aboutsummaryrefslogblamecommitdiff
path: root/src/rtl/keywrap_core.v
blob: 5a05b63cf293577a5ab5619a5983e9b241b92b24 (plain) (tree)
1
2
3
4
5
6
7




                                                                        

                                                  


































                                                                           



                                                              
 




                                                                   

                                                           

                                                            
                                                             
 

                                                            
 
                                                           
 

                                                             
                                                               
                                                                 
 

                                                               
 



                                                                  





                                                                    
                                    
 














                                        
 














                                          

                                         






                                                                    
                      




                         



                         






                                         
 






                                 
 

                               








                                



                               

                                     





                                                                    


                           
                           

                            
 

                              



                                        
 






                              


                                



                                                                    

                                         
                            
 
                                  
                                      

                                            

                                    
                                        

                                              





                                 
 
                               

                               



                               
                                 

                                 
                                   
                                       

                
 







                                         
 


                                         
 







                                             

 


                                                                    



                                     






                                                                    

                

                   
                                         
                                
 
                                         

                                        
                                                          
                                        

                                        
                                         
                                             
          


             


                           


                                            


                                   


                                   




                                                   







                                                                    
                  



                                                                    
                         
                           
 

                        
                                
                       
 
                                                                             
 






                                                      

                 
                         
                       



                       
                         





                                                     




                                                                    



                                                                    
                                             



                           
                                                 


                               

                        
                                        








                                               























                                                                    
                                             




                                   
                                                       












                                                                    



                                                                    



                                   

                                   

                                   
                                   

                                   
                                   



                                   





                                               
                                    
 

                                        
 
 


                                  

                     
                                             



                                             
                                                       




                                             

                                             

                                             
                                             




                                                           

                                             















                                                         

             
 










                                                  
 



                                         
                                                    







                                         
                                                    



                                         
                        
               
                                                   



                                         
                       
               
                                         




                                                   










                                                         
               

                                
                       
                                                       
                

                                                       


             
                         
               
                                              

                                             
                                                        


                                             
                                                        


                                             
                                                        










                                                           
                         
               
                                  

                                             
                                                        






                                             
                                                        










                                                           









                                              































                                                   











                                                                        
//======================================================================
//
// keywrap_core.v
// --------------
// Core that tries to implement AES KEY WRAP as specified in
// RFC 3394 and extended with padding in RFC 5649.
// Experimental core at the moment. Does Not Work.
// The maximum wrap object size is 64 kByte.
//
//
// Author: Joachim Strombergson
// Copyright (c) 2018, NORDUnet A/S
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
// met:
// - Redistributions of source code must retain the above copyright notice,
//   this list of conditions and the following disclaimer.
//
// - Redistributions in binary form must reproduce the above copyright
//   notice, this list of conditions and the following disclaimer in the
//   documentation and/or other materials provided with the distribution.
//
// - Neither the name of the NORDUnet nor the names of its contributors may
//   be used to endorse or promote products derived from this software
//   without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
// IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
// PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
// HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
// TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
// PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
// NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
//======================================================================

module keywrap_core #(parameter MEM_BITS = 11)
                    (
                     input wire                       clk,
                     input wire                       reset_n,

                     output wire                      mkm_spi_sclk,
                     output wire                      mkm_spi_cs_n,
                     input wire                       mkm_spi_do,
                     output wire                      mkm_spi_di,

                     input wire                       init,
                     input wire                       next,
                     input wire                       read,
                     input wire                       write,
                     input wire                       encdec,

                     output wire                      ready,
                     output wire                      valid,

                     input wire [(MEM_BITS - 2) : 0]  rlen,

                     input wire [255 : 0]             key,
                     input wire                       keylen,
                     output wire [255 : 0]            read_key,
                     output wire [31 : 0]             mkm_status,

                     input wire  [63 : 0]             a_init,
                     output wire [63 : 0]             a_result,

                     input wire                       api_we,
                     input wire  [(MEM_BITS - 1) : 0] api_addr,
                     input wire [31 : 0]              api_wr_data,
                     output wire [31 : 0]             api_rd_data
                    );


