6.5.5 The Encrypted File
The Flash and EEPROM files are encrypted and stored in one target file. Before encryption, however, data is organized into records. There are seven types of records, as illustrated in the following figure.
The record type is given as the first byte in the record. The application data is broken down to record types 1, 2, 3, and 4 (that is, erase, prepare, load, and write buffer page to Flash). The data for the EEPROM section is formatted into record type 5. Lock bits are sent in record type 6. Record types 0 and 7 are for ending a frame and transmission, respectively.
All other records, that is, those with a record identifier above 7, are of type nonsense. When this option is enabled (see create tool), a random number of nonsense records will be placed at random locations in the file.
The output file is created as illustrated in the following figure.
The steps are described below (the numbers refer to the figure above):
- Data is formatted into records, which are then lined up following the frame signature (SIG). A zero (Z) is added to mark the end of the frame and the frame is padded with random data (F) to create a frame size that is a multiple of 16 bytes.
- The initial vector is attached to the frame. In the first frame, the vector is equal to the one given in the configuration file. In subsequent frames, the initial vector is equal to the last cipher block of the previous frame.
- The initial vector and cipher blocks are chained and encrypted. The initial vector is then removed from the frame.
- A CRC-16 checksum (C) is calculated and added to the frame.
- The length (L) of the frame, excluding the length information, is calculated and saved at the start of the frame.
The frame is written to the output file and the procedure is repeated until all data has been processed.