Debug Authentication API

Debug Authentication module provides debugging for securely provisioned devices.

DAT module general information

This module contains support for Debug Authentication Tool.

Module for generating debug credentials

Module with DebugCredential class.

class spsdk.dat.debug_credential.DebugCredentialCertificate(version, socc, uuid, rot_meta, dck_pub, cc_socu, cc_vu, cc_beacon, rot_pub, signature=None, signature_provider=None)

Bases: object

Base class for DebugCredentialCertificate.

Initialize the DebugCredential object.

Parameters:

• version (ProtocolVersion) – Protocol version

• socc (int) – The SoC Class that this credential applies to

• uuid (bytes) – The bytes of the unique device identifier

• rot_meta (RotMeta) – Metadata for Root of Trust

• dck_pub (PublicKey) – Internal binary representation of Debug Credential public key

• cc_socu (int) – The Credential Constraint value that the vendor has associated with this credential.

• cc_vu (int) – The Vendor Usage constraint value that the vendor has associated with this credential.

• cc_beacon (int) – The non-zero Credential Beacon value, which is bound to a DC

• rot_pub (PublicKey) – Internal binary representation of RoT public key

• signature (Optional[bytes]) – Debug Credential signature

• signature_provider (Optional[SignatureProvider]) – external signature provider

abstract calculate_hash()

Calculate the RoT hash.

Return type:

bytes

classmethod create_from_yaml_config(config, version=None, search_paths=None)

Create a debug credential object out of yaml configuration.

Parameters:

• version (Optional[ProtocolVersion]) – Debug Authentication protocol version.

• config (dict[str, Any]) – Debug credential file configuration.

• search_paths (Optional[list[str]]) – List of paths where to search for the file, defaults to None

Return type:

DebugCredentialCertificate

Returns:

DebugCredential object

static dat_based_on_ele(family)

Get information if the DAT is based on EdgeLock Enclave hardware.

Parameters:

family (str) – The chip family name

Return type:

bool

Returns:

True if the ELE is target HW, False otherwise

abstract export()

Export to binary form.

Return type:

bytes

Returns:

binary representation of the debug credential certificate

abstract export_dck_pub()

Export Debugger public key (DCK) as bytes.

Return type:

bytes

Returns:

binary representing the DCK key

abstract export_rot_pub()

Export RoT public key as bytes.

Return type:

bytes

Returns:

binary representing the RoT key

static generate_config_template(family, revision='latest')

Generate DC configuration template.

Parameters:

• family (str) – Family for what will be template generated.

• revision (str) – For a closer specify MCU family.

Return type:

str

Returns:

DC file template.

static get_family_ambassador(socc)

Get family ambassador for given SOCC.

Parameters:

socc (Union[int, str]) – SOCC value

Return type:

str

Returns:

Ambassador family name

static get_socc_by_family(family, revision='latest')

Get corresponding SOCC by family.

Parameters:

• family (str) – Family for what will be socc value selected.

• revision (str) – For a closer specify MCU family.

Raises:

SPSDKValueError – Unsupported family or revision

Return type:

int

Returns:

SOCC value.

static get_socc_list()

Get supported SOCC list.

Return type:

dict[int, dict[str, list[str]]]

classmethod get_supported_families()

Get all supported families for DAT.

Return type:

list[str]

Returns:

List of supported families.

static get_validation_schemas(family, revision='latest')

Get list of validation schemas.

Parameters:

• family (str) – Family for what will be json schema generated.

• revision (str) – For a closer specify MCU family.

Return type:

list[dict[str, Any]]

Returns:

Validation list of schemas.

classmethod parse(data)

Parse the debug credential.

Parameters:

data (bytes) – Raw data as bytes

Return type:

Self

Returns:

DebugCredential object

property rot_hash_length: int

Root of Trust debug credential hash length.

sign()

Sign the DC data using SignatureProvider.

