From 0437b81a9edf4e1867548e1bd5a5b787c99129ee Mon Sep 17 00:00:00 2001 From: eZio Pan Date: Sun, 25 Feb 2024 16:43:46 +0800 Subject: [PATCH 1/6] extract --- data/registers/saes_v1a.yaml | 408 +++++++++++++++++++++++++++++++++++ 1 file changed, 408 insertions(+) create mode 100644 data/registers/saes_v1a.yaml diff --git a/data/registers/saes_v1a.yaml b/data/registers/saes_v1a.yaml new file mode 100644 index 0000000..d1bae76 --- /dev/null +++ b/data/registers/saes_v1a.yaml @@ -0,0 +1,408 @@ +block/SAES: + description: Secure advanced encryption standard hardware accelerator. + items: + - name: CR + description: SAES control register. + byte_offset: 0 + fieldset: CR + - name: SR + description: SAES status register. + byte_offset: 4 + fieldset: SR + - name: DINR + description: SAES data input register. + byte_offset: 8 + fieldset: DINR + - name: DOUTR + description: SAES data output register. + byte_offset: 12 + fieldset: DOUTR + - name: KEYR0 + description: SAES key register 0. + byte_offset: 16 + fieldset: KEYR0 + - name: KEYR1 + description: SAES key register 1. + byte_offset: 20 + fieldset: KEYR1 + - name: KEYR2 + description: SAES key register 2. + byte_offset: 24 + fieldset: KEYR2 + - name: KEYR3 + description: SAES key register 3. + byte_offset: 28 + fieldset: KEYR3 + - name: IVR0 + description: SAES initialization vector register 0. + byte_offset: 32 + fieldset: IVR0 + - name: IVR1 + description: SAES initialization vector register 1. + byte_offset: 36 + fieldset: IVR1 + - name: IVR2 + description: SAES initialization vector register 2. + byte_offset: 40 + fieldset: IVR2 + - name: IVR3 + description: SAES initialization vector register 3. + byte_offset: 44 + fieldset: IVR3 + - name: KEYR4 + description: SAES key register 4. + byte_offset: 48 + fieldset: KEYR4 + - name: KEYR5 + description: SAES key register 5. + byte_offset: 52 + fieldset: KEYR5 + - name: KEYR6 + description: SAES key register 6. + byte_offset: 56 + fieldset: KEYR6 + - name: KEYR7 + description: SAES key register 7. + byte_offset: 60 + fieldset: KEYR7 + - name: SUSP0R + description: SAES suspend registers. + byte_offset: 64 + fieldset: SUSP0R + - name: SUSP1R + description: SAES suspend registers. + byte_offset: 68 + fieldset: SUSP1R + - name: SUSP2R + description: SAES suspend registers. + byte_offset: 72 + fieldset: SUSP2R + - name: SUSP3R + description: SAES suspend registers. + byte_offset: 76 + fieldset: SUSP3R + - name: SUSP4R + description: SAES suspend registers. + byte_offset: 80 + fieldset: SUSP4R + - name: SUSP5R + description: SAES suspend registers. + byte_offset: 84 + fieldset: SUSP5R + - name: SUSP6R + description: SAES suspend registers. + byte_offset: 88 + fieldset: SUSP6R + - name: SUSP7R + description: SAES suspend registers. + byte_offset: 92 + fieldset: SUSP7R + - name: IER + description: SAES interrupt enable register. + byte_offset: 768 + fieldset: IER + - name: ISR + description: SAES interrupt status register. + byte_offset: 772 + fieldset: ISR + - name: ICR + description: SAES interrupt clear register. + byte_offset: 776 + fieldset: ICR +fieldset/CR: + description: SAES control register. + fields: + - name: EN + description: 'SAES enable This bit enables/disables the SAES peripheral: At any moment, clearing then setting the bit re-initializes the SAES peripheral. This bit is automatically cleared by hardware upon the completion of the key preparation (Mode 2) and upon the completion of GCM/GMAC/CCM initial phase. The bit cannot be set as long as KEYVALID = 0 nor along with the following settings: KMOD = 01 + CHMOD = 011 and KMOD = 01 + CHMOD = 010 + MODE = 00. Note: With KMOD[1:0] other than 00, use the IPRST bit rather than the bit EN.' + bit_offset: 0 + bit_size: 1 + - name: DATATYPE + description: 'Data type selection This bitfield defines the format of data written in the SAES_DINR register or read from the SAES_DOUTR register, through selecting the mode of data swapping: For more details, refer to . Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' + bit_offset: 1 + bit_size: 2 + - name: MODE + description: 'SAES operating mode This bitfield selects the SAES operating mode: Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' + bit_offset: 3 + bit_size: 2 + - name: CHMOD1 + description: 'Chaining mode selection This bitfield selects the AES chaining mode: others: Reserved Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' + bit_offset: 5 + bit_size: 2 + - name: DMAINEN + description: 'DMA input enable This bit enables/disables data transferring with DMA, in the input phase: When the bit is set, DMA requests are automatically generated by SAES during the input data phase. This feature is only effective when Mode 1 or Mode 3 is selected through the MODE[1:0] bitfield. It is not effective for Mode 2 (key derivation).' + bit_offset: 11 + bit_size: 1 + - name: DMAOUTEN + description: 'DMA output enable This bit enables/disables data transferring with DMA, in the output phase: When the bit is set, DMA requests are automatically generated by SAES during the output data phase. This feature is only effective when Mode 1 or Mode 3 is selected through the MODE[1:0] bitfield. It is not effective for Mode 2 (key derivation).' + bit_offset: 12 + bit_size: 1 + - name: GCMPH + description: 'GCM or CCM phase selection This bitfield selects the phase of GCM, GMAC or CCM algorithm: The bitfield has no effect if other than GCM, GMAC or CCM algorithms are selected (through the ALGOMODE bitfield).' + bit_offset: 13 + bit_size: 2 + - name: CHMOD2 + description: 'Chaining mode selection This bitfield selects the AES chaining mode: others: Reserved Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' + bit_offset: 16 + bit_size: 1 + - name: KEYSIZE + description: 'Key size selection This bitfield defines the length of the key used in the SAES cryptographic core, in bits: When KMOD[1:0]=01 or 10 KEYSIZE also defines the length of the key to encrypt or decrypt. Attempts to write the bit are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' + bit_offset: 18 + bit_size: 1 + - name: KEYPROT + description: Key protection When set, hardware-based key protection is enabled. Attempts to write the bit are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access. + bit_offset: 19 + bit_size: 1 + - name: NPBLB + description: 'Number of padding bytes in last block The bitfield sets the number of padding bytes in last block of payload: ...' + bit_offset: 20 + bit_size: 4 + - name: KMOD + description: 'Key mode selection The bitfield defines how the SAES key can be used by the application: Others: Reserved With normal key selection, the key registers are freely usable, no specific usage or protection applies to SAES_DIN and SAES_DOUT registers. With wrapped key selection, the key loaded in key registers can only be used to encrypt or decrypt AES keys. Hence, when a decryption is selected in Wrapped-key mode read-as-zero SAES_DOUT register is automatically loaded into SAES key registers after a successful decryption process. With shared key selection, after a successful decryption process, SAES key registers are shared with the peripheral described in KSHAREID(1:0] bitfield. This sharing is valid only while KMOD[1:0]=10 and KEYVALID = 1. When a decryption is selected, read-as-zero SAES_DOUT register is automatically loaded into SAES key registers after a successful decryption process. With KMOD[1:0] other than zero, any attempt to configure the SAES peripheral for use by an application belonging to a different security domain (secure or non-secure) results in automatic key erasure and setting of the KEIF flag.\nAttempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' + bit_offset: 24 + bit_size: 2 + - name: KSHAREID + description: 'Key share identification This bitfield defines, at the end of a decryption process with KMOD[1:0]=10 (shared key), which target can read the SAES key registers using a dedicated hardware bus. Others: Reserved Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' + bit_offset: 26 + bit_size: 2 + - name: KEYSEL + description: 'Key selection The bitfield defines the source of the key information to use in the AES cryptographic core. Others: Reserved (if used, unfreeze SAES with IPRST) When KEYSEL is different from zero, selected key value is available in key registers when BUSY bit is cleared and KEYVALID is set in the SAES_SR register. Otherwise, the key error flag KEIF is set. Repeated writing of KEYSEL[2:0] with the same non-zero value only triggers the loading of DHUK or BHK if KEYVALID = 0. When the application software changes the key selection by writing the KEYSEL[2:0] bitfield, the key registers are immediately erased and the KEYVALID flag cleared. At the end of the decryption process, if KMOD[1:0] is other than zero, KEYSEL[2:0] is cleared. With the bitfield value other than zero and KEYVALID set, the application cannot transfer the ownership of SAES with a loaded key to an application running in another security context (such as secure, non-secure). More specifically, when security of an access to any register does not match the information recorded by SAES, the KEIF flag is set. Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' + bit_offset: 28 + bit_size: 3 + - name: IPRST + description: SAES peripheral software reset Setting the bit resets the SAES peripheral, putting all registers to their default values, except the IPRST bit itself and the SAES_DPACFG register. Hence, any key-relative data is lost. For this reason, it is recommended to set the bit before handing over the SAES to a less secure application. The bit must be low while writing any configuration registers. + bit_offset: 31 + bit_size: 1 +fieldset/DINR: + description: SAES data input register. + fields: + - name: DIN + description: 'Input data word A four-fold sequential write to this bitfield during the input phase results in writing a complete 128-bit block of input data to the SAES peripheral. From the first to the fourth write, the corresponding data weights are [127:96], [95:64], [63:32], and [31:0]. Upon each write, the data from the 32-bit input buffer are handled by the data swap block according to the DATATYPE[1:0] bitfield, then written into the AES core 128-bit input buffer. The data signification of the input data block depends on the SAES operating mode: - Mode 1 (encryption): plaintext - Mode 2 (key derivation): the bitfield is not used (SAES_KEYRx registers used for input if KEYSEL=0) - Mode 3 (decryption): ciphertext The data swap operation is described in on page 1149.' + bit_offset: 0 + bit_size: 32 +fieldset/DOUTR: + description: SAES data output register. + fields: + - name: DOUT + description: 'Output data word This read-only bitfield fetches a 32-bit output buffer. A four-fold sequential read of this bitfield, upon the computation completion (CCF set), virtually reads a complete 128-bit block of output data from the SAES peripheral. Before reaching the output buffer, the data produced by the AES core are handled by the data swap block according to the DATATYPE[1:0] bitfield. Data weights from the first to the fourth read operation are: [127:96], [95:64], [63:32], and [31:0]. The data signification of the output data block depends on the SAES operating mode: - Mode 1 (encryption): ciphertext - Mode 2 (key derivation): the bitfield is not used - Mode 3 (decryption): plaintext The data swap operation is described in on page 1149.' + bit_offset: 0 + bit_size: 32 +fieldset/ICR: + description: SAES interrupt clear register. + fields: + - name: CCF + description: Computation complete flag clear Setting this bit clears the CCF status bit of the SAES_SR and SAES_ISR registers. + bit_offset: 0 + bit_size: 1 + - name: RWEIF + description: Read or write error interrupt flag clear Setting this bit clears the RWEIF status bit of the SAES_ISR register, and both RDERR and WRERR flags in the SAES_SR register. + bit_offset: 1 + bit_size: 1 + - name: KEIF + description: Key error interrupt flag clear Setting this bit clears the KEIF status bit of the SAES_ISR register. + bit_offset: 2 + bit_size: 1 + - name: RNGEIF + description: RNG error interrupt flag clear Application must set this bit to clear the RNGEIF status bit in SAES_ISR register. + bit_offset: 3 + bit_size: 1 +fieldset/IER: + description: SAES interrupt enable register. + fields: + - name: CCFIE + description: Computation complete flag interrupt enable This bit enables or disables (masks) the SAES interrupt generation when CCF (computation complete flag) is set. + bit_offset: 0 + bit_size: 1 + - name: RWEIE + description: Read or write error interrupt enable This bit enables or disables (masks) the SAES interrupt generation when RWEIF (read and/or write error flag) is set. + bit_offset: 1 + bit_size: 1 + - name: KEIE + description: Key error interrupt enable This bit enables or disables (masks) the SAES interrupt generation when KEIF (key error flag) is set. + bit_offset: 2 + bit_size: 1 + - name: RNGEIE + description: RNG error interrupt enable This bit enables or disables (masks) the SAES interrupt generation when RNGEIF (RNG error flag) is set. + bit_offset: 3 + bit_size: 1 +fieldset/ISR: + description: SAES interrupt status register. + fields: + - name: CCF + description: 'Computation complete flag This flag indicates whether the computation is completed: The flag is set by hardware upon the completion of the computation. It is cleared by software, upon setting the CCF bit of the SAES_ICR register. Upon the flag setting, an interrupt is generated if enabled through the CCFIE bit of the SAES_IER register. The flag is significant only when the DMAOUTEN bit is 0. It may stay high when DMA_EN is 1.' + bit_offset: 0 + bit_size: 1 + - name: RWEIF + description: Read or write error interrupt flag This read-only bit is set by hardware when a RDERR or a WRERR error flag is set in the SAES_SR register. RWEIF bit is cleared when application sets the corresponding bit of SAES_ICR register. An interrupt is generated if the RWEIE bit has been previously set in the SAES_IER register. This flags has no meaning when key derivation mode is selected. + bit_offset: 1 + bit_size: 1 + - name: KEIF + description: 'Key error interrupt flag This read-only bit is set by hardware when key information failed to load into key registers or key register usage is forbidden. Setting the corresponding bit of the SAES_ICR register clears the KEIF and generates interrupt if the KEIE bit of the SAES_IER register is set. KEIF is triggered upon any of the following errors: SAES fails to load the DHUK (KEYSEL = 001 or 100). SAES fails to load the BHK (KEYSEL = 010 or 100) respecting the correct order. AES fails to load the key shared by SAES peripheral (KMOD=10). When KEYVALID = 1 and (KEYPROT = 1 or KEYSEL is not 0x0), the security context of the application that loads the key (secure or non-secure) does not match the security attribute of the access to SAES_CR or SAES_DOUT. In this case, KEYVALID and EN bits are cleared. SAES_KEYRx register write does not respect the correct order. (For KEYSIZE = 0, SAES_KEYR0 then SAES_KEYR1 then SAES_KEYR2 then SAES_KEYR3 register, or reverse. For KEYSIZE = 1, SAES_KEYR0 then SAES_KEYR1 then SAES_KEYR2 then SAES_KEYR3 then SAES_KEYR4 then SAES_KEYR5 then SAES_KEYR6 then SAES_KEYR7, or reverse). KEIF must be cleared by the application software, otherwise KEYVALID cannot be set.' + bit_offset: 2 + bit_size: 1 + - name: RNGEIF + description: RNG error interrupt flag This read-only bit is set by hardware when an error is detected on RNG bus interface (e.g. bad entropy). RNGEIE bit is cleared when application sets the corresponding bit of SAES_ICR register. An interrupt is generated if the RNGEIE bit has been previously set in the SAES_IER register. Clearing this bit triggers the reload of a new random number from RNG peripheral. + bit_offset: 3 + bit_size: 1 +fieldset/IVR0: + description: SAES initialization vector register 0. + fields: + - name: IVI + description: Initialization vector input, bits [31:0] Refer to for description of the IVI[127:0] bitfield. The initialization vector is only used in chaining modes other than ECB. The SAES_IVRx registers may be written only when the SAES peripheral is disabled. + bit_offset: 0 + bit_size: 32 +fieldset/IVR1: + description: SAES initialization vector register 1. + fields: + - name: IVI + description: Initialization vector input, bits [63:32] Refer to the SAES_IVR0 register for description of the IVI[128:0] bitfield. + bit_offset: 0 + bit_size: 32 +fieldset/IVR2: + description: SAES initialization vector register 2. + fields: + - name: IVI + description: Initialization vector input, bits [95:64] Refer to the SAES_IVR0 register for description of the IVI[128:0] bitfield. + bit_offset: 0 + bit_size: 32 +fieldset/IVR3: + description: SAES initialization vector register 3. + fields: + - name: IVI + description: Initialization vector input, bits [127:96] Refer to the SAES_IVR0 register for description of the IVI[128:0] bitfield. + bit_offset: 0 + bit_size: 32 +fieldset/KEYR0: + description: SAES key register 0. + fields: + - name: KEY + description: 'Cryptographic key, bits [31:0] This write-only bitfield contains the bits [31:0] of the AES encryption or decryption key, depending on the operating mode: - In Mode 1 (encryption), Mode 2 (key derivation): the value to write into the bitfield is the encryption key. - In Mode 3 (decryption): the value to write into the bitfield is the encryption key to be derived before being used for decryption. The SAES_KEYRx registers may be written only when