search

MicrochipTech / cryptoauth-openssl-engine

DEPRECATED: Use https://github.com/MicrochipTech/cryptoauthlib/wiki/PKCS11-Linux-Setup
Other
76 stars 49 forks source link

not able to execute GET_DEVICE_CERT and GET_SIGNER_CERT #30

Open mimmoLinino opened 5 years ago

mimmoLinino commented 5 years ago

I'am using the crypto chip ATECC508 connected to a RPI3 compute module using I2C interface. Running the test tool I was able to PASS all of them, but if I try to use openssl to get the certificate I have a failure. I debugged a little bit where the error happened and I discovered that it is on:

OpenSSL> engine -t dynamic -pre SO_PATH:./ateccx08.so -pre LIST_ADD:1 -pre ID:ateccx08 -pre LOAD (dynamic) Dynamic engine loading support

$$eccx08_engine.c:307:bind_helper(): Entered $$eccx08_ecdsa_sign.c:373:eccx08_ecdsa_init(): Entered $$eccx08_eckey_meth.c:1072:eccx08_pkey_meth_init(): Entered $$eccx08_engine.c:410:bind_helper(): Succeeded

Loaded: (ateccx08) Microchip ATECCx08 Engine $$eccx08_engine.c:248:eccx08_init(): Entered $$eccx08_cert.c:163:eccx08_cert_init(): Entered $$eccx08_cert.c:128:eccx08_cert_copy(): Entered $$eccx08_cert.c:66:eccx08_cert_new(): Entered $$eccx08_cert.c:128:eccx08_cert_copy(): Entered $$eccx08_cert.c:66:eccx08_cert_new(): Entered $$eccx08_cert.c:128:eccx08_cert_copy(): Entered $$eccx08_cert.c:66:eccx08_cert_new(): Entered [ available ] $$eccx08_engine.c:280:eccx08_finish(): Entered $$eccx08_cert.c:182:eccx08_cert_cleanup(): Entered $$eccx08_cert.c:100:eccx08_cert_free(): Entered $$eccx08_cert.c:100:eccx08_cert_free(): Entered $$eccx08_cert.c:100:eccx08_cert_free(): Entered $$eccx08_ecdsa_sign.c:403:eccx08_ecdsa_cleanup(): Entered $$eccx08_eckey_meth.c:1106:eccx08_pkey_meth_cleanup(): Entered OpenSSL> engine ateccx08 -t -post GET_SIGNER_CERT:./signer.der (ateccx08) Microchip ATECCx08 Engine $$eccx08_engine.c:248:eccx08_init(): Entered $$eccx08_cert.c:163:eccx08_cert_init(): Entered $$eccx08_cert.c:128:eccx08_cert_copy(): Entered $$eccx08_cert.c:66:eccx08_cert_new(): Entered $$eccx08_cert.c:128:eccx08_cert_copy(): Entered $$eccx08_cert.c:66:eccx08_cert_new(): Entered $$eccx08_cert.c:128:eccx08_cert_copy(): Entered $$eccx08_cert.c:66:eccx08_cert_new(): Entered [ available ] $$eccx08_cmd_defns.c:372:eccx08_cmd_ctrl(): Entered $$eccx08_cmd_defns.c:110:get_cert(): ./signer.der cert:0x1992a40 sign:0x7e9fa181 $$eccx08_engine.c:79:eccx08_global_lock(): About to lock mutex in global_lock $$eccx08_cmd_defns.c:144:get_cert(): Load puiblic key status: 0 signer:0 $$eccx08_cmd_defns.c:144:get_cert(): Load puiblic key status: 0 signer:0 atcacert_def.c:1380 atcacert_set_comp_cert(): tid 1:1 cid 0:0 source 9:0 atcacert_def.c:425: Read certificate status: 0xb $$eccx08_cmd_defns.c:151:get_cert(): Read certificate status: 0xb $$eccx08_cmd_defns.c:163:get_cert(): Failure: 0xb

I added some printf to report the specific point where the error ATCACERT_E_WRONG_CERT_DEF happen and it seems a difference on the source expected. The test using cio runs fine without any issue. Any help or suggestion?

MasoudShiroei commented 2 years ago

I have the same problem. Did you find the solution?