SAMA5D41_14 Datasheet, PDF(1598/1776 Page) ATMEL Corporation – Atmel | SMART ARM-based Embedded MPU

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

SAMA5D41_14 Datasheet, PDF (1598/1776 Pages) ATMEL Corporation – Atmel | SMART ARM-based Embedded MPU

◁

Figure 50-7. Single GHASHH Block Diagram (AADLEN â¤ 0x10 and CLEN = 0)

GHASH

IDATA

GF128Mult(H)

GHASH

It is possible to process a message with only AAD setting the CLEN field to â0â in the AES_CLENR, this can be

used for J0 generation when len(IV) â 96 for instance.

Example: Processing J0 when len(IV) â 96

To process J0 = GHASHH(IV || 0s+64 || [len(IV)]64) perform the following steps:

1. In AES_MR set OPMOD to GCM and GTAGEN to â0â (configuration as usual for the rest).

2. Set KEYW in AES_KEYWRx and wait until DATRDY bit of AES_ISR is set (GCM hash subkey generation

complete); use interrupt if needed. After the GCM hash subkey generation is complete the GCM hash

subkey can be read or overwritten with specific value in the AES_GCMHRx (see Section 50.4.5.2 âKey

Writing and Automatic Hash Subkey Calculationâ for details).

3. Set AADLEN field with âlen(IV || 0s+64 || [len(IV)]64)â in AES_AADLENR and CLEN field to â0â in AES_CLENR.

This will allow running a GHASHH only.

4. Fill the IDATA field of AES_IDATARx with the message to process (IV || 0s+64 || [len(IV)]64) according to the

SMOD configuration used. If Manual Mode or Auto Mode is used, the DATRDY bit indicates when a

GHASHH step is over (use interrupt if needed).

5. Read the GHASH field of AES_GHASHRx to obtain the J0 value.

Note: The GHASH value can be overwritten at any time by writing the GHASH field value of AES_GHASHRx, used to

perform a GHASHH with an initial value for GHASH (write GHASH field between step 3 and step 4 in this case).

Processing a Single GF128 Multiplication

The AES can also be used to process a single multiplication in the Galois field on 128 bits (GF128) using a single

GHASHH with custom H value (see Figure 50-7).

To run a GF128 multiplication (A x B) perform the following steps:

1. In AES_MR set OPMOD to GCM and GTAGEN to â0â (configuration as usual for the rest).

2. Set AADLEN field with 0x10 (16 bytes) in AES_AADLENR and CLEN field to â0â in AES_CLENR. This will

allow running a single GHASHH.

3. Fill the H field of the AES_GCMHRx with B value.

4. Fill the IDATA field of AES_IDATARx with the A value according to the SMOD configuration used. If Manual

Mode or Auto Mode is used, the DATRDY bit indicates when a GHASHH computation is over (use interrupt if

needed).

5. Read the GHASH field of AES_GHASHRx to obtain the result.

Note: The GHASH field of AES_GHASHRx can be initialized with a value C between step 3 and step 4 to run a ((A XOR C) x

B) GF128 multiplication.

1598

SAMA5D4 Series [DATASHEET]

Atmel-11238A-ATARM-SAMA5D4-Datasheet_30-Sep-14

▷