EIP-94 SA Record v2.1

SafeNet, Inc.
EmbeddedIPTM 94C
SA-Record Description
Application Note
Revision: 2.1
Date: 1 December 2003
Document Number: EIP/2003/0020
Status: Accepted
SafeNet, Inc. maintains a website with up-to-date technical documentation for our
customers. Contact SafeNet for access:
www.safenet-inc.com
© 2003 SafeNet, Inc.

ALL RIGHTS RESERVED
SafeNet BV reserves the right to make changes in the product or its specifications mentioned in this publication without notice. Accordingly, the
reader is cautioned to verify that information in this publication is current before placing orders. The information furnished by SafeNet BV in this
document is believed to be accurate and reliable. However, no responsibility is assumed by SafeNet BV for its use, nor for any infringements of
patents or other rights of third parties resulting from its use. No part of this publication may be copied or reproduced in any form or by any
means, or transferred to any third party without prior written consent of SafeNet BV.
Confidential
SafeNet, Inc. EIP-94C: SA-Record
For Further Information:
sales@safenet-inc.com
SafeNet BV SafeNet , Inc.

Boxtelseweg 26 A 8029 Corporate Drive
5261 NE Vught Baltimore, MD 21236
The Netherlands U.S.A.
Tel: (+31) 73 684 8450 Tel: (+1) 410 931 7500
Fax: (+31) 73 684 8479 Fax: (+1) 410 931 7524
Revision History
Rev Page(s) Date Author Purpose of Revision

0.1 All 2003/10/20 HJA Initial Draft
1.0 All 2003/10/28 HJA Reworked after review.
Chapter 4 will be extended with more examples for
AES, ESP inbound and an operation in big-endian mode.
2.0 All 2003/12/01 HJA Included feedback from reviews.
Added appendix with SSL Hashing examples.
2.1 12-14 2003/12/22 HJA Added chapter 3.1
Updates on table 5.
* Proprietary and Confidential Information * - ii - Rev 2.1

© 2003 SafeNet, Inc. All rights reserved
TABLE OF CONTENTS
REVISION HISTORY .............................................................................................................................. II
TABLE OF CONTENTS .........................................................................................................................III
1. INTRODUCTION.............................................................................................................................. 4
1.1. SCOPE ......................................................................................................................................................... 4
1.2. ACRONYMS, ABBREVIATIONS AND DEFINITIONS ......................................................................................... 4
1.3. DEFINITIONS ............................................................................................................................................... 5
1.3.1. Network Byte Order .............................................................................................................................. 5
1.3.2. EIP-94C Configuration ......................................................................................................................... 5
REFERENCES ............................................................................................................................................................. 5
2. PACKET DESCRIPTOR.................................................................................................................. 7
3. SA-RECORD AND STATE RECORD ............................................................................................ 8
4. EXAMPLES...................................................................................................................................... 14
4.1. BASIC ENCRYPT OPERATION TRIPLE DES (EDE) CBC MODE. ................................................................ 14
4.2. BASIC HASH OPERATION HMAC-SHA-1. ................................................................................................ 17
4.2.1. First Basic Hash (SHA-1) session to determine Hash((K0 EXOR ipad || text)).................................. 17
4.2.2. Second Basic Hash (SHA-1) session to determine Outer Digest = Hash(K0 EXOR opad) ................ 20
4.2.3. HMAC-SHA-1 session ......................................................................................................................... 22
4.3. BASIC HASH OPERATION MD5.................................................................................................................. 25
4.4. ESP OUTBOUND OPERATION TRIPLE DES CBC MODE & HASH MD5..................................................... 27
4.4.1. ESP Outbound operation .................................................................................................................... 27
APPENDIX A. EXTRA HASHING EXAMPLES ................................................................................. 31
4.5. MAC-SHA-1............................................................................................................................................ 31
4.6. MAC-MD5............................................................................................................................................... 32
* Proprietary and Confidential Information * - iii - Rev 2.1

1. INTRODUCTION
The EmbeddedIP™ 94C (EIP-94C) requires a Packet Descriptor and Security Association (SA) Record as
input to execute a particular operation like hashing or encryption. The Packet Descriptor contains the
EIP-94C command that drives the Packet Engine (PE). The SA-Record is a data structure consisting of
32 dwords (128 bytes) containing various control and data fields that controls the packet operation. This
document describes the endianess and data access of the Packet Descriptor and SA-Record for the EIP-
94C.
1.1. Scope
This document specifies the Packet Descriptor and SA-Record for the EmbeddedIP™ 94C and how these
are submitted to the EmbeddedIP™ 94C through the AHB Interface.
1.2. Acronyms, abbreviations and definitions
3DES Triple DES

AES Advanced Encryption Standard
AHB Advanced High performance Bus
ARC4 Alleged RC4
CBC Cipher Block Chaining
DMA Direct Memory Access
EIP Embedded Intellectual Property
ESP Encapsulating Security Payload
HMAC Hashed MAC
ICV Integrity Check Value
IP Internet Protocol
IPSEC Internet Security Protocol
IV Intialisation Vector (for crypto algorithms)
MAC Message Authentication Code
RC4 Ron's Code #4 (named after inventor of the code, Ron Rivest)
SA Security Association
SHA Secure Hash Algorithm
SPI Security Parameter Index
* Proprietary and Confidential Information * -4- Rev 2.1

1.3. Definitions
1.3.1. Network Byte Order

The order of the header and data described in this document is resolved to the octet level. Whenever a
diagram shows a group of octets, the order of transmission of those octets is the normal order in which
they are read in English. For example, in the following diagram the octets are transmitted in the order
they are numbered.
31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
1 2 3 4
5 6 7 8
9 10 11 12
Table 1. Transmission Order of Bytes.
Whenever an octet represents a numeric quantity the left most bit in the diagram is the high order or most
significant bit. That is, the bit labeled 7 is the most significant bit. For example, the following diagram
represents the value 170 (decimal).
7 6 5 4 3 2 1 0
1 0 1 0 1 0 1 0
Table 2. Significance of Bits

Similarly, whenever a multi-octet field represents a numeric quantity the left most bit of the whole field is
the most significant bit. When a multi-octet quantity is transmitted the most significant octet is
transmitted first.
When a byte steam is described like:

01 23 45 67 89 AB CD EF
Then 01 is the Most Signifant Byte.
1.3.2. EIP-94C Configuration

The examples in this document assume the EIP-94C configured for little endian where the AHB bits map
to the EIP-94C memory as follows:
AHB Interface Byte Lane EIP-94C Memory bytes locations

AHB[7:0] EIP-94C Mem Offset 0
Table 3 EIP-94C AHB Interface byte lane to Memory byte location mapping
It is assumed that the EIP-94C is configured to do no extra swapping on any data on the AHB interface
before storing into memory. Where relevant, the EIP-94C "big endian" swap could be applied to swap the
4 byte lanes on the 32-bit AHB interface for multi-byte transfers.
References
[1] Postel, J., "Internet Protocol", STD 5, RFC 791, USC/Information Sciences Institute, September
1981.
[2] http://csrc.nist.gov/cryptval/des/DESMMT.pdf

