svn commit: r198157 - in projects/mips/sys/dev/rmi: sec xlr
Robert Watson
rwatson at FreeBSD.org
Fri Oct 16 17:22:11 UTC 2009
On Thu, 15 Oct 2009, Randall Stewart wrote:
> Adds the untouched code from the RMI 6.4 stuff.
> This has a security device and the gig ethernet device.
> Note the 10gig device driver is yet missing.
I'm particularly interested in seeing this, past drops I've used have not had
support for the on-board 10gbps parts on the XLR.
Robert
>
> Added:
> projects/mips/sys/dev/rmi/sec/desc.h (contents, props changed)
> projects/mips/sys/dev/rmi/sec/rmilib.c
> projects/mips/sys/dev/rmi/sec/rmilib.h
> projects/mips/sys/dev/rmi/sec/rmisec.c
> projects/mips/sys/dev/rmi/sec/stats.h
> projects/mips/sys/dev/rmi/xlr/atx_cpld.h
> projects/mips/sys/dev/rmi/xlr/rge.c
> projects/mips/sys/dev/rmi/xlr/rge.h
> projects/mips/sys/dev/rmi/xlr/xgmac_mdio.h
>
> Added: projects/mips/sys/dev/rmi/sec/desc.h
> ==============================================================================
> --- /dev/null 00:00:00 1970 (empty, because file is newly added)
> +++ projects/mips/sys/dev/rmi/sec/desc.h Thu Oct 15 21:08:06 2009 (r198157)
> @@ -0,0 +1,3066 @@
> +/*-
> + * Copyright (c) 2003-2009 RMI Corporation
> + * All rights reserved.
> + *
> + * Redistribution and use in source and binary forms, with or without
> + * modification, are permitted provided that the following conditions
> + * are met:
> + * 1. Redistributions of source code must retain the above copyright
> + * notice, this list of conditions and the following disclaimer.
> + * 2. Redistributions in binary form must reproduce the above copyright
> + * notice, this list of conditions and the following disclaimer in the
> + * documentation and/or other materials provided with the distribution.
> + * 3. Neither the name of RMI Corporation, nor the names of its contributors,
> + * may be used to endorse or promote products derived from this software
> + * without specific prior written permission.
> + *
> + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
> + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
> + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
> + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
> + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
> + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
> + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
> + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
> + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
> + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
> + * SUCH DAMAGE.
> + *
> + * RMI_BSD */
> +#ifndef _DESC_H_
> +#define _DESC_H_
> +
> +
> +#define ONE_BIT 0x0000000000000001ULL
> +#define TWO_BITS 0x0000000000000003ULL
> +#define THREE_BITS 0x0000000000000007ULL
> +#define FOUR_BITS 0x000000000000000fULL
> +#define FIVE_BITS 0x000000000000001fULL
> +#define SIX_BITS 0x000000000000003fULL
> +#define SEVEN_BITS 0x000000000000007fULL
> +#define EIGHT_BITS 0x00000000000000ffULL
> +#define NINE_BITS 0x00000000000001ffULL
> +#define ELEVEN_BITS 0x00000000000007ffULL
> +#define TWELVE_BITS 0x0000000000000fffULL
> +#define FOURTEEN_BITS 0x0000000000003fffULL
> +#define TWENTYFOUR_BITS 0x0000000000ffffffULL
> +#define THIRTY_TWO_BITS 0x00000000ffffffffULL
> +#define THIRTY_FIVE_BITS 0x00000007ffffffffULL
> +#define FOURTY_BITS 0x000000ffffffffffULL
> +
> +#define MSG_IN_CTL_LEN_BASE 40
> +#define MSG_IN_CTL_ADDR_BASE 0
> +
> +#define GET_FIELD(word,field) \
> + ((word) & (field ## _MASK)) >> (field ## _LSB)
> +
> +#define FIELD_VALUE(field,value) (((value) & (field ## _BITS)) << (field ## _LSB))
> +
> +/*
> + * NOTE: this macro expects 'word' to be uninitialized (i.e. zeroed)
> + */
> +#define SET_FIELD(word,field,value) \
> + { (word) |= (((value) & (field ## _BITS)) << (field ## _LSB)); }
> +
> +/*
> + * This macro clears 'word', then sets the value
> + */
> +#define CLEAR_SET_FIELD(word,field,value) \
> + { (word) &= ~((field ## _BITS) << (field ## _LSB)); \
> + (word) |= (((value) & (field ## _BITS)) << (field ## _LSB)); }
> +
> +/*
> + * NOTE: May be used to build value specific mask
> + * (e.g. GEN_MASK(CTL_DSC_CPHR_3DES,CTL_DSC_CPHR_LSB)
> + */
> +#define GEN_MASK(bits,lsb) ((bits) << (lsb))
> +
> +
> +
> +
> +/*
> + * Security block data and control exchange
> + *
> + * A 2-word message ring descriptor is used to pass a pointer to the control descriptor data structure
> + * and a pointer to the packet descriptor data structure:
> + *
> + * 63 61 60 54 53 52 49 48 45 44 40
> + * 39 5 4 0
> + * ---------------------------------------------------------------------------------------------------------------------------------------------------------
> + * | Ctrl | Resp Dest Id Entry0 | IF_L2ALLOC | UNUSED | Control Length | UNUSED
> + * | 35 MSB of address of control descriptor data structure | Software Scratch0
> + * |
> + * ---------------------------------------------------------------------------------------------------------------------------------------------------------
> + * 3 7 1 4 4 5
> + * 35 5
> + *
> + * 63 61 60 54 53 52 51 50 46 45 44 40 39 5 4 0
> + * ---------------------------------------------------------------------------------------------------------------------------------------------------------
> + * | Ctrl | UNUSED | WRB_COH | WRB_L2ALLOC | DF_PTR_L2ALLOC | UNUSED | Data Length | UNUSED | 35 MSB of address of packet descriptor data structure | UNUSED |
> + * ---------------------------------------------------------------------------------------------------------------------------------------------------------
> + * 3 7 1 1 1 5 1 5 35 5
> + *
> + * Addresses assumed to be cache-line aligned, i.e., Address[4:0] ignored (using 5'h00 instead)
> + *
> + * Control length is the number of control cachelines to be read so user needs
> + * to round up
> + * the control length to closest integer multiple of 32 bytes. Note that at
> + * present (08/12/04)
> + * the longest (sensical) ctrl structure is <= 416 bytes, i.e., 13 cachelines.
> + *
> + * The packet descriptor data structure size is fixed at 1 cacheline (32 bytes).
