

**AC464**  
**Application Note**

**PolarFire FPGA: Implementing Data Security Using  
User Cryptoprocessor**





a  **MICROCHIP** company

#### **Microsemi Headquarters**

One Enterprise, Aliso Viejo,  
CA 92656 USA

Within the USA: +1 (800) 713-4113

Outside the USA: +1 (949) 380-6100

Sales: +1 (949) 380-6136

Fax: +1 (949) 215-4996

Email: [sales.support@microsemi.com](mailto:sales.support@microsemi.com)  
[www.microsemi.com](http://www.microsemi.com)

©2021 Microsemi, a wholly owned subsidiary of Microchip Technology Inc. All rights reserved. Microsemi and the Microsemi logo are registered trademarks of Microsemi Corporation. All other trademarks and service marks are the property of their respective owners.

Microsemi makes no warranty, representation, or guarantee regarding the information contained herein or the suitability of its products and services for any particular purpose, nor does Microsemi assume any liability whatsoever arising out of the application or use of any product or circuit. The products sold hereunder and any other products sold by Microsemi have been subject to limited testing and should not be used in conjunction with mission-critical equipment or applications. Any performance specifications are believed to be reliable but are not verified, and Buyer must conduct and complete all performance and other testing of the products, alone and together with, or installed in, any end-products. Buyer shall not rely on any data and performance specifications or parameters provided by Microsemi. It is the Buyer's responsibility to independently determine suitability of any products and to test and verify the same. The information provided by Microsemi hereunder is provided "as is, where is" and with all faults, and the entire risk associated with such information is entirely with the Buyer. Microsemi does not grant, explicitly or implicitly, to any party any patent rights, licenses, or any other IP rights, whether with regard to such information itself or anything described by such information. Information provided in this document is proprietary to Microsemi, and Microsemi reserves the right to make any changes to the information in this document or to any products and services at any time without notice.

#### **About Microsemi**

Microsemi, a wholly owned subsidiary of Microchip Technology Inc. (Nasdaq: MCHP), offers a comprehensive portfolio of semiconductor and system solutions for aerospace & defense, communications, data center and industrial markets. Products include high-performance and radiation-hardened analog mixed-signal integrated circuits, FPGAs, SoCs and ASICs; power management products; timing and synchronization devices and precise time solutions, setting the world's standard for time; voice processing devices; RF solutions; discrete components; enterprise storage and communication solutions, security technologies and scalable anti-tamper products; Ethernet solutions; Power-over-Ethernet ICs and midspans; as well as custom design capabilities and services. Learn more at [www.microsemi.com](http://www.microsemi.com).

# Contents

---

|                                                                      |           |
|----------------------------------------------------------------------|-----------|
| <b>1 Revision History .....</b>                                      | <b>1</b>  |
| 1.1    Revision 10.0 .....                                           | 1         |
| 1.2    Revision 9.0 .....                                            | 1         |
| 1.3    Revision 8.0 .....                                            | 1         |
| 1.4    Revision 7.0 .....                                            | 1         |
| 1.5    Revision 6.0 .....                                            | 1         |
| 1.6    Revision 5.0 .....                                            | 1         |
| 1.7    Revision 4.0 .....                                            | 1         |
| 1.8    Revision 3.0 .....                                            | 1         |
| 1.9    Revision 2.0 .....                                            | 1         |
| 1.10    Revision 1.0 .....                                           | 1         |
| <b>2 Implementing Data Security Using User Cryptoprocessor .....</b> | <b>2</b>  |
| 2.1    User Cryptoprocessor .....                                    | 2         |
| 2.2    Design Requirements .....                                     | 5         |
| 2.3    Prerequisites .....                                           | 5         |
| 2.4    Design Description .....                                      | 5         |
| 2.4.1    Clocking Structure .....                                    | 7         |
| 2.4.2    Hardware Implementation .....                               | 8         |
| 2.4.3    Software Implementation .....                               | 11        |
| 2.4.4    TCM Initialization from SPI Flash .....                     | 15        |
| 2.5    Programming the PolarFire Device and SPI Flash .....          | 19        |
| 2.5.1    Tera Term Setup .....                                       | 20        |
| 2.6    Running the Demo .....                                        | 21        |
| 2.6.1    Running Tera Term Macro Script .....                        | 26        |
| <b>3 Appendix 1: Running UserCrypto Sample Projects .....</b>        | <b>29</b> |
| <b>4 Appendix 2: User Cryptoprocessor Simulation .....</b>           | <b>33</b> |
| <b>5 Appendix 3: Running the TCL Script .....</b>                    | <b>34</b> |

# Figures

---

|           |                                                                                |    |
|-----------|--------------------------------------------------------------------------------|----|
| Figure 1  | PF_CRYPTO Macro .....                                                          | 3  |
| Figure 2  | Crypto Configurator .....                                                      | 3  |
| Figure 3  | Reference Design Block Diagram .....                                           | 6  |
| Figure 4  | Clocking Structure .....                                                       | 7  |
| Figure 5  | CoreAHBL2AHBL_Bridge Configurator .....                                        | 9  |
| Figure 6  | Mi-V Processor Subsystem with User Cryptoprocessor .....                       | 10 |
| Figure 7  | Design Resource Utilization—Evaluation Kit .....                               | 10 |
| Figure 8  | User Crypto CAL Driver .....                                                   | 11 |
| Figure 9  | CALCONFIGH .....                                                               | 11 |
| Figure 10 | SoftConsole Project Directory Structure .....                                  | 12 |
| Figure 11 | Peripheral Base Address .....                                                  | 12 |
| Figure 12 | Linker Script .....                                                            | 13 |
| Figure 13 | Linker Script (Continued) .....                                                | 13 |
| Figure 14 | RISC-V Flash Image Setting .....                                               | 14 |
| Figure 15 | Configure Design Initialization Data and Memories .....                        | 15 |
| Figure 16 | Fabric RAMs .....                                                              | 15 |
| Figure 17 | Edit Fabric RAM Initialization Client .....                                    | 16 |
| Figure 18 | Design Initialization .....                                                    | 16 |
| Figure 19 | Generate Design Initialization Data .....                                      | 17 |
| Figure 20 | sNVM Client Verification .....                                                 | 17 |
| Figure 21 | Adding Dummy Client .....                                                      | 17 |
| Figure 22 | Dummy Client Parameters .....                                                  | 18 |
| Figure 23 | Dummy Client .....                                                             | 18 |
| Figure 24 | Board Setup—Evaluation .....                                                   | 19 |
| Figure 25 | Program SPI Flash Image .....                                                  | 20 |
| Figure 26 | Select Serial as the Connection Type .....                                     | 20 |
| Figure 27 | Tera Term Configuration .....                                                  | 20 |
| Figure 28 | Tera Term General Setup .....                                                  | 21 |
| Figure 29 | Application Menu .....                                                         | 21 |
| Figure 30 | Application Menu—Enter 128-bit Key .....                                       | 22 |
| Figure 31 | Application Menu—Nonce .....                                                   | 22 |
| Figure 32 | Application Menu—Additional Authentication Data .....                          | 22 |
| Figure 33 | Application Menu—Input Data to Encrypt and Authenticate .....                  | 23 |
| Figure 34 | Application Menu—Number of Octets in authentication Field .....                | 23 |
| Figure 35 | Application Menu—Encrypted and Authentication Data .....                       | 23 |
| Figure 36 | Application Menu Decryption—Enter 128-bit Key for AES Decryption .....         | 24 |
| Figure 37 | Application Menu Decryption—Nonce .....                                        | 24 |
| Figure 38 | Application Menu—Additional Authentication Data .....                          | 24 |
| Figure 39 | Application Menu—Input Data to Encrypt and Authenticate .....                  | 25 |
| Figure 40 | Application Menu—Encrypted and Authentication Data .....                       | 25 |
| Figure 41 | Application Menu—AES CCM Decryption Result .....                               | 25 |
| Figure 42 | Tera Term Macro Script to Test AES Service .....                               | 26 |
| Figure 43 | Executing Macro Script .....                                                   | 27 |
| Figure 44 | Selecting Macro Script File .....                                              | 27 |
| Figure 45 | Macro Script Execution Result .....                                            | 28 |
| Figure 46 | Firmware Catalog—Sample Projects .....                                         | 30 |
| Figure 47 | Generate Sample Project .....                                                  | 30 |
| Figure 48 | Import Options .....                                                           | 31 |
| Figure 49 | Select An Import Source .....                                                  | 31 |
| Figure 50 | Import Dialog .....                                                            | 32 |
| Figure 51 | Importing RV32_Message_Authentication Project .....                            | 32 |
| Figure 52 | SoftConsole Workspace—Sample Projects .....                                    | 32 |
| Figure 53 | Libero Project settings—VSIM Command for User Cryptoprocessor Simulation ..... | 33 |
| Figure 54 | User Cryptoprocessor Simulation .....                                          | 33 |

