Chapter Six -- Writing Hardware Algorithm


The latest improvement of the Rockey IV encryption lock relates to its previous version (III) is that it allows user to customize the encryption algorithm inside the rockey, where user can utilize the rockey to conduct some specialized computing tasks and use the results of such computing tasks in the program. Therefore, even the company provides the rockey don't know the algorithm of each rockey, thus maximizing the protection of software encryption.

Algorithm Interface

User can use eight word variables to customize the self-defined algorithm. The user can use no more than eight 16-bit variables to customize the self-defined algorithm, which name-space ranging from A to H.
Where A, B, C and D are user interface variables, and E, F, G and H are internal hidden variables. The major difference among the three algorithms is that the initial value of E, F, G, or H used in the calculation for various algorithms are various.
User interface variables can be passed into the rockey via p1, p2, p3, or p4, and they can also be used for the return value of calculation.
The detailed operation method is illustrated below by using the API described in chapter 5:

Calculation 1

Objective: Asks Rockey to do calculations according to the specified flow.
Input parameters:

function = RY_CALCULATE1
*handle = rockey's handle
*lp1 = initial point of calculation
*lp2 = module number
*p1 = input value 1
*p2 = input value 2
*p3 = input value 3
*p4 = input value 4

Return value:

If Succeeds return 0, otherwise return an error code.
When successful, 
*p1 = return value 1
*p2 = return value 2
*p3 = return value 3
*p4 = return value 4

During inputs, A = *p1, B = *p2, C = *p3, D = *p4
During outputs, *p1 = A, *p2 = B, *p3 = C, *p4 = D
All user's input and output must be conducted by using the four variables A, B, C and D.

For example:
If the algorithm is A = B + C
then the result of calculation is *p1 = *p2 + *p3
Variation of the algorithms lies in that the initial values of variables E, F, G and H are indefinitely.
In "Calculation 1", E, F, G, and H are initialized as following:
E = the upper 16-bit of the hardware ID number
F = the lower 16-bit of the hardware ID number
G = module word (based on the module number of *lp2 input)
H = random number
For example:
When the algorithm is: A = A + G
If *pl = 0 during input, then *pl equal to the password of the module you specified when return.

Please be aware of the fact that, even though the module word cannot be read out directly, you can still read it out through the algorithm. It would be the best if you can use the algorithm calculation to verify the password, instead of reading it back to the program for comparison.

Calculation 2

Objective: Ask the rockey to do calculations according to the specified algorithm

Input parameters:

function = 15
*handle = rockey's handle
*lp1 = initial point of calculation
*lp2 = seed code
*p1 = input value 1
*p2 = input value 2
*p3 = input value 3
*p4 = input value 4

Return value:

If Succeeds return 0, otherwise return an error code.
When successful,
*p1 = return value 1
*p2 = return value 2
*p3 = return value 3
*p4 = return value 4

In "Calculation 2", E, F, G, H are initialized as following:
Base on seed code of *lp2 input
E = seed return value 1
F = seed return value 2
G = seed return value 3
H = seed return value 4

Calculation 3

Objective: Ask Rockey to do calculations according to the specified flow.

Input parameters:

function = 16
*handle = rockey's handle
*lp1 = initial point of calculation
*lp2 = initial address of module word 
*p1 = input value 1
*p2 = input value 2
*p3 = input value 3
*p4 = input value 4

Return value:

If Succeeds return 0, otherwise return an error code.
When successful,
*p1 = return value 1
*p2 = return value 2
*p3 = return value 3
*p4 = return value 4

In "Calculation 3", E, F, G, H are initialized as following:
Based on initial address of *lp2 password 
E = *lp2 module word
F = *lp2 + 1 module word
G = *lp2 + 2 module word
H = *lp2 + 3 module word
Note: when address of module word is greater than 15, it will automatically start it's address looping mechanism.

For example:
Input *lp2 = 14, then
E = module word of module 14
F = module word of module 15
G = module word of module 0
H = module word of module 1

Algorithm Command

The algorithm command must comply with the following format:
var = var1 op var2/value

where var, var1, and var2 are variables, and must ranging between then A - H, op is the operator, supported operators include:
+ Addition
-  Subtraction
< Cyclic left shift
*  Multiplication
^  XOR
& And
|   Or
~  NEG
The Value is numerical value, and must be a decimal number ranging between 0 - 63.
Note: the ~ operator is a unary, therefore A = A ~B is A = ~A, where the parameter B behind is ignored.

For example:
A = A + B valid command
C = E * 21 valid command
D = D ^ D valid command
A = B invalid command, 
must follow algorithm format, it can be A = B | B
A = 0 invalid command, 
must follow algorithm format, can be written as A = A ^ A
C = 3 * B invalid command, right side must not start with constant.
D = 3 + 4 invalid command, only one constant can be used with in one command
H = E*200 invalid command, constant must be less than 64

In addition, constants cannot be used in the first and last command of the algorithm.

For example:
A = C*63 If this command appears in the middle of an algorithm, it will be a valid command. If it is first or last command of the algorithm, it will be an invalid command.

Examples of using algorithm

p1 = 3
strcpy(buf, "H=H^H, A=A*23, F=B*17, A=A+F, A=A+G, A=A<C, A=A^D, B=B^B, C=C^C, D=D^D");
Rockey(RY_WRITE_ARITHMETIC, &handle, &lp1, &lp2, &p1, &p2, &p3, &p4, buf)

The above command is a VC example of writing the algorithm in buf into the address 3 of algorithm section in rockey

Please note that the all commands of the algorithm are passed over in the form of character strings, and one command is separated from another by a ",".. The first command and last command do not include any constants.
lp1 = 3;
lp2 = 7;
p1 = 5;
p2 = 3;
p3 = 1;
p4 = 0xffff;
Rockey (RY_CALCULATE1, &handle, &lp1, &lp2, &p1, &p2, &p3, &p4, buf);

The above command demands that Rockey start to execute the command from algorithm section 3 (lp1), and be initialized as followings:
A = 5 (p1)
B = 3 (p2)
C = 1 (p3)
D = 0xffff (p4)
E = the upper 16-bit of ID
F = the lower 16-bit of ID
G = password of module 7 (lp2)
H = random number
Assuming that the password for module 7 is 0x2121, result of this calculation will be:
((5*23 + 3*17 + 0x2121) < 1) ^ 0xffff = 0xbc71

Additional Notes

There are a total of 32 words in the algorithm section of Rockey, which means that a total of 32 commands can be written. However, since each command will take 1 word, only up to 32 algorithms can be written. Users do not need to consider the initial marks and end marks of the algorithm; the rockey handles them internally. In other word, if you write a 2-command algorithm, followed by a 3-command algorithm, these will not be merged into a 5-command algorithm. if the initial point passed in is wrong, then the results of the calculation will be unpredictable.


Copyright 1997-2006 FEITIAN Technology Co.,Ltd. All rights reserved.
Last Updated: Oct 9, 2006