本文整理自青岛科技大学信息学院集成专业或微电子学院曲老师讲课实验,本着学术分享的精神发布此文,请勿用于商业用途,具体声明见文末,若侵删。
AES密码处理器体系结构设计
一、实验目的
理解并掌握AES算法的细节,提出一个AES 密码处理器的体系结构设计方案。
二、实验内容
1、学习AES算法,理解并掌握AES算法的原理、结构、流程及其需要的基本运算。
2、在对算法进行深入分析的基础上,提出一个AES密码处理器的体系结构设计方案。方案中应该包括以下内容:AES密码处理器外部信号说明、AES密码处理器由哪些子模块构成、各个子模块的功能说明、各子模块之间的相互关系与信号连接,各个子模块如何协调配合完成加/解密的原理和机制。除用语言描述之外,还要求用图和表格加以说明。
三、实验环境
PC机1台、Modelsim仿真软件1套。
四、实验步骤
1、AES算法学习和分析
1.1 AES的加密过程
AES的加密过程可以用下面的伪语言代码描述:1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19Cipher(plaintext,ciphertext,CiperKey) {
//初始化
State = plaintext;
KeyExpansion(CipherKey, ExpandedKey);
//生成扩展密钥ExpandedKey
AddRoundKey(State, ExpandedKey);
//前Nr – 1轮
for(r=1;r<Nr;r++){
SubBytes(State);
ShiftRow(State);
MixColumn(State);
AddRoundKey(State, ExpandedKey);
}
//最后一轮
SubBytes(State);
ShiftRow(State);
AddRoundKey(State, ExpandedKey);
Ciphertext = state;
}
其中plaintext是输入明文,可以定义成plaintext[4×Nb]数组;ciphertext是输出密文,可以定义成ciphertext[4×Nb]数组;CipherKey是加密密钥,可以定义成CipherKey[4×Nk]数组;圈密钥ExpandedKey可表示成w[Nb×(Nr+1)]数组;State是状态,整个加密过程都是针对State进行的。
(1)S盒变换 SubBytes()
S盒变换又称字节替代变换,是一个针对字节的非线性、可逆变换。它将状态中的每一个字节进行非线性变换转换为另一个字节,作用在状态上每个字节的变换可以表示为SubBytes(state)。可以将变换SubBytes()对各种可能字节的变换结果排成一个表,如表2-3所示,该表称为AES的S盒。通过查表可以直接得到SubBytes()的输出,这样可以加快程序执行的速度。如果状态中的一个字节为xy,则S盒中第x行第y列的字节就是SubBytes()的输出。
(2)行移位变换 ShiftRows()
行移位是将状态阵列的各行进行循环移位,不同状态行的位移量不同。第0行不移位,保持不变,第1行移动C1个字节,第2行移动C2个字节,第3行移动C3个字节。C1,C2,C3值依赖于分组长度Nb的大小。位移量C1、C2和C3与分组长度Nb有关,如下表:
在AES加密标准中Nb=4。
(3)列混合变换MixColumns()
列混合变换是对一个状态逐列进行变换,它将一个状态的每一列视为有限域GF(28)上的一个多项式。
令
则
其中,
,是AES选择的一个逆元多项式,
表示模
乘法。
将
表示为矩阵乘法:
(2-3)
相乘之后每一列的结果如下:
(4)轮密钥加AddRoundKey()变换
轮密钥加是将轮密钥简单地与状态矩阵进行逐比特异或运算。每个轮密钥由密钥扩展算法得到,轮密钥的长度为Nb个字。轮密钥按顺序取自扩展密钥ExpandedKey,扩展密钥是由原始密钥经过扩展后得到的,扩展密钥的长度为Nb(Nr+1)个字。
1.2 AES的解密过程
AES解密过程是加密过程的逆过程,可用伪代码描述为:1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16InvCipher(byte in[4*4],byte out[4*4],word w[4*(Nr+1)])
Begin
Byte state[4,4]
State=in
AddRoundKey(state, w[Nr*4,(Nr+1)*4-1])
For round= Nr-1 step -1 to 1
InvShiftRows(state)
InvSubBytes(state)
AddRoundKey(state,w[round*4,(round+1)*4-1])
InvMixColumns(state)
End for
InvShiftRows(state)
InvSubBytes(state)
AddRoundKey(state, w[0,3])
Out=state
End
(1) 逆字节变换(InvSubBytes)
逆字节替换InvSubBytes是字节替换SubBytes的逆变换,它与SubBytes变换的运算过程刚好相反,通过如下两步实现:首先进行与SubBytes相同的仿射变换的逆变换,最后求其逆。
同样的,InvSubBytes也可以用S盒查找表的方式实现,该查找表被称为逆S盒,如表2-3所示。
(2) 逆行移位变换(InvShiftRows)
逆行移位变换InvShiftRows是行移位变换ShiftRows的逆过程。即状态矩阵的后3行依次左循环移动3,2,1个字节,如下图所示。
(3) 逆列混合变换(InvMixColumns)
逆列混合变换InvMixColumns与列混合变换MixColumns相似,只是固定多项式变为a(x)的逆a-1(x) ,则a-1(x)= {0b}x3+{0d}x2+{09}x+{0e}。
同样基于以上的状态转换,解密运算的InvMixColumns可以表示为式2-3。
1.3 AES的密钥扩展过程
AES算法得到初始密钥K后,首先经过一个密钥扩展过程以产生所有的轮密钥。密钥扩展共产生Nb ( Nr+1 )个字,算法初始需要一个Nb个字的集合,接着每个轮操作都需要Nb个字的密钥数据。最终的密钥流程共包含了一个4字节字的线性数组,用[wi]表示,
。
扩展密钥程序涉及RotWord()、SubWord()和Rcon()模块。它们的工作方式如下:
(1) 位置变换RotWord():把一个4字节的输入序列(a0,a1,a2,a3)循环左移一个字节后输出。例如将(a0,a1,a2,a3)循环左移一个字节后输出为(a1,a2,a3,a0)。
(2) SubWord():把一个4字节的输入序列(a0,a1,a2,a3)的每一个字节进行S盒变换,然后作为输出。
(3) 变换Rcon[]:Rcon[]是一个10个字节的常量数组,Rcon[i]是一个32比特字符串(xi-1,00,00,00)。这里x=(02),xi-1是x=(02)的(i-1)次幂的十六进制表示,即 x0=(01),x=(02),xi={02}·xi-1。这里“·”表示有限域GF(28)中的乘法。
密钥扩展前Nk个字就是外部密钥CipherKey,以后的字w[i]等于它前一个字w[i-1]与前Nk个字w[i-Nk]的异或,w[i] =w[i-Nk]⊕SubWord(RotWord(w[i-1]))⊕Rcon[i/Nk]。
输入密钥扩展的整个过程可以用下面的程序段描述:1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20KeyExpansion(byte key[4*NK],word w[Nb*(Nr+1)],Nk)
begin
word temp
i=0
while (i < Nk)
w[i]=word(key[4 * i],]key[4 * i+1],key[4 * i+2],key[4 * i+3]
i = i+1
end while
i = Nk
while (i < Nb * (Nr+1))
temp = w[i - 1]
if ( i mod Nk = 0 )
temp = Subword(Rotword(temp)) xor Rcon[i/Nk]
else if (Nk > 6 and i mod Nk = 4)
temp = Subword (temp)
end if
w [i] = w[i - Nk] xor temp
i = i +1
end while
end
2、AES密码处理器的体系结构设计
2.1 AES密码处理器框图及外部信号说明
2.2 AES密码处理器体系结构
AES模块包括明/密文和密钥寄存器、密钥扩展、加/解密运算、控制等多个子模块,其系统结构图如下图所示。
明文/密文/密钥寄存器是一个128位的寄存器,用于保存从外部输入的明文/密文/密钥。为了与USB接口芯片的数据总线宽度相匹配,其输入数据宽度定为16位,为了提高AES模块内部的处理速度,同时为了与AES分组长度相匹配,其输出数据的宽度定为128位。
其详细功能描述如下:在时钟信号clk的上升沿,若寄存器写使能信号write有效,则将输入数据总线din上的16位数据写入明文/密文/密钥寄存器的高16位,同时将寄存器原来的数据右移16位放入寄存器的低112位。若寄存器写使能信号write无效,则寄存器保持原来的数据不变。由此可见,1个128位的数据需要经过8个时钟周期,通过8次写操作才能装入寄存器。
2.3密钥扩展子模块体系结构
电路结构如下:
密钥扩展模块的外部信号如下表所示:
密钥扩展模块由1个128位的轮密钥寄存器rndkreg、1个11*128的轮密钥寄存器堆rndkrf、1个轮常数产生模块rcon、1个字节代替模块subword、1个32位的循环左移移位器rotword、1个128位的二选一选通器MUX以及5个32位异或器构成。
其电路工作原理如下:
在进行密钥扩展之前,首先令复位信号rst=1,以便使轮常数产生模块输出第1个轮常数。
然后,在第1个时钟周期,通过选通器选择种子密钥key作为第1个子密钥,并在本周期结束时的时钟上升沿,将其同时保存到轮密钥寄存器rndkreg和轮密钥寄存器堆rndkrf。
在第2个时钟周期,对保存在轮密钥寄存器rndkreg中的第1个子密钥先后进行循环左移、字节代替变换、异或、选通操作得到第2个子密钥,并在本周期结束时的时钟上升沿,将其同时保存到轮密钥寄存器rndkreg和轮密钥寄存器堆rndkrf。
重复第2个时钟周期的操作10次,就可以得到AES第1-10轮迭代所需要的轮密钥。
这样,经过11个时钟周期之后,AES加密/解密所需的全部11个子密钥就都产生出来了,并且被保存在轮密钥寄存器堆rndkrf中。
其中,循环左移运算实现对一个32位的数据循环左移8位,在电路实现时通过硬件连线即可实现,无须设计专门的移位电路。
字节代替变换由4个8*8 S盒实现,S盒采用查表方式实现。为了充分利用cyclone FPGA中的RAM资源,减少LE(逻辑单元)的使用数量,我们利用cyclone FPGA中的RAM构建了一个8*8的ROM作为S盒,该ROM共有256个的存储单元,每个存储单元存储一个字节,这256个字节就是实现S盒变换的查找表。该ROM可以利用quartus II的megafunction工具自动生成,但需要注意的是该ROM的地址要经寄存器锁存以后才能进入ROM,因此在地址有效的下一个周期才能在ROM的输出端口得到读出的数据。
二选一选通器MUX用于选择外部输入的种子密钥或者内部逻辑产生的数据作为子密钥。
轮密钥寄存器rndkreg是1个128位的寄存器,用于暂时保存当前产生的子密钥,以便产生下一个子密钥时使用。
轮密钥寄存器堆rndkrf共有11个128位的存储单元,用于保存密钥扩展以后的全部11个子密钥,供AES加密/解密使用。
轮常数产生模块rcon由1个8位寄存器和轮常数产生逻辑构成,当复位时,寄存器输出第一个轮常数,当轮常数寄存器写使能信号rconen有效时,将由轮常数产生逻辑产生的下一个轮常数写入轮常数寄存器。
2.4加密/解密子模块体系结构
电路结构图:
AES加密/解密模块的外部信号如下表所示:
AES加密算法和解密算法所使用的变换大多相同或相似,因此其电路结构也非常类似,有很多资源可以共享。为了减少电路规模,我们采用一套电路分时实现AES加密和解密。
AES加密过程由一个初始密钥加(异或)变换和十个轮变换构成,其中除第10个轮变换外,每个轮变换都是一样的,都是由字节代替(S盒变换)、行移位、列混合、密钥加4个子变换组成,第10个轮变换由字节代替、行移位、密钥加3个子变换组成,不包括列混合变换。
为了进一步减少电路的规模,我们仅实现一个轮变换的电路,用循环迭代的方式实现十轮变换。
AES加密/解密模块的工作原理如下:
(1)加密流程:首先将S盒配置为加密S盒,即在使能信号wrsben和地址信号wrsbaddr的控制下,通过S盒配置数据端口sbdata将加密S盒配置数据写入16个S盒sbox0~sbox15。然后实现初始密钥加变换,即在选择信号keyadsel的控制下,通过四选一选通器选择外部输入明文数据intxt,与初始子密钥roundkey进行异或操作,并在选择信号reginsel的控制下,通过二选一选通器将异或操作的结果e0~e15保存到S盒的输入寄存器。接下来进行第一轮加密变换,即初始密钥加变换的结果经sbox0~sbox15完成S盒变换后,在选择信号mixsel的控制下,通过二选一选通器进入byte0203模块,完成02乘字节和03乘字节运算,然后进行(5)式中前4项的异或运算,得结果c0~c15, 在选择信号keyadsel的控制下,通过四选一选通器选择c0~c15与第一轮子密钥进行异或操作,从而得到第一轮加密变换的结果e0~e15,并将其保存到S盒的输入寄存器,作为下一轮加密变换的输入数据。依次类推,可以完成第1-9轮加密变换。最后进行第10轮加密变换,即第9轮加密变换变换的结果经sbox0~sbox15完成S盒变换后,在选择信号keyadsel的控制下,通过四选一选通器选择恰当的S盒输出与第10轮子密钥进行异或操作,即可得到密文,最后将其保存到结果寄存器resultreg。初始密钥加变换和每轮加密变换都在一个周期内完成,因此上述加密过程共需要11个时钟周期。
(2)解密流程:首先将S盒配置为解密S盒,配置过程与加密S盒配置过程一样,只是配置数据不同。然后实现初始密钥加变换,即在选择信号keyadsel的控制下,通过四选一选通器选择外部输入密文数据intxt,与初始子密钥roundkey进行异或操作,并在选择信号reginsel的控制下,通过二选一选通器将异或操作的结果e0~e15保存到S盒的输入寄存器。接下来进行第一轮解密变换,即初始密钥加变换的结果经sbox0~sbox15完成逆S盒变换后,再与第一轮子密钥进行异或操作,然后在选择信号mixsel的控制下,通过二选一选通器进入byte0203模块和byte9bde模块,完成进行逆列混合变换所需要的字节乘法运算(即09乘字节、0b乘字节、0d乘字节和0e乘字节),然后通过一系列异或运算得列混合变换的结果g0~g15, 在选择信号reginsel的控制下,通过二选一选通器选择g0~g15输出,从而得到第一轮解密变换的结果h,并将其保存到S盒的输入寄存器,作为下一轮解密变换的输入数据。依次类推,可以完成第1-9轮解密变换。最后进行第10轮解密变换,即第9轮加密变换变换的结果经sbox0~sbox15完成逆S盒变换后,在选择信号keyadsel的控制下,通过四选一选通器选择恰当的S盒输出与第10轮子密钥进行异或操作,即可得到明文,最后将其保存到结果寄存器resultreg。初始密钥加变换和每轮解密变换都在一个周期内完成,因此上述解密过程共需要11个时钟周期。需要注意的是,解密过程使用的子密钥与加密过程使用的子密钥相同,但使用顺序恰好相反。
