aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoachim StroĢˆmbergson <joachim@secworks.se>2018-10-18 13:37:03 +0200
committerJoachim StroĢˆmbergson <joachim@secworks.se>2018-10-18 13:37:03 +0200
commit3fec1265673b898cdf0e4e5877eec6f8ff336212 (patch)
treee600c4bf3573b8cb4bd647c1d090bcc86dd8e98e
parent051b5914c988dcf58002817cb09e92bf7992f361 (diff)
(1) Locked down API to ignore read or write requests that could leak info or cause incorrect behaviour during processing. (2) Cleaned up API registers and the API.
Diffstat
-rw-r--r--src/rtl/sha256.v431
-rw-r--r--src/tb/tb_sha256.v8
2 files changed, 68 insertions, 371 deletions
diff --git a/src/rtl/sha256.v b/src/rtl/sha256.v
index 67c8a6b..2ef1a57 100644
--- a/src/rtl/sha256.v
+++ b/src/rtl/sha256.v
@@ -98,7 +98,7 @@ module sha256(
localparam CORE_NAME0 = 32'h73686132; // "sha2"
localparam CORE_NAME1 = 32'h2d323536; // "-256"
- localparam CORE_VERSION = 32'h312e3830; // "1.80"
+ localparam CORE_VERSION = 32'h312e3832; // "1.82"
localparam MODE_SHA_224 = 1'h0;
localparam MODE_SHA_256 = 1'h1;
@@ -109,13 +109,9 @@ module sha256(
//----------------------------------------------------------------
reg init_reg;
reg init_new;
- reg init_we;
- reg init_set;
reg next_reg;
reg next_new;
- reg next_we;
- reg next_set;
reg mode_reg;
reg mode_new;
@@ -123,38 +119,8 @@ module sha256(
reg ready_reg;
- reg [31 : 0] block0_reg;
- reg block0_we;
- reg [31 : 0] block1_reg;
- reg block1_we;
- reg [31 : 0] block2_reg;
- reg block2_we;
- reg [31 : 0] block3_reg;
- reg block3_we;
- reg [31 : 0] block4_reg;
- reg block4_we;
- reg [31 : 0] block5_reg;
- reg block5_we;
- reg [31 : 0] block6_reg;
- reg block6_we;
- reg [31 : 0] block7_reg;
- reg block7_we;
- reg [31 : 0] block8_reg;
- reg block8_we;
- reg [31 : 0] block9_reg;
- reg block9_we;
- reg [31 : 0] block10_reg;
- reg block10_we;
- reg [31 : 0] block11_reg;
- reg block11_we;
- reg [31 : 0] block12_reg;
- reg block12_we;
- reg [31 : 0] block13_reg;
- reg block13_we;
- reg [31 : 0] block14_reg;
- reg block14_we;
- reg [31 : 0] block15_reg;
- reg block15_we;
+ reg [31 : 0] block_reg [0 : 15];
+ reg block_we;
reg [255 : 0] digest_reg;
@@ -164,8 +130,6 @@ module sha256(
//----------------------------------------------------------------
// Wires.
//----------------------------------------------------------------
- wire core_init;
- wire core_next;
wire core_ready;
wire [511 : 0] core_block;
wire [255 : 0] core_digest;
@@ -187,14 +151,10 @@ module sha256(
//----------------------------------------------------------------
// Concurrent connectivity for ports etc.
//----------------------------------------------------------------
- assign core_init = init_reg;
-
- assign core_next = next_reg;
-
- assign core_block = {block0_reg, block1_reg, block2_reg, block3_reg,
- block4_reg, block5_reg, block6_reg, block7_reg,
- block8_reg, block9_reg, block10_reg, block11_reg,
- block12_reg, block13_reg, block14_reg, block15_reg};
+ assign core_block = {block_reg[00], block_reg[01], block_reg[02], block_reg[03],
+ block_reg[04], block_reg[05], block_reg[06], block_reg[07],
+ block_reg[08], block_reg[09], block_reg[10], block_reg[11],
+ block_reg[12], block_reg[13], block_reg[14], block_reg[15]};
assign read_data = tmp_read_data;
assign error = tmp_error;
@@ -207,8 +167,8 @@ module sha256(
.clk(clk),
.reset_n(reset_n),
- .init(core_init),
- .next(core_next),
+ .init(init_reg),
+ .next(next_reg),
.mode(mode_reg),
.block(core_block),
@@ -239,46 +199,27 @@ module sha256(
// asynchronous active low reset.