> + * This effectively makes "Data Length" a Load/NoLoad bit. NoLoad causes an abort.
> + *
> + *
> + * Upon completion of operation, the security block returns a 2-word free descriptor
> + * in the following format:
> + *
> + * 63 61 60 54 53 52 51 49 48 47 40 39 0
> + * ----------------------------------------------------------------------------------------------------------------------------
> + * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | 1'b0 | Instruction Error | Address of control descriptor data structure |
> + * ----------------------------------------------------------------------------------------------------------------------------
> + * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | 1'b0 | Data Error | Address of packet descriptor data structure |
> + * ----------------------------------------------------------------------------------------------------------------------------
> + *
> + * The Instruction and Data Error codes are enumerated in the
> + * ControlDescriptor and PacketDescriptor sections below
> + *
> + */
> +
> +
> +/*
> + * Operating assumptions
> + * =====================
> + *
> + *
> + * -> For all IpSec ops, I assume that all the IP/IPSec/TCP headers
> + * and the data are present at the specified source addresses.
> + * I also assume that all necessary header data already exists
> + * at the destination. Additionally, in AH I assume that all
> + * mutable fields (IP.{TOS, Flags, Offset, TTL, Header_Checksum})
> + * and the AH.Authentication_Data have been zeroed by the client.
> + *
> + *
> + * -> In principle, the HW can calculate TCP checksums on both
> + * incoming and outgoing data; however, since the TCP header
> + * contains the TCP checksum of the plain payload and the header
> + * is encrypted, two passes would be necessary to do checksum + encryption
> + * for outgoing messages;
> + * therefore the checksum engine will likely only be used during decryption
> + * (incoming).
> + *
> + *
> + * -> For all operations involving TCP checksum, I assume the client has filled
> + * the TCP checksum field with the appropriate value:
> + *
> + * - 0 for generation phase
> + * - actual value for verification phase (expecting 0 result)
> + *
> + *
> + * -> For ESP tunnel, the original IP header exists between the end of the
> + * ESP header and the beginning of the TCP header; it is assumed that the
> + * maximum length of this header is 16 k(32bit)words (used in CkSum_Offset).
> + *
> + *
> + * -> The authentication data is merely written to the destination address;
> + * the client is left with the task of comparing to the data in packet
> + * in decrypt.
> + *
> + * -> PacketDescriptor_t.dstLLWMask relevant to AES CTR mode only but it will
> + * affect all AES-related operations. It will not affect DES/3DES/bypass ops.
> + * The mask is applied to data as it emerges from the AES engine for the sole
> + * purpose of providing the authenticator and cksum engines with correct data.
> + * CAVEAT: the HW does not mask the incoming data. It is the user's responsibility
> + * to set to 0 the corresponding data in memory. If the surplus data is not masked
> + * in memory, cksum/auth results will be incorrect if those engines receive data
> + * straight from memory (i.e., not from cipher, as it happens while decoding)
> + */
> +
> +/*
> + * Fragmentation and offset related notes
> + * ======================================
> + *
> + *
> + * A) Rebuilding packets from fragments on dword boundaries. The discussion
> + * below is exemplified by tests memcpy_all_off_frags and memcpy_same_off_frags
> + *
> + * 1) The Offset before data/iv on first fragment is ALWAYS written back
> + * Non-zero dst dword or global offsets may cause more data to be
> + * written than the user-specified length.
> + *
> + *
> + * Example:
> + * --------
> + *
> + * Below is a source (first fragment) packet (@ ADD0 cache-aligned address).
> + * Assume we just copy it and relevant data starts on
> + * dword 3 so Cipher_Offset = IV_Offset = 3 (dwords).
> + * D0X denotes relevant data and G denotes dont care data.
> + * Offset data is also copied so Packet_Legth = 9 (dwords) * 8 = 72 (bytes)
> + * Segment_src_address = ADD0
> + *
> + * If we want to, e.g., copy so that the relevant (i.e., D0X) data
> + * starts at (cache-aligned address) ADD1, we need to specify
> + * Dst_dword_offset = 1 so D00 is moved from dword position 3 to 0 on next cache-line
> + * Cipher_dst_address = ADD1 - 0x20 so D00 is written to ADD1
> + *
> + * Note that the security engine always writes full cachelines
> + * therefore, data written to dword0 0 of ADD1 (denoted w/ ?) is what the sec pipe
> + * write back buffer contained from previous op.
> + *
> + *
> + * SOURCE: DESTINATION:
> + * ------- ------------
> + *
> + * Segment_src_address = ADD0 Cipher_dst_address = ADD1 - 0x20
> + * Packet_Legth = 72 Dst_dword_offset = 1
> + * Cipher_Offset = 3
> + * IV_Offset = 3
> + * Use_IV = ANY
> + *
> + *
> + *
> + * 3 2 1 0 3 2 1 0
> + * ----------------------- -----------------------
> + * | D00 | G | G | G | <- ADD0 | G | G | G | ? | <- ADD1 - 0x20
> + * ----------------------- -----------------------
> + * | D04 | D03 | D02 | D01 | | D03 | D02 | D01 | D00 | <- ADD1
> + * ----------------------- -----------------------
> + * | | | | D05 | | | | D05 | D04 |
> + * ----------------------- -----------------------
> + *
> + * 2) On fragments following the first, IV_Offset is overloaded to mean data offset
> + * (number of dwords to skip from beginning of cacheline before starting processing)
> + * and Use_IV is overloaded to mean do writeback the offset (in the clear).
> + * These fields in combination with Dst_dword_offset allow packet fragments with
> + * arbitrary boundaries/lengthd to be reasembled.
> + *
> + *
> + * Example:
> + * --------
> + *
> + * Assume data above was first fragment of a packet we'd like to merge to
> + * (second) fragment below located at ADD2. The written data should follow
> + * the previous data without gaps or overwrites. To achieve this, one should
> + * assert the "Next" field on the previous fragment and use self-explanatory
> + * set of parameters below
> + *
> + *
> + * SOURCE: DESTINATION:
> + * ------- ------------
> + *
> + * Segment_src_address = ADD2 Cipher_dst_address = ADD1 + 0x20
> + * Packet_Legth = 104 Dst_dword_offset = 1
> + * IV_Offset = 1
> + * Use_IV = 0
> + *
> + *
> + *
> + * 3 2 1 0 3 2 1 0
> + * ----------------------- -----------------------
> + * | D12 | D11 | D10 | G | <- ADD2 | G | G | G | ? | <- ADD1 - 0x20
> + * ----------------------- -----------------------
> + * | D16 | D15 | D14 | D13 | | D03 | D02 | D01 | D00 | <- ADD1
> + * ----------------------- -----------------------
> + * | D1a | D19 | D18 | D17 | | D11 | D10 | D05 | D04 | <- ADD1 + 0x20
> + * ----------------------- -----------------------
> + * | | | | D1b | | D15 | D14 | D13 | D12 |
> + * ----------------------- -----------------------
> + * | D19 | D18 | D17 | D16 |
> + * -----------------------
> + * | | | D1b | D1a |
> + * -----------------------
> + *
> + * It is note-worthy that the merging can only be achieved if Use_IV is 0. Indeed, the security
> + * engine always writes full lines, therefore ADD1 + 0x20 will be re-written. Setting Use_IV to 0
> + * will allow the sec pipe write back buffer to preserve D04, D05 from previous frag and only
> + * receive D10, D11 thereby preserving the integrity of the previous data.
