• State Resolved
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 41 subscribers
  • Views 170 views
  • Users 0 members are here
Support feedback
Options
Options
Similar topics

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

CC3120: CC3120 How to delete CA/Cert/Key file

Christopher Weber
Genius 4995 points
Part Number: CC3120

Hello,

So apparently to delete the "secure" files, you need a token when calling sl_FsDel(...)

You get that token when the file is originally created and stored.

What then...?  Are you supposed to write it down some place?  Because you MUST to have the master token to delete the file.  And in an embedded environment, it's not really practical to store that token "on disk".

You can't get that token from the sl_FsGetInfo(...)  call

So, there is no practical way to "decommission" a unit?  If my customer wanted to sell off a device with the NWP inside, or return it for service, and felt it was necessary to remove such confidential information, they can't do it?

Did no one think this through?

  • 0
    Guru 73415 points

    Hi,

    You have at least five options:

    • save token during file creation and during decommission use sl_FsDel() API
    • use vendor and static token with saved it inside your host firmware
    • rewrite secured files during decommission by another data (you don't need delete data you can only rewrite them)
    • use factory defaults from host
    • reprogram flash by sl_FsProgram() API

    You should prefer two last options. Because module can contain additional private data (e.g. temporary files). You should also properly describe behaviour of your system into certificate of volatility.

    Jan

  • 0 in reply to Jan D
    Genius 4995 points

    Jan,

    The API doc shows only 1000 bytes for firmware...?   Really?

    Can I actually load the full 50K+ in one call?  Or am I supposed to break things into 1K chunks...?

    _i32 Status
_u8 DataBuf[1000];
_u16 Len;
_u8 Key[16];
Status = sl_FsProgram ((const _u8*)DataBuf , Len , &Key , 0 );
if( Status < 0 )
{
/*error */
}

    Currently, I am using the UART interface to perform firmware loads.

  • 0 in reply to Christopher Weber
    TI__Guru 61526 points

    The 1000 is just an example. However, you will typically call the command several times with chunks of image due to RAM availability limitations.

    If you have the space for the entire content - you can send it in a single call.

    Please refer to a more complete code example in the sl_FsProgramming header (fs.h).

    Br,

    Kobi

     

  • 0 in reply to Christopher Weber
    Guru 73415 points

    Hi,

    According code inside sl_FsProgram() function it looks that data are already split into chunks. But nothing wrong happens if you split data into chunks by yourself. At least you will have knowledge about the percentage of progress.

    Jan

  • 0 in reply to Jan D
    Genius 4995 points

    Jan,

    Thanks.  This is an MCU of the Sitara flavor.  Plenty of ram already.  So I won't need to worry about it.