Advanced Encryption Standard (AES)

表 628 AES module standard

Document Code	Name of Standard
FIPS PUB 197	Advanced Encryption Standard (AES)

The AES co-processor encrypts or decrypts data, using an algorithm and implementation fully compliant with the AES defined in Federal Information Processing Standards (FIPS) publication 197. GR5526 embeds the AES module in order to realize hardware acceleration of calculation.

Electronic Codebook (ECB) and Cipher Block Chaining (CBC) are supported for key size of 128 bits, 192 bits, and 256 bits.

Due to the feature of block cipher of AES, the data to be encrypted requires an integer multiple of 16 bytes.

The AES co-processor adopts both 32-bit AHB and APB interfaces. It supports DMA transfers for incoming and outgoing data (through a dedicated integrated DMA).

The CFG register can be used to configure relevant parameters for the AES module. CFG.KEY_MODE can be used to configure the key size to 128 bits, 192 bits, or 256 bits. CFG.DEC_ENC_SEL can be used to configure the encryption or decryption mode. CFG.OPT_MODE can be used to configure the working mode of ECB or CBC. CFG.KEY_TYPE can be used to configure the mode of fetching the key.

If the key is configured by MCU, the KEY0 to KEY7 registers need to be configured (128-bit for KEY0 to KEY3 only and 192-bit for KEY0 to KEY5 only). If the key is fetched through AHB, the KEY_ADDR register should be configured.

CTRL.FKEY_EN is configured in order to enable the AES module to fetch the key through AHB master interface. The STAT register is used to indicate the current status of the AES module. The random seeds are set to the INIT_SSI, INIT_SSO, MASK_SSI, and MASK_SSO registers.

The initialization vector (IV) should be set to the INIT_V0 to INIT_V3 registers for AES CBC mode.

If the AES module is in interrupt or DMA operation mode, the INT register needs to be configured.

In MCU operation mode, a block data (128-bit) is written into the DATA_IN0 to DATA_IN3 registers. In DMA operation mode, the XFER_SIZE, RD_START_ADDR, and WR_START_ADDR registers should be configured. The AES module will read the data from the address which is stored in the RD_START_ADDR register.

The AES module can be started through the CTRL register. The STAT register or the interrupt callback function can judge whether the calculation completes.

The plain data or the encrypted data can be read from the DATA_OUT0 to DATA_OUT3 registers in MCU operation mode. In DMA operation mode, the result has been sent to the address which is stored in the WR_START_ADDR register.

The endian of the data needs to be noticed and configured; otherwise it will affect the result of encryption and decryption. If the data is encrypted and decrypted in batches in CBC mode, the encryption result should be set as the IV to the INIT_V0 to INIT_V3 registers.

• Name: AES Controller Register
• Description: This register acts as a global enable/disable for AES.
• Base Address: 0x40015000
• Offset: 0x0
• Reset Value: 0x00000000

表 629 AES Controller Register

Bits	Field Name	RW	Reset	Description
31:4	RSVD	R		Reserved bits
3	FKEY_EN	W	0x0	Enable AES fetch key by itself through AHB master interface or key port. This register can be cleared by itself when key_valid is set to 1.
2	DMA_MODE_EN	RW	0x0	DMA mode start enable bit. Start N block data encryption or decryption in DMA mode.
1	MCU_MODE_EN	RW	0x0	MCU mode start enable bit. Start a block data encryption or decryption in DMA mode. This signal should be cleared to zero before a new block input data is ready to start.
0	MODULE_EN	RW	0x0	Enables AES module. Value: 0x0: Disable 0x1: Enable

• Name: AES Configuration Register
• Description: This register acts as a configuration for AES.
• Base Address: 0x40015000
• Offset: 0x4
• Reset Value: 0x00000000

