Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 16 Oct 2009 18:22:10 +0100 (BST)
From:      Robert Watson <rwatson@FreeBSD.org>
To:        Randall Stewart <rrs@FreeBSD.org>
Cc:        svn-src-projects@freebsd.org, src-committers@freebsd.org
Subject:   Re: svn commit: r198157 - in projects/mips/sys/dev/rmi: sec xlr
Message-ID:  <alpine.BSF.2.00.0910161821410.7984@fledge.watson.org>
In-Reply-To: <200910152108.n9FL86Zx084803@svn.freebsd.org>
References:  <200910152108.n9FL86Zx084803@svn.freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help

On Thu, 15 Oct 2009, Randall Stewart wrote:

>  Adds the untouched code from the RMI 6.4 stuff.
>  This has a security device and the gig ethernet device.
>  Note the 10gig device driver is yet missing.

I'm particularly interested in seeing this, past drops I've used have not had 
support for the on-board 10gbps parts on the XLR.

Robert

>
> Added:
>  projects/mips/sys/dev/rmi/sec/desc.h   (contents, props changed)
>  projects/mips/sys/dev/rmi/sec/rmilib.c
>  projects/mips/sys/dev/rmi/sec/rmilib.h
>  projects/mips/sys/dev/rmi/sec/rmisec.c
>  projects/mips/sys/dev/rmi/sec/stats.h
>  projects/mips/sys/dev/rmi/xlr/atx_cpld.h
>  projects/mips/sys/dev/rmi/xlr/rge.c
>  projects/mips/sys/dev/rmi/xlr/rge.h
>  projects/mips/sys/dev/rmi/xlr/xgmac_mdio.h
>
> Added: projects/mips/sys/dev/rmi/sec/desc.h
> ==============================================================================
> --- /dev/null	00:00:00 1970	(empty, because file is newly added)
> +++ projects/mips/sys/dev/rmi/sec/desc.h	Thu Oct 15 21:08:06 2009	(r198157)
> @@ -0,0 +1,3066 @@
> +/*-
> + * Copyright (c) 2003-2009 RMI Corporation
> + * All rights reserved.
> + *
> + * Redistribution and use in source and binary forms, with or without
> + * modification, are permitted provided that the following conditions
> + * are met:
> + * 1. Redistributions of source code must retain the above copyright
> + *    notice, this list of conditions and the following disclaimer.
> + * 2. Redistributions in binary form must reproduce the above copyright
> + *    notice, this list of conditions and the following disclaimer in the
> + *    documentation and/or other materials provided with the distribution.
> + * 3. Neither the name of RMI Corporation, nor the names of its contributors,
> + *    may be used to endorse or promote products derived from this software
> + *    without specific prior written permission.
> + *
> + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
> + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
> + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
> + * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
> + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
> + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
> + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
> + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
> + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
> + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
> + * SUCH DAMAGE.
> + *
> + * RMI_BSD */
> +#ifndef _DESC_H_
> +#define _DESC_H_
> +
> +
> +#define ONE_BIT              0x0000000000000001ULL
> +#define TWO_BITS             0x0000000000000003ULL
> +#define THREE_BITS           0x0000000000000007ULL
> +#define FOUR_BITS            0x000000000000000fULL
> +#define FIVE_BITS            0x000000000000001fULL
> +#define SIX_BITS             0x000000000000003fULL
> +#define SEVEN_BITS           0x000000000000007fULL
> +#define EIGHT_BITS           0x00000000000000ffULL
> +#define NINE_BITS            0x00000000000001ffULL
> +#define ELEVEN_BITS          0x00000000000007ffULL
> +#define TWELVE_BITS          0x0000000000000fffULL
> +#define FOURTEEN_BITS        0x0000000000003fffULL
> +#define TWENTYFOUR_BITS      0x0000000000ffffffULL
> +#define THIRTY_TWO_BITS      0x00000000ffffffffULL
> +#define THIRTY_FIVE_BITS     0x00000007ffffffffULL
> +#define FOURTY_BITS          0x000000ffffffffffULL
> +
> +#define MSG_IN_CTL_LEN_BASE  40
> +#define MSG_IN_CTL_ADDR_BASE 0
> +
> +#define GET_FIELD(word,field) \
> + ((word) & (field ## _MASK)) >> (field ## _LSB)
> +
> +#define FIELD_VALUE(field,value) (((value) & (field ## _BITS)) << (field ## _LSB))
> +
> +/*
> + * NOTE: this macro expects 'word' to be uninitialized (i.e. zeroed)
> + */
> +#define SET_FIELD(word,field,value) \
> + { (word) |=  (((value) & (field ## _BITS)) << (field ## _LSB)); }
> +
> +/*
> + * This macro clears 'word', then sets the value
> + */
> +#define CLEAR_SET_FIELD(word,field,value) \
> + { (word) &= ~((field ## _BITS) << (field ## _LSB)); \
> +   (word) |=  (((value) & (field ## _BITS)) << (field ## _LSB)); }
> +
> +/*
> + * NOTE: May be used to build value specific mask
> + *        (e.g.  GEN_MASK(CTL_DSC_CPHR_3DES,CTL_DSC_CPHR_LSB)
> + */
> +#define GEN_MASK(bits,lsb) ((bits) << (lsb))
> +
> +
> +
> +
> +/*
> + * Security block data and control exchange
> + *
> + * A 2-word message ring descriptor is used to pass a pointer to the control descriptor data structure
> + * and a pointer to the packet descriptor data structure:
> + *
> + *  63  61 60                 54      53      52    49 48            45 44    40
> + *  39                                                     5 4                 0
> + *  ---------------------------------------------------------------------------------------------------------------------------------------------------------
> + * | Ctrl | Resp Dest Id Entry0 | IF_L2ALLOC | UNUSED | Control Length | UNUSED
> + * | 35 MSB of address of control descriptor data structure | Software Scratch0
> + * |
> + *  ---------------------------------------------------------------------------------------------------------------------------------------------------------
> + *    3              7                1          4             4           5
> + *    35                                       5
> + *
> + *  63  61 60    54     53          52             51        50    46      45       44    40 39                                                    5 4      0
> + *  ---------------------------------------------------------------------------------------------------------------------------------------------------------
> + * | Ctrl | UNUSED | WRB_COH | WRB_L2ALLOC | DF_PTR_L2ALLOC | UNUSED | Data Length | UNUSED | 35 MSB of address of packet descriptor data structure | UNUSED |
> + *  ---------------------------------------------------------------------------------------------------------------------------------------------------------
> + *    3       7         1          1               1            5           1          5                                35                              5
> + *
> + * Addresses assumed to be cache-line aligned, i.e., Address[4:0] ignored (using 5'h00 instead)
> + *
> + * Control length is the number of control cachelines to be read so user needs
> + * to round up
> + * the control length to closest integer multiple of 32 bytes. Note that at
> + * present (08/12/04)
> + * the longest (sensical) ctrl structure is <= 416 bytes, i.e., 13 cachelines.
