I am new at the CSE. So I have some trouble to handle the CSE in my MPC5777C device.
I have some questions about MASTER_ECU_KEY
1. Can I erase the MASTER_ECU_KEY ?
2. How can I know if MASTER_ECU_KEY is already written ?
1.The MASTER_ECU_KEY is intended to be populated by the “owner” of the component using
SHE and it can be used to reset SHE or change any of the other keys.
A new MASTER_ECU_KEY can be written with the knowledge of the current MASTER_ECU_KEY and is protected by the common lock mechanisms described in Chapters 4.1.1, 4.1.2, 4.1.3 and 4.1.4. of SHE specification.
The MASTER_ECU_KEY must be empty after production.
2. The CSE will return 0 if the MASTER_ECU_KEY is empty.
Thank you Peter Vlna
I have one more question.
I read how to erase previous written keys at the "AN4234: Using the Cryptographic Service Engine(CSE)"
C.1 Appendix C Resetting the secure flash to its factory state
But I can't understand how to generate the KDEBUG value.
KDEBUG is defined as :
• KDEBUG = KDF(MASTER_ECU_KEY ,DEBUG_KEY_C)
• DEBUG_KEY_C = 0x01035348_45008000_00000000_000000B0
What kind of the KDF(Key Deviation function) is it using ?
And DEBUG_KEY_C is always the same value ?
1. MASTER_ECU_KEY can be erased but not by SHE application. so user cannot erase the key.
2. KDF is defined in SHE specification. SHE specification is distributed to HIS members.
see note from SHE spec:
This document and its content is copyright of AUDI AG and BMW AG ©, 2008.
All rights by reserved. Distribution allowed for all HIS members. You may not, except with express written permission
of all HIS members, distribute or commercially exploit the content. Nor may you transmit it or store it in any other
website or other form of electronic retrieval system.