# Tables

---

|         |                                             |    |
|---------|---------------------------------------------|----|
| Table 1 | PF_CRYPTO Port List .....                   | 3  |
| Table 2 | Resource Requirements .....                 | 5  |
| Table 3 | IP Cores Used in the Reference Design ..... | 8  |
| Table 4 | System Memory Map .....                     | 9  |
| Table 5 | SPI Clock Divider Value .....               | 16 |
| Table 6 | Jumper Settings—Evaluation Board .....      | 19 |
| Table 7 | Algorithm .....                             | 29 |

# 1 Revision History

---

The revision history describes the changes that were implemented in the document. The changes are listed by revision, starting with the current publication.

## 1.1 Revision 10.0

Added Appendix 3: Running the TCL Script, page 34.

## 1.2 Revision 9.0

In this revision, information about [Prerequisites](#) was updated.

## 1.3 Revision 8.0

The following is a summary of the changes made in this revision.

- Updated the document for Libero SoC v12.2.
- Removed the references to Libero version numbers.
- Added information about enabling protection for SPI Flash client. For more information, refer to [TCM Initialization from SPI Flash](#), page 15.

## 1.4 Revision 7.0

The following is a summary of the changes made in this revision.

- Information about how to unlock the sNVM pages was added. See [Adding a Dummy Client to Unlock the sNVM Pages](#), page 17.
- Updated the document for Libero SoC v12.1.

## 1.5 Revision 6.0

Updated the document for Libero SoC v12.0.

## 1.6 Revision 5.0

The document was updated for Libero SoC PolarFire v2.3 release.

## 1.7 Revision 4.0

The document was updated for Libero SoC PolarFire v2.2 release.

## 1.8 Revision 3.0

The document was updated for Libero SoC PolarFire v2.1 release.

## 1.9 Revision 2.0

The following is a summary of the changes made in this revision.

- Information about initializing the SRAM component with the HEX file was added, see [TCM Initialization from SPI Flash](#), page 15.
- The document was updated to include features and enhancements introduced in the Libero SoC PolarFire v2.0 release.

## 1.10 Revision 1.0

The first publication of this document.

## 2

# Implementing Data Security Using User Cryptoprocessor

---

PolarFire® FPGAs represent the industry's most advanced security programmable FPGAs.

Data security protects application data—stored, communicated, or computed at run-time—from being copied, altered, or corrupted. PolarFire devices have a dedicated crypto processor, referred as User Cryptoprocessor, for data security applications.

This application note describes User Cryptoprocessor features, how to build a Libero and SoftConsole project to perform cryptographic operations using the User Cryptoprocessor as a coprocessor to a host general purpose processor.

## 2.1

### User Cryptoprocessor

The User Cryptoprocessor is an Athena TeraFire® EXP-F5200B cryptography microprocessor. It provides complete support for the Commercial National Security Algorithm (CNSA) Suite and beyond, and includes Side-Channel Analysis (SCA) resistant cryptography using patented leakage reduction countermeasures. These countermeasures provide strong resistance against SCA attacks such as Differential Power Analysis (DPA) and Simple Power Analysis (SPA). The User Cryptoprocessor is available in PolarFire "S" grade devices.

The User Cryptoprocessor supports numerous cryptographic algorithms, including the following:

- AES with 128-, 192-, and 256-bit key sizes in ECB, CBC, CFB, OFB, CTR, and GCM modes
- AES key wrap and unwrap
- SHA1, SHA2-224, SHA2-256, SHA2-384, and SHA2-512
- AES-CMAC and AES-GMAC
- HMAC-SHA
- True random number generation (non-deterministic random bit generator plus NIST SP800-90A deterministic random bit generator)
- RSA, DSA, and modular exponentiation (Diffie-Hellman) with key sizes up to 4096-bits
- EC key pair generation, point validation, point multiplication (EC Diffie-Hellman), and ECDSA for
  - NIST P-curves: P-192, P-224, P-256, P-384, and P-521
  - Brainpool curves: P-256, P-384, and P-512
- Key-tree function

The User Cryptoprocessor is a hard block in PolarFire FPGAs and its maximum operating frequency is 189 MHz. It is accessible to a soft processor in the FPGA fabric through the AHB-Lite slave interface for control and primary data input and output. The User Cryptoprocessor has built-in DMA to offload the main processor from doing data transfers between the User Cryptoprocessor and the user memory. The DMA functionality is accessible through an AMBA AHB-Lite master interface. The Libero SoC design suite provides a PF\_CRYPTO macro in Catalog, which must be integrated with the user design to use the User Cryptoprocessor. The following figure shows the input and output ports of the PF\_CRYPTO macro.

**Figure 1 • PF\_CRYPTO Macro**

Figure 2, page 3 shows the crypto configurator used to enable Complete interrupt, Alarm interrupt, BusError interrupt, and DRI. If the frequency of the crypto block is greater than or equal to 125 MHz, select the Use embedded DLL in the fabric interface option for removing clock insertion delay. The Embedded DLL Jitter Range can be set to Low, Medium\_Low, Medium\_High, or High according to the crypto clock jitter specification. For more information, see [DS0141: PolarFire FPGA Datasheet](#) for embedded DLL jitter tolerance ranges.

**Figure 2 • Crypto Configurator**

The following table lists and describes the PF\_CRYPTO ports. The control and status signals initiate action and obtain status. Corresponding control and status signals are also accessible through the dynamic reconfiguration interface (DRI). Contact Microsemi tech-support for information on how to use DRI.

