svn commit: r198157 - in projects/mips/sys/dev/rmi: sec xlr
Randall Stewart
rrs at lakerest.net
Fri Oct 16 17:48:49 UTC 2009
Robert:
Yep. and I don't think what I have has a 10gig driver in it yet. I have
been talking with George and we will get one ported in... but I want
to get everything working on head first before we chase down drivers ;-)
R
On Oct 16, 2009, at 1:22 PM, Robert Watson wrote:
>
> On Thu, 15 Oct 2009, Randall Stewart wrote:
>
>> Adds the untouched code from the RMI 6.4 stuff.
>> This has a security device and the gig ethernet device.
>> Note the 10gig device driver is yet missing.
>
> I'm particularly interested in seeing this, past drops I've used
> have not had support for the on-board 10gbps parts on the XLR.
>
> Robert
>
>>
>> Added:
>> projects/mips/sys/dev/rmi/sec/desc.h (contents, props changed)
>> projects/mips/sys/dev/rmi/sec/rmilib.c
>> projects/mips/sys/dev/rmi/sec/rmilib.h
>> projects/mips/sys/dev/rmi/sec/rmisec.c
>> projects/mips/sys/dev/rmi/sec/stats.h
>> projects/mips/sys/dev/rmi/xlr/atx_cpld.h
>> projects/mips/sys/dev/rmi/xlr/rge.c
>> projects/mips/sys/dev/rmi/xlr/rge.h
>> projects/mips/sys/dev/rmi/xlr/xgmac_mdio.h
>>
>> Added: projects/mips/sys/dev/rmi/sec/desc.h
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- /dev/null 00:00:00 1970 (empty, because file is newly added)
>> +++ projects/mips/sys/dev/rmi/sec/desc.h Thu Oct 15 21:08:06 2009
>> (r198157)
>> @@ -0,0 +1,3066 @@
>> +/*-
>> + * Copyright (c) 2003-2009 RMI Corporation
>> + * All rights reserved.
>> + *
>> + * Redistribution and use in source and binary forms, with or
>> without
>> + * modification, are permitted provided that the following
>> conditions
>> + * are met:
>> + * 1. Redistributions of source code must retain the above copyright
>> + * notice, this list of conditions and the following disclaimer.
>> + * 2. Redistributions in binary form must reproduce the above
>> copyright
>> + * notice, this list of conditions and the following disclaimer
>> in the
>> + * documentation and/or other materials provided with the
>> distribution.
>> + * 3. Neither the name of RMI Corporation, nor the names of its
>> contributors,
>> + * may be used to endorse or promote products derived from this
>> software
>> + * without specific prior written permission.
>> + *
>> + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS
>> IS'' AND
>> + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
>> TO, THE
>> + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
>> PARTICULAR PURPOSE
>> + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
>> BE LIABLE
>> + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
>> CONSEQUENTIAL
>> + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
>> SUBSTITUTE GOODS
>> + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
>> INTERRUPTION)
>> + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
>> CONTRACT, STRICT
>> + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
>> IN ANY WAY
>> + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
>> POSSIBILITY OF
>> + * SUCH DAMAGE.
>> + *
>> + * RMI_BSD */
>> +#ifndef _DESC_H_
>> +#define _DESC_H_
>> +
>> +
>> +#define ONE_BIT 0x0000000000000001ULL
>> +#define TWO_BITS 0x0000000000000003ULL
>> +#define THREE_BITS 0x0000000000000007ULL
>> +#define FOUR_BITS 0x000000000000000fULL
>> +#define FIVE_BITS 0x000000000000001fULL
>> +#define SIX_BITS 0x000000000000003fULL
>> +#define SEVEN_BITS 0x000000000000007fULL
>> +#define EIGHT_BITS 0x00000000000000ffULL
>> +#define NINE_BITS 0x00000000000001ffULL
>> +#define ELEVEN_BITS 0x00000000000007ffULL
>> +#define TWELVE_BITS 0x0000000000000fffULL
>> +#define FOURTEEN_BITS 0x0000000000003fffULL
>> +#define TWENTYFOUR_BITS 0x0000000000ffffffULL
>> +#define THIRTY_TWO_BITS 0x00000000ffffffffULL
>> +#define THIRTY_FIVE_BITS 0x00000007ffffffffULL
>> +#define FOURTY_BITS 0x000000ffffffffffULL
>> +
>> +#define MSG_IN_CTL_LEN_BASE 40
>> +#define MSG_IN_CTL_ADDR_BASE 0
>> +
>> +#define GET_FIELD(word,field) \
>> + ((word) & (field ## _MASK)) >> (field ## _LSB)
>> +
>> +#define FIELD_VALUE(field,value) (((value) & (field ## _BITS)) <<
>> (field ## _LSB))
>> +
>> +/*
>> + * NOTE: this macro expects 'word' to be uninitialized (i.e. zeroed)
>> + */
>> +#define SET_FIELD(word,field,value) \
>> + { (word) |= (((value) & (field ## _BITS)) << (field ## _LSB)); }
>> +
>> +/*
>> + * This macro clears 'word', then sets the value
>> + */
>> +#define CLEAR_SET_FIELD(word,field,value) \
>> + { (word) &= ~((field ## _BITS) << (field ## _LSB)); \
>> + (word) |= (((value) & (field ## _BITS)) << (field ## _LSB)); }
>> +
>> +/*
>> + * NOTE: May be used to build value specific mask
>> + * (e.g. GEN_MASK(CTL_DSC_CPHR_3DES,CTL_DSC_CPHR_LSB)
>> + */
>> +#define GEN_MASK(bits,lsb) ((bits) << (lsb))
>> +
>> +
>> +
>> +
>> +/*
>> + * Security block data and control exchange
>> + *
>> + * A 2-word message ring descriptor is used to pass a pointer to
>> the control descriptor data structure
>> + * and a pointer to the packet descriptor data structure:
>> + *
>> + * 63 61 60 54 53 52 49
>> 48 45 44 40
>> + * 39 5
>> 4 0
>> + *
>> ---------------------------------------------------------------------------------------------------------------------------------------------------------
>> + * | Ctrl | Resp Dest Id Entry0 | IF_L2ALLOC | UNUSED | Control
>> Length | UNUSED
>> + * | 35 MSB of address of control descriptor data structure |
>> Software Scratch0
>> + * |
>> + *
>> ---------------------------------------------------------------------------------------------------------------------------------------------------------
>> + * 3 7 1 4
>> 4 5
>> + * 35 5
>> + *
>> + * 63 61 60 54 53 52 51 50
>> 46 45 44 40
>> 39 5 4 0
>> + *
>> ---------------------------------------------------------------------------------------------------------------------------------------------------------
>> + * | Ctrl | UNUSED | WRB_COH | WRB_L2ALLOC | DF_PTR_L2ALLOC |
>> UNUSED | Data Length | UNUSED | 35 MSB of address of packet
>> descriptor data structure | UNUSED |
>> + *
>> ---------------------------------------------------------------------------------------------------------------------------------------------------------
>> + * 3 7 1 1 1
>> 5 1 5
>> 35 5
>> + *
>> + * Addresses assumed to be cache-line aligned, i.e., Address[4:0]
>> ignored (using 5'h00 instead)
>> + *
>> + * Control length is the number of control cachelines to be read
>> so user needs
>> + * to round up
>> + * the control length to closest integer multiple of 32 bytes.
