Skip to content

Commit 356b37a

Browse files
secworkssecworks
committed
Change final handling to FSM
Signed-off-by: Joachim Strömbergson <[email protected]>
1 parent b9d309c commit 356b37a

File tree

2 files changed

+173
-73
lines changed

2 files changed

+173
-73
lines changed

Diff for: src/rtl/sha256_final_padding.v

+119-58
Original file line numberDiff line numberDiff line change
@@ -54,47 +54,61 @@ module sha256_final_padding(
5454

5555
output wire init_out,
5656
output wire next_out,
57+
output wire ready_out,
5758
output wire [511 : 0] block_out
5859
);
5960

6061

6162
//----------------------------------------------------------------
6263
// Internal constant and parameter definitions.
6364
//----------------------------------------------------------------
64-
localparam CTRL_IDLE = 1'h0;
65-
localparam CTRL_FINAL = 1'h1;
65+
localparam CTRL_IDLE = 3'h0;
66+
localparam CTRL_FINAL = 3'h1;
67+
localparam CTRL_NEXT1 = 3'h2;
68+
localparam CTRL_READY1 = 3'h3;
69+
localparam CTRL_NEXT2 = 3'h4;
70+
localparam CTRL_READY2 = 3'h5;
71+
72+
localparam NO_INC = 2'h0;
73+
localparam BLOCK_INC = 2'h1;
74+
localparam FINAL_INC = 2'h2;
6675

6776

6877
//----------------------------------------------------------------
6978
// Registers including update variables and write enable.
7079
//----------------------------------------------------------------
71-
reg [8 : 0] final_len_reg;
72-
reg [8 : 0] final_len_we;
80+
reg [511 : 0] block_out_reg;
81+
reg [511 : 0] block_out_new;
82+
reg block_out_we;
83+
84+
reg [8 : 0] final_len_reg;
85+
reg final_len_we;
7386

7487
reg [63 : 0] bit_ctr_reg;
7588
reg [63 : 0] bit_ctr_new;
7689
reg bit_ctr_rst;
77-
reg bit_ctr_block_inc;
90+
reg [1 : 0] bit_ctr_inc;
7891
reg bit_ctr_we;
7992

80-
reg sha256_final_padding_ctrl_reg;
81-
reg sha256_final_padding_ctrl_new;
82-
reg sha256_final_padding_ctrl_we;
93+
reg [2 : 0] sha256_final_padding_ctrl_reg;
94+
reg [2 : 0] sha256_final_padding_ctrl_new;
95+
reg [2 : 0] sha256_final_padding_ctrl_we;
8396

8497

8598
//----------------------------------------------------------------
8699
// Wires.
87100
//----------------------------------------------------------------
88-
reg [1 : 0] block_out_mux_ctrl;
89101
reg [511 : 0] tmp_block_out;
90102
reg tmp_next_out;
103+
reg tmp_ready_out;
91104

92105

93106
//----------------------------------------------------------------
94107
// Concurrent connectivity for ports etc.
95108
//----------------------------------------------------------------
96109
assign init_out = init_in;
97110
assign next_out = tmp_next_out;
111+
assign ready_out = tmp_ready_out;
98112
assign block_out = tmp_block_out;
99113

100114

@@ -106,14 +120,19 @@ module sha256_final_padding(
106120
integer i;
107121

108122
if (!reset_n) begin
123+
block_out_reg <= 512'h0;
109124
final_len_reg <= 9'h0;
110125
bit_ctr_reg <= 64'h0;
111126
sha256_final_padding_ctrl_reg <= CTRL_IDLE;
112127
end
113128

114129
else begin
130+
if (block_out_we) begin
131+
block_out_reg <= block_out_new;
132+
end
133+
115134
if (final_len_we) begin
116-
final_len_reg <= final_len;
135+
final_len_reg = final_len;
117136
end
118137

119138
if (bit_ctr_we) begin
@@ -140,10 +159,15 @@ module sha256_final_padding(
140159
bit_ctr_we = 1'h1;
141160
end
142161

143-
if (bit_ctr_block_inc) begin
162+
if (bit_ctr_inc == BLOCK_INC) begin
144163
bit_ctr_new = bit_ctr_reg + 9'h100;
145164
bit_ctr_we = 1'h1;
146165
end
166+
167+
if (bit_ctr_inc == FINAL_INC) begin
168+
bit_ctr_new = bit_ctr_reg + final_len;
169+
bit_ctr_we = 1'h1;
170+
end
147171
end
148172

149173

@@ -153,14 +177,14 @@ module sha256_final_padding(
153177
//----------------------------------------------------------------
154178
always @*
155179
begin : sha256_final_padding_ctrl
156-
reg [63 : 0] msg_len;
157-
158-
bit_ctr_rst = 1'h0;
159-
bit_ctr_block_inc = 1'h0;
180+
block_out_new = 512'h0;
181+
block_out_we = 1'h0;
160182
final_len_we = 1'h0;
161-
tmp_block_out = 512'h0;
162-
tmp_next_out = 1'h0;
163-
msg_len = 64'h0;
183+
bit_ctr_rst = 1'h0;
184+
bit_ctr_inc = NO_INC;
185+
tmp_block_out = block_in;
186+
tmp_next_out = next_in;
187+
tmp_ready_out = core_ready;
164188
sha256_final_padding_ctrl_new = CTRL_IDLE;
165189
sha256_final_padding_ctrl_we = 1'h0;
166190

