From 7f91a8af320b9c20e03ed015802c89551e583ee8 Mon Sep 17 00:00:00 2001 From: Byron Lathi Date: Fri, 4 Jul 2025 10:49:48 -0700 Subject: [PATCH] Get poly1305 core to kind of work --- ChaCha20_Poly1305_64/doc/poly1305.drawio | 146 ++++++++++++++++++ ChaCha20_Poly1305_64/sim/poly1305.yaml | 7 + ChaCha20_Poly1305_64/sim/poly1305_core.py | 73 +++++++++ .../sim/poly1305_core_harness.sv | 26 ++++ ChaCha20_Poly1305_64/sim/sources.list | 5 +- .../src/chacha20_poly1305_64.sv | 24 +++ ChaCha20_Poly1305_64/src/poly1305_core.sv | 84 ++++++++++ ChaCha20_Poly1305_64/src/sources.list | 4 +- 8 files changed, 367 insertions(+), 2 deletions(-) create mode 100644 ChaCha20_Poly1305_64/doc/poly1305.drawio create mode 100644 ChaCha20_Poly1305_64/sim/poly1305.yaml create mode 100644 ChaCha20_Poly1305_64/sim/poly1305_core.py create mode 100644 ChaCha20_Poly1305_64/sim/poly1305_core_harness.sv create mode 100644 ChaCha20_Poly1305_64/src/chacha20_poly1305_64.sv create mode 100644 ChaCha20_Poly1305_64/src/poly1305_core.sv diff --git a/ChaCha20_Poly1305_64/doc/poly1305.drawio b/ChaCha20_Poly1305_64/doc/poly1305.drawio new file mode 100644 index 0000000..ca04eb4 --- /dev/null +++ b/ChaCha20_Poly1305_64/doc/poly1305.drawio @@ -0,0 +1,146 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/ChaCha20_Poly1305_64/sim/poly1305.yaml b/ChaCha20_Poly1305_64/sim/poly1305.yaml new file mode 100644 index 0000000..152650d --- /dev/null +++ b/ChaCha20_Poly1305_64/sim/poly1305.yaml @@ -0,0 +1,7 @@ +tests: + - name: "poly1305_core" + toplevel: "poly1305_core_harness" + modules: + - "poly1305_core" + sources: "sources.list" + waves: True \ No newline at end of file diff --git a/ChaCha20_Poly1305_64/sim/poly1305_core.py b/ChaCha20_Poly1305_64/sim/poly1305_core.py new file mode 100644 index 0000000..b625502 --- /dev/null +++ b/ChaCha20_Poly1305_64/sim/poly1305_core.py @@ -0,0 +1,73 @@ +import logging + + +import cocotb +from cocotb.clock import Clock +from cocotb.triggers import Timer, RisingEdge, FallingEdge +from cocotb.queue import Queue + +from cocotbext.axi import AxiStreamBus, AxiStreamSource + +CLK_PERIOD = 4 + + +class TB: + def __init__(self, dut): + self.dut = dut + + self.log = logging.getLogger("cocotb.tb") + self.log.setLevel(logging.INFO) + + cocotb.start_soon(Clock(self.dut.i_clk, CLK_PERIOD, units="ns").start()) + + self.s_data_axis = AxiStreamSource(AxiStreamBus.from_prefix(dut.s_data_axis, ""), dut.i_clk, dut.i_rst) + + async def cycle_reset(self): + await self._cycle_reset(self.dut.i_rst, self.dut.i_clk) + + async def _cycle_reset(self, rst, clk): + rst.setimmediatevalue(0) + await RisingEdge(clk) + await RisingEdge(clk) + rst.value = 1 + await RisingEdge(clk) + await RisingEdge(clk) + rst.value = 0 + await RisingEdge(clk) + await RisingEdge(clk) + +@cocotb.test +async def test_sanity(dut): + tb = TB(dut) + + await tb.cycle_reset() + + s = 0x1bf54941aff6bf4afdb20dfb8a800301 + r = 0xa806d542fe52447f336d555778bed685 + r_masked = 0x0806d5400e52447c036d555408bed685 + + result = 0xa927010caf8b2bc2c6365130c11d06a8 + + msg = b"Cryptographic Forum Research Group" + + + tb.dut.i_otk.value = ((r << 128) | s) + tb.dut.i_otk_valid.value = 1 + await RisingEdge(tb.dut.i_clk) + tb.dut.i_otk_valid.value = 0 + await RisingEdge(tb.dut.i_clk) + + dut_s = tb.dut.u_dut.poly1305_s.value.integer + dut_r = tb.dut.u_dut.poly1305_r.value.integer + + assert dut_s == s + assert dut_r == r_masked + + await tb.s_data_axis.send(msg) + + await RisingEdge(tb.dut.o_tag_valid) + tag = tb.dut.o_tag.value.integer + + tb.log.info(f"tag: {tag:x}") + + await Timer(1, "us") \ No newline at end of file diff --git a/ChaCha20_Poly1305_64/sim/poly1305_core_harness.sv b/ChaCha20_Poly1305_64/sim/poly1305_core_harness.sv new file mode 100644 index 0000000..df3f425 --- /dev/null +++ b/ChaCha20_Poly1305_64/sim/poly1305_core_harness.sv @@ -0,0 +1,26 @@ +module poly1305_core_harness(); + +taxi_axis_if #(.DATA_W(128)) s_data_axis(); + +logic