2.5控制子模块体系结构
AES控制模块由密钥扩展状态机、加密状态机、解密状态机以及其它少量组合逻辑构成。
其中密钥扩展状态机用于控制密钥扩展过程的执行,加密状态机用于控制加密过程的执行,解密状态机用于控制解密过程的执行。
AES控制模块的电路结构图如下:
AES控制模块的外部信号表:
五、实验总结
通过这次实验,理解并掌握了AES算法的细节,提出了一个AES 密码处理器的体系结构设计方案,建立了RTL Verilog模型,进行了功能仿真、综合、布局布线、静态时序分析及时序仿真。
通过学习在算法上了解了AES加密算法,在各模块设计上用伪代码进行设计,最后用Verilog硬件描述语言进行详细设计
AES密码处理器密钥扩展模块设计与仿真
一、实验目的
掌握AES密码处理器的密钥扩展模块的设计方法。
二、实验内容
1、利用Verilog HDL设计AES密码处理器的密钥扩展模块。
2、利用Modelsim仿真软件对所设计AES密码处理器的密钥扩展模块进行功能仿真。
三、实验环境
PC机1台、Modelsim仿真软件1套。
四、实验步骤
1、电路结构设计
密钥扩展模块的外部信号如下表所示:
密钥扩展模块由1个128位的轮密钥寄存器rndkreg、1个11*128的轮密钥寄存器堆rndkrf、1个轮常数产生模块rcon、1个字节代替模块subword、1个32位的循环左移移位器rotword、1个128位的二选一选通器MUX以及5个32位异或器构成。
其电路工作原理如下:
在进行密钥扩展之前,首先令复位信号rst=1,以便使轮常数产生模块输出第1个轮常数。
然后,在第1个时钟周期,通过选通器选择种子密钥key作为第1个子密钥,并在本周期结束时的时钟上升沿,将其同时保存到轮密钥寄存器rndkreg和轮密钥寄存器堆rndkrf。
在第2个时钟周期,对保存在轮密钥寄存器rndkreg中的第1个子密钥先后进行循环左移、字节代替变换、异或、选通操作得到第2个子密钥,并在本周期结束时的时钟上升沿,将其同时保存到轮密钥寄存器rndkreg和轮密钥寄存器堆rndkrf。
重复第2个时钟周期的操作10次,就可以得到AES第1-10轮迭代所需要的轮密钥。
这样,经过11个时钟周期之后,AES加密/解密所需的全部11个子密钥就都产生出来了,并且被保存在轮密钥寄存器堆rndkrf中。
其中,循环左移运算实现对一个32位的数据循环左移8位,在电路实现时通过硬件连线即可实现,无须设计专门的移位电路。
字节代替变换由4个8*8 S盒实现,S盒采用查表方式实现。为了充分利用cyclone FPGA中的RAM资源,减少LE(逻辑单元)的使用数量,我们利用cyclone FPGA中的RAM构建了一个8*8的ROM作为S盒,该ROM共有256个的存储单元,每个存储单元存储一个字节,这256个字节就是实现S盒变换的查找表。该ROM可以利用quartus II的megafunction工具自动生成,但需要注意的是该ROM的地址要经寄存器锁存以后才能进入ROM,因此在地址有效的下一个周期才能在ROM的输出端口得到读出的数据。
二选一选通器MUX用于选择外部输入的种子密钥或者内部逻辑产生的数据作为子密钥。
轮密钥寄存器rndkreg是1个128位的寄存器,用于暂时保存当前产生的子密钥,以便产生下一个子密钥时使用。
轮密钥寄存器堆rndkrf共有11个128位的存储单元,用于保存密钥扩展以后的全部11个子密钥,供AES加密/解密使用。
轮常数产生模块rcon由1个8位寄存器和轮常数产生逻辑构成,当复位时,寄存器输出第一个轮常数,当轮常数寄存器写使能信号rconen有效时,将由轮常数产生逻辑产生的下一个轮常数写入轮常数寄存器。
2、建立Verilog模型1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391module keyexp(clk,rst,keysel,rndkren,wrrndkrf,addr,rconen,key,rndkrfout);
output[127:0] rndkrfout;
input clk,rst,keysel,rndkren,wrrndkrf,rconen;
input[3:0] addr;
input[127:0] key;
wire [127:0] rndkey,rndkrout,rndkrfout;
wire [31:0] w4,w5,w6,w7,rotword,subword,xorrcon;
wire [7:0] rconout;
assign rndkey=(keysel==0) ? key:{w4,w5,w6,w7};
reg_128 rndkreg(clk,rndkren,rndkey,rndkrout);
rndkrf rndkrf(clk,wrrndkrf,addr,rndkey,rndkrfout);
assign rotword={rndkrout[23:0],rndkrout[31:24]};
sbox_mux sbox0(rotword[31:24],subword[31:24]);
sbox_mux sbox1(rotword[23:16],subword[23:16]);
sbox_mux sbox2(rotword[15:8],subword[15:8]);
sbox_mux sbox3(rotword[7:0],subword[7:0]);
rcon rcon(clk,rst,rconen,rconout);
assign xorrcon=subword^{rconout,24'h000000};
assign w4=xorrcon^rndkrout[127:96];
assign w5=w4^rndkrout[95:64];
assign w6=w5^rndkrout[63:32];
assign w7=w6^rndkrout[31:0];
endmodule
module reg_128(clk,write,din,dout);
output [127:0] dout;
input clk,write;
input [127:0] din;
reg [127:0] dout;
always @ (posedge clk)
begin
if(write)
dout<=din;
else
dout<=dout;
end
endmodule
module rcon(clk,rst,write,rconout);
output [7:0] rconout;
input clk,rst,write;
reg [7:0] rconout;
always @ (posedge clk)
begin
if(rst)
rconout<=8'h01;
else if(write)
rconout<=(rconout[7]==0)? (rconout<<1):((rconout<<1)^{8'h1b});
else
rconout<=rconout;
end
endmodule
module rndkrf(clk,wrrndkrf,addr,rndkey,rndkrfout);
input clk,wrrndkrf;
input [3:0] addr;
input [127:0] rndkey;
output [127:0] rndkrfout;
reg [10:0] decout;
wire [10:0] write_reg;
wire [127:0] reg0out,reg1out,reg2out,reg3out,reg4out,reg5out,reg6out,reg7out,reg8out,reg9out,reg10out;
reg [127:0] rndkrfout;
always @ (addr)
case(addr)
4'd0: decout=11'b000_0000_0001;
4'd1: decout=11'b000_0000_0010;
4'd2: decout=11'b000_0000_0100;
4'd3: decout=11'b000_0000_1000;
4'd4: decout=11'b000_0001_0000;
4'd5: decout=11'b000_0010_0000;
4'd6: decout=11'b000_0100_0000;
4'd7: decout=11'b000_1000_0000;
4'd8: decout=11'b001_0000_0000;
4'd9: decout=11'b010_0000_0000;
4'd10: decout=11'b100_0000_0000;
default: decout=11'b000_0000_0000;
endcase
assign write_reg=decout & {wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf};
reg_128 reg0(clk,write_reg[0],rndkey,reg0out);
reg_128 reg1(clk,write_reg[1],rndkey,reg1out);
reg_128 reg2(clk,write_reg[2],rndkey,reg2out);
reg_128 reg3(clk,write_reg[3],rndkey,reg3out);
reg_128 reg4(clk,write_reg[4],rndkey,reg4out);
reg_128 reg5(clk,write_reg[5],rndkey,reg5out);
reg_128 reg6(clk,write_reg[6],rndkey,reg6out);
reg_128 reg7(clk,write_reg[7],rndkey,reg7out);
reg_128 reg8(clk,write_reg[8],rndkey,reg8out);
reg_128 reg9(clk,write_reg[9],rndkey,reg9out);
reg_128 reg10(clk,write_reg[10],rndkey,reg10out);
always @(addr or reg0out or reg1out or reg2out or reg3out or reg4out or reg5out or reg6out or reg7out or reg8out or reg9out or reg10out)
case(addr)
4'd0: rndkrfout=reg0out;
4'd1: rndkrfout=reg1out;
4'd2: rndkrfout=reg2out;
4'd3: rndkrfout=reg3out;
4'd4: rndkrfout=reg4out;
4'd5: rndkrfout=reg5out;
4'd6: rndkrfout=reg6out;
4'd7: rndkrfout=reg7out;
4'd8: rndkrfout=reg8out;
4'd9: rndkrfout=reg9out;
4'd10: rndkrfout=reg10out;
default: rndkrfout=reg10out;
endcase
endmodule
module sbox_mux(in,out);
output[7:0] out;
input[7:0] in;
reg [7:0] out;
always@(in)
case(in)
8'h00: out=8'h63;
8'h01: out=8'h7c;
8'h02: out=8'h77;
8'h03: out=8'h7b;
8'h04: out=8'hf2;
8'h05: out=8'h6b;
8'h06: out=8'h6f;
8'h07: out=8'hc5;
8'h08: out=8'h30;
8'h09: out=8'h01;
8'h0a: out=8'h67;
8'h0b: out=8'h2b;
8'h0c: out=8'hfe;
8'h0d: out=8'hd7;
8'h0e: out=8'hab;
8'h0f: out=8'h76;
8'h10: out=8'hca;
8'h11: out=8'h82;
8'h12: out=8'hc9;
8'h13: out=8'h7d;
8'h14: out=8'hfa;
8'h15: out=8'h59;
8'h16: out=8'h47;
8'h17: out=8'hf0;
8'h18: out=8'had;
8'h19: out=8'hd4;
8'h1a: out=8'ha2;
8'h1b: out=8'haf;
8'h1c: out=8'h9c;
8'h1d: out=8'ha4;
8'h1e: out=8'h72;
8'h1f: out=8'hc0;
8'h20: out=8'hb7;
8'h21: out=8'hfd;
8'h22: out=8'h93;
8'h23: out=8'h26;
8'h24: out=8'h36;
8'h25: out=8'h3f;
8'h26: out=8'hf7;
8'h27: out=8'hcc;
8'h28: out=8'h34;
8'h29: out=8'ha5;
8'h2a: out=8'he5;
8'h2b: out=8'hf1;
8'h2c: out=8'h71;
8'h2d: out=8'hd8;
8'h2e: out=8'h31;
8'h2f: out=8'h15;
8'h30: out=8'h04;
8'h31: out=8'hc7;
8'h32: out=8'h23;
8'h33: out=8'hc3;
8'h34: out=8'h18;
8'h35: out=8'h96;
8'h36: out=8'h05;
8'h37: out=8'h9a;
8'h38: out=8'h07;
8'h39: out=8'h12;
8'h3a: out=8'h80;
8'h3b: out=8'he2;
8'h3c: out=8'heb;
8'h3d: out=8'h27;
8'h3e: out=8'hb2;
8'h3f: out=8'h75;
8'h40: out=8'h09;
8'h41: out=8'h83;
8'h42: out=8'h2c;
8'h43: out=8'h1a;
8'h44: out=8'h1b;
8'h45: out=8'h6e;
8'h46: out=8'h5a;
8'h47: out=8'ha0;
8'h48: out=8'h52;
8'h49: out=8'h3b;
8'h4a: out=8'hd6;
8'h4b: out=8'hb3;
8'h4c: out=8'h29;
8'h4d: out=8'he3;
8'h4e: out=8'h2f;
8'h4f: out=8'h84;
8'h50: out=8'h53;
8'h51: out=8'hd1;
8'h52: out=8'h00;
8'h53: out=8'hed;
8'h54: out=8'h20;
8'h55: out=8'hfc;
8'h56: out=8'hb1;
8'h57: out=8'h5b;
8'h58: out=8'h6a;
8'h59: out=8'hcb;
8'h5a: out=8'hbe;
8'h5b: out=8'h39;
8'h5c: out=8'h4a;
8'h5d: out=8'h4c;
