Professional Documents
Culture Documents
EmbeddedIPTM 94C
SA-Record Description
Application Note
Revision: 2.1
Date: 1 December 2003
Document Number: EIP/2003/0020
Status: Accepted
SafeNet, Inc. maintains a website with up-to-date technical documentation for our
customers. Contact SafeNet for access:
www.safenet-inc.com
SafeNet BV reserves the right to make changes in the product or its specifications mentioned in this publication without notice. Accordingly, the
reader is cautioned to verify that information in this publication is current before placing orders. The information furnished by SafeNet BV in this
document is believed to be accurate and reliable. However, no responsibility is assumed by SafeNet BV for its use, nor for any infringements of
patents or other rights of third parties resulting from its use. No part of this publication may be copied or reproduced in any form or by any
means, or transferred to any third party without prior written consent of SafeNet BV.
Confidential
SafeNet, Inc. EIP-94C: SA-Record
sales@safenet-inc.com
Revision History
TABLE OF CONTENTS
REVISION HISTORY .............................................................................................................................. II
1. INTRODUCTION.............................................................................................................................. 4
1.1. SCOPE ......................................................................................................................................................... 4
1.2. ACRONYMS, ABBREVIATIONS AND DEFINITIONS ......................................................................................... 4
1.3. DEFINITIONS ............................................................................................................................................... 5
1.3.1. Network Byte Order .............................................................................................................................. 5
1.3.2. EIP-94C Configuration ......................................................................................................................... 5
REFERENCES ............................................................................................................................................................. 5
2. PACKET DESCRIPTOR.................................................................................................................. 7
4. EXAMPLES...................................................................................................................................... 14
4.1. BASIC ENCRYPT OPERATION TRIPLE DES (EDE) CBC MODE. ................................................................ 14
4.2. BASIC HASH OPERATION HMAC-SHA-1. ................................................................................................ 17
4.2.1. First Basic Hash (SHA-1) session to determine Hash((K0 EXOR ipad || text)).................................. 17
4.2.2. Second Basic Hash (SHA-1) session to determine Outer Digest = Hash(K0 EXOR opad) ................ 20
4.2.3. HMAC-SHA-1 session ......................................................................................................................... 22
4.3. BASIC HASH OPERATION MD5.................................................................................................................. 25
4.4. ESP OUTBOUND OPERATION TRIPLE DES CBC MODE & HASH MD5..................................................... 27
4.4.1. ESP Outbound operation .................................................................................................................... 27
APPENDIX A. EXTRA HASHING EXAMPLES ................................................................................. 31
4.5. MAC-SHA-1............................................................................................................................................ 31
4.6. MAC-MD5............................................................................................................................................... 32
1. INTRODUCTION
The EmbeddedIP™ 94C (EIP-94C) requires a Packet Descriptor and Security Association (SA) Record as
input to execute a particular operation like hashing or encryption. The Packet Descriptor contains the
EIP-94C command that drives the Packet Engine (PE). The SA-Record is a data structure consisting of
32 dwords (128 bytes) containing various control and data fields that controls the packet operation. This
document describes the endianess and data access of the Packet Descriptor and SA-Record for the EIP-
94C.
1.1. Scope
This document specifies the Packet Descriptor and SA-Record for the EmbeddedIP™ 94C and how these
are submitted to the EmbeddedIP™ 94C through the AHB Interface.
1.3. Definitions
31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
1 2 3 4
5 6 7 8
9 10 11 12
Table 1. Transmission Order of Bytes.
Whenever an octet represents a numeric quantity the left most bit in the diagram is the high order or most
significant bit. That is, the bit labeled 7 is the most significant bit. For example, the following diagram
represents the value 170 (decimal).
7 6 5 4 3 2 1 0
1 0 1 0 1 0 1 0
References
[1] Postel, J., "Internet Protocol", STD 5, RFC 791, USC/Information Sciences Institute, September
1981.
[2] http://csrc.nist.gov/cryptval/des/DESMMT.pdf
[3] “FIPS PUB 198a - The Keyed-Hash Message Authentication Code (HMAC)”,
Information Technology Laboratory, National Institute of Standards and Technology,
Gaithersburg, MD 20899-8900, March 2002
2. Packet Descriptor
The real-time operation of the Packet Engine is controlled by packet commands that are written into a
Command Queue, a register set that drives the Packet Engine. The Command Queue consists of five 32-
bit dwords (see Table 4).
Byte Offset 31 24 23 20 19 16 15 8 7 0
00 (word_0) Pad Control/Status Status Next Header/Pad Control
04 (word_1) Source Address
08 (word_2) Destination Address
0C (word_3) SA Handle
10 (word_4) Reserved (Bypass) Control 2 Packet Length (bytes)
Table 4: Packet Engine Command Queue & Packet Descriptor Format.
All data in the Packet Descriptor are bitmapped fields. Their layout follows that of the AHB bus in that
word_x bit#[0] corresponds to AHB bit#[0] and word_x bit#[31] corresponds to AHB bit#[31].
2,3 Reserved … … …
4-11 Key AUTO_RING Byte Stream AHB Master Bus[31:0] =
{0x01; 0x23; 0x45; 0x67} 0x67452301
0x01 being the 1st byte
HOST_DIRECT Word field AHB Slave Bus[31:0] =
0x67452301
… … … … … …
4. Examples
This chapter describes numerous examples of actual EIP-94C operations. For each operation the data
transfer on the AHB Interface is described for the Packet Descriptor fetch, SA-Record fetch, Packet Data
fetch, Result Data write, SA-Record update and Result Descriptor write. Also the internal EIP-94C
register contents is provided to show how the data is applied to the algorithm (which directly relates to the
algorithm standards). The input data and addresses in the examples are taken arbitrary.
