50.5.2 AES Mode Register
This register can only be written if the WPEN bit is cleared in the AES Write Protection Mode Register.
Name: | AES_MR |
Offset: | 0x04 |
Reset: | 0x00080000 |
Property: | Read/Write |
Bit | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | |
TAMPCLR | |||||||||
Access | R/W | ||||||||
Reset | – |
Bit | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | |
CKEY[3:0] | CFBS[2:0] | ||||||||
Access | W | W | W | W | R/W | R/W | R/W | ||
Reset | 0 | 0 | 0 | – | 0 | 0 | 0 |
Bit | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | |
LOD | OPMOD[2:0] | KEYSIZE[1:0] | SMOD[1:0] | ||||||
Access | R/W | R/W | R/W | R/W | R/W | R/W | R/W | R/W | |
Reset | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |
PROCDLY[3:0] | DUALBUFF | GTAGEN | CIPHER | ||||||
Access | R/W | R/W | R/W | R/W | R/W | R/W | R/W | ||
Reset | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Bit 31 – TAMPCLR Tamper Clear Enable
Value | Description |
---|---|
0 | A tamper detection event has no effect on the AES_KEYWRx key. |
1 | A tamper detection event immediately clears the AES_KEYWRx key. |
Bits 23:20 – CKEY[3:0] Key
Value | Name | Description |
---|---|---|
0xE | PASSWD | This field must be written with 0xE the first time AES_MR is programmed. For subsequent programming of AES_MR, any value can be written, including that of 0xE. Always reads as 0. |
Bits 18:16 – CFBS[2:0] Cipher Feedback Data Size
Value | Name | Description |
---|---|---|
0 | SIZE_128BIT | 128-bit |
1 | SIZE_64BIT | 64-bit |
2 | SIZE_32BIT | 32-bit |
3 | SIZE_16BIT | 16-bit |
4 | SIZE_8BIT | 8-bit |
Bit 15 – LOD Last Output Data Mode
Value | Description |
---|---|
0 | No effect. After each end of encryption/decryption, the output data are available either on the output data registers (Manual and Auto modes) or at the address specified in the Channel Buffer Transfer Descriptor for DMA mode. In Manual and Auto modes, the DATRDY flag is cleared when at least one of the Output Data registers is read. |
1 | The DATRDY flag is cleared when at least one of the Input Data Registers is written. No more Output Data Register reads are necessary between consecutive encryptions/decryptions (see Last Output Data Mode). |
Bits 14:12 – OPMOD[2:0] Operating Mode
For CBC-MAC operating mode, set OPMOD to CBC and LOD to 1.
When switching from an operating mode requiring the initialization vectors (e.g. CBC, GCM) to another operating mode that does not require initialization vectors (e.g. ECB) and a message of one block has been processed, initialization vector registers (AES_IVRx) must be cleared before switching to the new mode.
Value | Name | Description |
---|---|---|
0 | ECB | ECB: Electronic Codebook mode |
1 | CBC | CBC: Cipher Block Chaining mode |
2 | OFB | OFB: Output Feedback mode |
3 | CFB | CFB: Cipher Feedback mode |
4 | CTR | CTR: Counter mode (16-bit internal counter) |
5 | GCM |
GCM: Galois/Counter mode |
6 | XTS |
XTS: XEX-based tweaked-codebook mode |
Bits 11:10 – KEYSIZE[1:0] Key Size
Value | Name | Description |
---|---|---|
0 | AES128 |
AES Key Size is 128 bits |
1 | AES192 |
AES Key Size is 192 bits |
2 | AES256 |
AES Key Size is 256 bits |
Bits 9:8 – SMOD[1:0] Start Mode
If a DMA transfer is used, configure SMOD to 2. See DMA Mode for more details.
Value | Name | Description |
---|---|---|
0 | MANUAL_START | Manual Mode |
1 | AUTO_START | Auto Mode |
2 | IDATAR0_START | AES_IDATAR0 access only Auto Mode (DMA) |
Bits 7:4 – PROCDLY[3:0] Processing Delay
Processing Time = N × (PROCDLY + 1)
where
- N = 10 when KEYSIZE = 0
- N = 12 when KEYSIZE = 1
- N = 14 when KEYSIZE = 2
The processing time represents the number of clock cycles that the AES needs in order to perform one encryption/decryption.
Bit 3 – DUALBUFF Dual Input Buffer
Value | Name | Description |
---|---|---|
0 | INACTIVE |
AES_IDATARx cannot be written during processing of previous block. |
1 | ACTIVE |
AES_IDATARx can be written during processing of previous block when SMOD = 2. It speeds up the overall runtime of large files. |
Bit 1 – GTAGEN GCM Automatic Tag Generation Enable
Value | Description |
---|---|
0 | Automatic GCM Tag generation disabled. |
1 | Automatic GCM Tag generation enabled. |
Bit 0 – CIPHER Processing Mode
Value | Description |
---|---|
0 | Decrypts data. |
1 | Encrypts data. |