AES132 in Legacy command mode(ECB)

Log in or register to post comments
Go To Last Post
5 posts / 0 new
Author
Message
dineshreil
dineshreil's picture
Level: New Member
Joined: Fri. Sep 21, 2012
Posts: 16 View posts
Location: Jaipur, India
#1
Posted by dineshreil: Thu. Apr 26, 2018 - 04:46 AM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I am trying to use the AES132 in Legacy Command mode(I am a beginner and minimum need for an application, hence not using advanced features of this IC as of now). 

 

The process used is described below.

 

1. I loaded a key in the Keyspace by directly writing into it. See the snapshot. (Aces studio gives this facility to directly write keys)

2. Write the key configuration registers value 0x01000009

3. Checked the chipConfig register, which is already 0xC3 ( the legacy value is enabled)

4. Used command builder tool to give command : 

    0x19 (number of bytes in command)

    0x0F (Opcode)

    0x00 (mode)

    0x00 ( Parameter 1: upper byte 0x00  always)

    0x02 ( Parameter1:  key ID for aes key)  Q1: is this correct way to address key id(for key02)? 

   0x00  ( parameter 2, upper byte)

   0x00  ( parameter 2, lower byte)

    0x54 0x65 0x73 0x74 0x5F 0x41 0x45 0x53 0x31 0x33 0x32 0x5F 0x63 0x68 0x69 0x70 ( in ascii "Test_AES132_chip")  16 bytes

   CRC1

   CRC2

 

5. Still it is showing error in return status register ( 0x04, 0x80, 0x1B, 0x00)

  It should return the Number of bytes, Return code 0x00(ok),  encrypted 16 bytes ciphertext and CRC1,CRC2

 

Q2: Is the error is with ACES studio? because the total number of bytes are (count+opcode+mode+param1(2)+param(2)+16+crc(2) = total should be 23, not 19)

Q3: Right now chip configuration memory is unlocked editable state. Is locking the configuration memory is necessary before doing any encryption operation at all?

 

 

Kindly see the images attached with the reply. Hope this post help others also who are starting with this IC.

@anha631: expecting your valuable guidance.

 

Attachment(s): 

Image icon Step1 ACES .JPG
Image icon KeyConfig1.jpg
Image icon KeyConfig2.jpg

Tags:

Security, General Security Discussions
Last Edited: Tue. May 1, 2018 - 04:25 AM
Top
anha6317
anha6317's picture
Level: Rookie
Joined: Fri. Mar 10, 2017
Posts: 49 View posts
Posted by anha6317: Thu. Apr 26, 2018 - 10:37 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 1

 

0x19 is the correct command packet length: Length(1) Opcode(1) Mode(1) Param1(2) Param2(2) Data(16) CRC(2)

This is 25 bytes total, which equals 0x19 in hex.

 

You do not need to lock the device for this command to work.

 

You have your KeyConfig bytes reversed, it should be 09 00 00 01

I tried this in ACES and it works OK for me.

 

You have 01 00 00 09, which sets LegacyOK=0 and that is why the command returns status 0x80 which is a key error

Could be a big endian / little endian problem perhaps?

 

 

Attachment(s): 

Image icon KeyConfig.jpg
Top
dineshreil
dineshreil's picture
Level: New Member
Joined: Fri. Sep 21, 2012
Posts: 16 View posts
Location: Jaipur, India
Posted by dineshreil: Tue. May 1, 2018 - 04:31 AM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Thank you. The encryption works.

 

PlainText (Input) + Key02  = CipherText(Output)

 

Checked it on a website http://aes.online-domain-tools.com/ and found everything in order.

 

But, how do i decrypt the data?

 

I tried, providing the cipherText as input

 

CipherText(input) + Key02 = PlainText(output)

 

but the output is not same as initial plaintext?

Is there any bit which enables the encrypt or decrypt direction?

 

 

Top
anha6317
anha6317's picture
Level: Rookie
Joined: Fri. Mar 10, 2017
Posts: 49 View posts
Posted by anha6317: Tue. May 1, 2018 - 12:06 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

 

Sorry... I can't find anywhere in the datasheet the describes how to do AES-ECB decrypt with the Legacy command.

Searching on Google shows other people asking this question but there is no answer.

 

I suggest you open a support ticket. I will try some things myself & if I find the answer I will update this thread.

 

Good luck!

Top
dineshreil
dineshreil's picture
Level: New Member
Joined: Fri. Sep 21, 2012
Posts: 16 View posts
Location: Jaipur, India
Posted by dineshreil: Thu. May 3, 2018 - 10:02 AM (Reply to #4)
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I asked the Technical team, seems like there is no option for it.

 

And regarding the use of IC. My requirements are specific.

Kindly suggest the right mode, and required configuration.

The available memory in host controller is very low and critical (so i will avoid any advance modes/features of this IC).

 

To do: As i said earlier, i just wish to implement Plaintext to ciphertext, and vice versa(as discussed in legacy mode).

           And key stored in Controller or AES132 IC doesn't matter. (Microchip team said, they will configure the IC at production level itself)

 

Configure the ChipConfig Register.

Userzone configuration is not necessary, keeping it default.

Key configuration. 0x010050E1

Volatile configuration, not important, keeping it default.

Counter configuration, not important, keeping it default.

Lock the IC registers.

Use Encrypt command

Use Decrypt command

 

Q1 Are above steps correct?

Q2 I need to lock the IC to use it, but i am afraid of wrong configuration making the USB dongle useless,

even if happens, can i connect new IC through 5 pins are provided SCL/SDA/CS/VCC/GND?

 

 

 

 

 

 

 

 

 

Top