Skip to content

Commit

Permalink
updated ECDH (#583)
Browse files Browse the repository at this point in the history 
* updated ECC rdl to keep backward compatibility

* MICROSOFT AUTOMATED PIPELINE: Stamp 'mojtabab-msft-ecdh-reg' with updated timestamp and hash after successful run

---------

Co-authored-by: Mojtaba Bisheh Niasar <[email protected]>
  • Loading branch information
@mojtaba-bisheh
mojtaba-bisheh and Mojtaba Bisheh Niasar authored Sep 5, 2024
1 parent 9402e0c commit 5d5f32e
Show file tree
Hide file tree
Showing 11 changed files with 177 additions and 126 deletions.
2 changes: 1 addition & 1 deletion .github/workflow_metadata/pr_hash
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
e0a04a4e5783f4d92cda3bf8038ad5867d6ee7edb5bb8018db6c11b9171ad45284eeb77d114732c920fd48d834139395
8d77579899d273d139ab694b86e53b0ea7190c82c0657fe7662bdf277082b8ebebc199ba4e6716749af22f1cf0f22413
2 changes: 1 addition & 1 deletion .github/workflow_metadata/pr_timestamp
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
1724776472
1725477264
3 changes: 2 additions & 1 deletion src/ecc/rtl/ecc_dsa_ctrl.sv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -317,7 +317,7 @@ module ecc_dsa_ctrl
// read the registers written by sw
always_comb begin
//Mask the command if KV clients are not idle
cmd_reg = hwif_out.ECC_CTRL.CTRL.value & {3{kv_seed_ready}} & {3{kv_privkey_ready}};
cmd_reg = {hwif_out.ECC_CTRL.DH_SHAREDKEY.value, hwif_out.ECC_CTRL.CTRL.value} & {3{kv_seed_ready}} & {3{kv_privkey_ready}};
zeroize_reg = hwif_out.ECC_CTRL.ZEROIZE.value || debugUnlock_or_scan_mode_switch;

sca_point_rnd_en = 1'b1;
Expand Down Expand Up @@ -477,6 +477,7 @@ module ecc_dsa_ctrl


always_comb hwif_in.ECC_CTRL.CTRL.hwclr = |cmd_reg;
always_comb hwif_in.ECC_CTRL.DH_SHAREDKEY.hwclr = |cmd_reg;
always_comb hwif_in.ECC_CTRL.PCR_SIGN.hwclr = hwif_out.ECC_CTRL.PCR_SIGN.value;

// TODO add other interrupt hwset signals (errors)
Expand Down
16 changes: 8 additions & 8 deletions src/ecc/rtl/ecc_reg.rdl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,16 +71,16 @@ addrmap ecc_reg {
default hw = r;
default resetsignal = reset_b;
field {desc = "Control command field: This can be:
[br] 000 for NONE
[br] 001 for KEYGEN
[br] 010 for SIGNING
[br] 011 for VERIFYING
[br] 100 for ECDH SHARED KEY
[br] After each software write, hardware will erase the register"; swwe = ecc_ready; hwclr;} CTRL[3] = 3'b0;
[br] 00 for NONE
[br] 01 for KEYGEN
[br] 10 for SIGNING
[br] 11 for VERIFYING
[br] After each software write, hardware will erase the register"; swwe = ecc_ready; hwclr;} CTRL[2] = 2'b0;
field {desc = "Zeroize all internal registers: Zeroize all internal registers after ECC process, to avoid SCA leakage.
[br] Software write generates only a single-cycle pulse on the
hardware interface and then will be erased"; singlepulse;} ZEROIZE = 1'b0;
field {desc = "Run PCR Signing flow: Run ECC Signing flow to sign PCRs."; swwe = ecc_ready; hwclr;} PCR_SIGN = 1'b0;
field {desc = "Run ECDH for shared key generation."; swwe = ecc_ready; hwclr;} DH_SHAREDKEY = 1'b0;

} ECC_CTRL @0x00000010;

Expand Down Expand Up @@ -323,9 +323,9 @@ addrmap ecc_reg {
default resetsignal = reset_b;
field {desc = "DH Shared Key field"; hwclr;} DH_SHARED_KEY[32] = 32'b0;

