Hardware Interfaces

Referring to the Comportable guideline for peripheral device functionality, the module keymgr has the following hardware interfaces defined

  • Primary Clock: clk_i
  • Other Clocks: clk_edn_i
  • Bus Device Interfaces (TL-UL): tl
  • Bus Host Interfaces (TL-UL): none
  • Peripheral Pins for Chip IO: none

Inter-Module Signals

Port NamePackage::StructTypeActWidthDescription
ednedn_pkg::ednreq_rspreq1
aes_keykeymgr_pkg::hw_key_requnireq1
kmac_keykeymgr_pkg::hw_key_requnireq1
otbn_keykeymgr_pkg::otbn_key_requnireq1
kmac_datakmac_pkg::appreq_rspreq1
otp_keyotp_ctrl_pkg::otp_keymgr_keyunircv1
otp_device_idotp_ctrl_pkg::otp_device_idunircv1
flashflash_ctrl_pkg::keymgr_flashunircv1
lc_keymgr_enlc_ctrl_pkg::lc_txunircv1
lc_keymgr_divlc_ctrl_pkg::lc_keymgr_divunircv1
rom_digestrom_ctrl_pkg::keymgr_dataunircv1
kmac_en_maskinglogicunircv1
tltlul_pkg::tlreq_rsprsp1

Interrupts

Interrupt NameTypeDescription
op_doneEventOperation complete

Security Alerts

Alert NameDescription
recov_operation_errAlert for key manager operation errors. These errors could have been caused by software
fatal_fault_errAlert for key manager faults. These errors cannot be caused by software

Security Countermeasures

Countermeasure IDDescription
KEYMGR.BUS.INTEGRITYEnd-to-end bus integrity scheme.
KEYMGR.CONFIG.SHADOWVarious critical registers are shadowed: including operation control, reseed interval, and key max version (creator, owner intermediate, owner).
KEYMGR.OP.CONFIG.REGWENVarious controls locked during the duration of an operation: including operation start, operation control, sideload clear, salt and key version.
KEYMGR.RESEED.CONFIG.REGWENReseed interval is software lockable.
KEYMGR.SW_BINDING.CONFIG.REGWENSoftware binding is lockable by software in each stage. When keymgr successfully advances, the lock is released to allow the next stage the freedom to program.
KEYMGR.MAX_KEY_VER.CONFIG.REGWENMax key version is software lockable.
KEYMGR.LC_CTRL.INTERSIG.MUBILife cycle control signal is multibit
KEYMGR.CONSTANTS.CONSISTENCYBasic consistency checks (all 0’s or all 1’s) for keymgr diversification constants
KEYMGR.INTERSIG.CONSISTENCYBasic consistency checks (all 0’s or all 1’s) for otp diversification inputs
KEYMGR.HW.KEY.SW_NOACCESSSideload keys are not directly accessible by software.
KEYMGR.OUTPUT_KEYS.CTRL.REDUNSoftware and sideload keys are redundantly controlled. Each generate operation creates a valid and a data enable (software and sideload specific). In order for a key to be populated into the software register, both the software valid and the software data enable must be asserted. The same is true for sideload. This makes it more difficult for an attack to fault a sideload key into the software key slot. An attacker would need to fault both the software valid and the software data enable. During a sideload operation, if an attacker manages to fault the valid but not the data enable, the software key is populated with random data. If an atacker manages to fault the data enable but not the valid, then the software key retains its previous value.
KEYMGR.CTRL.FSM.SPARSEMain control fsm is sparsely encoded.
KEYMGR.DATA.FSM.SPARSEControl data fsm (for redundant data control) is sparsely encoded.
KEYMGR.CTRL.FSM.LOCAL_ESCMain control fsm locally escalates based on any detected fault in keymgr. When a fault is detected (sync or async) the fsm transitions to invalid state to prevent further legal operations from executing.
KEYMGR.CTRL.FSM.CONSISTENCYMain and operational fsm transitions are consistent with software commands.
KEYMGR.CTRL.FSM.GLOBAL_ESCWhen the system globally escalates, the main control fsm also transitions to invalid state to prevent further legal operations from executing.
KEYMGR.CTRL.CTR.REDUNPrimary count is duplicated.
KEYMGR.KMAC_IF.FSM.SPARSEkmac interface fsm is sparsely encoded.
KEYMGR.KMAC_IF.CTR.REDUNPrimary count uses cross count.
KEYMGR.KMAC_IF_CMD.CTRL.CONSISTENCYOne hot check for kmac interface commands. Also, command enable (adv_en, id_en, gen_en) is checked for consistency throughout the operation.
KEYMGR.KMAC_IF_DONE.CTRL.CONSISTENCYSpurious kmac done check.
KEYMGR.RESEED.CTR.REDUNPrimary count is duplicated.
KEYMGR.SIDE_LOAD_SEL.CTRL.CONSISTENCYSideload key slot select is checked for consistency. When a key slot is valid when it should not be, an error is triggered. The reverse case is not checked, since an invalid key cannot be used anyways.
KEYMGR.SIDELOAD_CTRL.FSM.SPARSESideload control fsm is sparsely encoded.
KEYMGR.CTRL.KEY.INTEGRITYInternal secret key is protected with ECC.

