diff --git a/src/ieu/aes_common/rotate.sv b/src/ieu/aes_common/rotate.sv new file mode 100644 index 000000000..7f44f95f4 --- /dev/null +++ b/src/ieu/aes_common/rotate.sv @@ -0,0 +1,35 @@ +/////////////////////////////////////////// +// rotate.sv +// +// Written: ryan.swann@okstate.edu, james.stine@okstate.edu +// Created: 20 February 2024 +// +// Purpose: rotate a by shamt +// +// A component of the CORE-V-WALLY configurable RISC-V project. +// https://github.com/openhwgroup/cvw +// +// Copyright (C) 2021-24 Harvey Mudd College & Oklahoma State University +// +// SPDX-License-Identifier: Apache-2.0 WITH SHL-2.1 +// +// Licensed under the Solderpad Hardware License v 2.1 (the “License”); you may not use this file +// except in compliance with the License, or, at your option, the Apache License version 2.0. You +// may obtain a copy of the License at +// +// https://solderpad.org/licenses/SHL-2.1/ +// +// Unless required by applicable law or agreed to in writing, any work distributed under the +// License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, +// either express or implied. See the License for the specific language governing permissions +// and limitations under the License. +//////////////////////////////////////////////////////////////////////////////////////////////// + +module rotate #(parameter WIDTH=32) ( + input logic [WIDTH-1:0] a, + input logic [$clog2(WIDTH)-1:0] shamt, + output logic [WIDTH-1:0] y +); + + assign y = (a << shamt) | (a >> (WIDTH-shamt)); +endmodule diff --git a/src/ieu/aes_instructions/aes32dsi.sv b/src/ieu/aes_instructions/aes32dsi.sv index dd399d75d..e0fdf4536 100644 --- a/src/ieu/aes_instructions/aes32dsi.sv +++ b/src/ieu/aes_instructions/aes32dsi.sv @@ -36,10 +36,10 @@ module aes32dsi( logic [7:0] SboxIn, SboxOut; logic [31:0] so, sorotate; - assign shamt = {bs, 3'b0}; // shamt = bs * 8 (convert bytes to bits) - assign SboxIn = rs2[shamt +: 8]; // Shift rs2 right by shamt and take the lower byte - aesinvsbox inv_sbox(SboxIn, SboxOut); // Apply inverse sbox - assign so = {24'h0, SboxOut}; // Pad output of inverse substitution box - assign sorotate = (so << shamt) | (so >> (32 - shamt)); // Rotate the substitution box output left by shamt (bs * 8) - assign DataOut = rs1 ^ sorotate; // Set result to "X(rs1)[31..0] ^ rol32(so, unsigned(shamt));" + assign shamt = {bs, 3'b0}; // shamt = bs * 8 (convert bytes to bits) + assign SboxIn = rs2[shamt +: 8]; // select byte bs of rs2 + aesinvsbox inv_sbox(SboxIn, SboxOut); // Apply inverse sbox + assign so = {24'h0, SboxOut}; // Pad output of inverse substitution box + rotate sorot(so, shamt, sorotate); // Rotate the substitution box output left by shamt (bs * 8) + assign DataOut = rs1 ^ sorotate; // xor with running value endmodule diff --git a/src/ieu/aes_instructions/aes32dsmi.sv b/src/ieu/aes_instructions/aes32dsmi.sv index 4f8b5d9c0..0b98835cc 100644 --- a/src/ieu/aes_instructions/aes32dsmi.sv +++ b/src/ieu/aes_instructions/aes32dsmi.sv @@ -33,30 +33,14 @@ module aes32dsmi( ); logic [4:0] shamt; - logic [7:0] SboxIn; - logic [7:0] SboxOut; - logic [31:0] so; - logic [31:0] mixed; - logic [31:0] mixedrotate; + logic [7:0] SboxIn, SboxOut; + logic [31:0] so, mixed, mixedrotate; - // shamt = bs * 8 - assign shamt = {bs, 3'b0}; - - // Shift rs2 right by shamt and take the lower byte - assign SboxIn = rs2[shamt +: 8]; // Shift rs2 right by shamt and take the lower byte - - // Apply inverse sbox to si - aesinvsbox inv_sbox(SboxIn, SboxOut); - - // Pad output of inverse substitution box - assign so = {24'h0, SboxOut}; - - // Run so through the mixword AES function - aesinvmixcolumns mix(so, mixed); - - // Rotate the substitution box output left by shamt (bs * 8) - assign mixedrotate = (mixed << shamt) | (mixed >> (32 - shamt)); - - // Set result to "X(rs1)[31..0] ^ rol32(so, unsigned(shamt));" - assign DataOut = rs1 ^ mixedrotate; + assign shamt = {bs, 3'b0}; // shamt = bs * 8 (convert bytes to bits) + assign SboxIn = rs2[shamt +: 8]; // select byte bs of rs2 + aesinvsbox inv_sbox(SboxIn, SboxOut); // Apply inverse sbox to si + assign so = {24'h0, SboxOut}; // Pad output of inverse substitution box + aesinvmixcolumns mix(so, mixed); // Run so through the mixword AES function + rotate mrot(mixed, shamt, mixedrotate); // Rotate the mixcolumns output left by shamt (bs * 8) + assign DataOut = rs1 ^ mixedrotate; // xor with running value endmodule diff --git a/src/ieu/aes_instructions/aes32esi.sv b/src/ieu/aes_instructions/aes32esi.sv index d18fbcfa1..12607bf01 100644 --- a/src/ieu/aes_instructions/aes32esi.sv +++ b/src/ieu/aes_instructions/aes32esi.sv @@ -33,25 +33,13 @@ module aes32esi( ); logic [4:0] shamt; - logic [7:0] SboxIn; - logic [7:0] SboxOut; - logic [31:0] so; - logic [31:0] sorotate; + logic [7:0] SboxIn, SboxOut; + logic [31:0] so, sorotate; - // Shift bs by 3 to get shamt - assign shamt = {bs, 3'b0}; - - assign SboxIn = rs2[shamt +: 8]; // Shift rs2 right by shamt and take the lower byte - - // Substitute - aessbox subbox(SboxIn, SboxOut); - - // Pad sbox output - assign so = {24'h0, SboxOut}; - - // Rotate so left by shamt - assign sorotate = (so << shamt) | (so >> (32 - shamt)); - - // Set result X(rs1)[31..0] ^ rol32(so, unsigned(shamt)); - assign DataOut = rs1 ^ sorotate; + assign shamt = {bs, 3'b0}; // shamt = bs * 8 (convert bytes to bits) + assign SboxIn = rs2[shamt +: 8]; // select byte bs of rs2 + aessbox subbox(SboxIn, SboxOut); // Substitute + assign so = {24'h0, SboxOut}; // Pad sbox output + rotate sorot(so, shamt, sorotate); // Rotate the substitution box output left by shamt (bs * 8) + assign DataOut = rs1 ^ sorotate; // xor with running value endmodule diff --git a/src/ieu/aes_instructions/aes32esmi.sv b/src/ieu/aes_instructions/aes32esmi.sv index 558824e7c..ee3d86274 100644 --- a/src/ieu/aes_instructions/aes32esmi.sv +++ b/src/ieu/aes_instructions/aes32esmi.sv @@ -33,29 +33,14 @@ module aes32esmi( ); logic [4:0] shamt; - logic [7:0] SboxIn; - logic [7:0] SboxOut; - logic [31:0] so; - logic [31:0] mixed; - logic [31:0] mixedrotate; + logic [7:0] SboxIn, SboxOut; + logic [31:0] so, mixed, mixedrotate; - // Shift bs by 3 to get shamt - assign shamt = {bs, 3'b0}; - - assign SboxIn = rs2[shamt +: 8]; // Shift