I am using AES CBC to transmit data from the DA14683 and I would like to prepare my code for secured mode. I do understand from documentation that in order to set AES keys, I do need to:
- enable OTP for reading
- use DMA channel 7 to transfer keys from OTP to AES KEY 64 registers
- disable OTP
- launch AES on my data
I whish to get more insight about hw_aes_hash_store_keys function that I am currently using to prepare AES coprocessor. It sets key expansion and prepare key bytes before transfering it to the AES registers.
- Does the keys stored in OTP need to be prepared ? Do I simply need to copy them from OTP to AES registers ?
- Do I need to call hw_aes_hash_store_keys() function before launching DMA Channel 7 so it sets key expansion ? key transfer in this function shall fail; is this going to end in a hardware fault in secured mode ? Do I need to reimplement that function so it only sets parameters, prepare key but do not effectively load keys ?
In other words can you give me some insights on how to set the DA14683 ready for secured mode (please do not answer by redirecting me to tutorials) ?
Thank you in advance