> + *
> + * 3) On fragments following the first, !UseIV in combination w/ Dst_dword_offset >= (4 - IV_Offset)
> + * will cause a wraparound of the write thus achieving all 16 possible (Initial_Location, Final_Location)
> + * combinations for the data.
> + *
> + *
> + * Example:
> + * --------
> + *
> + * Contiguously merging 2 data sets above with a third located at ADD3. If this is the last fragment,
> + * reset its Next bit.
> + *
> + *
> + * SOURCE: DESTINATION:
> + * ------- ------------
> + *
> + * Segment_src_address = ADD3 Cipher_dst_address = ADD1 + 0x80
> + * Packet_Legth = 152 Dst_dword_offset = 3
> + * IV_Offset = 3
> + * Use_IV = 0
> + *
> + *
> + *
> + * 3 2 1 0 3 2 1 0
> + * ----------------------- -----------------------
> + * | D20 | G | G | G | <- ADD2 | G | G | G | ? | <- ADD1 - 0x20
> + * ----------------------- -----------------------
> + * | D24 | D23 | D22 | D21 | | D03 | D02 | D01 | D00 | <- ADD1
> + * ----------------------- -----------------------
> + * | D28 | D27 | D26 | D25 | | D11 | D10 | D05 | D04 | <- ADD1 + 0x20
> + * ----------------------- -----------------------
> + * | D2c | D2b | D2a | D29 | | D15 | D14 | D13 | D12 |
> + * ----------------------- -----------------------
> + * | | D2f | D2e | D2d | | D19 | D18 | D17 | D16 |
> + * ----------------------- -----------------------
> + * | D21 | D20 | D1b | D1a | <- ADD1 + 0x80
> + * -----------------------
> + * | D25 | D24 | D23 | D22 |
> + * -----------------------
> + * | D29 | D28 | D27 | D26 |
> + * -----------------------
> + * | D2d | D2c | D2b | D2a |
> + * -----------------------
> + * |(D2d)|(D2c)| D2f | D2e |
> + * -----------------------
> + *
> + * It is worth noticing that always writing full-lines causes the last 2 dwords in the reconstituted
> + * packet to be unnecessarily written: (D2d) and (D2c)
> + *
> + *
> + *
> + * B) Implications of fragmentation on AES
> + *
> + * 1) AES is a 128 bit block cipher; therefore it requires an even dword total data length
> + * Data fragments (provided there are more than 1) are allowed to have odd dword
> + * data lengths provided the total length (cumulated over fragments) is an even dword
> + * count; an error will be generated otherwise, upon receiving the last fragment descriptor
> + * (see error conditions below).
> + *
> + * 2) While using fragments with AES, a fragment (other than first) starting with a != 0 (IV) offset
> + * while the subsequent total dword count given to AES is odd may not be required to write
> + * its offset (UseIV). Doing so will cause an error (see error conditions below).
> + *
> + *
> + * Example:
> + * --------
> + *
> + * Suppose the first fragment has an odd DATA dword count and USES AES (as seen below)
> + *
> + * SOURCE: DESTINATION:
> + * ------- ------------
> + *
> + * Segment_src_address = ADD0 Cipher_dst_address = ADD1
> + * Packet_Legth = 64 Dst_dword_offset = 1
> + * Cipher_Offset = 3
> + * IV_Offset = 1
> + * Use_IV = 1
> + * Cipher = Any AES
> + * Next = 1
> + *
> + *
> + *
> + *
> + * 3 2 1 0 3 2 1 0
> + * ----------------------- -----------------------
> + * | D00 | IV1 | IV0 | G | <- ADD0 | E00 | IV1 | IV0 | G | <- ADD1
> + * ----------------------- -----------------------
> + * | D04 | D03 | D02 | D01 | | X | E03 | E02 | E01 |
> + * ----------------------- -----------------------
> + *
> + * At the end of processing of the previous fragment, the AES engine input buffer has D04
> + * and waits for next dword, therefore the writeback buffer cannot finish writing the fragment
> + * to destination (X instead of E04).
> + *
> + * If a second fragment now arrives with a non-0 offset and requires the offset data to be
> + * written to destination, the previous write (still needing the arrival of the last dword
> + * required by the AES to complete the previous operation) cannot complete before the present
> + * should start causing a deadlock.
