This example uses the SE Manager API to perform secure debug on the supported Series 2 device.
For demonstration purposes, a private command key is stored in the device’s memory to sign the access certificate for secure debug unlock. The device’s public command key in the SE OTP must match with the public key of this private command key to perform secure debug unlock.
The default private command key (cmd-unsafe-privkey.pem) can be found in the Windows folder below.
C:\SiliconLabs\SimplicityStudio\v5\developer\adapter_packs\secmgr\scripts\offline
The public key of cmd-unsafe-privkey.pem is:
X - B1BC6F6FA56640ED522B2EE0F5B3CF7E5D48F60BE8148F0DC08440F0A4E1DCA4
Y - 7C04119ED6A1BE31B7707E5F9D001A659A051003E95E1B936F05C37EA793AD63
If the device does not have public command key in the SE OTP, the program will prompt the user to program the public key above to the device.
The user can change the private command key (private_command_key[]) in app_se_manager_secure_debug.c to match with the device’s public command key in the SE OTP for secure debug unlock test.
The example redirects standard I/O to the virtual serial port (VCOM) of the kit. By default, the serial port setting is 115200 bps and 8-N-1 configuration.
The example has been instrumented with code to count the number of clock cycles spent in different operations. The results are printed on the VCOM serial port console. This feature can be disabled by defining SE_MANAGER_PRINT=0 (default is 1) in the IDE setting (Preprocessor->Defined symbols).
The following SE Manager APIs are used in this example:
sl_se_initsl_se_deinitsl_se_init_command_contextsl_se_deinit_command_contextsl_se_get_statussl_se_get_debug_lock_statussl_se_validate_keysl_se_get_storage_sizesl_se_generate_keysl_se_export_public_keysl_se_read_pubkeysl_se_init_otp_keysl_se_apply_debug_locksl_se_erase_devicesl_se_enable_secure_debugsl_se_disable_secure_debugsl_se_disable_device_erasesl_se_set_debug_optionssl_se_get_serialnumbersl_se_get_challengesl_se_ecc_signsl_se_open_debugsl_se_roll_challengeAdapter Firmware under General Device Information in Simplicity Studio 5 Users Guide).Secure Firmware under General Device Information in Simplicity Studio 5 Users Guide).Device Console in Simplicity Studio 5, Line terminator: must be set to None).Platform() checkbox to browse the platform examples).Optimize for debugging (-Og) on Simplicity IDE and None on IAR Embedded Workbench.