KEYSIZE value is correct and when the SAES peripheral is disabled (EN bit of the SAES_CR register cleared). A special writing sequence is also required, as described in KEYVALID bit of the SAES_SR register. Note that, if KEYSEL is different from 0 and KEYVALID = 0, the key is directly loaded to SAES_KEYRx registers (hence writes to key register is ignored and KEIF is set). Refer to for more details.' + bit_offset: 0 + bit_size: 32 +fieldset/KEYR1: + description: SAES key register 1. + fields: + - name: KEY + description: Cryptographic key, bits [63:32] Refer to the SAES_KEYR0 register for description of the KEY[255:0] bitfield. + bit_offset: 0 + bit_size: 32 +fieldset/KEYR2: + description: SAES key register 2. + fields: + - name: KEY + description: Cryptographic key, bits [95:64] Refer to the SAES_KEYR0 register for description of the KEY[255:0] bitfield. + bit_offset: 0 + bit_size: 32 +fieldset/KEYR3: + description: SAES key register 3. + fields: + - name: KEY + description: Cryptographic key, bits [127:96] Refer to the SAES_KEYR0 register for description of the KEY[255:0] bitfield. + bit_offset: 0 + bit_size: 32 +fieldset/KEYR4: + description: SAES key register 4. + fields: + - name: KEY + description: Cryptographic key, bits [159:128] Refer to the SAES_KEYR0 register for description of the KEY[255:0] bitfield. + bit_offset: 0 + bit_size: 32 +fieldset/KEYR5: + description: SAES key register 5. + fields: + - name: KEY + description: Cryptographic key, bits [191:160] Refer to the SAES_KEYR0 register for description of the KEY[255:0] bitfield. + bit_offset: 0 + bit_size: 32 +fieldset/KEYR6: + description: SAES key register 6. + fields: + - name: KEY + description: Cryptographic key, bits [223:192] Refer to the SAES_KEYR0 register for description of the KEY[255:0] bitfield. + bit_offset: 0 + bit_size: 32 +fieldset/KEYR7: + description: SAES key register 7. + fields: + - name: KEY + description: Cryptographic key, bits [255:224] Refer to the SAES_KEYR0 register for description of the KEY[255:0] bitfield. + bit_offset: 0 + bit_size: 32 +fieldset/SR: + description: SAES status register. + fields: + - name: CCF + description: Computation completed flag This bit mirrors the CCF bit of the SAES_ISR register. + bit_offset: 0 + bit_size: 1 + - name: RDERR + description: 'Read error flag This flag indicates the detection of an unexpected read operation from the SAES_DOUTR register (during computation or data input phase): The flag is set by hardware. It is cleared by software upon setting the RWEIF bit of the SAES_ICR register. Upon the flag setting, an interrupt is generated if enabled through the RWEIE bit of the SAES_ICR register. The flag setting has no impact on the SAES operation. Unexpected read returns zero.' + bit_offset: 1 + bit_size: 1 + - name: WRERR + description: 'Write error This flag indicates the detection of an unexpected write operation to the SAES_DINR register (during computation or data output phase): The flag is set by hardware. It is cleared by software upon setting the RWEIF bit of the SAES_ICR register. Upon the flag setting, an interrupt is generated if enabled through the RWEIE bit of the SAES_ICR register. The flag setting has no impact on the SAES operation. Unexpected write is ignored.' + bit_offset: 2 + bit_size: 1 + - name: BUSY + description: 'Busy This flag indicates whether SAES is idle or busy during GCM payload encryption phase: The flag is set upon SAES initialization, upon fetching random number from the RNG, or upon transferring a shared key to a target peripheral. When GCM encryption is selected, the flag must be at zero before selecting the GCM final phase.' + bit_offset: 3 + bit_size: 1 + - name: KEYVALID + description: Key Valid flag This bit is set by hardware when the amount of key information defined by KEYSIZE in SAES_CR has been loaded in SAES_KEYx key registers. In normal mode when KEYSEL equals to zero, the application must write the key registers in the correct sequence, otherwise the KEIF flag of the SAES_ISR register is set and KEYVALID stays at zero. When KEYSEL is different from zero the BUSY flag is automatically set by SAES. When key is loaded successfully, the BUSY flag is cleared and KEYVALID set. Upon an error, the KEIF flag of the SAES_ISR register is set, the BUSY flag cleared and KEYVALID kept at zero. When the KEIF flag is set, the application must clear it through the SAES_ICR register, otherwise KEYVALID cannot be set. See the KEIF bit description for more details. For more information on key loading please refer to. + bit_offset: 7 + bit_size: 1 +fieldset/SUSP0R: + description: SAES suspend registers. + fields: + - name: SUSP + description: SAES suspend Upon suspend operation, this bitfield of the corresponding SAES_SUSPxR register takes the value of one of internal SAES registers. + bit_offset: 0 + bit_size: 32 +fieldset/SUSP1R: + description: SAES suspend registers. + fields: + - name: SUSP + description: SAES suspend Upon suspend operation, this bitfield of the corresponding SAES_SUSPxR register takes the value of one of internal SAES registers. + bit_offset: 0 + bit_size: 32 +fieldset/SUSP2R: + description: SAES suspend registers. + fields: + - name: SUSP + description: SAES suspend Upon suspend operation, this bitfield of the corresponding SAES_SUSPxR register takes the value of one of internal SAES registers. + bit_offset: 0 + bit_size: 32 +fieldset/SUSP3R: + description: SAES suspend registers. + fields: + - name: SUSP + description: SAES suspend Upon suspend operation, this bitfield of the corresponding SAES_SUSPxR register takes the value of one of internal SAES registers. + bit_offset: 0 + bit_size: 32 +fieldset/SUSP4R: + description: SAES suspend registers. + fields: + - name: SUSP + description: SAES suspend Upon suspend operation, this bitfield of the corresponding SAES_SUSPxR register takes the value of one of internal SAES registers. + bit_offset: 0 + bit_size: 32 +fieldset/SUSP5R: + description: SAES suspend registers. + fields: + - name: SUSP + description: SAES suspend Upon suspend operation, this bitfield of the corresponding SAES_SUSPxR register takes the value of one of internal SAES registers. + bit_offset: 0 + bit_size: 32 +fieldset/SUSP6R: + description: SAES suspend registers. + fields: + - name: SUSP + description: SAES suspend Upon suspend operation, this bitfield of the corresponding SAES_SUSPxR register takes the value of one of internal SAES registers. + bit_offset: 0 + bit_size: 32 +fieldset/SUSP7R: + description: SAES suspend registers. + fields: + - name: SUSP + description: SAES suspend Upon suspend operation, this bitfield of the corresponding SAES_SUSPxR register takes the value of one of internal SAES registers. + bit_offset: 0 + bit_size: 32 From 93a943cf3a10fbff8a18734cb3f99a5a8277f6e4 Mon Sep 17 00:00:00 2001 From: eZio Pan Date: Sun, 25 Feb 2024 18:33:51 +0800 Subject: [PATCH 2/6] apply transform --- data/registers/saes_v1a.yaml | 249 +++-------------------------------- transforms/SAES.yaml | 19 +++ 2 files changed, 38 insertions(+), 230 deletions(-) create mode 100644 transforms/SAES.yaml diff --git a/data/registers/saes_v1a.yaml b/data/registers/saes_v1a.yaml index d1bae76..8c3a3bd 100644 --- a/data/registers/saes_v1a.yaml +++ b/data/registers/saes_v1a.yaml @@ -12,91 +12,34 @@ block/SAES: - name: DINR description: SAES data input register. byte_offset: 8 - fieldset: DINR - name: DOUTR description: SAES data output register. byte_offset: 12 - fieldset: DOUTR - - name: KEYR0 + - name: KEYR description: SAES key register 0. + array: + offsets: + - 0 + - 4 + - 8 + - 12 + - 32 + - 36 + - 40 + - 44 byte_offset: 16 - fieldset: KEYR0 - - name: KEYR1 - description: SAES key register 1. - byte_offset: 20 - fieldset: KEYR1 - - name: KEYR2 - description: SAES key register 2. - byte_offset: 24 - fieldset: KEYR2 - - name: KEYR3 - description: SAES key register 3. - byte_offset: 28 - fieldset: KEYR3 - - name: IVR0 + - name: IVR description: SAES initialization vector register 0. + array: + len: 4 + stride: 4 byte_offset: 32 - fieldset: IVR0 - - name: IVR1 - description: SAES initialization vector register 1. - byte_offset: 36 - fieldset: IVR1 - - name: IVR2 - description: SAES initialization vector register 2. - byte_offset: 40 - fieldset: IVR2 - - name: IVR3 - description: SAES initialization vector register 3. - byte_offset: 44 - fieldset: IVR3 - - name: KEYR4 - description: SAES key register 4. - byte_offset: 48 - fieldset: KEYR4 - - name: KEYR5 - description: SAES key register 5. - byte_offset: 52 - fieldset: KEYR5 - - name: KEYR6 - description: SAES key register 6. - byte_offset: 56 - fieldset: KEYR6 - - name: KEYR7 - description: SAES key register 7. - byte_offset: 60 - fieldset: KEYR7 - - name: SUSP0R + - name: SUSPR description: SAES suspend