OpenCores
URL https://opencores.org/ocsvn/sha_core/sha_core/trunk

Subversion Repositories sha_core

Compare Revisions

  • This comparison shows the changes necessary to convert path 
    /
    from Rev 3 to Rev 4
    Reverse comparison
  •

Rev 3 → Rev 4

/tags/arelease/bench/test_sha1.v File deleted \ No newline at end of file
/tags/arelease/bench/test_sha512.v File deleted \ No newline at end of file
/tags/arelease/bench/test_sha256.v File deleted \ No newline at end of file
/tags/arelease/rtl/sha256.v File deleted
/tags/arelease/rtl/sha1.v File deleted \ No newline at end of file
/tags/arelease/rtl/sha512.v File deleted
/tags/arelease/doc/Secure Hash Algorithm IP Core.doc Cannot display: file marked as a binary type. svn:mime-type = application/octet-stream
/tags/arelease/doc/Secure Hash Algorithm IP Core.doc
tags/arelease/doc/Secure Hash Algorithm IP Core.doc Property changes : Deleted: svn:mime-type ## -1 +0,0 ## -application/octet-stream \ No newline at end of property Index: tags/arelease/doc/Secure Hash Algorithm IP Core.pdf =================================================================== Cannot display: file marked as a binary type. svn:mime-type = application/octet-stream Index: tags/arelease/doc/Secure Hash Algorithm IP Core.pdf =================================================================== --- tags/arelease/doc/Secure Hash Algorithm IP Core.pdf (revision 3) +++ tags/arelease/doc/Secure Hash Algorithm IP Core.pdf (nonexistent)
tags/arelease/doc/Secure Hash Algorithm IP Core.pdf Property changes : Deleted: svn:mime-type ## -1 +0,0 ## -application/octet-stream \ No newline at end of property Index: tags/arelease/src/mrshs256.c =================================================================== --- tags/arelease/src/mrshs256.c (revision 3) +++ tags/arelease/src/mrshs256.c (nonexistent) @@ -1,144 +0,0 @@ -/* - * Implementation of the Secure Hashing Algorithm (SHA-256) - * - * Generates a 256 bit message digest. It should be impossible to come - * come up with two messages that hash to the same value ("collision free"). - * - * For use with byte-oriented messages only. Could/Should be speeded - * up by unwinding loops in shs_transform(), and assembly patches. - */ - -#include -#include "miracl.h" - -#define H0 0x6A09E667L -#define H1 0xBB67AE85L -#define H2 0x3C6EF372L -#define H3 0xA54FF53AL -#define H4 0x510E527FL -#define H5 0x9B05688CL -#define H6 0x1F83D9ABL -#define H7 0x5BE0CD19L - -static mr_unsign32 K[64]={ -0x428a2f98L,0x71374491L,0xb5c0fbcfL,0xe9b5dba5L,0x3956c25bL,0x59f111f1L,0x923f82a4L,0xab1c5ed5L, -0xd807aa98L,0x12835b01L,0x243185beL,0x550c7dc3L,0x72be5d74L,0x80deb1feL,0x9bdc06a7L,0xc19bf174L, -0xe49b69c1L,0xefbe4786L,0x0fc19dc6L,0x240ca1ccL,0x2de92c6fL,0x4a7484aaL,0x5cb0a9dcL,0x76f988daL, -0x983e5152L,0xa831c66dL,0xb00327c8L,0xbf597fc7L,0xc6e00bf3L,0xd5a79147L,0x06ca6351L,0x14292967L, -0x27b70a85L,0x2e1b2138L,0x4d2c6dfcL,0x53380d13L,0x650a7354L,0x766a0abbL,0x81c2c92eL,0x92722c85L, -0xa2bfe8a1L,0xa81a664bL,0xc24b8b70L,0xc76c51a3L,0xd192e819L,0xd6990624L,0xf40e3585L,0x106aa070L, -0x19a4c116L,0x1e376c08L,0x2748774cL,0x34b0bcb5L,0x391c0cb3L,0x4ed8aa4aL,0x5b9cca4fL,0x682e6ff3L, -0x748f82eeL,0x78a5636fL,0x84c87814L,0x8cc70208L,0x90befffaL,0xa4506cebL,0xbef9a3f7L,0xc67178f2L}; - -#define PAD 0x80 -#define ZERO 0 - -/* functions */ - -#define S(n,x) (((x)>>n) | ((x)<<(32-n))) -#define R(n,x) ((x)>>n) - -#define Ch(x,y,z) ((x&y)^(~(x)&z)) -#define Maj(x,y,z) ((x&y)^(x&z)^(y&z)) -#define Sig0(x) (S(2,x)^S(13,x)^S(22,x)) -#define Sig1(x) (S(6,x)^S(11,x)^S(25,x)) -#define theta0(x) (S(7,x)^S(18,x)^R(3,x)) -#define theta1(x) (S(17,x)^S(19,x)^R(10,x)) - -static void shs_transform(sha256 *sh) -{ /* basic transformation step */ - mr_unsign32 a,b,c,d,e,f,g,h,t1,t2; - int j; - for (j=16;j<64;j++) - sh->w[j]=theta1(sh->w[j-2])+sh->w[j-7]+theta0(sh->w[j-15])+sh->w[j-16]; - - a=sh->h[0]; b=sh->h[1]; c=sh->h[2]; d=sh->h[3]; - e=sh->h[4]; f=sh->h[5]; g=sh->h[6]; h=sh->h[7]; - - for (j=0;j<64;j++) - { /* 64 times - mush it up */ - t1=h+Sig1(e)+Ch(e,f,g)+K[j]+sh->w[j]; - t2=Sig0(a)+Maj(a,b,c); - h=g; g=f; f=e; - e=d+t1; - d=c; - c=b; - b=a; - a=t1+t2; - } - sh->h[0]+=a; sh->h[1]+=b; sh->h[2]+=c; sh->h[3]+=d; - sh->h[4]+=e; sh->h[5]+=f; sh->h[6]+=g; sh->h[7]+=h; -} - -void shs256_init(sha256 *sh) -{ /* re-initialise */ - int i; - for (i=0;i<64;i++) sh->w[i]=0L; - sh->length[0]=sh->length[1]=0L; - sh->h[0]=H0; - sh->h[1]=H1; - sh->h[2]=H2; - sh->h[3]=H3; - sh->h[4]=H4; - sh->h[5]=H5; - sh->h[6]=H6; - sh->h[7]=H7; -} - -void shs256_process(sha256 *sh,int byte) -{ /* process the next message byte */ - int cnt; - - cnt=(int)((sh->length[0]/32)%16); - - sh->w[cnt]<<=8; - sh->w[cnt]|=(mr_unsign32)(byte&0xFF); - - sh->length[0]+=8; - if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } - if ((sh->length[0]%512)==0) shs_transform(sh); -} - -void shs256_hash(sha256 *sh,char hash[32]) -{ /* pad message and finish - supply digest */ - int i; - mr_unsign32 len0,len1; - len0=sh->length[0]; - len1=sh->length[1]; - shs256_process(sh,PAD); - while ((sh->length[0]%512)!=448) shs256_process(sh,ZERO); - sh->w[14]=len1; - sh->w[15]=len0; - shs_transform(sh); - for (i=0;i<32;i++) - { /* convert to bytes */ - hash[i]=((sh->h[i/4]>>(8*(3-i%4))) & 0xffL); - } - shs256_init(sh); -} - -/* test program: should produce digest - -248d6a61 d20638b8 e5c02693 0c3e6039 a33ce459 64ff2167 f6ecedd4 19db06c1 - - -#include -#include "miracl.h" - -char test[]="abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; - -int main() -{ - char hash[32]; - int i; - sha256 sh; - shs256_init(&sh); - for (i=0;test[i]!=0;i++) shs256_process(&sh,test[i]); - shs256_hash(&sh,hash); - for (i=0;i<32;i++) printf("%02x",(unsigned char)hash[i]); - printf("\n"); - return 0; -} - -*/ - Index: tags/arelease/src/mirdef.h =================================================================== --- tags/arelease/src/mirdef.h (revision 3) +++ tags/arelease/src/mirdef.h (nonexistent) @@ -1,21 +0,0 @@ -/* - * MIRACL compiler/hardware definitions - mirdef.h - * Copyright (c) 1988-2002 Shamus Software Ltd. - */ -#define MR_COMBA 6 -#define MR_LITTLE_ENDIAN -#define MIRACL 32 -#define mr_utype int -#define MR_IBITS 32 -#define MR_LBITS 32 -#define mr_unsign32 unsigned int -#define mr_dltype __int64 -#define mr_unsign64 unsigned __int64 -#define MR_STRIPPED_DOWN -#define MAXBASE ((mr_small)1<<(MIRACL-1)) -#define MR_BITSINCHAR 8 - -#define MR_NO_FILE_IO -#define NULL ((void *)0) - - Index: tags/arelease/src/miracl.h =================================================================== --- tags/arelease/src/miracl.h (revision 3) +++ tags/arelease/src/miracl.h (nonexistent) @@ -1,941 +0,0 @@ -#ifndef MIRACL_H -#define MIRACL_H - -/* - * main MIRACL header - miracl.h. - * - * Copyright (c) 1988-2001 Shamus Software Ltd. - */ - -#include "mirdef.h" - -#ifdef __ia64__ -#if MIRACL==64 -#define MR_ITANIUM -#include -#endif -#endif - -#ifdef MR_FP -#include -#endif - -#ifndef MR_NO_FILE_IO -#include -#endif - /* error returns */ - -#define MR_ERR_BASE_TOO_BIG 1 -#define MR_ERR_DIV_BY_ZERO 2 -#define MR_ERR_OVERFLOW 3 -#define MR_ERR_NEG_RESULT 4 -#define MR_ERR_BAD_FORMAT 5 -#define MR_ERR_BAD_BASE 6 -#define MR_ERR_BAD_PARAMETERS 7 -#define MR_ERR_OUT_OF_MEMORY 8 -#define MR_ERR_NEG_ROOT 9 -#define MR_ERR_NEG_POWER 10 -#define MR_ERR_BAD_ROOT 11 -#define MR_ERR_INT_OP 12 -#define MR_ERR_FLASH_OVERFLOW 13 -#define MR_ERR_TOO_BIG 14 -#define MR_ERR_NEG_LOG 15 -#define MR_ERR_DOUBLE_FAIL 16 -#define MR_ERR_IO_OVERFLOW 17 -#define MR_ERR_NO_MIRSYS 18 -#define MR_ERR_BAD_MODULUS 19 -#define MR_ERR_NO_MODULUS 20 -#define MR_ERR_EXP_TOO_BIG 21 -#define MR_ERR_NOT_SUPPORTED 22 -#define MR_ERR_NOT_DOUBLE_LEN 23 -#define MR_ERR_NOT_IRREDUC 24 -#define MR_ERR_NO_ROUNDING 25 - - /* some useful definitions */ - - - -#define forever for(;;) - -#ifndef TRUE - #define TRUE 1 -#endif -#ifndef FALSE - #define FALSE 0 -#endif - -#define OFF 0 -#define ON 1 -#define PLUS 1 -#define MINUS (-1) - -#define MR_MAXDEPTH 24 - /* max routine stack depth */ -/* big and flash variables consist of an encoded length, * - * and an array of mr_smalls containing the digits */ - -typedef int BOOL; - -#define MR_BYTE unsigned char - -#ifdef MR_BITSINCHAR - #if MR_BITSINCHAR == 8 - #define MR_TOBYTE(x) ((MR_BYTE)(x)) - #else - #define MR_TOBYTE(x) ((MR_BYTE)((x)&0xFF)) - #endif -#else - #define MR_TOBYTE(x) ((MR_BYTE)(x)) -#endif - -#ifdef MR_FP - - typedef mr_utype mr_small; - #ifdef mr_dltype - typedef mr_dltype mr_large; - #endif - - #define MR_DIV(a,b) (modf((a)/(b),&dres),dres) - - #ifdef MR_FP_ROUNDING - -/* slightly dicey - the optimizer might remove the MAGIC ! */ - - #define MR_LROUND(a) ( ( (a) + MR_MAGIC ) - MR_MAGIC ) - #else - #define MR_LROUND(a) (modfl((a),&ldres),ldres) - #endif - - #define MR_REMAIN(a,b) ((a)-(b)*MR_DIV((a),(b))) - -#else - - typedef unsigned mr_utype mr_small; - #ifdef mr_dltype - typedef unsigned mr_dltype mr_large; - #endif - - #define MR_DIV(a,b) ((a)/(b)) - #define MR_REMAIN(a,b) ((a)%(b)) - #define MR_LROUND(a) ((a)) -#endif - -struct bigtype -{ - mr_unsign32 len; - mr_small *w; -}; - -typedef struct bigtype *big; -typedef big zzn; - -/* Macro to create big x on the stack - x_t and x_g must be distinct variables - By convention use like this. See brute.c and identity.c for examples - - BIG(x,x_t,x_g,10) - BIG(y,y_t,y_g,10) - -*/ - -#define BIG(x,xt,xg,s) mr_small xg[s]; struct bigtype xt={s,xg}; big x=&xt; - -typedef big flash; - -#define MR_MSBIT ((mr_unsign32)1<<31) -#define MR_OBITS (MR_MSBIT-1) - -#if MIRACL >= MR_IBITS -#define MR_TOOBIG (1<<(MR_IBITS-2)) -#else -#define MR_TOOBIG (1<<(MIRACL-1)) -#endif - -#ifdef MR_FLASH -#define MR_EBITS (8*sizeof(double) - MR_FLASH) - /* no of Bits per double exponent */ -#define MR_BTS 16 -#define MR_MSK 0xFFFF - -#endif - -#define MR_HASH_BYTES 20 - -/* Marsaglia & Zaman Random number generator */ -/* constants alternatives */ -#define NK 37 /* 21 */ -#define NJ 24 /* 6 */ -#define NV 14 /* 8 */ - - -#ifdef MR_LITTLE_ENDIAN -#define MR_TOP(x) (*(((mr_small *)&(x))+1)) -#define MR_BOT(x) (*(((mr_small *)&(x)))) -#endif -#ifdef MR_BIG_ENDIAN -#define MR_TOP(x) (*(((mr_small *)&(x)))) -#define MR_BOT(x) (*(((mr_small *)&(x))+1)) -#endif - -/* chinese remainder theorem structures */ - -typedef struct { -big *C; -big *V; -big *M; -int NP; -} big_chinese; - -typedef struct { -mr_utype *C; -mr_utype *V; -mr_utype *M; -int NP; -} small_chinese; - -/* Cryptographically strong pseudo-random number generator */ - -typedef struct { -mr_unsign32 ira[NK]; /* random number... */ -int rndptr; /* ...array & pointer */ -mr_unsign32 borrow; -int pool_ptr; -char pool[MR_HASH_BYTES]; /* random pool */ -} csprng; - -/* secure hash Algorithm structure */ - -typedef struct { -mr_unsign32 length[2]; -mr_unsign32 h[8]; -mr_unsign32 w[80]; -} sha256; - -typedef sha256 sha; - -#ifdef mr_unsign64 - -typedef struct { -mr_unsign64 length[2]; -mr_unsign64 h[8]; -mr_unsign64 w[80]; -} sha512; - -typedef sha512 sha384; - -#endif - -/* advanced encryption algorithm structure */ - -#define MR_ECB 0 -#define MR_CBC 1 -#define MR_CFB1 2 -#define MR_CFB2 3 -#define MR_CFB4 5 -#define MR_PCFB1 10 -#define MR_PCFB2 11 -#define MR_PCFB4 13 -#define MR_OFB1 14 -#define MR_OFB2 15 -#define MR_OFB4 17 -#define MR_OFB8 21 -#define MR_OFB16 29 - -typedef struct { -int Nk,Nr; -int mode; -mr_unsign32 fkey[60]; -mr_unsign32 rkey[60]; -char f[16]; -} aes; - - - /* Elliptic curve point status */ - -#define MR_EPOINT_GENERAL 0 -#define MR_EPOINT_NORMALIZED 1 -#define MR_EPOINT_INFINITY 2 - -#define MR_PROJECTIVE 0 -#define MR_AFFINE 1 - - -/* Elliptic Curve epoint structure. Uses projective (X,Y,Z) co-ordinates */ - -typedef struct { -big X; -big Y; -big Z; -int marker; -} epoint; - - -/* Structure for Brickell method for finite * - field exponentiation with precomputation */ - -typedef struct { - big *table; - big n; - int base; - int store; -} brick; - -/* Structure for Brickell method for elliptic * - curve exponentiation with precomputation */ - -typedef struct { - epoint **table; - big a,b,n; - int base; - int store; -} ebrick; - -typedef struct { - epoint **table; - big a6,a2; - int m,a,b,c; - int base; - int store; -} ebrick2; - -/* main MIRACL instance structure */ - -typedef struct { -mr_small base; /* number base */ -mr_small apbase; /* apparent base */ -int pack; /* packing density */ -int lg2b; /* bits in base */ -mr_small base2; /* 2^mr_lg2b */ -BOOL (*user)(void); /* pointer to user supplied function */ - -int nib; /* length of bigs */ -int depth; /* error tracing ..*/ -int trace[MR_MAXDEPTH]; /* .. mechanism */ -BOOL check; /* overflow check */ -BOOL fout; /* Output to file */ -BOOL fin; /* Input from file */ -BOOL active; - -#ifndef MR_NO_FILE_IO - -FILE *infile; /* Input file */ -FILE *otfile; /* Output file */ - -#endif - -mr_unsign32 ira[NK]; /* random number... */ -int rndptr; /* ...array & pointer */ -mr_unsign32 borrow; - - /* Montgomery constants */ -mr_small ndash; -big modulus; -BOOL ACTIVE; -BOOL MONTY; - /* Elliptic Curve details */ -BOOL SS; /* True for Super-Singular */ -big A,B,C; -int coord,Asize,Bsize; - -int M,AA,BB,CC; /* for GF(2^m) curves */ - -int logN; /* constants for fast fourier fft multiplication */ -int nprimes,degree; -mr_utype *prime,*cr; -mr_utype *inverse,**roots; -small_chinese chin; -mr_utype const1,const2,const3; -mr_small msw,lsw; -mr_utype **s1,**s2; /* pre-computed tables for polynomial reduction */ -mr_utype **t; /* workspace */ -mr_utype *wa; -mr_utype *wb; -mr_utype *wc; -BOOL same; -BOOL first_one; -BOOL debug; - -big w0; /* workspace bigs */ -big w1,w2,w3,w4; -big w5,w6,w7; -big w8,w9,w10,w11; -big w12,w13,w14,w15; -big w16,w17,w18; - -/* User modifiables */ - -char *IOBUFF; /* i/o buffer */ -int IOBSIZ; /* size of i/o buffer */ -BOOL ERCON; /* error control */ -int ERNUM; /* last error code */ -int NTRY; /* no. of tries for probablistic primality testing */ -int IOBASE; /* base for input and output */ -BOOL EXACT; /* exact flag */ -BOOL RPOINT; /* =ON for radix point, =OFF for fractions in output */ -BOOL TRACER; /* turns trace tracker on/off */ -int INPLEN; /* input length */ -int *PRIMES; /* small primes array */ - -#ifdef MR_FLASH -int workprec; -int stprec; /* start precision */ - -int RS,RD; -double D; - -double db,n,p; -int a,b,c,d,r,q,oldn,ndig; -mr_small u,v,ku,kv; - -BOOL last,carryon; -flash pi; - - -#endif - -#ifdef MR_KCM -big big_ndash; -big ws; -#endif - -#ifdef MR_FP_ROUNDING -mr_large inverse_base; -#endif -int size; -char *workspace; - -} miracl; - - -#ifndef MR_GENERIC_MT - -#ifdef MR_WINDOWS_MT -#define MR_OS_THREADS -#endif - -#ifdef MR_UNIX_MT -#define MR_OS_THREADS -#endif - -#ifndef MR_OS_THREADS - -extern miracl *mr_mip; /* pointer to MIRACL's only global variable */ - -#endif - -#endif - - -#ifdef MR_GENERIC_MT - -#define _MIPT_ miracl *, -#define _MIPTO_ miracl * -#define _MIPD_ miracl *mr_mip, -#define _MIPDO_ miracl *mr_mip -#define _MIPP_ mr_mip, -#define _MIPPO_ mr_mip - -#else - -#define _MIPT_ -#define _MIPTO_ void -#define _MIPD_ -#define _MIPDO_ void -#define _MIPP_ -#define _MIPPO_ - -#endif - -/* Preamble and exit code for MIRACL routines. * - * Not used if MR_STRIPPED_DOWN is defined */ - -#ifdef MR_STRIPPED_DOWN -#define MR_OUT -#define MR_IN(N) -#else -#define MR_OUT mr_mip->depth--; -#define MR_IN(N) mr_mip->depth++; if (mr_mip->depthtrace[mr_mip->depth]=(N); if (mr_mip->TRACER) mr_track(_MIPPO_); } -#endif - -/* Function definitions */ - -/* Group 0 - Internal routines */ - -extern void mr_berror(_MIPT_ int); -extern mr_small mr_shiftbits(mr_small,int); -extern mr_small mr_setbase(_MIPT_ mr_small); -extern void mr_track(_MIPTO_ ); -extern void mr_lzero(big); -extern BOOL mr_notint(flash); -extern int mr_lent(flash); -extern void mr_padd(_MIPT_ big,big,big); -extern void mr_psub(_MIPT_ big,big,big); -extern void mr_pmul(_MIPT_ big,mr_small,big); -#ifdef MR_FP_ROUNDING -extern mr_large mr_invert(mr_small); -extern mr_small imuldiv(mr_small,mr_small,mr_small,mr_small,mr_large,mr_small *); -extern mr_small mr_sdiv(_MIPT_ big,mr_small,mr_large,big); -#else -extern mr_small mr_sdiv(_MIPT_ big,mr_small,big); -#endif -extern void mr_shift(_MIPT_ big,int,big); -extern miracl *mr_first_alloc(void); -extern void *mr_alloc(_MIPT_ int,int); -extern void mr_free(void *); -extern void set_user_function(_MIPT_ BOOL (*)(void)); -extern void set_io_buffer_size(_MIPT_ int); -extern int mr_testbit(_MIPT_ big,int); -extern int mr_window(_MIPT_ big,int,int *,int *); -extern int mr_window2(_MIPT_ big,big,int,int *,int *); -extern int mr_naf_window(_MIPT_ big,big,int,int *,int *); - -extern int mr_fft_init(_MIPT_ int,big,big,BOOL); -extern void mr_dif_fft(_MIPT_ int,int,mr_utype *); -extern void mr_dit_fft(_MIPT_ int,int,mr_utype *); -extern void fft_reset(_MIPTO_); - -extern int mr_poly_mul(_MIPT_ int,big*,int,big*,big*); -extern int mr_poly_sqr(_MIPT_ int,big*,big*); -extern void mr_polymod_set(_MIPT_ int,big*,big*); -extern int mr_poly_rem(_MIPT_ int,big *,big *); - -extern int mr_ps_big_mul(_MIPT_ int,big *,big *,big *); -extern int mr_ps_zzn_mul(_MIPT_ int,big *,big *,big *); - -extern mr_small muldiv(mr_small,mr_small,mr_small,mr_small,mr_small *); -extern mr_small muldvm(mr_small,mr_small,mr_small,mr_small *); -extern mr_small muldvd(mr_small,mr_small,mr_small,mr_small *); -extern void muldvd2(mr_small,mr_small,mr_small *,mr_small *); - -/* Group 1 - General purpose, I/O and basic arithmetic routines */ - -extern int igcd(int,int); -extern mr_small sgcd(mr_small,mr_small); -extern int isqrt(int,int); -extern void irand(_MIPT_ mr_unsign32); -extern mr_small brand(_MIPTO_ ); -extern void zero(flash); -extern void convert(_MIPT_ int,big); -extern void lgconv(_MIPT_ long,big); -extern flash mirvar(_MIPT_ int); -extern flash mirvar_mem(_MIPT_ char *,int); -extern void mirkill(big); -extern void *memalloc(_MIPT_ int); -extern void memkill(_MIPT_ char *,int); -extern void mr_init_threading(void); -extern void mr_end_threading(void); -extern miracl *get_mip(_MIPTO_ ); -extern miracl *mirsys(int,mr_small); -extern void mirexit(_MIPTO_ ); -extern int exsign(flash); -extern void insign(int,flash); -extern int getdig(_MIPT_ big,int); -extern int numdig(_MIPT_ big); -extern void putdig(_MIPT_ int,big,int); -extern void copy(flash,flash); -extern void negify(flash,flash); -extern void absol(flash,flash); -extern int size(big); -extern int compare(big,big); -extern void add(_MIPT_ big,big,big); -extern void subtract(_MIPT_ big,big,big); -extern void incr(_MIPT_ big,int,big); -extern void decr(_MIPT_ big,int,big); -extern void premult(_MIPT_ big,int,big); -extern int subdiv(_MIPT_ big,int,big); -extern BOOL subdivisible(_MIPT_ big,int); -extern int remain(_MIPT_ big,int); -extern void bytes_to_big(_MIPT_ int,char *,big); -extern int big_to_bytes(_MIPT_ int,big,char *,BOOL); -extern mr_small normalise(_MIPT_ big,big); -extern void multiply(_MIPT_ big,big,big); -extern void fft_mult(_MIPT_ big,big,big); -extern BOOL fastmultop(_MIPT_ int,big,big,big); -extern void divide(_MIPT_ big,big,big); -extern BOOL divisible(_MIPT_ big,big); -extern void mad(_MIPT_ big,big,big,big,big,big); -extern int instr(_MIPT_ flash,char *); -extern int otstr(_MIPT_ flash,char *); -extern int cinstr(_MIPT_ flash,char *); -extern int cotstr(_MIPT_ flash,char *); - -#ifndef MR_NO_FILE_IO - -extern int innum(_MIPT_ flash,FILE *); -extern int otnum(_MIPT_ flash,FILE *); -extern int cinnum(_MIPT_ flash,FILE *); -extern int cotnum(_MIPT_ flash,FILE *); - -#endif - -/* Group 2 - Advanced arithmetic routines */ - -extern mr_small smul(mr_small,mr_small,mr_small); -extern mr_small spmd(mr_small,mr_small,mr_small); -extern mr_small invers(mr_small,mr_small); -extern mr_small sqrmp(mr_small,mr_small); -extern int jac(mr_small,mr_small); - -extern void gprime(_MIPT_ int); -extern int jack(_MIPT_ big,big); -extern int egcd(_MIPT_ big,big,big); -extern int xgcd(_MIPT_ big,big,big,big,big); -extern int logb2(_MIPT_ big); -extern void expint(_MIPT_ int,int,big); -extern void sftbit(_MIPT_ big,int,big); -extern void power(_MIPT_ big,long,big,big); -extern void powmod(_MIPT_ big,big,big,big); -extern void powmod2(_MIPT_ big,big,big,big,big,big); -extern void powmodn(_MIPT_ int,big *,big *,big,big); -extern int powltr(_MIPT_ int,big,big,big); -extern BOOL double_inverse(_MIPT_ big,big,big,big,big); -extern BOOL multi_inverse(_MIPT_ int,big*,big,big*); -extern void lucas(_MIPT_ big,big,big,big,big); -extern BOOL nroot(_MIPT_ big,int,big); -extern BOOL sqroot(_MIPT_ big,big,big); -extern void bigrand(_MIPT_ big,big); -extern void bigdig(_MIPT_ int,int,big); -extern int trial_division(_MIPT_ big,big); -extern BOOL isprime(_MIPT_ big); -extern BOOL nxprime(_MIPT_ big,big); -extern BOOL nxsafeprime(_MIPT_ int,int,big,big); -extern BOOL crt_init(_MIPT_ big_chinese *,int,big *); -extern void crt(_MIPT_ big_chinese *,big *,big); -extern void crt_end(big_chinese *); -extern BOOL scrt_init(_MIPT_ small_chinese *,int,mr_utype *); -extern void scrt(_MIPT_ small_chinese*,mr_utype *,big); -extern void scrt_end(small_chinese *); -extern BOOL brick_init(_MIPT_ brick *,big,big,int); -extern void pow_brick(_MIPT_ brick *,big,big); -extern void brick_end(brick *); -extern BOOL ebrick_init(_MIPT_ ebrick *,big,big,big,big,big,int); -extern void ebrick_end(ebrick *); -extern int mul_brick(_MIPT_ ebrick*,big,big,big); -extern BOOL ebrick2_init(_MIPT_ ebrick2 *,big,big,big,big,int,int,int,int,int); -extern void ebrick2_end(ebrick2 *); -extern int mul2_brick(_MIPT_ ebrick2*,big,big,big); - -/* Montgomery stuff */ - -extern mr_small prepare_monty(_MIPT_ big); -extern void kill_monty(_MIPTO_ ); -extern void nres(_MIPT_ big,big); -extern void redc(_MIPT_ big,big); - -extern void nres_negate(_MIPT_ big,big); -extern void nres_modadd(_MIPT_ big,big,big); -extern void nres_modsub(_MIPT_ big,big,big); -extern void nres_premult(_MIPT_ big,int,big); -extern void nres_modmult(_MIPT_ big,big,big); -extern int nres_moddiv(_MIPT_ big,big,big); -extern void nres_dotprod(_MIPT_ int,big *,big *,big); -extern void nres_powmod(_MIPT_ big,big,big); -extern void nres_powltr(_MIPT_ int,big,big); -extern void nres_powmod2(_MIPT_ big,big,big,big,big); -extern void nres_powmodn(_MIPT_ int,big *,big *,big); -extern BOOL nres_sqroot(_MIPT_ big,big); -extern void nres_lucas(_MIPT_ big,big,big,big); -extern BOOL nres_double_inverse(_MIPT_ big,big,big,big); -extern BOOL nres_multi_inverse(_MIPT_ int,big *,big *); - -extern void shs_init(sha *); -extern void shs_process(sha *,int); -extern void shs_hash(sha *,char *); - -extern void shs256_init(sha256 *); -extern void shs256_process(sha256 *,int); -extern void shs256_hash(sha256 *,char *); - -#ifdef mr_unsign64 - -extern void shs512_init(sha512 *); -extern void shs512_process(sha512 *,int); -extern void shs512_hash(sha512 *,char *); - -extern void shs384_init(sha384 *); -extern void shs384_process(sha384 *,int); -extern void shs384_hash(sha384 *,char *); - -#endif - -extern BOOL aes_init(aes *,int,int,char *,char *); -extern void aes_getreg(aes *,char *); -extern mr_unsign32 aes_encrypt(aes *,char *); -extern mr_unsign32 aes_decrypt(aes *,char *); -extern void aes_reset(aes *,int,char *); -extern void aes_end(aes *); - -extern void strong_init(csprng *,int,char *,mr_unsign32); -extern int strong_rng(csprng *); -extern void strong_bigrand(_MIPT_ csprng *,big,big); -extern void strong_bigdig(_MIPT_ csprng *,int,int,big); -extern void strong_kill(csprng *); - -/* special modular multipliers */ - -extern void comba_mult(_MIPT_ big,big,big); -extern void comba_square(_MIPT_ big,big); -extern void comba_redc(_MIPT_ big,big); -extern void comba_add(_MIPT_ big,big,big); -extern void comba_sub(_MIPT_ big,big,big); - -extern void fastmodmult(_MIPT_ big,big,big); -extern void fastmodsquare(_MIPT_ big,big); - -extern void kcm_mul(_MIPT_ big,big,big); -extern void kcm_sqr(_MIPT_ big,big); -extern void kcm_redc(_MIPT_ big,big); - -extern void kcm_multiply(_MIPT_ int,big,big,big); -extern void kcm_square(_MIPT_ int,big,big); -extern BOOL kcm_top(_MIPT_ int,big,big,big); - -/* elliptic curve stuff */ - -extern BOOL point_at_infinity(epoint *); - -extern void ecurve_init(_MIPT_ big,big,big,int); -extern big ecurve_add(_MIPT_ epoint *,epoint *); -extern big ecurve_sub(_MIPT_ epoint *,epoint *); -extern void ecurve_double_add(_MIPT_ epoint *,epoint *,epoint *,epoint *,big *,big *); -extern void ecurve_multi_add(_MIPT_ int,epoint **,epoint **); -extern void ecurve_mult(_MIPT_ big,epoint *,epoint *); -extern void ecurve_mult2(_MIPT_ big,epoint *,big,epoint *,epoint *); -extern void ecurve_multn(_MIPT_ int,big *,epoint**,epoint *); - -extern epoint* epoint_init(_MIPTO_ ); -extern BOOL epoint_set(_MIPT_ big,big,int,epoint*); -extern int epoint_get(_MIPT_ epoint*,big,big); -extern void epoint_getxyz(_MIPT_ epoint *,big,big,big); -extern int epoint_norm(_MIPT_ epoint *); -extern void epoint_free(epoint *); -extern void epoint_copy(epoint *,epoint *); -extern BOOL epoint_comp(_MIPT_ epoint *,epoint *); -extern void epoint_negate(_MIPT_ epoint *); - -extern BOOL ecurve2_init(_MIPT_ int,int,int,int,big,big,BOOL,int); -extern big ecurve2_add(_MIPT_ epoint *,epoint *); -extern big ecurve2_sub(_MIPT_ epoint *,epoint *); -extern void ecurve2_multi_add(_MIPT_ int,epoint **,epoint **); -extern void ecurve2_mult(_MIPT_ big,epoint *,epoint *); -extern void ecurve2_mult2(_MIPT_ big,epoint *,big,epoint *,epoint *); -extern void ecurve2_multn(_MIPT_ int,big *,epoint**,epoint *); - -extern epoint* epoint2_init(_MIPTO_ ); -extern BOOL epoint2_set(_MIPT_ big,big,int,epoint*); -extern int epoint2_get(_MIPT_ epoint*,big,big); -extern void epoint2_getxyz(_MIPT_ epoint *,big,big,big); -extern int epoint2_norm(_MIPT_ epoint *); -extern void epoint2_free(epoint *); -extern void epoint2_copy(epoint *,epoint *); -extern BOOL epoint2_comp(_MIPT_ epoint *,epoint *); -extern void epoint2_negate(_MIPT_ epoint *); - -/* GF(2) stuff */ - -extern BOOL prepare_basis(_MIPT_ int,int,int,int,BOOL); -extern void add2(big,big,big); -extern void incr2(big,int,big); -extern void reduce2(_MIPT_ big,big); -extern void modmult2(_MIPT_ big,big,big); -extern void power2(_MIPT_ big,int,big); -extern void sqroot2(_MIPT_ big,big); -extern BOOL inverse2(_MIPT_ big,big); -extern void karmul2(int,mr_small *,mr_small *,mr_small *,mr_small *); -extern void karmul2_poly(_MIPT_ int,big *,big *,big *,big *); -extern void karmul2_poly_upper(_MIPT_ int,big *,big *,big *,big *); -extern void gf2m_dotprod(_MIPT_ int,big *,big *,big); -extern int trace2(_MIPT_ big); - -/* Group 3 - Floating-slash routines */ - -#ifdef MR_FLASH -extern void fpack(_MIPT_ big,big,flash); -extern void numer(_MIPT_ flash,big); -extern void denom(_MIPT_ flash,big); -extern BOOL fit(big,big,int); -extern void build(_MIPT_ flash,int (*)(_MIPT_ big,int)); -extern void mround(_MIPT_ big,big,flash); -extern void flop(_MIPT_ flash,flash,int *,flash); -extern void fmul(_MIPT_ flash,flash,flash); -extern void fdiv(_MIPT_ flash,flash,flash); -extern void fadd(_MIPT_ flash,flash,flash); -extern void fsub(_MIPT_ flash,flash,flash); -extern int fcomp(_MIPT_ flash,flash); -extern void fconv(_MIPT_ int,int,flash); -extern void frecip(_MIPT_ flash,flash); -extern void ftrunc(_MIPT_ flash,big,flash); -extern void fmodulo(_MIPT_ flash,flash,flash); -extern void fpmul(_MIPT_ flash,int,int,flash); -extern void fincr(_MIPT_ flash,int,int,flash); -extern void dconv(_MIPT_ double,flash); -extern double fdsize(_MIPT_ flash); -extern void frand(_MIPT_ flash); - -/* Group 4 - Advanced Flash routines */ - -extern void fpower(_MIPT_ flash,int,flash); -extern BOOL froot(_MIPT_ flash,int,flash); -extern void fpi(_MIPT_ flash); -extern void fexp(_MIPT_ flash,flash); -extern void flog(_MIPT_ flash,flash); -extern void fpowf(_MIPT_ flash,flash,flash); -extern void ftan(_MIPT_ flash,flash); -extern void fatan(_MIPT_ flash,flash); -extern void fsin(_MIPT_ flash,flash); -extern void fasin(_MIPT_ flash,flash); -extern void fcos(_MIPT_ flash,flash); -extern void facos(_MIPT_ flash,flash); -extern void ftanh(_MIPT_ flash,flash); -extern void fatanh(_MIPT_ flash,flash); -extern void fsinh(_MIPT_ flash,flash); -extern void fasinh(_MIPT_ flash,flash); -extern void fcosh(_MIPT_ flash,flash); -extern void facosh(_MIPT_ flash,flash); -#endif - - -/* Test predefined Macros to determine compiler type, and hopefully - selectively use fast in-line assembler (or other compiler specific - optimisations. Note I am unsure of Microsoft version numbers. So I - suspect are Microsoft. - - Note: It seems to be impossible to get the 16-bit Microsoft compiler - to allow inline 32-bit op-codes. So I suspect that INLINE_ASM == 2 will - never work with it. Pity. - -#define INLINE_ASM 1 -> generates 8086 inline assembly -#define INLINE_ASM 2 -> generates mixed 8086 & 80386 inline assembly, - so you can get some benefit while running in a - 16-bit environment on 32-bit hardware (DOS, Windows - 3.1...) -#define INLINE_ASM 3 -> generate true 80386 inline assembly - (Using DOS - extender, Windows '95/Windows NT) - Actually optimised for Pentium - -#define INLINE_ASM 4 -> 80386 code in the GNU style (for (DJGPP) - -Small, medium, compact and large memory models are supported for the -first two of the above. - -*/ - -#ifndef MR_NOASM - -/* Itanium - inline the time-critical functions */ - - #ifdef MR_ITANIUM - #define muldvd(a,b,c,rp) (tm=_m64_xmahu((a),(b),(c)),*(rp)=_m64_xmalu((a),(b),(c)),tm) - #define muldvd2(a,b,c,rp) (tm=_m64_xmalu((a),(b),(*(c))),*(c)=_m64_xmahu((a),(b),(*(c))),tm+=*(rp),*(c)+=(tm<*(rp)),*(rp)=tm) - #endif - - -/* Borland C/Turbo C */ - - #ifdef __TURBOC__ - #ifndef __HUGE__ - #define ASM asm - #if defined(__COMPACT__) || defined(__LARGE__) - #define MR_LMM - #endif - - #if MIRACL==16 - #define INLINE_ASM 1 - #endif - - #if __TURBOC__>=0x410 - #if MIRACL==32 -#if defined(__SMALL__) || defined(__MEDIUM__) || defined(__LARGE__) || defined(__COMPACT__) - #define INLINE_ASM 2 - #else - #define INLINE_ASM 3 - #endif - #endif - #endif - #endif - #endif - -/* Microsoft C */ - - #ifdef _MSC_VER - #ifndef M_I86HM - #define ASM _asm - #if defined(M_I86CM) || defined(M_I86LM) - #define MR_LMM - #endif - #if _MSC_VER>=600 - #if MIRACL==16 - #define INLINE_ASM 1 - #endif - #endif - #if _MSC_VER>=1000 - #if MIRACL==32 - #define INLINE_ASM 3 - #endif - #endif - #endif - #endif - -/* DJGPP GNU C */ - - #ifdef __GNUC__ - #ifdef i386 - #define ASM __asm__ __volatile__ - #if MIRACL==32 - #define INLINE_ASM 4 - #endif - #endif - #endif - -#endif - -/* - The following contribution is from Tielo Jongmans, Netherlands - These inline assembler routines are suitable for Watcom 10.0 and up - - Added into miracl.h. Notice the override of the original declarations - of these routines, which should be removed. - - The following pragma is optional, it is dangerous, but it saves a - calling sequence -*/ - -/* - -#pragma off (check_stack); - -extern unsigned int muldiv(unsigned int, unsigned int, unsigned int, unsigned int, unsigned int *); -#pragma aux muldiv= \ - "mul edx" \ - "add eax,ebx" \ - "adc edx,0" \ - "div ecx" \ - "mov [esi],edx" \ - parm [eax] [edx] [ebx] [ecx] [esi] \ - value [eax] \ - modify [eax edx]; - -extern unsigned int muldvm(unsigned int, unsigned int, unsigned int, unsigned int *); -#pragma aux muldvm= \ - "div ebx" \ - "mov [ecx],edx" \ - parm [edx] [eax] [ebx] [ecx] \ - value [eax] \ - modify [eax edx]; - -extern unsigned int muldvd(unsigned int, unsigned int, unsigned int, unsigned int *); -#pragma aux muldvd= \ - "mul edx" \ - "add eax,ebx" \ - "adc edx,0" \ - "mov [ecx],eax" \ - "mov eax,edx" \ - parm [eax] [edx] [ebx] [ecx] \ - value [eax] \ - modify [eax edx]; - -*/ - - -#endif - - Index: tags/arelease/src/mrshs.c =================================================================== --- tags/arelease/src/mrshs.c (revision 3) +++ tags/arelease/src/mrshs.c (nonexistent) @@ -1,157 +0,0 @@ -/* - * Implementation of the Secure Hashing Standard (SHS) - * specified for use with the NIST Digital Signature Standard (DSS) - * - * Generates a 160 bit message digest. It should be impossible to come - * come up with two messages that hash to the same value ("collision free"). - * - * For use with byte-oriented messages only. Could/Should be speeded - * up by unwinding loops in shs_transform(), and assembly patches. - */ - -#include -#include "miracl.h" - /* for definition of mr_unsign32 & prototypes */ -#define FIX - -/* Include this #define in order to implement the - rather mysterious 'fix' to SHS - - With this definition in, SHA-1 is implemented - Without this definition, SHA-0 is implemented -*/ - - -#define H0 0x67452301L -#define H1 0xefcdab89L -#define H2 0x98badcfeL -#define H3 0x10325476L -#define H4 0xc3d2e1f0L - -#define K0 0x5a827999L -#define K1 0x6ed9eba1L -#define K2 0x8f1bbcdcL -#define K3 0xca62c1d6L - -#define PAD 0x80 -#define ZERO 0 - -/* functions */ - -#define S(n,x) (((x)<>(32-n))) - -#define F0(x,y,z) (z^(x&(y^z))) -#define F1(x,y,z) (x^y^z) -#define F2(x,y,z) ((x&y) | (z&(x|y))) -#define F3(x,y,z) (x^y^z) - -static void shs_transform(sha *sh) -{ /* basic transformation step */ - mr_unsign32 a,b,c,d,e,temp; - int t; -#ifdef FIX - for (t=16;t<80;t++) sh->w[t]=S(1,sh->w[t-3]^sh->w[t-8]^sh->w[t-14]^sh->w[t-16]); -#else - for (t=16;t<80;t++) sh->w[t]=sh->w[t-3]^sh->w[t-8]^sh->w[t-14]^sh->w[t-16]; -#endif - a=sh->h[0]; b=sh->h[1]; c=sh->h[2]; d=sh->h[3]; e=sh->h[4]; - for (t=0;t<20;t++) - { /* 20 times - mush it up */ - temp=K0+F0(b,c,d)+S(5,a)+e+sh->w[t]; - e=d; d=c; - c=S(30,b); - b=a; a=temp; - } - for (t=20;t<40;t++) - { /* 20 more times - mush it up */ - temp=K1+F1(b,c,d)+S(5,a)+e+sh->w[t]; - e=d; d=c; - c=S(30,b); - b=a; a=temp; - } - for (t=40;t<60;t++) - { /* 20 more times - mush it up */ - temp=K2+F2(b,c,d)+S(5,a)+e+sh->w[t]; - e=d; d=c; - c=S(30,b); - b=a; a=temp; - } - for (t=60;t<80;t++) - { /* 20 more times - mush it up */ - temp=K3+F3(b,c,d)+S(5,a)+e+sh->w[t]; - e=d; d=c; - c=S(30,b); - b=a; a=temp; - } - sh->h[0]+=a; sh->h[1]+=b; sh->h[2]+=c; - sh->h[3]+=d; sh->h[4]+=e; -} - -void shs_init(sha *sh) -{ /* re-initialise */ - int i; - for (i=0;i<80;i++) sh->w[i]=0L; - sh->length[0]=sh->length[1]=0L; - sh->h[0]=H0; - sh->h[1]=H1; - sh->h[2]=H2; - sh->h[3]=H3; - sh->h[4]=H4; -} - -void shs_process(sha *sh,int byte) -{ /* process the next message byte */ - int cnt; - - cnt=(int)((sh->length[0]/32)%16); - - sh->w[cnt]<<=8; - sh->w[cnt]|=(mr_unsign32)(byte&0xFF); - - sh->length[0]+=8; - if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } - if ((sh->length[0]%512)==0) shs_transform(sh); -} - -void shs_hash(sha *sh,char hash[20]) -{ /* pad message and finish - supply digest */ - int i; - mr_unsign32 len0,len1; - len0=sh->length[0]; - len1=sh->length[1]; - shs_process(sh,PAD); - while ((sh->length[0]%512)!=448) shs_process(sh,ZERO); - sh->w[14]=len1; - sh->w[15]=len0; - shs_transform(sh); - for (i=0;i<20;i++) - { /* convert to bytes */ - hash[i]=((sh->h[i/4]>>(8*(3-i%4))) & 0xffL); - } - shs_init(sh); -} - -/* test program: should produce digest - - 84983e44 1c3bd26e baae4aa1 f95129e5 e54670f1 - -#include -#include "miracl.h" - -char test[]="abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; - -int main() -{ - char hash[20]; - int i; - sha sh; - shs_init(&sh); - for (i=0;test[i]!=0;i++) shs_process(&sh,test[i]); - shs_hash(&sh,hash); - for (i=0;i<20;i++) printf("%02x",(unsigned char)hash[i]); - printf("\n"); - return 0; -} - -*/ - Index: tags/arelease/src/mrshs512.c =================================================================== --- tags/arelease/src/mrshs512.c (revision 3) +++ tags/arelease/src/mrshs512.c (nonexistent) @@ -1,238 +0,0 @@ -/* - * Implementation of the Secure Hashing Algorithm (SHA-384 and SHA-512) - * - * Generates a a 384 or 512 bit message digest. It should be impossible to come - * come up with two messages that hash to the same value ("collision free"). - * - * For use with byte-oriented messages only. Could/Should be speeded - * up by unwinding loops in shs_transform(), and assembly patches. - * - * NOTE: This requires a 64-bit integer type to be defined - */ - -#include -#include "miracl.h" - -#ifdef mr_unsign64 - -#define H0 0x6a09e667f3bcc908 -#define H1 0xbb67ae8584caa73b -#define H2 0x3c6ef372fe94f82b -#define H3 0xa54ff53a5f1d36f1 -#define H4 0x510e527fade682d1 -#define H5 0x9b05688c2b3e6c1f -#define H6 0x1f83d9abfb41bd6b -#define H7 0x5be0cd19137e2179 - -#define H8 0xcbbb9d5dc1059ed8 -#define H9 0x629a292a367cd507 -#define HA 0x9159015a3070dd17 -#define HB 0x152fecd8f70e5939 -#define HC 0x67332667ffc00b31 -#define HD 0x8eb44a8768581511 -#define HE 0xdb0c2e0d64f98fa7 -#define HF 0x47b5481dbefa4fa4 - -static mr_unsign64 K[80]={ -0x428a2f98d728ae22,0x7137449123ef65cd,0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc, -0x3956c25bf348b538,0x59f111f1b605d019,0x923f82a4af194f9b,0xab1c5ed5da6d8118, -0xd807aa98a3030242,0x12835b0145706fbe,0x243185be4ee4b28c,0x550c7dc3d5ffb4e2, -0x72be5d74f27b896f,0x80deb1fe3b1696b1,0x9bdc06a725c71235,0xc19bf174cf692694, -0xe49b69c19ef14ad2,0xefbe4786384f25e3,0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65, -0x2de92c6f592b0275,0x4a7484aa6ea6e483,0x5cb0a9dcbd41fbd4,0x76f988da831153b5, -0x983e5152ee66dfab,0xa831c66d2db43210,0xb00327c898fb213f,0xbf597fc7beef0ee4, -0xc6e00bf33da88fc2,0xd5a79147930aa725,0x06ca6351e003826f,0x142929670a0e6e70, -0x27b70a8546d22ffc,0x2e1b21385c26c926,0x4d2c6dfc5ac42aed,0x53380d139d95b3df, -0x650a73548baf63de,0x766a0abb3c77b2a8,0x81c2c92e47edaee6,0x92722c851482353b, -0xa2bfe8a14cf10364,0xa81a664bbc423001,0xc24b8b70d0f89791,0xc76c51a30654be30, -0xd192e819d6ef5218,0xd69906245565a910,0xf40e35855771202a,0x106aa07032bbd1b8, -0x19a4c116b8d2d0c8,0x1e376c085141ab53,0x2748774cdf8eeb99,0x34b0bcb5e19b48a8, -0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb,0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3, -0x748f82ee5defb2fc,0x78a5636f43172f60,0x84c87814a1f0ab72,0x8cc702081a6439ec, -0x90befffa23631e28,0xa4506cebde82bde9,0xbef9a3f7b2c67915,0xc67178f2e372532b, -0xca273eceea26619c,0xd186b8c721c0c207,0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178, -0x06f067aa72176fba,0x0a637dc5a2c898a6,0x113f9804bef90dae,0x1b710b35131c471b, -0x28db77f523047d84,0x32caab7b40c72493,0x3c9ebe0a15c9bebc,0x431d67c49c100d4c, -0x4cc5d4becb3e42b6,0x597f299cfc657e2a,0x5fcb6fab3ad6faec,0x6c44198c4a475817}; - -#define PAD 0x80 -#define ZERO 0 - -/* functions */ - -#define S(n,x) (((x)>>n) | ((x)<<(64-n))) -#define R(n,x) ((x)>>n) - -#define Ch(x,y,z) ((x&y)^(~(x)&z)) -#define Maj(x,y,z) ((x&y)^(x&z)^(y&z)) -#define Sig0(x) (S(28,x)^S(34,x)^S(39,x)) -#define Sig1(x) (S(14,x)^S(18,x)^S(41,x)) -#define theta0(x) (S(1,x)^S(8,x)^R(7,x)) -#define theta1(x) (S(19,x)^S(61,x)^R(6,x)) - -static void shs_transform(sha512 *sh) -{ /* basic transformation step */ - mr_unsign64 a,b,c,d,e,f,g,h,t1,t2; - int j; - for (j=16;j<80;j++) - sh->w[j]=theta1(sh->w[j-2])+sh->w[j-7]+theta0(sh->w[j-15])+sh->w[j-16]; - - a=sh->h[0]; b=sh->h[1]; c=sh->h[2]; d=sh->h[3]; - e=sh->h[4]; f=sh->h[5]; g=sh->h[6]; h=sh->h[7]; - - for (j=0;j<80;j++) - { /* 80 times - mush it up */ - t1=h+Sig1(e)+Ch(e,f,g)+K[j]+sh->w[j]; - t2=Sig0(a)+Maj(a,b,c); - h=g; g=f; f=e; - e=d+t1; - d=c; - c=b; - b=a; - a=t1+t2; - } - sh->h[0]+=a; sh->h[1]+=b; sh->h[2]+=c; sh->h[3]+=d; - sh->h[4]+=e; sh->h[5]+=f; sh->h[6]+=g; sh->h[7]+=h; -} - -void shs512_init(sha512 *sh) -{ /* re-initialise */ - int i; - for (i=0;i<80;i++) sh->w[i]=0; - sh->length[0]=sh->length[1]=0; - sh->h[0]=H0; - sh->h[1]=H1; - sh->h[2]=H2; - sh->h[3]=H3; - sh->h[4]=H4; - sh->h[5]=H5; - sh->h[6]=H6; - sh->h[7]=H7; -} - -void shs384_init(sha384 *sh) -{ /* re-initialise */ - int i; - for (i=0;i<80;i++) sh->w[i]=0; - sh->length[0]=sh->length[1]=0; - sh->h[0]=H8; - sh->h[1]=H9; - sh->h[2]=HA; - sh->h[3]=HB; - sh->h[4]=HC; - sh->h[5]=HD; - sh->h[6]=HE; - sh->h[7]=HF; -} - - -void shs512_process(sha512 *sh,int byte) -{ /* process the next message byte */ - int cnt; - - cnt=(int)((sh->length[0]/64)%16); - - sh->w[cnt]<<=8; - sh->w[cnt]|=(mr_unsign64)(byte&0xFF); - - sh->length[0]+=8; - if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } - if ((sh->length[0]%1024)==0) shs_transform(sh); -} - - -void shs384_process(sha384 *sh,int byte) -{ /* process the next message byte */ - int cnt; - - cnt=(int)((sh->length[0]/64)%16); - - sh->w[cnt]<<=8; - sh->w[cnt]|=(mr_unsign64)(byte&0xFF); - - sh->length[0]+=8; - if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } - if ((sh->length[0]%1024)==0) shs_transform(sh); -} - - -void shs512_hash(sha512 *sh,char hash[64]) -{ /* pad message and finish - supply digest */ - int i; - mr_unsign64 len0,len1; - len0=sh->length[0]; - len1=sh->length[1]; - shs512_process(sh,PAD); - while ((sh->length[0]%1024)!=896) shs512_process(sh,ZERO); - sh->w[14]=len1; - sh->w[15]=len0; - shs_transform(sh); - for (i=0;i<64;i++) - { /* convert to bytes */ - hash[i]=(char)((sh->h[i/8]>>(8*(7-i%8))) & 0xffL); - } - shs512_init(sh); -} - -void shs384_hash(sha384 *sh,char hash[48]) -{ /* pad message and finish - supply digest */ - int i; - mr_unsign64 len0,len1; - len0=sh->length[0]; - len1=sh->length[1]; - shs512_process(sh,PAD); - while ((sh->length[0]%1024)!=896) shs384_process(sh,ZERO); - sh->w[14]=len1; - sh->w[15]=len0; - shs_transform(sh); - for (i=0;i<48;i++) - { /* convert to bytes */ - hash[i]=(char)((sh->h[i/8]>>(8*(7-i%8))) & 0xffL); - } - shs384_init(sh); -} - - -#endif - -/* test program: should produce digests - -512 bit - -8e959b75dae313da 8cf4f72814fc143f 8f7779c6eb9f7fa1 7299aeadb6889018 -501d289e4900f7e4 331b99dec4b5433a c7d329eeb6dd2654 5e96e55b874be909 - - -384 bit - -09330c33f71147e8 3d192fc782cd1b47 53111b173b3b05d2 2fa08086e3b0f712 -fcc7c71a557e2db9 66c3e9fa91746039 - - -#include -#include "miracl.h" - -char test[]="abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; - -int main() -{ - char hash[64]; - int i; - sha512 sh; - shs512_init(&sh); - for (i=0;test[i]!=0;i++) shs512_process(&sh,test[i]); - shs512_hash(&sh,hash); - for (i=0;i<64;i++) printf("%02x",(unsigned char)hash[i]); - printf("\n"); - - shs384_init(&sh); - for (i=0;test[i]!