[Cryptech-Commits] [core/util/keywrap] 83/95: Fixed some bugs in auto-zeroise functionality. Now it really zeroises key automatically. It seems to work, but needs a bit more testing.

git at cryptech.is git at cryptech.is
Wed Mar 25 17:19:22 UTC 2020


This is an automated email from the git hooks/post-receive script.

paul at psgd.org pushed a commit to branch master
in repository core/util/keywrap.

commit b57fa444b8f894debc762cc877e4c91773e2d605
Author: Joachim Strömbergson <joachim at secworks.se>
AuthorDate: Thu Dec 13 16:36:05 2018 +0100

    Fixed some bugs in auto-zeroise functionality. Now it really zeroises key automatically. It seems to work, but needs a bit more testing.
---
 src/rtl/keywrap.v      |  1 +
 src/rtl/keywrap_core.v | 17 ++++++------
 src/tb/tb_keywrap.v    | 70 +++++++++++++++++++++++++++++++++++++-------------
 3 files changed, 61 insertions(+), 27 deletions(-)

diff --git a/src/rtl/keywrap.v b/src/rtl/keywrap.v
index 36e95bf..47c40d6 100644
--- a/src/rtl/keywrap.v
+++ b/src/rtl/keywrap.v
@@ -302,6 +302,7 @@ module keywrap #(parameter ADDR_BITS = 13)
       a1_we            = 1'h0;
       tmp_read_data    = 32'h0;
       tmp_error        = 1'h0;
+      timeout_we       = 1'h0;
       ping_new         = 1'h0;
       zeroise_new      = 1'h0;
       api_rd_delay_new = 32'h0;
diff --git a/src/rtl/keywrap_core.v b/src/rtl/keywrap_core.v
index 5d628e2..866e132 100644
--- a/src/rtl/keywrap_core.v
+++ b/src/rtl/keywrap_core.v
@@ -123,8 +123,8 @@ module keywrap_core #(parameter MEM_BITS = 11)
   reg          iteration_ctr_set;
   reg          iteration_ctr_rst;
 
-  reg [35 : 0] key_timeout_ctr_reg;
-  reg [35 : 0] key_timeout_ctr_new;
+  reg [31 : 0] key_timeout_ctr_reg;
+  reg [31 : 0] key_timeout_ctr_new;
   reg          key_timeout_ctr_we;
   reg          key_timeout_ctr_set;
   reg          key_timeout_ctr_dec;
@@ -219,7 +219,7 @@ module keywrap_core #(parameter MEM_BITS = 11)
           valid_reg             <= 1'h1;
           block_ctr_reg         <= {(MEM_BITS - 1){1'h0}};
           iteration_ctr_reg     <= 3'h0;
-          key_timeout_ctr_reg   <= 36'h0;
+          key_timeout_ctr_reg   <= 32'h0;
           key_loaded_reg        <= 1'h0;
           keywrap_core_ctrl_reg <= CTRL_IDLE;
        end
@@ -387,20 +387,19 @@ module keywrap_core #(parameter MEM_BITS = 11)
   //----------------------------------------------------------------
   always @*
     begin : key_timeout_ctr
-      key_timeout_ctr_new = 36'h0;
+      key_timeout_ctr_new = 32'h0;
       key_timeout_ctr_we  = 1'h0;
       key_timeout         = 1'h0;
 
-      if (key_timeout_ctr_reg == 36'h0)
+      if (key_timeout_ctr_reg == 32'h0)
         key_timeout = 1'h1;
 
       if (key_timeout_ctr_set || ping)
         begin
-          key_timeout_ctr_new = {timeout, 4'h0};
+          key_timeout_ctr_new = timeout;
           key_timeout_ctr_we  = 1'h1;
         end
-
-      if (key_timeout_ctr_dec)
+      else if (key_timeout_ctr_dec)
         begin
           key_timeout_ctr_new = key_timeout_ctr_reg - 1'h1;
           key_timeout_ctr_we  = 1'h1;
@@ -452,7 +451,7 @@ module keywrap_core #(parameter MEM_BITS = 11)
                     valid_new             = 1'h0;
                     valid_we              = 1'h1;
                     keywrap_core_ctrl_new = CTRL_ZERO_WAIT;
-                    keywrap_core_ctrl_we  = 1'h0;
+                    keywrap_core_ctrl_we  = 1'h1;
                   end
                 else
                   begin
diff --git a/src/tb/tb_keywrap.v b/src/tb/tb_keywrap.v
index 867b4a3..e0b82c4 100644
--- a/src/tb/tb_keywrap.v
+++ b/src/tb/tb_keywrap.v
@@ -39,9 +39,10 @@
 
 module tb_keywrap();
 
-  parameter DEBUG     = 0;
-  parameter DUMP_TOP  = 0;
-  parameter DUMP_CORE = 0;
+  parameter DEBUG        = 1;
+  parameter DUMP_TOP     = 0;
+  parameter DUMP_CORE    = 0;
+  parameter DUMP_TIMEOUT = 1;
 
   parameter CLK_HALF_PERIOD = 1;
   parameter CLK_PERIOD      = 2 * CLK_HALF_PERIOD;
@@ -300,6 +301,22 @@ module tb_keywrap();
           $display("keywrap_core_ctrl_we  = 0x%0x", dut.core.keywrap_core_ctrl_we);
         end
 
