Section 49. Crypto Engine and Random Number ... - Microchip

Section 49. Crypto Engine and Random Number Generator (RNG) HIGHLIGHTS This section of the manual contains the following major topics: 49.1 Introduction .................................................................................................................. 49-2 49.2 Control Registers ......................................................................................................... 49-4 49.3 Crypto Engine Buffer Descriptors .............................................................................. 49-22 49.4 Crypto Engine Security Association Structure ........................................................... 49-26 49.5 Crypto Engine Operation ........................................................................................... 49-33 49.6 Crypto Engine Interrupts ............................................................................................ 49-40 49.7 Random Number Generator Operation...................................................................... 49-42 49.8 Random Number Generator Interrupts ...................................................................... 49-43 49.9 Effects of Various Resets ........................................................................................... 49-43 49.10 Operation in Power-Saving Modes ............................................................................ 49-43 49.11 Related Application Notes.......................................................................................... 49-44 49.12 Revision History ......................................................................................................... 49-45

49 Crypto Engine and Random Number Generator (RNG)

© 2013-2015 Microchip Technology Inc.

DS60001246B-page 49-1

PIC32 Family Reference Manual Note:

This family reference manual section is meant to serve as a complement to device data sheets. Depending on the device variant, this manual section may not apply to all PIC32 devices. Please consult the note at the beginning of the “Crypto Engine and Random Number Generator (RNG)” chapter in the current device data sheet to check whether this document supports the device you are using. Device data sheets and family reference manual sections are available for download from the Microchip Worldwide Web site at: http://www.microchip.com

49.1

INTRODUCTION 49.1.1

Crypto Engine Features

The Crypto Engine is intended to accelerate applications that need cryptographic functions. By executing these functions in the hardware module, software overhead is reduced, and actions such as encryption, decryption, and authentication can execute much more quickly. The Crypto Engine uses a descriptor-based DMA for efficient programming of the security association data and packet pointers (allowing scatter/gather data fetching). An intelligent state machine schedules the Crypto Engine based on the protocol selection and packet boundaries. The hardware engines can perform the encryption and authentication in sequence or in parallel. Key features of the Crypto Engine include: priority • Bulk ciphers and hash engines • Integrated DMA to off-load processing: - Buffer descriptor-based - Security Association per Buffer Descriptor • Some functions can execute in parallel Bulk ciphers that are handled by the Crypto Engine include: • AES: - 128-bit, 192-bit, and 256-bit key sizes - CBC, ECB, CTR, CFB, and OFB modes • DES/TDES: - CBC, ECB, CFB, and OFB modes Authentication engines that are available through the Crypto Engine include: SHA-1 SHA-256 MD-5 AES-GCM HMAC operation (for all authentication engines)

Figure 49-1:

System Bus

SFR System Bus

DS60001246B-page 49-2

Crypto Engine Block Diagram

INB FIFO

Packet RD

DMA Controller

Crypto FSM

OUTB FIFO

Packet WR

AES

Local Bus

• • • • •

TDES

SHA-1/256

MD5


Section 49. Crypto Engine and Random Number Generator (RNG) 49.1.2

Random Number Generator (RNG) Features

The Random Number Generator (RNG) core implements a thermal noise-based, True Random Number Generator (TRNG) and a cryptographically secure Pseudo-Random Number Generator (PRNG). The TRNG uses multiple ring oscillators and the inherent thermal noise of integrated circuits to generate true random numbers that can initialize the PRNG. The PRNG is a flexible LSFR, which is capable of manifesting a maximal length LFSR of up to 64-bits. The following are some of the key features of the RNG: • TRNG: - Up to 25 Mbps of random bits - Multi-Ring Oscillator-based design - Built in Bias Corrector • PRNG: - LSFR-based - Up to 64-bit polynomial length - Programmable polynomial - TRNG can be seed value Figure 49-2:

Random Number Generator Block Diagram

System Bus Target

SFR

PRNG

49 TRNG

Crypto Engine and Random Number Generator (RNG)

Bias Corrector

Edge Comparator

Ring Oscillator


Ring Oscillator

DS60001246B-page 49-3

PIC32 Family Reference Manual 49.2

CONTROL REGISTERS The Crypto Engine and RNG for PIC32 devices contain the following Special Function Registers (SFRs): • CEVER: Crypto Engine Revision, Version, and ID Register This read-only register contains version information for the Crypto Engine core. • CECON: Crypto Engine Control Register This register controls the Crypto Engine, enabling and disabling DMA and the Buffer Descriptor Processor. • CEBDADDR: Crypto Engine Buffer Descriptor Register This read-only register contains the address of the current Buffer Descriptor the Buffer Descriptor Processor is processing • CEBDPADDR: Crypto Engine Buffer Descriptor Processor Register This register controls the address from which the DMA starts fetching Buffer Descriptors. • CESTAT: Crypto Engine Status Register This read-only register contains the current status of the Crypto Engine. • CEINTSRC: Crypto Engine Interrupt Source Register This register indicates what triggered an interrupt from the Crypto Engine core. Possible sources include DMA, an empty TX Buffer Descriptor, or a DMA packet completion. • CEINTEN: Crypto Engine Interrupt Enable Register This register controls which interrupts are enabled/disabled from the Crypto Engine core. • CEPOLLCON: Crypto Engine Poll Control Register This register controls how long the Buffer Descriptor Processor will wait before refetching a descriptor control word if the previous descriptor fetched was disabled. • CEHDLEN: Crypto Engine Header Length Register This register controls how much data in a packet should be unchanged before filling the data. • CETRLLEN: Crypto Engine Trailer Length Register This register controls how much data should be unchanged at the end of a packet. • CEDTXSTAT: Crypto Engine DTX Debug Status Register This read -only register indicates the status of the outgoing FIFO in the Crypto Engine. • CEDRXSTAT: Crypto Engine DRX Debug Status Register This read-only register indicates the status of the incoming FIFO in the Crypto Engine. • RNGVER: Random Number Generator ID, Version, and Revision Register This register read-only register contains version information for the RNG core. • RNGCON: Random Number Generator Control Register This register controls the RNG, enabling and disabling the TRNG and RNG, transferring the seed value from the TRNG to the PRNG, and enabling continuous pseudo-random number generation. • RNGPOLY1: Random Number Generator Polynomial Register 1 This register controls the Least Significant Byte 32-bits of the polynomial, which generates the pseudo-random bit. • RNGPOLY2: Random Number Generator Polynomial Register 2 This register controls the Most Significant Byte 32-bits of the polynomial which generates the pseudo-random bit.

DS60001246B-page 49-4


Section 49. Crypto Engine and Random Number Generator (RNG) • RNGNUMGEN1: Random Number Generator Pseudo-Random Number Generator Register 1 This register contains the Least Significant Byte 32-bits of the current random number in the PRNG. It may be written to set an initial seed value for the PRNG. • RNGNUMGEN2: Random Number Generator Pseudo-Random Number Generator Register 2 This register contains the Most Significant Byte 32-bits of the current random number in the PRNG. It may be written to set an initial seed value for the PRNG. • RNGSEED1: True Random Number Generator Seed Register 1 This read-only register contains the Least Significant Byte 32-bits of the TRNG. • RNGSEED2: True Random Number Generator Seed Register 2 This read-only register contains the Most Significant Byte 32-bits of the TRNG. • RNGRCNT: True Random Number Generator Count Register This read-only register indicates the number of valid bits in the TRNG registers, RNGSEEDx. To ensure randomness, developers should not use the RNGSEEDx registers until this register reaches the appropriate value for the number of bits desired.



DS60001246B-page 49-5

Table 49-1:

Crypto Engine SFR Summary

Name CEVER

Bit 31/15

Bit 30/14

Bit 29/13

31:16

Bit 28/12

Bit 27/11

Bit 26/10

Bit 25/9

CEBDADDR

31:16

—

—

—

—

—

—

—

—

15:0

—

—

—

—

—

—

—

—

31:16

ERRMODE

ERROP

—

—

SWAPOEN SWRST

ERRPHASE

Bit 17/1

—

—

Bit 16/0

—

—

—

SWAPEN

—

—

BDPCHST BDPPLEN

— DMAEN

—

—

BDSTATE

START

ACTIVE

BDCTRL

31:16

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

15:0

—

—

—

—

—

—

—

—

—

—

—

—

AREIF

PKTIF

CBDIF

PENDIF

31:16

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

15:0

—

—

—

—

—

—

—

—

—

—

—

—

AREIE

PKTIE

CBDIE

PENDIE

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

15:0

BDPPLCON

31:16

—

—

—

—

—

—

—

—

15:0

—

—

—

—

—

—

—

—

31:16

—

—

—

—

—

—

—

—

15:0

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

—

DTXBLEN

—

—

—

—

—

DRXBLEN

CEDTXSTAT 31:16


15:0 CEDRXSTAT 31:16

—

HDRLEN —

—

—

—

—

—

— = unimplemented, read as ‘0’.

—

—

—

—

—

DTXBLEN

—

TRLRLEN

DTXBLEN

15:0 Legend:

Bit 118/2

BASEADDR

31:16

CEPOLLCON 31:16

CETRLLEN

Bit 19/3

BDPADDR

15:0

CEHDLEN

Bit 20/4

BASEADDR

15:0

CEINTEN

Bit 21/5

BDPADDR

CEBDPADDR 31:16

CEINTSRC

Bit 22/6

ID

15:0

CESTAT

Bit 23/7

VERSION

15:0 CECON

Bit 24/8

REVISION

DTXSTATE DRXSTATE

PIC32 Family Reference Manual

DS60001246B-page 49-6

Table 49-1 and Table 49-2 provide brief summaries of the related Crypto Engine and RNG registers. Corresponding registers appear after the summary, followed by a detailed description of each bit.

Random Number Generator SFR Summary

Name RNGVER

Bit 31/15

Bit 30/14

Bit 29/13

RNGPOLY1

Bit 27/11

Bit 26/10

Bit 25/9

31:16

Bit 24/8

Bit 23/7

Bit 22/6

Bit 21/5

—

—

—

VERSION

Bit 19/3

Bit 118/2

Bit 17/1

Bit 16/0

—

—

—

—

—

—

REVISION

31:16

—

—

—

—

—

—

15:0

—

—

—

LOAD

—

CONT

—

—

PRNGEN TRNGEN

31:16

—

—

— PLEN

POLY1

15:0

POLY1

RNGPOLY2

31:16

POLY2

15:0

POLY2

RNG1

31:16

RNG1

15:0

RNG1

RNG2

31:16

RNG2

15:0

RNG2

RNGSEED1

31:16

RDATA1

15:0

RDATA1

RNGSEED2

31:16

RDATA2

RNGRCNT

31:16

—

—

—

—

—

—

—

—

—

15:0

—

—

—

—

—

—

—

—

—

15:0

Legend:

Bit 20/4

ID

15:0 RNGCON

Bit 28/12

RDATA2

— = unimplemented, read as ‘0’.

