[tlul,shim] Expand pre_dv to handle arbitrary test cases
#9
Conversation
andrea-caforio
force-pushed
the
aes-tlul-shim-nist
branch
from
59c02d4 to
6d11eae
Compare
There was a problem hiding this comment.
Thanks @andrea-caforio for your work on this, it's a big step and nice work!
I did a first review pass and have some comments. Some more background on the interaction of the c_dpi module and the TB would be appreciated. Thanks!
| write_request(AES_DATA_IN_0_OFFSET, 32'hf8aa56ed), \ | ||
| write_request(AES_DATA_IN_1_OFFSET, 32'h04672da7), \ | ||
| write_request(AES_DATA_IN_2_OFFSET, 32'h2892db9f), \ | ||
| write_request(AES_DATA_IN_3_OFFSET, 32'h2213baed), \ |
There was a problem hiding this comment.
Please note: There is a commit in my PR which will require updating this value.
For more background: the initial unmasked implementation would output the plain GHASH state. In contrast, the masked implementation always outputs the state XOR S. Upon restoring, the value provided will be again "remasked" internally using the new sharing of S. To align the masked and unmasked implementation (to simplify software and DV), I made the unmasked implementation also outputting state XOR S. S is then automatically subtracted again after restoring the state.
There was a problem hiding this comment.
This has now happened, thank you!
hw/ip/aes/pre_dv/aes_tlul_shim_tb/rtl/aes_tlul_shim_tb_c_dpi.sv
Outdated
Show resolved
Hide resolved
hw/ip/aes/pre_dv/aes_tlul_shim_tb/rtl/aes_tlul_shim_tb_c_dpi.sv
Outdated
Show resolved
Hide resolved
hw/ip/aes/pre_dv/aes_tlul_shim_tb/rtl/aes_tlul_shim_tb_c_dpi.sv
Outdated
Show resolved
Hide resolved
| key_length: AES_128, \ | ||
| key: 256'h000000000000000000000000000000003c4fcf098815f7aba6d2ae2816157e2b, \ | ||
| iv: '0, \ | ||
| msg: 512'hd45d7204712023823fade8275e780c7b880603ede3001b8823ce8e597fcdb143afbafd965a8985e79d69b90385d5d3f597ef6624f3ca9ea860367a0db47bd73a,\ |
There was a problem hiding this comment.
In an ideal world, this data could be extracted from the existing .c/.h files in the repo but I think it's okay to leave this as is.
andrea-caforio
force-pushed
the
aes-tlul-shim-nist
branch
2 times, most recently
from
1fda49d to
e683124
Compare
This commit generalizes the `pre_dv` testbench to arbitrary test cases and adds an array of tests covering both AES-GCM and its modes of operation. The process of adding/modify tests is now streamlined reducing the feedback loop. Signed-off-by: Andrea Caforio <[email protected]> Co-authored-by: Pirmin Vogel <[email protected]>
andrea-caforio
force-pushed
the
aes-tlul-shim-nist
branch
from
e683124 to
bc41aef
Compare
| // This module serves as the interface to the `c_dpi` API by instantiating the function call as a | ||
| // combinatorial block. The `c_dpi` output (data and tag) is flopped and the 32 least significant | ||
| // bits of data and tag become visible at the module's output ports in the next clock cycle. The | ||
| // flopped data and tag can be rotated by 32 positions to the right to make other bits visible. |
There was a problem hiding this comment.
Thanks @andrea-caforio for providing these comments, it makes the design a lot easier to understand :-)
There was a problem hiding this comment.
Thanks for addressing all comments @andrea-caforio , this is great!
This commit generalizes the
pre_dvtestbench to arbitrary test cases and adds an array of tests covering both AES-GCM and its modes of operation. The process of adding/modify tests is now streamlined reducing the feedback loop.