Google Git
Sign in
gem5 / amd / gem5 / 16fa8d7cc8c92f5ab879e4cf9c6c0bbb3567860f / . / src / systemc / tests / systemc / examples / aes / aes.cpp
blob: 45fc3f8690459536bc180216430dc50261a181a5 [file] [log] [blame]
#include <systemc.h>
#define USE_TABLE 1
#if DEBUG
void
Dump_R(char *s, sc_uint<8> X[4][4])
{
printf("%s R\n", s);
for(int i = 0; i < 4; i++){
printf("|");
for(int j = 0; j < 4; j++){
printf("%02x|", (int)X[i][j]);
}
printf("\n");
}
}
void
Dump_rk(char *s, sc_uint<8> X[11][4][4])
{
printf("%s rk\n", s);
for(int i = 0; i < 11; i++){
printf("%2d: ", (int)i);
for(int j = 0; j < 4; j++){
printf("|");
for(int k = 0; k < 4; k++){
printf("%02x|", (int)X[i][j][k]);
}
printf(" ");
}
printf("\n");
}
}
#endif
SC_MODULE(AES_Base)
{
SC_CTOR(AES_Base) {}
void AddRoundKey(sc_uint<8> a[4][4], const sc_uint<8> rk[4][4]);
sc_uint<8> S_Table(sc_uint<8> a);
void SchedKey(sc_uint<8> k[4][4], sc_uint<8> W[11][4][4]);
};
sc_uint<8>
AES_Base::S_Table(sc_uint<8> a)
{
sc_uint<8> t;
#if USE_TABLE
{
static sc_uint<8> S[256] = {
99, 124, 119, 123, 242, 107, 111, 197,
48, 1, 103, 43, 254, 215, 171, 118,
202, 130, 201, 125, 250, 89, 71, 240,
173, 212, 162, 175, 156, 164, 114, 192,
183, 253, 147, 38, 54, 63, 247, 204,
52, 165, 229, 241, 113, 216, 49, 21,
4, 199, 35, 195, 24, 150, 5, 154,
7, 18, 128, 226, 235, 39, 178, 117,
9, 131, 44, 26, 27, 110, 90, 160,
82, 59, 214, 179, 41, 227, 47, 132,
83, 209, 0, 237, 32, 252, 177, 91,
106, 203, 190, 57, 74, 76, 88, 207,
208, 239, 170, 251, 67, 77, 51, 133,
69, 249, 2, 127, 80, 60, 159, 168,
81, 163, 64, 143, 146, 157, 56, 245,
188, 182, 218, 33, 16, 255, 243, 210,
205, 12, 19, 236, 95, 151, 68, 23,
196, 167, 126, 61, 100, 93, 25, 115,
96, 129, 79, 220, 34, 42, 144, 136,
70, 238, 184, 20, 222, 94, 11, 219,
224, 50, 58, 10, 73, 6, 36, 92,
194, 211, 172, 98, 145, 149, 228, 121,
231, 200, 55, 109, 141, 213, 78, 169,
108, 86, 244, 234, 101, 122, 174, 8,
186, 120, 37, 46, 28, 166, 180, 198,
232, 221, 116, 31, 75, 189, 139, 138,
112, 62, 181, 102, 72, 3, 246, 14,
97, 53, 87, 185, 134, 193, 29, 158,
225, 248, 152, 17, 105, 217, 142, 148,
155, 30, 135, 233, 206, 85, 40, 223,
140, 161, 137, 13, 191, 230, 66, 104,
65, 153, 45, 15, 176, 84, 187, 22,
};
t = S[a];
}
#else
#define E(A,B) case A: t = B; break
switch(a){
E( 0, 99); E( 1,124); E( 2,119); E( 3,123); E( 4,242); E( 5,107);
E( 6,111); E( 7,197); E( 8, 48); E( 9, 1); E( 10,103); E( 11, 43);
E( 12,254); E( 13,215); E( 14,171); E( 15,118); E( 16,202); E( 17,130);
E( 18,201); E( 19,125); E( 20,250); E( 21, 89); E( 22, 71); E( 23,240);
E( 24,173); E( 25,212); E( 26,162); E( 27,175); E( 28,156); E( 29,164);
E( 30,114); E( 31,192); E( 32,183); E( 33,253); E( 34,147); E( 35, 38);
E( 36, 54); E( 37, 63); E( 38,247); E( 39,204); E( 40, 52); E( 41,165);
E( 42,229); E( 43,241); E( 44,113); E( 45,216); E( 46, 49); E( 47, 21);
E( 48, 4); E( 49,199); E( 50, 35); E( 51,195); E( 52, 24); E( 53,150);
E( 54, 5); E( 55,154); E( 56, 7); E( 57, 18); E( 58,128); E( 59,226);
E( 60,235); E( 61, 39); E( 62,178); E( 63,117); E( 64, 9); E( 65,131);
E( 66, 44); E( 67, 26); E( 68, 27); E( 69,110); E( 70, 90); E( 71,160);