—

—

—

— RCNT

DS60001246B-page 49-7

Section 49. Crypto Engine and Random Number Generator (RNG)


Table 49-2:

49


PIC32 Family Reference Manual Register 49-1: Bit Range 31:24 23:16 15:8 7:0

CEVER: Crypto Engine Revision, Version, and ID Register

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

R-0

R-0

R-0

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

REVISION R-0

R-0

R-0

R-0

R-0

VERSION R-0

R-0

R-0

R-0

ID R-0

R-0

R-0

R-0

ID

Legend: R = Readable bit

W = Writable bit

U = Unimplemented bit, read as ‘0’

-n = Value at POR

‘1’ = Bit is set

‘0’ = Bit is cleared

x = Bit is unknown

bit 31-24 REVISION: Crypto Engine Revision bits bit 23-16 VERSION: Crypto Engine Version bits bit 15-0

ID: Crypto Engine Identification bits

DS60001246B-page 49-8


Section 49. Crypto Engine and Random Number Generator (RNG) Register 49-2: Bit Range 31:24 23:16 15:8 7:0

CECON: Crypto Engine Control Register

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

R/W-0

R/W-0

R/W-0

U-0

U-0

R/W-0

R/W-0

R/W-0

SWAPOEN(1)

SWRST

SWAPEN

—

—

BDPCHST

BDPPLEN

DMAEN


W = Writable bit


-n = Value at POR



x = Bit is unknown

bit 31-8 Unimplemented: Read as ‘0’ SWAPOEN: Output Data Swap Enable bit(1) 1 = Output data is byte swapped when read by dedicated DMA 0 = Output data is not byte swapped when read by dedicated DMA

bit 6

SWRST: Software Reset bit 1 = Initiate a software Reset of the Crypto Engine 0 = Normal operation

bit 5

SWAPEN: Input Data Swap Enable bit 1 = Input data is byte swapped when read by dedicated DMA 0 = Input data is not byte swapped when read by dedicated DMA

bit 4-3

Unimplemented: Read as ‘0’

bit 2

BDPCHST: Buffer Descriptor Processor Fetch Enable bit This bit should be enabled only after all DMA descriptor programming is completed. 1 = Buffer Descriptor Processor descriptor fetch is enabled 0 = Buffer Descriptor Processor descriptor fetch is disabled

bit 1

BDPPLEN: Buffer Descriptor Processor Poll Enable bit This bit should be enabled only after all DMA descriptor programming is completed. 1 = Poll for descriptor until valid bit is set 0 = Do not poll

bit 0

DMAEN: DMA Enable bit 1 = Crypto Engine DMA is enabled 0 = Crypto Engine DMA is disabled

Note 1:

49

This bit is not available on all devices. Refer to the “Crypto Engine and RNG” chapter in the specific device data sheet to determine availability.


DS60001246B-page 49-9


bit 7

PIC32 Family Reference Manual Register 49-3: Bit Range

CEBDADDR: Crypto Engine Buffer Descriptor Register

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

R-0

R-0

R-0

31:24

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

BDPADDR R-0

23:16

R-0

R-0

R-0

R-0

BDPADDR R-0

15:8

R-0

R-0

R-0

R-0

BDPADDR R-0

7:0

R-0

R-0

R-0

R-0

BDPADDR


W = Writable bit


-n = Value at POR



bit 31-0

BDPADDR: Current Buffer Descriptor Process Address Status bits These bits contain the current descriptor address that is being processed by the Buffer Descriptor Processor.

Register 49-4: Bit Range 31:24 23:16 15:8 7:0

x = Bit is unknown

CEBDPADDR: Crypto Engine Buffer Descriptor Processor Register

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

BASEADDR R/W-0

R/W-0

BASEADDR R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

BASEADDR R/W-0

R/W-0

BASEADDR


W = Writable bit


-n = Value at POR



bit 31-0

x = Bit is unknown

BASEADDR: DMA Base Address Status bits These bits contain the base address of the DMA controller. After a reset, a fetch starts from this address.

DS60001246B-page 49-10


Section 49. Crypto Engine and Random Number Generator (RNG) Register 49-5: Bit Range 31:24

CESTAT: Crypto Engine Status Register

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

R-0

R-0

R-0

R-0

ERRMODE

23:16 15:8

U-0

U-0

—

—

R-0

R-0

Bit 27/19/11/3

Bit 26/18/10/2

R-0

R-0

ERROP R-0

R-0

R-0

R-0

R-0

Bit 24/16/8/0

R-0

R-0

ERRPHASE R-0

R-0

R-0

START

ACTIVE

R-0

R-0

R-0

R-0

R-0

R-0

BDSTATE R-0

Bit 25/17/9/1

BDCTRL R-0

7:0

R-0

R-0

R-0

R-0

BDCTRL

Legend: R = Readable bit -n = Value at POR

W = Writable bit ‘1’ = Bit is set

U = Unimplemented bit, read as ‘0’ ‘0’ = Bit is cleared x = Bit is unknown

bit 31-29 ERRMOD: Internal Error Mode Status bits 111 = Reserved • • •

bit 28-26

bit 25-24

• • •

bit 17

bit 16

bit 15-0

0111 = Reserved 0110 = Security Association fetch 0101 = Fetch Buffer Descriptor Processor is disabled 0100 = Descriptor is done 0011 = Data phase 0010 = Buffer Descriptor Processor is loading 0001 = Descriptor fetch request is pending 0000 = Buffer Descriptor Processor is idle START: DMA Start Status bit 1 = DMA start has occurred 0 = DMA start has not occurred ACTIVE: Buffer Descriptor Processor Status bit 1 = Buffer Descriptor Processor is active 0 = Buffer Descriptor Processor is idle BDCTRL: Descriptor Control Word Status bits These bits contain the current descriptor control word.


DS60001246B-page 49-11


bit 23-22 bit 21-18

001 = Reserved 000 = Normal operation ERROP: Internal Error Operation Status bits 111 = Reserved 110 = Reserved 101 = Reserved 100 = Authentication 011 = Reserved 010 = Decryption 001 = Encryption 000 = Reserved ERRPHASE: Internal Error Phase of DMA Status bits 11 = Destination data 10 = Source data 01 = Security Association access 00 = Buffer Descriptor access Unimplemented: Read as ‘0’ BDSTATE: Buffer Descriptor Processor State Status bits These bits contain a number, which indicates the current state of the Buffer Descriptor Processor: 1111 = Reserved

PIC32 Family Reference Manual Register 49-6: Bit Range 31:24 23:16 15:8 7:0

CEINTSRC: Crypto Engine Interrupt Source Register

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

—

—

—

—

Legend:

R-0, HS (1)

AREIF

R-0, HS (1)

PKTIF

R-0, HS (1)

CBDIF

— R-0, HS (1)

PENDIF

HS = Set by hardware

R = Readable bit

W = Writable bit


-n = Value at POR



x = Bit is unknown

bit 31-4


bit 3

AREIF: Access Response Error Interrupt bit(1) 1 = The Crypto Engine attempted to access an invalid memory location 0 = No error has occurred

bit 2

PKTIF: DMA Packet Completion Interrupt Status bit(1) 1 = DMA packet was completed 0 = DMA packet was not completed

bit 1

CBDIF: Buffer Descriptor Transmit Status bit(1) 1 = Last Buffer Descriptor transmit was processed 0 = Last Buffer Descriptor transmit has not been processed

bit 0

PENDIF: Crypto Engine Interrupt Pending Status bit(1) 1 = Crypto Engine interrupt is pending (this value is the result of an OR of all interrupts in the Crypto Engine) 0 = Crypto Engine interrupt is not pending

Note 1:

Write a '1' to this bit to clear the interrupt.

DS60001246B-page 49-12



CEINTEN: Crypto Engine Interrupt Enable Register

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

R/W-0

R/W-0

R/W-0

R/W-0

—

—

—

—

AREIE

PKTIE

BDPIE

PENDIE(1)


W = Writable bit


-n = Value at POR



x = Bit is unknown

bit 31-4


bit 3

AREIE: Access Response Error Interrupt Enable bit 1 = Access response error interrupts are enabled 0 = Access response error interrupts are not enabled

bit 2

PKTIE: DMA Packet Completion Interrupt Enable bit 1 = DMA packet completion interrupts are enabled 0 = DMA packet completion interrupts are not enabled

bit 1

BDPIE: DMA Buffer Descriptor Processor Interrupt Enable bit 1 = Buffer Descriptor Processor interrupts are enabled 0 = Buffer Descriptor Processor interrupts are not enabled

bit 0

PENDIE: Master Interrupt Enable bit(1) 1 = Crypto Engine interrupts are enabled 0 = Crypto Engine interrupts are not enabled

Note 1:

The PENDIE bit is a Global enable bit and must be enabled together with the other interrupts desired.



DS60001246B-page 49-13

PIC32 Family Reference Manual Register 49-8: Bit Range

CEPOLLCON: Crypto Engine Poll Control Register

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

31:24 23:16 15:8

BDPPLCON R/W-0

7:0

R/W-0

R/W-0

R/W-0

R/W-0

BDPPLCON


W = Writable bit


-n = Value at POR



x = Bit is unknown

bit 31-16 Unimplemented: Read as ‘0’ bit 15-0

BDPPLCON: Buffer Descriptor Processor Poll Control bits These bits determine the number of cycles that the DMA transmit Buffer Descriptor Processor would wait before refetching the descriptor control word if the previous descriptor fetched was disabled.

Register 49-9: Bit Range 31:24 23:16 15:8 7:0

CEHDLEN: Crypto Engine Header Length Register

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

HDRLEN


W = Writable bit


-n = Value at POR



bit 31-8


bit 7-0

HDRLEN: DMA Header Length bits For every packet, leave this length of locations and start filling the data.

