[aes] Introduce parameters to replace literals related to reg clearing
Signed-off-by: Pirmin Vogel <vogelpi@lowrisc.org>
diff --git a/hw/ip/aes/rtl/aes_cipher_core.sv b/hw/ip/aes/rtl/aes_cipher_core.sv
index e7ad8aa..8d0221b 100644
--- a/hw/ip/aes/rtl/aes_cipher_core.sv
+++ b/hw/ip/aes/rtl/aes_cipher_core.sv
@@ -225,12 +225,13 @@
logic prd_masking_rsd_req;
logic prd_masking_rsd_ack;
- // Generate clearing signals of appropriate widths.
+ // Generate clearing signals of appropriate widths. If masking is enabled, the two shares of
+ // the registers must be cleared with different pseudo-random data.
for (genvar s = 0; s < NumShares; s++) begin : gen_prd_clearing_shares
- for (genvar c = 0; c < 2; c++) begin : gen_prd_clearing_128
+ for (genvar c = 0; c < NumChunksPRDClearing128; c++) begin : gen_prd_clearing_128
assign prd_clearing_128[s][c * WidthPRDClearing +: WidthPRDClearing] = prd_clearing_i[s];
end
- for (genvar c = 0; c < 4; c++) begin : gen_prd_clearing_256
+ for (genvar c = 0; c < NumChunksPRDClearing256; c++) begin : gen_prd_clearing_256
assign prd_clearing_256[s][c * WidthPRDClearing +: WidthPRDClearing] = prd_clearing_i[s];
end
end
diff --git a/hw/ip/aes/rtl/aes_control.sv b/hw/ip/aes/rtl/aes_control.sv
index 8737010..366b995 100644
--- a/hw/ip/aes/rtl/aes_control.sv
+++ b/hw/ip/aes/rtl/aes_control.sv
@@ -34,7 +34,7 @@
output logic alert_o,
// I/O register read/write enables
- input logic [7:0] key_init_qe_i [2],
+ input logic [7:0] key_init_qe_i [NumSharesKey],
input logic [3:0] iv_qe_i,
input logic [3:0] data_in_qe_i,
input logic [3:0] data_out_re_i,
@@ -71,7 +71,7 @@
// Initial key registers
output key_init_sel_e key_init_sel_o,
- output sp2v_e [7:0] key_init_we_o [2],
+ output sp2v_e [7:0] key_init_we_o [NumSharesKey],
// IV registers
output iv_sel_e iv_sel_o,
@@ -347,7 +347,7 @@
if (idle_o) begin
// Initial key and IV updates are ignored if we are not idle.
- for (int s = 0; s < 2; s++) begin
+ for (int s = 0; s < NumSharesKey; s++) begin
for (int i = 0; i < 8; i++) begin
key_init_we_o[s][i] = key_init_qe_i[s][i] ? SP2V_HIGH : SP2V_LOW;
end
@@ -624,8 +624,8 @@
// We only use clean initial keys. Either software/counter has updated
// - all initial key registers, or
// - none of the initial key registers but the registers were updated in the past.
- logic [7:0] key_init_we [2];
- for (genvar s = 0; s < 2; s++) begin : gen_status_key_init_we_shares
+ logic [7:0] key_init_we [NumSharesKey];
+ for (genvar s = 0; s < NumSharesKey; s++) begin : gen_status_key_init_we_shares
for (genvar i = 0; i < 8; i++) begin : gen_status_key_init_we
assign key_init_we[s][i] = (key_init_we_o[s][i] == SP2V_HIGH);
end
diff --git a/hw/ip/aes/rtl/aes_core.sv b/hw/ip/aes/rtl/aes_core.sv
index 68058c5..4e21d3e 100644
--- a/hw/ip/aes/rtl/aes_core.sv
+++ b/hw/ip/aes/rtl/aes_core.sv
@@ -86,13 +86,13 @@
logic [3:0][3:0][7:0] state_done [NumShares];
logic [3:0][3:0][7:0] state_out;
- logic [7:0][31:0] key_init [2];
- logic [7:0] key_init_qe [2];
- logic [7:0][31:0] key_init_d [2];
- logic [7:0][31:0] key_init_q [2];
+ logic [7:0][31:0] key_init [NumSharesKey];
+ logic [7:0] key_init_qe [NumSharesKey];
+ logic [7:0][31:0] key_init_d [NumSharesKey];
+ logic [7:0][31:0] key_init_q [NumSharesKey];
logic [7:0][31:0] key_init_cipher [NumShares];
- sp2v_e [7:0] key_init_we_ctrl [2];
- sp2v_e [7:0] key_init_we [2];
+ sp2v_e [7:0] key_init_we_ctrl [NumSharesKey];
+ sp2v_e [7:0] key_init_we [NumSharesKey];
logic [KeyInitSelWidth-1:0] key_init_sel_raw;
key_init_sel_e key_init_sel_ctrl;
key_init_sel_e key_init_sel;
@@ -156,13 +156,13 @@
// Pseudo-random data for clearing purposes
logic [WidthPRDClearing-1:0] cipher_prd_clearing [NumShares];
- logic [WidthPRDClearing-1:0] prd_clearing [2];
+ logic [WidthPRDClearing-1:0] prd_clearing [NumSharesKey];
logic prd_clearing_upd_req;
logic prd_clearing_upd_ack;
logic prd_clearing_rsd_req;
logic prd_clearing_rsd_ack;
logic [127:0] prd_clearing_128;
- logic [255:0] prd_clearing_256 [2];
+ logic [255:0] prd_clearing_256 [NumSharesKey];
// Unused signals
logic [3:0][31:0] unused_data_out_q;
@@ -192,11 +192,13 @@
);
// Generate clearing signals of appropriate widths.
