manualshive.com logo in svg

Freescale Semiconductor SEC 2.0, User Manual

The Freescale Semiconductor SEC 2.0 user manual is available for free download on our website. This comprehensive manual provides detailed instructions on how to set up and operate the SEC 2.0, ensuring a smooth and efficient user experience. Download it now from manualshive.com for hassle-free access.

Share
Download
background image

SEC 2.0 Reference Device Driver User’s Guide, Rev. 0

Freescale Semiconductor

PRELIMINARY—SUBJECT TO CHANGE WITHOUT NOTICE

5

User Interface

2.1.5 Deferred Service Routine

The 

ProcessingComplete()

 routine completes the request outside of the interrupt service routine, and runs in a 

non-ISR context. This routine depends on the 

IsrMsgQId

 queue and processes messages written to the queue by 

the interrupt service routine. This function will determine which request is complete, and notify the calling task 
using any handler specified by that calling task. It will then check the remaining content of the process request 
queue, and schedule any queued requests.

3

User Interface

3.1 Application Interface

In order to make a request of the SEC2 device, the calling application populates a request structure with information 
describing the request. These structures are described in 

Section 4, “Individual Request Type Descriptions,”

 and 

include items such as operation ID, channel, callback routines (success and error), and data.

Once the request is prepared, the application calls 

ioctl()

 with the prepared request. This function is a standard 

system call used by operating system I/O subsystems to implement special-purpose functions. It typically follows 
the format:

int ioctl(int fd, /* file descriptor */

          int function, /* function code */

          int arg /* arbitrary argument (driver dependent) */

The function code (second argument) is defined as the I/O control code. This code will specify the driver-specific 
operation to be performed by the device in question. The third argument is the pointer to the SEC2 user request

 

structure which contains information needed by the driver to perform the function requested.

The following is a list of guidelines to be followed by the end-user application when preparing a request structure:

The first member of every request structure is an operation ID (

opID

). The operation ID is used by the 

device driver to determine the format of the request structure. 

While all requests have a “

channel

” member, it's presence is a holdover from earlier variations of the 

security engine. For SEC2, it no longer has a valid use, and is retained solely to maintaining request 
compatibility for applications written for older security engines. 

All process request structures have a 

status

 member. This value is filled in by the device driver when the 

interrupt for the operation occurs and it reflects the status of the operation as indicated by the interrupt. The 
valid values for this status member are 

DONE

 (normal status) or 

ERROR

 (error status). 

All process request structures have two notify members, 

notify

 and 

notify_on_error

. These notify 

members can be used by the device driver to notify the application when its request has been completed. 
They may be the same function, or different, as required by the caller's operational requirements. 

All process request structures have a 

next

 request member. This allows the application to chain multiple 

process requests together. 

It is the application's choice to use a notifier function or to poll the status member. 

Summary of Contents for SEC 2.0

Page 1: ...5 and LinuxPPC using kernel version 2 4 27 Application interfaces to this driver are implemented through the ioctl function call Requests made through this interface can be broken down into specific c...

Page 2: ...tor This term is synonymous with AFEU in the MPC18x User s Manual and other documentation APAD Autopad The MDHA will automatically pad incomplete message blocks out to 512 bits when APAD is enabled AR...

Page 3: ...ext RDK Restore decrypt key An AESA option to re use an existing expanded AES decryption key RNGA Random number generator accelerator SDES Single DES TEA Transfer error acknowledge TDES Triple DES VxW...

Page 4: ...k 2 1 2 Request Dispatch Routine The request dispatch routine provides the ioctl interface to the device driver It uses the callers request code to identify which function is to execute and dispatches...

Page 5: ...code This code will specify the driver specific operation to be performed by the device in question The third argument is the pointer to the SEC2 user request structure which contains information need...

Page 6: ...ctl function and the second one after the completion of the request The second level is possible only if the request was done with at least the notify_on_error member of the user request structure If...

Page 7: ...ber of channels implemented in the SEC2 device If not specified it will be set to a value of 4 as a default Table 2 Second and Third Arguments in the ioctl Function I O Control Code Second Argument in...

