• State
  • Locked Locked
  • Replies 3 replies
  • Subscribers 32 subscribers
  • Views 151 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

AM2612: KeyWriter Integration Issue

Paxton Liu
Prodigy 10 points

Part Number: AM2612

Tool/software:

We have previously implemented the SBL_KeyWriter project and successfully applied it. Now we want to only load hsm_firmware in SBL, and then write the MCU key through the UDS service in the app. We replaced the hsm_firmware loaded in the SBL project with our own generated one.

During app initialization, use KeyWriter_Init (without loading hsm_firmware) to init hsm client.

Then write the MCU key to the specified address in the subsequent UDS service received.


But now we have encountered a problem. After the program executes the write, it returns a successful prompt, but in reality, the write was not successful. We don't know what the reason is.

The memory starting address of the HSM firmware is 0x70038800, with a size of 0x0001dc24, followed by the CertKey address of 0x70056428, with a size of 0x00002004. The Flash allocation is the same as the Sbl_KeyWriter project we have implemented, but the write result is incorrect.

  • 0
    TI__Guru* 87461 points

    Hi,

    The maximum size of the certificate key should be 8192U. 

    I see that in your case it is 8196 (0x2004) 

    Could you reduce this size and try again? 

    Also please share the logs seen at your end

    Thanks and Regards,

    Nikhil Dasan

  • 0 in reply to Nikhil Dasan
    Prodigy 10 points
    Thank you for your reply and apologize for replying late.
    1. The size of the certificate key is not the cause of this issue. It was also set in the code where we successfully injected the key.
    2. As mentioned in the question, after sending the MCU Key injection command, the software responds with "Success" instead of "Failure", so there is no debug log printed out. In fact, the MCU Key has not been actually written into efuse, and burning unencrypted firmware can still start normally.
  • 0
    TI__Guru* 87461 points

    Hi Paxton,

    Sorry for the delay in response.

    Few  clarifications required.

    Paxton Liu said:
    We replaced the hsm_firmware loaded in the SBL project with our own generated one.

    May I know if you are using the hsm firmware provided by TI (i.e. along with the OTP KW package)? If not, could you elaborate what you mean by "replaced hsm_firmware with our own generated one" ?

    In order to use the HsmClient_keywriter(), the corresponding handler should be present in the hsm_firmware, which is only  present in the firmware provided along with the OTP KW package.

    I believe you are able to convert the device into HSSE with the TI provided package right?

    Thanks and Regards,

    Nikhil Dasan