Hi @LucyYou
Loading of initial keys is one-time operation which is usually done in factory during production. If you are running this initialization if field, it means that you have plain keys in normal flash memory which is a security risk.
To answer your questions:
1. If you continue to execute these two functions without doing any processing, is there any error?
- Yes, error will be returned, the keys won’t be loaded again. To update the keys, it is necessary to follow memory update protocol (increment counter of key, calculate M1-M5 again…
2. If I do not want to perform these two functions, is there any recommended policy to let me know that the authorization key mater key has been loaded successfully?
- As I mentioned above, this is usually done in factory, so the application knows that the keys are already installed
3. Can Key be checked, similar to CMAC check function?
- The keys can’t be read or exported (well, RAM plain key is an exception). To confirm that the key is correctly loaded during their installation: you are calculating M1-M5 values before the loading. M1-M3 values are used to load the keys. CSEc then will return M4 and M5 values. You can compare these values with values calculated by you. If the values are equal, your key was correctly loaded.
Another option to check if key is present – perform some operation like generation of CMAC and check if you are getting expected result or if you are just getting error ERC_KEY_EMPTY.
Regards,
Lukas