  //----------------------------------------------------------------
  // Paramenters and local defines.
  //----------------------------------------------------------------
  localparam MAX_ITERATIONS = 6 - 1;

  localparam CTRL_IDLE          = 6'h0;
  localparam CTRL_INIT_WAIT     = 6'h1;
  localparam CTRL_NEXT_WSTART   = 6'h2;
  localparam CTRL_NEXT_USTART   = 6'h3;
  localparam CTRL_NEXT_LOOP0    = 6'h4;
  localparam CTRL_NEXT_LOOP     = 6'h5;
  localparam CTRL_NEXT_WAIT     = 6'h6;
  localparam CTRL_NEXT_UPDATE   = 6'h7;
  localparam CTRL_NEXT_WCHECK   = 6'h8;
  localparam CTRL_NEXT_UCHECK   = 6'h9;
  localparam CTRL_NEXT_FINALIZE = 6'ha;
  localparam CTRL_READ_START    = 6'h10;
  localparam CTRL_READ_END      = 6'h11;
  localparam CTRL_WRITE_START   = 6'h18;
  localparam CTRL_WRITE_END     = 6'h19;

  // API for mkm used by the core.
  localparam MKM_ADDR_CTRL        = 8'h08;
  localparam MKM_CTRL_READ_BIT    = 0;
  localparam MKM_CTRL_WRITE_BIT   = 1;
  localparam MKM_ADDR_STATUS      = 8'h09;
  localparam MKM_STATUS_READY_BIT = 0;
  localparam MKM_STATUS_VALID_BIT = 1;
  localparam MKM_ADDR_SCLK_DIV    = 8'h0a;
  localparam MKM_ADDR_EMEM_ADDR   = 8'h10;
  localparam MKM_ADDR_EMEM_DATA   = 8'h20;

  // Addresses for storage in the mkm
  localparam MKM_STATUS_WORD      = 8'h00;
  localparam MKM_KEY_BASE_WORD    = 8'h04;

  localparam DEFAULT_SCLK_DIV = 16'h0020;


  //----------------------------------------------------------------
  // Registers and memories including control signals.
  //----------------------------------------------------------------
  reg [63 : 0] a_reg;
  reg [63 : 0] a_new;
  reg          a_we;
  reg          init_a;

  reg          ready_reg;
  reg          ready_new;
  reg          ready_we;

  reg          valid_reg;
  reg          valid_new;
  reg          valid_we;

  reg [(MEM_BITS - 2) : 0] block_ctr_reg;
  reg [(MEM_BITS - 2) : 0] block_ctr_new;
  reg                      block_ctr_we;
  reg                      block_ctr_dec;
  reg                      block_ctr_inc;
  reg                      block_ctr_rst;
  reg                      block_ctr_set;

  reg [2 : 0]  iteration_ctr_reg;
  reg [2 : 0]  iteration_ctr_new;
  reg          iteration_ctr_we;
  reg          iteration_ctr_inc;
  reg          iteration_ctr_dec;
  reg          iteration_ctr_set;
  reg          iteration_ctr_rst;

  reg [31 : 0] mkm_key [0 : 7];
  reg          mkm_key_we;

  reg [2 : 0]  mkm_word_ctr_reg;
  reg [2 : 0]  mkm_word_ctr_new;
  reg          mkm_word_ctr_we;

  reg [7 : 0]  mkm_addr_reg;
  reg [7 : 0]  mkm_addr_new;
  reg          mkm_addr_we;

  reg [31 : 0]  mkm_status_reg;
  reg [31 : 0]  mkm_status_new;
  reg           mkm_status_we;

  reg [5 : 0]  keywrap_core_ctrl_reg;
  reg [5 : 0]  keywrap_core_ctrl_new;
  reg          keywrap_core_ctrl_we;


  //----------------------------------------------------------------
  // Wires.
  //----------------------------------------------------------------
  reg            aes_init;
  reg            aes_next;
  wire           aes_ready;
  wire           aes_valid;
  reg  [127 : 0] aes_block;
  wire [127 : 0] aes_result;

  reg            update_state;

  reg                      core_we;
  reg [(MEM_BITS - 2) : 0] core_addr;
  reg [63 : 0]             core_wr_data;
  wire [63 : 0]            core_rd_data;

  reg            mkm_init_op;
  reg            mkm_read_op;
  reg            mkm_write_op;
  wire           mkm_ready;
  wire           mkm_valid;
  reg [15 : 0]   mkm_sclk_div;
  reg [15 : 0]   mkm_addr;
  reg [31 : 0]   mkm_write_data;
  wire [31 : 0]  mkm_read_data;


  //----------------------------------------------------------------
  // Instantiations.
  //----------------------------------------------------------------
  keywrap_mem #(.API_ADDR_BITS(MEM_BITS))
              mem(
                  .clk(clk),

