diff options
-rw-r--r-- | src/rtl/keywrap.v | 34 | ||||
-rw-r--r-- | src/rtl/keywrap_core.v | 127 | ||||
-rw-r--r-- | src/rtl/keywrap_mem.v | 29 |
3 files changed, 161 insertions, 29 deletions
diff --git a/src/rtl/keywrap.v b/src/rtl/keywrap.v index b656299..41f3bd5 100644 --- a/src/rtl/keywrap.v +++ b/src/rtl/keywrap.v @@ -74,6 +74,8 @@ module keywrap( localparam CTRL_KEYLEN_BIT = 1; localparam ADDR_RLEN = 8'h0c; + localparam ADDR_A0 = 8'h0e; + localparam ADDR_A1 = 8'h0f; localparam ADDR_KEY0 = 8'h10; localparam ADDR_KEY7 = 8'h17; @@ -109,6 +111,12 @@ module keywrap( reg [12 : 0] rlen_reg; reg rlen_we; + reg [31 : 0] a0_reg; + reg a0_we; + + reg [31 : 0] a1_reg; + reg a1_we; + reg [31 : 0] key_reg [0 : 7]; reg key_we; @@ -126,6 +134,7 @@ module keywrap( wire core_valid; wire [255 : 0] core_key; wire [31 : 0] core_api_rd_data; + wire [63 : 0] core_a_result; //---------------------------------------------------------------- @@ -157,6 +166,9 @@ module keywrap( .key(core_key), .keylen(keylen_reg), + .a_init({a1_reg, a0_reg}), + .a_result(core_a_result), + .api_cs(api_cs_reg), .api_we(api_we_reg), .api_wr_data(write_data), @@ -185,6 +197,8 @@ module keywrap( ready_reg <= 1'h0; api_cs_reg <= 1'h0; api_we_reg <= 1'h0; + a0_reg <= 32'h0; + a1_reg <= 32'h0; end else begin @@ -204,6 +218,12 @@ module keywrap( if (rlen_we) rlen_reg <= write_data[12 : 0]; + if (a0_we) + a0_reg <= write_data; + + if (a1_we) + a1_reg <= write_data; + if (key_we) key_reg[address[2 : 0]] <= write_data; end @@ -224,6 +244,8 @@ module keywrap( key_we = 1'h0; api_cs_new = 1'h0; api_we_new = 1'h0; + a0_we = 1'h1; + a1_we = 1'h1; tmp_read_data = 32'h0; tmp_error = 1'h0; @@ -246,6 +268,12 @@ module keywrap( if ((address >= ADDR_KEY0) && (address <= ADDR_KEY7)) key_we = 1'h1; + if (ADDR_A0) + a0_we = 1'h1; + + if (ADDR_A1) + a1_we = 1'h1; + if (address == ADDR_WRITE_DATA) begin api_cs_new = 1'h1; @@ -267,6 +295,12 @@ module keywrap( end endcase // case (address) + if (ADDR_A0) + tmp_read_data = core_a_result[31 : 0]; + + if (ADDR_A1) + tmp_read_data = core_a_result[63 : 32]; + if (address == ADDR_READ_DATA) begin api_cs_new = 1'h1; diff --git a/src/rtl/keywrap_core.v b/src/rtl/keywrap_core.v index 6e29d45..e3e0723 100644 --- a/src/rtl/keywrap_core.v +++ b/src/rtl/keywrap_core.v @@ -56,6 +56,9 @@ module keywrap_core ( input wire [255 : 0] key, input wire keylen, + input wire [63 : 0] a_init, + output wire [63 : 0] a_result, + input wire api_cs, input wire api_we, input wire [31 : 0] api_wr_data, @@ -68,12 +71,10 @@ module keywrap_core ( //---------------------------------------------------------------- localparam OUTER_LOOP_MAX = 6; - localparam CTRL_IDLE = 3'h0; localparam CTRL_INIT = 3'h1; localparam CTRL_NEXT = 3'h2; - - localparam RFC5649_A_IV = 32'ha65959a6; + localparam CTRL_STEP1 = 3'h3; //---------------------------------------------------------------- @@ -82,7 +83,7 @@ module keywrap_core ( reg [63 : 0] a_reg; reg [63 : 0] a_new; reg a_we; - reg a_init; + reg init_a; reg ready_reg; reg ready_new; @@ -124,6 +125,8 @@ module keywrap_core ( wire [127 : 0] aes_result; wire aes_valid; + reg update_state; + reg core_we; reg [12 : 0] core_addr; reg [63 : 0] core_wr_data; @@ -166,9 +169,11 @@ module keywrap_core ( .result_valid(aes_valid) ); + //---------------------------------------------------------------- // Assignments for ports. //---------------------------------------------------------------- + assign a_result = a_reg; //---------------------------------------------------------------- @@ -178,12 +183,30 @@ module keywrap_core ( begin: reg_update if (!reset_n) begin + a_reg <= 64'h0; + ready_reg <= 1'h0; + api_addr_ctr_reg <= 14'h0; + block_ctr_reg <= 13'h0; + iteration_ctr_reg <= 3'h0; keywrap_core_ctrl_reg <= CTRL_IDLE; - - end + end else begin + if (a_we) + a_reg <= a_new; + + if (ready_we) + ready_reg <= ready_new; + + if (api_addr_ctr_we) + api_addr_ctr_reg <= api_addr_ctr_new; + + if (block_ctr_we) + block_ctr_reg <= block_ctr_new; + + if (iteration_ctr_we) + iteration_ctr_reg <= iteration_ctr_new; if (keywrap_core_ctrl_we) keywrap_core_ctrl_reg <= keywrap_core_ctrl_new; @@ -192,6 +215,36 @@ module keywrap_core ( //---------------------------------------------------------------- + // keywrap_dp + // + // Main logic