24, 0x75, 0x79, 0x1c, 0xd0, 0xe2, 0x10, 0xb0, 0x46, 0x41, 0x2c, 0xe2, 0x24, 0xbb, }, + { 0xf6, 0xde, 0x0a, 0xfa, 0x20, 0xe9, 0x3e, 0x07, 0x84, 0x67, 0xc0, 0x53, 0xd2, 0x41, 0x90, 0x3e,0xda, 0xd7, 0x34, 0xc6, 0xb4, 0x03, 0xba, 0x75, 0x8c, 0x2b, 0x5f, 0xf0, 0x4c, 0x9d, 0x42, 0x29, }, + { 0xd8, 0xbf, 0x92, 0x9a, 0x20, 0xea, 0x74, 0x36, 0xb2, 0x46, 0x1b, 0x54, 0x1a, 0x11, 0xc8, 0x0e,0x61, 0xd8, 0x26, 0xc0, 0xa4, 0xc9, 0xd3, 0x22, 0xb3, 0x1d, 0xd5, 0x4e, 0x7f, 0x58, 0xb9, 0xc8, }, + { 0x35, 0xaa, 0x9b, 0x52, 0x53, 0x6a, 0x46, 0x1b, 0xfd, 0xe4, 0xe8, 0x5f, 0xc7, 0x56, 0xbe, 0x92,0x8c, 0x7d, 0xe9, 0x79, 0x23, 0xf0, 0x41, 0x6c, 0x7a, 0x3a, 0xc8, 0xf8, 0x8b, 0x3d, 0x44, 0x89, }, + }, + { + { 0x94, 0xe9, 0x4f, 0x16, 0xa9, 0x82, 0x55, 0xff, 0xf2, 0xb9, 0xac, 0x0c, 0x95, 0x98, 0xaa, 0xc3,0x54, 0x87, 0xb3, 0x23, 0x2d, 0x32, 0x31, 0xbd, 0x93, 0xb7, 0xdb, 0x7d, 0xf3, 0x6f, 0x9e, 0xb9, }, + { 0xd8, 0x04, 0x9a, 0x43, 0x57, 0x9c, 0xfa, 0x90, 0xb8, 0x09, 0x3a, 0x94, 0x41, 0x6c, 0xbe, 0xfb,0xf9, 0x33, 0x86, 0xf1, 0x5b, 0x3f, 0x6e, 0x19, 0x0b, 0x6e, 0x34, 0x55, 0xfe, 0xdf, 0xe6, 0x9a, }, + { 0x0f, 0x98, 0x83, 0xba, 0x0e, 0xf3, 0x2e, 0xe7, 0x5d, 0xed, 0x0d, 0x8b, 0xda, 0x39, 0xa5, 0x14,0x6a, 0x29, 0xf1, 0xf2, 0x50, 0x7b, 0x3b, 0xd4, 0x58, 0xdb, 0xea, 0x0b, 0x2b, 0xb0, 0x5b, 0x4d, }, + { 0x60, 0x5c, 0x16, 0x17, 0x8a, 0x9b, 0xc8, 0x75, 0xdc, 0xbf, 0xf5, 0x4d, 0x63, 0xfe, 0x00, 0xdf,0x69, 0x9c, 0x03, 0xe8, 0xa8, 0x88, 0xe9, 0xe9, 0x4d, 0xfb, 0xab, 0x90, 0xb2, 0x5f, 0x39, 0xb4, }, + }, + { + { 0xe0, 0x99, 0xbf, 0x2a, 0x4d, 0x55, 0x74, 0x60, 0xb5, 0x54, 0x44, 0x30, 0xbb, 0xf6, 0xda, 0x11,0x00, 0x4d, 0x12, 0x7c, 0xb5, 0xd6, 0x7f, 0x64, 0xab, 0x07, 0xc9, 0x4f, 0xcd, 0xf5, 0x27, 0x4f, }, + { 0xd9, 0xc5, 0x0d, 0xbe, 0x70, 0xd7, 0x14, 0xed, 0xb5, 0xe2, 0x21, 0xf4, 0xe0, 0x20, 0x61, 0x0e,0xeb, 0x62, 0x70, 0x51, 0x7e, 0x68, 0x8c, 0xa6, 0x4f, 0xb0, 0xe9, 0x8c, 0x7e, 0xf8, 0xc1, 0xc5, }, + { 0x2b, 0xee, 0xdb, 0x04, 0xb0, 0x5c, 0x69, 0x88, 0xf6, 0xa6, 0x75, 0x00, 0xbb, 0x81, 0x3f, 0xaf,0x2c, 0xae, 0x0d, 0x58, 0x0c, 0x92, 0x53, 0xb6, 0x33, 0x9e, 0x4a, 0x33, 0x37, 0xbb, 0x6c, 0x08, }, + { 0xf9, 0x6e, 0x40, 0xa1, 0xb7, 0x28, 0x40, 0x85, 0x4b, 0xb6, 0x2b, 0xc1, 0x3c, 0x40, 0xcc, 0x27,0x95, 0xe3, 0x73, 0xd4, 0xe7, 0x15, 0x98, 0x0b, 0x26, 0x14, 0x76, 0x83, 0x5a, 0x09, 0x2e, 0x0b, }, + }, + { + { 0xf7, 0x5a, 0x5f, 0xe5, 0x6b, 0xda, 0x34, 0xf3, 0xc1, 0x39, 0x62, 0x96, 0x62, 0x6e, 0xf0, 0x12,0xdc, 0x07, 0xe4, 0x82, 0x58, 0x38, 0x77, 0x8a, 0x64, 0x5c, 0x82, 0x48, 0xcf, 0xf0, 0x16, 0x58, }, + { 0x33, 0xbb, 0xdf, 0x1b, 0x17, 0x72, 0xd8, 0x05, 0x9d, 0xf5, 0x68, 0xb0, 0x61, 0xf3, 0xf1, 0x12,0x2f, 0x28, 0xa8, 0xd8, 0x19, 0x16, 0x7c, 0x97, 0xbe, 0x44, 0x8e, 0x3d, 0xc3, 0xfb, 0x0c, 0x3c, }, + { 0x77, 0xc1, 0x5d, 0xcf, 0x44, 0x61, 0x0e, 0x41, 0x69, 0x6b, 0xab, 0x75, 0x89, 0x43, 0xef, 0xf1,0x40, 0x93, 0x33, 0xe4, 0xd5, 0xa1, 0x1b, 0xbe, 0x72, 0xc8, 0xf6, 0xc3, 0x95, 0xe9, 0xf8, 0x48, }, + { 0x83, 0x88, 0xfa, 0x79, 0xc4, 0xba, 0xbd, 0xca, 0x02, 0xa8, 0xe8, 0xa3, 0x4f, 0x9e, 0x43, 0x55,0x49, 0x76, 0xe4, 0x20, 0xa4, 0xad, 0x27, 0x3c, 0x81, 0xb2, 0x6e, 0x42, 0x28, 0xe9, 0xd3, 0xa3, }, + }, + { + { 0x2d, 0xb4, 0x54, 0x0d, 0x50, 0x23, 0x07, 0x56, 0x15, 0x8a, 0xbf, 0x61, 0xd9, 0x83, 0x57, 0x12,0xb6, 0x48, 0x6c, 0x74, 0x31, 0x21, 0x83, 0xcc, 0xef, 0xca, 0xef, 0x27, 0x97, 0xb7, 0x67, 0x4d, }, + { 0x62, 0xf5, 0x7f, 0x31, 0x4e, 0x3f, 0x34, 0x95, 0xdc, 0x4e, 0x09, 0x90, 0x12, 0xf5, 0xe0, 0xba,0x71, 0x77, 0x0f, 0x96, 0x60, 0xa1, 0xea, 0xda, 0x54, 0x10, 0x4c, 0xdf, 0xde, 0x77, 0x24, 0x3e, }, + { 0x42, 0xa8, 0x3b, 0x98, 0x50, 0x11, 0xd1, 0x23, 0x03, 0xdb, 0x1a, 0x80, 0x0f, 0x26, 0x10, 0xf7,0x4a, 0xa7, 0x1c, 0xdf, 0x19, 0xc6, 0x7d, 0x54, 0xce, 0x6c, 0x9e, 0xd9, 0x51, 0xe9, 0x09, 0x3e, }, + { 0x72, 0x87, 0x7c, 0xea, 0x33, 0xcc, 0xc4, 0x71, 0x50, 0x38, 0xd4, 0xbc, 0xbd, 0xfe, 0x0e, 0x43,0xf4, 0x2a, 0x9e, 0x2c, 0x0c, 0x3b, 0x01, 0x7f, 0xc2, 0x37, 0x0f, 0x4b, 0x9a, 0xcb, 0xda, 0x4a, }, + }, + { + { 0xcd, 0x94, 0xfc, 0x94, 0x97, 0xe8, 0x99, 0x07, 0x50, 0x30, 0x9e, 0x9a, 0x85, 0x34, 0xfd, 0x11,0x4b, 0x0a, 0x6e, 0x54, 0xda, 0x89, 0xc4, 0x79, 0x61, 0x01, 0x89, 0x70, 0x41, 0xd1, 0x4e, 0xcb, }, + { 0xc3, 0xde, 0xf4, 0xb5, 0xfe, 0x04, 0xfa, 0xee, 0x0a, 0x11, 0x93, 0x22, 0x29, 0xff, 0xf5, 0x63,0x63, 0x7b, 0xfd, 0xee, 0x0e, 0x79, 0xc6, 0xde, 0xea, 0xf4, 0x49, 0xf8, 0x54, 0x01, 0xc5, 0xc4, }, + { 0xce, 0xed, 0x35, 0x50, 0x7b, 0x5c, 0x93, 0xea, 0xd5, 0x98, 0x91, 0x19, 0xb9, 0xba, 0x34, 0x2c,0xfe, 0x38, 0xe6, 0xe6, 0x38, 0xba, 0x6e, 0xea, 0x34, 0x3a, 0x55, 0x47, 0x5d, 0xe2, 0x80, 0x0b, }, + { 0xe4, 0xe7, 0x40, 0x8d, 0x85, 0xff, 0x0e, 0x0e, 0x9c, 0x83, 0x80, 0x03, 0xf2, 0x8c, 0xdb, 0xd5,0x24, 0x7c, 0xdc, 0xe3, 0x1f, 0x32, 0xf6, 0x24, 0x94, 0xb7, 0x0e, 0x5f, 0x1b, 0xc3, 0x63, 0x07, }, + }, + { + { 0x15, 0xb9, 0xe4, 0x67, 0xaf, 0x4d, 0x29, 0x0c, 0x41, 0x74, 0x02, 0xe0, 0x40, 0x42, 0x6f, 0xe4,0xcf, 0x23, 0x6b, 0xae, 0x72, 0xba, 0xa3, 0x92, 0xed, 0x89, 0x78, 0x0d, 0xfc, 0xcd, 0xb4, 0x71, }, + { 0xcd, 0xf4, 0xe9, 0x17, 0x0f, 0xb9, 0x04, 0x30, 0x2b, 0x8f, 0xd9, 0x3a, 0x82, 0x0b, 0xa8, 0xcc,0x7e, 0xd4, 0xef, 0xd3, 0xa6, 0xf2, 0xd6, 0xb0, 0x5b, 0x80, 0xb2, 0xff, 0x2a, 0xee, 0x4e, 0x77, }, + { 0x43, 0xe0, 0xe9, 0xd9, 0x5a, 0xf4, 0xdc, 0x36, 0x48, 0x3c, 0xdd, 0x19, 0x68, 0xd2, 0xb7, 0xee,0xb8, 0x61, 0x1f, 0xcc, 0xe7, 0x7f, 0x3a, 0x4e, 0x7d, 0x05, 0x9a, 0xe4, 0x3e, 0x50, 0x96, 0x04, }, + { 0xed, 0x56, 0xbc, 0xf6, 0x95, 0xb7, 0x34, 0x14, 0x2c, 0x24, 0xec, 0xb1, 0xfc, 