> + */
> +
> +/*
> + * Command Control Word for Message Ring Descriptor
> + */
> +
> +/* #define MSG_CMD_CTL_CTL */
> +#define MSG_CMD_CTL_CTL_LSB 61
> +#define MSG_CMD_CTL_CTL_BITS THREE_BITS
> +#define MSG_CMD_CTL_CTL_MASK (MSG_CMD_CTL_CTL_BITS << MSG_CMD_CTL_CTL_LSB)
> +
> +/* #define MSG_CMD_CTL_ID */
> +#define MSG_CMD_CTL_ID_LSB 54
> +#define MSG_CMD_CTL_ID_BITS SEVEN_BITS
> +#define MSG_CMD_CTL_ID_MASK (MSG_CMD_CTL_ID_BITS << MSG_CMD_CTL_ID_LSB)
> +
> +/* #define MSG_CMD_CTL_LEN */
> +#define MSG_CMD_CTL_LEN_LSB 45
> +#define MSG_CMD_CTL_LEN_BITS FOUR_BITS
> +#define MSG_CMD_CTL_LEN_MASK (MSG_CMD_CTL_LEN_BITS << MSG_CMD_CTL_LEN_LSB)
> +
> +
> +/* #define MSG_CMD_CTL_ADDR */
> +#define MSG_CMD_CTL_ADDR_LSB 0
> +#define MSG_CMD_CTL_ADDR_BITS FOURTY_BITS
> +#define MSG_CMD_CTL_ADDR_MASK (MSG_CMD_CTL_ADDR_BITS << MSG_CMD_CTL_ADDR_LSB)
> +
> +#define MSG_CMD_CTL_MASK (MSG_CMD_CTL_CTL_MASK | \
> + MSG_CMD_CTL_LEN_MASK | MSG_CMD_CTL_ADDR_MASK)
> +
> +/*
> + * Command Data Word for Message Ring Descriptor
> + */
> +
> +/* #define MSG_IN_DATA_CTL */
> +#define MSG_CMD_DATA_CTL_LSB 61
> +#define MSG_CMD_DATA_CTL_BITS THREE_BITS
> +#define MSG_CMD_DATA_CTL_MASK (MSG_CMD_DATA_CTL_BITS << MSG_CMD_DATA_CTL_LSB)
> +
> +/* #define MSG_CMD_DATA_LEN */
> +#define MSG_CMD_DATA_LEN_LOAD 1
> +#define MSG_CMD_DATA_LEN_LSB 45
> +#define MSG_CMD_DATA_LEN_BITS ONE_BIT
> +#define MSG_CMD_DATA_LEN_MASK (MSG_CMD_DATA_LEN_BITS << MSG_CMD_DATA_LEN_LSB)
> +
> +/* #define MSG_CMD_DATA_ADDR */
> +#define MSG_CMD_DATA_ADDR_LSB 0
> +#define MSG_CMD_DATA_ADDR_BITS FOURTY_BITS
> +#define MSG_CMD_DATA_ADDR_MASK (MSG_CMD_DATA_ADDR_BITS << MSG_CMD_DATA_ADDR_LSB)
> +
> +#define MSG_CMD_DATA_MASK (MSG_CMD_DATA_CTL_MASK | \
> + MSG_CMD_DATA_LEN_MASK | MSG_CMD_DATA_ADDR_MASK)
> +
> +
> +/*
> + * Upon completion of operation, the Sec block returns a 2-word free descriptor
> + * in the following format:
> + *
> + * 63 61 60 54 53 52 51 49 48 40 39 0
> + * ----------------------------------------------------------------------------
> + * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | Control Error | Source Address |
> + * ----------------------------------------------------------------------------
> + * | Ctrl | Destination Id | 2'b00 | Desc Ctrl | Data Error | Dest Address |
> + * ----------------------------------------------------------------------------
> + *
> + * The Control and Data Error codes are enumerated below
> + *
> + * Error conditions
> + * ================
> + *
> + * Control Error Code Control Error Condition
> + * ------------------ ---------------------------
> + * 9'h000 No Error
> + * 9'h001 Unknown Cipher Op ( Cipher == 3'h{6,7})
> + * 9'h002 Unknown or Illegal Mode ((Mode == 3'h{2,3,4} & !AES) | (Mode == 3'h{5,6,7}))
> + * 9'h004 Unsupported CkSum Src (CkSum_Src == 2'h{2,3} & CKSUM)
> + * 9'h008 Forbidden CFB Mask (AES & CFBMode & UseNewKeysCFBMask & CFBMask[7] & (| CFBMask[6:0]))
> + * 9'h010 Unknown Ctrl Op ((| Ctrl[63:37]) | (| Ctrl[15:14]))
> + * 9'h020 UNUSED
> + * 9'h040 UNUSED
> + * 9'h080 Data Read Error
> + * 9'h100 Descriptor Ctrl Field Error (D0.Ctrl != SOP || D1.Ctrl != EOP)
> + *
> + * Data Error Code Data Error Condition
> + * --------------- --------------------
> + * 9'h000 No Error
> + * 9'h001 Insufficient Data To Cipher (Packet_Length <= (Cipher_Offset or IV_Offset))
> + * 9'h002 Illegal IV Location ((Cipher_Offset < IV_Offset) | (Cipher_Offset <= IV_Offset & AES & ~CTR))
> + * 9'h004 Illegal Wordcount To AES (Packet_Length[3] != Cipher_Offset[0] & AES)
> + * 9'h008 Illegal Pad And ByteCount Spec (Hash_Byte_Count != 0 & !Pad_Hash)
> + * 9'h010 Insufficient Data To CkSum ({Packet_Length, 1'b0} <= CkSum_Offset)
> + * 9'h020 Unknown Data Op ((| dstLLWMask[63:60]) | (| dstLLWMask[57:40]) | (| authDst[63:40]) | (| ckSumDst[63:40]))
> + * 9'h040 Insufficient Data To Auth ({Packet_Length} <= Auth_Offset)
> + * 9'h080 Data Read Error
> + * 9'h100 UNUSED
> + */
> +
> +/*
> + * Result Control Word for Message Ring Descriptor
> + */
> +
> +/* #define MSG_RSLT_CTL_CTL */
> +#define MSG_RSLT_CTL_CTL_LSB 61
> +#define MSG_RSLT_CTL_CTL_BITS THREE_BITS
> +#define MSG_RSLT_CTL_CTL_MASK \
> + (MSG_RSLT_CTL_CTL_BITS << MSG_RSLT_CTL_CTL_LSB)
> +
> +/* #define MSG_RSLT_CTL_DST_ID */
> +#define MSG_RSLT_CTL_DST_ID_LSB 54
> +#define MSG_RSLT_CTL_DST_ID_BITS SEVEN_BITS
> +#define MSG_RSLT_CTL_DST_ID_MASK \
> + (MSG_RSLT_CTL_DST_ID_BITS << MSG_RSLT_CTL_DST_ID_LSB)
> +
> +/* #define MSG_RSLT_CTL_DSC_CTL */
> +#define MSG_RSLT_CTL_DSC_CTL_LSB 49
> +#define MSG_RSLT_CTL_DSC_CTL_BITS THREE_BITS