> + *
> + * The packet descriptor data structure size is fixed at 1 cacheline (32 bytes).
> + * This effectively makes "Data Length" a Load/NoLoad bit. NoLoad causes an abort.
> + *
> + *
> + * Upon completion of operation, the security block returns a 2-word free descriptor
> + * in the following format:
> + *
> + *  63  61 60            54 53   52 51       49   48   47               40 39                                                  0
> + *  ----------------------------------------------------------------------------------------------------------------------------
> + * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | 1'b0 | Instruction Error |    Address of control descriptor data structure     |
> + *  ----------------------------------------------------------------------------------------------------------------------------
> + * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | 1'b0 |     Data Error    |    Address of packet descriptor data structure      |
> + *  ----------------------------------------------------------------------------------------------------------------------------
> + *
> + * The Instruction and Data Error codes are enumerated in the
> + * ControlDescriptor and PacketDescriptor sections below
> + *
> + */
> +
> +
> +/*
> + * Operating assumptions
> + * =====================
> + *
> + *
> + *	        -> For all IpSec ops, I assume that all the IP/IPSec/TCP headers
> + *		   and the data are present at the specified source addresses.
> + *		   I also assume that all necessary header data already exists
> + *		   at the destination. Additionally, in AH I assume that all
> + *		   mutable fields (IP.{TOS, Flags, Offset, TTL, Header_Checksum})
> + *		   and the AH.Authentication_Data have been zeroed by the client.
> + *
> + *
> + *		-> In principle, the HW can calculate TCP checksums on both
> + *		   incoming and outgoing data; however, since the TCP header
> + *		   contains the TCP checksum of the plain payload and the header
> + *		   is encrypted, two passes would be necessary to do checksum + encryption
> + *                 for outgoing messages;
> + *		   therefore the checksum engine will likely only be used during decryption
> + *                 (incoming).
> + *
> + *
> + *		-> For all operations involving TCP checksum, I assume the client has filled
> + *		   the TCP checksum field with the appropriate value:
> + *
> + *			    - 0 for generation phase
> + *			    - actual value for verification phase (expecting 0 result)
> + *
> + *
> + *		-> For ESP tunnel, the original IP header exists between the end of the
> + *		   ESP header and the beginning of the TCP header; it is assumed that the
> + *		   maximum length of this header is 16 k(32bit)words (used in CkSum_Offset).
> + *
> + *
> + *		-> The authentication data is merely written to the destination address;
> + *		   the client is left with the task of comparing to the data in packet
> + *		   in decrypt.
> + *
> + *              -> PacketDescriptor_t.dstLLWMask relevant to AES CTR mode only but it will
> + *                 affect all AES-related operations. It will not affect DES/3DES/bypass ops.
> + *                 The mask is applied to data as it emerges from the AES engine for the sole
> + *                 purpose of providing the authenticator and cksum engines with correct data.
> + *                 CAVEAT: the HW does not mask the incoming data. It is the user's responsibility
> + *                 to set to 0 the corresponding data in memory. If the surplus data is not masked
> + *                 in memory, cksum/auth results will be incorrect if those engines receive data
> + *                 straight from memory (i.e., not from cipher, as it happens while decoding)
> + */
> +
> +/*
> + * Fragmentation and offset related notes
> + * ======================================
> + *
> + *
> + *      A) Rebuilding packets from fragments on dword boundaries. The discussion
> + *         below is exemplified by tests memcpy_all_off_frags and memcpy_same_off_frags
> + *
> + *	        1) The Offset before data/iv on first fragment is ALWAYS written back
> + *                 Non-zero dst dword or global offsets may cause more data to be
> + *                 written than the user-specified length.
> + *
> + *
> + *                 Example:
> + *                 --------
> + *
> + *                 Below is a source (first fragment) packet (@ ADD0 cache-aligned address).
> + *                 Assume we just copy it and relevant data starts on
> + *                 dword 3 so Cipher_Offset = IV_Offset = 3 (dwords).
> + *                 D0X denotes relevant data and G denotes dont care data.
> + *                 Offset data is also copied so Packet_Legth = 9 (dwords) * 8 = 72 (bytes)
> + *                 Segment_src_address = ADD0
> + *
> + *                 If we want to, e.g., copy so that the relevant (i.e., D0X) data
> + *                 starts at (cache-aligned address) ADD1, we need to specify
> + *                 Dst_dword_offset = 1 so D00 is moved from dword position 3 to 0 on next cache-line
> + *                 Cipher_dst_address = ADD1 - 0x20 so D00 is written to ADD1
> + *
> + *                 Note that the security engine always writes full cachelines
> + *                 therefore, data written to dword0 0 of ADD1 (denoted w/ ?) is what the sec pipe
> + *                 write back buffer contained from previous op.
> + *
> + *
> + *                      SOURCE:                                                 DESTINATION:
> + *                      -------                                                 ------------
> + *
> + *                      Segment_src_address = ADD0                              Cipher_dst_address = ADD1 - 0x20
> + *                      Packet_Legth        = 72                                Dst_dword_offset   = 1
> + *                      Cipher_Offset       = 3
> + *                      IV_Offset           = 3
> + *                      Use_IV              = ANY
> + *
> + *
> + *
> + *                         3     2     1     0                                  3     2     1     0
> + *                       -----------------------                              -----------------------
> + *                      | D00 | G   | G   | G   | <- ADD0                    | G   | G   | G   | ?   | <- ADD1 - 0x20
> + *                       -----------------------                              -----------------------
> + *                      | D04 | D03 | D02 | D01 |                            | D03 | D02 | D01 | D00 | <- ADD1
> + *                       -----------------------                              -----------------------
> + *                      |     |     |     | D05 |                            |     |     | D05 | D04 |
> + *                       -----------------------                              -----------------------
> + *
> + *	        2) On fragments following the first, IV_Offset is overloaded to mean data offset
> + *                 (number of dwords to skip from beginning of cacheline before starting processing)
> + *                 and Use_IV is overloaded to mean do writeback the offset (in the clear).
> + *                 These fields in combination with Dst_dword_offset allow packet fragments with
> + *                 arbitrary boundaries/lengthd to be reasembled.