E( 72, 82); E( 73, 59); E( 74,214); E( 75,179); E( 76, 41); E( 77,227);
E( 78, 47); E( 79,132); E( 80, 83); E( 81,209); E( 82, 0); E( 83,237);
E( 84, 32); E( 85,252); E( 86,177); E( 87, 91); E( 88,106); E( 89,203);
E( 90,190); E( 91, 57); E( 92, 74); E( 93, 76); E( 94, 88); E( 95,207);
E( 96,208); E( 97,239); E( 98,170); E( 99,251); E(100, 67); E(101, 77);
E(102, 51); E(103,133); E(104, 69); E(105,249); E(106, 2); E(107,127);
E(108, 80); E(109, 60); E(110,159); E(111,168); E(112, 81); E(113,163);
E(114, 64); E(115,143); E(116,146); E(117,157); E(118, 56); E(119,245);
E(120,188); E(121,182); E(122,218); E(123, 33); E(124, 16); E(125,255);
E(126,243); E(127,210); E(128,205); E(129, 12); E(130, 19); E(131,236);
E(132, 95); E(133,151); E(134, 68); E(135, 23); E(136,196); E(137,167);
E(138,126); E(139, 61); E(140,100); E(141, 93); E(142, 25); E(143,115);
E(144, 96); E(145,129); E(146, 79); E(147,220); E(148, 34); E(149, 42);
E(150,144); E(151,136); E(152, 70); E(153,238); E(154,184); E(155, 20);
E(156,222); E(157, 94); E(158, 11); E(159,219); E(160,224); E(161, 50);
E(162, 58); E(163, 10); E(164, 73); E(165, 6); E(166, 36); E(167, 92);
E(168,194); E(169,211); E(170,172); E(171, 98); E(172,145); E(173,149);
E(174,228); E(175,121); E(176,231); E(177,200); E(178, 55); E(179,109);
E(180,141); E(181,213); E(182, 78); E(183,169); E(184,108); E(185, 86);
E(186,244); E(187,234); E(188,101); E(189,122); E(190,174); E(191, 8);
E(192,186); E(193,120); E(194, 37); E(195, 46); E(196, 28); E(197,166);
E(198,180); E(199,198); E(200,232); E(201,221); E(202,116); E(203, 31);
E(204, 75); E(205,189); E(206,139); E(207,138); E(208,112); E(209, 62);
E(210,181); E(211,102); E(212, 72); E(213, 3); E(214,246); E(215, 14);
E(216, 97); E(217, 53); E(218, 87); E(219,185); E(220,134); E(221,193);
E(222, 29); E(223,158); E(224,225); E(225,248); E(226,152); E(227, 17);
E(228,105); E(229,217); E(230,142); E(231,148); E(232,155); E(233, 30);
E(234,135); E(235,233); E(236,206); E(237, 85); E(238, 40); E(239,223);
E(240,140); E(241,161); E(242,137); E(243, 13); E(244,191); E(245,230);
E(246, 66); E(247,104); E(248, 65); E(249,153); E(250, 45); E(251, 15);
E(252,176); E(253, 84); E(254,187); E(255, 22);
}
#undef E
#endif
return(t);
}
void
AES_Base::AddRoundKey(sc_uint<8> a[4][4], const sc_uint<8> rk[4][4])
{
for( sc_uint<3> i = 0; i < 4; i++){
for( sc_uint<3> j = 0; j < 4; j++){
a[i][j] = a[i][j] ^ rk[i][j];
}
}
}
void
AES_Base::SchedKey(sc_uint<8> k[4][4], sc_uint<8> W[11][4][4])
{
sc_uint<3> i, j;
sc_uint<8> tk[4][4];
sc_uint<8> tt;
sc_uint<4> t;
for(j = 0; j < 4; j++){
for(i = 0; i < 4; i++){
tk[i][j] = k[i][j];
}
}
for(j = 0; j < 4; j++){
for(i = 0; i < 4; i++){
W[0][i][j] = tk[i][j];
}
}
for( t = 1; t < 11; t++){
for(i = 0; i < 4; i++){
tk[i][0] ^= S_Table(tk[(i+1)&3][3]);
}
#if USE_TABLE
{ static sc_uint<8> rcon[11] = {
0x0, /* dummy entry to lineup with t's value */
0x01,
0x02,
0x04,
0x08,
0x10,
0x20,
0x40,
0x80,
0x1b,
0x36
};
tt = rcon[t];
}
#else
switch(t){
case 1: tt = 0x01; break; /* 0000 0001 */
case 2: tt = 0x02; break; /* 0000 0010 */
case 3: tt = 0x04; break; /* 0000 0100 */
