4 descriptor classes, 1 dynamic descriptors, Descriptor classes -64 – Freescale Semiconductor MCF5480 User Manual

MCF548x Reference Manual, Rev. 3

22-64

Freescale Semiconductor

22.13.4 Descriptor Classes

The SEC has two general classes of descriptors: dynamic, which refers to a continually changing usage

model, and static, which refers to a relatively unchanging usage of the SEC resources.

22.13.4.1 Dynamic Descriptors

In a typical networking environment, packets from innumerable sessions can arrive randomly. The host

must determine which security association applies to the current packet and encrypt or decrypt without any

knowledge of the security association of the previous or next packet. This situation calls for the use of

dynamic descriptors.
When under dynamic assignment, an EU must be used under the assumption that a different

crypto-channel (with a different context) may have just used the EU and that another crypto-channel (with

yet another context) may use that EU immediately after the current crypto-channel has released the EU.

Therefore, for dynamic-assignment use, there is a set of data packet descriptors defined that sets up the

appropriate context, performs the cipher function, and then saves the context to system memory.

Table 22-45

shows the format for a dynamic descriptor. Since TYPE 0001 and 0010 are the most

commonly used, TYPE 0001 is used for the following examples. The descriptor loads context (IV) and

keys into the EU. Then the input data is read and ciphered and the output is written to system memory.

Finally, the new context is optionally written to system memory so that it can be used as the starting context

for a new descriptor.

1110

HMAC Key

HMAC Data

Key

Data In

Data Out

IV Out via FIFO

HMAC/Context Out

1111

HMAC Key

HMAC Data

IV

Data In

Data Out

IV Out via FIFO

HMAC/Context Out

Table 22-45. Dynamic Descriptor Example

Field Name

Value/Type

Description

Header

0xXXXX_XX1X

TYPE 0001

LEN_1

Length (not used)

NULL

PTR_1

Pointer (not used)

NULL

LEN_2

IV Length

Number of bytes of IV to be written to EU

PTR_2

IV Pointer

Address of IV

LEN_3

Key Length

Number of bytes of Key to be written to EU

PTR_3

Key Pointer

Address of Key

LEN_4

Data In Length

Number of bytes to be encrypted/decrypted

PTR_4

Data In Pointer

Address of data to be encrypted/decrypted

LEN_5

Data Out Length

Bytes to be written (should be equal to length of data in)

PTR_5

Data Out Pointer

Address where final data is written

LEN_6

IV Out Length

Number of bytes of IV to be written to memory (optional)

Table 22-44. Descriptor Length/Pointer Mapping (Continued)

Descriptor

Type

L/P 1

L/P 2

L/P 3

L/P 4

L/P 5

L/P 6

L/P 7