This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Do the AT%CMNG commands function properly for writing credentials in mfw_nrf9160_0.7.0-29.alpha

I've used the nrf_inbuilt_key_write to store certificates/keys in the past, but I am still unable to do it using the "AT%CMNG" modem command.

I can list and delete items using "AT%CMNG=1" and "AT%CMNG=3,x,x", but every attempt to write with "AT%CMNG=0,x,x,"xxx"" seems to hang forever.

Our device is providing access to a modem console for factory provisioning and debug, so it would be nice to not have to implement a special method when this should be able to handle it, but I just can't get it to work.

Is this expected to be working in mfw_nrf9160_0.7.0-29.alpha?

Parents Reply
  • I am unable to get XPMNG to work when pushing the public key to the modem.  The CME error code is not listed in on the XPMNG documentation page.

    ***** Booting Zephyr OS v1.14.99-ncs1 *****
    The AT host sample started
    AT
    OK
    AT+CFUN=4
    OK
    AT+CMEE=1
    OK
    AT%XPMNG=0,"-----BEGIN PUBLIC KEY-----MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE0hFbFkKzORGXw5UCyFV6McEsQlH/SA+5OPTg5ff1DwQDj9LQJJ4dkcgdGI46bVho3YU7RQTVc9LojyUFNHNEew==-----END PUBLIC KEY-----"
    +CME ERROR: 519

Children
  • I now wonder if I haven't somehow put this modem's NVM into a bad state.  Just so I could continue doing other work, I used nrf_inbuilt_key_delete/nrf_inbuilt_key_write to remove all credentials and then reload a good set, and now every attempt to connect to an SSL socket fails with errno=-45. This is the same client/application code I have been using for months without issue.

    I further tried using just "openssl s_server" as the listener and disabling peer verify on both sides, and I still get -45 from mqtt_connect.  The openssl server just spits out this every time the device hits it:

    ERROR
    shutting down SSL
    CONNECTION CLOSED

    They never even begin key exchange.  Disappointed

  • Hi Justin,
    Could you try to list the keys (AT%CMNG=1) and delete the ones that you are not using.
    It may be that there is a memory issue.

    The error 519 is not listed in the documentation, but it means that it already exists something at that place, so you can try to delete the old one first.

  • I have previously listed and deleted all keys using CMNG=1 and CMNG=3.  I just tried it again and included a CFUN=0 and reboot after deleting the keys but before trying to write new keys with CMNG=0.  It exhibited the same behavior and never completed the CMNG write command.

    Regarding the XPMNG command, I tried XPMNG=2 and it does report an existing public key.  I am quite certain I have never installed one.  I happened to have a new dev kit we recently got for GPS testing, so I loaded it up with at_client and XPMNG=2 reports the exact same public key.  I assume these must be from manufacturing on Nordic's end.  There is no command I can find in the modem manual to delete the XPMNG credential, can you please tell me how to do this?

    In case anyone else ever cares, this is what the preinstalled public key looked like:

    AT%XPMNG=2
    %XPMNG: "-----BEGIN PUBLIC KEY-----
    MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAErrM7SxsE9WStx+6C2TQSsiaCnDww
    B6rYZe/xHP7sDuHP8SmB0uauqhWBXXy0e8xoxqAc2bniubZa4HI2Zfz7tQ==
    -----END PUBLIC KEY-----
    "
    OK

Related