Cipher block chaining - message authentication code (CCM) mode is an authenticated encryption algorithm designed to provide both authentication and confidentiality during data transfer. CCM combines counter mode encryption and CBC-MAC authentication. The CCM terminology "Message authentication code (MAC)" is called the "Message integrity check (MIC)" in Bluetooth terminology and also in this document.
The CCM block generates an encrypted keystream that is applied to input data using the XOR operation and generates the four byte MIC field in one operation. CCM and RADIO can be configured to work synchronously. CCM will encrypt in time for transmission and decrypt after receiving bytes into memory from the radio. All operations can complete within the packet RX or TX time. CCM on this device is implemented according to Bluetooth requirements and the algorithm as defined in IETF RFC3610, and depends on the AES-128 block cipher. A description of the CCM algorithm can also be found in NIST Special Publication 800-38C. The Bluetooth specification describes the configuration of counter mode blocks and encryption blocks to implement compliant encryption for Bluetooth Low Energy.
The CCM block uses EasyDMA to load key counter mode blocks (including the nonce required), and to read/write plain text and cipher text.
The AES CCM peripheral supports three operations: keystream generation, packet encryption, and packet decryption. These operations are performed in compliance with the Bluetooth AES CCM 128 bit block encryption, see Bluetooth Core specification Version 4.0.
The following figure illustrates keystream generation followed by encryption or decryption. The shortcut is optional.
A new keystream needs to be generated before a new packet encryption or packet decryption operation can start.
A keystream is generated by triggering the KSGEN task. An ENDKSGEN event is generated after the keystream has been generated.
Keystream generation, packet encryption, and packet decryption operations utilize the configuration specified in the data structure pointed to by CNFPTR. It is necessary to configure this pointer and its underlying data structure, and register MODE before the KSGEN task is triggered.
The keystream will be stored in the AES CCM peripheral’s temporary memory area, specified by the SCRATCHPTR, where it will be used in subsequent encryption and decryption operations.
For default length packets (MODE.LENGTH = Default), the size of the generated keystream is 27 bytes. When using extended length packets (MODE.LENGTH = Extended), register MAXPACKETSIZE specifies the length of the keystream to be generated. The length of the generated keystream must be greater or equal to the length of the subsequent packet payload to be encrypted or decrypted. The maximum length of the keystream in extended mode is 251 bytes, which means that the maximum packet payload size is 251.
If a shortcut is used between the ENDKSGEN event and CRYPT task, pointer INPTR and the pointers OUTPTR must also be configured before the KSGEN task is triggered.
The AES CCM periheral is able to read an unencrypted packet, encrypt it, and append a four byte MIC field to the packet.
Encryption is started by triggering the CRYPT task with register MODE set to ENCRYPTION. An ENDCRYPT event is generated when packet encryption is completed.
The AES CCM peripheral will also modify the length field of the packet to adjust for the appended MIC field. It adds four bytes to the length and stores the resulting packet in RAM at the address specified in pointer OUTPTR, see Encryption.
Empty packets (length field is set to 0
) will not be encrypted but instead
moved unmodified through the AES CCM peripheral.
AES CCM supports different widths of the LENGTH field in the data structure for encrypted packets. This is configured in register MODE.
The AES CCM peripheral is able to read an encrypted packet, decrypt it, authenticate the MIC field, and generate an appropriate MIC status.
The packet header (S0) and payload are included in the MIC authentication.
Decryption is started by triggering the CRYPT task with register MODE set to DECRYPTION. An ENDCRYPT event is generated when packet decryption is completed.
The AES CCM peripheral modifies the length field of the packet to adjust for the MIC field. It subtracts four bytes from the length and stores the decrypted packet in RAM at the address specified in the pointer OUTPTR, see Decryption.
CCM is only able to decrypt packet payloads that are at least five bytes long (one byte or more encrypted payload (EPL) and four bytes of MIC). CCM will therefore generate a MIC error for packets where the length field is set to 1, 2, 3, or 4.
Empty packets (length field is set to 0) will not be decrypted but instead moved unmodified through the AES CCM peripheral. These packets will always pass the MIC check.
