Merge pull request #309 from tropicsquare/develop

Prepare for release 2.0.1

Author: medexs

CHANGELOG.md

@@ -5,6 +5,18 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.0.1]
+
+### Added
+- Mentioned compatibility of libtropic 2.0.0 and 2.0.1 with FW 1.0.0 and Bootloader v2.0.1 in the main README.md compatibility table.
+- Row in the compatibility table for libtropic 2.0.1.
+- Section about TROPIC01 firmware in the documentation.
+
+### Fixed
+- Handling of `add` argument in the Mac-And-Destroy example (`lt_ex_macandd.c`): `NULL` can be passed, `memcpy()` will not be called with `NULL` argument and no additional data will be used in the M&D sequence.
+- Set newest available FW version in CMakeLists.txt.
+- CMakeLists.txt: use `set()` for string options, enhance validating of their values
+
 ## [2.0.0]
 
 ### Changed

CMakeLists.txt

@@ -8,8 +8,6 @@ cmake_minimum_required(VERSION 3.21.0)
 
 include(cmake/strict_compile_flags.cmake)
 
-option(LT_CRYPTO "Set a cryptography provider" OFF)
-option(LT_BUILD_DOCS "Build documentation" OFF)
 option(LT_BUILD_EXAMPLES "Compile example code as part of libtropic library" OFF)
 option(LT_BUILD_TESTS "Compile functional tests' code as part of libtropic library" OFF)
 # This switch controls if helper utilities are compiled in. In most cases this should be ON,
@@ -23,8 +21,38 @@ option(LT_SEPARATE_L3_BUFF "Define L3 buffer separately out of the handle" OFF)
 option(LT_PRINT_SPI_DATA "Print SPI communication to console, used to debug low level communication" OFF)
 option(LT_STRICT_COMP_FLAGS "Enable strict compilation flags for libtropic" OFF)
 option(LT_ASAN "Enable AddressSanitizer (ASan)" OFF)
+
+# TROPIC01 silicon revision: useful for firmware update and functional tests
+# (as some behavior) differ between revisions.
+set(LT_SILICON_REV "ACAB" CACHE STRING "Set TROPIC01 silicon revision")
+set_property(CACHE LT_SILICON_REV PROPERTY STRINGS "ABAB" "ACAB")
+
+# Used for compiling the correct FW update files
+# Available versions can be seen in the compatibility table in the main README.md.
+# Always use bundled versions from "TROPIC01_fw_update_files" folder!
+set(LT_CPU_FW_VERSION "1_0_1" CACHE STRING "Set TROPIC01 FW version")
+set_property(CACHE LT_CPU_FW_VERSION PROPERTY STRINGS "1_0_0" "1_0_1")
+# Validate specified version
+get_property(lt_cpu_fw_version_choices CACHE LT_CPU_FW_VERSION PROPERTY STRINGS)
+set(cpu_fw_valid FALSE)
+foreach(cpu_fw_choice IN LISTS lt_cpu_fw_version_choices)
+    if(LT_CPU_FW_VERSION STREQUAL ${cpu_fw_choice})
+        set(cpu_fw_valid TRUE)
+        break()
+    endif()
+endforeach()
+if (NOT cpu_fw_valid)
+    message(FATAL_ERROR "Invalid TROPIC01 FW version: '${LT_CPU_FW_VERSION}'\nAvailable FW versions: ${lt_cpu_fw_version_choices}")
+endif()
+
+# Crypto provider
+set(LT_CRYPTO "" CACHE STRING "Set a cryptography provider")
+# set_property(CACHE LT_CRYPTO PROPERTY STRINGS "trezor_crypto" "mbedtls")  # uncomment this after mbedtls is ready
+set_property(CACHE LT_CRYPTO PROPERTY STRINGS "trezor_crypto")              # delete this after mbedtls is ready
+
 # Logging options
-option(LT_LOG_LVL "Set log level" OFF)
+set(LT_LOG_LVL "" CACHE STRING "Set log level")
+set_property(CACHE LT_LOG_LVL PROPERTY STRINGS "None" "Error" "Warning" "Info" "Debug")
 
