Debug Authentication API

Debug Authentication module provides debugging for securely provisioned devices.

DAT module general information

This module contains support for Debug Authentication Tool.

Module for generating debug credentials

Module with DebugCredential class.

class spsdk.dat.debug_credential.DebugCredential(socc, uuid, rot_meta, dck_pub, cc_socu, cc_vu, cc_beacon, rot_pub, signature=None, signature_provider=None)

Bases: object

Base class for DebugCredential.

Initialize the DebugCredential object.

Parameters:

  • socc (int) – The SoC Class that this credential applies to

  • uuid (bytes) – The bytes of the unique device identifier

  • rot_meta (bytes) – Metadata for Root of Trust

  • dck_pub (bytes) – Internal binary representation of Debug Credential public key

  • cc_socu (int) – The Credential Constraint value that the vendor has associated with this credential.

  • cc_vu (int) – The Vendor Usage constraint value that the vendor has associated with this credential.

  • cc_beacon (int) – The non-zero Credential Beacon value, which is bound to a DC

  • rot_pub (bytes) – Internal binary representation of RoT public key

  • signature (Optional[bytes]) – Debug Credential signature

  • signature_provider (Optional[SignatureProvider]) – external signature provider

FORMAT = 'INVALID_FORMAT'
FORMAT_NO_SIG = 'INVALID_FORMAT'
HASH_LENGTH = 32
SOCC_FORMAT = ''
SOCC_LIST = {0: [('rt5xx', 'a0'), ('rt5xx', 'latest'), ('rt6xx', 'b0'), ('rt6xx', 'latest')], 1: [('lpc550x', 'a1'), ('lpc550x', 'latest'), ('lpc55s0x', 'a1'), ('lpc55s0x', 'latest'), ('lpc551x', 'a1'), ('lpc551x', 'latest'), ('lpc55s1x', 'a1'), ('lpc55s1x', 'latest'), ('lpc552x', 'a1'), ('lpc552x', 'latest'), ('lpc55s2x', 'a1'), ('lpc55s2x', 'latest'), ('lpc55s6x', 'a1'), ('lpc55s6x', 'latest')], 4: [('lpc55s3x', 'a1'), ('lpc55s3x', 'latest')], 5: [('kw45xx', 'a1'), ('kw45xx', 'latest'), ('k32w1xx', 'a1'), ('k32w1xx', 'latest')], 6: [('mcxn9xx', 'a0')], 7: [('mcxn9xx', 'a1'), ('mcxn9xx', 'latest')], 10: [('rw61x', 'a2'), ('rw61x', 'latest')], 1297612808: [('mx8ulp', 'a0'), ('mx8ulp', 'latest')], 1297612893: [('mx93', 'a0'), ('mx93', 'latest')], 1297612895: [('mx95', 'a0'), ('mx95', 'latest')], 1381237916: [('rt118x', 'a0'), ('rt118x', 'latest')]}
VERSION = '0.0'
classmethod create_from_yaml_config(version, yaml_config, search_paths=None)

Create a debug credential object out of yaml configuration.

Parameters:

  • version (str) – Debug Authentication protocol version.

  • yaml_config (dict) – Debug credential file configuration.

  • search_paths (Optional[List[str]]) – List of paths where to search for the file, defaults to None

Return type:

DebugCredential

Returns:

DebugCredential object

export()

Export to binary form (serialization).

Return type:

bytes

Returns:

binary representation of the debug credential

Raises:

SPSDKError – When Debug Credential Signature is not set, call the .sign method first

static generate_config_template(family='lpc55s3x', revision='latest')

Generate DC configuration template.

Parameters:

  • family (str) – Family for what will be template generated.

  • revision (str) – For a closer specify MCU family.

Return type:

str

Returns:

DC file template.

classmethod get_instance_from_challenge(data)

Returns instance of class from DAP authentication challenge data.

Return type:

Self

Returns:

Instance of this class.

get_rotkh()

Get Root Of Trust Keys Hash.

