Security Module (AES)

This section describes the control and usage of the AES hardware acceleration unit. For more details refer to section 11.1 (Security Module (AES)) of the AT86RF231 datasheet.

The security module can be accessed with SRAM read/write commands (see section SRAM Access Mode) in any of the [ACTIVE] states. The functions trx_aes_read(), trx_aes_wrrd(), trx_aes_write() are adapted SRAM read/write functions, which take the memory organization of the security module into consideration. The fast SRAM access method is described in detail in section AES Block Access and Fast SRAM Access. The following picture shows the memory map of the security module.

   +----+--------------------+
   |0x82| AES_STATE          | (status register)
   +----+--------------------+
   |0x83| AES_CTRL           | (configuration register)
   +----+--------------------+
   |0x84|                    |
   |    | AES_STATE_KEY      | (128 bit data block)
   |0x93|                    |
   +----+--------------------+
   |0x94| AES_CTRL (MIRROR)  | (configuration mirror register)
   +----+--------------------+

Performing an AES operation requires the following steps:

1. Configure the security key with use case AES_SET_KEY.
2. Set the AES mode and direction with use case AES_ECB_SINGLE_BLOCK.
3. Transfer the data for the security operation to the security engine (see for example AES_ECB_SINGLE_BLOCK).
4. Start the security operation by setting AES_REQUEST bit at SRAM address 0x94.
5. The processed data is stored in the SRAM address range 0x84 - 0x93.

Note:

• Using the security module in TRX_OFF state requires enabling of CLKM. For details refer to CLKM Frequency Change.
• Combining steps 2 - 4 into one single SRAM access simplifies the interaction with the security hardware engine.
• Using consecutive AES operations (like CBC) allows reading of the previously processed data during an SRAM write access, for details refer to AES Block Access and Fast SRAM Access.
• An AES run requires t12, which further defines the wait time between AES accesses, refer to AES_ECB_MULTIPLE_BLOCKS, AES_CBC.
• Alternatively, the sub register AES_STATE can be polled in order to obtain the AES status information.
• All configurations of the security module, the SRAM content and keys are reset during SLEEP or after a Reset.

Parameters:

	aesmode	This parameter configures the AES operational mode, which can be {AES_MODE_KEY, AES_MODE_ECB, AES_MODE_CBC}. All other values are reserved.
	aesdir	This parameter configures the AES operation direction {AES_DIR_ENCRYPT, AES_DIR_DECRYPT}.
	aeskey	This data block of size TRX_AES_BLOCK_SIZE stores the 128 bit AES key.
	idata	This input data block of size TRX_AES_BLOCK_SIZE can contain either plain text or cypher text.
	{idata1}	1st input data block.
	{idata2}	2nd input data block. ...
	{idataN}	Nth input data block.
[out]	aesstatus	This value indicates the current status of the AES module. {0}: operation is not finished, {1}: operation is finished.
[out]	{odata}	This output data block of size TRX_AES_BLOCK_SIZE, contains either plain text or cypher text.
[out]	{odata1}	1st output data block.
[out]	{odata2}	2nd output data block. ...
[out]	{odataN}	Nth output data block.

Use Cases:

• AES_GET_STATUS
• AES_GET_MODE
• AES_SET_KEY
• AES_GET_KEY
• AES_ECB_SINGLE_BLOCK
• AES_ECB_MULTIPLE_BLOCKS
• AES_CBC

---

AES_GET_STATUS

The security engine (AES) operational status aesstatus can be retrieved from SRAM register AES_STATE.

Code example

    /* AT86RF231::[ACTIVE] */
    trx_sram_read(AES_STATE, 1, aesstatus);
    aesstatus=aesstatus&1;

AES_GET_MODE

The security engine (AES) operational mode aesmode and direction of operation aesdir can be retrieved from SRAM register AES_CTRL.

Code example

    /* AT86RF231::[ACTIVE] */
    trx_sram_read(AES_CTRL, 1, aesctrl);
    aesmode=(aesctrl>>4)&7;
    aesdir=(aesctrl>>3)&1;

AES_SET_KEY

Before starting a security operation a key must be written to the AES hardware engine. The key is configured

1. by configuring aesmode to and
2. storing the aeskey with a length of 128 bit to SRAM register AES_STATE_KEY.

Code example

    /* AT86RF231::[ACTIVE] */
    trx_aes_write(AES_MODE_KEY, 0, aeskey);

AES_GET_KEY

The aeskey can be retrieved from the SRAM registers AES_STATE_KEY. This may be required after finishing an AES operation.

Code example

    /* AT86RF231::[ACTIVE] */
    trx_aes_read(AES_MODE_KEY, aeskey);

AES_ECB_SINGLE_BLOCK

The ECB mode is the default operating mode of the security module. The use case illustrates the processing of a single data block while using the parameters aesdir and idata input data.

Returns:

odata output data

Code example

    /* AT86RF231::[ACTIVE] */
    aesctrl = AES_MODE_ECB | aesdir;
    trx_aes_write(aesctrl, 1, idata);
    delay(t12);
    trx_aes_read(aesctrl, odata);

AES_ECB_MULTIPLE_BLOCKS

The use case illustrates the processing of several data blocks in the ECB operational mode with the parameters aesmode = AES_MODE_ECB, aesdir, {idata1 ...idataN } input data blocks

Returns:

{odata1 ... odataN } output data blocks

Code example

    /* AT86RF231::[ACTIVE] */
    aesctrl = AES_MODE_ECB | aesdir;
    trx_aes_write(aesctrl, 1, idata1);
    delay(t12);
    trx_aes_wrrd(aesctrl, 1, idata2, odata1);
    delay(t12);
    trx_aes_wrrd(aesctrl, 1, idata3, odata2);
    proc_other_blocks();
    delay(t12);
    trx_aes_read(aesctrl, odataN);

AES_CBC

The use case illustrates the processing of several data blocks in the CBC operational mode with the parameters aesdir , {idata1 ...idataN } and return values {odata1 ...odataN }.

Code example

    /* AT86RF231::[ACTIVE] */
    aesctrl = AES_MODE_ECB | aesdir;
    trx_aes_write(aesctrl, 1, idata1);
    aesctrl = AES_MODE_CBC | aesdir;
    trx_aes_wrrd(aesctrl, 1, idata2, odata1);
    delay(t12);
    trx_aes_wrrd(aesctrl, 1, idata3, odata2);
    proc_other_blocks();
    delay(t12);
    trx_aes_read(aesctrl, odataN);

---