ST STM32F405 Reference Manual page 739

RM0090
Note: The first block B1 must be formatted with the header length. This task should be handled by
software.
k)
3. CCM payload phase (encryption/decryption)
This step must be performed after the CCM header phase. During this phase, the
encrypted/decrypted payload is stored in the CRYP_DOUT register.
The following sequence must be followed:
l)
m) Select the algorithm direction (encryption or decryption) by using the ALGODIR bit
n)
o)
4. CCM final phase
This step generates the authentication tag. During this phase, the authentication tag of
the message is generated and stored in the CRYP_DOUT register.
p)
q)
r)
s)
t)
Note: The hardware does not perform the formatting of the original B0 and B1 packets and the tag
comparison between encryption and decryption. They have to be handled by software.
The cryptographic processor does not need to be disabled/enabled when moving from the
header phase to the tag phase.
AES cipher message authentication code (CMAC)
The CMAC algorithm allows authenticating the plaintext, and generating the corresponding
tag. The CMAC sequence is identical to the CCM one, except that the payload phase is
skipped.
23.3.3 Data type
Data enter the CRYP processor 32 bits (word) at a time as they are written into the
CRYP_DIN register. The principle of the DES is that streams of data are processed 64 bits
by 64 bits and, for each 64-bit block, the bits are numbered from M1 to M64, with M1 the left-
most bit and M64 the right-most bit of the block. The same principle is used for the AES, but
with a 128-bit block size.
Once all header data have been supplied, wait until the BUSY flag is cleared.
Configure GCM_CCMPH bits to '10' in CRYP_CR.
in CRYP_CR.
Program the payload message into the CRYP_DIN register, and use the IFNF flag
to determine if the input FIFO can receive data. Alternatively, the data could be
programmed into the CRYP_DIN register by blocks of 8 words and the IFEM flag
used to determine if the input FIFO can receive data (IFEM='1'). In parallel, the
OFNE/OFFU flag of the CRYP_DOUT register can be monitored to check if the
output FIFO is not empty.
Repeat the previous step until all payload blocks have been encrypted or
decrypted. Alternatively, DMA could be used.
Configure GCM_CCMPH[1:0] bits to '11' in CRYP_CR.
Load the A0 initialized counter, and program the 128-bit A0 value by writing 4
times 32 bits into the CRYP_DIN register.
Wait till the
OFNE flag
register.
Read the CRYP_DOUT register 4 times: the output corresponds to the encrypted
authentication tag.
Disable the cryptographic processor (CRYPEN bit in CRYP_CR = '0')
(FIFO output not empty) is set to '1' in the CRYP_SR
RM0090 Rev 18
Cryptographic processor (CRYP)
739/1749
766