8'h5e: out=8'h58;
8'h5f: out=8'hcf;
8'h60: out=8'hd0;
8'h61: out=8'hef;
8'h62: out=8'haa;
8'h63: out=8'hfb;
8'h64: out=8'h43;
8'h65: out=8'h4d;
8'h66: out=8'h33;
8'h67: out=8'h85;
8'h68: out=8'h45;
8'h69: out=8'hf9;
8'h6a: out=8'h02;
8'h6b: out=8'h7f;
8'h6c: out=8'h50;
8'h6d: out=8'h3c;
8'h6e: out=8'h9f;
8'h6f: out=8'ha8;
8'h70: out=8'h51;
8'h71: out=8'ha3;
8'h72: out=8'h40;
8'h73: out=8'h8f;
8'h74: out=8'h92;
8'h75: out=8'h9d;
8'h76: out=8'h38;
8'h77: out=8'hf5;
8'h78: out=8'hbc;
8'h79: out=8'hb6;
8'h7a: out=8'hda;
8'h7b: out=8'h21;
8'h7c: out=8'h10;
8'h7d: out=8'hff;
8'h7e: out=8'hf3;
8'h7f: out=8'hd2;
8'h80: out=8'hcd;
8'h81: out=8'h0c;
8'h82: out=8'h13;
8'h83: out=8'hec;
8'h84: out=8'h5f;
8'h85: out=8'h97;
8'h86: out=8'h44;
8'h87: out=8'h17;
8'h88: out=8'hc4;
8'h89: out=8'ha7;
8'h8a: out=8'h7e;
8'h8b: out=8'h3d;
8'h8c: out=8'h64;
8'h8d: out=8'h5d;
8'h8e: out=8'h19;
8'h8f: out=8'h73;
8'h90: out=8'h60;
8'h91: out=8'h81;
8'h92: out=8'h4f;
8'h93: out=8'hdc;
8'h94: out=8'h22;
8'h95: out=8'h2a;
8'h96: out=8'h90;
8'h97: out=8'h88;
8'h98: out=8'h46;
8'h99: out=8'hee;
8'h9a: out=8'hb8;
8'h9b: out=8'h14;
8'h9c: out=8'hde;
8'h9d: out=8'h5e;
8'h9e: out=8'h0b;
8'h9f: out=8'hdb;
8'ha0: out=8'he0;
8'ha1: out=8'h32;
8'ha2: out=8'h3a;
8'ha3: out=8'h0a;
8'ha4: out=8'h49;
8'ha5: out=8'h06;
8'ha6: out=8'h24;
8'ha7: out=8'h5c;
8'ha8: out=8'hc2;
8'ha9: out=8'hd3;
8'haa: out=8'hac;
8'hab: out=8'h62;
8'hac: out=8'h91;
8'had: out=8'h95;
8'hae: out=8'he4;
8'haf: out=8'h79;
8'hb0: out=8'he7;
8'hb1: out=8'hc8;
8'hb2: out=8'h37;
8'hb3: out=8'h6d;
8'hb4: out=8'h8d;
8'hb5: out=8'hd5;
8'hb6: out=8'h4e;
8'hb7: out=8'ha9;
8'hb8: out=8'h6c;
8'hb9: out=8'h56;
8'hba: out=8'hf4;
8'hbb: out=8'hea;
8'hbc: out=8'h65;
8'hbd: out=8'h7a;
8'hbe: out=8'hae;
8'hbf: out=8'h08;
8'hc0: out=8'hba;
8'hc1: out=8'h78;
8'hc2: out=8'h25;
8'hc3: out=8'h2e;
8'hc4: out=8'h1c;
8'hc5: out=8'ha6;
8'hc6: out=8'hb4;
8'hc7: out=8'hc6;
8'hc8: out=8'he8;
8'hc9: out=8'hdd;
8'hca: out=8'h74;
8'hcb: out=8'h1f;
8'hcc: out=8'h4b;
8'hcd: out=8'hbd;
8'hce: out=8'h8b;
8'hcf: out=8'h8a;
8'hd0: out=8'h70;
8'hd1: out=8'h3e;
8'hd2: out=8'hb5;
8'hd3: out=8'h66;
8'hd4: out=8'h48;
8'hd5: out=8'h03;
8'hd6: out=8'hf6;
8'hd7: out=8'h0e;
8'hd8: out=8'h61;
8'hd9: out=8'h35;
8'hda: out=8'h57;
8'hdb: out=8'hb9;
8'hdc: out=8'h86;
8'hdd: out=8'hc1;
8'hde: out=8'h1d;
8'hdf: out=8'h9e;
8'he0: out=8'he1;
8'he1: out=8'hf8;
8'he2: out=8'h98;
8'he3: out=8'h11;
8'he4: out=8'h69;
8'he5: out=8'hd9;
8'he6: out=8'h8e;
8'he7: out=8'h94;
8'he8: out=8'h9b;
8'he9: out=8'h1e;
8'hea: out=8'h87;
8'heb: out=8'he9;
8'hec: out=8'hce;
8'hed: out=8'h55;
8'hee: out=8'h28;
8'hef: out=8'hdf;
8'hf0: out=8'h8c;
8'hf1: out=8'ha1;
8'hf2: out=8'h89;
8'hf3: out=8'h0d;
8'hf4: out=8'hbf;
8'hf5: out=8'he6;
8'hf6: out=8'h42;
8'hf7: out=8'h68;
8'hf8: out=8'h41;
8'hf9: out=8'h99;
8'hfa: out=8'h2d;
8'hfb: out=8'h0f;
8'hfc: out=8'hb0;
8'hfd: out=8'h54;
8'hfe: out=8'hbb;
8'hff: out=8'h16;
endcase
endmodule
3、设计测试文件1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
module keyexp_tb;
wire[127:0] rndkrfout;
reg clk,rst,keysel,rndkren,wrrndkrf,rconen;
reg [3:0] addr;
reg [127:0] key;
keyexp kexp(clk,rst,keysel,rndkren,wrrndkrf,addr,rconen,key,rndkrfout);
//clock generation
initial clk = 1;
always #50 clk = ~clk;
initial
begin
#20 rst=1;
#100 rst=0;
keysel=0;
rndkren=1;
wrrndkrf=1;
addr=4'd0;
rconen=0;
key=128'h2b7e1516_28aed2a6_abf71588_09cf4f3c;
#100 addr=4'd1;
rconen=1;
keysel=1;
#100 addr=4'd2;
#100 addr=4'd3;
#100 addr=4'd4;
#100 addr=4'd5;
#100 addr=4'd6;
#100 addr=4'd7;
#100 addr=4'd8;
#100 addr=4'd9;
#100 addr=4'd10;
#100 rndkren=0;
wrrndkrf=0;
rconen=0;
#100 addr=4'd0;
#100 addr=4'd1;
#100 addr=4'd2;
#100 addr=4'd3;
#100 addr=4'd4;
#100 addr=4'd5;
#100 addr=4'd6;
#100 addr=4'd7;
#100 addr=4'd8;
#100 addr=4'd9;
#100 addr=4'd10;
#1020 rst=1;
#100 rst=0;
keysel=0;
rndkren=1;
wrrndkrf=1;
addr=4'd0;
rconen=0;
key=128'ha32bf2a3d443c60771230a2214575088;
#100 addr=4'd1;
rconen=1;
keysel=1;
#100 addr=4'd2;
#100 addr=4'd3;
#100 addr=4'd4;
#100 addr=4'd5;
#100 addr=4'd6;
#100 addr=4'd7;
#100 addr=4'd8;
#100 addr=4'd9;
#100 addr=4'd10;
#100 rndkren=0;
wrrndkrf=0;
rconen=0;
#100 addr=4'd0;
#100 addr=4'd1;
#100 addr=4'd2;
#100 addr=4'd3;
#100 addr=4'd4;
#100 addr=4'd5;
#100 addr=4'd6;
#100 addr=4'd7;
#100 addr=4'd8;
#100 addr=4'd9;
#100 addr=4'd10;
#200 $stop;
end
endmodule
4、将设计文件和测试文件输入Modelsim仿真工具,并进行编译和功能仿真。
5、观测仿真波形图,分析结果是否正确。若有错误,则修改设计文件或测试文件,重新编译和仿真。
五、实验结果
参见Modelsim中的仿真波形图,列出下列实验结果表:
波形图如下:
六、实验结论
本实验设计了AES密码处理器的密钥扩展模块的Verilog模型及其测试程序,并选择了两个不同的种子密钥对其进行了密钥扩展功能仿真,仿真结果全部正确,这说明所设计的密钥扩展模块的功能是正确的。
仿真时将两个子密钥放在同一激励快中进行同时仿真,可以比较直观的观察数值的显示及变化过程,仿真波形图将种子密钥与产生的子密钥转换为16进制显示,使得结果数据更加直观方便。
AES密码处理器加密/解密模块设计与仿真
一、实验目的
掌握AES密码处理器加密模块的设计思想、原理和方法。
二、实验内容
1、设计AES密码处理器加密/解密模块的电路结构,利用Verilog HDL建立其RTL模型。
2、利用Modelsim仿真软件对所设计的AES密码处理器加密/解密模块的Verilog RTL模型进行功能仿真。
三、实验环境
PC机1台、Modelsim仿真软件1套。
四、实验步骤
1、电路结构设计
AES加密/解密模块的外部信号如下表所示:
AES加密算法和解密算法所使用的变换大多相同或相似,因此其电路结构也非常类似,有很多资源可以共享。为了减少电路规模,我们采用一套电路分时实现AES加密和解密。
AES加密过程由一个初始密钥加(异或)变换和十个轮变换构成,其中除第10个轮变换外,每个轮变换都是一样的,都是由字节代替(S盒变换)、行移位、列混合、密钥加4个子变换组成,第10个轮变换由字节代替、行移位、密钥加3个子变换组成,不包括列混合变换。
为了进一步减少电路的规模,我们仅实现一个轮变换的电路,用循环迭代的方式实现十轮变换。
设
表示每一轮变换的输入字节,
表示由4个输入字节构成的一个32位字,它是输入状态矩阵中的一列。
a=(a0,a1,a2,a3)表示输入状态矩阵。
令bi,j表示字节代替变换(记为 )后的字节,
ci,j表示行移位变换后的字节,
di,j表示列混合变换后的字节,
ei,j表示每一轮变换后的输出字节,
ki,j表示每一轮变换的密钥字节。
则根据AES加密算法的描述,对于第1-9轮变换,有下列式子成立:
将(1)式代入(2)式,(2)式代入(3)式,(3)式代入(4)式,得
在上式中,分别令j=0,1,2,3,我们就得到了经过一轮变换后的所有输出字节。
对于初始密钥加变换(可以看成是第0轮变换),其输出字节与输入字节之间的函数关系为: 
对于第10轮变换,其输出字节与输入字节之间的函数关系为:
由(5)、(6)、(7)式可以看出,AES加密过程包括字节代替(S盒)、02乘字节、03乘字节、异或共4种操作,因此只要在电路中设置相应的电路模块就可以实现加密功能。为了充分利用FPGA中的RAM资源,减少LE的资源占用,我们采用查表方式实现S盒变换。同时,为了与AES加密算法自身的并行性相匹配,我们在电路中设置了16个8*8S盒,16个02乘字节、03乘字节模块。另外,为了保存每轮加密变换的结果,在电路中还应该设置一个128位的寄存器。
加密流程:首先将S盒配置为加密S盒,即在使能信号wrsben和地址信号wrsbaddr的控制下,通过S盒配置数据端口sbdata将加密S盒配置数据写入16个S盒sbox0~sbox15。然后实现初始密钥加变换,即在选择信号keyadsel的控制下,通过四选一选通器选择外部输入明文数据intxt,与初始子密钥roundkey进行异或操作,并在选择信号reginsel的控制下,通过二选一选通器将异或操作的结果e0~e15保存到S盒的输入寄存器。接下来进行第一轮加密变换,即初始密钥加变换的结果经sbox0~sbox15完成S盒变换后,在选择信号mixsel的控制下,通过二选一选通器进入byte0203模块,完成02乘字节和03乘字节运算,然后进行(5)式中前4项的异或运算,得结果c0~c15, 在选择信号keyadsel的控制下,通过四选一选通器选择c0~c15与第一轮子密钥进行异或操作,从而得到第一轮加密变换的结果e0~e15,并将其保存到S盒的输入寄存器,作为下一轮加密变换的输入数据。依次类推,可以完成第1-9轮加密变换。最后进行第10轮加密变换,即第9轮加密变换变换的结果经sbox0~sbox15完成S盒变换后,在选择信号keyadsel的控制下,通过四选一选通器选择恰当的S盒输出与第10轮子密钥进行异或操作,即可得到密文,最后将其保存到结果寄存器resultreg。初始密钥加变换和每轮加密变换都在一个周期内完成,因此上述加密过程共需要11个时钟周期。
解密流程:首先将S盒配置为解密S盒,配置过程与加密S盒配置过程一样,只是配置数据不同。然后实现初始密钥加变换,即在选择信号keyadsel的控制下,通过四选一选通器选择外部输入密文数据intxt,与初始子密钥roundkey进行异或操作,并在选择信号reginsel的控制下,通过二选一选通器将异或操作的结果e0~e15保存到S盒的输入寄存器。接下来进行第一轮解密变换,即初始密钥加变换的结果经sbox0~sbox15完成逆S盒变换后,再与第一轮子密钥进行异或操作,然后在选择信号mixsel的控制下,通过二选一选通器进入byte0203模块和byte9bde模块,完成进行逆列混合变换所需要的字节乘法运算(即09乘字节、0b乘字节、0d乘字节和0e乘字节),然后通过一系列异或运算得列混合变换的结果g0~g15, 在选择信号reginsel的控制下,通过二选一选通器选择g0~g15输出,从而得到第一轮解密变换的结果h,并将其保存到S盒的输入寄存器,作为下一轮解密变换的输入数据。依次类推,可以完成第1-9轮解密变换。最后进行第10轮解密变换,即第9轮加密变换变换的结果经sbox0~sbox15完成逆S盒变换后,在选择信号keyadsel的控制下,通过四选一选通器选择恰当的S盒输出与第10轮子密钥进行异或操作,即可得到明文,最后将其保存到结果寄存器resultreg。初始密钥加变换和每轮解密变换都在一个周期内完成,因此上述解密过程共需要11个时钟周期。需要注意的是,解密过程使用的子密钥与加密过程使用的子密钥相同,但使用顺序恰好相反。
