URL https://opencores.org/ocsvn/aes_decrypt_fpga/aes_decrypt_fpga/trunk

Subversion Repositories aes_decrypt_fpga

[/] [aes_decrypt_fpga/] [trunk/] [rtl/] [verilog/] [KeyExpand192.sv] - Blame information for rev 4

Go to most recent revision | Details | Compare with Previous | View Log


////////////////////////////////////////////////////////////////// ////
////                                                                                                                            ////
//// AES Decryption Core for FPGA                                                                       ////
////                                                                                                                            ////
//// This file is part of the AES Decryption Core for FPGA project      ////
//// http://www.opencores.org/cores/xxx/                                                        ////
////                                                                                                                            ////
//// Description                                                                                                        ////
//// Implementation of  AES Decryption Core for FPGA according to       ////
//// core specification document.                                                                       ////
////                                                                                                                            ////
//// To Do:                                                                                                             ////
//// -                                                                                                                          ////
////                                                                                                                            ////
//// Author(s):                                                                                                         ////
//// - scheng, schengopencores@opencores.org                                            ////
////                                                                                                                            ////
//////////////////////////////////////////////////////////////////////
////                                                                                                                            ////
//// Copyright (C) 2009 Authors and OPENCORES.ORG                                       ////
////                                                                                                                            ////
//// This source file may be used and distributed without                       ////
//// restriction provided that this copyright statement is not          ////
//// removed from the file and that any derivative work contains        ////
//// the original copyright notice and the associated disclaimer.       ////
////                                                                                                                            ////
//// This source file is free software; you can redistribute it         ////
//// and/or modify it under the terms of the GNU Lesser General         ////
//// Public License as published by the Free Software Foundation;       ////
//// either version 2.1 of the License, or (at your option) any         ////
//// later version.                                                                                             ////
////                                                                                                                            ////
//// This source is distributed in the hope that it will be             ////
//// useful, but WITHOUT ANY WARRANTY; without even the implied         ////
//// warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR            ////
//// PURPOSE. See the GNU Lesser General Public License for more        ////
//// details.                                                                                                           ////
////                                                                                                                            ////
//// You should have received a copy of the GNU Lesser General          ////
//// Public License along with this source; if not, download it         ////
//// from http://www.opencores.org/lgpl.shtml                                           ////
////                                                                                                                            //// ///
///////////////////////////////////////////////////////////////////
////                                                                                                                            ////
//// 192-bit key expander                                                                                       ////
////                                                                                                                            ////
//// The key expansion algorithm is described in section 5.2 of the     ////
//// FIPS-197 spec. This file implements the case for 192-bit key       ////
//// only.                                                                                                                      ////
////                                                                                                                            ////
////////////////////////////////////////////////////////////////////////
 
module KeyExpand192(
        // 192-bit key expander
 
        input   [0:191] kt,
        input   kt_vld,         // Active high input informing key expander that a valid new key is present at kt.
        output  kt_rdy,         // Active high output indicates key expander ready to accept new key
 
        output  [0:127] rkey,   // Note : rkey is always 128 bit regardless the crypto key length
        output  rkey_vld,       // Active high output indicates valid roundkey available at rkey[0:127]
        output  rkey_last,      // High for 1 clock cycle, indicates last roundkey available at rkey[0:127].
 
        input   clk,
        input   rst
        );
 
        // Registers holding the calculated roundkeys
        logic   [0:31]  w0;
        logic   [0:31]  w1;
        logic   [0:31]  w2;
        logic   [0:31]  w3;
        logic   [0:31]  w4;
        logic   [0:31]  w5;
        logic   [0:31]  w6;
        logic   [0:31]  w7;
 
        logic   [0:127] mux_rkey;
 
        logic   [0:3]   keyexp_state;   // Key expansion state machine
        logic   [0:7]   Rcon;                   // Round constant. See FIPS-197 section 5.3.
 
