GST/ST22N256AW40 - STMicroelectronics

1/8

DATA BRIEF

June 2004

For furth er information con tact your local ST sales office.

ST22N256

Smartcard 32-Bit RISC MCU with 256 Kb ytes EEPROM

Javacard™ HW Execution & Cryptographic Library

PRODUCT FEATURES

■32-BIT RISC CPU WITH 24-BIT LINEAR

MEMORY ADDRESSING

■368 KBYTE S USER ROM

■16 KBYTES USER RAM

■256K KBYT ES USER EEPRO M

32-BIT RISC CP U

■DUAL INSTRUCTION SET, JAVACARD™

AND NATIVE

■4-STAGE PIPELINE

■16 GENERAL PURPOSE 32-BIT REGISTERS,

AND SPECIAL REGISTER S

■4 MASKABLE INTERRUPT LEVELS

■SUPE R VISO R AN D USER MO DE S

SECURITY

■CPU SECURITY INSTRUCTIONS

–DE S and 3DES inst ructio ns

–Fast Multiply and Accum ulate instructions for

Publi c Key and Elliptic Curve Cryptography

–CRC instruction

■RANDOM NUMBER GENERATOR

■EEPROM FLASH PROGR AMMING MODE

■CLOCK AND POWER MANAGEMENT

■VOLTAGE AND CLOCK FREQUENCY

SENSORS

■ADVANCED MEMORY PROTECTION

–Memo r y Pr otection U nit for application

firewalling and peripheral access contro l

–Domain switchi ng securely controlled by

protected Context Stack

–Native/Jav a, Code/Data memory attributes

with 128-byte granularity

■FOUR WO RKING STACKS

–Java stack with both 16 and 32-bit accesses

–User and Supervisor mode stacks

–Security Context stack

Figure 1. Delivery Form

CRYPTOGRAPHIC LIBRARY

■AS YMMETRICA L ALGORITHMS

–Software Crypto librari es in separate ROM

area for efficient algorithm c oding using a s et

of advanced fun ctions. RSA, signatu re/

verification.

–RSA key calculation including Prime number

generation SHA -1

■SY MMET R IC AL AL GO R ITHMS

–DES, Triple DES, AES

CRYPTOGRAPHY PERFORMANCE

The following table provides the cryptographic

performances of the ST22N256 based on ST

Crypto Library.

Table 1. Preliminary Crypto gr aph ic

Performances

Algorithm Function Time(1)

1. Interna l clock at 33 MHz

RSA

1024 bits

Signature with CRT 79.0 ms

Signature without CRT(2)

2. CRT: Chin ese Rem i nd er The or em

242.0 ms

Verification (e=0x10001) 3.6 ms

RSA

2048 bits

Signature with CRT 485.0 ms

Signature without CRT 1.7 s

Verification (e=0x10001) 11.0 ms

DES Triple 18 µs

Single 8 µs

SHA-1 512-bit Block 194 µs

AES-128 Encryption including subkey

computation 85 µs

Micromodule Wafer

ST22N256

2/8

MEMORY

■HIGH L Y RELIABLE CMOS EEPROM

TECHNOLOGY

–Error Correction Code for si ngle bit fail within

a 32-bit word

–10 years data retention, 500,000 Erase/Write

cycles endurance

–1 to 128 bytes Erase or Program in 2 ms

typical

■HIGH PE RFORMA NCE MEMORY

–Dual memory buses for data and instructi on

–Byte, S hort (2) and Word (4) l oad and store

–Address auto -increme nt

OTHER FEATURES

■HARDWARE ASYNCHRONOUS SERIAL

INTERFACE (ASI)

–1M baud rate capab ilit y

–2 serial I/O port s compatibl e I SO 7816-3 T=0

and T=1

■2 USER CONFIGURABLE 12- BIT AND 16-BIT

TIMERS WITH INTERRUPT

■CENTRAL INTERRUPT CONTROLLER WITH

UP TO 16 INPUT LINES

■EXTERNAL CLOCK FROM 1 MHz TO 10 MHz

■1.62 V TO 5.5 V SUPPLY VOLTAGE

■TEMPERATURE RANGE -25° C to +85° C

■POWER SAVING STANDBY MODE

■ESD PROTE CTI ON GREA TER THAN 5000 V

■UNIQUE IDENTIF ICATIO N PER DIE

■TYPICAL INTE RNAL FREQUENCY UP TO

33 MHz

■SOFTWARE CONT ROLLED CLOCK

MANAGEMENT

3/8

ST22N256

DESCRIPTION

The ST22N256 is a m em ber of the SmartJ™ plat-

form using a 32-bit Reduced Instruction Set Com-

puter (RISC) core to execute both Native RISC

instructions and JavaCard™2.x Technology in-

struction (byte codes) directly.