[3] “FIPS PUB 198a - The Keyed-Hash Message Authentication Code (HMAC)”,
Information Technology Laboratory, National Institute of Standards and Technology,
Gaithersburg, MD 20899-8900, March 2002

2. Packet Descriptor
The real-time operation of the Packet Engine is controlled by packet commands that are written into a
Command Queue, a register set that drives the Packet Engine. The Command Queue consists of five 32-
bit dwords (see Table 4).
Byte Offset 31 24 23 20 19 16 15 8 7 0
00 (word_0) Pad Control/Status Status Next Header/Pad Control
04 (word_1) Source Address
08 (word_2) Destination Address
0C (word_3) SA Handle
10 (word_4) Reserved (Bypass) Control 2 Packet Length (bytes)
Table 4: Packet Engine Command Queue & Packet Descriptor Format.
All data in the Packet Descriptor are bitmapped fields. Their layout follows that of the AHB bus in that
word_x bit#[0] corresponds to AHB bit#[0] and word_x bit#[31] corresponds to AHB bit#[31].

3. SA-Record and State Record
The EIP-94C SA-Record and SA-State Record are shown in Figure 1.
AES/DES IPsec & Basic Mode (Rev 1)

Offset Description bytes
Word 0 Command0 1-4
Word 1 Command1 5-8
Word 2 Reserved1 9-12
Word 3 Reserved2 13-16
DES
Word 4 Key1 bytes 3:0 17-20

ARC4

Triple DES

AES

Word 12 Inner Digest bytes 3:0 (A) 49-52
Word 13 Inner Digest bytes 7:4 (B) 53-56
Word 14 Inner Digest bytes 11:8 (C) 57-60
Word 15 Inner Digest bytes 15:12 (D) 61-64
Word 16 Inner Digest bytes 19:16 (E) 65-68
Word 17 Outer Digest bytes 3:0 (A) 69-72
Word 18 Outer Digest bytes 7:4 (B) 73-76
Word 19 Outer Digest bytes 11:8 (C) 77-80
Word 20 Outer Digest bytes 15:12 (D) 81-84
Word 21 Outer Digest bytes 19:16 (E) 85-88
Word 22 SPI 89-92
Word 23 Sequence Number 93-96
Word 24 Sequence number mask [31:0] 97-100
Word 25 Sequence number mask [63:32] 101-104
Word 26 Nonce 105-108
Word 27 Pointer to State Record 109-112
Word 28 Saved ARC4 i & j pointers (16-bits) 113-116
Word 29 Pointer to ARC4 State 117-120
Word 30 SA Management Field 0 121-124
Word 31 SA Management Field 1 125-128
State Record (Rev 1) ARC4 State Record (Rev 1)
Offset Description Offset Offset Description
3DES
DES/
Word 0 Saved IV bytes 3:0 1-4 Word 0

Word 1 5-8 Word 1
AES
Saved IV bytes 7:4

Word 4 Saved Hash byte count 17-20 |
|
ARC4 S-box (Si) Bytes 0 – 255
Word 5 Saved Inner Digest bytes 3:0 21-24
Word 6 Saved Inner Digest bytes 7:4 25-28 |
Word 7 Saved Inner Digest bytes 11:8 29-32 |
Word 8 Saved Inner Digest bytes 15:12 33-36 259-252 Word 62
Word 9 Saved Inner Digest bytes 19:16 37-40 253-256 Word 63
Figure 1. EIP-94C Revision 1 SA Record

Only bold printed fields from Figure 1 are applicable.

Word Field Description

1:0 Command0 Bitmapped command fields.
Command1 The command bits follows the AHB bits as follows:
Commandx bit#[0] = AHB bit#[0]
...
3:2 Reserved Set to zeros
11:4 Key1 bytes 3:0 The Keys are treated as a byte stream.
Key1 bytes 7:4 The Key bytes follow the AHB byte lanes as follows:
Key2 bytes 3:0 Key1 byte3 = AHB[31:24]
Key4 bytes 3:0 For a Single-DES operation only Key 1 is populated.
Key4 bytes 7:4 For a Triple-DES operation Key1, Key2 and Key3 are populated.
For an ARC4 operation Key1 and Key2 are populated.
For a 128-bit AES operation Key1 and Key2 are populated.
For a 192-bit AES operation Key1, Key2 and Key3 are populated.
For a 256-bit AES operation all Key fields are populated.
16:12 Inner Digest bytes 3:0 (A) The Inner Digests are treated as five 32-bit word fields.
Inner Digest bytes 7:4 (B) The Inner Digest bytes follow the AHB byte lanes as follows:
Inner Digest bytes 11:8 (C) Inner Digest byte3 = AHB[31:24]
Inner Digest bytes 15:12 (D) Inner Digest byte2 = AHB[23:16]
Inner Digest bytes 19:16 (E) Inner Digest byte1 = AHB[15:08]
Inner Digest byte0 = AHB[07:00]
For a MD5 operation Inner Digest bytes 15:0 are populated.
For a SHA-1 operation all Inner Digest bytes are populated.
21:17 Outer Digest bytes 3:0 (A) The Outer Digests are treated as five 32-bit word fields.
Outer Digest bytes 7:4 (B) The Outer Digest bytes follow the AHB byte lanes as follows:
Outer Digest bytes 11:8 (C) Outer Digest byte3 = AHB[31:24]
Outer Digest bytes 15:12 (D) Outer Digest byte2 = AHB[23:16]
Outer Digest bytes 19:16 (E) Outer Digest byte1 = AHB[15:08]
Outer Digest byte0 = AHB[07:00]
For a MD5 operation Outer Digest bytes 15:0 are populated.
For a SHA-1 operation all Outer Digest bytes are populated.
22 SPI The SPI is treated as a 32-bit word field.
The SPI bytes follow the AHB byte lanes as follows:
SPI byte3 = AHB[31:24]
23 Sequence Number The Sequence Number is treated as a 32-bit word field. The
Sequence Number bytes follow the AHB byte lanes as follows:
Sequence Number byte3 = AHB[31:24]
25:24 Sequence Number Mask The Sequence Number Mask is treated as two 32-bit word field.
The Sequence Number Mask bytes follow the AHB byte lanes as
follows:
Sequence Number Mask byte3 = AHB[31:24]
26 Nonce The Nonce is treated as a byte stream.
The Nonce bytes follow the AHB byte lanes as follows:

Nonce byte3 = AHB[31:24]