        wire    [0:31]  subword_out;
        wire    [0:31]  rotword_out;
        wire    [0:31]  rotword_in;
 
        wire    keyexp_state_0;         // '1' indicates key expansion state machine at state 0 (initial state)
        wire    keyexp_state_12;        // '1' indicates key expansion state machine at state 12 (last state)
 
        // Do not remove the "keep" and "max_fanout" attribute. They are there to force the synthesizer
        // to infer independent logic for next_w*, instead of deriving next_w1 from next_w0, ...and
        // so on. See the definitions of next_w* below. This is to avoid getting a chain of LUTs, which reduces Fmax.
        (* keep = "true", max_fanout = 1 *) wire        [0:31]  next_w2;
        (* keep = "true", max_fanout = 1 *) wire        [0:31]  next_w3;
        (* keep = "true", max_fanout = 1 *) wire        [0:31]  next_w4;
        (* keep = "true", max_fanout = 1 *) wire        [0:31]  next_w5;
        (* keep = "true", max_fanout = 1 *) wire        [0:31]  next_w6;
        (* keep = "true", max_fanout = 1 *) wire        [0:31]  next_w7;
 
 
        assign rotword_in = (keyexp_state_0)? kt[160:191] : w7;
        RotWord RotWord_u(.din(rotword_in), .dout(rotword_out));
        SubWord SubWord_u(.din(rotword_out), .dout(subword_out));
 
        assign next_w2 = (keyexp_state_0)? (subword_out ^ {Rcon,24'h000000} ^ kt[0+:32]) : (subword_out ^ {Rcon,24'h000000} ^ w2);
        assign next_w3 = (keyexp_state_0)? (subword_out ^ {Rcon,24'h000000} ^ kt[0+:32] ^ kt[32+:32]) : (subword_out ^ {Rcon,24'h000000} ^ w2 ^ w3);
        assign next_w4 = (keyexp_state_0)? (subword_out ^ {Rcon,24'h000000} ^ kt[0+:32] ^ kt[32+:32] ^ kt[64+:32]) : (subword_out ^ {Rcon,24'h000000} ^ w2 ^ w3 ^ w4);
        assign next_w5 = (keyexp_state_0)? (subword_out ^ {Rcon,24'h000000} ^ kt[0+:32] ^ kt[32+:32] ^ kt[64+:32] ^ kt[96+:32]) : (subword_out ^ {Rcon,24'h000000} ^ w2 ^ w3 ^ w4 ^ w5);
        assign next_w6 = (keyexp_state_0)? (subword_out ^ {Rcon,24'h000000} ^ kt[0+:32] ^ kt[32+:32] ^ kt[64+:32] ^ kt[96+:32] ^ kt[128+:32]) : (subword_out ^ {Rcon,24'h000000} ^ w2 ^ w3 ^ w4 ^ w5 ^ w6);
        assign next_w7 = (keyexp_state_0)? (subword_out ^ {Rcon,24'h000000} ^ kt[0+:32] ^ kt[32+:32] ^ kt[64+:32] ^ kt[96+:32] ^ kt[128+:32] ^ kt[160+:32]) : (subword_out ^ {Rcon,24'h000000} ^ w2 ^ w3 ^ w4 ^ w5 ^ w6 ^ w7);
 
        assign rkey = mux_rkey;
        assign kt_rdy = keyexp_state_0; // Only accept new key in initial state.
        assign rkey_vld = ~keyexp_state_0 | kt_vld;
        assign rkey_last = keyexp_state_12;
        assign keyexp_state_0 = (keyexp_state == 0);
        assign keyexp_state_12 = (keyexp_state == 12);
 
        // Key Expansion state machine
        always_ff @(posedge clk)
        begin
                if (rst)
                begin
                        keyexp_state <= 0;      // Reset to initial state
                        Rcon <= 8'h01;
                end
                else
                        unique case (keyexp_state)
 
