View detail for ATAES132A Firmware Development Library User Guide

View detail for ATAES132A Firmware Development Library User Guide
Atmel CryptoAuthentication
ATAES132A Firmware Development Library
USER GUIDE
Introduction
®
™
This user guide describes how to use the Atmel CryptoAuthentication
ATAES132A Firmware Development Library with a customized security
project and how to tune it towards the hardware. To fully understand this
document, it is required to have the library code base.
The ATAES132A is fully backwards compatible with the ATAES132. As a
result, the ATAES132A library is an extension of the ATAES132 library.
There are additional definitions added into ATAES132 library to support
ATAES132A specific commands.
Features
•
•
•
•
•
Layered and Modular Design
Compact and Optimized for 8- and 32-bit Microcontrollers
Easy to Port
Supports I2C and SPI Communication
Distributed as Source Code
Atmel-8759A-CryptoAuth-ATAES132A-FW-Dev-Library_User Guide-01/2016
Table of Contents
Introduction......................................................................................................................1
Features.......................................................................................................................... 1
1. Overview....................................................................................................................3
1.1.
1.2.
1.3.
1.4.
Layered Design............................................................................................................................ 3
1.1.1.
Physical Layer............................................................................................................... 4
1.1.2.
Communication Layer....................................................................................................4
1.1.3.
Command Marshaling Layer..........................................................................................4
1.1.4.
Application Layer........................................................................................................... 4
Portability......................................................................................................................................4
Robustness...................................................................................................................................5
Optimization..................................................................................................................................5
2. Project........................................................................................................................6
2.1.
2.2.
Example Projects..........................................................................................................................6
Project Integration........................................................................................................................ 6
2.2.1.
Folder Structure............................................................................................................. 6
2.2.2.
Porting........................................................................................................................... 6
3. Tuning........................................................................................................................9
3.1.
3.2.
3.3.
Removal of Command Marshaling Layer..................................................................................... 9
Removal of Communication Layer............................................................................................... 9
I2C Interface Using GPIO aka "bit-bang" Instead of I2C Hardware.............................................. 9
4. Revision History.......................................................................................................10
Atmel ATAES132A Firmware Development Library [USER GUIDE]
Atmel-8759A-CryptoAuth-ATAES132A-FW-Dev-Library_User Guide-01/2016
2
1.
1.1.
Overview
Layered Design
The library consists of logically layered components in each successive layer. Since the library is
distributed as C source code, a customer application project can use or include specific parts of the
library code. For instance, compile and link the command marshaling layer functionality or exclude it. For
an embedded application that only wants authentication from the device, it would make sense for that
application to construct the byte stream per the device specification and communicate directly with the
silicon via one of the communication methods available. This would generate the smallest code size and
simplest code.
Figure 1-1. ATAES132A Library Architecture
Customer
Application
Application
Command
Marshaling
Communication
Physical,
Hardware
Independent
Physical,
Hardware
Dependent
Devices
Commands (aes132_comm_marshaling.c)
aes132m_write_memory(),aes132m_read_memory(),aes132M_execute()
Communications Interface (aes_comm.c)
aes132c_wakeup(), aes132c_send_and_receive(), aes132c_calculate_crc()
I2C Interface
(aes132_i2c.c)
Single Perpheral Interface
(aes132_spi.c)
I2C Interface
(i2c_phys.c)
Single Perpheral Interface
(spi_phys.c)
ATAES132A
Additional
ATAES132A
Atmel ATAES132A Firmware Development Library [USER GUIDE]
Atmel-8759A-CryptoAuth-ATAES132A-FW-Dev-Library_User Guide-01/2016
3
1.1.1.
Physical Layer
The Physical layer is divided into hardware-dependent and hardware-independent parts. Two physical
interfaces are provided:
•
I2C Interface
•
Serial Peripheral Interface (SPI)
The Physical layer provides a common calling interface that abstracts the hardware. By keeping the
hardware-independent function names the same for the interfaces, the driver modules can easily be
exchanged in a project/makefile without touching the source code.
The hardware-dependent layer of the interface provides the mechanism to port to virtually any microcontroller. The developer only needs to implement the communication primitives for the supported
interface protocol of choice, i.e. I2C or SPI. For most systems, this is the only change needed to fulfill
porting requirements.
As examples, Atmel provides an implementation of the I2C and SPI interfaces for Atmel | SMART SAM D
®
®
ARM Cortex -M0+ based microcontrollers.
1.1.2.
Communication Layer
The Communication layer provides a straightforward conduit for data exchange between the device and
the application software. Data exchange is based on sending a command and reading its response after
command execution. This layer retries a communication sequence in case of certain communication
errors reported by the Physical layer or the Device Status Register, or when there is an inconsistent
response packet (value in Count byte, CRC).
1.1.3.
