qoriq ls1043a security (sec) reference manual · 2020. 8. 24. · qoriq ls1043a security (sec)...

QorIQ LS1043A Security (SEC)Reference Manual

Document Number: LS1043ASECRMRev. 1, 07/2017

QorIQ LS1043A Security (SEC) Reference Manual, Rev. 1, 07/2017

2 NXP Semiconductors

Contents

Section number Title Page

Chapter 1Overview of SEC (security engine) functionality

Chapter 2Feature summary

Chapter 3SEC implementation

3.1 SEC submodules......................................................................................................................................................... 75

3.2 Cryptographic engines implemented in SEC..............................................................................................................75

3.3 SEC Export-Controlled vs. non-Export-Controlled Versions.................................................................................... 76

Chapter 4SEC modes of operation

4.1 Security Monitor (SecMon) security states.................................................................................................................79

4.1.1 The effect of security state on volatile keys...............................................................................................80

4.1.2 The effect of security state on non-volatile keys....................................................................................... 81

4.2 Keys available in different security modes.................................................................................................................81

4.2.1 Keys available in trusted mode.................................................................................................................. 81

4.2.2 Keys available in secure mode...................................................................................................................82

4.2.3 Keys available in non-secure mode........................................................................................................... 82

4.2.4 Keys available in fail mode........................................................................................................................83

Chapter 5SEC hardware functional description

5.1 System Bus Interfaces.................................................................................................................................................86

5.1.1 AXI master (DMA) interface.....................................................................................................................86

5.1.1.1 DMA read-safe transactions...................................................................................................86

5.1.1.2 DMA interface write-safe transactions.................................................................................. 87

5.1.1.3 DMA write-efficient transactions.......................................................................................... 87

5.1.1.4 DMA bursts that may read past the end of data structures.................................................... 88

5.1.2 Register interface (IP bus)..........................................................................................................................89


NXP Semiconductors 3


5.2 SEC service interface concepts...................................................................................................................................90

5.2.1 SEC descriptors..........................................................................................................................................90

5.2.2 Job termination status/error codes..............................................................................................................92

5.2.3 Frames and flows....................................................................................................................................... 97

5.2.4 Frame descriptors and frames.................................................................................................................... 98

5.2.5 Frame descriptor flow and flow context.................................................................................................... 98

5.2.6 Buffer allocation, release, and reuse.......................................................................................................... 99

5.2.7 User data access control and isolation....................................................................................................... 99

5.3 Service interfaces........................................................................................................................................................ 100

5.3.1 Job Ring interface...................................................................................................................................... 101

5.3.1.1 Configuring and managing the input/output rings, overview................................................ 101

5.3.1.2 Managing the input rings....................................................................................................... 103

5.3.1.3 Managing the output rings..................................................................................................... 104

5.3.1.4 Controlling access to Job Rings............................................................................................. 105

5.3.1.5 Order of job completion.........................................................................................................105

5.3.1.6 Initializing Job Rings............................................................................................................. 106

5.3.1.7 Job Ring Registers................................................................................................................. 106

5.3.1.8 Asserting Job Ring interrupts.................................................................................................106

5.3.2 Queue Manager Interface (QI)...................................................................................................................107

5.3.2.1 Requesting and receiving frame descriptors from QMan...................................................... 108

5.3.2.2 Building job descriptors for QI jobs...................................................................................... 109

5.3.2.3 Controlling QI access to frame queues and data....................................................................109

5.3.2.4 Tracking the completion order of QI jobs..............................................................................110

5.3.2.5 Initializing the Queue Manager Interface.............................................................................. 110

5.3.2.6 Done/error notification for QI jobs........................................................................................ 111

5.3.3 Register-based service interface.................................................................................................................111

5.4 Job scheduling.............................................................................................................................................................113

5.4.1 Job scheduling - default algorithm.............................................................................................................113

5.4.2 Job scheduling - DECO-specific jobs........................................................................................................ 116




5.5 Job execution hardware...............................................................................................................................................117

5.5.1 Descriptor controller (DECO) and cryptographic control block (CCB)....................................................117

5.5.1.1 Alignment blocks................................................................................................................... 118

5.5.2 Cryptographic hardware accelerators (CHAs) (overview)........................................................................ 119

Chapter 6Frame queues, frame descriptors, and buffers

6.1 Frame queues.............................................................................................................................................................. 121

6.1.1 Dequeue response...................................................................................................................................... 122

6.1.1.1 Context_A field (preheader).................................................................................................. 123

6.2 Frame descriptors........................................................................................................................................................125

6.2.1 Processing simple frame jobs.....................................................................................................................126

6.2.2 Processing compound frame jobs.............................................................................................................. 127

6.2.3 Frame descriptor error handling.................................................................................................................128

6.2.4 Job descriptor construction from frame descriptor.................................................................................... 129

Chapter 7Descriptors and descriptor commands

7.1 Job descriptors............................................................................................................................................................ 133

7.2 Trusted descriptors......................................................................................................................................................135

7.3 Shared descriptors.......................................................................................................................................................137

7.3.1 Executing shared descriptors in proper order............................................................................................ 138

7.3.2 Specifying different types of shared descriptor sharing.............................................................................140

7.3.2.1 Error sharing.......................................................................................................................... 141

7.3.3 Changing shared descriptors...................................................................................................................... 141

7.4 Using in-line descriptors.............................................................................................................................................142

7.5 Using replacement job descriptors..............................................................................................................................143

7.6 Scatter/gather tables (SGTs)....................................................................................................................................... 145

7.7 Using descriptor commands........................................................................................................................................146

7.7.1 Command execution order......................................................................................................................... 147

7.7.1.1 Executing commands when SHR = 0.................................................................................... 149




7.7.1.2 Executing commands when SHR = 1.................................................................................... 150

7.7.1.3 Executing commands when REO = 0.................................................................................... 150

7.7.1.4 Executing commands when REO = 1.................................................................................... 151

7.7.1.5 Executing additional HEADER commands...........................................................................152

7.7.1.6 Jumping to another job descriptor..........................................................................................153

7.7.2 Command properties.................................................................................................................................. 154

7.7.2.1 Blocking commands...............................................................................................................154

7.7.2.2 Load/store checkpoint............................................................................................................ 154

7.7.2.3 Done checkpoint.................................................................................................................... 154

7.7.3 Command types..........................................................................................................................................155

7.7.4 SEQ vs non-SEQ commands..................................................................................................................... 156