for the key wrap functionality. + //---------------------------------------------------------------- + always @* + begin : keywrap_dp + reg xor_val; + + a_we = 1'h0; + a_new = 32'h0; + + aes_block = {a_reg, core_rd_data}; + core_wr_data = aes_result[63 : 0]; + xor_val = (rlen * iteration_ctr_reg) + block_ctr_reg; + + if (init_a) + begin + a_we = 1'h1; + a_new = a_init; + end + + if (update_state) + begin + a_we = 1'h1; + a_new = aes_result[127 : 64] ^ xor_val; + end + end + + + //---------------------------------------------------------------- // api_addr_ctr //---------------------------------------------------------------- always @* @@ -275,21 +328,65 @@ module keywrap_core ( //---------------------------------------------------------------- always @* begin : keywrap_core_ctrl - aes_encdec = 0; - aes_init = 0; - aes_next = 0; - block_ctr_inc = 0; - block_ctr_rst = 0; - iteration_ctr_inc = 0; - iteration_ctr_dec = 0; - iteration_ctr_set = 0; - iteration_ctr_rst = 0; + init_a = 1'h0; + update_state = 1'h0; + aes_encdec = 1'h0; + aes_init = 1'h0; + aes_next = 1'h0; + api_addr_ctr_rst = 1'h0; + api_addr_ctr_inc = 1'h0; + block_ctr_inc = 1'h0; + block_ctr_rst = 1'h0; + iteration_ctr_inc = 1'h0; + iteration_ctr_dec = 1'h0; + iteration_ctr_set = 1'h0; + iteration_ctr_rst = 1'h0; + keywrap_core_ctrl_new = CTRL_IDLE; + keywrap_core_ctrl_we = 1'h0; case (keywrap_core_ctrl_reg) CTRL_IDLE: begin + if (init) + begin + keywrap_core_ctrl_new = CTRL_INIT; + keywrap_core_ctrl_we = 1'h1; + end + + if (next) + begin + keywrap_core_ctrl_new = CTRL_NEXT; + keywrap_core_ctrl_we = 1'h1; + end + end + + + CTRL_INIT: + begin + api_addr_ctr_rst = 1'h1; + keywrap_core_ctrl_new = CTRL_IDLE; + keywrap_core_ctrl_we = 1'h1; end + + CTRL_NEXT: + begin + init_a = 1'h1; + block_ctr_rst = 1'h1; + iteration_ctr_rst = 1'h1; + keywrap_core_ctrl_new = CTRL_STEP1; + keywrap_core_ctrl_we = 1'h1; + end + + + CTRL_STEP1: + begin + update_state = 1'h1; + keywrap_core_ctrl_new = CTRL_IDLE; + keywrap_core_ctrl_we = 1'h1; + end + + default: begin diff --git a/src/rtl/keywrap_mem.v b/src/rtl/keywrap_mem.v index dc1d873..d31c76c 100644 --- a/src/rtl/keywrap_mem.v +++ b/src/rtl/keywrap_mem.v @@ -69,19 +69,19 @@ module keywrap_mem ( //---------------------------------------------------------------- // Wires. //---------------------------------------------------------------- - reg [31 : 0] tmp_api_rd_data0; - reg [31 : 0] tmp_api_rd_data1; - reg [31 : 0] muxed_tmp_api_rd_data; + reg [31 : 0] api_rd_data0; + reg [31 : 0] api_rd_data1; + reg [31 : 0] muxed_api_rd_data; - reg [31 : 0] tmp_core_rd_data0; - reg [31 : 0] tmp_core_rd_data1; + reg [31 : 0] core_rd_data0; + reg [31 : 0] core_rd_data1; //---------------------------------------------------------------- // Assignments for ports. //---------------------------------------------------------------- - assign api_rd_data = muxed_tmp_api_rd_data; - assign core_rd_data = {tmp_core_rd_data1, tmp_core_rd_data0}; + assign api_rd_data = muxed_api_rd_data; + assign core_rd_data = {core_rd_data1, core_rd_data0}; //---------------------------------------------------------------- @@ -89,8 +89,8 @@ module keywrap_mem ( //---------------------------------------------------------------- always @(posedge clk) begin : mem0_access - tmp_core_rd_data0 <= mem0[core_addr]; - tmp_api_rd_data0 <= mem0[api_addr[13 : 1]]; + core_rd_data0 <= mem0[core_addr]; + api_rd_data0 <= mem0[api_addr[13 : 1]]; if (mem0_we) mem0[mem0_addr] <= mem0_data; @@ -102,8 +102,8 @@ module keywrap_mem ( //---------------------------------------------------------------- always @(posedge clk) begin : mem1_access - tmp_core_rd_data1 <= mem1[core_addr]; - tmp_api_rd_data1 <= mem1[api_addr[13 : 1]]; + core_rd_data1 <= mem1[core_addr]; + api_rd_data1 <= mem1[api_addr[13 : 1]]; if (mem1_we) mem1[mem1_addr] <= mem1_data; @@ -111,13 +111,14 @@ module keywrap_mem ( //---------------------------------------------------------------- + // api_rd_data_mux //---------------------------------------------------------------- always @* - begin + begin : api_rd_data_mux if (api_addr[0]) - muxed_tmp_api_rd_data = tmp_api_rd_data1; + muxed_api_rd_data = api_rd_data1; else - muxed_tmp_api_rd_data = tmp_api_rd_data0; + muxed_api_rd_data = api_rd_data0; end |