URL
https://opencores.org/ocsvn/sha3/sha3/trunk
Subversion Repositories sha3
Compare Revisions
- This comparison shows the changes necessary to convert path
/sha3
- from Rev 3 to Rev 4
- ↔ Reverse comparison
Rev 3 → Rev 4
/trunk/testbench/test_round2in1.v
File deleted
/trunk/testbench/test_padder.v
29,7 → 29,7
reg f_ack; |
|
// Outputs |
wire ack; |
wire buffer_full; |
wire [575:0] out; |
wire out_ready; |
|
44,7 → 44,7
.in_ready(in_ready), |
.is_last(is_last), |
.byte_num(byte_num), |
.ack(ack), |
.buffer_full(buffer_full), |
.out(out), |
.out_ready(out_ready), |
.f_ack(f_ack) |
69,14 → 69,13
// pad an empty string, should not eat next input |
reset = 1; #(`P); reset = 0; |
#(7*`P); // wait some cycles |
if (buffer_full !== 0) error; |
in_ready = 1; |
is_last = 1; |
#(`P); |
in_ready = 1; // next input |
is_last = 1; |
#(`P/2); |
if (ack === 1) error; // should be 0 |
#(`P/2); |
#(`P); |
in_ready = 0; |
is_last = 0; |
|
85,20 → 84,10
check({64'b1, 448'h0, 1'b1, 63'h0}); |
f_ack = 1; #(`P); f_ack = 0; |
for(i=0; i<5; i=i+1) |
if (ack === 1) error; // should be 0 |
|
// pad an empty string |
reset = 1; #(`P); reset = 0; |
#(3*`P); // wait some cycles |
in_ready = 1; |
is_last = 1; |
#(`P); |
in_ready = 0; |
is_last = 0; |
|
while (out_ready !== 1) |
begin |
#(`P); |
check({64'b1, 448'h0, 1'b1, 63'h0}); |
if (buffer_full !== 0) error; // should be 0 |
end |
|
// pad an (576-8) bit string |
reset = 1; #(`P); reset = 0; |
143,18 → 132,16
for (i=0; i<9; i=i+1) |
begin |
in = 64'h1234567890ABCDEF; |
#(`P/2); |
if (ack !== 1) error; |
#(`P/2); |
#(`P); |
end |
if (out_ready !== 1) error; |
check({9{64'h1234567890ABCDEF}}); |
#(`P/2); |
if (ack !== 0) error; // should not eat |
if (buffer_full !== 1) error; // should not eat |
#(`P/2); |
in = 64'h999; // should not eat this |
#(`P/2); |
if (ack !== 0) error; // should not eat |
if (buffer_full !== 1) error; // should not eat |
#(`P/2); |
f_ack = 1; #(`P); f_ack = 0; |
if (out_ready !== 0) error; |
/trunk/testbench/test_keccak.v
28,7 → 28,7
reg [2:0] byte_num; |
|
// Outputs |
wire ack; |
wire buffer_full; |
wire [511:0] out; |
wire out_ready; |
|
43,7 → 43,7
.in_ready(in_ready), |
.is_last(is_last), |
.byte_num(byte_num), |
.ack(ack), |
.buffer_full(buffer_full), |
.out(out), |
.out_ready(out_ready) |
); |
75,7 → 75,7
in_ready = 1; |
is_last = 1; |
#(`P/2); |
if (ack === 1) error; // should be 0 |
if (buffer_full === 1) error; // should be 0 |
#(`P/2); |
in_ready = 0; |
is_last = 0; |
84,7 → 84,10
#(`P); |
check(512'h12f4a85b68b091e8836219e79dfff7eb9594a42f5566515423b2aa4c67c454de83a62989e44b5303022bfe8c1a9976781b747a596cdab0458e20d8750df6ddfb); |
for(i=0; i<5; i=i+1) |
if (ack === 1) error; // should be 0 |
begin |
#(`P); |
if (buffer_full !== 0) error; // should keep 0 |
end |
|
// hash an empty string, should not eat next input |
reset = 1; #(`P); reset = 0; |
97,9 → 100,7
in = 64'hddddd; // should not be eat |
in_ready = 1; // next input |
is_last = 1; |
#(`P/2); |
if (ack === 1) error; // should be 0 |
#(`P/2); |
#(`P); |
in_ready = 0; |
is_last = 0; |
|
107,7 → 108,10
#(`P); |
