RuntimeError: CRC Mismatch / ATECC608A not reachable via I2C anymore #16
Labels
bug
Something isn't working
Comments
|
TLDR: Chip is working. I needed to modify adafruit_atecc.py:150 from 0x60 to 0x10 so that the ATECC608a gets detected again, After a lengthy but insightful troubleshooting session I've got access to the ATECC608a. IMHO hours well spent as getting familiar with these secure elements was the main idea of tinkering with them. Steps I did:
Findings:
|
|
|
|
Reproduced the same output with latest Circuit Python, Adafruit Metro M4 Airlift board and a fresh ATECC608A (I2C version!) from another,reputable microchip vendor. As the I2C connection is now made with a microcontroller that has no pullup resistors on the board, I use 2x 4k7 R to pullup SCL and SDA lines to 3V3. Using code from https://learn.adafruit.com/adafruit-atecc608-breakout/python-circuitpython Excact same behaviour :-( After reboot of the Metro M4, the ATECC608A is not recognizeable anymore... Running CircuitPython demo - I2C scan yields no devices on the I2C bus. |
|
As with the tests on Raspberry Pi 2, I needed to change the address of my ATECC608A device in Looking into the ATECC508A Complete Datasheet, I found the information of how to determine the device address and the configuration byte: Now the devices also get recognized on my Adafruit METRO M4 Airlift Lite. And the second device behaves the same: The CRC error when reading the certificate signing request from the microchip however remains... |
|
I've initialized yet another ATECC608A (running short now) with the sample config from With that config, I can work with the Adafruit CircuitPython ATECC library and atecc-util without any isues. I've dumped both configs for easy comparison. According to the datasheet, byte 16 is the I2C address.
It seems that this adress can be changed one more time also when configuration is locked. The bitwise notation is a little bit cumbersome to understand. Only 7 bits are the address. The write is done with the I think that I can update my other chips with the default I2C address and they might work. MSB/LSB notation, Hex, dec and bin notation in different source codes and reference of the actual byte in the cfg zone or only |
|
@rrottmann You figured out a fix, right? If so, a PR would be greatly appreciated. Thanks! |
|
Unfortunately, my "fix" right now is just the initialization with the help of another tool. I am not sure of the meaning of all the configuration bytes. So I cannot provide valid settings that should be used instead. I assume that either the Adafruit module has been initialized during manufacturing and maybe already contains settings that are not set via the Python code. I used factory-default modules from different sources and "bricked" them. I was not able/did not try to change the I2C address. This needs the help of a bus pirate and raw commands and you only have one try to set it correctly. |
|
I wrote a small gist with notes of how I configure an ATECC608A for tinkering/development purposes and to document what I learned about the I2C configuration: https://gist.github.com/rrottmann/292d1fb7f30b448e96cb4dedadcaa213 |
|
I just tested the latest code with a Raspberry Pi Zero and an ATECC608A module on i2c 0x35. I've documented what I did to change the code to work with this device: Test with Raspberry Pi Zero# raspbian buster lite
sudo apt update
sudo apt install -y i2c-tools python3-venv python3-pip build-essential cmake git libusbhid-common libusb-1.0-0-dev libhidapi-dev
cd
mkdir git
cd git
git clone https://github.com/adafruit/Adafruit_CircuitPython_ATECC.git
cd Adafruit_CircuitPython_ATECC/
python3 -m venv venv
source venv/bin/activate
pip3 install wheel
pip3 install -r requirements.txt
i2cdetect -y 1
# 0 1 2 3 4 5 6 7 8 9 a b c d e f
#00: -- -- -- -- -- -- -- -- -- -- -- -- --
#10: -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
#20: -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
#30: -- -- -- -- -- 35 -- -- -- -- -- -- -- -- -- --
#40: -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
#50: -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
#60: -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
#70: -- -- -- -- -- -- -- --
pip3 freeze
#Adafruit-Blinka==6.3.0
#adafruit-circuitpython-binascii==1.2.5
#adafruit-circuitpython-busdevice==5.0.6
#Adafruit-PlatformDetect==3.2.0
#Adafruit-PureIO==1.1.8
#pkg-resources==0.0.0
#pyftdi==0.52.9
#pyserial==3.5
#pyusb==1.1.1
#rpi-ws281x==4.2.5
#RPi.GPIO==0.7.0
#sysv-ipc==1.1.0
python3 setup.py bdist_wheel
# patch the i2c address if yours is different to 0x60 (in this case 0x35)
cat > atecc.patch <<"PATCH"
--- atecc.patch 2021-03-04 21:21:07.229852937 +0000
+++ atecc.patch2 2021-03-04 21:20:52.339761410 +0000
@@ -3,13 +3,13 @@
--- a/adafruit_atecc/adafruit_atecc.py
+++ b/adafruit_atecc/adafruit_atecc.py
@@ -59,7 +59,7 @@ def _convert_i2c_addr_to_atecc_addr(i2c_addr=0x60):
-
-
+
+
# Device Address
-_I2C_ADDR = 0x60
+_I2C_ADDR = 0x35
_REG_ATECC_ADDR = _convert_i2c_addr_to_atecc_addr(i2c_addr=_I2C_ADDR)
-
+
_REG_ATECC_DEVICE_ADDR = _REG_ATECC_ADDR >> 1
diff --git a/examples/atecc_simpletest.py b/examples/atecc_simpletest.py
index 088f48e..403e179 100644
@@ -17,10 +17,10 @@
+++ b/examples/atecc_simpletest.py
@@ -9,7 +9,7 @@ from adafruit_atecc.adafruit_atecc import ATECC, _WAKE_CLK_FREQ
i2c = busio.I2C(board.SCL, board.SDA, frequency=_WAKE_CLK_FREQ)
-
+
# Initialize a new atecc object
-atecc = ATECC(i2c)
+atecc = ATECC(i2c, address=0x35, debug=False)
-
+
print("ATECC Serial: ", atecc.serial_number)
-
+
PATCH
# force reinstall in case original wheel already installed during testing
pip3 install --upgrade --force-reinstall dist/adafruit_circuitpython_atecc-1.2.6-py3-none-any.whl
python3 examples/atecc_simpletest.py
ATECC Serial: 0123E*************
Random Value: 525
ATECC Counter #1 Value: bytearray(b'\t\x00\x00\x00')
Appending to the digest...
