diff options
-rw-r--r-- | README.md | 8 | ||||
-rw-r--r-- | src/rtl/trng.v | 170 | ||||
-rw-r--r-- | src/rtl/trng_csprng.v | 9 | ||||
-rw-r--r-- | src/rtl/trng_mixer.v | 9 |
4 files changed, 98 insertions, 98 deletions
@@ -44,7 +44,7 @@ avalance noise from a reversed bias P/N junction as one source and RSSI LSB from a receiver. The reason for having multiple entropy sources is both to provide -reduncancy as well as making it harder for an attacker to affect the +redundancy as well as making it harder for an attacker to affect the entropy collection by forcing the attacker to try and affect different physical processes simultaneously. @@ -90,9 +90,9 @@ a seed. ### Random generation ### -The random generation consists of a cryptographically safe pseudo random -number generator (CSPRNG). The CSPRNG used in the trng is the strea -cipher ChaCHa. +The random generation consists of a cryptographically secure pseudo random +number generator (CSPRNG). The CSPRNG used in the trng is the stream +cipher ChaCha. ChaCha is seeded with: - 512 bits block diff --git a/src/rtl/trng.v b/src/rtl/trng.v index 7a63f50..0e0286e 100644 --- a/src/rtl/trng.v +++ b/src/rtl/trng.v @@ -1,4 +1,4 @@ - //====================================================================== +//====================================================================== // // trng.v // -------- @@ -121,17 +121,18 @@ module trng( //---------------------------------------------------------------- // Wires. //---------------------------------------------------------------- - reg trng_api_cs; - reg trng_api_we; + wire trng_api_cs = cs && (addr_core_num == TRNG_PREFIX); + wire trng_api_we = we; reg [31 : 0] trng_api_read_data; + reg [31 : 0] trng_api_read_data_reg; reg trng_api_error; wire mixer_more_seed; wire [511 : 0] mixer_seed_data; wire mixer_seed_syn; wire mixer_seed_ack; - reg mixer_api_cs; - reg mixer_api_we; + wire mixer_api_cs = cs && (addr_core_num == MIXER_PREFIX); + wire mixer_api_we = we; wire [31 : 0] mixer_api_read_data; wire mixer_api_error; wire mixer_security_error; @@ -140,8 +141,8 @@ module trng( wire csprng_more_seed; wire csprng_seed_ack; - reg csprng_api_cs; - reg csprng_api_we; + wire csprng_api_cs = cs && (addr_core_num == CSPRNG_PREFIX); + wire csprng_api_we = we; wire [31 : 0] csprng_api_read_data; wire csprng_api_error; wire [7 : 0] csprng_debug; @@ -153,33 +154,33 @@ module trng( wire entropy0_entropy_syn; wire entropy0_entropy_ack; - reg entropy1_api_cs; - reg entropy1_api_we; + wire entropy1_api_cs = cs && (addr_core_num == ENTROPY1_PREFIX); + wire entropy1_api_we = we; wire [31 : 0] entropy1_api_read_data; wire entropy1_api_error; wire entropy1_entropy_enabled; wire [31 : 0] entropy1_entropy_data; wire entropy1_entropy_syn; wire entropy1_entropy_ack; - wire entropy1_test_mode; + //wire entropy1_test_mode; wire [7 : 0] entropy1_debug; reg entropy1_debug_update; wire entropy1_security_error; - reg entropy2_api_cs; - reg entropy2_api_we; + wire entropy2_api_cs = cs && (addr_core_num == ENTROPY2_PREFIX); + wire entropy2_api_we = we; wire [31 : 0] entropy2_api_read_data; wire entropy2_api_error; wire entropy2_entropy_enabled; wire [31 : 0] entropy2_entropy_data; wire entropy2_entropy_syn; wire entropy2_entropy_ack; - wire entropy2_test_mode; + //wire entropy2_test_mode; wire [7 : 0] entropy2_debug; reg entropy2_debug_update; wire entropy2_security_error; - reg [7 : 0] api_address; + wire [7 : 0] api_address = addr_core_reg; reg [31 : 0] tmp_read_data; reg tmp_error; reg [7 : 0] tmp_debug; @@ -199,6 +200,13 @@ module trng( assign entropy0_entropy_data = 32'h00000000; + //---------------------------------------------------------------- + // Address Decoder + //---------------------------------------------------------------- + wire [ 5: 0] addr_core_num = address[11: 8]; // upper 4 bits specify core being addressed + wire [ 7: 0] addr_core_reg = address[7: 0]; // lower 8 bits specify register offset in core + + //---------------------------------------------------------------- // core instantiations. //---------------------------------------------------------------- @@ -319,6 +327,56 @@ module trng( //---------------------------------------------------------------- + // core_mux + // + // This is a simple decoder that looks at the top 4 bits of + // the given api address and selects which of the sub modules + // or the top level mux that gets to handle any API + // operations. + //---------------------------------------------------------------- + always @* + begin : core_mux + case (address[11 : 8]) + TRNG_PREFIX: + begin + tmp_read_data = trng_api_read_data_reg; + tmp_error = trng_api_error; + end + + ENTROPY1_PREFIX: + begin + tmp_read_data = entropy1_api_read_data; + tmp_error = entropy1_api_error; + end + + ENTROPY2_PREFIX: + begin + tmp_read_data = entropy2_api_read_data; + tmp_error = entropy2_api_error; + end + + MIXER_PREFIX: + begin + tmp_read_data = mixer_api_read_data; + tmp_error = mixer_api_error; + end + + CSPRNG_PREFIX: + begin + tmp_read_data = csprng_api_read_data; + tmp_error = csprng_api_error; + end + + default: + begin + tmp_read_data = {32{1'b0}}; + tmp_error = 0; + end + endcase // case (address[11 : 8]) + end // core_mux + + + //---------------------------------------------------------------- // reg_update // // Update functionality for all registers in the core. @@ -433,84 +491,6 @@ module trng( //---------------------------------------------------------------- - // api_mux - // - // This is a simple decoder that looks at the top 4 bits of - // the given api address and selects which of the sub modules - // or the top level mux that gets to handle any API - // operations. - //---------------------------------------------------------------- - always @* - begin : api_mux - trng_api_cs = 0; - trng_api_we = 0; - - entropy1_api_cs = 0; - entropy1_api_we = 0; - - entropy2_api_cs = 0; - entropy2_api_we = 0; - - mixer_api_cs = 0; - mixer_api_we = 0; - - csprng_api_cs = 0; - csprng_api_we = 0; - - api_address = address[7 : 0]; - tmp_read_data = 32'h00000000; - tmp_error = 0; - - case (address[11 : 8]) - TRNG_PREFIX: - begin - trng_api_cs = cs; - trng_api_we = we; - tmp_read_data = trng_api_read_data; - tmp_error = trng_api_error; - end - - ENTROPY1_PREFIX: - begin - entropy1_api_cs = cs; - entropy1_api_we = we; - tmp_read_data = entropy1_api_read_data; - tmp_error = entropy1_api_error; - end - - ENTROPY2_PREFIX: - begin - entropy2_api_cs = cs; - entropy2_api_we = we; - tmp_read_data = entropy2_api_read_data; - tmp_error = entropy2_api_error; - end - - MIXER_PREFIX: - begin - mixer_api_cs = cs; - mixer_api_we = we; - tmp_read_data = mixer_api_read_data; - tmp_error = mixer_api_error; - end - - CSPRNG_PREFIX: - begin - csprng_api_cs = cs; - csprng_api_we = we; - tmp_read_data = csprng_api_read_data; - tmp_error = csprng_api_error; - end - - default: - begin - - end - endcase // case (address[11 : 8]) - end // api_mux - - - //---------------------------------------------------------------- // trng_api_logic // // Implementation of the top level api logic. @@ -607,6 +587,12 @@ module trng( end end end // trng_api_logic + + always @(posedge clk) + begin + trng_api_read_data_reg <= trng_api_read_data; + end + endmodule // trng //====================================================================== diff --git a/src/rtl/trng_csprng.v b/src/rtl/trng_csprng.v index f985be4..0797208 100644 --- a/src/rtl/trng_csprng.v +++ b/src/rtl/trng_csprng.v @@ -160,6 +160,7 @@ module trng_csprng( // Wires. //---------------------------------------------------------------- reg [31 : 0] tmp_read_data; + reg [31 : 0] tmp_read_data_reg; reg tmp_error; reg cipher_init; @@ -184,7 +185,7 @@ module trng_csprng( //---------------------------------------------------------------- // Concurrent connectivity for ports etc. //---------------------------------------------------------------- - assign read_data = tmp_read_data; + assign read_data = tmp_read_data_reg; assign error = tmp_error; assign seed_ack = seed_ack_reg; assign more_seed = more_seed_reg; @@ -430,6 +431,12 @@ module trng_csprng( end end // cspng_api_logic + // register data for eim output + always @(posedge clk) + begin + tmp_read_data_reg <= tmp_read_data; + end + //---------------------------------------------------------------- // block_ctr diff --git a/src/rtl/trng_mixer.v b/src/rtl/trng_mixer.v index de57fe0..edcc734 100644 --- a/src/rtl/trng_mixer.v +++ b/src/rtl/trng_mixer.v @@ -240,13 +240,14 @@ module trng_mixer( reg tmp_entropy2_ack; reg [31 : 0] tmp_read_data; + reg [31 : 0] tmp_read_data_reg; reg tmp_error; //---------------------------------------------------------------- // Concurrent connectivity for ports etc. //---------------------------------------------------------------- - assign read_data = tmp_read_data; + assign read_data = tmp_read_data_reg; assign error = tmp_error; assign security_error = 0; @@ -626,6 +627,12 @@ module trng_mixer( end end // mixer_api_logic + // register data for eim output + always @(posedge clk) + begin + tmp_read_data_reg <= tmp_read_data; + end + //---------------------------------------------------------------- // entropy_collect_ctrl |