diff --git a/wolfcrypt/src/port/atmel/atmel.c b/wolfcrypt/src/port/atmel/atmel.c index cb287b124..5f9f597f1 100644 --- a/wolfcrypt/src/port/atmel/atmel.c +++ b/wolfcrypt/src/port/atmel/atmel.c @@ -33,6 +33,10 @@ #include #include +#ifdef WOLFSSL_ATECC_TNGTLS +#include "tng/tng_atcacert_client.h" +#endif + #ifdef NO_INLINE #include #else @@ -89,7 +93,6 @@ static int ateccx08a_cfg_initialized = 0; static ATCAIfaceCfg cfg_ateccx08a_i2c_pi; #endif /* WOLFSSL_ATECC508A */ - /** * \brief Generate random number to be used for hash. */ @@ -468,6 +471,14 @@ int atmel_init(void) int ret = 0; #if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) + +#if defined(WOLFSSL_ATECC608A) + /*Harmony3 will generate configuration based on user inputs*/ + #ifdef MICROCHIP_MPLAB_HARMONY_3 + extern ATCAIfaceCfg atecc608_0_init_data; + #endif +#endif + if (!mAtcaInitDone) { ATCA_STATUS status; int i; @@ -490,7 +501,13 @@ int atmel_init(void) mSlotList[i] = ATECC_INVALID_SLOT; } } - +#ifdef MICROCHIP_MPLAB_HARMONY_3 + atcab_release(); + atcab_wakeup(); + #ifdef WOLFSSL_ATECC608A + wolfCrypt_ATECC_SetConfig(&atecc608_0_init_data); + #endif +#endif if (ateccx08a_cfg_initialized == 0) { /* Setup the hardware interface using defaults */ XMEMSET(&cfg_ateccx08a_i2c_pi, 0, sizeof(cfg_ateccx08a_i2c_pi)); @@ -896,13 +913,83 @@ exit: return ret; } +static int atcatls_set_certificates(WOLFSSL_CTX *ctx) +{ + #ifndef ATCATLS_TNGTLS_SIGNER_CERT_SIZE + #define ATCATLS_TNGTLS_SIGNER_CERT_SIZE 0x208 + #endif + #ifndef ATCATLS_TNGTLS_DEVICE_CERT_SIZE + #define ATCATLS_TNGTLS_DEVICE_CERT_SIZE 0x222 + #endif + #ifndef ATCATLS_TNGTLS_CERT_BUFF_SIZE + #define ATCATLS_TNGTLS_CERT_BUFF_SIZE (ATCATLS_TNGTLS_SIGNER_CERT_SIZE +\ + ATCATLS_TNGTLS_DEVICE_CERT_SIZE) + #endif + + int ret = 0; + ATCA_STATUS status; + size_t signerCertSize = ATCATLS_TNGTLS_SIGNER_CERT_SIZE; + size_t deviceCertSize = ATCATLS_TNGTLS_DEVICE_CERT_SIZE; + uint8_t certBuffer[ATCATLS_TNGTLS_CERT_BUFF_SIZE]; + + /*Read signer cert*/ + status = tng_atcacert_read_signer_cert(&certBuffer[ATCATLS_TNGTLS_DEVICE_CERT_SIZE], + &signerCertSize); + if (ATCA_SUCCESS != status) { + ret = atmel_ecc_translate_err(ret); + return ret; + } + if (signerCertSize != ATCATLS_TNGTLS_SIGNER_CERT_SIZE) { + #ifdef WOLFSSL_ATECC_DEBUG + printf("signer cert size != ATCATLS_TNGTLS_SIGNER_CERT_SIZE.(%d)\r\n", + signerCertSize); + #endif + return WOLFSSL_FAILURE; + } + + /*Read device cert signed by the signer above*/ + status = tng_atcacert_read_device_cert(certBuffer, &deviceCertSize,\ + &certBuffer[ATCATLS_TNGTLS_DEVICE_CERT_SIZE]); + if (ATCA_SUCCESS != status) { + ret = atmel_ecc_translate_err(ret); + return ret; + } + if (deviceCertSize != ATCATLS_TNGTLS_DEVICE_CERT_SIZE) { + #ifdef WOLFSSL_ATECC_DEBUG + printf("device cert size != ATCATLS_TNGTLS_DEVICE_CERT_SIZE.(%d)\r\n", + deviceCertSize); + #endif + return WOLFSSL_FAILURE; + } + + ret = wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, + (const unsigned char*)certBuffer, ATCATLS_TNGTLS_CERT_BUFF_SIZE, + WOLFSSL_FILETYPE_ASN1); + if (ret != WOLFSSL_SUCCESS) { + ret = -1; + } + else { + ret = 0; + } + return ret; +} + int atcatls_set_callbacks(WOLFSSL_CTX* ctx) { + int ret = 0; wolfSSL_CTX_SetEccKeyGenCb(ctx, atcatls_create_key_cb); wolfSSL_CTX_SetEccVerifyCb(ctx, atcatls_verify_signature_cb); wolfSSL_CTX_SetEccSignCb(ctx, atcatls_sign_certificate_cb); wolfSSL_CTX_SetEccSharedSecretCb(ctx, atcatls_create_pms_cb); - return 0; +#ifdef WOLFSSL_ATECC_TNGTLS + ret = atcatls_set_certificates(ctx); + if (ret != 0) { + #ifdef WOLFSSL_ATECC_DEBUG + printf("atcatls_set_certificates failed. (%d)\r\n",ret); + #endif + } +#endif + return ret; } int atcatls_set_callback_ctx(WOLFSSL* ssl, void* user_ctx)