                                        if (kt_vld)
                                        begin
                                                keyexp_state <= keyexp_state + 1;
                                                {w0,w1} <= kt[128:191];
                                                {w2,w3,w4,w5,w6,w7} <= {next_w2,next_w3,next_w4,next_w5,next_w6,next_w7};
                                                Rcon <= (Rcon[0])? (Rcon << 1) ^ 8'h1b : (Rcon << 1);   // Advance to next Rcon value. Rcon[0] is msb.
                                        end
                                2,3,5,6,8,9,11 :
                                        // Proceed to next state and update roundkey register
                                        begin
                                                keyexp_state <= keyexp_state + 1;
                                                {w0,w1} <= {w6,w7};
                                                {w2,w3,w4,w5,w6,w7} <= {next_w2,next_w3,next_w4,next_w5,next_w6,next_w7};
                                                Rcon <= (Rcon[0])? (Rcon << 1) ^ 8'h1b : (Rcon << 1);   // Advance to next Rcon value. Rcon[0] is msb.
                                        end
                                1,4,7,10 :
                                        // Proceed to next state, no update to roundkey register
                                        begin
                                                keyexp_state <= keyexp_state + 1;
                                        end
                                12:     // Wrap back to initial state
                                        begin
                                                keyexp_state <= 0;
                                                Rcon <= 8'h01;
                                        end
                        endcase
        end
 
        // Pick the right slices from the round key registers w0-w7 to form the current
        // round key.
        always_comb
        begin
                unique case (keyexp_state)
 
                        1,4,7,10: mux_rkey <= {w0,w1,w2,w3};
                        2,5,8,11: mux_rkey <= {w4,w5,w6,w7};
                        3,6,9,12: mux_rkey <= {w2,w3,w4,w5};
                endcase
        end
 
