1198157Srrs/*- 2198157Srrs * Copyright (c) 2003-2009 RMI Corporation 3198157Srrs * All rights reserved. 4198157Srrs * 5198157Srrs * Redistribution and use in source and binary forms, with or without 6198157Srrs * modification, are permitted provided that the following conditions 7198157Srrs * are met: 8198157Srrs * 1. Redistributions of source code must retain the above copyright 9198157Srrs * notice, this list of conditions and the following disclaimer. 10198157Srrs * 2. Redistributions in binary form must reproduce the above copyright 11198157Srrs * notice, this list of conditions and the following disclaimer in the 12198157Srrs * documentation and/or other materials provided with the distribution. 13198157Srrs * 3. Neither the name of RMI Corporation, nor the names of its contributors, 14198157Srrs * may be used to endorse or promote products derived from this software 15198157Srrs * without specific prior written permission. 16198157Srrs * 17198157Srrs * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18198157Srrs * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19198157Srrs * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20198157Srrs * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21198157Srrs * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22198157Srrs * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23198157Srrs * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24198157Srrs * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25198157Srrs * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26198157Srrs * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27198157Srrs * SUCH DAMAGE. 28198157Srrs * 29212763Sjchandra * $FreeBSD$ 30198157Srrs * RMI_BSD */ 31198157Srrs#ifndef _DESC_H_ 32198157Srrs#define _DESC_H_ 33198157Srrs 34198157Srrs 35198157Srrs#define ONE_BIT 0x0000000000000001ULL 36198157Srrs#define TWO_BITS 0x0000000000000003ULL 37198157Srrs#define THREE_BITS 0x0000000000000007ULL 38198157Srrs#define FOUR_BITS 0x000000000000000fULL 39198157Srrs#define FIVE_BITS 0x000000000000001fULL 40198157Srrs#define SIX_BITS 0x000000000000003fULL 41198157Srrs#define SEVEN_BITS 0x000000000000007fULL 42198157Srrs#define EIGHT_BITS 0x00000000000000ffULL 43198157Srrs#define NINE_BITS 0x00000000000001ffULL 44198157Srrs#define ELEVEN_BITS 0x00000000000007ffULL 45198157Srrs#define TWELVE_BITS 0x0000000000000fffULL 46198157Srrs#define FOURTEEN_BITS 0x0000000000003fffULL 47198157Srrs#define TWENTYFOUR_BITS 0x0000000000ffffffULL 48198157Srrs#define THIRTY_TWO_BITS 0x00000000ffffffffULL 49198157Srrs#define THIRTY_FIVE_BITS 0x00000007ffffffffULL 50198157Srrs#define FOURTY_BITS 0x000000ffffffffffULL 51198157Srrs 52198157Srrs#define MSG_IN_CTL_LEN_BASE 40 53198157Srrs#define MSG_IN_CTL_ADDR_BASE 0 54198157Srrs 55198157Srrs#define GET_FIELD(word,field) \ 56198157Srrs ((word) & (field ## _MASK)) >> (field ## _LSB) 57198157Srrs 58198157Srrs#define FIELD_VALUE(field,value) (((value) & (field ## _BITS)) << (field ## _LSB)) 59198157Srrs 60198157Srrs/* 61198157Srrs * NOTE: this macro expects 'word' to be uninitialized (i.e. zeroed) 62198157Srrs */ 63198157Srrs#define SET_FIELD(word,field,value) \ 64198157Srrs { (word) |= (((value) & (field ## _BITS)) << (field ## _LSB)); } 65198157Srrs 66198157Srrs/* 67198157Srrs * This macro clears 'word', then sets the value 68198157Srrs */ 69198157Srrs#define CLEAR_SET_FIELD(word,field,value) \ 70198157Srrs { (word) &= ~((field ## _BITS) << (field ## _LSB)); \ 71198157Srrs (word) |= (((value) & (field ## _BITS)) << (field ## _LSB)); } 72198157Srrs 73198157Srrs/* 74198627Srrs * NOTE: May be used to build value specific mask 75198157Srrs * (e.g. GEN_MASK(CTL_DSC_CPHR_3DES,CTL_DSC_CPHR_LSB) 76198157Srrs */ 77198157Srrs#define GEN_MASK(bits,lsb) ((bits) << (lsb)) 78198157Srrs 79198157Srrs 80198157Srrs 81198157Srrs 82198157Srrs/* 83198157Srrs * Security block data and control exchange 84198157Srrs * 85198157Srrs * A 2-word message ring descriptor is used to pass a pointer to the control descriptor data structure 86198157Srrs * and a pointer to the packet descriptor data structure: 87198157Srrs * 88198157Srrs * 63 61 60 54 53 52 49 48 45 44 40 89198157Srrs * 39 5 4 0 90198157Srrs * --------------------------------------------------------------------------------------------------------------------------------------------------------- 91198157Srrs * | Ctrl | Resp Dest Id Entry0 | IF_L2ALLOC | UNUSED | Control Length | UNUSED 92198157Srrs * | 35 MSB of address of control descriptor data structure | Software Scratch0 93198157Srrs * | 94198157Srrs * --------------------------------------------------------------------------------------------------------------------------------------------------------- 95198157Srrs * 3 7 1 4 4 5 96198157Srrs * 35 5 97198157Srrs * 98198157Srrs * 63 61 60 54 53 52 51 50 46 45 44 40 39 5 4 0 99198157Srrs * --------------------------------------------------------------------------------------------------------------------------------------------------------- 100198157Srrs * | Ctrl | UNUSED | WRB_COH | WRB_L2ALLOC | DF_PTR_L2ALLOC | UNUSED | Data Length | UNUSED | 35 MSB of address of packet descriptor data structure | UNUSED | 101198157Srrs * --------------------------------------------------------------------------------------------------------------------------------------------------------- 102198157Srrs * 3 7 1 1 1 5 1 5 35 5 103198157Srrs * 104198157Srrs * Addresses assumed to be cache-line aligned, i.e., Address[4:0] ignored (using 5'h00 instead) 105198157Srrs * 106198157Srrs * Control length is the number of control cachelines to be read so user needs 107198157Srrs * to round up 108198157Srrs * the control length to closest integer multiple of 32 bytes. Note that at 109198157Srrs * present (08/12/04) 110198157Srrs * the longest (sensical) ctrl structure is <= 416 bytes, i.e., 13 cachelines. 111198157Srrs * 112198157Srrs * The packet descriptor data structure size is fixed at 1 cacheline (32 bytes). 113198157Srrs * This effectively makes "Data Length" a Load/NoLoad bit. NoLoad causes an abort. 114198157Srrs * 115198157Srrs * 116198157Srrs * Upon completion of operation, the security block returns a 2-word free descriptor 117198157Srrs * in the following format: 118198157Srrs * 119198157Srrs * 63 61 60 54 53 52 51 49 48 47 40 39 0 120198157Srrs * ---------------------------------------------------------------------------------------------------------------------------- 121198157Srrs * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | 1'b0 | Instruction Error | Address of control descriptor data structure | 122198157Srrs * ---------------------------------------------------------------------------------------------------------------------------- 123198157Srrs * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | 1'b0 | Data Error | Address of packet descriptor data structure | 124198157Srrs * ---------------------------------------------------------------------------------------------------------------------------- 125198157Srrs * 126198627Srrs * The Instruction and Data Error codes are enumerated in the 127198157Srrs * ControlDescriptor and PacketDescriptor sections below 128198157Srrs * 129198157Srrs */ 130198157Srrs 131198157Srrs 132198157Srrs/* 133198157Srrs * Operating assumptions 134198157Srrs * ===================== 135198157Srrs * 136198627Srrs * 137198157Srrs * -> For all IpSec ops, I assume that all the IP/IPSec/TCP headers 138198157Srrs * and the data are present at the specified source addresses. 139198157Srrs * I also assume that all necessary header data already exists 140198157Srrs * at the destination. Additionally, in AH I assume that all 141198627Srrs * mutable fields (IP.{TOS, Flags, Offset, TTL, Header_Checksum}) 142198157Srrs * and the AH.Authentication_Data have been zeroed by the client. 143198157Srrs * 144198157Srrs * 145198157Srrs * -> In principle, the HW can calculate TCP checksums on both 146198157Srrs * incoming and outgoing data; however, since the TCP header 147198157Srrs * contains the TCP checksum of the plain payload and the header 148198157Srrs * is encrypted, two passes would be necessary to do checksum + encryption 149198157Srrs * for outgoing messages; 150198157Srrs * therefore the checksum engine will likely only be used during decryption 151198157Srrs * (incoming). 152198157Srrs * 153198157Srrs * 154198157Srrs * -> For all operations involving TCP checksum, I assume the client has filled 155198157Srrs * the TCP checksum field with the appropriate value: 156198157Srrs * 157198157Srrs * - 0 for generation phase 158198157Srrs * - actual value for verification phase (expecting 0 result) 159198157Srrs * 160198157Srrs * 161198157Srrs * -> For ESP tunnel, the original IP header exists between the end of the 162198157Srrs * ESP header and the beginning of the TCP header; it is assumed that the 163198157Srrs * maximum length of this header is 16 k(32bit)words (used in CkSum_Offset). 164198157Srrs * 165198157Srrs * 166198157Srrs * -> The authentication data is merely written to the destination address; 167198157Srrs * the client is left with the task of comparing to the data in packet 168198157Srrs * in decrypt. 169198157Srrs * 170198157Srrs * -> PacketDescriptor_t.dstLLWMask relevant to AES CTR mode only but it will 171198157Srrs * affect all AES-related operations. It will not affect DES/3DES/bypass ops. 172198157Srrs * The mask is applied to data as it emerges from the AES engine for the sole 173198157Srrs * purpose of providing the authenticator and cksum engines with correct data. 174198157Srrs * CAVEAT: the HW does not mask the incoming data. It is the user's responsibility 175198157Srrs * to set to 0 the corresponding data in memory. If the surplus data is not masked 176198157Srrs * in memory, cksum/auth results will be incorrect if those engines receive data 177198157Srrs * straight from memory (i.e., not from cipher, as it happens while decoding) 178198157Srrs */ 179198157Srrs 180198157Srrs/* 181198157Srrs * Fragmentation and offset related notes 182198157Srrs * ====================================== 183198157Srrs * 184198157Srrs * 185198157Srrs * A) Rebuilding packets from fragments on dword boundaries. The discussion 186198157Srrs * below is exemplified by tests memcpy_all_off_frags and memcpy_same_off_frags 187198627Srrs * 188198157Srrs * 1) The Offset before data/iv on first fragment is ALWAYS written back 189198627Srrs * Non-zero dst dword or global offsets may cause more data to be 190198157Srrs * written than the user-specified length. 191198157Srrs * 192198157Srrs * 193198157Srrs * Example: 194198157Srrs * -------- 195198157Srrs * 196198157Srrs * Below is a source (first fragment) packet (@ ADD0 cache-aligned address). 197198157Srrs * Assume we just copy it and relevant data starts on 198198157Srrs * dword 3 so Cipher_Offset = IV_Offset = 3 (dwords). 199198157Srrs * D0X denotes relevant data and G denotes dont care data. 200198157Srrs * Offset data is also copied so Packet_Legth = 9 (dwords) * 8 = 72 (bytes) 201198157Srrs * Segment_src_address = ADD0 202198157Srrs * 203198157Srrs * If we want to, e.g., copy so that the relevant (i.e., D0X) data 204198157Srrs * starts at (cache-aligned address) ADD1, we need to specify 205198157Srrs * Dst_dword_offset = 1 so D00 is moved from dword position 3 to 0 on next cache-line 206198157Srrs * Cipher_dst_address = ADD1 - 0x20 so D00 is written to ADD1 207198157Srrs * 208198157Srrs * Note that the security engine always writes full cachelines 209198157Srrs * therefore, data written to dword0 0 of ADD1 (denoted w/ ?) is what the sec pipe 210198157Srrs * write back buffer contained from previous op. 211198157Srrs * 212198157Srrs * 213198157Srrs * SOURCE: DESTINATION: 214198157Srrs * ------- ------------ 215198157Srrs * 216198157Srrs * Segment_src_address = ADD0 Cipher_dst_address = ADD1 - 0x20 217198157Srrs * Packet_Legth = 72 Dst_dword_offset = 1 218198157Srrs * Cipher_Offset = 3 219198157Srrs * IV_Offset = 3 220198157Srrs * Use_IV = ANY 221198157Srrs * 222198157Srrs * 223198627Srrs * 224198157Srrs * 3 2 1 0 3 2 1 0 225198157Srrs * ----------------------- ----------------------- 226198157Srrs * | D00 | G | G | G | <- ADD0 | G | G | G | ? | <- ADD1 - 0x20 227198157Srrs * ----------------------- ----------------------- 228198157Srrs * | D04 | D03 | D02 | D01 | | D03 | D02 | D01 | D00 | <- ADD1 229198157Srrs * ----------------------- ----------------------- 230198157Srrs * | | | | D05 | | | | D05 | D04 | 231198157Srrs * ----------------------- ----------------------- 232198627Srrs * 233198157Srrs * 2) On fragments following the first, IV_Offset is overloaded to mean data offset 234198157Srrs * (number of dwords to skip from beginning of cacheline before starting processing) 235198157Srrs * and Use_IV is overloaded to mean do writeback the offset (in the clear). 236198157Srrs * These fields in combination with Dst_dword_offset allow packet fragments with 237198157Srrs * arbitrary boundaries/lengthd to be reasembled. 238198157Srrs * 239198157Srrs * 240198157Srrs * Example: 241198157Srrs * -------- 242198157Srrs * 243198157Srrs * Assume data above was first fragment of a packet we'd like to merge to 244198157Srrs * (second) fragment below located at ADD2. The written data should follow 245198157Srrs * the previous data without gaps or overwrites. To achieve this, one should 246198157Srrs * assert the "Next" field on the previous fragment and use self-explanatory 247198157Srrs * set of parameters below 248198157Srrs * 249198157Srrs * 250198157Srrs * SOURCE: DESTINATION: 251198157Srrs * ------- ------------ 252198157Srrs * 253198157Srrs * Segment_src_address = ADD2 Cipher_dst_address = ADD1 + 0x20 254198157Srrs * Packet_Legth = 104 Dst_dword_offset = 1 255198157Srrs * IV_Offset = 1 256198157Srrs * Use_IV = 0 257198157Srrs * 258198157Srrs * 259198627Srrs * 260198157Srrs * 3 2 1 0 3 2 1 0 261198157Srrs * ----------------------- ----------------------- 262198157Srrs * | D12 | D11 | D10 | G | <- ADD2 | G | G | G | ? | <- ADD1 - 0x20 263198157Srrs * ----------------------- ----------------------- 264198157Srrs * | D16 | D15 | D14 | D13 | | D03 | D02 | D01 | D00 | <- ADD1 265198157Srrs * ----------------------- ----------------------- 266198157Srrs * | D1a | D19 | D18 | D17 | | D11 | D10 | D05 | D04 | <- ADD1 + 0x20 267198157Srrs * ----------------------- ----------------------- 268198157Srrs * | | | | D1b | | D15 | D14 | D13 | D12 | 269198157Srrs * ----------------------- ----------------------- 270198157Srrs * | D19 | D18 | D17 | D16 | 271198157Srrs * ----------------------- 272198157Srrs * | | | D1b | D1a | 273198157Srrs * ----------------------- 274198157Srrs * 275198157Srrs * It is note-worthy that the merging can only be achieved if Use_IV is 0. Indeed, the security 276198157Srrs * engine always writes full lines, therefore ADD1 + 0x20 will be re-written. Setting Use_IV to 0 277198157Srrs * will allow the sec pipe write back buffer to preserve D04, D05 from previous frag and only 278198157Srrs * receive D10, D11 thereby preserving the integrity of the previous data. 279198627Srrs * 280198157Srrs * 3) On fragments following the first, !UseIV in combination w/ Dst_dword_offset >= (4 - IV_Offset) 281198157Srrs * will cause a wraparound of the write thus achieving all 16 possible (Initial_Location, Final_Location) 282198157Srrs * combinations for the data. 283198157Srrs * 284198157Srrs * 285198157Srrs * Example: 286198157Srrs * -------- 287198157Srrs * 288198627Srrs * Contiguously merging 2 data sets above with a third located at ADD3. If this is the last fragment, 289198157Srrs * reset its Next bit. 290198157Srrs * 291198157Srrs * 292198157Srrs * SOURCE: DESTINATION: 293198157Srrs * ------- ------------ 294198157Srrs * 295198157Srrs * Segment_src_address = ADD3 Cipher_dst_address = ADD1 + 0x80 296198157Srrs * Packet_Legth = 152 Dst_dword_offset = 3 297198157Srrs * IV_Offset = 3 298198157Srrs * Use_IV = 0 299198157Srrs * 300198157Srrs * 301198627Srrs * 302198157Srrs * 3 2 1 0 3 2 1 0 303198157Srrs * ----------------------- ----------------------- 304198157Srrs * | D20 | G | G | G | <- ADD2 | G | G | G | ? | <- ADD1 - 0x20 305198157Srrs * ----------------------- ----------------------- 306198157Srrs * | D24 | D23 | D22 | D21 | | D03 | D02 | D01 | D00 | <- ADD1 307198157Srrs * ----------------------- ----------------------- 308198157Srrs * | D28 | D27 | D26 | D25 | | D11 | D10 | D05 | D04 | <- ADD1 + 0x20 309198157Srrs * ----------------------- ----------------------- 310198157Srrs * | D2c | D2b | D2a | D29 | | D15 | D14 | D13 | D12 | 311198157Srrs * ----------------------- ----------------------- 312198157Srrs * | | D2f | D2e | D2d | | D19 | D18 | D17 | D16 | 313198157Srrs * ----------------------- ----------------------- 314198157Srrs * | D21 | D20 | D1b | D1a | <- ADD1 + 0x80 315198157Srrs * ----------------------- 316198627Srrs * | D25 | D24 | D23 | D22 | 317198157Srrs * ----------------------- 318198627Srrs * | D29 | D28 | D27 | D26 | 319198157Srrs * ----------------------- 320198627Srrs * | D2d | D2c | D2b | D2a | 321198157Srrs * ----------------------- 322198627Srrs * |(D2d)|(D2c)| D2f | D2e | 323198157Srrs * ----------------------- 324198157Srrs * 325198157Srrs * It is worth noticing that always writing full-lines causes the last 2 dwords in the reconstituted 326198157Srrs * packet to be unnecessarily written: (D2d) and (D2c) 327198157Srrs * 328198157Srrs * 329198157Srrs * 330198157Srrs * B) Implications of fragmentation on AES 331198627Srrs * 332198157Srrs * 1) AES is a 128 bit block cipher; therefore it requires an even dword total data length 333198157Srrs * Data fragments (provided there are more than 1) are allowed to have odd dword 334198157Srrs * data lengths provided the total length (cumulated over fragments) is an even dword 335198157Srrs * count; an error will be generated otherwise, upon receiving the last fragment descriptor 336198157Srrs * (see error conditions below). 