Return type:

None

class spsdk.dat.debug_credential.DebugCredentialCertificateEcc(version, socc, uuid, rot_meta, dck_pub, cc_socu, cc_vu, cc_beacon, rot_pub, signature=None, signature_provider=None)

Bases: DebugCredentialCertificate

Class for ECC specific of DebugCredential.

Initialize the DebugCredential object.

Parameters:

• version (ProtocolVersion) – Protocol version

• socc (int) – The SoC Class that this credential applies to

• uuid (bytes) – The bytes of the unique device identifier

• rot_meta (RotMeta) – Metadata for Root of Trust

• dck_pub (PublicKey) – Internal binary representation of Debug Credential public key

• cc_socu (int) – The Credential Constraint value that the vendor has associated with this credential.

• cc_vu (int) – The Vendor Usage constraint value that the vendor has associated with this credential.

• cc_beacon (int) – The non-zero Credential Beacon value, which is bound to a DC

• rot_pub (PublicKey) – Internal binary representation of RoT public key

• signature (Optional[bytes]) – Debug Credential signature

• signature_provider (Optional[SignatureProvider]) – external signature provider

COORDINATE_SIZE = {0: 32, 1: 48, 2: 66}

calculate_hash()

Get Root Of Trust Keys Hash.

Return type:

bytes

Returns:

RoTKH in bytes

export()

Export to binary form (serialization).

Return type:

bytes

export_dck_pub()

Export Debugger public key (DCK) as bytes.

Return type:

bytes

Returns:

binary representing the DCK key

export_rot_pub()

Export RoT public key as bytes.

Return type:

bytes

Returns:

binary representing the RoT key

get_data_format(include_signature=True)

Get the format of exported binary data.

Return type:

str

classmethod parse(data)

Parse the debug credential.

Parameters:

data (bytes) – Raw data as bytes

Return type:

Self

Returns:

DebugCredential object

property rot_hash_length: int

Root of Trust debug credential hash length.

class spsdk.dat.debug_credential.DebugCredentialCertificateRsa(version, socc, uuid, rot_meta, dck_pub, cc_socu, cc_vu, cc_beacon, rot_pub, signature=None, signature_provider=None)

Bases: DebugCredentialCertificate

Class for RSA specific of DebugCredentialCertificate.

Initialize the DebugCredential object.

Parameters:

• version (ProtocolVersion) – Protocol version

• socc (int) – The SoC Class that this credential applies to

• uuid (bytes) – The bytes of the unique device identifier

• rot_meta (RotMeta) – Metadata for Root of Trust

• dck_pub (PublicKey) – Internal binary representation of Debug Credential public key

• cc_socu (int) – The Credential Constraint value that the vendor has associated with this credential.

• cc_vu (int) – The Vendor Usage constraint value that the vendor has associated with this credential.

• cc_beacon (int) – The non-zero Credential Beacon value, which is bound to a DC

• rot_pub (PublicKey) – Internal binary representation of RoT public key

• signature (Optional[bytes]) – Debug Credential signature

• signature_provider (Optional[SignatureProvider]) – external signature provider

calculate_hash()

Get Root Of Trust Keys Hash.

Return type:

bytes

Returns:

RoTKH in bytes

export()

Export to binary form (serialization).

Return type:

bytes

Returns:

binary representation of the debug credential

Raises:

SPSDKError – When Debug Credential Signature is not set, call the sign method first

export_dck_pub()

Export Debugger public key (DCK) as bytes.

Return type:

bytes

Returns:

binary representing the DCK key

export_rot_pub()

Export RoT public key as bytes.

Return type:

bytes

Returns:

binary representing the RoT key

classmethod get_data_format(version, include_signature=True)

Get the format of exported binary data.

Return type:

str

classmethod parse(data)

Parse Debug credential serialized data.

Return type:

Self

Returns:

Instance of this class.

class spsdk.dat.debug_credential.DebugCredentialEdgeLockEnclave(version, socc, uuid, rot_meta, dck_pub, cc_socu, cc_vu, cc_beacon, rot_pub, signature=None, signature_provider=None)

Bases: DebugCredentialCertificateEcc

EdgeLock Class.