Direct JavaCard™ byte code execution provides

high performance advantage over processors that

emulate the JavaCard™ byte code instruction set.

The product features a 24-bit wide linear address-

ing capability and includes User ROM, User RAM,

and User EEPROM.

Memory and Peripheral accesses are controlled

by a Memory Protection Unit t hat allows to imple-

ment firewalls between applications .

Memories are accessed via two different buses,

allowing simultaneous accesses to code and data.

Memory load and stores can be perf ormed at byt e,

short (2-bytes), or word (4-bytes) granularity, with

optional pointer auto increm ent.

The ST22 core includes dedicated DES instruc-

tions for Secret Key cryptography, and a f ast Mul-

tiply and Accumulate instruction for Public Key

cryptography (RSA) and Elliptic Curve cryptogra-

phy, and a CRC instruction. The ST22 core also

includes specific instructions for security.

The product has clock an d power man agem ent, 2

User configurable Timers, a Central Interrupt Con-

troller and a Random Number Gener ator.

Figure 2. SmartJ™ P latform EEPR O M Architecture

POWER MANAGEMENT

32-bit

RISC

CORE

CLOCK MANAGEMENT

MPU

RAM

BUS 2

BUS 1

SECURITY

TIMER

RNG

...

ASI

PERIPHERALS

ISO

7816

ROM EEPROM

ST22N256

4/8

The product has two execution modes. Java mode

is used w hen JavaCard™ 2.x byte codes are be-

ing executed. Native mode is used for long JavaC-

ard™ byte codes, Native methods and system

routines. The processor enters Java mode when a

dispatch (DISP) instruction is enc ountered. When

executing in Native mode, there are two privilege

levels, User and Supervisor. Some instructions

can only be executed in Supervisor mode.

Instructions are of variable length, from 1 to 4

bytes in Native m ode.

Specia l i nstruct ions ex ist for single -cycle st ack op -

erations, a frequent occurrence in Java code.

Short branches and conditional branche s within a

1 KByte block or the entire 16-MByte instruction

space are supported. T he product has four stages

of pipel ine in Native mode: f etch, decode, execute

and write-back. In Java mode, there are five stag-

es of pipeline: byte code-fetch, byte code-decode,

decode, execu te and write-back.

The CPU core has 16 32-bit general purpose reg-

isters, as well as special registers of variable

length.

The chip also features a very high performance

Asynchronous Serial Interface (ASI) to support

high speed serial communication protocols com-

patible with ISO 7816 standard.

It is manufactured using the highly reliable ST

CMOS E EPR OM technology.

EMBEDDED SOFTWARE

The Hardware Software Interface (HSI) imple-

ments the Hardware abstraction layer. It consists

of C interfaces to the EEPROM memory and pe-

ripherals. The drivers are:

–Non V ola t ile M e m o ry

–Asynchronous Seri al Interface

–Central Interrupt Controller

–Timer

–Random Num ber Generator

–Clock Manager

–Memo ry Protection Unit

–Sensors

–Security

Note:

–The HSI driver software layer is a C-oriented

API allowing efficient and secureaccess to the

peripherals and Non Volatile Memory for

programm ing or erasing.

–Only the OS and JavaCard™ Virtual Mac hi ne

(JVM) domains can access the HSI software

layer (In the following the term OS will refer to

the software layer that is directly interfaced to

the HSI).

CRYPTOGRAPHIC LIBRARY

ST proposes a complete set of firmware subrou-

tine s. T his lib rary is lo cated in a s pec ific R OM a r-

ea. It saves the operating system designer from

coding first layer funct ions and allo ws him to con-

centrate on algorithms, Public Key Cryptography

and Secret Key Cryptography protocols imple-

mentation.

The cryptographic library, located in a specific

ROM area, contains firmware functions for:

■AS YMMETRICA L ALGORITHMS:

–basic math ema tics including modular

squa ring and multiplication for various

lengths;

–modular exponentionati on;

–more elabo rate functions such as RSA

signatures and verifications for modulo length

up to 2048 bits long;

–full internal key generation for signatures/

verifications. This guarantees that the secret

key will never be known outside the chip and

contributes to the overall system security.

