diff --git a/src/ieu/aes_instructions/aes32dsi.sv b/src/ieu/aes_instructions/aes32dsi.sv index 914ec8994..7ecd5310e 100644 --- a/src/ieu/aes_instructions/aes32dsi.sv +++ b/src/ieu/aes_instructions/aes32dsi.sv @@ -39,16 +39,21 @@ module aes32dsi(input logic [1:0] bs, logic [31:0] so_rotate; // shamt = bs * 8 - assign shamt = {bs, 3'b0}; + assign shamt = {bs, 3'b0}; + // Shift rs2 right by shamt and take the lower byte assign sbox_in_32 = (rs2 >> shamt); - assign sbox_in = sbox_in_32[7:0]; + assign sbox_in = sbox_in_32[7:0]; + // Apply inverse sbox to si - aes_inv_sbox inv_sbox(.in(sbox_in),.out(sbox_out)); + aes_inv_sbox inv_sbox(.in(sbox_in),.out(sbox_out)); + // Pad output of inverse substitution box - assign so = {24'h000000,sbox_out}; + assign so = {24'h000000,sbox_out}; + // Rotate the substitution box output left by shamt (bs * 8) - rotate_left rol32(.input_data(so),.shamt(shamt),.rot_data(so_rotate)); + rotate_left rol32(.input_data(so),.shamt(shamt),.rot_data(so_rotate)); + // Set result to "X(rs1)[31..0] ^ rol32(so, unsigned(shamt));" assign data_out = rs1 ^ so_rotate; diff --git a/src/ieu/aes_instructions/aes32dsmi.sv b/src/ieu/aes_instructions/aes32dsmi.sv index e3b750b79..1cf033ffc 100644 --- a/src/ieu/aes_instructions/aes32dsmi.sv +++ b/src/ieu/aes_instructions/aes32dsmi.sv @@ -40,18 +40,24 @@ module aes32dsmi(input logic [1:0] bs, logic [31:0] mixed_rotate; // shamt = bs * 8 - assign shamt = {bs, 3'b0}; + assign shamt = {bs, 3'b0}; + // Shift rs2 right by shamt and take the lower byte assign sbox_in_32 = (rs2 >> shamt); - assign sbox_in = sbox_in_32[7:0]; + assign sbox_in = sbox_in_32[7:0]; + // Apply inverse sbox to si - aes_inv_sbox inv_sbox(.in(sbox_in),.out(sbox_out)); + aes_inv_sbox inv_sbox(.in(sbox_in),.out(sbox_out)); + // Pad output of inverse substitution box - assign so = {24'h000000,sbox_out}; + assign so = {24'h000000,sbox_out}; + // Run so through the mixword AES function - inv_mixword mix(.word(so),.mixed_word(mixed)); + inv_mixword mix(.word(so),.mixed_word(mixed)); + // Rotate the substitution box output left by shamt (bs * 8) - rotate_left rol32(.input_data(mixed),.shamt(shamt),.rot_data(mixed_rotate)); + rotate_left rol32(.input_data(mixed),.shamt(shamt),.rot_data(mixed_rotate)); + // Set result to "X(rs1)[31..0] ^ rol32(so, unsigned(shamt));" assign data_out = rs1 ^ mixed_rotate; diff --git a/src/ieu/aes_instructions/aes64ds.sv b/src/ieu/aes_instructions/aes64ds.sv index 4ba657ea7..2481413b6 100644 --- a/src/ieu/aes_instructions/aes64ds.sv +++ b/src/ieu/aes_instructions/aes64ds.sv @@ -36,9 +36,11 @@ module aes64ds(input logic [63:0] rs1, // Apply inverse shiftrows to rs2 and rs1 aes_inv_shiftrow srow(.dataIn({rs2,rs1}),.dataOut(shiftRow_out)); + // Apply full word inverse substitution to lower 2 words of shiftrow out aes_inv_sbox_word inv_sbox_0(.in(shiftRow_out[31:0]),.out(sbox_out_0)); aes_inv_sbox_word inv_sbox_1(.in(shiftRow_out[63:32]),.out(sbox_out_1)); + // Concatenate the two substitution outputs to get result assign data_out = {sbox_out_1, sbox_out_0}; diff --git a/src/ieu/aes_instructions/aes64dsm.sv b/src/ieu/aes_instructions/aes64dsm.sv index 4ed5eef13..247041341 100644 --- a/src/ieu/aes_instructions/aes64dsm.sv +++ b/src/ieu/aes_instructions/aes64dsm.sv @@ -37,17 +37,17 @@ module aes64dsm(input logic [63:0] rs1, logic [31:0] mixcol_out_1; // Apply inverse shiftrows to rs2 and rs1 - aes_inv_shiftrow srow(.dataIn({rs2,rs1}),.dataOut(shiftRow_out)); + aes_inv_shiftrow