[Cryptech-Commits] [sw/libhal] 02/05: Whack libhal API to use current configure_core_selector mechanism. Compiles, not yet tested.

git at cryptech.is git at cryptech.is
Mon Oct 5 03:28:01 UTC 2015


This is an automated email from the git hooks/post-receive script.

sra at hactrn.net pushed a commit to branch config_core_selector
in repository sw/libhal.

commit b3bbd3dbccef8c499e980490203cd5085dd13a98
Author: Rob Austein <sra at hactrn.net>
Date:   Sun Oct 4 22:31:47 2015 -0400

    Whack libhal API to use current configure_core_selector mechanism.
    Compiles, not yet tested.
---
 GNUmakefile               |   2 +-
 aes_keywrap.c             |  47 +++--
 core.c                    | 211 +++++++++++++++++++++
 csprng.c                  |   7 +-
 ecdsa.c                   |  11 +-
 hal.h                     | 470 +++++++++-------------------------------------
 hal_io_eim.c              |  50 ++---
 hal_io_i2c.c              |   1 +
 hash.c                    | 116 +++++-------
 modexp.c                  |  41 ++--
 pbkdf2.c                  |  15 +-
 rsa.c                     |  43 +++--
 tests/test-aes-key-wrap.c |  16 +-
 tests/test-ecdsa.c        |  56 +++---
 tests/test-hash.c         |  34 +---
 tests/test-pbkdf2.c       |  25 +--
 tests/test-rsa.c          |  53 +++---
 verilog_constants.h       | 241 ++++++++++++++++++++++++
 18 files changed, 791 insertions(+), 648 deletions(-)

diff --git a/GNUmakefile b/GNUmakefile
index 37d038e..5c14b11 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -27,7 +27,7 @@
 
 INC		= hal.h
 LIB		= libhal.a
-OBJ		= ${IO_OBJ} csprng.o hash.o aes_keywrap.o pbkdf2.o \
+OBJ		= ${IO_OBJ} core.o csprng.o hash.o aes_keywrap.o pbkdf2.o \
 		  modexp.o rsa.o ecdsa.o asn1.o errorstrings.o
 
 IO_OBJ_EIM	= hal_io_eim.o novena-eim.o
diff --git a/aes_keywrap.c b/aes_keywrap.c
index 7b90c9d..324b4ba 100644
--- a/aes_keywrap.c
+++ b/aes_keywrap.c
@@ -48,6 +48,7 @@
 #include <assert.h>
 
 #include "hal.h"
+#include "verilog_constants.h"
 
 /*
  * How long the ciphertext will be for a given plaintext length.
@@ -66,7 +67,7 @@ size_t hal_aes_keywrap_ciphertext_length(const size_t plaintext_length)
 
 typedef enum { KEK_encrypting, KEK_decrypting } kek_action_t;
 
-static hal_error_t load_kek(const uint8_t *K, const size_t K_len, const kek_action_t action)
+static hal_error_t load_kek(const hal_core_t *core, const uint8_t *K, const size_t K_len, const kek_action_t action)
 {
   uint8_t config[4];
   hal_error_t err;
@@ -104,9 +105,9 @@ static hal_error_t load_kek(const uint8_t *K, const size_t K_len, const kek_acti
    * Load the KEK and tell the core to expand it.
    */
 
-  if ((err = hal_io_write(AES_ADDR_KEY0, K, K_len))                 != HAL_OK ||
-      (err = hal_io_write(AES_ADDR_CONFIG, config, sizeof(config))) != HAL_OK ||
-      (err = hal_io_init(AES_ADDR_CTRL))                            != HAL_OK)
+  if ((err = hal_io_write(core, AES_ADDR_KEY0, K, K_len))                 != HAL_OK ||
+      (err = hal_io_write(core, AES_ADDR_CONFIG, config, sizeof(config))) != HAL_OK ||
+      (err = hal_io_init(core))                                           != HAL_OK)
     return err;
 
   return HAL_OK;
@@ -127,18 +128,18 @@ static hal_error_t load_kek(const uint8_t *K, const size_t K_len, const kek_acti
  * Just be VERY careful if you change anything here.
  */
 
-static hal_error_t do_block(uint8_t *b1, uint8_t *b2)
+static hal_error_t do_block(const hal_core_t *core, uint8_t *b1, uint8_t *b2)
 {
   hal_error_t err;
 
   assert(b1 != NULL && b2 != NULL);
 
-  if ((err = hal_io_write(AES_ADDR_BLOCK0, b1, 8)) != HAL_OK ||
-      (err = hal_io_write(AES_ADDR_BLOCK2, b2, 8)) != HAL_OK ||
-      (err = hal_io_next(AES_ADDR_CTRL))           != HAL_OK ||
-      (err = hal_io_wait_ready(AES_ADDR_STATUS))   != HAL_OK ||
-      (err = hal_io_read(AES_ADDR_RESULT0, b1, 8)) != HAL_OK ||
-      (err = hal_io_read(AES_ADDR_RESULT2, b2, 8)) != HAL_OK)
+  if ((err = hal_io_write(core, AES_ADDR_BLOCK0, b1, 8)) != HAL_OK ||
+      (err = hal_io_write(core, AES_ADDR_BLOCK2, b2, 8)) != HAL_OK ||
+      (err = hal_io_next(core))                          != HAL_OK ||
+      (err = hal_io_wait_ready(core))                    != HAL_OK ||
+      (err = hal_io_read(core, AES_ADDR_RESULT0, b1, 8)) != HAL_OK ||
+      (err = hal_io_read(core, AES_ADDR_RESULT2, b2, 8)) != HAL_OK)
     return err;
 
   return HAL_OK;
@@ -155,7 +156,8 @@ static hal_error_t do_block(uint8_t *b1, uint8_t *b2)
  * buffer size.
  */
 
-hal_error_t hal_aes_keywrap(const uint8_t *K, const size_t K_len,
+hal_error_t hal_aes_keywrap(const hal_core_t *core,
+                            const uint8_t *K, const size_t K_len,
                             const uint8_t * const Q,
                             const size_t m,
                             uint8_t *C,
@@ -168,10 +170,13 @@ hal_error_t hal_aes_keywrap(const uint8_t *K, const size_t K_len,
 
   assert(calculated_C_len % 8 == 0);
 
+  if ((err = hal_core_check_name(&core, AES_CORE_NAME)) != HAL_OK)
+    return err;
+
   if (Q == NULL || C == NULL || C_len == NULL || *C_len < calculated_C_len)
     return HAL_ERROR_BAD_ARGUMENTS;
 
-  if ((err = load_kek(K, K_len, KEK_encrypting)) != HAL_OK)
+  if ((err = load_kek(core, K, K_len, KEK_encrypting)) != HAL_OK)
     return err;
 
   *C_len = calculated_C_len;
@@ -192,7 +197,7 @@ hal_error_t hal_aes_keywrap(const uint8_t *K, const size_t K_len,
   n = calculated_C_len/8 - 1;
 
   if (n == 1) {
-    if ((err = do_block(C, C + 8)) != HAL_OK)
+    if ((err = do_block(core, C, C + 8)) != HAL_OK)
       return err;
   }
 
@@ -200,7 +205,7 @@ hal_error_t hal_aes_keywrap(const uint8_t *K, const size_t K_len,
     for (j = 0; j <= 5; j++) {
       for (i = 1; i <= n; i++) {
         uint32_t t = n * j + i;
-        if ((err = do_block(C, C + i * 8)) != HAL_OK)
+        if ((err = do_block(core, C, C + i * 8)) != HAL_OK)
           return err;
         C[7] ^= t & 0xFF; t >>= 8;
         C[6] ^= t & 0xFF; t >>= 8;
@@ -220,7 +225,8 @@ hal_error_t hal_aes_keywrap(const uint8_t *K, const size_t K_len,
  * Q should be the same size as C.  Q and C can overlap.
  */
 
-hal_error_t hal_aes_keyunwrap(const uint8_t *K, const size_t K_len,
+hal_error_t hal_aes_keyunwrap(const hal_core_t * core,
+                              const uint8_t *K, const size_t K_len,
                               const uint8_t * const C,
                               const size_t C_len,
                               uint8_t *Q,
@@ -231,10 +237,13 @@ hal_error_t hal_aes_keyunwrap(const uint8_t *K, const size_t K_len,
   long i, j;
   size_t m;
 
+  if ((err = hal_core_check_name(&core, AES_CORE_NAME)) != HAL_OK)
+    return err;
+
   if (C == NULL || Q == NULL || C_len % 8 != 0 || C_len < 16 || Q_len == NULL || *Q_len < C_len)
     return HAL_ERROR_BAD_ARGUMENTS;
 
-  if ((err = load_kek(K, K_len, KEK_decrypting)) != HAL_OK)
+  if ((err = load_kek(core, K, K_len, KEK_decrypting)) != HAL_OK)
     return err;
 
   n = (C_len / 8) - 1;
@@ -243,7 +252,7 @@ hal_error_t hal_aes_keyunwrap(const uint8_t *K, const size_t K_len,
     memmove(Q, C, C_len);
 
   if (n == 1) {
-    if ((err = do_block(Q, Q + 8)) != HAL_OK)
+    if ((err = do_block(core, Q, Q + 8)) != HAL_OK)
       return err;
   }
 
@@ -255,7 +264,7 @@ hal_error_t hal_aes_keyunwrap(const uint8_t *K, const size_t K_len,
         Q[6] ^= t & 0xFF; t >>= 8;
         Q[5] ^= t & 0xFF; t >>= 8;
         Q[4] ^= t & 0xFF;
-        if ((err = do_block(Q, Q + i * 8)) != HAL_OK)
+        if ((err = do_block(core, Q, Q + i * 8)) != HAL_OK)
           return err;
       }
     }
diff --git a/core.c b/core.c
new file mode 100644
index 0000000..8746ec4
--- /dev/null
+++ b/core.c
@@ -0,0 +1,211 @@
+/*
+ * core.c
+ * ------
+ * This module contains code to probe the FPGA for its installed cores.
+ *
+ * Author: Paul Selkirk, Rob Austein
+ * Copyright (c) 2015, NORDUnet A/S All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ * - Redistributions of source code must retain the above copyright notice,
+ *   this list of conditions and the following disclaimer.
+ *
+ * - Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *
+ * - Neither the name of the NORDUnet nor the names of its contributors may
+ *   be used to endorse or promote products derived from this software
+ *   without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <string.h>
+
+#include "hal.h"
+#include "verilog_constants.h"
+
+/*
+ * Each Cryptech core has a set of 4-byte registers, which are accessed
+ * through a 16-bit address. The address space is divided as follows:
+ *   3 bits segment selector       | up to 8 segments
+ *   5 bits core selector          | up to 32 cores/segment (see note below)
+ *   8 bits register selector      | up to 256 registers/core (see modexp below)
+ *
+ * i.e, the address is structured as:
+ * sss ccccc rrrrrrrr
+ *
+ * The I2C and UART communication channels use this 16-bit address format
+ * directly in their read and write commands.
+ *
+ * The EIM communications channel translates this 16-bit address into a
+ * 32-bit memory-mapped address in the range 0x08000000..807FFFF:
+ * 00001000000000 sss 0 ccccc rrrrrrrr 00
+ *
+ * EIM, as implemented on the Novena, uses a 19-bit address space:
+ *   Bits 18..16 are the semgent selector.
+ *   Bits 15..10 are the core selector.
+ *   Bits 9..2 are the register selector.
+ *   Bits 1..0 are zero, because reads and writes are always word aligned.
+ *
+ * Note that EIM can support 64 cores per segment, but we sacrifice one bit
+ * in order to map it into a 16-bit address space.
+ */
+
+/*
+ * Structure of our internal database is private, in case we want to
+ * be change representation (array, tree, list of lists, whatever) at
+ * some later date without having to change the public API.
+ */
+
+struct hal_core {
+  hal_core_info_t info;
+  struct hal_core *next;
+};
+
+/*
+ * Check whether a core's name matches a particular string.  This is a
+ * bit nasty due to non-null-terminated fixed-length names.
+ */
+
+static int name_matches(const hal_core_t *const core, const char * const name)
+{
+  return (core != NULL && name != NULL && *name != '\0' &&
+          strncmp(name, core->info.name, strnlen(name, sizeof(core->info.name))) == 0);
+}
+
+/*
+ * Probe the FPGA and build our internal database.
+ *
+ * At the moment this knows far more than it should about pecularities
+ * of certain cores.  In theory at least some of this will be fixed
+ * soon on the Verilog side.  Adding a core-length word to the core
+ * header sure would make this simpler.
+ */
+
+#define CORE_MIN                0
+#define	CORE_MAX                0x10000
+#define	CORE_SIZE               0x100
+
+/* Extra space to leave after particular cores.  Yummy. */
+
+static const struct { const char *name; hal_addr_t extra; } gaps[] = {
+  { "trng",     4 * CORE_SIZE }, /* Four empty slots after trng */
+  { "rosc ent", 3 * CORE_SIZE }, /* Three empty slots after rosc */
+  { "csprng",   4 * CORE_SIZE }, /* Four empty slots after csprng */
+  { "modexps6", 3 * CORE_SIZE }, /* ModexpS6 uses four slots */
+};
+
+static hal_core_t *probe_cores(void)
+{
+  static hal_core_t *head = NULL;
+
+  if (head != NULL)
+    return head;
+
+  hal_core_t **tail = &head;
+  hal_core_t *core = NULL;
+  hal_error_t err = HAL_OK;
+
+  for (hal_addr_t addr = CORE_MIN; addr < CORE_MAX; addr += CORE_SIZE) {
+
+    if (core == NULL && (core = malloc(sizeof(hal_core_t))) == NULL) {
+      err = HAL_ERROR_ALLOCATION_FAILURE;
+      goto fail;
+    }
+
+    memset(core, 0, sizeof(*core));
+    core->info.base = addr;
+
+    if ((err = hal_io_read(core, ADDR_NAME0,   (uint8_t *) core->info.name,    8)) != HAL_OK ||
+        (err = hal_io_read(core, ADDR_VERSION, (uint8_t *) core->info.version, 4)) != HAL_OK)
+      goto fail;
+
+    if (core->info.name[0] == '\0')
+      continue;
+
+    for (int i = 0; i < sizeof(gaps)/sizeof(*gaps); i++) {
+      if (name_matches(core, gaps[i].name)) {
+        addr += gaps[i].extra;
+        break;
+      }
+    }
+
+    *tail = core;
+    tail = &core->next;
+    core = NULL;
+  }
+
+  if (core != NULL)
+    free(core);
+
+  return head;
+
+ fail:
+  if (core != NULL)
+    free(core);
+  while ((core = head) != NULL) {
+    head = core->next;
+    free(core);
+  }
+  return NULL;
+}
+
+const hal_core_t * hal_core_iterate(const hal_core_t *core)
+{
+  return core == NULL ? probe_cores() : core->next;
+}
+
+const hal_core_t *hal_core_find(const char *name, const hal_core_t *core)
+{
+  for (core = hal_core_iterate(core); core != NULL; core = core->next)
+    if (name_matches(core, name))
+      return core;
+  return NULL;
+}
+
+hal_error_t hal_core_check_name(const hal_core_t **core, const char *name)
+{
+  if (core == NULL || name == NULL)
+    return HAL_ERROR_BAD_ARGUMENTS;
+
+  if (*core == NULL && (*core = hal_core_find(name, NULL)) != NULL)
+    return HAL_OK;
+
+  if (*core == NULL || !name_matches(*core, name))
+    return HAL_ERROR_CORE_NOT_FOUND;
+
+  return HAL_OK;
+}
+
+hal_addr_t hal_core_base(const hal_core_t *core)
+{
+  return core == NULL ? 0 : core->info.base;
+}
+
+const hal_core_info_t *hal_core_info(const hal_core_t *core)
+{
+  return core == NULL ? NULL : &core->info;
+}
+
+/*
+ * Local variables:
+ * indent-tabs-mode: nil
+ * End:
+ */
diff --git a/csprng.c b/csprng.c
index 235bd12..08ca794 100644
--- a/csprng.c
+++ b/csprng.c
@@ -38,12 +38,13 @@
 #include <stdio.h>
 
 #include "hal.h"
+#include "verilog_constants.h"
 