check(512'h0eab42de4c3ceb9235fc91acffe746b29c29a8c366b7c60e4e67c466f36a4304c00fa9caf9d87976ba469bcbe06713b435f091ef2769fb160cdab33d3670680e); |
for(i=0; i<5; i=i+1) |
if (ack === 1) error; // should be 0 |
begin |
#(`P); |
if (buffer_full !== 0) error; // should keep 0 |
end |
|
// hash an (576-8) bit string |
reset = 1; #(`P); reset = 0; |
156,18 → 160,15
is_last = 0; |
for (i=0; i<9; i=i+1) |
begin |
in = 64'h1234567890ABCDEF; |
#(`P/2); |
while (ack !== 1) #(`P); // wait |
#(`P/2); |
in = 64'h1234567890ABCDEF; #(`P); |
end |
#(`P/2); |
if (ack !== 0) error; // should not eat |
if (buffer_full !== 1) error; // should not eat |
#(`P/2); |
in = 64'h999; // should not eat this |
in_ready = 0; |
#(`P/2); |
if (ack !== 0) error; // should not eat |
if (buffer_full !== 0) error; // should not eat, but buffer should not be full |
#(`P/2); |
#(`P); |
// feed next (576-16) bit |
174,17 → 175,12
in_ready = 1; |
for (i=0; i<8; i=i+1) |
begin |
in = 64'h1234567890ABCDEF; |
#(`P/2); |
while (ack !== 1) #(`P); // wait |
#(`P/2); |
in = 64'h1234567890ABCDEF; #(`P); |
end |
byte_num = 6; |
is_last = 1; |
in = 64'h1234567890ABCDEF; |
#(`P/2); |
while (ack !== 1) #(`P); // wait |
#(`P/2); |
#(`P); |
is_last = 0; |
in_ready = 0; |
while (out_ready !== 1) |
/trunk/rtl/round_1.v
File deleted
/trunk/rtl/f_permutation.v
25,13 → 25,13
output reg out_ready; |
|
reg [10:0] i; /* select round constant */ |
reg [10:0] j; /* update register "out" and "out_ready" */ |
wire [1599:0] round_in, round_out; |
wire [63:0] rc1, rc2; |
wire update; |
wire accept; |
reg calc; /* == 1: calculating rounds */ |
|
assign accept = in_ready & (i == 0); |
assign accept = in_ready & (~ calc); // in_ready & (i == 0) |
|
always @ (posedge clk) |
if (reset) i <= 0; |
38,12 → 38,11
else i <= {i[9:0], accept}; |
|
always @ (posedge clk) |
if (reset) j <= 0; |
else if (in_ready) j <= ~0; |
else j <= (j << 1); |
if (reset) calc <= 0; |
else calc <= (calc & (~ i[10])) | accept; |
|
assign update = calc | accept; |
|
assign update = j[10] | accept; |
|
assign ack = accept; |
|
always @ (posedge clk) |
/trunk/rtl/padder.v
18,31 → 18,29
/* if "in_ready" == 0, then "is_last" should be 0. */ |
/* the user switch to next "in" only if "ack" == 1. */ |
|
module padder(clk, reset, in, in_ready, is_last, byte_num, ack, out, out_ready, f_ack); |
module padder(clk, reset, in, in_ready, is_last, byte_num, buffer_full, out, out_ready, f_ack); |
input clk, reset; |
input [63:0] in; |
input in_ready, is_last; |
input [2:0] byte_num; |
output ack; /* to "user" module */ |
output reg [575:0] out; /* to "f_permutation" module */ |
output out_ready; /* to "f_permutation" module */ |
input f_ack; /* from "f_permutation" module */ |
output buffer_full; /* to "user" module */ |
output reg [575:0] out; /* to "f_permutation" module */ |
output out_ready; /* to "f_permutation" module */ |
input f_ack; /* from "f_permutation" module */ |
|
reg state; /* state == 0: user will send more input data |
* state == 1: user will not send any data */ |
reg done; /* == 1: out_ready should be 0 */ |
reg [8:0] i; /* length of "out" buffer */ |
wire [63:0] v0; /* output of module "padder1" */ |
reg [63:0] v1; /* to be shifted into register "out" */ |