rs2 right by shamt and take the lower byte - - // Substitute - aessbox sbox(SboxIn, SboxOut); - - // Pad sbox output - assign so = {24'h0, SboxOut}; - - // Mix Word using aesmixword component - aesmixcolumns mwd(so, mixed); - - // Rotate so left by shamt - assign mixedrotate = (mixed << shamt) | (mixed >> (32 - shamt)); - - // Set result X(rs1)[31..0] ^ rol32(mixed, unsigned(shamt)); - assign DataOut = rs1 ^ mixedrotate; + assign shamt = {bs, 3'b0}; // shamt = bs * 8 (convert bytes to bits) + assign SboxIn = rs2[shamt +: 8]; // select byte bs of rs2 + aessbox sbox(SboxIn, SboxOut); // Substitute + assign so = {24'h0, SboxOut}; // Pad sbox output + aesmixcolumns mwd(so, mixed); // Mix Word using aesmixword component + rotate mrot(mixed, shamt, mixedrotate); // Rotate the mixcolumns output left by shamt (bs * 8) + assign DataOut = rs1 ^ mixedrotate; // xor with running value endmodule diff --git a/src/ieu/aes_instructions/aes64ks1i.sv b/src/ieu/aes_instructions/aes64ks1i.sv index 41a0183e2..5b557b5ae 100644 --- a/src/ieu/aes_instructions/aes64ks1i.sv +++ b/src/ieu/aes_instructions/aes64ks1i.sv @@ -31,30 +31,17 @@ module aes64ks1i( output logic [63:0] rd ); - logic [7:0] rconPreShift; - logic [31:0] rcon; logic lastRoundFlag; - logic [31:0] rs1Rotate; - logic [31:0] tmp2; - logic [31:0] SboxOut; + logic [7:0] rcon8; + logic [31:0] rcon, rs1Rotate, tmp2, SboxOut; - // Get rcon value from table - rconlut128 rc(roundnum, rconPreShift); - - // Shift RCON value - assign rcon = {24'b0, rconPreShift}; - - // Flag will be set if roundnum = 0xA = 0b1010 - assign lastRoundFlag = roundnum[3] & ~roundnum[2] & roundnum[1] & ~roundnum[0]; - - // Get rotated value fo ruse in tmp2 - assign rs1Rotate = {rs1[39:32], rs1[63:40]}; - - // Assign tmp2 to a mux based on lastRoundFlag - assign tmp2 = lastRoundFlag ? rs1[63:32] : rs1Rotate; - - // Substitute bytes of value obtained for tmp2 using Rijndael sbox - aessboxword sbox(tmp2, SboxOut); + + rconlut128 rc(roundnum, rcon8); // Get rcon value from lookup table + assign rcon = {24'b0, rcon8}; // Zero-pad RCON + assign rs1Rotate = {rs1[39:32], rs1[63:40]}; // Get rotated value fo ruse in tmp2 + assign lastRoundFlag = (roundnum == 4'b1010); // round 10 is the last one + assign tmp2 = lastRoundFlag ? rs1[63:32] : rs1Rotate; // Don't rotate on the last round + aessboxword sbox(tmp2, SboxOut); // Substitute bytes of value obtained for tmp2 using Rijndael sbox assign rd[31:0] = SboxOut ^ rcon; assign rd[63:32] = SboxOut ^ rcon; endmodule diff --git a/src/ieu/bmu/bitmanipalu.sv b/src/ieu/bmu/bitmanipalu.sv index add0f2d1f..596f10938 100644 --- a/src/ieu/bmu/bitmanipalu.sv +++ b/src/ieu/bmu/bitmanipalu.sv @@ -56,7 +56,6 @@ module bitmanipalu import cvw::*; #(parameter cvw_t P) ( logic [P.XLEN-1:0] ZKNHResult; // ZKNH Result logic [P.XLEN-1:0] MaskB; // BitMask of B logic [P.XLEN-1:0] RevA; // Bit-reversed A - logic Rotate; // Indicates if it is Rotate instruction logic Mask; // Indicates if it is ZBS instruction logic PreShift; // Inidicates if it is sh1add, sh2add, sh3add instruction logic [1:0] PreShiftAmt; // Amount to Pre-Shift A