 #ifndef WAIT_FOR_CSPRNG_VALID
 #define WAIT_FOR_CSPRNG_VALID   0
 #endif
 
-hal_error_t hal_get_random(void *buffer, const size_t length)
+hal_error_t hal_get_random(const hal_core_t *core, void *buffer, const size_t length)
 {
   uint8_t temp[4], *buf = buffer;
   hal_error_t err;
@@ -52,10 +53,10 @@ hal_error_t hal_get_random(void *buffer, const size_t length)
   for (i = 0; i < length; i += 4) {
     const int last = (length - i) < 4;
 
-    if (WAIT_FOR_CSPRNG_VALID && (err = hal_io_wait_valid(CSPRNG_ADDR_STATUS)) != HAL_OK)
+    if (WAIT_FOR_CSPRNG_VALID && (err = hal_io_wait_valid(core)) != HAL_OK)
       return err;
 
-    if ((err = hal_io_read(CSPRNG_ADDR_RANDOM, (last ? temp : &buf[i]), 4)) != HAL_OK)
+    if ((err = hal_io_read(core, CSPRNG_ADDR_RANDOM, (last ? temp : &buf[i]), 4)) != HAL_OK)
       return err;
 
     if (last)
diff --git a/ecdsa.c b/ecdsa.c
index e2da87e..7077dd5 100644
--- a/ecdsa.c
+++ b/ecdsa.c
@@ -717,7 +717,7 @@ static inline hal_error_t get_random(void *buffer, const size_t length)
   if (rng_test_override_function)
     return rng_test_override_function(buffer, length);
   else
-    return hal_get_random(buffer, length);
+    return hal_get_random(NULL, buffer, length);
 }
 
 #else /* HAL_ECDSA_DEBUG_ONLY_STATIC_TEST_VECTOR_RANDOM */
@@ -830,7 +830,8 @@ static int point_is_on_curve(const ec_point_t * const P,
  * Generate a new ECDSA key.
  */
 
-hal_error_t hal_ecdsa_key_gen(hal_ecdsa_key_t **key_,
+hal_error_t hal_ecdsa_key_gen(const hal_core_t *core,
+                              hal_ecdsa_key_t **key_,
                               void *keybuf, const size_t keybuf_len,
                               const hal_ecdsa_curve_t curve_)
 {
@@ -1422,7 +1423,8 @@ static hal_error_t decode_signature_asn1(const ecdsa_curve_t * const curve,
  * Sign a caller-supplied hash.
  */
 
-hal_error_t hal_ecdsa_sign(const hal_ecdsa_key_t * const key,
+hal_error_t hal_ecdsa_sign(const hal_core_t *core,
+                           const hal_ecdsa_key_t * const key,
                            const uint8_t * const hash, const size_t hash_len,
                            uint8_t *signature, size_t *signature_len, const size_t signature_max,
                            const hal_ecdsa_signature_format_t signature_format)
@@ -1515,7 +1517,8 @@ hal_error_t hal_ecdsa_sign(const hal_ecdsa_key_t * const key,
  * Verify a signature using a caller-supplied hash.
  */
 
-hal_error_t hal_ecdsa_verify(const hal_ecdsa_key_t * const key,
+hal_error_t hal_ecdsa_verify(const hal_core_t *core,
+                             const hal_ecdsa_key_t * const key,
                              const uint8_t * const hash, const size_t hash_len,
                              const uint8_t * const signature, const size_t signature_len,
                              const hal_ecdsa_signature_format_t signature_format)
diff --git a/hal.h b/hal.h
index 374fdb5..2ae412b 100644
--- a/hal.h
+++ b/hal.h
@@ -33,390 +33,61 @@
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-/*
- * Each Cryptech core has a set of 4-byte registers, which are accessed
- * through a 16-bit address. The address space is divided as follows:
- *   3 bits segment selector       | up to 8 segments
- *   5 bits core selector          | up to 32 cores/segment (see note below)
- *   8 bits register selector      | up to 256 registers/core (see modexp below)
- *
- * i.e, the address is structured as:
- * sss ccccc rrrrrrrr
- *
- * The I2C and UART communication channels use this 16-bit address format
- * directly in their read and write commands.
- *
- * The EIM communications channel translates this 16-bit address into a
- * 32-bit memory-mapped address in the range 0x08000000..807FFFF:
- * 00001000000000 sss 0 ccccc rrrrrrrr 00
- *
- * EIM, as implemented on the Novena, uses a 19-bit address space:
- *   Bits 18..16 are the semgent selector.
- *   Bits 15..10 are the core selector.
- *   Bits 9..2 are the register selector.
- *   Bits 1..0 are zero, because reads and writes are always word aligned.
- *
- * Note that EIM can support 64 cores per segment, but we sacrifice one bit
- * in order to map it into a 16-bit address space.
- */
-
 #ifndef _HAL_H_
 #define _HAL_H_
 
-
-/*
- * Default sizes.
- */
-#define CORE_SIZE               (0x100)
-#define SEGMENT_SIZE            (0x20 * CORE_SIZE)
-
-
-/*
- * Segments.
- */
-#define SEGMENT_OFFSET_GLOBALS  (0 * SEGMENT_SIZE)
-#define SEGMENT_OFFSET_HASHES   (1 * SEGMENT_SIZE)
-#define SEGMENT_OFFSET_RNGS     (2 * SEGMENT_SIZE)
-#define SEGMENT_OFFSET_CIPHERS  (3 * SEGMENT_SIZE)
-#define SEGMENT_OFFSET_MATH     (4 * SEGMENT_SIZE)
-
-
 /*
- * Addresses and codes common to all cores.
+ * A handy macro from cryptlib.
  */
-#define ADDR_NAME0              (0x00)
-#define ADDR_NAME1              (0x01)
-#define ADDR_VERSION            (0x02)
-#define ADDR_CTRL               (0x08)
-#define CTRL_INIT               (1)
-#define CTRL_NEXT               (2)
-#define ADDR_STATUS             (0x09)
-#define STATUS_READY            (1)
-#define STATUS_VALID            (2)
-
-
-/* A handy macro from cryptlib */
 #ifndef bitsToBytes
 #define bitsToBytes(x)          (x / 8)
 #endif
 
-
 /*
- * Board segment.
- * Board-level registers and communication channel registers.
+ * Current name and version values.
+ *
+ * Should these even be here?  Dunno.
+ * Should the versions be here even if the names should be?
  */
-#define BOARD_ADDR_BASE         (SEGMENT_OFFSET_GLOBALS + (0 * CORE_SIZE))
-#define BOARD_ADDR_NAME0        (BOARD_ADDR_BASE + ADDR_NAME0)
-#define BOARD_ADDR_NAME1        (BOARD_ADDR_BASE + ADDR_NAME1)
-#define BOARD_ADDR_VERSION      (BOARD_ADDR_BASE + ADDR_VERSION)
-#define BOARD_ADDR_DUMMY        (BOARD_ADDR_BASE + 0xFF)
-
-#define COMM_ADDR_BASE          (SEGMENT_OFFSET_GLOBALS + (1 * CORE_SIZE))
-#define COMM_ADDR_NAME0         (COMM_ADDR_BASE + ADDR_NAME0)
-#define COMM_ADDR_NAME1         (COMM_ADDR_BASE + ADDR_NAME1)
-#define COMM_ADDR_VERSION       (COMM_ADDR_BASE + ADDR_VERSION)
-
-/* Current name and version values */
-#define NOVENA_BOARD_NAME0      "PVT1"
-#define NOVENA_BOARD_NAME1      "    "
+
+#define NOVENA_BOARD_NAME	"PVT1    "
 #define NOVENA_BOARD_VERSION    "0.10"
 
-#define EIM_INTERFACE_NAME0     "eim "
-#define EIM_INTERFACE_NAME1     "    "
+#define EIM_INTERFACE_NAME      "eim     "
 #define EIM_INTERFACE_VERSION   "0.10"
 
-#define I2C_INTERFACE_NAME0     "i2c "
-#define I2C_INTERFACE_NAME1     "    "
+#define I2C_INTERFACE_NAME      "i2c     "
 #define I2C_INTERFACE_VERSION   "0.10"
 
-
-/*
- * Hashes segment.
- */
-
-/* Addresses common to all hash cores */
-#define ADDR_BLOCK              (0x10)
-#define ADDR_DIGEST             (0x20)      /* except SHA512 */
-
-/* Addresses and codes for the specific hash cores */
-#define SHA1_ADDR_BASE          (SEGMENT_OFFSET_HASHES + (0 * CORE_SIZE))
-#define SHA1_ADDR_NAME0         (SHA1_ADDR_BASE + ADDR_NAME0)
-#define SHA1_ADDR_NAME1         (SHA1_ADDR_BASE + ADDR_NAME1)
-#define SHA1_ADDR_VERSION       (SHA1_ADDR_BASE + ADDR_VERSION)
-#define SHA1_ADDR_CTRL          (SHA1_ADDR_BASE + ADDR_CTRL)
-#define SHA1_ADDR_STATUS        (SHA1_ADDR_BASE + ADDR_STATUS)
-#define SHA1_ADDR_BLOCK         (SHA1_ADDR_BASE + ADDR_BLOCK)
-#define SHA1_ADDR_DIGEST        (SHA1_ADDR_BASE + ADDR_DIGEST)
-#define SHA1_BLOCK_LEN          bitsToBytes(512)
-#define SHA1_LENGTH_LEN         bitsToBytes(64)
-#define SHA1_DIGEST_LEN         bitsToBytes(160)
-
-#define SHA256_ADDR_BASE        (SEGMENT_OFFSET_HASHES + (1 * CORE_SIZE))
-#define SHA256_ADDR_NAME0       (SHA256_ADDR_BASE + ADDR_NAME0)
-#define SHA256_ADDR_NAME1       (SHA256_ADDR_BASE + ADDR_NAME1)
-#define SHA256_ADDR_VERSION     (SHA256_ADDR_BASE + ADDR_VERSION)
-#define SHA256_ADDR_CTRL        (SHA256_ADDR_BASE + ADDR_CTRL)
-#define SHA256_ADDR_STATUS      (SHA256_ADDR_BASE + ADDR_STATUS)
-#define SHA256_ADDR_BLOCK       (SHA256_ADDR_BASE + ADDR_BLOCK)
-#define SHA256_ADDR_DIGEST      (SHA256_ADDR_BASE + ADDR_DIGEST)
-#define SHA256_BLOCK_LEN        bitsToBytes(512)
-#define SHA256_LENGTH_LEN       bitsToBytes(64)
-#define SHA256_DIGEST_LEN       bitsToBytes(256)
-
-#define SHA512_ADDR_BASE        (SEGMENT_OFFSET_HASHES + (2 * CORE_SIZE))
-#define SHA512_ADDR_NAME0       (SHA512_ADDR_BASE + ADDR_NAME0)
-#define SHA512_ADDR_NAME1       (SHA512_ADDR_BASE + ADDR_NAME1)
-#define SHA512_ADDR_VERSION     (SHA512_ADDR_BASE + ADDR_VERSION)
-#define SHA512_ADDR_CTRL        (SHA512_ADDR_BASE + ADDR_CTRL)
-#define SHA512_ADDR_STATUS      (SHA512_ADDR_BASE + ADDR_STATUS)
-#define SHA512_ADDR_BLOCK       (SHA512_ADDR_BASE + ADDR_BLOCK)
-#define SHA512_ADDR_DIGEST      (SHA512_ADDR_BASE + 0x40)
-#define SHA512_BLOCK_LEN        bitsToBytes(1024)
-#define SHA512_LENGTH_LEN       bitsToBytes(128)
-#define SHA512_224_DIGEST_LEN   bitsToBytes(224)
-#define SHA512_256_DIGEST_LEN   bitsToBytes(256)
-#define SHA384_DIGEST_LEN       bitsToBytes(384)
-#define SHA512_DIGEST_LEN       bitsToBytes(512)
-#define MODE_SHA_512_224        (0 << 2)
-#define MODE_SHA_512_256        (1 << 2)
-#define MODE_SHA_384            (2 << 2)
-#define MODE_SHA_512            (3 << 2)
-
-/* Current name and version values */
-#define SHA1_NAME0              "sha1"
-#define SHA1_NAME1              "    "
-#define SHA1_VERSION            "0.50"
-
-#define SHA256_NAME0            "sha2"
-#define SHA256_NAME1            "-256"
-#define SHA256_VERSION          "0.80"
-
-#define SHA512_NAME0            "sha2"
-#define SHA512_NAME1            "-512"
-#define SHA512_VERSION          "0.80"
-
-
-/*
- * TRNG segment.
- */
-
-/* addresses and codes for the TRNG cores */
-#define TRNG_ADDR_BASE          (SEGMENT_OFFSET_RNGS + (0x00 * CORE_SIZE))
-#define TRNG_ADDR_NAME0         (TRNG_ADDR_BASE + ADDR_NAME0)
-#define TRNG_ADDR_NAME1         (TRNG_ADDR_BASE + ADDR_NAME1)
-#define TRNG_ADDR_VERSION       (TRNG_ADDR_BASE + ADDR_VERSION)
-#define TRNG_ADDR_CTRL          (TRNG_ADDR_BASE + 0x10)
-#define TRNG_CTRL_DISCARD       (1)
-#define TRNG_CTRL_TEST_MODE     (2)
-#define TRNG_ADDR_STATUS        (TRNG_ADDR_BASE + 0x11)
-/* No status bits defined (yet) */
-#define TRNG_ADDR_DELAY         (TRNG_ADDR_BASE + 0x13)
-
-#define ENTROPY1_ADDR_BASE      (SEGMENT_OFFSET_RNGS + (0x05 * CORE_SIZE))
-#define ENTROPY1_ADDR_NAME0     (ENTROPY1_ADDR_BASE + ADDR_NAME0)
-#define ENTROPY1_ADDR_NAME1     (ENTROPY1_ADDR_BASE + ADDR_NAME1)
-#define ENTROPY1_ADDR_VERSION   (ENTROPY1_ADDR_BASE + ADDR_VERSION)
-#define ENTROPY1_ADDR_CTRL      (ENTROPY1_ADDR_BASE + 0x10)
-#define ENTROPY1_CTRL_ENABLE    (1)
-#define ENTROPY1_ADDR_STATUS    (ENTROPY1_ADDR_BASE + 0x11)
-#define ENTROPY1_STATUS_VALID   (1)
-#define ENTROPY1_ADDR_ENTROPY   (ENTROPY1_ADDR_BASE + 0x20)
-#define ENTROPY1_ADDR_DELTA     (ENTROPY1_ADDR_BASE + 0x30)
-
-#define ENTROPY2_ADDR_BASE      (SEGMENT_OFFSET_RNGS + (0x06 * CORE_SIZE))
-#define ENTROPY2_ADDR_NAME0     (ENTROPY2_ADDR_BASE + ADDR_NAME0)
-#define ENTROPY2_ADDR_NAME1     (ENTROPY2_ADDR_BASE + ADDR_NAME1)
-#define ENTROPY2_ADDR_VERSION   (ENTROPY2_ADDR_BASE + ADDR_VERSION)
-#define ENTROPY2_ADDR_CTRL      (ENTROPY2_ADDR_BASE + 0x10)
-#define ENTROPY2_CTRL_ENABLE    (1)
-#define ENTROPY2_ADDR_STATUS    (ENTROPY2_ADDR_BASE + 0x11)
-#define ENTROPY2_STATUS_VALID   (1)
-#define ENTROPY2_ADDR_OPA       (ENTROPY2_ADDR_BASE + 0x18)
-#define ENTROPY2_ADDR_OPB       (ENTROPY2_ADDR_BASE + 0x19)
-#define ENTROPY2_ADDR_ENTROPY   (ENTROPY2_ADDR_BASE + 0x20)
-#define ENTROPY2_ADDR_RAW       (ENTROPY2_ADDR_BASE + 0x21)
-#define ENTROPY2_ADDR_ROSC      (ENTROPY2_ADDR_BASE + 0x22)
-
-#define MIXER_ADDR_BASE         (SEGMENT_OFFSET_RNGS + (0x0a * CORE_SIZE))
-#define MIXER_ADDR_NAME0        (MIXER_ADDR_BASE + ADDR_NAME0)
-#define MIXER_ADDR_NAME1        (MIXER_ADDR_BASE + ADDR_NAME1)
-#define MIXER_ADDR_VERSION      (MIXER_ADDR_BASE + ADDR_VERSION)
-#define MIXER_ADDR_CTRL         (MIXER_ADDR_BASE + 0x10)
-#define MIXER_CTRL_ENABLE       (1)
-#define MIXER_CTRL_RESTART      (2)
-#define MIXER_ADDR_STATUS       (MIXER_ADDR_BASE + 0x11)
-/* No status bits defined (yet) */
-#define MIXER_ADDR_TIMEOUT      (MIXER_ADDR_BASE + 0x20)
-
-#define CSPRNG_ADDR_BASE        (SEGMENT_OFFSET_RNGS + (0x0b * CORE_SIZE))
-#define CSPRNG_ADDR_NAME0       (CSPRNG_ADDR_BASE + ADDR_NAME0)
-#define CSPRNG_ADDR_NAME1       (CSPRNG_ADDR_BASE + ADDR_NAME1)
-#define CSPRNG_ADDR_VERSION     (CSPRNG_ADDR_BASE + ADDR_VERSION)
-#define CSPRNG_ADDR_CTRL        (CSPRNG_ADDR_BASE + 0x10)
-#define CSPRNG_CTRL_ENABLE      (1)
-#define CSPRNG_CTRL_SEED        (2)
-#define CSPRNG_ADDR_STATUS      (CSPRNG_ADDR_BASE + 0x11)
-#define CSPRNG_STATUS_VALID     (1)
-#define CSPRNG_ADDR_RANDOM      (CSPRNG_ADDR_BASE + 0x20)
-#define CSPRNG_ADDR_NROUNDS     (CSPRNG_ADDR_BASE + 0x40)
-#define CSPRNG_ADDR_NBLOCKS_LO  (CSPRNG_ADDR_BASE + 0x41)
-#define CSPRNG_ADDR_NBLOCKS_HI  (CSPRNG_ADDR_BASE + 0x42)
-
-/* Current name and version values */
-#define TRNG_NAME0              "trng"
-#define TRNG_NAME1              "    "
+#define TRNG_NAME               "trng    "
 #define TRNG_VERSION            "0.50"
 