Command Marshaling Layer
The Command Marshaling layer is built on top of the Communication layer to implement commands that
the device supports. Such commands are assembled or marshaled into the correct byte streams
expected by the device.
1.1.4.
Application Layer
The Application Layer provides a high level abstraction of security commands to facilitate fast deployment
of custom security requirements without having to deal granular cryptographic transaction minutiae.
1.2.
Portability
The library has been tested for building applications and running them without errors for several target
platforms, including the Atmel AVR 8 bit MCU family and SAM D ARMCortex-M0+ based microcontrollers. To make porting the library to a different target as easy as possible, specific coding rules were
applied:
•
No structures are used to avoid any “packed” and addressing issues on 32-bit targets.
•
Functions in hardware-dependent modules (spi_phys.c and i2c_phys.c) do not “know” any
specifics of the device. It will be easy to replace these functions with others from target libraries or
with your own. Many I2C peripherals on 32-bit CPUs implement hardware-dependent module
functionality. For such cases, porting involves discarding the hardware-dependent I2C module
altogether and adapting the functions in the hardware-independent I2C module to the peripheral, or
to an I2C library provided by the CPU manufacturer or firmware development tool.
•
Where 16-bit variables are inserted into or extracted from a communication buffer (LSB first), no
type casting is used [(uint8_t *) &uint16_variable], but the MSB and LSB are calculated
(msb = uint16_variable>> 8; lsb = uint16_variable & 0xFF). There is no need for a
distinction between big-endian and little-endian targets.
Atmel ATAES132A Firmware Development Library [USER GUIDE]
Atmel-8759A-CryptoAuth-ATAES132A-FW-Dev-Library_User Guide-01/2016
4
•
1.3.
Delays and timeouts are implemented using loop counters instead of hardware timers. They need
to be tuned to the specific CPU. If hardware or software timers are available in the system, possibly
replace the pieces of the library that use loop counters with calls to those timer functions.
Robustness
The library applies retry mechanisms in its communication layer (aes132_comm.c) in case of
communication failures. Therefore, there is no need for an application to implement such retries.
1.4.
Optimization
In addition to the size and speed optimizations left to the compiler, certain requirements were established
for the code:
•
Only 8- and 16-bit variables are used, and so there is no need to import 32-bit compiler libraries.
This also makes the library run faster on 8-bit targets.
•
The layered architecture makes it easy to reduce code size by removing layers and/or functions
that are not needed in the project.
•
Robustness is enhanced through features like error checking and automatic transaction retries
where necessary.
•
Arrays for certain commands and memory addresses are declared as “const,” which allows
compilers to skip copying such arrays to RAM at startup.
Atmel ATAES132A Firmware Development Library [USER GUIDE]
Atmel-8759A-CryptoAuth-ATAES132A-FW-Dev-Library_User Guide-01/2016
5
2.
Project
2.1.
Example Projects
Atmel provides example projects for SAM D ARMCortex-M0+ based micro-controllers. The fastest way to
gain familiarity is to use an Atmel development kit, such as an Atmel SAM D21 Xplained Pro Evaluation
Kit (www.atmel.com/tools/atsamd21-xpro.aspx). With this and an integrated development environment
such as the freely downloadable Atmel Studio® IDE (www.atmel.com/tools/ATMELSTUDIO.aspx), makes
it easy to quickly compile, download, and execute the example application that comes with the library.
2.2.
Project Integration
Integrating the library into the project is straightforward. What to modify in the physical layer modules and
in certain header files is explained in the following subchapters. The header file “includes” do not contain
paths, but only file names. Only one compilation switch to select the interface is used. The source code
fully complies with the C99 coding standards, and also complies with ANSI C with the sole exception of
use of both “//” and “/*…*/” styles for commenting, often overlooked by default configurations of most C
compilers.
2.2.1.
Folder Structure
All modules reside in one folder. Because of this, add either the entire folder to the project and then
exclude the modules not needed from compilation, or add the modules that are needed one by one.
Which modules to exclude from compilation depend on the interface used. The table below shows which
modules to include in the project, based on that interface used. Modules belonging to unused interface
must be excluded.
Table 2-1. Interfaces Modules
Interface
Hardware Independent File
Hardware Dependent Files
Compilation Switch
SPI
I2C
aes132_spi.c
aes132_i2c.c
spi_phys.c
i2c_phys.c
spi_phys.h
i2c_phys.h
AES132_SPI
AES132_I2C
2.2.2.
Porting
When porting the library to other targets or when using CPU clock speeds other than the ones provided
by the examples, certain modules have to be modified, including the physical layer modules that will be
used (SPI or I2C).
2.2.2.1.
Physical Layer Modules
To port the hardware-dependent modules for SPI or I2C to the target, there are several options:
•
Implement the modules from scratch.
