ATAES132A KeyCreate and key decryption

Go To Last Post
5 posts / 0 new
Author
Message
#1
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Hello all!

 

I'm using an ATAES132A chip, and it seems I've been able to create a key using a KeyCreate command (no error returned, output key and output MAC returned).

 

Problem is, the returned key is encrypted and I haven't been able so far to decrypt it and use for a following Auth command, which always returns me "MAC Error" code.

I think I can properly generate an InMAC (tested with different commands), so I think the problemi lies in the key I'm using for the InMAC generation (that is, the key returned bythe KeyCreate).

 

So... Does anybody know which is the proper way to decrypt keys returned by KeyCreate? Which is the algorithm used for the encryption? Can anybody enlighten me? :-)

 

Thanks in advance!

Mario

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Just to add some information...

 

- The key I'm using to authenticate has the AuthOk flag set @ creation time, RandomNonce disabled; KeyConfig for the key ID has CounterNum flag disabled

 

- Auth command is issued with inbound authentication, mode 0x01

 

Mario

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

There's nothing particularly special in the KeyCreate response. Decrypt the returned key the same as any other payload, using AES counter mode.

 

If the chip isn't locked, you can verify your code as the chip will always return 16 bytes of 0xA5 as the new key.

Is this what you get returned as the new key after decrypting?

 

As the MAC error is with the Auth command, check the usual suspects; mac_count, mode macflag (in/out), nonce (random? valid?).

Personally I think it's useful to run the Auth command with Inbound & Outbound authentication, certainly during development

as it lets you check your InMac generation and OutMac validation code.

 

MAC errors suck big time.

 

InMAC and OutMAC are both calculated using the parent key, and the returned key is also encrypted using the parent key.

 

Last Edited: Thu. Jun 22, 2017 - 02:44 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Hi anha6317

 

thank you for your hints, really helpful.

I have been able to decrypt key and authenticate with it (that, as you said, was 16 bytes of 0xA5).

 

My error was in the MAC counter, which I was using as the current one minus 1, while I had to use the current!

 

For anybody wandering about the decryption: it is, as anha6317 said, AES in CTR mode. See, for reference, https://en.wikipedia.org/wiki/Bl... and par. I.4 of the datasheet (look from the A1 description).

 

Thanks again

Mario

 

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Happy to help smiley