-#define AVALANCHE_ENTROPY_NAME0   "extn"
-#define AVALANCHE_ENTROPY_NAME1   "oise"
+#define AVALANCHE_ENTROPY_NAME	"extnoise"
 #define AVALANCHE_ENTROPY_VERSION "0.10"
 
-#define ROSC_ENTROPY_NAME0      "rosc"
-#define ROSC_ENTROPY_NAME1      " ent"
+#define ROSC_ENTROPY_NAME       "rosc ent"
 #define ROSC_ENTROPY_VERSION    "0.10"
 
-#define CSPRNG_NAME0            "cspr"
-#define CSPRNG_NAME1            "ng  "
+#define CSPRNG_NAME             "csprng  "
 #define CSPRNG_VERSION          "0.50"
 
+#define SHA1_NAME               "sha1    "
+#define SHA1_VERSION            "0.50"
 
-/*
- * CIPHERS segment.
- */
+#define SHA256_NAME             "sha2-256"
+#define SHA256_VERSION          "0.80"
 
-/* AES core */
-#define AES_ADDR_BASE           (SEGMENT_OFFSET_CIPHERS + (0 * CORE_SIZE))
-#define AES_ADDR_NAME0          (AES_ADDR_BASE + ADDR_NAME0)
-#define AES_ADDR_NAME1          (AES_ADDR_BASE + ADDR_NAME1)
-#define AES_ADDR_VERSION        (AES_ADDR_BASE + ADDR_VERSION)
-#define AES_ADDR_CTRL           (AES_ADDR_BASE + ADDR_CTRL)
-#define AES_ADDR_STATUS         (AES_ADDR_BASE + ADDR_STATUS)
-
-#define AES_ADDR_CONFIG         (AES_ADDR_BASE + 0x0a)
-#define AES_CONFIG_ENCDEC       (1)
-#define AES_CONFIG_KEYLEN       (2)
-
-#define AES_ADDR_KEY0           (AES_ADDR_BASE + 0x10)
-#define AES_ADDR_KEY1           (AES_ADDR_BASE + 0x11)
-#define AES_ADDR_KEY2           (AES_ADDR_BASE + 0x12)
-#define AES_ADDR_KEY3           (AES_ADDR_BASE + 0x13)
-#define AES_ADDR_KEY4           (AES_ADDR_BASE + 0x14)
-#define AES_ADDR_KEY5           (AES_ADDR_BASE + 0x15)
-#define AES_ADDR_KEY6           (AES_ADDR_BASE + 0x16)
-#define AES_ADDR_KEY7           (AES_ADDR_BASE + 0x17)
-
-#define AES_ADDR_BLOCK0         (AES_ADDR_BASE + 0x20)
-#define AES_ADDR_BLOCK1         (AES_ADDR_BASE + 0x21)
-#define AES_ADDR_BLOCK2         (AES_ADDR_BASE + 0x22)
-#define AES_ADDR_BLOCK3         (AES_ADDR_BASE + 0x23)
-
-#define AES_ADDR_RESULT0        (AES_ADDR_BASE + 0x30)
-#define AES_ADDR_RESULT1        (AES_ADDR_BASE + 0x31)
-#define AES_ADDR_RESULT2        (AES_ADDR_BASE + 0x32)
-#define AES_ADDR_RESULT3        (AES_ADDR_BASE + 0x33)
-
-/* Current name and version values */
-#define AES_CORE_NAME0          "aes "
-#define AES_CORE_NAME1          "    "
-#define AES_CORE_VERSION        "0.80"
+#define SHA512_NAME             "sha2-512"
+#define SHA512_VERSION          "0.80"
 
+#define AES_CORE_NAME           "aes     "
+#define AES_CORE_VERSION        "0.80"
 
-/* Chacha core */
-#define CHACHA_ADDR_BASE        (SEGMENT_OFFSET_CIPHERS + (1 * CORE_SIZE))
-#define CHACHA_ADDR_NAME0       (CHACHA_ADDR_BASE + ADDR_NAME0)
-#define CHACHA_ADDR_NAME1       (CHACHA_ADDR_BASE + ADDR_NAME1)
-#define CHACHA_ADDR_VERSION     (CHACHA_ADDR_BASE + ADDR_VERSION)
-#define CHACHA_ADDR_CTRL        (CHACHA_ADDR_BASE + ADDR_CTRL)
-#define CHACHA_ADDR_STATUS      (CHACHA_ADDR_BASE + ADDR_STATUS)
-
-#define CHACHA_ADDR_KEYLEN      (CHACHA_ADDR_BASE + 0x0a)
-#define CHACHA_KEYLEN           (1)
-
-#define CHACHA_ADDR_ROUNDS      (CHACHA_ADDR_BASE + 0x0b)
-
-#define CHACHA_ADDR_KEY0        (CHACHA_ADDR_BASE + 0x10)
-#define CHACHA_ADDR_KEY1        (CHACHA_ADDR_BASE + 0x11)
-#define CHACHA_ADDR_KEY2        (CHACHA_ADDR_BASE + 0x12)
-#define CHACHA_ADDR_KEY3        (CHACHA_ADDR_BASE + 0x13)
-#define CHACHA_ADDR_KEY4        (CHACHA_ADDR_BASE + 0x14)
-#define CHACHA_ADDR_KEY5        (CHACHA_ADDR_BASE + 0x15)
-#define CHACHA_ADDR_KEY6        (CHACHA_ADDR_BASE + 0x16)
-#define CHACHA_ADDR_KEY7        (CHACHA_ADDR_BASE + 0x17)
-
-#define CHACHA_ADDR_IV0         (CHACHA_ADDR_BASE + 0x20)
-#define CHACHA_ADDR_IV1         (CHACHA_ADDR_BASE + 0x21)
-
-#define CHACHA_ADDR_DATA_IN0    (CHACHA_ADDR_BASE + 0x40)
-#define CHACHA_ADDR_DATA_IN1    (CHACHA_ADDR_BASE + 0x41)
-#define CHACHA_ADDR_DATA_IN2    (CHACHA_ADDR_BASE + 0x42)
-#define CHACHA_ADDR_DATA_IN3    (CHACHA_ADDR_BASE + 0x43)
-#define CHACHA_ADDR_DATA_IN4    (CHACHA_ADDR_BASE + 0x44)
-#define CHACHA_ADDR_DATA_IN5    (CHACHA_ADDR_BASE + 0x45)
-#define CHACHA_ADDR_DATA_IN6    (CHACHA_ADDR_BASE + 0x46)
-#define CHACHA_ADDR_DATA_IN7    (CHACHA_ADDR_BASE + 0x47)
-#define CHACHA_ADDR_DATA_IN8    (CHACHA_ADDR_BASE + 0x48)
-#define CHACHA_ADDR_DATA_IN9    (CHACHA_ADDR_BASE + 0x49)
-#define CHACHA_ADDR_DATA_IN10   (CHACHA_ADDR_BASE + 0x4a)
-#define CHACHA_ADDR_DATA_IN11   (CHACHA_ADDR_BASE + 0x4b)
-#define CHACHA_ADDR_DATA_IN12   (CHACHA_ADDR_BASE + 0x4c)
-#define CHACHA_ADDR_DATA_IN13   (CHACHA_ADDR_BASE + 0x4d)
-#define CHACHA_ADDR_DATA_IN14   (CHACHA_ADDR_BASE + 0x4e)
-#define CHACHA_ADDR_DATA_IN15   (CHACHA_ADDR_BASE + 0x4f)
-
-#define CHACHA_ADDR_DATA_OUT0   (CHACHA_ADDR_BASE + 0x80)
-#define CHACHA_ADDR_DATA_OUT1   (CHACHA_ADDR_BASE + 0x81)
-#define CHACHA_ADDR_DATA_OUT2   (CHACHA_ADDR_BASE + 0x82)
-#define CHACHA_ADDR_DATA_OUT3   (CHACHA_ADDR_BASE + 0x83)
-#define CHACHA_ADDR_DATA_OUT4   (CHACHA_ADDR_BASE + 0x84)
-#define CHACHA_ADDR_DATA_OUT5   (CHACHA_ADDR_BASE + 0x85)
-#define CHACHA_ADDR_DATA_OUT6   (CHACHA_ADDR_BASE + 0x86)
-#define CHACHA_ADDR_DATA_OUT7   (CHACHA_ADDR_BASE + 0x87)
-#define CHACHA_ADDR_DATA_OUT8   (CHACHA_ADDR_BASE + 0x88)
-#define CHACHA_ADDR_DATA_OUT9   (CHACHA_ADDR_BASE + 0x89)
-#define CHACHA_ADDR_DATA_OUT10  (CHACHA_ADDR_BASE + 0x8a)
-#define CHACHA_ADDR_DATA_OUT11  (CHACHA_ADDR_BASE + 0x8b)
-#define CHACHA_ADDR_DATA_OUT12  (CHACHA_ADDR_BASE + 0x8c)
-#define CHACHA_ADDR_DATA_OUT13  (CHACHA_ADDR_BASE + 0x8d)
-#define CHACHA_ADDR_DATA_OUT14  (CHACHA_ADDR_BASE + 0x8e)
-#define CHACHA_ADDR_DATA_OUT15  (CHACHA_ADDR_BASE + 0x8f)
-
-/* Current name and version values */
-#define CHACHA_NAME0            "chac"
-#define CHACHA_NAME1            "ha  "
+#define CHACHA_NAME             "chacha  "
 #define CHACHA_VERSION          "0.80"
 
-
-/*
- * MATH segment.
- */
-
-#define MATH_CORE_SIZE          (0x400)
-
-/*
- * ModExpS6 core.  MODEXPS6_OPERAND_BITS is size in bits of largest
- * supported modulus.
- */
-
-#define MODEXPS6_ADDR_BASE              (SEGMENT_OFFSET_MATH + (0x00 * MATH_CORE_SIZE))
-#define MODEXPS6_OPERAND_BITS           (4096)
-#define MODEXPS6_OPERAND_WORDS          (MODEXPS6_OPERAND_BITS/32)
-#define MODEXPS6_ADDR_REGISTERS         (MODEXPS6_ADDR_BASE + 0*MODEXPS6_OPERAND_WORDS)
-#define MODEXPS6_ADDR_OPERANDS          (MODEXPS6_ADDR_BASE + 4*MODEXPS6_OPERAND_WORDS)
-#define MODEXPS6_ADDR_NAME0             (MODEXPS6_ADDR_REGISTERS + ADDR_NAME0)
-#define MODEXPS6_ADDR_NAME1             (MODEXPS6_ADDR_REGISTERS + ADDR_NAME1)
-#define MODEXPS6_ADDR_VERSION           (MODEXPS6_ADDR_REGISTERS + ADDR_VERSION)
-#define MODEXPS6_ADDR_CTRL              (MODEXPS6_ADDR_REGISTERS + ADDR_CTRL)
-#define MODEXPS6_ADDR_STATUS            (MODEXPS6_ADDR_REGISTERS + ADDR_STATUS)
-#define MODEXPS6_ADDR_MODE              (MODEXPS6_ADDR_REGISTERS + 0x10)
-#define MODEXPS6_ADDR_MODULUS_WIDTH     (MODEXPS6_ADDR_REGISTERS + 0x11)
-#define MODEXPS6_ADDR_EXPONENT_WIDTH    (MODEXPS6_ADDR_REGISTERS + 0x12)
-#define MODEXPS6_ADDR_MODULUS           (MODEXPS6_ADDR_OPERANDS + 0*MODEXPS6_OPERAND_WORDS)
-#define MODEXPS6_ADDR_MESSAGE           (MODEXPS6_ADDR_OPERANDS + 1*MODEXPS6_OPERAND_WORDS)
-#define MODEXPS6_ADDR_EXPONENT          (MODEXPS6_ADDR_OPERANDS + 2*MODEXPS6_OPERAND_WORDS)
-#define MODEXPS6_ADDR_RESULT            (MODEXPS6_ADDR_OPERANDS + 3*MODEXPS6_OPERAND_WORDS)
-#define MODEXPS6_NAME0                  "mode"
-#define MODEXPS6_NAME1                  "xps6"
-#define MODEXPS6_VERSION                "0.10"
+#define MODEXPS6_NAME		"modexps6"
+#define MODEXPS6_VERSION	"0.10"
 
 /*
  * C API error codes.  Defined in this form so we can keep the tokens
@@ -442,6 +113,7 @@
   DEFINE_HAL_ERROR(HAL_ERROR_ASN1_PARSE_FAILED,         "ASN.1 parse failed")                           \
   DEFINE_HAL_ERROR(HAL_ERROR_KEY_NOT_ON_CURVE,          "EC key is not on its purported curve")         \
   DEFINE_HAL_ERROR(HAL_ERROR_INVALID_SIGNATURE,         "Invalid signature")                            \
+  DEFINE_HAL_ERROR(HAL_ERROR_CORE_NOT_FOUND,            "Requested core not found")                     \
   END_OF_HAL_ERROR_LIST
 
 /* Marker to forestall silly line continuation errors */
@@ -473,18 +145,45 @@ typedef off_t hal_addr_t;
 extern const char *hal_error_string(const hal_error_t err);
 
