CSEc command LOAD_KEY returns ERC_KEY_INVALID for some KeyIDs on S32k148

取消
显示结果 
显示  仅  | 搜索替代 
您的意思是: 
已解决

CSEc command LOAD_KEY returns ERC_KEY_INVALID for some KeyIDs on S32k148

跳至解决方案
417 次查看
lwaszniowski
Contributor I

Hello,

I have encountered an interesting problem. I want to install CSEc keys to S32k148 device. The device is partitioned for 20 keys (uCSEcKeySize = 0x03u). I am using functions calculate_M1_to_M5 and LOAD_KEY from AN5401SW in my code.

It works correctly (the LOAD_KEY function returns value 1 = NO_ERROR) for all KeyIDs (0x04 – 0x0D, 0x14 – 0x18) when the master key is used for authorization.

It also works correctly for KeyIDs 0x04 – 0x0D and 0x15 and 0x17, when the old value of the key itself is used for authorization.

However, when I use the old value of the key itself for authorization, the LOAD_KEY function returns value 8 (KEY_INVALID) for KeyIDs 0x14, 0x16, 0x18.

I am sure that the key value used for authorization is correct (the blank key 0xff…ff). I have tested that LOAD_KEY function returns value 0x80 (KEY_UPDATE_ERROR) when wrong value of the authorization key is used.

I have tested it several times. I always unsecure device by the following sequence:

DBG_CHAL,

DBG_AUTH,

FLASH_DRV_EraseAllBlock,

FLASH_DRV_Program configuration fields on address 0x0400 by values {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, 0xFF,0xFF,0xFF,0xFF,0xFE,0x7F,0xFF,0xFF};

FLASH_DRV_DEFlashPartition

 

Have anybody any idea what can be the root of the problem?

I can use it with master key authorization, but I want to be sure that I understand the process well.

Thanks

Libor Waszniowski

0 项奖励
回复
1 解答
406 次查看
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @lwaszniowski 

I reported a bug in function calculate_M1_to_M5() short time ago. It looks like the root cause is the same in your case. See please the report and suggestion how to fix it below:

***

In case of keys from second bank (when KBS = 1, keys KEY_11 - KEY_17), it is not possible to use the same key as authorization key when loading a key. Only MASTER_ECU_KEY can be used.

Reason:

AN5401 says that KBS field should not be considered when calculating M1 and M4 values:

lukaszadrapa_0-1717650875246.png

 

 

lukaszadrapa_1-1717650875053.png

 

However, the function calculate_M1_to_M5() masks KBS only in case of key_id:

lukaszadrapa_2-1717650875130.png

 

If such M1-M5 values are used to load a key to second bank when using the same key as authorization key, ERC_KEY_INVALID is returned.

The solution is to add also this code here:

auth_key_id = auth_key_id & 0x0F;

Then everything works as expected.

Regards,

Lukas

在原帖中查看解决方案

0 项奖励
回复
2 回复数
407 次查看
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @lwaszniowski 

I reported a bug in function calculate_M1_to_M5() short time ago. It looks like the root cause is the same in your case. See please the report and suggestion how to fix it below:

***

In case of keys from second bank (when KBS = 1, keys KEY_11 - KEY_17), it is not possible to use the same key as authorization key when loading a key. Only MASTER_ECU_KEY can be used.

Reason:

AN5401 says that KBS field should not be considered when calculating M1 and M4 values:

lukaszadrapa_0-1717650875246.png

 

 

lukaszadrapa_1-1717650875053.png

 

However, the function calculate_M1_to_M5() masks KBS only in case of key_id:

lukaszadrapa_2-1717650875130.png

 

If such M1-M5 values are used to load a key to second bank when using the same key as authorization key, ERC_KEY_INVALID is returned.

The solution is to add also this code here:

auth_key_id = auth_key_id & 0x0F;

Then everything works as expected.

Regards,

Lukas

0 项奖励
回复
402 次查看
lwaszniowski
Contributor I

Thank you very much for fast response, it really works.

 

Thanks

Libor Waszniowski

0 项奖励
回复