                  .api_we(api_we),
                  .api_addr(api_addr),
                  .api_wr_data(api_wr_data),
                  .api_rd_data(api_rd_data),

                  .core_we(core_we),
                  .core_addr(core_addr),
                  .core_wr_data(core_wr_data),
                  .core_rd_data(core_rd_data)
                 );


  aes_core aes(
               .clk(clk),
               .reset_n(reset_n),

               .encdec(encdec),
               .init(aes_init),
               .next(aes_next),

               .key(key),
               .keylen(keylen),

               .block(aes_block),

               .ready(aes_ready),
               .result(aes_result),
               .result_valid(aes_valid)
              );


  mkmif_core mkm(
                 .clk(clk),
                 .reset_n(reset_n),

                 .spi_sclk(mkm_spi_sclk),
                 .spi_cs_n(mkm_spi_cs_n),
                 .spi_do(mkm_spi_do),
                 .spi_di(mkm_spi_di),

                 .init_op(mkm_init_op),
                 .read_op(mkm_read_op),
                 .write_op(mkm_write_op),

                 .ready(mkm_ready),
                 .valid(mkm_valid),

                 .sclk_div(mkm_sclk_div),
                 .addr(mkm_addr),
                 .write_data(mkm_write_data),
                 .read_data(mkm_read_data)
                );


  //----------------------------------------------------------------
  // Assignments for ports.
  //----------------------------------------------------------------
  assign a_result   = a_reg;
  assign ready      = ready_reg;
  assign valid      = valid_reg;
  assign mkm_status = mkm_status_reg;


  //----------------------------------------------------------------
  // reg_update
  //----------------------------------------------------------------
  always @ (posedge clk or negedge reset_n)
    begin: reg_update
      integer i;

      if (!reset_n)
        begin
          for (i = 0 ; i < 8 ; i = i + 1)
            mkm_key[i] <= 32'h0;

          a_reg                 <= 64'h0;
          ready_reg             <= 1'h1;
          valid_reg             <= 1'h1;
          block_ctr_reg         <= {(MEM_BITS - 1){1'h0}};
          iteration_ctr_reg     <= 3'h0;
          mkm_word_ctr_reg      <= 3'h0;
          mkm_addr_reg          <= 8'h0;
          mkm_status_reg        <= 32'h0;
          keywrap_core_ctrl_reg <= CTRL_IDLE;
       end

      else
        begin
          if (a_we)
            a_reg <= a_new;

          if (mkm_status_we)
            mkm_status_reg <= mkm_read_data;

          if (ready_we)
            ready_reg <= ready_new;

          if (valid_we)
            valid_reg <= valid_new;

          if (block_ctr_we)
            block_ctr_reg <= block_ctr_new;

          if (iteration_ctr_we)
            iteration_ctr_reg <= iteration_ctr_new;

          if (keywrap_core_ctrl_we)
            keywrap_core_ctrl_reg <= keywrap_core_ctrl_new;
        end
    end // reg_update


  //----------------------------------------------------------------
  // keywrap_logic
  //
  // Main logic for the key wrap functionality.
  //----------------------------------------------------------------
  always @*
    begin : keywrap_logic
      reg [63 : 0] xor_val;

      a_new     = 64'h0;
      a_we      = 1'h0;
      core_addr = block_ctr_reg;
      core_we   = 1'h0;

      xor_val = (rlen * iteration_ctr_reg) + {51'h0, (block_ctr_reg + 1'h1)};

      if (encdec)
        aes_block = {a_reg, core_rd_data};
      else
        aes_block = {(a_reg ^ xor_val), core_rd_data};

      core_wr_data = aes_result[63 : 0];

      if (init_a)
        begin
          a_new = a_init;
          a_we  = 1'h1;
        end

      if (update_state)
        begin
          core_we = 1'h1;

          if (encdec)
            a_new   = aes_result[127 : 64] ^ xor_val;
          else
            a_new   = aes_result[127 : 64];
          a_we    = 1'h1;
        end
    end