 /*
+ * Opaque structure representing a core.
+ */
+
+typedef struct hal_core hal_core_t;
+
+/*
  * Public I/O functions.
  */
 
 extern void hal_io_set_debug(int onoff);
-extern hal_error_t hal_io_write(hal_addr_t offset, const uint8_t *buf, size_t len);
-extern hal_error_t hal_io_read(hal_addr_t offset, uint8_t *buf, size_t len);
-extern hal_error_t hal_io_expected(hal_addr_t offset, const uint8_t *expected, size_t len);
-extern hal_error_t hal_io_init(hal_addr_t offset);
-extern hal_error_t hal_io_next(hal_addr_t offset);
-extern hal_error_t hal_io_wait(hal_addr_t offset, uint8_t status, int *count);
-extern hal_error_t hal_io_wait_ready(hal_addr_t offset);
-extern hal_error_t hal_io_wait_valid(hal_addr_t offset);
+extern hal_error_t hal_io_write(const hal_core_t *core, hal_addr_t offset, const uint8_t *buf, size_t len);
+extern hal_error_t hal_io_read(const hal_core_t *core, hal_addr_t offset, uint8_t *buf, size_t len);
+extern hal_error_t hal_io_init(const hal_core_t *core);
+extern hal_error_t hal_io_next(const hal_core_t *core);
+extern hal_error_t hal_io_wait(const hal_core_t *core, uint8_t status, int *count);
+extern hal_error_t hal_io_wait_ready(const hal_core_t *core);
+extern hal_error_t hal_io_wait_valid(const hal_core_t *core);
+
+/*
+ * Core management functions.
+ *
+ * Given our druthers, we'd handle public information about a core
+ * using the opaque type and individual access methods, but C's
+ * insistence on discarding array bounds information makes
+ * non-delimited character arrays problematic unless we wrap them in a
+ * structure.
+ */
+
+typedef struct {
+  char name[8];
+  char version[4];
+  hal_addr_t base;
+} hal_core_info_t;
+
+extern const hal_core_t *hal_core_find(const char *name, const hal_core_t *core);
+extern const hal_core_info_t *hal_core_info(const hal_core_t *core);
+extern hal_error_t hal_core_check_name(const hal_core_t **core, const char *name);
+extern hal_addr_t hal_core_base(const hal_core_t *core);
+extern const hal_core_t * hal_core_iterate(const hal_core_t *core);
 
 /*
  * Higher level public API.
@@ -494,7 +193,7 @@ extern hal_error_t hal_io_wait_valid(hal_addr_t offset);
  * Get random bytes from the CSPRNG.
  */
 
-extern hal_error_t hal_get_random(void *buffer, const size_t length);
+extern hal_error_t hal_get_random(const hal_core_t *core, void *buffer, const size_t length);
 
 /*
  * Hash and HMAC API.
@@ -530,11 +229,12 @@ typedef struct {
   const uint8_t * const digest_algorithm_id;
   size_t digest_algorithm_id_length;
   const hal_hash_driver_t *driver;
+  char core_name[8];
   unsigned can_restore_state : 1;
 } hal_hash_descriptor_t;
 
 /*
- * Opaque pointers to internal state.
+ * Opaque structures for internal state.
  */
 
 typedef struct hal_hash_state hal_hash_state_t;
@@ -558,9 +258,8 @@ extern const hal_hash_descriptor_t hal_hash_sha512[1];
 
 extern void hal_hash_set_debug(int onoff);
 
-extern hal_error_t hal_hash_core_present(const hal_hash_descriptor_t * const descriptor);
-
-extern hal_error_t hal_hash_initialize(const hal_hash_descriptor_t * const descriptor,
+extern hal_error_t hal_hash_initialize(const hal_core_t *core,
+                                       const hal_hash_descriptor_t * const descriptor,
                                        hal_hash_state_t **state,
                                        void *state_buffer, const size_t state_length);
 
@@ -570,7 +269,8 @@ extern hal_error_t hal_hash_update(hal_hash_state_t *state,
 extern hal_error_t hal_hash_finalize(hal_hash_state_t *state,
                                      uint8_t *digest, const size_t length);
 
-extern hal_error_t hal_hmac_initialize(const hal_hash_descriptor_t * const descriptor,
+extern hal_error_t hal_hmac_initialize(const hal_core_t *core,
+                                       const hal_hash_descriptor_t * const descriptor,
                                        hal_hmac_state_t **state,
                                        void *state_buffer, const size_t state_length,
                                        const uint8_t * const key, const size_t key_length);
@@ -588,11 +288,13 @@ extern void hal_hmac_cleanup(hal_hmac_state_t **state);
  * AES key wrap functions.
  */
 
-extern hal_error_t hal_aes_keywrap(const uint8_t *kek, const size_t kek_length,
+extern hal_error_t hal_aes_keywrap(const hal_core_t *core,
+                                   const uint8_t *kek, const size_t kek_length,
                                    const uint8_t *plaintext, const size_t plaintext_length,
                                    uint8_t *cyphertext, size_t *ciphertext_length);
 
-extern hal_error_t hal_aes_keyunwrap(const uint8_t *kek, const size_t kek_length,
+extern hal_error_t hal_aes_keyunwrap(const hal_core_t *core,
+                                     const uint8_t *kek, const size_t kek_length,
                                      const uint8_t *ciphertext, const size_t ciphertext_length,
                                      unsigned char *plaintext, size_t *plaintext_length);
 
@@ -603,7 +305,8 @@ extern size_t hal_aes_keywrap_ciphertext_length(const size_t plaintext_length);
  * the pseudo-random function (PRF).
  */
 
-extern hal_error_t hal_pbkdf2(const hal_hash_descriptor_t * const descriptor,
+extern hal_error_t hal_pbkdf2(const hal_core_t *core,
+                              const hal_hash_descriptor_t * const descriptor,
 			      const uint8_t * const password, const size_t password_length,
 			      const uint8_t * const salt,     const size_t salt_length,
 			      uint8_t       * derived_key,    const size_t derived_key_length,
@@ -615,7 +318,8 @@ extern hal_error_t hal_pbkdf2(const hal_hash_descriptor_t * const descriptor,
 
 extern void hal_modexp_set_debug(const int onoff);
 
-extern hal_error_t hal_modexp(const uint8_t * const msg, const size_t msg_len, /* Message */
+extern hal_error_t hal_modexp(const hal_core_t *core,
+                              const uint8_t * const msg, const size_t msg_len, /* Message */
                               const uint8_t * const exp, const size_t exp_len, /* Exponent */
                               const uint8_t * const mod, const size_t mod_len, /* Modulus */
                               uint8_t * result, const size_t result_len);
@@ -666,15 +370,18 @@ extern hal_error_t hal_rsa_key_get_public_exponent(const hal_rsa_key_t * const k
 
 extern void hal_rsa_key_clear(hal_rsa_key_t *key);
 
-extern hal_error_t hal_rsa_encrypt(const hal_rsa_key_t * const key,
+extern hal_error_t hal_rsa_encrypt(const hal_core_t *core,
+                                   const hal_rsa_key_t * const key,
                                    const uint8_t * const input,  const size_t input_len,
                                    uint8_t * output, const size_t output_len);
 
-extern hal_error_t hal_rsa_decrypt(const hal_rsa_key_t * const key,
+extern hal_error_t hal_rsa_decrypt(const hal_core_t *core,
+                                   const hal_rsa_key_t * const key,
                                    const uint8_t * const input,  const size_t input_len,
                                    uint8_t * output, const size_t output_len);
 
-extern hal_error_t hal_rsa_key_gen(hal_rsa_key_t **key,
+extern hal_error_t hal_rsa_key_gen(const hal_core_t *core,
+                                   hal_rsa_key_t **key,
                                    void *keybuf, const size_t keybuf_len,
                                    const unsigned key_length,
                                    const uint8_t * const public_exponent, const size_t public_exponent_len);
@@ -729,7 +436,8 @@ extern hal_error_t hal_ecdsa_key_get_public(const hal_ecdsa_key_t * const key,
 
 extern void hal_ecdsa_key_clear(hal_ecdsa_key_t *key);
 
-extern hal_error_t hal_ecdsa_key_gen(hal_ecdsa_key_t **key,
+extern hal_error_t hal_ecdsa_key_gen(const hal_core_t *core,
+                                     hal_ecdsa_key_t **key,
                                      void *keybuf, const size_t keybuf_len,
                                      const hal_ecdsa_curve_t curve);
 
@@ -752,15 +460,17 @@ extern hal_error_t hal_ecdsa_key_from_ecpoint(hal_ecdsa_key_t **key,
                                               const uint8_t * const der, const size_t der_len,
                                               const hal_ecdsa_curve_t curve);
 
-extern hal_error_t hal_ecdsa_sign(const hal_ecdsa_key_t * const key,
+extern hal_error_t hal_ecdsa_sign(const hal_core_t *core,
+                                  const hal_ecdsa_key_t * const key,
                                   const uint8_t * const hash, const size_t hash_len,
                                   uint8_t *signature, size_t *signature_len, const size_t signature_max,
                                   const hal_ecdsa_signature_format_t signature_format);
 
-extern hal_error_t hal_ecdsa_verify(const hal_ecdsa_key_t * const key,
-                                  const uint8_t * const hash, const size_t hash_len,
-                                  const uint8_t * const signature, const size_t signature_len,
-                                  const hal_ecdsa_signature_format_t signature_format);
+extern hal_error_t hal_ecdsa_verify(const hal_core_t *core,
+                                    const hal_ecdsa_key_t * const key,
+                                    const uint8_t * const hash, const size_t hash_len,
+                                    const uint8_t * const signature, const size_t signature_len,
+                                    const hal_ecdsa_signature_format_t signature_format);
 
 #endif /* _HAL_H_ */
 
diff --git a/hal_io_eim.c b/hal_io_eim.c
index c0f70f4..4f9df65 100644
--- a/hal_io_eim.c
+++ b/hal_io_eim.c
@@ -43,6 +43,7 @@
 
 #include "novena-eim.h"
 #include "hal.h"
+#include "verilog_constants.h"
 
 static int debug = 0;
 static int inited = 0;
@@ -93,7 +94,7 @@ static void dump(char *label, const uint8_t *buf, size_t len)
   }
 }
 
-hal_error_t hal_io_write(hal_addr_t offset, const uint8_t *buf, size_t len)
+hal_error_t hal_io_write(const hal_core_t *core, hal_addr_t offset, const uint8_t *buf, size_t len)
 {
   hal_error_t err;
 
@@ -105,7 +106,7 @@ hal_error_t hal_io_write(hal_addr_t offset, const uint8_t *buf, size_t len)
 
   dump("write ", buf, len);
 
-  offset = eim_offset(offset);
+  offset = eim_offset(offset + hal_core_base(core));
   for (; len > 0; offset += 4, buf += 4, len -= 4) {
     uint32_t val;
     val = htonl(*(uint32_t *)buf);
@@ -115,7 +116,7 @@ hal_error_t hal_io_write(hal_addr_t offset, const uint8_t *buf, size_t len)
   return HAL_OK;
 }
 
-hal_error_t hal_io_read(hal_addr_t offset, uint8_t *buf, size_t len)
+hal_error_t hal_io_read(const hal_core_t *core, hal_addr_t offset, uint8_t *buf, size_t len)
 {
   uint8_t *rbuf = buf;
   int rlen = len;
@@ -127,7 +128,7 @@ hal_error_t hal_io_read(hal_addr_t offset, uint8_t *buf, size_t len)
   if ((err = init()) != HAL_OK)
     return err;
 
-  offset = eim_offset(offset);
+  offset = eim_offset(offset + hal_core_base(core));
   for (; rlen > 0; offset += 4, rbuf += 4, rlen -= 4) {
     uint32_t val;
     eim_read_32(offset, &val);
@@ -139,40 +140,19 @@ hal_error_t hal_io_read(hal_addr_t offset, uint8_t *buf, size_t len)
   return HAL_OK;
 }
 
-hal_error_t hal_io_expected(hal_addr_t offset, const uint8_t *expected, size_t len)
-{
-  hal_error_t err;
-  uint8_t buf[4];
-  size_t i;
-
-  if (len % 4 != 0)
-    return HAL_ERROR_IO_BAD_COUNT;
-
-  dump("expect", expected, len);
-
-  for (i = 0; i < len; i++) {
-    if ((i & 3) == 0 && (err = hal_io_read(offset + i/4, buf, sizeof(buf))) != HAL_OK)
-      return err;
-    if (buf[i & 3] != expected[i])
-      return HAL_ERROR_IO_UNEXPECTED;
-  }
-
-  return HAL_OK;
-}
-
-hal_error_t hal_io_init(hal_addr_t offset)
+hal_error_t hal_io_init(const hal_core_t *core)
 {
   uint8_t buf[4] = { 0, 0, 0, CTRL_INIT };
-  return hal_io_write(offset, buf, sizeof(buf));
+  return hal_io_write(core, ADDR_CTRL, buf, sizeof(buf));
 }
 
-hal_error_t hal_io_next(hal_addr_t offset)
+hal_error_t hal_io_next(const hal_core_t *core)
 {
   uint8_t buf[4] = { 0, 0, 0, CTRL_NEXT };
-  return hal_io_write(offset, buf, sizeof(buf));
+  return hal_io_write(core, ADDR_CTRL, buf, sizeof(buf));
 }
 
-hal_error_t hal_io_wait(hal_addr_t offset, uint8_t status, int *count)
+hal_error_t hal_io_wait(const hal_core_t *core, uint8_t status, int *count)
 {
   hal_error_t err;
   uint8_t buf[4];
@@ -183,7 +163,7 @@ hal_error_t hal_io_wait(hal_addr_t offset, uint8_t status, int *count)
     if (count && (*count > 0) && (i >= *count))
       return HAL_ERROR_IO_TIMEOUT;
 
-    if ((err = hal_io_read(offset, buf, sizeof(buf))) != HAL_OK)
+    if ((err = hal_io_read(core, ADDR_STATUS, buf, sizeof(buf))) != HAL_OK)
       return err;
 
     if ((buf[3] & status) != 0) {
@@ -194,16 +174,16 @@ hal_error_t hal_io_wait(hal_addr_t offset, uint8_t status, int *count)
   }
 }
 
-hal_error_t hal_io_wait_ready(hal_addr_t offset)
+hal_error_t hal_io_wait_ready(const hal_core_t *core)
 {
   int limit = EIM_IO_TIMEOUT;
-  return hal_io_wait(offset, STATUS_READY, &limit);
+  return hal_io_wait(core, STATUS_READY, &limit);
 }
 
-hal_error_t hal_io_wait_valid(hal_addr_t offset)
+hal_error_t hal_io_wait_valid(const hal_core_t *core)
 {
   int limit = EIM_IO_TIMEOUT;
-  return hal_io_wait(offset, STATUS_VALID, &limit);
+  return hal_io_wait(core, STATUS_VALID, &limit);
 }
 
 /*
diff --git a/hal_io_i2c.c b/hal_io_i2c.c
index 1dbd041..3e8ac59 100644
--- a/hal_io_i2c.c
+++ b/hal_io_i2c.c
@@ -41,6 +41,7 @@
 #include <stdint.h>
 
 #include "hal.h"
+#include "verilog_constants.h"
 
 #define I2C_dev                 "/dev/i2c-2"
 #define I2C_addr                0x0f
diff --git a/hash.c b/hash.c
index 5729a5e..5316a2d 100644
--- a/hash.c
+++ b/hash.c
@@ -43,6 +43,7 @@
 #include <sys/ioctl.h>
 
 #include "hal.h"
+#include "verilog_constants.h"
 
 /*
  * HMAC magic numbers.
@@ -66,12 +67,8 @@
 
 struct hal_hash_driver {
   size_t length_length;                 /* Length of the length field */
-  hal_addr_t block_addr;                     /* Where to write hash blocks */
-  hal_addr_t ctrl_addr;                      /* Control register */
-  hal_addr_t status_addr;                    /* Status register */
-  hal_addr_t digest_addr;                    /* Where to read digest */
-  hal_addr_t name_addr;                      /* Where to read core name */
-  char core_name[8];                    /* Expected name of core */
+  hal_addr_t block_addr;  		/* Where to write hash blocks */
+  hal_addr_t digest_addr;               /* Where to read digest */
   uint8_t ctrl_mode;                    /* Digest mode, for cores that have modes */
 };
 
