Release v3.4.1 (20221111)

.github/workflows/build.yml

@@ -41,7 +41,7 @@ jobs:
         with:
           package-dir: python 
         env:
-          CIBW_SKIP: "cp27-* cp36-* *-musllinux* pp*-macosx* cp35-macosx_x86_64"
+          CIBW_SKIP: "cp27-* cp36-* cp37-* pp37-* *-musllinux* pp*-macosx*"
           CIBW_MANYLINUX_X86_64_IMAGE: "manylinux_2_28"
           CIBW_BEFORE_BUILD_LINUX: "yum update -y && yum install -y libusb-devel"
           CIBW_BUILD_VERBOSITY: 3

CMakeLists.txt

@@ -2,10 +2,10 @@ cmake_minimum_required(VERSION 3.1.0)
 project (cryptoauthlib C)
 
 # Set the current release version
-set(VERSION "3.4.0")
+set(VERSION "3.4.1")
 set(VERSION_MAJOR 3)
 set(VERSION_MINOR 4)
-set(VERSION_PATCH 0)
+set(VERSION_PATCH 1)
 
 # Build Options
 option(BUILD_TESTS "Create Test Application with library" OFF)

lib/atca_basic.c

@@ -4094,7 +4094,7 @@ ATCA_STATUS atcab_write_config_counter(uint16_t counter_id, uint32_t counter_val
     if (atcab_is_ca_device(dev_type))
     {
 #if ATCA_CA_SUPPORT
-        status = calib_write_config_counter(_gDevice, counter_id, counter_value);
+        status = calib_write_config_counter_ext(_gDevice, counter_id, counter_value);
 #endif
     }
     else if (atcab_is_ta_device(dev_type))

lib/atca_config.h.in

@@ -12,12 +12,6 @@
 #cmakedefine ATCA_HAL_SWI_UART
 #cmakedefine ATCA_HAL_1WIRE
 
-
-/** Define to enable compatibility with legacy HALs
-   (HALs with embedded device logic)*/
-#cmakedefine ATCA_HAL_LEGACY_API
-
-
 /* Included device support */
 #cmakedefine ATCA_ATSHA204A_SUPPORT
 #cmakedefine ATCA_ATSHA206A_SUPPORT
@@ -30,12 +24,20 @@
 /** Device Override - Library Assumes ATECC608B support in checks */
 #cmakedefine ATCA_ATECC608A_SUPPORT
 
+/** Define to enable compatibility with legacy HALs
+   (HALs with embedded device logic)*/
+#cmakedefine ATCA_HAL_LEGACY_API
 
+/** To use dynamically registered HALs without any of the provided
+implementations its necessary to specify a value here - using this
+in addition to specifying a provide hal may result in compilation
+problems - it will need to be the same as the number of the hal options
+selected plus however additional slots one would like */
+#cmakedefine ATCA_MAX_HAL_CACHE @ATCA_MAX_HAL_CACHE@
 
 /** Define if cryptoauthlib is to use the maximum execution time method */
 #cmakedefine ATCA_NO_POLL
 
-
 /* \brief How long to wait after an initial wake failure for the POST to
  *         complete.
  * If Power-on self test (POST) is enabled, the self test will run on waking

lib/atca_version.h

@@ -30,9 +30,9 @@
 #define _ATCA_VERSION_H
 
 // Version format yyyymmdd
-#define ATCA_LIBRARY_VERSION_DATE   "20221027"
+#define ATCA_LIBRARY_VERSION_DATE   "20221111"
 #define ATCA_LIBRARY_VERSION_MAJOR  3
 #define ATCA_LIBRARY_VERSION_MINOR  4
-#define ATCA_LIBRARY_VERSION_BUILD  0
+#define ATCA_LIBRARY_VERSION_BUILD  1
 
 #endif /* _ATCA_VERSION_H */

lib/calib/calib_basic.h

@@ -303,6 +303,7 @@ ATCA_STATUS calib_write_config_counter(ATCADevice device, uint16_t counter_id, u
 #endif
 #if CALIB_WRITE_EN || CALIB_WRITE_ECC204_EN
 ATCA_STATUS calib_write_zone_ext(ATCADevice device, uint8_t zone, uint16_t slot, uint8_t block, uint8_t offset, const uint8_t *data, uint8_t len);
+ATCA_STATUS calib_write_config_counter_ext(ATCADevice device, uint16_t counter_id, uint32_t counter_value);
 ATCA_STATUS calib_write_pubkey(ATCADevice device, uint16_t slot, const uint8_t *public_key);
 #endif
 