>> Note that at
>> + * present (08/12/04)
>> + * the longest (sensical) ctrl structure is <= 416 bytes, i.e., 13
>> cachelines.
>> + *
>> + * The packet descriptor data structure size is fixed at 1
>> cacheline (32 bytes).
>> + * This effectively makes "Data Length" a Load/NoLoad bit. NoLoad
>> causes an abort.
>> + *
>> + *
>> + * Upon completion of operation, the security block returns a 2-
>> word free descriptor
>> + * in the following format:
>> + *
>> + * 63 61 60 54 53 52 51 49 48
>> 47 40
>> 39 0
>> + *
>> ----------------------------------------------------------------------------------------------------------------------------
>> + * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | 1'b0 |
>> Instruction Error | Address of control descriptor data
>> structure |
>> + *
>> ----------------------------------------------------------------------------------------------------------------------------
>> + * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | 1'b0 | Data
>> Error | Address of packet descriptor data structure |
>> + *
>> ----------------------------------------------------------------------------------------------------------------------------
>> + *
>> + * The Instruction and Data Error codes are enumerated in the
>> + * ControlDescriptor and PacketDescriptor sections below
>> + *
>> + */
>> +
>> +
>> +/*
>> + * Operating assumptions
>> + * =====================
>> + *
>> + *
>> + * -> For all IpSec ops, I assume that all the IP/IPSec/
>> TCP headers
>> + * and the data are present at the specified source addresses.
>> + * I also assume that all necessary header data already exists
>> + * at the destination. Additionally, in AH I assume that all
>> + * mutable fields (IP.{TOS, Flags, Offset, TTL,
>> Header_Checksum})
>> + * and the AH.Authentication_Data have been zeroed by the
>> client.
>> + *
>> + *
>> + * -> In principle, the HW can calculate TCP checksums on both
>> + * incoming and outgoing data; however, since the TCP header
>> + * contains the TCP checksum of the plain payload and the header
>> + * is encrypted, two passes would be necessary to do checksum
>> + encryption
>> + * for outgoing messages;
>> + * therefore the checksum engine will likely only be used
>> during decryption
>> + * (incoming).
>> + *
>> + *
>> + * -> For all operations involving TCP checksum, I assume the
>> client has filled
>> + * the TCP checksum field with the appropriate value:
>> + *
>> + * - 0 for generation phase
>> + * - actual value for verification phase (expecting 0 result)
>> + *
>> + *
>> + * -> For ESP tunnel, the original IP header exists between the
>> end of the
>> + * ESP header and the beginning of the TCP header; it is
>> assumed that the
>> + * maximum length of this header is 16 k(32bit)words (used in
>> CkSum_Offset).
>> + *
>> + *
>> + * -> The authentication data is merely written to the
>> destination address;
>> + * the client is left with the task of comparing to the data
>> in packet
>> + * in decrypt.
>> + *
>> + * -> PacketDescriptor_t.dstLLWMask relevant to AES
>> CTR mode only but it will
>> + * affect all AES-related operations. It will not
>> affect DES/3DES/bypass ops.
>> + * The mask is applied to data as it emerges from
>> the AES engine for the sole
>> + * purpose of providing the authenticator and
>> cksum engines with correct data.
>> + * CAVEAT: the HW does not mask the incoming data.
>> It is the user's responsibility
>> + * to set to 0 the corresponding data in memory.
>> If the surplus data is not masked
>> + * in memory, cksum/auth results will be incorrect
>> if those engines receive data
>> + * straight from memory (i.e., not from cipher, as
>> it happens while decoding)
>> + */
>> +
>> +/*
>> + * Fragmentation and offset related notes
>> + * ======================================
>> + *
>> + *
>> + * A) Rebuilding packets from fragments on dword boundaries.
>> The discussion
>> + * below is exemplified by tests memcpy_all_off_frags and
>> memcpy_same_off_frags
>> + *
>> + * 1) The Offset before data/iv on first fragment is
>> ALWAYS written back
>> + * Non-zero dst dword or global offsets may cause
>> more data to be
>> + * written than the user-specified length.
>> + *
>> + *
>> + * Example:
>> + * --------
>> + *
>> + * Below is a source (first fragment) packet (@
>> ADD0 cache-aligned address).
>> + * Assume we just copy it and relevant data starts
>> on
>> + * dword 3 so Cipher_Offset = IV_Offset = 3
>> (dwords).
>> + * D0X denotes relevant data and G denotes dont
>> care data.
>> + * Offset data is also copied so Packet_Legth = 9
>> (dwords) * 8 = 72 (bytes)
>> + * Segment_src_address = ADD0
>> + *
>> + * If we want to, e.g., copy so that the relevant
>> (i.e., D0X) data
>> + * starts at (cache-aligned address) ADD1, we need
>> to specify
>> + * Dst_dword_offset = 1 so D00 is moved from dword
>> position 3 to 0 on next cache-line
>> + * Cipher_dst_address = ADD1 - 0x20 so D00 is
>> written to ADD1
>> + *
>> + * Note that the security engine always writes
>> full cachelines
>> + * therefore, data written to dword0 0 of ADD1
>> (denoted w/ ?) is what the sec pipe
>> + * write back buffer contained from previous op.
>> + *
>> + *
>> + *
>> SOURCE: DESTINATION:
>> + *
>> ------- ------------
>> + *
>> + * Segment_src_address =
>> ADD0 Cipher_dst_address = ADD1 - 0x20
>> + * Packet_Legth =
>> 72 Dst_dword_offset = 1
>> + * Cipher_Offset = 3
>> + * IV_Offset = 3
>> + * Use_IV = ANY
>> + *
>> + *
>> + *
>> + * 3 2 1
>> 0 3 2 1 0
>> + *
>> -----------------------
>> -----------------------
>> + * | D00 | G | G | G | <-
>> ADD0 | G | G | G | ? | <- ADD1 - 0x20
>> + *
>> -----------------------
>> -----------------------
>> + * | D04 | D03 | D02 | D01
>> | | D03 | D02 | D01 | D00 | <- ADD1
>> + *
>> -----------------------
>> -----------------------
>> + * | | | | D05
>> | | | | D05 | D04 |
>> + *
>> -----------------------
>> -----------------------
>> + *
>> + * 2) On fragments following the first, IV_Offset is
>> overloaded to mean data offset
>> + * (number of dwords to skip from beginning of
>> cacheline before starting processing)
>> + * and Use_IV is overloaded to mean do writeback
>> the offset (in the clear).
>> + * These fields in combination with
>> Dst_dword_offset allow packet fragments with
>> + * arbitrary boundaries/lengthd to be reasembled.
>> + *
>> + *
>> + * Example:
>> + * --------
>> + *
>> + * Assume data above was first fragment of a
>> packet we'd like to merge to
>> + * (second) fragment below located at ADD2. The
>> written data should follow
>> + * the previous data without gaps or overwrites.
