• State Verified Answer
  • Replies 15 replies
  • Subscribers 68 subscribers
  • Views 4591 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 231013
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Do the AT%CMNG commands function properly for writing credentials in mfw_nrf9160_0.7.0-29.alpha

jbrzozoski

I've used the nrf_inbuilt_key_write to store certificates/keys in the past, but I am still unable to do it using the "AT%CMNG" modem command.

I can list and delete items using "AT%CMNG=1" and "AT%CMNG=3,x,x", but every attempt to write with "AT%CMNG=0,x,x,"xxx"" seems to hang forever.

Our device is providing access to a modem console for factory provisioning and debug, so it would be nice to not have to implement a special method when this should be able to handle it, but I just can't get it to work.

Is this expected to be working in mfw_nrf9160_0.7.0-29.alpha?

  • 0

    I have the feeling that the %CMNG write command is very unforgiving of certificate bodies that don't match the expected formatting, and it is hanging forever waiting to see a certain pattern it expects...  But I can't for the life of me figure out what the pattern should be.  The certificate files I'm using are accepted just fine by the nrf_inbuilt_key_write function...

    (EDIT: This was definitely not the issue as the CMNG write command stores anything you send w/o doing any validation if things are working properly.  Further down in the thread I stored "HONKHONK" as a CA certificate.)

  • 0

    Hi Justin,
    Are you sending AT-Commands in your application with sockets or are you sending directly via e.g. a serial terminal using the %CMNG command with at_client sample?

    Note:

    • <content> in the read response is exactly what is written, including <CR>, <LF>, and other characters. The characters outside the double quotes are part of the AT response format.

    <content> String. Mandatory if <opcode> is write. An empty string is not allowed. A Privacy Enhanced Mail (PEM) file enclosed in double quotes (X.509 PEM entities). Base64-encoded string in double quotes (PSK).

    Please look at the examples in the doc page for reference.

  • 0 in reply to Martin Lesund

    I was working directly via a serial terminal at the moment, just as a proof of concept.  I was getting the same behavior with both our application and the at_client sample.

    Does CR/LF matter?  Are line breaks required in the key material or could the entire thing be concatenated to one line if desired?

    The doc page you referenced makes use of XSUDO.  Base on the note on this page I had assumed that was not necessary yet, and possibly not fully implemented, so I had not been trying it.  Am I likely to have more success if I use XSUDO?

    I will try to match my certificate types and formatting more carefully to your reference and see if that changes anything.

  • 0 in reply to Martin Lesund

    I am unable to get XPMNG to work when pushing the public key to the modem.  The CME error code is not listed in on the XPMNG documentation page.

    ***** Booting Zephyr OS v1.14.99-ncs1 *****
The AT host sample started
AT
OK
AT+CFUN=4
OK
AT+CMEE=1
OK
AT%XPMNG=0,"-----BEGIN PUBLIC KEY-----MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE0hFbFkKzORGXw5UCyFV6McEsQlH/SA+5OPTg5ff1DwQDj9LQJJ4dkcgdGI46bVho3YU7RQTVc9LojyUFNHNEew==-----END PUBLIC KEY-----"
+CME ERROR: 519

Related