1/8
DATA BRIEF
June 2004
For further information contact your local ST sales office.
ST22N256
Smartcard 32-Bit RISC MCU with 256 Kbytes EEPROM
JavacardTM HW Execution & Cryptographic Library
8
PRODUCT FEATURES
I
32-BIT RISC CPU WITH 24-BIT LINEAR
MEMORY ADDRESSING
I
368 KBYTES USER ROM
I
16 KBYTES USER RAM
I
256K KBYTES USER EEPROM
32-BIT RISC CPU
I
DUAL INSTRUCTION SET, JAVACARDTM
AND NATIVE
I
4-STAGE PIPELINE
I
16 GENERAL PURPOSE 32-BIT REGISTERS,
AND SPECIAL REGISTERS
I
4 MASKABLE INTERRUPT LEVELS
I
SUPERVISOR AND USER MODES
SECURITY
I
CPU SECURITY INSTRUCTIONS
DES and 3DES instructions
Fast Multiply and Accumulate instructions for
Public Key and Elliptic Curve Cryptography
CRC instruction
I
RANDOM NUMBER GENERATOR
I
EEPROM FLASH PROGRAMMING MODE
I
CLOCK AND POWER MANAGEMENT
I
VOLTAGE AND CLOCK FREQUENCY
SENSORS
I
ADVANCED MEMORY PROTECTION
Memory Protection Unit for application
firewalling and peripheral access control
Domain switching securely controlled by
protected Context Stack
Native/Java, Code/Data memory attributes
with 128-byte granularity
I
FOUR WORKING STACKS
Java stack with both 16 and 32-bit accesses
User and Supervisor mode stacks
Security Context stack
Figure 1. Delivery Form
CRYPTOGRAPHIC LIBRARY
I
ASYMMETRICAL ALGORITHMS
Software Crypto libraries in separate ROM
area for efficient algorithm coding using a set
of advanced functions. RSA, signature/
verification.
RSA key calculation including Prime number
generation SHA-1
I
SYMMETRICAL ALGORITHMS
DES, Triple DES, AES
CRYPTOGRAPHY PERFORMANCE
The following table provides the cryptographic
performances of the ST22N256 based on ST
Crypto Library.
Table 1. Preliminary Cryptographic
Performances
Algorithm
Function
Time
(1)
1.
Internal clock at 33 MHz
RSA
1024 bits
Signature with CRT
79.0 ms
Signature without CRT
(2)
2.
CRT: Chinese Reminder Theorem
242.0 ms
Verification (e=0x10001)
3.6 ms
RSA
2048 bits
Signature with CRT
485.0 ms
Signature without CRT
1.7 s
Verification (e=0x10001)
11.0 ms
DES
Triple
18 s
Single
8 s
SHA-1
512-bit Block
194 s
AES-128
Encryption including subkey
computation
85 s
4
4
4
4
Micromodule
Wafer
ST22N256
2/8
MEMORY
I
HIGHLY RELIABLE CMOS EEPROM
TECHNOLOGY
Error Correction Code for single bit fail within
a 32-bit word
10 years data retention, 500,000 Erase/Write
cycles endurance
1 to 128 bytes Erase or Program in 2 ms
typical
I
HIGH PERFORMANCE MEMORY
Dual memory buses for data and instruction
Byte, Short (2) and Word (4) load and store
Address auto-increment
OTHER FEATURES
I
HARDWARE ASYNCHRONOUS SERIAL
INTERFACE (ASI)
1M baud rate capability
2 serial I/O ports compatible ISO 7816-3 T=0
and T=1
I
2 USER CONFIGURABLE 12-BIT AND 16-BIT
TIMERS WITH INTERRUPT
I
CENTRAL INTERRUPT CONTROLLER WITH
UP TO 16 INPUT LINES
I
EXTERNAL CLOCK FROM 1 MHz TO 10 MHz
I
1.62 V TO 5.5 V SUPPLY VOLTAGE
I
TEMPERATURE RANGE -25 C to +85 C
I
POWER SAVING STANDBY MODE
I
ESD PROTECTION GREATER THAN 5000 V
I
UNIQUE IDENTIFICATION PER DIE
I
TYPICAL INTERNAL FREQUENCY UP TO
33 MHz
I
SOFTWARE CONTROLLED CLOCK
MANAGEMENT
3/8
ST22N256
DESCRIPTION
The ST22N256 is a member of the SmartJTM plat-
form using a 32-bit Reduced Instruction Set Com-
puter (RISC) core to execute both Native RISC
instructions and JavaCardTM 2.x Technology in-
struction (byte codes) directly.
Direct JavaCardTM byte code execution provides
high performance advantage over processors that
emulate the JavaCardTM byte code instruction set.
The product features a 24-bit wide linear address-
ing capability and includes User ROM, User RAM,
and User EEPROM.
Memory and Peripheral accesses are controlled
by a Memory Protection Unit that allows to imple-
ment firewalls between applications.
Memories are accessed via two different buses,
allowing simultaneous accesses to code and data.
Memory load and stores can be performed at byte,
short (2-bytes), or word (4-bytes) granularity, with
optional pointer auto increment.
The ST22 core includes dedicated DES instruc-
tions for Secret Key cryptography, and a fast Mul-
tiply and Accumulate instruction for Public Key
cryptography (RSA) and Elliptic Curve cryptogra-
phy, and a CRC instruction. The ST22 core also
includes specific instructions for security.
The product has clock and power management, 2
User configurable Timers, a Central Interrupt Con-
troller and a Random Number Generator.
