• State Not Answered
  • Replies 5 replies
  • Subscribers 75 subscribers
  • Views 874 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 295126
Options

Crypto fronted doesn't work with Softdevice in SDK17

Viktor Venczel

Dear Devzone!

I am trying to add AES-128 decryption support for secure DFU with cc310_bl backend. However when I call nrf_crypto_aes_update it never returns. Examining the call stack it is waiting in SaSi_HalWaitInterrupt function forever. Looking at the code I assume the CRYPTOCELL_IRQHandler is never called. The same code works with SDK 15.3.0 though. 

I tried the nrf_crypto/aes/aes_cbc_with_padding example code, it works well, but if I add the same code to the secure_bootloader project I am able to reproduce the issue.

Could be the softdevice does not forward this interrupt to the application? 

Parents
  • 0

    Hi,

    The cc310_bl backend is a minimal backend for use in the bootloader. This backend only implements support for the algorithms used by the bootloader (secp224r1/secp256r1 ECC and SHA-256 hash) to keep the flash footprint of the bootloader as small as possible. If you want to use AES through the CC310 Cryptocell you need to replace the cc310_bl backend with the standard cc310 backend in the bootloader. Note that the full CC310 backend will consume significantly more flash, so you might want to consider using AES through one of the SW backends if this will only be used for DFU. SW backends will use more time, resulting in a bit higher current consumption, but this is something you need to consider/decide based on your application requirements.

    Best regards,
    Jørgen

  • 0 in reply to Jørgen Holmefjord

    Thank you for your fast reply!

    Indeed, replacing all the files cc310_bl_* to cc310_* and replacing the  libnrf_cc310_bl_0.9.13.a library to libnrf_cc310_0.9.13.a solved the problem!
    The strange thing is that if the bl version of the library didn't contain the functions for AES-128, I wouldn't  be able to compile the code as linker script could not find the functions. In fact I replaced the SDK to version 15, and the same code works with it even though I use the bl version of the library.

Reply
  • 0 in reply to Jørgen Holmefjord

    Thank you for your fast reply!

    Indeed, replacing all the files cc310_bl_* to cc310_* and replacing the  libnrf_cc310_bl_0.9.13.a library to libnrf_cc310_0.9.13.a solved the problem!
    The strange thing is that if the bl version of the library didn't contain the functions for AES-128, I wouldn't  be able to compile the code as linker script could not find the functions. In fact I replaced the SDK to version 15, and the same code works with it even though I use the bl version of the library.

Children
No Data
Related
Terms of service