Return type:

bytes

Returns:

RoTKH in bytes

Raises:

NotImplementedError – Derived class has to implement this method

static get_socc_by_family(family, revision='latest')

Get corresponding SOCC by family.

Parameters:

  • family (str) – Family for what will be socc value selected.

  • revision (str) – For a closer specify MCU family.

Raises:

SPSDKValueError – Unsupported family or revision

Return type:

int

Returns:

SOCC value.

static get_socc_description(version, socc)

Get SOCC family name description.

Parameters:

  • version (str) – Protocol version

  • socc (int) – SOCC number

Return type:

str

Returns:

SOCC string representation

static get_supported_families()

Get all supported families for DAT.

Return type:

List[str]

Returns:

List of supported families.

static get_validation_schemas(family='lpc55s3x', revision='latest')

Get list of validation schemas.

Parameters:

  • family (str) – Family for what will be json schema generated.

  • revision (str) – For a closer specify MCU family.

Return type:

List[Dict[str, Any]]

Returns:

Validation list of schemas.

classmethod parse(data)

Parse the debug credential.

Parameters:

data (bytes) – Raw data as bytes

Return type:

Self

Returns:

DebugCredential object

sign()

Sign the DC data using SignatureProvider.

Return type:

None

class spsdk.dat.debug_credential.DebugCredentialECC(socc, uuid, rot_meta, dck_pub, cc_socu, cc_vu, cc_beacon, rot_pub, signature=None, signature_provider=None)

Bases: DebugCredential

Class for ECC specific of DebugCredential.

Initialize the DebugCredential object.

Parameters:

  • socc (int) – The SoC Class that this credential applies to

  • uuid (bytes) – The bytes of the unique device identifier

  • rot_meta (bytes) – Metadata for Root of Trust

  • dck_pub (bytes) – Internal binary representation of Debug Credential public key

  • cc_socu (int) – The Credential Constraint value that the vendor has associated with this credential.

  • cc_vu (int) – The Vendor Usage constraint value that the vendor has associated with this credential.

  • cc_beacon (int) – The non-zero Credential Beacon value, which is bound to a DC

  • rot_pub (bytes) – Internal binary representation of RoT public key

  • signature (Optional[bytes]) – Debug Credential signature

  • signature_provider (Optional[SignatureProvider]) – external signature provider

CORD_LENGTH = 0
CURVE = 'secp256r1'
property FORMAT: str

Formatting string.

property FORMAT_NO_SIG: str

Formatting string without signature.

HASH_LENGTH = 0
HASH_SIZES = {32: 256, 48: 384, 66: 512}
KEY_LENGTH = 0
static calculate_flags(used_root_cert, rot_pub_keys)

Calculates flags in rotmeta.

Return type:

bytes

static create_ctrk_table(rot_pub_keys)

Creates ctrk table.

Return type:

bytes

export()

Export to binary form (serialization).

Return type:

bytes

classmethod get_instance_from_challenge(data)

Returns instance of class from DAP authentication challenge data.

Return type:

Self

Returns:

Instance of this class.

get_rotkh()

Get Root Of Trust Keys Hash.

Return type:

bytes

Returns:

RoTKH in bytes

classmethod parse(data)

Parse the debug credential.

Parameters:

data (bytes) – Raw data as bytes

Return type:

Self

Returns:

DebugCredential object

Raises:

SPSDKError – When flag is invalid

sign()

Sign the DC data using SignatureProvider.

Return type:

None

class spsdk.dat.debug_credential.DebugCredentialECC256(socc, uuid, rot_meta, dck_pub, cc_socu, cc_vu, cc_beacon, rot_pub, signature=None, signature_provider=None)

Bases: DebugCredentialECC

DebugCredential class for LPC55s3x for version 2.0 (p256).

Initialize the DebugCredential object.

Parameters:

  • socc (int) – The SoC Class that this credential applies to

  • uuid (bytes) – The bytes of the unique device identifier

  • rot_meta (bytes) – Metadata for Root of Trust

  • dck_pub (bytes) – Internal binary representation of Debug Credential public key

  • cc_socu (int) – The Credential Constraint value that the vendor has associated with this credential.