Registers

Summary

NameOffsetLengthDescription
keymgr.INTR_STATE0x04Interrupt State Register
keymgr.INTR_ENABLE0x44Interrupt Enable Register
keymgr.INTR_TEST0x84Interrupt Test Register
keymgr.ALERT_TEST0xc4Alert Test Register
keymgr.CFG_REGWEN0x104Key manager configuration enable
keymgr.START0x144Key manager operation start
keymgr.CONTROL_SHADOWED0x184Key manager operation controls
keymgr.SIDELOAD_CLEAR0x1c4sideload key slots clear
keymgr.RESEED_INTERVAL_REGWEN0x204regwen for reseed interval
keymgr.RESEED_INTERVAL_SHADOWED0x244Reseed interval for key manager entropy reseed
keymgr.SW_BINDING_REGWEN0x284Register write enable for SOFTWARE_BINDING
keymgr.SEALING_SW_BINDING_00x2c4Software binding input to sealing portion of the key manager.
keymgr.SEALING_SW_BINDING_10x304Software binding input to sealing portion of the key manager.
keymgr.SEALING_SW_BINDING_20x344Software binding input to sealing portion of the key manager.
keymgr.SEALING_SW_BINDING_30x384Software binding input to sealing portion of the key manager.
keymgr.SEALING_SW_BINDING_40x3c4Software binding input to sealing portion of the key manager.
keymgr.SEALING_SW_BINDING_50x404Software binding input to sealing portion of the key manager.
keymgr.SEALING_SW_BINDING_60x444Software binding input to sealing portion of the key manager.
keymgr.SEALING_SW_BINDING_70x484Software binding input to sealing portion of the key manager.
keymgr.ATTEST_SW_BINDING_00x4c4Software binding input to the attestation portion of the key manager.
keymgr.ATTEST_SW_BINDING_10x504Software binding input to the attestation portion of the key manager.
keymgr.ATTEST_SW_BINDING_20x544Software binding input to the attestation portion of the key manager.
keymgr.ATTEST_SW_BINDING_30x584Software binding input to the attestation portion of the key manager.
keymgr.ATTEST_SW_BINDING_40x5c4Software binding input to the attestation portion of the key manager.
keymgr.ATTEST_SW_BINDING_50x604Software binding input to the attestation portion of the key manager.
keymgr.ATTEST_SW_BINDING_60x644Software binding input to the attestation portion of the key manager.
keymgr.ATTEST_SW_BINDING_70x684Software binding input to the attestation portion of the key manager.
keymgr.Salt_00x6c4Salt value used as part of output generation
keymgr.Salt_10x704Salt value used as part of output generation
keymgr.Salt_20x744Salt value used as part of output generation
keymgr.Salt_30x784Salt value used as part of output generation
keymgr.Salt_40x7c4Salt value used as part of output generation
keymgr.Salt_50x804Salt value used as part of output generation
keymgr.Salt_60x844Salt value used as part of output generation
keymgr.Salt_70x884Salt value used as part of output generation
keymgr.KEY_VERSION0x8c4Version used as part of output generation
keymgr.MAX_CREATOR_KEY_VER_REGWEN0x904Register write enable for MAX_CREATOR_KEY_VERSION
keymgr.MAX_CREATOR_KEY_VER_SHADOWED0x944Max creator key version
keymgr.MAX_OWNER_INT_KEY_VER_REGWEN0x984Register write enable for MAX_OWNER_INT_KEY_VERSION
keymgr.MAX_OWNER_INT_KEY_VER_SHADOWED0x9c4Max owner intermediate key version
keymgr.MAX_OWNER_KEY_VER_REGWEN0xa04Register write enable for MAX_OWNER_KEY_VERSION
keymgr.MAX_OWNER_KEY_VER_SHADOWED0xa44Max owner key version
keymgr.SW_SHARE0_OUTPUT_00xa84Key manager software output.
keymgr.SW_SHARE0_OUTPUT_10xac4Key manager software output.
keymgr.SW_SHARE0_OUTPUT_20xb04Key manager software output.
keymgr.SW_SHARE0_OUTPUT_30xb44Key manager software output.
keymgr.SW_SHARE0_OUTPUT_40xb84Key manager software output.
keymgr.SW_SHARE0_OUTPUT_50xbc4Key manager software output.
keymgr.SW_SHARE0_OUTPUT_60xc04Key manager software output.
keymgr.SW_SHARE0_OUTPUT_70xc44Key manager software output.
keymgr.SW_SHARE1_OUTPUT_00xc84Key manager software output.
keymgr.SW_SHARE1_OUTPUT_10xcc4Key manager software output.
keymgr.SW_SHARE1_OUTPUT_20xd04Key manager software output.
keymgr.SW_SHARE1_OUTPUT_30xd44Key manager software output.
keymgr.SW_SHARE1_OUTPUT_40xd84Key manager software output.
keymgr.SW_SHARE1_OUTPUT_50xdc4Key manager software output.
keymgr.SW_SHARE1_OUTPUT_60xe04Key manager software output.
keymgr.SW_SHARE1_OUTPUT_70xe44Key manager software output.
keymgr.WORKING_STATE0xe84Key manager working state.
keymgr.OP_STATUS0xec4Key manager status.
keymgr.ERR_CODE0xf04Key manager error code.
keymgr.FAULT_STATUS0xf44This register represents both synchronous and asynchronous fatal faults.
keymgr.DEBUG0xf84The register holds some debug information that may be convenient if keymgr

