OpenCores
URL https://opencores.org/ocsvn/sha_core/sha_core/trunk

Subversion Repositories sha_core

Compare Revisions

  • This comparison shows the changes necessary to convert path 
    /
    from Rev 2 to Rev 3
    Reverse comparison
  •

Rev 2 → Rev 3

/tags/arelease/bench/test_sha1.v
0,0 → 1,195
/////////////////////////////////////////////////////////////////////
//// ////
//// SHA-160 ////
//// Secure Hash Algorithm (SHA-160) testbench ////
//// ////
//// Author: marsgod ////
//// marsgod@opencores.org ////
//// ////
//// ////
//// Downloaded from: http://www.opencores.org/cores/sha_core/ ////
//// ////
/////////////////////////////////////////////////////////////////////
//// ////
//// Copyright (C) 2002-2004 marsgod ////
//// marsgod@opencores.org ////
//// ////
//// ////
//// This source file may be used and distributed without ////
//// restriction provided that this copyright statement is not ////
//// removed from the file and that any derivative work contains ////
//// the original copyright notice and the associated disclaimer.////
//// ////
//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY ////
//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED ////
//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS ////
//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR ////
//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, ////
//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES ////
//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE ////
//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR ////
//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF ////
//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT ////
//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT ////
//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ////
//// POSSIBILITY OF SUCH DAMAGE. ////
//// ////
/////////////////////////////////////////////////////////////////////
 
 
`timescale 1ns/10ps
 
`define SHA1_TEST "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
`define SHA1_TEST_PADDING {1'b1,63'b0,448'b0,64'd448} // 448 bit
`define SHA1_TEST_RESULT 160'h84983e44_1c3bd26e_baae4aa1_f95129e5_e54670f1
 
module test_sha;
 
reg clk,rst,cmd_w_i;
reg [31:0] text_i;
 
reg [2:0] cmd_i;
 
wire [31:0] text_o;
wire [3:0] cmd_o;
 
initial
begin
// $sdf_annotate("syn/data/sha1.sdf",sha_core);
 
clk = 1'b0;
rst = 1'b0;
cmd_w_i = 1'b0;
cmd_i = 3'b0;
#21;
rst = 1'b1;
#17;
rst = 1'b0;
test_SHA1;
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
$finish;
end
 
 
always #5 clk = ~clk;
 
sha1 sha_core(
.clk_i(clk),
.rst_i(rst),
.text_i(text_i),
.text_o(text_o),
.cmd_i(cmd_i),
.cmd_w_i(cmd_w_i),
.cmd_o(cmd_o)
);
 
task test_SHA1;
integer i;
reg [1023:0] all_message;
reg [511:0] tmp_i;
reg [159:0] tmp_o;
reg [31:0] tmp;
begin
all_message = {`SHA1_TEST,`SHA1_TEST_PADDING};
tmp_i = all_message[1023:512];
tmp_o = `SHA1_TEST_RESULT;
#100;
@(posedge clk);
cmd_i = 3'b010;
cmd_w_i = 1'b1;
for (i=0;i<16;i=i+1)
begin
@(posedge clk);
cmd_w_i = 1'b0;
text_i = tmp_i[16*32-1:15*32];
tmp_i = tmp_i << 32;
end
 
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
 
while (cmd_o[3])
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
#100;
tmp_i = all_message[511:0];
@(posedge clk);
cmd_i = 3'b110;
cmd_w_i = 1'b1;
for (i=0;i<16;i=i+1)
begin
@(posedge clk);
cmd_w_i = 1'b0;
text_i = tmp_i[16*32-1:15*32];
tmp_i = tmp_i << 32;
end
 
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
 
while (cmd_o[3])
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
 
cmd_i = 6'b001;
cmd_w_i = 1'b1;
@(posedge clk);
cmd_w_i = 1'b0;
for (i=0;i<5;i=i+1)
begin
@(posedge clk);
#1;
tmp = tmp_o[5*32-1:4*32];
if (text_o !== tmp | (|text_o)===1'bx)
begin
$display("ERROR(SHA-160-%02d) Expected %x, Got %x", i,tmp, text_o);
end
else
begin
$display("OK(SHA-160-%02d),Expected %x, Got %x", i,tmp, text_o);
end
tmp_o = tmp_o << 32;
end
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
#100;
end
endtask
 
 
endmodule
/tags/arelease/bench/test_sha512.v
0,0 → 1,305
/////////////////////////////////////////////////////////////////////
//// ////
//// SHA-512/384 ////
//// Secure Hash Algorithm (SHA-512/384) testbench ////
//// ////
//// Author: marsgod ////
//// marsgod@opencores.org ////
//// ////
//// ////
//// Downloaded from: http://www.opencores.org/cores/sha_core/ ////
//// ////
/////////////////////////////////////////////////////////////////////
//// ////
//// Copyright (C) 2002-2004 marsgod ////
//// marsgod@opencores.org ////
//// ////
//// ////
//// This source file may be used and distributed without ////
//// restriction provided that this copyright statement is not ////
//// removed from the file and that any derivative work contains ////
//// the original copyright notice and the associated disclaimer.////
//// ////
//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY ////
//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED ////
//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS ////
//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR ////
//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, ////
//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES ////
//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE ////
//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR ////
//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF ////
//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT ////
//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT ////
//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ////
//// POSSIBILITY OF SUCH DAMAGE. ////
//// ////
/////////////////////////////////////////////////////////////////////
 
 
`timescale 1ns/10ps
 
`define SHA384_TEST "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
`define SHA384_TEST_PADDING {1'b1,127'b0,896'b0,128'd896} // 896 bit
`define SHA384_TEST_RESULT 384'h09330c33_f71147e8_3d192fc7_82cd1b47_53111b17_3b3b05d2_2fa08086_e3b0f712_fcc7c71a_557e2db9_66c3e9fa_91746039
 
`define SHA512_TEST "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
`define SHA512_TEST_PADDING {1'b1,127'b0,896'b0,128'd896} // 896 bit
`define SHA512_TEST_RESULT 512'h8e959b75_dae313da_8cf4f728_14fc143f_8f7779c6_eb9f7fa1_7299aead_b6889018_501d289e_4900f7e4_331b99de_c4b5433a_c7d329ee_b6dd2654_5e96e55b_874be909
 
 
module test_sha;
 
reg clk,rst,cmd_w_i;
reg [31:0] text_i;
 
reg [3:0] cmd_i;
 
wire [31:0] text_o;
wire [4:0] cmd_o;
 
initial
begin
// $sdf_annotate("syn/data/sha512.sdf",sha_core);
 
clk = 1'b0;
rst = 1'b0;
cmd_w_i = 1'b0;
cmd_i = 4'b0;
#21;
rst = 1'b1;
#17;
rst = 1'b0;
test_SHA384;
test_SHA512;
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
$finish;
end
 
 
always #5 clk = ~clk;
 
sha512 sha_core(
.clk_i(clk),
.rst_i(rst),
.text_i(text_i),
.text_o(text_o),
.cmd_i(cmd_i),
.cmd_w_i(cmd_w_i),
.cmd_o(cmd_o)
);
 
task test_SHA384;
integer i;
reg [2047:0] all_message;
reg [1023:0] tmp_i;
reg [383:0] tmp_o;
reg [31:0] tmp;
begin
all_message = {`SHA384_TEST,`SHA384_TEST_PADDING};
tmp_i = all_message[2047:1024];
tmp_o = `SHA384_TEST_RESULT;
#100;
@(posedge clk);
cmd_i = 4'b0010;
cmd_w_i = 1'b1;
for (i=0;i<32;i=i+1)
begin
@(posedge clk);
cmd_w_i = 1'b0;
text_i = tmp_i[32*32-1:31*32];
tmp_i = tmp_i << 32;
end
 
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
 
while (cmd_o[4])
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
#100;
tmp_i = all_message[1023:0];
@(posedge clk);
cmd_i = 4'b0110;
cmd_w_i = 1'b1;
for (i=0;i<32;i=i+1)
begin
@(posedge clk);
cmd_w_i = 1'b0;
text_i = tmp_i[32*32-1:31*32];
tmp_i = tmp_i << 32;
end
 
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
 
while (cmd_o[4])
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
 
cmd_i = 4'b0001;
cmd_w_i = 1'b1;
@(posedge clk);
cmd_w_i = 1'b0;
for (i=0;i<12;i=i+1)
begin
@(posedge clk);
#1;
tmp = tmp_o[12*32-1:11*32];
if (text_o !== tmp | (|text_o)===1'bx)
begin
$display("ERROR(SHA-384-%02d) Expected %x, Got %x", i,tmp, text_o);
end
else
begin
$display("OK(SHA-384-%02d),Expected %x, Got %x", i,tmp, text_o);
end
tmp_o = tmp_o << 32;
end
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
#100;
end
endtask
 
task test_SHA512;
integer i;
reg [2047:0] all_message;
reg [1023:0] tmp_i;
reg [511:0] tmp_o;
reg [31:0] tmp;
begin
all_message = {`SHA512_TEST,`SHA512_TEST_PADDING};
tmp_i = all_message[2047:1024];
tmp_o = `SHA512_TEST_RESULT;
#100;
@(posedge clk);
cmd_i = 4'b1010;
cmd_w_i = 1'b1;
for (i=0;i<32;i=i+1)
begin
@(posedge clk);
cmd_w_i = 1'b0;
text_i = tmp_i[32*32-1:31*32];
tmp_i = tmp_i << 32;
end
 
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
 
while (cmd_o[4])
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
#100;
tmp_i = all_message[1023:0];
@(posedge clk);
cmd_i = 4'b1110;
cmd_w_i = 1'b1;
for (i=0;i<32;i=i+1)
begin
@(posedge clk);
cmd_w_i = 1'b0;
text_i = tmp_i[32*32-1:31*32];
tmp_i = tmp_i << 32;
end
 
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
 
while (cmd_o[4])
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
 
cmd_i = 4'b1001;
cmd_w_i = 1'b1;
@(posedge clk);
cmd_w_i = 1'b0;
for (i=0;i<16;i=i+1)
begin
@(posedge clk);
#1;
tmp = tmp_o[16*32-1:15*32];
if (text_o !== tmp | (|text_o)===1'bx)
begin
$display("ERROR(SHA-512-%02d) Expected %x, Got %x", i,tmp, text_o);
end
else
begin
$display("OK(SHA-512-%02d),Expected %x, Got %x", i,tmp, text_o);
end
tmp_o = tmp_o << 32;
end
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
#100;
end
endtask
 
endmodule
/tags/arelease/bench/test_sha256.v
0,0 → 1,196
/////////////////////////////////////////////////////////////////////
//// ////
//// SHA-256 ////
//// Secure Hash Algorithm (SHA-256) testbench ////
//// ////
//// Author: marsgod ////
//// marsgod@opencores.org ////
//// ////
//// ////
//// Downloaded from: http://www.opencores.org/cores/sha_core/ ////
//// ////
/////////////////////////////////////////////////////////////////////
//// ////
//// Copyright (C) 2002-2004 marsgod ////
//// marsgod@opencores.org ////
//// ////
//// ////
//// This source file may be used and distributed without ////
//// restriction provided that this copyright statement is not ////
//// removed from the file and that any derivative work contains ////
//// the original copyright notice and the associated disclaimer.////
//// ////
//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY ////
//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED ////
//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS ////
//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR ////
//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, ////
//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES ////
//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE ////
//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR ////
//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF ////
//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT ////
//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT ////
//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ////
//// POSSIBILITY OF SUCH DAMAGE. ////
//// ////
/////////////////////////////////////////////////////////////////////
 
 
`timescale 1ns/10ps
 
`define SHA256_TEST "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
`define SHA256_TEST_PADDING {1'b1,63'b0,448'b0,64'd448} // 448 bit
`define SHA256_TEST_RESULT 256'h248d6a61_d20638b8_e5c02693_0c3e6039_a33ce459_64ff2167_f6ecedd4_19db06c1
 
module test_sha;
 
reg clk,rst,cmd_w_i;
reg [31:0] text_i;
 
reg [2:0] cmd_i;
 
wire [31:0] text_o;
wire [3:0] cmd_o;
 
initial
begin
// $sdf_annotate("syn/data/sha256.sdf",sha_core);
 
clk = 1'b0;
rst = 1'b0;
cmd_w_i = 1'b0;
cmd_i = 3'b0;
#21;
rst = 1'b1;
#17;
rst = 1'b0;
test_SHA256;
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
$finish;
end
 
 
always #5 clk = ~clk;
 
sha256 sha_core(
.clk_i(clk),
.rst_i(rst),
.text_i(text_i),
.text_o(text_o),
.cmd_i(cmd_i),
.cmd_w_i(cmd_w_i),
.cmd_o(cmd_o)
);
 
 
task test_SHA256;
integer i;
reg [1023:0] all_message;
reg [511:0] tmp_i;
reg [255:0] tmp_o;
reg [31:0] tmp;
begin
all_message = {`SHA256_TEST,`SHA256_TEST_PADDING};
tmp_i = all_message[1023:512];
tmp_o = `SHA256_TEST_RESULT;
#100;
@(posedge clk);
cmd_i = 3'b010;
cmd_w_i = 1'b1;
for (i=0;i<16;i=i+1)
begin
@(posedge clk);
cmd_w_i = 1'b0;
text_i = tmp_i[16*32-1:15*32];
tmp_i = tmp_i << 32;
end
 
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
 
while (cmd_o[3])
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
#100;
tmp_i = all_message[511:0];
@(posedge clk);
cmd_i = 3'b110;
cmd_w_i = 1'b1;
for (i=0;i<16;i=i+1)
begin
@(posedge clk);
cmd_w_i = 1'b0;
text_i = tmp_i[16*32-1:15*32];
tmp_i = tmp_i << 32;
end
 
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
 
while (cmd_o[3])
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
 
cmd_i = 3'b001;
cmd_w_i = 1'b1;
@(posedge clk);
cmd_w_i = 1'b0;
for (i=0;i<8;i=i+1)
begin
@(posedge clk);
#1;
tmp = tmp_o[8*32-1:7*32];
if (text_o !== tmp | (|text_o)===1'bx)
begin
$display("ERROR(SHA-256-%02d) Expected %x, Got %x", i,tmp, text_o);
end
else
begin
$display("OK(SHA-256-%02d),Expected %x, Got %x", i,tmp, text_o);
end
tmp_o = tmp_o << 32;
end
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
@(posedge clk);
#100;
end
endtask
 
endmodule
/tags/arelease/rtl/sha1.v
0,0 → 1,594
/////////////////////////////////////////////////////////////////////
//// ////
//// SHA-160 ////
//// Secure Hash Algorithm (SHA-160) ////
//// ////
//// Author: marsgod ////
//// marsgod@opencores.org ////
//// ////
//// ////
//// Downloaded from: http://www.opencores.org/cores/sha_core/ ////
//// ////
/////////////////////////////////////////////////////////////////////
//// ////
//// Copyright (C) 2002-2004 marsgod ////
//// marsgod@opencores.org ////
//// ////
//// ////
//// This source file may be used and distributed without ////
//// restriction provided that this copyright statement is not ////
//// removed from the file and that any derivative work contains ////
//// the original copyright notice and the associated disclaimer.////
//// ////
//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY ////
//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED ////
//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS ////
//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR ////
//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, ////
//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES ////
//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE ////
//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR ////
//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF ////
//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT ////
//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT ////
//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ////
//// POSSIBILITY OF SUCH DAMAGE. ////
//// ////
/////////////////////////////////////////////////////////////////////
 