> +#define MSG_RSLT_CTL_DSC_CTL_MASK \
> + (MSG_RSLT_CTL_DSC_CTL_BITS << MSG_RSLT_CTL_DSC_CTL_LSB)
> +
> +/* #define MSG_RSLT_CTL_INST_ERR */
> +#define MSG_RSLT_CTL_INST_ERR_LSB 40
> +#define MSG_RSLT_CTL_INST_ERR_BITS NINE_BITS
> +#define MSG_RSLT_CTL_INST_ERR_MASK \
> + (MSG_RSLT_CTL_INST_ERR_BITS << MSG_RSLT_CTL_INST_ERR_LSB)
> +
> +/* #define MSG_RSLT_CTL_DSC_ADDR */
> +#define MSG_RSLT_CTL_DSC_ADDR_LSB 0
> +#define MSG_RSLT_CTL_DSC_ADDR_BITS FOURTY_BITS
> +#define MSG_RSLT_CTL_DSC_ADDR_MASK \
> + (MSG_RSLT_CTL_DSC_ADDR_BITS << MSG_RSLT_CTL_DSC_ADDR_LSB)
> +
> +/* #define MSG_RSLT_CTL_MASK */
> +#define MSG_RSLT_CTL_MASK \
> + (MSG_RSLT_CTL_CTRL_MASK | MSG_RSLT_CTL_DST_ID_MASK | \
> + MSG_RSLT_CTL_DSC_CTL_MASK | MSG_RSLT_CTL_INST_ERR_MASK | \
> + MSG_RSLT_CTL_DSC_ADDR_MASK)
> +
> +/*
> + * Result Data Word for Message Ring Descriptor
> + */
> +/* #define MSG_RSLT_DATA_CTL */
> +#define MSG_RSLT_DATA_CTL_LSB 61
> +#define MSG_RSLT_DATA_CTL_BITS THREE_BITS
> +#define MSG_RSLT_DATA_CTL_MASK \
> + (MSG_RSLT_DATA_CTL_BITS << MSG_RSLT_DATA_CTL_LSB)
> +
> +/* #define MSG_RSLT_DATA_DST_ID */
> +#define MSG_RSLT_DATA_DST_ID_LSB 54
> +#define MSG_RSLT_DATA_DST_ID_BITS SEVEN_BITS
> +#define MSG_RSLT_DATA_DST_ID_MASK \
> + (MSG_RSLT_DATA_DST_ID_BITS << MSG_RSLT_DATA_DST_ID_LSB)
> +
> +/* #define MSG_RSLT_DATA_DSC_CTL */
> +#define MSG_RSLT_DATA_DSC_CTL_LSB 49
> +#define MSG_RSLT_DATA_DSC_CTL_BITS THREE_BITS
> +#define MSG_RSLT_DATA_DSC_CTL_MASK \
> + (MSG_RSLT_DATA_DSC_CTL_BITS << MSG_RSLT_DATA_DSC_CTL_LSB)
> +
> +/* #define MSG_RSLT_DATA_INST_ERR */
> +#define MSG_RSLT_DATA_INST_ERR_LSB 40
> +#define MSG_RSLT_DATA_INST_ERR_BITS NINE_BITS
> +#define MSG_RSLT_DATA_INST_ERR_MASK \
> + (MSG_RSLT_DATA_INST_ERR_BITS << MSG_RSLT_DATA_INST_ERR_LSB)
> +
> +/* #define MSG_RSLT_DATA_DSC_ADDR */
> +#define MSG_RSLT_DATA_DSC_ADDR_LSB 0
> +#define MSG_RSLT_DATA_DSC_ADDR_BITS FOURTY_BITS
> +#define MSG_RSLT_DATA_DSC_ADDR_MASK \
> + (MSG_RSLT_DATA_DSC_ADDR_BITS << MSG_RSLT_DATA_DSC_ADDR_LSB)
> +
> +#define MSG_RSLT_DATA_MASK \
> + (MSG_RSLT_DATA_CTRL_MASK | MSG_RSLT_DATA_DST_ID_MASK | \
> + MSG_RSLT_DATA_DSC_CTL_MASK | MSG_RSLT_DATA_INST_ERR_MASK | \
> + MSG_RSLT_DATA_DSC_ADDR_MASK)
> +
> +
> +/*
> + * Common Message Definitions
> + *
> + */
> +
> +/* #define MSG_CTL_OP_ADDR */
> +#define MSG_CTL_OP_ADDR_LSB 0
> +#define MSG_CTL_OP_ADDR_BITS FOURTY_BITS
> +#define MSG_CTL_OP_ADDR_MASK (MSG_CTL_OP_ADDR_BITS << MSG_CTL_OP_ADDR_LSB)
> +
> +#define MSG_CTL_OP_TYPE
> +#define MSG_CTL_OP_TYPE_LSB 3
> +#define MSG_CTL_OP_TYPE_BITS TWO_BITS
> +#define MSG_CTL_OP_TYPE_MASK \
> + (MSG_CTL_OP_TYPE_BITS << MSG_CTL_OP_TYPE_LSB)
> +
> +#define MSG0_CTL_OP_ENGINE_SYMKEY 0x01
> +#define MSG0_CTL_OP_ENGINE_PUBKEY 0x02
> +
> +#define MSG1_CTL_OP_SYMKEY_PIPE0 0x00
> +#define MSG1_CTL_OP_SYMKEY_PIPE1 0x01
> +#define MSG1_CTL_OP_SYMKEY_PIPE2 0x02
> +#define MSG1_CTL_OP_SYMKEY_PIPE3 0x03
> +
> +#define MSG1_CTL_OP_PUBKEY_PIPE0 0x00
> +#define MSG1_CTL_OP_PUBKEY_PIPE1 0x01
> +#define MSG1_CTL_OP_PUBKEY_PIPE2 0x02
> +#define MSG1_CTL_OP_PUBKEY_PIPE3 0x03
> +
> +
> +/* /----------------------------------------\
> + * | |
> + * | ControlDescriptor_s datastructure |
> + * | |
> + * \----------------------------------------/
> + *
> + *
> + * ControlDescriptor_t.Instruction
> + * -------------------------------
> + *
> + * 63 44 43 42 41 40 39 35 34 32 31 29 28
> + * --------------------------------------------------------------------------------------------------------------------
> + * || UNUSED || OverrideCipher | Arc4Wait4Save | SaveArc4State | LoadArc4State | Arc4KeyLen | Cipher | Mode | InCp_Key || ... CONT ...
> + * --------------------------------------------------------------------------------------------------------------------
> + * 20 1 1 1 1 5 3 3 1
> + * <-----------------------------------------------CIPHER--------------------------------------------------->
> + *
> + * 27 25 24 23 22 21 20 19 17 16 15 0
> + * -----------------------------------------------------------------------------
> + * || UNUSED | Hash_Hi | HMAC | Hash_Lo | InHs_Key || UNUSED || CkSum || UNUSED ||
> + * -----------------------------------------------------------------------------
> + * 3 1 1 2 1 3 1 16
> + * <---------------------HASH---------------------><-----------CKSUM----------->
> + *
> + * X0 CIPHER.Arc4Wait4Save = If op is Arc4 and it requires state saving, then
> + * setting this bit will cause the current op to
> + * delay subsequent op loading until saved state data
> + * becomes visible.
