AnsweredAssumed Answered

About s12g96 using backdoor secret key decryption problem

Question asked by li yu on Jul 16, 2018
Latest reply on Jul 17, 2018 by Radek Sestak

My processor is s12g96. I set the backdoor key to be four 1, and then use the following code to decrypt, but the decryption did not succeed.

 

static const unsigned char NVFSEC_INIT @0x0000FF0FU = 0xBDU;

/* BAKEY0: KEY=1 */
static const unsigned int BAKEY0_INIT @0x0000FF00U = 0x01U;

/* BAKEY1: KEY=2 */
static const unsigned int BAKEY1_INIT @0x0000FF02U = 0x01U;
//
/* BAKEY2: KEY=3 */
static const unsigned int BAKEY2_INIT @0x0000FF04U = 0x01U;
//
/* BAKEY3: KEY=4 */
static const unsigned int BAKEY3_INIT @0x0000FF06U = 0x01U;

 

The following is the decryption code

 

#pragma push
#pragma CODE_SEG RAM_CODE
void PFlash_Verify_Backdoor_Access_Key()
{
//验证秘钥
U8 i;
enter_cirtical(); //禁止中断
while((FSTAT & FSTAT_CCIF_MASK) == 0); //wait if command in progress
FSTAT = 0x30; //clear ACCERR and PVIOL

FCCOBIX = 0x00;
FCCOB = 0x0C00;
for(i=0;i<4;i++)
{
FCCOBIX++; /* Shift index register */
FCCOB = 0x01U; /*fill key0~3*/
}

FSTAT = 0x80; //launch command
while((FSTAT & FSTAT_CCIF_MASK) == 0); //wait for done
exit_cirtical(); //
}
#pragma pop

Outcomes