SWCU192 November 2021 CC1312R7 , CC1352P7 , CC2652P7 , CC2652R7
The AESDATAINn and AESDATAOUTn data registers are typically accessed through DMA and not with host writes and reads. However, for debugging purposes, the Data Input and Output registers can be accessed through host write and read operations. The registers buffer the input and output data blocks to and from the crypto core (see Table 13-14).
The data input buffer AESDATAINn and data output buffer AESDATAOUTn are mapped to the same address locations.
Writes (both DMA and host) to these addresses load the input buffer, while reads pull from the output buffer. Therefore, for write access, the data input buffer is written; for read access, the data output buffer is read. The data input buffer must be written before starting an operation. The data output buffer contains valid data when an operation completes. Therefore, any 128-bit data block can be split over multiple 32-bit word transfers; these transfers can be mixed with other host transfers over the external interface.
For normal operations, this register is not used, because data input and output is transferred from and to the AES core through DMA. For a host write operation, these registers must be written with the 128-bit input block for the next AES operation. Writing at a word-aligned offset within this address range stores the word (4 bytes) of data into the corresponding position of 4-word-deep (16 bytes = 128-bit AES block) data-input buffer. This buffer is used for the next AES operation. If the last data block is not completely filled with valid data, it can write only the words with valid data. Finally, the AES operation is triggered by writing the AESCTL.INPUT_RDY bit.
For a host read operation, this register contains the 128-bit output block from the latest AES operation. Reading from a word-aligned offset within this address range reads one word (4 bytes) of data out of the 4-word-deep (16 bytes = 128-bits AES block) data output buffer. The words (four words, one full block) must be read before the core moves the next block to the data output buffer. To empty the data output buffer, the AESCTL.OUTPUT_RDY bit must be written.
For the modes with authentication (CBC-MAC and CCM), the invalid (message) bytes or words can be written with any data.
AES typically operates on a 128-bit block with multiple input data. The CTR, GCM, and CCM modes form an exception. The last block of a CTR-mode message may contain less than 128 bits (see the NIST 800-38A document from National Institute of Standards and Technology): 0 < n < = 128 bits. For GCM and CCM, the last block of both AAD and message data may contain less than 128 bits (see NIST 800-38D from National Institute of Standards and Technology). The AES module automatically pads or masks misaligned ending data blocks with zeroes for CCM and CBC-MAC. For CTR mode, the remaining data in an unaligned data block are ignored. The AAD or authentication-only data are not copied to the output buffer but are only used for authentication.
| Operation | Data Input Buffer | Data Output Buffer |
|---|---|---|
| ECB/CBC encrypt | 128-bit plaintext block | 128-bit ciphertext block |
| ECB/CBC decrypt | 128-bit ciphertext block | 128-bit plaintext block |
| CTR encrypt | n-bit plaintext block | n-bit ciphertext block |
| CTR decrypt | n-bit ciphertext block | n-bit plaintext block |
| GCM/CCM AAD data | n-bit plaintext block | No output data |
| GCM/CCM encrypt data | n-bit plaintext block | n-bit ciphertext block |
| GCM/CCM decrypt data | n-bit ciphertext block | n-bit plaintext block |
| CBC-MAC data | n-bit plaintext block | No output data |