From owner-svn-src-projects@FreeBSD.ORG Fri Oct 16 17:22:11 2009 Return-Path: Delivered-To: svn-src-projects@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2E6361065672; Fri, 16 Oct 2009 17:22:11 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id ABBDB8FC1A; Fri, 16 Oct 2009 17:22:10 +0000 (UTC) Received: from fledge.watson.org (fledge.watson.org [65.122.17.41]) by cyrus.watson.org (Postfix) with ESMTPS id 5CD5146B06; Fri, 16 Oct 2009 13:22:10 -0400 (EDT) Date: Fri, 16 Oct 2009 18:22:10 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Randall Stewart In-Reply-To: <200910152108.n9FL86Zx084803@svn.freebsd.org> Message-ID: References: <200910152108.n9FL86Zx084803@svn.freebsd.org> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: svn-src-projects@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r198157 - in projects/mips/sys/dev/rmi: sec xlr X-BeenThere: svn-src-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the src " projects" tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Oct 2009 17:22:11 -0000 On Thu, 15 Oct 2009, Randall Stewart wrote: > Adds the untouched code from the RMI 6.4 stuff. > This has a security device and the gig ethernet device. > Note the 10gig device driver is yet missing. I'm particularly interested in seeing this, past drops I've used have not had support for the on-board 10gbps parts on the XLR. Robert > > Added: > projects/mips/sys/dev/rmi/sec/desc.h (contents, props changed) > projects/mips/sys/dev/rmi/sec/rmilib.c > projects/mips/sys/dev/rmi/sec/rmilib.h > projects/mips/sys/dev/rmi/sec/rmisec.c > projects/mips/sys/dev/rmi/sec/stats.h > projects/mips/sys/dev/rmi/xlr/atx_cpld.h > projects/mips/sys/dev/rmi/xlr/rge.c > projects/mips/sys/dev/rmi/xlr/rge.h > projects/mips/sys/dev/rmi/xlr/xgmac_mdio.h > > Added: projects/mips/sys/dev/rmi/sec/desc.h > ============================================================================== > --- /dev/null 00:00:00 1970 (empty, because file is newly added) > +++ projects/mips/sys/dev/rmi/sec/desc.h Thu Oct 15 21:08:06 2009 (r198157) > @@ -0,0 +1,3066 @@ > +/*- > + * Copyright (c) 2003-2009 RMI Corporation > + * All rights reserved. > + * > + * Redistribution and use in source and binary forms, with or without > + * modification, are permitted provided that the following conditions > + * are met: > + * 1. Redistributions of source code must retain the above copyright > + * notice, this list of conditions and the following disclaimer. > + * 2. Redistributions in binary form must reproduce the above copyright > + * notice, this list of conditions and the following disclaimer in the > + * documentation and/or other materials provided with the distribution. > + * 3. Neither the name of RMI Corporation, nor the names of its contributors, > + * may be used to endorse or promote products derived from this software > + * without specific prior written permission. > + * > + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND > + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE > + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE > + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE > + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL > + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS > + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT > + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY > + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF > + * SUCH DAMAGE. > + * > + * RMI_BSD */ > +#ifndef _DESC_H_ > +#define _DESC_H_ > + > + > +#define ONE_BIT 0x0000000000000001ULL > +#define TWO_BITS 0x0000000000000003ULL > +#define THREE_BITS 0x0000000000000007ULL > +#define FOUR_BITS 0x000000000000000fULL > +#define FIVE_BITS 0x000000000000001fULL > +#define SIX_BITS 0x000000000000003fULL > +#define SEVEN_BITS 0x000000000000007fULL > +#define EIGHT_BITS 0x00000000000000ffULL > +#define NINE_BITS 0x00000000000001ffULL > +#define ELEVEN_BITS 0x00000000000007ffULL > +#define TWELVE_BITS 0x0000000000000fffULL > +#define FOURTEEN_BITS 0x0000000000003fffULL > +#define TWENTYFOUR_BITS 0x0000000000ffffffULL > +#define THIRTY_TWO_BITS 0x00000000ffffffffULL > +#define THIRTY_FIVE_BITS 0x00000007ffffffffULL > +#define FOURTY_BITS 0x000000ffffffffffULL > + > +#define MSG_IN_CTL_LEN_BASE 40 > +#define MSG_IN_CTL_ADDR_BASE 0 > + > +#define GET_FIELD(word,field) \ > + ((word) & (field ## _MASK)) >> (field ## _LSB) > + > +#define FIELD_VALUE(field,value) (((value) & (field ## _BITS)) << (field ## _LSB)) > + > +/* > + * NOTE: this macro expects 'word' to be uninitialized (i.e. zeroed) > + */ > +#define SET_FIELD(word,field,value) \ > + { (word) |= (((value) & (field ## _BITS)) << (field ## _LSB)); } > + > +/* > + * This macro clears 'word', then sets the value > + */ > +#define CLEAR_SET_FIELD(word,field,value) \ > + { (word) &= ~((field ## _BITS) << (field ## _LSB)); \ > + (word) |= (((value) & (field ## _BITS)) << (field ## _LSB)); } > + > +/* > + * NOTE: May be used to build value specific mask > + * (e.g. GEN_MASK(CTL_DSC_CPHR_3DES,CTL_DSC_CPHR_LSB) > + */ > +#define GEN_MASK(bits,lsb) ((bits) << (lsb)) > + > + > + > + > +/* > + * Security block data and control exchange > + * > + * A 2-word message ring descriptor is used to pass a pointer to the control descriptor data structure > + * and a pointer to the packet descriptor data structure: > + * > + * 63 61 60 54 53 52 49 48 45 44 40 > + * 39 5 4 0 > + * --------------------------------------------------------------------------------------------------------------------------------------------------------- > + * | Ctrl | Resp Dest Id Entry0 | IF_L2ALLOC | UNUSED | Control Length | UNUSED > + * | 35 MSB of address of control descriptor data structure | Software Scratch0 > + * | > + * --------------------------------------------------------------------------------------------------------------------------------------------------------- > + * 3 7 1 4 4 5 > + * 35 5 > + * > + * 63 61 60 54 53 52 51 50 46 45 44 40 39 5 4 0 > + * --------------------------------------------------------------------------------------------------------------------------------------------------------- > + * | Ctrl | UNUSED | WRB_COH | WRB_L2ALLOC | DF_PTR_L2ALLOC | UNUSED | Data Length | UNUSED | 35 MSB of address of packet descriptor data structure | UNUSED | > + * --------------------------------------------------------------------------------------------------------------------------------------------------------- > + * 3 7 1 1 1 5 1 5 35 5 > + * > + * Addresses assumed to be cache-line aligned, i.e., Address[4:0] ignored (using 5'h00 instead) > + * > + * Control length is the number of control cachelines to be read so user needs > + * to round up > + * the control length to closest integer multiple of 32 bytes. Note that at > + * present (08/12/04) > + * the longest (sensical) ctrl structure is <= 416 bytes, i.e., 13 cachelines. > + * > + * The packet descriptor data structure size is fixed at 1 cacheline (32 bytes). > + * This effectively makes "Data Length" a Load/NoLoad bit. NoLoad causes an abort. > + * > + * > + * Upon completion of operation, the security block returns a 2-word free descriptor > + * in the following format: > + * > + * 63 61 60 54 53 52 51 49 48 47 40 39 0 > + * ---------------------------------------------------------------------------------------------------------------------------- > + * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | 1'b0 | Instruction Error | Address of control descriptor data structure | > + * ---------------------------------------------------------------------------------------------------------------------------- > + * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | 1'b0 | Data Error | Address of packet descriptor data structure | > + * ---------------------------------------------------------------------------------------------------------------------------- > + * > + * The Instruction and Data Error codes are enumerated in the > + * ControlDescriptor and PacketDescriptor sections below > + * > + */ > + > + > +/* > + * Operating assumptions > + * ===================== > + * > + * > + * -> For all IpSec ops, I assume that all the IP/IPSec/TCP headers > + * and the data are present at the specified source addresses. > + * I also assume that all necessary header data already exists > + * at the destination. Additionally, in AH I assume that all > + * mutable fields (IP.{TOS, Flags, Offset, TTL, Header_Checksum}) > + * and the AH.Authentication_Data have been zeroed by the client. > + * > + * > + * -> In principle, the HW can calculate TCP checksums on both > + * incoming and outgoing data; however, since the TCP header > + * contains the TCP checksum of the plain payload and the header > + * is encrypted, two passes would be necessary to do checksum + encryption > + * for outgoing messages; > + * therefore the checksum engine will likely only be used during decryption > + * (incoming). > + * > + * > + * -> For all operations involving TCP checksum, I assume the client has filled > + * the TCP checksum field with the appropriate value: > + * > + * - 0 for generation phase > + * - actual value for verification phase (expecting 0 result) > + * > + * > + * -> For ESP tunnel, the original IP header exists between the end of the > + * ESP header and the beginning of the TCP header; it is assumed that the > + * maximum length of this header is 16 k(32bit)words (used in CkSum_Offset). > + * > + * > + * -> The authentication data is merely written to the destination address; > + * the client is left with the task of comparing to the data in packet > + * in decrypt. > + * > + * -> PacketDescriptor_t.dstLLWMask relevant to AES CTR mode only but it will > + * affect all AES-related operations. It will not affect DES/3DES/bypass ops. > + * The mask is applied to data as it emerges from the AES engine for the sole > + * purpose of providing the authenticator and cksum engines with correct data. > + * CAVEAT: the HW does not mask the incoming data. It is the user's