Initialize the DebugCredential object.

Parameters:

• version (ProtocolVersion) – Protocol version

• socc (int) – The SoC Class that this credential applies to

• uuid (bytes) – The bytes of the unique device identifier

• rot_meta (RotMeta) – Metadata for Root of Trust

• dck_pub (PublicKey) – Internal binary representation of Debug Credential public key

• cc_socu (int) – The Credential Constraint value that the vendor has associated with this credential.

• cc_vu (int) – The Vendor Usage constraint value that the vendor has associated with this credential.

• cc_beacon (int) – The non-zero Credential Beacon value, which is bound to a DC

• rot_pub (PublicKey) – Internal binary representation of RoT public key

• signature (Optional[bytes]) – Debug Credential signature

• signature_provider (Optional[SignatureProvider]) – external signature provider

calculate_hash()

Get Root Of Trust Keys Hash.

Return type:

bytes

Returns:

RoTKH in bytes

export()

Export to binary form (serialization).

Return type:

bytes

get_data_format(include_signature=True)

Get the format of exported binary data.

Return type:

str

classmethod parse(data)

Parse the debug credential.

Parameters:

data (bytes) – Raw data as bytes

Return type:

Self

Returns:

DebugCredential object

Raises:

SPSDKError – When flag is invalid

property rot_hash_length: int

Root of Trust debug credential hash length.

class spsdk.dat.debug_credential.DebugCredentialEdgeLockEnclaveV2(certificate)

Bases: DebugCredentialCertificate

Debug Credential file for ELE version 2 (with PQC support).

Constructor for EdgeLock Enclave version 2 debug credential class.

property beacon: int

DC SOCU field.

calculate_hash()

Calculate the RoT hash.

Return type:

bytes

classmethod create_from_yaml_config(config, version=None, search_paths=None)

Create a debug credential object out of yaml configuration.

Parameters:

• version (Optional[ProtocolVersion]) – Debug Authentication protocol version.

• config (dict[str, Any]) – Debug credential file configuration.

• search_paths (Optional[list[str]]) – List of paths where to search for the file, defaults to None

Return type:

DebugCredentialCertificate

Returns:

DebugCredential object

export()

Export to binary form (serialization).

Return type:

bytes

export_dck_pub()

Export Debugger public key (DCK) as bytes.

Return type:

bytes

Returns:

binary representing the DCK key

export_rot_pub()

Export RoT public key as bytes.

Return type:

bytes

Returns:

binary representing the RoT key

static generate_config_template(family, revision='latest')

Generate DC configuration template.

Parameters:

• family (str) – Family for what will be template generated.

• revision (str) – For a closer specify MCU family.

Return type:

str

Returns:

DC file template.

classmethod get_supported_families()

Get all supported families for DAT.

Return type:

list[str]

Returns:

List of supported families.

static get_validation_schemas(family, revision='latest')

Get list of validation schemas.

Parameters:

• family (str) – Family for what will be json schema generated.

• revision (str) – For a closer specify MCU family.

Return type:

list[dict[str, Any]]

Returns:

Validation list of schemas.

classmethod parse(data)

Parse the debug credential.

Parameters:

data (bytes) – Raw data as bytes

Return type:

Self

Returns:

DebugCredential object

Raises:

SPSDKError – When flag is invalid

sign()

Sign the DC data using SignatureProvider.

Return type:

None

property socc: int

DC SOCC field.

property socu: int

DC SOCU field.

class spsdk.dat.debug_credential.ProtocolVersion(version)

Bases: object

Debug Authentication protocol version.

VERSIONS = ['1.0', '1.1', '2.0', '2.1', '2.2']

classmethod from_public_key(public_key)

Load the version object from public key.

Return type:

Self

classmethod from_version(major, minor)

Load the version object from major and minor version.

Return type:

Self

is_rsa()

Determine whether rsa or ecc is used.

Return type:

bool

Returns:

True if the protocol is RSA type. False otherwise

property major: int

Get major version.

property minor: int

Get minor version.

validate()

Validate the protocol version value.