337198157Srrs * 338198157Srrs * 2) While using fragments with AES, a fragment (other than first) starting with a != 0 (IV) offset 339198157Srrs * while the subsequent total dword count given to AES is odd may not be required to write 340198157Srrs * its offset (UseIV). Doing so will cause an error (see error conditions below). 341198157Srrs * 342198157Srrs * 343198157Srrs * Example: 344198157Srrs * -------- 345198157Srrs * 346198157Srrs * Suppose the first fragment has an odd DATA dword count and USES AES (as seen below) 347198157Srrs * 348198157Srrs * SOURCE: DESTINATION: 349198157Srrs * ------- ------------ 350198157Srrs * 351198157Srrs * Segment_src_address = ADD0 Cipher_dst_address = ADD1 352198157Srrs * Packet_Legth = 64 Dst_dword_offset = 1 353198157Srrs * Cipher_Offset = 3 354198157Srrs * IV_Offset = 1 355198157Srrs * Use_IV = 1 356198157Srrs * Cipher = Any AES 357198157Srrs * Next = 1 358198157Srrs * 359198157Srrs * 360198627Srrs * 361198627Srrs * 362198157Srrs * 3 2 1 0 3 2 1 0 363198157Srrs * ----------------------- ----------------------- 364198157Srrs * | D00 | IV1 | IV0 | G | <- ADD0 | E00 | IV1 | IV0 | G | <- ADD1 365198157Srrs * ----------------------- ----------------------- 366198157Srrs * | D04 | D03 | D02 | D01 | | X | E03 | E02 | E01 | 367198157Srrs * ----------------------- ----------------------- 368198157Srrs * 369198157Srrs * At the end of processing of the previous fragment, the AES engine input buffer has D04 370198157Srrs * and waits for next dword, therefore the writeback buffer cannot finish writing the fragment 371198157Srrs * to destination (X instead of E04). 372198157Srrs * 373198157Srrs * If a second fragment now arrives with a non-0 offset and requires the offset data to be 374198157Srrs * written to destination, the previous write (still needing the arrival of the last dword 375198157Srrs * required by the AES to complete the previous operation) cannot complete before the present 376198157Srrs * should start causing a deadlock. 377198157Srrs */ 378198157Srrs 379198157Srrs/* 380198157Srrs * Command Control Word for Message Ring Descriptor 381198157Srrs */ 382198157Srrs 383198157Srrs/* #define MSG_CMD_CTL_CTL */ 384198157Srrs#define MSG_CMD_CTL_CTL_LSB 61 385198157Srrs#define MSG_CMD_CTL_CTL_BITS THREE_BITS 386198157Srrs#define MSG_CMD_CTL_CTL_MASK (MSG_CMD_CTL_CTL_BITS << MSG_CMD_CTL_CTL_LSB) 387198157Srrs 388198157Srrs/* #define MSG_CMD_CTL_ID */ 389198157Srrs#define MSG_CMD_CTL_ID_LSB 54 390198157Srrs#define MSG_CMD_CTL_ID_BITS SEVEN_BITS 391198157Srrs#define MSG_CMD_CTL_ID_MASK (MSG_CMD_CTL_ID_BITS << MSG_CMD_CTL_ID_LSB) 392198157Srrs 393198157Srrs/* #define MSG_CMD_CTL_LEN */ 394198157Srrs#define MSG_CMD_CTL_LEN_LSB 45 395198157Srrs#define MSG_CMD_CTL_LEN_BITS FOUR_BITS 396198157Srrs#define MSG_CMD_CTL_LEN_MASK (MSG_CMD_CTL_LEN_BITS << MSG_CMD_CTL_LEN_LSB) 397198157Srrs 398198157Srrs 399198157Srrs/* #define MSG_CMD_CTL_ADDR */ 400198627Srrs#define MSG_CMD_CTL_ADDR_LSB 0 401198157Srrs#define MSG_CMD_CTL_ADDR_BITS FOURTY_BITS 402198157Srrs#define MSG_CMD_CTL_ADDR_MASK (MSG_CMD_CTL_ADDR_BITS << MSG_CMD_CTL_ADDR_LSB) 403198157Srrs 404198157Srrs#define MSG_CMD_CTL_MASK (MSG_CMD_CTL_CTL_MASK | \ 405198157Srrs MSG_CMD_CTL_LEN_MASK | MSG_CMD_CTL_ADDR_MASK) 406198157Srrs 407198157Srrs/* 408198157Srrs * Command Data Word for Message Ring Descriptor 409198157Srrs */ 410198157Srrs 411198157Srrs/* #define MSG_IN_DATA_CTL */ 412198157Srrs#define MSG_CMD_DATA_CTL_LSB 61 413198157Srrs#define MSG_CMD_DATA_CTL_BITS THREE_BITS 414198157Srrs#define MSG_CMD_DATA_CTL_MASK (MSG_CMD_DATA_CTL_BITS << MSG_CMD_DATA_CTL_LSB) 415198157Srrs 416198157Srrs/* #define MSG_CMD_DATA_LEN */ 417198157Srrs#define MSG_CMD_DATA_LEN_LOAD 1 418198157Srrs#define MSG_CMD_DATA_LEN_LSB 45 419198157Srrs#define MSG_CMD_DATA_LEN_BITS ONE_BIT 420198157Srrs#define MSG_CMD_DATA_LEN_MASK (MSG_CMD_DATA_LEN_BITS << MSG_CMD_DATA_LEN_LSB) 421198157Srrs 422198157Srrs/* #define MSG_CMD_DATA_ADDR */ 423198627Srrs#define MSG_CMD_DATA_ADDR_LSB 0 424198627Srrs#define MSG_CMD_DATA_ADDR_BITS FOURTY_BITS 425198157Srrs#define MSG_CMD_DATA_ADDR_MASK (MSG_CMD_DATA_ADDR_BITS << MSG_CMD_DATA_ADDR_LSB) 426198157Srrs 427198157Srrs#define MSG_CMD_DATA_MASK (MSG_CMD_DATA_CTL_MASK | \ 428198157Srrs MSG_CMD_DATA_LEN_MASK | MSG_CMD_DATA_ADDR_MASK) 429198157Srrs 430198157Srrs 431198157Srrs/* 432198157Srrs * Upon completion of operation, the Sec block returns a 2-word free descriptor 433198157Srrs * in the following format: 434198157Srrs * 435198157Srrs * 63 61 60 54 53 52 51 49 48 40 39 0 436198157Srrs * ---------------------------------------------------------------------------- 437198157Srrs * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | Control Error | Source Address | 438198157Srrs * ---------------------------------------------------------------------------- 439198157Srrs * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | Data Error | Dest Address | 440198157Srrs * ---------------------------------------------------------------------------- 441198157Srrs * 442198157Srrs * The Control and Data Error codes are enumerated below 443198157Srrs * 444198157Srrs * Error conditions 445198157Srrs * ================ 446198157Srrs * 447198157Srrs * Control Error Code Control Error Condition 448198157Srrs * ------------------ --------------------------- 449198157Srrs * 9'h000 No Error 450198157Srrs * 9'h001 Unknown Cipher Op ( Cipher == 3'h{6,7}) 451198157Srrs * 9'h002 Unknown or Illegal Mode ((Mode == 3'h{2,3,4} & !AES) | (Mode == 3'h{5,6,7})) 452198157Srrs * 9'h004 Unsupported CkSum Src (CkSum_Src == 2'h{2,3} & CKSUM) 453198157Srrs * 9'h008 Forbidden CFB Mask (AES & CFBMode & UseNewKeysCFBMask & CFBMask[7] & (| CFBMask[6:0])) 454198157Srrs * 9'h010 Unknown Ctrl Op ((| Ctrl[63:37]) | (| Ctrl[15:14])) 455198157Srrs * 9'h020 UNUSED 456198157Srrs * 9'h040 UNUSED 457198157Srrs * 9'h080 Data Read Error 458198157Srrs * 9'h100 Descriptor Ctrl Field Error (D0.Ctrl != SOP || D1.Ctrl != EOP) 459198157Srrs * 460198157Srrs * Data Error Code Data Error Condition 461198157Srrs * --------------- -------------------- 462198157Srrs * 9'h000 No Error 463198157Srrs * 9'h001 Insufficient Data To Cipher (Packet_Length <= (Cipher_Offset or IV_Offset)) 464198157Srrs * 9'h002 Illegal IV Location ((Cipher_Offset < IV_Offset) | (Cipher_Offset <= IV_Offset & AES & ~CTR)) 465198157Srrs * 9'h004 Illegal Wordcount To AES (Packet_Length[3] != Cipher_Offset[0] & AES) 466198157Srrs * 9'h008 Illegal Pad And ByteCount Spec (Hash_Byte_Count != 0 & !Pad_Hash) 467198157Srrs * 9'h010 Insufficient Data To CkSum ({Packet_Length, 1'b0} <= CkSum_Offset) 468198157Srrs * 9'h020 Unknown Data Op ((| dstLLWMask[63:60]) | (| dstLLWMask[57:40]) | (| authDst[63:40]) | (| ckSumDst[63:40])) 469198157Srrs * 9'h040 Insufficient Data To Auth ({Packet_Length} <= Auth_Offset) 470198157Srrs * 9'h080 Data Read Error 471198157Srrs * 9'h100 UNUSED 472198157Srrs */ 473198157Srrs 474198157Srrs/* 475198157Srrs * Result Control Word for Message Ring Descriptor 476198157Srrs */ 477198157Srrs 478198157Srrs/* #define MSG_RSLT_CTL_CTL */ 479198157Srrs#define MSG_RSLT_CTL_CTL_LSB 61 480198157Srrs#define MSG_RSLT_CTL_CTL_BITS THREE_BITS 481198157Srrs#define MSG_RSLT_CTL_CTL_MASK \ 482198157Srrs (MSG_RSLT_CTL_CTL_BITS << MSG_RSLT_CTL_CTL_LSB) 483198157Srrs 484198157Srrs/* #define MSG_RSLT_CTL_DST_ID */ 485198157Srrs#define MSG_RSLT_CTL_DST_ID_LSB 54 486198157Srrs#define MSG_RSLT_CTL_DST_ID_BITS SEVEN_BITS 487198157Srrs#define MSG_RSLT_CTL_DST_ID_MASK \ 488198157Srrs (MSG_RSLT_CTL_DST_ID_BITS << MSG_RSLT_CTL_DST_ID_LSB) 489198157Srrs 490198157Srrs/* #define MSG_RSLT_CTL_DSC_CTL */ 491198157Srrs#define MSG_RSLT_CTL_DSC_CTL_LSB 49 492198157Srrs#define MSG_RSLT_CTL_DSC_CTL_BITS THREE_BITS 493198157Srrs#define MSG_RSLT_CTL_DSC_CTL_MASK \ 494198157Srrs (MSG_RSLT_CTL_DSC_CTL_BITS << MSG_RSLT_CTL_DSC_CTL_LSB) 495198157Srrs 496198157Srrs/* #define MSG_RSLT_CTL_INST_ERR */ 497198157Srrs#define MSG_RSLT_CTL_INST_ERR_LSB 40 498198157Srrs#define MSG_RSLT_CTL_INST_ERR_BITS NINE_BITS 499198157Srrs#define MSG_RSLT_CTL_INST_ERR_MASK \ 500198157Srrs (MSG_RSLT_CTL_INST_ERR_BITS << MSG_RSLT_CTL_INST_ERR_LSB) 501198157Srrs 502198157Srrs/* #define MSG_RSLT_CTL_DSC_ADDR */ 503198157Srrs#define MSG_RSLT_CTL_DSC_ADDR_LSB 0 504198157Srrs#define MSG_RSLT_CTL_DSC_ADDR_BITS FOURTY_BITS 505198157Srrs#define MSG_RSLT_CTL_DSC_ADDR_MASK \ 506198157Srrs (MSG_RSLT_CTL_DSC_ADDR_BITS << MSG_RSLT_CTL_DSC_ADDR_LSB) 507198157Srrs 508198157Srrs/* #define MSG_RSLT_CTL_MASK */ 509198157Srrs#define MSG_RSLT_CTL_MASK \ 510198157Srrs (MSG_RSLT_CTL_CTRL_MASK | MSG_RSLT_CTL_DST_ID_MASK | \ 511198157Srrs MSG_RSLT_CTL_DSC_CTL_MASK | MSG_RSLT_CTL_INST_ERR_MASK | \ 512198157Srrs MSG_RSLT_CTL_DSC_ADDR_MASK) 513198157Srrs 514198157Srrs/* 515198157Srrs * Result Data Word for Message Ring Descriptor 516198157Srrs */ 517198157Srrs/* #define MSG_RSLT_DATA_CTL */ 518198157Srrs#define MSG_RSLT_DATA_CTL_LSB 61 519198157Srrs#define MSG_RSLT_DATA_CTL_BITS THREE_BITS 520198157Srrs#define MSG_RSLT_DATA_CTL_MASK \ 521198157Srrs (MSG_RSLT_DATA_CTL_BITS << MSG_RSLT_DATA_CTL_LSB) 522198157Srrs 523198157Srrs/* #define MSG_RSLT_DATA_DST_ID */ 524198157Srrs#define MSG_RSLT_DATA_DST_ID_LSB 54 525198157Srrs#define MSG_RSLT_DATA_DST_ID_BITS SEVEN_BITS 526198157Srrs#define MSG_RSLT_DATA_DST_ID_MASK \ 527198157Srrs (MSG_RSLT_DATA_DST_ID_BITS << MSG_RSLT_DATA_DST_ID_LSB) 528198157Srrs 529198157Srrs/* #define MSG_RSLT_DATA_DSC_CTL */ 530198157Srrs#define MSG_RSLT_DATA_DSC_CTL_LSB 49 531198157Srrs#define MSG_RSLT_DATA_DSC_CTL_BITS THREE_BITS 532198157Srrs#define MSG_RSLT_DATA_DSC_CTL_MASK \ 533198157Srrs (MSG_RSLT_DATA_DSC_CTL_BITS << MSG_RSLT_DATA_DSC_CTL_LSB) 534198157Srrs 535198157Srrs/* #define MSG_RSLT_DATA_INST_ERR */ 536198157Srrs#define MSG_RSLT_DATA_INST_ERR_LSB 40 537198157Srrs#define MSG_RSLT_DATA_INST_ERR_BITS NINE_BITS 538198157Srrs#define MSG_RSLT_DATA_INST_ERR_MASK \ 539198157Srrs (MSG_RSLT_DATA_INST_ERR_BITS << MSG_RSLT_DATA_INST_ERR_LSB) 540198157Srrs 541198157Srrs/* #define MSG_RSLT_DATA_DSC_ADDR */ 542198157Srrs#define MSG_RSLT_DATA_DSC_ADDR_LSB 0 543198157Srrs#define MSG_RSLT_DATA_DSC_ADDR_BITS FOURTY_BITS 544198157Srrs#define MSG_RSLT_DATA_DSC_ADDR_MASK \ 545198157Srrs (MSG_RSLT_DATA_DSC_ADDR_BITS << MSG_RSLT_DATA_DSC_ADDR_LSB) 546198157Srrs 547198157Srrs#define MSG_RSLT_DATA_MASK \ 548198157Srrs (MSG_RSLT_DATA_CTRL_MASK | MSG_RSLT_DATA_DST_ID_MASK | \ 549198157Srrs MSG_RSLT_DATA_DSC_CTL_MASK | MSG_RSLT_DATA_INST_ERR_MASK | \ 550198157Srrs MSG_RSLT_DATA_DSC_ADDR_MASK) 551198157Srrs 552198157Srrs 553198157Srrs/* 554198157Srrs * Common Message Definitions 555198157Srrs * 556198157Srrs */ 557198157Srrs 558198157Srrs/* #define MSG_CTL_OP_ADDR */ 559198157Srrs#define MSG_CTL_OP_ADDR_LSB 0 560198157Srrs#define MSG_CTL_OP_ADDR_BITS FOURTY_BITS 561198157Srrs#define MSG_CTL_OP_ADDR_MASK (MSG_CTL_OP_ADDR_BITS << MSG_CTL_OP_ADDR_LSB) 562198157Srrs 563198157Srrs#define MSG_CTL_OP_TYPE 564198157Srrs#define MSG_CTL_OP_TYPE_LSB 3 565198157Srrs#define MSG_CTL_OP_TYPE_BITS TWO_BITS 566198157Srrs#define MSG_CTL_OP_TYPE_MASK \ 567198157Srrs (MSG_CTL_OP_TYPE_BITS << MSG_CTL_OP_TYPE_LSB) 568198157Srrs 569198157Srrs#define MSG0_CTL_OP_ENGINE_SYMKEY 0x01 570198157Srrs#define MSG0_CTL_OP_ENGINE_PUBKEY 0x02 571198157Srrs 572198157Srrs#define MSG1_CTL_OP_SYMKEY_PIPE0 0x00 573198157Srrs#define MSG1_CTL_OP_SYMKEY_PIPE1 0x01 574198157Srrs#define MSG1_CTL_OP_SYMKEY_PIPE2 0x02 575198157Srrs#define MSG1_CTL_OP_SYMKEY_PIPE3 0x03 576198157Srrs 577198157Srrs#define MSG1_CTL_OP_PUBKEY_PIPE0 0x00 578198157Srrs#define MSG1_CTL_OP_PUBKEY_PIPE1 0x01 579198157Srrs#define MSG1_CTL_OP_PUBKEY_PIPE2 0x02 580198157Srrs#define MSG1_CTL_OP_PUBKEY_PIPE3 0x03 581198157Srrs 582198157Srrs 583198157Srrs/* /----------------------------------------\ 584198157Srrs * | | 585198157Srrs * | ControlDescriptor_s datastructure | 586198157Srrs * | | 587198157Srrs * \----------------------------------------/ 588198157Srrs * 589198157Srrs * 590198157Srrs * ControlDescriptor_t.Instruction 591198157Srrs * ------------------------------- 592198157Srrs * 593198157Srrs * 63 44 43 42 41 40 39 35 34 32 31 29 28 594198157Srrs * -------------------------------------------------------------------------------------------------------------------- 595198157Srrs * || UNUSED || OverrideCipher | Arc4Wait4Save | SaveArc4State | LoadArc4State | Arc4KeyLen | Cipher | Mode | InCp_Key || ... CONT ... 596198157Srrs * -------------------------------------------------------------------------------------------------------------------- 597198157Srrs * 20 1 1 1 1 5 3 3 1 598198157Srrs * <-----------------------------------------------CIPHER---------------------------------------------------> 599198157Srrs * 600198157Srrs * 27 25 24 23 22 21 20 19 17 16 15 0 601198157Srrs * ----------------------------------------------------------------------------- 602198157Srrs * || UNUSED | Hash_Hi | HMAC | Hash_Lo | InHs_Key || UNUSED || CkSum || UNUSED || 603198157Srrs * ----------------------------------------------------------------------------- 604198157Srrs * 3 1 1 2 1 3 1 16 605198157Srrs * <---------------------HASH---------------------><-----------CKSUM-----------> 606198157Srrs * 607198157Srrs * X0 CIPHER.Arc4Wait4Save = If op is Arc4 and it requires state saving, then 608198157Srrs * setting this bit will cause the current op to 609198157Srrs * delay subsequent op loading until saved state data 610198157Srrs * becomes visible. 611198157Srrs * CIPHER.OverrideCipher = Override encryption if PacketDescriptor_t.dstDataSettings.CipherPrefix 612198157Srrs * is set; data will be copied out (and optionally auth/cksum) 613198157Srrs * in the clear. This is used in GCM mode if auth only as we 614198157Srrs * still need E(K, 0) calculated by cipher. Engine behavior is 615198157Srrs * undefined if this bit is set and CipherPrefix is not. 616198157Srrs * X0 SaveArc4State = Save Arc4 state at the end of Arc4 operation 617198157Srrs * X0 LoadArc4State = Load Arc4 state at the beginning of an Arc4 operation 618198157Srrs * This overriden by the InCp_Key setting for Arc4 619198157Srrs * Arc4KeyLen = Length in bytes of Arc4 key (0 is interpreted as 32) 620198157Srrs * Ignored for other ciphers 621198157Srrs * For ARC4, IFetch/IDecode will always read exactly 4 622198157Srrs * consecutive dwords into its CipherKey{0,3} regardless 623198157Srrs * of this quantity; it will however only use the specified 624198627Srrs * number of bytes. 625198157Srrs * Cipher = 3'b000 Bypass 626198157Srrs * 3'b001 DES 627198157Srrs * 3'b010 3DES 628198157Srrs * 3'b011 AES 128-bit key 629198157Srrs * 3'b100 AES 192-bit key 630198157Srrs * 3'b101 AES 256-bit key 631198157Srrs * 3'b110 ARC4 632198157Srrs * 3'b111 Kasumi f8 633198157Srrs * Remainder UNDEFINED 634198157Srrs * Mode = 3'b000 ECB 635198157Srrs * 3'b001 CBC 636198157Srrs * 3'b010 CFB (AES only, otherwise undefined) 637198157Srrs * 3'b011 OFB (AES only, otherwise undefined) 638198157Srrs * 3'b100 CTR (AES only, otherwise undefined) 639198157Srrs * 3'b101 F8 (AES only, otherwise undefined) 640198157Srrs * Remainder UNDEFINED 641198157Srrs * InCp_Key = 1'b0 Preserve old Cipher Keys 642198157Srrs * 1'b1 Load new Cipher Keys from memory to local registers 643198157Srrs * and recalculate the Arc4 Sbox if Arc4 Cipher chosen; 644198157Srrs * This overrides LoadArc4State setting. 645198157Srrs * HASH.HMAC = 1'b0 Hash without HMAC 646198627Srrs * 1'b1 Hash with HMAC 647198157Srrs * Needs to be set to 0 for GCM and Kasumi F9 authenticators 648198157Srrs * otherwise unpredictable results will be generated 649198157Srrs * Hash = 2'b00 Hash NOP 650198157Srrs * 2'b01 MD5 651198157Srrs * 2'b10 SHA-1 652198157Srrs * 2'b11 SHA-256 653198157Srrs * 3'b100 SHA-384 654198157Srrs * 3'b101 SHA-512 655198157Srrs * 3'b110 GCM 656198157Srrs * 3'b111 Kasumi f9 657198157Srrs * InHs_Key = 1'b0 Preserve old HMAC Keys 658198157Srrs * If GCM is selected as authenticator, leaving this bit 659198157Srrs * at 0 will cause the engine to use the old H value. 660198157Srrs * It will use the old SCI inside the decoder if 661198157Srrs * CFBMask[1:0] == 2'b11. 662198157Srrs * If Kasumi F9 authenticator, using 0 preserves 663198157Srrs * old keys (IK) in decoder. 664198157Srrs * 1'b1 Load new HMAC Keys from memory to local registers 665198157Srrs * Setting this bit while Cipher=Arc4 and LoadArc4State=1 666198157Srrs * causes the decoder to load the Arc4 state from the 667198157Srrs * cacheline following the HMAC keys (Whether HASH.HMAC 668198157Srrs * is set or not). 669198157Srrs * If GCM is selected as authenticator, setting this bit 670198157Srrs * causes both H (16 bytes) and SCI (8 bytes) to be loaded 671198157Srrs * from memory to the decoder. H will be loaded to the engine 672198157Srrs * but SCI is only loaded to the engine if CFBMask[1:0] == 2'b11. 