25. AES hardware accelerator (AES)

In this section, any references to SAES only apply to STM32WBA52/54/55xx products. The STM32WBA50xx products do not have the SAES peripheral.

25.1 Introduction

The AES hardware accelerator (AES) encrypts or decrypts data in compliance with the advanced encryption standard (AES) defined by NIST.

AES supports ECB, CBC, CTR, GCM, GMAC, and CCM chaining modes for key sizes of 128 or 256 bits.

AES has the possibility to load by hardware the key stored in SAES peripheral, under SAES control.

The peripheral supports DMA single transfers for incoming and outgoing data (two DMA channels are required).

25.2 AES main features

• Compliant with NIST FIPS publication 197 “ Advanced encryption standard (AES) ” (November 2001)
• Encryption and decryption with multiple chaining modes:
- – Electronic codebook (ECB) mode
- – Cipher block chaining (CBC) mode
- – Counter (CTR) mode
- – Galois counter mode (GCM)
- – Galois message authentication code (GMAC) mode
- – Counter with CBC-MAC (CCM) mode
• 128-bit data block processing, supporting cipher key lengths of 128-bit and 256-bit
- – 51 or 75 clock cycle latency in ECB mode for processing one 128-bit block with, respectively, 128-bit or 256-bit key
• Using dedicated key bus, optional key sharing with side-channel resistant SAES peripheral (shared-key mode), controlled by SAES
• Integrated key scheduler to compute the last round key for ECB/CBC decryption
• 256-bit of write-only registers for storing cryptographic keys (eight 32-bit registers)
• 128-bit of registers for storing initialization vectors (four 32-bit registers)
• 32-bit buffer for data input and output
• Automatic data flow control supporting two direct memory access (DMA) channels, one for incoming data, one for processed data. Only single transfers are supported.
• Data-swapping logic to support 1-, 8-, 16-, or 32-bit data

• AMBA AHB slave peripheral, accessible through 32-bit word single accesses only. Other access types generate an AHB error, and other than 32-bit writes may corrupt the register content.
• Possibility for software (in CPU mode only, not in DMA mode) to suspend a message if AES needs to process another message with a higher priority, then resume the original message

25.3 AES implementation

The devices have one AES peripheral, implemented as per the following table. It can use the key generated by the SAES peripheral. For comparison, the SAES peripheral is also included in the table.

Table 181. AES versus SAES features

Modes or features ⁽¹⁾	AES	SAES
ECB, CBC chaining	X	X
CTR, CCM, GCM chaining	X	X
AES 128-bit ECB encryption in cycles	51	480
DHUK and BHK key selection	-	X
Resistance to side-channel attacks	-	X
Shared key between SAES and AES	X
Key sizes in bits	128, 256	128, 256

1. X = supported.

25.4 AES functional description

25.4.1 AES block diagram

Figure 113 shows the block diagram of AES.

Figure 113. AES block diagram

Figure 113. AES block diagram. The diagram shows the internal architecture of the AES hardware accelerator. It includes an AHB interface connected to a 32-bit AHB bus and aes_hclk. The interface connects to a set of registers: AES_KEYRx, AES_IVRx, AES_SR, AES_CR, AES_DINR, AES_DOUTR, and AES_SUSPRx. These registers are part of a 'Banked registers' block. The registers connect to an 'AES Core (AEA)' which includes a 'swap' block. The registers also connect to 'Control Logic'. The 'Control Logic' is connected to a 'DMA interface' (with aes_in_dma and aes_out_dma signals) and an 'IRQ interface' (with aes_it signal). The 'Control Logic' also outputs aes_itamp_out. An external 'SAES' block provides a 'Shared key' to the AES_KEYRx register. The diagram is labeled MSv47991V1.

25.4.2 AES internal signals

Table 182 describes the user relevant internal signals interfacing the AES peripheral.

Table 182. AES internal input/output signals

Signal name	Signal type	Description
aes_hclk	Input	AHB bus clock
aes_it	Output	AES interrupt request
aes_in_dma	Input/Output	AES incoming data DMA single request/acknowledge
aes_out_dma	Input/Output	AES processed data DMA single request/acknowledge
aes_itamp_out	Output	Tamper event signal to TAMP (XOR-ed), triggered when an unexpected hardware fault occurs. When this signal is triggered, AES automatically clears key registers. A reset is required for AES to be usable again.

25.4.3 AES reset and clocks

The AES peripheral is clocked by the AHB bus clock. It has a dedicated reset bit controlled through the RCC.

25.4.4 AES symmetric cipher implementation

The AES hardware accelerator (AES) is a 32-bit AHB peripheral that encrypts or decrypts 16-byte blocks of data using the advanced encryption standard (AES). It also implements a set of approved AES symmetric key security functions summarized in Table 183. Those functions can be certified NIST PUB 140-3.

Table 183. AES approved symmetric key functions

Operations	Algorithm	Specification	Key bit lengths	Chaining modes
Encryption, decryption	AES	FIPS PUB 197 NIST SP800-38A	128, 256	ECB, CBC, CTR
Authenticated encryption or decryption		NIST SP800-38C NIST SP800-38D		GCM, CCM
Cipher-based message authentication code		NIST SP800-38D		GMAC

AES can be used directly by the CPU, or indirectly, using two DMA channels (one for the plaintext, one for the ciphertext). It is possible to suspend then resume any AES processing, following the sequence described in Section 25.4.8 .

25.4.5 AES encryption or decryption typical usage

The following figure shows a typical operation for encryption or decryption.

Figure 114. Encryption/ decryption typical usage

Flowchart of AES encryption/decryption typical usage. The process starts with 'Start' -> 'Initialization'. A decision diamond 'ECB or CBC decryption?' follows. If 'Yes', it goes to 'Round key preparation' then to 'Data append'. If 'No', it goes directly to 'Data append'. From 'Data append', a decision diamond 'Last block?' follows. If 'No', it loops back to 'Data append'. If 'Yes', it goes to 'All bytes valid?'. If 'Yes', it goes to 'Finalize' -> 'End'. If 'No', it goes to 'Data padding' or 'Data stealing'. Both lead to a decision diamond 'ECB or CBC chaining?'. If 'Yes', it goes to 'Data stealing'. If 'No', it goes to 'Data padding'. Both 'Data padding' and 'Data stealing' lead to 'Finalize' -> 'End'. MSV66120V1 is noted in the bottom right.

Initialization

The AES peripheral is initialized according to the chaining mode. Refer to Section 25.4.9: AES basic chaining modes (ECB, CBC) and Section 25.4.10: AES counter (CTR) mode for details.

Data append

This section describes different ways of appending data for processing. For ECB or CBC chaining modes, refer to Section 25.4.7: AES ciphertext stealing and data padding if the size of data to process is not a multiple of 16 bytes. The last block management in these cases is more complex than what is described in this section.

Appending data using the CPU in polling mode

This method uses flag polling to control the data append through the following sequence:

1. Enable the AES peripheral when KEYVALID is set, by setting the EN bit of the AES_CR register (if not already done).
2. Repeat the following sub-sequence until the payload is entirely processed:
1. a) Write four input data words into the AES_DINR register.
2. b) Wait until the status flag CCF is set in the AES_ISR register, then read the four data words from the AES_DOUTR register.
3. c) Clear the CCF flag, by setting the CCF bit of the AES_ICR register.
4. d) If the next processing block is the last block, pad (when applicable) the data with zeros to obtain a complete block, and specify the number of non-valid bytes (using NPBLB[3:0]) in case of GCM payload encryption or CCM payload decryption (otherwise the tag computation is wrong).
3. As the data block just processed is the last block of the message, optionally discard the data that is not part of the message/payload, then disable the AES peripheral by clearing EN.

Note: Up to three wait cycles are automatically inserted between two consecutive writes to the AES_DINR register, to allow sending the key to the AES processor.
NPBLB[3:0] bitfield is not used in header phase of GCM, GMAC and CCM chaining modes.

Appending data using the CPU in interrupt mode

The method uses interrupt from the AES peripheral to control the data append, through the following sequence:

1. Enable interrupts from AES, by setting the CCFIE bit of the AES_IER register.
2. Enable the AES peripheral when KEYVALID is set, by setting EN (if not already done).
3. Write first four input data words into the AES_DINR register.
4. Handle the data in the AES interrupt service routine. Upon each interrupt:
1. a) Read four output data words from the AES_DOUTR register.
2. b) Clear the CCF flag and thus the pending interrupt, by setting the CCF bit of the AES_ICR register.
3. c) If the next processing block is the last block of the message, pad (when applicable) the data with zeros to obtain a complete block, and specify the number of non-valid bytes (through NPBLB[3:0]) in case of GCM payload encryption or CCM payload decryption (otherwise the tag computation is wrong). Then proceed with point 4e).
4. d) If the data block just processed is the last block of the message, optionally discard the data that are not part of the message/payload, then disable the AES peripheral by clearing EN and quit the interrupt service routine.
5. e) Write next four input data words into the AES_DINR register and quit the interrupt service routine.

Note: AES is tolerant of delays between consecutive read or write operations, which allows, for example, an interrupt from another peripheral to be served between two AES computations.
The NPBLB[3:0] bitfield is not used in the header phase of GCM, GMAC, and CCM chaining modes.

Appending data using DMA

With this method, all the transfers and processing are managed by DMA and AES. Proceed as follows:

1. If the last block of the message to process is shorter than 16 bytes, prepare the last four-word data block by padding the remainder of the block with zeros.
2. Configure the DMA controller so as to transfer the data to process from the memory to the AES peripheral input and the processed data from the AES peripheral output to the memory, as described in Section 25.6: AES DMA requests . Configure the DMA controller so as to generate an interrupt on transfer completion. For GCM payload encryption or CCM payload decryption, the DMA transfer must not include the last four-word block if padded with zeros. The sequence described in Appending data using the CPU in polling mode must be used instead for this last block, because the NPBLB[3:0] bitfield must be set up before processing the block, for AES to compute a correct tag.
3. Enable the AES peripheral when KEYVALID is set, by setting EN (if not already done).
4. Enable DMA requests, by setting DMAINEN and DMAOUTEN.
5. Upon DMA interrupt indicating the transfer completion, get the AES-processed data from the memory.

When appending data using DMA, the suspend/resume operation as described in Section 25.4.8 is not supported.

Note: The CCF flag has no use with this method because the reading of the AES_DOUTR register is managed by DMA automatically, without any software action, at the end of the computation phase.

The NPBLB[3:0] bitfield is not used in the header phase of GCM, GMAC, and CCM chaining modes.

25.4.6 AES authenticated encryption, decryption, and cipher-based message authentication

The following figure shows a typical operation for authenticated encryption or decryption, and for cipher-based message authentication.

Figure 115. Typical operation with authentication

Flowchart illustrating the typical operation with authentication, showing header and payload phases.

graph TD
    Start([Start]) --> Init[Initialization]
    Init --> HeaderInit[Header phase init]
    HeaderInit --> HeaderAppend[Header data append]
    HeaderAppend --> LastBlockHeader{Last block?}
    LastBlockHeader -- No --> HeaderAppend
    LastBlockHeader -- Yes --> AllBytesValidHeader{All bytes valid?}
    AllBytesValidHeader -- No --> DataPaddingHeader[Data padding]
    AllBytesValidHeader -- Yes --> CipherBasedAuth{cipher-based* authentication?}
    DataPaddingHeader --> CipherBasedAuth
    CipherBasedAuth -- Yes --> Finalization[Finalization]
    CipherBasedAuth -- No --> PayloadInit[Payload phase init]
    PayloadInit --> PayloadAppend[Payload data append]
    PayloadAppend --> LastBlockPayload{Last block?}
    LastBlockPayload -- No --> PayloadAppend
    LastBlockPayload -- Yes --> AllBytesValidPayload{All bytes valid?}
    AllBytesValidPayload -- No --> DataPaddingPayload[Data padding]
    AllBytesValidPayload -- Yes --> Finalization
    DataPaddingPayload --> Finalization
    Finalization --> End([End])

The flowchart shows two main paths: a header phase and a payload phase. Both phases start with an initialization step, followed by an append step. A loop exists for appending multiple blocks until the last block is reached. Once the last block is reached, a validity check is performed. If not valid, data padding is applied. Both valid and padded data then lead to a decision point for 'cipher-based* authentication?'. If 'Yes', the process moves to 'Finalization'. If 'No', it moves to the 'Payload phase init'. The payload phase follows a similar structure to the header phase. All paths eventually lead to 'Finalization' and then 'End'. A note indicates that the 'cipher-based' authentication step is '* such as GMAC'. The diagram is labeled MSV66121V1.