=0;i++) shs384_process(&sh,test[i]); - shs384_hash(&sh,hash); - for (i=0;i<48;i++) printf("%02x",(unsigned char)hash[i]); - printf("\n"); - - return 0; -} - -*/ - Index: tags/arelease/sim/sha1.do =================================================================== --- tags/arelease/sim/sha1.do (revision 3) +++ tags/arelease/sim/sha1.do (nonexistent) @@ -1,62 +0,0 @@ -#--------------------------------------------------------------------- -# Project name : SHA-160 -# Project description : Secure Hash Algorithm (SHA-160) -# -# File name : sha1.do -# -# Design Engineer : marsgod -# Quality Engineer : marsgod -# Version : 1.0 -# Last modification : 2004-05-10 -#--------------------------------------------------------------------- - -transcript off -# ------------------------------------------------------------------- # -# Directories location -# ------------------------------------------------------------------- # - -set source_dir rtl -set tb_dir bench -set work_dir sim/modelsim_lib - -# ------------------------------------------------------------------- # -# Maping destination directory for core of model -# ------------------------------------------------------------------- # - -vlib $work_dir -vmap SHA_LIB $work_dir -transcript on - - -# ------------------------------------------------------------------- # -# Compiling components of core -# ------------------------------------------------------------------- # - -transcript off -vlog -work SHA_LIB +incdir+$source_dir $source_dir/sha1.v - - -# ------------------------------------------------------------------- # -# Compiling Test Bench -# ------------------------------------------------------------------- # - -vlog -work SHA_LIB $tb_dir/test_sha1.v - -transcript on - - -# ------------------------------------------------------------------- # -# Loading the Test Bench -# ------------------------------------------------------------------- # - -transcript off -vsim +nowarnTFMPC +nowarnTSCALE -t ns -lib SHA_LIB test_sha - -transcript on - - -transcript on - -do wave.do - -run 1ms Index: tags/arelease/sim/sha512.do =================================================================== --- tags/arelease/sim/sha512.do (revision 3) +++ tags/arelease/sim/sha512.do (nonexistent) @@ -1,62 +0,0 @@ -#--------------------------------------------------------------------- -# Project name : SHA-512/384 -# Project description : Secure Hash Algorithm (SHA-512/384) -# -# File name : sha512.do -# -# Design Engineer : marsgod -# Quality Engineer : marsgod -# Version : 1.0 -# Last modification : 2004-05-10 -#--------------------------------------------------------------------- - -transcript off -# ------------------------------------------------------------------- # -# Directories location -# ------------------------------------------------------------------- # - -set source_dir rtl -set tb_dir bench -set work_dir sim/modelsim_lib - -# ------------------------------------------------------------------- # -# Maping destination directory for core of model -# ------------------------------------------------------------------- # - -vlib $work_dir -vmap SHA_LIB $work_dir -transcript on - - -# ------------------------------------------------------------------- # -# Compiling components of core -# ------------------------------------------------------------------- # - -transcript off -vlog -work SHA_LIB +incdir+$source_dir $source_dir/sha512.v - - -# ------------------------------------------------------------------- # -# Compiling Test Bench -# ------------------------------------------------------------------- # - -vlog -work SHA_LIB $tb_dir/test_sha512.v - -transcript on - - -# ------------------------------------------------------------------- # -# Loading the Test Bench -# ------------------------------------------------------------------- # - -transcript off -vsim +nowarnTFMPC +nowarnTSCALE -t ns -lib SHA_LIB test_sha - -transcript on - - -transcript on - -do wave.do - -run 1ms Index: tags/arelease/sim/sha256.do =================================================================== --- tags/arelease/sim/sha256.do (revision 3) +++ tags/arelease/sim/sha256.do (nonexistent) @@ -1,62 +0,0 @@ -#--------------------------------------------------------------------- -# Project name : SHA-256 -# Project description : Secure Hash Algorithm (SHA-256) -# -# File name : sha256.do -# -# Design Engineer : marsgod -# Quality Engineer : marsgod -# Version : 1.0 -# Last modification : 2004-05-10 -#--------------------------------------------------------------------- - -transcript off -# ------------------------------------------------------------------- # -# Directories location -# ------------------------------------------------------------------- # - -set source_dir rtl -set tb_dir bench -set work_dir sim/modelsim_lib - -# ------------------------------------------------------------------- # -# Maping destination directory for core of model -# ------------------------------------------------------------------- # - -vlib $work_dir -vmap SHA_LIB $work_dir -transcript on - - -# ------------------------------------------------------------------- # -# Compiling components of core -# ------------------------------------------------------------------- # - -transcript off -vlog -work SHA_LIB +incdir+$source_dir $source_dir/sha256.v - - -# ------------------------------------------------------------------- # -# Compiling Test Bench -# ------------------------------------------------------------------- # - -vlog -work SHA_LIB $tb_dir/test_sha256.v - -transcript on - - -# ------------------------------------------------------------------- # -# Loading the Test Bench -# ------------------------------------------------------------------- # - -transcript off -vsim +nowarnTFMPC +nowarnTSCALE -t ns -lib SHA_LIB test_sha - -transcript on - - -transcript on - -do wave.do - -run 1ms Index: trunk/rtl/sha512.v =================================================================== --- trunk/rtl/sha512.v (revision 3) +++ trunk/rtl/sha512.v (nonexistent) @@ -1,1017 +0,0 @@ -///////////////////////////////////////////////////////////////////// -//// //// -//// SHA-512/384 //// -//// Secure Hash Algorithm (SHA-512 SHA-384) //// -//// //// -//// Author: marsgod //// -//// marsgod@opencores.org //// -//// //// -//// //// -//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// -//// //// -///////////////////////////////////////////////////////////////////// -//// //// -//// Copyright (C) 2000-2002 marsgod //// -//// marsgod@opencores.org //// -//// //// -//// //// -//// This source file may be used and distributed without //// -//// restriction provided that this copyright statement is not //// -//// removed from the file and that any derivative work contains //// -//// the original copyright notice and the associated disclaimer.//// -//// //// -//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// -//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// -//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// -//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// -//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// -//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// -//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// -//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// -//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// -//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// -//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// -//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// -//// POSSIBILITY OF SUCH DAMAGE. //// -//// //// -///////////////////////////////////////////////////////////////////// - -`define SHA512_H0 64'h6a09e667_f3bcc908 -`define SHA512_H1 64'hbb67ae85_84caa73b -`define SHA512_H2 64'h3c6ef372_fe94f82b -`define SHA512_H3 64'ha54ff53a_5f1d36f1 -`define SHA512_H4 64'h510e527f_ade682d1 -`define SHA512_H5 64'h9b05688c_2b3e6c1f -`define SHA512_H6 64'h1f83d9ab_fb41bd6b -`define SHA512_H7 64'h5be0cd19_137e2179 - -`define SHA384_H0 64'hcbbb9d5d_c1059ed8 -`define SHA384_H1 64'h629a292a_367cd507 -`define SHA384_H2 64'h9159015a_3070dd17 -`define SHA384_H3 64'h152fecd8_f70e5939 -`define SHA384_H4 64'h67332667_ffc00b31 -`define SHA384_H5 64'h8eb44a87_68581511 -`define SHA384_H6 64'hdb0c2e0d_64f98fa7 -`define SHA384_H7 64'h47b5481d_befa4fa4 - -`define K00 64'h428a2f98_d728ae22 -`define K01 64'h71374491_23ef65cd -`define K02 64'hb5c0fbcf_ec4d3b2f -`define K03 64'he9b5dba5_8189dbbc -`define K04 64'h3956c25b_f348b538 -`define K05 64'h59f111f1_b605d019 -`define K06 64'h923f82a4_af194f9b -`define K07 64'hab1c5ed5_da6d8118 -`define K08 64'hd807aa98_a3030242 -`define K09 64'h12835b01_45706fbe -`define K10 64'h243185be_4ee4b28c -`define K11 64'h550c7dc3_d5ffb4e2 -`define K12 64'h72be5d74_f27b896f -`define K13 64'h80deb1fe_3b1696b1 -`define K14 64'h9bdc06a7_25c71235 -`define K15 64'hc19bf174_cf692694 -`define K16 64'he49b69c1_9ef14ad2 -`define K17 64'hefbe4786_384f25e3 -`define K18 64'h0fc19dc6_8b8cd5b5 -`define K19 64'h240ca1cc_77ac9c65 -`define K20 64'h2de92c6f_592b0275 -`define K21 64'h4a7484aa_6ea6e483 -`define K22 64'h5cb0a9dc_bd41fbd4 -`define K23 64'h76f988da_831153b5 -`define K24 64'h983e5152_ee66dfab -`define K25 64'ha831c66d_2db43210 -`define K26 64'hb00327c8_98fb213f -`define K27 64'hbf597fc7_beef0ee4 -`define K28 64'hc6e00bf3_3da88fc2 -`define K29 64'hd5a79147_930aa725 -`define K30 64'h06ca6351_e003826f -`define K31 64'h14292967_0a0e6e70 -`define K32 64'h27b70a85_46d22ffc -`define K33 64'h2e1b2138_5c26c926 -`define K34 64'h4d2c6dfc_5ac42aed -`define K35 64'h53380d13_9d95b3df -`define K36 64'h650a7354_8baf63de -`define K37 64'h766a0abb_3c77b2a8 -`define K38 64'h81c2c92e_47edaee6 -`define K39 64'h92722c85_1482353b -`define K40 64'ha2bfe8a1_4cf10364 -`define K41 64'ha81a664b_bc423001 -`define K42 64'hc24b8b70_d0f89791 -`define K43 64'hc76c51a3_0654be30 -`define K44 64'hd192e819_d6ef5218 -`define K45 64'hd6990624_5565a910 -`define K46 64'hf40e3585_5771202a -`define K47 64'h106aa070_32bbd1b8 -`define K48 64'h19a4c116_b8d2d0c8 -`define K49 64'h1e376c08_5141ab53 -`define K50 64'h2748774c_df8eeb99 -`define K51 64'h34b0bcb5_e19b48a8 -`define K52 64'h391c0cb3_c5c95a63 -`define K53 64'h4ed8aa4a_e3418acb -`define K54 64'h5b9cca4f_7763e373 -`define K55 64'h682e6ff3_d6b2b8a3 -`define K56 64'h748f82ee_5defb2fc -`define K57 64'h78a5636f_43172f60 -`define K58 64'h84c87814_a1f0ab72 -`define K59 64'h8cc70208_1a6439ec -`define K60 64'h90befffa_23631e28 -`define K61 64'ha4506ceb_de82bde9 -`define K62 64'hbef9a3f7_b2c67915 -`define K63 64'hc67178f2_e372532b -`define K64 64'hca273ece_ea26619c -`define K65 64'hd186b8c7_21c0c207 -`define K66 64'heada7dd6_cde0eb1e -`define K67 64'hf57d4f7f_ee6ed178 -`define K68 64'h06f067aa_72176fba -`define K69 64'h0a637dc5_a2c898a6 -`define K70 64'h113f9804_bef90dae -`define K71 64'h1b710b35_131c471b -`define K72 64'h28db77f5_23047d84 -`define K73 64'h32caab7b_40c72493 -`define K74 64'h3c9ebe0a_15c9bebc -`define K75 64'h431d67c4_9c100d4c -`define K76 64'h4cc5d4be_cb3e42b6 -`define K77 64'h597f299c_fc657e2a -`define K78 64'h5fcb6fab_3ad6faec -`define K79 64'h6c44198c_4a475817 - -module sha512 (clk_i, rst_i, text_i, text_o, cmd_i, cmd_w_i, cmd_o); - - input clk_i; // global clock input - input rst_i; // global reset input , active high - - input [31:0] text_i; // text input 32bit - output [31:0] text_o; // text output 32bit - - input [3:0] cmd_i; // command input - input cmd_w_i;// command input write enable - output [4:0] cmd_o; // command output(status) - - /* - cmd - Busy S1 S0 Round W R - - bit4 bit3 bit2 bit1 bit0 - Busy S Round W R - - Busy: - 0 idle - 1 busy - - S: - 0 sha-384 - 1 sha-512 - - Round: - 0 first round - 1 internal round - - W: - 0 No-op - 1 write data - - R: - 0 No-op - 1 read data - - */ - - - reg [4:0] cmd; - wire [4:0] cmd_o; - - reg [31:0] text_o; - - reg [6:0] round; - wire [6:0] round_plus_1; - - reg [4:0] read_counter; - - reg [63:0] H0,H1,H2,H3,H4,H5,H6,H7; - reg [63:0] W0,W1,W2,W3,W4,W5,W6,W7,W8,W9,W10,W11,W12,W13,W14; - reg [63:0] Wt,Kt; - reg [63:0] A,B,C,D,E,F,G,H; - - reg busy; - - assign cmd_o = cmd; - always @ (posedge clk_i) - begin - if (rst_i) - cmd <= 'b0; - else - if (cmd_w_i) - cmd[3:0] <= cmd_i[3:0]; // busy bit can't write - else - begin - cmd[4] <= busy; // update busy bit - if (~busy) - cmd[1:0] <= 2'b00; // hardware auto clean R/W bits - end - end - - wire [63:0] f1_EFG_64,f2_ABC_64,f3_A_64,f4_E_64,f5_W1_64,f6_W14_64,T1_64,T2_64; - wire [63:0] W1_swap,W14_swap,Wt_64_swap; - wire [63:0] next_Wt,next_E,next_A; - wire [383:0] SHA384_result; - wire [511:0] SHA512_result; - - assign f1_EFG_64 = (E & F) ^ (~E & G); - - assign f2_ABC_64 = (A & B) ^ (B & C) ^ (A & C); - - assign f3_A_64 = {A[27:0],A[63:28]} ^ {A[33:0],A[63:34]} ^ {A[38:0],A[63:39]}; - - assign f4_E_64 = {E[13:0],E[63:14]} ^ {E[17:0],E[63:18]} ^ {E[40:0],E[63:41]}; - - assign W1_swap = {W1[31:0],W1[63:32]}; - assign f5_W1_64 = {W1_swap[0],W1_swap[63:1]} ^ {W1_swap[7:0],W1_swap[63:8]} ^ {7'b000_0000,W1_swap[63:7]}; - - assign W14_swap = {W14[31:0],W14[63:32]}; - assign f6_W14_64 = {W14_swap[18:0],W14_swap[63:19]} ^ {W14_swap[60:0],W14_swap[63:61]} ^ {6'b00_0000,W14_swap[63:6]}; - - assign Wt_64_swap = f6_W14_64 + {W9[31:0],W9[63:32]} + f5_W1_64 + {W0[31:0],W0[63:32]}; - - assign T1_64 = H[63:0] + f4_E_64 + f1_EFG_64 + Kt[63:0] + {Wt[31:0],Wt[63:32]}; - - assign T2_64 = f3_A_64 + f2_ABC_64; - - assign next_Wt = {Wt_64_swap[31:0],Wt_64_swap[63:32]}; - assign next_E = D[63:0] + T1_64; - assign next_A = T1_64 + T2_64; - - - assign SHA384_result = {A,B,C,D,E,F}; - assign SHA512_result = {A,B,C,D,E,F,G,H}; - - assign round_plus_1 = round + 1; - - //------------------------------------------------------------------ - // SHA round - //------------------------------------------------------------------ - always @(posedge clk_i) - begin - if (rst_i) - begin - round <= 'd0; - busy <= 'b0; - - W0 <= 'b0; - W1 <= 'b0; - W2 <= 'b0; - W3 <= 'b0; - W4 <= 'b0; - W5 <= 'b0; - W6 <= 'b0; - W7 <= 'b0; - W8 <= 'b0; - W9 <= 'b0; - W10 <= 'b0; - W11 <= 'b0; - W12 <= 'b0; - W13 <= 'b0; - W14 <= 'b0; - Wt <= 'b0; - - A <= 'b0; - B <= 'b0; - C <= 'b0; - D <= 'b0; - E <= 'b0; - F <= 'b0; - G <= 'b0; - H <= 'b0; - - H0 <= 'b0; - H1 <= 'b0; - H2 <= 'b0; - H3 <= 'b0; - H4 <= 'b0; - H5 <= 'b0; - H6 <= 'b0; - H7 <= 'b0; - end - else - begin - case (round) - - 'd0: - begin - if (cmd[1]) - begin - W0[31:0] <= text_i; - Wt[31:0] <= text_i; - busy <= 'b1; - round <= round_plus_1; - - case (cmd[3:2]) - 2'b00: // sha-384 first message - begin - A <= `SHA384_H0; - B <= `SHA384_H1; - C <= `SHA384_H2; - D <= `SHA384_H3; - E <= `SHA384_H4; - F <= `SHA384_H5; - G <= `SHA384_H6; - H <= `SHA384_H7; - - H0 <= `SHA384_H0; - H1 <= `SHA384_H1; - H2 <= `SHA384_H2; - H3 <= `SHA384_H3; - H4 <= `SHA384_H4; - H5 <= `SHA384_H5; - H6 <= `SHA384_H6; - H7 <= `SHA384_H7; - end - 2'b01: // sha-384 internal message - begin - H0 <= A; - H1 <= B; - H2 <= C; - H3 <= D; - H4 <= E; - H5 <= F; - H6 <= G; - H7 <= H; - end - 2'b10: // sha-512 first message - begin - A <= `SHA512_H0; - B <= `SHA512_H1; - C <= `SHA512_H2; - D <= `SHA512_H3; - E <= `SHA512_H4; - F <= `SHA512_H5; - G <= `SHA512_H6; - H <= `SHA512_H7; - - H0 <= `SHA512_H0; - H1 <= `SHA512_H1; - H2 <= `SHA512_H2; - H3 <= `SHA512_H3; - H4 <= `SHA512_H4; - H5 <= `SHA512_H5; - H6 <= `SHA512_H6; - H7 <= `SHA512_H7; - end - 2'b11: // sha-512 internal message - begin - H0 <= A; - H1 <= B; - H2 <= C; - H3 <= D; - H4 <= E; - H5 <= F; - H6 <= G; - H7 <= H; - end - endcase - end - else - begin // IDLE - round <= 'd0; - end - end - 'd1: - begin - W0[63:32] <= text_i; - Wt[63:32] <= text_i; - round <= round_plus_1; - end - 'd2: - begin - W1[31:0] <= text_i; - Wt[31:0] <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd3: - begin - W1[63:32] <= text_i; - Wt[63:32] <= text_i; - round <= round_plus_1; - end - 'd4: - begin - W2[31:0] <= text_i; - Wt[31:0] <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd5: - begin - W2[63:32] <= text_i; - Wt[63:32] <= text_i; - round <= round_plus_1; - end - 'd6: - begin - W3[31:0] <= text_i; - Wt[31:0] <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd7: - begin - W3[63:32] <= text_i; - Wt[63:32] <= text_i; - round <= round_plus_1; - end - 'd8: - begin - W4[31:0] <= text_i; - Wt[31:0] <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd9: - begin - W4[63:32] <= text_i; - Wt[63:32] <= text_i; - round <= round_plus_1; - end - 'd10: - begin - W5[31:0] <= text_i; - Wt[31:0] <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd11: - begin - W5[63:32] <= text_i; - Wt[63:32] <= text_i; - round <= round_plus_1; - end - 'd12: - begin - W6[31:0] <= text_i; - Wt[31:0] <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd13: - begin - W6[63:32] <= text_i; - Wt[63:32] <= text_i; - round <= round_plus_1; - end - 'd14: - begin - W7[31:0] <= text_i; - Wt[31:0] <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd15: - begin - W7[63:32] <= text_i; - Wt[63:32] <= text_i; - round <= round_plus_1; - end - 'd16: - begin - W8[31:0] <= text_i; - Wt[31:0] <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd17: - begin - W8[63:32] <= text_i; - Wt[63:32] <= text_i; - round <= round_plus_1; - end - 'd18: - begin - W9[31:0] <= text_i; - Wt[31:0] <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd19: - begin - W9[63:32] <= text_i; - Wt[63:32] <= text_i; - round <= round_plus_1; - end - 'd20: - begin - W10[31:0] <= text_i; - Wt[31:0] <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd21: - begin - W10[63:32] <= text_i; - Wt[63:32] <= text_i; - round <= round_plus_1; - end - 'd22: - begin - W11[31:0] <= text_i; - Wt[31:0] <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd23: - begin - W11[63:32] <= text_i; - Wt[63:32] <= text_i; - round <= round_plus_1; - end - 'd24: - begin - W12[31:0] <= text_i; - Wt[31:0] <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd25: - begin - W12[63:32] <= text_i; - Wt[63:32] <= text_i; - round <= round_plus_1; - end - 'd26: - begin - W13[31:0] <= text_i; - Wt[31:0] <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd27: - begin - W13[63:32] <= text_i; - Wt[63:32] <= text_i; - round <= round_plus_1; - end - 'd28: - begin - W14[31:0] <= text_i; - Wt[31:0] <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd29: - begin - W14[63:32] <= text_i; - Wt[63:32] <= text_i; - round <= round_plus_1; - end - 'd30: - begin - Wt[31:0] <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd31: - begin - Wt[63:32] <= text_i; - round <= round_plus_1; - end - 'd32, - 'd33, - 'd34, - 'd35, - 'd36, - 'd37, - 'd38, - 'd39, - 'd40, - 'd41, - 'd42, - 'd43, - 'd44, - 'd45, - 'd46, - 'd47, - 'd48, - 'd49, - 'd50, - 'd51, - 'd52, - 'd53, - 'd54, - 'd55, - 'd56, - 'd57, - 'd58, - 'd59, - 'd60, - 'd61, - 'd62, - 'd63, - 'd64, - 'd65, - 'd66, - 'd67, - 'd68, - 'd69, - 'd70, - 'd71, - 'd72, - 'd73, - 'd74, - 'd75, - 'd76, - 'd77, - 'd78, - 'd79, - 'd80, - 'd81, - 'd82, - 'd83, - 'd84, - 'd85, - 'd86, - 'd87, - 'd88, - 'd89, - 'd90, - 'd91, - 'd92, - 'd93, - 'd94, - 'd95: - begin - W0 <= W1; - W1 <= W2; - W2 <= W3; - W3 <= W4; - W4 <= W5; - W5 <= W6; - W6 <= W7; - W7 <= W8; - W8 <= W9; - W9 <= W10; - W10 <= W11; - W11 <= W12; - W12 <= W13; - W13 <= W14; - W14 <= Wt; - Wt <= next_Wt; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd96: - begin - A <= next_A + H0; - B <= A + H1; - C <= B + H2; - D <= C + H3; - E <= next_E + H4; - F <= E + H5; - G <= F + H6; - H <= G + H7; - round <= 'd0; - busy <= 'b0; - end - default: - begin - round <= 'd0; - busy <= 'b0; - end - endcase - end - end - - - //------------------------------------------------------------------ - // Kt generator - //------------------------------------------------------------------ - always @ (posedge clk_i) - begin - if (rst_i) - begin - Kt <= 'b0; - end - else - begin - case (round) - 'd00: Kt <= `K00; - 'd01: Kt <= `K00; - 'd02: Kt <= `K01; - 'd03: Kt <= `K01; - 'd04: Kt <= `K02; - 'd05: Kt <= `K02; - 'd06: Kt <= `K03; - 'd07: Kt <= `K03; - 'd08: Kt <= `K04; - 'd09: Kt <= `K04; - 'd10: Kt <= `K05; - 'd11: Kt <= `K05; - 'd12: Kt <= `K06; - 'd13: Kt <= `K06; - 'd14: Kt <= `K07; - 'd15: Kt <= `K07; - 'd16: Kt <= `K08; - 'd17: Kt <= `K08; - 'd18: Kt <= `K09; - 'd19: Kt <= `K09; - 'd20: Kt <= `K10; - 'd21: Kt <= `K10; - 'd22: Kt <= `K11; - 'd23: Kt <= `K11; - 'd24: Kt <= `K12; - 'd25: Kt <= `K12; - 'd26: Kt <= `K13; - 'd27: Kt <= `K13; - 'd28: Kt <= `K14; - 'd29: Kt <= `K14; - 'd30: Kt <= `K15; - 'd31: Kt <= `K15; - 'd32: Kt <= `K16; - 'd33: Kt <= `K17; - 'd34: Kt <= `K18; - 'd35: Kt <= `K19; - 'd36: Kt <= `K20; - 'd37: Kt <= `K21; - 'd38: Kt <= `K22; - 'd39: Kt <= `K23; - 'd40: Kt <= `K24; - 'd41: Kt <= `K25; - 'd42: Kt <= `K26; - 'd43: Kt <= `K27; - 'd44: Kt <= `K28; - 'd45: Kt <= `K29; - 'd46: Kt <= `K30; - 'd47: Kt <= `K31; - 'd48: Kt <= `K32; - 'd49: Kt <= `K33; - 'd50: Kt <= `K34; - 'd51: Kt <= `K35; - 'd52: Kt <= `K36; - 'd53: Kt <= `K37; - 'd54: Kt <= `K38; - 'd55: Kt <= `K39; - 'd56: Kt <= `K40; - 'd57: Kt <= `K41; - 'd58: Kt <= `K42; - 'd59: Kt <= `K43; - 'd60: Kt <= `K44; - 'd61: Kt <= `K45; - 'd62: Kt <= `K46; - 'd63: Kt <= `K47; - 'd64: Kt <= `K48; - 'd65: Kt <= `K49; - 'd66: Kt <= `K50; - 'd67: Kt <= `K51; - 'd68: Kt <= `K52; - 'd69: Kt <= `K53; - 'd70: Kt <= `K54; - 'd71: Kt <= `K55; - 'd72: Kt <= `K56; - 'd73: Kt <= `K57; - 'd74: Kt <= `K58; - 'd75: Kt <= `K59; - 'd76: Kt <= `K60; - 'd77: Kt <= `K61; - 'd78: Kt <= `K62; - 'd79: Kt <= `K63; - 'd80: Kt <= `K64; - 'd81: Kt <= `K65; - 'd82: Kt <= `K66; - 'd83: Kt <= `K67; - 'd84: Kt <= `K68; - 'd85: Kt <= `K69; - 'd86: Kt <= `K70; - 'd87: Kt <= `K71; - 'd88: Kt <= `K72; - 'd89: Kt <= `K73; - 'd90: Kt <= `K74; - 'd91: Kt <= `K75; - 'd92: Kt <= `K76; - 'd93: Kt <= `K77; - 'd94: Kt <= `K78; - 'd95: Kt <= `K79; - default:Kt <= 'd0; - endcase - end - end - - //------------------------------------------------------------------ - // read result - //------------------------------------------------------------------ - always @ (posedge clk_i) - begin - if (rst_i) - begin - text_o <= 'b0; - read_counter <= 'b0; - end - else - begin - if (cmd[0]) - begin - case (cmd[3]) - 1'b0: read_counter <= 'd11; // sha-384 384/32=12 - 1'b1: read_counter <= 'd15; // sha-512 512/32=16 - endcase - end - else - begin - if (~busy) - begin - case (cmd[3]) - 1'b0: - begin - case (read_counter) - 'd11: text_o <= SHA384_result[12*32-1:11*32]; - 'd10: text_o <= SHA384_result[11*32-1:10*32]; - 'd09: text_o <= SHA384_result[10*32-1:09*32]; - 'd08: text_o <= SHA384_result[09*32-1:08*32]; - 'd07: text_o <= SHA384_result[08*32-1:07*32]; - 'd06: text_o <= SHA384_result[07*32-1:06*32]; - 'd05: text_o <= SHA384_result[06*32-1:05*32]; - 'd04: text_o <= SHA384_result[05*32-1:04*32]; - 'd03: text_o <= SHA384_result[04*32-1:03*32]; - 'd02: text_o <= SHA384_result[03*32-1:02*32]; - 'd01: text_o <= SHA384_result[02*32-1:01*32]; - 'd00: text_o <= SHA384_result[01*32-1:00*32]; - default:text_o <= 'b0; - endcase - end - 1'b1: - begin - case (read_counter) - 'd15: text_o <= SHA512_result[16*32-1:15*32]; - 'd14: text_o <= SHA512_result[15*32-1:14*32]; - 'd13: text_o <= SHA512_result[14*32-1:13*32]; - 'd12: text_o <= SHA512_result[13*32-1:12*32]; - 'd11: text_o <= SHA512_result[12*32-1:11*32]; - 'd10: text_o <= SHA512_result[11*32-1:10*32]; - 'd09: text_o <= SHA512_result[10*32-1:09*32]; - 'd08: text_o <= SHA512_result[09*32-1:08*32]; - 'd07: text_o <= SHA512_result[08*32-1:07*32]; - 'd06: text_o <= SHA512_result[07*32-1:06*32]; - 'd05: text_o <= SHA512_result[06*32-1:05*32]; - 'd04: text_o <= SHA512_result[05*32-1:04*32]; - 'd03: text_o <= SHA512_result[04*32-1:03*32]; - 'd02: text_o <= SHA512_result[03*32-1:02*32]; - 'd01: text_o <= SHA512_result[02*32-1:01*32]; - 'd00: text_o <= SHA512_result[01*32-1:00*32]; - default:text_o <= 'b0; - endcase - end - endcase - if (|read_counter) - read_counter <= read_counter - 'd1; - end - else - begin - text_o <= 'b0; - end - end - end - end - -endmodule - Index: trunk/rtl/sha256.v =================================================================== --- trunk/rtl/sha256.v (revision 3) +++ trunk/rtl/sha256.v (nonexistent) @@ -1,774 +0,0 @@ -///////////////////////////////////////////////////////////////////// -//// //// -//// SHA-256 //// -//// Secure Hash Algorithm (SHA-256) //// -//// //// -//// Author: marsgod //// -//// marsgod@opencores.org //// -//// //// -//// //// -//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// -//// //// -///////////////////////////////////////////////////////////////////// -//// //// -//// Copyright (C) 2000-2002 marsgod //// -//// marsgod@opencores.org //// -//// //// -//// //// -//// This source file may be used and distributed without //// -//// restriction provided that this copyright statement is not //// -//// removed from the file and that any derivative work contains //// -//// the original copyright notice and the associated disclaimer.//// -//// //// -//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// -//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// -//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// -//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// -//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// -//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// -//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// -//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// -//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// -//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// -//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// -//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// -//// POSSIBILITY OF SUCH DAMAGE. //// -//// //// -///////////////////////////////////////////////////////////////////// - -`define SHA256_H0 32'h6a09e667 -`define SHA256_H1 32'hbb67ae85 -`define SHA256_H2 32'h3c6ef372 -`define SHA256_H3 32'ha54ff53a -`define SHA256_H4 32'h510e527f -`define SHA256_H5 32'h9b05688c -`define SHA256_H6 32'h1f83d9ab -`define SHA256_H7 32'h5be0cd19 - -`define K00 32'h428a2f98 -`define K01 32'h71374491 -`define K02 32'hb5c0fbcf -`define K03 32'he9b5dba5 -`define K04 32'h3956c25b -`define K05 32'h59f111f1 -`define K06 32'h923f82a4 -`define K07 32'hab1c5ed5 -`define K08 32'hd807aa98 -`define K09 32'h12835b01 -`define K10 32'h243185be -`define K11 32'h550c7dc3 -`define K12 32'h72be5d74 -`define K13 32'h80deb1fe -`define K14 32'h9bdc06a7 -`define K15 32'hc19bf174 -`define K16 32'he49b69c1 -`define K17 32'hefbe4786 -`define K18 32'h0fc19dc6 -`define K19 32'h240ca1cc -`define K20 32'h2de92c6f -`define K21 32'h4a7484aa -`define K22 32'h5cb0a9dc -`define K23 32'h76f988da -`define K24 32'h983e5152 -`define K25 32'ha831c66d -`define K26 32'hb00327c8 -`define K27 32'hbf597fc7 -`define K28 32'hc6e00bf3 -`define K29 32'hd5a79147 -`define K30 32'h06ca6351 -`define K31 32'h14292967 -`define K32 32'h27b70a85 -`define K33 32'h2e1b2138 -`define K34 32'h4d2c6dfc -`define K35 32'h53380d13 -`define K36 32'h650a7354 -`define K37 32'h766a0abb -`define K38 32'h81c2c92e -`define K39 32'h92722c85 -`define K40 32'ha2bfe8a1 -`define K41 32'ha81a664b -`define K42 32'hc24b8b70 -`define K43 32'hc76c51a3 -`define K44 32'hd192e819 -`define K45 32'hd6990624 -`define K46 32'hf40e3585 -`define K47 32'h106aa070 -`define K48 32'h19a4c116 -`define K49 32'h1e376c08 -`define K50 32'h2748774c -`define K51 32'h34b0bcb5 -`define K52 32'h391c0cb3 -`define K53 32'h4ed8aa4a -`define K54 32'h5b9cca4f -`define K55 32'h682e6ff3 -`define K56 32'h748f82ee -`define K57 32'h78a5636f -`define K58 32'h84c87814 -`define K59 32'h8cc70208 -`define K60 32'h90befffa -`define K61 32'ha4506ceb -`define K62 32'hbef9a3f7 -`define K63 32'hc67178f2 - -module sha256 (clk_i, rst_i, text_i, text_o, cmd_i, cmd_w_i, cmd_o); - - input clk_i; // global clock input - input rst_i; // global reset input , active high - - input [31:0] text_i; // text input 32bit - output [31:0] text_o; // text output 32bit - - input [2:0] cmd_i; // command input - input cmd_w_i;// command input write enable - output [3:0] cmd_o; // command output(status) - - /* - cmd - Busy Round W R - - bit3 bit2 bit1 bit0 - Busy Round W R - - Busy: - 0 idle - 1 busy - - Round: - 0 first round - 1 internal round - - W: - 0 No-op - 1 write data - - R: - 0 No-op - 1 read data - - */ - - - reg [3:0] cmd; - wire [3:0] cmd_o; - - reg [31:0] text_o; - - reg [6:0] round; - wire [6:0] round_plus_1; - - reg [2:0] read_counter; - - reg [31:0] H0,H1,H2,H3,H4,H5,H6,H7; - reg [31:0] W0,W1,W2,W3,W4,W5,W6,W7,W8,W9,W10,W11,W12,W13,W14; - reg [31:0] Wt,Kt; - reg [31:0] A,B,C,D,E,F,G,H; - - reg busy; - - assign cmd_o = cmd; - always @ (posedge clk_i) - begin - if (rst_i) - cmd <= 'b0; - else - if (cmd_w_i) - cmd[2:0] <= cmd_i[2:0]; // busy bit can't write - else - begin - cmd[3] <= busy; // update busy bit - if (~busy) - cmd[1:0] <= 2'b00; // hardware auto clean R/W bits - end - end - - wire [31:0] f1_EFG_32,f2_ABC_32,f3_A_32,f4_E_32,f5_W1_32,f6_W14_32,T1_32,T2_32; - wire [31:0] next_Wt,next_E,next_A; - wire [255:0] SHA256_result; - - assign f1_EFG_32 = (E & F) ^ (~E & G); - - assign f2_ABC_32 = (A & B) ^ (B & C) ^ (A & C); - - assign f3_A_32 = {A[1:0],A[31:2]} ^ {A[12:0],A[31:13]} ^ {A[21:0],A[31:22]}; - - assign f4_E_32 = {E[5:0],E[31:6]} ^ {E[10:0],E[31:11]} ^ {E[24:0],E[31:25]}; - - assign f5_W1_32 = {W1[6:0],W1[31:7]} ^ {W1[17:0],W1[31:18]} ^ {3'b000,W1[31:3]}; - - assign f6_W14_32 = {W14[16:0],W14[31:17]} ^ {W14[18:0],W14[31:19]} ^ {10'b00_0000_0000,W14[31:10]}; - - - assign T1_32 = H[31:0] + f4_E_32 + f1_EFG_32 + Kt + Wt; - - assign T2_32 = f3_A_32 + f2_ABC_32; - - assign next_Wt = f6_W14_32 + W9[31:0] + f5_W1_32 + W0[31:0]; - assign next_E = D[31:0] + T1_32; - assign next_A = T1_32 + T2_32; - - - assign SHA256_result = {A,B,C,D,E,F,G,H}; - - assign round_plus_1 = round + 1; - - //------------------------------------------------------------------ - // SHA round - //------------------------------------------------------------------ - always @(posedge clk_i) - begin - if (rst_i) - begin - round <= 'd0; - busy <= 'b0; - - W0 <= 'b0; - W1 <= 'b0; - W2 <= 'b0; - W3 <= 'b0; - W4 <= 'b0; - W5 <= 'b0; - W6 <= 'b0; - W7 <= 'b0; - W8 <= 'b0; - W9 <= 'b0; - W10 <= 'b0; - W11 <= 'b0; - W12 <= 'b0; - W13 <= 'b0; - W14 <= 'b0; - Wt <= 'b0; - - A <= 'b0; - B <= 'b0; - C <= 'b0; - D <= 'b0; - E <= 'b0; - F <= 'b0; - G <= 'b0; - H <= 'b0; - - H0 <= 'b0; - H1 <= 'b0; - H2 <= 'b0; - H3 <= 'b0; - H4 <= 'b0; - H5 <= 'b0; - H6 <= 'b0; - H7 <= 'b0; - end - else - begin - case (round) - - 'd0: - begin - if (cmd[1]) - begin - W0 <= text_i; - Wt <= text_i; - busy <= 'b1; - round <= round_plus_1; - - case (cmd[2]) - 1'b0: // sha-256 first message - begin - A <= `SHA256_H0; - B <= `SHA256_H1; - C <= `SHA256_H2; - D <= `SHA256_H3; - E <= `SHA256_H4; - F <= `SHA256_H5; - G <= `SHA256_H6; - H <= `SHA256_H7; - - H0 <= `SHA256_H0; - H1 <= `SHA256_H1; - H2 <= `SHA256_H2; - H3 <= `SHA256_H3; - H4 <= `SHA256_H4; - H5 <= `SHA256_H5; - H6 <= `SHA256_H6; - H7 <= `SHA256_H7; - end - 1'b1: // sha-256 internal message - begin - H0 <= A; - H1 <= B; - H2 <= C; - H3 <= D; - H4 <= E; - H5 <= F; - H6 <= G; - H7 <= H; - end - endcase - end - else - begin // IDLE - round <= 'd0; - end - end - 'd1: - begin - W1 <= text_i; - Wt <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd2: - begin - W2 <= text_i; - Wt <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd3: - begin - W3 <= text_i; - Wt <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd4: - begin - W4 <= text_i; - Wt <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd5: - begin - W5 <= text_i; - Wt <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd6: - begin - W6 <= text_i; - Wt <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd7: - begin - W7 <= text_i; - Wt <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd8: - begin - W8 <= text_i; - Wt <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd9: - begin - W9 <= text_i; - Wt <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd10: - begin - W10 <= text_i; - Wt <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd11: - begin - W11 <= text_i; - Wt <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd12: - begin - W12 <= text_i; - Wt <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd13: - begin - W13 <= text_i; - Wt <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd14: - begin - W14 <= text_i; - Wt <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd15: - begin - Wt <= text_i; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd16, - 'd17, - 'd18, - 'd19, - 'd20, - 'd21, - 'd22, - 'd23, - 'd24, - 'd25, - 'd26, - 'd27, - 'd28, - 'd29, - 'd30, - 'd31, - 'd32, - 'd33, - 'd34, - 'd35, - 'd36, - 'd37, - 'd38, - 'd39, - 'd40, - 'd41, - 'd42, - 'd43, - 'd44, - 'd45, - 'd46, - 'd47, - 'd48, - 'd49, - 'd50, - 'd51, - 'd52, - 'd53, - 'd54, - 'd55, - 'd56, - 'd57, - 'd58, - 'd59, - 'd60, - 'd61, - 'd62, - 'd63: - begin - W0 <= W1; - W1 <= W2; - W2 <= W3; - W3 <= W4; - W4 <= W5; - W5 <= W6; - W6 <= W7; - W7 <= W8; - W8 <= W9; - W9 <= W10; - W10 <= W11; - W11 <= W12; - W12 <= W13; - W13 <= W14; - W14 <= Wt; - Wt <= next_Wt; - - H <= G; - G <= F; - F <= E; - E <= next_E; - D <= C; - C <= B; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd64: - begin - A <= next_A + H0; - B <= A + H1; - C <= B + H2; - D <= C + H3; - E <= next_E + H4; - F <= E + H5; - G <= F + H6; - H <= G + H7; - round <= 'd0; - busy <= 'b0; - end - default: - begin - round <= 'd0; - busy <= 'b0; - end - endcase - end - end - - - //------------------------------------------------------------------ - // Kt generator - //------------------------------------------------------------------ - always @ (posedge clk_i) - begin - if (rst_i) - begin - Kt <= 'b0; - end - else - begin - case (round) - 'd00: Kt <= `K00; - 'd01: Kt <= `K01; - 'd02: Kt <= `K02; - 'd03: Kt <= `K03; - 'd04: Kt <= `K04; - 'd05: Kt <= `K05; - 'd06: Kt <= `K06; - 'd07: Kt <= `K07; - 'd08: Kt <= `K08; - 'd09: Kt <= `K09; - 'd10: Kt <= `K10; - 'd11: Kt <= `K11; - 'd12: Kt <= `K12; - 'd13: Kt <= `K13; - 'd14: Kt <= `K14; - 'd15: Kt <= `K15; - 'd16: Kt <= `K16; - 'd17: Kt <= `K17; - 'd18: Kt <= `K18; - 'd19: Kt <= `K19; - 'd20: Kt <= `K20; - 'd21: Kt <= `K21; - 'd22: Kt <= `K22; - 'd23: Kt <= `K23; - 'd24: Kt <= `K24; - 'd25: Kt <= `K25; - 'd26: Kt <= `K26; - 'd27: Kt <= `K27; - 'd28: Kt <= `K28; - 'd29: Kt <= `K29; - 'd30: Kt <= `K30; - 'd31: Kt <= `K31; - 'd32: Kt <= `K32; - 'd33: Kt <= `K33; - 'd34: Kt <= `K34; - 'd35: Kt <= `K35; - 'd36: Kt <= `K36; - 'd37: Kt <= `K37; - 'd38: Kt <= `K38; - 'd39: Kt <= `K39; - 'd40: Kt <= `K40; - 'd41: Kt <= `K41; - 'd42: Kt <= `K42; - 'd43: Kt <= `K43; - 'd44: Kt <= `K44; - 'd45: Kt <= `K45; - 'd46: Kt <= `K46; - 'd47: Kt <= `K47; - 'd48: Kt <= `K48; - 'd49: Kt <= `K49; - 'd50: Kt <= `K50; - 'd51: Kt <= `K51; - 'd52: Kt <= `K52; - 'd53: Kt <= `K53; - 'd54: Kt <= `K54; - 'd55: Kt <= `K55; - 'd56: Kt <= `K56; - 'd57: Kt <= `K57; - 'd58: Kt <= `K58; - 'd59: Kt <= `K59; - 'd60: Kt <= `K60; - 'd61: Kt <= `K61; - 'd62: Kt <= `K62; - 'd63: Kt <= `K63; - default:Kt <= 'd0; - endcase - end - end - - //------------------------------------------------------------------ - // read result - //------------------------------------------------------------------ - always @ (posedge clk_i) - begin - if (rst_i) - begin - text_o <= 'b0; - read_counter <= 'b0; - end - else - begin - if (cmd[0]) - begin - read_counter <= 'd7; // sha-256 256/32=8 - end - else - begin - if (~busy) - begin - case (read_counter) - 'd7: text_o <= SHA256_result[8*32-1:7*32]; - 'd6: text_o <= SHA256_result[7*32-1:6*32]; - 'd5: text_o <= SHA256_result[6*32-1:5*32]; - 'd4: text_o <= SHA256_result[5*32-1:4*32]; - 'd3: text_o <= SHA256_result[4*32-1:3*32]; - 'd2: text_o <= SHA256_result[3*32-1:2*32]; - 'd1: text_o <= SHA256_result[2*32-1:1*32]; - 'd0: text_o <= SHA256_result[1*32-1:0*32]; - default:text_o <= 'b0; - endcase - if (|read_counter) - read_counter <= read_counter - 'd1; - end - else - begin - text_o <= 'b0; - end - end - end - end - -endmodule - Index: trunk/rtl/sha1.v =================================================================== --- trunk/rtl/sha1.v (revision 3) +++ trunk/rtl/sha1.v (nonexistent) @@ -1,594 +0,0 @@ -///////////////////////////////////////////////////////////////////// -//// //// -//// SHA-160 //// -//// Secure Hash Algorithm (SHA-160) //// -//// //// -//// Author: marsgod //// -//// marsgod@opencores.org //// -//// //// -//// //// -//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// -//// //// -///////////////////////////////////////////////////////////////////// -//// //// -//// Copyright (C) 2002-2004 marsgod //// -//// marsgod@opencores.org //// -//// //// -//// //// -//// This source file may be used and distributed without //// -//// restriction provided that this copyright statement is not //// -//// removed from the file and that any derivative work contains //// -//// the original copyright notice and the associated disclaimer.//// -//// //// -//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// -//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// -//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// -//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// -//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// -//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// -//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// -//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// -//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// -//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// -//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// -//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// -//// POSSIBILITY OF SUCH DAMAGE. //// -//// //// -///////////////////////////////////////////////////////////////////// - -`define SHA1_H0 32'h67452301 -`define SHA1_H1 32'hefcdab89 -`define SHA1_H2 32'h98badcfe -`define SHA1_H3 32'h10325476 -`define SHA1_H4 32'hc3d2e1f0 - -`define SHA1_K0 32'h5a827999 -`define SHA1_K1 32'h6ed9eba1 -`define SHA1_K2 32'h8f1bbcdc -`define SHA1_K3 32'hca62c1d6 - -module sha1 (clk_i, rst_i, text_i, text_o, cmd_i, cmd_w_i, cmd_o); - - input clk_i; // global clock input - input rst_i; // global reset input , active high - - input [31:0] text_i; // text input 32bit - output [31:0] text_o; // text output 32bit - - input [2:0] cmd_i; // command input - input cmd_w_i;// command input write enable - output [3:0] cmd_o; // command output(status) - - /* - cmd - Busy Round W R - - bit3 bit2 bit1 bit0 - Busy Round W R - - Busy: - 0 idle - 1 busy - - Round: - 0 first round - 1 internal round - - W: - 0 No-op - 1 write data - - R: - 0 No-op - 1 read data - - */ - - - reg [3:0] cmd; - wire [3:0] cmd_o; - - reg [31:0] text_o; - - reg [6:0] round; - wire [6:0] round_plus_1; - - reg [2:0] read_counter; - - reg [31:0] H0,H1,H2,H3,H4; - reg [31:0] W0,W1,W2,W3,W4,W5,W6,W7,W8,W9,W10,W11,W12,W13,W14; - reg [31:0] Wt,Kt; - reg [31:0] A,B,C,D,E; - - reg busy; - - assign cmd_o = cmd; - always @ (posedge clk_i) - begin - if (rst_i) - cmd <= 'b0; - else - if (cmd_w_i) - cmd[2:0] <= cmd_i[2:0]; // busy bit can't write - else - begin - cmd[3] <= busy; // update busy bit - if (~busy) - cmd[1:0] <= 2'b00; // hardware auto clean R/W bits - end - end - - // Hash functions - wire [31:0] SHA1_f1_BCD,SHA1_f2_BCD,SHA1_f3_BCD,SHA1_Wt_1; - wire [31:0] SHA1_ft_BCD; - wire [31:0] next_Wt,next_A,next_C; - wire [159:0] SHA1_result; - - assign SHA1_f1_BCD = (B & C) ^ (~B & D); - assign SHA1_f2_BCD = B ^ C ^ D; - assign SHA1_f3_BCD = (B & C) ^ (C & D) ^ (B & D); - - assign SHA1_ft_BCD = (round < 'd21) ? SHA1_f1_BCD : (round < 'd41) ? SHA1_f2_BCD : (round < 'd61) ? SHA1_f3_BCD : SHA1_f2_BCD; - - assign SHA1_Wt_1 = {W13 ^ W8 ^ W2 ^ W0}; - - assign next_Wt = {SHA1_Wt_1[30:0],SHA1_Wt_1[31]}; // NSA fix added - assign next_A = {A[26:0],A[31:27]} + SHA1_ft_BCD + E + Kt + Wt; - assign next_C = {B[1:0],B[31:2]}; - - assign SHA1_result = {A,B,C,D,E}; - - assign round_plus_1 = round + 1; - - //------------------------------------------------------------------ - // SHA round - //------------------------------------------------------------------ - always @(posedge clk_i) - begin - if (rst_i) - begin - round <= 'd0; - busy <= 'b0; - - W0 <= 'b0; - W1 <= 'b0; - W2 <= 'b0; - W3 <= 'b0; - W4 <= 'b0; - W5 <= 'b0; - W6 <= 'b0; - W7 <= 'b0; - W8 <= 'b0; - W9 <= 'b0; - W10 <= 'b0; - W11 <= 'b0; - W12 <= 'b0; - W13 <= 'b0; - W14 <= 'b0; - Wt <= 'b0; - - A <= 'b0; - B <= 'b0; - C <= 'b0; - D <= 'b0; - E <= 'b0; - - H0 <= 'b0; - H1 <= 'b0; - H2 <= 'b0; - H3 <= 'b0; - H4 <= 'b0; - - end - else - begin - case (round) - - 'd0: - begin - if (cmd[1]) - begin - W0 <= text_i; - Wt <= text_i; - busy <= 'b1; - round <= round_plus_1; - - case (cmd[2]) - 1'b0: // sha-1 first message - begin - A <= `SHA1_H0; - B <= `SHA1_H1; - C <= `SHA1_H2; - D <= `SHA1_H3; - E <= `SHA1_H4; - - H0 <= `SHA1_H0; - H1 <= `SHA1_H1; - H2 <= `SHA1_H2; - H3 <= `SHA1_H3; - H4 <= `SHA1_H4; - end - 1'b1: // sha-1 internal message - begin - H0 <= A; - H1 <= B; - H2 <= C; - H3 <= D; - H4 <= E; - end - endcase - end - else - begin // IDLE - round <= 'd0; - end - end - 'd1: - begin - W1 <= text_i; - Wt <= text_i; - - E <= D; - D <= C; - C <= next_C; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd2: - begin - W2 <= text_i; - Wt <= text_i; - - E <= D; - D <= C; - C <= next_C; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd3: - begin - W3 <= text_i; - Wt <= text_i; - - E <= D; - D <= C; - C <= next_C; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd4: - begin - W4 <= text_i; - Wt <= text_i; - - E <= D; - D <= C; - C <= next_C; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd5: - begin - W5 <= text_i; - Wt <= text_i; - - E <= D; - D <= C; - C <= next_C; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd6: - begin - W6 <= text_i; - Wt <= text_i; - - E <= D; - D <= C; - C <= next_C; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd7: - begin - W7 <= text_i; - Wt <= text_i; - - E <= D; - D <= C; - C <= next_C; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd8: - begin - W8 <= text_i; - Wt <= text_i; - - E <= D; - D <= C; - C <= next_C; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd9: - begin - W9 <= text_i; - Wt <= text_i; - - E <= D; - D <= C; - C <= next_C; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd10: - begin - W10 <= text_i; - Wt <= text_i; - - E <= D; - D <= C; - C <= next_C; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd11: - begin - W11 <= text_i; - Wt <= text_i; - - E <= D; - D <= C; - C <= next_C; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd12: - begin - W12 <= text_i; - Wt <= text_i; - - E <= D; - D <= C; - C <= next_C; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd13: - begin - W13 <= text_i; - Wt <= text_i; - - E <= D; - D <= C; - C <= next_C; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd14: - begin - W14 <= text_i; - Wt <= text_i; - - E <= D; - D <= C; - C <= next_C; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd15: - begin - Wt <= text_i; - - E <= D; - D <= C; - C <= next_C; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd16, - 'd17, - 'd18, - 'd19, - 'd20, - 'd21, - 'd22, - 'd23, - 'd24, - 'd25, - 'd26, - 'd27, - 'd28, - 'd29, - 'd30, - 'd31, - 'd32, - 'd33, - 'd34, - 'd35, - 'd36, - 'd37, - 'd38, - 'd39, - 'd40, - 'd41, - 'd42, - 'd43, - 'd44, - 'd45, - 'd46, - 'd47, - 'd48, - 'd49, - 'd50, - 'd51, - 'd52, - 'd53, - 'd54, - 'd55, - 'd56, - 'd57, - 'd58, - 'd59, - 'd60, - 'd61, - 'd62, - 'd63, - 'd64, - 'd65, - 'd66, - 'd67, - 'd68, - 'd69, - 'd70, - 'd71, - 'd72, - 'd73, - 'd74, - 'd75, - 'd76, - 'd77, - 'd78, - 'd79: - begin - W0 <= W1; - W1 <= W2; - W2 <= W3; - W3 <= W4; - W4 <= W5; - W5 <= W6; - W6 <= W7; - W7 <= W8; - W8 <= W9; - W9 <= W10; - W10 <= W11; - W11 <= W12; - W12 <= W13; - W13 <= W14; - W14 <= Wt; - Wt <= next_Wt; - - E <= D; - D <= C; - C <= next_C; - B <= A; - A <= next_A; - - round <= round_plus_1; - end - 'd80: - begin - A <= next_A + H0; - B <= A + H1; - C <= next_C + H2; - D <= C + H3; - E <= D + H4; - round <= 'd0; - busy <= 'b0; - end - default: - begin - round <= 'd0; - busy <= 'b0; - end - endcase - end - end - - - //------------------------------------------------------------------ - // Kt generator - //------------------------------------------------------------------ - always @ (posedge clk_i) - begin - if (rst_i) - begin - Kt <= 'b0; - end - else - begin - if (round < 'd20) - Kt <= `SHA1_K0; - else - if (round < 'd40) - Kt <= `SHA1_K1; - else - if (round < 'd60) - Kt <= `SHA1_K2; - else - Kt <= `SHA1_K3; - end - end - - //------------------------------------------------------------------ - // read result - //------------------------------------------------------------------ - always @ (posedge clk_i) - begin - if (rst_i) - begin - text_o <= 'b0; - read_counter <= 'b0; - end - else - begin - if (cmd[0]) - begin - read_counter <= 'd4; // sha-1 160/32=5 - end - else - begin - if (~busy) - begin - case (read_counter) - 'd4: text_o <= SHA1_result[5*32-1:4*32]; - 'd3: text_o <= SHA1_result[4*32-1:3*32]; - 'd2: text_o <= SHA1_result[3*32-1:2*32]; - 'd1: text_o <= SHA1_result[2*32-1:1*32]; - 'd0: text_o <= SHA1_result[1*32-1:0*32]; - default:text_o <= 'b0; - endcase - if (|read_counter) - read_counter <= read_counter - 'd1; - end - else - begin - text_o <= 'b0; - end - end - end - end - -endmodule - \ No newline at end of file Index: trunk/doc/Secure Hash Algorithm IP Core.pdf =================================================================== Cannot display: file marked as a binary type. svn:mime-type = application/octet-stream Index: trunk/doc/Secure Hash Algorithm IP Core.pdf =================================================================== --- trunk/doc/Secure Hash Algorithm IP Core.pdf (revision 3) +++ trunk/doc/Secure Hash Algorithm IP Core.pdf (nonexistent)