//----------------------------------------------------------------
always @ (posedge clk or negedge reset_n)
- begin
+ begin : reg_update
+ integer i;
+
if (!reset_n)
begin
- init_reg <= 1'h0;
- next_reg <= 1'h0;
+ for (i = 0 ; i < 16 ; i = i + 1)
+ block_reg[i] <= 32'h0;
+
+ init_reg <= 0;
+ next_reg <= 0;
+ ready_reg <= 0;
mode_reg <= MODE_SHA_256;
- ready_reg <= 1'h0;
digest_reg <= 256'h0;
- digest_valid_reg <= 1'h0;
- block0_reg <= 32'h0;
- block1_reg <= 32'h0;
- block2_reg <= 32'h0;
- block3_reg <= 32'h0;
- block4_reg <= 32'h0;
- block5_reg <= 32'h0;
- block6_reg <= 32'h0;
- block7_reg <= 32'h0;
- block8_reg <= 32'h0;
- block9_reg <= 32'h0;
- block10_reg <= 32'h0;
- block11_reg <= 32'h0;
- block12_reg <= 32'h0;
- block13_reg <= 32'h0;
- block14_reg <= 32'h0;
- block15_reg <= 32'h0;
+ digest_valid_reg <= 0;
end
else
begin
ready_reg <= core_ready;
digest_valid_reg <= core_digest_valid;
-
- if (init_we)
- begin
- init_reg <= init_new;
- end
-
- if (next_we)
- begin
- next_reg <= next_new;
- end
+ init_reg <= init_new;
+ next_reg <= next_new;
if (mode_we)
mode_reg <= mode_new;
@@ -288,127 +229,13 @@ module sha256(
digest_reg <= core_digest;
end
- if (block0_we)
- begin
- block0_reg <= write_data;
- end
-
- if (block1_we)
- begin
- block1_reg <= write_data;
- end
-
- if (block2_we)
- begin
- block2_reg <= write_data;
- end
-
- if (block3_we)
- begin
- block3_reg <= write_data;
- end
-
- if (block4_we)
- begin
- block4_reg <= write_data;
- end
-
- if (block5_we)
- begin
- block5_reg <= write_data;
- end
-
- if (block6_we)
- begin
- block6_reg <= write_data;
- end
-
- if (block7_we)
- begin
- block7_reg <= write_data;
- end
-
- if (block8_we)
- begin
- block8_reg <= write_data;
- end
-
- if (block9_we)
- begin
- block9_reg <= write_data;
- end
-
- if (block10_we)
- begin
- block10_reg <= write_data;
- end
-
- if (block11_we)
- begin
- block11_reg <= write_data;
- end
-
- if (block12_we)
- begin
- block12_reg <= write_data;
- end
-
- if (block13_we)
- begin
- block13_reg <= write_data;
- end
-
- if (block14_we)
- begin
- block14_reg <= write_data;
- end
-
- if (block15_we)
- begin
- block15_reg <= write_data;
- end
-
+ if (block_we)
+ block_reg[address[3 : 0]] <= write_data;
end
end // reg_update
//----------------------------------------------------------------
- // flag_reset
- //
- // Logic to reset init and next flags that has been set.
