From edb6018262d33f016bef7f7f740f1c7fac8db7b5 Mon Sep 17 00:00:00 2001 From: Paul Selkirk Date: Tue, 28 Apr 2020 12:06:29 -0400 Subject: Finally got integrate_mkmif working. Wired up mkey_key to allow the user to specify which key to use (MKM or user-provided key). Wired up mkm_wr_status so we can actually write the status word to MKM. Removed the reset initialization of mkmif_core, since that has its own auto-initialization. I might want to remove init as an input to keywrap_mkmif. Fixed a FSM state-transition write-enable, so it would actually transition states. Changed a 3-bit counter to 4 bits, so it can actually count to 8. And removed several bits of non-functional junk. --- src/rtl/keywrap.v | 91 +++++++++++++++++++++++++------------------------ src/rtl/keywrap_core.v | 23 +++++-------- src/rtl/keywrap_mkmif.v | 26 ++++++-------- 3 files changed, 67 insertions(+), 73 deletions(-) diff --git a/src/rtl/keywrap.v b/src/rtl/keywrap.v index 2e9a7f6..8632918 100644 --- a/src/rtl/keywrap.v +++ b/src/rtl/keywrap.v @@ -17,8 +17,9 @@ // // // Author: Joachim Strombergson -// Copyright (c) 2018, NORDUnet A/S -// All rights reserved. +// Copyright (c) 2018, NORDUnet A/S All rights reserved. +// Copyright: 2020, The Commons Conservancy Cryptech Project +// SPDX-License-Identifier: BSD-3-Clause // // Redistribution and use in source and binary forms, with or without // modification, are permitted provided that the following conditions are @@ -88,6 +89,7 @@ module keywrap #(parameter ADDR_BITS = 12) localparam CONFIG_ENCDEC_BIT = 0; localparam CONFIG_KEYLEN_BIT = 1; localparam CONFIG_MKS_BIT = 2; + localparam CONFIG_MKK_BIT = 3; localparam ADDR_RLEN = 8'h0c; localparam ADDR_A0 = 8'h0e; @@ -106,7 +108,7 @@ module keywrap #(parameter ADDR_BITS = 12) localparam CORE_NAME0 = 32'h6b657920; // "key " localparam CORE_NAME1 = 32'h77726170; // "wrap" - localparam CORE_VERSION = 32'h302e3830; // "0.80" + localparam CORE_VERSION = 32'h302e3930; // "0.90" localparam MEM_BITS = ADDR_BITS - 1; localparam RLEN_BITS = ADDR_BITS - 2; @@ -115,7 +117,7 @@ module keywrap #(parameter ADDR_BITS = 12) // If set to one, will allow read access to key memory. // Should be set to zero in all production FPGA bitstreams. - localparam DEBUG_MKM_READ = 1'h1; + localparam DEBUG_MKM_READ = 1'h0; //---------------------------------------------------------------- @@ -134,7 +136,7 @@ module keywrap #(parameter ADDR_BITS = 12) reg write_new; reg mkey_mstatus_reg; - reg mkey_mstatus_new; + reg mkey_userkey_reg; reg encdec_reg; reg keylen_reg; @@ -212,6 +214,7 @@ module keywrap #(parameter ADDR_BITS = 12) .read(read_reg), .write(write_reg), .mkey_mstatus(mkey_mstatus_reg), + .mkey_key(mkey_userkey_reg), .encdec(encdec_reg), .ready(core_ready), @@ -252,6 +255,7 @@ module keywrap #(parameter ADDR_BITS = 12) read_reg <= 1'h0; write_reg <= 1'h0; mkey_mstatus_reg <= 1'h0; + mkey_userkey_reg <= 1'h0; encdec_reg <= 1'h0; keylen_reg <= 1'h0; mstatus_reg <= 32'h0; @@ -270,11 +274,11 @@ module keywrap #(parameter ADDR_BITS = 12) next_reg <= next_new; read_reg <= read_new; write_reg <= write_new; - mkey_mstatus_reg <= mkey_mstatus_new; api_rd_delay_reg <= api_rd_delay_new; if (config_we) begin + mkey_userkey_reg <= write_data[CONFIG_MKK_BIT]; mkey_mstatus_reg <= write_data[CONFIG_MKS_BIT]; encdec_reg <= write_data[CONFIG_ENCDEC_BIT]; keylen_reg <= write_data[CONFIG_KEYLEN_BIT]; @@ -321,48 +325,44 @@ module keywrap #(parameter ADDR_BITS = 12) api_rd_delay_new = 32'h0; // api_mux - if (core_ready) - if (address[(ADDR_BITS - 