wire buffer_full, |
accept, /* accept user input? */ |
reg state; /* state == 0: user will send more input data |
* state == 1: user will not send any data */ |
reg done; /* == 1: out_ready should be 0 */ |
reg [8:0] i; /* length of "out" buffer */ |
wire [63:0] v0; /* output of module "padder1" */ |
reg [63:0] v1; /* to be shifted into register "out" */ |
wire accept, /* accept user input? */ |
update; |
|
assign buffer_full = i[8]; |
assign out_ready = buffer_full & (~ done); |
assign out_ready = buffer_full; |
assign accept = (~ state) & in_ready & (~ buffer_full); // if state == 1, do not eat input |
assign ack = accept; |
assign update = accept | (state & (~ buffer_full)); |
assign update = (accept | (state & (~ buffer_full))) & (~ done); // don't fill buffer if done |
|
always @ (posedge clk) |
if (reset) |
53,10 → 51,10
always @ (posedge clk) |
if (reset) |
i <= 0; |
else if (f_ack) |
i <= 0; |
else if (update) |
i <= {i[7:0], 1'b1}; |
else if (f_ack | update) |
i <= {i[7:0], 1'b1} & {9{~ f_ack}}; |
/* if (f_ack) i <= 0; */ |
/* if (update) i <= {i[7:0], 1'b1}; // increase length */ |
|
always @ (posedge clk) |
if (reset) |
/trunk/rtl/keccak.v
23,12 → 23,12
`define high_pos(w,b) (`low_pos(w,b) + 7) |
`define high_pos2(w,b) (`low_pos2(w,b) + 7) |
|
module keccak(clk, reset, in, in_ready, is_last, byte_num, ack, out, out_ready); |
module keccak(clk, reset, in, in_ready, is_last, byte_num, buffer_full, out, out_ready); |
input clk, reset; |
input [63:0] in; |
input in_ready, is_last; |
input [2:0] byte_num; |
output ack; /* to "user" module */ |
output buffer_full; /* to "user" module */ |
output [511:0] out; |
output reg out_ready; |
|
75,7 → 75,7
out_ready <= 1; |
|
padder |
padder_ (clk, reset, in, in_ready, is_last, byte_num, ack, padder_out, padder_out_ready, f_ack); |
padder_ (clk, reset, in, in_ready, is_last, byte_num, buffer_full, padder_out, padder_out_ready, f_ack); |
|
f_permutation |
f_permutation_ (clk, reset, padder_out, padder_out_ready, f_ack, f_out, f_out_ready); |
/trunk/rtl/round2in1.v
14,17 → 14,271
* limitations under the License. |
*/ |
|
/* if "set_v"==1, out <= in; |
* otherwise, out <= round(round(out)); |
*/ |
`define low_pos(x,y) `high_pos(x,y) - 63 |
`define high_pos(x,y) 1599 - 64*(5*y+x) |
`define add_1(x) (x == 4 ? 0 : x + 1) |
`define add_2(x) (x == 3 ? 0 : x == 4 ? 1 : x + 2) |
`define sub_1(x) (x == 0 ? 4 : x - 1) |
`define rot_up(in, n) {in[63-n:0], in[63:63-n+1]} |
`define rot_up_1(in) {in[62:0], in[63]} |
|
module round2in1(in, rc1, rc2, out); |
module round2in1(in, round_const_1, round_const_2, out); |
input [1599:0] in; |
input [63:0] rc1, rc2; /* round const */ |
input [63:0] round_const_1, round_const_2; |
output [1599:0] out; |
wire [1599:0] tmp; |
|
round_1 |
round1 (in, rc1, tmp), |
round2 (tmp, rc2, out); |
/* "a ~ g" for round 1 */ |
wire [63:0] a[4:0][4:0]; |
wire [63:0] b[4:0]; |
wire [63:0] c[4:0][4:0], d[4:0][4:0], e[4:0][4:0], f[4:0][4:0], g[4:0][4:0]; |
|
/* "aa ~ gg" for round 2 */ |
wire [63:0] bb[4:0]; |
wire [63:0] cc[4:0][4:0], dd[4:0][4:0], ee[4:0][4:0], ff[4:0][4:0], gg[4:0][4:0]; |
|
genvar x, y; |