0x1b, 0xb6, 0x4d,0x08, 0xf1, 0x75, 0xeb, 0x24, 0x3a, 0x31, 0xf3, 0x7b, 0x3d, 0x9b, 0xb4, 0x40, 0x7f, 0x3b, 0x96, }, + }, + { + { 0x49, 0xc5, 0x03, 0xba, 0x6c, 0x4f, 0xa6, 0x05, 0x18, 0x2e, 0x18, 0x6b, 0x5e, 0x81, 0x11, 0x3f,0x07, 0x5b, 0xc1, 0x1d, 0xcf, 0xd5, 0x1c, 0x93, 0x2f, 0xb2, 0x1e, 0x95, 0x1e, 0xee, 0x2f, 0xa1, }, + { 0x8a, 0xf7, 0x06, 0xff, 0x09, 0x22, 0xd8, 0x7b, 0x3f, 0x0c, 0x5e, 0x4e, 0x31, 0xd8, 0xb2, 0x59,0xae, 0xb2, 0x60, 0xa9, 0x26, 0x96, 0x43, 0xed, 0x52, 0x0a, 0x13, 0xbb, 0x25, 0xda, 0x59, 0x24, }, + { 0xb2, 0xf3, 0x60, 0x0d, 0xf3, 0x36, 0x8e, 0xf8, 0xa0, 0xbb, 0x85, 0xab, 0x22, 0xf4, 0x1f, 0xc0,0xe5, 0xf4, 0xfd, 0xd5, 0x4b, 0xe8, 0x16, 0x7a, 0x5c, 0x3c, 0xd4, 0xb0, 0x8d, 0xb0, 0x49, 0x03, }, + { 0xbc, 0x5c, 0x70, 0x55, 0x08, 0x9f, 0xc9, 0xd6, 0xc8, 0x9f, 0x83, 0xc1, 0xea, 0x1a, 0xda, 0x87,0x9d, 0x99, 0x34, 0xb2, 0xea, 0x28, 0xfc, 0xf4, 0xe4, 0xa7, 0xe9, 0x84, 0xb2, 0x8a, 0xd2, 0xcf, }, + }, + { + { 0x19, 0xb3, 0x8d, 0xe3, 0x9f, 0xdd, 0x2f, 0x70, 0xf7, 0x09, 0x16, 0x31, 0xa4, 0xf7, 0x5d, 0x19,0x93, 0x74, 0x0b, 0xa9, 0x42, 0x91, 0x62, 0xc2, 0xa4, 0x53, 0x12, 0x40, 0x16, 0x36, 0xb2, 0x9c, }, + { 0x09, 0xae, 0xd7, 0x23, 0x2b, 0x28, 0xe0, 0x60, 0x94, 0x17, 0x41, 0xb6, 0x82, 0x8b, 0xcd, 0xfa,0x2b, 0xc4, 0x9c, 0xc8, 0x44, 0xf3, 0x77, 0x36, 0x11, 0x50, 0x4f, 0x82, 0xa3, 0x90, 0xa5, 0xae, }, + { 0x40, 0x02, 0x53, 0x43, 0x07, 0xf8, 0xb6, 0x2a, 0x9b, 0xf6, 0x7f, 0xf6, 0x41, 0xdd, 0xc6, 0x0f,0xef, 0x59, 0x3b, 0x17, 0xc3, 0x34, 0x12, 0x39, 0xe9, 0x5b, 0xdb, 0x3e, 0x57, 0x9b, 0xfd, 0xc8, }, + { 0x9a, 0x4e, 0x8e, 0x65, 0x7f, 0x6b, 0x0e, 0x09, 0x7f, 0x47, 0x95, 0x4a, 0x63, 0xc7, 0x5d, 0x74,0xfc, 0xba, 0x71, 0xa3, 0x0d, 0x83, 0x65, 0x1e, 0x3e, 0x5a, 0x91, 0xaa, 0x7c, 0xcd, 0x83, 0x43, }, + }, + { + { 0x2c, 0x91, 0xc6, 0x1f, 0x33, 0xad, 0xfe, 0x93, 0x11, 0xc9, 0x42, 0xfd, 0xbf, 0xf6, 0xba, 0x47,0x02, 0x0f, 0xef, 0xf4, 0x16, 0xb7, 0xbb, 0x63, 0xce, 0xc1, 0x3f, 0xaf, 0x9b, 0x09, 0x99, 0x54, }, + { 0x6c, 0xab, 0x31, 0xb0, 0x64, 0x19, 0xe5, 0x22, 0x1f, 0xca, 0x01, 0x4f, 0xb8, 0x4e, 0xc8, 0x70,0x62, 0x2a, 0x1b, 0x12, 0xba, 0xb5, 0xae, 0x43, 0x68, 0x2a, 0xa7, 0xea, 0x73, 0xea, 0x08, 0xd0, }, + { 0x4d, 0xfa, 0x12, 0xde, 0xfc, 0x60, 0x31, 0x90, 0x21, 0xb6, 0x81, 0xb3, 0xff, 0x84, 0xa1, 0x0a,0x51, 0x19, 0x58, 0xc8, 0x50, 0x93, 0x9e, 0xd4, 0x56, 0x35, 0x93, 0x4b, 0xa4, 0x97, 0x91, 0x47, }, + { 0x3c, 0xa1, 0xfc, 0x7a, 0xd8, 0x58, 0xfb, 0x1a, 0x6a, 0xba, 0x23, 0x25, 0x42, 0xf3, 0xe2, 0xa7,0x49, 0xff, 0xc7, 0x20, 0x3a, 0x23, 0x74, 0xa3, 0xf3, 0xd3, 0x26, 0x7f, 0x1f, 0xc9, 0x7b, 0x78, }, + }, + { + { 0xa2, 0x8a, 0x2e, 0xdf, 0x58, 0x02, 0x56, 0x68, 0xf7, 0x24, 0xaa, 0xf8, 0x3a, 0x50, 0x95, 0x6b,0x7a, 0xc1, 0xcf, 0xbb, 0xff, 0x79, 0xb0, 0x8c, 0x3b, 0xf8, 0x7d, 0xfd, 0x28, 0x28, 0xd7, 0x67, }, + { 0xdf, 0xa7, 0xbf, 0xff, 0xd4, 0xc7, 0x66, 0xb8, 0x6a, 0xbe, 0xaf, 0x5c, 0x99, 0xb6, 0xe5, 0x0c,0xb9, 0xcc, 0xc9, 0xd9, 0xd0, 0x0b, 0x7f, 0xfc, 0x78, 0x04, 0xb0, 0x49, 0x1b, 0x67, 0xbc, 0x03, }, + { 0x13, 0x31, 0xf6, 0xd8, 0x74, 0xa4, 0xed, 0x3b, 0xc4, 0xa2, 0xc6, 0xe9, 0xc7, 0x43, 0x31, 0xd3,0x03, 0x97, 0x96, 0x31, 0x4b, 0xee, 0xe3, 0xb7, 0x15, 0x2f, 0xcd, 0xba, 0x55, 0x56, 0x30, 0x4e, }, + { 0x1a, 0xaa, 0xbe, 0x7e, 0xe6, 0xe4, 0xa6, 0xfa, 0x73, 0x22, 0x91, 0x20, 0x24, 0x33, 0xa2, 0x37,0xdf, 0x1b, 0x49, 0xbc, 0x53, 0x86, 0x6b, 0xfb, 0xe0, 0x0d, 0xb9, 0x6a, 0x0f, 0x58, 0x22, 0x4f, }, + }, + { + { 0xa2, 0xef, 0x85, 0x7a, 0x08, 0x1f, 0x9d, 0x6e, 0xb2, 0x06, 0xa8, 0x1c, 0x4c, 0xf7, 0x8a, 0x80,0x2b, 0xdf, 0x59, 0x8a, 0xe3, 0x80, 0xc8, 0x88, 0x6e, 0xcd, 0x85, 0xfd, 0xc1, 0xed, 0x76, 0x44, }, + { 0x56, 0x3c, 0x4c, 0x20, 0x41, 0x9f, 0x07, 0xbc, 0x17, 0xd0, 0x53, 0x9f, 0xad, 0xe1, 0x85, 0x5e,0x34, 0x83, 0x95, 0x15, 0xb8, 0x92, 0xc0, 0xf5, 0xd2, 0x65, 0x61, 0xf9, 0x7f, 0xa0, 0x4d, 0x1a, }, + { 0xdd, 0x5e, 0x9f, 0x70, 0xae, 0x74, 0x00, 0x73, 0xca, 0x02, 0x04, 0xdf, 0x60, 0x76, 0x3f, 0xb6,0x03, 0x6c, 0x45, 0x70, 0x9b, 0xf4, 0xa7, 0xbb, 0x4e, 0x67, 0x14, 0x12, 0xfa, 0xd6, 0x5d, 0xa3, }, + { 0x43, 0x0e, 0x6a, 0x4f, 0xba, 0x44, 0x49, 0xd7, 0x00, 0xd2, 0x73, 0x3e, 0x55, 0x7f, 0x66, 0xa3,0xbf, 0x3d, 0x50, 0x51, 0x7c, 0x12, 0x71, 0xb1, 0xdd, 0xae, 0x11, 0x61, 0xb7, 0xac, 0x79, 0x8c, }, + }, + { + { 0xcc, 0xd8, 0xa2, 0xd8, 0x6b, 0xc9, 0x2f, 0x2e, 0x01, 0xbc, 0xe4, 0xd6, 0x92, 0x2c, 0xf7, 0xfe,0x16, 0x26, 0xae, 0xd0, 0x44, 0x68, 0x5e, 0x95, 0xe2, 0xee, 0xbd, 0x46, 0x45, 0x05, 0xf0, 0x1f, }, + { 0xe9, 0xdd, 0xd5, 0x83, 0xa9, 0x63, 0x5a, 0x66, 0x77, 0x77, 0xd5, 0xb8, 0xa8, 0xf3, 0x1b, 0x0f,0x79, 0xeb, 0xa1, 0x2c, 0x75, 0x02, 0x34, 0x10, 0xb5, 0x4b, 0x85, 0x67, 0xdd, 0xdc, 0x0f, 0x38, }, + { 0x5a, 0xe0, 0x26, 0xcf, 0xc0, 0x60, 0xd5, 0x56, 0x00, 0x71, 0x7e, 0x55, 0xb8, 0xa1, 0x2e, 0x11,0x6d, 0x1d, 0x0d, 0xf3, 0x4a, 0xf8, 0x31, 0x97, 0x90, 0x57, 0x60, 0x7c, 0x2d, 0x9c, 0x2f, 0x76, }, + { 0x1c, 0xe9, 0xe6, 0x74, 0x05, 0x29, 0x49, 0x9f, 0x98, 0xd1, 0xf1, 0xd7, 0x13, 0x29, 0x14, 0x7a,0x33, 0xdf, 0x1d, 0x05, 0xe4, 0x76, 0x5b, 0x53, 0x9b, 0x11, 0xcf, 0x61, 0x5d, 0x69, 0x74, 0xd3, }, + }, + { + { 0xc1, 0x88, 0xff, 0xc8, 0x94, 0x7f, 0x73, 0x01, 0xfb, 0x7b, 0x53, 0xe3, 0x67, 0x46, 0x09, 0x7c,0x21, 0x34, 0xbf, 0x9c, 0xc9, 0x81, 0xba, 0x74, 0xb4, 0xe9, 0xc4, 0x36, 0x1f, 0x59, 0x5e, 0x4e, }, + { 0xbf, 0x7d, 0x2f, 0x20, 0x56, 0xe7, 0x24, 0x21, 0xef, 0x39, 0x3f, 0x0c, 0x0f, 0x2b, 0x0e, 0x00,0x13, 0x0e, 0x3c, 0xac, 0x4a, 0xbb, 0xcc, 0x00, 0x28, 0x61, 0x68, 0xe8, 0x5e, 0xc5, 0x50, 0x51, }, + { 0xb6, 0x01, 0xac, 0x42, 0x5d, 0x5d, 0xbf, 