1)]) - tmp_read_data = core_api_rd_data; - else - tmp_read_data = api_rd_delay_reg; + if (address[(ADDR_BITS - 1)]) + tmp_read_data = core_api_rd_data; + else + tmp_read_data = api_rd_delay_reg; if (cs) begin if (we) begin - if (core_ready) - begin - if (address == {{PAD{1'h0}}, ADDR_CTRL}) - begin - init_new = write_data[CTRL_INIT_BIT]; - next_new = write_data[CTRL_NEXT_BIT]; - read_new = write_data[CTRL_READ_BIT]; - write_new = write_data[CTRL_WRITE_BIT]; - end - - if (address == {{PAD{1'h0}}, ADDR_CONFIG}) - config_we = 1'h1; - - if (address == {{PAD{1'h0}}, ADDR_RLEN}) - rlen_we = 1'h1; - - if (address == {{PAD{1'h0}}, ADDR_A0}) - a0_we = 1'h1; - - if (address == {{PAD{1'h0}}, ADDR_A1}) - a1_we = 1'h1; - - if (address == {{PAD{1'h0}}, ADDR_MSTATUS}) - mstatus_we = 1'h1; - - if ((address >= {{PAD{1'h0}}, ADDR_KEY0}) && - (address <= {{PAD{1'h0}}, ADDR_KEY7})) - key_we = 1'h1; - - if (address[(ADDR_BITS - 1)]) - core_api_we = 1'h1; - end + if (address == {{PAD{1'h0}}, ADDR_CTRL}) + begin + init_new = write_data[CTRL_INIT_BIT]; + next_new = write_data[CTRL_NEXT_BIT]; + read_new = write_data[CTRL_READ_BIT]; + write_new = write_data[CTRL_WRITE_BIT]; + end + + if (address == {{PAD{1'h0}}, ADDR_CONFIG}) + config_we = 1'h1; + + if (address == {{PAD{1'h0}}, ADDR_RLEN}) + rlen_we = 1'h1; + + if (address == {{PAD{1'h0}}, ADDR_A0}) + a0_we = 1'h1; + + if (address == {{PAD{1'h0}}, ADDR_A1}) + a1_we = 1'h1; + + if (address == {{PAD{1'h0}}, ADDR_MSTATUS}) + mstatus_we = 1'h1; + + if ((address >= {{PAD{1'h0}}, ADDR_KEY0}) && + (address <= {{PAD{1'h0}}, ADDR_KEY7})) + key_we = 1'h1; + + if (address[(ADDR_BITS - 1)]) + core_api_we = 1'h1; end // if (we) else begin @@ -377,7 +377,10 @@ module keywrap #(parameter ADDR_BITS = 12) api_rd_delay_new = CORE_VERSION; if (address == {{PAD{1'h0}}, ADDR_CTRL}) - api_rd_delay_new = {26'h0, keylen_reg, encdec_reg, write_reg, read_reg, next_reg, init_reg}; + api_rd_delay_new = {28'h0, write_reg, read_reg, next_reg, init_reg}; + + if (address == {{PAD{1'h0}}, ADDR_CONFIG}) + api_rd_delay_new = {28'h0, mkey_userkey_reg, mkey_mstatus_reg, keylen_reg, encdec_reg}; if (address == {{PAD{1'h0}}, ADDR_STATUS}) api_rd_delay_new = {30'h0, valid_reg, ready_reg}; diff --git a/src/rtl/keywrap_core.v b/src/rtl/keywrap_core.v index 3abe93c..644e0d0 100644 --- a/src/rtl/keywrap_core.v +++ b/src/rtl/keywrap_core.v @@ -8,8 +8,9 @@ // // // Author: Joachim Strombergson -// Copyright (c) 2018, NORDUnet A/S -// All rights reserved. +// Copyright (c) 2018, NORDUnet A/S All rights reserved. +// Copyright: 2020, The Commons Conservancy Cryptech Project +// SPDX-License-Identifier: BSD-3-Clause // // Redistribution and use in source and binary forms, with or without // modification, are permitted provided that the following conditions are @@ -133,7 +134,6 @@ module keywrap_core #(parameter MEM_BITS = 11) reg [3 : 0] keywrap_core_ctrl_new; reg keywrap_core_ctrl_we; - //---------------------------------------------------------------- // Wires. //---------------------------------------------------------------- @@ -152,7 +152,6 @@ module keywrap_core #(parameter MEM_BITS = 11) reg [63 : 0] core_wr_data; wire [63 : 0] core_rd_data; - reg mkm_init; reg mkm_read; reg mkm_write; reg mkm_key_status; @@ -209,7 +208,7 @@ module keywrap_core #(parameter MEM_BITS = 11) .mkm_spi_do(mkm_spi_do), .mkm_spi_di(mkm_spi_di), - .init(mkm_init), + .init(0), .read(mkm_read), .write(mkm_write), .key_status(mkey_mstatus), @@ -230,7 +229,7 @@ module keywrap_core #(parameter MEM_BITS = 11) assign