Flowchart illustrating the typical operation with authentication, showing header and payload phases.

Section 25.4.11: AES Galois/counter mode (GCM) and Section 25.4.13: AES counter with CBC-MAC (CCM) describe detailed sequences supported by AES.

Cipher-based message authentication flow omits the payload phase, as shown in the figure. Detailed sequence supported by AES is described in Section 25.4.12: AES Galois message authentication code (GMAC) .

25.4.7 AES ciphertext stealing and data padding

When using AES in ECB or CBC modes to manage messages the size of which is not a multiple of the block size (16 bytes), the application must use ciphertext stealing techniques such as those described in NIST Special Publication 800-38A, Recommendation for Block Cipher Modes of Operation: Three Variants of Ciphertext Stealing for CBC Mode . Since AES does not implement such techniques, the application must complete the last block of input data using data from the second last block .

Note: Ciphertext stealing techniques are not documented in this reference manual.

Similarly, in modes other than ECB or CBC, an incomplete input data block (that is, a block with input data shorter than 16 bytes) must be padded with zeros prior to encryption. That is, extra bits must be appended to the trailing end of the data string. After decryption, the extra bits must be discarded. Since AES does not implement automatic data padding operation to the last block , the application must follow the recommendation given in this document to manage messages the size of which is not a multiple of 16 bytes.

25.4.8 AES suspend and resume operations

A message can be suspended to process another message with a higher priority. When the higher-priority message is sent, the suspended message can resume. This applies to both encryption and decryption mode.

Suspend and resume operations do not break the chaining operation. The message processing can resume as soon as AES is enabled again, to receive a next data block.

The suspend and resume operations are only supported when AES is used in CPU mode, not in DMA mode.

Figure 116 gives an example of suspend and resume operations: Message 1 is suspended in order to send a shorter and higher-priority Message 2.

Figure 116. Example of suspend mode management

The diagram illustrates the flow of data blocks for two messages. Message 1 is shown as a vertical sequence of blocks: 128-bit block 1, 128-bit block 2, 128-bit block 3, 128-bit block 4, 128-bit block 5, 128-bit block 6, and an ellipsis. Message 2 is shown as a vertical sequence of blocks: 128-bit block 1 and 128-bit block 2. A callout bubble on the left indicates 'New higher-priority message 2 to be processed'. An arrow points from the end of Message 1's initial sequence (after block 3) to a box labeled 'AES suspend sequence'. From this box, an arrow points to the start of Message 2's sequence. After Message 2's sequence, an arrow points to a box labeled 'AES resume sequence'. From this box, an arrow points back to the continuation of Message 1's sequence (starting at block 4). The diagram is labeled 'MSV42148V1' in the bottom right corner.

Diagram illustrating AES suspend and resume operations. Message 1 consists of 128-bit blocks 1 through 6. Message 2 consists of 128-bit blocks 1 and 2. The diagram shows Message 1 being processed, then suspended by an 'AES suspend sequence' when a higher-priority Message 2 is introduced. After Message 2 is processed, an 'AES resume sequence' resumes Message 1.

A detailed description of suspend and resume operations is in the sections dedicated to each chaining mode.

25.4.9 AES basic chaining modes (ECB, CBC)

ECB is the simplest mode of operation. There are no chaining operations, and no special initialization stage. The message is divided into blocks and each block is encrypted or decrypted separately. When decrypting in ECB, a special key scheduling is required before processing the first block.

Figure 117 and Figure 118 describe the electronic codebook (ECB) chaining implementation in encryption and in decryption, respectively. To select ECB chaining mode, write CHMOD[2:0] with 0x0.

Figure 117. ECB encryption

Diagram of ECB encryption showing two blocks, Block 1 and Block 2. Each block consists of a Swap management block, an Encrypt block, and another Swap management block. Inputs are DIN (plaintext P1, P2), KEY, and DATATYPE[1:0]. Outputs are DOUT (ciphertext C1, C2). A legend indicates input and output blocks.

Figure 117. ECB encryption

The diagram illustrates the ECB encryption process for two blocks, Block 1 and Block 2. Each block follows a similar structure:

Block 1: DIN (plaintext P1) is input to a Swap management block. DATATYPE[1:0] is also input to this block. The output of the Swap management block is I1, which is input to the Encrypt block. The KEY is input to the Encrypt block. The output of the Encrypt block is O1, which is input to another Swap management block. DATATYPE[1:0] is input to this block. The final output is DOUT (ciphertext C1).
Block 2: Similar to Block 1, but with DIN (plaintext P2), I2, O2, and DOUT (ciphertext C2).

Legend

input (light gray box)
output (dark gray box)

Diagram of ECB encryption showing two blocks, Block 1 and Block 2. Each block consists of a Swap management block, an Encrypt block, and another Swap management block. Inputs are DIN (plaintext P1, P2), KEY, and DATATYPE[1:0]. Outputs are DOUT (ciphertext C1, C2). A legend indicates input and output blocks.

Figure 118. ECB decryption

Diagram of ECB decryption showing two blocks, Block 1 and Block 2. Each block consists of a Swap management block, a Decrypt block, and another Swap management block. Inputs are DIN (ciphertext C1, C2), KEY, and DATATYPE[1:0]. Outputs are DOUT (plaintext P1, P2). A legend indicates input and output blocks.

Figure 118. ECB decryption

The diagram illustrates the ECB decryption process for two blocks, Block 1 and Block 2. Each block follows a similar structure:

Block 1: DIN (ciphertext C1) is input to a Swap management block. DATATYPE[1:0] is also input to this block. The output of the Swap management block is I1, which is input to the Decrypt block. The KEY is input to the Decrypt block. The output of the Decrypt block is O1, which is input to another Swap management block. DATATYPE[1:0] is input to this block. The final output is DOUT (plaintext P1).
Block 2: Similar to Block 1, but with DIN (ciphertext C2), I2, O2, and DOUT (plaintext P2).

Legend

input (light gray box)
output (dark gray box)

Diagram of ECB decryption showing two blocks, Block 1 and Block 2. Each block consists of a Swap management block, a Decrypt block, and another Swap management block. Inputs are DIN (ciphertext C1, C2), KEY, and DATATYPE[1:0]. Outputs are DOUT (plaintext P1, P2). A legend indicates input and output blocks.

In CBC encryption mode the output of each block chains with the input of the following block. To make each message unique, an initialization vector is used during the first block processing. When decrypting in CBC, a special key scheduling is required before processing the first block.

Figure 119 and Figure 120 describe the cipher block chaining (CBC) implementation in encryption and in decryption, respectively. To select this chaining mode, write CHMOD[2:0] with 0x1.

Figure 119. CBC encryption

Diagram of CBC encryption showing two blocks, Block 1 and Block 2. Each block consists of a Swap management block, a Block cipher encryption block, and another Swap management block. Inputs are DIN (plaintext P1, P2), KEY, and DATATYPE[1:0]. Outputs are DOUT (ciphertext C1, C2). A legend indicates input, output, and XOR blocks.

Figure 119. CBC encryption

The diagram illustrates the CBC encryption process for two blocks, Block 1 and Block 2. Each block follows a similar structure:

Block 1: DIN (plaintext P1) is input to a Swap management block. DATATYPE[1:0] is also input to this block. The output of the Swap management block is P1', which is XORed with the IVI (Initialization Vector) to produce I1. The KEY is input to the Block cipher encryption block. The output of the Block cipher encryption block is O1, which is input to another Swap management block. DATATYPE[1:0] is input to this block. The final output is DOUT (ciphertext C1).
Block 2: Similar to Block 1, but with DIN (plaintext P2), P2', I2, O2, and DOUT (ciphertext C2). The XOR block uses the output of Block 1 (O1) as the IVI.

Legend

input (light gray box)
output (dark gray box)
XOR (circle with a cross)

Diagram of CBC encryption showing two blocks, Block 1 and Block 2. Each block consists of a Swap management block, a Block cipher encryption block, and another Swap management block. Inputs are DIN (plaintext P1, P2), KEY, and DATATYPE[1:0]. Outputs are DOUT (ciphertext C1, C2). A legend indicates input, output, and XOR blocks.

Figure 120. CBC decryption

Diagram of CBC decryption process showing Block 1 and Block 2. Block 1 takes DIN (ciphertext C1) through Swap management to get I1, which is decrypted using KEY to produce O1. O1 is XORed with IVI to produce P1', which is then Swap managed to produce DOUT (plaintext P1). Block 2 takes DIN (ciphertext C2) through Swap management to get I2, which is decrypted using KEY to produce O2. O2 is XORed with O1 (the previous ciphertext block) to produce P2', which is then Swap managed to produce DOUT (plaintext P2). A legend indicates that white boxes are input, grey boxes are output, and a circle with an X is XOR.

For more details, refer to NIST Special Publication 800-38A, Recommendation for Block Cipher Modes of Operation .

ECB and CBC encryption process

This process is described in Section 25.4.5 , with the following sequence of events:

1. Disable the AES peripheral, by clearing EN.
2. Initialize the AES_CR register as follows:
- – Select ECB or CBC chaining mode (write CHMOD[2:0] with 0x0 or 0x1) in encryption mode (write MODE[1:0] with 0x0).
- – Configure the data type, through DATATYPE[1:0].
- – Configure the key size, through KEYSIZE.
- – Select the key mode, using KMOD[1:0]. If the key comes from the SAES peripheral, write KMOD[1:0] with 0x2, otherwise keep it at 0x0.
3. Write the initialization vector into the AES_IVRx registers if CBC mode is selected in the previous step.
4. Write the key into the AES_KEYRx registers if KMOD[1:0] is at 0x0. If KMOD[1:0] is at 0x2, the key is transferred from the SAES peripheral (see Section 25.4.14 ).
5. Wait until KEYVALID is set (the key loading completed).
6. Enable the AES peripheral, by setting EN.
7. Append cleartext data:
1. a) If it is the second-last or the last block and the plaintext size of the message is not a multiple of 16 bytes, follow the guidance in Section 25.4.7 .
2. b) Append the cleartext block into AES as described in Section 25.4.5 , then read the AES_DOUTR register four times to save the ciphertext block.
3. c) Repeat the step b) until the third-last plaintext block is encrypted. For the last two blocks, follow the steps a) and b) .
8. Finalize the sequence: disable the AES peripheral, by clearing EN.

ECB/CBC decryption process

This process is described in Section 25.4.5 , with the following sequence of events:

1. Disable the AES peripheral, by clearing EN.
2. Initialize the AES_CR register as follows:
- – Select the key derivation mode (write MODE[1:0] with 0x1). The CHMOD[2:0] bitfield is not significant during this operation.
- – Configure the data type, through DATATYPE[1:0].
- – Configure the key size, through KEYSIZE.
- – Select the key mode, using KMOD[1:0]. If the key comes from the SAES peripheral, write KMOD[1:0] with 0x2, otherwise keep it at 0x0.
3. Write the key into the AES_KEYRx registers if KMOD[1:0] is at 0x0. If KMOD[1:0] is at 0x2, the key is transferred from the SAES peripheral (see Section 25.4.14 ).
4. Wait until KEYVALID is set (the key loading completed).
5. Enable the AES peripheral, by setting EN. The peripheral immediately starts an AES round for key preparation.
6. Wait until the CCF flag in the AES_ISR register is set.
7. Clear the CCF flag, by setting the CCF bit of the AES_ICR register. The decryption key is available in the AES core and AES is disabled automatically.
8. Select ECB or CBC chaining mode (write CHMOD[2:0] with 0x0 or 0x1) in decryption mode (write MODE[1:0] with 0x2). Do not change other parameters.
9. Write the initialization vector into the AES_IVRx registers if CBC mode is selected in the previous step.
10. Enable the AES peripheral, by setting EN.
11. Append encrypted data:
1. a) If it is the second-last or the last block and the ciphertext size of the message is not a multiple of 16 bytes, follow the guidance in Section 25.4.7 .
2. b) Append the ciphertext block into AES as described in Section 25.4.5 , then read the AES_DOUTR register four times to save the cleartext block (MSB first).
3. c) Repeat the step b ) until the third-last ciphertext block is decrypted. For the last two blocks, follow the steps a ) and b ).
12. Finalize the sequence: disable the AES peripheral, by clearing EN.

