Using a backdoor key to unlock security for Kinetis family MCU

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Using a backdoor key to unlock security for Kinetis family MCU

Jump to solution
1,752 Views
evgenik
Contributor IV

I know how to define K61 MCU security options. Where can I view code sample for Using a backdoor key to unlock security for Kinetis family MCU (K61)?

0 Kudos
Reply
1 Solution
1,223 Views
Jorge_Gonzalez
NXP Employee
NXP Employee

Hello Evgeni Kosakovski:

The Flash memory driver C90TFS​ comes with an example for the use of the backdoor key. The demo is called demo_secure_<device>.

But actually the use is very simple, just involves the next procedure:

-> Store the desired 8-byte key in flash at addresses 0x0400 - 0x0407. The syntax to store the key in flash depends on your IDE or toolchain but usually there is a default flash configuration definition ready to be modified.

-> Enable backdoor key with the KEYEN bits in the NVM_FSEC byte at address 0x040C. The same FSEC byte is used to secure the device with the SEC bits. Also toolchain dependent.

-> Declare a routine in code to get the 8-byte key. This depends on your requirements, for example the key can be expected after pressing a button and waiting for the key via UART from a PC console.

-> Write 0x45 (Backdoor command) to register FCCOB0 and the received 8-byte key to registers FCCOB[4] to FCCOB[B] and launch the command by clearing the bit FSTAT[CCIF].

The attached code is how the last 2 steps are implemented in the C90TFS driver.

I hope this helps.


Best Regards!
Jorge Gonzalez

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

View solution in original post

0 Kudos
Reply
1 Reply
1,224 Views
Jorge_Gonzalez
NXP Employee
NXP Employee

Hello Evgeni Kosakovski:

The Flash memory driver C90TFS​ comes with an example for the use of the backdoor key. The demo is called demo_secure_<device>.

But actually the use is very simple, just involves the next procedure:

-> Store the desired 8-byte key in flash at addresses 0x0400 - 0x0407. The syntax to store the key in flash depends on your IDE or toolchain but usually there is a default flash configuration definition ready to be modified.

-> Enable backdoor key with the KEYEN bits in the NVM_FSEC byte at address 0x040C. The same FSEC byte is used to secure the device with the SEC bits. Also toolchain dependent.

-> Declare a routine in code to get the 8-byte key. This depends on your requirements, for example the key can be expected after pressing a button and waiting for the key via UART from a PC console.

-> Write 0x45 (Backdoor command) to register FCCOB0 and the received 8-byte key to registers FCCOB[4] to FCCOB[B] and launch the command by clearing the bit FSTAT[CCIF].

The attached code is how the last 2 steps are implemented in the C90TFS driver.

I hope this helps.


Best Regards!
Jorge Gonzalez

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0 Kudos
Reply