27 Pointer to State Record The State Record Pointer is also treated as a memory pointer.
The Pointer to State Record bytes follow the AHB byte lanes as
follows:
28 Saved ARC4 i & j Pointer The Saved ARC4 i & j Pointers are treated as 2 byte fields.
The Saved ARC4 i & j Pointer bytes follow the AHB byte lanes as
follows:
Not used = AHB[31:24]
Not used = AHB[23:16]
ARC4 j pointer byte = AHB[15:08]
ARC4 i pointer byte = AHB[07:00]
29 Pointer to ARC4 State The ARC4 State Pointer is treated as a memory pointer.
The ARC4 State Pointer bytes follow the AHB byte lanes as
follows:
31:30 Management Not used.
Table 5 SA-Record Description
* Proprietary and Confidential Information * - 10 - Rev 2.1


3:0 Saved IV Bytes 3:0 The Saved IV bytes are treated as a byte stream.
Saved IV Bytes 7:4 The Saved IV bytes follow the AHB byte lanes as follows:
Saved IV Bytes 11:8 Saved IV byte3 = AHB[31:24]
Saved IV Bytes 15:12 Saved IV byte2 = AHB[23:16]
Saved IV byte1 = AHB[15:08]
Saved IV byte0 = AHB[07:00]
For a (3)DES operation Saved IV Bytes 11:0 are populated.
For an AES operation all Saved IV Bytes are populated.
4 Saved Hash Byte Count The Saved Hash Byte Count bytes are treated as a word field.
The Saved Hash Byte Count bytes follow the AHB byte lanes as
follows:
Saved Hash Byte Count byte3 = AHB[31:24]
9:5 Saved Inner Digest bytes 3:0 For the initial and intermediate hash, the Saved Inner Digests are
Saved Inner Digest bytes 7:4 treated as five 32-bit word fields. For the final hash the Saved
Saved Inner Digest bytes 11:8 Inner Digests are treated as a byte stream. The Saved Inner Digest
Saved Inner Digest bytes 15:12 bytes follow the AHB byte lanes as follows:
Saved Inner Digest bytes 19:16 Saved Inner Digest byte3 = AHB[31:24]
Saved Inner Digest byte2 = AHB[23:16]
For a MD5 operation Saved Inner Digest bytes 15:0 are populated.
For a SHA-1 operation all Saved Inner Digest bytes are populated.
Table 6 SA-State Record Description

63:0 Saved ARC4 S-box Bytes 3:0 The ARC4 S-box bytes are treated as a byte stream.
Saved ARC4 S-box Bytes 7:4 The ARC4 S-box bytes follow the AHB byte lanes as follows:
Saved ARC4 S-box Bytes 11:8 ARC4 S-box byte3 = AHB[31:24]
: ARC4 S-box byte2 = AHB[23:16]
Saved ARC4 S-box Bytes 255:252 ARC4 S-box byte1 = AHB[15:08]
ARC4 S-box byte0 = AHB[07:00]
Table 7 ARC4-State Record Description

3.1. Autonomous Ring Mode versus Host Direct Mode
Word Field Mode Type Logical Value AHB Bus Format

0,1 Command0 AUTO_RING Bit_mask AHB Master Bus[31:0] =
Command1 0x31581310 0x31581310
HOST_DIRECT Bit_mask AHB Slave Bus[31:0] =

0x31581310
2,3 Reserved … … …
4-11 Key AUTO_RING Byte Stream AHB Master Bus[31:0] =
{0x01; 0x23; 0x45; 0x67} 0x67452301
0x01 being the 1st byte
HOST_DIRECT Word field AHB Slave Bus[31:0] =
0x67452301
12-16 Inner Digest AUTO_RING Word field AHB Master Bus[31:0] =

0x01234567 0x01234567

0x01234567
17-21 Outer Digest AUTO_RING Byte Stream AHB Master Bus[31:0] =

0x01234567 0x01234567

0x01234567
22 SPI AUTO_RING Word field AHB Master Bus[31:0] =

0x11223344 0x11223344

0x11223344
23 Sequence Number AUTO_RING Word field AHB Master Bus[31:0] =

0x00000001 0x00000001

0x00000001

Mask [31:0] 0x00000001 0x00000001

0x00000001

Mask [63:32] 0x00000001 0x00000001


0x00000001
26 Nonce AUTO_RING Byte Stream AHB Master Bus[31:0] =

{0x67; 0x89; 0xab; 0xcd} 0xcdab8967
0xcdab8967
27 Pointer to State AUTO_RING memory AHB Master Bus[31:0] =

Record pointer 0x0000123 0x00000123
HOST_DIRECT not used not used
28 Saved ARC4 AUTO_RING 2 byte AHB Master Bus[31:0] =

i & j pointers fields 0x0001234 0x00001234
HOST_DIRECT 2 byte AHB Slave Bus[31:0] =

fields 0x00001234
29 Pointer to AUTO_RING memory AHB Master Bus[31:0] =

ARC4 State pointer 0x00012345 0x00012345
HOST_DIRECT not used not used
… … … … … …
Word Field Mode Type Logical Value AHB Bus Format

0-3 Saved IV Bytes AUTO_RING Byte stream AHB Master Bus[31:0] =
{0x01; 0x23; 0x45; 0x67} 0x01234567
0x01234567
4 Saved Hash Byte HOST_DIRECT Word field AHB Slave Bus[31:0] =

Count 0x00000001 0x00000001
5-9 Initial and AUTO_RING Word field AHB Master Bus[31:0] =

intermediate hash 0x01234567 0x01234567
Saved Inner Digest
0x01234567
Final hash AUTO_RING Byte Stream AHB Master Bus[31:0] =

Saved Inner Digest {0x01; 0x23; 0x45; 0x67} 0x67452301
0x67452301

4. Examples
This chapter describes numerous examples of actual EIP-94C operations. For each operation the data
transfer on the AHB Interface is described for the Packet Descriptor fetch, SA-Record fetch, Packet Data
fetch, Result Data write, SA-Record update and Result Descriptor write. Also the internal EIP-94C
register contents is provided to show how the data is applied to the algorithm (which directly relates to the
algorithm standards). The input data and addresses in the examples are taken arbitrary.
4.1. Basic Encrypt operation Triple DES (EDE) CBC Mode.