Figure 2. SmartJTM Platform EEPROM Architecture
POWER MANAGEMENT
32-bit
RISC
CORE
CLOCK MANAGEMENT
MPU
RAM
BUS 2
BUS 1
S
E
CUR
ITY
TI
M
E
R
RN
G
..
.
..
.
AS
I
PERIPHERALS
ISO
7816
ROM
EEPROM
ST22N256
4/8
The product has two execution modes. Java mode
is used when JavaCardTM 2.x byte codes are be-
ing executed. Native mode is used for long JavaC-
ardTM byte codes, Native methods and system
routines. The processor enters Java mode when a
dispatch (DISP) instruction is encountered. When
executing in Native mode, there are two privilege
levels, User and Supervisor. Some instructions
can only be executed in Supervisor mode.
Instructions are of variable length, from 1 to 4
bytes in Native mode.
Special instructions exist for single-cycle stack op-
erations, a frequent occurrence in Java code.
Short branches and conditional branches within a
1 KByte block or the entire 16-MByte instruction
space are supported. The product has four stages
of pipeline in Native mode: fetch, decode, execute
and write-back. In Java mode, there are five stag-
es of pipeline: byte code-fetch, byte code-decode,
decode, execute and write-back.
The CPU core has 16 32-bit general purpose reg-
isters, as well as special registers of variable
length.
The chip also features a very high performance
Asynchronous Serial Interface (ASI) to support
high speed serial communication protocols com-
patible with ISO 7816 standard.
It is manufactured using the highly reliable ST
CMOS EEPROM technology.
EMBEDDED SOFTWARE
The Hardware Software Interface (HSI) imple-
ments the Hardware abstraction layer. It consists
of C interfaces to the EEPROM memory and pe-
ripherals. The drivers are:
Non Volatile Memory
Asynchronous Serial Interface
Central Interrupt Controller
Timer
Random Number Generator
Clock Manager
Memory Protection Unit
Sensors
Security
Note:
The HSI driver software layer is a C-oriented
API allowing efficient and secureaccess to the
peripherals and Non Volatile Memory for
programming or erasing.
Only the OS and JavaCardTM Virtual Machine
(JVM) domains can access the HSI software
layer (In the following the term OS will refer to
the software layer that is directly interfaced to
the HSI).
CRYPTOGRAPHIC LIBRARY
ST proposes a complete set of firmware subrou-
tines. This library is located in a specific ROM ar-
ea. It saves the operating system designer from
coding first layer functions and allows him to con-
centrate on algorithms, Public Key Cryptography
and Secret Key Cryptography protocols imple-
mentation.
The cryptographic library, located in a specific
ROM area, contains firmware functions for:
I
ASYMMETRICAL ALGORITHMS:
basic mathematics including modular
squaring and multiplication for various
lengths;
modular exponentionation;
more elaborate functions such as RSA
signatures and verifications for modulo length
up to 2048 bits long;
full internal key generation for signatures/
verifications. This guarantees that the secret
key will never be known outside the chip and
contributes to the overall system security.
long random number generation
SHA-1
RSA key generation
I
SYMMETRICAL ALGORITHMS
DES, Triple DES
AES-128, AES-192, AES-256
5/8
ST22N256
SOFTWARE DEVELOPMENT ENVIRONMENT
Modularity, flexibility and methodology are the key
words for the SmartJTM Development Tools Plat-
form. Using the same interface, the developers are
able to create, compile and debug a project.
The SmartJTM Integrated Development environ-
ment (IDE) includes:
A code Generation chain: C/C++ compiler,
assembler and linker. The assembler supports
both native and JavaCardTM instruction sets.
An instruction set simulator, a cycle accurate
simulator, a C/C++ source level debugger and
hardware emulation tools.
OEM DEVELOPMENT LICENSE TYPES
The ST22N256 is a product based on the
SmartJTM Platform. Developers have two types of
licenses for access to the technology:
I
STLDA
The SmartJTM Technology License and Distri-
bution Agreement for Standard OEM Develop-
ers (Embedded Operating System and Applica-
tion Software developers) and Card Embed-
ders.
They must use the SmartJTM Hardware Soft-
ware Interface (HSI) meta-layer communication
interface to access the product hardware re-
sources. The validation of the Embedded Soft-
ware will be done using the Simulators of the
Code Validation Tools chain.
I
SPTLA (not yet available)
The SmartJTM Platform Technology License
Agreement for OEM Platform Developers. The
SPTLA is for developers who need to develop a
customised architecture using the platform
blocks assembled with a proprietary custom
hardware plug-in logic block and associated
firmware. The complete Code Validation Tools
chain including the VHDL Emulator, must be
used for both the hardware, software develop-
ment integration and validation. The complete
Code Validation Tool chain is accessible to
OEM Platform Developers licensees only.
Figure 3. SmartJTM Platform Concept
Note: 1) SmartJTM Platform Technology License Agreement required
2) SmartJTM Technology License and Distribution Agreement required
SmartJ Platform
ST22 Core Plus
ROM RAM NVM
Size Definition
STD PERIPHERALS
& SECURITY
ASI, Timers, Security
Mechanisms,...
CUSTOMS PLUGS-IN (1)
SmartJ IDE
SmartJ-Tools Pack-CD
SmartJ H/W Development
(not yet available)
VHDL Library (1)
SmartJ
ISO 15408 Certified
Embedded Library
HSI (2)
Memory & Std Peripherals Drivers
CRYPTO (2)
Certified Crypto Library
(DES, 3DES, RSA, SHA, AES...)
484
PDF 
ZIP