/*- * Copyright (c) 2003-2009 RMI Corporation * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of RMI Corporation, nor the names of its contributors, * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * $FreeBSD$ * RMI_BSD */ #ifndef _DESC_H_ #define _DESC_H_ #define ONE_BIT 0x0000000000000001ULL #define TWO_BITS 0x0000000000000003ULL #define THREE_BITS 0x0000000000000007ULL #define FOUR_BITS 0x000000000000000fULL #define FIVE_BITS 0x000000000000001fULL #define SIX_BITS 0x000000000000003fULL #define SEVEN_BITS 0x000000000000007fULL #define EIGHT_BITS 0x00000000000000ffULL #define NINE_BITS 0x00000000000001ffULL #define ELEVEN_BITS 0x00000000000007ffULL #define TWELVE_BITS 0x0000000000000fffULL #define FOURTEEN_BITS 0x0000000000003fffULL #define TWENTYFOUR_BITS 0x0000000000ffffffULL #define THIRTY_TWO_BITS 0x00000000ffffffffULL #define THIRTY_FIVE_BITS 0x00000007ffffffffULL #define FOURTY_BITS 0x000000ffffffffffULL #define MSG_IN_CTL_LEN_BASE 40 #define MSG_IN_CTL_ADDR_BASE 0 #define GET_FIELD(word,field) \ ((word) & (field ## _MASK)) >> (field ## _LSB) #define FIELD_VALUE(field,value) (((value) & (field ## _BITS)) << (field ## _LSB)) /* * NOTE: this macro expects 'word' to be uninitialized (i.e. zeroed) */ #define SET_FIELD(word,field,value) \ { (word) |= (((value) & (field ## _BITS)) << (field ## _LSB)); } /* * This macro clears 'word', then sets the value */ #define CLEAR_SET_FIELD(word,field,value) \ { (word) &= ~((field ## _BITS) << (field ## _LSB)); \ (word) |= (((value) & (field ## _BITS)) << (field ## _LSB)); } /* * NOTE: May be used to build value specific mask * (e.g. GEN_MASK(CTL_DSC_CPHR_3DES,CTL_DSC_CPHR_LSB) */ #define GEN_MASK(bits,lsb) ((bits) << (lsb)) /* * Security block data and control exchange * * A 2-word message ring descriptor is used to pass a pointer to the control descriptor data structure * and a pointer to the packet descriptor data structure: * * 63 61 60 54 53 52 49 48 45 44 40 * 39 5 4 0 * --------------------------------------------------------------------------------------------------------------------------------------------------------- * | Ctrl | Resp Dest Id Entry0 | IF_L2ALLOC | UNUSED | Control Length | UNUSED * | 35 MSB of address of control descriptor data structure | Software Scratch0 * | * --------------------------------------------------------------------------------------------------------------------------------------------------------- * 3 7 1 4 4 5 * 35 5 * * 63 61 60 54 53 52 51 50 46 45 44 40 39 5 4 0 * --------------------------------------------------------------------------------------------------------------------------------------------------------- * | Ctrl | UNUSED | WRB_COH | WRB_L2ALLOC | DF_PTR_L2ALLOC | UNUSED | Data Length | UNUSED | 35 MSB of address of packet descriptor data structure | UNUSED | * --------------------------------------------------------------------------------------------------------------------------------------------------------- * 3 7 1 1 1 5 1 5 35 5 * * Addresses assumed to be cache-line aligned, i.e., Address[4:0] ignored (using 5'h00 instead) * * Control length is the number of control cachelines to be read so user needs * to round up * the control length to closest integer multiple of 32 bytes. Note that at * present (08/12/04) * the longest (sensical) ctrl structure is <= 416 bytes, i.e., 13 cachelines. * * The packet descriptor data structure size is fixed at 1 cacheline (32 bytes). * This effectively makes "Data Length" a Load/NoLoad bit. NoLoad causes an abort. * * * Upon completion of operation, the security block returns a 2-word free descriptor * in the following format: * * 63 61 60 54 53 52 51 49 48 47 40 39 0 * ---------------------------------------------------------------------------------------------------------------------------- * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | 1'b0 | Instruction Error | Address of control descriptor data structure | * ---------------------------------------------------------------------------------------------------------------------------- * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | 1'b0 | Data Error | Address of packet descriptor data structure | * ---------------------------------------------------------------------------------------------------------------------------- * * The Instruction and Data Error codes are enumerated in the * ControlDescriptor and PacketDescriptor sections below * */ /* * Operating assumptions * ===================== * * * -> For all IpSec ops, I assume that all the IP/IPSec/TCP headers * and the data are present at the specified source addresses. * I also assume that all necessary header data already exists * at the destination. Additionally, in AH I assume that all * mutable fields (IP.{TOS, Flags, Offset, TTL, Header_Checksum}) * and the AH.Authentication_Data have been zeroed by the client. * * * -> In principle, the HW can calculate TCP checksums on both * incoming and outgoing data; however, since the TCP header * contains the TCP checksum of the plain payload and the header * is encrypted, two passes would be necessary to do checksum + encryption * for outgoing messages; * therefore the checksum engine will likely only be used during decryption * (incoming). * * * -> For all operations involving TCP checksum, I assume the client has filled * the TCP checksum field with the appropriate value: * * - 0 for generation phase * - actual value for verification phase (expecting 0 result) * * * -> For ESP tunnel, the original IP header exists between the end of the * ESP header and the beginning of the TCP header; it is assumed that the * maximum length of this header is 16 k(32bit)words (used in CkSum_Offset). * * * -> The authentication data is merely written to the destination address; * the client is left with the task of comparing to the data in packet * in decrypt. * * -> PacketDescriptor_t.dstLLWMask relevant to AES CTR mode only but it will * affect all AES-related operations. It will not affect DES/3DES/bypass ops. * The mask is applied to data as it emerges from the AES engine for the sole * purpose of providing the authenticator and cksum engines with correct data. * CAVEAT: the HW does not mask the incoming data. It is the user's responsibility * to set to 0 the corresponding data in memory. If the surplus data is not masked * in memory, cksum/auth results will be incorrect if those engines receive data * straight from memory (i.e., not from cipher, as it happens while decoding) */ /* * Fragmentation and offset related notes * ====================================== * * * A) Rebuilding packets from fragments on dword boundaries. The discussion * below is exemplified by tests memcpy_all_off_frags and memcpy_same_off_frags * * 1) The Offset before data/iv on first fragment is ALWAYS written back * Non-zero dst dword or global offsets may cause more data to be * written than the user-specified length. * * * Example: * -------- * * Below is a source (first fragment) packet (@ ADD0 cache-aligned address). * Assume we just copy it and relevant data starts on * dword 3 so Cipher_Offset = IV_Offset = 3 (dwords). * D0X denotes relevant data and G denotes dont care data. * Offset data is also copied so Packet_Legth = 9 (dwords) * 8 = 72 (bytes) * Segment_src_address = ADD0 * * If we want to, e.g., copy so that the relevant (i.e., D0X) data * starts at (cache-aligned address) ADD1, we need to specify * Dst_dword_offset = 1 so D00 is moved from dword position 3 to 0 on next cache-line * Cipher_dst_address = ADD1 - 0x20 so D00 is written to ADD1 * * Note that the security engine always writes full cachelines * therefore, data written to dword0 0 of ADD1 (denoted w/ ?) is what the sec pipe * write back buffer contained from previous op. * * * SOURCE: DESTINATION: * ------- ------------ * * Segment_src_address = ADD0 Cipher_dst_address = ADD1 - 0x20 * Packet_Legth = 72 Dst_dword_offset = 1 * Cipher_Offset = 3 * IV_Offset = 3 * Use_IV = ANY * * * * 3 2 1 0 3 2 1 0 * ----------------------- ----------------------- * | D00 | G | G | G | <- ADD0 | G | G | G | ? | <- ADD1 - 0x20 * ----------------------- ----------------------- * | D04 | D03 | D02 | D01 | | D03 | D02 | D01 | D00 | <- ADD1 * ----------------------- ----------------------- * | | | | D05 | | | | D05 | D04 | * ----------------------- ----------------------- * * 2) On fragments following the first, IV_Offset is overloaded to mean data offset * (number of dwords to skip from beginning of cacheline before starting processing) * and Use_IV is overloaded to mean do writeback the offset (in the clear). * These fields in combination with Dst_dword_offset allow packet fragments with * arbitrary boundaries/lengthd to be reasembled. * * * Example: * -------- * * Assume data above was first fragment of a packet we'd like to merge to * (second) fragment below located at ADD2. The written data should follow * the previous data without gaps or overwrites. To achieve this, one should * assert the "Next" field on the previous fragment and use self-explanatory * set of parameters below * * * SOURCE: DESTINATION: * ------- ------------ * * Segment_src_address = ADD2 Cipher_dst_address = ADD1 + 0x20 * Packet_Legth = 104 Dst_dword_offset = 1 * IV_Offset = 1 * Use_IV = 0 * * * * 3 2 1 0 3 2 1 0 * ----------------------- ----------------------- * | D12 | D11 | D10 | G | <- ADD2 | G | G | G | ? | <- ADD1 - 0x20 * ----------------------- ----------------------- * | D16 | D15 | D14 | D13 | | D03 | D02 | D01 | D00 | <- ADD1 * ----------------------- ----------------------- * | D1a | D19 | D18 | D17 | | D11 | D10 | D05 | D04 | <- ADD1 + 0x20 * ----------------------- ----------------------- * | | | | D1b | | D15 | D14 | D13 | D12 | * ----------------------- ----------------------- * | D19 | D18 | D17 | D16 | * ----------------------- * | | | D1b | D1a | * ----------------------- * * It is note-worthy that the merging can only be achieved if Use_IV is 0. Indeed, the security * engine always writes full lines, therefore ADD1 + 0x20 will be re-written. Setting Use_IV to 0 * will allow the sec pipe write back buffer to preserve D04, D05 from previous frag and only * receive D10, D11 thereby preserving the integrity of the previous data. * * 3) On fragments following the first, !UseIV in combination w/ Dst_dword_offset >= (4 - IV_Offset) * will cause a wraparound of the write thus achieving all 16 possible (Initial_Location, Final_Location) * combinations for the data. * * * Example: * -------- * * Contiguously merging 2 data sets above with a third located at ADD3. If this is the last fragment, * reset its Next bit. * * * SOURCE: DESTINATION: * ------- ------------ * * Segment_src_address = ADD3 Cipher_dst_address = ADD1 + 0x80 * Packet_Legth = 152 Dst_dword_offset = 3 * IV_Offset = 3 * Use_IV = 0 * * * * 3 2 1 0 3 2 1 0 * ----------------------- ----------------------- * | D20 | G | G | G | <- ADD2 | G | G | G | ? | <- ADD1 - 0x20 * ----------------------- ----------------------- * | D24 | D23 | D22 | D21 | | D03 | D02 | D01 | D00 | <- ADD1 * ----------------------- ----------------------- * | D28 | D27 | D26 | D25 | | D11 | D10 | D05 | D04 | <- ADD1 + 0x20 * ----------------------- ----------------------- * | D2c | D2b | D2a | D29 | | D15 | D14 | D13 | D12 | * ----------------------- ----------------------- * | | D2f | D2e | D2d | | D19 | D18 | D17 | D16 | * ----------------------- ----------------------- * | D21 | D20 | D1b | D1a | <- ADD1 + 0x80 * ----------------------- * | D25 | D24 | D23 | D22 | * ----------------------- * | D29 | D28 | D27 | D26 | * ----------------------- * | D2d | D2c | D2b | D2a | * ----------------------- * |(D2d)|(D2c)| D2f | D2e | * ----------------------- * * It is worth noticing that always writing full-lines causes the last 2 dwords in the reconstituted * packet to be unnecessarily written: (D2d) and (D2c) * * * * B) Implications of fragmentation on AES * * 1) AES is a 128 bit block cipher; therefore it requires an even dword total data length * Data fragments (provided there are more than 1) are allowed to have odd dword * data lengths provided the total length (cumulated over fragments) is an even dword * count; an error will be generated otherwise, upon receiving the last fragment descriptor * (see error conditions below). * * 2) While using fragments with AES, a fragment (other than first) starting with a != 0 (IV) offset * while the subsequent total dword count given to AES is odd may not be required to write * its offset (UseIV). Doing so will cause an error (see error conditions below). * * * Example: * -------- * * Suppose the first fragment has an odd DATA dword count and USES AES (as seen below) * * SOURCE: DESTINATION: * ------- ------------ * * Segment_src_address = ADD0 Cipher_dst_address = ADD1 * Packet_Legth = 64 Dst_dword_offset = 1 * Cipher_Offset = 3 * IV_Offset = 1 * Use_IV = 1 * Cipher = Any AES * Next = 1 * * * * * 3 2 1 0 3 2 1 0 * ----------------------- ----------------------- * | D00 | IV1 | IV0 | G | <- ADD0 | E00 | IV1 | IV0 | G | <- ADD1 * ----------------------- ----------------------- * | D04 | D03 | D02 | D01 | | X | E03 | E02 | E01 | * ----------------------- ----------------------- * * At the end of processing of the previous fragment, the AES engine input buffer has D04 * and waits for next dword, therefore the writeback buffer cannot finish writing the fragment * to destination (X instead of E04). * * If a second fragment now arrives with a non-0 offset and requires the offset data to be * written to destination, the previous write (still needing the arrival of the last dword * required by the AES to complete the previous operation) cannot complete before the present * should start causing a deadlock. */ /* * Command Control Word for Message Ring Descriptor */ /* #define MSG_CMD_CTL_CTL */ #define MSG_CMD_CTL_CTL_LSB 61 #define MSG_CMD_CTL_CTL_BITS THREE_BITS #define MSG_CMD_CTL_CTL_MASK (MSG_CMD_CTL_CTL_BITS << MSG_CMD_CTL_CTL_LSB) /* #define MSG_CMD_CTL_ID */ #define MSG_CMD_CTL_ID_LSB 54 #define MSG_CMD_CTL_ID_BITS SEVEN_BITS #define MSG_CMD_CTL_ID_MASK (MSG_CMD_CTL_ID_BITS << MSG_CMD_CTL_ID_LSB) /* #define MSG_CMD_CTL_LEN */ #define MSG_CMD_CTL_LEN_LSB 45 #define MSG_CMD_CTL_LEN_BITS FOUR_BITS #define MSG_CMD_CTL_LEN_MASK (MSG_CMD_CTL_LEN_BITS << MSG_CMD_CTL_LEN_LSB) /* #define MSG_CMD_CTL_ADDR */ #define MSG_CMD_CTL_ADDR_LSB 0 #define MSG_CMD_CTL_ADDR_BITS FOURTY_BITS #define MSG_CMD_CTL_ADDR_MASK (MSG_CMD_CTL_ADDR_BITS << MSG_CMD_CTL_ADDR_LSB) #define MSG_CMD_CTL_MASK (MSG_CMD_CTL_CTL_MASK | \ MSG_CMD_CTL_LEN_MASK | MSG_CMD_CTL_ADDR_MASK) /* * Command Data Word for Message Ring Descriptor */ /* #define MSG_IN_DATA_CTL */ #define MSG_CMD_DATA_CTL_LSB 61 #define MSG_CMD_DATA_CTL_BITS THREE_BITS #define MSG_CMD_DATA_CTL_MASK (MSG_CMD_DATA_CTL_BITS << MSG_CMD_DATA_CTL_LSB) /* #define MSG_CMD_DATA_LEN */ #define MSG_CMD_DATA_LEN_LOAD 1 #define MSG_CMD_DATA_LEN_LSB 45 #define MSG_CMD_DATA_LEN_BITS ONE_BIT #define MSG_CMD_DATA_LEN_MASK (MSG_CMD_DATA_LEN_BITS << MSG_CMD_DATA_LEN_LSB) /* #define MSG_CMD_DATA_ADDR */ #define MSG_CMD_DATA_ADDR_LSB 0 #define MSG_CMD_DATA_ADDR_BITS FOURTY_BITS #define MSG_CMD_DATA_ADDR_MASK (MSG_CMD_DATA_ADDR_BITS << MSG_CMD_DATA_ADDR_LSB) #define MSG_CMD_DATA_MASK (MSG_CMD_DATA_CTL_MASK | \ MSG_CMD_DATA_LEN_MASK | MSG_CMD_DATA_ADDR_MASK) /* * Upon completion of operation, the Sec block returns a 2-word free descriptor * in the following format: * * 63 61 60 54 53 52 51 49 48 40 39 0 * ---------------------------------------------------------------------------- * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | Control Error | Source Address | * ---------------------------------------------------------------------------- * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | Data Error | Dest Address | * ---------------------------------------------------------------------------- * * The Control and Data Error codes are enumerated below * * Error conditions * ================ * * Control Error Code Control Error Condition * ------------------ --------------------------- * 9'h000 No Error * 9'h001 Unknown Cipher Op ( Cipher == 3'h{6,7}) * 9'h002 Unknown or Illegal Mode ((Mode == 3'h{2,3,4} & !AES) | (Mode == 3'h{5,6,7})) * 9'h004 Unsupported CkSum Src (CkSum_Src == 2'h{2,3} & CKSUM) * 9'h008 Forbidden CFB Mask (AES & CFBMode & UseNewKeysCFBMask & CFBMask[7] & (| CFBMask[6:0])) * 9'h010 Unknown Ctrl Op ((| Ctrl[63:37]) | (| Ctrl[15:14])) * 9'h020 UNUSED * 9'h040 UNUSED * 9'h080 Data Read Error * 9'h100 Descriptor Ctrl Field Error (D0.Ctrl != SOP || D1.Ctrl != EOP) * * Data Error Code Data Error Condition * --------------- -------------------- * 9'h000 No Error * 9'h001 Insufficient Data To Cipher (Packet_Length <= (Cipher_Offset or IV_Offset)) * 9'h002 Illegal IV Location ((Cipher_Offset < IV_Offset) | (Cipher_Offset <= IV_Offset & AES & ~CTR)) * 9'h004 Illegal Wordcount To AES (Packet_Length[3] != Cipher_Offset[0] & AES) * 9'h008 Illegal Pad And ByteCount Spec (Hash_Byte_Count != 0 & !Pad_Hash) * 9'h010 Insufficient Data To CkSum ({Packet_Length, 1'b0} <= CkSum_Offset) * 9'h020 Unknown Data Op ((| dstLLWMask[63:60]) | (| dstLLWMask[57:40]) | (| authDst[63:40]) | (| ckSumDst[63:40])) * 9'h040 Insufficient Data To Auth ({Packet_Length} <= Auth_Offset) * 9'h080 Data Read Error * 9'h100 UNUSED */ /* * Result Control Word for Message Ring Descriptor */ /* #define MSG_RSLT_CTL_CTL */ #define MSG_RSLT_CTL_CTL_LSB 61 #define MSG_RSLT_CTL_CTL_BITS THREE_BITS #define MSG_RSLT_CTL_CTL_MASK \ (MSG_RSLT_CTL_CTL_BITS << MSG_RSLT_CTL_CTL_LSB) /* #define MSG_RSLT_CTL_DST_ID */ #define MSG_RSLT_CTL_DST_ID_LSB 54 #define MSG_RSLT_CTL_DST_ID_BITS SEVEN_BITS #define MSG_RSLT_CTL_DST_ID_MASK \ (MSG_RSLT_CTL_DST_ID_BITS << MSG_RSLT_CTL_DST_ID_LSB) /* #define MSG_RSLT_CTL_DSC_CTL */ #define MSG_RSLT_CTL_DSC_CTL_LSB 49 #define MSG_RSLT_CTL_DSC_CTL_BITS THREE_BITS #define MSG_RSLT_CTL_DSC_CTL_MASK \ (MSG_RSLT_CTL_DSC_CTL_BITS << MSG_RSLT_CTL_DSC_CTL_LSB) /* #define MSG_RSLT_CTL_INST_ERR */ #define MSG_RSLT_CTL_INST_ERR_LSB 40 #define MSG_RSLT_CTL_INST_ERR_BITS NINE_BITS #define MSG_RSLT_CTL_INST_ERR_MASK \ (MSG_RSLT_CTL_INST_ERR_BITS << MSG_RSLT_CTL_INST_ERR_LSB) /* #define MSG_RSLT_CTL_DSC_ADDR */ #define MSG_RSLT_CTL_DSC_ADDR_LSB 0 #define MSG_RSLT_CTL_DSC_ADDR_BITS FOURTY_BITS #define MSG_RSLT_CTL_DSC_ADDR_MASK \ (MSG_RSLT_CTL_DSC_ADDR_BITS << MSG_RSLT_CTL_DSC_ADDR_LSB) /* #define MSG_RSLT_CTL_MASK */ #define MSG_RSLT_CTL_MASK \ (MSG_RSLT_CTL_CTRL_MASK | MSG_RSLT_CTL_DST_ID_MASK | \ MSG_RSLT_CTL_DSC_CTL_MASK | MSG_RSLT_CTL_INST_ERR_MASK | \ MSG_RSLT_CTL_DSC_ADDR_MASK) /* * Result Data Word for Message Ring Descriptor */ /* #define MSG_RSLT_DATA_CTL */ #define MSG_RSLT_DATA_CTL_LSB 61 #define MSG_RSLT_DATA_CTL_BITS THREE_BITS #define MSG_RSLT_DATA_CTL_MASK \ (MSG_RSLT_DATA_CTL_BITS << MSG_RSLT_DATA_CTL_LSB) /* #define MSG_RSLT_DATA_DST_ID */ #define MSG_RSLT_DATA_DST_ID_LSB 54 #define MSG_RSLT_DATA_DST_ID_BITS SEVEN_BITS #define MSG_RSLT_DATA_DST_ID_MASK \ (MSG_RSLT_DATA_DST_ID_BITS << MSG_RSLT_DATA_DST_ID_LSB) /* #define MSG_RSLT_DATA_DSC_CTL */ #define MSG_RSLT_DATA_DSC_CTL_LSB 49 #define MSG_RSLT_DATA_DSC_CTL_BITS THREE_BITS #define MSG_RSLT_DATA_DSC_CTL_MASK \ (MSG_RSLT_DATA_DSC_CTL_BITS << MSG_RSLT_DATA_DSC_CTL_LSB) /* #define MSG_RSLT_DATA_INST_ERR */ #define MSG_RSLT_DATA_INST_ERR_LSB 40 #define MSG_RSLT_DATA_INST_ERR_BITS NINE_BITS #define MSG_RSLT_DATA_INST_ERR_MASK \ (MSG_RSLT_DATA_INST_ERR_BITS << MSG_RSLT_DATA_INST_ERR_LSB) /* #define MSG_RSLT_DATA_DSC_ADDR */ #define MSG_RSLT_DATA_DSC_ADDR_LSB 0 #define MSG_RSLT_DATA_DSC_ADDR_BITS FOURTY_BITS #define MSG_RSLT_DATA_DSC_ADDR_MASK \ (MSG_RSLT_DATA_DSC_ADDR_BITS << MSG_RSLT_DATA_DSC_ADDR_LSB) #define MSG_RSLT_DATA_MASK \ (MSG_RSLT_DATA_CTRL_MASK | MSG_RSLT_DATA_DST_ID_MASK | \ MSG_RSLT_DATA_DSC_CTL_MASK | MSG_RSLT_DATA_INST_ERR_MASK | \ MSG_RSLT_DATA_DSC_ADDR_MASK) /* * Common Message Definitions * */ /* #define MSG_CTL_OP_ADDR */ #define MSG_CTL_OP_ADDR_LSB 0 #define MSG_CTL_OP_ADDR_BITS FOURTY_BITS #define MSG_CTL_OP_ADDR_MASK (MSG_CTL_OP_ADDR_BITS << MSG_CTL_OP_ADDR_LSB) #define MSG_CTL_OP_TYPE #define MSG_CTL_OP_TYPE_LSB 3 #define MSG_CTL_OP_TYPE_BITS TWO_BITS #define MSG_CTL_OP_TYPE_MASK \ (MSG_CTL_OP_TYPE_BITS << MSG_CTL_OP_TYPE_LSB) #define MSG0_CTL_OP_ENGINE_SYMKEY 0x01 #define MSG0_CTL_OP_ENGINE_PUBKEY 0x02 #define MSG1_CTL_OP_SYMKEY_PIPE0 0x00 #define MSG1_CTL_OP_SYMKEY_PIPE1 0x01 #define MSG1_CTL_OP_SYMKEY_PIPE2 0x02 #define MSG1_CTL_OP_SYMKEY_PIPE3 0x03 #define MSG1_CTL_OP_PUBKEY_PIPE0 0x00 #define MSG1_CTL_OP_PUBKEY_PIPE1 0x01 #define MSG1_CTL_OP_PUBKEY_PIPE2 0x02 #define MSG1_CTL_OP_PUBKEY_PIPE3 0x03 /* /----------------------------------------\ * | | * | ControlDescriptor_s datastructure | * | | * \----------------------------------------/ * * * ControlDescriptor_t.Instruction * ------------------------------- * * 63 44 43 42 41 40 39 35 34 32 31 29 28 * -------------------------------------------------------------------------------------------------------------------- * || UNUSED || OverrideCipher | Arc4Wait4Save | SaveArc4State | LoadArc4State | Arc4KeyLen | Cipher | Mode | InCp_Key || ... CONT ... * -------------------------------------------------------------------------------------------------------------------- * 20 1 1 1 1 5 3 3 1 * <-----------------------------------------------CIPHER---------------------------------------------------> * * 27 25 24 23 22 21 20 19 17 16 15 0 * ----------------------------------------------------------------------------- * || UNUSED | Hash_Hi | HMAC | Hash_Lo | InHs_Key || UNUSED || CkSum || UNUSED || * ----------------------------------------------------------------------------- * 3 1 1 2 1 3 1 16 * <---------------------HASH---------------------><-----------CKSUM-----------> * * X0 CIPHER.Arc4Wait4Save = If op is Arc4 and it requires state saving, then * setting this bit will cause the current op to * delay subsequent op loading until saved state data * becomes visible. * CIPHER.OverrideCipher = Override encryption if PacketDescriptor_t.dstDataSettings.CipherPrefix * is set; data will be copied out (and optionally auth/cksum) * in the clear. This is used in GCM mode if auth only as we * still need E(K, 0) calculated by cipher. Engine behavior is * undefined if this bit is set and CipherPrefix is not. * X0 SaveArc4State = Save Arc4 state at the end of Arc4 operation * X0 LoadArc4State = Load Arc4 state at the beginning of an Arc4 operation * This overriden by the InCp_Key setting for Arc4 * Arc4KeyLen = Length in bytes of Arc4 key (0 is interpreted as 32) * Ignored for other ciphers * For ARC4, IFetch/IDecode will always read exactly 4 * consecutive dwords into its CipherKey{0,3} regardless * of this quantity; it will however only use the specified * number of bytes. * Cipher = 3'b000 Bypass * 3'b001 DES * 3'b010 3DES * 3'b011 AES 128-bit key * 3'b100 AES 192-bit key * 3'b101 AES 256-bit key * 3'b110 ARC4 * 3'b111 Kasumi f8 * Remainder UNDEFINED * Mode = 3'b000 ECB * 3'b001 CBC * 3'b010 CFB (AES only, otherwise undefined) * 3'b011 OFB (AES only, otherwise undefined) * 3'b100 CTR (AES only, otherwise undefined) * 3'b101 F8 (AES only, otherwise undefined) * Remainder UNDEFINED * InCp_Key = 1'b0 Preserve old Cipher Keys * 1'b1 Load new Cipher Keys from memory to local registers * and recalculate the Arc4 Sbox if Arc4 Cipher chosen; * This overrides LoadArc4State setting. * HASH.HMAC = 1'b0 Hash without HMAC * 1'b1 Hash with HMAC * Needs to be set to 0 for GCM and Kasumi F9 authenticators * otherwise unpredictable results will be generated * Hash = 2'b00 Hash NOP * 2'b01 MD5 * 2'b10 SHA-1 * 2'b11 SHA-256 * 3'b100 SHA-384 * 3'b101 SHA-512 * 3'b110 GCM * 3'b111 Kasumi f9 * InHs_Key = 1'b0 Preserve old HMAC Keys * If GCM is selected as authenticator, leaving this bit * at 0 will cause the engine to use the old H value. * It will use the old SCI inside the decoder if * CFBMask[1:0] == 2'b11. * If Kasumi F9 authenticator, using 0 preserves * old keys (IK) in decoder. * 1'b1 Load new HMAC Keys from memory to local registers * Setting this bit while Cipher=Arc4 and LoadArc4State=1 * causes the decoder to load the Arc4 state from the * cacheline following the HMAC keys (Whether HASH.HMAC * is set or not). * If GCM is selected as authenticator, setting this bit * causes both H (16 bytes) and SCI (8 bytes) to be loaded * from memory to the decoder. H will be loaded to the engine * but SCI is only loaded to the engine if CFBMask[1:0] == 2'b11. * If Kasumi F9 authenticator, using 1 loads new keys (IK) * from memory to decoder. * CHECKSUM.CkSum = 1'b0 CkSum NOP * 1'b1 INTERNET_CHECKSUM * * * */ /* #define CTRL_DSC_OVERRIDECIPHER */ #define CTL_DSC_OVERRIDECIPHER_OFF 0 #define CTL_DSC_OVERRIDECIPHER_ON 1 #define CTL_DSC_OVERRIDECIPHER_LSB 43 #define CTL_DSC_OVERRIDECIPHER_BITS ONE_BIT #define CTL_DSC_OVERRIDECIPHER_MASK (CTL_DSC_OVERRIDECIPHER_BITS << CTL_DSC_OVERRIDECIPHER_LSB) /* #define CTRL_DSC_ARC4_WAIT4SAVE */ #define CTL_DSC_ARC4_WAIT4SAVE_OFF 0 #define CTL_DSC_ARC4_WAIT4SAVE_ON 1 #define CTL_DSC_ARC4_WAIT4SAVE_LSB 42 #define CTL_DSC_ARC4_WAIT4SAVE_BITS ONE_BIT #define CTL_DSC_ARC4_WAIT4SAVE_MASK (CTL_DSC_ARC4_WAIT4SAVE_BITS << CTL_DSC_ARC4_WAIT4SAVE_LSB) /* #define CTRL_DSC_ARC4_SAVESTATE */ #define CTL_DSC_ARC4_SAVESTATE_OFF 0 #define CTL_DSC_ARC4_SAVESTATE_ON 1 #define CTL_DSC_ARC4_SAVESTATE_LSB 41 #define CTL_DSC_ARC4_SAVESTATE_BITS ONE_BIT #define CTL_DSC_ARC4_SAVESTATE_MASK (CTL_DSC_ARC4_SAVESTATE_BITS << CTL_DSC_ARC4_SAVESTATE_LSB) /* #define CTRL_DSC_ARC4_LOADSTATE */ #define CTL_DSC_ARC4_LOADSTATE_OFF 0 #define CTL_DSC_ARC4_LOADSTATE_ON 1 #define CTL_DSC_ARC4_LOADSTATE_LSB 40 #define CTL_DSC_ARC4_LOADSTATE_BITS ONE_BIT #define CTL_DSC_ARC4_LOADSTATE_MASK (CTL_DSC_ARC4_LOADSTATE_BITS << CTL_DSC_ARC4_LOADSTATE_LSB) /* #define CTRL_DSC_ARC4_KEYLEN */ #define CTL_DSC_ARC4_KEYLEN_LSB 35 #define CTL_DSC_ARC4_KEYLEN_BITS FIVE_BITS #define CTL_DSC_ARC4_KEYLEN_MASK (CTL_DSC_ARC4_KEYLEN_BITS << CTL_DSC_ARC4_KEYLEN_LSB) /* #define CTL_DSC_CPHR (cipher) */ #define CTL_DSC_CPHR_BYPASS 0 /* undefined */ #define CTL_DSC_CPHR_DES 1 #define CTL_DSC_CPHR_3DES 2 #define CTL_DSC_CPHR_AES128 3 #define CTL_DSC_CPHR_AES192 4 #define CTL_DSC_CPHR_AES256 5 #define CTL_DSC_CPHR_ARC4 6 #define CTL_DSC_CPHR_KASUMI_F8 7 #define CTL_DSC_CPHR_LSB 32 #define CTL_DSC_CPHR_BITS THREE_BITS #define CTL_DSC_CPHR_MASK (CTL_DSC_CPHR_BITS << CTL_DSC_CPHR_LSB) /* #define CTL_DSC_MODE */ #define CTL_DSC_MODE_ECB 0 #define CTL_DSC_MODE_CBC 1 #define CTL_DSC_MODE_CFB 2 #define CTL_DSC_MODE_OFB 3 #define CTL_DSC_MODE_CTR 4 #define CTL_DSC_MODE_F8 5 #define CTL_DSC_MODE_LSB 29 #define CTL_DSC_MODE_BITS THREE_BITS #define CTL_DSC_MODE_MASK (CTL_DSC_MODE_BITS << CTL_DSC_MODE_LSB) /* #define CTL_DSC_ICPHR */ #define CTL_DSC_ICPHR_OKY 0 /* Old Keys */ #define CTL_DSC_ICPHR_NKY 1 /* New Keys */ #define CTL_DSC_ICPHR_LSB 28 #define CTL_DSC_ICPHR_BITS ONE_BIT #define CTL_DSC_ICPHR_MASK (CTL_DSC_ICPHR_BITS << CTL_DSC_ICPHR_LSB) /* #define CTL_DSC_HASHHI */ #define CTL_DSC_HASHHI_LSB 24 #define CTL_DSC_HASHHI_BITS ONE_BIT #define CTL_DSC_HASHHI_MASK (CTL_DSC_HASHHI_BITS << CTL_DSC_HASHHI_LSB) /* #define CTL_DSC_HMAC */ #define CTL_DSC_HMAC_OFF 0 #define CTL_DSC_HMAC_ON 1 #define CTL_DSC_HMAC_LSB 23 #define CTL_DSC_HMAC_BITS ONE_BIT #define CTL_DSC_HMAC_MASK (CTL_DSC_HMAC_BITS << CTL_DSC_HMAC_LSB) /* #define CTL_DSC_HASH */ #define CTL_DSC_HASH_NOP 0 #define CTL_DSC_HASH_MD5 1 #define CTL_DSC_HASH_SHA1 2 #define CTL_DSC_HASH_SHA256 3 #define CTL_DSC_HASH_SHA384 4 #define CTL_DSC_HASH_SHA512 5 #define CTL_DSC_HASH_GCM 6 #define CTL_DSC_HASH_KASUMI_F9 7 #define CTL_DSC_HASH_LSB 21 #define CTL_DSC_HASH_BITS TWO_BITS #define CTL_DSC_HASH_MASK (CTL_DSC_HASH_BITS << CTL_DSC_HASH_LSB) /* #define CTL_DSC_IHASH */ #define CTL_DSC_IHASH_OLD 0 #define CTL_DSC_IHASH_NEW 1 #define CTL_DSC_IHASH_LSB 20 #define CTL_DSC_IHASH_BITS ONE_BIT #define CTL_DSC_IHASH_MASK (CTL_DSC_IHASH_BITS << CTL_DSC_IHASH_LSB) /* #define CTL_DSC_CKSUM */ #define CTL_DSC_CKSUM_NOP 0 #define CTL_DSC_CKSUM_IP 1 #define CTL_DSC_CKSUM_LSB 16 #define CTL_DSC_CKSUM_BITS ONE_BIT #define CTL_DSC_CKSUM_MASK (CTL_DSC_CKSUM_BITS << CTL_DSC_CKSUM_LSB) /* * Component strcts and unions defining CipherHashInfo_u */ /* AES256, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1, SHA-256) - 96 bytes */ typedef struct AES256HMAC_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; } AES256HMAC_t, *AES256HMAC_pt; /* AES256, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-512) - 160 bytes */ typedef struct AES256HMAC2_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; uint64_t hmacKey8; uint64_t hmacKey9; uint64_t hmacKey10; uint64_t hmacKey11; uint64_t hmacKey12; uint64_t hmacKey13; uint64_t hmacKey14; uint64_t hmacKey15; } AES256HMAC2_t, *AES256HMAC2_pt; /* AES256, (ECB, CBC, OFB, CTR, CFB), GCM - 56 bytes */ typedef struct AES256GCM_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t GCMH0; uint64_t GCMH1; uint64_t GCMSCI; } AES256GCM_t, *AES256GCM_pt; /* AES256, (ECB, CBC, OFB, CTR, CFB), F9 - 56 bytes */ typedef struct AES256F9_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t authKey0; uint64_t authKey1; } AES256F9_t, *AES256F9_pt; /* AES256, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1, SHA-256) - 32 bytes */ typedef struct AES256_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; } AES256_t, *AES256_pt; /* All AES192 possibilities */ /* AES192, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1, SHA-192) - 88 bytes */ typedef struct AES192HMAC_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; } AES192HMAC_t, *AES192HMAC_pt; /* AES192, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-512) - 152 bytes */ typedef struct AES192HMAC2_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; uint64_t hmacKey8; uint64_t hmacKey9; uint64_t hmacKey10; uint64_t hmacKey11; uint64_t hmacKey12; uint64_t hmacKey13; uint64_t hmacKey14; uint64_t hmacKey15; } AES192HMAC2_t, *AES192HMAC2_pt; /* AES192, (ECB, CBC, OFB, CTR, CFB), GCM - 48 bytes */ typedef struct AES192GCM_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t GCMH0; uint64_t GCMH1; uint64_t GCMSCI; } AES192GCM_t, *AES192GCM_pt; /* AES192, (ECB, CBC, OFB, CTR, CFB), F9 - 48 bytes */ typedef struct AES192F9_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t authKey0; uint64_t authKey1; } AES192F9_t, *AES192F9_pt; /* AES192, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1, SHA-192) - 24 bytes */ typedef struct AES192_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; } AES192_t, *AES192_pt; /* All AES128 possibilities */ /* AES128, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1, SHA-128) - 80 bytes */ typedef struct AES128HMAC_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; } AES128HMAC_t, *AES128HMAC_pt; /* AES128, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-612) - 144 bytes */ typedef struct AES128HMAC2_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; uint64_t hmacKey8; uint64_t hmacKey9; uint64_t hmacKey10; uint64_t hmacKey11; uint64_t hmacKey12; uint64_t hmacKey13; uint64_t hmacKey14; uint64_t hmacKey15; } AES128HMAC2_t, *AES128HMAC2_pt; /* AES128, (ECB, CBC, OFB, CTR, CFB), GCM - 40 bytes */ typedef struct AES128GCM_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t GCMH0; uint64_t GCMH1; uint64_t GCMSCI; } AES128GCM_t, *AES128GCM_pt; /* AES128, (ECB, CBC, OFB, CTR, CFB), F9 - 48 bytes */ typedef struct AES128F9_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t authKey0; uint64_t authKey1; } AES128F9_t, *AES128F9_pt; /* AES128, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1, SHA-128) - 16 bytes */ typedef struct AES128_s { uint64_t cipherKey0; uint64_t cipherKey1; } AES128_t, *AES128_pt; /* AES128, (OFB F8), Non-HMAC (MD5, SHA-1, SHA-256) - 32 bytes */ typedef struct AES128F8_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKeyMask0; uint64_t cipherKeyMask1; } AES128F8_t, *AES128F8_pt; /* AES128, (OFB F8), HMAC (MD5, SHA-1, SHA-256) - 96 bytes */ typedef struct AES128F8HMAC_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKeyMask0; uint64_t cipherKeyMask1; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; } AES128F8HMAC_t, *AES128F8HMAC_pt; /* AES128, (OFB F8), HMAC (SHA-384, SHA-512) - 160 bytes */ typedef struct AES128F8HMAC2_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKeyMask0; uint64_t cipherKeyMask1; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; uint64_t hmacKey8; uint64_t hmacKey9; uint64_t hmacKey10; uint64_t hmacKey11; uint64_t hmacKey12; uint64_t hmacKey13; uint64_t hmacKey14; uint64_t hmacKey15; } AES128F8HMAC2_t, *AES128F8HMAC2_pt; /* AES192, (OFB F8), Non-HMAC (MD5, SHA-1, SHA-256) - 48 bytes */ typedef struct AES192F8_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKeyMask0; uint64_t cipherKeyMask1; uint64_t cipherKeyMask2; } AES192F8_t, *AES192F8_pt; /* AES192, (OFB F8), HMAC (MD5, SHA-1, SHA-256) - 112 bytes */ typedef struct AES192F8HMAC_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKeyMask0; uint64_t cipherKeyMask1; uint64_t cipherKeyMask2; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; } AES192F8HMAC_t, *AES192F8HMAC_pt; /* AES192, (OFB F8), HMAC (SHA-384, SHA-512) - 176 bytes */ typedef struct AES192F8HMAC2_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKeyMask0; uint64_t cipherKeyMask1; uint64_t cipherKeyMask2; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; uint64_t hmacKey8; uint64_t hmacKey9; uint64_t hmacKey10; uint64_t hmacKey11; uint64_t hmacKey12; uint64_t hmacKey13; uint64_t hmacKey14; uint64_t hmacKey15; } AES192F8HMAC2_t, *AES192F8HMAC2_pt; /* AES256, (OFB F8), Non-HMAC (MD5, SHA-1, SHA-256) - 64 bytes */ typedef struct AES256F8_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t cipherKeyMask0; uint64_t cipherKeyMask1; uint64_t cipherKeyMask2; uint64_t cipherKeyMask3; } AES256F8_t, *AES256F8_pt; /* AES256, (OFB F8), HMAC (MD5, SHA-1, SHA-256) - 128 bytes */ typedef struct AES256F8HMAC_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t cipherKeyMask0; uint64_t cipherKeyMask1; uint64_t cipherKeyMask2; uint64_t cipherKeyMask3; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; } AES256F8HMAC_t, *AES256F8HMAC_pt; /* AES256, (OFB F8), HMAC (SHA-384, SHA-512) - 192 bytes */ typedef struct AES256F8HMAC2_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t cipherKeyMask0; uint64_t cipherKeyMask1; uint64_t cipherKeyMask2; uint64_t cipherKeyMask3; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; uint64_t hmacKey8; uint64_t hmacKey9; uint64_t hmacKey10; uint64_t hmacKey11; uint64_t hmacKey12; uint64_t hmacKey13; uint64_t hmacKey14; uint64_t hmacKey15; } AES256F8HMAC2_t, *AES256F8HMAC2_pt; /* AES256, (F8), GCM - 40 bytes */ typedef struct AES128F8GCM_s { uint64_t cipherKey0; uint64_t cipherKey2; uint64_t GCMH0; uint64_t GCMH1; uint64_t GCMSCI; } AES128F8GCM_t, *AES128F8GCM_pt; /* AES256, (F8), GCM - 48 bytes */ typedef struct AES192F8GCM_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t GCMH0; uint64_t GCMH1; uint64_t GCMSCI; } AES192F8GCM_t, *AES192F8GCM_pt; /* AES256, (F8), GCM - 56 bytes */ typedef struct AES256F8GCM_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t GCMH0; uint64_t GCMH1; uint64_t GCMSCI; } AES256F8GCM_t, *AES256F8GCM_pt; /* AES256, (F8), F9 - 40 bytes */ typedef struct AES128F8F9_s { uint64_t cipherKey0; uint64_t cipherKey2; uint64_t authKey0; uint64_t authKey1; } AES128F8F9_t, *AES128F8F9_pt; /* AES256, (F8), F9 - 48 bytes */ typedef struct AES192F8F9_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t authKey0; uint64_t authKey1; } AES192F8F9_t, *AES192F8F9_pt; /* AES256F8, (F8), F9 - 56 bytes */ typedef struct AES256F8F9_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t authKey0; uint64_t authKey1; } AES256F8F9_t, *AES256F8F9_pt; /* All DES possibilities */ /* DES, (ECB, CBC), HMAC (MD5, SHA-1, SHA-128) - 72 bytes */ typedef struct DESHMAC_s { uint64_t cipherKey0; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; } DESHMAC_t, *DESHMAC_pt; /* DES, (ECB, CBC), HMAC (SHA-384, SHA-512) - 136 bytes */ typedef struct DESHMAC2_s { uint64_t cipherKey0; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; uint64_t hmacKey8; uint64_t hmacKey9; uint64_t hmacKey10; uint64_t hmacKey11; uint64_t hmacKey12; uint64_t hmacKey13; uint64_t hmacKey14; uint64_t hmacKey15; } DESHMAC2_t, *DESHMAC2_pt; /* DES, (ECB, CBC), GCM - 32 bytes */ typedef struct DESGCM_s { uint64_t cipherKey0; uint64_t GCMH0; uint64_t GCMH1; uint64_t GCMSCI; } DESGCM_t, *DESGCM_pt; /* DES, (ECB, CBC), F9 - 32 bytes */ typedef struct DESF9_s { uint64_t cipherKey0; uint64_t authKey0; uint64_t authKey1; } DESF9_t, *DESF9_pt; /* DES, (ECB, CBC), Non-HMAC (MD5, SHA-1, SHA-128) - 9 bytes */ typedef struct DES_s { uint64_t cipherKey0; } DES_t, *DES_pt; /* All 3DES possibilities */ /* 3DES, (ECB, CBC), HMAC (MD5, SHA-1, SHA-128) - 88 bytes */ typedef struct DES3HMAC_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; } DES3HMAC_t, *DES3HMAC_pt; /* 3DES, (ECB, CBC), HMAC (SHA-384, SHA-512) - 152 bytes */ typedef struct DES3HMAC2_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; uint64_t hmacKey8; uint64_t hmacKey9; uint64_t hmacKey10; uint64_t hmacKey11; uint64_t hmacKey12; uint64_t hmacKey13; uint64_t hmacKey14; uint64_t hmacKey15; } DES3HMAC2_t, *DES3HMAC2_pt; /* 3DES, (ECB, CBC), GCM - 48 bytes */ typedef struct DES3GCM_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t GCMH0; uint64_t GCMH1; uint64_t GCMSCI; } DES3GCM_t, *DES3GCM_pt; /* 3DES, (ECB, CBC), GCM - 48 bytes */ typedef struct DES3F9_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t authKey0; uint64_t authKey1; } DES3F9_t, *DES3F9_pt; /* 3DES, (ECB, CBC), Non-HMAC (MD5, SHA-1, SHA-128) - 24 bytes */ typedef struct DES3_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; } DES3_t, *DES3_pt; /* HMAC only - no cipher */ /* HMAC (MD5, SHA-1, SHA-128) - 64 bytes */ typedef struct HMAC_s { uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; } HMAC_t, *HMAC_pt; /* HMAC (SHA-384, SHA-512) - 128 bytes */ typedef struct HMAC2_s { uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; uint64_t hmacKey8; uint64_t hmacKey9; uint64_t hmacKey10; uint64_t hmacKey11; uint64_t hmacKey12; uint64_t hmacKey13; uint64_t hmacKey14; uint64_t hmacKey15; } HMAC2_t, *HMAC2_pt; /* GCM - 24 bytes */ typedef struct GCM_s { uint64_t GCMH0; uint64_t GCMH1; uint64_t GCMSCI; } GCM_t, *GCM_pt; /* F9 - 24 bytes */ typedef struct F9_s { uint64_t authKey0; uint64_t authKey1; } F9_t, *F9_pt; /* All ARC4 possibilities */ /* ARC4, HMAC (MD5, SHA-1, SHA-256) - 96 bytes */ typedef struct ARC4HMAC_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; } ARC4HMAC_t, *ARC4HMAC_pt; /* ARC4, HMAC (SHA-384, SHA-512) - 160 bytes */ typedef struct ARC4HMAC2_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; uint64_t hmacKey8; uint64_t hmacKey9; uint64_t hmacKey10; uint64_t hmacKey11; uint64_t hmacKey12; uint64_t hmacKey13; uint64_t hmacKey14; uint64_t hmacKey15; } ARC4HMAC2_t, *ARC4HMAC2_pt; /* ARC4, GCM - 56 bytes */ typedef struct ARC4GCM_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t GCMH0; uint64_t GCMH1; uint64_t GCMSCI; } ARC4GCM_t, *ARC4GCM_pt; /* ARC4, F9 - 56 bytes */ typedef struct ARC4F9_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t authKey0; uint64_t authKey1; } ARC4F9_t, *ARC4F9_pt; /* ARC4, HMAC (MD5, SHA-1, SHA-256) - 408 bytes (not including 8 bytes from instruction) */ typedef struct ARC4StateHMAC_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; uint64_t PAD0; uint64_t PAD1; uint64_t PAD2; uint64_t Arc4SboxData0; uint64_t Arc4SboxData1; uint64_t Arc4SboxData2; uint64_t Arc4SboxData3; uint64_t Arc4SboxData4; uint64_t Arc4SboxData5; uint64_t Arc4SboxData6; uint64_t Arc4SboxData7; uint64_t Arc4SboxData8; uint64_t Arc4SboxData9; uint64_t Arc4SboxData10; uint64_t Arc4SboxData11; uint64_t Arc4SboxData12; uint64_t Arc4SboxData13; uint64_t Arc4SboxData14; uint64_t Arc4SboxData15; uint64_t Arc4SboxData16; uint64_t Arc4SboxData17; uint64_t Arc4SboxData18; uint64_t Arc4SboxData19; uint64_t Arc4SboxData20; uint64_t Arc4SboxData21; uint64_t Arc4SboxData22; uint64_t Arc4SboxData23; uint64_t Arc4SboxData24; uint64_t Arc4SboxData25; uint64_t Arc4SboxData26; uint64_t Arc4SboxData27; uint64_t Arc4SboxData28; uint64_t Arc4SboxData29; uint64_t Arc4SboxData30; uint64_t Arc4SboxData31; uint64_t Arc4IJData; uint64_t PAD3; uint64_t PAD4; uint64_t PAD5; } ARC4StateHMAC_t, *ARC4StateHMAC_pt; /* ARC4, HMAC (SHA-384, SHA-512) - 480 bytes (not including 8 bytes from instruction) */ typedef struct ARC4StateHMAC2_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; uint64_t hmacKey8; uint64_t hmacKey9; uint64_t hmacKey10; uint64_t hmacKey11; uint64_t hmacKey12; uint64_t hmacKey13; uint64_t hmacKey14; uint64_t hmacKey15; uint64_t PAD0; uint64_t PAD1; uint64_t PAD2; uint64_t Arc4SboxData0; uint64_t Arc4SboxData1; uint64_t Arc4SboxData2; uint64_t Arc4SboxData3; uint64_t Arc4SboxData4; uint64_t Arc4SboxData5; uint64_t Arc4SboxData6; uint64_t Arc4SboxData7; uint64_t Arc4SboxData8; uint64_t Arc4SboxData9; uint64_t Arc4SboxData10; uint64_t Arc4SboxData11; uint64_t Arc4SboxData12; uint64_t Arc4SboxData13; uint64_t Arc4SboxData14; uint64_t Arc4SboxData15; uint64_t Arc4SboxData16; uint64_t Arc4SboxData17; uint64_t Arc4SboxData18; uint64_t Arc4SboxData19; uint64_t Arc4SboxData20; uint64_t Arc4SboxData21; uint64_t Arc4SboxData22; uint64_t Arc4SboxData23; uint64_t Arc4SboxData24; uint64_t Arc4SboxData25; uint64_t Arc4SboxData26; uint64_t Arc4SboxData27; uint64_t Arc4SboxData28; uint64_t Arc4SboxData29; uint64_t Arc4SboxData30; uint64_t Arc4SboxData31; uint64_t Arc4IJData; uint64_t PAD3; uint64_t PAD4; uint64_t PAD5; } ARC4StateHMAC2_t, *ARC4StateHMAC2_pt; /* ARC4, GCM - 408 bytes (not including 8 bytes from instruction) */ typedef struct ARC4StateGCM_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t GCMH0; uint64_t GCMH1; uint64_t GCMSCI; uint64_t PAD0; uint64_t PAD1; uint64_t PAD2; uint64_t PAD3; uint64_t PAD4; uint64_t PAD5; uint64_t PAD6; uint64_t PAD7; uint64_t Arc4SboxData0; uint64_t Arc4SboxData1; uint64_t Arc4SboxData2; uint64_t Arc4SboxData3; uint64_t Arc4SboxData4; uint64_t Arc4SboxData5; uint64_t Arc4SboxData6; uint64_t Arc4SboxData7; uint64_t Arc4SboxData8; uint64_t Arc4SboxData9; uint64_t Arc4SboxData10; uint64_t Arc4SboxData11; uint64_t Arc4SboxData12; uint64_t Arc4SboxData13; uint64_t Arc4SboxData14; uint64_t Arc4SboxData15; uint64_t Arc4SboxData16; uint64_t Arc4SboxData17; uint64_t Arc4SboxData18; uint64_t Arc4SboxData19; uint64_t Arc4SboxData20; uint64_t Arc4SboxData21; uint64_t Arc4SboxData22; uint64_t Arc4SboxData23; uint64_t Arc4SboxData24; uint64_t Arc4SboxData25; uint64_t Arc4SboxData26; uint64_t Arc4SboxData27; uint64_t Arc4SboxData28; uint64_t Arc4SboxData29; uint64_t Arc4SboxData30; uint64_t Arc4SboxData31; uint64_t Arc4IJData; uint64_t PAD8; uint64_t PAD9; uint64_t PAD10; } ARC4StateGCM_t, *ARC4StateGCM_pt; /* ARC4, F9 - 408 bytes (not including 8 bytes from instruction) */ typedef struct ARC4StateF9_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t authKey0; uint64_t authKey1; uint64_t PAD0; uint64_t PAD1; uint64_t PAD2; uint64_t PAD3; uint64_t PAD4; uint64_t PAD5; uint64_t PAD6; uint64_t PAD7; uint64_t PAD8; uint64_t Arc4SboxData0; uint64_t Arc4SboxData1; uint64_t Arc4SboxData2; uint64_t Arc4SboxData3; uint64_t Arc4SboxData4; uint64_t Arc4SboxData5; uint64_t Arc4SboxData6; uint64_t Arc4SboxData7; uint64_t Arc4SboxData8; uint64_t Arc4SboxData9; uint64_t Arc4SboxData10; uint64_t Arc4SboxData11; uint64_t Arc4SboxData12; uint64_t Arc4SboxData13; uint64_t Arc4SboxData14; uint64_t Arc4SboxData15; uint64_t Arc4SboxData16; uint64_t Arc4SboxData17; uint64_t Arc4SboxData18; uint64_t Arc4SboxData19; uint64_t Arc4SboxData20; uint64_t Arc4SboxData21; uint64_t Arc4SboxData22; uint64_t Arc4SboxData23; uint64_t Arc4SboxData24; uint64_t Arc4SboxData25; uint64_t Arc4SboxData26; uint64_t Arc4SboxData27; uint64_t Arc4SboxData28; uint64_t Arc4SboxData29; uint64_t Arc4SboxData30; uint64_t Arc4SboxData31; uint64_t Arc4IJData; uint64_t PAD9; uint64_t PAD10; uint64_t PAD11; } ARC4StateF9_t, *ARC4StateF9_pt; /* ARC4, Non-HMAC (MD5, SHA-1, SHA-256) - 32 bytes */ typedef struct ARC4_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; } ARC4_t, *ARC4_pt; /* ARC4, Non-HMAC (MD5, SHA-1, SHA-256) - 344 bytes (not including 8 bytes from instruction) */ typedef struct ARC4State_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t cipherKey2; uint64_t cipherKey3; uint64_t PAD0; uint64_t PAD1; uint64_t PAD2; uint64_t Arc4SboxData0; uint64_t Arc4SboxData1; uint64_t Arc4SboxData2; uint64_t Arc4SboxData3; uint64_t Arc4SboxData4; uint64_t Arc4SboxData5; uint64_t Arc4SboxData6; uint64_t Arc4SboxData7; uint64_t Arc4SboxData8; uint64_t Arc4SboxData9; uint64_t Arc4SboxData10; uint64_t Arc4SboxData11; uint64_t Arc4SboxData12; uint64_t Arc4SboxData13; uint64_t Arc4SboxData14; uint64_t Arc4SboxData15; uint64_t Arc4SboxData16; uint64_t Arc4SboxData17; uint64_t Arc4SboxData18; uint64_t Arc4SboxData19; uint64_t Arc4SboxData20; uint64_t Arc4SboxData21; uint64_t Arc4SboxData22; uint64_t Arc4SboxData23; uint64_t Arc4SboxData24; uint64_t Arc4SboxData25; uint64_t Arc4SboxData26; uint64_t Arc4SboxData27; uint64_t Arc4SboxData28; uint64_t Arc4SboxData29; uint64_t Arc4SboxData30; uint64_t Arc4SboxData31; uint64_t Arc4IJData; uint64_t PAD3; uint64_t PAD4; uint64_t PAD5; } ARC4State_t, *ARC4State_pt; /* Kasumi f8 - 32 bytes */ typedef struct KASUMIF8_s { uint64_t cipherKey0; uint64_t cipherKey1; } KASUMIF8_t, *KASUMIF8_pt; /* Kasumi f8 + HMAC (MD5, SHA-1, SHA-256) - 80 bytes */ typedef struct KASUMIF8HMAC_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; } KASUMIF8HMAC_t, *KASUMIF8HMAC_pt; /* Kasumi f8 + HMAC (SHA-384, SHA-512) - 144 bytes */ typedef struct KASUMIF8HMAC2_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t hmacKey0; uint64_t hmacKey1; uint64_t hmacKey2; uint64_t hmacKey3; uint64_t hmacKey4; uint64_t hmacKey5; uint64_t hmacKey6; uint64_t hmacKey7; uint64_t hmacKey8; uint64_t hmacKey9; uint64_t hmacKey10; uint64_t hmacKey11; uint64_t hmacKey12; uint64_t hmacKey13; uint64_t hmacKey14; uint64_t hmacKey15; } KASUMIF8HMAC2_t, *KASUMIF8HMAC2_pt; /* Kasumi f8 + GCM - 144 bytes */ typedef struct KASUMIF8GCM_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t GCMH0; uint64_t GCMH1; uint64_t GCMSCI; } KASUMIF8GCM_t, *KASUMIF8GCM_pt; /* Kasumi f8 + f9 - 32 bytes */ typedef struct KASUMIF8F9_s { uint64_t cipherKey0; uint64_t cipherKey1; uint64_t authKey0; uint64_t authKey1; } KASUMIF8F9_t, *KASUMIF8F9_pt; typedef union CipherHashInfo_u { AES256HMAC_t infoAES256HMAC; AES256_t infoAES256; AES192HMAC_t infoAES192HMAC; AES192_t infoAES192; AES128HMAC_t infoAES128HMAC; AES128_t infoAES128; DESHMAC_t infoDESHMAC; DES_t infoDES; DES3HMAC_t info3DESHMAC; DES3_t info3DES; HMAC_t infoHMAC; /* ARC4 */ ARC4HMAC_t infoARC4HMAC; ARC4StateHMAC_t infoARC4StateHMAC; ARC4_t infoARC4; ARC4State_t infoARC4State; /* AES mode F8 */ AES256F8HMAC_t infoAES256F8HMAC; AES256F8_t infoAES256F8; AES192F8HMAC_t infoAES192F8HMAC; AES192F8_t infoAES192F8; AES128F8HMAC_t infoAES128F8HMAC; AES128F8_t infoAES128F8; /* KASUMI F8 */ KASUMIF8HMAC_t infoKASUMIF8HMAC; KASUMIF8_t infoKASUMIF8; /* GCM */ GCM_t infoGCM; AES256F8GCM_t infoAES256F8GCM; AES192F8GCM_t infoAES192F8GCM; AES128F8GCM_t infoAES128F8GCM; AES256GCM_t infoAES256GCM; AES192GCM_t infoAES192GCM; AES128GCM_t infoAES128GCM; DESGCM_t infoDESGCM; DES3GCM_t info3DESGCM; ARC4GCM_t infoARC4GCM; ARC4StateGCM_t infoARC4StateGCM; KASUMIF8GCM_t infoKASUMIF8GCM; /* HMAC2 */ HMAC2_t infoHMAC2; AES256F8HMAC2_t infoAES256F8HMAC2; AES192F8HMAC2_t infoAES192F8HMAC2; AES128F8HMAC2_t infoAES128F8HMAC2; AES256HMAC2_t infoAES256HMAC2; AES192HMAC2_t infoAES192HMAC2; AES128HMAC2_t infoAES128HMAC2; DESHMAC2_t infoDESHMAC2; DES3HMAC2_t info3DESHMAC2; ARC4HMAC2_t infoARC4HMAC2; ARC4StateHMAC2_t infoARC4StateHMAC2; KASUMIF8HMAC2_t infoKASUMIF8HMAC2; /* F9 */ F9_t infoF9; AES256F8F9_t infoAES256F8F9; AES192F8F9_t infoAES192F8F9; AES128F8F9_t infoAES128F8F9; AES256F9_t infoAES256F9; AES192F9_t infoAES192F9; AES128F9_t infoAES128F9; DESF9_t infoDESF9; DES3F9_t info3DESF9; ARC4F9_t infoARC4F9; ARC4StateF9_t infoARC4StateF9; KASUMIF8F9_t infoKASUMIF8F9; } CipherHashInfo_t, *CipherHashInfo_pt; /* * * ControlDescriptor_s datastructure * */ typedef struct ControlDescriptor_s { uint64_t instruction; CipherHashInfo_t cipherHashInfo; } ControlDescriptor_t, *ControlDescriptor_pt; /* ********************************************************************** * PacketDescriptor_t * ********************************************************************** */ /* /--------------------------------------------\ * | | * | New PacketDescriptor_s datastructure | * | | * \--------------------------------------------/ * * * * PacketDescriptor_t.srcLengthIVOffUseIVNext * ------------------------------------------ * * 63 62 61 59 58 57 56 54 53 43 * ------------------------------------------------------------------------------------------------ * || Load HMAC key || Pad Hash || Hash Byte Count || Next || Use IV || IV Offset || Packet length || ... CONT ... * ------------------------------------------------------------------------------------------------ * 1 1 3 1 1 3 11 * * * 42 41 40 39 5 4 3 2 * 0 * ---------------------------------------------------------------------------------------------------- * || NLHMAC || Break || Wait || Segment src address || SRTCP || Reserved || Global src data offset || * ---------------------------------------------------------------------------------------------------- * 1 1 1 35 1 1 3 * * * * Load HMAC key = 1'b0 Preserve old HMAC key stored in Auth engine (moot if HASH.HMAC == 0) * 1'b1 Load HMAC key from ID registers at beginning of op * If GCM is selected as authenticator, setting this bit * will cause the H value from ID to be loaded to the engine * If Kasumi F9 is selected as authenticator, setting this bit * will cause the IK value from ID to be loaded to the engine. * Pad Hash = 1'b0 HASH will assume the data was padded to be a multiple * of 512 bits in length and that the last 64 bit word * expresses the total datalength in bits seen by HASH engine * 1'b1 The data was not padded to be a multiple of 512 bits in length; * The Hash engine will do its own padding to generate the correct digest. * Ignored by GCM (always does its own padding) * Hash Byte Count Number of BYTES on last 64-bit data word to use in digest calculation RELEVANT ONLY IF Pad Hash IS SET * 3'b000 Use all 8 * 3'b001 Use first (MS) byte only (0-out rest), i.e., 0xddXXXXXXXXXXXXXX * 3'b010 Use first 2 bytes only (0-out rest), i.e., 0xddddXXXXXXXXXXXX ... etc * Next = 1'b0 Finish (return msg descriptor) at end of operation * 1'b1 Grab the next PacketDescriptor (i.e. next cache-line) when the current is complete. * This allows for fragmentation/defragmentation and processing of large (>16kB) packets. * The sequence of adjacent PacketDescriptor acts as a contiguous linked list of * pointers to the actual packets with Next==0 on the last PacketDescriptor to end processing. * Use IV = 1'b0 On first frag: Use old IV * On subsequent frags: Do not write out to DST the (dword) offset data * 1'b1 On first frag: Use data @ Segment_address + IV_Offset as IV * On subsequent frags: Do write out to DST the (dword) offset data * IV Offset = On first frag: Offset IN NB OF 8 BYTE WORDS (dwords) from beginning of packet * (i.e. (Potentially byte-shifted) Segment address) to cipher IV * On subsequent frags: Offset to beginning of data to process; data to offset won't * be given to engines and will be written out to dst in the clear. * ON SUBSEQUENT FRAGS, IV_Offset MAY NOT EXCEED 3; LARGER VALUES WILL CAUSE AN ERROR * SEE ERROR CONDITIONS BELOW * Packet length = Nb double words to stream in (Including Segment address->CP/IV/Auth/CkSum offsets) * This is the total amount of data (x8 in bytes) read (+1 dword if "Global src data offset" != 0) * This is the total amount of data (x8 in bytes) written (+1 dword if "Global dst data offset" != 0, if Dst dword offset == 0) * If Packet length == 11'h7ff and (Global src data offset != 0 or Global dst data offset != 0) * the operation is aborted (no mem writes occur) * and the "Insufficient Data To Cipher" error flag is raised * NLHMAC = No last to hmac. Setting this to 1 will prevent the transmission of the last DWORD * to the authenticator, i.e., the DWORD before last will be designated as last for the purposes of authentication. * Break = Break a wait (see below) state - causes the operation to be flushed and free descriptor to be returned. * Activated if DFetch blocked by Wait and Wait still active. * AS OF 02/10/2005 THIS FEATURE IS EXPERIMENTAL * Wait = Setting that bit causes the operation to block in DFetch stage. * DFetch will keep polling the memory location until the bit is reset at which time * the pipe resumes normal operation. This feature is convenient for software dealing with fragmented packets. * AS OF 02/10/2005 THIS FEATURE IS EXPERIMENTAL * Segment src address = 35 MSB of pointer to src data (i.e., cache-line aligned) * SRTCP = Bypass the cipher for the last 4 bytes of data, i.e. the last 4 bytes will be sent to memory * and the authenticator in the clear. Applicable to last packet descriptor andlast frag only. * This accommodates a requirement of SRTCP. * Global src data offset = Nb BYTES to right-shift data by before presenting it to engines * (0-7); allows realignment of byte-aligned, non-double-word aligned data * * PacketDescriptor_t.dstDataSettings * ---------------------------------- * * * 63 62 60 59 58 56 55 54 53 52 41 40 * ------------------------------------------------------------------------------------------------------------ * || CipherPrefix | Arc4ByteCount | E/D | Cipher_Offset || Hash_Offset | Hash_Src || CkSum_Offset | CkSum_Src || ... CONT ... * ------------------------------------------------------------------------------------------------------------ * 1 3 1 3 2 1 12 1 * <-----------------------CIPHER-----------------------><---------HASH-----------><-------CHECKSUM-----------> * * * CipherPrefix = 128'b0 will be sent to the selected cipher * KEEP VALUE ON ALL FRAGS after the IV is loaded, before the actual data goes in. * The result of that encryption (aka E(K, 0))will be stored * locally and XOR-ed with the auth digest to create the final * digest at the end of the auth OP: * This is covered by the GCM spec * AesPrefix = 1'b1 -> Force E=Cipher(K,0) before start of data encr. * -> Digest ^= E * AesPrefix = 1'b0 -> Regular digest * This flag is ignored if no cipher is chosen (Bypass condition) * X0 Arc4ByteCount = Number of BYTES on last 64-bit data word to encrypt * 3'b000 Encrypt all 8 * 3'b001 Encrypt first (MS) byte only i.e., 0xddXXXXXXXXXXXXXX * 3'b010 Encrypt first 2 bytes only i.e., 0xddddXXXXXXXXXXXX ... etc * In reality, all are encrypted, however, the SBOX * is not written past the last byte to encrypt * E/D = 1'b0 Decrypt * 1'b1 Encrypt * Overloaded to also mean IV byte offset for first frag * Cipher_Offset = Nb of words between the first data segment * and word on which to start cipher operation * (64 BIT WORDS !!!) * Hash_Offset = Nb of words between the first data segment * and word on which to start hashing * (64 bit words) * Hash_Src = 1'b0 DMA channel * 1'b1 Cipher if word count exceeded Cipher_Offset; * DMA channel otherwise * CkSum_Offset = Nb of words between the first data segment * and word on which to start * checksum calculation (32 BIT WORDS !!!) * CkSum_Src = 1'b0 DMA channel * 1'b1 Cipher if word count exceeded Cipher_Offset * DMA channel otherwise * Cipher dst address = 35 MSB of pointer to dst location (i.e., cache-line aligned) * Dst dword offset = Nb of double-words to left-shift data from spec'ed Cipher dst address before writing it to memory * Global dst data offset = Nb BYTES to left-shift (double-word boundary aligned) data by before writing it to memory * * * PacketDescriptor_t.authDstNonceLow * ---------------------------------- * * 63 40 39 5 4 0 * ----------------------------------------------------- * || Nonce_Low || Auth_dst_address || Cipher_Offset_Hi || * ----------------------------------------------------- * 24 35 5 * * * * Nonce_Low = Nonce[23:0] 24 least significant bits of 32-bit long nonce * Used by AES in counter mode * Auth_dst_address = 35 MSB of pointer to authentication dst location (i.e., cache-line aligned) * X0 Cipher_Offset_Hi = On first frag: 5 MSB of 8-bit Cipher_offset; will be concatenated to * the top of PacketDescriptor_t.dstDataSettings.Cipher_Offset * On subsequent frags: Ignored * * * PacketDescriptor_t.ckSumDstNonceHiCFBMaskLLWMask * ------------------------------------------------ * * * 63 61 60 58 57 56 55 48 47 40 39 5 4 0 * ------------------------------------------------------------------------------------------------------------------- * || Hash_Byte_Offset || Packet length bytes || LLWMask || CFB_Mask || Nonce_Hi || CkSum_dst_address || IV_Offset_Hi || * ------------------------------------------------------------------------------------------------------------------- * 3 3 2 8 8 35 5 * * * Hash_Byte_Offset = On first frag: Additional offset in bytes to be added to Hash_Offset * to obtain the full offset applied to the data before * submitting it to authenticator * On subsequent frags: Same * Packet length bytes = On one fragment payloads: Ignored (i.e. assumed to be 0, last dword used in its entirety) * On fragments before last: Number of bytes on last fragment dword * On last fragment: Ignored (i.e. assumed to be 0, last dword used in its entirety) * LLWMask, aka, Last_long_word_mask = 2'b00 Give last 128 bit word from AES engine to auth/cksum/wrbbufer as is - applicable in AES CTR only * 2'b11 Mask (zero-out) 32 least significant bits * 2'b10 Mask 64 LSBs * 2'b01 Mask 96 LSBs * If the GCM authenticator is used, setting LLWMask to 2'b10 or 2'b01 * will also prevent the transmission of the last DWORD * to the authenticator, i.e., the DWORD before last will * be designated as last for the purposes of authentication. * CFB_Mask = 8 bit mask used by AES in CFB mode * In CTR mode: * CFB_Mask[1:0] = 2'b00 -> Counter[127:0] = {Nonce[31:0], IV0[63:0], 4'h00000001} (only 1 IV exp ected) regular CTR * 2'b01 -> Counter[127:0] = {Nonce[31:0], IV0[63:0], IV1[31:0]} (2 IV expected ) CCMP * 2'b10 -> Counter[127:0] = {IV1[63:0], IV0[31:0], Nonce[31:0]} (2 IV expected ) GCM with SCI * 2'b11 -> Counter[127:0] = {IDecode.SCI[63:0], IV0[31:0], Nonce[31:0]} (1 IV expected ) GCM w/o SCI * Nonce_Hi = Nonce[31:24] 8 most significant bits of 32-bit long nonce * Used by AES in counter mode * CkSum_dst_address = 35 MSB of pointer to cksum dst location (i.e., cache-line aligned) * X0 IV_Offset_Hi = On first frag: 5 MSB of 8-bit IV offset; will be concatenated to * the top of PacketDescriptor_t.srcLengthIVOffUseIVNext.IV_Offset * On subsequent frags: Ignored */ /* #define PKT_DSC_LOADHMACKEY */ #define PKT_DSC_LOADHMACKEY_OLD 0 #define PKT_DSC_LOADHMACKEY_LOAD 1 #define PKT_DSC_LOADHMACKEY_LSB 63 #define PKT_DSC_LOADHMACKEY_BITS ONE_BIT #define PKT_DSC_LOADHMACKEY_MASK \ (PKT_DSC_LOADHMACKEY_BITS << PKT_DSC_LOADHMACKEY_LSB) /* #define PKT_DSC_PADHASH */ #define PKT_DSC_PADHASH_PADDED 0 #define PKT_DSC_PADHASH_PAD 1 /* requires padding */ #define PKT_DSC_PADHASH_LSB 62 #define PKT_DSC_PADHASH_BITS ONE_BIT #define PKT_DSC_PADHASH_MASK (PKT_DSC_PADHASH_BITS << PKT_DSC_PADHASH_LSB) /* #define PKT_DSC_HASHBYTES */ #define PKT_DSC_HASHBYTES_ALL8 0 #define PKT_DSC_HASHBYTES_MSB 1 #define PKT_DSC_HASHBYTES_MSW 2 #define PKT_DSC_HASHBYTES_LSB 59 #define PKT_DSC_HASHBYTES_BITS THREE_BITS #define PKT_DSC_HASHBYTES_MASK \ (PKT_DSC_HASHBYTES_BITS << PKT_DSC_HASHBYTES_LSB) /* #define PKT_DSC_NEXT */ #define PKT_DSC_NEXT_FINISH 0 #define PKT_DSC_NEXT_DO 1 #define PKT_DSC_NEXT_LSB 58 #define PKT_DSC_NEXT_BITS ONE_BIT #define PKT_DSC_NEXT_MASK (PKT_DSC_NEXT_BITS << PKT_DSC_NEXT_LSB) /* #define PKT_DSC_IV */ #define PKT_DSC_IV_OLD 0 #define PKT_DSC_IV_NEW 1 #define PKT_DSC_IV_LSB 57 #define PKT_DSC_IV_BITS ONE_BIT #define PKT_DSC_IV_MASK (PKT_DSC_IV_BITS << PKT_DSC_IV_LSB) /* #define PKT_DSC_IVOFF */ #define PKT_DSC_IVOFF_LSB 54 #define PKT_DSC_IVOFF_BITS THREE_BITS #define PKT_DSC_IVOFF_MASK (PKT_DSC_IVOFF_BITS << PKT_DSC_IVOFF_LSB) /* #define PKT_DSC_PKTLEN */ #define PKT_DSC_PKTLEN_LSB 43 #define PKT_DSC_PKTLEN_BITS ELEVEN_BITS #define PKT_DSC_PKTLEN_MASK (PKT_DSC_PKTLEN_BITS << PKT_DSC_PKTLEN_LSB) /* #define PKT_DSC_NLHMAC */ #define PKT_DSC_NLHMAC_LSB 42 #define PKT_DSC_NLHMAC_BITS ONE_BIT #define PKT_DSC_NLHMAC_MASK (PKT_DSC_NLHMAC_BITS << PKT_DSC_NLHMAC_LSB) /* #define PKT_DSC_BREAK */ #define PKT_DSC_BREAK_OLD 0 #define PKT_DSC_BREAK_NEW 1 #define PKT_DSC_BREAK_LSB 41 #define PKT_DSC_BREAK_BITS ONE_BIT #define PKT_DSC_BREAK_MASK (PKT_DSC_BREAK_BITS << PKT_DSC_BREAK_LSB) /* #define PKT_DSC_WAIT */ #define PKT_DSC_WAIT_OLD 0 #define PKT_DSC_WAIT_NEW 1 #define PKT_DSC_WAIT_LSB 40 #define PKT_DSC_WAIT_BITS ONE_BIT #define PKT_DSC_WAIT_MASK (PKT_DSC_WAIT_BITS << PKT_DSC_WAIT_LSB) /* #define PKT_DSC_SEGADDR */ #define PKT_DSC_SEGADDR_LSB 5 #define PKT_DSC_SEGADDR_BITS FOURTY_BITS #define PKT_DSC_SEGADDR_MASK \ (PKT_DSC_SEGADDR_BITS << PKT_DSC_SEGADDR_LSB) /* #define PKT_DSC_SRTCP */ #define PKT_DSC_SRTCP_OFF 0 #define PKT_DSC_SRTCP_ON 1 #define PKT_DSC_SRTCP_LSB 4 #define PKT_DSC_SRTCP_BITS ONE_BIT #define PKT_DSC_SRTCP_MASK (PKT_DSC_SRTCP_BITS << PKT_DSC_SRTCP_LSB) #define PKT_DSC_SEGOFFSET_LSB 0 #define PKT_DSC_SEGOFFSET_BITS THREE_BITS #define PKT_DSC_SEGOFFSET_MASK \ (PKT_DSC_SEGOFFSET_BITS << PKT_DSC_SEGOFFSET_LSB) /* ********************************************************************** * PacketDescriptor_t.dstDataSettings * ********************************************************************** */ /* #define PKT_DSC_ARC4BYTECOUNT */ #define PKT_DSC_ARC4BYTECOUNT_ALL8 0 #define PKT_DSC_ARC4BYTECOUNT_MSB 1 #define PKT_DSC_ARC4BYTECOUNT_MSW 2 #define PKT_DSC_ARC4BYTECOUNT_LSB 60 #define PKT_DSC_ARC4BYTECOUNT_BITS THREE_BITS #define PKT_DSC_ARC4BYTECOUNT_MASK (PKT_DSC_ARC4BYTECOUNT_BITS << PKT_DSC_ARC4BYTECOUNT_LSB) /* #define PKT_DSC_SYM_OP (symmetric key operation) */ #define PKT_DSC_SYM_OP_DECRYPT 0 #define PKT_DSC_SYM_OP_ENCRYPT 1 #define PKT_DSC_SYM_OP_LSB 59 #define PKT_DSC_SYM_OP_BITS ONE_BIT #define PKT_DSC_SYM_OP_MASK (PKT_DSC_SYM_OP_BITS << PKT_DSC_SYM_OP_LSB) /* #define PKT_DSC_CPHROFF */ #define PKT_DSC_CPHROFF_LSB 56 #define PKT_DSC_CPHROFF_BITS THREE_BITS #define PKT_DSC_CPHROFF_MASK (PKT_DSC_CPHROFF_BITS << PKT_DSC_CPHROFF_LSB) /* #define PKT_DSC_HASHOFF */ #define PKT_DSC_HASHOFF_LSB 54 #define PKT_DSC_HASHOFF_BITS TWO_BITS #define PKT_DSC_HASHOFF_MASK (PKT_DSC_HASHOFF_BITS << PKT_DSC_HASHOFF_LSB) /* #define PKT_DSC_HASHSRC */ #define PKT_DSC_HASHSRC_DMA 0 #define PKT_DSC_HASHSRC_CIPHER 1 #define PKT_DSC_HASHSRC_LSB 53 #define PKT_DSC_HASHSRC_BITS ONE_BIT #define PKT_DSC_HASHSRC_MASK (PKT_DSC_HASHSRC_BITS << PKT_DSC_HASHSRC_LSB) /* #define PKT_DSC_CKSUMOFF */ #define PKT_DSC_CKSUMOFF_LSB 41 #define PKT_DSC_CKSUMOFF_BITS TWELVE_BITS #define PKT_DSC_CKSUMOFF_MASK (PKT_DSC_CKSUMOFF_BITS << PKT_DSC_CKSUMOFF_LSB) /* #define PKT_DSC_CKSUMSRC */ #define PKT_DSC_CKSUMSRC_DMA 0 #define PKT_DSC_CKSUMSRC_CIPHER 1 #define PKT_DSC_CKSUMSRC_LSB 40 #define PKT_DSC_CKSUMSRC_BITS ONE_BIT #define PKT_DSC_CKSUMSRC_MASK (PKT_DSC_CKSUMSRC_BITS << PKT_DSC_CKSUMSRC_LSB) /* #define PKT_DSC_CPHR_DST_ADDR */ #define PKT_DSC_CPHR_DST_ADDR_LSB 0 #define PKT_DSC_CPHR_DST_ADDR_BITS FOURTY_BITS #define PKT_DSC_CPHR_DST_ADDR_MASK \ (PKT_DSC_CPHR_DST_ADDR_BITS << PKT_DSC_CPHR_DST_ADDR_LSB) /* #define PKT_DSC_CPHR_DST_DWOFFSET */ #define PKT_DSC_CPHR_DST_DWOFFSET_LSB 3 #define PKT_DSC_CPHR_DST_DWOFFSET_BITS TWO_BITS #define PKT_DSC_CPHR_DST_DWOFFSET_MASK \ (PKT_DSC_CPHR_DST_DWOFFSET_BITS << PKT_DSC_CPHR_DST_DWOFFSET_LSB) /* #define PKT_DSC_CPHR_DST_OFFSET */ #define PKT_DSC_CPHR_DST_OFFSET_LSB 0 #define PKT_DSC_CPHR_DST_OFFSET_BITS THREE_BITS #define PKT_DSC_CPHR_DST_OFFSET_MASK \ (PKT_DSC_CPHR_DST_OFFSET_BITS << PKT_DSC_CPHR_DST_OFFSET_LSB) /* ********************************************************************** * PacketDescriptor_t.authDstNonceLow * ********************************************************************** */ /* #define PKT_DSC_NONCE_LOW */ #define PKT_DSC_NONCE_LOW_LSB 40 #define PKT_DSC_NONCE_LOW_BITS TWENTYFOUR_BITS #define PKT_DSC_NONCE_LOW_MASK \ (PKT_DSC_NONCE_LOW_BITS << PKT_DSC_NONCE_LOW_LSB) /* #define PKT_DSC_AUTH_DST_ADDR */ #define PKT_DSC_AUTH_DST_ADDR_LSB 0 #define PKT_DSC_AUTH_DST_ADDR_BITS FOURTY_BITS #define PKT_DSC_AUTH_DST_ADDR_MASK \ (PKT_DSC_AUTH_DST_ADDR_BITS << PKT_DSC_AUTH_DST_ADDR_LSB) /* #define PKT_DSC_CIPH_OFF_HI */ #define PKT_DSC_CIPH_OFF_HI_LSB 0 #define PKT_DSC_CIPH_OFF_HI_BITS FIVE_BITS #define PKT_DSC_CIPH_OFF_HI_MASK (PKT_DSC_CIPH_OFF_HI_BITS << PKT_DSC_CIPH_OFF_HI_LSB) /* ********************************************************************** * PacketDescriptor_t.ckSumDstNonceHiCFBMaskLLWMask * ********************************************************************** */ /* #define PKT_DSC_HASH_BYTE_OFF */ #define PKT_DSC_HASH_BYTE_OFF_LSB 61 #define PKT_DSC_HASH_BYTE_OFF_BITS THREE_BITS #define PKT_DSC_HASH_BYTE_OFF_MASK (PKT_DSC_HASH_BYTE_OFF_BITS << PKT_DSC_HASH_BYTE_OFF_LSB) /* #define PKT_DSC_PKTLEN_BYTES */ #define PKT_DSC_PKTLEN_BYTES_LSB 58 #define PKT_DSC_PKTLEN_BYTES_BITS THREE_BITS #define PKT_DSC_PKTLEN_BYTES_MASK (PKT_DSC_PKTLEN_BYTES_BITS << PKT_DSC_PKTLEN_BYTES_LSB) /* #define PKT_DSC_LASTWORD */ #define PKT_DSC_LASTWORD_128 0 #define PKT_DSC_LASTWORD_96MASK 1 #define PKT_DSC_LASTWORD_64MASK 2 #define PKT_DSC_LASTWORD_32MASK 3 #define PKT_DSC_LASTWORD_LSB 56 #define PKT_DSC_LASTWORD_BITS TWO_BITS #define PKT_DSC_LASTWORD_MASK (PKT_DSC_LASTWORD_BITS << PKT_DSC_LASTWORD_LSB) /* #define PKT_DSC_CFB_MASK */ #define PKT_DSC_CFB_MASK_LSB 48 #define PKT_DSC_CFB_MASK_BITS EIGHT_BITS #define PKT_DSC_CFB_MASK_MASK (PKT_DSC_CFB_MASK_BITS << PKT_DSC_CFB_MASK_LSB) /* #define PKT_DSC_NONCE_HI */ #define PKT_DSC_NONCE_HI_LSB 40 #define PKT_DSC_NONCE_HI_BITS EIGHT_BITS #define PKT_DSC_NONCE_HI_MASK (PKT_DSC_NONCE_HI_BITS << PKT_DSC_NONCE_HI_LSB) /* #define PKT_DSC_CKSUM_DST_ADDR */ #define PKT_DSC_CKSUM_DST_ADDR_LSB 5 #define PKT_DSC_CKSUM_DST_ADDR_BITS THIRTY_FIVE_BITS #define PKT_DSC_CKSUM_DST_ADDR_MASK (PKT_DSC_CKSUM_DST_ADDR_BITS << PKT_DSC_CKSUM_DST_ADDR_LSB) /* #define PKT_DSC_IV_OFF_HI */ #define PKT_DSC_IV_OFF_HI_LSB 0 #define PKT_DSC_IV_OFF_HI_BITS FIVE_BITS #define PKT_DSC_IV_OFF_HI_MASK (PKT_DSC_IV_OFF_HI_BITS << PKT_DSC_IV_OFF_HI_LSB) /* ****************************************************************** * Control Error Code and Conditions * ****************************************************************** */ #define CTL_ERR_NONE 0x0000 /* No Error */ #define CTL_ERR_CIPHER_OP 0x0001 /* Unknown Cipher Op */ #define CTL_ERR_MODE 0x0002 /* Unknown or Not Allowed Mode */ #define CTL_ERR_CHKSUM_SRC 0x0004 /* Unknown CkSum Src - UNUSED */ #define CTL_ERR_CFB_MASK 0x0008 /* Forbidden CFB Mask - UNUSED */ #define CTL_ERR_OP 0x0010 /* Unknown Ctrl Op - UNUSED */ #define CTL_ERR_UNDEF1 0x0020 /* UNUSED */ #define CTL_ERR_UNDEF2 0x0040 /* UNUSED */ #define CTL_ERR_DATA_READ 0x0080 /* Data Read Error */ #define CTL_ERR_DESC_CTRL 0x0100 /* Descriptor Ctrl Field Error */ #define CTL_ERR_TIMEOUT 0x1000 /* Message Response Timeout */ /* ****************************************************************** * Data Error Code and Conditions * ****************************************************************** */ #define DATA_ERR_NONE 0x0000 /* No Error */ #define DATA_ERR_LEN_CIPHER 0x0001 /* Not Enough Data To Cipher */ #define DATA_ERR_IV_ADDR 0x0002 /* Illegal IV Loacation */ #define DATA_ERR_WD_LEN_AES 0x0004 /* Illegal Nb Words To AES */ #define DATA_ERR_BYTE_COUNT 0x0008 /* Illegal Pad And ByteCount Spec */ #define DATA_ERR_LEN_CKSUM 0x0010 /* Not Enough Data To CkSum */ #define DATA_ERR_OP 0x0020 /* Unknown Data Op */ #define DATA_ERR_UNDEF1 0x0040 /* UNUSED */ #define DATA_ERR_READ 0x0080 /* Data Read Error */ #define DATA_ERR_WRITE 0x0100 /* Data Write Error */ /* * Common Descriptor * NOTE: Size of struct is size of cacheline. */ typedef struct OperationDescriptor_s { uint64_t phys_self; uint32_t stn_id; uint32_t flags; uint32_t cpu; uint32_t seq_num; uint64_t vaddr; } OperationDescriptor_t, *OperationDescriptor_pt; /* * This defines the security data descriptor format */ typedef struct PacketDescriptor_s { uint64_t srcLengthIVOffUseIVNext; uint64_t dstDataSettings; uint64_t authDstNonceLow; uint64_t ckSumDstNonceHiCFBMaskLLWMask; } PacketDescriptor_t, *PacketDescriptor_pt; typedef struct { uint8_t *user_auth; uint8_t *user_src; uint8_t *user_dest; uint8_t *user_state; uint8_t *kern_auth; uint8_t *kern_src; uint8_t *kern_dest; uint8_t *kern_state; uint8_t *aligned_auth; uint8_t *aligned_src; uint8_t *aligned_dest; uint8_t *aligned_state; } xlr_sec_drv_user_t, *xlr_sec_drv_user_pt; typedef struct symkey_desc { OperationDescriptor_t op_ctl; /* size is cacheline */ PacketDescriptor_t pkt_desc[2]; /* size is cacheline */ ControlDescriptor_t ctl_desc; /* makes this aligned */ uint64_t control; /* message word0 */ uint64_t data; /* message word1 */ uint64_t ctl_result; uint64_t data_result; struct symkey_desc *alloc; /* real allocated addr */ xlr_sec_drv_user_t user; //volatile atomic_t flag_complete; //struct semaphore sem_complete; //wait_queue_t submit_wait; uint8_t *next_src_buf; uint32_t next_src_len; uint8_t *next_dest_buf; uint32_t next_dest_len; uint8_t *next_auth_dest; uint8_t *next_cksum_dest; void *ses; } symkey_desc_t, *symkey_desc_pt; /* * ************************************************************************** * RSA Block * ************************************************************************** */ /* * RSA and ECC Block * ================= * * A 2-word message ring descriptor is used to pass all information * pertaining to the RSA or ECC operation: * * 63 61 60 54 53 52 40 39 5 4 3 2 0 * ----------------------------------------------------------------------------------------------------- * | Ctrl | Op Class | Valid Op | Op Ctrl0 | Source Addr | Software Scratch0 | Global src data offset | * ----------------------------------------------------------------------------------------------------- * 3 7 1 13 35 2 3 * * * 63 61 60 54 53 52 51 50 40 39 5 4 3 2 0 * -------------------------------------------------------------------------------------------------------------------------------- * | Ctrl | Destination Id | WRB_COH | WRB_L2ALLOC | DF_L2ALLOC | Op Ctrl1 | Dest Addr | Software Scratch1 | Global dst data offset | * -------------------------------------------------------------------------------------------------------------------------------- * 3 7 1 1 1 11 35 2 3 * * * Op Class = 7'h0_0 Modular exponentiation * 7'h0_1 ECC (including prime modular ops and binary GF ops) * REMAINDER UNDEF * * Valid Op = 1'b1 Will cause operation to start; descriptors sent back at end of operation * 1'b0 No operation performed; descriptors sent back right away * * RSA ECC * === === * Op Ctrl0 = BlockWidth[1] {TYPE[6:0], FUNCTION[5:0]} * LoadConstant[1] * ExponentWidth[10:0] * RSA Only * ======== * Block Width = 1'b1 1024 bit op * = 1'b0 512 bit op * Load Constant = 1'b1 Load constant from data structure * 1'b0 Preserve old constant (this assumes * Source Addr points to RSAData_pt->Exponent * or that the length of Constant is 0) * Exponent Width = 11-bit expression of exponent width EXPRESSED IN NUMBER OF BITS * * ECC Only * ======== * * TYPE = 7'h0_0 ECC prime 160 * 7'h0_1 ECC prime 192 * 7'h0_2 ECC prime 224 * 7'h0_3 ECC prime 256 * 7'h0_4 ECC prime 384 * 7'h0_5 ECC prime 512 * * 7'h0_6 through 7'h1_f UNDEF * * 7'h2_0 ECC bin 163 * 7'h2_1 ECC bin 191 * 7'h2_2 ECC bin 233 * * 7'h2_3 through 7'h6_f UNDEF * * 7'h7_0 ECC UC load * * 7'b7_1 through 7'b7_f UNDEF * * Prime field Binary field * =========== ============ * FUNCTION = 6'h0_0 Point multiplication R = k.P Point multiplication R = k.P * 6'h0_1 Point addition R = P + Q Binary GF inversion C(x) = 1 / A(x) mod F(x) * 6'h0_2 Point double R = 2 x P Binary GF multiplication C(x) = B(x) * A(x) mod F(x) * 6'h0_3 Point verification R ? Binary GF addition C(x) = B(x) + A(x) mod F(x) * 6'h0_4 Modular addition c = x + y mod m UNDEF * 6'h0_5 Modular substraction c = x - y mod m UNDEF * 6'h0_6 Modular multiplication c = x * y mod m UNDEF * 6'h0_7 Modular division c = x / y mod m UNDEF * 6'h0_8 Modular inversion c = 1 / y mod m UNDEF * 6'h0_9 Modular reduction c = x mod m UNDEF * * 6'h0_a * through UNDEF UNDEF * 6'h3_f * * Source Addr = 35 MSB of pointer to source address (i.e., cache-line aligned) * * Software Scratch0 = Two bit field ignored by engine and returned as is in free descriptor * * Global src data offset = Nb BYTES to right-shift data by before presenting it to engines * (0-7); allows realignment of byte-aligned, non-double-word aligned data * * RSA ECC * === === * OpCtrl1 = ModulusWidth[10:0] Not used * RSA Only * ======== * Modulus Width = 11-bit expression of modulus width EXPRESSED IN NUMBER OF BITS * * Dest Addr = 35 MSB of pointer to destination address (i.e., cache-line aligned) * * Software Scratch1 = Two bit field ignored by engine and returned as is in free descriptor * * Global dst data offset = Nb BYTES to left-shift (double-word boundary aligned) data by before writing it to memory * * */ /* * ECC data formats */ /********************************************************** * * * ECC prime data formats * * * ********************************************************** * * * The size of all quantities below is that of the precision * of the chosen op (160, 192, ...) ROUNDED UP to a multiple * of 8 bytes, i.e., 3 dwords (160, 192), 4 dwords (224, 256) * 6 dwords (384) and 8 dwords (512) and padded with zeroes * when necessary. * * The only exception to this is the key quantity (k) which * needs to be rounded up to 32 bytes in all cases and padded * with zeroes; therefore the key needs to be 4 dwords (160, 192, * 224, 256) or 8 dwords (384, 512) * * The total lengths in dwords that are read and in * bytes that are written, for each operation and * length group, are specified at the bottom of each * datastructure. * * In all that follows, m is the modulus and cst is the constant, * cst = 2 ^ (2*length + 4) mod m . a and b are the curve * parameters. * * 0) UC load * * DATA IN DATA OUT * ======= ======== * src+glb_off-> Dword_0 N/A * . * . * . * Dword_331 * 332 dw * * 1) Point multiplication R(x_r, y_r) = k . P(x_p, y_p) * * DATA IN DATA OUT * ======= ======== * src+glb_off-> x_p dst+glb_off-> x_r * x_p y_r * y_p 2x(3/4/6/8)= * y_p 6/8/12/16 dw * a * k * m * cst * 7x(3/4/6/8)+(4/4/8/8)= * 25/32/50/64 dw * * 2) Point addition R(x_r, y_r) = P(x_p, y_p) + Q(x_q, y_q) * * DATA IN DATA OUT * ======= ======== * src+glb_off-> x_p dst+glb_off-> x_r * y_p y_r * x_q 2x(3/4/6/8)= * y_q 6/8/12/16 dw * a * m * cst * 7x(3/4/6/8)= * 21/28/42/56 dw * * 3) Point double R(x_r, y_r) = 2 . P(x_p, y_p) * * DATA IN DATA OUT * ======= ======== * src+glb_off-> x_p dst+glb_off-> x_r * y_p y_r * a 2x(3/4/6/8)= * m 6/8/12/16 dw * cst * 5x(3/4/6/8)= * 15/20/30/40 dw * * 4) Point verification Is_On_Curve = P(x_p, y_p) on curve ? 1 : 0 * * DATA IN DATA OUT * ======= ======== * src+glb_off-> x_p dst+glb_off-> Is_On_Curve * y_p 1 dw * a * b * m * cst * 6x(3/4/6/8)= * 18/24/36/48 dw * * 5) Modular addition c = x + y mod m * * DATA IN DATA OUT * ======= ======== * src+glb_off-> x dst+glb_off-> c * y 3/4/6/8 dw * m * 3x(3/4/6/8)= * 9/12/18/24 dw * * 6) Modular substraction c = x - y mod m * * DATA IN DATA OUT * ======= ======== * src+glb_off-> x dst+glb_off-> c * y 3/4/6/8 dw * m * 3x(3/4/6/8)= * 9/12/18/24 dw * * 7) Modular multiplication c = x * y mod m * * DATA IN DATA OUT * ======= ======== * src+glb_off-> x dst+glb_off-> c * y 3/4/6/8 dw * m * cst * 4x(3/4/6/8)= * 12/16/24/32 dw * * 8) Modular division c = x / y mod m * * DATA IN DATA OUT * ======= ======== * src+glb_off-> y dst+glb_off-> c * x 3/4/6/8 dw * m * 3x(3/4/6/8)= * 9/12/18/24 dw * * 9) Modular inversion c = 1 / y mod m * * DATA IN DATA OUT * ======= ======== * src+glb_off-> y dst+glb_off-> c * m 3/4/6/8 dw * 2x(3/4/6/8)= * 6/8/12/16 dw * * 10) Modular reduction c = x mod m * * DATA IN DATA OUT * ======= ======== * src+glb_off-> x dst+glb_off-> c * m 3/4/6/8 dw * 2x(3/4/6/8)= * 6/8/12/16 dw * */ /********************************************************** * * * ECC binary data formats * * * ********************************************************** * * * The size of all quantities below is that of the precision * of the chosen op (163, 191, 233) ROUNDED UP to a multiple * of 8 bytes, i.e. 3 dwords for (163, 191) and 4 dwords for * (233), padded with zeroes as necessary. * * The total lengths in dwords that are read and written, * for each operation and length group, are specified * at the bottom of each datastructure. * In all that follows, b is the curve parameter. * * 1) Point multiplication R(x_r, y_r) = k . P(x_p, y_p) * * DATA IN DATA OUT * ======= ======== * src+glb_off-> b dst+glb_off-> x_r * k y_r * x_p 2x(3/4) * y_p 6/8 dw * 4x(3/4)= * 12/16 dw * * 2) Binary GF inversion C(x) = 1 / A(x) mod F(x) * * DATA IN DATA OUT * ======= ======== * src+glb_off-> A dst+glb_off-> C * 1x(3/4)= 1x(3/4) * 3/4 dw 3/4 dw * * 3) Binary GF multiplication C(x) = B(x) * A(x) mod F(x) * * DATA IN DATA OUT * ======= ======== * src+glb_off-> A dst+glb_off-> C * B 1x(3/4) * 2x(3/4)= 3/4 dw * 6/8 dw * * 4) Binary GF addition C(x) = B(x) + A(x) mod F(x) * * DATA IN DATA OUT * ======= ======== * src+glb_off-> A dst+glb_off-> C * B 1x(3/4) * 2x(3/4)= 3/4 dw * 6/8dw * */ /* * RSA data format */ /* * IMPORTANT NOTE: * * As specified in the datastructures below, * the engine assumes all data (including * exponent and modulus) to be adjacent on * dword boundaries, e.g., * * Operation length = 512 bits * Exponent length = 16 bits * Modulus length = 512 bits * * The engine expects to read: * * 63 0 * ----------------------- * | | Constant0 * ----------------------- * | | Constant1 * ----------------------- * | | Constant2 * ----------------------- * | | Constant3 * ----------------------- * | | Constant4 * ----------------------- * | | Constant5 * ----------------------- * | | Constant6 * ----------------------- * | | Constant7 * ----------------------- * | IGNORED |B1|B0| Exponent0 (Exponent length = 16 bits = 2 bytes, so only 2 least significant bytes of exponent used) * ----------------------- * | | Modulus0 * ----------------------- * | | Modulus1 * ----------------------- * | | Modulus2 * ----------------------- * | | Modulus3 * ----------------------- * | | Modulus4 * ----------------------- * | | Modulus5 * ----------------------- * | | Modulus6 * ----------------------- * | | Modulus7 * ----------------------- * | | Message0 * ----------------------- * | | Message1 * ----------------------- * | | Message2 * ----------------------- * | | Message3 * ----------------------- * | | Message4 * ----------------------- * | | Message5 * ----------------------- * | | Message6 * ----------------------- * | | Message7 * ----------------------- * */ /* #define PUBKEY_CTL_CTL */ #define PUBKEY_CTL_CTL_LSB 61 #define PUBKEY_CTL_CTL_BITS THREE_BITS #define PUBKEY_CTL_CTL_MASK (PUBKEY_CTL_CTL_BITS << PUBKEY_CTL_CTL_LSB) /* #define PUBKEY_CTL_OP_CLASS */ #define PUBKEY_CTL_OP_CLASS_RSA 0 #define PUBKEY_CTL_OP_CLASS_ECC 1 #define PUBKEY_CTL_OP_CLASS_LSB 54 #define PUBKEY_CTL_OP_CLASS_BITS SEVEN_BITS #define PUBKEY_CTL_OP_CLASS_MASK (PUBKEY_CTL_OP_CLASS_BITS << PUBKEY_CTL_OP_CLASS_LSB) /* #define PUBKEY_CTL_VALID */ #define PUBKEY_CTL_VALID_FALSE 0 #define PUBKEY_CTL_VALID_TRUE 1 #define PUBKEY_CTL_VALID_LSB 53 #define PUBKEY_CTL_VALID_BITS ONE_BIT #define PUBKEY_CTL_VALID_MASK \ (PUBKEY_CTL_VALID_BITS << PUBKEY_CTL_VALID_LSB) /* #define PUBKEY_CTL_ECC_TYPE */ #define PUBKEY_CTL_ECC_TYPE_PRIME_160 0 #define PUBKEY_CTL_ECC_TYPE_PRIME_192 1 #define PUBKEY_CTL_ECC_TYPE_PRIME_224 2 #define PUBKEY_CTL_ECC_TYPE_PRIME_256 3 #define PUBKEY_CTL_ECC_TYPE_PRIME_384 4 #define PUBKEY_CTL_ECC_TYPE_PRIME_512 5 #define PUBKEY_CTL_ECC_TYPE_BIN_163 0x20 #define PUBKEY_CTL_ECC_TYPE_BIN_191 0x21 #define PUBKEY_CTL_ECC_TYPE_BIN_233 0x22 #define PUBKEY_CTL_ECC_TYPE_UC_LOAD 0x70 #define PUBKEY_CTL_ECC_TYPE_LSB 46 #define PUBKEY_CTL_ECC_TYPE_BITS SEVEN_BITS #define PUBKEY_CTL_ECC_TYPE_MASK (PUBKEY_CTL_ECC_TYPE_BITS << PUBKEY_CTL_ECC_TYPE_LSB) /* #define PUBKEY_CTL_ECC_FUNCTION */ #define PUBKEY_CTL_ECC_FUNCTION_NOP 0 #define PUBKEY_CTL_ECC_FUNCTION_POINT_MUL 0 #define PUBKEY_CTL_ECC_FUNCTION_POINT_ADD 1 #define PUBKEY_CTL_ECC_FUNCTION_POINT_DBL 2 #define PUBKEY_CTL_ECC_FUNCTION_POINT_VFY 3 #define PUBKEY_CTL_ECC_FUNCTION_MODULAR_ADD 4 #define PUBKEY_CTL_ECC_FUNCTION_MODULAR_SUB 5 #define PUBKEY_CTL_ECC_FUNCTION_MODULAR_MUL 6 #define PUBKEY_CTL_ECC_FUNCTION_MODULAR_DIV 7 #define PUBKEY_CTL_ECC_FUNCTION_MODULAR_INV 8 #define PUBKEY_CTL_ECC_FUNCTION_MODULAR_RED 9 #define PUBKEY_CTL_ECC_FUNCTION_LSB 40 #define PUBKEY_CTL_ECC_FUNCTION_BITS SIX_BITS #define PUBKEY_CTL_ECC_FUNCTION_MASK (PUBKEY_CTL_ECC_FUNCTION_BITS << PUBKEY_CTL_ECC_FUNCTION_LSB) /* #define PUBKEY_CTL_BLKWIDTH */ #define PUBKEY_CTL_BLKWIDTH_512 0 #define PUBKEY_CTL_BLKWIDTH_1024 1 #define PUBKEY_CTL_BLKWIDTH_LSB 52 #define PUBKEY_CTL_BLKWIDTH_BITS ONE_BIT #define PUBKEY_CTL_BLKWIDTH_MASK \ (PUBKEY_CTL_BLKWIDTH_BITS << PUBKEY_CTL_BLKWIDTH_LSB) /* #define PUBKEY_CTL_LD_CONST */ #define PUBKEY_CTL_LD_CONST_OLD 0 #define PUBKEY_CTL_LD_CONST_NEW 1 #define PUBKEY_CTL_LD_CONST_LSB 51 #define PUBKEY_CTL_LD_CONST_BITS ONE_BIT #define PUBKEY_CTL_LD_CONST_MASK \ (PUBKEY_CTL_LD_CONST_BITS << PUBKEY_CTL_LD_CONST_LSB) /* #define PUBKEY_CTL_EXPWIDTH */ #define PUBKEY_CTL_EXPWIDTH_LSB 40 #define PUBKEY_CTL_EXPWIDTH_BITS ELEVEN_BITS #define PUBKEY_CTL_EXPWIDTH_MASK \ (PUBKEY_CTL_EXPWIDTH_BITS << PUBKEY_CTL_EXPWIDTH_LSB) /* #define PUBKEY_CTL_SRCADDR */ #define PUBKEY_CTL_SRCADDR_LSB 0 #define PUBKEY_CTL_SRCADDR_BITS FOURTY_BITS #define PUBKEY_CTL_SRCADDR_MASK \ (PUBKEY_CTL_SRCADDR_BITS << PUBKEY_CTL_SRCADDR_LSB) /* #define PUBKEY_CTL_SRC_OFFSET */ #define PUBKEY_CTL_SRC_OFFSET_LSB 0 #define PUBKEY_CTL_SRC_OFFSET_BITS THREE_BITS #define PUBKEY_CTL_SRC_OFFSET_MASK \ (PUBKEY_CTL_SRC_OFFSET_BITS << PUBKEY_CTL_SRC_OFFSET_LSB) /* #define PUBKEY_CTL1_CTL */ #define PUBKEY_CTL1_CTL_LSB 61 #define PUBKEY_CTL1_CTL_BITS THREE_BITS #define PUBKEY_CTL1_CTL_MASK (PUBKEY_CTL_CTL_BITS << PUBKEY_CTL_CTL_LSB) /* #define PUBKEY_CTL1_MODWIDTH */ #define PUBKEY_CTL1_MODWIDTH_LSB 40 #define PUBKEY_CTL1_MODWIDTH_BITS ELEVEN_BITS #define PUBKEY_CTL1_MODWIDTH_MASK \ (PUBKEY_CTL1_MODWIDTH_BITS << PUBKEY_CTL1_MODWIDTH_LSB) /* #define PUBKEY_CTL1_DSTADDR */ #define PUBKEY_CTL1_DSTADDR_LSB 0 #define PUBKEY_CTL1_DSTADDR_BITS FOURTY_BITS #define PUBKEY_CTL1_DSTADDR_MASK \ (PUBKEY_CTL1_DSTADDR_BITS << PUBKEY_CTL1_DSTADDR_LSB) /* #define PUBKEY_CTL1_DST_OFFSET */ #define PUBKEY_CTL1_DST_OFFSET_LSB 0 #define PUBKEY_CTL1_DST_OFFSET_BITS THREE_BITS #define PUBKEY_CTL1_DST_OFFSET_MASK \ (PUBKEY_CTL1_DST_OFFSET_BITS << PUBKEY_CTL1_DST_OFFSET_LSB) /* * Upon completion of operation, the RSA block returns a 2-word free descriptor * in the following format: * * 63 61 60 54 53 52 51 49 48 40 39 5 4 3 2 0 * ------------------------------------------------------------------------------------------------------------------------- * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | Control Error | Source Address | Software Scratch0 | Global src data offset | * ------------------------------------------------------------------------------------------------------------------------- * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | Data Error | Dest Address | Software Scratch1 | Global dst data offset | * ------------------------------------------------------------------------------------------------------------------------- * * The Control and Data Error codes are enumerated below * * Error conditions * ================ * * Control Error Code Control Error Condition * ------------------ ----------------------- * 9'h000 No Error * 9'h001 Undefined Op Class * 9'h002 Undefined ECC TYPE (ECC only) * 9'h004 Undefined ECC FUNCTION (ECC only) * 9'h008 ECC timeout (ECC only) * 9'h010 UNUSED * 9'h020 UNUSED * 9'h040 UNUSED * 9'h080 Data Read Error * 9'h100 Descriptor Ctrl Field Error (D0.Ctrl != SOP || D1.Ctrl != EOP) * * Data Error Code Data Error Condition * --------------- -------------------- * 9'h000 No Error * 9'h001 Exponent Width > Block Width (RSA Only) * 9'h002 Modulus Width > Block Width (RSA Only) * 9'h004 UNUSED * 9'h008 UNUSED * 9'h010 UNUSED * 9'h020 UNUSED * 9'h040 UNUSED * 9'h080 Data Read Error * 9'h100 UNUSED */ /* * Result Data Word for Message Ring Descriptor */ /* #define PUBKEY_RSLT_CTL_CTL */ #define PUBKEY_RSLT_CTL_CTL_LSB 61 #define PUBKEY_RSLT_CTL_CTL_BITS THREE_BITS #define PUBKEY_RSLT_CTL_CTL_MASK \ (PUBKEY_RSLT_CTL_CTL_BITS << PUBKEY_RSLT_CTL_CTL_LSB) /* #define PUBKEY_RSLT_CTL_DST_ID */ #define PUBKEY_RSLT_CTL_DST_ID_LSB 54 #define PUBKEY_RSLT_CTL_DST_ID_BITS SEVEN_BITS #define PUBKEY_RSLT_CTL_DST_ID_MASK \ (PUBKEY_RSLT_CTL_DST_ID_BITS << PUBKEY_RSLT_CTL_DST_ID_LSB) /* #define PUBKEY_RSLT_CTL_DESC_CTL */ #define PUBKEY_RSLT_CTL_DESC_CTL_LSB 49 #define PUBKEY_RSLT_CTL_DESC_CTL_BITS THREE_BITS #define PUBKEY_RSLT_CTL_DESC_CTL_MASK \ (PUBKEY_RSLT_CTL_DESC_CTL_BITS << PUBKEY_RSLT_CTL_DESC_CTL_LSB) /* #define PUBKEY_RSLT_CTL_ERROR */ #define PUBKEY_RSLT_CTL_ERROR_LSB 40 #define PUBKEY_RSLT_CTL_ERROR_BITS NINE_BITS #define PUBKEY_RSLT_CTL_ERROR_MASK \ (PUBKEY_RSLT_CTL_ERROR_BITS << PUBKEY_RSLT_CTL_ERROR_LSB) /* #define PUBKEY_RSLT_CTL_SRCADDR */ #define PUBKEY_RSLT_CTL_SRCADDR_LSB 0 #define PUBKEY_RSLT_CTL_SRCADDR_BITS FOURTY_BITS #define PUBKEY_RSLT_CTL_SRCADDR_MASK \ (PUBKEY_RSLT_CTL_SRCADDR_BITS << PUBKEY_RSLT_CTL_SRCADDR_LSB) /* #define PUBKEY_RSLT_DATA_CTL */ #define PUBKEY_RSLT_DATA_CTL_LSB 61 #define PUBKEY_RSLT_DATA_CTL_BITS THREE_BITS #define PUBKEY_RSLT_DATA_CTL_MASK \ (PUBKEY_RSLT_DATA_CTL_BITS << PUBKEY_RSLT_DATA_CTL_LSB) /* #define PUBKEY_RSLT_DATA_DST_ID */ #define PUBKEY_RSLT_DATA_DST_ID_LSB 54 #define PUBKEY_RSLT_DATA_DST_ID_BITS SEVEN_BITS #define PUBKEY_RSLT_DATA_DST_ID_MASK \ (PUBKEY_RSLT_DATA_DST_ID_BITS << PUBKEY_RSLT_DATA_DST_ID_LSB) /* #define PUBKEY_RSLT_DATA_DESC_CTL */ #define PUBKEY_RSLT_DATA_DESC_CTL_LSB 49 #define PUBKEY_RSLT_DATA_DESC_CTL_BITS THREE_BITS #define PUBKEY_RSLT_DATA_DESC_CTL_MASK \ (PUBKEY_RSLT_DATA_DESC_CTL_BITS << PUBKEY_RSLT_DATA_DESC_CTL_LSB) /* #define PUBKEY_RSLT_DATA_ERROR */ #define PUBKEY_RSLT_DATA_ERROR_LSB 40 #define PUBKEY_RSLT_DATA_ERROR_BITS NINE_BITS #define PUBKEY_RSLT_DATA_ERROR_MASK \ (PUBKEY_RSLT_DATA_ERROR_BITS << PUBKEY_RSLT_DATA_ERROR_LSB) /* #define PUBKEY_RSLT_DATA_DSTADDR */ #define PUBKEY_RSLT_DATA_DSTADDR_LSB 40 #define PUBKEY_RSLT_DATA_DSTADDR_BITS FOURTY_BITS #define PUBKEY_RSLT_DATA_DSTADDR_MASK \ (PUBKEY_RSLT_DATA_DSTADDR_BITS << PUBKEY_RSLT_DATA_DSTADDR_LSB) /* * ****************************************************************** * RSA Block - Data Error Code and Conditions * ****************************************************************** */ #define PK_CTL_ERR_NONE 0x0000 /* No Error */ #define PK_CTL_ERR_OP_CLASS 0x0001 /* Undefined Op Class */ #define PK_CTL_ERR_ECC_TYPE 0x0002 /* Undefined ECC TYPE (ECC only) */ #define PK_CTL_ERR_ECC_FUNCT 0x0004 /* Undefined ECC FUNCTION (ECC only) */ #define PK_CTL_ERR_ECC_TIMEOUT 0x0008 /* ECC timeout (ECC only) */ #define PK_CTL_ERR_READ 0x0080 /* Data Read Error */ #define PK_CTL_ERR_DESC 0x0100 /* Descriptor Ctrl Field Error * (D0.Ctrl != SOP || D1.Ctrl != EOP) */ #define PK_CTL_ERR_TIMEOUT 0x1000 /* Message Responce Timeout */ #define PK_DATA_ERR_NONE 0x0000 /* No Error */ #define PK_DATA_ERR_EXP_WIDTH 0x0001 /* Exponent Width > Block Width */ #define PK_DATA_ERR_MOD_WIDTH 0x0002 /* Modulus Width > Block Width */ #define PK_DATA_ERR_READ 0x0080 /* Data Read Error */ /* * This defines the RSA data format */ /* * typedef struct RSAData_s { * uint64_t Constant; * uint64_t Exponent; * uint64_t Modulus; * uint64_t Message; *} RSAData_t, *RSAData_pt; * * typedef RSAData_t DHData_t; * typedef RSAData_pt DHData_pt; */ typedef struct UserPubData_s { uint8_t *source; uint8_t *user_result; uint32_t result_length; } UserPubData_t, *UserPubData_pt; typedef struct pubkey_desc { OperationDescriptor_t op_ctl; /* size is cacheline */ uint8_t source[1024]; uint8_t dest[256]; /* 1024 makes cacheline-aligned */ uint64_t control0; uint64_t control1; uint64_t ctl_result; uint64_t data_result; struct pubkey_desc *alloc; UserPubData_t kern; /* ptrs for temp buffers */ //volatile atomic_t flag_complete; //struct semaphore sem_complete; //wait_queue_t submit_wait; } pubkey_desc_t, *pubkey_desc_pt; /* * KASUMI F8 and F9 use the IV0/IV1 fields : * * 63 41 40 39 37 36 32 31 0 * ---------------------------------------------------------------------------- * | |FX/DIRECTION| | F8/BEARER | F8/COUNT | IV0 * ---------------------------------------------------------------------------- * 1 5 32 * * 63 32 31 0 * ---------------------------------------------------------------------------- * | F9/FRESH | F9/COUNT | IV1 * ---------------------------------------------------------------------------- * 32 32 */ #endif /* _XLR_SEC_DESC_H_ */