The Babylon A70CM demo firmware assumes the following restrictions:
• Authentication Process assumes both Client than Server has same RSA certificate inside. No Certificate exchange is performed
• The demo program use default NXP Certificate for Autentication Process
• Authentication process is started from Client and uses a simple AES KeyA-KeyB exchange check.
• The AES session Key is exchanged after authentication success.
• AES key is generated using secure wrapping algoritm RFC3394
• The user’s text messages are sent from Server to Client (max lenght 64 char)
• All messages are 128 bytes fixed-length
• Signed user’s messages uses SHA1 digital signature, stored inside of last 20 bytes of each message (from position 109 to position 128).
(more details at paragraph 19.2.3.1 - Secret Key Electronic Signatures on this link )
• To change AES session key, you must restart Authentication Process.
• AES key generation function is ONLY FOR DEBUG. Do not use for end-user application
• LAN mode has one board as Server and one board as Client, 3 terminal instance are needed