Hardware/AES engine

From WiiUBrew
Jump to navigation Jump to search
AES engine
Access
EspressoNone
StarbuckFull
Registers
Base0x0d020000, 0x0d180000
Length0x14
Access size32 bits
Byte orderBig Endian
IRQs
EspressoNone
Latte2
This box: view  talk  edit

The Latte's AES Engine encrypts/decrypts 16-byte blocks using AES-128 in Cipher Block Chaining mode.
There are also traces of code inside IOS-CRYPTO that suggest the existence of a second engine named AESS, probably only available in evaluation/debug units.

Register List

AES Engine
Address Bits Name Description
0x0d020000 32 AES_CTRL AES Control and Status
0x0d020004 32 AES_SRC Source memory address
0x0d020008 32 AES_DEST Destination memory address
0x0d02000c 32 AES_KEY Key FIFO
0x0d020010 32 AES_IV IV FIFO


AESS Engine
Address Bits Name Description
0x0d180000 32 AESS_CTRL AESS Control and Status
0x0d180004 32 AESS_SRC Source memory address
0x0d180008 32 AESS_DEST Destination memory address
0x0d18000c 32 AESS_KEY Key FIFO
0x0d180010 32 AESS_IV IV FIFO

Register Details

AES_CTRL (0x0d020000)
  31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16
Access R/W R/W R/W R/W R/W U
Field EXEC IRQ ERR ENA DEC
  15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
Access U W W
Field IV BLOCKS

This register controls the state of the AES engine.

Field Description
EXEC Write 1: initiate AES command
Write 0: reset AES engine
Read: AES engine busy
IRQ Set to enable IRQ generation when command is complete
ERR If set, AES error occurred (?)[check]
ENA Enable en/decryption. If clear, the data is copied straight from source to destination without change (useful as a DMA copy engine?).
DEC Set to decrypt, clear to encrypt
IV If set, chain from last command (continue CBC mode). If clear, use the supplied IV.
DATALEN Number of 16-byte blocks to process, minus one. 0 means one block.

AES_SRC (0x0d020004)
  314 30
Access R/W U

This register contains the DMA address of the source data. The same buffer can be used for source and destination. The address must be 16-byte aligned. The engine updates this register as it processes the blocks.


AES_DEST (0x0d020008)
  314 30
Access R/W U

This register contains the DMA address of the destination data. The same buffer can be used for source and destination. The address must be 16-byte aligned. The engine updates this register as it processes the blocks.


AES_KEY (0x0d02000c)
  310
Access W

This register implements a FIFO that accepts the AES key. A sequence of four 32-bit writes will set the AES key (starting with the leftmost 32-bit word).


AES_IV (0x0d020010)
  310
Access W

This register implements a FIFO that accepts the AES IV. A sequence of four 32-bit writes will set the AES IV (starting with the leftmost 32-bit word). Clear the IV bit in the AES_CTRL register to restart the CBC encryption using this IV instead of using the last encrypted block.