1 |
2 |
jdoin |
-----------------------------------------------------------------------------------------------------------------------
|
2 |
6 |
jdoin |
-- Author: Jonny Doin, jdoin@opencores.org, jonnydoin@gmail.com, jonnydoin@gridvortex.com
|
3 |
2 |
jdoin |
--
|
4 |
6 |
jdoin |
-- Create Date: 09:56:30 05/04/2016
|
5 |
2 |
jdoin |
-- Module Name: sha256_padding - RTL
|
6 |
|
|
-- Project Name: sha256 processor
|
7 |
|
|
-- Target Devices: Spartan-6
|
8 |
|
|
-- Tool versions: ISE 14.7
|
9 |
|
|
-- Description:
|
10 |
|
|
--
|
11 |
|
|
-- This is the byte padding datapath logic for the sha256 processor.
|
12 |
|
|
-- The padding of the last block is controlled by the byte lane selectors and the last words selectors.
|
13 |
|
|
-- These control signals are generated at the Control Logic block of the SHA256 processor.
|
14 |
|
|
-- A consistency check error signal is generated, to flag illegal control conditions.
|
15 |
|
|
-- This block is a fully combinational circuit, with 2 layers of logic.
|
16 |
|
|
--
|
17 |
|
|
------------------------------ COPYRIGHT NOTICE -----------------------------------------------------------------------
|
18 |
6 |
jdoin |
--
|
19 |
|
|
-- This file is part of the SHA256 HASH CORE project http://opencores.org/project,sha256_hash_core
|
20 |
|
|
--
|
21 |
|
|
-- Author(s): Jonny Doin, jdoin@opencores.org, jonnydoin@gridvortex.com, jonnydoin@gmail.com
|
22 |
|
|
--
|
23 |
|
|
-- Copyright (C) 2016 Jonny Doin
|
24 |
|
|
-- -----------------------------
|
25 |
|
|
--
|
26 |
|
|
-- This source file may be used and distributed without restriction provided that this copyright statement is not
|
27 |
|
|
-- removed from the file and that any derivative work contains the original copyright notice and the associated
|
28 |
|
|
-- disclaimer.
|
29 |
|
|
--
|
30 |
|
|
-- This source file is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser
|
31 |
|
|
-- General Public License as published by the Free Software Foundation; either version 2.1 of the License, or
|
32 |
|
|
-- (at your option) any later version.
|
33 |
|
|
--
|
34 |
|
|
-- This source is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
|
35 |
|
|
-- warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
|
36 |
|
|
-- details.
|
37 |
|
|
--
|
38 |
|
|
-- You should have received a copy of the GNU Lesser General Public License along with this source; if not, download
|
39 |
|
|
-- it from http://www.gnu.org/licenses/lgpl.txt
|
40 |
|
|
--
|
41 |
2 |
jdoin |
------------------------------ REVISION HISTORY -----------------------------------------------------------------------
|
42 |
|
|
--
|
43 |
|
|
-- 2016/05/22 v0.01.0010 [JD] started development. design of blocks and port interfaces.
|
44 |
|
|
-- 2016/06/05 v0.01.0090 [JD] all modules integrated. testbench for basic test vectors verification.
|
45 |
|
|
-- 2016/06/05 v0.01.0095 [JD] verification failed. misalignment of words in the datapath.
|
46 |
|
|
-- 2016/06/06 v0.01.0100 [JD] first simulation verification against NIST-FIPS-180-4 test vectors passed.