>> To achieve this, one should
>> + * assert the "Next" field on the previous
>> fragment and use self-explanatory
>> + * set of parameters below
>> + *
>> + *
>> + *
>> SOURCE: DESTINATION:
>> + *
>> ------- ------------
>> + *
>> + * Segment_src_address =
>> ADD2 Cipher_dst_address = ADD1 + 0x20
>> + * Packet_Legth =
>> 104 Dst_dword_offset = 1
>> + * IV_Offset = 1
>> + * Use_IV = 0
>> + *
>> + *
>> + *
>> + * 3 2 1
>> 0 3 2 1 0
>> + *
>> -----------------------
>> -----------------------
>> + * | D12 | D11 | D10 | G | <-
>> ADD2 | G | G | G | ? | <- ADD1 - 0x20
>> + *
>> -----------------------
>> -----------------------
>> + * | D16 | D15 | D14 | D13
>> | | D03 | D02 | D01 | D00 | <- ADD1
>> + *
>> -----------------------
>> -----------------------
>> + * | D1a | D19 | D18 | D17
>> | | D11 | D10 | D05 | D04 | <- ADD1 + 0x20
>> + *
>> -----------------------
>> -----------------------
>> + * | | | | D1b
>> | | D15 | D14 | D13 | D12 |
>> + *
>> -----------------------
>> -----------------------
>> +
>> * |
>> D19 | D18 | D17 | D16 |
>> +
>> * -----------------------
>> +
>> * |
>> | | D1b | D1a |
>> +
>> * -----------------------
>> + *
>> + * It is note-worthy that the merging can only be
>> achieved if Use_IV is 0. Indeed, the security
>> + * engine always writes full lines, therefore ADD1
>> + 0x20 will be re-written. Setting Use_IV to 0
>> + * will allow the sec pipe write back buffer to
>> preserve D04, D05 from previous frag and only
>> + * receive D10, D11 thereby preserving the
>> integrity of the previous data.
>> + *
>> + * 3) On fragments following the first, !UseIV in
>> combination w/ Dst_dword_offset >= (4 - IV_Offset)
>> + * will cause a wraparound of the write thus
>> achieving all 16 possible (Initial_Location, Final_Location)
>> + * combinations for the data.
>> + *
>> + *
>> + * Example:
>> + * --------
>> + *
>> + * Contiguously merging 2 data sets above with a
>> third located at ADD3. If this is the last fragment,
>> + * reset its Next bit.
>> + *
>> + *
>> + *
>> SOURCE: DESTINATION:
>> + *
>> ------- ------------
>> + *
>> + * Segment_src_address =
>> ADD3 Cipher_dst_address = ADD1 + 0x80
>> + * Packet_Legth =
>> 152 Dst_dword_offset = 3
>> + * IV_Offset = 3
>> + * Use_IV = 0
>> + *
>> + *
>> + *
>> + * 3 2 1
>> 0 3 2 1 0
>> + *
>> -----------------------
>> -----------------------
>> + * | D20 | G | G | G | <-
>> ADD2 | G | G | G | ? | <- ADD1 - 0x20
>> + *
>> -----------------------
>> -----------------------
>> + * | D24 | D23 | D22 | D21
>> | | D03 | D02 | D01 | D00 | <- ADD1
>> + *
>> -----------------------
>> -----------------------
>> + * | D28 | D27 | D26 | D25
>> | | D11 | D10 | D05 | D04 | <- ADD1 + 0x20
>> + *
>> -----------------------
>> -----------------------
>> + * | D2c | D2b | D2a | D29
>> | | D15 | D14 | D13 | D12 |
>> + *
>> -----------------------
>> -----------------------
>> + * | | D2f | D2e | D2d
>> | | D19 | D18 | D17 | D16 |
>> + *
>> -----------------------
>> -----------------------
>> +
>> * |
>> D21 | D20 | D1b | D1a | <- ADD1 + 0x80
>> +
>> * -----------------------
>> +
>> * |
>> D25 | D24 | D23 | D22 |
>> +
>> * -----------------------
>> +
>> * |
>> D29 | D28 | D27 | D26 |
>> +
>> * -----------------------
>> +
>> * |
>> D2d | D2c | D2b | D2a |
>> +
>> * -----------------------
>> +
>> * |
>> (D2d)|(D2c)| D2f | D2e |
>> +
>> * -----------------------
>> + *
>> + * It is worth noticing that always writing full-
>> lines causes the last 2 dwords in the reconstituted
>> + * packet to be unnecessarily written: (D2d) and
>> (D2c)
>> + *
>> + *
>> + *
>> + * B) Implications of fragmentation on AES
>> + *
>> + * 1) AES is a 128 bit block cipher; therefore it requires
>> an even dword total data length
>> + * Data fragments (provided there are more than 1)
>> are allowed to have odd dword
>> + * data lengths provided the total length
>> (cumulated over fragments) is an even dword
>> + * count; an error will be generated otherwise,
>> upon receiving the last fragment descriptor
>> + * (see error conditions below).
>> + *
>> + * 2) While using fragments with AES, a fragment
>> (other than first) starting with a != 0 (IV) offset
>> + * while the subsequent total dword count given to
>> AES is odd may not be required to write
>> + * its offset (UseIV). Doing so will cause an
>> error (see error conditions below).
>> + *
>> + *
>> + * Example:
>> + * --------
>> + *
>> + * Suppose the first fragment has an odd DATA
>> dword count and USES AES (as seen below)
>> + *
>> + *
>> SOURCE: DESTINATION:
>> + *
>> ------- ------------
>> + *
>> + * Segment_src_address =
>> ADD0 Cipher_dst_address = ADD1
>> + * Packet_Legth =
>> 64 Dst_dword_offset = 1
>> + * Cipher_Offset = 3
>> + * IV_Offset = 1
>> + * Use_IV = 1
>> + * Cipher = Any AES
>> + * Next = 1
>> + *
>> + *
>> + *
>> + *
>> + * 3 2 1
>> 0 3 2 1 0
>> + *
>> -----------------------
>> -----------------------
>> + * | D00 | IV1 | IV0 | G | <-
>> ADD0 | E00 | IV1 | IV0 | G | <- ADD1
>> + *
>> -----------------------
>> -----------------------
>> + * | D04 | D03 | D02 | D01
>> | | X | E03 | E02 | E01 |
>> + *
>> -----------------------
>> -----------------------
>> + *
>> + * At the end of processing of the previous
>> fragment, the AES engine input buffer has D04
>> + * and waits for next dword, therefore the
>> writeback buffer cannot finish writing the fragment
>> + * to destination (X instead of E04).
>> + *
>> + * If a second fragment now arrives with a non-0
>> offset and requires the offset data to be
>> + * written to destination, the previous write
>> (still needing the arrival of the last dword
>> + * required by the AES to complete the previous
>> operation) cannot complete before the present
>> + * should start causing a deadlock.
