Skip to content

Commit

Permalink
[aes/pre_dv/aes_tb] Adapt for GCM support
Browse files Browse the repository at this point in the history
Signed-off-by: Pirmin Vogel <[email protected]>
  • Loading branch information
vogelpi committed Oct 31, 2024
1 parent 538236a commit cd40367
Show file tree
Hide file tree
Showing 7 changed files with 935 additions and 38 deletions.
2 changes: 1 addition & 1 deletion hw/ip/aes/model/crypto.h
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ typedef enum crypto_mode {
kCryptoAesOfb = 1 << 3,
kCryptoAesCtr = 1 << 4,
kCryptoAesGcm = 1 << 5,
kCryptoAesNone = 1 << 6
kCryptoAesNone = 0x3f
} crypto_mode_t;

/**
Expand Down
63 changes: 35 additions & 28 deletions hw/ip/aes/pre_dv/aes_tb/cpp/aes_model_checker.cc
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ AESModelChecker::AESModelChecker(Vaes_sim *rtl)
: rtl_(rtl), state_model_{0}, state_rtl_{0} {
state_model_.op = false;
state_model_.mode = kCryptoAesEcb;
state_model_.gcm_text = false;
state_model_.cipher_op = false;
state_model_.key_expand_op = false;
state_model_.key_len = 16;
Expand All @@ -25,6 +26,7 @@ AESModelChecker::AESModelChecker(Vaes_sim *rtl)
state_model_.rcon = 0;
state_rtl_.op = false;
state_rtl_.mode = kCryptoAesEcb;
state_rtl_.gcm_text = false;
state_rtl_.cipher_op = false;
state_rtl_.key_expand_op = false;
state_rtl_.key_len = 16;
Expand Down Expand Up @@ -206,33 +208,35 @@ int AESModelChecker::Compare() {
}

// call OpenSSL/BoringSSL to verify
unsigned char crypto_input[16];
unsigned char crypto_output[16];
unsigned char iv[16];
memset(iv, 0, 16);
CopyBlock(crypto_input, state_model_.data_in);
if (state_model_.mode != kCryptoAesEcb) {
CopyBlock(iv, state_model_.iv);
}
if (!state_model_.cipher_op) {
crypto_encrypt(crypto_output, iv, crypto_input, 16,
state_model_.key_init, state_model_.key_len,
state_model_.mode);
} else {
crypto_decrypt(crypto_output, iv, crypto_input, 16,
state_model_.key_init, state_model_.key_len,
state_model_.mode);
}
status = CompareBlock(crypto_output, state_rtl_.data_out, 16);
if (status) {
printf("ERROR: mismatch between OpenSSL/BoringSSL and RTL:\n");
printf("Output RTL\t\t\t");
aes_print_block(&state_rtl_.data_out[0], 16);
printf("Output OpenSSL/BoringSSL\t");
aes_print_block(&crypto_output[0], 16);
return status;
} else {
printf("SUCCESS: OpenSSL/BoringSSL matches RTL\n");
if (state_model_.mode != kCryptoAesGcm) {
unsigned char crypto_input[16];
unsigned char crypto_output[16];
unsigned char iv[16];
memset(iv, 0, 16);
CopyBlock(crypto_input, state_model_.data_in);
if (state_model_.mode != kCryptoAesEcb) {
CopyBlock(iv, state_model_.iv);
}
if (!state_model_.cipher_op) {
crypto_encrypt(crypto_output, iv, crypto_input, 16,
state_model_.key_init, state_model_.key_len,
state_model_.mode, NULL, 0, NULL, 0);
} else {
crypto_decrypt(crypto_output, iv, crypto_input, 16,
state_model_.key_init, state_model_.key_len,
state_model_.mode, NULL, 0, NULL, 0);
}
status = CompareBlock(crypto_output, state_rtl_.data_out, 16);
if (status) {
printf("ERROR: mismatch between OpenSSL/BoringSSL and RTL:\n");
printf("Output RTL\t\t\t");
aes_print_block(&state_rtl_.data_out[0], 16);
printf("Output OpenSSL/BoringSSL\t");
aes_print_block(&crypto_output[0], 16);
return status;
} else {
printf("SUCCESS: OpenSSL/BoringSSL matches RTL\n");
}
}
}
} // op
Expand All @@ -246,6 +250,7 @@ void AESModelChecker::UpdateModel() {
// start
state_model_.op = state_rtl_.op;
state_model_.mode = state_rtl_.mode;
state_model_.gcm_text = state_rtl_.gcm_text;
state_model_.cipher_op = state_rtl_.cipher_op;
state_model_.key_expand_op = state_rtl_.key_expand_op;
state_model_.key_len = state_rtl_.key_len;
Expand Down Expand Up @@ -296,7 +301,8 @@ void AESModelChecker::UpdateModel() {
CopyBlock(state_model_.data_out, state_model_.state_d);
if (state_model_.mode == kCryptoAesCtr ||
state_model_.mode == kCryptoAesCfb ||
state_model_.mode == kCryptoAesOfb) {
state_model_.mode == kCryptoAesOfb ||
(state_model_.mode == kCryptoAesGcm && state_model_.gcm_text)) {
// add the actual data input
aes_add_round_key(state_model_.data_out, state_model_.data_in);
}
Expand Down Expand Up @@ -362,6 +368,7 @@ void AESModelChecker::GetInitRoundKey() {
void AESModelChecker::MonitorSignals() {
state_rtl_.op = rtl_->rootp->aes_sim__DOT__op;
state_rtl_.mode = (crypto_mode_t)rtl_->rootp->aes_sim__DOT__mode;
state_rtl_.gcm_text = rtl_->rootp->aes_sim__DOT__gcm_text;;
state_rtl_.cipher_op = rtl_->rootp->aes_sim__DOT__cipher_op;
state_rtl_.key_expand_op = rtl_->rootp->aes_sim__DOT__key_expand_op;

Expand Down
1 change: 1 addition & 0 deletions hw/ip/aes/pre_dv/aes_tb/cpp/aes_model_checker.h
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ struct AESState {
public:
bool op;
crypto_mode_t mode;
bool gcm_text;
bool cipher_op;
bool key_expand_op;
int key_len;
Expand Down
2 changes: 1 addition & 1 deletion hw/ip/aes/pre_dv/aes_tb/cpp/aes_tlul_interface.cc
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@

#include "aes_tlul_interface.h"

#define SEQ 2
#define SEQ 1

#if (SEQ == 2)
#include "aes_tlul_sequence_modes.h"
Expand Down
Loading

0 comments on commit cd40367

Please sign in to comment.