`define SHA1_H0 32'h67452301
`define SHA1_H1 32'hefcdab89
`define SHA1_H2 32'h98badcfe
`define SHA1_H3 32'h10325476
`define SHA1_H4 32'hc3d2e1f0
 
`define SHA1_K0 32'h5a827999
`define SHA1_K1 32'h6ed9eba1
`define SHA1_K2 32'h8f1bbcdc
`define SHA1_K3 32'hca62c1d6
 
module sha1 (clk_i, rst_i, text_i, text_o, cmd_i, cmd_w_i, cmd_o);
 
input clk_i; // global clock input
input rst_i; // global reset input , active high
input [31:0] text_i; // text input 32bit
output [31:0] text_o; // text output 32bit
input [2:0] cmd_i; // command input
input cmd_w_i;// command input write enable
output [3:0] cmd_o; // command output(status)
 
/*
cmd
Busy Round W R
 
bit3 bit2 bit1 bit0
Busy Round W R
Busy:
0 idle
1 busy
Round:
0 first round
1 internal round
W:
0 No-op
1 write data
R:
0 No-op
1 read data
*/
 
reg [3:0] cmd;
wire [3:0] cmd_o;
reg [31:0] text_o;
reg [6:0] round;
wire [6:0] round_plus_1;
reg [2:0] read_counter;
reg [31:0] H0,H1,H2,H3,H4;
reg [31:0] W0,W1,W2,W3,W4,W5,W6,W7,W8,W9,W10,W11,W12,W13,W14;
reg [31:0] Wt,Kt;
reg [31:0] A,B,C,D,E;
 
reg busy;
assign cmd_o = cmd;
always @ (posedge clk_i)
begin
if (rst_i)
cmd <= 'b0;
else
if (cmd_w_i)
cmd[2:0] <= cmd_i[2:0]; // busy bit can't write
else
begin
cmd[3] <= busy; // update busy bit
if (~busy)
cmd[1:0] <= 2'b00; // hardware auto clean R/W bits
end
end
// Hash functions
wire [31:0] SHA1_f1_BCD,SHA1_f2_BCD,SHA1_f3_BCD,SHA1_Wt_1;
wire [31:0] SHA1_ft_BCD;
wire [31:0] next_Wt,next_A,next_C;
wire [159:0] SHA1_result;
assign SHA1_f1_BCD = (B & C) ^ (~B & D);
assign SHA1_f2_BCD = B ^ C ^ D;
assign SHA1_f3_BCD = (B & C) ^ (C & D) ^ (B & D);
assign SHA1_ft_BCD = (round < 'd21) ? SHA1_f1_BCD : (round < 'd41) ? SHA1_f2_BCD : (round < 'd61) ? SHA1_f3_BCD : SHA1_f2_BCD;
assign SHA1_Wt_1 = {W13 ^ W8 ^ W2 ^ W0};
 
assign next_Wt = {SHA1_Wt_1[30:0],SHA1_Wt_1[31]}; // NSA fix added
assign next_A = {A[26:0],A[31:27]} + SHA1_ft_BCD + E + Kt + Wt;
assign next_C = {B[1:0],B[31:2]};
assign SHA1_result = {A,B,C,D,E};
assign round_plus_1 = round + 1;
//------------------------------------------------------------------
// SHA round
//------------------------------------------------------------------
always @(posedge clk_i)
begin
if (rst_i)
begin
round <= 'd0;
busy <= 'b0;
 
W0 <= 'b0;
W1 <= 'b0;
W2 <= 'b0;
W3 <= 'b0;
W4 <= 'b0;
W5 <= 'b0;
W6 <= 'b0;
W7 <= 'b0;
W8 <= 'b0;
W9 <= 'b0;
W10 <= 'b0;
W11 <= 'b0;
W12 <= 'b0;
W13 <= 'b0;
W14 <= 'b0;
Wt <= 'b0;
A <= 'b0;
B <= 'b0;
C <= 'b0;
D <= 'b0;
E <= 'b0;
H0 <= 'b0;
H1 <= 'b0;
H2 <= 'b0;
H3 <= 'b0;
H4 <= 'b0;
 
end
else
begin
case (round)
'd0:
begin
if (cmd[1])
begin
W0 <= text_i;
Wt <= text_i;
busy <= 'b1;
round <= round_plus_1;
case (cmd[2])
1'b0: // sha-1 first message
begin
A <= `SHA1_H0;
B <= `SHA1_H1;
C <= `SHA1_H2;
D <= `SHA1_H3;
E <= `SHA1_H4;
H0 <= `SHA1_H0;
H1 <= `SHA1_H1;
H2 <= `SHA1_H2;
H3 <= `SHA1_H3;
H4 <= `SHA1_H4;
end
1'b1: // sha-1 internal message
begin
H0 <= A;
H1 <= B;
H2 <= C;
H3 <= D;
H4 <= E;
end
endcase
end
else
begin // IDLE
round <= 'd0;
end
end
'd1:
begin
W1 <= text_i;
Wt <= text_i;
E <= D;
D <= C;
C <= next_C;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd2:
begin
W2 <= text_i;
Wt <= text_i;
E <= D;
D <= C;
C <= next_C;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd3:
begin
W3 <= text_i;
Wt <= text_i;
E <= D;
D <= C;
C <= next_C;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd4:
begin
W4 <= text_i;
Wt <= text_i;
E <= D;
D <= C;
C <= next_C;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd5:
begin
W5 <= text_i;
Wt <= text_i;
E <= D;
D <= C;
C <= next_C;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd6:
begin
W6 <= text_i;
Wt <= text_i;
E <= D;
D <= C;
C <= next_C;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd7:
begin
W7 <= text_i;
Wt <= text_i;
E <= D;
D <= C;
C <= next_C;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd8:
begin
W8 <= text_i;
Wt <= text_i;
E <= D;
D <= C;
C <= next_C;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd9:
begin
W9 <= text_i;
Wt <= text_i;
E <= D;
D <= C;
C <= next_C;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd10:
begin
W10 <= text_i;
Wt <= text_i;
E <= D;
D <= C;
C <= next_C;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd11:
begin
W11 <= text_i;
Wt <= text_i;
E <= D;
D <= C;
C <= next_C;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd12:
begin
W12 <= text_i;
Wt <= text_i;
E <= D;
D <= C;
C <= next_C;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd13:
begin
W13 <= text_i;
Wt <= text_i;
E <= D;
D <= C;
C <= next_C;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd14:
begin
W14 <= text_i;
Wt <= text_i;
E <= D;
D <= C;
C <= next_C;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd15:
begin
Wt <= text_i;
E <= D;
D <= C;
C <= next_C;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd16,
'd17,
'd18,
'd19,
'd20,
'd21,
'd22,
'd23,
'd24,
'd25,
'd26,
'd27,
'd28,
'd29,
'd30,
'd31,
'd32,
'd33,
'd34,
'd35,
'd36,
'd37,
'd38,
'd39,
'd40,
'd41,
'd42,
'd43,
'd44,
'd45,
'd46,
'd47,
'd48,
'd49,
'd50,
'd51,
'd52,
'd53,
'd54,
'd55,
'd56,
'd57,
'd58,
'd59,
'd60,
'd61,
'd62,
'd63,
'd64,
'd65,
'd66,
'd67,
'd68,
'd69,
'd70,
'd71,
'd72,
'd73,
'd74,
'd75,
'd76,
'd77,
'd78,
'd79:
begin
W0 <= W1;
W1 <= W2;
W2 <= W3;
W3 <= W4;
W4 <= W5;
W5 <= W6;
W6 <= W7;
W7 <= W8;
W8 <= W9;
W9 <= W10;
W10 <= W11;
W11 <= W12;
W12 <= W13;
W13 <= W14;
W14 <= Wt;
Wt <= next_Wt;
E <= D;
D <= C;
C <= next_C;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd80:
begin
A <= next_A + H0;
B <= A + H1;
C <= next_C + H2;
D <= C + H3;
E <= D + H4;
round <= 'd0;
busy <= 'b0;
end
default:
begin
round <= 'd0;
busy <= 'b0;
end
endcase
end
end
//------------------------------------------------------------------
// Kt generator
//------------------------------------------------------------------
always @ (posedge clk_i)
begin
if (rst_i)
begin
Kt <= 'b0;
end
else
begin
if (round < 'd20)
Kt <= `SHA1_K0;
else
if (round < 'd40)
Kt <= `SHA1_K1;
else
if (round < 'd60)
Kt <= `SHA1_K2;
else
Kt <= `SHA1_K3;
end
end
 
//------------------------------------------------------------------
// read result
//------------------------------------------------------------------
always @ (posedge clk_i)
begin
if (rst_i)
begin
text_o <= 'b0;
read_counter <= 'b0;
end
else
begin
if (cmd[0])
begin
read_counter <= 'd4; // sha-1 160/32=5
end
else
begin
if (~busy)
begin
case (read_counter)
'd4: text_o <= SHA1_result[5*32-1:4*32];
'd3: text_o <= SHA1_result[4*32-1:3*32];
'd2: text_o <= SHA1_result[3*32-1:2*32];
'd1: text_o <= SHA1_result[2*32-1:1*32];
'd0: text_o <= SHA1_result[1*32-1:0*32];
default:text_o <= 'b0;
endcase
if (|read_counter)
read_counter <= read_counter - 'd1;
end
else
begin
text_o <= 'b0;
end
end
end
end
endmodule
/tags/arelease/rtl/sha512.v
0,0 → 1,1017
/////////////////////////////////////////////////////////////////////
//// ////
//// SHA-512/384 ////
//// Secure Hash Algorithm (SHA-512 SHA-384) ////
//// ////
//// Author: marsgod ////
//// marsgod@opencores.org ////
//// ////
//// ////
//// Downloaded from: http://www.opencores.org/cores/sha_core/ ////
//// ////
/////////////////////////////////////////////////////////////////////
//// ////
//// Copyright (C) 2000-2002 marsgod ////
//// marsgod@opencores.org ////
//// ////
//// ////
//// This source file may be used and distributed without ////
//// restriction provided that this copyright statement is not ////
//// removed from the file and that any derivative work contains ////
//// the original copyright notice and the associated disclaimer.////
//// ////
//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY ////
//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED ////
//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS ////
//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR ////
//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, ////
//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES ////
//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE ////
//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR ////
//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF ////
//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT ////
//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT ////
//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ////
//// POSSIBILITY OF SUCH DAMAGE. ////
//// ////
/////////////////////////////////////////////////////////////////////
 
`define SHA512_H0 64'h6a09e667_f3bcc908
`define SHA512_H1 64'hbb67ae85_84caa73b
`define SHA512_H2 64'h3c6ef372_fe94f82b
`define SHA512_H3 64'ha54ff53a_5f1d36f1
`define SHA512_H4 64'h510e527f_ade682d1
`define SHA512_H5 64'h9b05688c_2b3e6c1f
`define SHA512_H6 64'h1f83d9ab_fb41bd6b
`define SHA512_H7 64'h5be0cd19_137e2179
 
`define SHA384_H0 64'hcbbb9d5d_c1059ed8
`define SHA384_H1 64'h629a292a_367cd507
`define SHA384_H2 64'h9159015a_3070dd17
`define SHA384_H3 64'h152fecd8_f70e5939
`define SHA384_H4 64'h67332667_ffc00b31
`define SHA384_H5 64'h8eb44a87_68581511
`define SHA384_H6 64'hdb0c2e0d_64f98fa7
`define SHA384_H7 64'h47b5481d_befa4fa4
 
`define K00 64'h428a2f98_d728ae22
`define K01 64'h71374491_23ef65cd
`define K02 64'hb5c0fbcf_ec4d3b2f
`define K03 64'he9b5dba5_8189dbbc
`define K04 64'h3956c25b_f348b538
`define K05 64'h59f111f1_b605d019
`define K06 64'h923f82a4_af194f9b
`define K07 64'hab1c5ed5_da6d8118
`define K08 64'hd807aa98_a3030242
`define K09 64'h12835b01_45706fbe
`define K10 64'h243185be_4ee4b28c
`define K11 64'h550c7dc3_d5ffb4e2
`define K12 64'h72be5d74_f27b896f
`define K13 64'h80deb1fe_3b1696b1
`define K14 64'h9bdc06a7_25c71235
`define K15 64'hc19bf174_cf692694
`define K16 64'he49b69c1_9ef14ad2
`define K17 64'hefbe4786_384f25e3
`define K18 64'h0fc19dc6_8b8cd5b5
`define K19 64'h240ca1cc_77ac9c65
`define K20 64'h2de92c6f_592b0275
`define K21 64'h4a7484aa_6ea6e483
`define K22 64'h5cb0a9dc_bd41fbd4
`define K23 64'h76f988da_831153b5
`define K24 64'h983e5152_ee66dfab
`define K25 64'ha831c66d_2db43210
`define K26 64'hb00327c8_98fb213f
`define K27 64'hbf597fc7_beef0ee4
`define K28 64'hc6e00bf3_3da88fc2
`define K29 64'hd5a79147_930aa725
`define K30 64'h06ca6351_e003826f
`define K31 64'h14292967_0a0e6e70
`define K32 64'h27b70a85_46d22ffc
`define K33 64'h2e1b2138_5c26c926
`define K34 64'h4d2c6dfc_5ac42aed
`define K35 64'h53380d13_9d95b3df
`define K36 64'h650a7354_8baf63de
`define K37 64'h766a0abb_3c77b2a8
`define K38 64'h81c2c92e_47edaee6
`define K39 64'h92722c85_1482353b
`define K40 64'ha2bfe8a1_4cf10364
`define K41 64'ha81a664b_bc423001
`define K42 64'hc24b8b70_d0f89791
`define K43 64'hc76c51a3_0654be30
`define K44 64'hd192e819_d6ef5218
`define K45 64'hd6990624_5565a910
`define K46 64'hf40e3585_5771202a
`define K47 64'h106aa070_32bbd1b8
`define K48 64'h19a4c116_b8d2d0c8
`define K49 64'h1e376c08_5141ab53
`define K50 64'h2748774c_df8eeb99
`define K51 64'h34b0bcb5_e19b48a8
`define K52 64'h391c0cb3_c5c95a63
`define K53 64'h4ed8aa4a_e3418acb
`define K54 64'h5b9cca4f_7763e373
`define K55 64'h682e6ff3_d6b2b8a3
`define K56 64'h748f82ee_5defb2fc
`define K57 64'h78a5636f_43172f60
`define K58 64'h84c87814_a1f0ab72
`define K59 64'h8cc70208_1a6439ec
`define K60 64'h90befffa_23631e28
`define K61 64'ha4506ceb_de82bde9
`define K62 64'hbef9a3f7_b2c67915
`define K63 64'hc67178f2_e372532b
`define K64 64'hca273ece_ea26619c
`define K65 64'hd186b8c7_21c0c207
`define K66 64'heada7dd6_cde0eb1e
`define K67 64'hf57d4f7f_ee6ed178
`define K68 64'h06f067aa_72176fba
`define K69 64'h0a637dc5_a2c898a6
`define K70 64'h113f9804_bef90dae
`define K71 64'h1b710b35_131c471b
`define K72 64'h28db77f5_23047d84
`define K73 64'h32caab7b_40c72493
`define K74 64'h3c9ebe0a_15c9bebc
`define K75 64'h431d67c4_9c100d4c
`define K76 64'h4cc5d4be_cb3e42b6
`define K77 64'h597f299c_fc657e2a
`define K78 64'h5fcb6fab_3ad6faec
`define K79 64'h6c44198c_4a475817
 
module sha512 (clk_i, rst_i, text_i, text_o, cmd_i, cmd_w_i, cmd_o);
 
input clk_i; // global clock input
input rst_i; // global reset input , active high
input [31:0] text_i; // text input 32bit
output [31:0] text_o; // text output 32bit
input [3:0] cmd_i; // command input
input cmd_w_i;// command input write enable
output [4:0] cmd_o; // command output(status)
 
