GMAC Generation

Galois Message Authentication Code (GMAC) is an authentication-only variant of the GCM (Galois/Counter Mode) which can form an incremental message authentication code.

Figure 1. GMAC Generation Panel
  • Key Type - allows to select the type of key that will be loaded and used to generate the GMAC authentication tag. Possible values are:
    • Plain ADKP -> plain Application Debug Key/Password
    • Hashed ADKP -> represents the sha256 hash value of plain ADKP
    • Wrapped ADKP -> represents the result of wrapping plain ADKP with a given wrapkey (RSA-2048); option is only available for Windows
    • UID -> (Unique Identifier) hexadecimal string corresponding to a plain ADKP in the key storage; option is available only for Windows
      Figure 2. Key Type Items
  • Use new authenticated image format - enable generation of the exported images in the new authenticated image format.
  • Key File - represents the txt file that contains the value of the key in a hexadecimal string format. Depending on the Key Type selection, the constraint for the file length is:
    • Plain ADKP -> 32 characters in hex format
    • Hashed ADKP -> 64 characters in hex format
    • Wrapped ADKP -> 512 characters in hex format
    • UID -> 16 characters in hex format

To increase the security level of the device, all active assets in the external flash memory must be authenticated so that they can be securely booted. In this case, the integrity of the images that control the platform’s resources is ensured. IVT, DCD, and Self-Test DCD images are signed by HSE FW (via dedicated service) using a key derived from ADKP (Application Debug Key/Password). These images will be verified by the Boot ROM during the boot sequence only if the IVT_AUTH fuse is blown, and the device Lifecycle is set to OEM_PROD or IN_FIELD.

There are two cases available for the secure boot flow:

  • Basic Secure Boot (BOOTSEQ: Secured Boot is checked) – the application image must be signed using a key derived from ADKP. This signature generation can be done offline, using the IVT tool, based on the txt key file that corresponds to the selected key type (Plain ADKP, Hashed ADKP, Wrapped ADKP, or UID)
  • Advanced Secure Boot (BOOTSEQ: Secured Boot is checked , IVT_AUTH is blown, and device Lifecycle is set to OEM_PROD or IN_FIELD) – all images (IVT, DCD, Self-Test DCD, and Application bootloader images) must be signed using a key derived from ADKP.
To avoid confusion, the IVT tool will provide the signature for all loaded images when the final blob image is exported, if BOOTSEQ: Secure Boot setting is checked.
Figure 3. Select Secure Boot

The 'Sign image' button allows to manually configure the images to be signed in the final exported blob.

In order to be able to sign the IVT, DCD, Self-Test DCD, Application bootloader images based on Wrapped ADKP or UID, which are available only for Windows, additional steps must be done.

Go to:

<S32Design Studio installation folder>\S32DS\tools\S32Debugger\Debugger\Server\CCS\bin

and open a Command Prompt (cmd):

  1. Generate the wrapping key pair:
    volkano -cmd generate_wrapkey
  2. Export the public part of the wrapping key
    volkano -cmd export_wrapkey -binfile <file_name>
    • <file_name> - name of the binary file where the public wrapkey is exported
    • The output of the command represents the public wrapkey as a hexadecimal string
  3. Wrap the plain ADKP with the given wrapkey
    volkano_utils -cmd wrap_adkp -adkp <adkp_value> -keybin <wrapkey_binary_file>
    volkano_utils -cmd wrap_adkp -adkp <adkp_value> -key <wrapkey>
    • <adkp_value> - plain ADKP as string in hex format
    • <wrapkey_binary_file> - binary file that contains the public wrapkey (exported in the previous step)
    • <wrapkey> - public wrapkey as a hex string (exported in the previous step)

The output represents the wrapped ADKP value and can be used in the following scenarios:

  1. Directly in the IVT tool by selecting Wrapped ADKP as Key Type

    In this case, the IVT tool will generate the GMAC authentication tag based on wrapped ADKP. For this, the wrapped ADKP hexadecimal string (command output executed in step 3) should be saved in a txt file.

  2. Compute the hashed ADKP value
    volkano -cmd get_adkp_hash -key <wrapped_key>
    • <wrapped_key> - wrapped ADKP value as string in the hex format
    • The output represents sha256 hash value of plain ADKP and can be saved in a txt file and loaded as Hashed ADKP file in the IVT tool
  3. Register the ADKP-UID pair
    volkano -cmd register_adkp -uid <uid_value> -key <wrapped_key>
    • <uid_value> - 16 hex characters representing the UID string
    • <wrapped_key> - wrapped ADKP value as string in the hex format

    After registration, save the UID hex string in a .txt file and use it as UID file in the IVT tool

Note:
  1. The ‘vlk_config.ini’ file needs to point to a location where the ‘.db’ file contains the wrapkey that was used to wrap the plain ADKP value.
  2. Before using the GMAC generation feature, make sure the selected processor supports the offline GMAC generation using the ADKP value.