0x9e, 0x17, 0x35, 0xc5, 0xe2, 0xd5, 0xbd, 0xb7, 0x9c,0xa9, 0x8b, 0x3d, 0x5b, 0xe4, 0xa2, 0xcf, 0xd6, 0xf2, 0x27, 0x3f, 0x15, 0x0e, 0x06, 0x4d, 0x9d, }, + { 0x46, 0x90, 0xe3, 0x74, 0x3c, 0x07, 0xd6, 0x43, 0xf1, 0xbc, 0x18, 0x36, 0x36, 0xab, 0x2a, 0x9c,0xb9, 0x36, 0xa6, 0x0a, 0x80, 0x21, 0x13, 0xc4, 0x9b, 0xb1, 0xb3, 0xf2, 0xd0, 0x66, 0x16, 0x60, }, + }, + { + { 0x31, 0x7e, 0x10, 0x20, 0xff, 0x53, 0xfc, 0xce, 0xf1, 0x8b, 0xf4, 0x7b, 0xb7, 0xf2, 0xdd, 0x77,0x07, 0xfb, 0x7b, 0x7a, 0x75, 0x78, 0xe0, 0x4f, 0x35, 0xb3, 0xbe, 0xed, 0x22, 0x2a, 0x0e, 0xb6, }, + { 0x09, 0x42, 0x0c, 0xe5, 0xa1, 0x9d, 0x77, 0xc6, 0xfe, 0x1e, 0xe5, 0x87, 0xe6, 0xa4, 0x9f, 0xba,0xf8, 0xf2, 0x80, 0xe8, 0xdf, 0x03, 0x3d, 0x75, 0x40, 0x33, 0x02, 0xe5, 0xa2, 0x7d, 0xb2, 0xae, }, + { 0xfe, 0xfb, 0x1d, 0xda, 0x18, 0x45, 0x31, 0x2b, 0x5f, 0xce, 0x6b, 0x81, 0xb2, 0xbe, 0x20, 0x5a,0xf2, 0xf3, 0xa2, 0x74, 0xf5, 0xa2, 0x12, 0xf6, 0x6c, 0x0d, 0x9f, 0xc3, 0x3d, 0x7a, 0xe5, 0x35, }, + { 0x30, 0xc2, 0x26, 0x1b, 0xd0, 0x00, 0x4e, 0x61, 0xfe, 0xda, 0x2c, 0x16, 0xaa, 0x5e, 0x21, 0xff,0xa8, 0xd7, 0xe7, 0xf7, 0xdb, 0xf6, 0xec, 0x37, 0x9a, 0x43, 0xb4, 0x8e, 0x4b, 0x36, 0xae, 0xb0, }, + }, + { + { 0x45, 0xfb, 0x02, 0xb2, 0xce, 0xb9, 0xd7, 0xc7, 0x9d, 0x9c, 0x2f, 0xa9, 0x3e, 0x9c, 0x79, 0x67,0xc2, 0xfa, 0x4d, 0xf5, 0x78, 0x9f, 0x96, 0x40, 0xb2, 0x42, 0x64, 0xb1, 0xe5, 0x24, 0xfc, 0xb1, }, + { 0x5c, 0x6e, 0x8e, 0xcf, 0x1f, 0x7d, 0x30, 0x23, 0x89, 0x3b, 0x7b, 0x1c, 0xa1, 0xe4, 0xd1, 0x78,0x97, 0x2e, 0xe2, 0xa2, 0x30, 0x75, 0x7d, 0xdc, 0x56, 0x4f, 0xfe, 0x37, 0xf5, 0xc5, 0xa3, 0x21, }, + { 0x33, 0x4a, 0xe0, 0xc4, 0x69, 0x3d, 0x23, 0x93, 0x5a, 0x7e, 0x8e, 0x04, 0x3e, 0xbb, 0xde, 0x21,0xe1, 0x68, 0xa7, 0xcb, 0xa3, 0xfa, 0x50, 0x7c, 0x9b, 0xe4, 0x1d, 0x76, 0x81, 0xe0, 0x49, 0xce, }, + { 0x2a, 0xda, 0xe4, 0xa1, 0x38, 0xa2, 0x39, 0xdc, 0xd9, 0x3c, 0x24, 0x3a, 0x38, 0x03, 0xc3, 0xe4,0xcf, 0x96, 0xe3, 0x7f, 0xe1, 0x4e, 0x6a, 0x9b, 0x71, 0x7b, 0xe9, 0x59, 0x99, 0x59, 0xb1, 0x1c, }, + }, + { + { 0xa1, 0x9e, 0xf7, 0xbf, 0xf9, 0x8a, 0xda, 0x78, 0x18, 0x42, 0xfb, 0xfc, 0x51, 0xa4, 0x7a, 0xff,0x39, 0xb5, 0x93, 0x5a, 0x1c, 0x7d, 0x96, 0x25, 0xc8, 0xd3, 0x23, 0xd5, 0x11, 0xc9, 0x2d, 0xe6, }, + { 0xe9, 0xc1, 0x84, 0xdf, 0x75, 0xc9, 0x55, 0xe0, 0x2e, 0x02, 0xe4, 0x00, 0xff, 0xe4, 0x5f, 0x78,0xf3, 0x39, 0xe1, 0xaf, 0xe6, 0xd0, 0x56, 0xfb, 0x32, 0x45, 0xf4, 0x70, 0x0c, 0xe6, 0x06, 0xef, }, + { 0x2c, 0x4b, 0xde, 0x40, 0x21, 0x4f, 0xcc, 0x3b, 0xfc, 0x47, 0xd4, 0xcf, 0x43, 0x4b, 0x62, 0x9a,0xcb, 0xe9, 0x15, 0x7f, 0x8f, 0xd0, 0x28, 0x25, 0x40, 0x33, 0x1d, 0xe7, 0x94, 0x2c, 0xf0, 0x9d, }, + { 0x2e, 0x27, 0x7e, 0xc3, 0x0f, 0x5e, 0xa0, 0x7d, 0x6c, 0xe5, 0x13, 0x14, 0x9b, 0x94, 0x79, 0xb9,0x6e, 0x07, 0xf4, 0xb6, 0x91, 0x3b, 0x1b, 0x5c, 0x11, 0x30, 0x5c, 0x14, 0x44, 0xa1, 0xbc, 0x0b, }, + }, + { + { 0x35, 0x6c, 0x5a, 0x44, 0x4c, 0x04, 0x9a, 0x52, 0xfe, 0xe0, 0xad, 0xeb, 0x7e, 0x5d, 0x82, 0xae,0x5a, 0xa8, 0x30, 0x30, 0xbf, 0xff, 0x31, 0xbb, 0xf8, 0xce, 0x20, 0x96, 0xcf, 0x16, 0x1c, 0x4b, }, + { 0x57, 0xd1, 0x28, 0xde, 0x8b, 0x2a, 0x57, 0xa0, 0x94, 0xd1, 0xa0, 0x01, 0xe5, 0x72, 0x17, 0x3f,0x96, 0xe8, 0x86, 0x6a, 0xe3, 0x52, 0xbf, 0x29, 0xcd, 0xda, 0xf9, 0x2f, 0xc8, 0x5b, 0x2f, 0x92, }, + { 0x85, 0xa2, 0x68, 0xf9, 0xd7, 0x77, 0x2f, 0x99, 0x0c, 0x36, 0xb4, 0x2b, 0x0a, 0x33, 0x1a, 0xdc,0x92, 0xb5, 0x94, 0x1d, 0xe0, 0xb8, 0x62, 0xd5, 0xd8, 0x9a, 0x34, 0x7c, 0xbf, 0x8f, 0xaa, 0xb0, }, + { 0x1e, 0x51, 0x37, 0x3b, 0xd2, 0xc6, 0x04, 0x4c, 0x12, 0x9c, 0x43, 0x6e, 0x74, 0x2a, 0x55, 0xbe,0x2a, 0x66, 0x8a, 0x85, 0xae, 0x08, 0x44, 0x1b, 0x67, 0x56, 0x44, 0x5d, 0xf5, 0x49, 0x38, 0x57, }, + } +}; + +const size_t ecdh_p256_test_vectors_count = sizeof(ecdh_p256_test_vectors) / sizeof(ecdh_p256_test_vector); diff --git a/test/api_talib/test_ecc_certificate_chain.h b/test/vectors/ecdh_nist_vectors.h similarity index 71% rename from test/api_talib/test_ecc_certificate_chain.h rename to test/vectors/ecdh_nist_vectors.h index d2a6368b5..6f79d1cb4 100644 --- a/test/api_talib/test_ecc_certificate_chain.h +++ b/test/vectors/ecdh_nist_vectors.h @@ -1,6 +1,6 @@ /** * \file - * \brief Tests for the TA Library API (tablib) + * \brief Embedded NIST vectors for the ECDH algorithm * * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. * @@ -25,27 +25,21 @@ * THIS SOFTWARE. */ -#ifndef TEST_ECC_CERTIFICATE_CHAIN_H_ -#define TEST_ECC_CERTIFICATE_CHAIN_H_ +#ifndef ECDH_NIST_VECTORS_H +#define ECDH_NIST_VECTORS_H -#include +/* See https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/component-testing#ECCCDH */ -#ifdef __cplusplus -extern "C" { -#endif +typedef struct +{ + uint8_t QCAVSx[32]; + uint8_t QCAVSy[32]; + uint8_t dIUT[32]; + uint8_t ZIUT[32]; +} ecdh_p256_test_vector; +extern const ecdh_p256_test_vector ecdh_p256_test_vectors[]; +extern const size_t ecdh_p256_test_vectors_count; -extern const uint8_t test_ecc_root_public_key[64]; -extern const uint8_t test_ecc_signer_cert[571]; - -extern const uint8_t test_ecc_leaf_cert[629]; - -extern const uint8_t test_ecc_leaf_public_key[64]; - - -#ifdef __cplusplus -} -#endif - -#endif /* TEST_ECC_CERTIFICATE_CHAIN_H_*/ +#endif /* ECDH_NIST_VECTORS_H */ diff --git a/test/vectors/ecdsa_nist_vectors.c b/test/vectors/ecdsa_nist_vectors.c new file mode 100644 index 000000000..9a11ff581 --- /dev/null +++ b/test/vectors/ecdsa_nist_vectors.c @@ -0,0 +1,202 @@ +/** + * \file + * \brief Embedded NIST vectors for the ECDSA algorithm + * + * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. + * + * \page License + * + * Subject to your compliance with these terms, you may use Microchip software + * and any derivatives exclusively with Microchip products. It is your + * responsibility to comply with third party license terms applicable to your + * use of third party software (including open source software) that may + * accompany Microchip software. + * + * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER + * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED + * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A + * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, + * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE + * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF + * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE + * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL + * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED + * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR + * THIS SOFTWARE. + */ + +#include "cryptoauthlib.h" +#include "ecdsa_nist_vectors.h" + +const ecdsa_p256_test_vector ecdsa_p256_test_vectors[] = { + { + { 0xe4, 0x79, 0x6d, 0xb5, 0xf7, 0x85, 0xf2, 0x07, 0xaa, 0x30, 0xd3, 0x11, 0x69, 0x3b, 0x37, 0x02, + 0x82, 0x1d, 0xff, 0x11, 0x68, 0xfd, 0x2e, 0x04, 0xc0, 0x83, 0x68, 0x25, 0xae, 0xfd, 0x85, 0x0d, + 0x9a, 0xa6, 0x03, 0x26, 0xd8, 0x8c, 0xde, 0x1a, 0x23, 0xc7, 0x74, 0x53, 0x51, 0x39, 0x2c, 0xa2, + 0x28, 0x8d, 0x63, 0x2c, 0x26, 0x4f, 0x19, 0x7d, 0x05, 0xcd, 0x42, 0x4a, 0x30, 0x33, 0x6c, 0x19, + 0xfd, 0x09, 0xbb, 0x22, 0x96, 0x54, 0xf0, 0x22, 0x2f, 0xcb, 0x88, 0x1a, 0x4b, 0x35, 0xc2, 0x90, + 0xa0, 0x93, 0xac, 0x15, 0x9c, 0xe1, 0x34, 0x09, 0x11, 0x1f, 0xf0, 0x35, 0x84, 0x11, 0x13, 0x3c, + 0x24, 0xf5, 0xb8, 0xe2, 0x09, 0x0d, 0x6d, 0xb6, 0x55, 0x8a, 0xfc, 0x36, 0xf0, 0x6c, 0xa1, 0xf6, + 0xef, 0x77, 0x97, 0x85, 0xad, 0xba, 0x68, 0xdb, 0x27, 0xa4, 0x09, 0x85, 0x9f, 0xc4, 0xc4, 0xa0 }, + { 0x87, 0xf8, 0xf2, 0xb2, 0x18, 0xf4, 0x98, 0x45, 0xf6, 0xf1, 0x0e, 0xec, 0x38, 0x77, 0x13, 0x62, + 0x69, 0xf5, 0xc1, 0xa5, 0x47, 0x36, 0xdb, 0xdf, 0x69, 0xf8, 0x99, 0x40, 0xca, 0xd4, 0x15, 0x55 }, + { 0xe1, 0x5f, 0x36, 0x90, 0x36, 0xf4, 0x98, 0x42, 0xfa, 0xc7, 0xa8, 0x6c, 0x8a, 0x2b, 0x05, 0x57, + 0x60, 0x97, 0x76, 0x81, 0x44, 0x48, 0xb8, 0xf5, 0xe8, 0x4a, 0xa9, 0xf4, 0x39, 0x52, 0x05, 0xe9 }, + { 0xd1, 0x9f, 0xf4, 0x8b, 0x32, 0x49, 0x15, 0x57, 0x64, 0x16, 0x09, 0x7d, 0x25, 0x44, 0xf7, 0xcb, + 0xdf, 0x87, 0x68, 0xb1, 0x45, 0x4a, 0xd2, 0x0e, 0x0b, 0xaa, 0xc5, 0x0e, 0x21, 0x1f, 0x23, 0xb0 }, + { 0xa3, 0xe8, 0x1e, 0x59, 0x31, 0x1c, 0xdf, 0xff, 0x2d, 0x47, 0x84, 0x94, 0x9f, 0x7a, 0x2c, 0xb5, + 0x0b, 0xa6, 0xc3, 0xa9, 0x1f, 0xa5, 0x47, 0x10, 0x56, 0x8e, 0x61, 0xac, 0xa3, 0xe8, 0x47, 0xc6 }, + false, + "3 - S Changed" + }, + { + { 0x06, 0x9a, 0x6e, 0x6b, 0x93, 0xdf, 0xee, 0x6d, 0xf6, 0xef, 0x69, 0x97, 0xcd, 0x80, 0xdd, 0x21,0x82, 0xc3, 0x66, 0x53, 0xce, 0xf1, 0x0c, 0x65, 0x5d, 0x52, 0x45, 0x85, 0x65, 0x54, 0x62, 0xd6, 0x83, 0x87, 0x7f, 0x95, 0xec, 0xc6, 0xd6, 0xc8, 0x16, 0x23, 0xd8, 0xfa, 0xc4, 0xe9, 0x00, 0xed, 0x00, 0x19, 0x96, 0x40, 0x94, 0xe7, 0xde, 0x91, 0xf1, 0x48, 0x19, 0x89, 0xae, 0x18, 0x73, 0x00, 0x45, 0x65, 0x78, 0x9c, 0xbf, 0x5d, 0xc5, 0x6c, 0x62, 0xae, 0xdc, 0x63, 0xf6, 0x2f, 0x3b, 0x89, 0x4c, 0x9c, 0x6f, 0x77, 0x88, 0xc8, 0xec, 0xaa, 0xdc, 0x9b, 0xd0, 0xe8, 0x1a, 0xd9, 0x1b, 0x2b, 0x35, 0x69, 0xea, 0x12, 0x26, 0x0e, 0x93, 0x92, 0x4f, 0xdd, 0xdd, 0x39, 0x72, 0xaf, 0x52, 0x73, 0x19, 0x8f, 0x5e, 0xfd, 0xa0, 0x74, 0x62, 0x19, 0x47, 0x50, 0x17, 0x55, 0x76, 0x16, 0x17, 0x0e, }, + { 0x5c, 0xf0, 0x2a, 0x00, 0xd2, 0x05, 0xbd, 0xfe, 0xe2, 0x01, 0x6f, 0x74, 0x21, 0x80, 0x7f, 0xc3,0x8a, 0xe6, 0x9e, 0x6b, 0x7c, 0xcd, 0x06, 0x4e, 0xe6, 0x89, 0xfc, 0x1a, 0x94, 0xa9, 0xf7, 0xd2, }, + { 0xec, 0x53, 0x0c, 0xe3, 0xcc, 0x5c, 0x9d, 0x1a, 0xf4, 0x63, 0xf2, 0x64, 0xd6, 0x85, 0xaf, 0xe2,0xb4, 0xdb, 0x4b, 0x58, 0x28, 0xd7, 0xe6, 0x1b, 0x74, 0x89, 0x30, 0xf3, 0xce, 0x62, 0x2a, 0x85, }, + { 0xdc, 0x23, 0xd1, 0x30, 0xc6, 0x11, 0x7f, 0xb5, 0x75, 0x12, 0x01, 0x45, 0x5e, 0x99, 0xf3, 0x6f,0x59, 0xab, 0xa1, 0xa6, 0xa2, 0x1c, 0xf2, 0xd0, 0xe7, 0x48, 0x1a, 0x97, 0x45, 0x1d, 0x66, 0x93, }, + { 0xd6, 0xce, 0x77, 0x08, 0xc1, 0x8d, 0xbf, 0x35, 0xd4, 0xf8, 0xaa, 0x72, 0x40, 0x92, 0x2d, 0xc6,0x82, 0x3f, 0x2e, 0x70, 0x58, 0xcb, 0xc1, 0x48, 0x4f, 0xca, 0xd1, 0x59, 0x9d, 0xb5, 0x01, 0x8c, }, + false, + "2 - R Changed" + }, + { + { 0xdf, 0x04, 0xa3, 0x46, 0xcf, 0x4d, 0x0e, 0x33, 0x1a, 0x6d, 0xb7, 0x8c, 0xca, 0x2d, 0x45, 0x6d, + 0x31, 0xb0, 0xa0, 0x00, 0xaa, 0x51, 0x44, 0x1d, 0xef, 0xdb, 0x97, 0xbb, 0xeb, 0x20, 0xb9, 0x4d, + 0x8d, 0x74, 0x64, 0x29, 0xa3, 0x93, 0xba, 0x88, 0x84, 0x0d, 0x66, 0x16, 0x15, 0xe0, 0x7d, 0xef, + 0x61, 0x5a, 0x34, 0x2a, 0xbe, 0xdf, 0xa4, 0xce, 0x91, 0x2e, 0x56, 0x2a, 0xf7, 0x14, 0x95, 0x98, + 0x96, 0x85, 0x8a, 0xf8, 0x17, 0x31, 0x7a, 0x84, 0x0d, 0xcf, 0xf8, 0x5a, 0x05, 0x7b, 0xb9, 0x1a, + 0x3c, 0x2b, 0xf9, 0x01, 0x05, 0x50, 0x03, 0x62, 0x75, 0x4a, 0x6d, 0xd3, 0x21, 0xcd, 0xd8, 0x61, + 0x28, 0xcf, 0xc5, 0xf0, 0x46, 0x67, 0xb5, 0x7a, 0xa7, 0x8c, 0x11, 0x24, 0x11, 0xe4, 0x2d, 0xa3, + 0x04, 0xf1, 0x01, 0x2d, 0x48, 0xcd, 0x6a, 0x70, 0x52, 0xd7, 0xde, 0x44, 0xeb, 0xcc, 0x01, 0xde }, + { 0x2d, 0xdf, 0xd1, 0x45, 0x76, 0x78, 0x83, 0xff, 0xbb, 0x0a, 0xc0, 0x03, 0xab, 0x4a, 0x44, 0x34, + 0x6d, 0x08, 0xfa, 0x25, 0x70, 0xb3, 0x12, 0x0d, 0xcc, 0xe9, 0x45, 0x62, 0x42, 0x22, 0x44, 0xcb }, + { 