CCM supports different widths of the LENGTH field in the data structure for decrypted packets. This is configured in register MODE.
The CCM peripheral is able to encrypt/decrypt data synchronously to data being transmitted or received on the radio.
In order for CCM to run synchronously with the radio, the data rate setting in register MODE needs to match the radio data rate. The settings in this register apply whenever either the KSGEN or CRYPT tasks are triggered.
The data rate setting of register MODE can also be overridden on-the-fly during an ongoing encrypt/decrypt operation by the contents of register RATEOVERRIDE. The data rate setting in this register applies whenever the RATEOVERRIDE task is triggered. This feature can be useful in cases where the radio data rate is changed during an ongoing packet transaction.
When the AES CCM peripheral encrypts a packet on-the-fly while RADIO is transmitting it, RADIO must read the encrypted packet from the same memory location that the AES CCM peripheral is writing to.
The OUTPTR pointer in the AES CCM must point to the same memory location as the PACKETPTR pointer in the radio, see Configuration of on-the-fly encryption.
In order to match RADIO’s timing, the KSGEN task must be triggered early enough to allow the keystream generation to complete before packet encryption begins.
For short packets (MODE.LENGTH = Default), the KSGEN task must be triggered before or at the same time as the START task in RADIO is triggered. In addition, the shortcut between the ENDKSGEN event and the CRYPT task must be enabled. This use-case is illustrated in On-the-fly encryption of short packets (MODE.LENGTH = Default) using a PPI connection. It uses a PPI connection between the READY event in RADIO and the KSGEN task in the AES CCM peripheral.
For long packets (MODE.LENGTH = Extended), the keystream generation needs to start earlier, such as when the TXEN task in RADIO is triggered.
Refer to Timing specification for information about the time needed for generating a keystream.
When the AES CCM peripheral decrypts a packet on-the-fly while RADIO is receiving it, the AES CCM peripheral must read the encrypted packet from the same memory location that RADIO is writing to.
The INPTR pointer in the AES CCM must point to the same memory location as the PACKETPTR pointer in RADIO, see Configuration of on-the-fly decryption.
In order to match RADIO’s timing, the KSGEN task must be triggered early enough to allow the keystream generation to complete before the decryption of the packet shall start.
For short packets (MODE.LENGTH = Default) the KSGEN task must be triggered no later than when the START task in RADIO is triggered. In addition, the CRYPT task must be triggered no earlier than when the ADDRESS event is generated by RADIO.
If the CRYPT task is triggered exactly at the same time as the ADDRESS event is generated by RADIO, the AES CCM peripheral will guarantee that the decryption is completed no later than when the END event in RADIO is generated.
This use-case is illustrated in On-the-fly decryption of short packets (MODE.LENGTH = Default) using a PPI connection using a PPI connection between the ADDRESS event in RADIO and the CRYPT task in the AES CCM peripheral. The KSGEN task is triggered from the READY event in RADIO through a PPI connection.
For long packets (MODE.LENGTH = Extended) the keystream generation will need to start even earlier, such as when the RXEN task in RADIO is triggered.
Refer to Timing specification for information about the time needed for generating a keystream.
The CCM data structure is located in Data RAM at the memory location specified by the CNFPTR pointer register.
Property | Address offset | Description |
---|---|---|
KEY | 0 | 16 byte AES key |
PKTCTR | 16 | Octet0 (LSO) of packet counter |
17 | Octet1 of packet counter | |
18 | Octet2 of packet counter | |
19 | Octet3 of packet counter | |
20 | Bit 6 – Bit 0: Octet4 (7 most significant bits of packet counter, with Bit 6 being the most significant bit) Bit7: Ignored | |
21 | Ignored | |
22 | Ignored | |
23 | Ignored | |
24 | Bit 0: Direction bit Bit 7 – Bit 1: Zero padded | |
IV | 25 | 8 byte initialization vector (IV) Octet0 (LSO) of IV, Octet1 of IV, … , Octet7 (MSO) of IV |
The NONCE vector (as specified by the Bluetooth Core Specification) will be generated by hardware based on the information specified in the CCM data structure from CCM data structure overview .