|
/* assign "a[x][y][z] == in[w(5y+x)+z]" */ |
generate |
for(y=0; y<5; y=y+1) |
begin : L0 |
for(x=0; x<5; x=x+1) |
begin : L1 |
assign a[x][y] = in[`high_pos(x,y) : `low_pos(x,y)]; |
end |
end |
endgenerate |
|
/* calc "b[x] == a[x][0] ^ a[x][1] ^ ... ^ a[x][4]" */ |
generate |
for(x=0; x<5; x=x+1) |
begin : L2 |
assign b[x] = a[x][0] ^ a[x][1] ^ a[x][2] ^ a[x][3] ^ a[x][4]; |
end |
endgenerate |
|
/* calc "c == theta(a)" */ |
generate |
for(y=0; y<5; y=y+1) |
begin : L3 |
for(x=0; x<5; x=x+1) |
begin : L4 |
assign c[x][y] = a[x][y] ^ b[`sub_1(x)] ^ `rot_up_1(b[`add_1(x)]); |
end |
end |
endgenerate |
|
/* calc "d == rho(c)" */ |
assign d[0][0] = c[0][0]; |
assign d[1][0] = `rot_up_1(c[1][0]); |
assign d[2][0] = `rot_up(c[2][0], 62); |
assign d[3][0] = `rot_up(c[3][0], 28); |
assign d[4][0] = `rot_up(c[4][0], 27); |
assign d[0][1] = `rot_up(c[0][1], 36); |
assign d[1][1] = `rot_up(c[1][1], 44); |
assign d[2][1] = `rot_up(c[2][1], 6); |
assign d[3][1] = `rot_up(c[3][1], 55); |
assign d[4][1] = `rot_up(c[4][1], 20); |
assign d[0][2] = `rot_up(c[0][2], 3); |
assign d[1][2] = `rot_up(c[1][2], 10); |
assign d[2][2] = `rot_up(c[2][2], 43); |
assign d[3][2] = `rot_up(c[3][2], 25); |
assign d[4][2] = `rot_up(c[4][2], 39); |
assign d[0][3] = `rot_up(c[0][3], 41); |
assign d[1][3] = `rot_up(c[1][3], 45); |
assign d[2][3] = `rot_up(c[2][3], 15); |
assign d[3][3] = `rot_up(c[3][3], 21); |
assign d[4][3] = `rot_up(c[4][3], 8); |
assign d[0][4] = `rot_up(c[0][4], 18); |
assign d[1][4] = `rot_up(c[1][4], 2); |
assign d[2][4] = `rot_up(c[2][4], 61); |
assign d[3][4] = `rot_up(c[3][4], 56); |
assign d[4][4] = `rot_up(c[4][4], 14); |
|
/* calc "e == pi(d)" */ |
assign e[0][0] = d[0][0]; |
assign e[0][2] = d[1][0]; |
assign e[0][4] = d[2][0]; |
assign e[0][1] = d[3][0]; |
assign e[0][3] = d[4][0]; |
assign e[1][3] = d[0][1]; |
assign e[1][0] = d[1][1]; |
assign e[1][2] = d[2][1]; |
assign e[1][4] = d[3][1]; |
assign e[1][1] = d[4][1]; |
assign e[2][1] = d[0][2]; |
assign e[2][3] = d[1][2]; |
assign e[2][0] = d[2][2]; |
assign e[2][2] = d[3][2]; |
assign e[2][4] = d[4][2]; |
assign e[3][4] = d[0][3]; |
assign e[3][1] = d[1][3]; |
assign e[3][3] = d[2][3]; |
assign e[3][0] = d[3][3]; |
assign e[3][2] = d[4][3]; |
assign e[4][2] = d[0][4]; |
assign e[4][4] = d[1][4]; |
assign e[4][1] = d[2][4]; |
assign e[4][3] = d[3][4]; |
assign e[4][0] = d[4][4]; |
|
/* calc "f = chi(e)" */ |
generate |
for(y=0; y<5; y=y+1) |
begin : L5 |
for(x=0; x<5; x=x+1) |
begin : L6 |
assign f[x][y] = e[x][y] ^ ((~ e[`add_1(x)][y]) & e[`add_2(x)][y]); |
end |
end |
endgenerate |
|
/* calc "g = iota(f)" */ |
generate |
for(x=0; x<64; x=x+1) |
begin : L60 |
if(x==0 || x==1 || x==3 || x==7 || x==15 || x==31 || x==63) |
assign g[0][0][x] = f[0][0][x] ^ round_const_1[x]; |
else |
assign g[0][0][x] = f[0][0][x]; |
end |
endgenerate |
|
generate |
for(y=0; y<5; y=y+1) |
begin : L7 |
for(x=0; x<5; x=x+1) |
begin : L8 |
if(x!=0 || y!=0) |
assign g[x][y] = f[x][y]; |
end |
end |
endgenerate |
|
/* round 2 */ |
|
/* calc "bb[x] == g[x][0] ^ g[x][1] ^ ... ^ g[x][4]" */ |
generate |
for(x=0; x<5; x=x+1) |
begin : L12 |
