From 13b8166c8989b5e83b0c998279c60c17bf46e890 Mon Sep 17 00:00:00 2001 From: Paul Selkirk Date: Thu, 5 Feb 2015 15:31:33 -0500 Subject: add all SHA cores (hello coretest_hashes) --- rtl/build/.gitignore | 52 +++++++ rtl/build/Makefile | 32 ++++ rtl/build/novena_baseline_top.bmm | 0 rtl/build/novena_baseline_top.ucf | 1 + rtl/build/xilinx.mk | 176 ++++++++++++++++++++++ rtl/build/xilinx.opt | 42 ++++++ rtl/iseconfig/novena_baseline.xise | 102 +++++++++---- rtl/src/verilog/core_selector.v | 296 ++++++++++++++++++++++-------------- sw/test-sha256/hash_tester.c | 299 ++++++++++++++++++++++++++++++++++++- 9 files changed, 856 insertions(+), 144 deletions(-) create mode 100644 rtl/build/.gitignore create mode 100644 rtl/build/Makefile create mode 100644 rtl/build/novena_baseline_top.bmm create mode 120000 rtl/build/novena_baseline_top.ucf create mode 100644 rtl/build/xilinx.mk create mode 100644 rtl/build/xilinx.opt diff --git a/rtl/build/.gitignore b/rtl/build/.gitignore new file mode 100644 index 0000000..e60e316 --- /dev/null +++ b/rtl/build/.gitignore @@ -0,0 +1,52 @@ +*.xrpt +_xmsgs +default.xreport +netlist.lst +novena_baseline_top.bgn +novena_baseline_top.bit +novena_baseline_top.bld +novena_baseline_top.cfi +novena_baseline_top.drc +novena_baseline_top.lso +novena_baseline_top.lso +novena_baseline_top.map +novena_baseline_top.mcs +novena_baseline_top.mrp +novena_baseline_top.ncd +novena_baseline_top.ngc +novena_baseline_top.ngd +novena_baseline_top.ngm +novena_baseline_top.pcf +novena_baseline_top.post_map.twr +novena_baseline_top.post_map.twx +novena_baseline_top.prj +novena_baseline_top.prm +novena_baseline_top.psr +novena_baseline_top.scr +novena_baseline_top.srp +novena_baseline_top.twr +novena_baseline_top.twx +novena_baseline_top_bd.bmm +novena_baseline_top_bitgen.xwb +novena_baseline_top_bitgen.xwbt +novena_baseline_top_err.twr +novena_baseline_top_err.twx +novena_baseline_top_par.grf +novena_baseline_top_par.ncd +novena_baseline_top_par.pad +novena_baseline_top_par.par +novena_baseline_top_par.ptwx +novena_baseline_top_par.unroutes +novena_baseline_top_par.xpi +novena_baseline_top_par_pad.csv +novena_baseline_top_par_pad.txt +novena_baseline_top_summary.xml +novena_baseline_top_usage.xml +par_usage_statistics.html +smartguide.ncd +smartpreview.twr +smartpreview.twr +usage_statistics_webtalk.html +webtalk.log +xlnx_auto* +xst diff --git a/rtl/build/Makefile b/rtl/build/Makefile new file mode 100644 index 0000000..ec03197 --- /dev/null +++ b/rtl/build/Makefile @@ -0,0 +1,32 @@ +project = novena_baseline_top +vendor = xilinx +family = spartan6 +part = xc6slx45csg324-3 +top_module = novena_baseline_top +isedir = /opt/Xilinx/14.7/ISE_DS +xil_env = . $(isedir)/settings64.sh + +vfiles = \ + ../src/verilog/novena_baseline_top.v \ + ../src/verilog/novena_clkmgr.v \ + ../src/verilog/cdc_bus_pulse.v \ + ../src/verilog/eim_arbiter.v \ + ../src/verilog/eim_da_phy.v \ + ../src/verilog/eim_arbiter_cdc.v \ + ../src/verilog/core_selector.v \ + ../src/verilog/eim_indicator.v \ + ../src/ipcore/clkmgr_dcm.v \ + ../../../../core/sha256/src/rtl/sha256_core.v \ + ../../../../core/sha256/src/rtl/sha256_k_constants.v \ + ../../../../core/sha256/src/rtl/sha256.v \ + ../../../../core/sha256/src/rtl/sha256_w_mem.v \ + ../../../../core/sha1/src/rtl/sha1_core.v \ + ../../../../core/sha1/src/rtl/sha1.v \ + ../../../../core/sha1/src/rtl/sha1_w_mem.v \ + ../../../../core/sha512/src/rtl/sha512_core.v \ + ../../../../core/sha512/src/rtl/sha512_h_constants.v \ + ../../../../core/sha512/src/rtl/sha512_k_constants.v \ + ../../../../core/sha512/src/rtl/sha512.v \ + ../../../../core/sha512/src/rtl/sha512_w_mem.v + +include xilinx.mk diff --git a/rtl/build/novena_baseline_top.bmm b/rtl/build/novena_baseline_top.bmm new file mode 100644 index 0000000..e69de29 diff --git a/rtl/build/novena_baseline_top.ucf b/rtl/build/novena_baseline_top.ucf new file mode 120000 index 0000000..fddd839 --- /dev/null +++ b/rtl/build/novena_baseline_top.ucf @@ -0,0 +1 @@ +../src/ucf/novena_baseline.ucf \ No newline at end of file