Motorola DigitalDNA MPC180E страница 58 Скачать руководство пользователя | Manualshive

Страница: 58 / 112

background image

7-8

MPC180E Security Processor User’s Manual

PRELIMINARY—SUBJECT TO CHANGE WITHOUT NOTICE

ECC Routines

7.3 ECC Routines

7.3.1 ECC F

p

Point Multiply

The PKEU performs the Elliptic Curve point multiply function which is the highest level
of ECC abstraction supported by the device. It is the intention that the host processor use
the PKEU in such a way as to support ECC schemes defined in IEEE P1363 (and other ECC
standards) where the point multiply is the critical and most computationally intensive, but
not final, step in many of these schemes. The point multiply is performed in a near
fully-automated fashion; however, there is some interaction required by the host processor
(described below).

Point multiplies in F

p

are carried out by the PKEU by performing repeated point add and

point double operations using projective coordinates. As a result, the host processor is
responsible for providing the point P represented as the point (X, Y, Z). For systems that do
not operate in the projective coordinate scheme (i.e. point P is represented as the point
(x,y)), X is simply x, Y is y, and Z is 1. The complete set of I/O conditions is shown below.

NOTE:

The scalar ‘k’ is assumed to be positive. If k = 0, the results of
the point multiply are (1, 1, 0). If k

<

0, then k

←

(-k) and

Y

←

-Y (modP).

NOTE:

The input ‘Z’ is assumed to be non-zero. If zero, then the
results of the point multiply are (1, 1, 0).

Table 7-5. ECC F

p

Point Multiply

F

p

Point Multiply

Computation

Q = k*P, where Q

≡

(X

3

,Y

3

,Z

3

), P

≡

(X

1

,Y

1

, Z

1

)

Entry name

multkPtoQ

Entry address

0x001(FpmultkPtoQ)

Pre-conditions

A0 = x

1

(non-projective coordinate when XYZ=0) or X

1

(projective coordinate when XYZ=1)

A1 = y

1

(non-projective coordinate when XYZ=0) or Y

1

(projective coordinate when XYZ=1)

A2 = (z

1

≡

1) (non-proj. coordinate when XYZ=0) or Z

1

(projective coordinate when XYZ=1)

A3 = a elliptic curve parameter
B0 = b elliptic curve parameter
B1 = R

2

mod N value

N0 = prime p (modulus) of the ECC system

Run-time
conditions

EXP(k) = ms 32-bits of k (provided in 32 bit words throughout the point multiply, msb to lsb);
first word provides following routine invocation per ERDY assertion.

F

re

e

sc

a

le

S

e

m

ic

o

n

d

u

c

to

r,

I

Freescale Semiconductor, Inc.

For More Information On This Product,

Go to: www.freescale.com

n

c

.

..

F

re

e

sc

a

le

S

e

m

ic

o

n

d

u

c

to

r,

I

Freescale Semiconductor, Inc.

For More Information On This Product,

Go to: www.freescale.com

n

c

.

..

«
...
56
57
58
59
60
...
»

Содержание DigitalDNA MPC180E

Страница 1: ...sor User s Manual Rev 2 1 11 2000 Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc ...

Страница 2: ... for any other application in which the failure of the Motorola product could create a situation where personal injury or death may occur Should Buyer purchase or use Motorola products for any such unintended or unauthorized application Buyer shall indemnify and hold Motorola and its officers employees subsidiaries affiliates and distributors harmless against all claims costs damages and expenses ...

Страница 3: ... Unit Message Digest Execution Unit Glossary of Terms and Abbreviations 7 8 9 Public Key Execution Unit Random Number Generator Hardware Parameters IND Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc ...

Страница 4: ... Unit Message Digest Authentication Unit Glossary of Terms and Abbreviations 7 8 9 Public Key Execution Unit Random Number Generator Hardware Parameters Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc ...

Страница 5: ...3 External Bus Interface and Memory Map 3 1 Execution Unit Registers 3 1 3 2 Address Map 3 2 3 3 External Bus Interface 3 4 3 3 1 EBI Registers 3 5 3 3 1 1 Command Status Register CSTAT 3 5 3 3 1 2 ID Register 3 7 3 3 1 3 IMASK Register 3 8 3 3 1 4 Input Buffer Control IBCTL and Output Buffer Control OBCTL Registers 3 9 3 3 1 5 Input Buffer Count IBCNT and Output Buffer Count 3 3 1 6 OBCNT Registe...

Страница 6: ...errupt Register 5 3 5 1 4 Key Length Register 5 3 5 1 5 Key Low Lower middle Upper middle Upper Register 5 3 5 1 6 Message Byte Double Word Register 5 4 5 1 7 Message Register 5 4 5 1 8 Cipher Register 5 4 5 1 9 S box I J Register 5 5 5 1 10 S box0 S box63 Memory 5 5 Chapter 6 Message Digest Execution Unit 6 1 Operational Registers 6 1 6 1 1 MDEU Version Identification Register MID 6 2 6 1 2 MDEU ...

Страница 7: ...tion A B R 2 mod N 7 16 7 3 8 ECC F2m Polynomial Basis Point Multiply 7 17 7 3 9 ECC F2m Point Add 7 19 7 3 10 ECC F2m Point Double 7 21 7 3 11 ECC F2m Add Subtract 7 22 7 3 12 ECC F2m Montgomery Modular Multiplication A B R 1 mod N 7 23 7 3 13 ECC F2m Montgomery Modular Multiplication A B R 2 mod N 7 24 7 4 RSA Routines 7 25 7 4 1 A R 1 EXP mod N 7 25 7 4 2 RSA Montgomery Modular Multiplication A...

Страница 8: ...ameters 9 1 Absolute Maximum Ratings 9 1 9 2 Package Thermal Characteristics 9 2 9 3 Pin Capacitance 9 2 9 4 AC DC Electrical Characteristics 9 3 9 5 AC Timing Specification 9 3 9 6 Data Transfer 9 4 9 7 Exception Timing 9 5 9 8 Case Outline Package Dimensions 9 6 Glossary of Terms and Abbreviations Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to ww...