•
Modify the SPI or I2C module(s) provided by the target library.
•
Create a wrapper around the target library that matches the software interface of the ATAES132A
library’s Physical layer. For instance, the target library for I2C might use parameters of different
type, number, or sequence than those in the i2c_phys.c module [e.g.,
i2c_send_bytes(uint8_t count, uint8_t *data) ].
Atmel ATAES132A Firmware Development Library [USER GUIDE]
Atmel-8759A-CryptoAuth-ATAES132A-FW-Dev-Library_User Guide-01/2016
6
•
Modify the calls to hardware-dependent functions in the hardware-independent module for the
Physical layer (aes132_spi.c / aes132_i2c.c) to match the functions in the target library. The
hardware-dependent module for I2C reflects a simple I2C peripheral, where single I2C operations
can be performed (Start, Stop, Write Byte, Read Byte, etc.). Many targets contain more
sophisticated I2C peripherals, where registers have to be loaded first with an I2C address, a Start or
Stop condition, a data buffer pointer, etc. In such cases, aes132_i2c.c has to be modified
accordingly.
The hardware-dependent modules provided by Atmel use loop counters for timeout detection. When
porting, either adjust the loop counter start values, which get decremented while waiting for flags to be set
or cleared, or use hardware timers or timer services provided by a real-time operating system that is
being used.
2.2.2.2.
Communication Layer Timeout Tuning
The polling interval for SPI and I2C depends on each interface frequency and the CPU frequency, so they
will need to be adjusted accordingly. These values are defined as
AES132_STATUS_REG_POLL_TIME_ACK and AES132_STATUS_REG_POLL_TIME_NACK in
aes132_i2c.h and aes132_spi.h.
Two descriptions follow about how to establish the AES132_STATUS_REG_POLL_TIME_ACK and
AES132_STATUS_REG_POLL_TIME_NACK.
1.
With an oscilloscope or logic analyzer, measure the time it takes for one loop iteration in the inner
do-while loop inside the aes132c_send_and_receive function or
2.
If the time for one device polling iteration cannot be measured, derive it by establishing three
separate values:
– The transmission time for one byte.
– The transmission overhead time (for instance, setting peripheral registers or checking
peripheral status).
– The loop iteration time. Consider the following formulas:
Time to poll the device:
����� = ����� + ���������ℎ��� + �����
where:
�����
���
=
���������ℎ���
�����
4‐����� 8‐������
��� ���������
���
= ������������� ����� + ������������� ����
�2�, �ℎ�� �2� ������� ���� "������"
=
1‐���� 9‐������
�2� ���������
+ ������ + �����
���������ℎ��� �2�, �ℎ�� �2� ������� ���� "������" = �������������� �������� + ������������� �����
+ ������������ ��������
�����
�2�, �ℎ�� �2� ������� ���� "�����"
=
5‐����� 9‐������
�2� ���������
+ 2 ������ + �����
Atmel ATAES132A Firmware Development Library [USER GUIDE]
Atmel-8759A-CryptoAuth-ATAES132A-FW-Dev-Library_User Guide-01/2016
7
���������ℎ���
�2�, �ℎ�� �2� ������� ���� "�����"
+ ������������ ��������
����� = �����
���132_����_���_�������
= 2 �������������� �������� + 5 ������������� �����
(do while loop inside function)
SPI example, clocked at 8MHz:
�����
���
=
32
= 4.0��
8���
���������ℎ���
�����
�����
���
���
= 13.2��
= 5.8��
�2�, �ℎ���2� ������� ���� "������"
= 4.0�� + 5.8�� + 13.2�� + 23.0��
I2C example, clocked at 200kHz:
�����
�2�, �ℎ�� �2� ������� ���� "������"
���������ℎ���
�����
�����
�����
�����
�2�
9
+ 2.2�� + 0.8�� = 48.0��
200���
�2�, �ℎ�� �2� ������� ���� "������"
�2�, �ℎ�� �2� ������� ���� "�����"
���������ℎ���
=
=
5 9
+ 2 2.2�� + 0.8�� = 230.2��
200���
�2�, �ℎ�� �2� ������� ���� "�����"
= 13.0��
�2�, �ℎ�� �2� ������� ���� "������"
�2�, �ℎ�� �2� ������� ���� "�����"
= 18.6��
= 27.3��
= 48.0�� + 18.6�� + 13.0�� = 79.6��
= 230.2�� + 27.3�� + 13.0�� = 270.5��
Atmel ATAES132A Firmware Development Library [USER GUIDE]
Atmel-8759A-CryptoAuth-ATAES132A-FW-Dev-Library_User Guide-01/2016
8
3.
Tuning
By optionally trading-off convenient features like automatic error retries and/or modularity, the code size
can be optimized and the execution speed improved. This chapter describes a few areas where one
could tune the library towards even smaller code size and/or faster execution. As most of such
modifications affect size and speed, they are described in unison.
