Example #1
0
/** \brief Test proper initialization of the encryption key.  Write the random value to the encryption key slot of the default configuration.
 *  \return void
 */
void test_atcatls_init_enc_key(void)
{
	ATCA_STATUS status = ATCA_GEN_FAIL;
	uint8_t enckey_ret[ATCA_KEY_SIZE] = { 0 };
	bool lock = false;
	uint8_t enckeyId = TLS_SLOT_ENC_PARENT;

	status = atcatls_init(g_pCfg);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcatlsfn_set_get_enckey(&get_enc_key);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// Save the return value of _enckeytest to the application
	// Return _enckeytest when get_enc_key is called
	status = atcatls_init_enckey(_enckeytest, enckeyId, lock);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcatls_get_enckey(enckey_ret);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
	TEST_ASSERT_EQUAL_MEMORY(enckey_ret, _enckeytest, ATCA_KEY_SIZE);

	status = atcatls_finish();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
}
Example #2
0
/** \brief Test proper encrypted write/read using the default configuration.
 *  \return void
 */
void test_atcatls_enc_write_read(void)
{
	ATCA_STATUS status = ATCA_GEN_FAIL;
	uint8_t writeBytes[] = { 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
		                     0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19 };
	int16_t writeSize = sizeof(writeBytes);
	uint8_t readBytes[ATCA_BLOCK_SIZE] = { 0 };
	int16_t readSize = sizeof(readBytes);
	uint8_t enckeyId = TLS_SLOT_ENC_PARENT;
	uint8_t slotId = TLS_SLOT8_ENC_STORE;
	uint8_t block = 0;


	status = atcatls_init(g_pCfg);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcatls_enc_write(slotId, block, enckeyId, writeBytes, writeSize);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcatls_enc_read(slotId, block, enckeyId, readBytes, &readSize);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// Check the equivalence of the buffers
	TEST_ASSERT_EQUAL(readSize, writeSize);
	TEST_ASSERT_EQUAL_MEMORY(readBytes, writeBytes, readSize);

	status = atcatls_finish();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
}
Example #3
0
/** \brief Test proper ECDHE operation after a GenKey using the ECDH slot of the default configuration.
 *  \return void
 */
void test_atcatls_ecdhe(void)
{
	ATCA_STATUS status = ATCA_GEN_FAIL;
	uint8_t pmk[ATCA_KEY_SIZE] = { 0 };
	uint8_t pmkNull[ATCA_KEY_SIZE] = { 0 };
	uint8_t pubKeyRet[ATCA_PUB_KEY_SIZE] = { 0 };
	uint8_t pubKeyNull[ATCA_PUB_KEY_SIZE] = { 0 };
	int cmpResult = 0;

	status = atcatls_init(g_pCfg);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcatls_ecdhe(TLS_SLOT_ECDH_PRIV, pubKey1, pubKeyRet, pmk);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// Compare pmk memory, it should have changed.  If all bytes are equal memcmp will return 0.
	cmpResult = memcmp(pmk, pmkNull, ATCA_KEY_SIZE);
	TEST_ASSERT_NOT_EQUAL(cmpResult, 0);

	// Compare pmk memory, it should have changed.  If all bytes are equal memcmp will return 0.
	cmpResult = memcmp(pubKeyRet, pubKeyNull, ATCA_PUB_KEY_SIZE);
	TEST_ASSERT_NOT_EQUAL(cmpResult, 0);

	status = atcatls_finish();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
}
/**
 *
 * \brief Generates a random bytes stream. The ATECCX08 TRNG is
 *        used to seed a standard OpenSSL PRNG (RAND_SSLeay()),
 *        which is used to produce the random stream then. The
 *        PRNG is reseeded after MAX_RAND_BYTES are generated
 *
 * \param[out] buf - a pointer to buffer for the random byte
 *       stream. The caller must allocate enough space in the
 *       buffer in order to fit all generated bytes.
 * \param[in] num - number of bytes to generate
 * \return 1 for success
 */
static int RAND_eccx08_rand_bytes(unsigned char *buf, int num)
{
    int rc = 0;
    uint32_t atcab_buf[TLS_RANDOM_SIZE / sizeof(uint32_t)];
    double entropy;
    RAND_METHOD *meth_rand = RAND_SSLeay();
    ATCA_STATUS status = ATCA_GEN_FAIL;