trunk/doc/Secure Hash Algorithm IP Core.pdf Property changes : Deleted: svn:mime-type ## -1 +0,0 ## -application/octet-stream \ No newline at end of property Index: trunk/doc/Secure Hash Algorithm IP Core.doc =================================================================== Cannot display: file marked as a binary type. svn:mime-type = application/octet-stream Index: trunk/doc/Secure Hash Algorithm IP Core.doc =================================================================== --- trunk/doc/Secure Hash Algorithm IP Core.doc (revision 3) +++ trunk/doc/Secure Hash Algorithm IP Core.doc (nonexistent)
trunk/doc/Secure Hash Algorithm IP Core.doc Property changes : Deleted: svn:mime-type ## -1 +0,0 ## -application/octet-stream \ No newline at end of property Index: trunk/src/mrshs512.c =================================================================== --- trunk/src/mrshs512.c (revision 3) +++ trunk/src/mrshs512.c (nonexistent) @@ -1,238 +0,0 @@ -/* - * Implementation of the Secure Hashing Algorithm (SHA-384 and SHA-512) - * - * Generates a a 384 or 512 bit message digest. It should be impossible to come - * come up with two messages that hash to the same value ("collision free"). - * - * For use with byte-oriented messages only. Could/Should be speeded - * up by unwinding loops in shs_transform(), and assembly patches. - * - * NOTE: This requires a 64-bit integer type to be defined - */ - -#include -#include "miracl.h" - -#ifdef mr_unsign64 - -#define H0 0x6a09e667f3bcc908 -#define H1 0xbb67ae8584caa73b -#define H2 0x3c6ef372fe94f82b -#define H3 0xa54ff53a5f1d36f1 -#define H4 0x510e527fade682d1 -#define H5 0x9b05688c2b3e6c1f -#define H6 0x1f83d9abfb41bd6b -#define H7 0x5be0cd19137e2179 - -#define H8 0xcbbb9d5dc1059ed8 -#define H9 0x629a292a367cd507 -#define HA 0x9159015a3070dd17 -#define HB 0x152fecd8f70e5939 -#define HC 0x67332667ffc00b31 -#define HD 0x8eb44a8768581511 -#define HE 0xdb0c2e0d64f98fa7 -#define HF 0x47b5481dbefa4fa4 - -static mr_unsign64 K[80]={ -0x428a2f98d728ae22,0x7137449123ef65cd,0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc, -0x3956c25bf348b538,0x59f111f1b605d019,0x923f82a4af194f9b,0xab1c5ed5da6d8118, -0xd807aa98a3030242,0x12835b0145706fbe,0x243185be4ee4b28c,0x550c7dc3d5ffb4e2, -0x72be5d74f27b896f,0x80deb1fe3b1696b1,0x9bdc06a725c71235,0xc19bf174cf692694, -0xe49b69c19ef14ad2,0xefbe4786384f25e3,0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65, -0x2de92c6f592b0275,0x4a7484aa6ea6e483,0x5cb0a9dcbd41fbd4,0x76f988da831153b5, -0x983e5152ee66dfab,0xa831c66d2db43210,0xb00327c898fb213f,0xbf597fc7beef0ee4, -0xc6e00bf33da88fc2,0xd5a79147930aa725,0x06ca6351e003826f,0x142929670a0e6e70, -0x27b70a8546d22ffc,0x2e1b21385c26c926,0x4d2c6dfc5ac42aed,0x53380d139d95b3df, -0x650a73548baf63de,0x766a0abb3c77b2a8,0x81c2c92e47edaee6,0x92722c851482353b, -0xa2bfe8a14cf10364,0xa81a664bbc423001,0xc24b8b70d0f89791,0xc76c51a30654be30, -0xd192e819d6ef5218,0xd69906245565a910,0xf40e35855771202a,0x106aa07032bbd1b8, -0x19a4c116b8d2d0c8,0x1e376c085141ab53,0x2748774cdf8eeb99,0x34b0bcb5e19b48a8, -0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb,0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3, -0x748f82ee5defb2fc,0x78a5636f43172f60,0x84c87814a1f0ab72,0x8cc702081a6439ec, -0x90befffa23631e28,0xa4506cebde82bde9,0xbef9a3f7b2c67915,0xc67178f2e372532b, -0xca273eceea26619c,0xd186b8c721c0c207,0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178, -0x06f067aa72176fba,0x0a637dc5a2c898a6,0x113f9804bef90dae,0x1b710b35131c471b, -0x28db77f523047d84,0x32caab7b40c72493,0x3c9ebe0a15c9bebc,0x431d67c49c100d4c, -0x4cc5d4becb3e42b6,0x597f299cfc657e2a,0x5fcb6fab3ad6faec,0x6c44198c4a475817}; - -#define PAD 0x80 -#define ZERO 0 - -/* functions */ - -#define S(n,x) (((x)>>n) | ((x)<<(64-n))) -#define R(n,x) ((x)>>n) - -#define Ch(x,y,z) ((x&y)^(~(x)&z)) -#define Maj(x,y,z) ((x&y)^(x&z)^(y&z)) -#define Sig0(x) (S(28,x)^S(34,x)^S(39,x)) -#define Sig1(x) (S(14,x)^S(18,x)^S(41,x)) -#define theta0(x) (S(1,x)^S(8,x)^R(7,x)) -#define theta1(x) (S(19,x)^S(61,x)^R(6,x)) - -static void shs_transform(sha512 *sh) -{ /* basic transformation step */ - mr_unsign64 a,b,c,d,e,f,g,h,t1,t2; - int j; - for (j=16;j<80;j++) - sh->w[j]=theta1(sh->w[j-2])+sh->w[j-7]+theta0(sh->w[j-15])+sh->w[j-16]; - - a=sh->h[0]; b=sh->h[1]; c=sh->h[2]; d=sh->h[3]; - e=sh->h[4]; f=sh->h[5]; g=sh->h[6]; h=sh->h[7]; - - for (j=0;j<80;j++) - { /* 80 times - mush it up */ - t1=h+Sig1(e)+Ch(e,f,g)+K[j]+sh->w[j]; - t2=Sig0(a)+Maj(a,b,c); - h=g; g=f; f=e; - e=d+t1; - d=c; - c=b; - b=a; - a=t1+t2; - } - sh->h[0]+=a; sh->h[1]+=b; sh->h[2]+=c; sh->h[3]+=d; - sh->h[4]+=e; sh->h[5]+=f; sh->h[6]+=g; sh->h[7]+=h; -} - -void shs512_init(sha512 *sh) -{ /* re-initialise */ - int i; - for (i=0;i<80;i++) sh->w[i]=0; - sh->length[0]=sh->length[1]=0; - sh->h[0]=H0; - sh->h[1]=H1; - sh->h[2]=H2; - sh->h[3]=H3; - sh->h[4]=H4; - sh->h[5]=H5; - sh->h[6]=H6; - sh->h[7]=H7; -} - -void shs384_init(sha384 *sh) -{ /* re-initialise */ - int i; - for (i=0;i<80;i++) sh->w[i]=0; - sh->length[0]=sh->length[1]=0; - sh->h[0]=H8; - sh->h[1]=H9; - sh->h[2]=HA; - sh->h[3]=HB; - sh->h[4]=HC; - sh->h[5]=HD; - sh->h[6]=HE; - sh->h[7]=HF; -} - - -void shs512_process(sha512 *sh,int byte) -{ /* process the next message byte */ - int cnt; - - cnt=(int)((sh->length[0]/64)%16); - - sh->w[cnt]<<=8; - sh->w[cnt]|=(mr_unsign64)(byte&0xFF); - - sh->length[0]+=8; - if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } - if ((sh->length[0]%1024)==0) shs_transform(sh); -} - - -void shs384_process(sha384 *sh,int byte) -{ /* process the next message byte */ - int cnt; - - cnt=(int)((sh->length[0]/64)%16); - - sh->w[cnt]<<=8; - sh->w[cnt]|=(mr_unsign64)(byte&0xFF); - - sh->length[0]+=8; - if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } - if ((sh->length[0]%1024)==0) shs_transform(sh); -} - - -void shs512_hash(sha512 *sh,char hash[64]) -{ /* pad message and finish - supply digest */ - int i; - mr_unsign64 len0,len1; - len0=sh->length[0]; - len1=sh->length[1]; - shs512_process(sh,PAD); - while ((sh->length[0]%1024)!=896) shs512_process(sh,ZERO); - sh->w[14]=len1; - sh->w[15]=len0; - shs_transform(sh); - for (i=0;i<64;i++) - { /* convert to bytes */ - hash[i]=(char)((sh->h[i/8]>>(8*(7-i%8))) & 0xffL); - } - shs512_init(sh); -} - -void shs384_hash(sha384 *sh,char hash[48]) -{ /* pad message and finish - supply digest */ - int i; - mr_unsign64 len0,len1; - len0=sh->length[0]; - len1=sh->length[1]; - shs512_process(sh,PAD); - while ((sh->length[0]%1024)!=896) shs384_process(sh,ZERO); - sh->w[14]=len1; - sh->w[15]=len0; - shs_transform(sh); - for (i=0;i<48;i++) - { /* convert to bytes */ - hash[i]=(char)((sh->h[i/8]>>(8*(7-i%8))) & 0xffL); - } - shs384_init(sh); -} - - -#endif - -/* test program: should produce digests - -512 bit - -8e959b75dae313da 8cf4f72814fc143f 8f7779c6eb9f7fa1 7299aeadb6889018 -501d289e4900f7e4 331b99dec4b5433a c7d329eeb6dd2654 5e96e55b874be909 - - -384 bit - -09330c33f71147e8 3d192fc782cd1b47 53111b173b3b05d2 2fa08086e3b0f712 -fcc7c71a557e2db9 66c3e9fa91746039 - - -#include -#include "miracl.h" - -char test[]="abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; - -int main() -{ - char hash[64]; - int i; - sha512 sh; - shs512_init(&sh); - for (i=0;test[i]!=0;i++) shs512_process(&sh,test[i]); - shs512_hash(&sh,hash); - for (i=0;i<64;i++) printf("%02x",(unsigned char)hash[i]); - printf("\n"); - - shs384_init(&sh); - for (i=0;test[i]!=0;i++) shs384_process(&sh,test[i]); - shs384_hash(&sh,hash); - for (i=0;i<48;i++) printf("%02x",(unsigned char)hash[i]); - printf("\n"); - - return 0; -} - -*/ - Index: trunk/src/mrshs256.c =================================================================== --- trunk/src/mrshs256.c (revision 3) +++ trunk/src/mrshs256.c (nonexistent) @@ -1,144 +0,0 @@ -/* - * Implementation of the Secure Hashing Algorithm (SHA-256) - * - * Generates a 256 bit message digest. It should be impossible to come - * come up with two messages that hash to the same value ("collision free"). - * - * For use with byte-oriented messages only. Could/Should be speeded - * up by unwinding loops in shs_transform(), and assembly patches. - */ - -#include -#include "miracl.h" - -#define H0 0x6A09E667L -#define H1 0xBB67AE85L -#define H2 0x3C6EF372L -#define H3 0xA54FF53AL -#define H4 0x510E527FL -#define H5 0x9B05688CL -#define H6 0x1F83D9ABL -#define H7 0x5BE0CD19L - -static mr_unsign32 K[64]={ -0x428a2f98L,0x71374491L,0xb5c0fbcfL,0xe9b5dba5L,0x3956c25bL,0x59f111f1L,0x923f82a4L,0xab1c5ed5L, -0xd807aa98L,0x12835b01L,0x243185beL,0x550c7dc3L,0x72be5d74L,0x80deb1feL,0x9bdc06a7L,0xc19bf174L, -0xe49b69c1L,0xefbe4786L,0x0fc19dc6L,0x240ca1ccL,0x2de92c6fL,0x4a7484aaL,0x5cb0a9dcL,0x76f988daL, -0x983e5152L,0xa831c66dL,0xb00327c8L,0xbf597fc7L,0xc6e00bf3L,0xd5a79147L,0x06ca6351L,0x14292967L, -0x27b70a85L,0x2e1b2138L,0x4d2c6dfcL,0x53380d13L,0x650a7354L,0x766a0abbL,0x81c2c92eL,0x92722c85L, -0xa2bfe8a1L,0xa81a664bL,0xc24b8b70L,0xc76c51a3L,0xd192e819L,0xd6990624L,0xf40e3585L,0x106aa070L, -0x19a4c116L,0x1e376c08L,0x2748774cL,0x34b0bcb5L,0x391c0cb3L,0x4ed8aa4aL,0x5b9cca4fL,0x682e6ff3L, -0x748f82eeL,0x78a5636fL,0x84c87814L,0x8cc70208L,0x90befffaL,0xa4506cebL,0xbef9a3f7L,0xc67178f2L}; - -#define PAD 0x80 -#define ZERO 0 - -/* functions */ - -#define S(n,x) (((x)>>n) | ((x)<<(32-n))) -#define R(n,x) ((x)>>n) - -#define Ch(x,y,z) ((x&y)^(~(x)&z)) -#define Maj(x,y,z) ((x&y)^(x&z)^(y&z)) -#define Sig0(x) (S(2,x)^S(13,x)^S(22,x)) -#define Sig1(x) (S(6,x)^S(11,x)^S(25,x)) -#define theta0(x) (S(7,x)^S(18,x)^R(3,x)) -#define theta1(x) (S(17,x)^S(19,x)^R(10,x)) - -static void shs_transform(sha256 *sh) -{ /* basic transformation step */ - mr_unsign32 a,b,c,d,e,f,g,h,t1,t2; - int j; - for (j=16;j<64;j++) - sh->w[j]=theta1(sh->w[j-2])+sh->w[j-7]+theta0(sh->w[j-15])+sh->w[j-16]; - - a=sh->h[0]; b=sh->h[1]; c=sh->h[2]; d=sh->h[3]; - e=sh->h[4]; f=sh->h[5]; g=sh->h[6]; h=sh->h[7]; - - for (j=0;j<64;j++) - { /* 64 times - mush it up */ - t1=h+Sig1(e)+Ch(e,f,g)+K[j]+sh->w[j]; - t2=Sig0(a)+Maj(a,b,c); - h=g; g=f; f=e; - e=d+t1; - d=c; - c=b; - b=a; - a=t1+t2; - } - sh->h[0]+=a; sh->h[1]+=b; sh->h[2]+=c; sh->h[3]+=d; - sh->h[4]+=e; sh->h[5]+=f; sh->h[6]+=g; sh->h[7]+=h; -} - -void shs256_init(sha256 *sh) -{ /* re-initialise */ - int i; - for (i=0;i<64;i++) sh->w[i]=0L; - sh->length[0]=sh->length[1]=0L; - sh->h[0]=H0; - sh->h[1]=H1; - sh->h[2]=H2; - sh->h[3]=H3; - sh->h[4]=H4; - sh->h[5]=H5; - sh->h[6]=H6; - sh->h[7]=H7; -} - -void shs256_process(sha256 *sh,int byte) -{ /* process the next message byte */ - int cnt; - - cnt=(int)((sh->length[0]/32)%16); - - sh->w[cnt]<<=8; - sh->w[cnt]|=(mr_unsign32)(byte&0xFF); - - sh->length[0]+=8; - if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } - if ((sh->length[0]%512)==0) shs_transform(sh); -} - -void shs256_hash(sha256 *sh,char hash[32]) -{ /* pad message and finish - supply digest */ - int i; - mr_unsign32 len0,len1; - len0=sh->length[0]; - len1=sh->length[1]; - shs256_process(sh,PAD); - while ((sh->length[0]%512)!=448) shs256_process(sh,ZERO); - sh->w[14]=len1; - sh->w[15]=len0; - shs_transform(sh); - for (i=0;i<32;i++) - { /* convert to bytes */ - hash[i]=((sh->h[i/4]>>(8*(3-i%4))) & 0xffL); - } - shs256_init(sh); -} - -/* test program: should produce digest - -248d6a61 d20638b8 e5c02693 0c3e6039 a33ce459 64ff2167 f6ecedd4 19db06c1 - - -#include -#include "miracl.h" - -char test[]="abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; - -int main() -{ - char hash[32]; - int i; - sha256 sh; - shs256_init(&sh); - for (i=0;test[i]!=0;i++) shs256_process(&sh,test[i]); - shs256_hash(&sh,hash); - for (i=0;i<32;i++) printf("%02x",(unsigned char)hash[i]); - printf("\n"); - return 0; -} - -*/ - Index: trunk/src/mirdef.h =================================================================== --- trunk/src/mirdef.h (revision 3) +++ trunk/src/mirdef.h (nonexistent) @@ -1,21 +0,0 @@ -/* - * MIRACL compiler/hardware definitions - mirdef.h - * Copyright (c) 1988-2002 Shamus Software Ltd. - */ -#define MR_COMBA 6 -#define MR_LITTLE_ENDIAN -#define MIRACL 32 -#define mr_utype int -#define MR_IBITS 32 -#define MR_LBITS 32 -#define mr_unsign32 unsigned int -#define mr_dltype __int64 -#define mr_unsign64 unsigned __int64 -#define MR_STRIPPED_DOWN -#define MAXBASE ((mr_small)1<<(MIRACL-1)) -#define MR_BITSINCHAR 8 - -#define MR_NO_FILE_IO -#define NULL ((void *)0) - - Index: trunk/src/miracl.h =================================================================== --- trunk/src/miracl.h (revision 3) +++ trunk/src/miracl.h (nonexistent) @@ -1,941 +0,0 @@ -#ifndef MIRACL_H -#define MIRACL_H - -/* - * main MIRACL header - miracl.h. - * - * Copyright (c) 1988-2001 Shamus Software Ltd. - */ - -#include "mirdef.h" - -#ifdef __ia64__ -#if MIRACL==64 -#define MR_ITANIUM -#include -#endif -#endif - -#ifdef MR_FP -#include -#endif - -#ifndef MR_NO_FILE_IO -#include -#endif - /* error returns */ - -#define MR_ERR_BASE_TOO_BIG 1 -#define MR_ERR_DIV_BY_ZERO 2 -#define MR_ERR_OVERFLOW 3 -#define MR_ERR_NEG_RESULT 4 -#define MR_ERR_BAD_FORMAT 5 -#define MR_ERR_BAD_BASE 6 -#define MR_ERR_BAD_PARAMETERS 7 -#define MR_ERR_OUT_OF_MEMORY 8 -#define MR_ERR_NEG_ROOT 9 -#define MR_ERR_NEG_POWER 10 -#define MR_ERR_BAD_ROOT 11 -#define MR_ERR_INT_OP 12 -#define MR_ERR_FLASH_OVERFLOW 13 -#define MR_ERR_TOO_BIG 14 -#define MR_ERR_NEG_LOG 15 -#define MR_ERR_DOUBLE_FAIL 16 -#define MR_ERR_IO_OVERFLOW 17 -#define MR_ERR_NO_MIRSYS 18 -#define MR_ERR_BAD_MODULUS 19 -#define MR_ERR_NO_MODULUS 20 -#define MR_ERR_EXP_TOO_BIG 21 -#define MR_ERR_NOT_SUPPORTED 22 -#define MR_ERR_NOT_DOUBLE_LEN 23 -#define MR_ERR_NOT_IRREDUC 24 -#define MR_ERR_NO_ROUNDING 25 - - /* some useful definitions */ - - - -#define forever for(;;) - -#ifndef TRUE - #define TRUE 1 -#endif -#ifndef FALSE - #define FALSE 0 -#endif - -#define OFF 0 -#define ON 1 -#define PLUS 1 -#define MINUS (-1) - -#define MR_MAXDEPTH 24 - /* max routine stack depth */ -/* big and flash variables consist of an encoded length, * - * and an array of mr_smalls containing the digits */ - -typedef int BOOL; - -#define MR_BYTE unsigned char - -#ifdef MR_BITSINCHAR - #if MR_BITSINCHAR == 8 - #define MR_TOBYTE(x) ((MR_BYTE)(x)) - #else - #define MR_TOBYTE(x) ((MR_BYTE)((x)&0xFF)) - #endif -#else - #define MR_TOBYTE(x) ((MR_BYTE)(x)) -#endif - -#ifdef MR_FP - - typedef mr_utype mr_small; - #ifdef mr_dltype - typedef mr_dltype mr_large; - #endif - - #define MR_DIV(a,b) (modf((a)/(b),&dres),dres) - - #ifdef MR_FP_ROUNDING - -/* slightly dicey - the optimizer might remove the MAGIC ! */ - - #define MR_LROUND(a) ( ( (a) + MR_MAGIC ) - MR_MAGIC ) - #else - #define MR_LROUND(a) (modfl((a),&ldres),ldres) - #endif - - #define MR_REMAIN(a,b) ((a)-(b)*MR_DIV((a),(b))) - -#else - - typedef unsigned mr_utype mr_small; - #ifdef mr_dltype - typedef unsigned mr_dltype mr_large; - #endif - - #define MR_DIV(a,b) ((a)/(b)) - #define MR_REMAIN(a,b) ((a)%(b)) - #define MR_LROUND(a) ((a)) -#endif - -struct bigtype -{ - mr_unsign32 len; - mr_small *w; -}; - -typedef struct bigtype *big; -typedef big zzn; - -/* Macro to create big x on the stack - x_t and x_g must be distinct variables - By convention use like this. See brute.c and identity.c for examples - - BIG(x,x_t,x_g,10) - BIG(y,y_t,y_g,10) - -*/ - -#define BIG(x,xt,xg,s) mr_small xg[s]; struct bigtype xt={s,xg}; big x=&xt; - -typedef big flash; - -#define MR_MSBIT ((mr_unsign32)1<<31) -#define MR_OBITS (MR_MSBIT-1) - -#if MIRACL >= MR_IBITS -#define MR_TOOBIG (1<<(MR_IBITS-2)) -#else -#define MR_TOOBIG (1<<(MIRACL-1)) -#endif - -#ifdef MR_FLASH -#define MR_EBITS (8*sizeof(double) - MR_FLASH) - /* no of Bits per double exponent */ -#define MR_BTS 16 -#define MR_MSK 0xFFFF - -#endif - -#define MR_HASH_BYTES 20 - -/* Marsaglia & Zaman Random number generator */ -/* constants alternatives */ -#define NK 37 /* 21 */ -#define NJ 24 /* 6 */ -#define NV 14 /* 8 */ - - -#ifdef MR_LITTLE_ENDIAN -#define MR_TOP(x) (*(((mr_small *)&(x))+1)) -#define MR_BOT(x) (*(((mr_small *)&(x)))) -#endif -#ifdef MR_BIG_ENDIAN -#define MR_TOP(x) (*(((mr_small *)&(x)))) -#define MR_BOT(x) (*(((mr_small *)&(x))+1)) -#endif - -/* chinese remainder theorem structures */ - -typedef struct { -big *C; -big *V; -big *M; -int NP; -} big_chinese; - -typedef struct { -mr_utype *C; -mr_utype *V; -mr_utype *M; -int NP; -} small_chinese; - -/* Cryptographically strong pseudo-random number generator */ - -typedef struct { -mr_unsign32 ira[NK]; /* random number... */ -int rndptr; /* ...array & pointer */ -mr_unsign32 borrow; -int pool_ptr; -char pool[MR_HASH_BYTES]; /* random pool */ -} csprng; - -/* secure hash Algorithm structure */ - -typedef struct { -mr_unsign32 length[2]; -mr_unsign32 h[8]; -mr_unsign32 w[80]; -} sha256; - -typedef sha256 sha; - -#ifdef mr_unsign64 - -typedef struct { -mr_unsign64 length[2]; -mr_unsign64 h[8]; -mr_unsign64 w[80]; -} sha512; - -typedef sha512 sha384; - -#endif - -/* advanced encryption algorithm structure */ - -#define MR_ECB 0 -#define MR_CBC 1 -#define MR_CFB1 2 -#define MR_CFB2 3 -#define MR_CFB4 5 -#define MR_PCFB1 10 -#define MR_PCFB2 11 -#define MR_PCFB4 13 -#define MR_OFB1 14 -#define MR_OFB2 15 -#define MR_OFB4 17 -#define MR_OFB8 21 -#define MR_OFB16 29 - -typedef struct { -int Nk,Nr; -int mode; -mr_unsign32 fkey[60]; -mr_unsign32 rkey[60]; -char f[16]; -} aes; - - - /* Elliptic curve point status */ - -#define MR_EPOINT_GENERAL 0 -#define MR_EPOINT_NORMALIZED 1 -#define MR_EPOINT_INFINITY 2 - -#define MR_PROJECTIVE 0 -#define MR_AFFINE 1 - - -/* Elliptic Curve epoint structure. Uses projective (X,Y,Z) co-ordinates */ - -typedef struct { -big X; -big Y; -big Z; -int marker; -} epoint; - - -/* Structure for Brickell method for finite * - field exponentiation with precomputation */ - -typedef struct { - big *table; - big n; - int base; - int store; -} brick; - -/* Structure for Brickell method for elliptic * - curve exponentiation with precomputation */ - -typedef struct { - epoint **table; - big a,b,n; - int base; - int store; -} ebrick; - -typedef struct { - epoint **table; - big a6,a2; - int m,a,b,c; - int base; - int store; -} ebrick2; - -/* main MIRACL instance structure */ - -typedef struct { -mr_small base; /* number base */ -mr_small apbase; /* apparent base */ -int pack; /* packing density */ -int lg2b; /* bits in base */ -mr_small base2; /* 2^mr_lg2b */ -BOOL (*user)(void); /* pointer to user supplied function */ - -int nib; /* length of bigs */ -int depth; /* error tracing ..*/ -int trace[MR_MAXDEPTH]; /* .. mechanism */ -BOOL check; /* overflow check */ -BOOL fout; /* Output to file */ -BOOL fin; /* Input from file */ -BOOL active; - -#ifndef MR_NO_FILE_IO - -FILE *infile; /* Input file */ -FILE *otfile; /* Output file */ - -#endif - -mr_unsign32 ira[NK]; /* random number... */ -int rndptr; /* ...array & pointer */ -mr_unsign32 borrow; - - /* Montgomery constants */ -mr_small ndash; -big modulus; -BOOL ACTIVE; -BOOL MONTY; - /* Elliptic Curve details */ -BOOL SS; /* True for Super-Singular */ -big A,B,C; -int coord,Asize,Bsize; - -int M,AA,BB,CC; /* for GF(2^m) curves */ - -int logN; /* constants for fast fourier fft multiplication */ -int nprimes,degree; -mr_utype *prime,*cr; -mr_utype *inverse,**roots; -small_chinese chin; -mr_utype const1,const2,const3; -mr_small msw,lsw; -mr_utype **s1,**s2; /* pre-computed tables for polynomial reduction */ -mr_utype **t; /* workspace */ -mr_utype *wa; -mr_utype *wb; -mr_utype *wc; -BOOL same; -BOOL first_one; -BOOL debug; - -big w0; /* workspace bigs */ -big w1,w2,w3,w4; -big w5,w6,w7; -big w8,w9,w10,w11; -big w12,w13,w14,w15; -big w16,w17,w18; - -/* User modifiables */ - -char *IOBUFF; /* i/o buffer */ -int IOBSIZ; /* size of i/o buffer */ -BOOL ERCON; /* error control */ -int ERNUM; /* last error code */ -int NTRY; /* no. of tries for probablistic primality testing */ -int IOBASE; /* base for input and output */ -BOOL EXACT; /* exact flag */ -BOOL RPOINT; /* =ON for radix point, =OFF for fractions in output */ -BOOL TRACER; /* turns trace tracker on/off */ -int INPLEN; /* input length */ -int *PRIMES; /* small primes array */ - -#ifdef MR_FLASH -int workprec; -int stprec; /* start precision */ - -int RS,RD; -double D; - -double db,n,p; -int a,b,c,d,r,q,oldn,ndig; -mr_small u,v,ku,kv; - -BOOL last,carryon; -flash pi; - - -#endif - -#ifdef MR_KCM -big big_ndash; -big ws; -#endif - -#ifdef MR_FP_ROUNDING -mr_large inverse_base; -#endif -int size; -char *workspace; - -} miracl; - - -#ifndef MR_GENERIC_MT - -#ifdef MR_WINDOWS_MT -#define MR_OS_THREADS -#endif - -#ifdef MR_UNIX_MT -#define MR_OS_THREADS -#endif - -#ifndef MR_OS_THREADS - -extern miracl *mr_mip; /* pointer to MIRACL's only global variable */ - -#endif - -#endif - - -#ifdef MR_GENERIC_MT - -#define _MIPT_ miracl *, -#define _MIPTO_ miracl * -#define _MIPD_ miracl *mr_mip, -#define _MIPDO_ miracl *mr_mip -#define _MIPP_ mr_mip, -#define _MIPPO_ mr_mip - -#else - -#define _MIPT_ -#define _MIPTO_ void -#define _MIPD_ -#define _MIPDO_ void -#define _MIPP_ -#define _MIPPO_ - -#endif - -/* Preamble and exit code for MIRACL routines. * - * Not used if MR_STRIPPED_DOWN is defined */ - -#ifdef MR_STRIPPED_DOWN -#define MR_OUT -#define MR_IN(N) -#else -#define MR_OUT mr_mip->depth--; -#define MR_IN(N) mr_mip->depth++; if (mr_mip->depthtrace[mr_mip->depth]=(N); if (mr_mip->TRACER) mr_track(_MIPPO_); } -#endif - -/* Function definitions */ - -/* Group 0 - Internal routines */ - -extern void mr_berror(_MIPT_ int); -extern mr_small mr_shiftbits(mr_small,int); -extern mr_small mr_setbase(_MIPT_ mr_small); -extern void mr_track(_MIPTO_ ); -extern void mr_lzero(big); -extern BOOL mr_notint(flash); -extern int mr_lent(flash); -extern void mr_padd(_MIPT_ big,big,big); -extern void mr_psub(_MIPT_ big,big,big); -extern void mr_pmul(_MIPT_ big,mr_small,big); -#ifdef MR_FP_ROUNDING -extern mr_large mr_invert(mr_small); -extern mr_small imuldiv(mr_small,mr_small,mr_small,mr_small,mr_large,mr_small *); -extern mr_small mr_sdiv(_MIPT_ big,mr_small,mr_large,big); -#else -extern mr_small mr_sdiv(_MIPT_ big,mr_small,big); -#endif -extern void mr_shift(_MIPT_ big,int,big); -extern miracl *mr_first_alloc(void); -extern void *mr_alloc(_MIPT_ int,int); -extern void mr_free(void *); -extern void set_user_function(_MIPT_ BOOL (*)(void)); -extern void set_io_buffer_size(_MIPT_ int); -extern int mr_testbit(_MIPT_ big,int); -extern int mr_window(_MIPT_ big,int,int *,int *); -extern int mr_window2(_MIPT_ big,big,int,int *,int *); -extern int mr_naf_window(_MIPT_ big,big,int,int *,int *); - -extern int mr_fft_init(_MIPT_ int,big,big,BOOL); -extern void mr_dif_fft(_MIPT_ int,int,mr_utype *); -extern void mr_dit_fft(_MIPT_ int,int,mr_utype *); -extern void fft_reset(_MIPTO_); - -extern int mr_poly_mul(_MIPT_ int,big*,int,big*,big*); -extern int mr_poly_sqr(_MIPT_ int,big*,big*); -extern void mr_polymod_set(_MIPT_ int,big*,big*); -extern int mr_poly_rem(_MIPT_ int,big *,big *); - -extern int mr_ps_big_mul(_MIPT_ int,big *,big *,big *); -extern int mr_ps_zzn_mul(_MIPT_ int,big *,big *,big *); - -extern mr_small muldiv(mr_small,mr_small,mr_small,mr_small,mr_small *); -extern mr_small muldvm(mr_small,mr_small,mr_small,mr_small *); -extern mr_small muldvd(mr_small,mr_small,mr_small,mr_small *); -extern void muldvd2(mr_small,mr_small,mr_small *,mr_small *); - -/* Group 1 - General purpose, I/O and basic arithmetic routines */ - -extern int igcd(int,int); -extern mr_small sgcd(mr_small,mr_small); -extern int isqrt(int,int); -extern void irand(_MIPT_ mr_unsign32); -extern mr_small brand(_MIPTO_ ); -extern void zero(flash); -extern void convert(_MIPT_ int,big); -extern void lgconv(_MIPT_ long,big); -extern flash mirvar(_MIPT_ int); -extern flash mirvar_mem(_MIPT_ char *,int); -extern void mirkill(big); -extern void *memalloc(_MIPT_ int); -extern void memkill(_MIPT_ char *,int); -extern void mr_init_threading(void); -extern void mr_end_threading(void); -extern miracl *get_mip(_MIPTO_ ); -extern miracl *mirsys(int,mr_small); -extern void mirexit(_MIPTO_ ); -extern int exsign(flash); -extern void insign(int,flash); -extern int getdig(_MIPT_ big,int); -extern int numdig(_MIPT_ big); -extern void putdig(_MIPT_ int,big,int); -extern void copy(flash,flash); -extern void negify(flash,flash); -extern void absol(flash,flash); -extern int size(big); -extern int compare(big,big); -extern void add(_MIPT_ big,big,big); -extern void subtract(_MIPT_ big,big,big); -extern void incr(_MIPT_ big,int,big); -extern void decr(_MIPT_ big,int,big); -extern void premult(_MIPT_ big,int,big); -extern int subdiv(_MIPT_ big,int,big); -extern BOOL subdivisible(_MIPT_ big,int); -extern int remain(_MIPT_ big,int); -extern void bytes_to_big(_MIPT_ int,char *,big); -extern int big_to_bytes(_MIPT_ int,big,char *,BOOL); -extern mr_small normalise(_MIPT_ big,big); -extern void multiply(_MIPT_ big,big,big); -extern void fft_mult(_MIPT_ big,big,big); -extern BOOL fastmultop(_MIPT_ int,big,big,big); -extern void divide(_MIPT_ big,big,big); -extern BOOL divisible(_MIPT_ big,big); -extern void mad(_MIPT_ big,big,big,big,big,big); -extern int instr(_MIPT_ flash,char *); -extern int otstr(_MIPT_ flash,char *); -extern int cinstr(_MIPT_ flash,char *); -extern int cotstr(_MIPT_ flash,char *); - -#ifndef MR_NO_FILE_IO - -extern int innum(_MIPT_ flash,FILE *); -extern int otnum(_MIPT_ flash,FILE *); -extern int cinnum(_MIPT_ flash,FILE *); -extern int cotnum(_MIPT_ flash,FILE *); - -#endif - -/* Group 2 - Advanced arithmetic routines */ - -extern mr_small smul(mr_small,mr_small,mr_small); -extern mr_small spmd(mr_small,mr_small,mr_small); -extern mr_small invers(mr_small,mr_small); -extern mr_small sqrmp(mr_small,mr_small); -extern int jac(mr_small,mr_small); - -extern void gprime(_MIPT_ int); -extern int jack(_MIPT_ big,big); -extern int egcd(_MIPT_ big,big,big); -extern int xgcd(_MIPT_ big,big,big,big,big); -extern int logb2(_MIPT_ big); -extern void expint(_MIPT_ int,int,big); -extern void sftbit(_MIPT_ big,int,big); -extern void power(_MIPT_ big,long,big,big); -extern void powmod(_MIPT_ big,big,big,big); -extern void powmod2(_MIPT_ big,big,big,big,big,big); -extern void powmodn(_MIPT_ int,big *,big *,big,big); -extern int powltr(_MIPT_ int,big,big,big); -extern BOOL double_inverse(_MIPT_ big,big,big,big,big); -extern BOOL multi_inverse(_MIPT_ int,big*,big,big*); -extern void lucas(_MIPT_ big,big,big,big,big); -extern BOOL nroot(_MIPT_ big,int,big); -extern BOOL sqroot(_MIPT_ big,big,big); -extern void bigrand(_MIPT_ big,big); -extern void bigdig(_MIPT_ int,int,big); -extern int trial_division(_MIPT_ big,big); -extern BOOL isprime(_MIPT_ big); -extern BOOL nxprime(_MIPT_ big,big); -extern BOOL nxsafeprime(_MIPT_ int,int,big,big); -extern BOOL crt_init(_MIPT_ big_chinese *,int,big *); -extern void crt(_MIPT_ big_chinese *,big *,big); -extern void crt_end(big_chinese *); -extern BOOL scrt_init(_MIPT_ small_chinese *,int,mr_utype *); -extern void scrt(_MIPT_ small_chinese*,mr_utype *,big); -extern void scrt_end(small_chinese *); -extern BOOL brick_init(_MIPT_ brick *,big,big,int); -extern void pow_brick(_MIPT_ brick *,big,big); -extern void brick_end(brick *); -extern BOOL ebrick_init(_MIPT_ ebrick *,big,big,big,big,big,int); -extern void ebrick_end(ebrick *); -extern int mul_brick(_MIPT_ ebrick*,big,big,big); -extern BOOL ebrick2_init(_MIPT_ ebrick2 *,big,big,big,big,int,int,int,int,int); -extern void ebrick2_end(ebrick2 *); -extern int mul2_brick(_MIPT_ ebrick2*,big,big,big); - -/* Montgomery stuff */ - -extern mr_small prepare_monty(_MIPT_ big); -extern void kill_monty(_MIPTO_ ); -extern void nres(_MIPT_ big,big); -extern void redc(_MIPT_ big,big); - -extern void nres_negate(_MIPT_ big,big); -extern void nres_modadd(_MIPT_ big,big,big); -extern void nres_modsub(_MIPT_ big,big,big); -extern void nres_premult(_MIPT_ big,int,big); -extern void nres_modmult(_MIPT_ big,big,big); -extern int nres_moddiv(_MIPT_ big,big,big); -extern void nres_dotprod(_MIPT_ int,big *,big *,big); -extern void nres_powmod(_MIPT_ big,big,big); -extern void nres_powltr(_MIPT_ int,big,big); -extern void nres_powmod2(_MIPT_ big,big,big,big,big); -extern void nres_powmodn(_MIPT_ int,big *,big *,big); -extern BOOL nres_sqroot(_MIPT_ big,big); -extern void nres_lucas(_MIPT_ big,big,big,big); -extern BOOL nres_double_inverse(_MIPT_ big,big,big,big); -extern BOOL nres_multi_inverse(_MIPT_ int,big *,big *); - -extern void shs_init(sha *); -extern void shs_process(sha *,int); -extern void shs_hash(sha *,char *); - -extern void shs256_init(sha256 *); -extern void shs256_process(sha256 *,int); -extern void shs256_hash(sha256 *,char *); - -#ifdef mr_unsign64 - -extern void shs512_init(sha512 *); -extern void shs512_process(sha512 *,int); -extern void shs512_hash(sha512 *,char *); - -extern void shs384_init(sha384 *); -extern void shs384_process(sha384 *,int); -extern void shs384_hash(sha384 *,char *); - -#endif - -extern BOOL aes_init(aes *,int,int,char *,char *); -extern void aes_getreg(aes *,char *); -extern mr_unsign32 aes_encrypt(aes *,char *); -extern mr_unsign32 aes_decrypt(aes *,char *); -extern void aes_reset(aes *,int,char *); -extern void aes_end(aes *); - -extern void strong_init(csprng *,int,char *,mr_unsign32); -extern int strong_rng(csprng *); -extern void strong_bigrand(_MIPT_ csprng *,big,big); -extern void strong_bigdig(_MIPT_ csprng *,int,int,big); -extern void strong_kill(csprng *); - -/* special modular multipliers */ - -extern void comba_mult(_MIPT_ big,big,big); -extern void comba_square(_MIPT_ big,big); -extern void comba_redc(_MIPT_ big,big); -extern void comba_add(_MIPT_ big,big,big); -extern void comba_sub(_MIPT_ big,big,big); - -extern void fastmodmult(_MIPT_ big,big,big); -extern void fastmodsquare(_MIPT_ big,big); - -extern void kcm_mul(_MIPT_ big,big,big); -extern void kcm_sqr(_MIPT_ big,big); -extern void kcm_redc(_MIPT_ big,big); - -extern void kcm_multiply(_MIPT_ int,big,big,big); -extern void kcm_square(_MIPT_ int,big,big); -extern BOOL kcm_top(_MIPT_ int,big,big,big); - -/* elliptic curve stuff */ - -extern BOOL point_at_infinity(epoint *); - -extern void ecurve_init(_MIPT_ big,big,big,int); -extern big ecurve_add(_MIPT_ epoint *,epoint *); -extern big ecurve_sub(_MIPT_ epoint *,epoint *); -extern void ecurve_double_add(_MIPT_ epoint *,epoint *,epoint *,epoint *,big *,big *); -extern void ecurve_multi_add(_MIPT_ int,epoint **,epoint **); -extern void ecurve_mult(_MIPT_ big,epoint *,epoint *); -extern void ecurve_mult2(_MIPT_ big,epoint *,big,epoint *,epoint *); -extern void ecurve_multn(_MIPT_ int,big *,epoint**,epoint *); - -extern epoint* epoint_init(_MIPTO_ ); -extern BOOL epoint_set(_MIPT_ big,big,int,epoint*); -extern int epoint_get(_MIPT_ epoint*,big,big); -extern void epoint_getxyz(_MIPT_ epoint *,big,big,big); -extern int epoint_norm(_MIPT_ epoint *); -extern void epoint_free(epoint *); -extern void epoint_copy(epoint *,epoint *); -extern BOOL epoint_comp(_MIPT_ epoint *,epoint *); -extern void epoint_negate(_MIPT_ epoint *); - -extern BOOL ecurve2_init(_MIPT_ int,int,int,int,big,big,BOOL,int); -extern big ecurve2_add(_MIPT_ epoint *,epoint *); -extern big ecurve2_sub(_MIPT_ epoint *,epoint *); -extern void ecurve2_multi_add(_MIPT_ int,epoint **,epoint **); -extern void ecurve2_mult(_MIPT_ big,epoint *,epoint *); -extern void ecurve2_mult2(_MIPT_ big,epoint *,big,epoint *,epoint *); -extern void ecurve2_multn(_MIPT_ int,big *,epoint**,epoint *); - -extern epoint* epoint2_init(_MIPTO_ ); -extern BOOL epoint2_set(_MIPT_ big,big,int,epoint*); -extern int epoint2_get(_MIPT_ epoint*,big,big); -extern void epoint2_getxyz(_MIPT_ epoint *,big,big,big); -extern int epoint2_norm(_MIPT_ epoint *); -extern void epoint2_free(epoint *); -extern void epoint2_copy(epoint *,epoint *); -extern BOOL epoint2_comp(_MIPT_ epoint *,epoint *); -extern void epoint2_negate(_MIPT_ epoint *); - -/* GF(2) stuff */ - -extern BOOL prepare_basis(_MIPT_ int,int,int,int,BOOL); -extern void add2(big,big,big); -extern void incr2(big,int,big); -extern void reduce2(_MIPT_ big,big); -extern void modmult2(_MIPT_ big,big,big); -extern void power2(_MIPT_ big,int,big); -extern void sqroot2(_MIPT_ big,big); -extern BOOL inverse2(_MIPT_ big,big); -extern void karmul2(int,mr_small *,mr_small *,mr_small *,mr_small *); -extern void karmul2_poly(_MIPT_ int,big *,big *,big *,big *); -extern void karmul2_poly_upper(_MIPT_ int,big *,big *,big *,big *); -extern void gf2m_dotprod(_MIPT_ int,big *,big *,big); -extern int trace2(_MIPT_ big); - -/* Group 3 - Floating-slash routines */ - -#ifdef MR_FLASH -extern void fpack(_MIPT_ big,big,flash); -extern void numer(_MIPT_ flash,big); -extern void denom(_MIPT_ flash,big); -extern BOOL fit(big,big,int); -extern void build(_MIPT_ flash,int (*)(_MIPT_ big,int)); -extern void mround(_MIPT_ big,big,flash); -extern void flop(_MIPT_ flash,flash,int *,flash); -extern void fmul(_MIPT_ flash,flash,flash); -extern void fdiv(_MIPT_ flash,flash,flash); -extern void fadd(_MIPT_ flash,flash,flash); -extern void fsub(_MIPT_ flash,flash,flash); -extern int fcomp(_MIPT_ flash,flash); -extern void fconv(_MIPT_ int,int,flash); -extern void frecip(_MIPT_ flash,flash); -extern void ftrunc(_MIPT_ flash,big,flash); -extern void fmodulo(_MIPT_ flash,flash,flash); -extern void fpmul(_MIPT_ flash,int,int,flash); -extern void fincr(_MIPT_ flash,int,int,flash); -extern void dconv(_MIPT_ double,flash); -extern double fdsize(_MIPT_ flash); -extern void frand(_MIPT_ flash); - -/* Group 4 - Advanced Flash routines */ - -extern void fpower(_MIPT_ flash,int,flash); -extern BOOL froot(_MIPT_ flash,int,flash); -extern void fpi(_MIPT_ flash); -extern void fexp(_MIPT_ flash,flash); -extern void flog(_MIPT_ flash,flash); -extern void fpowf(_MIPT_ flash,flash,flash); -extern void ftan(_MIPT_ flash,flash); -extern void fatan(_MIPT_ flash,flash); -extern void fsin(_MIPT_ flash,flash); -extern void fasin(_MIPT_ flash,flash); -extern void fcos(_MIPT_ flash,flash); -extern void facos(_MIPT_ flash,flash); -extern void ftanh(_MIPT_ flash,flash); -extern void fatanh(_MIPT_ flash,flash); -extern void fsinh(_MIPT_ flash,flash); -extern void fasinh(_MIPT_ flash,flash); -extern void fcosh(_MIPT_ flash,flash); -extern void facosh(_MIPT_ flash,flash); -#endif - - -/* Test predefined Macros to determine compiler type, and hopefully - selectively use fast in-line assembler (or other compiler specific - optimisations. Note I am unsure of Microsoft version numbers. So I - suspect are Microsoft. - - Note: It seems to be impossible to get the 16-bit Microsoft compiler - to allow inline 32-bit op-codes. So I suspect that INLINE_ASM == 2 will - never work with it. Pity. - -#define INLINE_ASM 1 -> generates 8086 inline assembly -#define INLINE_ASM 2 -> generates mixed 8086 & 80386 inline assembly, - so you can get some benefit while running in a - 16-bit environment on 32-bit hardware (DOS, Windows - 3.1...) -#define INLINE_ASM 3 -> generate true 80386 inline assembly - (Using DOS - extender, Windows '95/Windows NT) - Actually optimised for Pentium - -#define INLINE_ASM 4 -> 80386 code in the GNU style (for (DJGPP) - -Small, medium, compact and large memory models are supported for the -first two of the above. - -*/ - -#ifndef MR_NOASM - -/* Itanium - inline the time-critical functions */ - - #ifdef MR_ITANIUM - #define muldvd(a,b,c,rp) (tm=_m64_xmahu((a),(b),(c)),*(rp)=_m64_xmalu((a),(b),(c)),tm) - #define muldvd2(a,b,c,rp) (tm=_m64_xmalu((a),(b),(*(c))),*(c)=_m64_xmahu((a),(b),(*(c))),tm+=*(rp),*(c)+=(tm<*(rp)),*(rp)=tm) - #endif - - -/* Borland C/Turbo C */ - - #ifdef __TURBOC__ - #ifndef __HUGE__ - #define ASM asm - #if defined(__COMPACT__) || defined(__LARGE__) - #define MR_LMM - #endif - - #if MIRACL==16 - #define INLINE_ASM 1 - #endif - - #if __TURBOC__>=0x410 - #if MIRACL==32 -#if defined(__SMALL__) || defined(__MEDIUM__) || defined(__LARGE__) || defined(__COMPACT__) - #define INLINE_ASM 2 - #else - #define INLINE_ASM 3 - #endif - #endif - #endif - #endif - #endif - -/* Microsoft C */ - - #ifdef _MSC_VER - #ifndef M_I86HM - #define ASM _asm - #if defined(M_I86CM) || defined(M_I86LM) - #define MR_LMM - #endif - #if _MSC_VER>=600 - #if MIRACL==16 - #define INLINE_ASM 1 - #endif - #endif - #if _MSC_VER>=1000 - #if MIRACL==32 - #define INLINE_ASM 3 - #endif - #endif - #endif - #endif - -/* DJGPP GNU C */ - - #ifdef __GNUC__ - #ifdef i386 - #define ASM __asm__ __volatile__ - #if MIRACL==32 - #define INLINE_ASM 4 - #endif - #endif - #endif - -#endif - -/* - The following contribution is from Tielo Jongmans, Netherlands - These inline assembler routines are suitable for Watcom 10.0 and up - - Added into miracl.h. Notice the override of the original declarations - of these routines, which should be removed. - - The following pragma is optional, it is dangerous, but it saves a - calling sequence -*/ - -/* - -#pragma off (check_stack); - -extern unsigned int muldiv(unsigned int, unsigned int, unsigned int, unsigned int, unsigned int *); -#pragma aux muldiv= \ - "mul edx" \ - "add eax,ebx" \ - "adc edx,0" \ - "div ecx" \ - "mov [esi],edx" \ - parm [eax] [edx] [ebx] [ecx] [esi] \ - value [eax] \ - modify [eax edx]; - -extern unsigned int muldvm(unsigned int, unsigned int, unsigned int, unsigned int *); -#pragma aux muldvm= \ - "div ebx" \ - "mov [ecx],edx" \ - parm [edx] [eax] [ebx] [ecx] \ - value [eax] \ - modify [eax edx]; - -extern unsigned int muldvd(unsigned int, unsigned int, unsigned int, unsigned int *); -#pragma aux muldvd= \ - "mul edx" \ - "add eax,ebx" \ - "adc edx,0" \ - "mov [ecx],eax" \ - "mov eax,edx" \ - parm [eax] [edx] [ebx] [ecx] \ - value [eax] \ - modify [eax edx]; - -*/ - - -#endif - - Index: trunk/src/mrshs.c =================================================================== --- trunk/src/mrshs.c (revision 3) +++ trunk/src/mrshs.c (nonexistent) @@ -1,157 +0,0 @@ -/* - * Implementation of the Secure Hashing Standard (SHS) - * specified for use with the NIST Digital Signature Standard (DSS) - * - * Generates a 160 bit message digest. It should be impossible to come - * come up with two messages that hash to the same value ("collision free"). - * - * For use with byte-oriented messages only. Could/Should be speeded - * up by unwinding loops in shs_transform(), and assembly patches. - */ - -#include -#include "miracl.h" - /* for definition of mr_unsign32 & prototypes */ -#define FIX - -/* Include this #define in order to implement the - rather mysterious 'fix' to SHS - - With this definition in, SHA-1 is implemented - Without this definition, SHA-0 is implemented -*/ - - -#define H0 0x67452301L -#define H1 0xefcdab89L -#define H2 0x98badcfeL -#define H3 0x10325476L -#define H4 0xc3d2e1f0L - -#define K0 0x5a827999L -#define K1 0x6ed9eba1L -#define K2 0x8f1bbcdcL -#define K3 0xca62c1d6L - -#define PAD 0x80 -#define ZERO 0 - -/* functions */ - -#define S(n,x) (((x)<>(32-n))) - -#define F0(x,y,z) (z^(x&(y^z))) -#define F1(x,y,z) (x^y^z) -#define F2(x,y,z) ((x&y) | (z&(x|y))) -#define F3(x,y,z) (x^y^z) - -static void shs_transform(sha *sh) -{ /* basic transformation step */ - mr_unsign32 a,b,c,d,e,temp; - int t; -#ifdef FIX - for (t=16;t<80;t++) sh->w[t]=S(1,sh->w[t-3]^sh->w[t-8]^sh->w[t-14]^sh->w[t-16]); -#else - for (t=16;t<80;t++) sh->w[t]=sh->w[t-3]^sh->w[t-8]^sh->w[t-14]^sh->w[t-16]; -#endif - a=sh->h[0]; b=sh->h[1]; c=sh->h[2]; d=sh->h[3]; e=sh->h[4]; - for (t=0;t<20;t++) - { /* 20 times - mush it up */ - temp=K0+F0(b,c,d)+S(5,a)+e+sh->w[t]; - e=d; d=c; - c=S(30,b); - b=a; a=temp; - } - for (t=20;t<40;t++) - { /* 20 more times - mush it up */ - temp=K1+F1(b,c,d)+S(5,a)+e+sh->w[t]; - e=d; d=c; - c=S(30,b); - b=a; a=temp; - } - for (t=40;t<60;t++) - { /* 20 more times - mush it up */ - temp=K2+F2(b,c,d)+S(5,a)+e+sh->w[t]; - e=d; d=c; - c=S(30,b); - b=a; a=temp; - } - for (t=60;t<80;t++) - { /* 20 more times - mush it up */ - temp=K3+F3(b,c,d)+S(5,a)+e+sh->w[t]; - e=d; d=c; - c=S(30,b); - b=a; a=temp; - } - sh->h[0]+=a; sh->h[1]+=b; sh->h[2]+=c; - sh->h[3]+=d; sh->h[4]+=e; -} - -void shs_init(sha *sh) -{ /* re-initialise */ - int i; - for (i=0;i<80;i++) sh->w[i]=0L; - sh->length[0]=sh->length[1]=0L; - sh->h[0]=H0; - sh->h[1]=H1; - sh->h[2]=H2; - sh->h[3]=H3; - sh->h[4]=H4; -} - -void shs_process(sha *sh,int byte) -{ /* process the next message byte */ - int cnt; - - cnt=(int)((sh->length[0]/32)%16); - - sh->w[cnt]<<=8; - sh->w[cnt]|=(mr_unsign32)(byte&0xFF); - - sh->length[0]+=8; - if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } - if ((sh->length[0]%512)==0) shs_transform(sh); -} - -void shs_hash(sha *sh,char hash[20]) -{ /* pad message and finish - supply digest */ - int i; - mr_unsign32 len0,len1; - len0=sh->length[0]; - len1=sh->length[1]; - shs_process(sh,PAD); - while ((sh->length[0]%512)!=448) shs_process(sh,ZERO); - sh->w[14]=len1; - sh->w[15]=len0; - shs_transform(sh); - for (i=0;i<20;i++) - { /* convert to bytes */ - hash[i]=((sh->h[i/4]>>(8*(3-i%4))) & 0xffL); - } - shs_init(sh); -} - -/* test program: should produce digest - - 84983e44 1c3bd26e baae4aa1 f95129e5 e54670f1 - -#include -#include "miracl.h" - -char test[]="abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; - -int main() -{ - char hash[20]; - int i; - sha sh; - shs_init(&sh); - for (i=0;test[i]!