673198157Srrs * If Kasumi F9 authenticator, using 1 loads new keys (IK) 674198157Srrs * from memory to decoder. 675198157Srrs * CHECKSUM.CkSum = 1'b0 CkSum NOP 676198157Srrs * 1'b1 INTERNET_CHECKSUM 677198157Srrs * 678198157Srrs * 679198157Srrs * 680198157Srrs */ 681198157Srrs 682198157Srrs /* #define CTRL_DSC_OVERRIDECIPHER */ 683198157Srrs#define CTL_DSC_OVERRIDECIPHER_OFF 0 684198157Srrs#define CTL_DSC_OVERRIDECIPHER_ON 1 685198157Srrs#define CTL_DSC_OVERRIDECIPHER_LSB 43 686198157Srrs#define CTL_DSC_OVERRIDECIPHER_BITS ONE_BIT 687198157Srrs#define CTL_DSC_OVERRIDECIPHER_MASK (CTL_DSC_OVERRIDECIPHER_BITS << CTL_DSC_OVERRIDECIPHER_LSB) 688198157Srrs 689198157Srrs/* #define CTRL_DSC_ARC4_WAIT4SAVE */ 690198157Srrs#define CTL_DSC_ARC4_WAIT4SAVE_OFF 0 691198157Srrs#define CTL_DSC_ARC4_WAIT4SAVE_ON 1 692198157Srrs#define CTL_DSC_ARC4_WAIT4SAVE_LSB 42 693198157Srrs#define CTL_DSC_ARC4_WAIT4SAVE_BITS ONE_BIT 694198157Srrs#define CTL_DSC_ARC4_WAIT4SAVE_MASK (CTL_DSC_ARC4_WAIT4SAVE_BITS << CTL_DSC_ARC4_WAIT4SAVE_LSB) 695198157Srrs 696198157Srrs/* #define CTRL_DSC_ARC4_SAVESTATE */ 697198157Srrs#define CTL_DSC_ARC4_SAVESTATE_OFF 0 698198157Srrs#define CTL_DSC_ARC4_SAVESTATE_ON 1 699198157Srrs#define CTL_DSC_ARC4_SAVESTATE_LSB 41 700198157Srrs#define CTL_DSC_ARC4_SAVESTATE_BITS ONE_BIT 701198157Srrs#define CTL_DSC_ARC4_SAVESTATE_MASK (CTL_DSC_ARC4_SAVESTATE_BITS << CTL_DSC_ARC4_SAVESTATE_LSB) 702198157Srrs 703198157Srrs/* #define CTRL_DSC_ARC4_LOADSTATE */ 704198157Srrs#define CTL_DSC_ARC4_LOADSTATE_OFF 0 705198157Srrs#define CTL_DSC_ARC4_LOADSTATE_ON 1 706198157Srrs#define CTL_DSC_ARC4_LOADSTATE_LSB 40 707198157Srrs#define CTL_DSC_ARC4_LOADSTATE_BITS ONE_BIT 708198157Srrs#define CTL_DSC_ARC4_LOADSTATE_MASK (CTL_DSC_ARC4_LOADSTATE_BITS << CTL_DSC_ARC4_LOADSTATE_LSB) 709198157Srrs 710198157Srrs/* #define CTRL_DSC_ARC4_KEYLEN */ 711198157Srrs#define CTL_DSC_ARC4_KEYLEN_LSB 35 712198157Srrs#define CTL_DSC_ARC4_KEYLEN_BITS FIVE_BITS 713198157Srrs#define CTL_DSC_ARC4_KEYLEN_MASK (CTL_DSC_ARC4_KEYLEN_BITS << CTL_DSC_ARC4_KEYLEN_LSB) 714198157Srrs 715198157Srrs/* #define CTL_DSC_CPHR (cipher) */ 716198627Srrs#define CTL_DSC_CPHR_BYPASS 0 /* undefined */ 717198157Srrs#define CTL_DSC_CPHR_DES 1 718198157Srrs#define CTL_DSC_CPHR_3DES 2 719198157Srrs#define CTL_DSC_CPHR_AES128 3 720198157Srrs#define CTL_DSC_CPHR_AES192 4 721198157Srrs#define CTL_DSC_CPHR_AES256 5 722198157Srrs#define CTL_DSC_CPHR_ARC4 6 723198157Srrs#define CTL_DSC_CPHR_KASUMI_F8 7 724198157Srrs#define CTL_DSC_CPHR_LSB 32 725198157Srrs#define CTL_DSC_CPHR_BITS THREE_BITS 726198157Srrs#define CTL_DSC_CPHR_MASK (CTL_DSC_CPHR_BITS << CTL_DSC_CPHR_LSB) 727198157Srrs 728198157Srrs/* #define CTL_DSC_MODE */ 729198157Srrs#define CTL_DSC_MODE_ECB 0 730198157Srrs#define CTL_DSC_MODE_CBC 1 731198157Srrs#define CTL_DSC_MODE_CFB 2 732198157Srrs#define CTL_DSC_MODE_OFB 3 733198157Srrs#define CTL_DSC_MODE_CTR 4 734198157Srrs#define CTL_DSC_MODE_F8 5 735198157Srrs#define CTL_DSC_MODE_LSB 29 736198157Srrs#define CTL_DSC_MODE_BITS THREE_BITS 737198157Srrs#define CTL_DSC_MODE_MASK (CTL_DSC_MODE_BITS << CTL_DSC_MODE_LSB) 738198157Srrs 739198157Srrs/* #define CTL_DSC_ICPHR */ 740198627Srrs#define CTL_DSC_ICPHR_OKY 0 /* Old Keys */ 741198627Srrs#define CTL_DSC_ICPHR_NKY 1 /* New Keys */ 742198157Srrs#define CTL_DSC_ICPHR_LSB 28 743198157Srrs#define CTL_DSC_ICPHR_BITS ONE_BIT 744198157Srrs#define CTL_DSC_ICPHR_MASK (CTL_DSC_ICPHR_BITS << CTL_DSC_ICPHR_LSB) 745198157Srrs 746198157Srrs/* #define CTL_DSC_HASHHI */ 747198157Srrs#define CTL_DSC_HASHHI_LSB 24 748198157Srrs#define CTL_DSC_HASHHI_BITS ONE_BIT 749198157Srrs#define CTL_DSC_HASHHI_MASK (CTL_DSC_HASHHI_BITS << CTL_DSC_HASHHI_LSB) 750198157Srrs 751198157Srrs/* #define CTL_DSC_HMAC */ 752198157Srrs#define CTL_DSC_HMAC_OFF 0 753198157Srrs#define CTL_DSC_HMAC_ON 1 754198157Srrs#define CTL_DSC_HMAC_LSB 23 755198157Srrs#define CTL_DSC_HMAC_BITS ONE_BIT 756198157Srrs#define CTL_DSC_HMAC_MASK (CTL_DSC_HMAC_BITS << CTL_DSC_HMAC_LSB) 757198157Srrs 758198157Srrs/* #define CTL_DSC_HASH */ 759198157Srrs#define CTL_DSC_HASH_NOP 0 760198157Srrs#define CTL_DSC_HASH_MD5 1 761198157Srrs#define CTL_DSC_HASH_SHA1 2 762198157Srrs#define CTL_DSC_HASH_SHA256 3 763198157Srrs#define CTL_DSC_HASH_SHA384 4 764198157Srrs#define CTL_DSC_HASH_SHA512 5 765198157Srrs#define CTL_DSC_HASH_GCM 6 766198157Srrs#define CTL_DSC_HASH_KASUMI_F9 7 767198157Srrs#define CTL_DSC_HASH_LSB 21 768198157Srrs#define CTL_DSC_HASH_BITS TWO_BITS 769198157Srrs#define CTL_DSC_HASH_MASK (CTL_DSC_HASH_BITS << CTL_DSC_HASH_LSB) 770198157Srrs 771198157Srrs/* #define CTL_DSC_IHASH */ 772198157Srrs#define CTL_DSC_IHASH_OLD 0 773198157Srrs#define CTL_DSC_IHASH_NEW 1 774198157Srrs#define CTL_DSC_IHASH_LSB 20 775198157Srrs#define CTL_DSC_IHASH_BITS ONE_BIT 776198157Srrs#define CTL_DSC_IHASH_MASK (CTL_DSC_IHASH_BITS << CTL_DSC_IHASH_LSB) 777198157Srrs 778198157Srrs/* #define CTL_DSC_CKSUM */ 779198157Srrs#define CTL_DSC_CKSUM_NOP 0 780198157Srrs#define CTL_DSC_CKSUM_IP 1 781198157Srrs#define CTL_DSC_CKSUM_LSB 16 782198157Srrs#define CTL_DSC_CKSUM_BITS ONE_BIT 783198157Srrs#define CTL_DSC_CKSUM_MASK (CTL_DSC_CKSUM_BITS << CTL_DSC_CKSUM_LSB) 784198157Srrs 785198157Srrs 786198157Srrs/* 787198157Srrs * Component strcts and unions defining CipherHashInfo_u 788198157Srrs */ 789198157Srrs 790198157Srrs/* AES256, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1, SHA-256) - 96 bytes */ 791198157Srrstypedef struct AES256HMAC_s { 792198627Srrs uint64_t cipherKey0; 793198627Srrs uint64_t cipherKey1; 794198627Srrs uint64_t cipherKey2; 795198627Srrs uint64_t cipherKey3; 796198627Srrs uint64_t hmacKey0; 797198627Srrs uint64_t hmacKey1; 798198627Srrs uint64_t hmacKey2; 799198627Srrs uint64_t hmacKey3; 800198627Srrs uint64_t hmacKey4; 801198627Srrs uint64_t hmacKey5; 802198627Srrs uint64_t hmacKey6; 803198627Srrs uint64_t hmacKey7; 804198627Srrs} AES256HMAC_t, *AES256HMAC_pt; 805198157Srrs 806198157Srrs/* AES256, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-512) - 160 bytes */ 807198157Srrstypedef struct AES256HMAC2_s { 808198627Srrs uint64_t cipherKey0; 809198627Srrs uint64_t cipherKey1; 810198627Srrs uint64_t cipherKey2; 811198627Srrs uint64_t cipherKey3; 812198627Srrs uint64_t hmacKey0; 813198627Srrs uint64_t hmacKey1; 814198627Srrs uint64_t hmacKey2; 815198627Srrs uint64_t hmacKey3; 816198627Srrs uint64_t hmacKey4; 817198627Srrs uint64_t hmacKey5; 818198627Srrs uint64_t hmacKey6; 819198627Srrs uint64_t hmacKey7; 820198627Srrs uint64_t hmacKey8; 821198627Srrs uint64_t hmacKey9; 822198627Srrs uint64_t hmacKey10; 823198627Srrs uint64_t hmacKey11; 824198627Srrs uint64_t hmacKey12; 825198627Srrs uint64_t hmacKey13; 826198627Srrs uint64_t hmacKey14; 827198627Srrs uint64_t hmacKey15; 828198627Srrs} AES256HMAC2_t, *AES256HMAC2_pt; 829198157Srrs 830198157Srrs/* AES256, (ECB, CBC, OFB, CTR, CFB), GCM - 56 bytes */ 831198157Srrstypedef struct AES256GCM_s { 832198627Srrs uint64_t cipherKey0; 833198627Srrs uint64_t cipherKey1; 834198627Srrs uint64_t cipherKey2; 835198627Srrs uint64_t cipherKey3; 836198627Srrs uint64_t GCMH0; 837198627Srrs uint64_t GCMH1; 838198627Srrs uint64_t GCMSCI; 839198627Srrs} AES256GCM_t, *AES256GCM_pt; 840198157Srrs 841198157Srrs/* AES256, (ECB, CBC, OFB, CTR, CFB), F9 - 56 bytes */ 842198157Srrstypedef struct AES256F9_s { 843198627Srrs uint64_t cipherKey0; 844198627Srrs uint64_t cipherKey1; 845198627Srrs uint64_t cipherKey2; 846198627Srrs uint64_t cipherKey3; 847198627Srrs uint64_t authKey0; 848198627Srrs uint64_t authKey1; 849198627Srrs} AES256F9_t, *AES256F9_pt; 850198157Srrs 851198157Srrs/* AES256, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1, SHA-256) - 32 bytes */ 852198157Srrstypedef struct AES256_s { 853198627Srrs uint64_t cipherKey0; 854198627Srrs uint64_t cipherKey1; 855198627Srrs uint64_t cipherKey2; 856198627Srrs uint64_t cipherKey3; 857198627Srrs} AES256_t, *AES256_pt; 858198157Srrs 859198157Srrs 860198157Srrs/* All AES192 possibilities */ 861198157Srrs 862198157Srrs/* AES192, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1, SHA-192) - 88 bytes */ 863198157Srrstypedef struct AES192HMAC_s { 864198627Srrs uint64_t cipherKey0; 865198627Srrs uint64_t cipherKey1; 866198627Srrs uint64_t cipherKey2; 867198627Srrs uint64_t hmacKey0; 868198627Srrs uint64_t hmacKey1; 869198627Srrs uint64_t hmacKey2; 870198627Srrs uint64_t hmacKey3; 871198627Srrs uint64_t hmacKey4; 872198627Srrs uint64_t hmacKey5; 873198627Srrs uint64_t hmacKey6; 874198627Srrs uint64_t hmacKey7; 875198627Srrs} AES192HMAC_t, *AES192HMAC_pt; 876198157Srrs 877198157Srrs/* AES192, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-512) - 152 bytes */ 878198157Srrstypedef struct AES192HMAC2_s { 879198627Srrs uint64_t cipherKey0; 880198627Srrs uint64_t cipherKey1; 881198627Srrs uint64_t cipherKey2; 882198627Srrs uint64_t hmacKey0; 883198627Srrs uint64_t hmacKey1; 884198627Srrs uint64_t hmacKey2; 885198627Srrs uint64_t hmacKey3; 886198627Srrs uint64_t hmacKey4; 887198627Srrs uint64_t hmacKey5; 888198627Srrs uint64_t hmacKey6; 889198627Srrs uint64_t hmacKey7; 890198627Srrs uint64_t hmacKey8; 891198627Srrs uint64_t hmacKey9; 892198627Srrs uint64_t hmacKey10; 893198627Srrs uint64_t hmacKey11; 894198627Srrs uint64_t hmacKey12; 895198627Srrs uint64_t hmacKey13; 896198627Srrs uint64_t hmacKey14; 897198627Srrs uint64_t hmacKey15; 898198627Srrs} AES192HMAC2_t, *AES192HMAC2_pt; 899198157Srrs 900198157Srrs/* AES192, (ECB, CBC, OFB, CTR, CFB), GCM - 48 bytes */ 901198157Srrstypedef struct AES192GCM_s { 902198627Srrs uint64_t cipherKey0; 903198627Srrs uint64_t cipherKey1; 904198627Srrs uint64_t cipherKey2; 905198627Srrs uint64_t GCMH0; 906198627Srrs uint64_t GCMH1; 907198627Srrs uint64_t GCMSCI; 908198627Srrs} AES192GCM_t, *AES192GCM_pt; 909198157Srrs 910198157Srrs/* AES192, (ECB, CBC, OFB, CTR, CFB), F9 - 48 bytes */ 911198157Srrstypedef struct AES192F9_s { 912198627Srrs uint64_t cipherKey0; 913198627Srrs uint64_t cipherKey1; 914198627Srrs uint64_t cipherKey2; 915198627Srrs uint64_t authKey0; 916198627Srrs uint64_t authKey1; 917198627Srrs} AES192F9_t, *AES192F9_pt; 918198157Srrs 919198157Srrs/* AES192, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1, SHA-192) - 24 bytes */ 920198157Srrstypedef struct AES192_s { 921198627Srrs uint64_t cipherKey0; 922198627Srrs uint64_t cipherKey1; 923198627Srrs uint64_t cipherKey2; 924198627Srrs} AES192_t, *AES192_pt; 925198157Srrs 926198157Srrs 927198157Srrs/* All AES128 possibilities */ 928198157Srrs 929198157Srrs/* AES128, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1, SHA-128) - 80 bytes */ 930198157Srrstypedef struct AES128HMAC_s { 931198627Srrs uint64_t cipherKey0; 932198627Srrs uint64_t cipherKey1; 933198627Srrs uint64_t hmacKey0; 934198627Srrs uint64_t hmacKey1; 935198627Srrs uint64_t hmacKey2; 936198627Srrs uint64_t hmacKey3; 937198627Srrs uint64_t hmacKey4; 938198627Srrs uint64_t hmacKey5; 939198627Srrs uint64_t hmacKey6; 940198627Srrs uint64_t hmacKey7; 941198627Srrs} AES128HMAC_t, *AES128HMAC_pt; 942198157Srrs 943198157Srrs/* AES128, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-612) - 144 bytes */ 944198157Srrstypedef struct AES128HMAC2_s { 945198627Srrs uint64_t cipherKey0; 946198627Srrs uint64_t cipherKey1; 947198627Srrs uint64_t hmacKey0; 948198627Srrs uint64_t hmacKey1; 949198627Srrs uint64_t hmacKey2; 950198627Srrs uint64_t hmacKey3; 951198627Srrs uint64_t hmacKey4; 952198627Srrs uint64_t hmacKey5; 953198627Srrs uint64_t hmacKey6; 954198627Srrs uint64_t hmacKey7; 955198627Srrs uint64_t hmacKey8; 956198627Srrs uint64_t hmacKey9; 957198627Srrs uint64_t hmacKey10; 958198627Srrs uint64_t hmacKey11; 959198627Srrs uint64_t hmacKey12; 960198627Srrs uint64_t hmacKey13; 961198627Srrs uint64_t hmacKey14; 962198627Srrs uint64_t hmacKey15; 963198627Srrs} AES128HMAC2_t, *AES128HMAC2_pt; 964198157Srrs 965198157Srrs/* AES128, (ECB, CBC, OFB, CTR, CFB), GCM - 40 bytes */ 966198157Srrstypedef struct AES128GCM_s { 967198627Srrs uint64_t cipherKey0; 968198627Srrs uint64_t cipherKey1; 969198627Srrs uint64_t GCMH0; 970198627Srrs uint64_t GCMH1; 971198627Srrs uint64_t GCMSCI; 972198627Srrs} AES128GCM_t, *AES128GCM_pt; 973198157Srrs 974198157Srrs/* AES128, (ECB, CBC, OFB, CTR, CFB), F9 - 48 bytes */ 975198157Srrstypedef struct AES128F9_s { 976198627Srrs uint64_t cipherKey0; 977198627Srrs uint64_t cipherKey1; 978198627Srrs uint64_t authKey0; 979198627Srrs uint64_t authKey1; 980198627Srrs} AES128F9_t, *AES128F9_pt; 981198157Srrs 982198157Srrs/* AES128, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1, SHA-128) - 16 bytes */ 983198157Srrstypedef struct AES128_s { 984198627Srrs uint64_t cipherKey0; 985198627Srrs uint64_t cipherKey1; 986198627Srrs} AES128_t, *AES128_pt; 987198157Srrs 988198157Srrs/* AES128, (OFB F8), Non-HMAC (MD5, SHA-1, SHA-256) - 32 bytes */ 989198157Srrstypedef struct AES128F8_s { 990198627Srrs uint64_t cipherKey0; 991198627Srrs uint64_t cipherKey1; 992198627Srrs uint64_t cipherKeyMask0; 993198627Srrs uint64_t cipherKeyMask1; 994198627Srrs} AES128F8_t, *AES128F8_pt; 995198157Srrs 996198157Srrs/* AES128, (OFB F8), HMAC (MD5, SHA-1, SHA-256) - 96 bytes */ 997198157Srrstypedef struct AES128F8HMAC_s { 998198627Srrs uint64_t cipherKey0; 999198627Srrs uint64_t cipherKey1; 1000198627Srrs uint64_t cipherKeyMask0; 1001198627Srrs uint64_t cipherKeyMask1; 1002198627Srrs uint64_t hmacKey0; 1003198627Srrs uint64_t hmacKey1; 1004198627Srrs uint64_t hmacKey2; 1005198627Srrs uint64_t hmacKey3; 1006198627Srrs uint64_t hmacKey4; 1007198627Srrs uint64_t hmacKey5; 1008198627Srrs uint64_t hmacKey6; 1009198627Srrs uint64_t hmacKey7; 1010198627Srrs} AES128F8HMAC_t, *AES128F8HMAC_pt; 1011198157Srrs 1012198157Srrs/* AES128, (OFB F8), HMAC (SHA-384, SHA-512) - 160 bytes */ 1013198157Srrstypedef struct AES128F8HMAC2_s { 1014198627Srrs uint64_t cipherKey0; 1015198627Srrs uint64_t cipherKey1; 1016198627Srrs uint64_t cipherKeyMask0; 1017198627Srrs uint64_t cipherKeyMask1; 1018198627Srrs uint64_t hmacKey0; 1019198627Srrs uint64_t hmacKey1; 1020198627Srrs uint64_t hmacKey2; 1021198627Srrs uint64_t hmacKey3; 1022198627Srrs uint64_t hmacKey4; 1023198627Srrs uint64_t hmacKey5; 1024198627Srrs uint64_t hmacKey6; 1025198627Srrs uint64_t hmacKey7; 1026198627Srrs uint64_t hmacKey8; 1027198627Srrs uint64_t hmacKey9; 1028198627Srrs uint64_t hmacKey10; 1029198627Srrs uint64_t hmacKey11; 1030198627Srrs uint64_t hmacKey12; 1031198627Srrs uint64_t hmacKey13; 1032198627Srrs uint64_t hmacKey14; 1033198627Srrs uint64_t hmacKey15; 1034198627Srrs} AES128F8HMAC2_t, *AES128F8HMAC2_pt; 1035198157Srrs 1036198157Srrs/* AES192, (OFB F8), Non-HMAC (MD5, SHA-1, SHA-256) - 48 bytes */ 1037198157Srrstypedef struct AES192F8_s { 1038198627Srrs uint64_t cipherKey0; 1039198627Srrs uint64_t cipherKey1; 1040198627Srrs uint64_t cipherKey2; 1041198627Srrs uint64_t cipherKeyMask0; 1042198627Srrs uint64_t cipherKeyMask1; 1043198627Srrs uint64_t cipherKeyMask2; 1044198627Srrs} AES192F8_t, *AES192F8_pt; 1045198157Srrs 1046198157Srrs/* AES192, (OFB F8), HMAC (MD5, SHA-1, SHA-256) - 112 bytes */ 1047198157Srrstypedef struct AES192F8HMAC_s { 1048198627Srrs uint64_t cipherKey0; 1049198627Srrs uint64_t cipherKey1; 1050198627Srrs uint64_t cipherKey2; 1051198627Srrs uint64_t cipherKeyMask0; 1052198627Srrs uint64_t cipherKeyMask1; 1053198627Srrs uint64_t cipherKeyMask2; 1054198627Srrs uint64_t hmacKey0; 1055198627Srrs uint64_t hmacKey1; 1056198627Srrs uint64_t hmacKey2; 1057198627Srrs uint64_t hmacKey3; 1058198627Srrs uint64_t hmacKey4; 1059198627Srrs uint64_t hmacKey5; 1060198627Srrs uint64_t hmacKey6; 1061198627Srrs uint64_t hmacKey7; 1062198627Srrs} AES192F8HMAC_t, *AES192F8HMAC_pt; 1063198157Srrs 1064198157Srrs/* AES192, (OFB F8), HMAC (SHA-384, SHA-512) - 176 bytes */ 1065198157Srrstypedef struct AES192F8HMAC2_s { 1066198627Srrs uint64_t cipherKey0; 1067198627Srrs uint64_t cipherKey1; 1068198627Srrs uint64_t cipherKey2; 1069198627Srrs uint64_t cipherKeyMask0; 1070198627Srrs uint64_t cipherKeyMask1; 1071198627Srrs uint64_t cipherKeyMask2; 1072198627Srrs uint64_t hmacKey0; 1073198627Srrs uint64_t hmacKey1; 1074198627Srrs uint64_t hmacKey2; 1075198627Srrs uint64_t hmacKey3; 1076198627Srrs uint64_t hmacKey4; 1077198627Srrs uint64_t hmacKey5; 1078198627Srrs uint64_t hmacKey6; 1079198627Srrs uint64_t hmacKey7; 1080198627Srrs uint64_t hmacKey8; 1081198627Srrs uint64_t hmacKey9; 1082198627Srrs uint64_t hmacKey10; 1083198627Srrs uint64_t hmacKey11; 1084198627Srrs uint64_t hmacKey12; 1085198627Srrs uint64_t hmacKey13; 1086198627Srrs uint64_t hmacKey14; 1087198627Srrs uint64_t hmacKey15; 1088198627Srrs} AES192F8HMAC2_t, *AES192F8HMAC2_pt; 1089198157Srrs 1090198157Srrs/* AES256, (OFB F8), Non-HMAC (MD5, SHA-1, SHA-256) - 64 bytes */ 1091198157Srrstypedef struct AES256F8_s { 1092198627Srrs uint64_t cipherKey0; 1093198627Srrs uint64_t cipherKey1; 1094198627Srrs uint64_t cipherKey2; 1095198627Srrs uint64_t cipherKey3; 1096198627Srrs uint64_t cipherKeyMask0; 1097198627Srrs uint64_t cipherKeyMask1; 1098198627Srrs uint64_t cipherKeyMask2; 1099198627Srrs uint64_t cipherKeyMask3; 1100198627Srrs} AES256F8_t, *AES256F8_pt; 1101198157Srrs 1102198157Srrs/* AES256, (OFB F8), HMAC (MD5, SHA-1, SHA-256) - 128 bytes */ 1103198157Srrstypedef struct AES256F8HMAC_s { 1104198627Srrs uint64_t