**Table 1 • PF\_CRYPTO Port List**

| Port Name  | Direction | Description                                                                                                                                                                                                                                                                                                                                                                                                                                      |
|------------|-----------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| AHB_SLAVE  |           | AHB-Lite slave interface.                                                                                                                                                                                                                                                                                                                                                                                                                        |
| AHB_MASTER |           | AHB-Lite master interface.                                                                                                                                                                                                                                                                                                                                                                                                                       |
| DRI_SLAVE  |           | Control and status signals are accessible through the DRI.                                                                                                                                                                                                                                                                                                                                                                                       |
| HCLK       | Input     | AHB bus clock.                                                                                                                                                                                                                                                                                                                                                                                                                                   |
| HRESETN    | Input     | AHB bus reset. Asserts the functional reset of the User Cryptoprocessor block and zeroizes all the internal RAM and registers as PURGE signal.                                                                                                                                                                                                                                                                                                   |
| PURGE      | Input     | When the signal is set to '1', it initializes the Zeroization of User Cryptoprocessor internal RAM and registers. For normal operation, this signal must be tied low. The PURGE input is level sensitive, and if the PURGE pin is still asserted when a purge operation completes, another purge operation is initiated.                                                                                                                         |
| START      | Input     | External execution initiation input when the User Cryptoprocessor operates in the standalone configuration without a host processor connected to the bus interface. Asserting the START signal causes the User Cryptoprocessor to initiate execution. During execution, the status of the User Cryptoprocessor is reflected by the BUSY and DLL_LOCK ports. This signal must be tied low when the User Cryptoprocessor is used as a coprocessor. |

**Table 1 • PF\_CRYPTO Port List (continued)**

| <b>Port Name</b> | <b>Direction</b> | <b>Description</b>                                                                                                                                                                                                                                                                                                                                                                                                      |
|------------------|------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| STALL            | Input            | Stalls the User Cryptoprocessor for a clock cycle, to introduce variance in the external signatures. The STALL input is expected to be generated by a LFSR circuit in the fabric and asserted randomly for a single cycle to achieve the required stall rates. The STALL input must not be asserted until at least three clock cycles after the HRESETN is de-asserted and the DLL has indicated LOCK for three cycles. |
| BUSY             | Output           | Execution status signal.                                                                                                                                                                                                                                                                                                                                                                                                |
| COMPLETE         | Output           | Asserted to indicate that the User Cryptoprocessor has completed an operation. This signal can be connected to the host microprocessor as an interrupt request signal, enabling the User Cryptoprocessor to interrupt the processor when it completes an operation.                                                                                                                                                     |
| ALARM            | Output           | Asserted to indicate an uncorrectable memory error condition. An uncorrectable memory error causes the crypto core to perform a reset and purge. This reset terminates any in-progress operation. For most CAL operations, the CALPKTrfRes() function is used to complete the operation and generates a hardware fault code in the event of an alarm.                                                                   |
| BUS_ERROR        | Output           | Asserted when a HRESP response error is detected by the User Cryptoprocessor AHB master. Once set, a reset is required to clear.                                                                                                                                                                                                                                                                                        |
| DLL_LOCK         | Output           | DLL lock status.                                                                                                                                                                                                                                                                                                                                                                                                        |

Microsemi provides an Athena TeraFire Cryptographic Applications Library (CAL) to access User Cryptoprocessor functions. TeraFire CAL is a C language library that provides functions to access symmetric key, elliptic curve, public key, hash, random number generation, and message authentication code algorithms. It is available for download in the Microsemi Firmware Catalog software. The user application running on the main processor must include CAL APIs to perform the cryptographic operations on the User Cryptoprocessor.

For information about User Cryptoprocessor, supported cryptographic functions and their CAL API descriptions, email [FPGA\\_marketing@microchip.com](mailto:FPGA_marketing@microchip.com) to request Athena TeraFire Cryptographic Algorithm Library (CAL) Users Guide.

## 2.2 Design Requirements

The following table lists the hardware and software required to perform cryptographic operations using the User Cryptoprocessor.

**Table 2 • Resource Requirements**

| Requirement                                  | Version                                                                                                         |
|----------------------------------------------|-----------------------------------------------------------------------------------------------------------------|
| Host PC Operating system                     | Windows 7, 8.1, or 10                                                                                           |
| <b>Hardware</b>                              |                                                                                                                 |
| PolarFire Evaluation Kit (MPF300TS-1FCG1152) | Rev D or later                                                                                                  |
| <b>Software</b>                              |                                                                                                                 |
| Libero SoC <sup>1</sup>                      | See the readme.txt file provided in the design files for the software versions used with this reference design. |
| SoftConsole                                  |                                                                                                                 |
| Tera Term                                    |                                                                                                                 |

1. Libero Evaluation, Gold, Platinum, or Standalone license is required to use PolarFire 'S' grade devices.

**Note:** Libero SmartDesign and configuration screen shots shown in this guide are for illustration purpose only. Open the Libero design to see the latest updates.

## 2.3 Prerequisites

Email [FPGA\\_marketing@microchip.com](mailto:FPGA_marketing@microchip.com) to request the project design files. This design is targeted for PolarFire Evaluation kit only.

Download and install Libero SoC (as indicated in the website for this design) on the host PC from the following location:

<https://www.microsemi.com/product-directory/design-resources/1750-libero-soc#downloads>

**Note:** The latest versions of ModelSim, Synplify Pro, and FTDI drivers are included in the Libero SoC installation package.

## 2.4 Design Description

Microsemi offers a freely available RISC-V processor IP core called Mi-V and software tool chain to support Mi-V processor-based designs. In this reference design, a Mi-V soft processor core is used as the main processor and the User Cryptoprocessor as the coprocessor.

RISC-V, a standard open Instruction Set Architecture (ISA) under the governance of the RISC-V Foundation, offers numerous benefits, including enabling the open source community to test and improve cores at a faster pace than closed ISAs.

The Libero design provided with this application note shows how to integrate the User Cryptoprocessor in a Mi-V processor subsystem. The SoftConsole project shows how to integrate and build a TeraFire CAL driver into a Mi-V processor application project. A similar process can be used to integrate the User Cryptoprocessor and its CAL driver into other general purpose processor subsystem environments.

The Mi-V application provided with the reference design demonstrates the Advanced Encryption Standard (AES) algorithm features of the User Cryptoprocessor. It provides a user interface on the host PC using the UART. The user can download and run the other User Crypto sample projects available in the Firmware catalog to explore using the User Cryptoprocessor cryptographic algorithms.

Each PolarFire FPGA has 56 KB of secure non-volatile memory (sNVM), which can be used for storing cryptographic keys. The sNVM pages are accessible through system services for read/write. The reference design integrates CoreSysServices\_PF IP for sNVM read/write.

The following figure shows a block diagram of the reference design.

**Figure 3 • Reference Design Block Diagram**



## 2.4.1 Clocking Structure

In the reference design, there are two clock domains. The on-board 50 MHz crystal oscillator is connected to the PF\_CCC block which generates 100 MHz and 180 MHz clocks.

The 180 MHz crypto clock is connected to PF\_CRYPTO and COREAHBL2AHBL\_BRIDGE blocks.

The 100 MHz system clock is connected to COREAHBL2AHBL\_BRIDGE, Mi\_V\_RV32\_AHB, SRAM\_Buffer, CoreAHBLite, COREAHBTOAPB3, System Services, and CoreUARTapp blocks.

The following figure shows the clocking structure.

**Figure 4 • Clocking Structure**



## 2.4.2 Hardware Implementation

To build a Mi-V subsystem for PolarFire FPGAs, use the Libero SoC design suite to create an FPGA design using the Mi-V processor core and peripheral cores. The following table lists the IP cores used in the reference design.

**Table 3 • IP Cores Used in the Reference Design**

| IP Core              | Description                                                                                                                                                                                                            |
|----------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| MIV_RV32             | Mi-V soft processor                                                                                                                                                                                                    |
| CoreJTAGDEBUG        | Facilitates the connection of Joint Test Action Group (JTAG) compatible soft core processors to the JTAG header for debugging. It provides fabric access to the JTAG interface using UJTAG macro.                      |
| PF_INIT_monitor      | System Controller uses this macro to check the status of device initialization. The device initialization includes SRAM initialization from $\mu$ PROM/sNVM/SPI Flash. The DEVICE_INIT_DONE signal is used as a reset. |
| CoreAHBLite          | Multi-master AHB-Lite bus                                                                                                                                                                                              |
| COREAHBL2AHBL_BRIDGE | AHB to AHB bridge connects two AHB-Lite buses clocked by asynchronous clocks. This is required because the User Cryptoprocessor clock is different than the rest of the Mi-V processor subsystem clock.                |
| PF_CRYPTO            | Macro to access hard User Cryptoprocessor                                                                                                                                                                              |
| PF_SRAM_AHBL_AXI     | PolarFire LSRAM. Used as system memory for Mi-V processor.                                                                                                                                                             |
| CoreAHBtoAPB3        | Bridge between AHB master and APB slave.                                                                                                                                                                               |
| CoreUARTapp          | UART Controller with APB interface                                                                                                                                                                                     |
| PF_CCC               | Macro to access PolarFire CCC block. It is used to synthesize 100 MHz and 180 MHz clock frequencies from the CCC with an on-board 50 MHz reference clock.                                                              |
| CoreSysServices_PF   | The CoreSysServices_PF provides access to the System Services supported by the PolarFire device. These are System Controller actions initiated from the user design using the CoreSysServices.                         |

Configure and connect the IP cores listed in Table 3, page 8, then run the Libero design flow to create a programming file. For more information about how to build a Mi-V processor subsystem for PolarFire devices, see [TU0775: PolarFire FPGA: Building a Mi-V Processor Subsystem Tutorial](#). This Mi-V processor subsystem can be extended to integrate a User Cryptoprocessor into the system.