7.7.4.1 Creating a sequence............................................................................................................... 157

7.7.4.2 Using sequences for fixed and variable length data...............................................................158

7.7.4.3 Transferring meta data........................................................................................................... 159

7.7.4.4 Rewinding a sequence............................................................................................................160

7.7.5 Information FIFO entries........................................................................................................................... 160

7.7.6 Output FIFO Operation..............................................................................................................................161

7.7.7 Output Checksum logic..............................................................................................................................163

7.7.8 Cryptographic class....................................................................................................................................164

7.7.9 Address pointers.........................................................................................................................................165

7.8 HEADER command....................................................................................................................................................166

7.9 KEY commands..........................................................................................................................................................171

7.10 LOAD commands....................................................................................................................................................... 175

7.11 FIFO LOAD command...............................................................................................................................................188

7.11.1 Bit length data............................................................................................................................................ 191

7.11.2 FIFO LOAD input data type ..................................................................................................................... 192

7.12 ECPARAM command................................................................................................................................................ 194

7.13 STORE command....................................................................................................................................................... 198

7.14 FIFO STORE command............................................................................................................................................. 206




7.15 MOVE, MOVEB, MOVEDW, and MOVE_LEN commands................................................................................... 212

7.16 ALGORITHM OPERATION command.................................................................................................................... 221

7.17 PROTOCOL OPERATION commands..................................................................................................................... 228

7.18 PKHA OPERATION command................................................................................................................................. 247

7.18.1 PKHA OPERATION: clear memory function...........................................................................................249

7.18.2 PKHA OPERATION: Arithmetic Functions.............................................................................................250

7.18.3 PKHA OPERATION: copy memory functions......................................................................................... 257

7.18.4 PKHA OPERATION: Elliptic Curve Functions........................................................................................259

7.19 SIGNATURE command............................................................................................................................................. 262

7.20 JUMP (HALT) command........................................................................................................................................... 265

7.20.1 Jump type................................................................................................................................................... 266

7.20.1.1 Local conditional jump.......................................................................................................... 266

7.20.1.2 Local conditional increment/decrement jump........................................................................267

7.20.1.3 Non-local conditional jump................................................................................................... 267

7.20.1.4 Conditional halt......................................................................................................................268

7.20.1.5 Conditional halt with user-specified status............................................................................ 268

7.20.1.6 Conditional subroutine call.................................................................................................... 269

7.20.1.7 Conditional subroutine return................................................................................................ 269

7.20.2 Test type.....................................................................................................................................................270

7.20.3 JSL and TEST CONDITION fields........................................................................................................... 271

7.20.4 JUMP command format............................................................................................................................. 272

7.21 MATH and MATHI Commands.................................................................................................................................275

7.22 SEQ IN PTR command...............................................................................................................................................282

7.23 SEQ OUT PTR command...........................................................................................................................................285

Chapter 8Public Key Cryptography Operations

8.1 Conformance considerations.......................................................................................................................................289

8.2 Discrete-log key-pair generation.................................................................................................................................290

8.2.1 Inputs to the discrete-log key-pair generation function............................................................................. 291




8.2.2 Assumptions of the discrete-log key-pair generation function.................................................................. 291

8.2.3 Outputs from the discrete-log key-pair generation function......................................................................291

8.2.4 Operation of the discrete-log key-pair generation function....................................................................... 291

8.2.5 Notes associated with the discrete-log key-pair generation function ........................................................292

8.3 Using the Diffie_Hellman function............................................................................................................................ 296

8.3.1 Diffie_Hellman requirements.................................................................................................................... 296

8.3.2 Inputs to the Diffie-Hellman function........................................................................................................296

8.3.3 Assumptions of the Diffie-Hellman function.............................................................................................297

8.3.4 Outputs from the Diffie-Hellman function................................................................................................ 297

8.3.5 Operation of the Diffie-Hellman function................................................................................................. 297

8.3.6 Notes associated with the Diffie-Hellman function...................................................................................297

8.4 Generating DSA and ECDSA signatures....................................................................................................................298

8.4.1 Inputs to the DSA and ECDSA signature generation function..................................................................299

8.4.2 Assumptions of the DSA and ECDSA signature generation function.......................................................299

8.4.3 Outputs from the DSA and ECDSA signature generation function...........................................................299

8.4.4 Operation of the DSA and ECDSA signature generation function ...........................................................300

8.4.5 Notes associated with the DSA and ECDSA Signature Generation function............................................300

8.5 Verifying DSA and ECDSA signatures......................................................................................................................303

8.5.1 Inputs to the DSA and ECDSA signature verification function................................................................ 304

8.5.2 Assumptions of the DSA and ECDSA signature verification function..................................................... 304

8.5.3 Outputs from the DSA and ECDSA signature verification function......................................................... 304

8.5.4 Operation of the DSA and ECDSA signature verification function ......................................................... 304

8.5.5 Notes associated with the DSA and ECDSA Signature Verification function ......................................... 305

8.6 RSA Finalize Key Generation (RFKG)...................................................................................................................... 308

8.7 Implementation of the RSA encrypt operation........................................................................................................... 309

8.8 Implementation of the RSA decrypt operation........................................................................................................... 311

Chapter 9Protocol acceleration

9.1 IPsec ESP encapsulation and decapsulation overview............................................................................................... 319




9.1.1 IPsec ESP encapsulation and decapsulation mode support....................................................................... 321

9.1.2 IPsec ESP error codes................................................................................................................................ 321

9.1.3 Programming for IPsec ............................................................................................................................. 322

9.1.3.1 PDB format for IPsec ESP Transport (and Legacy Tunnel) encapsulation...........................323

9.1.3.2 Common PDB format descriptions for IPsec ESP Transport (and Legacy Tunnel)

decapsulation..........................................................................................................................326

9.1.3.3 Overriding ESP Transport (and legacy Tunnel) PDB content with the DECO Protocol

Override Register................................................................................................................... 329

9.1.3.4 PDB format for IPsec ESP Tunnel encapsulation .................................................................330