Страница 9: ...PKEU Control Register PKCR 7 2 7 2 PKEU Status Register PKSR 7 4 7 3 PKEU Interrupt Mask Register PKMR 7 5 7 4 ECC Fp Point Multiply Register Usage 7 9 7 5 ECC Fp Point Add Register Usage 7 11 7 6 ECC Fp Point Double Register Usage 7 12 7 7 Modular Add Register Usage 7 13 7 8 Modular Subtract Register Usage 7 14 7 9 Modular Multiplication Register Usage 7 15 7 10 Modular Multiplication with double...

Страница 10: ... Register Usage 7 30 7 22 Clear Memory Register Usage 7 31 7 23 R2 mod N Register Usage 7 33 7 24 RPRN mod P Register Usage 7 34 8 1 RNG Status Register 8 2 9 1 Exception Cycle Timing 9 5 9 2 Case Outline Package Dimensions 9 6 Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc Freescale Semiconductor I Freescale Semiconductor Inc ...

Страница 11: ...st Execution Unit MDEU Registers 6 1 6 2 MCR Field Descriptions 6 3 6 3 MSR Field Descriptions 6 4 7 1 PKEU Registers 7 1 7 2 PKCR Field Descriptions 7 2 7 3 PKSR Field Descriptions 7 4 7 4 PKMR Field Descriptions 7 5 7 5 ECC Fp Point Multiply 7 8 7 6 ECC Fp Point Add 7 11 7 7 ECC Fp Point Double 7 12 7 8 Modular Add 7 13 7 9 Modular Subtract 7 14 7 10 Modular Multiplication 7 15 7 11 Modular Mult...

Страница 12: ...Generator Registers 8 2 8 2 RNG Status Register Field Descriptions 8 2 9 1 Absolute Maximum Ratings 9 1 9 2 Package Thermal Characteristics 9 2 9 3 Capacitance 9 2 9 4 DC Electrical Characteristics 9 3 9 5 AC Timing Specifications Clock and Reset Pins 9 3 9 6 AC Timing Specifications Signal Pins 9 4 9 7 Determination of Cycle Types 9 4 Freescale Semiconductor I Freescale Semiconductor Inc For More...

Страница 13: ...versions of the MPC8xx system bus The MPC180E is optimized to quickly process all the algorithms associated with IPSec WTLS WAP SSL TLS and IKE including RSA RSA signature Diffie Hellman Elliptic Curve Cryptography DES 3DES SHA 1 MD4 MD5 and Arc Four Major features of MPC180E are as follows Public key asymmetric key RSA Programmable field size of up to 2048 bits Elliptic curve cryptography F2m and...

Страница 14: ...xternal processor may execute application code from its ROM and RAM using RAM and optional nonvolatile memory such as EEPROM for storing data The MPC180E resides in the processor memory map therefore an application requiring cryptographic functions simply writes to and reads from the appropriate memory location The MPC180E interfaces to the MPC8xx system bus or to the local buss of the MPC8260 Fig...

Страница 15: ...Open address mode Any address in the MPC180E address map is available for use by the host processor This mode is used for direct writes to set up the MPC180E control registers and can be used for data transfers to and from the MPC180E FIFO mode The MPC180E will accept large data transfers into the input buffer and return burst data through the output buffer Up to 4Kb data transfers are possible th...

Страница 16: ... Standard Execution Unit DEU The DEU is used to perform bulk data encryption and decryption in compliance with the Data Encryption Standard algorithm ANSI X3 92 The DEU can also compute 3DES an extension of the DES algorithm in which each 64 bit input block is processed three times The MPC180E supports two key K1 K3 or three key 3DES The DEU operates by permuting 64 bit data blocks with a shared 5...

Страница 17: ...ssage Authentication Code HMAC as specified by RFC 2104 The HMAC can be built upon any of the hash functions supported by the MDEU 1 3 5 Random Number Generator RNG The RNG is a digital integrated circuit capable of generating 32 bit random numbers It is designed to comply with FIPS 140 standards for randomness and non determinism Because many cryptographic algorithms use random numbers as a sourc...

Страница 18: ...E WITHOUT NOTICE Architectural Overview Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc ...

Страница 19: ...it 31 D 0 31 1 2 4 6 7 9 11 12 14 17 18 20 22 24 28 32 34 36 37 38 87 89 90 92 94 96 98 99 I O Data bidirectional data bus This bus is connected directly to the processor core msb bit 0 lsb bit 31 TS 53 I Transfer Start transfer start pin for control port This signal is asserted by the bus master to indicate the start of a bus cycle that transfers data to or from the MPC180E R W 54 I Read Write re...

Страница 20: ...ardware interrupt NC 26 27 49 50 51 76 100 No connection to the pin DMA Hardware Handshake pins DREQ1 83 O DMA Request 1 active low signal which indicates that either the input or output buffer is requesting data transfer by the host or DMA controller DREQ1 and DREQ2 are each programmable to refer to the MPC180E chip input buffer or output buffer This signal is designed to interoperate with a Powe...

Страница 21: ...1 88 97 I 3 3 Volts Power pins for I O pads OVSS 3 13 23 33 42 63 80 86 95 I 0 Volts Ground IVSS 8 19 39 58 69 91 I 0 Volts Ground Table 2 1 Pin Descriptions Continued Signal name Pin locations Signal type Description Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc Freescale Semiconductor I Freescale Semiconductor Inc For More I...

Страница 22: ...87 OVSS 86 IRQ 85 DREQ2 84 83 82 OVDD 81 80 OVDD 97 D22 96 OVSS 95 IVDD 93 IVSS 69 A22 68 A21 67 A20 66 OVDD 65 A19 64 OVSS 63 A18 62 TA 61 IVDD 60 CLK 59 IVSS 58 CONFIG 57 CS 56 BURST 55 R W 54 A25 73 A24 72 IVDD 71 A23 70 MPC180E Pinout TDI 48 NC 49 NC 50 NC 26 NC 27 TS 53 RESET 52 NC 51 A27 75 A26 74 OVSS 23 D10 24 OVDD 25 D29 1 D21 2 A29 78 A28 77 NC 100 D6 99 D14 D30 OVSS IVDD SE VSS NC 76 PS...