This example describes a Basic Encrypt operation with the following keys, IV and Plaintext as input for
the Packet Engine and the resulting Ciphertext as output.
KEY1 = 627f460e 08104a10

KEY2 = 43cd265d 5840eaf1
KEY3 = 313edf97 df2a8a8c
IV = 8e29f75e a77e5475
PLAINTEXT = 326a494c d33fe756
CIPHERTEXT = b22b8d66 de970692
Packet Descriptor
Word Address AHB bits[31:0] Description

0 0x0413c 0x00000041 [0] Host has populated the descriptor
[7:6] SA bus ID at “01”
1 0x04140 0x00000f04 [31:0] PE Source address
2 0x04144 0x0000481c [31:0] PE Destination address
3 0x04148 0x000001e4 [31:0] SA-Record address
4 0x0414c 0x00400010 [19:0] PE Length is 16 bytes
[22] Host has populated the descriptor
Table 8. Packet Descriptor.
SA-Record

0 0x001e4 0x315001c0 [0] Basic Encrypt
[7:6] Zero crypto padding
[11:8] Triple-DES algorithm
[21:20] Input bus ID “01”
[23:22] Output bus ID “01”
[25:24] IV loading from input buffer
[28] Save IV to State-Record
[29] Save Hash State to State-Record
1 0x001e8 0x00028140 [7:6] State-Record bus ID “01”
[31,9:8] Crypt mode CBC
[15] SA revision 1
[23:16] Hash/Crypt offset is 2 words (for IV)
2 0x001ec reserved
3 0x001f0 reserved
4 0x001f4 0x0e467f62 [31:0] Upper 32-bits of Key1
5 0x001f8 0x104a1008 [31:0] Lower 32-bits of Key1
6 0x001fc 0x5d26cd43 [31:0] Upper 32-bits of Key2

7 0x00200 0xf1ea4058 [31:0] Lower 32-bits of Key2

8 0x00204 0x97df3e31 [31:0] Upper 32-bits of Key3
9 0x00208 0x8c8a2adf [31:0] Lower 32-bits of Key3
: : : Rest is not applicable
Table 9. SA-Record.
Packet Data

0 0x00f04 0x5ef7298e [31:0] Lower 32-bits of IV
1 0x00f08 0x75547ea7 [31:0] Upper 32-bits of IV
2 0x00f0c 0x4c496a32 [31:0] Lower 32-bits of Plaintext block
3 0x00f10 0x56e73fd3 [31:0] Upper 32-bits of Plaintext block
Table 10. Packet Data.
EIP-94C internal registers
Location in EIP-94C Register Value Description

Input Buffer0 [31:0] 0x4c496a32 Data in input buffer location 0
DMA input buffer
Input Buffer1 [31:0] 0x56e73fd3 Data in input buffer location 1
Key1 [63:0] 0x627f460e08104a10 Keys swapped to big-endian format for DES
Key2 [63:0] 0x43cd265d5840eaf1 Keys swapped to big-endian format for DES
Key3 [63:0] 0x313edf97df2a8a8c Keys swapped to big-endian format for DES
DES algorithm
IV [63:0] 0x75547ea75ef7298e IV not swapped
DES Data In[63:0] 0x326a494cd33fe756 Data swapped to big-endian format for DES
DES Data Out [63:0] 0xb22b8d66de970692 Data swapped to big endian format from DES
Output Buffer0 [31:0] 0x668d2bb2 Data in output buffer location 0
DMA output buffer
Output Buffer1 [31:0] 0x920697de Data in output buffer location 1
Table 11. Data in Packet Engine.
Result Data

0 0x0481c 0x668d2bb2 [31:0] Lower 32-bits of Ciphertext block
1 0x04820 0x920697de [31:0] Upper 32-bits of Ciphertext block
Table 12. Result Data.
SA-State Record

0 0x00de4 0x668d2bb2 [31:0] Lower 32-bits of IV
1 0x00de8 0x920697de [31:0] Upper 32-bits of IV
: : : :
Table 13. SA-State Record.
Result Descriptor

0 0x043bc 0x00000046 [1] EIP-94C has used the descriptor
[7:6] SA bus ID at “01”

1 0x043c0 0x00000f04 [31:0] PE Source address

2 0x043c4 0x0000481c [31:0] PE Destination address
3 0x043c8 0x000001e4 [31:0] SA-Record address
4 0x043cc 0x00800008 [19:0] Packet Result Length is 8 bytes
[23] EIP-94C has used the descriptor
Table 14. Result Descriptor.

4.2. Basic Hash operation HMAC-SHA-1.

FIPS-198a, Appendix A: HMAC Example A.1 (see [3])
Key: 00010203 0x04050607 0x08090a0b 0x0c0d0e0f
10111213 0x14151617 0x18191a1b 0x1c1d1e1f
20212223 0x24252627 0x28292a2b 0x2c2d2e2f
30313233 0x34353637 0x38393a3b 0x3c3d3e3f
K0: 00010203 0x04050607 0x08090a0b 0x0c0d0e0f

10111213 0x14151617 0x18191a1b 0x1c1d1e1f
20212223 0x24252627 0x28292a2b 0x2c2d2e2f
30313233 0x34353637 0x38393a3b 0x3c3d3e3f
K0 ⊕ ipad:
36373435 0x32333031 0x3e3f3c3d 0x3a3b3839
26272425 0x22232021 0x2e2f2c2d 0x2a2b2829
16171415 0x12131011 0x1e1f1c1d 0x1a1b1819
06070405 0x02030001 0x0e0f0c0d 0x0a0b0809
(K0 ⊕ ipad)||text:
36373435 0x32333031 0x3e3f3c3d 0x3a3b3839
26272425 0x22232021 0x2e2f2c2d 0x2a2b2829
16171415 0x12131011 0x1e1f1c1d 0x1a1b1819
06070405 0x02030001 0x0e0f0c0d 0x0a0b0809
53616d70 0x6c652023 0x31
Hash((K0 ⊕ ipad)||text):
bcc2c68c 0xabbbf1c3 0xf5b05d8e 0x7e73a4d2
7b7e1b20
K0 ⊕ opad:
5c5d5e5f 0x58595a5b 0x54555657 0x50515253
4c4d4e4f 0x48494a4b 0x44454647 0x40414243
7c7d7e7f 0x78797a7b 0x74757677 0x70717273
6c6d6e6f 0x68696a6b 0x64656667 0x60616263
(K0 ⊕ opad) || Hash((K0 ⊕ ipad)||text):

5c5d5e5f 0x58595a5b 0x54555657 0x50515253
4c4d4e4f 0x48494a4b 0x44454647 0x40414243
7c7d7e7f 0x78797a7b 0x74757677 0x70717273
6c6d6e6f 0x68696a6b 0x64656667 0x60616263
bcc2c68c 0xabbbf1c3 0xf5b05d8e 0x7e73a4d2
7b7e1b20
HMAC(Key, Text) = Hash((K0 ⊕ opad) || Hash((K0 ⊕ ipad)||text)):

4f4ca3d5 0xd68ba7cc 0x0a1208c9 0xc61e9c5d
a0403c0a
20-byte HMAC(Key, Text):

4f4ca3d5 0xd68ba7cc 0x0a1208c9 0xc61e9c5d
a0403c0a
4.2.1. First Basic Hash (SHA-1) session to determine Hash((K0 EXOR ipad || text))
Packet Descriptor


[4] Input data is final and must be padded for hashing
[7:6] SA bus ID at “01”
SA-Record

