aboutsummaryrefslogblamecommitdiff
path: root/src/rtl/sha512_core.v
blob: 1b1aedad93bcfb9c666b251887c796d9721a39d4 (plain) (tree)
1
2
3
4
5
6
7
8
9








                                                                        
                                   
                       
  
























                                                                           





                                                                        
 


                                              
 


                                                         
                                               
 
                                               


















                                                       



                                                     
 



                                                                    
 



                             

 





































                                                                    
 




                            
 






                                    


                       
 



                              
                      
 




















                                                                    
 








                     
 


                                                                    
                                      
                                                           





























                                                  



                                                                    
 

                                                   
 
                                         

 


                                                                    
                                                                

                                                                    
                                           


                      

















                                                      
                                      
                                           
                                       


             

                       






















                               
 















































                                                       
                           
                 
                                             

               




                                                         



                                                   
 






                                                 
 






















































                                                                    

                                              


                                                
 


















                                                                    
 

                      

 







                                                                    








                            
 


























                              
 













                              
 
                                                                    
              
    
                                                        


                                                                    


                           
 
                        
             

                                

           
                        
             

                                               
           
                    
 
 
                                                                    





                                                                    
                                   
                               
 



                                                


                              
                                       











                                                                    





                                                                    

                              
 

                              
 

                              
 

                              
 

                              
 

                              
 




                                      
 
 



                            
 

                     




                                        
                                        

                                        
                                                   
                                        



                     


                                        
                                        

                                        
                                                   
                                        


                 
 

                     





                                           
               


                              
 
                                               
                   


                                                


                 

                  





                                            
                                            
                                                       


















                                                 


                                       
 




                                                                        
//======================================================================
//
// sha512_core.v
// -------------
// Verilog 2001 implementation of the SHA-512 hash function.
// This is the internal core with wide interfaces.
//
//
// Author: Joachim Strombergson
// Copyright (c) 2014, NORDUnet A/S
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
// met:
// - Redistributions of source code must retain the above copyright notice,
//   this list of conditions and the following disclaimer.
//
// - Redistributions in binary form must reproduce the above copyright
//   notice, this list of conditions and the following disclaimer in the
//   documentation and/or other materials provided with the distribution.
//
// - Neither the name of the NORDUnet nor the names of its contributors may
//   be used to endorse or promote products derived from this software
//   without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
// IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
// PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
// HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
// TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
// PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
// NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
//======================================================================

module sha512_core(
                   input wire            clk,
                   input wire            reset_n,

                   input wire            init,
                   input wire            next,
                   input wire [1 : 0]    mode,

                   input wire            work_factor,
                   input wire [31 : 0]   work_factor_num,

                   input wire [1023 : 0] block,

                   output wire           ready,

                   input wire [31 : 0]   state_wr_data,
                   input wire            state00_we,
                   input wire            state01_we,
                   input wire            state02_we,
                   input wire            state03_we,
                   input wire            state04_we,
                   input wire            state05_we,
                   input wire            state06_we,
                   input wire            state07_we,
                   input wire            state08_we,
                   input wire            state09_we,
                   input wire            state10_we,
                   input wire            state11_we,
                   input wire            state12_we,
                   input wire            state13_we,
                   input wire            state14_we,
                   input wire            state15_we,

                   output wire [511 : 0] digest,
                   output wire           digest_valid
                  );


  //----------------------------------------------------------------
  // Internal constant and parameter definitions.
  //----------------------------------------------------------------
  parameter SHA512_ROUNDS = 79;

  parameter CTRL_IDLE    = 0;
  parameter CTRL_ROUNDS1 = 1;
  parameter CTRL_ROUNDS2 = 2;
  parameter CTRL_DONE    = 3;


  //----------------------------------------------------------------
  // Registers including update variables and write enable.
  //----------------------------------------------------------------
  reg [63 : 0] a_reg;
  reg [63 : 0] a_new;
  reg [63 : 0] b_reg;
  reg [63 : 0] b_new;
  reg [63 : 0] c_reg;
  reg [63 : 0] c_new;
  reg [63 : 0] d_reg;
  reg [63 : 0] d_new;
  reg [63 : 0] e_reg;
  reg [63 : 0] e_new;
  reg [63 : 0] f_reg;
  reg [63 : 0] f_new;
  reg [63 : 0] g_reg;
  reg [63 : 0] g_new;
  reg [63 : 0] h_reg;
  reg [63 : 0] h_new;
  reg          a_h_we;

  reg [63 : 0] H0_reg;
  reg [63 : 0] H0_new;
  reg [63 : 0] H1_reg;
  reg [63 : 0] H1_new;
  reg [63 : 0] H2_reg;
  reg [63 : 0] H2_new;
  reg [63 : 0] H3_reg;
  reg [63 : 0] H3_new;
  reg [63 : 0] H4_reg;
  reg [63 : 0] H4_new;
  reg [63 : 0] H5_reg;
  reg [63 : 0] H5_new;
  reg [63 : 0] H6_reg;
  reg [63 : 0] H6_new;
  reg [63 : 0] H7_reg;
  reg [63 : 0] H7_new;
  reg          H_we;

  reg [6 : 0] round_ctr_reg;
  reg [6 : 0] round_ctr_new;
  reg         round_ctr_we;
  reg         round_ctr_inc;
  reg         round_ctr_rst;

  reg [31 : 0] work_factor_ctr_reg;
  reg [31 : 0] work_factor_ctr_new;
  reg          work_factor_ctr_rst;
  reg          work_factor_ctr_inc;
  reg          work_factor_ctr_done;
  reg          work_factor_ctr_we;

  reg digest_valid_reg;
  reg digest_valid_new;
  reg digest_valid_we;

  reg [1 : 0] sha512_ctrl_reg;
  reg [1 : 0] sha512_ctrl_new;
  reg         sha512_ctrl_we;

  reg [63 : 0] t1_reg;

  //----------------------------------------------------------------
  // Wires.
  //----------------------------------------------------------------
  reg digest_init;
  reg digest_update;

  reg state_init;
  reg state_update;

  reg first_block;

  reg ready_flag;

  reg [63 : 0] t1;
  reg [63 : 0] t2;

  wire [63 : 0] k_data;

  reg           w_init;
  reg           w_next;
  wire [63 : 0] w_data;

  wire [63 : 0] H0_0;
  wire [63 : 0] H0_1;
  wire [63 : 0] H0_2;
  wire [63 : 0] H0_3;
  wire [63 : 0] H0_4;
  wire [63 : 0] H0_5;
  wire [63 : 0] H0_6;
  wire [63 : 0] H0_7;


  //----------------------------------------------------------------
  // Module instantiantions.
  //----------------------------------------------------------------
  sha512_k_constants k_constants_inst(
                                      .addr(round_ctr_reg),
                                      .K(k_data)
                                     );


  sha512_h_constants h_constants_inst(
                                      .mode(mode),

                                      .H0(H0_0),
                                      .H1(H0_1),
                                      .H2(H0_2),
                                      .H3(H0_3),
                                      .H4(H0_4),
                                      .H5(H0_5),
                                      .H6(H0_6),
                                      .H7(H0_7)
                                     );


  sha512_w_mem w_mem_inst(
                          .clk(clk),
                          .reset_n(reset_n),

                          .block(block),

                          .init(w_init),
                          .next(w_next),
                          .w(w_data)
                         );


  //----------------------------------------------------------------
  // Concurrent connectivity for ports etc.
  //----------------------------------------------------------------
  assign ready = ready_flag;

  assign digest = {H0_reg, H1_reg, H2_reg, H3_reg,
                   H4_reg, H5_reg, H6_reg, H7_reg};

  assign digest_valid = digest_valid_reg;


  //----------------------------------------------------------------
  // reg_update
  // Update functionality for all registers in the core.
  // All registers are positive edge triggered with asynchronous
  // active low reset. All registers have write enable.
  //----------------------------------------------------------------
  always @ (posedge clk or negedge reset_n)
    begin : reg_update
      if (!reset_n)
        begin
          a_reg               <= 64'h0000000000000000;
          b_reg               <= 64'h0000000000000000;
          c_reg               <= 64'h0000000000000000;
          d_reg               <= 64'h0000000000000000;
          e_reg               <= 64'h0000000000000000;
          f_reg               <= 64'h0000000000000000;
          g_reg               <= 64'h0000000000000000;
          h_reg               <= 64'h0000000000000000;
          H0_reg              <= 64'h0000000000000000;
          H1_reg              <= 64'h0000000000000000;
          H2_reg              <= 64'h0000000000000000;
          H3_reg              <= 64'h0000000000000000;
          H4_reg              <= 64'h0000000000000000;
          H5_reg              <= 64'h0000000000000000;
          H6_reg              <= 64'h0000000000000000;
          H7_reg              <= 64'h0000000000000000;
          work_factor_ctr_reg <= 32'h00000000;
          digest_valid_reg    <= 0;
          round_ctr_reg       <= 7'h0;
          sha512_ctrl_reg     <= CTRL_IDLE;
          t1_reg              <= 64'h0;
        end
      else
        begin
          t1_reg <= t1;

          if (a_h_we)
            begin
              a_reg <= a_new;
              b_reg <= b_new;
              c_reg <= c_new;
              d_reg <= d_new;
              e_reg <= e_new;
              f_reg <= f_new;
              g_reg <= g_new;
              h_reg <= h_new;
            end

          if (H_we)
            begin
              H0_reg <= H0_new;
              H1_reg <= H1_new;
              H2_reg <= H2_new;
              H3_reg <= H3_new;
              H4_reg <= H4_new;
              H5_reg <= H5_new;
              H6_reg <= H6_new;
              H7_reg <= H7_new;
            end

          if (state00_we)
            H0_reg <= {state_wr_data, H0_reg[31 : 0]};

          if (state01_we)
            H0_reg <= {H0_reg[63 : 32], state_wr_data};

          if (state02_we)
            H1_reg <= {state_wr_data, H1_reg[31 : 0]};

          if (state03_we)
            H1_reg <= {H1_reg[63 : 32], state_wr_data};

          if (state04_we)
            H2_reg <= {state_wr_data, H2_reg[31 : 0]};

          if (state05_we)
            H2_reg <= {H2_reg[63 : 32], state_wr_data};

          if (state06_we)
            H3_reg <= {state_wr_data, H3_reg[31 : 0]};

          if (state07_we)
            H3_reg <= {H3_reg[63 : 32], state_wr_data};

          if (state08_we)
            H4_reg <= {state_wr_data, H4_reg[31 : 0]};

          if (state09_we)
            H4_reg <= {H4_reg[63 : 32], state_wr_data};

          if (state10_we)
            H5_reg <= {state_wr_data, H5_reg[31 : 0]};

          if (state11_we)
            H5_reg <= {H5_reg[63 : 32], state_wr_data};

          if (state12_we)
            H6_reg <= {state_wr_data, H6_reg[31 : 0]};

          if (state13_we)
            H6_reg <= {H6_reg[63 : 32], state_wr_data};

          if (state14_we)
            H7_reg <= {state_wr_data, H7_reg[31 : 0]};

          if (state15_we)
            H7_reg <= {H7_reg[63 : 32], state_wr_data};

          if (round_ctr_we)
            begin
              round_ctr_reg <= round_ctr_new;
            end

          if (work_factor_ctr_we)
            begin
              work_factor_ctr_reg <= work_factor_ctr_new;
            end

          if (digest_valid_we)
            begin
              digest_valid_reg <= digest_valid_new;
            end

          if (sha512_ctrl_we)
            begin
              sha512_ctrl_reg <= sha512_ctrl_new;
            end
        end
    end // reg_update


  //----------------------------------------------------------------
  // digest_logic
  //
  // The logic needed to init as well as update the digest.
  //----------------------------------------------------------------
  always @*
    begin : digest_logic
      H0_new = 64'h00000000;
      H1_new = 64'h00000000;
      H2_new = 64'h00000000;
      H3_new = 64'h00000000;
      H4_new = 64'h00000000;
      H5_new = 64'h00000000;
      H6_new = 64'h00000000;
      H7_new = 64'h00000000;
      H_we = 0;

      if (digest_init)
        begin
          H0_new = H0_0;
          H1_new = H0_1;
          H2_new = H0_2;
          H3_new = H0_3;
          H4_new = H0_4;
          H5_new = H0_5;
          H6_new = H0_6;
          H7_new = H0_7;
          H_we = 1;
        end

      if (digest_update)
        begin
          H0_new = H0_reg + a_reg;
          H1_new = H1_reg + b_reg;
          H2_new = H2_reg + c_reg;
          H3_new = H3_reg + d_reg;
          H4_new = H4_reg + e_reg;
          H5_new = H5_reg + f_reg;
          H6_new = H6_reg + g_reg;
          H7_new = H7_reg + h_reg;
          H_we = 1;
        end
    end // digest_logic


  //----------------------------------------------------------------
  // t1_logic
  //
  // The logic for the T1 function.
  //----------------------------------------------------------------
  always @*
    begin : t1_logic
      reg [63 : 0] sum1;
      reg [63 : 0] ch;

      sum1 = {e_reg[13 : 0], e_reg[63 : 14]} ^
             {e_reg[17 : 0], e_reg[63 : 18]} ^
             {e_reg[40 : 0], e_reg[63 : 41]};

      ch = (e_reg & f_reg) ^ ((~e_reg) & g_reg);

      t1 = h_reg + sum1 + ch + k_data + w_data;
    end // t1_logic


  //----------------------------------------------------------------
  // t2_logic
  //
  // The logic for the T2 function
  //----------------------------------------------------------------
  always @*
    begin : t2_logic
      reg [63 : 0] sum0;
      reg [63 : 0] maj;

      sum0 = {a_reg[27 : 0], a_reg[63 : 28]} ^
             {a_reg[33 : 0], a_reg[63 : 34]} ^
             {a_reg[38 : 0], a_reg[63 : 39]};

      maj = (a_reg & b_reg) ^ (a_reg & c_reg) ^ (b_reg & c_reg);

      t2 = sum0 + maj;
    end // t2_logic


  //----------------------------------------------------------------
  // state_logic
  //
  // The logic needed to init as well as update the state during
  // round processing.
  //----------------------------------------------------------------
  always @*
    begin : state_logic
      a_new  = 64'h00000000;
      b_new  = 64'h00000000;
      c_new  = 64'h00000000;
      d_new  = 64'h00000000;
      e_new  = 64'h00000000;
      f_new  = 64'h00000000;
      g_new  = 64'h00000000;
      h_new  = 64'h00000000;
      a_h_we = 0;

      if (state_init)
        begin
          if (first_block)
            begin
              a_new  = H0_0;
              b_new  = H0_1;
              c_new  = H0_2;
              d_new  = H0_3;
              e_new  = H0_4;
              f_new  = H0_5;
              g_new  = H0_6;
              h_new  = H0_7;
              a_h_we = 1;
            end
          else
            begin
              a_new  = H0_reg;
              b_new  = H1_reg;
              c_new  = H2_reg;
              d_new  = H3_reg;
              e_new  = H4_reg;
              f_new  = H5_reg;
              g_new  = H6_reg;
              h_new  = H7_reg;
              a_h_we = 1;
            end
        end

      if (state_update)
        begin
          a_new  = t1 + t2;
          b_new  = a_reg;
          c_new  = b_reg;
          d_new  = c_reg;
          e_new  = d_reg + t1;
          f_new  = e_reg;
          g_new  = f_reg;
          h_new  = g_reg;
          a_h_we = 1;
        end
    end // state_logic


  //----------------------------------------------------------------
  // round_ctr
  //
  // Update logic for the round counter, a monotonically
  // increasing counter with reset.
  //----------------------------------------------------------------
  always @*
    begin : round_ctr
      round_ctr_new = 7'h0;
      round_ctr_we  = 0;

      if (round_ctr_rst)
        begin
          round_ctr_new = 7'h00;
          round_ctr_we  = 1;
        end

      if (round_ctr_inc)
        begin
          round_ctr_new = round_ctr_reg + 1'b1;
          round_ctr_we  = 1;
        end
    end // round_ctr


  //----------------------------------------------------------------
  // work_factor_ctr
  //
  // Work factor counter logic.
  //----------------------------------------------------------------
  always @*
    begin : work_factor_ctr
      work_factor_ctr_new  = 32'h0;
      work_factor_ctr_we   = 0;

      if (work_factor_ctr_reg < work_factor_num)
        work_factor_ctr_done = 0;
      else
        work_factor_ctr_done = 1;

      if (work_factor_ctr_rst)
        begin
          work_factor_ctr_new  = 32'h0;
          work_factor_ctr_we   = 1;
        end

      if (work_factor_ctr_inc)
        begin
          work_factor_ctr_new  = work_factor_ctr_reg + 1'b1;
          work_factor_ctr_we   = 1;
        end
    end // work_factor_ctr


  //----------------------------------------------------------------
  // sha512_ctrl_fsm
  //
  // Logic for the state machine controlling the core behaviour.
  //----------------------------------------------------------------
  always @*
    begin : sha512_ctrl_fsm
      digest_init         = 0;
      digest_update       = 0;

      state_init          = 0;
      state_update        = 0;

      first_block         = 0;
      ready_flag          = 0;

      w_init              = 0;
      w_next              = 0;

      round_ctr_inc       = 0;
      round_ctr_rst       = 0;

      digest_valid_new    = 0;
      digest_valid_we     = 0;

      work_factor_ctr_rst = 0;
      work_factor_ctr_inc = 0;

      sha512_ctrl_new     = CTRL_IDLE;
      sha512_ctrl_we      = 0;


      case (sha512_ctrl_reg)
        CTRL_IDLE:
          begin
            ready_flag = 1;

            if (init)
              begin
                work_factor_ctr_rst = 1;
                digest_init         = 1;
                w_init              = 1;
                state_init          = 1;
                first_block         = 1;
                round_ctr_rst       = 1;
                digest_valid_new    = 0;
                digest_valid_we     = 1;
                sha512_ctrl_new     = CTRL_ROUNDS1;
                sha512_ctrl_we      = 1;
              end

            if (next)
              begin
                work_factor_ctr_rst = 1;
                w_init              = 1;
                state_init          = 1;
                round_ctr_rst       = 1;
                digest_valid_new    = 0;
                digest_valid_we     = 1;
                sha512_ctrl_new     = CTRL_ROUNDS1;
                sha512_ctrl_we      = 1;
              end
          end


        CTRL_ROUNDS1:
          begin
            sha512_ctrl_new = CTRL_ROUNDS2;
            sha512_ctrl_we  = 1;
          end


        CTRL_ROUNDS2:
          begin
            w_next        = 1;
            state_update  = 1;
            round_ctr_inc = 1;

            if (round_ctr_reg == SHA512_ROUNDS)
              begin
                work_factor_ctr_inc = 1;
                sha512_ctrl_new     = CTRL_DONE;
                sha512_ctrl_we      = 1;
              end
          end

        CTRL_DONE:
          begin
            if (work_factor)
              begin
                if (!work_factor_ctr_done)
                  begin
                    w_init              = 1;
                    state_init          = 1;
                    round_ctr_rst       = 1;
                    sha512_ctrl_new     = CTRL_ROUNDS1;
                    sha512_ctrl_we      = 1;
                  end
                else
                  begin
                    digest_update    = 1;
                    digest_valid_new = 1;
                    digest_valid_we  = 1;
                    sha512_ctrl_new  = CTRL_IDLE;
                    sha512_ctrl_we   = 1;
                  end
              end
            else
              begin
                digest_update    = 1;
                digest_valid_new = 1;
                digest_valid_we  = 1;
                sha512_ctrl_new  = CTRL_IDLE;
                sha512_ctrl_we   = 1;
              end
          end
      endcase // case (sha512_ctrl_reg)
    end // sha512_ctrl_fsm

endmodule // sha512_core

//======================================================================
// EOF sha512_core.v
//======================================================================