ACES Configuration Files Question

Go To Last Post
5 posts / 0 new
Author
Message
#1
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Hi folks,

 

I've been working on a project that includes an ATECC508 crypto chip. I've got a chip in a the AT88CK101 expansion board for the XPRO/AT88 microbase. Now, I want to configure it using ACES (version 6.0.2) to hold a private key in a slot. My private-public ECC keypair for this test is generated using OpenSSL.

 

However, I've hit a wall I can't seem to get past, and I'd appreciate some help. ACES (and the signing utilities that come with it) expect all sorts of odd file extensions (priv.xml, .excs, .per) that it defines nowhere. It's not exactly clear to me what I should supply and where.

I've also used the command builder tool to try and load in the private key. However, this returns a "KitStatusUnknown" error for which I also can't find anything. It seems to read the chip just fine when you refresh the configuration/lock zone summaries though.

 

The help files are of little use (to me) and I can't seem to find any relevant application notes or guides. Am I just missing something incredibly obvious?

Last Edited: Tue. Jun 26, 2018 - 03:26 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Sadly for you this site used to have a forum for "Security Devices" but when it only got about 3 posts each year it was finally closed/lost so I'm afraid there isn't anywhere to ask questions like this any more (and even less chance of an answer). Your best bet if it is a Microchip/Atmel product is to open a support ticket on the Microchip website.

 

Moderator

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Such a forum still exists:

 

General Security Discussions

 

A forum for general security discussions for any application.

 

https://community.atmel.com/forums/general-security-discussions

 

Top Tips:

  1. How to properly post source code - see: https://www.avrfreaks.net/comment... - also how to properly include images/pictures
  2. "Garbage" characters on a serial terminal are (almost?) invariably due to wrong baud rate - see: https://learn.sparkfun.com/tutorials/serial-communication
  3. Wrong baud rate is usually due to not running at the speed you thought; check by blinking a LED to see if you get the speed you expected
  4. Difference between a crystal, and a crystal oscillatorhttps://www.avrfreaks.net/comment...
  5. When your question is resolved, mark the solution: https://www.avrfreaks.net/comment...
  6. Beginner's "Getting Started" tips: https://www.avrfreaks.net/comment...
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Ah, then I will move this - I could have sworn that died years ago but good news....

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Ah, apologies. I wasn't sure what forum to pick, so i went with the evaluation forum, since ACES is technically that. Thanks for moving it! As @clawson suggested, I've put in a support request at Microchip for a definition of the files.

 

However, I've been able to load a private key in the chip using the ACES command builder. It turns out that my specific combination of hardware occasionally times out and thinks it's a different chip - hence the "KitStatusUnknown" error. Simply plugging the kit out and in again fixes this. Now on to trying to make the challenge-response bit work...

 

As an aside, I don't envy the engineers of old and their OTP chips. It feels a bit wrong having to bin a chip because I read the datasheet wrong!