+      if (DUMP_TIMEOUT)
+        begin
+          $display("timeout signals:");
+
+          $display("api_timeout_reg = 0x%04x  api_timeout_we = 0x%x", dut.timeout_reg, dut.timeout_we);
+          $display("timeout = 0x%04x  ping = 0x%x  zeroise = 0x%x  loaded = 0x%x",
+                   dut.core.timeout, dut.core.ping, dut.core.zeroise, dut.core.loaded);
+          $display("key_timeout_ctr_reg = 0x%04x  key_timeout_ctr_new = 0x%04x",
+                   dut.core.key_timeout_ctr_reg, dut.core.key_timeout_ctr_new);
+          $display("key_timeout = 0x%x  key_timeout_ctr_we = 0x%x  key_timeout_ctr_set = 0x%x  key_timeout_ctr_dec = 0x%x",
+                   dut.core.key_timeout, dut.core.key_timeout_ctr_we, dut.core.key_timeout_ctr_set, dut.core.key_timeout_ctr_dec);
+
+          $display("keywrap_core_ctrl_reg = 0x%0x", dut.core.keywrap_core_ctrl_reg);
+          $display("keywrap_core_ctrl_new = 0x%0x", dut.core.keywrap_core_ctrl_new);
+          $display("keywrap_core_ctrl_we  = 0x%0x", dut.core.keywrap_core_ctrl_we);
+        end
       $display("");
       $display("");
     end
@@ -1178,10 +1195,14 @@ module tb_keywrap();
       read_word(ADDR_STATUS);
       $display("Status register: 0x%032b", read_data);
 
-      // Set the key timeout to 6 * 16 = 96 cycles.
-      write_word(ADDR_TIMEOUT, 32'h00000006);
+      // Set the key timeout to 256 cycles.
+      write_word(ADDR_TIMEOUT, 32'hdeadbeef);
+      read_word(ADDR_TIMEOUT);
+      if (read_data != 32'hdeadbeef)
+        $display("Error. Timout value = 0x%04x, expected 0xdeadbeef", read_data);
 
-      $display("Contents of the key_mem[2]: 0x%016x",
+      // Display contents in key expansion register 2.
+      $display("Contents of the key_mem[2] before init: 0x%016x",
                dut.core.aes.keymem.key_mem[2]);
 
       // Initialize the AES engine (to expand the key).
@@ -1193,37 +1214,50 @@ module tb_keywrap();
       wait_ready();
       $display("* Init done.");
 
-      // Display contents in one of the key expansion registers
-      $display("Contents of the key_mem[2]: 0x%016x",
+      // Display contents in key expansion register 2 again.
+      $display("Contents of the key_mem[2] after init: 0x%016x",
                dut.core.aes.keymem.key_mem[2]);
 
       // Check if key is loaded, according to the loaded flag.
       read_word(ADDR_STATUS);
-      $display("Status register: 0x%032b", read_data);
+      $display("Status register: 0b%032b", read_data);
 
-      // Display the counter a few times.
-      $display("Contents of the key_mem[2]: 0x%05x",
+      // Display the timeout counter a few times.
+      $display("Contents of timeout counter: 0x%04x",
                dut.core.key_timeout_ctr_reg);
-      #(10 * CLK_PERIOD);
-      $display("Contents of the key_mem[2]: 0x%05x",
+      #(2 * CLK_PERIOD);
+      $display("Contents of timeout counter: 0x%04x",
                dut.core.key_timeout_ctr_reg);
-      #(10 * CLK_PERIOD);
-      $display("Contents of the key_mem[2]: 0x%05x",
+      #(2 * CLK_PERIOD);
+      $display("Contents of timeout counter: 0x%04x",
                dut.core.key_timeout_ctr_reg);
-      #(10 * CLK_PERIOD);
-      $display("Contents of the key_mem[2]: 0x%05x",
+      #(2 * CLK_PERIOD);
+      $display("Contents of timeout counter: 0x%04x",
                dut.core.key_timeout_ctr_reg);
-      #(10 * CLK_PERIOD);
+      #(2 * CLK_PERIOD);
 
       read_word(ADDR_STATUS);
       $display("Status register: 0x%032b", read_data);
 
+      // Display contents in one of the key expansion registers
+      $display("Contents of the key_mem[2]: 0x%016x",
+               dut.core.aes.keymem.key_mem[2]);
+      // Display contents in one of the key expansion registers
+      $display("Contents of the key_mem[2]: 0x%016x",
+               dut.core.aes.keymem.key_mem[2]);
       // Display contents in one of the key expansion registers
       $display("Contents of the key_mem[2]: 0x%016x",
                dut.core.aes.keymem.key_mem[2]);
 
       #(40 * CLK_PERIOD);
 
+      // Set the key timeout to 16 cycles.
+      // Read status to perform ping.
+      write_word(ADDR_TIMEOUT, 32'h00000010);
+      read_word(ADDR_STATUS);
+      #(400 * CLK_PERIOD);
+
+
       read_word(ADDR_STATUS);
       $display("Status register: 0x%032b", read_data);
 



More information about the Commits mailing list