assign bb[x] = g[x][0] ^ g[x][1] ^ g[x][2] ^ g[x][3] ^ g[x][4]; |
end |
endgenerate |
|
/* calc "cc == theta(g)" */ |
generate |
for(y=0; y<5; y=y+1) |
begin : L13 |
for(x=0; x<5; x=x+1) |
begin : L14 |
assign cc[x][y] = g[x][y] ^ bb[`sub_1(x)] ^ `rot_up_1(bb[`add_1(x)]); |
end |
end |
endgenerate |
|
/* calc "dd == rho(cc)" */ |
assign dd[0][0] = cc[0][0]; |
assign dd[1][0] = `rot_up_1(cc[1][0]); |
assign dd[2][0] = `rot_up(cc[2][0], 62); |
assign dd[3][0] = `rot_up(cc[3][0], 28); |
assign dd[4][0] = `rot_up(cc[4][0], 27); |
assign dd[0][1] = `rot_up(cc[0][1], 36); |
assign dd[1][1] = `rot_up(cc[1][1], 44); |
assign dd[2][1] = `rot_up(cc[2][1], 6); |
assign dd[3][1] = `rot_up(cc[3][1], 55); |
assign dd[4][1] = `rot_up(cc[4][1], 20); |
assign dd[0][2] = `rot_up(cc[0][2], 3); |
assign dd[1][2] = `rot_up(cc[1][2], 10); |
assign dd[2][2] = `rot_up(cc[2][2], 43); |
assign dd[3][2] = `rot_up(cc[3][2], 25); |
assign dd[4][2] = `rot_up(cc[4][2], 39); |
assign dd[0][3] = `rot_up(cc[0][3], 41); |
assign dd[1][3] = `rot_up(cc[1][3], 45); |
assign dd[2][3] = `rot_up(cc[2][3], 15); |
assign dd[3][3] = `rot_up(cc[3][3], 21); |
assign dd[4][3] = `rot_up(cc[4][3], 8); |
assign dd[0][4] = `rot_up(cc[0][4], 18); |
assign dd[1][4] = `rot_up(cc[1][4], 2); |
assign dd[2][4] = `rot_up(cc[2][4], 61); |
assign dd[3][4] = `rot_up(cc[3][4], 56); |
assign dd[4][4] = `rot_up(cc[4][4], 14); |
|
/* calc "ee == pi(dd)" */ |
assign ee[0][0] = dd[0][0]; |
assign ee[0][2] = dd[1][0]; |
assign ee[0][4] = dd[2][0]; |
assign ee[0][1] = dd[3][0]; |
assign ee[0][3] = dd[4][0]; |
assign ee[1][3] = dd[0][1]; |
assign ee[1][0] = dd[1][1]; |
assign ee[1][2] = dd[2][1]; |
assign ee[1][4] = dd[3][1]; |
assign ee[1][1] = dd[4][1]; |
assign ee[2][1] = dd[0][2]; |
assign ee[2][3] = dd[1][2]; |
assign ee[2][0] = dd[2][2]; |
assign ee[2][2] = dd[3][2]; |
assign ee[2][4] = dd[4][2]; |
assign ee[3][4] = dd[0][3]; |
assign ee[3][1] = dd[1][3]; |
assign ee[3][3] = dd[2][3]; |
assign ee[3][0] = dd[3][3]; |
assign ee[3][2] = dd[4][3]; |
assign ee[4][2] = dd[0][4]; |
assign ee[4][4] = dd[1][4]; |
assign ee[4][1] = dd[2][4]; |
assign ee[4][3] = dd[3][4]; |
assign ee[4][0] = dd[4][4]; |
|
/* calc "ff = chi(ee)" */ |
generate |
for(y=0; y<5; y=y+1) |
begin : L15 |
for(x=0; x<5; x=x+1) |
begin : L16 |
assign ff[x][y] = ee[x][y] ^ ((~ ee[`add_1(x)][y]) & ee[`add_2(x)][y]); |
end |
end |
endgenerate |
|
/* calc "gg = iota(ff)" */ |
generate |
for(x=0; x<64; x=x+1) |
begin : L160 |
if(x==0 || x==1 || x==3 || x==7 || x==15 || x==31 || x==63) |
assign gg[0][0][x] = ff[0][0][x] ^ round_const_2[x]; |
else |
assign gg[0][0][x] = ff[0][0][x]; |
end |
endgenerate |
|
generate |
for(y=0; y<5; y=y+1) |
begin : L17 |
for(x=0; x<5; x=x+1) |
begin : L18 |
if(x!=0 || y!=0) |
assign gg[x][y] = ff[x][y]; |
end |
end |
endgenerate |
|
/* assign "out[w(5y+x)+z] == out_var[x][y][z]" */ |
generate |
for(y=0; y<5; y=y+1) |
begin : L99 |
for(x=0; x<5; x=x+1) |
begin : L100 |
assign out[`high_pos(x,y) : `low_pos(x,y)] = gg[x][y]; |
end |
end |
endgenerate |
endmodule |
|
`undef low_pos |
`undef high_pos |
`undef add_1 |
`undef add_2 |
`undef sub_1 |
`undef rot_up |
`undef rot_up_1 |