Страница 23: ...8 IV left 209 DATAIN_R 20A MDEU MDMB 0 15 000 Digest 0 4 010 Control CR 015 Status SR 016 Clear interrupt 017 PKEU BRAM 64x32 A00 ARAM 64x32 A40 NRAM 64x32 A80 EXP k B00 Control CR B01 Status SR B02 Mask MR B03 Instruction IR B04 Prog counter PC B05 Clear interrupt B06 Modulus size B07 EXP k size B08 Command status 600 AutoRand output 602 DATAIN_L 20B DATAOUT_R 20C DATAOUT_L 20D Device ID 018 AFEU...

Страница 24: ...x000 0x1FF 0x000 0x0000_0000 Message buffer MB0 W 0x001 0x0000_0004 Message buffer MB1 W 0x002 0x0000_0008 Message buffer MB2 W 0x003 0x0000_000C Message buffer MB3 W 0x004 0x0000_0010 Message buffer MB4 W 0x005 0x0000_0014 Message buffer MB5 W 0x006 0x0000_0018 Message buffer MB6 W 0x007 0x0000_001C Message buffer MB7 W 0x008 0x0000_0020 Message buffer MB8 W 0x009 0x0000_0024 Message buffer MB9 W...

Страница 25: ...0x0000_1000 Control W 0x401 0x0000_1004 Status R 0x402 0x0000_1008 Clear interrupt W 0x403 0x0000_100C Key Length W 0x404 0x0000_1010 Key Low W 0x405 0x0000_1014 Key Lower Middle W 0x406 0x0000_1018 Key Upper Middle W 0x407 0x0000_101C Key Upper W 0x408 0x0000_1020 Message Byte Double Word W 0x409 0x0000_1024 Plaintext in W 0x40A 0x0000_1028 Ciphertext out R 0x40B 0x0000_102C S box I J R W 0x410 0...

Страница 26: ...T R W 0x901 0x0000_2404 ID R 0x902 0x0000_2408 IMASK R W 0x903 0x0000_240C IBCTL R W 0x904 0x0000_2410 IBCNT R W 0x905 0x0000_2414 OBCTL R W 0x906 0x0000_2418 OBCNT R W PKEU 0xA00 0xBFF 0xA00 0x0000_2800 BRAM R W 0xA40 0x0000_2900 ARAM R W 0xA80 0x0000_2A00 NRAM R W 0xB00 0x0000_2C00 EXP k R W 0xB01 0x0000_2C04 Control R W 0xB02 0x0000_2C08 Status R 0xB03 0x0000_2C0C Interrupt mask R W 0xB05 0x000...

Страница 27: ... IBCTL R W Input Buffer Control Register Contains the starting address in the MPC180E where data from the input buffer is to be written Contains the counter mask field see Section 3 3 1 4 Input Buffer Control IBCTL and Output Buffer Control OBCTL Registers IBCNT R W Input Buffer Count Register Gives the total number of 32 bit words to be written to a specific execution unit for a given operation T...

Страница 28: ...terrupts 13 MDEU Message Digest Execution Unit External Bus Interface interrupts 14 RNG Random Number Generator External Bus Interface interrupts 15 PKEU Public key Execution Unit External Bus Interface interrupts 16 17 Reserved should be cleared 18 22 Raw interrupt indicators for individual execution units These are the unmasked interrupts from the execution units For bits18 22 0 interrupt not pe...

Страница 29: ...his function is used to unmask an interrupt from the currently active execution unit It is to be used when a execution unit sends a series of intermediate interrupts the host does not want to see For example if the DEU is enabled and active many interrupts may be generated for intermediate results The host however may only be interested in the final interrupt that occurs when the DEU completes pro...

Страница 30: ... bit assignments in the IRQ register for all the MPC180E execution units All enable mask registers operate on the corresponding bits An interrupt is masked when its corresponding IMASK bit is a 1 0 7 8 10 11 13 14 15 Field MPC180E MDEU DEU Reset 0000_0000 010 0_01 01 R W Read 16 17 19 20 22 23 25 26 28 29 31 Field DEU AFEU RNG EBI PKEU Reset 0 001 001 0_10 01_0 00x R W Read Addr 0x901 Figure 3 3 I...

Страница 31: ...4 IMASK Register Table 3 5 IMASK Field Descriptions Bits Name Description 0 26 Reserved should be cleared 27 DEU Data Encryption Standard Execution Unit global interrupt control 0 interrupt unmasked 1 interrupt masked 28 AFEU Arc Four Execution Unit global interrupt control 0 interrupt unmasked 1 interrupt masked 29 MDEU Message Digest Execution Unit global interrupt control 0 interrupt unmasked 1...

Страница 32: ...tarting address is the address to which the first word of data from the input buffer is written for a given operation All subsequent addresses are derived from this address Table 3 7 OBCTL Register Field Descriptions Bits Name Description 0 7 Reserved should be cleared 8 15 Count mask Defines how the buffer controller presents addresses to execution units when data is read from the active executio...

Страница 33: ...oller Operation The controller EBI is the interface between the host the input and output FIFOs and the individual execution units It also contains control logic designed to help off load flow control from the host The controller facilitates single access or burst reads and writes from the host and it also manages the interrupts that execution units send to the host The controller also controls DR...

Страница 34: ...fer with data transfers as required The EBI CSTAT register determines whether these signals reflect the state of the input buffer or output buffer By default DREQ1 refers to the state of the input buffer and DREQ2 refers to the state of the output buffer NOTE DREQx refers to either DREQ1 or DREQ2 Either can be programmed to refer to the state of the input or output buffer In FIFO mode the input bu...

