[Cryptech-Commits] [core/util/keywrap] 95/95: Move keywrap from user/js to core/util.

git at cryptech.is git at cryptech.is
Wed Mar 25 17:19:34 UTC 2020


This is an automated email from the git hooks/post-receive script.

paul at psgd.org pushed a commit to branch master
in repository core/util/keywrap.

commit 4333178c6a8f467ddacc13ddae0bed588b6bdcf3
Author: Paul Selkirk <paul at psgd.org>
AuthorDate: Wed Mar 25 13:14:15 2020 -0400

    Move keywrap from user/js to core/util.
    
    Also remove the auto_zeroise code, since that's behaving badly, and it's
    not used anyway in the integrate_mkmif branch.
---
 README.md              |  15 ------
 src/rtl/keywrap.v      |  55 +---------------------
 src/rtl/keywrap_core.v | 123 +------------------------------------------------
 3 files changed, 4 insertions(+), 189 deletions(-)

diff --git a/README.md b/README.md
index 29d971e..8420944 100644
--- a/README.md
+++ b/README.md
@@ -53,21 +53,6 @@ perform padding as meeded.
 chapter 2.2.2 of RFC 3394.)
 
 
-### Auto Zeroise
-The core implements an auto zeroise functionality for secret key. This
-means that any loaded wrapping key will automatically be wiped from all
-registers storing key information after a specified timeout. Timeout
-countdown is halted when the core is performing any wrap/unwrap operation,
-and the timeout is reset to its defined start value after an operation
-has been completed.
-
-SW can set the timout value (in cycles), SW can also inspect the key
-status and timeout status. Reading status also triggers a reset of the
-timeout counter. This allows SW to keep a loaded key alive by simply
-checking status. Finally SW can actively trigger a key zeroisation
-operation.
-
-
 ## Implementation results
 The core has been implemented for Xilinx Artix7-t200 using ISE with the
 following results:
diff --git a/src/rtl/keywrap.v b/src/rtl/keywrap.v
index b41f476..2033b23 100644
--- a/src/rtl/keywrap.v
+++ b/src/rtl/keywrap.v
@@ -48,7 +48,7 @@
 //
 //======================================================================
 
-module keywrap #(parameter ADDR_BITS = 13)
+module keywrap #(parameter ADDR_BITS = 12)
                (
                 input wire                        clk,
                 input wire                        reset_n,
@@ -72,19 +72,15 @@ module keywrap #(parameter ADDR_BITS = 13)
   localparam ADDR_CTRL        = 8'h08;
   localparam CTRL_INIT_BIT    = 0;
   localparam CTRL_NEXT_BIT    = 1;
-  localparam CTRL_ZEROISE_BIT = 2;
 
   localparam ADDR_STATUS       = 8'h09;
   localparam STATUS_READY_BIT  = 0;
   localparam STATUS_VALID_BIT  = 1;
-  localparam STATUS_LOADED_BIT = 2;
 
   localparam ADDR_CONFIG      = 8'h0a;
   localparam CTRL_ENCDEC_BIT  = 0;
   localparam CTRL_KEYLEN_BIT  = 1;
 
-  localparam ADDR_TIMEOUT     = 8'h0b;
-
   localparam ADDR_RLEN        = 8'h0c;
   localparam ADDR_A0          = 8'h0e;
   localparam ADDR_A1          = 8'h0f;
@@ -106,8 +102,6 @@ module keywrap #(parameter ADDR_BITS = 13)
   localparam RLEN_BITS        = ADDR_BITS - 2;
   localparam PAD              = ADDR_BITS - 8;
 
-  localparam DEFAULT_TIMEOUT  = 32'h0400_0000;
-
 
   //----------------------------------------------------------------
   // Registers including update variables and write enable.
@@ -134,21 +128,11 @@ module keywrap #(parameter ADDR_BITS = 13)
   reg [31 : 0] key_reg [0 : 7];
   reg          key_we;
 
-  reg [31 : 0] timeout_reg;
-  reg          timeout_we;
-
-  reg          ping_reg;
-  reg          ping_new;
-
-  reg          zeroise_reg;
-  reg          zeroise_new;
-
   reg [31 : 0] api_rd_delay_reg;
   reg [31 : 0] api_rd_delay_new;
 
   reg valid_reg;
   reg ready_reg;
-  reg loaded_reg;
 
