SLUUDG7 December   2025 MSPM33C321A

 

  1.   1
  2.   Abstract
  3.   Trademarks
  4. 1Overview of Security Functionality
    1. 1.1 Terminology
  5. 2Secure Execution Environment
    1. 2.1 TrustZone
      1. 2.1.1 Implementation Defined Attribution Unit
      2. 2.1.2 Security Attribution Unit
      3. 2.1.3 TrustZone software development
    2. 2.2 Memory Protection Unit
      1. 2.2.1 TrustZone and MPU
    3. 2.3 Global Security Controller
      1. 2.3.1 GSC Memory configuration
        1. 2.3.1.1 Security Exceptions through the GSC & SAU
        2. 2.3.1.2 Priviledge exceptions with GSC & MPU
  6. 3Security Modules
    1. 3.1 AES
      1. 3.1.1 AES Overview
      2. 3.1.2 AES Usage
        1. 3.1.2.1 Configuration
        2. 3.1.2.2 Setup
        3. 3.1.2.3 Operation
    2. 3.2 Keystore
      1. 3.2.1 Overview
      2. 3.2.2 Keystore Usage
        1. 3.2.2.1 Configuration
        2. 3.2.2.2 Setup
        3. 3.2.2.3 Operation
    3. 3.3 SHA2
      1. 3.3.1 SHA Introduction
        1. 3.3.1.1 SHA features
      2. 3.3.2 SHA Performance
      3. 3.3.3 SHA Usage
        1. 3.3.3.1 Configuration
        2. 3.3.3.2 Setup
        3. 3.3.3.3 Operation
    4. 3.4 PKA
      1. 3.4.1 PKA Introduction
        1. 3.4.1.1 PKA features
      2. 3.4.2 PKA Usage
        1. 3.4.2.1 Configuration
        2. 3.4.2.2 Setup
        3. 3.4.2.3 Operation
    5. 3.5 PQC
      1. 3.5.1 ML-DSA
        1. 3.5.1.1 ML-DSA Introduction
        2. 3.5.1.2 ML-DSA Usage
          1. 3.5.1.2.1 Configuration
          2. 3.5.1.2.2 Setup
          3. 3.5.1.2.3 Operation
  7. 4Revision History

3.3.3.2 Setup

Standard setup for the SHA module is performed in four parts:

  1. Setup of SHA state monitoring

    1. The CPU can be notified of SHA state changes via two methods (Triggered Interrupts and Register Polling). If SHA Interrupts are used to monitor state changes, these interrupts need to be configured and enabled prior to using the SHA module.

  2. Setup SHA data length
    1. The SHA data length needs to be configured before using the SHA module
    2. The data length must be specified in bytes with the SHA mode includes
    3. The SHA module can then be notified that the mode and data length are available
  3. Setup up of MAC key (Only for HMAC mode)
    1. If using the SHA HMAC mode, the module must be given a MAC key to use for encryption before using the SHA module
    2. The MAC key must be written to the SHA module in words, including the total key size
    3. The SHA module must then be notified that the key is available
    4. The SHA module must be notified that it can begin processing the key
    5. Finally, the CPU must wait until the SHA module is done processing
  4. Setup of Direct Memory Access (DMA)

    1. The SHA module operates on blocks of data and must be manually fed data for the module to digest. To perform this, the data could be fed via the CPU or via a DMA transfer. If using a DMA transfer, the DMA channel must be setup prior to using the SHA module.

    2. The DMA source address must point to the start of the message to be hashed
    3. The DMA destination address must point to the SHAW_DATA_FIXED register
    4. The DMA message length must be set to the message length in words
    5. The DMA source and destination width must be the size of a word
    6. The DMA source must be configured in single increment mode and the destination must not change
    7. The DMA trigger must be set to the SHAW_TRIGGER
    8. Finally, the DMA channel can be enabled