SWCU194 March 2023 CC1314R10 , CC1354P10 , CC1354R10 , CC2674P10 , CC2674R10
The AES engine is directly connected to the context and data registers so that it can immediately start processing when all data is available. The AES engine also interfaces to the I/O-control FSM and the module's DMA. AES comprises the following major functional blocks:
The block and AEAD modes require reading and writing of data, whereas the MAC modes require only reading of the data. In addition to the writing of data, the AEAD modes return an authentication result (known as a MAC or TAG). This result can either be read with a separate DMA operation, or read through the slave interface. For all modes, an option provides (part of) the data through the slave interface instead of using DMA. The AES engine is forced to use keys from the key-store module for its operations. A key is provided to the AES engine by triggering the key-store module to read an AES key from the key store memory, and to write it to the AES key registers. The AES engine automatically pads or masks misaligned last data blocks with zeroes for AES CBC-MAC, CCM, and GCM. This includes padding Additional Authentication Data (AAD) for CCM and GCM. For AES CTR mode, misaligned last data blocks are internally masked to support non-block size input data.
The Hash engine supports basic SHA-256, SHA-224, SHA-512, and SHA-384 operations. It only requires reading of input data, this data is transferred through the DMAC modules. The hash results can be transferred either using a DMA operation or by reading it through the slave interface. The module also supports keyed hash operations like HMAC, in which part of data can be provided by the AHB slave interface instead of using the DMA.