Page 8: ...UM_DESAS Number of DES CHAs NUM_MDHAS Number of MD CHAs NUM_RNGAS Number of RNG CHAs NUM_PKHAS Number of PK CHAs NUM_AESAS Number of AESA CHAs Table 4 Request Operation ID Mask Define Description Valu...

Page 9: ...nel memory free failed 0xE004FFEE SEC2_PARITY_SYSTEM_ERROR Parity Error detected on the bus 0xE004FFED SEC2_INCOMPLETE_POINTER Error due to partial pointer 0xE004FFEC SEC2_TEA_ERROR A transfer error h...

Page 10: ...nsigned long ChannelStatusRegister NUM_CHANNELS 2 unsigned long ChannelConfigurationRegister NUM_CHANNELS 2 unsigned long CHAInterruptStatusRegister NUM_CHAS 2 unsigned long QueueEntryDepth unsigned l...

Page 11: ...f cryptographic operation see Section 4 Individual Request Type Descriptions for all supported request types scatterBufs A bitmask that specifies which of the argued buffers are mapped through a scatt...

Page 12: ...nstructs the driver cannot be designed with specific knowledge of one particular mapping method Therefore a generic memory fragment definition structure EXT_SCATTER_ELEMENT is defined for this purpose...

Page 13: ...en mark the necessary bit in scatterBufs that defines this buffer for this specific request type 3 3 7 3 Direct Scatter Gather Usage Example In order to make this usage clear an example is presented A...

Page 14: ...DES Requests 4 2 1 DES_CBC_CRYPT_REQ COMMON_REQ_PREAMBLE unsigned long inIvBytes 0 or 8 bytes unsigned char inIvData unsigned long keyBytes 8 16 or 24 bytes unsigned char keyData unsigned long inByte...

Page 15: ...escriptors opId Descriptors Value Function Description DPD_SDES_CBC_CTX_ENCRYPT 0x2500 Load encrypted context from a dynamic channel to encrypt in single DES using CBC mode DPD_SDES_CBC_CTX_DECRYPT 0x...

Page 16: ...LE unsigned long keyBytes unsigned char keyData unsigned long inBytes unsigned char inData unsigned char outData output length input length unsigned long outCtxBytes 257 bytes unsigned char outCtxData...

Page 17: ...TX_HASH_PAD_ULCTX_GROUP 0x4500 defines the group for all descriptors within this request Table 11 HASH_REQ Valid Descriptors 0x4400 opId Descriptors Value Function Description DPD_SHA256_LDCTX_HASH_UL...

Page 18: ...iption DPD_SHA256_LDCTX_HASH_PAD_ULCTX 0x4500 Compute digest with pre padded data using an SHA 256 hash algorithm then store the resulting context DPD_MD5_LDCTX_HASH_PAD_ULCTX 0x4501 Compute digest wi...

Page 19: ...or all descriptors within this request Table 13 HMAC_PAD_REQ Valid Descriptors opId Descriptors Value Function Description DPD_SHA256_LDCTX_HMAC_ULCTX 0x4A00 Load context then use an SHA 256 hash algo...

Page 20: ...ptors opId Descriptors Value Function Description DPD_AESA_CBC_ENCRYPT_CRYPT 0x6000 Perform encryption in AESA using CBC mode DPD_AESA_CBC_DECRYPT_CRYPT 0x6001 Perform decryption in AESA using CBC mod...

Page 21: ...s the group for all descriptors within this request 4 7 3 MOD_R2MODN_REQ COMMON_REQ_PREAMBLE unsigned long modBytes unsigned char modData unsigned long outBytes unsigned char outData NUM_MM_R2MODN_DES...

Page 22: ...DP_ULCTX_GROUP 0x5300 defines the group for all descriptors within this request 4 7 5 MOD_2OP_REQ unsigned long bDataBytes unsigned char bData unsigned long aDataBytes unsigned char aData unsigned lon...

