1 |
2 |
hemanth |
--*************************************************************************
|
2 |
|
|
-- Project : AES128 *
|
3 |
|
|
-- *
|
4 |
|
|
-- Block Name : key_expander.vhd *
|
5 |
|
|
-- *
|
6 |
|
|
-- Author : Hemanth Satyanarayana *
|
7 |
|
|
-- *
|
8 |
|
|
-- Email : hemanth@opencores.org *
|
9 |
|
|
-- *
|
10 |
|
|
-- Description: This block implements the key expnasion algorithm *
|
11 |
|
|
-- to generate different keys for each of 10 rounds. *
|
12 |
|
|
-- . *
|
13 |
|
|
-- *
|
14 |
|
|
-- Revision History *
|
15 |
|
|
-- |-----------|-------------|---------|---------------------------------|*
|
16 |
|
|
-- | Name | Date | Version | Revision details |*
|
17 |
|
|
-- |-----------|-------------|---------|---------------------------------|*
|
18 |
|
|
-- | Hemanth | 15-Dec-2004 | 1.1.1.1 | Uploaded |*
|
19 |
|
|
-- |-----------|-------------|---------|---------------------------------|*
|
20 |
|
|
-- *
|
21 |
|
|
-- Refer FIPS-197 document for details *
|
22 |
|
|
--*************************************************************************
|
23 |
|
|
-- *
|
24 |
|
|
-- Copyright (C) 2004 Author *
|
25 |
|
|
-- *
|
26 |
|
|
-- This source file may be used and distributed without *
|
27 |
|
|
-- restriction provided that this copyright statement is not *
|
28 |
|
|
-- removed from the file and that any derivative work contains *
|
29 |
|
|
-- the original copyright notice and the associated disclaimer. *
|
30 |
|
|
-- *
|
31 |
|
|
-- This source file is free software; you can redistribute it *
|
32 |
|
|
-- and/or modify it under the terms of the GNU Lesser General *
|
33 |
|
|
-- Public License as published by the Free Software Foundation; *
|
34 |
|
|
-- either version 2.1 of the License, or (at your option) any *
|
35 |
|
|
-- later version. *
|
36 |
|
|
-- *
|
37 |
|
|
-- This source is distributed in the hope that it will be *
|
38 |
|
|
-- useful, but WITHOUT ANY WARRANTY; without even the implied *
|
39 |
|
|
-- warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR *
|
40 |
|
|
-- PURPOSE. See the GNU Lesser General Public License for more *
|
41 |
|
|
-- details. *
|
42 |
|
|
-- *
|
43 |
|
|
-- You should have received a copy of the GNU Lesser General *
|
44 |
|
|
-- Public License along with this source; if not, download it *
|
45 |
|
|
-- from http://www.opencores.org/lgpl.shtml *
|
46 |
|
|
-- *
|
47 |
|
|
--*************************************************************************
|
48 |
|
|
|
49 |
|
|
library ieee;
|
50 |
|
|
use ieee.std_logic_1164.all;
|
51 |
|
|
use ieee.std_logic_unsigned.all;
|
52 |
|
|
use work.aes_package.all;
|
53 |
|
|
|
54 |
|
|
|
55 |
|
|
entity key_expander is
|
56 |
|
|
port(
|
57 |
|
|
clk : in std_logic;
|
58 |
|
|
reset : in std_logic;
|
59 |
|
|
key_in_c0: in state_array_type; -- given input keys
|
60 |
|
|
key_in_c1: in state_array_type; -- given input keys
