├── DummyGenASIC.v ├── README.md ├── TinyORAMASICWrap.v ├── TinyORAMCore.v ├── TrafficGenASIC.v ├── addr ├── AddrGen.v ├── AddrGenBktHead.v ├── BktIDGen.v ├── DRAMInitializer.v └── PathGen.v ├── backend ├── BackendCoreController.v ├── PathORAMBackend.v ├── PathORAMBackendCore.v ├── REWStatCtr.v ├── old │ └── CoherenceController.v └── test │ └── PathORAMBackendTestbench.v ├── encryption ├── basic │ ├── AESPathORAM.v │ ├── AES_DW.v │ ├── AES_W.v │ ├── PRNG.v │ ├── core_ip │ │ ├── bench │ │ │ └── verilog │ │ │ │ └── test_bench_top.v │ │ ├── doc │ │ │ └── aes.pdf │ │ ├── rtl │ │ │ └── verilog │ │ │ │ ├── aes_cipher_top.v │ │ │ │ ├── aes_inv_cipher_top.v │ │ │ │ ├── aes_inv_sbox.v │ │ │ │ ├── aes_key_expand_128.v │ │ │ │ ├── aes_rcon.v │ │ │ │ └── aes_sbox.v │ │ ├── sim │ │ │ └── rtl_sim │ │ │ │ ├── bin │ │ │ │ └── Makefile │ │ │ │ └── run │ │ │ │ └── waves │ │ │ │ └── waves.do │ │ └── syn │ │ │ └── bin │ │ │ ├── comp.dc │ │ │ ├── design_spec.dc │ │ │ ├── lib_spec.dc │ │ │ └── read.dc │ └── test │ │ └── AESDWTestBench.v └── rew │ ├── AESREWORAM.v │ ├── GentrySeedGenerator.v │ ├── REWAESCore.v │ ├── ROISeedGenerator.v │ ├── core_ip │ └── tiny_aes │ │ ├── aes_128.v │ │ ├── aes_192.v │ │ ├── aes_256.v │ │ ├── expand_key_128.v │ │ ├── final_round.v │ │ ├── round.v │ │ ├── table.v │ │ └── test │ │ ├── test_aes_128.v │ │ ├── test_aes_192.v │ │ ├── test_aes_256.v │ │ ├── test_endian.v │ │ └── test_table_lookup.v │ └── test │ ├── AESREWORAMTestbench.v │ ├── REWAESCoreTestbench.v │ ├── TinyAESTopTestbench.v │ ├── tiny_aes_vc707.v │ └── tiny_aes_vc707.xdc ├── frontend ├── DM_Cache.v ├── Frontend.v ├── PosMapPLB.v ├── UORAMController.v ├── UORAMDataPath.v └── test │ ├── testFrontEnd.v │ ├── testPLB.v │ ├── testUORAM.prj │ ├── testUORAM.v │ └── testUORAM_synthBackend.v ├── gatelib ├── Bin2Gray.v ├── ClockSource.v ├── CountAlarm.v ├── CountCompare.v ├── Counter.v ├── DRAM2RAM.v ├── FIFOControl.v ├── FIFOLinear.v ├── FIFORAM.v ├── FIFORegControl.v ├── FIFORegister.v ├── FIFOShiftRound.v ├── Gray2Bin.v ├── LFSR.v ├── Mux.v ├── OneHot2Bin.v ├── Pipeline.v ├── PrioritySelect.v ├── RAM.v ├── Register.v ├── Reverse.v ├── ShiftRegister.v ├── SynthesizedDRAM.v ├── SynthesizedRandDRAM.v └── UDCounter.v ├── include ├── BucketLocal.vh ├── CacheCmdLocal.vh ├── CacheLocal.vh ├── CommandsLocal.vh ├── Const.vh ├── DDR3SDRAMLocal.vh ├── DMLocal.vh ├── DRAM.constants ├── IVLocal.vh ├── JTAG.vh ├── PLBLocal.vh ├── PathORAM.vh ├── REWAESLocal.vh ├── StashLocal.vh ├── TrafficGenLocal.vh └── UORAM.vh ├── integrity ├── IntegrityVerifier.v ├── Keccak_WF.v ├── core_ip │ └── Keccak512 │ │ ├── f_permutation.v │ │ ├── keccak.v │ │ ├── padder.v │ │ ├── padder1.v │ │ ├── rconst2in1.v │ │ ├── round2in1.v │ │ ├── simulation.do │ │ ├── test_f_permutation.v │ │ ├── test_keccak.v │ │ ├── test_padder.v │ │ ├── test_padder1.v │ │ └── test_rconst2in1.v ├── old │ ├── IVCCLocal.vh │ ├── IntegrityVerifier.v │ └── SHA3Local.vh └── test │ └── testIntegrityVerifier.v ├── sram_wrap ├── RAM_dimensions.txt ├── RF1DFCMN00128X078D02C064_PWRAP.v ├── RF1DFCMN00128X192D02C064_PWRAP.v ├── RF1DFCMN00512X128D04C064_PWRAP.v ├── SRAM1DFCMN01024X064D04C128_PWRAP.v ├── SRAM_WRAP.v ├── rf1D_32soi_wrapper_gen.py ├── rf2D_32soi_wrapper_gen.py ├── sram1D_32soi_wrapper_gen.py ├── sram2D_32soi_wrapper_gen.py ├── sram2S_32soi_wrapper_gen.py └── sram_32soi_wrapper_gen.py ├── stash ├── DRAMToStash.v ├── Stash.v ├── StashCore.v ├── StashScanTable.v ├── StashToDRAM.v ├── StashTop.v └── test │ ├── StashCoreTestbench.v │ └── StashTestbench.v └── util └── put ORAM ecc here /README.md: -------------------------------------------------------------------------------- 1 | 2 | This REAMDE describes the code structure for Tiny ORAM. 3 | 4 | -------------------------------------------------------------------------------- 5 | Introduction 6 | -------------------------------------------------------------------------------- 7 | 8 | Tiny ORAM is partitioned into a frontend and a backend as this leads to a more 9 | modular design. At a system level, the major components connect like this: 10 | 11 | User design <= Memory interface => 12 | Frontend <= Position-based ORAM interface => 13 | Backend <= Memory interface => 14 | DRAM controller 15 | 16 | The 'Memory interface' is: 17 | (op, address, data) where op = read/write. 18 | 19 | The 'Position-based ORAM interface' is: 20 | (op, address, data, currentPos, NewPos) 21 | where op = read/write/some additional low-level commands. 22 | 23 | The frontend manages the block-to-position mapping, and translates a frontend 24 | access into one or multiple backend accesses. A Unified frontend is currently 25 | available, which manages the position map (PosMap) recursively. The Unified 26 | frontend hides most of the recursion overhead when the access pattern has good 27 | locality, using a PosMap-Lookaside-Buffer (PLB). A basic (non-recursive) 28 | frontend is under development. 29 | 30 | The backend is based on Path ORAM by Stefanov et. al [1]; i.e., structures 31 | external memory as a binary tree and reads random paths in the tree to retrieve 32 | blocks requested by the frontend. The backend also manages the stash and evicts 33 | blocks back to the tree. Tiny ORAM currently supports two backend protocols. 34 | One is the original Path ORAM in [1]. The other is RAW Path ORAM, a variant of 35 | Path ORAM proposed in [2]. RAW Path ORAM simplifies integrity verification, and 36 | reduces the number of encryption and hash units required. (Note: we refer to 37 | 'RAW Path ORAM' as 'REW Path ORAM' in the code for legacy reasons. This will be 38 | corrected in future releases.) 39 | 40 | To choose between different configurations, users only need to change the 41 | parameters passed to TinyORAMCore: 42 | EnableREW ==> Path ORAM vs. RAW Path ORAM 43 | EnableIV ==> whether or not to enable integrity verification 44 | (EnableIV = 1 only works when EnableREW = 1) 45 | 46 | -------------------------------------------------------------------------------- 47 | Code structure 48 | -------------------------------------------------------------------------------- 49 | 50 | Tiny ORAM (TinyORAMCore.v, top module) 51 | 52 | Frontend (choose between Basic or Unified) 53 | 54 | Basic frontend (under development) 55 | 56 | 57 | Unified frontend (frontend/UORAMController.v) 58 | 59 | PosMap+PLB (frontend/PosMapPLB.v) 60 | 61 | DataPath (frontend/UORAMDataPath.v) 62 | 63 | Integrity Verification (integrity/*.v) 64 | 65 | Backend (choose between Path ORAM or RAW Path ORAM) 66 | 67 | Path ORAM Backend (backend/PathORAMBackend.v) 68 | 69 | Symmetric Encryption (encryption/basic/*.v) 70 | 71 | RAW Path ORAM Backend (backend/PathORAMBackend.v) 72 | 73 | Symmetric Encryption (encryption/rew/*.v) 74 | 75 | Shared across both backend designs 76 | 77 | Address Generator (addr/*.v) 78 | 79 | Stash (stash/*.v) 80 | 81 | User-level parameters (include/PathORAM.vh) 82 | 83 | -------------------------------------------------------------------------------- 84 | Conventions 85 | -------------------------------------------------------------------------------- 86 | 87 | - All Verilog files (*.v and *.vh) assume tab = 4 spaces. 88 | 89 | - Files with a suffix 'Testbench' are RTL testbenches. These are found in 90 | /test subdirectories below each major code branch (e.g., ./frontend/test). 91 | Refer to each testbench for its usage, but (READ) be aware that most of 92 | these testbenches are _out of data_ and no longer maintained. To test Tiny 93 | ORAM, refer to ../tests/README.txt. 94 | 95 | - Files named 'TinyORAMTop' are FPGA top files. That is, they contain FPGA 96 | pinouts and can be used to generate an FPGA bitstream. Some examples are 97 | given in ../boards. 98 | 99 | - Files with the extension *.vh are include files. If an include file has the 100 | suffix 'Local', it contains only derived constants/localparams -- i.e., you 101 | shouldn't modify it unless you know what you are doing. 102 | 103 | -------------------------------------------------------------------------------- 104 | Citations 105 | -------------------------------------------------------------------------------- 106 | 107 | [1] Emil Stefanov, Marten van Dijk, Elaine Shi, Christopher Fletcher, Ling Ren, 108 | Xiangyao Yu, and Srinivas Devadas. 2013. 109 | Path ORAM: an extremely simple oblivious RAM protocol. 110 | In Proceedings of the 2013 ACM SIGSAC conference on Computer & 111 | communications security (CCS). 112 | 113 | [2] Ling Ren, Christopher Fletcher, Albert Kwon, Marten van Dijk, and Srinivas Devadas. 2017. 114 | Design and implementation of the Ascend secure processor. 115 | IEEE Transactions on Dependable and Secure Computing (TDSC) 116 | -------------------------------------------------------------------------------- /addr/AddrGen.v: -------------------------------------------------------------------------------- 1 | //============================================================================== 2 | // Module: AddrGen 3 | // Desc: Send requests to DRAM to read/write buckets/headers along a path 4 | //============================================================================== 5 | 6 | `include "Const.vh" 7 | 8 | module AddrGen 9 | ( 10 | Clock, Reset, 11 | Start, RWIn, BHIn, leaf, Ready, CmdReady, CmdValid, Cmd, 12 | Addr, currentLevel, BktIdx, 13 | 14 | // output for debugging 15 | STIdx, BktIdxInST 16 | ); 17 | 18 | `include "PathORAM.vh" 19 | `include "DDR3SDRAMLocal.vh" 20 | `include "BucketLocal.vh" 21 | `include "CommandsLocal.vh" 22 | 23 | localparam ORAMLogL = `log2(ORAML) + 1; // TODO need +1 for Ready signal corner case (e.g., ORAML = 31); find a better solution? 24 | 25 | // =========================== Ports ========================= 26 | input Clock; 27 | 28 | // interface with backend controller 29 | input Reset, Start; 30 | input RWIn; // 0 for write, 1 for read, 31 | input BHIn; // 0 for the entire bucket, 1 for the header 32 | input [ORAML-1:0] leaf; 33 | output Ready; 34 | 35 | // interface with DRAM controller 36 | input CmdReady; 37 | output CmdValid; 38 | output [DDRCWidth-1:0] Cmd; 39 | output [DDRAWidth-1:0] Addr; 40 | output [ORAML:0] BktIdx; // logic bucket ID (no subtree) 41 | 42 | // output for debugging 43 | output [ORAMLogL-1:0] currentLevel; 44 | output [ORAML:0] STIdx, BktIdxInST; 45 | 46 | // ==================================================== 47 | 48 | wire [ORAML+1:0] BktIdx_Padded; 49 | 50 | // control logic for AddrGenBktHead 51 | wire Enable, SwitchLevel; 52 | reg RW, BH; 53 | reg [BBSTWidth-1:0] BktCounter; 54 | 55 | `ifndef FPGA 56 | AddrGenBktHead 57 | abt ( .Clock( Clock), 58 | .Reset( Reset), 59 | .Start( Start && Ready), 60 | .Enable( Enable), 61 | .leaf( leaf), 62 | .currentLevel( currentLevel), 63 | .BktIdx( BktIdx_Padded), 64 | 65 | // output for debugging 66 | .STIdx( STIdx), 67 | .BktIdxInST(BktIdxInST) 68 | ); 69 | `else 70 | 71 | AddrGenBktHead #( .ORAMB( ORAMB), 72 | .ORAMU( ORAMU), 73 | .ORAML( ORAML), 74 | .ORAMZ( ORAMZ), 75 | .BEDWidth( BEDWidth), 76 | .EnableIV( EnableIV) 77 | ) 78 | abt ( .Clock( Clock), 79 | .Reset( Reset), 80 | .Start( Start && Ready), 81 | .Enable( Enable), 82 | .leaf( leaf), 83 | .currentLevel( currentLevel), 84 | .BktIdx( BktIdx_Padded), 85 | 86 | // output for debugging 87 | .STIdx( STIdx), 88 | .BktIdxInST(BktIdxInST) 89 | ); 90 | `endif 91 | 92 | assign SwitchLevel = BktCounter >= (BH ? BktHSize_DRBursts : BktSize_DRBursts) - 32'd1; // TODO this may still result in signed-unsigned warning, but careful to test things if you change it 93 | assign Enable = !Ready && CmdReady && SwitchLevel; 94 | 95 | // output 96 | assign Ready = currentLevel > ORAML; 97 | assign CmdValid = currentLevel <= ORAML; 98 | assign Cmd = RW ? DDR3CMD_Read : DDR3CMD_Write; 99 | assign Addr = (BktIdx_Padded * BktSize_DRBursts + BktCounter) * DDRBstLen; 100 | 101 | always@(posedge Clock) begin 102 | if (Start && Ready) begin 103 | RW <= RWIn; 104 | BH <= BHIn; 105 | BktCounter <= 0; 106 | end 107 | 108 | if (!Ready && CmdReady) begin 109 | BktCounter <= SwitchLevel ? 0 : BktCounter + 1; 110 | end 111 | end 112 | 113 | BktIDGen # ( .ORAML( ORAML)) 114 | bid ( .Clock( Clock), 115 | .ReStart( Start && Ready), 116 | .leaf( leaf), 117 | .Enable( Enable), 118 | .BktIdx( BktIdx) 119 | ); 120 | 121 | `ifdef SIMULATION 122 | 123 | /*always @(posedge Clock) begin 124 | if (CmdValid && CmdReady && BktCounter == 0) 125 | $display("Accessing DRAM address [%x], Bucket %x, ST = %x, Bkt=%d", Addr, BktIdx_Padded, STIdx, BktIdxInST); 126 | end*/ 127 | 128 | // Check that AddrGen is not mapping two different buckets to the same physical address 129 | localparam CheckAddrGen = 1; 130 | integer bkt_i; 131 | generate if (CheckAddrGen) begin:Check_Addr 132 | localparam NumBuckets = 1 << (ORAML+1); 133 | 134 | reg [ORAML+1:0] AddrMap [0:NumBuckets-1]; 135 | reg AddrMapValid [0:NumBuckets-1]; 136 | 137 | always @(posedge Clock) begin 138 | if (Reset) begin 139 | for (bkt_i = 0; bkt_i < NumBuckets; bkt_i = bkt_i + 1) 140 | AddrMapValid[bkt_i] <= 1'b0; 141 | end 142 | 143 | else if (!BktCounter && CmdValid) begin 144 | if (AddrMapValid[Addr/DDRBstLen/BktSize_DRBursts]) 145 | if (AddrMap[Addr/DDRBstLen/BktSize_DRBursts] != BktIdx_Padded) begin 146 | $display("Wrong mapping for bucket %d, %x != %x", BktIdx, AddrMap[BktIdx], Addr); 147 | end 148 | else begin 149 | AddrMap[Addr/DDRBstLen/BktSize_DRBursts] <= BktIdx_Padded; 150 | AddrMapValid[Addr/DDRBstLen/BktSize_DRBursts] <= 1'b1; 151 | end 152 | end 153 | end 154 | 155 | end endgenerate 156 | 157 | `endif 158 | 159 | endmodule 160 | -------------------------------------------------------------------------------- /addr/AddrGenBktHead.v: -------------------------------------------------------------------------------- 1 | //============================================================================== 2 | // Module: AddrGenBktHead 3 | // Desc: Output STARTING physical addresses of buckets along a path, 4 | // using subtree locality trick from ISCA'13 5 | //============================================================================== 6 | 7 | `include "Const.vh" 8 | 9 | module AddrGenBktHead 10 | ( 11 | Clock, Reset, Start, Enable, 12 | leaf, 13 | currentLevel, 14 | BktIdx, 15 | 16 | STIdx, BktIdxInST // output for debugging 17 | ); 18 | 19 | `include "PathORAM.vh" 20 | `include "DDR3SDRAMLocal.vh" 21 | `include "BucketLocal.vh" 22 | 23 | localparam ORAMLogL = `log2(ORAML) + 1; 24 | 25 | localparam LogSTSize = L_st; // subtree size (in buckets), it could be (1 << numST) - 1; this is optimal for Z=3 26 | localparam LogSTSizeBottom = (ORAML+1) % L_st; // short trees' size (in buckets) at the bottom 27 | 28 | input Clock, Reset, Start, Enable; 29 | input [ORAML-1:0] leaf; // the input leaf label 30 | output reg [ORAMLogL-1:0] currentLevel; 31 | output [ORAML+1:0] BktIdx; // A tree of depth L needs L+1 bits to denote the node. 32 | // And we waste several spots due to subtree, requiring L+2 bits 33 | output [ORAML:0] STIdx, BktIdxInST; // tmp output for debugging 34 | 35 | 36 | `ifdef FPGA 37 | initial begin // don't delete, REWAES needs this to get rid of Reset 38 | currentLevel = ORAML+1; 39 | end 40 | `endif 41 | 42 | // One PathGen module walks the subtrees and the other inside a subtree 43 | reg [ORAML-1:0] leaf_shift; 44 | wire switchST; 45 | // wire [ORAML-1:0] STIdx, BktIdxInST; 46 | PathGen #(ORAML) STGen(Clock, Start, Enable, switchST, leaf_shift[0], STIdx); 47 | PathGen #(ORAML) BktGen(Clock, Start || (Enable && switchST), Enable, 1'b1, leaf_shift[0], BktIdxInST); 48 | 49 | // control logic for STGen and BktGen 50 | reg [ORAMLogL-1:0] currentLvlinST; 51 | assign switchST = currentLvlinST >= L_st - 32'd1; 52 | 53 | always@(posedge Clock) begin 54 | if (Reset) begin 55 | currentLevel <= ORAML + 32'd1; 56 | end 57 | else if (Start) begin 58 | currentLevel <= 0; 59 | currentLvlinST <= 0; 60 | leaf_shift <= leaf; 61 | end 62 | else if (Enable) begin 63 | currentLevel <= currentLevel + 1; 64 | currentLvlinST <= switchST ? 0 : currentLvlinST + 1; 65 | leaf_shift <= leaf_shift >> 1; 66 | end 67 | end 68 | 69 | // adjust for the (possibly) shorter subtrees at the bottom 70 | localparam L_Padded = numST * L_st; 71 | wire shortTreeAtBottom; 72 | assign shortTreeAtBottom = L_Padded != ORAML + 32'd1 && currentLevel + L_st >= L_Padded; 73 | // short tree exists, iff ORAML+1 != multiple of numST * L_st 74 | 75 | assign BktIdx = BktIdxInST + 76 | ( 77 | shortTreeAtBottom ? 78 | (numTallST << LogSTSize) + ((STIdx-numTallST) << LogSTSizeBottom) : 79 | (STIdx << LogSTSize) 80 | ); 81 | 82 | endmodule 83 | -------------------------------------------------------------------------------- /addr/BktIDGen.v: -------------------------------------------------------------------------------- 1 | //============================================================================== 2 | // Module: BktIDGen 3 | // Desc: Return logical bucket IDs on a path 4 | //============================================================================== 5 | 6 | module BktIDGen ( Clock, ReStart, Enable, leaf, BktIdx ); 7 | 8 | parameter ORAML = 10; 9 | 10 | input Clock, ReStart, Enable; 11 | input [ORAML-1:0] leaf; 12 | output [ORAML:0] BktIdx; // A tree of depth L needs L+1 bits to denote the node. 13 | // If we waste several spots due to subtree, we need L+2 bits 14 | // This module outputs the unwasted version, thus L+1 15 | 16 | reg [ORAML-1:0] leaf_shift; 17 | 18 | PathGen #(ORAML) BktGen(Clock, ReStart, Enable, 1'b1, leaf_shift[0], BktIdx); 19 | 20 | always@(posedge Clock) begin 21 | if (ReStart) 22 | leaf_shift <= leaf; 23 | else if (Enable) 24 | leaf_shift <= leaf_shift >> 1; 25 | end 26 | 27 | endmodule 28 | -------------------------------------------------------------------------------- /addr/PathGen.v: -------------------------------------------------------------------------------- 1 | //============================================================================== 2 | // Module: PathGen 3 | // Desc: Output indices of nodes on a subtree. 4 | // Support any 2^k-ary tree for subtree locality trick from ISCA'13 5 | //============================================================================== 6 | 7 | module PathGen (Clock, Reset, Enable, Switch, BinChild, NodeIdx); 8 | 9 | parameter ORAML = 10; 10 | 11 | input Clock, Reset, Enable; 12 | input Switch; // indicating the degree of the tree. Assertion every k Enable means 2^k-ary tree. 13 | input BinChild; // left-or-right child 14 | output reg [ORAML:0] NodeIdx; 15 | 16 | reg [ORAML:0] Accum, Child; 17 | 18 | always@(posedge Clock) begin 19 | if (Reset) begin 20 | NodeIdx <= 0; 21 | Accum <= 0; 22 | Child <= 0; 23 | end 24 | else if (Switch && Enable) begin // entering a new level in the tree, update NodeIdx 25 | NodeIdx <= (Accum << 1) + (Child << 1) + BinChild + 1; 26 | Accum <= (Accum << 1) + (Child << 1) + BinChild + 1; 27 | Child <= 0; 28 | end 29 | else if (Enable) begin // otherwise, just prepare for the next update for a 2^k-ary tree 30 | Accum <= Accum << 1; 31 | Child <= (Child << 1) + BinChild; 32 | end 33 | end 34 | 35 | endmodule 36 | -------------------------------------------------------------------------------- /encryption/basic/AES_DW.v: -------------------------------------------------------------------------------- 1 | 2 | //============================================================================== 3 | // Section: Includes 4 | //============================================================================== 5 | `include "Const.vh" 6 | //============================================================================== 7 | 8 | // NOTE: assumes tab = 4 spaces 9 | 10 | //============================================================================== 11 | // Module: AES_DW 12 | // Desc: Instantiates W AES units for W*128b data path, and handles D 13 | // different IVs. Currently, is just holding data for 12 cycles, then 14 | // passes it on. 15 | //============================================================================== 16 | module AES_DW 17 | ( 18 | Clock, Reset, 19 | 20 | DataIn, 21 | DataInValid, 22 | DataInReady, 23 | 24 | Key, 25 | KeyValid, 26 | KeyReady, 27 | 28 | DataOut, 29 | DataOutValid 30 | ); 31 | 32 | parameter W = 4; 33 | parameter D = 12; 34 | 35 | `include "PathORAM.vh" 36 | 37 | //-------------------------------------------------------------------------- 38 | // System I/O 39 | //-------------------------------------------------------------------------- 40 | 41 | input Clock, Reset; 42 | 43 | //-------------------------------------------------------------------------- 44 | // Interface 1 45 | //-------------------------------------------------------------------------- 46 | 47 | input [AESEntropy-1:0] DataIn; 48 | input DataInValid; 49 | output DataInReady; 50 | 51 | input [AESWidth-1:0] Key; 52 | input KeyValid; 53 | output KeyReady; 54 | 55 | output [W*AESWidth-1:0] DataOut; 56 | output DataOutValid; 57 | 58 | //-------------------------------------------------------------------------- 59 | // wires and regs 60 | //-------------------------------------------------------------------------- 61 | localparam LOGD = `log2(D+1); 62 | 63 | reg [LOGD-1:0] Count; 64 | reg [LOGD-1:0] InTurn; 65 | reg [LOGD-1:0] OutTurn; 66 | reg [D-1:0] AESWorking; 67 | wire DInReady; 68 | wire DOutValid; 69 | wire [W*AESWidth-1:0] DOut; 70 | 71 | wire [W*AESWidth-1:0] AESRes[D-1:0]; 72 | wire [W-1:0] AESResValid[D-1:0]; 73 | 74 | reg [31:0] i; 75 | 76 | `ifdef FPGA 77 | initial begin 78 | Count = 0; 79 | InTurn = 0; 80 | OutTurn = 0; 81 | for (i = 0; i < D; i = i + 1) 82 | AESWorking[i] = 0; 83 | end 84 | `endif 85 | 86 | assign DInReady = Count < D; 87 | assign DOut = AESRes[OutTurn]; 88 | assign DOutValid = &(AESResValid[OutTurn]); 89 | 90 | always @( posedge Clock ) begin 91 | if (Reset) 92 | Count <= 0; 93 | else if (DataInValid && DInReady && ~DOutValid) 94 | Count <= Count + 1; 95 | else if (!(DataInValid && DInReady) && DOutValid) 96 | Count <= Count - 1; 97 | end 98 | 99 | always @( posedge Clock ) begin 100 | if (Reset) 101 | InTurn <= 0; 102 | else if (DataInValid && DInReady) begin 103 | if (InTurn >= D-32'd1) 104 | InTurn <= 0; 105 | else 106 | InTurn <= InTurn + 1; 107 | end 108 | end 109 | 110 | always @( posedge Clock ) begin 111 | if (Reset) 112 | OutTurn <= 0; 113 | else if (DOutValid) begin 114 | if (OutTurn >= D-32'd1) 115 | OutTurn <= 0; 116 | else 117 | OutTurn <= OutTurn + 1; 118 | end 119 | end 120 | 121 | always @( posedge Clock ) begin 122 | if (Reset) begin 123 | for (i = 0; i < D; i = i + 1) 124 | AESWorking[i] <= 0; 125 | end else begin 126 | for (i = 0; i < D; i = i + 1) begin 127 | if (DOutValid && OutTurn == i) 128 | AESWorking[i] <= 0; 129 | else if (DataInValid && KeyValid && 130 | (InTurn == i) && !AESWorking[i]) 131 | AESWorking[i] <= 1; 132 | end 133 | end 134 | end 135 | 136 | genvar k, j; 137 | generate 138 | for (k = 0; k < D; k = k + 1) begin: OuterAES 139 | for (j = 0; j < W; j = j + 1) begin: InnerAES 140 | aes_cipher_top aes(.clk(Clock), 141 | .rst(~Reset), 142 | .ld(DataInValid && KeyValid && 143 | (InTurn == k) && !AESWorking[k]), 144 | .done(AESResValid[k][j]), 145 | .key(Key), 146 | .text_in({{(AESWidth-AESEntropy){1'b0}}, DataIn + j}), 147 | .text_out(AESRes[k][(j+1)*AESWidth - 1:j*AESWidth])); 148 | end 149 | end 150 | endgenerate 151 | 152 | //IO assignment 153 | assign DataInReady = DInReady; 154 | assign KeyReady = DInReady; 155 | assign DataOut = DOut; 156 | assign DataOutValid = DOutValid; 157 | 158 | 159 | endmodule 160 | //-------------------------------------------------------------------------- 161 | 162 | -------------------------------------------------------------------------------- /encryption/basic/AES_W.v: -------------------------------------------------------------------------------- 1 | 2 | //============================================================================== 3 | // Section: Includes 4 | //============================================================================== 5 | `include "Const.vh" 6 | //============================================================================== 7 | 8 | // NOTE: assumes tab = 4 spaces 9 | 10 | //============================================================================== 11 | // Module: AES_W 12 | // Desc: Instantiates W AES units for W*128b data path, and handles 21 13 | // different IVs (consequence of tiny_aes). 14 | //============================================================================== 15 | module AES_W 16 | ( 17 | Clock, Reset, 18 | 19 | DataIn, 20 | DataInValid, 21 | DataInReady, 22 | 23 | Key, 24 | 25 | DataOut, 26 | DataOutValid 27 | ); 28 | 29 | 30 | `include "PathORAM.vh" 31 | 32 | parameter W = 1; 33 | parameter AESWIn_Width = AESEntropy; 34 | 35 | //-------------------------------------------------------------------------- 36 | // System I/O 37 | //-------------------------------------------------------------------------- 38 | 39 | input Clock, Reset; 40 | 41 | //-------------------------------------------------------------------------- 42 | // Interface 1 43 | //-------------------------------------------------------------------------- 44 | 45 | input [AESWIn_Width-1:0] DataIn; 46 | input DataInValid; 47 | output DataInReady; 48 | 49 | input [AESWidth-1:0] Key; 50 | 51 | output [W*AESWidth-1:0] DataOut; 52 | output DataOutValid; 53 | 54 | //-------------------------------------------------------------------------- 55 | // wires and regs 56 | //-------------------------------------------------------------------------- 57 | 58 | localparam D = 21; 59 | 60 | wire ValidOut; 61 | 62 | wire [W*AESWidth-1:0] AESRes; 63 | 64 | //carry the valid signal from input for D cycles 65 | ShiftRegister #( .PWidth( D), 66 | .SWidth( 1)) 67 | V_shift( .Clock( Clock), 68 | .Reset( Reset), 69 | .Load( 1'b0), 70 | .Enable( 1'b1), 71 | .SIn( DataInValid), 72 | .SOut( ValidOut)); 73 | 74 | genvar k; 75 | generate 76 | for (k = 0; k < W; k = k + 1) begin: AES 77 | aes_128 aes(.clk(Clock), 78 | .state({{(AESWidth-AESWIn_Width){1'b0}}, DataIn}), // TODO: 1'b0, the padding, should really be unique for each k 79 | .key(Key), 80 | .out(AESRes[(k+1)*AESWidth - 1:k*AESWidth])); 81 | end 82 | endgenerate 83 | 84 | //IO assignment 85 | assign DataInReady = 1'b1; 86 | assign DataOut = AESRes; 87 | assign DataOutValid = ValidOut; 88 | 89 | 90 | endmodule 91 | //-------------------------------------------------------------------------- 92 | -------------------------------------------------------------------------------- /encryption/basic/PRNG.v: -------------------------------------------------------------------------------- 1 | //============================================================================== 2 | // Module: PRNG 3 | // Desc: pseudo random number generator using AES(counter), ready-valid interface 4 | // This module assumes very low output bandwidth 5 | // Use it for leaf generation. Do not use it for encryption. 