Страница 35: ...in more detail in the following sections Table 4 1 Data Encryption Standard Execution Unit DEU Registers MPC180E 12 Bit Address Processor 32 Bit Address Register Type 0x200 0x0000_0800 Control DCR R W 0x201 0x0000_0804 Status DSR R 0x202 0x0000_0808 Key1_R R W 0x203 0x0000_080C Key1_L R W 0x204 0x0000_0810 Key2_R R W 0x205 0x0000_0814 Key2_L R W 0x206 0x0000_0818 Key3_R R W 0x207 0x0000_081C Key3_...

Страница 36: ...ed bits of DCFG are read as 0 values Figure 4 2 DEU Configuration Register DCFG 0 28 29 30 31 Field MODE XDES E D Reset 0000_0000_0000_0000 R W R R W Addr 0x200 Table 4 2 DCR Field Descriptions Bits Name Description 0 28 Reserved should be cleared 29 MODE Selects the DES mode of operation Both Electronic Code Book ECB and Cipher Block Chaining CBC are supported 0 ECB 1 CBC 30 XDES Controls single ...

Страница 37: ...l goes high new data in the Table 4 3 DCFG Field Descriptions Bits Name Description 0 29 Reserved should be cleared 30 RST The DES can be reset by asserting the RESET signal or by setting the Software Reset bit in the Control Register The software and hardware resets are functionally equivalent The software reset bit will clear itself one cycle after being set 0 1 software reset 31 IMSK Clearing t...

Страница 38: ... The IV should be written before the first block of data is encrypted After each block of data is encrypted the Initialization Vector register is updated to prepare for the next block of data This register is readable so that the current encryption context mode keys and IV can be saved and restored The Initialization Vector registers must not be written while data is being encrypted or decrypted D...

Страница 39: ...ddress Register Type 0x400 0x0000_1000 Control W 0x401 0x0000_1004 Status R 0x402 0x0000_1008 Clear interrupt W 0x403 0x0000_100C Key Length W 0x404 0x0000_1010 Key Low W 0x405 0x0000_1014 Key Lower Middle W 0x406 0x0000_1018 Key Upper Middle W 0x407 0x0000_101C Key Upper W 0x408 0x0000_1020 Message Byte Double Word W 0x409 0x0000_1024 Plaintext in W 0x40A 0x0000_1028 Ciphertext out R 0x40B 0x0000...

Страница 40: ...the next sub message is written the AFEU will begin processing it and this bit will clear 28 Permute done Set once the memory is permuted with the key Once the first sub message is written the AFEU will begin processing the message and this bit will clear 29 Initialize done Set once memory initialization is complete Once the key data and length is written the AFEU will begin permuting the memory a...

Страница 41: ...owest significant four bytes of the key The Key Lower Middle Register holds the next lowest four bytes of the key The Key Upper Middle Register holds the next highest four bytes of the key The Key Upper Register holds the most significant four bytes of the key 0 29 30 31 Field RST IMSK Reset 0000_0000_0000_0001 R W W Addr 0x400 Table 5 3 AFEU Control Register Field Descriptions Bit Name Descriptio...

Страница 42: ...iphertext to be decrypted Writing data to this register signals the AFEU to start processing the data 5 1 8 Cipher Register The Cipher Register is a 32 bit read only register that stores the processed sub message This can either be the encrypted ciphertext or decrypted plaintext Data in this register is valid when the sub or full message done bit is set in the status register NOTE If the sub messa...

Страница 43: ...register may be accessed whenever the AFEU is idle 5 1 10 S box0 S box63 Memory The S box Memory consists of 64 read write 32 bit blocks The entire contents of the S box memory must be read prior to context switching and must be written back to the AFEU before resuming message processing of an interrupted message The S box memory may be accessed whenever the AFEU is idle Freescale Semiconductor I ...

Страница 44: ...OUT NOTICE Arc Four Execution Unit Registers Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc ...

Страница 45: ... 0x0000_0008 Message buffer MB2 W 0x003 0x0000_000C Message buffer MB3 W 0x004 0x0000_0010 Message buffer MB4 W 0x005 0x0000_0014 Message buffer MB5 W 0x006 0x0000_0018 Message buffer MB6 W 0x007 0x0000_001C Message buffer MB7 W 0x008 0x0000_0020 Message buffer MB8 W 0x009 0x0000_0024 Message buffer MB9 W 0x00A 0x0000_0028 Message buffer MB10 W 0x00B 0x0000_002C Message buffer MB11 W 0x00C 0x0000_...

Страница 46: ...tomatically by the MDEU after one cycle or operation All unused bits of the MCR are read as 0 values Figure 6 1 shows the MDEU Control Register and Table 6 2 describes this register s fields 0x013 0x0000_004C Message digest MD R W 0x014 0x0000_0050 Message digest ME R W 0x015 0x0000_0054 Control MCR R W 0x016 0x0000_0058 Status MSR R W 0x017 0x0000_005C Clear interrupt MCLRIRQ W 0x018 0x0000_0060 ...

Страница 47: ...ted a SHA 1 Hash will be computed 26 RST The RST bit is a software reset signal When activated the MDEU will reset immediately halting any ongoing hash All registers and buffers revert to their initial state Normally asserting GO continues an existing hash function across multiple 512 bit message blocks Should a fresh hash be desired for a new message block the RST bit should be asserted prior to ...

Страница 48: ...ts cannot be modified by the host processor except to be reset which occurs when the host processor performs a write to the MSR regardless of the data value Figure 6 2 shows the MDEU status register and Table 6 3 describes this register s fields 0 15 Field Reset 0000_0000 R W R W 16 27 28 29 30 31 Field IRQ AE BE DONE Reset 0000_0000 R W R W Addr 0x016 Figure 6 2 MDEU Status Register MSR Table 6 3...

Страница 49: ... next block of a multi block message may be written as soon as MSR BE is asserted If IPAD or OPAD are asserted while the Message Buffer is written then the value stored will be the value applied to the data bus exclusive ORed with the appropriate pad value In addition assertion of OPAD causes the contents of the Message Digest Buffer to be copied into the first four or five words of the Message Bu...