|
47 |
|
|
--
|
48 |
|
|
-----------------------------------------------------------------------------------------------------------------------
|
49 |
|
|
-- TODO
|
50 |
|
|
-- ====
|
51 |
|
|
--
|
52 |
|
|
-----------------------------------------------------------------------------------------------------------------------
|
53 |
|
|
library ieee;
|
54 |
|
|
use ieee.std_logic_1164.all;
|
55 |
|
|
use ieee.numeric_std.all;
|
56 |
|
|
|
57 |
|
|
|
58 |
|
|
entity sha256_padding is
|
59 |
|
|
port (
|
60 |
8 |
jdoin |
words_sel_i : in std_logic_vector (1 downto 0) := (others => 'U'); -- selector for bitcnt insertion at the last block
|
61 |
2 |
jdoin |
one_insert_i : in std_logic; -- insert a leading one in the padding
|
62 |
8 |
jdoin |
bytes_ena_i : in std_logic_vector (3 downto 0) := (others => 'U'); -- byte lane selector lines
|
63 |
|
|
bitlen_i : in std_logic_vector (63 downto 0) := (others => 'U'); -- 64bit message bit length
|
64 |
|
|
di_i : in std_logic_vector (31 downto 0) := (others => 'U'); -- big endian input message words
|
65 |
2 |
jdoin |
do_o : out std_logic_vector (31 downto 0); -- padded output words
|
66 |
|
|
error_o : out std_logic -- '1' if error in the byte_ena selectors
|
67 |
|
|
);
|
68 |
|
|
end sha256_padding;
|
69 |
|
|
|
70 |
|
|
architecture rtl of sha256_padding is
|
71 |
|
|
-- byte lane wires
|
72 |
|
|
signal BL0 : std_logic_vector (7 downto 0); -- byte lane 0 (MSB)
|
73 |
|
|
signal BL1 : std_logic_vector (7 downto 0); -- byte lane 1 (1SB)
|
74 |
|
|
signal BL2 : std_logic_vector (7 downto 0); -- byte lane 2 (2SB)
|
75 |
|
|
signal BL3 : std_logic_vector (7 downto 0); -- byte lane 3 (LSB)
|
76 |
|
|
-- selectors
|
77 |
|
|
signal one_insert : std_logic; -- leading one padding
|
78 |
|
|
signal B_ena : std_logic_vector (3 downto 0); -- byte lane selectors
|
79 |
|
|
signal W_sel : std_logic_vector (1 downto 0); -- last words selector
|
80 |
|
|
-- padded words
|
81 |
|
|
signal W_pad : std_logic_vector (31 downto 0); -- padding mux output
|
82 |
|
|
signal W_out : std_logic_vector (31 downto 0); -- output word
|
83 |
|
|
-- ones insertion muxes
|
84 |
|
|
signal BL0_top_bit : std_logic;
|
85 |
|
|
signal BL1_top_bit : std_logic;
|
86 |
|
|
signal BL2_top_bit : std_logic;
|
87 |
|
|
signal BL3_top_bit : std_logic;
|
88 |
|
|
-- bit length words
|
89 |
|
|
signal bitlen_hi : std_logic_vector (31 downto 0);
|
90 |
|
|
signal bitlen_lo : std_logic_vector (31 downto 0);
|
91 |
|
|
-- error indication
|
92 |
|
|
signal bsel_error : std_logic;
|
93 |
|
|
signal wsel_error : std_logic;
|
94 |
|
|
signal err : std_logic;
|
95 |
|
|
begin
|
96 |
|
|
--=============================================================================================
|
97 |
|
|
-- INPUT LOGIC
|
98 |
|
|
--=============================================================================================
|
99 |
|
|
-- copy the input ports into the internal wires
|
100 |
|
|
|
101 |
|
|
-- byte lanes are internally spliced from the 32bit input word
|
102 |
|
|
BL0 <= di_i(31 downto 24);
|
103 |
|
|
BL1 <= di_i(23 downto 16);
|
104 |
|
|
BL2 <= di_i(15 downto 8);
|
105 |
|
|
BL3 <= di_i(7 downto 0);
|
106 |
|
|
|
107 |
|
|
-- bitlen words spliced from the 64bit bitlen input word
|
108 |
|
|
bitlen_hi <= bitlen_i(63 downto 32);
|
109 |
|
|
bitlen_lo <= bitlen_i(31 downto 0);
|
110 |
|
|
|
111 |
|
|
-- byte lane selectors
|
112 |
|
|
one_insert <= one_insert_i;
|
113 |
|
|
B_ena <= bytes_ena_i;
|
114 |
|
|
W_sel <= words_sel_i;
|
115 |
|
|
|
116 |
|
|
--=============================================================================================
|
117 |
|
|
-- PADDING LOGIC
|
118 |
|
|
--=============================================================================================
|
119 |
|
|
-- The last block padding logic is implemented as a stream insertion into the input words datapath.