=0;i++) shs_process(&sh,test[i]); - shs_hash(&sh,hash); - for (i=0;i<20;i++) printf("%02x",(unsigned char)hash[i]); - printf("\n"); - return 0; -} - -*/ - Index: trunk/sim/sha1.do =================================================================== --- trunk/sim/sha1.do (revision 3) +++ trunk/sim/sha1.do (nonexistent) @@ -1,62 +0,0 @@ -#--------------------------------------------------------------------- -# Project name : SHA-160 -# Project description : Secure Hash Algorithm (SHA-160) -# -# File name : sha1.do -# -# Design Engineer : marsgod -# Quality Engineer : marsgod -# Version : 1.0 -# Last modification : 2004-05-10 -#--------------------------------------------------------------------- - -transcript off -# ------------------------------------------------------------------- # -# Directories location -# ------------------------------------------------------------------- # - -set source_dir rtl -set tb_dir bench -set work_dir sim/modelsim_lib - -# ------------------------------------------------------------------- # -# Maping destination directory for core of model -# ------------------------------------------------------------------- # - -vlib $work_dir -vmap SHA_LIB $work_dir -transcript on - - -# ------------------------------------------------------------------- # -# Compiling components of core -# ------------------------------------------------------------------- # - -transcript off -vlog -work SHA_LIB +incdir+$source_dir $source_dir/sha1.v - - -# ------------------------------------------------------------------- # -# Compiling Test Bench -# ------------------------------------------------------------------- # - -vlog -work SHA_LIB $tb_dir/test_sha1.v - -transcript on - - -# ------------------------------------------------------------------- # -# Loading the Test Bench -# ------------------------------------------------------------------- # - -transcript off -vsim +nowarnTFMPC +nowarnTSCALE -t ns -lib SHA_LIB test_sha - -transcript on - - -transcript on - -do wave.do - -run 1ms Index: trunk/sim/sha512.do =================================================================== --- trunk/sim/sha512.do (revision 3) +++ trunk/sim/sha512.do (nonexistent) @@ -1,62 +0,0 @@ -#--------------------------------------------------------------------- -# Project name : SHA-512/384 -# Project description : Secure Hash Algorithm (SHA-512/384) -# -# File name : sha512.do -# -# Design Engineer : marsgod -# Quality Engineer : marsgod -# Version : 1.0 -# Last modification : 2004-05-10 -#--------------------------------------------------------------------- - -transcript off -# ------------------------------------------------------------------- # -# Directories location -# ------------------------------------------------------------------- # - -set source_dir rtl -set tb_dir bench -set work_dir sim/modelsim_lib - -# ------------------------------------------------------------------- # -# Maping destination directory for core of model -# ------------------------------------------------------------------- # - -vlib $work_dir -vmap SHA_LIB $work_dir -transcript on - - -# ------------------------------------------------------------------- # -# Compiling components of core -# ------------------------------------------------------------------- # - -transcript off -vlog -work SHA_LIB +incdir+$source_dir $source_dir/sha512.v - - -# ------------------------------------------------------------------- # -# Compiling Test Bench -# ------------------------------------------------------------------- # - -vlog -work SHA_LIB $tb_dir/test_sha512.v - -transcript on - - -# ------------------------------------------------------------------- # -# Loading the Test Bench -# ------------------------------------------------------------------- # - -transcript off -vsim +nowarnTFMPC +nowarnTSCALE -t ns -lib SHA_LIB test_sha - -transcript on - - -transcript on - -do wave.do - -run 1ms Index: trunk/sim/sha256.do =================================================================== --- trunk/sim/sha256.do (revision 3) +++ trunk/sim/sha256.do (nonexistent) @@ -1,62 +0,0 @@ -#--------------------------------------------------------------------- -# Project name : SHA-256 -# Project description : Secure Hash Algorithm (SHA-256) -# -# File name : sha256.do -# -# Design Engineer : marsgod -# Quality Engineer : marsgod -# Version : 1.0 -# Last modification : 2004-05-10 -#--------------------------------------------------------------------- - -transcript off -# ------------------------------------------------------------------- # -# Directories location -# ------------------------------------------------------------------- # - -set source_dir rtl -set tb_dir bench -set work_dir sim/modelsim_lib - -# ------------------------------------------------------------------- # -# Maping destination directory for core of model -# ------------------------------------------------------------------- # - -vlib $work_dir -vmap SHA_LIB $work_dir -transcript on - - -# ------------------------------------------------------------------- # -# Compiling components of core -# ------------------------------------------------------------------- # - -transcript off -vlog -work SHA_LIB +incdir+$source_dir $source_dir/sha256.v - - -# ------------------------------------------------------------------- # -# Compiling Test Bench -# ------------------------------------------------------------------- # - -vlog -work SHA_LIB $tb_dir/test_sha256.v - -transcript on - - -# ------------------------------------------------------------------- # -# Loading the Test Bench -# ------------------------------------------------------------------- # - -transcript off -vsim +nowarnTFMPC +nowarnTSCALE -t ns -lib SHA_LIB test_sha - -transcript on - - -transcript on - -do wave.do - -run 1ms Index: trunk/bench/test_sha512.v =================================================================== --- trunk/bench/test_sha512.v (revision 3) +++ trunk/bench/test_sha512.v (nonexistent) @@ -1,305 +0,0 @@ -///////////////////////////////////////////////////////////////////// -//// //// -//// SHA-512/384 //// -//// Secure Hash Algorithm (SHA-512/384) testbench //// -//// //// -//// Author: marsgod //// -//// marsgod@opencores.org //// -//// //// -//// //// -//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// -//// //// -///////////////////////////////////////////////////////////////////// -//// //// -//// Copyright (C) 2002-2004 marsgod //// -//// marsgod@opencores.org //// -//// //// -//// //// -//// This source file may be used and distributed without //// -//// restriction provided that this copyright statement is not //// -//// removed from the file and that any derivative work contains //// -//// the original copyright notice and the associated disclaimer.//// -//// //// -//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// -//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// -//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// -//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// -//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// -//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// -//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// -//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// -//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// -//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// -//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// -//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// -//// POSSIBILITY OF SUCH DAMAGE. //// -//// //// -///////////////////////////////////////////////////////////////////// - - -`timescale 1ns/10ps - -`define SHA384_TEST "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" -`define SHA384_TEST_PADDING {1'b1,127'b0,896'b0,128'd896} // 896 bit -`define SHA384_TEST_RESULT 384'h09330c33_f71147e8_3d192fc7_82cd1b47_53111b17_3b3b05d2_2fa08086_e3b0f712_fcc7c71a_557e2db9_66c3e9fa_91746039 - -`define SHA512_TEST "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" -`define SHA512_TEST_PADDING {1'b1,127'b0,896'b0,128'd896} // 896 bit -`define SHA512_TEST_RESULT 512'h8e959b75_dae313da_8cf4f728_14fc143f_8f7779c6_eb9f7fa1_7299aead_b6889018_501d289e_4900f7e4_331b99de_c4b5433a_c7d329ee_b6dd2654_5e96e55b_874be909 - - -module test_sha; - -reg clk,rst,cmd_w_i; -reg [31:0] text_i; - -reg [3:0] cmd_i; - -wire [31:0] text_o; -wire [4:0] cmd_o; - -initial -begin -// $sdf_annotate("syn/data/sha512.sdf",sha_core); - - clk = 1'b0; - rst = 1'b0; - cmd_w_i = 1'b0; - cmd_i = 4'b0; - - #21; - rst = 1'b1; - #17; - rst = 1'b0; - - test_SHA384; - test_SHA512; - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - $finish; -end - - -always #5 clk = ~clk; - -sha512 sha_core( - .clk_i(clk), - .rst_i(rst), - .text_i(text_i), - .text_o(text_o), - .cmd_i(cmd_i), - .cmd_w_i(cmd_w_i), - .cmd_o(cmd_o) - ); - -task test_SHA384; -integer i; -reg [2047:0] all_message; -reg [1023:0] tmp_i; -reg [383:0] tmp_o; -reg [31:0] tmp; -begin - all_message = {`SHA384_TEST,`SHA384_TEST_PADDING}; - tmp_i = all_message[2047:1024]; - tmp_o = `SHA384_TEST_RESULT; - - #100; - - - @(posedge clk); - cmd_i = 4'b0010; - cmd_w_i = 1'b1; - - for (i=0;i<32;i=i+1) - begin - @(posedge clk); - cmd_w_i = 1'b0; - text_i = tmp_i[32*32-1:31*32]; - tmp_i = tmp_i << 32; - end - - - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - while (cmd_o[4]) - @(posedge clk); - - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - #100; - - - tmp_i = all_message[1023:0]; - @(posedge clk); - cmd_i = 4'b0110; - cmd_w_i = 1'b1; - - for (i=0;i<32;i=i+1) - begin - @(posedge clk); - cmd_w_i = 1'b0; - text_i = tmp_i[32*32-1:31*32]; - tmp_i = tmp_i << 32; - end - - - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - while (cmd_o[4]) - @(posedge clk); - - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - cmd_i = 4'b0001; - cmd_w_i = 1'b1; - - @(posedge clk); - cmd_w_i = 1'b0; - for (i=0;i<12;i=i+1) - begin - @(posedge clk); - #1; - tmp = tmp_o[12*32-1:11*32]; - if (text_o !== tmp | (|text_o)===1'bx) - begin - $display("ERROR(SHA-384-%02d) Expected %x, Got %x", i,tmp, text_o); - end - else - begin - $display("OK(SHA-384-%02d),Expected %x, Got %x", i,tmp, text_o); - end - tmp_o = tmp_o << 32; - end - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - #100; -end -endtask - -task test_SHA512; -integer i; -reg [2047:0] all_message; -reg [1023:0] tmp_i; -reg [511:0] tmp_o; -reg [31:0] tmp; -begin - all_message = {`SHA512_TEST,`SHA512_TEST_PADDING}; - tmp_i = all_message[2047:1024]; - tmp_o = `SHA512_TEST_RESULT; - - #100; - - - @(posedge clk); - cmd_i = 4'b1010; - cmd_w_i = 1'b1; - - for (i=0;i<32;i=i+1) - begin - @(posedge clk); - cmd_w_i = 1'b0; - text_i = tmp_i[32*32-1:31*32]; - tmp_i = tmp_i << 32; - end - - - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - while (cmd_o[4]) - @(posedge clk); - - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - #100; - - - tmp_i = all_message[1023:0]; - @(posedge clk); - cmd_i = 4'b1110; - cmd_w_i = 1'b1; - - for (i=0;i<32;i=i+1) - begin - @(posedge clk); - cmd_w_i = 1'b0; - text_i = tmp_i[32*32-1:31*32]; - tmp_i = tmp_i << 32; - end - - - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - while (cmd_o[4]) - @(posedge clk); - - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - cmd_i = 4'b1001; - cmd_w_i = 1'b1; - - @(posedge clk); - cmd_w_i = 1'b0; - for (i=0;i<16;i=i+1) - begin - @(posedge clk); - #1; - tmp = tmp_o[16*32-1:15*32]; - if (text_o !== tmp | (|text_o)===1'bx) - begin - $display("ERROR(SHA-512-%02d) Expected %x, Got %x", i,tmp, text_o); - end - else - begin - $display("OK(SHA-512-%02d),Expected %x, Got %x", i,tmp, text_o); - end - tmp_o = tmp_o << 32; - end - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - #100; -end -endtask - -endmodule \ No newline at end of file Index: trunk/bench/test_sha256.v =================================================================== --- trunk/bench/test_sha256.v (revision 3) +++ trunk/bench/test_sha256.v (nonexistent) @@ -1,196 +0,0 @@ -///////////////////////////////////////////////////////////////////// -//// //// -//// SHA-256 //// -//// Secure Hash Algorithm (SHA-256) testbench //// -//// //// -//// Author: marsgod //// -//// marsgod@opencores.org //// -//// //// -//// //// -//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// -//// //// -///////////////////////////////////////////////////////////////////// -//// //// -//// Copyright (C) 2002-2004 marsgod //// -//// marsgod@opencores.org //// -//// //// -//// //// -//// This source file may be used and distributed without //// -//// restriction provided that this copyright statement is not //// -//// removed from the file and that any derivative work contains //// -//// the original copyright notice and the associated disclaimer.//// -//// //// -//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// -//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// -//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// -//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// -//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// -//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// -//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// -//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// -//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// -//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// -//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// -//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// -//// POSSIBILITY OF SUCH DAMAGE. //// -//// //// -///////////////////////////////////////////////////////////////////// - - -`timescale 1ns/10ps - -`define SHA256_TEST "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" -`define SHA256_TEST_PADDING {1'b1,63'b0,448'b0,64'd448} // 448 bit -`define SHA256_TEST_RESULT 256'h248d6a61_d20638b8_e5c02693_0c3e6039_a33ce459_64ff2167_f6ecedd4_19db06c1 - -module test_sha; - -reg clk,rst,cmd_w_i; -reg [31:0] text_i; - -reg [2:0] cmd_i; - -wire [31:0] text_o; -wire [3:0] cmd_o; - -initial -begin -// $sdf_annotate("syn/data/sha256.sdf",sha_core); - - clk = 1'b0; - rst = 1'b0; - cmd_w_i = 1'b0; - cmd_i = 3'b0; - - #21; - rst = 1'b1; - #17; - rst = 1'b0; - - test_SHA256; - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - $finish; -end - - -always #5 clk = ~clk; - -sha256 sha_core( - .clk_i(clk), - .rst_i(rst), - .text_i(text_i), - .text_o(text_o), - .cmd_i(cmd_i), - .cmd_w_i(cmd_w_i), - .cmd_o(cmd_o) - ); - - -task test_SHA256; -integer i; -reg [1023:0] all_message; -reg [511:0] tmp_i; -reg [255:0] tmp_o; -reg [31:0] tmp; -begin - all_message = {`SHA256_TEST,`SHA256_TEST_PADDING}; - tmp_i = all_message[1023:512]; - tmp_o = `SHA256_TEST_RESULT; - - #100; - - - @(posedge clk); - cmd_i = 3'b010; - cmd_w_i = 1'b1; - - for (i=0;i<16;i=i+1) - begin - @(posedge clk); - cmd_w_i = 1'b0; - text_i = tmp_i[16*32-1:15*32]; - tmp_i = tmp_i << 32; - end - - - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - while (cmd_o[3]) - @(posedge clk); - - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - #100; - - - tmp_i = all_message[511:0]; - @(posedge clk); - cmd_i = 3'b110; - cmd_w_i = 1'b1; - - for (i=0;i<16;i=i+1) - begin - @(posedge clk); - cmd_w_i = 1'b0; - text_i = tmp_i[16*32-1:15*32]; - tmp_i = tmp_i << 32; - end - - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - while (cmd_o[3]) - @(posedge clk); - - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - cmd_i = 3'b001; - cmd_w_i = 1'b1; - - @(posedge clk); - cmd_w_i = 1'b0; - for (i=0;i<8;i=i+1) - begin - @(posedge clk); - #1; - tmp = tmp_o[8*32-1:7*32]; - if (text_o !== tmp | (|text_o)===1'bx) - begin - $display("ERROR(SHA-256-%02d) Expected %x, Got %x", i,tmp, text_o); - end - else - begin - $display("OK(SHA-256-%02d),Expected %x, Got %x", i,tmp, text_o); - end - tmp_o = tmp_o << 32; - end - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - #100; -end -endtask - -endmodule \ No newline at end of file Index: trunk/bench/test_sha1.v =================================================================== --- trunk/bench/test_sha1.v (revision 3) +++ trunk/bench/test_sha1.v (nonexistent) @@ -1,195 +0,0 @@ -///////////////////////////////////////////////////////////////////// -//// //// -//// SHA-160 //// -//// Secure Hash Algorithm (SHA-160) testbench //// -//// //// -//// Author: marsgod //// -//// marsgod@opencores.org //// -//// //// -//// //// -//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// -//// //// -///////////////////////////////////////////////////////////////////// -//// //// -//// Copyright (C) 2002-2004 marsgod //// -//// marsgod@opencores.org //// -//// //// -//// //// -//// This source file may be used and distributed without //// -//// restriction provided that this copyright statement is not //// -//// removed from the file and that any derivative work contains //// -//// the original copyright notice and the associated disclaimer.//// -//// //// -//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// -//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// -//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// -//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// -//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// -//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// -//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// -//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// -//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// -//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// -//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// -//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// -//// POSSIBILITY OF SUCH DAMAGE. //// -//// //// -///////////////////////////////////////////////////////////////////// - - -`timescale 1ns/10ps - -`define SHA1_TEST "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" -`define SHA1_TEST_PADDING {1'b1,63'b0,448'b0,64'd448} // 448 bit -`define SHA1_TEST_RESULT 160'h84983e44_1c3bd26e_baae4aa1_f95129e5_e54670f1 - -module test_sha; - -reg clk,rst,cmd_w_i; -reg [31:0] text_i; - -reg [2:0] cmd_i; - -wire [31:0] text_o; -wire [3:0] cmd_o; - -initial -begin -// $sdf_annotate("syn/data/sha1.sdf",sha_core); - - clk = 1'b0; - rst = 1'b0; - cmd_w_i = 1'b0; - cmd_i = 3'b0; - - #21; - rst = 1'b1; - #17; - rst = 1'b0; - - test_SHA1; - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - $finish; -end - - -always #5 clk = ~clk; - -sha1 sha_core( - .clk_i(clk), - .rst_i(rst), - .text_i(text_i), - .text_o(text_o), - .cmd_i(cmd_i), - .cmd_w_i(cmd_w_i), - .cmd_o(cmd_o) - ); - -task test_SHA1; -integer i; -reg [1023:0] all_message; -reg [511:0] tmp_i; -reg [159:0] tmp_o; -reg [31:0] tmp; -begin - all_message = {`SHA1_TEST,`SHA1_TEST_PADDING}; - tmp_i = all_message[1023:512]; - tmp_o = `SHA1_TEST_RESULT; - - #100; - - - @(posedge clk); - cmd_i = 3'b010; - cmd_w_i = 1'b1; - - for (i=0;i<16;i=i+1) - begin - @(posedge clk); - cmd_w_i = 1'b0; - text_i = tmp_i[16*32-1:15*32]; - tmp_i = tmp_i << 32; - end - - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - while (cmd_o[3]) - @(posedge clk); - - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - #100; - - - tmp_i = all_message[511:0]; - @(posedge clk); - cmd_i = 3'b110; - cmd_w_i = 1'b1; - - for (i=0;i<16;i=i+1) - begin - @(posedge clk); - cmd_w_i = 1'b0; - text_i = tmp_i[16*32-1:15*32]; - tmp_i = tmp_i << 32; - end - - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - while (cmd_o[3]) - @(posedge clk); - - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - - cmd_i = 6'b001; - cmd_w_i = 1'b1; - - @(posedge clk); - cmd_w_i = 1'b0; - for (i=0;i<5;i=i+1) - begin - @(posedge clk); - #1; - tmp = tmp_o[5*32-1:4*32]; - if (text_o !== tmp | (|text_o)===1'bx) - begin - $display("ERROR(SHA-160-%02d) Expected %x, Got %x", i,tmp, text_o); - end - else - begin - $display("OK(SHA-160-%02d),Expected %x, Got %x", i,tmp, text_o); - end - tmp_o = tmp_o << 32; - end - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - @(posedge clk); - #100; -end -endtask - - -endmodule \ No newline at end of file Index: sha_core/trunk/bench/test_sha1.v =================================================================== --- sha_core/trunk/bench/test_sha1.v (nonexistent) +++ sha_core/trunk/bench/test_sha1.v (revision 4) @@ -0,0 +1,195 @@ +///////////////////////////////////////////////////////////////////// +//// //// +//// SHA-160 //// +//// Secure Hash Algorithm (SHA-160) testbench //// +//// //// +//// Author: marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// +//// //// +///////////////////////////////////////////////////////////////////// +//// //// +//// Copyright (C) 2002-2004 marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// This source file may be used and distributed without //// +//// restriction provided that this copyright statement is not //// +//// removed from the file and that any derivative work contains //// +//// the original copyright notice and the associated disclaimer.//// +//// //// +//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// +//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// +//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// +//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// +//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// +//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// +//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// +//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// +//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// +//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// +//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// +//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// +//// POSSIBILITY OF SUCH DAMAGE. //// +//// //// +///////////////////////////////////////////////////////////////////// + + +`timescale 1ns/10ps + +`define SHA1_TEST "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +`define SHA1_TEST_PADDING {1'b1,63'b0,448'b0,64'd448} // 448 bit +`define SHA1_TEST_RESULT 160'h84983e44_1c3bd26e_baae4aa1_f95129e5_e54670f1 + +module test_sha; + +reg clk,rst,cmd_w_i; +reg [31:0] text_i; + +reg [2:0] cmd_i; + +wire [31:0] text_o; +wire [3:0] cmd_o; + +initial +begin +// $sdf_annotate("syn/data/sha1.sdf",sha_core); + + clk = 1'b0; + rst = 1'b0; + cmd_w_i = 1'b0; + cmd_i = 3'b0; + + #21; + rst = 1'b1; + #17; + rst = 1'b0; + + test_SHA1; + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + $finish; +end + + +always #5 clk = ~clk; + +sha1 sha_core( + .clk_i(clk), + .rst_i(rst), + .text_i(text_i), + .text_o(text_o), + .cmd_i(cmd_i), + .cmd_w_i(cmd_w_i), + .cmd_o(cmd_o) + ); + +task test_SHA1; +integer i; +reg [1023:0] all_message; +reg [511:0] tmp_i; +reg [159:0] tmp_o; +reg [31:0] tmp; +begin + all_message = {`SHA1_TEST,`SHA1_TEST_PADDING}; + tmp_i = all_message[1023:512]; + tmp_o = `SHA1_TEST_RESULT; + + #100; + + + @(posedge clk); + cmd_i = 3'b010; + cmd_w_i = 1'b1; + + for (i=0;i<16;i=i+1) + begin + @(posedge clk); + cmd_w_i = 1'b0; + text_i = tmp_i[16*32-1:15*32]; + tmp_i = tmp_i << 32; + end + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + while (cmd_o[3]) + @(posedge clk); + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + #100; + + + tmp_i = all_message[511:0]; + @(posedge clk); + cmd_i = 3'b110; + cmd_w_i = 1'b1; + + for (i=0;i<16;i=i+1) + begin + @(posedge clk); + cmd_w_i = 1'b0; + text_i = tmp_i[16*32-1:15*32]; + tmp_i = tmp_i << 32; + end + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + while (cmd_o[3]) + @(posedge clk); + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + cmd_i = 6'b001; + cmd_w_i = 1'b1; + + @(posedge clk); + cmd_w_i = 1'b0; + for (i=0;i<5;i=i+1) + begin + @(posedge clk); + #1; + tmp = tmp_o[5*32-1:4*32]; + if (text_o !== tmp | (|text_o)===1'bx) + begin + $display("ERROR(SHA-160-%02d) Expected %x, Got %x", i,tmp, text_o); + end + else + begin + $display("OK(SHA-160-%02d),Expected %x, Got %x", i,tmp, text_o); + end + tmp_o = tmp_o << 32; + end + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + #100; +end +endtask + + +endmodule \ No newline at end of file Index: sha_core/trunk/bench/test_sha512.v =================================================================== --- sha_core/trunk/bench/test_sha512.v (nonexistent) +++ sha_core/trunk/bench/test_sha512.v (revision 4) @@ -0,0 +1,305 @@ +///////////////////////////////////////////////////////////////////// +//// //// +//// SHA-512/384 //// +//// Secure Hash Algorithm (SHA-512/384) testbench //// +//// //// +//// Author: marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// +//// //// +///////////////////////////////////////////////////////////////////// +//// //// +//// Copyright (C) 2002-2004 marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// This source file may be used and distributed without //// +//// restriction provided that this copyright statement is not //// +//// removed from the file and that any derivative work contains //// +//// the original copyright notice and the associated disclaimer.//// +//// //// +//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// +//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// +//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// +//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// +//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// +//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// +//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// +//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// +//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// +//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// +//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// +//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// +//// POSSIBILITY OF SUCH DAMAGE. //// +//// //// +///////////////////////////////////////////////////////////////////// + + +`timescale 1ns/10ps + +`define SHA384_TEST "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +`define SHA384_TEST_PADDING {1'b1,127'b0,896'b0,128'd896} // 896 bit +`define SHA384_TEST_RESULT 384'h09330c33_f71147e8_3d192fc7_82cd1b47_53111b17_3b3b05d2_2fa08086_e3b0f712_fcc7c71a_557e2db9_66c3e9fa_91746039 + +`define SHA512_TEST "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +`define SHA512_TEST_PADDING {1'b1,127'b0,896'b0,128'd896} // 896 bit +`define SHA512_TEST_RESULT 512'h8e959b75_dae313da_8cf4f728_14fc143f_8f7779c6_eb9f7fa1_7299aead_b6889018_501d289e_4900f7e4_331b99de_c4b5433a_c7d329ee_b6dd2654_5e96e55b_874be909 + + +module test_sha; + +reg clk,rst,cmd_w_i; +reg [31:0] text_i; + +reg [3:0] cmd_i; + +wire [31:0] text_o; +wire [4:0] cmd_o; + +initial +begin +// $sdf_annotate("syn/data/sha512.sdf",sha_core); + + clk = 1'b0; + rst = 1'b0; + cmd_w_i = 1'b0; + cmd_i = 4'b0; + + #21; + rst = 1'b1; + #17; + rst = 1'b0; + + test_SHA384; + test_SHA512; + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + $finish; +end + + +always #5 clk = ~clk; + +sha512 sha_core( + .clk_i(clk), + .rst_i(rst), + .text_i(text_i), + .text_o(text_o), + .cmd_i(cmd_i), + .cmd_w_i(cmd_w_i), + .cmd_o(cmd_o) + ); + +task test_SHA384; +integer i; +reg [2047:0] all_message; +reg [1023:0] tmp_i; +reg [383:0] tmp_o; +reg [31:0] tmp; +begin + all_message = {`SHA384_TEST,`SHA384_TEST_PADDING}; + tmp_i = all_message[2047:1024]; + tmp_o = `SHA384_TEST_RESULT; + + #100; + + + @(posedge clk); + cmd_i = 4'b0010; + cmd_w_i = 1'b1; + + for (i=0;i<32;i=i+1) + begin + @(posedge clk); + cmd_w_i = 1'b0; + text_i = tmp_i[32*32-1:31*32]; + tmp_i = tmp_i << 32; + end + + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + while (cmd_o[4]) + @(posedge clk); + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + #100; + + + tmp_i = all_message[1023:0]; + @(posedge clk); + cmd_i = 4'b0110; + cmd_w_i = 1'b1; + + for (i=0;i<32;i=i+1) + begin + @(posedge clk); + cmd_w_i = 1'b0; + text_i = tmp_i[32*32-1:31*32]; + tmp_i = tmp_i << 32; + end + + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + while (cmd_o[4]) + @(posedge clk); + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + cmd_i = 4'b0001; + cmd_w_i = 1'b1; + + @(posedge clk); + cmd_w_i = 1'b0; + for (i=0;i<12;i=i+1) + begin + @(posedge clk); + #1; + tmp = tmp_o[12*32-1:11*32]; + if (text_o !== tmp | (|text_o)===1'bx) + begin + $display("ERROR(SHA-384-%02d) Expected %x, Got %x", i,tmp, text_o); + end + else + begin + $display("OK(SHA-384-%02d),Expected %x, Got %x", i,tmp, text_o); + end + tmp_o = tmp_o << 32; + end + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + #100; +end +endtask + +task test_SHA512; +integer i; +reg [2047:0] all_message; +reg [1023:0] tmp_i; +reg [511:0] tmp_o; +reg [31:0] tmp; +begin + all_message = {`SHA512_TEST,`SHA512_TEST_PADDING}; + tmp_i = all_message[2047:1024]; + tmp_o = `SHA512_TEST_RESULT; + + #100; + + + @(posedge clk); + cmd_i = 4'b1010; + cmd_w_i = 1'b1; + + for (i=0;i<32;i=i+1) + begin + @(posedge clk); + cmd_w_i = 1'b0; + text_i = tmp_i[32*32-1:31*32]; + tmp_i = tmp_i << 32; + end + + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + while (cmd_o[4]) + @(posedge clk); + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + #100; + + + tmp_i = all_message[1023:0]; + @(posedge clk); + cmd_i = 4'b1110; + cmd_w_i = 1'b1; + + for (i=0;i<32;i=i+1) + begin + @(posedge clk); + cmd_w_i = 1'b0; + text_i = tmp_i[32*32-1:31*32]; + tmp_i = tmp_i << 32; + end + + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + while (cmd_o[4]) + @(posedge clk); + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + cmd_i = 4'b1001; + cmd_w_i = 1'b1; + + @(posedge clk); + cmd_w_i = 1'b0; + for (i=0;i<16;i=i+1) + begin + @(posedge clk); + #1; + tmp = tmp_o[16*32-1:15*32]; + if (text_o !== tmp | (|text_o)===1'bx) + begin + $display("ERROR(SHA-512-%02d) Expected %x, Got %x", i,tmp, text_o); + end + else + begin + $display("OK(SHA-512-%02d),Expected %x, Got %x", i,tmp, text_o); + end + tmp_o = tmp_o << 32; + end + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + #100; +end +endtask + +endmodule \ No newline at end of file Index: sha_core/trunk/bench/test_sha256.v =================================================================== --- sha_core/trunk/bench/test_sha256.v (nonexistent) +++ sha_core/trunk/bench/test_sha256.v (revision 4) @@ -0,0 +1,196 @@ +///////////////////////////////////////////////////////////////////// +//// //// +//// SHA-256 //// +//// Secure Hash Algorithm (SHA-256) testbench //// +//// //// +//// Author: marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// +//// //// +///////////////////////////////////////////////////////////////////// +//// //// +//// Copyright (C) 2002-2004 marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// This source file may be used and distributed without //// +//// restriction provided that this copyright statement is not //// +//// removed from the file and that any derivative work contains //// +//// the original copyright notice and the associated disclaimer.//// +//// //// +//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// +//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// +//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// +//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// +//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// +//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// +//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// +//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// +//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// +//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// +//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// +//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// +//// POSSIBILITY OF SUCH DAMAGE. //// +//// //// +///////////////////////////////////////////////////////////////////// + + +`timescale 1ns/10ps + +`define SHA256_TEST "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +`define SHA256_TEST_PADDING {1'b1,63'b0,448'b0,64'd448} // 448 bit +`define SHA256_TEST_RESULT 256'h248d6a61_d20638b8_e5c02693_0c3e6039_a33ce459_64ff2167_f6ecedd4_19db06c1 + +module test_sha; + +reg clk,rst,cmd_w_i; +reg [31:0] text_i; + +reg [2:0] cmd_i; + +wire [31:0] text_o; +wire [3:0] cmd_o; + +initial +begin +// $sdf_annotate("syn/data/sha256.sdf",sha_core); + + clk = 1'b0; + rst = 1'b0; + cmd_w_i = 1'b0; + cmd_i = 3'b0; + + #21; + rst = 1'b1; + #17; + rst = 1'b0; + + test_SHA256; + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + $finish; +end + + +always #5 clk = ~clk; + +sha256 sha_core( + .clk_i(clk), + .rst_i(rst), + .text_i(text_i), + .text_o(text_o), + .cmd_i(cmd_i), + .cmd_w_i(cmd_w_i), + .cmd_o(cmd_o) + ); + + +task test_SHA256; +integer i; +reg [1023:0] all_message; +reg [511:0] tmp_i; +reg [255:0] tmp_o; +reg [31:0] tmp; +begin + all_message = {`SHA256_TEST,`SHA256_TEST_PADDING}; + tmp_i = all_message[1023:512]; + tmp_o = `SHA256_TEST_RESULT; + + #100; + + + @(posedge clk); + cmd_i = 3'b010; + cmd_w_i = 1'b1; + + for (i=0;i<16;i=i+1) + begin + @(posedge clk); + cmd_w_i = 1'b0; + text_i = tmp_i[16*32-1:15*32]; + tmp_i = tmp_i << 32; + end + + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + while (cmd_o[3]) + @(posedge clk); + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + #100; + + + tmp_i = all_message[511:0]; + @(posedge clk); + cmd_i = 3'b110; + cmd_w_i = 1'b1; + + for (i=0;i<16;i=i+1) + begin + @(posedge clk); + cmd_w_i = 1'b0; + text_i = tmp_i[16*32-1:15*32]; + tmp_i = tmp_i << 32; + end + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + while (cmd_o[3]) + @(posedge clk); + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + cmd_i = 3'b001; + cmd_w_i = 1'b1; + + @(posedge clk); + cmd_w_i = 1'b0; + for (i=0;i<8;i=i+1) + begin + @(posedge clk); + #1; + tmp = tmp_o[8*32-1:7*32]; + if (text_o !== tmp | (|text_o)===1'bx) + begin + $display("ERROR(SHA-256-%02d) Expected %x, Got %x", i,tmp, text_o); + end + else + begin + $display("OK(SHA-256-%02d),Expected %x, Got %x", i,tmp, text_o); + end + tmp_o = tmp_o << 32; + end + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + #100; +end +endtask + +endmodule \ No newline at end of file Index: sha_core/trunk/rtl/sha1.v =================================================================== --- sha_core/trunk/rtl/sha1.v (nonexistent) +++ sha_core/trunk/rtl/sha1.v (revision 4) @@ -0,0 +1,594 @@ +///////////////////////////////////////////////////////////////////// +//// //// +//// SHA-160 //// +//// Secure Hash Algorithm (SHA-160) //// +//// //// +//// Author: marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// +//// //// +///////////////////////////////////////////////////////////////////// +//// //// +//// Copyright (C) 2002-2004 marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// This source file may be used and distributed without //// +//// restriction provided that this copyright statement is not //// +//// removed from the file and that any derivative work contains //// +//// the original copyright notice and the associated disclaimer.//// +//// //// +//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// +//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// +//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// +//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// +//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// +//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// +//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// +//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// +//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// +//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// +//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// +//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// +//// POSSIBILITY OF SUCH DAMAGE. //// +//// //// +///////////////////////////////////////////////////////////////////// + +`define SHA1_H0 32'h67452301 +`define SHA1_H1 32'hefcdab89 +`define SHA1_H2 32'h98badcfe +`define SHA1_H3 32'h10325476 +`define SHA1_H4 32'hc3d2e1f0 + +`define SHA1_K0 32'h5a827999 +`define SHA1_K1 32'h6ed9eba1 +`define SHA1_K2 32'h8f1bbcdc +`define SHA1_K3 32'hca62c1d6 + +module sha1 (clk_i, rst_i, text_i, text_o, cmd_i, cmd_w_i, cmd_o); + + input clk_i; // global clock input + input rst_i; // global reset input , active high + + input [31:0] text_i; // text input 32bit + output [31:0] text_o; // text output 32bit + + input [2:0] cmd_i; // command input + input cmd_w_i;// command input write enable + output [3:0] cmd_o; // command output(status) + + /* + cmd + Busy Round W R + + bit3 bit2 bit1 bit0 + Busy Round W R + + Busy: + 0 idle + 1 busy + + Round: + 0 first round + 1 internal round + + W: + 0 No-op + 1 write data + + R: + 0 No-op + 1 read data + + */ + + + reg [3:0] cmd; + wire [3:0] cmd_o; + + reg [31:0] text_o; + + reg [6:0] round; + wire [6:0] round_plus_1; + + reg [2:0] read_counter; + + reg [31:0] H0,H1,H2,H3,H4; + reg [31:0] W0,W1,W2,W3,W4,W5,W6,W7,W8,W9,W10,W11,W12,W13,W14; + reg [31:0] Wt,Kt; + reg [31:0] A,B,C,D,E; + + reg busy; + + assign cmd_o = cmd; + always @ (posedge clk_i) + begin + if (rst_i) + cmd <= 'b0; + else + if (cmd_w_i) + cmd[2:0] <= cmd_i[2:0]; // busy bit can't write + else + begin + cmd[3] <= busy; // update busy bit + if (~busy) + cmd[1:0] <= 2'b00; // hardware auto clean R/W bits + end + end + + // Hash functions + wire [31:0] SHA1_f1_BCD,SHA1_f2_BCD,SHA1_f3_BCD,SHA1_Wt_1; + wire [31:0] SHA1_ft_BCD; + wire [31:0] next_Wt,next_A,next_C; + wire [159:0] SHA1_result; + + assign SHA1_f1_BCD = (B & C) ^ (~B & D); + assign SHA1_f2_BCD = B ^ C ^ D; + assign SHA1_f3_BCD = (B & C) ^ (C & D) ^ (B & D); + + assign SHA1_ft_BCD = (round < 'd21) ? SHA1_f1_BCD : (round < 'd41) ? SHA1_f2_BCD : (round < 'd61) ? SHA1_f3_BCD : SHA1_f2_BCD; + + assign SHA1_Wt_1 = {W13 ^ W8 ^ W2 ^ W0}; + + assign next_Wt = {SHA1_Wt_1[30:0],SHA1_Wt_1[31]}; // NSA fix added + assign next_A = {A[26:0],A[31:27]} + SHA1_ft_BCD + E + Kt + Wt; + assign next_C = {B[1:0],B[31:2]}; + + assign SHA1_result = {A,B,C,D,E}; + + assign round_plus_1 = round + 1; + + //------------------------------------------------------------------ + // SHA round + //------------------------------------------------------------------ + always @(posedge clk_i) + begin + if (rst_i) + begin + round <= 'd0; + busy <= 'b0; + + W0 <= 'b0; + W1 <= 'b0; + W2 <= 'b0; + W3 <= 'b0; + W4 <= 'b0; + W5 <= 'b0; + W6 <= 'b0; + W7 <= 'b0; + W8 <= 'b0; + W9 <= 'b0; + W10 <= 'b0; + W11 <= 'b0; + W12 <= 'b0; + W13 <= 'b0; + W14 <= 'b0; + Wt <= 'b0; + + A <= 'b0; + B <= 'b0; + C <= 'b0; + D <= 'b0; + E <= 'b0; + + H0 <= 'b0; + H1 <= 'b0; + H2 <= 'b0; + H3 <= 'b0; + H4 <= 'b0; + + end + else + begin + case (round) + + 'd0: + begin + if (cmd[1]) + begin + W0 <= text_i; + Wt <= text_i; + busy <= 'b1; + round <= round_plus_1; + + case (cmd[2]) + 1'b0: // sha-1 first message + begin + A <= `SHA1_H0; + B <= `SHA1_H1; + C <= `SHA1_H2; + D <= `SHA1_H3; + E <= `SHA1_H4; + + H0 <= `SHA1_H0; + H1 <= `SHA1_H1; + H2 <= `SHA1_H2; + H3 <= `SHA1_H3; + H4 <= `SHA1_H4; + end + 1'b1: // sha-1 internal message + begin + H0 <= A; + H1 <= B; + H2 <= C; + H3 <= D; + H4 <= E; + end + endcase + end + else + begin // IDLE + round <= 'd0; + end + end + 'd1: + begin + W1 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd2: + begin + W2 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd3: + begin + W3 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd4: + begin + W4 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd5: + begin + W5 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd6: + begin + W6 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd7: + begin + W7 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd8: + begin + W8 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd9: + begin + W9 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd10: + begin + W10 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd11: + begin + W11 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd12: + begin + W12 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd13: + begin + W13 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd14: + begin + W14 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd15: + begin + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd16, + 'd17, + 'd18, + 'd19, + 'd20, + 'd21, + 'd22, + 'd23, + 'd24, + 'd25, + 'd26, + 'd27, + 'd28, + 'd29, + 'd30, + 'd31, + 'd32, + 'd33, + 'd34, + 'd35, + 'd36, + 'd37, + 'd38, + 'd39, + 'd40, + 'd41, + 'd42, + 'd43, + 'd44, + 'd45, + 'd46, + 'd47, + 'd48, + 'd49, + 'd50, + 'd51, + 'd52, + 'd53, + 'd54, + 'd55, + 'd56, + 'd57, + 'd58, + 'd59, + 'd60, + 'd61, + 'd62, + 'd63, + 'd64, + 'd65, + 'd66, + 'd67, + 'd68, + 'd69, + 'd70, + 'd71, + 'd72, + 'd73, + 'd74, + 'd75, + 'd76, + 'd77, + 'd78, + 'd79: + begin + W0 <= W1; + W1 <= W2; + W2 <= W3; + W3 <= W4; + W4 <= W5; + W5 <= W6; + W6 <= W7; + W7 <= W8; + W8 <= W9; + W9 <= W10; + W10 <= W11; + W11 <= W12; + W12 <= W13; + W13 <= W14; + W14 <= Wt; + Wt <= next_Wt; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd80: + begin + A <= next_A + H0; + B <= A + H1; + C <= next_C + H2; + D <= C + H3; + E <= D + H4; + round <= 'd0; + busy <= 'b0; + end + default: + begin + round <= 'd0; + busy <= 'b0; + end + endcase + end + end + + + //------------------------------------------------------------------ + // Kt generator + //------------------------------------------------------------------ + always @ (posedge clk_i) + begin + if (rst_i) + begin + Kt <= 'b0; + end + else + begin + if (round < 'd20) + Kt <= `SHA1_K0; + else + if (round < 'd40) + Kt <= `SHA1_K1; + else + if (round < 'd60) + Kt <= `SHA1_K2; + else + Kt <= `SHA1_K3; + end + end + + //------------------------------------------------------------------ + // read result + //------------------------------------------------------------------ + always @ (posedge clk_i) + begin + if (rst_i) + begin + text_o <= 'b0; + read_counter <= 'b0; + end + else + begin + if (cmd[0]) + begin + read_counter <= 'd4; // sha-1 160/32=5 + end + else + begin + if (~busy) + begin + case (read_counter) + 'd4: text_o <= SHA1_result[5*32-1:4*32]; + 'd3: text_o <= SHA1_result[4*32-1:3*32]; + 'd2: text_o <= SHA1_result[3*32-1:2*32]; + 'd1: text_o <= SHA1_result[2*32-1:1*32]; + 'd0: text_o <= SHA1_result[1*32-1:0*32]; + default:text_o <= 'b0; + endcase + if (|read_counter) + read_counter <= read_counter - 'd1; + end + else + begin + text_o <= 'b0; + end + end + end + end + +endmodule + \ No newline at end of file Index: sha_core/trunk/rtl/sha512.v =================================================================== --- sha_core/trunk/rtl/sha512.v (nonexistent) +++ sha_core/trunk/rtl/sha512.v (revision 4) @@ -0,0 +1,1017 @@ +///////////////////////////////////////////////////////////////////// +//// //// +//// SHA-512/384 //// +//// Secure Hash Algorithm (SHA-512 SHA-384) //// +//// //// +//// Author: marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// +//// //// +///////////////////////////////////////////////////////////////////// +//// //// +//// Copyright (C) 2000-2002 marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// This source file may be used and distributed without //// +//// restriction provided that this copyright statement is not //// +//// removed from the file and that any derivative work contains //// +//// the original copyright notice and the associated disclaimer.