cipherKey0; 1105198627Srrs uint64_t cipherKey1; 1106198627Srrs uint64_t cipherKey2; 1107198627Srrs uint64_t cipherKey3; 1108198627Srrs uint64_t cipherKeyMask0; 1109198627Srrs uint64_t cipherKeyMask1; 1110198627Srrs uint64_t cipherKeyMask2; 1111198627Srrs uint64_t cipherKeyMask3; 1112198627Srrs uint64_t hmacKey0; 1113198627Srrs uint64_t hmacKey1; 1114198627Srrs uint64_t hmacKey2; 1115198627Srrs uint64_t hmacKey3; 1116198627Srrs uint64_t hmacKey4; 1117198627Srrs uint64_t hmacKey5; 1118198627Srrs uint64_t hmacKey6; 1119198627Srrs uint64_t hmacKey7; 1120198627Srrs} AES256F8HMAC_t, *AES256F8HMAC_pt; 1121198157Srrs 1122198157Srrs/* AES256, (OFB F8), HMAC (SHA-384, SHA-512) - 192 bytes */ 1123198157Srrstypedef struct AES256F8HMAC2_s { 1124198627Srrs uint64_t cipherKey0; 1125198627Srrs uint64_t cipherKey1; 1126198627Srrs uint64_t cipherKey2; 1127198627Srrs uint64_t cipherKey3; 1128198627Srrs uint64_t cipherKeyMask0; 1129198627Srrs uint64_t cipherKeyMask1; 1130198627Srrs uint64_t cipherKeyMask2; 1131198627Srrs uint64_t cipherKeyMask3; 1132198627Srrs uint64_t hmacKey0; 1133198627Srrs uint64_t hmacKey1; 1134198627Srrs uint64_t hmacKey2; 1135198627Srrs uint64_t hmacKey3; 1136198627Srrs uint64_t hmacKey4; 1137198627Srrs uint64_t hmacKey5; 1138198627Srrs uint64_t hmacKey6; 1139198627Srrs uint64_t hmacKey7; 1140198627Srrs uint64_t hmacKey8; 1141198627Srrs uint64_t hmacKey9; 1142198627Srrs uint64_t hmacKey10; 1143198627Srrs uint64_t hmacKey11; 1144198627Srrs uint64_t hmacKey12; 1145198627Srrs uint64_t hmacKey13; 1146198627Srrs uint64_t hmacKey14; 1147198627Srrs uint64_t hmacKey15; 1148198627Srrs} AES256F8HMAC2_t, *AES256F8HMAC2_pt; 1149198157Srrs 1150198157Srrs/* AES256, (F8), GCM - 40 bytes */ 1151198157Srrstypedef struct AES128F8GCM_s { 1152198627Srrs uint64_t cipherKey0; 1153198627Srrs uint64_t cipherKey2; 1154198627Srrs uint64_t GCMH0; 1155198627Srrs uint64_t GCMH1; 1156198627Srrs uint64_t GCMSCI; 1157198627Srrs} AES128F8GCM_t, *AES128F8GCM_pt; 1158198157Srrs 1159198157Srrs/* AES256, (F8), GCM - 48 bytes */ 1160198157Srrstypedef struct AES192F8GCM_s { 1161198627Srrs uint64_t cipherKey0; 1162198627Srrs uint64_t cipherKey1; 1163198627Srrs uint64_t cipherKey2; 1164198627Srrs uint64_t GCMH0; 1165198627Srrs uint64_t GCMH1; 1166198627Srrs uint64_t GCMSCI; 1167198627Srrs} AES192F8GCM_t, *AES192F8GCM_pt; 1168198157Srrs 1169198157Srrs/* AES256, (F8), GCM - 56 bytes */ 1170198157Srrstypedef struct AES256F8GCM_s { 1171198627Srrs uint64_t cipherKey0; 1172198627Srrs uint64_t cipherKey1; 1173198627Srrs uint64_t cipherKey2; 1174198627Srrs uint64_t cipherKey3; 1175198627Srrs uint64_t GCMH0; 1176198627Srrs uint64_t GCMH1; 1177198627Srrs uint64_t GCMSCI; 1178198627Srrs} AES256F8GCM_t, *AES256F8GCM_pt; 1179198157Srrs 1180198157Srrs/* AES256, (F8), F9 - 40 bytes */ 1181198157Srrstypedef struct AES128F8F9_s { 1182198627Srrs uint64_t cipherKey0; 1183198627Srrs uint64_t cipherKey2; 1184198627Srrs uint64_t authKey0; 1185198627Srrs uint64_t authKey1; 1186198627Srrs} AES128F8F9_t, *AES128F8F9_pt; 1187198157Srrs 1188198157Srrs/* AES256, (F8), F9 - 48 bytes */ 1189198157Srrstypedef struct AES192F8F9_s { 1190198627Srrs uint64_t cipherKey0; 1191198627Srrs uint64_t cipherKey1; 1192198627Srrs uint64_t cipherKey2; 1193198627Srrs uint64_t authKey0; 1194198627Srrs uint64_t authKey1; 1195198627Srrs} AES192F8F9_t, *AES192F8F9_pt; 1196198157Srrs 1197198157Srrs/* AES256F8, (F8), F9 - 56 bytes */ 1198198157Srrstypedef struct AES256F8F9_s { 1199198627Srrs uint64_t cipherKey0; 1200198627Srrs uint64_t cipherKey1; 1201198627Srrs uint64_t cipherKey2; 1202198627Srrs uint64_t cipherKey3; 1203198627Srrs uint64_t authKey0; 1204198627Srrs uint64_t authKey1; 1205198627Srrs} AES256F8F9_t, *AES256F8F9_pt; 1206198157Srrs 1207198157Srrs/* All DES possibilities */ 1208198157Srrs 1209198157Srrs/* DES, (ECB, CBC), HMAC (MD5, SHA-1, SHA-128) - 72 bytes */ 1210198157Srrstypedef struct DESHMAC_s { 1211198627Srrs uint64_t cipherKey0; 1212198627Srrs uint64_t hmacKey0; 1213198627Srrs uint64_t hmacKey1; 1214198627Srrs uint64_t hmacKey2; 1215198627Srrs uint64_t hmacKey3; 1216198627Srrs uint64_t hmacKey4; 1217198627Srrs uint64_t hmacKey5; 1218198627Srrs uint64_t hmacKey6; 1219198627Srrs uint64_t hmacKey7; 1220198627Srrs} DESHMAC_t, *DESHMAC_pt; 1221198157Srrs 1222198157Srrs/* DES, (ECB, CBC), HMAC (SHA-384, SHA-512) - 136 bytes */ 1223198157Srrstypedef struct DESHMAC2_s { 1224198627Srrs uint64_t cipherKey0; 1225198627Srrs uint64_t hmacKey0; 1226198627Srrs uint64_t hmacKey1; 1227198627Srrs uint64_t hmacKey2; 1228198627Srrs uint64_t hmacKey3; 1229198627Srrs uint64_t hmacKey4; 1230198627Srrs uint64_t hmacKey5; 1231198627Srrs uint64_t hmacKey6; 1232198627Srrs uint64_t hmacKey7; 1233198627Srrs uint64_t hmacKey8; 1234198627Srrs uint64_t hmacKey9; 1235198627Srrs uint64_t hmacKey10; 1236198627Srrs uint64_t hmacKey11; 1237198627Srrs uint64_t hmacKey12; 1238198627Srrs uint64_t hmacKey13; 1239198627Srrs uint64_t hmacKey14; 1240198627Srrs uint64_t hmacKey15; 1241198627Srrs} DESHMAC2_t, *DESHMAC2_pt; 1242198157Srrs 1243198157Srrs/* DES, (ECB, CBC), GCM - 32 bytes */ 1244198157Srrstypedef struct DESGCM_s { 1245198627Srrs uint64_t cipherKey0; 1246198627Srrs uint64_t GCMH0; 1247198627Srrs uint64_t GCMH1; 1248198627Srrs uint64_t GCMSCI; 1249198627Srrs} DESGCM_t, *DESGCM_pt; 1250198157Srrs 1251198157Srrs/* DES, (ECB, CBC), F9 - 32 bytes */ 1252198157Srrstypedef struct DESF9_s { 1253198627Srrs uint64_t cipherKey0; 1254198627Srrs uint64_t authKey0; 1255198627Srrs uint64_t authKey1; 1256198627Srrs} DESF9_t, *DESF9_pt; 1257198157Srrs 1258198157Srrs/* DES, (ECB, CBC), Non-HMAC (MD5, SHA-1, SHA-128) - 9 bytes */ 1259198157Srrstypedef struct DES_s { 1260198627Srrs uint64_t cipherKey0; 1261198627Srrs} DES_t, *DES_pt; 1262198157Srrs 1263198157Srrs 1264198157Srrs/* All 3DES possibilities */ 1265198157Srrs 1266198157Srrs/* 3DES, (ECB, CBC), HMAC (MD5, SHA-1, SHA-128) - 88 bytes */ 1267198157Srrstypedef struct DES3HMAC_s { 1268198627Srrs uint64_t cipherKey0; 1269198627Srrs uint64_t cipherKey1; 1270198627Srrs uint64_t cipherKey2; 1271198627Srrs uint64_t hmacKey0; 1272198627Srrs uint64_t hmacKey1; 1273198627Srrs uint64_t hmacKey2; 1274198627Srrs uint64_t hmacKey3; 1275198627Srrs uint64_t hmacKey4; 1276198627Srrs uint64_t hmacKey5; 1277198627Srrs uint64_t hmacKey6; 1278198627Srrs uint64_t hmacKey7; 1279198627Srrs} DES3HMAC_t, *DES3HMAC_pt; 1280198157Srrs 1281198157Srrs/* 3DES, (ECB, CBC), HMAC (SHA-384, SHA-512) - 152 bytes */ 1282198157Srrstypedef struct DES3HMAC2_s { 1283198627Srrs uint64_t cipherKey0; 1284198627Srrs uint64_t cipherKey1; 1285198627Srrs uint64_t cipherKey2; 1286198627Srrs uint64_t hmacKey0; 1287198627Srrs uint64_t hmacKey1; 1288198627Srrs uint64_t hmacKey2; 1289198627Srrs uint64_t hmacKey3; 1290198627Srrs uint64_t hmacKey4; 1291198627Srrs uint64_t hmacKey5; 1292198627Srrs uint64_t hmacKey6; 1293198627Srrs uint64_t hmacKey7; 1294198627Srrs uint64_t hmacKey8; 1295198627Srrs uint64_t hmacKey9; 1296198627Srrs uint64_t hmacKey10; 1297198627Srrs uint64_t hmacKey11; 1298198627Srrs uint64_t hmacKey12; 1299198627Srrs uint64_t hmacKey13; 1300198627Srrs uint64_t hmacKey14; 1301198627Srrs uint64_t hmacKey15; 1302198627Srrs} DES3HMAC2_t, *DES3HMAC2_pt; 1303198157Srrs 1304198157Srrs/* 3DES, (ECB, CBC), GCM - 48 bytes */ 1305198157Srrstypedef struct DES3GCM_s { 1306198627Srrs uint64_t cipherKey0; 1307198627Srrs uint64_t cipherKey1; 1308198627Srrs uint64_t cipherKey2; 1309198627Srrs uint64_t GCMH0; 1310198627Srrs uint64_t GCMH1; 1311198627Srrs uint64_t GCMSCI; 1312198627Srrs} DES3GCM_t, *DES3GCM_pt; 1313198157Srrs 1314198157Srrs/* 3DES, (ECB, CBC), GCM - 48 bytes */ 1315198157Srrstypedef struct DES3F9_s { 1316198627Srrs uint64_t cipherKey0; 1317198627Srrs uint64_t cipherKey1; 1318198627Srrs uint64_t cipherKey2; 1319198627Srrs uint64_t authKey0; 1320198627Srrs uint64_t authKey1; 1321198627Srrs} DES3F9_t, *DES3F9_pt; 1322198157Srrs 1323198157Srrs/* 3DES, (ECB, CBC), Non-HMAC (MD5, SHA-1, SHA-128) - 24 bytes */ 1324198157Srrstypedef struct DES3_s { 1325198627Srrs uint64_t cipherKey0; 1326198627Srrs uint64_t cipherKey1; 1327198627Srrs uint64_t cipherKey2; 1328198627Srrs} DES3_t, *DES3_pt; 1329198157Srrs 1330198157Srrs 1331198157Srrs/* HMAC only - no cipher */ 1332198157Srrs 1333198157Srrs/* HMAC (MD5, SHA-1, SHA-128) - 64 bytes */ 1334198157Srrstypedef struct HMAC_s { 1335198627Srrs uint64_t hmacKey0; 1336198627Srrs uint64_t hmacKey1; 1337198627Srrs uint64_t hmacKey2; 1338198627Srrs uint64_t hmacKey3; 1339198627Srrs uint64_t hmacKey4; 1340198627Srrs uint64_t hmacKey5; 1341198627Srrs uint64_t hmacKey6; 1342198627Srrs uint64_t hmacKey7; 1343198627Srrs} HMAC_t, *HMAC_pt; 1344198157Srrs 1345198157Srrs/* HMAC (SHA-384, SHA-512) - 128 bytes */ 1346198157Srrstypedef struct HMAC2_s { 1347198627Srrs uint64_t hmacKey0; 1348198627Srrs uint64_t hmacKey1; 1349198627Srrs uint64_t hmacKey2; 1350198627Srrs uint64_t hmacKey3; 1351198627Srrs uint64_t hmacKey4; 1352198627Srrs uint64_t hmacKey5; 1353198627Srrs uint64_t hmacKey6; 1354198627Srrs uint64_t hmacKey7; 1355198627Srrs uint64_t hmacKey8; 1356198627Srrs uint64_t hmacKey9; 1357198627Srrs uint64_t hmacKey10; 1358198627Srrs uint64_t hmacKey11; 1359198627Srrs uint64_t hmacKey12; 1360198627Srrs uint64_t hmacKey13; 1361198627Srrs uint64_t hmacKey14; 1362198627Srrs uint64_t hmacKey15; 1363198627Srrs} HMAC2_t, *HMAC2_pt; 1364198157Srrs 1365198157Srrs/* GCM - 24 bytes */ 1366198157Srrstypedef struct GCM_s { 1367198627Srrs uint64_t GCMH0; 1368198627Srrs uint64_t GCMH1; 1369198627Srrs uint64_t GCMSCI; 1370198627Srrs} GCM_t, *GCM_pt; 1371198157Srrs 1372198157Srrs/* F9 - 24 bytes */ 1373198157Srrstypedef struct F9_s { 1374198627Srrs uint64_t authKey0; 1375198627Srrs uint64_t authKey1; 1376198627Srrs} F9_t, *F9_pt; 1377198157Srrs 1378198157Srrs/* All ARC4 possibilities */ 1379198157Srrs/* ARC4, HMAC (MD5, SHA-1, SHA-256) - 96 bytes */ 1380198157Srrstypedef struct ARC4HMAC_s { 1381198627Srrs uint64_t cipherKey0; 1382198627Srrs uint64_t cipherKey1; 1383198627Srrs uint64_t cipherKey2; 1384198627Srrs uint64_t cipherKey3; 1385198627Srrs uint64_t hmacKey0; 1386198627Srrs uint64_t hmacKey1; 1387198627Srrs uint64_t hmacKey2; 1388198627Srrs uint64_t hmacKey3; 1389198627Srrs uint64_t hmacKey4; 1390198627Srrs uint64_t hmacKey5; 1391198627Srrs uint64_t hmacKey6; 1392198627Srrs uint64_t hmacKey7; 1393198627Srrs} ARC4HMAC_t, *ARC4HMAC_pt; 1394198157Srrs 1395198157Srrs/* ARC4, HMAC (SHA-384, SHA-512) - 160 bytes */ 1396198157Srrstypedef struct ARC4HMAC2_s { 1397198627Srrs uint64_t cipherKey0; 1398198627Srrs uint64_t cipherKey1; 1399198627Srrs uint64_t cipherKey2; 1400198627Srrs uint64_t cipherKey3; 1401198627Srrs uint64_t hmacKey0; 1402198627Srrs uint64_t hmacKey1; 1403198627Srrs uint64_t hmacKey2; 1404198627Srrs uint64_t hmacKey3; 1405198627Srrs uint64_t hmacKey4; 1406198627Srrs uint64_t hmacKey5; 1407198627Srrs uint64_t hmacKey6; 1408198627Srrs uint64_t hmacKey7; 1409198627Srrs uint64_t hmacKey8; 1410198627Srrs uint64_t hmacKey9; 1411198627Srrs uint64_t hmacKey10; 1412198627Srrs uint64_t hmacKey11; 1413198627Srrs uint64_t hmacKey12; 1414198627Srrs uint64_t hmacKey13; 1415198627Srrs uint64_t hmacKey14; 1416198627Srrs uint64_t hmacKey15; 1417198627Srrs} ARC4HMAC2_t, *ARC4HMAC2_pt; 1418198157Srrs 1419198157Srrs/* ARC4, GCM - 56 bytes */ 1420198157Srrstypedef struct ARC4GCM_s { 1421198627Srrs uint64_t cipherKey0; 1422198627Srrs uint64_t cipherKey1; 1423198627Srrs uint64_t cipherKey2; 1424198627Srrs uint64_t cipherKey3; 1425198627Srrs uint64_t GCMH0; 1426198627Srrs uint64_t GCMH1; 1427198627Srrs uint64_t GCMSCI; 1428198627Srrs} ARC4GCM_t, *ARC4GCM_pt; 1429198157Srrs 1430198157Srrs/* ARC4, F9 - 56 bytes */ 1431198157Srrstypedef struct ARC4F9_s { 1432198627Srrs uint64_t cipherKey0; 1433198627Srrs uint64_t cipherKey1; 1434198627Srrs uint64_t cipherKey2; 1435198627Srrs uint64_t cipherKey3; 1436198627Srrs uint64_t authKey0; 1437198627Srrs uint64_t authKey1; 1438198627Srrs} ARC4F9_t, *ARC4F9_pt; 1439198157Srrs 1440198157Srrs/* ARC4, HMAC (MD5, SHA-1, SHA-256) - 408 bytes (not including 8 bytes from instruction) */ 1441198157Srrstypedef struct ARC4StateHMAC_s { 1442198627Srrs uint64_t cipherKey0; 1443198627Srrs uint64_t cipherKey1; 1444198627Srrs uint64_t cipherKey2; 1445198627Srrs uint64_t cipherKey3; 1446198627Srrs uint64_t hmacKey0; 1447198627Srrs uint64_t hmacKey1; 1448198627Srrs uint64_t hmacKey2; 1449198627Srrs uint64_t hmacKey3; 1450198627Srrs uint64_t hmacKey4; 1451198627Srrs uint64_t hmacKey5; 1452198627Srrs uint64_t hmacKey6; 1453198627Srrs uint64_t hmacKey7; 1454198627Srrs uint64_t PAD0; 1455198627Srrs uint64_t PAD1; 1456198627Srrs uint64_t PAD2; 1457198627Srrs uint64_t Arc4SboxData0; 1458198627Srrs uint64_t Arc4SboxData1; 1459198627Srrs uint64_t Arc4SboxData2; 1460198627Srrs uint64_t Arc4SboxData3; 1461198627Srrs uint64_t Arc4SboxData4; 1462198627Srrs uint64_t Arc4SboxData5; 1463198627Srrs uint64_t Arc4SboxData6; 1464198627Srrs uint64_t Arc4SboxData7; 1465198627Srrs uint64_t Arc4SboxData8; 1466198627Srrs uint64_t Arc4SboxData9; 1467198627Srrs uint64_t Arc4SboxData10; 1468198627Srrs uint64_t Arc4SboxData11; 1469198627Srrs uint64_t Arc4SboxData12; 1470198627Srrs uint64_t Arc4SboxData13; 1471198627Srrs uint64_t Arc4SboxData14; 1472198627Srrs uint64_t Arc4SboxData15; 1473198627Srrs uint64_t Arc4SboxData16; 1474198627Srrs uint64_t Arc4SboxData17; 1475198627Srrs uint64_t Arc4SboxData18; 1476198627Srrs uint64_t Arc4SboxData19; 1477198627Srrs uint64_t Arc4SboxData20; 1478198627Srrs uint64_t Arc4SboxData21; 1479198627Srrs uint64_t Arc4SboxData22; 1480198627Srrs uint64_t Arc4SboxData23; 1481198627Srrs uint64_t Arc4SboxData24; 1482198627Srrs uint64_t Arc4SboxData25; 1483198627Srrs uint64_t Arc4SboxData26; 1484198627Srrs uint64_t Arc4SboxData27; 1485198627Srrs uint64_t Arc4SboxData28; 1486198627Srrs uint64_t Arc4SboxData29; 1487198627Srrs uint64_t Arc4SboxData30; 1488198627Srrs uint64_t Arc4SboxData31; 1489198627Srrs uint64_t Arc4IJData; 1490198627Srrs uint64_t PAD3; 1491198627Srrs uint64_t PAD4; 1492198627Srrs uint64_t PAD5; 1493198627Srrs} ARC4StateHMAC_t, *ARC4StateHMAC_pt; 1494198157Srrs 1495198157Srrs/* ARC4, HMAC (SHA-384, SHA-512) - 480 bytes (not including 8 bytes from instruction) */ 1496198157Srrstypedef struct ARC4StateHMAC2_s { 1497198627Srrs uint64_t cipherKey0; 1498198627Srrs uint64_t cipherKey1; 1499198627Srrs uint64_t cipherKey2; 1500198627Srrs uint64_t cipherKey3; 1501198627Srrs uint64_t hmacKey0; 1502198627Srrs uint64_t hmacKey1; 1503198627Srrs uint64_t hmacKey2; 1504198627Srrs uint64_t hmacKey3; 1505198627Srrs uint64_t hmacKey4; 1506198627Srrs uint64_t hmacKey5; 1507198627Srrs uint64_t hmacKey6; 1508198627Srrs uint64_t hmacKey7; 1509198627Srrs uint64_t hmacKey8; 1510198627Srrs uint64_t hmacKey9; 1511198627Srrs uint64_t hmacKey10; 1512198627Srrs uint64_t hmacKey11; 1513198627Srrs uint64_t hmacKey12; 1514198627Srrs uint64_t hmacKey13; 1515198627Srrs uint64_t hmacKey14; 1516198627Srrs uint64_t hmacKey15; 1517198627Srrs uint64_t PAD0; 1518198627Srrs uint64_t PAD1; 1519198627Srrs uint64_t PAD2; 1520198627Srrs uint64_t Arc4SboxData0; 1521198627Srrs uint64_t Arc4SboxData1; 1522198627Srrs uint64_t Arc4SboxData2; 1523198627Srrs uint64_t Arc4SboxData3; 1524198627Srrs uint64_t Arc4SboxData4; 1525198627Srrs uint64_t Arc4SboxData5; 1526198627Srrs uint64_t Arc4SboxData6; 1527198627Srrs uint64_t Arc4SboxData7; 1528198627Srrs uint64_t Arc4SboxData8; 1529198627Srrs uint64_t Arc4SboxData9; 1530198627Srrs uint64_t Arc4SboxData10; 1531198627Srrs uint64_t Arc4SboxData11; 1532198627Srrs uint64_t Arc4SboxData12; 1533198627Srrs uint64_t Arc4SboxData13; 1534198627Srrs uint64_t Arc4SboxData14; 1535198627Srrs uint64_t Arc4SboxData15; 1536198627Srrs uint64_t Arc4SboxData16; 1537198627Srrs uint64_t Arc4SboxData17; 1538198627Srrs uint64_t Arc4SboxData18; 1539198627Srrs uint64_t Arc4SboxData19; 1540198627Srrs uint64_t Arc4SboxData20; 1541198627Srrs uint64_t Arc4SboxData21; 1542198627Srrs uint64_t Arc4SboxData22; 1543198627Srrs uint64_t Arc4SboxData23; 1544198627Srrs uint64_t Arc4SboxData24; 1545198627Srrs uint64_t Arc4SboxData25; 1546198627Srrs uint64_t Arc4SboxData26; 1547198627Srrs uint64_t Arc4SboxData27; 1548198627Srrs uint64_t Arc4SboxData28; 1549198627Srrs uint64_t Arc4SboxData29; 1550198627Srrs uint64_t Arc4SboxData30; 1551198627Srrs uint64_t Arc4SboxData31; 1552198627Srrs uint64_t Arc4IJData; 1553198627Srrs uint64_t PAD3; 1554198627Srrs uint64_t PAD4; 1555198627Srrs uint64_t PAD5; 1556198627Srrs} ARC4StateHMAC2_t, *ARC4StateHMAC2_pt; 1557198157Srrs 1558198157Srrs/* ARC4, GCM - 408 bytes (not including 8 bytes from instruction) */ 1559198157Srrstypedef struct ARC4StateGCM_s { 1560198627Srrs uint64_t cipherKey0; 1561198627Srrs uint64_t cipherKey1; 1562198627Srrs uint64_t cipherKey2; 1563198627Srrs uint64_t cipherKey3; 1564198627Srrs uint64_t GCMH0; 1565198627Srrs uint64_t GCMH1; 1566198627Srrs uint64_t GCMSCI; 1567198627Srrs uint64_t PAD0; 1568198627Srrs uint64_t PAD1; 1569198627Srrs uint64_t PAD2; 1570198627Srrs uint64_t PAD3; 1571198627Srrs uint64_t PAD4; 1572198627Srrs uint64_t PAD5; 1573198627Srrs uint64_t PAD6; 1574198627Srrs uint64_t PAD7; 1575198627Srrs uint64_t Arc4SboxData0; 1576198627Srrs uint64_t Arc4SboxData1; 1577198627Srrs uint64_t Arc4SboxData2; 1578198627Srrs uint64_t Arc4SboxData3; 1579198627Srrs uint64_t Arc4SboxData4; 1580198627Srrs uint64_t Arc4SboxData5; 1581198627Srrs uint64_t