AES

group AES

AES driver.

The AES API provides support for encryption and decryption using hardware AES module.

To use a uDMA FIFO with the AES, give the FIFO ID as source and/or destination address. If you use a FIFO as destination, you will need to manually stop the FIFO mode when you are done using it with an ioctl command.

Typedefs

typedef struct pi_aes_conf pi_aes_conf_t

Enums

enum pi_aes_mode_e

AES block cipher modes.

Values:

enumerator PI_AES_MODE_ECB = 0
enumerator PI_AES_MODE_CBC = 1
enumerator PI_AES_MODE_CTR = 2
enum pi_aes_key_len_e

AES key lengths.

Values:

enumerator PI_AES_KEY_128 = 0
enumerator PI_AES_KEY_256 = 1
enum pi_aes_ioctl_e

Commands for pi_aes_ioctl.

This is used to tell which command to execute through pi_aes_ioctl.

Values:

enumerator PI_AES_IOCTL_STOP_FIFO_MODE

Exit FIFO mode and resume operation in normal mode.

After a FIFO has been used as output of the AES, this command must be sent to return to the normal mode.

Functions

void pi_aes_conf_init(struct pi_aes_conf *conf)

Initialize configuration structure with default values.

Parameters:

  • conf – Configuration structure to initialize

int32_t pi_aes_open(struct pi_device *device)

Allocate and initialize AES device software structures with previously provided configuration contained in device. Reference to the configuration should be previously set into device by pi_open_from_conf() call.

Multiple devices can be opened at the same time on the same AES hardware module. If pi_aes_open() is called for the first time on an AES hardware module, it will also power-up the AES module and allocate uDMA linear tx and rx channels.

Parameters:

  • device – AES device descriptor

Return values:

  • 0 – Success

  • <errno> – Error code

void pi_aes_close(struct pi_device *device)

Deallocate configuration/context held by this device descriptor. If this was the only device opened on an AES hardware module, it will also power down the module and release related uDMA channels.

Parameters:

  • device – AES device descriptor

void pi_aes_ioctl(pi_device_t *device, uint32_t cmd, void *arg)

AES IOCTL function.

Parameters:

  • device – AES device descriptor

  • cmd – ioctl number. See pi_aes_ioctl_e for the list of available ioctl identifiers.

  • arg – Argument specific to the given cmd

int32_t pi_aes_encrypt(struct pi_device *device, void *src, void *dest, uint16_t len)

Encrypt data (synchronous)

The call initiates encryption of data from src, blocks until the processing is complete and returns encrypted data via dest.

Warning

Source data size (in bytes) must be a multiple of 16. User must handle the padding.

Parameters:

  • device – AES device descriptor

  • src – Data to encrypt

  • dest – Encrypted data

  • len – Data length as number of 32-bit words. Must be multiple of 4.

Return values:

  • 0 – Success

  • <errno> – Error code

int32_t pi_aes_encrypt_async(struct pi_device *device, void *src, void *dest, uint16_t len, pi_evt_t *evt)

Encrypt data (asynchronous)

The call initiates encryption of data given by src, registers the event task for the caller to be notified on once the processing is complete, and returns.

Warning

Source data size (in bytes) should be a multiple of 16. User must handle the padding if needed.

Parameters:

  • device – AES device descriptor

  • src – Data to encrypt

  • dest – Encrypted data

  • len – Data length as number of 32-bit words. Must be multiple of 4.

  • evt – Event to be scheduled after encryption is finished

Return values:

  • 0 – Success

  • <errno> – Error code

int32_t pi_aes_decrypt(struct pi_device *device, void *src, void *dest, uint16_t len)

Decrypt data (synchronous)

The call initiates decryption of data from src, blocks until the processing is complete and returns encrypted data via dest.

Warning

Source data size (in bytes) should be a multiple of 16. User must handle the padding if needed.

Parameters:

  • device – AES device descriptor

  • src – Data to decrypt

  • dest – Decrypted data

  • len – Data length as number of 32-bit words. Must be multiple of 4.

Return values:

  • 0 – Success

  • <errno> – Error code

int32_t pi_aes_decrypt_async(struct pi_device *device, void *src, void *dest, uint16_t len, pi_evt_t *evt)

Decrypt data (asynchronous)

The call initiates decryption of data given by src, registers the event task for the caller to be notified on once the processing is complete, and returns.

Warning

Source data size (in bytes) should be a multiple of 16. User must handle the padding if needed.

Parameters:

  • device – AES device descriptor

  • src – Data to decrypt

  • dest – Decrypted data

  • len – Data length as number of 32-bit words. Must be multiple of 4.

  • evt – Event executed after the decryption

Return values:

  • 0 – Success

  • <errno> – Error code

int32_t pi_aes_ctr_set(pi_device_t *device, uint32_t low, uint32_t high)

For AES module with CTR support, allows to manually set counter value for the next transfer.

Warning

It is relevant only if AES hardware module has CTR support.

Parameters:

  • device – AES device descriptor

  • low – Lower 32 bits of the counter

  • high – Upper 32 bits of the counter

Return values:

  • 0 – Success

  • <errno> – Error code

struct pi_aes_conf
#include <aes.h>

Structure describing the configuration of an AES device.

Public Members

uint8_t itf

AES device ID.

pi_aes_mode_e mode

AES mode

pi_aes_key_len_e key_len

AES key length: 128 or 256 bits

uint32_t *key

AES key

uint32_t *iv

Initialization vector (used in CBC and CTR modes)

uint8_t qk_en

AES core uses qk so as input