- //----------------------------------------------------------------
- always @*
- begin : flag_reset
- init_new = 0;
- init_we = 0;
- next_new = 0;
- next_we = 0;
-
- if (init_set)
- begin
- init_new = 1;
- init_we = 1;
- end
- else if (init_reg)
- begin
- init_new = 0;
- init_we = 1;
- end
-
- if (next_set)
- begin
- next_new = 1;
- next_we = 1;
- end
- else if (next_reg)
- begin
- next_new = 0;
- next_we = 1;
- end
- end
-
-
- //----------------------------------------------------------------
// api_logic
//
// Implementation of the api logic. If cs is enabled will either
@@ -416,26 +243,11 @@ module sha256(
//----------------------------------------------------------------
always @*
begin : api_logic
- init_set = 0;
- next_set = 0;
+ init_new = 0;
+ next_new = 0;
mode_new = 0;
mode_we = 0;
- block0_we = 0;
- block1_we = 0;
- block2_we = 0;
- block3_we = 0;
- block4_we = 0;
- block5_we = 0;
- block6_we = 0;
- block7_we = 0;
- block8_we = 0;
- block9_we = 0;
- block10_we = 0;
- block11_we = 0;
- block12_we = 0;
- block13_we = 0;
- block14_we = 0;
- block15_we = 0;
+ block_we = 0;
state0_we = 0;
state1_we = 0;
state2_we = 0;
@@ -444,105 +256,65 @@ module sha256(
state5_we = 0;
state6_we = 0;
state7_we = 0;
-
- tmp_read_data = 32'h00000000;
+ tmp_read_data = 32'h0;
tmp_error = 0;
if (cs)
begin
if (we)
begin
- case (address)
- // Write operations.
- ADDR_CTRL:
- begin
- init_set = write_data[CTRL_INIT_BIT];
- next_set = write_data[CTRL_NEXT_BIT];
- mode_new = write_data[CTRL_MODE_BIT];
- mode_we = 1;
- end
+ if (core_ready)
+ begin
- ADDR_BLOCK0:
- block0_we = 1;
+ if ((address >= ADDR_BLOCK0) && (address <= ADDR_BLOCK15))
+ block_we = 1;
- ADDR_BLOCK1:
- block1_we = 1;
+ case (address)
+ ADDR_CTRL:
+ begin
+ init_new = write_data[CTRL_INIT_BIT];
+ next_new = write_data[CTRL_NEXT_BIT];
+ mode_new = write_data[CTRL_MODE_BIT];
+ mode_we = 1;
+ end
- ADDR_BLOCK2:
- block2_we = 1;
+ ADDR_DIGEST0:
+ state0_we = 1;
- ADDR_BLOCK3:
- block3_we = 1;
+ ADDR_DIGEST1:
+ state1_we = 1;
- ADDR_BLOCK4:
- block4_we = 1;
+ ADDR_DIGEST2:
+ state2_we = 1;
- ADDR_BLOCK5:
- block5_we = 1;
+ ADDR_DIGEST3:
+ state3_we = 1;
- ADDR_BLOCK6:
- block6_we = 1;
+ ADDR_DIGEST4:
+ state4_we = 1;
- ADDR_BLOCK7:
- block7_we = 1;
+ ADDR_DIGEST5:
+ state5_we = 1;
- ADDR_BLOCK8:
- block8_we = 1;
+ ADDR_DIGEST6:
+ state6_we = 1;
- ADDR_BLOCK9:
- block9_we = 1;
+ ADDR_DIGEST7:
+ state7_we = 1;
- ADDR_BLOCK10:
- block10_we = 1;
-
- ADDR_BLOCK11:
- block11_we = 1;
-
- ADDR_BLOCK12:
- block12_we = 1;
-
- ADDR_BLOCK13:
- block13_we = 1;
-
- ADDR_BLOCK14:
- block14_we = 1;
-
- ADDR_BLOCK15:
- block15_we = 1;
-
- ADDR_DIGEST0:
- state0_we = 1;
-
- ADDR_DIGEST1:
- state1_we = 1;
-
- ADDR_DIGEST2:
- state2_we = 1;
-
- ADDR_DIGEST3:
- state3_we = 1;
-
- ADDR_DIGEST4:
- state4_we = 1;
-
- ADDR_DIGEST5:
- state5_we = 1;
-
- ADDR_DIGEST6:
- state6_we = 1;
-
- ADDR_DIGEST7:
- state7_we = 1;
-
- default:
- begin
- tmp_error = 1;
- end
- endcase // case (address)
+ default:
+ begin
+ tmp_error = 1;
+ end
+ endcase // case (address)
+ end // if (core_ready)
end // if (we)
else
begin
+ if ((address >= ADDR_DIGEST0) && (address <= ADDR_DIGEST7))
+ tmp_read_data = digest_reg[(7 - (address - ADDR_DIGEST0)) * 32 +: 32];
+
case (address)
// Read operations.