DS60001246B-page 49-14

x = Bit is unknown


Section 49. Crypto Engine and Random Number Generator (RNG) Register 49-10: CETRLLEN: Crypto Engine Trailer Length Register Bit Range 31:24 23:16 15:8 7:0

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

TRLRLEN


W = Writable bit


-n = Value at POR



bit 31-8


bit 7-0

TRLRLEN: DMA Trailer Length bits For every packet, leave this length of locations and start putting the next packet.

x = Bit is unknown

Register 49-11: CEDTXSTAT: Crypto Engine DTX Debug Status Register Bit Range 31:24 23:16 15:8

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

R-0

R-0

R-0

R-0

—

—

—

—

R-0

R-0

R-0

R-0

DTXBLEN R-0

R-0

R-0

R-0

R-0

R-0

R-0

DTXBLEN R-0

R-0

R-0

R-0

DTXBLEN

DTXSTATE


W = Writable bit


-n = Value at POR



x = Bit is unknown


DTXBLEN: Current DMA Transmit Buffer Length Debug Status bits

bit 3-0

DTXSTATE: Current DMA Transmit States Debug Status bits 1111 = Reserved • • •

0110 = Reserved 0101 = Transmitting to internal Crypto Engine Memory 0100 = Reserved 0011 = Wait 0010 = Reserved 0001 = Reserved 0000 = Idle


DS60001246B-page 49-15


7:0

R-0

PIC32 Family Reference Manual Register 49-12: CEDRXSTAT: Crypto Engine DRX Debug Status Register Bit Range 31:24 23:16 15:8

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

R-0

R-0

R-0

R-0

—

—

—

—

R-0

R-0

R-0

DRXBLEN

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

DTXBLEN R-0

7:0

R-0

R-0

R-0

R-0

DRXBLEN

DRXSTATE


W = Writable bit


-n = Value at POR



x = Bit is unknown


DTXBLEN: Current DMA Receive Buffer Length Debug Status bits

bit 3-0

DTXSTATE: Current DMA Receive States Debug Status bits 1111 = Transaction is in progress • • •

0001 = Transaction is in progress 0000 = Idle

Register 49-13: RNGVER: Random Number Generator ID, Version, and Revision Register Bit Range 31:24 23:16 15:8 7:0

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

ID R-0

R-0

R-0

R-0

ID R-0

R-0

R-0

R-0

R-0

R-0

R-0

VERSION R-0

R-0

REVISION


W = Writable bit


-n = Value at POR



x = Bit is unknown

bit 31-16 ID: Block Identification bits bit 15-8

VERSION: Block Version bits

bit 7-0

REVISION: Block Revision bits

DS60001246B-page 49-16


Section 49. Crypto Engine and Random Number Generator (RNG) Register 49-14: RNGCON: Random Number Generator Control Register Bit Range 31:24 23:16 15:8 7:0

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

R/W-0, HC

U-0

R/W-0

R/W-0

R/W-0

—

—

—

LOAD

—

CONT

PRNGEN

TRNGEN

U-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

—

PLEN

Legend:

HC = Cleared by hardware

R = Readable bit

W = Writable bit


-n = Value at POR



x = Bit is unknown

bit 31-13 Unimplemented: Read as ‘0’ bit 12

LOAD: Device Select bit Setting this bit to ‘1’ loads the seed from the TRNG (i.e., the random value) as a seed to the PRNG. It is cleared automatically by hardware.

bit 11


bit 10

CONT: PRNG Number Shift Enable bit 1 = The PRNG random number is shifted every cycle 0 = The PRNG random number is shifted when the previous value is removed

bit 9

PRNGEN: PRNG Operation Enable bit 1 = PRNG operation is enabled 0 = PRNG operation is not enabled

bit 8

TRNGEN: TRNG Operation Enable bit 1 = TRNG operation is enabled 0 = TRNG operation is not enabled

bit 7

Unimplemented: Read as ‘0’; must always be written as ‘0’

bit 6-0

PLEN: PRNG Polynomial Length bits These bits contain the length of the polynomial used for the PRNG.



49

DS60001246B-page 49-17

PIC32 Family Reference Manual Register 49-15: RNGPOLY1: Random Number Generator Polynomial Register 1 Bit Range 31:24 23:16 15:8 7:0

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

POLY1 R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

POLY1 R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

POLY1 R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

POLY1


W = Writable bit


-n = Value at POR



bit 31-0

x = Bit is unknown

POLY1: PRNG LFSR Polynomial Least Significant Byte bits These bits are reverse-order for the LSFR. Therefore, these bits actually represent bits 0-31 of the LSFR.

Register 49-16: RNGPOLY2: Random Number Generator Polynomial Register 2 Bit Range 31:24 23:16 15:8 7:0

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

POLY2 R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

POLY2 R/W-0

POLY2 R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

POLY2


W = Writable bit


-n = Value at POR



bit 31-0

x = Bit is unknown

POLY2: PRNG LFSR Polynomial Most Significant Byte bits These bits are reverse-order for the LSFR. Therefore, these bits actually represent bits 32-63 of the LSFR.

DS60001246B-page 49-18



RNGNUMGEN1: Random Number Generator Pseudo-Random Number Generator Register 1

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

RNG1 R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

RNG1 R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

RNG1 R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

RNG1


W = Writable bit


-n = Value at POR



bit 31-0

x = Bit is unknown

RNG1: Current PRNG Least Significant Word Value bits

Register 49-18: RNGNUMGEN2: Random Number Generator Pseudo-Random Number Generator Register 2 Bit Range 31:24 23:16 15:8

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

RNG2 R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

RNG2 R/W-0

RNG2 R/W-0

R/W-0

R/W-0

R/W-0

R/W-0

RNG2


W = Writable bit


-n = Value at POR



bit 31-0

x = Bit is unknown

RNG2: Current PRNG Most Significant Word Value bits


DS60001246B-page 49-19


7:0

Bit 31/23/15/7

PIC32 Family Reference Manual Register 49-19: RNGSEED1: True Random Number Generator Seed Register 1 Bit Range 31:24 23:16 15:8 7:0

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

R-0

R-0

R-0

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

RDATA1 R-0

R-0

R-0

R-0

R-0

RDATA1 R-0

R-0

R-0

R-0

R-0

RDATA1 R-0

R-0

R-0

R-0

R-0

RDATA1


W = Writable bit


-n = Value at POR



bit 31-0

x = Bit is unknown

RDATA1: TRNG Least Significant Word bits

Register 49-20: RNGSEED2: True Random Number Generator Seed Register 2 Bit Range 31:24 23:16 15:8 7:0

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

R-0

R-0

R-0

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

RDATA2 R-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

RDATA2 R-0

R-0

RDATA2 R-0

R-0

R-0

R-0

R-0

RDATA2


W = Writable bit


-n = Value at POR



bit 31-0

x = Bit is unknown

RDATA2: TRNG Most Significant Word bits

DS60001246B-page 49-20


Section 49. Crypto Engine and Random Number Generator (RNG) Register 49-21: RNGRCNT: True Random Number Generator Count Register Bit Range 31:24 23:16 15:8 7:0

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

U-0

U-0

U-0

U-0

U-0

U-0

U-0

—

—

—

—

—

—

—

—

U-0

R-0

R-0

R-0

R-0

R-0

R-0

R-0

—

RCNT


W = Writable bit


-n = Value at POR



bit 31-7


bit 6-0

RCNT: Number of Valid TRNG Generated bits When this count reaches 64, a new number is ready in the RNGSEEDx registers.

x = Bit is unknown



DS60001246B-page 49-21


CRYPTO ENGINE BUFFER DESCRIPTORS Host software creates a linked list of Buffer Descriptors and the hardware updates them. Table 49-3 provides a list of the Crypto Engine Buffer Descriptors, followed by format descriptions (see Figure 49-3 through Figure 49-10).

Table 49-3:

Crypto Engine Buffer Descriptors Bit 31/23/15/7

Name BD_CTRL

31:24 DESC_EN 23:16 15:8 7:0

—

Bit 30/22/14/6

Bit 29/21/13/5

—

—

SA_FETCH_EN

—

Bit 28/20/12/4

Bit Bit 27/19/11/3 26/18/10/2

CRY_MODE —

LAST_BD

23:16

BD_SAADDR

15:8

BD_SAADDR BD_SRCADDR

23:16

BD_SRCADDR

15:8

BD_SRCADDR BD_DSTADDR

23:16

BD_DSTADDR

15:8

BD_DSTADDR

7:0

BD_DSTADDR

31:24

BD_NXTADDR

23:16

BD_NXTADDR

15:8

BD_NXTADDR

7:0

BD_NXTADDR

31:24

BD_UPDADDR

23:16

BD_UPDADDR

15:8

BD_UPDADDR

7:0

BD_UPDADDR

BD_MSG_LEN 31:24

MSG_LENGTH

23:16

MSG_LENGTH

15:8

MSG_LENGTH

7:0

MSG_LENGTH

BD_ENC_OFF 31:24

ENCR_OFFSET

23:16

ENCR_OFFSET

15:8

ENCR_OFFSET

7:0

ENCR_OFFSET

DS60001246B-page 49-22

PKT_INT_EN CBD_INT_EN

BD_SRCADDR

BD_DSTADDR 31:24

BD_UPDPTR

—

BD_SAADR

BD_SRCADDR 31:24

BD_NXTPTR

—

BD_BUFLEN BD_SAADDR

7:0

LIFM

Bit 24/16/8/0

BD_BUFLEN

BD_SA_ADDR 31:24

7:0

—

Bit 25/17/9/1


Section 49. Crypto Engine and Random Number Generator (RNG) Figure 49-3:

Format of BD_CTRL

Bit Range

Bit 31/23/15/7

31-24

DESC_EN

—

—

SA_ FETCH_EN

23-16

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

CRY_MODE —

—

LAST_BD

15-8

BD_BUFLEN

7-0

BD_BUFLEN

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

—

—

—

LIFM

PKT_ INT_EN

CBD_ INT_EN

bit 31

DESC_EN: Descriptor Enable 1 = The descriptor is owned by hardware. After processing the BD, hardware resets this bit to ‘0’. 0 = The descriptor is owned by software

bit 30

Unimplemented: Must be written as ‘0’

bit 29-27

CRY_MODE: Crypto Mode 111 = Reserved 110 = Reserved 101 = Reserved 100 = Reserved 011 = CEK operation 010 = KEK operation 001 = Preboot authentication 000 = Normal operation

bit 26-23


bit 22

SA_FETCH_EN: Fetch Security Association From External Memory 1 = Fetch SA from the SA pointer. This bit needs to be set to ‘1’ for every new packet. 0 = User current fetched SA or the internal SA

bit 21-20


bit 19

LAST_BD: Last Buffer Descriptors After the last BD, the BD_PTR goes to the base address in the CSR.

bit 18

LIFM: Last In Frame In case of Receive Packets (from H/W-> Host), this field is filled by the Hardware to indicate whether the packet goes across multiple buffer descriptors. In case of transmit packets (from Host -> H/W), this field indicates whether this BD is the last in the frame.

bit 17

PKT_INT_EN: Packet Interrupt Enable Generate an interrupt after processing the current buffer descriptor, if it is the end of the packet.

bit 16

CBD_INT_EN: CBD Interrupt Enable Generate an interrupt after processing the current buffer descriptor.

bit 15-0

BD_BUFLEN: Buffer Descriptor Length This field contains the length of the buffer and is updated with the actual length filled by the receiver.

Bit Range

Format of BD_SADDR Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

31-24

BD_SAADDR

23-16

BD_SAADDR

15-8

BD_SAADDR

7-0

BD_SAADDR

bit 31-0

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

BD_SAADDR: Security Association IP Session Address The sessions’ Security Association pointer has the keys and IV values.


DS60001246B-page 49-23


Figure 49-4:

49

PIC32 Family Reference Manual Figure 49-5: Bit Range

Format of BD_SRCADDR Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

31-24

BD_SCRADDR

23-16

BD_SCRADDR

15-8

BD_SCRADDR

7-0

BD_SCRADDR

bit 31-0

Figure 49-6: Bit Range

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

23-16

BD_DSTADDR

15-8

BD_DSTADDR

7-0

BD_DSTADDR

Bit Range

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

23-16

BD_NXTADDR

15-8

BD_NXTADDR

7-0

BD_NXTADDR

Bit Range

Bit 24/16/8/0

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

Bit 25/17/9/1

Bit 24/16/8/0

BD_NXTADDR: Next Buffer Descriptor Pointer Address Has Next Buffer Descriptor The next buffer can be a next segment of the previous buffer or a new packet.