> + *
> + *
> + *                 Example:
> + *                 --------
> + *
> + *                 Assume data above was first fragment of a packet we'd like to merge to
> + *                 (second) fragment below located at ADD2. The written data should follow
> + *                 the previous data without gaps or overwrites. To achieve this, one should
> + *                 assert the "Next" field on the previous fragment and use self-explanatory
> + *                 set of parameters below
> + *
> + *
> + *                      SOURCE:                                                 DESTINATION:
> + *                      -------                                                 ------------
> + *
> + *                      Segment_src_address = ADD2                              Cipher_dst_address = ADD1 + 0x20
> + *                      Packet_Legth        = 104                               Dst_dword_offset   = 1
> + *                      IV_Offset           = 1
> + *                      Use_IV              = 0
> + *
> + *
> + *
> + *                         3     2     1     0                                  3     2     1     0
> + *                       -----------------------                              -----------------------
> + *                      | D12 | D11 | D10 | G   | <- ADD2                    | G   | G   | G   | ?   | <- ADD1 - 0x20
> + *                       -----------------------                              -----------------------
> + *                      | D16 | D15 | D14 | D13 |                            | D03 | D02 | D01 | D00 | <- ADD1
> + *                       -----------------------                              -----------------------
> + *                      | D1a | D19 | D18 | D17 |                            | D11 | D10 | D05 | D04 | <- ADD1 + 0x20
> + *                       -----------------------                              -----------------------
> + *                      |     |     |     | D1b |                            | D15 | D14 | D13 | D12 |
> + *                       -----------------------                              -----------------------
> + *                                                                           | D19 | D18 | D17 | D16 |
> + *                                                                            -----------------------
> + *                                                                           |     |     | D1b | D1a |
> + *                                                                            -----------------------
> + *
> + *                 It is note-worthy that the merging can only be achieved if Use_IV is 0. Indeed, the security
> + *                 engine always writes full lines, therefore ADD1 + 0x20 will be re-written. Setting Use_IV to 0
> + *                 will allow the sec pipe write back buffer to preserve D04, D05 from previous frag and only
> + *                 receive D10, D11 thereby preserving the integrity of the previous data.
> + *
> + *	        3) On fragments following the first, !UseIV in combination w/ Dst_dword_offset >= (4 - IV_Offset)
> + *                 will cause a wraparound of the write thus achieving all 16 possible (Initial_Location, Final_Location)
> + *                 combinations for the data.
> + *
> + *
> + *                 Example:
> + *                 --------
> + *
> + *                 Contiguously merging 2 data sets above with a third located at ADD3. If this is the last fragment,
> + *                 reset its Next bit.
> + *
> + *
> + *                      SOURCE:                                                 DESTINATION:
> + *                      -------                                                 ------------
> + *
> + *                      Segment_src_address = ADD3                              Cipher_dst_address = ADD1 + 0x80
> + *                      Packet_Legth        = 152                               Dst_dword_offset   = 3
> + *                      IV_Offset           = 3
> + *                      Use_IV              = 0
> + *
> + *
> + *
> + *                         3     2     1     0                                  3     2     1     0
> + *                       -----------------------                              -----------------------
> + *                      | D20 | G   | G   | G   | <- ADD2                    | G   | G   | G   | ?   | <- ADD1 - 0x20
> + *                       -----------------------                              -----------------------
> + *                      | D24 | D23 | D22 | D21 |                            | D03 | D02 | D01 | D00 | <- ADD1
> + *                       -----------------------                              -----------------------
> + *                      | D28 | D27 | D26 | D25 |                            | D11 | D10 | D05 | D04 | <- ADD1 + 0x20
> + *                       -----------------------                              -----------------------
> + *                      | D2c | D2b | D2a | D29 |                            | D15 | D14 | D13 | D12 |
> + *                       -----------------------                              -----------------------
> + *                      |     | D2f | D2e | D2d |                            | D19 | D18 | D17 | D16 |
> + *                       -----------------------                              -----------------------
> + *                                                                           | D21 | D20 | D1b | D1a | <- ADD1 + 0x80
> + *                                                                            -----------------------
> + *                                                                           | D25 | D24 | D23 | D22 |
> + *                                                                            -----------------------
> + *                                                                           | D29 | D28 | D27 | D26 |
> + *                                                                            -----------------------
> + *                                                                           | D2d | D2c | D2b | D2a |
> + *                                                                            -----------------------
> + *                                                                           |(D2d)|(D2c)| D2f | D2e |
> + *                                                                            -----------------------
> + *
> + *                 It is worth noticing that always writing full-lines causes the last 2 dwords in the reconstituted
> + *                 packet to be unnecessarily written: (D2d) and (D2c)
> + *
> + *
> + *
> + *      B) Implications of fragmentation on AES
> + *
> + *	        1) AES is a 128 bit block cipher; therefore it requires an even dword total data length
> + *                 Data fragments (provided there are more than 1) are allowed to have odd dword
> + *                 data lengths provided the total length (cumulated over fragments) is an even dword
> + *                 count; an error will be generated otherwise, upon receiving the last fragment descriptor
> + *                 (see error conditions below).
> + *
> + *              2) While using fragments with AES, a fragment (other than first) starting with a != 0 (IV) offset
> + *                 while the subsequent total dword count given to AES is odd may not be required to write
> + *                 its offset (UseIV). Doing so will cause an error (see error conditions below).
> + *
> + *
> + *                 Example:
> + *                 --------
> + *
> + *                 Suppose the first fragment has an odd DATA dword count and USES AES (as seen below)
> + *
> + *                      SOURCE:                                                 DESTINATION:
> + *                      -------                                                 ------------
> + *
> + *                      Segment_src_address = ADD0                              Cipher_dst_address = ADD1
> + *                      Packet_Legth        = 64                                Dst_dword_offset   = 1
> + *                      Cipher_Offset       = 3
> + *                      IV_Offset           = 1
> + *                      Use_IV              = 1
> + *                      Cipher              = Any AES
> + *                      Next                = 1
> + *
> + *
> + *
> + *
> + *                         3     2     1     0                                  3     2     1     0
> + *                       -----------------------                              -----------------------
> + *                      | D00 | IV1 | IV0 | G   | <- ADD0                    | E00 | IV1 | IV0 | G   | <- ADD1
> + *                       -----------------------                              -----------------------
> + *                      | D04 | D03 | D02 | D01 |                            | X   | E03 | E02 | E01 |
> + *                       -----------------------                              -----------------------
> + *
> + *                 At the end of processing of the previous fragment, the AES engine input buffer has D04
> + *                 and waits for next dword, therefore the writeback buffer cannot finish writing the fragment
> + *                 to destination (X instead of E04).
> + *
> + *                 If a second fragment now arrives with a non-0 offset and requires the offset data to be
> + *                 written to destination, the previous write (still needing the arrival of the last dword
> + *                 required by the AES to complete the previous operation) cannot complete before the present
> + *                 should start causing a deadlock.
