F29H85x-SDK  26.00.00
 
DTHE

Table of Contents

The DTHE (Data Transform and Hashing Engine) driver provides API to configure and use the DTHE module. This module is a wrapper on top of the Crypto IP with some additional capability, including CRC and Checksum.

Features Supported In Hardware

DTHE provides the following features:

  • Symmetric encryption and decryption
    • AES: 128, 192, and 256 bit keys
    • Cipher modes ECB, CTR, CBC, GCM, CCM, F9, F8, XTS, CFB, ICM, CTR, CBC-MAC, CMAC based on AES
  • Hashing
    • MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512 and SM3
    • HMAC-SHA256, HMAC-SHA512 keyed hashing
  • Symmetric encryption
    • SM4: 128-bit key block cipher
    • Cipher modes ECB, CBC, CTR, OFB, CFB based on SM4
  • Random number generator
    • 128 bit True random number generator
    • 128 bit Deterministic random bit generator
  • This module wraps following IP inside
    • EIP57T : SHA/MD5 accelerator
    • EIP52T : SM3 accelerator
    • EIP53T : SM4 accelerator
    • EIP36T : AES accelerator
    • EIP76T : True Random Number Generation

Apart from this the module holds HW accelerator for CRC and Checksum.

The IP supports the following features:

  • Supports these CRC functions:
    • Bisync, Modbus, USB, ANSI X3.28, many others; also known as CRC-16 and CRC-16-ANSI : (x^16+x^15+x^2+1)
    • CRC16- /X.25 with Polynomial 0x1021 : (x^16+x^12+x^5+1)
    • CRC32-IEEE/MPEG2/Hamming with Polynomial 0x4C11DB7 : (x^32+x^26+x^23+x^22+x^16+x^12+x^11+x^10+x^8+x^7+x^5+x^4+x^2 + x+1)
    • CRC32-G.Hn/CRC32C with Polynomial 0x1EDC6F41: (x^32+x^28+x^27+x^26+x^25+x^23+x^22+x^20+x^19+x^18+x^14+x^13+ x^11+x^10+x^9+x^8+x^6+1)
  • Supports TCP CheckSum (CSUM)

Features Supported In Driver

  • SHA
    • Secure hash algorithms
      • SHA256, SHA512
    • Hash-based message authentication code
      • HMAC SHA-256, HMAC SHA-512
  • SM3
    • SM3 Chinese cryptographic hash algorithm
  • SM4
    • SM4 Chinese cryptographic block cipher algorithm
      • SM4-ECB(128)(Electronic Code Book)
      • SM4-CBC(128)(Cipher Block Chaining)
      • SM4-CTR(128)(Counter Mode)
      • SM4-OFB(128)(Output FeedBack)
      • SM4-CFB(128)(Cipher FeedBack)
  • AES
    • Advanced encryption standard
      • AES-CBC(128/256)(Cipher Block Chaining)
      • AES-ECB(128/256)(Electronic Code Book)
      • AES-CMAC(128/256)(Cipher-based Message Authentication Code)
      • AES-CFB(128/256)(Cipher Feedback Block)
      • AES-CTR(128/256)(Counter Feedback Mode)
      • AES-GCM(128/256)(Galois/Counter Mode)
      • AES-CCM(128/256)(Counter with cipher block chaining message)
  • DRIVERS_DTHE_PKE_PAGE (Public Key Engine)
    • RSA Module
      • Supports up to 4096 bit key
      • Supports Raw operations
      • Supports Public and Private Key Generation
      • Supports RSA encryption and decryption operations
      • Supports RSA signing and verification operations
    • ECDSA Module
      • ECDSA signing and verification operations
      • ECDSA private and public key generations
      • P-256, P-384, P-521 and brainpool-P512 curves
    • SM2DSA Module
      • SM2DSA signing and verification operations
      • SM2DSA private and public key generations
    • EDDSA Module
      • EDDSA signing and verification operations
      • EDDSA public key generations
      • ed25519 curves
    • ECDH Module
      • ECDH Shared Secret Key Generation
      • P-256, P-384, P-521 and brainpool-P512 curves
  • DRIVERS_DTHE_TRNG_PAGE (True Random Number Generation)
    • 128 bit random number with no DRBG seeding

SysConfig Features

Note
It is strongly recommend to use SysConfig where it is available instead of using direct SW API calls. This will help simplify the SW application and also catch common mistakes early in the development cycle.
  • Configuration of DTHE module parameters
  • Selection of cryptographic algorithms
  • Configuration of CRC and Checksum parameters

Features NOT Supported

NA

Block diagram

DTHE block diagram

Functional description

  • DTHE_open() checks if the DTHE_Handle is already open and if it is not open it continues to initialize the DTHE_Handle with the desired SOC configuration.
  • The DTHE_Handle is further used by AES and SHA drivers.
  • DTHE_close() takes DTHE_Handle as parameter and proceeds to check if handle is not NULL and whether handle is open, if both conditions are satisfied then after changing DTHE_Handle to NULL, #SystemP_SUCCESS is returned.

Example Usage

Include the below file to access the APIs

#include <security/dthe.h>

Basic usage example:

DTHE_Handle handle;
DTHE_Params params;
/* Initialize DTHE module */
DTHE_init();
/* Open DTHE instance */
DTHE_Params_init(&params);
handle = DTHE_open(0, &params);
if(handle == NULL)
{
/* Error handling */
}
/* Use the handle with AES or SHA operations */
/* ... */
/* Close DTHE instance when done */
DTHE_close(handle);
/* Deinitialize DTHE module */
DTHE_deinit();
handle
PMBus_TestHandle handle
DTHE_init
void DTHE_init(void)
This function initializes the DTHE.
DTHE_close
DTHE_Return_t DTHE_close(DTHE_Handle handle)
Function to close a DTHE module specified by the DTHE handle.
DTHE_deinit
void DTHE_deinit(void)
This function de-initializes the DTHE.
DTHE_Handle
void * DTHE_Handle
Handle to the DTHE driver.
Definition dthe.h:85
DTHE_open
DTHE_Handle DTHE_open(uint32_t index)
Function to open DTHE instance, enable DTHE engine.

API

APIs for DTHE