HSE S32K312 SHE based secure boot

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

HSE S32K312 SHE based secure boot

Jump to solution
3,236 Views
shravani
Contributor II

Hi,

I am trying to achieve SHE based secure boot using S32K312 microcontroller. My aim is to load the keys to secure NVM of HSE. For loading the keys, I am generating M1, M2 and M3 messages using Miyaguchi-Preneel Compression protocol and AES encryption. I am getting HSE_SRV_RSP_INVALID_PARAM as a response from HSE. 
Please check below details.
1) Microcontroller : S32K312_100MQFP

2) IDE: S32DS 3.5

 3) SDK Version: PlatformSDK_S32K3_2022_03

Steps I am following :

1) Key Catalogue Formatting -> Getting  HSE_SRV_RSP_OK 

2) Load She keys to Secure NVM

            2.1. Loading ECU_MASTER_KEY

                   2.1.1 Miyaguchi-Preneel Compression

                   API : Crypto_Exts_MPCompression(constArr, (uint32)(AES_BLOCK_SIZE * 2), K1, ConstOutLen)

                   Parameters: constArr -> const uint8_t *constArr This is input data

                                        (uint32)(AES_BLOCK_SIZE * 2) -> Size of input data which is 32 bytes.

                                        K1 ->  const uint8_t K1[AES_BLOCK_SIZE * 2]; -> output

                                       ConstOutLen -> const uint32_t *ConstOutLen -> length of the output

Any help on this topic is highly recommended.

Thanks in advance.

 

      

 

 

 

 

0 Kudos
Reply
1 Solution
3,201 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @shravani 

I got attached test code which shows how to generate M1-M3 values using Crypto layer. There's a function Crypto_CalculatedM1M2M3().

Regards,

Lukas

View solution in original post

0 Kudos
Reply
15 Replies
3,193 Views
shravani
Contributor II

Hi @lukaszadrapa 

 

Thank you so much for providing me with test code. I will try this.

 

Regards

Shravani

0 Kudos
Reply
3,202 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @shravani 

I got attached test code which shows how to generate M1-M3 values using Crypto layer. There's a function Crypto_CalculatedM1M2M3().

Regards,

Lukas

0 Kudos
Reply
3,187 Views
shravani
Contributor II
Hi @lukaszadrapa,

I got HSE_SRV_RSP_OK for Crypto_CalculatedM1M2M3(). but while calling Crypto_KeyElementSet(ECU_MASTER_KEY_ID, SHE_KEY_MATERIAL_ELEMENT_ID, KeyPram, SHE_M1M2M3_SIZE) I am getting HSE_SRV_RSP_KEY_INVALID.
ECU_MASTER_KEY_ID = 0
SHE_KEY_MATERIAL_ELEMENT_ID = 1
I have set HSE flag as VERIFY.
What could be the reason? Can you please guide me?
0 Kudos
Reply
3,171 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

ECU_MASTER_KEY_ID is defined as 1 in the SHE spec. Isn't this the problem?

0 Kudos
Reply
3,167 Views
shravani
Contributor II

@lukaszadrapa ,

I tried with 1 as well but no change in results. Please check below configuration.

shravani_0-1712824534149.png

shravani_1-1712824600203.png

 

0 Kudos
Reply
3,150 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

I'm not sure about this, I'm checking with SW team. It may take some time.

0 Kudos
Reply
3,140 Views
shravani
Contributor II

@lukaszadrapa Okay. Please let me know if you got anything on this topic. It's a bit urgent.

3,133 Views
shravani
Contributor II

Hi @lukaszadrapa ,

 

What attributes should we set while loading SHE key to secure NVM. In the RM758221-HSE-B Firmware Reference Manual - V2.1(2.1).pdf it is mentioned as below. 

shravani_0-1712904659148.png

 However, In the configurator I cannot see the WILDCARD and KEY_USAGE flag.

shravani_1-1712904774091.png

 

Can you please guide me on this?

 

Tags (1)
0 Kudos
Reply
2,923 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

You can set required flags when calculating M1-M3 values. The function is:

void Crypto_CalculatedM1M2M3(CONST(uint8, AUTOMATIC) authKey[16], uint8 authKeyId, uint8 keyId, CONST(uint8, AUTOMATIC) key[16], uint32 counter, CONST(uint8, AUTOMATIC) uid[15], uint8 flags, VAR(uint8, AUTOMATIC) KeyPram[64])

Parameter 'uint8 flags' should be used. The order of bits is:

lukaszadrapa_0-1713159539711.png

For example, if you want to set VERIFY_ONLY, the 'flags' should be 0x01.

There are no general rules which flags should be set, it depends on your requirements and on your application.

Regards,

Lukas

PS. Still waiting for response from SW team...

0 Kudos
Reply
2,918 Views
shravani
Contributor II

Hi @lukaszadrapa,
Thank you for the clarification.
I am getting HSE_SRV_RSP_KEY_INVALID while caling RetVal = Crypto_KeyElementSet(ECU_MASTER_KEY_ID, SHE_KEY_MATERIAL_ELEMENT_ID, KeyPram, 64)

for this error it says in SHE, the key ID provided is either invalid or non-usable due to some flag restrictions. */

I am following example which you shared Crypto_CalculatedM1M2M3 and giving the flag value as 0 and configured the value as VERIFY ONLY from the configurator for the key. I tried by changing these 0 values to 1 for but still error is same.

P.S. I am able to load the key in plain format. But when encryption is applied, error is coming.

0 Kudos
Reply
2,801 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Some update: provided code was intended mainly for S32K1 and its CSEc. So, make sure that "CSEC" is not defined because EmptyKey needs to be all '0' for HSE:


#ifdef CSEC
static uint8 au8EmptyKey[SHE_KEY_SIZE] =
{
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
};
#else
/* Array to be passed to Crypto driver during various operations as output buffer */
static uint8 au8EmptyKey[SHE_KEY_SIZE] =
{
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
#endif


And next thing - CSEc on S32K1 has either 5 or 6 attribute key flags. SHE define 5 flags and there could be one more flag enabled (VERIFY_ONLY). HSE always expects 6 flags. But I can see that the code expects 5 flags only:

aM2Plain[3] |= (flags & 0x1e) >> 1U;
aM2Plain[4] |= (flags & 0x01) << 7U;

You can update it to this:
aM2Plain[3] |= (flags & 0x3c) >> 2U;
aM2Plain[4] |= (flags & 0x03) << 6U;

To understand where it goes - there's 28bit counter in M2 value and then the flags...

lukaszadrapa_0-1713363015197.png

But if you used flags=0, I don't think this will make a difference.

0 Kudos
Reply
2,857 Views
shravani
Contributor II

Hi @lukaszadrapa 

 

Have you got any update?

0 Kudos
Reply
2,817 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Still waiting... I'm also checking if there's an option to provide direct support from local FAE team.

0 Kudos
Reply
2,764 Views
shravani
Contributor II

Hi @lukaszadrapa,

 

Can you share configuration file (.mex) for the SHE memory update protocol? So that I could check what I am doing wrong?

0 Kudos
Reply
2,411 Views
shravani
Contributor II

@lukaszadrapa 

 

I am able to load keys to secure NVM by adding key data in non-cacheable memory.

Tags (1)
0 Kudos
Reply