0x5f, 0x70, 0xc7, 0xd1, 0x1a, 0xc2, 0xb7, 0xa4, 0x35, 0xcc, 0xfb, 0xba, 0xe0, 0x2c, 0x3d, 0xf1, + 0xea, 0x6b, 0x53, 0x2c, 0xc0, 0xe9, 0xdb, 0x74, 0xf9, 0x3f, 0xff, 0xca, 0x7c, 0x6f, 0x9a, 0x64 }, + { 0x99, 0x13, 0x11, 0x1c, 0xff, 0x6f, 0x20, 0xc5, 0xbf, 0x45, 0x3a, 0x99, 0xcd, 0x2c, 0x20, 0x19, + 0xa4, 0xe7, 0x49, 0xa4, 0x97, 0x24, 0xa0, 0x87, 0x74, 0xd1, 0x4e, 0x4c, 0x11, 0x3e, 0xdd, 0xa8 }, + { 0x94, 0x67, 0xcd, 0x4c, 0xd2, 0x1e, 0xcb, 0x56, 0xb0, 0xca, 0xb0, 0xa9, 0xa4, 0x53, 0xb4, 0x33, + 0x86, 0x84, 0x54, 0x59, 0x12, 0x7a, 0x95, 0x24, 0x21, 0xf5, 0xc6, 0x38, 0x28, 0x66, 0xc5, 0xcc }, + false, + "4 - Q Changed" + }, + { + { 0xe1, 0x13, 0x0a, 0xf6, 0xa3, 0x8c, 0xcb, 0x41, 0x2a, 0x9c, 0x8d, 0x13, 0xe1, 0x5d, 0xbf, 0xc9, + 0xe6, 0x9a, 0x16, 0x38, 0x5a, 0xf3, 0xc3, 0xf1, 0xe5, 0xda, 0x95, 0x4f, 0xd5, 0xe7, 0xc4, 0x5f, + 0xd7, 0x5e, 0x2b, 0x8c, 0x36, 0x69, 0x92, 0x28, 0xe9, 0x28, 0x40, 0xc0, 0x56, 0x2f, 0xbf, 0x37, + 0x72, 0xf0, 0x7e, 0x17, 0xf1, 0xad, 0xd5, 0x65, 0x88, 0xdd, 0x45, 0xf7, 0x45, 0x0e, 0x12, 0x17, + 0xad, 0x23, 0x99, 0x22, 0xdd, 0x9c, 0x32, 0x69, 0x5d, 0xc7, 0x1f, 0xf2, 0x42, 0x4c, 0xa0, 0xde, + 0xc1, 0x32, 0x1a, 0xa4, 0x70, 0x64, 0xa0, 0x44, 0xb7, 0xfe, 0x3c, 0x2b, 0x97, 0xd0, 0x3c, 0xe4, + 0x70, 0xa5, 0x92, 0x30, 0x4c, 0x5e, 0xf2, 0x1e, 0xed, 0x9f, 0x93, 0xda, 0x56, 0xbb, 0x23, 0x2d, + 0x1e, 0xeb, 0x00, 0x35, 0xf9, 0xbf, 0x0d, 0xfa, 0xfd, 0xcc, 0x46, 0x06, 0x27, 0x2b, 0x20, 0xa3 }, + { 0xe4, 0x24, 0xdc, 0x61, 0xd4, 0xbb, 0x3c, 0xb7, 0xef, 0x43, 0x44, 0xa7, 0xf8, 0x95, 0x7a, 0x0c, + 0x51, 0x34, 0xe1, 0x6f, 0x7a, 0x67, 0xc0, 0x74, 0xf8, 0x2e, 0x6e, 0x12, 0xf4, 0x9a, 0xbf, 0x3c }, + { 0x97, 0x0e, 0xed, 0x7a, 0xa2, 0xbc, 0x48, 0x65, 0x15, 0x45, 0x94, 0x9d, 0xe1, 0xdd, 0xda, 0xf0, + 0x12, 0x7e, 0x59, 0x65, 0xac, 0x85, 0xd1, 0x24, 0x3d, 0x6f, 0x60, 0xe7, 0xdf, 0xae, 0xe9, 0x27 }, + { 0xbf, 0x96, 0xb9, 0x9a, 0xa4, 0x9c, 0x70, 0x5c, 0x91, 0x0b, 0xe3, 0x31, 0x42, 0x01, 0x7c, 0x64, + 0x2f, 0xf5, 0x40, 0xc7, 0x63, 0x49, 0xb9, 0xda, 0xb7, 0x2f, 0x98, 0x1f, 0xd9, 0x34, 0x7f, 0x4f }, + { 0x17, 0xc5, 0x50, 0x95, 0x81, 0x90, 0x89, 0xc2, 0xe0, 0x3b, 0x9c, 0xd4, 0x15, 0xab, 0xdf, 0x12, + 0x44, 0x4e, 0x32, 0x30, 0x75, 0xd9, 0x8f, 0x31, 0x92, 0x0b, 0x9e, 0x0f, 0x57, 0xec, 0x87, 0x1c }, + true, + "P" + }, + { + { 0x73, 0xc5, 0xf6, 0xa6, 0x74, 0x56, 0xae, 0x48, 0x20, 0x9b, 0x5f, 0x85, 0xd1, 0xe7, 0xde, 0x77,0x58, 0xbf, 0x23, 0x53, 0x00, 0xc6, 0xae, 0x2b, 0xdc, 0xeb, 0x1d, 0xcb, 0x27, 0xa7, 0x73, 0x0f, 0xb6, 0x8c, 0x95, 0x0b, 0x7f, 0xca, 0xda, 0x0e, 0xcc, 0x46, 0x61, 0xd3, 0x57, 0x82, 0x30, 0xf2, 0x25, 0xa8, 0x75, 0xe6, 0x9a, 0xaa, 0x17, 0xf1, 0xe7, 0x1c, 0x6b, 0xe5, 0xc8, 0x31, 0xf2, 0x26, 0x63, 0xba, 0xc6, 0x3d, 0x0c, 0x7a, 0x96, 0x35, 0xed, 0xb0, 0x04, 0x3f, 0xf8, 0xc6, 0xf2, 0x64, 0x70, 0xf0, 0x2a, 0x7b, 0xc5, 0x65, 0x56, 0xf1, 0x43, 0x7f, 0x06, 0xdf, 0xa2, 0x7b, 0x48, 0x7a, 0x6c, 0x42, 0x90, 0xd8, 0xba, 0xd3, 0x8d, 0x48, 0x79, 0xb3, 0x34, 0xe3, 0x41, 0xba, 0x09, 0x2d, 0xde, 0x4e, 0x4a, 0xe6, 0x94, 0xa9, 0xc0, 0x93, 0x02, 0xe2, 0xdb, 0xf4, 0x43, 0x58, 0x1c, 0x08 }, + { 0xe0, 0xfc, 0x6a, 0x6f, 0x50, 0xe1, 0xc5, 0x74, 0x75, 0x67, 0x3e, 0xe5, 0x4e, 0x3a, 0x57, 0xf9,0xa4, 0x9f, 0x33, 0x28, 0xe7, 0x43, 0xbf, 0x52, 0xf3, 0x35, 0xe3, 0xee, 0xaa, 0x3d, 0x28, 0x64 }, + { 0x7f, 0x59, 0xd6, 0x89, 0xc9, 0x1e, 0x46, 0x36, 0x07, 0xd9, 0x19, 0x4d, 0x99, 0xfa, 0xf3, 0x16,0xe2, 0x54, 0x32, 0x87, 0x08, 0x16, 0xdd, 0xe6, 0x3f, 0x5d, 0x4b, 0x37, 0x3f, 0x12, 0xf2, 0x2a }, + { 0x1d, 0x75, 0x83, 0x0c, 0xd3, 0x6f, 0x4c, 0x9a, 0xa1, 0x81, 0xb2, 0xc4, 0x22, 0x1e, 0x87, 0xf1,0x76, 0xb7, 0xf0, 0x5b, 0x7c, 0x87, 0x82, 0x4e, 0x82, 0xe3, 0x96, 0xc8, 0x83, 0x15, 0xc4, 0x07 }, + { 0xcb, 0x2a, 0xcb, 0x01, 0xda, 0xc9, 0x6e, 0xfc, 0x53, 0xa3, 0x2d, 0x4a, 0x0d, 0x85, 0xd0, 0xc2,0xe4, 0x89, 0x55, 0x21, 0x47, 0x83, 0xec, 0xf5, 0x0a, 0x4f, 0x04, 0x14, 0xa3, 0x19, 0xc0, 0x5a }, + true, + "P" + }, + { + { 0x66, 0x60, 0x36, 0xd9, 0xb4, 0xa2, 0x42, 0x6e, 0xd6, 0x58, 0x5a, 0x4e, 0x0f, 0xd9, 0x31, 0xa8,0x76, 0x14, 0x51, 0xd2, 0x9a, 0xb0, 0x4b, 0xd7, 0xdc, 0x6d, 0x0c, 0x5b, 0x9e, 0x38, 0xe6, 0xc2, 0xb2, 0x63, 0xff, 0x6c, 0xb8, 0x37, 0xbd, 0x04, 0x39, 0x9d, 0xe3, 0xd7, 0x57, 0xc6, 0xc7, 0x00, 0x5f, 0x6d, 0x7a, 0x98, 0x70, 0x63, 0xcf, 0x6d, 0x7e, 0x8c, 0xb3, 0x8a, 0x4b, 0xf0, 0xd7, 0x4a, 0x28, 0x25, 0x72, 0xbd, 0x01, 0xd0, 0xf4, 0x1e, 0x3f, 0xd0, 0x66, 0xe3, 0x02, 0x15, 0x75, 0xf0, 0xfa, 0x04, 0xf2, 0x7b, 0x70, 0x0d, 0x5b, 0x7d, 0xdd, 0xdf, 0x50, 0x96, 0x59, 0x93, 0xc3, 0xf9, 0xc7, 0x11, 0x8e, 0xd7, 0x88, 0x88, 0xda, 0x7c, 0xb2, 0x21, 0x84, 0x9b, 0x32, 0x60, 0x59, 0x2b, 0x8e, 0x63, 0x2d, 0x7c, 0x51, 0xe9, 0x35, 0xa0, 0xce, 0xae, 0x15, 0x20, 0x7b, 0xed, 0xd5, 0x48, }, + { 0xa8, 0x49, 0xbe, 0xf5, 0x75, 0xca, 0xc3, 0xc6, 0x92, 0x0f, 0xbc, 0xe6, 0x75, 0xc3, 0xb7, 0x87,0x13, 0x62, 0x09, 0xf8, 0x55, 0xde, 0x19, 0xff, 0xe2, 0xe8, 0xd2, 0x9b, 0x31, 0xa5, 0xad, 0x86, }, + { 0xbf, 0x5f, 0xe4, 0xf7, 0x85, 0x8f, 0x9b, 0x80, 0x5b, 0xd8, 0xdc, 0xc0, 0x5a, 0xd5, 0xe7, 0xfb,0x88, 0x9d, 0xe2, 0xf8, 0x22, 0xf3, 0xd8, 0xb4, 0x16, 0x94, 0xe6, 0xc5, 0x5c, 0x16, 0xb4, 0x71, }, + { 0x25, 0xac, 0xc3, 0xaa, 0x9d, 0x9e, 0x84, 0xc7, 0xab, 0xf0, 0x8f, 0x73, 0xfa, 0x41, 0x95, 0xac,0xc5, 0x06, 0x49, 0x1d, 0x6f, 0xc3, 0x7c, 0xb9, 0x07, 0x45, 0x28, 0xa7, 0xdb, 0x87, 0xb9, 0xd6, }, + { 0x9b, 0x21, 0xd5, 0xb5, 0x25, 0x9e, 0xd3, 0xf2, 0xef, 0x07, 0xdf, 0xec, 0x6c, 0xc9, 0x0d, 0x3a,0x37, 0x85, 0x5d, 0x1c, 0xe1, 0x22, 0xa8, 0x5b, 0xa6, 0xa3, 0x33, 0xf3, 0x07, 