Appending to the digest...
SHA Digest: bytearray(b'\x03\x1e\xdd}Ae\x15\x93\xc5\xfe\\\x00o\xa5u+7\xfd\xdf\xf7\xbcN\x84:\xa6\xaf\x0c\x95\x0fK\x94\x06') |
|
I tried this and still unable to create CSR and run the simpletest after first time CSR creation failed |
|
@dexterac were you able to solve this? I have exatctly the same issue with raspberry and feather M4. |
|
I created this shell script, which has worked for me.
# Setup ATECC608A environment
```
#!/bin/bash
# https://github.com/MicrochipTech/cryptoauthlib/wiki/OpenSSL-and-ATECC-Sign-Verify
# https://docs.arduino.cc/resources/datasheets/ATECC508A-datasheet.pdf
sudo apt install -y cmake libudev-dev p11-kit
virtualenv /minimulus/.minimulusenv
source /minimulus/.minimulusenv/bin/activate
pip install --upgrade pip
pip install --upgrade setuptools
export CFLAGS=-fcommon
pip install RPi.GPIO
pip install adafruit-circuitpython-atecc
pip install adafruit-circuitpython-lis3dh
pip install circuitpython-build-tools
pip install cryptoauthlib
mkdir -p /minimulus/atecc608a && cd /minimulus/atecc608a
git clone https://github.com/MicrochipTech/cryptoauthlib
cd cryptoauthlib
cmake .
make
sudo make install
cat << EOF > /minimulus/atecc608a/simpletest.py
import board
import busio
from adafruit_atecc.adafruit_atecc import ATECC, _WAKE_CLK_FREQ
from time import sleep
from random import randrange
# Initialize the i2c bus
i2c = busio.I2C(board.SCL, board.SDA, frequency=_WAKE_CLK_FREQ)
# Initialize a new atecc object
atecc = ATECC(i2c)
print("ATECC Serial: ", atecc.serial_number)
# Generate a random number with a maximum value of 1024
c = 0
while c<1:
c+=1
rng = randrange(2040)
print(rng)
print("Random Value: ", atecc.random(rnd_max=rng))
sleep(1)
print("ATECC Counter #1 Value: ", atecc.counter(1,
increment_counter=True))
# Print out the value from one of the ATECC's counters
# You should see this counter increase on every time the code.py runs.
print("ATECC Counter #1 Value: ", atecc.counter(1, increment_counter=True))
# Initialize the SHA256 calculation engine
atecc.sha_start()
# Append bytes to the SHA digest
print("Appending to the digest...")
atecc.sha_update(b"Nobody inspects")
print("Appending to the digest...")
atecc.sha_update(b" the spammish repetition")
# Return the digest of the data passed to sha_update
message = atecc.sha_digest()
print("SHA Digest: ", message)
EOF
python /minimulus/atecc608a/simpletest.py
```
On Sat, Apr 23, 2022, 5:37 AM smalltoe ***@***.***> wrote:
|
|
Many Thanks for this but unfortunately so far I was not very lucky. Two questions - if I may:
|
|
Python 3.8 and 3.9 both worked for me. This worked with already locked chip. To configure a new chip I used this |
Finally to export public key, CSR, and new keys for sign/verify |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I used the following Adafruit sample code in order to initialize the ATECC608A chip connected to a Pi0 via I2C using GPIO 3 and 5.
Basic tests like accessing the serial, the random number generator or the counter were successful.
However generating the CSR failed:
Since then I have no connection to the module anymore. i2cdetect recognizes an i2c device on 0x10 but every other call the device disappears again. Before the device was recognized as 0x60. There are no other I2C devices connected.
Does anyone have an idea what happened here? Is there any chance to revive the ATECC608A?
The text was updated successfully, but these errors were encountered: