 English |
|
|
|
|
|
|
|
| SAMA5D42_14 Datasheet, PDF (1597/1776 Pages) ATMEL Corporation – Atmel | SMART ARM-based Embedded MPU | |||
| |||
| ◁ |
4. Set AADLEN field in AES_AADLENR and CLEN field in AES_CLENR according to the length of the current
fragment, or set the fields with the remaining message length, both configurations work.
5. Fill the GHASH field of AES_GHASHRx with the value stored after the previous fragment.
6. Fill the IDATA field of AES_IDATARx with the current fragment of the message to process (aligned on 16
byte boundary) according to the SMOD configuration used. If Manual Mode or Auto Mode is used, the
DATRDY bit indicates when the data have been processed (however, no output data are generated when
processing AAD).
7. Make sure the last output data have been read if the fragment ends in C phase (or wait for DATRDY if the
fragment ends in AAD phase), then read the GHASH field of AES_GHASHRx to obtain the value of the hash
after the last processed data and finally read the CTR field of the AES_CTR to obtain the value of the CTR
encryption counter (not needed when the fragment ends in AAD phase).
Note: Step 1 and 2 are required only if the value of the concerned registers has been modified.
Once the last fragment has been processed, the GHASH value will allow manual generation of the GCM tag (see
Section for details).
Manual GCM Tag Generation
This section describes the last steps of the GCM Tag generation.
The Manual GCM Tag Generation is used to complete the GCM Tag Generation when the message has been
processed without Tag Generation.
Note: The Message Processing without Tag Generation must be finished before processing the Manual GCM Tag
Generation.
To generate a GCM Tag manually, perform the following steps:
Processing S = GHASHH (AAD || 0v || C || 0u || [len(AAD)]64 || [len(C)]64):
1. In AES_MR set OPMOD to GCM and GTAGEN to â0â (configuration as usual for the rest).
2. Set KEYW in AES_KEYWRx and wait for DATRDY bit of AES_ISR to be set (GCM hash subkey generation
complete); use interrupt if needed. After the GCM hash subkey generation is complete the GCM hash
subkey can be read or overwritten with specific value in the AES_GCMHRx (see Section 50.4.5.2 âKey
Writing and Automatic Hash Subkey Calculationâ for details).
3. Set AADLEN field to 0x10 (16 bytes) in AES_AADLENR and CLEN field to â0â in AES_CLENR. This will
allow running a single GHASHH on a 16-byte input data (see Figure 50-7).
4. Fill the GHASH field of AES_GHASHRx with the state of the GHASH field stored at the end of the message
processing.
5. Fill the IDATA field of AES_IDATARx according to the SMOD configuration used with âlen(AAD)64 || len(C)64â
value as described in the NIST documentation and wait for DATRDY to be set; use interrupt if needed.
6. Read the GHASH field of AES_GHASHRx to obtain the current value of the hash.
Processing T = GCTRK(J0, S):
7. In AES_MR set OPMOD to CTR (configuration as usual for the rest).
8. Set the IV field in AES_IVRx with âJ0â value.
9. Fill the IDATA field of AES_IDATARx with the GHASH value read at step 6 and wait for DATRDY to be set
(use interrupt if needed).
10. Read the ODATA field of AES_ODATARx to obtain the GCM Tag value.
Note: Step 4 is optional if the GHASH field is to be filled with value â0â (0 length packet for instance).
Processing a Message with only AAD (GHASHH)
SAMA5D4 Series [DATASHEET]
Atmel-11238A-ATARM-SAMA5D4-Datasheet_30-Sep-14
1597
|
▷ |
German
Russian
Spanish
Italian
Polish
Chinese
Japanese
Korean
French
Portuguese