/*
cmd
Busy S1 S0 Round W R
 
bit4 bit3 bit2 bit1 bit0
Busy S Round W R
Busy:
0 idle
1 busy
S:
0 sha-384
1 sha-512
Round:
0 first round
1 internal round
W:
0 No-op
1 write data
R:
0 No-op
1 read data
*/
 
reg [4:0] cmd;
wire [4:0] cmd_o;
reg [31:0] text_o;
reg [6:0] round;
wire [6:0] round_plus_1;
reg [4:0] read_counter;
reg [63:0] H0,H1,H2,H3,H4,H5,H6,H7;
reg [63:0] W0,W1,W2,W3,W4,W5,W6,W7,W8,W9,W10,W11,W12,W13,W14;
reg [63:0] Wt,Kt;
reg [63:0] A,B,C,D,E,F,G,H;
 
reg busy;
assign cmd_o = cmd;
always @ (posedge clk_i)
begin
if (rst_i)
cmd <= 'b0;
else
if (cmd_w_i)
cmd[3:0] <= cmd_i[3:0]; // busy bit can't write
else
begin
cmd[4] <= busy; // update busy bit
if (~busy)
cmd[1:0] <= 2'b00; // hardware auto clean R/W bits
end
end
wire [63:0] f1_EFG_64,f2_ABC_64,f3_A_64,f4_E_64,f5_W1_64,f6_W14_64,T1_64,T2_64;
wire [63:0] W1_swap,W14_swap,Wt_64_swap;
wire [63:0] next_Wt,next_E,next_A;
wire [383:0] SHA384_result;
wire [511:0] SHA512_result;
assign f1_EFG_64 = (E & F) ^ (~E & G);
 
assign f2_ABC_64 = (A & B) ^ (B & C) ^ (A & C);
assign f3_A_64 = {A[27:0],A[63:28]} ^ {A[33:0],A[63:34]} ^ {A[38:0],A[63:39]};
assign f4_E_64 = {E[13:0],E[63:14]} ^ {E[17:0],E[63:18]} ^ {E[40:0],E[63:41]};
assign W1_swap = {W1[31:0],W1[63:32]};
assign f5_W1_64 = {W1_swap[0],W1_swap[63:1]} ^ {W1_swap[7:0],W1_swap[63:8]} ^ {7'b000_0000,W1_swap[63:7]};
assign W14_swap = {W14[31:0],W14[63:32]};
assign f6_W14_64 = {W14_swap[18:0],W14_swap[63:19]} ^ {W14_swap[60:0],W14_swap[63:61]} ^ {6'b00_0000,W14_swap[63:6]};
assign Wt_64_swap = f6_W14_64 + {W9[31:0],W9[63:32]} + f5_W1_64 + {W0[31:0],W0[63:32]};
assign T1_64 = H[63:0] + f4_E_64 + f1_EFG_64 + Kt[63:0] + {Wt[31:0],Wt[63:32]};
assign T2_64 = f3_A_64 + f2_ABC_64;
assign next_Wt = {Wt_64_swap[31:0],Wt_64_swap[63:32]};
assign next_E = D[63:0] + T1_64;
assign next_A = T1_64 + T2_64;
assign SHA384_result = {A,B,C,D,E,F};
assign SHA512_result = {A,B,C,D,E,F,G,H};
assign round_plus_1 = round + 1;
//------------------------------------------------------------------
// SHA round
//------------------------------------------------------------------
always @(posedge clk_i)
begin
if (rst_i)
begin
round <= 'd0;
busy <= 'b0;
 
W0 <= 'b0;
W1 <= 'b0;
W2 <= 'b0;
W3 <= 'b0;
W4 <= 'b0;
W5 <= 'b0;
W6 <= 'b0;
W7 <= 'b0;
W8 <= 'b0;
W9 <= 'b0;
W10 <= 'b0;
W11 <= 'b0;
W12 <= 'b0;
W13 <= 'b0;
W14 <= 'b0;
Wt <= 'b0;
A <= 'b0;
B <= 'b0;
C <= 'b0;
D <= 'b0;
E <= 'b0;
F <= 'b0;
G <= 'b0;
H <= 'b0;
 
H0 <= 'b0;
H1 <= 'b0;
H2 <= 'b0;
H3 <= 'b0;
H4 <= 'b0;
H5 <= 'b0;
H6 <= 'b0;
H7 <= 'b0;
end
else
begin
case (round)
'd0:
begin
if (cmd[1])
begin
W0[31:0] <= text_i;
Wt[31:0] <= text_i;
busy <= 'b1;
round <= round_plus_1;
case (cmd[3:2])
2'b00: // sha-384 first message
begin
A <= `SHA384_H0;
B <= `SHA384_H1;
C <= `SHA384_H2;
D <= `SHA384_H3;
E <= `SHA384_H4;
F <= `SHA384_H5;
G <= `SHA384_H6;
H <= `SHA384_H7;
 
H0 <= `SHA384_H0;
H1 <= `SHA384_H1;
H2 <= `SHA384_H2;
H3 <= `SHA384_H3;
H4 <= `SHA384_H4;
H5 <= `SHA384_H5;
H6 <= `SHA384_H6;
H7 <= `SHA384_H7;
end
2'b01: // sha-384 internal message
begin
H0 <= A;
H1 <= B;
H2 <= C;
H3 <= D;
H4 <= E;
H5 <= F;
H6 <= G;
H7 <= H;
end
2'b10: // sha-512 first message
begin
A <= `SHA512_H0;
B <= `SHA512_H1;
C <= `SHA512_H2;
D <= `SHA512_H3;
E <= `SHA512_H4;
F <= `SHA512_H5;
G <= `SHA512_H6;
H <= `SHA512_H7;
 
H0 <= `SHA512_H0;
H1 <= `SHA512_H1;
H2 <= `SHA512_H2;
H3 <= `SHA512_H3;
H4 <= `SHA512_H4;
H5 <= `SHA512_H5;
H6 <= `SHA512_H6;
H7 <= `SHA512_H7;
end
2'b11: // sha-512 internal message
begin
H0 <= A;
H1 <= B;
H2 <= C;
H3 <= D;
H4 <= E;
H5 <= F;
H6 <= G;
H7 <= H;
end
endcase
end
else
begin // IDLE
round <= 'd0;
end
end
'd1:
begin
W0[63:32] <= text_i;
Wt[63:32] <= text_i;
round <= round_plus_1;
end
'd2:
begin
W1[31:0] <= text_i;
Wt[31:0] <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
 
round <= round_plus_1;
end
'd3:
begin
W1[63:32] <= text_i;
Wt[63:32] <= text_i;
round <= round_plus_1;
end
'd4:
begin
W2[31:0] <= text_i;
Wt[31:0] <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
 
round <= round_plus_1;
end
'd5:
begin
W2[63:32] <= text_i;
Wt[63:32] <= text_i;
round <= round_plus_1;
end
'd6:
begin
W3[31:0] <= text_i;
Wt[31:0] <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
 
round <= round_plus_1;
end
'd7:
begin
W3[63:32] <= text_i;
Wt[63:32] <= text_i;
round <= round_plus_1;
end
'd8:
begin
W4[31:0] <= text_i;
Wt[31:0] <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
 
round <= round_plus_1;
end
'd9:
begin
W4[63:32] <= text_i;
Wt[63:32] <= text_i;
round <= round_plus_1;
end
'd10:
begin
W5[31:0] <= text_i;
Wt[31:0] <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
 
round <= round_plus_1;
end
'd11:
begin
W5[63:32] <= text_i;
Wt[63:32] <= text_i;
round <= round_plus_1;
end
'd12:
begin
W6[31:0] <= text_i;
Wt[31:0] <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
 
round <= round_plus_1;
end
'd13:
begin
W6[63:32] <= text_i;
Wt[63:32] <= text_i;
round <= round_plus_1;
end
'd14:
begin
W7[31:0] <= text_i;
Wt[31:0] <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
 
round <= round_plus_1;
end
'd15:
begin
W7[63:32] <= text_i;
Wt[63:32] <= text_i;
round <= round_plus_1;
end
'd16:
begin
W8[31:0] <= text_i;
Wt[31:0] <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
 
round <= round_plus_1;
end
'd17:
begin
W8[63:32] <= text_i;
Wt[63:32] <= text_i;
round <= round_plus_1;
end
'd18:
begin
W9[31:0] <= text_i;
Wt[31:0] <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
 
round <= round_plus_1;
end
'd19:
begin
W9[63:32] <= text_i;
Wt[63:32] <= text_i;
round <= round_plus_1;
end
'd20:
begin
W10[31:0] <= text_i;
Wt[31:0] <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
 
round <= round_plus_1;
end
'd21:
begin
W10[63:32] <= text_i;
Wt[63:32] <= text_i;
round <= round_plus_1;
end
'd22:
begin
W11[31:0] <= text_i;
Wt[31:0] <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
 
round <= round_plus_1;
end
'd23:
begin
W11[63:32] <= text_i;
Wt[63:32] <= text_i;
round <= round_plus_1;
end
'd24:
begin
W12[31:0] <= text_i;
Wt[31:0] <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
 
round <= round_plus_1;
end
'd25:
begin
W12[63:32] <= text_i;
Wt[63:32] <= text_i;
round <= round_plus_1;
end
'd26:
begin
W13[31:0] <= text_i;
Wt[31:0] <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
 
round <= round_plus_1;
end
'd27:
begin
W13[63:32] <= text_i;
Wt[63:32] <= text_i;
round <= round_plus_1;
end
'd28:
begin
W14[31:0] <= text_i;
Wt[31:0] <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
 
round <= round_plus_1;
end
'd29:
begin
W14[63:32] <= text_i;
Wt[63:32] <= text_i;
round <= round_plus_1;
end
'd30:
begin
Wt[31:0] <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
 
round <= round_plus_1;
end
'd31:
begin
Wt[63:32] <= text_i;
round <= round_plus_1;
end
'd32,
'd33,
'd34,
'd35,
'd36,
'd37,
'd38,
'd39,
'd40,
'd41,
'd42,
'd43,
'd44,
'd45,
'd46,
'd47,
'd48,
'd49,
'd50,
'd51,
'd52,
'd53,
'd54,
'd55,
'd56,
'd57,
'd58,
'd59,
'd60,
'd61,
'd62,
'd63,
'd64,
'd65,
'd66,
'd67,
'd68,
'd69,
'd70,
'd71,
'd72,
'd73,
'd74,
'd75,
'd76,
'd77,
'd78,
'd79,
'd80,
'd81,
'd82,
'd83,
'd84,
'd85,
'd86,
'd87,
'd88,
'd89,
'd90,
'd91,
'd92,
'd93,
'd94,
'd95:
begin
W0 <= W1;
W1 <= W2;
W2 <= W3;
W3 <= W4;
W4 <= W5;
W5 <= W6;
W6 <= W7;
W7 <= W8;
W8 <= W9;
W9 <= W10;
W10 <= W11;
W11 <= W12;
W12 <= W13;
W13 <= W14;
W14 <= Wt;
Wt <= next_Wt;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd96:
begin
A <= next_A + H0;
B <= A + H1;
C <= B + H2;
D <= C + H3;
E <= next_E + H4;
F <= E + H5;
G <= F + H6;
H <= G + H7;
round <= 'd0;
busy <= 'b0;
end
default:
begin
round <= 'd0;
busy <= 'b0;
end
endcase
end
end
//------------------------------------------------------------------
// Kt generator
//------------------------------------------------------------------
always @ (posedge clk_i)
begin
if (rst_i)
begin
Kt <= 'b0;
end
else
begin
case (round)
'd00: Kt <= `K00;
'd01: Kt <= `K00;
'd02: Kt <= `K01;
'd03: Kt <= `K01;
'd04: Kt <= `K02;
'd05: Kt <= `K02;
'd06: Kt <= `K03;
'd07: Kt <= `K03;
'd08: Kt <= `K04;
'd09: Kt <= `K04;
'd10: Kt <= `K05;
'd11: Kt <= `K05;
'd12: Kt <= `K06;
'd13: Kt <= `K06;
'd14: Kt <= `K07;
'd15: Kt <= `K07;
'd16: Kt <= `K08;
'd17: Kt <= `K08;
'd18: Kt <= `K09;
'd19: Kt <= `K09;
'd20: Kt <= `K10;
'd21: Kt <= `K10;
'd22: Kt <= `K11;
'd23: Kt <= `K11;
'd24: Kt <= `K12;
'd25: Kt <= `K12;
'd26: Kt <= `K13;
'd27: Kt <= `K13;
'd28: Kt <= `K14;
'd29: Kt <= `K14;
'd30: Kt <= `K15;
'd31: Kt <= `K15;
'd32: Kt <= `K16;
'd33: Kt <= `K17;
'd34: Kt <= `K18;
'd35: Kt <= `K19;
'd36: Kt <= `K20;
'd37: Kt <= `K21;
'd38: Kt <= `K22;
'd39: Kt <= `K23;
'd40: Kt <= `K24;
'd41: Kt <= `K25;
'd42: Kt <= `K26;
'd43: Kt <= `K27;
'd44: Kt <= `K28;
'd45: Kt <= `K29;
'd46: Kt <= `K30;
'd47: Kt <= `K31;
'd48: Kt <= `K32;
'd49: Kt <= `K33;
'd50: Kt <= `K34;
'd51: Kt <= `K35;
'd52: Kt <= `K36;
'd53: Kt <= `K37;
'd54: Kt <= `K38;
'd55: Kt <= `K39;
'd56: Kt <= `K40;
'd57: Kt <= `K41;
'd58: Kt <= `K42;
'd59: Kt <= `K43;
'd60: Kt <= `K44;
'd61: Kt <= `K45;
'd62: Kt <= `K46;
'd63: Kt <= `K47;
'd64: Kt <= `K48;
'd65: Kt <= `K49;
'd66: Kt <= `K50;
'd67: Kt <= `K51;
'd68: Kt <= `K52;
'd69: Kt <= `K53;
'd70: Kt <= `K54;
'd71: Kt <= `K55;
'd72: Kt <= `K56;
'd73: Kt <= `K57;
'd74: Kt <= `K58;
'd75: Kt <= `K59;
'd76: Kt <= `K60;
'd77: Kt <= `K61;
'd78: Kt <= `K62;
'd79: Kt <= `K63;
'd80: Kt <= `K64;
'd81: Kt <= `K65;
'd82: Kt <= `K66;
'd83: Kt <= `K67;
'd84: Kt <= `K68;
'd85: Kt <= `K69;
'd86: Kt <= `K70;
'd87: Kt <= `K71;
'd88: Kt <= `K72;
'd89: Kt <= `K73;
'd90: Kt <= `K74;
'd91: Kt <= `K75;
'd92: Kt <= `K76;
'd93: Kt <= `K77;
'd94: Kt <= `K78;
'd95: Kt <= `K79;
default:Kt <= 'd0;
endcase
end
end
 