Suspend/resume operations in ECB/CBC modes

The suspend and resume operations are only supported when AES is used in CPU mode, not in DMA mode.

To suspend the processing of a message , proceed as follows:

1. Wait until the CCF flag in the AES_ISR register is set (computation completed).
2. Read four times the AES_DOUTR register to save the last processed block.
3. Clear the CCF flag, by setting the CCF bit of the AES_ICR register.
4. Save initialization vector registers (only required in CBC mode as the AES_IVRx registers are altered during the data processing).

5. Disable the AES peripheral, by clearing EN.
6. Save the AES_CR register and clear the key registers if they are not needed, to process the higher-priority message.

To resume the processing of a message, proceed as follows:

1. Disable the AES peripheral, by clearing EN.
2. Restore the AES_CR register (with correct KEYSIZE) then restore the AES_KEYRx registers. If KMOD[1:0] is at 0x2, the key must be transferred again from the SAES peripheral (see Section 25.4.14 ).
3. Prepare the decryption key, as described in ECB/CBC decryption process (only required for ECB or CBC decryption).
4. Restore the AES_IVRx registers, using the saved configuration (only required in CBC mode).
5. Enable the AES peripheral, by setting EN.

Note: It is not required to save the key registers as the application knows the original key.

25.4.10 AES counter (CTR) mode

The CTR mode uses the AES core to generate a key stream. The keys are then XOR-ed with the plaintext to obtain the ciphertext. Unlike with ECB and CBC modes, no key scheduling is required for the CTR decryption since the AES core is always used in encryption mode.

A typical message construction in CTR mode is given in Figure 121 .

Figure 121. Message construction in CTR mode

The diagram illustrates the message structure in CTR mode. At the top, a horizontal bar represents the message, divided into three main parts: an Initial Counter Block (ICB), a Ciphertext (C) section, and a Zero padding section at the end. The ICB is shown in more detail below, as a 16-byte block (indicated by a '16-byte boundaries' label above it) composed of two fields: an Initialization vector (IV) and a Counter (indicated by '4-byte boundaries' labels above them). An arrow labeled 'decrypt' points from the Ciphertext (C) section down to a Plaintext (P) section. The Zero padding section is marked with a '0' and the label 'Zero padding'. A reference code 'MSv42156V1' is visible in the bottom right corner of the diagram area.

Diagram of message construction in CTR mode showing the ICB (Initialization vector and Counter) and the resulting Ciphertext (C) with zero padding.

The structure of this message is:

• A 16-byte initial counter block (ICB), composed of two distinct fields:
- – Initialization vector (IV) : a 96-bit value that must be unique for each encryption cycle with a given key.
- – Counter : a 32-bit big-endian integer that is incremented each time a block processing is completed. The initial value of the counter must be set to 1.
• The plaintext P is encrypted as ciphertext C, with a known length. This length can be non-multiple of 16 bytes, in which case a plaintext padding is required.

For more details, refer to NIST Special Publication 800-38A, Recommendation for Block Cipher Modes of Operation .

CTR encryption and decryption

Figure 122 describes the counter (CTR) chaining implementation in the AES peripheral (encryption). To select this chaining mode, write CHMOD[2:0] with 0x2.

Figure 122. CTR encryption

The diagram illustrates the CTR encryption process across two blocks, Block 1 and Block 2.
In Block 1:
- The IV/Nonce + 32-bit counter (labeled I1) is input to the Encrypt block along with the KEY.
- The Encrypt block outputs O1.
- O1 is input to a Swap management block.
- The Swap management block outputs P1'.
- P1' is XORed with the DIN (plaintext P1) to produce C1'.
- C1' is input to another Swap management block, which outputs DOUT (ciphertext C1).
- The counter is incremented by 1 to become the IV/Nonce + 32-bit counter (+1) for Block 2.
In Block 2:
- The IV/Nonce + 32-bit counter (+1) (labeled I2) is input to the Encrypt block along with the KEY.
- The Encrypt block outputs O2.
- O2 is input to a Swap management block.
- The Swap management block outputs P2'.
- P2' is XORed with the DIN (plaintext P2) to produce C2'.
- C2' is input to another Swap management block, which outputs DOUT (ciphertext C2).
Legend:
- Input: light gray rectangle
- Output: dark gray rectangle
- XOR: circle with a cross symbol
- DATATYPE[1:0]: control signal for Swap management blocks
- MSV69567V1: document code

Diagram of CTR encryption process showing Block 1 and Block 2. Each block consists of an IV/Nonce + 32-bit counter, an Encrypt block, a Swap management block, and an XOR block. The counter is incremented by 1 for each block. The plaintext (DIN) is XORed with the output of the Encrypt block to produce the ciphertext (DOUT).

Initialization vectors in AES must be initialized as shown in Table 184.

Table 184. Counter mode initialization vector definition

AES_IVR3[31:0]	AES_IVR2[31:0]	AES_IVR1[31:0]	AES_IVR0[31:0]
IVI[127:96]	IVI[95:64]	IVI[63:32]	IVI[31:0] 32-bit counter = 0x0001

CTR encryption and decryption process

This process is described in Section 25.4.5, with the following sequence of events:

Disable the AES peripheral, by clearing EN.
Initialize the AES_CR register:
- Select CTR chaining mode (write CHMOD[2:0] with 0x2) in encryption or decryption mode (write MODE[1:0] with 0x0 or 0x2).
- Configure the data type, through DATATYPE[1:0].
- Configure the key size, through KEYSIZE.
- Select the key mode, using KMOD[1:0]. If the key comes from the SAES peripheral, write KMOD[1:0] with 0x2, otherwise keep it at 0x0.
Write the initialization vector into the AES_IVRx registers according to Table 184.
Write the key into the AES_KEYRx registers if KMOD[1:0] is at 0x0. If KMOD[1:0] is at 0x2, the key is transferred from the SAES peripheral (see Section 25.4.14).
Wait until KEYVALID is set (the key loading completed).
Enable the AES peripheral, by setting EN.

7. Append data:
1. a) If it is the last block and the plaintext (encryption) or ciphertext (decryption) size in the block is less than 16 bytes, pad the remainder of the block with zeros.
2. b) Append the data block into AES as described in Section 25.4.5 , then read the AES_DOUTR register four times to save the resulting block (MSB first).
3. c) Repeat the step b) until the second-last block is processed. For the last block of plaintext (encryption only), follow the steps a) and b). For the last block, discard the bits that are not part of the message when the last block is smaller than 16 bytes.
8. Finalize the sequence: disable the AES peripheral, by clearing EN.

Suspend/resume operations in CTR mode

Like for the CBC mode, it is possible to interrupt a message to send a higher-priority message, then resume the interrupted message. Detailed CBC suspend and resume sequence is described in Section 25.4.9: AES basic chaining modes (ECB, CBC) .

The suspend and resume operations are only supported when AES is used in CPU mode, not in DMA mode.

Note: Like for CBC mode, the IV registers must be reloaded during the resume operation.

25.4.11 AES Galois/counter mode (GCM)

The AES Galois/counter mode (GCM) allows encrypting and authenticating a plaintext message into the corresponding ciphertext and tag (also known as message authentication code).

GCM mode is based on AES in counter mode for confidentiality. It uses a multiplier over a fixed finite field for computing the message authentication code. The following figure shows a typical message construction in GCM mode.

Figure 123. Message construction in GCM

Diagram illustrating message construction in GCM mode. It shows the flow from Initialization vector (IV) and Counter through ICB to Additional authenticated data (AAD) and Plaintext (P), resulting in Authenticated & encrypted ciphertext (C) and an Authentication tag (T).

The diagram illustrates the message construction in GCM mode. It shows the following components and flow:

Initialization vector (IV) and Counter: These are 4-byte boundaries. The IV is combined with a Counter to form the Input Block (ICB).
ICB (Input Block): A 16-byte boundary block that is input to the AES engine.
Additional authenticated data (AAD): A variable-length data block of length $$ Len(A) $$ . It is processed by the 'authenticate' function.
Plaintext (P): A variable-length data block of length $$ Len(P) = Len(C) $$ . It is processed by the 'encrypt' function.
Authenticated & encrypted ciphertext (C): The output of the 'encrypt' function, which includes the ciphertext and a '0' padding/zeroed bits block.
Authentication tag (T): The output of the 'authenticate' function, which is a 16-byte block.
Zero padding / zeroed bits: Indicated by a grey box in the diagram.
Length fields: At the top right, there are two 64-bit length fields: $[Len(A)]_{64}$ and $[Len(C)]_{64}$ .
Final block: The last block of the ciphertext, which includes a '0' padding/zeroed bits block.

The diagram also shows the flow of data: ICB leads to AAD and Plaintext (P). AAD is processed by 'authenticate' to produce the Authentication tag (T). Plaintext (P) is processed by 'encrypt' to produce the Authenticated & encrypted ciphertext (C). The final block of the ciphertext is also processed by 'authenticate' to produce the Authentication tag (T).

Diagram illustrating message construction in GCM mode. It shows the flow from Initialization vector (IV) and Counter through ICB to Additional authenticated data (AAD) and Plaintext (P), resulting in Authenticated & encrypted ciphertext (C) and an Authentication tag (T).

The message has the following structure:

• 16-byte initial counter block (ICB) , composed of two distinct fields:
- – Initialization vector (IV) : a 96-bit value that must be unique for each encryption cycle with a given key. The GCM standard supports IVs with less than 96 bits, but in this case strict rules apply.
- – Counter : a 32-bit big-endian integer that is incremented each time a block processing is completed. According to NIST specification, the counter value is 0x2 when processing the first block of payload.
• Authenticated header AAD (also known as additional authentication data) has a known length $\text{Len}(A)$ that may be a non-multiple of 16 bytes, and must not exceed $2^{64} - 1$ bits. This part of the message is only authenticated, not encrypted.
• Plaintext message P is both authenticated and encrypted as ciphertext C, with a known length $\text{Len}(P)$ that may be non-multiple of 16 bytes, and cannot exceed $2^{32} - 2$ 16-byte blocks.
• Last block contains the AAD header length (bits [32:63]) and the payload length (bits [96:127]) information, as shown in Table 186 .

The GCM standard specifies that ciphertext C has the same bit length as the plaintext P.

When a part of the message (AAD or P) has a length that is a non-multiple of 16-bytes a special padding scheme is required.

For more details, refer to NIST Special Publication 800-38D, Recommendation for Block Cipher Modes of Operation - Galois/Counter Mode (GCM) and GMAC .

Figure 124 describes the GCM chaining implementation in the AES peripheral (encryption). To select this chaining mode, write CHMOD[2:0] with 0x3.

Figure 124. GCM authenticated encryption

Diagram of GCM authenticated encryption process showing Init, Header, Payload, and Final stages with counter blocks and GF2mul operations.

The diagram illustrates the GCM authenticated encryption process, divided into four main stages:

(1) Init: A KEY is input to an Encrypt block along with an initial vector [0]128. The output is H.
(2) Header: Data in (AAD 0) and (AAD i) are processed through Swap management blocks (controlled by DATATYPE [1:0]) and then XORed with H. The result is passed through GF2mul blocks to produce intermediate values.
(3) Payload: The process starts with Block 1, which takes an Initial Counter Block (ICB) and a 32-bit counter (0x02) as input to an Encrypt block, producing CB1. This is followed by a Counter increment (+1) block that generates CBn for Block n. Each block (1 to n) takes plaintext (P1 to Pn) through Swap management and XORs it with the counter block output (CB1 to CBn) to produce ciphertext (C1 to Cn). These ciphertexts are then processed through GF2mul blocks using H.
(4) Final: The final stage takes the length of AAD and ciphertext (Len(A)64 || Len(C)64) and an incremented initial vector (IVI + 32-bit counter = 0x1) as input to an Encrypt block. The output is XORed with the GF2mul results and the KEY to produce the Authentication TAG (T).