2、建立Verilog模型1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627module crydap(clk,wrsben,wrsbaddr,sbdata,keyadsel,mixsel,reginsel,wrregen,intxt,roundkey,outtxt);
output [127:0] outtxt;
input clk,wrsben,wrregen,mixsel,reginsel;
input [1:0] keyadsel;
input [3:0] wrsbaddr;
input [127:0] sbdata,intxt,roundkey;
wire [7:0] sb0out,sb1out,sb2out,sb3out,sb4out,sb5out,sb6out,sb7out;
wire [7:0] sb8out,sb9out,sb10out,sb11out,sb12out,sb13out,sb14out,sb15out;
wire [7:0] a0,b0,c0,a1,b1,c1,a2,b2,c2,a3,b3,c3,a4,b4,c4,a5,b5,c5;
wire [7:0] a6,b6,c6,a7,b7,c7,a8,b8,c8,a9,b9,c9,a10,b10,c10,a11,b11,c11;
wire [7:0] a12,b12,c12,a13,b13,c13,a14,b14,c14,a15,b15,c15;
wire [7:0] d0,d1,d2,d3,d4,d5,d6,d7,d8,d9,d10,d11,d12,d13,d14,d15;
wire [7:0] e0,e1,e2,e3,e4,e5,e6,e7,e8,e9,e10,e11,e12,e13,e14,e15;
wire [7:0] f0,f1,f2,f3,f4,f5,f6,f7,f8,f9,f10,f11,f12,f13,f14,f15;
wire [7:0] g0,g1,g2,g3,g4,g5,g6,g7,g8,g9,g10,g11,g12,g13,g14,g15;
wire [7:0] i0,i1,i2,i3,i4,i5,i6,i7,i8,i9,i10,i11,i12,i13,i14,i15;
wire [7:0] j0,j1,j2,j3,j4,j5,j6,j7,j8,j9,j10,j11,j12,j13,j14,j15;
wire [7:0] f002,f003,f009,f00b,f00d,f00e;
wire [7:0] f102,f103,f109,f10b,f10d,f10e;
wire [7:0] f202,f203,f209,f20b,f20d,f20e;
wire [7:0] f302,f303,f309,f30b,f30d,f30e;
wire [7:0] f402,f403,f409,f40b,f40d,f40e;
wire [7:0] f502,f503,f509,f50b,f50d,f50e;
wire [7:0] f602,f603,f609,f60b,f60d,f60e;
wire [7:0] f702,f703,f709,f70b,f70d,f70e;
wire [7:0] f802,f803,f809,f80b,f80d,f80e;
wire [7:0] f902,f903,f909,f90b,f90d,f90e;
wire [7:0] f1002,f1003,f1009,f100b,f100d,f100e;
wire [7:0] f1102,f1103,f1109,f110b,f110d,f110e;
wire [7:0] f1202,f1203,f1209,f120b,f120d,f120e;
wire [7:0] f1302,f1303,f1309,f130b,f130d,f130e;
wire [7:0] f1402,f1403,f1409,f140b,f140d,f140e;
wire [7:0] f1502,f1503,f1509,f150b,f150d,f150e;
wire [127:0] d,e,g,h;
sbox sbox0(clk,wrsben,wrsbaddr,sbdata,outtxt[127:120],sb0out);
sbox sbox1(clk,wrsben,wrsbaddr,sbdata,outtxt[119:112],sb1out);
sbox sbox2(clk,wrsben,wrsbaddr,sbdata,outtxt[111:104],sb2out);
sbox sbox3(clk,wrsben,wrsbaddr,sbdata,outtxt[103:96],sb3out);
sbox sbox4(clk,wrsben,wrsbaddr,sbdata,outtxt[95:88],sb4out);
sbox sbox5(clk,wrsben,wrsbaddr,sbdata,outtxt[87:80],sb5out);
sbox sbox6(clk,wrsben,wrsbaddr,sbdata,outtxt[79:72],sb6out);
sbox sbox7(clk,wrsben,wrsbaddr,sbdata,outtxt[71:64],sb7out);
sbox sbox8(clk,wrsben,wrsbaddr,sbdata,outtxt[63:56],sb8out);
sbox sbox9(clk,wrsben,wrsbaddr,sbdata,outtxt[55:48],sb9out);
sbox sbox10(clk,wrsben,wrsbaddr,sbdata,outtxt[47:40],sb10out);
sbox sbox11(clk,wrsben,wrsbaddr,sbdata,outtxt[39:32],sb11out);
sbox sbox12(clk,wrsben,wrsbaddr,sbdata,outtxt[31:24],sb12out);
sbox sbox13(clk,wrsben,wrsbaddr,sbdata,outtxt[23:16],sb13out);
sbox sbox14(clk,wrsben,wrsbaddr,sbdata,outtxt[15:8],sb14out);
sbox sbox15(clk,wrsben,wrsbaddr,sbdata,outtxt[7:0],sb15out);
mux21_8 mux21_8_0(mixsel,sb0out,e0,f0);
mux21_8 mux21_8_1(mixsel,sb1out,e1,f1);
mux21_8 mux21_8_2(mixsel,sb2out,e2,f2);
mux21_8 mux21_8_3(mixsel,sb3out,e3,f3);
mux21_8 mux21_8_4(mixsel,sb4out,e4,f4);
mux21_8 mux21_8_5(mixsel,sb5out,e5,f5);
mux21_8 mux21_8_6(mixsel,sb6out,e6,f6);
mux21_8 mux21_8_7(mixsel,sb7out,e7,f7);
mux21_8 mux21_8_8(mixsel,sb8out,e8,f8);
mux21_8 mux21_8_9(mixsel,sb9out,e9,f9);
mux21_8 mux21_8_10(mixsel,sb10out,e10,f10);
mux21_8 mux21_8_11(mixsel,sb11out,e11,f11);
mux21_8 mux21_8_12(mixsel,sb12out,e12,f12);
mux21_8 mux21_8_13(mixsel,sb13out,e13,f13);
mux21_8 mux21_8_14(mixsel,sb14out,e14,f14);
mux21_8 mux21_8_15(mixsel,sb15out,e15,f15);
byte0203 byte0203_0(f0,f002,f003);
byte0203 byte0203_1(f1,f102,f103);
byte0203 byte0203_2(f2,f202,f203);
byte0203 byte0203_3(f3,f302,f303);
byte0203 byte0203_4(f4,f402,f403);
byte0203 byte0203_5(f5,f502,f503);
byte0203 byte0203_6(f6,f602,f603);
byte0203 byte0203_7(f7,f702,f703);
byte0203 byte0203_8(f8,f802,f803);
byte0203 byte0203_9(f9,f902,f903);
byte0203 byte0203_10(f10,f1002,f1003);
byte0203 byte0203_11(f11,f1102,f1103);
byte0203 byte0203_12(f12,f1202,f1203);
byte0203 byte0203_13(f13,f1302,f1303);
byte0203 byte0203_14(f14,f1402,f1403);
byte0203 byte0203_15(f15,f1502,f1503);
byte9bde byte9bde_0(f0,f002,f003,f009,f00b,f00d,f00e);
byte9bde byte9bde_1(f1,f102,f103,f109,f10b,f10d,f10e);
byte9bde byte9bde_2(f2,f202,f203,f209,f20b,f20d,f20e);
byte9bde byte9bde_3(f3,f302,f303,f309,f30b,f30d,f30e);
byte9bde byte9bde_4(f4,f402,f403,f409,f40b,f40d,f40e);
byte9bde byte9bde_5(f5,f502,f503,f509,f50b,f50d,f50e);
byte9bde byte9bde_6(f6,f602,f603,f609,f60b,f60d,f60e);
byte9bde byte9bde_7(f7,f702,f703,f709,f70b,f70d,f70e);
byte9bde byte9bde_8(f8,f802,f803,f809,f80b,f80d,f80e);
byte9bde byte9bde_9(f9,f902,f903,f909,f90b,f90d,f90e);
byte9bde byte9bde_10(f10,f1002,f1003,f1009,f100b,f100d,f100e);
byte9bde byte9bde_11(f11,f1102,f1103,f1109,f110b,f110d,f110e);
byte9bde byte9bde_12(f12,f1202,f1203,f1209,f120b,f120d,f120e);
byte9bde byte9bde_13(f13,f1302,f1303,f1309,f130b,f130d,f130e);
byte9bde byte9bde_14(f14,f1402,f1403,f1409,f140b,f140d,f140e);
byte9bde byte9bde_15(f15,f1502,f1503,f1509,f150b,f150d,f150e);
assign a0=f002^f503;
assign b0=sb10out^sb15out;
assign c0=a0^b0;
mux41_8 mux41_8_0(keyadsel,intxt[127:120],c0,sb0out,sb0out,d0);
assign a1=sb0out^f502;
assign b1=f1003^sb15out;
assign c1=a1^b1;
mux41_8 mux41_8_1(keyadsel,intxt[119:112],c1,sb5out,sb13out,d1);
assign a2=sb0out^sb5out;
assign b2=f1002^f1503;
assign c2=a2^b2;
mux41_8 mux41_8_2(keyadsel,intxt[111:104],c2,sb10out,sb10out,d2);
assign a3=f003^sb5out;
assign b3=sb10out^f1502;
assign c3=a3^b3;
mux41_8 mux41_8_3(keyadsel,intxt[103:96],c3,sb15out,sb7out,d3);
assign a4=f402^f903;
assign b4=sb14out^sb3out;
assign c4=a4^b4;
mux41_8 mux41_8_4(keyadsel,intxt[95:88],c4,sb4out,sb4out,d4);
assign a5=sb4out^f902;
assign b5=f1403^sb3out;
assign c5=a5^b5;
mux41_8 mux41_8_5(keyadsel,intxt[87:80],c5,sb9out,sb1out,d5);
assign a6=sb4out^sb9out;
assign b6=f1402^f303;
assign c6=a6^b6;
mux41_8 mux41_8_6(keyadsel,intxt[79:72],c6,sb14out,sb14out,d6);
assign a7=f403^sb9out;
assign b7=sb14out^f302;
assign c7=a7^b7;
mux41_8 mux41_8_7(keyadsel,intxt[71:64],c7,sb3out,sb11out,d7);
assign a8=f802^f1303;
assign b8=sb2out^sb7out;
assign c8=a8^b8;
mux41_8 mux41_8_8(keyadsel,intxt[63:56],c8,sb8out,sb8out,d8);
assign a9=sb8out^f1302;
assign b9=f203^sb7out;
assign c9=a9^b9;
mux41_8 mux41_8_9(keyadsel,intxt[55:48],c9,sb13out,sb5out,d9);
assign a10=sb8out^sb13out;
assign b10=f202^f703;
assign c10=a10^b10;
mux41_8 mux41_8_10(keyadsel,intxt[47:40],c10,sb2out,sb2out,d10);
