[Cryptech-Commits] [user/js/keywrap] branch auto_zeroise updated: Adding key timeout output port to allow core to inform the top level wrapper that timeout has occured. Added functionality to zeroise API key registers when timout has happened. Updated all auto_zeroise test cases to check that API key registers are properly zeroised.
git at cryptech.is
git at cryptech.is
Thu Jan 17 08:48:10 UTC 2019
This is an automated email from the git hooks/post-receive script.
joachim at secworks.se pushed a commit to branch auto_zeroise
in repository user/js/keywrap.
The following commit(s) were added to refs/heads/auto_zeroise by this push:
new 4b8d7ab Adding key timeout output port to allow core to inform the top level wrapper that timeout has occured. Added functionality to zeroise API key registers when timout has happened. Updated all auto_zeroise test cases to check that API key registers are properly zeroised.
4b8d7ab is described below
commit 4b8d7ab1c473653d79c2d6e5d6409a502df15fb6
Author: Joachim Strömbergson <joachim at assured.se>
AuthorDate: Thu Jan 17 09:47:37 2019 +0100
Adding key timeout output port to allow core to inform the top level wrapper that timeout has occured. Added functionality to zeroise API key registers when timout has happened. Updated all auto_zeroise test cases to check that API key registers are properly zeroised.
---
src/rtl/keywrap.v | 6 ++++--
src/rtl/keywrap_core.v | 6 ++++--
src/tb/tb_keywrap.v | 53 +++++++++++++++++++++++++++++++++++++++++++++++-
src/tb/tb_keywrap_core.v | 4 +++-
4 files changed, 63 insertions(+), 6 deletions(-)
diff --git a/src/rtl/keywrap.v b/src/rtl/keywrap.v
index d6a2b5e..b41f476 100644
--- a/src/rtl/keywrap.v
+++ b/src/rtl/keywrap.v
@@ -166,6 +166,7 @@ module keywrap #(parameter ADDR_BITS = 13)
wire [63 : 0] core_a_init;
wire [63 : 0] core_a_result;
wire [31 : 0] core_api_rd_data;
+ wire core_timeout;
//----------------------------------------------------------------
@@ -198,9 +199,10 @@ module keywrap #(parameter ADDR_BITS = 13)
.valid(core_valid),
.loaded(core_loaded),
- .timeout(timeout_reg),
+ .timeout_delay(timeout_reg),
.ping(ping_reg),
.zeroise(zeroise_reg),
+ .timeout(core_timeout),
.rlen(rlen_reg),
@@ -270,7 +272,7 @@ module keywrap #(parameter ADDR_BITS = 13)
if (a1_we)
a1_reg <= write_data;
- if (zeroise_reg)
+ if (zeroise_reg || core_timeout)
begin
for (i = 0 ; i < 8 ; i = i + 1)
key_reg[i] <= 32'h0;
diff --git a/src/rtl/keywrap_core.v b/src/rtl/keywrap_core.v
index adb3099..5a6f953 100644
--- a/src/rtl/keywrap_core.v
+++ b/src/rtl/keywrap_core.v
@@ -53,9 +53,10 @@ module keywrap_core #(parameter MEM_BITS = 11)
output wire valid,
output wire loaded,
- input wire [31 : 0] timeout,
+ input wire [31 : 0] timeout_delay,
input wire ping,
input wire zeroise,
+ output wire timeout,
input wire [(MEM_BITS - 2) : 0] rlen,
@@ -205,6 +206,7 @@ module keywrap_core #(parameter MEM_BITS = 11)
assign ready = ready_reg;
assign valid = valid_reg;
assign loaded = key_loaded_reg;
+ assign timeout = key_timeout;
//----------------------------------------------------------------
@@ -396,7 +398,7 @@ module keywrap_core #(parameter MEM_BITS = 11)
if (key_timeout_ctr_set || ping)
begin
- key_timeout_ctr_new = timeout;
+ key_timeout_ctr_new = timeout_delay;
key_timeout_ctr_we = 1'h1;
end
else if (key_timeout_ctr_dec)
diff --git a/src/tb/tb_keywrap.v b/src/tb/tb_keywrap.v
index 82a827c..d0800fa 100644
--- a/src/tb/tb_keywrap.v
+++ b/src/tb/tb_keywrap.v
@@ -1236,6 +1236,12 @@ module tb_keywrap();
read_word(ADDR_STATUS);
$display("Status register: 0x%032b", read_data);
+ $display("Contents of the API key registers:");
+ $display("0x%04x 0x%04x 0x%04x 0x%04x",
+ dut.key_reg[0], dut.key_reg[1], dut.key_reg[2], dut.key_reg[3]);
+ $display("0x%04x 0x%04x 0x%04x 0x%04x",
+ dut.key_reg[4], dut.key_reg[5], dut.key_reg[6], dut.key_reg[7]);
+
// Display contents in one of the key expansion registers
$display("Contents in key_mem[2]: 0x%016x",
dut.core.aes.keymem.key_mem[2]);
@@ -1262,6 +1268,12 @@ module tb_keywrap();
$display("Contents in key_mem[2] after timeout: 0x%016x",
