From 51d57abc29ae9763c9eecf5742eb8f382f057916 Mon Sep 17 00:00:00 2001 From: Paul Selkirk Date: Tue, 11 Sep 2018 19:01:19 -0400 Subject: Track Joachim's latest keywrap core - unroll bank-switched memory into a number of core register blocks. --- aes_keywrap.c | 27 ++++++++------------------- core.c | 1 + verilog_constants.h | 5 ++--- 3 files changed, 11 insertions(+), 22 deletions(-) diff --git a/aes_keywrap.c b/aes_keywrap.c index 8ef018b..a3e223f 100644 --- a/aes_keywrap.c +++ b/aes_keywrap.c @@ -144,8 +144,10 @@ static hal_error_t do_keywrap_core(const hal_core_t *core, uint8_t * const C, co hal_assert(core != NULL && C != NULL && n > 0); - /* The core is limited to 128 banks of 512 bytes/64 blocks */ - if (n == 0 || n > 128 * 64) + /* n is the number of 64-bit (8-byte) blocks in the input. + * KEYWRAP_LEN_R_DATA is the number of 4-byte data registers in the core. + */ + if (n == 0 || n > KEYWRAP_LEN_R_DATA * 2) return HAL_ERROR_BAD_ARGUMENTS; /* write the AIV to A */ @@ -157,16 +159,9 @@ static hal_error_t do_keywrap_core(const hal_core_t *core, uint8_t * const C, co if ((err = hal_io_write(core, KEYWRAP_ADDR_RLEN, (const uint8_t *)&nn, 4)) != HAL_OK) return err; - /* write the data to R_DATA, with bank-switching as necessary */ - for (size_t bank = 0; 64 * bank < n; ++bank) { - uint32_t bb = htonl(bank); - if ((err = hal_io_write(core, KEYWRAP_ADDR_R_BANK, (const uint8_t *)&bb, 4)) != HAL_OK) - return err; - /* R_DATA is 128 32-bit registers, so 64 64-bit blocks or 512 bytes. */ - size_t len = min(n - 64 * bank, 64) * 8; - if ((err = hal_io_write(core, KEYWRAP_ADDR_R_DATA0, (C + 512 * bank + 8), len)) != HAL_OK) + /* write the data to R_DATA */ + if ((err = hal_io_write(core, KEYWRAP_ADDR_R_DATA, C + 8, 8 * n)) != HAL_OK) return err; - } /* start the wrap/unwrap operation, and wait for it to complete */ if ((err = hal_io_next(core)) != HAL_OK || @@ -177,15 +172,9 @@ static hal_error_t do_keywrap_core(const hal_core_t *core, uint8_t * const C, co if ((err = hal_io_read(core, KEYWRAP_ADDR_A0, C, 8)) != HAL_OK) return err; - /* read the data from R_DATA, with bank-switching as necessary */ - for (size_t bank = 0; 64 * bank < n; ++bank) { - uint32_t bb = htonl(bank); - if ((err = hal_io_write(core, KEYWRAP_ADDR_R_BANK, (const uint8_t *)&bb, 4)) != HAL_OK) + /* read the data to R_DATA */ + if ((err = hal_io_read(core, KEYWRAP_ADDR_R_DATA, C + 8, 8 * n)) != HAL_OK) return err; - size_t len = min(n - 64 * bank, 64) * 8; - if ((err = hal_io_read(core, KEYWRAP_ADDR_R_DATA0, (C + 512 * bank + 8), len)) != HAL_OK) - return err; - } return HAL_OK; } diff --git a/core.c b/core.c index e170210..2b5d51a 100644 --- a/core.c +++ b/core.c @@ -101,6 +101,7 @@ static inline hal_core_t *probe_cores(void) { "csprng", 11 * CORE_SIZE }, /* empty slots after csprng */ { "modexps6", 3 * CORE_SIZE }, /* ModexpS6 uses four slots */ { "modexpa7", 7 * CORE_SIZE }, /* ModexpA7 uses eight slots */ + { "key wrap",31 * CORE_SIZE }, /* keywrap uses 32 slots */ }; if (offsetof(hal_core_t, info) != 0) diff --git a/verilog_constants.h b/verilog_constants.h index df808c4..8735b12 100644 --- a/verilog_constants.h +++ b/verilog_constants.h @@ -308,7 +308,6 @@ #define KEYWRAP_CONFIG_KEYLEN (2) #define KEYWRAP_ADDR_RLEN (0x0c) -#define KEYWRAP_ADDR_R_BANK (0x0d) #define KEYWRAP_ADDR_A0 (0x0e) #define KEYWRAP_ADDR_A1 (0x0f) @@ -321,8 +320,8 @@ #define KEYWRAP_ADDR_KEY6 (0x16) #define KEYWRAP_ADDR_KEY7 (0x17) -#define KEYWRAP_ADDR_R_DATA0 (0x80) -#define KEYWRAP_ADDR_R_DATA127 (0xff) +#define KEYWRAP_ADDR_R_DATA (0x1000) +#define KEYWRAP_LEN_R_DATA (0x1000) #endif /* _VERILOG_CONSTANTS_H_ */ -- cgit v1.2.3