diff --git a/src/ieu/aes_instructions/aes32d.sv b/src/ieu/aes_instructions/aes32d.sv index 8b72916fb..606328af4 100644 --- a/src/ieu/aes_instructions/aes32d.sv +++ b/src/ieu/aes_instructions/aes32d.sv @@ -42,7 +42,7 @@ module aes32d( aesinvsbox inv_sbox(SboxIn, SboxOut); // Apply inverse sbox to si assign so = {24'h0, SboxOut}; // Pad output of inverse substitution box aesinvmixcolumns mix(so, mixed); // Run so through the mixword AES function - mux2 #(32) rmux(mixed, so, finalround, rotin); // on final round, rotate so rather than mixed + mux2 #(32) rmux(mixed, so, finalround, rotin); // on final round, skip mixcolumns rotate #(32) rot(rotin, shamt, rotout); // Rotate left by shamt (bs * 8) - assign result = rs1 ^ rotout; // xor with running value + assign result = rs1 ^ rotout; // xor with running value endmodule diff --git a/src/ieu/aes_instructions/aes32e.sv b/src/ieu/aes_instructions/aes32e.sv index f77f5ed64..8ee5cb858 100644 --- a/src/ieu/aes_instructions/aes32e.sv +++ b/src/ieu/aes_instructions/aes32e.sv @@ -42,7 +42,7 @@ module aes32e( aessbox sbox(SboxIn, SboxOut); // Substitute assign so = {24'h0, SboxOut}; // Pad sbox output aesmixcolumns mwd(so, mixed); // Mix Word using aesmixword component - mux2 #(32) rmux(mixed, so, finalround, rotin); // on final round, rotate so rather than mixed + mux2 #(32) rmux(mixed, so, finalround, rotin); // on final round, skip mixcolumns rotate #(32) mrot(rotin, shamt, rotout); // Rotate the mixcolumns output left by shamt (bs * 8) - assign result = rs1 ^ rotout; // xor with running value + assign result = rs1 ^ rotout; // xor with running value endmodule diff --git a/src/ieu/aes_instructions/aes64d.sv b/src/ieu/aes_instructions/aes64d.sv index caae92f1c..5990aedfd 100644 --- a/src/ieu/aes_instructions/aes64d.sv +++ b/src/ieu/aes_instructions/aes64d.sv @@ -33,20 +33,19 @@ module aes64d( ); logic [127:0] ShiftRowOut; - logic [31:0] SboxOut0, SboxOut1; - logic [31:0] MixcolOut0, MixcolOut1; + logic [63:0] SboxOut, MixcolOut; // Apply inverse shiftrows to rs2 and rs1 aesinvshiftrow srow({rs2, rs1}, ShiftRowOut); // Apply full word inverse substitution to lower 2 words of shiftrow out - aesinvsboxword invsbox0(ShiftRowOut[31:0], SboxOut0); - aesinvsboxword invsbox1(ShiftRowOut[63:32], SboxOut1); + aesinvsboxword invsbox0(ShiftRowOut[31:0], SboxOut[31:0]); + aesinvsboxword invsbox1(ShiftRowOut[63:32], SboxOut[63:32]); // Apply inverse mixword to sbox outputs - aesinvmixcolumns invmw0(SboxOut0, MixcolOut0); - aesinvmixcolumns invmw1(SboxOut1, MixcolOut1); + aesinvmixcolumns invmw0(SboxOut[31:0], MixcolOut[31:0]); + aesinvmixcolumns invmw1(SboxOut[63:32], MixcolOut[63:32]); - // Concatenate mixed words for output - mux2 #(64) resultmux({SboxOut1, SboxOut0}, {MixcolOut1, MixcolOut0}, finalround, result); + // Final round skips mixcolumns. + mux2 #(64) resultmux(MixcolOut, SboxOut, finalround, result); endmodule diff --git a/src/ieu/aes_instructions/aes64esm.sv b/src/ieu/aes_instructions/aes64e.sv similarity index 77% rename from src/ieu/aes_instructions/aes64esm.sv rename to src/ieu/aes_instructions/aes64e.sv index 603073d67..d06a199fb 100644 --- a/src/ieu/aes_instructions/aes64esm.sv +++ b/src/ieu/aes_instructions/aes64e.sv @@ -1,10 +1,10 @@ /////////////////////////////////////////// -// aes64esm.sv +// aes64e.sv // // Written: ryan.swann@okstate.edu, james.stine@okstate.edu // Created: 20 February 2024 // -// Purpose: aes64esm instruction: RV64 middle round encryption +// Purpose: aes64esm and aes64es instruction: RV64 middle and final round AES encryption // // A component of the CORE-V-WALLY configurable RISC-V project. // https://github.com/openhwgroup/cvw @@ -25,14 +25,15 @@ // and limitations under the License. //////////////////////////////////////////////////////////////////////////////////////////////// -module aes64esm( +module aes64e( input logic [63:0] rs1, input logic [63:0] rs2, - output logic [63:0] DataOut + input logic finalround, + output logic [63:0] result ); logic [127:0] ShiftRowOut; - logic [63:0] SboxOut; + logic [63:0] SboxOut, MixcolOut; // AES shiftrow unit aesshiftrow srow({rs2,rs1}, ShiftRowOut); @@ -42,6 +43,9 @@ module aes64esm( aessboxword sbox1(ShiftRowOut[63:32], SboxOut[63:32]); // Apply mix columns operations - aesmixcolumns mw0(SboxOut[31:0], DataOut[31:0]); - aesmixcolumns mw1(SboxOut[63:32], DataOut[63:32]); + aesmixcolumns mw0(SboxOut[31:0], MixcolOut[31:0]); + aesmixcolumns mw1(SboxOut[63:32], MixcolOut[63:32]); + + // Skip mixcolumns on last round + mux2 #(64) resultmux(MixcolOut, SboxOut, finalround, result); endmodule diff --git a/src/ieu/aes_instructions/aes64es.sv b/src/ieu/aes_instructions/aes64es.sv deleted file mode 100644 index 388f3254f..000000000 --- a/src/ieu/aes_instructions/aes64es.sv +++ /dev/null @@ -1,42 +0,0 @@ -/////////////////////////////////////////// -// aes64es.sv -// -// Written: ryan.swann@okstate.edu, james.stine@okstate.edu -// Created: 20 February 2024 -// -// Purpose: aes64es instruction: RV64 final round encryption -// -// A component of the CORE-V-WALLY configurable RISC-V project. -// https://github.com/openhwgroup/cvw -// -// Copyright (C) 2021-24 Harvey Mudd College & Oklahoma State University -// -// SPDX-License-Identifier: Apache-2.0 WITH SHL-2.1 -// -// Licensed under the Solderpad Hardware License v 2.1 (the “License”); you may not use this file -// except in compliance with the License, or, at your option, the Apache License version 2.0. You -// may obtain a copy of the License at -// -// https://solderpad.org/licenses/SHL-2.1/ -// -// Unless required by applicable law or agreed to in writing, any work distributed under the -// License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, -// either express or implied. See the License for the specific language governing permissions -// and limitations under the License. -//////////////////////////////////////////////////////////////////////////////////////////////// - -module aes64es( - input logic [63:0] rs1, - input logic [63:0] rs2, - output logic [63:0] DataOut -); - - logic [127:0] ShiftRowOut; - - // AES shiftrow unit - aesshiftrow srow({rs2,rs1}, ShiftRowOut); - - // Apply substitution box to 2 lower words - aessboxword sbox0(ShiftRowOut[31:0], DataOut[31:0]); - aessboxword sbox1(ShiftRowOut[63:32], DataOut[63:32]); -endmodule diff --git a/src/ieu/kmu/zknd64.sv b/src/ieu/kmu/zknd64.sv index ff2910d2b..569d75c98 100644 --- a/src/ieu/kmu/zknd64.sv +++ b/src/ieu/kmu/zknd64.sv @@ -37,8 +37,7 @@ module zknd64 #(parameter WIDTH=32) ( logic [63:0] aes64dRes, aes64imRes, aes64ks1iRes, aes64ks2Res; // RV64 - // aes64ds aes64ds(.rs1(A), .rs2(B), .DataOut(aes64dsRes)); - aes64d aes64d(.rs1(A), .rs2(B), .finalround(ZKNDSelect[0]), .result(aes64dRes)); // decode AES + aes64d aes64d(.rs1(A), .rs2(B), .finalround(~ZKNDSelect[0]), .result(aes64dRes)); // decode AES aes64im aes64im(.rs1(A), .DataOut(aes64imRes)); aes64ks1i aes64ks1i(.roundnum(RNUM), .rs1(A), .rd(aes64ks1iRes)); aes64ks2 aes64ks2(.rs2(B), .rs1(A), .rd(aes64ks2Res)); diff --git a/src/ieu/kmu/zkne64.sv b/src/ieu/kmu/zkne64.sv index f71885355..302d4aee0 100644 --- a/src/ieu/kmu/zkne64.sv +++ b/src/ieu/kmu/zkne64.sv @@ -34,14 +34,13 @@ module zkne64 #(parameter WIDTH=32) ( output logic [WIDTH-1:0] ZKNEResult ); - logic [63:0] aes64esRes, aes64esmRes, aes64ks1iRes, aes64ks2Res; + logic [63:0] aes64eRes, aes64ks1iRes, aes64ks2Res; // RV64 - aes64es aes64es(.rs1(A), .rs2(B), .DataOut(aes64esRes)); - aes64esm aes64esm(.rs1(A), .rs2(B), .DataOut(aes64esmRes)); + aes64e aes64e(.rs1(A), .rs2(B), .finalround(~ZKNESelect[0]), .result(aes64eRes)); aes64ks1i aes64ks1i(.roundnum(RNUM), .rs1(A), .rd(aes64ks1iRes)); aes64ks2 aes64ks2(.rs2(B), .rs1(A), .rd(aes64ks2Res)); // 010 is a placeholder to match the select of ZKND's AES64KS1I since they share some instruction - mux5 #(WIDTH) zknemux(aes64esRes, aes64esmRes, 64'b0, aes64ks1iRes, aes64ks2Res, ZKNESelect, ZKNEResult); + mux5 #(WIDTH) zknemux(aes64eRes, aes64eRes, 64'b0, aes64ks1iRes, aes64ks2Res, ZKNESelect, ZKNEResult); endmodule