帮助
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

command CMD_DBG_CHAL operation consultation

取消
开启建议
自动建议可通过在您键入时建议可能的匹配,而快速缩小您的搜索结果范围。
显示结果 
显示  仅  | 搜索替代 
您的意思是: 

command CMD_DBG_CHAL operation consultation

‎05-14-2021 12:35 AM
1,643 次查看
584914019
Contributor III

I saw the following description in the reference manual. Does the command CMD_DBG_CHAL have to be followed by the command COMD_DBG_AUTH? What will happen if other commands are executed between the two commands? At present, I dare not add it randomly. I am afraid that the chip will be locked up, so please consult your side.

584914019_0-1620977698251.png

 

0 项奖励
回复
6 回复数

‎05-14-2021 02:39 AM
1,626 次查看
584914019
Contributor III

In the following sample code, there are other commands executed in step 5. Why?

 

584914019_0-1620985184928.jpeg

 

0 项奖励
回复

‎05-14-2021 04:41 AM
1,616 次查看
danielmartynek
NXP TechSupport
NXP TechSupport

Hi @584914019,

Step 5 is needed to calculate the authorization.

Please see function DBG_AUTH() in AN5401, example 5.

Or you can use the SDK driver, example: csec_keyconfig_s32k144 function eraseKeys().

 

Regards,

Daniel

0 项奖励
回复

‎05-16-2021 07:36 PM
1,595 次查看
584914019
Contributor III

In the csec_keyconfig_s32k146 function deleteKeys(), you can see that CMD_DBG_CHAL() and CMD_DBG_AUTH have other commands CMD_GENERATE_MAC, as shown in step 2 in the figure below,Does the "CMD_DBG_CHA" command have to be followed by the command "CMD_DBG_AUTH"?

584914019_0-1621218972735.jpeg

 

 

0 项奖励
回复

‎05-14-2021 02:32 AM
1,634 次查看
danielmartynek
NXP TechSupport
NXP TechSupport

Hi,

Yes, the CMD_DBG_CHAL command must be followed by the CMD_DBG_AUTH command, otherwise the CMD_DBG_CHAL
command would be required to be reissued before continuing.

Please refer to AN5401 Getting Started with CSEc Security Module

4.5 Resetting Flash to the Factory State

AN5401SW.zip  Example 5, Resetting flash to the factory state

danielmartynek_0-1620984702810.png

https://www.nxp.com/products/processors-and-microcontrollers/arm-microcontrollers/s32k-automotive-mc...

 

Regards,

Daniel

 

 

 

0 项奖励
回复

‎05-18-2021 06:17 PM
1,569 次查看
584914019
Contributor III

In the csec_keyconfig_s32k146 function deleteKeys(), you can see that CMD_DBG_CHAL() and CMD_DBG_AUTH have other commands CMD_GENERATE_MAC, as shown in step 2 in the figure below,Does the "CMD_DBG_CHA" command have to be followed by the command "CMD_DBG_AUTH"?

584914019_0-1621387041471.jpeg

 

 

0 项奖励
回复

‎05-27-2021 06:50 AM
1,552 次查看
danielmartynek
NXP TechSupport
NXP TechSupport

Hi @584914019,

The challenge and response(authorization) is a two-step operation.

But the calculation of CMAC needs to be done before we can send the response (authorization) to CSEc. And this step can’t be ignored or calculated before the challenge is issued, the challenge is a random number.

The RM does not say no CSEc operation can be performed between these two steps, that's impossible.

Also, AN5401 shows how to generate the CMAC of response (authorization).

 

Regards,

Daniel

0 项奖励
回复