  • cc_vu (int) – The Vendor Usage constraint value that the vendor has associated with this credential.

  • cc_beacon (int) – The non-zero Credential Beacon value, which is bound to a DC

  • rot_pub (bytes) – Internal binary representation of RoT public key

  • signature (Optional[bytes]) – Debug Credential signature

  • signature_provider (Optional[SignatureProvider]) – external signature provider

CORD_LENGTH = 32
CURVE = 'secp256r1'
HASH_LENGTH = 32
KEY_LENGTH = 256
VERSION = '2.0'
class spsdk.dat.debug_credential.DebugCredentialECC384(socc, uuid, rot_meta, dck_pub, cc_socu, cc_vu, cc_beacon, rot_pub, signature=None, signature_provider=None)

Bases: DebugCredentialECC

DebugCredential class for LPC55s3x for version 2.1 (p384).

Initialize the DebugCredential object.

Parameters:

  • socc (int) – The SoC Class that this credential applies to

  • uuid (bytes) – The bytes of the unique device identifier

  • rot_meta (bytes) – Metadata for Root of Trust

  • dck_pub (bytes) – Internal binary representation of Debug Credential public key

  • cc_socu (int) – The Credential Constraint value that the vendor has associated with this credential.

  • cc_vu (int) – The Vendor Usage constraint value that the vendor has associated with this credential.

  • cc_beacon (int) – The non-zero Credential Beacon value, which is bound to a DC

  • rot_pub (bytes) – Internal binary representation of RoT public key

  • signature (Optional[bytes]) – Debug Credential signature

  • signature_provider (Optional[SignatureProvider]) – external signature provider

CORD_LENGTH = 48
CURVE = 'secp384r1'
HASH_LENGTH = 48
KEY_LENGTH = 384
VERSION = '2.1'
class spsdk.dat.debug_credential.DebugCredentialECC521(socc, uuid, rot_meta, dck_pub, cc_socu, cc_vu, cc_beacon, rot_pub, signature=None, signature_provider=None)

Bases: DebugCredentialECC

DebugCredential class for LPC55s3x for version 2.1 (p384).

Initialize the DebugCredential object.

Parameters:

  • socc (int) – The SoC Class that this credential applies to

  • uuid (bytes) – The bytes of the unique device identifier

  • rot_meta (bytes) – Metadata for Root of Trust

  • dck_pub (bytes) – Internal binary representation of Debug Credential public key

  • cc_socu (int) – The Credential Constraint value that the vendor has associated with this credential.

  • cc_vu (int) – The Vendor Usage constraint value that the vendor has associated with this credential.

  • cc_beacon (int) – The non-zero Credential Beacon value, which is bound to a DC

  • rot_pub (bytes) – Internal binary representation of RoT public key

  • signature (Optional[bytes]) – Debug Credential signature

  • signature_provider (Optional[SignatureProvider]) – external signature provider

CORD_LENGTH = 66
CURVE = 'secp521r1'
HASH_LENGTH = 66
KEY_LENGTH = 521
VERSION = '2.2'
class spsdk.dat.debug_credential.DebugCredentialEdgeLockEnclave(socc, uuid, rot_meta, dck_pub, cc_socu, cc_vu, cc_beacon, rot_pub, signature=None, signature_provider=None)

Bases: DebugCredentialECC

EdgeLock Class.

Initialize the DebugCredential object.

Parameters:

  • socc (int) – The SoC Class that this credential applies to

  • uuid (bytes) – The bytes of the unique device identifier

  • rot_meta (bytes) – Metadata for Root of Trust

  • dck_pub (bytes) – Internal binary representation of Debug Credential public key

  • cc_socu (int) – The Credential Constraint value that the vendor has associated with this credential.

  • cc_vu (int) – The Vendor Usage constraint value that the vendor has associated with this credential.

  • cc_beacon (int) – The non-zero Credential Beacon value, which is bound to a DC

  • rot_pub (bytes) – Internal binary representation of RoT public key

  • signature (Optional[bytes]) – Debug Credential signature

  • signature_provider (Optional[SignatureProvider]) – external signature provider

CORD_LENGTH = 0
property FORMAT: str

Formatting string.

property FORMAT_NO_SIG: str

Formatting string without signature.