0 0x001e4 0x2c501003 [5:0] Basic Hash, Inbound
[15:12] SHA-1 algorithm
[27:26] No Hash State loading
1 0x001e8 0x00008060 [5] Mutable Bit Processing disabled
[7:6] State-Record bus ID “01”
[15] SA revision 1
: : :
27 0x00250 0x00000de4 Pointer to State Record Address
: : :
Table 16. SA-Record.
Packet Data

0 0x00f04 0x35343736 First 32-bit word of data
1 0x00f08 0x31303332 Second 32-bit word of data
2 0x00f0c 0x3d3c3f3e Third 32-bit word of data
3 0x00f10 0x39383b3a :
4 0x00f14 0x25242726 :
5 0x00f18 0x21202322 :
6 0x00f1c 0x2d2c2f2e :
7 0x00f20 0x29282b2a :
8 0x00f24 0x15141716 :
9 0x00f28 0x11101312 :
10 0x00f2c 0x1d1c1f1e :
11 0x00f30 0x19181b1a :
12 0x00f34 0x05040706 :
13 0x00f38 0x01000302 :
14 0x00f3c 0x0d0c0f0e :
15 0x00f40 0x09080b0a :
16 0x00f44 0x706d6153 :
17 0x00f48 :
18 0x00f4c 0xXXXXXX31 Last 32-bit word of data
EIP-94C internal Hash registers

Register Value Description

Input Buffer0 [31:0] 0x35343736 Data in input buffer location 0
Input Buffer2 [31:0] 0x3d3c3f3e Data in input buffer location 2
: : :
Input Buffer17 [31:0] 0x2320656c Data in input buffer location 17
Input Buffer18 [31:0] 0xXXXXXX31 Data in input buffer location 18
Hash Data In [511:0] 0x36373435 0x32333031 Data swapped to big-endian format for Hash
(Block 0) 0x3e3f3c3d 0x3a3b3839
0x26272425 0x22232021
0x2e2f2c2d 0x2a2b2829
0x16171415 0x12131011
0x1e1f1c1d 0x1a1b1819
0x06070405 0x02030001
0x0e0f0c0d 0x0a0b0809
Hash Result Block 0 0x2f46e336 0x62b08d29
(Inner Digest) 0xf89e46c5 0x27bc1dd8
0x4b9c4e31
Hash Data In [511:0] 0x53616d70 0x6c652023 Data swapped to big-endian format for Hash
(Block 1) 0x31XXXXXX 0xXXXXXXXX
0xXXXXXXXX 0xXXXXXXXX
Result Digest [159:0] 0xbcc2c68c 0xabbbf1c3
0xf5b05d8e 0x7e73a4d2
0x7b7e1b20
In Table 18 the value of Block 1 inside the Hash Data In register is set to ‘X’ after the last valid data byte.
In the EIP-94C these Hash Data In fields are filled with the padding data that is required by the SHA-1
algorithm.
SA-State Record

: : : :
5 0x00df8 0xbcc2c68c Saved Inner Digest bytes 3:0 (A)
6 0x00dfc 0xabbbf1c3 Saved Inner Digest bytes 7:4 (B)
7 0x00e00 0xf5b05d8e Saved Inner Digest bytes 11:8 (C)
8 0x00e04 0x7e73a4d2 Saved Inner Digest bytes 15:12 (D)
9 0x00e08 0x7b7e1b20 Saved Inner Digest bytes 19:16 (E)
Result Descriptor

[7:6] SA bus ID at “01”


4.2.2. Second Basic Hash (SHA-1) session to determine Outer Digest = Hash(K0 EXOR opad)
Packet Descriptor

[7:6] SA bus ID at “01”
SA-Record

[15] SA revision 1
: : :
: : :
Packet Data

0 0x00f04 0x5f5e5d5c First 32-bit word of data
1 0x00f08 0x5b5a5958 Second 32-bit word of data
2 0x00f0c 0x57565554 Third 32-bit word of data
3 0x00f10 0x53525150 :
4 0x00f14 0x4f4e4d4c :
5 0x00f18 0x4b4a4948 :
6 0x00f1c 0x47464544 :
7 0x00f20 0x43424140 :
8 0x00f24 0x7f7e7d7c :
9 0x00f28 0x7b7a7978 :
10 0x00f2c 0x77767574 :
11 0x00f30 0x73727170 :
12 0x00f34 0x6f6e6d6c :
13 0x00f38 0x6b6a6968 :

14 0x00f3c 0x67666564 :
15 0x00f40 0x63626160 :
16 0x00f44 0x8cc6c2bc :
17 0x00f48 0xc3f1bbab :
18 0x00f4c 0x8e5db0f5 :
19 0x00f50 0xd2a4737e :
20 0x00f54 0x201b7e7b Last 32-bit word of data

Input Buffer0 [31:0] 0x5f5e5d5c Data in input buffer location 0
Input Buffer1 [31:0] 0x5b5a5958 Data in input buffer location 1
: : :
Input Buffer19[31:0] 0xd2a4737e Data in input buffer location 19
Input Buffer20 [31:0] 0x201b7e7b Data in input buffer location 20
Hash Data In [511:0] 0x5c5d5e5f 0x58595a5b Data swapped to big-endian format for Hash
(Block 0) 0x54555657 0x50515253
0x4c4d4e4f 0x48494a4b
0x44454647 0x40414243
0x7c7d7e7f 0x78797a7b
0x74757677 0x70717273
0x6c6d6e6f 0x68696a6b
0x64656667 0x60616263
Hash Result Block 0 0xdaa8258e 0x5113fd93
(Outer Digest) 0x6a943abb 0x5c23544e
0x5021b0d4
Hash Data In [511:0] 0xbcc2c68c 0xabbbf1c3 Data swapped to big-endian format for Hash
(Block 1) 0xf5b05d8e 0x7e73a4d2
0x7b7e1b20 0xXXXXXXXX
Result Digest [159:0] 0x4f4ca3d5 0xd68ba7cc
0x0a1208c9 0xc61e9c5d
0xa0403c0a
In Table 24 the value of Block 1 inside the Hash Data In register is set to ‘X’ after the last valid data byte.
In the EIP-94C these Hash Data In fields are filled with the padding data that is required by the SHA-1
algorithm.
SA-State Record

: : : :
5 0x00df8 0x4f4ca3d5 Saved Inner Digest bytes 3:0 (A)
6 0x00dfc 0xd68ba7cc Saved Inner Digest bytes 7:4 (B)
7 0x00e00 0x0a1208c9 Saved Inner Digest bytes 11:8 (C)
8 0x00e04 0xc61e9c5d Saved Inner Digest bytes 15:12 (D)
9 0x00e08 0xa0403c0a Saved Inner Digest bytes 19:16 (E)

