50.4.9.2 SSL Padding
Auto Padding is enabled by writing a ‘1’ to AES_EMR.APEN and SSL padding mode is selected by writing a ‘1’ to AES_EMR.APM.
Each byte of the padding area contains the padding length.
The padding length is configured in AES_EMR.PADLEN.
AES_BCNT.BCNT defines the length, in bytes, of the message to process. It must be configured before writing the first data in AES_IDATARx and the remaining bytes to process can be read at anytime (BCNT value is decremented after each AES_IDATARx access).
AES_BCNT.BCNT and AES_EMR.PADLEN must be configured so that the length of the message plus the length of the padding section is a multiple of the AES block size (128 bits).
To process a complete SSL message, the sequence is as follows:
- Set AES_MR.OPMOD to either CBC or CTR mode.
- Set AES_EMR.APEN to ‘1’, AES_EMR.APM to ‘1’, AES_EMR.PADLEN to the desired padding length in bytes.
- Set AES_BCNT.BCNT with the whole message length, without padding, in bytes.
- Write the key.
- Set AES_IVRx.IV if needed.
- Fill AES_IDATARx.IDATA with the message to process according to the SMOD configuration used. On the last data block write only what is necessary (e.g., write only AES_IDATAR0 if last block size is ≤ 32 bits).
- Wait for the DATRDY flag to be raised, meaning auto-padding completion and last block processing.