registers. + array: + len: 8 + stride: 4 byte_offset: 64 - fieldset: SUSP0R - - name: SUSP1R - description: SAES suspend registers. - byte_offset: 68 - fieldset: SUSP1R - - name: SUSP2R - description: SAES suspend registers. - byte_offset: 72 - fieldset: SUSP2R - - name: SUSP3R - description: SAES suspend registers. - byte_offset: 76 - fieldset: SUSP3R - - name: SUSP4R - description: SAES suspend registers. - byte_offset: 80 - fieldset: SUSP4R - - name: SUSP5R - description: SAES suspend registers. - byte_offset: 84 - fieldset: SUSP5R - - name: SUSP6R - description: SAES suspend registers. - byte_offset: 88 - fieldset: SUSP6R - - name: SUSP7R - description: SAES suspend registers. - byte_offset: 92 - fieldset: SUSP7R - name: IER description: SAES interrupt enable register. byte_offset: 768 @@ -172,20 +115,6 @@ fieldset/CR: description: SAES peripheral software reset Setting the bit resets the SAES peripheral, putting all registers to their default values, except the IPRST bit itself and the SAES_DPACFG register. Hence, any key-relative data is lost. For this reason, it is recommended to set the bit before handing over the SAES to a less secure application. The bit must be low while writing any configuration registers. bit_offset: 31 bit_size: 1 -fieldset/DINR: - description: SAES data input register. - fields: - - name: DIN - description: 'Input data word A four-fold sequential write to this bitfield during the input phase results in writing a complete 128-bit block of input data to the SAES peripheral. From the first to the fourth write, the corresponding data weights are [127:96], [95:64], [63:32], and [31:0]. Upon each write, the data from the 32-bit input buffer are handled by the data swap block according to the DATATYPE[1:0] bitfield, then written into the AES core 128-bit input buffer. The data signification of the input data block depends on the SAES operating mode: - Mode 1 (encryption): plaintext - Mode 2 (key derivation): the bitfield is not used (SAES_KEYRx registers used for input if KEYSEL=0) - Mode 3 (decryption): ciphertext The data swap operation is described in on page 1149.' - bit_offset: 0 - bit_size: 32 -fieldset/DOUTR: - description: SAES data output register. - fields: - - name: DOUT - description: 'Output data word This read-only bitfield fetches a 32-bit output buffer. A four-fold sequential read of this bitfield, upon the computation completion (CCF set), virtually reads a complete 128-bit block of output data from the SAES peripheral. Before reaching the output buffer, the data produced by the AES core are handled by the data swap block according to the DATATYPE[1:0] bitfield. Data weights from the first to the fourth read operation are: [127:96], [95:64], [63:32], and [31:0]. The data signification of the output data block depends on the SAES operating mode: - Mode 1 (encryption): ciphertext - Mode 2 (key derivation): the bitfield is not used - Mode 3 (decryption): plaintext The data swap operation is described in on page 1149.' - bit_offset: 0 - bit_size: 32 fieldset/ICR: description: SAES interrupt clear register. fields: @@ -243,90 +172,6 @@ fieldset/ISR: description: RNG error interrupt flag This read-only bit is set by hardware when an error is detected on RNG bus interface (e.g. bad entropy). RNGEIE bit is cleared when application sets the corresponding bit of SAES_ICR register. An interrupt is generated if the RNGEIE bit has been previously set in the SAES_IER register. Clearing this bit triggers the reload of a new random number from RNG peripheral. bit_offset: 3 bit_size: 1 -fieldset/IVR0: - description: SAES initialization vector register 0. - fields: - - name: IVI - description: Initialization vector input, bits [31:0] Refer to for description of the IVI[127:0] bitfield. The initialization vector is only used in chaining modes other than ECB. The SAES_IVRx registers may be written only when the SAES peripheral is disabled. - bit_offset: 0 - bit_size: 32 -fieldset/IVR1: - description: SAES initialization vector register 1. - fields: - - name: IVI - description: Initialization vector input, bits [63:32] Refer to the SAES_IVR0 register for description of the IVI[128:0] bitfield. - bit_offset: 0 - bit_size: 32 -fieldset/IVR2: - description: SAES initialization vector register 2. - fields: - - name: IVI - description: Initialization vector input, bits [95:64] Refer to the SAES_IVR0 register for description of the IVI[128:0] bitfield. - bit_offset: 0 - bit_size: 32 -fieldset/IVR3: - description: SAES initialization vector register 3. - fields: - - name: IVI - description: Initialization vector input, bits [127:96] Refer to the SAES_IVR0 register for description of the IVI[128:0] bitfield. - bit_offset: 0 - bit_size: 32 -fieldset/KEYR0: - description: SAES key register 0. - fields: - - name: KEY - description: 'Cryptographic key, bits [31:0] This write-only bitfield contains the bits [31:0] of the AES encryption or decryption key, depending on the operating mode: - In Mode 1 (encryption), Mode 2 (key derivation): the value to write into the bitfield is the encryption key. - In Mode 3 (decryption): the value to write into the bitfield is the encryption key to be derived before being used for decryption. The SAES_KEYRx registers may be written only when KEYSIZE value is correct and when the SAES peripheral is disabled (EN bit of the SAES_CR register cleared). A special writing sequence is also required, as described in KEYVALID bit of the SAES_SR register. Note that, if KEYSEL is different from 0 and KEYVALID = 0, the key is directly loaded to SAES_KEYRx registers (hence writes to key register is ignored and KEIF is set). Refer to for more details.' - bit_offset: 0 - bit_size: 32 -fieldset/KEYR1: - description: SAES key register 1. - fields: - - name: KEY - description: Cryptographic key, bits [63:32] Refer to the SAES_KEYR0 register for description of the KEY[255:0] bitfield. - bit_offset: 0 - bit_size: 32 -fieldset/KEYR2: - description: SAES key register 2. - fields: - - name: KEY - description: Cryptographic key, bits [95:64] Refer to the SAES_KEYR0 register for description of the KEY[255:0] bitfield. - bit_offset: 0 - bit_size: 32 -fieldset/KEYR3: - description: SAES key register 3. - fields: - - name: KEY - description: Cryptographic key, bits [127:96] Refer to the SAES_KEYR0 register for description of the KEY[255:0] bitfield. - bit_offset: 0 - bit_size: 32 -fieldset/KEYR4: - description: SAES key register 4. - fields: - - name: KEY - description: Cryptographic key, bits [159:128] Refer to the SAES_KEYR0 register for description of the KEY[255:0] bitfield. - bit_offset: 0 - bit_size: 32 -fieldset/KEYR5: - description: SAES key register 5. - fields: - - name: KEY - description: Cryptographic key, bits [191:160] Refer to the SAES_KEYR0 register for description of the KEY[255:0] bitfield. - bit_offset: 0 - bit_size: 32 -fieldset/KEYR6: - description: SAES key register 6. - fields: - - name: KEY - description: Cryptographic key, bits [223:192] Refer to the SAES_KEYR0 register for description of the KEY[255:0] bitfield. - bit_offset: 0 - bit_size: 32 -fieldset/KEYR7: - description: SAES key register 7. - fields: - - name: KEY - description: Cryptographic key, bits [255:224] Refer to the SAES_KEYR0 register for description of the KEY[255:0] bitfield. - bit_offset: 0 - bit_size: 32 fieldset/SR: description: SAES status register. fields: @@ -350,59 +195,3 @@ fieldset/SR: description: Key Valid flag This bit is set by hardware when the amount of key information defined by KEYSIZE in SAES_CR has been loaded in SAES_KEYx key registers. In normal mode when KEYSEL equals to zero, the application must write the key registers in the correct sequence, otherwise the KEIF flag of the SAES_ISR register is set and KEYVALID stays at zero. When KEYSEL is different from zero the BUSY flag is automatically set by SAES. When key is loaded successfully, the BUSY flag is cleared and KEYVALID set. Upon an error, the KEIF flag of the SAES_ISR register is set, the BUSY flag cleared and KEYVALID kept at zero. When the KEIF flag is set, the application must clear it through the SAES_ICR register, otherwise KEYVALID cannot be set. See the KEIF bit description for more details. For more information on key loading please refer to. bit_offset: 7 bit_size: 1 -fieldset/SUSP0R: - description: SAES suspend registers. - fields: - - name: SUSP - description: SAES suspend Upon suspend operation, this bitfield of the corresponding SAES_SUSPxR register takes the value of one of internal SAES registers. - bit_offset: 0 - bit_size: 32 -fieldset/SUSP1R: - description: SAES suspend registers. - fields: - - name: SUSP - description: SAES suspend Upon suspend operation, this bitfield of the corresponding SAES_SUSPxR register takes the value of one of internal SAES