//// +//// //// +//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// +//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// +//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// +//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// +//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// +//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// +//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// +//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// +//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// +//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// +//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// +//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// +//// POSSIBILITY OF SUCH DAMAGE. //// +//// //// +///////////////////////////////////////////////////////////////////// + +`define SHA512_H0 64'h6a09e667_f3bcc908 +`define SHA512_H1 64'hbb67ae85_84caa73b +`define SHA512_H2 64'h3c6ef372_fe94f82b +`define SHA512_H3 64'ha54ff53a_5f1d36f1 +`define SHA512_H4 64'h510e527f_ade682d1 +`define SHA512_H5 64'h9b05688c_2b3e6c1f +`define SHA512_H6 64'h1f83d9ab_fb41bd6b +`define SHA512_H7 64'h5be0cd19_137e2179 + +`define SHA384_H0 64'hcbbb9d5d_c1059ed8 +`define SHA384_H1 64'h629a292a_367cd507 +`define SHA384_H2 64'h9159015a_3070dd17 +`define SHA384_H3 64'h152fecd8_f70e5939 +`define SHA384_H4 64'h67332667_ffc00b31 +`define SHA384_H5 64'h8eb44a87_68581511 +`define SHA384_H6 64'hdb0c2e0d_64f98fa7 +`define SHA384_H7 64'h47b5481d_befa4fa4 + +`define K00 64'h428a2f98_d728ae22 +`define K01 64'h71374491_23ef65cd +`define K02 64'hb5c0fbcf_ec4d3b2f +`define K03 64'he9b5dba5_8189dbbc +`define K04 64'h3956c25b_f348b538 +`define K05 64'h59f111f1_b605d019 +`define K06 64'h923f82a4_af194f9b +`define K07 64'hab1c5ed5_da6d8118 +`define K08 64'hd807aa98_a3030242 +`define K09 64'h12835b01_45706fbe +`define K10 64'h243185be_4ee4b28c +`define K11 64'h550c7dc3_d5ffb4e2 +`define K12 64'h72be5d74_f27b896f +`define K13 64'h80deb1fe_3b1696b1 +`define K14 64'h9bdc06a7_25c71235 +`define K15 64'hc19bf174_cf692694 +`define K16 64'he49b69c1_9ef14ad2 +`define K17 64'hefbe4786_384f25e3 +`define K18 64'h0fc19dc6_8b8cd5b5 +`define K19 64'h240ca1cc_77ac9c65 +`define K20 64'h2de92c6f_592b0275 +`define K21 64'h4a7484aa_6ea6e483 +`define K22 64'h5cb0a9dc_bd41fbd4 +`define K23 64'h76f988da_831153b5 +`define K24 64'h983e5152_ee66dfab +`define K25 64'ha831c66d_2db43210 +`define K26 64'hb00327c8_98fb213f +`define K27 64'hbf597fc7_beef0ee4 +`define K28 64'hc6e00bf3_3da88fc2 +`define K29 64'hd5a79147_930aa725 +`define K30 64'h06ca6351_e003826f +`define K31 64'h14292967_0a0e6e70 +`define K32 64'h27b70a85_46d22ffc +`define K33 64'h2e1b2138_5c26c926 +`define K34 64'h4d2c6dfc_5ac42aed +`define K35 64'h53380d13_9d95b3df +`define K36 64'h650a7354_8baf63de +`define K37 64'h766a0abb_3c77b2a8 +`define K38 64'h81c2c92e_47edaee6 +`define K39 64'h92722c85_1482353b +`define K40 64'ha2bfe8a1_4cf10364 +`define K41 64'ha81a664b_bc423001 +`define K42 64'hc24b8b70_d0f89791 +`define K43 64'hc76c51a3_0654be30 +`define K44 64'hd192e819_d6ef5218 +`define K45 64'hd6990624_5565a910 +`define K46 64'hf40e3585_5771202a +`define K47 64'h106aa070_32bbd1b8 +`define K48 64'h19a4c116_b8d2d0c8 +`define K49 64'h1e376c08_5141ab53 +`define K50 64'h2748774c_df8eeb99 +`define K51 64'h34b0bcb5_e19b48a8 +`define K52 64'h391c0cb3_c5c95a63 +`define K53 64'h4ed8aa4a_e3418acb +`define K54 64'h5b9cca4f_7763e373 +`define K55 64'h682e6ff3_d6b2b8a3 +`define K56 64'h748f82ee_5defb2fc +`define K57 64'h78a5636f_43172f60 +`define K58 64'h84c87814_a1f0ab72 +`define K59 64'h8cc70208_1a6439ec +`define K60 64'h90befffa_23631e28 +`define K61 64'ha4506ceb_de82bde9 +`define K62 64'hbef9a3f7_b2c67915 +`define K63 64'hc67178f2_e372532b +`define K64 64'hca273ece_ea26619c +`define K65 64'hd186b8c7_21c0c207 +`define K66 64'heada7dd6_cde0eb1e +`define K67 64'hf57d4f7f_ee6ed178 +`define K68 64'h06f067aa_72176fba +`define K69 64'h0a637dc5_a2c898a6 +`define K70 64'h113f9804_bef90dae +`define K71 64'h1b710b35_131c471b +`define K72 64'h28db77f5_23047d84 +`define K73 64'h32caab7b_40c72493 +`define K74 64'h3c9ebe0a_15c9bebc +`define K75 64'h431d67c4_9c100d4c +`define K76 64'h4cc5d4be_cb3e42b6 +`define K77 64'h597f299c_fc657e2a +`define K78 64'h5fcb6fab_3ad6faec +`define K79 64'h6c44198c_4a475817 + +module sha512 (clk_i, rst_i, text_i, text_o, cmd_i, cmd_w_i, cmd_o); + + input clk_i; // global clock input + input rst_i; // global reset input , active high + + input [31:0] text_i; // text input 32bit + output [31:0] text_o; // text output 32bit + + input [3:0] cmd_i; // command input + input cmd_w_i;// command input write enable + output [4:0] cmd_o; // command output(status) + + /* + cmd + Busy S1 S0 Round W R + + bit4 bit3 bit2 bit1 bit0 + Busy S Round W R + + Busy: + 0 idle + 1 busy + + S: + 0 sha-384 + 1 sha-512 + + Round: + 0 first round + 1 internal round + + W: + 0 No-op + 1 write data + + R: + 0 No-op + 1 read data + + */ + + + reg [4:0] cmd; + wire [4:0] cmd_o; + + reg [31:0] text_o; + + reg [6:0] round; + wire [6:0] round_plus_1; + + reg [4:0] read_counter; + + reg [63:0] H0,H1,H2,H3,H4,H5,H6,H7; + reg [63:0] W0,W1,W2,W3,W4,W5,W6,W7,W8,W9,W10,W11,W12,W13,W14; + reg [63:0] Wt,Kt; + reg [63:0] A,B,C,D,E,F,G,H; + + reg busy; + + assign cmd_o = cmd; + always @ (posedge clk_i) + begin + if (rst_i) + cmd <= 'b0; + else + if (cmd_w_i) + cmd[3:0] <= cmd_i[3:0]; // busy bit can't write + else + begin + cmd[4] <= busy; // update busy bit + if (~busy) + cmd[1:0] <= 2'b00; // hardware auto clean R/W bits + end + end + + wire [63:0] f1_EFG_64,f2_ABC_64,f3_A_64,f4_E_64,f5_W1_64,f6_W14_64,T1_64,T2_64; + wire [63:0] W1_swap,W14_swap,Wt_64_swap; + wire [63:0] next_Wt,next_E,next_A; + wire [383:0] SHA384_result; + wire [511:0] SHA512_result; + + assign f1_EFG_64 = (E & F) ^ (~E & G); + + assign f2_ABC_64 = (A & B) ^ (B & C) ^ (A & C); + + assign f3_A_64 = {A[27:0],A[63:28]} ^ {A[33:0],A[63:34]} ^ {A[38:0],A[63:39]}; + + assign f4_E_64 = {E[13:0],E[63:14]} ^ {E[17:0],E[63:18]} ^ {E[40:0],E[63:41]}; + + assign W1_swap = {W1[31:0],W1[63:32]}; + assign f5_W1_64 = {W1_swap[0],W1_swap[63:1]} ^ {W1_swap[7:0],W1_swap[63:8]} ^ {7'b000_0000,W1_swap[63:7]}; + + assign W14_swap = {W14[31:0],W14[63:32]}; + assign f6_W14_64 = {W14_swap[18:0],W14_swap[63:19]} ^ {W14_swap[60:0],W14_swap[63:61]} ^ {6'b00_0000,W14_swap[63:6]}; + + assign Wt_64_swap = f6_W14_64 + {W9[31:0],W9[63:32]} + f5_W1_64 + {W0[31:0],W0[63:32]}; + + assign T1_64 = H[63:0] + f4_E_64 + f1_EFG_64 + Kt[63:0] + {Wt[31:0],Wt[63:32]}; + + assign T2_64 = f3_A_64 + f2_ABC_64; + + assign next_Wt = {Wt_64_swap[31:0],Wt_64_swap[63:32]}; + assign next_E = D[63:0] + T1_64; + assign next_A = T1_64 + T2_64; + + + assign SHA384_result = {A,B,C,D,E,F}; + assign SHA512_result = {A,B,C,D,E,F,G,H}; + + assign round_plus_1 = round + 1; + + //------------------------------------------------------------------ + // SHA round + //------------------------------------------------------------------ + always @(posedge clk_i) + begin + if (rst_i) + begin + round <= 'd0; + busy <= 'b0; + + W0 <= 'b0; + W1 <= 'b0; + W2 <= 'b0; + W3 <= 'b0; + W4 <= 'b0; + W5 <= 'b0; + W6 <= 'b0; + W7 <= 'b0; + W8 <= 'b0; + W9 <= 'b0; + W10 <= 'b0; + W11 <= 'b0; + W12 <= 'b0; + W13 <= 'b0; + W14 <= 'b0; + Wt <= 'b0; + + A <= 'b0; + B <= 'b0; + C <= 'b0; + D <= 'b0; + E <= 'b0; + F <= 'b0; + G <= 'b0; + H <= 'b0; + + H0 <= 'b0; + H1 <= 'b0; + H2 <= 'b0; + H3 <= 'b0; + H4 <= 'b0; + H5 <= 'b0; + H6 <= 'b0; + H7 <= 'b0; + end + else + begin + case (round) + + 'd0: + begin + if (cmd[1]) + begin + W0[31:0] <= text_i; + Wt[31:0] <= text_i; + busy <= 'b1; + round <= round_plus_1; + + case (cmd[3:2]) + 2'b00: // sha-384 first message + begin + A <= `SHA384_H0; + B <= `SHA384_H1; + C <= `SHA384_H2; + D <= `SHA384_H3; + E <= `SHA384_H4; + F <= `SHA384_H5; + G <= `SHA384_H6; + H <= `SHA384_H7; + + H0 <= `SHA384_H0; + H1 <= `SHA384_H1; + H2 <= `SHA384_H2; + H3 <= `SHA384_H3; + H4 <= `SHA384_H4; + H5 <= `SHA384_H5; + H6 <= `SHA384_H6; + H7 <= `SHA384_H7; + end + 2'b01: // sha-384 internal message + begin + H0 <= A; + H1 <= B; + H2 <= C; + H3 <= D; + H4 <= E; + H5 <= F; + H6 <= G; + H7 <= H; + end + 2'b10: // sha-512 first message + begin + A <= `SHA512_H0; + B <= `SHA512_H1; + C <= `SHA512_H2; + D <= `SHA512_H3; + E <= `SHA512_H4; + F <= `SHA512_H5; + G <= `SHA512_H6; + H <= `SHA512_H7; + + H0 <= `SHA512_H0; + H1 <= `SHA512_H1; + H2 <= `SHA512_H2; + H3 <= `SHA512_H3; + H4 <= `SHA512_H4; + H5 <= `SHA512_H5; + H6 <= `SHA512_H6; + H7 <= `SHA512_H7; + end + 2'b11: // sha-512 internal message + begin + H0 <= A; + H1 <= B; + H2 <= C; + H3 <= D; + H4 <= E; + H5 <= F; + H6 <= G; + H7 <= H; + end + endcase + end + else + begin // IDLE + round <= 'd0; + end + end + 'd1: + begin + W0[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd2: + begin + W1[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd3: + begin + W1[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd4: + begin + W2[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd5: + begin + W2[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd6: + begin + W3[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd7: + begin + W3[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd8: + begin + W4[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd9: + begin + W4[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd10: + begin + W5[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd11: + begin + W5[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd12: + begin + W6[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd13: + begin + W6[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd14: + begin + W7[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd15: + begin + W7[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd16: + begin + W8[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd17: + begin + W8[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd18: + begin + W9[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd19: + begin + W9[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd20: + begin + W10[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd21: + begin + W10[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd22: + begin + W11[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd23: + begin + W11[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd24: + begin + W12[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd25: + begin + W12[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd26: + begin + W13[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd27: + begin + W13[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd28: + begin + W14[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd29: + begin + W14[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd30: + begin + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd31: + begin + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd32, + 'd33, + 'd34, + 'd35, + 'd36, + 'd37, + 'd38, + 'd39, + 'd40, + 'd41, + 'd42, + 'd43, + 'd44, + 'd45, + 'd46, + 'd47, + 'd48, + 'd49, + 'd50, + 'd51, + 'd52, + 'd53, + 'd54, + 'd55, + 'd56, + 'd57, + 'd58, + 'd59, + 'd60, + 'd61, + 'd62, + 'd63, + 'd64, + 'd65, + 'd66, + 'd67, + 'd68, + 'd69, + 'd70, + 'd71, + 'd72, + 'd73, + 'd74, + 'd75, + 'd76, + 'd77, + 'd78, + 'd79, + 'd80, + 'd81, + 'd82, + 'd83, + 'd84, + 'd85, + 'd86, + 'd87, + 'd88, + 'd89, + 'd90, + 'd91, + 'd92, + 'd93, + 'd94, + 'd95: + begin + W0 <= W1; + W1 <= W2; + W2 <= W3; + W3 <= W4; + W4 <= W5; + W5 <= W6; + W6 <= W7; + W7 <= W8; + W8 <= W9; + W9 <= W10; + W10 <= W11; + W11 <= W12; + W12 <= W13; + W13 <= W14; + W14 <= Wt; + Wt <= next_Wt; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd96: + begin + A <= next_A + H0; + B <= A + H1; + C <= B + H2; + D <= C + H3; + E <= next_E + H4; + F <= E + H5; + G <= F + H6; + H <= G + H7; + round <= 'd0; + busy <= 'b0; + end + default: + begin + round <= 'd0; + busy <= 'b0; + end + endcase + end + end + + + //------------------------------------------------------------------ + // Kt generator + //------------------------------------------------------------------ + always @ (posedge clk_i) + begin + if (rst_i) + begin + Kt <= 'b0; + end + else + begin + case (round) + 'd00: Kt <= `K00; + 'd01: Kt <= `K00; + 'd02: Kt <= `K01; + 'd03: Kt <= `K01; + 'd04: Kt <= `K02; + 'd05: Kt <= `K02; + 'd06: Kt <= `K03; + 'd07: Kt <= `K03; + 'd08: Kt <= `K04; + 'd09: Kt <= `K04; + 'd10: Kt <= `K05; + 'd11: Kt <= `K05; + 'd12: Kt <= `K06; + 'd13: Kt <= `K06; + 'd14: Kt <= `K07; + 'd15: Kt <= `K07; + 'd16: Kt <= `K08; + 'd17: Kt <= `K08; + 'd18: Kt <= `K09; + 'd19: Kt <= `K09; + 'd20: Kt <= `K10; + 'd21: Kt <= `K10; + 'd22: Kt <= `K11; + 'd23: Kt <= `K11; + 'd24: Kt <= `K12; + 'd25: Kt <= `K12; + 'd26: Kt <= `K13; + 'd27: Kt <= `K13; + 'd28: Kt <= `K14; + 'd29: Kt <= `K14; + 'd30: Kt <= `K15; + 'd31: Kt <= `K15; + 'd32: Kt <= `K16; + 'd33: Kt <= `K17; + 'd34: Kt <= `K18; + 'd35: Kt <= `K19; + 'd36: Kt <= `K20; + 'd37: Kt <= `K21; + 'd38: Kt <= `K22; + 'd39: Kt <= `K23; + 'd40: Kt <= `K24; + 'd41: Kt <= `K25; + 'd42: Kt <= `K26; + 'd43: Kt <= `K27; + 'd44: Kt <= `K28; + 'd45: Kt <= `K29; + 'd46: Kt <= `K30; + 'd47: Kt <= `K31; + 'd48: Kt <= `K32; + 'd49: Kt <= `K33; + 'd50: Kt <= `K34; + 'd51: Kt <= `K35; + 'd52: Kt <= `K36; + 'd53: Kt <= `K37; + 'd54: Kt <= `K38; + 'd55: Kt <= `K39; + 'd56: Kt <= `K40; + 'd57: Kt <= `K41; + 'd58: Kt <= `K42; + 'd59: Kt <= `K43; + 'd60: Kt <= `K44; + 'd61: Kt <= `K45; + 'd62: Kt <= `K46; + 'd63: Kt <= `K47; + 'd64: Kt <= `K48; + 'd65: Kt <= `K49; + 'd66: Kt <= `K50; + 'd67: Kt <= `K51; + 'd68: Kt <= `K52; + 'd69: Kt <= `K53; + 'd70: Kt <= `K54; + 'd71: Kt <= `K55; + 'd72: Kt <= `K56; + 'd73: Kt <= `K57; + 'd74: Kt <= `K58; + 'd75: Kt <= `K59; + 'd76: Kt <= `K60; + 'd77: Kt <= `K61; + 'd78: Kt <= `K62; + 'd79: Kt <= `K63; + 'd80: Kt <= `K64; + 'd81: Kt <= `K65; + 'd82: Kt <= `K66; + 'd83: Kt <= `K67; + 'd84: Kt <= `K68; + 'd85: Kt <= `K69; + 'd86: Kt <= `K70; + 'd87: Kt <= `K71; + 'd88: Kt <= `K72; + 'd89: Kt <= `K73; + 'd90: Kt <= `K74; + 'd91: Kt <= `K75; + 'd92: Kt <= `K76; + 'd93: Kt <= `K77; + 'd94: Kt <= `K78; + 'd95: Kt <= `K79; + default:Kt <= 'd0; + endcase + end + end + + //------------------------------------------------------------------ + // read result + //------------------------------------------------------------------ + always @ (posedge clk_i) + begin + if (rst_i) + begin + text_o <= 'b0; + read_counter <= 'b0; + end + else + begin + if (cmd[0]) + begin + case (cmd[3]) + 1'b0: read_counter <= 'd11; // sha-384 384/32=12 + 1'b1: read_counter <= 'd15; // sha-512 512/32=16 + endcase + end + else + begin + if (~busy) + begin + case (cmd[3]) + 1'b0: + begin + case (read_counter) + 'd11: text_o <= SHA384_result[12*32-1:11*32]; + 'd10: text_o <= SHA384_result[11*32-1:10*32]; + 'd09: text_o <= SHA384_result[10*32-1:09*32]; + 'd08: text_o <= SHA384_result[09*32-1:08*32]; + 'd07: text_o <= SHA384_result[08*32-1:07*32]; + 'd06: text_o <= SHA384_result[07*32-1:06*32]; + 'd05: text_o <= SHA384_result[06*32-1:05*32]; + 'd04: text_o <= SHA384_result[05*32-1:04*32]; + 'd03: text_o <= SHA384_result[04*32-1:03*32]; + 'd02: text_o <= SHA384_result[03*32-1:02*32]; + 'd01: text_o <= SHA384_result[02*32-1:01*32]; + 'd00: text_o <= SHA384_result[01*32-1:00*32]; + default:text_o <= 'b0; + endcase + end + 1'b1: + begin + case (read_counter) + 'd15: text_o <= SHA512_result[16*32-1:15*32]; + 'd14: text_o <= SHA512_result[15*32-1:14*32]; + 'd13: text_o <= SHA512_result[14*32-1:13*32]; + 'd12: text_o <= SHA512_result[13*32-1:12*32]; + 'd11: text_o <= SHA512_result[12*32-1:11*32]; + 'd10: text_o <= SHA512_result[11*32-1:10*32]; + 'd09: text_o <= SHA512_result[10*32-1:09*32]; + 'd08: text_o <= SHA512_result[09*32-1:08*32]; + 'd07: text_o <= SHA512_result[08*32-1:07*32]; + 'd06: text_o <= SHA512_result[07*32-1:06*32]; + 'd05: text_o <= SHA512_result[06*32-1:05*32]; + 'd04: text_o <= SHA512_result[05*32-1:04*32]; + 'd03: text_o <= SHA512_result[04*32-1:03*32]; + 'd02: text_o <= SHA512_result[03*32-1:02*32]; + 'd01: text_o <= SHA512_result[02*32-1:01*32]; + 'd00: text_o <= SHA512_result[01*32-1:00*32]; + default:text_o <= 'b0; + endcase + end + endcase + if (|read_counter) + read_counter <= read_counter - 'd1; + end + else + begin + text_o <= 'b0; + end + end + end + end + +endmodule + Index: sha_core/trunk/rtl/sha256.v =================================================================== --- sha_core/trunk/rtl/sha256.v (nonexistent) +++ sha_core/trunk/rtl/sha256.v (revision 4) @@ -0,0 +1,774 @@ +///////////////////////////////////////////////////////////////////// +//// //// +//// SHA-256 //// +//// Secure Hash Algorithm (SHA-256) //// +//// //// +//// Author: marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// +//// //// +///////////////////////////////////////////////////////////////////// +//// //// +//// Copyright (C) 2000-2002 marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// This source file may be used and distributed without //// +//// restriction provided that this copyright statement is not //// +//// removed from the file and that any derivative work contains //// +//// the original copyright notice and the associated disclaimer.//// +//// //// +//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// +//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// +//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// +//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// +//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// +//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// +//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// +//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// +//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// +//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// +//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// +//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// +//// POSSIBILITY OF SUCH DAMAGE. //// +//// //// +///////////////////////////////////////////////////////////////////// + +`define SHA256_H0 32'h6a09e667 +`define SHA256_H1 32'hbb67ae85 +`define SHA256_H2 32'h3c6ef372 +`define SHA256_H3 32'ha54ff53a +`define SHA256_H4 32'h510e527f +`define SHA256_H5 32'h9b05688c +`define SHA256_H6 32'h1f83d9ab +`define SHA256_H7 32'h5be0cd19 + +`define K00 32'h428a2f98 +`define K01 32'h71374491 +`define K02 32'hb5c0fbcf +`define K03 32'he9b5dba5 +`define K04 32'h3956c25b +`define K05 32'h59f111f1 +`define K06 32'h923f82a4 +`define K07 32'hab1c5ed5 +`define K08 32'hd807aa98 +`define K09 32'h12835b01 +`define K10 32'h243185be +`define K11 32'h550c7dc3 +`define K12 32'h72be5d74 +`define K13 32'h80deb1fe +`define K14 32'h9bdc06a7 +`define K15 32'hc19bf174 +`define K16 32'he49b69c1 +`define K17 32'hefbe4786 +`define K18 32'h0fc19dc6 +`define K19 32'h240ca1cc +`define K20 32'h2de92c6f +`define K21 32'h4a7484aa +`define K22 32'h5cb0a9dc +`define K23 32'h76f988da +`define K24 32'h983e5152 +`define K25 32'ha831c66d +`define K26 32'hb00327c8 +`define K27 32'hbf597fc7 +`define K28 32'hc6e00bf3 +`define K29 32'hd5a79147 +`define K30 32'h06ca6351 +`define K31 32'h14292967 +`define K32 32'h27b70a85 +`define K33 32'h2e1b2138 +`define K34 32'h4d2c6dfc +`define K35 32'h53380d13 +`define K36 32'h650a7354 +`define K37 32'h766a0abb +`define K38 32'h81c2c92e +`define K39 32'h92722c85 +`define K40 32'ha2bfe8a1 +`define K41 32'ha81a664b +`define K42 32'hc24b8b70 +`define K43 32'hc76c51a3 +`define K44 32'hd192e819 +`define K45 32'hd6990624 +`define K46 32'hf40e3585 +`define K47 32'h106aa070 +`define K48 32'h19a4c116 +`define K49 32'h1e376c08 +`define K50 32'h2748774c +`define K51 32'h34b0bcb5 +`define K52 32'h391c0cb3 +`define K53 32'h4ed8aa4a +`define K54 32'h5b9cca4f +`define K55 32'h682e6ff3 +`define K56 32'h748f82ee +`define K57 32'h78a5636f +`define K58 32'h84c87814 +`define K59 32'h8cc70208 +`define K60 32'h90befffa +`define K61 32'ha4506ceb +`define K62 32'hbef9a3f7 +`define K63 32'hc67178f2 + +module sha256 (clk_i, rst_i, text_i, text_o, cmd_i, cmd_w_i, cmd_o); + + input clk_i; // global clock input + input rst_i; // global reset input , active high + + input [31:0] text_i; // text input 32bit + output [31:0] text_o; // text output 32bit + + input [2:0] cmd_i; // command input + input cmd_w_i;// command input write enable + output [3:0] cmd_o; // command output(status) + + /* + cmd + Busy Round W R + + bit3 bit2 bit1 bit0 + Busy Round W R + + Busy: + 0 idle + 1 busy + + Round: + 0 first round + 1 internal round + + W: + 0 No-op + 1 write data + + R: + 0 No-op + 1 read data + + */ + + + reg [3:0] cmd; + wire [3:0] cmd_o; + + reg [31:0] text_o; + + reg [6:0] round; + wire [6:0] round_plus_1; + + reg [2:0] read_counter; + + reg [31:0] H0,H1,H2,H3,H4,H5,H6,H7; + reg [31:0] W0,W1,W2,W3,W4,W5,W6,W7,W8,W9,W10,W11,W12,W13,W14; + reg [31:0] Wt,Kt; + reg [31:0] A,B,C,D,E,F,G,H; + + reg busy; + + assign cmd_o = cmd; + always @ (posedge clk_i) + begin + if (rst_i) + cmd <= 'b0; + else + if (cmd_w_i) + cmd[2:0] <= cmd_i[2:0]; // busy bit can't write + else + begin + cmd[3] <= busy; // update busy bit + if (~busy) + cmd[1:0] <= 2'b00; // hardware auto clean R/W bits + end + end + + wire [31:0] f1_EFG_32,f2_ABC_32,f3_A_32,f4_E_32,f5_W1_32,f6_W14_32,T1_32,T2_32; + wire [31:0] next_Wt,next_E,next_A; + wire [255:0] SHA256_result; + + assign f1_EFG_32 = (E & F) ^ (~E & G); + + assign f2_ABC_32 = (A & B) ^ (B & C) ^ (A & C); + + assign f3_A_32 = {A[1:0],A[31:2]} ^ {A[12:0],A[31:13]} ^ {A[21:0],A[31:22]}; + + assign f4_E_32 = {E[5:0],E[31:6]} ^ {E[10:0],E[31:11]} ^ {E[24:0],E[31:25]}; + + assign f5_W1_32 = {W1[6:0],W1[31:7]} ^ {W1[17:0],W1[31:18]} ^ {3'b000,W1[31:3]}; + + assign f6_W14_32 = {W14[16:0],W14[31:17]} ^ {W14[18:0],W14[31:19]} ^ {10'b00_0000_0000,W14[31:10]}; + + + assign T1_32 = H[31:0] + f4_E_32 + f1_EFG_32 + Kt + Wt; + + assign T2_32 = f3_A_32 + f2_ABC_32; + + assign next_Wt = f6_W14_32 + W9[31:0] + f5_W1_32 + W0[31:0]; + assign next_E = D[31:0] + T1_32; + assign next_A = T1_32 + T2_32; + + + assign SHA256_result = {A,B,C,D,E,F,G,H}; + + assign round_plus_1 = round + 1; + + //------------------------------------------------------------------ + // SHA round + //------------------------------------------------------------------ + always @(posedge clk_i) + begin + if (rst_i) + begin + round <= 'd0; + busy <= 'b0; + + W0 <= 'b0; + W1 <= 'b0; + W2 <= 'b0; + W3 <= 'b0; + W4 <= 'b0; + W5 <= 'b0; + W6 <= 'b0; + W7 <= 'b0; + W8 <= 'b0; + W9 <= 'b0; + W10 <= 'b0; + W11 <= 'b0; + W12 <= 'b0; + W13 <= 'b0; + W14 <= 'b0; + Wt <= 'b0; + + A <= 'b0; + B <= 'b0; + C <= 'b0; + D <= 'b0; + E <= 'b0; + F <= 'b0; + G <= 'b0; + H <= 'b0; + + H0 <= 'b0; + H1 <= 'b0; + H2 <= 'b0; + H3 <= 'b0; + H4 <= 'b0; + H5 <= 'b0; + H6 <= 'b0; + H7 <= 'b0; + end + else + begin + case (round) + + 'd0: + begin + if (cmd[1]) + begin + W0 <= text_i; + Wt <= text_i; + busy <= 'b1; + round <= round_plus_1; + + case (cmd[2]) + 1'b0: // sha-256 first message + begin + A <= `SHA256_H0; + B <= `SHA256_H1; + C <= `SHA256_H2; + D <= `SHA256_H3; + E <= `SHA256_H4; + F <= `SHA256_H5; + G <= `SHA256_H6; + H <= `SHA256_H7; + + H0 <= `SHA256_H0; + H1 <= `SHA256_H1; + H2 <= `SHA256_H2; + H3 <= `SHA256_H3; + H4 <= `SHA256_H4; + H5 <= `SHA256_H5; + H6 <= `SHA256_H6; + H7 <= `SHA256_H7; + end + 1'b1: // sha-256 internal message + begin + H0 <= A; + H1 <= B; + H2 <= C; + H3 <= D; + H4 <= E; + H5 <= F; + H6 <= G; + H7 <= H; + end + endcase + end + else + begin // IDLE + round <= 'd0; + end + end + 'd1: + begin + W1 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd2: + begin + W2 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd3: + begin + W3 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd4: + begin + W4 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd5: + begin + W5 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd6: + begin + W6 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd7: + begin + W7 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd8: + begin + W8 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd9: + begin + W9 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd10: + begin + W10 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd11: + begin + W11 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd12: + begin + W12 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd13: + begin + W13 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd14: + begin + W14 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd15: + begin + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd16, + 'd17, + 'd18, + 'd19, + 'd20, + 'd21, + 'd22, + 'd23, + 'd24, + 'd25, + 'd26, + 'd27, + 'd28, + 'd29, + 'd30, + 'd31, + 'd32, + 'd33, + 'd34, + 'd35, + 'd36, + 'd37, + 'd38, + 'd39, + 'd40, + 'd41, + 'd42, + 'd43, + 'd44, + 'd45, + 'd46, + 'd47, + 'd48, + 'd49, + 'd50, + 'd51, + 'd52, + 'd53, + 'd54, + 'd55, + 'd56, + 'd57, + 'd58, + 'd59, + 'd60, + 'd61, + 'd62, + 'd63: + begin + W0 <= W1; + W1 <= W2; + W2 <= W3; + W3 <= W4; + W4 <= W5; + W5 <= W6; + W6 <= W7; + W7 <= W8; + W8 <= W9; + W9 <= W10; + W10 <= W11; + W11 <= W12; + W12 <= W13; + W13 <= W14; + W14 <= Wt; + Wt <= next_Wt; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd64: + begin + A <= next_A + H0; + B <= A + H1; + C <= B + H2; + D <= C + H3; + E <= next_E + H4; + F <= E + H5; + G <= F + H6; + H <= G + H7; + round <= 'd0; + busy <= 'b0; + end + default: + begin + round <= 'd0; + busy <= 'b0; + end + endcase + end + end + + + //------------------------------------------------------------------ + // Kt generator + //------------------------------------------------------------------ + always @ (posedge clk_i) + begin + if (rst_i) + begin + Kt <= 'b0; + end + else + begin + case (round) + 'd00: Kt <= `K00; + 'd01: Kt <= `K01; + 'd02: Kt <= `K02; + 'd03: Kt <= `K03; + 'd04: Kt <= `K04; + 'd05: Kt <= `K05; + 'd06: Kt <= `K06; + 'd07: Kt <= `K07; + 'd08: Kt <= `K08; + 'd09: Kt <= `K09; + 'd10: Kt <= `K10; + 'd11: Kt <= `K11; + 'd12: Kt <= `K12; + 'd13: Kt <= `K13; + 'd14: Kt <= `K14; + 'd15: Kt <= `K15; + 'd16: Kt <= `K16; + 'd17: Kt <= `K17; + 'd18: Kt <= `K18; + 'd19: Kt <= `K19; + 'd20: Kt <= `K20; + 'd21: Kt <= `K21; + 'd22: Kt <= `K22; + 'd23: Kt <= `K23; + 'd24: Kt <= `K24; + 'd25: Kt <= `K25; + 'd26: Kt <= `K26; + 'd27: Kt <= `K27; + 'd28: Kt <= `K28; + 'd29: Kt <= `K29; + 'd30: Kt <= `K30; + 'd31: Kt <= `K31; + 'd32: Kt <= `K32; + 'd33: Kt <= `K33; + 'd34: Kt <= `K34; + 'd35: Kt <= `K35; + 'd36: Kt <= `K36; + 'd37: Kt <= `K37; + 'd38: Kt <= `K38; + 'd39: Kt <= `K39; + 'd40: Kt <= `K40; + 'd41: Kt <= `K41; + 'd42: Kt <= `K42; + 'd43: Kt <= `K43; + 'd44: Kt <= `K44; + 'd45: Kt <= `K45; + 'd46: Kt <= `K46; + 'd47: Kt <= `K47; + 'd48: Kt <= `K48; + 'd49: Kt <= `K49; + 'd50: Kt <= `K50; + 'd51: Kt <= `K51; + 'd52: Kt <= `K52; + 'd53: Kt <= `K53; + 'd54: Kt <= `K54; + 'd55: Kt <= `K55; + 'd56: Kt <= `K56; + 'd57: Kt <= `K57; + 'd58: Kt <= `K58; + 'd59: Kt <= `K59; + 'd60: Kt <= `K60; + 'd61: Kt <= `K61; + 'd62: Kt <= `K62; + 'd63: Kt <= `K63; + default:Kt <= 'd0; + endcase + end + end + + //------------------------------------------------------------------ + // read result + //------------------------------------------------------------------ + always @ (posedge clk_i) + begin + if (rst_i) + begin + text_o <= 'b0; + read_counter <= 'b0; + end + else + begin + if (cmd[0]) + begin + read_counter <= 'd7; // sha-256 256/32=8 + end + else + begin + if (~busy) + begin + case (read_counter) + 'd7: text_o <= SHA256_result[8*32-1:7*32]; + 'd6: text_o <= SHA256_result[7*32-1:6*32]; + 'd5: text_o <= SHA256_result[6*32-1:5*32]; + 'd4: text_o <= SHA256_result[5*32-1:4*32]; + 'd3: text_o <= SHA256_result[4*32-1:3*32]; + 'd2: text_o <= SHA256_result[3*32-1:2*32]; + 'd1: text_o <= SHA256_result[2*32-1:1*32]; + 'd0: text_o <= SHA256_result[1*32-1:0*32]; + default:text_o <= 'b0; + endcase + if (|read_counter) + read_counter <= read_counter - 'd1; + end + else + begin + text_o <= 'b0; + end + end + end + end + +endmodule + Index: sha_core/trunk/doc/Secure Hash Algorithm IP Core.doc =================================================================== Cannot display: file marked as a binary type. svn:mime-type = application/octet-stream Index: sha_core/trunk/doc/Secure Hash Algorithm IP Core.doc =================================================================== --- sha_core/trunk/doc/Secure Hash Algorithm IP Core.doc (nonexistent) +++ sha_core/trunk/doc/Secure Hash Algorithm IP Core.doc (revision 4)
sha_core/trunk/doc/Secure Hash Algorithm IP Core.doc Property changes : Added: svn:mime-type ## -0,0 +1 ## +application/octet-stream \ No newline at end of property Index: sha_core/trunk/doc/Secure Hash Algorithm IP Core.pdf =================================================================== Cannot display: file marked as a binary type. svn:mime-type = application/octet-stream Index: sha_core/trunk/doc/Secure Hash Algorithm IP Core.pdf =================================================================== --- sha_core/trunk/doc/Secure Hash Algorithm IP Core.pdf (nonexistent) +++ sha_core/trunk/doc/Secure Hash Algorithm IP Core.pdf (revision 4)
sha_core/trunk/doc/Secure Hash Algorithm IP Core.pdf Property changes : Added: svn:mime-type ## -0,0 +1 ## +application/octet-stream \ No newline at end of property Index: sha_core/trunk/src/mrshs512.c =================================================================== --- sha_core/trunk/src/mrshs512.c (nonexistent) +++ sha_core/trunk/src/mrshs512.c (revision 4) @@ -0,0 +1,238 @@ +/* + * Implementation of the Secure Hashing Algorithm (SHA-384 and SHA-512) + * + * Generates a a 384 or 512 bit message digest. It should be impossible to come + * come up with two messages that hash to the same value ("collision free"). + * + * For use with byte-oriented messages only. Could/Should be speeded + * up by unwinding loops in shs_transform(), and assembly patches. + * + * NOTE: This requires a 64-bit integer type to be defined + */ + +#include +#include "miracl.h" + +#ifdef mr_unsign64 + +#define H0 0x6a09e667f3bcc908 +#define H1 0xbb67ae8584caa73b +#define H2 0x3c6ef372fe94f82b +#define H3 0xa54ff53a5f1d36f1 +#define H4 0x510e527fade682d1 +#define H5 0x9b05688c2b3e6c1f +#define H6 0x1f83d9abfb41bd6b +#define H7 0x5be0cd19137e2179 + +#define H8 0xcbbb9d5dc1059ed8 +#define H9 0x629a292a367cd507 +#define HA 0x9159015a3070dd17 +#define HB 0x152fecd8f70e5939 +#define HC 0x67332667ffc00b31 +#define HD 0x8eb44a8768581511 +#define HE 0xdb0c2e0d64f98fa7 +#define HF 0x47b5481dbefa4fa4 + +static mr_unsign64 K[80]={ +0x428a2f98d728ae22,0x7137449123ef65cd,0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc, +0x3956c25bf348b538,0x59f111f1b605d019,0x923f82a4af194f9b,0xab1c5ed5da6d8118, +0xd807aa98a3030242,0x12835b0145706fbe,0x243185be4ee4b28c,0x550c7dc3d5ffb4e2, +0x72be5d74f27b896f,0x80deb1fe3b1696b1,0x9bdc06a725c71235,0xc19bf174cf692694, +0xe49b69c19ef14ad2,0xefbe4786384f25e3,0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65, +0x2de92c6f592b0275,0x4a7484aa6ea6e483,0x5cb0a9dcbd41fbd4,0x76f988da831153b5, +0x983e5152ee66dfab,0xa831c66d2db43210,0xb00327c898fb213f,0xbf597fc7beef0ee4, +0xc6e00bf33da88fc2,0xd5a79147930aa725,0x06ca6351e003826f,0x142929670a0e6e70, +0x27b70a8546d22ffc,0x2e1b21385c26c926,0x4d2c6dfc5ac42aed,0x53380d139d95b3df, +0x650a73548baf63de,0x766a0abb3c77b2a8,0x81c2c92e47edaee6,0x92722c851482353b, +0xa2bfe8a14cf10364,0xa81a664bbc423001,0xc24b8b70d0f89791,0xc76c51a30654be30, +0xd192e819d6ef5218,0xd69906245565a910,0xf40e35855771202a,0x106aa07032bbd1b8, +0x19a4c116b8d2d0c8,0x1e376c085141ab53,0x2748774cdf8eeb99,0x34b0bcb5e19b48a8, +0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb,0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3, +0x748f82ee5defb2fc,0x78a5636f43172f60,0x84c87814a1f0ab72,0x8cc702081a6439ec, +0x90befffa23631e28,0xa4506cebde82bde9,0xbef9a3f7b2c67915,0xc67178f2e372532b, +0xca273eceea26619c,0xd186b8c721c0c207,0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178, +0x06f067aa72176fba,0x0a637dc5a2c898a6,0x113f9804bef90dae,0x1b710b35131c471b, +0x28db77f523047d84,0x32caab7b40c72493,0x3c9ebe0a15c9bebc,0x431d67c49c100d4c, +0x4cc5d4becb3e42b6,0x597f299cfc657e2a,0x5fcb6fab3ad6faec,0x6c44198c4a475817}; + +#define PAD 0x80 +#define ZERO 0 + +/* functions */ + +#define S(n,x) (((x)>>n) | ((x)<<(64-n))) +#define R(n,x) ((x)>>n) + +#define Ch(x,y,z) ((x&y)^(~(x)&z)) +#define Maj(x,y,z) ((x&y)^(x&z)^(y&z)) +#define Sig0(x) (S(28,x)^S(34,x)^S(39,x)) +#define Sig1(x) (S(14,x)^S(18,x)^S(41,x)) +#define theta0(x) (S(1,x)^S(8,x)^R(7,x)) +#define theta1(x) (S(19,x)^S(61,x)^R(6,x)) + +static void shs_transform(sha512 *sh) +{ /* basic transformation step */ + mr_unsign64 a,b,c,d,e,f,g,h,t1,t2; + int j; + for (j=16;j<80;j++) + sh->w[j]=theta1(sh->w[j-2])+sh->w[j-7]+theta0(sh->w[j-15])+sh->w[j-16]; + + a=sh->h[0]; b=sh->h[1]; c=sh->h[2]; d=sh->h[3]; + e=sh->h[4]; f=sh->h[5]; g=sh->h[6]; h=sh->h[7]; + + for (j=0;j<80;j++) + { /* 80 times - mush it up */ + t1=h+Sig1(e)+Ch(e,f,g)+K[j]+sh->w[j]; + t2=Sig0(a)+Maj(a,b,c); + h=g; g=f; f=e; + e=d+t1; + d=c; + c=b; + b=a; + a=t1+t2; + } + sh->h[0]+=a; sh->h[1]+=b; sh->h[2]+=c; sh->h[3]+=d; + sh->h[4]+=e; sh->h[5]+=f; sh->h[6]+=g; sh->h[7]+=h; +} + +void shs512_init(sha512 *sh) +{ /* re-initialise */ + int i; + for (i=0;i<80;i++) sh->w[i]=0; + sh->length[0]=sh->length[1]=0; + sh->h[0]=H0; + sh->h[1]=H1; + sh->h[2]=H2; + sh->h[3]=H3; + sh->h[4]=H4; + sh->h[5]=H5; + sh->h[6]=H6; + sh->h[7]=H7; +} + +void shs384_init(sha384 *sh) +{ /* re-initialise */ + int i; + for (i=0;i<80;i++) sh->w[i]=0; + sh->length[0]=sh->length[1]=0; + sh->h[0]=H8; + sh->h[1]=H9; + sh->h[2]=HA; + sh->h[3]=HB; + sh->h[4]=HC; + sh->h[5]=HD; + sh->h[6]=HE; + sh->h[7]=HF; +} + + +void shs512_process(sha512 *sh,int byte) +{ /* process the next message byte */ + int cnt; + + cnt=(int)((sh->length[0]/64)%16); + + sh->w[cnt]<<=8; + sh->w[cnt]|=(mr_unsign64)(byte&0xFF); + + sh->length[0]+=8; + if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } + if ((sh->length[0]%1024)==0) shs_transform(sh); +} + + +void shs384_process(sha384 *sh,int byte) +{ /* process the next message byte */ + int cnt; + + cnt=(int)((sh->length[0]/64)%16); + + sh->w[cnt]<<=8; + sh->w[cnt]|=(mr_unsign64)(byte&0xFF); + + sh->length[0]+=8; + if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } + if ((sh->length[0]%1024)==0) shs_transform(sh); +} + + +void shs512_hash(sha512 *sh,char hash[64]) +{ /* pad message and finish - supply digest */ + int i; + mr_unsign64 len0,len1; + len0=sh->length[0]; + len1=sh->length[1]; + shs512_process(sh,PAD); + while ((sh->length[0]%1024)!=896) shs512_process(sh,ZERO); + sh->w[14]=len1; + sh->w[15]=len0; + shs_transform(sh); + for (i=0;i<64;i++) + { /* convert to bytes */ + hash[i]=(char)((sh->h[i/8]>>(8*(7-i%8))) & 0xffL); + } + shs512_init(sh); +} + +void shs384_hash(sha384 *sh,char hash[48]) +{ /* pad message and finish - supply digest */ + int i; + mr_unsign64 len0,len1; + len0=sh->length[0]; + len1=sh->length[1]; + shs512_process(sh,PAD); + while ((sh->length[0]%1024)!=896) shs384_process(sh,ZERO); + sh->w[14]=len1; + sh->w[15]=len0; + shs_transform(sh); + for (i=0;i<48;i++) + { /* convert to bytes */ + hash[i]=(char)((sh->h[i/8]>>(8*(7-i%8))) & 0xffL); + } + shs384_init(sh); +} + + +#endif + +/* test program: should produce digests + +512 bit + +8e959b75dae313da 8cf4f72814fc143f 8f7779c6eb9f7fa1 7299aeadb6889018 +501d289e4900f7e4 331b99dec4b5433a c7d329eeb6dd2654 5e96e55b874be909 + + +384 bit + +09330c33f71147e8 3d192fc782cd1b47 53111b173b3b05d2 2fa08086e3b0f712 +fcc7c71a557e2db9 66c3e9fa91746039 + + +#include +#include "miracl.h" + +char test[]="abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + +int main() +{ + char hash[64]; + int i; + sha512 sh; + shs512_init(&sh); + for (i=0;test[i]!=0;i++) shs512_process(&sh,test[i]); + shs512_hash(&sh,hash); + for (i=0;i<64;i++) printf("%02x",(unsigned char)hash[i]); + printf("\n"); + + shs384_init(&sh); + for (i=0;test[i]!=0;i++) shs384_process(&sh,test[i]); + shs384_hash(&sh,hash); + for (i=0;i<48;i++) printf("%02x",(unsigned char)hash[i]); + printf("\n"); + + return 0; +} + +*/ + Index: sha_core/trunk/src/mrshs256.c =================================================================== --- sha_core/trunk/src/mrshs256.c (nonexistent) +++ sha_core/trunk/src/mrshs256.c (revision 4) @@ -0,0 +1,144 @@ +/* + * Implementation of the Secure Hashing Algorithm (SHA-256) + * + * Generates a 256 bit message digest. It should be impossible to come + * come up with two messages that hash to the same value ("collision free"). + * + * For use with byte-oriented messages only. Could/Should be speeded + * up by unwinding loops in shs_transform(), and assembly patches. + */ + +#include +#include "miracl.h" + +#define H0 0x6A09E667L +#define H1 0xBB67AE85L +#define H2 0x3C6EF372L +#define H3 0xA54FF53AL +#define H4 0x510E527FL +#define H5 0x9B05688CL +#define H6 0x1F83D9ABL +#define H7 0x5BE0CD19L + +static mr_unsign32 K[64]={ +0x428a2f98L,0x71374491L,0xb5c0fbcfL,0xe9b5dba5L,0x3956c25bL,0x59f111f1L,0x923f82a4L,0xab1c5ed5L, +0xd807aa98L,0x12835b01L,0x243185beL,0x550c7dc3L,0x72be5d74L,0x80deb1feL,0x9bdc06a7L,0xc19bf174L, +0xe49b69c1L,0xefbe4786L,0x0fc19dc6L,0x240ca1ccL,0x2de92c6fL,0x4a7484aaL,0x5cb0a9dcL,0x76f988daL, +0x983e5152L,0xa831c66dL,0xb00327c8L,0xbf597fc7L,0xc6e00bf3L,0xd5a79147L,0x06ca6351L,0x14292967L, +0x27b70a85L,0x2e1b2138L,0x4d2c6dfcL,0x53380d13L,0x650a7354L,0x766a0abbL,0x81c2c92eL,0x92722c85L, +0xa2bfe8a1L,0xa81a664bL,0xc24b8b70L,0xc76c51a3L,0xd192e819L,0xd6990624L,0xf40e3585L,0x106aa070L, +0x19a4c116L,0x1e376c08L,0x2748774cL,0x34b0bcb5L,0x391c0cb3L,0x4ed8aa4aL,0x5b9cca4fL,0x682e6ff3L, +0x748f82eeL,0x78a5636fL,0x84c87814L,0x8cc70208L,0x90befffaL,0xa4506cebL,0xbef9a3f7L,0xc67178f2L}; + +#define PAD 0x80 +#define ZERO 0 + +/* functions */ + +#define S(n,x) (((x)>>n) | ((x)<<(32-n))) +#define R(n,x) ((x)>>n) + +#define Ch(x,y,z) ((x&y)^(~(x)&z)) +#define Maj(x,y,z) ((x&y)^(x&z)^(y&z)) +#define Sig0(x) (S(2,x)^S(13,x)^S(22,x)) +#define Sig1(x) (S(6,x)^S(11,x)^S(25,x)) +#define theta0(x) (S(7,x)^S(18,x)^R(3,x)) +#define theta1(x) (S(17,x)^S(19,x)^R(10,x)) + +static void shs_transform(sha256 *sh) +{ /* basic transformation step */ + mr_unsign32 a,b,c,d,e,f,g,h,t1,t2; + int j; + for (j=16;j<64;j++) + sh->w[j]=theta1(sh->w[j-2])+sh->w[j-7]+theta0(sh->w[j-15])+sh->w[j-16]; + + a=sh->h[0]; b=sh->h[1]; c=sh->h[2]; d=sh->h[3]; + e=sh->h[4]; f=sh->h[5]; g=sh->h[6]; h=sh->h[7]; + + for (j=0;j<64;j++) + { /* 64 times - mush it up */ + t1=h+Sig1(e)+Ch(e,f,g)+K[j]+sh->w[j]; + t2=Sig0(a)+Maj(a,b,c); + h=g; g=f; f=e; + e=d+t1; + d=c; + c=b; + b=a; + a=t1+t2; + } + sh->h[0]+=a; sh->h[1]+=b; sh->h[2]+=c; sh->h[3]+=d; + sh->h[4]+=e; sh->h[5]+=f; sh->h[6]+=g; sh->h[7]+=h; +} + +void shs256_init(sha256 *sh) +{ /* re-initialise */ + int i; + for (i=0;i<64;i++) sh->w[i]=0L; + sh->length[0]=sh->length[1]=0L; + sh->h[0]=H0; + sh->h[1]=H1; + sh->h[2]=H2; + sh->h[3]=H3; + sh->h[4]=H4; + sh->h[5]=H5; + sh->h[6]=H6; + sh->h[7]=H7; +} + +void shs256_process(sha256 *sh,int byte) +{ /* process the next message byte */ + int cnt; + + cnt=(int)((sh->length[0]/32)%16); + + sh->w[cnt]<<=8; + sh->w[cnt]|=(mr_unsign32)(byte&0xFF); + + sh->length[0]+=8; + if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } + if ((sh->length[0]%512)==0) shs_transform(sh); +} + +void shs256_hash(sha256 *sh,char hash[32]) +{ /* pad message and finish - supply digest */ + int i; + mr_unsign32 len0,len1; + len0=sh->length[0]; + len1=sh->length[1]; + shs256_process(sh,PAD); + while ((sh->length[0]%512)!=448) shs256_process(sh,ZERO); + sh->w[14]=len1; + sh->w[15]=len0; + shs_transform(sh); + for (i=0;i<32;i++) + { /* convert to bytes */ + hash[i]=((sh->h[i/4]>>(8*(3-i%4))) & 0xffL); + } + shs256_init(sh); +} + +/* test program: should produce digest + +248d6a61 d20638b8 e5c02693 0c3e6039 a33ce459 64ff2167 f6ecedd4 19db06c1 + + +#include +#include "miracl.h" + +char test[]="abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; + +int main() +{ + char hash[32]; + int i; + sha256 sh; + shs256_init(&sh); + for (i=0;test[i]!=0;i++) shs256_process(&sh,test[i]); + shs256_hash(&sh,hash); + for (i=0;i<32;i++) printf("%02x",(unsigned char)hash[i]); + printf("\n"); + return 0; +} + +*/ + Index: sha_core/trunk/src/mirdef.h =================================================================== --- sha_core/trunk/src/mirdef.h (nonexistent) +++ sha_core/trunk/src/mirdef.h (revision 4) @@ -0,0 +1,21 @@ +/* + * MIRACL compiler/hardware definitions - mirdef.h + * Copyright (c) 1988-2002 Shamus Software Ltd. + */ +#define MR_COMBA 6 +#define MR_LITTLE_ENDIAN +#define MIRACL 32 +#define mr_utype int +#define MR_IBITS 32 +#define MR_LBITS 32 +#define mr_unsign32 unsigned int +#define mr_dltype __int64 +#define mr_unsign64 unsigned __int64 +#define MR_STRIPPED_DOWN +#define MAXBASE ((mr_small)1<<(MIRACL-1)) +#define MR_BITSINCHAR 8 + +#define MR_NO_FILE_IO +#define NULL ((void *)0) + + Index: sha_core/trunk/src/miracl.h =================================================================== --- sha_core/trunk/src/miracl.h (nonexistent) +++ sha_core/trunk/src/miracl.h (revision 4) @@ -0,0 +1,941 @@ +#ifndef MIRACL_H +#define MIRACL_H + +/* + * main MIRACL header - miracl.h. + * + * Copyright (c) 1988-2001 Shamus Software Ltd. + */ + +#include "mirdef.h" + +#ifdef __ia64__ +#if MIRACL==64 +#define MR_ITANIUM +#include +#endif +#endif + +#ifdef MR_FP +#include +#endif + +#ifndef MR_NO_FILE_IO +#include +#endif + /* error returns */ + +#define MR_ERR_BASE_TOO_BIG 1 +#define MR_ERR_DIV_BY_ZERO 2 +#define MR_ERR_OVERFLOW 3 +#define MR_ERR_NEG_RESULT 4 +#define MR_ERR_BAD_FORMAT 5 +#define MR_ERR_BAD_BASE 6 +#define MR_ERR_BAD_PARAMETERS 7 +#define MR_ERR_OUT_OF_MEMORY 8 +#define MR_ERR_NEG_ROOT 9 +#define MR_ERR_NEG_POWER 10 +#define MR_ERR_BAD_ROOT 11 +#define MR_ERR_INT_OP 12 +#define MR_ERR_FLASH_OVERFLOW 13 +#define MR_ERR_TOO_BIG 14 +#define MR_ERR_NEG_LOG 15 +#define MR_ERR_DOUBLE_FAIL 16 +#define MR_ERR_IO_OVERFLOW 17 +#define MR_ERR_NO_MIRSYS 18 +#define MR_ERR_BAD_MODULUS 19 +#define MR_ERR_NO_MODULUS 20 +#define MR_ERR_EXP_TOO_BIG 21 +#define MR_ERR_NOT_SUPPORTED 22 +#define MR_ERR_NOT_DOUBLE_LEN 23 +#define MR_ERR_NOT_IRREDUC 24 +#define MR_ERR_NO_ROUNDING 25 + + /* some useful definitions */ + + + +#define forever for(;;) + +#ifndef TRUE + #define TRUE 1 +#endif +#ifndef FALSE + #define FALSE 0 +#endif + +#define OFF 0 +#define ON 1 +#define PLUS 1 +#define MINUS (-1) + +#define MR_MAXDEPTH 24 + /* max routine stack depth */ +/* big and flash variables consist of an encoded length, * + * and an array of mr_smalls containing the digits */ + +typedef int BOOL; + +#define MR_BYTE unsigned char + +#ifdef MR_BITSINCHAR + #if MR_BITSINCHAR == 8 + #define MR_TOBYTE(x) ((MR_BYTE)(x)) + #else + #define MR_TOBYTE(x) ((MR_BYTE)((x)&0xFF)) + #endif +#else + #define MR_TOBYTE(x) ((MR_BYTE)(x)) +#endif + +#ifdef MR_FP + + typedef mr_utype mr_small; + #ifdef mr_dltype + typedef mr_dltype mr_large; + #endif + + #define MR_DIV(a,b) (modf((a)/(b),&dres),dres) + + #ifdef MR_FP_ROUNDING + +/* slightly dicey - the optimizer might remove the MAGIC ! */ + + #define MR_LROUND(a) ( ( (a) + MR_MAGIC ) - MR_MAGIC ) + #else + #define MR_LROUND(a) (modfl((a),&ldres),ldres) + #endif + + #define MR_REMAIN(a,b) ((a)-(b)*MR_DIV((a),(b))) + +#else + + typedef unsigned mr_utype mr_small; + #ifdef mr_dltype + typedef unsigned mr_dltype mr_large; + #endif + + #define MR_DIV(a,b) ((a)/(b)) + #define MR_REMAIN(a,b) ((a)%(b)) + #define MR_LROUND(a) ((a)) +#endif + +struct bigtype +{ + mr_unsign32 len; + mr_small *w; +}; + +typedef struct bigtype *big; +typedef big zzn; + +/* Macro to create big x on the stack - x_t and x_g must be distinct variables + By convention use like this. See brute.c and identity.c for examples + + BIG(x,x_t,x_g,10) + BIG(y,y_t,y_g,10) + +*/ + +#define BIG(x,xt,xg,s) mr_small xg[s]; struct bigtype xt={s,xg}; big x=&xt; + +typedef big flash; + +#define MR_MSBIT ((mr_unsign32)1<<31) +#define MR_OBITS (MR_MSBIT-1) + +#if MIRACL >= MR_IBITS +#define MR_TOOBIG (1<<(MR_IBITS-2)) +#else +#define MR_TOOBIG (1<<(MIRACL-1)) +#endif + +#ifdef MR_FLASH +#define MR_EBITS (8*sizeof(double) - MR_FLASH) + /* no of Bits per double exponent */ +#define MR_BTS 16 +#define MR_MSK 0xFFFF + +#endif + +#define MR_HASH_BYTES 20 + +/* Marsaglia & Zaman Random number generator */ +/* constants alternatives */ +#define NK 37 /* 21 */ +#define NJ 24 /* 6 */ +#define NV 14 /* 8 */ + + +#ifdef MR_LITTLE_ENDIAN +#define MR_TOP(x) (*(((mr_small *)&(x))+1)) +#define MR_BOT(x) (*(((mr_small *)&(x)))) +#endif +#ifdef MR_BIG_ENDIAN +#define MR_TOP(x) (*(((mr_small *)&(x)))) +#define MR_BOT(x) (*(((mr_small *)&(x))+1)) +#endif + +/* chinese remainder theorem structures */ + +typedef struct { +big *C; +big *V; +big *M; +int NP; +} big_chinese; + +typedef struct { +mr_utype *C; +mr_utype *V; +mr_utype *M; +int NP; +} small_chinese; + +/* Cryptographically strong pseudo-random number generator */ + +typedef struct { +mr_unsign32 ira[NK]; /* random number... */ +int rndptr; /* ...array & pointer */ +mr_unsign32 borrow; +int pool_ptr; +char pool[MR_HASH_BYTES]; /* random pool */ +} csprng; + +/* secure hash Algorithm structure */ + +typedef struct { +mr_unsign32 length[2]; +mr_unsign32 h[8]; +mr_unsign32 w[80]; +} sha256; + +typedef sha256 sha; + +#ifdef mr_unsign64 + +typedef struct { +mr_unsign64 length[2]; +mr_unsign64 h[8]; +mr_unsign64 w[80]; +} sha512; + +typedef sha512 sha384; + +#endif + +/* advanced encryption algorithm structure */ + +#define MR_ECB 0 +#define MR_CBC 1 +#define MR_CFB1 2 +#define MR_CFB2 3 +#define MR_CFB4 5 +#define MR_PCFB1 10 +#define MR_PCFB2 11 +#define MR_PCFB4 13 +#define MR_OFB1 14 +#define MR_OFB2 15 +#define MR_OFB4 17 +#define MR_OFB8 21 +#define MR_OFB16 29 + +typedef struct { +int Nk,Nr; +int mode; +mr_unsign32 fkey[60]; +mr_unsign32 rkey[60]; +char f[16]; +} aes; + + + /* Elliptic curve point status */ + +#define MR_EPOINT_GENERAL 0 +#define MR_EPOINT_NORMALIZED 1 +#define MR_EPOINT_INFINITY 2 + +#define MR_PROJECTIVE 0 +#define MR_AFFINE 1 + + +/* Elliptic Curve epoint structure. Uses projective (X,Y,Z) co-ordinates */ + +typedef struct { +big X; +big Y; +big Z; +int marker; +} epoint; + + +/* Structure for Brickell method for finite * + field exponentiation with precomputation */ + +typedef struct { + big *table; + big n; + int base; + int store; +} brick; + +/* Structure for Brickell method for elliptic * + curve exponentiation with precomputation */ + +typedef struct { + epoint **table; + big a,b,n; + int base; + int store; +} ebrick; + +typedef struct { + epoint **table; + big a6,a2; + int m,a,b,c; + int base; + int store; +} ebrick2; + +/* main MIRACL instance structure */ + +typedef struct { +mr_small base; /* number base */ +mr_small apbase; /* apparent base */ +int pack; /* packing density */ +int lg2b; /* bits in base */ +mr_small base2; /* 2^mr_lg2b */ +BOOL (*user)(void); /* pointer to user supplied function */ + +int nib; /* length of bigs */ +int depth; /* error tracing ..