Release v3.7.8 (20250505)

Author: Srinivas-E

CMakeLists.txt

@@ -1,11 +1,11 @@
-cmake_minimum_required(VERSION 3.10.0)
+cmake_minimum_required(VERSION 3.20.0)
 project (cryptoauthlib C)
 
 # Set the current release version
-set(VERSION "3.7.7")
+set(VERSION "3.7.8")
 set(VERSION_MAJOR 3)
 set(VERSION_MINOR 7)
-set(VERSION_PATCH 7)
+set(VERSION_PATCH 8)
 
 # Build Options
 option(BUILD_TESTS "Create Test Application with library" OFF)

app/tng/tng_atcacert_client.c

@@ -39,6 +39,7 @@ int tng_atcacert_max_device_cert_size(size_t* max_cert_size)
     int ret = ATCACERT_E_WRONG_CERT_DEF;
     int index = 0;
     size_t cert_size = 0;
+    size_t current_max_cert_size = 0;
     const atcacert_def_t* cert_def;
 
     if (NULL != max_cert_size)
@@ -50,13 +51,14 @@ int tng_atcacert_max_device_cert_size(size_t* max_cert_size)
             if (NULL != cert_def)
             {
                 ret = atcacert_max_cert_size(cert_def, &cert_size);
-                if (ATCACERT_E_SUCCESS == ret)
+                if (ATCACERT_E_SUCCESS != ret)
                 {
-                    *max_cert_size = cert_size;
+                    break;
                 }
-                else
+
+                if (cert_size > current_max_cert_size)
                 {
-                    break;
+                    current_max_cert_size = cert_size;
                 }
 
                 if (index < INT_MAX)
@@ -70,6 +72,11 @@ int tng_atcacert_max_device_cert_size(size_t* max_cert_size)
                 }
             }
         } while ((NULL != cert_def) && (ret == ATCACERT_E_SUCCESS));
+
+        if (ret == ATCACERT_E_SUCCESS)
+        {
+            *max_cert_size = current_max_cert_size;
+        }
     }
 
     return ret;
@@ -165,19 +172,13 @@ int tng_atcacert_read_signer_cert(uint8_t* cert, size_t* cert_size)
 {
     int ret;
     const atcacert_def_t* cert_def = NULL;
-    uint8_t* ca_public_key = NULL;
-    cal_buffer ca_pubkey = CAL_BUF_INIT(ATCA_ECCP256_PUBKEY_SIZE, NULL);
+    const cal_buffer ca_public_key = cal_buf_init_const_ptr(ATCA_ECCP256_PUBKEY_SIZE, &g_cryptoauth_root_ca_002_cert[CRYPTOAUTH_ROOT_CA_002_PUBLIC_KEY_OFFSET]);
 
     ret = tng_get_device_cert_def(&cert_def);
     if (ATCA_SUCCESS == ret)
     {
         cert_def = cert_def->ca_cert_def;
-
-        // Get the CA (root) public key
-        ca_public_key = &g_cryptoauth_root_ca_002_cert[CRYPTOAUTH_ROOT_CA_002_PUBLIC_KEY_OFFSET];
-
-        ca_pubkey.buf = ca_public_key;
-        ret = atcacert_read_cert(cert_def, &ca_pubkey, cert, cert_size);
+        ret = atcacert_read_cert(cert_def, &ca_public_key, cert, cert_size);
     }
 
     return ret;

cryptoauthlib-manual.pdf

@@ -402,6 +402,11 @@ def instantiateComponent(calComponent):
     calDebugPrint.setLabel("Enable Debug Print?")
     calDebugPrint.setVisible(True)
 