@@ -171,59 +195,96 @@ module sha256_final_padding(
171195
end
172196

173197
if (next_in) begin
174-
bit_ctr_block_inc = 1'h1;
175-
tmp_block_out = block_in;
176-
tmp_next_out = 1'h1;
198+
bit_ctr_inc = BLOCK_INC;
177199
end
178200

179201
if (final_in) begin
180-
msg_len = bit_ctr_reg + final_len;
181-
182-
if (final_len < 448) begin
183-
// We fit in the final block.
184-
tmp_next_out = 1'h1;
185-
tmp_block_out = block_in;
186-
tmp_block_out[(511 - final_len)] = 1'h1;
187-
tmp_block_out[63 : 0] = msg_len;
188-
end
202+
tmp_next_out = 1'h0;
203+
tmp_ready_out = 1'h0;
204+
final_len_we = 1'h1;
205+
block_out_new = block_in;
206+
block_out_we = 1'h1;
207+
bit_ctr_inc = FINAL_INC;
208+
sha256_final_padding_ctrl_new = CTRL_FINAL;
209+
sha256_final_padding_ctrl_we = 1'h1;
210+
end
211+
end
189212

190-
else if (final_len < 512) begin
191-
// We fit the one, but not the counter.
192-
// We will need another block.
193-
final_len_we = 1'h1;
194-
tmp_next_out = 1'h1;
195-
tmp_block_out = block_in;
196-
tmp_block_out[(511 - final_len)] = 1'h1;
197-
sha256_final_padding_ctrl_new = CTRL_FINAL;
198-
sha256_final_padding_ctrl_we = 1'h1;
199-
end
213+
CTRL_FINAL: begin
214+
tmp_next_out = 1'h0;
215+
tmp_ready_out = 1'h0;
200216

201-
else begin
202-
// The whole block is filled.
203-
// We will need another block.
204-
final_len_we = 1'h1;
205-
tmp_next_out = 1'h1;
206-
tmp_block_out = block_in;
207-
sha256_final_padding_ctrl_new = CTRL_FINAL;
208-
sha256_final_padding_ctrl_we = 1'h1;
209-
end
217+
if (final_len_reg < 448) begin
218+
block_out_new = block_in;
219+
block_out_new[(511 - final_len_reg)] = 1'h1;
220+
block_out_new[63 : 0] = bit_ctr_reg;
221+
block_out_we = 1'h1;
222+
223+
sha256_final_padding_ctrl_new = CTRL_NEXT2;
224+
sha256_final_padding_ctrl_we = 1'h1;
210225
end
211-
end
212226

227+
else if ((final_len >= 448) && (final_len < 511)) begin
228+
block_out_new = block_in;
229+
block_out_new[(511 - final_len_reg)] = 1'h1;
230+
block_out_we = 1'h1;
213231

214-
CTRL_FINAL: begin
215-
msg_len = bit_ctr_reg + final_len_reg;
216-
sha256_final_padding_ctrl_new = CTRL_IDLE;
232+
sha256_final_padding_ctrl_new = CTRL_NEXT1;
233+
sha256_final_padding_ctrl_we = 1'h1;
234+
end
235+
236+
else begin
237+
block_out_new = block_in;
238+
block_out_we = 1'h1;
239+
240+
sha256_final_padding_ctrl_new = CTRL_NEXT1;
241+
sha256_final_padding_ctrl_we = 1'h1;
242+
end
243+
end
244+
245+
CTRL_NEXT1: begin
246+
tmp_next_out = 1'h1;
247+
tmp_ready_out = 1'h0;
248+
tmp_block_out = block_out_reg;
249+
sha256_final_padding_ctrl_new = CTRL_READY1;
217250
sha256_final_padding_ctrl_we = 1'h1;
251+
end
252+
253+
254+
CTRL_READY1: begin
255+
tmp_next_out = 1'h0;
256+
tmp_ready_out = 1'h0;
218257

219258
if (core_ready) begin
259+
block_out_new[63 : 0] = bit_ctr_reg;;
260+
block_out_we = 1'h1;
261+
220262
if (final_len_reg < 512) begin
221-
tmp_block_out[63 : 0] = msg_len;
222-
end
223-
else begin
224-
tmp_block_out[511] = 1'h1;
225-
tmp_block_out[63 : 0] = msg_len;
263+
block_out_new[511] = 1'h1;
226264
end
265+
266+
sha256_final_padding_ctrl_new = CTRL_NEXT2;
267+
sha256_final_padding_ctrl_we = 1'h1;
268+
end
269+
end
270+
271+
272+
CTRL_NEXT2: begin
273+
tmp_next_out = 1'h1;
274+
tmp_ready_out = 1'h0;
275+
tmp_block_out = block_out_reg;
276+
sha256_final_padding_ctrl_new = CTRL_READY2;
277+
sha256_final_padding_ctrl_we = 1'h1;
278+
end
279+
280+
281+
CTRL_READY2: begin
282+
tmp_next_out = 1'h0;
283+
tmp_ready_out = 1'h0;
284+
285+
if (core_ready) begin
286+
sha256_final_padding_ctrl_new = CTRL_IDLE;
287+
sha256_final_padding_ctrl_we = 1'h1;
227288
end
228289
end
229290