@@ -321,6 +322,7 @@ ATCA_STATUS calib_ecc204_write(ATCADevice device, uint8_t zone, uint16_t address
 ATCA_STATUS calib_ecc204_write_zone(ATCADevice device, uint8_t zone, uint16_t slot, uint8_t block,
                                     uint8_t offset, const uint8_t *data, uint8_t len);
 ATCA_STATUS calib_ecc204_write_config_zone(ATCADevice device, const uint8_t* config_data);
+ATCA_STATUS calib_ecc204_write_config_counter(ATCADevice device, uint8_t counter_id, uint16_t counter_value);
 ATCA_STATUS calib_ecc204_write_bytes_zone(ATCADevice device, uint8_t zone, uint16_t slot, size_t block,
                                           const uint8_t *data, size_t length);
 #endif /* CALIB_WRITE_ECC204_EN */
@@ -521,17 +523,18 @@ ATCA_STATUS calib_ecc204_write_enc(ATCADevice device, uint16_t slot, uint8_t* da
 #define atcab_write_bytes_zone(...)             calib_ecc204_write_bytes_zone(_gDevice, __VA_ARGS__)
 #define atcab_write_bytes_zone_ext              calib_ecc204_write_bytes_zone
 #define atcab_write_config_zone(...)            calib_ecc204_write_config_zone(_gDevice, __VA_ARGS__)
+#define atcab_write_config_counter(...)         calib_ecc204_write_config_counter(_gDevice, __VA_ARGS__)
 #else
 #define atcab_write(...)                        calib_write_ext(_gDevice, __VA_ARGS__)
 #define atcab_write_zone(...)                   calib_write_zone_ext(_gDevice, __VA_ARGS__)
 #define atcab_write_bytes_zone(...)             calib_write_bytes_zone_ext(_gDevice, __VA_ARGS__)
 #define atcab_write_bytes_zone_ext              calib_write_bytes_zone_ext
 #define atcab_write_config_zone(...)            calib_write_config_zone_ext(_gDevice, __VA_ARGS__)
+#define atcab_write_config_counter(...)         calib_write_config_counter_ext(_gDevice, __VA_ARGS__)
 #endif
 
 #define atcab_write_pubkey(...)                 calib_write_pubkey(_gDevice, __VA_ARGS__)
 #define atcab_write_enc(...)                    calib_write_enc(_gDevice, __VA_ARGS__)
-#define atcab_write_config_counter(...)         calib_write_config_counter(_gDevice, __VA_ARGS__)
 #endif
 
 #ifdef __cplusplus

lib/calib/calib_command.h

@@ -326,6 +326,8 @@ ATCA_STATUS atCheckCrc(const uint8_t *response);
 #define COUNTER_MODE_INCREMENT              ((uint8_t)0x01)         //!< Counter command mode for incrementing
 #define COUNTER_RSP_SIZE                    ATCA_RSP_SIZE_4         //!< Counter command response packet size
 #define COUNTER_SIZE                        ATCA_RSP_SIZE_MIN       //!< Counter size in binary
+
+#define ECC204_COUNTER_MAX_VALUE            ((uint16_t)10000)       //!< Counter maximum value of the counter for ECC204
 /** @} */
 
 /** \name Definitions for the DeriveKey Command

lib/calib/calib_sha.c

@@ -86,7 +86,7 @@ ATCA_STATUS calib_sha_base(ATCADevice device, uint8_t mode, uint16_t length, con
     {
         //Build Command
         packet.param1 = mode;
-        packet.param2 = length;
+        packet.param2 = cmd_mode != SHA_MODE_ECC204_HMAC_START ? length: 0;
 
         if (cmd_mode != SHA_MODE_SHA256_PUBLIC && cmd_mode != SHA_MODE_HMAC_START &&
             cmd_mode != SHA_MODE_ECC204_HMAC_START)

lib/calib/calib_write.c

@@ -558,6 +558,20 @@ ATCA_STATUS calib_write_config_counter(ATCADevice device, uint16_t counter_id, u
 
     return status;
 }
+
+ATCA_STATUS calib_write_config_counter_ext(ATCADevice device, uint16_t counter_id, uint32_t counter_value)
+{
+#if CALIB_ECC204_EN
+    if(ECC204 == atcab_get_device_type_ext(device))
+    {
+        return calib_ecc204_write_config_counter(device, (uint8_t)counter_id, (uint16_t)counter_value);
+    }
+    else
+#endif
+    {
+        return calib_write_config_counter(device, counter_id, counter_value);
+    }
+}
 #endif /* CALIB_WRITE_EN */
 