HASH_LENGTH = 0
KEY_LENGTH = 0
SOCC_FORMAT = '08X'
SUPPORTED_SOCC = [1381237916, 1297612893, 1297612808, 1297612895]
static create_srk_table(rot_pub_keys, ca_flag=False)

Creates ctrk table.

Return type:

bytes

export()

Export to binary form (serialization).

Return type:

bytes

classmethod get_instance_from_challenge(data)

Returns instance of class from DAP authentication challenge data.

Return type:

Self

Returns:

Instance of this class.

get_rotkh()

Get Root Of Trust Keys Hash.

Return type:

bytes

Returns:

RoTKH in bytes

classmethod parse(data)

Parse the debug credential.

Parameters:

data (bytes) – Raw data as bytes

Return type:

Self

Returns:

DebugCredential object

Raises:

SPSDKError – When flag is invalid

class spsdk.dat.debug_credential.DebugCredentialEdgeLockEnclaveECC256(socc, uuid, rot_meta, dck_pub, cc_socu, cc_vu, cc_beacon, rot_pub, signature=None, signature_provider=None)

Bases: DebugCredentialEdgeLockEnclave

Debug Credential class for device using EdgeLock peripheral for ECC256 keys.

Initialize the DebugCredential object.

Parameters:

  • socc (int) – The SoC Class that this credential applies to

  • uuid (bytes) – The bytes of the unique device identifier

  • rot_meta (bytes) – Metadata for Root of Trust

  • dck_pub (bytes) – Internal binary representation of Debug Credential public key

  • cc_socu (int) – The Credential Constraint value that the vendor has associated with this credential.

  • cc_vu (int) – The Vendor Usage constraint value that the vendor has associated with this credential.

  • cc_beacon (int) – The non-zero Credential Beacon value, which is bound to a DC

  • rot_pub (bytes) – Internal binary representation of RoT public key

  • signature (Optional[bytes]) – Debug Credential signature

  • signature_provider (Optional[SignatureProvider]) – external signature provider

CORD_LENGTH = 32
CURVE = 'secp256r1'
HASH_LENGTH = 32
KEY_LENGTH = 256
VERSION = '2.0'
class spsdk.dat.debug_credential.DebugCredentialEdgeLockEnclaveECC384(socc, uuid, rot_meta, dck_pub, cc_socu, cc_vu, cc_beacon, rot_pub, signature=None, signature_provider=None)

Bases: DebugCredentialEdgeLockEnclave

Debug Credential class for device using EdgeLock peripheral for ECC384 keys.

Initialize the DebugCredential object.

Parameters:

  • socc (int) – The SoC Class that this credential applies to

  • uuid (bytes) – The bytes of the unique device identifier

  • rot_meta (bytes) – Metadata for Root of Trust

  • dck_pub (bytes) – Internal binary representation of Debug Credential public key

  • cc_socu (int) – The Credential Constraint value that the vendor has associated with this credential.

  • cc_vu (int) – The Vendor Usage constraint value that the vendor has associated with this credential.

  • cc_beacon (int) – The non-zero Credential Beacon value, which is bound to a DC

  • rot_pub (bytes) – Internal binary representation of RoT public key

  • signature (Optional[bytes]) – Debug Credential signature

  • signature_provider (Optional[SignatureProvider]) – external signature provider

CORD_LENGTH = 48
CURVE = 'secp384r1'
HASH_LENGTH = 48
KEY_LENGTH = 384
VERSION = '2.1'
class spsdk.dat.debug_credential.DebugCredentialEdgeLockEnclaveECC521(socc, uuid, rot_meta, dck_pub, cc_socu, cc_vu, cc_beacon, rot_pub, signature=None, signature_provider=None)

Bases: DebugCredentialEdgeLockEnclave

Debug Credential class for device using EdgeLock peripheral for ECC521 keys.

Initialize the DebugCredential object.

