Hello, I am trying to implement secure debug authentication as described in AN13037.
I have all my certificates in place but when I try to create the debug certificate (dc) I get the following:
(nxp_venv) ajf@ajf3:~/work/nxp/sdebug$ nxpkeygen gendc -c config.yml keys/dck_rsa_4096.dc
INFO:spsdk.apps.nxpkeygen:Loading configuration from yml file...
INFO:spsdk.apps.nxpkeygen:Creating RSA debug credential object...
GENERAL ERROR: ValueError: non-hexadecimal number found in fromhex() arg at position 1
The config.yml file looks like this:
socc: 0x0001
uuid: "0"
cc_socu: 0x03FF
cc_vu: 0x0000
cc_beacon: 0
rot_id: 0
rot_meta:
- keys/public_key0_4096.pub
- keys/public_key1_4096.pub
- keys/public_key2_4096.pub
- keys/public_key3_4096.pub
rotk: keys/ca_key0_4096.pem
dck: keys/dck_rsa_4096.pub
(I added the rot_id not present in the example file as it errors without it. I have tried 1 and 0)
I have 4 ROT keys and I have tried rto_meta as 'pem' files and as hex dumps of the modulus. Likewise for the rotk
I have no idea where the error is originating. Running strace on nxpkeygen looks like it never seems to get as far as opening any of the key files anyway. I have also discovered that if I deliberately put invalid filenames for all the key files I get exactly the same error
The ROT certificates work fine for creating a secure signed binary code image using elftosb so I think they are all correct.
Thank you