Arc4SboxData6; 1582198627Srrs uint64_t Arc4SboxData7; 1583198627Srrs uint64_t Arc4SboxData8; 1584198627Srrs uint64_t Arc4SboxData9; 1585198627Srrs uint64_t Arc4SboxData10; 1586198627Srrs uint64_t Arc4SboxData11; 1587198627Srrs uint64_t Arc4SboxData12; 1588198627Srrs uint64_t Arc4SboxData13; 1589198627Srrs uint64_t Arc4SboxData14; 1590198627Srrs uint64_t Arc4SboxData15; 1591198627Srrs uint64_t Arc4SboxData16; 1592198627Srrs uint64_t Arc4SboxData17; 1593198627Srrs uint64_t Arc4SboxData18; 1594198627Srrs uint64_t Arc4SboxData19; 1595198627Srrs uint64_t Arc4SboxData20; 1596198627Srrs uint64_t Arc4SboxData21; 1597198627Srrs uint64_t Arc4SboxData22; 1598198627Srrs uint64_t Arc4SboxData23; 1599198627Srrs uint64_t Arc4SboxData24; 1600198627Srrs uint64_t Arc4SboxData25; 1601198627Srrs uint64_t Arc4SboxData26; 1602198627Srrs uint64_t Arc4SboxData27; 1603198627Srrs uint64_t Arc4SboxData28; 1604198627Srrs uint64_t Arc4SboxData29; 1605198627Srrs uint64_t Arc4SboxData30; 1606198627Srrs uint64_t Arc4SboxData31; 1607198627Srrs uint64_t Arc4IJData; 1608198627Srrs uint64_t PAD8; 1609198627Srrs uint64_t PAD9; 1610198627Srrs uint64_t PAD10; 1611198627Srrs} ARC4StateGCM_t, *ARC4StateGCM_pt; 1612198157Srrs 1613198157Srrs/* ARC4, F9 - 408 bytes (not including 8 bytes from instruction) */ 1614198157Srrstypedef struct ARC4StateF9_s { 1615198627Srrs uint64_t cipherKey0; 1616198627Srrs uint64_t cipherKey1; 1617198627Srrs uint64_t cipherKey2; 1618198627Srrs uint64_t cipherKey3; 1619198627Srrs uint64_t authKey0; 1620198627Srrs uint64_t authKey1; 1621198627Srrs uint64_t PAD0; 1622198627Srrs uint64_t PAD1; 1623198627Srrs uint64_t PAD2; 1624198627Srrs uint64_t PAD3; 1625198627Srrs uint64_t PAD4; 1626198627Srrs uint64_t PAD5; 1627198627Srrs uint64_t PAD6; 1628198627Srrs uint64_t PAD7; 1629198627Srrs uint64_t PAD8; 1630198627Srrs uint64_t Arc4SboxData0; 1631198627Srrs uint64_t Arc4SboxData1; 1632198627Srrs uint64_t Arc4SboxData2; 1633198627Srrs uint64_t Arc4SboxData3; 1634198627Srrs uint64_t Arc4SboxData4; 1635198627Srrs uint64_t Arc4SboxData5; 1636198627Srrs uint64_t Arc4SboxData6; 1637198627Srrs uint64_t Arc4SboxData7; 1638198627Srrs uint64_t Arc4SboxData8; 1639198627Srrs uint64_t Arc4SboxData9; 1640198627Srrs uint64_t Arc4SboxData10; 1641198627Srrs uint64_t Arc4SboxData11; 1642198627Srrs uint64_t Arc4SboxData12; 1643198627Srrs uint64_t Arc4SboxData13; 1644198627Srrs uint64_t Arc4SboxData14; 1645198627Srrs uint64_t Arc4SboxData15; 1646198627Srrs uint64_t Arc4SboxData16; 1647198627Srrs uint64_t Arc4SboxData17; 1648198627Srrs uint64_t Arc4SboxData18; 1649198627Srrs uint64_t Arc4SboxData19; 1650198627Srrs uint64_t Arc4SboxData20; 1651198627Srrs uint64_t Arc4SboxData21; 1652198627Srrs uint64_t Arc4SboxData22; 1653198627Srrs uint64_t Arc4SboxData23; 1654198627Srrs uint64_t Arc4SboxData24; 1655198627Srrs uint64_t Arc4SboxData25; 1656198627Srrs uint64_t Arc4SboxData26; 1657198627Srrs uint64_t Arc4SboxData27; 1658198627Srrs uint64_t Arc4SboxData28; 1659198627Srrs uint64_t Arc4SboxData29; 1660198627Srrs uint64_t Arc4SboxData30; 1661198627Srrs uint64_t Arc4SboxData31; 1662198627Srrs uint64_t Arc4IJData; 1663198627Srrs uint64_t PAD9; 1664198627Srrs uint64_t PAD10; 1665198627Srrs uint64_t PAD11; 1666198627Srrs} ARC4StateF9_t, *ARC4StateF9_pt; 1667198157Srrs 1668198157Srrs/* ARC4, Non-HMAC (MD5, SHA-1, SHA-256) - 32 bytes */ 1669198157Srrstypedef struct ARC4_s { 1670198627Srrs uint64_t cipherKey0; 1671198627Srrs uint64_t cipherKey1; 1672198627Srrs uint64_t cipherKey2; 1673198627Srrs uint64_t cipherKey3; 1674198627Srrs} ARC4_t, *ARC4_pt; 1675198157Srrs 1676198157Srrs/* ARC4, Non-HMAC (MD5, SHA-1, SHA-256) - 344 bytes (not including 8 bytes from instruction) */ 1677198157Srrstypedef struct ARC4State_s { 1678198627Srrs uint64_t cipherKey0; 1679198627Srrs uint64_t cipherKey1; 1680198627Srrs uint64_t cipherKey2; 1681198627Srrs uint64_t cipherKey3; 1682198627Srrs uint64_t PAD0; 1683198627Srrs uint64_t PAD1; 1684198627Srrs uint64_t PAD2; 1685198627Srrs uint64_t Arc4SboxData0; 1686198627Srrs uint64_t Arc4SboxData1; 1687198627Srrs uint64_t Arc4SboxData2; 1688198627Srrs uint64_t Arc4SboxData3; 1689198627Srrs uint64_t Arc4SboxData4; 1690198627Srrs uint64_t Arc4SboxData5; 1691198627Srrs uint64_t Arc4SboxData6; 1692198627Srrs uint64_t Arc4SboxData7; 1693198627Srrs uint64_t Arc4SboxData8; 1694198627Srrs uint64_t Arc4SboxData9; 1695198627Srrs uint64_t Arc4SboxData10; 1696198627Srrs uint64_t Arc4SboxData11; 1697198627Srrs uint64_t Arc4SboxData12; 1698198627Srrs uint64_t Arc4SboxData13; 1699198627Srrs uint64_t Arc4SboxData14; 1700198627Srrs uint64_t Arc4SboxData15; 1701198627Srrs uint64_t Arc4SboxData16; 1702198627Srrs uint64_t Arc4SboxData17; 1703198627Srrs uint64_t Arc4SboxData18; 1704198627Srrs uint64_t Arc4SboxData19; 1705198627Srrs uint64_t Arc4SboxData20; 1706198627Srrs uint64_t Arc4SboxData21; 1707198627Srrs uint64_t Arc4SboxData22; 1708198627Srrs uint64_t Arc4SboxData23; 1709198627Srrs uint64_t Arc4SboxData24; 1710198627Srrs uint64_t Arc4SboxData25; 1711198627Srrs uint64_t Arc4SboxData26; 1712198627Srrs uint64_t Arc4SboxData27; 1713198627Srrs uint64_t Arc4SboxData28; 1714198627Srrs uint64_t Arc4SboxData29; 1715198627Srrs uint64_t Arc4SboxData30; 1716198627Srrs uint64_t Arc4SboxData31; 1717198627Srrs uint64_t Arc4IJData; 1718198627Srrs uint64_t PAD3; 1719198627Srrs uint64_t PAD4; 1720198627Srrs uint64_t PAD5; 1721198627Srrs} ARC4State_t, *ARC4State_pt; 1722198157Srrs 1723198157Srrs/* Kasumi f8 - 32 bytes */ 1724198157Srrstypedef struct KASUMIF8_s { 1725198627Srrs uint64_t cipherKey0; 1726198627Srrs uint64_t cipherKey1; 1727198627Srrs} KASUMIF8_t, *KASUMIF8_pt; 1728198157Srrs 1729198157Srrs/* Kasumi f8 + HMAC (MD5, SHA-1, SHA-256) - 80 bytes */ 1730198157Srrstypedef struct KASUMIF8HMAC_s { 1731198627Srrs uint64_t cipherKey0; 1732198627Srrs uint64_t cipherKey1; 1733198627Srrs uint64_t hmacKey0; 1734198627Srrs uint64_t hmacKey1; 1735198627Srrs uint64_t hmacKey2; 1736198627Srrs uint64_t hmacKey3; 1737198627Srrs uint64_t hmacKey4; 1738198627Srrs uint64_t hmacKey5; 1739198627Srrs uint64_t hmacKey6; 1740198627Srrs uint64_t hmacKey7; 1741198627Srrs} KASUMIF8HMAC_t, *KASUMIF8HMAC_pt; 1742198157Srrs 1743198157Srrs/* Kasumi f8 + HMAC (SHA-384, SHA-512) - 144 bytes */ 1744198157Srrstypedef struct KASUMIF8HMAC2_s { 1745198627Srrs uint64_t cipherKey0; 1746198627Srrs uint64_t cipherKey1; 1747198627Srrs uint64_t hmacKey0; 1748198627Srrs uint64_t hmacKey1; 1749198627Srrs uint64_t hmacKey2; 1750198627Srrs uint64_t hmacKey3; 1751198627Srrs uint64_t hmacKey4; 1752198627Srrs uint64_t hmacKey5; 1753198627Srrs uint64_t hmacKey6; 1754198627Srrs uint64_t hmacKey7; 1755198627Srrs uint64_t hmacKey8; 1756198627Srrs uint64_t hmacKey9; 1757198627Srrs uint64_t hmacKey10; 1758198627Srrs uint64_t hmacKey11; 1759198627Srrs uint64_t hmacKey12; 1760198627Srrs uint64_t hmacKey13; 1761198627Srrs uint64_t hmacKey14; 1762198627Srrs uint64_t hmacKey15; 1763198627Srrs} KASUMIF8HMAC2_t, *KASUMIF8HMAC2_pt; 1764198157Srrs 1765198157Srrs/* Kasumi f8 + GCM - 144 bytes */ 1766198157Srrstypedef struct KASUMIF8GCM_s { 1767198627Srrs uint64_t cipherKey0; 1768198627Srrs uint64_t cipherKey1; 1769198627Srrs uint64_t GCMH0; 1770198627Srrs uint64_t GCMH1; 1771198627Srrs uint64_t GCMSCI; 1772198627Srrs} KASUMIF8GCM_t, *KASUMIF8GCM_pt; 1773198157Srrs 1774198157Srrs/* Kasumi f8 + f9 - 32 bytes */ 1775198157Srrstypedef struct KASUMIF8F9_s { 1776198627Srrs uint64_t cipherKey0; 1777198627Srrs uint64_t cipherKey1; 1778198627Srrs uint64_t authKey0; 1779198627Srrs uint64_t authKey1; 1780198627Srrs} KASUMIF8F9_t, *KASUMIF8F9_pt; 1781198157Srrs 1782198157Srrstypedef union CipherHashInfo_u { 1783198627Srrs AES256HMAC_t infoAES256HMAC; 1784198627Srrs AES256_t infoAES256; 1785198627Srrs AES192HMAC_t infoAES192HMAC; 1786198627Srrs AES192_t infoAES192; 1787198627Srrs AES128HMAC_t infoAES128HMAC; 1788198627Srrs AES128_t infoAES128; 1789198627Srrs DESHMAC_t infoDESHMAC; 1790198627Srrs DES_t infoDES; 1791198627Srrs DES3HMAC_t info3DESHMAC; 1792198627Srrs DES3_t info3DES; 1793198627Srrs HMAC_t infoHMAC; 1794198627Srrs /* ARC4 */ 1795198627Srrs ARC4HMAC_t infoARC4HMAC; 1796198627Srrs ARC4StateHMAC_t infoARC4StateHMAC; 1797198627Srrs ARC4_t infoARC4; 1798198627Srrs ARC4State_t infoARC4State; 1799198627Srrs /* AES mode F8 */ 1800198627Srrs AES256F8HMAC_t infoAES256F8HMAC; 1801198627Srrs AES256F8_t infoAES256F8; 1802198627Srrs AES192F8HMAC_t infoAES192F8HMAC; 1803198627Srrs AES192F8_t infoAES192F8; 1804198627Srrs AES128F8HMAC_t infoAES128F8HMAC; 1805198627Srrs AES128F8_t infoAES128F8; 1806198627Srrs /* KASUMI F8 */ 1807198627Srrs KASUMIF8HMAC_t infoKASUMIF8HMAC; 1808198627Srrs KASUMIF8_t infoKASUMIF8; 1809198627Srrs /* GCM */ 1810198627Srrs GCM_t infoGCM; 1811198627Srrs AES256F8GCM_t infoAES256F8GCM; 1812198627Srrs AES192F8GCM_t infoAES192F8GCM; 1813198627Srrs AES128F8GCM_t infoAES128F8GCM; 1814198627Srrs AES256GCM_t infoAES256GCM; 1815198627Srrs AES192GCM_t infoAES192GCM; 1816198627Srrs AES128GCM_t infoAES128GCM; 1817198627Srrs DESGCM_t infoDESGCM; 1818198627Srrs DES3GCM_t info3DESGCM; 1819198627Srrs ARC4GCM_t infoARC4GCM; 1820198627Srrs ARC4StateGCM_t infoARC4StateGCM; 1821198627Srrs KASUMIF8GCM_t infoKASUMIF8GCM; 1822198627Srrs /* HMAC2 */ 1823198627Srrs HMAC2_t infoHMAC2; 1824198627Srrs AES256F8HMAC2_t infoAES256F8HMAC2; 1825198627Srrs AES192F8HMAC2_t infoAES192F8HMAC2; 1826198627Srrs AES128F8HMAC2_t infoAES128F8HMAC2; 1827198627Srrs AES256HMAC2_t infoAES256HMAC2; 1828198627Srrs AES192HMAC2_t infoAES192HMAC2; 1829198627Srrs AES128HMAC2_t infoAES128HMAC2; 1830198627Srrs DESHMAC2_t infoDESHMAC2; 1831198627Srrs DES3HMAC2_t info3DESHMAC2; 1832198627Srrs ARC4HMAC2_t infoARC4HMAC2; 1833198627Srrs ARC4StateHMAC2_t infoARC4StateHMAC2; 1834198627Srrs KASUMIF8HMAC2_t infoKASUMIF8HMAC2; 1835198627Srrs /* F9 */ 1836198627Srrs F9_t infoF9; 1837198627Srrs AES256F8F9_t infoAES256F8F9; 1838198627Srrs AES192F8F9_t infoAES192F8F9; 1839198627Srrs AES128F8F9_t infoAES128F8F9; 1840198627Srrs AES256F9_t infoAES256F9; 1841198627Srrs AES192F9_t infoAES192F9; 1842198627Srrs AES128F9_t infoAES128F9; 1843198627Srrs DESF9_t infoDESF9; 1844198627Srrs DES3F9_t info3DESF9; 1845198627Srrs ARC4F9_t infoARC4F9; 1846198627Srrs ARC4StateF9_t infoARC4StateF9; 1847198627Srrs KASUMIF8F9_t infoKASUMIF8F9; 1848198627Srrs} CipherHashInfo_t, *CipherHashInfo_pt; 1849198157Srrs 1850198157Srrs 1851198627Srrs/* 1852198627Srrs * 1853198627Srrs * ControlDescriptor_s datastructure 1854198627Srrs * 1855198157Srrs */ 1856198157Srrs 1857198157Srrstypedef struct ControlDescriptor_s { 1858198627Srrs uint64_t instruction; 1859198627Srrs CipherHashInfo_t cipherHashInfo; 1860198627Srrs} ControlDescriptor_t, *ControlDescriptor_pt; 1861198157Srrs 1862198157Srrs 1863198157Srrs 1864198157Srrs 1865198157Srrs/* ********************************************************************** 1866198157Srrs * PacketDescriptor_t 1867198157Srrs * ********************************************************************** 1868198157Srrs */ 1869198157Srrs 1870198157Srrs/* /--------------------------------------------\ 1871198157Srrs * | | 1872198157Srrs * | New PacketDescriptor_s datastructure | 1873198157Srrs * | | 1874198157Srrs * \--------------------------------------------/ 1875198157Srrs * 1876198157Srrs * 1877198157Srrs * 1878198157Srrs * PacketDescriptor_t.srcLengthIVOffUseIVNext 1879198157Srrs * ------------------------------------------ 1880198157Srrs * 1881198627Srrs * 63 62 61 59 58 57 56 54 53 43 1882198157Srrs * ------------------------------------------------------------------------------------------------ 1883198157Srrs * || Load HMAC key || Pad Hash || Hash Byte Count || Next || Use IV || IV Offset || Packet length || ... CONT ... 1884198157Srrs * ------------------------------------------------------------------------------------------------ 1885198157Srrs * 1 1 3 1 1 3 11 1886198157Srrs * 1887198157Srrs * 1888198157Srrs * 42 41 40 39 5 4 3 2 1889198157Srrs * 0 1890198157Srrs * ---------------------------------------------------------------------------------------------------- 1891198157Srrs * || NLHMAC || Break || Wait || Segment src address || SRTCP || Reserved || Global src data offset || 1892198157Srrs * ---------------------------------------------------------------------------------------------------- 1893198157Srrs * 1 1 1 35 1 1 3 1894198157Srrs * 1895198157Srrs * 1896198157Srrs * 1897198157Srrs * Load HMAC key = 1'b0 Preserve old HMAC key stored in Auth engine (moot if HASH.HMAC == 0) 1898198157Srrs * 1'b1 Load HMAC key from ID registers at beginning of op 1899198157Srrs * If GCM is selected as authenticator, setting this bit 1900198157Srrs * will cause the H value from ID to be loaded to the engine 1901198157Srrs * If Kasumi F9 is selected as authenticator, setting this bit 1902198157Srrs * will cause the IK value from ID to be loaded to the engine. 1903198157Srrs * Pad Hash = 1'b0 HASH will assume the data was padded to be a multiple 1904198157Srrs * of 512 bits in length and that the last 64 bit word 1905198157Srrs * expresses the total datalength in bits seen by HASH engine 1906198157Srrs * 1'b1 The data was not padded to be a multiple of 512 bits in length; 1907198157Srrs * The Hash engine will do its own padding to generate the correct digest. 1908198157Srrs * Ignored by GCM (always does its own padding) 1909198157Srrs * Hash Byte Count Number of BYTES on last 64-bit data word to use in digest calculation RELEVANT ONLY IF Pad Hash IS SET 1910198157Srrs * 3'b000 Use all 8 1911198157Srrs * 3'b001 Use first (MS) byte only (0-out rest), i.e., 0xddXXXXXXXXXXXXXX 1912198157Srrs * 3'b010 Use first 2 bytes only (0-out rest), i.e., 0xddddXXXXXXXXXXXX ... etc 1913198157Srrs * Next = 1'b0 Finish (return msg descriptor) at end of operation 1914198157Srrs * 1'b1 Grab the next PacketDescriptor (i.e. next cache-line) when the current is complete. 1915198157Srrs * This allows for fragmentation/defragmentation and processing of large (>16kB) packets. 1916198157Srrs * The sequence of adjacent PacketDescriptor acts as a contiguous linked list of 1917198157Srrs * pointers to the actual packets with Next==0 on the last PacketDescriptor to end processing. 1918198157Srrs * Use IV = 1'b0 On first frag: Use old IV 1919198157Srrs * On subsequent frags: Do not write out to DST the (dword) offset data 1920198157Srrs * 1'b1 On first frag: Use data @ Segment_address + IV_Offset as IV 1921198157Srrs * On subsequent frags: Do write out to DST the (dword) offset data 1922198157Srrs * IV Offset = On first frag: Offset IN NB OF 8 BYTE WORDS (dwords) from beginning of packet 1923198157Srrs * (i.e. (Potentially byte-shifted) Segment address) to cipher IV 1924198627Srrs * On subsequent frags: Offset to beginning of data to process; data to offset won't 1925198157Srrs * be given to engines and will be written out to dst in the clear. 1926198157Srrs * ON SUBSEQUENT FRAGS, IV_Offset MAY NOT EXCEED 3; LARGER VALUES WILL CAUSE AN ERROR 1927198157Srrs * SEE ERROR CONDITIONS BELOW 1928198157Srrs * Packet length = Nb double words to stream in (Including Segment address->CP/IV/Auth/CkSum offsets) 1929198157Srrs * This is the total amount of data (x8 in bytes) read (+1 dword if "Global src data offset" != 0) 1930198157Srrs * This is the total amount of data (x8 in bytes) written (+1 dword if "Global dst data offset" != 0, if Dst dword offset == 0) 1931198157Srrs * If Packet length == 11'h7ff and (Global src data offset != 0 or Global dst data offset != 0) 1932198157Srrs * the operation is aborted (no mem writes occur) 1933198157Srrs * and the "Insufficient Data To Cipher" error flag is raised 1934198157Srrs * NLHMAC = No last to hmac. Setting this to 1 will prevent the transmission of the last DWORD 1935198157Srrs * to the authenticator, i.e., the DWORD before last will be designated as last for the purposes of authentication. 1936198157Srrs * Break = Break a wait (see below) state - causes the operation to be flushed and free descriptor to be returned. 1937198157Srrs * Activated if DFetch blocked by Wait and Wait still active. 1938198157Srrs * AS OF 02/10/2005 THIS FEATURE IS EXPERIMENTAL 1939198157Srrs * Wait = Setting that bit causes the operation to block in DFetch stage. 1940198157Srrs * DFetch will keep polling the memory location until the bit is reset at which time 1941198157Srrs * the pipe resumes normal operation. This feature is convenient for software dealing with fragmented packets. 1942198157Srrs * AS OF 02/10/2005 THIS FEATURE IS EXPERIMENTAL 1943198157Srrs * Segment src address = 35 MSB of pointer to src data (i.e., cache-line aligned) 1944198157Srrs * SRTCP = Bypass the cipher for the last 4 bytes of data, i.e. the last 4 bytes will be sent to memory 1945198157Srrs * and the authenticator in the clear. Applicable to last packet descriptor andlast frag only. 1946198157Srrs * This accommodates a requirement of SRTCP. 1947198157Srrs * Global src data offset = Nb BYTES to right-shift data by before presenting it to engines 1948198157Srrs * (0-7); allows realignment of byte-aligned, non-double-word aligned data 1949198157Srrs * 1950198157Srrs * PacketDescriptor_t.dstDataSettings 1951198157Srrs * ---------------------------------- 1952198157Srrs * 1953198157Srrs * 1954198157Srrs * 63 62 60 59 58 56 55 54 53 52 41 40 1955198157Srrs * ------------------------------------------------------------------------------------------------------------ 1956198157Srrs * || CipherPrefix | Arc4ByteCount | E/D | Cipher_Offset || Hash_Offset | Hash_Src || CkSum_Offset | CkSum_Src || ... CONT ... 