ADDR_NAME0:
@@ -554,84 +326,9 @@ module sha256(
ADDR_VERSION:
tmp_read_data = CORE_VERSION;
- ADDR_CTRL:
- tmp_read_data = {29'h0, mode_reg, next_reg, init_reg};
-
ADDR_STATUS:
tmp_read_data = {30'h0, digest_valid_reg, ready_reg};
- ADDR_BLOCK0:
- tmp_read_data = block0_reg;
-
- ADDR_BLOCK1:
- tmp_read_data = block1_reg;
-
- ADDR_BLOCK2:
- tmp_read_data = block2_reg;
-
- ADDR_BLOCK3:
- tmp_read_data = block3_reg;
-
- ADDR_BLOCK4:
- tmp_read_data = block4_reg;
-
- ADDR_BLOCK5:
- tmp_read_data = block5_reg;
-
- ADDR_BLOCK6:
- tmp_read_data = block6_reg;
-
- ADDR_BLOCK7:
- tmp_read_data = block7_reg;
-
- ADDR_BLOCK8:
- tmp_read_data = block8_reg;
-
- ADDR_BLOCK9:
- tmp_read_data = block9_reg;
-
- ADDR_BLOCK10:
- tmp_read_data = block10_reg;
-
- ADDR_BLOCK11:
- tmp_read_data = block11_reg;
-
- ADDR_BLOCK12:
- tmp_read_data = block12_reg;
-
- ADDR_BLOCK13:
- tmp_read_data = block13_reg;
-
- ADDR_BLOCK14:
- tmp_read_data = block14_reg;
-
- ADDR_BLOCK15:
- tmp_read_data = block15_reg;
-
- ADDR_DIGEST0:
- tmp_read_data = digest_reg[255 : 224];
-
- ADDR_DIGEST1:
- tmp_read_data = digest_reg[223 : 192];
-
- ADDR_DIGEST2:
- tmp_read_data = digest_reg[191 : 160];
-
- ADDR_DIGEST3:
- tmp_read_data = digest_reg[159 : 128];
-
- ADDR_DIGEST4:
- tmp_read_data = digest_reg[127 : 96];
-
- ADDR_DIGEST5:
- tmp_read_data = digest_reg[95 : 64];
-
- ADDR_DIGEST6:
- tmp_read_data = digest_reg[63 : 32];
-
- ADDR_DIGEST7:
- tmp_read_data = digest_reg[31 : 0];
-
default:
begin
tmp_error = 1;
diff --git a/src/tb/tb_sha256.v b/src/tb/tb_sha256.v
index 01aa66e..99bdcfd 100644
--- a/src/tb/tb_sha256.v
+++ b/src/tb/tb_sha256.v
@@ -182,14 +182,14 @@ module tb_sha256();
$display("Message block:");
$display("block0 = 0x%08x, block1 = 0x%08x, block2 = 0x%08x, block3 = 0x%08x",
- dut.block0_reg, dut.block1_reg, dut.block2_reg, dut.block3_reg);
+ dut.block_reg[0], dut.block_reg[1], dut.block_reg[2], dut.block_reg[3]);
$display("block4 = 0x%08x, block5 = 0x%08x, block6 = 0x%08x, block7 = 0x%08x",
- dut.block4_reg, dut.block5_reg, dut.block6_reg, dut.block7_reg);
+ dut.block_reg[4], dut.block_reg[5], dut.block_reg[6], dut.block_reg[7]);
$display("block8 = 0x%08x, block9 = 0x%08x, block10 = 0x%08x, block11 = 0x%08x",
- dut.block8_reg, dut.block9_reg, dut.block10_reg, dut.block11_reg);
+ dut.block_reg[8], dut.block_reg[9], dut.block_reg[10], dut.block_reg[11]);
$display("block12 = 0x%08x, block13 = 0x%08x, block14 = 0x%08x, block15 = 0x%08x",
- dut.block12_reg, dut.block13_reg, dut.block14_reg, dut.block15_reg);
+ dut.block_reg[12], dut.block_reg[13], dut.block_reg[14], dut.block_reg[15]);
$display("");
$display("Digest:");
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-18 18:38:40 +0000