Result Descriptor

[7:6] SA bus ID at “01”
4.2.3. HMAC-SHA-1 session
Packet Descriptor

[7:6] SA bus ID at “01”
SA-Record

0 0x001e4 0x20501003 [5:0] Basic Hash, Inbound
[27:26] Load Hash State from SA Record
[12] HMAC processing
[15] SA revision 1
: : :
12 0x00214 0x2f46e336 Inner Digest bytes 3:0 (A)
13 0x00218 0x62b08d29 Inner Digest bytes 7:4 (B)
14 0x0021c 0xf89e46c5 Inner Digest bytes 11:8 (C)
15 0x00220 0x27bc1dd8 Inner Digest bytes 15:12 (D)
16 0x00224 0x4b9c4e31 Inner Digest bytes 19:16 (E)
17 0x00228 0xdaa8258e Outer Digest bytes 3:0 (A)
18 0x0022c 0x5113fd93 Outer Digest bytes 7:4 (B)
19 0x00230 0x6a943abb Outer Digest bytes 11:8 (C)
20 0x00234 0x5c23544e Outer Digest bytes 15:12 (D)
21 0x00238 0x5021b0d4 Outer Digest bytes 19:16 (E)

: : :
: : :
Packet Data

0 0x00f04 0x706d6153 First 32-bit word of data
1 0x00f08 0x2320656c Second 32-bit word of data
2 0x00f0c 0xXXXXXX31 Last data byte

Input Buffer0 [31:0] 0x706d6153 Data in input buffer location 0
Input Buffer1 [31:0] 0x2320656c Data in input buffer location 1
Input Buffer2 [31:0] 0xXXXXXX31 Data in input buffer location 2
Hash Data In [511:0] 0x53616d70 0x6c652023 Data swapped to big-endian format for Hash
(Block 0) 0x31XXXXXX 0xXXXXXXXX
Digest Buffer A [31:0] 0x2f46e336 Digest Buffer location A
Digest Buffer B [31:0] 0x62b08d29 Digest Buffer location B
Digest Buffer C [31:0] 0xf89e46c5 Digest Buffer location C
Digest Buffer D [31:0] 0x27bc1dd8 Digest Buffer location D
Digest Buffer E [31:0] 0x4b9c4e31 Digest Buffer location E
Hash Result Block 0 0xbcc2c68c 0xabbbf1c3
0xf5b05d8e 0x7e73a4d2
0x7b7e1b20
Hash Data In [511:0] 0xbcc2c68c 0xabbbf1c3 Data swapped to big-endian format for Hash
(Block 1) 0xf5b05d8e 0x7e73a4d2
0x7b7e1b20 0xXXXXXXXX
Digest Buffer A [31:0] 0xdaa8258e Digest Buffer location A
Digest Buffer B [31:0] 0x5113fd93 Digest Buffer location B
Digest Buffer C [31:0] 0x6a943abb Digest Buffer location C
Digest Buffer D [31:0] 0x5c23544e Digest Buffer location D
Digest Buffer E [31:0] 0x5021b0d4 Digest Buffer location E
Result Digest [127:0] 0x4f4ca3d5 0xd68ba7cc
0x0a1208c9 0xc61e9c5d
0xa0403c0a

In Table 30 the value of Block 0 and Block 1 inside the Hash Data In register is set to ‘X’ after the last
valid data byte. In the EIP-94C these Hash Data In fields are filled with the padding data that is required
by the SHA-1 algorithm.
SA-State Record

: : : :
5 0x00df8 0x4f4ca3d5 Saved Inner Digest bytes 3:0 (A)
6 0x00dfc 0xd68ba7cc Saved Inner Digest bytes 7:4 (B)
7 0x00e00 0x0a1208c9 Saved Inner Digest bytes 11:8 (C)
8 0x00e04 0xc61e9c5d Saved Inner Digest bytes 15:12 (D)
9 0x00e08 0xa0403c0a Saved Inner Digest bytes 19:16 (E)
Result Descriptor

[7:6] SA bus ID at “01”

4.3. Basic Hash operation MD5.

RFC1321 Appendix A5 test suite: MD5 ("message digest") = f96b697d7cb7938d525a2f31aaf161d0
First byte is 0xf9 (msb).
Translation of “message digest” to hexadecimal notation with ASCII table:
6d657373 61676520 64696765 7374
Packet Descriptor

[7:6] SA bus ID at “01”
4 0x0414c 0x0040000e [19:0] PE Length is 14 bytes
SA-Record

[15:12] MD5 algorithm
[15] SA revision 1
: : :
: : :
Packet Data

0 0x00f04 0x7373656d First 32-bit word of data
1 0x00f08 0x20656761 Second 32-bit word of data
2 0x00f0c 0x65676964 Third 32-bit word of data
3 0x00f10 0xXXXX7473 Last 16 bit of data

Input Buffer0 [31:0] 0x7373656d Data in input buffer location 0
Input Buffer3 [31:0] 0xXXXX7473 Data in input buffer location 3

Hash Data In [511:0] 0x7373656d 0x20656761

(Block 0) 0x65676964 0xXXXX7473
Result Digest [127:0] 0x7d696bf9 0x8d93b77c
0x312f5a52 0xd061f1aa
In Table 36 the value of Block 0 and Block 1 inside the Hash Data In register is set to ‘X’ after the last
valid data byte. In the EIP-94C these Hash Data In fields are filled with the padding data that is required
by the MD5 algorithm.
SA-State Record

: : : :
5 0x00df8 0x7d696bf9 Saved Inner Digest bytes 3:0 (A)
6 0x00dfc 0x8d93b77c Saved Inner Digest bytes 7:4 (B)
7 0x00e00 0x312f5a52 Saved Inner Digest bytes 11:8 (C)
8 0x00e04 0xd061f1aa Saved Inner Digest bytes 15:12 (D)
Result Descriptor

[7:6] SA bus ID at “01”

4.4. ESP Outbound operation Triple DES CBC Mode & Hash MD5.
This example describes an ESP Outbound transformation where the following keys, IV and plaintext is
input for the Packet Engine. The Outbound process is described in 4.4.1..
Triple-DES key 1: 37AE5EBF 46dFF2DC

Triple-DES key 2: 0754B94F 31CBB385
Triple-DES key 3: 5E7Fd36D C870BFAE
IV: 3d1de3cc 132e3b65
PLAINTEXT: 84401f78 fe6c1087 6d8ea230 94ea5309

CIPHERTEXT 7b1f7c7e 3b1c948e bd04a75f fba7d2f5
4.4.1. ESP Outbound operation
Packet Descriptor

[7:6] SA bus ID at “01”
1 0x04140 0x00000EFC [31:0] PE Source address
SA-Record for outbound ESP packet