6 | 7 | //============================================================================== 8 | 9 | module PRNG (Clock, Reset, RandOutReady, RandOutValid, RandOut, SecretKey); 10 | 11 | parameter RandWidth = 32; 12 | 13 | `include "PathORAM.vh" 14 | 15 | input Clock, Reset; 16 | input RandOutReady; 17 | output RandOutValid; 18 | output [RandWidth-1:0] RandOut; 19 | input [AESWidth-1:0] SecretKey; 20 | 21 | wire SeedValid, SeedReady; 22 | wire [AESEntropy-1:0] Seed; 23 | 24 | Counter #(.Width(AESEntropy)) 25 | SeedCounter (Clock, Reset, 1'b0, 1'b0, (SeedValid && SeedReady), {AESEntropy{1'bx}}, Seed); // load = set = 0, in= x 26 | // TODO: if reset, seed goes back to 0, not secure any more. 27 | 28 | wire [AESWidth-1:0] AESKey; 29 | wire AESKeyValid; 30 | wire AESKeyReady; 31 | 32 | assign AESKey = SecretKey; 33 | // We should renew the key on every reset, but currently not doing it. 34 | assign AESKeyValid = 1; 35 | 36 | wire [AESWidth-1:0] AESDataIn, AESDataOut; 37 | wire AESDataOutValid; 38 | 39 | assign AESDataIn = {{(AESWidth-AESEntropy){1'b0}}, Seed}; 40 | /* 41 | Register1b aes_ready (Clock, !Reset && SeedValid && SeedReady, Reset || AESDataOutValid, SeedReady); 42 | aes_cipher_top 43 | aes ( .clk( Clock), 44 | .rst( ~Reset), 45 | .ld( SeedValid && AESKeyValid), 46 | .done( AESDataOutValid), 47 | .key( AESKey), 48 | .text_in( AESDataIn), 49 | .text_out( AESDataOut) 50 | ); 51 | 52 | always @(posedge Clock) begin 53 | $display("Reset = %d, SeedValid = %d, SeedReady = %d, AESDataOutValid = %d", Reset, SeedValid, SeedReady, AESDataOutValid); 54 | end 55 | */ 56 | 57 | AES_DW #(.W(1), 58 | .D(1)) 59 | aes_dw (.Clock(Clock), 60 | .Reset(Reset), 61 | .DataIn(Seed), 62 | .DataInValid(SeedValid), 63 | .DataInReady(SeedReady), 64 | .Key(AESKey), 65 | .KeyValid(AESKeyValid), 66 | .KeyReady(AESKeyReady), 67 | .DataOut(AESDataOut), 68 | .DataOutValid(AESDataOutValid) 69 | ); 70 | 71 | wire FunnelInReady; 72 | wire [RandWidth-1:0] FunnelOut; 73 | wire FunnelOutReady, FunnelOutValid; 74 | 75 | FIFOShiftRound #(.IWidth(AESWidth), .OWidth(RandWidth)) 76 | AESOutFunnel ( .Clock( Clock), 77 | .Reset( Reset), 78 | .InAccept( FunnelInReady), 79 | .InValid( AESDataOutValid), 80 | .InData( AESDataOut), 81 | .OutReady( FunnelOutReady), 82 | .OutValid( FunnelOutValid), 83 | .OutData( FunnelOut) 84 | ); 85 | 86 | 87 | FIFORegister #( .Width( RandWidth), 88 | .BWLatency( 1)) 89 | RandOutReg ( .Clock( Clock), 90 | .Reset( Reset), 91 | .InAccept( FunnelOutReady), 92 | .InValid( FunnelOutValid), 93 | .InData( FunnelOut), 94 | .OutReady( RandOutReady), 95 | .OutSend( RandOutValid), 96 | .OutData( RandOut) 97 | ); 98 | 99 | assign SeedValid = FunnelInReady && SeedReady && !AESDataOutValid; 100 | // Generate new random bits if there's space in AESOutFunnel and no bits are on the fly; 101 | 102 | `ifdef SIMULATION 103 | always @(posedge Clock) begin 104 | // if (!Reset && RandOutReady && !RandOutValid) begin 105 | // $display("Error : Run out of random bits"); 106 | // $finish; 107 | // end 108 | end 109 | `endif 110 | 111 | endmodule 112 | -------------------------------------------------------------------------------- /encryption/basic/core_ip/doc/aes.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ascend-secure-processor/oram/18ece0764c4feb5b34f568b2bf9e18081a781a06/encryption/basic/core_ip/doc/aes.pdf -------------------------------------------------------------------------------- /encryption/basic/core_ip/rtl/verilog/aes_key_expand_128.v: -------------------------------------------------------------------------------- 1 | ///////////////////////////////////////////////////////////////////// 2 | //// //// 3 | //// AES Key Expand Block (for 128 bit keys) //// 4 | //// //// 5 | //// //// 6 | //// Author: Rudolf Usselmann //// 7 | //// rudi@asics.ws //// 8 | //// //// 9 | //// //// 10 | //// Downloaded from: http://www.opencores.org/cores/aes_core/ //// 11 | //// //// 12 | ///////////////////////////////////////////////////////////////////// 13 | //// //// 14 | //// Copyright (C) 2000-2002 Rudolf Usselmann //// 15 | //// www.asics.ws //// 16 | //// rudi@asics.ws //// 17 | //// //// 18 | //// This source file may be used and distributed without //// 19 | //// restriction provided that this copyright statement is not //// 20 | //// removed from the file and that any derivative work contains //// 21 | //// the original copyright notice and the associated disclaimer.//// 22 | //// //// 23 | //// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// 24 | //// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// 25 | //// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// 26 | //// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// 27 | //// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// 28 | //// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// 29 | //// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// 30 | //// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// 31 | //// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// 32 | //// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// 33 | //// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// 34 | //// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// 35 | //// POSSIBILITY OF SUCH DAMAGE. //// 36 | //// //// 37 | ///////////////////////////////////////////////////////////////////// 38 | 39 | // CVS Log 40 | // 41 | // $Id: aes_key_expand_128.v,v 1.1.1.1 2002-11-09 11:22:38 rudi Exp $ 42 | // 43 | // $Date: 2002-11-09 11:22:38 $ 44 | // $Revision: 1.1.1.1 $ 45 | // $Author: rudi $ 46 | // $Locker: $ 47 | // $State: Exp $ 48 | // 49 | // Change History: 50 | // $Log: not supported by cvs2svn $ 51 | // 52 | // 53 | // 54 | // 55 | // 56 | 57 | module aes_key_expand_128(clk, kld, kbusy, key, wo_0, wo_1, wo_2, wo_3); 58 | input clk; 59 | input kld; 60 | input kbusy; 61 | input [127:0] key; 62 | output [31:0] wo_0, wo_1, wo_2, wo_3; 63 | reg [31:0] w[3:0]; 64 | wire [31:0] tmp_w; 65 | wire [31:0] subword; 66 | wire [31:0] rcon; 67 | 68 | assign wo_0 = w[0]; 69 | assign wo_1 = w[1]; 70 | assign wo_2 = w[2]; 71 | assign wo_3 = w[3]; 72 | always @(posedge clk) if (kbusy) w[0] <= kld ? key[127:096] : w[0]^subword^rcon; 73 | always @(posedge clk) if (kbusy) w[1] <= kld ? key[095:064] : w[0]^w[1]^subword^rcon; 74 | always @(posedge clk) if (kbusy) w[2] <= kld ? key[063:032] : w[0]^w[2]^w[1]^subword^rcon; 75 | always @(posedge clk) if (kbusy) w[3] <= kld ? key[031:000] : w[0]^w[3]^w[2]^w[1]^subword^rcon; 76 | assign tmp_w = w[3]; 77 | aes_sbox u0( .a(tmp_w[23:16]), .d(subword[31:24])); 78 | aes_sbox u1( .a(tmp_w[15:08]), .d(subword[23:16])); 79 | aes_sbox u2( .a(tmp_w[07:00]), .d(subword[15:08])); 80 | aes_sbox u3( .a(tmp_w[31:24]), .d(subword[07:00])); 81 | aes_rcon r0( .clk(clk), .kld(kld), .out(rcon)); 82 | endmodule 83 | 84 | -------------------------------------------------------------------------------- /encryption/basic/core_ip/rtl/verilog/aes_rcon.v: -------------------------------------------------------------------------------- 1 | ///////////////////////////////////////////////////////////////////// 2 | //// //// 3 | //// AES RCON Block //// 4 | //// //// 5 | //// //// 6 | //// Author: Rudolf Usselmann //// 7 | //// rudi@asics.ws //// 8 | //// //// 9 | //// //// 10 | //// Downloaded from: http://www.opencores.org/cores/aes_core/ //// 11 | //// //// 12 | ///////////////////////////////////////////////////////////////////// 13 | //// //// 14 | //// Copyright (C) 2000-2002 Rudolf Usselmann //// 15 | //// www.asics.ws //// 16 | //// rudi@asics.ws //// 17 | //// //// 18 | //// This source file may be used and distributed without //// 19 | //// restriction provided that this copyright statement is not //// 20 | //// removed from the file and that any derivative work contains //// 21 | //// the original copyright notice and the associated disclaimer.//// 22 | //// //// 23 | //// THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY //// 24 | //// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED //// 25 | //// TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS //// 26 | //// FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL THE AUTHOR //// 27 | //// OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, //// 28 | //// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES //// 29 | //// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE //// 30 | //// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR //// 31 | //// BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF //// 32 | //// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT //// 33 | //// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT //// 34 | //// OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE //// 35 | //// POSSIBILITY OF SUCH DAMAGE. //// 36 | //// //// 37 | ///////////////////////////////////////////////////////////////////// 38 | 39 | // CVS Log 40 | // 41 | // $Id: aes_rcon.v,v 1.1.1.1 2002-11-09 11:22:38 rudi Exp $ 42 | // 43 | // $Date: 2002-11-09 11:22:38 $ 44 | // $Revision: 1.1.1.1 $ 45 | // $Author: rudi $ 46 | // $Locker: $ 47 | // $State: Exp $ 48 | // 49 | // Change History: 50 | // $Log: not supported by cvs2svn $ 51 | // 52 | // 53 | // 54 | // 55 | // 56 | 57 | module aes_rcon(clk, kld, out); 58 | input clk; 59 | input kld; 60 | output [31:0] out; 61 | reg [31:0] out; 62 | reg [3:0] rcnt; 63 | wire [3:0] rcnt_next; 64 | 65 | always @(posedge clk) 66 | if(kld) out <= 32'h01_00_00_00; 67 | else out <= frcon(rcnt_next); 68 | 69 | assign rcnt_next = rcnt + 4'h1; 70 | always @(posedge clk) 71 | if(kld) rcnt <= 4'h0; 72 | else rcnt <= rcnt_next; 73 | 74 | function [31:0] frcon; 75 | input [3:0] i; 76 | case(i) // synopsys parallel_case 77 | 4'h0: frcon=32'h01_00_00_00; 78 | 4'h1: frcon=32'h02_00_00_00; 79 | 4'h2: frcon=32'h04_00_00_00; 80 | 4'h3: frcon=32'h08_00_00_00; 81 | 4'h4: frcon=32'h10_00_00_00; 82 | 4'h5: frcon=32'h20_00_00_00; 83 | 4'h6: frcon=32'h40_00_00_00; 84 | 4'h7: frcon=32'h80_00_00_00; 85 | 4'h8: frcon=32'h1b_00_00_00; 86 | 4'h9: frcon=32'h36_00_00_00; 87 | default: frcon=32'h00_00_00_00; 88 | endcase 89 | endfunction 90 | 91 | endmodule 92 | -------------------------------------------------------------------------------- /encryption/basic/core_ip/sim/rtl_sim/bin/Makefile: -------------------------------------------------------------------------------- 1 | 2 | all: sim 3 | SHELL = /bin/sh 4 | MS="-s" 5 | 6 | ########################################################################## 7 | # 8 | # DUT Sources 9 | # 10 | ########################################################################## 11 | DUT_SRC_DIR=../../../rtl/verilog 12 | _TARGETS_= $(DUT_SRC_DIR)/aes_sbox.v \ 13 | $(DUT_SRC_DIR)/aes_rcon.v \ 14 | $(DUT_SRC_DIR)/aes_key_expand_128.v \ 15 | $(DUT_SRC_DIR)/aes_cipher_top.v \ 16 | $(DUT_SRC_DIR)/aes_inv_sbox.v \ 17 | $(DUT_SRC_DIR)/aes_inv_cipher_top.v 18 | 19 | 20 | ########################################################################## 21 | # 22 | # Test Bench Sources 23 | # 24 | ########################################################################## 25 | TB_SRC_DIR=../../../bench/verilog 26 | _TB_= $(TB_SRC_DIR)/test_bench_top.v 27 | 28 | ########################################################################## 29 | # 30 | # Misc Variables 31 | # 32 | ########################################################################## 33 | 34 | INCDIR=+incdir+./$(DUT_SRC_DIR)/ +incdir+./$(TB_SRC_DIR)/ 35 | LOGF=-l .nclog 36 | UMC_LIB=/tools/dc_libraries/virtual_silicon/umc_lib.v 37 | GATE_NETLIST = ../../../syn/out/aes_cipher_top.v 38 | 39 | ########################################################################## 40 | # 41 | # Make Targets 42 | # 43 | ########################################################################## 44 | ss: 45 | signalscan -do waves/waves.do -waves waves/waves.trn & 46 | 47 | simw: 48 | @$(MAKE) -s sim ACCESS="+access+r " WAVES="+define+WAVES" 49 | 50 | sim: 51 | ncverilog -q +define+RUDIS_TB $(_TARGETS_) $(_TB_) \ 52 | $(INCDIR) $(WAVES) $(ACCESS) $(LOGF) +ncstatus \ 53 | +ncuid+`hostname` 54 | 55 | ivl: 56 | /usr/local/bin/iverilog -D RUDIS_TB $(_TARGETS_) $(_TB_) \ 57 | -I ./$(DUT_SRC_DIR)/ -I ./$(TB_SRC_DIR)/ \ 58 | $(WAVES) $(ACCESS) -s test 59 | 60 | gatew: 61 | @$(MAKE) -s gate ACCESS="+access+r" WAVES="+define+WAVES" 62 | 63 | gate: 64 | ncverilog -q +define+RUDIS_TB $(_TB_) $(UMC_LIB) \ 65 | $(GATE_NETLIST) $(INCDIR) $(WAVES) $(ACCESS) \ 66 | $(LOGF) +ncstatus +ncuid+`hostname` 67 | 68 | hal: 69 | @echo "" 70 | @echo "----- Running HAL ... ----------" 71 | @hal +incdir+$(DUT_SRC_DIR) -NOP -NOS \ 72 | -nocheck STYVAL:USEPRT:NOBLKN:DLNBLK \ 73 | $(_TARGETS_) 74 | @echo "----- DONE ... ----------" 75 | 76 | clean: 77 | rm -rf ./waves/*.dsn ./waves/*.trn \ 78 | ncwork/.inc* ncwork/inc* \ 79 | ./verilog.* .nclog hal.log INCA_libs 80 | 81 | ########################################################################## 82 | 83 | -------------------------------------------------------------------------------- /encryption/basic/core_ip/syn/bin/comp.dc: -------------------------------------------------------------------------------- 1 | ############################################################################### 2 | # 3 | # Actual Synthesis Script 4 | # 5 | # This script does the actual synthesis 6 | # 7 | # Author: Rudolf Usselmann 8 | # rudi@asics.ws 9 | # 10 | # Revision: 11 | # 3/7/01 RU Initial Sript 12 | # 13 | # 14 | ############################################################################### 15 | 16 | # ============================================== 17 | # Setup Design Parameters 18 | source ../bin/design_spec.dc 19 | 20 | # ============================================== 21 | # Setup Libraries 22 | source ../bin/lib_spec.dc 23 | 24 | # ============================================== 25 | # Setup IO Files 26 | 27 | append log_file ../log/$active_design "_cmp.log" 28 | append pre_comp_db_file ../out/$design_name "_pre.db" 29 | append post_comp_db_file ../out/$design_name ".db" 30 | append post_syn_verilog_file ../out/$design_name "_ps.v" 31 | set junk_file /dev/null 32 | 33 | sh rm -f $log_file 34 | 35 | # ============================================== 36 | # Setup Misc Variables 37 | 38 | set hdlin_enable_vpp true ;# Important - this enables 'ifdefs 39 | 40 | # ============================================== 41 | # Read Design 42 | 43 | echo "+++++++++ Reading Design ..." >> $log_file 44 | read_file $pre_comp_db_file >> $log_file 45 | 46 | # ============================================== 47 | # Operating conditions 48 | 49 | echo "+++++++++ Setting up Operation Conditions ..." >> $log_file 50 | current_design $design_name 51 | set_operating_conditions WORST >> $log_file 52 | 53 | # ============================================== 54 | # Setup Clocks and Resets 55 | 56 | echo "+++++++++ Setting up Clocks ..." >> $log_file 57 | 58 | set_drive 0 [find port {clk}] 59 | 60 | # !!! Clock !!! 61 | set clock_period 2.5 62 | create_clock -period $clock_period clk 63 | set_clock_skew -uncertainty 0.1 clk 64 | set_clock_transition 0.2 clk 65 | set_dont_touch_network clk 66 | 67 | # ============================================== 68 | # Setup IOs 69 | 70 | echo "+++++++++ Setting up IOs ..." >> $log_file 71 | 72 | # Need to spell out external IOs 73 | 74 | set_driving_cell -cell NAND2D2 -pin Z [all_inputs] >> $junk_file 75 | set_load 0.2 [all_outputs] 76 | 77 | set_input_delay -max 1 -clock clk [all_inputs] 78 | set_output_delay -max 1 -clock clk [all_outputs] 79 | 80 | # ============================================== 81 | # Setup Area Constrains 82 | set_max_area 0.0 83 | 84 | # ============================================== 85 | # Force Ultra 86 | set_ultra_optimization -f 87 | set compile_new_optimization true 88 | 89 | # ============================================== 90 | # Compile Design 91 | 92 | echo "" >> $log_file 93 | echo "++++++++++++++++++++++++++++++++++++++++++++++" >> $log_file 94 | echo "+++++++++ Timing Loops Report +++++++++" >> $log_file 95 | echo "++++++++++++++++++++++++++++++++++++++++++++++" >> $log_file 96 | echo "" >> $log_file 97 | report_timing -loops -max_path 20 >> $log_file 98 | 99 | echo "" >> $log_file 100 | echo "++++++++++++++++++++++++++++++++++++++++++++++" >> $log_file 101 | echo "+++++++++ Starting Compile +++++++++" >> $log_file 102 | echo "++++++++++++++++++++++++++++++++++++++++++++++" >> $log_file 103 | echo "" >> $log_file 104 | 105 | set_wire_load_model -name suggested_160K [find design *] 106 | set_balance_registers true 107 | compile -boundary_optimization -ungroup_all 108 | optimize_registers -period 0 109 | compile -incremental_mapping -map_effort high -area_effort high -boundary_optimization -ungroup_all 110 | 111 | # ============================================== 112 | # Write Out the optimized design 113 | 114 | echo "" >> $log_file 115 | echo "++++++++++++++++++++++++++++++++++++++++++++++" >> $log_file 116 | echo "+++++++++ Saving Optimized Design +++++++++" >> $log_file 117 | echo "++++++++++++++++++++++++++++++++++++++++++++++" >> $log_file 118 | echo "" >> $log_file 119 | write_file -hierarchy -format verilog -output $post_syn_verilog_file 120 | write_file -hierarchy -format db -output $post_comp_db_file 121 | 122 | # ============================================== 123 | # Create Some Basic Reports 124 | 125 | echo "" >> $log_file 126 | echo "++++++++++++++++++++++++++++++++++++++++++++++" >> $log_file 127 | echo "+++++++++ Reporting Final Results +++++++++" >> $log_file 128 | echo "++++++++++++++++++++++++++++++++++++++++++++++" >> $log_file 129 | echo "" >> $log_file 130 | report_timing -path full_clock -nworst 10 -nets \ 131 | -transition_time -capacitance -attributes \ 132 | -sort_by slack >> $log_file 133 | 134 | echo "" >> $log_file 135 | echo "++++++++++++++++++++++++++++++++++++++++++++++" >> $log_file 136 | echo "+++++++++ Area Report +++++++++" >> $log_file 137 | echo "++++++++++++++++++++++++++++++++++++++++++++++" >> $log_file 138 | echo "" >> $log_file 139 | 140 | report_area >> $log_file 141 | quit 142 | 143 | -------------------------------------------------------------------------------- /encryption/basic/core_ip/syn/bin/design_spec.dc: -------------------------------------------------------------------------------- 1 | ############################################################################### 2 | # 3 | # Design Specification 4 | # 5 | # Author: Rudolf Usselmann 6 | # rudi@asics.ws 7 | # 8 | # Revision: 9 | # 3/7/01 RU Initial Sript 10 | # 11 | # 12 | ############################################################################### 13 | 14 | # ============================================== 15 | # Setup Design Parameters 16 | 17 | set design_files {aes_rcon aes_sbox aes_key_expand_128 aes_cipher_top} 18 | set design_name aes_cipher_top 19 | set active_design aes_cipher_top 20 | 21 | #set design_files {aes_rcon aes_inv_sbox aes_key_expand_128 aes_inv_cipher_top} 22 | #set design_name aes_inv_cipher_top 23 | #set active_design aes_inv_cipher_top 24 | 25 | # Next Statement defines all clocks and resets in the design 26 | set special_net {clk} 27 | 28 | set hdl_src_dir ../../rtl/verilog/ 29 | 30 | -------------------------------------------------------------------------------- /encryption/basic/core_ip/syn/bin/lib_spec.dc: -------------------------------------------------------------------------------- 1 | ############################################################################### 2 | # 3 | # Library Specification 4 | # 5 | # Author: Rudolf Usselmann 6 | # rudi@asics.ws 7 | # 8 | # Revision: 9 | # 3/7/01 RU Initial Sript 10 | # 11 | # 12 | ############################################################################### 13 | 14 | # ============================================== 15 | # Setup Libraries 16 | 17 | #tools/dc_libraries/virtual_silicon/UMCL18U250D2_2.2/design_compiler/ \ 18 | #tools/dc_libraries/virtual_silicon/UMCL13L210D3_1.0/design_compiler/ \ 19 | 20 | 21 | set search_path [list $search_path . \ 22 | /tools/dc_libraries/virtual_silicon/UMCL18U250D2_2.2/design_compiler/ \ 23 | $hdl_src_dir] 24 | 25 | set snps [getenv "SYNOPSYS"] 26 | 27 | set synthetic_library "" 28 | append synthetic_library $snps "/libraries/syn/dw01.sldb " 29 | append synthetic_library $snps "/libraries/syn/dw02.sldb " 30 | append synthetic_library $snps "/libraries/syn/dw03.sldb " 31 | append synthetic_library $snps "/libraries/syn/dw04.sldb " 32 | append synthetic_library $snps "/libraries/syn/dw05.sldb " 33 | append synthetic_library $snps "/libraries/syn/dw06.sldb " 34 | append synthetic_library $snps "/libraries/syn/dw07.sldb " 35 | 36 | set target_library { umcl18u250t2_wc.db } 37 | #set target_library { umcl13l210t3_wc.db } 38 | 39 | set link_library "" 40 | append link_library $target_library " " $synthetic_library 41 | 42 | #set symbol_library { umcl13l210t3.sdb } 43 | 44 | -------------------------------------------------------------------------------- /encryption/basic/core_ip/syn/bin/read.dc: -------------------------------------------------------------------------------- 1 | ############################################################################### 2 | # 3 | # Pre Synthesis Script 4 | # 5 | # This script only reads in the design and saves it in a DB file 6 | # 7 | # Author: Rudolf Usselmann 8 | # rudi@asics.ws 9 | # 10 | # Revision: 11 | # 3/7/01 RU Initial Sript 12 | # 13 | # 14 | ############################################################################### 15 | 16 | # ============================================== 17 | # Setup Design Parameters 18 | source ../bin/design_spec.dc 19 | 20 | # ============================================== 21 | # Setup Libraries 22 | source ../bin/lib_spec.dc 23 | 24 | # ============================================== 25 | # Setup IO Files 26 | 27 | append log_file ../log/$active_design "_pre.log" 28 | append pre_comp_db_file ../out/$design_name "_pre.db" 29 | 30 | sh rm -f $log_file 31 | 32 | # ============================================== 33 | # Setup Misc Variables 34 | 35 | set hdlin_enable_vpp true ;# Important - this enables 'ifdefs 36 | 37 | # ============================================== 38 | # Read Design 39 | 40 | echo "+++++++++ Analyzing all design files ..." >> $log_file 41 | 42 | foreach module $design_files { 43 | echo "+++++++++ Reading: $module" >> $log_file 44 | echo +++++++++ Reading: $module 45 | set module_file_name "" 46 | append module_file_name $module ".v" 47 | analyze -f verilog $module_file_name >> $log_file 48 | elaborate $module >> $log_file 49 | } 50 | 51 | current_design $active_design 52 | 53 | echo "+++++++++ Linking Design ..." >> $log_file 54 | link >> $log_file 55 | 56 | echo "+++++++++ Uniquifying Design ..." >> $log_file 57 | uniquify >> $log_file 58 | 59 | echo "+++++++++ Checking Design ..." >> $log_file 60 | check_design >> $log_file 61 | 62 | # ============================================== 63 | # Save Design 64 | echo "+++++++++ Saving Design ..." >> $log_file 65 | write_file -hierarchy -format db -output $pre_comp_db_file 66 | 67 | quit 68 | -------------------------------------------------------------------------------- /encryption/rew/GentrySeedGenerator.v: -------------------------------------------------------------------------------- 1 | 2 | //============================================================================== 3 | // Section: Includes 4 | //============================================================================== 5 | `include "Const.vh" 6 | //============================================================================== 7 | 8 | //============================================================================== 9 | // Module: GentrySeedGenerator 10 | // Desc: 11 | //============================================================================== 12 | module GentrySeedGenerator( 13 | Clock, Reset, 14 | 15 | OutIV, OutBID, 16 | OutValid, OutReady 17 | ); 18 | 19 | //-------------------------------------------------------------------------- 20 | // Constants 21 | //-------------------------------------------------------------------------- 22 | 23 | `include "PathORAM.vh" 24 | 25 | localparam BIDWidth = ORAML + 1; 26 | 27 | //-------------------------------------------------------------------------- 28 | // System I/O 29 | //-------------------------------------------------------------------------- 30 | 31 | input Clock, Reset; 32 | 33 | //-------------------------------------------------------------------------- 34 | // Output Interface 35 | //-------------------------------------------------------------------------- 36 | 37 | output [AESEntropy-1:0] OutIV; 38 | output [BIDWidth-1:0] OutBID; 39 | 40 | output OutValid; 41 | input OutReady; 42 | 43 | //-------------------------------------------------------------------------- 44 | // Wires & Regs 45 | //-------------------------------------------------------------------------- 46 | wire RWPathTransition; 47 | wire Transfer; 48 | 49 | wire [AESEntropy-1:0] GentryCounter, GentryCounterShifted, GentryCounterIn; 50 | 51 | wire [ORAML-1:0] GentryLeaf; 52 | 53 | //-------------------------------------------------------------------------- 54 | // Logic 55 | //-------------------------------------------------------------------------- 56 | 57 | reg CSRWWrite, CSStartOp; 58 | 59 | `ifdef FPGA 60 | initial begin 61 | CSStartOp <= 1; 62 | CSRWWrite <= 0; // read first 63 | end 64 | `endif 65 | 66 | always @(posedge Clock) begin 67 | if (Reset) begin 68 | CSStartOp <= 1; 69 | CSRWWrite <= 0; // read first 70 | end 71 | else begin 72 | if (CSStartOp) 73 | CSStartOp <= 0; 74 | if (RWPathTransition) 75 | CSRWWrite <= ~CSRWWrite; 76 | end 77 | end 78 | 79 | CountAlarm #( .Threshold( ORAML + 1)) 80 | rw_lvl_cnt( .Clock( Clock), 81 | .Reset( Reset), 82 | .Enable( Transfer), 83 | .Done( RWPathTransition)); 84 | 85 | Counter #( .Width( AESEntropy)) 86 | gentry_bg( .Clock( Clock), 87 | .Reset( Reset), 88 | .Set( 1'b0), 89 | .Load( 1'b0), 90 | .Enable( RWPathTransition & CSRWWrite), 91 | .In( {AESEntropy{1'bx}}), 92 | .Count( GentryCounter)); 93 | 94 | // RW seed generation scheme for bucket @ level L (L = 0...): 95 | // decrypt( GentryCounter >> L) 96 | // encrypt((GentryCounter >> L) + 1) 97 | ShiftRegister #( .PWidth( AESEntropy), 98 | .Reverse( 1), 99 | .SWidth( 1)) 100 | gentry_shft(.Clock( Clock), 101 | .Reset( 1'b0), 102 | .Load( RWPathTransition || CSStartOp), 103 | .Enable( Transfer), 104 | .PIn( GentryCounterIn), 105 | .SIn( 1'b0), 106 | .POut( GentryCounterShifted)); 107 | 108 | assign GentryCounterIn = GentryCounter + (RWPathTransition & CSRWWrite); 109 | 110 | assign OutIV = GentryCounterShifted + CSRWWrite; 111 | 112 | assign GentryLeaf = GentryCounterIn[ORAML-1:0]; 113 | 114 | BktIDGen #( .ORAML( ORAML)) 115 | rw_bid( .Clock( Clock), 116 | .ReStart( CSStartOp || RWPathTransition), 117 | .leaf( GentryLeaf), 118 | .Enable( Transfer), 119 | .BktIdx( OutBID)); 120 | 121 | assign OutValid = !CSStartOp; 122 | assign Transfer = OutValid && OutReady; 123 | 124 | //-------------------------------------------------------------------------- 125 | endmodule 126 | //-------------------------------------------------------------------------- 127 | -------------------------------------------------------------------------------- /encryption/rew/ROISeedGenerator.v: -------------------------------------------------------------------------------- 1 | //============================================================================== 2 | // Module: ROISeedGenerator 3 | // Desc: 4 | //============================================================================== 5 | module ROISeedGenerator( 6 | Clock, ROStart, Enable, 7 | ROLeaf, GentryVersion, 8 | ROIBV, ROIBID 9 | ); 10 | 11 | `include "PathORAM.vh" 12 | 13 | input Clock, ROStart, Enable; 14 | input [ORAML-1:0] ROLeaf; 15 | input [AESEntropy-1:0] GentryVersion; 16 | 17 | output [AESEntropy-1:0] ROIBV; 18 | output [ORAML:0] ROIBID; 19 | 20 | wire RO_LeafNextDirection; 21 | wire [AESEntropy-1:0] ROIBV_Next; 22 | 23 | Register #( .Width( AESEntropy)) 24 | ro_gentry( .Clock( Clock), 25 | .Reset( 1'b0), 26 | .Set( 1'b0), 27 | .Enable( ROStart | Enable), 28 | .In( ROIBV_Next), 29 | .Out( ROIBV) 30 | ); 31 | 32 | ShiftRegister #( .PWidth( ORAML), 33 | .Reverse( 1), 34 | .SWidth( 1)) 35 | ro_L_shft( .Clock( Clock), 36 | .Reset( 1'b0), 37 | .Load( ROStart), 38 | .Enable( Enable), 39 | .PIn( ROLeaf), 40 | .SIn( 1'b0), 41 | .SOut( RO_LeafNextDirection) 42 | ); 43 | 44 | assign ROIBV_Next = ROStart ? GentryVersion : ((ROIBV + !RO_LeafNextDirection) / 2); 45 | 46 | BktIDGen # ( .ORAML( ORAML)) 47 | rw_bid ( .Clock( Clock), 48 | .ReStart( ROStart), 49 | .leaf( ROLeaf), 50 | .Enable( Enable), 51 | .BktIdx( ROIBID) 52 | ); 53 | endmodule 54 | //-------------------------------------------------------------------------- 55 | -------------------------------------------------------------------------------- /encryption/rew/core_ip/tiny_aes/aes_128.