INTR_STATE

Interrupt State Register

  • Offset: 0x0
  • Reset default: 0x0
  • Reset mask: 0x1

Fields

BitsTypeResetNameDescription
31:1Reserved
0rw1c0x0op_doneOperation complete

INTR_ENABLE

Interrupt Enable Register

  • Offset: 0x4
  • Reset default: 0x0
  • Reset mask: 0x1

Fields

BitsTypeResetNameDescription
31:1Reserved
0rw0x0op_doneEnable interrupt when INTR_STATE.op_done is set.

INTR_TEST

Interrupt Test Register

  • Offset: 0x8
  • Reset default: 0x0
  • Reset mask: 0x1

Fields

BitsTypeResetNameDescription
31:1Reserved
0wo0x0op_doneWrite 1 to force INTR_STATE.op_done to 1.

ALERT_TEST

Alert Test Register

  • Offset: 0xc
  • Reset default: 0x0
  • Reset mask: 0x3

Fields

BitsTypeResetNameDescription
31:2Reserved
1wo0x0fatal_fault_errWrite 1 to trigger one alert event of this kind.
0wo0x0recov_operation_errWrite 1 to trigger one alert event of this kind.

CFG_REGWEN

Key manager configuration enable

  • Offset: 0x10
  • Reset default: 0x1
  • Reset mask: 0x1

Fields

BitsTypeResetNameDescription
31:1Reserved
0ro0x1ENkey manager configuration enable. When key manager operation is started (see CONTROL), registers protected by this EN are no longer modifiable until the operation completes.

START

Key manager operation start

  • Offset: 0x14
  • Reset default: 0x0
  • Reset mask: 0x1
  • Register enable: CFG_REGWEN

Fields

BitsTypeResetName
31:1Reserved
0rw0x0EN

START . EN

Start key manager operations

ValueNameDescription
0x1Valid stateTo trigger a start, this value must be programmed. All other values are considered no operation start.

Other values are reserved.

CONTROL_SHADOWED

Key manager operation controls

  • Offset: 0x18
  • Reset default: 0x10
  • Reset mask: 0x30f0
  • Register enable: CFG_REGWEN

Fields

BitsTypeResetName
31:14Reserved
13:12rw0x0DEST_SEL
11:8Reserved
7rw0x0CDI_SEL
6:4rw0x1OPERATION
3:0Reserved

CONTROL_SHADOWED . DEST_SEL

When the OPERATION field is programmed to generate output, this field selects the appropriate crypto cipher target.

This field should be programmed for both hw / sw generation, as this helps diverisifies the output.

