[Microchip TA-100] Fix port + update to cryptoauthlib v3.6.0

[danielinux]

Description

Rework of TA-100 support to match cryptoauthlib v3.6.0's API. AES-GCM now working.

Fixes zd#20640

Testing

Used wolfDemo board (STM32U585) + TA100 mikrobus module.

Test log (with verbose TA-100 interactions) attached.

test_12a16e6cc.log

[Copilot]

Pull request overview

Copilot reviewed 19 out of 19 changed files in this pull request and generated 11 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[dgarske]

Jenkins retest this please.

[dgarske]

Jenkins retest this please

[dgarske]

@danielinux Please rebase and squash this. Hopefully that will resolve things.

[dgarske]

@tmael can you please help get this PR rebased, merge conflicts resolved and ready for merge? This work has been lingering for way too long.

[Copilot]

Copilot was unable to review this pull request because the user who requested the review is ineligible. To be eligible to request a review, you need a paid Copilot license, or your organization must enable Copilot code review.

[Copilot]

Copilot was unable to review this pull request because the user who requested the review is ineligible. To be eligible to request a review, you need a paid Copilot license, or your organization must enable Copilot code review.

[Copilot]

Copilot was unable to review this pull request because the user who requested the review is ineligible. To be eligible to request a review, you need a paid Copilot license, or your organization must enable Copilot code review.

[dgarske]

Unrecognized macros used (new macros not registered in .wolfssl_known_macro_extras):

ATCA_HAL_I2C
ATCA_TFLEX_SUPPORT
ATECC_DEV_TYPE
TA100_ECC_TRACE
WOLFSSL_MANUALLY_SELECT_DEVICE_CONFIG
WOLFSSL_MICROCHIP_AESGCM
WOLFSSL_NO_DEL_HANDLE

Fix: Update .wolfssl_known_macro_extras in the PR branch:

[Copilot]

Pull request overview

Copilot reviewed 18 out of 18 changed files in this pull request and generated 12 comments.

Comments suppressed due to low confidence (2)

wolfcrypt/src/port/atmel/atmel.c:482

• The slot availability check is incorrect: mSlotList[slotId] != ATECC_INVALID_SLOT && mSlotList[slotId] != slotId will treat an already-allocated slot (where mSlotList[slotId] == slotId) as available and re-allocate it. This can lead to multiple keys sharing the same hardware slot. The check should reject any slot where mSlotList[slotId] != ATECC_INVALID_SLOT (unless you’re using a different sentinel scheme).

        /* is slot available */
        if (mSlotList[slotId] != ATECC_INVALID_SLOT &&
            mSlotList[slotId] != slotId ) {
            slotId = ATECC_INVALID_SLOT;
        }
        else {
            mSlotList[slotId] = slotId;
        }

wolfcrypt/src/port/atmel/atmel.c:1724

• ATCA_STATUS status is declared only inside #ifdef WOLFSSL_ATECC_TNGTLS, but it’s also used in the #ifdef WOLFSSL_ATECC_TFLXTLS block below. Building with TFLXTLS enabled (without TNGTLS) will fail to compile due to status being undeclared. Declare status at the function scope (or within each branch that uses it).

#ifdef WOLFSSL_ATECC_TFLXTLS
    /* MAKE SURE TO COPY YOUR CUSTOM CERTIFICATE FILES UNDER CAL/tng
     * Verify variable names, here below the code uses typical tflxtls
     *  proto example.
     *
     * g_cert_def_1_signer
     * g_cert_ca_public_key_1_signer
     * g_cert_def_3_device
     */

    status = atcacert_read_cert(&g_cert_def_1_signer,
                            (const uint8_t*)g_cert_ca_public_key_1_signer,
                            signerBuffer, &signerCertSize);
    if (status != ATCA_SUCCESS) {

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

ATMEL_SLOT_ECDHE_ALICE/ATMEL_SLOT_ECDHE_BOB return fixed slot IDs but are not marked as reserved/allocated in mSlotList. This allows ATMEL_SLOT_ANY allocations to potentially reuse the same slot IDs, causing slot collisions. Consider reserving these slots in mSlotList during init (or marking them as allocated in this switch case) so they can’t be returned by ATMEL_SLOT_ANY while in use.

Suggested change

	/* not reserved in mSlotList, so return */
	slotId = ATECC_SLOT_ECDHE_PRIV_ALICE;
	goto exit;
	case ATMEL_SLOT_ECDHE_BOB:
	/* not reserved in mSlotList, so return */
	slotId = ATECC_SLOT_ECDHE_PRIV_BOB;
	goto exit;
	/* use fixed slot and reserve it in mSlotList */
	slotId = ATECC_SLOT_ECDHE_PRIV_ALICE;
	break;
	case ATMEL_SLOT_ECDHE_BOB:
	/* use fixed slot and reserve it in mSlotList */
	slotId = ATECC_SLOT_ECDHE_PRIV_BOB;
	break;

[Copilot]

atmel_ecc_create_key() already applies MAP_TO_HANDLE() internally. Passing MAP_TO_HANDLE(slotId) here will double-map TA100 handles (e.g., 0x8006 + (0x8006 + slotId)), causing invalid handles and keygen failures on TA100. Pass the raw slotId instead and let the callee perform the mapping once.

Suggested change

	ret = atmel_ecc_create_key(MAP_TO_HANDLE(slotId), ecc_curve, peerKey);
	ret = atmel_ecc_create_key(slotId, ecc_curve, peerKey);

[Copilot]

Same double-mapping issue as in atcatls_create_key_cb: atmel_ecc_create_key() maps slot IDs internally, so passing MAP_TO_HANDLE(slotId) will produce an invalid TA100 handle. Pass slotId directly.

