[Cryptech-Commits] [user/js/keywrap] branch auto_zeroise updated: Adding the same API hardening to keywrap as implemented for other cores after the Cryptech audit.

git at cryptech.is git at cryptech.is
Tue Jan 8 09:00:53 UTC 2019


This is an automated email from the git hooks/post-receive script.

joachim at secworks.se pushed a commit to branch auto_zeroise
in repository user/js/keywrap.

The following commit(s) were added to refs/heads/auto_zeroise by this push:
     new acd123d  Adding the same API hardening to keywrap as implemented for other cores after the Cryptech audit.
acd123d is described below

commit acd123d903253edbbe6cdeda5757f829ccbbfb3a
Author: Joachim Strömbergson <joachim at secworks.se>
AuthorDate: Tue Jan 8 10:00:42 2019 +0100

    Adding the same API hardening to keywrap as implemented for other cores after the Cryptech audit.
---
 src/rtl/keywrap.v | 43 +++++++++++++++++++++++--------------------
 1 file changed, 23 insertions(+), 20 deletions(-)

diff --git a/src/rtl/keywrap.v b/src/rtl/keywrap.v
index 47c40d6..73a861c 100644
--- a/src/rtl/keywrap.v
+++ b/src/rtl/keywrap.v
@@ -317,34 +317,37 @@ module keywrap #(parameter ADDR_BITS = 13)
         begin
           if (we)
             begin
-              if (address == {{PAD{1'h0}}, ADDR_CTRL})
+              if (core_ready)
                 begin
-                  init_new    = write_data[CTRL_INIT_BIT];
-                  next_new    = write_data[CTRL_NEXT_BIT];
-                  zeroise_new = write_data[CTRL_ZEROISE_BIT];
-                end
+                  if (address == {{PAD{1'h0}}, ADDR_CTRL})
+                    begin
+                      init_new    = write_data[CTRL_INIT_BIT];
+                      next_new    = write_data[CTRL_NEXT_BIT];
+                      zeroise_new = write_data[CTRL_ZEROISE_BIT];
+                    end
 
-              if (address == {{PAD{1'h0}}, ADDR_CONFIG})
-                config_we = 1'h1;
+                  if (address == {{PAD{1'h0}}, ADDR_CONFIG})
+                    config_we = 1'h1;
 
-              if (address == {{PAD{1'h0}}, ADDR_TIMEOUT})
-                timeout_we = 1'h1;
+                  if (address == {{PAD{1'h0}}, ADDR_TIMEOUT})
+                    timeout_we = 1'h1;
 
-              if (address == {{PAD{1'h0}}, ADDR_RLEN})
-                rlen_we = 1'h1;
+                  if (address == {{PAD{1'h0}}, ADDR_RLEN})
+                    rlen_we = 1'h1;
 
-              if (address == {{PAD{1'h0}}, ADDR_A0})
-                a0_we = 1'h1;
+                  if (address == {{PAD{1'h0}}, ADDR_A0})
+                    a0_we = 1'h1;
 
-              if (address == {{PAD{1'h0}}, ADDR_A1})
-                a1_we = 1'h1;
+                  if (address == {{PAD{1'h0}}, ADDR_A1})
+                    a1_we = 1'h1;
 
-              if ((address >= {{PAD{1'h0}}, ADDR_KEY0}) &&
-                   (address <= {{PAD{1'h0}}, ADDR_KEY7}))
-                key_we = 1'h1;
+                  if ((address >= {{PAD{1'h0}}, ADDR_KEY0}) &&
+                      (address <= {{PAD{1'h0}}, ADDR_KEY7}))
+                    key_we = 1'h1;
 
-              if (address[(ADDR_BITS - 1)])
-                core_api_we = 1'h1;
+                  if (address[(ADDR_BITS - 1)])
+                    core_api_we = 1'h1;
+                end
             end // if (we)
           else
             begin

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.


More information about the Commits mailing list