> + */
> +
> +/*
> + *  Command Control Word for Message Ring Descriptor
> + */
> +
> +/* #define MSG_CMD_CTL_CTL       */
> +#define MSG_CMD_CTL_CTL_LSB   61
> +#define MSG_CMD_CTL_CTL_BITS  THREE_BITS
> +#define MSG_CMD_CTL_CTL_MASK  (MSG_CMD_CTL_CTL_BITS << MSG_CMD_CTL_CTL_LSB)
> +
> +/* #define MSG_CMD_CTL_ID */
> +#define MSG_CMD_CTL_ID_LSB    54
> +#define MSG_CMD_CTL_ID_BITS   SEVEN_BITS
> +#define MSG_CMD_CTL_ID_MASK   (MSG_CMD_CTL_ID_BITS << MSG_CMD_CTL_ID_LSB)
> +
> +/* #define MSG_CMD_CTL_LEN */
> +#define MSG_CMD_CTL_LEN_LSB   45
> +#define MSG_CMD_CTL_LEN_BITS  FOUR_BITS
> +#define MSG_CMD_CTL_LEN_MASK  (MSG_CMD_CTL_LEN_BITS << MSG_CMD_CTL_LEN_LSB)
> +
> +
> +/* #define MSG_CMD_CTL_ADDR */
> +#define MSG_CMD_CTL_ADDR_LSB  0
> +#define MSG_CMD_CTL_ADDR_BITS FOURTY_BITS
> +#define MSG_CMD_CTL_ADDR_MASK (MSG_CMD_CTL_ADDR_BITS << MSG_CMD_CTL_ADDR_LSB)
> +
> +#define MSG_CMD_CTL_MASK      (MSG_CMD_CTL_CTL_MASK | \
> +                               MSG_CMD_CTL_LEN_MASK | MSG_CMD_CTL_ADDR_MASK)
> +
> +/*
> + *  Command Data Word for Message Ring Descriptor
> + */
> +
> +/* #define MSG_IN_DATA_CTL */
> +#define MSG_CMD_DATA_CTL_LSB   61
> +#define MSG_CMD_DATA_CTL_BITS  THREE_BITS
> +#define MSG_CMD_DATA_CTL_MASK  (MSG_CMD_DATA_CTL_BITS  << MSG_CMD_DATA_CTL_LSB)
> +
> +/* #define MSG_CMD_DATA_LEN */
> +#define MSG_CMD_DATA_LEN_LOAD  1
> +#define MSG_CMD_DATA_LEN_LSB   45
> +#define MSG_CMD_DATA_LEN_BITS  ONE_BIT
> +#define MSG_CMD_DATA_LEN_MASK  (MSG_CMD_DATA_LEN_BITS << MSG_CMD_DATA_LEN_LSB)
> +
> +/* #define MSG_CMD_DATA_ADDR */
> +#define MSG_CMD_DATA_ADDR_LSB  0
> +#define MSG_CMD_DATA_ADDR_BITS FOURTY_BITS
> +#define MSG_CMD_DATA_ADDR_MASK (MSG_CMD_DATA_ADDR_BITS << MSG_CMD_DATA_ADDR_LSB)
> +
> +#define MSG_CMD_DATA_MASK      (MSG_CMD_DATA_CTL_MASK | \
> +                               MSG_CMD_DATA_LEN_MASK | MSG_CMD_DATA_ADDR_MASK)
> +
> +
> +/*
> + * Upon completion of operation, the Sec block returns a 2-word free descriptor
> + * in the following format:
> + *
> + *  63  61 60            54 53   52 51       49  48          40 39             0
> + *  ----------------------------------------------------------------------------
> + * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | Control Error | Source Address |
> + *  ----------------------------------------------------------------------------
> + * | Ctrl | Destination Id | 2'b00 | Desc Ctrl |   Data Error  | Dest Address   |
> + *  ----------------------------------------------------------------------------
> + *
> + * The Control and Data Error codes are enumerated below
> + *
> + *                                Error conditions
> + *                                ================
> + *
> + *             Control Error Code                  Control Error Condition
> + *             ------------------                  ---------------------------
> + *             9'h000                              No Error
> + *             9'h001                              Unknown Cipher Op                      ( Cipher == 3'h{6,7})
> + *             9'h002                              Unknown or Illegal Mode                ((Mode   == 3'h{2,3,4} & !AES) | (Mode   == 3'h{5,6,7}))
> + *             9'h004                              Unsupported CkSum Src                  (CkSum_Src   == 2'h{2,3} & CKSUM)
> + *             9'h008                              Forbidden CFB Mask                     (AES & CFBMode & UseNewKeysCFBMask & CFBMask[7] & (| CFBMask[6:0]))
> + *             9'h010                              Unknown Ctrl Op                        ((| Ctrl[63:37]) | (| Ctrl[15:14]))
> + *             9'h020                              UNUSED
> + *             9'h040                              UNUSED
> + *             9'h080                              Data Read Error
> + *             9'h100                              Descriptor Ctrl Field Error            (D0.Ctrl != SOP || D1.Ctrl != EOP)
> + *
> + *             Data Error Code                     Data Error Condition
> + *             ---------------                     --------------------
> + *             9'h000                              No Error
> + *             9'h001                              Insufficient Data To Cipher            (Packet_Length <= (Cipher_Offset or IV_Offset))
> + *             9'h002                              Illegal IV Location                    ((Cipher_Offset <  IV_Offset) | (Cipher_Offset <= IV_Offset & AES & ~CTR))
> + *             9'h004                              Illegal Wordcount To AES               (Packet_Length[3] != Cipher_Offset[0] & AES)
> + *             9'h008                              Illegal Pad And ByteCount Spec         (Hash_Byte_Count != 0 & !Pad_Hash)
> + *             9'h010                              Insufficient Data To CkSum             ({Packet_Length, 1'b0} <= CkSum_Offset)
> + *             9'h020                              Unknown Data Op                        ((| dstLLWMask[63:60]) | (| dstLLWMask[57:40]) | (| authDst[63:40]) | (| ckSumDst[63:40]))
> + *             9'h040                              Insufficient Data To Auth              ({Packet_Length} <= Auth_Offset)
> + *             9'h080                              Data Read Error
> + *             9'h100                              UNUSED
> + */
> +
> +/*
> + * Result Control Word for Message Ring Descriptor
> + */
> +
> +/* #define MSG_RSLT_CTL_CTL */
> +#define MSG_RSLT_CTL_CTL_LSB      61
> +#define MSG_RSLT_CTL_CTL_BITS     THREE_BITS
> +#define MSG_RSLT_CTL_CTL_MASK \
> + (MSG_RSLT_CTL_CTL_BITS << MSG_RSLT_CTL_CTL_LSB)
> +