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2012, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | module aes_128(clk, state, key, out); 18 | input clk; 19 | input [127:0] state, key; 20 | output [127:0] out; 21 | reg [127:0] s0, k0; 22 | wire [127:0] s1, s2, s3, s4, s5, s6, s7, s8, s9, 23 | k1, k2, k3, k4, k5, k6, k7, k8, k9, k9b; 24 | 25 | always @ (posedge clk) 26 | begin 27 | s0 <= state ^ key; 28 | k0 <= key; 29 | end 30 | 31 | one_round 32 | r1 (clk, k0, s0, 8'h1, k1, s1), 33 | r2 (clk, k1, s1, 8'h2, k2, s2), 34 | r3 (clk, k2, s2, 8'h4, k3, s3), 35 | r4 (clk, k3, s3, 8'h8, k4, s4), 36 | r5 (clk, k4, s4, 8'h10, k5, s5), 37 | r6 (clk, k5, s5, 8'h20, k6, s6), 38 | r7 (clk, k6, s6, 8'h40, k7, s7), 39 | r8 (clk, k7, s7, 8'h80, k8, s8), 40 | r9 (clk, k8, s8, 8'h1b, k9, s9); 41 | 42 | final_round 43 | rf (clk, k9, s9, 8'h36, out); 44 | 45 | endmodule -------------------------------------------------------------------------------- /encryption/rew/core_ip/tiny_aes/aes_256.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2012, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | module aes_256 (clk, state, key, out); 18 | input clk; 19 | input [127:0] state; 20 | input [255:0] key; 21 | output [127:0] out; 22 | reg [127:0] s0; 23 | reg [255:0] k0, k0a, k1; 24 | wire [127:0] s1, s2, s3, s4, s5, s6, s7, s8, 25 | s9, s10, s11, s12, s13; 26 | wire [255:0] k2, k3, k4, k5, k6, k7, k8, 27 | k9, k10, k11, k12, k13; 28 | wire [127:0] k0b, k1b, k2b, k3b, k4b, k5b, k6b, k7b, k8b, 29 | k9b, k10b, k11b, k12b, k13b; 30 | 31 | always @ (posedge clk) 32 | begin 33 | s0 <= state ^ key[255:128]; 34 | k0 <= key; 35 | k0a <= k0; 36 | k1 <= k0a; 37 | end 38 | 39 | assign k0b = k0a[127:0]; 40 | 41 | expand_key_type_A_256 42 | a1 (clk, k1, 8'h1, k2, k1b), 43 | a3 (clk, k3, 8'h2, k4, k3b), 44 | a5 (clk, k5, 8'h4, k6, k5b), 45 | a7 (clk, k7, 8'h8, k8, k7b), 46 | a9 (clk, k9, 8'h10, k10, k9b), 47 | a11 (clk, k11, 8'h20, k12, k11b), 48 | a13 (clk, k13, 8'h40, , k13b); 49 | 50 | expand_key_type_B_256 51 | a2 (clk, k2, k3, k2b), 52 | a4 (clk, k4, k5, k4b), 53 | a6 (clk, k6, k7, k6b), 54 | a8 (clk, k8, k9, k8b), 55 | a10 (clk, k10, k11, k10b), 56 | a12 (clk, k12, k13, k12b); 57 | 58 | one_round 59 | r1 (clk, s0, k0b, s1), 60 | r2 (clk, s1, k1b, s2), 61 | r3 (clk, s2, k2b, s3), 62 | r4 (clk, s3, k3b, s4), 63 | r5 (clk, s4, k4b, s5), 64 | r6 (clk, s5, k5b, s6), 65 | r7 (clk, s6, k6b, s7), 66 | r8 (clk, s7, k7b, s8), 67 | r9 (clk, s8, k8b, s9), 68 | r10 (clk, s9, k9b, s10), 69 | r11 (clk, s10, k10b, s11), 70 | r12 (clk, s11, k11b, s12), 71 | r13 (clk, s12, k12b, s13); 72 | 73 | final_round 74 | rf (clk, s13, k13b, out); 75 | endmodule 76 | 77 | /* expand k0,k1,k2,k3 for every two clock cycles */ 78 | module expand_key_type_A_256 (clk, in, rcon, out_1, out_2); 79 | input clk; 80 | input [255:0] in; 81 | input [7:0] rcon; 82 | output reg [255:0] out_1; 83 | output [127:0] out_2; 84 | wire [31:0] k0, k1, k2, k3, k4, k5, k6, k7, 85 | v0, v1, v2, v3; 86 | reg [31:0] k0a, k1a, k2a, k3a, k4a, k5a, k6a, k7a; 87 | wire [31:0] k0b, k1b, k2b, k3b, k4b, k5b, k6b, k7b, k8a; 88 | 89 | assign {k0, k1, k2, k3, k4, k5, k6, k7} = in; 90 | 91 | assign v0 = {k0[31:24] ^ rcon, k0[23:0]}; 92 | assign v1 = v0 ^ k1; 93 | assign v2 = v1 ^ k2; 94 | assign v3 = v2 ^ k3; 95 | 96 | always @ (posedge clk) 97 | {k0a, k1a, k2a, k3a, k4a, k5a, k6a, k7a} <= {v0, v1, v2, v3, k4, k5, k6, k7}; 98 | 99 | S4 100 | S4_0 (clk, {k7[23:0], k7[31:24]}, k8a); 101 | 102 | assign k0b = k0a ^ k8a; 103 | assign k1b = k1a ^ k8a; 104 | assign k2b = k2a ^ k8a; 105 | assign k3b = k3a ^ k8a; 106 | assign {k4b, k5b, k6b, k7b} = {k4a, k5a, k6a, k7a}; 107 | 108 | always @ (posedge clk) 109 | out_1 <= {k0b, k1b, k2b, k3b, k4b, k5b, k6b, k7b}; 110 | 111 | assign out_2 = {k0b, k1b, k2b, k3b}; 112 | endmodule 113 | 114 | /* expand k4,k5,k6,k7 for every two clock cycles */ 115 | module expand_key_type_B_256 (clk, in, out_1, out_2); 116 | input clk; 117 | input [255:0] in; 118 | output reg [255:0] out_1; 119 | output [127:0] out_2; 120 | wire [31:0] k0, k1, k2, k3, k4, k5, k6, k7, 121 | v5, v6, v7; 122 | reg [31:0] k0a, k1a, k2a, k3a, k4a, k5a, k6a, k7a; 123 | wire [31:0] k0b, k1b, k2b, k3b, k4b, k5b, k6b, k7b, k8a; 124 | 125 | assign {k0, k1, k2, k3, k4, k5, k6, k7} = in; 126 | 127 | assign v5 = k4 ^ k5; 128 | assign v6 = v5 ^ k6; 129 | assign v7 = v6 ^ k7; 130 | 131 | always @ (posedge clk) 132 | {k0a, k1a, k2a, k3a, k4a, k5a, k6a, k7a} <= {k0, k1, k2, k3, k4, v5, v6, v7}; 133 | 134 | S4 135 | S4_0 (clk, k3, k8a); 136 | 137 | assign {k0b, k1b, k2b, k3b} = {k0a, k1a, k2a, k3a}; 138 | assign k4b = k4a ^ k8a; 139 | assign k5b = k5a ^ k8a; 140 | assign k6b = k6a ^ k8a; 141 | assign k7b = k7a ^ k8a; 142 | 143 | always @ (posedge clk) 144 | out_1 <= {k0b, k1b, k2b, k3b, k4b, k5b, k6b, k7b}; 145 | 146 | assign out_2 = {k4b, k5b, k6b, k7b}; 147 | endmodule 148 | 149 | -------------------------------------------------------------------------------- /encryption/rew/core_ip/tiny_aes/expand_key_128.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2012, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | module expand_key_128(clk, in, out_1, out_2, rcon); 18 | input clk; 19 | input [127:0] in; 20 | input [7:0] rcon; 21 | output reg [127:0] out_1; 22 | output [127:0] out_2; 23 | wire [31:0] k0, k1, k2, k3, 24 | v0, v1, v2, v3; 25 | reg [31:0] k0a, k1a, k2a, k3a; 26 | wire [31:0] k0b, k1b, k2b, k3b, k4a; 27 | 28 | assign {k0, k1, k2, k3} = in; 29 | 30 | assign v0 = {k0[31:24] ^ rcon, k0[23:0]}; 31 | assign v1 = v0 ^ k1; 32 | assign v2 = v1 ^ k2; 33 | assign v3 = v2 ^ k3; 34 | 35 | always @ (posedge clk) 36 | {k0a, k1a, k2a, k3a} <= {v0, v1, v2, v3}; 37 | 38 | S4 39 | S4_0 (clk, {k3[23:0], k3[31:24]}, k4a); 40 | 41 | assign k0b = k0a ^ k4a; 42 | assign k1b = k1a ^ k4a; 43 | assign k2b = k2a ^ k4a; 44 | assign k3b = k3a ^ k4a; 45 | 46 | always @ (posedge clk) 47 | out_1 <= {k0b, k1b, k2b, k3b}; 48 | 49 | assign out_2 = {k0b, k1b, k2b, k3b}; 50 | endmodule 51 | 52 | -------------------------------------------------------------------------------- /encryption/rew/core_ip/tiny_aes/final_round.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2012, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | /* AES final round for every two clock cycles */ 18 | 19 | module final_round (clk, key_in, state_in, rcon, state_out); 20 | input clk; 21 | input [127:0] state_in, key_in; 22 | input [7:0] rcon; 23 | output [127:0] state_out; 24 | wire [127:0] key_b; 25 | 26 | expand_key_128 a (.clk(clk), .in(key_in), .out_2(key_b), .rcon(rcon)); 27 | final_round_sub r (clk, state_in, key_b, state_out); 28 | endmodule 29 | 30 | module final_round_sub (clk, state_in, key_in, state_out); 31 | input clk; 32 | input [127:0] state_in; 33 | input [127:0] key_in; 34 | output reg [127:0] state_out; 35 | wire [31:0] s0, s1, s2, s3, 36 | z0, z1, z2, z3, 37 | k0, k1, k2, k3; 38 | wire [7:0] p00, p01, p02, p03, 39 | p10, p11, p12, p13, 40 | p20, p21, p22, p23, 41 | p30, p31, p32, p33; 42 | 43 | assign {k0, k1, k2, k3} = key_in; 44 | 45 | assign {s0, s1, s2, s3} = state_in; 46 | 47 | S4 48 | S4_1 (clk, s0, {p00, p01, p02, p03}), 49 | S4_2 (clk, s1, {p10, p11, p12, p13}), 50 | S4_3 (clk, s2, {p20, p21, p22, p23}), 51 | S4_4 (clk, s3, {p30, p31, p32, p33}); 52 | 53 | assign z0 = {p00, p11, p22, p33} ^ k0; 54 | assign z1 = {p10, p21, p32, p03} ^ k1; 55 | assign z2 = {p20, p31, p02, p13} ^ k2; 56 | assign z3 = {p30, p01, p12, p23} ^ k3; 57 | 58 | always @ (posedge clk) 59 | state_out <= {z0, z1, z2, z3}; 60 | endmodule 61 | 62 | -------------------------------------------------------------------------------- /encryption/rew/core_ip/tiny_aes/round.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2012, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | /* one AES round for every two clock cycles */ 18 | module one_round (clk, key_in, state_in, rcon, key_out, state_out); 19 | input clk; 20 | input [127:0] state_in, key_in; 21 | input [7:0] rcon; 22 | output [127:0] state_out, key_out; 23 | wire [127:0] key_b; 24 | 25 | expand_key_128 a (clk, key_in, key_out, key_b, rcon); 26 | one_round_sub r (clk, state_in, key_b, state_out); 27 | endmodule 28 | 29 | module one_round_sub (clk, state_in, key, state_out); 30 | input clk; 31 | input [127:0] state_in, key; 32 | output reg [127:0] state_out; 33 | wire [31:0] s0, s1, s2, s3, 34 | z0, z1, z2, z3, 35 | p00, p01, p02, p03, 36 | p10, p11, p12, p13, 37 | p20, p21, p22, p23, 38 | p30, p31, p32, p33, 39 | k0, k1, k2, k3; 40 | 41 | assign {k0, k1, k2, k3} = key; 42 | 43 | assign {s0, s1, s2, s3} = state_in; 44 | 45 | table_lookup 46 | t0 (clk, s0, p00, p01, p02, p03), 47 | t1 (clk, s1, p10, p11, p12, p13), 48 | t2 (clk, s2, p20, p21, p22, p23), 49 | t3 (clk, s3, p30, p31, p32, p33); 50 | 51 | assign z0 = p00 ^ p11 ^ p22 ^ p33 ^ k0; 52 | assign z1 = p03 ^ p10 ^ p21 ^ p32 ^ k1; 53 | assign z2 = p02 ^ p13 ^ p20 ^ p31 ^ k2; 54 | assign z3 = p01 ^ p12 ^ p23 ^ p30 ^ k3; 55 | 56 | always @ (posedge clk) 57 | state_out <= {z0, z1, z2, z3}; 58 | endmodule -------------------------------------------------------------------------------- /encryption/rew/core_ip/tiny_aes/test/test_aes_128.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2012, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | `timescale 1ns / 1ps 18 | 19 | module test_aes_128; 20 | 21 | // Inputs 22 | reg clk; 23 | reg [127:0] state; 24 | reg [127:0] key; 25 | 26 | // Outputs 27 | wire [127:0] out; 28 | 29 | // Instantiate the Unit Under Test (UUT) 30 | aes_128 uut ( 31 | .clk(clk), 32 | .state(state), 33 | .key(key), 34 | .out(out) 35 | ); 36 | 37 | initial begin 38 | clk = 0; 39 | state = 0; 40 | key = 0; 41 | 42 | #100; 43 | /* 44 | * TIMEGRP "key" OFFSET = IN 6.4 ns VALID 6 ns AFTER "clk" HIGH; 45 | * TIMEGRP "state" OFFSET = IN 6.4 ns VALID 6 ns AFTER "clk" HIGH; 46 | * TIMEGRP "out" OFFSET = OUT 2.2 ns BEFORE "clk" HIGH; 47 | */ 48 | @ (negedge clk); 49 | # 2; 50 | state = 128'h3243f6a8_885a308d_313198a2_e0370734; 51 | key = 128'h2b7e1516_28aed2a6_abf71588_09cf4f3c; 52 | #10; 53 | state = 128'h00112233_44556677_8899aabb_ccddeeff; 54 | key = 128'h00010203_04050607_08090a0b_0c0d0e0f; 55 | #10; 56 | state = 128'h0; 57 | key = 128'h0; 58 | #10; 59 | state = 128'h0; 60 | key = 128'h1; 61 | #10; 62 | state = 128'h1; 63 | key = 128'h0; 64 | #170; 65 | if (out !== 128'h3925841d02dc09fbdc118597196a0b32) 66 | begin $display("E"); $finish; end 67 | #10; 68 | if (out !== 128'h69_c4_e0_d8_6a_7b_04_30_d8_cd_b7_80_70_b4_c5_5a) 69 | begin $display("E"); $finish; end 70 | #10; 71 | if (out !== 128'h66_e9_4b_d4_ef_8a_2c_3b_88_4c_fa_59_ca_34_2b_2e) 72 | begin $display("E"); $finish; end 73 | #10; 74 | if (out !== 128'h05_45_aa_d5_6d_a2_a9_7c_36_63_d1_43_2a_3d_1c_84) 75 | begin $display("E"); $finish; end 76 | #10; 77 | if (out !== 128'h58_e2_fc_ce_fa_7e_30_61_36_7f_1d_57_a4_e7_45_5a) 78 | begin $display("E"); $finish; end 79 | $display("Good."); 80 | $finish; 81 | end 82 | 83 | always #5 clk = ~clk; 84 | endmodule 85 | 86 | -------------------------------------------------------------------------------- /encryption/rew/core_ip/tiny_aes/test/test_aes_192.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2012, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | `timescale 1ns / 1ps 18 | 19 | module test_aes_192; 20 | 21 | // Inputs 22 | reg clk; 23 | reg [127:0] state; 24 | reg [191:0] key; 25 | 26 | // Outputs 27 | wire [127:0] out; 28 | 29 | // Instantiate the Unit Under Test (UUT) 30 | aes_192 uut ( 31 | .clk(clk), 32 | .state(state), 33 | .key(key), 34 | .out(out) 35 | ); 36 | 37 | initial begin 38 | clk = 0; 39 | state = 0; 40 | key = 0; 41 | 42 | #100; 43 | /* 44 | * TIMEGRP "key" OFFSET = IN 6.4 ns VALID 6 ns AFTER "clk" HIGH; 45 | * TIMEGRP "state" OFFSET = IN 6.4 ns VALID 6 ns AFTER "clk" HIGH; 46 | * TIMEGRP "out" OFFSET = OUT 2.2 ns BEFORE "clk" HIGH; 47 | */ 48 | @ (negedge clk); 49 | #2; 50 | state = 128'h3243f6a8885a308d313198a2e0370734; 51 | key = 192'h2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da5; 52 | #10; 53 | state = 128'h00112233445566778899aabbccddeeff; 54 | key = 192'h000102030405060708090a0b0c0d0e0f1011121314151617; 55 | #10; 56 | state = 128'h0; 57 | key = 192'h0; 58 | #230; 59 | if (out !== 128'hf9fb29aefc384a250340d833b87ebc00) 60 | begin $display("E"); $finish; end 61 | #10; 62 | if (out !== 128'hdda97ca4864cdfe06eaf70a0ec0d7191) 63 | begin $display("E"); $finish; end 64 | $display("Good."); 65 | $finish; 66 | end 67 | 68 | always #5 clk = ~clk; 69 | endmodule 70 | 71 | -------------------------------------------------------------------------------- /encryption/rew/core_ip/tiny_aes/test/test_aes_256.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2012, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | `timescale 1ns / 1ps 18 | 19 | module test_aes_256; 20 | 21 | // Inputs 22 | reg clk; 23 | reg [127:0] state; 24 | reg [255:0] key; 25 | 26 | // Outputs 27 | wire [127:0] out; 28 | 29 | // Instantiate the Unit Under Test (UUT) 30 | aes_256 uut ( 31 | .clk(clk), 32 | .state(state), 33 | .key(key), 34 | .out(out) 35 | ); 36 | 37 | initial begin 38 | clk = 0; 39 | state = 0; 40 | key = 0; 41 | 42 | #100; 43 | /* 44 | * TIMEGRP "key" OFFSET = IN 6.4 ns VALID 6 ns AFTER "clk" HIGH; 45 | * TIMEGRP "state" OFFSET = IN 6.4 ns VALID 6 ns AFTER "clk" HIGH; 46 | * TIMEGRP "out" OFFSET = OUT 2.2 ns BEFORE "clk" HIGH; 47 | */ 48 | @ (negedge clk); 49 | #2; 50 | state = 128'h3243f6a8885a308d313198a2e0370734; 51 | key = 256'h2b7e151628aed2a6abf7158809cf4f3c_762e7160f38b4da56a784d9045190cfe; 52 | #10; 53 | state = 128'h00112233445566778899aabbccddeeff; 54 | key = 256'h000102030405060708090a0b0c0d0e0f_101112131415161718191a1b1c1d1e1f; 55 | #10; 56 | state = 128'h0; 57 | key = 256'h0; 58 | #270; 59 | if (out !== 128'h1a6e6c2c_662e7da6_501ffb62_bc9e93f3) 60 | begin $display("E"); $finish; end 61 | #10; 62 | if (out !== 128'h8ea2b7ca_516745bf_eafc4990_4b496089) 63 | begin $display("E"); $finish; end 64 | $display("Good."); 65 | $finish; 66 | end 67 | 68 | always #5 clk = ~clk; 69 | endmodule 70 | 71 | -------------------------------------------------------------------------------- /encryption/rew/core_ip/tiny_aes/test/test_endian.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2012, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | `timescale 1ns / 1ps 18 | 19 | module test_endian; 20 | 21 | reg [31:0] i; 22 | 23 | initial begin 24 | i = 32'h12345678; // big endian 25 | #100; 26 | $display("%h %h %h %h", i[31:24], i[23:16], i[15:8], i[7:0]); 27 | // 12 34 56 78 28 | $finish; 29 | end 30 | 31 | endmodule 32 | 33 | -------------------------------------------------------------------------------- /encryption/rew/core_ip/tiny_aes/test/test_table_lookup.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2012, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | `timescale 1ns / 1ps 18 | 19 | module test_table_lookup; 20 | 21 | // Inputs 22 | reg clk; 23 | reg [31:0] state; 24 | 25 | // Outputs 26 | wire [31:0] p0; 27 | wire [31:0] p1; 28 | wire [31:0] p2; 29 | wire [31:0] p3; 30 | 31 | // Instantiate the Unit Under Test (UUT) 32 | table_lookup uut ( 33 | .clk(clk), 34 | .state(state), 35 | .p0(p0), 36 | .p1(p1), 37 | .p2(p2), 38 | .p3(p3) 39 | ); 40 | 41 | initial begin 42 | clk = 0; 43 | state = 0; 44 | #100; 45 | state = 31'h193de3be; 46 | #10; 47 | if (p0 !== 32'hb3_d4_d4_67) begin $display("E"); $finish; end 48 | if (p1 !== 32'h69_4e_27_27) begin $display("E"); $finish; end 49 | if (p2 !== 32'h11_33_22_11) begin $display("E"); $finish; end 50 | if (p3 !== 32'hae_ae_e9_47) begin $display("E"); $finish; end 51 | $display("Good."); 52 | $finish; 53 | end 54 | 55 | always #5 clk = ~clk; 56 | endmodule 57 | 58 | -------------------------------------------------------------------------------- /encryption/rew/test/TinyAESTopTestbench.v: -------------------------------------------------------------------------------- 1 | 2 | `timescale 1ps/100fs 3 | 4 | //============================================================================== 5 | // Section: Includes 6 | //============================================================================== 7 | `include "Const.vh" 8 | //============================================================================== 9 | 10 | module TinyAESTopTestbench; 11 | 12 | localparam RESET_PERIOD = 200000; //in pSec 13 | parameter CLKIN_PERIOD = 5000; 14 | 15 | //**************************************************************************// 16 | // Wire Declarations 17 | //**************************************************************************// 18 | 19 | reg sys_rst_n; 20 | wire sys_rst; 21 | 22 | 23 | reg sys_clk_i; 24 | wire sys_clk_p; 25 | wire sys_clk_n; 26 | 27 | //**************************************************************************// 28 | // Reset Generation 29 | //**************************************************************************// 30 | initial begin 31 | sys_rst_n = 1'b0; 32 | #RESET_PERIOD 33 | sys_rst_n = 1'b1; 34 | end 35 | 36 | assign sys_rst = ~sys_rst_n; 37 | 38 | //**************************************************************************// 39 | // Clock Generation 40 | //**************************************************************************// 41 | 42 | initial 43 | sys_clk_i = 1'b0; 44 | always 45 | sys_clk_i = #(CLKIN_PERIOD/2.0) ~sys_clk_i; 46 | 47 | assign sys_clk_p = sys_clk_i; 48 | assign sys_clk_n = ~sys_clk_i; 49 | 50 | wire uart_txd; 51 | reg uart_rxd = 0; 52 | 53 | always @(posedge sys_clk_p) uart_rxd <= ~uart_rxd; 54 | 55 | //-------------------------------------------------------------------------- 56 | // CUT 57 | //-------------------------------------------------------------------------- 58 | 59 | tiny_aes_vc707 CUT( .sys_clk_p( sys_clk_p), 60 | .sys_clk_n( sys_clk_n), 61 | 62 | .sys_rst( sys_rst), 63 | 64 | .uart_txd( uart_txd), 65 | .uart_rxd( uart_rxd)); 66 | 67 | //-------------------------------------------------------------------------- 68 | endmodule 69 | //-------------------------------------------------------------------------- 70 | -------------------------------------------------------------------------------- /encryption/rew/test/tiny_aes_vc707.v: -------------------------------------------------------------------------------- 1 | 2 | //============================================================================== 3 | // Section: Includes 4 | //============================================================================== 5 | `include "Const.vh" 6 | //============================================================================== 7 | 8 | `timescale 1ps/1ps 9 | 10 | //============================================================================== 11 | // Module: ascend_vc707 12 | // Desc: Top level module for the Ascend chip. 13 | //============================================================================== 14 | module tiny_aes_vc707( 15 | input sys_clk_p, 16 | input sys_clk_n, 17 | input sys_rst, // SW8 18 | 19 | output uart_txd, 20 | input uart_rxd 21 | ); 22 | 23 | //------------------------------------------------------------------------------ 24 | // Constants 25 | //------------------------------------------------------------------------------ 26 | 27 | //------------------------------------------------------------------------------ 28 | // Wires & Regs 29 | //------------------------------------------------------------------------------ 30 | 31 | wire [127:0] CoreDataIn; 32 | wire [127:0] CoreKey; 33 | wire [127:0] CoreDataOut; 34 | 35 | //------------------------------------------------------------------------------ 36 | // Clock 37 | //------------------------------------------------------------------------------ 38 | 39 | wire Clock_Bufg, Clock, FastClock; 40 | wire Locked, FastReset; 41 | 42 | IBUFGDS ibufgds( .I( sys_clk_p), 43 | .IB( sys_clk_n), 44 | .O( Clock_Bufg)); 45 | BUFG bufg( .I( Clock_Bufg), 46 | .O( Clock)); 47 | 48 | aes_clock ultra( .clk_in1( Clock), 49 | .clk_out1( FastClock), 50 | .reset( sys_rst), 51 | .locked( Locked)); 52 | assign FastReset = ~Locked; 53 | 54 | //------------------------------------------------------------------------------ 55 | // UART 56 | //------------------------------------------------------------------------------ 57 | 58 | UART#( .ClockFreq( 300000000), 59 | .Baud( 9600), 60 | .Width( 256), 61 | .Parity( 0), 62 | .StopBits( 1)) 63 | uart( .Clock( FastClock), 64 | .Reset( FastReset), 65 | .DataIn( {128'b1, CoreDataOut}), 66 | .DataInValid( 1'b1), 67 | .DataInReady( ), 68 | .DataOut( {CoreKey, CoreDataIn}), 69 | .DataOutValid( ), 70 | .DataOutReady( 1'b1), 71 | .SIn( uart_rxd), 72 | .SOut( uart_txd)); 73 | 74 | //------------------------------------------------------------------------------ 75 | // AES 76 | //------------------------------------------------------------------------------ 77 | 78 | aes_128 tiny_aes( .clk( FastClock), 79 | .state( CoreDataIn), 80 | .key( CoreKey), 81 | .out( CoreDataOut)); 82 | 83 | //------------------------------------------------------------------------------ 84 | endmodule 85 | //------------------------------------------------------------------------------ -------------------------------------------------------------------------------- /encryption/rew/test/tiny_aes_vc707.xdc: -------------------------------------------------------------------------------- 1 | 2 | set_property BITSTREAM.CONFIG.UNUSEDPIN Pullup [current_design] 3 | 4 | ####################################### 5 | # UART 6 | ####################################### 7 | 8 | set_property BOARD_PIN rs232_uart_txd [get_ports uart_txd] 9 | set_property PACKAGE_PIN AU36 [get_ports uart_txd] 10 | set_property IOSTANDARD LVCMOS18 [get_ports uart_txd] 11 | set_property BOARD_PIN rs232_uart_rxd [get_ports uart_rxd] 12 | set_property PACKAGE_PIN AU33 [get_ports uart_rxd] 13 | set_property IOSTANDARD LVCMOS18 [get_ports uart_rxd] 14 | 15 | ####################################### 16 | # Clocks 17 | ####################################### 18 | 19 | create_clock -period 5.000 -name ClockF200 [get_ports sys_clk_p] 20 | #set_propagated_clock sys_clk_p 21 | 22 | # PadFunction: IO_L12P_T1_MRCC_38 23 | set_property IOSTANDARD DIFF_SSTL15 [get_ports sys_clk_p] 24 | 25 | # PadFunction: IO_L12N_T1_MRCC_38 26 | set_property IOSTANDARD DIFF_SSTL15 [get_ports sys_clk_n] 27 | set_property PACKAGE_PIN E18 [get_ports sys_clk_n] 28 | 29 | ####################################### 30 | # Reset 31 | ####################################### 32 | 33 | # PadFunction: IO_L13P_T2_MRCC_15 34 | set_property IOSTANDARD LVCMOS18 [get_ports sys_rst] 35 | set_property PACKAGE_PIN AV40 [get_ports sys_rst] -------------------------------------------------------------------------------- /frontend/test/testPLB.v: -------------------------------------------------------------------------------- 1 | `include "Const.vh" 2 | 3 | module testPLB; 4 | 5 | `include "PathORAM.vh" 6 | `include "UORAM.vh" 7 | 8 | 9 | wire Clock, Reset, Enable, Hit, Ready, EvictValid; 10 | wire [1:0] Cmd; 11 | wire [ORAMU-1:0] Addr; 12 | wire [LeafWidth-1:0] DIn, DOut; 13 | 14 | localparam LogLeafInBlock = `log2f(ORAMB / LeafWidth); 15 | DM_Cache #(LeafWidth, LogLeafInBlock, PLBCapacity, ORAMU) PLB (Clock, Reset, Enable, Cmd, Addr, DIn, Hit, DOut, Ready, EvictValid); 16 | 17 | reg [ORAML-1:0] CycleCount; 18 | initial begin 19 | CycleCount = 0; 20 | end 21 | always@(posedge Clock) begin 22 | CycleCount = CycleCount + 1; 23 | end 24 | 25 | assign Reset = 0; 26 | assign Enable = CycleCount != 48; 27 | assign Addr = (CycleCount < 48) ? ((CycleCount % 32) / 16 * 16) : CycleCount % 35; 28 | assign Offset = 0; 29 | assign Cmd = (CycleCount < 48) ? 