 
   //----------------------------------------------------------------
@@ -161,12 +145,10 @@ module keywrap #(parameter ADDR_BITS = 13)
   wire [(MEM_BITS - 1) : 0] core_api_addr;
   wire           core_ready;
   wire           core_valid;
-  wire           core_loaded;
   wire [255 : 0] core_key;
   wire [63 : 0]  core_a_init;
   wire [63 : 0]  core_a_result;
   wire [31 : 0]  core_api_rd_data;
-  wire           core_timeout;
 
 
   //----------------------------------------------------------------
@@ -197,12 +179,6 @@ module keywrap #(parameter ADDR_BITS = 13)
 
                     .ready(core_ready),
                     .valid(core_valid),
-                    .loaded(core_loaded),
-
-                    .timeout_delay(timeout_reg),
-                    .ping(ping_reg),
-                    .zeroise(zeroise_reg),
-                    .timeout(core_timeout),
 
                     .rlen(rlen_reg),
 
@@ -238,23 +214,16 @@ module keywrap #(parameter ADDR_BITS = 13)
           rlen_reg         <= {RLEN_BITS{1'h0}};
           valid_reg        <= 1'h0;
           ready_reg        <= 1'h0;
-          loaded_reg       <= 1'h0;
           a0_reg           <= 32'h0;
           a1_reg           <= 32'h0;
           api_rd_delay_reg <= 32'h0;
-          timeout_reg      <= DEFAULT_TIMEOUT;
-          ping_reg         <= 1'h0;
-          zeroise_reg      <= 1'h0;
         end
       else
         begin
           ready_reg        <= core_ready;
           valid_reg        <= core_valid;
-          loaded_reg       <= core_loaded;
           init_reg         <= init_new;
           next_reg         <= next_new;
-          ping_reg         <= ping_new;
-          zeroise_reg      <= zeroise_new;
           api_rd_delay_reg <= api_rd_delay_new;
 
           if (config_we)
@@ -272,17 +241,8 @@ module keywrap #(parameter ADDR_BITS = 13)
           if (a1_we)
             a1_reg <= write_data;
 
-          if (zeroise_reg || core_timeout)
-            begin
-              for (i = 0 ; i < 8 ; i = i + 1)
-                key_reg[i] <= 32'h0;
-            end
-
           if (key_we)
             key_reg[address[2 : 0]] <= write_data;
-
-          if (timeout_we)
-            timeout_reg <= write_data;
         end
     end // reg_update
 
@@ -304,9 +264,6 @@ module keywrap #(parameter ADDR_BITS = 13)
       a1_we            = 1'h0;
       tmp_read_data    = 32'h0;
       tmp_error        = 1'h0;
-      timeout_we       = 1'h0;
-      ping_new         = 1'h0;
-      zeroise_new      = 1'h0;
       api_rd_delay_new = 32'h0;
 
       // api_mux
@@ -325,15 +282,11 @@ module keywrap #(parameter ADDR_BITS = 13)
                     begin
                       init_new    = write_data[CTRL_INIT_BIT];
                       next_new    = write_data[CTRL_NEXT_BIT];
-                      zeroise_new = write_data[CTRL_ZEROISE_BIT];
                     end
 
                   if (address == {{PAD{1'h0}}, ADDR_CONFIG})
                     config_we = 1'h1;
 
-                  if (address == {{PAD{1'h0}}, ADDR_TIMEOUT})
-                    timeout_we = 1'h1;
-
                   if (address == {{PAD{1'h0}}, ADDR_RLEN})
                     rlen_we = 1'h1;
 
@@ -368,13 +321,9 @@ module keywrap #(parameter ADDR_BITS = 13)
 
               if (address == {{PAD{1'h0}}, ADDR_STATUS})
                 begin
-                  api_rd_delay_new = {29'h0, loaded_reg, valid_reg, ready_reg};
-                  ping_new = 1'h1;
+		  api_rd_delay_new = {30'h0, valid_reg, ready_reg};
                 end
 
