SLUAAW0 May   2025 BQ41Z50

 

  1.   1
  2.   Abstract
  3.   Trademarks
  4. 1Introduction
  5. 2Authentication Scheme Comparison
  6. 3ECC Key Programming Within the Pack Manufacturing Flow
  7. 4Gauge Authentication Flow of the BQ41z50 Product Family
  8. 5Host Authentication Flow of the BQ41z50 Product Family
  9. 6Authentication Flow in BQSTUDIO
  10. 7Summary
  11. 8References

8 References

Table 8-1 Algorithm Summary and Notes
Algorithm Notes
ECDH

#peer_kpub is 32 bytes

#self_kpri is 32 bytes

#secret is 30 bytes


secret = ecdh(peer_kpub, self_Kpvt)
PBKDF2HMAC

#Sample python code from openssi

#Salt is random number that is read from gauge

#length is 16 bytes for AES-128

#iterations is 128

#key is AES-128 key


from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
kdf = PBKDF2HMAC(
    aglorithm = hashes.SHA256( ), 
    length = 16,
    salt=bytes(salt),
    iterations = 128,
    backed=backend
)
aeskey = bytearray(kdf.derive(bytes(secret)))
AES

#iv is read from gauge

Encrypted ProdKpvt CProdKpve is 32 bytes


from Crypto.Cipher import AES
cipher = AES.new(aeskey, AES.MODE_CTR, nonce=bytes(iv[0:8]), initial_value=bytes(iv[8:16]))
    CProdKpvt = cipher.encrypt(ProdKpvt)
ECC ECC-233