#ifdef USE_ECCX08
    if (total_num > MAX_RAND_BYTES) {
        total_num = 0;
    }
    if (total_num == 0) {
        eccx08_debug("RAND_eccx08_rand_bytes() -  hw\n");
        status = atcatls_init(pCfg);
        if (status != ATCA_SUCCESS) goto done;
        status = atcatls_random((uint8_t *)atcab_buf);
        if (status != ATCA_SUCCESS) goto done;
        status = atcatls_finish();
        if (status != ATCA_SUCCESS) goto done;
        entropy = (double)atcab_buf[0];
        meth_rand->add(buf, num, entropy);
    }
    total_num += num;
#else // USE_ECCX08
    eccx08_debug("RAND_eccx08_rand_bytes() - sw\n");
#endif // USE_ECCX08
    rc = meth_rand->bytes(buf, num);

done:
    return (rc);
}
Example #5
0
/** \brief This test will initialize and finish the communication to an ECC508.
 *  \return void
 */
void test_atcatls_init_finish(void)
{
	ATCA_STATUS status = ATCA_GEN_FAIL;

	// The atcatls_init() function will call atcatls_com_init(), test for success
	status = atcatls_init(g_pCfg);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// The atcatls_finish() function will call atcatls_com_release(), test for success
	status = atcatls_finish();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
}
Example #6
0
/** \brief This test will write a default configuration and lock a blank device for testing.
 * If the part is already locked, it will verify the configuration zone against the default configuraion.
 *  \return void
 */
void test_atcatls_config_default(void)
{
	ATCA_STATUS status = ATCA_GEN_FAIL;

	status = atcatls_init(g_pCfg);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcatls_config_default();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcatls_finish();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
}
Example #7
0
void test_atcatls_get_cert(void)
{
	ATCA_STATUS status = ATCA_GEN_FAIL;
	uint8_t *certout = NULL;
	int16_t certsize = 0;

	status = atcatls_init();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcatls_get_cert(certout, &certsize);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcatls_finish();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
}
Example #8
0
/** \brief Test that the part can be used for an external verify using known valid vectors.
 *  \return void
 */
void test_atcatls_verify(void)
{
	ATCA_STATUS status = ATCA_GEN_FAIL;
	bool verified = false;

	status = atcatls_init(g_pCfg);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcatls_verify(msg1, sig1, pubKey1, &verified);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// See if the buffers actually verified
	TEST_ASSERT_TRUE(verified);

	status = atcatls_finish();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
}
Example #9
0
/** \brief Test proper public key retrieval after writing from a clear read/write slot of the default configuration.
 *  \return void
 */
void test_atcatls_ca_pubkey_write_read(void)
{
	ATCA_STATUS status = ATCA_GEN_FAIL;
	uint8_t pubkey[ATCA_PUB_KEY_SIZE] = { 0 };
	uint8_t pubkeyNull[ATCA_PUB_KEY_SIZE] = { 0 };
	int cmpResult = 0;

	status = atcatls_init(g_pCfg);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	atcatls_read_pubkey(TLS_SLOT_MFRCA_PUBKEY, pubkey);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// Compare randomNum memory, it should have changed.  If all bytes are equal memcmp will return 0.
	cmpResult = memcmp(pubkey, pubkeyNull, ATCA_PUB_KEY_SIZE);
	TEST_ASSERT_NOT_EQUAL(cmpResult, 0);

	status = atcatls_finish();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
}
Example #10
0
void test_atcatls_create_key(void)
{
	ATCA_STATUS status = ATCA_GEN_FAIL;
	uint8_t pubkey[ATCA_PUB_KEY_SIZE] = { 0 };
	uint8_t pubkeyNull[ATCA_PUB_KEY_SIZE] = { 0 };
	int cmpResult = 0;