 # Use INFO logging level when building tests/examples
 if(LT_BUILD_TESTS OR LT_BUILD_EXAMPLES)
@@ -74,7 +102,8 @@ elseif(LT_LOG_LVL STREQUAL "None")
 elseif(NOT LT_LOG_LVL)
     message(STATUS "No logging level specified, defaulting to NONE (logging is disabled)")
 else()
-    message(WARNING "Incorrect logging level specified: '${LT_LOG_LVL}'. Defaulting to NONE!")
+    get_property(lt_log_lvl_choices CACHE LT_LOG_LVL PROPERTY STRINGS)
+    message(FATAL_ERROR "Incorrect logging level specified: '${LT_LOG_LVL}'\nAvailable logging levels: ${lt_log_lvl_choices}")
 endif()
 
 # Define the ASAN flags here so they are not duplicated.
@@ -100,41 +129,6 @@ set(LT_SH0_PRIV_PATH
 # and save result to HAS_PARENT_SCOPE.
 get_directory_property(HAS_PARENT_SCOPE PARENT_DIRECTORY)
 
-###########################################################################
-#                                                                         #
-#   Define silicon revision. Default is ACAB (production chips).          #
-#   Allowed values are:                                                   #
-#           ABAB - Silicon revision B - Bootloader v1.0.1                 #
-#           ACAB - Silicon revision C - Bootloader v2.0.1                 #
-#                                                                         #
-#   Useful for firmware update and functional tests (as some behavior)    #
-#   differ between revisions.                                             #
-#                                                                         #
-###########################################################################
-
-if (NOT DEFINED LT_SILICON_REV)
-    set(LT_SILICON_REV "ACAB")
-endif()
-
-###########################################################################
-#                                                                         #
-#   Define files for firmware update.                                     #
-#                                                                         #
-#   For more info about firmware update go into                           #
-#   TROPIC01_fw_update_files/README.md                                    #
-#                                                                         #
-#   [1] Define LT_SILICON_REV -- see above.                               #
-#                                                                         #
-#   [2] Define firmware files here, allowed values are:                   #
-#       APP: 1_0_0                                                        #
-#       SPECT: Use version in folder next to application firmware update  #
-#                                                                         #
-#    Always use bundled versions from "TROPIC01_fw_update_files" folder!  #
-#                                                                         #
-###########################################################################
-
-set(LT_CPU_FW_VERSION "1_0_0")
-
 ###########################################################################
 #                                                                         #
 #   Collect files:                                                        #
@@ -216,7 +210,8 @@ if (LT_SILICON_REV STREQUAL "ABAB")
 elseif (LT_SILICON_REV STREQUAL "ACAB")
     set(BL_FOLDER boot_v_2_0_1)
 else()
-    message(FATAL_ERROR "Invalid silicon revision (LT_SILICON_REV): ${LT_SILICON_REV}")
+    get_property(lt_silicon_rev_choices CACHE LT_SILICON_REV PROPERTY STRINGS)    
+    message(FATAL_ERROR "Invalid silicon revision: '${LT_SILICON_REV}'\nAvailable silicon revisions: ${lt_silicon_rev_choices}")
 endif()
 
 set(SDK_INCS ${SDK_INCS}
@@ -473,10 +468,6 @@ endif()
 #                                                                         #
 ###########################################################################
 
-# Supported crypto providers
-# set(CRYPTO_PROVIDERS "trezor_crypto" "mbedtls") # mbedtls is WIP
-set(CRYPTO_PROVIDERS "trezor_crypto")
-
 # These are internal macros for crypto providers
 set(LT_CRYPTO_TREZOR  0 CACHE INTERNAL "")
 set(LT_CRYPTO_MBEDTLS 0 CACHE INTERNAL "")
@@ -498,8 +489,8 @@ elseif(LT_CRYPTO STREQUAL "mbedtls")
 
 else()
 
-    string(REPLACE ";" ", " ALLOWED_PROVIDERS_STR "${CRYPTO_PROVIDERS}")    
-    message(FATAL_ERROR "Incorrect cryptographic provider set to LT_CRYPTO!\nAvailable providers: ${ALLOWED_PROVIDERS_STR}")
+    get_property(lt_crypto_choices CACHE LT_CRYPTO PROPERTY STRINGS)
+    message(FATAL_ERROR "Incorrect cryptographic provider set to LT_CRYPTO!\nAvailable providers: ${lt_crypto_choices}")
 
 endif()
 

