I am not sure of how to create or what kind of firmware to upload to the chip is it as shown below ?
%%bash
cd …/hardware/victims/firmware/simpleserial-base/
make PLATFORM=CWNANO CRYPTO_TARGET=NONE
or
%%bash
cd …/hardware/victims/firmware/simpleserial-base/
make PLATFORM=CWNANO CRYPTO_TARGET=AES
Please let me know the firmware needed . Thank yoiu.
Regards,
Sandeep
Hi,
simpleserial-base don’t use any crypto, so you can keep it as make PLATFORM=CWNANO CRYPTO_TARGET=NONE. If you’re using something with AES, then you can use the CRYPTO_TARGET to select which AES library to use. The Nano can use either TINYAES128C or MBEDTLS.
Alex
For this particular example i think we need to generate target hex using basic-passwdcheck. I did that but i want to know where can i find trace function. I think i need to set it up before running the example.
Can you help me where i can get the code for trace function. Thank you.
Regards,
Sandeep
You can find the cap_pass_trace() function at the end of Lab 2_1B - Power Analysis for Password Bypass (HARDWARE).ipynb
Alex
Can i know where can i find this .ipynb file ? I am using VM and locaalhost:8888 is it in the jupyter notebook ?
Is the first step in the tutorial is to run these following commands ?
SCOPETYPE = ‘CWNANO’
PLATFORM = ‘CWNANO’
VERSION = ‘HARDWARE’
Is there something else i should do ?
The first step in tutorial says that “Inside those notebooks you should get some code to copy into the following section, which will define the capture function.” what does this mean ?
If i just follow the tutorial. The error is shown below.
What are the pre requisites i need to do.
Any help is appreciated. I am new to Chip Whispere so my questions could be very basic. Thank you.
Regards,
Sandeep
Lab 2_1B - Power Analysis for Password Bypass (HARDWARE).ipynb is in the same directory as the main lab Lab 2_1B - Power Analysis for Password Bypass (MAIN).ipynb - chipwhisperer/jupyter/courses/sca101/.
Alex
Got it. When i run the check using commands below
trace_test = cap_pass_trace(“h\n”)
#Basic sanity check
assert(len(trace_test) == 3000)
print(“
OK to continue!”)
I am getting the following error.
Its not printing OK to continue!.
Can you post the full stack trace as well as any output you get from running the hardware file?
This is the output i got from running the hardware file.
SS_VER set to SS_VER_1_1
rm -f – basic-passwdcheck-CWNANO.hex
rm -f – basic-passwdcheck-CWNANO.eep
rm -f – basic-passwdcheck-CWNANO.cof
rm -f – basic-passwdcheck-CWNANO.elf
rm -f – basic-passwdcheck-CWNANO.map
rm -f – basic-passwdcheck-CWNANO.sym
rm -f – basic-passwdcheck-CWNANO.lss
rm -f – objdir/.o
rm -f – objdir/.lst
rm -f – basic-passwdcheck.s simpleserial.s stm32f0_hal_nano.s stm32f0_hal_lowlevel.s
rm -f – basic-passwdcheck.d simpleserial.d stm32f0_hal_nano.d stm32f0_hal_lowlevel.d
rm -f – basic-passwdcheck.i simpleserial.i stm32f0_hal_nano.i stm32f0_hal_lowlevel.i
.
Welcome to another exciting ChipWhisperer target build!!
arm-none-eabi-gcc (15:5.4.1+svn241155-1) 5.4.1 20160919
Copyright © 2015 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
.
Compiling C: basic-passwdcheck.c
arm-none-eabi-gcc -c -mcpu=cortex-m0 -I. -mthumb -mfloat-abi=soft -ffunction-sections -gdwarf-2 -DSS_VER=SS_VER_1_1 -DSTM32F030x6 -DSTM32F0 -DSTM32 -DDEBUG -DHAL_TYPE=HAL_stm32f0_nano -DPLATFORM=CWNANO -DF_CPU=7372800UL -DSS_VER_2_0=2 -DSS_VER_1_1=1 -DSS_VER_1_0=0 -Os -funsigned-char -funsigned-bitfields -fshort-enums -Wall -Wstrict-prototypes -Wa,-adhlns=objdir/basic-passwdcheck.lst -I…/./simpleserial/ -I…/./hal -I…/./hal/stm32f0 -I…/./hal/stm32f0/CMSIS -I…/./hal/stm32f0/CMSIS/core -I…/./hal/stm32f0/CMSIS/device -I…/./hal/stm32f0/Legacy -I…/./crypto/ -std=gnu99 -MMD -MP -MF .dep/basic-passwdcheck.o.d basic-passwdcheck.c -o objdir/basic-passwdcheck.o
.