diff --git a/rtl/build/xilinx.mk b/rtl/build/xilinx.mk new file mode 100644 index 0000000..a3a0216 --- /dev/null +++ b/rtl/build/xilinx.mk @@ -0,0 +1,176 @@ +# The top level module should define the variables below then include +# this file. The files listed should be in the same directory as the +# Makefile. +# +# variable description +# ---------- ------------- +# project project name (top level module should match this name) +# top_module top level module of the project +# libdir path to library directory +# libs library modules used +# vfiles all local .v files +# xilinx_cores all local .xco files +# vendor vendor of FPGA (xilinx, altera, etc.) +# family FPGA device family (spartan3e) +# part FPGA part name (xc4vfx12-10-sf363) +# flashsize size of flash for mcs file (16384) +# optfile (optional) xst extra opttions file to put in .scr +# map_opts (optional) options to give to map +# par_opts (optional) options to give to par +# intstyle (optional) intstyle option to all tools +# +# files description +# ---------- ------------ +# $(project).ucf ucf file +# +# Library modules should have a modules.mk in their root directory, +# namely $(libdir)//module.mk, that simply adds to the vfiles +# and xilinx_cores variable. +# +# all the .xco files listed in xilinx_cores will be generated with core, with +# the resulting .v and .ngc files placed back in the same directory as +# the .xco file. +# +# TODO: .xco files are device dependant, should use a template based system + +coregen_work_dir ?= ./coregen-tmp +map_opts ?= -timing -ol high -detail -pr b -register_duplication -w +par_opts ?= -ol high +isedir ?= /opt/Xilinx/13.3/ISE_DS +xil_env ?= . $(isedir)/settings32.sh +flashsize ?= 8192 + +libmks = $(patsubst %,$(libdir)/%/module.mk,$(libs)) +mkfiles = Makefile $(libmks) xilinx.mk +include $(libmks) + +corengcs = $(foreach core,$(xilinx_cores),$(core:.xco=.ngc)) +local_corengcs = $(foreach ngc,$(corengcs),$(notdir $(ngc))) +vfiles += $(foreach core,$(xilinx_cores),$(core:.xco=.v)) +junk += $(local_corengcs) + +.PHONY: default xilinx_cores clean twr etwr +default: $(project).bit $(project).mcs +xilinx_cores: $(corengcs) +twr: $(project).twr +etwr: $(project)_err.twr + +define cp_template +$(2): $(1) + cp $(1) $(2) +endef +$(foreach ngc,$(corengcs),$(eval $(call cp_template,$(ngc),$(notdir $(ngc))))) + +%.ngc %.v: %.xco + @echo "=== rebuilding $@" + if [ -d $(coregen_work_dir) ]; then \ + rm -rf $(coregen_work_dir)/*; \ + else \ + mkdir -p $(coregen_work_dir); \ + fi + cd $(coregen_work_dir); \ + $(xil_env); \ + coregen -b $$OLDPWD/$<; \ + cd - + xcodir=`dirname $<`; \ + basename=`basename $< .xco`; \ + if [ ! -r $(coregen_work_dir/$$basename.ngc) ]; then \ + echo "'$@' wasn't created."; \ + exit 1; \ + else \ + cp $(coregen_work_dir)/$$basename.v $(coregen_work_dir)/$$basename.ngc $$xcodir; \ + fi +junk += $(coregen_work_dir) + +date = $(shell date +%F-%H-%M) + +# some common junk +junk += *.xrpt + +programming_files: $(project).bit $(project).mcs + mkdir -p $@/$(date) + mkdir -p $@/latest + for x in .bit .mcs .cfi _bd.bmm; do cp $(project)$$x $@/$(date)/$(project)$$x; cp $(project)$$x $@/latest/$(project)$$x; done + $(xil_env); xst -help | head -1 | sed 's/^/#/' | cat - $(project).scr > $@/$(date)/$(project).scr + +$(project).mcs: $(project).bit + $(xil_env); \ + promgen -w -s $(flashsize) -p mcs -o $@ -u 0 $^ +junk += $(project).mcs $(project).cfi $(project).prm + +$(project).bit: $(project)_par.ncd + $(xil_env); \ + bitgen $(intstyle) -g UnusedPin:Pullnone -g DriveDone:yes -g StartupClk:Cclk -w $(project)_par.ncd $(project).bit +junk += $(project).bgn $(project).bit $(project).drc $(project)_bd.bmm + + +$(project)_par.ncd: $(project).ncd + $(xil_env); \ + if par $(intstyle) $(par_opts) -w $(project).ncd $(project)_par.ncd; then \ + :; \ + else \ + $(MAKE) etwr; \ + fi +junk += $(project)_par.ncd $(project)_par.par $(project)_par.pad +junk += $(project)_par_pad.csv $(project)_par_pad.txt +junk += $(project)_par.grf $(project)_par.ptwx +junk += $(project)_par.unroutes $(project)_par.xpi + +$(project).ncd: $(project).ngd + if [ -r $(project)_par.ncd ]; then \ + cp $(project)_par.ncd smartguide.ncd; \ + smartguide="-smartguide smartguide.ncd"; \ + else \ + smartguide=""; \ + fi; \ + $(xil_env); \ + map $(intstyle) $(map_opts) $$smartguide $< +junk += $(project).ncd $(project).pcf $(project).ngm $(project).mrp $(project).map +junk += smartguide.ncd $(project).psr +junk += $(project)_summary.xml $(project)_usage.xml + +$(project).ngd: $(project).ngc $(project).ucf $(project).bmm + $(xil_env); ngdbuild $(intstyle) $(project).ngc -bm $(project).bmm +junk += $(project).ngd $(project).bld + +$(project).ngc: $(vfiles) $(local_corengcs) $(project).scr $(project).prj + $(xil_env); xst $(intstyle) -ifn $(project).scr +junk += xlnx_auto* $(top_module).lso $(project).srp +junk += netlist.lst xst $(project).ngc + +$(project).prj: $(vfiles) $(mkfiles) + for src in $(vfiles); do echo "verilog work $$src" >> $(project).tmpprj; done + sort -u $(project).tmpprj > $(project).prj + rm -f $(project).tmpprj +junk += $(project).prj + +optfile += $(wildcard $(project).opt) +top_module ?= $(project) +$(project).scr: $(optfile) $(mkfiles) ./xilinx.opt + echo "run" > $@ + echo "-p $(part)" >> $@ + echo "-top $(top_module)" >> $@ + echo "-ifn $(project).prj" >> $@ + echo "-ofn $(project).ngc" >> $@ + cat ./xilinx.opt $(optfile) >> $@ +junk += $(project).scr + +$(project).post_map.twr: $(project).ncd + $(xil_env); trce -e 10 $< $(project).pcf -o $@ +junk += $(project).post_map.twr $(project).post_map.twx smartpreview.twr + +$(project).twr: $(project)_par.ncd + $(xil_env); trce $< $(project).pcf -o $(project).twr +junk += $(project).twr $(project).twx smartpreview.twr + +$(project)_err.twr: $(project)_par.ncd + $(xil_env); trce -e 10 $< $(project).pcf -o $(project)_err.twr +junk += $(project)_err.twr $(project)_err.twx +junk += $(project).lso $(project)_bitgen.xwb $(project)_bitgen.xwbt +junk += usage_statistics_webtalk.html par_usage_statistics.html webtalk.log _xmsgs default.xreport + +.gitignore: $(mkfiles) + echo programming_files $(junk) | sed 's, ,\n,g' > .gitignore + +clean:: + rm -rf $(junk) diff --git a/rtl/build/xilinx.opt b/rtl/build/xilinx.opt new file mode 100644 index 0000000..7fe9d8b --- /dev/null +++ b/rtl/build/xilinx.opt @@ -0,0 +1,42 @@ +-ifmt mixed +-ofmt NGC +-opt_mode speed +-opt_level 1 +-iuc NO +-keep_hierarchy no +-netlist_hierarchy as_optimized +-rtlview no +-glob_opt AllClockNets +-read_cores yes +-write_timing_constraints NO +-cross_clock_analysis NO +-hierarchy_separator / +-bus_delimiter <> +-case maintain +-slice_utilization_ratio 100 +-bram_utilization_ratio 100 +#-dsp_utilization_ratio 100 +-safe_implementation No +-fsm_extract YES +-fsm_encoding Auto +-fsm_style lut +-ram_extract Yes +-ram_style Auto +-rom_extract Yes +-rom_style Auto +-shreg_extract YES +-auto_bram_packing NO +-resource_sharing YES +-async_to_sync NO +#-use_dsp48 auto +-iobuf YES +-max_fanout 500 +-register_duplication YES +-register_balancing No +-optimize_primitives NO +-use_clock_enable Auto +-use_sync_set Auto +-use_sync_reset Auto +-iob auto +-equivalent_register_removal YES +-slice_utilization_ratio_maxmargin 5 diff --git a/rtl/iseconfig/novena_baseline.xise b/rtl/iseconfig/novena_baseline.xise index a270ac9..10c31e5 100644 --- a/rtl/iseconfig/novena_baseline.xise +++ b/rtl/iseconfig/novena_baseline.xise @@ -15,56 +15,104 @@ - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - - - - - + - + - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - + @@ -103,7 +151,7 @@ - + @@ -194,7 +242,7 @@ - + diff --git a/rtl/src/verilog/core_selector.v b/rtl/src/verilog/core_selector.v index 3f74a26..7479848 100644 --- a/rtl/src/verilog/core_selector.v +++ b/rtl/src/verilog/core_selector.v @@ -1,18 +1,21 @@ //====================================================================== // -// core_selector.v -// --------------- -// Core selector Cryptech Novena FPGA framework. +// coretest_hashes.v +// ----------------- +// Top level wrapper that creates the Cryptech coretest system. +// The wrapper