//------------------------------------------------------------------
// read result
//------------------------------------------------------------------
always @ (posedge clk_i)
begin
if (rst_i)
begin
text_o <= 'b0;
read_counter <= 'b0;
end
else
begin
if (cmd[0])
begin
case (cmd[3])
1'b0: read_counter <= 'd11; // sha-384 384/32=12
1'b1: read_counter <= 'd15; // sha-512 512/32=16
endcase
end
else
begin
if (~busy)
begin
case (cmd[3])
1'b0:
begin
case (read_counter)
'd11: text_o <= SHA384_result[12*32-1:11*32];
'd10: text_o <= SHA384_result[11*32-1:10*32];
'd09: text_o <= SHA384_result[10*32-1:09*32];
'd08: text_o <= SHA384_result[09*32-1:08*32];
'd07: text_o <= SHA384_result[08*32-1:07*32];
'd06: text_o <= SHA384_result[07*32-1:06*32];
'd05: text_o <= SHA384_result[06*32-1:05*32];
'd04: text_o <= SHA384_result[05*32-1:04*32];
'd03: text_o <= SHA384_result[04*32-1:03*32];
'd02: text_o <= SHA384_result[03*32-1:02*32];
'd01: text_o <= SHA384_result[02*32-1:01*32];
'd00: text_o <= SHA384_result[01*32-1:00*32];
default:text_o <= 'b0;
endcase
end
1'b1:
begin
case (read_counter)
'd15: text_o <= SHA512_result[16*32-1:15*32];
'd14: text_o <= SHA512_result[15*32-1:14*32];
'd13: text_o <= SHA512_result[14*32-1:13*32];
'd12: text_o <= SHA512_result[13*32-1:12*32];
'd11: text_o <= SHA512_result[12*32-1:11*32];
'd10: text_o <= SHA512_result[11*32-1:10*32];
'd09: text_o <= SHA512_result[10*32-1:09*32];
'd08: text_o <= SHA512_result[09*32-1:08*32];
'd07: text_o <= SHA512_result[08*32-1:07*32];
'd06: text_o <= SHA512_result[07*32-1:06*32];
'd05: text_o <= SHA512_result[06*32-1:05*32];
'd04: text_o <= SHA512_result[05*32-1:04*32];
'd03: text_o <= SHA512_result[04*32-1:03*32];
'd02: text_o <= SHA512_result[03*32-1:02*32];
'd01: text_o <= SHA512_result[02*32-1:01*32];
'd00: text_o <= SHA512_result[01*32-1:00*32];
default:text_o <= 'b0;
endcase
end
endcase
if (|read_counter)
read_counter <= read_counter - 'd1;
end
else
begin
text_o <= 'b0;
end
end
end
end
endmodule
/tags/arelease/rtl/sha256.v
0,0 → 1,774
/////////////////////////////////////////////////////////////////////
//// ////
//// SHA-256 ////
//// Secure Hash Algorithm (SHA-256) ////
//// ////
//// Author: marsgod ////
//// marsgod@opencores.org ////
//// ////
//// ////
//// Downloaded from: http://www.opencores.org/cores/sha_core/ ////
//// ////
/////////////////////////////////////////////////////////////////////
//// ////
//// Copyright (C) 2000-2002 marsgod ////
//// marsgod@opencores.org ////
//// ////
//// ////
//// This source file may be used and distributed without ////
//// restriction provided that this copyright statement is not ////
//// removed from the file and that any derivative work contains ////
//// the original copyright notice and the associated disclaimer.////
//// ////
//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY ////
//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED ////
//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS ////
//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR ////
//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, ////
//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES ////
//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE ////
//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR ////
//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF ////
//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT ////
//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT ////
//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ////
//// POSSIBILITY OF SUCH DAMAGE. ////
//// ////
/////////////////////////////////////////////////////////////////////
 
`define SHA256_H0 32'h6a09e667
`define SHA256_H1 32'hbb67ae85
`define SHA256_H2 32'h3c6ef372
`define SHA256_H3 32'ha54ff53a
`define SHA256_H4 32'h510e527f
`define SHA256_H5 32'h9b05688c
`define SHA256_H6 32'h1f83d9ab
`define SHA256_H7 32'h5be0cd19
 
`define K00 32'h428a2f98
`define K01 32'h71374491
`define K02 32'hb5c0fbcf
`define K03 32'he9b5dba5
`define K04 32'h3956c25b
`define K05 32'h59f111f1
`define K06 32'h923f82a4
`define K07 32'hab1c5ed5
`define K08 32'hd807aa98
`define K09 32'h12835b01
`define K10 32'h243185be
`define K11 32'h550c7dc3
`define K12 32'h72be5d74
`define K13 32'h80deb1fe
`define K14 32'h9bdc06a7
`define K15 32'hc19bf174
`define K16 32'he49b69c1
`define K17 32'hefbe4786
`define K18 32'h0fc19dc6
`define K19 32'h240ca1cc
`define K20 32'h2de92c6f
`define K21 32'h4a7484aa
`define K22 32'h5cb0a9dc
`define K23 32'h76f988da
`define K24 32'h983e5152
`define K25 32'ha831c66d
`define K26 32'hb00327c8
`define K27 32'hbf597fc7
`define K28 32'hc6e00bf3
`define K29 32'hd5a79147
`define K30 32'h06ca6351
`define K31 32'h14292967
`define K32 32'h27b70a85
`define K33 32'h2e1b2138
`define K34 32'h4d2c6dfc
`define K35 32'h53380d13
`define K36 32'h650a7354
`define K37 32'h766a0abb
`define K38 32'h81c2c92e
`define K39 32'h92722c85
`define K40 32'ha2bfe8a1
`define K41 32'ha81a664b
`define K42 32'hc24b8b70
`define K43 32'hc76c51a3
`define K44 32'hd192e819
`define K45 32'hd6990624
`define K46 32'hf40e3585
`define K47 32'h106aa070
`define K48 32'h19a4c116
`define K49 32'h1e376c08
`define K50 32'h2748774c
`define K51 32'h34b0bcb5
`define K52 32'h391c0cb3
`define K53 32'h4ed8aa4a
`define K54 32'h5b9cca4f
`define K55 32'h682e6ff3
`define K56 32'h748f82ee
`define K57 32'h78a5636f
`define K58 32'h84c87814
`define K59 32'h8cc70208
`define K60 32'h90befffa
`define K61 32'ha4506ceb
`define K62 32'hbef9a3f7
`define K63 32'hc67178f2
 
module sha256 (clk_i, rst_i, text_i, text_o, cmd_i, cmd_w_i, cmd_o);
 
input clk_i; // global clock input
input rst_i; // global reset input , active high
input [31:0] text_i; // text input 32bit
output [31:0] text_o; // text output 32bit
input [2:0] cmd_i; // command input
input cmd_w_i;// command input write enable
output [3:0] cmd_o; // command output(status)
 
/*
cmd
Busy Round W R
 
bit3 bit2 bit1 bit0
Busy Round W R
Busy:
0 idle
1 busy
Round:
0 first round
1 internal round
W:
0 No-op
1 write data
R:
0 No-op
1 read data
*/
 
reg [3:0] cmd;
wire [3:0] cmd_o;
reg [31:0] text_o;
reg [6:0] round;
wire [6:0] round_plus_1;
reg [2:0] read_counter;
reg [31:0] H0,H1,H2,H3,H4,H5,H6,H7;
reg [31:0] W0,W1,W2,W3,W4,W5,W6,W7,W8,W9,W10,W11,W12,W13,W14;
reg [31:0] Wt,Kt;
reg [31:0] A,B,C,D,E,F,G,H;
 
reg busy;
assign cmd_o = cmd;
always @ (posedge clk_i)
begin
if (rst_i)
cmd <= 'b0;
else
if (cmd_w_i)
cmd[2:0] <= cmd_i[2:0]; // busy bit can't write
else
begin
cmd[3] <= busy; // update busy bit
if (~busy)
cmd[1:0] <= 2'b00; // hardware auto clean R/W bits
end
end
wire [31:0] f1_EFG_32,f2_ABC_32,f3_A_32,f4_E_32,f5_W1_32,f6_W14_32,T1_32,T2_32;
wire [31:0] next_Wt,next_E,next_A;
wire [255:0] SHA256_result;
assign f1_EFG_32 = (E & F) ^ (~E & G);
 
assign f2_ABC_32 = (A & B) ^ (B & C) ^ (A & C);
assign f3_A_32 = {A[1:0],A[31:2]} ^ {A[12:0],A[31:13]} ^ {A[21:0],A[31:22]};
assign f4_E_32 = {E[5:0],E[31:6]} ^ {E[10:0],E[31:11]} ^ {E[24:0],E[31:25]};
assign f5_W1_32 = {W1[6:0],W1[31:7]} ^ {W1[17:0],W1[31:18]} ^ {3'b000,W1[31:3]};
assign f6_W14_32 = {W14[16:0],W14[31:17]} ^ {W14[18:0],W14[31:19]} ^ {10'b00_0000_0000,W14[31:10]};
assign T1_32 = H[31:0] + f4_E_32 + f1_EFG_32 + Kt + Wt;
assign T2_32 = f3_A_32 + f2_ABC_32;
assign next_Wt = f6_W14_32 + W9[31:0] + f5_W1_32 + W0[31:0];
assign next_E = D[31:0] + T1_32;
assign next_A = T1_32 + T2_32;
 
assign SHA256_result = {A,B,C,D,E,F,G,H};
 
assign round_plus_1 = round + 1;
//------------------------------------------------------------------
// SHA round
//------------------------------------------------------------------
always @(posedge clk_i)
begin
if (rst_i)
begin
round <= 'd0;
busy <= 'b0;
 
W0 <= 'b0;
W1 <= 'b0;
W2 <= 'b0;
W3 <= 'b0;
W4 <= 'b0;
W5 <= 'b0;
W6 <= 'b0;
W7 <= 'b0;
W8 <= 'b0;
W9 <= 'b0;
W10 <= 'b0;
W11 <= 'b0;
W12 <= 'b0;
W13 <= 'b0;
W14 <= 'b0;
Wt <= 'b0;
A <= 'b0;
B <= 'b0;
C <= 'b0;
D <= 'b0;
E <= 'b0;
F <= 'b0;
G <= 'b0;
H <= 'b0;
 
H0 <= 'b0;
H1 <= 'b0;
H2 <= 'b0;
H3 <= 'b0;
H4 <= 'b0;
H5 <= 'b0;
H6 <= 'b0;
H7 <= 'b0;
end
else
begin
case (round)
'd0:
begin
if (cmd[1])
begin
W0 <= text_i;
Wt <= text_i;
busy <= 'b1;
round <= round_plus_1;
case (cmd[2])
1'b0: // sha-256 first message
begin
A <= `SHA256_H0;
B <= `SHA256_H1;
C <= `SHA256_H2;
D <= `SHA256_H3;
E <= `SHA256_H4;
F <= `SHA256_H5;
G <= `SHA256_H6;
H <= `SHA256_H7;
 
H0 <= `SHA256_H0;
H1 <= `SHA256_H1;
H2 <= `SHA256_H2;
H3 <= `SHA256_H3;
H4 <= `SHA256_H4;
H5 <= `SHA256_H5;
H6 <= `SHA256_H6;
H7 <= `SHA256_H7;
end
1'b1: // sha-256 internal message
begin
H0 <= A;
H1 <= B;
H2 <= C;
H3 <= D;
H4 <= E;
H5 <= F;
H6 <= G;
H7 <= H;
end
endcase
end
else
begin // IDLE
round <= 'd0;
end
end
'd1:
begin
W1 <= text_i;
Wt <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd2:
begin
W2 <= text_i;
Wt <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd3:
begin
W3 <= text_i;
Wt <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd4:
begin
W4 <= text_i;
Wt <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd5:
begin
W5 <= text_i;
Wt <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd6:
begin
W6 <= text_i;
Wt <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd7:
begin
W7 <= text_i;
Wt <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd8:
begin
W8 <= text_i;
Wt <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd9:
begin
W9 <= text_i;
Wt <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd10:
begin
W10 <= text_i;
Wt <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd11:
begin
W11 <= text_i;
Wt <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd12:
begin
W12 <= text_i;
Wt <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd13:
begin
W13 <= text_i;
Wt <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd14:
begin
W14 <= text_i;
Wt <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd15:
begin
Wt <= text_i;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd16,
'd17,
'd18,
'd19,
'd20,
'd21,
'd22,
'd23,
'd24,
'd25,
'd26,
'd27,
'd28,
'd29,
'd30,
'd31,
'd32,
'd33,
'd34,
'd35,
'd36,
'd37,
'd38,
'd39,
'd40,
'd41,
'd42,
'd43,
'd44,
'd45,
'd46,
'd47,
'd48,
'd49,
'd50,
'd51,
'd52,
'd53,
'd54,
'd55,
'd56,
'd57,
'd58,
'd59,
'd60,
'd61,
'd62,
'd63:
begin
W0 <= W1;
W1 <= W2;
W2 <= W3;
W3 <= W4;
W4 <= W5;
W5 <= W6;
W6 <= W7;
W7 <= W8;
W8 <= W9;
W9 <= W10;
W10 <= W11;
W11 <= W12;
W12 <= W13;
W13 <= W14;
W14 <= Wt;
Wt <= next_Wt;
H <= G;
G <= F;
F <= E;
E <= next_E;
D <= C;
C <= B;
B <= A;
A <= next_A;
round <= round_plus_1;
end
'd64:
begin
A <= next_A + H0;
B <= A + H1;
C <= B + H2;
D <= C + H3;
E <= next_E + H4;
F <= E + H5;
G <= F + H6;
H <= G + H7;
round <= 'd0;
busy <= 'b0;
end
default:
begin
round <= 'd0;
busy <= 'b0;
end
endcase
end
end
//------------------------------------------------------------------
// Kt generator
//------------------------------------------------------------------
always @ (posedge clk_i)
begin
if (rst_i)
begin
Kt <= 'b0;
end
else
begin
case (round)
'd00: Kt <= `K00;
'd01: Kt <= `K01;
'd02: Kt <= `K02;
'd03: Kt <= `K03;
'd04: Kt <= `K04;
'd05: Kt <= `K05;
'd06: Kt <= `K06;
'd07: Kt <= `K07;
'd08: Kt <= `K08;
'd09: Kt <= `K09;
'd10: Kt <= `K10;
'd11: Kt <= `K11;
'd12: Kt <= `K12;
'd13: Kt <= `K13;
'd14: Kt <= `K14;
'd15: Kt <= `K15;
'd16: Kt <= `K16;
'd17: Kt <= `K17;
'd18: Kt <= `K18;
'd19: Kt <= `K19;
'd20: Kt <= `K20;
'd21: Kt <= `K21;
'd22: Kt <= `K22;
'd23: Kt <= `K23;
'd24: Kt <= `K24;
'd25: Kt <= `K25;
'd26: Kt <= `K26;
'd27: Kt <= `K27;
'd28: Kt <= `K28;
'd29: Kt <= `K29;
'd30: Kt <= `K30;
'd31: Kt <= `K31;
'd32: Kt <= `K32;
'd33: Kt <= `K33;
'd34: Kt <= `K34;
'd35: Kt <= `K35;
'd36: Kt <= `K36;
'd37: Kt <= `K37;
'd38: Kt <= `K38;
'd39: Kt <= `K39;
'd40: Kt <= `K40;
'd41: Kt <= `K41;
'd42: Kt <= `K42;
'd43: Kt <= `K43;
'd44: Kt <= `K44;
'd45: Kt <= `K45;
'd46: Kt <= `K46;
'd47: Kt <= `K47;
'd48: Kt <= `K48;
'd49: Kt <= `K49;
'd50: Kt <= `K50;
'd51: Kt <= `K51;
'd52: Kt <= `K52;
'd53: Kt <= `K53;
'd54: Kt <= `K54;
'd55: Kt <= `K55;
'd56: Kt <= `K56;
'd57: Kt <= `K57;
'd58: Kt <= `K58;
'd59: Kt <= `K59;
'd60: Kt <= `K60;
'd61: Kt <= `K61;
'd62: Kt <= `K62;
'd63: Kt <= `K63;
default:Kt <= 'd0;
endcase
end
end
 