assign a11=f803^sb13out;
assign b11=sb2out^f702;
assign c11=a11^b11;
mux41_8 mux41_8_11(keyadsel,intxt[39:32],c11,sb7out,sb15out,d11);
assign a12=f1202^f103;
assign b12=sb6out^sb11out;
assign c12=a12^b12;
mux41_8 mux41_8_12(keyadsel,intxt[31:24],c12,sb12out,sb12out,d12);
assign a13=sb12out^f102;
assign b13=f603^sb11out;
assign c13=a13^b13;
mux41_8 mux41_8_13(keyadsel,intxt[23:16],c13,sb1out,sb9out,d13);
assign a14=sb12out^sb1out;
assign b14=f602^f1103;
assign c14=a14^b14;
mux41_8 mux41_8_14(keyadsel,intxt[15:8],c14,sb6out,sb6out,d14);
assign a15=f1203^sb1out;
assign b15=sb6out^f1102;
assign c15=a15^b15;
mux41_8 mux41_8_15(keyadsel,intxt[7:0],c15,sb11out,sb3out,d15);
assign d={d0,d1,d2,d3,d4,d5,d6,d7,d8,d9,d10,d11,d12,d13,d14,d15};
assign e={e0,e1,e2,e3,e4,e5,e6,e7,e8,e9,e10,e11,e12,e13,e14,e15};
assign g={g0,g1,g2,g3,g4,g5,g6,g7,g8,g9,g10,g11,g12,g13,g14,g15};
assign {e0,e1,e2,e3,e4,e5,e6,e7,e8,e9,e10,e11,e12,e13,e14,e15}=d^roundkey;
assign i0=f00e^f10b;
assign j0=f20d^f309;
assign g0=i0^j0;
assign i1=f009^f10e;
assign j1=f20b^f30d;
assign g1=i1^j1;
assign i2=f00d^f109;
assign j2=f20e^f30b;
assign g2=i2^j2;
assign i3=f00b^f10d;
assign j3=f209^f30e;
assign g3=i3^j3;
assign i4=f40e^f50b;
assign j4=f60d^f709;
assign g4=i4^j4;
assign i5=f409^f50e;
assign j5=f60b^f70d;
assign g5=i5^j5;
assign i6=f40d^f509;
assign j6=f60e^f70b;
assign g6=i6^j6;
assign i7=f40b^f50d;
assign j7=f609^f70e;
assign g7=i7^j7;
assign i8=f80e^f90b;
assign j8=f100d^f1109;
assign g8=i8^j8;
assign i9=f809^f90e;
assign j9=f100b^f110d;
assign g9=i9^j9;
assign i10=f80d^f909;
assign j10=f100e^f110b;
assign g10=i10^j10;
assign i11=f80b^f90d;
assign j11=f1009^f110e;
assign g11=i11^j11;
assign i12=f120e^f130b;
assign j12=f140d^f1509;
assign g12=i12^j12;
assign i13=f1209^f130e;
assign j13=f140b^f150d;
assign g13=i13^j13;
assign i14=f120d^f1309;
assign j14=f140e^f150b;
assign g14=i14^j14;
assign i15=f120b^f130d;
assign j15=f1409^f150e;
assign g15=i15^j15;
mux21_128 mux21_128_0(reginsel,e,g,h);
reg_128 resultreg(clk,wrregen,h,outtxt);
endmodule
module sbox(clk,write,wr_addr,din,rd_addr,dout);
input clk;
input write;
input [3:0] wr_addr;
input [127:0] din;
input [7:0] rd_addr;
output [7:0] dout;
reg [15:0] decout;
wire [15:0] write_reg;
wire [127:0] reg0out,reg1out,reg2out,reg3out,reg4out,reg5out,reg6out,reg7out,reg8out,reg9out,reg10out,reg11out,reg12out,reg13out,reg14out,reg15out;
reg [7:0] dout;
always @ (wr_addr)
case(wr_addr)
4'd0: decout=16'b0000_0000_0000_0001;
4'd1: decout=16'b0000_0000_0000_0010;
4'd2: decout=16'b0000_0000_0000_0100;
4'd3: decout=16'b0000_0000_0000_1000;
4'd4: decout=16'b0000_0000_0001_0000;
4'd5: decout=16'b0000_0000_0010_0000;
4'd6: decout=16'b0000_0000_0100_0000;
4'd7: decout=16'b0000_0000_1000_0000;
4'd8: decout=16'b0000_0001_0000_0000;
4'd9: decout=16'b0000_0010_0000_0000;
4'd10: decout=16'b0000_0100_0000_0000;
4'd11: decout=16'b0000_1000_0000_0000;
4'd12: decout=16'b0001_0000_0000_0000;
4'd13: decout=16'b0010_0000_0000_0000;
4'd14: decout=16'b0100_0000_0000_0000;
4'd15: decout=16'b1000_0000_0000_0000;
endcase
assign write_reg=decout & {write,write,write,write,write,write,write,write,write,write,write,write,write,write,write,write};
reg_128 reg0(clk,write_reg[0],din,reg0out);
reg_128 reg1(clk,write_reg[1],din,reg1out);
reg_128 reg2(clk,write_reg[2],din,reg2out);
reg_128 reg3(clk,write_reg[3],din,reg3out);
reg_128 reg4(clk,write_reg[4],din,reg4out);
reg_128 reg5(clk,write_reg[5],din,reg5out);
reg_128 reg6(clk,write_reg[6],din,reg6out);
reg_128 reg7(clk,write_reg[7],din,reg7out);
reg_128 reg8(clk,write_reg[8],din,reg8out);
reg_128 reg9(clk,write_reg[9],din,reg9out);
reg_128 reg10(clk,write_reg[10],din,reg10out);
reg_128 reg11(clk,write_reg[11],din,reg11out);
reg_128 reg12(clk,write_reg[12],din,reg12out);
reg_128 reg13(clk,write_reg[13],din,reg13out);
reg_128 reg14(clk,write_reg[14],din,reg14out);
reg_128 reg15(clk,write_reg[15],din,reg15out);
always @(rd_addr or reg0out or reg1out or reg2out or reg3out or reg4out or reg5out or reg6out or reg7out or reg8out or reg9out or reg10out or reg11out or reg12out or reg13out or reg14out or reg15out)
case(rd_addr)
8'd0: dout=reg0out[127:120];
8'd1: dout=reg0out[119:112];
8'd2: dout=reg0out[111:104];
8'd3: dout=reg0out[103:96];
8'd4: dout=reg0out[95:88];
8'd5: dout=reg0out[87:80];
8'd6: dout=reg0out[79:72];
8'd7: dout=reg0out[71:64];
8'd8: dout=reg0out[63:56];
8'd9: dout=reg0out[55:48];
8'd10: dout=reg0out[47:40];
8'd11: dout=reg0out[39:32];
8'd12: dout=reg0out[31:24];
8'd13: dout=reg0out[23:16];
8'd14: dout=reg0out[15:8];
8'd15: dout=reg0out[7:0];
8'd16: dout=reg1out[127:120];
8'd17: dout=reg1out[119:112];
8'd18: dout=reg1out[111:104];
8'd19: dout=reg1out[103:96];
8'd20: dout=reg1out[95:88];
8'd21: dout=reg1out[87:80];
8'd22: dout=reg1out[79:72];
8'd23: dout=reg1out[71:64];
8'd24: dout=reg1out[63:56];
8'd25: dout=reg1out[55:48];
8'd26: dout=reg1out[47:40];
8'd27: dout=reg1out[39:32];
8'd28: dout=reg1out[31:24];
8'd29: dout=reg1out[23:16];
8'd30: dout=reg1out[15:8];
8'd31: dout=reg1out[7:0];
8'd32: dout=reg2out[127:120];
8'd33: dout=reg2out[119:112];
8'd34: dout=reg2out[111:104];
8'd35: dout=reg2out[103:96];
8'd36: dout=reg2out[95:88];
8'd37: dout=reg2out[87:80];
8'd38: dout=reg2out[79:72];
8'd39: dout=reg2out[71:64];
8'd40: dout=reg2out[63:56];
8'd41: dout=reg2out[55:48];
8'd42: dout=reg2out[47:40];
8'd43: dout=reg2out[39:32];
8'd44: dout=reg2out[31:24];
8'd45: dout=reg2out[23:16];
8'd46: dout=reg2out[15:8];
8'd47: dout=reg2out[7:0];
8'd48: dout=reg3out[127:120];
8'd49: dout=reg3out[119:112];
8'd50: dout=reg3out[111:104];
8'd51: dout=reg3out[103:96];
8'd52: dout=reg3out[95:88];
8'd53: dout=reg3out[87:80];
8'd54: dout=reg3out[79:72];
8'd55: dout=reg3out[71:64];
8'd56: dout=reg3out[63:56];
8'd57: dout=reg3out[55:48];
8'd58: dout=reg3out[47:40];
8'd59: dout=reg3out[39:32];
8'd60: dout=reg3out[31:24];
8'd61: dout=reg3out[23:16];
8'd62: dout=reg3out[15:8];
8'd63: dout=reg3out[7:0];
8'd64: dout=reg4out[127:120];
8'd65: dout=reg4out[119:112];
8'd66: dout=reg4out[111:104];
8'd67: dout=reg4out[103:96];
8'd68: dout=reg4out[95:88];
8'd69: dout=reg4out[87:80];
8'd70: dout=reg4out[79:72];
8'd71: dout=reg4out[71:64];
8'd72: dout=reg4out[63:56];
8'd73: dout=reg4out[55:48];
8'd74: dout=reg4out[47:40];
8'd75: dout=reg4out[39:32];
8'd76: dout=reg4out[31:24];
8'd77: dout=reg4out[23:16];
8'd78: dout=reg4out[15:8];
8'd79: dout=reg4out[7:0];
8'd80: dout=reg5out[127:120];
8'd81: dout=reg5out[119:112];
8'd82: dout=reg5out[111:104];
8'd83: dout=reg5out[103:96];
8'd84: dout=reg5out[95:88];
8'd85: dout=reg5out[87:80];
8'd86: dout=reg5out[79:72];
8'd87: dout=reg5out[71:64];
8'd88: dout=reg5out[63:56];
8'd89: dout=reg5out[55:48];
8'd90: dout=reg5out[47:40];
