cryptography ip-cores in vhdl / verilog
vhdl
ghdl
osvvm
fpga
testbenches
verilog
cryptography

des.v 19KB


  1. // ======================================================================
  2. // DES encryption/decryption
  3. // algorithm according:FIPS 46-3 specification
  4. // Copyright (C) 2012 Torsten Meissner
  5. //-----------------------------------------------------------------------
  6. // This program is free software; you can redistribute it and/or modify
  7. // it under the terms of the GNU General Public License as published by
  8. // the Free Software Foundation; either version 2 of the License, or
  9. // (at your option) any later version.
  10. //
  11. // This program is distributed in the hope that it will be useful,
  12. // but WITHOUT ANY WARRANTY; without even the implied warranty of
  13. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14. // GNU General Public License for more details.
  15. //
  16. // You should have received a copy of the GNU General Public License
  17. // along with this program; if not, write:the Free Software
  18. // Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
  19. // ======================================================================
  20. `timescale 1ns/1ps
  21. module des
  22. (
  23. input reset_i, // async reset
  24. input clk_i, // clock
  25. input mode_i, // des-mode: 0 = encrypt, 1 = decrypt
  26. input [0:63] key_i, // key input
  27. input [0:63] data_i, // data input
  28. input valid_i, // input key/data valid flag
  29. output reg accept_o,
  30. output reg [0:63] data_o, // data output
  31. output valid_o, // output data valid flag
  32. input accept_i
  33. );
  34. `include "../../../des/rtl/verilog/des_pkg.v"
  35. `ifdef PIPE
  36. // valid, mode register
  37. reg [0:18] valid;
  38. reg [0:17] mode;
  39. // algorithm pipeline register
  40. // key calculation register
  41. reg [0:27] c0;
  42. reg [0:27] c1;
  43. reg [0:27] c2;
  44. reg [0:27] c3;
  45. reg [0:27] c4;
  46. reg [0:27] c5;
  47. reg [0:27] c6;
  48. reg [0:27] c7;
  49. reg [0:27] c8;
  50. reg [0:27] c9;
  51. reg [0:27] c10;
  52. reg [0:27] c11;
  53. reg [0:27] c12;
  54. reg [0:27] c13;
  55. reg [0:27] c14;
  56. reg [0:27] c15;
  57. reg [0:27] c16;
  58. reg [0:27] d0;
  59. reg [0:27] d1;
  60. reg [0:27] d2;
  61. reg [0:27] d3;
  62. reg [0:27] d4;
  63. reg [0:27] d5;
  64. reg [0:27] d6;
  65. reg [0:27] d7;
  66. reg [0:27] d8;
  67. reg [0:27] d9;
  68. reg [0:27] d10;
  69. reg [0:27] d11;
  70. reg [0:27] d12;
  71. reg [0:27] d13;
  72. reg [0:27] d14;
  73. reg [0:27] d15;
  74. reg [0:27] d16;
  75. // key register
  76. wire [0:47] key1;
  77. wire [0:47] key2;
  78. wire [0:47] key3;
  79. wire [0:47] key4;
  80. wire [0:47] key5;
  81. wire [0:47] key6;
  82. wire [0:47] key7;
  83. wire [0:47] key8;
  84. wire [0:47] key9;
  85. wire [0:47] key10;
  86. wire [0:47] key11;
  87. wire [0:47] key12;
  88. wire [0:47] key13;
  89. wire [0:47] key14;
  90. wire [0:47] key15;
  91. wire [0:47] key16;
  92. // register for left, right data blocks
  93. reg [0:31] l;
  94. reg [0:31] l0;
  95. reg [0:31] l1;
  96. reg [0:31] l2;
  97. reg [0:31] l3;
  98. reg [0:31] l4;
  99. reg [0:31] l5;
  100. reg [0:31] l6;
  101. reg [0:31] l7;
  102. reg [0:31] l8;
  103. reg [0:31] l9;
  104. reg [0:31] l10;
  105. reg [0:31] l11;
  106. reg [0:31] l12;
  107. reg [0:31] l13;
  108. reg [0:31] l14;
  109. reg [0:31] l15;
  110. reg [0:31] l16;
  111. reg [0:31] r;
  112. reg [0:31] r0;
  113. reg [0:31] r1;
  114. reg [0:31] r2;
  115. reg [0:31] r3;
  116. reg [0:31] r4;
  117. reg [0:31] r5;
  118. reg [0:31] r6;
  119. reg [0:31] r7;
  120. reg [0:31] r8;
  121. reg [0:31] r9;
  122. reg [0:31] r10;
  123. reg [0:31] r11;
  124. reg [0:31] r12;
  125. reg [0:31] r13;
  126. reg [0:31] r14;
  127. reg [0:31] r15;
  128. reg [0:31] r16;
  129. wire valid_o = valid[18];
  130. // valid, mode register
  131. always @(posedge clk_i, negedge reset_i) begin
  132. if(~reset_i) begin
  133. valid <= 0;
  134. mode <= 0;
  135. accept_o <= 0;
  136. end
  137. else begin
  138. // shift registers
  139. valid[1:18] <= valid[0:17];
  140. valid[0] <= valid_i;
  141. mode[1:17] <= mode[0:16];
  142. mode[0] <= mode_i;
  143. accept_o <= 1;
  144. end
  145. end
  146. // des algorithm pipeline
  147. always @(posedge clk_i, negedge reset_i) begin
  148. if(~reset_i) begin
  149. l <= 0;
  150. r <= 0;
  151. l0 <= 0;
  152. l1 <= 0;
  153. l2 <= 0;
  154. l3 <= 0;
  155. l4 <= 0;
  156. l5 <= 0;
  157. l6 <= 0;
  158. l7 <= 0;
  159. l8 <= 0;
  160. l9 <= 0;
  161. l10 <= 0;
  162. l11 <= 0;
  163. l12 <= 0;
  164. l13 <= 0;
  165. l14 <= 0;
  166. l15 <= 0;
  167. l16 <= 0;
  168. r0 <= 0;
  169. r1 <= 0;
  170. r2 <= 0;
  171. r3 <= 0;
  172. r4 <= 0;
  173. r5 <= 0;
  174. r6 <= 0;
  175. r7 <= 0;
  176. r8 <= 0;
  177. r9 <= 0;
  178. r10 <= 0;
  179. r11 <= 0;
  180. r12 <= 0;
  181. r13 <= 0;
  182. r14 <= 0;
  183. r15 <= 0;
  184. r16 <= 0;
  185. data_o <= 0;
  186. end
  187. else begin
  188. // output stage
  189. data_o <= ipn({r16, l16});
  190. // 16. stage
  191. l16 <= r15;
  192. r16 <= l15 ^ (f(r15, key16));
  193. // 15. stage
  194. l15 <= r14;
  195. r15 <= l14 ^ (f(r14, key15));
  196. // 14. stage
  197. l14 <= r13;
  198. r14 <= l13 ^ (f(r13, key14));
  199. // 13. stage
  200. l13 <= r12;
  201. r13 <= l12 ^ (f(r12, key13));
  202. // 12. stage
  203. l12 <= r11;
  204. r12 <= l11 ^ (f(r11, key12));
  205. // 11. stage
  206. l11 <= r10;
  207. r11 <= l10 ^ (f(r10, key11));
  208. // 10. stage
  209. l10 <= r9;
  210. r10 <= l9 ^ (f(r9, key10));
  211. // 9. stage
  212. l9 <= r8;
  213. r9 <= l8 ^ (f(r8, key9));
  214. // 8. stage
  215. l8 <= r7;
  216. r8 <= l7 ^ (f(r7, key8));
  217. // 7. stage
  218. l7 <= r6;
  219. r7 <= l6 ^ (f(r6, key7));
  220. // 6. stage
  221. l6 <= r5;
  222. r6 <= l5 ^ (f(r5, key6));
  223. // 5. stage
  224. l5 <= r4;
  225. r5 <= l4 ^ (f(r4, key5));
  226. // 4. stage
  227. l4 <= r3;
  228. r4 <= l3 ^ (f(r3, key4));
  229. // 3. stage
  230. l3 <= r2;
  231. r3 <= l2 ^ (f(r2, key3));
  232. // 2. stage
  233. l2 <= r1;
  234. r2 <= l1 ^ (f(r1, key2));
  235. // 1. stage
  236. l1 <= r0;
  237. r1 <= l0 ^ (f(r0, key1));
  238. // 1. state
  239. l0 <= l;
  240. r0 <= r;
  241. // input stage
  242. l <= ip0(data_i);
  243. r <= ip1(data_i);
  244. end
  245. end
  246. // des key pipeline
  247. always @(posedge clk_i, negedge reset_i) begin
  248. if(~reset_i) begin
  249. c0 <= 0;
  250. c1 <= 0;
  251. c2 <= 0;
  252. c3 <= 0;
  253. c4 <= 0;
  254. c5 <= 0;
  255. c6 <= 0;
  256. c7 <= 0;
  257. c8 <= 0;
  258. c9 <= 0;
  259. c10 <= 0;
  260. c11 <= 0;
  261. c12 <= 0;
  262. c13 <= 0;
  263. c14 <= 0;
  264. c15 <= 0;
  265. c16 <= 0;
  266. d0 <= 0;
  267. d1 <= 0;
  268. d2 <= 0;
  269. d3 <= 0;
  270. d4 <= 0;
  271. d5 <= 0;
  272. d6 <= 0;
  273. d7 <= 0;
  274. d8 <= 0;
  275. d9 <= 0;
  276. d10 <= 0;
  277. d11 <= 0;
  278. d12 <= 0;
  279. d13 <= 0;
  280. d14 <= 0;
  281. d15 <= 0;
  282. d16 <= 0;
  283. end
  284. else begin
  285. // input stage
  286. c0 <= pc1_c(key_i);
  287. d0 <= pc1_d(key_i);
  288. // 1st stage
  289. if (~mode[0]) begin
  290. c1 <= {c0[1:27], c0[0]};
  291. d1 <= {d0[1:27], d0[0]};
  292. end
  293. else begin
  294. c1 <= c0;
  295. d1 <= d0;
  296. end
  297. // 2nd stage
  298. if (~mode[1]) begin
  299. c2 <= {c1[1:27], c1[0]};
  300. d2 <= {d1[1:27], d1[0]};
  301. end
  302. else begin
  303. c2 <= {c1[27], c1[0:26]};
  304. d2 <= {d1[27], d1[0:26]};
  305. end
  306. // 3rd stage
  307. if (~mode[2]) begin
  308. c3 <= {c2[2:27], c2[0:1]};
  309. d3 <= {d2[2:27], d2[0:1]};
  310. end
  311. else begin
  312. c3 <= {c2[26:27], c2[0:25]};
  313. d3 <= {d2[26:27], d2[0:25]};
  314. end
  315. // 4th stage
  316. if (~mode[3]) begin
  317. c4 <= {c3[2:27], c3[0:1]};
  318. d4 <= {d3[2:27], d3[0:1]};
  319. end
  320. else begin
  321. c4 <= {c3[26:27], c3[0:25]};
  322. d4 <= {d3[26:27], d3[0:25]};
  323. end
  324. // 5th stage
  325. if (~mode[4]) begin
  326. c5 <= {c4[2:27], c4[0:1]};
  327. d5 <= {d4[2:27], d4[0:1]};
  328. end
  329. else begin
  330. c5 <= {c4[26:27], c4[0:25]};
  331. d5 <= {d4[26:27], d4[0:25]};
  332. end
  333. // 6. stage
  334. if (~mode[5]) begin
  335. c6 <= {c5[2:27], c5[0:1]};
  336. d6 <= {d5[2:27], d5[0:1]};
  337. end
  338. else begin
  339. c6 <= {c5[26:27], c5[0:25]};
  340. d6 <= {d5[26:27], d5[0:25]};
  341. end
  342. // 7. stage
  343. if (~mode[6]) begin
  344. c7 <= {c6[2:27], c6[0:1]};
  345. d7 <= {d6[2:27], d6[0:1]};
  346. end
  347. else begin
  348. c7 <= {c6[26:27], c6[0:25]};
  349. d7 <= {d6[26:27], d6[0:25]};
  350. end
  351. // 8. stage
  352. if (~mode[7]) begin
  353. c8 <= {c7[2:27], c7[0:1]};
  354. d8 <= {d7[2:27], d7[0:1]};
  355. end
  356. else begin
  357. c8 <= {c7[26:27], c7[0:25]};
  358. d8 <= {d7[26:27], d7[0:25]};
  359. end
  360. // 9. stage
  361. if (~mode[8]) begin
  362. c9 <= {c8[1:27], c8[0]};
  363. d9 <= {d8[1:27], d8[0]};
  364. end
  365. else begin
  366. c9 <= {c8[27], c8[0:26]};
  367. d9 <= {d8[27], d8[0:26]};
  368. end
  369. // 10. stage
  370. if (~mode[9]) begin
  371. c10 <= {c9[2:27], c9[0:1]};
  372. d10 <= {d9[2:27], d9[0:1]};
  373. end
  374. else begin
  375. c10 <= {c9[26:27], c9[0:25]};
  376. d10 <= {d9[26:27], d9[0:25]};
  377. end
  378. // 6. stage
  379. if (~mode[10]) begin
  380. c11 <= {c10[2:27], c10[0:1]};
  381. d11 <= {d10[2:27], d10[0:1]};
  382. end
  383. else begin
  384. c11 <= {c10[26:27], c10[0:25]};
  385. d11 <= {d10[26:27], d10[0:25]};
  386. end
  387. // 6. stage
  388. if (~mode[11]) begin
  389. c12 <= {c11[2:27], c11[0:1]};
  390. d12 <= {d11[2:27], d11[0:1]};
  391. end
  392. else begin
  393. c12 <= {c11[26:27], c11[0:25]};
  394. d12 <= {d11[26:27], d11[0:25]};
  395. end
  396. // 6. stage
  397. if (~mode[12]) begin
  398. c13 <= {c12[2:27], c12[0:1]};
  399. d13 <= {d12[2:27], d12[0:1]};
  400. end
  401. else begin
  402. c13 <= {c12[26:27], c12[0:25]};
  403. d13 <= {d12[26:27], d12[0:25]};
  404. end
  405. // 6. stage
  406. if (~mode[13]) begin
  407. c14 <= {c13[2:27], c13[0:1]};
  408. d14 <= {d13[2:27], d13[0:1]};
  409. end
  410. else begin
  411. c14 <= {c13[26:27], c13[0:25]};
  412. d14 <= {d13[26:27], d13[0:25]};
  413. end
  414. // 6. stage
  415. if (~mode[14]) begin
  416. c15 <= {c14[2:27], c14[0:1]};
  417. d15 <= {d14[2:27], d14[0:1]};
  418. end
  419. else begin
  420. c15 <= {c14[26:27], c14[0:25]};
  421. d15 <= {d14[26:27], d14[0:25]};
  422. end
  423. // 6. stage
  424. if (~mode[15]) begin
  425. c16 <= {c15[1:27], c15[0]};
  426. d16 <= {d15[1:27], d15[0]};
  427. end
  428. else begin
  429. c16 <= {c15[27], c15[0:26]};
  430. d16 <= {d15[27], d15[0:26]};
  431. end
  432. end
  433. end
  434. // key assignments
  435. assign key1 = pc2({c1, d1});
  436. assign key2 = pc2({c2, d2});
  437. assign key3 = pc2({c3, d3});
  438. assign key4 = pc2({c4, d4});
  439. assign key5 = pc2({c5, d5});
  440. assign key6 = pc2({c6, d6});
  441. assign key7 = pc2({c7, d7});
  442. assign key8 = pc2({c8, d8});
  443. assign key9 = pc2({c9, d9});
  444. assign key10 = pc2({c10, d10});
  445. assign key11 = pc2({c11, d11});
  446. assign key12 = pc2({c12, d12});
  447. assign key13 = pc2({c13, d13});
  448. assign key14 = pc2({c14, d14});
  449. assign key15 = pc2({c15, d15});
  450. assign key16 = pc2({c16, d16});
  451. `endif
  452. `ifdef ITER
  453. // mode register
  454. reg valid;
  455. reg mode;
  456. integer state;
  457. // algorithm pipeline register
  458. // key calculation register
  459. reg [0:27] c;
  460. reg [0:27] d;
  461. // key register
  462. reg [0:47] key;
  463. // register for left, right data blocks
  464. reg [0:31] l;
  465. reg [0:31] r;
  466. wire valid_o = valid;
  467. always @(posedge clk_i, negedge reset_i) begin
  468. if (~reset_i) begin
  469. c <= 0;
  470. d <= 0;
  471. end else begin
  472. case (state)
  473. 3, 4, 5, 6, 7, 8 , 10, 11, 12, 13, 14, 15 : begin
  474. if (mode) begin
  475. c <= {c[26:27], c[0:25]};
  476. d <= {d[26:27], d[0:25]};
  477. end else begin
  478. c <= {c[2:27], c[0:1]};
  479. d <= {d[2:27], d[0:1]};
  480. end
  481. end
  482. 1 : begin
  483. if (~mode) begin
  484. c <= {c[1:27], c[0]};
  485. d <= {c[0], d[1:27], d[0]};
  486. end
  487. end
  488. 2, 9, 16 : begin
  489. if (mode) begin
  490. c <= {c[27], c[0:26]};
  491. d <= {d[27], d[0:26]};
  492. end else begin
  493. c <= {c[1:27], c[0]};
  494. d <= {d[1:27], d[0]};
  495. end
  496. end
  497. endcase
  498. end
  499. end
  500. always @(posedge clk_i, negedge reset_i) begin
  501. if(~reset_i) begin
  502. l <= 0;
  503. r <= 0;
  504. key <= 0;
  505. state <= 0;
  506. mode <= 0;
  507. valid <= 0;
  508. accept_o <= 0;
  509. data_o <= 0;
  510. end
  511. else begin
  512. case (state)
  513. 0 : begin
  514. l <= 0;
  515. r <= 0;
  516. key <= 0;
  517. mode <= 0;
  518. valid <= 0;
  519. accept_o <= 1;
  520. if (valid_i && accept_o) begin
  521. accept_o <= 0;
  522. mode <= mode_i;
  523. l <= ip0(data_i);
  524. r <= ip1(data_i);
  525. c <= pc1_c(key_i);
  526. d <= pc1_d(key_i);
  527. state <= state + 1;
  528. end
  529. end
  530. 1 : begin
  531. if (mode) begin
  532. r <= l ^ f(r, pc2({c, d}));
  533. end else begin
  534. r <= l ^ f(r, pc2({c[1:27], c[0], d[1:27], d[0]}));
  535. end
  536. l <= r;
  537. state <= state + 1;
  538. end
  539. 2 : begin
  540. if (mode) begin
  541. r <= l ^ f(r, pc2({c[27], c[0:26], d[27], d[0:26]}));
  542. end else begin
  543. r <= l ^ f(r, pc2({c[1:27], c[0], d[1:27], d[0]}));
  544. end
  545. l <= r;
  546. state <= state + 1;
  547. end
  548. 3 : begin
  549. if (mode) begin
  550. r <= l ^ f(r, pc2({c[26:27], c[0:25], d[26:27], d[0:25]}));
  551. end else begin
  552. r <= l ^ f(r, pc2({c[2:27], c[0:1], d[2:27], d[0:1]}));
  553. end
  554. l <= r;
  555. state <= state + 1;
  556. end
  557. 4 : begin
  558. if (mode) begin
  559. r <= l ^ f(r, pc2({c[26:27], c[0:25], d[26:27], d[0:25]}));
  560. end else begin
  561. r <= l ^ f(r, pc2({c[2:27], c[0:1], d[2:27], d[0:1]}));
  562. end
  563. l <= r;
  564. state <= state + 1;
  565. end
  566. 5 : begin
  567. if (mode) begin
  568. r <= l ^ f(r, pc2({c[26:27], c[0:25], d[26:27], d[0:25]}));
  569. end else begin
  570. r <= l ^ f(r, pc2({c[2:27], c[0:1], d[2:27], d[0:1]}));
  571. end
  572. l <= r;
  573. state <= state + 1;
  574. end
  575. 6 : begin
  576. if (mode) begin
  577. r <= l ^ f(r, pc2({c[26:27], c[0:25], d[26:27], d[0:25]}));
  578. end else begin
  579. r <= l ^ f(r, pc2({c[2:27], c[0:1], d[2:27], d[0:1]}));
  580. end
  581. l <= r;
  582. state <= state + 1;
  583. end
  584. 7 : begin
  585. if (mode) begin
  586. r <= l ^ f(r, pc2({c[26:27], c[0:25], d[26:27], d[0:25]}));
  587. end else begin
  588. r <= l ^ f(r, pc2({c[2:27], c[0:1], d[2:27], d[0:1]}));
  589. end
  590. l <= r;
  591. state <= state + 1;
  592. end
  593. 8 : begin
  594. if (mode) begin
  595. r <= l ^ f(r, pc2({c[26:27], c[0:25], d[26:27], d[0:25]}));
  596. end else begin
  597. r <= l ^ f(r, pc2({c[2:27], c[0:1], d[2:27], d[0:1]}));
  598. end
  599. l <= r;
  600. state <= state + 1;
  601. end
  602. 9 : begin
  603. if (mode) begin
  604. r <= l ^ f(r, pc2({c[27], c[0:26], d[27], d[0:26]}));
  605. end else begin
  606. r <= l ^ f(r, pc2({c[1:27], c[0], d[1:27], d[0]}));
  607. end
  608. l <= r;
  609. state <= state + 1;
  610. end
  611. 10 : begin
  612. if (mode) begin
  613. r <= l ^ f(r, pc2({c[26:27], c[0:25], d[26:27], d[0:25]}));
  614. end else begin
  615. r <= l ^ f(r, pc2({c[2:27], c[0:1], d[2:27], d[0:1]}));
  616. end
  617. l <= r;
  618. state <= state + 1;
  619. end
  620. 11 : begin
  621. if (mode) begin
  622. r <= l ^ f(r, pc2({c[26:27], c[0:25], d[26:27], d[0:25]}));
  623. end else begin
  624. r <= l ^ f(r, pc2({c[2:27], c[0:1], d[2:27], d[0:1]}));
  625. end
  626. l <= r;
  627. state <= state + 1;
  628. end
  629. 12 : begin
  630. if (mode) begin
  631. r <= l ^ f(r, pc2({c[26:27], c[0:25], d[26:27], d[0:25]}));
  632. end else begin
  633. r <= l ^ f(r, pc2({c[2:27], c[0:1], d[2:27], d[0:1]}));
  634. end
  635. l <= r;
  636. state <= state + 1;
  637. end
  638. 13 : begin
  639. if (mode) begin
  640. r <= l ^ f(r, pc2({c[26:27], c[0:25], d[26:27], d[0:25]}));
  641. end else begin
  642. r <= l ^ f(r, pc2({c[2:27], c[0:1], d[2:27], d[0:1]}));
  643. end
  644. l <= r;
  645. state <= state + 1;
  646. end
  647. 14 : begin
  648. if (mode) begin
  649. r <= l ^ f(r, pc2({c[26:27], c[0:25], d[26:27], d[0:25]}));
  650. end else begin
  651. r <= l ^ f(r, pc2({c[2:27], c[0:1], d[2:27], d[0:1]}));
  652. end
  653. l <= r;
  654. state <= state + 1;
  655. end
  656. 15 : begin
  657. if (mode) begin
  658. r <= l ^ f(r, pc2({c[26:27], c[0:25], d[26:27], d[0:25]}));
  659. end else begin
  660. r <= l ^ f(r, pc2({c[2:27], c[0:1], d[2:27], d[0:1]}));
  661. end
  662. l <= r;
  663. state <= state + 1;
  664. end
  665. 16 : begin
  666. if (mode) begin
  667. r <= l ^ f(r, pc2({c[27], c[0:26], d[27], d[0:26]}));
  668. end else begin
  669. r <= l ^ f(r, pc2({c[1:27], c[0], d[1:27], d[0]}));
  670. end
  671. l <= r;
  672. state <= state + 1;
  673. end
  674. 17 : begin
  675. valid <= 1;
  676. data_o <= ipn({r, l});
  677. if (valid && accept_i) begin
  678. valid <= 0;
  679. state <= 0;
  680. end
  681. end
  682. default :
  683. state <= 0;
  684. endcase
  685. end
  686. end
  687. assign valid_o = valid;
  688. `endif
  689. endmodule