contains instances of external interface, coretest +// and the core to be tested. And if more than one core is +// present the wrapper also includes address and data muxes. // // -// Author: Pavel Shatov -// Copyright (c) 2014, NORDUnet A/S All rights reserved. -// +// Authors: Joachim Strombergson, Paul Selkirk, Pavel Shatov +// Copyright (c) 2014-2015, NORDUnet A/S All rights reserved. +// // Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions -// are met: -// - Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. +// modification, are permitted provided that the following conditions are +// met: +// - Redistributions of source code must retain the above copyright notice, +// this list of conditions and the following disclaimer. // // - Redistributions in binary form must reproduce the above copyright // notice, this list of conditions and the following disclaimer in the @@ -37,111 +40,184 @@ //====================================================================== module core_selector - ( - input wire sys_clk, + ( + input wire sys_clk, input wire sys_rst, - input wire [13: 0] sys_eim_addr, + input wire [13: 0] sys_eim_addr, input wire sys_eim_wr, input wire sys_eim_rd, output wire [31 : 0] read_data, - input wire [31 : 0] write_data - ); - - - // - // Parameters - // - localparam ADDER_BASE_ADDR = 6'h00; // upper 6 bits of address - localparam ADDER_OFFSET_X_REG = 8'h00; // X - localparam ADDER_OFFSET_Y_REG = 8'h01; // Y - - - /* This flag detects whether adder core is being addressed. */ - wire eim_access_adder = (sys_eim_addr[13:8] == ADDER_BASE_ADDR) ? 1'b1 : 1'b0; - - /* These flags detect whether write or read access is requested. */ - wire eim_access_write = sys_eim_wr & eim_access_adder; - wire eim_access_read = sys_eim_rd & eim_access_adder; - wire select = eim_access_read | eim_access_write; - -// reg [31 : 0] read_data_reg; -// reg [31 : 0] y_reg; -// reg [31 : 0] x_reg; -// -// // -// // Write Request Handler -// // -// always @(posedge sys_clk) -// // -// if (sys_rst) begin -// x_reg <= 32'hdeaddead; -// y_reg <= 32'hbeefbeef; -// end -// else if (eim_access_write) begin -// case (sys_eim_addr[7:0]) -// ADDER_OFFSET_X_REG: x_reg <= write_data; -// ADDER_OFFSET_Y_REG: y_reg <= write_data; -// endcase -// end -// -// -// // -// // Read Request Handler -// always @(posedge sys_clk) -// // -// if (sys_rst) -// read_data_reg <= 32'h00000000; -// // -// else if (eim_access_read) begin -// // -// case (sys_eim_addr[7:0]) -// ADDER_OFFSET_X_REG: read_data_reg <= x_reg; -// ADDER_OFFSET_Y_REG: read_data_reg <= y_reg; -// endcase -// // -// end - -// assign read_data = read_data_reg; - - - // localparam SHA256_BASE_ADDR = 6'h14; - // - // wire access_sha256 = (sys_eim_addr[13 : 8] == SHA256_BASE_ADDR) ? 1'b1 : 1'b0; - // wire read_access = sys_eim_rd & access_sha256; - // wire write_access = sys_eim_wr & access_sha256; - // wire select = read_access | write_access; - -// reg [31 : 0] read_data_reg; -// wire [31 : 0] sha_read_data; -// -// assign read_data = read_data_reg; -// -// always @ (posedge sys_clk) -// begin -// if (sys_rst) -// begin -// read_data_reg <= 32'h00000000; -// end -// else -// begin -// read_data_reg <= sha_read_data; -// end -// end - - - sha256 sha256_inst( - .clk(sys_clk), - .reset_n(1'b1), - - .cs(eim_access_adder), - .we(sys_eim_wr), - - .address(sys_eim_addr[7 : 0]), - .write_data(write_data), - .read_data(read_data), - .error() - ); + input wire [31 : 0] write_data + ); + + + //---------------------------------------------------------------- + // Internal constant and parameter definitions. + //---------------------------------------------------------------- + parameter SHA1_ADDR_PREFIX = 6'b000100; // 0x1000 - 0x13ff + parameter SHA256_ADDR_PREFIX = 6'b001000; // 0x2000 - 0x23ff + parameter SHA512_ADDR_PREFIX = 6'b001100; // 0x3000 - 0x33ff + + + //---------------------------------------------------------------- + // Wires and registers + //---------------------------------------------------------------- + wire clk = sys_clk; + wire reset_n = !sys_rst; + wire [13:0] address = sys_eim_addr; + wire cs = sys_eim_wr | sys_eim_rd; + wire we = sys_eim_wr; + + reg [31:0] read_reg; + reg error_reg; + + // sha1 connections. + reg sha1_cs; + reg sha1_we; + reg [7:0] sha1_address; + reg [31:0] sha1_write_data; + wire [31:0] sha1_read_data; + wire sha1_error; + + // sha256 connections. + reg sha256_cs; + reg sha256_we; + reg [7:0] sha256_address; + reg [31:0] sha256_write_data; + wire [31:0] sha256_read_data; + wire sha256_error; + + // sha512 connections. + reg sha512_cs; + reg sha512_we; + reg [7:0] sha512_address; + reg [31:0] sha512_write_data; + wire [31:0] sha512_read_data; + wire sha512_error; + + + //---------------------------------------------------------------- + // Concurrent assignment. + //---------------------------------------------------------------- + assign read_data = read_reg; + + //---------------------------------------------------------------- + // Core instantiations. + //---------------------------------------------------------------- + sha1 sha1( + // Clock and reset. + .clk(clk), + .reset_n(reset_n), + + // Control. + .cs(sha1_cs), + .we(sha1_we), + + // Data ports. + .address(sha1_address), + .write_data(sha1_write_data), + .read_data(sha1_read_data), + .error(sha1_error) + ); + + + sha256 sha256( + // Clock and reset. + .clk(clk), + .reset_n(reset_n), + + // Control. + .cs(sha256_cs), + .we(sha256_we), + + // Data ports. + .address(sha256_address), + .write_data(sha256_write_data), + .read_data(sha256_read_data), + .error(sha256_error) + ); + + + sha512 sha512( + // Clock and reset. + .clk(clk), + .reset_n(reset_n), + + // Control. + .cs(sha512_cs), + .we(sha512_we), + + // Data ports. + .address(sha512_address), + .write_data(sha512_write_data), + .read_data(sha512_read_data), + .error(sha512_error) + ); + + //---------------------------------------------------------------- + // address_mux + // + // Combinational data mux that handles addressing between + // cores using the 32-bit memory like interface. + //---------------------------------------------------------------- + always @* + begin : address_mux + // Default assignments. + sha1_cs = 0; + sha1_we = 0; + sha1_address = 8'h00; + sha1_write_data = 32'h00000000; + + sha256_cs = 0; + sha256_we = 0; + sha256_address = 8'h00; + sha256_write_data = 32'h00000000; + + sha512_cs = 0; + sha512_we = 0; + sha512_address = 8'h00; + sha512_write_data = 32'h00000000; + + // address mux + case (address[13:8]) + SHA1_ADDR_PREFIX: + begin + sha1_cs = 1; + sha1_we = we; + sha1_address = address[7:0]; + sha1_write_data = write_data; + read_reg = sha1_read_data; + error_reg = sha1_error; + end + + SHA256_ADDR_PREFIX: + begin + sha256_cs = 1; + sha256_we = we; + sha256_address = address[7:0]; + sha256_write_data = write_data; + read_reg = sha256_read_data; + error_reg = sha256_error; + end + + SHA512_ADDR_PREFIX: + begin + sha512_cs = 1; + sha512_we = we; + sha512_address = address[7:0]; + sha512_write_data = write_data; + read_reg = sha512_read_data; + error_reg = sha512_error; + end + + default: + begin + read_reg = 32'hZZZZ; + end + endcase + + end // address_mux endmodule diff --git a/sw/test-sha256/hash_tester.c b/sw/test-sha256/hash_tester.c index 544e2c5..978cb82 100644 --- a/sw/test-sha256/hash_tester.c +++ b/sw/test-sha256/hash_tester.c @@ -13,7 +13,7 @@ * * * Authors: Joachim Strömbergson, Paul Selkirk - * Copyright (c) 2014, NORDUnet A/S All rights reserved. + * Copyright (c) 2014-2015, NORDUnet A/S All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are @@ -76,8 +76,18 @@ int repeat = 0; #define ADDR_DIGEST 0x80 /* addresses and codes for the specific hash cores */ -#define SHA256_PREFIX 0x0000 -#define SHA256_ADDR_BASE EIM_BASE_ADDR + SHA256_PREFIX +#define SHA1_ADDR_BASE EIM_BASE_ADDR + 0x1000 +#define SHA1_ADDR_NAME0 SHA1_ADDR_BASE + ADDR_NAME0 +#define SHA1_ADDR_NAME1 SHA1_ADDR_BASE + ADDR_NAME1 +#define SHA1_ADDR_VERSION SHA1_ADDR_BASE + ADDR_VERSION +#define SHA1_ADDR_CTRL SHA1_ADDR_BASE + ADDR_CTRL +#define SHA1_ADDR_STATUS SHA1_ADDR_BASE + ADDR_STATUS +#define SHA1_ADDR_BLOCK SHA1_ADDR_BASE + ADDR_BLOCK +#define SHA1_ADDR_DIGEST SHA1_ADDR_BASE + ADDR_DIGEST +#define SHA1_BLOCK_LEN 512 / 8 +#define SHA1_DIGEST_LEN 160 / 8 + +#define SHA256_ADDR_BASE EIM_BASE_ADDR + 0x2000 #define SHA256_ADDR_NAME0 SHA256_ADDR_BASE + ADDR_NAME0 #define SHA256_ADDR_NAME1 SHA256_ADDR_BASE + ADDR_NAME1 #define SHA256_ADDR_VERSION SHA256_ADDR_BASE + ADDR_VERSION @@ -88,6 +98,24 @@ int repeat = 0; #define SHA256_BLOCK_LEN 512 / 8 #define SHA256_DIGEST_LEN 256 / 8 +#define SHA512_ADDR_BASE EIM_BASE_ADDR + 0x3000 +#define SHA512_ADDR_NAME0 SHA512_ADDR_BASE + ADDR_NAME0 +#define SHA512_ADDR_NAME1 SHA512_ADDR_BASE + ADDR_NAME1 +#define SHA512_ADDR_VERSION SHA512_ADDR_BASE + ADDR_VERSION +#define SHA512_ADDR_CTRL SHA512_ADDR_BASE + ADDR_CTRL +#define SHA512_ADDR_STATUS SHA512_ADDR_BASE + ADDR_STATUS +#define SHA512_ADDR_BLOCK SHA512_ADDR_BASE + ADDR_BLOCK +#define SHA512_ADDR_DIGEST SHA512_ADDR_BASE + 0x100 +#define SHA512_BLOCK_LEN 1024 / 8 +#define SHA512_224_DIGEST_LEN 224 / 8 +#define SHA512_256_DIGEST_LEN 256 / 8 +#define SHA384_DIGEST_LEN 384 / 8 +#define SHA512_DIGEST_LEN 512 / 8 +#define MODE_SHA_512_224 0 << 2 +#define MODE_SHA_512_256 1 << 2 +#define MODE_SHA_384 2 << 2 +#define MODE_SHA_512 3 << 2 + /* SHA-1/SHA-256 One Block Message Sample Input Message: "abc" */ const uint8_t NIST_512_SINGLE[] = @@ -100,6 +128,11 @@ const uint8_t NIST_512_SINGLE[] = 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18 }; +const uint8_t SHA1_SINGLE_DIGEST[] = +{ 0xa9, 0x99, 0x3e, 0x36, 0x47, 0x06, 0x81, 0x6a, + 0xba, 0x3e, 0x25, 0x71, 0x78, 0x50, 0xc2, 0x6c, + 0x9c, 0xd0, 0xd8, 0x9d }; + const uint8_t SHA256_SINGLE_DIGEST[] = { 0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA, 0x41, 0x41, 0x40, 0xDE, 0x5D, 0xAE, 0x22, 0x23, @@ -127,12 +160,129 @@ const uint8_t NIST_512_DOUBLE1[] = 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xC0 }; +const uint8_t SHA1_DOUBLE_DIGEST[] = +{ 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, + 0xBA, 0xAE, 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, + 0xE5, 0x46, 0x70, 0xF1 }; + const uint8_t SHA256_DOUBLE_DIGEST[] = { 0x24, 0x8D, 0x6A, 0x61, 0xD2, 0x06, 0x38, 0xB8, 0xE5, 0xC0, 0x26, 0x93, 0x0C, 0x3E, 0x60, 0x39, 0xA3, 0x3C, 0xE4, 0x59, 0x64, 0xFF, 0x21, 0x67, 0xF6, 0xEC, 0xED, 0xD4, 0x19, 0xDB, 0x06, 0xC1 }; +/* SHA-512 One Block Message Sample + Input Message: "abc" */ +const uint8_t NIST_1024_SINGLE[] = +{ 0x61, 0x62, 0x63, 0x80, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18 }; + +const uint8_t SHA512_224_SINGLE_DIGEST[] = +{ 0x46, 0x34, 0x27, 0x0f, 0x70, 0x7b, 0x6a, 0x54, + 0xda, 0xae, 0x75, 0x30, 0x46, 0x08, 0x42, 0xe2, + 0x0e, 0x37, 0xed, 0x26, 0x5c, 0xee, 0xe9, 0xa4, + 0x3e, 0x89, 0x24, 0xaa }; +const uint8_t SHA512_256_SINGLE_DIGEST[] = +{ 0x53, 0x04, 0x8e, 0x26, 0x81, 0x94, 0x1e, 0xf9, + 0x9b, 0x2e, 0x29, 0xb7, 0x6b, 0x4c, 0x7d, 0xab, + 0xe4, 0xc2, 0xd0, 0xc6, 0x34, 0xfc, 0x6d, 0x46, + 0xe0, 0xe2, 0xf1, 0x31, 0x07, 0xe7, 0xaf, 0x23 }; +const uint8_t SHA384_SINGLE_DIGEST[] = +{ 0xcb, 0x00, 0x75, 0x3f, 0x45, 0xa3, 0x5e, 0x8b, + 0xb5, 0xa0, 0x3d, 0x69, 0x9a, 0xc6, 0x50, 0x07, + 0x27, 0x2c, 0x32, 0xab, 0x0e, 0xde, 0xd1, 0x63, + 0x1a, 0x8b, 0x60, 0x5a, 0x43, 0xff, 0x5b, 0xed, + 0x80, 0x86, 0x07, 0x2b, 0xa1, 0xe7, 0xcc, 0x23, + 0x58, 0xba, 0xec, 0xa1, 0x34, 0xc8, 0x25, 0xa7 }; +const uint8_t SHA512_SINGLE_DIGEST[] = +{ 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba, + 0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31, + 0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2, + 0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a, + 0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8, + 0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd, + 0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e, + 0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f }; + +/* SHA-512 Two Block Message Sample + Input Message: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn" + "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" */ +const uint8_t