This example uses and generates a certificate and command signature on-the-fly using the provided command key to sign the certifi-
cate. All the generated files and the command key are stored in the Security Store.
Command Line Output Example
Command public key stored in:
/Users/example/Library/Preferences/SiliconLabs/commander/SecurityStore/device_0000000000000000d0cf5efffe68a68b/
command_pubkey.pem
Command private key stored in:
/Users/example/Library/Preferences/SiliconLabs/commander/SecurityStore/device_0000000000000000d0cf5efffe68a68b/
command_key.pem
Authorization file written to Security Store:
/Users/example/Library/Preferences/SiliconLabs/commander/SecurityStore/device_0000000000000000d0cf5efffe68a68b/
certificate_authorizations.json
Generating ECC P256 key pair...
Cert public key stored at:
/Users/example/Library/Preferences/SiliconLabs/commander/SecurityStore/device_0000000000000000d0cf5efffe68a68b/
cert_pubkey.pem
Cert private key stored at:
/Users/example/Library/Preferences/SiliconLabs/commander/SecurityStore/device_0000000000000000d0cf5efffe68a68b/
cert_key.pem
Command key matches public command key found on device. Signing certificate...
Certificate was signed with key:
test-cases/common/security_testfiles/command_key.pem
Successfully stored certificate
Certificate written to Security Store:
/Users/example/Library/Preferences/SiliconLabs/commander/SecurityStore/device_0000000000000000d0cf5efffe68a68b/
access_certificate.bin
Created unsigned unlock command
Signed unlock command using
/Users/example/Library/Preferences/SiliconLabs/commander/SecurityStore/device_0000000000000000d0cf5efffe68a68b/
cert_key.pem
Secure debug successfully unlocked
Command unlock payload was stored in Security Store
DONE
Command Line Input Example
$ commander security unlock --cert access_certificate.bin --cert-privkey cert_key.pem
This example unlocks the device with a signed access certificate and the private certificate key corresponding to the public key in the
access certificate. The certificate and key are stored in the Security Store.
Command Line Output Example
/Users/example/Library/Preferences/SiliconLabs/commander/SecurityStore/device_0000000000000000d0cf5efffe68a68b/
access_certificate.bin
Cert key written to Security Store:
/Users/example/Library/Preferences/SiliconLabs/commander/SecurityStore/device_0000000000000000d0cf5efffe68a68b/
cert_pubkey.pem
Created unsigned unlock command
Signed unlock command using
/Users/example/Library/Preferences/SiliconLabs/commander/SecurityStore/device_0000000000000000d0cf5efffe68a68b/
cert_key.pem
Secure debug successfully unlocked
Command unlock payload was stored in Security Store
DONE
Command Line Input Example
$ commander security unlock --cert-signature cert_signature.bin --command-signature command_signature.bin
This example uses externally generated signatures for both the access certificate and command file. The access certificate signature is
appended to the certificate and stored in the Security Store. The command signature is validated against the public key in the certifi-
cate.
Command Line Output Example
Using certificate from Security Store:
/Users/example/Library/Preferences/SiliconLabs/commander/SecurityStore/device_0000000000000000d0cf5efffe68a68b/
UG162: Simplicity Commander Reference Guide
Simplicity Commander Commands
silabs.com | Building a more connected world. Rev. 2.9 | 74