9.1.3.5 Common PDB format descriptions for IPsec ESP Tunnel decapsulation............................. 333

9.1.3.6 Overriding ESP Tunnel PDB content with the DECO Protocol Override Register.............. 336

9.1.3.7 IPsec ESP encapsulation CBC-specific PDB segment format descriptions.......................... 338

9.1.3.8 IPsec ESP encapsulation AES-CTR-specific PDB segment format descriptions..................338

9.1.3.9 IPsec ESP encapsulation AES-CCM-specific PDB segment format descriptions................ 339

9.1.3.10 IPsec ESP encapsulation AES-GCM-specific PDB segment format descriptions................ 339

9.1.3.11 IPsec ESP decapsulation CBC-specific PDB segment format descriptions.......................... 340

9.1.3.12 IPsec ESP decapsulation AES-CTR-specific PDB segment format descriptions..................340

9.1.3.13 IPsec ESP decapsulation AES-CCM-specific PDB segment format descriptions................ 341

9.1.3.14 IPsec ESP decapsulation AES-GCM-specific PDB segment format descriptions................ 341

9.1.4 IPsec ESP Transport (and Legacy Tunnel) encapsulation overview......................................................... 342

9.1.4.1 Encapsulating the IP header in tunnel mode..........................................................................343

9.1.4.2 Encapsulating the IP header in transport mode......................................................................343

9.1.4.3 Process for IPsec ESP Transport (and Legacy Tunnel) encapsulation.................................. 343

9.1.5 IPsec ESP Cryptographic Encapsulation................................................................................................... 345

9.1.5.1 Process for IPsec encapsulation when using AES-CBC or DES-CBC..................................345

9.1.5.2 Process for IPsec encapsulation when using AES-CTR........................................................ 346

9.1.5.3 Process for IPsec encapsulation when using AES-CCM....................................................... 348

9.1.5.4 Process for IPsec encapsulation when using AES-GCM.......................................................350

9.1.6 IPsec ESP Transport (and Legacy Tunnel) decapsulation procedure overview........................................ 351




9.1.6.1 IPsec ESP Transport Mode outer IP header decapsulation procedure...................................353

9.1.6.2 IPsec ESP Transport (and Legacy Tunnel) outer IP header decapsulation procedure

(tunnel mode)......................................................................................................................... 353

9.1.7 IPsec ESP Cryptographic Decapsulation................................................................................................... 354

9.1.7.1 IPsec decapsulation procedure when using AES-CBC or DES-CBC....................................354

9.1.7.2 Process for IPsec decapsulation when using AES-CTR........................................................ 356

9.1.7.3 Process for IPsec decapsulation when using AES-CCM....................................................... 357

9.1.7.4 Process for IPsec decapsulation when using AES-GCM.......................................................358

9.1.7.5 Use of SPI and the sequence number in decapsulation..........................................................359

9.1.7.6 Optional use of ESN in ESP decapsulation........................................................................... 360

9.1.7.7 Anti-replay checking in IPsec ESP decapsulation................................................................. 360

9.1.7.8 ICV checking during IPsec ESP decapsulation..................................................................... 362

9.1.8 IPsec ESP Tunnel encapsulation overview................................................................................................362

9.1.8.1 Handling the Outer IP Header during ESP Tunnel encapsulation......................................... 362

9.1.8.2 Outer IP Header handling with UDP-encapsulated-ESP....................................................... 364

9.1.8.3 ESP Tunnel Outer IP Header manipulation........................................................................... 364

9.1.8.4 ESP Tunnel handling of Next Header....................................................................................365

9.1.9 IPsec ESP tunnel decapsulation overview................................................................................................. 365

9.1.9.1 Input material preceding the outer IP header......................................................................... 366

9.1.9.2 Handling the Outer IP Header during ESP Tunnel decapsulation......................................... 366

9.1.9.3 Manipulation of the Inner IP Header during ESP Tunnel decapsulation...............................367

9.1.9.4 Decapsulation Output Frame Length..................................................................................... 368

9.2 SSL/TLS/DTLS record encapsulation and decapsulation overview.......................................................................... 368

9.2.1 Programming and processing details common to all versions of SSL, TLS, and DTLS...........................369

9.2.1.1 PDB use and format for SSL, TLS, and DTLS encapsulation and decapsulation.................370

9.2.1.2 Overriding the PDB for SSL, TLS, and DTLS Encapsulation.............................................. 376

9.2.1.3 Computing the pre-encrypted record length during decapsulation........................................377

9.2.1.4 SSL, TLS, DTLS Decapsulation Output frame options.........................................................378

9.2.1.5 SSL / TLS / DTLS error codes...............................................................................................380




9.2.2 Process for SSL 3.0 and TLS 1.0 record encapsulation.............................................................................380

9.2.2.1 Differences between SSL 3.0 and TLS 1.0 (record encapsulation)....................................... 381

9.2.2.2 Processing SSL 3.0 and TLS 1.0 record encapsulation with block ciphers...........................382

9.2.3 Process for SSL 3.0 and TLS 1.0 record decapsulation.............................................................................383

9.2.3.1 SSL 3.0 and TLS 1.0 Record Decapsulation for block ciphers............................................. 384

9.2.3.2 Differences between SSL 3.0 and TLS 1.0 (record decapsulation)....................................... 384

9.2.4 Process for TLS 1.1 and TLS 1.2 record encapsulation.............................................................................385

9.2.4.1 Differences between TLS 1.0, TLS 1.1, and TLS 1.2 Record Encapsulation....................... 386

9.2.4.2 Support for IV generation in TLS 1.1 and TLS 1.2 record encapsulation.............................386

9.2.4.3 Processing TLS 1.1 and TLS 1.2 record encapsulation with block ciphers (AES or DES).. 388

9.2.4.4 Processing TLS 1.1 and TLS 1.2 record encapsulation with stream ciphers.........................389

9.2.4.5 Processing TLS 1.1 and TLS 1.2 record encapsulation with AEAD ciphers........................ 390

9.2.5 Process for TLS 1.1 and TLS 1.2 record decapsulation.............................................................................391

9.2.5.1 Decapsulation of TLS 1.1 and TLS 1.2 records when a stream cipher is used......................392

9.2.5.2 Decapsulation of TLS 1.1 and TLS 1.2 records when a block cipher is used....................... 394

9.2.5.3 Decapsulation of TLS 1.2 records when an AEAD is used................................................... 395

9.2.6 Process for DTLS record encapsulation.....................................................................................................396

9.2.6.1 Differences between DTLS and TLS.....................................................................................397

9.2.6.2 Process of DTLS Record Encapsulation when using a Block Cipher................................... 397

9.2.6.3 Process of DTLS Record Encapsulation when using a Stream Cipher..................................399

9.2.6.4 DTLS 1.2 Record Encapsulation when using an AEAD Cipher........................................... 400

9.2.7 Process for DTLS record decapsulation.....................................................................................................401