	status = atcatls_init();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcatls_create_key(AUTH_PRIV_SLOT, pubkey);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// Compare pubkey memory, it should have changed.  If all bytes are equal memcmp will return 0.
	cmpResult = memcmp(pubkey, pubkeyNull, ATCA_PUB_KEY_SIZE);
	TEST_ASSERT_NOT_EQUAL(cmpResult, 0);

	status = atcatls_finish();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
}
Example #11
0
/** \brief Test proper Random Command operation using the ECC508.
 *  \return void
 */
void test_atcatls_random(void)
{
	ATCA_STATUS status = ATCA_GEN_FAIL;
	uint8_t randomNum[RANDOM_RSP_SIZE] = { 0 };
	uint8_t randomNumNull[RANDOM_RSP_SIZE] = { 0 };
	int cmpResult = 0;

	status = atcatls_init(g_pCfg);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcab_random(randomNum);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// Compare randomNum memory, it should have changed.  If all bytes are equal memcmp will return 0.
	cmpResult = memcmp(randomNum, randomNumNull, RANDOM_RSP_SIZE);
	TEST_ASSERT_NOT_EQUAL(cmpResult, 0);

	status = atcatls_finish();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
}
Example #12
0
/** \brief Test that the serial number can be read from the ECC508.  This test should always succeed.
 *  \return void
 */
void test_atcatls_get_sn(void)
{
	ATCA_STATUS status = ATCA_GEN_FAIL;
	uint8_t snOut[ATCA_SERIAL_NUM_SIZE] = { 0 };
	uint8_t snOutNull[ATCA_SERIAL_NUM_SIZE] = { 0 };
	int cmpResult = 0;

	status = atcatls_init(g_pCfg);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcatls_get_sn(snOut);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// Compare snOut memory, it should have changed.  If all bytes are equal memcmp will return 0.
	cmpResult = memcmp(snOut, snOutNull, ATCA_SERIAL_NUM_SIZE);
	TEST_ASSERT_NOT_EQUAL(cmpResult, 0);

	status = atcatls_finish();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
}
Example #13
0
/** \brief Test that a signature is produced from the authentication slot of the default configuration.
 *  \return void
 */
void test_atcatls_sign(void)
{
	ATCA_STATUS status = ATCA_GEN_FAIL;
	uint8_t signature[ATCA_SIG_SIZE] = { 0 };
	uint8_t sigNull[ATCA_SIG_SIZE] = { 0 };
	int cmpResult = 0;

	status = atcatls_init(g_pCfg);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcatls_sign(TLS_SLOT_AUTH_PRIV, msg1, signature);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// Compare signature memory, it should have changed.  If all bytes are equal memcmp will return 0.
	cmpResult = memcmp(signature, sigNull, ATCA_SIG_SIZE);
	TEST_ASSERT_NOT_EQUAL(cmpResult, 0);

	status = atcatls_finish();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
}
Example #14
0
/** \brief Test proper encrypted write/read of an RSA key using the default configuration.
 *  \return void
 */
void test_atcatls_enc_rsakey_write_read(void)
{
	ATCA_STATUS status = ATCA_GEN_FAIL;
	uint8_t rsakey[] = { 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
		                 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
		                 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29,
		                 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39,
		                 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49,
		                 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59,
		                 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69,
		                 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79,
		                 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89,
		                 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99,
		                 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9,
		                 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9,
		                 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9,
		                 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9,
		                 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9,
		                 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9 };
	uint8_t readBytes[RSA2048_KEY_SIZE] = { 0 };
	uint8_t enckeyId = TLS_SLOT_ENC_PARENT;
	int16_t keysize = RSA2048_KEY_SIZE;

	status = atcatls_init(g_pCfg);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// Write the RSA key
	status = atcatls_enc_rsakey_write(enckeyId, rsakey, keysize);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// Read the RSA key
	status = atcatls_enc_rsakey_read(enckeyId, readBytes, &keysize);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
	TEST_ASSERT_EQUAL(keysize, RSA2048_KEY_SIZE);