Parameters:

  • socc (int) – The SoC Class that this credential applies to

  • uuid (bytes) – The bytes of the unique device identifier

  • rot_meta (bytes) – Metadata for Root of Trust

  • dck_pub (bytes) – Internal binary representation of Debug Credential public key

  • cc_socu (int) – The Credential Constraint value that the vendor has associated with this credential.

  • cc_vu (int) – The Vendor Usage constraint value that the vendor has associated with this credential.

  • cc_beacon (int) – The non-zero Credential Beacon value, which is bound to a DC

  • rot_pub (bytes) – Internal binary representation of RoT public key

  • signature (Optional[bytes]) – Debug Credential signature

  • signature_provider (Optional[SignatureProvider]) – external signature provider

CORD_LENGTH = 66
CURVE = 'secp521r1'
HASH_LENGTH = 66
KEY_LENGTH = 521
VERSION = '2.2'
class spsdk.dat.debug_credential.DebugCredentialRSA(socc, uuid, rot_meta, dck_pub, cc_socu, cc_vu, cc_beacon, rot_pub, signature=None, signature_provider=None)

Bases: DebugCredential

Class for RSA specific of DebugCredential.

Initialize the DebugCredential object.

Parameters:

  • socc (int) – The SoC Class that this credential applies to

  • uuid (bytes) – The bytes of the unique device identifier

  • rot_meta (bytes) – Metadata for Root of Trust

  • dck_pub (bytes) – Internal binary representation of Debug Credential public key

  • cc_socu (int) – The Credential Constraint value that the vendor has associated with this credential.

  • cc_vu (int) – The Vendor Usage constraint value that the vendor has associated with this credential.

  • cc_beacon (int) – The non-zero Credential Beacon value, which is bound to a DC

  • rot_pub (bytes) – Internal binary representation of RoT public key

  • signature (Optional[bytes]) – Debug Credential signature

  • signature_provider (Optional[SignatureProvider]) – external signature provider

FORMAT = '<2HL16s128s260s3L260s256s'
FORMAT_NO_SIG = '<2HL16s128s260s3L260s'
get_rotkh()

Get Root Of Trust Keys Hash.

Return type:

bytes

Returns:

RoTKH in bytes

class spsdk.dat.debug_credential.DebugCredentialRSA2048(socc, uuid, rot_meta, dck_pub, cc_socu, cc_vu, cc_beacon, rot_pub, signature=None, signature_provider=None)

Bases: DebugCredentialRSA

DebugCredential class for RSA 2048.

Initialize the DebugCredential object.

Parameters:

  • socc (int) – The SoC Class that this credential applies to

  • uuid (bytes) – The bytes of the unique device identifier

  • rot_meta (bytes) – Metadata for Root of Trust

  • dck_pub (bytes) – Internal binary representation of Debug Credential public key

  • cc_socu (int) – The Credential Constraint value that the vendor has associated with this credential.

  • cc_vu (int) – The Vendor Usage constraint value that the vendor has associated with this credential.

  • cc_beacon (int) – The non-zero Credential Beacon value, which is bound to a DC

  • rot_pub (bytes) – Internal binary representation of RoT public key

  • signature (Optional[bytes]) – Debug Credential signature

  • signature_provider (Optional[SignatureProvider]) – external signature provider

FORMAT = '<2HL16s128s260s3L260s256s'
FORMAT_NO_SIG = '<2HL16s128s260s3L260s'
VERSION = '1.0'
class spsdk.dat.debug_credential.DebugCredentialRSA4096(socc, uuid, rot_meta, dck_pub, cc_socu, cc_vu, cc_beacon, rot_pub, signature=None, signature_provider=None)

Bases: DebugCredentialRSA

DebugCredential class for RSA 4096.

Initialize the DebugCredential object.

Parameters:

  • socc (int) – The SoC Class that this credential applies to

  • uuid (bytes) – The bytes of the unique device identifier

  • rot_meta (bytes) – Metadata for Root of Trust

  • dck_pub (bytes) – Internal binary representation of Debug Credential public key

  • cc_socu (int) – The Credential Constraint value that the vendor has associated with this credential.

