According to the Reference Manual v8 of STM32H753 one has to to flush the FIFO to perform a cipher operation:
The STM32Cube source code example is not doing this flush for AES-GCM (it does the flush for DES and TDES)
I implemented my code like the example and it seems to work fine.
1) is the flush needed or not for AES ?
2) why flushing the fifo in the nominal case anyway?
The reason for this is that the AES-GCM algorithm uses the same key and IV for both encryption and decryption, and the input and output data are processed in blocks of 16 bytes. Therefore, the input and output FIFOs are not expected to contain any residual data from a previous operation.
However, it is still a good practice to perform the flush operation to ensure that the input and output FIFOs are cleared before starting a new operation. This can prevent any potential issues that may arise from residual data in the FIFOs especially with older algorithms like DES and TDES.