Appendix#
Reading Manufacturing Parameters#
The following command is used to read the manufacturing parameters from a file.
Command:
commander manufacturing read <tambr|efuse|efusecopy> --out <filename.bin|filename.json> -d <full opn> serialinterface -skipinitRead | Region | Region to read the data from |
|---|---|---|
Read <region> | tambr | Read the NWP flash MBR data available for memory region |
| --out <filename> | Filename to store the read data in. "*.bin" |
| efuse | Read the OTP data |
| efusecopy | Read the efusecopy data in flash |
Programming eFuse Command#
In the case of eFuse/OTP data, Commander will first check that the requested update is possible (since bits can only be set to 1 and never cleared). Then it will ask for confirmation from the user. It is possible to skip the confirmation via the --noprompt option although note that this is a one-time operation.
It is possible to check the results of the operation before physically going ahead with the one-time programming by using the --dryrun option.
This command is used to write efuse data into flash.
Syntax:
commander manufacturing write efuse --data file.json -d <full opn> [--skipload] [--noprompt] [–dryrun] --serialinterface --skipinitSample Boot Configurations#
Make the boot configurations as required. For example:
Boot configurations in MBR:
{
"efuse_data": {
"safe_upgrade_frm_host": 1,
"ta_secure_boot_enable": 1
}
}Boot configurations in eFuse:
"bootloader_config": {
"ta_secure_boot_enable": 1,
"safe_upgrade_frm_host": 1,
},Save the above as JSON file.
Sample eFuse Only Configurations#
{
"bootloader_config": {
"safe_upgrade_frm_host": 0,
"ta_anti_roll_back": 0,
"ta_digital_signature_validation": 0,
"ta_secure_boot_enable": 0
},
"otp_lock_1": {
"debug_port_opened": 0,
"section_lock_128_255": 0
},
"otp_lock_2": {
"section_lock_256_767": 0
},
"otp_lock_3": {
"section_lock_768_1023": 0
},
"ta_config": {
"enable_autobaud_detection": 0,
"ta_encrypt_firmware": 0
},
"wireless_chip_modes": {
"disable_ta_jtag": 0,
"ta_otp_lock_r1": 0,
"ta_otp_lock_r2": 0,
"ta_otp_lock_r3": 0,
"ta_otp_lock_r4": 0
}
}MIC Protected Content Length Map#
Bit Value | Length in KB |
|---|---|
0 | 1 |
1 | 2 |
2 | 4 |
3 | 6 |
4 | 8 |
5 | 10 |
6 | 12 |
7 | 16 |
8 | 20 |
9 | 24 |
10 | 28 |
11 | 32 |
12 | 40 |
13 | 48 |
14 | 56 |
15 | 64 |
OTP Write Lock Process#
SiWx917 has OTP (eFuse) memory of 1024 bytes. This memory is divided into 4 sections with control to enable write locks for each of these sections. This section explains the details of how the write locks for OTP are implemented.
| OTP Lock Configuration Field | Region | Lock Memory Range |
|---|---|---|
ta_otp_lock_r1 |
R1 | 0–127 |
"otp_lock_1": {
"debug_port_opened": 0,
"section_lock_128_255": 0
}
|
R2 | 128–255 |
"otp_lock_2": {
"section_lock_256_767": 0
}
|
R3 | 256–767 |
"otp_lock_3": {
"section_lock_768_1023": 0
}
|
R4 | 768–1024 |
Security Key Management and Protection#
Inject custom public and private keys, along with other secret keys, onto the chips during manufacturing to safeguard your products from the very beginning of their lifecycle. The Bootloader uses public and private key-based digital signatures to recognize authentic software. The Security Bootloader also provides the capability for inline execution (XIP) of encrypted firmware directly from Flash.
If this feature is enabled, the Physically Unclonable Function (PUF) engine will be activated. PUF Keys are generated internally by the PUF and stored in flash. These keys are used to encrypt and decrypt images, ensuring that only authorized firmware can run on the device. The PUF Intrinsic Keys are unique to each device and are generated randomly, making them highly secure.
Key | Description |
|---|---|
Master Key | This key is used for MIC calculation and wrapping/unwrapping of NWP keys. Keys encrypted using Master Key is done using AES ECB Mode. MIC is calculated using AES CBC mode. |
NWP FW key 1, NWP FW key 2 | These two keys are used for encryption and inline decryption of NWP firmware in CTR or XTS mode based on configuration from security configurations |
Keys generated using the commander are as follows.
Key | Description |
|---|---|
OTP Symmetric Key | Used for flash content's (MIC) verification - AES CBC is used for calculation of the MIC value. |
OTP Public Key | Used for flash content's (digital signature) verification - ECDSA-P256. This key is used to verify the signature of MBR. |
NWP Public Key | Used for NWP firmware signature verification - ECDSA-P256 |
NWP OTA Key | Used for NWP firmware image encryption and MIC calculation of NWP Firmware. Mode of operation is AES CBC. |
For information on how to generate the keys at commander, refer to Generate Keys from Commander. For PUF activation, refer to Activation Code Generation, and to generate intrinsic keys and load the keys (both the intrinsic keys and keys generated at commander), refer to Intrinsic Key Generation and Loading Keys.
The table below shows the Key type, Key length, and Storage type.
| S.No | Key | Key Length | Algorithm | Operation | Modes | Stored in OTP | Stored in Flash |
|---|---|---|---|---|---|---|---|
| 1 | OTP Symmetric Key | 16 bytes | AES | MIC Calculation | AES CBC | ✓ | |
| 2 | OTP Public Key | 91 bytes – NIST Curve P-256 | ECDSA | Sign verification | – | ✓ | |
| 3 | NWP Public Key | 96 bytes – NIST Curve P-256 | ECDSA | Sign verification | – | ✓ | |
| 4 | NWP OTA Key | 32 bytes | AES |
Encryption MIC Calculation |
Encryption: AES CBC MIC Calculation: AES CBC |
✓ | |
| 8 | Master Key | 52-byte key code used to initialize key in Key Holder | AES |
Encryption MIC Calculation |
Encryption: AES ECB MIC Calculation: AES CBC |
✓ | |
| 10 | NWP FW Key (2 keys) | 52-byte key code used to initialize key in Key Holder | AES | Encryption | AES CTR, AES XTS | ✓ |
Note: The NWP Public key actual key size is 91 bytes, remaining 5 padding bytes added to make key size multiple of 16 for AES encryption.