responsibility > + * to set to 0 the corresponding data in memory. If the surplus data is not masked > + * in memory, cksum/auth results will be incorrect if those engines receive data > + * straight from memory (i.e., not from cipher, as it happens while decoding) > + */ > + > +/* > + * Fragmentation and offset related notes > + * ====================================== > + * > + * > + * A) Rebuilding packets from fragments on dword boundaries. The discussion > + * below is exemplified by tests memcpy_all_off_frags and memcpy_same_off_frags > + * > + * 1) The Offset before data/iv on first fragment is ALWAYS written back > + * Non-zero dst dword or global offsets may cause more data to be > + * written than the user-specified length. > + * > + * > + * Example: > + * -------- > + * > + * Below is a source (first fragment) packet (@ ADD0 cache-aligned address). > + * Assume we just copy it and relevant data starts on > + * dword 3 so Cipher_Offset = IV_Offset = 3 (dwords). > + * D0X denotes relevant data and G denotes dont care data. > + * Offset data is also copied so Packet_Legth = 9 (dwords) * 8 = 72 (bytes) > + * Segment_src_address = ADD0 > + * > + * If we want to, e.g., copy so that the relevant (i.e., D0X) data > + * starts at (cache-aligned address) ADD1, we need to specify > + * Dst_dword_offset = 1 so D00 is moved from dword position 3 to 0 on next cache-line > + * Cipher_dst_address = ADD1 - 0x20 so D00 is written to ADD1 > + * > + * Note that the security engine always writes full cachelines > + * therefore, data written to dword0 0 of ADD1 (denoted w/ ?) is what the sec pipe > + * write back buffer contained from previous op. > + * > + * > + * SOURCE: DESTINATION: > + * ------- ------------ > + * > + * Segment_src_address = ADD0 Cipher_dst_address = ADD1 - 0x20 > + * Packet_Legth = 72 Dst_dword_offset = 1 > + * Cipher_Offset = 3 > + * IV_Offset = 3 > + * Use_IV = ANY > + * > + * > + * > + * 3 2 1 0 3 2 1 0 > + * ----------------------- ----------------------- > + * | D00 | G | G | G | <- ADD0 | G | G | G | ? | <- ADD1 - 0x20 > + * ----------------------- ----------------------- > + * | D04 | D03 | D02 | D01 | | D03 | D02 | D01 | D00 | <- ADD1 > + * ----------------------- ----------------------- > + * | | | | D05 | | | | D05 | D04 | > + * ----------------------- ----------------------- > + * > + * 2) On fragments following the first, IV_Offset is overloaded to mean data offset > + * (number of dwords to skip from beginning of cacheline before starting processing) > + * and Use_IV is overloaded to mean do writeback the offset (in the clear). > + * These fields in combination with Dst_dword_offset allow packet fragments with > + * arbitrary boundaries/lengthd to be reasembled. > + * > + * > + * Example: > + * -------- > + * > + * Assume data above was first fragment of a packet we'd like to merge to > + * (second) fragment below located at ADD2. The written data should follow > + * the previous data without gaps or overwrites. To achieve this, one should > + * assert the "Next" field on the previous fragment and use self-explanatory > + * set of parameters below > + * > + * > + * SOURCE: DESTINATION: > + * ------- ------------ > + * > + * Segment_src_address = ADD2 Cipher_dst_address = ADD1 + 0x20 > + * Packet_Legth = 104 Dst_dword_offset = 1 > + * IV_Offset = 1 > + * Use_IV = 0 > + * > + * > + * > + * 3 2 1 0 3 2 1 0 > + * ----------------------- ----------------------- > + * | D12 | D11 | D10 | G | <- ADD2 | G | G | G | ? | <- ADD1 - 0x20 > + * ----------------------- ----------------------- > + * | D16 | D15 | D14 | D13 | | D03 | D02 | D01 | D00 | <- ADD1 > + * ----------------------- ----------------------- > + * | D1a | D19 | D18 | D17 | | D11 | D10 | D05 | D04 | <- ADD1 + 0x20 > + * ----------------------- ----------------------- > + * | | | | D1b | | D15 | D14 | D13 | D12 | > + * ----------------------- ----------------------- > + * | D19 | D18 | D17 | D16 | > + * ----------------------- > + * | | | D1b | D1a | > + * ----------------------- > + * > + * It is note-worthy that the merging can only be achieved if Use_IV is 0. Indeed, the security > + * engine always writes full lines, therefore ADD1 + 0x20 will be re-written. Setting Use_IV to 0 > + * will allow the sec pipe write back buffer to preserve D04, D05 from previous frag and only > + * receive D10, D11 thereby preserving the integrity of the previous data. > + * > + * 3) On fragments following the first, !UseIV in combination w/ Dst_dword_offset >= (4 - IV_Offset) > + * will cause a wraparound of the write thus achieving all 16 possible (Initial_Location, Final_Location) > + * combinations for the data. > + * > + * > + * Example: > + * -------- > + * > + * Contiguously merging 2 data sets above with a third located at ADD3. If this is the last fragment, > + * reset its Next bit. > + * > + * > + * SOURCE: DESTINATION: > + * ------- ------------ > + * > + * Segment_src_address = ADD3 Cipher_dst_address = ADD1 + 0x80 > + * Packet_Legth = 152 Dst_dword_offset = 3 > + * IV_Offset = 3 > + * Use_IV = 0 > + * > + * > + * > + * 3 2 1 0 3 2 1 0 > + * ----------------------- ----------------------- > + * | D20 | G | G | G | <- ADD2 | G | G | G | ? | <- ADD1 - 0x20 > + * ----------------------- ----------------------- > + * | D24 | D23 | D22 | D21 | | D03 | D02 | D01 | D00 | <- ADD1 > + * ----------------------- ----------------------- > + * | D28 | D27 | D26 | D25 | | D11 | D10 | D05 | D04 | <- ADD1 + 0x20 > + * ----------------------- ----------------------- > + * | D2c | D2b | D2a | D29 | | D15 | D14 | D13 | D12 | > + * ----------------------- ----------------------- > + * | | D2f | D2e | D2d | | D19 | D18 | D17 | D16 | > + * ----------------------- ----------------------- > + * | D21 | D20 | D1b | D1a | <- ADD1 + 0x80 > + * ----------------------- > + * | D25 | D24 | D23 | D22 | > + * ----------------------- > + * | D29 | D28 | D27 | D26 | > + * ----------------------- > + * | D2d | D2c | D2b | D2a | > + * ----------------------- > + * |(D2d)|(D2c)| D2f | D2e | > + * ----------------------- > + * > + * It is worth noticing that always writing full-lines causes the last 2 dwords in the reconstituted > + * packet to be unnecessarily written: (D2d) and (D2c) > + * > + * > + * > + * B) Implications of fragmentation on AES > + * > + * 1) AES is a 128 bit block cipher; therefore it requires an even dword total data length > + * Data fragments (provided there are more than 1) are allowed to have odd dword > + * data lengths provided the total length (cumulated over fragments) is an even dword > + * count; an error will be generated otherwise, upon receiving the last fragment descriptor > + * (see error conditions below). > + * > + * 2) While using fragments with AES, a fragment (other than first) starting with a != 0 (IV) offset > + * while the subsequent total dword count given to AES is odd may not be required to write > + * its offset (UseIV). Doing so will cause an error (see error conditions below). > + * > + * > + * Example: > + * -------- > + * > + * Suppose the first fragment has an odd DATA dword count and USES AES (as seen below) > + * > + * SOURCE: DESTINATION: > + * ------- ------------ > + * > + * Segment_src_address = ADD0 Cipher_dst_address = ADD1 > + * Packet_Legth = 64 Dst_dword_offset = 1 > + * Cipher_Offset = 3 > + * IV_Offset = 1 > + * Use_IV = 1 > + * Cipher = Any AES > + * Next = 1 > + * > + * > + * > + * > + * 3 2 1 0 3 2 1 0 > + * ----------------------- ----------------------- > + * | D00 | IV1 | IV0 | G | <- ADD0 | E00 | IV1 | IV0 | G | <- ADD1 > + * ----------------------- ----------------------- > + * | D04 | D03 | D02 | D01 | | X | E03 | E02 | E01 | > + * ----------------------- ----------------------- > + * > + * At the end of processing of the previous fragment, the AES engine input buffer has D04 > + * and waits for next dword, therefore the writeback buffer cannot finish writing the fragment > + * to destination (X instead of E04). > + * > + * If a second fragment now arrives with a non-0 offset and requires the offset data to be > + * written to destination, the previous write (still needing the arrival of the last dword > + * required by the AES to complete the previous operation) cannot complete before the present > + * should start causing a deadlock. > + */ > + > +/* > + * Command Control Word for Message Ring Descriptor > + */ > + > +/* #define MSG_CMD_CTL_CTL */ > +#define MSG_CMD_CTL_CTL_LSB 61 > +#define MSG_CMD_CTL_CTL_BITS THREE_BITS > +#define MSG_CMD_CTL_CTL_MASK (MSG_CMD_CTL_CTL_BITS << MSG_CMD_CTL_CTL_LSB) > + > +/* #define MSG_CMD_CTL_ID */ > +#define MSG_CMD_CTL_ID_LSB 54 > +#define MSG_CMD_CTL_ID_BITS SEVEN_BITS > +#define MSG_CMD_CTL_ID_MASK (MSG_CMD_CTL_ID_BITS << MSG_CMD_CTL_ID_LSB) > + > +/* #define MSG_CMD_CTL_LEN */ > +#define MSG_CMD_CTL_LEN_LSB 45 > +#define MSG_CMD_CTL_LEN_BITS FOUR_BITS > +#define MSG_CMD_CTL_LEN_MASK (MSG_CMD_CTL_LEN_BITS << MSG_CMD_CTL_LEN_LSB) > + > + > +/* #define MSG_CMD_CTL_ADDR */ > +#define MSG_CMD_CTL_ADDR_LSB 0 > +#define MSG_CMD_CTL_ADDR_BITS FOURTY_BITS > +#define MSG_CMD_CTL_ADDR_MASK (MSG_CMD_CTL_ADDR_BITS << MSG_CMD_CTL_ADDR_LSB) > + > +#define MSG_CMD_CTL_MASK (MSG_CMD_CTL_CTL_MASK | \ > + MSG_CMD_CTL_LEN_MASK | MSG_CMD_CTL_ADDR_MASK) > + > +/* > + * Command Data Word for Message Ring Descriptor > + */ > + > +/* #define MSG_IN_DATA_CTL */ > +#define MSG_CMD_DATA_CTL_LSB 61 > +#define MSG_CMD_DATA_CTL_BITS THREE_BITS > +#define MSG_CMD_DATA_CTL_MASK (MSG_CMD_DATA_CTL_BITS << MSG_CMD_DATA_CTL_LSB) > + > +/* #define MSG_CMD_DATA_LEN */ > +#define MSG_CMD_DATA_LEN_LOAD 1 > +#define MSG_CMD_DATA_LEN_LSB 45 > +#define MSG_CMD_DATA_LEN_BITS ONE_BIT > +#define MSG_CMD_DATA_LEN_MASK (MSG_CMD_DATA_LEN_BITS << MSG_CMD_DATA_LEN_LSB) > + > +/* #define MSG_CMD_DATA_ADDR */ > +#define MSG_CMD_DATA_ADDR_LSB 0 > +#define MSG_CMD_DATA_ADDR_BITS FOURTY_BITS > +#define MSG_CMD_DATA_ADDR_MASK (MSG_CMD_DATA_ADDR_BITS << MSG_CMD_DATA_ADDR_LSB) > + > +#define MSG_CMD_DATA_MASK (MSG_CMD_DATA_CTL_MASK | \ > + MSG_CMD_DATA_LEN_MASK | MSG_CMD_DATA_ADDR_MASK) > + > + > +/* > + * Upon completion of operation, the Sec block returns a 2-word free descriptor > + * in the following format: > + * > + * 63 61 60 54 53 52 51 49 48 40 39 0 > + * ---------------------------------------------------------------------------- > + * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | Control Error | Source Address | > + * ---------------------------------------------------------------------------- > + * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | Data Error | Dest Address | > + * ---------------------------------------------------------------------------- > + * > + * The Control and Data Error codes are enumerated below > + * > + * Error conditions > + * ================ > + * > + * Control Error Code Control Error Condition > + * ------------------ --------------------------- > + * 9'h000 No Error > + * 9'h001 Unknown Cipher Op ( Cipher == 3'h{6,7}) > + * 9'h002 Unknown or Illegal Mode ((Mode == 3'h{2,3,4} & !AES) | (Mode == 3'h{5,6,7})) > + * 9'h004 Unsupported CkSum Src (CkSum_Src == 2'h{2,3} & CKSUM) > + * 9'h008 Forbidden CFB Mask (AES & CFBMode & UseNewKeysCFBMask & CFBMask[7] & (| CFBMask[6:0])) > + * 9'h010 Unknown Ctrl Op ((| Ctrl[63:37]) | (| Ctrl[15:14])) > + * 9'h020 UNUSED > + * 9'h040 UNUSED > + * 9'h080 Data Read Error > + * 9'h100 Descriptor Ctrl Field Error (D0.Ctrl != SOP || D1.Ctrl != EOP) > + * > + * Data Error Code Data Error Condition > + * --------------- -------------------- > + * 9'h000 No Error > + * 9'h001 Insufficient Data To Cipher (Packet_Length <= (Cipher_Offset or IV_Offset)) > + * 9'h002 Illegal IV Location ((Cipher_Offset < IV_Offset) | (Cipher_Offset <= IV_Offset & AES & ~CTR)) > + * 9'h004 Illegal Wordcount To AES (Packet_Length[3] != Cipher_Offset[0] & AES) > + * 9'h008 Illegal Pad And ByteCount Spec (Hash_Byte_Count != 0 & !Pad_Hash) > + * 9'h010 Insufficient Data To CkSum ({Packet_Length, 1'b0} <= CkSum_Offset) > + * 9'h020 Unknown Data Op ((| dstLLWMask[63:60]) | (| dstLLWMask[57:40]) | (| authDst[63:40]) | (| ckSumDst[63:40])) > + * 9'h040 Insufficient Data To Auth ({Packet_Length} <= Auth_Offset) > + * 9'h080 Data Read Error > + * 9'h100 UNUSED > + */ > + > +/* > + * Result Control Word for Message Ring Descriptor > + */ > + > +/* #define MSG_RSLT_CTL_CTL */ > +#define MSG_RSLT_CTL_CTL_LSB 61 > +#define MSG_RSLT_CTL_CTL_BITS THREE_BITS > +#define MSG_RSLT_CTL_CTL_MASK \ > + (MSG_RSLT_CTL_CTL_BITS << MSG_RSLT_CTL_CTL_LSB) > + > +/* #define MSG_RSLT_CTL_DST_ID */ > +#define MSG_RSLT_CTL_DST_ID_LSB 54 > +#define MSG_RSLT_CTL_DST_ID_BITS SEVEN_BITS > +#define MSG_RSLT_CTL_DST_ID_MASK \ > + (MSG_RSLT_CTL_DST_ID_BITS << MSG_RSLT_CTL_DST_ID_LSB) > + > +/* #define MSG_RSLT_CTL_DSC_CTL */ > +#define MSG_RSLT_CTL_DSC_CTL_LSB 49 > +#define MSG_RSLT_CTL_DSC_CTL_BITS THREE_BITS > +#define MSG_RSLT_CTL_DSC_CTL_MASK \ > + (MSG_RSLT_CTL_DSC_CTL_BITS << MSG_RSLT_CTL_DSC_CTL_LSB) > + > +/* #define MSG_RSLT_CTL_INST_ERR */ > +#define MSG_RSLT_CTL_INST_ERR_LSB 40 > +#define MSG_RSLT_CTL_INST_ERR_BITS NINE_BITS > +#define MSG_RSLT_CTL_INST_ERR_MASK \ > + (MSG_RSLT_CTL_INST_ERR_BITS << MSG_RSLT_CTL_INST_ERR_LSB) > + > +/* #define MSG_RSLT_CTL_DSC_ADDR */ > +#define MSG_RSLT_CTL_DSC_ADDR_LSB 0 > +#define MSG_RSLT_CTL_DSC_ADDR_BITS FOURTY_BITS > +#define MSG_RSLT_CTL_DSC_ADDR_MASK \ > + (MSG_RSLT_CTL_DSC_ADDR_BITS << MSG_RSLT_CTL_DSC_ADDR_LSB) > + > +/* #define MSG_RSLT_CTL_MASK */ > +#define MSG_RSLT_CTL_MASK \ > + (MSG_RSLT_CTL_CTRL_MASK | MSG_RSLT_CTL_DST_ID_MASK | \ > + MSG_RSLT_CTL_DSC_CTL_MASK | MSG_RSLT_CTL_INST_ERR_MASK | \ > + MSG_RSLT_CTL_DSC_ADDR_MASK) > + > +/* > + * Result Data Word for Message Ring Descriptor > + */ > +/* #define MSG_RSLT_DATA_CTL */ > +#define MSG_RSLT_DATA_CTL_LSB 61 > +#define MSG_RSLT_DATA_CTL_BITS THREE_BITS > +#define MSG_RSLT_DATA_CTL_MASK \ > + (MSG_RSLT_DATA_CTL_BITS << MSG_RSLT_DATA_CTL_LSB) > + > +/* #define MSG_RSLT_DATA_DST_ID */ > +#define MSG_RSLT_DATA_DST_ID_LSB 54 > +#define MSG_RSLT_DATA_DST_ID_BITS SEVEN_BITS > +#define MSG_RSLT_DATA_DST_ID_MASK \ > + (MSG_RSLT_DATA_DST_ID_BITS << MSG_RSLT_DATA_DST_ID_LSB) > + > +/* #define MSG_RSLT_DATA_DSC_CTL */ > +#define MSG_RSLT_DATA_DSC_CTL_LSB 49 > +#define MSG_RSLT_DATA_DSC_CTL_BITS THREE_BITS > +#define MSG_RSLT_DATA_DSC_CTL_MASK \ > + (MSG_RSLT_DATA_DSC_CTL_BITS << MSG_RSLT_DATA_DSC_CTL_LSB) > + > +/* #define MSG_RSLT_DATA_INST_ERR */ > +#define MSG_RSLT_DATA_INST_ERR_LSB 40 > +#define MSG_RSLT_DATA_INST_ERR_BITS NINE_BITS > +#define MSG_RSLT_DATA_INST_ERR_MASK \ > + (MSG_RSLT_DATA_INST_ERR_BITS << MSG_RSLT_DATA_INST_ERR_LSB) > + > +/* #define MSG_RSLT_DATA_DSC_ADDR */ > +#define MSG_RSLT_DATA_DSC_ADDR_LSB 0 > +#define MSG_RSLT_DATA_DSC_ADDR_BITS FOURTY_BITS > +#define MSG_RSLT_DATA_DSC_ADDR_MASK \ > + (MSG_RSLT_DATA_DSC_ADDR_BITS << MSG_RSLT_DATA_DSC_ADDR_LSB) > + > +#define MSG_RSLT_DATA_MASK \ > + (MSG_RSLT_DATA_CTRL_MASK | MSG_RSLT_DATA_DST_ID_MASK | \ > + MSG_RSLT_DATA_DSC_CTL_MASK | MSG_RSLT_DATA_INST_ERR_MASK | \ > + MSG_RSLT_DATA_DSC_ADDR_MASK) > + > + > +/* > + * Common Message Definitions > + * > + */ > + > +/* #define MSG_CTL_OP_ADDR */ > +#define MSG_CTL_OP_ADDR_LSB 0 > +#define MSG_CTL_OP_ADDR_BITS FOURTY_BITS > +#define MSG_CTL_OP_ADDR_MASK (MSG_CTL_OP_ADDR_BITS << MSG_CTL_OP_ADDR_LSB) > + > +#define MSG_CTL_OP_TYPE > +#define MSG_CTL_OP_TYPE_LSB 3 > +#define MSG_CTL_OP_TYPE_BITS TWO_BITS > +#define MSG_CTL_OP_TYPE_MASK \ > + (MSG_CTL_OP_TYPE_BITS << MSG_CTL_OP_TYPE_LSB) > + > +#define MSG0_CTL_OP_ENGINE_SYMKEY 0x01 > +#define MSG0_CTL_OP_ENGINE_PUBKEY 0x02 > + > +#define MSG1_CTL_OP_SYMKEY_PIPE0 0x00 > +#define MSG1_CTL_OP_SYMKEY_PIPE1 0x01 > +#define MSG1_CTL_OP_SYMKEY_PIPE2 0x02 > +#define MSG1_CTL_OP_SYMKEY_PIPE3 0x03 > + > +#define MSG1_CTL_OP_PUBKEY_PIPE0 0x00 > +#define MSG1_CTL_OP_PUBKEY_PIPE1 0x01 > +#define MSG1_CTL_OP_PUBKEY_PIPE2 0x02 > +#define MSG1_CTL_OP_PUBKEY_PIPE3 0x03 > + > + > +/* /----------------------------------------\ > + * | | > + * | ControlDescriptor_s datastructure | > + * | | > + * \----------------------------------------/ > + * > + * > + * ControlDescriptor_t.Instruction > + * ------------------------------- > + * > + * 63 44 43 42 41 40 39 35 34 32 31 29 28 > + * -------------------------------------------------------------------------------------------------------------------- > + * || UNUSED || OverrideCipher | Arc4Wait4Save | SaveArc4State | LoadArc4State | Arc4KeyLen | Cipher | Mode | InCp_Key || ... CONT ... > + * -------------------------------------------------------------------------------------------------------------------- > + * 20 1 1 1 1 5 3 3 1 > + * <-----------------------------------------------CIPHER---------------------------------------------------> > + * > + * 27 25 24 23 22 21 20 19 17 16 15 0 > + * ----------------------------------------------------------------------------- > + * || UNUSED | Hash_Hi | HMAC | Hash_Lo | InHs_Key || UNUSED || CkSum || UNUSED || > + * ----------------------------------------------------------------------------- > + * 3 1 1 2 1 3 1 16 > + * <---------------------HASH---------------------><-----------CKSUM-----------> > + * > + * X0 CIPHER.Arc4Wait4Save = If op is Arc4 and it requires state saving, then > + * setting this bit will cause the current op to > + * delay subsequent op loading until saved state data > + * becomes visible. > + * CIPHER.OverrideCipher = Override encryption if PacketDescriptor_t.dstDataSettings.CipherPrefix > + * is set; data will be copied out (and optionally auth/cksum) > + * in the clear. This is used in GCM mode if auth only as we > + * still need E(K, 0) calculated by cipher. Engine behavior is > + * undefined if this bit is set and CipherPrefix is not. > + * X0 SaveArc4State = Save Arc4 state at the end of Arc4 operation > + * X0 LoadArc4State = Load Arc4 state at the beginning of an Arc4 operation > + * This overriden by the InCp_Key setting for Arc4 > + * Arc4KeyLen = Length in bytes of Arc4 key (0 is interpreted as 32) > + * Ignored for other ciphers > + * For ARC4, IFetch/IDecode will always read exactly 4 > + * consecutive dwords into its CipherKey{0,3} regardless > + * of this quantity; it will however only use the specified > + * number of bytes. > + * Cipher = 3'b000 Bypass > + * 3'b001 DES > + * 3'b010 3DES > + * 3'b011 AES 128-bit key > + * 3'b100 AES 192-bit key > + * 3'b101 AES 256-bit key > + * 3'b110 ARC4 > + * 3'b111 Kasumi f8 > + * Remainder UNDEFINED > + * Mode = 3'b000 ECB > + * 3'b001 CBC > + * 3'b010 CFB (AES only, otherwise undefined) > + * 3'b011 OFB (AES only, otherwise undefined) > + * 3'b100 CTR (AES only, otherwise undefined) > + * 3'b101 F8 (AES only, otherwise undefined) > + * Remainder UNDEFINED > + * InCp_Key = 1'b0 Preserve old Cipher Keys > + * 1'b1 Load new Cipher Keys from memory to local registers > + * and recalculate the Arc4 Sbox if Arc4 Cipher chosen; > + * This overrides LoadArc4State setting. > + * HASH.HMAC = 1'b0 Hash without HMAC > + * 1'b1 Hash with HMAC > + * Needs to be set to 0 for GCM and Kasumi F9 authenticators > + * otherwise unpredictable results will be generated > + * Hash = 2'b00 Hash NOP > + * 2'b01 MD5 > + * 2'b10 SHA-1 > + * 2'b11 SHA-256 > + * 3'b100 SHA-384 > + * 3'b101 SHA-512 > + * 3'b110 GCM > + * 3'b111 Kasumi f9 > + * InHs_Key = 1'b0 Preserve old HMAC Keys > + * If GCM is selected as authenticator, leaving this bit > + * at 0 will cause the engine to use the old H value. > + * It will use the old SCI inside the decoder if > + * CFBMask[1:0] == 2'b11. > + * If Kasumi F9 authenticator, using 0 preserves > + * old keys (IK) in decoder. > + * 1'b1 Load new HMAC Keys from memory to local registers > + * Setting this bit while Cipher=Arc4 and LoadArc4State=1 > + * causes the decoder to load the Arc4 state from the > + * cacheline following the HMAC keys (Whether HASH.HMAC > + * is set or not). > + * If GCM is selected as authenticator, setting this bit > + * causes both H (16 bytes) and SCI (8 bytes) to be loaded > + * from memory to the decoder. H will be loaded to