Compiling C: …/./simpleserial/simpleserial.c
arm-none-eabi-gcc -c -mcpu=cortex-m0 -I. -mthumb -mfloat-abi=soft -ffunction-sections -gdwarf-2 -DSS_VER=SS_VER_1_1 -DSTM32F030x6 -DSTM32F0 -DSTM32 -DDEBUG -DHAL_TYPE=HAL_stm32f0_nano -DPLATFORM=CWNANO -DF_CPU=7372800UL -DSS_VER_2_0=2 -DSS_VER_1_1=1 -DSS_VER_1_0=0 -Os -funsigned-char -funsigned-bitfields -fshort-enums -Wall -Wstrict-prototypes -Wa,-adhlns=objdir/simpleserial.lst -I…/./simpleserial/ -I…/./hal -I…/./hal/stm32f0 -I…/./hal/stm32f0/CMSIS -I…/./hal/stm32f0/CMSIS/core -I…/./hal/stm32f0/CMSIS/device -I…/./hal/stm32f0/Legacy -I…/./crypto/ -std=gnu99 -MMD -MP -MF .dep/simpleserial.o.d …/./simpleserial/simpleserial.c -o objdir/simpleserial.o
.
Compiling C: …/./hal/stm32f0_nano/stm32f0_hal_nano.c
arm-none-eabi-gcc -c -mcpu=cortex-m0 -I. -mthumb -mfloat-abi=soft -ffunction-sections -gdwarf-2 -DSS_VER=SS_VER_1_1 -DSTM32F030x6 -DSTM32F0 -DSTM32 -DDEBUG -DHAL_TYPE=HAL_stm32f0_nano -DPLATFORM=CWNANO -DF_CPU=7372800UL -DSS_VER_2_0=2 -DSS_VER_1_1=1 -DSS_VER_1_0=0 -Os -funsigned-char -funsigned-bitfields -fshort-enums -Wall -Wstrict-prototypes -Wa,-adhlns=objdir/stm32f0_hal_nano.lst -I…/./simpleserial/ -I…/./hal -I…/./hal/stm32f0 -I…/./hal/stm32f0/CMSIS -I…/./hal/stm32f0/CMSIS/core -I…/./hal/stm32f0/CMSIS/device -I…/./hal/stm32f0/Legacy -I…/./crypto/ -std=gnu99 -MMD -MP -MF .dep/stm32f0_hal_nano.o.d …/./hal/stm32f0_nano/stm32f0_hal_nano.c -o objdir/stm32f0_hal_nano.o
.
Compiling C: …/./hal/stm32f0/stm32f0_hal_lowlevel.c
arm-none-eabi-gcc -c -mcpu=cortex-m0 -I. -mthumb -mfloat-abi=soft -ffunction-sections -gdwarf-2 -DSS_VER=SS_VER_1_1 -DSTM32F030x6 -DSTM32F0 -DSTM32 -DDEBUG -DHAL_TYPE=HAL_stm32f0_nano -DPLATFORM=CWNANO -DF_CPU=7372800UL -DSS_VER_2_0=2 -DSS_VER_1_1=1 -DSS_VER_1_0=0 -Os -funsigned-char -funsigned-bitfields -fshort-enums -Wall -Wstrict-prototypes -Wa,-adhlns=objdir/stm32f0_hal_lowlevel.lst -I…/./simpleserial/ -I…/./hal -I…/./hal/stm32f0 -I…/./hal/stm32f0/CMSIS -I…/./hal/stm32f0/CMSIS/core -I…/./hal/stm32f0/CMSIS/device -I…/./hal/stm32f0/Legacy -I…/./crypto/ -std=gnu99 -MMD -MP -MF .dep/stm32f0_hal_lowlevel.o.d …/./hal/stm32f0/stm32f0_hal_lowlevel.c -o objdir/stm32f0_hal_lowlevel.o
.
