ATECC608 Signing Fails After HTTP Requests (calib_random: NULL pointer)

[satsok_n]

I’m encountering intermittent NULL pointer errors in calib_random() when signing with an ATECC608 after making HTTP requests in ESP-IDF (v4.2.1).

Code: Select all

void update_info()
	{
		char url[256];
		
		snprintf(url, sizeof(url), "https://test.com");
		
		esp_http_client_config_t config = {
			.url = url,
			.cert_pem = NULL,
			//.timeout_ms = 10000,  
			.disable_auto_redirect = true,
			.event_handler = http_event_handler,   
			.transport_type = HTTP_TRANSPORT_OVER_SSL,
			.use_global_ca_store = false,
			.skip_cert_common_name_check = true,
		};

		
		take_atecc_sem(portMAX_DELAY);

		esp_http_client_handle_t client; // = NULL;

		client = esp_http_client_init(&config);
		if (client == NULL) 
		{
			ESP_LOGE("HTTP", "Failed to initialize client");
			return;
		}

		esp_err_t err = esp_http_client_perform(client);
		
		if (err == ESP_OK) {
			ESP_LOGI("HTTP", "HTTPS request successful, Status = %d", esp_http_client_get_status_code(client));
			//break;
		} else {
			ESP_LOGE("HTTP", "HTTP request failed: %s", esp_err_to_name(err));
		}

		esp_http_client_cleanup(client);

		// atcab_release();
		// atcab_init(&cfg_ateccx08a_i2c_default);

		give_atecc_sem();
	}

error :
components\cryptoauthlib\cryptoauthlib\lib\calib\calib_random.c:54:e2:NULL pointer received
components\cryptoauthlib\cryptoauthlib\lib\calib\calib_sign.c:124:e2:calib_random - failed
E (585818) Signing failed!
E (585828) Could not sign packet.

It appears that initializing an esp_http_client somehow affects the ATECC608's state. When I manually reset the ATECC (calling atcab_release() followed by re-initialization) between the HTTP request and signing operations, the issue resolves.
Are there known conflicts between ESP-IDF's HTTP stack and cryptoauthlib?

[ahsrabrifat]

Look for memory allocation failures. If the heap is fragmented, try to increase heap size or free unused allocations before cryptoauthlib operations.

[satsok_n]

Hi ahsrabrifa,
I used the following code to check heap before and after the http request:

Code: Select all

void check_heap(const char *tag) {
		ESP_LOGI(tag, "Free heap: %d bytes", heap_caps_get_free_size(MALLOC_CAP_INTERNAL));
		ESP_LOGI(tag, "Largest free block: %d bytes", heap_caps_get_largest_free_block(MALLOC_CAP_INTERNAL));
	}

Before ATECC Sign: Free heap (internal): 58576 bytes
Before ATECC Sign: Largest free block: 29644 bytes

After ATECC Sign: Free heap (internal): 58576 bytes
After ATECC Sign: Largest free block: 29644 bytes

The logs show that there is no heap fragmentation. Some further info is that after fail on signing the http request fails also (after one successful run).

error on http:
components\cryptoauthlib\cryptoauthlib\lib\calib\calib_verify.c:304:e2:NULL pointer received
E (677658) esp-tls-mbedtls: mbedtls_ssl_handshake returned -0xffffff1e
E (677658) esp-tls: Failed to open new connection
E (677668) TRANS_SSL: Failed to open a new connection
E (677678) HTTP_CLIENT: Connection failed, sock < 0