S32K116 Bricked after CSEc Operations

Hi,Lukas:

    Thanks for your reply. I have recently proved the demerit you mentioned. Here I have two questions

1:I was wondering if I could implement THE AES-ECB functionality using only RAMKEY instead of flash partitioning and building other keys.This will make the process much easier.

2.The encryption result calculated by me according to the routine provided by APP NOTE is inconsistent with the encryption result in  SDK by Freescale Semiconductor. What is the reason?I have changed MASTER_ECU_KEY_VALUE and KEY_1_VALUE according to the SDK to be the same as the SDK.But the results are still inconsistent. Infact, I get the same value as SDK with the pure software algorithm.

Please see the below:

the data in SDK. 

* key = 000102030405060708090a0b0c0d0e0f
* plaintext = 00112233445566778899aabbccddeeff
* ciphertext = 69c4e0d86a7b0430d8cdb78070b4c55a

my result:

KEY_1_VALUE[4] = {0x3020100,0x7060504,0xB0A0908,0xF0E0D0C};

plain_text[4] = {0x33221100, 0x77665544, 0xbbaa9988, 0xffeeddcc};

encrypted_text[4] = {0xAD5ADBEE,0x87C76183,0x604E3A70,0x5B16B98B}

Hi,

1. No, that's not possible. Partitioning needs to be done. If the partition command is not executed, CSE commands will return '0' which means the command was not performed.

2.

After some investigation, I found out that the result depends on interpretation of input values.

SHE specification provides test vectors which can be used for comparison of the results and which I used for my test.

For CMAC, the values are:

KEY      2b7e151628aed2a6abf7158809cf4f3c

MESSAGE    6bc1bee22e409f96e93d7e117393172a

OUTPUT    070a16b46b4d4144f79bdd9dd04a287c

AN5401SW expects that the numbers are provided in this form:

uint32_t key[4] = {0x2b7e1516, 0x28aed2a6, 0xabf71588, 0x09cf4f3c};

uint32_t data[4] = {0x6bc1bee2, 0x2e409f96, 0xe93d7e11, 0x7393172a};

And SDK driver expect this format:

uint8_t key[16] = {0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c};

uint8_t data[16] = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a};

The data are then stored in different order in the memory.

AN5401SW then works with the data as with 32bit words, SDK driver works with the data as with 8bit words, so the input data are swapped by the driver and the result is then also swapped.

If I follow this requirement, I’m getting correct result.

Regards,

Lukas

HI @lukaszadrapa,

I am working on a project which needs to calculate multiple CMACs sequentially. I have studied the AN5401. I have developed hands on how to configure the keys and how to initialize the CSEc module. The MCU i am using is S32K144. I have done encryption and decryption using AES 128 CBC and AES 128 ECB as well and verified it with a windows tool. I performed these CBC and ECB functions using temporary and stored keys too, works perfect. When i try to perform the CMAC on a specific text it gets calculated but i am unable to verify it with the windows tool and the code signature tool provided by NXP. After some research i came across this post in which you discussed the test vectors and the different ways of feeding the input regarding SDK driver and SW5401. I tried the exact format and data as you mentioned using a plain text key but unfortunately again the CMAC calculated cannot be verified. Kindly if you can guide me regarding this problem. What i may be missing or where i am going wrong. I am attaching all the screenshots for your reference.

The CMAC generated using the test vectors as provided above through CSEc_DRV_GenerateMAC in hex is:

{ b8 ef 91 75 af 36 25 47 9a f8 f6 cc 41 75 7f 13}

Thanks in advance.

BR,

Nafees