@@ -81,6 +78,7 @@ struct hal_hash_driver {
  */
 
 struct hal_hash_state {
+  const hal_core_t *core;
   const hal_hash_descriptor_t *descriptor;
   const hal_hash_driver_t *driver;
   uint64_t msg_length_high;                     /* Total data hashed in this message */
@@ -116,45 +114,27 @@ struct hal_hmac_state {
  */
 
 static const hal_hash_driver_t sha1_driver = {
-  SHA1_LENGTH_LEN,
-  SHA1_ADDR_BLOCK, SHA1_ADDR_CTRL, SHA1_ADDR_STATUS, SHA1_ADDR_DIGEST,
-  SHA1_ADDR_NAME0, (SHA1_NAME0 SHA1_NAME1),
-  0
+  SHA1_LENGTH_LEN, SHA1_ADDR_BLOCK, SHA1_ADDR_DIGEST, 0
 };
 
 static const hal_hash_driver_t sha256_driver = {
-  SHA256_LENGTH_LEN,
-  SHA256_ADDR_BLOCK, SHA256_ADDR_CTRL, SHA256_ADDR_STATUS, SHA256_ADDR_DIGEST,
-  SHA256_ADDR_NAME0, (SHA256_NAME0 SHA256_NAME1),
-  0
+  SHA256_LENGTH_LEN, SHA256_ADDR_BLOCK, SHA256_ADDR_DIGEST, 0
 };
 
 static const hal_hash_driver_t sha512_224_driver = {
-  SHA512_LENGTH_LEN,
-  SHA512_ADDR_BLOCK, SHA512_ADDR_CTRL, SHA512_ADDR_STATUS, SHA512_ADDR_DIGEST,
-  SHA512_ADDR_NAME0, (SHA512_NAME0 SHA512_NAME1),
-  MODE_SHA_512_224
+  SHA512_LENGTH_LEN, SHA512_ADDR_BLOCK, SHA512_ADDR_DIGEST, MODE_SHA_512_224
 };
 
 static const hal_hash_driver_t sha512_256_driver = {
-  SHA512_LENGTH_LEN,
-  SHA512_ADDR_BLOCK, SHA512_ADDR_CTRL, SHA512_ADDR_STATUS, SHA512_ADDR_DIGEST,
-  SHA512_ADDR_NAME0, (SHA512_NAME0 SHA512_NAME1),
-  MODE_SHA_512_256
+  SHA512_LENGTH_LEN, SHA512_ADDR_BLOCK, SHA512_ADDR_DIGEST, MODE_SHA_512_256
 };
 
 static const hal_hash_driver_t sha384_driver = {
-  SHA512_LENGTH_LEN,
-  SHA512_ADDR_BLOCK, SHA512_ADDR_CTRL, SHA512_ADDR_STATUS, SHA512_ADDR_DIGEST,
-  SHA512_ADDR_NAME0, (SHA512_NAME0 SHA512_NAME1),
-  MODE_SHA_384
+  SHA512_LENGTH_LEN, SHA512_ADDR_BLOCK, SHA512_ADDR_DIGEST, MODE_SHA_384
 };
 
 static const hal_hash_driver_t sha512_driver = {
-  SHA512_LENGTH_LEN,
-  SHA512_ADDR_BLOCK, SHA512_ADDR_CTRL, SHA512_ADDR_STATUS, SHA512_ADDR_DIGEST,
-  SHA512_ADDR_NAME0, (SHA512_NAME0 SHA512_NAME1),
-  MODE_SHA_512
+  SHA512_LENGTH_LEN, SHA512_ADDR_BLOCK, SHA512_ADDR_DIGEST, MODE_SHA_512
 };
 
 /*
@@ -190,42 +170,42 @@ const hal_hash_descriptor_t hal_hash_sha1[1] = {{
   SHA1_BLOCK_LEN, SHA1_DIGEST_LEN,
   sizeof(hal_hash_state_t), sizeof(hal_hmac_state_t),
   dalgid_sha1, sizeof(dalgid_sha1),
-  &sha1_driver, 0
+  &sha1_driver, SHA1_NAME, 0
 }};
 
 const hal_hash_descriptor_t hal_hash_sha256[1] = {{
   SHA256_BLOCK_LEN, SHA256_DIGEST_LEN,
   sizeof(hal_hash_state_t), sizeof(hal_hmac_state_t),
   dalgid_sha256, sizeof(dalgid_sha256),
-  &sha256_driver, 1
+  &sha256_driver, SHA256_NAME, 1
 }};
 
 const hal_hash_descriptor_t hal_hash_sha512_224[1] = {{
   SHA512_BLOCK_LEN, SHA512_224_DIGEST_LEN,
   sizeof(hal_hash_state_t), sizeof(hal_hmac_state_t),
   dalgid_sha512_224, sizeof(dalgid_sha512_224),
-  &sha512_224_driver, 0
+  &sha512_224_driver, SHA512_NAME, 0
 }};
 
 const hal_hash_descriptor_t hal_hash_sha512_256[1] = {{
   SHA512_BLOCK_LEN, SHA512_256_DIGEST_LEN,
   sizeof(hal_hash_state_t), sizeof(hal_hmac_state_t),
   dalgid_sha512_256, sizeof(dalgid_sha512_256),
-  &sha512_256_driver, 0
+  &sha512_256_driver, SHA512_NAME, 0
 }};
 
 const hal_hash_descriptor_t hal_hash_sha384[1] = {{
   SHA512_BLOCK_LEN, SHA384_DIGEST_LEN,
   sizeof(hal_hash_state_t), sizeof(hal_hmac_state_t),
   dalgid_sha384, sizeof(dalgid_sha384),
-  &sha384_driver, 0
+  &sha384_driver, SHA512_NAME, 0
 }};
 
 const hal_hash_descriptor_t hal_hash_sha512[1] = {{
   SHA512_BLOCK_LEN, SHA512_DIGEST_LEN,
   sizeof(hal_hash_state_t), sizeof(hal_hmac_state_t),
   dalgid_sha512, sizeof(dalgid_sha512),
-  &sha512_driver, 0
+  &sha512_driver, SHA512_NAME, 0
 }};
 
 /*
@@ -253,31 +233,29 @@ static const hal_hash_driver_t *check_driver(const hal_hash_descriptor_t * const
 }
 
 /*
- * Report whether cores are present.
+ * Internal utility to check core against descriptor, including
+ * attempting to locate an appropriate core if we weren't given one.
  */
 
-hal_error_t hal_hash_core_present(const hal_hash_descriptor_t * const descriptor)
+static hal_error_t check_core(const hal_core_t **core,
+                              const hal_hash_descriptor_t * const descriptor)
 {
-  const hal_hash_driver_t * const driver = check_driver(descriptor);
-
-  if (driver == NULL)
-    return HAL_ERROR_BAD_ARGUMENTS;
-
-  return hal_io_expected(driver->name_addr,
-                         (const uint8_t *) driver->core_name,
-                         sizeof(driver->core_name));
+  assert(descriptor != NULL && descriptor->driver != NULL);
+  return hal_core_check_name(core, descriptor->core_name);
 }
 
 /*
  * Initialize hash state.
  */
 
-hal_error_t hal_hash_initialize(const hal_hash_descriptor_t * const descriptor,
+hal_error_t hal_hash_initialize(const hal_core_t *core,
+                                const hal_hash_descriptor_t * const descriptor,
                                 hal_hash_state_t **state_,
                                 void *state_buffer, const size_t state_length)
 {
   const hal_hash_driver_t * const driver = check_driver(descriptor);
   hal_hash_state_t *state = state_buffer;
+  hal_error_t err;
 
   if (driver == NULL || state_ == NULL)
     return HAL_ERROR_BAD_ARGUMENTS;
@@ -285,12 +263,16 @@ hal_error_t hal_hash_initialize(const hal_hash_descriptor_t * const descriptor,
   if (state_buffer != NULL && state_length < descriptor->hash_state_length)
     return HAL_ERROR_BAD_ARGUMENTS;
 
+  if ((err = check_core(&core, descriptor)) != HAL_OK)
+    return err;
+
   if (state_buffer == NULL && (state = malloc(descriptor->hash_state_length)) == NULL)
       return HAL_ERROR_ALLOCATION_FAILURE;
 
   memset(state, 0, sizeof(*state));
   state->descriptor = descriptor;
   state->driver = driver;
+  state->core = core;
     
   if (state_buffer == NULL)
     state->flags |= STATE_FLAG_STATE_ALLOCATED;
@@ -324,7 +306,8 @@ void hal_hash_cleanup(hal_hash_state_t **state_)
  * read current hash state from core.
  */
 
-static hal_error_t hash_read_digest(const hal_hash_driver_t * const driver,
+static hal_error_t hash_read_digest(const hal_core_t *core,
+                                    const hal_hash_driver_t * const driver,
                                     uint8_t *digest,
                                     const size_t digest_length)
 {
@@ -332,17 +315,18 @@ static hal_error_t hash_read_digest(const hal_hash_driver_t * const driver,
 
   assert(digest != NULL && digest_length % 4 == 0);
 
-  if ((err = hal_io_wait_valid(driver->status_addr)) != HAL_OK)
+  if ((err = hal_io_wait_valid(core)) != HAL_OK)
     return err;
 
-  return hal_io_read(driver->digest_addr, digest, digest_length);
+  return hal_io_read(core, driver->digest_addr, digest, digest_length);
 }
 
 /*
  * Write hash state back to core.
  */
 
-static hal_error_t hash_write_digest(const hal_hash_driver_t * const driver,
+static hal_error_t hash_write_digest(const hal_core_t *core,
+                                     const hal_hash_driver_t * const driver,
                                      const uint8_t * const digest,
                                      const size_t digest_length)
 {
@@ -350,10 +334,10 @@ static hal_error_t hash_write_digest(const hal_hash_driver_t * const driver,
 
   assert(digest != NULL && digest_length % 4 == 0);
 
-  if ((err = hal_io_wait_ready(driver->status_addr)) != HAL_OK)
+  if ((err = hal_io_wait_ready(core)) != HAL_OK)
     return err;
 
-  return hal_io_write(driver->digest_addr, digest, digest_length);
+  return hal_io_write(core, driver->digest_addr, digest, digest_length);
 }
 
 /*
@@ -374,16 +358,16 @@ static hal_error_t hash_write_block(hal_hash_state_t * const state)
   if (debug)
     fprintf(stderr, "[ %s ]\n", state->block_count == 0 ? "init" : "next");
 
-  if ((err = hal_io_wait_ready(state->driver->status_addr)) != HAL_OK)
+  if ((err = hal_io_wait_ready(state->core)) != HAL_OK)
     return err;
 
   if (state->descriptor->can_restore_state &&
       state->block_count != 0 &&
-      (err = hash_write_digest(state->driver, state->core_state,
+      (err = hash_write_digest(state->core, state->driver, state->core_state,
                                state->descriptor->digest_length)) != HAL_OK)
     return err;
 
-  if ((err = hal_io_write(state->driver->block_addr, state->block,
+  if ((err = hal_io_write(state->core, state->driver->block_addr, state->block,
                           state->descriptor->block_length)) != HAL_OK)
     return err;
 
@@ -391,15 +375,15 @@ static hal_error_t hash_write_block(hal_hash_state_t * const state)
   ctrl_cmd[3] = state->block_count == 0 ? CTRL_INIT : CTRL_NEXT;
   ctrl_cmd[3] |= state->driver->ctrl_mode;
 
-  if ((err = hal_io_write(state->driver->ctrl_addr, ctrl_cmd, sizeof(ctrl_cmd))) != HAL_OK)
+  if ((err = hal_io_write(state->core, ADDR_CTRL, ctrl_cmd, sizeof(ctrl_cmd))) != HAL_OK)
     return err;
 
   if (state->descriptor->can_restore_state &&
-      (err = hash_read_digest(state->driver, state->core_state,
+      (err = hash_read_digest(state->core, state->driver, state->core_state,
                               state->descriptor->digest_length)) != HAL_OK)
     return err;
 
-  return hal_io_wait_valid(state->driver->status_addr);
+  return hal_io_wait_valid(state->core);
 }
 
 /*
@@ -530,7 +514,7 @@ hal_error_t hal_hash_finalize(hal_hash_state_t *state,            	/* Opaque sta
   state->block_count++;
 
   /* All data pushed to core, now we just need to read back the result */
-  if ((err = hash_read_digest(state->driver, digest_buffer, state->descriptor->digest_length)) != HAL_OK)
+  if ((err = hash_read_digest(state->core, state->driver, digest_buffer, state->descriptor->digest_length)) != HAL_OK)
     return err;
 
   return HAL_OK;
@@ -540,7 +524,8 @@ hal_error_t hal_hash_finalize(hal_hash_state_t *state,            	/* Opaque sta
  * Initialize HMAC state.
  */
 
-hal_error_t hal_hmac_initialize(const hal_hash_descriptor_t * const descriptor,
+hal_error_t hal_hmac_initialize(const hal_core_t *core,
+                                const hal_hash_descriptor_t * const descriptor,
                                 hal_hmac_state_t **state_,
                                 void *state_buffer, const size_t state_length,
                                 const uint8_t * const key, const size_t key_length)
@@ -556,6 +541,9 @@ hal_error_t hal_hmac_initialize(const hal_hash_descriptor_t * const descriptor,
   if (state_buffer != NULL && state_length < descriptor->hmac_state_length)
     return HAL_ERROR_BAD_ARGUMENTS;
 
+  if ((err = check_core(&core, descriptor)) != HAL_OK)
+    return err;
+
   if (state_buffer == NULL && (state = malloc(descriptor->hmac_state_length)) == NULL)
     return HAL_ERROR_ALLOCATION_FAILURE;
 
@@ -573,7 +561,7 @@ hal_error_t hal_hmac_initialize(const hal_hash_descriptor_t * const descriptor,
     return HAL_ERROR_UNSUPPORTED_KEY;
 #endif
 
-  if ((err = hal_hash_initialize(descriptor, &h, &state->hash_state,
+  if ((err = hal_hash_initialize(core, descriptor, &h, &state->hash_state,
                                  sizeof(state->hash_state))) != HAL_OK)
     goto fail;
 
@@ -593,7 +581,7 @@ hal_error_t hal_hmac_initialize(const hal_hash_descriptor_t * const descriptor,
 
   else if ((err = hal_hash_update(h, key, key_length))                         != HAL_OK ||
            (err = hal_hash_finalize(h, state->keybuf, sizeof(state->keybuf)))  != HAL_OK ||
-           (err = hal_hash_initialize(descriptor, &h, &state->hash_state,
+           (err = hal_hash_initialize(core, descriptor, &h, &state->hash_state,
                                       sizeof(state->hash_state)))              != HAL_OK)
     goto fail;
 
@@ -693,7 +681,7 @@ hal_error_t hal_hmac_finalize(hal_hmac_state_t *state,
    */
 
   if ((err = hal_hash_finalize(h, d, sizeof(d)))                           != HAL_OK ||
-      (err = hal_hash_initialize(descriptor, &h, &state->hash_state,
+      (err = hal_hash_initialize(h->core, descriptor, &h, &state->hash_state,
                                  sizeof(state->hash_state)))               != HAL_OK ||
       (err = hal_hash_update(h, state->keybuf, descriptor->block_length))  != HAL_OK ||
       (err = hal_hash_update(h, d, descriptor->digest_length))             != HAL_OK ||
diff --git a/modexp.c b/modexp.c
index b82f1ff..f008064 100644
--- a/modexp.c
+++ b/modexp.c
@@ -46,6 +46,7 @@
 #include <assert.h>
 
 #include "hal.h"
+#include "verilog_constants.h"
 
 /*
  * Whether we want debug output.
@@ -76,7 +77,8 @@ void hal_modexp_set_debug(const int onoff)
  * Set an ordinary register.
  */
 
-static hal_error_t set_register(const hal_addr_t addr,
+static hal_error_t set_register(const hal_core_t *core,
+                                const hal_addr_t addr,
                                 uint32_t value)
 {
   uint8_t w[4];
@@ -87,7 +89,7 @@ static hal_error_t set_register(const hal_addr_t addr,
     value >>= 8;
   }
 
-  return hal_io_write(addr, w, sizeof(w));
+  return hal_io_write(core, addr, w, sizeof(w));
 }
 
 /*
@@ -96,7 +98,8 @@ static hal_error_t set_register(const hal_addr_t addr,
  * expects.
  */
 
-static hal_error_t get_buffer(const hal_addr_t data_addr,
+static hal_error_t get_buffer(const hal_core_t *core,
+                              const hal_addr_t data_addr,
                               uint8_t *value,
                               const size_t length)
 {
@@ -105,7 +108,7 @@ static hal_error_t get_buffer(const hal_addr_t data_addr,
   assert(value != NULL && length % 4 == 0);
 
   for (i = 0; i < length; i += 4)
-    check(hal_io_read(data_addr + i/4, &value[length - 4 - i], 4));
+    check(hal_io_read(core, data_addr + i/4, &value[length - 4 - i], 4));
 
   return HAL_OK;
 }
@@ -116,7 +119,8 @@ static hal_error_t get_buffer(const hal_addr_t data_addr,
  * expects.
  */
 