	// Check the equivalence of the buffers
	TEST_ASSERT_EQUAL_MEMORY(readBytes, rsakey, RSA2048_KEY_SIZE);

	status = atcatls_finish();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
}
Example #15
0
/** \brief Test the return value of the CA certificate.
 *  \return void
 */
void test_atcatls_get_ca_cert(void)
{
	ATCA_STATUS status = ATCA_GEN_FAIL;
	uint8_t caCert[1024] = { 0 };
	uint8_t caCertNull[1024] = { 0 };
	size_t caCertSize = 1024;
	int cmpResult = 0;

	status = atcatls_init(g_pCfg);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// Get the CA cert
	status = atcatls_get_ca_cert(caCert, &caCertSize);

	// Compare certificate memory, it should have changed.  If all bytes are equal memcmp will return 0.
	cmpResult = memcmp(caCert, caCertNull, 1024);
	TEST_ASSERT_NOT_EQUAL(cmpResult, 0);

	status = atcatls_finish();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
}
Example #16
0
/** \brief Test chain verification using certificates that were read from a properly configured ECC508.
 *  The device certificate and signer certificate are verified.
 *  \return void
 */
void test_atcatls_verify_cert_chain(void)
{
	ATCA_STATUS status = ATCA_GEN_FAIL;
	uint8_t signerPubkey[64] = { 0 };
	uint8_t caPubkey[64] = { 0 };
	uint8_t signerCert[1024] = { 0 };
	uint8_t deviceCert[1024] = { 0 };
	size_t signerCertSize = 1024;
	size_t deviceCertSize = 1024;

	status = atcatls_init(g_pCfg);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// Get the CA public key
	memcpy(caPubkey, g_signer_1_ca_public_key_t, sizeof(caPubkey));

	// Get the signer certificate
	status = atcatls_get_cert(&g_cert_def_1_signer_t, g_signer_1_ca_public_key_t, signerCert, &signerCertSize);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// Get the signer public key from the signer certificate
	status = atcacert_get_subj_public_key(&g_cert_def_1_signer_t, signerCert, signerCertSize, signerPubkey);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// Get the device certificate
	status = atcatls_get_cert(&g_cert_def_0_device_t, signerPubkey, deviceCert, &deviceCertSize);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// Verify the signer certificate
	status = atcacert_verify_cert_hw(&g_cert_def_1_signer_t, signerCert, signerCertSize, caPubkey);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// Verify the device certificate
	status = atcacert_verify_cert_hw(&g_cert_def_0_device_t, deviceCert, deviceCertSize, signerPubkey);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcatls_finish();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
}
Example #17
0
void test_atcatls_init_enc_key(void)
{
	ATCA_STATUS status = ATCA_GEN_FAIL;
	uint8_t enckey_ret[ATCA_KEY_SIZE] = { 0 };
	bool lock = false;

	status = atcatls_init();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcatlsfn_set_get_enckey(&get_enc_key);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcatls_init_enckey(_enckeytest, lock);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	status = atcatls_get_enckey(enckey_ret);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
	// todo: Test that these are equal  (_enckeytest == enckey_ret)

	status = atcatls_finish();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
}
Example #18
0
/** \brief Test the return value of the CA certificate.
*  \return void
*/
void test_atcatls_create_csr(void)
{
	ATCA_STATUS status = ATCA_GEN_FAIL;
	char csr[1024] = { 0 };
	char csrNull[1024] = { 0 };
	size_t csrSize = 1024;
	int cmpResult = 0;

	status = atcatls_init(g_pCfg);
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);

	// Get the CSR
	status = atcatls_create_csr(&g_DeviceCsrDef, csr, &csrSize);

	// Print the CSR to the console
	printf(csr);

	// Compare certificate memory, it should have changed.  If all bytes are equal memcmp will return 0.
	cmpResult = memcmp(csr, csrNull, csrSize);
	TEST_ASSERT_NOT_EQUAL(cmpResult, 0);

	status = atcatls_finish();
	TEST_ASSERT_EQUAL(ATCA_SUCCESS, status);
}