From 9c5acbbcd7928a2958d370923d9cc0276037f1aa Mon Sep 17 00:00:00 2001 From: Paul Selkirk Date: Mon, 31 May 2021 17:29:10 -0400 Subject: Reformatted --- src/rtl/sha3.v | 310 ++++++++++++++++++++++++------------------------- src/rtl/sha3_wrapper.v | 40 +++---- 2 files changed, 175 insertions(+), 175 deletions(-) (limited to 'src') diff --git a/src/rtl/sha3.v b/src/rtl/sha3.v index ab18ca0..b01d50c 100644 --- a/src/rtl/sha3.v +++ b/src/rtl/sha3.v @@ -41,161 +41,161 @@ `define pilni(i) ((piln>>((23-i)*5)) & 5'h1f) `define rndci(i) ((rndc>>((23-i)*64)) & 64'hffffffffffffffff) -`define SHA3_NUM_ROUNDS 5'd24 - -module sha3( input wire clk, - nreset, - w, - input wire [ 8:2] addr, - input wire [32-1:0] din, - output reg [32-1:0] dout, - input wire init, - input wire next, - output wire ready); - - integer i, j; - - reg [64-1:0] blk[0:24], // input block - st [0:24], // current state - stn[0:24], // new state - bc [0: 4], // intermediate values - t; // temporary variable - - reg [ 4:0] round; // counter value - - - localparam [ 4: 0] roundlimit = `SHA3_NUM_ROUNDS - 'b1; - - - localparam [24*6-1:0] rotc = - { 6'h01, 6'h03, 6'h06, 6'h0A, 6'h0F, 6'h15, - 6'h1C, 6'h24, 6'h2D, 6'h37, 6'h02, 6'h0E, - 6'h1B, 6'h29, 6'h38, 6'h08, 6'h19, 6'h2B, - 6'h3E, 6'h12, 6'h27, 6'h3D, 6'h14, 6'h2C}; - - localparam [24*5-1:0] piln = - { 5'h0A, 5'h07, 5'h0B, 5'h11, 5'h12, 5'h03, - 5'h05, 5'h10, 5'h08, 5'h15, 5'h18, 5'h04, - 5'h0F, 5'h17, 5'h13, 5'h0D, 5'h0C, 5'h02, - 5'h14, 5'h0E, 5'h16, 5'h09, 5'h06, 5'h01}; - - localparam [24*64-1:0] rndc = - { 64'h0000000000000001, 64'h0000000000008082, - 64'h800000000000808a, 64'h8000000080008000, - 64'h000000000000808b, 64'h0000000080000001, - 64'h8000000080008081, 64'h8000000000008009, - 64'h000000000000008a, 64'h0000000000000088, - 64'h0000000080008009, 64'h000000008000000a, - 64'h000000008000808b, 64'h800000000000008b, - 64'h8000000000008089, 64'h8000000000008003, - 64'h8000000000008002, 64'h8000000000000080, - 64'h000000000000800a, 64'h800000008000000a, - 64'h8000000080008081, 64'h8000000000008080, - 64'h0000000080000001, 64'h8000000080008008}; - - /* input block buffer is mapped to the lower half of the - address space, sponge state is mapped to the upper one */ - - /* the lowest address bit determines what part of 64-bit word to return */ - - always @(posedge clk) - // - dout <= addr[8] ? - (~addr[2] ? st [addr[7:3]][31:0] : st [addr[7:3]][63:32]) : - (~addr[2] ? blk[addr[7:3]][31:0] : blk[addr[7:3]][63:32]) ; - - - always @* begin - - // theta1 - for (i=0; i<25; i=i+1) - stn[i] = st[i]; - - for (i=0; i<5; i=i+1) - bc[i] = stn[i] ^ stn[i+5] ^ stn[i+10] ^ stn[i+15] ^ stn[i+20]; - - // theta2 - for (i=0; i<5; i=i+1) begin - - t = bc[(i+4)%5] ^ `rotl64(bc[(i+1)%5], 1); - - for(j=i; j<25; j=j+5) - stn[j] = t ^ stn[j]; - end - - // rophi - t = stn[1]; - for(i=0; i<24; i=i+1) begin - j = `pilni(i); - { stn[j], t } = { `rotl64(t, `rotci(i)), stn[j] }; - end - - // chi - for (j=0; j<25; j=j+5) begin - - for (i=0; i<5; i=i+1) - bc[i] = stn[j + i]; - - for (i=0; i<5; i=i+1) - stn[j+i] = stn[j+i] ^ (~bc[(i+1)%5] & bc[(i+2)%5]); - end - - // iota - stn[0] = stn[0] ^ `rndci(round); - end - - - /* ready flag logic */ - - reg ready_reg = 'b1; - assign ready = ready_reg; - - always @(posedge clk or negedge nreset) - // - if (!nreset) ready_reg <= 'b1; - else begin - if (ready) ready_reg <= !(init || next); - else ready_reg <= !(round < roundlimit); - end - - /* state update logic */ - always @(posedge clk or negedge nreset) - // - if (!nreset) begin - - for (i=0; i<25; i=i+1) begin - st[i] <= 64'hX; // wipe state - blk[i] <= 64'h0; // wipe block - end - - round <= `SHA3_NUM_ROUNDS; - - end else begin - - if (!ready) begin - - for (i=0; i<25; i=i+1) - st[i] <= stn[i]; - - round <= round + 'd1; - - end else if (init || next) begin - - for (i=0; i<25; i=i+1) - st[i] <= init ? blk[i] : st[i] ^ blk[i]; // init has priority over next - - round <= 'd0; - - end - - if (w && !addr[8]) // only the first half of memory is writeable - // - case (addr[2]) - 1: blk[addr[7:3]][63:32] <= din; - 0: blk[addr[7:3]][31: 0] <= din; - endcase // case (addr[2]) - - end +`define SHA3_NUM_ROUNDS 5'd24 + +module sha3( input wire clk, + input wire nreset, + input wire w, + input wire [ 8:2] addr, + input wire [32-1:0] din, + output reg [32-1:0] dout, + input wire init, + input wire next, + output wire ready); + + integer i, j; + + reg [64-1:0] blk[0:24], // input block + st [0:24], // current state + stn[0:24], // new state + bc [0: 4], // intermediate values + t; // temporary variable + + reg [ 4:0] round; // counter value + + + localparam [ 4: 0] roundlimit = `SHA3_NUM_ROUNDS - 'b1; + + + localparam [24*6-1:0] rotc = + { 6'h01, 6'h03, 6'h06, 6'h0A, 6'h0F, 6'h15, + 6'h1C, 6'h24, 6'h2D, 6'h37, 6'h02, 6'h0E, + 6'h1B, 6'h29, 6'h38, 6'h08, 6'h19, 6'h2B, + 6'h3E, 6'h12, 6'h27, 6'h3D, 6'h14, 6'h2C}; + + localparam [24*5-1:0] piln = + { 5'h0A, 5'h07, 5'h0B, 5'h11, 5'h12, 5'h03, + 5'h05, 5'h10, 5'h08, 5'h15, 5'h18, 5'h04, + 5'h0F, 5'h17, 5'h13, 5'h0D, 5'h0C, 5'h02, + 5'h14, 5'h0E, 5'h16, 5'h09, 5'h06, 5'h01}; + + localparam [24*64-1:0] rndc = + { 64'h0000000000000001, 64'h0000000000008082, + 64'h800000000000808a, 64'h8000000080008000, + 64'h000000000000808b, 64'h0000000080000001, + 64'h8000000080008081, 64'h8000000000008009, + 64'h000000000000008a, 64'h0000000000000088, + 64'h0000000080008009, 64'h000000008000000a, + 64'h000000008000808b, 64'h800000000000008b, + 64'h8000000000008089, 64'h8000000000008003, + 64'h8000000000008002, 64'h8000000000000080, + 64'h000000000000800a, 64'h800000008000000a, + 64'h8000000080008081, 64'h8000000000008080, + 64'h0000000080000001, 64'h8000000080008008}; + + /* input block buffer is mapped to the lower half of the + address space, sponge state is mapped to the upper one */ + + /* the lowest address bit determines what part of 64-bit word to return */ + + always @(posedge clk) + // + dout <= addr[8] ? + (~addr[2] ? st [addr[7:3]][31:0] : st [addr[7:3]][63:32]) : + (~addr[2] ? blk[addr[7:3]][31:0] : blk[addr[7:3]][63:32]) ; + + + always @* begin + + // theta1 + for (i=0; i<25; i=i+1) + stn[i] = st[i]; + + for (i=0; i<5; i=i+1) + bc[i] = stn[i] ^ stn[i+5] ^ stn[i+10] ^ stn[i+15] ^ stn[i+20]; + + // theta2 + for (i=0; i<5; i=i+1) begin + + t = bc[(i+4)%5] ^ `rotl64(bc[(i+1)%5], 1); + + for(j=i; j<25; j=j+5) + stn[j] = t ^ stn[j]; + end + + // rophi + t = stn[1]; + for(i=0; i<24; i=i+1) begin + j = `pilni(i); + { stn[j], t } = { `rotl64(t, `rotci(i)), stn[j] }; + end + + // chi + for (j=0; j<25; j=j+5) begin + + for (i=0; i<5; i=i+1) + bc[i] = stn[j + i]; + + for (i=0; i<5; i=i+1) + stn[j+i] = stn[j+i] ^ (~bc[(i+1)%5] & bc[(i+2)%5]); + end + + // iota + stn[0] = stn[0] ^ `rndci(round); + end + + + /* ready flag logic */ + + reg ready_reg = 'b1; + assign ready = ready_reg; + + always @(posedge clk or negedge nreset) + // + if (!nreset) ready_reg <= 'b1; + else begin + if (ready) ready_reg <= !(init || next); + else ready_reg <= !(round < roundlimit); + end + + /* state update logic */ + always @(posedge clk or negedge nreset) + // + if (!nreset) begin + + for (i=0; i<25; i=i+1) begin + st[i] <= 64'hX; // wipe state + blk[i] <= 64'h0; // wipe block + end + + round <= `SHA3_NUM_ROUNDS; + + end else begin + + if (!ready) begin + + for (i=0; i<25; i=i+1) + st[i] <= stn[i]; + + round <= round + 'd1; + + end else if (init || next) begin + + for (i=0; i<25; i=i+1) + st[i] <= init ? blk[i] : st[i] ^ blk[i]; // init has priority over next + + round <= 'd0; + + end + + if (w && !addr[8]) // only the first half of memory is writeable + // + case (addr[2]) + 1: blk[addr[7:3]][63:32] <= din; + 0: blk[addr[7:3]][31: 0] <= din; + endcase // case (addr[2]) + + end endmodule // sha3 diff --git a/src/rtl/sha3_wrapper.v b/src/rtl/sha3_wrapper.v index 9140b08..c19f64f 100644 --- a/src/rtl/sha3_wrapper.v +++ b/src/rtl/sha3_wrapper.v @@ -48,8 +48,8 @@ module sha3_wrapper // Address Decoder // localparam ADDR_MSB_REGS = 1'b0; - localparam ADDR_MSB_CORE = 1'b1; - + localparam ADDR_MSB_CORE = 1'b1; + wire [0:0] addr_msb = address[7]; wire [6:0] addr_lsb = address[6:0]; @@ -71,7 +71,7 @@ module sha3_wrapper localparam ADDR_CONTROL = 5'h08; // {next, init} localparam ADDR_STATUS = 5'h09; // {valid, ready} - localparam CONTROL_INIT_BIT = 0; + localparam CONTROL_INIT_BIT = 0; localparam CONTROL_NEXT_BIT = 1; // localparam STATUS_READY_BIT = 0; -- hardcoded to always read 1 @@ -86,17 +86,17 @@ module sha3_wrapper // Registers // reg [ 1:0] reg_control; - reg [ 1:0] reg_control_prev; - - - // - // Flags - // - wire reg_control_init_posedge = - reg_control[CONTROL_INIT_BIT] & ~reg_control_prev[CONTROL_INIT_BIT]; + reg [ 1:0] reg_control_prev; + + + // + // Flags + // + wire reg_control_init_posedge = + reg_control[CONTROL_INIT_BIT] & ~reg_control_prev[CONTROL_INIT_BIT]; - wire reg_control_next_posedge = - reg_control[CONTROL_NEXT_BIT] & ~reg_control_prev[CONTROL_NEXT_BIT]; + wire reg_control_next_posedge = + reg_control[CONTROL_NEXT_BIT] & ~reg_control_prev[CONTROL_NEXT_BIT]; // @@ -109,11 +109,11 @@ module sha3_wrapper // SHA-3 // sha3 sha3_inst - ( + ( .clk (clk), - .nreset (rst_n), + .nreset (rst_n), - .init (reg_control_init_posedge), + .init (reg_control_init_posedge), .next (reg_control_next_posedge), .ready (reg_status_valid), @@ -122,7 +122,7 @@ module sha3_wrapper .addr (addr_lsb), .din (write_data), .dout (read_data_core) - ); + ); // @@ -136,8 +136,8 @@ module sha3_wrapper // always @(posedge clk) // - if (!rst_n) reg_control_prev <= 2'b00; - else reg_control_prev <= reg_control; + if (!rst_n) reg_control_prev <= 2'b00; + else reg_control_prev <= reg_control; // @@ -188,7 +188,7 @@ module sha3_wrapper reg addr_msb_last; always @(posedge clk) addr_msb_last <= addr_msb; - assign read_data = (addr_msb_last == ADDR_MSB_REGS) ? tmp_read_data : read_data_core; + assign read_data = (addr_msb_last == ADDR_MSB_REGS) ? tmp_read_data : read_data_core; endmodule -- cgit v1.2.3