2 : ((CycleCount < 60) ? 1 : (CycleCount < 70 ? 0 : 1) ); 30 | 31 | assign DIn = CycleCount * 100; 32 | 33 | localparam Freq = 100_000_000; 34 | ClockSource #(Freq) ClockF100Gen(1'b1, Clock); 35 | 36 | endmodule 37 | -------------------------------------------------------------------------------- /frontend/test/testUORAM.prj: -------------------------------------------------------------------------------- 1 | verilog work "../../gatelib/Bin2Gray.v" 2 | verilog work "../../gatelib/ClockSource.v" 3 | verilog work "../../gatelib/CountAlarm.v" 4 | verilog work "../../gatelib/CountCompare.v" 5 | verilog work "../../gatelib/Counter.v" 6 | verilog work "../../gatelib/DRAM2RAM.v" 7 | verilog work "../../gatelib/EdgeDetect.v" 8 | verilog work "../../gatelib/FIFOControl.v" 9 | verilog work "../../gatelib/FIFORAM.v" 10 | verilog work "../../gatelib/FIFORegControl.v" 11 | verilog work "../../gatelib/FIFORegister.v" 12 | verilog work "../../gatelib/FIFOShiftRound.v" 13 | verilog work "../../gatelib/Mux.v" 14 | verilog work "../../gatelib/OneHot2Bin.v" 15 | verilog work "../../gatelib/ParityGen.v" 16 | verilog work "../../gatelib/Pipeline.v" 17 | verilog work "../../gatelib/PulseExpander.v" 18 | verilog work "../../gatelib/RAM.v" 19 | verilog work "../../gatelib/Register.v" 20 | verilog work "../../gatelib/Reverse.v" 21 | verilog work "../../gatelib/ShiftRegister.v" 22 | verilog work "../../gatelib/SynthesizedDRAM.v" 23 | verilog work "../../gatelib/SynthesizedRandDRAM.v" 24 | verilog work "../../gatelib/UDCounter.v" 25 | 26 | verilog work "../../oram/frontend/DM_Cache.v" 27 | verilog work "../../oram/frontend/PosMapPLB.v" 28 | verilog work "../../oram/frontend/UORAMDataPath.v" 29 | verilog work "../../oram/frontend/UORAMController.v" 30 | 31 | verilog work "../../oram/addr/PathGen.v" 32 | verilog work "../../oram/addr/BktIDGen.v" 33 | verilog work "../../oram/addr/AddrGenBktHead.v" 34 | verilog work "../../oram/addr/AddrGen.v" 35 | verilog work "../../oram/addr/DRAMInitializer.v" 36 | 37 | verilog work "../../oram/encryption/basic/core_ip/rtl/verilog/timescale.v" 38 | verilog work "../../oram/encryption/basic/core_ip/rtl/verilog/aes_key_expand_128.v" 39 | verilog work "../../oram/encryption/basic/core_ip/rtl/verilog/aes_rcon.v" 40 | verilog work "../../oram/encryption/basic/core_ip/rtl/verilog/aes_sbox.v" 41 | verilog work "../../oram/encryption/basic/core_ip/rtl/verilog/aes_cipher_top.v" 42 | verilog work "../../oram/encryption/basic/AES_DW.v" 43 | verilog work "../../oram/encryption/basic/PRNG.v" 44 | verilog work "../../oram/encryption/basic/AESPathORAM.v" 45 | 46 | verilog work "../../oram/encryption/rew/GentrySeedGenerator.v" 47 | verilog work "../../oram/encryption/rew/ROISeedGenerator.v" 48 | verilog work "../../oram/encryption/rew/core_ip/tiny_aes/round.v" 49 | verilog work "../../oram/encryption/rew/core_ip/tiny_aes/table.v" 50 | verilog work "../../oram/encryption/rew/core_ip/tiny_aes/aes_128.v" 51 | verilog fifo_generator_v11_0 "../../boards/vc707/ip/ClkCross512x128/fifo_generator_v11_0/simulation/fifo_generator_v11_0.v" 52 | verilog work "../../boards/vc707/ip/ClkCross512x128/sim/ClkCross512x128.v" 53 | verilog work "../../boards/vc707/ip/ClkCross512x144/sim/ClkCross512x144.v" 54 | verilog work "../../boards/vc707/ip/ClkCross512x512/sim/ClkCross512x512.v" 55 | verilog work "../../boards/vc707/ip/aes_clock/aes_clock_clk_wiz.v" 56 | verilog work "../../boards/vc707/ip/aes_clock/aes_clock.v" 57 | verilog work "../../oram/encryption/rew/REWAESCore.v" 58 | verilog work "../../oram/encryption/rew/AESREWORAM.v" 59 | 60 | verilog work "../../oram/stash/StashCore.v" 61 | verilog work "../../oram/stash/StashScanTable.v" 62 | verilog work "../../oram/stash/Stash.v" 63 | verilog work "../../oram/stash/StashTop.v" 64 | 65 | verilog work "../../oram/integrity/core_ip/Keccak512/padder1.v" 66 | verilog work "../../oram/integrity/core_ip/Keccak512/padder.v" 67 | verilog work "../../oram/integrity/core_ip/Keccak512/f_permutation.v" 68 | verilog work "../../oram/integrity/core_ip/Keccak512/rconst2in1.v" 69 | verilog work "../../oram/integrity/core_ip/Keccak512/round2in1.v" 70 | verilog work "../../oram/integrity/core_ip/Keccak512/keccak.v" 71 | verilog work "../../oram/integrity/Keccak_WF.v" 72 | verilog work "../../oram/integrity/IntegrityVerifier.v" 73 | 74 | verilog work "../../oram/backend/REWStatCtr.v" 75 | verilog work "../../oram/backend/PathORAMBackendInner.v" 76 | verilog work "../../oram/backend/BackendController.v" 77 | verilog work "../../oram/backend/PathORAMBackend.v" 78 | verilog work "../../oram/backend/CoherenceController.v" 79 | 80 | verilog work "../../oram/TinyORAMCore.v" 81 | verilog work "../../tests/software/testORAM.v" 82 | verilog work "./glbl.v" 83 | nosort -------------------------------------------------------------------------------- /gatelib/Bin2Gray.v: -------------------------------------------------------------------------------- 1 | //============================================================================== 2 | // File: $URL: svn+ssh://repositorypub@repository.eecs.berkeley.edu/public/Projects/GateLib/trunk/Core/GateCore/Hardware/Code/Bin2Gray.v $ 3 | // Version: $Revision: 27051 $ 4 | // Author: Greg Gibeling (http://www.gdgib.com/) 5 | // Copyright: Copyright 2003-2010 UC Berkeley 6 | //============================================================================== 7 | 8 | //============================================================================== 9 | // Section: License 10 | //============================================================================== 11 | // Copyright (c) 2003-2010, Regents of the University of California 12 | // All rights reserved. 13 | // 14 | // Redistribution and use in source and binary forms, with or without modification, 15 | // are permitted provided that the following conditions are met: 16 | // 17 | // - Redistributions of source code must retain the above copyright notice, 18 | // this list of conditions and the following disclaimer. 19 | // - Redistributions in binary form must reproduce the above copyright 20 | // notice, this list of conditions and the following disclaimer 21 | // in the documentation and/or other materials provided with the 22 | // distribution. 23 | // - Neither the name of the University of California, Berkeley nor the 24 | // names of its contributors may be used to endorse or promote 25 | // products derived from this software without specific prior 26 | // written permission. 27 | // 28 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND 29 | // ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 30 | // WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 31 | // DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR 32 | // ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 33 | // (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 34 | // LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 35 | // ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 36 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 37 | // SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 38 | //============================================================================== 39 | 40 | //------------------------------------------------------------------------------ 41 | // Module: Bin2Gray 42 | // Desc: This is a simple binary to gray code converter 43 | // Params: Width: The width of the binary/gray code 44 | // Author: Greg Gibeling 45 | // Version: $Revision: 27051 $ 46 | //------------------------------------------------------------------------------ 47 | module Bin2Gray(Bin, Gray); 48 | //-------------------------------------------------------------------------- 49 | // Parameters 50 | //-------------------------------------------------------------------------- 51 | parameter Width = 8; 52 | //-------------------------------------------------------------------------- 53 | 54 | //-------------------------------------------------------------------------- 55 | // I/O 56 | //-------------------------------------------------------------------------- 57 | input [Width-1:0] Bin; 58 | output [Width-1:0] Gray; 59 | //-------------------------------------------------------------------------- 60 | 61 | //-------------------------------------------------------------------------- 62 | // Wires 63 | //-------------------------------------------------------------------------- 64 | genvar i; 65 | //-------------------------------------------------------------------------- 66 | 67 | //-------------------------------------------------------------------------- 68 | // Converter 69 | //-------------------------------------------------------------------------- 70 | generate for(i = 0; i < (Width - 1); i = i + 1) begin:B2G 71 | assign Gray[i] = ^Bin[i+1:i]; 72 | end endgenerate 73 | assign Gray[Width-1] = Bin[Width-1]; 74 | //-------------------------------------------------------------------------- 75 | endmodule 76 | //------------------------------------------------------------------------------ -------------------------------------------------------------------------------- /gatelib/ClockSource.v: -------------------------------------------------------------------------------- 1 | //============================================================================== 2 | // File: $URL: svn+ssh://repositorypub@repository.eecs.berkeley.edu/public/Projects/GateLib/trunk/Core/GateCore/Hardware/Simulation/ClockSource.v $ 3 | // Version: $Revision: 27051 $ 4 | // Author: Greg Gibeling (http://www.gdgib.com/) 5 | // Copyright: Copyright 2003-2010 UC Berkeley 6 | //============================================================================== 7 | 8 | //============================================================================== 9 | // Section: License 10 | //============================================================================== 11 | // Copyright (c) 2005-2010, Regents of the University of California 12 | // All rights reserved. 13 | // 14 | // Redistribution and use in source and binary forms, with or without modification, 15 | // are permitted provided that the following conditions are met: 16 | // 17 | // - Redistributions of source code must retain the above copyright notice, 18 | // this list of conditions and the following disclaimer. 19 | // - Redistributions in binary form must reproduce the above copyright 20 | // notice, this list of conditions and the following disclaimer 21 | // in the documentation and/or other materials provided with the 22 | // distribution. 23 | // - Neither the name of the University of California, Berkeley nor the 24 | // names of its contributors may be used to endorse or promote 25 | // products derived from this software without specific prior 26 | // written permission. 27 | // 28 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND 29 | // ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 30 | // WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 31 | // DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR 32 | // ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 33 | // (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 34 | // LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 35 | // ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 36 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 37 | // SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 38 | //============================================================================== 39 | 40 | //============================================================================== 41 | // Section: Defines and Constants 42 | //============================================================================== 43 | `timescale 1 ps/1 ps // Display things in ps, compute them in ps 44 | //============================================================================== 45 | 46 | //------------------------------------------------------------------------------ 47 | // Module: ClockSource 48 | // Desc: This module will use behavioral verilog to generate a properly 49 | // gated clock source at any frequency you desire. 50 | // Params: ClockFreq: Desired output clock frequency 51 | // SyncDisable: Will cause this generator to wait for a low value 52 | // on the clock before disabling it when Enable 53 | // transitions to low. 54 | // Phase: 55 | // Author: Greg Gibeling 56 | // Version: $Revision: 27051 $ 57 | //------------------------------------------------------------------------------ 58 | module ClockSource(Enable, Clock); 59 | //-------------------------------------------------------------------------- 60 | // Parameters 61 | //-------------------------------------------------------------------------- 62 | parameter real ClockFreq = 100000000, 63 | SyncDisable = 1, 64 | Phase = 0; 65 | //-------------------------------------------------------------------------- 66 | 67 | //-------------------------------------------------------------------------- 68 | // Constants 69 | //-------------------------------------------------------------------------- 70 | localparam real Delay = 500000000/(ClockFreq/1000), 71 | PhaseDelay = Delay * Phase / 180; 72 | //-------------------------------------------------------------------------- 73 | 74 | //-------------------------------------------------------------------------- 75 | // I/O 76 | //-------------------------------------------------------------------------- 77 | input Enable; 78 | output Clock; 79 | //-------------------------------------------------------------------------- 80 | 81 | //-------------------------------------------------------------------------- 82 | // Wires & Reg 83 | //-------------------------------------------------------------------------- 84 | reg Clock = 1'b0; 85 | //-------------------------------------------------------------------------- 86 | 87 | //-------------------------------------------------------------------------- 88 | // Gated Clock Source 89 | //-------------------------------------------------------------------------- 90 | always @ (posedge Enable) begin 91 | #(Delay); 92 | #(PhaseDelay); 93 | while (Enable) begin 94 | Clock = ~Clock; 95 | #(Delay); 96 | end 97 | if (Clock && SyncDisable) Clock = 1'b0; 98 | end 99 | //-------------------------------------------------------------------------- 100 | endmodule 101 | //------------------------------------------------------------------------------ 102 | -------------------------------------------------------------------------------- /gatelib/CountAlarm.v: -------------------------------------------------------------------------------- 1 | //============================================================================== 2 | // File: $URL$ 3 | // Version: $Revision$ 4 | // Author: Chris Fletcher (http://cwfletcher.net) 5 | // Copyright: Copyright 2005-2010 UC Berkeley 6 | //============================================================================== 7 | 8 | //============================================================================== 9 | // Section: License 10 | //============================================================================== 11 | // Copyright (c) 2005-2010, Regents of the University of California 12 | // All rights reserved. 13 | // 14 | // Redistribution and use in source and binary forms, with or without modification, 15 | // are permitted provided that the following conditions are met: 16 | // 17 | // - Redistributions of source code must retain the above copyright notice, 18 | // this list of conditions and the following disclaimer. 19 | // - Redistributions in binary form must reproduce the above copyright 20 | // notice, this list of conditions and the following disclaimer 21 | // in the documentation and/or other materials provided with the 22 | // distribution. 23 | // - Neither the name of the University of California, Berkeley nor the 24 | // names of its contributors may be used to endorse or promote 25 | // products derived from this software without specific prior 26 | // written permission. 27 | // 28 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND 29 | // ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 30 | // WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 31 | // DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR 32 | // ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 33 | // (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 34 | // LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 35 | // ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 36 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 37 | // SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 38 | //============================================================================== 39 | 40 | //============================================================================== 41 | // Section: Includes 42 | //============================================================================== 43 | `include "Const.vh" 44 | //============================================================================== 45 | 46 | //------------------------------------------------------------------------------ 47 | // Module: CountAlarm 48 | // Desc: Wrapper around Counter+CountCompare, which we use all over the 49 | // place. This module saves us from defining CWidth/Internal 50 | // counters. 51 | // 52 | // TODO: Make the number of Intermediate signals _parameterizable_ 53 | // (maybe I'll do this when I see we need more than 1 ...) 54 | //------------------------------------------------------------------------------ 55 | module CountAlarm(Clock, Reset, Enable, Intermediate, Done, Count); 56 | //-------------------------------------------------------------------------- 57 | // Parameters 58 | //-------------------------------------------------------------------------- 59 | 60 | parameter Threshold = 16, 61 | IThreshold = 0, 62 | Initial = 1'b0; 63 | 64 | //-------------------------------------------------------------------------- 65 | // Constants 66 | //-------------------------------------------------------------------------- 67 | 68 | localparam CWidth = `log2(Threshold); 69 | 70 | //-------------------------------------------------------------------------- 71 | // System Inputs 72 | //-------------------------------------------------------------------------- 73 | 74 | input Clock; 75 | input Reset; 76 | 77 | //-------------------------------------------------------------------------- 78 | // User ports 79 | //-------------------------------------------------------------------------- 80 | 81 | input Enable; 82 | output Intermediate, Done; 83 | 84 | output [CWidth-1:0] Count; 85 | 86 | //-------------------------------------------------------------------------- 87 | // Wires & Regs 88 | //-------------------------------------------------------------------------- 89 | 90 | wire Alarm_Pre; 91 | 92 | //-------------------------------------------------------------------------- 93 | // Core 94 | //-------------------------------------------------------------------------- 95 | 96 | Counter #( .Width( CWidth), 97 | .Initial( {CWidth{Initial}})) 98 | state( .Clock( Clock), 99 | .Reset( Reset | Done), 100 | .Set( 1'b0), 101 | .Load( 1'b0), 102 | .Enable( Enable), 103 | .In( {CWidth{1'bx}}), 104 | .Count( Count)); 105 | CountCompare #( .Width( CWidth), 106 | .Compare( Threshold - 1)) 107 | threshold( .Count( Count), 108 | .TerminalCount( Alarm_Pre)); 109 | assign Done = Alarm_Pre & Enable; 110 | 111 | // Optional 112 | assign Intermediate = Count == IThreshold; 113 | 114 | //------------------------------------------------------------------------------ 115 | endmodule 116 | //------------------------------------------------------------------------------ 117 | -------------------------------------------------------------------------------- /gatelib/Gray2Bin.v: -------------------------------------------------------------------------------- 1 | //============================================================================== 2 | // File: $URL: svn+ssh://repositorypub@repository.eecs.berkeley.edu/public/Projects/GateLib/trunk/Core/GateCore/Hardware/Code/Gray2Bin.v $ 3 | // Version: $Revision: 27051 $ 4 | // Author: Greg Gibeling (http://www.gdgib.com/) 5 | // Copyright: Copyright 2003-2010 UC Berkeley 6 | //============================================================================== 7 | 8 | //============================================================================== 9 | // Section: License 10 | //============================================================================== 11 | // Copyright (c) 2003-2010, Regents of the University of California 12 | // All rights reserved. 13 | // 14 | // Redistribution and use in source and binary forms, with or without modification, 15 | // are permitted provided that the following conditions are met: 16 | // 17 | // - Redistributions of source code must retain the above copyright notice, 18 | // this list of conditions and the following disclaimer. 19 | // - Redistributions in binary form must reproduce the above copyright 20 | // notice, this list of conditions and the following disclaimer 21 | // in the documentation and/or other materials provided with the 22 | // distribution. 23 | // - Neither the name of the University of California, Berkeley nor the 24 | // names of its contributors may be used to endorse or promote 25 | // products derived from this software without specific prior 26 | // written permission. 27 | // 28 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND 29 | // ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 30 | // WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 31 | // DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR 32 | // ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 33 | // (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 34 | // LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 35 | // ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 36 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 37 | // SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 38 | //============================================================================== 39 | 40 | //------------------------------------------------------------------------------ 41 | // Module: Gray2Bin 42 | // Desc: This is a simple gray code to binary converter 43 | // Params: Width: The width of the binary/gray code 44 | // Author: Greg Gibeling 45 | // Version: $Revision: 27051 $ 46 | //------------------------------------------------------------------------------ 47 | module Gray2Bin(Gray, Bin); 48 | //-------------------------------------------------------------------------- 49 | // Parameters 50 | //-------------------------------------------------------------------------- 51 | parameter Width = 8; 52 | //-------------------------------------------------------------------------- 53 | 54 | //-------------------------------------------------------------------------- 55 | // I/O 56 | //-------------------------------------------------------------------------- 57 | input [Width-1:0] Gray; 58 | output [Width-1:0] Bin; 59 | //-------------------------------------------------------------------------- 60 | 61 | //-------------------------------------------------------------------------- 62 | // Regs 63 | //-------------------------------------------------------------------------- 64 | genvar i; 65 | //-------------------------------------------------------------------------- 66 | 67 | //-------------------------------------------------------------------------- 68 | // Converter 69 | //-------------------------------------------------------------------------- 70 | generate for(i = 0; i < Width; i = i + 1) begin:G2B 71 | assign Bin[i] = ^Gray[Width-1:i]; 72 | end endgenerate 73 | //-------------------------------------------------------------------------- 74 | endmodule 75 | //------------------------------------------------------------------------------ 76 | -------------------------------------------------------------------------------- /gatelib/OneHot2Bin.v: -------------------------------------------------------------------------------- 1 | //============================================================================== 2 | // File: $URL: svn+ssh://repositorypub@repository.eecs.berkeley.edu/public/Projects/GateLib/trunk/Core/GateCore/Hardware/Code/OneHot2Bin.v $ 3 | // Version: $Revision: 27051 $ 4 | // Author: Greg Gibeling (http://www.gdgib.com/) 5 | // Copyright: Copyright 2003-2010 UC Berkeley 6 | //============================================================================== 7 | 8 | //============================================================================== 9 | // Section: License 10 | //============================================================================== 11 | // Copyright (c) 2003-2010, Regents of the University of California 12 | // All rights reserved. 13 | // 14 | // Redistribution and use in source and binary forms, with or without modification, 15 | // are permitted provided that the following conditions are met: 16 | // 17 | // - Redistributions of source code must retain the above copyright notice, 18 | // this list of conditions and the following disclaimer. 19 | // - Redistributions in binary form must reproduce the above copyright 20 | // notice, this list of conditions and the following disclaimer 21 | // in the documentation and/or other materials provided with the 22 | // distribution. 23 | // - Neither the name of the University of California, Berkeley nor the 24 | // names of its contributors may be used to endorse or promote 25 | // products derived from this software without specific prior 26 | // written permission. 