Raises:

SPSDKValueError – In case that protocol version is using unsupported key type.

Return type:

None

version: str

class spsdk.dat.debug_credential.RotMeta

Bases: object

RoT meta base class.

abstract calculate_hash()

Get Root Of Trust Keys Hash.

Return type:

bytes

Returns:

RoTKH in bytes

abstract export()

Export to binary form.

Return type:

bytes

Returns:

binary representation of the object

abstract classmethod load_from_config(config, search_paths=None)

Creates the RoT meta from configuration.

Return type:

Self

Returns:

RotMeta object

abstract classmethod parse(data)

Parse the object from binary data.

Parameters:

data (bytes) – Raw data as bytes

Return type:

Self

Returns:

RotMeta object

class spsdk.dat.debug_credential.RotMetaDummy

Bases: RotMeta

RoT meta dummy class.

calculate_hash()

Get Root Of Trust Keys Hash.

Return type:

bytes

export()

Export to binary form.

Return type:

bytes

classmethod load_from_config(config, search_paths=None)

Creates the RoT meta from configuration.

Return type:

Self

classmethod parse(data)

Parse the object from binary data.

Return type:

Self

class spsdk.dat.debug_credential.RotMetaEcc(flags, rot_items)

Bases: RotMeta

ECC RoT meta object.

Class object initializer.

Parameters:

• flags (RotMetaFlags) – RotMetaFlags object

• rot_items (list[bytes]) – List of public key hashes

HASH_SIZE = 0

HASH_SIZES = {32: 256, 48: 384, 66: 512}

calculate_hash()

Get CRKT table Hash.

Return type:

bytes

Returns:

CRKT table hash in bytes

export()

Export to binary form.

Return type:

bytes

Returns:

binary representation of the object

export_crtk_table()

Export CRTK table into binary form.

Return type:

bytes

property key_size: int

Key size property.

classmethod load_from_config(config, search_paths=None)

Creates the RoT meta from configuration.

Return type:

RotMetaEcc

Returns:

RotMetaEcc object

classmethod parse(data)

Parse the object from binary data.

Parameters:

data (bytes) – Raw data as bytes

Return type:

Self

Returns:

RotMetaEcc object

class spsdk.dat.debug_credential.RotMetaEdgeLockEnclave(flags, srk_table)

Bases: RotMeta

ELE RoT meta object.

Class object initializer.

Parameters:

• flags (RotMetaFlags) – RotMetaFlags object

• srk_table (SRKTable) – SRKTable object

calculate_hash()

Get SRK table hash.

Return type:

bytes

Returns:

SRK table hash in bytes

export()

Export to binary form.

Return type:

bytes

Returns:

binary representation of the object

classmethod load_from_config(config, search_paths=None)

Creates the RoT meta from configuration.

Return type:

Self

Returns:

RotMetaEdgeLockEnclave object

classmethod parse(data)

Parse the object from binary data.

Parameters:

data (bytes) – Raw data as bytes

Return type:

Self

Returns:

RotMetaEdgeLockEnclave object

class spsdk.dat.debug_credential.RotMetaFlags(used_root_cert, cnt_root_cert)

Bases: object

Rot meta flags.

Class object initializer.

Parameters:

• used_root_cert (int) – Index of used root certificate

• cnt_root_cert (int) – Number of certificates in the RoT meta

export()

Export to binary form.

Return type:

bytes

Returns:

binary representation of the object

classmethod parse(data)

Parse flags from binary data.

Parameters:

data (bytes) – Raw data as bytes

Return type:

Self

Returns:

The RotMetaFlags object

validate()

Validate the flags.

Return type:

None

class spsdk.dat.debug_credential.RotMetaRSA(rot_items)

Bases: RotMeta

RSA RoT meta object.

Class object initializer.

Parameters:

rot_items (list[bytes]) – List of public key hashes

calculate_hash()

Get Root Of Trust Keys Hash.