> +/* #define MSG_RSLT_CTL_DST_ID */
> +#define MSG_RSLT_CTL_DST_ID_LSB   54
> +#define MSG_RSLT_CTL_DST_ID_BITS  SEVEN_BITS
> +#define MSG_RSLT_CTL_DST_ID_MASK \
> + (MSG_RSLT_CTL_DST_ID_BITS << MSG_RSLT_CTL_DST_ID_LSB)
> +
> +/* #define MSG_RSLT_CTL_DSC_CTL */
> +#define MSG_RSLT_CTL_DSC_CTL_LSB  49
> +#define MSG_RSLT_CTL_DSC_CTL_BITS THREE_BITS
> +#define MSG_RSLT_CTL_DSC_CTL_MASK \
> + (MSG_RSLT_CTL_DSC_CTL_BITS << MSG_RSLT_CTL_DSC_CTL_LSB)
> +
> +/* #define MSG_RSLT_CTL_INST_ERR */
> +#define MSG_RSLT_CTL_INST_ERR_LSB      40
> +#define MSG_RSLT_CTL_INST_ERR_BITS     NINE_BITS
> +#define MSG_RSLT_CTL_INST_ERR_MASK \
> + (MSG_RSLT_CTL_INST_ERR_BITS << MSG_RSLT_CTL_INST_ERR_LSB)
> +
> +/* #define MSG_RSLT_CTL_DSC_ADDR */
> +#define MSG_RSLT_CTL_DSC_ADDR_LSB      0
> +#define MSG_RSLT_CTL_DSC_ADDR_BITS     FOURTY_BITS
> +#define MSG_RSLT_CTL_DSC_ADDR_MASK \
> + (MSG_RSLT_CTL_DSC_ADDR_BITS << MSG_RSLT_CTL_DSC_ADDR_LSB)
> +
> +/* #define MSG_RSLT_CTL_MASK */
> +#define MSG_RSLT_CTL_MASK \
> + (MSG_RSLT_CTL_CTRL_MASK | MSG_RSLT_CTL_DST_ID_MASK | \
> +  MSG_RSLT_CTL_DSC_CTL_MASK | MSG_RSLT_CTL_INST_ERR_MASK | \
> +  MSG_RSLT_CTL_DSC_ADDR_MASK)
> +
> +/*
> + * Result Data Word for Message Ring Descriptor
> + */
> +/* #define MSG_RSLT_DATA_CTL */
> +#define MSG_RSLT_DATA_CTL_LSB     61
> +#define MSG_RSLT_DATA_CTL_BITS    THREE_BITS
> +#define MSG_RSLT_DATA_CTL_MASK \
> + (MSG_RSLT_DATA_CTL_BITS << MSG_RSLT_DATA_CTL_LSB)
> +
> +/* #define MSG_RSLT_DATA_DST_ID */
> +#define MSG_RSLT_DATA_DST_ID_LSB  54
> +#define MSG_RSLT_DATA_DST_ID_BITS SEVEN_BITS
> +#define MSG_RSLT_DATA_DST_ID_MASK \
> + (MSG_RSLT_DATA_DST_ID_BITS << MSG_RSLT_DATA_DST_ID_LSB)
> +
> +/* #define MSG_RSLT_DATA_DSC_CTL */
> +#define MSG_RSLT_DATA_DSC_CTL_LSB       49
> +#define MSG_RSLT_DATA_DSC_CTL_BITS      THREE_BITS
> +#define MSG_RSLT_DATA_DSC_CTL_MASK \
> + (MSG_RSLT_DATA_DSC_CTL_BITS << MSG_RSLT_DATA_DSC_CTL_LSB)
> +
> +/* #define MSG_RSLT_DATA_INST_ERR */
> +#define MSG_RSLT_DATA_INST_ERR_LSB      40
> +#define MSG_RSLT_DATA_INST_ERR_BITS     NINE_BITS
> +#define MSG_RSLT_DATA_INST_ERR_MASK \
> + (MSG_RSLT_DATA_INST_ERR_BITS << MSG_RSLT_DATA_INST_ERR_LSB)
> +
> +/* #define MSG_RSLT_DATA_DSC_ADDR */
> +#define MSG_RSLT_DATA_DSC_ADDR_LSB      0
> +#define MSG_RSLT_DATA_DSC_ADDR_BITS     FOURTY_BITS
> +#define MSG_RSLT_DATA_DSC_ADDR_MASK     \
> + (MSG_RSLT_DATA_DSC_ADDR_BITS << MSG_RSLT_DATA_DSC_ADDR_LSB)
> +
> +#define MSG_RSLT_DATA_MASK   \
> + (MSG_RSLT_DATA_CTRL_MASK | MSG_RSLT_DATA_DST_ID_MASK | \
> +  MSG_RSLT_DATA_DSC_CTL_MASK | MSG_RSLT_DATA_INST_ERR_MASK | \
> +  MSG_RSLT_DATA_DSC_ADDR_MASK)
> +
> +
> +/*
> + * Common Message Definitions
> + *
> + */
> +
> +/* #define MSG_CTL_OP_ADDR */
> +#define MSG_CTL_OP_ADDR_LSB      0
> +#define MSG_CTL_OP_ADDR_BITS     FOURTY_BITS
> +#define MSG_CTL_OP_ADDR_MASK     (MSG_CTL_OP_ADDR_BITS << MSG_CTL_OP_ADDR_LSB)
> +
> +#define MSG_CTL_OP_TYPE
> +#define MSG_CTL_OP_TYPE_LSB             3
> +#define MSG_CTL_OP_TYPE_BITS            TWO_BITS
> +#define MSG_CTL_OP_TYPE_MASK            \
> + (MSG_CTL_OP_TYPE_BITS << MSG_CTL_OP_TYPE_LSB)
> +
> +#define MSG0_CTL_OP_ENGINE_SYMKEY       0x01
> +#define MSG0_CTL_OP_ENGINE_PUBKEY       0x02
> +
> +#define MSG1_CTL_OP_SYMKEY_PIPE0        0x00
> +#define MSG1_CTL_OP_SYMKEY_PIPE1        0x01
> +#define MSG1_CTL_OP_SYMKEY_PIPE2        0x02
> +#define MSG1_CTL_OP_SYMKEY_PIPE3        0x03
> +
> +#define MSG1_CTL_OP_PUBKEY_PIPE0        0x00
> +#define MSG1_CTL_OP_PUBKEY_PIPE1        0x01
> +#define MSG1_CTL_OP_PUBKEY_PIPE2        0x02
> +#define MSG1_CTL_OP_PUBKEY_PIPE3        0x03
> +
> +
> +/*       /----------------------------------------\
> + *       |                                        |
> + *       |   ControlDescriptor_s datastructure    |
> + *       |                                        |
> + *       \----------------------------------------/
> + *
> + *
> + *       ControlDescriptor_t.Instruction
> + *       -------------------------------
> + *
> + *   63    44         43               42            41              40           39        35 34    32 31  29     28
> + *  --------------------------------------------------------------------------------------------------------------------
> + * || UNUSED || OverrideCipher | Arc4Wait4Save | SaveArc4State | LoadArc4State | Arc4KeyLen | Cipher | Mode | InCp_Key || ... CONT ...
> + *  --------------------------------------------------------------------------------------------------------------------
> + *      20            1                1              1               1               5          3       3        1
> + *            <-----------------------------------------------CIPHER--------------------------------------------------->
> + *
> + *   27    25     24      23   22     21     20      19    17    16     15     0
> + *  -----------------------------------------------------------------------------
> + * || UNUSED | Hash_Hi | HMAC | Hash_Lo | InHs_Key || UNUSED || CkSum || UNUSED ||
> + *  -----------------------------------------------------------------------------
> + *      3         1       1        2         1          3        1        16
> + *  <---------------------HASH---------------------><-----------CKSUM----------->
> + *
> + *  X0  CIPHER.Arc4Wait4Save   =                   If op is Arc4 and it requires state saving, then
> + *                                                 setting this bit will cause the current op to
> + *                                                 delay subsequent op loading until saved state data
> + *                                                 becomes visible.