The MIV\_RV32 processor core comprises of an instruction fetch unit, an execution pipeline, and a data memory system. In the Mi-V processor memory map, the 0x8000\_0000 to 0x8000\_FFFF range is defined for the TCM memory interface, and the 0x6000\_0000 to 0x6FFF\_FFFF range is defined for the AHBLite I/O interface. The MIV\_RV32 processor's reset vector address is set to 0x80000000. The processor's reset vector address is configurable. The MIV\_RV32's reset is an active-low signal, which must be de-asserted in sync with the system clock through a reset synchronizer. For more information about the MIV\_RV32 core, see [MIV\\_RV32 Handbook](#) from Libero Catalog.

The MIV\_RV32 processor accesses the application execution memory using the TCM options. The MIV\_RV32 processor is configured to provide a 64 KB memory slot beginning at address 0x8000\_0000.

The MIV\_RV32 processor directs the data transactions between addresses 0x60000000 and 0x6FFF\_FFFF to the AHBL interface. The AHBL interface is connected to the CoreAHBLite\_0 bus to communicate with peripherals connected to its slave slots. The CoreAHBLite\_0 bus instance is configured to provide 16 slave slots, each of size 64 KB. The sixteen 64 KB slots consume a total address space of  $16 \times 64 \times 1024 = 2^{20}$  bytes and can be addressed using a 20-bit address bus. The CoreAHBLite\_0 bus, using only the lower 20-bits of the MMIO bus address and maps the connected peripherals within the address range. The User Cryptoprocessor, UART peripheral, System Services, and LSRAM memory are connected to the CoreAHBLite\_0 bus.

**Note:** To initialize the TCM in PolarFire using the system controller, a local parameter `I_cfg_hard_tcm0_en`, in the `miv_rv32_opsrv_cfg_pkg.v` file should be changed to 1'b1 prior to synthesis. See the 2.7 TCM section in the [MIV\\_RV32 Handbook](#).

The following table summarizes the memory map of the reference design.

**Table 4 • System Memory Map**

| Component        | Description                            | Memory Map               |
|------------------|----------------------------------------|--------------------------|
| PF_CRYPTO_0      | User Cryptoprocessor                   | 0x62000000 to 0x6200FFFF |
| SystemServices_0 | System Services                        | 0x60001000 to 0x60001FFF |
| CoreUARTpb_0     | UART peripheral                        | 0x60000000 to 0x60000FFF |
| RAM_Buffer_0     | Memory buffer for User Cryptoprocessor | 0x61000000 to 0x61FFFFFF |

In this reference design, the User Cryptoprocessor clock (`crypto_clk`) is configured to operate at 180 MHz and the clock for the rest of the Mi-V subsystem (`sys_clk`) operates at 100 MHz. This reference design uses the CoreAHBL2AHBL\_Bridge IP to provide clock domain crossing between `sys_clk` and `crypto_clk`.

The CoreAHBL2AHBL\_Bridge IP functions as a bridge between the AHB master and AHB slave where master and slave operate in two clock domains that are asynchronous in nature. The following figure shows the CoreAHBL2AHBL\_Bridge IP Configurator. This IP can be configured by setting the **Select bridge Mode** option to either **Master-to-Slave Path** or **Slave-to-Master Path**.

**Figure 5 • CoreAHBL2AHBL\_Bridge Configurator**



The CoreAHBL2AHBL\_Bridge\_0 is configured in the Slave-to-Master path to connect the User Cryptoprocessor to the Mi-V processors peripheral MMIO bus for control and primary data input and output. In this configuration, the `sys_clk` must be connected to the bridges slave interface clock (`hclk_s0`) and the `crypto_clk` must be connected to the bridge's master interface clock (`hclk_m0`).

The CoreAHBL2AHBL\_Bridge\_1 is configured in the Master-to-Slave path to connect the User Cryptoprocessors AHB master port to the Mi-V processors peripheral bus for DMA transactions. In this configuration, the `sys_clk` must be connected to the bridges master interface clock (`hclk_m0`) and the `crypto_clk` must be connected to the bridges slave interface clock (`hclk_s0`).

The following figure shows the SmartDesign view of the Mi-V processor subsystem with a User Cryptoprocessor.

**Figure 6 • Mi-V Processor Subsystem with User Cryptoprocessor**

For more details on component configurations and connections, see the provided Libero project.

#### 2.4.2.1 FPGA Resource Utilization

The following figures show the reference design resource utilization report under Synthesize in Design Flow window.

**Figure 7 • Design Resource Utilization—Evaluation Kit**

| Module Name          | Fabric 4LUT | Fabric DFF | Interface 4LUT | Interface DFF | Single-Ended I/O | uSRAM 1K | LSRAM 18K | Chip Globals | PLL |
|----------------------|-------------|------------|----------------|---------------|------------------|----------|-----------|--------------|-----|
| Top                  | 8590        | 2761       | 2376           | 2376          | 4                | 6        | 64        | 5            | 1   |
| Primitives           | 1           | 0          | 0              | 0             | 4                | 0        | 0         | 0            | 0   |
| CCC_0_0              | 0           | 0          | 0              | 0             | 0                | 0        | 0         | 2            | 1   |
| CORERESET_PF_C0_0    | 2           | 16         | 0              | 0             | 0                | 0        | 0         | 0            | 0   |
| CORERESET_PF_C0_0    | 2           | 16         | 0              | 0             | 0                | 0        | 0         | 0            | 0   |
| CORERESET_PF_C1_0    | 0           | 17         | 0              | 0             | 0                | 0        | 0         | 1            | 0   |
| CORERESET_PF_C1_0    | 0           | 17         | 0              | 0             | 0                | 0        | 0         | 1            | 0   |
| PROC_SUBSYSTEM_0     | 8587        | 2728       | 2376           | 2376          | 0                | 6        | 64        | 2            | 0   |
| COREAHBL2AHBL_BRI... | 30          | 135        | 0              | 0             | 0                | 0        | 0         | 0            | 0   |
| COREAHBL2AHBL_BRI... | 37          | 139        | 0              | 0             | 0                | 0        | 0         | 0            | 0   |
| CORE_AHBTOPB3_0      | 38          | 91         | 0              | 0             | 0                | 0        | 0         | 0            | 0   |
| CoreAHBLite0_0       | 463         | 109        | 0              | 0             | 0                | 0        | 0         | 0            | 0   |
| Core_APB3_0          | 48          | 0          | 0              | 0             | 0                | 0        | 0         | 0            | 0   |
| Core_JTAG_Debug_0    | 262         | 17         | 0              | 0             | 0                | 0        | 0         | 2            | 0   |
| Core_UARTapp0_0      | 152         | 114        | 0              | 0             | 0                | 0        | 0         | 0            | 0   |
| MIV_RV32_C0_0        | 6706        | 1697       | 1224           | 1224          | 0                | 6        | 32        | 0            | 0   |
| SRAM_Buffer_0        | 453         | 46         | 1152           | 1152          | 0                | 0        | 32        | 0            | 0   |
| SystemServices_0     | 398         | 380        | 0              | 0             | 0                | 0        | 0         | 0            | 0   |

## 2.4.3 Software Implementation

For information about how to create and build a SoftConsole project for the Mi-V processor subsystem, see [TU0775: PolarFire FPGA: Building a Mi-V Processor Subsystem Tutorial](#).