0xd3, 0x15, 0x37, }, + false, + "2 - R changed" + }, + { + { 0x7e, 0x80, 0x43, 0x6b, 0xce, 0x57, 0x33, 0x9c, 0xe8, 0xda, 0x1b, 0x56, 0x60, 0x14, 0x9a, 0x20,0x24, 0x0b, 0x14, 0x6d, 0x10, 0x8d, 0xee, 0xf3, 0xec, 0x5d, 0xa4, 0xae, 0x25, 0x6f, 0x8f, 0x89, 0x4e, 0xdc, 0xbb, 0xc5, 0x7b, 0x34, 0xce, 0x37, 0x08, 0x9c, 0x0d, 0xaa, 0x17, 0xf0, 0xc4, 0x6c, 0xd8, 0x2b, 0x5a, 0x15, 0x99, 0x31, 0x4f, 0xd7, 0x9d, 0x2f, 0xd2, 0xf4, 0x46, 0xbd, 0x5a, 0x25, 0xb8, 0xe3, 0x2f, 0xcf, 0x05, 0xb7, 0x6d, 0x64, 0x45, 0x73, 0xa6, 0xdf, 0x4a, 0xd1, 0xdf, 0xea, 0x70, 0x7b, 0x47, 0x9d, 0x97, 0x23, 0x7a, 0x34, 0x6f, 0x1e, 0xc6, 0x32, 0xea, 0x56, 0x60, 0xef, 0xb5, 0x7e, 0x87, 0x17, 0xa8, 0x62, 0x8d, 0x7f, 0x82, 0xaf, 0x50, 0xa4, 0xe8, 0x4b, 0x11, 0xf2, 0x1b, 0xdf, 0xf6, 0x83, 0x91, 0x96, 0xa8, 0x80, 0xae, 0x20, 0xb2, 0xa0, 0x91, 0x8d, 0x58, 0xcd, }, + { 0x3d, 0xfb, 0x6f, 0x40, 0xf2, 0x47, 0x1b, 0x29, 0xb7, 0x7f, 0xdc, 0xcb, 0xa7, 0x2d, 0x37, 0xc2,0x1b, 0xba, 0x01, 0x9e, 0xfa, 0x40, 0xc1, 0xc8, 0xf9, 0x1e, 0xc4, 0x05, 0xd7, 0xdc, 0xc5, 0xdf, }, + { 0xf2, 0x2f, 0x95, 0x3f, 0x1e, 0x39, 0x5a, 0x52, 0xea, 0xd7, 0xf3, 0xae, 0x3f, 0xc4, 0x74, 0x51,0xb4, 0x38, 0x11, 0x7b, 0x1e, 0x04, 0xd6, 0x13, 0xbc, 0x85, 0x55, 0xb7, 0xd6, 0xe6, 0xd1, 0xbb, }, + { 0x54, 0x88, 0x86, 0x27, 0x8e, 0x5e, 0xc2, 0x6b, 0xed, 0x81, 0x1d, 0xbb, 0x72, 0xdb, 0x1e, 0x15,0x4b, 0x6f, 0x17, 0xbe, 0x70, 0xde, 0xb1, 0xb2, 0x10, 0x10, 0x7d, 0xec, 0xb1, 0xec, 0x2a, 0x5a, }, + { 0xe9, 0x3b, 0xfe, 0xbd, 0x2f, 0x14, 0xf3, 0xd8, 0x27, 0xca, 0x32, 0xb4, 0x64, 0xbe, 0x6e, 0x69,0x18, 0x7f, 0x5e, 0xdb, 0xd5, 0x2d, 0xef, 0x4f, 0x96, 0x59, 0x9c, 0x37, 0xd5, 0x8e, 0xee, 0x75, }, + false, + "4 - Q changed" + }, + { + { 0x16, 0x69, 0xbf, 0xb6, 0x57, 0xfd, 0xc6, 0x2c, 0x3d, 0xdd, 0x63, 0x26, 0x97, 0x87, 0xfc, 0x1c,0x96, 0x9f, 0x18, 0x50, 0xfb, 0x04, 0xc9, 0x33, 0xdd, 0xa0, 0x63, 0xef, 0x74, 0xa5, 0x6c, 0xe1, 0x3e, 0x3a, 0x64, 0x97, 0x00, 0x82, 0x0f, 0x00, 0x61, 0xef, 0xab, 0xf8, 0x49, 0xa8, 0x5d, 0x47, 0x43, 0x26, 0xc8, 0xa5, 0x41, 0xd9, 0x98, 0x30, 0xee, 0xa8, 0x13, 0x1e, 0xae, 0xa5, 0x84, 0xf2, 0x2d, 0x88, 0xc3, 0x53, 0x96, 0x5d, 0xab, 0xcd, 0xc4, 0xbf, 0x6b, 0x55, 0x94, 0x9f, 0xd5, 0x29, 0x50, 0x7d, 0xfb, 0x80, 0x3a, 0xb6, 0xb4, 0x80, 0xcd, 0x73, 0xca, 0x0b, 0xa0, 0x0c, 0xa1, 0x9c, 0x43, 0x88, 0x49, 0xe2, 0xce, 0xa2, 0x62, 0xa1, 0xc5, 0x7d, 0x8f, 0x81, 0xcd, 0x25, 0x7f, 0xb5, 0x8e, 0x19, 0xde, 0xc7, 0x90, 0x4d, 0xa9, 0x7d, 0x83, 0x86, 0xe8, 0x7b, 0x84, 0x94, 0x81, 0x69, }, + { 0x69, 0xb7, 0x66, 0x70, 0x56, 0xe1, 0xe1, 0x1d, 0x6c, 0xaf, 0x6e, 0x45, 0x64, 0x3f, 0x8b, 0x21,0xe7, 0xa4, 0xbe, 0xbd, 0xa4, 0x63, 0xc7, 0xfd, 0xbc, 0x13, 0xbc, 0x98, 0xef, 0xbd, 0x02, 0x14, }, + { 0xd3, 0xf9, 0xb1, 0x2e, 0xb4, 0x6c, 0x7c, 0x6f, 0xda, 0x0d, 0xa3, 0xfc, 0x85, 0xbc, 0x1f, 0xd8,0x31, 0x55, 0x7f, 0x9a, 0xbc, 0x90, 0x2a, 0x3b, 0xe3, 0xcb, 0x3e, 0x8b, 0xe7, 0xd1, 0xaa, 0x2f, }, + { 0x28, 0x8f, 0x7a, 0x1c, 0xd3, 0x91, 0x84, 0x2c, 0xce, 0x21, 0xf0, 0x0e, 0x6f, 0x15, 0x47, 0x1c,0x04, 0xdc, 0x18, 0x2f, 0xe4, 0xb1, 0x4d, 0x92, 0xdc, 0x18, 0x91, 0x08, 0x79, 0x79, 0x97, 0x90, }, + { 0x24, 0x7b, 0x3c, 0x4e, 0x89, 0xa3, 0xbc, 0xad, 0xfe, 0xa7, 0x3c, 0x7b, 0xfd, 0x36, 0x1d, 0xef,0x43, 0x71, 0x5f, 0xa3, 0x82, 0xb8, 0xc3, 0xed, 0xf4, 0xae, 0x15, 0xd6, 0xe5, 0x5e, 0x99, 0x79, }, + false, + "1 - Message changed" + }, + { + { 0x3f, 0xe6, 0x0d, 0xd9, 0xad, 0x6c, 0xac, 0xcf, 0x5a, 0x6f, 0x58, 0x3b, 0x3a, 0xe6, 0x59, 0x53,0x56, 0x34, 0x46, 0xc4, 0x51, 0x0b, 0x70, 0xda, 0x11, 0x5f, 0xfa, 0xa0, 0xba, 0x04, 0xc0, 0x76, 0x11, 0x5c, 0x70, 0x43, 0xab, 0x87, 0x33, 0x40, 0x3c, 0xd6, 0x9c, 0x7d, 0x14, 0xc2, 0x12, 0xc6, 0x55, 0xc0, 0x7b, 0x43, 0xa7, 0xc7, 0x1b, 0x9a, 0x4c, 0xff, 0xe2, 0x2c, 0x26, 0x84, 0x78, 0x8e, 0xc6, 0x87, 0x0d, 0xc2, 0x01, 0x3f, 0x26, 0x91, 0x72, 0xc8, 0x22, 0x25, 0x6f, 0x9e, 0x7c, 0xc6, 0x74, 0x79, 0x1b, 0xf2, 0xd8, 0x48, 0x6c, 0x0f, 0x56, 0x84, 0x28, 0x3e, 0x16, 0x49, 0x57, 0x6e, 0xfc, 0x98, 0x2e, 0xde, 0x17, 0xc7, 0xb7, 0x4b, 0x21, 0x47, 0x54, 0xd7, 0x04, 0x02, 0xfb, 0x4b, 0xb4, 0x5a, 0xd0, 0x86, 0xcf, 0x2c, 0xf7, 0x6b, 0x3d, 0x63, 0xf7, 0xfc, 0xe3, 0x9a, 0xc9, 0x70, }, + { 0xbf, 0x02, 0xcb, 0xcf, 0x6d, 0x8c, 0xc2, 0x6e, 0x91, 0x76, 0x6d, 0x8a, 0xf0, 0xb1, 0x64, 0xfc,0x59, 0x68, 0x53, 0x5e, 0x84, 0xc1, 0x58, 0xeb, 0x3b, 0xc4, 0xe2, 0xd7, 0x9c, 0x3c, 0xc6, 0x82, }, + { 0x06, 0x9b, 0xa6, 0xcb, 0x06, 0xb4, 0x9d, 0x60, 0x81, 0x20, 0x66, 0xaf, 0xa1, 0x6e, 0xcf, 0x7b,0x51, 0x35, 0x2f, 0x2c, 0x03, 0xbd, 0x93, 0xec, 0x22, 0x08, 0x22, 0xb1, 0xf3, 0xdf, 0xba, 0x03, }, + { 0xf5, 0xac, 0xb0, 0x6c, 0x59, 0xc2, 0xb4, 0x92, 0x7f, 0xb8, 0x52, 0xfa, 0xa0, 0x7f, 0xaf, 0x4b,0x18, 0x52, 0xbb, 0xb5, 0xd0, 0x68, 0x40, 0x93, 0x5e, 0x84, 0x9c, 0x4d, 0x29, 0x3d, 0x1b, 0xad, }, + { 0x04, 0x9d, 0xab, 0x79, 0xc8, 0x9c, 0xc0, 0x2f, 0x14, 0x84, 0xc4, 0x37, 0xf5, 0x23, 0xe0, 0x80,0xa7, 0x5f, 0x13, 0x49, 0x17, 0xfd, 0xa7, 0x52, 0xf2, 0xd5, 0xca, 0x39, 0x7a, 0xdd, 0xfe, 0x5d, }, + false, + "3 - S changed" + }, + { + { 0x98, 0x3a, 0x71, 0xb9, 0x99, 0x4d, 0x95, 0xe8, 0x76, 0xd8, 0x4d, 0x28, 0x94, 0x6a, 0x04, 0x1f,0x8f, 0x0a, 0x3f, 0x54, 0x4c, 0xfc, 0xc0, 0x55, 0x49, 0x65, 0x80, 0xf1, 0xdf, 0xd4, 0xe3, 0x12, 0xa2, 0xad, 0x41, 0x8f, 0xe6, 0x9d, 0xbc, 0x61, 0xdb, 0x23, 0x0c, 0xc0, 0xc0, 0xed, 0x97, 0xe3, 0x60, 0xab, 0xab, 0x7d, 0x6f, 0xf4, 0xb8, 0x1e, 0xe9, 0x70, 0xa7, 0xe9, 0x74, 0x66, 0xac, 0xfd, 0x96, 0x44, 0xf8, 0x28, 0xff, 0xec, 0x53, 0x8a, 0xbc, 0x38, 0x3d, 0x0e, 0x92, 0x32, 0x6d, 0x1c, 0x88, 0xc5, 0x5e, 