9.2.7.1 Differences between DTLS and TLS.....................................................................................402

9.2.7.2 Process of DTLS Record Decapsulation when using a Block Cipher................................... 402

9.2.7.3 Process of DTLS Record Decapsulation when using a Stream Cipher................................. 404

9.2.7.4 DTLS 1.2 Record Decapsulation when using an AEAD Cipher........................................... 405

9.3 SRTP packet encapsulation and decapsulation...........................................................................................................407

9.3.1 Building the initial counter value (Counter IV)......................................................................................... 408

9.3.2 Building the AEAD Nonce........................................................................................................................ 408




9.3.3 Constructing the AESA context from the SRTP AEAD Nonce for AES-CCM mode..............................409

9.3.4 SRTP encapsulation................................................................................................................................... 410

9.3.4.1 Process for SRTP encapsulation............................................................................................ 411

9.3.4.2 Handling the optional MKI.................................................................................................... 412

9.3.4.3 SRTP encapsulation PDB format descriptions...................................................................... 412

9.3.4.4 SRTP encapsulation error conditions.....................................................................................413

9.3.5 SRTP decapsulation overview................................................................................................................... 413

9.3.5.1 Process for SRTP decapsulation............................................................................................ 414

9.3.5.2 SRTP decapsulation PDB format descriptions...................................................................... 415

9.3.5.3 SRTP decapsulation error conditions.....................................................................................417

9.4 IEEE 802.1AE MACsec encapsulation and decapsulation overview.........................................................................417

9.4.1 Process for 802.1AE MACsec encapsulation............................................................................................ 418

9.4.1.1 Using the frame check sequence (FCS)................................................................................. 420

9.4.1.2 Additional notes for GMAC support..................................................................................... 421

9.4.2 MACsec encapsulation PDB format descriptions......................................................................................422

9.4.3 Process for 802.1AE MACSec decapsulation............................................................................................423

9.4.3.1 Automatically switching between two keys...........................................................................425

9.4.3.2 Additional notes for GMAC support (decapsulation)............................................................426

9.4.4 MACsec decapsulation PDB format descriptions......................................................................................426

9.5 IEEE 802.11 -2012 WPA2 MPDU encapsulation and decapsulation........................................................................ 427

9.5.1 Processing Common to WPA2 Encapsulation and Decapsulation............................................................ 428

9.5.1.1 Constructing the AAD for WPA2 encapsulation and decapsulation..................................... 428

9.5.1.2 Constructing the CCMP Nonce for WPA2 encapsulation and decapsulation....................... 429

9.5.1.3 Constructing the AESA context for WPA2 CCMP encapsulation and decapsulation.......... 429

9.5.2 Process for WPA2 encapsulation...............................................................................................................430

9.5.2.1 Constructing the CCMP header for WPA2 encapsulation.....................................................431

9.5.2.2 WPA2 Payload Encapsulation............................................................................................... 432

9.5.2.3 Computing the FCS for WPA2 encapsulation....................................................................... 432

9.5.2.4 WPA2 encapsulation PDB format descriptions..................................................................... 432




9.5.2.5 WPA2 encapsulation error conditions................................................................................... 434

9.5.3 Process for WPA2 decapsulation...............................................................................................................434

9.5.3.1 WPA2 Decapsulation Anti-replay checking.......................................................................... 435

9.5.3.2 Using automatic key-switching..............................................................................................436

9.5.3.3 WPA2 decapsulation PDB format descriptions..................................................................... 436

9.5.3.4 WPA2 decapsulation error conditions................................................................................... 437

9.6 IEEE 802.16 WiMAX encapsulation and decapsulation overview............................................................................ 438

9.6.1 Process for IEEE 802.16 WiMAX encapsulation......................................................................................439

9.6.2 IEEE 802.16 WiMAX encapsulation PDB format descriptions................................................................ 441

9.6.3 WiMax encapsulation error conditions...................................................................................................... 442

9.6.4 Procedure for IEEE 802.16 WiMAX decapsulation..................................................................................442

9.6.4.1 Transforming the GMH (WiMAX decapsulation).................................................................444

9.6.4.2 Automatic key switching (WiMAX decapsulation)...............................................................445

9.6.5 IEEE 802.16 WiMAX decapsulation PDB format descriptions................................................................ 445

9.6.6 WiMAX decapsulation error conditions.................................................................................................... 446

9.7 Anti-Replay built-in checking.....................................................................................................................................446

9.8 Process for 3G double-CRC encapsulation and decapsulation...................................................................................449

9.8.1 3G double-CRC encapsulation process......................................................................................................450

9.8.1.1 Calculating the 7-bit CRC of the PDU header for encapsulation.......................................... 450

9.8.1.2 Calculating the 11-bit CRC of the PDU header for encapsulation........................................ 451

9.8.1.3 Calculating the 16-bit payload CRC for encapsulation......................................................... 452

9.8.2 3G double-CRC encapsulation PDB format descriptions..........................................................................452

9.8.3 3G double-CRC decapsulation process......................................................................................................452

9.8.3.1 Calculating the 7-bit CRC of the PDU header for decapsulation.......................................... 453

9.8.3.2 Calculating the 11-bit CRC of the PDU header for decapsulation........................................ 453

9.8.3.3 Calculating the 16-bit payload CRC for decapsulation......................................................... 454

9.8.4 3G double-CRC decapsulation PDB format descriptions..........................................................................454

9.9 3G RLC PDU Encapsulation and Decapsulation overview........................................................................................455

9.9.1 3G RLC PDU encapsulation overview...................................................................................................... 455




9.9.2 Process for 3G RLC PDU encapsulation................................................................................................... 456

9.9.3 3G RLC PDU encapsulation PDB format descriptions............................................................................. 457

9.9.4 3G RLC PDU decapsulation overview...................................................................................................... 458

9.9.5 Process for 3G RLC PDU decapsulation................................................................................................... 459

9.9.6 3G RLC PDU decapsulation PDB format descriptions............................................................................. 460

9.9.7 Overriding the PDB for 3G RLC PDU encapsulation and decapsulation................................................. 460

9.10 LTE PDCP PDU encapsulation and decapsulation overview.....................................................................................461

9.10.1 LTE PDCP PDU IV generation................................................................................................................. 462

