Hello,
In our company we are working on a project having MWCT2015S microcontroller.
We store keys in the HSE_B secure memory setting the HSE_KF_ACCESS_DEBUG_PROT attribute so that the keys cannot be accessed (i.e. used) when a debugger is connected. Some of the keys may need to be updated once the product is in field (vehicle usage).
The question is: what does the sentence "cannot be used" include? Does it refer only to prevent keys usage for cryptographic operations OR it means that they cannot completely handled when a debugger is connected?
So, is it possible to update debug protected keys when the debugger is connected?
Thank you in advance and best regards,
Alessandro Di Vincenzo
Thank you Lukas
It looks like you have older version of the manual. I recommend to download the latest one which is version 2.3.
It's the same for non-SHE keys. If you are importing a key first time (i.e. to empty slot), it can be loaded in plain. However, if you are updating a key, it is mandatory to use encryption and/or authentication (Table 47 and 48 in RM v2.3). So, this is also trusted operation as described in the SHE, there's no difference.
Regards,
Lukas
We don't store the key in its SHE-format. Can I consider this statement valid also for the non-SHE keys managed according to table 31 in chapter 7.1.4.2 from the HSE_B RM?
Thank you in advance,
Alessandro
Hi @ale_di_vi
here is an explanation from SHE specification:
Regards,
Lukas