Tool/software:
Recently, I tried to implement the AES-GCM mode on AM2612. It seems that AM2612 only support the IV length in 96 bit, and I had build a GCM test demo of AES-GCM mode refer to the CCM-mode example.
The GCM test demo worked! But there is a little problem:
When I try to calculate the first gruop data, all the output data is as well as my expectation(Including the Ciphertext and Tag). But when I try to run calculate another group data, the Ciphertext is correct but the tag value is unexpected.
At that time, I realize that the AES context get the wrong AAD. Maybe there is some residual data in the AES context register. So that I try to soft-reset the AES module (calling DTHE_AES_close and DTHE_AES_open to reset the AES) after every calculation and it indeed wrok! The second group output tag is correct! All the tests above is only work within the HSM using AES secure context.
When I try to use the same code on R5F using AES public context. he second group output tag is not right even if I soft-reset the AES module.
So my problems are:
1. Is there any register to control the GHASH module for reseting?
2. Why the CCM mode does not need to soft-reset the AES module?