README.md

@@ -1,4 +1,4 @@
-# libtropic
+# Libtropic
 
 ![](https://github.com/tropicsquare/libtropic/actions/workflows/integration_tests.yml/badge.svg) ![](https://github.com/tropicsquare/libtropic/actions/workflows/build_docs_master.yml/badge.svg) ![](https://tropic-gitlab.corp.sldev.cz/internal/sw-design/libtropic/badges/master/coverage.svg)
 
@@ -11,18 +11,19 @@ Libtropic documentation is available [here](https://tropicsquare.github.io/libtr
 
 ## Compatibility with TROPIC01 firmware versions
 
-For the `libtropic` library to function correctly with the TROPIC01 secure element, the versions of three key components must be compatible:
+For the Libtropic library to function correctly with the TROPIC01 secure element, the versions of three key components must be compatible:
 
-1.  **`libtropic` SDK**: The version of this library.
+1.  **Libtropic SDK**: The version of this library.
 2.  **Application Firmware**: The main firmware running on the TROPIC01 chip.
 3.  **SPECT Firmware**: The co-processor firmware on the TROPIC01 chip.
 
 The following table outlines the tested and supported compatibility between released versions:
 
-| API document version                                                                                   | `libtropic`         | Application            | SPECT            |  Bootloader |  Tests                                     |
-| :----------------------------------------------------------------------------------------------------: |:-------------------:|:----------------------:|:----------------:|  :-------:  |  :---------------------------------------: |
-| [1.3.0](https://github.com/tropicsquare/tropic01/blob/main/doc/api/ODU_TR01_user_api_v1.3.0.pdf)       | 1.0.0               | 1.0.0                  | 1.0.0            |  v1.0.1     |  <code style="color : green">Passed</code> |
-| [1.3.0](https://github.com/tropicsquare/tropic01/blob/main/doc/api/ODU_TR01_user_api_v1.3.0.pdf)       | 1.0.0               | 1.0.0                  | 1.0.0            |  v2.0.1     |  <code style="color : green">Passed</code> |
+| Libtropic         | Application            | SPECT            |  Bootloader |  Tests                                     | API document version                                                                                   |
+|:-------------------:|:----------------------:|:----------------:|  :-------:  |  :---------------------------------------: | :----------------------------------------------------------------------------------------------------: |
+| 1.0.0               | 1.0.0                  | 1.0.0            |  v1.0.1     |  <code style="color : green">Passed</code> | [1.3.0](https://github.com/tropicsquare/tropic01/blob/main/doc/api/ODU_TR01_user_api_v1.3.0.pdf)       |
+| 2.0.0               | 1.0.0–1.0.1                  | 1.0.0            |  v2.0.1     |  <code style="color : green">Passed</code> | [1.3.0](https://github.com/tropicsquare/tropic01/blob/main/doc/api/ODU_TR01_user_api_v1.3.0.pdf)       |
+| 2.0.1               | 1.0.0–1.0.1                  | 1.0.0            |  v2.0.1     |  <code style="color : green">Passed</code> | [1.3.0](https://github.com/tropicsquare/tropic01/blob/main/doc/api/ODU_TR01_user_api_v1.3.0.pdf) |
 
 Using mismatched versions of the components may result in unpredictable behavior or errors. It is strongly advised to use the latest compatible versions of all components to ensure proper functionality.  
 

TROPIC01_fw_update_files/tropic_fw_update_files.md

@@ -52,6 +52,9 @@ This example explains the firmware update process for both ABAB and ACAB silicon
 - How to read the current firmware versions.
 - How to update the firmware using `lt_do_mutable_fw_update()`.
 
