Functions#

This section provides a reference to the PUF Crypto API functions.

Functions#

sl_status_t

Starts PUF process.

sl_status_t
sl_si91x_puf_set_key_req(uint8_t key_index, uint8_t key_size, const uint8_t *key_ptr, uint8_t *key_code_ptr)

Sets key for the PUF.

sl_status_t

Blocks further set key operation on PUF.

sl_status_t
sl_si91x_puf_get_key_req(uint8_t *key_code_ptr, uint8_t *key_ptr)

Performs a get key operation with the provided key code.

sl_status_t

Disables further key retrieval operations on PUF.

sl_status_t
sl_si91x_puf_load_key_req(uint8_t *key_code_ptr)

Loads key code using PUF to AES engine.

sl_status_t
sl_si91x_puf_set_intr_key_req(uint8_t key_index, uint8_t key_size, uint8_t *intr_key_resp)

Sets intrinsic key operation.

sl_status_t
sl_si91x_puf_aes_encrypt_req(uint8_t mode, uint8_t key_source, uint16_t key_size, const uint8_t *key_ptr, uint16_t data_size, uint8_t *data_ptr, uint16_t iv_size, uint8_t *iv_ptr, uint8_t *aes_encry_resp)

Encrypts data using the provided initialization vector and key, depending on the mode.

sl_status_t
sl_si91x_puf_aes_decrypt_req(uint8_t mode, uint8_t key_source, uint16_t key_size, const uint8_t *key_ptr, uint16_t data_size, uint8_t *data_ptr, uint16_t iv_size, uint8_t *iv_ptr, uint8_t *aes_decry_resp)

Decrypts data using the provided initialization vector and key, depending on the mode.

sl_status_t
sl_si91x_puf_aes_mac_req(uint8_t key_source, uint16_t key_size, const uint8_t *key_ptr, uint16_t data_size, uint8_t *data_ptr, uint16_t iv_size, uint8_t *iv_ptr, uint8_t *aes_mac_resp)

Calculates Message Authentication Check (MAC) for given data using AES-CBC mode.

Function Documentation#

sl_si91x_puf_start_req#

sl_status_t sl_si91x_puf_start_req (void )

Starts PUF process.

Parameters
N/A

Device should contain a valid activation code (AC) in Flash. The activation code and the startup data are used to reconstruct the digital fingerprint. The activation code is generated by the manufacturer and flashed into the device. To generate and flash the activation code using Simplicity Commander, follow these steps:

  1. Connect the device to the host using a USB cable.

  2. Open terminal and enter the following command:

    commander manufacturing init --mbr ta_mbr_{OPN}.bin
    

Returns

Note

  • This function needs to be called after every power-up and reset.


Definition at line 107 of file components/device/silabs/si91x/wireless/crypto/puf/inc/sl_si91x_puf.h

sl_si91x_puf_set_key_req#

sl_status_t sl_si91x_puf_set_key_req (uint8_t key_index, uint8_t key_size, const uint8_t * key_ptr, uint8_t * key_code_ptr)

Sets key for the PUF.

Parameters
[in]key_index

Key index ( valid range is 0 - 15 )

[in]key_size

Key size of type sl_si91x_puf_key_size_t

[in]key_ptr

Pointer to key of size 16 or 32 bytes based on the key size

[out]key_code_ptr

Pointer to key code with size of 52 bytes.

The digital fingerprint generated during the PUF start operations and a User Key (UK) provided by the client design are used to generate a Key Code (KC).

Returns

Note

  • This operation needs to be done only once for each user key.


Definition at line 127 of file components/device/silabs/si91x/wireless/crypto/puf/inc/sl_si91x_puf.h

sl_si91x_puf_set_key_disable_req#

sl_status_t sl_si91x_puf_set_key_disable_req (void )

Blocks further set key operation on PUF.

Parameters
N/A

Returns


Definition at line 138 of file components/device/silabs/si91x/wireless/crypto/puf/inc/sl_si91x_puf.h

sl_si91x_puf_get_key_req#

sl_status_t sl_si91x_puf_get_key_req (uint8_t * key_code_ptr, uint8_t * key_ptr)

Performs a get key operation with the provided key code.

Parameters
[in]key_code_ptr

Pointer to the Key Code with size of 52 bytes.

[out]key_ptr

Pointer to stored key response. The size of the response can be 16 or 32 bytes based on the key size.

The digital fingerprint generated during the start operation and the KC generated during a set key operation sl_si91x_puf_set_key_req, is used to retrieve a stored key.

  • Pre-conditions: To retrieve the key_ptr (UK), user must set the key_index in sl_si91x_puf_set_key_req to a value between 1 and 15 (inclusive).

Returns

Note

  • This operation needs to be done every time a key is needed.


Definition at line 159 of file components/device/silabs/si91x/wireless/crypto/puf/inc/sl_si91x_puf.h

sl_si91x_puf_get_key_disable_req#

sl_status_t sl_si91x_puf_get_key_disable_req (void )

Disables further key retrieval operations on PUF.

Parameters
N/A

Returns


Definition at line 167 of file components/device/silabs/si91x/wireless/crypto/puf/inc/sl_si91x_puf.h

sl_si91x_puf_load_key_req#

sl_status_t sl_si91x_puf_load_key_req (uint8_t * key_code_ptr)

Loads key code using PUF to AES engine.

Parameters
[in]key_code_ptr

Pointer to the key code with size of 52 bytes.

This is same as get key operation, but after retrieving key using sl_si91x_puf_set_key_req, it loads into AES engine.

  • Pre-conditions: The user must set the key_index in sl_si91x_puf_set_key_req to 0, indicating that only the Master Key can be loaded into the AES engine.