1957198157Srrs * ------------------------------------------------------------------------------------------------------------ 1958198157Srrs * 1 3 1 3 2 1 12 1 1959198157Srrs * <-----------------------CIPHER-----------------------><---------HASH-----------><-------CHECKSUM-----------> 1960198157Srrs * 1961198157Srrs * 1962198157Srrs * CipherPrefix = 128'b0 will be sent to the selected cipher 1963198157Srrs * KEEP VALUE ON ALL FRAGS after the IV is loaded, before the actual data goes in. 1964198157Srrs * The result of that encryption (aka E(K, 0))will be stored 1965198157Srrs * locally and XOR-ed with the auth digest to create the final 1966198157Srrs * digest at the end of the auth OP: 1967198157Srrs * This is covered by the GCM spec 1968198157Srrs * AesPrefix = 1'b1 -> Force E=Cipher(K,0) before start of data encr. 1969198157Srrs * -> Digest ^= E 1970198157Srrs * AesPrefix = 1'b0 -> Regular digest 1971198157Srrs * This flag is ignored if no cipher is chosen (Bypass condition) 1972198157Srrs * X0 Arc4ByteCount = Number of BYTES on last 64-bit data word to encrypt 1973198157Srrs * 3'b000 Encrypt all 8 1974198157Srrs * 3'b001 Encrypt first (MS) byte only i.e., 0xddXXXXXXXXXXXXXX 1975198157Srrs * 3'b010 Encrypt first 2 bytes only i.e., 0xddddXXXXXXXXXXXX ... etc 1976198157Srrs * In reality, all are encrypted, however, the SBOX 1977198157Srrs * is not written past the last byte to encrypt 1978198157Srrs * E/D = 1'b0 Decrypt 1979198157Srrs * 1'b1 Encrypt 1980198157Srrs * Overloaded to also mean IV byte offset for first frag 1981198627Srrs * Cipher_Offset = Nb of words between the first data segment 1982198157Srrs * and word on which to start cipher operation 1983198157Srrs * (64 BIT WORDS !!!) 1984198157Srrs * Hash_Offset = Nb of words between the first data segment 1985198627Srrs * and word on which to start hashing 1986198157Srrs * (64 bit words) 1987198157Srrs * Hash_Src = 1'b0 DMA channel 1988198627Srrs * 1'b1 Cipher if word count exceeded Cipher_Offset; 1989198157Srrs * DMA channel otherwise 1990198627Srrs * CkSum_Offset = Nb of words between the first data segment 1991198627Srrs * and word on which to start 1992198157Srrs * checksum calculation (32 BIT WORDS !!!) 1993198157Srrs * CkSum_Src = 1'b0 DMA channel 1994198157Srrs * 1'b1 Cipher if word count exceeded Cipher_Offset 1995198157Srrs * DMA channel otherwise 1996198157Srrs * Cipher dst address = 35 MSB of pointer to dst location (i.e., cache-line aligned) 1997198157Srrs * Dst dword offset = Nb of double-words to left-shift data from spec'ed Cipher dst address before writing it to memory 1998198157Srrs * Global dst data offset = Nb BYTES to left-shift (double-word boundary aligned) data by before writing it to memory 1999198157Srrs * 2000198157Srrs * 2001198157Srrs * PacketDescriptor_t.authDstNonceLow 2002198157Srrs * ---------------------------------- 2003198157Srrs * 2004198627Srrs * 63 40 39 5 4 0 2005198157Srrs * ----------------------------------------------------- 2006198157Srrs * || Nonce_Low || Auth_dst_address || Cipher_Offset_Hi || 2007198157Srrs * ----------------------------------------------------- 2008198157Srrs * 24 35 5 2009198157Srrs * 2010198157Srrs * 2011198157Srrs * 2012198157Srrs * Nonce_Low = Nonce[23:0] 24 least significant bits of 32-bit long nonce 2013198157Srrs * Used by AES in counter mode 2014198157Srrs * Auth_dst_address = 35 MSB of pointer to authentication dst location (i.e., cache-line aligned) 2015198157Srrs * X0 Cipher_Offset_Hi = On first frag: 5 MSB of 8-bit Cipher_offset; will be concatenated to 2016198157Srrs * the top of PacketDescriptor_t.dstDataSettings.Cipher_Offset 2017198157Srrs * On subsequent frags: Ignored 2018198157Srrs * 2019198157Srrs * 2020198157Srrs * PacketDescriptor_t.ckSumDstNonceHiCFBMaskLLWMask 2021198157Srrs * ------------------------------------------------ 2022198157Srrs * 2023198157Srrs * 2024198157Srrs * 63 61 60 58 57 56 55 48 47 40 39 5 4 0 2025198157Srrs * ------------------------------------------------------------------------------------------------------------------- 2026198157Srrs * || Hash_Byte_Offset || Packet length bytes || LLWMask || CFB_Mask || Nonce_Hi || CkSum_dst_address || IV_Offset_Hi || 2027198157Srrs * ------------------------------------------------------------------------------------------------------------------- 2028198157Srrs * 3 3 2 8 8 35 5 2029198157Srrs * 2030198157Srrs * 2031198157Srrs * Hash_Byte_Offset = On first frag: Additional offset in bytes to be added to Hash_Offset 2032198157Srrs * to obtain the full offset applied to the data before 2033198157Srrs * submitting it to authenticator 2034198157Srrs * On subsequent frags: Same 2035198157Srrs * Packet length bytes = On one fragment payloads: Ignored (i.e. assumed to be 0, last dword used in its entirety) 2036198157Srrs * On fragments before last: Number of bytes on last fragment dword 2037198157Srrs * On last fragment: Ignored (i.e. assumed to be 0, last dword used in its entirety) 2038198157Srrs * LLWMask, aka, Last_long_word_mask = 2'b00 Give last 128 bit word from AES engine to auth/cksum/wrbbufer as is - applicable in AES CTR only 2039198157Srrs * 2'b11 Mask (zero-out) 32 least significant bits 2040198157Srrs * 2'b10 Mask 64 LSBs 2041198157Srrs * 2'b01 Mask 96 LSBs 2042198157Srrs * If the GCM authenticator is used, setting LLWMask to 2'b10 or 2'b01 2043198157Srrs * will also prevent the transmission of the last DWORD 2044198157Srrs * to the authenticator, i.e., the DWORD before last will 2045198157Srrs * be designated as last for the purposes of authentication. 2046198157Srrs * CFB_Mask = 8 bit mask used by AES in CFB mode 2047198157Srrs * In CTR mode: 2048198157Srrs * CFB_Mask[1:0] = 2'b00 -> Counter[127:0] = {Nonce[31:0], IV0[63:0], 4'h00000001} (only 1 IV exp 2049198157Srrsected) regular CTR 2050198157Srrs * 2'b01 -> Counter[127:0] = {Nonce[31:0], IV0[63:0], IV1[31:0]} (2 IV expected 2051198157Srrs) CCMP 2052198157Srrs * 2'b10 -> Counter[127:0] = {IV1[63:0], IV0[31:0], Nonce[31:0]} (2 IV expected 2053198157Srrs) GCM with SCI 2054198157Srrs * 2'b11 -> Counter[127:0] = {IDecode.SCI[63:0], IV0[31:0], Nonce[31:0]} (1 IV expected 2055198157Srrs) GCM w/o SCI 2056198157Srrs * Nonce_Hi = Nonce[31:24] 8 most significant bits of 32-bit long nonce 2057198157Srrs * Used by AES in counter mode 2058198157Srrs * CkSum_dst_address = 35 MSB of pointer to cksum dst location (i.e., cache-line aligned) 2059198157Srrs * X0 IV_Offset_Hi = On first frag: 5 MSB of 8-bit IV offset; will be concatenated to 2060198157Srrs * the top of PacketDescriptor_t.srcLengthIVOffUseIVNext.IV_Offset 2061198157Srrs * On subsequent frags: Ignored 2062198157Srrs */ 2063198157Srrs 2064198157Srrs/* #define PKT_DSC_LOADHMACKEY */ 2065198157Srrs#define PKT_DSC_LOADHMACKEY_OLD 0 2066198157Srrs#define PKT_DSC_LOADHMACKEY_LOAD 1 2067198157Srrs#define PKT_DSC_LOADHMACKEY_LSB 63 2068198157Srrs#define PKT_DSC_LOADHMACKEY_BITS ONE_BIT 2069198157Srrs#define PKT_DSC_LOADHMACKEY_MASK \ 2070198157Srrs (PKT_DSC_LOADHMACKEY_BITS << PKT_DSC_LOADHMACKEY_LSB) 2071198157Srrs 2072198157Srrs/* #define PKT_DSC_PADHASH */ 2073198157Srrs#define PKT_DSC_PADHASH_PADDED 0 2074198627Srrs#define PKT_DSC_PADHASH_PAD 1 /* requires padding */ 2075198157Srrs#define PKT_DSC_PADHASH_LSB 62 2076198157Srrs#define PKT_DSC_PADHASH_BITS ONE_BIT 2077198157Srrs#define PKT_DSC_PADHASH_MASK (PKT_DSC_PADHASH_BITS << PKT_DSC_PADHASH_LSB) 2078198157Srrs 2079198157Srrs/* #define PKT_DSC_HASHBYTES */ 2080198157Srrs#define PKT_DSC_HASHBYTES_ALL8 0 2081198157Srrs#define PKT_DSC_HASHBYTES_MSB 1 2082198157Srrs#define PKT_DSC_HASHBYTES_MSW 2 2083198157Srrs#define PKT_DSC_HASHBYTES_LSB 59 2084198157Srrs#define PKT_DSC_HASHBYTES_BITS THREE_BITS 2085198157Srrs#define PKT_DSC_HASHBYTES_MASK \ 2086198157Srrs (PKT_DSC_HASHBYTES_BITS << PKT_DSC_HASHBYTES_LSB) 2087198157Srrs 2088198157Srrs/* #define PKT_DSC_NEXT */ 2089198157Srrs#define PKT_DSC_NEXT_FINISH 0 2090198157Srrs#define PKT_DSC_NEXT_DO 1 2091198157Srrs#define PKT_DSC_NEXT_LSB 58 2092198157Srrs#define PKT_DSC_NEXT_BITS ONE_BIT 2093198157Srrs#define PKT_DSC_NEXT_MASK (PKT_DSC_NEXT_BITS << PKT_DSC_NEXT_LSB) 2094198157Srrs 2095198157Srrs/* #define PKT_DSC_IV */ 2096198157Srrs#define PKT_DSC_IV_OLD 0 2097198157Srrs#define PKT_DSC_IV_NEW 1 2098198157Srrs#define PKT_DSC_IV_LSB 57 2099198157Srrs#define PKT_DSC_IV_BITS ONE_BIT 2100198157Srrs#define PKT_DSC_IV_MASK (PKT_DSC_IV_BITS << PKT_DSC_IV_LSB) 2101198157Srrs 2102198157Srrs/* #define PKT_DSC_IVOFF */ 2103198157Srrs#define PKT_DSC_IVOFF_LSB 54 2104198157Srrs#define PKT_DSC_IVOFF_BITS THREE_BITS 2105198157Srrs#define PKT_DSC_IVOFF_MASK (PKT_DSC_IVOFF_BITS << PKT_DSC_IVOFF_LSB) 2106198157Srrs 2107198157Srrs/* #define PKT_DSC_PKTLEN */ 2108198157Srrs#define PKT_DSC_PKTLEN_LSB 43 2109198157Srrs#define PKT_DSC_PKTLEN_BITS ELEVEN_BITS 2110198157Srrs#define PKT_DSC_PKTLEN_MASK (PKT_DSC_PKTLEN_BITS << PKT_DSC_PKTLEN_LSB) 2111198157Srrs 2112198157Srrs/* #define PKT_DSC_NLHMAC */ 2113198157Srrs#define PKT_DSC_NLHMAC_LSB 42 2114198157Srrs#define PKT_DSC_NLHMAC_BITS ONE_BIT 2115198157Srrs#define PKT_DSC_NLHMAC_MASK (PKT_DSC_NLHMAC_BITS << PKT_DSC_NLHMAC_LSB) 2116198157Srrs 2117198157Srrs/* #define PKT_DSC_BREAK */ 2118198157Srrs#define PKT_DSC_BREAK_OLD 0 2119198157Srrs#define PKT_DSC_BREAK_NEW 1 2120198157Srrs#define PKT_DSC_BREAK_LSB 41 2121198157Srrs#define PKT_DSC_BREAK_BITS ONE_BIT 2122198157Srrs#define PKT_DSC_BREAK_MASK (PKT_DSC_BREAK_BITS << PKT_DSC_BREAK_LSB) 2123198157Srrs 2124198157Srrs/* #define PKT_DSC_WAIT */ 2125198157Srrs#define PKT_DSC_WAIT_OLD 0 2126198157Srrs#define PKT_DSC_WAIT_NEW 1 2127198157Srrs#define PKT_DSC_WAIT_LSB 40 2128198157Srrs#define PKT_DSC_WAIT_BITS ONE_BIT 2129198157Srrs#define PKT_DSC_WAIT_MASK (PKT_DSC_WAIT_BITS << PKT_DSC_WAIT_LSB) 2130198157Srrs 2131198157Srrs/* #define PKT_DSC_SEGADDR */ 2132198627Srrs#define PKT_DSC_SEGADDR_LSB 5 2133198157Srrs#define PKT_DSC_SEGADDR_BITS FOURTY_BITS 2134198157Srrs#define PKT_DSC_SEGADDR_MASK \ 2135198157Srrs (PKT_DSC_SEGADDR_BITS << PKT_DSC_SEGADDR_LSB) 2136198157Srrs 2137198157Srrs/* #define PKT_DSC_SRTCP */ 2138198157Srrs#define PKT_DSC_SRTCP_OFF 0 2139198157Srrs#define PKT_DSC_SRTCP_ON 1 2140198157Srrs#define PKT_DSC_SRTCP_LSB 4 2141198157Srrs#define PKT_DSC_SRTCP_BITS ONE_BIT 2142198157Srrs#define PKT_DSC_SRTCP_MASK (PKT_DSC_SRTCP_BITS << PKT_DSC_SRTCP_LSB) 2143198157Srrs 2144198157Srrs#define PKT_DSC_SEGOFFSET_LSB 0 2145198157Srrs#define PKT_DSC_SEGOFFSET_BITS THREE_BITS 2146198157Srrs#define PKT_DSC_SEGOFFSET_MASK \ 2147198157Srrs (PKT_DSC_SEGOFFSET_BITS << PKT_DSC_SEGOFFSET_LSB) 2148198157Srrs 2149198157Srrs/* ********************************************************************** 2150198157Srrs * PacketDescriptor_t.dstDataSettings 2151198157Srrs * ********************************************************************** 2152198157Srrs */ 2153198157Srrs/* #define PKT_DSC_ARC4BYTECOUNT */ 2154198157Srrs#define PKT_DSC_ARC4BYTECOUNT_ALL8 0 2155198157Srrs#define PKT_DSC_ARC4BYTECOUNT_MSB 1 2156198157Srrs#define PKT_DSC_ARC4BYTECOUNT_MSW 2 2157198157Srrs#define PKT_DSC_ARC4BYTECOUNT_LSB 60 2158198157Srrs#define PKT_DSC_ARC4BYTECOUNT_BITS THREE_BITS 2159198157Srrs#define PKT_DSC_ARC4BYTECOUNT_MASK (PKT_DSC_ARC4BYTECOUNT_BITS << PKT_DSC_ARC4BYTECOUNT_LSB) 2160198627Srrs 2161198157Srrs/* #define PKT_DSC_SYM_OP (symmetric key operation) */ 2162198157Srrs#define PKT_DSC_SYM_OP_DECRYPT 0 2163198157Srrs#define PKT_DSC_SYM_OP_ENCRYPT 1 2164198157Srrs#define PKT_DSC_SYM_OP_LSB 59 2165198157Srrs#define PKT_DSC_SYM_OP_BITS ONE_BIT 2166198157Srrs#define PKT_DSC_SYM_OP_MASK (PKT_DSC_SYM_OP_BITS << PKT_DSC_SYM_OP_LSB) 2167198627Srrs 2168198157Srrs/* #define PKT_DSC_CPHROFF */ 2169198157Srrs#define PKT_DSC_CPHROFF_LSB 56 2170198157Srrs#define PKT_DSC_CPHROFF_BITS THREE_BITS 2171198157Srrs#define PKT_DSC_CPHROFF_MASK (PKT_DSC_CPHROFF_BITS << PKT_DSC_CPHROFF_LSB) 2172198627Srrs 2173198157Srrs/* #define PKT_DSC_HASHOFF */ 2174198157Srrs#define PKT_DSC_HASHOFF_LSB 54 2175198157Srrs#define PKT_DSC_HASHOFF_BITS TWO_BITS 2176198157Srrs#define PKT_DSC_HASHOFF_MASK (PKT_DSC_HASHOFF_BITS << PKT_DSC_HASHOFF_LSB) 2177198627Srrs 2178198157Srrs/* #define PKT_DSC_HASHSRC */ 2179198157Srrs#define PKT_DSC_HASHSRC_DMA 0 2180198157Srrs#define PKT_DSC_HASHSRC_CIPHER 1 2181198157Srrs#define PKT_DSC_HASHSRC_LSB 53 2182198157Srrs#define PKT_DSC_HASHSRC_BITS ONE_BIT 2183198157Srrs#define PKT_DSC_HASHSRC_MASK (PKT_DSC_HASHSRC_BITS << PKT_DSC_HASHSRC_LSB) 2184198157Srrs 2185198157Srrs/* #define PKT_DSC_CKSUMOFF */ 2186198157Srrs#define PKT_DSC_CKSUMOFF_LSB 41 2187198157Srrs#define PKT_DSC_CKSUMOFF_BITS TWELVE_BITS 2188198157Srrs#define PKT_DSC_CKSUMOFF_MASK (PKT_DSC_CKSUMOFF_BITS << PKT_DSC_CKSUMOFF_LSB) 2189198627Srrs 2190198157Srrs/* #define PKT_DSC_CKSUMSRC */ 2191198157Srrs#define PKT_DSC_CKSUMSRC_DMA 0 2192198157Srrs#define PKT_DSC_CKSUMSRC_CIPHER 1 2193198157Srrs#define PKT_DSC_CKSUMSRC_LSB 40 2194198157Srrs#define PKT_DSC_CKSUMSRC_BITS ONE_BIT 2195198157Srrs#define PKT_DSC_CKSUMSRC_MASK (PKT_DSC_CKSUMSRC_BITS << PKT_DSC_CKSUMSRC_LSB) 2196198157Srrs 2197198157Srrs/* #define PKT_DSC_CPHR_DST_ADDR */ 2198198157Srrs#define PKT_DSC_CPHR_DST_ADDR_LSB 0 2199198157Srrs#define PKT_DSC_CPHR_DST_ADDR_BITS FOURTY_BITS 2200198157Srrs#define PKT_DSC_CPHR_DST_ADDR_MASK \ 2201198157Srrs (PKT_DSC_CPHR_DST_ADDR_BITS << PKT_DSC_CPHR_DST_ADDR_LSB) 2202198157Srrs 2203198157Srrs/* #define PKT_DSC_CPHR_DST_DWOFFSET */ 2204198157Srrs#define PKT_DSC_CPHR_DST_DWOFFSET_LSB 3 2205198157Srrs#define PKT_DSC_CPHR_DST_DWOFFSET_BITS TWO_BITS 2206198157Srrs#define PKT_DSC_CPHR_DST_DWOFFSET_MASK \ 2207198157Srrs (PKT_DSC_CPHR_DST_DWOFFSET_BITS << PKT_DSC_CPHR_DST_DWOFFSET_LSB) 2208198157Srrs 2209198157Srrs /* #define PKT_DSC_CPHR_DST_OFFSET */ 2210198157Srrs#define PKT_DSC_CPHR_DST_OFFSET_LSB 0 2211198157Srrs#define PKT_DSC_CPHR_DST_OFFSET_BITS THREE_BITS 2212198157Srrs#define PKT_DSC_CPHR_DST_OFFSET_MASK \ 2213198157Srrs (PKT_DSC_CPHR_DST_OFFSET_BITS << PKT_DSC_CPHR_DST_OFFSET_LSB) 2214198157Srrs 2215198157Srrs/* ********************************************************************** 2216198157Srrs * PacketDescriptor_t.authDstNonceLow 2217198157Srrs * ********************************************************************** 2218198157Srrs */ 2219198157Srrs/* #define PKT_DSC_NONCE_LOW */ 2220198157Srrs#define PKT_DSC_NONCE_LOW_LSB 40 2221198157Srrs#define PKT_DSC_NONCE_LOW_BITS TWENTYFOUR_BITS 2222198157Srrs#define PKT_DSC_NONCE_LOW_MASK \ 2223198157Srrs (PKT_DSC_NONCE_LOW_BITS << PKT_DSC_NONCE_LOW_LSB) 2224198157Srrs 2225198157Srrs/* #define PKT_DSC_AUTH_DST_ADDR */ 2226198157Srrs#define PKT_DSC_AUTH_DST_ADDR_LSB 0 2227198157Srrs#define PKT_DSC_AUTH_DST_ADDR_BITS FOURTY_BITS 2228198157Srrs#define PKT_DSC_AUTH_DST_ADDR_MASK \ 2229198157Srrs (PKT_DSC_AUTH_DST_ADDR_BITS << PKT_DSC_AUTH_DST_ADDR_LSB) 2230198157Srrs 2231198157Srrs/* #define PKT_DSC_CIPH_OFF_HI */ 2232198157Srrs#define PKT_DSC_CIPH_OFF_HI_LSB 0 2233198157Srrs#define PKT_DSC_CIPH_OFF_HI_BITS FIVE_BITS 2234198157Srrs#define PKT_DSC_CIPH_OFF_HI_MASK (PKT_DSC_CIPH_OFF_HI_BITS << PKT_DSC_CIPH_OFF_HI_LSB) 2235198157Srrs 2236198157Srrs/* ********************************************************************** 2237198157Srrs * PacketDescriptor_t.ckSumDstNonceHiCFBMaskLLWMask 2238198157Srrs * ********************************************************************** 2239198157Srrs */ 2240198157Srrs/* #define PKT_DSC_HASH_BYTE_OFF */ 2241198157Srrs#define PKT_DSC_HASH_BYTE_OFF_LSB 61 2242198157Srrs#define PKT_DSC_HASH_BYTE_OFF_BITS THREE_BITS 2243198157Srrs#define PKT_DSC_HASH_BYTE_OFF_MASK (PKT_DSC_HASH_BYTE_OFF_BITS << PKT_DSC_HASH_BYTE_OFF_LSB) 2244198157Srrs 2245198157Srrs/* #define PKT_DSC_PKTLEN_BYTES */ 2246198157Srrs#define PKT_DSC_PKTLEN_BYTES_LSB 58 2247198157Srrs#define PKT_DSC_PKTLEN_BYTES_BITS THREE_BITS 2248198157Srrs#define PKT_DSC_PKTLEN_BYTES_MASK (PKT_DSC_PKTLEN_BYTES_BITS << PKT_DSC_PKTLEN_BYTES_LSB) 2249198157Srrs 2250198157Srrs/* #define PKT_DSC_LASTWORD */ 2251198157Srrs#define PKT_DSC_LASTWORD_128 0 2252198157Srrs#define PKT_DSC_LASTWORD_96MASK 1 2253198157Srrs#define PKT_DSC_LASTWORD_64MASK 2 2254198157Srrs#define PKT_DSC_LASTWORD_32MASK 3 2255198157Srrs#define PKT_DSC_LASTWORD_LSB 56 2256198157Srrs#define PKT_DSC_LASTWORD_BITS TWO_BITS 2257198157Srrs#define PKT_DSC_LASTWORD_MASK (PKT_DSC_LASTWORD_BITS << PKT_DSC_LASTWORD_LSB) 2258198627Srrs 2259198157Srrs/* #define PKT_DSC_CFB_MASK */ 2260198157Srrs#define PKT_DSC_CFB_MASK_LSB 48 2261198157Srrs#define PKT_DSC_CFB_MASK_BITS EIGHT_BITS 2262198157Srrs#define PKT_DSC_CFB_MASK_MASK (PKT_DSC_CFB_MASK_BITS << PKT_DSC_CFB_MASK_LSB) 2263198627Srrs 2264198157Srrs/* #define PKT_DSC_NONCE_HI */ 2265198157Srrs#define PKT_DSC_NONCE_HI_LSB 40 2266198157Srrs#define PKT_DSC_NONCE_HI_BITS EIGHT_BITS 2267198157Srrs#define PKT_DSC_NONCE_HI_MASK (PKT_DSC_NONCE_HI_BITS << PKT_DSC_NONCE_HI_LSB) 2268198157Srrs 2269198157Srrs/* #define PKT_DSC_CKSUM_DST_ADDR */ 2270198157Srrs#define PKT_DSC_CKSUM_DST_ADDR_LSB 5 2271198157Srrs#define PKT_DSC_CKSUM_DST_ADDR_BITS THIRTY_FIVE_BITS 2272198157Srrs#define PKT_DSC_CKSUM_DST_ADDR_MASK (PKT_DSC_CKSUM_DST_ADDR_BITS << PKT_DSC_CKSUM_DST_ADDR_LSB) 2273198157Srrs 2274198157Srrs/* #define PKT_DSC_IV_OFF_HI */ 2275198157Srrs#define PKT_DSC_IV_OFF_HI_LSB 0 2276198157Srrs#define PKT_DSC_IV_OFF_HI_BITS FIVE_BITS 2277198157Srrs#define PKT_DSC_IV_OFF_HI_MASK (PKT_DSC_IV_OFF_HI_BITS << PKT_DSC_IV_OFF_HI_LSB) 2278198157Srrs 2279198157Srrs 2280198157Srrs/* ****************************************************************** 2281198157Srrs * Control Error Code and Conditions 2282198157Srrs * ****************************************************************** 2283198157Srrs */ 2284198627Srrs#define CTL_ERR_NONE 0x0000 /* No Error */ 2285198627Srrs#define CTL_ERR_CIPHER_OP 0x0001 /* Unknown Cipher Op */ 2286198627Srrs#define CTL_ERR_MODE 0x0002 /* Unknown or Not Allowed Mode */ 2287198627Srrs#define CTL_ERR_CHKSUM_SRC 0x0004 /* Unknown CkSum Src - UNUSED */ 2288198627Srrs#define CTL_ERR_CFB_MASK 0x0008 /* Forbidden CFB Mask - UNUSED */ 2289198627Srrs#define CTL_ERR_OP 0x0010 /* Unknown Ctrl Op - UNUSED */ 2290198627Srrs#define CTL_ERR_UNDEF1 0x0020 /* UNUSED */ 2291198627Srrs#define CTL_ERR_UNDEF2 0x0040 /* UNUSED */ 2292198627Srrs#define CTL_ERR_DATA_READ 0x0080 /* Data Read Error */ 2293198627Srrs#define CTL_ERR_DESC_CTRL 0x0100 /* Descriptor Ctrl Field Error */ 2294198157Srrs 2295198627Srrs#define CTL_ERR_TIMEOUT 0x1000 /* Message Response Timeout */ 2296198157Srrs 2297198157Srrs/* ****************************************************************** 2298198157Srrs * Data Error Code and Conditions 2299198157Srrs * ****************************************************************** 2300198157Srrs */ 2301198627Srrs#define DATA_ERR_NONE 0x0000 /* No Error */ 2302198627Srrs#define DATA_ERR_LEN_CIPHER 0x0001 /* Not Enough Data To Cipher */ 2303198627Srrs#define DATA_ERR_IV_ADDR 0x0002 /* Illegal IV Loacation */ 2304198627Srrs#define DATA_ERR_WD_LEN_AES 0x0004 /* Illegal Nb Words To AES */ 2305198627Srrs#define DATA_ERR_BYTE_COUNT 0x0008 /* Illegal Pad And ByteCount Spec */ 2306198627Srrs#define DATA_ERR_LEN_CKSUM 0x0010 /* Not Enough Data To CkSum */ 2307198627Srrs#define DATA_ERR_OP 0x0020 /* Unknown Data Op */ 2308198627Srrs#define DATA_ERR_UNDEF1 0x0040 /* UNUSED */ 2309198627Srrs#define DATA_ERR_READ 0x0080 /* Data Read Error */ 2310198627Srrs#define DATA_ERR_WRITE 0x0100 /* Data Write Error */ 2311198157Srrs 2312198157Srrs 2313198157Srrs/* 2314198627Srrs * Common Descriptor 2315198157Srrs * NOTE: Size of struct is size of cacheline. 