  //----------------------------------------------------------------
  // block_ctr
  //----------------------------------------------------------------
  always @*
    begin : block_ctr
      block_ctr_new = {(MEM_BITS - 1){1'h0}};
      block_ctr_we  = 1'h0;

      if (block_ctr_rst)
        begin
          block_ctr_new = {(MEM_BITS - 1){1'h0}};
          block_ctr_we  = 1'h1;
        end

      if (block_ctr_set)
        begin
          block_ctr_new = (rlen - 1'h1);
          block_ctr_we  = 1'h1;
        end

      if (block_ctr_dec)
        begin
          block_ctr_new = block_ctr_reg - 1'h1;
          block_ctr_we  = 1'h1;
        end

      if (block_ctr_inc)
        begin
          block_ctr_new = block_ctr_reg + 1'h1;
          block_ctr_we  = 1'h1;
        end
    end


  //----------------------------------------------------------------
  // iteration_ctr
  //----------------------------------------------------------------
  always @*
    begin : iteration_ctr
      iteration_ctr_new = 3'h0;
      iteration_ctr_we  = 1'h0;

      if (iteration_ctr_rst)
        begin
          iteration_ctr_new = 3'h0;
          iteration_ctr_we  = 1'h1;
        end

      if (iteration_ctr_set)
        begin
          iteration_ctr_new = MAX_ITERATIONS;
          iteration_ctr_we  = 1'h1;
        end

      if (iteration_ctr_dec)
        begin
          iteration_ctr_new = iteration_ctr_reg - 1'h1;
          iteration_ctr_we  = 1'h1;
        end

      if (iteration_ctr_inc)
        begin
          iteration_ctr_new = iteration_ctr_reg + 1'h1;
          iteration_ctr_we  = 1'h1;
        end

    end


  //----------------------------------------------------------------
  // keywrap_core_ctrl
  //----------------------------------------------------------------
  always @*
    begin : keywrap_core_ctrl
      ready_new             = 1'h0;
      ready_we              = 1'h0;
      valid_new             = 1'h0;
      valid_we              = 1'h0;
      init_a                = 1'h0;
      update_state          = 1'h0;
      aes_init              = 1'h0;
      aes_next              = 1'h0;
      block_ctr_dec         = 1'h0;
      block_ctr_inc         = 1'h0;
      block_ctr_rst         = 1'h0;
      block_ctr_set         = 1'h0;
      iteration_ctr_inc     = 1'h0;
      iteration_ctr_dec     = 1'h0;
      iteration_ctr_set     = 1'h0;
      iteration_ctr_rst     = 1'h0;

      mkm_init_op           = 1'h0;
      mkm_read_op           = 1'h0;
      mkm_write_op          = 1'h0;
      mkm_sclk_div          = DEFAULT_SCLK_DIV;
      mkm_addr              = 16'h0;
      mkm_write_data        = 32'h0;

      keywrap_core_ctrl_new = CTRL_IDLE;
      keywrap_core_ctrl_we  = 1'h0;


      case (keywrap_core_ctrl_reg)
        CTRL_IDLE:
          begin
            if (init)
              begin
                aes_init              = 1'h1;
                ready_new             = 1'h0;
                ready_we              = 1'h1;
                valid_new             = 1'h0;
                valid_we              = 1'h1;
                keywrap_core_ctrl_new = CTRL_INIT_WAIT;
                keywrap_core_ctrl_we  = 1'h1;
              end

            if (next)
              begin
                ready_new             = 1'h0;
                ready_we              = 1'h1;
                valid_new             = 1'h0;
                valid_we              = 1'h1;
                init_a                = 1'h1;

                if (encdec)
                  keywrap_core_ctrl_new = CTRL_NEXT_WSTART;
                else
                  keywrap_core_ctrl_new = CTRL_NEXT_USTART;
                keywrap_core_ctrl_we  = 1'h1;
              end

            if (read)
              begin
                ready_new             = 1'h0;
                ready_we              = 1'h1;
                keywrap_core_ctrl_new = CTRL_READ_START;
                keywrap_core_ctrl_we  = 1'h1;
              end

            if (write)
              begin
                ready_new             = 1'h0;
                ready_we              = 1'h1;
                keywrap_core_ctrl_new = CTRL_WRITE_START;
                keywrap_core_ctrl_we  = 1'h1;
              end
          end


        CTRL_INIT_WAIT:
          begin
            if (aes_ready)
              begin
                ready_new             = 1'h1;
                ready_we              = 1'h1;
                keywrap_core_ctrl_new = CTRL_IDLE;
                keywrap_core_ctrl_we  = 1'h1;
              end
          end