Return type:

bytes

Returns:

RoTKH in bytes

export()

Export to binary form.

Return type:

bytes

Returns:

binary representation of the object

classmethod load_from_config(config, search_paths=None)

Creates the RoT meta from configuration.

Return type:

Self

Returns:

RotMetaRSA object

classmethod parse(data)

Parse the object from binary data.

Parameters:

data (bytes) – Raw data as bytes

Return type:

Self

Returns:

RotMetaRSA object

Module with Debug Authentication Challenge (DAC) Packet

Module with Debug Authentication Challenge (DAC) Packet.

class spsdk.dat.dac_packet.DebugAuthenticationChallenge(version, socc, uuid, rotid_rkh_revocation, rotid_rkth_hash, cc_soc_pinned, cc_soc_default, cc_vu, challenge)

Bases: object

Base class for DebugAuthenticationChallenge.

Initialize the DebugAuthenticationChallenge object.

Parameters:

• version (ProtocolVersion) – The string representing version: for RSA: 1.0, for ECC: 2.0, 2.1, 2.2

• socc (int) – The SoC Class that this credential applies to

• uuid (bytes) – The string representing the unique device identifier

• rotid_rkh_revocation (int) – State of certificate revocation field

• rotid_rkth_hash (bytes) – The hash of roth-meta data

• cc_soc_pinned (int) – State of lock bits in the debugger configuration field

• cc_soc_default (int) – State of the debugger configuration field

• cc_vu (int) – The Vendor usage that the vendor has associated with this credential

• challenge (bytes) – Randomly generated bytes from the target

export()

Exports the DebugAuthenticationChallenge into bytes.

Return type:

bytes

static get_rot_hash_length(family, major_ver, minor_ver)

Returns length of Root Of Trust hash length.

Parameters:

• family (str) – The chip family name

• major_ver (int) – Major version

• minor_ver (int) – Minor version

Return type:

int

Returns:

Length of Root Of Trust hash in bytes

classmethod parse(data)

Parse the data into a DebugAuthenticationChallenge.

Parameters:

data (bytes) – Raw data as bytes

Return type:

DebugAuthenticationChallenge

Returns:

DebugAuthenticationChallenge object

validate_against_dc(family, dc)

Validate against Debug Credential file.

Parameters:

• family (str) – Chip family name

• dc (DebugCredentialCertificate) – Debug Credential class to be validated by DAC

Raises:

SPSDKValueError – In case of invalid configuration detected.

Return type:

None

Module with Debug Authentication Response (DAR) Packet

Module with Debug Authentication Response (DAR) Packet.

class spsdk.dat.dar_packet.DebugAuthenticateResponse(family, debug_credential, auth_beacon, dac, sign_provider, revision='latest')

Bases: object

Class for DAR packet.

Initialize the DebugAuthenticateResponse object.

Parameters:

• family (str) – Family name of used chip for DAR

• debug_credential (DebugCredentialCertificate) – the path, where the dc is store

• auth_beacon (int) – authentication beacon value

• dac (DebugAuthenticationChallenge) – the path, where the dac is store

• path_dck_private – the path, where the dck private key is store

• revision (str) – Chip revision, if not specified the latest revision is used

classmethod create(family, version, dc, auth_beacon, dac, dck)

Create a dar object out of input parameters.

Parameters:

• family (Optional[str]) – Family name of the used chip

• version (Optional[ProtocolVersion]) – protocol version

• dc (DebugCredentialCertificate) – debug credential object

• auth_beacon (int) – authentication beacon value

• dac (DebugAuthenticationChallenge) – DebugAuthenticationChallenge object

• dck (str) – string containing path to dck key

Return type:

DebugAuthenticateResponse

Returns:

DAR object

export()

Export to binary form (serialization).

Return type:

bytes

Returns:

the exported bytes from object

static generate_config_template(family, revision='latest')

Generate AHAB configuration template.

Parameters:

• family (str) – Family for which the template should be generated.

• revision (str) – Family revision of chip.