 /** \brief Execute write command to write either 16 byte or 32 byte to one of the EEPROM zones
@@ -706,7 +720,53 @@ ATCA_STATUS calib_ecc204_write_config_zone(ATCADevice device, const uint8_t* con
 
     return status;
 }
-#endif /* CALIB_WRITE_EN */
+
+/** \brief Initialize monotonic counters in device with a specific value.
+ *
+ * The monotonic counters are stored in the configuration zone using a special
+ * format. This encodes a binary count value into the 16 byte encoded value
+ * required. Can only be set while the configuration subzone 2 is unlocked.
+ *
+ * \param[in]  device         Device context pointer
+ * \param[in]  counter_id     Counter_id should always be 0.
+ * \param[in]  counter_value  Counter value to set.
+ *
+ * \return ATCA_SUCCESS on success, otherwise an error code.
+ */
+ATCA_STATUS calib_ecc204_write_config_counter(ATCADevice device, uint8_t counter_id, uint16_t counter_value)
+{
+    uint16_t bin_a, bin_b;
+    uint64_t lin_a, lin_b;
+    uint8_t bytes[16];
+    ATCA_STATUS status = ATCA_GEN_FAIL;
+
+    if (counter_id != 0 || counter_value > ECC204_COUNTER_MAX_VALUE)
+    {
+        return ATCA_TRACE(ATCA_BAD_PARAM, "Invalid counter id or counter value received");
+    }
+
+    bin_a = (uint16_t)(counter_value / 96);
+    bin_b = (counter_value >= 48) ? ((uint16_t)((counter_value - 48) / 96)) : 0;
+    lin_a = 0xFFFFFFFFFFFF >> (counter_value % 96);
+    lin_b = 0xFFFFFFFFFFFF >> ((counter_value >= 48) ? (counter_value - 48) % 96 : 0);
+
+    bin_a = ATCA_UINT16_HOST_TO_BE(bin_a);
+    memcpy(&bytes[0], &bin_a, 2);
+
+    bin_b = ATCA_UINT16_HOST_TO_BE(bin_b);
+    memcpy(&bytes[2], &bin_b, 2);
+
+    lin_a = ATCA_UINT64_HOST_TO_BE(lin_a) >> 16;
+    memcpy(&bytes[4], &lin_a, 6);
+
+    lin_b = ATCA_UINT64_HOST_TO_BE(lin_b) >> 16;
+    memcpy(&bytes[10], &lin_b, 6);
+
+    status = calib_ecc204_write_zone(device, ATCA_ZONE_CONFIG, 2, 0, counter_id, bytes, sizeof(bytes));
+
+    return status;
+}
+#endif /* CALIB_WRITE_ECC204_EN */
 
 #if CALIB_WRITE_ENC_EN && defined(ATCA_ECC204_SUPPORT)
 /** \brief Executes write command, performs an encrypted write of a 32 byte block into given slot.

lib/hal/atca_hal.c

@@ -253,6 +253,7 @@ static ATCA_STATUS hal_iface_set_registered(ATCAIfaceType iface_type, ATCAHAL_t*
         }
         else if (empty < atca_registered_hal_list_size)
         {
+            atca_registered_hal_list[empty].iface_type = iface_type;
             atca_registered_hal_list[empty].hal = hal;
             atca_registered_hal_list[empty].hal = phy;
             status = ATCA_SUCCESS;
@@ -284,7 +285,7 @@ ATCA_STATUS hal_iface_register_hal(ATCAIfaceType iface_type, ATCAHAL_t *hal, ATC
         status = hal_iface_set_registered(iface_type, hal, phy);
     }
 
-    return ATCA_SUCCESS;
+    return status;
 }
 
 /** \brief Standard HAL API for ATCA to initialize a physical interface

lib/pkcs11/pkcs11_config.c

@@ -555,6 +555,7 @@ static CK_RV pkcs11_config_parse_object(pkcs11_slot_ctx_ptr slot_ctx, char* cfgs
     return rv;
 }
 
+#if ATCA_TA_SUPPORT
 static CK_RV pkcs11_config_parse_handle(uint16_t * handle, char* cfgstr)
 {
     int argc = 4;
@@ -571,6 +572,7 @@ static CK_RV pkcs11_config_parse_handle(uint16_t * handle, char* cfgstr)
 
     return rv;
 }
+#endif
 
 static CK_RV pkcs11_config_parse_slot_file(pkcs11_slot_ctx_ptr slot_ctx, int argc, char * argv[])
 {
@@ -1011,7 +1013,7 @@ CK_RV pkcs11_config_load(pkcs11_slot_ctx_ptr slot_ctx)
         {
             /* Hardware Feature */
             pObject->slot = 0;
-            pObject->name = "counter";
+            memcpy(pObject->name, "counter", 8);
             pObject->class_id = CKO_HW_FEATURE;
             pObject->class_type = CKH_MONOTONIC_COUNTER;
             pObject->attributes = pkcs11_object_monotonic_attributes;