Property | Address offset | Description |
---|---|---|
HEADER | 0 | Packet Header |
LENGTH | 1 | Number of bytes in unencrypted payload |
RFU | 2 | Reserved Future Use |
PAYLOAD | 3 | Unencrypted payload |
Property | Address offset | Description |
---|---|---|
HEADER | 0 | Packet Header |
LENGTH | 1 |
Number of bytes in encrypted payload including length of MIC LENGTH will be 0 for empty packets since the MIC is not added to empty packets |
RFU | 2 | Reserved Future Use |
PAYLOAD | 3 | Encrypted payload |
MIC | 3 + payload length |
ENCRYPT: 4 bytes encrypted MIC MIC is not added to empty packets |
CCM implements an EasyDMA mechanism for reading and writing to RAM.
When the CPU and EasyDMA enabled peripherals access the same RAM block at the same time, increased bus collisions might disrupt on-the-fly encryption. This will generate an ERROR event.
EasyDMA stops accessing RAM when the ENDKSGEN and ENDCRYPT events are generated.
If the CNFPTR, SCRATCHPTR, INPTR, and the OUTPTR are not pointing to the Data RAM region, an EasyDMA transfer may result in a HardFault or RAM corruption. See Memory for more information about the different memory regions.
Base address | Peripheral | Instance | Description | Configuration | |
---|---|---|---|---|---|
0x4000F000 | CCM | CCM |
AES counter with CBC-MAC (CCM) mode block encryption |
Register | Offset | Description | |
---|---|---|---|
TASKS_KSGEN | 0x000 |
Start generation of keystream. This operation will stop by itself when completed. |
|
TASKS_CRYPT | 0x004 |
Start encryption/decryption. This operation will stop by itself when completed. |
|
TASKS_STOP | 0x008 |
Stop encryption/decryption |
|
TASKS_RATEOVERRIDE | 0x00C |
Override DATARATE setting in MODE register with the contents of the RATEOVERRIDE register for any ongoing encryption/decryption |
|
EVENTS_ENDKSGEN | 0x100 |
Keystream generation complete |
|
EVENTS_ENDCRYPT | 0x104 |
Encrypt/decrypt complete |
|
EVENTS_ERROR | 0x108 |
CCM error event |
Deprecated |
SHORTS | 0x200 |
Shortcuts between local events and tasks |
|
INTENSET | 0x304 |
Enable interrupt |
|
INTENCLR | 0x308 |
Disable interrupt |
|
MICSTATUS | 0x400 |
MIC check result |
|
ENABLE | 0x500 |
Enable |
|
MODE | 0x504 |
Operation mode |
|
CNFPTR | 0x508 |
Pointer to data structure holding the AES key and the NONCE vector |
|
INPTR | 0x50C |
Input pointer |
|
OUTPTR | 0x510 |
Output pointer |
|
SCRATCHPTR | 0x514 |
Pointer to data area used for temporary storage |
|
MAXPACKETSIZE | 0x518 |
Length of keystream generated when MODE.LENGTH = Extended |
|
RATEOVERRIDE | 0x51C |
Data rate override setting. |
Address offset: 0x000
Start generation of keystream. This operation will stop by itself when completed.
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | ||||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | W |
TASKS_KSGEN |
Start generation of keystream. This operation will stop by itself when completed. |
||||||||||||||||||||||||||||||||
Trigger |
1 |
Trigger task |
Address offset: 0x004
Start encryption/decryption. This operation will stop by itself when completed.
