As of August 2020 the site you are on ( is deprecated, and content is now at


Jump to: navigation, search

Tutorial A5 Breaking AES-256 Bootloader

3,078 bytes removed, 23:18, 4 November 2017
Appendix B: Capture Script
= Appendix B: Capture Script =
# -*- coding: utf-8 -*-
# Copyright (c) 2013-2016, NewAE Technology Inc
# All rights reserved.
# Authors: Colin O'Flynn, Greg d'Eon
# Find this and more at - this file is part of the chipwhisperer
# project,
# This file is part of chipwhisperer.
# chipwhisperer is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
# chipwhisperer is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# GNU Lesser General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with chipwhisperer. If not, see <>.
import sysimport chipwhispererNote you need to manually CONNECT to the CW-Lite & AES Bootloader target before running this.capture.ui.CWCaptureGUI as cwcfrom chipwhisperer.common.api.CWCoreAPI import CWCoreAPIfrom chipwhisperer.common.scripts.base import UserScriptBasefrom chipwhisperer.common.utils.parameter import ParameterTo do this:
# Check for PySideSet the 'Scope Module' as 'ChipWhisperer/OpenADC'try: from PySide.QtCore import * from PySide.QtGui import *except ImportError: print "ERROR: PySide is required for this program" sys.exit# Set the 'Target Module' as 'AES Bootloader' (you need to have that target on your system)
class UserScript<pre>"""Setup script for CWLite/1200 with XMEGA (UserScriptBaseCW303/CW308-XMEGA/CWLite target): def __init__(self, api)specifically for Tutorial A5:the AES-256 bootloader attack super(UserScript, self).__init__(api)"""
def run(self)try: #User commands here print "***** Starting User Script *****" # Set up board and target self.api.setParameter(['Generic Settings', 'Scope Module', 'ChipWhisperer/OpenADC']) self.api.setParameter(['Generic Settings', 'Trace Format', 'ChipWhisperer/Native']) self.api.setParameter(['Generic Settings', 'Target Module', 'AES Bootloader']) self.api.connect()  # Fill in our other settings lstexample scope = [['CW Extra Settings', 'Trigger Pins', 'Target IO4 (Trigger Line)', True], ['CW Extra Settings', 'Clock Source', 'Target IO-IN'], ['CW Extra Settings', 'Target IOn Pins', 'Target IO2', 'Serial TXD'], ['CW Extra Settings', 'Target IOn Pins', 'Target IO1', 'Serial RXD'], ['CW Extra Settings', 'Target HS IO-Out', 'CLKGEN'], ['OpenADC', 'Clock Setup', 'ADC Clock', 'Source', 'CLKGEN x4 via DCM'], ['OpenADC', 'Trigger Setup', 'Total Samples', 11000], ['OpenADC', 'Trigger Setup', 'Offset', 0], ['OpenADC', 'Gain Setting', 'Setting', 45], ['OpenADC', 'Trigger Setup', 'Mode', 'rising edge'], ['OpenADC', 'Clock Setup', 'CLKGEN Settings', 'Multiply', 2], ['OpenADC', 'Clock Setup', 'CLKGEN Settings', 'Divide', 26], ['OpenADC', 'Clock Setup', 'ADC Clock', 'Reset ADC DCM', None], ]  # NOTE: For IV: offset = 70000 #Download all hardware setup parameters for cmd in lstexample: self.api.setParameter(cmd)scope  # Try a couple of captures self.api.capture1() self.api.capture1()  print "***** Ending User Script *****"  if __name__ == '__main__'except NameError: # Run the program app = cwc.makeApplication() Parameter.usePyQtGraph = True api = CWCoreAPI() gui = cwc.CWCaptureGUI(api) pass
# Run our program and let the GUI take overscope.gain.gain = 45 apiscope.adc.samples = 11000scope.adc.offset = 0scope.adc.basic_mode = "rising_edge"scope.clock.clkgen_freq = 7370000scope.clock.adc_src = "clkgen_x4"scope.trigger.triggers = "tio4" = "serial_rx" tio2 = "serial_tx" sysscope.exit(appio.exec_())hs2 = "clkgen"
Approved_users, bureaucrat, administrator

Navigation menu