ValueNameDescription
0x0NoneNo target selected
0x1AESAES selected
0x2KMACKMAC selected
0x3OTBNOTBN selected. Note for OTBN hardware operations, the generated output is 384-bits, while for all other operations (including OTBN software), it is 256-bits. Generating a hardware 384-bit seed directly for OTBN sideload reduces some of the OTBN code burden for entropy expansion. When generating for software, this is not a concern.

CONTROL_SHADOWED . CDI_SEL

When the OPERATION field is programmed to generate output, this field selects the appropriate CDI to use.

This field should be programmed for both hw / sw generation.

ValueNameDescription
0x0Sealing CDISealing CDI is selected
0x1Attestation CDIAttestation CDI is selected

CONTROL_SHADOWED . OPERATION

Key manager operation selection. All values not enumerated below behave the same as disable

ValueNameDescription
0x0AdvanceAdvance key manager state. Advances key manager to the next stage. If key manager is already at last functional state, the advance operation is equivalent to the disable operation.
0x1Generate IDGenerates an identity seed from the current state.
0x2Generate SW OutputGenerates a key manager output that is visible to software from the current state.
0x3Generate HW OutputGenerates a key manager output that is visible only to hardware crypto blocks.
0x4DisableDisables key manager operation and moves it to the disabled state. Note the disabled state is terminal and cannot be recovered without a reset.

Other values are reserved.

SIDELOAD_CLEAR

sideload key slots clear

  • Offset: 0x1c
  • Reset default: 0x0
  • Reset mask: 0x7
  • Register enable: CFG_REGWEN

Fields

BitsTypeResetName
31:3Reserved
2:0rw0x0VAL

SIDELOAD_CLEAR . VAL

Depending on the value programmed, a different sideload key slot is cleared. If the value programmed is not one of the enumerated values below, ALL sideload key slots are continuously cleared. In order to stop continuous clearing, SW should toggle the clear bit again (i.e. disable continuous clearing).

ValueNameDescription
0x0NoneNo sideload keys cleared.
0x1AESThe AES sideload key is continuously cleared with entropy.
0x2KMACThe KMAC sideload key is continuously cleared with entropy.
0x3OTBNThe OTBN sideload key is continuously cleared with entropy.

Other values are reserved.

RESEED_INTERVAL_REGWEN

regwen for reseed interval

  • Offset: 0x20
  • Reset default: 0x1
  • Reset mask: 0x1

Fields

BitsTypeResetNameDescription
31:1Reserved
0rw0c0x1ENConfiguration enable for reseed interval

RESEED_INTERVAL_SHADOWED

Reseed interval for key manager entropy reseed

Fields

BitsTypeResetNameDescription
31:16Reserved
15:0rw0x100VALNumber of key manager cycles before the entropy is reseeded

SW_BINDING_REGWEN

Register write enable for SOFTWARE_BINDING

  • Offset: 0x28
  • Reset default: 0x1
  • Reset mask: 0x1

Fields

BitsTypeResetNameDescription
31:1Reserved
0rw0c0x1ENSoftware binding register write enable. This is locked by software and unlocked by hardware upon a successful advance call. Software binding resets to 1, and its value cannot be altered by software until advancement to Init state.

SEALING_SW_BINDING

Software binding input to sealing portion of the key manager. This register is lockable and shared between key manager stages. This binding value is not considered secret, however its integrity is very important.

The software binding is locked by software and unlocked by hardware upon a successful advance operation.

  • Reset default: 0x0
  • Reset mask: 0xffffffff

Instances

NameOffset
SEALING_SW_BINDING_00x2c
SEALING_SW_BINDING_10x30
SEALING_SW_BINDING_20x34
SEALING_SW_BINDING_30x38
SEALING_SW_BINDING_40x3c
SEALING_SW_BINDING_50x40
SEALING_SW_BINDING_60x44
SEALING_SW_BINDING_70x48

Fields

BitsTypeResetNameDescription
31:0rw0x0VALSoftware binding value

ATTEST_SW_BINDING

Software binding input to the attestation portion of the key manager. This register is lockable and shared between key manager stages. This binding value is not considered secret, however its integrity is very important.

The software binding is locked by software and unlocked by hardware upon a successful advance operation.