*/ +int trace[MR_MAXDEPTH]; /* .. mechanism */ +BOOL check; /* overflow check */ +BOOL fout; /* Output to file */ +BOOL fin; /* Input from file */ +BOOL active; + +#ifndef MR_NO_FILE_IO + +FILE *infile; /* Input file */ +FILE *otfile; /* Output file */ + +#endif + +mr_unsign32 ira[NK]; /* random number... */ +int rndptr; /* ...array & pointer */ +mr_unsign32 borrow; + + /* Montgomery constants */ +mr_small ndash; +big modulus; +BOOL ACTIVE; +BOOL MONTY; + /* Elliptic Curve details */ +BOOL SS; /* True for Super-Singular */ +big A,B,C; +int coord,Asize,Bsize; + +int M,AA,BB,CC; /* for GF(2^m) curves */ + +int logN; /* constants for fast fourier fft multiplication */ +int nprimes,degree; +mr_utype *prime,*cr; +mr_utype *inverse,**roots; +small_chinese chin; +mr_utype const1,const2,const3; +mr_small msw,lsw; +mr_utype **s1,**s2; /* pre-computed tables for polynomial reduction */ +mr_utype **t; /* workspace */ +mr_utype *wa; +mr_utype *wb; +mr_utype *wc; +BOOL same; +BOOL first_one; +BOOL debug; + +big w0; /* workspace bigs */ +big w1,w2,w3,w4; +big w5,w6,w7; +big w8,w9,w10,w11; +big w12,w13,w14,w15; +big w16,w17,w18; + +/* User modifiables */ + +char *IOBUFF; /* i/o buffer */ +int IOBSIZ; /* size of i/o buffer */ +BOOL ERCON; /* error control */ +int ERNUM; /* last error code */ +int NTRY; /* no. of tries for probablistic primality testing */ +int IOBASE; /* base for input and output */ +BOOL EXACT; /* exact flag */ +BOOL RPOINT; /* =ON for radix point, =OFF for fractions in output */ +BOOL TRACER; /* turns trace tracker on/off */ +int INPLEN; /* input length */ +int *PRIMES; /* small primes array */ + +#ifdef MR_FLASH +int workprec; +int stprec; /* start precision */ + +int RS,RD; +double D; + +double db,n,p; +int a,b,c,d,r,q,oldn,ndig; +mr_small u,v,ku,kv; + +BOOL last,carryon; +flash pi; + + +#endif + +#ifdef MR_KCM +big big_ndash; +big ws; +#endif + +#ifdef MR_FP_ROUNDING +mr_large inverse_base; +#endif +int size; +char *workspace; + +} miracl; + + +#ifndef MR_GENERIC_MT + +#ifdef MR_WINDOWS_MT +#define MR_OS_THREADS +#endif + +#ifdef MR_UNIX_MT +#define MR_OS_THREADS +#endif + +#ifndef MR_OS_THREADS + +extern miracl *mr_mip; /* pointer to MIRACL's only global variable */ + +#endif + +#endif + + +#ifdef MR_GENERIC_MT + +#define _MIPT_ miracl *, +#define _MIPTO_ miracl * +#define _MIPD_ miracl *mr_mip, +#define _MIPDO_ miracl *mr_mip +#define _MIPP_ mr_mip, +#define _MIPPO_ mr_mip + +#else + +#define _MIPT_ +#define _MIPTO_ void +#define _MIPD_ +#define _MIPDO_ void +#define _MIPP_ +#define _MIPPO_ + +#endif + +/* Preamble and exit code for MIRACL routines. * + * Not used if MR_STRIPPED_DOWN is defined */ + +#ifdef MR_STRIPPED_DOWN +#define MR_OUT +#define MR_IN(N) +#else +#define MR_OUT mr_mip->depth--; +#define MR_IN(N) mr_mip->depth++; if (mr_mip->depthtrace[mr_mip->depth]=(N); if (mr_mip->TRACER) mr_track(_MIPPO_); } +#endif + +/* Function definitions */ + +/* Group 0 - Internal routines */ + +extern void mr_berror(_MIPT_ int); +extern mr_small mr_shiftbits(mr_small,int); +extern mr_small mr_setbase(_MIPT_ mr_small); +extern void mr_track(_MIPTO_ ); +extern void mr_lzero(big); +extern BOOL mr_notint(flash); +extern int mr_lent(flash); +extern void mr_padd(_MIPT_ big,big,big); +extern void mr_psub(_MIPT_ big,big,big); +extern void mr_pmul(_MIPT_ big,mr_small,big); +#ifdef MR_FP_ROUNDING +extern mr_large mr_invert(mr_small); +extern mr_small imuldiv(mr_small,mr_small,mr_small,mr_small,mr_large,mr_small *); +extern mr_small mr_sdiv(_MIPT_ big,mr_small,mr_large,big); +#else +extern mr_small mr_sdiv(_MIPT_ big,mr_small,big); +#endif +extern void mr_shift(_MIPT_ big,int,big); +extern miracl *mr_first_alloc(void); +extern void *mr_alloc(_MIPT_ int,int); +extern void mr_free(void *); +extern void set_user_function(_MIPT_ BOOL (*)(void)); +extern void set_io_buffer_size(_MIPT_ int); +extern int mr_testbit(_MIPT_ big,int); +extern int mr_window(_MIPT_ big,int,int *,int *); +extern int mr_window2(_MIPT_ big,big,int,int *,int *); +extern int mr_naf_window(_MIPT_ big,big,int,int *,int *); + +extern int mr_fft_init(_MIPT_ int,big,big,BOOL); +extern void mr_dif_fft(_MIPT_ int,int,mr_utype *); +extern void mr_dit_fft(_MIPT_ int,int,mr_utype *); +extern void fft_reset(_MIPTO_); + +extern int mr_poly_mul(_MIPT_ int,big*,int,big*,big*); +extern int mr_poly_sqr(_MIPT_ int,big*,big*); +extern void mr_polymod_set(_MIPT_ int,big*,big*); +extern int mr_poly_rem(_MIPT_ int,big *,big *); + +extern int mr_ps_big_mul(_MIPT_ int,big *,big *,big *); +extern int mr_ps_zzn_mul(_MIPT_ int,big *,big *,big *); + +extern mr_small muldiv(mr_small,mr_small,mr_small,mr_small,mr_small *); +extern mr_small muldvm(mr_small,mr_small,mr_small,mr_small *); +extern mr_small muldvd(mr_small,mr_small,mr_small,mr_small *); +extern void muldvd2(mr_small,mr_small,mr_small *,mr_small *); + +/* Group 1 - General purpose, I/O and basic arithmetic routines */ + +extern int igcd(int,int); +extern mr_small sgcd(mr_small,mr_small); +extern int isqrt(int,int); +extern void irand(_MIPT_ mr_unsign32); +extern mr_small brand(_MIPTO_ ); +extern void zero(flash); +extern void convert(_MIPT_ int,big); +extern void lgconv(_MIPT_ long,big); +extern flash mirvar(_MIPT_ int); +extern flash mirvar_mem(_MIPT_ char *,int); +extern void mirkill(big); +extern void *memalloc(_MIPT_ int); +extern void memkill(_MIPT_ char *,int); +extern void mr_init_threading(void); +extern void mr_end_threading(void); +extern miracl *get_mip(_MIPTO_ ); +extern miracl *mirsys(int,mr_small); +extern void mirexit(_MIPTO_ ); +extern int exsign(flash); +extern void insign(int,flash); +extern int getdig(_MIPT_ big,int); +extern int numdig(_MIPT_ big); +extern void putdig(_MIPT_ int,big,int); +extern void copy(flash,flash); +extern void negify(flash,flash); +extern void absol(flash,flash); +extern int size(big); +extern int compare(big,big); +extern void add(_MIPT_ big,big,big); +extern void subtract(_MIPT_ big,big,big); +extern void incr(_MIPT_ big,int,big); +extern void decr(_MIPT_ big,int,big); +extern void premult(_MIPT_ big,int,big); +extern int subdiv(_MIPT_ big,int,big); +extern BOOL subdivisible(_MIPT_ big,int); +extern int remain(_MIPT_ big,int); +extern void bytes_to_big(_MIPT_ int,char *,big); +extern int big_to_bytes(_MIPT_ int,big,char *,BOOL); +extern mr_small normalise(_MIPT_ big,big); +extern void multiply(_MIPT_ big,big,big); +extern void fft_mult(_MIPT_ big,big,big); +extern BOOL fastmultop(_MIPT_ int,big,big,big); +extern void divide(_MIPT_ big,big,big); +extern BOOL divisible(_MIPT_ big,big); +extern void mad(_MIPT_ big,big,big,big,big,big); +extern int instr(_MIPT_ flash,char *); +extern int otstr(_MIPT_ flash,char *); +extern int cinstr(_MIPT_ flash,char *); +extern int cotstr(_MIPT_ flash,char *); + +#ifndef MR_NO_FILE_IO + +extern int innum(_MIPT_ flash,FILE *); +extern int otnum(_MIPT_ flash,FILE *); +extern int cinnum(_MIPT_ flash,FILE *); +extern int cotnum(_MIPT_ flash,FILE *); + +#endif + +/* Group 2 - Advanced arithmetic routines */ + +extern mr_small smul(mr_small,mr_small,mr_small); +extern mr_small spmd(mr_small,mr_small,mr_small); +extern mr_small invers(mr_small,mr_small); +extern mr_small sqrmp(mr_small,mr_small); +extern int jac(mr_small,mr_small); + +extern void gprime(_MIPT_ int); +extern int jack(_MIPT_ big,big); +extern int egcd(_MIPT_ big,big,big); +extern int xgcd(_MIPT_ big,big,big,big,big); +extern int logb2(_MIPT_ big); +extern void expint(_MIPT_ int,int,big); +extern void sftbit(_MIPT_ big,int,big); +extern void power(_MIPT_ big,long,big,big); +extern void powmod(_MIPT_ big,big,big,big); +extern void powmod2(_MIPT_ big,big,big,big,big,big); +extern void powmodn(_MIPT_ int,big *,big *,big,big); +extern int powltr(_MIPT_ int,big,big,big); +extern BOOL double_inverse(_MIPT_ big,big,big,big,big); +extern BOOL multi_inverse(_MIPT_ int,big*,big,big*); +extern void lucas(_MIPT_ big,big,big,big,big); +extern BOOL nroot(_MIPT_ big,int,big); +extern BOOL sqroot(_MIPT_ big,big,big); +extern void bigrand(_MIPT_ big,big); +extern void bigdig(_MIPT_ int,int,big); +extern int trial_division(_MIPT_ big,big); +extern BOOL isprime(_MIPT_ big); +extern BOOL nxprime(_MIPT_ big,big); +extern BOOL nxsafeprime(_MIPT_ int,int,big,big); +extern BOOL crt_init(_MIPT_ big_chinese *,int,big *); +extern void crt(_MIPT_ big_chinese *,big *,big); +extern void crt_end(big_chinese *); +extern BOOL scrt_init(_MIPT_ small_chinese *,int,mr_utype *); +extern void scrt(_MIPT_ small_chinese*,mr_utype *,big); +extern void scrt_end(small_chinese *); +extern BOOL brick_init(_MIPT_ brick *,big,big,int); +extern void pow_brick(_MIPT_ brick *,big,big); +extern void brick_end(brick *); +extern BOOL ebrick_init(_MIPT_ ebrick *,big,big,big,big,big,int); +extern void ebrick_end(ebrick *); +extern int mul_brick(_MIPT_ ebrick*,big,big,big); +extern BOOL ebrick2_init(_MIPT_ ebrick2 *,big,big,big,big,int,int,int,int,int); +extern void ebrick2_end(ebrick2 *); +extern int mul2_brick(_MIPT_ ebrick2*,big,big,big); + +/* Montgomery stuff */ + +extern mr_small prepare_monty(_MIPT_ big); +extern void kill_monty(_MIPTO_ ); +extern void nres(_MIPT_ big,big); +extern void redc(_MIPT_ big,big); + +extern void nres_negate(_MIPT_ big,big); +extern void nres_modadd(_MIPT_ big,big,big); +extern void nres_modsub(_MIPT_ big,big,big); +extern void nres_premult(_MIPT_ big,int,big); +extern void nres_modmult(_MIPT_ big,big,big); +extern int nres_moddiv(_MIPT_ big,big,big); +extern void nres_dotprod(_MIPT_ int,big *,big *,big); +extern void nres_powmod(_MIPT_ big,big,big); +extern void nres_powltr(_MIPT_ int,big,big); +extern void nres_powmod2(_MIPT_ big,big,big,big,big); +extern void nres_powmodn(_MIPT_ int,big *,big *,big); +extern BOOL nres_sqroot(_MIPT_ big,big); +extern void nres_lucas(_MIPT_ big,big,big,big); +extern BOOL nres_double_inverse(_MIPT_ big,big,big,big); +extern BOOL nres_multi_inverse(_MIPT_ int,big *,big *); + +extern void shs_init(sha *); +extern void shs_process(sha *,int); +extern void shs_hash(sha *,char *); + +extern void shs256_init(sha256 *); +extern void shs256_process(sha256 *,int); +extern void shs256_hash(sha256 *,char *); + +#ifdef mr_unsign64 + +extern void shs512_init(sha512 *); +extern void shs512_process(sha512 *,int); +extern void shs512_hash(sha512 *,char *); + +extern void shs384_init(sha384 *); +extern void shs384_process(sha384 *,int); +extern void shs384_hash(sha384 *,char *); + +#endif + +extern BOOL aes_init(aes *,int,int,char *,char *); +extern void aes_getreg(aes *,char *); +extern mr_unsign32 aes_encrypt(aes *,char *); +extern mr_unsign32 aes_decrypt(aes *,char *); +extern void aes_reset(aes *,int,char *); +extern void aes_end(aes *); + +extern void strong_init(csprng *,int,char *,mr_unsign32); +extern int strong_rng(csprng *); +extern void strong_bigrand(_MIPT_ csprng *,big,big); +extern void strong_bigdig(_MIPT_ csprng *,int,int,big); +extern void strong_kill(csprng *); + +/* special modular multipliers */ + +extern void comba_mult(_MIPT_ big,big,big); +extern void comba_square(_MIPT_ big,big); +extern void comba_redc(_MIPT_ big,big); +extern void comba_add(_MIPT_ big,big,big); +extern void comba_sub(_MIPT_ big,big,big); + +extern void fastmodmult(_MIPT_ big,big,big); +extern void fastmodsquare(_MIPT_ big,big); + +extern void kcm_mul(_MIPT_ big,big,big); +extern void kcm_sqr(_MIPT_ big,big); +extern void kcm_redc(_MIPT_ big,big); + +extern void kcm_multiply(_MIPT_ int,big,big,big); +extern void kcm_square(_MIPT_ int,big,big); +extern BOOL kcm_top(_MIPT_ int,big,big,big); + +/* elliptic curve stuff */ + +extern BOOL point_at_infinity(epoint *); + +extern void ecurve_init(_MIPT_ big,big,big,int); +extern big ecurve_add(_MIPT_ epoint *,epoint *); +extern big ecurve_sub(_MIPT_ epoint *,epoint *); +extern void ecurve_double_add(_MIPT_ epoint *,epoint *,epoint *,epoint *,big *,big *); +extern void ecurve_multi_add(_MIPT_ int,epoint **,epoint **); +extern void ecurve_mult(_MIPT_ big,epoint *,epoint *); +extern void ecurve_mult2(_MIPT_ big,epoint *,big,epoint *,epoint *); +extern void ecurve_multn(_MIPT_ int,big *,epoint**,epoint *); + +extern epoint* epoint_init(_MIPTO_ ); +extern BOOL epoint_set(_MIPT_ big,big,int,epoint*); +extern int epoint_get(_MIPT_ epoint*,big,big); +extern void epoint_getxyz(_MIPT_ epoint *,big,big,big); +extern int epoint_norm(_MIPT_ epoint *); +extern void epoint_free(epoint *); +extern void epoint_copy(epoint *,epoint *); +extern BOOL epoint_comp(_MIPT_ epoint *,epoint *); +extern void epoint_negate(_MIPT_ epoint *); + +extern BOOL ecurve2_init(_MIPT_ int,int,int,int,big,big,BOOL,int); +extern big ecurve2_add(_MIPT_ epoint *,epoint *); +extern big ecurve2_sub(_MIPT_ epoint *,epoint *); +extern void ecurve2_multi_add(_MIPT_ int,epoint **,epoint **); +extern void ecurve2_mult(_MIPT_ big,epoint *,epoint *); +extern void ecurve2_mult2(_MIPT_ big,epoint *,big,epoint *,epoint *); +extern void ecurve2_multn(_MIPT_ int,big *,epoint**,epoint *); + +extern epoint* epoint2_init(_MIPTO_ ); +extern BOOL epoint2_set(_MIPT_ big,big,int,epoint*); +extern int epoint2_get(_MIPT_ epoint*,big,big); +extern void epoint2_getxyz(_MIPT_ epoint *,big,big,big); +extern int epoint2_norm(_MIPT_ epoint *); +extern void epoint2_free(epoint *); +extern void epoint2_copy(epoint *,epoint *); +extern BOOL epoint2_comp(_MIPT_ epoint *,epoint *); +extern void epoint2_negate(_MIPT_ epoint *); + +/* GF(2) stuff */ + +extern BOOL prepare_basis(_MIPT_ int,int,int,int,BOOL); +extern void add2(big,big,big); +extern void incr2(big,int,big); +extern void reduce2(_MIPT_ big,big); +extern void modmult2(_MIPT_ big,big,big); +extern void power2(_MIPT_ big,int,big); +extern void sqroot2(_MIPT_ big,big); +extern BOOL inverse2(_MIPT_ big,big); +extern void karmul2(int,mr_small *,mr_small *,mr_small *,mr_small *); +extern void karmul2_poly(_MIPT_ int,big *,big *,big *,big *); +extern void karmul2_poly_upper(_MIPT_ int,big *,big *,big *,big *); +extern void gf2m_dotprod(_MIPT_ int,big *,big *,big); +extern int trace2(_MIPT_ big); + +/* Group 3 - Floating-slash routines */ + +#ifdef MR_FLASH +extern void fpack(_MIPT_ big,big,flash); +extern void numer(_MIPT_ flash,big); +extern void denom(_MIPT_ flash,big); +extern BOOL fit(big,big,int); +extern void build(_MIPT_ flash,int (*)(_MIPT_ big,int)); +extern void mround(_MIPT_ big,big,flash); +extern void flop(_MIPT_ flash,flash,int *,flash); +extern void fmul(_MIPT_ flash,flash,flash); +extern void fdiv(_MIPT_ flash,flash,flash); +extern void fadd(_MIPT_ flash,flash,flash); +extern void fsub(_MIPT_ flash,flash,flash); +extern int fcomp(_MIPT_ flash,flash); +extern void fconv(_MIPT_ int,int,flash); +extern void frecip(_MIPT_ flash,flash); +extern void ftrunc(_MIPT_ flash,big,flash); +extern void fmodulo(_MIPT_ flash,flash,flash); +extern void fpmul(_MIPT_ flash,int,int,flash); +extern void fincr(_MIPT_ flash,int,int,flash); +extern void dconv(_MIPT_ double,flash); +extern double fdsize(_MIPT_ flash); +extern void frand(_MIPT_ flash); + +/* Group 4 - Advanced Flash routines */ + +extern void fpower(_MIPT_ flash,int,flash); +extern BOOL froot(_MIPT_ flash,int,flash); +extern void fpi(_MIPT_ flash); +extern void fexp(_MIPT_ flash,flash); +extern void flog(_MIPT_ flash,flash); +extern void fpowf(_MIPT_ flash,flash,flash); +extern void ftan(_MIPT_ flash,flash); +extern void fatan(_MIPT_ flash,flash); +extern void fsin(_MIPT_ flash,flash); +extern void fasin(_MIPT_ flash,flash); +extern void fcos(_MIPT_ flash,flash); +extern void facos(_MIPT_ flash,flash); +extern void ftanh(_MIPT_ flash,flash); +extern void fatanh(_MIPT_ flash,flash); +extern void fsinh(_MIPT_ flash,flash); +extern void fasinh(_MIPT_ flash,flash); +extern void fcosh(_MIPT_ flash,flash); +extern void facosh(_MIPT_ flash,flash); +#endif + + +/* Test predefined Macros to determine compiler type, and hopefully + selectively use fast in-line assembler (or other compiler specific + optimisations. Note I am unsure of Microsoft version numbers. So I + suspect are Microsoft. + + Note: It seems to be impossible to get the 16-bit Microsoft compiler + to allow inline 32-bit op-codes. So I suspect that INLINE_ASM == 2 will + never work with it. Pity. + +#define INLINE_ASM 1 -> generates 8086 inline assembly +#define INLINE_ASM 2 -> generates mixed 8086 & 80386 inline assembly, + so you can get some benefit while running in a + 16-bit environment on 32-bit hardware (DOS, Windows + 3.1...) +#define INLINE_ASM 3 -> generate true 80386 inline assembly - (Using DOS + extender, Windows '95/Windows NT) + Actually optimised for Pentium + +#define INLINE_ASM 4 -> 80386 code in the GNU style (for (DJGPP) + +Small, medium, compact and large memory models are supported for the +first two of the above. + +*/ + +#ifndef MR_NOASM + +/* Itanium - inline the time-critical functions */ + + #ifdef MR_ITANIUM + #define muldvd(a,b,c,rp) (tm=_m64_xmahu((a),(b),(c)),*(rp)=_m64_xmalu((a),(b),(c)),tm) + #define muldvd2(a,b,c,rp) (tm=_m64_xmalu((a),(b),(*(c))),*(c)=_m64_xmahu((a),(b),(*(c))),tm+=*(rp),*(c)+=(tm<*(rp)),*(rp)=tm) + #endif + + +/* Borland C/Turbo C */ + + #ifdef __TURBOC__ + #ifndef __HUGE__ + #define ASM asm + #if defined(__COMPACT__) || defined(__LARGE__) + #define MR_LMM + #endif + + #if MIRACL==16 + #define INLINE_ASM 1 + #endif + + #if __TURBOC__>=0x410 + #if MIRACL==32 +#if defined(__SMALL__) || defined(__MEDIUM__) || defined(__LARGE__) || defined(__COMPACT__) + #define INLINE_ASM 2 + #else + #define INLINE_ASM 3 + #endif + #endif + #endif + #endif + #endif + +/* Microsoft C */ + + #ifdef _MSC_VER + #ifndef M_I86HM + #define ASM _asm + #if defined(M_I86CM) || defined(M_I86LM) + #define MR_LMM + #endif + #if _MSC_VER>=600 + #if MIRACL==16 + #define INLINE_ASM 1 + #endif + #endif + #if _MSC_VER>=1000 + #if MIRACL==32 + #define INLINE_ASM 3 + #endif + #endif + #endif + #endif + +/* DJGPP GNU C */ + + #ifdef __GNUC__ + #ifdef i386 + #define ASM __asm__ __volatile__ + #if MIRACL==32 + #define INLINE_ASM 4 + #endif + #endif + #endif + +#endif + +/* + The following contribution is from Tielo Jongmans, Netherlands + These inline assembler routines are suitable for Watcom 10.0 and up + + Added into miracl.h. Notice the override of the original declarations + of these routines, which should be removed. + + The following pragma is optional, it is dangerous, but it saves a + calling sequence +*/ + +/* + +#pragma off (check_stack); + +extern unsigned int muldiv(unsigned int, unsigned int, unsigned int, unsigned int, unsigned int *); +#pragma aux muldiv= \ + "mul edx" \ + "add eax,ebx" \ + "adc edx,0" \ + "div ecx" \ + "mov [esi],edx" \ + parm [eax] [edx] [ebx] [ecx] [esi] \ + value [eax] \ + modify [eax edx]; + +extern unsigned int muldvm(unsigned int, unsigned int, unsigned int, unsigned int *); +#pragma aux muldvm= \ + "div ebx" \ + "mov [ecx],edx" \ + parm [edx] [eax] [ebx] [ecx] \ + value [eax] \ + modify [eax edx]; + +extern unsigned int muldvd(unsigned int, unsigned int, unsigned int, unsigned int *); +#pragma aux muldvd= \ + "mul edx" \ + "add eax,ebx" \ + "adc edx,0" \ + "mov [ecx],eax" \ + "mov eax,edx" \ + parm [eax] [edx] [ebx] [ecx] \ + value [eax] \ + modify [eax edx]; + +*/ + + +#endif + + Index: sha_core/trunk/src/mrshs.c =================================================================== --- sha_core/trunk/src/mrshs.c (nonexistent) +++ sha_core/trunk/src/mrshs.c (revision 4) @@ -0,0 +1,157 @@ +/* + * Implementation of the Secure Hashing Standard (SHS) + * specified for use with the NIST Digital Signature Standard (DSS) + * + * Generates a 160 bit message digest. It should be impossible to come + * come up with two messages that hash to the same value ("collision free"). + * + * For use with byte-oriented messages only. Could/Should be speeded + * up by unwinding loops in shs_transform(), and assembly patches. + */ + +#include +#include "miracl.h" + /* for definition of mr_unsign32 & prototypes */ +#define FIX + +/* Include this #define in order to implement the + rather mysterious 'fix' to SHS + + With this definition in, SHA-1 is implemented + Without this definition, SHA-0 is implemented +*/ + + +#define H0 0x67452301L +#define H1 0xefcdab89L +#define H2 0x98badcfeL +#define H3 0x10325476L +#define H4 0xc3d2e1f0L + +#define K0 0x5a827999L +#define K1 0x6ed9eba1L +#define K2 0x8f1bbcdcL +#define K3 0xca62c1d6L + +#define PAD 0x80 +#define ZERO 0 + +/* functions */ + +#define S(n,x) (((x)<>(32-n))) + +#define F0(x,y,z) (z^(x&(y^z))) +#define F1(x,y,z) (x^y^z) +#define F2(x,y,z) ((x&y) | (z&(x|y))) +#define F3(x,y,z) (x^y^z) + +static void shs_transform(sha *sh) +{ /* basic transformation step */ + mr_unsign32 a,b,c,d,e,temp; + int t; +#ifdef FIX + for (t=16;t<80;t++) sh->w[t]=S(1,sh->w[t-3]^sh->w[t-8]^sh->w[t-14]^sh->w[t-16]); +#else + for (t=16;t<80;t++) sh->w[t]=sh->w[t-3]^sh->w[t-8]^sh->w[t-14]^sh->w[t-16]; +#endif + a=sh->h[0]; b=sh->h[1]; c=sh->h[2]; d=sh->h[3]; e=sh->h[4]; + for (t=0;t<20;t++) + { /* 20 times - mush it up */ + temp=K0+F0(b,c,d)+S(5,a)+e+sh->w[t]; + e=d; d=c; + c=S(30,b); + b=a; a=temp; + } + for (t=20;t<40;t++) + { /* 20 more times - mush it up */ + temp=K1+F1(b,c,d)+S(5,a)+e+sh->w[t]; + e=d; d=c; + c=S(30,b); + b=a; a=temp; + } + for (t=40;t<60;t++) + { /* 20 more times - mush it up */ + temp=K2+F2(b,c,d)+S(5,a)+e+sh->w[t]; + e=d; d=c; + c=S(30,b); + b=a; a=temp; + } + for (t=60;t<80;t++) + { /* 20 more times - mush it up */ + temp=K3+F3(b,c,d)+S(5,a)+e+sh->w[t]; + e=d; d=c; + c=S(30,b); + b=a; a=temp; + } + sh->h[0]+=a; sh->h[1]+=b; sh->h[2]+=c; + sh->h[3]+=d; sh->h[4]+=e; +} + +void shs_init(sha *sh) +{ /* re-initialise */ + int i; + for (i=0;i<80;i++) sh->w[i]=0L; + sh->length[0]=sh->length[1]=0L; + sh->h[0]=H0; + sh->h[1]=H1; + sh->h[2]=H2; + sh->h[3]=H3; + sh->h[4]=H4; +} + +void shs_process(sha *sh,int byte) +{ /* process the next message byte */ + int cnt; + + cnt=(int)((sh->length[0]/32)%16); + + sh->w[cnt]<<=8; + sh->w[cnt]|=(mr_unsign32)(byte&0xFF); + + sh->length[0]+=8; + if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } + if ((sh->length[0]%512)==0) shs_transform(sh); +} + +void shs_hash(sha *sh,char hash[20]) +{ /* pad message and finish - supply digest */ + int i; + mr_unsign32 len0,len1; + len0=sh->length[0]; + len1=sh->length[1]; + shs_process(sh,PAD); + while ((sh->length[0]%512)!=448) shs_process(sh,ZERO); + sh->w[14]=len1; + sh->w[15]=len0; + shs_transform(sh); + for (i=0;i<20;i++) + { /* convert to bytes */ + hash[i]=((sh->h[i/4]>>(8*(3-i%4))) & 0xffL); + } + shs_init(sh); +} + +/* test program: should produce digest + + 84983e44 1c3bd26e baae4aa1 f95129e5 e54670f1 + +#include +#include "miracl.h" + +char test[]="abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; + +int main() +{ + char hash[20]; + int i; + sha sh; + shs_init(&sh); + for (i=0;test[i]!=0;i++) shs_process(&sh,test[i]); + shs_hash(&sh,hash); + for (i=0;i<20;i++) printf("%02x",(unsigned char)hash[i]); + printf("\n"); + return 0; +} + +*/ + Index: sha_core/trunk/sim/sha512.do =================================================================== --- sha_core/trunk/sim/sha512.do (nonexistent) +++ sha_core/trunk/sim/sha512.do (revision 4) @@ -0,0 +1,62 @@ +#--------------------------------------------------------------------- +# Project name : SHA-512/384 +# Project description : Secure Hash Algorithm (SHA-512/384) +# +# File name : sha512.do +# +# Design Engineer : marsgod +# Quality Engineer : marsgod +# Version : 1.0 +# Last modification : 2004-05-10 +#--------------------------------------------------------------------- + +transcript off +# ------------------------------------------------------------------- # +# Directories location +# ------------------------------------------------------------------- # + +set source_dir rtl +set tb_dir bench +set work_dir sim/modelsim_lib + +# ------------------------------------------------------------------- # +# Maping destination directory for core of model +# ------------------------------------------------------------------- # + +vlib $work_dir +vmap SHA_LIB $work_dir +transcript on + + +# ------------------------------------------------------------------- # +# Compiling components of core +# ------------------------------------------------------------------- # + +transcript off +vlog -work SHA_LIB +incdir+$source_dir $source_dir/sha512.v + + +# ------------------------------------------------------------------- # +# Compiling Test Bench +# ------------------------------------------------------------------- # + +vlog -work SHA_LIB $tb_dir/test_sha512.v + +transcript on + + +# ------------------------------------------------------------------- # +# Loading the Test Bench +# ------------------------------------------------------------------- # + +transcript off +vsim +nowarnTFMPC +nowarnTSCALE -t ns -lib SHA_LIB test_sha + +transcript on + + +transcript on + +do wave.do + +run 1ms Index: sha_core/trunk/sim/sha256.do =================================================================== --- sha_core/trunk/sim/sha256.do (nonexistent) +++ sha_core/trunk/sim/sha256.do (revision 4) @@ -0,0 +1,62 @@ +#--------------------------------------------------------------------- +# Project name : SHA-256 +# Project description : Secure Hash Algorithm (SHA-256) +# +# File name : sha256.do +# +# Design Engineer : marsgod +# Quality Engineer : marsgod +# Version : 1.0 +# Last modification : 2004-05-10 +#--------------------------------------------------------------------- + +transcript off +# ------------------------------------------------------------------- # +# Directories location +# ------------------------------------------------------------------- # + +set source_dir rtl +set tb_dir bench +set work_dir sim/modelsim_lib + +# ------------------------------------------------------------------- # +# Maping destination directory for core of model +# ------------------------------------------------------------------- # + +vlib $work_dir +vmap SHA_LIB $work_dir +transcript on + + +# ------------------------------------------------------------------- # +# Compiling components of core +# ------------------------------------------------------------------- # + +transcript off +vlog -work SHA_LIB +incdir+$source_dir $source_dir/sha256.v + + +# ------------------------------------------------------------------- # +# Compiling Test Bench +# ------------------------------------------------------------------- # + +vlog -work SHA_LIB $tb_dir/test_sha256.v + +transcript on + + +# ------------------------------------------------------------------- # +# Loading the Test Bench +# ------------------------------------------------------------------- # + +transcript off +vsim +nowarnTFMPC +nowarnTSCALE -t ns -lib SHA_LIB test_sha + +transcript on + + +transcript on + +do wave.do + +run 1ms Index: sha_core/trunk/sim/sha1.do =================================================================== --- sha_core/trunk/sim/sha1.do (nonexistent) +++ sha_core/trunk/sim/sha1.do (revision 4) @@ -0,0 +1,62 @@ +#--------------------------------------------------------------------- +# Project name : SHA-160 +# Project description : Secure Hash Algorithm (SHA-160) +# +# File name : sha1.do +# +# Design Engineer : marsgod +# Quality Engineer : marsgod +# Version : 1.0 +# Last modification : 2004-05-10 +#--------------------------------------------------------------------- + +transcript off +# ------------------------------------------------------------------- # +# Directories location +# ------------------------------------------------------------------- # + +set source_dir rtl +set tb_dir bench +set work_dir sim/modelsim_lib + +# ------------------------------------------------------------------- # +# Maping destination directory for core of model +# ------------------------------------------------------------------- # + +vlib $work_dir +vmap SHA_LIB $work_dir +transcript on + + +# ------------------------------------------------------------------- # +# Compiling components of core +# ------------------------------------------------------------------- # + +transcript off +vlog -work SHA_LIB +incdir+$source_dir $source_dir/sha1.v + + +# ------------------------------------------------------------------- # +# Compiling Test Bench +# ------------------------------------------------------------------- # + +vlog -work SHA_LIB $tb_dir/test_sha1.v + +transcript on + + +# ------------------------------------------------------------------- # +# Loading the Test Bench +# ------------------------------------------------------------------- # + +transcript off +vsim +nowarnTFMPC +nowarnTSCALE -t ns -lib SHA_LIB test_sha + +transcript on + + +transcript on + +do wave.do + +run 1ms Index: sha_core/trunk =================================================================== --- sha_core/trunk (nonexistent) +++ sha_core/trunk (revision 4)
sha_core/trunk Property changes : Added: svn:mergeinfo ## -0,0 +0,0 ## Index: sha_core/web_uploads =================================================================== --- sha_core/web_uploads (nonexistent) +++ sha_core/web_uploads (revision 4)
sha_core/web_uploads Property changes : Added: svn:mergeinfo ## -0,0 +0,0 ## Index: sha_core/branches =================================================================== --- sha_core/branches (nonexistent) +++ sha_core/branches (revision 4)
sha_core/branches Property changes : Added: svn:mergeinfo ## -0,0 +0,0 ## Index: sha_core/tags/arelease/bench/test_sha1.v =================================================================== --- sha_core/tags/arelease/bench/test_sha1.v (nonexistent) +++ sha_core/tags/arelease/bench/test_sha1.v (revision 4) @@ -0,0 +1,195 @@ +///////////////////////////////////////////////////////////////////// +//// //// +//// SHA-160 //// +//// Secure Hash Algorithm (SHA-160) testbench //// +//// //// +//// Author: marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// +//// //// +///////////////////////////////////////////////////////////////////// +//// //// +//// Copyright (C) 2002-2004 marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// This source file may be used and distributed without //// +//// restriction provided that this copyright statement is not //// +//// removed from the file and that any derivative work contains //// +//// the original copyright notice and the associated disclaimer.//// +//// //// +//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// +//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// +//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// +//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// +//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// +//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// +//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// +//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// +//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// +//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// +//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// +//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// +//// POSSIBILITY OF SUCH DAMAGE. //// +//// //// +///////////////////////////////////////////////////////////////////// + + +`timescale 1ns/10ps + +`define SHA1_TEST "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +`define SHA1_TEST_PADDING {1'b1,63'b0,448'b0,64'd448} // 448 bit +`define SHA1_TEST_RESULT 160'h84983e44_1c3bd26e_baae4aa1_f95129e5_e54670f1 + +module test_sha; + +reg clk,rst,cmd_w_i; +reg [31:0] text_i; + +reg [2:0] cmd_i; + +wire [31:0] text_o; +wire [3:0] cmd_o; + +initial +begin +// $sdf_annotate("syn/data/sha1.sdf",sha_core); + + clk = 1'b0; + rst = 1'b0; + cmd_w_i = 1'b0; + cmd_i = 3'b0; + + #21; + rst = 1'b1; + #17; + rst = 1'b0; + + test_SHA1; + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + $finish; +end + + +always #5 clk = ~clk; + +sha1 sha_core( + .clk_i(clk), + .rst_i(rst), + .text_i(text_i), + .text_o(text_o), + .cmd_i(cmd_i), + .cmd_w_i(cmd_w_i), + .cmd_o(cmd_o) + ); + +task test_SHA1; +integer i; +reg [1023:0] all_message; +reg [511:0] tmp_i; +reg [159:0] tmp_o; +reg [31:0] tmp; +begin + all_message = {`SHA1_TEST,`SHA1_TEST_PADDING}; + tmp_i = all_message[1023:512]; + tmp_o = `SHA1_TEST_RESULT; + + #100; + + + @(posedge clk); + cmd_i = 3'b010; + cmd_w_i = 1'b1; + + for (i=0;i<16;i=i+1) + begin + @(posedge clk); + cmd_w_i = 1'b0; + text_i = tmp_i[16*32-1:15*32]; + tmp_i = tmp_i << 32; + end + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + while (cmd_o[3]) + @(posedge clk); + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + #100; + + + tmp_i = all_message[511:0]; + @(posedge clk); + cmd_i = 3'b110; + cmd_w_i = 1'b1; + + for (i=0;i<16;i=i+1) + begin + @(posedge clk); + cmd_w_i = 1'b0; + text_i = tmp_i[16*32-1:15*32]; + tmp_i = tmp_i << 32; + end + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + while (cmd_o[3]) + @(posedge clk); + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + cmd_i = 6'b001; + cmd_w_i = 1'b1; + + @(posedge clk); + cmd_w_i = 1'b0; + for (i=0;i<5;i=i+1) + begin + @(posedge clk); + #1; + tmp = tmp_o[5*32-1:4*32]; + if (text_o !== tmp | (|text_o)===1'bx) + begin + $display("ERROR(SHA-160-%02d) Expected %x, Got %x", i,tmp, text_o); + end + else + begin + $display("OK(SHA-160-%02d),Expected %x, Got %x", i,tmp, text_o); + end + tmp_o = tmp_o << 32; + end + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + #100; +end +endtask + + +endmodule \ No newline at end of file Index: sha_core/tags/arelease/bench/test_sha512.v =================================================================== --- sha_core/tags/arelease/bench/test_sha512.v (nonexistent) +++ sha_core/tags/arelease/bench/test_sha512.v (revision 4) @@ -0,0 +1,305 @@ +///////////////////////////////////////////////////////////////////// +//// //// +//// SHA-512/384 //// +//// Secure Hash Algorithm (SHA-512/384) testbench //// +//// //// +//// Author: marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// +//// //// +///////////////////////////////////////////////////////////////////// +//// //// +//// Copyright (C) 2002-2004 marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// This source file may be used and distributed without //// +//// restriction provided that this copyright statement is not //// +//// removed from the file and that any derivative work contains //// +//// the original copyright notice and the associated disclaimer.//// +//// //// +//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// +//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// +//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// +//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// +//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// +//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// +//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// +//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// +//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// +//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// +//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// +//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// +//// POSSIBILITY OF SUCH DAMAGE. //// +//// //// +///////////////////////////////////////////////////////////////////// + + +`timescale 1ns/10ps + +`define SHA384_TEST "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +`define SHA384_TEST_PADDING {1'b1,127'b0,896'b0,128'd896} // 896 bit +`define SHA384_TEST_RESULT 384'h09330c33_f71147e8_3d192fc7_82cd1b47_53111b17_3b3b05d2_2fa08086_e3b0f712_fcc7c71a_557e2db9_66c3e9fa_91746039 + +`define SHA512_TEST "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +`define SHA512_TEST_PADDING {1'b1,127'b0,896'b0,128'd896} // 896 bit +`define SHA512_TEST_RESULT 512'h8e959b75_dae313da_8cf4f728_14fc143f_8f7779c6_eb9f7fa1_7299aead_b6889018_501d289e_4900f7e4_331b99de_c4b5433a_c7d329ee_b6dd2654_5e96e55b_874be909 + + +module test_sha; + +reg clk,rst,cmd_w_i; +reg [31:0] text_i; + +reg [3:0] cmd_i; + +wire [31:0] text_o; +wire [4:0] cmd_o; + +initial +begin +// $sdf_annotate("syn/data/sha512.sdf",sha_core); + + clk = 1'b0; + rst = 1'b0; + cmd_w_i = 1'b0; + cmd_i = 4'b0; + + #21; + rst = 1'b1; + #17; + rst = 1'b0; + + test_SHA384; + test_SHA512; + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + $finish; +end + + +always #5 clk = ~clk; + +sha512 sha_core( + .clk_i(clk), + .rst_i(rst), + .text_i(text_i), + .text_o(text_o), + .cmd_i(cmd_i), + .cmd_w_i(cmd_w_i), + .cmd_o(cmd_o) + ); + +task test_SHA384; +integer i; +reg [2047:0] all_message; +reg [1023:0] tmp_i; +reg [383:0] tmp_o; +reg [31:0] tmp; +begin + all_message = {`SHA384_TEST,`SHA384_TEST_PADDING}; + tmp_i = all_message[2047:1024]; + tmp_o = `SHA384_TEST_RESULT; + + #100; + + + @(posedge clk); + cmd_i = 4'b0010; + cmd_w_i = 1'b1; + + for (i=0;i<32;i=i+1) + begin + @(posedge clk); + cmd_w_i = 1'b0; + text_i = tmp_i[32*32-1:31*32]; + tmp_i = tmp_i << 32; + end + + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + while (cmd_o[4]) + @(posedge clk); + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + #100; + + + tmp_i = all_message[1023:0]; + @(posedge clk); + cmd_i = 4'b0110; + cmd_w_i = 1'b1; + + for (i=0;i<32;i=i+1) + begin + @(posedge clk); + cmd_w_i = 1'b0; + text_i = tmp_i[32*32-1:31*32]; + tmp_i = tmp_i << 32; + end + + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + while (cmd_o[4]) + @(posedge clk); + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + cmd_i = 4'b0001; + cmd_w_i = 1'b1; + + @(posedge clk); + cmd_w_i = 1'b0; + for (i=0;i<12;i=i+1) + begin + @(posedge clk); + #1; + tmp = tmp_o[12*32-1:11*32]; + if (text_o !== tmp | (|text_o)===1'bx) + begin + $display("ERROR(SHA-384-%02d) Expected %x, Got %x", i,tmp, text_o); + end + else + begin + $display("OK(SHA-384-%02d),Expected %x, Got %x", i,tmp, text_o); + end + tmp_o = tmp_o << 32; + end + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + #100; +end +endtask + +task test_SHA512; +integer i; +reg [2047:0] all_message; +reg [1023:0] tmp_i; +reg [511:0] tmp_o; +reg [31:0] tmp; +begin + all_message = {`SHA512_TEST,`SHA512_TEST_PADDING}; + tmp_i = all_message[2047:1024]; + tmp_o = `SHA512_TEST_RESULT; + + #100; + + + @(posedge clk); + cmd_i = 4'b1010; + cmd_w_i = 1'b1; + + for (i=0;i<32;i=i+1) + begin + @(posedge clk); + cmd_w_i = 1'b0; + text_i = tmp_i[32*32-1:31*32]; + tmp_i = tmp_i << 32; + end + + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + while (cmd_o[4]) + @(posedge clk); + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + #100; + + + tmp_i = all_message[1023:0]; + @(posedge clk); + cmd_i = 4'b1110; + cmd_w_i = 1'b1; + + for (i=0;i<32;i=i+1) + begin + @(posedge clk); + cmd_w_i = 1'b0; + text_i = tmp_i[32*32-1:31*32]; + tmp_i = tmp_i << 32; + end + + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + while (cmd_o[4]) + @(posedge clk); + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + cmd_i = 4'b1001; + cmd_w_i = 1'b1; + + @(posedge clk); + cmd_w_i = 1'b0; + for (i=0;i<16;i=i+1) + begin + @(posedge clk); + #1; + tmp = tmp_o[16*32-1:15*32]; + if (text_o !== tmp | (|text_o)===1'bx) + begin + $display("ERROR(SHA-512-%02d) Expected %x, Got %x", i,tmp, text_o); + end + else + begin + $display("OK(SHA-512-%02d),Expected %x, Got %x", i,tmp, text_o); + end + tmp_o = tmp_o << 32; + end + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + #100; +end +endtask + +endmodule \ No newline at end of file Index: sha_core/tags/arelease/bench/test_sha256.v =================================================================== --- sha_core/tags/arelease/bench/test_sha256.v (nonexistent) +++ sha_core/tags/arelease/bench/test_sha256.v (revision 4) @@ -0,0 +1,196 @@ +///////////////////////////////////////////////////////////////////// +//// //// +//// SHA-256 //// +//// Secure Hash Algorithm (SHA-256) testbench //// +//// //// +//// Author: marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// +//// //// +///////////////////////////////////////////////////////////////////// +//// //// +//// Copyright (C) 2002-2004 marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// This source file may be used and distributed without //// +//// restriction provided that this copyright statement is not //// +//// removed from the file and that any derivative work contains //// +//// the original copyright notice and the associated disclaimer.//// +//// //// +//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// +//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// +//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// +//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// +//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// +//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// +//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// +//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// +//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// +//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// +//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// +//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// +//// POSSIBILITY OF SUCH DAMAGE. //// +//// //// +///////////////////////////////////////////////////////////////////// + + +`timescale 1ns/10ps + +`define SHA256_TEST "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +`define SHA256_TEST_PADDING {1'b1,63'b0,448'b0,64'd448} // 448 bit +`define SHA256_TEST_RESULT 256'h248d6a61_d20638b8_e5c02693_0c3e6039_a33ce459_64ff2167_f6ecedd4_19db06c1 + +module test_sha; + +reg clk,rst,cmd_w_i; +reg [31:0] text_i; + +reg [2:0] cmd_i; + +wire [31:0] text_o; +wire [3:0] cmd_o; + +initial +begin +// $sdf_annotate("syn/data/sha256.sdf",sha_core); + + clk = 1'b0; + rst = 1'b0; + cmd_w_i = 1'b0; + cmd_i = 3'b0; + + #21; + rst = 1'b1; + #17; + rst = 1'b0; + + test_SHA256; + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + $finish; +end + + +always #5 clk = ~clk; + +sha256 sha_core( + .clk_i(clk), + .rst_i(rst), + .text_i(text_i), + .text_o(text_o), + .cmd_i(cmd_i), + .cmd_w_i(cmd_w_i), + .cmd_o(cmd_o) + ); + + +task test_SHA256; +integer i; +reg [1023:0] all_message; +reg [511:0] tmp_i; +reg [255:0] tmp_o; +reg [31:0] tmp; +begin + all_message = {`SHA256_TEST,`SHA256_TEST_PADDING}; + tmp_i = all_message[1023:512]; + tmp_o = `SHA256_TEST_RESULT; + + #100; + + + @(posedge clk); + cmd_i = 3'b010; + cmd_w_i = 1'b1; + + for (i=0;i<16;i=i+1) + begin + @(posedge clk); + cmd_w_i = 1'b0; + text_i = tmp_i[16*32-1:15*32]; + tmp_i = tmp_i << 32; + end + + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + while (cmd_o[3]) + @(posedge clk); + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + #100; + + + tmp_i = all_message[511:0]; + @(posedge clk); + cmd_i = 3'b110; + cmd_w_i = 1'b1; + + for (i=0;i<16;i=i+1) + begin + @(posedge clk); + cmd_w_i = 1'b0; + text_i = tmp_i[16*32-1:15*32]; + tmp_i = tmp_i << 32; + end + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + while (cmd_o[3]) + @(posedge clk); + + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + + cmd_i = 3'b001; + cmd_w_i = 1'b1; + + @(posedge clk); + cmd_w_i = 1'b0; + for (i=0;i<8;i=i+1) + begin + @(posedge clk); + #1; + tmp = tmp_o[8*32-1:7*32]; + if (text_o !