pKeyPtr in crypto_cse_loadkey

取消
显示结果 
显示  仅  | 搜索替代 
您的意思是: 
已解决

pKeyPtr in crypto_cse_loadkey

跳至解决方案
4,092 次查看
RedOne
Contributor III

I’m trying to load user keys by using function crypto_cse load key in crypto mcal module. This keys, unlike master key will come as an input array. This keys need to be updateble by function

first I’m using cse module standalone to reset memory, init cse and write master key in nvm. For that I’m using cse functions provided by nxp. Next I’m trying to update user keys by using crypto_loadKey func, which eventually gets me to crypto_cse_loadkey, which needs a ptr to key value and other stuff that I need to pass in order for it to write key correctly. Judging by use of loadkey in other functions I pass new key value as ptr to array of its value. Question is, how am I supposed to generate other stuff that will go in keyM1ptr keyM2ptr and keyM3 ptr? Cause only thing that I need to pass are IDs of keys. Do I need to do some other function first?

标记 (3)
0 项奖励
回复
1 解答
3,949 次查看
RedOne
Contributor III

Nevermind, already checked solution on StackOverflow. Turned out, function that I've been using from CSE to loadkey uses low endian, when Crypto loadkey reverses it to big endian, making key invalid in process. Don't know if it version problems or something else but I think it's a bug somewhere

 

在原帖中查看解决方案

0 项奖励
回复
12 回复数
4,028 次查看
namnguyenviet
NXP Employee
NXP Employee

Hello @RedOne,

The KeyUpdatePRAM is nothing but M1 concatenated with M2 and M3, i.e. the first 16 bytes of KeyUpdatePRAM are M1, next 32 bytes of KeyUpdatePRAM are M2 and the last 16 bytes of KeyUpdatePRAM are M3.

Best Regards,

Nam

0 项奖励
回复
4,021 次查看
RedOne
Contributor III

Is there an example of how keyUpdatePram should look in memory when it passes to memory? Or example of some program that uses it?

0 项奖励
回复
4,008 次查看
namnguyenviet
NXP Employee
NXP Employee

Hello @RedOne,

I shared with you an example to your email (kanaqw2@gmail.com)

Best Regards,

Nam

0 项奖励
回复
3,968 次查看
RedOne
Contributor III

Tried with your code, function Crypto_Cse_LoadKey returns CRYPTO_CSE_KEY_UPDATE_ERROR, when checking of key was written to PRAM or not. Description says that it happens when there's an errors in verification of the messages, but what does that means exactly? What is going wrong?

0 项奖励
回复
4,004 次查看
RedOne
Contributor III

Didn’t receive it. Can you send it again?

0 项奖励
回复
4,000 次查看
namnguyenviet
NXP Employee
NXP Employee

Try to access to your case here: https://support.nxp.com/s/case/5002p00002fZw5XAAS 

Best Regards,

Nam

0 项奖励
回复
3,970 次查看
RedOne
Contributor III

Tried your function, however, after generating M1 M2 and M3 and passing it to function Crypto_Cse_LoadKey, function returns CRYPTO_CSE_ERC_KEY_UPDATE_ERROR, which indicates that verification of messages is incorrect. Could you tell me what exactly could be this error in verification specifically? 

Ps Sending this message second time, because first doesn't display

0 项奖励
回复
3,960 次查看
namnguyenviet
NXP Employee
NXP Employee

Hello @RedOne,

CRYPTO_CSE_ERC_KEY_UPDATE_ERROR could because of there was an available key and you don't know the authentication key for that key in order to update that. You can try to load the key in a slot that you haven't used it before.

Best Regards,

Nam

0 项奖励
回复
3,950 次查看
RedOne
Contributor III

Nevermind, already checked solution on StackOverflow. Turned out, function that I've been using from CSE to loadkey uses low endian, when Crypto loadkey reverses it to big endian, making key invalid in process. Don't know if it version problems or something else but I think it's a bug somewhere

 

0 项奖励
回复
3,952 次查看
RedOne
Contributor III

image001.png

I think I found the issue, it's looks like that function Crypto_Cse_WritePagesToPRAM reversing endianess of key, making it invalid. How should I modify the code so it doesn't do this? Or should I modify input to be reversed already?

0 项奖励
回复
4,035 次查看
namnguyenviet
NXP Employee
NXP Employee

Hello, 

I'm afraid that I didn't get this function: crypto_loadKey. Did you mention Crypto_KeyElementSet?

Given that you have a user key as a 8-byte array. Because the M1M2M3 calculation functionality isn't available in the driver, you need to write it by your own (but I guess you've already had this function, since it's also required to load the master key), in order to convert the raw 8-byte data key to M1M2M3 format. After that, you will "append" the M1, M2 and M3 into an array, which will be used as the key data. Then you will pass the pointer to the key data to the Crypto_KeyElementSet() function. 

Below is the snippet code:

namnguyenviet_0-1646813907406.png

Best Regards,

Nam

 

0 项奖励
回复
4,032 次查看
RedOne
Contributor III

In crypto_KeyElementSet there’s a function Crypto_Ipw_loadKey which passes keyptr further to crypto_cse_loadKey, which uses Crypto_cae_writePagesToPRAM in order to write key in to memory. This function returns key invalid error when I’m trying to point array of initial value of the key to it. So, as I understand from your answer I need to generate M1, M2 and M3, however I don’t understand the KeyUpdatePRAM function from your answer array. Can you elaborate what is it?

0 项奖励
回复