LPC55Sxx with PRINCE: write flash in chunks, and flash reading via ROM API

取消
显示结果 
显示  仅  | 搜索替代 
您的意思是: 

LPC55Sxx with PRINCE: write flash in chunks, and flash reading via ROM API

558 次查看
keepcoding
Contributor I

Hi

I have a couple questions regarding the PRINCE functionality of the LPC55Sxx series.

1. The manual says all the encrypted memory should be written at once. But that is not possible if I want to do a firmware upgrade, since the whole firmware would have to be placed into RAM first and then copied into flash, right? Can't I erase and write page by page when using encryption?

2. Reading the encrypted memory doesn't seem to work when using the ROM API. FLASH_Read() function returns garbage, whereas when I do a simple memcpy() I get the correctly decrypted data...

0 项奖励
回复
5 回复数

538 次查看
Alice_Yang
NXP TechSupport
NXP TechSupport

Hello @keepcoding 

  1. To ensure the integrity of encryption, write all data at once.
  2. FLASH_Read() read physical Flash data directly without going through PRINCE hardware decoding, resulting in returning encrypted "garbage" data. memcpy() may read memory directly through the CPU, triggering the hardware decoding mechanism.

 

BR

Alice

0 项奖励
回复

532 次查看
keepcoding
Contributor I

Ok, but how do I write all data at once? The amount of data I want to write is larger than the available SRAM on the chip, so where should I put the data before "writing it to flash at once"?

0 项奖励
回复

485 次查看
Alice_Yang
NXP TechSupport
NXP TechSupport

Hello @keepcoding 

Thanks for your reply.

I also checked our SDK demo, yes  this is the limitation. 

Check that the whole encrypted subregions will be writen at once. If not , will return Error.

Alice_Yang_0-1753436051456.png

 

BR

Alice

 

0 项奖励
回复

398 次查看
keepcoding
Contributor I

I did a quick test by using the normal erase and write functions to fill the encrypted region (write data chunk by chunk). This appears to be working just fine.

So now I'm wondering, why does the documentation state that it needs to be written at once?  Is there something I don't see? Could you please shed some more light on this?

0 项奖励
回复

393 次查看
Alice_Yang
NXP TechSupport
NXP TechSupport

Hello @keepcoding 

Please have a look at the below thread:

https://community.nxp.com/t5/LPC-Microcontrollers-Knowledge/LPC55-Avoid-Crypto-Enabling-Discontinuou... 

"According to UM11126(49.16.1 Functional details), each crypto region has its own SKEY and IV code. SKEY and IV are used together by the PRINCE when encrypting or decrypting the data in the sub-regions of crypto region.

For Instance, For PRINCE region1, each time after we execute erasing operation, new Skey1 and IV1 are generated, thus when executing erase/read/write operation to another sub-region, the old IV1 and new IV1 don’t match, which causes PRINCE can’t decrypt correctly."

 

BR

Alice

0 项奖励
回复