表 630 AES Configuration Register

Bits	Field Name	RW	Reset	Description
31:13	RSVD	R		Reserved bits
12:11	KEY_TYPE	RW	0x0	Key type selection for encryption/decryption Value: 0x0: Configured by MCU (default) 0x1: Fetched through AHB interface 0x2: Fetched through key port 0x3: Reserved
10:8	OPT_MODE	RW	0x0	Selection for operation mode Value: 0x0: Electronic Codebook (ECB) mode 0x1: Cipher Block Chaining (CBC) mode 0x2–0x7: Reserved for future application
7	ENDIAN	RW	0x0	Selection for data endian control Value: 0x0: Reverse to big-endian (default) 0x1: No reverse
6	FIRST_BLK	W	0x0	This register should be set to 1 before starting the first block in normal CBC and DMA CBC modes, and this register will be cleared by itself.
5	LOAD_SEED	W	0x0	Loads seed for LFSR. Seed for LFSR will be reloaded when this register is written with 1. This register can be cleared by itself.
4	DEC_ENC_SEL	RW	0x0	Selection for encryption/decryption Value: 0x0: Decryption (default) 0x1: Encryption
3	FULL_MASK_EN	RW	0x0	Full mask enable signal Value: 0x0: Disable (default) 0x1: Enable (DPA resistance)
2	RSVD	R		Reserved bit
1:0	KEY_MODE	RW	0x0	Key mode selection for encryption/decryption Value: 0x0: 128 bits (default) 0x1: 192 bits 0x2: 256 bits 0x3: Reserved

• Name: AES Status Register
• Description: This is a read-only register used to indicate the current status of AES.
• Base Address: 0x40015000
• Offset: 0x8
• Reset Value: 0x00000000

表 631 AES Status Register

Bits	Field Name	RW	Reset	Description
31:4	RSVD	R		Reserved bits
3	KEY_STAT	R	0x0	Key status, whether the key is ready to read or not Value: 0x0: Not ready 0x1: Ready
2	DMA_XFE_ERR	R WC	0x0	DMA transfer error. Write 1 to clear this register. Value: 0x0: No error 0x1: Error
1	DMA_XFE_CPLT	R	0x0	DMA transfer complete Value: 0x0: Not complete 0x1: Complete
0	READY	R	0x0	AES result data out ready or not. This signal may be cleared when MCUEN (CTRL[1]) is disabled. Value: 0x0: Not ready 0x1: Ready

• Name: AES Interrupt Register
• Description: This register enables or disables all interrupts generated by the AES. Additionally, it reports the status of the AES interrupts after they have been enabled.
• Base Address: 0x40015000
• Offset: 0x0C
• Reset Value: 0x00000000

表 632 AES Interrupt Register

Bits	Field Name	RW	Reset	Description
31:2	RSVD	R		Reserved bits
1	CPLT_INT_EN	RW	0x0	AES result data complete interrupt Value: 0x0: Disable 0x1: Enable
0	CPLT_INT_FLAG	R WC	0x0	AES result data complete interrupt flag. Write 1 to clear. Read: 0x0: Not interrupt 0x1: Interrupt Write: 0x0: Not effect 0x1: Clear

• Name: AES Transfer Size Register
• Description: This register sets a size for AES DMA mode transfer.
• Base Address: 0x40015000
• Offset: 0x10
• Reset Value: 0x00000000

表 633 AES Transfer Size Register

Bits	Field Name	RW	Reset	Description
31:15	RSVD	R		Reserved bits
14:0	SIZE	RW	0x0	Total transfer size. Up to 32 KB 0x000f: 1 block 0x001f: 2 blocks 0x002f: 3 blocks … 0x7fff: 2048 blocks

• Name: AES Read Start Address Register
• Description: This register acts as a start address for AES DMA reading.
• Base Address: 0x40015000
• Offset: 0x14
• Reset Value: 0x00000000

表 634 AES Read Start Address Register

Bits	Field Name	RW	Reset	Description
31:0	ADDR	RW	0x0	In DMA mode, sets the read start address of transfer.

• Name: AES Write Start Address Register
• Description: This register acts as a start address for AES DMA writing.
• Base Address: 0x40015000
• Offset: 0x18
• Reset Value: 0x00000000

表 635 AES Write Start Address Register

Bits	Field Name	RW	Reset	Description
31:0	ADDR	RW	0x0	In DMA mode, sets the write start address of transfer.

• Name: AES Key Address Register
• Description: This register acts as a key address for AES encryption or decryption.
• Base Address: 0x40015000
• Offset: 0x1C
• Reset Value: 0x00000000

表 636 AES Key Address Register

Bits	Field Name	RW	Reset	Description
31:0	ADDR	RW	0x0	Indicates the AES key address in memory.