Return type:

str

Returns:

Dictionary of individual templates (key is name of template, value is template itself).

classmethod get_validation_schemas(family, revision='latest')

Create the validation schema.

Parameters:

• family (str) – Family description.

• revision (str) – Chip revision specification, as default, latest is used.

Raises:

SPSDKError – Family or revision is not supported.

Return type:

List[Dict[str, Any]]

Returns:

List of validation schemas.

classmethod load_from_config(config, dac, search_paths=None)

Converts the configuration option into an Debug authentication response object.

Parameters:

• config (Dict[str, Any]) – Debug authentication response configuration dictionaries.

• dac (DebugAuthenticationChallenge) – Debug Credential Challenge

• search_paths (Optional[List[str]]) – List of paths where to search for the file, defaults to None

Return type:

Self

Returns:

Debug authentication response object.

classmethod parse(data)

Parse the DAR.

Parameters:

data (bytes) – Raw data as bytes

Return type:

Self

Returns:

DebugAuthenticateResponse object

Raises:

NotImplementedError – Derived class has to implement this method

class spsdk.dat.dar_packet.DebugAuthenticateResponseECC(family, debug_credential, auth_beacon, dac, sign_provider, revision='latest')

Bases: DebugAuthenticateResponse

Class for DAR, using Elliptic curve keys.

Initialize the DebugAuthenticateResponse object.

Parameters:

• family (str) – Family name of used chip for DAR

• debug_credential (DebugCredentialCertificate) – the path, where the dc is store

• auth_beacon (int) – authentication beacon value

• dac (DebugAuthenticationChallenge) – the path, where the dac is store

• path_dck_private – the path, where the dck private key is store

• revision (str) – Chip revision, if not specified the latest revision is used

CURVE = 'secp256r1'

KEY_LENGTH = 0

class spsdk.dat.dar_packet.DebugAuthenticateResponseECC_256(family, debug_credential, auth_beacon, dac, sign_provider, revision='latest')

Bases: DebugAuthenticateResponseECC

Class for DAR, using Elliptic curve, 256 bits sized keys.

Initialize the DebugAuthenticateResponse object.

Parameters:

• family (str) – Family name of used chip for DAR

• debug_credential (DebugCredentialCertificate) – the path, where the dc is store

• auth_beacon (int) – authentication beacon value

• dac (DebugAuthenticationChallenge) – the path, where the dac is store

• path_dck_private – the path, where the dck private key is store

• revision (str) – Chip revision, if not specified the latest revision is used

CURVE = 'secp256r1'

KEY_LENGTH = 32

class spsdk.dat.dar_packet.DebugAuthenticateResponseECC_384(family, debug_credential, auth_beacon, dac, sign_provider, revision='latest')

Bases: DebugAuthenticateResponseECC

Class for DAR, using Elliptic curve, 384 bits sized keys.

Initialize the DebugAuthenticateResponse object.

Parameters:

• family (str) – Family name of used chip for DAR

• debug_credential (DebugCredentialCertificate) – the path, where the dc is store

• auth_beacon (int) – authentication beacon value

• dac (DebugAuthenticationChallenge) – the path, where the dac is store

• path_dck_private – the path, where the dck private key is store

• revision (str) – Chip revision, if not specified the latest revision is used

CURVE = 'secp384r1'

KEY_LENGTH = 48

class spsdk.dat.dar_packet.DebugAuthenticateResponseECC_521(family, debug_credential, auth_beacon, dac, sign_provider, revision='latest')

Bases: DebugAuthenticateResponseECC

Class for DAR, using Elliptic curve, 521 bits sized keys.

Initialize the DebugAuthenticateResponse object.