  • Reset default: 0x0
  • Reset mask: 0xffffffff

Instances

NameOffset
ATTEST_SW_BINDING_00x4c
ATTEST_SW_BINDING_10x50
ATTEST_SW_BINDING_20x54
ATTEST_SW_BINDING_30x58
ATTEST_SW_BINDING_40x5c
ATTEST_SW_BINDING_50x60
ATTEST_SW_BINDING_60x64
ATTEST_SW_BINDING_70x68

Fields

BitsTypeResetNameDescription
31:0rw0x0VALSoftware binding value

Salt

Salt value used as part of output generation

  • Reset default: 0x0
  • Reset mask: 0xffffffff

Instances

NameOffset
Salt_00x6c
Salt_10x70
Salt_20x74
Salt_30x78
Salt_40x7c
Salt_50x80
Salt_60x84
Salt_70x88

Fields

BitsTypeResetNameDescription
31:0rw0x0VALSalt value

KEY_VERSION

Version used as part of output generation

  • Reset default: 0x0
  • Reset mask: 0xffffffff

Instances

NameOffset
KEY_VERSION0x8c

Fields

BitsTypeResetNameDescription
31:0rw0x0VALKey version

MAX_CREATOR_KEY_VER_REGWEN

Register write enable for MAX_CREATOR_KEY_VERSION

  • Offset: 0x90
  • Reset default: 0x1
  • Reset mask: 0x1

Fields

BitsTypeResetNameDescription
31:1Reserved
0rw0c0x1ENMAX_CREATOR_KEY_VERSION configure enable.

MAX_CREATOR_KEY_VER_SHADOWED

Max creator key version

Fields

BitsTypeResetNameDescription
31:0rw0x0VALMax key version. Any key version up to the value specificed in this register is valid.

MAX_OWNER_INT_KEY_VER_REGWEN

Register write enable for MAX_OWNER_INT_KEY_VERSION

  • Offset: 0x98
  • Reset default: 0x1
  • Reset mask: 0x1

Fields

BitsTypeResetNameDescription
31:1Reserved
0rw0c0x1ENMAX_OWNER_INTERMEDIATE_KEY configure enable.

MAX_OWNER_INT_KEY_VER_SHADOWED

Max owner intermediate key version

Fields

BitsTypeResetNameDescription
31:0rw0x1VALMax key version. Any key version up to the value specificed in this register is valid.

MAX_OWNER_KEY_VER_REGWEN

Register write enable for MAX_OWNER_KEY_VERSION

  • Offset: 0xa0
  • Reset default: 0x1
  • Reset mask: 0x1

Fields

BitsTypeResetNameDescription
31:1Reserved
0rw0c0x1ENMAX_OWNER_KEY configure enable.

MAX_OWNER_KEY_VER_SHADOWED

Max owner key version

Fields

BitsTypeResetNameDescription
31:0rw0x0VALMax key version. Any key version up to the value specificed in this register is valid.

SW_SHARE0_OUTPUT

Key manager software output.

When a software output operation is selected, the results of the operation are placed here.

  • Reset default: 0x0
  • Reset mask: 0xffffffff

Instances

NameOffset
SW_SHARE0_OUTPUT_00xa8
SW_SHARE0_OUTPUT_10xac
SW_SHARE0_OUTPUT_20xb0
SW_SHARE0_OUTPUT_30xb4
SW_SHARE0_OUTPUT_40xb8
SW_SHARE0_OUTPUT_50xbc
SW_SHARE0_OUTPUT_60xc0
SW_SHARE0_OUTPUT_70xc4

Fields

BitsTypeResetNameDescription
31:0rc0x0VALSoftware output value

SW_SHARE1_OUTPUT

Key manager software output.

When a software output operation is selected, the results of the operation are placed here.

  • Reset default: 0x0
  • Reset mask: 0xffffffff

Instances

NameOffset
SW_SHARE1_OUTPUT_00xc8
SW_SHARE1_OUTPUT_10xcc
SW_SHARE1_OUTPUT_20xd0
SW_SHARE1_OUTPUT_30xd4
SW_SHARE1_OUTPUT_40xd8
SW_SHARE1_OUTPUT_50xdc
SW_SHARE1_OUTPUT_60xe0
SW_SHARE1_OUTPUT_70xe4

Fields

BitsTypeResetNameDescription
31:0rc0x0VALSoftware output value

WORKING_STATE

Key manager working state.

