Failure to Catalog Keys and utilize Crypto functions like AES

kraghav

HI There,

I have installed the HSE Firmware as per the guide and it seems to show installed status. Also confirmed by the value at UTEST. After installing I have my Crypto driver code trying to catalog the AES Keys to be used for Encryption and Decryption but it fails to Catalog or load any keys. Looking for help on missing steps.

lukaszadrapa

Hi @kraghav

First of all, could you confirm if bit 0 in HSE GPR register at 0x4039_C028 is set?

Then, is HSE_STATUS_INIT_OK (bit 24) in FSR register in MU_0 set?

What is the state of GSR register in MU_0?

And how it fails? What kind of error code did you get? If you step inside those functions, can you see which error HSE returned exactly?

And finally - which device, which HSE firmware version and which RTD version you have?

Regards,

Lukas

kraghav

Hi Lukas,

Thanks for the quick response.

Below are the details requested:

I am using S32K344 MCU

HSE GPR register : (*(volatile uint32_t*)0x4039C028)
Decimal:129
Hex:0x81
Binary:10000001
Octal:0201

s32k3x4_hse_fw_1.5.0_2.55.0_pb250130.bin.pink

msh />hse_dump_fw_version

=== HSE Init Start ===
MU Instance: 0
HSE FW status (before init): 0x00000960
- INIT_OK: YES
- RNG_OK: YES
Calling Hse_Ip_Init...
Hse_Ip_Init returned: 0 (0=success)
HSE FW status (after init): 0x00000960
Failed to get HSE capabilities (resp: 0xAA55A11E)
=== HSE Init SUCCESS ===

07-19 18:33:24 I/drv.hse: HSE0 initialized (FW status: 0x00000960)

=== HSE Init Start ===
MU Instance: 0
Already initialized
07-19 18:33:24 I/drv.hse: HSE key catalogs formatted successfully
07-19 18:33:24 I/hse.app: Key catalog formatted successfully
07-19 18:33:24 I/hse.app: HSE crypto context initialized
07-19 18:33:24 I/hse.test: Querying HSE FW version...
07-19 18:33:24 W/drv.hse: Get attr (id=0x0001) returned: 0xAA55A21C
07-19 18:33:24 W/hse.test: GET_ATTR(HSE_FW_VERSION_ATTR_ID) failed (ret=-1)
07-19 18:33:24 W/hse.test: Driver last HSE response: 0xAA55A21C
07-19 18:33:24 I/hse.app: HSE crypto context deinitialized

msh />hse_dump_mu_regs07-19 18:33:38 E/ser.pm: VBUS reset: 500ms

=== HSE Init Start ===
MU Instance: 0
Already initialized
07-19 18:33:38 I/drv.hse: Key catalogs already formatted; skipping format call
07-19 18:33:38 I/hse.app: Key catalog formatted successfully
07-19 18:33:38 I/hse.app: HSE crypto context initialized
07-19 18:33:38 I/hse.test: MU Registers snapshot:
07-19 18:33:38 I/hse.test: VER = 0x0300000F
07-19 18:33:38 I/hse.test: PAR = 0x20200404
07-19 18:33:38 I/hse.test: CR = 0x00000000
07-19 18:33:38 I/hse.test: SR = 0x00000000
07-19 18:33:38 I/hse.test: FSR = 0x09600000
07-19 18:33:38 I/hse.test: GCR = 0x00000000
07-19 18:33:39 I/hse.test: GSR = 0x00000000
07-19 18:33:39 I/hse.test: TCR = 0x00000000 TSR = 0x0000000F
07-19 18:33:39 I/hse.test: RCR = 0x00000000 RSR = 0x00000000
07-19 18:33:39 I/hse.test: TR[0] = 0x00000000
07-19 18:33:39 I/hse.test: TR[1] = 0x00000000
07-19 18:33:39 I/hse.test: TR[2] = 0x00000000
07-19 18:33:39 I/hse.test: TR[3] = 0x00000000
07-19 18:33:39 I/hse.test: RR[0] = 0x00000000
07-19 18:33:39 I/hse.test: RR[1] = 0xAA55A21C
07-19 18:33:39 I/hse.test: RR[2] = 0x00000000
07-19 18:33:39 I/hse.test: RR[3] = 0x00000000
07-19 18:33:39 I/hse.app: HSE crypto context deinitialized

MU Instance: 0
Already initialized
07-19 08:02:19 I/drv.hse: Key catalogs already formatted; skipping format call
07-19 08:02:19 I/hse.app: Key catalog formatted successfully
07-19 08:02:19 I/hse.app: HSE crypto context initialized
07-19 08:02:19 I/hse.test: GET_ATTR id=1 (len=8)
07-19 08:02:19 I/hse.test: FW Ver -> socType=1 fwType=0 major=0 minor=0 patch=0
07-19 08:02:19 I/hse.test: GET_ATTR id=2 (len=8)
07-19 08:02:19 I/hse.test: Capabilities bitmap: 0x%lX
07-19 08:02:19 I/hse.test: GET_ATTR id=3 (len=20)
07-19 08:02:19 I/hse.test: SMR status[0]=0xFDFFBDB7 status[1]=0x00000001 coreBoot[0]=0x00000000 coreBoot[1]=0x000000
07-19 08:02:19 I/hse.test: GET_ATTR id=20 (len=32)
07-19 08:02:19 I/hse.app: HSE crypto context deinitialized

Hope the given details help. I have attached the logs with some additional details. Do let me know in case I missed something or is required from my end.

kraghav

I followed the instructions to install HSE Firmware and presumed it should start working. But I believe there was a conflict with the Bootloader for my target platform that is configured at the same start address space that overwrote the Firmware. As per some of the documentation I read that the Firmware is injected by the HSE after a couple of boot cycles.

lukaszadrapa

Hi @kraghav

When HSE firmware is installed, certain flash areas are exclusively reserved for HSE as shown in section "32.3.1 Memory map" in S32K3 reference manual. These areas are removed from memory map and user can't touch them or see them anymore. It's up to users to adjust linker files, so no code or data are placed in these areas.

According to your log, HSE firmware is installed and running. Common reason for such errors is that data objects used for communication with HSE are placed in cacheable memory which is not allowed. HSE can't see such data. Make sure that all those data objects are forced to non-cacheable memory or try to disable data cache in your project completely.

If this doesn't help, I would need more details about those commands which returned the errors.

Regards,

Lukas