blob: 77420cf2f7b551914062ca8952a65c2ddf01f136 [file] [log] [blame]
// Copyright lowRISC contributors.
// Licensed under the Apache License, Version 2.0, see LICENSE for details.
// SPDX-License-Identifier: Apache-2.0
//
// Key manager input checks
// Checks input data for errors
`include "prim_assert.sv"
// We should also check for input validity
module keymgr_input_checks import keymgr_pkg::*; #(
parameter bit KmacEnMasking = 1'b1
) (
input rom_ctrl_pkg::keymgr_data_t rom_digest_i,
input [2**StageWidth-1:0][31:0] max_key_versions_i,
input keymgr_stage_e stage_sel_i,
input hw_key_req_t key_i,
input [31:0] key_version_i,
input [KeyWidth-1:0] creator_seed_i,
input [KeyWidth-1:0] owner_seed_i,
input [DevIdWidth-1:0] devid_i,
input [HealthStateWidth-1:0] health_state_i,
output logic creator_seed_vld_o,
output logic owner_seed_vld_o,
output logic devid_vld_o,
output logic health_state_vld_o,
output logic key_version_vld_o,
output logic key_vld_o,
output logic rom_digest_vld_o
);
logic [31:0] cur_max_key_version;
assign cur_max_key_version = max_key_versions_i[stage_sel_i];
// key version must be smaller than or equal to max version
assign key_version_vld_o = key_version_i <= cur_max_key_version;
// general data check
logic [MaxWidth-1:0] creator_seed_padded, owner_seed_padded, devid_padded, health_state_padded;
prim_msb_extend #(
.InWidth(KeyWidth),
.OutWidth(MaxWidth)
) u_creator_seed (
.in_i(creator_seed_i),
.out_o(creator_seed_padded)
);
prim_msb_extend #(
.InWidth(KeyWidth),
.OutWidth(MaxWidth)
) u_owner_seed (
.in_i(owner_seed_i),
.out_o(owner_seed_padded)
);
prim_msb_extend #(
.InWidth(DevIdWidth),
.OutWidth(MaxWidth)
) u_devid (
.in_i(devid_i),
.out_o(devid_padded)
);
prim_msb_extend #(
.InWidth(HealthStateWidth),
.OutWidth(MaxWidth)
) u_health_state (
.in_i(health_state_i),
.out_o(health_state_padded)
);
assign creator_seed_vld_o = valid_chk(creator_seed_padded);
assign owner_seed_vld_o = valid_chk(owner_seed_padded);
assign devid_vld_o = valid_chk(devid_padded);
assign health_state_vld_o = valid_chk(health_state_padded);
// key check
logic unused_key_vld;
assign unused_key_vld = key_i.valid;
localparam int KeyShares = KmacEnMasking ? Shares : 1;
logic [KeyShares-1:0][MaxWidth-1:0] key_padded;
logic [KeyShares-1:0] key_chk;
for (genvar i = 0; i < KeyShares; i++) begin : gen_key_chk
prim_msb_extend #(
.InWidth(KeyWidth),
.OutWidth(MaxWidth)
) u_key_pad (
.in_i(key_i.key[i]),
.out_o(key_padded[i])
);
assign key_chk[i] = valid_chk(key_padded[i]);
end
assign key_vld_o = &key_chk;
// rom digest check
assign rom_digest_vld_o = rom_digest_i.valid &
valid_chk(MaxWidth'(rom_digest_i.data));
// checks for all 0's or all 1's of value
function automatic logic valid_chk (logic [MaxWidth-1:0] value);
return |value & ~&value;
endfunction // valid_chk
endmodule // keymgr_input_checks