A legend indicates: input (white box), output (grey box), and XOR (circle with cross).

Diagram of GCM authenticated encryption process showing Init, Header, Payload, and Final stages with counter blocks and GF2mul operations.

The first counter block (CB1) is derived from the initial counter block ICB by the application software, as defined in Table 185.

Table 185. Initialization of IV registers in GCM mode

AES_IVR3[31:0]	AES_IVR2[31:0]	AES_IVR1[31:0]	AES_IVR0[31:0]
ICB[127:96]	ICB[95:64]	ICB[63:32]	ICB[31:0] 32-bit counter = 0x0002

The last block of a GCM message contains the AAD header length and the payload length information, as shown in Table 186.

Table 186. GCM last block definition

Word order to AES_DINR	First word	Second word	Third word	Fourth word
Input data	AAD length[63:32]	AAD length[31:0]	Payload length[63:32]	Payload length[31:0]

GCM encryption and decryption process

This process is described in Section 25.4.6 , with the following sequence of events:

GCM initialize

1. Disable the AES peripheral, by clearing EN.
2. Initialize the AES_CR register:
- – Select GCM chaining mode (write CHMOD[2:0] with 0x3) in encryption or decryption mode (write MODE[1:0] with 0x0 or 0x2). Do not write MODE[1:0] with 0x1.
- – Configure the data type, through DATATYPE[1:0]
- – Configure the key size, through KEYSIZE.
- – Select the key mode, using KMOD[1:0]. If the key comes from the SAES peripheral, write KMOD[1:0] with 0x2, otherwise keep it at 0x0.
- – Select the GCM initialization phase, by writing GCMPH[1:0] with 0x0.
3. Write the initialization vector in AES_IVRx registers according to Table 185 .
4. Write the key into the AES_KEYRx registers if KMOD[1:0] is at 0x0. If KMOD[1:0] is at 0x2, the key is transferred from the SAES peripheral (see Section 25.4.14 ).
5. Wait until KEYVALID is set (the key loading completed).
6. Set EN to start the calculation of the hash key. EN is automatically cleared when the calculation is completed.
7. Wait until the CCF flag is set in the AES_ISR register, indicating that the GCM hash subkey (H) computation is completed.
8. Clear the CCF flag by setting the CCF bit of the AES_ICR register.

GCM header phase

9. Initialize header phase:
1. a) Select the GCM header phase, by writing 0x1 to GCMPH[1:0]. Do not change the other configurations written during GCM initialization.
2. b) Enable the AES peripheral, by setting EN.
10. Append header data:
1. a) If it is the last block and the AAD in the block is smaller than 16 bytes, pad the remainder of the block with zeros.
2. b) Append the data block into AES as described in Section 25.4.5 .
3. c) Repeat the step b) until the second-last AAD data block is processed. For the last block, follow the steps a) and b) .

Note: This phase can be skipped if there is no AAD, that is, Len(A) = 0.

No data are read during header phase.

GCM payload phase

11. Initialize payload phase:
1. a) Select the GCM payload phase, by writing GCMPH[1:0] with 0x2. Do not change the other configurations written during GCM initialization.
2. b) If the header phase is skipped, enable the AES peripheral by setting EN.

12. Append payload data:
1. a) If it is the last block and the message in the block is smaller than 16 bytes, pad the remainder of the block with zeros.
2. b) Append the data block into AES as described in Section 25.4.5 , then read the AES_DOUTR register four times to save the resulting block
3. c) Repeat the step b) until the second-last plaintext block is encrypted or until the last block of ciphertext is decrypted. For the last block of plaintext (encryption only), follow the steps a) and b) . For the last block, discard the bits that are not part of the payload when the last block is smaller than 16 bytes.

Note: This phase can be skipped if there is no payload, that is, Len(C)=0 (see GMAC mode).

GCM finalization

13. Select the GCM final phase, by writing GCMPH[1:0] with 0x3. Do not change the other configurations written during GCM initialization.
14. Write the final GCM block into the AES_DINR register. It is the concatenated AAD bit and payload bit lengths, as shown in Table 186 .
15. Wait until the CCF flag in the AES_ISR register is set.
16. Get the GCM authentication tag, by reading the AES_DOUTR register four times.
17. Clear the CCF flag, by setting the CCF bit of the AES_ICR register.
18. Disable the AES peripheral, by clearing EN. If it is an authenticated decryption, compare the generated tag with the expected tag passed with the message.

Note: In the final phase, data are written to AES_DINR normally (no swapping), while swapping is applied to tag data read from AES_DOUTR.

When transiting from the header or the payload phase to the final phase, the AES peripheral must not be disabled, otherwise the result is wrong.

Suspend/resume operations in GCM mode

The suspend and resume operations are only supported when AES is used in CPU mode, not in DMA mode.

To suspend the processing of a message , proceed as follows:

1. Wait until the CCF flag in the AES_ISR register is set (computation completed).
2. In the payload phase, read four times the AES_DOUTR register to save the last-processed block.
3. Clear the CCF flag of the AES_ISR register, by setting the CCF bit of the AES_ICR register. When GCM encryption payload phase is selected, verify that BUSY is cleared in AES_SR, to ensure that GF2mul hash function is completed.
4. Save the AES_SUSPRx registers in the memory.
5. In the payload phase, save the AES_IVRx registers as, during the data processing, they changed from their initial values. In the header phase, this step is not required.
6. Disable the AES peripheral, by clearing EN.
7. Save the current AES_CR configuration in the memory. Key registers do not need to be saved as the original key value is known by the application.

To resume the processing of a message, proceed as follows:

1. Disable the AES peripheral, by clearing EN.
2. Write the suspend register values, previously saved in the memory, back into their corresponding AES_SUSPRx registers.
3. In the payload phase, write the initialization vector register values, previously saved in the memory, back into their corresponding AES_IVRx registers. In the header phase, write initial setting values back into the AES_IVRx registers.
4. Restore the initial setting values in the AES_CR and AES_KEYRx registers if KMOD[1:0] is at 0x0. If KMOD[1:0] is at 0x2, the key is transferred from the SAES peripheral (see Section 25.4.14 ).
5. Enable the AES peripheral, by setting EN.

25.4.12 AES Galois message authentication code (GMAC)

The Galois message authentication code (GMAC) allows the authentication of a plaintext, generating the corresponding tag information (also known as message authentication code).

GMAC is similar to GCM, except that it is applied on a message composed only by plaintext authenticated data (that is, only header, no payload). The following figure shows typical message construction for GMAC.

Figure 125. Message construction in GMAC mode

Diagram of GMAC message construction. It shows an ICB block (split into IV and Counter) and an Authenticated data block (split into 16-byte segments). The end of the authenticated data is followed by a zero-padded 'Last block' and a final block containing [Len(A)]64 and [0]64. An arrow labeled 'auth.' points from the authenticated data to a box labeled 'Authentication tag (T)'.

The diagram illustrates the message construction for GMAC. It shows the following components:

ICB (Initialization Counter Block) : Composed of an Initialization vector (IV) and a Counter , aligned to 4-byte boundaries.
Authenticated data : A sequence of data blocks aligned to 16-byte boundaries. The total length is denoted as Len(A).
Zero padding : Represented by grey areas, used to fill the Last block to a 16-byte boundary.
Final Block : Contains $[Len(A)]_{64}$ and $[0]_{64}$ .
Authentication tag (T) : Generated from the authenticated data as indicated by the arrow labeled "auth.".

Diagram of GMAC message construction. It shows an ICB block (split into IV and Counter) and an Authenticated data block (split into 16-byte segments). The end of the authenticated data is followed by a zero-padded 'Last block' and a final block containing [Len(A)]64 and [0]64. An arrow labeled 'auth.' points from the authenticated data to a box labeled 'Authentication tag (T)'.

For more details, refer to NIST Special Publication 800-38D, Recommendation for Block Cipher Modes of Operation - Galois/Counter Mode (GCM) and GMAC .

Figure 126 describes the GMAC chaining implementation in the AES peripheral. To select this chaining mode, write CHMOD[2:0] with 0x3.

Figure 126. GMAC authentication mode

Diagram of GMAC authentication mode showing stages (1) Init, (2) Header, and (4) Final. Stage (3) is omitted. The diagram shows data flow through Encrypt, Swap management, GF2mul, and XOR blocks to produce an authentication tag T.

The diagram illustrates the GMAC authentication mode in three active stages:

(1) Init: A KEY and an initialization vector $[0]_{128}$ are input to an Encrypt block. The output is $$ H $$ .
(2) Header: Message blocks $$ DIN $$ (message block 1) through $$ DINR $$ (message block $$ n $$ ) are processed. Each block goes through Swap management (controlled by DATATYPE [1:0]) and is then XORed with the previous result before entering a GF2mul block with $$ H $$ .
(4) Final: The result from the header stage is XORed with a block containing $len(A)_{64} \parallel [0]_{64}$ , then processed by a GF2mul block with $$ H $$ to produce $$ S $$ . $$ S $$ is then XORed with the output of an Encrypt block (which takes KEY and $IVI + 32\text{-bit counter } (= 0x0)$ as inputs) to produce the final $$ DOUT $$ (authentication tag T).

Legend:

input
output
⊕ XOR

MSv69569V1

Diagram of GMAC authentication mode showing stages (1) Init, (2) Header, and (4) Final. Stage (3) is omitted. The diagram shows data flow through Encrypt, Swap management, GF2mul, and XOR blocks to produce an authentication tag T.

The GMAC algorithm corresponds to the GCM algorithm applied on a message that only contains a header. As a consequence, all steps and settings are the same as with the GCM, except that the payload phase is omitted.

Suspend/resume operations in GMAC

In GMAC mode, the sequence described for the GCM applies except that only the header phase can be interrupted.

25.4.13 AES counter with CBC-MAC (CCM)

The AES counter with cipher block chaining-message authentication code (CCM) algorithm allows encryption and authentication of plaintext, generating the corresponding ciphertext and tag (also known as message authentication code). To ensure confidentiality, the CCM algorithm is based on AES counter mode processing. It uses cipher block chaining technique to generate the message authentication code. This is commonly called CBC-MAC.

Note: NIST does not approve CBC-MAC as an authentication mode outside the context of the CCM specification.

The following figure shows typical message construction for CCM.

Figure 127. Message construction in CCM mode

Diagram illustrating the message construction in CCM mode. The diagram shows the structure of the message blocks: B0 (flags, Nonce (N), Q), Associated data (A), Plaintext (P), and Encrypted MAC (T). B0 is a 16-byte block where the first octet contains flags and the remaining 15 bytes are the Nonce (N) and Q. The length of the Nonce (N) is Len(N). The length of the Associated data (A) is Len(A). The length of the Plaintext (P) is Len(P). The length of the Encrypted MAC (T) is Len(T). The total length of the ciphertext (C) is Len(C). The diagram also shows the authentication and encryption process: the B0 block is used to generate the MAC (T) via an 'authenticate' function. The Plaintext (P) is encrypted to produce the ciphertext (C) via an 'encrypt' function. The MAC (T) is then decrypted and compared with the ciphertext (C) via a 'Decrypt and compare' function. Zero padding is indicated for the end of the message.