+    calEnableCheckParams = calComponent.createBooleanSymbol("CAL_ENABLE_CHECK_PARAMS", None)
+    calEnableCheckParams.setLabel("Enable Check Params?")
+    calEnableCheckParams.setVisible(True)
+    calEnableCheckParams.setDefaultValue(True)
+
     calPreprocessorWarning = calComponent.createBooleanSymbol("CAL_ENABLE_PREPROCESSOR_WARNING", None)
     calPreprocessorWarning.setLabel("Enable Preprocessor Warning?")
     calPreprocessorWarning.setVisible(True)

harmony/config/cryptoauthlib.py

@@ -53,6 +53,13 @@
 #endif
 </#if>
 
+/** Define if the library is not to use malloc/free */
+<#if CAL_ENABLE_CHECK_PARAMS == false>
+        <#lt>#define ATCA_CHECK_PARAMS_EN               (FEATURE_DISABLED)
+<#else>
+        <#lt>#define ATCA_CHECK_PARAMS_EN               (FEATURE_ENABLED)
+</#if>
+
 /** Symmetric Commands Configurations */
 
 /* AES Command */
@@ -530,8 +537,8 @@
 #define PLIB_I2C_TRANSFER_SETUP I2C_TRANSFER_SETUP
 </#if>
 
-typedef bool (* atca_i2c_plib_read)( uint16_t, uint8_t *, ${size_var} );
-typedef bool (* atca_i2c_plib_write)( uint16_t, uint8_t *, ${size_var} );
+typedef bool (* atca_i2c_plib_read)( uint16_t address, uint8_t * data, ${size_var} datalen);
+typedef bool (* atca_i2c_plib_write)( uint16_t address, uint8_t * data, ${size_var} datalen);
 typedef bool (* atca_i2c_plib_is_busy)( void );
 typedef PLIB_I2C_ERROR (* atca_i2c_error_get)( void );
 typedef bool (* atca_i2c_plib_transfer_setup)(PLIB_I2C_TRANSFER_SETUP* setup, uint32_t srcClkFreq);
@@ -550,8 +557,8 @@ typedef struct atca_plib_i2c_api
 
 <#if plib_info[plib_info?size-1] == "spi">
 <#if is_atca_plib_spi_exists == "False">
-typedef bool (* atca_spi_plib_read)( void * , size_t );
-typedef bool (* atca_spi_plib_write)( void *, size_t );
+typedef bool (* atca_spi_plib_read)( void * data, size_t datalen);
+typedef bool (* atca_spi_plib_write)( void * data, size_t datalen);
 typedef bool (* atca_spi_plib_is_busy)( void );
 typedef void (* atca_spi_plib_select)(uint32_t pin, bool value);
 
@@ -597,8 +604,8 @@ typedef struct atca_plib_spi_api
 #define PLIB_SWI_EVENT             USART_EVENT
 </#if>
 
-typedef size_t (* atca_uart_plib_read)( uint8_t *, const size_t );
-typedef size_t (* atca_uart_plib_write)( uint8_t *, const size_t );
+typedef size_t (* atca_uart_plib_read)( uint8_t * data, const size_t datalen);
+typedef size_t (* atca_uart_plib_write)( uint8_t * data, const size_t datalen);
 typedef PLIB_SWI_ERROR (* atca_uart_error_get)( void );
 typedef bool (* atca_uart_plib_serial_setup)(PLIB_SWI_SERIAL_SETUP* , uint32_t );
 typedef size_t (* atca_uart_plib_readcount_get)( void );

harmony/templates/atca_config.h.ftl

@@ -154,16 +154,16 @@ void _delay_cycles(void *const hw, uint32_t cycles)
 /**
  * \brief Perform delay in us
  */
-void hal_delay_us(const uint32_t us)
+void hal_delay_us(uint32_t delay)
 {
-    uint32_t cycles = (GET_CYCLES_FOR_US_INTERNAL(us,CONF_CPU_FREQUENCY));
+    uint32_t cycles = (GET_CYCLES_FOR_US_INTERNAL(delay,CONF_CPU_FREQUENCY));
     DELAY_CYCLES_US(cycles);
 }
 