== tmp | (|text_o)===1'bx) + begin + $display("ERROR(SHA-256-%02d) Expected %x, Got %x", i,tmp, text_o); + end + else + begin + $display("OK(SHA-256-%02d),Expected %x, Got %x", i,tmp, text_o); + end + tmp_o = tmp_o << 32; + end + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + @(posedge clk); + #100; +end +endtask + +endmodule \ No newline at end of file Index: sha_core/tags/arelease/rtl/sha1.v =================================================================== --- sha_core/tags/arelease/rtl/sha1.v (nonexistent) +++ sha_core/tags/arelease/rtl/sha1.v (revision 4) @@ -0,0 +1,594 @@ +///////////////////////////////////////////////////////////////////// +//// //// +//// SHA-160 //// +//// Secure Hash Algorithm (SHA-160) //// +//// //// +//// Author: marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// +//// //// +///////////////////////////////////////////////////////////////////// +//// //// +//// Copyright (C) 2002-2004 marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// This source file may be used and distributed without //// +//// restriction provided that this copyright statement is not //// +//// removed from the file and that any derivative work contains //// +//// the original copyright notice and the associated disclaimer.//// +//// //// +//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// +//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// +//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// +//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// +//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// +//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// +//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// +//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// +//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// +//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// +//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// +//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// +//// POSSIBILITY OF SUCH DAMAGE. //// +//// //// +///////////////////////////////////////////////////////////////////// + +`define SHA1_H0 32'h67452301 +`define SHA1_H1 32'hefcdab89 +`define SHA1_H2 32'h98badcfe +`define SHA1_H3 32'h10325476 +`define SHA1_H4 32'hc3d2e1f0 + +`define SHA1_K0 32'h5a827999 +`define SHA1_K1 32'h6ed9eba1 +`define SHA1_K2 32'h8f1bbcdc +`define SHA1_K3 32'hca62c1d6 + +module sha1 (clk_i, rst_i, text_i, text_o, cmd_i, cmd_w_i, cmd_o); + + input clk_i; // global clock input + input rst_i; // global reset input , active high + + input [31:0] text_i; // text input 32bit + output [31:0] text_o; // text output 32bit + + input [2:0] cmd_i; // command input + input cmd_w_i;// command input write enable + output [3:0] cmd_o; // command output(status) + + /* + cmd + Busy Round W R + + bit3 bit2 bit1 bit0 + Busy Round W R + + Busy: + 0 idle + 1 busy + + Round: + 0 first round + 1 internal round + + W: + 0 No-op + 1 write data + + R: + 0 No-op + 1 read data + + */ + + + reg [3:0] cmd; + wire [3:0] cmd_o; + + reg [31:0] text_o; + + reg [6:0] round; + wire [6:0] round_plus_1; + + reg [2:0] read_counter; + + reg [31:0] H0,H1,H2,H3,H4; + reg [31:0] W0,W1,W2,W3,W4,W5,W6,W7,W8,W9,W10,W11,W12,W13,W14; + reg [31:0] Wt,Kt; + reg [31:0] A,B,C,D,E; + + reg busy; + + assign cmd_o = cmd; + always @ (posedge clk_i) + begin + if (rst_i) + cmd <= 'b0; + else + if (cmd_w_i) + cmd[2:0] <= cmd_i[2:0]; // busy bit can't write + else + begin + cmd[3] <= busy; // update busy bit + if (~busy) + cmd[1:0] <= 2'b00; // hardware auto clean R/W bits + end + end + + // Hash functions + wire [31:0] SHA1_f1_BCD,SHA1_f2_BCD,SHA1_f3_BCD,SHA1_Wt_1; + wire [31:0] SHA1_ft_BCD; + wire [31:0] next_Wt,next_A,next_C; + wire [159:0] SHA1_result; + + assign SHA1_f1_BCD = (B & C) ^ (~B & D); + assign SHA1_f2_BCD = B ^ C ^ D; + assign SHA1_f3_BCD = (B & C) ^ (C & D) ^ (B & D); + + assign SHA1_ft_BCD = (round < 'd21) ? SHA1_f1_BCD : (round < 'd41) ? SHA1_f2_BCD : (round < 'd61) ? SHA1_f3_BCD : SHA1_f2_BCD; + + assign SHA1_Wt_1 = {W13 ^ W8 ^ W2 ^ W0}; + + assign next_Wt = {SHA1_Wt_1[30:0],SHA1_Wt_1[31]}; // NSA fix added + assign next_A = {A[26:0],A[31:27]} + SHA1_ft_BCD + E + Kt + Wt; + assign next_C = {B[1:0],B[31:2]}; + + assign SHA1_result = {A,B,C,D,E}; + + assign round_plus_1 = round + 1; + + //------------------------------------------------------------------ + // SHA round + //------------------------------------------------------------------ + always @(posedge clk_i) + begin + if (rst_i) + begin + round <= 'd0; + busy <= 'b0; + + W0 <= 'b0; + W1 <= 'b0; + W2 <= 'b0; + W3 <= 'b0; + W4 <= 'b0; + W5 <= 'b0; + W6 <= 'b0; + W7 <= 'b0; + W8 <= 'b0; + W9 <= 'b0; + W10 <= 'b0; + W11 <= 'b0; + W12 <= 'b0; + W13 <= 'b0; + W14 <= 'b0; + Wt <= 'b0; + + A <= 'b0; + B <= 'b0; + C <= 'b0; + D <= 'b0; + E <= 'b0; + + H0 <= 'b0; + H1 <= 'b0; + H2 <= 'b0; + H3 <= 'b0; + H4 <= 'b0; + + end + else + begin + case (round) + + 'd0: + begin + if (cmd[1]) + begin + W0 <= text_i; + Wt <= text_i; + busy <= 'b1; + round <= round_plus_1; + + case (cmd[2]) + 1'b0: // sha-1 first message + begin + A <= `SHA1_H0; + B <= `SHA1_H1; + C <= `SHA1_H2; + D <= `SHA1_H3; + E <= `SHA1_H4; + + H0 <= `SHA1_H0; + H1 <= `SHA1_H1; + H2 <= `SHA1_H2; + H3 <= `SHA1_H3; + H4 <= `SHA1_H4; + end + 1'b1: // sha-1 internal message + begin + H0 <= A; + H1 <= B; + H2 <= C; + H3 <= D; + H4 <= E; + end + endcase + end + else + begin // IDLE + round <= 'd0; + end + end + 'd1: + begin + W1 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd2: + begin + W2 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd3: + begin + W3 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd4: + begin + W4 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd5: + begin + W5 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd6: + begin + W6 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd7: + begin + W7 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd8: + begin + W8 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd9: + begin + W9 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd10: + begin + W10 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd11: + begin + W11 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd12: + begin + W12 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd13: + begin + W13 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd14: + begin + W14 <= text_i; + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd15: + begin + Wt <= text_i; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd16, + 'd17, + 'd18, + 'd19, + 'd20, + 'd21, + 'd22, + 'd23, + 'd24, + 'd25, + 'd26, + 'd27, + 'd28, + 'd29, + 'd30, + 'd31, + 'd32, + 'd33, + 'd34, + 'd35, + 'd36, + 'd37, + 'd38, + 'd39, + 'd40, + 'd41, + 'd42, + 'd43, + 'd44, + 'd45, + 'd46, + 'd47, + 'd48, + 'd49, + 'd50, + 'd51, + 'd52, + 'd53, + 'd54, + 'd55, + 'd56, + 'd57, + 'd58, + 'd59, + 'd60, + 'd61, + 'd62, + 'd63, + 'd64, + 'd65, + 'd66, + 'd67, + 'd68, + 'd69, + 'd70, + 'd71, + 'd72, + 'd73, + 'd74, + 'd75, + 'd76, + 'd77, + 'd78, + 'd79: + begin + W0 <= W1; + W1 <= W2; + W2 <= W3; + W3 <= W4; + W4 <= W5; + W5 <= W6; + W6 <= W7; + W7 <= W8; + W8 <= W9; + W9 <= W10; + W10 <= W11; + W11 <= W12; + W12 <= W13; + W13 <= W14; + W14 <= Wt; + Wt <= next_Wt; + + E <= D; + D <= C; + C <= next_C; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd80: + begin + A <= next_A + H0; + B <= A + H1; + C <= next_C + H2; + D <= C + H3; + E <= D + H4; + round <= 'd0; + busy <= 'b0; + end + default: + begin + round <= 'd0; + busy <= 'b0; + end + endcase + end + end + + + //------------------------------------------------------------------ + // Kt generator + //------------------------------------------------------------------ + always @ (posedge clk_i) + begin + if (rst_i) + begin + Kt <= 'b0; + end + else + begin + if (round < 'd20) + Kt <= `SHA1_K0; + else + if (round < 'd40) + Kt <= `SHA1_K1; + else + if (round < 'd60) + Kt <= `SHA1_K2; + else + Kt <= `SHA1_K3; + end + end + + //------------------------------------------------------------------ + // read result + //------------------------------------------------------------------ + always @ (posedge clk_i) + begin + if (rst_i) + begin + text_o <= 'b0; + read_counter <= 'b0; + end + else + begin + if (cmd[0]) + begin + read_counter <= 'd4; // sha-1 160/32=5 + end + else + begin + if (~busy) + begin + case (read_counter) + 'd4: text_o <= SHA1_result[5*32-1:4*32]; + 'd3: text_o <= SHA1_result[4*32-1:3*32]; + 'd2: text_o <= SHA1_result[3*32-1:2*32]; + 'd1: text_o <= SHA1_result[2*32-1:1*32]; + 'd0: text_o <= SHA1_result[1*32-1:0*32]; + default:text_o <= 'b0; + endcase + if (|read_counter) + read_counter <= read_counter - 'd1; + end + else + begin + text_o <= 'b0; + end + end + end + end + +endmodule + \ No newline at end of file Index: sha_core/tags/arelease/rtl/sha512.v =================================================================== --- sha_core/tags/arelease/rtl/sha512.v (nonexistent) +++ sha_core/tags/arelease/rtl/sha512.v (revision 4) @@ -0,0 +1,1017 @@ +///////////////////////////////////////////////////////////////////// +//// //// +//// SHA-512/384 //// +//// Secure Hash Algorithm (SHA-512 SHA-384) //// +//// //// +//// Author: marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// +//// //// +///////////////////////////////////////////////////////////////////// +//// //// +//// Copyright (C) 2000-2002 marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// This source file may be used and distributed without //// +//// restriction provided that this copyright statement is not //// +//// removed from the file and that any derivative work contains //// +//// the original copyright notice and the associated disclaimer.//// +//// //// +//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// +//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// +//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// +//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// +//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// +//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// +//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// +//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// +//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// +//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// +//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// +//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// +//// POSSIBILITY OF SUCH DAMAGE. //// +//// //// +///////////////////////////////////////////////////////////////////// + +`define SHA512_H0 64'h6a09e667_f3bcc908 +`define SHA512_H1 64'hbb67ae85_84caa73b +`define SHA512_H2 64'h3c6ef372_fe94f82b +`define SHA512_H3 64'ha54ff53a_5f1d36f1 +`define SHA512_H4 64'h510e527f_ade682d1 +`define SHA512_H5 64'h9b05688c_2b3e6c1f +`define SHA512_H6 64'h1f83d9ab_fb41bd6b +`define SHA512_H7 64'h5be0cd19_137e2179 + +`define SHA384_H0 64'hcbbb9d5d_c1059ed8 +`define SHA384_H1 64'h629a292a_367cd507 +`define SHA384_H2 64'h9159015a_3070dd17 +`define SHA384_H3 64'h152fecd8_f70e5939 +`define SHA384_H4 64'h67332667_ffc00b31 +`define SHA384_H5 64'h8eb44a87_68581511 +`define SHA384_H6 64'hdb0c2e0d_64f98fa7 +`define SHA384_H7 64'h47b5481d_befa4fa4 + +`define K00 64'h428a2f98_d728ae22 +`define K01 64'h71374491_23ef65cd +`define K02 64'hb5c0fbcf_ec4d3b2f +`define K03 64'he9b5dba5_8189dbbc +`define K04 64'h3956c25b_f348b538 +`define K05 64'h59f111f1_b605d019 +`define K06 64'h923f82a4_af194f9b +`define K07 64'hab1c5ed5_da6d8118 +`define K08 64'hd807aa98_a3030242 +`define K09 64'h12835b01_45706fbe +`define K10 64'h243185be_4ee4b28c +`define K11 64'h550c7dc3_d5ffb4e2 +`define K12 64'h72be5d74_f27b896f +`define K13 64'h80deb1fe_3b1696b1 +`define K14 64'h9bdc06a7_25c71235 +`define K15 64'hc19bf174_cf692694 +`define K16 64'he49b69c1_9ef14ad2 +`define K17 64'hefbe4786_384f25e3 +`define K18 64'h0fc19dc6_8b8cd5b5 +`define K19 64'h240ca1cc_77ac9c65 +`define K20 64'h2de92c6f_592b0275 +`define K21 64'h4a7484aa_6ea6e483 +`define K22 64'h5cb0a9dc_bd41fbd4 +`define K23 64'h76f988da_831153b5 +`define K24 64'h983e5152_ee66dfab +`define K25 64'ha831c66d_2db43210 +`define K26 64'hb00327c8_98fb213f +`define K27 64'hbf597fc7_beef0ee4 +`define K28 64'hc6e00bf3_3da88fc2 +`define K29 64'hd5a79147_930aa725 +`define K30 64'h06ca6351_e003826f +`define K31 64'h14292967_0a0e6e70 +`define K32 64'h27b70a85_46d22ffc +`define K33 64'h2e1b2138_5c26c926 +`define K34 64'h4d2c6dfc_5ac42aed +`define K35 64'h53380d13_9d95b3df +`define K36 64'h650a7354_8baf63de +`define K37 64'h766a0abb_3c77b2a8 +`define K38 64'h81c2c92e_47edaee6 +`define K39 64'h92722c85_1482353b +`define K40 64'ha2bfe8a1_4cf10364 +`define K41 64'ha81a664b_bc423001 +`define K42 64'hc24b8b70_d0f89791 +`define K43 64'hc76c51a3_0654be30 +`define K44 64'hd192e819_d6ef5218 +`define K45 64'hd6990624_5565a910 +`define K46 64'hf40e3585_5771202a +`define K47 64'h106aa070_32bbd1b8 +`define K48 64'h19a4c116_b8d2d0c8 +`define K49 64'h1e376c08_5141ab53 +`define K50 64'h2748774c_df8eeb99 +`define K51 64'h34b0bcb5_e19b48a8 +`define K52 64'h391c0cb3_c5c95a63 +`define K53 64'h4ed8aa4a_e3418acb +`define K54 64'h5b9cca4f_7763e373 +`define K55 64'h682e6ff3_d6b2b8a3 +`define K56 64'h748f82ee_5defb2fc +`define K57 64'h78a5636f_43172f60 +`define K58 64'h84c87814_a1f0ab72 +`define K59 64'h8cc70208_1a6439ec +`define K60 64'h90befffa_23631e28 +`define K61 64'ha4506ceb_de82bde9 +`define K62 64'hbef9a3f7_b2c67915 +`define K63 64'hc67178f2_e372532b +`define K64 64'hca273ece_ea26619c +`define K65 64'hd186b8c7_21c0c207 +`define K66 64'heada7dd6_cde0eb1e +`define K67 64'hf57d4f7f_ee6ed178 +`define K68 64'h06f067aa_72176fba +`define K69 64'h0a637dc5_a2c898a6 +`define K70 64'h113f9804_bef90dae +`define K71 64'h1b710b35_131c471b +`define K72 64'h28db77f5_23047d84 +`define K73 64'h32caab7b_40c72493 +`define K74 64'h3c9ebe0a_15c9bebc +`define K75 64'h431d67c4_9c100d4c +`define K76 64'h4cc5d4be_cb3e42b6 +`define K77 64'h597f299c_fc657e2a +`define K78 64'h5fcb6fab_3ad6faec +`define K79 64'h6c44198c_4a475817 + +module sha512 (clk_i, rst_i, text_i, text_o, cmd_i, cmd_w_i, cmd_o); + + input clk_i; // global clock input + input rst_i; // global reset input , active high + + input [31:0] text_i; // text input 32bit + output [31:0] text_o; // text output 32bit + + input [3:0] cmd_i; // command input + input cmd_w_i;// command input write enable + output [4:0] cmd_o; // command output(status) + + /* + cmd + Busy S1 S0 Round W R + + bit4 bit3 bit2 bit1 bit0 + Busy S Round W R + + Busy: + 0 idle + 1 busy + + S: + 0 sha-384 + 1 sha-512 + + Round: + 0 first round + 1 internal round + + W: + 0 No-op + 1 write data + + R: + 0 No-op + 1 read data + + */ + + + reg [4:0] cmd; + wire [4:0] cmd_o; + + reg [31:0] text_o; + + reg [6:0] round; + wire [6:0] round_plus_1; + + reg [4:0] read_counter; + + reg [63:0] H0,H1,H2,H3,H4,H5,H6,H7; + reg [63:0] W0,W1,W2,W3,W4,W5,W6,W7,W8,W9,W10,W11,W12,W13,W14; + reg [63:0] Wt,Kt; + reg [63:0] A,B,C,D,E,F,G,H; + + reg busy; + + assign cmd_o = cmd; + always @ (posedge clk_i) + begin + if (rst_i) + cmd <= 'b0; + else + if (cmd_w_i) + cmd[3:0] <= cmd_i[3:0]; // busy bit can't write + else + begin + cmd[4] <= busy; // update busy bit + if (~busy) + cmd[1:0] <= 2'b00; // hardware auto clean R/W bits + end + end + + wire [63:0] f1_EFG_64,f2_ABC_64,f3_A_64,f4_E_64,f5_W1_64,f6_W14_64,T1_64,T2_64; + wire [63:0] W1_swap,W14_swap,Wt_64_swap; + wire [63:0] next_Wt,next_E,next_A; + wire [383:0] SHA384_result; + wire [511:0] SHA512_result; + + assign f1_EFG_64 = (E & F) ^ (~E & G); + + assign f2_ABC_64 = (A & B) ^ (B & C) ^ (A & C); + + assign f3_A_64 = {A[27:0],A[63:28]} ^ {A[33:0],A[63:34]} ^ {A[38:0],A[63:39]}; + + assign f4_E_64 = {E[13:0],E[63:14]} ^ {E[17:0],E[63:18]} ^ {E[40:0],E[63:41]}; + + assign W1_swap = {W1[31:0],W1[63:32]}; + assign f5_W1_64 = {W1_swap[0],W1_swap[63:1]} ^ {W1_swap[7:0],W1_swap[63:8]} ^ {7'b000_0000,W1_swap[63:7]}; + + assign W14_swap = {W14[31:0],W14[63:32]}; + assign f6_W14_64 = {W14_swap[18:0],W14_swap[63:19]} ^ {W14_swap[60:0],W14_swap[63:61]} ^ {6'b00_0000,W14_swap[63:6]}; + + assign Wt_64_swap = f6_W14_64 + {W9[31:0],W9[63:32]} + f5_W1_64 + {W0[31:0],W0[63:32]}; + + assign T1_64 = H[63:0] + f4_E_64 + f1_EFG_64 + Kt[63:0] + {Wt[31:0],Wt[63:32]}; + + assign T2_64 = f3_A_64 + f2_ABC_64; + + assign next_Wt = {Wt_64_swap[31:0],Wt_64_swap[63:32]}; + assign next_E = D[63:0] + T1_64; + assign next_A = T1_64 + T2_64; + + + assign SHA384_result = {A,B,C,D,E,F}; + assign SHA512_result = {A,B,C,D,E,F,G,H}; + + assign round_plus_1 = round + 1; + + //------------------------------------------------------------------ + // SHA round + //------------------------------------------------------------------ + always @(posedge clk_i) + begin + if (rst_i) + begin + round <= 'd0; + busy <= 'b0; + + W0 <= 'b0; + W1 <= 'b0; + W2 <= 'b0; + W3 <= 'b0; + W4 <= 'b0; + W5 <= 'b0; + W6 <= 'b0; + W7 <= 'b0; + W8 <= 'b0; + W9 <= 'b0; + W10 <= 'b0; + W11 <= 'b0; + W12 <= 'b0; + W13 <= 'b0; + W14 <= 'b0; + Wt <= 'b0; + + A <= 'b0; + B <= 'b0; + C <= 'b0; + D <= 'b0; + E <= 'b0; + F <= 'b0; + G <= 'b0; + H <= 'b0; + + H0 <= 'b0; + H1 <= 'b0; + H2 <= 'b0; + H3 <= 'b0; + H4 <= 'b0; + H5 <= 'b0; + H6 <= 'b0; + H7 <= 'b0; + end + else + begin + case (round) + + 'd0: + begin + if (cmd[1]) + begin + W0[31:0] <= text_i; + Wt[31:0] <= text_i; + busy <= 'b1; + round <= round_plus_1; + + case (cmd[3:2]) + 2'b00: // sha-384 first message + begin + A <= `SHA384_H0; + B <= `SHA384_H1; + C <= `SHA384_H2; + D <= `SHA384_H3; + E <= `SHA384_H4; + F <= `SHA384_H5; + G <= `SHA384_H6; + H <= `SHA384_H7; + + H0 <= `SHA384_H0; + H1 <= `SHA384_H1; + H2 <= `SHA384_H2; + H3 <= `SHA384_H3; + H4 <= `SHA384_H4; + H5 <= `SHA384_H5; + H6 <= `SHA384_H6; + H7 <= `SHA384_H7; + end + 2'b01: // sha-384 internal message + begin + H0 <= A; + H1 <= B; + H2 <= C; + H3 <= D; + H4 <= E; + H5 <= F; + H6 <= G; + H7 <= H; + end + 2'b10: // sha-512 first message + begin + A <= `SHA512_H0; + B <= `SHA512_H1; + C <= `SHA512_H2; + D <= `SHA512_H3; + E <= `SHA512_H4; + F <= `SHA512_H5; + G <= `SHA512_H6; + H <= `SHA512_H7; + + H0 <= `SHA512_H0; + H1 <= `SHA512_H1; + H2 <= `SHA512_H2; + H3 <= `SHA512_H3; + H4 <= `SHA512_H4; + H5 <= `SHA512_H5; + H6 <= `SHA512_H6; + H7 <= `SHA512_H7; + end + 2'b11: // sha-512 internal message + begin + H0 <= A; + H1 <= B; + H2 <= C; + H3 <= D; + H4 <= E; + H5 <= F; + H6 <= G; + H7 <= H; + end + endcase + end + else + begin // IDLE + round <= 'd0; + end + end + 'd1: + begin + W0[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd2: + begin + W1[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd3: + begin + W1[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd4: + begin + W2[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd5: + begin + W2[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd6: + begin + W3[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd7: + begin + W3[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd8: + begin + W4[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd9: + begin + W4[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd10: + begin + W5[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd11: + begin + W5[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd12: + begin + W6[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd13: + begin + W6[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd14: + begin + W7[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd15: + begin + W7[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd16: + begin + W8[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd17: + begin + W8[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd18: + begin + W9[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd19: + begin + W9[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd20: + begin + W10[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd21: + begin + W10[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd22: + begin + W11[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd23: + begin + W11[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd24: + begin + W12[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd25: + begin + W12[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd26: + begin + W13[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd27: + begin + W13[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd28: + begin + W14[31:0] <= text_i; + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd29: + begin + W14[63:32] <= text_i; + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd30: + begin + Wt[31:0] <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd31: + begin + Wt[63:32] <= text_i; + round <= round_plus_1; + end + 'd32, + 'd33, + 'd34, + 'd35, + 'd36, + 'd37, + 'd38, + 'd39, + 'd40, + 'd41, + 'd42, + 'd43, + 'd44, + 'd45, + 'd46, + 'd47, + 'd48, + 'd49, + 'd50, + 'd51, + 'd52, + 'd53, + 'd54, + 'd55, + 'd56, + 'd57, + 'd58, + 'd59, + 'd60, + 'd61, + 'd62, + 'd63, + 'd64, + 'd65, + 'd66, + 'd67, + 'd68, + 'd69, + 'd70, + 'd71, + 'd72, + 'd73, + 'd74, + 'd75, + 'd76, + 'd77, + 'd78, + 'd79, + 'd80, + 'd81, + 'd82, + 'd83, + 'd84, + 'd85, + 'd86, + 'd87, + 'd88, + 'd89, + 'd90, + 'd91, + 'd92, + 'd93, + 'd94, + 'd95: + begin + W0 <= W1; + W1 <= W2; + W2 <= W3; + W3 <= W4; + W4 <= W5; + W5 <= W6; + W6 <= W7; + W7 <= W8; + W8 <= W9; + W9 <= W10; + W10 <= W11; + W11 <= W12; + W12 <= W13; + W13 <= W14; + W14 <= Wt; + Wt <= next_Wt; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd96: + begin + A <= next_A + H0; + B <= A + H1; + C <= B + H2; + D <= C + H3; + E <= next_E + H4; + F <= E + H5; + G <= F + H6; + H <= G + H7; + round <= 'd0; + busy <= 'b0; + end + default: + begin + round <= 'd0; + busy <= 'b0; + end + endcase + end + end + + + //------------------------------------------------------------------ + // Kt generator + //------------------------------------------------------------------ + always @ (posedge clk_i) + begin + if (rst_i) + begin + Kt <= 'b0; + end + else + begin + case (round) + 'd00: Kt <= `K00; + 'd01: Kt <= `K00; + 'd02: Kt <= `K01; + 'd03: Kt <= `K01; + 'd04: Kt <= `K02; + 'd05: Kt <= `K02; + 'd06: Kt <= `K03; + 'd07: Kt <= `K03; + 'd08: Kt <= `K04; + 'd09: Kt <= `K04; + 'd10: Kt <= `K05; + 'd11: Kt <= `K05; + 'd12: Kt <= `K06; + 'd13: Kt <= `K06; + 'd14: Kt <= `K07; + 'd15: Kt <= `K07; + 'd16: Kt <= `K08; + 'd17: Kt <= `K08; + 'd18: Kt <= `K09; + 'd19: Kt <= `K09; + 'd20: Kt <= `K10; + 'd21: Kt <= `K10; + 'd22: Kt <= `K11; + 'd23: Kt <= `K11; + 'd24: Kt <= `K12; + 'd25: Kt <= `K12; + 'd26: Kt <= `K13; + 'd27: Kt <= `K13; + 'd28: Kt <= `K14; + 'd29: Kt <= `K14; + 'd30: Kt <= `K15; + 'd31: Kt <= `K15; + 'd32: Kt <= `K16; + 'd33: Kt <= `K17; + 'd34: Kt <= `K18; + 'd35: Kt <= `K19; + 'd36: Kt <= `K20; + 'd37: Kt <= `K21; + 'd38: Kt <= `K22; + 'd39: Kt <= `K23; + 'd40: Kt <= `K24; + 'd41: Kt <= `K25; + 'd42: Kt <= `K26; + 'd43: Kt <= `K27; + 'd44: Kt <= `K28; + 'd45: Kt <= `K29; + 'd46: Kt <= `K30; + 'd47: Kt <= `K31; + 'd48: Kt <= `K32; + 'd49: Kt <= `K33; + 'd50: Kt <= `K34; + 'd51: Kt <= `K35; + 'd52: Kt <= `K36; + 'd53: Kt <= `K37; + 'd54: Kt <= `K38; + 'd55: Kt <= `K39; + 'd56: Kt <= `K40; + 'd57: Kt <= `K41; + 'd58: Kt <= `K42; + 'd59: Kt <= `K43; + 'd60: Kt <= `K44; + 'd61: Kt <= `K45; + 'd62: Kt <= `K46; + 'd63: Kt <= `K47; + 'd64: Kt <= `K48; + 'd65: Kt <= `K49; + 'd66: Kt <= `K50; + 'd67: Kt <= `K51; + 'd68: Kt <= `K52; + 'd69: Kt <= `K53; + 'd70: Kt <= `K54; + 'd71: Kt <= `K55; + 'd72: Kt <= `K56; + 'd73: Kt <= `K57; + 'd74: Kt <= `K58; + 'd75: Kt <= `K59; + 'd76: Kt <= `K60; + 'd77: Kt <= `K61; + 'd78: Kt <= `K62; + 'd79: Kt <= `K63; + 'd80: Kt <= `K64; + 'd81: Kt <= `K65; + 'd82: Kt <= `K66; + 'd83: Kt <= `K67; + 'd84: Kt <= `K68; + 'd85: Kt <= `K69; + 'd86: Kt <= `K70; + 'd87: Kt <= `K71; + 'd88: Kt <= `K72; + 'd89: Kt <= `K73; + 'd90: Kt <= `K74; + 'd91: Kt <= `K75; + 'd92: Kt <= `K76; + 'd93: Kt <= `K77; + 'd94: Kt <= `K78; + 'd95: Kt <= `K79; + default:Kt <= 'd0; + endcase + end + end + + //------------------------------------------------------------------ + // read result + //------------------------------------------------------------------ + always @ (posedge clk_i) + begin + if (rst_i) + begin + text_o <= 'b0; + read_counter <= 'b0; + end + else + begin + if (cmd[0]) + begin + case (cmd[3]) + 1'b0: read_counter <= 'd11; // sha-384 384/32=12 + 1'b1: read_counter <= 'd15; // sha-512 512/32=16 + endcase + end + else + begin + if (~busy) + begin + case (cmd[3]) + 1'b0: + begin + case (read_counter) + 'd11: text_o <= SHA384_result[12*32-1:11*32]; + 'd10: text_o <= SHA384_result[11*32-1:10*32]; + 'd09: text_o <= SHA384_result[10*32-1:09*32]; + 'd08: text_o <= SHA384_result[09*32-1:08*32]; + 'd07: text_o <= SHA384_result[08*32-1:07*32]; + 'd06: text_o <= SHA384_result[07*32-1:06*32]; + 'd05: text_o <= SHA384_result[06*32-1:05*32]; + 'd04: text_o <= SHA384_result[05*32-1:04*32]; + 'd03: text_o <= SHA384_result[04*32-1:03*32]; + 'd02: text_o <= SHA384_result[03*32-1:02*32]; + 'd01: text_o <= SHA384_result[02*32-1:01*32]; + 'd00: text_o <= SHA384_result[01*32-1:00*32]; + default:text_o <= 'b0; + endcase + end + 1'b1: + begin + case (read_counter) + 'd15: text_o <= SHA512_result[16*32-1:15*32]; + 'd14: text_o <= SHA512_result[15*32-1:14*32]; + 'd13: text_o <= SHA512_result[14*32-1:13*32]; + 'd12: text_o <= SHA512_result[13*32-1:12*32]; + 'd11: text_o <= SHA512_result[12*32-1:11*32]; + 'd10: text_o <= SHA512_result[11*32-1:10*32]; + 'd09: text_o <= SHA512_result[10*32-1:09*32]; + 'd08: text_o <= SHA512_result[09*32-1:08*32]; + 'd07: text_o <= SHA512_result[08*32-1:07*32]; + 'd06: text_o <= SHA512_result[07*32-1:06*32]; + 'd05: text_o <= SHA512_result[06*32-1:05*32]; + 'd04: text_o <= SHA512_result[05*32-1:04*32]; + 'd03: text_o <= SHA512_result[04*32-1:03*32]; + 'd02: text_o <= SHA512_result[03*32-1:02*32]; + 'd01: text_o <= SHA512_result[02*32-1:01*32]; + 'd00: text_o <= SHA512_result[01*32-1:00*32]; + default:text_o <= 'b0; + endcase + end + endcase + if (|read_counter) + read_counter <= read_counter - 'd1; + end + else + begin + text_o <= 'b0; + end + end + end + end + +endmodule + Index: sha_core/tags/arelease/rtl/sha256.v =================================================================== --- sha_core/tags/arelease/rtl/sha256.v (nonexistent) +++ sha_core/tags/arelease/rtl/sha256.v (revision 4) @@ -0,0 +1,774 @@ +///////////////////////////////////////////////////////////////////// +//// //// +//// SHA-256 //// +//// Secure Hash Algorithm (SHA-256) //// +//// //// +//// Author: marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// Downloaded from: http://www.opencores.org/cores/sha_core/ //// +//// //// +///////////////////////////////////////////////////////////////////// +//// //// +//// Copyright (C) 2000-2002 marsgod //// +//// marsgod@opencores.org //// +//// //// +//// //// +//// This source file may be used and distributed without //// +//// restriction provided that this copyright statement is not //// +//// removed from the file and that any derivative work contains //// +//// the original copyright notice and the associated disclaimer.//// +//// //// +//// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// +//// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// +//// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// +//// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// +//// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// +//// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// +//// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// +//// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// +//// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// +//// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// +//// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// +//// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// +//// POSSIBILITY OF SUCH DAMAGE. //// +//// //// +///////////////////////////////////////////////////////////////////// + +`define SHA256_H0 32'h6a09e667 +`define SHA256_H1 32'hbb67ae85 +`define SHA256_H2 32'h3c6ef372 +`define SHA256_H3 32'ha54ff53a +`define SHA256_H4 32'h510e527f +`define SHA256_H5 32'h9b05688c +`define SHA256_H6 32'h1f83d9ab +`define SHA256_H7 32'h5be0cd19 + +`define K00 32'h428a2f98 +`define K01 32'h71374491 +`define K02 32'hb5c0fbcf +`define K03 32'he9b5dba5 +`define K04 32'h3956c25b +`define K05 32'h59f111f1 +`define K06 32'h923f82a4 +`define K07 32'hab1c5ed5 +`define K08 32'hd807aa98 +`define K09 32'h12835b01 +`define K10 32'h243185be +`define K11 32'h550c7dc3 +`define K12 32'h72be5d74 +`define K13 32'h80deb1fe +`define K14 32'h9bdc06a7 +`define K15 32'hc19bf174 +`define K16 32'he49b69c1 +`define K17 32'hefbe4786 +`define K18 32'h0fc19dc6 +`define K19 32'h240ca1cc +`define K20 32'h2de92c6f +`define K21 32'h4a7484aa +`define K22 32'h5cb0a9dc +`define K23 32'h76f988da +`define K24 32'h983e5152 +`define K25 32'ha831c66d +`define K26 32'hb00327c8 +`define K27 32'hbf597fc7 +`define K28 32'hc6e00bf3 +`define K29 32'hd5a79147 +`define K30 32'h06ca6351 +`define K31 32'h14292967 +`define K32 32'h27b70a85 +`define K33 32'h2e1b2138 +`define K34 32'h4d2c6dfc +`define K35 32'h53380d13 +`define K36 32'h650a7354 +`define K37 32'h766a0abb +`define K38 32'h81c2c92e +`define K39 32'h92722c85 +`define K40 32'ha2bfe8a1 +`define K41 32'ha81a664b +`define K42 32'hc24b8b70 +`define K43 32'hc76c51a3 +`define K44 32'hd192e819 +`define K45 32'hd6990624 +`define K46 32'hf40e3585 +`define K47 32'h106aa070 +`define K48 32'h19a4c116 +`define K49 32'h1e376c08 +`define K50 32'h2748774c +`define K51 32'h34b0bcb5 +`define K52 32'h391c0cb3 +`define K53 32'h4ed8aa4a +`define K54 32'h5b9cca4f +`define K55 32'h682e6ff3 +`define K56 32'h748f82ee +`define K57 32'h78a5636f +`define K58 32'h84c87814 +`define K59 32'h8cc70208 +`define K60 32'h90befffa +`define K61 32'ha4506ceb +`define K62 32'hbef9a3f7 +`define K63 32'hc67178f2 + +module sha256 (clk_i, rst_i, text_i, text_o, cmd_i, cmd_w_i, cmd_o); + + input clk_i; // global clock input + input rst_i; // global reset input , active high + + input [31:0] text_i; // text input 32bit + output [31:0] text_o; // text output 32bit + + input [2:0] cmd_i; // command input + input cmd_w_i;// command input write enable + output [3:0] cmd_o; // command output(status) + + /* + cmd + Busy Round W R + + bit3 bit2 bit1 bit0 + Busy Round W R + + Busy: + 0 idle + 1 busy + + Round: + 0 first round + 1 internal round + + W: + 0 No-op + 1 write data + + R: + 0 No-op + 1 read data + + */ + + + reg [3:0] cmd; + wire [3:0] cmd_o; + + reg [31:0] text_o; + + reg [6:0] round; + wire [6:0] round_plus_1; + + reg [2:0] read_counter; + + reg [31:0] H0,H1,H2,H3,H4,H5,H6,H7; + reg [31:0] W0,W1,W2,W3,W4,W5,W6,W7,W8,W9,W10,W11,W12,W13,W14; + reg [31:0] Wt,Kt; + reg [31:0] A,B,C,D,E,F,G,H; + + reg busy; + + assign cmd_o = cmd; + always @ (posedge clk_i) + begin + if (rst_i) + cmd <= 'b0; + else + if (cmd_w_i) + cmd[2:0] <= cmd_i[2:0]; // busy bit can't write + else + begin + cmd[3] <= busy; // update busy bit + if (~busy) + cmd[1:0] <= 2'b00; // hardware auto clean R/W bits + end + end + + wire [31:0] f1_EFG_32,f2_ABC_32,f3_A_32,f4_E_32,f5_W1_32,f6_W14_32,T1_32,T2_32; + wire [31:0] next_Wt,next_E,next_A; + wire [255:0] SHA256_result; + + assign f1_EFG_32 = (E & F) ^ (~E & G); + + assign f2_ABC_32 = (A & B) ^ (B & C) ^ (A & C); + + assign f3_A_32 = {A[1:0],A[31:2]} ^ {A[12:0],A[31:13]} ^ {A[21:0],A[31:22]}; + + assign f4_E_32 = {E[5:0],E[31:6]} ^ {E[10:0],E[31:11]} ^ {E[24:0],E[31:25]}; + + assign f5_W1_32 = {W1[6:0],W1[31:7]} ^ {W1[17:0],W1[31:18]} ^ {3'b000,W1[31:3]}; + + assign f6_W14_32 = {W14[16:0],W14[31:17]} ^ {W14[18:0],W14[31:19]} ^ {10'b00_0000_0000,W14[31:10]}; + + + assign T1_32 = H[31:0] + f4_E_32 + f1_EFG_32 + Kt + Wt; + + assign T2_32 = f3_A_32 + f2_ABC_32; + + assign next_Wt = f6_W14_32 + W9[31:0] + f5_W1_32 + W0[31:0]; + assign next_E = D[31:0] + T1_32; + assign next_A = T1_32 + T2_32; + + + assign SHA256_result = {A,B,C,D,E,F,G,H}; + + assign round_plus_1 = round + 1; + + //------------------------------------------------------------------ + // SHA round + //------------------------------------------------------------------ + always @(posedge clk_i) + begin + if (rst_i) + begin + round <= 'd0; + busy <= 'b0; + + W0 <= 'b0; + W1 <= 'b0; + W2 <= 'b0; + W3 <= 'b0; + W4 <= 'b0; + W5 <= 'b0; + W6 <= 'b0; + W7 <= 'b0; + W8 <= 'b0; + W9 <= 'b0; + W10 <= 'b0; + W11 <= 'b0; + W12 <= 'b0; + W13 <= 'b0; + W14 <= 'b0; + Wt <= 'b0; + + A <= 'b0; + B <= 'b0; + C <= 'b0; + D <= 'b0; + E <= 'b0; + F <= 'b0; + G <= 'b0; + H <= 'b0; + + H0 <= 'b0; + H1 <= 'b0; + H2 <= 'b0; + H3 <= 'b0; + H4 <= 'b0; + H5 <= 'b0; + H6 <= 'b0; + H7 <= 'b0; + end + else + begin + case (round) + + 'd0: + begin + if (cmd[1]) + begin + W0 <= text_i; + Wt <= text_i; + busy <= 'b1; + round <= round_plus_1; + + case (cmd[2]) + 1'b0: // sha-256 first message + begin + A <= `SHA256_H0; + B <= `SHA256_H1; + C <= `SHA256_H2; + D <= `SHA256_H3; + E <= `SHA256_H4; + F <= `SHA256_H5; + G <= `SHA256_H6; + H <= `SHA256_H7; + + H0 <= `SHA256_H0; + H1 <= `SHA256_H1; + H2 <= `SHA256_H2; + H3 <= `SHA256_H3; + H4 <= `SHA256_H4; + H5 <= `SHA256_H5; + H6 <= `SHA256_H6; + H7 <= `SHA256_H7; + end + 1'b1: // sha-256 internal message + begin + H0 <= A; + H1 <= B; + H2 <= C; + H3 <= D; + H4 <= E; + H5 <= F; + H6 <= G; + H7 <= H; + end + endcase + end + else + begin // IDLE + round <= 'd0; + end + end + 'd1: + begin + W1 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd2: + begin + W2 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd3: + begin + W3 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd4: + begin + W4 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd5: + begin + W5 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd6: + begin + W6 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd7: + begin + W7 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd8: + begin + W8 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd9: + begin + W9 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd10: + begin + W10 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd11: + begin + W11 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd12: + begin + W12 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd13: + begin + W13 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd14: + begin + W14 <= text_i; + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd15: + begin + Wt <= text_i; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd16, + 'd17, + 'd18, + 'd19, + 'd20, + 'd21, + 'd22, + 'd23, + 'd24, + 'd25, + 'd26, + 'd27, + 'd28, + 'd29, + 'd30, + 'd31, + 'd32, + 'd33, + 'd34, + 'd35, + 'd36, + 'd37, + 'd38, + 'd39, + 'd40, + 'd41, + 'd42, + 'd43, + 'd44, + 'd45, + 'd46, + 'd47, + 'd48, + 'd49, + 'd50, + 'd51, + 'd52, + 'd53, + 'd54, + 'd55, + 'd56, + 'd57, + 'd58, + 'd59, + 'd60, + 'd61, + 'd62, + 'd63: + begin + W0 <= W1; + W1 <= W2; + W2 <= W3; + W3 <= W4; + W4 <= W5; + W5 <= W6; + W6 <= W7; + W7 <= W8; + W8 <= W9; + W9 <= W10; + W10 <= W11; + W11 <= W12; + W12 <= W13; + W13 <= W14; + W14 <= Wt; + Wt <= next_Wt; + + H <= G; + G <= F; + F <= E; + E <= next_E; + D <= C; + C <= B; + B <= A; + A <= next_A; + + round <= round_plus_1; + end + 'd64: + begin + A <= next_A + H0; + B <= A + H1; + C <= B + H2; + D <= C + H3; + E <= next_E + H4; + F <= E + H5; + G <= F + H6; + H <= G + H7; + round <= 'd0; + busy <= 'b0; + end + default: + begin + round <= 'd0; + busy <= 'b0; + end + endcase + end + end + + + //------------------------------------------------------------------ + // Kt generator + //------------------------------------------------------------------ + always @ (posedge clk_i) + begin + if (rst_i) + begin + Kt <= 'b0; + end + else + begin + case (round) + 'd00: Kt <= `K00; + 'd01: Kt <= `K01; + 'd02: Kt <= `K02; + 'd03: Kt <= `K03; + 'd04: Kt <= `K04; + 'd05: Kt <= `K05; + 'd06: Kt <= `K06; + 'd07: Kt <= `K07; + 'd08: Kt <= `K08; + 'd09: Kt <= `K09; + 'd10: Kt <= `K10; + 'd11: Kt <= `K11; + 'd12: Kt <= `K12; + 'd13: Kt <= `K13; + 'd14: Kt <= `K14; + 'd15: Kt <= `K15; + 'd16: Kt <= `K16; + 'd17: Kt <= `K17; + 'd18: Kt <= `K18; + 'd19: Kt <= `K19; + 'd20: Kt <= `K20; + 'd21: Kt <= `K21; + 'd22: Kt <= `K22; + 'd23: Kt <= `K23; + 'd24: Kt <= `K24; + 'd25: Kt <= `K25; + 'd26: Kt <= `K26; + 'd27: Kt <= `K27; + 'd28: Kt <= `K28; + 'd29: Kt <= `K29; + 'd30: Kt <= `K30; + 'd31: Kt <= `K31; + 'd32: Kt <= `K32; + 'd33: Kt <= `K33; + 'd34: Kt <= `K34; + 'd35: Kt <= `K35; + 'd36: Kt <= `K36; + 'd37: Kt <= `K37; + 'd38: Kt <= `K38; + 'd39: Kt <= `K39; + 'd40: Kt <= `K40; + 'd41: Kt <= `K41; + 'd42: Kt <= `K42; + 'd43: Kt <= `K43; + 'd44: Kt <= `K44; + 'd45: Kt <= `K45; + 'd46: Kt <= `K46; + 'd47: Kt <= `K47; + 'd48: Kt <= `K48; + 'd49: Kt <= `K49; + 'd50: Kt <= `K50; + 'd51: Kt <= `K51; + 'd52: Kt <= `K52; + 'd53: Kt <= `K53; + 'd54: Kt <= `K54; + 'd55: Kt <= `K55; + 'd56: Kt <= `K56; + 'd57: Kt <= `K57; + 'd58: Kt <= `K58; + 'd59: Kt <= `K59; + 'd60: Kt <= `K60; + 'd61: Kt <= `K61; + 'd62: Kt <= `K62; + 'd63: Kt <= `K63; + default:Kt <= 'd0; + endcase + end + end + + //------------------------------------------------------------------ + // read result + //------------------------------------------------------------------ + always @ (posedge clk_i) + begin + if (rst_i) + begin + text_o <= 'b0; + read_counter <= 'b0; + end + else + begin + if (cmd[0]) + begin + read_counter <= 'd7; // sha-256 256/32=8 + end + else + begin + if (~busy) + begin + case (read_counter) + 'd7: text_o <= SHA256_result[8*32-1:7*32]; + 'd6: text_o <= SHA256_result[7*32-1:6*32]; + 'd5: text_o <= SHA256_result[6*32-1:5*32]; + 'd4: text_o <= SHA256_result[5*32-1:4*32]; + 'd3: text_o <= SHA256_result[4*32-1:3*32]; + 'd2: text_o <= SHA256_result[3*32-1:2*32]; + 'd1: text_o <= SHA256_result[2*32-1:1*32]; + 'd0: text_o <= SHA256_result[1*32-1:0*32]; + default:text_o <= 'b0; + endcase + if (|read_counter) + read_counter <= read_counter - 'd1; + end + else + begin + text_o <= 'b0; + end + end + end + end + +endmodule + Index: sha_core/tags/arelease/doc/Secure Hash Algorithm IP Core.doc =================================================================== Cannot display: file marked as a binary type. svn:mime-type = application/octet-stream Index: sha_core/tags/arelease/doc/Secure Hash Algorithm IP Core.doc =================================================================== --- sha_core/tags/arelease/doc/Secure Hash Algorithm IP Core.doc (nonexistent) +++ sha_core/tags/arelease/doc/Secure Hash Algorithm IP Core.doc (revision 4)
sha_core/tags/arelease/doc/Secure Hash Algorithm IP Core.doc Property changes : Added: svn:mime-type ## -0,0 +1 ## +application/octet-stream \ No newline at end of property Index: sha_core/tags/arelease/doc/Secure Hash Algorithm IP Core.pdf =================================================================== Cannot display: file marked as a binary type. svn:mime-type = application/octet-stream Index: sha_core/tags/arelease/doc/Secure Hash Algorithm IP Core.pdf =================================================================== --- sha_core/tags/arelease/doc/Secure Hash Algorithm IP Core.pdf (nonexistent) +++ sha_core/tags/arelease/doc/Secure Hash Algorithm IP Core.pdf (revision 4)
