Static RAM (SRAM) Memory

The device also includes an SRAM array that is used to store the input command or output result, nonces, intermediate computation values, ephemeral keys, the SHA context, etc. The contents of the SRAM can never be read directly; only used internally by the secure element. The entire contents of this memory are invalidated whenever the device goes into Sleep mode or the power is removed.

The SRAM Array consists of the following buffers:

TempKey

TempKey is the primary storage register in the SRAM array that can be used to store various intermediate values generated by various commands. TempKey is 64 bytes long and is divided into an upper and lower half. The contents of this register can never be read from the device (although the device itself can read and use the contents internally).

Message Digest Buffer

The Message Digest Buffer is a 64-byte register that is used to convey the input message digest to the Verify and Sign commands when the TempKey register is needed to retain different information. The SHA command can write a digest directly to this register to simplify external host programming.

Alternate Key Buffer

The Alternate Key Buffer is a 32-byte register that can be used by the KDF command to store keys when the TempKey register is needed to retain different information. It can be written to a fixed input value by the Nonce command or to a secret value by the KDF command.

SHA Context Buffer

The SHA context buffer allows for the generation of a digest to be interrupted to do other functions or to generate other digests. The SHA command uses a standard three-phase flow: Initialize, Update and Finalize. In many situations, the Update phase is run many times. Internal SRAM memory is used to store the intermediate state, aka SHA context, between these phases.