Format of BD_UPDPTR Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

31-24

BD_UPDADDR

23-16

BD_UPDADDR

15-8

BD_UPDADDR

7-0

BD_UPDADDR

bit 31-0

Bit 25/17/9/1

Format of BD_NXTADDR

BD_NXTADDR

Figure 49-8:

Bit 26/18/10/2

BD_DSTADDR: Buffer Destination Address The destination address of the buffer that needs to be passed through the PE-CRDMA for encryption or authentication.

31-24

bit 31-0

Bit 24/16/8/0

Format of BD_DSTADDR

BD_DSTADDR

Figure 49-7:

Bit 25/17/9/1

BD_SCRADDR: Buffer Source Address The source address of the buffer that needs to be passed through the PE-CRDMA for encryption or authentication.

31-24

bit 31-0

Bit 26/18/10/2

Bit 26/18/10/2

BD_UPDADDR: UPD Address Location The update address has the location where the CRDMA results are posted. The updated results are the ICV values, key output values as needed.

DS60001246B-page 49-24


Section 49. Crypto Engine and Random Number Generator (RNG) Figure 49-9: Bit Range

Format of BD_MSG_LEN Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

31-24

MSG_LENGTH

23-16

MSG_LENGTH

15-8

MSG_LENGTH

7-0

MSG_LENGTH

bit 31-0

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

MSG_LENGTH: Total Message Length Total message length for the hash and HMAC algorithms in bytes. Total number of Crypto bytes in case of GCM algorithm (LEN-C).

Figure 49-10: Format of BD_ENC_OFF Bit Range

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

31-24

ENCR_OFFSET

23-16

ENCR_OFFSET

15-8

ENCR_OFFSET

7-0

ENCR_OFFSET

bit 31-0

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

ENCR_OFFSET: Encryption Offset Encryption offset for the multi-task test cases (both encryption and authentication). The number of AAD bytes in the case of GCM algorithm (LEN-A).

Example 49-1:

Buffer Descriptor C Structures

typedef struct bdCtrl { unsigned int BUFLEN : 16; unsigned int CBD_INT_EN : 1; unsigned int PKT_INT_EN : 1; unsigned int LIFM : 1; unsigned int LAST_BD: 1; unsigned int : 2; unsigned int SA_FETCH_EN : 1; unsigned int : 4; unsigned int CRY_MODE: 3; unsigned int : 1; unsigned int DESC_EN : 1; } bdCtrl;


typedef struct bufferDescriptor { bdCtrl BD_CTRL; unsigned int SA_ADDR; unsigned int SRCADDR; unsigned int DSTADDR; unsigned int NXTPTR; unsigned int UPDPTR; unsigned int MSGLEN; unsigned int ENCOFF; } bufferDescriptor;


DS60001246B-page 49-25


CRYPTO ENGINE SECURITY ASSOCIATION STRUCTURE Table 49-4 shows the Security Association structure. The Crypto Engine uses the Security Association to determine the settings for processing a Buffer Descriptor Processor. The Security Association contains: • • • • • • •

Table 49-4:

Crypto Engine Security Association Structure Bit 31/23/15/7

Name SA_CTRL

Which algorithm to use Whether to use engines in parallel (for both authentication and encryption/decryption) The size of the key Authentication key Encryption/decryption key Authentication Initialization Vector (IV) Encryption IV Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

31:24

—

—

VERIFY

—

NO_RX

OR_EN

ICVONLY

IRFLAG

23:16

LNC

LOADIV

FB

FLAGS

—

—

—

ALGO

ENCTYPE

KEYSIZE

15:8 7:0

ALGO KEYSIZE

MULTITASK

CRYPTOALGO

SA_AUTHKEY1 31:24

AUTHKEY

23:16

AUTHKEY

15:8

AUTHKEY

7:0

AUTHKEY

SA_AUTHKEY2 31:24

AUTHKEY

23:16

AUTHKEY

15:8

AUTHKEY

7:0

AUTHKEY

SA_AUTHKEY3 31:24

AUTHKEY

23:16

AUTHKEY

15:8

AUTHKEY

7:0

AUTHKEY

SA_AUTHKEY4 31:24

AUTHKEY

23:16

AUTHKEY

15:8

AUTHKEY

7:0

AUTHKEY

SA_AUTHKEY5 31:24

AUTHKEY

23:16

AUTHKEY

15:8

AUTHKEY

7:0

AUTHKEY

SA_AUTHKEY6 31:24

AUTHKEY

23:16

AUTHKEY

15:8

AUTHKEY

7:0

AUTHKEY

SA_AUTHKEY7 31:24

AUTHKEY

23:16

AUTHKEY

15:8

AUTHKEY

7:0

AUTHKEY

SA_AUTHKEY8 31:24

AUTHKEY

23:16

AUTHKEY

15:8

AUTHKEY

SA_ENCKEY1

SA_ENCKEY2

Bit 24/16/8/0

7:0

AUTHKEY

31:24

ENCKEY

23:16

ENCKEY

15:8

ENCKEY

7:0

ENCKEY

31:24

ENCKEY

23:16

ENCKEY

15:8

ENCKEY

7:0

ENCKEY

DS60001246B-page 49-26


Section 49. Crypto Engine and Random Number Generator (RNG) Table 49-4:

Crypto Engine Security Association Structure (Continued) Bit 31/23/15/7

Name SA_ENCKEY3

SA_ENCKEY4

SA_ENCKEY5

SA_ENCKEY6

SA_ENCKEY7

SA_ENCKEY8

SA_AUTHIV1

SA_AUTHIV2

SA_AUTHIV3

SA_AUTHIV5

SA_AUTHIV6

SA_AUTHIV7

SA_AUTHIV8

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

31:24

ENCKEY

23:16

ENCKEY

15:8

ENCKEY

7:0

ENCKEY

31:24

ENCKEY

23:16

ENCKEY

15:8

ENCKEY

7:0

ENCKEY

31:24

ENCKEY

23:16

ENCKEY

15:8

ENCKEY

7:0

ENCKEY

31:24

ENCKEY

23:16

ENCKEY

15:8

ENCKEY

7:0

ENCKEY

31:24

ENCKEY

23:16

ENCKEY

15:8

ENCKEY

7:0

ENCKEY

31:24

ENCKEY

23:16

ENCKEY

15:8

ENCKEY

7:0

ENCKEY

31:24

AUTHIV

23:16

AUTHIV

15:8

AUTHIV

7:0

AUTHIV

31:24

AUTHIV

23:16

AUTHIV

15:8

AUTHIV

7:0

AUTHIV

31:24

AUTHIV

23:16

AUTHIV

15:8

AUTHIV

7:0

AUTHIV

31:24

AUTHIV

23:16

AUTHIV

15:8

AUTHIV

7:0

AUTHIV

31:24

AUTHIV

23:16

AUTHIV

15:8

AUTHIV

7:0

AUTHIV

31:24

AUTHIV

23:16

AUTHIV

15:8

AUTHIV

7:0

AUTHIV

31:24

AUTHIV

23:16

AUTHIV

15:8

AUTHIV

7:0

AUTHIV

31:24

AUTHIV

23:16

AUTHIV

15:8

AUTHIV

7:0

AUTHIV


Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0


SA_AUTHIV4

Bit 30/22/14/6

DS60001246B-page 49-27

PIC32 Family Reference Manual Table 49-4:

Crypto Engine Security Association Structure (Continued) Bit 31/23/15/7

Name SA_ENCIV1

SA_ENCIV2

SA_ENCIV3

SA_ENCIV4

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

31:24

ENCIV

23:16

ENCIV

15:8

ENCIV

7:0

ENCIV

31:24

ENCIV

23:16

ENCIV

15:8

ENCIV

7:0

ENCIV

31:24

ENCIV

23:16

ENCIV

15:8

ENCIV

7:0

ENCIV

31:24

ENCIV

23:16

ENCIV

15:8

ENCIV

7:0

ENCIV

DS60001246B-page 49-28

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0


Section 49. Crypto Engine and Random Number Generator (RNG) Figure 49-11: Bit Range

Format of SA_CTRL Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

31-24

—

—

VERIFY

—

NO_RX

OR_EN

ICVONLY

IRFLAG

23-16

LNC

LOADIV

FB

FLAGS

—

—

—

ALGO

ENC

KEYSIZE

15-8 7-0

ALGO KEYSIZE

MULTITASK

CRYPTOALGO

bit 31-30 Reserved: Do not use bit 29

VERIFY: NIST Procedure Verification Setting 1 = NIST procedures are to be used 0 = Do not use NIST procedures

bit 28

Reserved: Do not use

bit 27

NO_RX: Receive DMA Control Setting 1 = Only calculate ICV for authentication calculations 0 = Normal processing

bit 26

OR_EN: OR Register Bits Enable Setting 1 = OR the register bits with the internal value of the CSR register 0 = Normal processing

bit 25

ICVONLY: Incomplete Check Value Only Flag This affects the SHA-1 algorithm only. It has no effect on the AES algorithm. 1 = Only three words of the HMAC result are available 0 = All results from the HMAC result are available

bit 24

IRFLAG: Immediate Result of Hash Setting This bit is set when the immediate result for hashing is requested. 1 = Save the immediate result for hashing 0 = Do not save the immediate result

bit 23

LNC: Load New Keys Setting 1 = Load a new set of keys for encryption and authentication 0 = Do not load new keys

bit 22

LOADIV: Load IV Setting 1 = Load the IV from this Security Association 0 = Use the next IV

bit 21

FB: First Block Setting This bit indicates that this is the first block of data to feed the IV value. 1 = Indicates this is the first block of data 0 = Indicates this is not the first block of data

bit 20


FLAGS: Incoming/Outgoing Flow Setting 1 = Security Association is associated with an outgoing flow 0 = Security Association is associated with an incoming flow

bit 19-17 Reserved: Do not use bit 16-10 ALGO: Type of Algorithm to Use 1xxxxxx = HMAC 1 x1xxxxx = SHA-256 xx1xxxx = SHA1 xxx1xxx = MD5 xxxx1xx = AES xxxxx1x = TDES xxxxxx1 = DES bit 9

ENC: Type of Encryption Setting 1 = Encryption 0 = Decryption

bit 8-7

KEYSIZE: Size of Keys in SA_AUTHKEYx or SA_ENCKEYx(1) 11 = Reserved; do not use 10 = 256 bits 01 = 192 bits 00 = 128 bits


DS60001246B-page 49-29

PIC32 Family Reference Manual Figure 49-11:

Format of SA_CTRL (Continued)

bit 6-4

MULTITASK: How to Combine Parallel Operations in the Crypto Engine 111 = Parallel pass (decrypt and authenticate incoming data in parallel) 101 = Pipe pass (encrypt the incoming data, and then perform authentication on the encrypted data) 011 = Reserved 010 = Reserved 001 = Reserved 000 = Encryption or authentication or decryption (no pass)

bit 3-0

CRYPTOALGO: Mode of operation for the Crypto Algorithm 1111 = Reserved 1110 = AES_GCM (for AES processing) 1101 = RCTR (for AES processing) 1100 = RCBC_MAC (for AES processing) 1011 = ROFB (for AES processing) 1010 = RCFB (for AES processing) 1001 = RCBC (for AES processing) 1000 = REBC (for AES processing) 0111 = TOFB (for Triple-DES processing) 0110 = TCFB (for Triple-DES processing) 0101 = TCBC (for Triple-DES processing) 0100 = TECB (for Triple-DES processing) 0011 = OFB (for DES processing) 0010 = CFB (for DES processing) 0001 = CBC (for DES processing) 0000 = ECB (for DES processing)

Note 1:

This setting does not alter the size of SA_AUTHKEYx or SA_ENCKEYx in the Security Association, only the number of bits of SA_AUTHKEYx and SA_ENCKEYx that are used.