Page 23: ...lar A3 to B0 MUL1 operation DPD_POLY_LDCTX_A3_B0_MUL2_ULCTX 0x540E Perform a modular A3 to B0 MUL2 operation DPD_POLY_LDCTX_A3_B0_ADD_ULCTX 0x540F Perform a modular A3 to B0 ADD operation DPD_POLY_LDC...

Page 24: ...operation DPD_POLY_LDCTX_A3_B2_ADD_ULCTX 0x5427 Perform a modular A3 to B2 ADD operation DPD_POLY_LDCTX_A0_B3_MUL1_ULCTX 0x5428 Perform a modular A0 to B3 MUL1 operation DPD_POLY_LDCTX_A0_B3_MUL2_ULC...

Page 25: ...nsigned char modData unsigned long outBytes unsigned char outData NUM_EC_2OP_DESC defines the number of descriptors within the DPD_EC_2OP_GROUP that use this request Table 20 ECC_POINT_REQ Valid Descr...

Page 26: ...gned long b1DataBytes unsigned char b1Data unsigned long buildDataBytes unsigned char buildData NUM_EC_SPKBUILD_DESC defines the number of descriptors within the DPD_EC_SPKBUILD_GROUP that use this re...

Page 27: ...1DataBytes unsigned char b2Data unsigned long b2DataBytes unsigned char b2Data unsigned long b3DataBytes unsigned char b3Data 4 9 IPSec Requests 4 9 1 IPSEC_CBC_REQ COMMON_REQ_PREAMBLE unsigned long h...

Page 28: ...S using CBC mode with SHA 256 padding DPD_IPSEC_CBC_SDES_DECRYPT_MD5_PAD 0x7003 Perform the IPSec process of decrypting in single DES using CBC mode with MD5 padding DPD_IPSEC_CBC_SDES_DECRYPT_SHA_PAD...

Page 29: ...7100 Perform the IPSec process of encrypting in single DES using ECB mode with MD5 padding DPD_IPSEC_ECB_SDES_ENCRYPT_SHA_PAD 0x7101 Perform the IPSec process of encrypting in single DES using ECB mod...

Page 30: ...ec process of encrypting in triple DES using ECB mode with SHA 256 padding DPD_IPSEC_ECB_TDES_DECRYPT_MD5_PAD 0x7109 Perform the IPSec process of decrypting in triple DES using ECB mode with MD5 paddi...

Page 31: ..._ENCRYPT_SHA 0x8004 Perform the IPSec process of encrypting in AES using CBC mode with SHA 1 DPD_IPSEC_AES_CBC_ENCRYPT_SHA256 0x8005 Perform the IPSec process of encrypting in AES using CBC mode with...

Page 32: ...AES using ECB mode with SHA 256 auto padding DPD_IPSEC_AES_ECB_ENCRYPT_MD5 0x8103 Perform the IPSec process of encrypting in AES using ECB mode with MD5 DPD_IPSEC_AES_ECB_ENCRYPT_SHA 0x8104 Perform t...

Page 33: ...cket using single DES in ECB mode and SHA256 with auto padding DPD_IPSEC_ESP_IN_SDES_ECB_DCRPT_MD5_PAD 0x7503 Process an inbound IPSec encapsulated system payload packet using single DES in ECB mode a...

Page 34: ...HA_PAD 0x7510 Process an inbound IPSec encapsulated system payload packet using triple DES in CBC mode and SHA1 with auto padding DPD_IPSEC_ESP_IN_TDES_CBC_DCRPT_SHA256_ PAD 0x7511 Process an inbound...

Page 35: ...ryptDataBytes unsigned char cryptDataOut unsigned long MICBytes unsigned char MICData NUM_CCMP_DESC defines the number of descriptors within the DPD_CCMP_GROUP that use this request DPD_CCMP_GROUP 0x6...

Page 36: ...use this request DPD_SRTP_GROUP 0x8500 defines the group for all descriptors within this request 5 Sample Code The following sections provide sample codes for DES and IPSec 5 1 DES Sample define the U...