• Name: AES Data Output 0 Register
• Description: This register is a 32-bit read-only buffer for the result data[127:96] from AES.
• Base Address: 0x40015000
• Offset: 0x20
• Reset Value: 0x00000000

表 637 AES Data Output 0 Register

Bits	Field Name	RW	Reset	Description
31:0	DATA_OUT0	R	0x0	AES result data[127:96]

• Name: AES Data Output 1 Register
• Description: This register is a 32-bit read-only buffer for the result data[95:64] from AES.
• Base Address: 0x40015000
• Offset: 0x24
• Reset Value: 0x00000000

表 638 AES Data Output 1 Register

Bits	Field Name	RW	Reset	Description
31:0	DATA_OUT1	R	0x0	AES result data[95:64]

• Name: AES Data Output 2 Register
• Description: This register is a 32-bit read-only buffer for the result data[63:32] from AES.
• Base Address: 0x40015000
• Offset: 0x28
• Reset Value: 0x00000000

表 639 AES Data Output 2 Register

Bits	Field Name	RW	Reset	Description
31:0	DATA_OUT2	R	0x0	AES result data[63:32]

• Name: AES Data Output 3 Register
• Description: This register is a 32-bit read-only buffer for the result data[31:0] from AES.
• Base Address: 0x40015000
• Offset: 0x2C
• Reset Value: 0x00000000

表 640 AES Data Output 3 Register

Bits	Field Name	RW	Reset	Description
31:0	DATA_OUT3	R	0x0	AES result data[31:0]

• Name: AES Key 0 Register
• Description: This register is a 32-bit write-only buffer for the key data[255:224] for AES.
• Base Address: 0x40015000
• Offset: 0x30
• Reset Value: 0x00000000

表 641 AES Key 0 Register

Bits	Field Name	RW	Reset	Description
31:0	KEY0	W	0x0	AES key[255:224]

• Name: AES Key 1 Register
• Description: This register is a 32-bit write-only buffer for the key data[223:192] for AES.
• Base Address: 0x40015000
• Offset: 0x34
• Reset Value: 0x00000000

表 642 AES Key 1 Register

Bits	Field Name	RW	Reset	Description
31:0	KEY1	W	0x0	AES key[223:192]

• Name: AES Key 2 Register
• Description: This register is a 32-bit write-only buffer for the key data[191:160] for AES.
• Base Address: 0x40015000
• Offset: 0x38
• Reset Value: 0x00000000

表 643 AES Key 2 Register

Bits	Field Name	RW	Reset	Description
31:0	KEY2	W	0x0	AES key[191:160]

• Name: AES Key 3 Register
• Description: This register is a 32-bit write-only buffer for the key data[159:128] for AES.
• Base Address: 0x40015000
• Offset: 0x3C
• Reset Value: 0x00000000

表 644 AES Key 3 Register

Bits	Field Name	RW	Reset	Description
31:0	KEY3	W	0x0	AES key[159:128]

• Name: AES Key 4 Register
• Description: This register is a 32-bit write-only buffer for the key data[127:96] for AES.
• Base Address: 0x40015000
• Offset: 0x40
• Reset Value: 0x00000000

表 645 AES Key 4 Register

Bits	Field Name	RW	Reset	Description
31:0	KEY4	W	0x0	AES key[127:96]

• Name: AES Key 5 Register
• Description: This register is a 32-bit write-only buffer for the key data[95:64] for AES.
• Base Address: 0x40015000
• Offset: 0x44
• Reset Value: 0x00000000

表 646 AES Key 5 Register

Bits	Field Name	RW	Reset	Description
31:0	KEY5	W	0x0	AES key[95:64]

• Name: AES Key 6 Register
• Description: This register is a 32-bit write-only buffer for the key data[63:32] for AES.
• Base Address: 0x40015000
• Offset: 0x48
• Reset Value: 0x00000000

表 647 AES Key 6 Register

Bits	Field Name	RW	Reset	Description
31:0	KEY6	W	0x0	AES key[63:32]

• Name: AES Key 7 Register
• Description: This register is a 32-bit write-only buffer for the key data[31:0] for AES.
• Base Address: 0x40015000
• Offset: 0x4C
• Reset Value: 0x00000000

表 648 AES Key 7 Register

Bits	Field Name	RW	Reset	Description
31:0	KEY7	W	0x0	AES key[31:0]

• Name: AES Sbox Initial Seed Input Register
• Description: This register acts as an initial seed input for Sbox.
• Base Address: 0x40015000
• Offset: 0x50
• Reset Value: 0x00000000

表 649 AES Sbox Initial Seed Input Register

Bits	Field Name	RW	Reset	Description
31:0	SEED	RW	0x0	Sbox initial seed input

• Name: AES Sbox Initial Seed Output Register
• Description: This register acts as an initial seed output for Sbox.
• Base Address: 0x40015000
• Offset: 0x54
• Reset Value: 0x00000000