  • cc_vu (int) – The Vendor Usage constraint value that the vendor has associated with this credential.

  • cc_beacon (int) – The non-zero Credential Beacon value, which is bound to a DC

  • rot_pub (bytes) – Internal binary representation of RoT public key

  • signature (Optional[bytes]) – Debug Credential signature

  • signature_provider (Optional[SignatureProvider]) – external signature provider

FORMAT = '<2HL16s128s516s3L516s512s'
FORMAT_NO_SIG = '<2HL16s128s516s3L516s'
VERSION = '1.1'

Module with Debug Authentication Challenge (DAC) Packet

Module with Debug Authentication Challenge (DAC) Packet.

class spsdk.dat.dac_packet.DebugAuthenticationChallenge(version, socc, uuid, rotid_rkh_revocation, rotid_rkth_hash, cc_soc_pinned, cc_soc_default, cc_vu, challenge)

Bases: object

Base class for DebugAuthenticationChallenge.

Initialize the DebugAuthenticationChallenge object.

Parameters:

  • version (str) – The string representing version: for RSA: 1.0, for ECC: 2.0, 2.1, 2.2

  • socc (int) – The SoC Class that this credential applies to

  • uuid (bytes) – The string representing the unique device identifier

  • rotid_rkh_revocation (int) – State of certificate revocation field

  • rotid_rkth_hash (bytes) – The hash of roth-meta data

  • cc_soc_pinned (int) – State of lock bits in the debugger configuration field

  • cc_soc_default (int) – State of the debugger configuration field

  • cc_vu (int) – The Vendor usage that the vendor has associated with this credential

  • challenge (bytes) – Randomly generated bytes from the target

export()

Exports the DebugAuthenticationChallenge into bytes.

Return type:

bytes

classmethod parse(data)

Parse the data into a DebugAuthenticationChallenge.

Parameters:

data (bytes) – Raw data as bytes

Return type:

DebugAuthenticationChallenge

Returns:

DebugAuthenticationChallenge object

validate_against_dc(dc)

Validate against Debug Credential file.

Parameters:

dc (DebugCredential) – Debug Credential class to be validated by DAC

Raises:

SPSDKValueError – In case of invalid configuration detected.

Return type:

None

Module with Debug Authentication Response (DAR) Packet

Module with Debug Authentication Response (DAR) Packet.

class spsdk.dat.dar_packet.DebugAuthenticateResponse(debug_credential, auth_beacon, dac, path_dck_private)

Bases: object

Class for DAR packet.

Initialize the DebugAuthenticateResponse object.

Parameters:

  • debug_credential (DebugCredential) – the path, where the dc is store

  • auth_beacon (int) – authentication beacon value

  • dac (DebugAuthenticationChallenge) – the path, where the dac is store

  • path_dck_private (str) – the path, where the dck private key is store

classmethod create(version, dc, auth_beacon, dac, dck)

Create a dar object out of input parameters.

Parameters:

  • version (str) – protocol version

  • dc (DebugCredential) – debug credential object

  • auth_beacon (int) – authentication beacon value

  • dac (DebugAuthenticationChallenge) – DebugAuthenticationChallenge object

  • dck (str) – string containing path to dck key

Return type:

DebugAuthenticateResponse

Returns:

DAR object

export()

Export to binary form (serialization).

Return type:

bytes

Returns:

the exported bytes from object

classmethod parse(data)

Parse the DAR.

Parameters:

data (bytes) – Raw data as bytes

Return type:

Self

Returns:

DebugAuthenticateResponse object

Raises:

NotImplementedError – Derived class has to implement this method

class spsdk.dat.dar_packet.DebugAuthenticateResponseECC(debug_credential, auth_beacon, dac, path_dck_private)

Bases: DebugAuthenticateResponse

Class for ECC specific of DAR.

Initialize the DebugAuthenticateResponse object.