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | ||||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | W |
TASKS_CRYPT |
Start encryption/decryption. This operation will stop by itself when completed. |
||||||||||||||||||||||||||||||||
Trigger |
1 |
Trigger task |
Address offset: 0x008
Stop encryption/decryption
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | ||||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | W |
TASKS_STOP |
Stop encryption/decryption |
||||||||||||||||||||||||||||||||
Trigger |
1 |
Trigger task |
Address offset: 0x00C
Override DATARATE setting in MODE register with the contents of the RATEOVERRIDE register for any ongoing encryption/decryption
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | ||||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | W |
TASKS_RATEOVERRIDE |
Override DATARATE setting in MODE register with the contents of the RATEOVERRIDE register for any ongoing encryption/decryption |
||||||||||||||||||||||||||||||||
Trigger |
1 |
Trigger task |
Address offset: 0x100
Keystream generation complete
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | ||||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
EVENTS_ENDKSGEN |
Keystream generation complete |
||||||||||||||||||||||||||||||||
NotGenerated |
0 |
Event not generated |
|||||||||||||||||||||||||||||||||
Generated |
1 |
Event generated |
Address offset: 0x104
Encrypt/decrypt complete
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | ||||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
EVENTS_ENDCRYPT |
Encrypt/decrypt complete |
||||||||||||||||||||||||||||||||
NotGenerated |
0 |
Event not generated |
|||||||||||||||||||||||||||||||||
Generated |
1 |
Event generated |
Address offset: 0x108
CCM error event
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | ||||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
EVENTS_ERROR |
CCM error event |
Deprecated |
|||||||||||||||||||||||||||||||
NotGenerated |
0 |
Event not generated |
|||||||||||||||||||||||||||||||||
Generated |
1 |
Event generated |
Address offset: 0x200
Shortcuts between local events and tasks
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | ||||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
ENDKSGEN_CRYPT |
|||||||||||||||||||||||||||||||||
Disabled |
0 |
Disable shortcut |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Enable shortcut |
Address offset: 0x304
Enable interrupt
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | C | B | A | ||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
ENDKSGEN |
Write '1' to enable interrupt for event ENDKSGEN |
||||||||||||||||||||||||||||||||
Set |
1 |
Enable |
|||||||||||||||||||||||||||||||||
Disabled |
0 |
Read: Disabled |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Read: Enabled |
|||||||||||||||||||||||||||||||||
B | RW |
ENDCRYPT |
Write '1' to enable interrupt for event ENDCRYPT |
||||||||||||||||||||||||||||||||
Set |
1 |
Enable |
|||||||||||||||||||||||||||||||||
Disabled |
0 |
Read: Disabled |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Read: Enabled |
|||||||||||||||||||||||||||||||||
C | RW |
ERROR |
Write '1' to enable interrupt for event ERROR |
Deprecated |
|||||||||||||||||||||||||||||||
Set |
1 |
Enable |
|||||||||||||||||||||||||||||||||
Disabled |
0 |
Read: Disabled |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Read: Enabled |
Address offset: 0x308
Disable interrupt
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | C | B | A | ||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
ENDKSGEN |
Write '1' to disable interrupt for event ENDKSGEN |
||||||||||||||||||||||||||||||||
Clear |
1 |
Disable |
|||||||||||||||||||||||||||||||||
Disabled |
0 |
Read: Disabled |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Read: Enabled |
|||||||||||||||||||||||||||||||||
B | RW |
ENDCRYPT |
Write '1' to disable interrupt for event ENDCRYPT |
||||||||||||||||||||||||||||||||
Clear |
1 |
Disable |
|||||||||||||||||||||||||||||||||
Disabled |
0 |
Read: Disabled |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Read: Enabled |
|||||||||||||||||||||||||||||||||
C | RW |
ERROR |
Write '1' to disable interrupt for event ERROR |
Deprecated |
|||||||||||||||||||||||||||||||
Clear |
1 |
Disable |
|||||||||||||||||||||||||||||||||
Disabled |
0 |
Read: Disabled |
|||||||||||||||||||||||||||||||||
Enabled |
1 |
Read: Enabled |
Address offset: 0x400
MIC check result
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | ||||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | R |
MICSTATUS |