>> + */
>> +
>> +/*
>> + * Command Control Word for Message Ring Descriptor
>> + */
>> +
>> +/* #define MSG_CMD_CTL_CTL */
>> +#define MSG_CMD_CTL_CTL_LSB 61
>> +#define MSG_CMD_CTL_CTL_BITS THREE_BITS
>> +#define MSG_CMD_CTL_CTL_MASK (MSG_CMD_CTL_CTL_BITS <<
>> MSG_CMD_CTL_CTL_LSB)
>> +
>> +/* #define MSG_CMD_CTL_ID */
>> +#define MSG_CMD_CTL_ID_LSB 54
>> +#define MSG_CMD_CTL_ID_BITS SEVEN_BITS
>> +#define MSG_CMD_CTL_ID_MASK (MSG_CMD_CTL_ID_BITS <<
>> MSG_CMD_CTL_ID_LSB)
>> +
>> +/* #define MSG_CMD_CTL_LEN */
>> +#define MSG_CMD_CTL_LEN_LSB 45
>> +#define MSG_CMD_CTL_LEN_BITS FOUR_BITS
>> +#define MSG_CMD_CTL_LEN_MASK (MSG_CMD_CTL_LEN_BITS <<
>> MSG_CMD_CTL_LEN_LSB)
>> +
>> +
>> +/* #define MSG_CMD_CTL_ADDR */
>> +#define MSG_CMD_CTL_ADDR_LSB 0
>> +#define MSG_CMD_CTL_ADDR_BITS FOURTY_BITS
>> +#define MSG_CMD_CTL_ADDR_MASK (MSG_CMD_CTL_ADDR_BITS <<
>> MSG_CMD_CTL_ADDR_LSB)
>> +
>> +#define MSG_CMD_CTL_MASK (MSG_CMD_CTL_CTL_MASK | \
>> + MSG_CMD_CTL_LEN_MASK |
>> MSG_CMD_CTL_ADDR_MASK)
>> +
>> +/*
>> + * Command Data Word for Message Ring Descriptor
>> + */
>> +
>> +/* #define MSG_IN_DATA_CTL */
>> +#define MSG_CMD_DATA_CTL_LSB 61
>> +#define MSG_CMD_DATA_CTL_BITS THREE_BITS
>> +#define MSG_CMD_DATA_CTL_MASK (MSG_CMD_DATA_CTL_BITS <<
>> MSG_CMD_DATA_CTL_LSB)
>> +
>> +/* #define MSG_CMD_DATA_LEN */
>> +#define MSG_CMD_DATA_LEN_LOAD 1
>> +#define MSG_CMD_DATA_LEN_LSB 45
>> +#define MSG_CMD_DATA_LEN_BITS ONE_BIT
>> +#define MSG_CMD_DATA_LEN_MASK (MSG_CMD_DATA_LEN_BITS <<
>> MSG_CMD_DATA_LEN_LSB)
>> +
>> +/* #define MSG_CMD_DATA_ADDR */
>> +#define MSG_CMD_DATA_ADDR_LSB 0
>> +#define MSG_CMD_DATA_ADDR_BITS FOURTY_BITS
>> +#define MSG_CMD_DATA_ADDR_MASK (MSG_CMD_DATA_ADDR_BITS <<
>> MSG_CMD_DATA_ADDR_LSB)
>> +
>> +#define MSG_CMD_DATA_MASK (MSG_CMD_DATA_CTL_MASK | \
>> + MSG_CMD_DATA_LEN_MASK |
>> MSG_CMD_DATA_ADDR_MASK)
>> +
>> +
>> +/*
>> + * Upon completion of operation, the Sec block returns a 2-word
>> free descriptor
>> + * in the following format:
>> + *
>> + * 63 61 60 54 53 52 51 49 48 40
>> 39 0
>> + *
>> ----------------------------------------------------------------------------
>> + * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | Control Error |
>> Source Address |
>> + *
>> ----------------------------------------------------------------------------
>> + * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | Data Error |
>> Dest Address |
>> + *
>> ----------------------------------------------------------------------------
>> + *
>> + * The Control and Data Error codes are enumerated below
>> + *
>> + * Error conditions
>> + * ================
>> + *
>> + * Control Error Code Control Error
>> Condition
>> + * ------------------
>> ---------------------------
>> + * 9'h000 No Error
>> + * 9'h001 Unknown Cipher
>> Op ( Cipher == 3'h{6,7})
>> + * 9'h002 Unknown or
>> Illegal Mode ((Mode == 3'h{2,3,4} & !AES) |
>> (Mode == 3'h{5,6,7}))
>> + * 9'h004 Unsupported
>> CkSum Src (CkSum_Src == 2'h{2,3} & CKSUM)
>> + * 9'h008 Forbidden CFB
>> Mask (AES & CFBMode & UseNewKeysCFBMask &
>> CFBMask[7] & (| CFBMask[6:0]))
>> + * 9'h010 Unknown Ctrl
>> Op ((| Ctrl[63:37]) | (| Ctrl[15:14]))
>> + * 9'h020 UNUSED
>> + * 9'h040 UNUSED
>> + * 9'h080 Data Read Error
>> + * 9'h100 Descriptor Ctrl
>> Field Error (D0.Ctrl != SOP || D1.Ctrl != EOP)
>> + *
>> + * Data Error Code Data Error
>> Condition
>> + * ---------------
>> --------------------
>> + * 9'h000 No Error
>> + * 9'h001 Insufficient
>> Data To Cipher (Packet_Length <= (Cipher_Offset or
>> IV_Offset))
>> + * 9'h002 Illegal IV
>> Location ((Cipher_Offset < IV_Offset) |
>> (Cipher_Offset <= IV_Offset & AES & ~CTR))
>> + * 9'h004 Illegal
>> Wordcount To AES (Packet_Length[3] !=
>> Cipher_Offset[0] & AES)
>> + * 9'h008 Illegal Pad And
>> ByteCount Spec (Hash_Byte_Count != 0 & !Pad_Hash)
>> + * 9'h010 Insufficient
>> Data To CkSum ({Packet_Length, 1'b0} <= CkSum_Offset)
>> + * 9'h020 Unknown Data
>> Op ((| dstLLWMask[63:60]) | (|
>> dstLLWMask[57:40]) | (| authDst[63:40]) | (| ckSumDst[63:40]))
>> + * 9'h040 Insufficient
>> Data To Auth ({Packet_Length} <= Auth_Offset)
>> + * 9'h080 Data Read Error
>> + * 9'h100 UNUSED
>> + */
>> +
>> +/*
>> + * Result Control Word for Message Ring Descriptor
>> + */
>> +
>> +/* #define MSG_RSLT_CTL_CTL */