The structure of the message is:

• 16-byte first authentication block (B0) , composed of three distinct fields:
- – Q : a bit string representation of the octet length of P (Len(P))
- – Nonce (N) : a single-use value (that is, a new nonce must be assigned to each new communication) of Len(N) size. The sum Len(N) + Len(P) must be equal to 15 bytes.
- – Flags : most significant octet containing four flags for control information, as specified by the standard. It contains two 3-bit strings to encode the values t (MAC length expressed in bytes) and Q (plaintext length such that $\text{Len}(P) < 2^{8Q}$ bytes). The counter blocks range associated to Q is equal to $2^{8Q-4}$ , that is, if the maximum value of Q is 8, the counter blocks used in cipher must be on 60 bits.
• 16-byte blocks (B) associated to the associated data (A).
This part of the message is only authenticated, not encrypted. This section has a known length Len(A) that can be a non-multiple of 16 bytes (see Figure 127). The standard also states that, on MSB bits of the first message block (B1), the associated data length expressed in bytes (a) must be encoded as follows:
- – If $0 < a < 2^{16} - 2^8$ , then it is encoded as $[a]_{16}$ , that is, on two bytes.
- – If $2^{16} - 2^8 < a < 2^{32}$ , then it is encoded as $0xff \parallel 0xfe \parallel [a]_{32}$ , that is, on six bytes.
- – If $2^{32} < a < 2^{64}$ , then it is encoded as $0xff \parallel 0xff \parallel [a]_{64}$ , that is, on ten bytes.
• 16-byte blocks (B) associated to the plaintext message P, which is both authenticated and encrypted as ciphertext C, with a known length Len(P). This length can be a non-multiple of 16 bytes (see Figure 127).
• Encrypted MAC (T) of length Len(T) appended to the ciphertext C of overall length Len(C).

When a part of the message (A or P) has a length that is a non-multiple of 16-bytes, a special padding scheme is required.

Note: CCM chaining mode can also be used with associated data only (that is, no payload).

As an example, the C.1 section in NIST Special Publication 800-38C gives the following values (hexadecimal numbers):

N: 10111213 141516 (Len(N) = 56 bits or 7 bytes)
A: 00010203 04050607 (Len(A) = 64 bits or 8 bytes)
P: 20212223 (Len(P) = 32 bits or 4 bytes)
T: 6084341B (Len(T) = 32 bits or t = 4)
B0: 4F101112 13141516 00000000 00000004
B1: 00080001 02030405 06070000 00000000
B2: 20212223 00000000 00000000 00000000
CTR0: 0710111213 141516 00000000 00000000
CTR1: 0710111213 141516 00000000 00000001

For more details, refer to NIST Special Publication 800-38C, Recommendation for Block Cipher Modes of Operation - The CCM Mode for Authentication and Confidentiality .

Figure 128 describes the CCM chaining implementation in the AES peripheral (encryption). To select this chaining mode, write CHMOD[2:0] with 0x4.

Figure 128. CCM mode authenticated encryption

A detailed block diagram of CCM mode authenticated encryption. The diagram is divided into four main sections: (1) Init, (2) Header, (3) Payload, and (4) Final. Section (1) shows the initialization of the counter (CTR0) and the first block (B0). Section (2) shows the processing of associated data (Header) blocks B1 through Bu. Section (3) shows the processing of payload blocks P1 through Pm, with Block 1 and Block m specifically detailed. Section (4) shows the finalization step to produce the MAC (T) and EncTAG. The diagram uses various blocks like 'Encrypt', 'Swap management', and 'XOR' to show the data flow. A legend at the bottom left defines input, output, and XOR symbols. The diagram is labeled MSv69570V1.

The first block of a CCM message (B0) must be prepared by the application as defined in Table 187.

Table 187. Initialization of IV registers in CCM mode

AES_IVR3[31:0]	AES_IVR2[31:0]	AES_IVR1[31:0]	AES_IVR0[31:0]
B0[127:96] ⁽¹⁾	B0[95:64]	B0[63:32]	B0[31:0] ⁽²⁾

1. The five most significant bits are cleared (flag bits).
2. Q length bits are cleared, except for the bit 0 that is set.

AES supports counters up to 64 bits, as specified by NIST.

CCM encryption and decryption process

This process is described in Section 25.4.6 , with the following sequence of events:

CCM initialize

1. Disable the AES peripheral, by clearing EN.
2. Initialize the AES_CR register:
- – Select CCM chaining mode (write CHMOD[2:0] with 0x4) in encryption or decryption mode (write MODE[1:0] with 0x0 or 0x2). Do not write MODE[1:0] with 0x1.
- – Configure the data type, through DATATYPE[1:0]
- – Configure the key size, through KEYSIZE.
- – Select the key mode, using KMOD[1:0]. If the key comes from the SAES peripheral, write KMOD[1:0] with 0x2, otherwise keep it at 0x0.
- – Select the CCM initialization phase, by writing GCMPH[1:0] with 0x0.
3. Write the B0 data in AES_IVRx registers according to Table 187 .
4. Write the key into the AES_KEYRx registers if KMOD[1:0] is at 0x0. If KMOD[1:0] is at 0x2, the key is transferred from the SAES peripheral (see Section 25.4.14 ).
5. Wait until KEYVALID is set (the key loading completed).
6. Set EN to start the first mask calculation. The EN bit is automatically cleared when the calculation is completed.
7. Wait until the CCF flag in the AES_ISR register is set.
8. Clear the CCF flag, by setting the CCF bit of the AES_ICR register.

CCM header phase

9. Initialize header phase:
1. a) Prepare the first block of the (B1) data associated with the message, in accordance with CCM chaining rules.
2. b) Select the CCM header phase, by writing GCMPH[1:0] with 0x1. Do not change the other configurations written during the CCM initialization.
3. c) Enable the AES peripheral, by setting EN.
10. Append header data:
1. a) If it is the last block and the associated data in the block is smaller than 16 bytes, pad the remainder of the block with zeros.
2. b) Append the data block into AES as described in Section 25.4.5 .
3. c) Repeat the step b) until the second-last associated data block is processed. For the last block, follow the steps a) and b) .

Note: This phase can be skipped if there is no associated data, that is, $$ Len(A) = 0 $$ . No data are read during the header phase.

CCM payload phase

11. Initialize payload phase:
1. a) Select the CCM payload phase, by writing GCMPH[1:0] with 0x2. Do not change the other configurations written during the CCM initialization.
2. b) If the header phase is skipped, enable the AES peripheral, by setting EN.
12. Append payload data:
1. a) In encryption only, if it is the last block and the plaintext in the block is smaller than 16 bytes, pad the remainder of the block with zeros.
2. b) Append the data block into AES as described in Section 25.4.5 , then read the AES_DOUTR register four times to save the resulting block.
3. c) Repeat the step b) until the second-last plaintext block is encrypted or until the last block of ciphertext is decrypted. For the last block of plaintext (encryption only), follow the steps a) and b). For the last block, discard the bits that are not part of the payload when the last block is smaller than 16 bytes.

Note: This phase can be skipped if there is no payload, that is, $$ Len(P) = 0 $$ or $$ Len(C) = Len(T) $$ . Remove $LSB_{Len(T)}(C)$ encrypted tag information when decrypting ciphertext C.

CCM finalization

13. Select the CCM final phase, by writing GCMPH[1:0] with 0x3. Do not change the other configurations written during the CCM initialization.
14. Wait until CCF flag in the AES_ISR register is set.
15. Get the CCM authentication tag, by reading the AES_DOUTR register four times.
16. Clear the CCF flag, by setting the CCF bit of the AES_ICR register.
17. Disable the AES peripheral, by clearing EN. If it is an authenticated decryption, compare the generated tag with the expected tag passed with the message. Mask the authentication tag output with tag length to obtain a valid tag.

Note: In the final phase, swapping is applied to tag data read from AES_DOUTR register. When transiting from the header or the payload phase to the final phase, the AES peripheral must not be disabled, otherwise the result is wrong.

Suspend and resume operations in CCM mode

The suspend and resume operations are only supported when AES is used in CPU mode, not in DMA mode.

To suspend the processing of a message in header or payload phase , proceed as follows:

1. Wait until the CCF flag of the AES_ISR register is set (computation completed).
2. In the payload phase, read four times the AES_DOUTR register to save the last-processed block.
3. Clear the CCF flag in the AES_ISR register, by setting the CCF bit of the AES_ICR register.
4. Save the AES_SUSPRx registers in the memory.
5. Save the IV registers as they are altered during the data processing.
6. Disable the AES peripheral, by clearing EN.

7. Save the current AES_CR configuration in the memory. Key registers do not need to be saved as the original key value is known by the application.

To resume the processing of a message , proceed as follows:

1. Disable the AES peripheral, by clearing EN.
2. Write the suspend register values, previously saved in the memory, back into their corresponding AES_SUSPRx registers.
3. Restore AES_IVRx registers using the saved configuration.
4. Restore the initial setting values in the AES_CR and AES_KEYRx registers if KMOD[1:0] is at 0x0. If KMOD[1:0] is at 0x2, the key must be transferred again from the SAES peripheral (see Section 25.4.14 ).
5. Enable the AES peripheral, by setting EN.

The AES peripheral can use the SAES peripheral as security co-processor. The secure application prepares the key in the robust SAES peripheral and when it is ready, the AES application can load this prepared key through a dedicated hardware key bus.

The recommended sequence is described hereafter and in the section SAES operations with shared keys in the SAES section of this document.

1. In SAES peripheral, the application encrypts (wraps) the key to share in Shared-key mode (KMOD[1:0] at 0x2).
2. Each time the shared key is required in AES peripheral, the application decrypts it in the SAES peripheral in Shared-key mode (KMOD[1:0] at 0x2).
3. Once the shared key is decrypted (unwrapped) and loaded in SAES_KEYRx registers it can be shared with AES. To load the shared key in AES, the application sets KEYSIZE as appropriate and writes KMOD[1:0] with 0x2. When KEYVALID is cleared, the key is automatically transferred by hardware into the AES_KEYRx registers and the BUSY flag in the AES_SR register set.
4. Once the key transfer is completed, the BUSY flag is cleared and the KEYVALID flag set in the AES_SR register. If KEYVALID is not set when BUSY bit is cleared, or if the KEIF flag is set in the AES_ISR register, either the KEYSIZE value is incorrect or an unexpected event occurred during the transfer (such as DPA error, tamper event or KEYVALID cleared before the end of the transfer). When such errors occur, reset both peripherals through their IPRST bits and restart the whole key sharing process.

When the key sharing sequence is completed, the AES is initialized with a valid, shared key. The application can then process data in normal key mode, by writing KMOD[1:0] with 0x0.

Note: This sequence in AES peripheral can be run multiple times (for example, to manage a suspend/resume situation), as long as SAES peripheral is unused and duly remains in key sharing state.

25.4.15 AES data registers and data swapping

Data input and output

A 16-byte data block enters the AES peripheral with four successive 32-bit word writes into the AES_DINR register (bitfield DIN[31:0]), the most significant word (bits [127:96]) first, the least significant word (bits [31:0]) last.

A 16-byte data block is retrieved from the AES peripheral with four successive 32-bit word reads of the AES_DOUTR register (bitfield DOUT[31:0]), the most significant word (bits [127:96]) first, the least significant word (bits [31:0]) last.

The four 32-bit words of a 16-byte data block must be stored in the memory consecutively and in big-endian order, that is, with the most significant word on the lowest address. See Table 188 “no swapping” option for details.

Data swapping

The AES peripheral can be configured to perform a bit-, a byte-, a half-word-, or no swapping on the input data word in the AES_DINR register, before loading it to the AES processing core, and on the data output from the AES processing core, before sending it to the AES_DOUTR register. The choice depends on the type of data. For example, a byte swapping is used for an ASCII text stream.

The data swap type is selected through DATATYPE[1:0]. The selection applies to both AES input and output.

Note: The data in AES key registers (AES_KEYRx) and initialization vector registers (AES_IVRx) are not sensitive to the swap mode selection.

The AES data swapping feature is summarized in Table 188 and Figure 129 .