//------------------------------------------------------------------
// read result
//------------------------------------------------------------------
always @ (posedge clk_i)
begin
if (rst_i)
begin
text_o <= 'b0;
read_counter <= 'b0;
end
else
begin
if (cmd[0])
begin
read_counter <= 'd7; // sha-256 256/32=8
end
else
begin
if (~busy)
begin
case (read_counter)
'd7: text_o <= SHA256_result[8*32-1:7*32];
'd6: text_o <= SHA256_result[7*32-1:6*32];
'd5: text_o <= SHA256_result[6*32-1:5*32];
'd4: text_o <= SHA256_result[5*32-1:4*32];
'd3: text_o <= SHA256_result[4*32-1:3*32];
'd2: text_o <= SHA256_result[3*32-1:2*32];
'd1: text_o <= SHA256_result[2*32-1:1*32];
'd0: text_o <= SHA256_result[1*32-1:0*32];
default:text_o <= 'b0;
endcase
if (|read_counter)
read_counter <= read_counter - 'd1;
end
else
begin
text_o <= 'b0;
end
end
end
end
endmodule
/tags/arelease/doc/Secure Hash Algorithm IP Core.doc Cannot display: file marked as a binary type. svn:mime-type = application/octet-stream
/tags/arelease/doc/Secure Hash Algorithm IP Core.doc
tags/arelease/doc/Secure Hash Algorithm IP Core.doc Property changes : Added: svn:mime-type ## -0,0 +1 ## +application/octet-stream \ No newline at end of property Index: tags/arelease/doc/Secure Hash Algorithm IP Core.pdf =================================================================== Cannot display: file marked as a binary type. svn:mime-type = application/octet-stream Index: tags/arelease/doc/Secure Hash Algorithm IP Core.pdf =================================================================== --- tags/arelease/doc/Secure Hash Algorithm IP Core.pdf (nonexistent) +++ tags/arelease/doc/Secure Hash Algorithm IP Core.pdf (revision 3)
tags/arelease/doc/Secure Hash Algorithm IP Core.pdf Property changes : Added: svn:mime-type ## -0,0 +1 ## +application/octet-stream \ No newline at end of property Index: tags/arelease/src/mrshs512.c =================================================================== --- tags/arelease/src/mrshs512.c (nonexistent) +++ tags/arelease/src/mrshs512.c (revision 3) @@ -0,0 +1,238 @@ +/* + * Implementation of the Secure Hashing Algorithm (SHA-384 and SHA-512) + * + * Generates a a 384 or 512 bit message digest. It should be impossible to come + * come up with two messages that hash to the same value ("collision free"). + * + * For use with byte-oriented messages only. Could/Should be speeded + * up by unwinding loops in shs_transform(), and assembly patches. + * + * NOTE: This requires a 64-bit integer type to be defined + */ + +#include +#include "miracl.h" + +#ifdef mr_unsign64 + +#define H0 0x6a09e667f3bcc908 +#define H1 0xbb67ae8584caa73b +#define H2 0x3c6ef372fe94f82b +#define H3 0xa54ff53a5f1d36f1 +#define H4 0x510e527fade682d1 +#define H5 0x9b05688c2b3e6c1f +#define H6 0x1f83d9abfb41bd6b +#define H7 0x5be0cd19137e2179 + +#define H8 0xcbbb9d5dc1059ed8 +#define H9 0x629a292a367cd507 +#define HA 0x9159015a3070dd17 +#define HB 0x152fecd8f70e5939 +#define HC 0x67332667ffc00b31 +#define HD 0x8eb44a8768581511 +#define HE 0xdb0c2e0d64f98fa7 +#define HF 0x47b5481dbefa4fa4 + +static mr_unsign64 K[80]={ +0x428a2f98d728ae22,0x7137449123ef65cd,0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc, +0x3956c25bf348b538,0x59f111f1b605d019,0x923f82a4af194f9b,0xab1c5ed5da6d8118, +0xd807aa98a3030242,0x12835b0145706fbe,0x243185be4ee4b28c,0x550c7dc3d5ffb4e2, +0x72be5d74f27b896f,0x80deb1fe3b1696b1,0x9bdc06a725c71235,0xc19bf174cf692694, +0xe49b69c19ef14ad2,0xefbe4786384f25e3,0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65, +0x2de92c6f592b0275,0x4a7484aa6ea6e483,0x5cb0a9dcbd41fbd4,0x76f988da831153b5, +0x983e5152ee66dfab,0xa831c66d2db43210,0xb00327c898fb213f,0xbf597fc7beef0ee4, +0xc6e00bf33da88fc2,0xd5a79147930aa725,0x06ca6351e003826f,0x142929670a0e6e70, +0x27b70a8546d22ffc,0x2e1b21385c26c926,0x4d2c6dfc5ac42aed,0x53380d139d95b3df, +0x650a73548baf63de,0x766a0abb3c77b2a8,0x81c2c92e47edaee6,0x92722c851482353b, +0xa2bfe8a14cf10364,0xa81a664bbc423001,0xc24b8b70d0f89791,0xc76c51a30654be30, +0xd192e819d6ef5218,0xd69906245565a910,0xf40e35855771202a,0x106aa07032bbd1b8, +0x19a4c116b8d2d0c8,0x1e376c085141ab53,0x2748774cdf8eeb99,0x34b0bcb5e19b48a8, +0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb,0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3, +0x748f82ee5defb2fc,0x78a5636f43172f60,0x84c87814a1f0ab72,0x8cc702081a6439ec, +0x90befffa23631e28,0xa4506cebde82bde9,0xbef9a3f7b2c67915,0xc67178f2e372532b, +0xca273eceea26619c,0xd186b8c721c0c207,0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178, +0x06f067aa72176fba,0x0a637dc5a2c898a6,0x113f9804bef90dae,0x1b710b35131c471b, +0x28db77f523047d84,0x32caab7b40c72493,0x3c9ebe0a15c9bebc,0x431d67c49c100d4c, +0x4cc5d4becb3e42b6,0x597f299cfc657e2a,0x5fcb6fab3ad6faec,0x6c44198c4a475817}; + +#define PAD 0x80 +#define ZERO 0 + +/* functions */ + +#define S(n,x) (((x)>>n) | ((x)<<(64-n))) +#define R(n,x) ((x)>>n) + +#define Ch(x,y,z) ((x&y)^(~(x)&z)) +#define Maj(x,y,z) ((x&y)^(x&z)^(y&z)) +#define Sig0(x) (S(28,x)^S(34,x)^S(39,x)) +#define Sig1(x) (S(14,x)^S(18,x)^S(41,x)) +#define theta0(x) (S(1,x)^S(8,x)^R(7,x)) +#define theta1(x) (S(19,x)^S(61,x)^R(6,x)) + +static void shs_transform(sha512 *sh) +{ /* basic transformation step */ + mr_unsign64 a,b,c,d,e,f,g,h,t1,t2; + int j; + for (j=16;j<80;j++) + sh->w[j]=theta1(sh->w[j-2])+sh->w[j-7]+theta0(sh->w[j-15])+sh->w[j-16]; + + a=sh->h[0]; b=sh->h[1]; c=sh->h[2]; d=sh->h[3]; + e=sh->h[4]; f=sh->h[5]; g=sh->h[6]; h=sh->h[7]; + + for (j=0;j<80;j++) + { /* 80 times - mush it up */ + t1=h+Sig1(e)+Ch(e,f,g)+K[j]+sh->w[j]; + t2=Sig0(a)+Maj(a,b,c); + h=g; g=f; f=e; + e=d+t1; + d=c; + c=b; + b=a; + a=t1+t2; + } + sh->h[0]+=a; sh->h[1]+=b; sh->h[2]+=c; sh->h[3]+=d; + sh->h[4]+=e; sh->h[5]+=f; sh->h[6]+=g; sh->h[7]+=h; +} + +void shs512_init(sha512 *sh) +{ /* re-initialise */ + int i; + for (i=0;i<80;i++) sh->w[i]=0; + sh->length[0]=sh->length[1]=0; + sh->h[0]=H0; + sh->h[1]=H1; + sh->h[2]=H2; + sh->h[3]=H3; + sh->h[4]=H4; + sh->h[5]=H5; + sh->h[6]=H6; + sh->h[7]=H7; +} + +void shs384_init(sha384 *sh) +{ /* re-initialise */ + int i; + for (i=0;i<80;i++) sh->w[i]=0; + sh->length[0]=sh->length[1]=0; + sh->h[0]=H8; + sh->h[1]=H9; + sh->h[2]=HA; + sh->h[3]=HB; + sh->h[4]=HC; + sh->h[5]=HD; + sh->h[6]=HE; + sh->h[7]=HF; +} + + +void shs512_process(sha512 *sh,int byte) +{ /* process the next message byte */ + int cnt; + + cnt=(int)((sh->length[0]/64)%16); + + sh->w[cnt]<<=8; + sh->w[cnt]|=(mr_unsign64)(byte&0xFF); + + sh->length[0]+=8; + if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } + if ((sh->length[0]%1024)==0) shs_transform(sh); +} + + +void shs384_process(sha384 *sh,int byte) +{ /* process the next message byte */ + int cnt; + + cnt=(int)((sh->length[0]/64)%16); + + sh->w[cnt]<<=8; + sh->w[cnt]|=(mr_unsign64)(byte&0xFF); + + sh->length[0]+=8; + if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } + if ((sh->length[0]%1024)==0) shs_transform(sh); +} + + +void shs512_hash(sha512 *sh,char hash[64]) +{ /* pad message and finish - supply digest */ + int i; + mr_unsign64 len0,len1; + len0=sh->length[0]; + len1=sh->length[1]; + shs512_process(sh,PAD); + while ((sh->length[0]%1024)!=896) shs512_process(sh,ZERO); + sh->w[14]=len1; + sh->w[15]=len0; + shs_transform(sh); + for (i=0;i<64;i++) + { /* convert to bytes */ + hash[i]=(char)((sh->h[i/8]>>(8*(7-i%8))) & 0xffL); + } + shs512_init(sh); +} + +void shs384_hash(sha384 *sh,char hash[48]) +{ /* pad message and finish - supply digest */ + int i; + mr_unsign64 len0,len1; + len0=sh->length[0]; + len1=sh->length[1]; + shs512_process(sh,PAD); + while ((sh->length[0]%1024)!=896) shs384_process(sh,ZERO); + sh->w[14]=len1; + sh->w[15]=len0; + shs_transform(sh); + for (i=0;i<48;i++) + { /* convert to bytes */ + hash[i]=(char)((sh->h[i/8]>>(8*(7-i%8))) & 0xffL); + } + shs384_init(sh); +} + + +#endif + +/* test program: should produce digests + +512 bit + +8e959b75dae313da 8cf4f72814fc143f 8f7779c6eb9f7fa1 7299aeadb6889018 +501d289e4900f7e4 331b99dec4b5433a c7d329eeb6dd2654 5e96e55b874be909 + + +384 bit + +09330c33f71147e8 3d192fc782cd1b47 53111b173b3b05d2 2fa08086e3b0f712 +fcc7c71a557e2db9 66c3e9fa91746039 + + +#include +#include "miracl.h" + +char test[]="abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + +int main() +{ + char hash[64]; + int i; + sha512 sh; + shs512_init(&sh); + for (i=0;test[i]!=0;i++) shs512_process(&sh,test[i]); + shs512_hash(&sh,hash); + for (i=0;i<64;i++) printf("%02x",(unsigned char)hash[i]); + printf("\n"); + + shs384_init(&sh); + for (i=0;test[i]!=0;i++) shs384_process(&sh,test[i]); + shs384_hash(&sh,hash); + for (i=0;i<48;i++) printf("%02x",(unsigned char)hash[i]); + printf("\n"); + + return 0; +} + +*/ + Index: tags/arelease/src/mrshs256.c =================================================================== --- tags/arelease/src/mrshs256.c (nonexistent) +++ tags/arelease/src/mrshs256.c (revision 3) @@ -0,0 +1,144 @@ +/* + * Implementation of the Secure Hashing Algorithm (SHA-256) + * + * Generates a 256 bit message digest. It should be impossible to come + * come up with two messages that hash to the same value ("collision free"). + * + * For use with byte-oriented messages only. Could/Should be speeded + * up by unwinding loops in shs_transform(), and assembly patches. + */ + +#include +#include "miracl.h" + +#define H0 0x6A09E667L +#define H1 0xBB67AE85L +#define H2 0x3C6EF372L +#define H3 0xA54FF53AL +#define H4 0x510E527FL +#define H5 0x9B05688CL +#define H6 0x1F83D9ABL +#define H7 0x5BE0CD19L + +static mr_unsign32 K[64]={ +0x428a2f98L,0x71374491L,0xb5c0fbcfL,0xe9b5dba5L,0x3956c25bL,0x59f111f1L,0x923f82a4L,0xab1c5ed5L, +0xd807aa98L,0x12835b01L,0x243185beL,0x550c7dc3L,0x72be5d74L,0x80deb1feL,0x9bdc06a7L,0xc19bf174L, +0xe49b69c1L,0xefbe4786L,0x0fc19dc6L,0x240ca1ccL,0x2de92c6fL,0x4a7484aaL,0x5cb0a9dcL,0x76f988daL, +0x983e5152L,0xa831c66dL,0xb00327c8L,0xbf597fc7L,0xc6e00bf3L,0xd5a79147L,0x06ca6351L,0x14292967L, +0x27b70a85L,0x2e1b2138L,0x4d2c6dfcL,0x53380d13L,0x650a7354L,0x766a0abbL,0x81c2c92eL,0x92722c85L, +0xa2bfe8a1L,0xa81a664bL,0xc24b8b70L,0xc76c51a3L,0xd192e819L,0xd6990624L,0xf40e3585L,0x106aa070L, +0x19a4c116L,0x1e376c08L,0x2748774cL,0x34b0bcb5L,0x391c0cb3L,0x4ed8aa4aL,0x5b9cca4fL,0x682e6ff3L, +0x748f82eeL,0x78a5636fL,0x84c87814L,0x8cc70208L,0x90befffaL,0xa4506cebL,0xbef9a3f7L,0xc67178f2L}; + +#define PAD 0x80 +#define ZERO 0 + +/* functions */ + +#define S(n,x) (((x)>>n) | ((x)<<(32-n))) +#define R(n,x) ((x)>>n) + +#define Ch(x,y,z) ((x&y)^(~(x)&z)) +#define Maj(x,y,z) ((x&y)^(x&z)^(y&z)) +#define Sig0(x) (S(2,x)^S(13,x)^S(22,x)) +#define Sig1(x) (S(6,x)^S(11,x)^S(25,x)) +#define theta0(x) (S(7,x)^S(18,x)^R(3,x)) +#define theta1(x) (S(17,x)^S(19,x)^R(10,x)) + +static void shs_transform(sha256 *sh) +{ /* basic transformation step */ + mr_unsign32 a,b,c,d,e,f,g,h,t1,t2; + int j; + for (j=16;j<64;j++) + sh->w[j]=theta1(sh->w[j-2])+sh->w[j-7]+theta0(sh->w[j-15])+sh->w[j-16]; + + a=sh->h[0]; b=sh->h[1]; c=sh->h[2]; d=sh->h[3]; + e=sh->h[4]; f=sh->h[5]; g=sh->h[6]; h=sh->h[7]; + + for (j=0;j<64;j++) + { /* 64 times - mush it up */ + t1=h+Sig1(e)+Ch(e,f,g)+K[j]+sh->w[j]; + t2=Sig0(a)+Maj(a,b,c); + h=g; g=f; f=e; + e=d+t1; + d=c; + c=b; + b=a; + a=t1+t2; + } + sh->h[0]+=a; sh->h[1]+=b; sh->h[2]+=c; sh->h[3]+=d; + sh->h[4]+=e; sh->h[5]+=f; sh->h[6]+=g; sh->h[7]+=h; +} + +void shs256_init(sha256 *sh) +{ /* re-initialise */ + int i; + for (i=0;i<64;i++) sh->w[i]=0L; + sh->length[0]=sh->length[1]=0L; + sh->h[0]=H0; + sh->h[1]=H1; + sh->h[2]=H2; + sh->h[3]=H3; + sh->h[4]=H4; + sh->h[5]=H5; + sh->h[6]=H6; + sh->h[7]=H7; +} + +void shs256_process(sha256 *sh,int byte) +{ /* process the next message byte */ + int cnt; + + cnt=(int)((sh->length[0]/32)%16); + + sh->w[cnt]<<=8; + sh->w[cnt]|=(mr_unsign32)(byte&0xFF); + + sh->length[0]+=8; + if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } + if ((sh->length[0]%512)==0) shs_transform(sh); +} + +void shs256_hash(sha256 *sh,char hash[32]) +{ /* pad message and finish - supply digest */ + int i; + mr_unsign32 len0,len1; + len0=sh->length[0]; + len1=sh->length[1]; + shs256_process(sh,PAD); + while ((sh->length[0]%512)!