9.10.2 LTE PDCP PDU encapsulation process for confidentiality only.............................................................. 465

9.10.3 LTE PDCP PDU encapsulation for confidentiality and integrity.............................................................. 467

9.10.4 LTE PDCP PDU decapsulation process for confidentiality only.............................................................. 468

9.10.5 LTE PDCP PDU decapsulation for confidentiality and integrity.............................................................. 469

9.10.6 LTE PDCP shared descriptor PDB format descriptions............................................................................ 471

9.10.7 Overriding the PDB for LTE PDCP encapsulation and decapsulation......................................................471

Chapter 10Key agreement functions

10.1 IKEv2 PRF overview..................................................................................................................................................473

10.1.1 Using IKE PRF to generate SKEYSEED.................................................................................................. 474

10.1.2 Using IKE PRF+ to generate keying material for the IKEv2 SA.............................................................. 474

10.1.3 Using IKE PRF+ to generate Child SA key material.................................................................................475

10.1.4 Restrictions on programming control blocks............................................................................................. 475

10.1.5 IKE PRF PDB format descriptions............................................................................................................ 476

10.1.6 Implementation details for IKE PRF function........................................................................................... 479

10.1.7 Implementation Details for IKE PRF+ function........................................................................................ 480

10.2 SSL/TLS/DTLS pseudo-random functions (PRF)......................................................................................................481

10.2.1 SSL 3.0 PRF overview...............................................................................................................................481

10.2.1.1 SSL 3.0 PRF definitions.........................................................................................................482

10.2.2 Process for SSL 3.0 PRF............................................................................................................................483

10.2.3 SSL 3.0 PRF PDB format descriptions......................................................................................................483




10.2.4 TLS 1.0/TLS 1.1/DTLS PRF overview..................................................................................................... 486

10.2.4.1 TLS PRF RFC definitions......................................................................................................488

10.2.5 Process for TLS 1.0, TLS 1.1, DTLS PRF................................................................................................ 489

10.2.5.1 How TLS uses PRF material..................................................................................................489

10.2.5.2 Concatenating input material into one input string (TLS 1.0/1.1/DTLS)..............................490

10.2.6 TLS 1.0, TLS 1.1, DTLS PRF PDB format descriptions...........................................................................491

10.2.7 TLS 1.2 PRF overview...............................................................................................................................494

10.2.8 Process for TLS 1.2 PRF............................................................................................................................495

10.2.8.1 Concantenating input material into one input string (TLS 1.2)............................................. 496

10.2.8.2 How TLS uses PRF material (TLS 1.2).................................................................................496

10.2.9 TLS 1.2 PRF PDB format descriptions......................................................................................................497

10.3 Implementation of the derived key protocol...............................................................................................................499

10.3.1 Using DKP with HMAC keys....................................................................................................................500

10.3.2 Implementation of the Blob Protocol.........................................................................................................501

Chapter 11Cryptographic hardware accelerators (CHAs)

11.1 Public-key hardware accelerator (PKHA) functionality.............................................................................................504

11.1.1 Modular math.............................................................................................................................................505

11.1.2 About Montgomery values.........................................................................................................................505

11.1.3 Non-modular Math.....................................................................................................................................507

11.1.4 Elliptic-Curve Math................................................................................................................................... 507

11.1.4.1 Point math over a prime field (Fp).........................................................................................508

11.1.4.2 Point math over a binary field (F2m).....................................................................................509

11.1.4.3 About Jacobian projective coordinates.................................................................................. 510

11.1.4.4 About the Point at Infinity..................................................................................................... 511

11.1.5 PKHA Mode Register................................................................................................................................ 511

11.1.6 PKHA functions.........................................................................................................................................511

11.1.6.1 Clear Memory (CLEAR_MEMORY) function..................................................................... 512

11.1.6.2 Integer Modular Addition (MOD_ADD) function................................................................ 514




11.1.6.3 Integer Modular Subtraction (MOD_SUB_1) function......................................................... 514

11.1.6.4 Integer Modular Subtraction (MOD_SUB_2) function......................................................... 515

11.1.6.5 Integer Modular Multiplication (MOD_MUL)......................................................................515

11.1.6.6 Integer Modular Multiplication with Montgomery Inputs (MOD_MUL_IM)......................516

11.1.6.7 Integer Modular Multiplication with Montgomery Inputs and Outputs

(MOD_MUL_IM_OM) Function.......................................................................................... 517

11.1.6.8 Integer Modular Exponentiation (MOD_EXP and MOD_EXP_TEQ)................................. 517

11.1.6.9 Integer Modular Exponentiation, Montgomery Input (MOD_EXP_IM and

MOD_EXP_IM_TEQ) Function............................................................................................518

11.1.6.10 Integer Simultaneous Modular Exponentiation (MOD_SML_EXP).....................................519

11.1.6.11 Integer Modular Square (MOD_SQR and MOD_SQR_TEQ).............................................. 520

11.1.6.12 Integer Modular Square, Montgomery inputs (MOD_SQR_IM and

MOD_SQR_IM_TEQ)...........................................................................................................520

11.1.6.13 Integer Modular Square, Montgomery inputs and outputs (MOD_SQR_IM_OM and

MOD_SQR_IM_OM_TEQ).................................................................................................. 521

11.1.6.14 Integer Modular Cube (MOD_CUBE and MOD_CUBE_TEQ)...........................................522

11.1.6.15 Integer Modular Cube, Montgomery input (MOD_CUBE_IM and

MOD_CUBE_IM_TEQ)........................................................................................................522

11.1.6.16 Integer Modular Cube, Montgomery input and output (MOD_CUBE_IM_OM and

MOD_CUBE_IM_OM_TEQ)............................................................................................... 523

11.1.6.17 Integer Modular Square Root (MOD_SQRT)....................................................................... 524

11.1.6.18 Integer Modulo Reduction (MOD_AMODN)....................................................................... 525

11.1.6.19 Integer Modular Inversion (MOD_INV)............................................................................... 525

11.1.6.20 Integer Montgomery Factor Computation (MOD_R2)..........................................................526

11.1.6.21 Integer Greatest Common Divisor (MOD_GCD)..................................................................526

11.1.6.22 Miller_Rabin Primality Test (PRIME_TEST).......................................................................527

11.1.6.23 Binary Polynomial (F2m) Addition (F2M_ADD) function...................................................527

11.1.6.24 Binary Polynomial (F2m) Modular Multiplication (F2M_MUL)......................................... 528

11.1.6.25 Binary Polynomial (F2m) Modular Multiplication with Montgomery Inputs

(F2M_MUL_IM) Function.................................................................................................... 529