- for (genvar c = 0; c < 2; c++) begin : gen_prd_clearing_128
+ for (genvar c = 0; c < NumChunksPRDClearing128; c++) begin : gen_prd_clearing_128
assign prd_clearing_128[c * WidthPRDClearing +: WidthPRDClearing] = prd_clearing[0];
end
- for (genvar s = 0; s < 2; s++) begin : gen_prd_clearing_256_shares
- for (genvar c = 0; c < 4; c++) begin : gen_prd_clearing_256
+ // The initial key is always provided in two shares. The two shares of the initial key register
+ // need to be cleared with different pseudo-random data.
+ for (genvar s = 0; s < NumSharesKey; s++) begin : gen_prd_clearing_256_shares
+ for (genvar c = 0; c < NumChunksPRDClearing256; c++) begin : gen_prd_clearing_256
assign prd_clearing_256[s][c * WidthPRDClearing +: WidthPRDClearing] = prd_clearing[s];
end
end
@@ -253,7 +255,7 @@
if (!rst_ni) begin
key_init_q <= '{default: '0};
end else begin
- for (int s = 0; s < 2; s++) begin
+ for (int s = 0; s < NumSharesKey; s++) begin
for (int i = 0; i < 8; i++) begin
if (key_init_we[s][i] == SP2V_HIGH) begin
key_init_q[s][i] <= key_init_d[s][i];
@@ -731,7 +733,7 @@
logic [NumSp2VSig-1:0][Sp2VWidth-1:0] sp2v_sig_chk_raw;
logic [NumSp2VSig-1:0] sp2v_sig_err;
- for (genvar s = 0; s < 2; s++) begin : gen_use_key_init_we_ctrl_shares
+ for (genvar s = 0; s < NumSharesKey; s++) begin : gen_use_key_init_we_ctrl_shares
for (genvar i = 0; i < 8; i++) begin : gen_use_key_init_we_ctrl
assign sp2v_sig[s*8+i] = key_init_we_ctrl[s][i];
end
@@ -757,7 +759,7 @@
assign sp2v_sig_chk[i] = sp2v_e'(sp2v_sig_chk_raw[i]);
end
- for (genvar s = 0; s < 2; s++) begin : gen_key_init_we_shares
+ for (genvar s = 0; s < NumSharesKey; s++) begin : gen_key_init_we_shares
for (genvar i = 0; i < 8; i++) begin : gen_key_init_we
assign key_init_we[s][i] = sp2v_sig_chk[s*8+i];
end
diff --git a/hw/ip/aes/rtl/aes_pkg.sv b/hw/ip/aes/rtl/aes_pkg.sv
index 2a2ce08..3e13b7b 100644
--- a/hw/ip/aes/rtl/aes_pkg.sv
+++ b/hw/ip/aes/rtl/aes_pkg.sv
@@ -6,8 +6,16 @@
package aes_pkg;
-// Widths of signals carrying pseudo-random data for clearing and masking and purposes
+// The initial key is always provided in two shares, independently whether the cipher core is
+// masked or not.
+parameter int unsigned NumSharesKey = 2;
+
+// Widths of signals carrying pseudo-random data for clearing
parameter int unsigned WidthPRDClearing = 64;
+parameter int unsigned NumChunksPRDClearing128 = 128/WidthPRDClearing;
+parameter int unsigned NumChunksPRDClearing256 = 256/WidthPRDClearing;
+
+// Widths of signals carrying pseudo-random data for masking
parameter int unsigned WidthPRDSBox = 8; // Number PRD bits per S-Box. This includes the
// 8 bits for the output mask when using any of the
// masked Canright S-Box implementations.
@@ -196,7 +204,7 @@
// Minimum Hamming distance: 3
// Maximum Hamming distance: 5
//
-localparam int Mux6SelWidth = 6;
+parameter int Mux6SelWidth = 6;
typedef enum logic [Mux6SelWidth-1:0] {
MUX6_SEL_0 = 6'b011101,
MUX6_SEL_1 = 6'b110000,
diff --git a/hw/ip/aes/rtl/aes_prng_clearing.sv b/hw/ip/aes/rtl/aes_prng_clearing.sv
index 6186dbc..2f4fc51 100644
--- a/hw/ip/aes/rtl/aes_prng_clearing.sv
+++ b/hw/ip/aes/rtl/aes_prng_clearing.sv
@@ -29,7 +29,7 @@
// Connections to AES internals, PRNG consumers
input logic data_req_i,
output logic data_ack_o,
- output logic [Width-1:0] data_o [2],
+ output logic [Width-1:0] data_o [NumSharesKey],
input logic reseed_req_i,
output logic reseed_ack_o,