valid = valid_reg; assign mkey = mkm_rd_key; assign mstatus = mkm_rd_status; - + assign mkm_wr_status = status; //---------------------------------------------------------------- // reg_update @@ -242,7 +241,7 @@ module keywrap_core #(parameter MEM_BITS = 11) if (!reset_n) begin a_reg <= 64'h0; - ready_reg <= 1'h1; + ready_reg <= 1'h0; valid_reg <= 1'h0; block_ctr_reg <= {(MEM_BITS - 1){1'h0}}; iteration_ctr_reg <= 3'h0; @@ -388,9 +387,9 @@ module keywrap_core #(parameter MEM_BITS = 11) always @* begin if (mkey_key) - aes_key = mkm_rd_key; - else aes_key = key; + else + aes_key = mkm_rd_key; end @@ -407,7 +406,6 @@ module keywrap_core #(parameter MEM_BITS = 11) update_state = 1'h0; aes_init = 1'h0; aes_next = 1'h0; - mkm_init = 1'h0; mkm_read = 1'h0; mkm_write = 1'h0; block_ctr_dec = 1'h0; @@ -422,15 +420,13 @@ module keywrap_core #(parameter MEM_BITS = 11) keywrap_core_ctrl_new = CTRL_IDLE; keywrap_core_ctrl_we = 1'h0; - case (keywrap_core_ctrl_reg) CTRL_RESET: begin - mkm_init = 1'h1; ready_new = 1'h0; ready_we = 1'h1; keywrap_core_ctrl_new = CTRL_MKM_WAIT; - keywrap_core_ctrl_we = 1'h0; + keywrap_core_ctrl_we = 1'h1; end @@ -466,7 +462,6 @@ module keywrap_core #(parameter MEM_BITS = 11) mkm_read = 1'h1; ready_new = 1'h0; ready_we = 1'h1; - mkm_read = 1'h1; keywrap_core_ctrl_new = CTRL_MKM_WAIT; keywrap_core_ctrl_we = 1'h1; end diff --git a/src/rtl/keywrap_mkmif.v b/src/rtl/keywrap_mkmif.v index d73c5bd..d8aefb6 100644 --- a/src/rtl/keywrap_mkmif.v +++ b/src/rtl/keywrap_mkmif.v @@ -7,8 +7,9 @@ // // // Author: Joachim Strombergson -// Copyright (c) 2018, NORDUnet A/S -// All rights reserved. +// Copyright (c) 2018, NORDUnet A/S All rights reserved. +// Copyright: 2020, The Commons Conservancy Cryptech Project +// SPDX-License-Identifier: BSD-3-Clause // // Redistribution and use in source and binary forms, with or without // modification, are permitted provided that the following conditions are @@ -87,8 +88,8 @@ module keywrap_mkmif ( reg [31 : 0] key_reg [0 : 7]; reg key_we; - reg [2 : 0] key_word_ctr_reg; - reg [2 : 0] key_word_ctr_new; + reg [3 : 0] key_word_ctr_reg; + reg [3 : 0] key_word_ctr_new; reg key_word_ctr_we; reg key_word_ctr_rst; reg key_word_ctr_inc; @@ -127,7 +128,6 @@ module keywrap_mkmif ( wire mkm_ready; wire mkm_valid; reg [15 : 0] mkm_addr; - reg [31 : 0] mkm_write_data; wire [31 : 0] mkm_read_data; @@ -144,7 +144,7 @@ module keywrap_mkmif ( .spi_di(mkm_spi_di), .init_op(init_op_reg), - .read_op(read_op_reh), + .read_op(read_op_reg), .write_op(write_op_reg), .ready(mkm_ready), @@ -180,15 +180,15 @@ module keywrap_mkmif ( for (i = 0 ; i < 8 ; i = i + 1) key_reg[i] <= 32'h0; - ready_reg <= 1'h1; + ready_reg <= 1'h0; status_reg <= 32'h0; mkm_addr_reg <= 16'h0; mkm_write_data_reg <= 32'h0; - key_word_ctr_reg <= 3'h0; + key_word_ctr_reg <= 4'h0; init_op_reg <= 1'h0; read_op_reg <= 1'h0; write_op_reg <= 1'h0; - keywrap_mkmif_ctrl_reg <= CTRL_IDLE; + keywrap_mkmif_ctrl_reg <= CTRL_INIT; end else @@ -226,12 +226,12 @@ module keywrap_mkmif ( //---------------------------------------------------------------- always @* begin : key_word_ctr - key_word_ctr_new = 3'h0; + key_word_ctr_new = 4'h0; key_word_ctr_we = 1'h0; if (key_word_ctr_rst) begin - key_word_ctr_new = 3'h0; + key_word_ctr_new = 4'h0; key_word_ctr_we = 1'h1; end @@ -335,10 +335,6 @@ module keywrap_mkmif ( CTRL_READ_STATUS_WAIT: begin - ready_new = 1'h1; - ready_we = 1'h1; - keywrap_mkmif_ctrl_new = CTRL_IDLE; - keywrap_mkmif_ctrl_we = 1'h1; if (mkm_ready) begin status_we = 1'h1; -- cgit v1.2.3