>> +#define MSG_RSLT_CTL_CTL_LSB 61
>> +#define MSG_RSLT_CTL_CTL_BITS THREE_BITS
>> +#define MSG_RSLT_CTL_CTL_MASK \
>> + (MSG_RSLT_CTL_CTL_BITS << MSG_RSLT_CTL_CTL_LSB)
>> +
>> +/* #define MSG_RSLT_CTL_DST_ID */
>> +#define MSG_RSLT_CTL_DST_ID_LSB 54
>> +#define MSG_RSLT_CTL_DST_ID_BITS SEVEN_BITS
>> +#define MSG_RSLT_CTL_DST_ID_MASK \
>> + (MSG_RSLT_CTL_DST_ID_BITS << MSG_RSLT_CTL_DST_ID_LSB)
>> +
>> +/* #define MSG_RSLT_CTL_DSC_CTL */
>> +#define MSG_RSLT_CTL_DSC_CTL_LSB 49
>> +#define MSG_RSLT_CTL_DSC_CTL_BITS THREE_BITS
>> +#define MSG_RSLT_CTL_DSC_CTL_MASK \
>> + (MSG_RSLT_CTL_DSC_CTL_BITS << MSG_RSLT_CTL_DSC_CTL_LSB)
>> +
>> +/* #define MSG_RSLT_CTL_INST_ERR */
>> +#define MSG_RSLT_CTL_INST_ERR_LSB 40
>> +#define MSG_RSLT_CTL_INST_ERR_BITS NINE_BITS
>> +#define MSG_RSLT_CTL_INST_ERR_MASK \
>> + (MSG_RSLT_CTL_INST_ERR_BITS << MSG_RSLT_CTL_INST_ERR_LSB)
>> +
>> +/* #define MSG_RSLT_CTL_DSC_ADDR */
>> +#define MSG_RSLT_CTL_DSC_ADDR_LSB 0
>> +#define MSG_RSLT_CTL_DSC_ADDR_BITS FOURTY_BITS
>> +#define MSG_RSLT_CTL_DSC_ADDR_MASK \
>> + (MSG_RSLT_CTL_DSC_ADDR_BITS << MSG_RSLT_CTL_DSC_ADDR_LSB)
>> +
>> +/* #define MSG_RSLT_CTL_MASK */
>> +#define MSG_RSLT_CTL_MASK \
>> + (MSG_RSLT_CTL_CTRL_MASK | MSG_RSLT_CTL_DST_ID_MASK | \
>> + MSG_RSLT_CTL_DSC_CTL_MASK | MSG_RSLT_CTL_INST_ERR_MASK | \
>> + MSG_RSLT_CTL_DSC_ADDR_MASK)
>> +
>> +/*
>> + * Result Data Word for Message Ring Descriptor
>> + */
>> +/* #define MSG_RSLT_DATA_CTL */
>> +#define MSG_RSLT_DATA_CTL_LSB 61
>> +#define MSG_RSLT_DATA_CTL_BITS THREE_BITS
>> +#define MSG_RSLT_DATA_CTL_MASK \
>> + (MSG_RSLT_DATA_CTL_BITS << MSG_RSLT_DATA_CTL_LSB)
>> +
>> +/* #define MSG_RSLT_DATA_DST_ID */
>> +#define MSG_RSLT_DATA_DST_ID_LSB 54
>> +#define MSG_RSLT_DATA_DST_ID_BITS SEVEN_BITS
>> +#define MSG_RSLT_DATA_DST_ID_MASK \
>> + (MSG_RSLT_DATA_DST_ID_BITS << MSG_RSLT_DATA_DST_ID_LSB)
>> +
>> +/* #define MSG_RSLT_DATA_DSC_CTL */
>> +#define MSG_RSLT_DATA_DSC_CTL_LSB 49
>> +#define MSG_RSLT_DATA_DSC_CTL_BITS THREE_BITS
>> +#define MSG_RSLT_DATA_DSC_CTL_MASK \
>> + (MSG_RSLT_DATA_DSC_CTL_BITS << MSG_RSLT_DATA_DSC_CTL_LSB)
>> +
>> +/* #define MSG_RSLT_DATA_INST_ERR */
>> +#define MSG_RSLT_DATA_INST_ERR_LSB 40
>> +#define MSG_RSLT_DATA_INST_ERR_BITS NINE_BITS
>> +#define MSG_RSLT_DATA_INST_ERR_MASK \
>> + (MSG_RSLT_DATA_INST_ERR_BITS << MSG_RSLT_DATA_INST_ERR_LSB)
>> +
>> +/* #define MSG_RSLT_DATA_DSC_ADDR */
>> +#define MSG_RSLT_DATA_DSC_ADDR_LSB 0
>> +#define MSG_RSLT_DATA_DSC_ADDR_BITS FOURTY_BITS
>> +#define MSG_RSLT_DATA_DSC_ADDR_MASK \
>> + (MSG_RSLT_DATA_DSC_ADDR_BITS << MSG_RSLT_DATA_DSC_ADDR_LSB)
>> +
>> +#define MSG_RSLT_DATA_MASK \
>> + (MSG_RSLT_DATA_CTRL_MASK | MSG_RSLT_DATA_DST_ID_MASK | \
>> + MSG_RSLT_DATA_DSC_CTL_MASK | MSG_RSLT_DATA_INST_ERR_MASK | \
>> + MSG_RSLT_DATA_DSC_ADDR_MASK)
>> +
>> +
>> +/*
>> + * Common Message Definitions
>> + *
>> + */
>> +
>> +/* #define MSG_CTL_OP_ADDR */
>> +#define MSG_CTL_OP_ADDR_LSB 0
>> +#define MSG_CTL_OP_ADDR_BITS FOURTY_BITS
>> +#define MSG_CTL_OP_ADDR_MASK (MSG_CTL_OP_ADDR_BITS <<
>> MSG_CTL_OP_ADDR_LSB)
>> +
>> +#define MSG_CTL_OP_TYPE
>> +#define MSG_CTL_OP_TYPE_LSB 3
>> +#define MSG_CTL_OP_TYPE_BITS TWO_BITS
>> +#define MSG_CTL_OP_TYPE_MASK \
>> + (MSG_CTL_OP_TYPE_BITS << MSG_CTL_OP_TYPE_LSB)
>> +
>> +#define MSG0_CTL_OP_ENGINE_SYMKEY 0x01
>> +#define MSG0_CTL_OP_ENGINE_PUBKEY 0x02
>> +
>> +#define MSG1_CTL_OP_SYMKEY_PIPE0 0x00
>> +#define MSG1_CTL_OP_SYMKEY_PIPE1 0x01
>> +#define MSG1_CTL_OP_SYMKEY_PIPE2 0x02
>> +#define MSG1_CTL_OP_SYMKEY_PIPE3 0x03
>> +
>> +#define MSG1_CTL_OP_PUBKEY_PIPE0 0x00
>> +#define MSG1_CTL_OP_PUBKEY_PIPE1 0x01
>> +#define MSG1_CTL_OP_PUBKEY_PIPE2 0x02
>> +#define MSG1_CTL_OP_PUBKEY_PIPE3 0x03
>> +
>> +
>> +/* /----------------------------------------\
>> + * | |
>> + * | ControlDescriptor_s datastructure |
>> + * | |
>> + * \----------------------------------------/
>> + *
>> + *
>> + * ControlDescriptor_t.Instruction
>> + * -------------------------------
>> + *
>> + * 63 44 43 42
>> 41 40 39 35 34 32 31 29 28
>> + *
>> --------------------------------------------------------------------------------------------------------------------
>> + * || UNUSED || OverrideCipher | Arc4Wait4Save | SaveArc4State |
>> LoadArc4State | Arc4KeyLen | Cipher | Mode | InCp_Key || ... CONT ...