11.1.6.26 Binary Polynomial (F2m) Modular Multiplication with Montgomery Inputs and Outputs

(F2M_MUL_IM_OM) Function............................................................................................530

11.1.6.27 Binary Polynomial (F2m) Modular Exponentiation (F2M_EXP and F2M_EXP_TEQ)...... 530

11.1.6.28 Binary Polynomial (F2m) Simultaneous Modular Exponentiation (F2M_SML_EXP)........ 531

11.1.6.29 Binary Polynomial (F2m) Modular Square (F2M_SQR and F2M_SQR_TEQ)................... 532

11.1.6.30 Binary Polynomial (F2m) Modular Square, Montgomery Input (F2M_SQR_IM and

F2M_SQR_IM_TEQ)............................................................................................................ 533

11.1.6.31 Binary Polynomial (F2m) Modular Square, Montgomery Input and Output

(F2M_SQR_IM_OM and F2M_SQR_IM_OM_TEQ)..........................................................533

11.1.6.32 Binary Polynomial (F2m) Modular Cube (F2M_CUBE and F2M_CUBE_TEQ)................ 534

11.1.6.33 Binary Polynomial (F2m) Modular Cube, Montgomery Input (F2M_CUBE_IM and

F2M_CUBE_IM_TEQ)......................................................................................................... 535

11.1.6.34 Binary Polynomial (F2m) Modular Cube, Montgomery Input and Output

(F2M_CUBE_IM_OM and F2M_CUBE_IM_OM_TEQ)....................................................536

11.1.6.35 Binary Polynomial (F2m) Modulo Reduction (F2M_AMODN)...........................................536

11.1.6.36 Binary Polynomial (F2m) Modular Inversion (F2M_INV)...................................................537

11.1.6.37 Binary Polynomial (F2m) R2 Mod N (F2M_R2) Function...................................................538

11.1.6.38 Binary Polynomial (F2m) Greatest Common Divisor (F2M_GCD) Function...................... 538

11.1.6.39 ECC Fp Point Add, Affine Coordinates (ECC_MOD_ADD) Function................................539

11.1.6.40 ECC Fp Point Add, Affine Coordinates, R2 Mod N Input (ECC_MOD_ADD_R2)

Function................................................................................................................................. 539

11.1.6.41 ECC Fp Point Double, Affine Coordinates (ECC_MOD_DBL) Function............................540

11.1.6.42 ECC Fp Point Multiply, Affine Coordinates (ECC_MOD_MUL and

ECC_MOD_MUL_TEQ) Function....................................................................................... 541

11.1.6.43 ECC Fp Point Multiply, R2 Mod N Input, Affine Coordinates (ECC_MOD_MUL_R2

and ECC_MOD_MUL_R2_TEQ) Function..........................................................................542

11.1.6.44 ECC Fp Check Point (ECC_MOD_CHECK_POINT) Function...........................................543

11.1.6.45 ECC Fp Check Point, R2 Mod N Input, Affine Coordinates

(ECC_MOD_CHECK_POINT_R2) Function.......................................................................544

11.1.6.46 ECC F2m Point Add, Affine Coordinates (ECC_F2M_ADD) Function.............................. 545




11.1.6.47 ECC F2m Point Add, Affine Coordinates, R2 Mod N Input (ECC_F2M_ADD_R2)

Function................................................................................................................................. 546

11.1.6.48 ECC F2m Point Double - Affine Coordinates (ECC_F2M_DBL) Function.........................547

11.1.6.49 ECC F2m Point Multiply, Affine Coordinates (ECC_F2M_MUL and

ECC_F2M_MUL_TEQ) Function.........................................................................................548

11.1.6.50 ECC F2m Point Multiply, R2 Mod N Input, Affine Coordinates (ECC_F2M_MUL_R2

and ECC_F2M_MUL_R2_TEQ) Function........................................................................... 549

11.1.6.51 ECC F2m Check Point (ECC_F2M_CHECK_POINT) Function......................................... 550

11.1.6.52 ECC F2m Check Point, R2 (ECC_F2M_CHECK_POINT_R2) Function............................551

11.1.6.53 ECM Modular Multiplication (ECM_MOD_MUL and ECM_MOD_MUL_TEQ)

Function................................................................................................................................. 552

11.1.6.54 ECM Fp Point Multiply, R2 Mod N Input, Affine Coordinates (ECM_MOD_MUL_R2

and ECM_MOD_MUL_R2_TEQ) Function......................................................................... 553

11.1.6.55 ECT Modular Multiplication (ECT_MOD_MUL and ECT_MOD_MUL_TEQ) Function. 554

11.1.6.56 ECT Fp Point Multiply, R2 Mod N Input, Affine Coordinates (ECT_MOD_MUL_R2 and

ECT_MOD_MUL_R2_TEQ) Function.................................................................................555

11.1.6.57 ECT Fp Point Add, Affine Coordinates (ECT_MOD_ADD) Function................................ 557

11.1.6.58 ECT Fp Point Add, Affine Coordinates, R2 Mod N Input (ECT_MOD_ADD_R2)

Function................................................................................................................................. 557

11.1.6.59 ECT Fp Check Point (ECT_MOD_CHECK_POINT) Function........................................... 558

11.1.6.60 ECT Fp Check Point, R2 (ECT_MOD_CHECK_POINT_R2) Function..............................559

11.1.6.61 Copy memory, N-Size and Source-Size (COPY_NSZ and COPY_SSZ)............................. 560

11.1.6.62 Right Shift A (R_SHIFT) function........................................................................................ 561

11.1.6.63 Compare A B (COMPARE) function.................................................................................... 561

11.1.6.64 Evaluate A (EVALUATE) function...................................................................................... 562

11.1.7 Special values for common ECC domains.................................................................................................563

11.2 Kasumi f8 and f9 hardware accelerator(KFHA) functionality................................................................................... 582

11.2.1 KFHA use of the Mode Register................................................................................................................582

11.2.2 KFHA use of the Context Register............................................................................................................ 583

11.2.3 KFHA use of the Key Register.................................................................................................................. 584

11.2.4 KFHA use of the Data Size Register......................................................................................................... 584




11.2.5 KFHA error conditions.............................................................................................................................. 584

