FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

[Security] Problems using SDK CSEC Driver

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

[Security] Problems using SDK CSEC Driver

Jump to solution
‎04-18-2024 12:20 AM
2,197 Views
Gideon
Contributor III

Dear NXPs:

SDK CSEC Driver
csec_driver.h
csec_driver.c
csec_hw_access.c
csec_hw_access.h
I transplanted the SDK CSEC Driver to the normal project (without free RTOS) for use. The chip objects are S32K142 and S32K146. I found that the SDK CSEC Driver only used the OS timer for timeout processing, so my solution was to delete the OS part of the CSEC Driver C file, which met my needs.
The interface I plan to use is:
void CSEC_DRV_Init(csec_state_t *state);
void CSEC_DRV_Deinit(void);
status_t CSEC_DRV_EncryptCBC(csec_key_id_t keyId,
const uint8_t *plainText, uint32_t length,
const uint8_t *iv, uint8_t *cipherText, uint32_t timeout);
status_t CSEC_DRV_DecryptCBC(csec_key_id_t keyId, const uint8_t *cipherText,
uint32_t length, const uint8_t* iv, uint8_t *plainText, uint32_t timeout);
status_t CSEC_DRV_GenerateMAC(csec_key_id_t keyId, const uint8_t *msg,
uint32_t msgLen, uint8_t *cmac, uint32_t timeout);
status_t CSEC_DRV_GenerateMACAddrMode(csec_key_id_t keyId,
const uint8_t *msg, uint32_t msgLen, uint8_t *cmac);
status_t CSEC_DRV_VerifyMAC(csec_key_id_t keyId, const uint8_t *msg,
uint32_t msgLen, const uint8_t *mac, uint16_t macLen, bool *verifStatus,
uint32_t timeout);
status_t CSEC_DRV_VerifyMACAddrMode(csec_key_id_t keyId, const uint8_t *msg,
uint32_t msgLen, const uint8_t *mac, uint16_t macLen, bool *verifStatus);
status_t CSEC_DRV_LoadKey(csec_key_id_t keyId, const uint8_t *m1,
const uint8_t *m2, const uint8_t *m3, uint8_t *m4, uint8_t *m5);
status_t CSEC_DRV_BootFailure(void);
status_t CSEC_DRV_BootOK(void);
status_t CSEC_DRV_BootDefine(uint32_t bootSize, csec_boot_flavor_t bootFlavor);
static inline csec_status_t CSEC_DRV_GetStatus(void);
status_t CSEC_DRV_MPCompress(const uint8_t *msg, uint16_t msgLen,
uint8_t *mpCompress, uint32_t timeout);
Q:What I want to inquire about is transplanting the SDK CSEC Driver to the Normal project (142/146, no OS). Are there any potential risks? ?

0 Kudos
Reply
1 Solution

Jump to solution
‎04-22-2024 10:26 PM
2,088 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

You can find the manual here:
c:\NXP\S32DS.3.4\S32DS\software\S32SDK_S32K1XX_RTM_4.0.3\doc\S32SDK_S32K144_UserManual.pdf

No configuration is needed. If you have a project without FreeRTOS then baremetal version is selected automatically.

View solution in original post

0 Kudos
Reply
3 Replies

Jump to solution
‎04-19-2024 01:51 PM
2,166 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @Gideon 

there's implementation of OSIF for both FreeRTOS and baremetal configuration. So, there's no problem even if you don't use FreeRTOS. Take a look at section "OS Interface (OSIF)" in SDK user manual.

lukaszadrapa_0-1713559726522.png

I can't see a reason to do such changes. 

And if SDK is not used ever, it's better to use code from AN5401.

Regards,

Lukas

 

0 Kudos
Reply

Jump to solution
‎04-21-2024 08:04 PM
2,128 Views
Gideon
Contributor III

Dear NXPs:

Q1:Where can I view the document you sent a screenshot of?

Q2:Could you provide me with a baremetal configuration S32K14x CSEC driver?

0 Kudos
Reply

Jump to solution
‎04-22-2024 10:26 PM
2,089 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

You can find the manual here:
c:\NXP\S32DS.3.4\S32DS\software\S32SDK_S32K1XX_RTM_4.0.3\doc\S32SDK_S32K144_UserManual.pdf

No configuration is needed. If you have a project without FreeRTOS then baremetal version is selected automatically.