2316198157Srrs */ 2317198157Srrs 2318198157Srrstypedef struct OperationDescriptor_s { 2319198627Srrs uint64_t phys_self; 2320198627Srrs uint32_t stn_id; 2321198627Srrs uint32_t flags; 2322198627Srrs uint32_t cpu; 2323198627Srrs uint32_t seq_num; 2324212763Sjchandra uint64_t vaddr; 2325198627Srrs} OperationDescriptor_t, *OperationDescriptor_pt; 2326198157Srrs 2327198157Srrs 2328198157Srrs/* 2329198157Srrs * This defines the security data descriptor format 2330198157Srrs */ 2331198157Srrstypedef struct PacketDescriptor_s { 2332198627Srrs uint64_t srcLengthIVOffUseIVNext; 2333198627Srrs uint64_t dstDataSettings; 2334198627Srrs uint64_t authDstNonceLow; 2335198627Srrs uint64_t ckSumDstNonceHiCFBMaskLLWMask; 2336198627Srrs} PacketDescriptor_t, *PacketDescriptor_pt; 2337198157Srrs 2338198157Srrstypedef struct { 2339198627Srrs uint8_t *user_auth; 2340198627Srrs uint8_t *user_src; 2341198627Srrs uint8_t *user_dest; 2342198627Srrs uint8_t *user_state; 2343198627Srrs uint8_t *kern_auth; 2344198627Srrs uint8_t *kern_src; 2345198627Srrs uint8_t *kern_dest; 2346198627Srrs uint8_t *kern_state; 2347198627Srrs uint8_t *aligned_auth; 2348198627Srrs uint8_t *aligned_src; 2349198627Srrs uint8_t *aligned_dest; 2350198627Srrs uint8_t *aligned_state; 2351198627Srrs} xlr_sec_drv_user_t, *xlr_sec_drv_user_pt; 2352198157Srrs 2353198157Srrstypedef struct symkey_desc { 2354198627Srrs OperationDescriptor_t op_ctl; /* size is cacheline */ 2355198627Srrs PacketDescriptor_t pkt_desc[2]; /* size is cacheline */ 2356198627Srrs ControlDescriptor_t ctl_desc; /* makes this aligned */ 2357198627Srrs uint64_t control; /* message word0 */ 2358198627Srrs uint64_t data; /* message word1 */ 2359198627Srrs uint64_t ctl_result; 2360198627Srrs uint64_t data_result; 2361198627Srrs struct symkey_desc *alloc; /* real allocated addr */ 2362198627Srrs xlr_sec_drv_user_t user; 2363198627Srrs //volatile atomic_t flag_complete; 2364198627Srrs //struct semaphore sem_complete; 2365198627Srrs //wait_queue_t submit_wait; 2366198157Srrs 2367198627Srrs uint8_t *next_src_buf; 2368198627Srrs uint32_t next_src_len; 2369198157Srrs 2370198627Srrs uint8_t *next_dest_buf; 2371198627Srrs uint32_t next_dest_len; 2372198157Srrs 2373198627Srrs uint8_t *next_auth_dest; 2374198627Srrs uint8_t *next_cksum_dest; 2375198157Srrs 2376198627Srrs void *ses; 2377198627Srrs} symkey_desc_t, *symkey_desc_pt; 2378198627Srrs 2379198627Srrs 2380198157Srrs/* 2381198157Srrs * ************************************************************************** 2382198157Srrs * RSA Block 2383198157Srrs * ************************************************************************** 2384198157Srrs */ 2385198157Srrs 2386198157Srrs/* 2387198157Srrs * RSA and ECC Block 2388198157Srrs * ================= 2389198157Srrs * 2390198157Srrs * A 2-word message ring descriptor is used to pass all information 2391198157Srrs * pertaining to the RSA or ECC operation: 2392198157Srrs * 2393198157Srrs * 63 61 60 54 53 52 40 39 5 4 3 2 0 2394198157Srrs * ----------------------------------------------------------------------------------------------------- 2395198157Srrs * | Ctrl | Op Class | Valid Op | Op Ctrl0 | Source Addr | Software Scratch0 | Global src data offset | 2396198157Srrs * ----------------------------------------------------------------------------------------------------- 2397198157Srrs * 3 7 1 13 35 2 3 2398198157Srrs * 2399198157Srrs * 2400198157Srrs * 63 61 60 54 53 52 51 50 40 39 5 4 3 2 0 2401198157Srrs * -------------------------------------------------------------------------------------------------------------------------------- 2402198157Srrs * | Ctrl | Destination Id | WRB_COH | WRB_L2ALLOC | DF_L2ALLOC | Op Ctrl1 | Dest Addr | Software Scratch1 | Global dst data offset | 2403198157Srrs * -------------------------------------------------------------------------------------------------------------------------------- 2404198157Srrs * 3 7 1 1 1 11 35 2 3 2405198157Srrs * 2406198157Srrs * 2407198157Srrs * Op Class = 7'h0_0 Modular exponentiation 2408198157Srrs * 7'h0_1 ECC (including prime modular ops and binary GF ops) 2409198157Srrs * REMAINDER UNDEF 2410198627Srrs * 2411198157Srrs * Valid Op = 1'b1 Will cause operation to start; descriptors sent back at end of operation 2412198157Srrs * 1'b0 No operation performed; descriptors sent back right away 2413198157Srrs * 2414198157Srrs * RSA ECC 2415198157Srrs * === === 2416198157Srrs * Op Ctrl0 = BlockWidth[1] {TYPE[6:0], FUNCTION[5:0]} 2417198157Srrs * LoadConstant[1] 2418198157Srrs * ExponentWidth[10:0] 2419198157Srrs * RSA Only 2420198157Srrs * ======== 2421198157Srrs * Block Width = 1'b1 1024 bit op 2422198157Srrs * = 1'b0 512 bit op 2423198157Srrs * Load Constant = 1'b1 Load constant from data structure 2424198627Srrs * 1'b0 Preserve old constant (this assumes 2425198157Srrs * Source Addr points to RSAData_pt->Exponent 2426198157Srrs * or that the length of Constant is 0) 2427198157Srrs * Exponent Width = 11-bit expression of exponent width EXPRESSED IN NUMBER OF BITS 2428198157Srrs * 2429198157Srrs * ECC Only 2430198157Srrs * ======== 2431198157Srrs * 2432198157Srrs * TYPE = 7'h0_0 ECC prime 160 2433198157Srrs * 7'h0_1 ECC prime 192 2434198157Srrs * 7'h0_2 ECC prime 224 2435198157Srrs * 7'h0_3 ECC prime 256 2436198157Srrs * 7'h0_4 ECC prime 384 2437198157Srrs * 7'h0_5 ECC prime 512 2438198157Srrs * 2439198157Srrs * 7'h0_6 through 7'h1_f UNDEF 2440198157Srrs * 2441198157Srrs * 7'h2_0 ECC bin 163 2442198157Srrs * 7'h2_1 ECC bin 191 2443198157Srrs * 7'h2_2 ECC bin 233 2444198157Srrs * 2445198157Srrs * 7'h2_3 through 7'h6_f UNDEF 2446198157Srrs * 2447198157Srrs * 7'h7_0 ECC UC load 2448198157Srrs * 2449198157Srrs * 7'b7_1 through 7'b7_f UNDEF 2450198157Srrs * 2451198157Srrs * Prime field Binary field 2452198157Srrs * =========== ============ 2453198157Srrs * FUNCTION = 6'h0_0 Point multiplication R = k.P Point multiplication R = k.P 2454198157Srrs * 6'h0_1 Point addition R = P + Q Binary GF inversion C(x) = 1 / A(x) mod F(x) 2455198157Srrs * 6'h0_2 Point double R = 2 x P Binary GF multiplication C(x) = B(x) * A(x) mod F(x) 2456198157Srrs * 6'h0_3 Point verification R ? Binary GF addition C(x) = B(x) + A(x) mod F(x) 2457198157Srrs * 6'h0_4 Modular addition c = x + y mod m UNDEF 2458198157Srrs * 6'h0_5 Modular substraction c = x - y mod m UNDEF 2459198157Srrs * 6'h0_6 Modular multiplication c = x * y mod m UNDEF 2460198157Srrs * 6'h0_7 Modular division c = x / y mod m UNDEF 2461198157Srrs * 6'h0_8 Modular inversion c = 1 / y mod m UNDEF 2462198157Srrs * 6'h0_9 Modular reduction c = x mod m UNDEF 2463198157Srrs * 2464198157Srrs * 6'h0_a 2465198157Srrs * through UNDEF UNDEF 2466198157Srrs * 6'h3_f 2467198157Srrs * 2468198157Srrs * Source Addr = 35 MSB of pointer to source address (i.e., cache-line aligned) 2469198157Srrs * 2470198157Srrs * Software Scratch0 = Two bit field ignored by engine and returned as is in free descriptor 2471198157Srrs * 2472198157Srrs * Global src data offset = Nb BYTES to right-shift data by before presenting it to engines 2473198157Srrs * (0-7); allows realignment of byte-aligned, non-double-word aligned data 2474198157Srrs * 2475198157Srrs * RSA ECC 2476198157Srrs * === === 2477198157Srrs * OpCtrl1 = ModulusWidth[10:0] Not used 2478198157Srrs * RSA Only 2479198157Srrs * ======== 2480198157Srrs * Modulus Width = 11-bit expression of modulus width EXPRESSED IN NUMBER OF BITS 2481198157Srrs * 2482198157Srrs * Dest Addr = 35 MSB of pointer to destination address (i.e., cache-line aligned) 2483198157Srrs * 2484198157Srrs * Software Scratch1 = Two bit field ignored by engine and returned as is in free descriptor 2485198157Srrs * 2486198157Srrs * Global dst data offset = Nb BYTES to left-shift (double-word boundary aligned) data by before writing it to memory 2487198157Srrs * 2488198627Srrs * 2489198157Srrs */ 2490198157Srrs 2491198627Srrs/* 2492198157Srrs * ECC data formats 2493198157Srrs */ 2494198157Srrs 2495198157Srrs/********************************************************** 2496198157Srrs * * 2497198157Srrs * ECC prime data formats * 2498198157Srrs * * 2499198157Srrs ********************************************************** 2500198157Srrs * 2501198157Srrs * 2502198157Srrs * The size of all quantities below is that of the precision 2503198157Srrs * of the chosen op (160, 192, ...) ROUNDED UP to a multiple 2504198157Srrs * of 8 bytes, i.e., 3 dwords (160, 192), 4 dwords (224, 256) 2505198157Srrs * 6 dwords (384) and 8 dwords (512) and padded with zeroes 2506198157Srrs * when necessary. 2507198157Srrs * 2508198157Srrs * The only exception to this is the key quantity (k) which 2509198157Srrs * needs to be rounded up to 32 bytes in all cases and padded 2510198157Srrs * with zeroes; therefore the key needs to be 4 dwords (160, 192, 2511198157Srrs * 224, 256) or 8 dwords (384, 512) 2512198157Srrs * 2513198157Srrs * The total lengths in dwords that are read and in 2514198627Srrs * bytes that are written, for each operation and 2515198627Srrs * length group, are specified at the bottom of each 2516198157Srrs * datastructure. 2517198157Srrs * 2518198157Srrs * In all that follows, m is the modulus and cst is the constant, 2519198157Srrs * cst = 2 ^ (2*length + 4) mod m . a and b are the curve 2520198157Srrs * parameters. 2521198157Srrs * 2522198157Srrs * 0) UC load 2523198157Srrs * 2524198157Srrs * DATA IN DATA OUT 2525198157Srrs * ======= ======== 2526198157Srrs * src+glb_off-> Dword_0 N/A 2527198157Srrs * . 2528198157Srrs * . 2529198157Srrs * . 2530198157Srrs * Dword_331 2531198157Srrs * 332 dw 2532198157Srrs * 2533198157Srrs * 1) Point multiplication R(x_r, y_r) = k . P(x_p, y_p) 2534198157Srrs * 2535198157Srrs * DATA IN DATA OUT 2536198157Srrs * ======= ======== 2537198157Srrs * src+glb_off-> x_p dst+glb_off-> x_r 2538198157Srrs * x_p y_r 2539198157Srrs * y_p 2x(3/4/6/8)= 2540198157Srrs * y_p 6/8/12/16 dw 2541198157Srrs * a 2542198627Srrs * k 2543198157Srrs * m 2544198157Srrs * cst 2545198157Srrs * 7x(3/4/6/8)+(4/4/8/8)= 2546198157Srrs * 25/32/50/64 dw 2547198157Srrs * 2548198157Srrs * 2) Point addition R(x_r, y_r) = P(x_p, y_p) + Q(x_q, y_q) 2549198157Srrs * 2550198157Srrs * DATA IN DATA OUT 2551198157Srrs * ======= ======== 2552198157Srrs * src+glb_off-> x_p dst+glb_off-> x_r 2553198157Srrs * y_p y_r 2554198157Srrs * x_q 2x(3/4/6/8)= 2555198157Srrs * y_q 6/8/12/16 dw 2556198157Srrs * a 2557198157Srrs * m 2558198157Srrs * cst 2559198157Srrs * 7x(3/4/6/8)= 2560198157Srrs * 21/28/42/56 dw 2561198157Srrs * 2562198157Srrs * 3) Point double R(x_r, y_r) = 2 . P(x_p, y_p) 2563198157Srrs * 2564198157Srrs * DATA IN DATA OUT 2565198157Srrs * ======= ======== 2566198157Srrs * src+glb_off-> x_p dst+glb_off-> x_r 2567198157Srrs * y_p y_r 2568198157Srrs * a 2x(3/4/6/8)= 2569198157Srrs * m 6/8/12/16 dw 2570198157Srrs * cst 2571198157Srrs * 5x(3/4/6/8)= 2572198157Srrs * 15/20/30/40 dw 2573198157Srrs * 2574198157Srrs * 4) Point verification Is_On_Curve = P(x_p, y_p) on curve ? 1 : 0 2575198157Srrs * 2576198157Srrs * DATA IN DATA OUT 2577198157Srrs * ======= ======== 2578198157Srrs * src+glb_off-> x_p dst+glb_off-> Is_On_Curve 2579198157Srrs * y_p 1 dw 2580198157Srrs * a 2581198157Srrs * b 2582198157Srrs * m 2583198157Srrs * cst 2584198157Srrs * 6x(3/4/6/8)= 2585198157Srrs * 18/24/36/48 dw 2586198157Srrs * 2587198157Srrs * 5) Modular addition c = x + y mod m 2588198157Srrs * 2589198157Srrs * DATA IN DATA OUT 2590198157Srrs * ======= ======== 2591198157Srrs * src+glb_off-> x dst+glb_off-> c 2592198157Srrs * y 3/4/6/8 dw 2593198157Srrs * m 2594198157Srrs * 3x(3/4/6/8)= 2595198157Srrs * 9/12/18/24 dw 2596198157Srrs * 2597198157Srrs * 6) Modular substraction c = x - y mod m 2598198157Srrs * 2599198157Srrs * DATA IN DATA OUT 2600198157Srrs * ======= ======== 2601198157Srrs * src+glb_off-> x dst+glb_off-> c 2602198157Srrs * y 3/4/6/8 dw 2603198157Srrs * m 2604198157Srrs * 3x(3/4/6/8)= 2605198157Srrs * 9/12/18/24 dw 2606198157Srrs * 2607198157Srrs * 7) Modular multiplication c = x * y mod m 2608198157Srrs * 2609198157Srrs * DATA IN DATA OUT 2610198157Srrs * ======= ======== 2611198157Srrs * src+glb_off-> x dst+glb_off-> c 2612198157Srrs * y 3/4/6/8 dw 2613198157Srrs * m 2614198157Srrs * cst 2615198157Srrs * 4x(3/4/6/8)= 2616198157Srrs * 12/16/24/32 dw 2617198157Srrs * 2618198157Srrs * 8) Modular division c = x / y mod m 2619198157Srrs * 2620198157Srrs * DATA IN DATA OUT 2621198157Srrs * ======= ======== 2622198157Srrs * src+glb_off-> y dst+glb_off-> c 2623198157Srrs * x 3/4/6/8 dw 2624198157Srrs * m 2625198157Srrs * 3x(3/4/6/8)= 2626198157Srrs * 9/12/18/24 dw 2627198157Srrs * 2628198157Srrs * 9) Modular inversion c = 1 / y mod m 2629198157Srrs * 2630198157Srrs * DATA IN DATA OUT 2631198157Srrs * ======= ======== 2632198157Srrs * src+glb_off-> y dst+glb_off-> c 2633198157Srrs * m 3/4/6/8 dw 2634198157Srrs * 2x(3/4/6/8)= 2635198157Srrs * 6/8/12/16 dw 2636198157Srrs * 2637198157Srrs * 10) Modular reduction c = x mod m 2638198157Srrs * 2639198157Srrs * DATA IN DATA OUT 2640198157Srrs * ======= ======== 2641198157Srrs * src+glb_off-> x dst+glb_off-> c 2642198157Srrs * m 3/4/6/8 dw 2643198157Srrs * 2x(3/4/6/8)= 2644198157Srrs * 6/8/12/16 dw 2645198157Srrs * 2646198157Srrs */ 2647198157Srrs 2648198157Srrs/********************************************************** 2649198157Srrs * * 2650198157Srrs * ECC binary data formats * 2651198157Srrs * * 2652198157Srrs ********************************************************** 2653198157Srrs * 2654198157Srrs * 2655198157Srrs * The size of all quantities below is that of the precision 2656198157Srrs * of the chosen op (163, 191, 233) ROUNDED UP to a multiple 2657198157Srrs * of 8 bytes, i.e. 3 dwords for (163, 191) and 4 dwords for 2658198157Srrs * (233), padded with zeroes as necessary. 2659198157Srrs * 2660198157Srrs * The total lengths in dwords that are read and written, 2661198157Srrs * for each operation and length group, are specified 2662198157Srrs * at the bottom of each datastructure. 2663198157Srrs * In all that follows, b is the curve parameter. 