–long random numbe r generati on

–SHA-1

–RSA key generation

■SY MMET R IC AL AL GO R ITHMS

–DES, Triple DES

–AES-1 28, AES-192, AES-256

5/8

ST22N256

SOFTWARE DEVELOPMENT ENVIRONMENT

Modularity, flexibility and methodology are the key

words for the SmartJ™ Development Tools Plat-

form. Using the same interface, the developers are

able to create, compi le and debug a project.

The SmartJ™ Integrated Development environ-

ment (IDE) includes:

–A code Generation chain: C/C++ compiler,

assembler and linker. The assembler supports

both nat ive and JavaCard™ inst ru ctio n sets.

–An i nstruction set simulator, a cycle accurate

simulator, a C/C++ source level debugger and

hardware emulation tools.

OEM DEVELOPMENT LICENSE TYPES

The ST22N256 is a product based on the

SmartJ™ Platform. Developers have tw o t ypes of

licenses for access to the technology:

■STLDA

The SmartJ™ Technology License and Distri-

bution Agreement for Standard OEM Develop-

ers (Embedded Operating System and Applica-

tion Software developers) and Card Embed-

ders.

They must use the SmartJ™ Hardware Soft-

ware Interface (HSI) meta-layer communi cation

interface to access the product hardware re-

sources. The vali dation of th e Embedded Soft-

ware will be done using the Simulators of the

Code Validation Tool s chain.

■SPTLA (not yet available)

The SmartJ™ Platform Technology License

Agreement for OEM Platform Developers. The

SPTLA is for developers who need to develop a

customised architecture using the platform

blocks assembled with a proprietary custom

hardware plug-in logic block and associated

firmware. The complete Code Validation Tools

chain including the VHDL Emulator, must be

used for both the hardware, software develop-

ment integration and validation. The complete

Code Validation Tool chain is accessible to

OEM Platform Developers licensees only.

Figure 3. SmartJ™ Platform Concept

Note: 1) SmartJ™ Platform Tec hnology Li cense Agreeme nt required

2) SmartJ™ Technology Li cense an d Di stribution Ag reemen t required

SmartJ Platform

ST22 Core Plus

ROM RAM NVM

Size Definition

STD PERIPHERALS

& SECURITY

ASI, Tim ers, Security

Mechanisms,...

CUSTOMS PLUGS-IN (1)

Smart J IDE

SmartJ- Tools Pack-CD

SmartJ H/W Development

(not yet available)

VHDL Library (1)

SmartJ

ISO 15408 Certified

Emb edded Libr ary

HSI (2)

Memory & Std Peripherals Drivers

CRYPTO (2)

Certified Crypto Library

(DES, 3DES, RSA, SHA, AES...)

484

ST22N256

6/8

Figure 4. SmartJ™ IDE

7/8

ST22N256

Figure 5. SmartJ™ Code Ge nera t i on Tools

Figure 6. SmartJ™ C o de V ali dation Tools

C/C++

Standard

Libraries

C/C++ Compiler

Linker

C/C++ Source Asm Source

Native/Java Assembler

Object

Files

SCP 160c/PR Z

HSI

Library C ry p to .

Library

D ev ice S et-up

Application

Deb ugg er G UI

DEBUGG E R COR E

> Console.exe Third pa rty tools ST PLAYER

Integ rated D e velopment En viron m ent

SmartCard Pod

SmartC ard

Reader

Cycle

accurate

Simulator

Instruction

Set Sim u lator Monitor

FPGA

Board

160d

ASI

TimerRandom...

PC/SC

ST22N256

8/8

Information furnished is believed to be accurate and reliable. However, S TMi croelectronics assumes no responsibi lity for the consequences

of use of such information nor for any inf ringement of patents or other rights of third parties which may result from it s use. No license is granted

by i m pl i cation or oth erwise under any patent or paten t rights of STMi croelectron i cs . Specifications ment i oned in this publication are subject

to change without notice. This publication supersedes and replaces all information previously supplied. STMicroelectronics products are not

authorized for use as c ri tical components in lif e support devices or systems wi t hout express wri t ten approval of STM i croelectronics.

The ST l ogo i s a regist ered tra dem ark of STM i croelectronic s.

All other names are th e property of their respective o wners

STM i croelectron ics group of co mpanies

Aus tralia - B el gium - B razil - Ca nada - Ch i na - Czech Republic - F i nl and - Fra nce - Germ any - Hong K ong - India - Israel - Italy - Japan -

Malaysia - M a l t a - Moroc co - S i ngapore - Spain - Sweden - Swit zerlan d - United Kingdom - United States of Am eri ca