 /**
  * \brief Perform delay in ms
  */
-void hal_delay_ms(const uint32_t ms)
+void hal_delay_ms(uint32_t delay)
 {
-    _delay_cycles((void*)0,(_get_cycles_for_ms(ms)/ MS_CYCLE_COUNT_DIVIDER));
+    _delay_cycles((void*)0,(_get_cycles_for_ms(delay)/ MS_CYCLE_COUNT_DIVIDER));
 }

harmony/templates/hal_cortex_m_delay.c.ftl

@@ -1,4 +1,4 @@
-cmake_minimum_required(VERSION 3.10.0)
+cmake_minimum_required(VERSION 3.20.0)
 project(cryptoauth C)
 
 include(CheckSymbolExists)
@@ -18,6 +18,7 @@ option(ATCA_JWT_EN "Enable jwt functionality")
 option(ATCA_PKCS11 "Build PKCS11 Library")
 option(ATCA_BUILD_SHARED_LIBS "Build CryptoAuthLib as shared library" ON)
 option(ATCA_NO_HEAP "Do not use dynamic (heap) allocation functions" OFF)
+option(ATCA_CHECK_PARAMS_EN "Check parameters" ON)
 option(ATCA_USE_ATCAB_FUNCTIONS "Build the atcab_ api functions rather than using macros" OFF)
 option(ATCA_ENABLE_DEPRECATED "Enable the use of older APIs that that been replaced" OFF)
 option(ATCA_STRICT_C99 "Enable strict C99 compliance for the libray" OFF)
@@ -327,6 +328,10 @@ include_directories(cryptoauth PUBLIC ${CMAKE_CURRENT_BINARY_DIR}
                                       ../third_party/hidapi/hidapi
                                       ${USB_INCLUDE_DIR})
 
+if(APPLE)
+include_directories(cryptoauth PUBLIC ../third_party/hidapi/mac) 
+endif()
+
 if(ATCA_MBEDTLS)
 target_link_libraries(cryptoauth mbedtls)
 endif()

lib/CMakeLists.txt

@@ -37,6 +37,10 @@
 #endif
 #endif
 
+#ifdef __COVERITY__
+#pragma coverity compliance block deviate "MISRA C-2012 Rule 8.4" "The object prototype is defined "
+#endif
+
 SHARED_LIB_EXPORT ATCADevice g_atcab_device_ptr = NULL;
 
 #ifdef ATCA_NO_HEAP
@@ -4629,3 +4633,7 @@ ATCA_STATUS atcab_write_config_counter(uint16_t counter_id, uint32_t counter_val
     return status;
 }
 #endif /* ATCAB_WRITE_CONFIG_BYTES_ZONE */
+
+#ifdef __COVERITY__
+#pragma coverity compliance end_block "MISRA C-2012 Rule 8.4"
+#endif

lib/atca_basic.c

@@ -88,6 +88,10 @@
 #define SHARED_LIB_IMPORT       extern
 #endif
 
+#ifdef __APPLE__
+#define ATCA_VECTOR_NO_PRAGMA_PACK
+#endif
+
 //#elif defined(__ICC) || defined(__INTEL_COMPILER)
 /* Intel ICC/ICPC. ------------------------------------------ */
 
@@ -139,6 +143,9 @@
 #define SHARED_LIB_IMPORT       extern
 #endif
 
+#ifdef __APPLE__
+#define ATCA_VECTOR_NO_PRAGMA_PACK
+#endif
 
 //#elif defined(__HP_cc) || defined(__HP_aCC)
 /* Hewlett-Packard C/aC++. ---------------------------------- */

lib/atca_compiler.h

@@ -60,6 +60,9 @@ selected plus however additional slots one would like */
 /** Enable preprocessor warning messages */
 #cmakedefine01 ATCA_PREPROCESSOR_WARNING
 
+/** Enable check params */
+#cmakedefine01 ATCA_CHECK_PARAMS_EN
+
 /** Enable jwt functionality */
 #cmakedefine ATCA_JWT_EN
 

lib/atca_config.h.in

@@ -70,10 +70,12 @@ struct atca_device
 
 typedef struct atca_device * ATCADevice;
 
-ATCA_STATUS initATCADevice(ATCAIfaceCfg* cfg, ATCADevice ca_dev);
+#ifdef ATCA_HEAP
 ATCADevice newATCADevice(ATCAIfaceCfg *cfg);
-ATCA_STATUS releaseATCADevice(ATCADevice ca_dev);
 void deleteATCADevice(ATCADevice *ca_dev);
+#endif
+ATCA_STATUS initATCADevice(ATCAIfaceCfg* cfg, ATCADevice ca_dev);
+ATCA_STATUS releaseATCADevice(ATCADevice ca_dev);
 