the engine > + * but SCI is only loaded to the engine if CFBMask[1:0] == 2'b11. > + * If Kasumi F9 authenticator, using 1 loads new keys (IK) > + * from memory to decoder. > + * CHECKSUM.CkSum = 1'b0 CkSum NOP > + * 1'b1 INTERNET_CHECKSUM > + * > + * > + * > + */ > + > + /* #define CTRL_DSC_OVERRIDECIPHER */ > +#define CTL_DSC_OVERRIDECIPHER_OFF 0 > +#define CTL_DSC_OVERRIDECIPHER_ON 1 > +#define CTL_DSC_OVERRIDECIPHER_LSB 43 > +#define CTL_DSC_OVERRIDECIPHER_BITS ONE_BIT > +#define CTL_DSC_OVERRIDECIPHER_MASK (CTL_DSC_OVERRIDECIPHER_BITS << CTL_DSC_OVERRIDECIPHER_LSB) > + > +/* #define CTRL_DSC_ARC4_WAIT4SAVE */ > +#define CTL_DSC_ARC4_WAIT4SAVE_OFF 0 > +#define CTL_DSC_ARC4_WAIT4SAVE_ON 1 > +#define CTL_DSC_ARC4_WAIT4SAVE_LSB 42 > +#define CTL_DSC_ARC4_WAIT4SAVE_BITS ONE_BIT > +#define CTL_DSC_ARC4_WAIT4SAVE_MASK (CTL_DSC_ARC4_WAIT4SAVE_BITS << CTL_DSC_ARC4_WAIT4SAVE_LSB) > + > +/* #define CTRL_DSC_ARC4_SAVESTATE */ > +#define CTL_DSC_ARC4_SAVESTATE_OFF 0 > +#define CTL_DSC_ARC4_SAVESTATE_ON 1 > +#define CTL_DSC_ARC4_SAVESTATE_LSB 41 > +#define CTL_DSC_ARC4_SAVESTATE_BITS ONE_BIT > +#define CTL_DSC_ARC4_SAVESTATE_MASK (CTL_DSC_ARC4_SAVESTATE_BITS << CTL_DSC_ARC4_SAVESTATE_LSB) > + > +/* #define CTRL_DSC_ARC4_LOADSTATE */ > +#define CTL_DSC_ARC4_LOADSTATE_OFF 0 > +#define CTL_DSC_ARC4_LOADSTATE_ON 1 > +#define CTL_DSC_ARC4_LOADSTATE_LSB 40 > +#define CTL_DSC_ARC4_LOADSTATE_BITS ONE_BIT > +#define CTL_DSC_ARC4_LOADSTATE_MASK (CTL_DSC_ARC4_LOADSTATE_BITS << CTL_DSC_ARC4_LOADSTATE_LSB) > + > +/* #define CTRL_DSC_ARC4_KEYLEN */ > +#define CTL_DSC_ARC4_KEYLEN_LSB 35 > +#define CTL_DSC_ARC4_KEYLEN_BITS FIVE_BITS > +#define CTL_DSC_ARC4_KEYLEN_MASK (CTL_DSC_ARC4_KEYLEN_BITS << CTL_DSC_ARC4_KEYLEN_LSB) > + > +/* #define CTL_DSC_CPHR (cipher) */ > +#define CTL_DSC_CPHR_BYPASS 0 /* undefined */ > +#define CTL_DSC_CPHR_DES 1 > +#define CTL_DSC_CPHR_3DES 2 > +#define CTL_DSC_CPHR_AES128 3 > +#define CTL_DSC_CPHR_AES192 4 > +#define CTL_DSC_CPHR_AES256 5 > +#define CTL_DSC_CPHR_ARC4 6 > +#define CTL_DSC_CPHR_KASUMI_F8 7 > +#define CTL_DSC_CPHR_LSB 32 > +#define CTL_DSC_CPHR_BITS THREE_BITS > +#define CTL_DSC_CPHR_MASK (CTL_DSC_CPHR_BITS << CTL_DSC_CPHR_LSB) > + > +/* #define CTL_DSC_MODE */ > +#define CTL_DSC_MODE_ECB 0 > +#define CTL_DSC_MODE_CBC 1 > +#define CTL_DSC_MODE_CFB 2 > +#define CTL_DSC_MODE_OFB 3 > +#define CTL_DSC_MODE_CTR 4 > +#define CTL_DSC_MODE_F8 5 > +#define CTL_DSC_MODE_LSB 29 > +#define CTL_DSC_MODE_BITS THREE_BITS > +#define CTL_DSC_MODE_MASK (CTL_DSC_MODE_BITS << CTL_DSC_MODE_LSB) > + > +/* #define CTL_DSC_ICPHR */ > +#define CTL_DSC_ICPHR_OKY 0 /* Old Keys */ > +#define CTL_DSC_ICPHR_NKY 1 /* New Keys */ > +#define CTL_DSC_ICPHR_LSB 28 > +#define CTL_DSC_ICPHR_BITS ONE_BIT > +#define CTL_DSC_ICPHR_MASK (CTL_DSC_ICPHR_BITS << CTL_DSC_ICPHR_LSB) > + > +/* #define CTL_DSC_HASHHI */ > +#define CTL_DSC_HASHHI_LSB 24 > +#define CTL_DSC_HASHHI_BITS ONE_BIT > +#define CTL_DSC_HASHHI_MASK (CTL_DSC_HASHHI_BITS << CTL_DSC_HASHHI_LSB) > + > +/* #define CTL_DSC_HMAC */ > +#define CTL_DSC_HMAC_OFF 0 > +#define CTL_DSC_HMAC_ON 1 > +#define CTL_DSC_HMAC_LSB 23 > +#define CTL_DSC_HMAC_BITS ONE_BIT > +#define CTL_DSC_HMAC_MASK (CTL_DSC_HMAC_BITS << CTL_DSC_HMAC_LSB) > + > +/* #define CTL_DSC_HASH */ > +#define CTL_DSC_HASH_NOP 0 > +#define CTL_DSC_HASH_MD5 1 > +#define CTL_DSC_HASH_SHA1 2 > +#define CTL_DSC_HASH_SHA256 3 > +#define CTL_DSC_HASH_SHA384 4 > +#define CTL_DSC_HASH_SHA512 5 > +#define CTL_DSC_HASH_GCM 6 > +#define CTL_DSC_HASH_KASUMI_F9 7 > +#define CTL_DSC_HASH_LSB 21 > +#define CTL_DSC_HASH_BITS TWO_BITS > +#define CTL_DSC_HASH_MASK (CTL_DSC_HASH_BITS << CTL_DSC_HASH_LSB) > + > +/* #define CTL_DSC_IHASH */ > +#define CTL_DSC_IHASH_OLD 0 > +#define CTL_DSC_IHASH_NEW 1 > +#define CTL_DSC_IHASH_LSB 20 > +#define CTL_DSC_IHASH_BITS ONE_BIT > +#define CTL_DSC_IHASH_MASK (CTL_DSC_IHASH_BITS << CTL_DSC_IHASH_LSB) > + > +/* #define CTL_DSC_CKSUM */ > +#define CTL_DSC_CKSUM_NOP 0 > +#define CTL_DSC_CKSUM_IP 1 > +#define CTL_DSC_CKSUM_LSB 16 > +#define CTL_DSC_CKSUM_BITS ONE_BIT > +#define CTL_DSC_CKSUM_MASK (CTL_DSC_CKSUM_BITS << CTL_DSC_CKSUM_LSB) > + > + > +/* > + * Component strcts and unions defining CipherHashInfo_u > + */ > + > +/* AES256, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1, SHA-256) - 96 bytes */ > +typedef struct AES256HMAC_s { > + uint64_t cipherKey0; > + uint64_t cipherKey1; > + uint64_t cipherKey2; > + uint64_t cipherKey3; > + uint64_t hmacKey0; > + uint64_t hmacKey1; > + uint64_t hmacKey2; > + uint64_t hmacKey3; > + uint64_t hmacKey4; > + uint64_t hmacKey5; > + uint64_t hmacKey6; > + uint64_t hmacKey7; > +} AES256HMAC_t, *AES256HMAC_pt; > + > +/* AES256, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-512) - 160 bytes */ > +typedef struct AES256HMAC2_s { > + uint64_t cipherKey0; > + uint64_t cipherKey1; > + uint64_t cipherKey2; > + uint64_t cipherKey3; > + uint64_t hmacKey0; > + uint64_t hmacKey1; > + uint64_t hmacKey2; > + uint64_t hmacKey3; > + uint64_t hmacKey4; > + uint64_t