3.8.3 Errors
Upon detecting an error during an operation, the PUF module cancels the command, presents
an error result code (see drv_puf_result_t enumeration in the PUF driver)
and goes back to the state it was in before the command was issued. After an error, new
commands can be executed by the PUF module.
If an error occurs, the software determines what next steps apply:
- The occurred error is acceptable: The error condition can be repaired and a retry can be done. For security reasons, the number of acceptable (sequential) errors must be limited. If more than this number of errors occur, it can be considered an attack and the last error cannot be accepted.
- The occurred error is not acceptable: Depending on the type and
severity of the error, multiple actions can be initiated by software, for example:
- Send a Stop command to PUF. This removes sensitive data from PUF and software can then perform other actions (e.g., ensure that the correct activation code is available), after which a new Start or Reconstruct command can be run.
- Zeroize PUF, send Zeroize commands to other peripherals that have such command, and zeroize parts of system memory and registers that contain sensitive data.
- Switch off the product/device, or the parts of the device that contain sensitive data.
- Reset the product/device and check if the error remains.
The following table shows the possible error result codes for each operation type.
| Result Code | Description | Possible Action |
|---|---|---|
| Enroll | ||
DRV_PUF_RES_QUALITY_ERR | PUF-dedicated SRAM quality verification fails | Try to repower the PUF or the product |
| Start | ||
DRV_PUF_RES_WRONG_AC_ERR | The provided Activation Code (AC) is not for the current product/version | Provide an AC that was created with this product/device |
DRV_PUF_RES_AC_CORRUPTED_ERR | The provided AC is corrupted |
|
DRV_PUF_RES_AC_AUTH_FAILED_ERR | Authentication of the provided AC failed |
|
DRV_PUF_RES_AC_CORRUPTED_PH2_ERR | The AC in the second phase is corrupted |
|
DRV_PUF_RES_AC_AUTH_FAILED_PH2_ERR_ERR | Authentication of the provided AC failed in the second phase | Check that the AC buffer (if used) is not overwritten by another process |
| Reconstruct | ||
DRV_PUF_RES_WRONG_AC_ERR | The provided AC is not for the current product/version | Provide an AC that was created with this product/device |
DRV_PUF_RES_AC_CORRUPTED_ERR | The provided AC is corrupted |
|
DRV_PUF_RES_AC_AUTH_FAILED_ERR | Authentication of the provided AC failed |
|
| Get Key | ||
DRV_PUF_RES_CONTEXT_ERR | An incorrect or unsupported context is provided | Provide a valid context |
DRV_PUF_RES_DESTINATION_ERR | A key destination that was set is not allowed by the key scope | Provide a valid destination or scope |
| Wrap Generated Random, Wrap | ||
DRV_PUF_RES_CONTEXT_ERR | An incorrect or unsupported context is provided | Provide a valid context |
| Unwrap | ||
DRV_PUF_RES_WRONG_AC_ERR | The provided Key Code (KC) is invalid | Provide a KC with a valid context |
DRV_PUF_RES_CONTEXT_ERR | The context in the KC header is incorrect | Provide a KC with a valid context |
DRV_PUF_RES_DESTINATION_ERR | A key destination that was set is not allowed by the key scope in the KC header and the current PUF state | Provide a valid destination |
DRV_PUF_RES_AC_CORRUPTED_ERR | The provided KC is corrupted |
|
DRV_PUF_RES_AC_AUTH_FAILED_ERR | Authentication of the provided KC failed |
|
| Generate Random | ||
DRV_PUF_RES_CONTEXT_ERR | An incorrect or unsupported context is provided | Provide a valid context |