11.3 Data encryption standard accelerator (DES) functionality......................................................................................... 585

11.3.1 DESA use of the Mode Register................................................................................................................ 585

11.3.2 DESA use of the Key Register...................................................................................................................586

11.3.3 DESA use of the Key Size Register...........................................................................................................586

11.3.4 DESA use of the Data Size Register..........................................................................................................586

11.3.5 DESA Context Register............................................................................................................................. 587

11.3.6 Save and store operations in DESA context data.......................................................................................587

11.4 Cyclic-redundancy check accelerator (CRCA) functionality..................................................................................... 587

11.4.1 CRCA modes of operation.........................................................................................................................588

11.4.2 CRCA use of the Mode Register................................................................................................................588

11.4.3 CRCA Key Register...................................................................................................................................590

11.4.4 CRCA Key Size Register...........................................................................................................................590

11.4.5 CRCA Data Size Register.......................................................................................................................... 590

11.4.6 CRCA Context Register.............................................................................................................................590

11.4.7 Save and restore operations in CRCA context data................................................................................... 591

11.5 Random-number generator (RNG) functionality........................................................................................................591

11.5.1 RNG features summary..............................................................................................................................591

11.5.2 RNG functional description ...................................................................................................................... 592

11.5.2.1 RNG state handles..................................................................................................................592

11.5.2.2 RNG NIST certification......................................................................................................... 592

11.5.3 RNG operations..........................................................................................................................................594

11.5.4 RNG use of the Key Registers................................................................................................................... 595

11.5.5 RNG use of the Context Register...............................................................................................................595

11.5.6 RNG use of the Data Size Register............................................................................................................596

11.6 SNOW 3G f8 accelerator functionality.......................................................................................................................596

11.6.1 Differences between SNOW 3G f8 and SNOW 3G f9..............................................................................596

11.6.2 SNOW 3G f8 use of the Mode Register.................................................................................................... 597

11.6.3 SNOW 3G f8 use of the Context Register................................................................................................. 598




11.6.4 SNOW 3G f8 use of the Data Size Register.............................................................................................. 598

11.6.5 SNOW 3G f8 use of the Key Register....................................................................................................... 599

11.6.6 SNOW 3G f8 use of the Key Size Register............................................................................................... 599

11.7 SNOW 3G f9 accelerator functionality.......................................................................................................................599

11.7.1 SNOW 3G f9 use of the Mode Register.................................................................................................... 600

11.7.2 SNOW 3G f9 use of the Context Register................................................................................................. 601

11.7.3 SNOW 3G f9 use of the Data Size Register.............................................................................................. 602

11.7.4 SNOW 3G f9 use of the Key Register....................................................................................................... 602

11.7.5 SNOW 3G f9 use of the Key Size Register............................................................................................... 603

11.7.6 SNOW 3G f9 use of ICV check.................................................................................................................603

11.8 Message digest hardware accelerator (MDHA) functionality.................................................................................... 603

11.8.1 MDHA use of the Mode Register.............................................................................................................. 604

11.8.2 MDHA use of the Key Register.................................................................................................................605

11.8.2.1 Using the MDHA Key Register with normal keys................................................................ 605

11.8.2.2 Using the MDHA Key Register with IPAD/OPAD "split keys"........................................... 605

11.8.2.3 MDHA use of the Key Size Register..................................................................................... 608

11.8.3 MDHA use of the Data Size Register........................................................................................................ 608

11.8.4 MDHA use of the Context Register...........................................................................................................609

11.8.5 Save and restore operations in MDHA context data..................................................................................609

11.9 AES accelerator (AESA) functionality.......................................................................................................................609

11.9.1 Differences between the AES encrypt and decrypt keys........................................................................... 609

11.9.2 AESA as both Class 1 and Class 2 CHA................................................................................................... 610

11.9.3 AESA modes of operation......................................................................................................................... 611

11.9.4 AESA use of registers................................................................................................................................ 612

11.9.5 AESA use of the parity bit......................................................................................................................... 613

11.9.6 AES ECB mode......................................................................................................................................... 613

11.9.6.1 AES ECB mode use of the Mode Register............................................................................ 613

11.9.6.2 AES ECB mode use of the Context Register.........................................................................614

11.9.6.3 AES ECB Mode use of the Data Size Register .....................................................................614




11.9.6.4 AES ECB Mode use of the Key Register.............................................................................. 614

11.9.6.5 AES ECB Mode use of the Key Size Register.......................................................................614

11.9.7 AES CBC, OFB, CFB128 modes.............................................................................................................. 615

11.9.7.1 AES CBC, OFB, and CFB128 modes use of the Mode Register.......................................... 615

11.9.7.2 AES CBC, OFB, and CFB128 modes use of the Context Register....................................... 616

11.9.7.3 AES CBC, OFB, and CFB128 modes use of the Data Size Register.................................... 616

11.9.7.4 AES CBC, OFB, and CFB128 modes use of the Key Register............................................. 617

11.9.7.5 AES CBC, OFB, and CFB128 modes use of the Key Size Register..................................... 617

11.9.8 AES CTR mode......................................................................................................................................... 617

11.9.8.1 AES CTR mode use of the Mode Register............................................................................ 617

11.9.8.2 AES CTR mode use of the Context Register.........................................................................618

11.9.8.3 AES CTR mode use of the Data Size Register...................................................................... 618

11.9.8.4 AES CTR mode use of the Key Register...............................................................................618

11.9.8.5 AES CTR mode use of the Key Size Register....................................................................... 619

11.9.9 AES XTS mode..........................................................................................................................................619

11.9.9.1 AES XTS mode use of the Mode Register............................................................................ 619

11.9.9.2 AES XTS mode use of the Context Register......................................................................... 619

11.9.9.3 AES XTS mode use of the Data Size Register...................................................................... 620

11.9.9.4 AES XTS mode use of the Key Register............................................................................... 620

11.9.9.5 AES XTS mode use of the Key Size Register....................................................................... 621

11.9.10 AES XCBC-MAC and CMAC modes.......................................................................................................621

11.9.10.1 AES XCBC-MAC and CMAC modes use of the Mode Register..........................................621

11.9.10.2 AES XCBC-MAC and CMAC Modes use of the Context Register......................................623

11.9.10.3 AES XCBC-MAC and CMAC modes use of the Class 1 ICV Size Register....................... 623

11.9.10.4 AES XCBC-MAC and CMAC modes use of the Data Size Register................................... 624

11.9.10.5 AES XCBC-MAC and CMAC modes use of the Key Register............................................ 624

11.9.10.6 AES XCBC-MAC and CMAC modes use of the Key Size Register.................................... 624

11.9.10.7 ICV checking in AES XCBC-MAC and CMAC modes....................................................... 624

11.9.11 AESA CCM mode..................................................................................................................................... 625




