Shared haredware for aes64e

src/ieu/aes_instructions/aes32d.sv

@@ -42,7 +42,7 @@ module aes32d(
    aesinvsbox inv_sbox(SboxIn, SboxOut);          // Apply inverse sbox to si
    assign so = {24'h0, SboxOut};                  // Pad output of inverse substitution box
    aesinvmixcolumns mix(so, mixed);               // Run so through the mixword AES function
-   mux2 #(32) rmux(mixed, so, finalround, rotin); // on final round, rotate so rather than mixed
+   mux2 #(32) rmux(mixed, so, finalround, rotin); // on final round, skip mixcolumns
    rotate #(32) rot(rotin, shamt, rotout);        // Rotate left by shamt (bs * 8)
-   assign result = rs1 ^ rotout;                 // xor with running value
+   assign result = rs1 ^ rotout;                  // xor with running value
 endmodule

src/ieu/aes_instructions/aes32e.sv

@@ -42,7 +42,7 @@ module aes32e(
    aessbox sbox(SboxIn, SboxOut);                 // Substitute
    assign so = {24'h0, SboxOut};                  // Pad sbox output
    aesmixcolumns mwd(so, mixed);                  // Mix Word using aesmixword component
-   mux2 #(32) rmux(mixed, so, finalround, rotin); // on final round, rotate so rather than mixed
+   mux2 #(32) rmux(mixed, so, finalround, rotin); // on final round, skip mixcolumns
    rotate #(32) mrot(rotin, shamt, rotout);       // Rotate the mixcolumns output left by shamt (bs * 8)
-   assign result = rs1 ^ rotout;                 // xor with running value
+   assign result = rs1 ^ rotout;                  // xor with running value
 endmodule

src/ieu/aes_instructions/aes64d.sv

@@ -33,20 +33,19 @@ module aes64d(
 );
    
    logic [127:0] 		    ShiftRowOut;
-   logic [31:0] 		    SboxOut0, SboxOut1;
+   logic [63:0] 		    SboxOut, MixcolOut;
-   logic [31:0] 		    MixcolOut0, MixcolOut1;
    
    // Apply inverse shiftrows to rs2 and rs1
    aesinvshiftrow srow({rs2, rs1}, ShiftRowOut);
    
    // Apply full word inverse substitution to lower 2 words of shiftrow out
-   aesinvsboxword invsbox0(ShiftRowOut[31:0],  SboxOut0);
+   aesinvsboxword invsbox0(ShiftRowOut[31:0],  SboxOut[31:0]);
-   aesinvsboxword invsbox1(ShiftRowOut[63:32], SboxOut1);
+   aesinvsboxword invsbox1(ShiftRowOut[63:32], SboxOut[63:32]);
    
    // Apply inverse mixword to sbox outputs
-   aesinvmixcolumns invmw0(SboxOut0, MixcolOut0);
+   aesinvmixcolumns invmw0(SboxOut[31:0], MixcolOut[31:0]);
-   aesinvmixcolumns invmw1(SboxOut1, MixcolOut1);
+   aesinvmixcolumns invmw1(SboxOut[63:32], MixcolOut[63:32]);
    
-   // Concatenate mixed words for output
+   // Final round skips mixcolumns.
-   mux2 #(64) resultmux({SboxOut1, SboxOut0}, {MixcolOut1, MixcolOut0}, finalround, result);
+   mux2 #(64) resultmux(MixcolOut, SboxOut, finalround, result);
 endmodule

src/ieu/aes_instructions/aes64e.sv

@@ -1,10 +1,10 @@
 ///////////////////////////////////////////
-// aes64esm.sv
+// aes64e.sv
 //
 // Written: ryan.swann@okstate.edu, james.stine@okstate.edu
 // Created: 20 February 2024
 //
-// Purpose: aes64esm instruction: RV64 middle round encryption 
+// Purpose: aes64esm and aes64es instruction: RV64 middle and final round AES encryption 
 //
 // A component of the CORE-V-WALLY configurable RISC-V project.
 // https://github.com/openhwgroup/cvw
@@ -25,14 +25,15 @@
 // and limitations under the License.
 ////////////////////////////////////////////////////////////////////////////////////////////////
 
-module aes64esm(
+module aes64e(
     input  logic [63:0] rs1,
     input  logic [63:0] rs2,
-    output logic [63:0] DataOut
+    input  logic        finalround,
+    output logic [63:0] result
 );
    
     logic [127:0] ShiftRowOut;
-    logic [63:0]  SboxOut;
+    logic [63:0]  SboxOut, MixcolOut;
                 
     // AES shiftrow unit
     aesshiftrow srow({rs2,rs1}, ShiftRowOut);
@@ -42,6 +43,9 @@ module aes64esm(
     aessboxword sbox1(ShiftRowOut[63:32], SboxOut[63:32]);
    