srow(.dataIn({rs2,rs1}),.dataOut(shiftRow_out)); + // Apply full word inverse substitution to lower 2 words of shiftrow out aes_inv_sbox_word inv_sbox_0(.in(shiftRow_out[31:0]),.out(sbox_out_0)); - aes_inv_sbox_word inv_sbox_1(.in(shiftRow_out[63:32]),.out(sbox_out_1)); + aes_inv_sbox_word inv_sbox_1(.in(shiftRow_out[63:32]),.out(sbox_out_1)); + // Apply inverse mixword to sbox outputs inv_mixword inv_mw_0(.word(sbox_out_0),.mixed_word(mixcol_out_0)); - inv_mixword inv_mw_1(.word(sbox_out_1),.mixed_word(mixcol_out_1)); + inv_mixword inv_mw_1(.word(sbox_out_1),.mixed_word(mixcol_out_1)); + // Concatenate mixed words for output assign data_out = {mixcol_out_1,mixcol_out_0}; endmodule - - - diff --git a/src/ieu/aes_instructions/aes64es.sv b/src/ieu/aes_instructions/aes64es.sv index 4f665f030..e2e7804cd 100644 --- a/src/ieu/aes_instructions/aes64es.sv +++ b/src/ieu/aes_instructions/aes64es.sv @@ -33,7 +33,8 @@ module aes64es(input logic [63:0] rs1, logic [127:0] shiftRow_out; // AES shiftrow unit - aes_shiftrow srow(.dataIn({rs2,rs1}),.dataOut(shiftRow_out)); + aes_shiftrow srow(.dataIn({rs2,rs1}),.dataOut(shiftRow_out)); + // Apply substitution box to 2 lower words aes_sbox_word sbox_0(.in(shiftRow_out[31:0]),.out(data_out[31:0])); aes_sbox_word sbox_1(.in(shiftRow_out[63:32]),.out(data_out[63:32])); diff --git a/src/ieu/aes_instructions/aes64esm.sv b/src/ieu/aes_instructions/aes64esm.sv index 51c5474ac..21df77378 100644 --- a/src/ieu/aes_instructions/aes64esm.sv +++ b/src/ieu/aes_instructions/aes64esm.sv @@ -34,14 +34,14 @@ module aes64esm(input logic [63:0] rs1, logic [63:0] sbox_out; // AES shiftrow unit - aes_shiftrow srow(.dataIn({rs2,rs1}),.dataOut(shiftRow_out)); + aes_shiftrow srow(.dataIn({rs2,rs1}),.dataOut(shiftRow_out)); + // Apply substitution box to 2 lower words aes_sbox_word sbox_0(.in(shiftRow_out[31:0]),.out(sbox_out[31:0])); - aes_sbox_word sbox_1(.in(shiftRow_out[63:32]),.out(sbox_out[63:32])); + aes_sbox_word sbox_1(.in(shiftRow_out[63:32]),.out(sbox_out[63:32])); + // Apply mix columns operations mixword mw0(.word(sbox_out[31:0]),.mixed_word(data_out[31:0])); mixword mw1(.word(sbox_out[63:32]),.mixed_word(data_out[63:32])); endmodule - - diff --git a/src/ieu/aes_instructions/aes64im.sv b/src/ieu/aes_instructions/aes64im.sv index 9a898ef89..80dd4f584 100644 --- a/src/ieu/aes_instructions/aes64im.sv +++ b/src/ieu/aes_instructions/aes64im.sv @@ -28,7 +28,7 @@ module aes64im(input logic [63:0] rs1, output logic [63:0] data_out); - inv_mixword inv_mw_0(.word(rs1[31:0]),.mixed_word(data_out[31:0])); - inv_mixword inv_mw_1(.word(rs1[63:32]),.mixed_word(data_out[63:32])); + inv_mixword inv_mw_0(.word(rs1[31:0]),.mixed_word(data_out[31:0])); + inv_mixword inv_mw_1(.word(rs1[63:32]),.mixed_word(data_out[63:32])); endmodule diff --git a/src/ieu/aes_instructions/rcon_lut_128.sv b/src/ieu/aes_instructions/rcon_lut_128.sv new file mode 100644 index 000000000..af71e2ef8 --- /dev/null +++ b/src/ieu/aes_instructions/rcon_lut_128.sv @@ -0,0 +1,49 @@ +/////////////////////////////////////////// +// rcon_lut_128.sv +// +// Written: ryan.swann@okstate.edu, james.stine@okstate.edu +// Created: 20 February 2024 +// +// Purpose: aes64ks1i instruction +// +// A component of the CORE-V-WALLY configurable RISC-V project. +// https://github.com/openhwgroup/cvw +// +// Copyright (C) 2021-24 Harvey Mudd College & Oklahoma State University +// +// SPDX-License-Identifier: Apache-2.0 WITH SHL-2.1 +// +// Licensed under the Solderpad Hardware License v 2.1 (the “License”); you may not use this file +// except in compliance with the License, or, at your option, the Apache License version 2.0. You +// may obtain a copy of the License at +// +// https://solderpad.org/licenses/SHL-2.1/ +// +// Unless required by applicable law or agreed to in writing, any work distributed under the +// License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, +// either express or implied. See the License for the specific language governing permissions +// and limitations under the License. +//////////////////////////////////////////////////////////////////////////////////////////////// + +module rcon_lut_128(input logic [3:0] RD, + output logic [7:0] rcon_out); + + always_comb + begin + case(RD) + 4'h0 : rcon_out = 8'h01; + 4'h1 : rcon_out = 8'h02; + 4'h2 : rcon_out = 8'h04; + 4'h3 : rcon_out = 8'h08; + 4'h4 : rcon_out = 8'h10; + 4'h5 : rcon_out = 8'h20; + 4'h6 : rcon_out = 8'h40; + 4'h7 : rcon_out = 8'h80; + 4'h8 : rcon_out = 8'h1b; + 4'h9 : rcon_out = 8'h36; + 4'hA : rcon_out = 8'h00; + default : rcon_out = 8'h00; + endcase + end + +endmodule diff --git a/src/ieu/aes_instructions/rrot8.sv b/src/ieu/aes_instructions/rrot8.sv new file mode 100644 index 000000000..64d451b10 --- /dev/null +++ b/src/ieu/aes_instructions/rrot8.sv @@ -0,0 +1,64 @@ +/////////////////////////////////////////// +// rrot8.sv +// +// Written: ryan.swann@okstate.edu, james.stine@okstate.edu +// Created: 20 February 2024 +// +// Purpose: aes64ks1i instruction +// +// A component of the CORE-V-WALLY configurable RISC-V project. +// https://github.com/openhwgroup/cvw +// +// Copyright (C) 2021-24 Harvey Mudd College & Oklahoma State University +// +// SPDX-License-Identifier: Apache-2.0 WITH SHL-2.1 +// +// Licensed under the Solderpad Hardware License v 2.1 (the “License”); you may not use this file +// except in compliance with the License, or, at your option, the Apache License version 2.0. You +// may obtain a copy of the License at +// +// https://solderpad.org/licenses/SHL-2.1/ +// +// Unless required by applicable law or agreed to in writing, any work distributed under the +// License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, +// either express or implied. See the License for the specific language governing permissions +// and limitations under the License. +//////////////////////////////////////////////////////////////////////////////////////////////// + +module rrot8(input logic[31:0] x, + output logic [31:0] result); + + assign result[0] = x[8]; + assign result[1] = x[9]; + assign result[2] = x[10]; + assign result[3] = x[11]; + assign result[4] = x[12]; + assign result[5] = x[13]; + assign result[6] = x[14]; + assign result[7] = x[15]; + assign result[8] = x[16]; + assign result[9] = x[17]; + assign result[10] = x[18]; + assign result[11] = x[19]; + assign result[12] = x[20]; + assign result[13] = x[21]; + assign result[14] = x[22]; + assign result[15] = x[23]; + assign result[16] = x[24]; + assign result[17] = x[25]; + assign result[18] = x[26]; + assign result[19] = x[27]; + assign result[20] = x[28]; + assign result[21] = x[29]; + assign result[22] = x[30]; + assign result[23] = x[31]; + assign result[24] = x[0]; + assign result[25] = x[1]; + assign result[26] = x[2]; + assign result[27] = x[3]; + assign result[28] = x[4]; + assign result[29] = x[5]; + assign result[30] = x[6]; + assign result[31] = x[7]; + +endmodule