0 Kudos
Reply
%3CLINGO-SUB%20id%3D%22lingo-sub-1849608%22%20slang%3D%22zh-CN%22%20mode%3D%22CREATE%22%3E%5BSecurity%5D%20Problems%20using%20SDK%20CSEC%20Driver%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1849608%22%20slang%3D%22zh-CN%22%20mode%3D%22CREATE%22%3E%3CP%3EDear%20NXPs%3A%3C%2FP%3E%3CP%3ESDK%20CSEC%20Driver%3CBR%20%2F%3Ecsec_driver.h%3CBR%20%2F%3Ecsec_driver.c%3CBR%20%2F%3Ecsec_hw_access.c%3CBR%20%2F%3Ecsec_hw_access.h%3CBR%20%2F%3EI%20transplanted%20the%20SDK%20CSEC%20Driver%20to%20the%20normal%20project%20(without%20free%20RTOS)%20for%20use.%20The%20chip%20objects%20are%20S32K142%20and%20S32K146.%20I%20found%20that%20the%20SDK%20CSEC%20Driver%20only%20used%20the%20OS%20timer%20for%20timeout%20processing%2C%20so%20my%20solution%20was%20to%20delete%20the%20OS%20part%20of%20the%20CSEC%20Driver%20C%20file%2C%20which%20met%20my%20needs.%3CBR%20%2F%3EThe%20interface%20I%20plan%20to%20use%20is%3A%3CBR%20%2F%3Evoid%20CSEC_DRV_Init(csec_state_t%20*state)%3B%3CBR%20%2F%3Evoid%20CSEC_DRV_Deinit(void)%3B%3CBR%20%2F%3Estatus_t%20CSEC_DRV_EncryptCBC(csec_key_id_t%20keyId%2C%3CBR%20%2F%3Econst%20uint8_t%20*plainText%2C%20uint32_t%20length%2C%3CBR%20%2F%3Econst%20uint8_t%20*iv%2C%20uint8_t%20*cipherText%2C%20uint32_t%20timeout)%3B%3CBR%20%2F%3Estatus_t%20CSEC_DRV_DecryptCBC(csec_key_id_t%20keyId%2C%20const%20uint8_t%20*cipherText%2C%3CBR%20%2F%3Euint32_t%20length%2C%20const%20uint8_t*%20iv%2C%20uint8_t%20*plainText%2C%20uint32_t%20timeout)%3B%3CBR%20%2F%3Estatus_t%20CSEC_DRV_GenerateMAC(csec_key_id_t%20keyId%2C%20const%20uint8_t%20*msg%2C%3CBR%20%2F%3Euint32_t%20msgLen%2C%20uint8_t%20*cmac%2C%20uint32_t%20timeout)%3B%3CBR%20%2F%3Estatus_t%20CSEC_DRV_GenerateMACAddrMode(csec_key_id_t%20keyId%2C%3CBR%20%2F%3Econst%20uint8_t%20*msg%2C%20uint32_t%20msgLen%2C%20uint8_t%20*cmac)%3B%3CBR%20%2F%3Estatus_t%20CSEC_DRV_VerifyMAC(csec_key_id_t%20keyId%2C%20const%20uint8_t%20*msg%2C%3CBR%20%2F%3Euint32_t%20msgLen%2C%20const%20uint8_t%20*mac%2C%20uint16_t%20macLen%2C%20bool%20*verifStatus%2C%3CBR%20%2F%3Euint32_t%20timeout)%3B%3CBR%20%2F%3Estatus_t%20CSEC_DRV_VerifyMACAddrMode(csec_key_id_t%20keyId%2C%20const%20uint8_t%20*msg%2C%3CBR%20%2F%3Euint32_t%20msgLen%2C%20const%20uint8_t%20*mac%2C%20uint16_t%20macLen%2C%20bool%20*verifStatus)%3B%3CBR%20%2F%3Estatus_t%20CSEC_DRV_LoadKey(csec_key_id_t%20keyId%2C%20const%20uint8_t%20*m1%2C%3CBR%20%2F%3Econst%20uint8_t%20*m2%2C%20const%20uint8_t%20*m3%2C%20uint8_t%20*m4%2C%20uint8_t%20*m5)%3B%3CBR%20%2F%3Estatus_t%20CSEC_DRV_BootFailure(void)%3B%3CBR%20%2F%3Estatus_t%20CSEC_DRV_BootOK(void)%3B%3CBR%20%2F%3Estatus_t%20CSEC_DRV_BootDefine(uint32_t%20bootSize%2C%20csec_boot_flavor_t%20bootFlavor)%3B%3CBR%20%2F%3Estatic%20inline%20csec_status_t%20CSEC_DRV_GetStatus(void)%3B%3CBR%20%2F%3Estatus_t%20CSEC_DRV_MPCompress(const%20uint8_t%20*msg%2C%20uint16_t%20msgLen%2C%3CBR%20%2F%3Euint8_t%20*mpCompress%2C%20uint32_t%20timeout)%3B%3CBR%20%2F%3EQ%EF%BC%9AWhat%20I%20want%20to%20inquire%20about%20is%20transplanting%20the%20SDK%20CSEC%20Driver%20to%20the%20Normal%20project%20(142%2F146%2C%20no%20OS).%20Are%20there%20any%20potential%20risks%3F%20%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1852097%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3ERe%3A%20%5BSecurity%5D%20Problems%20using%20SDK%20CSEC%20Driver%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1852097%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3EYou%20can%20find%20the%20manual%20here%3A%3CBR%20%2F%3Ec%3A%5CNXP%5CS32DS.3.4%5CS32DS%5Csoftware%5CS32SDK_S32K1XX_RTM_4.0.3%5Cdoc%5CS32SDK_S32K144_UserManual.pdf%3C%2FP%3E%0A%3CP%3ENo%20configuration%20is%20needed.%20If%20you%20have%20a%20project%20without%20FreeRTOS%20then%20baremetal%20version%20is%20selected%20automatically.%3C%2FP%3E%3C%2FLINGO-BODY%3E