registers. - bit_offset: 0 - bit_size: 32 -fieldset/SUSP2R: - description: SAES suspend registers. - fields: - - name: SUSP - description: SAES suspend Upon suspend operation, this bitfield of the corresponding SAES_SUSPxR register takes the value of one of internal SAES registers. - bit_offset: 0 - bit_size: 32 -fieldset/SUSP3R: - description: SAES suspend registers. - fields: - - name: SUSP - description: SAES suspend Upon suspend operation, this bitfield of the corresponding SAES_SUSPxR register takes the value of one of internal SAES registers. - bit_offset: 0 - bit_size: 32 -fieldset/SUSP4R: - description: SAES suspend registers. - fields: - - name: SUSP - description: SAES suspend Upon suspend operation, this bitfield of the corresponding SAES_SUSPxR register takes the value of one of internal SAES registers. - bit_offset: 0 - bit_size: 32 -fieldset/SUSP5R: - description: SAES suspend registers. - fields: - - name: SUSP - description: SAES suspend Upon suspend operation, this bitfield of the corresponding SAES_SUSPxR register takes the value of one of internal SAES registers. - bit_offset: 0 - bit_size: 32 -fieldset/SUSP6R: - description: SAES suspend registers. - fields: - - name: SUSP - description: SAES suspend Upon suspend operation, this bitfield of the corresponding SAES_SUSPxR register takes the value of one of internal SAES registers. - bit_offset: 0 - bit_size: 32 -fieldset/SUSP7R: - description: SAES suspend registers. - fields: - - name: SUSP - description: SAES suspend Upon suspend operation, this bitfield of the corresponding SAES_SUSPxR register takes the value of one of internal SAES registers. - bit_offset: 0 - bit_size: 32 diff --git a/transforms/SAES.yaml b/transforms/SAES.yaml new file mode 100644 index 0000000..3739152 --- /dev/null +++ b/transforms/SAES.yaml @@ -0,0 +1,19 @@ +transforms: + - !DeleteFieldsets + from: ^(DINR|DOUTR|IVR\d|KEYR\d|SUSP\dR)$ + + - !MakeRegisterArray + blocks: SAES + from: ^(IVR)\d$ + to: $1 + + - !MakeRegisterArray + blocks: SAES + allow_cursed: true + from: ^(KEYR)\d$ + to: $1 + + - !MakeRegisterArray + blocks: SAES + from: ^(SUSP)\d(R)$ + to: $1$2 From b1bd6e97d6999a5a8e885612a520b85e911123db Mon Sep 17 00:00:00 2001 From: eZio Pan Date: Sun, 25 Feb 2024 19:21:56 +0800 Subject: [PATCH 3/6] add enum to saes_v1a --- data/registers/saes_v1a.yaml | 133 ++++++++++++++++++++++++++++++++--- 1 file changed, 122 insertions(+), 11 deletions(-) diff --git a/data/registers/saes_v1a.yaml b/data/registers/saes_v1a.yaml index 8c3a3bd..44b4d83 100644 --- a/data/registers/saes_v1a.yaml +++ b/data/registers/saes_v1a.yaml @@ -63,14 +63,21 @@ fieldset/CR: description: 'Data type selection This bitfield defines the format of data written in the SAES_DINR register or read from the SAES_DOUTR register, through selecting the mode of data swapping: For more details, refer to . Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' bit_offset: 1 bit_size: 2 + enum: DATATYPE - name: MODE description: 'SAES operating mode This bitfield selects the SAES operating mode: Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' bit_offset: 3 bit_size: 2 - - name: CHMOD1 + enum: MODE + - name: CHMOD description: 'Chaining mode selection This bitfield selects the AES chaining mode: others: Reserved Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' - bit_offset: 5 - bit_size: 2 + bit_offset: + - start: 5 + end: 6 + - start: 16 + end: 16 + bit_size: 3 + enum: CHMOD - name: DMAINEN description: 'DMA input enable This bit enables/disables data transferring with DMA, in the input phase: When the bit is set, DMA requests are automatically generated by SAES during the input data phase. This feature is only effective when Mode 1 or Mode 3 is selected through the MODE[1:0] bitfield. It is not effective for Mode 2 (key derivation).' bit_offset: 11 @@ -83,14 +90,12 @@ fieldset/CR: description: 'GCM or CCM phase selection This bitfield selects the phase of GCM, GMAC or CCM algorithm: The bitfield has no effect if other than GCM, GMAC or CCM algorithms are selected (through the ALGOMODE bitfield).' bit_offset: 13 bit_size: 2 - - name: CHMOD2 - description: 'Chaining mode selection This bitfield selects the AES chaining mode: others: Reserved Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' - bit_offset: 16 - bit_size: 1 + enum: GCMPH - name: KEYSIZE description: 'Key size selection This bitfield defines the length of the key used in the SAES cryptographic core, in bits: When KMOD[1:0]=01 or 10 KEYSIZE also defines the length of the key to encrypt or decrypt. Attempts to write the bit are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' bit_offset: 18 bit_size: 1 + enum: KEYSIZE - name: KEYPROT description: Key protection When set, hardware-based key protection is enabled. Attempts to write the bit are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access. bit_offset: 19 @@ -103,14 +108,17 @@ fieldset/CR: description: 'Key mode selection The bitfield defines how the SAES key can be used by the application: Others: Reserved With normal key selection, the key registers are freely usable, no specific usage or protection applies to SAES_DIN and SAES_DOUT registers. With wrapped key selection, the key loaded in key registers can only be used to encrypt or decrypt AES keys. Hence, when a decryption is selected in Wrapped-key mode read-as-zero SAES_DOUT register is automatically loaded into SAES key registers after a successful decryption process. With shared key selection, after a successful decryption process, SAES key registers are shared with the peripheral described in KSHAREID(1:0] bitfield. This sharing is valid only while KMOD[1:0]=10 and KEYVALID = 1. When a decryption is selected, read-as-zero SAES_DOUT register is automatically loaded into SAES key registers after a successful decryption process. With KMOD[1:0] other than zero, any attempt to configure the SAES peripheral for use by an application belonging to a different security domain (secure or non-secure) results in automatic key erasure and setting of the KEIF flag.\nAttempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' bit_offset: 24 bit_size: 2 + enum: KMOD - name: KSHAREID description: 'Key share identification This bitfield defines, at the end of a decryption process with KMOD[1:0]=10 (shared key), which target can read the SAES key registers using a dedicated hardware bus. Others: Reserved Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' bit_offset: 26 bit_size: 2 + enum: KSHAREID - name: KEYSEL description: 'Key selection The bitfield defines the source of the key information to use in the AES cryptographic core. Others: Reserved (if used, unfreeze SAES with IPRST) When KEYSEL is different from zero, selected key value is available in key registers when BUSY bit is cleared and KEYVALID is set in the SAES_SR register. Otherwise, the key error flag KEIF is set. Repeated writing of KEYSEL[2:0] with the same non-zero value only triggers the loading of DHUK or BHK if KEYVALID = 0. When the application software changes the key selection by writing the KEYSEL[2:0] bitfield, the key registers are immediately erased and the KEYVALID flag cleared. At the end of the decryption process, if KMOD[1:0] is other than zero, KEYSEL[2:0] is cleared. With the bitfield value other than zero and KEYVALID set, the application cannot transfer the ownership of SAES with a loaded key to an application running in another security context (such as secure, non-secure). More specifically, when security of an access to any register does not match the information recorded by SAES, the KEIF flag is set. Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' bit_offset: 28 bit_size: 3 + enum: KEYSEL - name: IPRST description: SAES peripheral software reset Setting the bit resets the SAES peripheral, putting all registers to their default values, except the IPRST bit itself and the SAES_DPACFG register. Hence, any key-relative data is lost. For this reason, it is recommended to set the bit before handing over the SAES to a less secure application. The bit must be low while writing any configuration registers. bit_offset: 31 @@ -175,10 +183,6 @@ fieldset/ISR: fieldset/SR: description: SAES status register. fields: - - name: CCF - description: Computation completed flag This bit mirrors the CCF bit of the SAES_ISR register. - bit_offset: 0 - bit_size: 1 - name: RDERR description: 'Read error flag This flag indicates the detection of an unexpected read operation from the SAES_DOUTR register (during computation or data input phase): The flag is set by hardware. It is cleared by software upon setting the RWEIF bit of the SAES_ICR register. Upon the flag setting, an interrupt is generated if enabled through the RWEIE bit of the SAES_ICR register. The flag setting has no impact on the SAES operation. Unexpected read returns zero.' bit_offset: 1 @@ -195,3 +199,110 @@ fieldset/SR: description: Key Valid flag This bit is set by hardware when the amount of key information defined by KEYSIZE in SAES_CR has been loaded in SAES_KEYx key registers. In normal mode when KEYSEL equals to zero, the application must write the key registers in the correct sequence, otherwise the KEIF flag of the SAES_ISR register is set and KEYVALID stays at zero. When KEYSEL is different from zero the BUSY flag is automatically set by SAES. When key is loaded successfully, the BUSY flag is cleared and KEYVALID set. Upon an error, the KEIF flag of the SAES_ISR register is set, the BUSY flag cleared and KEYVALID kept at zero. When the KEIF flag is set, the application must clear it through the SAES_ICR register, otherwise KEYVALID cannot be set. See the KEIF bit description for more details. For more information on key loading please refer to. bit_offset: 7 bit_size: 1 +enum/CHMOD: + bit_size: 3 + variants: + - name: ECB + description: Electronic codebook + value: 0 + - name: CBC + description: Cipher-block chaining + value: 1 + - name: CTR + description: Counter mode + value: 2 + - name: GCM_GMAC + description: Galois counter mode and Galois message authentication code + value: 3 + - name: CCM + description: Counter with CBC-MAC + value: 4 +enum/DATATYPE: + bit_size: 2 + variants: + - name: None + description: No swapping (32-bit data). + value: 0 + - name: HalfWord + description: Half-word swapping (16-bit data) + value: 1 + - name: Byte + description: Byte swapping (8-bit data) + value: 2 + - name: Bit + description: Bit-level swapping + value: 3 +enum/GCMPH: + bit_size: 2 + variants: + - name: InitPhase + description: Initialization phase + value: 0 + - name: HeaderPhase + description: Header phase + value: 1 + - name: PayloadPhase + description: Payload phase + value: 2 + - name: FinalPhase + description: Final phase + value: 3 +enum/KEYSEL: + bit_size: 3 + variants: + - name: SoftwareKey + description: Software key, loaded in key registers SAES_KEYx + value: 0 + - name: DHUK + description: Derived hardware unique key + value: 1 + - name: BHK + description: Boot hardware key + value: 2 + - name: XOR_DHUK_BHK + description: XOR of DHUK and BHK + value: 4 +enum/KEYSIZE: + bit_size: 1 + variants: + - name: Bits128 + description: 128-bit + value: 0 + - name: Bits256 + description: 256-bit + value: 1 +enum/KMOD: + bit_size: 2 + variants: + - name: Normal + description: AES peripheral + value: 0 + - name: WrappedKey + description: |- + Wrapped key for SAES mode. Key loaded in key registers can only be used to encrypt or + decrypt AES keys. Hence, when a decryption is selected, read-as-zero SAES_DOUTR register is + automatically loaded into SAES key registers after a successful decryption process. + value: 1 + - name: SharedKey + description: |- + Shared key mode. After a successful decryption process (unwrapping), SAES key registers are + shared with the peripheral described in KSHAREID[1:0] bitfield. This sharing is valid only while + KMOD[1:0] at 0x2 and KEYVALID=1. When a decryption is selected, read-as-zero SAES_DOUTR + register is automatically loaded into SAES key registers after a successful decryption process. + value: 2 +enum/KSHAREID: + bit_size: 2 + variants: + - name: AES + description: AES peripheral + value: 0 +enum/MODE: + bit_size: 2 + variants: + - name: Encryption + value: 0 + - name: KeyDerivation + description: Key derivation (or key preparation), for ECB/CBC decryption only + value: 1 + - name: Decryption + value: 2 From a26d7f3e117dd01de3d8a9bd8158ff0b196998c8 Mon Sep 17 00:00:00 2001 From: eZio Pan Date: Sun, 25 Feb 2024 19:28:21 +0800 Subject: [PATCH 4/6] branch from saes_v1a to saes_v1b --- data/registers/saes_v1b.yaml | 308 +++++++++++++++++++++++++++++++++++ 1 file changed, 308 insertions(+) create mode 100644 data/registers/saes_v1b.yaml diff --git a/data/registers/saes_v1b.yaml b/data/registers/saes_v1b.yaml new file mode 100644 index 0000000..44b4d83 --- /dev/null +++ b/data/registers/saes_v1b.yaml @@ -0,0 +1,308 @@ +block/SAES: + description: Secure advanced encryption standard hardware accelerator. + items: + - name: CR + description: SAES control register. + byte_offset: 0 + fieldset: CR + - name: SR + description: SAES status register. + byte_offset: 4 + fieldset: SR + - name: DINR + description: SAES data input register. + byte_offset: 8 + - name: DOUTR + description: SAES data output register. + byte_offset: 12 + - name: KEYR + description: SAES key register 0. + array: + offsets: + - 0 + - 4 + - 8 + - 12 + - 32 + - 36 + - 40 + - 44 + byte_offset: 16 + - name: IVR + description: SAES initialization vector register 0. + array: + len: 4 + stride: 4 + byte_offset: 32 + - name: SUSPR + description: SAES suspend registers. + array: + len: 8 + stride: 4 + byte_offset: 64 + - name: IER + description: SAES interrupt enable register. + byte_offset: 768 + fieldset: IER + - name: ISR + description: SAES interrupt status register. + byte_offset: 772 + fieldset: ISR + - name: ICR + description: SAES interrupt clear register. + byte_offset: 776 + fieldset: ICR +fieldset/CR: + description: SAES control register. + fields: + - name: EN + description: 'SAES enable This bit enables/disables the SAES peripheral: At any moment, clearing then setting the bit re-initializes the SAES peripheral. This bit is automatically cleared by hardware upon the completion of the key preparation (Mode 2) and upon the completion of GCM/GMAC/CCM initial phase. The bit cannot be set as long as KEYVALID = 0 nor along with the following settings: KMOD = 01 + CHMOD = 011 and KMOD = 01 + CHMOD = 010 + MODE = 00. Note: With KMOD[1:0] other than 00, use the IPRST bit rather than the bit EN.' + bit_offset: 0 + bit_size: 1 + - name: DATATYPE + description: 'Data type selection This bitfield defines the format of data written in the SAES_DINR register or read from the SAES_DOUTR register, through selecting the mode of data swapping: For more details, refer to . Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' + bit_offset: 1 + bit_size: 2 + enum: DATATYPE + - name: MODE + description: 'SAES operating mode This bitfield selects the SAES operating mode: Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' + bit_offset: 3 + bit_size: 2 + enum: MODE + - name: CHMOD + description: 'Chaining mode selection This bitfield selects the AES chaining mode: others: Reserved Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' + bit_offset: + - start: 5 + end: 6 + - start: 16 + end: 16 + bit_size: 3 + enum: CHMOD + - name: DMAINEN + description: 'DMA input enable This bit enables/disables data transferring with DMA, in the input phase: When the bit is set, DMA requests are automatically generated by SAES during the input data phase. This feature is only effective when Mode 1 or Mode 3 is selected through the MODE[1:0] bitfield. It is not effective for Mode 2 (key derivation).' + bit_offset: 11 + bit_size: 1 + - name: DMAOUTEN + description: 'DMA output enable This bit enables/disables data transferring with DMA, in the output phase: When the bit is set, DMA requests are automatically generated by SAES during the output data phase. This feature is only effective when Mode 1 or Mode 3 is selected through the MODE[1:0] bitfield. It is not effective for Mode 2 (key derivation).' + bit_offset: 12 + bit_size: 1 + - name: GCMPH + description: 'GCM or CCM phase selection This bitfield selects the phase of GCM, GMAC or CCM algorithm: The bitfield has no effect if other than GCM, GMAC or CCM algorithms are selected (through the ALGOMODE bitfield).' + bit_offset: 13 + bit_size: 2 + enum: GCMPH + - name: KEYSIZE + description: 'Key size selection This bitfield defines the length of the key used in the SAES cryptographic core, in bits: When KMOD[1:0]=01 or 10 KEYSIZE also defines the length of the key to encrypt or decrypt. Attempts to write the bit are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' + bit_offset: 18 + bit_size: 1 + enum: KEYSIZE + - name: KEYPROT + description: Key protection When set, hardware-based key protection is enabled. Attempts to write the bit are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access. + bit_offset: 19 + bit_size: 1 + - name: NPBLB + description: 'Number of padding bytes in last block The bitfield sets the number of padding bytes in last block of payload: ...' + bit_offset: 20 + bit_size: 4 + - name: KMOD + description: 'Key mode selection The bitfield defines how the SAES key can be used by the application: Others: Reserved With normal key selection, the key registers are freely usable, no specific usage or protection applies to SAES_DIN and SAES_DOUT registers. With wrapped key selection, the key loaded in key registers can only be used to encrypt or decrypt AES keys. Hence, when a decryption is selected in Wrapped-key mode read-as-zero SAES_DOUT register is automatically loaded into SAES key registers after a successful decryption process. With shared key selection, after a successful decryption process, SAES key registers are shared with the peripheral described in KSHAREID(1:0] bitfield. This sharing is valid only while KMOD[1:0]=10 and KEYVALID = 1. When a decryption is selected, read-as-zero SAES_DOUT register is automatically loaded into SAES key registers after a successful decryption process. With KMOD[1:0] other than zero, any attempt to configure the SAES peripheral for use by an application belonging to a different security domain (secure or non-secure) results in automatic key erasure and setting of the KEIF flag.\nAttempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' + bit_offset: 24 + bit_size: 2 + enum: KMOD + - name: KSHAREID + description: 'Key share identification This bitfield defines, at the end of a decryption process with KMOD[1:0]=10 (shared key), which target can read the SAES key registers using a dedicated hardware bus. Others: Reserved Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' + bit_offset: 26 + bit_size: 2 + enum: KSHAREID + - name: KEYSEL + description: 'Key selection The bitfield defines the source of the key information to use in the AES cryptographic core. Others: Reserved (if used, unfreeze SAES with IPRST) When KEYSEL is different from zero, selected key value is available in key registers when BUSY bit is cleared and KEYVALID is set in the SAES_SR register. Otherwise, the key error flag KEIF is set. Repeated writing of KEYSEL[2:0] with the same non-zero value only triggers the loading of DHUK or BHK if KEYVALID = 0. When the application software changes the key selection by writing the KEYSEL[2:0] bitfield, the key registers are immediately erased and the KEYVALID flag cleared. At the end of the decryption process, if KMOD[1:0] is other than zero, KEYSEL[2:0] is cleared. With the bitfield value other than zero and KEYVALID set, the application cannot transfer the ownership of SAES with a loaded key to an application running in another security context (such as secure, non-secure). More specifically, when security of an access to any register does not match the information recorded by SAES, the KEIF flag is set. Attempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' + bit_offset: 28 + bit_size: 3 + enum: KEYSEL + - name: IPRST + description: SAES peripheral software reset Setting the bit resets the SAES peripheral, putting all registers to their default values, except the IPRST bit itself and the SAES_DPACFG register. Hence, any key-relative data is lost. For this reason, it is recommended to set the bit before handing over the SAES to a less secure application. The bit must be low while writing any configuration registers. + bit_offset: 31 + bit_size: 1 +fieldset/ICR: + description: SAES interrupt clear register. + fields: + - name: CCF + description: Computation complete flag clear Setting this bit clears the CCF status bit of the SAES_SR and SAES_ISR registers. + bit_offset: 0 + bit_size: 1 + - name: RWEIF + description: Read or write error interrupt flag clear Setting this bit clears the RWEIF status bit of the SAES_ISR register, and both RDERR and WRERR flags in the SAES_SR register. + bit_offset: 1 + bit_size: 1 + - name: KEIF + description: Key error interrupt flag clear Setting this bit clears the KEIF status bit of the SAES_ISR register. + bit_offset: 2 + bit_size: 1 + - name: RNGEIF + description: RNG error interrupt flag clear Application must set this bit to clear the RNGEIF status bit in SAES_ISR register. + bit_offset: 3 + bit_size: 1 +fieldset/IER: + description: SAES interrupt enable register. + fields: + - name: CCFIE + description: Computation complete flag interrupt enable This bit enables or disables (masks) the SAES interrupt generation when CCF (computation complete flag) is set. + bit_offset: 0 + bit_size: 1 + - name: RWEIE + description: Read or write error interrupt enable This bit enables or disables (masks) the SAES interrupt generation when RWEIF (read and/or write error flag) is set. + bit_offset: 1 + bit_size: 1 + - name: KEIE + description: Key error interrupt enable This bit enables or disables (masks) the SAES interrupt generation when KEIF (key error flag) is set. + bit_offset: 2 + bit_size: 1 + - name: RNGEIE + description: RNG error interrupt enable This bit enables or disables (masks) the SAES interrupt generation when RNGEIF (RNG error flag) is set. + bit_offset: 3 + bit_size: 1 +fieldset/ISR: + description: SAES interrupt status register. + fields: + - name: CCF + description: 'Computation complete flag This flag indicates whether the computation is completed: The flag is set by hardware upon the completion of the computation. It is cleared by software, upon setting the CCF bit of the SAES_ICR register. Upon the flag setting, an interrupt is generated if enabled through the CCFIE bit of the SAES_IER register. The flag is significant only when the DMAOUTEN bit is 0. It may stay high when DMA_EN is 1.' + bit_offset: 0 + bit_size: 1 + - name: RWEIF + description: Read or write error interrupt flag This read-only bit is set by hardware when a RDERR or a WRERR error flag is set in the SAES_SR register. RWEIF bit is cleared when application sets the corresponding bit of SAES_ICR register. An interrupt is generated if the RWEIE bit has been previously set in the SAES_IER register. This flags has no meaning when key derivation mode is selected. + bit_offset: 1 + bit_size: 1 + - name: KEIF + description: 'Key error interrupt flag This read-only bit is set by hardware when key information failed to load into key registers or key register usage is forbidden. Setting the corresponding bit of the SAES_ICR register clears the KEIF and generates interrupt if the KEIE bit of the SAES_IER register is set. KEIF is triggered upon any of the following errors: SAES fails to load the DHUK (KEYSEL = 001 or 100). SAES fails to load the BHK (KEYSEL = 010 or 100) respecting the correct order. AES fails to load the key shared by SAES peripheral (KMOD=10). When KEYVALID = 1 and (KEYPROT = 1 or KEYSEL is not 0x0), the security context of the application that loads the key (secure or non-secure) does not match the security attribute of the access to SAES_CR or SAES_DOUT. In this case, KEYVALID and EN bits are cleared. SAES_KEYRx register write does not respect the correct order. (For KEYSIZE = 0, SAES_KEYR0 then SAES_KEYR1 then SAES_KEYR2 then SAES_KEYR3 register, or reverse. For KEYSIZE = 1, SAES_KEYR0 then SAES_KEYR1 then SAES_KEYR2 then SAES_KEYR3 then SAES_KEYR4 then SAES_KEYR5 then SAES_KEYR6 then SAES_KEYR7, or reverse). KEIF must be cleared by the application software, otherwise KEYVALID cannot be set.' + bit_offset: 2 + bit_size: 1 + - name: RNGEIF + description: RNG error interrupt flag This read-only bit is set by hardware when an error is detected on RNG bus interface (e.g. bad entropy). RNGEIE bit is cleared when application sets the corresponding bit of SAES_ICR register. An interrupt is generated if the RNGEIE bit has been previously set in the SAES_IER register. Clearing this bit triggers the reload of a new random number from RNG peripheral. + bit_offset: 3 + bit_size: 1 +fieldset/SR: + description: SAES status register. + fields: + - name: RDERR + description: 'Read error flag This flag indicates the detection of an unexpected read operation from the SAES_DOUTR register (during computation or data input phase): The flag is set by hardware. It is cleared by software upon setting the RWEIF bit of the SAES_ICR register. Upon the flag setting, an interrupt is generated if enabled through the RWEIE bit of the SAES_ICR register. The flag setting has no impact on the SAES operation. Unexpected read returns zero.' + bit_offset: 1 + bit_size: 1 + - name: WRERR + description: 'Write error This flag indicates the detection of an unexpected write operation to the SAES_DINR register (during computation or data output phase): The flag is set by hardware. It is cleared by software upon setting the RWEIF bit of the SAES_ICR register. Upon the flag setting, an interrupt is generated if enabled through the RWEIE bit of the SAES_ICR register. The flag setting has no impact on the SAES operation. Unexpected write is ignored.' + bit_offset: 2 + bit_size: 1 + - name: BUSY + description: 'Busy This flag indicates whether SAES is idle or busy during GCM payload encryption phase: The flag is set upon SAES initialization, upon fetching random number from the RNG, or upon transferring a shared key to a target peripheral. When GCM encryption is selected, the flag must be at zero before selecting the GCM final