DS60001246B-page 49-30


Section 49. Crypto Engine and Random Number Generator (RNG) Figure 49-12: Format of SA_AUTHKEYx (x = 1 through 8) Bit Range

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

31-24

AUTHKEY

23-16

AUTHKEY

15-8

AUTHKEY

7-0

AUTHKEY

bit 31-0

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

AUTHKEY: Key Used in Authentication Engine Processing These entries should be set to ‘0’ if the Authentication Engine is not being used.

Figure 49-13: Format of SA_ENCKEYx (x = 1 through 8) Bit Range

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

31-24

ENCKEY

23-16

ENCKEY

15-8

ENCKEY

7-0

ENCKEY

bit 31-0

ENCKEY: Key Used in Crypto Engine Processing These entries should be set to ‘0’ if the Crypto Engine is not being used.

Figure 49-14: Format of SA_AUTHIVx (x = 1 through 8) Bit Range

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

AUTHIV

23-16

AUTHIV

15-8

AUTHIV

7-0

AUTHIV

bit 31-0


31-24

AUTHIV: IV Used in Authentication Engine Processing These entries should be set to ‘0’ if the Authentication Engine is not being used.

Figure 49-15: Format of SA_ENCIVx (x = 1 through 4) Bit Range

Bit 31/23/15/7

Bit 30/22/14/6

Bit 29/21/13/5

Bit 28/20/12/4

Bit 27/19/11/3

31-24

ENCIV

23-16

ENCIV

15-8

ENCIV

7-0

ENCIV

bit 31-0

Bit 26/18/10/2

Bit 25/17/9/1

Bit 24/16/8/0

ENCIV: IV Used in Crypto Engine Processing These entries should be set to ‘0’ if the Crypto Engine is not being used.


DS60001246B-page 49-31

PIC32 Family Reference Manual Example 49-2:

Security Association C Structures

typedef struct saCtrl { unsigned int CRYPTOALGO : 4; unsigned int MULTITASK : 3; unsigned int KEYSIZE : 2; unsigned int ENCTYPE : 1; unsigned int ALGO : 7; unsigned int : 3; unsigned int FLAGS : 1; unsigned int FB : 1; unsigned int LOADIV : 1; unsigned int LNC : 1; unsigned int IRFLAG : 1; unsigned int ICVONLY : 1; unsigned int OR_EN : 1; unsigned int NO_RX : 1; unsigned int : 1; unsigned int VERIFY : 1; unsigned int : 2; } saCtrl; typedef struct securityAssociation { saCtrl SA_CTRL; unsigned int SA_AUTHKEY[8]; unsigned int SA_ENCKEY[8]; unsigned int SA_AUTHIV[8]; unsigned int SA_ENCIV[4]; } securityAssociation;

DS60001246B-page 49-32


Section 49. Crypto Engine and Random Number Generator (RNG) 49.5

CRYPTO ENGINE OPERATION 49.5.1

Cryptographic Security Engines

To reduce the processing requirements of the PIC32 family, the Crypto Engine includes four different cryptographic security engines. These security engines perform the types of encryptions, decryptions, and mathematical computations that are most commonly used for a variety of security applications. They accelerate the computation of public or private key pair negotiations, message hash authentication, and bulk data encryption/decryption. These engines may be used in parallel, or daisy-chained to provide additional security. The four engines implemented are: • • • •

Triple Data Encryption Standard (TDES) Advanced Encryption Standard (AES) Secure Hash Algorithm (SHA-1 and SHA-256) Message Digest 5 (MD5)

49.5.1.1

TRIPLE DATA ENCRYPTION STANDARD (TDES)

The Data Encryption Standard (DES) is an encryption algorithm developed in the early 1970s. It is a block cipher, encrypting data in 64-bit blocks. For each 64-bit block sent through the engine, a 64-bit block is returned. The key length used by DES is 56-bits long. It is usually represented as a 64-bit number; however, per the DES standard, every eighth bit of the key is used for parity checking of the key, and then discarded. That is, positions 8, 16, 24, 32, 40, 48, 56, and 64 are removed from the 64-bit key, leaving only the 56-bit key. Padding must be added to ensure the size of the incoming data to be processed is a multiple of 8 bytes. This padding is exclusive of any header or trailer data that is skipped over and should consist of zeros. Triple DES (TDES) uses the algorithm three times on the same block of data, rather than only once, and can use key lengths of 56, 112, or 168 bits. Like DES, TDES is a symmetric algorithm, meaning the same algorithm and key are used for both encryption and decryption of data.

49.5.1.2

ADVANCED ENCRYPTION STANDARD (AES)

The key length used by AES can be 128, 192, or 256 bits, and determines the number of transformation rounds used to convert the input to the output. The key length also determines the effective bit rate for algorithm execution. Padding must be added to ensure the size of the incoming data to be processed is a multiple of 16 bytes (128 bits). This padding is exclusive of any header/trailer data that is skipped over and should consist of zeros.

49.5.1.3

SECURE HASH ALGORITHM (SHA-1 AND SHA-256)

Secure Hash Algorithm (SHA) is a cryptographic hash function designed by the United States National Security Agency (NSA). It is a one-way message digest function, taking an unlimited amount of input data, and producing a digest of 160 bits (for SHA-1) or 256 bits (for SHA-256). Both versions operate on 512-bit blocks. Padding is required to make the input data a multiple of 64 bytes. The most significant bit of the padding must be a ‘1’, followed by as many zeros as needed to make the length 64 bits short of a multiple of 512 bits (64 bytes). The final 64 bits are a binary representation of the length of the message before padding. This ensures that different messages will not look the same after padding.


DS60001246B-page 49-33


The Advanced Encryption Standard (AES) engine implements the Advanced Encryption Standard (originally known as Rijndael), as described in the NIST Federal Information Processing Standard Publication 197. Like DES, it is a block cipher, and the same key is used to both encrypt and decrypt data. It operates on 128-bit blocks regardless of the key size.

PIC32 Family Reference Manual 49.5.1.4

MESSAGE DIGEST 5 (MD5)

Message Digest 5 (MD5) is similar to SHA, in that it is a cryptographic hash function. It was designed by Ron Rivest in 1991 to replace an earlier hash function, MD4. MD5 takes an unlimited amount of input data, and produces a 128-bit hash value. MD5 operates on 512-bit blocks. Padding is required to make the input data a multiple of 64 bytes. The most significant bit of the padding must be a 1, followed by as many zeros as needed to make the length 64 bits short of a multiple of 512 bits (64 bytes). The final 64 bits are a binary representation of the length of the message before padding. This ensures that different messages will not look the same after padding.

49.5.1.5

MODES OF OPERATION

The TDES and AES block cipher engines offer up to six modes of operation, which enables the repeated and secure use of the cipher under a single key. The six modes are: • • • • • •

Cipher-Block Chaining (CBC) Electronic Code Book (ECB) Counter (CTR) - AES only Cipher Feedback (CFB) Output Feedback (OFB) Galois/Counter (GCM) - AES only

The modes in use are decided by the Security Association structure when the data is processed.

49.5.2

Running the Crypto Engine

The Crypto Engine is configured via a set of Buffer Descriptors, which instruct the engine, for a particular block of data, how to process it and which Security Association to use with it. One Security Association can be associated with multiple Buffer Descriptors, thus saving memory. Figure 49-16 illustrates the relationship between one Security Association, multiple Buffer Descriptors, and the data to be processed. Figure 49-16: Relationship of Security Association, Buffer Descriptor and Pending Processed Data 0x80001300

Security Association

Buffer Descriptor 1 BD_CTRL BD_SA_ADDR BD_SRCADDR BD_DSTADDR BD_NXTPTR BD_UPDPTR BD_MSG_LEN BD_ENC_OFF

0x80001000

0x80002000

Data 1

0x80001340

Header

Trailer 0x80002100

Data 2 Buffer Descriptor 2

SA_CTRL

Header

Header Data 2

Trailer 0x80001188

0x80001504

Header Data 1

Trailer 0x80001100

0x80001500

SA_AUTHKEY

Header

Trailer 0x80002188

Header

0x80001380 Buffer Descriptor 3

0x80001524 SA_ENCKEY

Data 3

Data 3

Trailer

Trailer

0x80001544 SA_AUTHIV 0x80001F00

0x80001564 SA_ENCIV

0x80001400

Buffer Descriptor n

DS60001246B-page 49-34

Header

0x80002F00

Header

Data n

Data n

Trailer

Trailer


Section 49. Crypto Engine and Random Number Generator (RNG) 49.5.2.1

DATA BLOCK HEADER AND TRAILER

For some applications, each data block may have header and/or trailer information that should not be processed by the Crypto Engine, but should be passed through without alteration. The CEHDLEN and CETRLLEN registers determine the length of the header and trailer. Setting each register reserves up to 255 bytes.

49.5.2.2

CREATING THE SECURITY ASSOCIATION

The Security Association describes to the Crypto Engine how to run the engine for the given block, and what security keys and Initialization Vectors (IV) to use. At a minimum, the Security Association must contain the following information: • • • • • • •

The algorithm to use (HMAC, SHA256, SHA1, MD5, AES, TDES, DES) Whether to load the Initialization Vector (IV) The direction of flow (incoming or outgoing) Encryption or decryption Key size Multi-task options Mode of operation (only applies to certain algorithms)

An example for creating and setting up a Security Association is shown in Example 49-3. Example 49-3:

Setting Up a Security Association

securityAssociation enc_sa __attribute__((aligned (8))); securityAssociation dec_sa __attribute__((aligned (8))); memset((void *)&enc_sa, 0, sizeof(enc_sa)); memset((void *)&dec_sa, 0, sizeof(dec_sa)); /* Set up the Security Association */ enc_sa.SA_CTRL.ALGO = 0b0000010; /* TDES */ enc_sa.SA_CTRL.LNC = 1; enc_sa.SA_CTRL.LOADIV = 1; enc_sa.SA_CTRL.FB = 1; enc_sa.SA_CTRL.ENCTYPE = 1; /* Encryption */ enc_sa.SA_CTRL.CRYPTOALGO = 0b0101; /* TCBC */ dec_sa.SA_CTRL.ALGO = 0b0000010; /* TDES */ dec_sa.SA_CTRL.LNC = 1; dec_sa.SA_CTRL.LOADIV = 1; dec_sa.SA_CTRL.FB = 1; dec_sa.SA_CTRL.ENCTYPE = 0; /* Decryption */ dec_sa.SA_CTRL.CRYPTOALGO = 0b0101; /* TCBC */