        CTRL_NEXT_WSTART:
          begin
            block_ctr_rst         = 1'h1;
            iteration_ctr_rst     = 1'h1;
            keywrap_core_ctrl_new = CTRL_NEXT_LOOP0;
            keywrap_core_ctrl_we  = 1'h1;
          end


        CTRL_NEXT_USTART:
          begin
            block_ctr_set         = 1'h1;
            iteration_ctr_set     = 1'h1;
            keywrap_core_ctrl_new = CTRL_NEXT_LOOP0;
            keywrap_core_ctrl_we  = 1'h1;
          end


        CTRL_NEXT_LOOP0:
          begin
            keywrap_core_ctrl_new = CTRL_NEXT_LOOP;
            keywrap_core_ctrl_we  = 1'h1;
          end


        CTRL_NEXT_LOOP:
          begin
            aes_next              = 1'h1;
            keywrap_core_ctrl_new = CTRL_NEXT_WAIT;
            keywrap_core_ctrl_we  = 1'h1;
          end


        CTRL_NEXT_WAIT:
          begin
            if (aes_ready)
              begin
                keywrap_core_ctrl_new = CTRL_NEXT_UPDATE;
                keywrap_core_ctrl_we  = 1'h1;
              end
          end


        CTRL_NEXT_UPDATE:
          begin
            update_state = 1'h1;

            if (encdec)
              keywrap_core_ctrl_new = CTRL_NEXT_WCHECK;
            else
              keywrap_core_ctrl_new = CTRL_NEXT_UCHECK;
            keywrap_core_ctrl_we  = 1'h1;
          end


        CTRL_NEXT_WCHECK:
          begin
            if (block_ctr_reg < (rlen - 1'h1))
              begin
                block_ctr_inc         = 1'h1;
                keywrap_core_ctrl_new = CTRL_NEXT_LOOP0;
                keywrap_core_ctrl_we  = 1'h1;
              end

            else if (iteration_ctr_reg < MAX_ITERATIONS)
              begin
                block_ctr_rst         = 1'h1;
                iteration_ctr_inc     = 1'h1;
                keywrap_core_ctrl_new = CTRL_NEXT_LOOP0;
                keywrap_core_ctrl_we  = 1'h1;
              end

            else
              begin
                keywrap_core_ctrl_new = CTRL_NEXT_FINALIZE;
                keywrap_core_ctrl_we  = 1'h1;
              end
          end


        CTRL_NEXT_UCHECK:
          begin
            if (block_ctr_reg > 0)
              begin
                block_ctr_dec         = 1'h1;
                keywrap_core_ctrl_new = CTRL_NEXT_LOOP0;
                keywrap_core_ctrl_we  = 1'h1;
              end

            else if (iteration_ctr_reg > 0)
              begin
                block_ctr_set         = 1'h1;
                iteration_ctr_dec     = 1'h1;
                keywrap_core_ctrl_new = CTRL_NEXT_LOOP0;
                keywrap_core_ctrl_we  = 1'h1;
              end

            else
              begin
                keywrap_core_ctrl_new = CTRL_NEXT_FINALIZE;
                keywrap_core_ctrl_we  = 1'h1;
              end
          end


        CTRL_NEXT_FINALIZE:
          begin
            ready_new             = 1'h1;
            ready_we              = 1'h1;
            valid_new             = 1'h1;
            valid_we              = 1'h1;
            keywrap_core_ctrl_new = CTRL_IDLE;
            keywrap_core_ctrl_we  = 1'h1;
          end


        CTRL_READ_START:
          begin
            keywrap_core_ctrl_new = CTRL_READ_END;
            keywrap_core_ctrl_we  = 1'h1;
          end


        CTRL_READ_END:
          begin
            ready_new             = 1'h1;
            ready_we              = 1'h1;
            keywrap_core_ctrl_new = CTRL_IDLE;
            keywrap_core_ctrl_we  = 1'h1;
          end


        CTRL_WRITE_START:
          begin
            keywrap_core_ctrl_new = CTRL_WRITE_END;
            keywrap_core_ctrl_we  = 1'h1;
          end


        CTRL_WRITE_END:
          begin
            ready_new             = 1'h1;
            ready_we              = 1'h1;
            keywrap_core_ctrl_new = CTRL_IDLE;
            keywrap_core_ctrl_we  = 1'h1;
          end

        default:
          begin

          end
      endcase // case (keywrap_core_ctrl_reg)
    end // keywrap_core_ctrl

endmodule // keywrap_core

//======================================================================
// EOF keywrap_core.v
//======================================================================