case 4: tt = 0x08; break; /* 0000 1000 */
case 5: tt = 0x10; break; /* 0001 0000 */
case 6: tt = 0x20; break; /* 0010 0000 */
case 7: tt = 0x40; break; /* 0100 0000 */
case 8: tt = 0x80; break; /* 1000 0000 */
case 9: tt = 0x1b; break; /* 0001 1011 */
case 10: tt = 0x36; break; /* 0011 0110 */
}
#endif
tk[0][0] ^= tt;
for(j = 1; j < 4; j++){
for(i = 0; i < 4; i++){
tk[i][j] ^= tk[i][j-1];
}
}
for(j = 0; j < 4; j++){
for(i = 0; i < 4; i++){
W[t][i][j] = tk[i][j];
}
}
}
}
class AES_Decrypt : public AES_Base {
public:
SC_HAS_PROCESS(AES_Decrypt);
AES_Decrypt(sc_module_name name,
sc_clock& pCLK,
sc_signal<bool>& pRST_X,
sc_signal<bool>& pIn_req,
sc_signal<bool>& pIn_ack,
sc_signal<bool>& pIn_cmd,
sc_signal<sc_biguint<128> >& pIn_wire,
sc_signal<bool>& pOut_req,
sc_signal<bool>& pOut_ack,
sc_signal<sc_biguint<128> >& pOut_wire
) : AES_Base(name)
{
CLK(pCLK); RST_X(pRST_X);
In_req(pIn_req); In_ack(pIn_ack); In_cmd(pIn_cmd); In_wire(pIn_wire);
Out_req(pOut_req); Out_ack(pOut_ack); Out_wire(pOut_wire);
SC_CTHREAD(MainThread, this->CLK.pos());
reset_signal_is(RST_X,false);
}
sc_in_clk CLK;
sc_in<bool> RST_X;
sc_in<sc_biguint<128> > In_wire;
sc_out<bool> In_req;
sc_in<bool> In_ack;
sc_in<bool> In_cmd;
sc_out<sc_biguint<128> > Out_wire;
sc_in<bool> Out_req;
sc_out<bool> Out_ack;
#define LOAD_KEY 0
#define DECRYPT 1
sc_uint<1> cmd;
sc_uint<8> rk[11][4][4];
sc_uint<8> R[4][4];
void MainThread(void);
void Reset(void);
void Input(void);
void Output(void);
void Decrypt(void);
void InvMixColumns(sc_uint<8> a[4][4]);
void ShiftRows_Right_Rotate(sc_uint<8> a[4][4]);
void Substitution_Si(sc_uint<8> a[4][4]);
sc_uint<8> Si_Table(sc_uint<8> a);
sc_uint<8> dmul9(const sc_uint<8> B);
sc_uint<8> dmulb(const sc_uint<8> B);
sc_uint<8> dmuld(const sc_uint<8> B);
sc_uint<8> dmule(const sc_uint<8> B);
};
void
AES_Decrypt::Reset(void)
{
In_req = false;
Out_ack = false;
}
void
AES_Decrypt::Input(void)
{
sc_uint<8> t;
sc_biguint<128> t_In_wire;
(void)wait();
In_req = true;
do { wait(); } while(!In_ack);
cmd = In_cmd;
t_In_wire = In_wire.read();
/*
* no matter whether it's a decrypt
* or a key_schedule, get the input pins
* into R[][].
*/
for(int i = 0; i < 4; i++){
for(int j = 0; j < 4; j++){
for( int k = 0; k < 8; k++){
t[k] = t_In_wire[(i*4+j)*8+k];
}
R[i][j] = t;
}
}
In_req = false;
//Dump_R("AES_Descrypt::Input R", R);
}
void
AES_Decrypt::Output(void)
{
sc_uint<8> t;
sc_biguint<128> t_Out_wire;
do { (void)wait(); } while(!Out_req);
/*
* if it's a decrypt, drive R[][] onto output pins
*/
if( cmd == DECRYPT){
for(int i = 0; i < 4; i++){
for(int j = 0; j < 4; j++){
t = R[i][j];
for( int k = 0; k < 8; k++){
t_Out_wire[(i*4+j)*8+k] = t[k];
}
}
}
Out_wire.write(t_Out_wire);
//Dump_R("AES_Descrypt::Output R", R);
}
Out_ack = true;
(void)wait();
Out_ack = false;
}
void
AES_Decrypt::MainThread(void)
{
(void)Reset();
{
while(!RST_X)
(void)wait();
}
for(;;){
(void)Input();
if( cmd == LOAD_KEY ){
/*
* take R[][] and expand
* it into rk[][][]
*/
(void)SchedKey(R, rk);
(void)wait(3);
//Dump_rk("AES_Descrypt::MainThread rk", rk);
} else {
/*
* take R[][] and rk[][][]
* and decrypt the data inplace
* into R[][]
*/
(void)Decrypt();