NIST_1024_DOUBLE0[] = +{ 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, + 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, + 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, + 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, + 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, + 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, + 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, + 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, + 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, + 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, + 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, + 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, + 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, + 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, + 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; +const uint8_t NIST_1024_DOUBLE1[] = +{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x80 }; + +const uint8_t SHA512_224_DOUBLE_DIGEST[] = +{ 0x23, 0xfe, 0xc5, 0xbb, 0x94, 0xd6, 0x0b, 0x23, + 0x30, 0x81, 0x92, 0x64, 0x0b, 0x0c, 0x45, 0x33, + 0x35, 0xd6, 0x64, 0x73, 0x4f, 0xe4, 0x0e, 0x72, + 0x68, 0x67, 0x4a, 0xf9 }; +const uint8_t SHA512_256_DOUBLE_DIGEST[] = +{ 0x39, 0x28, 0xe1, 0x84, 0xfb, 0x86, 0x90, 0xf8, + 0x40, 0xda, 0x39, 0x88, 0x12, 0x1d, 0x31, 0xbe, + 0x65, 0xcb, 0x9d, 0x3e, 0xf8, 0x3e, 0xe6, 0x14, + 0x6f, 0xea, 0xc8, 0x61, 0xe1, 0x9b, 0x56, 0x3a }; +const uint8_t SHA384_DOUBLE_DIGEST[] = +{ 0x09, 0x33, 0x0c, 0x33, 0xf7, 0x11, 0x47, 0xe8, + 0x3d, 0x19, 0x2f, 0xc7, 0x82, 0xcd, 0x1b, 0x47, + 0x53, 0x11, 0x1b, 0x17, 0x3b, 0x3b, 0x05, 0xd2, + 0x2f, 0xa0, 0x80, 0x86, 0xe3, 0xb0, 0xf7, 0x12, + 0xfc, 0xc7, 0xc7, 0x1a, 0x55, 0x7e, 0x2d, 0xb9, + 0x66, 0xc3, 0xe9, 0xfa, 0x91, 0x74, 0x60, 0x39 }; +const uint8_t SHA512_DOUBLE_DIGEST[] = +{ 0x8e, 0x95, 0x9b, 0x75, 0xda, 0xe3, 0x13, 0xda, + 0x8c, 0xf4, 0xf7, 0x28, 0x14, 0xfc, 0x14, 0x3f, + 0x8f, 0x77, 0x79, 0xc6, 0xeb, 0x9f, 0x7f, 0xa1, + 0x72, 0x99, 0xae, 0xad, 0xb6, 0x88, 0x90, 0x18, + 0x50, 0x1d, 0x28, 0x9e, 0x49, 0x00, 0xf7, 0xe4, + 0x33, 0x1b, 0x99, 0xde, 0xc4, 0xb5, 0x43, 0x3a, + 0xc7, 0xd3, 0x29, 0xee, 0xb6, 0xdd, 0x26, 0x54, + 0x5e, 0x96, 0xe5, 0x5b, 0x87, 0x4b, 0xe9, 0x09 }; + /* ---------------- test-case low-level code ---------------- */ void dump(char *label, const uint8_t *buf, int len) @@ -257,19 +407,68 @@ int tc_wait_valid(off_t offset) /* TC1: Read name and version from SHA-1 core. */ int TC1(void) { - return 0; + uint8_t name0[4] = { 0x73, 0x68, 0x61, 0x31 }; /* "sha1" */ + uint8_t name1[4] = { 0x20, 0x20, 0x20, 0x20 }; /* " " */ + uint8_t version[4] = { 0x30, 0x2e, 0x35, 0x30 }; /* "0.50" */ + + if (!quiet) + printf("TC1: Reading name, type and version words from SHA-1 core.\n"); + + return + tc_expected(SHA1_ADDR_NAME0, name0, 4) || + tc_expected(SHA1_ADDR_NAME1, name1, 4) || + tc_expected(SHA1_ADDR_VERSION, version, 4); } /* TC2: SHA-1 Single block message test as specified by NIST. */ int TC2(void) { - return 0; + const uint8_t *block = NIST_512_SINGLE; + const uint8_t *expected = SHA1_SINGLE_DIGEST; + int ret; + + if (!quiet) + printf("TC2: Single block message test for SHA-1.\n"); + + /* Write block to SHA-1. */ + tc_write(SHA1_ADDR_BLOCK, block, SHA1_BLOCK_LEN); + /* Start initial block hashing, wait and check status. */ + tc_init(SHA1_ADDR_CTRL); + tc_wait_valid(SHA1_ADDR_STATUS); + /* Extract the digest. */ + ret = tc_expected(SHA1_ADDR_DIGEST, expected, SHA1_DIGEST_LEN); + return ret; } /* TC3: SHA-1 Double block message test as specified by NIST. */ int TC3(void) { - return 0; + const uint8_t *block[2] = { NIST_512_DOUBLE0, NIST_512_DOUBLE1 }; + static const uint8_t block0_expected[] = + { 0xF4, 0x28, 0x68, 0x18, 0xC3, 0x7B, 0x27, 0xAE, + 0x04, 0x08, 0xF5, 0x81, 0x84, 0x67, 0x71, 0x48, + 0x4A, 0x56, 0x65, 0x72 }; + const uint8_t *expected = SHA1_DOUBLE_DIGEST; + int ret; + + if (!quiet) + printf("TC3: Double block message test for SHA-1.