diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..770a76d10 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,29 @@ +# Security Policy + +We take the security of cryptoauthlib very seriously. Please submit security vulnerabilities to +the Microchip Product Security Incident Response Team (PSIRT) which is responsible for receiving +and responding to reports of potential security vulnerabilities in our products, as well as in +any related hardware, software, firmware, and tools. Please see below for instructions on how +to submit your report. + +## Supported Versions + +The previous API version is maintained for a year after a new version is released. + +| Version | Supported | Notes | +| ------- | ------------------ | ----- | +| 3.3.x | :heavy_check_mark: | | +| 3.2.x | :heavy_check_mark: | Security updates until January 2022 | +| < 3.2 | :x: | | + +## Reporting a Vulnerability + +[How to Report Potential Product Security Vulnerabilities](https://www.microchip.com/design-centers/embedded-security/how-to-report-potential-product-security-vulnerabilities) + +Once a report is received, the PSIRT will take the necessary steps to review the issue +and determine what actions might be required to address any potential impacts to our products. +Microchip PSIRT follows a coordinated vulnerability responsible disclosure policy that is available +for review. + +Please use the above instructions to securely submit your findings - We ask that you refrain from +reporting vulnerabilties through the public github issues system. diff --git a/harmony/config/test_app.py b/harmony/config/test_app.py index 4147d2d21..ec6cc7240 100644 --- a/harmony/config/test_app.py +++ b/harmony/config/test_app.py @@ -27,7 +27,7 @@ fileSymbolName = "CAL_FILE_SRC_TEST_" numFileCntr = 0 -_TEST_PATHS = ['atcacert/*', 'jwt/*', 'api_atcab/*', 'api_calib/*', 'api_crypto', 'api_talib/*', 'vectors/*'] +_TEST_PATHS = ['atcacert/*', 'jwt/*', 'api_atcab/*', 'api_calib/*', 'api_crypto/*', 'api_talib/*', 'vectors/*'] _TEST_SOURCES = ['atca_crypto_sw_tests.c', 'atca_test.c', 'atca_test_config.c', 'atca_test_console.c', 'atca_utils_atecc608.c', 'cmd-processor.c'] _TEST_HEADERS = ['atca_crypto_sw_tests.h', 'atca_test.h', 'cbuf.h', 'cmd-processor.h'] diff --git a/python/cryptoauthlib/atcab.py b/python/cryptoauthlib/atcab.py index 4d082aca7..798d58ad4 100644 --- a/python/cryptoauthlib/atcab.py +++ b/python/cryptoauthlib/atcab.py @@ -31,7 +31,8 @@ class atca_aes_cbc_ctx(Structure): """AES CBC Context""" - _fields_ = [("key_id", c_uint16), + _fields_ = [("device", c_void_p), + ("key_id", c_uint16), ("key_block", c_uint8), ("ciphertext", c_char*16)]