-static hal_error_t set_buffer(const hal_addr_t data_addr,
+static hal_error_t set_buffer(const hal_core_t *core,
+                              const hal_addr_t data_addr,
                               const uint8_t * const value,
                               const size_t length)
 {
@@ -125,7 +129,7 @@ static hal_error_t set_buffer(const hal_addr_t data_addr,
   assert(value != NULL && length % 4 == 0);
 
   for (i = 0; i < length; i += 4)
-    check(hal_io_write(data_addr + i/4, &value[length - 4 - i], 4));
+    check(hal_io_write(core, data_addr + i/4, &value[length - 4 - i], 4));
 
   return HAL_OK;
 }
@@ -134,7 +138,8 @@ static hal_error_t set_buffer(const hal_addr_t data_addr,
  * Run one modexp operation.
  */
 
-hal_error_t hal_modexp(const uint8_t * const msg, const size_t msg_len, /* Message */
+hal_error_t hal_modexp(const hal_core_t *core,
+                       const uint8_t * const msg, const size_t msg_len, /* Message */
                        const uint8_t * const exp, const size_t exp_len, /* Exponent */
                        const uint8_t * const mod, const size_t mod_len, /* Modulus */
                        uint8_t *result, const size_t result_len)
@@ -171,37 +176,37 @@ hal_error_t hal_modexp(const uint8_t * const msg, const size_t msg_len, /* Messa
    */
 
   /* Select mode (1 = fast, 0 = safe) */
-  check(set_register(MODEXPS6_ADDR_MODE, (exp_len <= 4)));
+  check(set_register(core, MODEXPS6_ADDR_MODE, (exp_len <= 4)));
 
   /* Set modulus size in bits */
-  check(set_register(MODEXPS6_ADDR_MODULUS_WIDTH, mod_len * 8));
+  check(set_register(core, MODEXPS6_ADDR_MODULUS_WIDTH, mod_len * 8));
 
   /* Write new modulus */
-  check(set_buffer(MODEXPS6_ADDR_MODULUS, mod, mod_len));
+  check(set_buffer(core, MODEXPS6_ADDR_MODULUS, mod, mod_len));
 
   /* Pre-calcuate speed-up coefficient */
-  check(hal_io_init(MODEXPS6_ADDR_CTRL));
+  check(hal_io_init(core));
 
   /* Wait for calculation to complete */
-  check(hal_io_wait_ready(MODEXPS6_ADDR_STATUS));
+  check(hal_io_wait_ready(core));
 
   /* Write new message */
-  check(set_buffer(MODEXPS6_ADDR_MESSAGE, msg, msg_len));
+  check(set_buffer(core, MODEXPS6_ADDR_MESSAGE, msg, msg_len));
 
   /* Set new exponent length in bits */
-  check(set_register(MODEXPS6_ADDR_EXPONENT_WIDTH, exp_len * 8));
+  check(set_register(core, MODEXPS6_ADDR_EXPONENT_WIDTH, exp_len * 8));
 
   /* Set new exponent */
-  check(set_buffer(MODEXPS6_ADDR_EXPONENT, exp, exp_len));
+  check(set_buffer(core, MODEXPS6_ADDR_EXPONENT, exp, exp_len));
 
   /* Start calculation */
-  check(hal_io_next(MODEXPS6_ADDR_CTRL));
+  check(hal_io_next(core));
 
   /* Wait for result */
-  check(hal_io_wait_valid(MODEXPS6_ADDR_STATUS));
+  check(hal_io_wait_valid(core));
 
   /* Extract result */
-  check(get_buffer(MODEXPS6_ADDR_RESULT, result, mod_len));
+  check(get_buffer(core, MODEXPS6_ADDR_RESULT, result, mod_len));
 
   return HAL_OK;
 }
diff --git a/pbkdf2.c b/pbkdf2.c
index 4ad1e3a..def5067 100644
--- a/pbkdf2.c
+++ b/pbkdf2.c
@@ -43,13 +43,15 @@
 #include <sys/ioctl.h>
 
 #include "hal.h"
+#include "verilog_constants.h"
 
 /*
  * Utility to encapsulate the HMAC operations.  May need refactoring
  * if and when we get clever about reusing HMAC state for speed.
  */
 
-static hal_error_t do_hmac(const hal_hash_descriptor_t * const d,
+static hal_error_t do_hmac(const hal_core_t *core,
+                           const hal_hash_descriptor_t * const d,
                            const uint8_t * const pw,   const size_t pw_len,
                            const uint8_t * const data, const size_t data_len,
                            const uint32_t  block,
@@ -61,7 +63,7 @@ static hal_error_t do_hmac(const hal_hash_descriptor_t * const d,
   hal_hmac_state_t *s;
   hal_error_t err;
 
-  if ((err = hal_hmac_initialize(d, &s, sb, sizeof(sb), pw, pw_len)) != HAL_OK)
+  if ((err = hal_hmac_initialize(core, d, &s, sb, sizeof(sb), pw, pw_len)) != HAL_OK)
     return err;
 
   if ((err = hal_hmac_update(s, data, data_len)) != HAL_OK)
@@ -80,7 +82,8 @@ static hal_error_t do_hmac(const hal_hash_descriptor_t * const d,
  * Derive a key from a passphrase using the PBKDF2 algorithm.
  */
 
-hal_error_t hal_pbkdf2(const hal_hash_descriptor_t * const descriptor,
+hal_error_t hal_pbkdf2(const hal_core_t *core,
+                       const hal_hash_descriptor_t * const descriptor,
                        const uint8_t * const password, const size_t password_length,
                        const uint8_t * const salt,     const size_t salt_length,
                        uint8_t       * derived_key,          size_t derived_key_length,
@@ -129,8 +132,8 @@ hal_error_t hal_pbkdf2(const hal_hash_descriptor_t * const descriptor,
      * This seeds the result, and constitutes iteration one.
      */
 
-    if ((err = do_hmac(descriptor, password, password_length, salt, salt_length,
-                       block, mac, sizeof(mac))) != HAL_OK)
+    if ((err = do_hmac(core, descriptor, password, password_length,
+                       salt, salt_length, block, mac, sizeof(mac))) != HAL_OK)
       return err;
 
     memcpy(result, mac, descriptor->digest_length);
@@ -142,7 +145,7 @@ hal_error_t hal_pbkdf2(const hal_hash_descriptor_t * const descriptor,
 
     for (iteration = 2; iteration <= iterations_desired; iteration++) {
 
-      if ((err = do_hmac(descriptor, password, password_length,
+      if ((err = do_hmac(core, descriptor, password, password_length,
                          mac, descriptor->digest_length,
                          0, mac, sizeof(mac))) != HAL_OK)
         return err;
diff --git a/rsa.c b/rsa.c
index 2483509..4ee9930 100644
--- a/rsa.c
+++ b/rsa.c
@@ -71,6 +71,7 @@
 #include <assert.h>
 
 #include "hal.h"
+#include "verilog_constants.h"
 #include <tfm.h>
 #include "asn1_internal.h"
 
@@ -182,13 +183,17 @@ static hal_error_t unpack_fp(const fp_int * const bn, uint8_t *buffer, const siz
  * wrap result back up as a bignum.
  */
 
-static hal_error_t modexp(const fp_int * msg,
+static hal_error_t modexp(const hal_core_t *core,
+                          const fp_int * msg,
                           const fp_int * const exp,
                           const fp_int * const mod,
                           fp_int *res)
 {
   hal_error_t err = HAL_OK;
 
+  if ((err = hal_core_check_name(&core, MODEXPS6_NAME)) != HAL_OK)
+    return err;
+
   assert(msg != NULL && exp != NULL && mod != NULL && res != NULL);
 
   fp_int reduced_msg[1] = INIT_FP_INT;
@@ -210,7 +215,8 @@ static hal_error_t modexp(const fp_int * msg,
   if ((err = unpack_fp(msg, msgbuf, sizeof(msgbuf))) != HAL_OK ||
       (err = unpack_fp(exp, expbuf, sizeof(expbuf))) != HAL_OK ||
       (err = unpack_fp(mod, modbuf, sizeof(modbuf))) != HAL_OK ||
-      (err = hal_modexp(msgbuf, sizeof(msgbuf),
+      (err = hal_modexp(core,
+                        msgbuf, sizeof(msgbuf),
                         expbuf, sizeof(expbuf),
                         modbuf, sizeof(modbuf),
                         resbuf, sizeof(resbuf))) != HAL_OK)
@@ -237,7 +243,7 @@ static hal_error_t modexp(const fp_int * msg,
 
 int fp_exptmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
 {
-  return modexp(a, b, c, d) == HAL_OK ? FP_OKAY : FP_VAL;
+  return modexp(NULL, a, b, c, d) == HAL_OK ? FP_OKAY : FP_VAL;
 }
 
 #else /* HAL_RSA_USE_MODEXP */
@@ -267,21 +273,21 @@ static hal_error_t modexp(const fp_int * const msg,
  * try.  Come back to this if it looks like a bottleneck.
  */
 
-static hal_error_t create_blinding_factors(const hal_rsa_key_t * const key, fp_int *bf, fp_int *ubf)
+static hal_error_t create_blinding_factors(const hal_core_t *core, const hal_rsa_key_t * const key, fp_int *bf, fp_int *ubf)
 {
   assert(key != NULL && bf != NULL && ubf != NULL);
 
   uint8_t rnd[fp_unsigned_bin_size(unconst_fp_int(key->n))];
   hal_error_t err = HAL_OK;
 
-  if ((err = hal_get_random(rnd, sizeof(rnd))) != HAL_OK)
+  if ((err = hal_get_random(NULL, rnd, sizeof(rnd))) != HAL_OK)
     goto fail;
 
   fp_init(bf);
   fp_read_unsigned_bin(bf,  rnd, sizeof(rnd));
   fp_copy(bf, ubf);
 
-  if ((err = modexp(bf, key->e, key->n, bf)) != HAL_OK)
+  if ((err = modexp(core, bf, key->e, key->n, bf)) != HAL_OK)
     goto fail;
 
   FP_CHECK(fp_invmod(ubf, unconst_fp_int(key->n), ubf));
@@ -295,7 +301,7 @@ static hal_error_t create_blinding_factors(const hal_rsa_key_t * const key, fp_i
  * RSA decryption via Chinese Remainder Theorem (Garner's formula).
  */
 
-static hal_error_t rsa_crt(const hal_rsa_key_t * const key, fp_int *msg, fp_int *sig)
+static hal_error_t rsa_crt(const hal_core_t *core, const hal_rsa_key_t * const key, fp_int *msg, fp_int *sig)
 {
   assert(key != NULL && msg != NULL && sig != NULL);
 
@@ -310,7 +316,7 @@ static hal_error_t rsa_crt(const hal_rsa_key_t * const key, fp_int *msg, fp_int
    * Handle blinding if requested.
    */
   if (blinding) {
-    if ((err = create_blinding_factors(key, bf, ubf)) != HAL_OK)
+    if ((err = create_blinding_factors(core, key, bf, ubf)) != HAL_OK)
       goto fail;
     FP_CHECK(fp_mulmod(msg, bf, unconst_fp_int(key->n), msg));
   }
@@ -319,8 +325,8 @@ static hal_error_t rsa_crt(const hal_rsa_key_t * const key, fp_int *msg, fp_int
    * m1 = msg ** dP mod p
    * m2 = msg ** dQ mod q
    */
-  if ((err = modexp(msg, key->dP, key->p, m1)) != HAL_OK ||
-      (err = modexp(msg, key->dQ, key->q, m2)) != HAL_OK)
+  if ((err = modexp(core, msg, key->dP, key->p, m1)) != HAL_OK ||
+      (err = modexp(core, msg, key->dQ, key->q, m2)) != HAL_OK)
     goto fail;
 
   /*
@@ -366,7 +372,8 @@ static hal_error_t rsa_crt(const hal_rsa_key_t * const key, fp_int *msg, fp_int
  * to the caller.
  */
 
-hal_error_t hal_rsa_encrypt(const hal_rsa_key_t * const key,
+hal_error_t hal_rsa_encrypt(const hal_core_t *core,
+                            const hal_rsa_key_t * const key,
                             const uint8_t * const input,  const size_t input_len,
                             uint8_t * output, const size_t output_len)
 {
@@ -380,7 +387,7 @@ hal_error_t hal_rsa_encrypt(const hal_rsa_key_t * const key,
 
   fp_read_unsigned_bin(i, unconst_uint8_t(input), input_len);
 
-  if ((err = modexp(i, key->e, key->n, o)) != HAL_OK ||
+  if ((err = modexp(core, i, key->e, key->n, o)) != HAL_OK ||
       (err = unpack_fp(o, output, output_len))   != HAL_OK)
     goto fail;
 
@@ -390,7 +397,8 @@ hal_error_t hal_rsa_encrypt(const hal_rsa_key_t * const key,
   return err;
 }
 
-hal_error_t hal_rsa_decrypt(const hal_rsa_key_t * const key,
+hal_error_t hal_rsa_decrypt(const hal_core_t *core,
+                            const hal_rsa_key_t * const key,
                             const uint8_t * const input,  const size_t input_len,
                             uint8_t * output, const size_t output_len)
 {
@@ -410,9 +418,9 @@ hal_error_t hal_rsa_decrypt(const hal_rsa_key_t * const key,
    */
 
   if (fp_iszero(key->p) || fp_iszero(key->q) || fp_iszero(key->u) || fp_iszero(key->dP) || fp_iszero(key->dQ))
-    err = modexp(i, key->d, key->n, o);
+    err = modexp(core, i, key->d, key->n, o);
   else
-    err = rsa_crt(key, i, o);
+    err = rsa_crt(core, key, i, o);
 
   if (err != HAL_OK || (err = unpack_fp(o, output, output_len)) != HAL_OK)
     goto fail;
@@ -583,7 +591,7 @@ static hal_error_t find_prime(const unsigned prime_length,
   fp_int t[1] = INIT_FP_INT;
 
   do {
-    if ((err = hal_get_random(buffer, sizeof(buffer))) != HAL_OK)
+    if ((err = hal_get_random(NULL, buffer, sizeof(buffer))) != HAL_OK)
       return err;
     buffer[0                 ] |= 0xc0;
     buffer[sizeof(buffer) - 1] |= 0x01;
@@ -600,7 +608,8 @@ static hal_error_t find_prime(const unsigned prime_length,
  * Generate a new RSA keypair.
  */
 
-hal_error_t hal_rsa_key_gen(hal_rsa_key_t **key_,
+hal_error_t hal_rsa_key_gen(const hal_core_t *core,
+                            hal_rsa_key_t **key_,
                             void *keybuf, const size_t keybuf_len,
                             const unsigned key_length,
                             const uint8_t * const public_exponent, const size_t public_exponent_len)
diff --git a/tests/test-aes-key-wrap.c b/tests/test-aes-key-wrap.c
index f8467ec..3e9b10d 100644
--- a/tests/test-aes-key-wrap.c
+++ b/tests/test-aes-key-wrap.c
@@ -108,7 +108,8 @@ static const char *format_hex(const uint8_t *bin, const size_t len, char *hex, c
   return hex;
 }
 
