Claire Xen  🏳️‍⚧️ 🏳️‍🌈 🧙🏻‍♀️ BLM  🏴 🚩

Why are crypto/smartcard ICs (for example ATECC608) always so poorly documented / NDA-walled? The software/networking space is very open (TLS, IPSec, etc) and use of a proprietary cipher vs something like AES is massively frowned upon. So why is sec-by-obscurity OK in HW??

If you're willing to go under the constraints of the NDA and various business practices to get access, some of the secure ICs are quite well documented and even have decent tooling. But outside NDAs and approved paths for access, info is limited.

That was my point. I can buy some of these chips in qty 1 on digikey, but without any documentation for the host interface I can't use them. And I don't want to sign an NDA for an open-source project.

It's not clear that signing the NDA and utilizing the chip in a real design would prevent you from producing open source software which utilizes the chip in your design. You just have to ensure every bit of what you code is strictly necessary to the design and don't explain.

Yes, but being under NDA would force you to not comment register writes, etc and generally produce poorly maintainable code. Unless you had a "secret" version of the code and then deleted the comments for the public copy.

If you have a "secret" version and only publish something with the comments removed then you are in violation of clause 2 of the open source definition, i.e. it is not open source anymore.

This seems peculiar to me. If you never made the code comments, or documented the comments elsewhere (e.g., internal docs or wiki) this would suddenly not be an issue? Likewise if you "generated" the code by hand versus using a tool and some template? Odd.

It's not community-friendly to throw generated files out there as OSS (or a file with nameless registers or cryptic code)... But it seems a stretch to say its a *violation* to publish code that compiles to the same exact binaries as its internal version without its metadata.