To use User Cryptoprocessor services in the application, download the PolarFire User Crypto CAL driver from the firmware catalog and add the driver to the SoftConsole project. The User Crypto CAL driver contains `config_user.h` file for driver configuration. In the `config_user.h` file, define the `PKX0_BASE` macro as the base address of the User Cryptoprocessor according to the Libero design.

**Figure 8 • User Crypto CAL Driver**



```

Project Explorer
  RV32_GNU_SC5_CCM_Services
    Binaries
    Includes
    cal
      aef5200.c
      aef5200.h
      calcontext
      calcontext.h
      calenum
      calenum.h
      calin.c
      calin.h
      calpolicy.h
      calvalues.h
      config_user.h
      dbrg.c
      dbrg.h
      dbrgs200.c
      dbrgs200.h
      hash.c
      hash.h
      mac.c
      mac.h
      nrbg.c
      nrbg.h
      pkc.c
      pkc.h
      ploc.c
      ploc.h
      polib.c
      polib.h
      sha200.c
      sha200.h
      sym.c
      sym.h
      util.c
      util.h
      x52cfg_user.h
    hw_platform.h
    microsemi-riscv-ram.ld
    config_user.h
  hw_platform.h
  microsemi-riscv-ram.ld
  config_user.h
  8 Copyright (c) 1999-2017 The Athena Group, Inc.
  9
  10 This file, the information contained herein, and its documentation
  11 is property of The Athena Group, Inc., and furnished under a
  12 license agreement. This file and its documentation may be used or
  13 copied only in accordance with the terms of the license agreement.
  14 No part of this file or its documentation may be read,
  15 reproduced, transmitted, or translated without the prior written
  16 permission of The Athena Group, Inc.
  17
  18 Each copy of this file shall include all copyrights, trademarks,
  19 service marks, and proprietary rights notices, if any.
  20
  21 All technical data contained in this file is subject to export
  22 control laws of the United States of America. Disclosure to
  23 nationals of other countries contrary to United States law is
  24 prohibited.
  25
  26 This marking must be kept on all copies of this file.
  27
  28
  29 */
  30 Description:
  31
  32 User configuration file to include/exclude CAL components.
  33
  34
  35 #ifndef CALCONFIG_F5200_H
  36 #define CALCONFIG_F5200_H
  37
  38 #include "x52cfg_user.h"
  39
  40 #define _SFRS_ 0x00000000
  41 #define PKX0_BASE 0x62000000
  42 #define USEPKX_X
  43 #define USEAESPKX 1
  44 #define USESHAPKX 1
  45 #define USEDRBGPKX 1
  46 #define USENRBGPKX 1
  47 #define USECALCTX 1
  48
  49 #endif
  50

```

Browse and add the `config_user.h` file to GNU RISC-V Cross C Compiler -> Preprocessor for both debug and release configurations as shown in the following figure.

**Figure 9 • CALCONFIGH**



The following figure shows the intended directory structure for a project based on MIV\_RV32 using SoftConsole. This project uses the User Crypto Library (CAL) and CoreUARTapb drivers. CoreUARTapb drivers rely on the MIV\_RV32 HAL to access the hardware. The content of the drivers directory results from generating the driver source files for each peripheral in the project using Firmware Catalog. The contents of the HAL and miv\_rv32\_hal directories result from generating the source files for the MIV\_RV32 HAL from the Firmware Catalog.

**Figure 10 • SoftConsole Project Directory Structure**



The UART peripheral base address, System Services base address and system clock frequency are provided in the `hw_platform.h` file.

**Figure 11 • Peripheral Base Address**



```

19  The hw_platform.h is to be located in the project root directory.
20  Currently this file must be hand crafted when using the Mi-V Soft Processor.
21
22  You can use this file as an example.
23  Rename this file from sample_hw_platform.h to hw_platform.h and store it in
24  the root folder of your project. Then customize it per your HW design.
25
26  @section driver_configuration Project configuration Instructions
27  1. Change SYS_CLK_FREQ define to frequency of Mi-V Soft processor clock
28  2. Add all other core BASE addresses
29  3. Add peripheral Core Interrupt to Mi-V Soft processor interrupt mappings
30  4. Define MSCC_STUDIO_UART_BASE_ADDR if you want a CoreUARTapb mapped to
31  STDIO
32  */
33
34 #ifndef HW_PLATFORM_H
35 #define HW_PLATFORM_H
36
37 /**
38 * Soft-processor clock definition
39 * This is the only clock brought over from the Mi-V Libero design.
40 */
41 #ifndef SYS_CLK_FREQ
42 #define SYS_CLK_FREQ           100000000UL
43 #endif
44
45 /**
46 * Non-memory Peripheral base addresses
47 * Format of define is:
48 * <CoreName>_<instance>_BASE_ADDR
49 * The <instance> field is optional if there is only one instance of the core
50 * in the design
51 */
52 #define COREUARTAPB0_BASE_ADDR      0x60000000UL
53 #define SYS_SERVICE_BASE_ADDR      0x60001000UL

```

### 2.4.3.1 Linker Script Update

A sample linker script file (`miv-rv32-ram.ld`) is provided along with the MIV\_RV32 HAL files. This linker script assumes that the SRAM is connected to the Mi-V processor memory space. The start address and size of the memory space must correspond with the Libero design.

A `crypto_ram` user section is defined in the linker script (see the following figure) to map the User Crypto input and output buffers to a common memory located on the Mi-V processor AHBL interface. The common memory is located at address 0x61000000.

**Figure 12 • Linker Script**



```

Project Explorer
  RV32_GNU_SC5_CCM_Services
    Binaries
    Includes
    cal
    Debug
    drivers
    hal
    miv_rv32_hal
      miv_rv32_entry.S
      miv_rv32_hal.c
      miv_rv32_hal.h
      miv_rv32_init.c
      miv_rv32_plic.h
      miv_rv32_regs.h
      miv_rv32_stubs.c
      miv_rv32_syscall.c
      sample_hw_platform.h
      miv-rv32-envm.ld
      miv-rv32-ram.ld
    Release
    ccm_mac.c
    ccm.c
    ccm.h
    helper.c
    helper.h
    hw_platform.h
    main.c
    miv-rv32ima-ccm-services Debug.launch
    README.txt
    RV32_CCM_msg_auth.ttl

miv-rv32-ram.ld
 1 ****
 2 * Copyright 2019-2021 Microchip FPGA Embedded Systems Solutions.
 3 *
 4 * SPDX-License-Identifier: MIT
 5 *
 6 * file name : miv-rv32-ram.ld
 7 * Mi-V soft processor linker script for creating a SoftConsole downloadable
 8 * debug image executing in SRAM.
 9 *
10 * This linker script assumes that a RAM is connected at on the Mi-V soft
11 * processor memory space. The start address and size of the memory space must
12 * be correct as per the Libero design.
13 *
14 * Supports MIV_RV32 as well as the legacy RV32 cores with appropriate memory
15 * section addresses as per your design.
16 *
17 * SVN $Revision: 13158 $
18 * SVN $Date: 2021-01-31 10:57:57 +0530 (Sun, 31 Jan 2021) $
19 */
20
21 OUTPUT_ARCH( "riscv" )
22 ENTRY(_start)
23
24 MEMORY
25 {
26   ram (rwx) : ORIGIN = 0x80000000, LENGTH = 64k
27   crypto_ram (rw) : ORIGIN = 0x61000000, LENGTH = 64k
28 }
29
30 RAM_START_ADDRESS  = 0x80000000; /* Must be the same value MEMORY region ram ORIGIN above. */
31 RAM_SIZE          = 64k; /* Must be the same value MEMORY region ram LENGTH above. */
32 STACK_SIZE        = 2k; /* needs to be calculated for your application */
33 HEAP_SIZE          = 2k; /* needs to be calculated for your application */
34
35 SECTIONS
  