-static int run_test(const uint8_t * const K, const size_t K_len,
+static int run_test(const hal_core_t *core,
+                    const uint8_t * const K, const size_t K_len,
                     const uint8_t * const C, const size_t C_len)
 {
   const size_t Q_len = sizeof(Q);
@@ -123,7 +124,7 @@ static int run_test(const uint8_t * const K, const size_t K_len,
    */
 
   printf("Wrapping with %lu-bit KEK...\n", (unsigned long) K_len * 8);
-  if ((err = hal_aes_keywrap(K, K_len, Q, Q_len, c, &c_len)) != HAL_OK) {
+  if ((err = hal_aes_keywrap(core, K, K_len, Q, Q_len, c, &c_len)) != HAL_OK) {
     printf("Couldn't wrap with %lu-bit KEK: %s\n",
            (unsigned long) K_len * 8, hal_error_string(err));
     ok1 = 0;
@@ -143,7 +144,7 @@ static int run_test(const uint8_t * const K, const size_t K_len,
    */
 
   printf("Unwrapping with %lu-bit KEK...\n", (unsigned long) K_len * 8);
-  if ((err = hal_aes_keyunwrap(K, K_len, C, C_len, q, &q_len)) != HAL_OK) {
+  if ((err = hal_aes_keyunwrap(core, K, K_len, C, C_len, q, &q_len)) != HAL_OK) {
     printf("Couldn't unwrap with %lu-bit KEK: %s\n",
            (unsigned long) K_len * 8, hal_error_string(err));
     ok2 = 0;
@@ -166,15 +167,18 @@ int main (int argc, char *argv[])
   int failures = 0;
 
   printf("Testing whether AES core reports present...");
-  if (hal_io_expected(AES_ADDR_NAME0, (const uint8_t *) (AES_CORE_NAME0 AES_CORE_NAME1), 8) != HAL_OK) {
+
+  const hal_core_t *core = hal_core_find(AES_CORE_NAME, NULL);
+
+  if (core == NULL) {
     printf("no, skipping keywrap tests\n");
   }
 
   else {
     printf("yes\n");
-    if (!run_test(K_128, sizeof(K_128), C_128, sizeof(C_128)))
+    if (!run_test(core, K_128, sizeof(K_128), C_128, sizeof(C_128)))
       failures++;
-    if (!run_test(K_256, sizeof(K_256), C_256, sizeof(C_256)))
+    if (!run_test(core, K_256, sizeof(K_256), C_256, sizeof(C_256)))
       failures++;
   }
 
diff --git a/tests/test-ecdsa.c b/tests/test-ecdsa.c
index 558120b..e940498 100644
--- a/tests/test-ecdsa.c
+++ b/tests/test-ecdsa.c
@@ -113,7 +113,7 @@ static int test_against_static_vectors(const ecdsa_tc_t * const tc)
   uint8_t keybuf1[hal_ecdsa_key_t_size];
   hal_ecdsa_key_t *key1 = NULL;
 
-  if ((err = hal_ecdsa_key_gen(&key1, keybuf1, sizeof(keybuf1), tc->curve)) != HAL_OK)
+  if ((err = hal_ecdsa_key_gen(NULL, &key1, keybuf1, sizeof(keybuf1), tc->curve)) != HAL_OK)
     return printf("hal_ecdsa_key_gen() failed: %s\n", hal_error_string(err)), 0;
 
   uint8_t Qx[tc->Qx_len], Qy[tc->Qy_len];
@@ -151,13 +151,13 @@ static int test_against_static_vectors(const ecdsa_tc_t * const tc)
   uint8_t sig[tc->sig_len + 4];
   size_t  sig_len;
 
-  if ((err = hal_ecdsa_sign(key1, tc->H, tc->H_len, sig, &sig_len, sizeof(sig), HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
+  if ((err = hal_ecdsa_sign(NULL, key1, tc->H, tc->H_len, sig, &sig_len, sizeof(sig), HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
     return printf("hal_ecdsa_sign() failed: %s\n", hal_error_string(err)), 0;
 
   if (sig_len != tc->sig_len || memcmp(sig, tc->sig, tc->sig_len) != 0)
     return printf("Signature mismatch\n"), 0;
 
-  if ((err = hal_ecdsa_verify(key2, tc->H, tc->H_len, sig, sig_len, HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
+  if ((err = hal_ecdsa_verify(NULL, key2, tc->H, tc->H_len, sig, sig_len, HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
     return printf("hal_ecdsa_verify(private) failed: %s\n", hal_error_string(err)), 0;
 
   hal_ecdsa_key_clear(key2);
@@ -177,7 +177,7 @@ static int test_against_static_vectors(const ecdsa_tc_t * const tc)
                                        tc->Qx, tc->Qx_len, tc->Qy, tc->Qy_len)) != HAL_OK)
     return printf("hal_ecdsa_load_public() failed: %s\n", hal_error_string(err)), 0;
 
-  if ((err = hal_ecdsa_verify(key2, tc->H, tc->H_len, sig, sig_len, HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
+  if ((err = hal_ecdsa_verify(NULL, key2, tc->H, tc->H_len, sig, sig_len, HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
     return printf("hal_ecdsa_verify(public) failed: %s\n", hal_error_string(err)), 0;
 
   uint8_t point[hal_ecdsa_key_to_ecpoint_len(key1)];
@@ -236,7 +236,7 @@ static int test_keygen_sign_verify(const hal_ecdsa_curve_t curve)
 
   printf("Generating key\n");
 
-  if ((err =  hal_ecdsa_key_gen(&key, keybuf, sizeof(keybuf), curve)) != HAL_OK)
+  if ((err =  hal_ecdsa_key_gen(NULL, &key, keybuf, sizeof(keybuf), curve)) != HAL_OK)
     return printf("hal_ecdsa_key_gen() failed: %s\n", hal_error_string(err)), 0;
 
   printf("Generating digest\n");
@@ -248,7 +248,7 @@ static int test_keygen_sign_verify(const hal_ecdsa_curve_t curve)
     uint8_t statebuf[hash_descriptor->hash_state_length];
     hal_hash_state_t *state = NULL;
 
-    if ((err = hal_hash_initialize(hash_descriptor, &state, statebuf, sizeof(statebuf))) != HAL_OK ||
+    if ((err = hal_hash_initialize(NULL, hash_descriptor, &state, statebuf, sizeof(statebuf))) != HAL_OK ||
         (err = hal_hash_update(state, plaintext, strlen((const char *) plaintext))) != HAL_OK ||
         (err = hal_hash_finalize(state, hashbuf, sizeof(hashbuf))) != HAL_OK)
       return printf("Couldn't hash plaintext: %s\n", hal_error_string(err)), 0;
@@ -263,13 +263,13 @@ static int test_keygen_sign_verify(const hal_ecdsa_curve_t curve)
 
   printf("Signing\n");
 
-  if ((err = hal_ecdsa_sign(key, hashbuf, sizeof(hashbuf),
+  if ((err = hal_ecdsa_sign(NULL, key, hashbuf, sizeof(hashbuf),
                             sigbuf, &siglen, sizeof(sigbuf), HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
     return printf("hal_ecdsa_sign() failed: %s\n", hal_error_string(err)), 0;
 
   printf("Verifying\n");
 
-  if ((err = hal_ecdsa_verify(key, hashbuf, sizeof(hashbuf),
+  if ((err = hal_ecdsa_verify(NULL, key, hashbuf, sizeof(hashbuf),
                               sigbuf, siglen, HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
     return printf("hal_ecdsa_verify() failed: %s\n", hal_error_string(err)), 0;
 
@@ -306,22 +306,24 @@ static void _time_check(const struct timeval t0, const int ok)
   } while (0)
 
 
-int main(int argc, char *argv[])
+static void show_core(const hal_core_t *core, const char *whinge)
 {
-  uint8_t name[8], version[4];
-  hal_error_t err;
-
-  /*
-   * Initialize EIM and report what core we're running.
-   */
+  const hal_core_info_t *core_info = hal_core_info(core);
+  if (core_info != NULL)
+    printf("\"%8.8s\"  \"%4.4s\"\n", core_info->name, core_info->version);
+  else if (whinge != NULL)
+    printf("%s core not present\n", whinge);
+}
 
-  if ((err = hal_io_read(CSPRNG_ADDR_NAME0,   name,    sizeof(name)))    != HAL_OK ||
-      (err = hal_io_read(CSPRNG_ADDR_VERSION, version, sizeof(version))) != HAL_OK) {
-    printf("Initialization failed: %s\n", hal_error_string(err));
-    return 1;
-  }
+int main(int argc, char *argv[])
+{
+  const hal_core_t *sha256_core = hal_core_find(SHA256_NAME, NULL);
+  const hal_core_t *sha512_core = hal_core_find(SHA512_NAME, NULL);
+  const hal_core_t *csprng_core = hal_core_find(CSPRNG_NAME, NULL);
 
-  printf("\"%8.8s\"  \"%4.4s\"\n\n", name, version);
+  show_core(sha256_core, "sha-256");
+  show_core(sha512_core, "sha-512");
+  show_core(csprng_core, "csprng");
 
   int ok = 1;
 
@@ -334,9 +336,15 @@ int main(int argc, char *argv[])
   /*
    * Generate/sign/verify test for each curve.
    */
-  time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P256));
-  time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P384));
-  time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P521));
+
+  if (csprng_core != NULL && sha256_core != NULL) {
+    time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P256));
+  }
+
+  if (csprng_core != NULL && sha512_core != NULL) {
+    time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P384));
+    time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P521));
+  }
 
   return !ok;
 }
diff --git a/tests/test-hash.c b/tests/test-hash.c
index 144b1b9..b6001e0 100644
--- a/tests/test-hash.c
+++ b/tests/test-hash.c
@@ -542,23 +542,14 @@ static int _test_hash(const hal_hash_descriptor_t * const descriptor,
 
   printf("Starting %s test\n", label);
 
-  err = hal_hash_core_present(descriptor);
+  const hal_core_t *core = hal_core_find(descriptor->core_name, NULL);
 
-  switch (err) {
-
-  case HAL_OK:
-    break;
-
-  case HAL_ERROR_IO_UNEXPECTED:
-    printf("Core not present, skipping test\n");
+  if (core == NULL) {
+    printf("Core not found, skipping test\n");
     return 1;
-
-  default:
-    printf("Failed while checking for core: %s\n", hal_error_string(err));
-    return 0;
   }
 
-  if ((err = hal_hash_initialize(descriptor, &state, statebuf, sizeof(statebuf))) != HAL_OK) {
+  if ((err = hal_hash_initialize(core, descriptor, &state, statebuf, sizeof(statebuf))) != HAL_OK) {
     printf("Failed while initializing hash: %s\n", hal_error_string(err));
     return 0;
   }
@@ -606,23 +597,14 @@ static int _test_hmac(const hal_hash_descriptor_t * const descriptor,
 
   printf("Starting %s test\n", label);
 
-  err = hal_hash_core_present(descriptor);
+  const hal_core_t *core = hal_core_find(descriptor->core_name, NULL);
 
-  switch (err) {
-
-  case HAL_OK:
-    break;
-
-  case HAL_ERROR_IO_UNEXPECTED:
-    printf("Core not present, skipping test\n");
+  if (core == NULL) {
+    printf("Core not found, skipping test\n");
     return 1;
-
-  default:
-    printf("Failed while checking for core: %s\n", hal_error_string(err));
-    return 0;
   }
 
-  if ((err = hal_hmac_initialize(descriptor, &state, statebuf, sizeof(statebuf), key, key_len)) != HAL_OK) {
+  if ((err = hal_hmac_initialize(core, descriptor, &state, statebuf, sizeof(statebuf), key, key_len)) != HAL_OK) {
     printf("Failed while initializing HMAC: %s\n", hal_error_string(err));
     return 0;
   }
diff --git a/tests/test-pbkdf2.c b/tests/test-pbkdf2.c
index 0688226..744ca47 100644
--- a/tests/test-pbkdf2.c
+++ b/tests/test-pbkdf2.c
@@ -158,7 +158,8 @@ static void print_hex(const uint8_t * const val, const size_t len)
     printf(" %02x", val[i]);
 }
 
-static int _test_pbkdf2(const uint8_t * const pwd,  const size_t pwd_len,
+static int _test_pbkdf2(const hal_core_t *core,
+                        const uint8_t * const pwd,  const size_t pwd_len,
                         const uint8_t * const salt, const size_t salt_len,
                         const uint8_t * const dk,   const size_t dk_len,
                         const unsigned count, const char * const label)
@@ -167,7 +168,7 @@ static int _test_pbkdf2(const uint8_t * const pwd,  const size_t pwd_len,
 
   uint8_t result[dk_len];
 
-  hal_error_t err = hal_pbkdf2(hal_hash_sha1, pwd, pwd_len, salt, salt_len,
+  hal_error_t err = hal_pbkdf2(core, hal_hash_sha1, pwd, pwd_len, salt, salt_len,
                                result, dk_len, count);
 
   if (err != HAL_OK) {
@@ -193,35 +194,27 @@ static int _test_pbkdf2(const uint8_t * const pwd,  const size_t pwd_len,
 }
 
 #define test_pbkdf2(_n_) \
-  _test_pbkdf2(pbkdf2_tc_##_n_##_password, sizeof(pbkdf2_tc_##_n_##_password),  \
+  _test_pbkdf2(core,                                                            \
+               pbkdf2_tc_##_n_##_password, sizeof(pbkdf2_tc_##_n_##_password),  \
                pbkdf2_tc_##_n_##_salt,     sizeof(pbkdf2_tc_##_n_##_salt),      \
                pbkdf2_tc_##_n_##_DK,       sizeof(pbkdf2_tc_##_n_##_DK),        \
                pbkdf2_tc_##_n_##_count,    #_n_)
 
 int main (int argc, char *argv[])
 {
-  hal_error_t err = hal_hash_core_present(hal_hash_sha1);
+  const hal_core_t *core = hal_core_find(SHA1_NAME, NULL);
   int ok = 1;
 
-  switch (err) {
+  if (core == NULL)
+    printf("SHA-1 core not present, not testing PBKDF2\n");
 
-  case HAL_OK:
+  else {
     ok &= test_pbkdf2(1);
     ok &= test_pbkdf2(2);
     ok &= test_pbkdf2(3);
     ok &= test_pbkdf2(4);
     ok &= test_pbkdf2(5);
     ok &= test_pbkdf2(6);
-    break;
-
-  case HAL_ERROR_IO_UNEXPECTED:
-    printf("SHA-1 core not present, not testing PBKDF2\n");
-    break;
-
-  default:
-    printf("Unexpected error while probing for hash core: %s\n", hal_error_string(err));
-    ok = 0;
-    break;
   }
 
     return !ok;
diff --git a/tests/test-rsa.c b/tests/test-rsa.c
index 46afa03..c6bf97a 100644
--- a/tests/test-rsa.c
+++ b/tests/test-rsa.c
@@ -55,7 +55,8 @@
  * Run one modexp test.
  */
 
-static int test_modexp(const char * const kind,
+static int test_modexp(const hal_core_t *core,
+                       const char * const kind,
                        const rsa_tc_t * const tc,
                        const rsa_tc_bn_t * const msg, /* Input message */
                        const rsa_tc_bn_t * const exp, /* Exponent */
@@ -65,7 +66,7 @@ static int test_modexp(const char * const kind,
 
   printf("%s test for %lu-bit RSA key\n", kind, (unsigned long) tc->size);
 
-  if (hal_modexp(msg->val, msg->len, exp->val, exp->len,
+  if (hal_modexp(core, msg->val, msg->len, exp->val, exp->len,
                  tc->n.val, tc->n.len, result, sizeof(result)) != HAL_OK) {
     printf("ModExp failed\n");
     return 0;
@@ -83,7 +84,9 @@ static int test_modexp(const char * const kind,
  * Run one RSA CRT test.
  */
 
-static int test_decrypt(const char * const kind, const rsa_tc_t * const tc)
+static int test_decrypt(const hal_core_t *core,
+                        const char * const kind,
+                        const rsa_tc_t * const tc)
 {
   printf("%s test for %lu-bit RSA key\n", kind, (unsigned long) tc->size);
 
@@ -107,7 +110,7 @@ static int test_decrypt(const char * const kind, const rsa_tc_t * const tc)
 
   uint8_t result[tc->n.len];
 
-  if ((err = hal_rsa_decrypt(key, tc->m.val, tc->m.len, result, sizeof(result))) != HAL_OK)
+  if ((err = hal_rsa_decrypt(core, key, tc->m.val, tc->m.len, result, sizeof(result))) != HAL_OK)
     printf("RSA CRT failed: %s\n", hal_error_string(err));
 
   const int mismatch = (err == HAL_OK && memcmp(result, tc->s.val, tc->s.len) != 0);
@@ -124,7 +127,9 @@ static int test_decrypt(const char * const kind, const rsa_tc_t * const tc)
  * Run one RSA key generation + CRT test.
  */
 