Table 188. AES data swapping example

DATATYPE[1:0]	Swapping performed	Data block
DATATYPE[1:0]	Swapping performed	System memory data (big-endian)
0x0	No swapping	Block[127..64]: 0x04EEF672 2E04CE96 Block[63..0]: 0x4E6F7720 69732074
0x0	No swapping	Address @, word[127..96]: 0x04EEF672 Address @ + 0x4, word[95..64]: 0x2E04CE96 Address @ + 0x8, word[63..32]: 0x4E6F7720 Address @ + 0xC, word[31..0]: 0x69732074
0x1	Half-word (16-bit) swapping	Block[63..0]: 0x 4E6F 7720 6973 2074
0x1	Half-word (16-bit) swapping	Address @, word[63..32]: 0x7720 4E6F Address @ + 0x4, word[31..0]: 0x2074 6973
0x2	Byte (8-bit) swapping	Block[63..0]: 0x 4E 6F 77 20 69 73 20 74
0x2	Byte (8-bit) swapping	Address @, word[63..32]: 0x2077 6F4E Address @ + 0x4, word[31..0]: 0x74 20 73 69

Table 188. AES data swapping example (continued)

DATATYPE[1:0]	Swapping performed	Data block
DATATYPE[1:0]	Swapping performed	System memory data (big-endian)
0x3	Bit swapping	Block[63..32]: 0x4E6F7720 0100 1110 0110 1111 0111 0111 0010 0000 Block[31..0]: 0x69732074 0110 1001 0111 0011 0010 0000 0111 0100 Address @, word[63..32]: 0x04EE F672 0000 0100 1110 1110 1111 0110 0111 0010 Address @ + 0x4, word[31..0]: 0x2E04 CE96 0010 1110 0000 0100 1100 1110 1001 0110

Figure 129. 128-bit block construction according to the data type

Diagram showing no swapping: 128-bit block is divided into Word 3 (D127-D96), Word 2 (D95-D64), Word 1 (D63-D32), and Word 0 (D31-D0). Data is written/read in order 1 to 4 (Word 3 to Word 0) without any internal rearrangement of bits. Diagram showing 16-bit swapping: Each 32-bit word is split into two 16-bit halves. For Word 3, bits D127..D112 and D111..D96 are swapped. This pattern repeats for Word 2, Word 1, and Word 0. The output register reflects these swapped halves. Diagram showing 8-bit byte swapping: Each 32-bit word is split into four bytes. For Word 3, the bytes (D127..120, D119..112, D111..104, D103..96) are reversed in order within the word. This byte-reversal occurs for all four words. Diagram showing bit swapping: Within each 32-bit word, the bit order is completely reversed. For Word 3, D127 swaps with D96, D126 with D97, and so on. This bit-level reversal is applied to all four words.

DATATYPE[1:0] = 00: no swapping

DATATYPE[1:0] = 01: 16-bit (half-word) swapping

DATATYPE[1:0] = 10: 8-bit (byte) swapping

DATATYPE[1:0] = 11: bit swapping

Legend:

Dx input/output data bit 'x'
$\leftrightarrow$ Data swap
1 .. 4 Order of write to data input / read from data output register
Zero padding (example)
AES core input/output data

MSV66122V1

Diagram showing no swapping: 128-bit block is divided into Word 3 (D127-D96), Word 2 (D95-D64), Word 1 (D63-D32), and Word 0 (D31-D0). Data is written/read in order 1 to 4 (Word 3 to Word 0) without any internal rearrangement of bits. Diagram showing 16-bit swapping: Each 32-bit word is split into two 16-bit halves. For Word 3, bits D127..D112 and D111..D96 are swapped. This pattern repeats for Word 2, Word 1, and Word 0. The output register reflects these swapped halves. Diagram showing 8-bit byte swapping: Each 32-bit word is split into four bytes. For Word 3, the bytes (D127..120, D119..112, D111..104, D103..96) are reversed in order within the word. This byte-reversal occurs for all four words. Diagram showing bit swapping: Within each 32-bit word, the bit order is completely reversed. For Word 3, D127 swaps with D96, D126 with D97, and so on. This bit-level reversal is applied to all four words.

Data padding

Figure 129 also gives an example of memory data block padding with zeros such that the zeroed bits after the data swap form a contiguous zone at the MSB end of the AES core input buffer. The example shows the padding of an input data block containing:

• 84 message bits, with DATATYPE[1:0] = 0x0
• 48 message bits, with DATATYPE[1:0] = 0x1
• 56 message bits, with DATATYPE[1:0] = 0x2
• 34 message bits, with DATATYPE[1:0] = 0x3

25.4.16 AES key registers

The eight AES_KEYRx write-only registers store the encryption or decryption key information, as shown on Table 189. Reads are not allowed for security reason.

Note: In memory and in AES key registers, keys are stored in little-endian format, with most significant byte on the highest address.

Table 189. Key endianness in AES_KEYRx registers (128/256-bit keys)

AES_KEYR7 [31:0]	AES_KEYR6 [31:0]	AES_KEYR5 [31:0]	AES_KEYR4 [31:0]	AES_KEYR3 [31:0]	AES_KEYR2 [31:0]	AES_KEYR1 [31:0]	AES_KEYR0 [31:0]
-	-	-	-	KEY[127:96]	KEY[95:64]	KEY[63:32]	KEY[31:0]
KEY[255:224]	KEY[223:192]	KEY[191:160]	KEY[159:128]	KEY[127:96]	KEY[95:64]	KEY[63:32]	KEY[31:0]

The key registers are not affected by the data swapping feature controlled by the DATATYPE[1:0] bitfield.

Write operations to the AES_KEYRx registers are ignored when AES peripheral is enabled (EN bit set). The application must check this before modifying key registers.

The entire key must be written before starting an AES computation.

In normal key mode (KMOD[1:0] at 0x0), the key registers must always be written in either ascending or descending order. The write sequence becomes:

• AES_KEYRx (x = 0 to 3 or x=3 to 0) for KEYSIZE cleared
• AES_KEYRx (x = 0 to 7 or x=7 to 0) for KEYSIZE set

Note: KEYSIZE must be written before the key.

As soon as the first key register is written, the KEYVALID flag is cleared. Once the key registers writing sequence is completed, KEYVALID is set and EN becomes writable. If an error occurs, KEYVALID is cleared and KEIF set (see Section 25.4.18).

25.4.17 AES initialization vector registers

The four AES_IVRx registers store the initialization vector (IV) information, as shown in Table 190. They can only be written if the AES peripheral is disabled (EN cleared).

Note: In memory and in AES IV registers, initialization vectors are stored in little-endian format, with most significant byte on the highest address.

Table 190. IVI bitfield spread over AES_IVRx registers

AES_IVR3[31:0]	AES_IVR2[31:0]	AES_IVR1[31:0]	AES_IVR0[31:0]
IVI[127:96]	IVI[95:64]	IVI[63:32]	IVI[31:0]

Initialization vector information depends on the chaining mode selected. When used, AES_IVRx registers are updated upon each AES computation cycle (useful for managing suspend mode).

The initialization vector registers are not affected by the data swapping feature controlled through DATATYPE[1:0].

25.4.18 AES error management

The AES peripheral manages the errors described in this section.

Read error flag (RDERRF)

Unexpected read attempt of the AES_DOUTR register returns zero, setting the RDERRF flag and the RWEIF flag. RDERRF is triggered during the computation phase or during the input phase.

Note: AES is not disabled when RDERRF rises and it continues processing.

An interrupt is generated if the RWEIE bit is set. For more details, refer to Section 25.5: AES interrupts .

The RDERRF and RWEIF flags are cleared by setting the RWEIF bit of the AES_ICR register.

Write error flag (WRERRF)

Unexpected write attempt of the AES_DINR register is ignored, setting the WRERRF and the RWEIF flags. WRERRF is triggered during the computation phase or during the output phase.

Note: AES is not disabled when WRERRF rises and it continues processing.

An interrupt is generated if the RWEIE bit is set. For more details, refer to Section 25.5: AES interrupts .

The WRERRF and RWEIF flags are cleared by setting the RWEIF bit of the AES_ICR register.

Key error interrupt flag (KEIF)

There are multiple sources of errors that set the KEIF flag of the AES_ISR register and clear the KEYVALID bit of the AES_SR register:

• Key writing sequence error: triggered upon detecting an incorrect sequence of writing key registers. See Section 25.4.16: AES key registers for details.
• Key sharing size mismatch error: triggered when KMOD[1:0] is at 0x2 and KEYSIZE in AES peripheral does not match KEYSIZE in SAES peripheral.

• Key sharing error: triggered upon failing transfer of SAES shared key to AES peripheral. See Section 25.4.14: AES key sharing with secure AES co-processor for details.

The KEIF flag is cleared with corresponding bit of the AES_ICR register. An interrupt is generated if the KEIE bit of the AES_IER register is set. For more details, refer to Section 25.5: AES interrupts .

Upon a key sharing error, reset both AES and SAES peripherals through the IPRST bit of their corresponding control register, then restart the key sharing sequence.

Note: For any key error, clear KEIF flag prior to disabling and re-configuring AES.

25.5 AES interrupts

There are multiple individual maskable interrupt sources generated by the AES peripheral to signal the following events:

• computation completed (CCF)
• read error (RDERRF)
• write error (WRERRF)
• key error (KEIF)

See Section 25.4.18: AES error management for details on AES errors.

These sources are combined into a common interrupt signal from the AES peripheral that connects to the Cortex® CPU interrupt controller. Application can enable or disable AES interrupt sources individually by setting/clearing the corresponding enable bit of the AES_IER register.

The status of the individual maskable interrupt sources can be read from the AES_ISR register. They are cleared by setting the corresponding bit of the AES_ICR register.

Table 191 gives a summary of the available features.

Table 191. AES interrupt requests

Interrupt acronym	Interrupt event	Event flag	Enable bit	Interrupt clear method
AES	computation completed flag	CCF	CCFIE	set CCF ⁽¹⁾
	read error flag	RDERRF ⁽²⁾	RWEIE	set RWEIF ⁽¹⁾
	write error flag	WRERRF ⁽²⁾	RWEIE	set RWEIF ⁽¹⁾
	key error flag	KEIF	KEIE	set KEIF ⁽¹⁾

1. Bit of the AES_ICR register.

2. Flag of the AES_SR register, mirrored by the flag RWEIF of the AES_ISR register.

25.6 AES DMA requests

The AES peripheral provides an interface to connect to the DMA (direct memory access) controller. The DMA operation is controlled through the DMAINEN and DMAOUTEN bits of the AES_CR register. When key derivation is selected (MODE[1:0] is at 0x1), setting those bits has no effect.

AES only supports single DMA requests.

Suspend and resume operations are not supported in DMA mode.

Detailed usage of DMA with AES can be found in Appending data using DMA subsection of Section 25.4.5: AES encryption or decryption typical usage .

Data input using DMA

Setting DMAINEN enables DMA writing into AES. AES then initiates, during the input phase, a set of single DMA requests for each 16-byte data block to write to the AES_DINR register (quadruple 32-bit word, MSB first).

Note: According to the algorithm and the mode selected, special padding / ciphertext stealing might be required (see Section 25.4.7 ).

Data output using DMA

Setting DMAOUTEN enables DMA reading from AES. AES then initiates, during the output phase, a set of single DMA requests for each 16-byte data block to read from the AES_DOUTR register (quadruple 32-bit word, MSB first).

After the output phase, at the end of processing of a 16-byte data block, AES switches automatically to a new input phase for the next data block, if any.

In DMA mode, the CCF flag has no use because the reading of the AES_DOUTR register is managed by DMA automatically at the end of the computation phase. The CCF flag must only be cleared when transiting back to managing the data transfers by software.

Note: According to the message size, extra bytes might need to be discarded by application in the last block.

Stopping DMA transfers

All DMA request signals are de-asserted when AES is disabled (EN cleared) or the DMA enable bit (DMAINEN for input data, DMAOUTEN for output data) is cleared.

25.7 AES processing latency

The following tables provide the 16-byte data block processing latency per operating mode.

Table 192. Processing latency for ECB, CBC and CTR

Key size	Mode of operation	Chaining algorithm	Clock cycles
128-bit	Encryption or decryption ⁽¹⁾	ECB, CBC, CTR	51
128-bit	Key preparation	-	59
256-bit	Encryption or decryption ⁽¹⁾	ECB, CBC, CTR	75
256-bit	Key preparation	-	82

1. Excluding key preparation time (ECB and CBC only).

Table 193. Processing latency for GCM and CCM (in clock cycles)

Key size	Mode of operation	Chaining algorithm	Initialization phase	Header phase ⁽¹⁾	Payload phase ⁽¹⁾	Final phase ⁽¹⁾
128-bit	Encryption/ Decryption	GCM	64	35	51	59
128-bit	Encryption/ Decryption	CCM	63	55	114	58
256-bit	Encryption/ Decryption	GCM	88	35	75	75
256-bit	Encryption/ Decryption	CCM	87	79	162	82

1. Data insertion can include wait states forced by AES on the AHB bus (maximum 3 cycles, typical 1 cycle).

25.8 AES registers

The registers are accessible through 32-bit word single accesses only. Other access types generate an AHB error, and other than 32-bit writes may corrupt the register content.