Parameters:

  • debug_credential (DebugCredential) – the path, where the dc is store

  • auth_beacon (int) – authentication beacon value

  • dac (DebugAuthenticationChallenge) – the path, where the dac is store

  • path_dck_private (str) – the path, where the dck private key is store

CURVE = 'secp256r1'
KEY_LENGTH = 0
class spsdk.dat.dar_packet.DebugAuthenticateResponseECC_256(debug_credential, auth_beacon, dac, path_dck_private)

Bases: DebugAuthenticateResponseECC

Class for LPC55S3x specific of DAR, 256 bits sized keys.

Initialize the DebugAuthenticateResponse object.

Parameters:

  • debug_credential (DebugCredential) – the path, where the dc is store

  • auth_beacon (int) – authentication beacon value

  • dac (DebugAuthenticationChallenge) – the path, where the dac is store

  • path_dck_private (str) – the path, where the dck private key is store

CURVE = 'secp256r1'
KEY_LENGTH = 32
class spsdk.dat.dar_packet.DebugAuthenticateResponseECC_384(debug_credential, auth_beacon, dac, path_dck_private)

Bases: DebugAuthenticateResponseECC

Class for LPC55S3x specific of DAR, 384 bits sized keys.

Initialize the DebugAuthenticateResponse object.

Parameters:

  • debug_credential (DebugCredential) – the path, where the dc is store

  • auth_beacon (int) – authentication beacon value

  • dac (DebugAuthenticationChallenge) – the path, where the dac is store

  • path_dck_private (str) – the path, where the dck private key is store

CURVE = 'secp384r1'
KEY_LENGTH = 48
class spsdk.dat.dar_packet.DebugAuthenticateResponseECC_521(debug_credential, auth_beacon, dac, path_dck_private)

Bases: DebugAuthenticateResponseECC

Class for LPC55S3x specific of DAR, 521 bits sized keys.

Initialize the DebugAuthenticateResponse object.

Parameters:

  • debug_credential (DebugCredential) – the path, where the dc is store

  • auth_beacon (int) – authentication beacon value

  • dac (DebugAuthenticationChallenge) – the path, where the dac is store

  • path_dck_private (str) – the path, where the dck private key is store

CURVE = 'secp521r1'
KEY_LENGTH = 66
class spsdk.dat.dar_packet.DebugAuthenticateResponseRSA(debug_credential, auth_beacon, dac, path_dck_private)

Bases: DebugAuthenticateResponse

Class for RSA specifics of DAR packet.

Initialize the DebugAuthenticateResponse object.

Parameters:

  • debug_credential (DebugCredential) – the path, where the dc is store

  • auth_beacon (int) – authentication beacon value

  • dac (DebugAuthenticationChallenge) – the path, where the dac is store

  • path_dck_private (str) – the path, where the dck private key is store

Module for NXP SPDK DebugMailbox support

Module for NXP SPSDK DebugMailbox support.

class spsdk.dat.debug_mailbox.DebugMailbox(debug_probe, reset=True, moredelay=0.0, op_timeout=1000)

Bases: object

Class for DebugMailbox.

Initialize DebugMailbox object.

Parameters:

  • debug_probe (DebugProbe) – Debug probe instance.

  • reset (bool) – Do reset of debug mailbox during initialization, defaults to True.

  • moredelay (float) – Time of extra delay after reset sequence, defaults to 0.0.

  • op_timeout (int) – Atomic operation timeout, defaults to 1000.

Raises:

SPSDKIOError – Various kind of vulnerabilities during connection to debug mailbox.

close()

Close session.

Return type:

None

dbgmlbx_reg_read(addr=0)

Read debug mailbox access port register.

This is read debug mailbox register function for SPSDK library to support various DEBUG PROBES.

Parameters:

addr (int) – the register address

Return type:

int

Returns:

The read value of addressed register (4 bytes)

Raises:

NotImplementedError – Derived class has to implement this method

dbgmlbx_reg_write(addr=0, data=0)

Write debug mailbox access port register.

This is write debug mailbox register function for SPSDK library to support various DEBUG PROBES.

Parameters:

  • addr (int) – the register address

  • data (int) – the data to be written into register

Raises:

NotImplementedError – Derived class has to implement this method

Return type:

None

get_dbgmlbx_ap()

Decorator function that secure the getting right DEBUG MAILBOX AP ix for first use.