 ATCAIface atGetIFace(ATCADevice dev);
 

lib/atca_device.h

@@ -905,6 +905,7 @@ size_t atcab_pointer_delta(const void* start, const void* end)
     }
     else
     {
+        /* coverity[misra_c_2012_rule_10_8_violation:FALSE] The code is intended to measure the difference between `start` and `end` addresses in bytes, which is a legitimate use of pointer casting for arithmetic */
         return (size_t)((const uint8_t*)start - (const uint8_t*)end);
     }
 }

lib/atca_helpers.c

@@ -48,6 +48,8 @@ extern "C" {
 #define IS_MUL_SAFE_UINT64_T(a,b)       ((((a)  <= UINT64_MAX / (b))) ? true : false)
 #define IS_MUL_SAFE_SIZE_T(a,b)         ((((a)  <= SIZE_MAX   / (b))) ? true : false)
 
+#define ABS_VAL(x)                      (((x) < 0) ? -(x) : (x))
+
 ATCA_STATUS atcab_bin2hex(const uint8_t* bin, size_t bin_size, char* hex, size_t* hex_size);
 ATCA_STATUS atcab_bin2hex_(const uint8_t* bin, size_t bin_size, char* hex, size_t* hex_size, bool is_pretty, bool is_space, bool is_upper);
 ATCA_STATUS atcab_hex2bin(const char* ascii_hex, size_t ascii_hex_len, uint8_t* binary, size_t* bin_len);

lib/atca_helpers.h

@@ -210,7 +210,9 @@ typedef struct atca_iface
 
 ATCA_STATUS initATCAIface(ATCAIfaceCfg *cfg, ATCAIface ca_iface);
 ATCA_STATUS releaseATCAIface(ATCAIface ca_iface);
+#ifdef ATCA_HEAP
 void deleteATCAIface(ATCAIface *ca_iface);
+#endif
 
 #if defined(ATCA_HEAP) && defined(ENABLE_NEWATCAIFACE)
 ATCAIface newATCAIface(ATCAIfaceCfg *cfg);

lib/atca_iface.h

@@ -30,9 +30,9 @@
 #define ATCA_VERSION_H
 
 // Version format yyyymmdd
-#define ATCA_LIBRARY_VERSION_DATE   "20250210"
+#define ATCA_LIBRARY_VERSION_DATE   "20250505"
 #define ATCA_LIBRARY_VERSION_MAJOR  3
 #define ATCA_LIBRARY_VERSION_MINOR  7
-#define ATCA_LIBRARY_VERSION_BUILD  7
+#define ATCA_LIBRARY_VERSION_BUILD  8
 
 #endif /* ATCA_VERSION_H */

lib/atca_version.h

@@ -1361,7 +1361,9 @@ ATCA_STATUS atcacert_date_dec_compcert_ext(const uint8_t            comp_cert[AT
         issue_date->tm_year = (int)((uint8_t)((((comp_cert[64] & (uint8_t)0xF8u) >> 3u)) + 100u));
         expire_years = (comp_cert[66] & (uint8_t)0x1F);
     }
-    issue_date->tm_mon = (int)((uint8_t)((uint8_t)((((comp_cert[64] & (uint8_t)0x07) << 1u) | ((comp_cert[65] & (uint8_t)0x80) >> 7u)) - 1u)) & 0x0Fu);
+    /* coverity[cert_int31_c_violation] value of tm_mon within range */
+    /* coverity[misra_c_2012_rule_10_8_violation] tm_mon is known to be a positive value within range */
+    issue_date->tm_mon = (int)((uint8_t)((uint8_t)((uint8_t)(((comp_cert[64] & (uint8_t)0x07) << 1u) | ((comp_cert[65] & (uint8_t)0x80) >> 7u)) - 1u)) & 0x0Fu);
     issue_date->tm_mday = (int)((uint8_t)((comp_cert[65] & (uint8_t)0x7C) >> 2u));
     issue_date->tm_hour = (int)((uint8_t)(((comp_cert[65] & (uint8_t)0x03) << 3u) | ((comp_cert[66] & (uint8_t)0xE0) >> 5u)));