Assembling: …/./hal/stm32f0/stm32f0_startup.S
arm-none-eabi-gcc -c -mcpu=cortex-m0 -I. -x assembler-with-cpp -mthumb -mfloat-abi=soft -ffunction-sections -DF_CPU=7372800 -Wa,-gstabs,-adhlns=objdir/stm32f0_startup.lst -I…/./simpleserial/ -I…/./hal -I…/./hal/stm32f0 -I…/./hal/stm32f0/CMSIS -I…/./hal/stm32f0/CMSIS/core -I…/./hal/stm32f0/CMSIS/device -I…/./hal/stm32f0/Legacy -I…/./crypto/ …/./hal/stm32f0/stm32f0_startup.S -o objdir/stm32f0_startup.o
.
Linking: basic-passwdcheck-CWNANO.elf
arm-none-eabi-gcc -mcpu=cortex-m0 -I. -mthumb -mfloat-abi=soft -ffunction-sections -gdwarf-2 -DSS_VER=SS_VER_1_1 -DSTM32F030x6 -DSTM32F0 -DSTM32 -DDEBUG -DHAL_TYPE=HAL_stm32f0_nano -DPLATFORM=CWNANO -DF_CPU=7372800UL -DSS_VER_2_0=2 -DSS_VER_1_1=1 -DSS_VER_1_0=0 -Os -funsigned-char -funsigned-bitfields -fshort-enums -Wall -Wstrict-prototypes -Wa,-adhlns=objdir/basic-passwdcheck.o -I…/./simpleserial/ -I…/./hal -I…/./hal/stm32f0 -I…/./hal/stm32f0/CMSIS -I…/./hal/stm32f0/CMSIS/core -I…/./hal/stm32f0/CMSIS/device -I…/./hal/stm32f0/Legacy -I…/./crypto/ -std=gnu99 -MMD -MP -MF .dep/basic-passwdcheck-CWNANO.elf.d objdir/basic-passwdcheck.o objdir/simpleserial.o objdir/stm32f0_hal_nano.o objdir/stm32f0_hal_lowlevel.o objdir/stm32f0_startup.o --output basic-passwdcheck-CWNANO.elf --specs=nano.specs --specs=nosys.specs -T …/./hal/stm32f0_nano/LinkerScript.ld -Wl,–gc-sections -lm -mthumb -mcpu=cortex-m0 -Wl,-Map=basic-passwdcheck-CWNANO.map,–cref -lm
.
Creating load file for Flash: basic-passwdcheck-CWNANO.hex
arm-none-eabi-objcopy -O ihex -R .eeprom -R .fuse -R .lock -R .signature basic-passwdcheck-CWNANO.elf basic-passwdcheck-CWNANO.hex
.
Creating load file for EEPROM: basic-passwdcheck-CWNANO.eep
arm-none-eabi-objcopy -j .eeprom --set-section-flags=.eeprom=“alloc,load”
–change-section-lma .eeprom=0 --no-change-warnings -O ihex basic-passwdcheck-CWNANO.elf basic-passwdcheck-CWNANO.eep || exit 0
.
Creating Extended Listing: basic-passwdcheck-CWNANO.lss
arm-none-eabi-objdump -h -S -z basic-passwdcheck-CWNANO.elf > basic-passwdcheck-CWNANO.lss
.
Creating Symbol Table: basic-passwdcheck-CWNANO.sym
arm-none-eabi-nm -n basic-passwdcheck-CWNANO.elf > basic-passwdcheck-CWNANO.sym
Size after:
text data bss dec hex filename
5924 112 1184 7220 1c34 basic-passwdcheck-CWNANO.elf
±-------------------------------------------------------
This is the complete error. Is this what you mean by full stack trace ?
KeyError Traceback (most recent call last)
~/.pyenv/versions/3.7.7/envs/cw/lib/python3.7/site-packages/pyusb-1.1.1-py3.7.egg/usb/core.py in get_interface_and_endpoint(self, device, endpoint_address)
235 try:
–> 236 return self._ep_info[endpoint_address]
237 except KeyError:
KeyError: None
During handling of the above exception, another exception occurred:
TypeError Traceback (most recent call last)
in
----> 1 trace_test = cap_pass_trace(“h\n”)
2
3 #Basic sanity check
4 assert(len(trace_test) == 3000)
5 print(“
OK to continue!”)