> + *      CIPHER.OverrideCipher  =                   Override encryption if PacketDescriptor_t.dstDataSettings.CipherPrefix
> + *                                                 is set; data will be copied out (and optionally auth/cksum)
> + *                                                 in the clear. This is used in GCM mode if auth only as we
> + *                                                 still need E(K, 0) calculated by cipher. Engine behavior is
> + *                                                 undefined if this bit is set and CipherPrefix is not.
> + *  X0         SaveArc4State   =                   Save Arc4 state at the end of Arc4 operation
> + *  X0         LoadArc4State   =                   Load Arc4 state at the beginning of an Arc4 operation
> + *                                                 This overriden by the InCp_Key setting for Arc4
> + *             Arc4KeyLen      =                   Length in bytes of Arc4 key (0 is interpreted as 32)
> + *                                                 Ignored for other ciphers
> + *                                                 For ARC4, IFetch/IDecode will always read exactly 4
> + *                                                 consecutive dwords into its CipherKey{0,3} regardless
> + *                                                 of this quantity; it will however only use the specified
> + *                                                 number of bytes.
> + *             Cipher          =        3'b000     Bypass
> + *                                      3'b001     DES
> + *                                      3'b010     3DES
> + *                                      3'b011     AES 128-bit key
> + *                                      3'b100     AES 192-bit key
> + *                                      3'b101     AES 256-bit key
> + *                                      3'b110     ARC4
> + *                                      3'b111     Kasumi f8
> + *                                      Remainder  UNDEFINED
> + *             Mode            =        3'b000     ECB
> + *                                      3'b001     CBC
> + *                                      3'b010     CFB (AES only, otherwise undefined)
> + *                                      3'b011     OFB (AES only, otherwise undefined)
> + *                                      3'b100     CTR (AES only, otherwise undefined)
> + *                                      3'b101     F8  (AES only, otherwise undefined)
> + *                                      Remainder  UNDEFINED
> + *             InCp_Key        =        1'b0       Preserve old Cipher Keys
> + *                                      1'b1       Load new Cipher Keys from memory to local registers
> + *                                                 and recalculate the Arc4 Sbox if Arc4 Cipher chosen;
> + *                                                 This overrides LoadArc4State setting.
> + *        HASH.HMAC            =        1'b0       Hash without HMAC
> + *                                      1'b1       Hash with HMAC
> + *                                                 Needs to be set to 0 for GCM and Kasumi F9 authenticators
> + *                                                 otherwise unpredictable results will be generated
> + *             Hash            =        2'b00      Hash NOP
> + *                                      2'b01      MD5
> + *                                      2'b10      SHA-1
> + *                                      2'b11      SHA-256
> + *                                      3'b100     SHA-384
> + *                                      3'b101     SHA-512
> + *                                      3'b110     GCM
> + *                                      3'b111     Kasumi f9
> + *             InHs_Key        =        1'b0       Preserve old HMAC Keys
> + *                                                 If GCM is selected as authenticator, leaving this bit
> + *                                                 at 0 will cause the engine to use the old H value.
> + *                                                 It will use the old SCI inside the decoder if
> + *                                                 CFBMask[1:0] == 2'b11.
> + *                                                 If Kasumi F9 authenticator, using 0 preserves
> + *                                                 old keys (IK) in decoder.
> + *                                      1'b1       Load new HMAC Keys from memory to local registers
> + *                                                 Setting this bit while Cipher=Arc4 and LoadArc4State=1
> + *                                                 causes the decoder to load the Arc4 state from the
> + *                                                 cacheline following the HMAC keys (Whether HASH.HMAC
> + *                                                 is set or not).
> + *                                                 If GCM is selected as authenticator, setting this bit
> + *                                                 causes both H (16 bytes) and SCI (8 bytes) to be loaded
> + *                                                 from memory to the decoder. H will be loaded to the engine
> + *                                                 but SCI is only loaded to the engine if CFBMask[1:0] == 2'b11.
> + *                                                 If Kasumi F9 authenticator, using 1 loads new keys (IK)
> + *                                                 from memory to decoder.
> + *    CHECKSUM.CkSum           =        1'b0       CkSum NOP
> + *                                      1'b1       INTERNET_CHECKSUM
> + *
> + *
> + *
> + */
> +
> + /* #define CTRL_DSC_OVERRIDECIPHER */
> +#define CTL_DSC_OVERRIDECIPHER_OFF       0
> +#define CTL_DSC_OVERRIDECIPHER_ON        1
> +#define CTL_DSC_OVERRIDECIPHER_LSB       43
> +#define CTL_DSC_OVERRIDECIPHER_BITS      ONE_BIT
> +#define CTL_DSC_OVERRIDECIPHER_MASK      (CTL_DSC_OVERRIDECIPHER_BITS << CTL_DSC_OVERRIDECIPHER_LSB)
> +
> +/* #define CTRL_DSC_ARC4_WAIT4SAVE */
> +#define CTL_DSC_ARC4_WAIT4SAVE_OFF       0
> +#define CTL_DSC_ARC4_WAIT4SAVE_ON        1
> +#define CTL_DSC_ARC4_WAIT4SAVE_LSB       42
> +#define CTL_DSC_ARC4_WAIT4SAVE_BITS      ONE_BIT
> +#define CTL_DSC_ARC4_WAIT4SAVE_MASK      (CTL_DSC_ARC4_WAIT4SAVE_BITS << CTL_DSC_ARC4_WAIT4SAVE_LSB)
> +
> +/* #define CTRL_DSC_ARC4_SAVESTATE */
> +#define CTL_DSC_ARC4_SAVESTATE_OFF       0
> +#define CTL_DSC_ARC4_SAVESTATE_ON        1
> +#define CTL_DSC_ARC4_SAVESTATE_LSB       41
> +#define CTL_DSC_ARC4_SAVESTATE_BITS      ONE_BIT
> +#define CTL_DSC_ARC4_SAVESTATE_MASK      (CTL_DSC_ARC4_SAVESTATE_BITS << CTL_DSC_ARC4_SAVESTATE_LSB)
> +
> +/* #define CTRL_DSC_ARC4_LOADSTATE */
> +#define CTL_DSC_ARC4_LOADSTATE_OFF       0
> +#define CTL_DSC_ARC4_LOADSTATE_ON        1
> +#define CTL_DSC_ARC4_LOADSTATE_LSB       40
> +#define CTL_DSC_ARC4_LOADSTATE_BITS      ONE_BIT
> +#define CTL_DSC_ARC4_LOADSTATE_MASK      (CTL_DSC_ARC4_LOADSTATE_BITS << CTL_DSC_ARC4_LOADSTATE_LSB)
> +
> +/* #define CTRL_DSC_ARC4_KEYLEN */
> +#define CTL_DSC_ARC4_KEYLEN_LSB          35
> +#define CTL_DSC_ARC4_KEYLEN_BITS         FIVE_BITS
> +#define CTL_DSC_ARC4_KEYLEN_MASK         (CTL_DSC_ARC4_KEYLEN_BITS << CTL_DSC_ARC4_KEYLEN_LSB)
> +
> +/* #define CTL_DSC_CPHR  (cipher) */
> +#define CTL_DSC_CPHR_BYPASS       0 /* undefined */
> +#define CTL_DSC_CPHR_DES          1
> +#define CTL_DSC_CPHR_3DES         2
> +#define CTL_DSC_CPHR_AES128       3
> +#define CTL_DSC_CPHR_AES192       4
> +#define CTL_DSC_CPHR_AES256       5
> +#define CTL_DSC_CPHR_ARC4         6
> +#define CTL_DSC_CPHR_KASUMI_F8    7
> +#define CTL_DSC_CPHR_LSB          32
> +#define CTL_DSC_CPHR_BITS         THREE_BITS
> +#define CTL_DSC_CPHR_MASK         (CTL_DSC_CPHR_BITS << CTL_DSC_CPHR_LSB)
> +
> +/* #define CTL_DSC_MODE  */
> +#define CTL_DSC_MODE_ECB          0
> +#define CTL_DSC_MODE_CBC          1
> +#define CTL_DSC_MODE_CFB          2
> +#define CTL_DSC_MODE_OFB          3
> +#define CTL_DSC_MODE_CTR          4
> +#define CTL_DSC_MODE_F8           5
> +#define CTL_DSC_MODE_LSB          29
> +#define CTL_DSC_MODE_BITS         THREE_BITS
> +#define CTL_DSC_MODE_MASK         (CTL_DSC_MODE_BITS << CTL_DSC_MODE_LSB)
> +
> +/* #define CTL_DSC_ICPHR */
> +#define CTL_DSC_ICPHR_OKY          0 /* Old Keys */
> +#define CTL_DSC_ICPHR_NKY          1 /* New Keys */
> +#define CTL_DSC_ICPHR_LSB          28
> +#define CTL_DSC_ICPHR_BITS         ONE_BIT
> +#define CTL_DSC_ICPHR_MASK         (CTL_DSC_ICPHR_BITS << CTL_DSC_ICPHR_LSB)
> +
> +/* #define CTL_DSC_HASHHI */
> +#define CTL_DSC_HASHHI_LSB          24
> +#define CTL_DSC_HASHHI_BITS         ONE_BIT
> +#define CTL_DSC_HASHHI_MASK         (CTL_DSC_HASHHI_BITS << CTL_DSC_HASHHI_LSB)
> +
> +/* #define CTL_DSC_HMAC */
> +#define CTL_DSC_HMAC_OFF          0
> +#define CTL_DSC_HMAC_ON           1
> +#define CTL_DSC_HMAC_LSB          23
> +#define CTL_DSC_HMAC_BITS         ONE_BIT
> +#define CTL_DSC_HMAC_MASK         (CTL_DSC_HMAC_BITS << CTL_DSC_HMAC_LSB)
> +
> +/* #define CTL_DSC_HASH */
> +#define CTL_DSC_HASH_NOP          0
> +#define CTL_DSC_HASH_MD5          1
> +#define CTL_DSC_HASH_SHA1         2
> +#define CTL_DSC_HASH_SHA256       3
> +#define CTL_DSC_HASH_SHA384       4
> +#define CTL_DSC_HASH_SHA512       5
> +#define CTL_DSC_HASH_GCM          6
> +#define CTL_DSC_HASH_KASUMI_F9    7
> +#define CTL_DSC_HASH_LSB          21
> +#define CTL_DSC_HASH_BITS         TWO_BITS
> +#define CTL_DSC_HASH_MASK         (CTL_DSC_HASH_BITS << CTL_DSC_HASH_LSB)
> +
> +/* #define CTL_DSC_IHASH */
> +#define CTL_DSC_IHASH_OLD         0
> +#define CTL_DSC_IHASH_NEW         1
> +#define CTL_DSC_IHASH_LSB         20
> +#define CTL_DSC_IHASH_BITS        ONE_BIT
> +#define CTL_DSC_IHASH_MASK        (CTL_DSC_IHASH_BITS << CTL_DSC_IHASH_LSB)
> +
> +/* #define CTL_DSC_CKSUM */
> +#define CTL_DSC_CKSUM_NOP         0
> +#define CTL_DSC_CKSUM_IP          1
> +#define CTL_DSC_CKSUM_LSB         16
> +#define CTL_DSC_CKSUM_BITS        ONE_BIT
> +#define CTL_DSC_CKSUM_MASK        (CTL_DSC_CKSUM_BITS << CTL_DSC_CKSUM_LSB)
> +
> +
> +/*
> + * Component strcts and unions defining CipherHashInfo_u
> + */
> +
> +/* AES256, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1, SHA-256)      - 96  bytes */
> +typedef struct AES256HMAC_s {
> +  uint64_t             cipherKey0;
> +  uint64_t             cipherKey1;
> +  uint64_t             cipherKey2;
> +  uint64_t             cipherKey3;
> +  uint64_t             hmacKey0;
> +  uint64_t             hmacKey1;
> +  uint64_t             hmacKey2;
> +  uint64_t             hmacKey3;
> +  uint64_t             hmacKey4;
> +  uint64_t             hmacKey5;
> +  uint64_t             hmacKey6;
> +  uint64_t             hmacKey7;
> +} AES256HMAC_t, *AES256HMAC_pt;
> +
> +/* AES256, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-512)      - 160  bytes */
> +typedef struct AES256HMAC2_s {
> +  uint64_t             cipherKey0;
> +  uint64_t             cipherKey1;
> +  uint64_t             cipherKey2;
> +  uint64_t             cipherKey3;
> +  uint64_t             hmacKey0;
> +  uint64_t             hmacKey1;
> +  uint64_t             hmacKey2;
> +  uint64_t             hmacKey3;
> +  uint64_t             hmacKey4;
> +  uint64_t             hmacKey5;
> +  uint64_t             hmacKey6;
> +  uint64_t             hmacKey7;
> +  uint64_t             hmacKey8;
> +  uint64_t             hmacKey9;
> +  uint64_t             hmacKey10;
> +  uint64_t             hmacKey11;
> +  uint64_t             hmacKey12;
> +  uint64_t             hmacKey13;
> +  uint64_t             hmacKey14;
> +  uint64_t             hmacKey15;
> +} AES256HMAC2_t, *AES256HMAC2_pt;
> +
> +/* AES256, (ECB, CBC, OFB, CTR, CFB), GCM      - 56  bytes */
> +typedef struct AES256GCM_s {
> +  uint64_t             cipherKey0;
> +  uint64_t             cipherKey1;
> +  uint64_t             cipherKey2;
> +  uint64_t             cipherKey3;
> +  uint64_t             GCMH0;
> +  uint64_t             GCMH1;
> +  uint64_t             GCMSCI;
> +} AES256GCM_t, *AES256GCM_pt;
> +
> +/* AES256, (ECB, CBC, OFB, CTR, CFB), F9      - 56  bytes */
> +typedef struct AES256F9_s {
> +  uint64_t             cipherKey0;
> +  uint64_t             cipherKey1;
> +  uint64_t             cipherKey2;
> +  uint64_t             cipherKey3;
> +  uint64_t             authKey0;
> +  uint64_t             authKey1;
> +} AES256F9_t, *AES256F9_pt;
> +
> +/* AES256, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1, SHA-256)  - 32  bytes */
> +typedef struct AES256_s {
> +  uint64_t             cipherKey0;
> +  uint64_t             cipherKey1;
> +  uint64_t             cipherKey2;
> +  uint64_t             cipherKey3;
> +} AES256_t, *AES256_pt;
> +
> +
> +/* All AES192 possibilities */
> +
> +/* AES192, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1, SHA-192)      - 88  bytes */
> +typedef struct AES192HMAC_s {
> +  uint64_t             cipherKey0;
> +  uint64_t             cipherKey1;
> +  uint64_t             cipherKey2;
> +  uint64_t             hmacKey0;
> +  uint64_t             hmacKey1;
> +  uint64_t             hmacKey2;
> +  uint64_t             hmacKey3;
> +  uint64_t             hmacKey4;
> +  uint64_t             hmacKey5;
> +  uint64_t             hmacKey6;
> +  uint64_t             hmacKey7;
> +} AES192HMAC_t, *AES192HMAC_pt;
> +
> +/* AES192, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-512)      - 152  bytes */
> +typedef struct AES192HMAC2_s {
> +  uint64_t             cipherKey0;
> +  uint64_t             cipherKey1;
> +  uint64_t             cipherKey2;
> +  uint64_t             hmacKey0;
> +  uint64_t             hmacKey1;
> +  uint64_t             hmacKey2;
> +  uint64_t             hmacKey3;
> +  uint64_t             hmacKey4;
> +  uint64_t             hmacKey5;
> +  uint64_t             hmacKey6;
> +  uint64_t             hmacKey7;
> +  uint64_t             hmacKey8;
> +  uint64_t             hmacKey9;
> +  uint64_t             hmacKey10;
> +  uint64_t             hmacKey11;
> +  uint64_t             hmacKey12;
> +  uint64_t             hmacKey13;
> +  uint64_t             hmacKey14;
> +  uint64_t             hmacKey15;
> +} AES192HMAC2_t, *AES192HMAC2_pt;
> +
> +/* AES192, (ECB, CBC, OFB, CTR, CFB), GCM      - 48  bytes */
> +typedef struct AES192GCM_s {
> +  uint64_t             cipherKey0;
> +  uint64_t             cipherKey1;
> +  uint64_t             cipherKey2;
> +  uint64_t             GCMH0;
> +  uint64_t             GCMH1;
> +  uint64_t             GCMSCI;
> +} AES192GCM_t, *AES192GCM_pt;
> +
> +/* AES192, (ECB, CBC, OFB, CTR, CFB), F9      - 48  bytes */
> +typedef struct AES192F9_s {
> +  uint64_t             cipherKey0;
> +  uint64_t             cipherKey1;
> +  uint64_t             cipherKey2;
> +  uint64_t             authKey0;
> +  uint64_t             authKey1;
> +} AES192F9_t, *AES192F9_pt;
> +
> +/* AES192, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1, SHA-192)  - 24  bytes */
> +typedef struct AES192_s {
> +  uint64_t             cipherKey0;
> +  uint64_t             cipherKey1;
> +  uint64_t             cipherKey2;
> +} AES192_t, *AES192_pt;
> +
> +
> +/* All AES128 possibilities */
> +
> +/* AES128, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1, SHA-128)      - 80  bytes */
> +typedef struct AES128HMAC_s {
> +  uint64_t             cipherKey0;
> +  uint64_t             cipherKey1;
> +  uint64_t             hmacKey0;
> +  uint64_t             hmacKey1;
> +  uint64_t             hmacKey2;
> +  uint64_t             hmacKey3;
> +  uint64_t             hmacKey4;
> +  uint64_t             hmacKey5;
> +  uint64_t             hmacKey6;
> +  uint64_t             hmacKey7;
> +} AES128HMAC_t, *AES128HMAC_pt;
> +
> +/* AES128, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-612)      - 144  bytes */
> +typedef struct AES128HMAC2_s {
> +  uint64_t             cipherKey0;
> +  uint64_t             cipherKey1;
> +  uint64_t             hmacKey0;
> +  uint64_t             hmacKey1;
> +  uint64_t             hmacKey2;
> +  uint64_t             hmacKey3;
> +  uint64_t             hmacKey4;
> +  uint64_t             hmacKey5;
> +  uint64_t             hmacKey6;
> +  uint64_t             hmacKey7;
> +  uint64_t             hmacKey8;
> +  uint64_t             hmacKey9;
> +  uint64_t             hmacKey10;
> +  uint64_t             hmacKey11;
> +  uint64_t             hmacKey12;
> +  uint64_t             hmacKey13;
> +  uint64_t             hmacKey14;
> +  uint64_t             hmacKey15;
> +} AES128HMAC2_t, *AES128HMAC2_pt;
> +
> +/* AES128, (ECB, CBC, OFB, CTR, CFB), GCM      - 40  bytes */
> +typedef struct AES128GCM_s {
> +  uint64_t             cipherKey0;
> +  uint64_t             cipherKey1;
> +  uint64_t             GCMH0;
> +  uint64_t             GCMH1;
> +  uint64_t             GCMSCI;
> +} AES128GCM_t, *AES128GCM_pt;
> +
> +/* AES128, (ECB, CBC, OFB, CTR, CFB), F9      - 48  bytes */
> +typedef struct AES128F9_s {
> +  uint64_t             cipherKey0;
> +  uint64_t             cipherKey1;
> +  uint64_t             authKey0;
> +  uint64_t             authKey1;
> +} AES128F9_t, *AES128F9_pt;
> +
> +/* AES128, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1, SHA-128)  - 16  bytes */
> +typedef struct AES128_s {
> +  uint64_t             cipherKey0;
> +  uint64_t             cipherKey1;
> +} AES128_t, *AES128_pt;
> +
> +/* AES128, (OFB F8), Non-HMAC (MD5, SHA-1, SHA-256)  - 32  bytes */
> +typedef struct AES128F8_s {
> +  uint64_t             cipherKey0;
> +  uint64_t             cipherKey1;
> +  uint64_t             cipherKeyMask0;
> +  uint64_t             cipherKeyMask1;
> +} AES128F8_t, *AES128F8_pt;
> +
> +/* AES128, (OFB F8), HMAC (MD5, SHA-1, SHA-256)  - 96  bytes */
> +typedef struct AES128F8HMAC_s {
> +  uint64_t             cipherKey0;
>
> *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.0910161821410.7984>