27 | // 28 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND 29 | // ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 30 | // WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 31 | // DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR 32 | // ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 33 | // (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 34 | // LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 35 | // ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 36 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 37 | // SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 38 | //============================================================================== 39 | 40 | //============================================================================== 41 | // Section: Includes 42 | //============================================================================== 43 | `include "Const.vh" 44 | //============================================================================== 45 | 46 | //------------------------------------------------------------------------------ 47 | // Module: OneHot2Bin 48 | // Desc: This is a simple one hot to binary converter 49 | // Params: width: The width of the one-hot input 50 | //------------------------------------------------------------------------------ 51 | module OneHot2Bin(OneHot, Bin); 52 | //-------------------------------------------------------------------------- 53 | // Parameters 54 | //-------------------------------------------------------------------------- 55 | parameter Width = 8; 56 | //-------------------------------------------------------------------------- 57 | 58 | //-------------------------------------------------------------------------- 59 | // Constants 60 | //-------------------------------------------------------------------------- 61 | `ifdef MACROSAFE 62 | localparam BWidth = `log2(Width); 63 | `endif 64 | //-------------------------------------------------------------------------- 65 | 66 | //-------------------------------------------------------------------------- 67 | // I/O 68 | //-------------------------------------------------------------------------- 69 | input [Width-1:0] OneHot; 70 | output [BWidth-1:0] Bin; 71 | //-------------------------------------------------------------------------- 72 | 73 | //-------------------------------------------------------------------------- 74 | // Converter 75 | //-------------------------------------------------------------------------- 76 | genvar i; 77 | generate for (i = 0; i < BWidth; i = i + 1) begin:ENC 78 | assign Bin[i] = |({`divceil(Width, (2*`pow2(i))){{`pow2(i){1'b1}},{`pow2(i){1'b0}}}} & OneHot); 79 | end endgenerate 80 | //-------------------------------------------------------------------------- 81 | endmodule 82 | //------------------------------------------------------------------------------ -------------------------------------------------------------------------------- /gatelib/Register.v: -------------------------------------------------------------------------------- 1 | //============================================================================== 2 | // File: $URL: svn+ssh://repositorypub@repository.eecs.berkeley.edu/public/Projects/GateLib/trunk/Core/GateCore/Hardware/State/Register.v $ 3 | // Version: $Revision: 26904 $ 4 | // Author: Greg Gibeling (http://www.gdgib.com/) 5 | // Copyright: Copyright 2003-2010 UC Berkeley 6 | //============================================================================== 7 | 8 | //============================================================================== 9 | // Section: License 10 | //============================================================================== 11 | // Copyright (c) 2003-2010, Regents of the University of California 12 | // All rights reserved. 13 | // 14 | // Redistribution and use in source and binary forms, with or without modification, 15 | // are permitted provided that the following conditions are met: 16 | // 17 | // - Redistributions of source code must retain the above copyright notice, 18 | // this list of conditions and the following disclaimer. 19 | // - Redistributions in binary form must reproduce the above copyright 20 | // notice, this list of conditions and the following disclaimer 21 | // in the documentation and/or other materials provided with the 22 | // distribution. 23 | // - Neither the name of the University of California, Berkeley nor the 24 | // names of its contributors may be used to endorse or promote 25 | // products derived from this software without specific prior 26 | // written permission. 27 | // 28 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND 29 | // ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 30 | // WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 31 | // DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR 32 | // ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 33 | // (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 34 | // LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 35 | // ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 36 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 37 | // SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 38 | //============================================================================== 39 | 40 | //------------------------------------------------------------------------------ 41 | // Module: Register 42 | // Desc: If you don't know, I can't help you. 43 | // Author: Greg Gibeling 44 | // Version: $Revision: 26904 $ 45 | //------------------------------------------------------------------------------ 46 | module Register(Clock, Reset, Set, Enable, In, Out); 47 | //-------------------------------------------------------------------------- 48 | // Parameters 49 | //-------------------------------------------------------------------------- 50 | parameter Width = 32, 51 | Initial = {Width{1'b0}}, 52 | AsyncReset = 0, 53 | AsyncSet = 0, 54 | ResetValue = {Width{1'b0}}, 55 | SetValue = {Width{1'b1}}; 56 | //-------------------------------------------------------------------------- 57 | 58 | //-------------------------------------------------------------------------- 59 | // Inputs & Outputs 60 | //-------------------------------------------------------------------------- 61 | input Clock, Enable, Reset, Set; 62 | input [Width-1:0] In; 63 | output reg [Width-1:0] Out; 64 | //-------------------------------------------------------------------------- 65 | 66 | //-------------------------------------------------------------------------- 67 | // Initial value 68 | //-------------------------------------------------------------------------- 69 | `ifdef FPGA 70 | initial begin 71 | Out = Initial; // WARNING: DO NOT CHANGE THIS BACK TO 'output reg Out = Initial'; Vivado 2013.4 silently ignores this syntax for synthesis. 72 | end 73 | `endif 74 | //-------------------------------------------------------------------------- 75 | 76 | //-------------------------------------------------------------------------- 77 | // Behavioral Register 78 | //-------------------------------------------------------------------------- 79 | generate if (AsyncReset) begin:AR 80 | if (AsyncSet) begin:AS 81 | always @ (posedge Clock or posedge Reset or posedge Set) begin 82 | if (Reset) Out <= ResetValue; 83 | else if (Set) Out <= SetValue; 84 | else if (Enable) Out <= In; 85 | end 86 | end else begin:SS 87 | always @ (posedge Clock or posedge Reset) begin 88 | if (Reset) Out <= ResetValue; 89 | else if (Set) Out <= SetValue; 90 | else if (Enable) Out <= In; 91 | end 92 | end 93 | end else begin:SR 94 | if (AsyncSet) begin:AS 95 | always @ (posedge Clock or posedge Set) begin 96 | if (Reset) Out <= ResetValue; 97 | else if (Set) Out <= SetValue; 98 | else if (Enable) Out <= In; 99 | end 100 | end else begin:SS 101 | always @ (posedge Clock) begin 102 | if (Reset) Out <= ResetValue; 103 | else if (Set) Out <= SetValue; 104 | else if (Enable) Out <= In; 105 | end 106 | end 107 | end endgenerate 108 | //-------------------------------------------------------------------------- 109 | endmodule 110 | //------------------------------------------------------------------------------ 111 | 112 | // a more compact abstraction of 1-bit register, which we use everywhere 113 | module Register1b(Clock, Reset, Set, Out); 114 | input Clock, Reset, Set; 115 | output Out; 116 | Register #(.Width(1), .Initial(1'b0)) 117 | reg1b (Clock, Reset, Set, 1'b0, 1'bx, Out); 118 | endmodule 119 | -------------------------------------------------------------------------------- /gatelib/Reverse.v: -------------------------------------------------------------------------------- 1 | //============================================================================== 2 | // File: $URL: svn+ssh://repositorypub@repository.eecs.berkeley.edu/public/Projects/GateLib/trunk/Core/GateCore/Hardware/Datapath/Fixed/Reverse.v $ 3 | // Version: $Revision: 26904 $ 4 | // Author: Greg Gibeling (http://www.gdgib.com/) 5 | // Copyright: Copyright 2003-2010 UC Berkeley 6 | //============================================================================== 7 | 8 | //============================================================================== 9 | // Section: License 10 | //============================================================================== 11 | // Copyright (c) 2003-2010, Regents of the University of California 12 | // All rights reserved. 13 | // 14 | // Redistribution and use in source and binary forms, with or without modification, 15 | // are permitted provided that the following conditions are met: 16 | // 17 | // - Redistributions of source code must retain the above copyright notice, 18 | // this list of conditions and the following disclaimer. 19 | // - Redistributions in binary form must reproduce the above copyright 20 | // notice, this list of conditions and the following disclaimer 21 | // in the documentation and/or other materials provided with the 22 | // distribution. 23 | // - Neither the name of the University of California, Berkeley nor the 24 | // names of its contributors may be used to endorse or promote 25 | // products derived from this software without specific prior 26 | // written permission. 27 | // 28 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND 29 | // ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 30 | // WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 31 | // DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR 32 | // ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 33 | // (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 34 | // LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 35 | // ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 36 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 37 | // SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 38 | //============================================================================== 39 | 40 | //------------------------------------------------------------------------------ 41 | // Module: Reverse 42 | // Desc: Parameterized bit reversal module: a fancy wire. 43 | // Essentially this module is just a very complex set of wires, all 44 | // it does it reverse the bits in a bus. A "group" is a group of 45 | // "chunks" that should be reversed, "set" is the number of 46 | // "chunks" per "group". This module will reverse the order of the 47 | // "chunks" within each "group". 48 | // Params: Width: This sets the input and output bus width of the module 49 | // Chunk: This is the size of a block of wires which should 50 | // be kept in order. The default is 1 meaning each wire 51 | // should be treated separately. 52 | // Set: The number of chunks in a set, the default is the 53 | // bitwidth of the input bus, meaning that the whole input 54 | // bus is treated as a set. 55 | // Ex: (32,1,32) Will reverse the bit order of a 32bit bus. 56 | // (32,1,8)Will reverse the MSb/LSb order of the bytes in a 32bit 57 | // bus. 58 | // (32,4,2)will reverse the MSNibble/LSNibble of each byte in a 59 | // 32bit bus. 60 | // Author: Greg Gibeling 61 | // Version: $Revision: 26904 $ 62 | //------------------------------------------------------------------------------ 63 | module Reverse(In, Out); 64 | //-------------------------------------------------------------------------- 65 | // Parameters 66 | //-------------------------------------------------------------------------- 67 | parameter Width = 32, 68 | Chunk = 1, 69 | Set = Width; 70 | //-------------------------------------------------------------------------- 71 | 72 | //-------------------------------------------------------------------------- 73 | // Constants 74 | //-------------------------------------------------------------------------- 75 | localparam Group = Chunk * Set; 76 | //-------------------------------------------------------------------------- 77 | 78 | //-------------------------------------------------------------------------- 79 | // I/O 80 | //-------------------------------------------------------------------------- 81 | input [Width-1:0] In; 82 | output [Width-1:0] Out; 83 | //-------------------------------------------------------------------------- 84 | 85 | //-------------------------------------------------------------------------- 86 | // A Complicated Wire 87 | //-------------------------------------------------------------------------- 88 | genvar i; 89 | generate for(i = 0; i < Width; i = i + 1) begin:REVERSE 90 | assign Out[i] = In[((Set - 1 - ((i % Group) / Chunk)) * Chunk) + ((i % Group) % Chunk) + ((i / Group) * Group)]; 91 | end endgenerate 92 | //-------------------------------------------------------------------------- 93 | endmodule 94 | //------------------------------------------------------------------------------ 95 | -------------------------------------------------------------------------------- /gatelib/UDCounter.v: -------------------------------------------------------------------------------- 1 | //============================================================================== 2 | // File: $URL: svn+ssh://repositorypub@repository.eecs.berkeley.edu/public/Projects/GateLib/trunk/Core/GateCore/Hardware/Counting/UDCounter.v $ 3 | // Version: $Revision: 26904 $ 4 | // Author: Greg Gibeling (http://www.gdgib.com/) 5 | // Copyright: Copyright 2003-2010 UC Berkeley 6 | //============================================================================== 7 | 8 | //============================================================================== 9 | // Section: License 10 | //============================================================================== 11 | // Copyright (c) 2003-2010, Regents of the University of California 12 | // All rights reserved. 13 | // 14 | // Redistribution and use in source and binary forms, with or without modification, 15 | // are permitted provided that the following conditions are met: 16 | // 17 | // - Redistributions of source code must retain the above copyright notice, 18 | // this list of conditions and the following disclaimer. 19 | // - Redistributions in binary form must reproduce the above copyright 20 | // notice, this list of conditions and the following disclaimer 21 | // in the documentation and/or other materials provided with the 22 | // distribution. 23 | // - Neither the name of the University of California, Berkeley nor the 24 | // names of its contributors may be used to endorse or promote 25 | // products derived from this software without specific prior 26 | // written permission. 27 | // 28 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND 29 | // ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 30 | // WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 31 | // DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR 32 | // ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 33 | // (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 34 | // LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 35 | // ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 36 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 37 | // SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 38 | //============================================================================== 39 | 40 | //------------------------------------------------------------------------------ 41 | // Module: UDCounter 42 | // Desc: This is an up/down counter with an option to be hard limited at 43 | // the max/min values. 44 | // Params: Width: Sets the bitwidth of the counter 45 | // Limited: Should the counter saturate? 46 | // Ex: (8,1) creates an 8-bit saturating counter 47 | // (32,1) creates a 32-bit saturating counter 48 | // (4,0) creates a 4-bit rollover counter 49 | // Author: Greg Gibeling 50 | // Version: $Revision: 26904 $ 51 | //------------------------------------------------------------------------------ 52 | module UDCounter(Clock, Reset, Set, Load, Up, Down, In, Count); 53 | //-------------------------------------------------------------------------- 54 | // Parameters 55 | //-------------------------------------------------------------------------- 56 | parameter Width = 32, 57 | Limited = 0, 58 | Initial = {Width{1'b0}}, 59 | AsyncReset = 0, 60 | AsyncSet = 0, 61 | ResetValue = {Width{1'b0}}, 62 | SetValue = {Width{1'b1}}; 63 | //-------------------------------------------------------------------------- 64 | 65 | //-------------------------------------------------------------------------- 66 | // I/O 67 | //-------------------------------------------------------------------------- 68 | input Clock, Reset, Set, Load; 69 | input Up, Down; 70 | input [Width-1:0] In; 71 | output [Width-1:0] Count; 72 | //-------------------------------------------------------------------------- 73 | 74 | //-------------------------------------------------------------------------- 75 | // Wires 76 | //-------------------------------------------------------------------------- 77 | wire NoLimit; 78 | wire [Width-1:0] NextCount; 79 | //-------------------------------------------------------------------------- 80 | 81 | //-------------------------------------------------------------------------- 82 | // Assigns 83 | //-------------------------------------------------------------------------- 84 | assign NoLimit = !Limited; 85 | assign NextCount = (Up) ? (Count + 1) : (Count - 1); 86 | //-------------------------------------------------------------------------- 87 | 88 | //-------------------------------------------------------------------------- 89 | // Behavioral Up/Down Counter (With Set/Reset and Limiting) 90 | //-------------------------------------------------------------------------- 91 | Register #( .Width( Width), 92 | .Initial( Initial), 93 | .AsyncReset( AsyncReset), 94 | .AsyncSet( AsyncSet), 95 | .ResetValue( ResetValue), 96 | .SetValue( SetValue)) 97 | Register( .Clock( Clock), 98 | .Reset( Reset), 99 | .Set( Set), 100 | .Enable( Load | ((Up ^ Down) & (Up ? (NoLimit | ~&Count) : (NoLimit | (|Count))))), 101 | .In( Load ? In : NextCount), 102 | .Out( Count)); 103 | //-------------------------------------------------------------------------- 104 | endmodule 105 | //------------------------------------------------------------------------------ 106 | -------------------------------------------------------------------------------- /include/BucketLocal.vh: -------------------------------------------------------------------------------- 1 | 2 | // Suffix meanings: 3 | // RawBits = what it sounds like ... 4 | // RndBits = bits rounded to some value (usually a DDR3 burst) 5 | // DRBursts = in terms of DDR3 bursts 6 | // DRWords = in terms of DDR3 DQ bus width (typically 64b) 7 | 8 | `ifdef SIMULATION 9 | initial begin 10 | if (ORAMB == PINIT || 11 | ORAMU == PINIT || 12 | ORAML == PINIT || 13 | ORAMZ == PINIT || 14 | BEDWidth == PINIT || 15 | EnableIV == PINIT) begin 16 | $display("[%m] ERROR: parameter uninitialized."); 17 | $finish; 18 | end 19 | end 20 | `endif 21 | 22 | localparam IVINITValue = {AESEntropy{1'b0}}; 23 | 24 | //-------------------------------------------------------------------------- 25 | // Raw bit fields 26 | //-------------------------------------------------------------------------- 27 | 28 | // Header flit 29 | localparam BigVWidth = ORAMZ, 30 | BigUWidth = ORAMU * ORAMZ, 31 | BigLWidth = ORAML * ORAMZ, 32 | BigHWidth = ORAMH * ORAMZ; 33 | localparam BktHSize_ValidBits = `divceil(ORAMZ, 8) * 8, 34 | BktHWaste_ValidBits = BktHSize_ValidBits - ORAMZ, 35 | BktHVStart = AESEntropy, 36 | BktHUStart = BktHVStart + BktHSize_ValidBits, // at what position do the U's start? 37 | BktHLStart = BktHUStart + BigUWidth, // at what position do the L's start? 38 | BktHHStart = BktHLStart + BigLWidth, // at what position do the Hashes start? 39 | BktHSize_RawBits = BktHHStart + ((EnableIV) ? BigHWidth : 0); 40 | 41 | //-------------------------------------------------------------------------- 42 | // Quantities in terms of the Memory/DRAM width 43 | //-------------------------------------------------------------------------- 44 | 45 | // Now, we align bitfields to DDR3 burst lengths. This means (for BEDWidth 46 | // == DDRDWidth) that we won't need expensive re-alignment logic in ORAM. 47 | // For the BEDWidth < DDRDWidth case, we will lose bandwidth if ORAMB % DDRDWidth != 0. 48 | 49 | localparam BlkSize_DRBursts = `divceil(ORAMB, DDRDWidth), 50 | BktHSize_DRBursts = `divceil(BktHSize_RawBits, DDRDWidth), 51 | BktPSize_DRBursts = ORAMZ * BlkSize_DRBursts, 52 | BktHSize_RndBits = BktHSize_DRBursts * DDRDWidth, // = 512 or 1024 for all configs we care about 53 | BktPSize_RndBits = BktPSize_DRBursts * DDRDWidth; 54 | 55 | localparam BktSize_DRBursts = BktHSize_DRBursts + BktPSize_DRBursts, 56 | BktSize_RndBits = BktSize_DRBursts * DDRDWidth, 57 | BktSize_DRWords = BktSize_RndBits / DDRDQWidth; // = E.g., for Z = 5, BktSize_TotalRnd = 3072 and BktSize_DDRWords = 48 58 | 59 | // ... and associated helper params 60 | localparam 61 | PathSize_DRBursts = (ORAML + 1) * BktSize_DRBursts, 62 | PathPSize_DRBursts = (ORAML + 1) * BktPSize_DRBursts, 63 | BBSTWidth = `log2(BktSize_DRBursts), // Bucket DRAM burst width 64 | PBSTWidth = `log2(PathSize_DRBursts); // Path DRAM burst width 65 | 66 | //-------------------------------------------------------------------------- 67 | // Quantities in terms of BEDWidth 68 | //-------------------------------------------------------------------------- 69 | 70 | // BEDWidth/FEDWidth-related quantities 71 | localparam BstSize_BEDChunks = `divceil(DDRDWidth, BEDWidth), 72 | BlkSize_BEDChunks = BlkSize_DRBursts * BstSize_BEDChunks, 73 | BktHSize_BEDChunks = `divceil(BktHSize_RndBits, BEDWidth), 74 | BktPSize_BEDChunks = `divceil(BktPSize_RndBits, BEDWidth), 75 | BktSize_BEDChunks = BktHSize_BEDChunks + BktPSize_BEDChunks, 76 | PathPSize_BEDChunks = (ORAML + 1) * BktPSize_BEDChunks, 77 | PathSize_BEDChunks = (ORAML + 1) * BktSize_BEDChunks; 78 | 79 | localparam RHWidth = BktHSize_BEDChunks * BEDWidth; 80 | 81 | //-------------------------------------------------------------------------- 82 | // DRAM Addressing 83 | //-------------------------------------------------------------------------- 84 | 85 | localparam L_st = `log2f(DDRROWWidth / BktSize_DRWords + 1); 86 | localparam numST = (ORAML + 1 + L_st - 1) / L_st; // the number of subtrees on a path 87 | 88 | localparam numTallST = ((1 << ((numST-1)*L_st)) - 1) / ((1 << L_st) - 1); // the number of not-short subtreess 89 | localparam numTotalST = ((1 << (numST*L_st)) - 1) / ((1 << L_st) - 1); // the number of total subtreess 90 | 91 | localparam NumBuckets = (1 << (ORAML + 1)) + numTotalST; // Last addr of the ORAM tree (in buckets). We waste one bucket per subtree. 92 | 93 | localparam DDRAWidth = `log2(NumBuckets + 1) + `log2(BktSize_DRWords); // DRAM burst address for last bucket 94 | 95 | `ifdef SIMULATION 96 | initial begin 97 | $display("DDRAWidth = %d", DDRAWidth); 98 | end 99 | `endif -------------------------------------------------------------------------------- /include/CacheCmdLocal.vh: -------------------------------------------------------------------------------- 1 | localparam CacheCmdWidth = 2; 2 | 3 | localparam CacheWrite = 2'b00; 4 | localparam CacheRead = 2'b01; 5 | localparam CacheRefill = 2'b10; 6 | localparam CacheInitRefill = 2'b11; 7 | 8 | 9 | -------------------------------------------------------------------------------- /include/CacheLocal.vh: -------------------------------------------------------------------------------- 1 | localparam WriteLatency = 1; 2 | localparam RefillLatency = (1 << LogLineSize); 3 | 4 | localparam DArrayAddrWidth = `log2f(Capacity / DataWidth); 5 | localparam NumLines = (Capacity / DataWidth) >> LogLineSize; 6 | localparam TArrayAddrWidth = `log2f(NumLines); 7 | localparam TagWidth = AddrWidth - LogLineSize; 8 | 9 | -------------------------------------------------------------------------------- /include/CommandsLocal.vh: -------------------------------------------------------------------------------- 1 | 2 | // Commands sent by user logic / Frontend, understood by Backend/Stash 3 | localparam BECMDWidth = 2, 4 | BECMD_Update = 2'd0, // update existing block (Write) 5 | BECMD_Append = 2'd1, // add non-existing block (Write) 6 | BECMD_Read = 2'd2, // Read existing block, but leave in place (Read) 7 | BECMD_ReadRmv = 2'd3; // Read existing block and remove (Read); we need this even with inclusive ORAM for PosMap blocks (i.e., they won't go poof) 8 | 9 | // Sent by BackendCore, understood by StashTop 10 | localparam STCMDWidth = 2, 11 | STCMD_StartRead = 2'd0, 12 | STCMD_StartWrite = 2'd1, 13 | STCMD_Append = 2'd2; 14 | 15 | // Sent by Stash, understood by StashCore 16 | localparam SCMDWidth = 3, 17 | SCMD_Update = 3'd0, 18 | SCMD_Append = 3'd1, 19 | SCMD_Read = 3'd2, 20 | SCMD_Dump = 3'd3, 21 | SCMD_Sync = 3'd4, 22 | SCMD_UpdateHeader = 3'd5; 23 | -------------------------------------------------------------------------------- /include/DDR3SDRAMLocal.vh: -------------------------------------------------------------------------------- 1 | 2 | // Configured for DDR3SDRAM 3 | 4 | localparam DDRDQWidth = 64, // DQ bus width / DRAM word width 5 | DDRCWidth = 3; // Command width 6 | 7 | localparam DDRBstLen = 8, // Burst length (in # of 64b words) 8 | DDRDWidth = DDRBstLen * DDRDQWidth, // Data width in bits (512) 9 | DDRMWidth = DDRDWidth / 8, // Byte mask 10 | DDRROWWidth = 8192; // Big Row size in DRAM column width: 1024 column * 8 banks (TODO: make this in terms of ROW/BANK params) 11 | 12 | localparam DDR3CMD_Write = 3'd0, 13 | DDR3CMD_Read = 3'd1; 14 | -------------------------------------------------------------------------------- /include/DMLocal.vh: -------------------------------------------------------------------------------- 1 | 2 | //-------------------------------------------------------------------------- 3 | // Data Mask Width 4 | //-------------------------------------------------------------------------- 5 | 6 | localparam DMWidth = `divceil(ORAMB,8); -------------------------------------------------------------------------------- /include/DRAM.constants: -------------------------------------------------------------------------------- 1 | //============================================================================== 2 | // File: $URL: svn+ssh://repositorypub@repository.eecs.berkeley.edu/public/Projects/GateLib/trunk/Firmware/DRAM/Hardware/DRAM.constants $ 3 | // Version: $Revision: 27062 $ 4 | // Author: Greg Gibeling (http://www.gdgib.com) 5 | // Copyright: Copyright 2005-2010 UC Berkeley 6 | //============================================================================== 7 | 8 | //============================================================================== 9 | // Section: License 10 | //============================================================================== 11 | // Copyright (c) 2005-2010, Regents of the University of California 12 | // All rights reserved. 