0x1f, 0x46, 0xa6, 0x68, 0xa0, 0x39, 0xbe, 0xaa, 0x1b, 0xe6, 0x31, 0xa8, 0x91, 0x29, 0x93, 0x8c, 0x00, 0xa8, 0x1a, 0x3a, 0xe4, 0x6d, 0x4a, 0xec, 0xbf, 0x97, 0x07, 0xf7, 0x64, 0xdb, 0xac, 0xce, 0xa3, 0xef, 0x76, 0x65, 0xe4, 0xc4, 0x30, 0x7f, 0xa0, 0xb0, 0xa3, 0x07, 0x5c, }, + { 0x22, 0x4a, 0x4d, 0x65, 0xb9, 0x58, 0xf6, 0xd6, 0xaf, 0xb2, 0x90, 0x48, 0x63, 0xef, 0xd2, 0xa7,0x34, 0xb3, 0x17, 0x98, 0x88, 0x48, 0x01, 0xfc, 0xab, 0x5a, 0x59, 0x0f, 0x4d, 0x6d, 0xa9, 0xde, }, + { 0x17, 0x8d, 0x51, 0xfd, 0xda, 0xda, 0x62, 0x80, 0x6f, 0x09, 0x7a, 0xa6, 0x15, 0xd3, 0x3b, 0x8f,0x24, 0x04, 0xe6, 0xb1, 0x47, 0x9f, 0x5f, 0xd4, 0x85, 0x9d, 0x59, 0x57, 0x34, 0xd6, 0xd2, 0xb9, }, + { 0x87, 0xb9, 0x3e, 0xe2, 0xfe, 0xcf, 0xda, 0x54, 0xde, 0xb8, 0xdf, 0xf8, 0xe4, 0x26, 0xf3, 0xc7,0x2c, 0x88, 0x64, 0x99, 0x1f, 0x8e, 0xc2, 0xb3, 0x20, 0x5b, 0xb3, 0xb4, 0x16, 0xde, 0x93, 0xd2, }, + { 0x40, 0x44, 0xa2, 0x4d, 0xf8, 0x5b, 0xe0, 0xcc, 0x76, 0xf2, 0x1a, 0x44, 0x30, 0xb7, 0x5b, 0x8e,0x77, 0xb9, 0x32, 0xa8, 0x7f, 0x51, 0xe4, 0xec, 0xcb, 0xc4, 0x5c, 0x26, 0x3e, 0xbf, 0x8f, 0x66, }, + false, + "2 - R changed" + }, + { + { 0x4a, 0x8c, 0x07, 0x1a, 0xc4, 0xfd, 0x0d, 0x52, 0xfa, 0xa4, 0x07, 0xb0, 0xfe, 0x5d, 0xab, 0x75,0x9f, 0x73, 0x94, 0xa5, 0x83, 0x21, 0x27, 0xf2, 0xa3, 0x49, 0x8f, 0x34, 0xaa, 0xc2, 0x87, 0x33, 0x9e, 0x04, 0x3b, 0x4f, 0xfa, 0x79, 0x52, 0x8f, 0xaf, 0x19, 0x9d, 0xc9, 0x17, 0xf7, 0xb0, 0x66, 0xad, 0x65, 0x50, 0x5d, 0xab, 0x0e, 0x11, 0xe6, 0x94, 0x85, 0x15, 0x05, 0x2c, 0xe2, 0x0c, 0xfd, 0xb8, 0x92, 0xff, 0xb8, 0xaa, 0x9b, 0xf3, 0xf1, 0xaa, 0x5b, 0xe3, 0x0a, 0x5b, 0xbe, 0x85, 0x82, 0x3b, 0xdd, 0xf7, 0x0b, 0x39, 0xfd, 0x7e, 0xbd, 0x4a, 0x93, 0xa2, 0xf7, 0x54, 0x72, 0xc1, 0xd4, 0xf6, 0x06, 0x24, 0x7a, 0x98, 0x21, 0xf1, 0xa8, 0xc4, 0x5a, 0x6c, 0xb8, 0x05, 0x45, 0xde, 0x2e, 0x0c, 0x6c, 0x01, 0x74, 0xe2, 0x39, 0x20, 0x88, 0xc7, 0x54, 0xe9, 0xc8, 0x44, 0x3e, 0xb5, 0xaf, }, + { 0x43, 0x69, 0x1c, 0x77, 0x95, 0xa5, 0x7e, 0xad, 0x8c, 0x5c, 0x68, 0x53, 0x6f, 0xe9, 0x34, 0x53,0x8d, 0x46, 0xf1, 0x28, 0x89, 0x68, 0x0a, 0x9c, 0xb6, 0xd0, 0x55, 0xa0, 0x66, 0x22, 0x83, 0x69, }, + { 0xf8, 0x79, 0x01, 0x10, 0xb3, 0xc3, 0xb2, 0x81, 0xaa, 0x1e, 0xae, 0x03, 0x7d, 0x4f, 0x12, 0x34,0xaf, 0xf5, 0x87, 0xd9, 0x03, 0xd9, 0x3b, 0xa3, 0xaf, 0x22, 0x5c, 0x27, 0xdd, 0xc9, 0xcc, 0xac, }, + { 0x8a, 0xcd, 0x62, 0xe8, 0xc2, 0x62, 0xfa, 0x50, 0xdd, 0x98, 0x40, 0x48, 0x09, 0x69, 0xf4, 0xef,0x70, 0xf2, 0x18, 0xeb, 0xf8, 0xef, 0x95, 0x84, 0xf1, 0x99, 0x03, 0x11, 0x32, 0xc6, 0xb1, 0xce, }, + { 0xcf, 0xca, 0x7e, 0xd3, 0xd4, 0x34, 0x7f, 0xb2, 0xa2, 0x9e, 0x52, 0x6b, 0x43, 0xc3, 0x48, 0xae,0x1c, 0xe6, 0xc6, 0x0d, 0x44, 0xf3, 0x19, 0x1b, 0x6d, 0x8e, 0xa3, 0xa2, 0xd9, 0xc9, 0x21, 0x54, }, + false, + "3 - S changed" + }, + { + { 0x0a, 0x3a, 0x12, 0xc3, 0x08, 0x4c, 0x86, 0x5d, 0xaf, 0x1d, 0x30, 0x2c, 0x78, 0x21, 0x5d, 0x39,0xbf, 0xe0, 0xb8, 0xbf, 0x28, 0x27, 0x2b, 0x3c, 0x0b, 0x74, 0xbe, 0xb4, 0xb7, 0x40, 0x9d, 0xb0, 0x71, 0x82, 0x39, 0xde, 0x70, 0x07, 0x85, 0x58, 0x15, 0x14, 0x32, 0x1c, 0x64, 0x40, 0xa4, 0xbb, 0xae, 0xa4, 0xc7, 0x6f, 0xa4, 0x74, 0x01, 0xe1, 0x51, 0xe6, 0x8c, 0xb6, 0xc2, 0x90, 0x17, 0xf0, 0xbc, 0xe4, 0x63, 0x12, 0x90, 0xaf, 0x5e, 0xa5, 0xe2, 0xbf, 0x3e, 0xd7, 0x42, 0xae, 0x11, 0x0b, 0x04, 0xad, 0xe8, 0x3a, 0x5d, 0xbd, 0x73, 0x58, 0xf2, 0x9a, 0x85, 0x93, 0x8e, 0x23, 0xd8, 0x7a, 0xc8, 0x23, 0x30, 0x72, 0xb7, 0x9c, 0x94, 0x67, 0x0f, 0xf0, 0x95, 0x9f, 0x9c, 0x7f, 0x45, 0x17, 0x86, 0x2f, 0xf8, 0x29, 0x45, 0x20, 0x96, 0xc7, 0x8f, 0x5f, 0x2e, 0x9a, 0x7e, 0x4e, 0x92, 0x16, }, + { 0x91, 0x57, 0xdb, 0xfc, 0xf8, 0xcf, 0x38, 0x5f, 0x5b, 0xb1, 0x56, 0x8a, 0xd5, 0xc6, 0xe2, 0xa8,0x65, 0x2b, 0xa6, 0xdf, 0xc6, 0x3b, 0xc1, 0x75, 0x3e, 0xdf, 0x52, 0x68, 0xcb, 0x7e, 0xb5, 0x96, }, + { 0x97, 0x25, 0x70, 0xf4, 0x31, 0x3d, 0x47, 0xfc, 0x96, 0xf7, 0xc0, 0x2d, 0x55, 0x94, 0xd7, 0x7d,0x46, 0xf9, 0x1e, 0x94, 0x98, 0x08, 0x82, 0x5b, 0x3d, 0x31, 0xf0, 0x29, 0xe8, 0x29, 0x64, 0x05, }, + { 0xdf, 0xae, 0xa6, 0xf2, 0x97, 0xfa, 0x32, 0x0b, 0x70, 0x78, 0x66, 0x12, 0x5c, 0x2a, 0x7d, 0x5d,0x51, 0x5b, 0x51, 0xa5, 0x03, 0xbe, 0xe8, 0x17, 0xde, 0x9f, 0xaa, 0x34, 0x3c, 0xc4, 0x8e, 0xeb, }, + { 0x8f, 0x78, 0x0a, 0xd7, 0x13, 0xf9, 0xc3, 0xe5, 0xa4, 0xf7, 0xfa, 0x4c, 0x51, 0x98, 0x33, 0xdf,0xef, 0xc6, 0xa7, 0x43, 0x23, 0x89, 0xb1, 0xe4, 0xaf, 0x46, 0x39, 0x61, 0xf0, 0x97, 0x64, 0xf2, }, + false, + "1 - Message changed" + }, + { + { 0x78, 0x5d, 0x07, 0xa3, 0xc5, 0x4f, 0x63, 0xdc, 0xa1, 0x1f, 0x5d, 0x1a, 0x5f, 0x49, 0x6e, 0xe2,0xc2, 0xf9, 0x28, 0x8e, 0x55, 0x00, 0x7e, 0x66, 0x6c, 0x78, 0xb0, 0x07, 0xd9, 0x5c, 0xc2, 0x85, 0x81, 0xdc, 0xe5, 0x1f, 0x49, 0x0b, 0x30, 0xfa, 0x73, 0xdc, 0x9e, 0x2d, 0x45, 0xd0, 0x75, 0xd7, 0xe3, 0xa9, 0x5f, 0xb8, 0xa9, 0xe1, 0x46, 0x5a, 0xd1, 0x91, 0x90, 0x41, 0x24, 0x16, 0x0b, 0x7c, 0x60, 0xfa, 0x72, 0x0e, 0xf4, 0xef, 0x1c, 0x5d, 0x29, 0x98, 0xf4, 0x05, 0x70, 0xae, 0x2a, 0x87, 0x0e, 0xf3, 0xe8, 0x94, 0xc2, 0xbc, 0x61, 0x7d, 0x8a, 0x1d, 0xc8, 0x5c, 0x3c, 0x55, 0x77, 0x49, 0x28, 0xc3, 0x87, 0x89, 0xb4, 0xe6, 0x61, 0x34, 0x9d, 0x3f, 0x84, 0xd2, 0x44, 0x1a, 0x3b, 0x85, 0x6a, 0x76, 0x94, 0x9b, 0x9f, 0x1f, 0x80, 0xbc, 0x16, 0x16, 0x48, 0xa1, 0xca, 0xd5, 0x58, 0x8e, }, + { 0x07, 0x2b, 0x10, 0xc0, 0x81, 0xa4, 0xc1, 0x71, 0x3a, 0x29, 0x4f, 0x24, 0x8a, 0xef, 0x85, 0x0e,0x29, 0x79, 0x91, 0xac, 0xa4, 0x7f, 0xa9, 0x6a, 0x74, 0x70, 0xab, 0xe3, 0xb8, 0xac, 0xfd, 0xda, }, + { 0x95, 0x81, 0x14, 0x5c, 0xca, 0x04, 0xa0, 0xfb, 0x94, 0xce, 0xdc, 0xe7, 0x52, 0xc8, 