Страница 50: ...E WITHOUT NOTICE Operational Registers Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc ...

Страница 51: ... PKEU As future hardware is developed to support different field types or different microcode each version will be assigned a different identifier The value returned is ID 0002x MPC180E 12 Bit Address Processor 32 Bit Address Register Type 0xA00 0x0000_2800 BRAM R W 0xA40 0x0000_2900 ARAM R W 0xA80 0x0000_2A00 NRAM R W 0xB00 0x0000_2C00 EXP k R W 0xB01 0x0000_2C04 Control R W 0xB02 0x0000_2C08 Sta...

Страница 52: ...ed automatically by the PKEU for high level functions However for low level functions such as field add or multiplies the host may set these pointers to reference a particular memory block This flexibility allows for example the following computation A 3 B 1 R 1 mod N 2 2 3 regBsel 00 memory B block 0 select 01 memory B block 1 select 10 memory B block 2 select 11 memory B block 3 select 4 5 regAs...

Страница 53: ...en set to 1 the IRQ signal is enabled thus when an interrupt occurs the IRQ signal will be activated When the IE bit is set to 0 all interrupts are disabled and the IRQ output pin will be held inactive i e 0 The IE bit acts as the global interrupt enable Note that this does not affect the SR IRQ bit That bit is set regardless of IE 0 interrupts disabled 1 interrupts enabled 12 GO The GO bit initia...

Страница 54: ...ered the host response time while important is not critical to meet maximum performance At a minimum the host will have 8 integer multiplies for RSA or 8 point doubles for ECC to provide new data before adversely impacting the run time Refer to the run time formulae see Table 7 26 to determine the exact time available for the target operating frequency For those instances where the host does not n...

Страница 55: ...EXP k register is double buffered the host response time while important is not critical to meet maximum performance At a minimum the host will have 8 integer multiplies for RSA or 8 point doubles for ECC to provide new data before adversely impacting the run time Refer to the run time formulae see Table 7 26 to determine the exact time available for the target operating frequency For those instan...

Страница 56: ...ister is internally double buffered As a result the host response time while important is not critical to meet maximum performance At a minimum the host will have 32 integer multiplies for RSA or 32 point doubles for ECC to provide new data before adversely impacting the run time Refer to the run time formulae see Table 7 26 to determine the exact time available for the target operating frequency ...

Страница 57: ...ent or multiplier size of 1 to 64 bytes On power up or clear EXP k _SIZE is 0 7 2 Memories The PKEU uses four memory spaces RAM consisting of 128 16 bit words Three of these memories A B and N are R W accessible to the host during normal operation The fourth memory t or tmp is normally not accessible to the host accept when the PKEU is placed in test mode Each individual memory can be thought of a...

Страница 58: ...x y X is simply x Y is y and Z is 1 The complete set of I O conditions is shown below NOTE The scalar k is assumed to be positive If k 0 the results of the point multiply are 1 1 0 If k 0 then k k and Y Y modP NOTE The input Z is assumed to be non zero If zero then the results of the point multiply are 1 1 0 Table 7 5 ECC Fp Point Multiply Fp Point Multiply Computation Q k P where Q X3 Y3 Z3 P X1 ...

Страница 59: ...in 32 bit words Note that the host must supply the k data starting with the most significant 32 bit word and working down to the least significant word Each individual word however is formatted msb to lsb i e k_word msb lsb Post conditions B1 X2 X 2 B2 Y2 Y 2 B3 Z2 Z 2 A2 undefined when XYZ 1 or Z2 2 when XYZ 0 A3 undefined when XYZ 1 or Z2 3 when XYZ 0 Unless explicitly noted all other registers ...

Страница 60: ...ery residue system In order to put the projective coordinates into their affine form the following equations which define their relationships must be calculated x X Z2 y Y Z3 Because the PKEU does not support the inverse function it is the responsibility of the host processor to find Z2 1 and Z3 1 by using any number of available modulo n inversion techniques Once this is accomplished the host may...

Страница 61: ...system B0 b elliptic curve parameter in Montgomery residue system B1 X 2 projective coordinate in Montgomery residue system B2 Y 2 projective coordinate in Montgomery residue system B3 Z 2 projective coordinate in Montgomery residue system N0 prime p modulus of the ECC system Post conditions A0 X 1 A1 Y 1 A2 Z 1 A3 a B0 b B1 X 3 B2 Y 3 B3 Z 3 Unless explicitly noted all other registers are not gua...

Страница 62: ...tgomery residue system B0 b elliptic curve parameter in Montgomery residue system N0 prime p modulus of the ECC system Post conditions B1 X 3 B2 Y 3 B3 Z 3 A3 a B0 b Unless explicitly noted all other registers are not guaranteed to be any particular value Special conditions All variables followed with the tick mark indicate it is in the Montgomery residue system While not explicitly mentioned or n...

Страница 63: ...C D E mod N where D E and C are integers and are less than N Entry name modularadd Entry address 0x008 modularadd Pre conditions A0 3 D integer exact A location pre selected in Control Register B0 3 E integer exact B location pre selected in Control Register N0 3 prime p modulus of the ECC system Post conditions B0 3 results of modular addition stored where the B operand was located Unless explici...

Страница 64: ... Computation C D E mod N where D E and C are integers and are less than N Entry name modularsubtract Entry address 009h modularsubtract Pre conditions A0 3 D integer exact A location pre selected in Control Register B0 3 E integer exact B location pre selected in Control Register N0 3 prime p modulus of the ECC system Post conditions B0 3 results of modular subtraction stored where the B operand w...

Страница 65: ...ocation pre selected in Control Register N0 3 prime p modulus of the ECC system Post conditions A0 3 A operand is preserved B0 3 results of modular multiplication stored where the B operand was located Unless explicitly noted all other registers are not guaranteed to be any particular value Special conditions Typically though it is not mandatory the operands will be in the Montgomery residue syste...