>> + *
>> --------------------------------------------------------------------------------------------------------------------
>> + * 20 1 1
>> 1 1 5 3 3 1
>> + * <-----------------------------------------------
>> CIPHER--------------------------------------------------->
>> + *
>> + * 27 25 24 23 22 21 20 19 17
>> 16 15 0
>> + *
>> -----------------------------------------------------------------------------
>> + * || UNUSED | Hash_Hi | HMAC | Hash_Lo | InHs_Key || UNUSED ||
>> CkSum || UNUSED ||
>> + *
>> -----------------------------------------------------------------------------
>> + * 3 1 1 2 1 3
>> 1 16
>> + * <---------------------HASH---------------------><-----------
>> CKSUM----------->
>> + *
>> + * X0 CIPHER.Arc4Wait4Save = If op is Arc4
>> and it requires state saving, then
>> + * setting this
>> bit will cause the current op to
>> + * delay
>> subsequent op loading until saved state data
>> + * becomes visible.
>> + * CIPHER.OverrideCipher = Override
>> encryption if PacketDescriptor_t.dstDataSettings.CipherPrefix
>> + * is set; data
>> will be copied out (and optionally auth/cksum)
>> + * in the clear.
>> This is used in GCM mode if auth only as we
>> + * still need E(K,
>> 0) calculated by cipher. Engine behavior is
>> + * undefined if
>> this bit is set and CipherPrefix is not.
>> + * X0 SaveArc4State = Save Arc4 state
>> at the end of Arc4 operation
>> + * X0 LoadArc4State = Load Arc4 state
>> at the beginning of an Arc4 operation
>> + * This overriden
>> by the InCp_Key setting for Arc4
>> + * Arc4KeyLen = Length in bytes
>> of Arc4 key (0 is interpreted as 32)
>> + * Ignored for
>> other ciphers
>> + * For ARC4,
>> IFetch/IDecode will always read exactly 4
>> + * consecutive
>> dwords into its CipherKey{0,3} regardless
>> + * of this
>> quantity; it will however only use the specified
>> + * number of bytes.
>> + * Cipher = 3'b000 Bypass
>> + * 3'b001 DES
>> + * 3'b010 3DES
>> + * 3'b011 AES 128-bit key
>> + * 3'b100 AES 192-bit key
>> + * 3'b101 AES 256-bit key
>> + * 3'b110 ARC4
>> + * 3'b111 Kasumi f8
>> + * Remainder UNDEFINED
>> + * Mode = 3'b000 ECB
>> + * 3'b001 CBC
>> + * 3'b010 CFB (AES only,
>> otherwise undefined)
>> + * 3'b011 OFB (AES only,
>> otherwise undefined)
>> + * 3'b100 CTR (AES only,
>> otherwise undefined)
>> + * 3'b101 F8 (AES only,
>> otherwise undefined)
>> + * Remainder UNDEFINED
>> + * InCp_Key = 1'b0 Preserve old
>> Cipher Keys
>> + * 1'b1 Load new Cipher
>> Keys from memory to local registers
>> + * and recalculate
>> the Arc4 Sbox if Arc4 Cipher chosen;
>> + * This overrides
>> LoadArc4State setting.
>> + * HASH.HMAC = 1'b0 Hash without HMAC
>> + * 1'b1 Hash with HMAC
>> + * Needs to be set
>> to 0 for GCM and Kasumi F9 authenticators
>> + * otherwise
>> unpredictable results will be generated
>> + * Hash = 2'b00 Hash NOP
>> + * 2'b01 MD5
>> + * 2'b10 SHA-1
>> + * 2'b11 SHA-256
>> + * 3'b100 SHA-384
>> + * 3'b101 SHA-512
>> + * 3'b110 GCM
>> + * 3'b111 Kasumi f9
>> + * InHs_Key = 1'b0 Preserve old
>> HMAC Keys
>> + * If GCM is
>> selected as authenticator, leaving this bit
>> + * at 0 will cause
>> the engine to use the old H value.
>> + * It will use the
>> old SCI inside the decoder if
>> + * CFBMask[1:0] ==
>> 2'b11.
>> + * If Kasumi F9
>> authenticator, using 0 preserves
>> + * old keys (IK)
>> in decoder.
>> + * 1'b1 Load new HMAC
>> Keys from memory to local registers
>> + * Setting this
>> bit while Cipher=Arc4 and LoadArc4State=1
>> + * causes the
>> decoder to load the Arc4 state from the
>> + * cacheline
>> following the HMAC keys (Whether HASH.HMAC
>> + * is set or not).
>> + * If GCM is
>> selected as authenticator, setting this bit
>> + * causes both H
>> (16 bytes) and SCI (8 bytes) to be loaded
>> + * from memory to
>> the decoder. H will be loaded to the engine
>> + * but SCI is only
>> loaded to the engine if CFBMask[1:0] == 2'b11.
>> + * If Kasumi F9
>> authenticator, using 1 loads new keys (IK)
>> + * from memory to
>> decoder.
>> + * CHECKSUM.CkSum = 1'b0 CkSum NOP
>> + * 1'b1 INTERNET_CHECKSUM
>> + *
>> + *
>> + *
>> + */
>> +
>> + /* #define CTRL_DSC_OVERRIDECIPHER */
>> +#define CTL_DSC_OVERRIDECIPHER_OFF 0
>> +#define CTL_DSC_OVERRIDECIPHER_ON 1
>> +#define CTL_DSC_OVERRIDECIPHER_LSB 43
>> +#define CTL_DSC_OVERRIDECIPHER_BITS ONE_BIT
>> +#define CTL_DSC_OVERRIDECIPHER_MASK
>> (CTL_DSC_OVERRIDECIPHER_BITS << CTL_DSC_OVERRIDECIPHER_LSB)
>> +
>> +/* #define CTRL_DSC_ARC4_WAIT4SAVE */
>> +#define CTL_DSC_ARC4_WAIT4SAVE_OFF 0
>> +#define CTL_DSC_ARC4_WAIT4SAVE_ON 1
>> +#define CTL_DSC_ARC4_WAIT4SAVE_LSB 42
>> +#define CTL_DSC_ARC4_WAIT4SAVE_BITS ONE_BIT
>> +#define CTL_DSC_ARC4_WAIT4SAVE_MASK
>> (CTL_DSC_ARC4_WAIT4SAVE_BITS << CTL_DSC_ARC4_WAIT4SAVE_LSB)
>> +
>> +/* #define CTRL_DSC_ARC4_SAVESTATE */
>> +#define CTL_DSC_ARC4_SAVESTATE_OFF 0
