[Cryptech-Commits] [core/hash/sha3] 01/02: The SHA-3 algorithm really wants everything to be little-endian, which is at odds with everything else in our system (including the register interface to sha3_wrapper). Rather than trying to rewrite sha3, I'll isolate it in its own little-endian universe by byte-swapping all reads and writes.
git at cryptech.is
git at cryptech.is
Mon Jun 7 19:09:29 UTC 2021
This is an automated email from the git hooks/post-receive script.
paul at psgd.org pushed a commit to branch sha3_mode
in repository core/hash/sha3.
commit 2e38d480fa2767b2501a477766149476b0d03537
Author: Paul Selkirk <paul at psgd.org>
AuthorDate: Sun Jun 6 22:04:55 2021 -0400
The SHA-3 algorithm really wants everything to be little-endian, which is
at odds with everything else in our system (including the register
interface to sha3_wrapper). Rather than trying to rewrite sha3, I'll
isolate it in its own little-endian universe by byte-swapping all reads
and writes.
---
src/rtl/sha3.v | 30 ++++++++++++++++++++++--------
src/tb/tb_sha3.v | 24 +++++++++---------------
2 files changed, 31 insertions(+), 23 deletions(-)
diff --git a/src/rtl/sha3.v b/src/rtl/sha3.v
index ee29ba6..a8b41bc 100644
--- a/src/rtl/sha3.v
+++ b/src/rtl/sha3.v
@@ -48,11 +48,25 @@ module sha3( input wire clk,
input wire w,
input wire [ 8:2] addr,
input wire [32-1:0] din,
- output reg [32-1:0] dout,
+ output wire [32-1:0] dout,
input wire init,
input wire next,
output wire ready);
+
+ /* The SHA-3 algorithm really wants everything to be little-endian,
+ * which is at odds with everything else in our system (including the
+ * register interface to sha3_wrapper). Rather than trying to rewrite
+ * Bernd's beautiful code, we'll just byte-swap all I/O.
+ */
+
+ reg [31:0] dout_swap;
+ assign dout = {dout_swap[7:0], dout_swap[15:8], dout_swap[23:16], dout_swap[31:24]};
+
+ wire [31:0] din_swap;
+ assign din_swap = {din[7:0], din[15:8], din[23:16], din[31:24]};
+
+
integer i, j;
reg [64-1:0] blk[0:24], // input block
@@ -100,9 +114,9 @@ module sha3( input wire clk,
always @*
//
- dout = addr[8] ?
- (~addr[2] ? st [addr[7:3]][31:0] : st [addr[7:3]][63:32]) :
- (~addr[2] ? blk[addr[7:3]][31:0] : blk[addr[7:3]][63:32]) ;
+ dout_swap = addr[8] ?
+ (~addr[2] ? st [addr[7:3]][31:0] : st [addr[7:3]][63:32]) :
+ (~addr[2] ? blk[addr[7:3]][31:0] : blk[addr[7:3]][63:32]) ;
always @* begin
@@ -188,12 +202,12 @@ module sha3( input wire clk,
end
- if (w && !addr[8]) // only the first half of memory is writeable
+ if (w)
//
case (addr[2])
- 1: blk[addr[7:3]][63:32] <= din;
- 0: blk[addr[7:3]][31: 0] <= din;
- endcase // case (addr[2])
+ 1: blk[addr[7:3]][63:32] <= din_swap;
+ 0: blk[addr[7:3]][31: 0] <= din_swap;
+ endcase
end
diff --git a/src/tb/tb_sha3.v b/src/tb/tb_sha3.v
index 28d06a3..5dd93c4 100644
--- a/src/tb/tb_sha3.v
+++ b/src/tb/tb_sha3.v
@@ -239,8 +239,8 @@ module tb_sha3();
for (i=0; i<50; i=i+1) begin
case (i)
- 0: tb_wr_data = 32'h00000006; // ...0001 | 10
- block_words-1: tb_wr_data = 32'h80000000; // 1000...
+ 0: tb_wr_data = 32'h06000000; // ...0001 | 10
+ block_words-1: tb_wr_data = 32'h00000080; // 1000...
default: tb_wr_data = 32'h00000000;
endcase
tb_addr = {1'b0, i[5:0]}; // increment address
@@ -266,9 +266,7 @@ module tb_sha3();
tb_addr = {1'b1, i[5:0]};
#(CLK_PERIOD);
- // swap bytes in the read value
- for (j=31; j>0; j=j-8)
- hash_word[j-:8] = tb_rd_data[31-j+:8];
+ hash_word = tb_rd_data;
$display(" *** hash_word[%0d]: reference = %08x, calculated = %08x",
i, hash_shreg[511-:32], hash_word);
@@ -323,8 +321,8 @@ module tb_sha3();
for (i=0; i<50; i=i+1) begin
case (i)
- 0: tb_wr_data = 32'h06636261; // ...0001 | 10 | 'cba'
- block_words-1: tb_wr_data = 32'h80000000; // 1000...
+ 0: tb_wr_data = 32'h61626306; // ...0001 | 10 | 'cba'
+ block_words-1: tb_wr_data = 32'h00000080; // 1000...
default: tb_wr_data = 32'h00000000;
endcase
tb_addr = {1'b0, i[5:0]}; // increment address
@@ -350,9 +348,7 @@ module tb_sha3();
tb_addr = {1'b1, i[5:0]};
#(CLK_PERIOD);
- // swap bytes in the read value
- for (j=31; j>0; j=j-8)
- hash_word[j-:8] = tb_rd_data[31-j+:8];
+ hash_word = tb_rd_data;
$display(" *** hash_word[%0d]: reference = %08x, calculated = %08x",
i, hash_shreg[511-:32], hash_word);
@@ -440,14 +436,14 @@ module tb_sha3();
total_bits = total_bits - 32;
end else if (total_bits == 0) begin
// padding
- tb_wr_data = 32'h00000006;
+ tb_wr_data = 32'h06000000;
tb_addr = {1'b0, i[5:0]};
tb_we = 1;
#(CLK_PERIOD);
total_bits = total_bits - 32;
end else if (i == (block_words-1)) begin
// more padding
- tb_wr_data = 32'h80000000;
+ tb_wr_data = 32'h00000080;
tb_addr = {1'b0, i[5:0]};
tb_we = 1;
#(CLK_PERIOD);
@@ -482,9 +478,7 @@ module tb_sha3();
tb_addr = {1'b1, i[5:0]};
#(CLK_PERIOD);
- // swap bytes in the read value
- for (j=31; j>0; j=j-8)
- hash_word[j-:8] = tb_rd_data[31-j+:8];
+ hash_word = tb_rd_data;
$display(" *** hash_word[%0d]: reference = %08x, calculated = %08x",
i, hash_shreg[511-:32], hash_word);
More information about the Commits
mailing list