Did you ever get anything to work with InMAC other than STSAFEA_MAC_NONE? I can do the Echo command and it works fine when using STSAFEA_MAC_NONE but zero return when I use something like STSAFEA_MAC_HOST_CMAC? I have narrowed my issue down(I think) to the StSafeA_ComputeCMAC() function. I have implemented my own wrapper using the hardware AES (using AES-GMAC) but I'm NOT quite sure if that is the correct one to use to calculate the CMAC. The authentication tag generated by AES-GMAC is 16 bytes but the StSafeA_ComputeCMAC() appends only 4 bytes to the original message as shown with this particular code at the end of that function
pStSafeA->InOutBuffer.LV.Length += STSAFEA_MAC_LENGTH; <--- this is 4
The response that I get from the STSAFE with a "wrong CMAC" is
0000000B <----- a header perhaps?
00000000 <----- I believe this is the size (16 bits) including the next byte
00000002
0000004E <---- I believe these are some error codes
000000AB <---- I believe these are some error codes
I also don't see any reference to AES-CMAC is the feature set for the STM32L4S MCU that I have though it supports ECB, CBC, CTR, GCM, GMAC, and CBC-MAC. Does the HAL/XCRYPTO library implement this in software?
Maybe someone at ST can clarify what is the exact AES-CMAC mode the STSAFE-A110 uses so I can use the correct mode on the STM32 side (if possible). Better yet, maybe ST can provide a reference manual for the STSAFE device describing the messaging format, command and response code, etc so I don't have to reverse engineer their STSAFE library to figure out what is going on.