} ECC_DH_SHARED_KEY[12] @0x00000600;
} ECC_DH_SHARED_KEY[12] @0x000005C0;

kv_read_ctrl_reg ecc_kv_rd_pkey_ctrl @0x00000700;
kv_read_ctrl_reg ecc_kv_rd_pkey_ctrl @0x00000600;
kv_status_reg ecc_kv_rd_pkey_status;
kv_read_ctrl_reg ecc_kv_rd_seed_ctrl;
kv_status_reg ecc_kv_rd_seed_status;
Expand Down
61 changes: 46 additions & 15 deletions src/ecc/rtl/ecc_reg.sv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,14 +153,14 @@ module ecc_reg (
decoded_reg_strb.ECC_PRIVKEY_IN[i0] = cpuif_req_masked & (cpuif_addr == 12'h580 + i0*12'h4);
end
for(int i0=0; i0<12; i0++) begin
decoded_reg_strb.ECC_DH_SHARED_KEY[i0] = cpuif_req_masked & (cpuif_addr == 12'h600 + i0*12'h4);
end
decoded_reg_strb.ecc_kv_rd_pkey_ctrl = cpuif_req_masked & (cpuif_addr == 12'h700);
decoded_reg_strb.ecc_kv_rd_pkey_status = cpuif_req_masked & (cpuif_addr == 12'h704);
decoded_reg_strb.ecc_kv_rd_seed_ctrl = cpuif_req_masked & (cpuif_addr == 12'h708);
decoded_reg_strb.ecc_kv_rd_seed_status = cpuif_req_masked & (cpuif_addr == 12'h70c);
decoded_reg_strb.ecc_kv_wr_pkey_ctrl = cpuif_req_masked & (cpuif_addr == 12'h710);
decoded_reg_strb.ecc_kv_wr_pkey_status = cpuif_req_masked & (cpuif_addr == 12'h714);
decoded_reg_strb.ECC_DH_SHARED_KEY[i0] = cpuif_req_masked & (cpuif_addr == 12'h5c0 + i0*12'h4);
end
decoded_reg_strb.ecc_kv_rd_pkey_ctrl = cpuif_req_masked & (cpuif_addr == 12'h600);
decoded_reg_strb.ecc_kv_rd_pkey_status = cpuif_req_masked & (cpuif_addr == 12'h604);
decoded_reg_strb.ecc_kv_rd_seed_ctrl = cpuif_req_masked & (cpuif_addr == 12'h608);
decoded_reg_strb.ecc_kv_rd_seed_status = cpuif_req_masked & (cpuif_addr == 12'h60c);
decoded_reg_strb.ecc_kv_wr_pkey_ctrl = cpuif_req_masked & (cpuif_addr == 12'h610);
decoded_reg_strb.ecc_kv_wr_pkey_status = cpuif_req_masked & (cpuif_addr == 12'h614);
decoded_reg_strb.intr_block_rf.global_intr_en_r = cpuif_req_masked & (cpuif_addr == 12'h800);
decoded_reg_strb.intr_block_rf.error_intr_en_r = cpuif_req_masked & (cpuif_addr == 12'h804);
decoded_reg_strb.intr_block_rf.notif_intr_en_r = cpuif_req_masked & (cpuif_addr == 12'h808);
Expand Down Expand Up @@ -188,7 +188,7 @@ module ecc_reg (
typedef struct packed{
struct packed{
struct packed{
logic [2:0] next;
logic [1:0] next;
logic load_next;
} CTRL;
struct packed{
Expand All @@ -199,6 +199,10 @@ module ecc_reg (
logic next;
logic load_next;
} PCR_SIGN;
struct packed{
logic next;
logic load_next;
} DH_SHAREDKEY;
} ECC_CTRL;
struct packed{
struct packed{
Expand Down Expand Up @@ -458,14 +462,17 @@ module ecc_reg (
typedef struct packed{
struct packed{
struct packed{
logic [2:0] value;
logic [1:0] value;
} CTRL;
struct packed{
logic value;
} ZEROIZE;
struct packed{
logic value;
} PCR_SIGN;
struct packed{
logic value;
} DH_SHAREDKEY;
} ECC_CTRL;
struct packed{
struct packed{
Expand Down Expand Up @@ -671,12 +678,12 @@ module ecc_reg (