-              if (address == {{PAD{1'h0}}, ADDR_TIMEOUT})
-                api_rd_delay_new = timeout_reg;
-
               if (address == {{PAD{1'h0}}, ADDR_RLEN})
                 api_rd_delay_new = {{(32 - RLEN_BITS){1'h0}}, rlen_reg};
 
diff --git a/src/rtl/keywrap_core.v b/src/rtl/keywrap_core.v
index 0354475..b3e17f6 100644
--- a/src/rtl/keywrap_core.v
+++ b/src/rtl/keywrap_core.v
@@ -4,7 +4,6 @@
 // --------------
 // Core that tries to implement AES KEY WRAP as specified in
 // RFC 3394 and extended with padding in RFC 5649.
-// Experimental core at the moment. Does Not Work.
 // The maximum wrap object size is 64 kByte.
 //
 //
@@ -51,12 +50,6 @@ module keywrap_core #(parameter MEM_BITS = 11)
 
                      output wire                      ready,
                      output wire                      valid,
-                     output wire                      loaded,
-
-                     input wire [31 : 0]              timeout_delay,
-                     input wire                       ping,
-                     input wire                       zeroise,
-                     output wire                      timeout,
 
                      input wire [(MEM_BITS - 2) : 0]  rlen,
 
@@ -89,9 +82,6 @@ module keywrap_core #(parameter MEM_BITS = 11)
   localparam CTRL_NEXT_WCHECK   = 4'h8;
   localparam CTRL_NEXT_UCHECK   = 4'h9;
   localparam CTRL_NEXT_FINALIZE = 4'ha;
-  localparam CTRL_ZERO_WAIT     = 4'hb;
-
-  localparam DEFAULT_TIMEOUT  = 32'h0400_0000;
 
 
   //----------------------------------------------------------------
@@ -126,17 +116,6 @@ module keywrap_core #(parameter MEM_BITS = 11)
   reg          iteration_ctr_set;
   reg          iteration_ctr_rst;
 
-  reg [31 : 0] key_timeout_ctr_reg;
-  reg [31 : 0] key_timeout_ctr_new;
-  reg          key_timeout_ctr_we;
-  reg          key_timeout_ctr_set;
-  reg          key_timeout_ctr_dec;
-  reg          key_timeout;
-
-  reg          key_loaded_reg;
-  reg          key_loaded_new;
-  reg          key_loaded_we;
-
   reg [3 : 0]  keywrap_core_ctrl_reg;
   reg [3 : 0]  keywrap_core_ctrl_new;
   reg          keywrap_core_ctrl_we;
@@ -149,13 +128,10 @@ module keywrap_core #(parameter MEM_BITS = 11)
   reg            aes_next;
   wire           aes_ready;
   wire           aes_valid;
-  reg [255 : 0]  aes_key;
-  reg            aes_keylen;
   reg  [127 : 0] aes_block;
   wire [127 : 0] aes_result;
 
   reg            update_state;
-  reg            zero_key;
 
   reg                      core_we;
   reg [(MEM_BITS - 2) : 0] core_addr;
@@ -190,8 +166,8 @@ module keywrap_core #(parameter MEM_BITS = 11)
                .init(aes_init),
                .next(aes_next),
 
-               .key(aes_key),
-               .keylen(aes_keylen),
+               .key(key),
+               .keylen(keylen),
 
                .block(aes_block),
 
@@ -207,8 +183,6 @@ module keywrap_core #(parameter MEM_BITS = 11)
   assign a_result = a_reg;
   assign ready    = ready_reg;
   assign valid    = valid_reg;
-  assign loaded   = key_loaded_reg;
-  assign timeout  = key_timeout;
 
 
   //----------------------------------------------------------------
@@ -221,10 +195,8 @@ module keywrap_core #(parameter MEM_BITS = 11)
           a_reg                 <= 64'h0;
           ready_reg             <= 1'h1;
           valid_reg             <= 1'h0;
-          key_loaded_reg        <= 1'h0;
           block_ctr_reg         <= {(MEM_BITS - 1){1'h0}};
           iteration_ctr_reg     <= 3'h0;
-          key_timeout_ctr_reg   <= DEFAULT_TIMEOUT;
           keywrap_core_ctrl_reg <= CTRL_IDLE;
        end
 
@@ -245,36 +217,12 @@ module keywrap_core #(parameter MEM_BITS = 11)
           if (iteration_ctr_we)
             iteration_ctr_reg <= iteration_ctr_new;
 
-          if (key_timeout_ctr_we)
-            key_timeout_ctr_reg <= key_timeout_ctr_new;
-
-          if (key_loaded_we)
-            key_loaded_reg <= key_loaded_new;
-
           if (keywrap_core_ctrl_we)
             keywrap_core_ctrl_reg <= keywrap_core_ctrl_new;
         end
     end // reg_update
 