13 | // 14 | // Redistribution and use in source and binary forms, with or without modification, 15 | // are permitted provided that the following conditions are met: 16 | // 17 | // - Redistributions of source code must retain the above copyright notice, 18 | // this list of conditions and the following disclaimer. 19 | // - Redistributions in binary form must reproduce the above copyright 20 | // notice, this list of conditions and the following disclaimer 21 | // in the documentation and/or other materials provided with the 22 | // distribution. 23 | // - Neither the name of the University of California, Berkeley nor the 24 | // names of its contributors may be used to endorse or promote 25 | // products derived from this software without specific prior 26 | // written permission. 27 | // 28 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND 29 | // ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 30 | // WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 31 | // DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR 32 | // ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 33 | // (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 34 | // LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 35 | // ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 36 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 37 | // SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 38 | //============================================================================== 39 | 40 | //------------------------------------------------------------------------------ 41 | // DRAM Commands 42 | //------------------------------------------------------------------------------ 43 | localparam DRAMCMD_CWidth = 3, 44 | DRAMCMD_Write = 3'b000, 45 | DRAMCMD_Read = 3'b001, 46 | DRAMCMD_Flush = 3'b010, 47 | DRAMCMD_Refresh = 3'b011, 48 | DRAMCMD_AutoRefresh = 3'b100, 49 | DRAMCMD_PowerDown = 3'b101, 50 | DRAMCMD_PowerUp = 3'b110; 51 | //------------------------------------------------------------------------------ 52 | -------------------------------------------------------------------------------- /include/IVLocal.vh: -------------------------------------------------------------------------------- 1 | 2 | localparam MIWidth = ORAMU + AESEntropy, 3 | 4 | BlkSize_FEDChunks = `divceil(ORAMB, FEDWidth), 5 | MI_FEDChunks = `divceil(MIWidth, FEDWidth), 6 | MAC_FEDChunks = `divceil(ORAMH, FEDWidth), 7 | 8 | MIPADWidth = MI_FEDChunks * FEDWidth, 9 | MACPADWidth = MAC_FEDChunks * FEDWidth, 10 | 11 | BFHWidth = `log2(MI_FEDChunks), 12 | BFPWidth = `log2(BlkSize_FEDChunks), 13 | BEPWidth = `log2(BlkSize_FEDChunks + MAC_FEDChunks); // FED chunks in ORAMB + hash 14 | -------------------------------------------------------------------------------- /include/JTAG.vh: -------------------------------------------------------------------------------- 1 | 2 | localparam DBDCWidth = 32, 3 | DBCCWidth = `log2(`divceil(ORAMB, FEDWidth)); // Debug counters 4 | 5 | localparam JTWidth_AES = 3; 6 | 7 | localparam JTWidth_StashCore = 3; 8 | 9 | localparam JTWidth_Stash = 8; 10 | 11 | localparam JTWidth_StashTop = 4; 12 | 13 | localparam JTWidth_BackendCore = 2; 14 | 15 | localparam JTWidth_BackendERR = 1, // error signals 16 | JTWidth_BackendF1 = 6, // PMMAC - BackendCore R/V signals for cmd,store,load 17 | JTWidth_BackendF2 = 8, // BackendCore - AES and AES - DRAM R/V signals 18 | JTWidth_BackendCnt = 2 * DBCCWidth + 4 * DBDCWidth, 19 | JTWidth_BackendCmd = BECMDWidth + ORAMU + 2 * ORAML, // last BEnd command 20 | JTWidth_Backend = JTWidth_BackendERR + 21 | JTWidth_BackendF1 + 22 | JTWidth_BackendF2 + 23 | JTWidth_BackendCnt + 24 | JTWidth_BackendCmd; 25 | 26 | localparam JTWidth_PMMAC = 1; 27 | 28 | localparam JTWidth_UORAM = 1; 29 | 30 | localparam JTWidth_FrontendF1 = 6, // L2 - UORAMController R/V signals for cmd,store,load 31 | JTWidth_FrontendF2 = 6, // UORAMController - PMMAC R/V signals for cmd,store,load 32 | JTWidth_FrontendCnt = 2 * DBDCWidth + 2 * DBDCWidth + 2 * DBCCWidth, // access counters 33 | JTWidth_FrontendCmd = BECMDWidth + ORAMU + DMWidth, // last FEnd command 34 | JTWidth_Frontend = JTWidth_FrontendF1 + 35 | JTWidth_FrontendF2 + 36 | JTWidth_FrontendCnt + 37 | JTWidth_FrontendCmd; 38 | 39 | localparam JTWidth_Traffic = 1; 40 | 41 | localparam JTWidth_Top = 32; // just deadbeef 42 | 43 | localparam JTWidth = JTWidth_AES + 44 | JTWidth_StashCore + 45 | JTWidth_Stash + 46 | JTWidth_StashTop + 47 | JTWidth_BackendCore + 48 | JTWidth_Backend + 49 | JTWidth_PMMAC + 50 | JTWidth_UORAM + 51 | JTWidth_Frontend + 52 | JTWidth_Traffic + 53 | JTWidth_Top; 54 | -------------------------------------------------------------------------------- /include/PLBLocal.vh: -------------------------------------------------------------------------------- 1 | function [31:0] GeoSum; 2 | input [31:0] start, scale, num; 3 | reg [31:0] i, tmp; 4 | begin 5 | GeoSum = 0; 6 | tmp = start; 7 | for (i = 0; i < num; i = i + 1) begin 8 | GeoSum = GeoSum + tmp; 9 | tmp = tmp / scale; 10 | end 11 | end 12 | endfunction 13 | 14 | localparam NumValidBlock = (1 << ORAML) << 2; // shift by 2 -> 50% capacity when Z = 4 15 | 16 | localparam FEORAMBChunks = ORAMB / FEDWidth; 17 | localparam LogFEORAMBChunks = `log2(FEORAMBChunks); 18 | 19 | localparam LeafWidth = PRFPosMap ? AESEntropy : 32; 20 | localparam LeafOutWidth = PRFPosMap ? AESEntropy : ORAML; 21 | 22 | localparam LeafInBlock = ORAMB / LeafWidth; 23 | localparam LogLeafInBlock = `log2f(LeafInBlock); 24 | 25 | localparam TotalNumBlock = GeoSum(NumValidBlock, LeafInBlock, Recursion); 26 | localparam FinalPosMapStart = GeoSum(NumValidBlock, LeafInBlock, Recursion-1); 27 | 28 | localparam FinalPosMapEntry = TotalNumBlock - FinalPosMapStart; 29 | localparam LogFinalPosMapEntry = `log2(FinalPosMapEntry); 30 | 31 | `ifdef SIMULATION 32 | initial begin 33 | $display("Final PMAP width %d %d %d", LogFinalPosMapEntry, Recursion, NumValidBlock); 34 | if (ORAMZ != 4) begin 35 | $display("ERROR: NumValidBlock relies on Z=4"); 36 | $finish; 37 | end 38 | end 39 | `endif 40 | -------------------------------------------------------------------------------- /include/PathORAM.vh: -------------------------------------------------------------------------------- 1 | 2 | localparam PINIT = -1; 3 | 4 | `ifdef PINIT_HEADER 5 | 6 | //-------------------------------------------------------------------------- 7 | // Per-ORAM instance parameters 8 | // This option is for a design with multiple ORAMs with different parameters. 9 | // In that case, pass parameters from outside TinyORAMCore 10 | //-------------------------------------------------------------------------- 11 | 12 | parameter ORAMB = PINIT, 13 | ORAMU = PINIT, 14 | ORAML = PINIT, 15 | ORAMZ = PINIT, 16 | ORAMC = PINIT, 17 | ORAME = PINIT; 18 | 19 | parameter FEDWidth = PINIT, 20 | 21 | BEDWidth = PINIT; 22 | 23 | parameter Overclock = PINIT; 24 | 25 | parameter EnableAES = PINIT, 26 | EnableREW = PINIT, 27 | EnableIV = PINIT; 28 | 29 | parameter DelayedWB = 1'b0; 30 | 31 | `else 32 | 33 | /* TODO: set the parameters like this for the scripted tests 34 | parameter ORAMB = 512, 35 | ORAMU = 32, 36 | ORAML = `ifdef ORAML `ORAML `else 10 `endif, 37 | ORAMZ = `ifdef ORAMZ `ORAMZ `else 5 `endif, 38 | FEDWidth = `ifdef FEDWidth `FEDWidth `else 64 `endif, 39 | BEDWidth = `ifdef BEDWidth `BEDWidth `else 64 `endif; 40 | */ 41 | 42 | parameter ORAMB = 512, // block size in bits 43 | ORAMU = 32, // program addr (at byte-addressable block granularity) width 44 | ORAMZ = 4, // data block slots per bucket 45 | ORAMC = 10, // Number of slots in the stash, _in addition_ to the length of one path 46 | ORAME = 5; // E parameter for REW ORAM (don't care if EnableREW == 0) 47 | 48 | // the number of bits needed to determine a path down the tree (actual # levels is ORAML + 1) 49 | `ifdef SIMULATION_VIVADO 50 | parameter ORAML = 19; // cannot simulate too large an ORAM ; Note: Vivado 2013.4 can handle L = 19 with typical parameters 51 | `else 52 | parameter ORAML = 23; 53 | `endif 54 | 55 | parameter FEDWidth = 64, // data width of frontend busses (reading/writing from/to stash, LLC network interface width) 56 | // This is typically (but doesn't have to be) <= BEDWidth 57 | BEDWidth = 128; // backend datapath width (access latency is \propto Path size / BEDWidth) 58 | 59 | parameter Overclock = 1; // Pipeline various operations inside the stash (needed for 200 Mhz operation) 60 | 61 | parameter EnableAES = 1, // Should ORAM include encryption? (All secure designs should pick 1; 0 is easier to debug) 62 | EnableREW = 0, // Backend mode: 0 - path ORAM with background eviction; 1 - REWORAM with background eviction 63 | EnableIV = 1; // Integrity verification 64 | 65 | parameter DelayedWB = 1'b0; // No reason for delayed WB any more 66 | 67 | `endif 68 | 69 | //-------------------------------------------------------------------------- 70 | // Per-design security settings 71 | //-------------------------------------------------------------------------- 72 | 73 | /* These constants set the security of the system. They should be 74 | specified once per design based on the needs of the design. */ 75 | 76 | // Symmetric encryption 77 | 78 | // Set AESEntropy such that you don't expect to make > 2^AESEntropy ORAM accesses 79 | localparam AESEntropy = 64, // 2^64 ciphertexts = ORAM must run for 100+ years; this should be sufficient for all designs 80 | AESWidth = 128; // We use AES-128 81 | 82 | // Integrity verification 83 | 84 | // Given ORAMH (the HashPreimage width), the ORAM core will ensure that resistance against preimage attacks is >= 2^HashPreimage. Resistance against collisions is correspondingly >= 2^(HashPreimage/2). 85 | localparam ORAMH = 128; // The minimum recommended preimage resistance according to the HMAC spec 86 | localparam HashKeyLength = 128; 87 | 88 | -------------------------------------------------------------------------------- /include/REWAESLocal.vh: -------------------------------------------------------------------------------- 1 | 2 | localparam ROHeader_VUBits = BktHSize_ValidBits + BigUWidth, 3 | //ROHeader_IVBits = TODO add support for IV 4 | ROHeader_RawBits = ROHeader_VUBits,// + ROHeader_IVBits, 5 | 6 | ROHeader_AESChunks = `divceil(ROHeader_RawBits, AESWidth), // # AES chunks per bucket for RO IV 7 | RWHeader_AESChunks = `divceil(BigLWidth, AESWidth), 8 | 9 | Blk_AESChunks = `divceil(ORAMB, AESWidth), 10 | RWPayload_AESChunks = ORAMZ * Blk_AESChunks, // # AES chunks per bucket for Gentry IV 11 | RWBkt_AESChunks = RWHeader_AESChunks + RWPayload_AESChunks, 12 | RWBkt_MaskChunks = `divceil(RWBkt_AESChunks, Blk_AESChunks), // # mask out FIFO commits per bucket 13 | RWPath_AESChunks = RWPayload_AESChunks * (ORAML + 1), 14 | RWPath_MaskChunks = RWBkt_MaskChunks * (ORAML + 1), 15 | ROIWaitSteps = `divceil(DDRDWidth, AESWidth) - RWBkt_AESChunks % `divceil(DDRDWidth, AESWidth), 16 | 17 | CIDWidth = `max(`log2(ROHeader_AESChunks), `log2(RWPayload_AESChunks)) + 1, // + 1 for when it is a power of 2 18 | BIDWidth = ORAML + 1, // Bucket ID width = ORAML + 1, no wasted space in subtree scheme (TODO: add this param to addr gen as well) 19 | SeedSpaceRemaining = AESWidth - AESEntropy - BIDWidth - CIDWidth, 20 | 21 | // *** NOTA BENE *** if you change the REWMaskFIFO depth, you must change this to match 22 | MaskFIFODepth = 512, 23 | InFlightMaskLimit = `divceil(MaskFIFODepth, RWBkt_MaskChunks) - 1 - 1, // -1 to get divfloor(); -1 because we tick the mask count when the _header_ flit is read 24 | IFMWidth = `log2(InFlightMaskLimit); 25 | 26 | localparam AESLatency = 21; // based on tiny_aes + extra stages we add 27 | localparam AESLatencyPlus = 32; // The expected _total_ latency through REWAESCore (factoring in cross clock FIFOs/etc). We prefer 32deep because this best packs LUTRAMs. 28 | 29 | // RO command encodings. Only AESREWORAM needs these. 30 | localparam PCCMDWidth = 1, 31 | PCMD_ROHeader = 1'b0, 32 | PCMD_ROData = 1'b1; 33 | 34 | // Inner command encodings. Only REWAESCore needs these. 35 | // NOTE: If you change the encoding, make sure to change ACMDROBit, ACMDRWBit as well! 36 | localparam ACCMDWidth = 2, 37 | ACMDROBit = 0, // Bit position that distinguishes RO commands 38 | ACMDRWBit = 1, // Bit position that distinguishes RO from RW accesses 39 | CMD_ROHeader = {1'b0, PCMD_ROHeader}, 40 | CMD_ROData = {1'b0, PCMD_ROData}, 41 | CMD_RWData = 2'b10; -------------------------------------------------------------------------------- /include/StashLocal.vh: -------------------------------------------------------------------------------- 1 | 2 | `ifdef SIMULATION 3 | initial begin 4 | if (ORAMB == PINIT || 5 | ORAMU == PINIT || 6 | ORAML == PINIT || 7 | ORAMZ == PINIT || 8 | BEDWidth == PINIT || 9 | EnableIV == PINIT) begin 10 | $display("[%m] ERROR: parameter uninitialized."); 11 | $finish; 12 | end 13 | end 14 | `endif 15 | 16 | localparam ORAMLP1 = ORAML + 1; // the actual number of levels 17 | localparam BktAWidth = `log2(ORAMLP1); // bucket lookup 18 | localparam BlocksOnPath = ORAMLP1 * ORAMZ; 19 | localparam StashCapacity = BlocksOnPath + ORAMC; // including the path ... 20 | localparam SNULL = StashCapacity; // an invalid stash location 21 | localparam BASEDUMMY = 32'hdeaf9999; 22 | localparam DummyHash = {ORAMH{1'b1}}; 23 | localparam DummyBlockAddress = (ORAMU > 32) ? { {ORAMU{1'b0}}, BASEDUMMY} : BASEDUMMY[ORAMU-1:0]; 24 | localparam DummyLeafLabel = (ORAML > 32) ? { {ORAML{1'b0}}, BASEDUMMY} : BASEDUMMY[ORAML-1:0]; 25 | localparam DummyBlock = {BEDWidth{1'b0}}; 26 | 27 | localparam NumChunks = ORAMB / BEDWidth; 28 | localparam ChnkAWidth = `max(1, `log2(NumChunks)); 29 | localparam SEAWidth = `log2(StashCapacity); // Stash entry address width (into header-based memories) 30 | localparam SDAWidth = SEAWidth + ChnkAWidth; // addr width into data-based memories 31 | localparam SHDWidth = ORAMU + ORAML + ((EnableIV) ? ORAMH : 0); // Stash header width 32 | 33 | localparam STAWidth = `log2(BlocksOnPath); // ScanTable Address Width 34 | localparam STAP1Width = STAWidth + 1; 35 | 36 | localparam BCWidth = `log2(ORAMZ) + 1; // need +1 to account for full buckets 37 | localparam BCLWidth = ORAMLP1 * BCWidth; // bitvector of bucket counts 38 | 39 | localparam ScanTableLatency = (Overclock) ? 4 : 0; // = total latency through ScanTable [count the number of mpipe_X instances] 40 | localparam ScanDelay = ORAMC + ScanTableLatency + 2*ORAME; 41 | localparam SCWidth = `max(1, `log2(ScanDelay)); 42 | -------------------------------------------------------------------------------- /include/TrafficGenLocal.vh: -------------------------------------------------------------------------------- 1 | 2 | // Traffic Gen 3 | 4 | localparam TCMDWidth = 8, 5 | DBaseWidth = 32, 6 | TimeWidth = 32; 7 | 8 | localparam THPWidth = TCMDWidth + ORAMU + DBaseWidth + TimeWidth, 9 | TCMD_Update = {{TCMDWidth - BECMDWidth{1'b0}}, BECMD_Update}, 10 | TCMD_Append = {{TCMDWidth - BECMDWidth{1'b0}}, BECMD_Append}, 11 | TCMD_Read = {{TCMDWidth - BECMDWidth{1'b0}}, BECMD_Read}, 12 | TCMD_ReadRmv = {{TCMDWidth - BECMDWidth{1'b0}}, BECMD_ReadRmv}, 13 | TCMD_Fill = 8'haf, 14 | TCMD_CmdLin_AddrLin = 8'hbf, 15 | TCMD_CmdLin_AddrRnd = 8'hcf, 16 | TCMD_CmdRnd_AddrLin = 8'hdf, 17 | TCMD_CmdRnd_AddrRnd = 8'hef, 18 | TCMD_Start = 8'hff; 19 | 20 | // Dummy Gen 21 | 22 | localparam DummyGenLeaf = {ORAML{1'b0}}; 23 | -------------------------------------------------------------------------------- /include/UORAM.vh: -------------------------------------------------------------------------------- 1 | `ifdef PINIT_HEADER 2 | parameter Recursion = -1; 3 | parameter EnablePLB = -1, 4 | PLBCapacity = -1; // in bits 5 | parameter PRFPosMap = -1; 6 | `else 7 | parameter EnablePLB = 1, 8 | PLBCapacity = 8192 << 3; // in bits 9 | parameter PRFPosMap = 1; 10 | parameter Recursion = `divceil(ORAML + 2 - 10, 4 - PRFPosMap) + 1; // recursive until < 1024 entries in PosMap 11 | `endif 12 | 13 | localparam FakePattern = 32'h00af1234; -------------------------------------------------------------------------------- /integrity/Keccak_WF.v: -------------------------------------------------------------------------------- 1 | 2 | //============================================================================== 3 | // Module: Keccak_WF 4 | // Desc: A Keccak unit wrapped with ready-valid interface on both input and output 5 | // Input has a funnel. Hash input has a fixed amount of chunks 6 | //============================================================================== 7 | `include "Const.vh" 8 | 9 | module Keccak_WF ( 10 | Clock, Reset, 11 | DataInReady, DataInValid, DataIn, 12 | HashOutReady, HashOutValid, HashOut 13 | ); 14 | 15 | parameter IWidth = 512; 16 | parameter HashByteCount = 1; 17 | parameter HashOutWidth = 512; 18 | 19 | parameter KeyLength = 0; 20 | parameter Key = 0; 21 | 22 | localparam HashInWidth = 128; 23 | 24 | localparam NumKeyChunk = `divceil(KeyLength, HashInWidth); 25 | localparam LogNumKeyChunk = `log2(NumKeyChunk+1); 26 | 27 | input Clock, Reset; 28 | 29 | output DataInReady; 30 | input DataInValid; 31 | input [IWidth-1:0] DataIn; 32 | 33 | input HashOutReady; 34 | output HashOutValid; 35 | output [HashOutWidth-1:0] HashOut; 36 | 37 | // hash size param 38 | localparam HashChunkInByte = HashInWidth / 8; 39 | localparam HashChunkCount = HashByteCount / HashChunkInByte + 1; 40 | localparam BytesInLastChunk = HashByteCount % HashChunkInByte; 41 | // if a multiple of chunks, need to add one more empty chunk 42 | 43 | // hash in and out data path 44 | wire HashFunnelOutValid, HashFunnelOutReady, HashInValid, HashInReady; 45 | wire [HashInWidth-1:0] HashFunnelOut, HashIn; 46 | 47 | wire PrependingKey; 48 | wire [HashInWidth-1:0] KeyChunk; 49 | 50 | 51 | wire LastChunk, HashBufFull, HashBusy, HashReset; 52 | wire LastBut2Chunk, LastEmptyChunk; 53 | 54 | // Funnel --> HashEngine, controlled by a CounterAlarm 55 | 56 | FIFOShiftRound #( .IWidth( IWidth), 57 | .OWidth( HashInWidth), 58 | .Class1( 1)) // Hopefully this serves as a input Register 59 | HashInFunnel( .Clock( Clock), 60 | .Reset( Reset), 61 | .InData( DataIn), 62 | .InValid( DataInValid), 63 | .InAccept( DataInReady), 64 | .OutData( HashFunnelOut), 65 | .OutValid( HashFunnelOutValid), 66 | .OutReady( HashFunnelOutReady) 67 | ); 68 | 69 | // register at in/out to improve timing 70 | wire HashOutValid_pre; 71 | wire [HashOutWidth-1:0] HashOut_pre; 72 | Pipeline #(.Width(HashOutWidth), .Stages(1)) 73 | hash_out_pipe (Clock, 1'b0, HashOut_pre, HashOut); 74 | Pipeline #(.Width(1), .Stages(1)) 75 | hash_out_valid_reg (Clock, HashReset, HashOutValid_pre, HashOutValid); 76 | 77 | // instantiate the hash engine 78 | keccak #(1600, 2 * HashOutWidth, HashInWidth) 79 | HashEngine ( .clk( Clock), 80 | .reset( HashReset), 81 | .in( HashIn), 82 | .in_ready( HashInValid), 83 | .is_last( LastChunk), 84 | .byte_num( BytesInLastChunk[3:0]), 85 | .buffer_full( HashBufFull), 86 | .out( HashOut_pre), 87 | .out_ready( HashOutValid_pre) 88 | ); 89 | /* 90 | // unsuccessful attemp in mixing with VHDL 91 | wire [1:0] hashinreadytemp; 92 | wire hashoutreadytemp; 93 | wire [63:0] hashouttmp; 94 | 95 | wrapper_impl 96 | HashEngine_test ( .clk( Clock), 97 | .rst( HashReset), 98 | .ext_din( HashIn), 99 | .ext_src_ready( {HashInValid, HashInValid}), 100 | .ext_src_read( hashinreadytemp), 101 | .ext_dout( hashouttmp), 102 | .ext_dst_write( hashoutreadytemp), 103 | .ext_dst_ready( HashOutValid_pre) 104 | ); 105 | */ 106 | CountAlarm # ( .Threshold(HashChunkCount), 107 | .IThreshold(HashChunkCount - 1)) 108 | ChunkCtr ( .Clock( Clock), 109 | .Reset( Reset), 110 | .Enable( HashInValid && HashInReady), 111 | .Intermediate( LastBut2Chunk), 112 | .Done( LastChunk) 113 | ); 114 | 115 | generate if (NumKeyChunk > 0) begin: HMAC 116 | wire [LogNumKeyChunk-1:0] KeyChunkIdx; 117 | 118 | Counter #( .Width( LogNumKeyChunk)) 119 | KeyChunkCtr ( .Clock( Clock), 120 | .Reset( HashReset), 121 | .Enable( PrependingKey && HashInReady), 122 | .Count( KeyChunkIdx), 123 | .Set(1'b0), .Load(1'b0), .In({LogNumKeyChunk{1'bx}}) 124 | ); 125 | 126 | assign PrependingKey = KeyChunkIdx < NumKeyChunk; 127 | assign KeyChunk = Key >> ( KeyChunkIdx * HashInWidth ); 128 | end 129 | else begin : NO_HMAC 130 | assign PrependingKey = 0; 131 | end endgenerate 132 | 133 | // TODO this is needed to satisfy Keccak padding 134 | // Do something about it 135 | assign LastEmptyChunk = 1'b0;//LastBut2Chunk && !BytesInLastChunk; 136 | 137 | assign HashIn = PrependingKey ? KeyChunk : HashFunnelOut; 138 | assign HashInReady = !HashBusy && !HashBufFull; 139 | assign HashInValid = HashFunnelOutValid || LastEmptyChunk || PrependingKey; 140 | assign HashFunnelOutReady = HashInReady && !LastEmptyChunk && !PrependingKey; 141 | 142 | Register #(.Width(1)) Hash (Clock, HashReset, LastChunk, 1'b0, 1'bx, HashBusy); 143 | assign HashReset = Reset || (HashOutValid && HashOutReady); 144 | 145 | endmodule 146 | 147 | -------------------------------------------------------------------------------- /integrity/core_ip/Keccak512/f_permutation.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | /* if "ack" is 1, then current input has been used. */ 18 | 19 | module f_permutation(clk, reset, in, in_ready, ack, out, out_ready); 20 | parameter f = 1600; 21 | parameter c = 1024; 22 | 23 | localparam r = f - c; 24 | 25 | input clk, reset; 26 | input [r-1:0] in; 27 | input in_ready; 28 | output ack; 29 | output reg [f-1:0] out; 30 | output reg out_ready; 31 | 32 | reg [10:0] i; /* select round constant */ 33 | wire [f-1:0] round_in, round_out; 34 | wire [63:0] rc1, rc2; 35 | wire update; 36 | wire accept; 37 | reg calc; /* == 1: calculating rounds */ 38 | 39 | assign accept = in_ready & (~ calc); // in_ready & (i == 0) 40 | 41 | always @ (posedge clk) 42 | if (reset) i <= 0; 43 | else i <= {i[9:0], accept}; 44 | 45 | always @ (posedge clk) 46 | if (reset) calc <= 0; 47 | else calc <= (calc & (~ i[10])) | accept; 48 | 49 | assign update = calc | accept; 50 | 51 | assign ack = accept; 52 | 53 | always @ (posedge clk) 54 | if (reset) 55 | out_ready <= 0; 56 | else if (accept) 57 | out_ready <= 0; 58 | else if (i[10]) // only change at the last round 59 | out_ready <= 1; 60 | 61 | assign round_in = accept ? {in ^ out[f-1:f-r], out[f-r-1:0]} : out; 62 | 63 | rconst2in1 64 | rconst_ ({i, accept}, rc1, rc2); 65 | 66 | round2in1 67 | round_ (round_in, rc1, rc2, round_out); 68 | 69 | always @ (posedge clk) 70 | if (reset) 71 | out <= 0; 72 | else if (update) 73 | out <= round_out; 74 | endmodule 75 | -------------------------------------------------------------------------------- /integrity/core_ip/Keccak512/keccak.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | /* "is_last" == 0 means byte number is 8, no matter what value "byte_num" is. */ 18 | /* if "in_ready" == 0, then "is_last" should be 0. */ 19 | /* the user switch to next "in" only if "ack" == 1. */ 20 | 21 | `define low_pos(w,b) ((w)*64 + (b)*8) 22 | `define low_pos2(w,b) `low_pos(w,7-b) 23 | `define high_pos(w,b) (`low_pos(w,b) + 7) 24 | `define high_pos2(w,b) (`low_pos2(w,b) + 7) 25 | 26 | module keccak(clk, reset, in, in_ready, is_last, byte_num, buffer_full, out, out_ready); 27 | parameter f = 1600; 28 | parameter c = 1024; 29 | 30 | localparam r = f - c; 31 | localparam c2 = c / 2; 32 | 33 | parameter IW = 64; 34 | // localparam BytesInChunk = IW / 8; 35 | localparam ChunkInFIn = r / 64; // this 64 has nothing to do with IW! Do not change! 