2018-11-20 09:26 AM
Hi,
I am working on a custom device, based on Murata CMWX1ZZABZ, running both Sigfox and LoRa.
Regarding Sigfox, I would like to use my own Sigfox Credentials, acquired direclty from Sigfox (not from Murata). However, the only documented process I can find is to send a MCU signature to Murata, and replace sigfox_data.h by the file returned by Murata (or flash bin file). However, those files are encrypted, and I guess the MCU signature is used to decrypt, because Murata say the file is only valid for this MCU.
Credentials from sigfox are not encrypted the same way, and this method can't work. I can't find any other method documented in UM2245. Is there a way generate sigfox_data.h from unencrypted credentials ?
If not, is there a way to flash unencrypted credentials ? In that case, I will probably add encryption later.
Thanks.
2018-11-21 05:19 PM
Hello,
I managed to flash unencrypted credentials. Just sharing if someone else need this.
ST provide "sgfx_credential_template.c" and "aes_template.c", which can be used instead of the precompiled library.
When set properly, you can either decrypt an encrypted sigfox_data.h using the appropriate key (I guess this key is derived from MCU signature in precompiled library), or simply read unencrypted data from sigfox_data.h (if CREDENTIAL_KEY is not set).
When unencrypted, sigfox_data should match a specific pattern. sgfx_credential.c provide a structure to handle credentials :
#define MANUF_DEVICE_ID_LENGTH 4
#define MANUF_SIGNATURE_LENGTH 16
#define MANUF_VER_LENGTH 1
#define MANUF_SPARE_1 3
#define MANUF_DEVICE_KEY_LENGTH 16
#define MANUF_PAC_LENGTH 8
#define MANUF_SPARE_2 14
#define MANUF_CRC_LENGTH 2
typedef struct manuf_device_info_s
{
/* 16bits block 1 */
sfx_u8 dev_id[MANUF_DEVICE_ID_LENGTH];
sfx_u8 pac[MANUF_PAC_LENGTH];
sfx_u8 ver[MANUF_VER_LENGTH];
sfx_u8 spare1[MANUF_SPARE_1];
/* 16bits block 2 */
sfx_u8 dev_key[MANUF_DEVICE_KEY_LENGTH];
/* 16bits block 3 */
sfx_u8 spare2[MANUF_SPARE_2];
sfx_u8 crc[MANUF_CRC_LENGTH];
} manuf_device_info_t;
If CREDENTIAL_KEY is not defined, data from sigfox_data.h are simply duplicated to amanuf_device_info_t structure. Credential should match the same memory pattern :
/* Example : ID = 0x01020304, PAC = 0x1011121314151617, Version : 0x01, 3 user bytes not used
* DevKey = 0x20212223242526272829303132333435
* 14 user data bytes not used, 2 user crc bytes not used
*/
sfx_u8 encrypted_sigfox_data[]={
0x04, 0x03, 0x02, 0x01, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x01, 0x00, 0x00, 0x00,
0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, };
Please note ID bytes are in reverse order, while PAC and DevKey are not. ST also provide encryption and decryption function, you can use those to safely store your credentials.
Regards.
2019-01-17 01:14 AM
Hi, I'm working with a similar case: How du you include " "sgfx_credential_template.c" and "aes_template.c", in your project? Or did you make a lib file first?
2019-01-17 10:03 AM
I made a copy of both files (and the associated header) to a source folder.
I currently use unencrypted ID ( CREDENTIAL_KEY not defined), so the CREDENTIALS_get_cra function just copy Sigfox data without trying to decrypt.