phase.' + bit_offset: 3 + bit_size: 1 + - name: KEYVALID + description: Key Valid flag This bit is set by hardware when the amount of key information defined by KEYSIZE in SAES_CR has been loaded in SAES_KEYx key registers. In normal mode when KEYSEL equals to zero, the application must write the key registers in the correct sequence, otherwise the KEIF flag of the SAES_ISR register is set and KEYVALID stays at zero. When KEYSEL is different from zero the BUSY flag is automatically set by SAES. When key is loaded successfully, the BUSY flag is cleared and KEYVALID set. Upon an error, the KEIF flag of the SAES_ISR register is set, the BUSY flag cleared and KEYVALID kept at zero. When the KEIF flag is set, the application must clear it through the SAES_ICR register, otherwise KEYVALID cannot be set. See the KEIF bit description for more details. For more information on key loading please refer to. + bit_offset: 7 + bit_size: 1 +enum/CHMOD: + bit_size: 3 + variants: + - name: ECB + description: Electronic codebook + value: 0 + - name: CBC + description: Cipher-block chaining + value: 1 + - name: CTR + description: Counter mode + value: 2 + - name: GCM_GMAC + description: Galois counter mode and Galois message authentication code + value: 3 + - name: CCM + description: Counter with CBC-MAC + value: 4 +enum/DATATYPE: + bit_size: 2 + variants: + - name: None + description: No swapping (32-bit data). + value: 0 + - name: HalfWord + description: Half-word swapping (16-bit data) + value: 1 + - name: Byte + description: Byte swapping (8-bit data) + value: 2 + - name: Bit + description: Bit-level swapping + value: 3 +enum/GCMPH: + bit_size: 2 + variants: + - name: InitPhase + description: Initialization phase + value: 0 + - name: HeaderPhase + description: Header phase + value: 1 + - name: PayloadPhase + description: Payload phase + value: 2 + - name: FinalPhase + description: Final phase + value: 3 +enum/KEYSEL: + bit_size: 3 + variants: + - name: SoftwareKey + description: Software key, loaded in key registers SAES_KEYx + value: 0 + - name: DHUK + description: Derived hardware unique key + value: 1 + - name: BHK + description: Boot hardware key + value: 2 + - name: XOR_DHUK_BHK + description: XOR of DHUK and BHK + value: 4 +enum/KEYSIZE: + bit_size: 1 + variants: + - name: Bits128 + description: 128-bit + value: 0 + - name: Bits256 + description: 256-bit + value: 1 +enum/KMOD: + bit_size: 2 + variants: + - name: Normal + description: AES peripheral + value: 0 + - name: WrappedKey + description: |- + Wrapped key for SAES mode. Key loaded in key registers can only be used to encrypt or + decrypt AES keys. Hence, when a decryption is selected, read-as-zero SAES_DOUTR register is + automatically loaded into SAES key registers after a successful decryption process. + value: 1 + - name: SharedKey + description: |- + Shared key mode. After a successful decryption process (unwrapping), SAES key registers are + shared with the peripheral described in KSHAREID[1:0] bitfield. This sharing is valid only while + KMOD[1:0] at 0x2 and KEYVALID=1. When a decryption is selected, read-as-zero SAES_DOUTR + register is automatically loaded into SAES key registers after a successful decryption process. + value: 2 +enum/KSHAREID: + bit_size: 2 + variants: + - name: AES + description: AES peripheral + value: 0 +enum/MODE: + bit_size: 2 + variants: + - name: Encryption + value: 0 + - name: KeyDerivation + description: Key derivation (or key preparation), for ECB/CBC decryption only + value: 1 + - name: Decryption + value: 2 From 6f45c8c9b2ccc1a891e3aa40a31d56b545a9c61f Mon Sep 17 00:00:00 2001 From: eZio Pan Date: Sun, 25 Feb 2024 19:34:56 +0800 Subject: [PATCH 5/6] tailoring from saes_v1a to saes_v1b --- data/registers/saes_v1b.yaml | 28 ++++------------------------ 1 file changed, 4 insertions(+), 24 deletions(-) diff --git a/data/registers/saes_v1b.yaml b/data/registers/saes_v1b.yaml index 44b4d83..26881aa 100644 --- a/data/registers/saes_v1b.yaml +++ b/data/registers/saes_v1b.yaml @@ -86,11 +86,6 @@ fieldset/CR: description: 'DMA output enable This bit enables/disables data transferring with DMA, in the output phase: When the bit is set, DMA requests are automatically generated by SAES during the output data phase. This feature is only effective when Mode 1 or Mode 3 is selected through the MODE[1:0] bitfield. It is not effective for Mode 2 (key derivation).' bit_offset: 12 bit_size: 1 - - name: GCMPH - description: 'GCM or CCM phase selection This bitfield selects the phase of GCM, GMAC or CCM algorithm: The bitfield has no effect if other than GCM, GMAC or CCM algorithms are selected (through the ALGOMODE bitfield).' - bit_offset: 13 - bit_size: 2 - enum: GCMPH - name: KEYSIZE description: 'Key size selection This bitfield defines the length of the key used in the SAES cryptographic core, in bits: When KMOD[1:0]=01 or 10 KEYSIZE also defines the length of the key to encrypt or decrypt. Attempts to write the bit are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' bit_offset: 18 @@ -100,10 +95,6 @@ fieldset/CR: description: Key protection When set, hardware-based key protection is enabled. Attempts to write the bit are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access. bit_offset: 19 bit_size: 1 - - name: NPBLB - description: 'Number of padding bytes in last block The bitfield sets the number of padding bytes in last block of payload: ...' - bit_offset: 20 - bit_size: 4 - name: KMOD description: 'Key mode selection The bitfield defines how the SAES key can be used by the application: Others: Reserved With normal key selection, the key registers are freely usable, no specific usage or protection applies to SAES_DIN and SAES_DOUT registers. With wrapped key selection, the key loaded in key registers can only be used to encrypt or decrypt AES keys. Hence, when a decryption is selected in Wrapped-key mode read-as-zero SAES_DOUT register is automatically loaded into SAES key registers after a successful decryption process. With shared key selection, after a successful decryption process, SAES key registers are shared with the peripheral described in KSHAREID(1:0] bitfield. This sharing is valid only while KMOD[1:0]=10 and KEYVALID = 1. When a decryption is selected, read-as-zero SAES_DOUT register is automatically loaded into SAES key registers after a successful decryption process. With KMOD[1:0] other than zero, any attempt to configure the SAES peripheral for use by an application belonging to a different security domain (secure or non-secure) results in automatic key erasure and setting of the KEIF flag.\nAttempts to write the bitfield are ignored when the BUSY flag of SAES_SR register is set, as well as when the EN bit of the SAES_CR register is set before the write access and it is not cleared by that write access.' bit_offset: 24 @@ -183,6 +174,10 @@ fieldset/ISR: fieldset/SR: description: SAES status register. fields: + - name: CCF + description: Computation completed flag. This bit mirrors the CCF bit of the SAES_ISR register. + bit_offset: 1 + bit_size: 1 - name: RDERR description: 'Read error flag This flag indicates the detection of an unexpected read operation from the SAES_DOUTR register (during computation or data input phase): The flag is set by hardware. It is cleared by software upon setting the RWEIF bit of the SAES_ICR register. Upon the flag setting, an interrupt is generated if enabled through the RWEIE bit of the SAES_ICR register. The flag setting has no impact on the SAES operation. Unexpected read returns zero.' bit_offset: 1 @@ -232,21 +227,6 @@ enum/DATATYPE: - name: Bit description: Bit-level swapping value: 3 -enum/GCMPH: - bit_size: 2 - variants: - - name: InitPhase - description: Initialization phase - value: 0 - - name: HeaderPhase - description: Header phase - value: 1 - - name: PayloadPhase - description: Payload phase - value: 2 - - name: FinalPhase - description: Final phase - value: 3 enum/KEYSEL: bit_size: 3 variants: From 213784d2316fd37bce7638062ee2af0dd5034cf0 Mon Sep 17 00:00:00 2001 From: eZio Pan Date: Sun, 25 Feb 2024 19:38:56 +0800 Subject: [PATCH 6/6] add saes to chip.rs --- stm32-data-gen/src/chips.rs | 2 ++ 1 file changed, 2 insertions(+) diff --git a/stm32-data-gen/src/chips.rs b/stm32-data-gen/src/chips.rs index e6de9f0..48cafc5 100644 --- a/stm32-data-gen/src/chips.rs +++ b/stm32-data-gen/src/chips.rs @@ -155,6 +155,8 @@ impl PeriMatcher { ("STM32U5.*:AES:.*", ("aes", "u5", "AES")), ("STM32WL5.*:AES:.*", ("aes", "v2", "AES")), ("STM32WLE.*:AES:.*", ("aes", "v2", "AES")), + ("STM32(H5|WBA).*:SAES:.*", ("saes", "v1a", "SAES")), + ("STM32U5.*:SAES:.*", ("saes", "v1b", "SAES")), (".*:SPI:spi2_v1_4", ("spi", "f1", "SPI")), (".*:SPI:spi2s1_v2_1", ("spi", "v1", "SPI")), (".*:SPI:spi2s1_v2_2", ("spi", "v1", "SPI")),