```

**Figure 13 • Linker Script (Continued)**



```

Project Explorer
  RV32_GNU_SC5_CCM_Services
    Binaries
    Includes
    cal
    Debug
    drivers
    hal
    miv_rv32_hal
      miv_rv32_entry.S
      miv_rv32_hal.c
      miv_rv32_hal.h
      miv_rv32_init.c
      miv_rv32_plic.h
      miv_rv32_regs.h
      miv_rv32_stubs.c
      miv_rv32_syscall.c
      sample_hw_platform.h
      miv-rv32-ram.ld
    Release
    ccm_mac.c
    ccm.c
    ccm.h
    helper.c
    helper.h
    hw_platform.h
    main.c
    miv-rv32ima-ccm-services Debug.launch
    README.txt
    RV32_CCM_msg_auth.ttl

miv-rv32-ram.ld
 120   "(.shbss)
 121   *(.bss .bss.* .gnu.linkonce.b.*)
 122   *(COMMON)
 123   . = ALIGN(0x10);
 124   _bss_end = .;
 125 } > ram
 126
 127 /* End of uninitialized data segment */
 128 _end = .;
 129
 130 .heap : ALIGN(0x10)
 131 {
 132   __heap_start = .;
 133   . += HEAP_SIZE;
 134   __heap_end = .;
 135   . = ALIGN(0x10);
 136   __heap_end = __heap_end;
 137 } > ram
 138
 139 .stack : ALIGN(0x10)
 140 {
 141   __stack_bottom = .;
 142   . += STACK_SIZE;
 143   __stack_top = .;
 144 } > ram
 145
 146 . = 0x61000000;
 147 .crypto_data : ALIGN(0x10)
 148 {
 149   . = ALIGN(0x10);
 150   *(.crypto_data)
 151 } > crypto_ram
 152 }
 153
 154
  
```

### 2.4.3.2 RISC-V Flash Image Setting

As shown in Figure 14, page 14, add the `--change-section-lma *-0x80000000` command to remove the non-linear address (the first line) of the HEX file.

Figure 14 • RISC-V Flash Image Setting



## 2.4.4 TCM Initialization from SPI Flash

This section describes how to load the user application hex image file into the TCM from SPI flash using System Controller.

To configure Design Initialization Data and Memories, perform the following steps:

1. Copy the `RV32_GNU_SC5_CCM_Services.hex` file from `<Download_Directory>\mpf_ac464_eval\SoftConsole\RV32_GNU_SC5_CCM_Services\Debug folder` and place it in `<Download_Directory>\mpf_ac464_eval\Libero_Project`
2. Double-click **Configure Design Initialization Data and Memories** from the **Design Flow** window as shown in the following figure.

**Figure 15 • Configure Design Initialization Data and Memories**



3. Click the **Fabric RAMs** tab and select the TCM instance that needs to be initialized and click **Edit**, as shown in the following figure. In this design, TCM instance must be initialized with the user application.

**Figure 16 • Fabric RAMs**



4. Double-click the **TCM** instance to add initialization client and storage location. In the **Edit Fabric RAM Initialization Client** dialog, select the **Content from file** option, locate the `RV32_GNU_SC5_CCM_Services.hex` file from the Libero Project folder, select **Storage Type** as **SPI-Flash**, and then click **OK**, as shown in the following figure.

**Figure 17 • Edit Fabric RAM Initialization Client**

- Click **Design Initialization** tab, ensure **SPI-Flash - Binding Encrypted with Default Key** is selected for **SPI-Flash Binding** type as shown in the following figure. **SPI clock divider value** must be set to 6. Refer to note given below for more information. In this reference design, the initialization client is stored in the SPI flash in encrypted format with authentication. When this option is selected, the design initialization client file (<root>\_uic.bin) is encrypted with the default encryption key. When Default key is selected, the user does not need to specify any other details. Enable user security protection using UEK1/UEK2 for the SPI-Flash client if required.

**Figure 18 • Design Initialization**

**Note:** The SPI clock divider value specifies the required SPI SCK frequency to read the initialization data from SPI Flash. The SPI Clock divider value must be selected based on the external SPI Flash operating frequency range.

**Table 5 • SPI Clock Divider Value**

| SPI Clock Divider Value | SCK Frequency |
|-------------------------|---------------|
| 1                       | 80 MHz        |
| 2                       | 40 MHz        |
| 4                       | 20 MHz        |
| 6                       | 13.3 MHz      |

6. Click Generate Initialization clients under the **Design Initialization** tab to generate the External SPI-Flash (Non-authenticated), client.
7. When the initialization clients are generated, the Generate Initialization clients status window is displayed as shown in the following figure.

**Figure 19 • Generate Design Initialization Data**

8. Select the **SPI Flash** tab to verify that the SPI flash client is generated as shown in the following figure.

**Figure 20 • sNVM Client Verification**

Configuration of Design Initialization Data and Memories is successfully completed.

**Note:** In the scenario where a PolarFire device is first programmed with a design with an sNVM client, and then reprogrammed with a (different) design without an sNVM client, upon completion of programming with the second design, the sNVM client will not be erased. In such a case, if there are sNVM pages that are locked, writes to those pages using a system service call fails. There is no programming action to erase sNVM completely. To work around this issue, create a dummy sNVM client (filled with 0's) in the second design.

#### 2.4.4.1 Adding a Dummy Client to Unlock the sNVM Pages

In this design, the AES key provided by the user is stored in the sNVM at page#4 using system service call. Hence, a dummy client to clear the sNVM page needs to be added to sNVM configurator. To add a dummy client, perform the following steps:

1. In the Libero **Design Flow** window, double-click **Configure Design Initialization Data and Memories**.
2. In the Design and Memory Initialization page, select the **sNVM** tab.
3. In sNVM Clients pane, click **Add... > Add PlainText NonAuthenticated Client**. as shown in the following figure.

**Figure 21 • Adding Dummy Client**

4. In the **Add PlainText NonAuthenticated client** window, select **Content filled with 0s** radio button and enter:
  - **Client name:** Clear\_sNVM
  - **Start page (decimal):** 4
  - **Number of bytes (decimal):** 256
5. Click **OK** to create a dummy client.

**Figure 22 • Dummy Client Parameters**

The following figure shows the dummy client added to sNVM Clients pane.

**Figure 23 • Dummy Client**

## 2.5 Programming the PolarFire Device and SPI Flash

This section describes how to program the PolarFire device and SPI Flash.

To program the PolarFire device, perform the following steps:

1. Ensure that the jumpers on the evaluation board are set as specified in the following tables.

**Table 6 • Jumper Settings—Evaluation Board**

| Jumper                      | Description                                                       |
|-----------------------------|-------------------------------------------------------------------|
| J18, J19, J20, J21, and J22 | Close pin 2 and 3 for programming the PolarFire FPGA through FTDI |
| J28                         | Close pin 1 and 2 for programming through the on-board FlashPro5  |
| J26                         | Close pin 1 and 2 for programming through the FTDI SPI            |
| J27                         | Close pin 1 and 2 for programming through the FTDI SPI            |
| J23                         | Open pin 1 and 2 for programming SPI Flash                        |
| J4                          | Close pin 1 and 2 for manual power switching using SW3            |
| J12                         | Close pin 3 and 4 for 2.5 V                                       |

2. Connect the power supply cable to the **J9** connector on the evaluation board.
3. Connect the USB cable from the host PC to **J5** (FTDI port) on the evaluation board.
4. Power on the evaluation board using the **SW3** slide switch.