Packet Descriptor
SA-Record
Packet Data
Result Data
SA-State Record
Result Descriptor
K0 ⊕ ipad:
36373435 0x32333031 0x3e3f3c3d 0x3a3b3839
26272425 0x22232021 0x2e2f2c2d 0x2a2b2829
16171415 0x12131011 0x1e1f1c1d 0x1a1b1819
06070405 0x02030001 0x0e0f0c0d 0x0a0b0809
(K0 ⊕ ipad)||text:
36373435 0x32333031 0x3e3f3c3d 0x3a3b3839
26272425 0x22232021 0x2e2f2c2d 0x2a2b2829
16171415 0x12131011 0x1e1f1c1d 0x1a1b1819
06070405 0x02030001 0x0e0f0c0d 0x0a0b0809
53616d70 0x6c652023 0x31
Hash((K0 ⊕ ipad)||text):
bcc2c68c 0xabbbf1c3 0xf5b05d8e 0x7e73a4d2
7b7e1b20
K0 ⊕ opad:
5c5d5e5f 0x58595a5b 0x54555657 0x50515253
4c4d4e4f 0x48494a4b 0x44454647 0x40414243
7c7d7e7f 0x78797a7b 0x74757677 0x70717273
6c6d6e6f 0x68696a6b 0x64656667 0x60616263
4.2.1. First Basic Hash (SHA-1) session to determine Hash((K0 EXOR ipad || text))
Packet Descriptor
SA-Record
Packet Data
SA-State Record
Result Descriptor
4.2.2. Second Basic Hash (SHA-1) session to determine Outer Digest = Hash(K0 EXOR opad)
Packet Descriptor
SA-Record
Packet Data
14 0x00f3c 0x67666564 :
15 0x00f40 0x63626160 :
16 0x00f44 0x8cc6c2bc :
17 0x00f48 0xc3f1bbab :
18 0x00f4c 0x8e5db0f5 :
19 0x00f50 0xd2a4737e :
20 0x00f54 0x201b7e7b Last 32-bit word of data
Table 23. Packet Data.
In Table 24 the value of Block 1 inside the Hash Data In register is set to ‘X’ after the last valid data byte.
In the EIP-94C these Hash Data In fields are filled with the padding data that is required by the SHA-1
algorithm.
SA-State Record
Result Descriptor
Packet Descriptor
SA-Record
: : :
27 0x00250 0x00000de4 Pointer to State Record Address
: : :
Table 28. SA-Record.
Packet Data
In Table 30 the value of Block 0 and Block 1 inside the Hash Data In register is set to ‘X’ after the last
valid data byte. In the EIP-94C these Hash Data In fields are filled with the padding data that is required
by the SHA-1 algorithm.
SA-State Record
Result Descriptor
Packet Descriptor
SA-Record
Packet Data
SA-State Record
Result Descriptor
4.4. ESP Outbound operation Triple DES CBC Mode & Hash MD5.
This example describes an ESP Outbound transformation where the following keys, IV and plaintext is
input for the Packet Engine. The Outbound process is described in 4.4.1..
Packet Descriptor
Packet Data
DES Data In[63:0] 0xBC06A45BFEA1D4F5 Data swapped to big-endian format for DES
DES Data Out [63:0] 0xA3414FC01BF0D3BB Data swapped to big endian format from DES
Output Buffer0 [31:0] 0xc04f41a3 Data in output buffer location 0
Output Buffer1 [31:0] 0xbbd3f01b Data in output buffer location 1
Table 44. Data in Packet Engine for third TDES block.
Result Data
SA-State Record
Result Descriptor
4.5. MAC-SHA-1
Text
0x11223344 0x55667788 0x99
Final
Inner Digest A[31:0] 0x3bccbd25
Inner Digest B[31:0] 0xc7ecf898
Inner Digest C[31:0] 0xe70e6bbf
Inner Digest D[31:0] 0x931e7185
Inner Digest E[31:0] 0x64182bec
MAC [31:0] 0x25bdcc3b ICV [31:0]
MAC [63:32] 0x98f8ecc7 ICV [63:32]
MAC [95:64] 0xbf6b0ee7 ICV [95:64]
MAC [127:96] 0x85711e93 ICV [127:96]
MAC [159:128] 0xec2b1864 ICV [159:128]
Note that resulting data in MAC registers is appended to the final SSL packet. In the Memory Map the
registers are called MAC registers whereas internally in the RTL code the registers are called ICV.
4.6. MAC-MD5
Text
0x11223344 0x55667788 0x99
Final
Inner Digest A[31:0] 0x2cf9eb27 Data swapped to big-endian format for Hash
Inner Digest B[31:0] 0xf4210d5b
Inner Digest C[31:0] 0x98d26831
Inner Digest D[31:0] 0x8a46bdc8
Inner Digest E[31:0] 0xb2c40c6e*
MAC[31:0] 0x2cf9eb27 ICV [31:0]
MAC[63:32] 0xf4210d5b ICV [63:32]
MAC [95:64] 0x98d26831 ICV [95:64]
MAC [127:96] 0x8a46bdc8 ICV [127:96]
MAC [159:128] 0x6e0cc4b2* ICV [159:128]