[LPC55]Avoid “Crypto” Enabling Discontinuous PRINCE Sub-Region

Document created by ZhangJennie Employee on Apr 15, 2020Last modified by ZhangJennie Employee on Apr 16, 2020
Version 3Show Document
  • View in full screen mode

When we use LPC55Sxx PRINCE feature, we need enable PRINCE sub-region “crypto” by setting SR_ENABLE register. If we “crypto” enable discontinuous sub-regions and erase part of them, we may find we can’t erase/read/write other “crypto” sub-regions any more. This article will discuss how to resolve this phenomenon.

          Figure 1

  1.         Testing Steps

According to LPC55Sxx UM, each PRINCE region has its SR_ENABLEx register. This register enables PRINCE encryption and decryption of data for each sub-region of crypto region 0. Each bit in this field enables a sub-region of crypto region 0 at offset 8kB*n, where n is the bit number.  For example, when we set SR_ENABLE0=0X00000005, PRINCE region 0 sub-region 1 and sub-region 3 are set as encryption region. When read data out from these sub-regions, PRINCE will decrypt the data automatically.

 

Now we will test discontinuous sub-region erase/read/write.

Board: LPC55S16-EVK

IDE: Keil MDK v5.29

Step 1: PRINCE initialization: Enable PRINCE region 0 and two discontinuous sub-regions; generate key, IV code; enable crypto.

//set SR_ENABLESR_ENABLE=0X28000000,enable sub-regions(0x30000-0x32000,0x34000-0x36000) crypto

status=PRINCE_SetRegionSREnable(PRINCE(prince_region_t)region0,0X28000000);

//select PRINCE crypto for region0

PRINCE_SetRegionBaseAddress(PRINCE_Type*base,prince_region_tregion0,uint32_t0X0)

//generate PRINCE region0 crypto key

Status=FFR_KeystoreGetKC(&flashInstance,&keyCode[0],kFFR_KeyTypePrinceRegion0);

status=PUF_GetHwKey(PUF,keyCode,sizeof(keyCode),kPUF_KeySlot2, rand());

//generate PRINCE region0 crypto IV_code

status=PRINCE_GenNewIV(kPRINCE_Region0,&prince_iv_code[0],true,&flashInstance)

//load IV code to PRINCE

status=PRINCE_LoadIV(kPRINCE_Region0,&prince_iv_code[0])

//enable PRINCE encryption

PRINCE_EncryptEnable(PRINCE)

 

Step 2: Select two discontinuous sub-regions ( 0x30000-0x32000,0x34000-0x36000). Erase one of them (0x30000-0x32000), then write data to this sub-region.

Output: Erasing and Writing are all successful. See Figure 2.

//Erase 0x30000-0x32000 sub-region

status=PRINCE_FlashEraseWithChecker(&flashInstance,0x30000,0x2000,kFLASH_ApiEraseKey);

//Write 0x30000-0x32000 sub-region

status=PRINCE_FlashProgramWithChecker(&flashInstance,0x30000,(uint8_t *)prince_iv_code,0x2000);

 

Step 3: Erase and Write the other sub-region ( 0x34000-0x36000 )

Output: Erasing and Writing are failed. See Figure 2.

//Erasing 0x34000-0x36000 sub-region

status=PRINCE_FlashEraseWithChecker(&flashInstance,0x34000, 0x2000,kFLASH_ApiEraseKey);

//Write 0x34000-0x36000 sub-region

status=PRINCE_FlashProgramWithChecker(&flashInstance,0x34000, (uint8_t *)prince_iv_code,0x2000);

  1. Error Analysis

According to UM11126(49.16.1 Functional details, each crypto region has its own SKEY and IV code. SKEY and IV are used together by the PRINCE when encrypting or decrypting the data in the sub-regions of crypto region.

For Instance, For PRINCE region1, each time after we execute erasing operation, new Skey1 and IV1 are generated, thus when executing erase/read/write operation to another sub-region, the old IV1 and new IV1 don’t match, which causes PRINCE can’t decrypt correctly.

 

  1. Suggestion

We suggest user using SR_ENABLE to set continuous crypto sub-regions. When erasing operation is needed, erasing all the crypto sub-regions together, avoid erasing part of the sub-regions. One sub-region size is 8K, make sure the erasing/writing address 8K aligned.

 

Thanks for the suggestion from John Wu

Attachments

    Outcomes