endmodule

Line No.	Rev	Author	Line
1	2	schengopen	`////////////////////////////////////////////////////////////////// ////`
2			`//// ////`
3			`//// AES Decryption Core for FPGA ////`
4			`//// ////`
5			`//// This file is part of the AES Decryption Core for FPGA project ////`
6			`//// http://www.opencores.org/cores/xxx/ ////`
7			`//// ////`
8			`//// Description ////`
9			`//// Implementation of AES Decryption Core for FPGA according to ////`
10			`//// core specification document. ////`
11			`//// ////`
12			`//// To Do: ////`
13			`//// - ////`
14			`//// ////`
15			`//// Author(s): ////`
16			`//// - scheng, schengopencores@opencores.org ////`
17			`//// ////`
18			`//////////////////////////////////////////////////////////////////////`
19			`//// ////`
20			`//// Copyright (C) 2009 Authors and OPENCORES.ORG ////`
21			`//// ////`
22			`//// This source file may be used and distributed without ////`
23			`//// restriction provided that this copyright statement is not ////`
24			`//// removed from the file and that any derivative work contains ////`
25			`//// the original copyright notice and the associated disclaimer. ////`
26			`//// ////`
27			`//// This source file is free software; you can redistribute it ////`
28			`//// and/or modify it under the terms of the GNU Lesser General ////`
29			`//// Public License as published by the Free Software Foundation; ////`
30			`//// either version 2.1 of the License, or (at your option) any ////`
31			`//// later version. ////`
32			`//// ////`
33			`//// This source is distributed in the hope that it will be ////`
34			`//// useful, but WITHOUT ANY WARRANTY; without even the implied ////`
35			`//// warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR ////`
36			`//// PURPOSE. See the GNU Lesser General Public License for more ////`
37			`//// details. ////`
38			`//// ////`
39			`//// You should have received a copy of the GNU Lesser General ////`
40			`//// Public License along with this source; if not, download it ////`
41			`//// from http://www.opencores.org/lgpl.shtml ////`
42			`//// //// ///`
43			`///////////////////////////////////////////////////////////////////`
44			`//// ////`
45			`//// 192-bit key expander ////`
46			`//// ////`
47			`//// The key expansion algorithm is described in section 5.2 of the ////`
48			`//// FIPS-197 spec. This file implements the case for 192-bit key ////`
49			`//// only. ////`
50			`//// ////`
51			`////////////////////////////////////////////////////////////////////////`
52
53			`module KeyExpand192(`
54			`// 192-bit key expander`
55
56			`input [0:191] kt,`
57			`input kt_vld, // Active high input informing key expander that a valid new key is present at kt.`
58			`output kt_rdy, // Active high output indicates key expander ready to accept new key`
59
60			`output [0:127] rkey, // Note : rkey is always 128 bit regardless the crypto key length`
61			`output rkey_vld, // Active high output indicates valid roundkey available at rkey[0:127]`
62			`output rkey_last, // High for 1 clock cycle, indicates last roundkey available at rkey[0:127].`
63
64			`input clk,`
65			`input rst`
66			`);`
67
68			`// Registers holding the calculated roundkeys`
69			`logic [0:31] w0;`
70			`logic [0:31] w1;`
71			`logic [0:31] w2;`
72			`logic [0:31] w3;`
73			`logic [0:31] w4;`
74			`logic [0:31] w5;`
75			`logic [0:31] w6;`
76			`logic [0:31] w7;`
77
78			`logic [0:127] mux_rkey;`
79
80			`logic [0:3] keyexp_state; // Key expansion state machine`
81			`logic [0:7] Rcon; // Round constant. See FIPS-197 section 5.3.`
82
83			`wire [0:31] subword_out;`
84			`wire [0:31] rotword_out;`
85			`wire [0:31] rotword_in;`
86
87			`wire keyexp_state_0; // '1' indicates key expansion state machine at state 0 (initial state)`
88			`wire keyexp_state_12; // '1' indicates key expansion state machine at state 12 (last state)`
89
90			`// Do not remove the "keep" and "max_fanout" attribute. They are there to force the synthesizer`