Suggested change

	ret = atmel_ecc_create_key(MAP_TO_HANDLE(slotId), otherKey->dp->id,
	peerKey);
	ret = atmel_ecc_create_key(slotId, otherKey->dp->id, peerKey);

[Copilot]

There are two consecutive #endif /* ATCA_TFLEX_SUPPORT */ lines closing the same #ifdef ATCA_TFLEX_SUPPORT block, which will break preprocessing/compilation (extra #endif). Remove the extra #endif or correct the guard structure.

Suggested change

#endif /* ATCA_TFLEX_SUPPORT */

[Copilot]

Calling talib_lock_setup() here will permanently lock the device setup zone as a side effect of setting an AES key. That’s a high-risk, potentially irreversible operation that applications likely don’t expect from wc_AesSetKey. Consider removing this, gating it behind an explicit opt-in macro/API, or at least failing with a clear error telling users they must lock setup themselves as part of provisioning.

Suggested change

	/* Test if data zone is locked */
	status = talib_is_setup_locked(atcab_get_device(), &is_locked);
	if (!is_locked) {
	status = talib_lock_setup(atcab_get_device());
	CHECK_STATUS(status);
	/* Test if setup (data) zone is locked */
	status = talib_is_setup_locked(atcab_get_device(), &is_locked);
	CHECK_STATUS(status);
	if (!is_locked) {
	#ifdef WOLFSSL_TA100_AUTO_LOCK_SETUP
	/* Optionally auto-lock setup zone if explicitly enabled */
	status = talib_lock_setup(atcab_get_device());
	CHECK_STATUS(status);
	#else
	/* Require caller/provisioning flow to lock setup explicitly */
	return WC_HW_E;
	#endif

[Copilot]

uKey is hard-coded to TA_KEY_TYPE_RSA2048_SIZE. If the build selects RSA-3072 (see the WOLFSSL_TA_KEY_TYPE_RSA* macros in atmel.h), this buffer will be too small and can lead to memory corruption. Use the selected size macro (e.g., WOLFSSL_TA_KEY_TYPE_RSA_SIZE) or otherwise enforce RSA-2048-only at compile time for TA100 RSA.

[Copilot]

This assumes any TA100 handle implies a 2048-bit key (sig_len = 256). If TA100 RSA ever supports 3072 (and the build selects it), this will return the wrong size and can break callers that size output buffers based on this. Prefer deriving the size from the active TA100 RSA type/size macro (or from the key’s metadata) rather than hardcoding 256.

Suggested change

	#if defined(WOLFSSL_MICROCHIP_TA100)
	if (sig_len <= 0) {
	const RsaKey* r = (const RsaKey*)key;
	/* TA100 handles imply a 2048-bit RSA key. */
	if (r->rKeyH != 0 || r->uKeyH != 0) {
	sig_len = 256;
	}
	}
	#endif

[Copilot]

This section says TA100 AES-GCM support is “not yet available” even for cryptoauthlib v3.6.0, but the PR description states AES-GCM is now working with v3.6.0. Please update this wording to reflect the current state (and clarify any remaining limitations like max AAD+data size, required IV/tag sizes, etc.).

Suggested change

	WOLFSSL_MICROCHIP_AESGCM can be used to enable AES-GCM but
	AESGCM support is not yet available for TA100 in both
	cryptauthlib-v3.3.3_397871.zip and cryptauthlib-v3.6.0_443271.zip.
	WOLFSSL_MICROCHIP_AESGCM can be used to enable AES-GCM for TA100 when
	building against CryptoAuthLib version v3.6.0_443271 (or later). AES-GCM
	is not supported for TA100 with cryptauthlib-v3.3.3_397871.zip. When using
	TA100 AES-GCM, the current implementation requires a 12-byte IV and a
	16-byte authentication tag, and the total size of AAD plus plaintext data
	per operation is limited by the TA100 hardware interface (typically up to
	4096 bytes).

[Copilot]

--with-cryptoauthlib only performs library detection and doesn’t enable any Microchip backend macros anymore. This means users can pass --with-cryptoauthlib and still end up without WOLFSSL_ATECC* / WOLFSSL_MICROCHIP_TA100 enabled (and no port code compiled). Consider erroring out when --with-cryptoauthlib is used without --enable-microchip=..., or explicitly document that both flags are required.

Suggested change

	AS_IF([test "x$with_cryptoauthlib" != "xno"], [
	AS_IF([test "x$with_cryptoauthlib" != "xno"], [
	AS_IF([test "x$ENABLED_ATMEL" = "xno"], [
	AC_MSG_ERROR([--with-cryptoauthlib requires --enable-microchip=<devices>. Please re-run configure with --enable-microchip=508,608,100 or appropriate devices.])
	])

[Copilot]

In the pkg-config path, CRYPTOAUTHLIB_LIBS is appended to both LDFLAGS and LIBS. Since *_LIBS commonly contains -l... entries, putting it into LDFLAGS is non-standard and can cause duplicated/incorrect linker flags downstream. Prefer appending CRYPTOAUTHLIB_LIBS only to LIBS and leaving LDFLAGS for -L.../linker flags.

Suggested change

LDFLAGS="$CRYPTOAUTHLIB_LIBS $LDFLAGS"

[tmael]

Jenkins retest this please.