0xf0, 0x37,0x08, 0x61, 0x91, 0x6d, 0x2a, 0x94, 0xe7, 0xc6, 0x47, 0xc5, 0x37, 0x3c, 0xe6, 0xa4, 0xc8, 0xf5, }, + { 0x09, 0xf5, 0x48, 0x3e, 0xcc, 0xec, 0x80, 0xf9, 0xd1, 0x04, 0x81, 0x5a, 0x1b, 0xe9, 0xcc, 0x1a,0x8e, 0x5b, 0x12, 0xb6, 0xeb, 0x48, 0x2a, 0x65, 0xc6, 0x90, 0x7b, 0x74, 0x80, 0xcf, 0x4f, 0x19, }, + { 0xa4, 0xf9, 0x0e, 0x56, 0x0c, 0x5e, 0x4e, 0xb8, 0x69, 0x6c, 0xb2, 0x76, 0xe5, 0x16, 0x5b, 0x6a,0x9d, 0x48, 0x63, 0x45, 0xde, 0xdf, 0xb0, 0x94, 0xa7, 0x6e, 0x84, 0x42, 0xd0, 0x26, 0x37, 0x8d, }, + false, + "4 - Q changed" + }, + { + { 0x76, 0xf9, 0x87, 0xec, 0x54, 0x48, 0xdd, 0x72, 0x21, 0x9b, 0xd3, 0x0b, 0xf6, 0xb6, 0x6b, 0x07,0x75, 0xc8, 0x0b, 0x39, 0x48, 0x51, 0xa4, 0x3f, 0xf1, 0xf5, 0x37, 0xf1, 0x40, 0xa6, 0xe7, 0x22, 0x9e, 0xf8, 0xcd, 0x72, 0xad, 0x58, 0xb1, 0xd2, 0xd2, 0x02, 0x98, 0x53, 0x9d, 0x63, 0x47, 0xdd, 0x55, 0x98, 0x81, 0x2b, 0xc6, 0x53, 0x23, 0xac, 0xea, 0xf0, 0x52, 0x28, 0xf7, 0x38, 0xb5, 0xad, 0x3e, 0x8d, 0x9f, 0xe4, 0x10, 0x0f, 0xd7, 0x67, 0xc2, 0xf0, 0x98, 0xc7, 0x7c, 0xb9, 0x9c, 0x29, 0x92, 0x84, 0x3b, 0xa3, 0xee, 0xd9, 0x1d, 0x32, 0x44, 0x4f, 0x3b, 0x6d, 0xb6, 0xcd, 0x21, 0x2d, 0xd4, 0xe5, 0x60, 0x95, 0x48, 0xf4, 0xbb, 0x62, 0x81, 0x2a, 0x92, 0x0f, 0x6e, 0x2b, 0xf1, 0x58, 0x1b, 0xe1, 0xeb, 0xee, 0xbd, 0xd0, 0x6e, 0xc4, 0xe9, 0x71, 0x86, 0x2c, 0xc4, 0x20, 0x55, 0xca, }, + { 0x09, 0x30, 0x8e, 0xa5, 0xbf, 0xad, 0x6e, 0x5a, 0xdf, 0x40, 0x86, 0x34, 0xb3, 0xd5, 0xce, 0x92,0x40, 0xd3, 0x54, 0x42, 0xf7, 0xfe, 0x11, 0x64, 0x52, 0xaa, 0xec, 0x0d, 0x25, 0xbe, 0x8c, 0x24, }, + { 0xf4, 0x0c, 0x93, 0xe0, 0x23, 0xef, 0x49, 0x4b, 0x1c, 0x30, 0x79, 0xb2, 0xd1, 0x0e, 0xf6, 0x7f,0x31, 0x70, 0x74, 0x04, 0x95, 0xce, 0x2c, 0xc5, 0x7f, 0x8e, 0xe4, 0xb0, 0x61, 0x8b, 0x8e, 0xe5, }, + { 0x5c, 0xc8, 0xaa, 0x7c, 0x35, 0x74, 0x3e, 0xc0, 0xc2, 0x3d, 0xde, 0x88, 0xda, 0xbd, 0x5e, 0x4f,0xcd, 0x01, 0x92, 0xd2, 0x11, 0x6f, 0x69, 0x26, 0xfe, 0xf7, 0x88, 0xcd, 0xdb, 0x75, 0x4e, 0x73, }, + { 0x9c, 0x9c, 0x04, 0x5e, 0xba, 0xa1, 0xb8, 0x28, 0xc3, 0x2f, 0x82, 0xac, 0xe0, 0xd1, 0x8d, 0xae,0xbf, 0x5e, 0x15, 0x6e, 0xb7, 0xcb, 0xfd, 0xc1, 0xef, 0xf4, 0x39, 0x9a, 0x8a, 0x90, 0x0a, 0xe7, }, + false, + "1 - Message changed" + }, + { + { 0x60, 0xcd, 0x64, 0xb2, 0xcd, 0x2b, 0xe6, 0xc3, 0x38, 0x59, 0xb9, 0x48, 0x75, 0x12, 0x03, 0x61,0xa2, 0x40, 0x85, 0xf3, 0x76, 0x5c, 0xb8, 0xb2, 0xbf, 0x11, 0xe0, 0x26, 0xfa, 0x9d, 0x88, 0x55, 0xdb, 0xe4, 0x35, 0xac, 0xf7, 0x88, 0x2e, 0x84, 0xf3, 0xc7, 0x85, 0x7f, 0x96, 0xe2, 0xba, 0xab, 0x4d, 0x9a, 0xfe, 0x45, 0x88, 0xe4, 0xa8, 0x2e, 0x17, 0xa7, 0x88, 0x27, 0xbf, 0xdb, 0x5d, 0xdb, 0xd1, 0xc2, 0x11, 0xfb, 0xc2, 0xe6, 0xd8, 0x84, 0xcd, 0xdd, 0x7c, 0xb9, 0xd9, 0x0d, 0x5b, 0xf4, 0xa7, 0x31, 0x1b, 0x83, 0xf3, 0x52, 0x50, 0x80, 0x33, 0x81, 0x2c, 0x77, 0x6a, 0x0e, 0x00, 0xc0, 0x03, 0xc7, 0xe0, 0xd6, 0x28, 0xe5, 0x07, 0x36, 0xc7, 0x51, 0x2d, 0xf0, 0xac, 0xfa, 0x9f, 0x23, 0x20, 0xbd, 0x10, 0x22, 0x29, 0xf4, 0x64, 0x95, 0xae, 0x6d, 0x08, 0x57, 0xcc, 0x45, 0x2a, 0x84, }, + { 0x2d, 0x98, 0xea, 0x01, 0xf7, 0x54, 0xd3, 0x4b, 0xbc, 0x30, 0x03, 0xdf, 0x50, 0x50, 0x20, 0x0a,0xbf, 0x44, 0x5e, 0xc7, 0x28, 0x55, 0x6d, 0x7e, 0xd7, 0xd5, 0xc5, 0x4c, 0x55, 0x55, 0x2b, 0x6d, }, + { 0x9b, 0x52, 0x67, 0x27, 0x42, 0xd6, 0x37, 0xa3, 0x2a, 0xdd, 0x05, 0x6d, 0xfd, 0x6d, 0x87, 0x92,0xf2, 0xa3, 0x3c, 0x2e, 0x69, 0xda, 0xfa, 0xbe, 0xa0, 0x9b, 0x96, 0x0b, 0xc6, 0x1e, 0x23, 0x0a, }, + { 0x06, 0x10, 0x8e, 0x52, 0x5f, 0x84, 0x5d, 0x01, 0x55, 0xbf, 0x60, 0x19, 0x32, 0x22, 0xb3, 0x21,0x9c, 0x98, 0xe3, 0xd4, 0x94, 0x24, 0xc2, 0xfb, 0x2a, 0x09, 0x87, 0xf8, 0x25, 0xc1, 0x79, 0x59, }, + { 0x62, 0xb5, 0xcd, 0xd5, 0x91, 0xe5, 0xb5, 0x07, 0xe5, 0x60, 0x16, 0x7b, 0xa8, 0xf6, 0xf7, 0xcd,0xa7, 0x46, 0x73, 0xeb, 0x31, 0x56, 0x80, 0xcb, 0x89, 0xcc, 0xbc, 0x4e, 0xec, 0x47, 0x7d, 0xce, }, + true, + "P" + } +}; + +const size_t ecdsa_p256_test_vectors_count = sizeof(ecdsa_p256_test_vectors) / sizeof(ecdsa_p256_test_vector); diff --git a/test/api_talib/test_talib.h b/test/vectors/ecdsa_nist_vectors.h similarity index 69% rename from test/api_talib/test_talib.h rename to test/vectors/ecdsa_nist_vectors.h index 8368947d1..223ecb09f 100644 --- a/test/api_talib/test_talib.h +++ b/test/vectors/ecdsa_nist_vectors.h @@ -1,6 +1,6 @@ /** * \file - * \brief Tests for the TA Library API (tablib) + * \brief Embedded NIST vectors for the ECDSA algorithm * * \copyright (c) 2015-2020 Microchip Technology Inc. and its subsidiaries. * @@ -25,27 +25,24 @@ * THIS SOFTWARE. */ -#ifndef TEST_TALIB_H_ -#define TEST_TALIB_H_ +#ifndef ECDSA_NIST_VECTORS_H +#define ECDSA_NIST_VECTORS_H -#include "atca_test.h" +/* See https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/digital-signatures */ -#ifdef __cplusplus -extern "C" { -#endif +typedef struct +{ + uint8_t Msg[128]; + uint8_t Qx[32]; + uint8_t Qy[32]; + uint8_t R[32]; + uint8_t S[32]; + bool Result; + char* ResultText; +} ecdsa_p256_test_vector; -ATCA_STATUS talib_config_get_handle_by_test(uint8_t test_type, uint16_t* handle); +extern const ecdsa_p256_test_vector ecdsa_p256_test_vectors[]; +extern const size_t ecdsa_p256_test_vectors_count; -/* Commands */ -int talib_configure_device(int argc, char* argv[]); -int talib_config_print_handles(int argc, char* argv[]); -int talib_config_clear_handles(int argc, char* argv[]); -/* Test Commands */ -int run_talib_tests(int argc, char* argv[]); - -#ifdef __cplusplus -} -#endif - -#endif /* TEST_CALIB_H_*/ +#endif /* ECDSA_NIST_VECTORS_H */