-static int test_gen(const char * const kind, const rsa_tc_t * const tc)
+static int test_gen(const hal_core_t *core,
+                    const char * const kind,
+                    const rsa_tc_t * const tc)
 {
   printf("%s test for %lu-bit RSA key\n", kind, (unsigned long) tc->size);
 
@@ -136,7 +141,7 @@ static int test_gen(const char * const kind, const rsa_tc_t * const tc)
 
   const uint8_t f4[] = { 0x01, 0x00, 0x01 };
 
-  if ((err = hal_rsa_key_gen(&key1, keybuf1, sizeof(keybuf1), bitsToBytes(tc->size), f4, sizeof(f4))) != HAL_OK) {
+  if ((err = hal_rsa_key_gen(core, &key1, keybuf1, sizeof(keybuf1), bitsToBytes(tc->size), f4, sizeof(f4))) != HAL_OK) {
     printf("RSA key generation failed: %s\n", hal_error_string(err));
     return 0;
   }
@@ -185,7 +190,7 @@ static int test_gen(const char * const kind, const rsa_tc_t * const tc)
 
   uint8_t result[tc->n.len];
 
-  if ((err = hal_rsa_decrypt(key1, tc->m.val, tc->m.len, result, sizeof(result))) != HAL_OK)
+  if ((err = hal_rsa_decrypt(core, key1, tc->m.val, tc->m.len, result, sizeof(result))) != HAL_OK)
     printf("RSA CRT failed: %s\n", hal_error_string(err));
 
   snprintf(fn, sizeof(fn), "test-rsa-sig-%04lu.der", (unsigned long) tc->size);
@@ -209,7 +214,7 @@ static int test_gen(const char * const kind, const rsa_tc_t * const tc)
   if (err != HAL_OK)            /* Deferred failure from hal_rsa_decrypt(), above */
     return 0;
 
-  if ((err = hal_rsa_encrypt(key1, result, sizeof(result), result, sizeof(result))) != HAL_OK)
+  if ((err = hal_rsa_encrypt(core, key1, result, sizeof(result), result, sizeof(result))) != HAL_OK)
     printf("RSA signature check failed: %s\n", hal_error_string(err));
 
   const int mismatch = (err == HAL_OK && memcmp(result, tc->m.val, tc->m.len) != 0);
@@ -258,42 +263,32 @@ static void _time_check(const struct timeval t0, const int ok)
  * and try generating a signature with that.
  */
 
-static int test_rsa(const rsa_tc_t * const tc)
+static int test_rsa(const hal_core_t *core, const rsa_tc_t * const tc)
 {
   int ok = 1;
 
   /* RSA encryption */
-  time_check(test_modexp("Verification", tc, &tc->s, &tc->e, &tc->m));
+  time_check(test_modexp(core, "Verification", tc, &tc->s, &tc->e, &tc->m));
 
   /* Brute force RSA decryption */
-  time_check(test_modexp("Signature (ModExp)", tc, &tc->m, &tc->d, &tc->s));
+  time_check(test_modexp(core, "Signature (ModExp)", tc, &tc->m, &tc->d, &tc->s));
 
   /* RSA decyrption using CRT */
-  time_check(test_decrypt("Signature (CRT)", tc));
+  time_check(test_decrypt(core, "Signature (CRT)", tc));
 
   /* Key generation and CRT -- not test vector, so writes key and sig to file */
-  time_check(test_gen("Generation and CRT", tc));
+  time_check(test_gen(core, "Generation and CRT", tc));
 
   return ok;
 }
 
 int main(int argc, char *argv[])
 {
-  uint8_t name[8], version[4];
-  hal_error_t err;
-  int i;
+  const hal_core_t *core = hal_core_find(MODEXPS6_NAME, NULL);
+  const hal_core_info_t *core_info = hal_core_info(core);
 
-  /*
-   * Initialize EIM and report what core we're running.
-   */
-
-  if ((err = hal_io_read(MODEXPS6_ADDR_NAME0,   name,    sizeof(name)))    != HAL_OK ||
-      (err = hal_io_read(MODEXPS6_ADDR_VERSION, version, sizeof(version))) != HAL_OK) {
-    printf("Initialization failed: %s\n", hal_error_string(err));
-    return 1;
-  }
-
-  printf("\"%8.8s\"  \"%4.4s\"\n\n", name, version);
+  if (core_info != NULL)
+    printf("\"%8.8s\"  \"%4.4s\"\n\n", core_info->name, core_info->version);
 
   /*
    * Run the test cases.
@@ -303,8 +298,8 @@ int main(int argc, char *argv[])
 
   /* Normal test */
 
-  for (i = 0; i < (sizeof(rsa_tc)/sizeof(*rsa_tc)); i++)
-    if (!test_rsa(&rsa_tc[i]))
+  for (int i = 0; i < (sizeof(rsa_tc)/sizeof(*rsa_tc)); i++)
+    if (!test_rsa(core, &rsa_tc[i]))
       return 1;
 
   return 0;
diff --git a/verilog_constants.h b/verilog_constants.h
new file mode 100644
index 0000000..2f04ca5
--- /dev/null
+++ b/verilog_constants.h
@@ -0,0 +1,241 @@
+/*
+ * addrs.h
+ * -------
+ * Magic constants which must match Verilog code, mostly bus addresses.
+ *
+ * In the long run, this should be generated by a script which pulls
+ * these numbers out of the Verilog source code.  For the moment, it's
+ * hand-edited.
+ *
+ * Authors: Joachim Strombergson, Paul Selkirk, Rob Austein
+ * Copyright (c) 2015, NORDUnet A/S All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ * - Redistributions of source code must retain the above copyright notice,
+ *   this list of conditions and the following disclaimer.
+ *
+ * - Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *
+ * - Neither the name of the NORDUnet nor the names of its contributors may
+ *   be used to endorse or promote products derived from this software
+ *   without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _VERILOG_CONSTANTS_H_
+#define _VERILOG_CONSTANTS_H_
+
+/*
+ * Common to all (well, almost all) cores.
+ */
+#define ADDR_NAME0              (0x00)
+#define ADDR_NAME1              (0x01)
+#define ADDR_VERSION            (0x02)
+#define ADDR_CTRL               (0x08)
+#define CTRL_INIT               (1)
+#define CTRL_NEXT               (2)
+#define ADDR_STATUS             (0x09)
+#define STATUS_READY            (1)
+#define STATUS_VALID            (2)
+
+/*
+ * Hash cores.
+ */
+
+#define SHA1_ADDR_BLOCK         (0x10)
+#define SHA1_ADDR_DIGEST        (0x20)
+#define SHA1_BLOCK_LEN          bitsToBytes(512)
+#define SHA1_LENGTH_LEN         bitsToBytes(64)
+#define SHA1_DIGEST_LEN         bitsToBytes(160)
+
+#define SHA256_ADDR_BLOCK       (0x10)
+#define SHA256_ADDR_DIGEST      (0x20)
+#define SHA256_BLOCK_LEN        bitsToBytes(512)
+#define SHA256_LENGTH_LEN       bitsToBytes(64)
+#define SHA256_DIGEST_LEN       bitsToBytes(256)
+
+#define SHA512_ADDR_BLOCK       (0x10)
+#define SHA512_ADDR_DIGEST      (0x40)
+#define SHA512_BLOCK_LEN        bitsToBytes(1024)
+#define SHA512_LENGTH_LEN       bitsToBytes(128)
+#define SHA512_224_DIGEST_LEN   bitsToBytes(224)
+#define SHA512_256_DIGEST_LEN   bitsToBytes(256)
+#define SHA384_DIGEST_LEN       bitsToBytes(384)
+#define SHA512_DIGEST_LEN       bitsToBytes(512)
+#define MODE_SHA_512_224        (0 << 2)
+#define MODE_SHA_512_256        (1 << 2)
+#define MODE_SHA_384            (2 << 2)
+#define MODE_SHA_512            (3 << 2)
+
+/*
+ * RNG cores.
+ *
+ * For some reason, the RNG cores use different locations for their
+ * control and status words.  Maybe this will get fixed.  Fortunately,
+ * at the moment, we don't really care, because we never send any
+ * control bits or read any status bits from any of those cores.
+ */
+
+#define TRNG_ADDR_CTRL          (0x10)
+#define TRNG_CTRL_DISCARD       (1)
+#define TRNG_CTRL_TEST_MODE     (2)
+#define TRNG_ADDR_STATUS        (0x11)
+					/* No status bits defined (yet) */
+#define TRNG_ADDR_DELAY         (0x13)
+
+#define ENTROPY1_ADDR_CTRL      (0x10)
+#define ENTROPY1_CTRL_ENABLE    (1)
+#define ENTROPY1_ADDR_STATUS    (0x11)
+#define ENTROPY1_STATUS_VALID   (1)
+#define ENTROPY1_ADDR_ENTROPY   (0x20)
+#define ENTROPY1_ADDR_DELTA     (0x30)
+
+#define ENTROPY2_ADDR_CTRL      (0x10)
+#define ENTROPY2_CTRL_ENABLE    (1)
+#define ENTROPY2_ADDR_STATUS    (0x11)
+#define ENTROPY2_STATUS_VALID   (1)
+#define ENTROPY2_ADDR_OPA       (0x18)
+#define ENTROPY2_ADDR_OPB       (0x19)
+#define ENTROPY2_ADDR_ENTROPY   (0x20)
+#define ENTROPY2_ADDR_RAW       (0x21)
+#define ENTROPY2_ADDR_ROSC      (0x22)
+
+#define MIXER_ADDR_CTRL         (0x10)
+#define MIXER_CTRL_ENABLE       (1)
+#define MIXER_CTRL_RESTART      (2)
+#define MIXER_ADDR_STATUS       (0x11)
+/* No status bits defined (yet) */
+#define MIXER_ADDR_TIMEOUT      (0x20)
+
+
+#define CSPRNG_CTRL_ENABLE      (1)
+#define CSPRNG_CTRL_SEED        (2)
+#define CSPRNG_STATUS_VALID     (1)
+#define CSPRNG_ADDR_RANDOM      (0x20)
+#define CSPRNG_ADDR_NROUNDS     (0x40)
+#define CSPRNG_ADDR_NBLOCKS_LO  (0x41)
+#define CSPRNG_ADDR_NBLOCKS_HI  (0x42)
+
+/*
+ * Cipher cores.
+ */
+
+#define AES_ADDR_CONFIG         (0x0a)
+#define AES_CONFIG_ENCDEC       (1)
+#define AES_CONFIG_KEYLEN       (2)
+
+#define AES_ADDR_KEY0           (0x10)
+#define AES_ADDR_KEY1           (0x11)
+#define AES_ADDR_KEY2           (0x12)
+#define AES_ADDR_KEY3           (0x13)
+#define AES_ADDR_KEY4           (0x14)
+#define AES_ADDR_KEY5           (0x15)
+#define AES_ADDR_KEY6           (0x16)
+#define AES_ADDR_KEY7           (0x17)
+
+#define AES_ADDR_BLOCK0         (0x20)
+#define AES_ADDR_BLOCK1         (0x21)
+#define AES_ADDR_BLOCK2         (0x22)
+#define AES_ADDR_BLOCK3         (0x23)
+
+#define AES_ADDR_RESULT0        (0x30)
+#define AES_ADDR_RESULT1        (0x31)
+#define AES_ADDR_RESULT2        (0x32)
+#define AES_ADDR_RESULT3        (0x33)
+
+/* Chacha core */
+
+#define CHACHA_ADDR_KEYLEN      (0x0a)
+#define CHACHA_KEYLEN           (1)
+
+#define CHACHA_ADDR_ROUNDS      (0x0b)
+
+#define CHACHA_ADDR_KEY0        (0x10)
+#define CHACHA_ADDR_KEY1        (0x11)
+#define CHACHA_ADDR_KEY2        (0x12)
+#define CHACHA_ADDR_KEY3        (0x13)
+#define CHACHA_ADDR_KEY4        (0x14)
+#define CHACHA_ADDR_KEY5        (0x15)
+#define CHACHA_ADDR_KEY6        (0x16)
+#define CHACHA_ADDR_KEY7        (0x17)
+
+#define CHACHA_ADDR_IV0         (0x20)
+#define CHACHA_ADDR_IV1         (0x21)
+
+#define CHACHA_ADDR_DATA_IN0    (0x40)
+#define CHACHA_ADDR_DATA_IN1    (0x41)
+#define CHACHA_ADDR_DATA_IN2    (0x42)
+#define CHACHA_ADDR_DATA_IN3    (0x43)
+#define CHACHA_ADDR_DATA_IN4    (0x44)
+#define CHACHA_ADDR_DATA_IN5    (0x45)
+#define CHACHA_ADDR_DATA_IN6    (0x46)
+#define CHACHA_ADDR_DATA_IN7    (0x47)
+#define CHACHA_ADDR_DATA_IN8    (0x48)
+#define CHACHA_ADDR_DATA_IN9    (0x49)
+#define CHACHA_ADDR_DATA_IN10   (0x4a)
+#define CHACHA_ADDR_DATA_IN11   (0x4b)
+#define CHACHA_ADDR_DATA_IN12   (0x4c)
+#define CHACHA_ADDR_DATA_IN13   (0x4d)
+#define CHACHA_ADDR_DATA_IN14   (0x4e)
+#define CHACHA_ADDR_DATA_IN15   (0x4f)
+
+#define CHACHA_ADDR_DATA_OUT0   (0x80)
+#define CHACHA_ADDR_DATA_OUT1   (0x81)
+#define CHACHA_ADDR_DATA_OUT2   (0x82)
+#define CHACHA_ADDR_DATA_OUT3   (0x83)
+#define CHACHA_ADDR_DATA_OUT4   (0x84)
+#define CHACHA_ADDR_DATA_OUT5   (0x85)
+#define CHACHA_ADDR_DATA_OUT6   (0x86)
+#define CHACHA_ADDR_DATA_OUT7   (0x87)
+#define CHACHA_ADDR_DATA_OUT8   (0x88)
+#define CHACHA_ADDR_DATA_OUT9   (0x89)
+#define CHACHA_ADDR_DATA_OUT10  (0x8a)
+#define CHACHA_ADDR_DATA_OUT11  (0x8b)
+#define CHACHA_ADDR_DATA_OUT12  (0x8c)
+#define CHACHA_ADDR_DATA_OUT13  (0x8d)
+#define CHACHA_ADDR_DATA_OUT14  (0x8e)
+#define CHACHA_ADDR_DATA_OUT15  (0x8f)
+
+/*
+ * Math cores.
+ */
+
+/*
+ * ModExpS6 core.  MODEXPS6_OPERAND_BITS is size in bits of largest
+ * supported modulus.
+ */
+
+#define MODEXPS6_OPERAND_BITS           (4096)
+#define MODEXPS6_OPERAND_WORDS          (MODEXPS6_OPERAND_BITS / 32)
+#define MODEXPS6_ADDR_REGISTERS         (0 * MODEXPS6_OPERAND_WORDS)
+#define MODEXPS6_ADDR_OPERANDS          (4 * MODEXPS6_OPERAND_WORDS)
+#define MODEXPS6_ADDR_MODE              (MODEXPS6_ADDR_REGISTERS + 0x10)
+#define MODEXPS6_ADDR_MODULUS_WIDTH     (MODEXPS6_ADDR_REGISTERS + 0x11)
+#define MODEXPS6_ADDR_EXPONENT_WIDTH    (MODEXPS6_ADDR_REGISTERS + 0x12)
+#define MODEXPS6_ADDR_MODULUS           (MODEXPS6_ADDR_OPERANDS + 0 * MODEXPS6_OPERAND_WORDS)
+#define MODEXPS6_ADDR_MESSAGE           (MODEXPS6_ADDR_OPERANDS + 1 * MODEXPS6_OPERAND_WORDS)
+#define MODEXPS6_ADDR_EXPONENT          (MODEXPS6_ADDR_OPERANDS + 2 * MODEXPS6_OPERAND_WORDS)
+#define MODEXPS6_ADDR_RESULT            (MODEXPS6_ADDR_OPERANDS + 3 * MODEXPS6_OPERAND_WORDS)
+
+#endif /* _VERILOG_CONSTANTS_H_ */
+
+/*
+ * Local variables:
+ * indent-tabs-mode: nil
+ * End:
+ */



More information about the Commits mailing list