+!!! tip
+    For more information about the firmware itself, refer to the [TROPIC01 Firmware](../tropic01_fw.md) section.
+
 ??? example "Source code"
     ```c { .copy }
     --8<-- "examples/lt_ex_fw_update.c"

docs/get_started/examples/irreversible_examples.md

@@ -4,5 +4,6 @@ This section provides information to help you get started with libtropic.
 - [Libtropic Architecture](libtropic_architecture.md)
 - [Integrating Libtropic](integrating_libtropic/index.md)
 - [Examples](examples/index.md)
+- [TROPIC01 Firmware](tropic01_fw.md)
 - [Logging](logging.md)
 - [Debugging](debugging.md)

docs/get_started/index.md

@@ -0,0 +1,48 @@
+# TROPIC01 Firmware
+TROPIC01 contains the following FW execution engines:
+
+- **RISC-V CPU**,
+- **ECC engine** or **SPECT** (these two terms are used interchangeably).
+
+There are multiple kinds of FW running in TROPIC01:
+
+1. *Immutable FW (bootloader)*. Located in ROM, runs on RISC-V CPU from ROM after power-up, updates or boots the mutable FWs.
+2. *RISC-V Mutable FW (CPU FW)*. Updatable, located in R-memory, runs on RISC-V CPU from RAM, processes L2/L3 communication.
+3. *ECC engine mutable FW (ECC engine FW)*. Updatable, located in R-memory, runs on ECC engine from RAM, helps the RISC-V CPU FW with processing ECC commands (ECC_Key_*, ECDSA/EDDSA_Sign).
+
+!!! tip
+    For more detailed information about each FW, refer to the [FW Update Application Note](https://github.com/tropicsquare/tropic01?tab=readme-ov-file#application-notes).
+
+## TROPIC01 Firmware in Libtropic
+Libtropic provides not only implementation of the FW update L2 commands, but also the necessary files for updating both the RISC-V and SPECT FW. Refer to:
+
+1. [Firmware Update Files](#firmware-update-files) section for more information about the `TROPIC01_fw_update_files/` directory.
+2. [lt_ex_fw_update.c](./examples/irreversible_examples.md#lt_ex_fw_updatec) section (in the [Irreversible Examples](./examples/irreversible_examples.md) documentation page) for a practical example, showing how to update TROPIC01's FW using Libtropic.
+
+### Firmware Update Files
+The `TROPIC01_fw_update_files/` directory provides TROPIC01 FW update files in two formats:
+
+1. *C header files (`*.h`)*. These are designed to be included and compiled directly into the Host MCU's firmware/application. See [Compiling into Libtropic](#compiling-into-libtropic) section for more information.
+2. *Binary files (`*.bin`)*. These can be stored in the Host MCU, loaded at runtime and used to update TROPIC01's FW.
+
+The general structure of the `TROPIC01_fw_update_files/` directory is the following:
+```text
+TROPIC01_fw_update_files/
+├── boot_v_<X_Y_Z>/
+│   └── fw_v_<A_B_C>/
+│       ├── fw_CPU.h
+│       ├── fw_SPECT.h
+│       ├── fw_v<A_B_C>.hex32_signed_chunks.bin
+│       └── spect_app-v<D_E_F>_signed_chunks.bin
+└── convert.py
+```
+
+- `boot_v_<X_Y_Z>/`: directories of available FW update files for a given bootloader version `<X_Y_Z>`.
+- `fw_v_<A_B_C>/`: directory with RISC-V CPU and SPECT FW update files (in both formats) for a given FW version `<A_B_C>`. Note that the RISC-V CPU FW and SPECT FW versions can be different.
+- `convert.py`: Python script for converting firmware binary files into C header files.
+
+#### Compiling into Libtropic
+To select which FW version will be compiled together with Libtropic, the user has to set the following CMake variables (both have a default value):
+
+1. `LT_SILICON_REV`: Defines the TROPIC01 silicon revision (e.g. `"ACAB"`), based on which the correct bootloader version is selected. Refer to the [Available Parts](https://github.com/tropicsquare/tropic01?tab=readme-ov-file#available-parts) section (in the [TROPIC01 GitHub repository](https://github.com/tropicsquare/tropic01)) to find out the silicon revision of your TROPIC01 chip.
+2. `LT_CPU_FW_VERSION`: Defines the TROPIC01 FW version (e.g. `"1_0_1"`), based on which the correct FW update files for both RISC-V CPU and SPECT are selected.