36 | localparam ChunkInFOut = f / 64; 37 | 38 | `ifdef SIMULATION 39 | initial begin 40 | if (r % IW != 0) begin 41 | $display("IW does not divide r. Don't know what to do"); 42 | $finish; 43 | end 44 | if (f != 1600) begin 45 | $display("f != 1600, not supported"); 46 | $finish; 47 | end 48 | end 49 | `endif 50 | 51 | input clk, reset; 52 | input [IW-1:0] in; 53 | input in_ready, is_last; 54 | input [3:0] byte_num; 55 | output buffer_full; // to "user" module 56 | output [c2-1:0] out; 57 | output reg out_ready; 58 | 59 | reg state; // state == 1: user has sent all data 60 | wire [r-1:0] padder_out, padder_out_pre, f_in; // padder_out is padder_out_pre reordered 61 | wire padder_out_valid, padder_out_ready, f_in_valid; 62 | wire f_ack; 63 | wire [f-1:0] f_out, f_out1; // // f_out1 is f_out reordered 64 | wire f_out_ready; 65 | reg [10:0] i; /* gen "out_ready" */ 66 | 67 | 68 | assign out = f_out1[f-1:f-c2]; 69 | 70 | always @ (posedge clk) 71 | if (reset) 72 | i <= 0; 73 | else 74 | i <= {i[9:0], state & f_ack}; 75 | 76 | always @ (posedge clk) 77 | if (reset) 78 | state <= 0; 79 | else if (is_last && in_ready && !buffer_full) 80 | state <= 1; 81 | 82 | // reorder byte ~ ~ 83 | genvar w, b; 84 | generate 85 | for(w = 0; w < ChunkInFOut; w = w+1) begin:OUT_REORDER_1 86 | for(b = 0; b < 8; b = b+1) begin:OUT_REORDER_2 87 | assign f_out1[`high_pos(w,b):`low_pos(w,b)] = f_out[`high_pos2(w,b):`low_pos2(w,b)]; 88 | end 89 | end endgenerate 90 | 91 | generate 92 | for(w = 0; w < ChunkInFIn; w = w+1) begin:IN_REORDER_1 93 | for(b = 0; b < 8; b = b+1) begin:IN_REORDER_2 94 | assign padder_out[`high_pos(w,b):`low_pos(w,b)] = padder_out_pre[`high_pos2(w,b):`low_pos2(w,b)]; 95 | end 96 | end endgenerate 97 | 98 | always @ (posedge clk) 99 | if (reset) 100 | out_ready <= 0; 101 | else if (i[10]) 102 | out_ready <= 1; 103 | 104 | padder #(f, c, IW) 105 | padder_ (clk, reset, in, in_ready, is_last, byte_num, buffer_full, padder_out_pre, padder_out_valid, padder_out_ready); 106 | 107 | FIFORegister #( .Width( r), 108 | .BWLatency( 1)) 109 | padder_reg ( .Clock( clk), 110 | .Reset( reset), 111 | .InData( padder_out), 112 | .InValid( padder_out_valid), 113 | .InAccept( padder_out_ready), 114 | .OutData( f_in), 115 | .OutSend( f_in_valid), 116 | .OutReady( f_ack) 117 | ); 118 | 119 | f_permutation #(f, c) 120 | f_permutation_ (clk, reset, f_in, f_in_valid, f_ack, f_out, f_out_ready); 121 | endmodule 122 | 123 | `undef low_pos 124 | `undef low_pos2 125 | `undef high_pos 126 | `undef high_pos2 127 | -------------------------------------------------------------------------------- /integrity/core_ip/Keccak512/padder.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | /* "is_last" == 0 means byte number is 8, no matter what value "byte_num" is. */ 18 | /* if "in_ready" == 0, then "is_last" should be 0. */ 19 | /* the user switch to next "in" only if "ack" == 1. */ 20 | 21 | module padder(clk, reset, in, in_ready, is_last, byte_num, buffer_full, out, out_ready, f_ack); 22 | 23 | parameter f = 1600; 24 | parameter c = 1024; 25 | 26 | localparam r = f - c; 27 | localparam c2 = c / 2; 28 | 29 | parameter IW = 64; 30 | localparam ChunkInFIn = r / IW; 31 | 32 | input clk, reset; 33 | input [IW-1:0] in; 34 | input in_ready, is_last; 35 | input [3:0] byte_num; 36 | output buffer_full; /* to "user" module */ 37 | output reg [r-1:0] out; /* to "f_permutation" module */ 38 | output out_ready; /* to "f_permutation" module */ 39 | input f_ack; /* from "f_permutation" module */ 40 | 41 | reg state; /* state == 0: user will send more input data 42 | * state == 1: user will not send any data */ 43 | reg done; /* == 1: out_ready should be 0 */ 44 | reg [ChunkInFIn-1:0] i; /* length of "out" buffer */ 45 | wire [IW-1:0] v0; /* output of module "padder1" */ 46 | reg [IW-1:0] v1; /* to be shifted into register "out" */ 47 | wire update; 48 | 49 | assign buffer_full = i[ChunkInFIn-1]; 50 | assign out_ready = buffer_full; 51 | assign update = (in_ready | state) & (~ buffer_full) & (~ done); 52 | 53 | always @ (posedge clk) 54 | if (update) 55 | out <= {out[r-1-IW:0], v1}; 56 | 57 | always @ (posedge clk) 58 | if (reset || (f_ack && out_ready)) 59 | i <= {ChunkInFIn{1'b0}}; 60 | else if (update) 61 | i <= {i[ChunkInFIn-2:0], 1'b1}; 62 | 63 | always @ (posedge clk) 64 | if (reset) 65 | state <= 0; 66 | else if (in_ready && is_last && !buffer_full) 67 | state <= 1; 68 | 69 | always @ (posedge clk) 70 | if (reset) 71 | done <= 0; 72 | else if (state & out_ready) 73 | done <= 1; 74 | 75 | localparam USE_10Pad = 0; 76 | generate if (USE_10Pad) begin:TENP 77 | padder1 #(IW) 78 | p0 (in, byte_num, v0); 79 | end else begin:TENPASS 80 | assign v0 = {IW{1'b0}}; 81 | end endgenerate 82 | 83 | 84 | always @ (*) 85 | if (state || is_last) begin 86 | v1 = state ? {IW{1'b0}} : v0; 87 | v1[7] = v1[7] | i[ChunkInFIn-2]; /* "v1[7]" is the MSB of its last byte */ 88 | end 89 | else 90 | v1 = in; 91 | 92 | endmodule 93 | -------------------------------------------------------------------------------- /integrity/core_ip/Keccak512/padder1.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | module padder1(in, byte_num, out); 18 | parameter IW = 64; 19 | 20 | input [IW-1:0] in; 21 | input [3:0] byte_num; 22 | output reg [IW-1:0] out; 23 | 24 | generate if (IW == 64) begin:IW64 25 | 26 | always @ (*) 27 | case (byte_num) 28 | 0: out = { 8'h01, {(IW-8*1){1'b0}}}; 29 | 1: out = {in[IW-1:IW-8*1], 8'h01, {(IW-8*2){1'b0}}}; 30 | 2: out = {in[IW-1:IW-8*2], 8'h01, {(IW-8*3){1'b0}}}; 31 | 3: out = {in[IW-1:IW-8*3], 8'h01, {(IW-8*4){1'b0}}}; 32 | 4: out = {in[IW-1:IW-8*4], 8'h01, {(IW-8*5){1'b0}}}; 33 | 5: out = {in[IW-1:IW-8*5], 8'h01, {(IW-8*6){1'b0}}}; 34 | 6: out = {in[IW-1:IW-8*6], 8'h01, {(IW-8*7){1'b0}}}; 35 | 7: out = {in[IW-1:IW-8*7], 8'h01, {(IW-8*8){1'b0}}}; 36 | endcase 37 | 38 | end else if (IW == 128) begin:IW128 39 | 40 | always @ (*) 41 | case (byte_num) 42 | 0: out = { 8'h01, {(IW-8*1){1'b0}}}; 43 | 1: out = {in[IW-1:IW-8*1], 8'h01, {(IW-8*2){1'b0}}}; 44 | 2: out = {in[IW-1:IW-8*2], 8'h01, {(IW-8*3){1'b0}}}; 45 | 3: out = {in[IW-1:IW-8*3], 8'h01, {(IW-8*4){1'b0}}}; 46 | 4: out = {in[IW-1:IW-8*4], 8'h01, {(IW-8*5){1'b0}}}; 47 | 5: out = {in[IW-1:IW-8*5], 8'h01, {(IW-8*6){1'b0}}}; 48 | 6: out = {in[IW-1:IW-8*6], 8'h01, {(IW-8*7){1'b0}}}; 49 | 7: out = {in[IW-1:IW-8*7], 8'h01, {(IW-8*8){1'b0}}}; 50 | 8: out = {in[IW-1:IW-8*8], 8'h01, {(IW-8*9){1'b0}}}; 51 | 9: out = {in[IW-1:IW-8*9], 8'h01, {(IW-8*10){1'b0}}}; 52 | 10: out = {in[IW-1:IW-8*10], 8'h01, {(IW-8*11){1'b0}}}; 53 | 11: out = {in[IW-1:IW-8*11], 8'h01, {(IW-8*12){1'b0}}}; 54 | 12: out = {in[IW-1:IW-8*12], 8'h01, {(IW-8*13){1'b0}}}; 55 | 13: out = {in[IW-1:IW-8*13], 8'h01, {(IW-8*14){1'b0}}}; 56 | 14: out = {in[IW-1:IW-8*14], 8'h01, {(IW-8*15){1'b0}}}; 57 | 15: out = {in[IW-1:IW-8*15], 8'h01, {(IW-8*16){1'b0}}}; 58 | endcase 59 | 60 | end else begin:PASS 61 | `ifdef SIMULATION 62 | initial begin 63 | $display("IW not 64 or 128, not supported"); 64 | $finish; 65 | end 66 | `endif 67 | end endgenerate 68 | endmodule 69 | -------------------------------------------------------------------------------- /integrity/core_ip/Keccak512/rconst2in1.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | /* round constant (2 in 1 ~ ~) */ 18 | module rconst2in1(i, rc1, rc2); 19 | input [11:0] i; 20 | output [63:0] rc1, rc2; 21 | reg [63:0] rc1, rc2; 22 | 23 | always @ (i) 24 | begin 25 | rc1 = 0; 26 | rc1[0] = i[0] | i[2] | i[3] | i[5] | i[6] | i[7] | i[10] | i[11]; 27 | rc1[1] = i[1] | i[2] | i[4] | i[6] | i[8] | i[9]; 28 | rc1[3] = i[1] | i[2] | i[4] | i[5] | i[6] | i[7] | i[9]; 29 | rc1[7] = i[1] | i[2] | i[3] | i[4] | i[6] | i[7] | i[10]; 30 | rc1[15] = i[1] | i[2] | i[3] | i[5] | i[6] | i[7] | i[8] | i[9] | i[10]; 31 | rc1[31] = i[3] | i[5] | i[6] | i[10] | i[11]; 32 | rc1[63] = i[1] | i[3] | i[7] | i[8] | i[10]; 33 | end 34 | 35 | always @ (i) 36 | begin 37 | rc2 = 0; 38 | rc2[0] = i[2] | i[3] | i[6] | i[7]; 39 | rc2[1] = i[0] | i[5] | i[6] | i[7] | i[9]; 40 | rc2[3] = i[3] | i[4] | i[5] | i[6] | i[9] | i[11]; 41 | rc2[7] = i[0] | i[4] | i[6] | i[8] | i[10]; 42 | rc2[15] = i[0] | i[1] | i[3] | i[7] | i[10] | i[11]; 43 | rc2[31] = i[1] | i[2] | i[5] | i[9] | i[11]; 44 | rc2[63] = i[1] | i[3] | i[6] | i[7] | i[8] | i[9] | i[10] | i[11]; 45 | end 46 | endmodule 47 | -------------------------------------------------------------------------------- /integrity/core_ip/Keccak512/simulation.do: -------------------------------------------------------------------------------- 1 | vlib work 2 | vlog -lint ../rtl/*.v 3 | vlog -lint *.v 4 | vsim -novopt test_keccak 5 | add wave -noupdate -format Logic -radix unsigned /test_keccak/clk 6 | add wave -noupdate -format Logic -radix unsigned /test_keccak/reset 7 | add wave -noupdate -divider input 8 | add wave -noupdate -format Literal -radix hexadecimal /test_keccak/in 9 | add wave -noupdate -format Literal -radix unsigned /test_keccak/byte_num 10 | add wave -noupdate -format Literal -radix unsigned /test_keccak/in_ready 11 | add wave -noupdate -format Literal -radix unsigned /test_keccak/is_last 12 | add wave -noupdate -divider output 13 | add wave -noupdate -format Literal -radix unsigned /test_keccak/ack 14 | add wave -noupdate -format Literal -radix hexadecimal /test_keccak/out 15 | add wave -noupdate -format Literal -radix unsigned /test_keccak/out_ready 16 | run -all 17 | -------------------------------------------------------------------------------- /integrity/core_ip/Keccak512/test_f_permutation.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | /* test "f permutation". 18 | * write a block, wait 3 cycles, write another block, do not wait, write the third block */ 19 | 20 | `timescale 1ns / 1ps 21 | `define P 20 22 | 23 | module test_f_permutation; 24 | 25 | // Inputs 26 | reg clk; 27 | reg reset; 28 | reg [575:0] in; 29 | reg in_ready; 30 | 31 | // Outputs 32 | wire ack; 33 | wire [1599:0] out; 34 | wire out_ready; 35 | 36 | integer i; 37 | 38 | // Instantiate the Unit Under Test (UUT) 39 | f_permutation uut ( 40 | .clk(clk), 41 | .reset(reset), 42 | .in(in), 43 | .in_ready(in_ready), 44 | .ack(ack), 45 | .out(out), 46 | .out_ready(out_ready) 47 | ); 48 | 49 | initial begin 50 | // Initialize Inputs 51 | clk = 0; 52 | reset = 1; 53 | in = 0; 54 | in_ready = 0; 55 | 56 | // Wait 100 ns for global reset to finish 57 | #100; 58 | 59 | // Add stimulus here 60 | @ (negedge clk); 61 | if (out !== 0) error; /* should be 0 */ 62 | if (ack !== 0) error; /* should be 0 */ 63 | if (out_ready !== 0) error; /* should be 0 */ 64 | 65 | #(`P); 66 | reset = 0; 67 | in = 0; 68 | in_ready = 1; 69 | #(`P); 70 | if (out_ready !== 0) error; /* should be 0 */ 71 | in_ready = 0; 72 | 73 | /* check 1~10-th cycles */ 74 | for(i=0; i<10; i=i+1) 75 | begin 76 | if (out === 0) error; /* should not be 0 */ 77 | if (ack !== 0) error; /* should be 0 */ 78 | if (out_ready !== 0) error; /* should be 0 */ 79 | #(`P); 80 | end 81 | 82 | /* check the 11-th cycle */ 83 | if (out === 0) error; /* should not be 0 */ 84 | if (ack !== 0) error; /* should be 0 */ 85 | if (out_ready !== 0) error; /* should be 0 */ 86 | #(`P); 87 | 88 | /* check the 12-th cycle */ 89 | #(`P); /* wait out */ 90 | if (out_ready !== 1) error; /* should be 1 */ 91 | if(out !== 1600'hf1258f7940e1dde784d5ccf933c0478ad598261ea65aa9eebd1547306f80494d8b284e056253d057ff97a42d7f8e6fd490fee5a0a44647c48c5bda0cd6192e76ad30a6f71b19059c30935ab7d08ffc64eb5aa93f2317d635a9a6e6260d71210381a57c16dbcf555f43b831cd0347c82601f22f1a11a5569f05e5635a21d9ae6164befef28cc970f2613670957bc46611b87c5a554fd00ecb8c3ee88a1ccf32c8940c7922ae3a26141841f924a2c509e416f53526e70465c275f644e97f30a13beaf1ff7b5ceca249) error; 92 | 93 | #(3*`P); /* wait more cycles */ 94 | if (out_ready !== 1) error; /* should be 1 */ 95 | /* "out" should not change */ 96 | if(out !== 1600'hf1258f7940e1dde784d5ccf933c0478ad598261ea65aa9eebd1547306f80494d8b284e056253d057ff97a42d7f8e6fd490fee5a0a44647c48c5bda0cd6192e76ad30a6f71b19059c30935ab7d08ffc64eb5aa93f2317d635a9a6e6260d71210381a57c16dbcf555f43b831cd0347c82601f22f1a11a5569f05e5635a21d9ae6164befef28cc970f2613670957bc46611b87c5a554fd00ecb8c3ee88a1ccf32c8940c7922ae3a26141841f924a2c509e416f53526e70465c275f644e97f30a13beaf1ff7b5ceca249) error; 97 | 98 | in_ready = 1; /* feed in one more block */ 99 | in = 0; 100 | #(`P); 101 | if (out_ready !== 0) error; /* should be 0 */ 102 | in_ready = 0; 103 | 104 | while (out_ready !== 1) 105 | #(`P); 106 | if(out !== 1600'h2d5c954df96ecb3c6a332cd07057b56d093d8d1270d76b6c8a20d9b25569d0944f9c4f99e5e7f156f957b9a2da65fb3885773dae1275af0dfaf4f247c3d810f71f1b9ee6f79a8759e4fecc0fee98b42568ce61b6b9ce68a1deea66c4ba8f974f33c43d836eafb1f5e00654042719dbd97cf8a9f009831265fd5449a6bf17474397ddad33d8994b4048ead5fc5d0be774e3b8c8ee55b7b03c91a0226e649e42e9900e3129e7badd7b202a9ec5faa3cce85b3402464e1c3db6609f4e62a44c105920d06cd26a8fbf5c) error; 107 | 108 | /* no wait, feed in one more block */ 109 | in_ready = 1; 110 | #(`P); 111 | if (out_ready !== 0) error; /* should be 0 */ 112 | in_ready = 0; 113 | 114 | while (out_ready !== 1) 115 | #(`P); 116 | if(out !== 1600'h55eabb80767d364686c354c8d01cbace9452d254b0979b3dde59422be2c66f16c660e4f2d4d8212e78414f691b639bb3cbb20f9f1b22e381cf16da5fac2da63f83c0b76552d95f7c44efc84eaf017e1548d380ff3e532c9592436ec5c5e02f05bde57ca1ee8de7e9240970468a1fd1b012a978439cbb7686d26b59fcceff8b4dd2aa0f472110fff87bd44abf53f72551e15ad2b722d00bb7c56095932c792c459e02d1766ad3a79c312f2da72ada4ec368b9f274a8d7d6b92b7239f7e51eea1eb6947f6894d77aeb) error; 117 | 118 | $display("Good!"); 119 | $finish; 120 | end 121 | 122 | always #(`P/2) clk = ~ clk; 123 | 124 | task error; 125 | begin 126 | $display("Error!"); 127 | $finish; 128 | end 129 | endtask 130 | endmodule 131 | 132 | `undef P 133 | -------------------------------------------------------------------------------- /integrity/core_ip/Keccak512/test_padder.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | `timescale 1ns / 1ps 18 | `define P 20 19 | 20 | module test_padder; 21 | 22 | // Inputs 23 | reg clk; 24 | reg reset; 25 | reg [63:0] in; 26 | reg in_ready; 27 | reg is_last; 28 | reg [2:0] byte_num; 29 | reg f_ack; 30 | 31 | // Outputs 32 | wire buffer_full; 33 | wire [575:0] out; 34 | wire out_ready; 35 | 36 | // Var 37 | integer i; 38 | 39 | // Instantiate the Unit Under Test (UUT) 40 | padder uut ( 41 | .clk(clk), 42 | .reset(reset), 43 | .in(in), 44 | .in_ready(in_ready), 45 | .is_last(is_last), 46 | .byte_num(byte_num), 47 | .buffer_full(buffer_full), 48 | .out(out), 49 | .out_ready(out_ready), 50 | .f_ack(f_ack) 51 | ); 52 | 53 | initial begin 54 | // Initialize Inputs 55 | clk = 0; 56 | reset = 1; 57 | in = 0; 58 | in_ready = 0; 59 | is_last = 0; 60 | byte_num = 0; 61 | f_ack = 0; 62 | 63 | // Wait 100 ns for global reset to finish 64 | #100; 65 | 66 | // Add stimulus here 67 | @ (negedge clk); 68 | 69 | // pad an empty string, should not eat next input 70 | reset = 1; #(`P); reset = 0; 71 | #(7*`P); // wait some cycles 72 | if (buffer_full !== 0) error; 73 | in_ready = 1; 74 | is_last = 1; 75 | #(`P); 76 | in_ready = 1; // next input 77 | is_last = 1; 78 | #(`P); 79 | in_ready = 0; 80 | is_last = 0; 81 | 82 | while (out_ready !== 1) 83 | #(`P); 84 | check({8'h1, 560'h0, 8'h80}); 85 | f_ack = 1; #(`P); f_ack = 0; 86 | for(i=0; i<5; i=i+1) 87 | begin 88 | #(`P); 89 | if (buffer_full !== 0) error; // should be 0 90 | end 91 | 92 | // pad an (576-8) bit string 93 | reset = 1; #(`P); reset = 0; 94 | #(4*`P); // wait some cycles 95 | in_ready = 1; 96 | byte_num = 7; /* should have no effect */ 97 | is_last = 0; 98 | for (i=0; i<8; i=i+1) 99 | begin 100 | in = 64'h1234567890ABCDEF; 101 | #(`P); 102 | end 103 | is_last = 1; 104 | #(`P); 105 | in_ready = 0; 106 | is_last = 0; 107 | check({ {8{64'h1234567890ABCDEF}}, 64'h1234567890ABCD81 }); 108 | 109 | // pad an (576-64) bit string 110 | reset = 1; #(`P); reset = 0; 111 | // don't wait any cycle 112 | in_ready = 1; 113 | byte_num = 7; /* should have no effect */ 114 | is_last = 0; 115 | for (i=0; i<8; i=i+1) 116 | begin 117 | in = 64'h1234567890ABCDEF; 118 | #(`P); 119 | end 120 | is_last = 1; 121 | byte_num = 0; 122 | #(`P); 123 | in_ready = 0; 124 | is_last = 0; 125 | check({ {8{64'h1234567890ABCDEF}}, 64'h0100000000000080 }); 126 | 127 | // pad an (576*2-16) bit string 128 | reset = 1; #(`P); reset = 0; 129 | in_ready = 1; 130 | byte_num = 7; /* should have no effect */ 131 | is_last = 0; 132 | for (i=0; i<9; i=i+1) 133 | begin 134 | in = 64'h1234567890ABCDEF; 135 | #(`P); 136 | end 137 | if (out_ready !== 1) error; 138 | check({9{64'h1234567890ABCDEF}}); 139 | #(`P/2); 140 | if (buffer_full !== 1) error; // should not eat 141 | #(`P/2); 142 | in = 64'h999; // should not eat this 143 | #(`P/2); 144 | if (buffer_full !== 1) error; // should not eat 145 | #(`P/2); 146 | f_ack = 1; #(`P); f_ack = 0; 147 | if (out_ready !== 0) error; 148 | // feed next (576-16) bit 149 | for (i=0; i<8; i=i+1) 150 | begin 151 | in = 64'h1234567890ABCDEF; #(`P); 152 | end 153 | byte_num = 6; 154 | is_last = 1; 155 | in = 64'h1234567890ABCDEF; #(`P); 156 | if (out_ready !== 1) error; 157 | check({ {8{64'h1234567890ABCDEF}}, 64'h1234567890AB0180 }); 158 | is_last = 0; 159 | // eat these bits 160 | f_ack = 1; #(`P); f_ack = 0; 161 | // should not provide any more bits, if user provides nothing 162 | in_ready = 0; 163 | is_last = 0; 164 | for (i=0; i<10; i=i+1) 165 | begin 166 | if (out_ready === 1) error; 167 | #(`P); 168 | end 169 | in_ready = 0; 170 | 171 | $display("Good!"); 172 | $finish; 173 | end 174 | 175 | always #(`P/2) clk = ~ clk; 176 | 177 | task error; 178 | begin 179 | $display("E"); 180 | $finish; 181 | end 182 | endtask 183 | 184 | task check; 185 | input [575:0] wish; 186 | begin 187 | if (out !== wish) 188 | begin 189 | $display("out:%h wish:%h", out, wish); 190 | error; 191 | end 192 | end 193 | endtask 194 | endmodule 195 | 196 | `undef P 197 | -------------------------------------------------------------------------------- /integrity/core_ip/Keccak512/test_padder1.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | `timescale 1ns / 1ps 18 | `define P 20 19 | 20 | module test_padder1; 21 | 22 | // Inputs 23 | reg [63:0] in; 24 | reg [2:0] byte_num; 25 | 26 | // Outputs 27 | wire [63:0] out; 28 | 29 | reg [63:0] wish; 30 | 31 | // Instantiate the Unit Under Test (UUT) 32 | padder1 uut ( 33 | .in(in), 34 | .byte_num(byte_num), 35 | .out(out) 36 | ); 37 | 38 | initial begin 39 | // Initialize Inputs 40 | in = 0; 41 | byte_num = 0; 42 | 43 | // Wait 100 ns for global reset to finish 44 | #100; 45 | 46 | // Add stimulus here 47 | in = 64'h1234567890ABCDEF; 48 | byte_num = 0; 49 | wish = {8'h01, 56'h0}; 50 | check; 51 | byte_num = 1; 52 | wish = 64'h1201000000000000; 53 | check; 54 | byte_num = 2; 55 | wish = 64'h1234010000000000; 56 | check; 57 | byte_num = 3; 58 | wish = 64'h1234560100000000; 59 | check; 60 | byte_num = 4; 61 | wish = 64'h1234567801000000; 62 | check; 63 | byte_num = 5; 64 | wish = 64'h1234567890010000; 65 | check; 66 | byte_num = 6; 67 | wish = 64'h1234567890AB0100; 68 | check; 69 | byte_num = 7; 70 | wish = 64'h1234567890ABCD01; 71 | check; 72 | $display("Good!"); 73 | $finish; 74 | end 75 | 76 | task check; 77 | begin 78 | #(`P); 79 | if (out !== wish) 80 | begin 81 | $display("E"); 82 | $finish; 83 | end 84 | end 85 | endtask 86 | endmodule 87 | 88 | `undef P 89 | -------------------------------------------------------------------------------- /integrity/core_ip/Keccak512/test_rconst2in1.v: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2013, Homer Hsing 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | `timescale 1ns / 1ps 18 | `define P 20 19 | 20 | module test_rconst2in1; 21 | 22 | // Inputs 23 | reg [11:0] i; 24 | 25 | // Outputs 26 | wire [63:0] rc1; 27 | wire [63:0] rc2; 28 | 29 | // Instantiate the Unit Under Test (UUT) 30 | rconst2in1 uut ( 31 | .i(i), 32 | .rc1(rc1), 33 | .rc2(rc2) 34 | ); 35 | 36 | initial begin 37 | // Initialize Inputs 38 | i = 0; 39 | 40 | // Wait 100 ns for global reset to finish 41 | #100; 42 | 43 | // Add stimulus here 44 | i=0; i[0] = 1; 45 | #(`P/2); 46 | if(rc1 !== 64'h1) begin $display("E"); $finish; end 47 | if(rc2 !== 64'h8082) begin $display("E"); $finish; end 48 | i=0; i[1] = 1; 49 | #(`P/2); 50 | if(rc1 !== 64'h800000000000808a) begin $display("E"); $finish; end 51 | if(rc2 !== 64'h8000000080008000) begin $display("E"); $finish; end 52 | i=0; i[2] = 1; 53 | #(`P/2); 54 | if(rc1 !== 64'h808b) begin $display("E"); $finish; end 55 | if(rc2 !== 64'h80000001) begin $display("E"); $finish; end 56 | i=0; i[3] = 1; 57 | #(`P/2); 58 | if(rc1 !== 64'h8000000080008081) begin $display("E"); $finish; end 59 | if(rc2 !== 64'h8000000000008009) begin $display("E"); $finish; end 60 | i=0; i[4] = 1; 61 | #(`P/2); 62 | if(rc1 !== 64'h8a) begin $display("E"); $finish; end 63 | if(rc2 !== 64'h88) begin $display("E"); $finish; end 64 | i=0; i[5] = 1; 65 | #(`P/2); 66 | if(rc1 !== 64'h80008009) begin $display("E"); $finish; end 67 | if(rc2 !== 64'h8000000a) begin $display("E"); $finish; end 68 | i=0; i[6] = 1; 69 | #(`P/2); 70 | if(rc1 !== 64'h8000808b) begin $display("E"); $finish; end 71 | if(rc2 !== 64'h800000000000008b) begin $display("E"); $finish; end 72 | i=0; i[7] = 1; 73 | #(`P/2); 74 | if(rc1 !== 64'h8000000000008089) begin $display("E"); $finish; end 75 | if(rc2 !== 64'h8000000000008003) begin $display("E"); $finish; end 76 | i=0; i[8] = 1; 77 | #(`P/2); 78 | if(rc1 !== 64'h8000000000008002) begin $display("E"); $finish; end 79 | if(rc2 !== 64'h8000000000000080) begin $display("E"); $finish; end 80 | i=0; i[9] = 1; 81 | #(`P/2); 82 | if(rc1 !== 64'h800a) begin $display("E"); $finish; end 83 | if(rc2 !== 64'h800000008000000a) begin $display("E"); $finish; end 84 | i=0; i[10] = 1; 85 | #(`P/2); 86 | if(rc1 !== 64'h8000000080008081) begin $display("E"); $finish; end 87 | if(rc2 !== 64'h8000000000008080) begin $display("E"); $finish; end 88 | i=0; i[11] = 1; 89 | #(`P/2); 90 | if(rc1 !== 64'h80000001) begin $display("E"); $finish; end 91 | if(rc2 !== 64'h8000000080008008) begin $display("E"); $finish; end 92 | $display("Good!"); 93 | $finish; 94 | end 95 | 96 | endmodule 97 | 98 | `undef P 99 | -------------------------------------------------------------------------------- /integrity/old/IVCCLocal.vh: -------------------------------------------------------------------------------- 1 | localparam IPthStartAddr = 0, 2 | OPthStartAddr = PathSize_DRBursts, 3 | OBktOfIStartAddr = 2 * PathSize_DRBursts, 4 | HdStartAddr = 2 * PathSize_DRBursts + BktSize_DRBursts; 5 | 6 | localparam TotalBucketD = 2 * (ORAML + 1); -------------------------------------------------------------------------------- /integrity/old/SHA3Local.vh: -------------------------------------------------------------------------------- 1 | 2 | localparam FullDigestWidth = 224; 3 | 4 | localparam TrancateDigestWidth = `min(BktHSize_RndBits - BktHSize_RawBits, FullDigestWidth); // TODO trigger an assertion if this is too small (say < 80) 5 | 6 | `ifdef SIMULATION 7 | initial begin 8 | if (TrancateDigestWidth < HashPreimage) begin 9 | $display("[%m @ %t] ERROR: Digest size doesn't meet preimage resistance requirements.", $time); 10 | $finish; 11 | end 12 | end 13 | `endif 14 | 15 | localparam DigestStart = FullDigestWidth, 16 | DigestEnd = FullDigestWidth - TrancateDigestWidth; 17 | 18 | localparam PathBufAWidth = `log2(2 * PathSize_DRBursts + 2 * BktSize_DRBursts + BktHSize_DRBursts * (ORAML+1)); -------------------------------------------------------------------------------- /integrity/test/testIntegrityVerifier.v: -------------------------------------------------------------------------------- 1 | module testIntegrityVerifier; 2 | 3 | parameter NUMSHA3 = 1; 4 | 5 | `include "DDR3SDRAMLocal.vh" 6 | 7 | wire Clock, Reset; 8 | wire Request, Write; 9 | wire [8:0] Address; // TODO 10 | wire [DDRDWidth-1:0] DataIn; 11 | wire [DDRDWidth-1:0] DataOut; 12 | 13 | // Clock 14 | reg [64-1:0] CycleCount; 15 | initial begin 16 | CycleCount = 0; 17 | end 18 | always@(negedge Clock) begin 19 | CycleCount = CycleCount + 1; 20 | end 21 | 22 | assign Reset = CycleCount < 30; 23 | assign DataIn = {64{"deadbeef"}}; 24 | 25 | localparam Freq = 100_000_000; 26 | localparam Cycle = 1000000000/Freq; 27 | ClockSource #(Freq) ClockF100Gen(1'b1, Clock); 28 | 29 | IntegrityVerifier IV (Clock, Reset, Request, Write, Address, DataIn, DataOut); 30 | 31 | endmodule -------------------------------------------------------------------------------- /sram_wrap/rf1D_32soi_wrapper_gen.py: -------------------------------------------------------------------------------- 1 | import os, sys 2 | from math import * 3 | 4 | if len(sys.argv) >= 5: 5 | NWords, NBits, NDec, NCPBL = (int(arg) for arg in sys.argv[1:6]) 6 | else: 7 | print("Not enough arguments") 8 | exit() 9 | 10 | # generate SRAM name 11 | SRAM_name = "RF1DFCMN" # Must use F (latency = 1). TODO: other configs less relevent 12 | 13 | SRAM_name += "%05d" % NWords + "X%03d" % NBits + "D%02d" % NDec + "C%03d" % NCPBL 14 | 15 | print("generating wrapper for %s.v" % SRAM_name) 16 | 17 | # generate file 18 | f = open(SRAM_name + "_WRAP.v", 'w') 19 | 20 | f.write("// auto generated SRAM wrapper by rf1D_32soi_wrap_gen.py\n\n") 21 | 22 | # parameters and IO declaration 23 | _Addr = "_Addr" 24 | _DIn = "_DIn" 25 | _DOut = "_DOut" 26 | 27 | DWidth = NBits 28 | AWidth = int(log(NWords, 2)) 29 | 30 | Upper_IO = ["Clock", "Enable", "Write", _Addr, _DIn, _DOut] 31 | f.write("module " + SRAM_name + "_WRAP ({0});\n\n".format(", ".join(Upper_IO))) 32 | 33 | f.write("\tinput {0};\n".format(", ".join(Upper_IO[0:3]))) 34 | f.write("\tinput [{0}-1:0] {1};\n".format(AWidth, _Addr)) 35 | f.write("\tinput [{0}-1:0] {1};\n".format(DWidth, _DIn)) 36 | f.write("\toutput [{0}-1:0] {1};\n\n".format(DWidth, _DOut)) 37 | 38 | 39 | # ---- SRAM paramter and ports ---- 40 | # control ports 41 | Connection = [ 42 | ("CLK", "Clock"), 43 | ("CE", "Enable"), 44 | ("RDWEN", "!Write"), 45 | ("DEEPSLEEP", "1'b0"), 46 | ] 47 | 48 | divider = [('\n', 0)] 49 | Connection += divider 50 | 51 | def generatePorts(PortAndWidth): 52 | Ports = [] 53 | for port in PortAndWidth: 54 | if len(port) == 2: 55 | port_name, port_width = port 56 | ports = [port_name] * port_width 57 | Ports += [ports[i] + str(i) for i in range(port_width)] 58 | elif len(port) == 3: 59 | port_name, port_width1, port_width2 = port 60 | ports = [port_name] * port_width1 * port_width2 61 | Ports += [ports[i] + str(i) + str(j) for i in range(port_width1) for j in range(port_width2)] 62 | return Ports 63 | 64 | # addr ports 65 | ABW = 1 66 | ACW = 1 67 | ADW = int(log(NDec/2, 2)) 68 | AWW = AWidth - ABW - ACW - ADW 69 | AddrPorts = [("AB", ABW), ("AC", ACW), ("AD", ADW), ("AW", AWW)] 70 | AddrPorts = generatePorts(AddrPorts) 71 | 72 | Connection += [( AddrPorts[i], "{0}[{1}]".format(_Addr, str(i))) for i in range(AWidth)] 73 | Connection += divider 74 | 75 | # data ports 76 | Connection += [( 'D' + str(i), "{0}[{1}]".format(_DIn, str(i))) for i in range(DWidth)] 77 | Connection += [( 'Q' + str(i), "{0}[{1}]".format(_DOut, str(i))) for i in range(DWidth)] 78 | Connection += [( 'BW' + str(i), "1'b1") for i in range(DWidth)] 79 | Connection += divider 80 | 81 | # test ports 82 | Col_redundancy = int(ceil(log(ceil(NBits * NDec / 4), 2))) 83 | 84 | Connection += divider 85 | TestPorts = [ 86 | ("TAB", ABW), 87 | ("TAC", ACW), 88 | ("TAD", ADW), 89 | ("TAW", AWW), 90 | ("TQ", DWidth), 91 | ("TBW", DWidth), 92 | ("MIEMAT", 2), 93 | ("MIEMAW", 2), 94 | ("MIEMAWASS", 2), 95 | ("MIEMASASS", 3), 96 | ("CR0", Col_redundancy), 97 | ] 98 | 99 | TestPorts = generatePorts(TestPorts) 100 | 101 | TestPorts += [ 102 | "TCE", 103 | "TRDWEN", 104 | "TDEEPSLEEP", 105 | "MITESTM1", 106 | "MITESTM3", 107 | "MICLKMODE", 108 | "MILSMODE", 109 | "MIPIPEMODE", 110 | "MISTM", 111 | "MISASSD", 112 | "MIWASSD", 113 | "MIWRTM", 114 | "MIFLOOD", 115 | "CRE0", 116 | ] 117 | 118 | Connection += [ ( TestPorts[i], "1'b0") for i in range(len(TestPorts))] 119 | 120 | # ---- instantiate the SRAM ---- 121 | f.write("\t" + SRAM_name + ' SRAM (\n') 122 | 123 | for connect in Connection[0:len(Connection)-1]: 124 | if connect[0] == '\n': 125 | f.write('\n') 126 | else: 127 | f.write("\t\t.