Parameters:

• family (str) – Family name of used chip for DAR

• debug_credential (DebugCredentialCertificate) – the path, where the dc is store

• auth_beacon (int) – authentication beacon value

• dac (DebugAuthenticationChallenge) – the path, where the dac is store

• path_dck_private – the path, where the dck private key is store

• revision (str) – Chip revision, if not specified the latest revision is used

CURVE = 'secp521r1'

KEY_LENGTH = 66

class spsdk.dat.dar_packet.DebugAuthenticateResponseEdgelockEnclaveV2(family, debug_credential, auth_beacon, dac, sign_message, revision='latest')

Bases: DebugAuthenticateResponse

Class for DAR, using AHAB Signed message version 2.

Constructor of DAR for devices that using EdgeLock Enclave with AHAB v2.

export()

Export to binary form (serialization).

Return type:

bytes

Returns:

the exported bytes from object

class spsdk.dat.dar_packet.DebugAuthenticateResponseRSA(family, debug_credential, auth_beacon, dac, sign_provider, revision='latest')

Bases: DebugAuthenticateResponse

Class for RSA specifics of DAR packet.

Initialize the DebugAuthenticateResponse object.

Parameters:

• family (str) – Family name of used chip for DAR

• debug_credential (DebugCredentialCertificate) – the path, where the dc is store

• auth_beacon (int) – authentication beacon value

• dac (DebugAuthenticationChallenge) – the path, where the dac is store

• path_dck_private – the path, where the dck private key is store

• revision (str) – Chip revision, if not specified the latest revision is used

Module for NXP SPDK DebugMailbox support

Module for NXP SPSDK DebugMailbox support.

class spsdk.dat.debug_mailbox.DebugMailbox(debug_probe, family, revision='latest', reset=True, moredelay=0.0, op_timeout=1000)

Bases: object

Class for DebugMailbox.

Initialize DebugMailbox object.

Parameters:

• debug_probe (DebugProbe) – Debug probe instance.

• family (str) – Chip family.

• revision (str) – Chip family revision, defaults to ‘latest’

• reset (bool) – Do reset of debug mailbox during initialization, defaults to True.

• moredelay (float) – Time of extra delay after reset sequence, defaults to 0.0.

• op_timeout (int) – Atomic operation timeout, defaults to 1000.

Raises:

SPSDKIOError – Various kind of vulnerabilities during connection to debug mailbox.

close()

Close session.

Return type:

None

dbgmlbx_reg_read(addr=0)

Read debug mailbox access port register.

This is read debug mailbox register function for SPSDK library to support various DEBUG PROBES.

Parameters:

addr (int) – the register address

Return type:

int

Returns:

The read value of addressed register (4 bytes)

Raises:

NotImplementedError – Derived class has to implement this method

dbgmlbx_reg_write(addr=0, data=0)

Write debug mailbox access port register.

This is write debug mailbox register function for SPSDK library to support various DEBUG PROBES.

Parameters:

• addr (int) – the register address

• data (int) – the data to be written into register

Raises:

NotImplementedError – Derived class has to implement this method

Return type:

None

get_dbgmlbx_ap()

Decorator function that secure the getting right DEBUG MAILBOX AP ix for first use.

Parameters:

func – Decorated function.

read_idr()

Read IDR of debug mailbox.

Return type:

int

Returns:

IDR value of debug mailbox AP.

spin_read(reg)

Do atomic read operation to debug mailbox.

Parameters:

reg (int) – Register address.

Return type:

int

Returns:

Read value.

Raises:

SPSDKTimeoutError – When read operation exceed defined operation timeout.

spin_write(reg, value)

Do atomic write operation to debug mailbox.

Parameters:

• reg (int) – Register address.

• value (int) – Value to write.

Raises:

SPSDKTimeoutError – When write operation exceed defined operation timeout.

Return type:

None

exception spsdk.dat.debug_mailbox.DebugMailboxError

Bases: RuntimeError

Class for DebugMailboxError.

Module with commands for Debug Mailbox

Commands for Debug Mailbox.

class spsdk.dat.dm_commands.DebugAuthenticationResponse(dm, paramlen)

Bases: DebugMailboxCommand

Class for DebugAuthenticationResponse.

Initialize.

