当前位置：首页 > backend >正文

基于STM32、HAL库的ATSHA204A安全验证及加密芯片驱动程序设计

backend 2025/5/3 12:57:24

一、简介：

ATSHA204A是Microchip公司生产的一款高性能加密认证芯片，主要特性包括：

基于SHA-256哈希算法的安全认证
4.5KB EEPROM存储空间（可配置为密钥存储、OTP区域等）
唯一的72位序列号
支持I2C和单线接口
工作电压：2.0V至5.5V
低功耗设计

典型应用场景：

设备认证
安全启动验证
固件保护
防克隆保护

二、硬件接口：

TSHA204A          STM32L4XX
----------------------------
VCC        →       3.3V
GND        →       GND
SDA        →       PB7 (I2C1_SDA)
SCL        →       PB6 (I2C1_SCL)

注意：ATSHA204A的地址引脚决定了I2C地址，通常为0xC0（如果地址引脚全部接地）。

三、头文件：

#ifndef ATSHA204A_H
#define ATSHA204A_H

#include "stm32l4xx_hal.h"

#define ATSHA204A_I2C_ADDR 0xC0
#define ATSHA204A_CMD_WAKE 0x00
#define ATSHA204A_CMD_SLEEP 0x01
#define ATSHA204A_CMD_READ 0x02
#define ATSHA204A_CMD_WRITE 0x12
#define ATSHA204A_CMD_MAC 0x08
#define ATSHA204A_CMD_NONCE 0x16
#define ATSHA204A_CMD_RANDOM 0x1B

#define ATSHA204A_ZONE_CONFIG 0x00
#define ATSHA204A_ZONE_OTP 0x01
#define ATSHA204A_ZONE_DATA 0x02

#define ATSHA204A_STATUS_SUCCESS 0x00
#define ATSHA204A_STATUS_AFTER_WAKE 0x11

#define ATSHA204A_PACKET_SIZE 32
#define ATSHA204A_RESPONSE_TIMEOUT 1000

typedef struct {
I2C_HandleTypeDef *hi2c;
uint8_t i2c_addr;
} ATSHA204A_HandleTypeDef;

HAL_StatusTypeDef ATSHA204A_Init(ATSHA204A_HandleTypeDef *hatsha, I2C_HandleTypeDef *hi2c, uint8_t i2c_addr);
HAL_StatusTypeDef ATSHA204A_Wakeup(ATSHA204A_HandleTypeDef *hatsha);
HAL_StatusTypeDef ATSHA204A_Sleep(ATSHA204A_HandleTypeDef *hatsha);
HAL_StatusTypeDef ATSHA204A_Read(ATSHA204A_HandleTypeDef *hatsha, uint8_t zone, uint8_t block, uint8_t offset, uint8_t *data, uint8_t len);
HAL_StatusTypeDef ATSHA204A_Write(ATSHA204A_HandleTypeDef *hatsha, uint8_t zone, uint8_t block, uint8_t offset, const uint8_t *data, uint8_t len);
HAL_StatusTypeDef ATSHA204A_GetSerialNumber(ATSHA204A_HandleTypeDef *hatsha, uint8_t *serial);
HAL_StatusTypeDef ATSHA204A_GenerateRandom(ATSHA204A_HandleTypeDef *hatsha, uint8_t *random);
HAL_StatusTypeDef ATSHA204A_CalculateMAC(ATSHA204A_HandleTypeDef *hatsha, uint8_t *challenge, uint8_t *mac);

#endif /* ATSHA204A_H */

四、源文件：

#include "atsha204a.h"
#include <string.h>

static HAL_StatusTypeDef ATSHA204A_SendCommand(ATSHA204A_HandleTypeDef *hatsha, uint8_t *command, uint8_t cmd_len);
static HAL_StatusTypeDef ATSHA204A_ReceiveResponse(ATSHA204A_HandleTypeDef *hatsha, uint8_t *response, uint8_t resp_len);

HAL_StatusTypeDef ATSHA204A_Init(ATSHA204A_HandleTypeDef *hatsha, I2C_HandleTypeDef *hi2c, uint8_t i2c_addr) {
hatsha->hi2c = hi2c;
hatsha->i2c_addr = i2c_addr;
return ATSHA204A_Wakeup(hatsha);
}

HAL_StatusTypeDef ATSHA204A_Wakeup(ATSHA204A_HandleTypeDef *hatsha) {
// Wakeup is a special case - requires a low pulse on SDA
// For I2C, we send a start condition with address 0x00
uint8_t dummy = 0;
HAL_StatusTypeDef status = HAL_I2C_Master_Transmit(hatsha->hi2c, 0x00, &dummy, 1, ATSHA204A_RESPONSE_TIMEOUT);

// Wait for device to wake up
HAL_Delay(2);

return status;
}

HAL_StatusTypeDef ATSHA204A_Sleep(ATSHA204A_HandleTypeDef *hatsha) {
uint8_t command[4] = {0};
command[0] = 1; // Opcode count
command[1] = ATSHA204A_CMD_SLEEP;

return ATSHA204A_SendCommand(hatsha, command, 4);
}

HAL_StatusTypeDef ATSHA204A_Read(ATSHA204A_HandleTypeDef *hatsha, uint8_t zone, uint8_t block, uint8_t offset, uint8_t *data, uint8_t len) {
uint8_t command[8] = {0};
uint8_t response[ATSHA204A_PACKET_SIZE] = {0};

command[0] = 7; // Opcode count
command[1] = ATSHA204A_CMD_READ;
command[2] = zone;
command[3] = block;
command[4] = offset;