Parameters:

func – Decorated function.

read_idr()

Read IDR of debug mailbox.

Return type:

int

Returns:

IDR value of debug mailbox AP.

spin_read(reg)

Do atomic read operation to debug mailbox.

Parameters:

reg (int) – Register address.

Return type:

int

Returns:

Read value.

Raises:

SPSDKTimeoutError – When read operation exceed defined operation timeout.

spin_write(reg, value)

Do atomic write operation to debug mailbox.

Parameters:

  • reg (int) – Register address.

  • value (int) – Value to write.

Raises:

SPSDKTimeoutError – When write operation exceed defined operation timeout.

Return type:

None

exception spsdk.dat.debug_mailbox.DebugMailboxError

Bases: RuntimeError

Class for DebugMailboxError.

Module with commands for Debug Mailbox

Commands for Debug Mailbox.

class spsdk.dat.dm_commands.DebugAuthenticationResponse(dm, paramlen)

Bases: DebugMailboxCommand

Class for DebugAuthenticationResponse.

Initialize.

class spsdk.dat.dm_commands.DebugAuthenticationStart(dm, resplen=26)

Bases: DebugMailboxCommand

Class for DebugAuthenticationStart.

Initialize.

class spsdk.dat.dm_commands.DebugMailboxCommand(dm, id, name='', paramlen=0, resplen=0, delay=0.03)

Bases: object

Class for DebugMailboxCommand.

Initialize.

DELAY_DEFAULT = 0.03
STATUS_IS_DATA_MASK = 0
run(params=None)

Run DebugMailboxCommand.

Return type:

List[Any]

run_safe(raise_if_failure=True, **args)

Run a command and abort on first failure instead of looping forever.

Return type:

Optional[List[Any]]

class spsdk.dat.dm_commands.EnterBlankDebugAuthentication(dm)

Bases: DebugMailboxCommand

Class for EnterBlankDebugAuthentication.

Initialize.

class spsdk.dat.dm_commands.EnterISPMode(dm)

Bases: DebugMailboxCommand

Class for EnterISPMode.

Initialize.

class spsdk.dat.dm_commands.EraseFlash(dm)

Bases: DebugMailboxCommand

Class for Erase Flash.

Initialize.

class spsdk.dat.dm_commands.EraseOneSector(dm)

Bases: DebugMailboxCommand

Class for Erase One Sector.

Initialize.

class spsdk.dat.dm_commands.ExitDebugMailbox(dm)

Bases: DebugMailboxCommand

Class for ExitDebugMailbox.

Initialize.

class spsdk.dat.dm_commands.GetCRPLevel(dm)

Bases: DebugMailboxCommand

Class for Get CRP Level.

Initialize.

STATUS_IS_DATA_MASK = 255
class spsdk.dat.dm_commands.NxpDebugAuthenticationResponse(dm, paramlen)

Bases: DebugMailboxCommand

Class for DebugAuthenticationResponse.

Initialize.

class spsdk.dat.dm_commands.NxpDebugAuthenticationStart(dm, resplen=26)

Bases: DebugMailboxCommand

Class for DebugAuthenticationStart.

Initialize.

class spsdk.dat.dm_commands.SetFaultAnalysisMode(dm, paramlen=0)

Bases: DebugMailboxCommand

Class for SetFaultAnalysisMode.

Initialize.

class spsdk.dat.dm_commands.StartDebugMailbox(dm)

Bases: DebugMailboxCommand

Class for StartDebugMailbox.

Initialize.

class spsdk.dat.dm_commands.StartDebugSession(dm)

Bases: DebugMailboxCommand

Class for StartDebugSession.

Initialize.

class spsdk.dat.dm_commands.StartDebugSessions(dm)

Bases: DebugMailboxCommand

Class for StartDebugSessions.

Initialize.

class spsdk.dat.dm_commands.WriteToFlash(dm)

Bases: DebugMailboxCommand

Class for Write To Flash.

Initialize.