Google Git
Sign in
opensecura / 3p / lowrisc / opentitan / 5a668a31d2fe32769d317a3d90178dea76196447 / . / hw / ip / aes / rtl / aes_sub_bytes.sv
blob: 1ac51ddb895d2256f1549cc266b99bdd7acffff2 [file] [log] [blame]
Pirmin Vogel06cad692019-09-17 11:49:13 +0100[diff] [blame]1// Copyright lowRISC contributors.
2// Licensed under the Apache License, Version 2.0, see LICENSE for details.
3// SPDX-License-Identifier: Apache-2.0
4//
5// AES SubBytes
6
Pirmin Vogel4a6b06b2020-07-20 15:54:49 +0200[diff] [blame]7module aes_sub_bytes import aes_pkg::*;
8#(
9 parameter sbox_impl_e SBoxImpl = SBoxImplLut
Pirmin Vogelb7c706c2019-12-20 17:58:21 +0100[diff] [blame]10) (
Pirmin Vogelb7b43702020-12-08 15:16:14 +0100[diff] [blame]11 input logic clk_i,
12 input logic rst_ni,
Pirmin Vogele9fd2bf2021-02-12 10:58:05 +0100[diff] [blame]13 input sp2v_e en_i,
14 output sp2v_e out_req_o,
15 input sp2v_e out_ack_i,
Pirmin Vogel92e9ebb2020-11-11 15:39:16 +0100[diff] [blame]16 input ciph_op_e op_i,
17 input logic [3:0][3:0][7:0] data_i,
Pirmin Vogelf3196332020-12-17 11:24:29 +0100[diff] [blame]18 input logic [3:0][3:0][7:0] mask_i,
19 input logic [3:0][3:0][WidthPRDSBox-1:0] prd_i,
20 output logic [3:0][3:0][7:0] data_o,
Pirmin Vogele9fd2bf2021-02-12 10:58:05 +0100[diff] [blame]21 output logic [3:0][3:0][7:0] mask_o,
22 output logic err_o
Pirmin Vogel06cad692019-09-17 11:49:13 +0100[diff] [blame]23);
24
Pirmin Vogele9fd2bf2021-02-12 10:58:05 +0100[diff] [blame]25 sp2v_e en;
26 logic en_err;
Pirmin Vogelb7b43702020-12-08 15:16:14 +0100[diff] [blame]27 logic [3:0][3:0] out_req;
Pirmin Vogele9fd2bf2021-02-12 10:58:05 +0100[diff] [blame]28 sp2v_e out_ack;
29 logic out_ack_err;
Pirmin Vogelb7b43702020-12-08 15:16:14 +0100[diff] [blame]30
Pirmin Vogel8acd2862021-12-20 10:25:04 +0100[diff] [blame]31 // Every DOM S-Box instance consumes 28 bits of randomness but itself produces 20 bits for use in
32 // another S-Box instance. For other S-Box implementations, only the bits corresponding to prd_i
33 // are used. Other bits are ignored and tied to 0.
34 logic [3:0][3:0][WidthPRDSBox+19:0] in_prd;
35 logic [3:0][3:0] [19:0] out_prd;
36
Pirmin Vogele9fd2bf2021-02-12 10:58:05 +0100[diff] [blame]37 // Check sparsely encoded signals.
38 logic [Sp2VWidth-1:0] en_raw;
39 aes_sel_buf_chk #(
40 .Num ( Sp2VNum ),
41 .Width ( Sp2VWidth )
42 ) u_aes_sb_en_buf_chk (
43 .clk_i ( clk_i ),
44 .rst_ni ( rst_ni ),
45 .sel_i ( en_i ),
46 .sel_o ( en_raw ),
47 .err_o ( en_err )
48 );
49 assign en = sp2v_e'(en_raw);
50
51 logic [Sp2VWidth-1:0] out_ack_raw;
52 aes_sel_buf_chk #(
53 .Num ( Sp2VNum ),
54 .Width ( Sp2VWidth )
55 ) u_aes_sb_out_ack_buf_chk (
56 .clk_i ( clk_i ),
57 .rst_ni ( rst_ni ),
58 .sel_i ( out_ack_i ),
59 .sel_o ( out_ack_raw ),
60 .err_o ( out_ack_err )
61 );
62 assign out_ack = sp2v_e'(out_ack_raw);
Pirmin Vogelb7b43702020-12-08 15:16:14 +0100[diff] [blame]63
64 // Individually substitute bytes.
Pirmin Vogelb192e6b2019-10-15 13:33:17 +0100[diff] [blame]65 for (genvar j = 0; j < 4; j++) begin : gen_sbox_j
66 for (genvar i = 0; i < 4; i++) begin : gen_sbox_i
Pirmin Vogel8acd2862021-12-20 10:25:04 +0100[diff] [blame]67
68 // Rotate the randomness produced by the S-Boxes over the columns but not across rows as
69 // MixColumns will operate across rows. The LSBs are taken from the masking PRNG (prd_i)
70 // whereas the MSBs are produced by the other S-Box instances.
71 assign in_prd[i][j] = (j == 0) ? {out_prd[i][3], prd_i[i][j]} :
72 {out_prd[i][j-1], prd_i[i][j]};
73
Pirmin Vogelb7c706c2019-12-20 17:58:21 +0100[diff] [blame]74 aes_sbox #(
75 .SBoxImpl ( SBoxImpl )
Pirmin Vogel4a6b06b2020-07-20 15:54:49 +0200[diff] [blame]76 ) u_aes_sbox_ij (
Pirmin Vogele9fd2bf2021-02-12 10:58:05 +0100[diff] [blame]77 .clk_i ( clk_i ),
78 .rst_ni ( rst_ni ),
79 .en_i ( en == SP2V_HIGH ),
80 .out_req_o ( out_req[i][j] ),
81 .out_ack_i ( out_ack == SP2V_HIGH ),
82 .op_i ( op_i ),
83 .data_i ( data_i[i][j] ),
84 .mask_i ( mask_i[i][j] ),
Pirmin Vogel8acd2862021-12-20 10:25:04 +0100[diff] [blame]85 .prd_i ( in_prd[i][j] ),
Pirmin Vogele9fd2bf2021-02-12 10:58:05 +0100[diff] [blame]86 .data_o ( data_o[i][j] ),
Pirmin Vogel8acd2862021-12-20 10:25:04 +0100[diff] [blame]87 .mask_o ( mask_o[i][j] ),
88 .prd_o ( out_prd[i][j] )
Pirmin Vogelb192e6b2019-10-15 13:33:17 +0100[diff] [blame]89 );
90 end
Pirmin Vogel54f882e2019-10-03 17:12:04 +0100[diff] [blame]91 end
Pirmin Vogel06cad692019-09-17 11:49:13 +0100[diff] [blame]92
Pirmin Vogele9fd2bf2021-02-12 10:58:05 +0100[diff] [blame]93 // Collect REQ signals.
94 assign out_req_o = &out_req ? SP2V_HIGH : SP2V_LOW;
95
96 // Collect encoding errors.
97 assign err_o = en_err | out_ack_err;
98
Pirmin Vogel06cad692019-09-17 11:49:13 +0100[diff] [blame]99endmodule