\n"); + + /* Write first block to SHA-1. */ + tc_write(SHA1_ADDR_BLOCK, block[0], SHA1_BLOCK_LEN); + /* Start initial block hashing, wait and check status. */ + tc_init(SHA1_ADDR_CTRL); + tc_wait_valid(SHA1_ADDR_STATUS); + /* Extract the first digest. */ + tc_expected(SHA1_ADDR_DIGEST, block0_expected, SHA1_DIGEST_LEN); + /* Write second block to SHA-1. */ + tc_write(SHA1_ADDR_BLOCK, block[1], SHA1_BLOCK_LEN); + /* Start next block hashing, wait and check status. */ + tc_next(SHA1_ADDR_CTRL); + tc_wait_valid(SHA1_ADDR_STATUS); + /* Extract the second digest. */ + ret = tc_expected(SHA1_ADDR_DIGEST, expected, SHA1_DIGEST_LEN); + return ret; } /* ---------------- SHA-256 test cases ---------------- */ @@ -394,20 +593,106 @@ int TC7() /* TC8: Read name and version from SHA-512 core. */ int TC8() { - return 0; + uint8_t name0[4] = { 0x73, 0x68, 0x61, 0x32 }; /* "sha2" */ + uint8_t name1[4] = { 0x2d, 0x35, 0x31, 0x32 }; /* "-512" */ + uint8_t version[4] = { 0x30, 0x2e, 0x38, 0x30 }; /* "0.80" */ + + if (!quiet) + printf("TC8: Reading name, type and version words from SHA-512 core.\n"); + + return + tc_expected(SHA512_ADDR_NAME0, name0, 4) || + tc_expected(SHA512_ADDR_NAME1, name1, 4) || + tc_expected(SHA512_ADDR_VERSION, version, 4); } /* TC9: SHA-512 Single block message test as specified by NIST. We do this for all modes. */ +int tc9(int mode, const uint8_t *expected, int digest_len) +{ + const uint8_t *block = NIST_1024_SINGLE; + uint8_t init[4] = { 0, 0, 0, CTRL_INIT_CMD + mode }; + + return + /* Write block to SHA-512. */ + tc_write(SHA512_ADDR_BLOCK, block, SHA512_BLOCK_LEN) || + /* Start initial block hashing, wait and check status. */ + tc_write(SHA512_ADDR_CTRL, init, 4) || + tc_wait_valid(SHA512_ADDR_STATUS) || + /* Extract the digest. */ + tc_expected(SHA512_ADDR_DIGEST, expected, digest_len); +} + int TC9() { + if (!quiet) + printf("TC9-1: Single block message test for SHA-512/224.\n"); + if (tc9(MODE_SHA_512_224, SHA512_224_SINGLE_DIGEST, SHA512_224_DIGEST_LEN) != 0) + return 1; + + if (!quiet) + printf("TC9-2: Single block message test for SHA-512/256.\n"); + if (tc9(MODE_SHA_512_256, SHA512_256_SINGLE_DIGEST, SHA512_256_DIGEST_LEN) != 0) + return 1; + + if (!quiet) + printf("TC9-3: Single block message test for SHA-384.\n"); + if (tc9(MODE_SHA_384, SHA384_SINGLE_DIGEST, SHA384_DIGEST_LEN) != 0) + return 1; + + if (!quiet) + printf("TC9-4: Single block message test for SHA-512.\n"); + if (tc9(MODE_SHA_512, SHA512_SINGLE_DIGEST, SHA512_DIGEST_LEN) != 0) + return 1; + return 0; } /* TC10: SHA-512 Double block message test as specified by NIST. We do this for all modes. */ +int tc10(int mode, const uint8_t *expected, int digest_len) +{ + const uint8_t *block[2] = { NIST_1024_DOUBLE0, NIST_1024_DOUBLE1 }; + uint8_t init[4] = { 0, 0, 0, CTRL_INIT_CMD + mode }; + uint8_t next[4] = { 0, 0, 0, CTRL_NEXT_CMD + mode }; + + return + /* Write first block to SHA-512. */ + tc_write(SHA512_ADDR_BLOCK, block[0], SHA512_BLOCK_LEN) || + /* Start initial block hashing, wait and check status. */ + tc_write(SHA512_ADDR_CTRL, init, 4) || + tc_wait_ready(SHA512_ADDR_STATUS) || + /* Write second block to SHA-512. */ + tc_write(SHA512_ADDR_BLOCK, block[1], SHA512_BLOCK_LEN) || + /* Start next block hashing, wait and check status. */ + tc_write(SHA512_ADDR_CTRL, next, 4) || + tc_wait_valid(SHA512_ADDR_STATUS) || + /* Extract the digest. */ + tc_expected(SHA512_ADDR_DIGEST, expected, digest_len); +} + int TC10() { + if (!quiet) + printf("TC10-1: Double block message test for SHA-512/224.\n"); + if (tc10(MODE_SHA_512_224, SHA512_224_DOUBLE_DIGEST, SHA512_224_DIGEST_LEN) != 0) + return 1; + + if (!quiet) + printf("TC10-2: Double block message test for SHA-512/256.\n"); + if (tc10(MODE_SHA_512_256, SHA512_256_DOUBLE_DIGEST, SHA512_256_DIGEST_LEN) != 0) + return 1; + + if (!quiet) + printf("TC10-3: Double block message test for SHA-384.\n"); + if (tc10(MODE_SHA_384, SHA384_DOUBLE_DIGEST, SHA384_DIGEST_LEN) != 0) + return 1; + + if (!quiet) + printf("TC10-4: Double block message test for SHA-512.\n"); + if (tc10(MODE_SHA_512, SHA512_DOUBLE_DIGEST, SHA512_DIGEST_LEN) != 0) + return 1; + return 0; } -- cgit v1.2.3