> + * CIPHER.OverrideCipher = Override encryption if PacketDescriptor_t.dstDataSettings.CipherPrefix
> + * is set; data will be copied out (and optionally auth/cksum)
> + * in the clear. This is used in GCM mode if auth only as we
> + * still need E(K, 0) calculated by cipher. Engine behavior is
> + * undefined if this bit is set and CipherPrefix is not.
> + * X0 SaveArc4State = Save Arc4 state at the end of Arc4 operation
> + * X0 LoadArc4State = Load Arc4 state at the beginning of an Arc4 operation
> + * This overriden by the InCp_Key setting for Arc4
> + * Arc4KeyLen = Length in bytes of Arc4 key (0 is interpreted as 32)
> + * Ignored for other ciphers
> + * For ARC4, IFetch/IDecode will always read exactly 4
> + * consecutive dwords into its CipherKey{0,3} regardless
> + * of this quantity; it will however only use the specified
> + * number of bytes.
> + * Cipher = 3'b000 Bypass
> + * 3'b001 DES
> + * 3'b010 3DES
> + * 3'b011 AES 128-bit key
> + * 3'b100 AES 192-bit key
> + * 3'b101 AES 256-bit key
> + * 3'b110 ARC4
> + * 3'b111 Kasumi f8
> + * Remainder UNDEFINED
> + * Mode = 3'b000 ECB
> + * 3'b001 CBC
> + * 3'b010 CFB (AES only, otherwise undefined)
> + * 3'b011 OFB (AES only, otherwise undefined)
> + * 3'b100 CTR (AES only, otherwise undefined)
> + * 3'b101 F8 (AES only, otherwise undefined)
> + * Remainder UNDEFINED
> + * InCp_Key = 1'b0 Preserve old Cipher Keys
> + * 1'b1 Load new Cipher Keys from memory to local registers
> + * and recalculate the Arc4 Sbox if Arc4 Cipher chosen;
> + * This overrides LoadArc4State setting.
> + * HASH.HMAC = 1'b0 Hash without HMAC
> + * 1'b1 Hash with HMAC
> + * Needs to be set to 0 for GCM and Kasumi F9 authenticators
> + * otherwise unpredictable results will be generated
> + * Hash = 2'b00 Hash NOP
> + * 2'b01 MD5
> + * 2'b10 SHA-1
> + * 2'b11 SHA-256
> + * 3'b100 SHA-384
> + * 3'b101 SHA-512
> + * 3'b110 GCM
> + * 3'b111 Kasumi f9
> + * InHs_Key = 1'b0 Preserve old HMAC Keys
> + * If GCM is selected as authenticator, leaving this bit
> + * at 0 will cause the engine to use the old H value.
> + * It will use the old SCI inside the decoder if
> + * CFBMask[1:0] == 2'b11.
> + * If Kasumi F9 authenticator, using 0 preserves
> + * old keys (IK) in decoder.
> + * 1'b1 Load new HMAC Keys from memory to local registers
> + * Setting this bit while Cipher=Arc4 and LoadArc4State=1
> + * causes the decoder to load the Arc4 state from the
> + * cacheline following the HMAC keys (Whether HASH.HMAC
> + * is set or not).
> + * If GCM is selected as authenticator, setting this bit
> + * causes both H (16 bytes) and SCI (8 bytes) to be loaded
> + * from memory to the decoder. H will be loaded to the engine
> + * but SCI is only loaded to the engine if CFBMask[1:0] == 2'b11.
> + * If Kasumi F9 authenticator, using 1 loads new keys (IK)
> + * from memory to decoder.
> + * CHECKSUM.CkSum = 1'b0 CkSum NOP
> + * 1'b1 INTERNET_CHECKSUM
> + *
> + *
> + *
> + */
> +
> + /* #define CTRL_DSC_OVERRIDECIPHER */
> +#define CTL_DSC_OVERRIDECIPHER_OFF 0
> +#define CTL_DSC_OVERRIDECIPHER_ON 1
> +#define CTL_DSC_OVERRIDECIPHER_LSB 43
> +#define CTL_DSC_OVERRIDECIPHER_BITS ONE_BIT
> +#define CTL_DSC_OVERRIDECIPHER_MASK (CTL_DSC_OVERRIDECIPHER_BITS << CTL_DSC_OVERRIDECIPHER_LSB)
> +
> +/* #define CTRL_DSC_ARC4_WAIT4SAVE */
> +#define CTL_DSC_ARC4_WAIT4SAVE_OFF 0
> +#define CTL_DSC_ARC4_WAIT4SAVE_ON 1
> +#define CTL_DSC_ARC4_WAIT4SAVE_LSB 42
> +#define CTL_DSC_ARC4_WAIT4SAVE_BITS ONE_BIT
> +#define CTL_DSC_ARC4_WAIT4SAVE_MASK (CTL_DSC_ARC4_WAIT4SAVE_BITS << CTL_DSC_ARC4_WAIT4SAVE_LSB)
> +
> +/* #define CTRL_DSC_ARC4_SAVESTATE */
> +#define CTL_DSC_ARC4_SAVESTATE_OFF 0
> +#define CTL_DSC_ARC4_SAVESTATE_ON 1
> +#define CTL_DSC_ARC4_SAVESTATE_LSB 41
> +#define CTL_DSC_ARC4_SAVESTATE_BITS ONE_BIT
> +#define CTL_DSC_ARC4_SAVESTATE_MASK (CTL_DSC_ARC4_SAVESTATE_BITS << CTL_DSC_ARC4_SAVESTATE_LSB)
> +
> +/* #define CTRL_DSC_ARC4_LOADSTATE */
> +#define CTL_DSC_ARC4_LOADSTATE_OFF 0
> +#define CTL_DSC_ARC4_LOADSTATE_ON 1
> +#define CTL_DSC_ARC4_LOADSTATE_LSB 40
> +#define CTL_DSC_ARC4_LOADSTATE_BITS ONE_BIT
> +#define CTL_DSC_ARC4_LOADSTATE_MASK (CTL_DSC_ARC4_LOADSTATE_BITS << CTL_DSC_ARC4_LOADSTATE_LSB)
> +
> +/* #define CTRL_DSC_ARC4_KEYLEN */
> +#define CTL_DSC_ARC4_KEYLEN_LSB 35