8'd91: dout=reg5out[39:32];
8'd92: dout=reg5out[31:24];
8'd93: dout=reg5out[23:16];
8'd94: dout=reg5out[15:8];
8'd95: dout=reg5out[7:0];
8'd96: dout=reg6out[127:120];
8'd97: dout=reg6out[119:112];
8'd98: dout=reg6out[111:104];
8'd99: dout=reg6out[103:96];
8'd100: dout=reg6out[95:88];
8'd101: dout=reg6out[87:80];
8'd102: dout=reg6out[79:72];
8'd103: dout=reg6out[71:64];
8'd104: dout=reg6out[63:56];
8'd105: dout=reg6out[55:48];
8'd106: dout=reg6out[47:40];
8'd107: dout=reg6out[39:32];
8'd108: dout=reg6out[31:24];
8'd109: dout=reg6out[23:16];
8'd110: dout=reg6out[15:8];
8'd111: dout=reg6out[7:0];
8'd112: dout=reg7out[127:120];
8'd113: dout=reg7out[119:112];
8'd114: dout=reg7out[111:104];
8'd115: dout=reg7out[103:96];
8'd116: dout=reg7out[95:88];
8'd117: dout=reg7out[87:80];
8'd118: dout=reg7out[79:72];
8'd119: dout=reg7out[71:64];
8'd120: dout=reg7out[63:56];
8'd121: dout=reg7out[55:48];
8'd122: dout=reg7out[47:40];
8'd123: dout=reg7out[39:32];
8'd124: dout=reg7out[31:24];
8'd125: dout=reg7out[23:16];
8'd126: dout=reg7out[15:8];
8'd127: dout=reg7out[7:0];
8'd128: dout=reg8out[127:120];
8'd129: dout=reg8out[119:112];
8'd130: dout=reg8out[111:104];
8'd131: dout=reg8out[103:96];
8'd132: dout=reg8out[95:88];
8'd133: dout=reg8out[87:80];
8'd134: dout=reg8out[79:72];
8'd135: dout=reg8out[71:64];
8'd136: dout=reg8out[63:56];
8'd137: dout=reg8out[55:48];
8'd138: dout=reg8out[47:40];
8'd139: dout=reg8out[39:32];
8'd140: dout=reg8out[31:24];
8'd141: dout=reg8out[23:16];
8'd142: dout=reg8out[15:8];
8'd143: dout=reg8out[7:0];
8'd144: dout=reg9out[127:120];
8'd145: dout=reg9out[119:112];
8'd146: dout=reg9out[111:104];
8'd147: dout=reg9out[103:96];
8'd148: dout=reg9out[95:88];
8'd149: dout=reg9out[87:80];
8'd150: dout=reg9out[79:72];
8'd151: dout=reg9out[71:64];
8'd152: dout=reg9out[63:56];
8'd153: dout=reg9out[55:48];
8'd154: dout=reg9out[47:40];
8'd155: dout=reg9out[39:32];
8'd156: dout=reg9out[31:24];
8'd157: dout=reg9out[23:16];
8'd158: dout=reg9out[15:8];
8'd159: dout=reg9out[7:0];
8'd160: dout=reg10out[127:120];
8'd161: dout=reg10out[119:112];
8'd162: dout=reg10out[111:104];
8'd163: dout=reg10out[103:96];
8'd164: dout=reg10out[95:88];
8'd165: dout=reg10out[87:80];
8'd166: dout=reg10out[79:72];
8'd167: dout=reg10out[71:64];
8'd168: dout=reg10out[63:56];
8'd169: dout=reg10out[55:48];
8'd170: dout=reg10out[47:40];
8'd171: dout=reg10out[39:32];
8'd172: dout=reg10out[31:24];
8'd173: dout=reg10out[23:16];
8'd174: dout=reg10out[15:8];
8'd175: dout=reg10out[7:0];
8'd176: dout=reg11out[127:120];
8'd177: dout=reg11out[119:112];
8'd178: dout=reg11out[111:104];
8'd179: dout=reg11out[103:96];
8'd180: dout=reg11out[95:88];
8'd181: dout=reg11out[87:80];
8'd182: dout=reg11out[79:72];
8'd183: dout=reg11out[71:64];
8'd184: dout=reg11out[63:56];
8'd185: dout=reg11out[55:48];
8'd186: dout=reg11out[47:40];
8'd187: dout=reg11out[39:32];
8'd188: dout=reg11out[31:24];
8'd189: dout=reg11out[23:16];
8'd190: dout=reg11out[15:8];
8'd191: dout=reg11out[7:0];
8'd192: dout=reg12out[127:120];
8'd193: dout=reg12out[119:112];
8'd194: dout=reg12out[111:104];
8'd195: dout=reg12out[103:96];
8'd196: dout=reg12out[95:88];
8'd197: dout=reg12out[87:80];
8'd198: dout=reg12out[79:72];
8'd199: dout=reg12out[71:64];
8'd200: dout=reg12out[63:56];
8'd201: dout=reg12out[55:48];
8'd202: dout=reg12out[47:40];
8'd203: dout=reg12out[39:32];
8'd204: dout=reg12out[31:24];
8'd205: dout=reg12out[23:16];
8'd206: dout=reg12out[15:8];
8'd207: dout=reg12out[7:0];
8'd208: dout=reg13out[127:120];
8'd209: dout=reg13out[119:112];
8'd210: dout=reg13out[111:104];
8'd211: dout=reg13out[103:96];
8'd212: dout=reg13out[95:88];
8'd213: dout=reg13out[87:80];
8'd214: dout=reg13out[79:72];
8'd215: dout=reg13out[71:64];
8'd216: dout=reg13out[63:56];
8'd217: dout=reg13out[55:48];
8'd218: dout=reg13out[47:40];
8'd219: dout=reg13out[39:32];
8'd220: dout=reg13out[31:24];
8'd221: dout=reg13out[23:16];
8'd222: dout=reg13out[15:8];
8'd223: dout=reg13out[7:0];
8'd224: dout=reg14out[127:120];
8'd225: dout=reg14out[119:112];
8'd226: dout=reg14out[111:104];
8'd227: dout=reg14out[103:96];
8'd228: dout=reg14out[95:88];
8'd229: dout=reg14out[87:80];
8'd230: dout=reg14out[79:72];
8'd231: dout=reg14out[71:64];
8'd232: dout=reg14out[63:56];
8'd233: dout=reg14out[55:48];
8'd234: dout=reg14out[47:40];
8'd235: dout=reg14out[39:32];
8'd236: dout=reg14out[31:24];
8'd237: dout=reg14out[23:16];
8'd238: dout=reg14out[15:8];
8'd239: dout=reg14out[7:0];
8'd240: dout=reg15out[127:120];
8'd241: dout=reg15out[119:112];
8'd242: dout=reg15out[111:104];
8'd243: dout=reg15out[103:96];
8'd244: dout=reg15out[95:88];
8'd245: dout=reg15out[87:80];
8'd246: dout=reg15out[79:72];
8'd247: dout=reg15out[71:64];
8'd248: dout=reg15out[63:56];
8'd249: dout=reg15out[55:48];
8'd250: dout=reg15out[47:40];
8'd251: dout=reg15out[39:32];
8'd252: dout=reg15out[31:24];
8'd253: dout=reg15out[23:16];
8'd254: dout=reg15out[15:8];
8'd255: dout=reg15out[7:0];
endcase
endmodule
module mux21_8(sel,a,b,c);
output[7:0] c;
input[7:0] a,b;
input sel;
reg [7:0] c;
always@(sel or a or b)
case(sel)
1'b0: c=a;
1'b1: c=b;
endcase
endmodule
module byte0203(a,a02,a03);
output[7:0] a02,a03;
input[7:0] a;
wire [7:0] b,c;
assign b={a[6:0],1'b0};
assign c=b^{8'h1b};
assign a02=(a[7]==0)? b:c;
assign a03=a02^a;
endmodule
module byte9bde(a,a02,a03,a09,a0b,a0d,a0e);
output[7:0] a09,a0b,a0d,a0e;
input[7:0] a,a02,a03;
wire [7:0] a04,a08,b,c;
byte02 byte02_0(a02,a04);
byte02 byte02_1(a04,a08);
assign a09=a08^a;
assign a0b=a08^a03;
assign b=a04^a;
assign c=a04^a02;
assign a0d=a08^b;
assign a0e=a08^c;
endmodule
module byte02(a,a02);
output[7:0] a02;
input[7:0] a;
wire [7:0] b,c;
assign b={a[6:0],1'b0};
assign c=b^{8'h1b};
assign a02=(a[7]==0)? b:c;
endmodule
module mux41_8(sel,a,b,c,d,e);
output[7:0] e;
input[7:0] a,b,c,d;
input [1:0] sel;
reg [7:0] e;
always@(sel or a or b or c or d)
case(sel)
2'b00: e=a;
2'b01: e=b;
2'b10: e=c;
2'b11: e=d;
endcase
endmodule
module mux21_128(sel,a,b,c);
output[127:0] c;
input[127:0] a,b;
input sel;
reg [127:0] c;
always@(sel or a or b)
case(sel)
1'b0: c=a;
1'b1: c=b;
endcase
endmodule
module reg_128(clk,write,din,dout);
output [127:0] dout;
input clk,write;
input [127:0] din;
reg [127:0] dout;
always @ (posedge clk)
begin
if(write)
dout<=din;
else
dout<=dout;
end
endmodule
3、设计测试文件1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
module crydap_tb;
wire [127:0] outtxt;
reg clk,wrsben,wrregen,mixsel,reginsel;
reg [1:0] keyadsel;
reg [3:0] wrsbaddr;
reg [127:0] sbdata,intxt,roundkey;
crydap crydap(clk,wrsben,wrsbaddr,sbdata,keyadsel,mixsel,reginsel,wrregen,intxt,roundkey,outtxt);
//clock generation
initial clk = 1;
always #50 clk = ~clk;
initial
begin
//encryption sbox configuration.
