• State Verified Answer
  • Replies 8 replies
  • Subscribers 74 subscribers
  • Views 2135 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 241046
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

NRF52840 Cryptocell register setting reading problem

Barry

I am trying to set the Lifecycle state of the cryptocell, but it seems like I am having an issue.

I do 


/** Enable crypto cell to configure it **/
NRF_CRYPTOCELL->ENABLE = CRYPTOCELL_ENABLE_ENABLE_Enabled << CRYPTOCELL_ENABLE_ENABLE_Pos;

/** Config cryptocell resgister so Device root key can only be set once per reset*/
NRF_CC_HOST_RGF->HOST_IOT_LCS = CC_HOST_RGF_HOST_IOT_LCS_LCS_Secure << CC_HOST_RGF_HOST_IOT_LCS_LCS_Pos;

/** Disable crypto cell until next use**/
NRF_CRYPTOCELL->ENABLE = CRYPTOCELL_ENABLE_ENABLE_Disabled << CRYPTOCELL_ENABLE_ENABLE_Pos;

But then later when I enable the cryptocell again and read the value of HOST_IOT_LCS,

LCS is 2 (like I expected) but LCS_IS_VALID is 0 which means invalid.

Any ideas?

I am using zephyr and I am doing this configuration post kernel with a priority after CONFIG_KERNEL_INIT_PRIORITY_DEFAULT. So the cryptocell is already being initialized by hw_cc310_init in file hw_cc310.c

  • +1 in reply to Barry

    Hi,

    I am not sure about the debugger issues here, nor am I able to find a link between ACL and this. But, there seems to be a requirement here which may be related to what you see.

    Testing your code from the original question the HOST_IOT_LCS register will not be set, even if waiting a long time to read it out (it will be 0x00000002). But, adding a delay between writing to ENABLE and HOST_IOT_LCS and before reading it back this works as expected, and HOST_IOT_LCS is read back as 0x00000102.

        /** Enable crypto cell to configure it **/
    NRF_CRYPTOCELL->ENABLE = CRYPTOCELL_ENABLE_ENABLE_Enabled << CRYPTOCELL_ENABLE_ENABLE_Pos;

    nrf_delay_us(1);

    /** Config cryptocell resgister so Device root key can only be set once per reset*/
    NRF_CC_HOST_RGF->HOST_IOT_LCS = CC_HOST_RGF_HOST_IOT_LCS_LCS_Secure << CC_HOST_RGF_HOST_IOT_LCS_LCS_Pos;

    nrf_delay_us(1);

    NRF_LOG_INFO("HOST_IOT_LCS: 0x%08x", NRF_CC_HOST_RGF->HOST_IOT_LCS);

  • 0 in reply to Einar Thorsrud

    Thanks. This did work. I appreciate the help. Although obviously you guys need more documentation around the cryptocell. 

  • 0 in reply to Barry

    Hi,

    Yes, the documentation for CrytoCell is a bit lacking. This has been reported, so hopefully, it will improve in the future.

    I have a few more details to share.

    1. CryptoCell must alway be enabled before writing to any of the other registers. This is not explicitly stated in the PS.
    2. The simple delay approach I used to show that there is a timing dependency is not the best (it might give you a race condition of timing changed due to temperature or something else). Instead, you could try to read back the registers until it has the expected value. (E.g. use "while (NRF_CC_HOST_RGF->HOST_IOT_LCS != 0x102) {}" after writing to HOST_IOT_LCS).
Related
Terms of service