pKeyPtr in crypto_cse_loadkey

RedOne · ‎03-04-2022

I’m trying to load user keys by using function crypto_cse load key in crypto mcal module. This keys, unlike master key will come as an input array. This keys need to be updateble by function

first I’m using cse module standalone to reset memory, init cse and write master key in nvm. For that I’m using cse functions provided by nxp. Next I’m trying to update user keys by using crypto_loadKey func, which eventually gets me to crypto_cse_loadkey, which needs a ptr to key value and other stuff that I need to pass in order for it to write key correctly. Judging by use of loadkey in other functions I pass new key value as ptr to array of its value. Question is, how am I supposed to generate other stuff that will go in keyM1ptr keyM2ptr and keyM3 ptr? Cause only thing that I need to pass are IDs of keys. Do I need to do some other function first?

RedOne · ‎03-16-2022

Nevermind, already checked solution on StackOverflow. Turned out, function that I've been using from CSE to loadkey uses low endian, when Crypto loadkey reverses it to big endian, making key invalid in process. Don't know if it version problems or something else but I think it's a bug somewhere

View solution in original post

namnguyenviet · ‎03-09-2022

Hello @RedOne,

The KeyUpdatePRAM is nothing but M1 concatenated with M2 and M3, i.e. the first 16 bytes of KeyUpdatePRAM are M1, next 32 bytes of KeyUpdatePRAM are M2 and the last 16 bytes of KeyUpdatePRAM are M3.

Best Regards,

Nam

RedOne · ‎03-09-2022

Is there an example of how keyUpdatePram should look in memory when it passes to memory? Or example of some program that uses it?

namnguyenviet · ‎03-10-2022

Hello @RedOne,

I shared with you an example to your email (kanaqw2@gmail.com)

Best Regards,

Nam

RedOne · ‎03-13-2022

Tried with your code, function Crypto_Cse_LoadKey returns CRYPTO_CSE_KEY_UPDATE_ERROR, when checking of key was written to PRAM or not. Description says that it happens when there's an errors in verification of the messages, but what does that means exactly? What is going wrong?

RedOne · ‎03-10-2022

Didn’t receive it. Can you send it again?

namnguyenviet · ‎03-10-2022

Try to access to your case here: https://support.nxp.com/s/case/5002p00002fZw5XAAS

Best Regards,

Nam

RedOne · ‎03-14-2022

Tried your function, however, after generating M1 M2 and M3 and passing it to function Crypto_Cse_LoadKey, function returns CRYPTO_CSE_ERC_KEY_UPDATE_ERROR, which indicates that verification of messages is incorrect. Could you tell me what exactly could be this error in verification specifically?

Ps Sending this message second time, because first doesn't display

namnguyenviet · ‎03-16-2022

Hello @RedOne,

CRYPTO_CSE_ERC_KEY_UPDATE_ERROR could because of there was an available key and you don't know the authentication key for that key in order to update that. You can try to load the key in a slot that you haven't used it before.

Best Regards,

Nam

RedOne · ‎03-16-2022

Nevermind, already checked solution on StackOverflow. Turned out, function that I've been using from CSE to loadkey uses low endian, when Crypto loadkey reverses it to big endian, making key invalid in process. Don't know if it version problems or something else but I think it's a bug somewhere

RedOne · ‎03-16-2022

I think I found the issue, it's looks like that function Crypto_Cse_WritePagesToPRAM reversing endianess of key, making it invalid. How should I modify the code so it doesn't do this? Or should I modify input to be reversed already?

namnguyenviet · ‎03-09-2022

Hello,

I'm afraid that I didn't get this function: crypto_loadKey. Did you mention Crypto_KeyElementSet?

Given that you have a user key as a 8-byte array. Because the M1M2M3 calculation functionality isn't available in the driver, you need to write it by your own (but I guess you've already had this function, since it's also required to load the master key), in order to convert the raw 8-byte data key to M1M2M3 format. After that, you will "append" the M1, M2 and M3 into an array, which will be used as the key data. Then you will pass the pointer to the key data to the Crypto_KeyElementSet() function.

Below is the snippet code:

Best Regards,

Nam

RedOne · ‎03-09-2022

In crypto_KeyElementSet there’s a function Crypto_Ipw_loadKey which passes keyptr further to crypto_cse_loadKey, which uses Crypto_cae_writePagesToPRAM in order to write key in to memory. This function returns key invalid error when I’m trying to point array of initial value of the key to it. So, as I understand from your answer I need to generate M1, M2 and M3, however I don’t understand the KeyUpdatePRAM function from your answer array. Can you elaborate what is it?