Страница 66: ... B R 2 mod N where A B and C are integers less than N and R 216D where D is the number of digits of the modulus vector Entry name modularmultiply2 Entry address 0x00b modularmultiply2 Pre conditions A0 3 A integer exact A location pre selected in Control Register B0 3 B integer exact B location pre selected in Control Register N0 3 prime p modulus of the ECC system Post conditions A0 3 A operand i...

Страница 67: ...mply x Y is y and Z is 1 The complete set of I O conditions is shown below Table 7 12 ECC F2m Point Multiply F2m Point Multiply Computation Q k P where Q X3 Y3 Z3 P X1 Y1 Z1 Entry name multkPtoQ will probably be the same as Fp Entry address 0x001 multkPtoQ Pre conditions A0 x1 when XYZ 0 or X1 when XYZ 1 A1 y1 when XYZ 0 or Y1 when XYZ 1 A2 z1 1 when XYZ 0 or Z1 when XYZ 1 A3 a elliptic curve para...

Страница 68: ...hen it is ready to accept more data This tells the host processor to read the status word to see what was set If the E_RDY bit is set or pin IRDY_B active low the host processor knows it must provide the next word of k this data is written into the EXP k register one 32 bit word at a time If this interrupt is masked then it must poll the status register to determine when to provide the next word o...

Страница 69: ... the values from the Montgomery residue system For projective coordinate systems XYZ 1 The results of the calculation are returned to the B memory Note that these values correspond to the projective coordinate values X Y and Z and are no longer in the Montgomery residue system The host may take these results as the complete point multiply including the exit from the Montgomery residue system e g X...

Страница 70: ...m B3 Z 2 projective coordinate in Montgomery residue system N0 irreducible polynomial of the ECC system Post conditions A0 X 1 A1 Y 1 A2 Z 1 A3 a B0 c B1 X 3 B2 Y 3 B3 Z 3 Unless explicitly noted all other registers are not guaranteed to be any particular value Special conditions The c elliptic curve parameter is a function of the b parameter and field size All variables followed with the tick mar...

Страница 71: ...arameter in Montgomery residue system N0 prime p modulus of the ECC system Post conditions B1 X 3 B2 Y 3 B3 Z 3 A3 a B0 c Unless explicitly noted all other registers are not guaranteed to be any particular value Special conditions The c elliptic curve parameter is a function of the b parameter and field size All variables followed with the tick mark indicate it is in the Montgomery residue system ...

Страница 72: ... Subtract Computation C D E mod N where D E and C are integers and are less than N Entry name modularadd same as with integer add Entry address 0x008 modularadd Pre conditions A0 3 D binary polynomial exact A location pre selected in control register B0 3 E binary polynomial exact B location pre selected in control register N0 3 irreducible polynomial of the ECC system Post conditions B0 3 results...

Страница 73: ...inary polynomial exact B location pre selected in Control Register N0 3 irreducible polynomial of the ECC system Post conditions A0 3 A operand is preserved B0 3 results of modular multiplication stored where the B operand was located Unless explicitly noted all other registers are not guaranteed to be any particular value Special conditions Typically though it is not mandatory the operands will b...

Страница 74: ...d C are binary polynomials with order than N and R 216D where D is the number of digits of the irreducible polynomial Entry name modularmultiply2 same as Fp Entry address 0x00b modularmultiply2 Pre conditions A0 3 A binary polynomial exact A location pre selected in Control Register B0 3 B binary polynomial exact B location pre selected in Control Register N0 3 irreducible polynomial of the ECC sy...

Страница 75: ...word however is formatted msb to lsb i e exp_word msb lsb PKEU asserts the IRDY_B and IRQ signals when it is ready to accept more exponent data IRQ only if E_RDY is not masked This tells the host processor to read the SR to see what was set If the E_RDY bit is set the host processor knows it must provide the next word of the exponent this data is written into the EXP k register one 32 bit word at ...

Страница 76: ...gisters are not guaranteed to be any particular value Special conditions A N and B have the lsb digits in A0 N0 and B0 respectively As required data will occupy the more significant memory blocks N1 N2 N3 A0 A1 A2 A3 B0 B1 B2 B3 Initial Condition Final Condition etc etc N bits 1023 512 etc N0 S bits 511 0 modulus N bits 511 0 modulus N bits 511 0 A bits 1023 512 A bits 511 0 etc A bits 511 0 A bit...

Страница 77: ...mod N where A B and C are integers less than N and R 216D where D is the number of digits of the modulus vector Entry name modularmultiply Entry address 0x00a modularmultiply Pre conditions A0 3 A B0 3 B N0 3 modulus Post conditions A0 3 A operand is preserved B0 3 results of modular multiplication stored where the B operand was located Unless explicitly noted all other registers are not guarantee...

Страница 78: ...ess than N and R 216D where D is the number of digits of the modulus vector Entry name modularmultiply2 Entry address 0x00b modularmultiply2 Pre conditions A0 3 A B0 3 B N0 3 modulus Post conditions A0 3 A operand is preserved B0 3 results of modular multiplication stored where the B operand was located Unless explicitly noted all other registers are not guaranteed to be any particular value Speci...

Страница 79: ... Register Usage Table 7 21 Modular Add Modular Add Computation C D E mod N where D E and C are integers and are less than N Entry name modularadd Entry address 0x008 modularadd Pre conditions A0 3 D B0 3 E N0 3 modulus Post conditions B0 3 results of modular addition stored where the B operand was located Unless explicitly noted all other registers are not guaranteed to be any particular value Spe...

Страница 80: ...Figure 7 21 Modular Subtract Register Usage Table 7 22 Modular Subtract Modular Subtract Computation C D E mod N where D E and C are integers and are less than N Entry name modularsubtract Entry address 0x009 modularsubtract Pre conditions A0 3 D B0 3 E N0 3 modulus Post conditions B0 3 results of modular subtraction stored where the B operand was located Unless explicitly noted all other register...

Страница 81: ...reset and the assertion of the DONE bit in the status register Figure 7 22 Clear Memory Register Usage Table 7 23 Clear Memory Clear Memory Computation A B N and t memories are overwritten with zeros Entry name clearmemory Entry address 0x00d r2 Pre conditions Post conditions A B N 0 all locations Unless explicitly noted all other registers are not guaranteed to be any particular value Special con...

