SAM L11 Cryptographic Accelerator (CRYA)

Cryptographic Accelerator (CRYA) Overview

SAM L11 embeds a hardware CRYA with associated software functions stored in Boot ROM, which provides the hardware acceleration for the following:

  • Advanced Encryption Standard (AES): Federal Information Processing Standard (FIPS) Publication 197, Advanced Encryption Standard.
    • Encryption with a 128-bit cryptographic key.
    • Decryption with a 128-bit cryptographic key.
  • Secure Hash Standard (SHA): FIPS Publication 180-4, The Secure Hash Standard.
    • Accelerates message schedule and inner compression loop.
  • Galois/Counter Mode (GCM): National Institute of Standards and Technology (NIST) Special Publication 800-38D Recommendation.
    • Accelerates the Galois Field (GF) (2128) multiplication for AES-GCM hash function.

CRYA Application Programming Interfaces (APIs)

The CRYA APIs which are located in a dedicated Boot ROM area are only accessible from the user application after the Boot ROM has completed. This area is an execute-only area, meaning the CPU cannot do any loads but can call the APIs. The Boot ROM memory space is a secure area, meaning only the secure application can directly call these APIs.

saml10-crypto-accelerator_1.png

All 8-bit pointers from CRYA API functions must be 32-bit aligned.

AES API

The AES software has two function routines to do encryption and decryption on a 128-bit block of input data. The AES encryption function entry point is located at the Boot ROM address 0x02001904 and the encryption function parameters are:

  • Src[in]: a pointer to a 128-bit data block to be encrypted.
  • Dst[out]: a pointer to 128-bit encrypted data.
  • Keys[in]: a pointer to a 128-bit key.
  • Length[in]: number of 32-bit words comprising the key, four for 128-bits key.


The AES decryption function entry point is located at the Boot ROM address 0x02001908 and the decryption function parameters are:

  • Src[in]: a pointer to a 128-bit data block to be decrypted.
  • Dst[out]: a pointer to 128-bit decrypted data.
  • Keys[in]: a pointer to a 128-bit key.
  • Length[in]: number of 32-bit words comprising the key, four for 128-bits key.


The APIs are:

SHA API and Example of a Function

The SHA software function can update the hash value based on the 512-bit data. It is assumed that the message is already preprocessed properly for the SHA algorithm so that the SHA software can work directly on 512-bit portions.

The SHA function entry point is located at the Boot ROM address 0x02001900 and has three parameters:

  • [In/out]: a pointer to a hash location (hash input and output).
  • [In]: a pointer to a 512-bit data block.
  • [In]: a pointer to a RAM buffer (256B is needed for the internal algorithm.) The updated hash value is put as the first parameter after the function exit.


The API is:

GCM API

The GCM function entry point is located at the Boot ROM address 0x0200190C and the function parameters are:

  • Block1[in]: a pointer to 128-bit data blocks that are to be multiplied.
  • Block2[in]: a pointer to 128-bit data blocks that are to be multiplied.
  • Dst[out]: a pointer to a location for storing the result.


The API is:

To get more information on how to implement GCM, refer to the SAM L11 Security Reference Guide Application Note

© 2019 Microchip Technology, Inc.
Notice: ARM and Cortex are the registered trademarks of ARM Limited in the EU and other countries.
Information contained on this site regarding device applications and the like is provided only for your convenience and may be superseded by updates. It is your responsibility to ensure that your application meets with your specifications. MICROCHIP MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHETHER EXPRESS OR IMPLIED, WRITTEN OR ORAL, STATUTORY OR OTHERWISE, RELATED TO THE INFORMATION, INCLUDING BUT NOT LIMITED TO ITS CONDITION, QUALITY, PERFORMANCE, MERCHANTABILITY OR FITNESS FOR PURPOSE. Microchip disclaims all liability arising from this information and its use. Use of Microchip devices in life support and/or safety applications is entirely at the buyer's risk, and the buyer agrees to defend, indemnify and hold harmless Microchip from any and all damages, claims, suits, or expenses resulting from such use. No licenses are conveyed, implicitly or otherwise, under any Microchip intellectual property rights.