25.8.1 AES control register (AES_CR)

Address offset: 0x000

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
IPRST	Res.	Res.	Res.	Res.	Res.	KMOD[1:0]		NPBLB[3:0]				Res.	KEYSIZE	Res.	CHMOD[2]
rw						rw	rw	rw	rw	rw	rw		rw		rw

15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
Res.	GCM[1:0]		DMAOUTEN	DMAINEN	Res.	Res.	Res.	Res.	CHMOD[1:0]		MODE[1:0]		DATATYPE[1:0]		EN
	rw	rw	rw	rw					rw	rw	rw	rw	rw	rw	rw

Bit 31 IPRST : AES peripheral software reset

Setting the bit resets the AES peripheral, putting all registers to their default values, except the IPRST bit itself. Hence, any key-relative data are lost. For this reason, it is recommended to set the bit before handing over the AES to a less secure application.

The bit must be kept low while writing any configuration registers.

Bits 30:26 Reserved, must be kept at reset value.

Bits 25:24 KMOD[1:0] : Key mode selection

The bitfield defines how the AES key can be used by the application. KEYSIZE must be correctly initialized when setting KMOD[1:0] different from zero.

0x0: Normal key mode. Key registers are freely usable.

0x2: Shared key mode. If shared key mode is properly initialized in SAES peripheral, the AES peripheral automatically loads its key registers with the data stored in the SAES key registers. The key value is available in AES key registers when BUSY bit is cleared and KEYVALID is set in the AES_SR register. Key error flag KEIF is set otherwise in the AES_ISR register.

Others: Reserved

Attempts to write the bitfield are ignored when BUSY is set, as well as when EN is set before the write access and it is not cleared by that write access.

Bits 23:20 NPBLB[3:0] : Number of padding bytes in last block

This padding information must be filled by software before processing the last block of GCM payload encryption or CCM payload decryption, otherwise authentication tag computation is incorrect.

0x0: All bytes are valid (no padding)

0x1: Padding for the last LSB byte

...

0xF: Padding for the 15 LSB bytes of last block.

Bit 19 Reserved, must be kept at reset value.

Bit 18 KEYSIZE : Key size selection

This bitfield defines the key length in bits of the key used by AES.

0: 128-bit

1: 256-bit

Attempts to write the bit are ignored when BUSY is set, as well as when the EN is set before the write access and it is not cleared by that write access.

Bit 17 Reserved, must be kept at reset value.

Bit 15 Reserved, must be kept at reset value.

Bits 14:13 GCMPH[1:0] : GCM or CCM phase selection

This bitfield selects the phase, applicable only with GCM, GMAC or CCM chaining modes.

0x0: Initialization phase

0x1: Header phase

0x2: Payload phase

0x3: Final phase

Bit 12 DMAOUTEN : DMA output enable

This bit enables automatic generation of DMA requests during the data phase, for outgoing data transfers from AES via DMA.

0: Disable

1: Enable

Setting this bit is ignored when MODE[1:0] is at 0x1 (key derivation).

Bit 11 DMAINEN : DMA input enable

This bit enables automatic generation of DMA requests during the data phase, for incoming data transfers to AES via DMA.

0: Disable

1: Enable

Setting this bit is ignored when MODE[1:0] is at 0x1 (key derivation).

Bits 10:7 Reserved, must be kept at reset value.

Bits 16, 6:5 CHMOD[2:0] : Chaining mode

This bitfield selects the AES chaining mode:

0x0: Electronic codebook (ECB)

0x1: Cipher-block chaining (CBC)

0x2: Counter mode (CTR)

0x3: Galois counter mode (GCM) and Galois message authentication code (GMAC)

0x4: Counter with CBC-MAC (CCM)

others: Reserved

Attempts to write the bitfield are ignored when BUSY is set, as well as when EN is set before the write access and it is not cleared by that write access.

Bits 4:3 MODE[1:0] : Operating mode

This bitfield selects the AES operating mode:

0x0: Encryption

0x1: Key derivation (or key preparation), for ECB/CBC decryption only

0x2: Decryption

0x3: Reserved

Attempts to write the bitfield are ignored when BUSY is set, as well as when EN is set before the write access and it is not cleared by that write access.

Bits 2:1 DATATYPE[1:0] : Data type

This bitfield defines the format of data written in the AES_DINR register or read from the AES_DOUTR register, through selecting the mode of data swapping. This swapping is defined in Section 25.4.15: AES data registers and data swapping .

0x0: No swapping (32-bit data).

0x1: Half-word swapping (16-bit data)

0x2: Byte swapping (8-bit data)

0x3: Bit-level swapping

Attempts to write the bitfield are ignored when BUSY is set, as well as when EN is set before the write access and it is not cleared by that write access.

Bit 0 EN : Enable

This bit enables/disables the AES peripheral.

0: Disable

1: Enable

At any moment, clearing then setting the bit re-initializes the AES peripheral. When KMOD[1:0] is different from 0x0, using IPRST bit is recommended instead.

This bit is automatically cleared by hardware upon the completion of the key preparation (MODE[1:0] at 0x1) and upon the completion of GCM/GMAC/CCM initialization phase.

– The bit cannot be set as long as KEYVALID is cleared

25.8.2 AES status register (AES_SR)

Address offset: 0x004

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	KEYVALID	Res.	Res.	Res.	BUSY	WRERRF	RDERRF	Res.
								r				r	r	r

Bits 31:8 Reserved, must be kept at reset value.

Bit 7 KEYVALID : Key valid flag

This bit is set by hardware when the key of size defined by KEYSIZE is loaded in AES_KEYRx key registers.

0: Key not valid

1: Key valid

The EN bit can only be set when KEYVALID is set.

In normal mode when KMOD[1:0] is at zero, the key must be written in the key registers in the correct sequence, otherwise the KEIF flag is set and KEYVALID remains cleared.

When KMOD[1:0] is different from zero, the BUSY flag is automatically set by AES. When the key is loaded successfully, BUSY is cleared and KEYVALID set. Upon an error, KEIF is usually set, BUSY cleared and KEYVALID remains cleared.

If set, KEIF must be cleared through the AES_ICR register, otherwise KEYVALID cannot be set. See the KEIF flag description for more details.

For further information on key loading, refer to Section 25.4.16: AES key registers .

Bits 6:4 Reserved, must be kept at reset value.

Bit 3 BUSY : Busy

This flag indicates whether AES is idle or busy.

0: Idle

1: Busy

AES is flagged as idle when disabled (when EN is low) or when the last processing is completed.

AES is flagged as busy when processing a block data, preparing a key (ECB or CBC decryption only), or transferring a shared key from the SAES peripheral.

When GCM encryption payload phase is selected, this flag must be at zero before suspending current process to manage a higher-priority message.

Bit 2 WRERRF : Write error flag

This bit is set when an unexpected write to the AES_DINR register occurred. When set WRERRF bit has no impact on the AES operations.

0: No error

1: Unexpected write to AES_DINR register occurred during computation or data output phase.

The flag setting generates an interrupt if the RWEIE bit of the AES_IER register is set.

The flag is cleared by setting the RWEIF bit of the AES_ICR register.

Bit 1 RDERRF : Read error flag

This bit is set when an unexpected read to the AES_DOUTR register occurred. When set RDERRF bit has no impact on the AES operations.

0: No error

1: Unexpected read to AES_DOUTR register occurred during computation or data input phase.

The flag setting generates an interrupt if the RWEIE bit of the AES_IER register is set.

The flag is cleared by setting the RWEIF bit of the AES_ICR register.

Bit 0 Reserved, must be kept at reset value.

25.8.3 AES data input register (AES_DINR)

Address offset: 0x008

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
DIN[31:16]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
DIN[15:0]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w

Bits 31:0 DIN[31:0] : Data input

A four-fold sequential write to this bitfield during the Input phase results in writing a complete 16-bytes block of input data to the AES peripheral. From the first to the fourth write, the corresponding data weights are [127:96], [95:64], [63:32], and [31:0]. Upon each write, the data from the 32-bit input buffer are handled by the data swap block according to the DATATYPE[1:0] bitfield, then written into the AES core 16-bytes input buffer.

Reads return zero.

25.8.4 AES data output register (AES_DOUTR)

Address offset: 0x00C

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
DOUT[31:16]
r	r	r	r	r	r	r	r	r	r	r	r	r	r	r	r
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
DOUT[15:0]
r	r	r	r	r	r	r	r	r	r	r	r	r	r	r	r

Bits 31:0 DOUT[31:0] : Data output

This read-only bitfield fetches a 32-bit output buffer. A four-fold sequential read of this bitfield, upon the computation completion (CCF flag set), virtually reads a complete 16-byte block of output data from the AES peripheral. Before reaching the output buffer, the data produced by the AES core are handled by the data swap block according to the DATATYPE[1:0] bitfield.

Data weights from the first to the fourth read operation are: [127:96], [95:64], [63:32], and [31:0].

25.8.5 AES key register 0 (AES_KEYR0)

Address offset: 0x010

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
KEY[31:16]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
KEY[15:0]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w

Bits 31:0 KEY[31:0] : Cryptographic key, bits [31:0]

These are bits [31:0] of the write-only bitfield KEY[255:0] AES encryption or decryption key, depending on the MODE[1:0] bitfield of the AES_CR register.

Writes to AES_KEYRx registers are ignored when AES is enabled (EN bit set). When the key comes from the SAES peripheral (KMOD[1:0] at 0x2), writes to key registers are also ignored and they result in setting the KEIF bit of the AES_ISR register.

With KMOD[1:0] at 0x0, a special writing sequence is required. In this sequence, any valid write to AES_KEYRx register clears the KEYVALID flag except for the sequence-completing write that sets it. Also refer to the description of the KEYVALID flag in the AES_SR register.

25.8.6 AES key register 1 (AES_KEYR1)

Address offset: 0x014

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
KEY[63:48]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
KEY[47:32]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w

Bits 31:0 KEY[63:32] : Cryptographic key, bits [63:32]

Refer to the AES_KEYR0 register for description of the KEY[255:0] bitfield and for information relative to writing AES_KEYRx registers.

25.8.7 AES key register 2 (AES_KEYR2)

Address offset: 0x018

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
KEY[95:80]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
KEY[79:64]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w

Bits 31:0 KEY[95:64] : Cryptographic key, bits [95:64]

Refer to the AES_KEYR0 register for description of the KEY[255:0] bitfield and for information relative to writing AES_KEYRx registers.

25.8.8 AES key register 3 (AES_KEYR3)

Address offset: 0x01C

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
KEY[127:112]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
KEY[111:96]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w

Bits 31:0 KEY[127:96] : Cryptographic key, bits [127:96]

Refer to the AES_KEYR0 register for description of the KEY[255:0] bitfield and for information relative to writing AES_KEYRx registers.

25.8.9 AES initialization vector register 0 (AES_IVR0)

Address offset: 0x020

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
IVI[31:16]
rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
IVI[15:0]
rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw

Bits 31:0 IVI[31:0] : Initialization vector input, bits [31:0]

AES_IVRx registers store the 128-bit initialization vector or the nonce, depending on the chaining mode selected. This value is updated by hardware after each computation round (when applicable). Write to this register is ignored when EN bit is set in AES_CR register

25.8.10 AES initialization vector register 1 (AES_IVR1)

Address offset: 0x024

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
IVI[63:48]
rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
IVI[47:32]
rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw

Bits 31:0 IVI[63:32] : Initialization vector input, bits [63:32]

Refer to the AES_IVR0 register for description of the IVI[128:0] bitfield.