CMD_ID = 17

CMD_NAME = 'DBG_AUTH_RESP'

class spsdk.dat.dm_commands.DebugAuthenticationStart(dm, resplen=26)

Bases: DebugMailboxCommand

Class for DebugAuthenticationStart.

Initialize.

CMD_ID = 16

CMD_NAME = 'DBG_AUTH_START'

class spsdk.dat.dm_commands.DebugMailboxCommand(dm, paramlen=0, resplen=0, delay=0.03)

Bases: object

Class for DebugMailboxCommand.

Initialize.

CMD_ID = 0

CMD_NAME = 'General'

DELAY_DEFAULT = 0.03

run(params=None)

Run DebugMailboxCommand.

Return type:

list[Any]

run_safe(raise_if_failure=True, **args)

Run a command and abort on first failure instead of looping forever.

Return type:

Optional[list[Any]]

class spsdk.dat.dm_commands.EnterBlankDebugAuthentication(dm)

Bases: DebugMailboxCommand

Class for EnterBlankDebugAuthentication.

Initialize.

CMD_ID = 8

CMD_NAME = 'ENTER_BLANK_DEBUG_AUTH'

class spsdk.dat.dm_commands.EnterISPMode(dm)

Bases: DebugMailboxCommand

Class for EnterISPMode.

Initialize.

CMD_ID = 5

CMD_NAME = 'ENTER_ISP_MODE'

class spsdk.dat.dm_commands.EraseFlash(dm)

Bases: DebugMailboxCommand

Class for Erase Flash.

Initialize.

CMD_ID = 3

CMD_NAME = 'ERASE_FLASH'

class spsdk.dat.dm_commands.EraseOneSector(dm)

Bases: DebugMailboxCommand

Class for Erase One Sector.

Initialize.

CMD_ID = 11

CMD_NAME = 'ERASE_ONE_SECTOR'

class spsdk.dat.dm_commands.ExitDebugMailbox(dm, paramlen=0, resplen=0, delay=0.03)

Bases: DebugMailboxCommand

Class for ExitDebugMailbox.

Initialize.

CMD_ID = 4

CMD_NAME = 'EXIT_DBG_MB'

class spsdk.dat.dm_commands.GetCRPLevel(dm, paramlen=0, resplen=0, delay=0.03)

Bases: DebugMailboxCommand

Class for Get CRP Level.

Initialize.

CMD_ID = 2

CMD_NAME = 'GET_CRP_LEVEL'

class spsdk.dat.dm_commands.NxpDebugAuthenticationResponse(dm, paramlen)

Bases: DebugMailboxCommand

Class for DebugAuthenticationResponse.

Initialize.

CMD_ID = 19

CMD_NAME = 'NXP_DBG_AUTH_RESP'

class spsdk.dat.dm_commands.NxpDebugAuthenticationStart(dm, resplen=26)

Bases: DebugMailboxCommand

Class for DebugAuthenticationStart.

Initialize.

CMD_ID = 18

CMD_NAME = 'NXP_DBG_AUTH_START'

class spsdk.dat.dm_commands.SetFaultAnalysisMode(dm, paramlen=0)

Bases: DebugMailboxCommand

Class for SetFaultAnalysisMode.

Initialize.

CMD_ID = 6

CMD_NAME = 'SET_FA_MODE'

class spsdk.dat.dm_commands.StartDebugMailbox(dm, paramlen=0, resplen=0, delay=0.03)

Bases: DebugMailboxCommand

Class for StartDebugMailbox.

Initialize.

CMD_ID = 1

CMD_NAME = 'START_DBG_MB'

class spsdk.dat.dm_commands.StartDebugSession(dm, paramlen=0, resplen=0, delay=0.03)

Bases: DebugMailboxCommand

Class for StartDebugSession.

Initialize.

CMD_ID = 7

CMD_NAME = 'START_DBG_SESSION'

class spsdk.dat.dm_commands.WriteToFlash(dm)

Bases: DebugMailboxCommand

Class for Write To Flash.

Initialize.

CMD_ID = 9

CMD_NAME = 'WRITE_TO_FLASH'