>> +#define CTL_DSC_ARC4_SAVESTATE_ON 1
>> +#define CTL_DSC_ARC4_SAVESTATE_LSB 41
>> +#define CTL_DSC_ARC4_SAVESTATE_BITS ONE_BIT
>> +#define CTL_DSC_ARC4_SAVESTATE_MASK
>> (CTL_DSC_ARC4_SAVESTATE_BITS << CTL_DSC_ARC4_SAVESTATE_LSB)
>> +
>> +/* #define CTRL_DSC_ARC4_LOADSTATE */
>> +#define CTL_DSC_ARC4_LOADSTATE_OFF 0
>> +#define CTL_DSC_ARC4_LOADSTATE_ON 1
>> +#define CTL_DSC_ARC4_LOADSTATE_LSB 40
>> +#define CTL_DSC_ARC4_LOADSTATE_BITS ONE_BIT
>> +#define CTL_DSC_ARC4_LOADSTATE_MASK
>> (CTL_DSC_ARC4_LOADSTATE_BITS << CTL_DSC_ARC4_LOADSTATE_LSB)
>> +
>> +/* #define CTRL_DSC_ARC4_KEYLEN */
>> +#define CTL_DSC_ARC4_KEYLEN_LSB 35
>> +#define CTL_DSC_ARC4_KEYLEN_BITS FIVE_BITS
>> +#define CTL_DSC_ARC4_KEYLEN_MASK (CTL_DSC_ARC4_KEYLEN_BITS
>> << CTL_DSC_ARC4_KEYLEN_LSB)
>> +
>> +/* #define CTL_DSC_CPHR (cipher) */
>> +#define CTL_DSC_CPHR_BYPASS 0 /* undefined */
>> +#define CTL_DSC_CPHR_DES 1
>> +#define CTL_DSC_CPHR_3DES 2
>> +#define CTL_DSC_CPHR_AES128 3
>> +#define CTL_DSC_CPHR_AES192 4
>> +#define CTL_DSC_CPHR_AES256 5
>> +#define CTL_DSC_CPHR_ARC4 6
>> +#define CTL_DSC_CPHR_KASUMI_F8 7
>> +#define CTL_DSC_CPHR_LSB 32
>> +#define CTL_DSC_CPHR_BITS THREE_BITS
>> +#define CTL_DSC_CPHR_MASK (CTL_DSC_CPHR_BITS <<
>> CTL_DSC_CPHR_LSB)
>> +
>> +/* #define CTL_DSC_MODE */
>> +#define CTL_DSC_MODE_ECB 0
>> +#define CTL_DSC_MODE_CBC 1
>> +#define CTL_DSC_MODE_CFB 2
>> +#define CTL_DSC_MODE_OFB 3
>> +#define CTL_DSC_MODE_CTR 4
>> +#define CTL_DSC_MODE_F8 5
>> +#define CTL_DSC_MODE_LSB 29
>> +#define CTL_DSC_MODE_BITS THREE_BITS
>> +#define CTL_DSC_MODE_MASK (CTL_DSC_MODE_BITS <<
>> CTL_DSC_MODE_LSB)
>> +
>> +/* #define CTL_DSC_ICPHR */
>> +#define CTL_DSC_ICPHR_OKY 0 /* Old Keys */
>> +#define CTL_DSC_ICPHR_NKY 1 /* New Keys */
>> +#define CTL_DSC_ICPHR_LSB 28
>> +#define CTL_DSC_ICPHR_BITS ONE_BIT
>> +#define CTL_DSC_ICPHR_MASK (CTL_DSC_ICPHR_BITS <<
>> CTL_DSC_ICPHR_LSB)
>> +
>> +/* #define CTL_DSC_HASHHI */
>> +#define CTL_DSC_HASHHI_LSB 24
>> +#define CTL_DSC_HASHHI_BITS ONE_BIT
>> +#define CTL_DSC_HASHHI_MASK (CTL_DSC_HASHHI_BITS <<
>> CTL_DSC_HASHHI_LSB)
>> +
>> +/* #define CTL_DSC_HMAC */
>> +#define CTL_DSC_HMAC_OFF 0
>> +#define CTL_DSC_HMAC_ON 1
>> +#define CTL_DSC_HMAC_LSB 23
>> +#define CTL_DSC_HMAC_BITS ONE_BIT
>> +#define CTL_DSC_HMAC_MASK (CTL_DSC_HMAC_BITS <<
>> CTL_DSC_HMAC_LSB)
>> +
>> +/* #define CTL_DSC_HASH */
>> +#define CTL_DSC_HASH_NOP 0
>> +#define CTL_DSC_HASH_MD5 1
>> +#define CTL_DSC_HASH_SHA1 2
>> +#define CTL_DSC_HASH_SHA256 3
>> +#define CTL_DSC_HASH_SHA384 4
>> +#define CTL_DSC_HASH_SHA512 5
>> +#define CTL_DSC_HASH_GCM 6
>> +#define CTL_DSC_HASH_KASUMI_F9 7
>> +#define CTL_DSC_HASH_LSB 21
>> +#define CTL_DSC_HASH_BITS TWO_BITS
>> +#define CTL_DSC_HASH_MASK (CTL_DSC_HASH_BITS <<
>> CTL_DSC_HASH_LSB)
>> +
>> +/* #define CTL_DSC_IHASH */
>> +#define CTL_DSC_IHASH_OLD 0
>> +#define CTL_DSC_IHASH_NEW 1
>> +#define CTL_DSC_IHASH_LSB 20
>> +#define CTL_DSC_IHASH_BITS ONE_BIT
>> +#define CTL_DSC_IHASH_MASK (CTL_DSC_IHASH_BITS <<
>> CTL_DSC_IHASH_LSB)
>> +
>> +/* #define CTL_DSC_CKSUM */
>> +#define CTL_DSC_CKSUM_NOP 0
>> +#define CTL_DSC_CKSUM_IP 1
>> +#define CTL_DSC_CKSUM_LSB 16
>> +#define CTL_DSC_CKSUM_BITS ONE_BIT
>> +#define CTL_DSC_CKSUM_MASK (CTL_DSC_CKSUM_BITS <<
>> CTL_DSC_CKSUM_LSB)
>> +
>> +
>> +/*
>> + * Component strcts and unions defining CipherHashInfo_u
>> + */
>> +
>> +/* AES256, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1,
>> SHA-256) - 96 bytes */
>> +typedef struct AES256HMAC_s {
>> + uint64_t cipherKey0;
>> + uint64_t cipherKey1;
>> + uint64_t cipherKey2;
>> + uint64_t cipherKey3;
>> + uint64_t hmacKey0;
>> + uint64_t hmacKey1;
>> + uint64_t hmacKey2;
>> + uint64_t hmacKey3;
>> + uint64_t hmacKey4;
>> + uint64_t hmacKey5;
>> + uint64_t hmacKey6;
>> + uint64_t hmacKey7;
>> +} AES256HMAC_t, *AES256HMAC_pt;
>> +
>> +/* AES256, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-512)
>> - 160 bytes */
>> +typedef struct AES256HMAC2_s {
>> + uint64_t cipherKey0;
>> + uint64_t cipherKey1;
>> + uint64_t cipherKey2;
>> + uint64_t cipherKey3;
>> + uint64_t hmacKey0;
>> + uint64_t hmacKey1;
>> + uint64_t hmacKey2;
>> + uint64_t hmacKey3;
>> + uint64_t hmacKey4;
>> + uint64_t hmacKey5;
>> + uint64_t hmacKey6;
>> + uint64_t hmacKey7;
>> + uint64_t hmacKey8;
>> + uint64_t hmacKey9;
>> + uint64_t hmacKey10;
>> + uint64_t hmacKey11;
>> + uint64_t hmacKey12;
>> + uint64_t hmacKey13;
>> + uint64_t hmacKey14;
>> + uint64_t hmacKey15;
>> +} AES256HMAC2_t, *AES256HMAC2_pt;
>> +
>> +/* AES256, (ECB, CBC, OFB, CTR, CFB), GCM - 56 bytes */
>> +typedef struct AES256GCM_s {
>> + uint64_t cipherKey0;
>> + uint64_t cipherKey1;
>> + uint64_t cipherKey2;
>> + uint64_t cipherKey3;
>> + uint64_t GCMH0;
>> + uint64_t GCMH1;
>> + uint64_t GCMSCI;
>> +} AES256GCM_t, *AES256GCM_pt;