sha_core/tags/arelease/doc/Secure Hash Algorithm IP Core.pdf Property changes : Added: svn:mime-type ## -0,0 +1 ## +application/octet-stream \ No newline at end of property Index: sha_core/tags/arelease/src/mrshs512.c =================================================================== --- sha_core/tags/arelease/src/mrshs512.c (nonexistent) +++ sha_core/tags/arelease/src/mrshs512.c (revision 4) @@ -0,0 +1,238 @@ +/* + * Implementation of the Secure Hashing Algorithm (SHA-384 and SHA-512) + * + * Generates a a 384 or 512 bit message digest. It should be impossible to come + * come up with two messages that hash to the same value ("collision free"). + * + * For use with byte-oriented messages only. Could/Should be speeded + * up by unwinding loops in shs_transform(), and assembly patches. + * + * NOTE: This requires a 64-bit integer type to be defined + */ + +#include +#include "miracl.h" + +#ifdef mr_unsign64 + +#define H0 0x6a09e667f3bcc908 +#define H1 0xbb67ae8584caa73b +#define H2 0x3c6ef372fe94f82b +#define H3 0xa54ff53a5f1d36f1 +#define H4 0x510e527fade682d1 +#define H5 0x9b05688c2b3e6c1f +#define H6 0x1f83d9abfb41bd6b +#define H7 0x5be0cd19137e2179 + +#define H8 0xcbbb9d5dc1059ed8 +#define H9 0x629a292a367cd507 +#define HA 0x9159015a3070dd17 +#define HB 0x152fecd8f70e5939 +#define HC 0x67332667ffc00b31 +#define HD 0x8eb44a8768581511 +#define HE 0xdb0c2e0d64f98fa7 +#define HF 0x47b5481dbefa4fa4 + +static mr_unsign64 K[80]={ +0x428a2f98d728ae22,0x7137449123ef65cd,0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc, +0x3956c25bf348b538,0x59f111f1b605d019,0x923f82a4af194f9b,0xab1c5ed5da6d8118, +0xd807aa98a3030242,0x12835b0145706fbe,0x243185be4ee4b28c,0x550c7dc3d5ffb4e2, +0x72be5d74f27b896f,0x80deb1fe3b1696b1,0x9bdc06a725c71235,0xc19bf174cf692694, +0xe49b69c19ef14ad2,0xefbe4786384f25e3,0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65, +0x2de92c6f592b0275,0x4a7484aa6ea6e483,0x5cb0a9dcbd41fbd4,0x76f988da831153b5, +0x983e5152ee66dfab,0xa831c66d2db43210,0xb00327c898fb213f,0xbf597fc7beef0ee4, +0xc6e00bf33da88fc2,0xd5a79147930aa725,0x06ca6351e003826f,0x142929670a0e6e70, +0x27b70a8546d22ffc,0x2e1b21385c26c926,0x4d2c6dfc5ac42aed,0x53380d139d95b3df, +0x650a73548baf63de,0x766a0abb3c77b2a8,0x81c2c92e47edaee6,0x92722c851482353b, +0xa2bfe8a14cf10364,0xa81a664bbc423001,0xc24b8b70d0f89791,0xc76c51a30654be30, +0xd192e819d6ef5218,0xd69906245565a910,0xf40e35855771202a,0x106aa07032bbd1b8, +0x19a4c116b8d2d0c8,0x1e376c085141ab53,0x2748774cdf8eeb99,0x34b0bcb5e19b48a8, +0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb,0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3, +0x748f82ee5defb2fc,0x78a5636f43172f60,0x84c87814a1f0ab72,0x8cc702081a6439ec, +0x90befffa23631e28,0xa4506cebde82bde9,0xbef9a3f7b2c67915,0xc67178f2e372532b, +0xca273eceea26619c,0xd186b8c721c0c207,0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178, +0x06f067aa72176fba,0x0a637dc5a2c898a6,0x113f9804bef90dae,0x1b710b35131c471b, +0x28db77f523047d84,0x32caab7b40c72493,0x3c9ebe0a15c9bebc,0x431d67c49c100d4c, +0x4cc5d4becb3e42b6,0x597f299cfc657e2a,0x5fcb6fab3ad6faec,0x6c44198c4a475817}; + +#define PAD 0x80 +#define ZERO 0 + +/* functions */ + +#define S(n,x) (((x)>>n) | ((x)<<(64-n))) +#define R(n,x) ((x)>>n) + +#define Ch(x,y,z) ((x&y)^(~(x)&z)) +#define Maj(x,y,z) ((x&y)^(x&z)^(y&z)) +#define Sig0(x) (S(28,x)^S(34,x)^S(39,x)) +#define Sig1(x) (S(14,x)^S(18,x)^S(41,x)) +#define theta0(x) (S(1,x)^S(8,x)^R(7,x)) +#define theta1(x) (S(19,x)^S(61,x)^R(6,x)) + +static void shs_transform(sha512 *sh) +{ /* basic transformation step */ + mr_unsign64 a,b,c,d,e,f,g,h,t1,t2; + int j; + for (j=16;j<80;j++) + sh->w[j]=theta1(sh->w[j-2])+sh->w[j-7]+theta0(sh->w[j-15])+sh->w[j-16]; + + a=sh->h[0]; b=sh->h[1]; c=sh->h[2]; d=sh->h[3]; + e=sh->h[4]; f=sh->h[5]; g=sh->h[6]; h=sh->h[7]; + + for (j=0;j<80;j++) + { /* 80 times - mush it up */ + t1=h+Sig1(e)+Ch(e,f,g)+K[j]+sh->w[j]; + t2=Sig0(a)+Maj(a,b,c); + h=g; g=f; f=e; + e=d+t1; + d=c; + c=b; + b=a; + a=t1+t2; + } + sh->h[0]+=a; sh->h[1]+=b; sh->h[2]+=c; sh->h[3]+=d; + sh->h[4]+=e; sh->h[5]+=f; sh->h[6]+=g; sh->h[7]+=h; +} + +void shs512_init(sha512 *sh) +{ /* re-initialise */ + int i; + for (i=0;i<80;i++) sh->w[i]=0; + sh->length[0]=sh->length[1]=0; + sh->h[0]=H0; + sh->h[1]=H1; + sh->h[2]=H2; + sh->h[3]=H3; + sh->h[4]=H4; + sh->h[5]=H5; + sh->h[6]=H6; + sh->h[7]=H7; +} + +void shs384_init(sha384 *sh) +{ /* re-initialise */ + int i; + for (i=0;i<80;i++) sh->w[i]=0; + sh->length[0]=sh->length[1]=0; + sh->h[0]=H8; + sh->h[1]=H9; + sh->h[2]=HA; + sh->h[3]=HB; + sh->h[4]=HC; + sh->h[5]=HD; + sh->h[6]=HE; + sh->h[7]=HF; +} + + +void shs512_process(sha512 *sh,int byte) +{ /* process the next message byte */ + int cnt; + + cnt=(int)((sh->length[0]/64)%16); + + sh->w[cnt]<<=8; + sh->w[cnt]|=(mr_unsign64)(byte&0xFF); + + sh->length[0]+=8; + if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } + if ((sh->length[0]%1024)==0) shs_transform(sh); +} + + +void shs384_process(sha384 *sh,int byte) +{ /* process the next message byte */ + int cnt; + + cnt=(int)((sh->length[0]/64)%16); + + sh->w[cnt]<<=8; + sh->w[cnt]|=(mr_unsign64)(byte&0xFF); + + sh->length[0]+=8; + if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } + if ((sh->length[0]%1024)==0) shs_transform(sh); +} + + +void shs512_hash(sha512 *sh,char hash[64]) +{ /* pad message and finish - supply digest */ + int i; + mr_unsign64 len0,len1; + len0=sh->length[0]; + len1=sh->length[1]; + shs512_process(sh,PAD); + while ((sh->length[0]%1024)!=896) shs512_process(sh,ZERO); + sh->w[14]=len1; + sh->w[15]=len0; + shs_transform(sh); + for (i=0;i<64;i++) + { /* convert to bytes */ + hash[i]=(char)((sh->h[i/8]>>(8*(7-i%8))) & 0xffL); + } + shs512_init(sh); +} + +void shs384_hash(sha384 *sh,char hash[48]) +{ /* pad message and finish - supply digest */ + int i; + mr_unsign64 len0,len1; + len0=sh->length[0]; + len1=sh->length[1]; + shs512_process(sh,PAD); + while ((sh->length[0]%1024)!=896) shs384_process(sh,ZERO); + sh->w[14]=len1; + sh->w[15]=len0; + shs_transform(sh); + for (i=0;i<48;i++) + { /* convert to bytes */ + hash[i]=(char)((sh->h[i/8]>>(8*(7-i%8))) & 0xffL); + } + shs384_init(sh); +} + + +#endif + +/* test program: should produce digests + +512 bit + +8e959b75dae313da 8cf4f72814fc143f 8f7779c6eb9f7fa1 7299aeadb6889018 +501d289e4900f7e4 331b99dec4b5433a c7d329eeb6dd2654 5e96e55b874be909 + + +384 bit + +09330c33f71147e8 3d192fc782cd1b47 53111b173b3b05d2 2fa08086e3b0f712 +fcc7c71a557e2db9 66c3e9fa91746039 + + +#include +#include "miracl.h" + +char test[]="abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + +int main() +{ + char hash[64]; + int i; + sha512 sh; + shs512_init(&sh); + for (i=0;test[i]!=0;i++) shs512_process(&sh,test[i]); + shs512_hash(&sh,hash); + for (i=0;i<64;i++) printf("%02x",(unsigned char)hash[i]); + printf("\n"); + + shs384_init(&sh); + for (i=0;test[i]!=0;i++) shs384_process(&sh,test[i]); + shs384_hash(&sh,hash); + for (i=0;i<48;i++) printf("%02x",(unsigned char)hash[i]); + printf("\n"); + + return 0; +} + +*/ + Index: sha_core/tags/arelease/src/mrshs256.c =================================================================== --- sha_core/tags/arelease/src/mrshs256.c (nonexistent) +++ sha_core/tags/arelease/src/mrshs256.c (revision 4) @@ -0,0 +1,144 @@ +/* + * Implementation of the Secure Hashing Algorithm (SHA-256) + * + * Generates a 256 bit message digest. It should be impossible to come + * come up with two messages that hash to the same value ("collision free"). + * + * For use with byte-oriented messages only. Could/Should be speeded + * up by unwinding loops in shs_transform(), and assembly patches. + */ + +#include +#include "miracl.h" + +#define H0 0x6A09E667L +#define H1 0xBB67AE85L +#define H2 0x3C6EF372L +#define H3 0xA54FF53AL +#define H4 0x510E527FL +#define H5 0x9B05688CL +#define H6 0x1F83D9ABL +#define H7 0x5BE0CD19L + +static mr_unsign32 K[64]={ +0x428a2f98L,0x71374491L,0xb5c0fbcfL,0xe9b5dba5L,0x3956c25bL,0x59f111f1L,0x923f82a4L,0xab1c5ed5L, +0xd807aa98L,0x12835b01L,0x243185beL,0x550c7dc3L,0x72be5d74L,0x80deb1feL,0x9bdc06a7L,0xc19bf174L, +0xe49b69c1L,0xefbe4786L,0x0fc19dc6L,0x240ca1ccL,0x2de92c6fL,0x4a7484aaL,0x5cb0a9dcL,0x76f988daL, +0x983e5152L,0xa831c66dL,0xb00327c8L,0xbf597fc7L,0xc6e00bf3L,0xd5a79147L,0x06ca6351L,0x14292967L, +0x27b70a85L,0x2e1b2138L,0x4d2c6dfcL,0x53380d13L,0x650a7354L,0x766a0abbL,0x81c2c92eL,0x92722c85L, +0xa2bfe8a1L,0xa81a664bL,0xc24b8b70L,0xc76c51a3L,0xd192e819L,0xd6990624L,0xf40e3585L,0x106aa070L, +0x19a4c116L,0x1e376c08L,0x2748774cL,0x34b0bcb5L,0x391c0cb3L,0x4ed8aa4aL,0x5b9cca4fL,0x682e6ff3L, +0x748f82eeL,0x78a5636fL,0x84c87814L,0x8cc70208L,0x90befffaL,0xa4506cebL,0xbef9a3f7L,0xc67178f2L}; + +#define PAD 0x80 +#define ZERO 0 + +/* functions */ + +#define S(n,x) (((x)>>n) | ((x)<<(32-n))) +#define R(n,x) ((x)>>n) + +#define Ch(x,y,z) ((x&y)^(~(x)&z)) +#define Maj(x,y,z) ((x&y)^(x&z)^(y&z)) +#define Sig0(x) (S(2,x)^S(13,x)^S(22,x)) +#define Sig1(x) (S(6,x)^S(11,x)^S(25,x)) +#define theta0(x) (S(7,x)^S(18,x)^R(3,x)) +#define theta1(x) (S(17,x)^S(19,x)^R(10,x)) + +static void shs_transform(sha256 *sh) +{ /* basic transformation step */ + mr_unsign32 a,b,c,d,e,f,g,h,t1,t2; + int j; + for (j=16;j<64;j++) + sh->w[j]=theta1(sh->w[j-2])+sh->w[j-7]+theta0(sh->w[j-15])+sh->w[j-16]; + + a=sh->h[0]; b=sh->h[1]; c=sh->h[2]; d=sh->h[3]; + e=sh->h[4]; f=sh->h[5]; g=sh->h[6]; h=sh->h[7]; + + for (j=0;j<64;j++) + { /* 64 times - mush it up */ + t1=h+Sig1(e)+Ch(e,f,g)+K[j]+sh->w[j]; + t2=Sig0(a)+Maj(a,b,c); + h=g; g=f; f=e; + e=d+t1; + d=c; + c=b; + b=a; + a=t1+t2; + } + sh->h[0]+=a; sh->h[1]+=b; sh->h[2]+=c; sh->h[3]+=d; + sh->h[4]+=e; sh->h[5]+=f; sh->h[6]+=g; sh->h[7]+=h; +} + +void shs256_init(sha256 *sh) +{ /* re-initialise */ + int i; + for (i=0;i<64;i++) sh->w[i]=0L; + sh->length[0]=sh->length[1]=0L; + sh->h[0]=H0; + sh->h[1]=H1; + sh->h[2]=H2; + sh->h[3]=H3; + sh->h[4]=H4; + sh->h[5]=H5; + sh->h[6]=H6; + sh->h[7]=H7; +} + +void shs256_process(sha256 *sh,int byte) +{ /* process the next message byte */ + int cnt; + + cnt=(int)((sh->length[0]/32)%16); + + sh->w[cnt]<<=8; + sh->w[cnt]|=(mr_unsign32)(byte&0xFF); + + sh->length[0]+=8; + if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } + if ((sh->length[0]%512)==0) shs_transform(sh); +} + +void shs256_hash(sha256 *sh,char hash[32]) +{ /* pad message and finish - supply digest */ + int i; + mr_unsign32 len0,len1; + len0=sh->length[0]; + len1=sh->length[1]; + shs256_process(sh,PAD); + while ((sh->length[0]%512)!=448) shs256_process(sh,ZERO); + sh->w[14]=len1; + sh->w[15]=len0; + shs_transform(sh); + for (i=0;i<32;i++) + { /* convert to bytes */ + hash[i]=((sh->h[i/4]>>(8*(3-i%4))) & 0xffL); + } + shs256_init(sh); +} + +/* test program: should produce digest + +248d6a61 d20638b8 e5c02693 0c3e6039 a33ce459 64ff2167 f6ecedd4 19db06c1 + + +#include +#include "miracl.h" + +char test[]="abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; + +int main() +{ + char hash[32]; + int i; + sha256 sh; + shs256_init(&sh); + for (i=0;test[i]!=0;i++) shs256_process(&sh,test[i]); + shs256_hash(&sh,hash); + for (i=0;i<32;i++) printf("%02x",(unsigned char)hash[i]); + printf("\n"); + return 0; +} + +*/ + Index: sha_core/tags/arelease/src/mirdef.h =================================================================== --- sha_core/tags/arelease/src/mirdef.h (nonexistent) +++ sha_core/tags/arelease/src/mirdef.h (revision 4) @@ -0,0 +1,21 @@ +/* + * MIRACL compiler/hardware definitions - mirdef.h + * Copyright (c) 1988-2002 Shamus Software Ltd. + */ +#define MR_COMBA 6 +#define MR_LITTLE_ENDIAN +#define MIRACL 32 +#define mr_utype int +#define MR_IBITS 32 +#define MR_LBITS 32 +#define mr_unsign32 unsigned int +#define mr_dltype __int64 +#define mr_unsign64 unsigned __int64 +#define MR_STRIPPED_DOWN +#define MAXBASE ((mr_small)1<<(MIRACL-1)) +#define MR_BITSINCHAR 8 + +#define MR_NO_FILE_IO +#define NULL ((void *)0) + + Index: sha_core/tags/arelease/src/miracl.h =================================================================== --- sha_core/tags/arelease/src/miracl.h (nonexistent) +++ sha_core/tags/arelease/src/miracl.h (revision 4) @@ -0,0 +1,941 @@ +#ifndef MIRACL_H +#define MIRACL_H + +/* + * main MIRACL header - miracl.h. + * + * Copyright (c) 1988-2001 Shamus Software Ltd. + */ + +#include "mirdef.h" + +#ifdef __ia64__ +#if MIRACL==64 +#define MR_ITANIUM +#include +#endif +#endif + +#ifdef MR_FP +#include +#endif + +#ifndef MR_NO_FILE_IO +#include +#endif + /* error returns */ + +#define MR_ERR_BASE_TOO_BIG 1 +#define MR_ERR_DIV_BY_ZERO 2 +#define MR_ERR_OVERFLOW 3 +#define MR_ERR_NEG_RESULT 4 +#define MR_ERR_BAD_FORMAT 5 +#define MR_ERR_BAD_BASE 6 +#define MR_ERR_BAD_PARAMETERS 7 +#define MR_ERR_OUT_OF_MEMORY 8 +#define MR_ERR_NEG_ROOT 9 +#define MR_ERR_NEG_POWER 10 +#define MR_ERR_BAD_ROOT 11 +#define MR_ERR_INT_OP 12 +#define MR_ERR_FLASH_OVERFLOW 13 +#define MR_ERR_TOO_BIG 14 +#define MR_ERR_NEG_LOG 15 +#define MR_ERR_DOUBLE_FAIL 16 +#define MR_ERR_IO_OVERFLOW 17 +#define MR_ERR_NO_MIRSYS 18 +#define MR_ERR_BAD_MODULUS 19 +#define MR_ERR_NO_MODULUS 20 +#define MR_ERR_EXP_TOO_BIG 21 +#define MR_ERR_NOT_SUPPORTED 22 +#define MR_ERR_NOT_DOUBLE_LEN 23 +#define MR_ERR_NOT_IRREDUC 24 +#define MR_ERR_NO_ROUNDING 25 + + /* some useful definitions */ + + + +#define forever for(;;) + +#ifndef TRUE + #define TRUE 1 +#endif +#ifndef FALSE + #define FALSE 0 +#endif + +#define OFF 0 +#define ON 1 +#define PLUS 1 +#define MINUS (-1) + +#define MR_MAXDEPTH 24 + /* max routine stack depth */ +/* big and flash variables consist of an encoded length, * + * and an array of mr_smalls containing the digits */ + +typedef int BOOL; + +#define MR_BYTE unsigned char + +#ifdef MR_BITSINCHAR + #if MR_BITSINCHAR == 8 + #define MR_TOBYTE(x) ((MR_BYTE)(x)) + #else + #define MR_TOBYTE(x) ((MR_BYTE)((x)&0xFF)) + #endif +#else + #define MR_TOBYTE(x) ((MR_BYTE)(x)) +#endif + +#ifdef MR_FP + + typedef mr_utype mr_small; + #ifdef mr_dltype + typedef mr_dltype mr_large; + #endif + + #define MR_DIV(a,b) (modf((a)/(b),&dres),dres) + + #ifdef MR_FP_ROUNDING + +/* slightly dicey - the optimizer might remove the MAGIC ! */ + + #define MR_LROUND(a) ( ( (a) + MR_MAGIC ) - MR_MAGIC ) + #else + #define MR_LROUND(a) (modfl((a),&ldres),ldres) + #endif + + #define MR_REMAIN(a,b) ((a)-(b)*MR_DIV((a),(b))) + +#else + + typedef unsigned mr_utype mr_small; + #ifdef mr_dltype + typedef unsigned mr_dltype mr_large; + #endif + + #define MR_DIV(a,b) ((a)/(b)) + #define MR_REMAIN(a,b) ((a)%(b)) + #define MR_LROUND(a) ((a)) +#endif + +struct bigtype +{ + mr_unsign32 len; + mr_small *w; +}; + +typedef struct bigtype *big; +typedef big zzn; + +/* Macro to create big x on the stack - x_t and x_g must be distinct variables + By convention use like this. See brute.c and identity.c for examples + + BIG(x,x_t,x_g,10) + BIG(y,y_t,y_g,10) + +*/ + +#define BIG(x,xt,xg,s) mr_small xg[s]; struct bigtype xt={s,xg}; big x=&xt; + +typedef big flash; + +#define MR_MSBIT ((mr_unsign32)1<<31) +#define MR_OBITS (MR_MSBIT-1) + +#if MIRACL >= MR_IBITS +#define MR_TOOBIG (1<<(MR_IBITS-2)) +#else +#define MR_TOOBIG (1<<(MIRACL-1)) +#endif + +#ifdef MR_FLASH +#define MR_EBITS (8*sizeof(double) - MR_FLASH) + /* no of Bits per double exponent */ +#define MR_BTS 16 +#define MR_MSK 0xFFFF + +#endif + +#define MR_HASH_BYTES 20 + +/* Marsaglia & Zaman Random number generator */ +/* constants alternatives */ +#define NK 37 /* 21 */ +#define NJ 24 /* 6 */ +#define NV 14 /* 8 */ + + +#ifdef MR_LITTLE_ENDIAN +#define MR_TOP(x) (*(((mr_small *)&(x))+1)) +#define MR_BOT(x) (*(((mr_small *)&(x)))) +#endif +#ifdef MR_BIG_ENDIAN +#define MR_TOP(x) (*(((mr_small *)&(x)))) +#define MR_BOT(x) (*(((mr_small *)&(x))+1)) +#endif + +/* chinese remainder theorem structures */ + +typedef struct { +big *C; +big *V; +big *M; +int NP; +} big_chinese; + +typedef struct { +mr_utype *C; +mr_utype *V; +mr_utype *M; +int NP; +} small_chinese; + +/* Cryptographically strong pseudo-random number generator */ + +typedef struct { +mr_unsign32 ira[NK]; /* random number... */ +int rndptr; /* ...array & pointer */ +mr_unsign32 borrow; +int pool_ptr; +char pool[MR_HASH_BYTES]; /* random pool */ +} csprng; + +/* secure hash Algorithm structure */ + +typedef struct { +mr_unsign32 length[2]; +mr_unsign32 h[8]; +mr_unsign32 w[80]; +} sha256; + +typedef sha256 sha; + +#ifdef mr_unsign64 + +typedef struct { +mr_unsign64 length[2]; +mr_unsign64 h[8]; +mr_unsign64 w[80]; +} sha512; + +typedef sha512 sha384; + +#endif + +/* advanced encryption algorithm structure */ + +#define MR_ECB 0 +#define MR_CBC 1 +#define MR_CFB1 2 +#define MR_CFB2 3 +#define MR_CFB4 5 +#define MR_PCFB1 10 +#define MR_PCFB2 11 +#define MR_PCFB4 13 +#define MR_OFB1 14 +#define MR_OFB2 15 +#define MR_OFB4 17 +#define MR_OFB8 21 +#define MR_OFB16 29 + +typedef struct { +int Nk,Nr; +int mode; +mr_unsign32 fkey[60]; +mr_unsign32 rkey[60]; +char f[16]; +} aes; + + + /* Elliptic curve point status */ + +#define MR_EPOINT_GENERAL 0 +#define MR_EPOINT_NORMALIZED 1 +#define MR_EPOINT_INFINITY 2 + +#define MR_PROJECTIVE 0 +#define MR_AFFINE 1 + + +/* Elliptic Curve epoint structure. Uses projective (X,Y,Z) co-ordinates */ + +typedef struct { +big X; +big Y; +big Z; +int marker; +} epoint; + + +/* Structure for Brickell method for finite * + field exponentiation with precomputation */ + +typedef struct { + big *table; + big n; + int base; + int store; +} brick; + +/* Structure for Brickell method for elliptic * + curve exponentiation with precomputation */ + +typedef struct { + epoint **table; + big a,b,n; + int base; + int store; +} ebrick; + +typedef struct { + epoint **table; + big a6,a2; + int m,a,b,c; + int base; + int store; +} ebrick2; + +/* main MIRACL instance structure */ + +typedef struct { +mr_small base; /* number base */ +mr_small apbase; /* apparent base */ +int pack; /* packing density */ +int lg2b; /* bits in base */ +mr_small base2; /* 2^mr_lg2b */ +BOOL (*user)(void); /* pointer to user supplied function */ + +int nib; /* length of bigs */ +int depth; /* error tracing ..*/ +int trace[MR_MAXDEPTH]; /* .. mechanism */ +BOOL check; /* overflow check */ +BOOL fout; /* Output to file */ +BOOL fin; /* Input from file */ +BOOL active; + +#ifndef MR_NO_FILE_IO + +FILE *infile; /* Input file */ +FILE *otfile; /* Output file */ + +#endif + +mr_unsign32 ira[NK]; /* random number... */ +int rndptr; /* ...array & pointer */ +mr_unsign32 borrow; + + /* Montgomery constants */ +mr_small ndash; +big modulus; +BOOL ACTIVE; +BOOL MONTY; + /* Elliptic Curve details */ +BOOL SS; /* True for Super-Singular */ +big A,B,C; +int coord,Asize,Bsize; + +int M,AA,BB,CC; /* for GF(2^m) curves */ + +int logN; /* constants for fast fourier fft multiplication */ +int nprimes,degree; +mr_utype *prime,*cr; +mr_utype *inverse,**roots; +small_chinese chin; +mr_utype const1,const2,const3; +mr_small msw,lsw; +mr_utype **s1,**s2; /* pre-computed tables for polynomial reduction */ +mr_utype **t; /* workspace */ +mr_utype *wa; +mr_utype *wb; +mr_utype *wc; +BOOL same; +BOOL first_one; +BOOL debug; + +big w0; /* workspace bigs */ +big w1,w2,w3,w4; +big w5,w6,w7; +big w8,w9,w10,w11; +big w12,w13,w14,w15; +big w16,w17,w18; + +/* User modifiables */ + +char *IOBUFF; /* i/o buffer */ +int IOBSIZ; /* size of i/o buffer */ +BOOL ERCON; /* error control */ +int ERNUM; /* last error code */ +int NTRY; /* no. of tries for probablistic primality testing */ +int IOBASE; /* base for input and output */ +BOOL EXACT; /* exact flag */ +BOOL RPOINT; /* =ON for radix point, =OFF for fractions in output */ +BOOL TRACER; /* turns trace tracker on/off */ +int INPLEN; /* input length */ +int *PRIMES; /* small primes array */ + +#ifdef MR_FLASH +int workprec; +int stprec; /* start precision */ + +int RS,RD; +double D; + +double db,n,p; +int a,b,c,d,r,q,oldn,ndig; +mr_small u,v,ku,kv; + +BOOL last,carryon; +flash pi; + + +#endif + +#ifdef MR_KCM +big big_ndash; +big ws; +#endif + +#ifdef MR_FP_ROUNDING +mr_large inverse_base; +#endif +int size; +char *workspace; + +} miracl; + + +#ifndef MR_GENERIC_MT + +#ifdef MR_WINDOWS_MT +#define MR_OS_THREADS +#endif + +#ifdef MR_UNIX_MT +#define MR_OS_THREADS +#endif + +#ifndef MR_OS_THREADS + +extern miracl *mr_mip; /* pointer to MIRACL's only global variable */ + +#endif + +#endif + + +#ifdef MR_GENERIC_MT + +#define _MIPT_ miracl *, +#define _MIPTO_ miracl * +#define _MIPD_ miracl *mr_mip, +#define _MIPDO_ miracl *mr_mip +#define _MIPP_ mr_mip, +#define _MIPPO_ mr_mip + +#else + +#define _MIPT_ +#define _MIPTO_ void +#define _MIPD_ +#define _MIPDO_ void +#define _MIPP_ +#define _MIPPO_ + +#endif + +/* Preamble and exit code for MIRACL routines. * + * Not used if MR_STRIPPED_DOWN is defined */ + +#ifdef MR_STRIPPED_DOWN +#define MR_OUT +#define MR_IN(N) +#else +#define MR_OUT mr_mip->depth--; +#define MR_IN(N) mr_mip->depth++; if (mr_mip->depthtrace[mr_mip->depth]=(N); if (mr_mip->TRACER) mr_track(_MIPPO_); } +#endif + +/* Function definitions */ + +/* Group 0 - Internal routines */ + +extern void mr_berror(_MIPT_ int); +extern mr_small mr_shiftbits(mr_small,int); +extern mr_small mr_setbase(_MIPT_ mr_small); +extern void mr_track(_MIPTO_ ); +extern void mr_lzero(big); +extern BOOL mr_notint(flash); +extern int mr_lent(flash); +extern void mr_padd(_MIPT_ big,big,big); +extern void mr_psub(_MIPT_ big,big,big); +extern void mr_pmul(_MIPT_ big,mr_small,big); +#ifdef MR_FP_ROUNDING +extern mr_large mr_invert(mr_small); +extern mr_small imuldiv(mr_small,mr_small,mr_small,mr_small,mr_large,mr_small *); +extern mr_small mr_sdiv(_MIPT_ big,mr_small,mr_large,big); +#else +extern mr_small mr_sdiv(_MIPT_ big,mr_small,big); +#endif +extern void mr_shift(_MIPT_ big,int,big); +extern miracl *mr_first_alloc(void); +extern void *mr_alloc(_MIPT_ int,int); +extern void mr_free(void *); +extern void set_user_function(_MIPT_ BOOL (*)(void)); +extern void set_io_buffer_size(_MIPT_ int); +extern int mr_testbit(_MIPT_ big,int); +extern int mr_window(_MIPT_ big,int,int *,int *); +extern int mr_window2(_MIPT_ big,big,int,int *,int *); +extern int mr_naf_window(_MIPT_ big,big,int,int *,int *); + +extern int mr_fft_init(_MIPT_ int,big,big,BOOL); +extern void mr_dif_fft(_MIPT_ int,int,mr_utype *); +extern void mr_dit_fft(_MIPT_ int,int,mr_utype *); +extern void fft_reset(_MIPTO_); + +extern int mr_poly_mul(_MIPT_ int,big*,int,big*,big*); +extern int mr_poly_sqr(_MIPT_ int,big*,big*); +extern void mr_polymod_set(_MIPT_ int,big*,big*); +extern int mr_poly_rem(_MIPT_ int,big *,big *); + +extern int mr_ps_big_mul(_MIPT_ int,big *,big *,big *); +extern int mr_ps_zzn_mul(_MIPT_ int,big *,big *,big *); + +extern mr_small muldiv(mr_small,mr_small,mr_small,mr_small,mr_small *); +extern mr_small muldvm(mr_small,mr_small,mr_small,mr_small *); +extern mr_small muldvd(mr_small,mr_small,mr_small,mr_small *); +extern void muldvd2(mr_small,mr_small,mr_small *,mr_small *); + +/* Group 1 - General purpose, I/O and basic arithmetic routines */ + +extern int igcd(int,int); +extern mr_small sgcd(mr_small,mr_small); +extern int isqrt(int,int); +extern void irand(_MIPT_ mr_unsign32); +extern mr_small brand(_MIPTO_ ); +extern void zero(flash); +extern void convert(_MIPT_ int,big); +extern void lgconv(_MIPT_ long,big); +extern flash mirvar(_MIPT_ int); +extern flash mirvar_mem(_MIPT_ char *,int); +extern void mirkill(big); +extern void *memalloc(_MIPT_ int); +extern void memkill(_MIPT_ char *,int); +extern void mr_init_threading(void); +extern void mr_end_threading(void); +extern miracl *get_mip(_MIPTO_ ); +extern miracl *mirsys(int,mr_small); +extern void mirexit(_MIPTO_ ); +extern int exsign(flash); +extern void insign(int,flash); +extern int getdig(_MIPT_ big,int); +extern int numdig(_MIPT_ big); +extern void putdig(_MIPT_ int,big,int); +extern void copy(flash,flash); +extern void negify(flash,flash); +extern void absol(flash,flash); +extern int size(big); +extern int compare(big,big); +extern void add(_MIPT_ big,big,big); +extern void subtract(_MIPT_ big,big,big); +extern void incr(_MIPT_ big,int,big); +extern void decr(_MIPT_ big,int,big); +extern void premult(_MIPT_ big,int,big); +extern int subdiv(_MIPT_ big,int,big); +extern BOOL subdivisible(_MIPT_ big,int); +extern int remain(_MIPT_ big,int); +extern void bytes_to_big(_MIPT_ int,char *,big); +extern int big_to_bytes(_MIPT_ int,big,char *,BOOL); +extern mr_small normalise(_MIPT_ big,big); +extern void multiply(_MIPT_ big,big,big); +extern void fft_mult(_MIPT_ big,big,big); +extern BOOL fastmultop(_MIPT_ int,big,big,big); +extern void divide(_MIPT_ big,big,big); +extern BOOL divisible(_MIPT_ big,big); +extern void mad(_MIPT_ big,big,big,big,big,big); +extern int instr(_MIPT_ flash,char *); +extern int otstr(_MIPT_ flash,char *); +extern int cinstr(_MIPT_ flash,char *); +extern int cotstr(_MIPT_ flash,char *); + +#ifndef MR_NO_FILE_IO + +extern int innum(_MIPT_ flash,FILE *); +extern int otnum(_MIPT_ flash,FILE *); +extern int cinnum(_MIPT_ flash,FILE *); +extern int cotnum(_MIPT_ flash,FILE *); + +#endif + +/* Group 2 - Advanced arithmetic routines */ + +extern mr_small smul(mr_small,mr_small,mr_small); +extern mr_small spmd(mr_small,mr_small,mr_small); +extern mr_small invers(mr_small,mr_small); +extern mr_small sqrmp(mr_small,mr_small); +extern int jac(mr_small,mr_small); + +extern void gprime(_MIPT_ int); +extern int jack(_MIPT_ big,big); +extern int egcd(_MIPT_ big,big,big); +extern int xgcd(_MIPT_ big,big,big,big,big); +extern int logb2(_MIPT_ big); +extern void expint(_MIPT_ int,int,big); +extern void sftbit(_MIPT_ big,int,big); +extern void power(_MIPT_ big,long,big,big); +extern void powmod(_MIPT_ big,big,big,big); +extern void powmod2(_MIPT_ big,big,big,big,big,big); +extern void powmodn(_MIPT_ int,big *,big *,big,big); +extern int powltr(_MIPT_ int,big,big,big); +extern BOOL double_inverse(_MIPT_ big,big,big,big,big); +extern BOOL multi_inverse(_MIPT_ int,big*,big,big*); +extern void lucas(_MIPT_ big,big,big,big,big); +extern BOOL nroot(_MIPT_ big,int,big); +extern BOOL sqroot(_MIPT_ big,big,big); +extern void bigrand(_MIPT_ big,big); +extern void bigdig(_MIPT_ int,int,big); +extern int trial_division(_MIPT_ big,big); +extern BOOL isprime(_MIPT_ big); +extern BOOL nxprime(_MIPT_ big,big); +extern BOOL nxsafeprime(_MIPT_ int,int,big,big); +extern BOOL crt_init(_MIPT_ big_chinese *,int,big *); +extern void crt(_MIPT_ big_chinese *,big *,big); +extern void crt_end(big_chinese *); +extern BOOL scrt_init(_MIPT_ small_chinese *,int,mr_utype *); +extern void scrt(_MIPT_ small_chinese*,mr_utype *,big); +extern void scrt_end(small_chinese *); +extern BOOL brick_init(_MIPT_ brick *,big,big,int); +extern void pow_brick(_MIPT_ brick *,big,big); +extern void brick_end(brick *); +extern BOOL ebrick_init(_MIPT_ ebrick *,big,big,big,big,big,int); +extern void ebrick_end(ebrick *); +extern int mul_brick(_MIPT_ ebrick*,big,big,big); +extern BOOL ebrick2_init(_MIPT_ ebrick2 *,big,big,big,big,int,int,int,int,int); +extern void ebrick2_end(ebrick2 *); +extern int mul2_brick(_MIPT_ ebrick2*,big,big,big); + +/* Montgomery stuff */ + +extern mr_small prepare_monty(_MIPT_ big); +extern void kill_monty(_MIPTO_ ); +extern void nres(_MIPT_ big,big); +extern void redc(_MIPT_ big,big); + +extern void nres_negate(_MIPT_ big,big); +extern void nres_modadd(_MIPT_ big,big,big); +extern void nres_modsub(_MIPT_ big,big,big); +extern void nres_premult(_MIPT_ big,int,big); +extern void nres_modmult(_MIPT_ big,big,big); +extern int nres_moddiv(_MIPT_ big,big,big); +extern void nres_dotprod(_MIPT_ int,big *,big *,big); +extern void nres_powmod(_MIPT_ big,big,big); +extern void nres_powltr(_MIPT_ int,big,big); +extern void nres_powmod2(_MIPT_ big,big,big,big,big); +extern void nres_powmodn(_MIPT_ int,big *,big *,big); +extern BOOL nres_sqroot(_MIPT_ big,big); +extern void nres_lucas(_MIPT_ big,big,big,big); +extern BOOL nres_double_inverse(_MIPT_ big,big,big,big); +extern BOOL nres_multi_inverse(_MIPT_ int,big *,big *); + +extern void shs_init(sha *); +extern void shs_process(sha *,int); +extern void shs_hash(sha *,char *); + +extern void shs256_init(sha256 *); +extern void shs256_process(sha256 *,int); +extern void shs256_hash(sha256 *,char *); + +#ifdef mr_unsign64 + +extern void shs512_init(sha512 *); +extern void shs512_process(sha512 *,int); +extern void shs512_hash(sha512 *,char *); + +extern void shs384_init(sha384 *); +extern void shs384_process(sha384 *,int); +extern void shs384_hash(sha384 *,char *); + +#endif + +extern BOOL aes_init(aes *,int,int,char *,char *); +extern void aes_getreg(aes *,char *); +extern mr_unsign32 aes_encrypt(aes *,char *); +extern mr_unsign32 aes_decrypt(aes *,char *); +extern void aes_reset(aes *,int,char *); +extern void aes_end(aes *); + +extern void strong_init(csprng *,int,char *,mr_unsign32); +extern int strong_rng(csprng *); +extern void strong_bigrand(_MIPT_ csprng *,big,big); +extern void strong_bigdig(_MIPT_ csprng *,int,int,big); +extern void strong_kill(csprng *); + +/* special modular multipliers */ + +extern void comba_mult(_MIPT_ big,big,big); +extern void comba_square(_MIPT_ big,big); +extern void comba_redc(_MIPT_ big,big); +extern void comba_add(_MIPT_ big,big,big); +extern void comba_sub(_MIPT_ big,big,big); + +extern void fastmodmult(_MIPT_ big,big,big); +extern void fastmodsquare(_MIPT_ big,big); + +extern void kcm_mul(_MIPT_ big,big,big); +extern void kcm_sqr(_MIPT_ big,big); +extern void kcm_redc(_MIPT_ big,big); + +extern void kcm_multiply(_MIPT_ int,big,big,big); +extern void kcm_square(_MIPT_ int,big,big); +extern BOOL kcm_top(_MIPT_ int,big,big,big); + +/* elliptic curve stuff */ + +extern BOOL point_at_infinity(epoint *); + +extern void ecurve_init(_MIPT_ big,big,big,int); +extern big ecurve_add(_MIPT_ epoint *,epoint *); +extern big ecurve_sub(_MIPT_ epoint *,epoint *); +extern void ecurve_double_add(_MIPT_ epoint *,epoint *,epoint *,epoint *,big *,big *); +extern void ecurve_multi_add(_MIPT_ int,epoint **,epoint **); +extern void ecurve_mult(_MIPT_ big,epoint *,epoint *); +extern void ecurve_mult2(_MIPT_ big,epoint *,big,epoint *,epoint *); +extern void ecurve_multn(_MIPT_ int,big *,epoint**,epoint *); + +extern epoint* epoint_init(_MIPTO_ ); +extern BOOL epoint_set(_MIPT_ big,big,int,epoint*); +extern int epoint_get(_MIPT_ epoint*,big,big); +extern void epoint_getxyz(_MIPT_ epoint *,big,big,big); +extern int epoint_norm(_MIPT_ epoint *); +extern void epoint_free(epoint *); +extern void epoint_copy(epoint *,epoint *); +extern BOOL epoint_comp(_MIPT_ epoint *,epoint *); +extern void epoint_negate(_MIPT_ epoint *); + +extern BOOL ecurve2_init(_MIPT_ int,int,int,int,big,big,BOOL,int); +extern big ecurve2_add(_MIPT_ epoint *,epoint *); +extern big ecurve2_sub(_MIPT_ epoint *,epoint *); +extern void ecurve2_multi_add(_MIPT_ int,epoint **,epoint **); +extern void ecurve2_mult(_MIPT_ big,epoint *,epoint *); +extern void ecurve2_mult2(_MIPT_ big,epoint *,big,epoint *,epoint *); +extern void ecurve2_multn(_MIPT_ int,big *,epoint**,epoint *); + +extern epoint* epoint2_init(_MIPTO_ ); +extern BOOL epoint2_set(_MIPT_ big,big,int,epoint*); +extern int epoint2_get(_MIPT_ epoint*,big,big); +extern void epoint2_getxyz(_MIPT_ epoint *,big,big,big); +extern int epoint2_norm(_MIPT_ epoint *); +extern void epoint2_free(epoint *); +extern void epoint2_copy(epoint *,epoint *); +extern BOOL epoint2_comp(_MIPT_ epoint *,epoint *); +extern void epoint2_negate(_MIPT_ epoint *); + +/* GF(2) stuff */ + +extern BOOL prepare_basis(_MIPT_ int,int,int,int,BOOL); +extern void add2(big,big,big); +extern void incr2(big,int,big); +extern void reduce2(_MIPT_ big,big); +extern void modmult2(_MIPT_ big,big,big); +extern void power2(_MIPT_ big,int,big); +extern void sqroot2(_MIPT_ big,big); +extern BOOL inverse2(_MIPT_ big,big); +extern void karmul2(int,mr_small *,mr_small *,mr_small *,mr_small *); +extern void karmul2_poly(_MIPT_ int,big *,big *,big *,big *); +extern void karmul2_poly_upper(_MIPT_ int,big *,big *,big *,big *); +extern void gf2m_dotprod(_MIPT_ int,big *,big *,big); +extern int trace2(_MIPT_ big); + +/* Group 3 - Floating-slash routines */ + +#ifdef MR_FLASH +extern void fpack(_MIPT_ big,big,flash); +extern void numer(_MIPT_ flash,big); +extern void denom(_MIPT_ flash,big); +extern BOOL fit(big,big,int); +extern void build(_MIPT_ flash,int (*)(_MIPT_ big,int)); +extern void mround(_MIPT_ big,big,flash); +extern void flop(_MIPT_ flash,flash,int *,flash); +extern void fmul(_MIPT_ flash,flash,flash); +extern void fdiv(_MIPT_ flash,flash,flash); +extern void fadd(_MIPT_ flash,flash,flash); +extern void fsub(_MIPT_ flash,flash,flash); +extern int fcomp(_MIPT_ flash,flash); +extern void fconv(_MIPT_ int,int,flash); +extern void frecip(_MIPT_ flash,flash); +extern void ftrunc(_MIPT_ flash,big,flash); +extern void fmodulo(_MIPT_ flash,flash,flash); +extern void fpmul(_MIPT_ flash,int,int,flash); +extern void fincr(_MIPT_ flash,int,int,flash); +extern void dconv(_MIPT_ double,flash); +extern double fdsize(_MIPT_ flash); +extern void frand(_MIPT_ flash); + +/* Group 4 - Advanced Flash routines */ + +extern void fpower(_MIPT_ flash,int,flash); +extern BOOL froot(_MIPT_ flash,int,flash); +extern void fpi(_MIPT_ flash); +extern void fexp(_MIPT_ flash,flash); +extern void flog(_MIPT_ flash,flash); +extern void fpowf(_MIPT_ flash,flash,flash); +extern void ftan(_MIPT_ flash,flash); +extern void fatan(_MIPT_ flash,flash); +extern void fsin(_MIPT_ flash,flash); +extern void fasin(_MIPT_ flash,flash); +extern void fcos(_MIPT_ flash,flash); +extern void facos(_MIPT_ flash,flash); +extern void ftanh(_MIPT_ flash,flash); +extern void fatanh(_MIPT_ flash,flash); +extern void fsinh(_MIPT_ flash,flash); +extern void fasinh(_MIPT_ flash,flash); +extern void fcosh(_MIPT_ flash,flash); +extern void facosh(_MIPT_ flash,flash); +#endif + + +/* Test predefined Macros to determine compiler type, and hopefully + selectively use fast in-line assembler (or other compiler specific + optimisations. Note I am unsure of Microsoft version numbers. So I + suspect are Microsoft. + + Note: It seems to be impossible to get the 16-bit Microsoft compiler + to allow inline 32-bit op-codes. So I suspect that INLINE_ASM == 2 will + never work with it. Pity. + +#define INLINE_ASM 1 -> generates 8086 inline assembly +#define INLINE_ASM 2 -> generates mixed 8086 & 80386 inline assembly, + so you can get some benefit while running in a + 16-bit environment on 32-bit hardware (DOS, Windows + 3.1...) +#define INLINE_ASM 3 -> generate true 80386 inline assembly - (Using DOS + extender, Windows '95/Windows NT) + Actually optimised for Pentium + +#define INLINE_ASM 4 -> 80386 code in the GNU style (for (DJGPP) + +Small, medium, compact and large memory models are supported for the +first two of the above. + +*/ + +#ifndef MR_NOASM + +/* Itanium - inline the time-critical functions */ + + #ifdef MR_ITANIUM + #define muldvd(a,b,c,rp) (tm=_m64_xmahu((a),(b),(c)),*(rp)=_m64_xmalu((a),(b),(c)),tm) + #define muldvd2(a,b,c,rp) (tm=_m64_xmalu((a),(b),(*(c))),*(c)=_m64_xmahu((a),(b),(*(c))),tm+=*(rp),*(c)+=(tm<*(rp)),*(rp)=tm) + #endif + + +/* Borland C/Turbo C */ + + #ifdef __TURBOC__ + #ifndef __HUGE__ + #define ASM asm + #if defined(__COMPACT__) || defined(__LARGE__) + #define MR_LMM + #endif + + #if MIRACL==16 + #define INLINE_ASM 1 + #endif + + #if __TURBOC__>=0x410 + #if MIRACL==32 +#if defined(__SMALL__) || defined(__MEDIUM__) || defined(__LARGE__) || defined(__COMPACT__) + #define INLINE_ASM 2 + #else + #define INLINE_ASM 3 + #endif + #endif + #endif + #endif + #endif + +/* Microsoft C */ + + #ifdef _MSC_VER + #ifndef M_I86HM + #define ASM _asm + #if defined(M_I86CM) || defined(M_I86LM) + #define MR_LMM + #endif + #if _MSC_VER>=600 + #if MIRACL==16 + #define INLINE_ASM 1 + #endif + #endif + #if _MSC_VER>=1000 + #if MIRACL==32 + #define INLINE_ASM 3 + #endif + #endif + #endif + #endif + +/* DJGPP GNU C */ + + #ifdef __GNUC__ + #ifdef i386 + #define ASM __asm__ __volatile__ + #if MIRACL==32 + #define INLINE_ASM 4 + #endif + #endif + #endif + +#endif + +/* + The following contribution is from Tielo Jongmans, Netherlands + These inline assembler routines are suitable for Watcom 10.0 and up + + Added into miracl.h. Notice the override of the original declarations + of these routines, which should be removed. + + The following pragma is optional, it is dangerous, but it saves a + calling sequence +*/ + +/* + +#pragma off (check_stack); + +extern unsigned int muldiv(unsigned int, unsigned int, unsigned int, unsigned int, unsigned int *); +#pragma aux muldiv= \ + "mul edx" \ + "add eax,ebx" \ + "adc edx,0" \ + "div ecx" \ + "mov [esi],edx" \ + parm [eax] [edx] [ebx] [ecx] [esi] \ + value [eax] \ + modify [eax edx]; + +extern unsigned int muldvm(unsigned int, unsigned int, unsigned int, unsigned int *); +#pragma aux muldvm= \ + "div ebx" \ + "mov [ecx],edx" \ + parm [edx] [eax] [ebx] [ecx] \ + value [eax] \ + modify [eax edx]; + +extern unsigned int muldvd(unsigned int, unsigned int, unsigned int, unsigned int *); +#pragma aux muldvd= \ + "mul edx" \ + "add eax,ebx" \ + "adc edx,0" \ + "mov [ecx],eax" \ + "mov eax,edx" \ + parm [eax] [edx] [ebx] [ecx] \ + value [eax] \ + modify [eax edx]; + +*/ + + +#endif + + Index: sha_core/tags/arelease/src/mrshs.c =================================================================== --- sha_core/tags/arelease/src/mrshs.c (nonexistent) +++ sha_core/tags/arelease/src/mrshs.c (revision 4) @@ -0,0 +1,157 @@ +/* + * Implementation of the Secure Hashing Standard (SHS) + * specified for use with the NIST Digital Signature Standard (DSS) + * + * Generates a 160 bit message digest. It should be impossible to come + * come up with two messages that hash to the same value ("collision free"). + * + * For use with byte-oriented messages only. Could/Should be speeded + * up by unwinding loops in shs_transform(), and assembly patches. + */ + +#include +#include "miracl.h" + /* for definition of mr_unsign32 & prototypes */ +#define FIX + +/* Include this #define in order to implement the + rather mysterious 'fix' to SHS + + With this definition in, SHA-1 is implemented + Without this definition, SHA-0 is implemented +*/ + + +#define H0 0x67452301L +#define H1 0xefcdab89L +#define H2 0x98badcfeL +#define H3 0x10325476L +#define H4 0xc3d2e1f0L + +#define K0 0x5a827999L +#define K1 0x6ed9eba1L +#define K2 0x8f1bbcdcL +#define K3 0xca62c1d6L + +#define PAD 0x80 +#define ZERO 0 + +/* functions */ + +#define S(n,x) (((x)<>(32-n))) + +#define F0(x,y,z) (z^(x&(y^z))) +#define F1(x,y,z) (x^y^z) +#define F2(x,y,z) ((x&y) | (z&(x|y))) +#define F3(x,y,z) (x^y^z) + +static void shs_transform(sha *sh) +{ /* basic transformation step */ + mr_unsign32 a,b,c,d,e,temp; + int t; +#ifdef FIX + for (t=16;t<80;t++) sh->w[t]=S(1,sh->w[t-3]^sh->w[t-8]^sh->w[t-14]^sh->w[t-16]); +#else + for (t=16;t<80;t++) sh->w[t]=sh->w[t-3]^sh->w[t-8]^sh->w[t-14]^sh->w[t-16]; +#endif + a=sh->h[0]; b=sh->h[1]; c=sh->h[2]; d=sh->h[3]; e=sh->h[4]; + for (t=0;t<20;t++) + { /* 20 times - mush it up */ + temp=K0+F0(b,c,d)+S(5,a)+e+sh->w[t]; + e=d; d=c; + c=S(30,b); + b=a; a=temp; + } + for (t=20;t<40;t++) + { /* 20 more times - mush it up */ + temp=K1+F1(b,c,d)+S(5,a)+e+sh->w[t]; + e=d; d=c; + c=S(30,b); + b=a; a=temp; + } + for (t=40;t<60;t++) + { /* 20 more times - mush it up */ + temp=K2+F2(b,c,d)+S(5,a)+e+sh->w[t]; + e=d; d=c; + c=S(30,b); + b=a; a=temp; + } + for (t=60;t<80;t++) + { /* 20 more times - mush it up */ + temp=K3+F3(b,c,d)+S(5,a)+e+sh->w[t]; + e=d; d=c; + c=S(30,b); + b=a; a=temp; + } + sh->h[0]+=a; sh->h[1]+=b; sh->h[2]+=c; + sh->h[3]+=d; sh->h[4]+=e; +} + +void shs_init(sha *sh) +{ /* re-initialise */ + int i; + for (i=0;i<80;i++) sh->w[i]=0L; + sh->length[0]=sh->length[1]=0L; + sh->h[0]=H0; + sh->h[1]=H1; + sh->h[2]=H2; + sh->h[3]=H3; + sh->h[4]=H4; +} + +void shs_process(sha *sh,int byte) +{ /* process the next message byte */ + int cnt; + + cnt=(int)((sh->length[0]/32)%16); + + sh->w[cnt]<<=8; + sh->w[cnt]|=(mr_unsign32)(byte&0xFF); + + sh->length[0]+=8; + if (sh->length[0]==0L) { sh->length[1]++; sh->length[0]=0L; } + if ((sh->length[0]%512)==0) shs_transform(sh); +} + +void shs_hash(sha *sh,char hash[20]) +{ /* pad message and finish - supply digest */ + int i; + mr_unsign32 len0,len1; + len0=sh->length[0]; + len1=sh->length[1]; + shs_process(sh,PAD); + while ((sh->length[0]%512)!=448) shs_process(sh,ZERO); + sh->w[14]=len1; + sh->w[15]=len0; + shs_transform(sh); + for (i=0;i<20;i++) + { /* convert to bytes */ + hash[i]=((sh->h[i/4]>>(8*(3-i%4))) & 0xffL); + } + shs_init(sh); +} + +/* test program: should produce digest + + 84983e44 1c3bd26e baae4aa1 f95129e5 e54670f1 + +#include +#include "miracl.h" + +char test[]="abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; + +int main() +{ + char hash[20]; + int i; + sha sh; + shs_init(&sh); + for (i=0;test[i]!=0;i++) shs_process(&sh,test[i]); + shs_hash(&sh,hash); + for (i=0;i<20;i++) printf("%02x",(unsigned char)hash[i]); + printf("\n"); + return 0; +} + +*/ + Index: sha_core/tags/arelease/sim/sha512.do =================================================================== --- sha_core/tags/arelease/sim/sha512.do (nonexistent) +++ sha_core/tags/arelease/sim/sha512.do (revision 4) @@ -0,0 +1,62 @@ +#--------------------------------------------------------------------- +# Project name : SHA-512/384 +# Project description : Secure Hash Algorithm (SHA-512/384) +# +# File name : sha512.do +# +# Design Engineer : marsgod +# Quality Engineer : marsgod +# Version : 1.0 +# Last modification : 2004-05-10 +#--------------------------------------------------------------------- + +transcript off +# ------------------------------------------------------------------- # +# Directories location +# ------------------------------------------------------------------- # + +set source_dir rtl +set tb_dir bench +set work_dir sim/modelsim_lib + +# ------------------------------------------------------------------- # +# Maping destination directory for core of model +# ------------------------------------------------------------------- # + +vlib $work_dir +vmap SHA_LIB $work_dir +transcript on + + +# ------------------------------------------------------------------- # +# Compiling components of core +# ------------------------------------------------------------------- # + +transcript off +vlog -work SHA_LIB +incdir+$source_dir $source_dir/sha512.v + + +# ------------------------------------------------------------------- # +# Compiling Test Bench +# ------------------------------------------------------------------- # + +vlog -work SHA_LIB $tb_dir/test_sha512.v + +transcript on + + +# ------------------------------------------------------------------- # +# Loading the Test Bench +# ------------------------------------------------------------------- # + +transcript off +vsim +nowarnTFMPC +nowarnTSCALE -t ns -lib SHA_LIB test_sha + +transcript on + + +transcript on + +do wave.do + +run 1ms Index: sha_core/tags/arelease/sim/sha256.do =================================================================== --- sha_core/tags/arelease/sim/sha256.do (nonexistent) +++ sha_core/tags/arelease/sim/sha256.do (revision 4) @@ -0,0 +1,62 @@ +#--------------------------------------------------------------------- +# Project name : SHA-256 +# Project description : Secure Hash Algorithm (SHA-256) +# +# File name : sha256.do +# +# Design Engineer : marsgod +# Quality Engineer : marsgod +# Version : 1.0 +# Last modification : 2004-05-10 +#--------------------------------------------------------------------- + +transcript off +# ------------------------------------------------------------------- # +# Directories location +# ------------------------------------------------------------------- # + +set source_dir rtl +set tb_dir bench +set work_dir sim/modelsim_lib + +# ------------------------------------------------------------------- # +# Maping destination directory for core of model +# ------------------------------------------------------------------- # + +vlib $work_dir +vmap SHA_LIB $work_dir +transcript on + + +# ------------------------------------------------------------------- # +# Compiling components of core +# ------------------------------------------------------------------- # + +transcript off +vlog -work SHA_LIB +incdir+$source_dir $source_dir/sha256.v + + +# ------------------------------------------------------------------- # +# Compiling Test Bench +# ------------------------------------------------------------------- # + +vlog -work SHA_LIB $tb_dir/test_sha256.v + +transcript on + + +# ------------------------------------------------------------------- # +# Loading the Test Bench +# ------------------------------------------------------------------- # + +transcript off +vsim +nowarnTFMPC +nowarnTSCALE -t ns -lib SHA_LIB test_sha + +transcript on + + +transcript on + +do wave.do + +run 1ms Index: sha_core/tags/arelease/sim/sha1.do =================================================================== --- sha_core/tags/arelease/sim/sha1.do (nonexistent) +++ sha_core/tags/arelease/sim/sha1.do (revision 4) @@ -0,0 +1,62 @@ +#--------------------------------------------------------------------- +# Project name : SHA-160 +# Project description : Secure Hash Algorithm (SHA-160) +# +# File name : sha1.do +# +# Design Engineer : marsgod +# Quality Engineer : marsgod +# Version : 1.0 +# Last modification : 2004-05-10 +#--------------------------------------------------------------------- + +transcript off +# ------------------------------------------------------------------- # +# Directories location +# ------------------------------------------------------------------- # + +set source_dir rtl +set tb_dir bench +set work_dir sim/modelsim_lib + +# ------------------------------------------------------------------- # +# Maping destination directory for core of model +# ------------------------------------------------------------------- # + +vlib $work_dir +vmap SHA_LIB $work_dir +transcript on + + +# ------------------------------------------------------------------- # +# Compiling components of core +# ------------------------------------------------------------------- # + +transcript off +vlog -work SHA_LIB +incdir+$source_dir $source_dir/sha1.v + + +# ------------------------------------------------------------------- # +# Compiling Test Bench +# ------------------------------------------------------------------- # + +vlog -work SHA_LIB $tb_dir/test_sha1.v + +transcript on + + +# ------------------------------------------------------------------- # +# Loading the Test Bench +# ------------------------------------------------------------------- # + +transcript off +vsim +nowarnTFMPC +nowarnTSCALE -t ns -lib SHA_LIB test_sha + +transcript on + + +transcript on + +do wave.do + +run 1ms Index: sha_core/tags =================================================================== --- sha_core/tags (nonexistent) +++ sha_core/tags (revision 4)
sha_core/tags Property changes : Added: svn:mergeinfo ## -0,0 +0,0 ##

powered by: WebSVN 2.1.0

© copyright 1999-2024 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.