> +#define CTL_DSC_ARC4_KEYLEN_BITS FIVE_BITS
> +#define CTL_DSC_ARC4_KEYLEN_MASK (CTL_DSC_ARC4_KEYLEN_BITS << CTL_DSC_ARC4_KEYLEN_LSB)
> +
> +/* #define CTL_DSC_CPHR (cipher) */
> +#define CTL_DSC_CPHR_BYPASS 0 /* undefined */
> +#define CTL_DSC_CPHR_DES 1
> +#define CTL_DSC_CPHR_3DES 2
> +#define CTL_DSC_CPHR_AES128 3
> +#define CTL_DSC_CPHR_AES192 4
> +#define CTL_DSC_CPHR_AES256 5
> +#define CTL_DSC_CPHR_ARC4 6
> +#define CTL_DSC_CPHR_KASUMI_F8 7
> +#define CTL_DSC_CPHR_LSB 32
> +#define CTL_DSC_CPHR_BITS THREE_BITS
> +#define CTL_DSC_CPHR_MASK (CTL_DSC_CPHR_BITS << CTL_DSC_CPHR_LSB)
> +
> +/* #define CTL_DSC_MODE */
> +#define CTL_DSC_MODE_ECB 0
> +#define CTL_DSC_MODE_CBC 1
> +#define CTL_DSC_MODE_CFB 2
> +#define CTL_DSC_MODE_OFB 3
> +#define CTL_DSC_MODE_CTR 4
> +#define CTL_DSC_MODE_F8 5
> +#define CTL_DSC_MODE_LSB 29
> +#define CTL_DSC_MODE_BITS THREE_BITS
> +#define CTL_DSC_MODE_MASK (CTL_DSC_MODE_BITS << CTL_DSC_MODE_LSB)
> +
> +/* #define CTL_DSC_ICPHR */
> +#define CTL_DSC_ICPHR_OKY 0 /* Old Keys */
> +#define CTL_DSC_ICPHR_NKY 1 /* New Keys */
> +#define CTL_DSC_ICPHR_LSB 28
> +#define CTL_DSC_ICPHR_BITS ONE_BIT
> +#define CTL_DSC_ICPHR_MASK (CTL_DSC_ICPHR_BITS << CTL_DSC_ICPHR_LSB)
> +
> +/* #define CTL_DSC_HASHHI */
> +#define CTL_DSC_HASHHI_LSB 24
> +#define CTL_DSC_HASHHI_BITS ONE_BIT
> +#define CTL_DSC_HASHHI_MASK (CTL_DSC_HASHHI_BITS << CTL_DSC_HASHHI_LSB)
> +
> +/* #define CTL_DSC_HMAC */
> +#define CTL_DSC_HMAC_OFF 0
> +#define CTL_DSC_HMAC_ON 1
> +#define CTL_DSC_HMAC_LSB 23
> +#define CTL_DSC_HMAC_BITS ONE_BIT
> +#define CTL_DSC_HMAC_MASK (CTL_DSC_HMAC_BITS << CTL_DSC_HMAC_LSB)
> +
> +/* #define CTL_DSC_HASH */
> +#define CTL_DSC_HASH_NOP 0
> +#define CTL_DSC_HASH_MD5 1
> +#define CTL_DSC_HASH_SHA1 2
> +#define CTL_DSC_HASH_SHA256 3
> +#define CTL_DSC_HASH_SHA384 4
> +#define CTL_DSC_HASH_SHA512 5
> +#define CTL_DSC_HASH_GCM 6
> +#define CTL_DSC_HASH_KASUMI_F9 7
> +#define CTL_DSC_HASH_LSB 21
> +#define CTL_DSC_HASH_BITS TWO_BITS
> +#define CTL_DSC_HASH_MASK (CTL_DSC_HASH_BITS << CTL_DSC_HASH_LSB)
> +
> +/* #define CTL_DSC_IHASH */
> +#define CTL_DSC_IHASH_OLD 0
> +#define CTL_DSC_IHASH_NEW 1
> +#define CTL_DSC_IHASH_LSB 20
> +#define CTL_DSC_IHASH_BITS ONE_BIT
> +#define CTL_DSC_IHASH_MASK (CTL_DSC_IHASH_BITS << CTL_DSC_IHASH_LSB)
> +
> +/* #define CTL_DSC_CKSUM */
> +#define CTL_DSC_CKSUM_NOP 0
> +#define CTL_DSC_CKSUM_IP 1
> +#define CTL_DSC_CKSUM_LSB 16
> +#define CTL_DSC_CKSUM_BITS ONE_BIT
> +#define CTL_DSC_CKSUM_MASK (CTL_DSC_CKSUM_BITS << CTL_DSC_CKSUM_LSB)
> +
> +
> +/*
> + * Component strcts and unions defining CipherHashInfo_u
> + */
> +
> +/* AES256, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1, SHA-256) - 96 bytes */
> +typedef struct AES256HMAC_s {
> + uint64_t cipherKey0;
> + uint64_t cipherKey1;
> + uint64_t cipherKey2;
> + uint64_t cipherKey3;
> + uint64_t hmacKey0;
> + uint64_t hmacKey1;
> + uint64_t hmacKey2;
> + uint64_t hmacKey3;
> + uint64_t hmacKey4;
> + uint64_t hmacKey5;
> + uint64_t hmacKey6;
> + uint64_t hmacKey7;
> +} AES256HMAC_t, *AES256HMAC_pt;
> +
> +/* AES256, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-512) - 160 bytes */
> +typedef struct AES256HMAC2_s {
> + uint64_t cipherKey0;
> + uint64_t cipherKey1;
> + uint64_t cipherKey2;
> + uint64_t cipherKey3;
> + uint64_t hmacKey0;
> + uint64_t hmacKey1;
> + uint64_t hmacKey2;
> + uint64_t hmacKey3;
> + uint64_t hmacKey4;
> + uint64_t hmacKey5;
> + uint64_t hmacKey6;
> + uint64_t hmacKey7;
> + uint64_t hmacKey8;
> + uint64_t hmacKey9;
> + uint64_t hmacKey10;
> + uint64_t hmacKey11;
> + uint64_t hmacKey12;
> + uint64_t hmacKey13;
> + uint64_t hmacKey14;
> + uint64_t hmacKey15;
> +} AES256HMAC2_t, *AES256HMAC2_pt;
> +
> +/* AES256, (ECB, CBC, OFB, CTR, CFB), GCM - 56 bytes */
> +typedef struct AES256GCM_s {
> + uint64_t cipherKey0;
> + uint64_t cipherKey1;
> + uint64_t cipherKey2;
> + uint64_t cipherKey3;
> + uint64_t GCMH0;
> + uint64_t GCMH1;
> + uint64_t GCMSCI;
> +} AES256GCM_t, *AES256GCM_pt;
> +
> +/* AES256, (ECB, CBC, OFB, CTR, CFB), F9 - 56 bytes */
> +typedef struct AES256F9_s {
> + uint64_t cipherKey0;
> + uint64_t cipherKey1;
> + uint64_t cipherKey2;
> + uint64_t cipherKey3;
> + uint64_t authKey0;
> + uint64_t authKey1;