#20 wrsben=1;
wrsbaddr=4'd0;
sbdata=128'h637c777bf26b6fc53001672bfed7ab76;
#100 wrsben=1;
wrsbaddr=4'd1;
sbdata=128'hca82c97dfa5947f0add4a2af9ca472c0;
#100 wrsben=1;
wrsbaddr=4'd2;
sbdata=128'hb7fd9326363ff7cc34a5e5f171d83115;
#100 wrsben=1;
wrsbaddr=4'd3;
sbdata=128'h04c723c31896059a071280e2eb27b275;
#100 wrsben=1;
wrsbaddr=4'd4;
sbdata=128'h09832c1a1b6e5aa0523bd6b329e32f84;
#100 wrsben=1;
wrsbaddr=4'd5;
sbdata=128'h53d100ed20fcb15b6acbbe394a4c58cf;
#100 wrsben=1;
wrsbaddr=4'd6;
sbdata=128'hd0efaafb434d338545f9027f503c9fa8;
#100 wrsben=1;
wrsbaddr=4'd7;
sbdata=128'h51a3408f929d38f5bcb6da2110fff3d2;
#100 wrsben=1;
wrsbaddr=4'd8;
sbdata=128'hcd0c13ec5f974417c4a77e3d645d1973;
#100 wrsben=1;
wrsbaddr=4'd9;
sbdata=128'h60814fdc222a908846eeb814de5e0bdb;
#100 wrsben=1;
wrsbaddr=4'd10;
sbdata=128'he0323a0a4906245cc2d3ac629195e479;
#100 wrsben=1;
wrsbaddr=4'd11;
sbdata=128'he7c8376d8dd54ea96c56f4ea657aae08;
#100 wrsben=1;
wrsbaddr=4'd12;
sbdata=128'hba78252e1ca6b4c6e8dd741f4bbd8b8a;
#100 wrsben=1;
wrsbaddr=4'd13;
sbdata=128'h703eb5664803f60e613557b986c11d9e;
#100 wrsben=1;
wrsbaddr=4'd14;
sbdata=128'he1f8981169d98e949b1e87e9ce5528df;
#100 wrsben=1;
wrsbaddr=4'd15;
sbdata=128'h8ca1890dbfe6426841992d0fb054bb16;
#100 wrsben=0;
//encryption.
#100 wrregen=1;
keyadsel=2'b00;
mixsel=0;
reginsel=0;
intxt=128'h781278af02d47ca1bb32765a56f2bc1a;//3243f6a8_885a308d_313198a2_e0370734;
roundkey=128'h2b7e1516_28aed2a6_abf71588_09cf4f3c;
#100
wrregen=1;
keyadsel=2'b01;
mixsel=0;
reginsel=0;
roundkey=128'ha0fafe17_88542cb1_23a33939_2a6c7605;
#100
wrregen=1;
keyadsel=2'b01;
mixsel=0;
reginsel=0;
roundkey=128'hf2c295f2_7a96b943_5935807a_7359f67f;
#100
wrregen=1;
keyadsel=2'b01;
mixsel=0;
reginsel=0;
roundkey=128'h3d80477d_4716fe3e_1e237e44_6d7a883b;
#100
wrregen=1;
keyadsel=2'b01;
mixsel=0;
reginsel=0;
roundkey=128'hef44a541_a8525b7f_b671253b_db0bad00;
#100
wrregen=1;
keyadsel=2'b01;
mixsel=0;
reginsel=0;
roundkey=128'hd4d1c6f8_7c839d87_caf2b8bc_11f915bc;
#100
wrregen=1;
keyadsel=2'b01;
roundkey=128'h6d88a37a_110b3efd_dbf98641_ca0093fd;
#100
wrregen=1;
keyadsel=2'b01;
mixsel=0;
reginsel=0;
roundkey=128'h4e54f70e_5f5fc9f3_84a64fb2_4ea6dc4f;
#100
wrregen=1;
keyadsel=2'b01;
mixsel=0;
reginsel=0;
roundkey=128'head27321_b58dbad2_312bf560_7f8d292f;
#100
wrregen=1;
keyadsel=2'b01;
mixsel=0;
reginsel=0;
roundkey=128'hac7766f3_19fadc21_28d12941_575c006e;
#100
wrregen=1;
keyadsel=2'b10;
mixsel=0;
reginsel=0;
roundkey=128'hd014f9a8_c9ee2589_e13f0cc8_b6630ca6;
#100 wrregen=0;
#200 $finish;
end
endmodule
4、将设计文件和测试文件输入Modelsim仿真工具,并进行编译和功能仿真。
5、观测仿真波形图,分析结果是否正确。若有错误,则修改设计文件或测试文件,重新编译和仿真。
五、实验结果
加密
参见Modelsim中的仿真波形图,列出下列实验结果表:
明文1:
明文2:
解密
参见Modelsim中的仿真波形图,列出下列实验结果表:
密文1:
密文2:
六、实验结论
本实验设计了AES密码处理器加密模块的Verilog模型及其测试程序,并选择了2组不同的密钥和明文对其进行了功能仿真,仿真结果全部正确,这说明所设计的加密模块的功能是正确的。
此次实验将加密解密模块整合到一起,使用时调用加密S盒进行明文加密,使用两组明文进行测试,检测输出过程和轮密钥过程,更加直观的了解加密模块的工作原理。此次S盒与上次固定S盒不同,加密解密模块的S盒为可变动的,需要在激励块中赋值检测。
本实验设计了AES密码处理器解密模块的Verilog模型及其测试程序,并选择了2组不同的密钥和明文对其进行了功能仿真,仿真结果全部正确,这说明所设计的加密模块的功能是正确的。
本次实验所用结构体系与加密功能相同,不同的是对S盒的赋值和轮密钥的变换,解密时将加密的轮密钥反过来操作,当输入密文为上次实验结果时,输出明文应为上次实验的输入数据,中间的轮变换按照AES手册附录B进行对比,所得实验结果正确。
AES密码处理器控制模块的设计与仿真
一、实验目的
掌握AES密码处理器控制模块的设计思想、原理和方法。
二、实验内容
1、设计AES密码处理器控制模块的电路结构,利用Verilog HDL建立其RTL模型。
2、利用Modelsim仿真软件对所设计的AES密码处理器控制模块的Verilog RTL模型进行功能仿真。
三、实验环境
PC机1台、Modelsim仿真软件1套。
四、实验步骤
1、控制模块的电路结构设计
AES控制模块的外部信号如下表所示:
AES控制模块由密钥扩展状态机、加密状态机、解密状态机以及其它少量组合逻辑构成。
其中密钥扩展状态机用于控制密钥扩展过程的执行,加密状态机用于控制加密过程的执行,解密状态机用于控制解密过程的执行。
密钥扩展状态机用于产生密钥扩展过程中所使用的控制信号,它由12个状态构成,其状态的划分和定义如下表所示:
AES密钥扩展状态机的状态转移图如下:
AES密钥扩展状态机的状态转移及控制信号取值表如下:
AES加密状态机用于产生加密过程中所使用的控制信号,它由12个状态构成,其状态的划分和定义如下表所示。
AES加密状态机的状态转移图如下:
AES加密状态机的状态转移及控制信号取值表如下:
AES解密状态机用于产生解密过程中所使用的控制信号,它由12个状态构成,其状态的划分和定义如下表所示。
AES解密状态机的状态转移图与加密状态机的状态转移图类似,其状态转移及控制信号取值如下表所示:
2、建立控制模块的Verilog模型1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330module aescontrol(clk,rst,load,address,keyexp,staenc,stadec,keyexprdy,encdecrdy,keysel,rndkren,wrrndkrf,krfaddr,rconen,wrsben,wrsbaddr,keyadsel,mixsel,reginsel,wrregen,wrpckreg);
output keyexprdy,encdecrdy,keysel,rndkren,wrrndkrf,rconen;
output wrsben,mixsel,reginsel,wrregen,wrpckreg;
output [1:0] keyadsel;
output [3:0] krfaddr,wrsbaddr;
input clk,rst,load,keyexp,staenc,stadec;
input[4:0] address;
wire [3:0] wrkrfaddr,rdkrfaddre,rdkrfaddrd,encstate,decstate;
wire [1:0] keyadsele,keyadseld;
wire mixsele,reginsele,wrregene,encrdy,mixseld,reginseld,wrregend,decrdy;
assign krfaddr=(encstate != 4'd0)? rdkrfaddre:((decstate != 4'd0)?rdkrfaddrd:wrkrfaddr);
assign keyadsel=(encstate != 4'd0)? keyadsele:keyadseld;
assign mixsel=(encstate != 4'd0)? mixsele:mixseld;
assign reginsel=(encstate != 4'd0)? reginsele:reginseld;
assign wrregen=(encstate != 4'd0)? wrregene:wrregend;
assign encdecrdy=encrdy & decrdy;
keyexpfsm keyexpfsm(clk,rst,keyexp,keysel,rndkren,wrrndkrf,wrkrfaddr,rconen,keyexprdy);
encryfsm encryfsm(clk,rst,staenc,keyadsele,mixsele,reginsele,wrregene,rdkrfaddre,encrdy,encstate);
decryfsm decryfsm(clk,rst,stadec,keyadseld,mixseld,reginseld,wrregend,rdkrfaddrd,decrdy,decstate);
assign wrsben=load & ~address[4];
assign wrsbaddr=address[3:0];
assign wrpckreg=load & address[4] & ~address[3] & ~address[2] & ~address[1] & ~address[0];
endmodule
module keyexpfsm(clk,rst,keyexp,keysel,rndkren,wrrndkrf,wrkrfaddr,rconen,keyexprdy);
output keysel,rndkren,wrrndkrf,rconen,keyexprdy;
output [3:0] wrkrfaddr;
input clk,rst,keyexp;
reg [3:0] state,next_state,wrkrfaddr;
reg keysel,rndkren,keyexprdy;
always @(posedge clk)
begin
if(rst)
state<=4'd0;
else
state<=next_state;
end
always @ (state or keyexp)
case(state)
4'd0: if(keyexp == 1)
next_state = 4'd1;
else
next_state = 4'd0;
4'd1: next_state = 4'd2;
4'd2: next_state = 4'd3;
4'd3: next_state = 4'd4;
4'd4: next_state = 4'd5;
4'd5: next_state = 4'd6;
4'd6: next_state = 4'd7;
4'd7: next_state = 4'd8;
4'd8: next_state = 4'd9;
4'd9: next_state = 4'd10;
4'd10: next_state = 4'd11;
4'd11: next_state = 4'd0;
default: next_state = 4'd0;
endcase
always @ (state)
case(state)
4'd0: keysel=0;
4'd1: keysel=0;
4'd2: keysel=1;
4'd3: keysel=1;
4'd4: keysel=1;
4'd5: keysel=1;
4'd6: keysel=1;
4'd7: keysel=1;
4'd8: keysel=1;
4'd9: keysel=1;
4'd10: keysel=1;
4'd11: keysel=1;
default: keysel=0;
endcase
always @ (state)
case(state)
4'd0: rndkren=0;
4'd1: rndkren=1;
4'd2: rndkren=1;
4'd3: rndkren=1;
4'd4: rndkren=1;
4'd5: rndkren=1;
4'd6: rndkren=1;
4'd7: rndkren=1;
4'd8: rndkren=1;
4'd9: rndkren=1;
4'd10: rndkren=1;
4'd11: rndkren=1;
default: rndkren=0;
endcase
assign wrrndkrf=rndkren;
always @ (state)
case(state)
4'd0: wrkrfaddr=4'd0;
4'd1: wrkrfaddr=4'd0;
4'd2: wrkrfaddr=4'd1;
4'd3: wrkrfaddr=4'd2;
4'd4: wrkrfaddr=4'd3;
4'd5: wrkrfaddr=4'd4;
4'd6: wrkrfaddr=4'd5;
4'd7: wrkrfaddr=4'd6;
4'd8: wrkrfaddr=4'd7;
4'd9: wrkrfaddr=4'd8;
4'd10: wrkrfaddr=4'd9;
4'd11: wrkrfaddr=4'd10;
default: wrkrfaddr=4'd0;
endcase
assign rconen=keysel;
always @ (state)
case(state)
4'd0: keyexprdy=1;
default: keyexprdy=0;
endcase
endmodule
module encryfsm(clk,rst,staenc,keyadsel,mixsel,reginsel,wrregen,rdkrfaddr,encrdy,state);
output wrregen,mixsel,reginsel,encrdy,state;
output [1:0] keyadsel;
output [3:0] rdkrfaddr;
input clk,rst,staenc;
reg [3:0] state,next_state,rdkrfaddr;
reg wrregen,encrdy;
reg [1:0] keyadsel;
always @(posedge clk)
begin
if(rst)
state<=4'd0;
else
state<=next_state;
end
always @ (state or staenc)
case(state)
4'd0: if(staenc == 1)
next_state = 4'd1;
else
next_state = 4'd0;
4'd1: next_state = 4'd2;
4'd2: next_state = 4'd3;
4'd3: next_state = 4'd4;
4'd4: next_state = 4'd5;
4'd5: next_state = 4'd6;
4'd6: next_state = 4'd7;
4'd7: next_state = 4'd8;
4'd8: next_state = 4'd9;
4'd9: next_state = 4'd10;
4'd10: next_state = 4'd11;
4'd11: next_state = 4'd0;
default: next_state = 4'd0;
endcase
always @ (state)
case(state)
4'd0: wrregen=0;
4'd1: wrregen=1;
4'd2: wrregen=1;
4'd3: wrregen=1;
4'd4: wrregen=1;