     // Apply mix columns operations
-    aesmixcolumns mw0(SboxOut[31:0], DataOut[31:0]);
+    aesmixcolumns mw0(SboxOut[31:0], MixcolOut[31:0]);
-    aesmixcolumns mw1(SboxOut[63:32], DataOut[63:32]);    
+    aesmixcolumns mw1(SboxOut[63:32], MixcolOut[63:32]);    
+
+    // Skip mixcolumns on last round
+    mux2 #(64) resultmux(MixcolOut, SboxOut, finalround, result);
 endmodule

src/ieu/aes_instructions/aes64es.sv

@@ -1,42 +0,0 @@
-///////////////////////////////////////////
-// aes64es.sv
-//
-// Written: ryan.swann@okstate.edu, james.stine@okstate.edu
-// Created: 20 February 2024
-//
-// Purpose: aes64es instruction: RV64 final round encryption 
-//
-// A component of the CORE-V-WALLY configurable RISC-V project.
-// https://github.com/openhwgroup/cvw
-// 
-// Copyright (C) 2021-24 Harvey Mudd College & Oklahoma State University
-//
-// SPDX-License-Identifier: Apache-2.0 WITH SHL-2.1
-//
-// Licensed under the Solderpad Hardware License v 2.1 (the “License”); you may not use this file 
-// except in compliance with the License, or, at your option, the Apache License version 2.0. You 
-// may obtain a copy of the License at
-//
-// https://solderpad.org/licenses/SHL-2.1/
-//
-// Unless required by applicable law or agreed to in writing, any work distributed under the 
-// License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, 
-// either express or implied. See the License for the specific language governing permissions 
-// and limitations under the License.
-////////////////////////////////////////////////////////////////////////////////////////////////
-
-module aes64es(
-   input  logic [63:0] rs1,
-   input  logic [63:0] rs2,
-   output logic [63:0] DataOut
-);
-                
-   logic [127:0] 		   ShiftRowOut;
-   
-   // AES shiftrow unit
-   aesshiftrow srow({rs2,rs1}, ShiftRowOut);
-   
-   // Apply substitution box to 2 lower words
-   aessboxword sbox0(ShiftRowOut[31:0],  DataOut[31:0]);
-   aessboxword sbox1(ShiftRowOut[63:32], DataOut[63:32]);       
-endmodule

src/ieu/kmu/zknd64.sv

@@ -37,8 +37,7 @@ module zknd64 #(parameter WIDTH=32) (
    logic [63:0] 	     aes64dRes, aes64imRes, aes64ks1iRes, aes64ks2Res;
    
    // RV64
-   // aes64ds   aes64ds(.rs1(A), .rs2(B), .DataOut(aes64dsRes));
+   aes64d    aes64d(.rs1(A), .rs2(B), .finalround(~ZKNDSelect[0]), .result(aes64dRes)); // decode AES
-   aes64d    aes64d(.rs1(A), .rs2(B), .finalround(ZKNDSelect[0]), .result(aes64dRes)); // decode AES
    aes64im   aes64im(.rs1(A), .DataOut(aes64imRes));
    aes64ks1i aes64ks1i(.roundnum(RNUM), .rs1(A), .rd(aes64ks1iRes));
    aes64ks2  aes64ks2(.rs2(B), .rs1(A), .rd(aes64ks2Res));

src/ieu/kmu/zkne64.sv

@@ -34,14 +34,13 @@ module zkne64 #(parameter WIDTH=32) (
    output logic [WIDTH-1:0] ZKNEResult
 );
    
-   logic [63:0] 	     aes64esRes, aes64esmRes, aes64ks1iRes, aes64ks2Res;
+   logic [63:0] 	     aes64eRes, aes64ks1iRes, aes64ks2Res;
    
    // RV64
-   aes64es   aes64es(.rs1(A), .rs2(B), .DataOut(aes64esRes));
+   aes64e    aes64e(.rs1(A), .rs2(B), .finalround(~ZKNESelect[0]), .result(aes64eRes));
-   aes64esm  aes64esm(.rs1(A), .rs2(B), .DataOut(aes64esmRes));
    aes64ks1i aes64ks1i(.roundnum(RNUM), .rs1(A), .rd(aes64ks1iRes));
    aes64ks2  aes64ks2(.rs2(B), .rs1(A), .rd(aes64ks2Res));
    
    // 010 is a placeholder to match the select of ZKND's AES64KS1I since they share some instruction
-   mux5 #(WIDTH) zknemux(aes64esRes, aes64esmRes, 64'b0, aes64ks1iRes, aes64ks2Res, ZKNESelect, ZKNEResult);   
+   mux5 #(WIDTH) zknemux(aes64eRes, aes64eRes, 64'b0, aes64ks1iRes, aes64ks2Res, ZKNESelect, ZKNEResult);   
 endmodule