(void)wait(12);
(void)Output();
}
}
}
void
AES_Decrypt::Decrypt(void)
{
(void)AddRoundKey(R,rk[10]);
//Dump_R("10: AES_Decrypt::AddRoundKey", R);
(void)Substitution_Si(R);
//printf("%d: ", 10); Dump_R("AES_Decrypt::Substitution_Si", R);
(void)ShiftRows_Right_Rotate(R);
//printf("%d: ", 10); Dump_R("AES_Decrypt::ShiftRows_Right_Rotate", R);
for(sc_uint<4> i = 9; i > 0; i--){
(void)AddRoundKey(R, rk[i]);
//printf("%d: ", (int)i); Dump_R("AES_Decrypt::AddRoundKey", R);
(void)InvMixColumns(R);
//printf("%d: ", (int)i); Dump_R("AES_Decrypt::InvMixColums", R);
(void)Substitution_Si(R);
//printf("%d: ", (int)i); Dump_R("AES_Decrypt::Substitution_Si", R);
(void)ShiftRows_Right_Rotate(R);
//printf("%d: ", (int)i); Dump_R("AES_Decrypt::ShiftRows_Right_Rotate", R);
}
(void)AddRoundKey(R, rk[0]);
//Dump_R("0: AES_Decrypt::AddRoundKey", R);
}
sc_uint<8>
AES_Decrypt::Si_Table(sc_uint<8> a)
{
sc_uint<8> t;
#if USE_TABLE
{
static sc_uint<8> Si[256] = {
82, 9, 106, 213, 48, 54, 165, 56,
191, 64, 163, 158, 129, 243, 215, 251,
124, 227, 57, 130, 155, 47, 255, 135,
52, 142, 67, 68, 196, 222, 233, 203,
84, 123, 148, 50, 166, 194, 35, 61,
238, 76, 149, 11, 66, 250, 195, 78,
8, 46, 161, 102, 40, 217, 36, 178,
118, 91, 162, 73, 109, 139, 209, 37,
114, 248, 246, 100, 134, 104, 152, 22,
212, 164, 92, 204, 93, 101, 182, 146,
108, 112, 72, 80, 253, 237, 185, 218,
94, 21, 70, 87, 167, 141, 157, 132,
144, 216, 171, 0, 140, 188, 211, 10,
247, 228, 88, 5, 184, 179, 69, 6,
208, 44, 30, 143, 202, 63, 15, 2,
193, 175, 189, 3, 1, 19, 138, 107,
58, 145, 17, 65, 79, 103, 220, 234,
151, 242, 207, 206, 240, 180, 230, 115,
150, 172, 116, 34, 231, 173, 53, 133,
226, 249, 55, 232, 28, 117, 223, 110,
71, 241, 26, 113, 29, 41, 197, 137,
111, 183, 98, 14, 170, 24, 190, 27,
252, 86, 62, 75, 198, 210, 121, 32,
154, 219, 192, 254, 120, 205, 90, 244,
31, 221, 168, 51, 136, 7, 199, 49,
177, 18, 16, 89, 39, 128, 236, 95,
96, 81, 127, 169, 25, 181, 74, 13,
45, 229, 122, 159, 147, 201, 156, 239,
160, 224, 59, 77, 174, 42, 245, 176,
200, 235, 187, 60, 131, 83, 153, 97,
23, 43, 4, 126, 186, 119, 214, 38,
225, 105, 20, 99, 85, 33, 12, 125,
};
t = Si[a];
}
#else
#define E(A,B) case A: t = B; break
switch(a){
E( 0, 82); E( 1, 9); E( 2,106); E( 3,213); E( 4, 48); E( 5, 54);
E( 6,165); E( 7, 56); E( 8,191); E( 9, 64); E( 10,163); E( 11,158);
E( 12,129); E( 13,243); E( 14,215); E( 15,251); E( 16,124); E( 17,227);
E( 18, 57); E( 19,130); E( 20,155); E( 21, 47); E( 22,255); E( 23,135);
E( 24, 52); E( 25,142); E( 26, 67); E( 27, 68); E( 28,196); E( 29,222);
E( 30,233); E( 31,203); E( 32, 84); E( 33,123); E( 34,148); E( 35, 50);
E( 36,166); E( 37,194); E( 38, 35); E( 39, 61); E( 40,238); E( 41, 76);
E( 42,149); E( 43, 11); E( 44, 66); E( 45,250); E( 46,195); E( 47, 78);
E( 48, 8); E( 49, 46); E( 50,161); E( 51,102); E( 52, 40); E( 53,217);
E( 54, 36); E( 55,178); E( 56,118); E( 57, 91); E( 58,162); E( 59, 73);
E( 60,109); E( 61,139); E( 62,209); E( 63, 37); E( 64,114); E( 65,248);
E( 66,246); E( 67,100); E( 68,134); E( 69,104); E( 70,152); E( 71, 22);
E( 72,212); E( 73,164); E( 74, 92); E( 75,204); E( 76, 93); E( 77,101);
