aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoachim StroĢˆmbergson <joachim@secworks.se>2018-06-28 16:04:13 +0200
committerJoachim StroĢˆmbergson <joachim@secworks.se>2018-06-28 16:04:13 +0200
commit9e08b2d3f5cdcca969f13c2cacd4511693848d59 (patch)
tree3f22061a5e03383ffdf4da6a916092979fa21708
parent311ab5f3d9b9c6777e8d4377c6774f2c47cb577f (diff)
Adding a lot of functionality. Starting to get everthing in place.
Diffstat
-rw-r--r--src/rtl/keywrap.v34
-rw-r--r--src/rtl/keywrap_core.v127
-rw-r--r--src/rtl/keywrap_mem.v29
3 files changed, 161 insertions, 29 deletions
diff --git a/src/rtl/keywrap.v b/src/rtl/keywrap.v
index b656299..41f3bd5 100644
--- a/src/rtl/keywrap.v
+++ b/src/rtl/keywrap.v
@@ -74,6 +74,8 @@ module keywrap(
localparam CTRL_KEYLEN_BIT = 1;
localparam ADDR_RLEN = 8'h0c;
+ localparam ADDR_A0 = 8'h0e;
+ localparam ADDR_A1 = 8'h0f;
localparam ADDR_KEY0 = 8'h10;
localparam ADDR_KEY7 = 8'h17;
@@ -109,6 +111,12 @@ module keywrap(
reg [12 : 0] rlen_reg;
reg rlen_we;
+ reg [31 : 0] a0_reg;
+ reg a0_we;
+
+ reg [31 : 0] a1_reg;
+ reg a1_we;
+
reg [31 : 0] key_reg [0 : 7];
reg key_we;
@@ -126,6 +134,7 @@ module keywrap(
wire core_valid;
wire [255 : 0] core_key;
wire [31 : 0] core_api_rd_data;
+ wire [63 : 0] core_a_result;
//----------------------------------------------------------------
@@ -157,6 +166,9 @@ module keywrap(
.key(core_key),
.keylen(keylen_reg),
+ .a_init({a1_reg, a0_reg}),
+ .a_result(core_a_result),
+
.api_cs(api_cs_reg),
.api_we(api_we_reg),
.api_wr_data(write_data),
@@ -185,6 +197,8 @@ module keywrap(
ready_reg <= 1'h0;
api_cs_reg <= 1'h0;
api_we_reg <= 1'h0;
+ a0_reg <= 32'h0;
+ a1_reg <= 32'h0;
end
else
begin
@@ -204,6 +218,12 @@ module keywrap(
if (rlen_we)
rlen_reg <= write_data[12 : 0];
+ if (a0_we)
+ a0_reg <= write_data;
+
+ if (a1_we)
+ a1_reg <= write_data;
+
if (key_we)
key_reg[address[2 : 0]] <= write_data;
end
@@ -224,6 +244,8 @@ module keywrap(
key_we = 1'h0;
api_cs_new = 1'h0;
api_we_new = 1'h0;
+ a0_we = 1'h1;
+ a1_we = 1'h1;
tmp_read_data = 32'h0;
tmp_error = 1'h0;
@@ -246,6 +268,12 @@ module keywrap(
if ((address >= ADDR_KEY0) && (address <= ADDR_KEY7))
key_we = 1'h1;
+ if (ADDR_A0)
+ a0_we = 1'h1;
+
+ if (ADDR_A1)
+ a1_we = 1'h1;
+
if (address == ADDR_WRITE_DATA)
begin
api_cs_new = 1'h1;
@@ -267,6 +295,12 @@ module keywrap(
end
endcase // case (address)
+ if (ADDR_A0)
+ tmp_read_data = core_a_result[31 : 0];
+
+ if (ADDR_A1)
+ tmp_read_data = core_a_result[63 : 32];
+
if (address == ADDR_READ_DATA)
begin
api_cs_new = 1'h1;
diff --git a/src/rtl/keywrap_core.v b/src/rtl/keywrap_core.v
index 6e29d45..e3e0723 100644
--- a/src/rtl/keywrap_core.v
+++ b/src/rtl/keywrap_core.v
@@ -56,6 +56,9 @@ module keywrap_core (
input wire [255 : 0] key,
input wire keylen,
+ input wire [63 : 0] a_init,
+ output wire [63 : 0] a_result,
+
input wire api_cs,
input wire api_we,
input wire [31 : 0] api_wr_data,
@@ -68,12 +71,10 @@ module keywrap_core (
//----------------------------------------------------------------
localparam OUTER_LOOP_MAX = 6;
-
localparam CTRL_IDLE = 3'h0;
localparam CTRL_INIT = 3'h1;
localparam CTRL_NEXT = 3'h2;
-
- localparam RFC5649_A_IV = 32'ha65959a6;
+ localparam CTRL_STEP1 = 3'h3;
//----------------------------------------------------------------
@@ -82,7 +83,7 @@ module keywrap_core (
reg [63 : 0] a_reg;
reg [63 : 0] a_new;
reg a_we;
- reg a_init;
+ reg init_a;
reg ready_reg;
reg ready_new;
@@ -124,6 +125,8 @@ module keywrap_core (
wire [127 : 0] aes_result;
wire aes_valid;
+ reg update_state;
+
reg core_we;
reg [12 : 0] core_addr;
reg [63 : 0] core_wr_data;
@@ -166,9 +169,11 @@ module keywrap_core (
.result_valid(aes_valid)
);
+
//----------------------------------------------------------------
// Assignments for ports.