dut.core.aes.keymem.key_mem[2]);
+ $display("Contents of the API key registers:");
+ $display("0x%04x 0x%04x 0x%04x 0x%04x",
+ dut.key_reg[0], dut.key_reg[1], dut.key_reg[2], dut.key_reg[3]);
+ $display("0x%04x 0x%04x 0x%04x 0x%04x",
+ dut.key_reg[4], dut.key_reg[5], dut.key_reg[6], dut.key_reg[7]);
+
if (dut.core.aes.keymem.key_mem[2] != 128'h62636363626363636263636362636363)
begin
error_ctr = error_ctr + 1;
@@ -1367,6 +1379,13 @@ module tb_keywrap();
dut.core.key_timeout_ctr_reg);
read_word(ADDR_STATUS);
$display("Status register: 0x%032b", read_data);
+
+ $display("Contents of the API key registers:");
+ $display("0x%04x 0x%04x 0x%04x 0x%04x",
+ dut.key_reg[0], dut.key_reg[1], dut.key_reg[2], dut.key_reg[3]);
+ $display("0x%04x 0x%04x 0x%04x 0x%04x",
+ dut.key_reg[4], dut.key_reg[5], dut.key_reg[6], dut.key_reg[7]);
+
$display("Contents of the key_mem[2]: 0x%016x",
dut.core.aes.keymem.key_mem[2]);
@@ -1392,9 +1411,23 @@ module tb_keywrap();
#(40 * CLK_PERIOD);
read_word(ADDR_STATUS);
$display("Status register: 0x%032b", read_data);
+
+ $display("Contents of the API key registers:");
+ $display("0x%04x 0x%04x 0x%04x 0x%04x",
+ dut.key_reg[0], dut.key_reg[1], dut.key_reg[2], dut.key_reg[3]);
+ $display("0x%04x 0x%04x 0x%04x 0x%04x",
+ dut.key_reg[4], dut.key_reg[5], dut.key_reg[6], dut.key_reg[7]);
+
$display("Contents of the key_mem[2]: 0x%016x",
dut.core.aes.keymem.key_mem[2]);
+ if (dut.core.aes.keymem.key_mem[2] != 128'h62636363626363636263636362636363)
+ begin
+ error_ctr = error_ctr + 1;
+ $display("Error. Contents in key_mem[2]: 0x%016x, expected 0x62636363626363636263636362636363",
+ dut.core.aes.keymem.key_mem[2]);
+ end
+
$display("** TC test_zeroise2 END.\n");
end
endtask // test_zeroise2
@@ -1430,7 +1463,6 @@ module tb_keywrap();
// Initialize the AES engine (to expand the key).
// Wait for init to complete.
- // Note, not actually needed to wait. We can write R data during init.
$display("* Initializing.");
write_word(ADDR_CTRL, 32'h00000001);
#(2 * CLK_PERIOD);
@@ -1441,6 +1473,12 @@ module tb_keywrap();
read_word(ADDR_STATUS);
$display("Status register: 0b%032b", read_data);
+ $display("Contents of the API key registers:");
+ $display("0x%04x 0x%04x 0x%04x 0x%04x",
+ dut.key_reg[0], dut.key_reg[1], dut.key_reg[2], dut.key_reg[3]);
+ $display("0x%04x 0x%04x 0x%04x 0x%04x",
+ dut.key_reg[4], dut.key_reg[5], dut.key_reg[6], dut.key_reg[7]);
+
// Display contents in key expansion register 2.
$display("Contents of the key_mem[2] after init: 0x%016x",
dut.core.aes.keymem.key_mem[2]);
@@ -1457,10 +1495,23 @@ module tb_keywrap();
read_word(ADDR_STATUS);
$display("Status register: 0x%032b", read_data);
+ $display("Contents of the API key registers:");
+ $display("0x%04x 0x%04x 0x%04x 0x%04x",
+ dut.key_reg[0], dut.key_reg[1], dut.key_reg[2], dut.key_reg[3]);
+ $display("0x%04x 0x%04x 0x%04x 0x%04x",
+ dut.key_reg[4], dut.key_reg[5], dut.key_reg[6], dut.key_reg[7]);
+
// Display contents in key expansion register 2.
$display("Contents of the key_mem[2] after zeroisation: 0x%016x",
dut.core.aes.keymem.key_mem[2]);
+ if (dut.core.aes.keymem.key_mem[2] != 128'h62636363626363636263636362636363)
+ begin
+ error_ctr = error_ctr + 1;
+ $display("Error. Contents in key_mem[2]: 0x%016x, expected 0x62636363626363636263636362636363",
+ dut.core.aes.keymem.key_mem[2]);
+ end
+
$display("** TC test_zerois3 END.\n");
end
endtask // test_zeroise3
diff --git a/src/tb/tb_keywrap_core.v b/src/tb/tb_keywrap_core.v
index 7f9c42d..6ec76be 100644
--- a/src/tb/tb_keywrap_core.v
+++ b/src/tb/tb_keywrap_core.v
@@ -71,6 +71,7 @@ module tb_keywrap_core();
reg [31 : 0] tb_timeout;
reg tb_ping;
reg tb_zeroise;
+ wire tb_dut_timeout;
reg [(RLEN_BITS - 1) : 0] tb_rlen;
reg [255 : 0] tb_key;
reg tb_keylen;
@@ -98,9 +99,10 @@ module tb_keywrap_core();
.valid(tb_valid),
.loaded(tb_loaded),
- .timeout(tb_timeout),
+ .timeout_delay(tb_timeout),
.ping(tb_ping),
.zeroise(tb_zeroise),
+ .timeout(tb_dut_timeout),
.rlen(tb_rlen),
.key(tb_key),
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Commits
mailing list