i_clk; +logic i_rst; + +logic [255:0] i_otk; +logic i_otk_valid; + +logic [127:0] o_tag; +logic o_tag_valid; + +poly1305_core u_dut ( + .i_clk (i_clk), + .i_rst (i_rst), + .i_otk (i_otk), + .i_otk_valid (i_otk_valid), + + .o_tag (o_tag), + .o_tag_valid (o_tag_valid), + + .s_data_axis (s_data_axis) +); + +endmodule \ No newline at end of file diff --git a/ChaCha20_Poly1305_64/sim/sources.list b/ChaCha20_Poly1305_64/sim/sources.list index 9517c7f..1797a9a 100644 --- a/ChaCha20_Poly1305_64/sim/sources.list +++ b/ChaCha20_Poly1305_64/sim/sources.list @@ -1 +1,4 @@ -../src/sources.list \ No newline at end of file +poly1305_core_harness.sv + +../src/sources.list +../../common/sim/sub/taxi/src/axis/rtl/taxi_axis_if.sv diff --git a/ChaCha20_Poly1305_64/src/chacha20_poly1305_64.sv b/ChaCha20_Poly1305_64/src/chacha20_poly1305_64.sv new file mode 100644 index 0000000..9df9761 --- /dev/null +++ b/ChaCha20_Poly1305_64/src/chacha20_poly1305_64.sv @@ -0,0 +1,24 @@ +module chacha20_poly1305_64 ( + input i_clk, + input i_rst, + + taxi_axis_if.snk s_ctrl_axis, + taxi_axis_if.snk s_data_axis, + taxi_axis_if.src m_data_axis +); + +//TODO the rest of this + +// control axis decoder. + +localparam R_MASK = 128'h0ffffffc0ffffffc0ffffffc0fffffff; + +chacha20_pipelined_block u_chacha20_pipelined_block ( + +); + +poly1305 u_poly1305 ( + +); + +endmodule \ No newline at end of file diff --git a/ChaCha20_Poly1305_64/src/poly1305_core.sv b/ChaCha20_Poly1305_64/src/poly1305_core.sv new file mode 100644 index 0000000..8d85220 --- /dev/null +++ b/ChaCha20_Poly1305_64/src/poly1305_core.sv @@ -0,0 +1,84 @@ +module poly1305_core #( + +) ( + input i_clk, + input i_rst, + + input [255:0] i_otk, + input i_otk_valid, + + output [127:0] o_tag, + output o_tag_valid, + + taxi_axis_if.snk s_data_axis +); + +// incoming data must be 128 bit and packed, i.e. tkeep is 1 except for the last beat with no gaps + + +localparam R_MASK = 128'h0ffffffc0ffffffc0ffffffc0fffffff; +localparam P130M5 = 258'h3fffffffffffffffffffffffffffffffb; + +logic [127:0] poly1305_r, poly1305_s; +logic [129:0] accumulator, accumulator_next; + +logic [129:0] data_one_extended; +logic [130:0] data_post_add; + +logic [257:0] data_post_mul, data_post_mul_reg; + +logic phase; + +logic [1:0] valid_sr; + +function logic [129:0] tkeep_expand (input [15:0] tkeep); + tkeep_expand = '0; + for (int i = 0; i < 16; i++) begin + tkeep_expand[i*8 +: 8] = {8{tkeep[i]}}; + end +endfunction + +// only ready in phase 0 +assign s_data_axis.tready = phase == 0; +assign o_tag_valid = valid_sr[1]; + +always_ff @(posedge i_clk) begin + if (i_rst) begin + phase <= '0; + valid_sr <= '0; + end + + valid_sr <= {valid_sr[0], s_data_axis.tlast & s_data_axis.tvalid & s_data_axis.tready & ~phase}; + + if (i_otk_valid) begin + poly1305_r <= i_otk[255:128] & R_MASK; + poly1305_s <= i_otk[127:0]; + end + + if (s_data_axis.tvalid && phase == 0) begin + data_post_mul_reg <= data_post_mul; + phase <= '1; + end + + if (phase == '1) begin + accumulator <= accumulator_next; + phase <= '0; + end +end + +always_comb begin + accumulator_next = accumulator; + data_post_mul = '0; + + // phase == 0 + data_one_extended = (tkeep_expand(s_data_axis.tkeep) + 1) | {2'b0, s_data_axis.tdata}; + data_post_add = data_one_extended + accumulator; + data_post_mul = data_post_add * poly1305_r; + + // phase == 1 + accumulator_next = 130'(data_post_mul_reg % P130M5); +end + +assign o_tag = accumulator[127:0] + poly1305_s; + +endmodule \ No newline at end of file diff --git a/ChaCha20_Poly1305_64/src/sources.list b/ChaCha20_Poly1305_64/src/sources.list index 80637d1..b1502ca 100644 --- a/ChaCha20_Poly1305_64/src/sources.list +++ b/ChaCha20_Poly1305_64/src/sources.list @@ -1,4 +1,6 @@ chacha20_qr.sv chacha20_block.sv chacha20_pipelined_round.sv -chacha20_pipelined_block.sv \ No newline at end of file +chacha20_pipelined_block.sv + +poly1305_core.sv \ No newline at end of file