Страница 82: ... is a system wide parameter which means that the R2 mod N value may be pre computed before any real time operations by any other system entity and stored for future use For this reason R2 mod N only supports integer modulo n computations i e the control register bit F2M must be 0 This function operates with a minimum of 4 digits Modsize 3 and with the most significant digit 16 bits of the modulus ...

Страница 83: ...the PKEU the number of digits of P and Q must each be at least five As with the standard R2 mod N operation this operation exists primarily to support RSA and only works with the Control Register F2M bit set to zero To use this function MOD_SIZE must be programmed with D 1 and EXP_SIZE must be programmed with E 1 and the prime modulus either P or Q is written into memory N The complete set of I O ...

Страница 84: ...e vector E 1 Post conditions B0 3 RpRN mod P N0 3 modulus Unless explicitly noted all other registers are not guaranteed to be any particular value Special conditions N1 N2 N3 A0 A1 A2 A3 B0 B1 B2 B3 Initial Condition Final Condition N0 modulus P modulus P R2 mod N RpRn F2M EXP k regAsel regBsel regNsel 0 integer modulo n enabled same set 00 Modsize EXP k _SIZE set E 1 set D 1 same ECC same 0 ECC ...

Страница 85: ...operating frequency MS number of 16 bit blocks in the modulus that is the value assigned to the Modsize reg plus one Ne number of bits in the exponent or multiplier k avg average run time applied to a nominal case which assumes 50 1 s in Ne wcs worst case run time bcs best case run time multPtoQ tmulfp avg Ne tdblfp 0 5 Ne taddfp 8 tmult1 6 MS move FpaddPtoQ taddfp 16 tmult1 4 tadd 5 tsub 19 MS mo...

Страница 86: ...ITHOUT NOTICE Embedded Routine Performance Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc ...

Страница 87: ...and the clock control When a read is performed the oscillator clocks are halted and a collection of bits from the LFSR and CASR are x ored together to obtain the 32 bit random output The BIU interfaces with the External Bus Interface EBI to allow communication between the EBI and the RNG 8 3 Typical Operation A typical procedure for reading random data is as follows When a given operation calls fo...

Страница 88: ...egisters Table 8 1 shows RNG registers Table 8 1 Random Number Generator Registers 8 4 1 Status Register Figure 8 1 shows the RNG status register Table 8 2 describes the RNG status register fields MPC180E 12 Bit Address Processor 32 Bit Address Register Type 0x600 0x0000_1800 Status R 0x602 0x0000_1808 Autorand output R 0 17 18 19 30 31 Field ORDY ON OFF Reset 0000_0000_0000_0001 R W R Addr 0X600 ...

Страница 89: ...s device contains circuitry to protect the inputs against damage due to high static voltages or electric fields however it is advised that normal precautions be taken to avoid application of any voltage higher than maximum rated voltages to this high impedance circuit Characteristic Name Absolute Min Absolute Max Unit Power supply voltage Core VDD 0 3 1 95 Volts Power supply voltage I O VDD 0 3 3 ...

Страница 90: ... resistance 2 Per SEMI G38 87 Single layer board Four layer board R 40 25 C W Junction to board3 bottom 3 Indicates the average thermal resistance between the die and the printed circuit board R 17 C W Junction to case4 top 4 Indicates the average thermal resistance between the die and the case top surface via the cold plate method MIL SPEC 883 Method 1012 1 R 9 C W Table 9 3 Capacitance1 1 f 1 0M...

Страница 91: ...0 8 VDC Input high voltage Vdd Max Vih 2 0 VDC AC supply current IDD mA Standby supply current ISS mA Input leakage current VDD Vin VSS Ileak 10 µA Three state input current VDD Vin VSS Iz 10 µA Input buffer pad capacitance Cin 5 pF Input output buffer pad capacitance Cio 5 pF Output high voltage Ioh 400 µA Voh 2 4 VDC Output low voltage Iol 3 2 mA CL 35 pF IRQ Iol 3 2 mA CL 50 pF D 0 31 Vol 0 4 V...

Страница 92: ...TS setup time to MCLK rise Tms 5 nS TS hold time from MCLK rise Tmh 3 nS R W setup time to MCLK rise Trws 5 nS R W hold time from MCLK rise Trwh 3 nS MCLK rise to D read active delay Tdd 5 11 nS MCLK fall to D read HiZ delay Tdzd 5 13 nS MCLK rise to IRQ TA DREQx active or inactive Tirq 3 9 nS RESET setup time to MCLK rise Trs 5 nS RESET hold time from MCLK rise Trh 7 nS Table 9 7 Determination of...

Страница 93: ...pical interrupt cycle is asserted by the rising edge of MCLK The RESET input must be stable on the falling edge of MCLK to guarantee its recognition in that cycle otherwise it is recognized in the following cycle After RESET is negated the processor needs to guarantee at least four idle cycles before accessing the MPC180E Figure 9 1 Exception Cycle Timing MCLK IRQ Interrupt read and cleared Freesc...

Страница 94: ...PLANE DATUM T 5 DIMENSIONS A AND B DO NOT INCLUDE MOLD PROTRUSION ALLOWABLE PROTRUSION IS 0 25 PER SIDE DIMENSIONS A AND B INCLUDE MOLD MISMATCH 6 DIMENSION D DOES NOT INCLUDE DAMBAR PROTRUSION DAMBAR PROTRUSION SHALL NOT CAUSE THE LEAD WIDTH TO EXCEED 0 35 MINIMUM SPACE BETWEEN PROTRUSION AND ADJACENT LEAD OR PROTRUSION 0 07 1 2 3 _ _ _ _ VIEW Y 4X 25 TIPS 4X 25 100 76 75 51 26 50 1 VIEW AA C N 0...