E( 78,182); E( 79,146); E( 80,108); E( 81,112); E( 82, 72); E( 83, 80);
E( 84,253); E( 85,237); E( 86,185); E( 87,218); E( 88, 94); E( 89, 21);
E( 90, 70); E( 91, 87); E( 92,167); E( 93,141); E( 94,157); E( 95,132);
E( 96,144); E( 97,216); E( 98,171); E( 99, 0); E(100,140); E(101,188);
E(102,211); E(103, 10); E(104,247); E(105,228); E(106, 88); E(107, 5);
E(108,184); E(109,179); E(110, 69); E(111, 6); E(112,208); E(113, 44);
E(114, 30); E(115,143); E(116,202); E(117, 63); E(118, 15); E(119, 2);
E(120,193); E(121,175); E(122,189); E(123, 3); E(124, 1); E(125, 19);
E(126,138); E(127,107); E(128, 58); E(129,145); E(130, 17); E(131, 65);
E(132, 79); E(133,103); E(134,220); E(135,234); E(136,151); E(137,242);
E(138,207); E(139,206); E(140,240); E(141,180); E(142,230); E(143,115);
E(144,150); E(145,172); E(146,116); E(147, 34); E(148,231); E(149,173);
E(150, 53); E(151,133); E(152,226); E(153,249); E(154, 55); E(155,232);
E(156, 28); E(157,117); E(158,223); E(159,110); E(160, 71); E(161,241);
E(162, 26); E(163,113); E(164, 29); E(165, 41); E(166,197); E(167,137);
E(168,111); E(169,183); E(170, 98); E(171, 14); E(172,170); E(173, 24);
E(174,190); E(175, 27); E(176,252); E(177, 86); E(178, 62); E(179, 75);
E(180,198); E(181,210); E(182,121); E(183, 32); E(184,154); E(185,219);
E(186,192); E(187,254); E(188,120); E(189,205); E(190, 90); E(191,244);
E(192, 31); E(193,221); E(194,168); E(195, 51); E(196,136); E(197, 7);
E(198,199); E(199, 49); E(200,177); E(201, 18); E(202, 16); E(203, 89);
E(204, 39); E(205,128); E(206,236); E(207, 95); E(208, 96); E(209, 81);
E(210,127); E(211,169); E(212, 25); E(213,181); E(214, 74); E(215, 13);
E(216, 45); E(217,229); E(218,122); E(219,159); E(220,147); E(221,201);
E(222,156); E(223,239); E(224,160); E(225,224); E(226, 59); E(227, 77);
E(228,174); E(229, 42); E(230,245); E(231,176); E(232,200); E(233,235);
E(234,187); E(235, 60); E(236,131); E(237, 83); E(238,153); E(239, 97);
E(240, 23); E(241, 43); E(242, 4); E(243,126); E(244,186); E(245,119);
E(246,214); E(247, 38); E(248,225); E(249,105); E(250, 20); E(251, 99);
E(252, 85); E(253, 33); E(254, 12); E(255,125);
}
#undef E
#endif
return(t);
}
void
AES_Decrypt::Substitution_Si(sc_uint<8> a[4][4])
{
for(sc_uint<3> j = 0; j < 4; j++){
for( sc_uint<3> i = 0; i < 4; i++){
a[i][j] = Si_Table(a[i][j]);
}
}
}
/*
* this routine does a rotate right
* on each row. the first is rotated 0,
* ie, nothing is done. the second row
* is roatated by 1, the third row by 2
* and the finally row by 3.
* ie:
*
* row0 row1 row2 row3
* 0123 0123 0123 0123
* |||| |||| |||| ||||
* 0123 3012 2301 1230
*
* this is equivalent to ShiftRows(1,...)
* code in the reference C code. it
* has been expanded to get rid of the
* shifts[][][] array used at run time.
*/
void
AES_Decrypt::ShiftRows_Right_Rotate(sc_uint<8> a[4][4])
{
sc_uint<8> t;
t = a[1][3];
a[1][3] = a[1][2];
a[1][2] = a[1][1];
a[1][1] = a[1][0];
a[1][0] = t;
t = a[2][0];
a[2][0] = a[2][2];
a[2][2] = t;
t = a[2][1];
a[2][1] = a[2][3];
a[2][3] = t;
t = a[3][0];
a[3][0] = a[3][1];
a[3][1] = a[3][2];
a[3][2] = a[3][3];
a[3][3] = t;
}
void
