MODE=B_0x0, DMAOUTEN=B_0x0, CHMOD1=B_0x0, KSHAREID=B_0x0, DMAINEN=B_0x0, GCMPH=B_0x0, EN=B_0x0, KMOD=B_0x0, CHMOD2=B_0x0, NPBLB=B_0x0, KEYSEL=B_0x0, KEYSIZE=B_0x0, DATATYPE=B_0x0, KEYPROT=B_0x0
SAES control register
| EN | SAES enable This bit enables/disables the SAES peripheral: At any moment, clearing then setting the bit re-initializes the SAES peripheral. This bit is automatically cleared by hardware upon the completion of the key preparation (Mode 2) and upon the completion of GCM/GMAC/CCM initial phase. The bit cannot be set as long as KEYVALID = 0 nor along with the following settings: KMOD = 01 + CHMOD = 011 and KMOD = 01 + CHMOD = 010 + MODE = 00. Note: With KMOD[1:0] other than 00, use the IPRST bit rather than the bit EN. 0 (B_0x0): Disable 1 (B_0x1): Enable |
| DATATYPE | Data type selection This bitfield defines the format of data written in the SAES_DINR register or read from the SAES_DOUTR register, through selecting the mode of data swapping: For more details, refer to . Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access. 0 (B_0x0): None 1 (B_0x1): Half-word (16-bit) 2 (B_0x2): Byte (8-bit) 3 (B_0x3): Bit |
| MODE | SAES operating mode This bitfield selects the SAES operating mode: Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access. 0 (B_0x0): Mode 1: encryption 1 (B_0x1): Mode 2: key derivation (or key preparation for ECB/CBC decryption) 2 (B_0x2): Mode 3: decryption |
| CHMOD1 | Chaining mode selection This bitfield selects the AES chaining mode: others: Reserved Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access. 0 (B_0x0): Electronic codebook (ECB) 1 (B_0x1): Cipher-block chaining (CBC) 2 (B_0x2): Counter mode (CTR) 3 (B_0x3): Galois counter mode (GCM) and Galois message authentication code (GMAC) |
| DMAINEN | DMA input enable This bit enables/disables data transferring with DMA, in the input phase: When the bit is set, DMA requests are automatically generated by SAES during the input data phase. This feature is only effective when Mode 1 or Mode 3 is selected through the MODE[1:0] bitfield. It is not effective for Mode 2 (key derivation). 0 (B_0x0): Disable 1 (B_0x1): Enable |
| DMAOUTEN | DMA output enable This bit enables/disables data transferring with DMA, in the output phase: When the bit is set, DMA requests are automatically generated by SAES during the output data phase. This feature is only effective when Mode 1 or Mode 3 is selected through the MODE[1:0] bitfield. It is not effective for Mode 2 (key derivation). 0 (B_0x0): Disable 1 (B_0x1): Enable |
| GCMPH | GCM or CCM phase selection This bitfield selects the phase of GCM, GMAC or CCM algorithm: The bitfield has no effect if other than GCM, GMAC or CCM algorithms are selected (through the ALGOMODE bitfield). 0 (B_0x0): Init phase 1 (B_0x1): Header phase 2 (B_0x2): Payload phase 3 (B_0x3): Final phase |
| CHMOD2 | Chaining mode selection This bitfield selects the AES chaining mode: others: Reserved Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access. 0 (B_0x0): Electronic codebook (ECB) 1 (B_0x1): Cipher-block chaining (CBC) |
| KEYSIZE | Key size selection This bitfield defines the length of the key used in the SAES cryptographic core, in bits: When KMOD[1:0]=01 or 10 KEYSIZE also defines the length of the key to encrypt or decrypt. Attempts to write the bit are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access. 0 (B_0x0): 128 1 (B_0x1): 256 |
| KEYPROT | Key protection When set, hardware-based key protection is enabled. Attempts to write the bit are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access. 0 (B_0x0): When KEYVALID is set and KEYSEL=0 application can transfer the ownership of the SAES, with its loaded key, to an application running in another security context (such as non-secure, secure). 1 (B_0x1): When KEYVALID is set, key error flag (KEIF) is set when an access to any registers is detected, this access having a security context (for example, secure, non-secure) that does not match the one of the application that loaded the key. |
| NPBLB | Number of padding bytes in last block The bitfield sets the number of padding bytes in last block of payload: … 0 (B_0x0): All bytes are valid (no padding) 1 (B_0x1): Padding for one least-significant byte of last block 15 (B_0xF): Padding for 15 least-significant bytes of last block |
| KMOD | Key mode selection The bitfield defines how the SAES key can be used by the application: Others: Reserved With normal key selection, the key registers are freely usable, no specific usage or protection applies to SAES_DIN and SAES_DOUT registers. With wrapped key selection, the key loaded in key registers can only be used to encrypt or decrypt AES keys. Hence, when a decryption is selected in Wrapped-key mode read-as-zero SAES_DOUT register is automatically loaded into SAES key registers after a successful decryption process. With shared key selection, after a successful decryption process, SAES key registers are shared with the peripheral described in KSHAREID(1:0] bitfield. This sharing is valid only while KMOD[1:0]=10 and KEYVALID = 1. When a decryption is selected, read-as-zero SAES_DOUT register is automatically loaded into SAES key registers after a successful decryption process. With KMOD[1:0] other than zero, any attempt to configure the SAES peripheral for use by an application belonging to a different security domain (secure or non-secure) results in automatic key erasure and setting of the KEIF flag. Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access. 0 (B_0x0): Normal key 1 (B_0x1): Wrapped key 2 (B_0x2): Shared key |
| KSHAREID | Key share identification This bitfield defines, at the end of a decryption process with KMOD[1:0]=10 (shared key), which target can read the SAES key registers using a dedicated hardware bus. Others: Reserved Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access. 0 (B_0x0): AES peripheral |
| KEYSEL | Key selection The bitfield defines the source of the key information to use in the AES cryptographic core. Others: Reserved (if used, unfreeze SAES with IPRST) When KEYSEL is different from zero, selected key value is available in key registers when BUSY bit is cleared and KEYVALID is set in the SAES_SR register. Otherwise, the key error flag KEIF is set. Repeated writing of KEYSEL[2:0] with the same non-zero value only triggers the loading of DHUK or BHK if KEYVALID = 0. When the application software changes the key selection by writing the KEYSEL[2:0] bitfield, the key registers are immediately erased and the KEYVALID flag cleared. At the end of the decryption process, if KMOD[1:0] is other than zero, KEYSEL[2:0] is cleared. With the bitfield value other than zero and KEYVALID set, the application cannot transfer the ownership of SAES with a loaded key to an application running in another security context (such as secure, non-secure). More specifically, when security of an access to any register does not match the information recorded by SAES, the KEIF flag is set. Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access. 0 (B_0x0): Software key, loaded in key registers SAES_KEYx 1 (B_0x1): Derived hardware unique key (DHUK) 2 (B_0x2): Boot hardware key (BHK) 4 (B_0x4): XOR of DHUK and BHK 7 (B_0x7): Test mode key (256-bit hardware constant 0xA5A5…A5A5) |
| IPRST | SAES peripheral software reset Setting the bit resets the SAES peripheral, putting all registers to their default values, except the IPRST bit itself and the SAES_DPACFG register. Hence, any key-relative data is lost. For this reason, it is recommended to set the bit before handing over the SAES to a less secure application. The bit must be low while writing any configuration registers. |