The result of the MIC check performed during the previous decryption operation |
||||||||||||||||||||||||||||||||
CheckFailed |
0 |
MIC check failed |
|||||||||||||||||||||||||||||||||
CheckPassed |
1 |
MIC check passed |
Address offset: 0x500
Enable
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | A | |||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
ENABLE |
Enable or disable CCM |
||||||||||||||||||||||||||||||||
Disabled |
0 |
Disable |
|||||||||||||||||||||||||||||||||
Enabled |
2 |
Enable |
Address offset: 0x504
Operation mode
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | C | B | B | A | |||||||||||||||||||||||||||||||
Reset 0x00000001 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
MODE |
The mode of operation to be used. Settings in this register apply whenever either the KSGEN task or the CRYPT task is triggered. |
||||||||||||||||||||||||||||||||
Encryption |
0 |
AES CCM packet encryption mode |
|||||||||||||||||||||||||||||||||
Decryption |
1 |
AES CCM packet decryption mode |
|||||||||||||||||||||||||||||||||
B | RW |
DATARATE |
Radio data rate that the CCM shall run synchronous with |
||||||||||||||||||||||||||||||||
1Mbit |
0 |
1 Mbps |
|||||||||||||||||||||||||||||||||
2Mbit |
1 |
2 Mbps |
|||||||||||||||||||||||||||||||||
125Kbps |
2 |
125 kbps |
|||||||||||||||||||||||||||||||||
500Kbps |
3 |
500 kbps |
|||||||||||||||||||||||||||||||||
C | RW |
LENGTH |
Packet length configuration |
||||||||||||||||||||||||||||||||
Default |
0 |
Default length. Effective length of LENGTH field in encrypted/decrypted packet is 5 bits. A keystream for packet payloads up to 27 bytes will be generated. |
|||||||||||||||||||||||||||||||||
Extended |
1 |
Extended length. Effective length of LENGTH field in encrypted/decrypted packet is 8 bits. A keystream for packet payloads up to MAXPACKETSIZE bytes will be generated. |
Address offset: 0x508
Pointer to data structure holding the AES key and the NONCE vector
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | |||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
CNFPTR |
Pointer to the data structure holding the AES key and the CCM NONCE vector (see table CCM data structure overview) |
Address offset: 0x50C
Input pointer
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | |||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
INPTR |
Input pointer |
Address offset: 0x510
Output pointer
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | |||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
OUTPTR |
Output pointer |
Address offset: 0x514
Pointer to data area used for temporary storage
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | A | |||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
SCRATCHPTR |
Pointer to a scratch data area used for temporary storage during keystream generation, MIC generation and encryption/decryption. The scratch area is used for temporary storage of data during keystream generation and encryption. When MODE.LENGTH = Default, a space of 43 bytes is required for this temporary storage. When MODE.LENGTH = Extended, a space of (16 + MAXPACKETSIZE) bytes is required. |
Address offset: 0x518
Length of keystream generated when MODE.LENGTH = Extended
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | A | A | A | A | A | A | A | |||||||||||||||||||||||||||
Reset 0x000000FB | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1 | 1 | 1 | 1 | 0 | 1 | 1 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
MAXPACKETSIZE |
[0x001B..0x00FB] |
Length of keystream generated when MODE.LENGTH = Extended. This value must be greater than or equal to the subsequent packet payload to be encrypted/decrypted. |
Address offset: 0x51C
Data rate override setting.
Override value to be used instead of the setting of MODE.DATARATE. This override value applies when the RATEOVERRIDE task is triggered.
Bit number | 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ID | A | A | |||||||||||||||||||||||||||||||||
Reset 0x00000000 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | |||
ID | Access | Field | Value ID | Value | Description | ||||||||||||||||||||||||||||||
A | RW |
RATEOVERRIDE |
Data rate override setting |
||||||||||||||||||||||||||||||||
1Mbit |
0 |
1 Mbps |
|||||||||||||||||||||||||||||||||
2Mbit |
1 |
2 Mbps |
|||||||||||||||||||||||||||||||||
125Kbps |
2 |
125 kbps |
|||||||||||||||||||||||||||||||||
500Kbps |
3 |
500 kbps |
Symbol | Description | Min. | Typ. | Max. | Units | ||||
---|---|---|---|---|---|---|---|---|---|
tkgen |
Time needed for keystream generation (given priority access to destination RAM block) |
50 | µs |