RM0367 Rev 7 441/1043
RM0367 AES hardware accelerator (AES)
466
1. Prepare the last four-word data block (if the data to process does not fill it completely),
by padding the remainder of the block with zeros.
2. Configure the DMA controller so as to transfer the data to process from the memory to
the AES peripheral input and the processed data from the AES peripheral output to the
memory, as described in Section 19.4.13: AES DMA interface. Configure the DMA
controller so as to generate an interrupt on transfer completion.
3. Enable the AES peripheral by setting the EN bit of the AES_CR register
4. Enable DMA requests by setting the DMAINEN and DMAOUTEN bits of the AES_CR
register.
5. Upon DMA interrupt indicating the transfer completion, get the AES-processed data
from the memory.
Note: The CCF flag has no use with this method, because the reading of the AES_DOUTR
register is managed by DMA automatically, without any software action, at the end of the
computation phase.
19.4.5 AES decryption key preparation
For an ECB or CBC decryption, a key for the first round of decryption must be derived from
the key of the last round of encryption. This is why a complete key schedule of encryption is
required before performing the decryption. This key preparation is not required for AES
decryption in modes other than ECB or CBC.
Recommended method is to select the Mode 2 by setting to 01 the MODE[1:0] bitfield of the
AES_CR (key process only), then proceed with the decryption by setting MODE[1:0] to 10
(Mode 3, decryption only). Mode 2 usage is described below:
1. Disable the AES peripheral by clearing the EN bit of the AES_CR register.
2. Select Mode 2 by setting to 01 the MODE[1:0] bitfield of the AES_CR. The
CHMOD[1:0] bitfield is not significant in this case because this key derivation mode is
independent of the chaining algorithm selected.
3. Write the AES_KEYRx registers (128bits) with encryption key, as shown in Figure 89.
Writes to the AES_IVRx registers have no effect.
4. Enable the AES peripheral, by setting the EN bit of the AES_CR register.
5. Wait until the CCF flag is set in the AES_SR register.
6. Derived key is available in AES core, ready to use for decryption. Application can also
read the AES_KEYRx register to obtain the derived key if needed, as shown in
Figure 89 (the processed key is loaded automatically into the AES_KEYRx registers).
Note: The AES is disabled by hardware when the derivation key is available.
To restart a derivation key computation, repeat steps 3, 4, 5 and 6 .
To Next Page
Loading...
Need help?
General
