Can csec key11~17 update other keys as auth key?

キャンセル
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 

Can csec key11~17 update other keys as auth key?

ソリューションへジャンプ
1,585件の閲覧回数
yaojianhang
Contributor II

Hi,

I'm using S32K144, trying to use CSEc key11~17 update oher keys, since M1 message's Auth ID is 4 bit and doesn't have 1 bit KBS as KeyID. It seems impossible to do this.

0 件の賞賛
返信
1 解決策
1,552件の閲覧回数
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @yaojianhang 

that's very good point. I did some debugging on my side and I found out that there's a bug in the calculate_M1_to_M5 function.

I already mentioned this code:

key_id = key_id & 0x0F; //For keys in the other bank, don't consider the KBS bit in M1 & M4 calculation. Follow traditional SHE specs

However, this is not enough. Also AuthID should be modified in the same way when calculating M1 and M4. From AN5401:

lukaszadrapa_0-1673344588552.png

And:

lukaszadrapa_1-1673344661024.png

 

So, I added this code:

auth_key_id = auth_key_id & 0x0F;

... and everything works as expected now.

Thank you for pointing this out, I will report it.

Regards,

Lukas

 

元の投稿で解決策を見る

0 件の賞賛
返信
5 返答(返信)
1,573件の閲覧回数
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @yaojianhang 

let me share some screenshots:

From the reference manual:

lukaszadrapa_0-1673276693048.png

 In application note AN5401:

lukaszadrapa_1-1673276752746.png

In source files of AN5401:

lukaszadrapa_2-1673276795382.png

 

And regarding the second question, this can be found in AN5401:

lukaszadrapa_3-1673276951738.png

This is given by SHE specification. RAM_KEY can be updated anytime, you do not need to know MASTER_ECU_KEY or previous value of the RAM_KEY.

Regards,

Lukas

 

 

0 件の賞賛
返信
1,565件の閲覧回数
yaojianhang
Contributor II

HI,@lukaszadrapa 

In this code,use CSEC_KEY_11 updates CSEC_KEY_11 return  ERC_KEY_INVALID, use MASTER_ECU_KEY updates CSEC_KEY_11 return no error.

How to use CSEC_KEY_11 updates CSEC_KEY_11? Is it possible?  Thanks for you reply.

20230110_111617 (1).jpg

Regards,

yaojianhang.

0 件の賞賛
返信
1,553件の閲覧回数
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @yaojianhang 

that's very good point. I did some debugging on my side and I found out that there's a bug in the calculate_M1_to_M5 function.

I already mentioned this code:

key_id = key_id & 0x0F; //For keys in the other bank, don't consider the KBS bit in M1 & M4 calculation. Follow traditional SHE specs

However, this is not enough. Also AuthID should be modified in the same way when calculating M1 and M4. From AN5401:

lukaszadrapa_0-1673344588552.png

And:

lukaszadrapa_1-1673344661024.png

 

So, I added this code:

auth_key_id = auth_key_id & 0x0F;

... and everything works as expected now.

Thank you for pointing this out, I will report it.

Regards,

Lukas

 

0 件の賞賛
返信
1,521件の閲覧回数
yaojianhang
Contributor II
Thanks!

Regards,
yaojianhang
0 件の賞賛
返信
1,577件の閲覧回数
yaojianhang
Contributor II

additions:

can CSEc key11~17 update themselves and ram_key?

0 件の賞賛
返信