This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

Docs or Examples for using AES module in CC254x

Other Parts Discussed in Thread: CC2541

Hello,

I would like to use the AES module in the CC2541 in our project to encrypt some arbitrary data, separate from any BLE connection. I've been searching around for documentation on the software interface to this, or any examples, but I haven't found anything definitive.

Could someone please direct me to the docs if they exist?

I'm specifically looking at the hal_aes.h/c module, and I've also found reference in these forums to the LL_Encrypt/LL_EXT_Decrypt functions from the Link Layer module. I've read the docs in the header file for hal_aes.h, but it doesn't make it very clear to me how the module is supposed to be used. It's unclear which functions are meant to be private or public (e.g. do I call AesStartBlock directly or am I supposed to use the sspAesEncryptHW function? What does SSP stand for?

The link layer encryption methods look much simpler, but I'm skeptical because it's in the link layer module and the data I'm encrypting has nothing to do with a BLE link. It's data received via SPI that I want to encrypt/decrypt and send back out over SPI.

Thanks!

Chris

  • Hi Chris

    The AES co-processor interface in CC2541 is quite simple.

    Information needed according to me is present in http://www.ti.com/lit/ug/swru191f/swru191f.pdf and the hal_aes.c file.

    The typical steps involved in AES encryption or decryption are

    1. Load the Key  - void AesLoadKey( uint8 *AesKey )

    2. Load the input-data and Read the output-data - void AesStartBlock( uint8 *out, uint8 *in )

    By default, the mode in AES engine is set to CBC, if you wish to change, then use AES_SETMODE() before the AesLoadKey() funciton call.

    Regards

    Harsha

     

     

  • Thanks, Harsha and Eirik.

    From software developer's perspective I have to admit I find the User Guide's section on AES (in swru191f.pdf) to be insufficient. Most other microcontrollers I've worked with provide an example library and an application using the library for each feature, and I was really hoping TI would offer something with a higher level API and documentation like you do for the BLE stack (which is overall pretty good!).

    Harsha, thanks for confirming that the hal_dma.c module is the most up-to-date code. I'll dig through that to try and get a working example and post back when I do.

    Eirik, thanks for the link, but since you described that app note as obsolete and the code doesn't look anything like what's provided in hal_dma.c, I'm going to assume it is too far out of date and will not work anymore.

    Chris

  • The docs in hal_aes.c don't seem up to date or 100% correct - Harsha, could you confirm this is definitely the right module? I'm hesitant to put a lot of effort into getting this to work if I don't have a good working example. For example the function docs here say 'out' is the data to be read, but the code is writing the 'out' and reading from 'in'. I'm guessing this is a typo, but it does not instill confidence.

    /******************************************************************************   
     * @fn      AesStartBlock                                                         
     *                                                                                                                                                                                                                                             
     * @brief   Write and read a block to and from the AES engine                    
     *                                                                               
     * input parameters                                                               
     *                                                                                
     * @param   out  - Pointer to result to be read.                                  
     *          in   - pointer to data to be written.                                 
     *                                                                               
     * @return  None                                                                 
     */                                                                              
    void AesStartBlock( uint8 *out, uint8 *in )                                      
    {                                                                                
      uint8 i;                                                                       
                                                                                     
      /* Kick it off */                                                              
      AES_START();                                                                   
                                                                                     
      /* Copy data to encryption input register */                                   
      for (i = 0; i < STATE_BLENGTH; i++)                                            
      {                                                                              
        ENCDI = *in++;                                                               
      }                                                                              
                                                                                     
      /* Delay is required for non-DMA AES */                                        
      HAL_AES_DELAY();                                                               
                                                                                     
      /* Copy encryption output register to out */                                   
      for (i = 0; i < STATE_BLENGTH; i++)                                            
      {                                                                              
        *out++ = ENCDO;                                                              
      }                                                                              
    }

    Thanks,

    Chris

  • Hello Christopher ,

    In this sense they are referring to the in as the data to be written into the AES module and the out to store the result that is read out.

  • Thanks, I was able to get a small example working. I'll include it here for the next person Googling for how to use AES on the CC254x:

    #include <hal_dma.h>
    #include <hal_aes.h>
    
    static void encryption_init(uint8* key) {                                        
        HalAesInit();                                                                
        AesLoadKey(key);                                                             
        AES_SETMODE(CBC);                                                                                   
    }                                                                                
                                                                                     
    void encryption_generate_key(uint8* buffer) {                                    
        LL_Rand(buffer, ENCRYPTION_KEY_SIZE);                                        
    }                                                                                
                                                                                     
    void encryption_encrypt(uint8* key, uint8* decrypted_data, uint8* buffer) {      
        encryption_init(key);                                                        
        AesDmaSetup(buffer, ENCRYPTION_BLOCK_SIZE, decrypted_data,                   
                ENCRYPTION_BLOCK_SIZE);                                              
        AES_SET_ENCR_DECR_KEY_IV( AES_ENCRYPT );                                     
        AES_START();                                                                 
        while( !HAL_DMA_CHECK_IRQ( HAL_DMA_AES_OUT ) );                              
    }                                                                                
                                                                                     
    void encryption_decrypt(uint8* key, uint8* encrypted_data, uint8* buffer) {      
        encryption_init(key);                                                        
        AesDmaSetup(buffer, ENCRYPTION_BLOCK_SIZE, encrypted_data,                   
                ENCRYPTION_BLOCK_SIZE);                                              
        AES_SET_ENCR_DECR_KEY_IV( AES_DECRYPT );                                     
        AES_START();                                                                 
        while( !HAL_DMA_CHECK_IRQ( HAL_DMA_AES_OUT ) );                              
    }   

    I then tried replacing this with the LL module's versions of encrypt/decrypt, and that worked OK too:

    #include <ll.h>
    void encryption_encrypt(uint8* key, uint8* decrypted_data, uint8* buffer) {
        LL_Encrypt(key, decrypted_data, buffer);
    }
    
    void encryption_decrypt(uint8* key, uint8* encrypted_data, uint8* buffer) {
        LL_EXT_Decrypt(key, encrypted_data, buffer);
    }
    

    This is much smaller, so I'd obviously prefer to use it. The LL module is closed source - can you tell me what's going on inside these functions? Does it use DMA like my example?