=448) shs256_process(sh,ZERO); + sh->w[14]=len1; + sh->w[15]=len0; + shs_transform(sh); + for (i=0;i<32;i++) + { /* convert to bytes */ + hash[i]=((sh->h[i/4]>>(8*(3-i%4))) & 0xffL); + } + shs256_init(sh); +} + +/* test program: should produce digest + +248d6a61 d20638b8 e5c02693 0c3e6039 a33ce459 64ff2167 f6ecedd4 19db06c1 + + +#include +#include "miracl.h" + +char test[]="abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; + +int main() +{ + char hash[32]; + int i; + sha256 sh; + shs256_init(&sh); + for (i=0;test[i]!=0;i++) shs256_process(&sh,test[i]); + shs256_hash(&sh,hash); + for (i=0;i<32;i++) printf("%02x",(unsigned char)hash[i]); + printf("\n"); + return 0; +} + +*/ + Index: tags/arelease/src/mirdef.h =================================================================== --- tags/arelease/src/mirdef.h (nonexistent) +++ tags/arelease/src/mirdef.h (revision 3) @@ -0,0 +1,21 @@ +/* + * MIRACL compiler/hardware definitions - mirdef.h + * Copyright (c) 1988-2002 Shamus Software Ltd. + */ +#define MR_COMBA 6 +#define MR_LITTLE_ENDIAN +#define MIRACL 32 +#define mr_utype int +#define MR_IBITS 32 +#define MR_LBITS 32 +#define mr_unsign32 unsigned int +#define mr_dltype __int64 +#define mr_unsign64 unsigned __int64 +#define MR_STRIPPED_DOWN +#define MAXBASE ((mr_small)1<<(MIRACL-1)) +#define MR_BITSINCHAR 8 + +#define MR_NO_FILE_IO +#define NULL ((void *)0) + + Index: tags/arelease/src/miracl.h =================================================================== --- tags/arelease/src/miracl.h (nonexistent) +++ tags/arelease/src/miracl.h (revision 3) @@ -0,0 +1,941 @@ +#ifndef MIRACL_H +#define MIRACL_H + +/* + * main MIRACL header - miracl.h. + * + * Copyright (c) 1988-2001 Shamus Software Ltd. + */ + +#include "mirdef.h" + +#ifdef __ia64__ +#if MIRACL==64 +#define MR_ITANIUM +#include +#endif +#endif + +#ifdef MR_FP +#include +#endif + +#ifndef MR_NO_FILE_IO +#include +#endif + /* error returns */ + +#define MR_ERR_BASE_TOO_BIG 1 +#define MR_ERR_DIV_BY_ZERO 2 +#define MR_ERR_OVERFLOW 3 +#define MR_ERR_NEG_RESULT 4 +#define MR_ERR_BAD_FORMAT 5 +#define MR_ERR_BAD_BASE 6 +#define MR_ERR_BAD_PARAMETERS 7 +#define MR_ERR_OUT_OF_MEMORY 8 +#define MR_ERR_NEG_ROOT 9 +#define MR_ERR_NEG_POWER 10 +#define MR_ERR_BAD_ROOT 11 +#define MR_ERR_INT_OP 12 +#define MR_ERR_FLASH_OVERFLOW 13 +#define MR_ERR_TOO_BIG 14 +#define MR_ERR_NEG_LOG 15 +#define MR_ERR_DOUBLE_FAIL 16 +#define MR_ERR_IO_OVERFLOW 17 +#define MR_ERR_NO_MIRSYS 18 +#define MR_ERR_BAD_MODULUS 19 +#define MR_ERR_NO_MODULUS 20 +#define MR_ERR_EXP_TOO_BIG 21 +#define MR_ERR_NOT_SUPPORTED 22 +#define MR_ERR_NOT_DOUBLE_LEN 23 +#define MR_ERR_NOT_IRREDUC 24 +#define MR_ERR_NO_ROUNDING 25 + + /* some useful definitions */ + + + +#define forever for(;;) + +#ifndef TRUE + #define TRUE 1 +#endif +#ifndef FALSE + #define FALSE 0 +#endif + +#define OFF 0 +#define ON 1 +#define PLUS 1 +#define MINUS (-1) + +#define MR_MAXDEPTH 24 + /* max routine stack depth */ +/* big and flash variables consist of an encoded length, * + * and an array of mr_smalls containing the digits */ + +typedef int BOOL; + +#define MR_BYTE unsigned char + +#ifdef MR_BITSINCHAR + #if MR_BITSINCHAR == 8 + #define MR_TOBYTE(x) ((MR_BYTE)(x)) + #else + #define MR_TOBYTE(x) ((MR_BYTE)((x)&0xFF)) + #endif +#else + #define MR_TOBYTE(x) ((MR_BYTE)(x)) +#endif + +#ifdef MR_FP + + typedef mr_utype mr_small; + #ifdef mr_dltype + typedef mr_dltype mr_large; + #endif + + #define MR_DIV(a,b) (modf((a)/(b),&dres),dres) + + #ifdef MR_FP_ROUNDING + +/* slightly dicey - the optimizer might remove the MAGIC ! */ + + #define MR_LROUND(a) ( ( (a) + MR_MAGIC ) - MR_MAGIC ) + #else + #define MR_LROUND(a) (modfl((a),&ldres),ldres) + #endif + + #define MR_REMAIN(a,b) ((a)-(b)*MR_DIV((a),(b))) + +#else + + typedef unsigned mr_utype mr_small; + #ifdef mr_dltype + typedef unsigned mr_dltype mr_large; + #endif + + #define MR_DIV(a,b) ((a)/(b)) + #define MR_REMAIN(a,b) ((a)%(b)) + #define MR_LROUND(a) ((a)) +#endif + +struct bigtype +{ + mr_unsign32 len; + mr_small *w; +}; + +typedef struct bigtype *big; +typedef big zzn; + +/* Macro to create big x on the stack - x_t and x_g must be distinct variables + By convention use like this. See brute.c and identity.c for examples + + BIG(x,x_t,x_g,10) + BIG(y,y_t,y_g,10) + +*/ + +#define BIG(x,xt,xg,s) mr_small xg[s]; struct bigtype xt={s,xg}; big x=&xt; + +typedef big flash; + +#define MR_MSBIT ((mr_unsign32)1<<31) +#define MR_OBITS (MR_MSBIT-1) + +#if MIRACL >= MR_IBITS +#define MR_TOOBIG (1<<(MR_IBITS-2)) +#else +#define MR_TOOBIG (1<<(MIRACL-1)) +#endif + +#ifdef MR_FLASH +#define MR_EBITS (8*sizeof(double) - MR_FLASH) + /* no of Bits per double exponent */ +#define MR_BTS 16 +#define MR_MSK 0xFFFF + +#endif + +#define MR_HASH_BYTES 20 + +/* Marsaglia & Zaman Random number generator */ +/* constants alternatives */ +#define NK 37 /* 21 */ +#define NJ 24 /* 6 */ +#define NV 14 /* 8 */ + + +#ifdef MR_LITTLE_ENDIAN +#define MR_TOP(x) (*(((mr_small *)&(x))+1)) +#define MR_BOT(x) (*(((mr_small *)&(x)))) +#endif +#ifdef MR_BIG_ENDIAN +#define MR_TOP(x) (*(((mr_small *)&(x)))) +#define MR_BOT(x) (*(((mr_small *)&(x))+1)) +#endif + +/* chinese remainder theorem structures */ + +typedef struct { +big *C; +big *V; +big *M; +int NP; +} big_chinese; + +typedef struct { +mr_utype *C; +mr_utype *V; +mr_utype *M; +int NP; +} small_chinese; + +/* Cryptographically strong pseudo-random number generator */ + +typedef struct { +mr_unsign32 ira[NK]; /* random number... */ +int rndptr; /* ...array & pointer */ +mr_unsign32 borrow; +int pool_ptr; +char pool[MR_HASH_BYTES]; /* random pool */ +} csprng; + +/* secure hash Algorithm structure */ + +typedef struct { +mr_unsign32 length[2]; +mr_unsign32 h[8]; +mr_unsign32 w[80]; +} sha256; + +typedef sha256 sha; + +#ifdef mr_unsign64 + +typedef struct { +mr_unsign64 length[2]; +mr_unsign64 h[8]; +mr_unsign64 w[80]; +} sha512; + +typedef sha512 sha384; + +#endif + +/* advanced encryption algorithm structure */ + +#define MR_ECB 0 +#define MR_CBC 1 +#define MR_CFB1 2 +#define MR_CFB2 3 +#define MR_CFB4 5 +#define MR_PCFB1 10 +#define MR_PCFB2 11 +#define MR_PCFB4 13 +#define MR_OFB1 14 +#define MR_OFB2 15 +#define MR_OFB4 17 +#define MR_OFB8 21 +#define MR_OFB16 29 + +typedef struct { +int Nk,Nr; +int mode; +mr_unsign32 fkey[60]; +mr_unsign32 rkey[60]; +char f[16]; +} aes; + + + /* Elliptic curve point status */ + +#define MR_EPOINT_GENERAL 0 +#define MR_EPOINT_NORMALIZED 1 +#define MR_EPOINT_INFINITY 2 + +#define MR_PROJECTIVE 0 +#define MR_AFFINE 1 + + +/* Elliptic Curve epoint structure. Uses projective (X,Y,Z) co-ordinates */ + +typedef struct { +big X; +big Y; +big Z; +int marker; +} epoint; + + +/* Structure for Brickell method for finite * + field exponentiation with precomputation */ + +typedef struct { + big *table; + big n; + int base; + int store; +} brick; + +/* Structure for Brickell method for elliptic * + curve exponentiation with precomputation */ + +typedef struct { + epoint **table; + big a,b,n; + int base; + int store; +} ebrick; + +typedef struct { + epoint **table; + big a6,a2; + int m,a,b,c; + int base; + int store; +} ebrick2; + +/* main MIRACL instance structure */ + +typedef struct { +mr_small base; /* number base */ +mr_small apbase; /* apparent base */ +int pack; /* packing density */ +int lg2b; /* bits in base */ +mr_small base2; /* 2^mr_lg2b */ +BOOL (*user)(void); /* pointer to user supplied function */ + +int nib; /* length of bigs */ +int depth; /* error tracing ..*/ +int trace[MR_MAXDEPTH]; /* .. mechanism */ +BOOL check; /* overflow check */ +BOOL fout; /* Output to file */ +BOOL fin; /* Input from file */ +BOOL active; + +#ifndef MR_NO_FILE_IO + +FILE *infile; /* Input file */ +FILE *otfile; /* Output file */ + +#endif + +mr_unsign32 ira[NK]; /* random number... */ +int rndptr; /* ...array & pointer */ +mr_unsign32 borrow; + + /* Montgomery constants */ +mr_small ndash; +big modulus; +BOOL ACTIVE; +BOOL MONTY; + /* Elliptic Curve details */ +BOOL SS; /* True for Super-Singular */ +big A,B,C; +int coord,Asize,Bsize; + +int M,AA,BB,CC; /* for GF(2^m) curves */ + +int logN; /* constants for fast fourier fft multiplication */ +int nprimes,degree; +mr_utype *prime,*cr; +mr_utype *inverse,**roots; +small_chinese chin; +mr_utype const1,const2,const3; +mr_small msw,lsw; +mr_utype **s1,**s2; /* pre-computed tables for polynomial reduction */ +mr_utype **t; /* workspace */ +mr_utype *wa; +mr_utype *wb; +mr_utype *wc; +BOOL same; +BOOL first_one; +BOOL debug; + +big w0; /* workspace bigs */ +big w1,w2,w3,w4; +big w5,w6,w7; +big w8,w9,w10,w11; +big w12,w13,w14,w15; +big w16,w17,w18; + +/* User modifiables */ + +char *IOBUFF; /* i/o buffer */ +int IOBSIZ; /* size of i/o buffer */ +BOOL ERCON; /* error control */ +int ERNUM; /* last error code */ +int NTRY; /* no. of tries for probablistic primality testing */ +int IOBASE; /* base for input and output */ +BOOL EXACT; /* exact flag */ +BOOL RPOINT; /* =ON for radix point, =OFF for fractions in output */ +BOOL TRACER; /* turns trace tracker on/off */ +int INPLEN; /* input length */ +int *PRIMES; /* small primes array */ + +#ifdef MR_FLASH +int workprec; +int stprec; /* start precision */ + +int RS,RD; +double D; + +double db,n,p; +int a,b,c,d,r,q,oldn,ndig; +mr_small u,v,ku,kv; + +BOOL last,carryon; +flash pi; + + +#endif + +#ifdef MR_KCM +big big_ndash; +big ws; +#endif + +#ifdef MR_FP_ROUNDING +mr_large inverse_base; +#endif +int size; +char *workspace; + +} miracl; + + +#ifndef MR_GENERIC_MT + +#ifdef MR_WINDOWS_MT +#define MR_OS_THREADS +#endif + +#ifdef MR_UNIX_MT +#define MR_OS_THREADS +#endif + +#ifndef MR_OS_THREADS + +extern miracl *mr_mip; /* pointer to MIRACL's only global variable */ + +#endif + +#endif + + +#ifdef MR_GENERIC_MT + +#define _MIPT_ miracl *, +#define _MIPTO_ miracl * +#define _MIPD_ miracl *mr_mip, +#define _MIPDO_ miracl *mr_mip +#define _MIPP_ mr_mip, +#define _MIPPO_ mr_mip + +#else + +#define _MIPT_ +#define _MIPTO_ void +#define _MIPD_ +#define _MIPDO_ void +#define _MIPP_ +#define _MIPPO_ + +#endif + +/* Preamble and exit code for MIRACL routines. * + * Not used if MR_STRIPPED_DOWN is defined */ + +#ifdef MR_STRIPPED_DOWN +#define MR_OUT +#define MR_IN(N) +#else +#define MR_OUT mr_mip->depth--; +#define MR_IN(N) mr_mip->depth++; if (mr_mip->depthtrace[mr_mip->depth]=(N); if (mr_mip->TRACER) mr_track(_MIPPO_); } +#endif + +/* Function definitions */ + +/* Group 0 - Internal routines */ + +extern void mr_berror(_MIPT_ int); +extern mr_small mr_shiftbits(mr_small,int); +extern mr_small mr_setbase(_MIPT_ mr_small); +extern void mr_track(_MIPTO_ ); +extern void mr_lzero(big); +extern BOOL mr_notint(flash); +extern int mr_lent(flash); +extern void mr_padd(_MIPT_ big,big,big); +extern void mr_psub(_MIPT_ big,big,big); +extern void mr_pmul(_MIPT_ big,mr_small,big); +#ifdef MR_FP_ROUNDING +extern mr_large mr_invert(mr_small); +extern mr_small imuldiv(mr_small,mr_small,mr_small,mr_small,mr_large,mr_small *); +extern mr_small mr_sdiv(_MIPT_ big,mr_small,mr_large,big); +#else +extern mr_small mr_sdiv(_MIPT_ big,mr_small,big); +#endif +extern void mr_shift(_MIPT_ big,int,big); +extern miracl *mr_first_alloc(void); +extern void *mr_alloc(_MIPT_ int,int); +extern void mr_free(void *); +extern void set_user_function(_MIPT_ BOOL (*)(void)); +extern void set_io_buffer_size(_MIPT_ int); +extern int mr_testbit(_MIPT_ big,int); +extern int mr_window(_MIPT_ big,int,int *,int *); +extern int mr_window2(_MIPT_ big,big,int,int *,int *); +extern int mr_naf_window(_MIPT_ big,big,int,int *,int *); + +extern int mr_fft_init(_MIPT_ int,big,big,BOOL); +extern void mr_dif_fft(_MIPT_ int,int,mr_utype *); +extern void mr_dit_fft(_MIPT_ int,int,mr_utype *); +extern void fft_reset(_MIPTO_); + +extern int mr_poly_mul(_MIPT_ int,big*,int,big*,big*); +extern int mr_poly_sqr(_MIPT_ int,big*,big*); +extern void mr_polymod_set(_MIPT_ int,big*,big*); +extern int mr_poly_rem(_MIPT_ int,big *,big *); + +extern int mr_ps_big_mul(_MIPT_ int,big *,big *,big *); +extern int mr_ps_zzn_mul(_MIPT_ int,big *,big *,big *); + +extern mr_small muldiv(mr_small,mr_small,mr_small,mr_small,mr_small *); +extern mr_small muldvm(mr_small,mr_small,mr_small,mr_small *); +extern mr_small muldvd(mr_small,mr_small,mr_small,mr_small *); +extern void muldvd2(mr_small,mr_small,mr_small *,mr_small *); + +/* Group 1 - General purpose, I/O and basic arithmetic routines */ + +extern int igcd(int,int); +extern mr_small sgcd(mr_small,mr_small); +extern int isqrt(int,int); +extern void irand(_MIPT_ mr_unsign32); +extern mr_small brand(_MIPTO_ ); +extern void zero(flash); +extern void convert(_MIPT_ int,big); +extern void lgconv(_MIPT_ long,big); +extern flash mirvar(_MIPT_ int); +extern flash mirvar_mem(_MIPT_ char *,int); +extern void mirkill(big); +extern void *memalloc(_MIPT_ int); +extern void memkill(_MIPT_ char *,int); +extern void mr_init_threading(void); +extern void mr_end_threading(void); +extern miracl *get_mip(_MIPTO_ ); +extern miracl *mirsys(int,mr_small); +extern void mirexit(_MIPTO_ ); +extern int exsign(flash); +extern void insign(int,flash); +extern int getdig(_MIPT_ big,int); +extern int numdig(_MIPT_ big); +extern void putdig(_MIPT_ int,big,int); +extern void copy(flash,flash); +extern void negify(flash,flash); +extern void absol(flash,flash); +extern int size(big); +extern int compare(big,big); +extern void add(_MIPT_ big,big,big); +extern void subtract(_MIPT_ big,big,big); +extern void incr(_MIPT_ big,int,big); +extern void decr(_MIPT_ big,int,big); +extern void premult(_MIPT_ big,int,big); +extern int subdiv(_MIPT_ big,int,big); +extern BOOL subdivisible(_MIPT_ big,int); +extern int remain(_MIPT_ big,int); +extern void bytes_to_big(_MIPT_ int,char *,big); +extern int big_to_bytes(_MIPT_ int,big,char *,BOOL); +extern mr_small normalise(_MIPT_ big,big); +extern void multiply(_MIPT_ big,big,big); +extern void fft_mult(_MIPT_ big,big,big); +extern BOOL fastmultop(_MIPT_ int,big,big,big); +extern void divide(_MIPT_ big,big,big); +extern BOOL divisible(_MIPT_ big,big); +extern void mad(_MIPT_ big,big,big,big,big,big); +extern int instr(_MIPT_ flash,char *); +extern int otstr(_MIPT_ flash,char *); +extern int cinstr(_MIPT_ flash,char *); +extern int cotstr(_MIPT_ flash,char *); + +#ifndef MR_NO_FILE_IO + +extern int innum(_MIPT_ flash,FILE *); +extern int otnum(_MIPT_ flash,FILE *); +extern int cinnum(_MIPT_ flash,FILE *); +extern int cotnum(_MIPT_ flash,FILE *); + +#endif + +/* Group 2 - Advanced arithmetic routines */ + +extern mr_small smul(mr_small,mr_small,mr_small); +extern mr_small spmd(mr_small,mr_small,mr_small); +extern mr_small invers(mr_small,mr_small); +extern mr_small sqrmp(mr_small,mr_small); +extern int jac(mr_small,mr_small); + +extern void gprime(_MIPT_ int); +extern int jack(_MIPT_ big,big); +extern int egcd(_MIPT_ big,big,big); +extern int xgcd(_MIPT_ big,big,big,big,big); +extern int logb2(_MIPT_ big); +extern void expint(_MIPT_ int,int,big); +extern void sftbit(_MIPT_ big,int,big); +extern void power(_MIPT_ big,long,big,big); +extern void powmod(_MIPT_ big,big,big,big); +extern void powmod2(_MIPT_ big,big,big,big,big,big); +extern void powmodn(_MIPT_ int,big *,big *,big,big); +extern int powltr(_MIPT_ int,big,big,big); +extern BOOL double_inverse(_MIPT_ big,big,big,big,big); +extern BOOL multi_inverse(_MIPT_ int,big*,big,big*); +extern void lucas(_MIPT_ big,big,big,big,big); +extern BOOL nroot(_MIPT_ big,int,big); +extern BOOL sqroot(_MIPT_ big,big,big); +extern void bigrand(_MIPT_ big,big); +extern void bigdig(_MIPT_ int,int,big); +extern int trial_division(_MIPT_ big,big); +extern BOOL isprime(_MIPT_ big); +extern BOOL nxprime(_MIPT_ big,big); +extern BOOL nxsafeprime(_MIPT_ int,int,big,big); +extern BOOL crt_init(_MIPT_ big_chinese *,int,big *); +extern void crt(_MIPT_ big_chinese *,big *,big); +extern void crt_end(big_chinese *); +extern BOOL scrt_init(_MIPT_ small_chinese *,int,mr_utype *); +extern void scrt(_MIPT_ small_chinese*,mr_utype *,big); +extern void scrt_end(small_chinese *); +extern BOOL brick_init(_MIPT_ brick *,big,big,int); +extern void pow_brick(_MIPT_ brick *,big,big); +extern void brick_end(brick *); +extern BOOL ebrick_init(_MIPT_ ebrick *,big,big,big,big,big,int); +extern void ebrick_end(ebrick *); +extern int mul_brick(_MIPT_ ebrick*,big,big,big); +extern BOOL ebrick2_init(_MIPT_ ebrick2 *,big,big,big,big,int,int,int,int,int); +extern void ebrick2_end(ebrick2 *); +extern int mul2_brick(_MIPT_ ebrick2*,big,big,big); + +/* Montgomery stuff */ + +extern mr_small prepare_monty(_MIPT_ big); +extern void kill_monty(_MIPTO_ ); +extern void nres(_MIPT_ big,big); +extern void redc(_MIPT_ big,big); + +extern void nres_negate(_MIPT_ big,big); +extern void nres_modadd(_MIPT_ big,big,big); +extern void nres_modsub(_MIPT_ big,big,big); +extern void nres_premult(_MIPT_ big,int,big); +extern void nres_modmult(_MIPT_ big,big,big); +extern int nres_moddiv(_MIPT_ big,big,big); +extern void nres_dotprod(_MIPT_ int,big *,big *,big); +extern void nres_powmod(_MIPT_ big,big,big); +extern void nres_powltr(_MIPT_ int,big,big); +extern void nres_powmod2(_MIPT_ big,big,big,big,big); +extern void nres_powmodn(_MIPT_ int,big *,big *,big); +extern BOOL nres_sqroot(_MIPT_ big,big); +extern void nres_lucas(_MIPT_ big,big,big,big); +extern BOOL nres_double_inverse(_MIPT_ big,big,big,big); +extern BOOL nres_multi_inverse(_MIPT_ int,big *,big *); + +extern void shs_init(sha *); +extern void shs_process(sha *,int); +extern void shs_hash(sha *,char *); + +extern void shs256_init(sha256 *); +extern void shs256_process(sha256 *,int); +extern void shs256_hash(sha256 *,char *); + +#ifdef mr_unsign64 + +extern void shs512_init(sha512 *); +extern void shs512_process(sha512 *,int); +extern void shs512_hash(sha512 *,char *); + +extern void shs384_init(sha384 *); +extern void shs384_process(sha384 *,int); +extern void shs384_hash(sha384 *,char *); + +#endif + +extern BOOL aes_init(aes *,int,int,char *,char *); +extern void aes_getreg(aes *,char *); +extern mr_unsign32 aes_encrypt(aes *,char *); +extern mr_unsign32 aes_decrypt(aes *,char *); +extern void aes_reset(aes *,int,char *); +extern void aes_end(aes *); + +extern void strong_init(csprng *,int,char *,mr_unsign32); +extern int strong_rng(csprng *); +extern void strong_bigrand(_MIPT_ csprng *,big,big); +extern void strong_bigdig(_MIPT_ csprng *,int,int,big); +extern void strong_kill(csprng *); + +/* special modular multipliers */ + +extern void comba_mult(_MIPT_ big,big,big); +extern void comba_square(_MIPT_ big,big); +extern void comba_redc(_MIPT_ big,big); +extern void comba_add(_MIPT_ big,big,big); +extern void comba_sub(_MIPT_ big,big,big); + +extern void fastmodmult(_MIPT_ big,big,big); +extern void fastmodsquare(_MIPT_ big,big); + +extern void kcm_mul(_MIPT_ big,big,big); +extern void kcm_sqr(_MIPT_ big,big); +extern void kcm_redc(_MIPT_ big,big); + +extern void kcm_multiply(_MIPT_ int,big,big,big); +extern void kcm_square(_MIPT_ int,big,big); +extern BOOL kcm_top(_MIPT_ int,big,big,big); + +/* elliptic curve stuff */ + +extern BOOL point_at_infinity(epoint *); + +extern void ecurve_init(_MIPT_ big,big,big,int); +extern big ecurve_add(_MIPT_ epoint *,epoint *); +extern big ecurve_sub(_MIPT_ epoint *,epoint *); +extern void ecurve_double_add(_MIPT_ epoint *,epoint *,epoint *,epoint *,big *,big *); +extern void ecurve_multi_add(_MIPT_ int,epoint **,epoint **); +extern void ecurve_mult(_MIPT_ big,epoint *,epoint *); +extern void ecurve_mult2(_MIPT_ big,epoint *,big,epoint *,epoint *); +extern void ecurve_multn(_MIPT_ int,big *,epoint**,epoint *); + +extern epoint* epoint_init(_MIPTO_ ); +extern BOOL epoint_set(_MIPT_ big,big,int,epoint*); +extern int epoint_get(_MIPT_ epoint*,big,big); +extern void epoint_getxyz(_MIPT_ epoint *,big,big,big); +extern int epoint_norm(_MIPT_ epoint *); +extern void epoint_free(epoint *); +extern void epoint_copy(epoint *,epoint *); +extern BOOL epoint_comp(_MIPT_ epoint *,epoint *); +extern void epoint_negate(_MIPT_ epoint *); + +extern BOOL ecurve2_init(_MIPT_ int,int,int,int,big,big,BOOL,int); +extern big ecurve2_add(_MIPT_ epoint *,epoint *); +extern big ecurve2_sub(_MIPT_ epoint *,epoint *); +extern void ecurve2_multi_add(_MIPT_ int,epoint **,epoint **); +extern void ecurve2_mult(_MIPT_ big,epoint *,epoint *); +extern void ecurve2_mult2(_MIPT_ big,epoint *,big,epoint *,epoint *); +extern void ecurve2_multn(_MIPT_ int,big *,epoint**,epoint *); + +extern epoint* epoint2_init(_MIPTO_ ); +extern BOOL epoint2_set(_MIPT_ big,big,int,epoint*); +extern int epoint2_get(_MIPT_ epoint*,big,big); +extern void epoint2_getxyz(_MIPT_ epoint *,big,big,big); +extern int epoint2_norm(_MIPT_ epoint *); +extern void epoint2_free(epoint *); +extern void epoint2_copy(epoint *,epoint *); +extern BOOL epoint2_comp(_MIPT_ epoint *,epoint *); +extern void epoint2_negate(_MIPT_ epoint *); + +/* GF(2) stuff */ + +extern BOOL prepare_basis(_MIPT_ int,int,int,int,BOOL); +extern void add2(big,big,big); +extern void incr2(big,int,big); +extern void reduce2(_MIPT_ big,big); +extern void modmult2(_MIPT_ big,big,big); +extern void power2(_MIPT_ big,int,big); +extern void sqroot2(_MIPT_ big,big); +extern BOOL inverse2(_MIPT_ big,big); +extern void karmul2(int,mr_small *,mr_small *,mr_small *,mr_small *); +extern void karmul2_poly(_MIPT_ int,big *,big *,big *,big *); +extern void karmul2_poly_upper(_MIPT_ int,big *,big *,big *,big *); +extern void gf2m_dotprod(_MIPT_ int,big *,big *,big); +extern int trace2(_MIPT_ big); + +/* Group 3 - Floating-slash routines */ + +#ifdef MR_FLASH +extern void fpack(_MIPT_ big,big,flash); +extern void numer(_MIPT_ flash,big); +extern void denom(_MIPT_ flash,big); +extern BOOL fit(big,big,int); +extern void build(_MIPT_ flash,int (*)(_MIPT_ big,int)); +extern void mround(_MIPT_ big,big,flash); +extern void flop(_MIPT_ flash,flash,int *,flash); +extern void fmul(_MIPT_ flash,flash,flash); +extern void fdiv(_MIPT_ flash,flash,flash); +extern void fadd(_MIPT_ flash,flash,flash); +extern void fsub(_MIPT_ flash,flash,flash); +extern int fcomp(_MIPT_ flash,flash); +extern void fconv(_MIPT_ int,int,flash); +extern void frecip(_MIPT_ flash,flash); +extern void ftrunc(_MIPT_ flash,big,flash); +extern void fmodulo(_MIPT_ flash,flash,flash); +extern void fpmul(_MIPT_ flash,int,int,flash); +extern void fincr(_MIPT_ flash,int,int,flash); +extern void dconv(_MIPT_ double,flash); +extern double fdsize(_MIPT_ flash); +extern void frand(_MIPT_ flash); + +/* Group 4 - Advanced Flash routines */ + +extern void fpower(_MIPT_ flash,int,flash); +extern BOOL froot(_MIPT_ flash,int,flash); +extern void fpi(_MIPT_ flash); +extern void fexp(_MIPT_ flash,flash); +extern void flog(_MIPT_ flash,flash); +extern void fpowf(_MIPT_ flash,flash,flash); +extern void ftan(_MIPT_ flash,flash); +extern void fatan(_MIPT_ flash,flash); +extern void fsin(_MIPT_ flash,flash); +extern void fasin(_MIPT_ flash,flash); +extern void fcos(_MIPT_ flash,flash); +extern void facos(_MIPT_ flash,flash); +extern void ftanh(_MIPT_ flash,flash); +extern void fatanh(_MIPT_ flash,flash); +extern void fsinh(_MIPT_ flash,flash); +extern void fasinh(_MIPT_ flash,flash); +extern void fcosh(_MIPT_ flash,flash); +extern void facosh(_MIPT_ flash,flash); +#endif + + +/* Test predefined Macros to determine compiler type, and hopefully + selectively use fast in-line assembler (or other compiler specific + optimisations. Note I am unsure of Microsoft version numbers. So I + suspect are Microsoft. + + Note: It seems to be impossible to get the 16-bit Microsoft compiler + to allow inline 32-bit op-codes. So I suspect that INLINE_ASM == 2 will + never work with it. Pity. + +#define INLINE_ASM 1 -> generates 8086 inline assembly +#define INLINE_ASM 2 -> generates mixed 8086 & 80386 inline assembly, + so you can get some benefit while running in a + 16-bit environment on 32-bit hardware (DOS, Windows + 3.1...) +#define INLINE_ASM 3 -> generate true 80386 inline assembly - (Using DOS + extender, Windows '95/Windows NT) + Actually optimised for Pentium + +#define INLINE_ASM 4 -> 80386 code in the GNU style (for (DJGPP) + +Small, medium, compact and