AES_Decrypt::InvMixColumns(sc_uint<8> a[4][4])
{
sc_uint<8> t[4][4];
for(sc_uint<3> j = 0; j < 4; j++){
for( sc_uint<3> i = 0; i < 4; i++){
t[i][j] = dmule(a[i][j])
^ dmulb(a[(i + 1) & 3][j])
^ dmuld(a[(i + 2) & 3][j])
^ dmul9(a[(i + 3) & 3][j]);
}
}
for(sc_uint<3> j = 0; j < 4; j++){
for( sc_uint<3> i = 0; i < 4; i++){
a[i][j] = t[i][j];
}
}
}
sc_uint<8>
AES_Decrypt::dmul9(const sc_uint<8> B)
{
sc_uint<8> O;
O[0] = B[5] ^B[0];
O[1] = B[5]^B[6] ^B[1];
O[2] = B[6]^B[7] ^B[2];
O[3] = B[0]^B[7]^B[5]^B[3];
O[4] = B[1]^B[6]^B[5]^B[4];
O[5] = B[7]^B[2]^B[6]^B[5];
O[6] = B[7]^B[3] ^B[6];
O[7] = B[4] ^B[7];
return(O);
}
sc_uint<8>
AES_Decrypt::dmulb(const sc_uint<8> B)
{
sc_uint<8> O;
O[0] = B[5] ^B[7] ^B[0];
O[1] = B[5]^B[6] ^B[0]^B[7] ^B[1];
O[2] = B[6]^B[7] ^B[1] ^B[2];
O[3] = B[0]^B[5] ^B[2] ^B[3];
O[4] = B[1]^B[6]^B[5] ^B[3]^B[7] ^B[4];
O[5] = B[7]^B[2]^B[6] ^B[4] ^B[5];
O[6] = B[7]^B[3] ^B[5] ^B[6];
O[7] = B[4] ^B[6] ^B[7];
return(O);
}
sc_uint<8>
AES_Decrypt::dmuld(const sc_uint<8> B)
{
sc_uint<8> O;
O[0] = B[5] ^B[6] ^B[0];
O[1] = B[5] ^B[7] ^B[1];
O[2] = B[6] ^B[0] ^B[2];
O[3] = B[0]^B[7]^B[5] ^B[1]^B[6] ^B[3];
O[4] = B[1]^B[5] ^B[2]^B[7] ^B[4];
O[5] = B[2]^B[6] ^B[3] ^B[5];
O[6] = B[7]^B[3] ^B[4] ^B[6];
O[7] = B[4] ^B[5] ^B[7];
return(O);
}
sc_uint<8>
AES_Decrypt::dmule(const sc_uint<8> B)
{
sc_uint<8> O;
O[0] = B[5] ^B[6] ^B[7];
O[1] = B[5] ^B[7] ^B[0]^B[7];
O[2] = B[6] ^B[0] ^B[1];
O[3] = B[0]^B[7]^B[5] ^B[1]^B[6] ^B[2]^B[7];
O[4] = B[1]^B[5] ^B[2]^B[7] ^B[3]^B[7];
O[5] = B[2]^B[6] ^B[3] ^B[4];
O[6] = B[7]^B[3] ^B[4] ^B[5];
O[7] = B[4] ^B[5] ^B[6];
return(O);
}
class AES_Encrypt : public AES_Base {
public:
SC_HAS_PROCESS(AES_Encrypt);
AES_Encrypt(sc_module_name name,
sc_clock& pCLK,
sc_signal<bool>& pRST_X,
sc_signal<bool>& pIn_req,
sc_signal<bool>& pIn_ack,
sc_signal<bool>& pIn_cmd,
sc_signal<sc_biguint<128> >& pIn_wire,
sc_signal<bool>& pOut_req,
sc_signal<bool>& pOut_ack,
sc_signal<sc_biguint<128> >& pOut_wire
) : AES_Base(name)
{
CLK(pCLK); RST_X(pRST_X);
In_req(pIn_req); In_ack(pIn_ack); In_cmd(pIn_cmd); In_wire(pIn_wire);
Out_req(pOut_req); Out_ack(pOut_ack); Out_wire(pOut_wire);
SC_CTHREAD(MainThread, this->CLK.pos());
reset_signal_is(RST_X,false);
}
sc_in_clk CLK;
sc_in<bool> RST_X;
sc_in<sc_biguint<128> > In_wire;
sc_out<bool> In_req;
sc_in<bool> In_ack;
sc_in<bool> In_cmd;
sc_out<sc_biguint<128> > Out_wire;
sc_in<bool> Out_req;
sc_out<bool> Out_ack;
#define LOAD_KEY 0
#define ENCRYPT 1
sc_uint<1> cmd;
sc_uint<8> rk[11][4][4];
sc_uint<8> R[4][4];
void MainThread(void);
void Reset(void);
void Input(void);
void Output(void);
void Encrypt(void);
void MixColumns(sc_uint<8> a[4][4]);
void ShiftRows_Left_Rotate(sc_uint<8> a[4][4]);
void Substitution_S(sc_uint<8> a[4][4]);
sc_uint<8> dmul2(const sc_uint<8> B);
sc_uint<8> dmul3(const sc_uint<8> B);
};
void
AES_Encrypt::Reset(void)
{
In_req = false;
Out_ack = false;
}
void
AES_Encrypt::Input(void)
{
sc_biguint<128> t_In_wire;
sc_uint<8> t;
(void)wait();
In_req = true;
do { wait(); } while(!In_ack);
cmd = In_cmd;
t_In_wire = In_wire.read();
/*
* no matter whether it's a decrypt
* or a key_schedule, get the input pins
* into R[][].