Страница 95: ...tailed specification of requirements for a processor or computer system It does not specify details of how the processor or computer system must be implemented instead it provides a template for a family of compatible implementations Big endian A byte ordering method in memory where the address n of a word corresponds to the most significant byte In an addressed memory word the bytes are ordered l...

Страница 96: ...Typical context constituents are session keys initialization vectors and security associations Context memory Local or system memory reserved for storage of security context information Context switching The act of changing session specific parameters such as Keys and IVs between the end of the current packet and the next Cryptography The art and science of using mathematics to secure information ...

Страница 97: ...of the previous packet ECC Elliptic curve cryptosystem A public key cryptosystem based on the properties of elliptic curves Elliptic curve The set of points x y satisfying an equation of the form y2 x3 ax b for variables x y and constants a b Î F where F is a field Encryption The transformation of plaintext into an apparently less readable form called ciphertext through a mathematical process The ...

Страница 98: ...text at the start of DES Used in CBC Cipher Block Chaining to complicate crypto analysis Interrupt An asynchronous exception On PowerPC processors interrupts are a special case of exceptions Interrupt controller Organizes the hardware interrupts coming from the execution units into a maskable interrupt for the processor Interrupt mask register Allows masking of individual interrupts by the host IP...

Страница 99: ...pads if necessary the message to be hashed to create a 512 bit block This block is compressed by XOR ing two inputs the 512 bit message block and a 128 bit key Stronger than MD MDEU Message Digest Execution Unit A device or silicon block which accelerates the hashing functions associated with message authentication Memory mapped accesses Accesses whose addresses use the page or block address trans...

Страница 100: ...lgorithms associated with public key exchange Typically uses the RSA or Diffie Hellman algorithms PKI Public Key Infrastructure PKIs are designed to solve the key management problem Plaintext The data to be encrypted Private key In public key cryptography this key is the secret key It is primarily used for decryption but is also used for encryption with digital signatures PRNG Pseudo Random Number...

Страница 101: ...y which the responder encrypts or authenticates messages Security Parameters Index SPI In IPSec a specific field in the packet header which identifies the SecurityAssociations already established for the one way session the packet belongs to Self synchronous Refers to a stream cipher when the keystream is dependent on the data and its encryption Session key A key for symmetric key cryptosystems th...

Страница 102: ...ee secret key Synchronization A process to ensure that operations occur strictly in order Synchronous A property of a stream cipher stating that the keystream is generated independently of the plaintext and ciphertext System memory The physical memory available to a processor Throughput The bits per second measure of the amount of data that is encrypted or hashed per clock cycle TLS Transport Laye...

Страница 103: ...he two values are different and zero otherwise XOR is an abbreviation for exclusive OR X Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc ...

Страница 104: ...UBJECT TO CHANGE WITHOUT NOTICE Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc ...

Страница 105: ... Interface 3 5 ECC routines F2m Add Subtract 7 22 F2m Montgomery Modular Multiplication 7 23 7 24 F2m Point Add 7 19 F2m Point Double 7 21 Fp Modular Add 7 13 Fp Modular Subtract 7 14 Fp Montgomery Modular Multiplication 7 15 7 16 Fp Point Add 7 11 Fp Point Double 7 12 Fp Point Multipy 7 8 Fp Polynomial Basis Point Multiply 7 17 electrical specifications 9 1 AC timing 9 3 AC DC characteristics 9 3...

Страница 106: ...ure internal 1 3 system 1 2 block diagram 1 4 features 1 1 pinout 2 4 N NC 2 2 O OBCNT seeOutput Buffer Count 3 11 OBCTL seeOutput Buffer Control 3 9 open address mode 1 3 Output Buffer Control Register 3 9 Output Buffer Count Register 3 11 OVDD 2 3 OVSS 2 3 P package thermal characteristics 9 2 pin capacitance 9 2 pinout 2 4 PKEU Public Key Execution Unit 1 4 Program Counter Register PKEU 7 6 PSD...

Страница 107: ...P k _Size 7 7 PKEU Interrupt Mask 7 4 PKEU Modsize 7 7 PKEU Program Counter 7 6 PKEU Status 7 3 PKEU Version Identification 7 1 Public Key Execution Unit 7 1 RESET 2 2 RNG Random Number Generator 1 5 routines embedded 7 35 RSA routines 7 25 Fp Modular Subtract 7 30 Integer Modular Exponentiation 7 25 Modular Add 7 29 Montgomery Modular Multiplication 7 27 7 28 S S box I J Register 5 5 S box0 S box...

Страница 108: ...SUBJECT TO CHANGE WITHOUT NOTICE Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc ...

Страница 109: ... Execution Unit Glossary of Terms and Abbreviations 7 8 9 Public Key Execution Unit Random Number Generator Hardware Parameters Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc ...

Страница 110: ... Execution Unit Glossary of Terms and Abbreviations 7 8 9 Public Key Execution Unit Random Number Generator Hardware Parameters Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc ...

Страница 111: ...ductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc ...

Страница 112: ...ductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc Freescale Semiconductor I Freescale Semiconductor Inc For More Information On This Product Go to www freescale com nc ...

Отзывы:

Нет отзывов

Похожие инструкции для DigitalDNA MPC180E

Бренд: TC Electronic Страницы: 2

Бренд: NEC Страницы: 72

ELECTRA ELITE IPK II

Бренд: NEC Страницы: 617

VERSA DOCK - SERVICE

Бренд: NEC Страницы: 8

Бренд: XMG Страницы: 5

Бренд: NAD Страницы: 2

Бренд: Salusfin Страницы: 6

Бренд: Javad Страницы: 35

Бренд: Industrex Страницы: 51

Бренд: Direct IP Страницы: 76

Бренд: Hama Страницы: 12

Бренд: TP-Link Страницы: 2

Бренд: Accusys Страницы: 34

airMAX NanoBridge M NBM3

Бренд: Ubiquiti Страницы: 24

SmartRack SR25UBEXP

Бренд: Tripp Lite Страницы: 4

Бренд: ICP DAS USA Страницы: 8

Бренд: Telit Wireless Solutions Страницы: 79

Бренд: OWC Страницы: 8

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды