diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/rtl/sha512.v | 1060 | ||||
-rw-r--r-- | src/rtl/sha512_core.v | 537 | ||||
-rw-r--r-- | src/rtl/sha512_h_constants.v | 143 | ||||
-rw-r--r-- | src/rtl/sha512_k_constants.v | 472 | ||||
-rw-r--r-- | src/rtl/sha512_w_mem.v | 346 |
5 files changed, 2558 insertions, 0 deletions
diff --git a/src/rtl/sha512.v b/src/rtl/sha512.v new file mode 100644 index 0000000..e3608e7 --- /dev/null +++ b/src/rtl/sha512.v @@ -0,0 +1,1060 @@ +//====================================================================== +// +// sha512.v +// -------- +// Top level wrapper for the SHA-512 hash function providing +// a simple memory like interface with 32 bit data access. +// +// +// Author: Joachim Strombergson +// Copyright (c) 2014, SUNET +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or +// without modification, are permitted provided that the following +// conditions are met: +// +// 1. Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright +// notice, this list of conditions and the following disclaimer in +// the documentation and/or other materials provided with the +// distribution. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +// BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +// CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +// ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +// +//====================================================================== + +module sha512( + // Clock and reset. + input wire clk, + input wire reset_n, + + // Control. + input wire cs, + input wire we, + + // Data ports. + input wire [7 : 0] address, + input wire [31 : 0] write_data, + output wire [31 : 0] read_data, + output wire error + ); + + //---------------------------------------------------------------- + // Internal constant and parameter definitions. + //---------------------------------------------------------------- + parameter ADDR_NAME0 = 8'h00; + parameter ADDR_NAME1 = 8'h01; + parameter ADDR_VERSION = 8'h02; + + parameter ADDR_CTRL = 8'h08; + parameter CTRL_INIT_BIT = 0; + parameter CTRL_NEXT_BIT = 1; + parameter CTRL_MODE_LOW_BIT = 2; + parameter CTRL_MODE_HIGH_BIT = 3; + + parameter ADDR_STATUS = 8'h09; + parameter STATUS_READY_BIT = 0; + parameter STATUS_VALID_BIT = 1; + + parameter ADDR_BLOCK0 = 8'h10; + parameter ADDR_BLOCK1 = 8'h11; + parameter ADDR_BLOCK2 = 8'h12; + parameter ADDR_BLOCK3 = 8'h13; + parameter ADDR_BLOCK4 = 8'h14; + parameter ADDR_BLOCK5 = 8'h15; + parameter ADDR_BLOCK6 = 8'h16; + parameter ADDR_BLOCK7 = 8'h17; + parameter ADDR_BLOCK8 = 8'h18; + parameter ADDR_BLOCK9 = 8'h19; + parameter ADDR_BLOCK10 = 8'h1a; + parameter ADDR_BLOCK11 = 8'h1b; + parameter ADDR_BLOCK12 = 8'h1c; + parameter ADDR_BLOCK13 = 8'h1d; + parameter ADDR_BLOCK14 = 8'h1e; + parameter ADDR_BLOCK15 = 8'h1f; + parameter ADDR_BLOCK16 = 8'h20; + parameter ADDR_BLOCK17 = 8'h21; + parameter ADDR_BLOCK18 = 8'h22; + parameter ADDR_BLOCK19 = 8'h23; + parameter ADDR_BLOCK20 = 8'h24; + parameter ADDR_BLOCK21 = 8'h25; + parameter ADDR_BLOCK22 = 8'h26; + parameter ADDR_BLOCK23 = 8'h27; + parameter ADDR_BLOCK24 = 8'h28; + parameter ADDR_BLOCK25 = 8'h29; + parameter ADDR_BLOCK26 = 8'h2a; + parameter ADDR_BLOCK27 = 8'h2b; + parameter ADDR_BLOCK28 = 8'h2c; + parameter ADDR_BLOCK29 = 8'h2d; + parameter ADDR_BLOCK30 = 8'h2e; + parameter ADDR_BLOCK31 = 8'h2f; + + parameter ADDR_DIGEST0 = 8'h40; + parameter ADDR_DIGEST1 = 8'h41; + parameter ADDR_DIGEST2 = 8'h42; + parameter ADDR_DIGEST3 = 8'h43; + parameter ADDR_DIGEST4 = 8'h44; + parameter ADDR_DIGEST5 = 8'h45; + parameter ADDR_DIGEST6 = 8'h46; + parameter ADDR_DIGEST7 = 8'h47; + parameter ADDR_DIGEST8 = 8'h48; + parameter ADDR_DIGEST9 = 8'h49; + parameter ADDR_DIGEST10 = 8'h4a; + parameter ADDR_DIGEST11 = 8'h4b; + parameter ADDR_DIGEST12 = 8'h4c; + parameter ADDR_DIGEST13 = 8'h4d; + parameter ADDR_DIGEST14 = 8'h4e; + parameter ADDR_DIGEST15 = 8'h4f; + + parameter CORE_NAME0 = 32'h73686132; // "sha2" + parameter CORE_NAME1 = 32'h2d353132; // "-512" + parameter CORE_VERSION = 32'h302e3830; // "0.80" + + parameter MODE_SHA_512_224 = 2'h0; + parameter MODE_SHA_512_256 = 2'h1; + parameter MODE_SHA_384 = 2'h2; + parameter MODE_SHA_512 = 2'h3; + + + //---------------------------------------------------------------- + // Registers including update variables and write enable. + //---------------------------------------------------------------- + reg init_reg; + reg init_new; + reg init_we; + reg init_set; + + reg next_reg; + reg next_new; + reg next_we; + reg next_set; + + reg [1 : 0] mode_reg; + reg [1 : 0] mode_new; + reg mode_we; + + reg ready_reg; + + reg [31 : 0] block0_reg; + reg block0_we; + reg [31 : 0] block1_reg; + reg block1_we; + reg [31 : 0] block2_reg; + reg block2_we; + reg [31 : 0] block3_reg; + reg block3_we; + reg [31 : 0] block4_reg; + reg block4_we; + reg [31 : 0] block5_reg; + reg block5_we; + reg [31 : 0] block6_reg; + reg block6_we; + reg [31 : 0] block7_reg; + reg block7_we; + reg [31 : 0] block8_reg; + reg block8_we; + reg [31 : 0] block9_reg; + reg block9_we; + reg [31 : 0] block10_reg; + reg block10_we; + reg [31 : 0] block11_reg; + reg block11_we; + reg [31 : 0] block12_reg; + reg block12_we; + reg [31 : 0] block13_reg; + reg block13_we; + reg [31 : 0] block14_reg; + reg block14_we; + reg [31 : 0] block15_reg; + reg block15_we; + reg [31 : 0] block16_reg; + reg block16_we; + reg [31 : 0] block17_reg; + reg block17_we; + reg [31 : 0] block18_reg; + reg block18_we; + reg [31 : 0] block19_reg; + reg block19_we; + reg [31 : 0] block20_reg; + reg block20_we; + reg [31 : 0] block21_reg; + reg block21_we; + reg [31 : 0] block22_reg; + reg block22_we; + reg [31 : 0] block23_reg; + reg block23_we; + reg [31 : 0] block24_reg; + reg block24_we; + reg [31 : 0] block25_reg; + reg block25_we; + reg [31 : 0] block26_reg; + reg block26_we; + reg [31 : 0] block27_reg; + reg block27_we; + reg [31 : 0] block28_reg; + reg block28_we; + reg [31 : 0] block29_reg; + reg block29_we; + reg [31 : 0] block30_reg; + reg block30_we; + reg [31 : 0] block31_reg; + reg block31_we; + + reg [511 : 0] digest_reg; + reg digest_valid_reg; + + + //---------------------------------------------------------------- + // Wires. + //---------------------------------------------------------------- + wire core_init; + wire core_next; + wire [1 : 0] core_mode; + wire core_ready; + wire [1023 : 0] core_block; + wire [511 : 0] core_digest; + wire core_digest_valid; + + reg [31 : 0] tmp_read_data; + reg tmp_error; + + + //---------------------------------------------------------------- + // Concurrent connectivity for ports etc. + //---------------------------------------------------------------- + assign core_init = init_reg; + + assign core_next = next_reg; + + assign core_mode = mode_reg; + + assign core_block = {block0_reg, block1_reg, block2_reg, block3_reg, block4_reg, + block5_reg, block6_reg, block7_reg, block8_reg, block9_reg, + block10_reg, block11_reg, block12_reg, block13_reg, block14_reg, + block15_reg, block16_reg, block17_reg, block18_reg, block19_reg, + block20_reg, block21_reg, block22_reg, block23_reg, block24_reg, + block25_reg, block26_reg, block27_reg, block28_reg, block29_reg, + block30_reg, block31_reg}; + + assign read_data = tmp_read_data; + assign error = tmp_error; + + + //---------------------------------------------------------------- + // core instantiation. + //---------------------------------------------------------------- + sha512_core core( + .clk(clk), + .reset_n(reset_n), + + .init(core_init), + .next(core_next), + .mode(core_mode), + + .block(core_block), + + .ready(core_ready), + + .digest(core_digest), + .digest_valid(core_digest_valid) + ); + + + //---------------------------------------------------------------- + // reg_update + // + // Update functionality for all registers in the core. + // All registers are positive edge triggered with synchronous + // active low reset. All registers have write enable. + //---------------------------------------------------------------- + always @ (posedge clk) + begin + if (!reset_n) + begin + init_reg <= 0; + next_reg <= 0; + mode_reg <= MODE_SHA_512; + ready_reg <= 0; + digest_reg <= {16{32'h00000000}}; + digest_valid_reg <= 0; + block0_reg <= 32'h00000000; + block1_reg <= 32'h00000000; + block2_reg <= 32'h00000000; + block3_reg <= 32'h00000000; + block4_reg <= 32'h00000000; + block5_reg <= 32'h00000000; + block6_reg <= 32'h00000000; + block7_reg <= 32'h00000000; + block8_reg <= 32'h00000000; + block9_reg <= 32'h00000000; + block10_reg <= 32'h00000000; + block11_reg <= 32'h00000000; + block12_reg <= 32'h00000000; + block13_reg <= 32'h00000000; + block14_reg <= 32'h00000000; + block15_reg <= 32'h00000000; + block16_reg <= 32'h00000000; + block17_reg <= 32'h00000000; + block18_reg <= 32'h00000000; + block19_reg <= 32'h00000000; + block20_reg <= 32'h00000000; + block21_reg <= 32'h00000000; + block22_reg <= 32'h00000000; + block23_reg <= 32'h00000000; + block24_reg <= 32'h00000000; + block25_reg <= 32'h00000000; + block26_reg <= 32'h00000000; + block27_reg <= 32'h00000000; + block28_reg <= 32'h00000000; + block29_reg <= 32'h00000000; + block30_reg <= 32'h00000000; + block31_reg <= 32'h00000000; + end + else + begin + ready_reg <= core_ready; + digest_valid_reg <= core_digest_valid; + + if (init_we) + begin + init_reg <= init_new; + end + + if (next_we) + begin + next_reg <= next_new; + end + + if (mode_we) + begin + mode_reg <= mode_new; + end + + if (core_digest_valid) + begin + digest_reg <= core_digest; + end + + if (block0_we) + begin + block0_reg <= write_data; + end + + if (block1_we) + begin + block1_reg <= write_data; + end + + if (block2_we) + begin + block2_reg <= write_data; + end + + if (block3_we) + begin + block3_reg <= write_data; + end + + if (block4_we) + begin + block4_reg <= write_data; + end + + if (block5_we) + begin + block5_reg <= write_data; + end + + if (block6_we) + begin + block6_reg <= write_data; + end + + if (block7_we) + begin + block7_reg <= write_data; + end + + if (block8_we) + begin + block8_reg <= write_data; + end + + if (block9_we) + begin + block9_reg <= write_data; + end + + if (block10_we) + begin + block10_reg <= write_data; + end + + if (block11_we) + begin + block11_reg <= write_data; + end + + if (block12_we) + begin + block12_reg <= write_data; + end + + if (block13_we) + begin + block13_reg <= write_data; + end + + if (block14_we) + begin + block14_reg <= write_data; + end + + if (block15_we) + begin + block15_reg <= write_data; + end + + if (block16_we) + begin + block16_reg <= write_data; + end + + if (block17_we) + begin + block17_reg <= write_data; + end + + if (block18_we) + begin + block18_reg <= write_data; + end + + if (block19_we) + begin + block19_reg <= write_data; + end + + if (block20_we) + begin + block20_reg <= write_data; + end + + if (block21_we) + begin + block21_reg <= write_data; + end + + if (block22_we) + begin + block22_reg <= write_data; + end + + if (block23_we) + begin + block23_reg <= write_data; + end + + if (block24_we) + begin + block24_reg <= write_data; + end + + if (block25_we) + begin + block25_reg <= write_data; + end + + if (block26_we) + begin + block26_reg <= write_data; + end + + if (block27_we) + begin + block27_reg <= write_data; + end + + if (block28_we) + begin + block28_reg <= write_data; + end + + if (block29_we) + begin + block29_reg <= write_data; + end + + if (block30_we) + begin + block30_reg <= write_data; + end + + if (block31_we) + begin + block31_reg <= write_data; + end + end + end // reg_update + + + //---------------------------------------------------------------- + // flag_reset + // + // Logic to reset init and next flags that has been set. + //---------------------------------------------------------------- + always @* + begin : flag_reset + init_new = 0; + init_we = 0; + next_new = 0; + next_we = 0; + + if (init_set) + begin + init_new = 1; + init_we = 1; + end + else if (init_reg) + begin + init_new = 0; + init_we = 1; + end + + if (next_set) + begin + next_new = 1; + next_we = 1; + end + else if (next_reg) + begin + next_new = 0; + next_we = 1; + end + end + + + //---------------------------------------------------------------- + // api_logic + // + // Implementation of the api logic. If cs is enabled will either + // try to write to or read from the internal registers. + //---------------------------------------------------------------- + always @* + begin : api_logic + init_set = 0; + next_set = 0; + mode_new = 2'b00; + mode_we = 0; + block0_we = 0; + block1_we = 0; + block2_we = 0; + block3_we = 0; + block4_we = 0; + block5_we = 0; + block6_we = 0; + block7_we = 0; + block8_we = 0; + block9_we = 0; + block10_we = 0; + block11_we = 0; + block12_we = 0; + block13_we = 0; + block14_we = 0; + block15_we = 0; + block16_we = 0; + block17_we = 0; + block18_we = 0; + block19_we = 0; + block20_we = 0; + block21_we = 0; + block22_we = 0; + block23_we = 0; + block24_we = 0; + block25_we = 0; + block26_we = 0; + block27_we = 0; + block28_we = 0; + block29_we = 0; + block30_we = 0; + block31_we = 0; + tmp_read_data = 32'h00000000; + tmp_error = 0; + + if (cs) + begin + if (we) + begin + case (address) + // Write operations. + ADDR_CTRL: + begin + init_set = write_data[CTRL_INIT_BIT]; + next_set = write_data[CTRL_NEXT_BIT]; + mode_new = write_data[CTRL_MODE_HIGH_BIT : CTRL_MODE_LOW_BIT]; + mode_we = 1; + end + + ADDR_BLOCK0: + begin + block0_we = 1; + end + + ADDR_BLOCK1: + begin + block1_we = 1; + end + + ADDR_BLOCK2: + begin + block2_we = 1; + end + + ADDR_BLOCK3: + begin + block3_we = 1; + end + + ADDR_BLOCK4: + begin + block4_we = 1; + end + + ADDR_BLOCK5: + begin + block5_we = 1; + end + + ADDR_BLOCK6: + begin + block6_we = 1; + end + + ADDR_BLOCK7: + begin + block7_we = 1; + end + + ADDR_BLOCK8: + begin + block8_we = 1; + end + + ADDR_BLOCK9: + begin + block9_we = 1; + end + + ADDR_BLOCK10: + begin + block10_we = 1; + end + + ADDR_BLOCK11: + begin + block11_we = 1; + end + + ADDR_BLOCK12: + begin + block12_we = 1; + end + + ADDR_BLOCK13: + begin + block13_we = 1; + end + + ADDR_BLOCK14: + begin + block14_we = 1; + end + + ADDR_BLOCK15: + begin + block15_we = 1; + end + + ADDR_BLOCK16: + begin + block16_we = 1; + end + + ADDR_BLOCK17: + begin + block17_we = 1; + end + + ADDR_BLOCK18: + begin + block18_we = 1; + end + + ADDR_BLOCK19: + begin + block19_we = 1; + end + + ADDR_BLOCK20: + begin + block20_we = 1; + end + + ADDR_BLOCK21: + begin + block21_we = 1; + end + + ADDR_BLOCK22: + begin + block22_we = 1; + end + + ADDR_BLOCK23: + begin + block23_we = 1; + end + + ADDR_BLOCK24: + begin + block24_we = 1; + end + + ADDR_BLOCK25: + begin + block25_we = 1; + end + + ADDR_BLOCK26: + begin + block26_we = 1; + end + + ADDR_BLOCK27: + begin + block27_we = 1; + end + + ADDR_BLOCK28: + begin + block28_we = 1; + end + + ADDR_BLOCK29: + begin + block29_we = 1; + end + + ADDR_BLOCK30: + begin + block30_we = 1; + end + + ADDR_BLOCK31: + begin + block31_we = 1; + end + + default: + begin + tmp_error = 1; + end + endcase // case (address) + end // if (we) + + else + begin + case (address) + // Read operations. + ADDR_NAME0: + begin + tmp_read_data = CORE_NAME0; + end + + ADDR_NAME1: + begin + tmp_read_data = CORE_NAME1; + end + + ADDR_VERSION: + begin + tmp_read_data = CORE_VERSION; + end + + ADDR_CTRL: + begin + tmp_read_data = {28'h0000000, mode_reg, next_reg, init_reg}; + end + + ADDR_STATUS: + begin + tmp_read_data = {28'h0000000, 2'b00, digest_valid_reg, ready_reg}; + end + + ADDR_BLOCK0: + begin + tmp_read_data = block0_reg; + end + + ADDR_BLOCK1: + begin + tmp_read_data = block1_reg; + end + + ADDR_BLOCK2: + begin + tmp_read_data = block2_reg; + end + + ADDR_BLOCK3: + begin + tmp_read_data = block3_reg; + end + + ADDR_BLOCK4: + begin + tmp_read_data = block4_reg; + end + + ADDR_BLOCK5: + begin + tmp_read_data = block5_reg; + end + + ADDR_BLOCK6: + begin + tmp_read_data = block6_reg; + end + + ADDR_BLOCK7: + begin + tmp_read_data = block7_reg; + end + + ADDR_BLOCK8: + begin + tmp_read_data = block8_reg; + end + + ADDR_BLOCK9: + begin + tmp_read_data = block9_reg; + end + + ADDR_BLOCK10: + begin + tmp_read_data = block10_reg; + end + + ADDR_BLOCK11: + begin + tmp_read_data = block11_reg; + end + + ADDR_BLOCK12: + begin + tmp_read_data = block12_reg; + end + + ADDR_BLOCK13: + begin + tmp_read_data = block13_reg; + end + + ADDR_BLOCK14: + begin + tmp_read_data = block14_reg; + end + + ADDR_BLOCK15: + begin + tmp_read_data = block15_reg; + end + + ADDR_BLOCK16: + begin + tmp_read_data = block16_reg; + end + + ADDR_BLOCK17: + begin + tmp_read_data = block17_reg; + end + + ADDR_BLOCK18: + begin + tmp_read_data = block18_reg; + end + + ADDR_BLOCK19: + begin + tmp_read_data = block19_reg; + end + + ADDR_BLOCK20: + begin + tmp_read_data = block20_reg; + end + + ADDR_BLOCK21: + begin + tmp_read_data = block21_reg; + end + + ADDR_BLOCK22: + begin + tmp_read_data = block22_reg; + end + + ADDR_BLOCK23: + begin + tmp_read_data = block23_reg; + end + + ADDR_BLOCK24: + begin + tmp_read_data = block24_reg; + end + + ADDR_BLOCK25: + begin + tmp_read_data = block25_reg; + end + + ADDR_BLOCK26: + begin + tmp_read_data = block26_reg; + end + + ADDR_BLOCK27: + begin + tmp_read_data = block27_reg; + end + + ADDR_BLOCK28: + begin + tmp_read_data = block28_reg; + end + + ADDR_BLOCK29: + begin + tmp_read_data = block29_reg; + end + + ADDR_BLOCK30: + begin + tmp_read_data = block30_reg; + end + + ADDR_BLOCK31: + begin + tmp_read_data = block31_reg; + end + + ADDR_DIGEST0: + begin + tmp_read_data = digest_reg[511 : 480]; + end + + ADDR_DIGEST1: + begin + tmp_read_data = digest_reg[479 : 448]; + end + + ADDR_DIGEST2: + begin + tmp_read_data = digest_reg[447 : 416]; + end + + ADDR_DIGEST3: + begin + tmp_read_data = digest_reg[415 : 384]; + end + + ADDR_DIGEST4: + begin + tmp_read_data = digest_reg[383 : 352]; + end + + ADDR_DIGEST5: + begin + tmp_read_data = digest_reg[351 : 320]; + end + + ADDR_DIGEST6: + begin + tmp_read_data = digest_reg[319 : 288]; + end + + ADDR_DIGEST7: + begin + tmp_read_data = digest_reg[287 : 256]; + end + + ADDR_DIGEST8: + begin + tmp_read_data = digest_reg[255 : 224]; + end + + ADDR_DIGEST9: + begin + tmp_read_data = digest_reg[223 : 192]; + end + + ADDR_DIGEST10: + begin + tmp_read_data = digest_reg[191 : 160]; + end + + ADDR_DIGEST11: + begin + tmp_read_data = digest_reg[159 : 128]; + end + + ADDR_DIGEST12: + begin + tmp_read_data = digest_reg[127 : 96]; + end + + ADDR_DIGEST13: + begin + tmp_read_data = digest_reg[95 : 64]; + end + + ADDR_DIGEST14: + begin + tmp_read_data = digest_reg[63 : 32]; + end + + ADDR_DIGEST15: + begin + tmp_read_data = digest_reg[31 : 0]; + end + + default: + begin + tmp_error = 1; + end + endcase // case (address) + end + end + end // addr_decoder +endmodule // sha512 + +//====================================================================== +// EOF sha512.v +//====================================================================== diff --git a/src/rtl/sha512_core.v b/src/rtl/sha512_core.v new file mode 100644 index 0000000..c3a2de6 --- /dev/null +++ b/src/rtl/sha512_core.v @@ -0,0 +1,537 @@ +//====================================================================== +// +// sha512_core.v +// ------------- +// Verilog 2001 implementation of the SHA-512 hash function. +// This is the internal core with wide interfaces. +// +// +// Author: Joachim Strombergson +// Copyright (c) 2014, SUNET +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or +// without modification, are permitted provided that the following +// conditions are met: +// +// 1. Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright +// notice, this list of conditions and the following disclaimer in +// the documentation and/or other materials provided with the +// distribution. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +// BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +// CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +// ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +// +//====================================================================== + +module sha512_core( + input wire clk, + input wire reset_n, + + input wire init, + input wire next, + input wire [1 : 0] mode, + + input wire [1023 : 0] block, + + output wire ready, + output wire [511 : 0] digest, + output wire digest_valid + ); + + + //---------------------------------------------------------------- + // Internal constant and parameter definitions. + //---------------------------------------------------------------- + parameter SHA512_ROUNDS = 79; + + parameter CTRL_IDLE = 0; + parameter CTRL_ROUNDS = 1; + parameter CTRL_DONE = 2; + + + //---------------------------------------------------------------- + // Registers including update variables and write enable. + //---------------------------------------------------------------- + reg [63 : 0] a_reg; + reg [63 : 0] a_new; + reg [63 : 0] b_reg; + reg [63 : 0] b_new; + reg [63 : 0] c_reg; + reg [63 : 0] c_new; + reg [63 : 0] d_reg; + reg [63 : 0] d_new; + reg [63 : 0] e_reg; + reg [63 : 0] e_new; + reg [63 : 0] f_reg; + reg [63 : 0] f_new; + reg [63 : 0] g_reg; + reg [63 : 0] g_new; + reg [63 : 0] h_reg; + reg [63 : 0] h_new; + reg a_h_we; + + reg [63 : 0] H0_reg; + reg [63 : 0] H0_new; + reg [63 : 0] H1_reg; + reg [63 : 0] H1_new; + reg [63 : 0] H2_reg; + reg [63 : 0] H2_new; + reg [63 : 0] H3_reg; + reg [63 : 0] H3_new; + reg [63 : 0] H4_reg; + reg [63 : 0] H4_new; + reg [63 : 0] H5_reg; + reg [63 : 0] H5_new; + reg [63 : 0] H6_reg; + reg [63 : 0] H6_new; + reg [63 : 0] H7_reg; + reg [63 : 0] H7_new; + reg H_we; + + reg [6 : 0] t_ctr_reg; + reg [6 : 0] t_ctr_new; + reg t_ctr_we; + reg t_ctr_inc; + reg t_ctr_rst; + + reg digest_valid_reg; + reg digest_valid_new; + reg digest_valid_we; + + reg [1 : 0] sha512_ctrl_reg; + reg [1 : 0] sha512_ctrl_new; + reg sha512_ctrl_we; + + + //---------------------------------------------------------------- + // Wires. + //---------------------------------------------------------------- + reg digest_init; + reg digest_update; + + reg state_init; + reg state_update; + + reg first_block; + + reg ready_flag; + + reg [63 : 0] t1; + reg [63 : 0] t2; + + wire [63 : 0] k_data; + + reg w_init; + reg w_next; + wire [63 : 0] w_data; + + wire [63 : 0] H0_0; + wire [63 : 0] H0_1; + wire [63 : 0] H0_2; + wire [63 : 0] H0_3; + wire [63 : 0] H0_4; + wire [63 : 0] H0_5; + wire [63 : 0] H0_6; + wire [63 : 0] H0_7; + + + //---------------------------------------------------------------- + // Module instantiantions. + //---------------------------------------------------------------- + sha512_k_constants k_constants( + .addr(t_ctr_reg), + .K(k_data) + ); + + + sha512_h_constants h_constants( + .mode(mode), + + .H0(H0_0), + .H1(H0_1), + .H2(H0_2), + .H3(H0_3), + .H4(H0_4), + .H5(H0_5), + .H6(H0_6), + .H7(H0_7) + ); + + + sha512_w_mem w_mem( + .clk(clk), + .reset_n(reset_n), + + .block(block), + + .init(w_init), + .next(w_next), + .w(w_data) + ); + + + //---------------------------------------------------------------- + // Concurrent connectivity for ports etc. + //---------------------------------------------------------------- + assign ready = ready_flag; + + assign digest = {H0_reg, H1_reg, H2_reg, H3_reg, + H4_reg, H5_reg, H6_reg, H7_reg}; + + assign digest_valid = digest_valid_reg; + + + //---------------------------------------------------------------- + // reg_update + // Update functionality for all registers in the core. + // All registers are positive edge triggered with synchronous + // active low reset. All registers have write enable. + //---------------------------------------------------------------- + always @ (posedge clk) + begin : reg_update + if (!reset_n) + begin + a_reg <= 64'h00000000; + b_reg <= 64'h00000000; + c_reg <= 64'h00000000; + d_reg <= 64'h00000000; + e_reg <= 64'h00000000; + f_reg <= 64'h00000000; + g_reg <= 64'h00000000; + h_reg <= 64'h00000000; + H0_reg <= 64'h00000000; + H1_reg <= 64'h00000000; + H2_reg <= 64'h00000000; + H3_reg <= 64'h00000000; + H4_reg <= 64'h00000000; + H5_reg <= 64'h00000000; + H6_reg <= 64'h00000000; + H7_reg <= 64'h00000000; + digest_valid_reg <= 0; + t_ctr_reg <= 7'h00; + sha512_ctrl_reg <= CTRL_IDLE; + end + else + begin + + if (a_h_we) + begin + a_reg <= a_new; + b_reg <= b_new; + c_reg <= c_new; + d_reg <= d_new; + e_reg <= e_new; + f_reg <= f_new; + g_reg <= g_new; + h_reg <= h_new; + end + + if (H_we) + begin + H0_reg <= H0_new; + H1_reg <= H1_new; + H2_reg <= H2_new; + H3_reg <= H3_new; + H4_reg <= H4_new; + H5_reg <= H5_new; + H6_reg <= H6_new; + H7_reg <= H7_new; + end + + if (t_ctr_we) + begin + t_ctr_reg <= t_ctr_new; + end + + if (digest_valid_we) + begin + digest_valid_reg <= digest_valid_new; + end + + if (sha512_ctrl_we) + begin + sha512_ctrl_reg <= sha512_ctrl_new; + end + end + end // reg_update + + + //---------------------------------------------------------------- + // digest_logic + // + // The logic needed to init as well as update the digest. + //---------------------------------------------------------------- + always @* + begin : digest_logic + H0_new = 64'h00000000; + H1_new = 64'h00000000; + H2_new = 64'h00000000; + H3_new = 64'h00000000; + H4_new = 64'h00000000; + H5_new = 64'h00000000; + H6_new = 64'h00000000; + H7_new = 64'h00000000; + H_we = 0; + + if (digest_init) + begin + H0_new = H0_0; + H1_new = H0_1; + H2_new = H0_2; + H3_new = H0_3; + H4_new = H0_4; + H5_new = H0_5; + H6_new = H0_6; + H7_new = H0_7; + H_we = 1; + end + + if (digest_update) + begin + H0_new = H0_reg + a_reg; + H1_new = H1_reg + b_reg; + H2_new = H2_reg + c_reg; + H3_new = H3_reg + d_reg; + H4_new = H4_reg + e_reg; + H5_new = H5_reg + f_reg; + H6_new = H6_reg + g_reg; + H7_new = H7_reg + h_reg; + H_we = 1; + end + end // digest_logic + + + //---------------------------------------------------------------- + // t1_logic + // + // The logic for the T1 function. + //---------------------------------------------------------------- + always @* + begin : t1_logic + reg [63 : 0] sum1; + reg [63 : 0] ch; + + sum1 = {e_reg[13 : 0], e_reg[63 : 14]} ^ + {e_reg[17 : 0], e_reg[63 : 18]} ^ + {e_reg[40 : 0], e_reg[63 : 41]}; + + ch = (e_reg & f_reg) ^ ((~e_reg) & g_reg); + + t1 = h_reg + sum1 + ch + k_data + w_data; + end // t1_logic + + + //---------------------------------------------------------------- + // t2_logic + // + // The logic for the T2 function + //---------------------------------------------------------------- + always @* + begin : t2_logic + reg [63 : 0] sum0; + reg [63 : 0] maj; + + sum0 = {a_reg[27 : 0], a_reg[63 : 28]} ^ + {a_reg[33 : 0], a_reg[63 : 34]} ^ + {a_reg[38 : 0], a_reg[63 : 39]}; + + maj = (a_reg & b_reg) ^ (a_reg & c_reg) ^ (b_reg & c_reg); + + t2 = sum0 + maj; + end // t2_logic + + + //---------------------------------------------------------------- + // state_logic + // + // The logic needed to init as well as update the state during + // round processing. + //---------------------------------------------------------------- + always @* + begin : state_logic + reg [63 : 0] tmp1; + reg [63 : 0] tmp2; + + a_new = 64'h00000000; + b_new = 64'h00000000; + c_new = 64'h00000000; + d_new = 64'h00000000; + e_new = 64'h00000000; + f_new = 64'h00000000; + g_new = 64'h00000000; + h_new = 64'h00000000; + a_h_we = 0; + + if (state_init) + begin + if (first_block) + begin + a_new = H0_0; + b_new = H0_1; + c_new = H0_2; + d_new = H0_3; + e_new = H0_4; + f_new = H0_5; + g_new = H0_6; + h_new = H0_7; + a_h_we = 1; + end + else + begin + a_new = H0_reg; + b_new = H1_reg; + c_new = H2_reg; + d_new = H3_reg; + e_new = H4_reg; + f_new = H5_reg; + g_new = H6_reg; + h_new = H7_reg; + a_h_we = 1; + end + end + + if (state_update) + begin + a_new = t1 + t2; + b_new = a_reg; + c_new = b_reg; + d_new = c_reg; + e_new = d_reg + t1; + f_new = e_reg; + g_new = f_reg; + h_new = g_reg; + a_h_we = 1; + end + end // state_logic + + + //---------------------------------------------------------------- + // t_ctr + // + // Update logic for the round counter, a monotonically + // increasing counter with reset. + //---------------------------------------------------------------- + always @* + begin : t_ctr + t_ctr_new = 7'h00; + t_ctr_we = 0; + + if (t_ctr_rst) + begin + t_ctr_new = 7'h00; + t_ctr_we = 1; + end + + if (t_ctr_inc) + begin + t_ctr_new = t_ctr_reg + 1'b1; + t_ctr_we = 1; + end + end // t_ctr + + + //---------------------------------------------------------------- + // sha512_ctrl_fsm + // + // Logic for the state machine controlling the core behaviour. + //---------------------------------------------------------------- + always @* + begin : sha512_ctrl_fsm + digest_init = 0; + digest_update = 0; + + state_init = 0; + state_update = 0; + + first_block = 0; + ready_flag = 0; + + w_init = 0; + w_next = 0; + + t_ctr_inc = 0; + t_ctr_rst = 0; + + digest_valid_new = 0; + digest_valid_we = 0; + + sha512_ctrl_new = CTRL_IDLE; + sha512_ctrl_we = 0; + + + case (sha512_ctrl_reg) + CTRL_IDLE: + begin + ready_flag = 1; + + if (init) + begin + digest_init = 1; + w_init = 1; + state_init = 1; + first_block = 1; + t_ctr_rst = 1; + digest_valid_new = 0; + digest_valid_we = 1; + sha512_ctrl_new = CTRL_ROUNDS; + sha512_ctrl_we = 1; + end + + if (next) + begin + w_init = 1; + state_init = 1; + t_ctr_rst = 1; + digest_valid_new = 0; + digest_valid_we = 1; + sha512_ctrl_new = CTRL_ROUNDS; + sha512_ctrl_we = 1; + end + end + + + CTRL_ROUNDS: + begin + w_next = 1; + state_update = 1; + t_ctr_inc = 1; + + if (t_ctr_reg == SHA512_ROUNDS) + begin + sha512_ctrl_new = CTRL_DONE; + sha512_ctrl_we = 1; + end + end + + + CTRL_DONE: + begin + digest_update = 1; + digest_valid_new = 1; + digest_valid_we = 1; + + sha512_ctrl_new = CTRL_IDLE; + sha512_ctrl_we = 1; + end + endcase // case (sha512_ctrl_reg) + end // sha512_ctrl_fsm + +endmodule // sha512_core + +//====================================================================== +// EOF sha512_core.v +//====================================================================== diff --git a/src/rtl/sha512_h_constants.v b/src/rtl/sha512_h_constants.v new file mode 100644 index 0000000..3a38712 --- /dev/null +++ b/src/rtl/sha512_h_constants.v @@ -0,0 +1,143 @@ +//====================================================================== +// +// sha512_h_constants.v +// --------------------- +// The H initial constants for the different modes in SHA-512. +// +// +// Author: Joachim Strombergson +// Copyright (c) 2014, SUNET +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or +// without modification, are permitted provided that the following +// conditions are met: +// +// 1. Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright +// notice, this list of conditions and the following disclaimer in +// the documentation and/or other materials provided with the +// distribution. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +// BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +// CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +// ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +// +//====================================================================== + +module sha512_h_constants( + input wire [1 : 0] mode, + + output wire [63 : 0] H0, + output wire [63 : 0] H1, + output wire [63 : 0] H2, + output wire [63 : 0] H3, + output wire [63 : 0] H4, + output wire [63 : 0] H5, + output wire [63 : 0] H6, + output wire [63 : 0] H7 + ); + + //---------------------------------------------------------------- + // Wires. + //---------------------------------------------------------------- + reg [63 : 0] tmp_H0; + reg [63 : 0] tmp_H1; + reg [63 : 0] tmp_H2; + reg [63 : 0] tmp_H3; + reg [63 : 0] tmp_H4; + reg [63 : 0] tmp_H5; + reg [63 : 0] tmp_H6; + reg [63 : 0] tmp_H7; + + + //---------------------------------------------------------------- + // Concurrent connectivity for ports etc. + //---------------------------------------------------------------- + assign H0 = tmp_H0; + assign H1 = tmp_H1; + assign H2 = tmp_H2; + assign H3 = tmp_H3; + assign H4 = tmp_H4; + assign H5 = tmp_H5; + assign H6 = tmp_H6; + assign H7 = tmp_H7; + + + //---------------------------------------------------------------- + // mode_mux + // + // Based on the given mode, the correct H constants are selected. + //---------------------------------------------------------------- + always @* + begin : mode_mux + case(mode) + 0: + begin + // SHA-512/224 + tmp_H0 = 64'h8c3d37c819544da2; + tmp_H1 = 64'h73e1996689dcd4d6; + tmp_H2 = 64'h1dfab7ae32ff9c82; + tmp_H3 = 64'h679dd514582f9fcf; + tmp_H4 = 64'h0f6d2b697bd44da8; + tmp_H5 = 64'h77e36f7304c48942; + tmp_H6 = 64'h3f9d85a86a1d36c8; + tmp_H7 = 64'h1112e6ad91d692a1; + end + + 1: + begin + // SHA-512/256 + tmp_H0 = 64'h22312194fc2bf72c; + tmp_H1 = 64'h9f555fa3c84c64c2; + tmp_H2 = 64'h2393b86b6f53b151; + tmp_H3 = 64'h963877195940eabd; + tmp_H4 = 64'h96283ee2a88effe3; + tmp_H5 = 64'hbe5e1e2553863992; + tmp_H6 = 64'h2b0199fc2c85b8aa; + tmp_H7 = 64'h0eb72ddc81c52ca2; + end + + 2: + begin + // SHA-384 + tmp_H0 = 64'hcbbb9d5dc1059ed8; + tmp_H1 = 64'h629a292a367cd507; + tmp_H2 = 64'h9159015a3070dd17; + tmp_H3 = 64'h152fecd8f70e5939; + tmp_H4 = 64'h67332667ffc00b31; + tmp_H5 = 64'h8eb44a8768581511; + tmp_H6 = 64'hdb0c2e0d64f98fa7; + tmp_H7 = 64'h47b5481dbefa4fa4; + end + + 3: + begin + // SHA-512 + tmp_H0 = 64'h6a09e667f3bcc908; + tmp_H1 = 64'hbb67ae8584caa73b; + tmp_H2 = 64'h3c6ef372fe94f82b; + tmp_H3 = 64'ha54ff53a5f1d36f1; + tmp_H4 = 64'h510e527fade682d1; + tmp_H5 = 64'h9b05688c2b3e6c1f; + tmp_H6 = 64'h1f83d9abfb41bd6b; + tmp_H7 = 64'h5be0cd19137e2179; + end + endcase // case (addr) + end // block: mode_mux +endmodule // sha512_h_constants + +//====================================================================== +// sha512_h_constants.v +//====================================================================== diff --git a/src/rtl/sha512_k_constants.v b/src/rtl/sha512_k_constants.v new file mode 100644 index 0000000..61cfb6d --- /dev/null +++ b/src/rtl/sha512_k_constants.v @@ -0,0 +1,472 @@ +//====================================================================== +// +// sha512_k_constants.v +// -------------------- +// The table K with constants in the SHA-512 hash function. +// +// +// Author: Joachim Strombergson +// Copyright (c) 2014, SUNET +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or +// without modification, are permitted provided that the following +// conditions are met: +// +// 1. Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright +// notice, this list of conditions and the following disclaimer in +// the documentation and/or other materials provided with the +// distribution. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +// BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +// CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +// ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +// +//====================================================================== + +module sha512_k_constants( + input wire [6 : 0] addr, + output wire [63 : 0] K + ); + + //---------------------------------------------------------------- + // Wires. + //---------------------------------------------------------------- + reg [63 : 0] tmp_K; + + + //---------------------------------------------------------------- + // Concurrent connectivity for ports etc. + //---------------------------------------------------------------- + assign K = tmp_K; + + + //---------------------------------------------------------------- + // addr_mux + //---------------------------------------------------------------- + always @* + begin : addr_mux + case(addr) + 0: + begin + tmp_K = 64'h428a2f98d728ae22; + end + + 1: + begin + tmp_K = 64'h7137449123ef65cd; + end + + 2: + begin + tmp_K = 64'hb5c0fbcfec4d3b2f; + end + + 3: + begin + tmp_K = 64'he9b5dba58189dbbc; + end + + 4: + begin + tmp_K = 64'h3956c25bf348b538; + end + + 5: + begin + tmp_K = 64'h59f111f1b605d019; + end + + 6: + begin + tmp_K = 64'h923f82a4af194f9b; + end + + 7: + begin + tmp_K = 64'hab1c5ed5da6d8118; + end + + 8: + begin + tmp_K = 64'hd807aa98a3030242; + end + + 9: + begin + tmp_K = 64'h12835b0145706fbe; + end + + 10: + begin + tmp_K = 64'h243185be4ee4b28c; + end + + 11: + begin + tmp_K = 64'h550c7dc3d5ffb4e2; + end + + 12: + begin + tmp_K = 64'h72be5d74f27b896f; + end + + 13: + begin + tmp_K = 64'h80deb1fe3b1696b1; + end + + 14: + begin + tmp_K = 64'h9bdc06a725c71235; + end + + 15: + begin + tmp_K = 64'hc19bf174cf692694; + end + + 16: + begin + tmp_K = 64'he49b69c19ef14ad2; + end + + 17: + begin + tmp_K = 64'hefbe4786384f25e3; + end + + 18: + begin + tmp_K = 64'h0fc19dc68b8cd5b5; + end + + 19: + begin + tmp_K = 64'h240ca1cc77ac9c65; + end + + 20: + begin + tmp_K = 64'h2de92c6f592b0275; + end + + 21: + begin + tmp_K = 64'h4a7484aa6ea6e483; + end + + 22: + begin + tmp_K = 64'h5cb0a9dcbd41fbd4; + end + + 23: + begin + tmp_K = 64'h76f988da831153b5; + end + + 24: + begin + tmp_K = 64'h983e5152ee66dfab; + end + + 25: + begin + tmp_K = 64'ha831c66d2db43210; + end + + 26: + begin + tmp_K = 64'hb00327c898fb213f; + end + + 27: + begin + tmp_K = 64'hbf597fc7beef0ee4; + end + + 28: + begin + tmp_K = 64'hc6e00bf33da88fc2; + end + + 29: + begin + tmp_K = 64'hd5a79147930aa725; + end + + 30: + begin + tmp_K = 64'h06ca6351e003826f; + end + + 31: + begin + tmp_K = 64'h142929670a0e6e70; + end + + 32: + begin + tmp_K = 64'h27b70a8546d22ffc; + end + + 33: + begin + tmp_K = 64'h2e1b21385c26c926; + end + + 34: + begin + tmp_K = 64'h4d2c6dfc5ac42aed; + end + + 35: + begin + tmp_K = 64'h53380d139d95b3df; + end + + 36: + begin + tmp_K = 64'h650a73548baf63de; + end + + 37: + begin + tmp_K = 64'h766a0abb3c77b2a8; + end + + 38: + begin + tmp_K = 64'h81c2c92e47edaee6; + end + + 39: + begin + tmp_K = 64'h92722c851482353b; + end + + 40: + begin + tmp_K = 64'ha2bfe8a14cf10364; + end + + 41: + begin + tmp_K = 64'ha81a664bbc423001; + end + + 42: + begin + tmp_K = 64'hc24b8b70d0f89791; + end + + 43: + begin + tmp_K = 64'hc76c51a30654be30; + end + + 44: + begin + tmp_K = 64'hd192e819d6ef5218; + end + + 45: + begin + tmp_K = 64'hd69906245565a910; + end + + 46: + begin + tmp_K = 64'hf40e35855771202a; + end + + 47: + begin + tmp_K = 64'h106aa07032bbd1b8; + end + + 48: + begin + tmp_K = 64'h19a4c116b8d2d0c8; + end + + 49: + begin + tmp_K = 64'h1e376c085141ab53; + end + + 50: + begin + tmp_K = 64'h2748774cdf8eeb99; + end + + 51: + begin + tmp_K = 64'h34b0bcb5e19b48a8; + end + + 52: + begin + tmp_K = 64'h391c0cb3c5c95a63; + end + + 53: + begin + tmp_K = 64'h4ed8aa4ae3418acb; + end + + 54: + begin + tmp_K = 64'h5b9cca4f7763e373; + end + + 55: + begin + tmp_K = 64'h682e6ff3d6b2b8a3; + end + + 56: + begin + tmp_K = 64'h748f82ee5defb2fc; + end + + 57: + begin + tmp_K = 64'h78a5636f43172f60; + end + + 58: + begin + tmp_K = 64'h84c87814a1f0ab72; + end + + 59: + begin + tmp_K = 64'h8cc702081a6439ec; + end + + 60: + begin + tmp_K = 64'h90befffa23631e28; + end + + 61: + begin + tmp_K = 64'ha4506cebde82bde9; + end + + 62: + begin + tmp_K = 64'hbef9a3f7b2c67915; + end + + 63: + begin + tmp_K = 64'hc67178f2e372532b; + end + + 64: + begin + tmp_K = 64'hca273eceea26619c; + end + + 65: + begin + tmp_K = 64'hd186b8c721c0c207; + end + + 66: + begin + tmp_K = 64'heada7dd6cde0eb1e; + end + + 67: + begin + tmp_K = 64'hf57d4f7fee6ed178; + end + + 68: + begin + tmp_K = 64'h06f067aa72176fba; + end + + 69: + begin + tmp_K = 64'h0a637dc5a2c898a6; + end + + 70: + begin + tmp_K = 64'h113f9804bef90dae; + end + + 71: + begin + tmp_K = 64'h1b710b35131c471b; + end + + 72: + begin + tmp_K = 64'h28db77f523047d84; + end + + 73: + begin + tmp_K = 64'h32caab7b40c72493; + end + + 74: + begin + tmp_K = 64'h3c9ebe0a15c9bebc; + end + + 75: + begin + tmp_K = 64'h431d67c49c100d4c; + end + + 76: + begin + tmp_K = 64'h4cc5d4becb3e42b6; + end + + 77: + begin + tmp_K = 64'h597f299cfc657e2a; + end + + 78: + begin + tmp_K = 64'h5fcb6fab3ad6faec; + end + + 79: + begin + tmp_K = 64'h6c44198c4a475817; + end + + default: + begin + tmp_K = 64'h0000000000000000; + end + endcase // case (addr) + end // block: addr_mux +endmodule // sha512_k_constants + +//====================================================================== +// sha512_k_constants.v +//====================================================================== diff --git a/src/rtl/sha512_w_mem.v b/src/rtl/sha512_w_mem.v new file mode 100644 index 0000000..57e6d68 --- /dev/null +++ b/src/rtl/sha512_w_mem.v @@ -0,0 +1,346 @@ +//====================================================================== +// +// sha512_w_mem_regs.v +// ------------------- +// The W memory for the SHA-512 core. This version uses 16 +// 32-bit registers as a sliding window to generate the 64 words. +// +// +// Author: Joachim Strombergson +// Copyright (c) 2014 Secworks Sweden AB +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or +// without modification, are permitted provided that the following +// conditions are met: +// +// 1. Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright +// notice, this list of conditions and the following disclaimer in +// the documentation and/or other materials provided with the +// distribution. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +// BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +// CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +// ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +// +//====================================================================== + +module sha512_w_mem( + input wire clk, + input wire reset_n, + + input wire [1023 : 0] block, + + input wire init, + input wire next, + output wire [63 : 0] w + ); + + + //---------------------------------------------------------------- + // Internal constant and parameter definitions. + //---------------------------------------------------------------- + parameter CTRL_IDLE = 1'b0; + parameter CTRL_UPDATE = 1'b1; + + + //---------------------------------------------------------------- + // Registers including update variables and write enable. + //---------------------------------------------------------------- + reg [63 : 0] w_mem [0 : 15]; + reg [63 : 0] w_mem00_new; + reg [63 : 0] w_mem01_new; + reg [63 : 0] w_mem02_new; + reg [63 : 0] w_mem03_new; + reg [63 : 0] w_mem04_new; + reg [63 : 0] w_mem05_new; + reg [63 : 0] w_mem06_new; + reg [63 : 0] w_mem07_new; + reg [63 : 0] w_mem08_new; + reg [63 : 0] w_mem09_new; + reg [63 : 0] w_mem10_new; + reg [63 : 0] w_mem11_new; + reg [63 : 0] w_mem12_new; + reg [63 : 0] w_mem13_new; + reg [63 : 0] w_mem14_new; + reg [63 : 0] w_mem15_new; + reg w_mem_we; + + reg [6 : 0] w_ctr_reg; + reg [6 : 0] w_ctr_new; + reg w_ctr_we; + reg w_ctr_inc; + reg w_ctr_rst; + + reg sha512_w_mem_ctrl_reg; + reg sha512_w_mem_ctrl_new; + reg sha512_w_mem_ctrl_we; + + + //---------------------------------------------------------------- + // Wires. + //---------------------------------------------------------------- + reg [63 : 0] w_tmp; + reg [63 : 0] w_new; + + + //---------------------------------------------------------------- + // Concurrent connectivity for ports etc. + //---------------------------------------------------------------- + assign w = w_tmp; + + + //---------------------------------------------------------------- + // reg_update + // Update functionality for all registers in the core. + // All registers are positive edge triggered with synchronous + // active low reset. All registers have write enable. + //---------------------------------------------------------------- + always @ (posedge clk) + begin : reg_update + if (!reset_n) + begin + w_mem[00] <= 64'h0000000000000000; + w_mem[01] <= 64'h0000000000000000; + w_mem[02] <= 64'h0000000000000000; + w_mem[03] <= 64'h0000000000000000; + w_mem[04] <= 64'h0000000000000000; + w_mem[05] <= 64'h0000000000000000; + w_mem[06] <= 64'h0000000000000000; + w_mem[07] <= 64'h0000000000000000; + w_mem[08] <= 64'h0000000000000000; + w_mem[09] <= 64'h0000000000000000; + w_mem[10] <= 64'h0000000000000000; + w_mem[11] <= 64'h0000000000000000; + w_mem[12] <= 64'h0000000000000000; + w_mem[13] <= 64'h0000000000000000; + w_mem[14] <= 64'h0000000000000000; + w_mem[15] <= 64'h0000000000000000; + w_ctr_reg <= 7'h00; + sha512_w_mem_ctrl_reg <= CTRL_IDLE; + end + else + begin + if (w_mem_we) + begin + w_mem[00] <= w_mem00_new; + w_mem[01] <= w_mem01_new; + w_mem[02] <= w_mem02_new; + w_mem[03] <= w_mem03_new; + w_mem[04] <= w_mem04_new; + w_mem[05] <= w_mem05_new; + w_mem[06] <= w_mem06_new; + w_mem[07] <= w_mem07_new; + w_mem[08] <= w_mem08_new; + w_mem[09] <= w_mem09_new; + w_mem[10] <= w_mem10_new; + w_mem[11] <= w_mem11_new; + w_mem[12] <= w_mem12_new; + w_mem[13] <= w_mem13_new; + w_mem[14] <= w_mem14_new; + w_mem[15] <= w_mem15_new; + end + + if (w_ctr_we) + begin + w_ctr_reg <= w_ctr_new; + end + + if (sha512_w_mem_ctrl_we) + begin + sha512_w_mem_ctrl_reg <= sha512_w_mem_ctrl_new; + end + end + end // reg_update + + + //---------------------------------------------------------------- + // select_w + // + // Mux for the external read operation. This is where we exract + // the W variable. + //---------------------------------------------------------------- + always @* + begin : select_w + if (w_ctr_reg < 16) + begin + w_tmp = w_mem[w_ctr_reg[3 : 0]]; + end + else + begin + w_tmp = w_new; + end + end // select_w + + + //---------------------------------------------------------------- + // w_new_logic + // + // Logic that calculates the next value to be inserted into + // the sliding window of the memory. + //---------------------------------------------------------------- + always @* + begin : w_mem_update_logic + reg [63 : 0] w_0; + reg [63 : 0] w_1; + reg [63 : 0] w_9; + reg [63 : 0] w_14; + reg [63 : 0] d0; + reg [63 : 0] d1; + + w_mem00_new = 64'h0000000000000000; + w_mem01_new = 64'h0000000000000000; + w_mem02_new = 64'h0000000000000000; + w_mem03_new = 64'h0000000000000000; + w_mem04_new = 64'h0000000000000000; + w_mem05_new = 64'h0000000000000000; + w_mem06_new = 64'h0000000000000000; + w_mem07_new = 64'h0000000000000000; + w_mem08_new = 64'h0000000000000000; + w_mem09_new = 64'h0000000000000000; + w_mem10_new = 64'h0000000000000000; + w_mem11_new = 64'h0000000000000000; + w_mem12_new = 64'h0000000000000000; + w_mem13_new = 64'h0000000000000000; + w_mem14_new = 64'h0000000000000000; + w_mem15_new = 64'h0000000000000000; + w_mem_we = 0; + + w_0 = w_mem[0]; + w_1 = w_mem[1]; + w_9 = w_mem[9]; + w_14 = w_mem[14]; + + d0 = {w_1[0], w_1[63 : 1]} ^ // ROTR1 + {w_1[7 : 0], w_1[63 : 8]} ^ // ROTR8 + {7'b0000000, w_1[63 : 7]}; // SHR7 + + d1 = {w_14[18 : 0], w_14[63 : 19]} ^ // ROTR19 + {w_14[60 : 0], w_14[63 : 61]} ^ // ROTR61 + {6'b000000, w_14[63 : 6]}; // SHR6 + + w_new = w_0 + d0 + w_9 + d1; + + if (init) + begin + w_mem00_new = block[1023 : 960]; + w_mem01_new = block[959 : 896]; + w_mem02_new = block[895 : 832]; + w_mem03_new = block[831 : 768]; + w_mem04_new = block[767 : 704]; + w_mem05_new = block[703 : 640]; + w_mem06_new = block[639 : 576]; + w_mem07_new = block[575 : 512]; + w_mem08_new = block[511 : 448]; + w_mem09_new = block[447 : 384]; + w_mem10_new = block[383 : 320]; + w_mem11_new = block[319 : 256]; + w_mem12_new = block[255 : 192]; + w_mem13_new = block[191 : 128]; + w_mem14_new = block[127 : 64]; + w_mem15_new = block[63 : 0]; + w_mem_we = 1; + end + else if (w_ctr_reg > 15) + begin + w_mem00_new = w_mem[01]; + w_mem01_new = w_mem[02]; + w_mem02_new = w_mem[03]; + w_mem03_new = w_mem[04]; + w_mem04_new = w_mem[05]; + w_mem05_new = w_mem[06]; + w_mem06_new = w_mem[07]; + w_mem07_new = w_mem[08]; + w_mem08_new = w_mem[09]; + w_mem09_new = w_mem[10]; + w_mem10_new = w_mem[11]; + w_mem11_new = w_mem[12]; + w_mem12_new = w_mem[13]; + w_mem13_new = w_mem[14]; + w_mem14_new = w_mem[15]; + w_mem15_new = w_new; + w_mem_we = 1; + end + end // w_mem_update_logic + + + //---------------------------------------------------------------- + // w_ctr + // W schedule adress counter. Counts from 0x10 to 0x3f and + // is used to expand the block into words. + //---------------------------------------------------------------- + always @* + begin : w_ctr + w_ctr_new = 0; + w_ctr_we = 0; + + if (w_ctr_rst) + begin + w_ctr_new = 7'h00; + w_ctr_we = 1; + end + + if (w_ctr_inc) + begin + w_ctr_new = w_ctr_reg + 7'h01; + w_ctr_we = 1; + end + end // w_ctr + + + //---------------------------------------------------------------- + // sha512_w_mem_fsm + // Logic for the w shedule FSM. + //---------------------------------------------------------------- + always @* + begin : sha512_w_mem_fsm + w_ctr_rst = 0; + w_ctr_inc = 0; + + sha512_w_mem_ctrl_new = CTRL_IDLE; + sha512_w_mem_ctrl_we = 0; + + case (sha512_w_mem_ctrl_reg) + CTRL_IDLE: + begin + if (init) + begin + w_ctr_rst = 1; + sha512_w_mem_ctrl_new = CTRL_UPDATE; + sha512_w_mem_ctrl_we = 1; + end + end + + CTRL_UPDATE: + begin + if (next) + begin + w_ctr_inc = 1; + end + + if (w_ctr_reg == 6'h3f) + begin + sha512_w_mem_ctrl_new = CTRL_IDLE; + sha512_w_mem_ctrl_we = 1; + end + end + endcase // case (sha512_ctrl_reg) + end // sha512_ctrl_fsm + +endmodule // sha512_w_mem + +//====================================================================== +// sha512_w_mem.v +//====================================================================== |