91			`// to infer independent logic for next_w*, instead of deriving next_w1 from next_w0, ...and`
92			`// so on. See the definitions of next_w* below. This is to avoid getting a chain of LUTs, which reduces Fmax.`
93			`(* keep = "true", max_fanout = 1 *) wire [0:31] next_w2;`
94			`(* keep = "true", max_fanout = 1 *) wire [0:31] next_w3;`
95			`(* keep = "true", max_fanout = 1 *) wire [0:31] next_w4;`
96			`(* keep = "true", max_fanout = 1 *) wire [0:31] next_w5;`
97			`(* keep = "true", max_fanout = 1 *) wire [0:31] next_w6;`
98			`(* keep = "true", max_fanout = 1 *) wire [0:31] next_w7;`
99
100
101			`assign rotword_in = (keyexp_state_0)? kt[160:191] : w7;`
102			`RotWord RotWord_u(.din(rotword_in), .dout(rotword_out));`
103			`SubWord SubWord_u(.din(rotword_out), .dout(subword_out));`
104
105			`assign next_w2 = (keyexp_state_0)? (subword_out ^ {Rcon,24'h000000} ^ kt[0+:32]) : (subword_out ^ {Rcon,24'h000000} ^ w2);`
106			`assign next_w3 = (keyexp_state_0)? (subword_out ^ {Rcon,24'h000000} ^ kt[0+:32] ^ kt[32+:32]) : (subword_out ^ {Rcon,24'h000000} ^ w2 ^ w3);`
107			`assign next_w4 = (keyexp_state_0)? (subword_out ^ {Rcon,24'h000000} ^ kt[0+:32] ^ kt[32+:32] ^ kt[64+:32]) : (subword_out ^ {Rcon,24'h000000} ^ w2 ^ w3 ^ w4);`
108			`assign next_w5 = (keyexp_state_0)? (subword_out ^ {Rcon,24'h000000} ^ kt[0+:32] ^ kt[32+:32] ^ kt[64+:32] ^ kt[96+:32]) : (subword_out ^ {Rcon,24'h000000} ^ w2 ^ w3 ^ w4 ^ w5);`
109			`assign next_w6 = (keyexp_state_0)? (subword_out ^ {Rcon,24'h000000} ^ kt[0+:32] ^ kt[32+:32] ^ kt[64+:32] ^ kt[96+:32] ^ kt[128+:32]) : (subword_out ^ {Rcon,24'h000000} ^ w2 ^ w3 ^ w4 ^ w5 ^ w6);`
110			`assign next_w7 = (keyexp_state_0)? (subword_out ^ {Rcon,24'h000000} ^ kt[0+:32] ^ kt[32+:32] ^ kt[64+:32] ^ kt[96+:32] ^ kt[128+:32] ^ kt[160+:32]) : (subword_out ^ {Rcon,24'h000000} ^ w2 ^ w3 ^ w4 ^ w5 ^ w6 ^ w7);`
111
112			`assign rkey = mux_rkey;`
113			`assign kt_rdy = keyexp_state_0; // Only accept new key in initial state.`
114			`assign rkey_vld = ~keyexp_state_0 \| kt_vld;`
115			`assign rkey_last = keyexp_state_12;`
116			`assign keyexp_state_0 = (keyexp_state == 0);`
117			`assign keyexp_state_12 = (keyexp_state == 12);`
118
119			`// Key Expansion state machine`
120			`always_ff @(posedge clk)`
121			`begin`
122			`if (rst)`
123			`begin`
124			`keyexp_state <= 0; // Reset to initial state`
125			`Rcon <= 8'h01;`
126			`end`
127			`else`
128			`unique case (keyexp_state)`
129
130			`if (kt_vld)`
131			`begin`
132			`keyexp_state <= keyexp_state + 1;`
133			`{w0,w1} <= kt[128:191];`
134			`{w2,w3,w4,w5,w6,w7} <= {next_w2,next_w3,next_w4,next_w5,next_w6,next_w7};`
135			`Rcon <= (Rcon[0])? (Rcon << 1) ^ 8'h1b : (Rcon << 1); // Advance to next Rcon value. Rcon[0] is msb.`
136			`end`
137			`2,3,5,6,8,9,11 :`
138			`// Proceed to next state and update roundkey register`
139			`begin`
140			`keyexp_state <= keyexp_state + 1;`
141			`{w0,w1} <= {w6,w7};`
142			`{w2,w3,w4,w5,w6,w7} <= {next_w2,next_w3,next_w4,next_w5,next_w6,next_w7};`
143			`Rcon <= (Rcon[0])? (Rcon << 1) ^ 8'h1b : (Rcon << 1); // Advance to next Rcon value. Rcon[0] is msb.`
144			`end`
145			`1,4,7,10 :`
146			`// Proceed to next state, no update to roundkey register`
147			`begin`
148			`keyexp_state <= keyexp_state + 1;`
149			`end`
150			`12: // Wrap back to initial state`
151			`begin`
152			`keyexp_state <= 0;`
153			`Rcon <= 8'h01;`
154			`end`
155			`endcase`
156			`end`
157
158			`// Pick the right slices from the round key registers w0-w7 to form the current`
159			`// round key.`
160			`always_comb`
161			`begin`
162			`unique case (keyexp_state)`
163
164			`1,4,7,10: mux_rkey <= {w0,w1,w2,w3};`
165			`2,5,8,11: mux_rkey <= {w4,w5,w6,w7};`
166			`3,6,9,12: mux_rkey <= {w2,w3,w4,w5};`
167			`endcase`
168			`end`
169
170			`endmodule`

Browse

Tools

Subversion Repositories aes_decrypt_fpga

[/] [aes_decrypt_fpga/] [trunk/] [rtl/] [verilog/] [KeyExpand192.sv] - Blame information for rev 4