The following figure shows the PolarFire Evaluation Kit set up to be programmed.

**Figure 24 • Board Setup—Evaluation**



5. Open the Libero project.
6. Click **Run PROGRAM Action** to program the device.

7. Double-click **Run Program\_SPI\_IMAGE Action** to program the SPI flash. A green tick mark is displayed after the successful generation as shown in the following figure.

**Figure 25 • Program SPI Flash Image**

## 2.5.1 Tera Term Setup

The user application provides a user interface on the Tera Term terminal through the UART interface.

To set up the Tera Term program, perform the following steps:

1. Ensure that the USB cable connects the host PC to the **J5 (USB)** port on the PolarFire Evaluation board.
2. Start Tera Term.
3. Select **Serial** as the Connection type.
4. Set the Serial **Port** to the second highest COM port number from the drop-down list as shown in the following figure. For example, **COM9: FlashPro5 Port [COM9]** in this instance.

**Figure 26 • Select Serial as the Connection Type**

5. In the **Tera Term** window, go to **Setup > Serial port...**, set;

  - **Baud rate:** 115200
  - **Transmit delay:** 5 msec/char and 5 msec/line

Rest of the serial port settings must be at default state as shown in the following figure and click **OK**.

**Figure 27 • Tera Term Configuration**

6. In the **Tera Term** window, go to **Setup > General...**, set the **Language** to **English** and click **OK**, as shown in the following figure. This setup is required for running the Tera Term macro script.

**Figure 28 • Tera Term General Setup**

This completes the Tera Term program setup.

## 2.6 Running the Demo

After the device is programmed, power cycle the board. The application prints the menu on the Tera Term program through the UART interface, as shown in following figure.

**Figure 29 • Application Menu**

Use the following test vector to verify the AES CCM encryption and decryption operation:

- AES Key = 404142434445464748494A4B4C4D4E4F
- Nonce = 101112131415161718191A1B
- Additional authentication data (AAD) = 000102030405060708090A0B0C0D0E0F10111213
- Input data to Encrypt and authenticate = 202122232425262728292A2B2C2D2E2F3031323334353637

To run the demo, perform the following steps:

1. Press '1' to perform CCM AES-128 encryption using the User Cryptoprocessor. The application prompts to enter a 128-bit key, as shown in the following figure. The application securely stores the AES key into sNVM using System Service function call.

**Figure 30 • Application Menu—Enter 128-bit Key**

2. Enter the AES key provided in the test vector and press Enter. The application prompts for Nonce, as shown in the following figure.

**Figure 31 • Application Menu—Nonce**

3. Enter the Nonce provided in the test vector and press Enter. The application prompts to enter AAD, as shown in the following figure.

**Figure 32 • Application Menu—Additional Authentication Data**

4. Enter the AAD provided in the test vector and press Enter. The application prompts to enter input data to encrypt and authenticate, as shown in the following figure.

**Figure 33 • Application Menu—Input Data to Encrypt and Authenticate**



5. Enter the input data to encrypt and authenticate provided in the test vector and press Enter. The application prompts to enter the number of octets in the authentication field, as shown in the following figure.

**Figure 34 • Application Menu—Number of Octets in authentication Field**



6. Press '2' for Encrypted and Authentication data. The result of the CCM AES encryption is printed on the Tera Term program, as shown in the following figure. Observe that the result is matched with the test vector, as shown in the following figure.

**Figure 35 • Application Menu—Encrypted and Authentication Data**



7. Press any key to continue to evaluate the AES operation. The application prints the AES encryption/decryption menu again on Tera Term program.
8. Press '2' to perform AES CCM decryption using User Cryptoprocessor. The application prompts to enter 128-bit key, as shown in the following figure.

**Figure 36 • Application Menu Decryption—Enter 128-bit Key for AES Decryption**

9. Enter the key provided in the preceding test vector and press Enter. The application prompts for Nonce.

**Figure 37 • Application Menu Decryption—Nonce**

10. Enter the Nonce provided in the test vector and press Enter. The application prompts to enter AAD, as shown in the following figure.

**Figure 38 • Application Menu—Additional Authentication Data**

- Enter the AAD provided in the test vector and press Enter. The application prompts to enter input data to encrypt and authenticate, as shown in the following figure.

**Figure 39 • Application Menu—Input Data to Encrypt and Authenticate**

- Enter the input data to encrypt and authenticate provided in the test vector and press Enter. The application prompts to enter the number of octets in authentication field, as shown in the following figure.

**Figure 40 • Application Menu—Encrypted and Authentication Data**

- Enter '2' to proceed. The result of the AES CCM decryption is printed on the Tera Term program, as shown in the following figure. Observe that the result is matched with the test vector.

**Figure 41 • Application Menu—AES CCM Decryption Result**

## 2.6.1 Running Tera Term Macro Script

Each sample project contains Tera Term macro script (.ttl) file to test the cryptographic algorithms used in the sample project. The Tera Term macro script contain commands to pass required input test vectors. It also contains the expected output for each input test vector for user verification. The following figure shows the Tera Term macro script available in the sample projects provided in the design file.

**Note:** Tera Term Macros in this design do not work with Windows 10 build 14393.0. You must update to Windows 10 build 14393.0.105 or later.

**Figure 42 • Tera Term Macro Script to Test AES Service**



The screenshot shows a window titled "RV32\_CCM\_msg\_auth.ttl" containing a Tera Term macro script. The script is a series of numbered commands (labeled 22 through 59) defining inputs, key, nonce, AAD, and message, followed by send and pause commands. The code is as follows:

```
22; -----
23; Test Case 1
24; Inputs
25;   8, 3, 44, 20,
26;   AES key
27;     40414243 44454647 48494A4B 4C4D4E4F
28;   NONCE
29;     10111213 14151617 18191A1B
30;   AAD
31;     00010203 04050607 08090A0B 0C0D0E0F 10111213
32;   Message P
33;     20212223 24252627 28292A2B 2C2D2E2F 30313233 34353637
34
35; Output - Encrypted Data
36;   E3B201A9 F5B71A7A 9B1CEAEC CD97E70B 6176AAD9 A4428AA5 484392FB C1B09951
37; -----
38 send '1'
39 pause 2
40
41;Key
42 send '404142434445464748494a4b4c4d4e4f'
43 pause 1
44
45;Nonce
46 send '101112131415161718191a1b'
47 pause 1
48 send 13
49 pause 1
50
51;AAD
52 send '000102030405060708090a0b0c0d0e0f10111213'
53 pause 1
54 send 13
55 pause 1
56
57;MSG
58 send '202122232425262728292A2B2C2D2E2F3031323334353637'
59 pause 1
```

To run the Tera Term script, perform the following steps:

1. On the **Control** menu, click **Macro**, as shown in the following figure.

**Figure 43 • Executing Macro Script**



2. In the **Open macro** window, select the **RV32\_CCM\_msg\_auth.ttl** file available in the sample project provided with the design files and click **Open** as shown in the following figure.

**Figure 44 • Selecting Macro Script File**



Tera Term executes the script and the results are printed on the Tera Term. Compare the output of the AES encryption and decryption service with the test vectors provided in the macro script. The following figure shows the result of the macro script execution.