HAL_StatusTypeDef status = ATSHA204A_SendCommand(hatsha, command, 8);
if (status != HAL_OK) return status;

HAL_Delay(5); // Wait for command to complete

status = ATSHA204A_ReceiveResponse(hatsha, response, ATSHA204A_PACKET_SIZE);
if (status != HAL_OK) return status;

if (response[0] != 0) return HAL_ERROR; // Check status byte

memcpy(data, &response[1], len);
return HAL_OK;
}

HAL_StatusTypeDef ATSHA204A_Write(ATSHA204A_HandleTypeDef *hatsha, uint8_t zone, uint8_t block, uint8_t offset, const uint8_t *data, uint8_t len) {
uint8_t command[8 + 32] = {0}; // Max write size

command[0] = 7 + len; // Opcode count
command[1] = ATSHA204A_CMD_WRITE;
command[2] = zone;
command[3] = block;
command[4] = offset;

memcpy(&command[5], data, len);

HAL_StatusTypeDef status = ATSHA204A_SendCommand(hatsha, command, 8 + len);
if (status != HAL_OK) return status;

HAL_Delay(20); // Write operations take longer

return HAL_OK;
}

HAL_StatusTypeDef ATSHA204A_GetSerialNumber(ATSHA204A_HandleTypeDef *hatsha, uint8_t *serial) {
return ATSHA204A_Read(hatsha, ATSHA204A_ZONE_CONFIG, 0, 0, serial, 9); // First 9 bytes of config zone contain serial
}

HAL_StatusTypeDef ATSHA204A_GenerateRandom(ATSHA204A_HandleTypeDef *hatsha, uint8_t *random) {
uint8_t command[4] = {0};
uint8_t response[35] = {0};

command[0] = 1; // Opcode count
command[1] = ATSHA204A_CMD_RANDOM;
command[2] = 0x00; // Mode

HAL_StatusTypeDef status = ATSHA204A_SendCommand(hatsha, command, 4);
if (status != HAL_OK) return status;

HAL_Delay(20); // Random number generation takes time

status = ATSHA204A_ReceiveResponse(hatsha, response, 35);
if (status != HAL_OK) return status;

if (response[0] != 0) return HAL_ERROR; // Check status byte

memcpy(random, &response[1], 32); // Copy 32-byte random number
return HAL_OK;
}

HAL_StatusTypeDef ATSHA204A_CalculateMAC(ATSHA204A_HandleTypeDef *hatsha, uint8_t *challenge, uint8_t *mac) {
uint8_t command[88] = {0}; // Max command size
uint8_t response[35] = {0};

command[0] = 83; // Opcode count
command[1] = ATSHA204A_CMD_MAC;
command[2] = 0x01; // Mode
command[3] = 0x00; // Slot

memcpy(&command[4], challenge, 32); // Copy challenge

HAL_StatusTypeDef status = ATSHA204A_SendCommand(hatsha, command, 88);
if (status != HAL_OK) return status;

HAL_Delay(50); // MAC calculation takes time

status = ATSHA204A_ReceiveResponse(hatsha, response, 35);
if (status != HAL_OK) return status;

if (response[0] != 0) return HAL_ERROR; // Check status byte

memcpy(mac, &response[1], 32); // Copy 32-byte MAC
return HAL_OK;
}

static HAL_StatusTypeDef ATSHA204A_SendCommand(ATSHA204A_HandleTypeDef *hatsha, uint8_t *command, uint8_t cmd_len) {
// Calculate CRC
// Note: Actual CRC implementation needed here
command[cmd_len-2] = 0; // CRC placeholder
command[cmd_len-1] = 0; // CRC placeholder

return HAL_I2C_Master_Transmit(hatsha->hi2c, hatsha->i2c_addr, command, cmd_len, ATSHA204A_RESPONSE_TIMEOUT);
}

static HAL_StatusTypeDef ATSHA204A_ReceiveResponse(ATSHA204A_HandleTypeDef *hatsha, uint8_t *response, uint8_t resp_len) {
return HAL_I2C_Master_Receive(hatsha->hi2c, hatsha->i2c_addr, response, resp_len, ATSHA204A_RESPONSE_TIMEOUT);
}

五、应用：

#include "atsha204a.h"
#include "stdio.h"

ATSHA204A_HandleTypeDef hatsha;

void ATSHA204A_Example(void) {
uint8_t serial[9] = {0};
uint8_t random[32] = {0};
uint8_t mac[32] = {0};
uint8_t challenge[32] = {0};

// Initialize with I2C1 and default address
if (ATSHA204A_Init(&hatsha, &hi2c1, ATSHA204A_I2C_ADDR) != HAL_OK) {
printf("ATSHA204A initialization failed\r\n");
return;
}

// Get serial number
if (ATSHA204A_GetSerialNumber(&hatsha, serial) == HAL_OK) {
printf("Serial Number: ");
for (int i = 0; i < 9; i++) {
printf("%02X", serial[i]);
}
printf("\r\n");
}

// Generate random number
if (ATSHA204A_GenerateRandom(&hatsha, random) == HAL_OK) {
printf("Random Number: ");
for (int i = 0; i < 32; i++) {
printf("%02X", random[i]);
}
printf("\r\n");
}

// Generate challenge (in real application, this would be from host)
for (int i = 0; i < 32; i++) {
challenge[i] = i;
}

// Calculate MAC
if (ATSHA204A_CalculateMAC(&hatsha, challenge, mac) == HAL_OK) {
printf("MAC: ");
for (int i = 0; i < 32; i++) {
printf("%02X", mac[i]);
}
printf("\r\n");
}

// Put device to sleep
ATSHA204A_Sleep(&hatsha);
}