//----------------------------------------------------------------
+ assign a_result = a_reg;
//----------------------------------------------------------------
@@ -178,12 +183,30 @@ module keywrap_core (
begin: reg_update
if (!reset_n)
begin
+ a_reg <= 64'h0;
+ ready_reg <= 1'h0;
+ api_addr_ctr_reg <= 14'h0;
+ block_ctr_reg <= 13'h0;
+ iteration_ctr_reg <= 3'h0;
keywrap_core_ctrl_reg <= CTRL_IDLE;
-
- end
+ end
else
begin
+ if (a_we)
+ a_reg <= a_new;
+
+ if (ready_we)
+ ready_reg <= ready_new;
+
+ if (api_addr_ctr_we)
+ api_addr_ctr_reg <= api_addr_ctr_new;
+
+ if (block_ctr_we)
+ block_ctr_reg <= block_ctr_new;
+
+ if (iteration_ctr_we)
+ iteration_ctr_reg <= iteration_ctr_new;
if (keywrap_core_ctrl_we)
keywrap_core_ctrl_reg <= keywrap_core_ctrl_new;
@@ -192,6 +215,36 @@ module keywrap_core (
//----------------------------------------------------------------
+ // keywrap_dp
+ //
+ // Main logic for the key wrap functionality.
+ //----------------------------------------------------------------
+ always @*
+ begin : keywrap_dp
+ reg xor_val;
+
+ a_we = 1'h0;
+ a_new = 32'h0;
+
+ aes_block = {a_reg, core_rd_data};
+ core_wr_data = aes_result[63 : 0];
+ xor_val = (rlen * iteration_ctr_reg) + block_ctr_reg;
+
+ if (init_a)
+ begin
+ a_we = 1'h1;
+ a_new = a_init;
+ end
+
+ if (update_state)
+ begin
+ a_we = 1'h1;
+ a_new = aes_result[127 : 64] ^ xor_val;
+ end
+ end
+
+
+ //----------------------------------------------------------------
// api_addr_ctr
//----------------------------------------------------------------
always @*
@@ -275,21 +328,65 @@ module keywrap_core (
//----------------------------------------------------------------
always @*
begin : keywrap_core_ctrl
- aes_encdec = 0;
- aes_init = 0;
- aes_next = 0;
- block_ctr_inc = 0;
- block_ctr_rst = 0;
- iteration_ctr_inc = 0;
- iteration_ctr_dec = 0;
- iteration_ctr_set = 0;
- iteration_ctr_rst = 0;
+ init_a = 1'h0;
+ update_state = 1'h0;
+ aes_encdec = 1'h0;
+ aes_init = 1'h0;
+ aes_next = 1'h0;
+ api_addr_ctr_rst = 1'h0;
+ api_addr_ctr_inc = 1'h0;
+ block_ctr_inc = 1'h0;
+ block_ctr_rst = 1'h0;
+ iteration_ctr_inc = 1'h0;
+ iteration_ctr_dec = 1'h0;
+ iteration_ctr_set = 1'h0;
+ iteration_ctr_rst = 1'h0;
+ keywrap_core_ctrl_new = CTRL_IDLE;
+ keywrap_core_ctrl_we = 1'h0;
case (keywrap_core_ctrl_reg)
CTRL_IDLE:
begin
+ if (init)
+ begin
+ keywrap_core_ctrl_new = CTRL_INIT;
+ keywrap_core_ctrl_we = 1'h1;
+ end
+
+ if (next)
+ begin
+ keywrap_core_ctrl_new = CTRL_NEXT;
+ keywrap_core_ctrl_we = 1'h1;
+ end
+ end
+
+
+ CTRL_INIT:
+ begin
+ api_addr_ctr_rst = 1'h1;
+ keywrap_core_ctrl_new = CTRL_IDLE;
+ keywrap_core_ctrl_we = 1'h1;