/* Load the encryption keys */ enc_sa.SA_ENCKEY[2] = 0x01234567; enc_sa.SA_ENCKEY[3] = 0x89abcdef; enc_sa.SA_ENCKEY[4] = 0xfedeba98; enc_sa.SA_ENCKEY[5] = 0x76543210; enc_sa.SA_ENCKEY[6] = 0x89abcdef; enc_sa.SA_ENCKEY[7] = 0x01234567; dec_sa.SA_ENCKEY[2] dec_sa.SA_ENCKEY[3] dec_sa.SA_ENCKEY[4] dec_sa.SA_ENCKEY[5] dec_sa.SA_ENCKEY[6] dec_sa.SA_ENCKEY[7]

= = = = = =

0x01234567; 0x89abcdef; 0xfedeba98; 0x76543210; 0x89abcdef; 0x01234567;

/* Load the initialization vector (IV) */ enc_sa.SA_ENCIV[2] = 0x12345678; enc_sa.SA_ENCIV[3] = 0x90abcdef; dec_sa.SA_ENCIV[2] = 0x12345678; dec_sa.SA_ENCIV[3] = 0x90abcdef;


DS60001246B-page 49-35

PIC32 Family Reference Manual 49.5.2.3

SECURITY ASSOCIATION ENCRYPTION KEY AND IV DATA ALIGNMENT

When copying the key and initialization vectors into the security association, the position of each vector is important to generate the correct results. Figure 49-17 through Figure 49-21 illustrate how the alignment of each is to be affected for all of the available hardware encryption algorithms. Note that all of the Keys and IVs in the Security Association must be in Big-Endian order. Figure 49-17: Key and IV Layout in Security Association for AES (128-bit Key) Byte 3

Byte 2

Byte 1

Byte 0

SA_ENCKEY1

Byte 3

Byte 2

Unused(1)

Byte 1

Byte 0 SA_ENCIV1

0

1

2

3

SA_ENCKEY2

Unused(1)

SA_ENCIV2

4

5

6

7

SA_ENCKEY3

Unused

(1)

SA_ENCIV3

8

9

10

11

SA_ENCKEY4

Unused(1)

SA_ENCIV4

12

13

14

15

SA_ENCKEY5

0

1

2

3

SA_ENCIV5

Unused(1)

SA_ENCKEY6

4

5

6

7

SA_ENCIV6

Unused(1)

SA_ENCKEY7

8

9

10

11

SA_ENCIV7

Unused(1)

SA_ENCKEY8

12

13

14

15

SA_ENCIV8

Unused(1)

Note 1: 2:

Unused bytes should be cleared to ‘0’. All 32-bit words are in Big-Endian order.

Figure 49-18: Key and IV Layout in Security Association for AES (192-bit Key) Byte 3

Byte 2

Byte 1

Byte 0

SA_ENCKEY1

Byte 3

Byte 2

Unused(1)

Byte 1

Byte 0 SA_ENCIV1

0

1

2

3

SA_ENCKEY2

Unused(1)

SA_ENCIV2

4

5

6

7

3

SA_ENCIV3

8

9

10

11

12

13

14

15

SA_ENCKEY3

0

1

SA_ENCKEY4

4

5

6

7

SA_ENCIV4

SA_ENCKEY5

8

9

10

11

SA_ENCIV5

Unused(1)

SA_ENCKEY6

12

13

14

15

SA_ENCIV6

Unused(1)

SA_ENCKEY7

16

17

18

19

SA_ENCIV7

Unused(1)

SA_ENCKEY8

20

21

22

23

SA_ENCIV8

Unused(1)

Note 1: 2:

2


Figure 49-19: Key and IV Layout in Security Association for AES (256-bit Key)

SA_ENCKEY1

Byte 3

Byte 2

Byte 1

Byte 0

0

1

2

3

SA_ENCIV1

Byte 3

Byte 2

Byte 1

Byte 0

0

1

2

3

SA_ENCKEY2

4

5

6

7

SA_ENCIV2

4

5

6

7

SA_ENCKEY3

8

9

10

11

SA_ENCIV3

8

9

10

11

SA_ENCKEY4

12

13

14

15

SA_ENCIV4

12

13

14

15

SA_ENCKEY5

16

17

18

19

SA_ENCIV5

Unused(1)

SA_ENCKEY6

20

21

22

23

SA_ENCIV6

Unused(1)

SA_ENCKEY7

24

25

26

27

SA_ENCIV7

Unused(1)

SA_ENCKEY8

28

29

30

31

SA_ENCIV8

Unused(1)

Note 1: 2:


DS60001246B-page 49-36


Section 49. Crypto Engine and Random Number Generator (RNG) Figure 49-20: Key and IV Layout in Security Association for Triple-DES Byte 3

Byte 2

Byte 1

Byte 0

Byte 3

Byte 2

Byte 1

SA_ENCKEY1

Unused(1)

SA_ENCIV1

Unused(1)

SA_ENCKEY2

Unused(1)

SA_ENCIV2

Unused(1)

SA_ENCKEY3

0

1

2

3

SA_ENCIV3

0

1

4

5

2

3

6

7

Byte 1

Byte 0

SA_ENCKEY4

4

5

6

7

SA_ENCIV4

SA_ENCKEY5

8

9

10

11

SA_ENCIV5

Unused(1)

SA_ENCKEY6

12

13

14

15

SA_ENCIV6

Unused(1)

SA_ENCKEY7

16

17

18

19

SA_ENCIV7

Unused(1)

SA_ENCKEY8

20

21

22

23

SA_ENCIV8

Unused(1)

Note 1: 2:

Byte 0


Figure 49-21: Key and IV Layout in Security Association for DES Byte 3

Byte 2

Byte 1

Byte 0

Byte 3

Byte 2

SA_ENCKEY1

Unused

(1)

(1)

SA_ENCIV1

Unused

SA_ENCKEY2

Unused(1)

SA_ENCIV2

Unused(1)

SA_ENCKEY3

Unused(1)

SA_ENCIV3

0

1

2

3

SA_ENCKEY4

Unused(1)

SA_ENCIV4

4

5

6

7

SA_ENCKEY5

Unused

(1)

SA_ENCIV5

Unused(1)

SA_ENCKEY6

Unused(1)

SA_ENCIV6

Unused(1)

SA_ENCKEY7

0

1

2

3

SA_ENCIV7

Unused(1)

SA_ENCKEY8

4

5

6

7

SA_ENCIV8

Unused(1)

Note 1: 2:


49.5.2.4

CREATING THE BUFFER DESCRIPTOR

For each block of data that needs to be processed, the Buffer Descriptor tells the Crypto Engine how to process the data. At a minimum, the Buffer Descriptor must include the following information: The address of the Security Association (BD_SA_ADDR) The address of the source data to process (BD_SRCADDR) The address of the destination data after processing (BD_DSTADDR) The address of the next Buffer Descriptor (BD_NXTPTR) The address of the place to store updates for hash algorithms (BD_UPDADDR) The total message length in bytes (MSG_LENGTH)

An example of creating and setting up a series of Buffer Descriptors is shown in Example 49-4.


DS60001246B-page 49-37


• • • • • •

PIC32 Family Reference Manual Example 49-4:

Setting Up Buffer Descriptors

/*

vector is the source data for the encryption phase. cipher is the destination for the encryption phase, and the source data for the decryption phase. plain is the destination for the decryption phase. /* Set up the Buffer Descriptor */ enc_bd.BD_CTRL.BUFLEN = sizeof(vector); enc_bd.BD_CTRL.LIFM = 1; enc_bd.BD_CTRL.SA_FETCH_EN = 1; enc_bd.BD_CTRL.LAST_BD = 1; enc_bd.BD_CTRL.DESC_EN = 1; dec_bd.BD_CTRL.BUFLEN = sizeof(cipher); dec_bd.BD_CTRL.LIFM = 1; dec_bd.BD_CTRL.SA_FETCH_EN = 1; dec_bd.BD_CTRL.LAST_BD = 1; dec_bd.BD_CTRL.DESC_EN = 1;

enc_bd.SA_ADDR enc_bd.SRCADDR enc_bd.DSTADDR enc_bd.NXTPTR enc_bd.MSGLEN

= = = = =

KVA_TO_PA(&enc_sa); KVA_TO_PA(vector); KVA_TO_PA(cipher); KVA_TO_PA(&dec_bd); sizeof(vector);

dec_bd.SA_ADDR dec_bd.SRCADDR dec_bd.DSTADDR dec_bd.MSGLEN

= = = =

KVA_TO_PA(&dec_sa); KVA_TO_PA(cipher); KVA_TO_PA(plain); sizeof(cipher);

49.5.2.5

STARTING THE BUFFER DESCRIPTOR PROCESSOR

When the Security Associations and Buffer Descriptors have been set up, starting the BDP is done as follows: 1. 2. 3.

Tell the engine the address of the first Buffer Descriptor. Selecting the interrupts to enable. Turning on the Crypto DMA engine.

An example of starting the processing is shown in Example 49-5. Example 49-5:

Setting Up the Crypto Engine to Process Buffer Descriptors

CEBDPADDR = KVA_TO_PA(&enc_bd); CEINTEN = 0x07; CECON = 0x07;

DS60001246B-page 49-38


Section 49. Crypto Engine and Random Number Generator (RNG) 49.5.3

Crypto Engine Operation Guidelines

The following guidelines are used to ensure proper configuration and operation of the Crypto Engine. Note:

To avoid cache coherency problems on devices with L1 cache, all Buffer Descriptors and Security Associations must be accessed from KSEG1 or KSEG3 (uncached) segments only.

• Data Alignment - Security Association structures shall be aligned on a 8-byte boundary. This can be done with an alignment attribute for the variable, see Example 49-3. - Buffer Descriptor structures shall be aligned on a 8-byte boundary. This can be done with an alignment attribute for the variable, see Example 49-4. - The source and destination addresses used in the Buffer Descriptor shall be aligned on a 32-bit boundary. • Data Lengths - The Buffer Length field of each Buffer Descriptor shall be an integral multiple of the word size of the Crypto algorithm used. Data blocks should be expanded to meet the required size and filled with zeros to avoid corruption. The word sizes for each algorithm are listed in Table 49-5. Table 49-5:

Encryption Algorithm Word Sizes Algorithm

Word Size

AES

16 Bytes

TDES

24 Bytes

DES

8 Bytes


DS60001246B-page 49-39


- The total length of the data across multiple buffer descriptors shall be an integral multiple of the word size of the Crypto algorithm used. The word sizes for each algorithm are listed in Table 49-5. - For the hashing algorithms (MD5, SHA1, SHA256) the packet length shall be a minimum of 64 bytes - If the input data length does not match the above guidelines, it should be zero-padded to make it the correct length • Algorithms, Initialization Vectors (IV) - IV size is restricted to 96 bits for AES GCM - The fourth word (LSB 32-bit) of Encryption IV for AES GCM shall be 1 - When encryption is used in parallel with authentication, HMAC shall be used - HMAC shall be used in combination with one of the authentication engines (MD5/SHA1/SHA256)