// Field: ecc_reg.ECC_CTRL.CTRL
always_comb begin
automatic logic [2:0] next_c;
automatic logic [1:0] next_c;
automatic logic load_next_c;
next_c = field_storage.ECC_CTRL.CTRL.value;
load_next_c = '0;
if(decoded_reg_strb.ECC_CTRL && decoded_req_is_wr && hwif_in.ecc_ready) begin // SW write
next_c = (field_storage.ECC_CTRL.CTRL.value & ~decoded_wr_biten[2:0]) | (decoded_wr_data[2:0] & decoded_wr_biten[2:0]);
next_c = (field_storage.ECC_CTRL.CTRL.value & ~decoded_wr_biten[1:0]) | (decoded_wr_data[1:0] & decoded_wr_biten[1:0]);
load_next_c = '1;
end else if(hwif_in.ECC_CTRL.CTRL.hwclr) begin // HW Clear
next_c = '0;
Expand All @@ -687,7 +694,7 @@ module ecc_reg (
end
always_ff @(posedge clk or negedge hwif_in.reset_b) begin
if(~hwif_in.reset_b) begin
field_storage.ECC_CTRL.CTRL.value <= 3'h0;
field_storage.ECC_CTRL.CTRL.value <= 2'h0;
end else if(field_combo.ECC_CTRL.CTRL.load_next) begin
field_storage.ECC_CTRL.CTRL.value <= field_combo.ECC_CTRL.CTRL.next;
end
Expand All @@ -700,7 +707,7 @@ module ecc_reg (
next_c = field_storage.ECC_CTRL.ZEROIZE.value;
load_next_c = '0;
if(decoded_reg_strb.ECC_CTRL && decoded_req_is_wr) begin // SW write
next_c = (field_storage.ECC_CTRL.ZEROIZE.value & ~decoded_wr_biten[3:3]) | (decoded_wr_data[3:3] & decoded_wr_biten[3:3]);
next_c = (field_storage.ECC_CTRL.ZEROIZE.value & ~decoded_wr_biten[2:2]) | (decoded_wr_data[2:2] & decoded_wr_biten[2:2]);
load_next_c = '1;
end else begin // singlepulse clears back to 0
next_c = '0;
Expand All @@ -724,7 +731,7 @@ module ecc_reg (
next_c = field_storage.ECC_CTRL.PCR_SIGN.value;
load_next_c = '0;
if(decoded_reg_strb.ECC_CTRL && decoded_req_is_wr && hwif_in.ecc_ready) begin // SW write
next_c = (field_storage.ECC_CTRL.PCR_SIGN.value & ~decoded_wr_biten[4:4]) | (decoded_wr_data[4:4] & decoded_wr_biten[4:4]);
next_c = (field_storage.ECC_CTRL.PCR_SIGN.value & ~decoded_wr_biten[3:3]) | (decoded_wr_data[3:3] & decoded_wr_biten[3:3]);
load_next_c = '1;
end else if(hwif_in.ECC_CTRL.PCR_SIGN.hwclr) begin // HW Clear
next_c = '0;
Expand All @@ -741,6 +748,30 @@ module ecc_reg (
end
end
assign hwif_out.ECC_CTRL.PCR_SIGN.value = field_storage.ECC_CTRL.PCR_SIGN.value;
// Field: ecc_reg.ECC_CTRL.DH_SHAREDKEY
always_comb begin
automatic logic [0:0] next_c;
automatic logic load_next_c;
next_c = field_storage.ECC_CTRL.DH_SHAREDKEY.value;
load_next_c = '0;
if(decoded_reg_strb.ECC_CTRL && decoded_req_is_wr && hwif_in.ecc_ready) begin // SW write
next_c = (field_storage.ECC_CTRL.DH_SHAREDKEY.value & ~decoded_wr_biten[4:4]) | (decoded_wr_data[4:4] & decoded_wr_biten[4:4]);
load_next_c = '1;
end else if(hwif_in.ECC_CTRL.DH_SHAREDKEY.hwclr) begin // HW Clear
next_c = '0;
load_next_c = '1;
end
field_combo.ECC_CTRL.DH_SHAREDKEY.next = next_c;
field_combo.ECC_CTRL.DH_SHAREDKEY.load_next = load_next_c;
end
always_ff @(posedge clk or negedge hwif_in.reset_b) begin
if(~hwif_in.reset_b) begin
field_storage.ECC_CTRL.DH_SHAREDKEY.value <= 1'h0;
end else if(field_combo.ECC_CTRL.DH_SHAREDKEY.load_next) begin
field_storage.ECC_CTRL.DH_SHAREDKEY.value <= field_combo.ECC_CTRL.DH_SHAREDKEY.next;
end
end
assign hwif_out.ECC_CTRL.DH_SHAREDKEY.value = field_storage.ECC_CTRL.DH_SHAREDKEY.value;
for(genvar i0=0; i0<12; i0++) begin
// Field: ecc_reg.ECC_SEED[].SEED
always_comb begin
Expand Down
12 changes: 11 additions & 1 deletion src/ecc/rtl/ecc_reg_pkg.sv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,9 +30,14 @@ package ecc_reg_pkg;
logic hwclr;
} ecc_reg__ECC_CTRL__PCR_SIGN__in_t;

