| CPC H04L 9/3278 (2013.01) [G06F 9/30098 (2013.01); G06F 9/30145 (2013.01); H04L 9/0861 (2013.01)] | 18 Claims |
|
1. An apparatus comprising:
decoder circuitry to decode a single instruction to generate a decoded instruction, the instruction associated with a ring 0 protection level and including one or more fields to identify a source/destination operand which as a source is to provide an identity challenge for a physically unclonable function (PUF) circuit to generate a key and as a destination is to store an operation status after execution, one or more fields to identify a first source operand which is to provide an indication of a signature algorithm to use, one or more fields to identify a second source operand which is to store or encode a location of an input data structure, and one or more fields to identify a destination operand that is to store or encode a location of where a signed response generated during execution is to be placed, wherein the input data structure is to hold a wrapping key used during execution and stores data and secret information to be decrypted, and one or more fields comprising an opcode, wherein the opcode indicates that execution circuitry is to at least decrypt secret information from the input data structure of the second source operand with a PUF generated wrapping key, generate a signed response of the unwrapped secret information using the identity challenge of the source/destination operand according to the signature algorithm indicated by the first source operand, store the signed response in the identified destination, and store operational status of execution in the identified source/destination operand; and
execution circuitry to execute the decoded instruction according to the opcode.
|