0 0x001e4 0x31580110 [0] ESP Outbound operation group
[7:6] ESP Crypto padding
[11:8] Triple-DES algorithm
[25:24] IV loading from input buffer
[28] Save IV to State-Record
1 0x001e8 0x00028140 [7:6] State-Record bus ID “01”
[31,9:8] Crypt mode CBC
[15] SA revision 1
[23:16] Hash/Crypt offset is 4 words (for IV, SA pointer)
2 0x001ec reserved
3 0x001f0 reserved
4 0x001f4 0xBF5EAE37 [31:0] Lower 32-bits of Key1
5 0x001f8 0XDCF2DF46 [31:0] Upper 32-bits of Key1
6 0x001fc 0X4FB95407 [31:0] Lower 32-bits of Key2
7 0x00200 0X85B3CB31 [31:0] Upper 32-bits of Key2
8 0x00204 0X6DD37F5E [31:0] Lower 32-bits of Key3
9 0x00208 0XAEBF70C8 [31:0] Upper 32-bits of Key3
: : :
22 0x00023c 0x44332211 [31:0] Security Parameter Index
23 0x000240 0x00000001 [31:0] Sa seq no
24 0x000244 0x00000001 [31:0] Seq no mask l

25 0x000248 0x00000000 [31:0] Seq no mask h

: : :
27 0x000250 0x00000DE4 [31:0] Pointer to sa state record
: : : :
This ESP operation is the first for this data, so the state record does not contain any useful data.
Packet Data

0 0x000efc 0xCCE31D3D [31:0] Lower 32-bits of IV
1 0x000f00 0x653B2E13 [31:0] Upper 32-bits of IV
2 0x000f04 0x781F4084 [31:0] Lower 32-bits of first Plaintext block
3 0x000f08 0x87106CFE [31:0] Upper 32-bits of first Plaintext block
4 0x000f0c 0x30A28E6D [31:0] Lower 32-bits of second Plaintext block
5 0x000f10 0x0953EA94 [31:0] Upper 32-bits of second Plaintext block

Input Buffer0 [31:0] 0x781F4084 Data in input buffer location 0
Input Buffer1 [31:0] 0x87106CFE Data in input buffer location 1
Key1 [63:0] 0x37AE5EBF46dFF2DC Keys swapped to big-endian format for DES
Key2 [63:0] 0x0754B94F31CBB385 Keys swapped to big-endian format for DES
Key3 [63:0] 0x5E7Fd36DC870BFAE Keys swapped to big-endian format for DES
IV [63:0] 0x653B2E13CCE31D3D IV not swapped
DES Data In [63:0] 0xB95DFCB4ED422BE2 Data swapped to big-endian format for DES
DES Data Out [63:0] 0x7b1f7c7e3b1c948e Data swapped to big endian format from DES
Output Buffer0 [31:0] 0x7E7C1F7B Data in output buffer location 0
Output Buffer1 [31:0] 0x8E941C3B Data in output buffer location 1
Table 42. Data in Packet Engine for first TDES block.

Input Buffer0 [31:0] 0x30A28E6D Data in input buffer location 0
Input Buffer1 [31:0] 0x0953EA94 Data in input buffer location 1
IV [63:0] 0x8E941C3B7E7C1F7B IV not swapped
DES Data In [63:0] 0x1691DE4EAFF6C787 Data swapped to big-endian format for DES
DES Data Out [63:0] 0xbd04a75ffba7d2f5 Data swapped to big endian format from DES
Output Buffer0 [31:0] 0x5FA704BD Data in output buffer location 0
Output Buffer1 [31:0] 0xF5D2A7FB Data in output buffer location 1
Table 43. Data in Packet Engine for second TDES block.

Pad data [63:0] 0x0006060504030201 Data in input buffer location 0 (padding)
IV [63:0] 0xF5D2A7FB5FA704BD IV not swapped

DES Data In[63:0] 0xBC06A45BFEA1D4F5 Data swapped to big-endian format for DES
DES Data Out [63:0] 0xA3414FC01BF0D3BB Data swapped to big endian format from DES
Output Buffer0 [31:0] 0xc04f41a3 Data in output buffer location 0
Output Buffer1 [31:0] 0xbbd3f01b Data in output buffer location 1
Table 44. Data in Packet Engine for third TDES block.
Result Data

0 0x0481c 0x11223344 [31:0] Security Parameter Index
1 0x04820 0x02000000 [31:0] Sequence number
2 0x04824 0xCCE31D3D [31:0] Lower 32-bits of IV
3 0x04828 0x653B2E13 [31:0] Upper 32-bits of IV
4 0x0482c 0x7E7C1F7B [31:0] Lower 32-bits of Ciphertext block 0
5 0x04830 0x8E941C3B [31:0] Upper 32-bits of Ciphertext block 0
6 0x04834 0x5FA704BD [31:0] Lower 32-bits of Ciphertext block 1
7 0x04838 0xF5D2A7FB [31:0] Upper 32-bits of Ciphertext block 1
8 0x0483C 0xc04f41a3 [31:0] Lower 32-bits of Ciphertext block 2
9 0x04840 0xbbd3f01b [31:0] Upper 32-bits of Ciphertext block 2
10 0x04844 0xe7243cce [31:0] ICV block [95:64]
11 0x04848 0xB1E6F789 [31:0] ICV block [63:32]
12 0x0484C 0xFE4860B5 [31:0] ICV block [31:0]
Table 45. Result Data.
Updates to SA-Record for outbound ESP packet

: : :
23 0x000240 0x00000002 [31:0] Sequence number incremented by 1.
: : : :
Table 46. Updated SA-Record.
SA-State Record

0 0x00de4 0xc04f41a3 [31:0] Lower 32-bits of IV
1 0x00de8 0x920697de [31:0] Upper 32-bits of IV
: : : :
4 0x00df4 0x00000068 [31:0] Saved hash byte count
5 0x00df8 0xe7243cce [31:0] Saved inner digest byte[3:0]
6 0x00dfc 0xb1e6f789 [31:0] Saved inner digest byte[7:4]
7 0x00e00 0xfe4860b5 [31:0] Saved inner digest byte[11:8]
8 0x00e04 0xb648ee26 [31:0] Saved inner digest byte[15:12]
: : : :
Table 47. Updated SA-State Record for ESP outbound packet.
Result Descriptor

[7:6] SA bus ID at “01”
1 0x043c0 0x00000EFC [31:0] PE Source address



Appendix A. Extra Hashing Examples
This appendix includes an example of the MAC-SHA-1 and MAC-MD5 operation.
4.5. MAC-SHA-1
Text
0x11223344 0x55667788 0x99
Initial Inner Digest

0xf210b349 0x0130741a 0xbf8877f4 0xfb71eec2
Initial Outer Digest

0x7a35deb9 0x32c64907 0x19c17b13 0xbb950368
Output MAC-SHA1(Key, Text) (20-byte)