**Figure 45 • Macro Script Execution Result**

```

File Edit Setup Control Window Help
*****
***** PolarFire User Crypto CCM Example Project *****
*****
This example project demonstrates the use of the PolarFire User Crypto
CCM service using AES cipher Services. The following CCM services
are demonstrated:
  1 - Encryption and authenticated.
  2 - Decryption and authenticated.

Select the CCM operation to perform:
Press key '1' to perform Encryption and Authenticated
Press key '2' to perform Decryption and Authenticated

Selected Encryption and Authenticated using CCM.

Enter the 128-bit/16-byte key:
404142434445464748494a4b4c4d4e4f
Enter the Nonce (max : 16 Bytes):
101112131415161718191a1b
Enter the Additional authenticated data (max : 32 Bytes):
000102030405060708090a0b0c0d0e0f
10111213
Enter the input data to encrypt and authenticate (max : 64 bytes):
202122232425262728292A2B2C2D2E2F
3031323334353637

Enter the Number of octets in authentication field:
Press key '1' for 4 bytes
Press key '2' for 8 bytes
Press key '3' for 12 bytes
Press key '4' for 16 bytes
2

Encrypted and Authentication data:
E3B201A9FB71A7A9B1CE4ECCD97E70B
6176AAD9A4428AA5484392FBC1B09951

Press any key to continue.

Select the CCM operation to perform:
Press key '1' to perform Encryption and Authenticated
Press key '2' to perform Decryption and Authenticated

Selected Encryption and Authenticated using CCM.

Enter the 128-bit/16-byte key:
C0C1C2C3C4C5C6C7C8C9CABCBCCDCECF
Enter the Nonce (max : 16 Bytes):
00000004030201A0A1A2A3A4A5
Enter the Additional authenticated data (max : 32 Bytes):
0001020304050607

```

This concludes the demo of User Crypto AES service. Terminate the SoftConsole debugger session.

To run other User Crypto sample projects, see Appendix 1: Running UserCrypto Sample Projects, page 29.

## 3 Appendix 1: Running UserCrypto Sample Projects

---

The Firmware Catalog contains sample projects to show how to use User Crypto (CAL) APIs in the user application. You can use the sample projects to evaluate various cryptographic features supported by the User Cryptoprocessor on PolarFire devices. This section provides instructions on how to run UserCrypto sample projects with the provided Libero design.

The following table lists the UserCrypto algorithms demonstrated in the sample projects. For more information about the sample projects, refer README.txt, file available in the sample projects.

**Table 7 • Algorithm**

| Algorithm | Parameters and Modes                                                             |
|-----------|----------------------------------------------------------------------------------|
| AES       | AES-ECB-256 encrypt                                                              |
|           | AES-ECB-256 encrypt                                                              |
|           | AES-CCM-128                                                                      |
| GMAC      | AES-GCM-256, 128-bit tag                                                         |
| HMAC      | HMAC-SHA-256, 256-bit key                                                        |
| CMAC      | AES-CMAC-256                                                                     |
| KEY TREE  | 128-bit nonce + 8-bit optype                                                     |
| SHA       | SHA-256                                                                          |
| ECC       | ECDSA SigGen, P-384/SHA-384, DPA                                                 |
| IFC (RSA) | Encrypt, RSA-3072, e=65537                                                       |
|           | Decrypt, RSA-3072, CRT, DPA                                                      |
| FFC (DH)  | SigGen, DSA-3072/SHA-384, DPA                                                    |
|           | Key Agreement (KAS), DH-3072                                                     |
| NRBG      | Instantiate: strength, s = 256, 384-bit nonce,<br>384-bit personalization string |
|           | Generate: (no add input, no prediction<br>resistance) s = 256                    |

**Note:** CCM is used to provide assurance of the confidentiality and the authenticity of computer data by combining the techniques of the Counter (CTR) mode and the Cipher Block Chaining-Message Authentication Code (CBC-MAC) algorithm.

To run the sample projects, perform the following steps:

1. Download the sample project from Firmware Catalog by right-clicking on **PolarFire UserCrypto Driver** and select a sample project available through **Generate Sample Project > RISC-V > SoftConsole 5.3 > project name**, as shown in the following figure.

**Figure 46 • Firmware Catalog—Sample Projects**



**Note:** CCM Services sample project is provided with the design files. Generate other sample projects and import into the SoftConsole workspace.

2. Click **OK** to generate the selected sample project to a local folder on the host PC.

**Figure 47 • Generate Sample Project**



3. In the SoftConsole, go to **File** and select **Import** as shown in the following figure.

**Figure 48 • Import Options**

4. Select import source as **Existing Projects into Workspace** and click **Next**, as shown in the following figure.

**Figure 49 • Select An Import Source**

- In the Import dialog, click **Browse..** to locate the generated sample project in the local PC folder and click **OK**, as shown in the following figure.

**Figure 50 • Import Dialog**

- Ensure that the generated project is selected and click **Finish** to import the generated sample project in a SoftConsole workspace, as shown in the following figure.

**Figure 51 • Importing RV32\_Message\_Authentication Project**

- The new sample project is imported in the SoftConsole workspace, as shown in the following figure.

**Figure 52 • SoftConsole Workspace—Sample Projects**

- See Software Implementation, page 11 to make necessary changes to the imported sample project.
- After making necessary changes, right-click on the imported sample project and click **Build Project** to build the project.
- Start the SoftConsole debugger to run the project. See [Running Tera Term Macro Script](#), page 26 for running the macro script provided in the sample project.

## 4 Appendix 2: User Cryptoprocessor Simulation

Microsemi Libero SoC provides a PLI simulation library for the User Cryptoprocessor to show the functional behavior of the User Cryptoprocessor. The PLI library for User Cryptoprocessor is available at <Libero\_Installation\_Directory>/Designer/lib/modelsimpro/pli. The PLI library must be passed to the ModelSim using VSIM command for User Cryptoprocessor simulation. The VSIM command can be set in Libero Project settings under Simulation options.

- VSIM command for Windows:  
`-pli <$Libero_Installation_Directory>/Designer/lib/modelsimpro/pli/pf_crypto_win_me_pli.dll`
- VSIM command for Linux:  
`-pli <$Libero_Installation_Directory>/Designer/lib/modelsimpro/pli/pf_crypto_lin_me_pli.so`  
 Edit <Libero\_Installation\_Directory> to match the location of Libero SoC on the host PC.

In the following figure, the Libero installation folder is C:/Microsemi/Libero\_SoC.

Figure 53 • Libero Project settings—VSIM Command for User Cryptoprocessor Simulation



The simulation steps include:

- Generating the top-level component, which includes the Mi-V processor system with PF\_CRYPTO core in it.
- Build a Mi-V application with required User Cryptoprocessor functions. User Cryptoprocessor functions are accessible through Athena TeraFire CAL driver.
- Import the Mi-V application hex file into the designated TCM for execution.
- Create a testbench for the complete processor system.
- Simulate the complete processor system to execute the imported application image. You can observe that the Mi-V processor sends the commands and data to the User Cryptoprocessor, and the User Cryptoprocessor responds with the result, as shown in the following figure.

Figure 54 • User Cryptoprocessor Simulation



## 5 Appendix 3: Running the TCL Script

---

TCL scripts are provided in the design files folder under directory `TCL_Scripts`. If required, the design flow can be reproduced from Design Implementation till generation of job file.

To run the TCL, follow the steps below:

1. Launch the Libero software
2. Select **Project > Execute Script....**
3. Click Browse and select `script.tcl` from the downloaded `TCL_Scripts` directory.
4. Click **Run**.

After successful execution of TCL script, Libero project is created within `TCL_Scripts` directory.

For more information about TCL scripts, refer to [mpf\\_ac464\\_df/TCL\\_Scripts/readme.txt](#).

Refer to [Libero® SoC TCL Command Reference Guide](#) for more details on TCL commands. Contact Technical Support for any queries encountered when running the TCL script.