{0}(\t{1}),\n".format(connect[0], connect[1])) 128 | connect = Connection[-1] 129 | f.write("\t\t.{0}(\t{1}));\n".format(connect[0], connect[1])) 130 | 131 | 132 | f.write("endmodule\n") 133 | f.close() 134 | -------------------------------------------------------------------------------- /sram_wrap/rf2D_32soi_wrapper_gen.py: -------------------------------------------------------------------------------- 1 | import os, sys 2 | from math import * 3 | 4 | if len(sys.argv) >= 5: 5 | NWords, NBits, NDec, NCPBL = (int(arg) for arg in sys.argv[1:6]) 6 | else: 7 | print("Not enough arguments") 8 | exit() 9 | 10 | # generate SRAM name 11 | SRAM_name = "RF2DFCMN" # Must use F (latency = 1). TODO: other configs less relevent 12 | 13 | SRAM_name += "%05d" % NWords + "X%03d" % NBits + "D%02d" % NDec + "C%03d" % NCPBL 14 | 15 | print("generating wrapper for %s.v" % SRAM_name) 16 | 17 | # generate file 18 | f = open(SRAM_name + "_WRAP.v", 'w') 19 | 20 | f.write("// auto generated SRAM wrapper by rf2D_32soi_wrap_gen.py\n\n") 21 | 22 | # parameters and IO declaration 23 | _RAddr = "_RAddr" 24 | _WAddr = "_WAddr" 25 | _DIn = "_DIn" 26 | _DOut = "_DOut" 27 | 28 | DWidth = NBits 29 | AWidth = int(log(NWords, 2)) 30 | 31 | Upper_IO = ["Clock", "Read", "Write", _RAddr, _WAddr, _DIn, _DOut] 32 | f.write("module " + SRAM_name + "_WRAP ({0});\n\n".format(", ".join(Upper_IO))) 33 | 34 | f.write("\tinput {0};\n".format(", ".join(Upper_IO[0:3]))) 35 | f.write("\tinput [{0}-1:0] {1};\n".format(AWidth, _RAddr + ', ' + _WAddr)) 36 | f.write("\tinput [{0}-1:0] {1};\n".format(DWidth, _DIn)) 37 | f.write("\toutput [{0}-1:0] {1};\n\n".format(DWidth, _DOut)) 38 | 39 | # ---- SRAM paramter and ports ---- 40 | # control ports 41 | Connection = [ 42 | ("CLK", "Clock"), 43 | ("CER", "Read"), 44 | ("CEW", "Write"), 45 | ("DEEPSLEEP", "1'b0"), 46 | ] 47 | 48 | divider = [('\n', 0)] 49 | Connection += divider 50 | 51 | def generatePorts(PortAndWidth): 52 | Ports = [] 53 | for port in PortAndWidth: 54 | if len(port) == 2: 55 | port_name, port_width = port 56 | ports = [port_name] * port_width 57 | Ports += [ports[i] + str(i) for i in range(port_width)] 58 | elif len(port) == 3: 59 | port_name, port_width1, port_width2 = port 60 | ports = [port_name] * port_width1 * port_width2 61 | Ports += [ports[i] + str(i) + str(j) for i in range(port_width1) for j in range(port_width2)] 62 | return Ports 63 | 64 | # addr ports 65 | ABW = 1 66 | ACW = 1 67 | ADW = int(log(NDec/2, 2)) 68 | AWW = AWidth - ABW - ACW - ADW 69 | 70 | # port1 71 | AddrPorts = [("ABR", ABW), ("ACR", ACW), ("ADR", ADW), ("AWR", AWW)] 72 | AddrPorts = generatePorts(AddrPorts) 73 | Connection += [( AddrPorts[i], "{0}[{1}]".format(_RAddr, str(i))) for i in range(AWidth)] 74 | Connection += divider 75 | # port 2 76 | AddrPorts = [("ABW", ABW), ("ACW", ACW), ("ADW", ADW), ("AWW", AWW)] 77 | AddrPorts = generatePorts(AddrPorts) 78 | Connection += [( AddrPorts[i], "{0}[{1}]".format(_WAddr, str(i))) for i in range(AWidth)] 79 | Connection += divider 80 | 81 | # data ports 82 | Connection += [( 'D' + str(i), "{0}[{1}]".format(_DIn, str(i))) for i in range(DWidth)] 83 | Connection += [( 'Q' + str(i), "{0}[{1}]".format(_DOut, str(i))) for i in range(DWidth)] 84 | Connection += [( 'BW' + str(i), "1'b1") for i in range(DWidth)] 85 | Connection += divider 86 | 87 | # test ports 88 | Col_redundancy = int(ceil(log(ceil(NBits * NDec / 4), 2))) 89 | 90 | Connection += divider 91 | TestPorts = [ 92 | ("TABR", ABW), 93 | ("TACR", ACW), 94 | ("TADR", ADW), 95 | ("TAWR", AWW), 96 | ("TABW", ABW), 97 | ("TACW", ACW), 98 | ("TADW", ADW), 99 | ("TAWW", AWW), 100 | ("TD", DWidth), 101 | ("TQ", DWidth), 102 | ("TBW", DWidth), 103 | ("MIEMAM", 2), 104 | ("MIEMAT", 2), 105 | ("MIEMAW", 2), 106 | ("MIEMAWASS", 2), 107 | ("MIEMASASS", 3), 108 | ("CR0", Col_redundancy), 109 | ] 110 | 111 | TestPorts = generatePorts(TestPorts) 112 | 113 | TestPorts += [ 114 | "MICLKMODE", 115 | "MIFLOOD", 116 | "MILSMODE", 117 | "MIPIPEMODE", 118 | "MISASSD", 119 | "MISTM", 120 | "MITESTM1", 121 | "MITESTM3", 122 | "MIWASSD", 123 | "MIWRTM", 124 | "TCER", 125 | "TCEW", 126 | "TDEEPSLEEP", 127 | "CRE0", 128 | ] 129 | 130 | Connection += [ ( TestPorts[i], "1'b0") for i in range(len(TestPorts))] 131 | 132 | # ---- instantiate the SRAM ---- 133 | f.write("\t" + SRAM_name + ' SRAM (\n') 134 | 135 | for connect in Connection[0:len(Connection)-1]: 136 | if connect[0] == '\n': 137 | f.write('\n') 138 | else: 139 | f.write("\t\t.{0}(\t{1}),\n".format(connect[0], connect[1])) 140 | connect = Connection[-1] 141 | f.write("\t\t.{0}(\t{1}));\n".format(connect[0], connect[1])) 142 | 143 | f.write("endmodule\n") 144 | f.close() 145 | -------------------------------------------------------------------------------- /sram_wrap/sram1D_32soi_wrapper_gen.py: -------------------------------------------------------------------------------- 1 | import os, sys 2 | from math import * 3 | 4 | if len(sys.argv) >= 5: 5 | NWords, NBits, NDec, NCPBL = (int(arg) for arg in sys.argv[1:6]) 6 | else: 7 | print("Not enough arguments") 8 | exit() 9 | 10 | # generate SRAM name 11 | SRAM_name = "SRAM1DFCMN" # Must use F (latency = 1). TODO: other configs less relevent 12 | 13 | SRAM_name += "%05d" % NWords + "X%03d" % NBits + "D%02d" % NDec + "C%03d" % NCPBL 14 | 15 | print("generating wrapper for %s.v" % SRAM_name) 16 | 17 | # generate file 18 | f = open(SRAM_name + "_WRAP.v", 'w') 19 | 20 | f.write("// auto generated SRAM wrapper by sram_wrap_gen.py\n\n") 21 | 22 | # parameters and IO declaration 23 | _Addr = "_Addr" 24 | _DIn = "_DIn" 25 | _DOut = "_DOut" 26 | 27 | DWidth = NBits 28 | AWidth = int(log(NWords, 2)) 29 | 30 | Upper_IO = ["Clock", "Enable", "Write", _Addr, _DIn, _DOut] 31 | f.write("module " + SRAM_name + "_WRAP ({0});\n\n".format(", ".join(Upper_IO))) 32 | 33 | f.write("\tinput {0};\n".format(", ".join(Upper_IO[0:3]))) 34 | f.write("\tinput [{0}-1:0] {1};\n".format(AWidth, _Addr)) 35 | f.write("\tinput [{0}-1:0] {1};\n".format(DWidth, _DIn)) 36 | f.write("\toutput [{0}-1:0] {1};\n\n".format(DWidth, _DOut)) 37 | 38 | ''' 39 | f.write("\tparameter DWidth = {0}, AWidth = {1};\n".format(str(DWidth), str(AWidth))) 40 | f.write("\t// this wrapper allows using part of an SRAM when D/A Width < default value\n") 41 | f.write("\tinput {0};\n".format(", ".join(Upper_IO[0:4]))) 42 | f.write("\tinput [AWidth-1:0] Address;\n") 43 | f.write("\tinput [DWidth-1:0] DIn;\n") 44 | f.write("\toutput [DWidth-1:0] DOut;\n\n") 45 | 46 | f.write("\twire [{0}-1:0] {1};\n".format(str(AWidth), _Addr)) 47 | f.write("\twire [{0}-1:0] {1};\n".format(str(DWidth), _DIn)) 48 | f.write("\twire [{0}-1:0] {1};\n".format(str(DWidth), _DOut)) 49 | f.write("\tassign {0} = Address;\n".format(_Addr)) 50 | f.write("\tassign {0} = DIn;\n".format(_DIn)) 51 | f.write("\tassign DOut = {0}[DWidth-1:0];\n\n".format(_DOut)) 52 | ''' 53 | 54 | # ---- SRAM paramter and ports ---- 55 | # control ports 56 | Connection = [ 57 | ("CLK", "Clock"), 58 | ("CE", "Enable"), 59 | ("RDWEN", "!Write"), 60 | ("PGDISABLE", "1'b1"), 61 | ("DEEPSLEEP", "1'b0"), 62 | ] 63 | 64 | divider = [('\n', 0)] 65 | Connection += divider 66 | 67 | def generatePorts(PortAndWidth): 68 | Ports = [] 69 | for port in PortAndWidth: 70 | if len(port) == 2: 71 | port_name, port_width = port 72 | ports = [port_name] * port_width 73 | Ports += [ports[i] + str(i) for i in range(port_width)] 74 | elif len(port) == 3: 75 | port_name, port_width1, port_width2 = port 76 | ports = [port_name] * port_width1 * port_width2 77 | Ports += [ports[i] + str(i) + str(j) for i in range(port_width1) for j in range(port_width2)] 78 | return Ports 79 | 80 | # addr ports 81 | ABW = int(ceil(log(ceil(NWords/256.0/NDec), 2))) + 1 82 | ACW = 2 83 | ADW = int(log(NDec/4, 2)) 84 | AWW = AWidth - ABW - ACW - ADW 85 | AddrPorts = [("AB", ABW), ("AC", ACW), ("AD", ADW), ("AW", AWW)] 86 | AddrPorts = generatePorts(AddrPorts) 87 | 88 | Connection += [( AddrPorts[i], "{0}[{1}]".format(_Addr, str(i))) for i in range(AWidth)] 89 | Connection += divider 90 | 91 | # data ports 92 | Connection += [( 'D' + str(i), "{0}[{1}]".format(_DIn, str(i))) for i in range(DWidth)] 93 | Connection += [( 'Q' + str(i), "{0}[{1}]".format(_DOut, str(i))) for i in range(DWidth)] 94 | Connection += [( 'BW' + str(i), "1'b1") for i in range(DWidth)] 95 | Connection += divider 96 | 97 | # test ports 98 | Row_redundancy = 0 if SRAM_name[7] == 'C' else 4 99 | Col_redundancy = int(ceil(log(ceil(NBits * NDec / 8), 2))) 100 | 101 | Connection += divider 102 | TestPorts = [ 103 | ("TAB", ABW), 104 | ("TAC", ACW), 105 | ("TAD", ADW), 106 | ("TAW", AWW), 107 | ("TQ", DWidth), 108 | ("TBW", DWidth), 109 | ("MIEMAT", 2), 110 | ("MIEMAW", 2), 111 | ("MIEMAWASS", 2), 112 | ("MIEMASASS", 3), 113 | ("CRE", 2), 114 | ("RRE", Row_redundancy), # could be 0 or 4 depending on row redundancy 115 | ("CR", 2, Col_redundancy), 116 | ("RR", Row_redundancy, Col_redundancy), 117 | ] 118 | 119 | TestPorts = generatePorts(TestPorts) 120 | 121 | TestPorts += [ 122 | "TCE", 123 | "TRDWEN", 124 | "TPGDISABLE", 125 | "TDEEPSLEEP", 126 | "MITESTM1", 127 | "MITESTM3", 128 | "MICLKMODE", 129 | "MILSMODE", 130 | "MIPIPEMODE", 131 | "MISTM", 132 | "MISASSD", 133 | "MIWASSD", 134 | "MIWRTM", 135 | "MIFLOOD", 136 | ] 137 | 138 | Connection += [ ( TestPorts[i], "1'b0") for i in range(len(TestPorts))] 139 | 140 | # ---- instantiate the SRAM ---- 141 | f.write("\t" + SRAM_name + ' SRAM (\n') 142 | 143 | connect = Connection[0] 144 | f.write("\t\t.{0}(\t{1})".format(connect[0], connect[1])) 145 | for connect in Connection[1:]: 146 | if connect[0] == '\n': 147 | f.write('\n') 148 | else: 149 | f.write(",\n\t\t.{0}(\t{1})".format(connect[0], connect[1])) 150 | 151 | f.write(");\n") 152 | 153 | 154 | f.write("endmodule\n") 155 | f.close() 156 | -------------------------------------------------------------------------------- /sram_wrap/sram2D_32soi_wrapper_gen.py: -------------------------------------------------------------------------------- 1 | import os, sys 2 | from math import * 3 | 4 | if len(sys.argv) >= 5: 5 | NWords, NBits, NDec, NCPBL = (int(arg) for arg in sys.argv[1:6]) 6 | else: 7 | print("Not enough arguments") 8 | exit() 9 | 10 | # generate SRAM name 11 | SRAM_name = "SRAM2DFCMN" # Must use F (latency = 1). TODO: other configs less relevent 12 | 13 | SRAM_name += "%05d" % NWords + "X%03d" % NBits + "D%02d" % NDec + "C%03d" % NCPBL 14 | 15 | print("generating wrapper for %s.v" % SRAM_name) 16 | 17 | # generate file 18 | f = open(SRAM_name + "_WRAP.v", 'w') 19 | 20 | f.write("// auto generated SRAM wrapper by sram_wrap_gen.py\n\n") 21 | 22 | # parameters and IO declaration 23 | _RAddr = "_RAddr" 24 | _WAddr = "_WAddr" 25 | _DIn = "_DIn" 26 | _DOut = "_DOut" 27 | 28 | DWidth = NBits 29 | AWidth = int(log(NWords, 2)) 30 | 31 | Upper_IO = ["Clock", "Read", "Write", _RAddr, _WAddr, _DIn, _DOut] 32 | f.write("module " + SRAM_name + "_WRAP ({0});\n\n".format(", ".join(Upper_IO))) 33 | 34 | f.write("\tinput {0};\n".format(", ".join(Upper_IO[0:3]))) 35 | f.write("\tinput [{0}-1:0] {1};\n".format(AWidth, _RAddr + ', ' + _WAddr)) 36 | f.write("\tinput [{0}-1:0] {1};\n".format(DWidth, _DIn)) 37 | f.write("\toutput [{0}-1:0] {1};\n\n".format(DWidth, _DOut)) 38 | 39 | # ---- SRAM paramter and ports ---- 40 | # control ports 41 | Connection = [ 42 | ("CLK", "Clock"), 43 | ("CER", "Read"), 44 | ("CEW", "Write"), 45 | ("DEEPSLEEP", "1'b0"), 46 | ("PGDISABLE", "1'b1"), 47 | ] 48 | 49 | divider = [('\n', 0)] 50 | Connection += divider 51 | 52 | def generatePorts(PortAndWidth): 53 | Ports = [] 54 | for port in PortAndWidth: 55 | if len(port) == 2: 56 | port_name, port_width = port 57 | ports = [port_name] * port_width 58 | Ports += [ports[i] + str(i) for i in range(port_width)] 59 | elif len(port) == 3: 60 | port_name, port_width1, port_width2 = port 61 | ports = [port_name] * port_width1 * port_width2 62 | Ports += [ports[i] + str(i) + str(j) for i in range(port_width1) for j in range(port_width2)] 63 | return Ports 64 | 65 | # addr ports 66 | ABW = int(ceil(log(ceil(NWords /2/NCPBL/NDec), 2))) + 1 67 | ACW = 2 68 | ADW = int(log(NDec/4, 2)) 69 | AWW = AWidth - ABW - ACW - ADW 70 | 71 | # port1 72 | AddrPorts = [("ABR", ABW), ("ACR", ACW), ("ADR", ADW), ("AWR", AWW)] 73 | AddrPorts = generatePorts(AddrPorts) 74 | Connection += [( AddrPorts[i], "{0}[{1}]".format(_RAddr, str(i))) for i in range(AWidth)] 75 | Connection += divider 76 | # port 2 77 | AddrPorts = [("ABW", ABW), ("ACW", ACW), ("ADW", ADW), ("AWW", AWW)] 78 | AddrPorts = generatePorts(AddrPorts) 79 | Connection += [( AddrPorts[i], "{0}[{1}]".format(_WAddr, str(i))) for i in range(AWidth)] 80 | Connection += divider 81 | 82 | # data ports 83 | Connection += [( 'D' + str(i), "{0}[{1}]".format(_DIn, str(i))) for i in range(DWidth)] 84 | Connection += [( 'Q' + str(i), "{0}[{1}]".format(_DOut, str(i))) for i in range(DWidth)] 85 | Connection += [( 'BW' + str(i), "1'b1") for i in range(DWidth)] 86 | Connection += divider 87 | 88 | # test ports 89 | Col_redundancy = int(ceil(log(ceil(NBits * NDec / 8), 2))) 90 | Row_redundancy = 0 if SRAM_name[7] == 'C' else 4 91 | 92 | Connection += divider 93 | TestPorts = [ 94 | ("TABR", ABW), 95 | ("TACR", ACW), 96 | ("TADR", ADW), 97 | ("TAWR", AWW), 98 | ("TABW", ABW), 99 | ("TACW", ACW), 100 | ("TADW", ADW), 101 | ("TAWW", AWW), 102 | ("TD", DWidth), 103 | ("TQ", DWidth), 104 | ("TBW", DWidth), 105 | ("MIEMAM", 2), 106 | ("MIEMAT", 2), 107 | ("MIEMAW", 2), 108 | ("MIEMAWASS", 2), 109 | ("MIEMASASS", 3), 110 | ("CRE", 2), 111 | ("CR", 2, Col_redundancy), 112 | ("RRE", Row_redundancy), 113 | ("RR", Row_redundancy, AWW), 114 | ] 115 | 116 | TestPorts = generatePorts(TestPorts) 117 | 118 | TestPorts += [ 119 | "MICLKMODE", 120 | "MIFLOOD", 121 | "MILSMODE", 122 | "MIPIPEMODE", 123 | "MISASSD", 124 | "MISTM", 125 | "MITESTM1", 126 | "MITESTM3", 127 | "MIWASSD", 128 | "MIWRTM", 129 | "TCER", 130 | "TCEW", 131 | "TDEEPSLEEP", 132 | "CRE0", 133 | ] 134 | 135 | Connection += [ ( TestPorts[i], "1'b0") for i in range(len(TestPorts))] 136 | 137 | # ---- instantiate the SRAM ---- 138 | f.write("\t" + SRAM_name + ' SRAM (\n') 139 | 140 | for connect in Connection[0:len(Connection)-1]: 141 | if connect[0] == '\n': 142 | f.write('\n') 143 | else: 144 | f.write("\t\t.{0}(\t{1}),\n".format(connect[0], connect[1])) 145 | connect = Connection[-1] 146 | f.write("\t\t.{0}(\t{1}));\n".format(connect[0], connect[1])) 147 | 148 | f.write("endmodule\n") 149 | f.close() 150 | -------------------------------------------------------------------------------- /sram_wrap/sram2S_32soi_wrapper_gen.py: -------------------------------------------------------------------------------- 1 | import os, sys 2 | from math import * 3 | 4 | if len(sys.argv) >= 5: 5 | NWords, NBits, NDec, NCPBL = (int(arg) for arg in sys.argv[1:6]) 6 | else: 7 | print("Not enough arguments") 8 | exit() 9 | 10 | # generate SRAM name 11 | SRAM_name = "SRAM2SFCMN" # Must use F (latency = 1). TODO: other configs less relevent 12 | 13 | SRAM_name += "%05d" % NWords + "X%03d" % NBits + "D%02d" % NDec + "C%03d" % NCPBL 14 | 15 | print("generating wrapper for %s.v" % SRAM_name) 16 | 17 | # generate file 18 | f = open(SRAM_name + "_WRAP.v", 'w') 19 | 20 | f.write("// auto generated SRAM wrapper by sram_wrap_gen.py\n\n") 21 | 22 | # parameters and IO declaration 23 | _AddrA = "_AddrA" 24 | _AddrB = "_AddrB" 25 | _DInA = "_DInA" 26 | _DInB = "_DInB" 27 | _DOutA = "_DOutA" 28 | _DOutB = "_DOutB" 29 | 30 | DWidth = NBits 31 | AWidth = int(log(NWords, 2)) 32 | 33 | Upper_IO = ["Clock", "EnableA", "WriteA", "EnableB", "WriteB", _AddrA, _DInA, _DOutA, _AddrB, _DInB, _DOutB] 34 | f.write("module " + SRAM_name + "_WRAP ({0});\n\n".format(", ".join(Upper_IO))) 35 | 36 | f.write("\tinput {0};\n".format(", ".join(Upper_IO[0:5]))) 37 | f.write("\tinput [{0}-1:0] {1};\n".format(AWidth, _AddrA + ', ' + _AddrB)) 38 | f.write("\tinput [{0}-1:0] {1};\n".format(DWidth, _DInA + ', ' + _DInB)) 39 | f.write("\toutput [{0}-1:0] {1};\n\n".format(DWidth, _DOutA + ', ' + _DOutB)) 40 | 41 | # ---- SRAM paramter and ports ---- 42 | # control ports 43 | Connection = [ 44 | ("CLKA", "Clock"), 45 | ("CLKB", "Clock"), 46 | ("CEA", "EnableA"), 47 | ("CEB", "EnableB"), 48 | ("RDWENA", "!WriteA"), 49 | ("RDWENB", "!WriteB"), 50 | ("DEEPSLEEP", "1'b0"), 51 | ("PGDISABLE", "1'b1"), 52 | ] 53 | 54 | divider = [('\n', 0)] 55 | Connection += divider 56 | 57 | def generatePorts(PortAndWidth): 58 | Ports = [] 59 | for port in PortAndWidth: 60 | if len(port) == 2: 61 | port_name, port_width = port 62 | ports = [port_name] * port_width 63 | Ports += [ports[i] + str(i) for i in range(port_width)] 64 | elif len(port) == 3: 65 | port_name, port_width1, port_width2 = port 66 | ports = [port_name] * port_width1 * port_width2 67 | Ports += [ports[i] + str(i) + str(j) for i in range(port_width1) for j in range(port_width2)] 68 | return Ports 69 | 70 | # addr ports 71 | p = ceil(NWords/(NCPBL*NDec)) 72 | if p > 0: ABW = int(ceil(log(p, 2))) 73 | else: ABW = 0 74 | ACW = 2 75 | ADW = int(log(NDec/4, 2)) 76 | AWW = AWidth - ABW - ACW - ADW 77 | 78 | # port1 79 | AddrPorts = [("ABA", ABW), ("ACA", ACW), ("ADA", ADW), ("AWA", AWW)] 80 | AddrPorts = generatePorts(AddrPorts) 81 | Connection += [( AddrPorts[i], "{0}[{1}]".format(_AddrA, str(i))) for i in range(AWidth)] 82 | Connection += divider 83 | # port 2 84 | AddrPorts = [("ABB", ABW), ("ACB", ACW), ("ADB", ADW), ("AWB", AWW)] 85 | AddrPorts = generatePorts(AddrPorts) 86 | Connection += [( AddrPorts[i], "{0}[{1}]".format(_AddrB, str(i))) for i in range(AWidth)] 87 | Connection += divider 88 | 89 | # data ports 90 | Connection += [( 'DA' + str(i), "{0}[{1}]".format(_DInA, str(i))) for i in range(DWidth)] 91 | Connection += [( 'QA' + str(i), "{0}[{1}]".format(_DOutA, str(i))) for i in range(DWidth)] 92 | Connection += [( 'BWA' + str(i), "1'b1") for i in range(DWidth)] 93 | Connection += divider 94 | Connection += [( 'DB' + str(i), "{0}[{1}]".format(_DInB, str(i))) for i in range(DWidth)] 95 | Connection += [( 'QB' + str(i), "{0}[{1}]".format(_DOutB, str(i))) for i in range(DWidth)] 96 | Connection += [( 'BWB' + str(i), "1'b1") for i in range(DWidth)] 97 | Connection += divider 98 | 99 | # test ports 100 | Col_redundancy = int(ceil(log(ceil(NBits * NDec / 8), 2))) 101 | Row_redundancy = 0 if SRAM_name[7] == 'C' else 4 102 | 103 | Connection += divider 104 | TestPorts = [ 105 | ("TABA", ABW), 106 | ("TACA", ACW), 107 | ("TADA", ADW), 108 | ("TAWA", AWW), 109 | ("TABB", ABW), 110 | ("TACB", ACW), 111 | ("TADB", ADW), 112 | ("TAWB", AWW), 113 | ("TDA", DWidth), 114 | ("TQA", DWidth), 115 | ("TBWA", DWidth), 116 | ("TDB", DWidth), 117 | ("TQB", DWidth), 118 | ("TBWB", DWidth), 119 | ("MIEMAT", 3), 120 | ("MIEMAW", 2), 121 | ("MIEMASASS", 3), 122 | ("MIEMAWASS", 2), 123 | ("CRE", 2), 124 | ("CR", 2, Col_redundancy), 125 | ("RRE", Row_redundancy), 126 | ("RR", Row_redundancy, AWW), 127 | ] 128 | 129 | TestPorts = generatePorts(TestPorts) 130 | 131 | TestPorts += [ 132 | "TPGDISABLE", 133 | "TDEEPSLEEP", 134 | "MICLKMODE", 135 | "MIDPTEN", 136 | "MIEMAM", 137 | "MIFLOOD", 138 | "MILSMODE", 139 | "MIPIPEMODE", 140 | "MISASSD", 141 | "MISTM", 142 | "MITESTM1", 143 | "MITESTM3", 144 | "MITESTWT", 145 | "MIWASSD", 146 | "MIWRTM", 147 | "TCEA", 148 | "TCEB", 149 | "TRDWENA", 150 | "TRDWENB", 151 | "MIPORTSEL", 152 | "MIDPT0", 153 | "MIDPT1", 154 | "MIDPT2", 155 | "MIDPT3" 156 | ] 157 | 158 | Connection += [ ( TestPorts[i], "1'b0") for i in range(len(TestPorts))] 159 | 160 | # ---- instantiate the SRAM ---- 161 | f.write("\t" + SRAM_name + ' SRAM (\n') 162 | 163 | for connect in Connection[0:len(Connection)-1]: 164 | if connect[0] == '\n': 165 | f.write('\n') 166 | else: 167 | f.write("\t\t.{0}(\t{1}),\n".format(connect[0], connect[1])) 168 | connect = Connection[-1] 169 | f.write("\t\t.{0}(\t{1}));\n".format(connect[0], connect[1])) 170 | 171 | f.write("endmodule\n") 172 | f.close() 173 | -------------------------------------------------------------------------------- /sram_wrap/sram_32soi_wrapper_gen.py: -------------------------------------------------------------------------------- 1 | import os, sys 2 | from math import * 3 | 4 | if len(sys.argv) >= 6: 5 | NPorts, NWords, NBits, NDec, NCPBL = (int(arg) for arg in sys.argv[1:6]) 6 | elif len(sys.argv) >= 4: 7 | NPorts, NWords, NBits = (int(arg) for arg in sys.argv[1:4]) 8 | NDec, NCPBL = (8, 64) 9 | else: 10 | print("Not enough arguments") 11 | exit() 12 | 13 | # generate SRAM name 14 | SRAM_name = "SRAM" 15 | SRAM_name += "1D" if NPorts == 1 else "2S" 16 | SRAM_name += "FCMN" # Must use F (latency = 1). TODO: other configs less relevent 17 | 18 | SRAM_name += "%05d" % NWords + "X%03d" % NBits + "D%02d" % NDec + "C%03d" % NCPBL 19 | 20 | print("generating wrapper for %s.v" % SRAM_name) 21 | 22 | # generate file 23 | f = open(SRAM_name + "_WRAP.v", 'w') 24 | 25 | f.write("// auto generated SRAM wrapper by sram_wrap_gen.py\n\n") 26 | 27 | # parameters and IO declaration 28 | _Addr = "_Addr" 29 | _DIn = "_DIn" 30 | _DOut = "_DOut" 31 | 32 | DWidth = NBits 33 | AWidth = int(log(NWords, 2)) 34 | 35 | Upper_IO = ["Clock", "Enable", "Write", _Addr, _DIn, _DOut] 36 | f.write("module " + SRAM_name + "_WRAP ({0});\n\n".format(", ".join(Upper_IO))) 37 | 38 | f.write("\tinput {0};\n".format(", ".join(Upper_IO[0:3]))) 39 | f.write("\tinput [{0}-1:0] {1};\n".format(AWidth, _Addr)) 40 | f.write("\tinput [{0}-1:0] {1};\n".format(DWidth, _DIn)) 41 | f.write("\toutput [{0}-1:0] {1};\n\n".format(DWidth, _DOut)) 42 | 43 | ''' 44 | f.write("\tparameter DWidth = {0}, AWidth = {1};\n".format(str(DWidth), str(AWidth))) 45 | f.write("\t// this wrapper allows using part of an SRAM when D/A Width < default value\n") 46 | f.write("\tinput {0};\n".format(", ".join(Upper_IO[0:4]))) 47 | f.write("\tinput [AWidth-1:0] Address;\n") 48 | f.write("\tinput [DWidth-1:0] DIn;\n") 49 | f.write("\toutput [DWidth-1:0] DOut;\n\n") 50 | 51 | f.write("\twire [{0}-1:0] {1};\n".format(str(AWidth), _Addr)) 52 | f.write("\twire [{0}-1:0] {1};\n".format(str(DWidth), _DIn)) 53 | f.write("\twire [{0}-1:0] {1};\n".format(str(DWidth), _DOut)) 54 | f.write("\tassign {0} = Address;\n".format(_Addr)) 55 | f.write("\tassign {0} = DIn;\n".format(_DIn)) 56 | f.write("\tassign DOut = {0}[DWidth-1:0];\n\n".format(_DOut)) 57 | ''' 58 | 59 | # ---- SRAM paramter and ports ---- 60 | # control ports 61 | Connection = [ 62 | ("CLK", "Clock"), 63 | ("CE", "Enable"), 64 | ("RDWEN", "!Write"), 65 | ("PGDISABLE", "1'b1"), 66 | ("DEEPSLEEP", "1'b0"), 67 | ] 68 | 69 | divider = [('\n', 0)] 70 | Connection += divider 71 | 72 | def generatePorts(PortAndWidth): 73 | Ports = [] 74 | for port in PortAndWidth: 75 | if len(port) == 2: 76 | port_name, port_width = port 77 | ports = [port_name] * port_width 78 | Ports += [ports[i] + str(i) for i in range(port_width)] 79 | elif len(port) == 3: 80 | port_name, port_width1, port_width2 = port 81 | ports = [port_name] * port_width1 * port_width2 82 | Ports += [ports[i] + str(i) + str(j) for i in range(port_width1) for j in range(port_width2)] 83 | return Ports 84 | 85 | # addr ports 86 | ABW = int(ceil(log(ceil(NWords/256.0/NDec), 2))) + 1 87 | ACW = 2 88 | ADW = int(log(NDec/4, 2)) 89 | AWW = AWidth - ABW - ACW - ADW 90 | AddrPorts = [("AB", ABW), ("AC", ACW), ("AD", ADW), ("AW", AWW)] 91 | AddrPorts = generatePorts(AddrPorts) 92 | 93 | Connection += [( AddrPorts[i], "{0}[{1}]".format(_Addr, str(i))) for i in range(AWidth)] 94 | Connection += divider 95 | 96 | # data ports 97 | Connection += [( 'D' + str(i), "{0}[{1}]".format(_DIn, str(i))) for i in range(DWidth)] 98 | Connection += [( 'Q' + str(i), "{0}[{1}]".format(_DOut, str(i))) for i in range(DWidth)] 99 | Connection += [( 'BW' + str(i), "1'b1") for i in range(DWidth)] 100 | Connection += divider 101 | 102 | # test ports 103 | Row_redundancy = 0 if SRAM_name[7] == 'C' else 4 104 | Col_redundancy = int(ceil(log(ceil(NBits * NDec / 8), 2))) 105 | 106 | Connection += divider 107 | TestPorts = [ 108 | ("TAB", ABW), 109 | ("TAC", ACW), 110 | ("TAD", ADW), 111 | ("TAW", AWW), 112 | ("TQ", DWidth), 113 | ("TBW", DWidth), 114 | ("MIEMAT", 2), 115 | ("MIEMAW", 2), 116 | ("MIEMAWASS", 2), 117 | ("MIEMASASS", 3), 118 | ("CRE", 2), 119 | ("RRE", Row_redundancy), # could be 0 or 4 depending on row redundancy 120 | ("CR", 2, Col_redundancy), 121 | ("RR", Row_redundancy, Col_redundancy), 122 | ] 123 | 124 | TestPorts = generatePorts(TestPorts) 125 | 126 | TestPorts += [ 127 | "TCE", 128 | "TRDWEN", 129 | "TPGDISABLE", 130 | "TDEEPSLEEP", 131 | "MITESTM1", 132 | "MITESTM3", 133 | "MICLKMODE", 134 | "MILSMODE", 135 | "MIPIPEMODE", 136 | "MISTM", 137 | "MISASSD", 138 | "MIWASSD", 139 | "MIWRTM", 140 | "MIFLOOD", 141 | ] 142 | 143 | Connection += [ ( TestPorts[i], "1'b0") for i in range(len(TestPorts))] 144 | 145 | # ---- instantiate the SRAM ---- 146 | f.write("\t" + SRAM_name + ' SRAM (\n') 147 | 148 | connect = Connection[0] 149 | f.write("\t\t.{0}(\t{1})".format(connect[0], connect[1])) 150 | for connect in Connection[1:]: 151 | if connect[0] == '\n': 152 | f.write('\n') 153 | else: 154 | f.write(",\n\t\t.{0}(\t{1})".format(connect[0], connect[1])) 155 | 156 | f.write(");\n") 157 | 158 | 159 | f.write("endmodule\n") 160 | f.close() 161 | -------------------------------------------------------------------------------- /util/put ORAM ecc here: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ascend-secure-processor/oram/18ece0764c4feb5b34f568b2bf9e18081a781a06/util/put ORAM ecc here --------------------------------------------------------------------------------