|
120 |
|
|
|
121 |
|
|
-- top bit for the padding bytes. one_insert controls whether a leading one will be inserted on the leading pad byte.
|
122 |
|
|
BL0_top_bit <= one_insert and (not B_ena(0));
|
123 |
|
|
BL1_top_bit <= one_insert and (B_ena(0) and not B_ena(1));
|
124 |
|
|
BL2_top_bit <= one_insert and (B_ena(1) and not B_ena(2));
|
125 |
|
|
BL3_top_bit <= one_insert and (B_ena(2) and not B_ena(3));
|
126 |
|
|
|
127 |
|
|
-- byte lane padding muxes
|
128 |
|
|
W_pad(31 downto 24) <= BL0 when B_ena(0) = '1' else (BL0_top_bit & b"0000000");
|
129 |
|
|
W_pad(23 downto 16) <= BL1 when B_ena(1) = '1' else (BL1_top_bit & b"0000000");
|
130 |
|
|
W_pad(15 downto 8) <= BL2 when B_ena(2) = '1' else (BL2_top_bit & b"0000000");
|
131 |
|
|
W_pad(7 downto 0) <= BL3 when B_ena(3) = '1' else (BL3_top_bit & b"0000000");
|
132 |
|
|
|
133 |
|
|
--=============================================================================================
|
134 |
|
|
-- BIT COUNTER INSERTION LOGIC
|
135 |
|
|
--=============================================================================================
|
136 |
|
|
-- At the end of the last block, the 64bit message length is inserted as the last 2 words.
|
137 |
|
|
|
138 |
|
|
W_out <= bitlen_hi when W_sel = b"01" else
|
139 |
|
|
bitlen_lo when W_sel = b"10" else
|
140 |
|
|
W_pad;
|
141 |
|
|
|
142 |
|
|
--=============================================================================================
|
143 |
|
|
-- ERROR INDICATION LOGIC
|
144 |
|
|
--=============================================================================================
|
145 |
|
|
-- Invalid selectors conditions are flagged as errors
|
146 |
|
|
|
147 |
|
|
-- byte lane selectors error: priority encoder
|
148 |
|
|
bsel_error <= '1' when (B_ena(3) = '1') and ((B_ena(2) = '0') or (B_ena(1) = '0') or (B_ena(0) = '0')) else
|
149 |
|
|
'1' when (B_ena(2) = '1') and ((B_ena(1) = '0') or (B_ena(0) = '0')) else
|
150 |
|
|
'1' when (B_ena(1) = '1') and (B_ena(0) = '0') else
|
151 |
|
|
'0';
|
152 |
|
|
|
153 |
|
|
-- word selector error: invalid code B"11"
|
154 |
|
|
wsel_error <= '1' when W_sel = b"11" else '0';
|
155 |
|
|
|
156 |
|
|
err <= bsel_error or wsel_error;
|
157 |
|
|
|
158 |
|
|
--=============================================================================================
|
159 |
|
|
-- OUTPUT LOGIC
|
160 |
|
|
--=============================================================================================
|
161 |
|
|
-- connect output ports
|
162 |
|
|
do_o_proc: do_o <= W_out;
|
163 |
|
|
error_o_proc: error_o <= err;
|
164 |
|
|
end rtl;
|
165 |
|
|
|