|
61 |
|
|
key_in_c2: in state_array_type; -- given input keys
|
62 |
|
|
key_in_c3: in state_array_type; -- given input keys
|
63 |
|
|
count : in integer; -- to synchronise with input transformation rounds
|
64 |
|
|
mode : in std_logic; -- high=encrypt, low=decrypt
|
65 |
|
|
keyout_c0: out state_array_type;-- output key value for each round
|
66 |
|
|
keyout_c1: out state_array_type;-- output key value for each round
|
67 |
|
|
keyout_c2: out state_array_type;-- output key value for each round
|
68 |
|
|
keyout_c3: out state_array_type -- output key value for each round
|
69 |
|
|
);
|
70 |
|
|
end key_expander;
|
71 |
|
|
|
72 |
|
|
architecture expansion of key_expander is
|
73 |
|
|
signal X0 : state_array_type;
|
74 |
|
|
signal X1 : state_array_type;
|
75 |
|
|
signal X2 : state_array_type;
|
76 |
|
|
signal X3 : state_array_type;
|
77 |
|
|
signal w_i_nk0 : state_array_type;
|
78 |
|
|
signal w_i_nk1 : state_array_type;
|
79 |
|
|
signal w_i_nk2 : state_array_type;
|
80 |
|
|
signal w_i_nk3 : state_array_type;
|
81 |
|
|
signal temp0 : state_array_type;
|
82 |
|
|
signal k_rot : state_array_type;
|
83 |
|
|
signal key_sub : state_array_type;
|
84 |
|
|
signal key_xor_rcon: state_array_type;
|
85 |
|
|
signal rcon: std_logic_vector(7 downto 0);
|
86 |
|
|
begin
|
87 |
|
|
|
88 |
|
|
-- transformation of keys
|
89 |
|
|
process(mode,rcon,temp0,k_rot,key_sub,key_xor_rcon,X0,X1,X2,X3,w_i_nk0,w_i_nk1,w_i_nk2,w_i_nk3)
|
90 |
|
|
begin
|
91 |
|
|
if(mode = '1') then -- if encrypt
|
92 |
|
|
k_rot <= (temp0(1),temp0(2),temp0(3),temp0(0)); -- ROTATE word
|
93 |
|
|
-- SUB word
|
94 |
|
|
key_sub(0) <= sbox_val(k_rot(0));
|
95 |
|
|
key_sub(1) <= sbox_val(k_rot(1));
|
96 |
|
|
key_sub(2) <= sbox_val(k_rot(2));
|
97 |
|
|
key_sub(3) <= sbox_val(k_rot(3));
|
98 |
|
|
-- XOR with rcon
|
99 |
|
|
key_xor_rcon <= ((key_sub(0) xor rcon),key_sub(1),key_sub(2),key_sub(3));
|
100 |
|
|
|
101 |
|
|
-- XOR with Wi's
|
102 |
|
|
X0 <= ( key_xor_rcon(0) xor w_i_nk0(0) ,key_xor_rcon(1) xor w_i_nk0(1),key_xor_rcon(2) xor w_i_nk0(2),key_xor_rcon(3) xor w_i_nk0(3));
|
103 |
|
|
X1 <= ((X0(0) xor w_i_nk1(0)) , (X0(1) xor w_i_nk1(1)) , (X0(2) xor w_i_nk1(2)) , (X0(3) xor w_i_nk1(3)));
|
104 |
|
|
X2 <= ((X1(0) xor w_i_nk2(0)) , (X1(1) xor w_i_nk2(1)) , (X1(2) xor w_i_nk2(2)) , (X1(3) xor w_i_nk2(3)));
|
105 |
|
|
X3 <= ((X2(0) xor w_i_nk3(0)) , (X2(1) xor w_i_nk3(1)) , (X2(2) xor w_i_nk3(2)) , (X2(3) xor w_i_nk3(3)));
|
106 |
|
|
else -- if decrypt
|
107 |
|
|
X3 <= (w_i_nk3(0) xor w_i_nk2(0) , w_i_nk3(1) xor w_i_nk2(1) , w_i_nk3(2) xor w_i_nk2(2) , w_i_nk3(3) xor w_i_nk2(3));
|
108 |
|
|
X2 <= (w_i_nk2(0) xor w_i_nk1(0) , w_i_nk2(1) xor w_i_nk1(1) , w_i_nk2(2) xor w_i_nk1(2) , w_i_nk2(3) xor w_i_nk1(3));
|
109 |
|
|
X1 <= (w_i_nk1(0) xor w_i_nk0(0) , w_i_nk1(1) xor w_i_nk0(1) , w_i_nk1(2) xor w_i_nk0(2) , w_i_nk1(3) xor w_i_nk0(3));