2664198157Srrs * 2665198157Srrs * 1) Point multiplication R(x_r, y_r) = k . P(x_p, y_p) 2666198157Srrs * 2667198157Srrs * DATA IN DATA OUT 2668198157Srrs * ======= ======== 2669198157Srrs * src+glb_off-> b dst+glb_off-> x_r 2670198157Srrs * k y_r 2671198157Srrs * x_p 2x(3/4) 2672198157Srrs * y_p 6/8 dw 2673198157Srrs * 4x(3/4)= 2674198157Srrs * 12/16 dw 2675198157Srrs * 2676198157Srrs * 2) Binary GF inversion C(x) = 1 / A(x) mod F(x) 2677198157Srrs * 2678198157Srrs * DATA IN DATA OUT 2679198157Srrs * ======= ======== 2680198157Srrs * src+glb_off-> A dst+glb_off-> C 2681198157Srrs * 1x(3/4)= 1x(3/4) 2682198157Srrs * 3/4 dw 3/4 dw 2683198157Srrs * 2684198157Srrs * 3) Binary GF multiplication C(x) = B(x) * A(x) mod F(x) 2685198157Srrs * 2686198157Srrs * DATA IN DATA OUT 2687198157Srrs * ======= ======== 2688198157Srrs * src+glb_off-> A dst+glb_off-> C 2689198157Srrs * B 1x(3/4) 2690198157Srrs * 2x(3/4)= 3/4 dw 2691198157Srrs * 6/8 dw 2692198157Srrs * 2693198157Srrs * 4) Binary GF addition C(x) = B(x) + A(x) mod F(x) 2694198157Srrs * 2695198157Srrs * DATA IN DATA OUT 2696198157Srrs * ======= ======== 2697198157Srrs * src+glb_off-> A dst+glb_off-> C 2698198157Srrs * B 1x(3/4) 2699198157Srrs * 2x(3/4)= 3/4 dw 2700198157Srrs * 6/8dw 2701198157Srrs * 2702198157Srrs */ 2703198157Srrs 2704198157Srrs/* 2705198157Srrs * RSA data format 2706198157Srrs */ 2707198157Srrs 2708198157Srrs/* 2709198627Srrs * IMPORTANT NOTE: 2710198157Srrs * 2711198157Srrs * As specified in the datastructures below, 2712198157Srrs * the engine assumes all data (including 2713198157Srrs * exponent and modulus) to be adjacent on 2714198157Srrs * dword boundaries, e.g., 2715198157Srrs * 2716198157Srrs * Operation length = 512 bits 2717198157Srrs * Exponent length = 16 bits 2718198157Srrs * Modulus length = 512 bits 2719198157Srrs * 2720198157Srrs * The engine expects to read: 2721198157Srrs * 2722198157Srrs * 63 0 2723198157Srrs * ----------------------- 2724198157Srrs * | | Constant0 2725198157Srrs * ----------------------- 2726198157Srrs * | | Constant1 2727198157Srrs * ----------------------- 2728198157Srrs * | | Constant2 2729198157Srrs * ----------------------- 2730198157Srrs * | | Constant3 2731198157Srrs * ----------------------- 2732198157Srrs * | | Constant4 2733198157Srrs * ----------------------- 2734198157Srrs * | | Constant5 2735198157Srrs * ----------------------- 2736198157Srrs * | | Constant6 2737198157Srrs * ----------------------- 2738198157Srrs * | | Constant7 2739198157Srrs * ----------------------- 2740198157Srrs * | IGNORED |B1|B0| Exponent0 (Exponent length = 16 bits = 2 bytes, so only 2 least significant bytes of exponent used) 2741198157Srrs * ----------------------- 2742198157Srrs * | | Modulus0 2743198157Srrs * ----------------------- 2744198157Srrs * | | Modulus1 2745198157Srrs * ----------------------- 2746198157Srrs * | | Modulus2 2747198157Srrs * ----------------------- 2748198157Srrs * | | Modulus3 2749198157Srrs * ----------------------- 2750198157Srrs * | | Modulus4 2751198157Srrs * ----------------------- 2752198157Srrs * | | Modulus5 2753198157Srrs * ----------------------- 2754198157Srrs * | | Modulus6 2755198157Srrs * ----------------------- 2756198157Srrs * | | Modulus7 2757198157Srrs * ----------------------- 2758198157Srrs * | | Message0 2759198157Srrs * ----------------------- 2760198157Srrs * | | Message1 2761198157Srrs * ----------------------- 2762198157Srrs * | | Message2 2763198157Srrs * ----------------------- 2764198157Srrs * | | Message3 2765198157Srrs * ----------------------- 2766198157Srrs * | | Message4 2767198157Srrs * ----------------------- 2768198157Srrs * | | Message5 2769198157Srrs * ----------------------- 2770198157Srrs * | | Message6 2771198157Srrs * ----------------------- 2772198157Srrs * | | Message7 2773198157Srrs * ----------------------- 2774198157Srrs * 2775198157Srrs */ 2776198157Srrs 2777198157Srrs/* #define PUBKEY_CTL_CTL */ 2778198157Srrs#define PUBKEY_CTL_CTL_LSB 61 2779198157Srrs#define PUBKEY_CTL_CTL_BITS THREE_BITS 2780198157Srrs#define PUBKEY_CTL_CTL_MASK (PUBKEY_CTL_CTL_BITS << PUBKEY_CTL_CTL_LSB) 2781198157Srrs 2782198157Srrs/* #define PUBKEY_CTL_OP_CLASS */ 2783198157Srrs#define PUBKEY_CTL_OP_CLASS_RSA 0 2784198157Srrs#define PUBKEY_CTL_OP_CLASS_ECC 1 2785198157Srrs#define PUBKEY_CTL_OP_CLASS_LSB 54 2786198157Srrs#define PUBKEY_CTL_OP_CLASS_BITS SEVEN_BITS 2787198157Srrs#define PUBKEY_CTL_OP_CLASS_MASK (PUBKEY_CTL_OP_CLASS_BITS << PUBKEY_CTL_OP_CLASS_LSB) 2788198157Srrs 2789198157Srrs/* #define PUBKEY_CTL_VALID */ 2790198157Srrs#define PUBKEY_CTL_VALID_FALSE 0 2791198157Srrs#define PUBKEY_CTL_VALID_TRUE 1 2792198157Srrs#define PUBKEY_CTL_VALID_LSB 53 2793198157Srrs#define PUBKEY_CTL_VALID_BITS ONE_BIT 2794198157Srrs#define PUBKEY_CTL_VALID_MASK \ 2795198157Srrs (PUBKEY_CTL_VALID_BITS << PUBKEY_CTL_VALID_LSB) 2796198157Srrs 2797198157Srrs/* #define PUBKEY_CTL_ECC_TYPE */ 2798198157Srrs#define PUBKEY_CTL_ECC_TYPE_PRIME_160 0 2799198157Srrs#define PUBKEY_CTL_ECC_TYPE_PRIME_192 1 2800198157Srrs#define PUBKEY_CTL_ECC_TYPE_PRIME_224 2 2801198157Srrs#define PUBKEY_CTL_ECC_TYPE_PRIME_256 3 2802198157Srrs#define PUBKEY_CTL_ECC_TYPE_PRIME_384 4 2803198157Srrs#define PUBKEY_CTL_ECC_TYPE_PRIME_512 5 2804198157Srrs#define PUBKEY_CTL_ECC_TYPE_BIN_163 0x20 2805198157Srrs#define PUBKEY_CTL_ECC_TYPE_BIN_191 0x21 2806198157Srrs#define PUBKEY_CTL_ECC_TYPE_BIN_233 0x22 2807198157Srrs#define PUBKEY_CTL_ECC_TYPE_UC_LOAD 0x70 2808198157Srrs#define PUBKEY_CTL_ECC_TYPE_LSB 46 2809198157Srrs#define PUBKEY_CTL_ECC_TYPE_BITS SEVEN_BITS 2810198157Srrs#define PUBKEY_CTL_ECC_TYPE_MASK (PUBKEY_CTL_ECC_TYPE_BITS << PUBKEY_CTL_ECC_TYPE_LSB) 2811198157Srrs 2812198157Srrs/* #define PUBKEY_CTL_ECC_FUNCTION */ 2813198157Srrs#define PUBKEY_CTL_ECC_FUNCTION_NOP 0 2814198157Srrs#define PUBKEY_CTL_ECC_FUNCTION_POINT_MUL 0 2815198157Srrs#define PUBKEY_CTL_ECC_FUNCTION_POINT_ADD 1 2816198157Srrs#define PUBKEY_CTL_ECC_FUNCTION_POINT_DBL 2 2817198157Srrs#define PUBKEY_CTL_ECC_FUNCTION_POINT_VFY 3 2818198157Srrs#define PUBKEY_CTL_ECC_FUNCTION_MODULAR_ADD 4 2819198157Srrs#define PUBKEY_CTL_ECC_FUNCTION_MODULAR_SUB 5 2820198157Srrs#define PUBKEY_CTL_ECC_FUNCTION_MODULAR_MUL 6 2821198157Srrs#define PUBKEY_CTL_ECC_FUNCTION_MODULAR_DIV 7 2822198157Srrs#define PUBKEY_CTL_ECC_FUNCTION_MODULAR_INV 8 2823198157Srrs#define PUBKEY_CTL_ECC_FUNCTION_MODULAR_RED 9 2824198157Srrs#define PUBKEY_CTL_ECC_FUNCTION_LSB 40 2825198157Srrs#define PUBKEY_CTL_ECC_FUNCTION_BITS SIX_BITS 2826198157Srrs#define PUBKEY_CTL_ECC_FUNCTION_MASK (PUBKEY_CTL_ECC_FUNCTION_BITS << PUBKEY_CTL_ECC_FUNCTION_LSB) 2827198157Srrs 2828198157Srrs/* #define PUBKEY_CTL_BLKWIDTH */ 2829198157Srrs#define PUBKEY_CTL_BLKWIDTH_512 0 2830198157Srrs#define PUBKEY_CTL_BLKWIDTH_1024 1 2831198157Srrs#define PUBKEY_CTL_BLKWIDTH_LSB 52 2832198157Srrs#define PUBKEY_CTL_BLKWIDTH_BITS ONE_BIT 2833198157Srrs#define PUBKEY_CTL_BLKWIDTH_MASK \ 2834198157Srrs (PUBKEY_CTL_BLKWIDTH_BITS << PUBKEY_CTL_BLKWIDTH_LSB) 2835198157Srrs 2836198157Srrs/* #define PUBKEY_CTL_LD_CONST */ 2837198157Srrs#define PUBKEY_CTL_LD_CONST_OLD 0 2838198157Srrs#define PUBKEY_CTL_LD_CONST_NEW 1 2839198157Srrs#define PUBKEY_CTL_LD_CONST_LSB 51 2840198157Srrs#define PUBKEY_CTL_LD_CONST_BITS ONE_BIT 2841198157Srrs#define PUBKEY_CTL_LD_CONST_MASK \ 2842198157Srrs (PUBKEY_CTL_LD_CONST_BITS << PUBKEY_CTL_LD_CONST_LSB) 2843198157Srrs 2844198157Srrs/* #define PUBKEY_CTL_EXPWIDTH */ 2845198157Srrs#define PUBKEY_CTL_EXPWIDTH_LSB 40 2846198157Srrs#define PUBKEY_CTL_EXPWIDTH_BITS ELEVEN_BITS 2847198157Srrs#define PUBKEY_CTL_EXPWIDTH_MASK \ 2848198157Srrs (PUBKEY_CTL_EXPWIDTH_BITS << PUBKEY_CTL_EXPWIDTH_LSB) 2849198157Srrs 2850198157Srrs/* #define PUBKEY_CTL_SRCADDR */ 2851198627Srrs#define PUBKEY_CTL_SRCADDR_LSB 0 2852198157Srrs#define PUBKEY_CTL_SRCADDR_BITS FOURTY_BITS 2853198157Srrs#define PUBKEY_CTL_SRCADDR_MASK \ 2854198157Srrs (PUBKEY_CTL_SRCADDR_BITS << PUBKEY_CTL_SRCADDR_LSB) 2855198157Srrs 2856198157Srrs/* #define PUBKEY_CTL_SRC_OFFSET */ 2857198627Srrs#define PUBKEY_CTL_SRC_OFFSET_LSB 0 2858198157Srrs#define PUBKEY_CTL_SRC_OFFSET_BITS THREE_BITS 2859198157Srrs#define PUBKEY_CTL_SRC_OFFSET_MASK \ 2860198157Srrs (PUBKEY_CTL_SRC_OFFSET_BITS << PUBKEY_CTL_SRC_OFFSET_LSB) 2861198157Srrs 2862198157Srrs 2863198157Srrs/* #define PUBKEY_CTL1_CTL */ 2864198157Srrs#define PUBKEY_CTL1_CTL_LSB 61 2865198157Srrs#define PUBKEY_CTL1_CTL_BITS THREE_BITS 2866198157Srrs#define PUBKEY_CTL1_CTL_MASK (PUBKEY_CTL_CTL_BITS << PUBKEY_CTL_CTL_LSB) 2867198157Srrs 2868198157Srrs/* #define PUBKEY_CTL1_MODWIDTH */ 2869198627Srrs#define PUBKEY_CTL1_MODWIDTH_LSB 40 2870198157Srrs#define PUBKEY_CTL1_MODWIDTH_BITS ELEVEN_BITS 2871198157Srrs#define PUBKEY_CTL1_MODWIDTH_MASK \ 2872198157Srrs (PUBKEY_CTL1_MODWIDTH_BITS << PUBKEY_CTL1_MODWIDTH_LSB) 2873198157Srrs 2874198157Srrs/* #define PUBKEY_CTL1_DSTADDR */ 2875198157Srrs#define PUBKEY_CTL1_DSTADDR_LSB 0 2876198157Srrs#define PUBKEY_CTL1_DSTADDR_BITS FOURTY_BITS 2877198157Srrs#define PUBKEY_CTL1_DSTADDR_MASK \ 2878198157Srrs (PUBKEY_CTL1_DSTADDR_BITS << PUBKEY_CTL1_DSTADDR_LSB) 2879198157Srrs 2880198157Srrs/* #define PUBKEY_CTL1_DST_OFFSET */ 2881198157Srrs#define PUBKEY_CTL1_DST_OFFSET_LSB 0 2882198157Srrs#define PUBKEY_CTL1_DST_OFFSET_BITS THREE_BITS 2883198157Srrs#define PUBKEY_CTL1_DST_OFFSET_MASK \ 2884198157Srrs (PUBKEY_CTL1_DST_OFFSET_BITS << PUBKEY_CTL1_DST_OFFSET_LSB) 2885198157Srrs 2886198157Srrs/* 2887198157Srrs * Upon completion of operation, the RSA block returns a 2-word free descriptor 2888198157Srrs * in the following format: 2889198157Srrs * 2890198157Srrs * 63 61 60 54 53 52 51 49 48 40 39 5 4 3 2 0 2891198157Srrs * ------------------------------------------------------------------------------------------------------------------------- 2892198157Srrs * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | Control Error | Source Address | Software Scratch0 | Global src data offset | 2893198157Srrs * ------------------------------------------------------------------------------------------------------------------------- 2894198157Srrs * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | Data Error | Dest Address | Software Scratch1 | Global dst data offset | 2895198157Srrs * ------------------------------------------------------------------------------------------------------------------------- 2896198157Srrs * 2897198157Srrs * The Control and Data Error codes are enumerated below 2898198157Srrs * 2899198157Srrs * Error conditions 2900198157Srrs * ================ 2901198157Srrs * 2902198157Srrs * Control Error Code Control Error Condition 2903198157Srrs * ------------------ ----------------------- 2904198157Srrs * 9'h000 No Error 2905198157Srrs * 9'h001 Undefined Op Class 2906198157Srrs * 9'h002 Undefined ECC TYPE (ECC only) 2907198157Srrs * 9'h004 Undefined ECC FUNCTION (ECC only) 2908198157Srrs * 9'h008 ECC timeout (ECC only) 2909198157Srrs * 9'h010 UNUSED 2910198157Srrs * 9'h020 UNUSED 2911198157Srrs * 9'h040 UNUSED 2912198157Srrs * 9'h080 Data Read Error 2913198157Srrs * 9'h100 Descriptor Ctrl Field Error (D0.Ctrl != SOP || D1.Ctrl != EOP) 2914198157Srrs * 2915198157Srrs * Data Error Code Data Error Condition 2916198157Srrs * --------------- -------------------- 2917198157Srrs * 9'h000 No Error 2918198157Srrs * 9'h001 Exponent Width > Block Width (RSA Only) 2919198157Srrs * 9'h002 Modulus Width > Block Width (RSA Only) 2920198157Srrs * 9'h004 UNUSED 2921198157Srrs * 9'h008 UNUSED 2922198157Srrs * 9'h010 UNUSED 2923198157Srrs * 9'h020 UNUSED 2924198157Srrs * 9'h040 UNUSED 2925198157Srrs * 9'h080 Data Read Error 2926198157Srrs * 9'h100 UNUSED 2927198157Srrs */ 2928198157Srrs 2929198157Srrs/* 2930198157Srrs * Result Data Word for Message Ring Descriptor 2931198157Srrs */ 2932198157Srrs 2933198157Srrs/* #define PUBKEY_RSLT_CTL_CTL */ 2934198157Srrs#define PUBKEY_RSLT_CTL_CTL_LSB 61 2935198157Srrs#define PUBKEY_RSLT_CTL_CTL_BITS THREE_BITS 2936198157Srrs#define PUBKEY_RSLT_CTL_CTL_MASK \ 2937198157Srrs (PUBKEY_RSLT_CTL_CTL_BITS << PUBKEY_RSLT_CTL_CTL_LSB) 2938198157Srrs 2939198157Srrs/* #define PUBKEY_RSLT_CTL_DST_ID */ 2940198157Srrs#define PUBKEY_RSLT_CTL_DST_ID_LSB 54 2941198157Srrs#define PUBKEY_RSLT_CTL_DST_ID_BITS SEVEN_BITS 2942198157Srrs#define PUBKEY_RSLT_CTL_DST_ID_MASK \ 2943198157Srrs (PUBKEY_RSLT_CTL_DST_ID_BITS << PUBKEY_RSLT_CTL_DST_ID_LSB) 2944198157Srrs 2945198157Srrs/* #define PUBKEY_RSLT_CTL_DESC_CTL */ 2946198157Srrs#define PUBKEY_RSLT_CTL_DESC_CTL_LSB 49 2947198157Srrs#define PUBKEY_RSLT_CTL_DESC_CTL_BITS THREE_BITS 2948198157Srrs#define PUBKEY_RSLT_CTL_DESC_CTL_MASK \ 2949198157Srrs (PUBKEY_RSLT_CTL_DESC_CTL_BITS << PUBKEY_RSLT_CTL_DESC_CTL_LSB) 2950198157Srrs 2951198157Srrs 2952198157Srrs/* #define PUBKEY_RSLT_CTL_ERROR */ 2953198157Srrs#define PUBKEY_RSLT_CTL_ERROR_LSB 40 2954198157Srrs#define PUBKEY_RSLT_CTL_ERROR_BITS NINE_BITS 2955198157Srrs#define PUBKEY_RSLT_CTL_ERROR_MASK \ 2956198157Srrs (PUBKEY_RSLT_CTL_ERROR_BITS << PUBKEY_RSLT_CTL_ERROR_LSB) 2957198627Srrs 2958198157Srrs/* #define PUBKEY_RSLT_CTL_SRCADDR */ 2959198157Srrs#define PUBKEY_RSLT_CTL_SRCADDR_LSB 0 2960198157Srrs#define PUBKEY_RSLT_CTL_SRCADDR_BITS FOURTY_BITS 2961198157Srrs#define PUBKEY_RSLT_CTL_SRCADDR_MASK \ 2962198157Srrs (PUBKEY_RSLT_CTL_SRCADDR_BITS << PUBKEY_RSLT_CTL_SRCADDR_LSB) 2963198157Srrs 2964198627Srrs 2965198157Srrs/* #define PUBKEY_RSLT_DATA_CTL */ 2966198157Srrs#define PUBKEY_RSLT_DATA_CTL_LSB 61 2967198157Srrs#define PUBKEY_RSLT_DATA_CTL_BITS THREE_BITS 2968198157Srrs#define PUBKEY_RSLT_DATA_CTL_MASK \ 2969198157Srrs (PUBKEY_RSLT_DATA_CTL_BITS << PUBKEY_RSLT_DATA_CTL_LSB) 2970198157Srrs 2971198157Srrs/* #define PUBKEY_RSLT_DATA_DST_ID */ 2972198157Srrs#define PUBKEY_RSLT_DATA_DST_ID_LSB 54 2973198157Srrs#define PUBKEY_RSLT_DATA_DST_ID_BITS SEVEN_BITS 2974198157Srrs#define PUBKEY_RSLT_DATA_DST_ID_MASK \ 2975198157Srrs (PUBKEY_RSLT_DATA_DST_ID_BITS << PUBKEY_RSLT_DATA_DST_ID_LSB) 2976198157Srrs 2977198157Srrs/* #define PUBKEY_RSLT_DATA_DESC_CTL */ 2978198157Srrs#define PUBKEY_RSLT_DATA_DESC_CTL_LSB 49 2979198157Srrs#define PUBKEY_RSLT_DATA_DESC_CTL_BITS THREE_BITS 2980198157Srrs#define PUBKEY_RSLT_DATA_DESC_CTL_MASK \ 2981198157Srrs (PUBKEY_RSLT_DATA_DESC_CTL_BITS << PUBKEY_RSLT_DATA_DESC_CTL_LSB) 2982198157Srrs 2983198157Srrs/* #define PUBKEY_RSLT_DATA_ERROR */ 2984198157Srrs#define PUBKEY_RSLT_DATA_ERROR_LSB 40 2985198157Srrs#define PUBKEY_RSLT_DATA_ERROR_BITS NINE_BITS 2986198157Srrs#define PUBKEY_RSLT_DATA_ERROR_MASK \ 2987198157Srrs (PUBKEY_RSLT_DATA_ERROR_BITS << PUBKEY_RSLT_DATA_ERROR_LSB) 2988198627Srrs 2989198157Srrs/* #define PUBKEY_RSLT_DATA_DSTADDR */ 2990198157Srrs#define PUBKEY_RSLT_DATA_DSTADDR_LSB 40 2991198157Srrs#define PUBKEY_RSLT_DATA_DSTADDR_BITS FOURTY_BITS 2992198157Srrs#define PUBKEY_RSLT_DATA_DSTADDR_MASK \ 2993198157Srrs (PUBKEY_RSLT_DATA_DSTADDR_BITS << PUBKEY_RSLT_DATA_DSTADDR_LSB) 2994198157Srrs 2995198627Srrs/* 2996198157Srrs * ****************************************************************** 2997198157Srrs * RSA Block - Data Error Code and Conditions 2998198157Srrs * ****************************************************************** 2999198157Srrs */ 3000198157Srrs 3001198627Srrs#define PK_CTL_ERR_NONE 0x0000 /* No Error */ 3002198627Srrs#define PK_CTL_ERR_OP_CLASS 0x0001 /* Undefined Op Class */ 3003198627Srrs#define PK_CTL_ERR_ECC_TYPE 0x0002 /* Undefined ECC TYPE (ECC only) */ 3004198627Srrs#define PK_CTL_ERR_ECC_FUNCT 0x0004 /* Undefined ECC FUNCTION (ECC only) */ 3005198627Srrs#define PK_CTL_ERR_ECC_TIMEOUT 0x0008 /* ECC timeout (ECC only) */ 3006198627Srrs#define PK_CTL_ERR_READ 0x0080 /* Data Read Error */ 3007198627Srrs#define PK_CTL_ERR_DESC 0x0100 /* Descriptor Ctrl Field Error 3008198627Srrs * (D0.Ctrl != SOP || D1.Ctrl != EOP) */ 3009198627Srrs#define PK_CTL_ERR_TIMEOUT 0x1000 /* Message Responce Timeout */ 3010198157Srrs 3011198627Srrs#define PK_DATA_ERR_NONE 0x0000 /* No Error */ 3012198627Srrs#define PK_DATA_ERR_EXP_WIDTH 0x0001 /* Exponent Width > Block Width */ 3013198627Srrs#define PK_DATA_ERR_MOD_WIDTH 0x0002 /* Modulus Width > Block Width */ 3014198627Srrs#define PK_DATA_ERR_READ 0x0080 /* Data Read Error */ 3015198157Srrs 3016198157Srrs 3017198157Srrs/* 3018198157Srrs * This defines the RSA data format 3019198157Srrs */ 3020198157Srrs/* 3021198157Srrs * typedef struct RSAData_s { 3022198157Srrs * uint64_t Constant; 3023198157Srrs * uint64_t Exponent; 3024198157Srrs * uint64_t Modulus; 3025198157Srrs * uint64_t Message; 3026198157Srrs *} RSAData_t, *RSAData_pt; 3027198157Srrs * 3028198157Srrs * typedef RSAData_t DHData_t; 3029198157Srrs * typedef RSAData_pt DHData_pt; 3030198157Srrs */ 3031198157Srrs 3032198157Srrstypedef struct UserPubData_s { 3033198627Srrs uint8_t *source; 3034198627Srrs uint8_t *user_result; 3035198627Srrs uint32_t result_length; 3036198627Srrs} UserPubData_t, *UserPubData_pt; 3037198157Srrs 3038198157Srrstypedef struct pubkey_desc { 3039198627Srrs OperationDescriptor_t op_ctl; /* size is cacheline */ 3040198627Srrs uint8_t source[1024]; 3041198627Srrs uint8_t dest[256]; /* 1024 makes cacheline-aligned */ 3042198627Srrs uint64_t control0; 3043198627Srrs uint64_t control1; 3044198627Srrs uint64_t ctl_result; 3045198627Srrs uint64_t data_result; 3046198627Srrs struct pubkey_desc *alloc; 3047198627Srrs UserPubData_t kern; /* ptrs for temp buffers */ 3048198627Srrs //volatile atomic_t flag_complete; 3049198627Srrs //struct semaphore sem_complete; 3050198627Srrs //wait_queue_t submit_wait; 3051198627Srrs} pubkey_desc_t, *pubkey_desc_pt; 3052198157Srrs 3053198157Srrs/* 3054198157Srrs * KASUMI F8 and F9 use the IV0/IV1 fields : 3055198157Srrs * 3056198157Srrs * 63 41 40 39 37 36 32 31 0 3057198157Srrs * ---------------------------------------------------------------------------- 3058198157Srrs * | |FX/DIRECTION| | F8/BEARER | F8/COUNT | IV0 3059198627Srrs * ---------------------------------------------------------------------------- 3060198157Srrs * 1 5 32 3061198157Srrs * 3062198157Srrs * 63 32 31 0 3063198157Srrs * ---------------------------------------------------------------------------- 3064198157Srrs * | F9/FRESH | F9/COUNT | IV1 3065198157Srrs * ---------------------------------------------------------------------------- 3066198157Srrs * 32 32 3067198157Srrs */ 3068198627Srrs#endif /* _XLR_SEC_DESC_H_ */ 3069