>> +
>> +/* AES256, (ECB, CBC, OFB, CTR, CFB), F9 - 56 bytes */
>> +typedef struct AES256F9_s {
>> + uint64_t cipherKey0;
>> + uint64_t cipherKey1;
>> + uint64_t cipherKey2;
>> + uint64_t cipherKey3;
>> + uint64_t authKey0;
>> + uint64_t authKey1;
>> +} AES256F9_t, *AES256F9_pt;
>> +
>> +/* AES256, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1,
>> SHA-256) - 32 bytes */
>> +typedef struct AES256_s {
>> + uint64_t cipherKey0;
>> + uint64_t cipherKey1;
>> + uint64_t cipherKey2;
>> + uint64_t cipherKey3;
>> +} AES256_t, *AES256_pt;
>> +
>> +
>> +/* All AES192 possibilities */
>> +
>> +/* AES192, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1,
>> SHA-192) - 88 bytes */
>> +typedef struct AES192HMAC_s {
>> + uint64_t cipherKey0;
>> + uint64_t cipherKey1;
>> + uint64_t cipherKey2;
>> + uint64_t hmacKey0;
>> + uint64_t hmacKey1;
>> + uint64_t hmacKey2;
>> + uint64_t hmacKey3;
>> + uint64_t hmacKey4;
>> + uint64_t hmacKey5;
>> + uint64_t hmacKey6;
>> + uint64_t hmacKey7;
>> +} AES192HMAC_t, *AES192HMAC_pt;
>> +
>> +/* AES192, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-512)
>> - 152 bytes */
>> +typedef struct AES192HMAC2_s {
>> + uint64_t cipherKey0;
>> + uint64_t cipherKey1;
>> + uint64_t cipherKey2;
>> + uint64_t hmacKey0;
>> + uint64_t hmacKey1;
>> + uint64_t hmacKey2;
>> + uint64_t hmacKey3;
>> + uint64_t hmacKey4;
>> + uint64_t hmacKey5;
>> + uint64_t hmacKey6;
>> + uint64_t hmacKey7;
>> + uint64_t hmacKey8;
>> + uint64_t hmacKey9;
>> + uint64_t hmacKey10;
>> + uint64_t hmacKey11;
>> + uint64_t hmacKey12;
>> + uint64_t hmacKey13;
>> + uint64_t hmacKey14;
>> + uint64_t hmacKey15;
>> +} AES192HMAC2_t, *AES192HMAC2_pt;
>> +
>> +/* AES192, (ECB, CBC, OFB, CTR, CFB), GCM - 48 bytes */
>> +typedef struct AES192GCM_s {
>> + uint64_t cipherKey0;
>> + uint64_t cipherKey1;
>> + uint64_t cipherKey2;
>> + uint64_t GCMH0;
>> + uint64_t GCMH1;
>> + uint64_t GCMSCI;
>> +} AES192GCM_t, *AES192GCM_pt;
>> +
>> +/* AES192, (ECB, CBC, OFB, CTR, CFB), F9 - 48 bytes */
>> +typedef struct AES192F9_s {
>> + uint64_t cipherKey0;
>> + uint64_t cipherKey1;
>> + uint64_t cipherKey2;
>> + uint64_t authKey0;
>> + uint64_t authKey1;
>> +} AES192F9_t, *AES192F9_pt;
>> +
>> +/* AES192, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1,
>> SHA-192) - 24 bytes */
>> +typedef struct AES192_s {
>> + uint64_t cipherKey0;
>> + uint64_t cipherKey1;
>> + uint64_t cipherKey2;
>> +} AES192_t, *AES192_pt;
>> +
>> +
>> +/* All AES128 possibilities */
>> +
>> +/* AES128, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1,
>> SHA-128) - 80 bytes */
>> +typedef struct AES128HMAC_s {
>> + uint64_t cipherKey0;
>> + uint64_t cipherKey1;
>> + uint64_t hmacKey0;
>> + uint64_t hmacKey1;
>> + uint64_t hmacKey2;
>> + uint64_t hmacKey3;
>> + uint64_t hmacKey4;
>> + uint64_t hmacKey5;
>> + uint64_t hmacKey6;
>> + uint64_t hmacKey7;
>> +} AES128HMAC_t, *AES128HMAC_pt;
>> +
>> +/* AES128, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-612)
>> - 144 bytes */
>> +typedef struct AES128HMAC2_s {
>> + uint64_t cipherKey0;
>> + uint64_t cipherKey1;
>> + uint64_t hmacKey0;
>> + uint64_t hmacKey1;
>> + uint64_t hmacKey2;
>> + uint64_t hmacKey3;
>> + uint64_t hmacKey4;
>> + uint64_t hmacKey5;
>> + uint64_t hmacKey6;
>> + uint64_t hmacKey7;
>> + uint64_t hmacKey8;
>> + uint64_t hmacKey9;
>> + uint64_t hmacKey10;
>> + uint64_t hmacKey11;
>> + uint64_t hmacKey12;
>> + uint64_t hmacKey13;
>> + uint64_t hmacKey14;
>> + uint64_t hmacKey15;
>> +} AES128HMAC2_t, *AES128HMAC2_pt;
>> +
>> +/* AES128, (ECB, CBC, OFB, CTR, CFB), GCM - 40 bytes */
>> +typedef struct AES128GCM_s {
>> + uint64_t cipherKey0;
>> + uint64_t cipherKey1;
>> + uint64_t GCMH0;
>> + uint64_t GCMH1;
>> + uint64_t GCMSCI;
>> +} AES128GCM_t, *AES128GCM_pt;
>> +
>> +/* AES128, (ECB, CBC, OFB, CTR, CFB), F9 - 48 bytes */
>> +typedef struct AES128F9_s {
>> + uint64_t cipherKey0;
>> + uint64_t cipherKey1;
>> + uint64_t authKey0;
>> + uint64_t authKey1;
>> +} AES128F9_t, *AES128F9_pt;
>> +
>> +/* AES128, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1,
>> SHA-128) - 16 bytes */
>> +typedef struct AES128_s {
>> + uint64_t cipherKey0;
>> + uint64_t cipherKey1;
>> +} AES128_t, *AES128_pt;
>> +
>> +/* AES128, (OFB F8), Non-HMAC (MD5, SHA-1, SHA-256) - 32 bytes */
>> +typedef struct AES128F8_s {
>> + uint64_t cipherKey0;
>> + uint64_t cipherKey1;
>> + uint64_t cipherKeyMask0;
>> + uint64_t cipherKeyMask1;
>> +} AES128F8_t, *AES128F8_pt;
>> +
>> +/* AES128, (OFB F8), HMAC (MD5, SHA-1, SHA-256) - 96 bytes */
>> +typedef struct AES128F8HMAC_s {
>> + uint64_t cipherKey0;
>>
>> *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
>>
>
------------------------------
Randall Stewart
803-317-4952 (cell)
803-345-0391(direct)
More information about the svn-src-projects
mailing list