 
-  //----------------------------------------------------------------
-  // zeroise_mux
-  //----------------------------------------------------------------
-  always @*
-    begin : zeroise_mux
-      if (zero_key)
-        begin
-          aes_key    = 256'h0;
-          aes_keylen = 1'h1;
-        end
-      else
-        begin
-          aes_key = key;
-          aes_keylen = keylen;
-        end
-    end
-
-
   //----------------------------------------------------------------
   // keywrap_logic
   //
@@ -386,31 +334,6 @@ module keywrap_core #(parameter MEM_BITS = 11)
     end
 
 
-  //----------------------------------------------------------------
-  // key_timeout_ctr
-  //----------------------------------------------------------------
-  always @*
-    begin : key_timeout_ctr
-      key_timeout_ctr_new = 32'h0;
-      key_timeout_ctr_we  = 1'h0;
-      key_timeout         = 1'h0;
-
-      if (key_timeout_ctr_reg == 32'h0)
-        key_timeout = 1'h1;
-
-      if (key_timeout_ctr_set || ping)
-        begin
-          key_timeout_ctr_new = timeout_delay;
-          key_timeout_ctr_we  = 1'h1;
-        end
-      else if (key_timeout_ctr_dec)
-        begin
-          key_timeout_ctr_new = key_timeout_ctr_reg - 1'h1;
-          key_timeout_ctr_we  = 1'h1;
-        end
-    end
-
-
   //----------------------------------------------------------------
   // keywrap_core_ctrl
   //----------------------------------------------------------------
@@ -432,11 +355,6 @@ module keywrap_core #(parameter MEM_BITS = 11)
       iteration_ctr_dec     = 1'h0;
       iteration_ctr_set     = 1'h0;
       iteration_ctr_rst     = 1'h0;
-      key_timeout_ctr_set   = 1'h0;
-      key_timeout_ctr_dec   = 1'h0;
-      zero_key              = 1'h0;
-      key_loaded_new        = 1'h0;
-      key_loaded_we         = 1'h0;
       keywrap_core_ctrl_new = CTRL_IDLE;
       keywrap_core_ctrl_we  = 1'h0;
 
@@ -444,25 +362,6 @@ module keywrap_core #(parameter MEM_BITS = 11)
       case (keywrap_core_ctrl_reg)
         CTRL_IDLE:
           begin
-            if (key_loaded_reg)
-              begin
-                if (key_timeout || zeroise)
-                  begin
-                    aes_init              = 1'h1;
-                    zero_key              = 1'h1;
-                    ready_new             = 1'h0;
-                    ready_we              = 1'h1;
-                    valid_new             = 1'h0;
-                    valid_we              = 1'h1;
-                    keywrap_core_ctrl_new = CTRL_ZERO_WAIT;
-                    keywrap_core_ctrl_we  = 1'h1;
-                  end
-                else
-                  begin
-                    key_timeout_ctr_dec = 1'h1;
-                  end
-              end
-
             if (init)
               begin
                 aes_init              = 1'h1;
@@ -496,9 +395,6 @@ module keywrap_core #(parameter MEM_BITS = 11)
               begin
                 ready_new             = 1'h1;
                 ready_we              = 1'h1;
-                key_loaded_new        = 1'h1;
-                key_loaded_we         = 1'h1;
-                key_timeout_ctr_set   = 1'h1;
                 keywrap_core_ctrl_new = CTRL_IDLE;
                 keywrap_core_ctrl_we  = 1'h1;
               end
@@ -616,26 +512,11 @@ module keywrap_core #(parameter MEM_BITS = 11)
             ready_we              = 1'h1;
             valid_new             = 1'h1;
             valid_we              = 1'h1;
-            key_timeout_ctr_set   = 1'h1;
             keywrap_core_ctrl_new = CTRL_IDLE;
             keywrap_core_ctrl_we  = 1'h1;
           end
 
 
-        CTRL_ZERO_WAIT:
-          begin
-            zero_key = 1'h1;
-            if (aes_ready)
-              begin
-                key_loaded_new        = 1'h0;
-                key_loaded_we         = 1'h1;
-                ready_new             = 1'h1;
-                ready_we              = 1'h1;
-                keywrap_core_ctrl_new = CTRL_IDLE;
-                keywrap_core_ctrl_we  = 1'h1;
-              end
-          end
-
         default:
           begin
 



More information about the Commits mailing list