Texas Instruments CC2650DK ユーザーズマニュアル
AES Cryptoprocessor Overview
10.1.6.3.5 AES-CCM
For AES-CCM operations, the following configuration parameters are required:
•
Key from the key store module
•
The IV must be written with the flags for the cryptographic operation and the NONCE bytes, for both
authentication and encryption
authentication and encryption
•
Control register settings (mode, direction, key size)
•
Length of the crypto data (may be non-block size aligned)
•
Length of the AAD data; must be less than 2
16
– 2
8
bytes (may be non-block size aligned)
CCM-L must be 001, 011, or 111, representing a crypto data length field of 2, 4, or 8 bytes respectively.
CCM-M can be set to any value and has no effect on the processing. The host must select the valid TAG
bytes from the 128-bit TAG.
bytes from the 128-bit TAG.
The AAD and cryptographic data may end misaligned. In this case, the crypto core pads both data types
to a 128-bit boundary with zeroes. Padding is done as follows: the AAD and crypto data padding satisfy
the bit string, 0n, with 0
to a 128-bit boundary with zeroes. Padding is done as follows: the AAD and crypto data padding satisfy
the bit string, 0n, with 0
≤n≤127, such that the input data block length including padding is 128-bit aligned.
The AAD data must be transferred to the AES engine with a separate DMA operation (it may not be
combined with the payload data) or using slave transfers.
combined with the payload data) or using slave transfers.
The context length field can have any value. If a data stream is done and the next data stream uses the
same key and control, only the IV and length fields can be written with a new value. The user cannot write
both length fields with zeroes.
same key and control, only the IV and length fields can be written with a new value. The user cannot write
both length fields with zeroes.
The result TAG is typically read using the slave interface, but can also be written to an external memory
location using a separate DMA operation.
location using a separate DMA operation.
10.1.6.3.5.1 Programming Sequence
The following software example in pseudocode describes the actions that are typically executed by the
host software to encrypt and authenticate a message (AAD and payload data), stored in external memory,
with AES-CCM mode. The encrypted result is placed into a pre-allocated area in external memory. The
result TAG is read using the slave interface.
host software to encrypt and authenticate a message (AAD and payload data), stored in external memory,
with AES-CCM mode. The encrypted result is placed into a pre-allocated area in external memory. The
result TAG is read using the slave interface.
The following sequence processes a packet of at least one byte of AAD data and at least one crypto data
byte.
byte.
// configure the master control module
write ALGSEL 0x0000_0002 // enable the DMA path to the AES engine
write IRQCLR 0x0000_0001 // clear any outstanding events
// configure the key store to provide pre-loaded AES key
write KEYREADAREA 0x0000_0000 // load the key from ram area 0 (NOTE: The key
// must be pre-loaded to this area)
wait KEYREADAREA[31]==’0’ // wait until the key is loaded to the AES module
check IRQSTAT[29] = ‘0’// check that the key is loaded without errors
// write the initialization vector
write AESIV_0
...
write AESIV_3
// configure the AES engine
write AESCTL = 0b0010_0000_0101_1100_
0000_0000_0100_1100 // program AES-CCM-128 encryption (M=1, L=3)
write AESDATALEN0// write the length of the crypto block (lo)
write AESDATALEN1// write the length of the crypto block (hi)
// (may be non-block size aligned)
write AESAUTHLEN // write the length of the AAD data block
// (may be non-block size aligned)
// configure DMAC to fetch the AAD data
818
SWCU117A – February 2015 – Revised March 2015
Copyright © 2015, Texas Instruments Incorporated