CRYPTO ENGINE INTERRUPTS The PIC32 device can generate interrupts reflecting the events that occur during the Crypto Engine's operation. Each of the Crypto Engine interrupt events has a corresponding interrupt enable bit in the CEINTEN register, which must be set for an interrupt to be generated. However, regardless of the value of the CEINTEN register, the status of all interrupt events is directly readable via the CEINTSRC register. Therefore, the software has visibility of an event generating a potential interrupt by polling the register and not having an interrupt propagate out of the module. To clear an interrupt, the software must write a '1' to both the particular interrupt and the PENDIF bits in the CEINTSRC register. Following is a description of the interrupt events generated by the Crypto Engine: • Access Response error interrupt, signaled by the AREIF bit (CEINTSRC) and enabled using the AREIE bit (CEINTEN). This event occurs when the Crypto Engine DMA encounters a bus error during a memory access and is caused by an addressing error. For example, if the Crypto Engine attempts to access reserved memory, or memory that has been protected from access by the Crypto Engine, this interrupt will be generated. Recovering from this error requires a soft reset of the Crypto Engine using the SWRST bit (CECON). • DMA Packet Completion interrupt, signaled by the PKTIF bit (CEINTSRC) and enabled using the PKTIE bit (CEINTEN). This event occurs when the Crypto Engine has completed transferring memory. • Buffer Descriptor Processing interrupt, signaled by the CBDIF bit (CEINTSRC) and enabled using the CBDIE bit (CEINTEN). This event occurs when the Crypto Engine has completed processing a Buffer Descriptor. • Pending interrupt, signaled by the PENDIF bit (CEINTSRC) and enabled using the PENDIE bit (CEINTEN). This is a global interrupt, combining the values of the other interrupt sources. This bit must be enabled in addition to the other interrupt sources in order to generate interrupts from the Crypto Engine. All interrupts belonging to the Crypto Engine map to the Crypto Engine interrupt vector. The corresponding Crypto Engine interrupt flag is CRPTIF (IFS3). This interrupt flag must be cleared in software once the cause generating the interrupt is processed. The Crypto Engine is enabled as a source of interrupts via the respective Crypto Engine interrupt enable bit, CRPTIE (IEC3). The interrupt priority-level bits and interrupt sub-priority-level bits must also be configured: • CRPTIP (IPC26) • CRPTIS (IPC26) The interrupt service routine that is to be used when a Crypto Engine interrupt is generated is configured via the VOFF107 bits (OFF107). Note:

49.6.1

Refer to Section 8. “Interrupts” (DS60001108) in the “PIC32 Family Reference Manual” for detailed descriptions of the IFSx, IECx, IPCx, and OFFx register interrupt bits.

Interrupt Configuration

The Crypto Engine has multiple internal interrupt flags (AREIF, PKTIF, CBDIF, PENDIF) and corresponding enable interrupt control bits (AREIE, PKTIE, CBDIE, PENDIE). However, for the Interrupt Controller, there is one dedicated interrupt flag bit for the Crypto Engine: CRPTIF (IFS3) and the corresponding interrupt enable/mask bit, CRPTIE (IEC3). Note:

All of the interrupt conditions for the Crypto Engine share one interrupt vector.

The Crypto Engine has its own priority and sub-priority levels independent of other peripherals. The CRPTIF bit will be set without regard to the state of the corresponding enable bit, CRPTIE. The CRPTIF bit can be polled by software if desired.

DS60001246B-page 49-40


Section 49. Crypto Engine and Random Number Generator (RNG) The CRPTIE bit is used to define the behavior of the Interrupt Controller when the corresponding CRPTIF bit is set. When the corresponding CRPTIE bit is clear, the Interrupt Controller does not generate a CPU interrupt for the event. If the CRPTIE bit is set, the Interrupt Controller will generate an interrupt to the CPU when the CRPTIF bit is set (subject to the priority and sub-priority as follows). It is the responsibility of the user's software routine that services a particular interrupt to clear the interrupt flag bit before the service routine is complete. The priority of the Crypto Engine interrupt can be set using the IPC26 register of the Interrupt Controller. This priority defines the priority group to which the interrupt source will be assigned. The priority groups range from a value of 7 (the highest priority) to a value of 0, which does not generate an interrupt. An interrupt being serviced will be preempted by an interrupt in a higher priority group. The sub-priority bits allow setting the priority of an interrupt source within a priority group. The values for the sub-priority range from 3 (the highest priority) to 0 (the lowest priority). An interrupt with the same priority group, but having a higher sub-priority value, will not pre-empt a lower sub-priority interrupt that is in progress. Rather, if two interrupts in the same priority group are pending, the one with the higher sub-priority value will be serviced first. The priority group and sub-priority bits allow more than one interrupt source to share the same priority and sub-priority. If simultaneous interrupts occur in this configuration, the natural order of the interrupt sources within a priority/sub-priority group pair determine the interrupt generated. The natural priority is based on the vector numbers of the interrupt sources. The lower the vector number, the higher the natural priority of the interrupt. Any interrupts that were overridden by natural order will then generate their respective interrupts based on priority, sub-priority and natural order after the interrupt flag for the current interrupt is cleared. After an enabled interrupt is generated, the CPU will jump to the vector assigned to that interrupt. The vector number for the interrupt is the same as the natural order number. The CPU will then begin executing code at the vector address. The user's code at this vector address should perform any application-specific operations and clear the CRPTIF interrupt flags (as well as the corresponding event in the CEINTSRC register if a software clearable interrupt) and then exit. Refer to the vector address table details in Section 8. “Interrupts” (DS60001108) in the “PIC32 Family Reference Manual” for more information. Example 49-6:

Crypto Engine Initialization with Interrupts Enabled Code

49



/* Start the engine */ CEBDPADDR = KVA_TO_PA(&enc_bd); CEINTEN = 0x07; CECON = 0x07;

DS60001246B-page 49-41


RANDOM NUMBER GENERATOR OPERATION The Random Number Generator (RNG) core implements a thermal noise-based True Random Number Generator (TRNG) and a cryptographically secure Pseudo-Random Number Generator (PRNG). The TRNG uses multiple ring oscillators and the inherent thermal noise of integrated circuits to generate true random numbers that can initialize the PRNG. The PRNG is a flexible Linear Shift Feedback Register (LSFR), which is capable of manifesting a maximal length LFSR of up to 64 bits.

49.7.1

TRNG Usage

Enabling the TRNG for operation is done using the TRNGEN bit (RNGCON). Setting this bit starts the TRNG generating numbers. The random numbers are read through the RNGSEED1 and RNGSEED2 registers. This provides up to a 64-bit wide number for use. The number of valid bits in the registers are indicated in the RNGCNT register. It is recommended to wait until the value in that register equals or exceeds the number of bits desired before reading the value.

49.7.2

PRNG Usage

Before starting the PRNG, it is necessary to set up the initial seed value, set the length of the polynomial, and the polynomial equation. The initial seed value is set by writing to the RNGNUMGEN1 and RNGNUMGEN2 registers, which are also the registers where the random value are read. The initial seed value can also be loaded from the TRNG by writing a '1' to the LOAD bit (RNGCON). This action transfers the current value in the RNGSEEDx registers to the corresponding RNGNUMGENx registers. The polynomial length for the LSFR is set by writing the length (in bits) to the PLEN bits (RNGCON). Since the polynomial can be a maximum of 64 bits, the maximum value for this register would be 64. However, the actual length needed will depend on the needs of the application and the degree of pseudo-randomness needed. The polynomial equation itself is set via the RNGPOLYx registers. Setting a bit in these registers turns on the corresponding tap for the generation of the random numbers. Enabling the PRNG for operation is done by writing a '1' to the PRNGEN bit (RNGCON). The following example sets the PRNG for a 42-bit maximal-length polynomial with the equation, x42 + x41 + x20 + x19 + 1, initializes the random number with a set value, and turns on the PRNG. Example 49-7:

PRNG Configuration

RNGPOLY1 = 0x00C00003; RNGPOLY2 = 0x00000000; RNGNUMGEN1 = 0x090a0b0c; RNGNUMGEN2 = 0x0d0e0f10; RNGCON.PLEN = 42; RNGCON.CONT = 1;

Once the PRNG has been turned on, it is necessary to wait PLEN cycles before reading the RNGNUMGENx registers. Reading the RNGNUMGENx registers will trigger the generation of the next random number, which will take PLEN clock cycles to complete. Optionally, a new random number can be generated every PLEN clock cycles by setting the CONT bit (RNGCON).

DS60001246B-page 49-42



RANDOM NUMBER GENERATOR INTERRUPTS The RNG does not generate interrupts in PIC32 devices.

49.9

EFFECTS OF VARIOUS RESETS 49.9.1

Device Reset

All Crypto Engine and RNG registers are forced to their reset states upon a device Reset. For the Crypto Engine, and any on-going data transfers are aborted. For the RNG, the TRNG and PRNG halt their operations.

49.9.2

Power-on Reset

All Crypto Engine and RNG registers are forced to their reset states upon a Power-on Reset.

49.9.3

NMI Reset

All Crypto Engine and RNG registers are forced to their reset states if the NMI countdown lapses and a full reset is issued.

49.10

OPERATION IN POWER-SAVING MODES 49.10.1 Crypto Engine Operation in Sleep Mode When the PIC32 device enters Sleep mode, the system clock is disabled. No Crypto Engine transfers can occur in this mode. All clocks are stopped, so no further Crypto Engine activity can take place. Software is responsible for determining if a Crypto Engine operation is in progress and whether to prevent going to Sleep mode until such actions are finished.

49.10.2 Crypto Engine Operation in Idle Mode When the device enters Idle mode, the system and peripheral bus clock sources remain functional. The Crypto Engine will continue to operate in Idle mode, can continue operations, and can generate interrupts that will wake the CPU.

49.10.3 Random Number Generator Operation in Sleep Mode

49.10.4 Random Number Generator Operation in Idle Mode When the device enters Idle mode, the system and peripheral bus clock sources remain functional. The PRNG will continue to generate random numbers if the CONT bit was set. The TRNG will continue generating random numbers. The RNG cannot generate interrupts, and therefore it cannot wake the CPU.


DS60001246B-page 49-43


When the PIC32 device enters Sleep mode, the system clock is disabled. The PRNG halts generating random numbers if the CONT bit was set. The state of the RNG registers is preserved, so random numbers can continue from their stopping point when Sleep mode was entered. The TRNG may continue generating random numbers, since it is dependent on ring oscillators that do not depend on the system clock. However, the random numbers may not be clocked into the RNGSEEDx registers.


RELATED APPLICATION NOTES This section lists application notes that are related to this section of the manual. These application notes may not be written specifically for the PIC32 device family, but the concepts are pertinent and could be used with modification and possible limitations. The current application notes related to the Crypto Engine and Random Number Generator (RNG) are: Title

Application Note #

No related application notes at this time. Note:

DS60001246B-page 49-44

N/A

Please visit the Microchip web site (www.microchip.com) for additional application notes and code examples for the PIC32 family of devices.



REVISION HISTORY Revision A (November 2013) This is the initial released version of this document.

