Processing a Message with only AAD (GHASHH)
It is possible to process a message with only AAD setting the CLEN field to ‘0’ in AES_CLENR, this can be used for J0 generation when len(IV) ≠ 96 for instance.
Example: Processing J0 when len(IV) ≠ 96
To process J0 = GHASHH(IV || 0s+64 || [len(IV)]64), the sequence is as follows:
- Set AES_MR.OPMOD to GCM and AES_MR.GTAGEN to ‘0’.
- Write AES_KEYWRx and wait until AES_ISR.DATRDY is set (GCM hash subkey generation complete); use interrupt if needed. After the GCM hash subkey generation is complete the GCM hash subkey can be read or overwritten with specific value in AES_GCMHRx. See Key Writing and Automatic Hash Subkey Calculation.
- Configure AES_AADLENR.AADLEN with ‘len(IV || 0s+64 || [len(IV)]64)’ in and AES_CLENR.CLEN to ‘0’. This will allow running a GHASHH only.
- Fill AES_IDATARx.IDATA with the message to process (IV || 0s+64 || [len(IV)]64) according to the SMOD configuration used. If Manual Mode or Auto Mode is used, the DATRDY bit indicates when a GHASHH step is over (use interrupt if needed).
- Read AES_GHASHRx.GHASH to obtain the J0
value.
Note: The GHASH value can be overwritten at any time by writing the value of AES_GHASHRx.GHASH, used to perform a GHASHH with an initial value for GHASH (write GHASH field between step 3 and step 4 in this case).