Crypto fronted doesn't work with Softdevice in SDK17

Hi,

The cc310_bl backend is a minimal backend for use in the bootloader. This backend only implements support for the algorithms used by the bootloader (secp224r1/secp256r1 ECC and SHA-256 hash) to keep the flash footprint of the bootloader as small as possible. If you want to use AES through the CC310 Cryptocell you need to replace the cc310_bl backend with the standard cc310 backend in the bootloader. Note that the full CC310 backend will consume significantly more flash, so you might want to consider using AES through one of the SW backends if this will only be used for DFU. SW backends will use more time, resulting in a bit higher current consumption, but this is something you need to consider/decide based on your application requirements.

Best regards,
Jørgen

Hi,

The cc310_bl backend is a minimal backend for use in the bootloader. This backend only implements support for the algorithms used by the bootloader (secp224r1/secp256r1 ECC and SHA-256 hash) to keep the flash footprint of the bootloader as small as possible. If you want to use AES through the CC310 Cryptocell you need to replace the cc310_bl backend with the standard cc310 backend in the bootloader. Note that the full CC310 backend will consume significantly more flash, so you might want to consider using AES through one of the SW backends if this will only be used for DFU. SW backends will use more time, resulting in a bit higher current consumption, but this is something you need to consider/decide based on your application requirements.

Best regards,
Jørgen

Thank you for your fast reply!

Indeed, replacing all the files cc310_bl_* to cc310_* and replacing the  libnrf_cc310_bl_0.9.13.a library to libnrf_cc310_0.9.13.a solved the problem!
The strange thing is that if the bl version of the library didn't contain the functions for AES-128, I wouldn't  be able to compile the code as linker script could not find the functions. In fact I replaced the SDK to version 15, and the same code works with it even though I use the bl version of the library.

I'm not sure about the internals in the CC310 runtime libraries, but since there are no configs for enabling AES in cc310_bl backend, Did you enable the config for the standard cc310 backend and included the nrf_crypto source files for AES? I see there are some include files related to AES in the cc310_bl include directory, but the runtime library may not include implementation of other algorithms than the ones used by the bootloader.

Yes, I included all the necessary C files and enabled cc310 backend in sdk_config.h.

Hi,

I know it is an old thread, but I have encountered this exact same issue. On SDK 15.2.0 AES-128 worked just fine when using cc310_bl backend. After migrating to SDK 17.1.0 it freezes on SaSi_HalWaitInterrupt.

I managed to solve it just by surrounding the aes function calls by cc310_bl_backend_enable/disable.

What bothers me though is why the libnrf_cc310_bl binary contains the aes code, but does not advertise it in the headers (I had to use "cc310_backend_aes.h")? Using the headers from cc310 backend is a hack that I don't feel comfortable with. But it works and I don't have to link against a much larger library.

Why are the AES functions not exposed through cc310_bl_backend_aes.c/h even though the library contains them?