From edb6018262d33f016bef7f7f740f1c7fac8db7b5 Mon Sep 17 00:00:00 2001 From: Paul Selkirk Date: Tue, 28 Apr 2020 12:06:29 -0400 Subject: Finally got integrate_mkmif working. Wired up mkey_key to allow the user to specify which key to use (MKM or user-provided key). Wired up mkm_wr_status so we can actually write the status word to MKM. Removed the reset initialization of mkmif_core, since that has its own auto-initialization. I might want to remove init as an input to keywrap_mkmif. Fixed a FSM state-transition write-enable, so it would actually transition states. Changed a 3-bit counter to 4 bits, so it can actually count to 8. And removed several bits of non-functional junk. --- src/rtl/keywrap.v | 91 ++++++++++++++++++++++++++++--------------------------- 1 file changed, 47 insertions(+), 44 deletions(-) (limited to 'src/rtl/keywrap.v') diff --git a/src/rtl/keywrap.v b/src/rtl/keywrap.v index 2e9a7f6..8632918 100644 --- a/src/rtl/keywrap.v +++ b/src/rtl/keywrap.v @@ -17,8 +17,9 @@ // // // Author: Joachim Strombergson -// Copyright (c) 2018, NORDUnet A/S -// All rights reserved. +// Copyright (c) 2018, NORDUnet A/S All rights reserved. +// Copyright: 2020, The Commons Conservancy Cryptech Project +// SPDX-License-Identifier: BSD-3-Clause // // Redistribution and use in source and binary forms, with or without // modification, are permitted provided that the following conditions are @@ -88,6 +89,7 @@ module keywrap #(parameter ADDR_BITS = 12) localparam CONFIG_ENCDEC_BIT = 0; localparam CONFIG_KEYLEN_BIT = 1; localparam CONFIG_MKS_BIT = 2; + localparam CONFIG_MKK_BIT = 3; localparam ADDR_RLEN = 8'h0c; localparam ADDR_A0 = 8'h0e; @@ -106,7 +108,7 @@ module keywrap #(parameter ADDR_BITS = 12) localparam CORE_NAME0 = 32'h6b657920; // "key " localparam CORE_NAME1 = 32'h77726170; // "wrap" - localparam CORE_VERSION = 32'h302e3830; // "0.80" + localparam CORE_VERSION = 32'h302e3930; // "0.90" localparam MEM_BITS = ADDR_BITS - 1; localparam RLEN_BITS = ADDR_BITS - 2; @@ -115,7 +117,7 @@ module keywrap #(parameter ADDR_BITS = 12) // If set to one, will allow read access to key memory. // Should be set to zero in all production FPGA bitstreams. - localparam DEBUG_MKM_READ = 1'h1; + localparam DEBUG_MKM_READ = 1'h0; //---------------------------------------------------------------- @@ -134,7 +136,7 @@ module keywrap #(parameter ADDR_BITS = 12) reg write_new; reg mkey_mstatus_reg; - reg mkey_mstatus_new; + reg mkey_userkey_reg; reg encdec_reg; reg keylen_reg; @@ -212,6 +214,7 @@ module keywrap #(parameter ADDR_BITS = 12) .read(read_reg), .write(write_reg), .mkey_mstatus(mkey_mstatus_reg), + .mkey_key(mkey_userkey_reg), .encdec(encdec_reg), .ready(core_ready), @@ -252,6 +255,7 @@ module keywrap #(parameter ADDR_BITS = 12) read_reg <= 1'h0; write_reg <= 1'h0; mkey_mstatus_reg <= 1'h0; + mkey_userkey_reg <= 1'h0; encdec_reg <= 1'h0; keylen_reg <= 1'h0; mstatus_reg <= 32'h0; @@ -270,11 +274,11 @@ module keywrap #(parameter ADDR_BITS = 12) next_reg <= next_new; read_reg <= read_new; write_reg <= write_new; - mkey_mstatus_reg <= mkey_mstatus_new; api_rd_delay_reg <= api_rd_delay_new; if (config_we) begin + mkey_userkey_reg <= write_data[CONFIG_MKK_BIT]; mkey_mstatus_reg <= write_data[CONFIG_MKS_BIT]; encdec_reg <= write_data[CONFIG_ENCDEC_BIT]; keylen_reg <= write_data[CONFIG_KEYLEN_BIT]; @@ -321,48 +325,44 @@ module keywrap #(parameter ADDR_BITS = 12) api_rd_delay_new = 32'h0; // api_mux - if (core_ready) - if (address[(ADDR_BITS - 1)]) - tmp_read_data = core_api_rd_data; - else - tmp_read_data = api_rd_delay_reg; + if (address[(ADDR_BITS - 1)]) + tmp_read_data = core_api_rd_data; + else + tmp_read_data = api_rd_delay_reg; if (cs) begin if (we) begin - if (core_ready) - begin - if (address == {{PAD{1'h0}}, ADDR_CTRL}) - begin - init_new = write_data[CTRL_INIT_BIT]; - next_new = write_data[CTRL_NEXT_BIT]; - read_new = write_data[CTRL_READ_BIT]; - write_new = write_data[CTRL_WRITE_BIT]; - end - - if (address == {{PAD{1'h0}}, ADDR_CONFIG}) - config_we = 1'h1; - - if (address == {{PAD{1'h0}}, ADDR_RLEN}) - rlen_we = 1'h1; - - if (address == {{PAD{1'h0}}, ADDR_A0}) - a0_we = 1'h1; - - if (address == {{PAD{1'h0}}, ADDR_A1}) - a1_we = 1'h1; - - if (address == {{PAD{1'h0}}, ADDR_MSTATUS}) - mstatus_we = 1'h1; - - if ((address >= {{PAD{1'h0}}, ADDR_KEY0}) && - (address <= {{PAD{1'h0}}, ADDR_KEY7})) - key_we = 1'h1; - - if (address[(ADDR_BITS - 1)]) - core_api_we = 1'h1; - end + if (address == {{PAD{1'h0}}, ADDR_CTRL}) + begin + init_new = write_data[CTRL_INIT_BIT]; + next_new = write_data[CTRL_NEXT_BIT]; + read_new = write_data[CTRL_READ_BIT]; + write_new = write_data[CTRL_WRITE_BIT]; + end + + if (address == {{PAD{1'h0}}, ADDR_CONFIG}) + config_we = 1'h1; + + if (address == {{PAD{1'h0}}, ADDR_RLEN}) + rlen_we = 1'h1; + + if (address == {{PAD{1'h0}}, ADDR_A0}) + a0_we = 1'h1; + + if (address == {{PAD{1'h0}}, ADDR_A1}) + a1_we = 1'h1; + + if (address == {{PAD{1'h0}}, ADDR_MSTATUS}) + mstatus_we = 1'h1; + + if ((address >= {{PAD{1'h0}}, ADDR_KEY0}) && + (address <= {{PAD{1'h0}}, ADDR_KEY7})) + key_we = 1'h1; + + if (address[(ADDR_BITS - 1)]) + core_api_we = 1'h1; end // if (we) else begin @@ -377,7 +377,10 @@ module keywrap #(parameter ADDR_BITS = 12) api_rd_delay_new = CORE_VERSION; if (address == {{PAD{1'h0}}, ADDR_CTRL}) - api_rd_delay_new = {26'h0, keylen_reg, encdec_reg, write_reg, read_reg, next_reg, init_reg}; + api_rd_delay_new = {28'h0, write_reg, read_reg, next_reg, init_reg}; + + if (address == {{PAD{1'h0}}, ADDR_CONFIG}) + api_rd_delay_new = {28'h0, mkey_userkey_reg, mkey_mstatus_reg, keylen_reg, encdec_reg}; if (address == {{PAD{1'h0}}, ADDR_STATUS}) api_rd_delay_new = {30'h0, valid_reg, ready_reg}; -- cgit v1.2.3