typedef struct packed{
logic hwclr;
} ecc_reg__ECC_CTRL__DH_SHAREDKEY__in_t;

typedef struct packed{
ecc_reg__ECC_CTRL__CTRL__in_t CTRL;
ecc_reg__ECC_CTRL__PCR_SIGN__in_t PCR_SIGN;
ecc_reg__ECC_CTRL__DH_SHAREDKEY__in_t DH_SHAREDKEY;
} ecc_reg__ECC_CTRL__in_t;

typedef struct packed{
Expand Down Expand Up @@ -252,7 +257,7 @@ package ecc_reg_pkg;
} ecc_reg__in_t;

typedef struct packed{
logic [2:0] value;
logic [1:0] value;
} ecc_reg__ECC_CTRL__CTRL__out_t;

typedef struct packed{
Expand All @@ -263,10 +268,15 @@ package ecc_reg_pkg;
logic value;
} ecc_reg__ECC_CTRL__PCR_SIGN__out_t;

typedef struct packed{
logic value;
} ecc_reg__ECC_CTRL__DH_SHAREDKEY__out_t;

typedef struct packed{
ecc_reg__ECC_CTRL__CTRL__out_t CTRL;
ecc_reg__ECC_CTRL__ZEROIZE__out_t ZEROIZE;
ecc_reg__ECC_CTRL__PCR_SIGN__out_t PCR_SIGN;
ecc_reg__ECC_CTRL__DH_SHAREDKEY__out_t DH_SHAREDKEY;
} ecc_reg__ECC_CTRL__out_t;

typedef struct packed{
Expand Down
27 changes: 16 additions & 11 deletions src/ecc/rtl/ecc_reg_uvm.sv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,13 +70,15 @@ package ecc_reg_uvm;
protected uvm_reg_data_t m_data;
protected bit m_is_read;

ecc_reg__ECC_CTRL_bit_cg CTRL_bit_cg[3];
ecc_reg__ECC_CTRL_bit_cg CTRL_bit_cg[2];
ecc_reg__ECC_CTRL_bit_cg ZEROIZE_bit_cg[1];
ecc_reg__ECC_CTRL_bit_cg PCR_SIGN_bit_cg[1];
ecc_reg__ECC_CTRL_bit_cg DH_SHAREDKEY_bit_cg[1];
ecc_reg__ECC_CTRL_fld_cg fld_cg;
rand uvm_reg_field CTRL;
rand uvm_reg_field ZEROIZE;
rand uvm_reg_field PCR_SIGN;
rand uvm_reg_field DH_SHAREDKEY;

function new(string name = "ecc_reg__ECC_CTRL");
super.new(name, 32, build_coverage(UVM_CVR_ALL));
Expand All @@ -89,15 +91,18 @@ package ecc_reg_uvm;

virtual function void build();
this.CTRL = new("CTRL");
this.CTRL.configure(this, 3, 0, "WO", 1, 'h0, 1, 1, 0);
this.CTRL.configure(this, 2, 0, "WO", 1, 'h0, 1, 1, 0);
this.ZEROIZE = new("ZEROIZE");
this.ZEROIZE.configure(this, 1, 3, "WO", 0, 'h0, 1, 1, 0);
this.ZEROIZE.configure(this, 1, 2, "WO", 0, 'h0, 1, 1, 0);
this.PCR_SIGN = new("PCR_SIGN");
this.PCR_SIGN.configure(this, 1, 4, "WO", 1, 'h0, 1, 1, 0);
this.PCR_SIGN.configure(this, 1, 3, "WO", 1, 'h0, 1, 1, 0);
this.DH_SHAREDKEY = new("DH_SHAREDKEY");
this.DH_SHAREDKEY.configure(this, 1, 4, "WO", 1, 'h0, 1, 1, 0);
if (has_coverage(UVM_CVR_REG_BITS)) begin
foreach(CTRL_bit_cg[bt]) CTRL_bit_cg[bt] = new();
foreach(ZEROIZE_bit_cg[bt]) ZEROIZE_bit_cg[bt] = new();
foreach(PCR_SIGN_bit_cg[bt]) PCR_SIGN_bit_cg[bt] = new();
foreach(DH_SHAREDKEY_bit_cg[bt]) DH_SHAREDKEY_bit_cg[bt] = new();
end
if (has_coverage(UVM_CVR_FIELD_VALS))
fld_cg = new();
Expand Down Expand Up @@ -1272,38 +1277,38 @@ package ecc_reg_uvm;
this.ECC_DH_SHARED_KEY[i0].configure(this);