Returns

Note

  • This operation needs to be done for different keys to be loaded into AES engine.


Definition at line 187 of file components/device/silabs/si91x/wireless/crypto/puf/inc/sl_si91x_puf.h

sl_si91x_puf_set_intr_key_req#

sl_status_t sl_si91x_puf_set_intr_key_req (uint8_t key_index, uint8_t key_size, uint8_t * intr_key_resp)

Sets intrinsic key operation.

Parameters
[in]key_index

Key index ( valid range is 0 - 15 )

[in]key_size

Key size of type sl_si91x_puf_key_size_t

[out]intr_key_resp

Pointer to response

The digital fingerprint generated during the Enroll/Start operations sl_si91x_puf_start_req is used to generate a key code (KC) that defines a unique intrinsic key. This operation needs to be done only once for each intrinsic key. Each time a Set Intrinsic Key operation is executed a new unique key is generated.

Returns

Note

  • Intrinsic keys are randomly generated. They cannot be used for cryptographic algorithms that require specific keys, which is typical for public key schemes like RSA. In such cases, user keys should be used.


Definition at line 206 of file components/device/silabs/si91x/wireless/crypto/puf/inc/sl_si91x_puf.h

sl_si91x_puf_aes_encrypt_req#

sl_status_t sl_si91x_puf_aes_encrypt_req (uint8_t mode, uint8_t key_source, uint16_t key_size, const uint8_t * key_ptr, uint16_t data_size, uint8_t * data_ptr, uint16_t iv_size, uint8_t * iv_ptr, uint8_t * aes_encry_resp)

Encrypts data using the provided initialization vector and key, depending on the mode.

Parameters
[in]mode

AES mode of type sl_si91x_puf_aes_mode_t

[in]key_source

Key source of type sl_si91x_puf_key_source_t

[in]key_size

Key size of type sl_si91x_puf_key_size_t

[in]key_ptr

Pointer to key of size 16 or 32 bytes based on key size.(valid only if key_source is sl_si91x_puf_key_source_t::SL_SI91X_AES_AS_KEY_SOURCE)

[in]data_size

Size of data in bytes (value that should be multiples of AES block size in range 16 - 1408)

[in]data_ptr

Pointer to Data

[in]iv_size

IV size of type sl_si91x_puf_iv_size_t

[in]iv_ptr

Pointer to Initialization Vector(IV) of size 16 or 32 bytes based on IV size. (valid only if mode is sl_si91x_puf_aes_mode_t::SL_SI91X_AES_CBC_MODE)

[out]aes_encry_resp

Pointer to response

This operation generates encrypted data for the provided plain input data based on AES mode, key input and initialization vector.

Returns


Definition at line 227 of file components/device/silabs/si91x/wireless/crypto/puf/inc/sl_si91x_puf.h

sl_si91x_puf_aes_decrypt_req#

sl_status_t sl_si91x_puf_aes_decrypt_req (uint8_t mode, uint8_t key_source, uint16_t key_size, const uint8_t * key_ptr, uint16_t data_size, uint8_t * data_ptr, uint16_t iv_size, uint8_t * iv_ptr, uint8_t * aes_decry_resp)

Decrypts data using the provided initialization vector and key, depending on the mode.

Parameters
[in]mode

AES mode of type sl_si91x_puf_aes_mode_t

[in]key_source

Key source of type sl_si91x_puf_key_source_t

[in]key_size

Key size of type sl_si91x_puf_key_size_t

[in]key_ptr

Pointer to key of size 16 or 32 bytes based on key size.(valid only if key_source is sl_si91x_puf_key_source_t::SL_SI91X_AES_AS_KEY_SOURCE)

[in]data_size

Size of data in bytes (value that should be multiples of AES block size in range 16 - 1408)

[in]data_ptr

Pointer to Data

[in]iv_size

IV size of type sl_si91x_puf_iv_size_t

[in]iv_ptr

Pointer to Initialization Vector(IV) of size 16 or 32 bytes based on IV size.

[out]aes_decry_resp

Pointer to response

This operation generates decrypted data for the provided encrypted data based on AES mode, key input and initialization vector.

Returns


Definition at line 256 of file components/device/silabs/si91x/wireless/crypto/puf/inc/sl_si91x_puf.h

sl_si91x_puf_aes_mac_req#

sl_status_t sl_si91x_puf_aes_mac_req (uint8_t key_source, uint16_t key_size, const uint8_t * key_ptr, uint16_t data_size, uint8_t * data_ptr, uint16_t iv_size, uint8_t * iv_ptr, uint8_t * aes_mac_resp)

Calculates Message Authentication Check (MAC) for given data using AES-CBC mode.

Parameters
[in]key_source

Key source of type sl_si91x_puf_key_source_t

[in]key_size

Key size of type sl_si91x_puf_key_size_t

[in]key_ptr

Pointer to key of size 16 or 32 bytes based on key size. (valid only if key_source is sl_si91x_puf_key_source_t::SL_SI91X_AES_AS_KEY_SOURCE)

[in]data_size

Size of data in bytes (value that should be multiples of AES block size in range 16 - 1408)

[in]data_ptr

Pointer to Data

[in]iv_size

IV size of type sl_si91x_puf_iv_size_t

[in]iv_ptr

Pointer to IV of size 16 or 32 bytes based on IV size.

[out]aes_mac_resp

Pointer to response

This operation generates Message Authentication Check (MAC) for the provided plain input data based on key input and initialization vector (IV). This operation is only used in AES-CBC mode.

Returns


Definition at line 285 of file components/device/silabs/si91x/wireless/crypto/puf/inc/sl_si91x_puf.h