The %XSUDO command is used to authenticate AT
commands.
Before you start the authentication, perform the following
two steps (only once):
- Generate private and public keys with OpenSSL:
openssl ecparam -name prime256v1 -genkey -noout -out [private key PEM file]
openssl ec -in [private key PEM file] -out [public key PEM file] -pubout
- Write the public key with the AT
command:
AT%XPMNG=0,”<public key>”
OK
To authenticate an AT command, perform the following steps:
-
Calculate an AT command signature.
-
Create an AT command text file for an authenticated AT command:
Example:
%CMNG=0,1,0,”TEST ROOT CERTIFICATE”
-
Create a digest file with OpenSSL from AT command that needs
authentication:
openssl sha256 -binary [AT command text file] > [digest file]
-
Create a signature file with OpenSSL from the digest file:
openssl pkeyutl -sign -in [digest file] -out [signature file] -inkey [private key PEM file]
-
Convert the signature to Base64 format:
base64 < [signature file] > [signature base64 file]
-
Write the authenticated AT command.
The
%XSUDO command is used to authenticate the
%CMNG
command:
Example:
AT%XSUDO=35,”<signature base64>”;%CMNG=0,1,0,”TEST ROOT CERTIFICATE”
OK