in cap_pass_trace(pass_guess)
9 scope.arm()
10 target.write(pass_guess)
—> 11 ret = scope.capture()
12 if ret:
13 print(‘Timeout happened during acquisition’)
~/work/projects/chipwhisperer/software/chipwhisperer/capture/scopes/cwnano.py in capture(self)
694 return True
695
–> 696 self._lasttrace = self._cwusb.cmdReadMem(0, self.adc.samples)
697
698 # can just keep rerunning this until it works I think
~/work/projects/chipwhisperer/software/chipwhisperer/hardware/naeusb/naeusb.py in cmdReadMem(self, addr, dlen)
798 “”"
799
–> 800 return self.usbseralizer.cmdReadMem(addr, dlen)
801
802 def cmdWriteMem(self, addr, data):
~/work/projects/chipwhisperer/software/chipwhisperer/hardware/naeusb/naeusb.py in cmdReadMem(self, addr, dlen)
202 cmdpacket = self.make_cmd(self.CMD_READ_MEM, payload)
203
–> 204 return self.process_rx(self.txrx(tx=cmdpacket))
205
206 def cmdWriteMem(self, addr, data):
~/work/projects/chipwhisperer/software/chipwhisperer/hardware/naeusb/naeusb.py in txrx(self, tx)
311 addr = payload[0]
312 dlen = payload[1]
–> 313 response = self.cmdReadMem(addr, dlen)
314 naeusb_logger.debug(“CMD_READ_MEM: addr: {:08X}, dlen: {:08X}, response: {}”.format(addr, dlen, response))
315 elif cmd == self.CMD_WRITE_MEM:
~/work/projects/chipwhisperer/software/chipwhisperer/hardware/naeusb/naeusb.py in cmdReadMem(self, addr, dlen)
531 # Get data
532 if cmd == self.CMD_READMEM_BULK:
–> 533 data = self.usbdev().read(self.rep, dlen, timeout=self._timeout)
534 # XXX Husky debug:
535 naeusb_logger.info(‘YYY BULK rep=%d, dlen=%d, got len=%d’ % (self.rep, dlen, len(data)))
~/.pyenv/versions/3.7.7/envs/cw/lib/python3.7/site-packages/pyusb-1.1.1-py3.7.egg/usb/core.py in read(self, endpoint, size_or_buffer, timeout)
1009 }
1010
-> 1011 intf, ep = self._ctx.setup_request(self, endpoint)
1012 fn = fn_map[util.endpoint_type(ep.bmAttributes)]
1013
~/.pyenv/versions/3.7.7/envs/cw/lib/python3.7/site-packages/pyusb-1.1.1-py3.7.egg/usb/core.py in wrapper(self, *args, **kwargs)
111 try:
112 self.lock.acquire()
–> 113 return f(self, *args, **kwargs)
114 finally:
115 self.lock.release()
~/.pyenv/versions/3.7.7/envs/cw/lib/python3.7/site-packages/pyusb-1.1.1-py3.7.egg/usb/core.py in setup_request(self, device, endpoint)
226 endpoint_address = endpoint
227
–> 228 intf, ep = self.get_interface_and_endpoint(device, endpoint_address)
229 self.managed_claim_interface(device, intf)
230 return (intf, ep)
~/.pyenv/versions/3.7.7/envs/cw/lib/python3.7/site-packages/pyusb-1.1.1-py3.7.egg/usb/core.py in wrapper(self, *args, **kwargs)
111 try:
112 self.lock.acquire()
–> 113 return f(self, *args, **kwargs)
114 finally:
115 self.lock.release()
~/.pyenv/versions/3.7.7/envs/cw/lib/python3.7/site-packages/pyusb-1.1.1-py3.7.egg/usb/core.py in get_interface_and_endpoint(self, device, endpoint_address)
242 return intf, ep
243
–> 244 raise ValueError('Invalid endpoint address ’ + hex(endpoint_address))
245
246 @synchronized
TypeError: ‘NoneType’ object cannot be interpreted as an integer
Yup, that’s the full stack trace. This is an issue with the 5.5.2 release and the fix will be released with 5.6.1. In the meantime, there’s a solution here you can follow: CWNANO setup issues. You’ll need to make the change in the (Hardware) file.
Alex
okay i have made the changes and it worked. I have one last question how do we decide Threshold. Below we can see that Threshold is decided as 40.
Thank you for all the help.
Regards,
Sandeep
During the lab, you should have a list printed that gives the sum of absolute difference (SAD) between all of the guess traces and the reference trace. One guess trace should have a much bigger SAD than all of the others. You want to use a threshold that is somewhere between the large difference and the small difference. 40 is just a threshold that we’ve found generally works.
Alex
