SPRACT3A September   2020  – June 2026 F29H850TU , F29H859TU-Q1 , F29P329SM-Q1 , TMS320F2800132 , TMS320F2800133 , TMS320F2800135 , TMS320F2800137 , TMS320F280033 , TMS320F280034 , TMS320F280034-Q1 , TMS320F280036-Q1 , TMS320F280036C-Q1 , TMS320F280037 , TMS320F280037-Q1 , TMS320F280037C , TMS320F280037C-Q1 , TMS320F280038-Q1 , TMS320F280038C-Q1 , TMS320F280039 , TMS320F280039-Q1 , TMS320F280039C , TMS320F280039C-Q1 , TMS320F28384D , TMS320F28384D-Q1 , TMS320F28384S , TMS320F28384S-Q1 , TMS320F28386D , TMS320F28386D-Q1 , TMS320F28386S , TMS320F28386S-Q1 , TMS320F28388D , TMS320F28388S , TMS320F28P550SG , TMS320F28P550SJ , TMS320F28P559SG-Q1 , TMS320F28P559SJ-Q1 , TMS320F28P650DH , TMS320F28P650DK , TMS320F28P650SH , TMS320F28P650SK , TMS320F28P659DH-Q1 , TMS320F28P659DK-Q1 , TMS320F28P659SH-Q1

 

  1.   1
  2.   Abstract
  3.   Trademarks
  4. Introduction
  5. Secure Flash Boot Overview
  6. CMAC Authentication
  7. Secure Flash Boot Options
  8. Secure Flash Boot Flow
  9. C2000Ware Example Details
  10. Authenticating Flash Code Beyond 16 KB
  11. Debug Resources
  12. Additional Information and Points to Consider
  13. 10Alignment of C2000 CMAC Algorithm to OpenSSL
    1. 10.1 C28x Memory and Binary File Byte Ordering
    2. 10.2 Flash Binary Byte Ordering
    3. 10.3 CMAC Key Byte Ordering
    4. 10.4 CMAC Output Alignment Procedure
    5. 10.5 Worked Example
    6. 10.6 Summary of Differences
  14. 11References
  15. 12Revision History

10 Alignment of C2000 CMAC Algorithm to OpenSSL

The C2000™ hex utility (hex2000) applies a proprietary byte-reordering transform, referred to throughout this document as "swapwords", both to the message data prior to CMAC computation and to the resulting authentication tag prior to embedding it in the flash image. This is described in detail in the Section 10.2.

Since OpenSSL's AES-128-CMAC implementation operates on an unmodified, contiguous byte stream without any such reordering, a direct invocation of the openssl dgst -mac cmac command on the raw binary will not produce output that matches the golden CMAC tag generated by C2000. This section describes the precise sequence of operations required to bring the output of OpenSSL into alignment with C2000, enabling developers to independently verify or reproduce the golden CMAC tag using standard, open-source cryptographic tooling.

Note that this alignment procedure is intended for use in development and verification workflows. It is not a replacement for the hex2000 utility in production image generation. For details on the hex2000 --cmac flags and key file format, see [3] and [4].