This is a readout of the current key manager working state

  • Offset: 0xe8
  • Reset default: 0x0
  • Reset mask: 0x7

Fields

BitsTypeResetName
31:3Reserved
2:0ro0x0STATE

WORKING_STATE . STATE

Key manager control state

ValueNameDescription
0x0ResetKey manager control is still in reset. Please wait for initialization complete before issuing operations
0x1InitKey manager control has finished initialization and will now accept software commands.
0x2Creator Root KeyKey manager control currently contains the creator root key.
0x3Owner Intermediate KeyKey manager control currently contains the owner intermediate key.
0x4Owner KeyKey manager control currently contains the owner key.
0x5DisabledKey manager currently disabled. Please reset the key manager. Sideload keys are still valid.
0x6InvalidKey manager currently invalid. Please reset the key manager. Sideload keys are no longer valid.

Other values are reserved.

OP_STATUS

Key manager status.

Hardware sets the status based on software initiated operations. This register must be explicitly cleared by software. Software clears by writing back whatever it reads.

  • Offset: 0xec
  • Reset default: 0x0
  • Reset mask: 0x3

Fields

BitsTypeResetName
31:2Reserved
1:0rw1c0x0STATUS

OP_STATUS . STATUS

Operation status.

ValueNameDescription
0x0IdleKey manager is idle
0x1WIPWork in progress. A key manager operation has been started and is ongoing
0x2DONE_SUCCESSOperation finished without errors
0x3DONE_ERROROperation finished with errors, please see ERR_CODE register.

ERR_CODE

Key manager error code. This register must be explicitly cleared by software.

This register represents both synchronous and asynchronous recoverable errors.

Synchronous errors refer to those that only happen when a keymgr operation is invoked, while asynchronous refers to errors that can happen at any time.

  • Offset: 0xf0
  • Reset default: 0x0
  • Reset mask: 0x7

Fields

BitsTypeResetNameDescription
31:3Reserved
2rw1c0x0INVALID_SHADOW_UPDATEAn error observed during shadow register updates, asynchronous error
1rw1c0x0INVALID_KMAC_INPUTInvalid data issued to kmac interface, synchronous error
0rw1c0x0INVALID_OPInvalid operation issued to key manager, synchronous error

FAULT_STATUS

This register represents both synchronous and asynchronous fatal faults.

Synchronous faults refer to those that only happen when a keymgr operation is invoked, while asynchronous refers to faults that can happen at any time.

  • Offset: 0xf4
  • Reset default: 0x0
  • Reset mask: 0x3fff

Fields

BitsTypeResetNameDescription
31:14Reserved
13ro0x0KEY_ECCSecret key ecc error, asynchronous fault
12ro0x0SIDE_CTRL_SELSideload control key select error, synchronous fault
11ro0x0SIDE_CTRL_FSMSideload control FSM integrity error, asynchronous fault
10ro0x0RESEED_CNTReseed counter integrity error, asynchronous fault
9ro0x0CTRL_FSM_CNTControl FSM counter integrity error, asynchronous fault
8ro0x0CTRL_FSM_CHKControl FSM cross check error, asynchronous fault
7ro0x0CTRL_FSM_INTGControl FSM integrity error, asynchronous fault
6ro0x0SHADOWShadow copy storage error, asynchronous fault
5ro0x0REGFILE_INTGRegister file integrity error, asynchronous fault
4ro0x0KMAC_OUTKMAC data returned as all 0’s or all 1’s - synchronous fault
3ro0x0KMAC_OPKMAC reported an error during keymgr usage, this should never happen - synchronous fault.
2ro0x0KMAC_DONEThe kmac transfer interface encountered an unexpected done, asynchronous fault.
1ro0x0KMAC_FSMThe kmac transfer interface FSM is in an invalid state, asynchronous fault.
0ro0x0CMDA non-onehot command was seen in kmac, asynchronous fault.

DEBUG

The register holds some debug information that may be convenient if keymgr misbehaves.

  • Offset: 0xf8
  • Reset default: 0x0
  • Reset mask: 0x7f

Fields

BitsTypeResetNameDescription
31:7Reserved
6rw0c0x0INVALID_DIGESTROM digest failed input checks during operation
5rw0c0x0INVALID_KEYKey fed to kmac failed input checks during operation
4rw0c0x0INVALID_KEY_VERSIONKey version failed input checks during operation
3rw0c0x0INVALID_HEALTH_STATEHealth state failed input checks during operation
2rw0c0x0INVALID_DEV_IDDevice ID failed input checks during operation
1rw0c0x0INVALID_OWNER_SEEDOwner seed failed input checks during operation
0rw0c0x0INVALID_CREATOR_SEEDCreator seed failed input checks during operation