ヘルプ
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

command CMD_DBG_CHAL operation consultation

キャンセル
提案をオンにする
自動提案では、入力時に可能な一致が提案されるので検索結果を素早く絞り込むことができます。
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 

command CMD_DBG_CHAL operation consultation

‎05-14-2021 12:35 AM
2,804件の閲覧回数
584914019
Contributor III

I saw the following description in the reference manual. Does the command CMD_DBG_CHAL have to be followed by the command COMD_DBG_AUTH? What will happen if other commands are executed between the two commands? At present, I dare not add it randomly. I am afraid that the chip will be locked up, so please consult your side.

584914019_0-1620977698251.png

 

0 件の賞賛
返信
6 返答(返信)

‎05-14-2021 02:39 AM
2,787件の閲覧回数
584914019
Contributor III

In the following sample code, there are other commands executed in step 5. Why?

 

584914019_0-1620985184928.jpeg

 

0 件の賞賛
返信

‎05-14-2021 04:41 AM
2,777件の閲覧回数
danielmartynek
NXP TechSupport
NXP TechSupport

Hi @584914019,

Step 5 is needed to calculate the authorization.

Please see function DBG_AUTH() in AN5401, example 5.

Or you can use the SDK driver, example: csec_keyconfig_s32k144 function eraseKeys().

 

Regards,

Daniel

0 件の賞賛
返信

‎05-16-2021 07:36 PM
2,756件の閲覧回数
584914019
Contributor III

In the csec_keyconfig_s32k146 function deleteKeys(), you can see that CMD_DBG_CHAL() and CMD_DBG_AUTH have other commands CMD_GENERATE_MAC, as shown in step 2 in the figure below,Does the "CMD_DBG_CHA" command have to be followed by the command "CMD_DBG_AUTH"?

584914019_0-1621218972735.jpeg

 

 

0 件の賞賛
返信

‎05-14-2021 02:32 AM
2,795件の閲覧回数
danielmartynek
NXP TechSupport
NXP TechSupport

Hi,

Yes, the CMD_DBG_CHAL command must be followed by the CMD_DBG_AUTH command, otherwise the CMD_DBG_CHAL
command would be required to be reissued before continuing.

Please refer to AN5401 Getting Started with CSEc Security Module

4.5 Resetting Flash to the Factory State

AN5401SW.zip  Example 5, Resetting flash to the factory state

danielmartynek_0-1620984702810.png

https://www.nxp.com/products/processors-and-microcontrollers/arm-microcontrollers/s32k-automotive-mc...

 

Regards,

Daniel

 

 

 

0 件の賞賛
返信

‎05-18-2021 06:17 PM
2,730件の閲覧回数
584914019
Contributor III

In the csec_keyconfig_s32k146 function deleteKeys(), you can see that CMD_DBG_CHAL() and CMD_DBG_AUTH have other commands CMD_GENERATE_MAC, as shown in step 2 in the figure below,Does the "CMD_DBG_CHA" command have to be followed by the command "CMD_DBG_AUTH"?

584914019_0-1621387041471.jpeg

 

 

0 件の賞賛
返信

‎05-27-2021 06:50 AM
2,713件の閲覧回数
danielmartynek
NXP TechSupport
NXP TechSupport

Hi @584914019,

The challenge and response(authorization) is a two-step operation.

But the calculation of CMAC needs to be done before we can send the response (authorization) to CSEc. And this step can’t be ignored or calculated before the challenge is issued, the challenge is a random number.

The RM does not say no CSEc operation can be performed between these two steps, that's impossible.

Also, AN5401 shows how to generate the CMAC of response (authorization).

 

Regards,

Daniel

0 件の賞賛
返信