25.8.11 AES initialization vector register 2 (AES_IVR2)

Address offset: 0x028

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
IVI[95:80]
rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
IVI[79:64]
rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw

Bits 31:0 IVI[95:64] : Initialization vector input, bits [95:64]

Refer to the AES_IVR0 register for description of the IVI[128:0] bitfield.

25.8.12 AES initialization vector register 3 (AES_IVR3)

Address offset: 0x02C

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
IVI[127:112]
rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
IVI[111:96]
rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw

Bits 31:0 IVI[127:96] : Initialization vector input, bits [127:96]

Refer to the AES_IVR0 register for description of the IVI[128:0] bitfield.

25.8.13 AES key register 4 (AES_KEYR4)

Address offset: 0x030

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
KEY[159:144]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
KEY[143:128]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w

Bits 31:0 KEY[159:128] : Cryptographic key, bits [159:128]

Refer to the AES_KEYR0 register for description of the KEY[255:0] bitfield and for information relative to writing AES_KEYRx registers.

25.8.14 AES key register 5 (AES_KEYR5)

Address offset: 0x034

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
KEY[191:176]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
KEY[175:160]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w

Bits 31:0 KEY[191:160] : Cryptographic key, bits [191:160]

Refer to the AES_KEYR0 register for description of the KEY[255:0] bitfield and for information relative to writing AES_KEYRx registers.

25.8.15 AES key register 6 (AES_KEYR6)

Address offset: 0x038

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
KEY[223:208]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
KEY[207:192]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w

Bits 31:0 KEY[223:192] : Cryptographic key, bits [223:192]

Refer to the AES_KEYR0 register for description of the KEY[255:0] bitfield and for information relative to writing AES_KEYRx registers.

25.8.16 AES key register 7 (AES_KEYR7)

Address offset: 0x03C

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
KEY[255:240]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
KEY[239:224]
w	w	w	w	w	w	w	w	w	w	w	w	w	w	w	w

Bits 31:0 KEY[255:224] : Cryptographic key, bits [255:224]

Refer to the AES_KEYR0 register for description of the KEY[255:0] bitfield and for information relative to writing AES_KEYRx registers.

25.8.17 AES suspend registers (AES_SUSPRx)

Address offset: 0x040 + 0x4 * x, (x = 0 to 7)

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
SUSP[31:16]
rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
SUSP[15:0]
rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw	rw

Bits 31:0 SUSP[31:0] : Suspend data

AES_SUSPRx registers contain the complete internal register states of the AES when the GCM, GMAC or CCM processing of the current task is suspended to process a higher-priority task. Refer to Section 25.4.8: AES suspend and resume operations for more details.

Clearing EN bit of the AES_CR register clears this register to zero.

AES_SUSPRx registers are not used in other chaining modes than GCM, GMAC or CCM.

25.8.18 AES interrupt enable register (AES_IER)

Address offset: 0x300

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	KEIE rw	RWEIE rw	CCFIE rw

Bits 31:3 Reserved, must be kept at reset value.

Bit 2 KEIE : Key error interrupt enable

This bit enables or disables (masks) the AES interrupt generation when KEIF (key error flag) is set.

0: Disabled (masked)

1: Enabled (not masked)

Bit 1 RWEIE : Read or write error interrupt enable

This bit enables or disables (masks) the AES interrupt generation when RWEIF (read and/or write error flag) is set.

0: Disabled (masked)

1: Enabled (not masked)

Bit 0 CCFIE : Computation complete flag interrupt enable

This bit enables or disables (masks) the AES interrupt generation when CCF (computation complete flag) is set.

0: Disabled (masked)

1: Enabled (not masked)

25.8.19 AES interrupt status register (AES_ISR)

Address offset: 0x304

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.
15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	KEIF	RWEIF	CCF
													r	r	r

Bits 31:3 Reserved, must be kept at reset value.

Bit 2 KEIF : Key error interrupt flag

This read-only bit is set by hardware when the key information fails to load into key registers.

0: No key error detected

1: Key information failed to load into key registers

The flag setting generates an interrupt if the KEIE bit of the AES_IER register is set. It also clears the key registers and the KEYVALID flag in the AES_SR register.

The flag is cleared by setting the corresponding bit of the AES_ICR register.

KEIF is raised upon any of the following events:

-AES_KEYRx register write does not respect the correct order. (For KEYSIZE cleared, AES_KEYR0 then AES_KEYR1 then AES_KEYR2 then AES_KEYR3 register, or reverse. For KEYSIZE set, AES_KEYR0 then AES_KEYR1 then AES_KEYR2 then AES_KEYR3 then AES_KEYR4 then AES_KEYR5 then AES_KEYR6 then AES_KEYR7, or reverse).

-AES fails to load the key shared by the SAES peripheral (KMOD[1:0] = 0x2).

KEIF must be cleared by the application software, otherwise KEYVALID cannot be set.

Bit 1 RWEIF : Read or write error interrupt flag

This read-only bit is set by hardware when a RDERRF or a WRERRF error flag is set in the AES_SR register.

0: No read or write error detected

1: Read or write error detected

The flag setting generates an interrupt if the RWEIE bit of the AES_IER register is set.

The flag is cleared by setting the corresponding bit of the AES_ICR register.

The flag has no meaning when key derivation mode is selected.

See the AES_SR register for details.

Bit 0 CCF : Computation complete flag

This flag indicates whether the computation is completed. It is significant only when the DMAOUTEN bit is cleared, and it may stay high when DMAOUTEN is set.

0: Not completed

1: Completed

The flag setting generates an interrupt if the CCFIE bit of the AES_IER register is set.

The flag is cleared by setting the corresponding bit of the AES_ICR register.

25.8.20 AES interrupt clear register (AES_ICR)

Address offset: 0x308

Reset value: 0x0000 0000

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16
Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.

15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	KEIF	RWEIF	CCF
													w	w	w

Bits 31:3 Reserved, must be kept at reset value.

Bit 2 KEIF : Key error interrupt flag clear

Setting this bit clears the KEIF status bit of the AES_ISR register.

Bit 1 RWEIF : Read or write error interrupt flag clear

Setting this bit clears the RWEIF status bit of the AES_ISR register, and clears both RDERRF and WRERRF flags in the AES_SR register.

Bit 0 CCF : Computation complete flag clear

Setting this bit clears the CCF status bit of the AES_ISR register.

25.8.21 AES register map

Table 194. AES register map and reset values

Offset	Register name	31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16	15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
Offset	Register name	0x000	AES_CR	IPRST	Res.					KMOD[1]	KMOD[0]	NPBLB[3:0]				Res.	KEYSIZE	Res.	CHMOD[2]	Res.	GCMPH[1:0]		DMAOUTEN	DMAINEN	Res.				CHMOD[1:0]		MODE[1:0]		DATATYPE[1:0]	EN
Reset value	0	0x000						0	0	0	0	0	0		0		0		0	0	0	0					0	0	0	0	0	0	0
0x004	AES_SR	Res.																							KEYVALID	Res.			BUSY	WRERRF	RDERRF	Res.
0x004	Reset value																								0					0	0	0
0x008	AES_DINR	DIN[31:0]
0x008	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x00C	AES_DOUTR	DOUT[31:0]
0x00C	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x010	AES_KEYR0	KEY[31:0]
0x010	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x014	AES_KEYR1	KEY[63:32]
0x014	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0

Table 194. AES register map and reset values (continued)

Offset	Register name	31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16	15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
0x018	AES_KEYR2	KEY[95:64]
0x018	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x01C	AES_KEYR3	KEY[127:96]
0x01C	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x020	AES_IVR0	IVI[31:0]
0x020	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x024	AES_IVR1	IVI[63:32]
0x024	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x028	AES_IVR2	IVI[95:64]
0x028	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x02C	AES_IVR3	IVI[127:96]
0x02C	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x030	AES_KEYR4	KEY[159:128]
0x030	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x034	AES_KEYR5	KEY[191:160]
0x034	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x038	AES_KEYR6	KEY[223:192]
0x038	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x03C	AES_KEYR7	KEY[255:224]
0x03C	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x040	AES_SUSPR0	SUSP[31:0]
0x040	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x044	AES_SUSPR1	SUSP[31:0]
0x044	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x048	AES_SUSPR2	SUSP[31:0]
0x048	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x04C	AES_SUSPR3	SUSP[31:0]
0x04C	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x050	AES_SUSPR4	SUSP[31:0]
0x050	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x054	AES_SUSPR5	SUSP[31:0]
0x054	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x058	AES_SUSPR6	SUSP[31:0]
0x058	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x05C	AES_SUSPR7	SUSP[31:0]
0x05C	Reset value	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
0x060-0x2FF	Reserved	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.

Table 194. AES register map and reset values (continued)

Offset	Register name	31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16	15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
0x300	AES_IER	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	KEIE	RWEIE
0x300	Reset value																															0	0	0
0x304	AES_ISR	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	KEIF	RWEIF
0x304	Reset value																															0	0	0
0x308	AES_ICR	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	KEIF	RWEIF
0x308	Reset value																															0	0	0
0x309- 0x3FF	Reserved	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.	Res.

Refer to Section 2.3: Memory organization for the register boundary addresses.

25. AES hardware accelerator (AES)

25.1 Introduction

25.2 AES main features

25.3 AES implementation

25.4 AES functional description

25.4.1 AES block diagram

25.4.2 AES internal signals

25.4.3 AES reset and clocks

25.4.4 AES symmetric cipher implementation

25.4.5 AES encryption or decryption typical usage

Initialization

Data append

Appending data using the CPU in polling mode

Appending data using the CPU in interrupt mode

Appending data using DMA

25.4.6 AES authenticated encryption, decryption, and cipher-based message authentication

25.4.7 AES ciphertext stealing and data padding

25.4.8 AES suspend and resume operations

25.4.9 AES basic chaining modes (ECB, CBC)

ECB/CBC decryption process

Suspend/resume operations in ECB/CBC modes

25.4.10 AES counter (CTR) mode

CTR encryption and decryption

CTR encryption and decryption process

GCM encryption and decryption process

GCM initialize

GCM header phase

GCM payload phase

GCM finalization

Suspend/resume operations in GCM mode

25.4.12 AES Galois message authentication code (GMAC)

CCM encryption and decryption process

CCM initialize

CCM header phase

CCM payload phase

CCM finalization

Suspend and resume operations in CCM mode

25.4.14 AES key sharing with secure AES co-processor

25.4.15 AES data registers and data swapping

Data input and output

Data swapping

Data padding

25.4.16 AES key registers

25.4.17 AES initialization vector registers

25.4.18 AES error management

Read error flag (RDERRF)

Write error flag (WRERRF)

Key error interrupt flag (KEIF)

25.5 AES interrupts

25.6 AES DMA requests

Data input using DMA

Data output using DMA

Stopping DMA transfers

25.7 AES processing latency

25.8 AES registers

25.8.1 AES control register (AES_CR)

25.8.2 AES status register (AES_SR)

25.8.3 AES data input register (AES_DINR)

25.8.4 AES data output register (AES_DOUTR)

25.8.5 AES key register 0 (AES_KEYR0)

25.8.6 AES key register 1 (AES_KEYR1)

25.8.7 AES key register 2 (AES_KEYR2)

25.8.8 AES key register 3 (AES_KEYR3)

25.8.9 AES initialization vector register 0 (AES_IVR0)

25.8.10 AES initialization vector register 1 (AES_IVR1)

25.8.11 AES initialization vector register 2 (AES_IVR2)

25.8.12 AES initialization vector register 3 (AES_IVR3)

25.8.13 AES key register 4 (AES_KEYR4)

25.8.14 AES key register 5 (AES_KEYR5)

25.8.15 AES key register 6 (AES_KEYR6)

25.8.16 AES key register 7 (AES_KEYR7)

25.8.17 AES suspend registers (AES_SUSPRx)

25.8.18 AES interrupt enable register (AES_IER)

25.8.19 AES interrupt status register (AES_ISR)

Bit 2 KEIF : Key error interrupt flag

Bit 1 RWEIF : Read or write error interrupt flag

Bit 0 CCF : Computation complete flag

25.8.20 AES interrupt clear register (AES_ICR)

25.8.21 AES register map