Page 37: ...a pointer to data desencReq outData desEncResult pointer to results desencReq nextReq 0 no descriptor chained call the driver status Ioctl device IOCTL_PROC_REQ desencReq First Level Error Checking if...

Page 38: ...InDataBytes 8 length of data to be hashed only ipsecReq hashInData PlainText pointer to data to be hashed only ipsecReq inDataBytes packet_length 8 length of data to be hashed and encrypted ipsecReq i...

Page 39: ...s a char device in the target system As shipped the driver assumes that the device major number will be assigned dynamically and that the minor number will always be zero since only one instance of th...

Page 40: ...ference between the two operations Building the example testing application with __KERNEL__ on building a kernel mode test shows the installation and usage of standard completion callbacks and a mutex...

Page 41: ...itialization the driver calls a specialized function name sysGetPeripheralBase which returns a pointer to the base location of the peripheral device block in the processor often defined by the CCSBAR...

Page 42: ...ock semaphores IOInitSemaphores The ISR message queue IOInitQs Driver service function registration with the operating system IORegisterDriver ISR connection disconnection IOConnectInterrupt 8 3 Inter...

Page 43: ...locations consistent with the file location conventions appropriate for their system configuration DBGTXT_SETRQ Messages from request setup operations new requests inbound from the application DBGTXT...

Page 44: ...to the body or other applications intended to support or sustain life or for any other application in which the failure of the Freescale Semiconductor product could create a situation where personal i...

Reviews:

No comments

Related manuals for SEC 2.0

Red Hat NETWORK SATELLITE SERVER 4.0.5 Installation Manual preview
NETWORK SATELLITE SERVER 4.0.5
Brand: Red Hat Pages: 82
deXlan TV Expert User Manual preview
TV Expert
Brand: deXlan Pages: 17
Juniper BXOS 4.1 R2 Release Note preview
BXOS 4.1 R2
Brand: Juniper Pages: 24
Juniper JUNOS OS 10.3 - SOFTWARE Manual preview
JUNOS OS 10.3 - SOFTWARE
Brand: Juniper Pages: 3946
Konica Minolta Crown Print Monitor+ Administrator'S Manual preview
Crown Print Monitor+
Brand: Konica Minolta Pages: 28
AVG LINKSCANNER User Manual preview
LINKSCANNER
Brand: AVG Pages: 47
SimpleTech SimpleDrive SP-U25/120 Quick Start Manual preview
SimpleDrive SP-U25/120
Brand: SimpleTech Pages: 8
Draytek Smart Monitor User Manual preview
Smart Monitor
Brand: Draytek Pages: 73
Nikon Digital Cameras Reference Manual preview
Digital Cameras
Brand: Nikon Pages: 51
FieldServer FS-8700-41 Driver Manual preview
FS-8700-41
Brand: FieldServer Pages: 48
Autodesk AUTOCAD ARCHITECTURE Brochure preview
AUTOCAD ARCHITECTURE
Brand: Autodesk Pages: 4
DigiDesign Synchronic Manual preview
Synchronic
Brand: DigiDesign Pages: 68
Mackie DIGITAL XBUS - SOFTWARE Installation Manual preview
DIGITAL XBUS - SOFTWARE
Brand: Mackie Pages: 8
MACROMEDIA BREEZE 5-MANAGER Manual preview
BREEZE 5-MANAGER
Brand: MACROMEDIA Pages: 306
Native Instruments Skanner User Manual preview
Skanner
Brand: Native Instruments Pages: 55
KAPERSKY ANTI-VIRUS 5.5 - FOR MICROSOFT EXCHANGE SERVER... Administrator'S Manual preview
ANTI-VIRUS 5.5 - FOR MICROSOFT EXCHANGE SERVER...
Brand: KAPERSKY Pages: 143
IBM ZVSE ROADMAP Manual preview
ZVSE ROADMAP
Brand: IBM Pages: 38
Quantum GoVault 40GB Software Manual preview
GoVault 40GB
Brand: Quantum Pages: 142

Brands by name

Popular brands

Load more brands