this.ECC_DH_SHARED_KEY[i0].build();
this.default_map.add_reg(this.ECC_DH_SHARED_KEY[i0], 'h600 + i0*'h4);
this.default_map.add_reg(this.ECC_DH_SHARED_KEY[i0], 'h5c0 + i0*'h4);
end
this.ecc_kv_rd_pkey_ctrl = new("ecc_kv_rd_pkey_ctrl");
this.ecc_kv_rd_pkey_ctrl.configure(this);

this.ecc_kv_rd_pkey_ctrl.build();
this.default_map.add_reg(this.ecc_kv_rd_pkey_ctrl, 'h700);
this.default_map.add_reg(this.ecc_kv_rd_pkey_ctrl, 'h600);
this.ecc_kv_rd_pkey_status = new("ecc_kv_rd_pkey_status");
this.ecc_kv_rd_pkey_status.configure(this);

this.ecc_kv_rd_pkey_status.build();
this.default_map.add_reg(this.ecc_kv_rd_pkey_status, 'h704);
this.default_map.add_reg(this.ecc_kv_rd_pkey_status, 'h604);
this.ecc_kv_rd_seed_ctrl = new("ecc_kv_rd_seed_ctrl");
this.ecc_kv_rd_seed_ctrl.configure(this);

this.ecc_kv_rd_seed_ctrl.build();
this.default_map.add_reg(this.ecc_kv_rd_seed_ctrl, 'h708);
this.default_map.add_reg(this.ecc_kv_rd_seed_ctrl, 'h608);
this.ecc_kv_rd_seed_status = new("ecc_kv_rd_seed_status");
this.ecc_kv_rd_seed_status.configure(this);

this.ecc_kv_rd_seed_status.build();
this.default_map.add_reg(this.ecc_kv_rd_seed_status, 'h70c);
this.default_map.add_reg(this.ecc_kv_rd_seed_status, 'h60c);
this.ecc_kv_wr_pkey_ctrl = new("ecc_kv_wr_pkey_ctrl");
this.ecc_kv_wr_pkey_ctrl.configure(this);

this.ecc_kv_wr_pkey_ctrl.build();
this.default_map.add_reg(this.ecc_kv_wr_pkey_ctrl, 'h710);
this.default_map.add_reg(this.ecc_kv_wr_pkey_ctrl, 'h610);
this.ecc_kv_wr_pkey_status = new("ecc_kv_wr_pkey_status");
this.ecc_kv_wr_pkey_status.configure(this);

this.ecc_kv_wr_pkey_status.build();
this.default_map.add_reg(this.ecc_kv_wr_pkey_status, 'h714);
this.default_map.add_reg(this.ecc_kv_wr_pkey_status, 'h614);
this.intr_block_rf = new("intr_block_rf");
this.intr_block_rf.configure(this);
this.intr_block_rf.build();
Expand Down
10 changes: 5 additions & 5 deletions src/ecc/tb/ecc_top_tb.sv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,10 +34,10 @@ module ecc_top_tb
string ecc_test_vector_file; // Input test vector file
string ecc_test_to_run; // ECC tests - default, ECC_normal_test, ECC_otf_reset_test

localparam ECC_CMD_KEYGEN = 3'b001;
localparam ECC_CMD_SIGNING = 3'b010;
localparam ECC_CMD_VERIFYING = 3'b011;
localparam ECC_CMD_DH_SHARED = 3'b100;
localparam ECC_CMD_KEYGEN = 2'b01;
localparam ECC_CMD_SIGNING = 2'b10;
localparam ECC_CMD_VERIFYING = 2'b11;
localparam ECC_CMD_DH_SHARED = (1 << `ECC_REG_ECC_CTRL_DH_SHAREDKEY_LOW);

parameter R_WIDTH = 384;
typedef bit [R_WIDTH-1:0] r_t;
Expand Down Expand Up @@ -449,7 +449,7 @@ module ecc_top_tb
//
// Write the given word to the DUT using the DUT interface.
//----------------------------------------------------------------
task trig_ECC(input [3 : 0] cmd);
task trig_ECC(input [31 : 0] cmd);
begin
write_single_word(`ECC_REG_ECC_CTRL, cmd);
#(CLK_PERIOD);
Expand Down
Loading

0 comments on commit 5d5f32e

Please sign in to comment.