11.9.11.1 Generation encryption............................................................................................................625

11.9.11.2 Decryption verification.......................................................................................................... 625

11.9.11.3 AES CCM mode use of the Mode Register........................................................................... 626

11.9.11.4 AES CCM mode use of the Context Register........................................................................627

11.9.11.5 AES CCM mode use of the Data Size Register..................................................................... 628

11.9.11.6 AES CCM mode use of the Key Register..............................................................................628

11.9.11.7 AES CCM mode use of the Key Size Register......................................................................628

11.9.11.8 AES CCM mode use of the ICV check..................................................................................629

11.9.12 AES GCM mode........................................................................................................................................ 629

11.9.12.1 GMAC....................................................................................................................................630

11.9.12.2 GCM data types..................................................................................................................... 630

11.9.12.3 IV processing......................................................................................................................... 630

11.9.12.4 GCM initialization................................................................................................................. 630

11.9.12.5 AES GCM mode use of the Mode Register...........................................................................630

11.9.12.6 AES GCM mode use of the Context Register........................................................................632

11.9.12.7 AES GCM Mode use of the Data Size Register.................................................................... 632

11.9.12.8 AES GCM mode use of the Class 1 IV Size Register........................................................... 633

11.9.12.9 AES GCM mode use of the AAD Size Register....................................................................633

11.9.12.10 AES GCM mode use of the Class 1 ICV Size Register.........................................................633

11.9.12.11 AES GCM mode use of the Key Register..............................................................................633

11.9.12.12 AES GCM mode use of the Key Size Register......................................................................633

11.9.12.13 AES GCM mode use of the ICV check................................................................................. 634

11.9.13 AESA optimization modes.........................................................................................................................634

11.9.13.1 CTR-XCBC and CTR-CMAC modes data format................................................................ 634

11.9.13.2 CTR-XCBC and CTR-CMAC modes message format......................................................... 634

11.9.13.3 CTR-CMAC-LTE for LTE PDCP control-plane processing.................................................635

11.9.13.4 Authentication-only data........................................................................................................635

11.9.13.5 AES optimization modes use of the Mode Register.............................................................. 635

11.9.13.6 AES optimization modes use of the Context Register...........................................................637




11.9.13.7 AES optimization modes use of the Data Size Register........................................................ 640

11.9.13.8 AES optimization modes use of the AAD Size Register....................................................... 641

11.9.13.9 AES optimization modes use of the Class 1 ICV Size Register............................................ 641

11.9.13.10 AES optimization modes use of the Class 1 Key Register.................................................... 642

11.9.13.11 AES optimization modes use of the Class 2 Key Register.................................................... 642

11.9.13.12 AES optimization modes use of the Class 1 Key Size Register............................................ 642

11.9.13.13 AES optimization modes use of the Class 2 Key Size Register............................................ 643

11.9.13.14 AES optimization modes use of the ICV check.....................................................................643

11.9.13.15 AES optimization modes error conditions............................................................................. 643

11.10 ZUC encryption accelerator (ZUCE) functionality.................................................................................................... 645

11.10.1 Differences between ZUCE and ZUCA.....................................................................................................645

11.10.2 ZUCE use of the Mode Register................................................................................................................ 646

11.10.3 ZUCE use of the Context Register.............................................................................................................646

11.10.4 ZUCE use of the Data Size Register..........................................................................................................647

11.10.5 ZUCE use of the Key Register...................................................................................................................647

11.10.6 ZUCE use of the Key Size Register ..........................................................................................................648

11.11 ZUC authentication accelerator (ZUCA) functionality.............................................................................................. 648

11.11.1 ZUCA use of the Mode Register................................................................................................................648

11.11.2 ZUCA use of the Context Register............................................................................................................ 649

11.11.3 ZUCA use of the Data Size Register......................................................................................................... 651

11.11.4 ZUCA use of the Key Register.................................................................................................................. 651

11.11.5 ZUCA use of the Key Size Register.......................................................................................................... 651

11.11.6 ZUCA use of ICV checking.......................................................................................................................651

Chapter 12Trust Architecture modules

12.1 Run-time integrity checker (RTIC).............................................................................................................................653

12.1.1 RTIC modes of operation...........................................................................................................................653

12.1.2 RTIC initialization and operation.............................................................................................................. 653

12.1.3 RTIC use of the Throttle Register..............................................................................................................654




12.1.4 RTIC use of command, configuration, and status registers....................................................................... 654

12.1.5 Initializing RTIC........................................................................................................................................ 655

12.1.6 RTIC Memory Block Address/Length Registers.......................................................................................655

12.2 SEC virtualization and security domain identifiers (SDIDs)......................................................................................656

12.2.1 Virtualization............................................................................................................................................. 656

12.2.2 Security domain identifiers (SDIDs)..........................................................................................................656

12.2.3 TrustZone SecureWorld.............................................................................................................................657

12.3 Special-purpose cryptographic keys........................................................................................................................... 657

12.3.1 Initializing and clearing black and trusted descriptor keys........................................................................657

12.3.2 Black keys and JDKEK/TDKEK...............................................................................................................658

12.3.3 Trusted descriptors and TDSK...................................................................................................................658

12.3.4 Master key and blobs................................................................................................................................. 658

12.4 Black keys...................................................................................................................................................................659

12.4.1 Black key encapsulation schemes.............................................................................................................. 659

12.4.2 Differences between black and red keys....................................................................................................659

12.4.3 Loading red keys........................................................................................................................................660

12.4.4 Loading black keys.................................................................................................................................... 660

12.4.5 Avoiding errors when loading red and black keys.....................................................................................660

12.4.6 Encapsulating and decapsulating black keys............................................................................................. 661

12.4.7 Types of black keys and their use.............................................................................................................. 663

12.4.8 Types of blobs for key storage...................................................................................................................663

12.5 Trusted descriptors......................................................................................................................................................664

12.5.1 Why trusted descriptors are needed..........................................................................................

qoriq ls1043a security (sec) reference manual · 2020. 8. 24. · qoriq ls1043a security (sec)...

Documents