large memory models are supported for the +first two of the above. + +*/ + +#ifndef MR_NOASM + +/* Itanium - inline the time-critical functions */ + + #ifdef MR_ITANIUM + #define muldvd(a,b,c,rp) (tm=_m64_xmahu((a),(b),(c)),*(rp)=_m64_xmalu((a),(b),(c)),tm) + #define muldvd2(a,b,c,rp) (tm=_m64_xmalu((a),(b),(*(c))),*(c)=_m64_xmahu((a),(b),(*(c))),tm+=*(rp),*(c)+=(tm<*(rp)),*(rp)=tm) + #endif + + +/* Borland C/Turbo C */ + + #ifdef __TURBOC__ + #ifndef __HUGE__ + #define ASM asm + #if defined(__COMPACT__) || defined(__LARGE__) + #define MR_LMM + #endif + + #if MIRACL==16 + #define INLINE_ASM 1 + #endif + + #if __TURBOC__>=0x410 + #if MIRACL==32 +#if defined(__SMALL__) || defined(__MEDIUM__) || defined(__LARGE__) || defined(__COMPACT__) + #define INLINE_ASM 2 + #else + #define INLINE_ASM 3 + #endif + #endif + #endif + #endif + #endif + +/* Microsoft C */ + + #ifdef _MSC_VER + #ifndef M_I86HM + #define ASM _asm + #if defined(M_I86CM) || defined(M_I86LM) + #define MR_LMM + #endif + #if _MSC_VER>=600 + #if MIRACL==16 + #define INLINE_ASM 1 + #endif + #endif + #if _MSC_VER>=1000 + #if MIRACL==32 + #define INLINE_ASM 3 + #endif + #endif + #endif + #endif + +/* DJGPP GNU C */ + + #ifdef __GNUC__ + #ifdef i386 + #define ASM __asm__ __volatile__ + #if MIRACL==32 + #define INLINE_ASM 4 + #endif + #endif + #endif + +#endif + +/* + The following contribution is from Tielo Jongmans, Netherlands + These inline assembler routines are suitable for Watcom 10.0 and up + + Added into miracl.h. Notice the override of the original declarations + of these routines, which should be removed. + + The following pragma is optional, it is dangerous, but it saves a + calling sequence +*/ + +/* + +#pragma off (check_stack); + +extern unsigned int muldiv(unsigned int, unsigned int, unsigned int, unsigned int, unsigned int *); +#pragma aux muldiv= \ + "mul edx" \ + "add eax,ebx" \ + "adc edx,0" \ + "div ecx" \ + "mov [esi],edx" \ + parm [eax] [edx] [ebx] [ecx] [esi] \ + value [eax] \ + modify [eax edx]; + +extern unsigned int muldvm(unsigned int, unsigned int, unsigned int, unsigned int *); +#pragma aux muldvm= \ + "div ebx" \ + "mov [ecx],edx" \ + parm [edx] [eax] [ebx] [ecx] \ + value [eax] \ + modify [eax edx]; + +extern unsigned int muldvd(unsigned int, unsigned int, unsigned int, unsigned int *); +#pragma aux muldvd= \ + "mul edx" \ + "add eax,ebx" \ + "adc edx,0" \ + "mov [ecx],eax" \ + "mov eax,edx" \ + parm [eax] [edx] [ebx] [ecx] \ + value [eax] \ + modify [eax edx]; + +*/ + + +#endif + + Index: tags/arelease/src/mrshs.c =================================================================== --- tags/arelease/src/mrshs.c (nonexistent) +++ tags/arelease/src/mrshs.c (revision 3) @@ -0,0 +1,157 @@ +/* + * Implementation of the Secure Hashing Standard (SHS) + * specified for use with the NIST Digital Signature Standard (DSS) + * + * Generates a 160 bit message digest. It should be impossible to come + * come up with two messages that hash to the same value ("collision free"). + * + * For use with byte-oriented messages only. Could/Should be speeded + * up by unwinding loops in shs_transform(), and assembly patches. + */ + +#include +#include "miracl.h" + /* for definition of mr_unsign32 & prototypes */ +#define FIX + +/* Include this #define in order to implement the + rather mysterious 'fix' to SHS + + With this definition in, SHA-1 is implemented + Without this definition, SHA-0 is implemented +*/ + + +#define H0 0x67452301L +#define H1 0xefcdab89L +#define H2 0x98badcfeL +#define H3 0x10325476L +#define H4 0xc3d2e1f0L + +#define K0 0x5a827999L +#define K1 0x6ed9eba1L +#define K2 0x8f1bbcdcL +#define K3 0xca62c1d6L + +#define PAD 0x80 +#define ZERO 0 + +/* functions */ + +#define S(n,x) (((x)<>(32-n))) + +#define F0(x,y,z) (z^(x&(y^z))) +#define F1(x,y,z) (x^y^z) +#define F2(x,y,z) ((x&y) | (z&(x|y))) +#define F3(x,y,z) (x^y^z) + +static void shs_transform(sha *sh) +{ /* basic transformation step */ + mr_unsign32 a,b,c,d,e,temp; + int t; +#ifdef FIX + for (t=16;t<80;t++) sh->w[t]=S(1,sh->w[t-3]^sh->w[t-8]^sh->w[t-14]^sh->w[t-16]); +#else + for (t=16;t<80;t++) sh->w[t]=sh->w[t-3]^sh->w[t-8]^sh->w[t-14]^sh->w[t-16]; +#endif + a=sh->h[0]; b=sh->h[1]; c=sh->h[2]; d=sh->h[3]; e=sh->h[4]; + for (t=0;t<20;t++) + { /* 20 times - mush it up */ + temp=K0+F0(b,c,d)+S(5,a)+e+sh->w[t]; + e=d; d=c; + c=S(30,b); + b=a; a=temp; + } + for (t=20;t<40;t++) + { /* 20 more times - mush it up */ + temp=K1+F1(b,c,d)+S(5,a)+e+sh->w[t]; + e=d; d=c; + c=S(30,b); + b=a; a=temp; + } + for (t=40;t<60;t++) + { /* 20 more times - mush it up */ + temp=K2+F2(b,c,d)+S(5,a)+e+sh->w[t]; + e=d; d=c; + c=S(30,b); + b=a; a=temp; + } + for (t=60;t<80;t++) + { /* 20 more times - mush it up */ + temp=K3+F3(b,c,d)+S(5,a)+e+sh->w[t]; + e=d; d=c; + c=S(30,b); + b=a; a=temp; + } + sh->h[0]+=a; sh->h[1]+=b; sh->h[2]+=c; + sh->h[3]+=d; sh->h[4]+=e; +} + +void shs_init(sha *sh) +{ /* re-initialise */ + int i; + for (i=0;i<80;i++) sh->w[i]=0L; + sh->length[0]=sh->length[1]=0L; + sh->h[0]=H0; + sh->h[1]=H1; + sh->h[2]=H2; + sh->h[3]=H3; + sh->h[4]=H4; +} + +void shs_process(sha *sh,int byte) +{ /* process the next message byte */ + int cnt; + + cnt=(int)((sh->length[0]/32)%16); + + sh->w[cnt]<<=8; + sh->w[cnt]|=(mr_unsign32)(byte&0xFF); + + sh->length[0]+=8; + if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } + if ((sh->length[0]%512)==0) shs_transform(sh); +} + +void shs_hash(sha *sh,char hash[20]) +{ /* pad message and finish - supply digest */ + int i; + mr_unsign32 len0,len1; + len0=sh->length[0]; + len1=sh->length[1]; + shs_process(sh,PAD); + while ((sh->length[0]%512)!=448) shs_process(sh,ZERO); + sh->w[14]=len1; + sh->w[15]=len0; + shs_transform(sh); + for (i=0;i<20;i++) + { /* convert to bytes */ + hash[i]=((sh->h[i/4]>>(8*(3-i%4))) & 0xffL); + } + shs_init(sh); +} + +/* test program: should produce digest + + 84983e44 1c3bd26e baae4aa1 f95129e5 e54670f1 + +#include +#include "miracl.h" + +char test[]="abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; + +int main() +{ + char hash[20]; + int i; + sha sh; + shs_init(&sh); + for (i=0;test[i]!=0;i++) shs_process(&sh,test[i]); + shs_hash(&sh,hash); + for (i=0;i<20;i++) printf("%02x",(unsigned char)hash[i]); + printf("\n"); + return 0; +} + +*/ + Index: tags/arelease/sim/sha512.do =================================================================== --- tags/arelease/sim/sha512.do (nonexistent) +++ tags/arelease/sim/sha512.do (revision 3) @@ -0,0 +1,62 @@ +#--------------------------------------------------------------------- +# Project name : SHA-512/384 +# Project description : Secure Hash Algorithm (SHA-512/384) +# +# File name : sha512.do +# +# Design Engineer : marsgod +# Quality Engineer : marsgod +# Version : 1.0 +# Last modification : 2004-05-10 +#--------------------------------------------------------------------- + +transcript off +# ------------------------------------------------------------------- # +# Directories location +# ------------------------------------------------------------------- # + +set source_dir rtl +set tb_dir bench +set work_dir sim/modelsim_lib + +# ------------------------------------------------------------------- # +# Maping destination directory for core of model +# ------------------------------------------------------------------- # + +vlib $work_dir +vmap SHA_LIB $work_dir +transcript on + + +# ------------------------------------------------------------------- # +# Compiling components of core +# ------------------------------------------------------------------- # + +transcript off +vlog -work SHA_LIB +incdir+$source_dir $source_dir/sha512.v + + +# ------------------------------------------------------------------- # +# Compiling Test Bench +# ------------------------------------------------------------------- # + +vlog -work SHA_LIB $tb_dir/test_sha512.v + +transcript on + + +# ------------------------------------------------------------------- # +# Loading the Test Bench +# ------------------------------------------------------------------- # + +transcript off +vsim +nowarnTFMPC +nowarnTSCALE -t ns -lib SHA_LIB test_sha + +transcript on + + +transcript on + +do wave.do + +run 1ms Index: tags/arelease/sim/sha256.do =================================================================== --- tags/arelease/sim/sha256.do (nonexistent) +++ tags/arelease/sim/sha256.do (revision 3) @@ -0,0 +1,62 @@ +#--------------------------------------------------------------------- +# Project name : SHA-256 +# Project description : Secure Hash Algorithm (SHA-256) +# +# File name : sha256.do +# +# Design Engineer : marsgod +# Quality Engineer : marsgod +# Version : 1.0 +# Last modification : 2004-05-10 +#--------------------------------------------------------------------- + +transcript off +# ------------------------------------------------------------------- # +# Directories location +# ------------------------------------------------------------------- # + +set source_dir rtl +set tb_dir bench +set work_dir sim/modelsim_lib + +# ------------------------------------------------------------------- # +# Maping destination directory for core of model +# ------------------------------------------------------------------- # + +vlib $work_dir +vmap SHA_LIB $work_dir +transcript on + + +# ------------------------------------------------------------------- # +# Compiling components of core +# ------------------------------------------------------------------- # + +transcript off +vlog -work SHA_LIB +incdir+$source_dir $source_dir/sha256.v + + +# ------------------------------------------------------------------- # +# Compiling Test Bench +# ------------------------------------------------------------------- # + +vlog -work SHA_LIB $tb_dir/test_sha256.v + +transcript on + + +# ------------------------------------------------------------------- # +# Loading the Test Bench +# ------------------------------------------------------------------- # + +transcript off +vsim +nowarnTFMPC +nowarnTSCALE -t ns -lib SHA_LIB test_sha + +transcript on + + +transcript on + +do wave.do + +run 1ms Index: tags/arelease/sim/sha1.do =================================================================== --- tags/arelease/sim/sha1.do (nonexistent) +++ tags/arelease/sim/sha1.do (revision 3) @@ -0,0 +1,62 @@ +#--------------------------------------------------------------------- +# Project name : SHA-160 +# Project description : Secure Hash Algorithm (SHA-160) +# +# File name : sha1.do +# +# Design Engineer : marsgod +# Quality Engineer : marsgod +# Version : 1.0 +# Last modification : 2004-05-10 +#--------------------------------------------------------------------- + +transcript off +# ------------------------------------------------------------------- # +# Directories location +# ------------------------------------------------------------------- # + +set source_dir rtl +set tb_dir bench +set work_dir sim/modelsim_lib + +# ------------------------------------------------------------------- # +# Maping destination directory for core of model +# ------------------------------------------------------------------- # + +vlib $work_dir +vmap SHA_LIB $work_dir +transcript on + + +# ------------------------------------------------------------------- # +# Compiling components of core +# ------------------------------------------------------------------- # + +transcript off +vlog -work SHA_LIB +incdir+$source_dir $source_dir/sha1.v + + +# ------------------------------------------------------------------- # +# Compiling Test Bench +# ------------------------------------------------------------------- # + +vlog -work SHA_LIB $tb_dir/test_sha1.v + +transcript on + + +# ------------------------------------------------------------------- # +# Loading the Test Bench +# ------------------------------------------------------------------- # + +transcript off +vsim +nowarnTFMPC +nowarnTSCALE -t ns -lib SHA_LIB test_sha + +transcript on + + +transcript on + +do wave.do + +run 1ms

powered by: WebSVN 2.1.0

© copyright 1999-2024 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.