Which Public/Private Key Pair is used if FLASH_PROVIDED_or_DFLT

According to my interpretation of the RSL10 firmware reference if field device_param_src_type (of struct app_device_param_t) is defined as FLASH_PROVIDED_or_DFLT then the device parameters (app_device_param_t e.g. Public/Private Key Pair) are taken from Flash or default values are used. Otherwise (i.e. APP_PROVIDED), the application must provide such device parameters to the stack.

If the previous statement is correct, the following question arise:
For FLASH_PROVIDED_or_DFLT andFlash NVR3 all ones, is the public/private key pair used by the stack a constant at all times?

@darrew

You are correct in your assumption here.

If the ‘FLASH_PROVIDED_or_DFLT’ variable is set, the public and private keys read from Flash will be constant on each restart. This can be a security concern, so it is up to the user implementation to set these keys as appropriate.

Just a clarification:

  1. if the ‘FLASH_PROVIDED_OR_DFLT’ is set, how does the stack decide whether it is FLASH_PROVIDED and DFLT?
  2. is it correct to assume that if the NVR3 is all ones that the stack generates its own key pair on every start?

Please give separate answers for 1) and for 2). Thanks.

@darrew

The Stack will first try to read the values from Flash, and if valid it will use them. If the values are invalid, the Stack will generally switch to a set of default parameters.

You are correct. If the key pair you pass into the Stack when set to ‘FLASH_PROVIDED_OR_DFLT’ is invalid, the Stack will automatically generate a new key pair for you. It should be noted that in this situation, the Stack will take ~5s @ 8MHz to generate a new key pair.

This can be sped up by using a CC312 algorithm to generate your keys at launch to pass to the Stack, but this is up to the end user implementation.

Your answers are precise and clarify the documentation. Thank you Martin.

2 Likes