3.1.
Removal of Command Marshaling Layer
This modification achieves the maximum reduction of code size, but removing the command marshaling
layer may require more than cursory familiarity with the library. It does not need any modifications of the
library code.
3.2.
Removal of Communication Layer
This modification probably achieves the maximum of a combined reduction of code size and increase in
speed, but at the expense of communication robustness and ease of use. It does not need any
modifications of the library code. Without the presence of the communication layer, an application has to
provide the CRC for commands it is sending and for evaluating the status byte in the response. The
application can still use any definitions contained it might need in aes132_comm.h, such as the codes for
the response status byte.
There are other ways to reduce code size and increase the speed of the communication layer. It is either
possible to remove the CRC check on responses or disable retries by setting
AES132_RETRY_COUNT_ERROR and AES132_RETRY_COUNT_RESYNC in aes132_comm.h to zero.
3.3.
I2C Interface Using GPIO aka "bit-bang" Instead of I2C Hardware
Usually, the maximum I2C frequency supported by an I2C hardware is 400kHz. When implemented on a
fast processor, the I2C bit-bang can be chosen over I2C hardware to allow the I2C frequency to be more
than 400kHz. The maximum I2C frequency which can be reached by using the bit-bang method depends
on the CPU clock, GPIO pin sink current, and I2C pull-up resistor value.
Note: Although the bit-bang implementation can reach a higher frequency, the maximum I2C frequency
supported by the ATAES132A device is 1Mhz; therefore, the I2C bit-bang frequency should not be set to
be higher than 1Mhz.
A theory and example code for I2C bit-bang implementation on AVR microcontroller is described in the
application note, “Atmel AVR156: TWI Master Bit Bang Driver” located at www.atmel.com/Images/
doc42010.pdf.
Atmel ATAES132A Firmware Development Library [USER GUIDE]
Atmel-8759A-CryptoAuth-ATAES132A-FW-Dev-Library_User Guide-01/2016
9
4.
Revision History
Doc. Rev.
Date
A
01/2016
Comments
Initial document release.
Atmel ATAES132A Firmware Development Library [USER GUIDE]
Atmel-8759A-CryptoAuth-ATAES132A-FW-Dev-Library_User Guide-01/2016
10
Atmel Corporation
©
1600 Technology Drive, San Jose, CA 95110 USA
T: (+1)(408) 441.0311
F: (+1)(408) 436.4200
|
www.atmel.com
2016 Atmel Corporation. / Rev.: Atmel-8759A-CryptoAuth-ATAES132A-FW-Dev-Library_User Guide-01/2016
®
®
™
®
Atmel , Atmel logo and combinations thereof, Enabling Unlimited Possibilities , CryptoAuthentication , Studio and others are registered trademarks or trademarks
®
®
®
of Atmel Corporation in U.S. and other countries. ARM , ARM Connected logo, Cortex , and others are the registered trademarks or trademarks of ARM Ltd. Other
terms and product names may be trademarks of others.
DISCLAIMER: The information in this document is provided in connection with Atmel products. No license, express or implied, by estoppel or otherwise, to any
intellectual property right is granted by this document or in connection with the sale of Atmel products. EXCEPT AS SET FORTH IN THE ATMEL TERMS AND
CONDITIONS OF SALES LOCATED ON THE ATMEL WEBSITE, ATMEL ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED
OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL ATMEL BE LIABLE FOR ANY DIRECT, INDIRECT,
CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS AND PROFITS, BUSINESS
INTERRUPTION, OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF ATMEL HAS BEEN ADVISED
OF THE POSSIBILITY OF SUCH DAMAGES. Atmel makes no representations or warranties with respect to the accuracy or completeness of the contents of this
document and reserves the right to make changes to specifications and products descriptions at any time without notice. Atmel does not make any commitment to
update the information contained herein. Unless specifically provided otherwise, Atmel products are not suitable for, and shall not be used in, automotive
applications. Atmel products are not intended, authorized, or warranted for use as components in applications intended to support or sustain life.
SAFETY-CRITICAL, MILITARY, AND AUTOMOTIVE APPLICATIONS DISCLAIMER: Atmel products are not designed for and will not be used in connection with any
applications where the failure of such products would reasonably be expected to result in significant personal injury or death (“Safety-Critical Applications”) without
an Atmel officer's specific written consent. Safety-Critical Applications include, without limitation, life support devices and systems, equipment or systems for the
operation of nuclear facilities and weapons systems. Atmel products are not designed nor intended for use in military or aerospace applications or environments
unless specifically designated by Atmel as military-grade. Atmel products are not designed nor intended for use in automotive applications unless specifically
designated by Atmel as automotive-grade.
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement