Browse Source

Use co-sim with openSSL to check AES enc VHDL implementation

T. Meissner 1 month ago
parent
commit
0a7ed338d6
4 changed files with 253 additions and 34 deletions
  1. 6
    0
      README.md
  2. 31
    7
      aes/sim/vhdl/Makefile
  3. 150
    0
      aes/sim/vhdl/tb_aes.c
  4. 66
    27
      aes/sim/vhdl/tb_aes.vhd

+ 6
- 0
README.md View File

@@ -5,3 +5,9 @@ The components in this repository are not intended for productional code.
5 5
 They serve as proof of concept, for example how to implement a pipeline using
6 6
 only (local) variables instead of (global) signals. Furthermore they were used
7 7
 how to do a VHDL-to-Verilog conversion for learning purposes.
8
+
9
+*HINT:*
10
+
11
+The tests of some algorithms use the OSVVM library, which is redistributed as
12
+submodule. To get & initialize the submodule, please use the `--recursive` option
13
+when cloning this repository.

+ 31
- 7
aes/sim/vhdl/Makefile View File

@@ -24,8 +24,10 @@ RTL_SRC := \
24 24
   ../../rtl/vhdl/aes_enc.vhd \
25 25
   ../../rtl/vhdl/aes_dec.vhd
26 26
 
27
-SIM_SRC := \
28
-  tb_aes.vhd
27
+SIM_SRC   := tb_aes.vhd
28
+C_SRC     := tb_aes.c
29
+OSVVM_SRC := ../../../lib/OSVVM
30
+VHD_STD   := 08
29 31
 
30 32
 
31 33
 .PHONY: sim
@@ -36,13 +38,34 @@ sim: tb_aes.ghw
36 38
 compile: tb_aes
37 39
 
38 40
 
39
-work:
40
-	mkdir work
41
+osvvm work:
42
+	mkdir $@
41 43
 
42 44
 
43
-tb_aes: ${RTL_SRC} ${SIM_SRC} | work
44
-	ghdl -a --std=08 -fpsl --workdir=work ${RTL_SRC} ${SIM_SRC}
45
-	ghdl -e --std=08 -fpsl --workdir=work $@
45
+osvvm/OsvvmContext.o: $(OSVVM_SRC)/*.vhd | osvvm
46
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/NamePkg.vhd
47
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/OsvvmGlobalPkg.vhd
48
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/VendorCovApiPkg.vhd
49
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/TranscriptPkg.vhd
50
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/TextUtilPkg.vhd
51
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/AlertLogPkg.vhd
52
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/MessagePkg.vhd
53
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/SortListPkg_int.vhd
54
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/RandomBasePkg.vhd
55
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/RandomPkg.vhd
56
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/CoveragePkg.vhd
57
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/MemoryPkg.vhd
58
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/ScoreboardGenericPkg.vhd
59
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/ScoreboardPkg_slv.vhd
60
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/ScoreboardPkg_int.vhd
61
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/ResolutionPkg.vhd
62
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/TbUtilPkg.vhd
63
+	ghdl -a --std=$(VHD_STD) -Wno-hide --work=osvvm --workdir=osvvm $(OSVVM_SRC)/OsvvmContext.vhd
64
+
65
+
66
+tb_aes: ${RTL_SRC} ${SIM_SRC} ${C_SRC} osvvm/OsvvmContext.o | work
67
+	ghdl -a --std=$(VHD_STD) -fpsl --workdir=work -P=osvvm ${RTL_SRC} ${SIM_SRC}
68
+	ghdl -e --std=$(VHD_STD) -fpsl --workdir=work -P=osvvm -Wl,-lcrypto -Wl,-lssl -Wl,tb_aes.c $@
46 69
 
47 70
 
48 71
 tb_aes.ghw: tb_aes
@@ -63,4 +86,5 @@ clean:
63 86
 	rm -f *.o
64 87
 	rm -f *.json
65 88
 	rm -rf work/
89
+	rm -rf osvvm/
66 90
 

+ 150
- 0
aes/sim/vhdl/tb_aes.c View File

@@ -0,0 +1,150 @@
1
+#include <stdio.h>
2
+#include <string.h>
3
+#include <openssl/conf.h>
4
+#include <openssl/evp.h>
5
+#include <openssl/err.h>
6
+
7
+static const char HDL_LOGIC_CHAR[] = { 'U', 'X', '0', '1', 'Z', 'W', 'L', 'H', '-'};
8
+
9
+enum HDL_LOGIC_STATES {
10
+HDL_U = 0,
11
+HDL_X = 1,
12
+HDL_0 = 2,
13
+HDL_1 = 3,
14
+HDL_Z = 4,
15
+HDL_W = 5,
16
+HDL_L = 6,
17
+HDL_H = 7,
18
+HDL_D = 8,
19
+};
20
+
21
+
22
+
23
+void slv_to_uchar(char* datain, unsigned char* dataout, int bytelen) {
24
+
25
+  for (int i = 0; i < bytelen; i++) {
26
+    for (int y = 0; y < 8; y++) {
27
+      if (*datain == HDL_1) {
28
+        *dataout |= 1 << y;
29
+      } else if (*datain == HDL_0) {
30
+        *dataout &= ~(1 << y);
31
+      }
32
+      datain++;
33
+    }
34
+    dataout++;
35
+  }
36
+
37
+  return;
38
+
39
+}
40
+
41
+
42
+void slv_to_string(char* datain, char* dataout, int bytelen) {
43
+
44
+  for (int i = 0; i < bytelen; i++) {
45
+    *dataout = HDL_LOGIC_CHAR[*datain];
46
+    datain++;
47
+    dataout++;
48
+  }
49
+
50
+  return;
51
+
52
+}
53
+
54
+
55
+void uchar_to_slv(unsigned char* datain, char* dataout, int bytelen) {
56
+
57
+  for (int i = 0; i < bytelen; i++) {
58
+    for (int y = 0; y < 8; y++) {
59
+      if ((*datain >> y) & 1 == 1) {
60
+        *dataout = HDL_1 ;
61
+      } else {
62
+        *dataout = HDL_0;
63
+      }
64
+      dataout++;
65
+    }
66
+    datain++;
67
+  }
68
+
69
+  return;
70
+
71
+}
72
+
73
+
74
+void handleErrors(void)
75
+{
76
+    ERR_print_errors_fp(stderr);
77
+    abort();
78
+}
79
+
80
+
81
+int encrypt(unsigned char *plaintext, int plaintext_len, unsigned char *key,
82
+            unsigned char *ciphertext)
83
+{
84
+    EVP_CIPHER_CTX *ctx;
85
+
86
+    int len;
87
+
88
+    int ciphertext_len;
89
+
90
+    /* Create and initialise the context */
91
+    if(!(ctx = EVP_CIPHER_CTX_new()))
92
+        handleErrors();
93
+
94
+    /*
95
+     * Initialise the encryption operation. IMPORTANT - ensure you use a key
96
+     * and IV size appropriate for your cipher
97
+     * In this example we are using 256 bit AES (i.e. a 256 bit key). The
98
+     * IV size for *most* modes is the same as the block size. For AES this
99
+     * is 128 bits
100
+     */
101
+    if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_128_ecb(), NULL, key, NULL))
102
+        handleErrors();
103
+
104
+    if(1 != EVP_CIPHER_CTX_set_padding(ctx, 0))
105
+      handleErrors();
106
+
107
+    /*
108
+     * Provide the message to be encrypted, and obtain the encrypted output.
109
+     * EVP_EncryptUpdate can be called multiple times if necessary
110
+     */
111
+    if(1 != EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len))
112
+        handleErrors();
113
+    ciphertext_len = len;
114
+
115
+    /*
116
+     * Finalise the encryption. Further ciphertext bytes may be written at
117
+     * this stage.
118
+     */
119
+    if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len))
120
+        handleErrors();
121
+    ciphertext_len += len;
122
+
123
+    /* Clean up */
124
+    EVP_CIPHER_CTX_free(ctx);
125
+
126
+    return ciphertext_len;
127
+}
128
+
129
+
130
+void cryptData(char* datain, char* key, char mode, char* dataout, int len) {
131
+
132
+  unsigned char c_data[len+1];
133
+  unsigned char c_key[len+1];
134
+  unsigned char c_data_e[len+1];
135
+  int ciphertext_len;
136
+
137
+  c_data[len] = 0;
138
+  c_key[len] = 0;
139
+  c_data_e[len] = 0;
140
+
141
+  slv_to_uchar(datain, c_data, 16);
142
+  slv_to_uchar(key, c_key, 16);
143
+
144
+  ciphertext_len = encrypt(c_data, 128/8, c_key, c_data_e);
145
+
146
+  uchar_to_slv(c_data_e, dataout, 16);
147
+
148
+  return;
149
+
150
+}

+ 66
- 27
aes/sim/vhdl/tb_aes.vhd View File

@@ -22,6 +22,9 @@ library ieee;
22 22
 use ieee.std_logic_1164.all;
23 23
 use ieee.numeric_std.all;
24 24
 
25
+library osvvm;
26
+  use osvvm.RandomPkg.all;
27
+
25 28
 use std.env.all;
26 29
 
27 30
 use work.aes_pkg.all;
@@ -52,6 +55,27 @@ architecture rtl of tb_aes is
52 55
   signal s_validout_dec  : std_logic;
53 56
   signal s_acceptin_dec  : std_logic := '0';
54 57
 
58
+  procedure cryptData(datain  : in  std_logic_vector(0 to 127);
59
+                      key     : in  std_logic_vector(0 to 127);
60
+                      mode    : in  boolean;
61
+                      dataout : out std_logic_vector(0 to 127);
62
+                      len     : in  integer) is
63
+  begin
64
+    report "VHPIDIRECT cryptData" severity failure;
65
+  end procedure;
66
+
67
+  attribute foreign of cryptData: procedure is "VHPIDIRECT cryptData";
68
+
69
+  function swap (datain : std_logic_vector(0 to 127)) return std_logic_vector is
70
+    variable v_data : std_logic_vector(0 to 127);
71
+  begin
72
+    for i in 0 to 15 loop
73
+      for y in 0 to 7 loop
74
+        v_data((i*8)+y) := datain((i*8)+7-y);
75
+      end loop;
76
+    end loop;
77
+    return v_data;
78
+  end function;
55 79
 
56 80
 begin
57 81
 
@@ -89,37 +113,52 @@ begin
89 113
 
90 114
 
91 115
   process is
116
+    variable v_key     : std_logic_vector(0 to 127);
117
+    variable v_datain  : std_logic_vector(0 to 127);
118
+    variable v_dataout : std_logic_vector(0 to 127);
119
+    variable v_random  : RandomPType;
92 120
   begin
121
+    v_random.InitSeed(v_random'instance_name);
93 122
     wait until s_reset = '1';
94
-    -- ENCRYPTION TEST
123
+    -- ENCRYPTION TESTs
95 124
     report "Test encryption";
96
-    wait until rising_edge(s_clk);
97
-    s_validin_enc <= '1';
98
-    s_key <= x"2b7e151628aed2a6abf7158809cf4f3c";
99
-    s_datain <= x"3243f6a8885a308d313198a2e0370734";
100
-    wait until s_acceptout_enc = '1' and rising_edge(s_clk);
101
-    s_validin_enc <= '0';
102
-    wait until s_validout_enc = '1' and rising_edge(s_clk);
103
-    s_acceptin_enc <= '1';
104
-    assert s_dataout_enc = x"3925841D02DC09FBDC118597196A0B32"
105
-      report "Encryption error"
106
-      severity failure;
107
-    s_datain <= s_dataout_enc;
108
-    wait until rising_edge(s_clk);
109
-    s_acceptin_enc <= '0';
110
-    -- DECRYPTION TEST
125
+    for i in 0 to 63 loop
126
+      wait until rising_edge(s_clk);
127
+      s_validin_enc <= '1';
128
+      v_key         := v_random.RandSlv(128);
129
+      v_datain      := v_random.RandSlv(128);
130
+      s_key         <= v_key;
131
+      s_datain      <= v_datain;
132
+      cryptData(swap(v_datain), swap(v_key), true, v_dataout, 128);
133
+      wait until s_acceptout_enc = '1' and rising_edge(s_clk);
134
+      s_validin_enc <= '0';
135
+      wait until s_validout_enc = '1' and rising_edge(s_clk);
136
+      s_acceptin_enc <= '1';
137
+      assert s_dataout_enc = swap(v_dataout)
138
+        report "Encryption error"
139
+        severity failure;
140
+      wait until rising_edge(s_clk);
141
+      s_acceptin_enc <= '0';
142
+    end loop;
143
+    -- DECRYPTION TESTs
111 144
     report "Test decryption";
112
-    wait until rising_edge(s_clk);
113
-    s_validin_dec <= '1';
114
-    wait until s_acceptout_dec = '1' and rising_edge(s_clk);
115
-    s_validin_dec <= '0';
116
-    wait until s_validout_dec = '1' and rising_edge(s_clk);
117
-    s_acceptin_dec <= '1';
118
-    assert s_dataout_dec = x"3243f6a8885a308d313198a2e0370734"
119
-      report "Decryption error"
120
-      severity failure;
121
-    wait until rising_edge(s_clk);
122
-    s_acceptin_dec <= '0';
145
+    for i in 0 to 63 loop
146
+      wait until rising_edge(s_clk);
147
+      s_validin_dec <= '1';
148
+      v_key         := x"2b7e151628aed2a6abf7158809cf4f3c";
149
+      v_datain      := x"3925841D02DC09FBDC118597196A0B32";
150
+      s_key         <= v_key;
151
+      s_datain      <= v_datain;
152
+      wait until s_acceptout_dec = '1' and rising_edge(s_clk);
153
+      s_validin_dec <= '0';
154
+      wait until s_validout_dec = '1' and rising_edge(s_clk);
155
+      s_acceptin_dec <= '1';
156
+      assert s_dataout_dec = x"3243f6a8885a308d313198a2e0370734"
157
+        report "Decryption error"
158
+        severity failure;
159
+      wait until rising_edge(s_clk);
160
+      s_acceptin_dec <= '0';
161
+    end loop;
123 162
     wait for 100 ns;
124 163
     report "Tests successful";
125 164
     finish(0);