*/
for(int i = 0; i < 4; i++){
for(int j = 0; j < 4; j++){
for( int k = 0; k < 8; k++){
t[k] = t_In_wire[(i*4+j)*8+k];
}
R[i][j] = t;
}
}
In_req = false;
//Dump_R("AES_Encrypt::Input R", R);
}
void
AES_Encrypt::Output(void)
{
sc_biguint<128> t_Out_wire;
sc_uint<8> t;
do { (void)wait(); } while(!Out_req);
/*
* if it's a encrypt, drive R[][] onto output pins
*/
if( cmd == ENCRYPT){
for(int i = 0; i < 4; i++){
for(int j = 0; j < 4; j++){
t = R[i][j];
for( int k = 0; k < 8; k++){
t_Out_wire[(i*4+j)*8+k] = t[k];
}
}
}
(void)Out_wire.write(t_Out_wire);
//Dump_R("AES_Encrypt::Output R", R);
}
Out_ack = true;
wait();
Out_ack = false;
}
void
AES_Encrypt::MainThread(void)
{
(void)Reset();
{
while(!RST_X)
(void)wait();
}
for(;;){
(void)Input();
if( cmd == LOAD_KEY){
/*
* take R[][] and expand
* it into rk[][][]
*/
(void)SchedKey(R, rk);
(void)wait(3);
//Dump_rk("AES_Encrypt::MainThread rk", rk);
} else {
/*
* take R[][] and rk[][][]
* and encrypt the data inplace
* into R[][]
*/
(void)Encrypt();
(void)wait(12);
(void)Output();
}
}
}
void
AES_Encrypt::Encrypt(void)
{
(void)AddRoundKey(R, rk[0]);
//Dump_R("0: AES_Encrypt::AddRoundKey", R);
for(sc_uint<4> i = 1; i < 10; i++){
(void)Substitution_S(R);
//printf("%d: ", (int)i); Dump_R("AES_Encrypt::Substitution_S", R);
(void)ShiftRows_Left_Rotate(R);
//printf("%d: ", (int)i); Dump_R("AES_Encrypt::ShiftRows_Left_Rotate", R);
(void)MixColumns(R);
//printf("%d: ", (int)i); Dump_R("AES_Encrypt::MixColums", R);
(void)AddRoundKey(R, rk[i]);
//printf("%d: ", (int)i); Dump_R("AES_Encrypt::AddRoundKey", R);
}
(void)Substitution_S(R);
//printf("%d: ", 10); Dump_R("AES_Encrypt::Substitution_S", R);
(void)ShiftRows_Left_Rotate(R);
//printf("%d: ", 10); Dump_R("AES_Encrypt::ShiftRows_Left_Rotate", R);
(void)AddRoundKey(R,rk[10]);
//printf("%d: ", 10); Dump_R("AES_Encrypt::AddRoundKey", R);
}
void
AES_Encrypt::Substitution_S(sc_uint<8> a[4][4])
{
for(sc_uint<3> j = 0; j < 4; j++){
for( sc_uint<3> i = 0; i < 4; i++){
a[i][j] = S_Table(a[i][j]);
}
}
}
/*
* this routine does a rotate left
* on each row. the first is rotated 0,
* ie, nothing is done. the second row
* is roatated by 1, the third row by 2
* and the finally row by 3.
* ie:
*
* row0 row1 row2 row3
* 0123 0123 0123 0123
* |||| |||| |||| ||||
* 0123 1230 2301 3012
*
* this is equivalent to ShiftRows(0,...)
* code in the reference C code. it
* has been expanded to get rid of the
* shifts[][][] array used at run time.
*/
void
AES_Encrypt::ShiftRows_Left_Rotate(sc_uint<8> a[4][4])
{
sc_uint<8> t;
t = a[1][0];
a[1][0] = a[1][1];
a[1][1] = a[1][2];
a[1][2] = a[1][3];
a[1][3] = t;
t = a[2][0];
a[2][0] = a[2][2];
a[2][2] = t;
t = a[2][1];
a[2][1] = a[2][3];
a[2][3] = t;
t = a[3][3];
a[3][3] = a[3][2];
a[3][2] = a[3][1];
a[3][1] = a[3][0];
a[3][0] = t;
}
void
AES_Encrypt::MixColumns(sc_uint<8> a[4][4])
{
sc_uint<8> t[4][4];
for(sc_uint<3> j = 0; j < 4; j++){
for( sc_uint<3> i = 0; i < 4; i++){
t[i][j] = dmul2(a[i][j])
^ dmul3(a[(i + 1) & 3][j])
^ a[(i + 2) & 3][j]
^ a[(i + 3) & 3][j];
}
}
for(sc_uint<3> j = 0; j < 4; j++){
for( sc_uint<3> i = 0; i < 4; i++){
a[i][j] = t[i][j];
}
}
}
sc_uint<8>
AES_Encrypt::dmul2(const sc_uint<8> B)
{
sc_uint<8> O;
O[0] = B[7];
O[1] = B[0]^B[7];
O[2] = B[1];
O[3] = B[2]^B[7];
O[4] = B[3]^B[7];
O[5] = B[4];
O[6] = B[5];
O[7] = B[6];
return(O);
}
sc_uint<8>
AES_Encrypt::dmul3(const sc_uint<8> B)
{
sc_uint<8> O;
O[0] = B[7] ^B[0];
O[1] = B[0]^B[7]^B[1];
O[2] = B[1] ^B[2];
O[3] = B[2]^B[7]^B[3];
O[4] = B[3]^B[7]^B[4];
O[5] = B[4] ^B[5];
O[6] = B[5] ^B[6];
O[7] = B[6] ^B[7];
return(O);
}
