• State Resolved
  • Locked Locked
  • Replies 7 replies
  • Subscribers 63 subscribers
  • Views 526 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

Original question:

BQ40Z50 - SHA-1 Authentication

BQ40Z80EVM-020: Authentication

Reshmi Bimal
Prodigy 30 points
Part Number: BQ40Z80EVM-020
Other Parts Discussed in Thread: BQ40Z80

Hi,

We are trying to implement authentication with BQ EVM board and host controller. Tried to perform authentication from Battery management studio after setting the legacy sha1 bit in Auth config register as 1 and Authentication was successful.

Could you please point me towards any bq40z80 specific app notes for authentication. I went through the section 15 in TRM, and it does not say anything about the steps to follow with host controller for authentication. Thanks!

Regards,

Reshmi

  • 0
    TI__Guru** 105590 points

    Hello Reshmi,

    The steps outlined in 15.2.2 SHA-1 Authentication should be what is used for host verification of the gauge. You should be able to send a challenge from the host then receive the responses, most of the steps will be on the host side in the code to do that SHA-1 hashes.

    Sincerely,

    Wyatt Keller

  • 0 in reply to Wyatt Keller
    Prodigy 30 points

    Hi Wyatt,

    Thanks! I understand, SHA-1 has to be implemented in the host side code.

    Authentication is working fine with BQ studio SHA1- Authentication tab. However, I am not able to replicate the same steps through advanced cmd commands in BQ studio.

    TRM says 

    1. Send 0x0037 followed by 128 bit key to update the key.

    2. Send 0x27 followed by 160 bit random number challenge

    3. Read from 0x28 to get the authentication response.

    After sending a new challenge through MAC block access with step number 2, I still get the authentication response with default 128 key and the previous challenge send through SHA-1 authentication tab in BQ studio.

    Could you please guide me on this?

  • 0 in reply to Reshmi Bimal
    TI__Guru** 105590 points

    Hello Reshmi,

    So you are having issues uploading a new key to do the SHA-1 hash? It sounds like this is the only thing not working as expected?

    Please share the exact sequences you are implementing in the advanced communication tab as well as the .gg file with your configuration. You need to make sure the LEGACY_SHA1 bit is set properly.

    Sincerely,

    Wyatt Keller

  • 0 in reply to Wyatt Keller
    Prodigy 30 points

    Hi Wyatt,

    The Legacy_sha1 bit is set to 1.

    Below is the screenshot of authentication through sha1 authentication in BQ studio.

    I am trying implement the same through advanced SMB command. Below are the steps I followed.( Did not modify the key, using the default 128 bit key.)

    1. Write 2f followed by 20-byte random challenge "2F 04 16 53 11 9B 43 EB 93 56 50 61 81 C2 BD CB 35 9D 7A C1 A3 "

    2. Read from 2f to get the authentication response, the response through SBS is incorrect.

    The expected response is 

    Could you please let me know if i am missing any steps in between. I have attached the .gg file below.

    14thjuneAuth.gg.csv

  • 0 in reply to Wyatt Keller
    Prodigy 30 points

    Hi Wyatt,

    This is the random number challenge generated from BQ studio, "AE41806FDAF55D71593D0FE7EB89D90F28B692E2"

    I am sending it in little endian format through MAC Block access..

    New Challenge( Tried with 0x2f Authenticate() 

    2F E2 92 B6 28 0F D9 89 EB E7 0F 3D 59 71 5D F5 DA 6F 80 41 AE

    Below is the response I get. Could you please let me know the advanced sbs command format to send a new authentication challenge from BQ studio.

    Regards,

    Reshmi

  • +1 in reply to Reshmi Bimal
    TI__Guru** 105590 points

    Hello Reshmi,

    A couple of things to clarify:

    • Make sure the auto-refresh is off during any testing with the advanced communication tab.
    • Your command structure looks incorrect, the command 0x2f and response 0x28 should be in the input section closest to the button, where you currently have 0x44. 0x44 will not give the correct responses.

    Sincerely,

    Wyatt Keller

  • 0 in reply to Wyatt Keller
    Prodigy 30 points

    Hi Wyatt,

    Thank you!

    It is working now. Explanation for 2F/28 in TRM says block read and write, so I thought it was MAC block access command.

    Rookie mistake.