Diff for: src/tb/tb_sha256_final_padding.v

+54-15
Original file line numberDiff line numberDiff line change
@@ -298,39 +298,77 @@ module tb_sha256_final_padding();
298298

299299
//----------------------------------------------------------------
300300
// tc2
301-
// Test that triggers a the second type od padding where the
302-
// padding does not fit and we get a single one block
303-
// and a second block with the length at the end.
301+
// Test that extends the FIPS 180-4 padding example in chapter
302+
// 5.1.1 with a few more chars.
304303
//----------------------------------------------------------------
305304
task tc2;
306305
begin : tc2
307-
reg tc2_error;
308-
tc2_error = 0;
309306
tc_ctr = tc_ctr + 1;
310-
$display("TC%2d started: Padding that does not fit in the block.", tc_ctr);
307+
$display("TC%2d started: Extended NIST FIPS 180-4 padding example.", tc_ctr);
311308

312309
tb_init_in = 1'h1;
313310
#(CLK_PERIOD);
314311
tb_init_in = 1'h0;
315312

316313
#(CLK_PERIOD);
317-
tb_block_in[511 : 0] = {{15{32'hdeadbeef}}, 32'h0};
318-
tb_final_len = 9'h1e0;
314+
tb_block_in = 512'h0;
315+
tb_block_in[511 : 440] = 72'h616263616263616263;
316+
tb_final_len = 9'h048;
319317
tb_final_in = 1'h1;
320318
#(CLK_PERIOD);
321319
tb_final_in = 1'h0;
322320

323-
if (tb_block_out == {{15{32'hdeadbeef}}, 1'h1, 31'h0}) begin
324-
$display("Correct first block: 0x%064x", tb_block_out);
321+
if (tb_block_out == {72'h616263616263616263, 8'h80, 368'h0,64'h00000048}) begin
322+
$display("Correct block: 0x%064x", tb_block_out);
325323
end
326324
else begin
327-
$display("Incorrect first block: 0x%064x", tb_block_out);
328-
$display("Expected first block: 0x%064x", {{15{32'hdeadbeef}}, 1'h1, 31'h0});
329-
tc2_error = 1;
325+
$display("Incorrect block: 0x%064x", tb_block_out);
326+
$display("Expected block: 0x%064x", {72'h616263616263616263, 8'h80, 368'h0,64'h00000048});
327+
error_ctr = error_ctr + 1;
330328
end
329+
330+
$display("TC%2d completed", tc_ctr);
331331
$display();
332+
end
333+
endtask // tc2
332334

333-
#(2 * CLK_PERIOD);
335+
336+
//----------------------------------------------------------------
337+
// tc3
338+
// Test that triggers a the second type od padding where the
339+
// padding does not fit and we get a single one block
340+
// and a second block with the length at the end.
341+
//----------------------------------------------------------------
342+
task tc3;
343+
begin : tc3
344+
reg tc2_error;
345+
tc2_error = 0;
346+
tc_ctr = tc_ctr + 1;
347+
$display("TC%2d started: Padding that does not fit in the final block.", tc_ctr);
348+
349+
tb_init_in = 1'h1;
350+
#(CLK_PERIOD);
351+
tb_init_in = 1'h0;
352+
353+
#(CLK_PERIOD);
354+
tb_block_in[511 : 0] = {{15{32'h13371337}}, 32'h0};
355+
tb_final_len = 9'h1e0;
356+
tb_final_in = 1'h1;
357+
358+
if (tb_next_out == 1'h1) begin
359+
if (tb_block_out == {{15{32'h13371337}}, 1'h1, 31'h0}) begin
360+
$display("Correct first block: 0x%064x", tb_block_out);
361+
end
362+
else begin
363+
$display("Incorrect first block: 0x%064x", tb_block_out);
364+
$display("Expected first block: 0x%064x", {{15{32'h13371337}}, 1'h1, 31'h0});
365+
tc2_error = 1;
366+
end
367+
end
368+
369+
tb_final_in = 1'h0;
370+
371+
#(10 * CLK_PERIOD);
334372
tb_core_ready = 1'h1;
335373
#(CLK_PERIOD);
336374
tb_core_ready = 1'h0;
@@ -351,7 +389,7 @@ module tb_sha256_final_padding();
351389
$display("TC%2d completed", tc_ctr);
352390
$display();
353391
end
354-
endtask // tc2
392+
endtask // tc3
355393

356394

357395
//----------------------------------------------------------------
@@ -367,6 +405,7 @@ module tb_sha256_final_padding();
367405
reset_dut();
368406
tc1();
369407
tc2();
408+
tc3();
370409

371410
display_test_result();
372411

0 commit comments

Comments
 (0)