#define TESTBENCH 1
#if TESTBENCH
sc_biguint<128>
str2biguint(char *s)
{
static sc_biguint<128> a;
char str[16];
int i, c;
for(i = 0; i < 16 && *s != '\0'; i++, s++)
str[i] = *s;
while( i < 16)
str[i++] = ' ';
for(i = 0; i < 16; i++){
c = str[i];
a[(i*8)+0] = (c&1);
a[(i*8)+1] = ((c>>1)&1);
a[(i*8)+2] = ((c>>2)&1);
a[(i*8)+3] = ((c>>3)&1);
a[(i*8)+4] = ((c>>4)&1);
a[(i*8)+5] = ((c>>5)&1);
a[(i*8)+6] = ((c>>6)&1);
a[(i*8)+7] = ((c>>7)&1);
}
return(a);
}
char *
biguint2str(sc_biguint<128> a)
{
static char str[17];
int i;
char c;
str[16] = '\0';
for( i = 0; i < 128; i += 8){
c = 0;
c |= a[i+0] ? 1 : 0;
c |= a[i+1] ? 1<<1 : 0;
c |= a[i+2] ? 1<<2 : 0;
c |= a[i+3] ? 1<<3 : 0;
c |= a[i+4] ? 1<<4 : 0;
c |= a[i+5] ? 1<<5 : 0;
c |= a[i+6] ? 1<<6 : 0;
c |= a[i+7] ? 1<<7 : 0;
str[i/8] = c;
}
return(&str[0]);
}
sc_biguint<128>
makekey(char *keyMaterial)
{
int i, j, t, k;
sc_uint<8> R[4][4];
sc_uint<8> tt;
sc_biguint<128> key;
for(i = 0; i < 128/8; i++) {
t = keyMaterial[2*i];
if ((t >= '0') && (t <= '9')) j = (t - '0') << 4;
else if ((t >= 'a') && (t <= 'f')) j = (t - 'a' + 10) << 4;
else if ((t >= 'A') && (t <= 'F')) j = (t - 'A' + 10) << 4;
else abort();
t = keyMaterial[2*i+1];
if ((t >= '0') && (t <= '9')) j ^= (t - '0');
else if ((t >= 'a') && (t <= 'f')) j ^= (t - 'a' + 10);
else if ((t >= 'A') && (t <= 'F')) j ^= (t - 'A' + 10);
else abort();
R[i % 4][i / 4] = j;
}
for(i = 0; i < 4; i++){
for(j = 0; j < 4; j++){
tt = R[i][j];
for(k = 0; k < 8; k++){
key[(i*4+j)*8+k] = tt[k];
}
}
}
return(key);
}
int
sc_main(int argc, char *argv[])
{
sc_clock clock;
sc_signal<bool> reset;
sc_signal<bool> D_In_req;
sc_signal<bool> D_In_ack;
sc_signal<bool> D_In_cmd;
sc_signal<bool> D_Out_req;
sc_signal<bool> D_Out_ack;
sc_signal<sc_biguint<128> > D_In_wire;
sc_signal<sc_biguint<128> > D_Out_wire;
sc_signal<bool> E_In_req;
sc_signal<bool> E_In_ack;
sc_signal<bool> E_In_cmd;
sc_signal<bool> E_Out_req;
sc_signal<bool> E_Out_ack;
sc_signal<sc_biguint<128> > E_In_wire;
sc_signal<sc_biguint<128> > E_Out_wire;
sc_biguint<128> key;
sc_biguint<128> t;
char *s;
char key_string[33] = "deadbeef0123456776543210beefdead";
char in[17] = "abcdefghijklmnop";
char *out;
bool err;
int i;
AES_Encrypt E("AES_Encrypt",
clock,
reset,
E_In_req,
E_In_ack,
E_In_cmd,
E_In_wire,
E_Out_req,
E_Out_ack,
E_Out_wire);
AES_Decrypt D("AES_Decrypt",
clock,
reset,
D_In_req,
D_In_ack,
D_In_cmd,
D_In_wire,
D_Out_req,
D_Out_ack,
D_Out_wire);
key = makekey(key_string);
reset = 0;
sc_start(2, SC_NS);
reset = 1;
sc_start(2, SC_NS);
while( !E_In_req) sc_start(1, SC_NS);
E_In_cmd = LOAD_KEY;
E_In_ack = 1;
E_In_wire = key;
do { sc_start(1, SC_NS); E_In_ack = 0; } while( !E_In_req);
while( !D_In_req) sc_start(1, SC_NS);
D_In_cmd = LOAD_KEY;
D_In_ack = 1;
D_In_wire = key;
do { sc_start(1, SC_NS); D_In_ack = 0; } while( !D_In_req);
while( !E_In_req) sc_start(1, SC_NS);
E_Out_req = 1;
E_In_cmd = ENCRYPT;
E_In_ack = 1;
E_In_wire = str2biguint((char*)"abcdefghijklmnop");
do { sc_start(1, SC_NS); E_In_ack = 0; } while(!E_Out_ack);
E_Out_req = 0;
sc_start(1, SC_NS);
while( !D_In_req) sc_start(1, SC_NS);
D_Out_req = 1;
D_In_cmd = DECRYPT;
D_In_ack = 1;
D_In_wire = E_Out_wire;
do { sc_start(1, SC_NS); D_In_ack = 0; } while(!D_Out_ack);
out = biguint2str(D_Out_wire);
D_Out_req = 0;
sc_start(1, SC_NS);
err = false;
for(i = 0; i < 16; i++){
if( in[i] != out[i]){
err = true;
break;
}
}
if( err){
cout << "mismatch error at index " << i << endl;
cout << "key:" << key_string << " in:" << in
<< " out:" << out << endl;
} else {
cout << "program complete" << endl;
}
return(0);
}
#endif