表 650 AES Sbox Initial Seed Output Register

Bits	Field Name	RW	Reset	Description
31:0	SEED	RW	0x0	Sbox initial seed output

• Name: AES Sbox Seed Input Mask Register
• Description: This register acts as a mask for Sbox initial seed input mask.
• Base Address: 0x40015000
• Offset: 0x58
• Reset Value: 0x00000000

表 651 AES Sbox Seed Input Mask Register

Bits	Field Name	RW	Reset	Description
31:0	MASK	RW	0x0	Sbox initial seed input mask

• Name: AES Sbox Seed Output Mask Register
• Description: This register acts as a mask for Sbox initial seed output mask.
• Base Address: 0x40015000
• Offset: 0x5C
• Reset Value: 0x00000000

表 652 AES Sbox Seed Output Mask Register

Bits	Field Name	RW	Reset	Description
31:0	MASK	RW	0x0	Sbox initial seed output mask

• Name: AES Initialization Vector 0 Register
• Description: This register acts as an initialization vector[127:96] for CBC mode.
• Base Address: 0x40015000
• Offset: 0x60
• Reset Value: 0x00000000

表 653 AES Initialization Vector 0 Register

Bits	Field Name	RW	Reset	Description
31:0	VECTOR	W	0x0	Initialization vector[127:96] for CBC mode

• Name: AES Initialization Vector 1 Register
• Description: This register acts as an initialization vector[95:64] for CBC mode.
• Base Address: 0x40015000
• Offset: 0x64
• Reset Value: 0x00000000

表 654 AES Initialization Vector 1 Register

Bits	Field Name	RW	Reset	Description
31:0	VECTOR	W	0x0	Initialization vector[95:64] for CBC mode

• Name: AES Initialization Vector 2 Register
• Description: This register acts as an initialization vector[63:32] for CBC mode.
• Base Address: 0x40015000
• Offset: 0x68
• Reset Value: 0x00000000

表 655 AES Initialization Vector 2 Register

Bits	Field Name	RW	Reset	Description
31:0	VECTOR	W	0x0	Initialization vector[63:32] for CBC mode

• Name: AES Initialization Vector 3 Register
• Description: This register acts as an initialization vector[31:0] for CBC mode.
• Base Address: 0x40015000
• Offset: 0x6C
• Reset Value: 0x00000000

表 656 AES Initialization Vector 3 Register

Bits	Field Name	RW	Reset	Description
31:0	VECTOR	W	0x0	Initialization vector[31:0] for CBC mode

• Name: AES Data Input 0 Register
• Description: This register is a 32-bit only write buffer for the input data[127:96] for encryption or decryption.
• Base Address: 0x40015000
• Offset: 0x70
• Reset Value: 0x00000000

表 657 AES Data Input 0 Register

Bits	Field Name	RW	Reset	Description
31:0	DATA_IN0	W	0x0	Input data[127:96] for encryption or decryption. This register is valid in MCU mode.

• Name: AES Data Input 1 Register
• Description: This register is a 32-bit only write buffer for the input data[95:64] for encryption or decryption.
• Base Address: 0x40015000
• Offset: 0x74
• Reset Value: 0x00000000

表 658 AES Data Input 1 Register

Bits	Field Name	RW	Reset	Description
31:0	DATA_IN1	W	0x0	Input data[95:64] for encryption or decryption. This register is valid in MCU mode.

• Name: AES Data Input 2 Register
• Description: This register is a 32-bit only write buffer for the input data[63:32] for encryption or decryption.
• Base Address: 0x40015000
• Offset: 0x78
• Reset Value: 0x00000000

表 659 AES Data Input 2 Register

Bits	Field Name	RW	Reset	Description
31:0	DATA_IN2	W	0x0	Input data[63:32] for encryption or decryption. This register is valid in MCU mode.

• Name: AES Data Input 3 Register
• Description: This register is a 32-bit only write buffer for the input data[31:0] for encryption or decryption.
• Base Address: 0x40015000
• Offset: 0x7C
• Reset Value: 0x00000000

表 660 AES Data Input 3 Register

Bits	Field Name	RW	Reset	Description
31:0	DATA_IN3	W	0x0	Input data[31:0] for encryption or decryption. This register is valid in MCU mode.

• Name: AES Keyport Mask Register
• Description: This register acts as a mask for key from key port.
• Base Address: 0x40015000
• Offset: 0x80
• Reset Value: 0x00000000

表 661 AES Keyport Mask Register

Bits	Field Name	RW	Reset	Description
31:0	MASK	W	0x0	Mask for key from key port