> +} AES256F9_t, *AES256F9_pt;
> +
> +/* AES256, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1, SHA-256) - 32 bytes */
> +typedef struct AES256_s {
> + uint64_t cipherKey0;
> + uint64_t cipherKey1;
> + uint64_t cipherKey2;
> + uint64_t cipherKey3;
> +} AES256_t, *AES256_pt;
> +
> +
> +/* All AES192 possibilities */
> +
> +/* AES192, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1, SHA-192) - 88 bytes */
> +typedef struct AES192HMAC_s {
> + uint64_t cipherKey0;
> + uint64_t cipherKey1;
> + uint64_t cipherKey2;
> + uint64_t hmacKey0;
> + uint64_t hmacKey1;
> + uint64_t hmacKey2;
> + uint64_t hmacKey3;
> + uint64_t hmacKey4;
> + uint64_t hmacKey5;
> + uint64_t hmacKey6;
> + uint64_t hmacKey7;
> +} AES192HMAC_t, *AES192HMAC_pt;
> +
> +/* AES192, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-512) - 152 bytes */
> +typedef struct AES192HMAC2_s {
> + uint64_t cipherKey0;
> + uint64_t cipherKey1;
> + uint64_t cipherKey2;
> + uint64_t hmacKey0;
> + uint64_t hmacKey1;
> + uint64_t hmacKey2;
> + uint64_t hmacKey3;
> + uint64_t hmacKey4;
> + uint64_t hmacKey5;
> + uint64_t hmacKey6;
> + uint64_t hmacKey7;
> + uint64_t hmacKey8;
> + uint64_t hmacKey9;
> + uint64_t hmacKey10;
> + uint64_t hmacKey11;
> + uint64_t hmacKey12;
> + uint64_t hmacKey13;
> + uint64_t hmacKey14;
> + uint64_t hmacKey15;
> +} AES192HMAC2_t, *AES192HMAC2_pt;
> +
> +/* AES192, (ECB, CBC, OFB, CTR, CFB), GCM - 48 bytes */
> +typedef struct AES192GCM_s {
> + uint64_t cipherKey0;
> + uint64_t cipherKey1;
> + uint64_t cipherKey2;
> + uint64_t GCMH0;
> + uint64_t GCMH1;
> + uint64_t GCMSCI;
> +} AES192GCM_t, *AES192GCM_pt;
> +
> +/* AES192, (ECB, CBC, OFB, CTR, CFB), F9 - 48 bytes */
> +typedef struct AES192F9_s {
> + uint64_t cipherKey0;
> + uint64_t cipherKey1;
> + uint64_t cipherKey2;
> + uint64_t authKey0;
> + uint64_t authKey1;
> +} AES192F9_t, *AES192F9_pt;
> +
> +/* AES192, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1, SHA-192) - 24 bytes */
> +typedef struct AES192_s {
> + uint64_t cipherKey0;
> + uint64_t cipherKey1;
> + uint64_t cipherKey2;
> +} AES192_t, *AES192_pt;
> +
> +
> +/* All AES128 possibilities */
> +
> +/* AES128, (ECB, CBC, OFB, CTR, CFB), HMAC (MD5, SHA-1, SHA-128) - 80 bytes */
> +typedef struct AES128HMAC_s {
> + uint64_t cipherKey0;
> + uint64_t cipherKey1;
> + uint64_t hmacKey0;
> + uint64_t hmacKey1;
> + uint64_t hmacKey2;
> + uint64_t hmacKey3;
> + uint64_t hmacKey4;
> + uint64_t hmacKey5;
> + uint64_t hmacKey6;
> + uint64_t hmacKey7;
> +} AES128HMAC_t, *AES128HMAC_pt;
> +
> +/* AES128, (ECB, CBC, OFB, CTR, CFB), HMAC (SHA-384, SHA-612) - 144 bytes */
> +typedef struct AES128HMAC2_s {
> + uint64_t cipherKey0;
> + uint64_t cipherKey1;
> + uint64_t hmacKey0;
> + uint64_t hmacKey1;
> + uint64_t hmacKey2;
> + uint64_t hmacKey3;
> + uint64_t hmacKey4;
> + uint64_t hmacKey5;
> + uint64_t hmacKey6;
> + uint64_t hmacKey7;
> + uint64_t hmacKey8;
> + uint64_t hmacKey9;
> + uint64_t hmacKey10;
> + uint64_t hmacKey11;
> + uint64_t hmacKey12;
> + uint64_t hmacKey13;
> + uint64_t hmacKey14;
> + uint64_t hmacKey15;
> +} AES128HMAC2_t, *AES128HMAC2_pt;
> +
> +/* AES128, (ECB, CBC, OFB, CTR, CFB), GCM - 40 bytes */
> +typedef struct AES128GCM_s {
> + uint64_t cipherKey0;
> + uint64_t cipherKey1;
> + uint64_t GCMH0;
> + uint64_t GCMH1;
> + uint64_t GCMSCI;
> +} AES128GCM_t, *AES128GCM_pt;
> +
> +/* AES128, (ECB, CBC, OFB, CTR, CFB), F9 - 48 bytes */
> +typedef struct AES128F9_s {
> + uint64_t cipherKey0;
> + uint64_t cipherKey1;
> + uint64_t authKey0;
> + uint64_t authKey1;
> +} AES128F9_t, *AES128F9_pt;
> +
> +/* AES128, (ECB, CBC, OFB, CTR, CFB), Non-HMAC (MD5, SHA-1, SHA-128) - 16 bytes */
> +typedef struct AES128_s {
> + uint64_t cipherKey0;
> + uint64_t cipherKey1;
> +} AES128_t, *AES128_pt;
> +
> +/* AES128, (OFB F8), Non-HMAC (MD5, SHA-1, SHA-256) - 32 bytes */
> +typedef struct AES128F8_s {
> + uint64_t cipherKey0;
> + uint64_t cipherKey1;
> + uint64_t cipherKeyMask0;
> + uint64_t cipherKeyMask1;
> +} AES128F8_t, *AES128F8_pt;
> +
> +/* AES128, (OFB F8), HMAC (MD5, SHA-1, SHA-256) - 96 bytes */
> +typedef struct AES128F8HMAC_s {
> + uint64_t cipherKey0;
>
> *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
>
More information about the svn-src-projects
mailing list