|
110 |
|
|
X0 <= ( key_xor_rcon(0) xor w_i_nk0(0) ,key_xor_rcon(1) xor w_i_nk0(1),key_xor_rcon(2) xor w_i_nk0(2),key_xor_rcon(3) xor w_i_nk0(3));
|
111 |
|
|
|
112 |
|
|
k_rot <= (X3(1),X3(2),X3(3),X3(0));
|
113 |
|
|
key_sub(0) <= sbox_val(k_rot(0));
|
114 |
|
|
key_sub(1) <= sbox_val(k_rot(1));
|
115 |
|
|
key_sub(2) <= sbox_val(k_rot(2));
|
116 |
|
|
key_sub(3) <= sbox_val(k_rot(3));
|
117 |
|
|
key_xor_rcon <= ((key_sub(0) xor rcon),key_sub(1),key_sub(2),key_sub(3));
|
118 |
|
|
end if;
|
119 |
|
|
end process;
|
120 |
|
|
|
121 |
|
|
-- registering key outputs for each round and generating rcon values for each round
|
122 |
|
|
process(clk,reset)
|
123 |
|
|
begin
|
124 |
|
|
if(reset = '1') then
|
125 |
|
|
temp0 <= (others =>(others => '0'));
|
126 |
|
|
w_i_nk0 <= (others =>(others => '0'));
|
127 |
|
|
w_i_nk1 <= (others =>(others => '0'));
|
128 |
|
|
w_i_nk2 <= (others =>(others => '0'));
|
129 |
|
|
w_i_nk3 <= (others =>(others => '0'));
|
130 |
|
|
rcon <= (others => '0');
|
131 |
|
|
elsif clk'event and clk = '1' then
|
132 |
|
|
if(count = 0) then
|
133 |
|
|
temp0 <= key_in_c3;
|
134 |
|
|
w_i_nk0 <= key_in_c0;
|
135 |
|
|
w_i_nk1 <= key_in_c1;
|
136 |
|
|
w_i_nk2 <= key_in_c2;
|
137 |
|
|
w_i_nk3 <= key_in_c3;
|
138 |
|
|
else
|
139 |
|
|
temp0 <= X3;
|
140 |
|
|
w_i_nk0 <= X0;
|
141 |
|
|
w_i_nk1 <= X1;
|
142 |
|
|
w_i_nk2 <= X2;
|
143 |
|
|
w_i_nk3 <= X3;
|
144 |
|
|
end if;
|
145 |
|
|
if(mode = '1') then
|
146 |
|
|
case count is
|
147 |
|
|
when 0 => rcon <= "00000001";
|
148 |
|
|
when 1 => rcon <= "00000010";
|
149 |
|
|
when 2 => rcon <= "00000100";
|
150 |
|
|
when 3 => rcon <= "00001000";
|
151 |
|
|
when 4 => rcon <= "00010000";
|
152 |
|
|
when 5 => rcon <= "00100000";
|
153 |
|
|
when 6 => rcon <= "01000000";
|
154 |
|
|
when 7 => rcon <= "10000000";
|
155 |
|
|
when 8 => rcon <= "00011011";
|
156 |
|
|
when 9 => rcon <= "00110110";
|
157 |
|
|
when others => rcon <= "00000000";
|
158 |
|
|
end case;
|
159 |
|
|
else------------------------->>>>>>>>>>>>>>
|
160 |
|
|
case count is
|
161 |
|
|
when 0 => rcon <= "00110110";
|
162 |
|
|
when 1 => rcon <= "00011011";
|
163 |
|
|
when 2 => rcon <= "10000000";
|
164 |
|
|
when 3 => rcon <= "01000000";
|
165 |
|
|
when 4 => rcon <= "00100000";
|
166 |
|
|
when 5 => rcon <= "00010000";
|
167 |
|
|
when 6 => rcon <= "00001000";
|
168 |
|
|
when 7 => rcon <= "00000100";
|
169 |
|
|
when 8 => rcon <= "00000010";
|
170 |
|
|
when 9 => rcon <= "00000001";
|
171 |
|
|
when others => rcon <= "00000000";
|
172 |
|
|
end case;
|
173 |
|
|
end if;
|
174 |
|
|
end if;
|
175 |
|
|
end process;
|
176 |
|
|
|
177 |
|
|
keyout_c0 <= X0;
|
178 |
|
|
keyout_c1 <= X1;
|
179 |
|
|
keyout_c2 <= X2;
|
180 |
|
|
keyout_c3 <= X3;
|
181 |
|
|
|
182 |
|
|
end expansion;
|
183 |
|
|
|
184 |
|
|
|
185 |
|
|
|
186 |
|
|
|