end
+
+ CTRL_NEXT:
+ begin
+ init_a = 1'h1;
+ block_ctr_rst = 1'h1;
+ iteration_ctr_rst = 1'h1;
+ keywrap_core_ctrl_new = CTRL_STEP1;
+ keywrap_core_ctrl_we = 1'h1;
+ end
+
+
+ CTRL_STEP1:
+ begin
+ update_state = 1'h1;
+ keywrap_core_ctrl_new = CTRL_IDLE;
+ keywrap_core_ctrl_we = 1'h1;
+ end
+
+
default:
begin
diff --git a/src/rtl/keywrap_mem.v b/src/rtl/keywrap_mem.v
index dc1d873..d31c76c 100644
--- a/src/rtl/keywrap_mem.v
+++ b/src/rtl/keywrap_mem.v
@@ -69,19 +69,19 @@ module keywrap_mem (
//----------------------------------------------------------------
// Wires.
//----------------------------------------------------------------
- reg [31 : 0] tmp_api_rd_data0;
- reg [31 : 0] tmp_api_rd_data1;
- reg [31 : 0] muxed_tmp_api_rd_data;
+ reg [31 : 0] api_rd_data0;
+ reg [31 : 0] api_rd_data1;
+ reg [31 : 0] muxed_api_rd_data;
- reg [31 : 0] tmp_core_rd_data0;
- reg [31 : 0] tmp_core_rd_data1;
+ reg [31 : 0] core_rd_data0;
+ reg [31 : 0] core_rd_data1;
//----------------------------------------------------------------
// Assignments for ports.
//----------------------------------------------------------------
- assign api_rd_data = muxed_tmp_api_rd_data;
- assign core_rd_data = {tmp_core_rd_data1, tmp_core_rd_data0};
+ assign api_rd_data = muxed_api_rd_data;
+ assign core_rd_data = {core_rd_data1, core_rd_data0};
//----------------------------------------------------------------
@@ -89,8 +89,8 @@ module keywrap_mem (
//----------------------------------------------------------------
always @(posedge clk)
begin : mem0_access
- tmp_core_rd_data0 <= mem0[core_addr];
- tmp_api_rd_data0 <= mem0[api_addr[13 : 1]];
+ core_rd_data0 <= mem0[core_addr];
+ api_rd_data0 <= mem0[api_addr[13 : 1]];
if (mem0_we)
mem0[mem0_addr] <= mem0_data;
@@ -102,8 +102,8 @@ module keywrap_mem (
//----------------------------------------------------------------
always @(posedge clk)
begin : mem1_access
- tmp_core_rd_data1 <= mem1[core_addr];
- tmp_api_rd_data1 <= mem1[api_addr[13 : 1]];
+ core_rd_data1 <= mem1[core_addr];
+ api_rd_data1 <= mem1[api_addr[13 : 1]];
if (mem1_we)
mem1[mem1_addr] <= mem1_data;
@@ -111,13 +111,14 @@ module keywrap_mem (
//----------------------------------------------------------------
+ // api_rd_data_mux
//----------------------------------------------------------------
always @*
- begin
+ begin : api_rd_data_mux
if (api_addr[0])
- muxed_tmp_api_rd_data = tmp_api_rd_data1;
+ muxed_api_rd_data = api_rd_data1;
else
- muxed_tmp_api_rd_data = tmp_api_rd_data0;
+ muxed_api_rd_data = api_rd_data0;
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-02 16:08:09 +0000