0x25bdcc3b 0x98f8ecc7 0xbf6b0ee7 0x85711e93
0xec2b1864

Initial
Inner Digest A[31:0] 0xf210b349
Inner Digest B[31:0] 0x0130741a
Inner Digest C[31:0] 0xbf8877f4
Inner Digest D[31:0] 0xfb71eec2
Inner Digest E[31:0] 0x00000000
Outer Digest A[31:0] 0x7a35deb9
Outer Digest B[31:0] 0x32c64907
Outer Digest C[31:0] 0x19c17b13
Outer Digest D[31:0] 0xbb950368
Outer Digest E[31:0] 0x00000000
Final
Inner Digest A[31:0] 0x3bccbd25
Inner Digest B[31:0] 0xc7ecf898
Inner Digest C[31:0] 0xe70e6bbf
Inner Digest D[31:0] 0x931e7185
Inner Digest E[31:0] 0x64182bec
MAC [31:0] 0x25bdcc3b ICV [31:0]
MAC [63:32] 0x98f8ecc7 ICV [63:32]
MAC [95:64] 0xbf6b0ee7 ICV [95:64]
MAC [127:96] 0x85711e93 ICV [127:96]
MAC [159:128] 0xec2b1864 ICV [159:128]
Note that resulting data in MAC registers is appended to the final SSL packet. In the Memory Map the
registers are called MAC registers whereas internally in the RTL code the registers are called ICV.

4.6. MAC-MD5
Text
0x11223344 0x55667788 0x99
Initial Inner Digest

0xf210b349 0x0130741a 0xbf8877f4 0xfb71eec2
Initial Outer Digest

0x7a35deb9 0x32c64907 0x19c17b13 0xbb950368
Output MAC-MD5(Key, Text) (16-byte)

0x8a46bdc8 0x98d26831 0xf4210d5b 0x2cf9eb27

Initial
Inner Digest A[31:0] 0xf210b349
Inner Digest B[31:0] 0x0130741a
Inner Digest C[31:0] 0xbf8877f4
Inner Digest D[31:0] 0xfb71eec2
Inner Digest E[31:0] 0x00000000
Outer Digest A[31:0] 0x7a35deb9
Outer Digest B[31:0] 0x32c64907
Outer Digest C[31:0] 0x19c17b13
Outer Digest D[31:0] 0xbb950368
Outer Digest E[31:0] 0x00000000
Final
Inner Digest A[31:0] 0x2cf9eb27 Data swapped to big-endian format for Hash
Inner Digest B[31:0] 0xf4210d5b
Inner Digest C[31:0] 0x98d26831
Inner Digest D[31:0] 0x8a46bdc8
Inner Digest E[31:0] 0xb2c40c6e*
MAC[31:0] 0x2cf9eb27 ICV [31:0]
MAC[63:32] 0xf4210d5b ICV [63:32]
MAC [95:64] 0x98d26831 ICV [95:64]
MAC [127:96] 0x8a46bdc8 ICV [127:96]
MAC [159:128] 0x6e0cc4b2* ICV [159:128]
*Not used for MD5

Note that resulting data in MAC registers is appended to the final SSL packet. In the Memory Map the
registers are called MAC registers whereas internally in the RTL code the registers are called ICV.


EIP-94 SA Record v2.1

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

EIP-94 SA Record v2.1

Uploaded by

Copyright:

Available Formats

SafeNet, Inc.

© 2003 SafeNet, Inc.

For Further Information:

SafeNet BV SafeNet , Inc.

Rev Page(s) Date Author Purpose of Revision

* Proprietary and Confidential Information * - ii - Rev 2.1

TABLE OF CONTENTS .........................................................................................................................III

3. SA-RECORD AND STATE RECORD ............................................................................................ 8

* Proprietary and Confidential Information * - iii - Rev 2.1

1.2. Acronyms, abbreviations and definitions

3DES Triple DES

* Proprietary and Confidential Information * -4- Rev 2.1

1.3.1. Network Byte Order

Table 2. Significance of Bits

When a byte steam is described like:

1.3.2. EIP-94C Configuration

AHB Interface Byte Lane EIP-94C Memory bytes locations

* Proprietary and Confidential Information * -5- Rev 2.1

* Proprietary and Confidential Information * -6- Rev 2.1

* Proprietary and Confidential Information * -7- Rev 2.1

3. SA-Record and State Record

The EIP-94C SA-Record and SA-State Record are shown in Figure 1.

AES/DES IPsec & Basic Mode (Rev 1)

Word 4 Key1 bytes 3:0 17-20

Word 5 Key1 bytes 7:4 21-24

Word 6 Key2 bytes 3:0 25-28

Word 8 Key3 bytes 3:0 33-36

Word 0 Saved IV bytes 3:0 1-4 Word 0

Saved IV bytes 7:4

Figure 1. EIP-94C Revision 1 SA Record

* Proprietary and Confidential Information * -8- Rev 2.1

Word Field Description

* Proprietary and Confidential Information * -9- Rev 2.1

Nonce byte3 = AHB[31:24]

* Proprietary and Confidential Information * - 10 - Rev 2.1

Word Field Description

Word Field Description

* Proprietary and Confidential Information * - 11 - Rev 2.1

3.1. Autonomous Ring Mode versus Host Direct Mode

Word Field Mode Type Logical Value AHB Bus Format

HOST_DIRECT Bit_mask AHB Slave Bus[31:0] =

12-16 Inner Digest AUTO_RING Word field AHB Master Bus[31:0] =

HOST_DIRECT Word field AHB Slave Bus[31:0] =

17-21 Outer Digest AUTO_RING Byte Stream AHB Master Bus[31:0] =

HOST_DIRECT Word field AHB Slave Bus[31:0] =

22 SPI AUTO_RING Word field AHB Master Bus[31:0] =

HOST_DIRECT Word field AHB Slave Bus[31:0] =

23 Sequence Number AUTO_RING Word field AHB Master Bus[31:0] =

HOST_DIRECT Word field AHB Slave Bus[31:0] =

24 Sequence Number AUTO_RING Word field AHB Master Bus[31:0] =

HOST_DIRECT Word field AHB Slave Bus[31:0] =

25 Sequence Number AUTO_RING Word field AHB Master Bus[31:0] =

* Proprietary and Confidential Information * - 12 - Rev 2.1

HOST_DIRECT Word field AHB Slave Bus[31:0] =

26 Nonce AUTO_RING Byte Stream AHB Master Bus[31:0] =

27 Pointer to State AUTO_RING memory AHB Master Bus[31:0] =

HOST_DIRECT not used not used

28 Saved ARC4 AUTO_RING 2 byte AHB Master Bus[31:0] =

HOST_DIRECT 2 byte AHB Slave Bus[31:0] =

29 Pointer to AUTO_RING memory AHB Master Bus[31:0] =

HOST_DIRECT not used not used

Word Field Mode Type Logical Value AHB Bus Format

4 Saved Hash Byte HOST_DIRECT Word field AHB Slave Bus[31:0] =

5-9 Initial and AUTO_RING Word field AHB Master Bus[31:0] =