hmacKey5; > + uint64_t hmacKey6; > + uint64_t hmacKey7; > + uint64_t hmacKey8; > + uint64_t hmacKey9; > + uint64_t hmacKey10; > + uint64_t hmacKey11; > + uint64_t hmacKey12; > + uint64_t hmacKey13; > + uint64_t hmacKey14; > + uint64_t hmacKey15; > +} AES256HMAC2_t, *AES256HMAC2_pt; > + > +/* AES256, (ECB, CBC, OFB, CTR, CFB), GCM - 56 bytes */ > +typedef struct AES256GCM_s { > + uint64_t cipherKey0; > + uint64_t cipherKey1; > + uint64_t cipherKey2; > + uint64_t cipherKey3; > + uint64_t GCMH0; > + uint64_t GCMH1; > + uint64_t GCMSCI; > +} AES256GCM_t, *AES256GCM_pt; > + > +/* AES256, (ECB, CBC, OFB, CTR, CFB), F9 - 56 bytes */ > +typedef struct AES256F9_s { > + uint64_t cipherKey0; > + uint64_t cipherKey1; > + uint64_t cipherKey2; > + uint64_t cipherKey3; > + uint64_t authKey0; > + uint64_t authKey1; > +} AES256F9_t, *AES256F9_pt; > + > +/* AES256, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1, SHA-256) - 32 bytes */ > +typedef struct AES256_s { > + uint64_t cipherKey0; > + uint64_t cipherKey1; > + uint64_t cipherKey2; > + uint64_t cipherKey3; > +} AES256_t, *AES256_pt; > + > + > +/* All AES192 possibilities */ > + > +/* AES192, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1, SHA-192) - 88 bytes */ > +typedef struct AES192HMAC_s { > + uint64_t cipherKey0; > + uint64_t cipherKey1; > + uint64_t cipherKey2; > + uint64_t hmacKey0; > + uint64_t hmacKey1; > + uint64_t hmacKey2; > + uint64_t hmacKey3; > + uint64_t hmacKey4; > + uint64_t hmacKey5; > + uint64_t hmacKey6; > + uint64_t hmacKey7; > +} AES192HMAC_t, *AES192HMAC_pt; > + > +/* AES192, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-512) - 152 bytes */ > +typedef struct AES192HMAC2_s { > + uint64_t cipherKey0; > + uint64_t cipherKey1; > + uint64_t cipherKey2; > + uint64_t hmacKey0; > + uint64_t hmacKey1; > + uint64_t hmacKey2; > + uint64_t hmacKey3; > + uint64_t hmacKey4; > + uint64_t hmacKey5; > + uint64_t hmacKey6; > + uint64_t hmacKey7; > + uint64_t hmacKey8; > + uint64_t hmacKey9; > + uint64_t hmacKey10; > + uint64_t hmacKey11; > + uint64_t hmacKey12; > + uint64_t hmacKey13; > + uint64_t hmacKey14; > + uint64_t hmacKey15; > +} AES192HMAC2_t, *AES192HMAC2_pt; > + > +/* AES192, (ECB, CBC, OFB, CTR, CFB), GCM - 48 bytes */ > +typedef struct AES192GCM_s { > + uint64_t cipherKey0; > + uint64_t cipherKey1; > + uint64_t cipherKey2; > + uint64_t GCMH0; > + uint64_t GCMH1; > + uint64_t GCMSCI; > +} AES192GCM_t, *AES192GCM_pt; > + > +/* AES192, (ECB, CBC, OFB, CTR, CFB), F9 - 48 bytes */ > +typedef struct AES192F9_s { > + uint64_t cipherKey0; > + uint64_t cipherKey1; > + uint64_t cipherKey2; > + uint64_t authKey0; > + uint64_t authKey1; > +} AES192F9_t, *AES192F9_pt; > + > +/* AES192, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1, SHA-192) - 24 bytes */ > +typedef struct AES192_s { > + uint64_t cipherKey0; > + uint64_t cipherKey1; > + uint64_t cipherKey2; > +} AES192_t, *AES192_pt; > + > + > +/* All AES128 possibilities */ > + > +/* AES128, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1, SHA-128) - 80 bytes */ > +typedef struct AES128HMAC_s { > + uint64_t cipherKey0; > + uint64_t cipherKey1; > + uint64_t hmacKey0; > + uint64_t hmacKey1; > + uint64_t hmacKey2; > + uint64_t hmacKey3; > + uint64_t hmacKey4; > + uint64_t hmacKey5; > + uint64_t hmacKey6; > + uint64_t hmacKey7; > +} AES128HMAC_t, *AES128HMAC_pt; > + > +/* AES128, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-612) - 144 bytes */ > +typedef struct AES128HMAC2_s { > + uint64_t cipherKey0; > + uint64_t cipherKey1; > + uint64_t hmacKey0; > + uint64_t hmacKey1; > + uint64_t hmacKey2; > + uint64_t hmacKey3; > + uint64_t hmacKey4; > + uint64_t hmacKey5; > + uint64_t hmacKey6; > + uint64_t hmacKey7; > + uint64_t hmacKey8; > + uint64_t hmacKey9; > + uint64_t hmacKey10; > + uint64_t hmacKey11; > + uint64_t hmacKey12; > + uint64_t hmacKey13; > + uint64_t hmacKey14; > + uint64_t hmacKey15; > +} AES128HMAC2_t, *AES128HMAC2_pt; > + > +/* AES128, (ECB, CBC, OFB, CTR, CFB), GCM - 40 bytes */ > +typedef struct AES128GCM_s { > + uint64_t cipherKey0; > + uint64_t cipherKey1; > + uint64_t GCMH0; > + uint64_t GCMH1; > + uint64_t GCMSCI; > +} AES128GCM_t, *AES128GCM_pt; > + > +/* AES128, (ECB, CBC, OFB, CTR, CFB), F9 - 48 bytes */ > +typedef struct AES128F9_s { > + uint64_t cipherKey0; > + uint64_t cipherKey1; > + uint64_t authKey0; > + uint64_t authKey1; > +} AES128F9_t, *AES128F9_pt; > + > +/* AES128, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1, SHA-128) - 16 bytes */ > +typedef struct AES128_s { > + uint64_t cipherKey0; > + uint64_t cipherKey1; > +} AES128_t, *AES128_pt; > + > +/* AES128, (OFB F8), Non-HMAC (MD5, SHA-1, SHA-256) - 32 bytes */ > +typedef struct AES128F8_s { > + uint64_t cipherKey0; > + uint64_t cipherKey1; > + uint64_t cipherKeyMask0; > + uint64_t cipherKeyMask1; > +} AES128F8_t, *AES128F8_pt; > + > +/* AES128, (OFB F8), HMAC (MD5, SHA-1, SHA-256) - 96 bytes */ > +typedef struct AES128F8HMAC_s { > + uint64_t cipherKey0; > > *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** >