Revision A (May 2015) This revision includes the following updates: • The Swap Output Data Enable bit (SWAPOEN) was added (see Table 49-1 and Register 49-2) • The Crypto Engine Buffer Descriptors were updated (see Table 49-3) • The ‘111’ and ‘110’ bit value definitions for the MULTITASK bits were updated (see Figure 49-11) • 49.5.2.3 “Security Association Encryption Key and IV Data Alignment” was added • Additional minor updates to text and formatting were incorporated throughout the document



DS60001246B-page 49-45

PIC32 Family Reference Manual NOTES:

DS60001246B-page 49-46


Note the following details of the code protection feature on Microchip devices: •

Microchip products meet the specification contained in their particular Microchip Data Sheet.

•

Microchip believes that its family of products is one of the most secure families of its kind on the market today, when used in the intended manner and under normal conditions.

•

There are dishonest and possibly illegal methods used to breach the code protection feature. All of these methods, to our knowledge, require using the Microchip products in a manner outside the operating specifications contained in Microchip’s Data Sheets. Most likely, the person doing so is engaged in theft of intellectual property.

•

Microchip is willing to work with the customer who is concerned about the integrity of their code.

•

Neither Microchip nor any other semiconductor manufacturer can guarantee the security of their code. Code protection does not mean that we are guaranteeing the product as “unbreakable.”

Code protection is constantly evolving. We at Microchip are committed to continuously improving the code protection features of our products. Attempts to break Microchip’s code protection feature may be a violation of the Digital Millennium Copyright Act. If such acts allow unauthorized access to your software or other copyrighted work, you may have a right to sue for relief under that Act.

Information contained in this publication regarding device applications and the like is provided only for your convenience and may be superseded by updates. It is your responsibility to ensure that your application meets with your specifications. MICROCHIP MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHETHER EXPRESS OR IMPLIED, WRITTEN OR ORAL, STATUTORY OR OTHERWISE, RELATED TO THE INFORMATION, INCLUDING BUT NOT LIMITED TO ITS CONDITION, QUALITY, PERFORMANCE, MERCHANTABILITY OR FITNESS FOR PURPOSE. Microchip disclaims all liability arising from this information and its use. Use of Microchip devices in life support and/or safety applications is entirely at the buyer’s risk, and the buyer agrees to defend, indemnify and hold harmless Microchip from any and all damages, claims, suits, or expenses resulting from such use. No licenses are conveyed, implicitly or otherwise, under any Microchip intellectual property rights.

Trademarks The Microchip name and logo, the Microchip logo, dsPIC, FlashFlex, flexPWR, JukeBlox, KEELOQ, KEELOQ logo, Kleer, LANCheck, MediaLB, MOST, MOST logo, MPLAB, OptoLyzer, PIC, PICSTART, PIC32 logo, RightTouch, SpyNIC, SST, SST Logo, SuperFlash and UNI/O are registered trademarks of Microchip Technology Incorporated in the U.S.A. and other countries. The Embedded Control Solutions Company and mTouch are registered trademarks of Microchip Technology Incorporated in the U.S.A. Analog-for-the-Digital Age, BodyCom, chipKIT, chipKIT logo, CodeGuard, dsPICDEM, dsPICDEM.net, ECAN, In-Circuit Serial Programming, ICSP, Inter-Chip Connectivity, KleerNet, KleerNet logo, MiWi, MPASM, MPF, MPLAB Certified logo, MPLIB, MPLINK, MultiTRAK, NetDetach, Omniscient Code Generation, PICDEM, PICDEM.net, PICkit, PICtail, RightTouch logo, REAL ICE, SQI, Serial Quad I/O, Total Endurance, TSHARC, USBCheck, VariSense, ViewSpan, WiperLock, Wireless DNA, and ZENA are trademarks of Microchip Technology Incorporated in the U.S.A. and other countries. SQTP is a service mark of Microchip Technology Incorporated in the U.S.A. Silicon Storage Technology is a registered trademark of Microchip Technology Inc. in other countries. GestIC is a registered trademarks of Microchip Technology Germany II GmbH & Co. KG, a subsidiary of Microchip Technology Inc., in other countries. All other trademarks mentioned herein are property of their respective companies. © 2013-2015, Microchip Technology Incorporated, Printed in the U.S.A., All Rights Reserved. ISBN: 978-1-63277-420-0

QUALITY MANAGEMENT SYSTEM CERTIFIED BY DNV

== ISO/TS 16949 ==  2013-2015 Microchip Technology Inc.

Microchip received ISO/TS-16949:2009 certification for its worldwide headquarters, design and wafer fabrication facilities in Chandler and Tempe, Arizona; Gresham, Oregon and design centers in California and India. The Company’s quality system processes and procedures are for its PIC® MCUs and dsPIC® DSCs, KEELOQ® code hopping devices, Serial EEPROMs, microperipherals, nonvolatile memory and analog products. In addition, Microchip’s quality system for the design and manufacture of development systems is ISO 9001:2000 certified.

DS60001246B-page 49-47

Worldwide Sales and Service AMERICAS

ASIA/PACIFIC

ASIA/PACIFIC

EUROPE

Corporate Office 2355 West Chandler Blvd. Chandler, AZ 85224-6199 Tel: 480-792-7200 Fax: 480-792-7277 Technical Support: http://www.microchip.com/ support Web Address: www.microchip.com

Asia Pacific Office Suites 3707-14, 37th Floor Tower 6, The Gateway Harbour City, Kowloon Hong Kong Tel: 852-2943-5100 Fax: 852-2401-3431

China - Xiamen Tel: 86-592-2388138 Fax: 86-592-2388130 China - Zhuhai Tel: 86-756-3210040 Fax: 86-756-3210049

Austria - Wels Tel: 43-7242-2244-39 Fax: 43-7242-2244-393 Denmark - Copenhagen Tel: 45-4450-2828 Fax: 45-4485-2829

India - Bangalore Tel: 91-80-3090-4444 Fax: 91-80-3090-4123

France - Paris Tel: 33-1-69-53-63-20 Fax: 33-1-69-30-90-79

India - New Delhi Tel: 91-11-4160-8631 Fax: 91-11-4160-8632

Germany - Dusseldorf Tel: 49-2129-3766400

Atlanta Duluth, GA Tel: 678-957-9614 Fax: 678-957-1455 Austin, TX Tel: 512-257-3370 Boston Westborough, MA Tel: 774-760-0087 Fax: 774-760-0088 Chicago Itasca, IL Tel: 630-285-0071 Fax: 630-285-0075 Cleveland Independence, OH Tel: 216-447-0464 Fax: 216-447-0643

Australia - Sydney Tel: 61-2-9868-6733 Fax: 61-2-9868-6755 China - Beijing Tel: 86-10-8569-7000 Fax: 86-10-8528-2104 China - Chengdu Tel: 86-28-8665-5511 Fax: 86-28-8665-7889 China - Chongqing Tel: 86-23-8980-9588 Fax: 86-23-8980-9500 China - Dongguan Tel: 86-769-8702-9880 China - Hangzhou Tel: 86-571-8792-8115 Fax: 86-571-8792-8116

Germany - Munich Tel: 49-89-627-144-0 Fax: 49-89-627-144-44

India - Pune Tel: 91-20-3019-1500

Germany - Pforzheim Tel: 49-7231-424750

Japan - Osaka Tel: 81-6-6152-7160 Fax: 81-6-6152-9310

Italy - Milan Tel: 39-0331-742611 Fax: 39-0331-466781

Japan - Tokyo Tel: 81-3-6880- 3770 Fax: 81-3-6880-3771

Italy - Venice Tel: 39-049-7625286

Korea - Daegu Tel: 82-53-744-4301 Fax: 82-53-744-4302

Netherlands - Drunen Tel: 31-416-690399 Fax: 31-416-690340

China - Hong Kong SAR Tel: 852-2943-5100 Fax: 852-2401-3431

Korea - Seoul Tel: 82-2-554-7200 Fax: 82-2-558-5932 or 82-2-558-5934

China - Nanjing Tel: 86-25-8473-2460 Fax: 86-25-8473-2470

Malaysia - Kuala Lumpur Tel: 60-3-6201-9857 Fax: 60-3-6201-9859

Detroit Novi, MI Tel: 248-848-4000

China - Qingdao Tel: 86-532-8502-7355 Fax: 86-532-8502-7205

Malaysia - Penang Tel: 60-4-227-8870 Fax: 60-4-227-4068

Houston, TX Tel: 281-894-5983

China - Shanghai Tel: 86-21-5407-5533 Fax: 86-21-5407-5066

Philippines - Manila Tel: 63-2-634-9065 Fax: 63-2-634-9069

China - Shenyang Tel: 86-24-2334-2829 Fax: 86-24-2334-2393

Singapore Tel: 65-6334-8870 Fax: 65-6334-8850

China - Shenzhen Tel: 86-755-8864-2200 Fax: 86-755-8203-1760

Taiwan - Hsin Chu Tel: 886-3-5778-366 Fax: 886-3-5770-955

China - Wuhan Tel: 86-27-5980-5300 Fax: 86-27-5980-5118

Taiwan - Kaohsiung Tel: 886-7-213-7828

Dallas Addison, TX Tel: 972-818-7423 Fax: 972-818-2924

Indianapolis Noblesville, IN Tel: 317-773-8323 Fax: 317-773-5453 Los Angeles Mission Viejo, CA Tel: 949-462-9523 Fax: 949-462-9608 New York, NY Tel: 631-435-6000 San Jose, CA Tel: 408-735-9110 Canada - Toronto Tel: 905-673-0699 Fax: 905-673-6509

China - Xian Tel: 86-29-8833-7252 Fax: 86-29-8833-7256

Poland - Warsaw Tel: 48-22-3325737 Spain - Madrid Tel: 34-91-708-08-90 Fax: 34-91-708-08-91 Sweden - Stockholm Tel: 46-8-5090-4654 UK - Wokingham Tel: 44-118-921-5800 Fax: 44-118-921-5820

Taiwan - Taipei Tel: 886-2-2508-8600 Fax: 886-2-2508-0102 Thailand - Bangkok Tel: 66-2-694-1351 Fax: 66-2-694-1350 01/27/15

DS60001246B-page 49-48

 2013-2015 Microchip Technology Inc.

Section 49. Crypto Engine and Random Number ... - Microchip

Section 49. Crypto Engine and Random Number ... - Microchip

Suggest Documents

PIC24F Family Reference Manual, Section. 49. 10-Bit ADC ... - Microchip

Engine section

Volume 49, Number 2

dsPIC33F Section 17. UART - Microchip Taiwan

Section 40. Reset with Programmable BOR - Microchip

dsPIC33F FRM Section 8. Reset - Microchip

Section 5. Flash Programming - Microchip Technology Inc.

Section 28. Parallel Master Port (PMP) - Microchip

dsPIC33F Section 17. UART - Microchip Taiwan

Section 35. Parallel Master Port (PMP) - Microchip

FOUR-CYLINDER ENGINE SECTION

FOUR-CYLINDER ENGINE SECTION

ENGINE MECHANICAL SECTION EM

FOUR-CYLINDER ENGINE SECTION

Engine Model Number Guides

Engine Number Guide

Perkins Engine Number Guide

Perkins Engine Number Guide

ENGINE SERIAL NUMBER:

Perkins Engine Number Guide

Random Number Table

Chapter / Section Number

Zehao_Zhao_Quantum Random Number Generators

06 Random Number Generation.pptm