4'd5: wrregen=1;
4'd6: wrregen=1;
4'd7: wrregen=1;
4'd8: wrregen=1;
4'd9: wrregen=1;
4'd10: wrregen=1;
4'd11: wrregen=1;
default: wrregen=0;
endcase
assign mixsel=0;
assign reginsel=0;
always @ (state)
case(state)
4'd0: keyadsel=2'b00;
4'd1: keyadsel=2'b00;
4'd2: keyadsel=2'b01;
4'd3: keyadsel=2'b01;
4'd4: keyadsel=2'b01;
4'd5: keyadsel=2'b01;
4'd6: keyadsel=2'b01;
4'd7: keyadsel=2'b01;
4'd8: keyadsel=2'b01;
4'd9: keyadsel=2'b01;
4'd10: keyadsel=2'b01;
4'd11: keyadsel=2'b10;
default: keyadsel=2'b00;
endcase
always @ (state)
case(state)
4'd0: rdkrfaddr=4'd0;
4'd1: rdkrfaddr=4'd0;
4'd2: rdkrfaddr=4'd1;
4'd3: rdkrfaddr=4'd2;
4'd4: rdkrfaddr=4'd3;
4'd5: rdkrfaddr=4'd4;
4'd6: rdkrfaddr=4'd5;
4'd7: rdkrfaddr=4'd6;
4'd8: rdkrfaddr=4'd7;
4'd9: rdkrfaddr=4'd8;
4'd10: rdkrfaddr=4'd9;
4'd11: rdkrfaddr=4'd10;
default: rdkrfaddr=4'd0;
endcase
always @ (state)
case(state)
4'd0: encrdy=1;
default: encrdy=0;
endcase
endmodule
module decryfsm(clk,rst,stadec,keyadsel,mixsel,reginsel,wrregen,rdkrfaddr,decrdy,state);
output wrregen,mixsel,reginsel,decrdy,state;
output [1:0] keyadsel;
output [3:0] rdkrfaddr;
input clk,rst,stadec;
reg [3:0] state,next_state,rdkrfaddr;
reg wrregen,decrdy,reginsel;
reg [1:0] keyadsel;
always @(posedge clk)
begin
if(rst)
state<=4'd0;
else
state<=next_state;
end
always @ (state or stadec)
case(state)
4'd0: if(stadec == 1)
next_state = 4'd1;
else
next_state = 4'd0;
4'd1: next_state = 4'd2;
4'd2: next_state = 4'd3;
4'd3: next_state = 4'd4;
4'd4: next_state = 4'd5;
4'd5: next_state = 4'd6;
4'd6: next_state = 4'd7;
4'd7: next_state = 4'd8;
4'd8: next_state = 4'd9;
4'd9: next_state = 4'd10;
4'd10: next_state = 4'd11;
4'd11: next_state = 4'd0;
default: next_state = 4'd0;
endcase
always @ (state)
case(state)
4'd0: wrregen=0;
4'd1: wrregen=1;
4'd2: wrregen=1;
4'd3: wrregen=1;
4'd4: wrregen=1;
4'd5: wrregen=1;
4'd6: wrregen=1;
4'd7: wrregen=1;
4'd8: wrregen=1;
4'd9: wrregen=1;
4'd10: wrregen=1;
4'd11: wrregen=1;
default: wrregen=0;
endcase
always @ (state)
case(state)
4'd0: reginsel=0;
4'd1: reginsel=0;
4'd2: reginsel=1;
4'd3: reginsel=1;
4'd4: reginsel=1;
4'd5: reginsel=1;
4'd6: reginsel=1;
4'd7: reginsel=1;
4'd8: reginsel=1;
4'd9: reginsel=1;
4'd10: reginsel=1;
4'd11: reginsel=0;
default: reginsel=0;
endcase
assign mixsel=reginsel;
always @ (state)
case(state)
4'd0: keyadsel=2'b00;
4'd1: keyadsel=2'b00;
4'd2: keyadsel=2'b11;
4'd3: keyadsel=2'b11;
4'd4: keyadsel=2'b11;
4'd5: keyadsel=2'b11;
4'd6: keyadsel=2'b11;
4'd7: keyadsel=2'b11;
4'd8: keyadsel=2'b11;
4'd9: keyadsel=2'b11;
4'd10: keyadsel=2'b11;
4'd11: keyadsel=2'b11;
default: keyadsel=2'b00;
endcase
always @ (state)
case(state)
4'd0: rdkrfaddr=4'd0;
4'd1: rdkrfaddr=4'd10;
4'd2: rdkrfaddr=4'd9;
4'd3: rdkrfaddr=4'd8;
4'd4: rdkrfaddr=4'd7;
4'd5: rdkrfaddr=4'd6;
4'd6: rdkrfaddr=4'd5;
4'd7: rdkrfaddr=4'd4;
4'd8: rdkrfaddr=4'd3;
4'd9: rdkrfaddr=4'd2;
4'd10: rdkrfaddr=4'd1;
4'd11: rdkrfaddr=4'd0;
default: rdkrfaddr=4'd0;
endcase
always @ (state)
case(state)
4'd0: decrdy=1;
default: decrdy=0;
endcase
endmodule
3、设计控制模块的测试文件1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
module aescontrol_tb;
wire keyexprdy,encdecrdy,keysel,rndkren,wrrndkrf,rconen;
wire wrsben,mixsel,reginsel,wrregen,wrpckreg;
wire [1:0] keyadsel;
wire [3:0] krfaddr,wrsbaddr;
reg clk,rst,load,keyexp,staenc,stadec;
reg [4:0] address;
aescontrol aescontrol(clk,rst,load,address,keyexp,staenc,stadec,keyexprdy,encdecrdy,keysel,rndkren,wrrndkrf,krfaddr,rconen,wrsben,wrsbaddr,keyadsel,mixsel,reginsel,wrregen,wrpckreg);
//clock generation
initial clk = 1;
always #50 clk = ~clk;
initial
begin
#20 rst=1;//test reset.
load=0;
address=5'd0;
keyexp=0;
staenc=0;
stadec=0;
#200 rst=0;
load=1; //test load data.
address=5'd0;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd1;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd2;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd3;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd4;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd5;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd6;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd7;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd8;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd9;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd10;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd11;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd12;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd13;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd14;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd15;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd16;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd17;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd18;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd19;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd20;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd21;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd22;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd23;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd24;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd25;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd26;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd27;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd28;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd29;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd30;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=1;
address=5'd31;
keyexp=0;
staenc=0;
stadec=0;
#100 rst=0;
load=0;
address=5'd0;
keyexp=1;//test cipher key expansion.
staenc=0;
stadec=0;
#100 rst=0;
load=0;
address=5'd1;
keyexp=0;
staenc=0;
stadec=0;
#1200 rst=0;
load=0;
address=5'd2;
keyexp=0;
staenc=1;//test start encryption.
stadec=0;
#100 rst=0;
load=0;
address=5'd3;
keyexp=0;
staenc=0;
stadec=0;
#1200 rst=0;
load=0;
address=5'd16;
keyexp=0;
staenc=0;
stadec=1;//tset start decryption.
#100 rst=0;
load=0;
address=5'd17;
keyexp=0;
staenc=0;
stadec=0;
#1200 $finish;
end
endmodule
4、将控制模块的设计文件和测试文件输入Modelsim仿真工具,并进行编译和功能仿真。
5、观测制模块的仿真波形图,分析结果是否正确。若有错误,则修改设计文件或测试文件,重新编译和仿真。
五、实验结果
参见Modelsim中的仿真波形图,列出下列实验结果表。
AES密码处理器控制模块仿真结果:
六、实验结论
本实验设计了AES密码处理器控制模块的Verilog模型及其测试程序,并分别对其复位、数据装载、密钥扩展、加密、解密功能进行了仿真,仿真结果全部正确,这说明所设计的控制模块的功能是正确的。
AES密码处理器的系统集成与仿真
一、实验目的
掌握AES密码处理器的系统集成与仿真方法。
二、实验内容
1、对AES密码处理器进行系统集成,得到顶层模块。
2、利用Modelsim仿真软件对所设计AES密码处理器的顶层模块进行功能仿真。
三、实验环境
PC机1台、Modelsim仿真软件1套。
四、实验步骤
1、AES密码处理器顶层模块的电路结构
AES密码处理器顶层模块的外部信号如下表所示:
2、对AES密码处理器进行系统集成,建立顶层模块的Verilog模型。1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503module aes(clk,rst,load,address,keyexpen,staenc,stadec,
din,keyexprdy,encdecrdy,dout);
output [127:0] dout;
output keyexprdy,encdecrdy;
input clk,rst,load,keyexpen,staenc,stadec;
input [4:0] address;
input [127:0] din;
wire wrpckreg,keysel,rndkren,wrrndkrf,rconen,wrsben,mixsel,reginsel,wrregen;
wire [127:0] pckregout,roundkey;
wire [3:0] krfaddr,wrsbaddr;
wire [1:0] keyadsel;
reg_128 pckreg(clk,wrpckreg,din,pckregout);
aescontrol control(clk,rst,load,address,keyexpen,staenc,stadec,
keyexprdy,encdecrdy,keysel,rndkren,
wrrndkrf,krfaddr,rconen,wrsben,wrsbaddr,
keyadsel,mixsel,reginsel,wrregen,wrpckreg);
keyexp keyexp(clk,rst,keysel,rndkren,wrrndkrf,krfaddr,
rconen,pckregout,roundkey);
crydap crydap(clk,wrsben,wrsbaddr,din,keyadsel,mixsel,
reginsel,wrregen,pckregout,roundkey,dout);
endmodule
module reg_128(clk,write,din,dout);
output [127:0] dout;
input clk,write;
input [127:0] din;
reg [127:0] dout;
always @ (posedge clk)
begin
if(write)
dout<=din;
else
dout<=dout;
end
endmodule
module aescontrol(clk,rst,load,address,keyexp,staenc,stadec,keyexprdy,encdecrdy,
keysel,rndkren,wrrndkrf,krfaddr,rconen,
wrsben,wrsbaddr,keyadsel,mixsel,reginsel,wrregen,wrpckreg);
output keyexprdy,encdecrdy,keysel,rndkren,wrrndkrf,rconen;
output wrsben,mixsel,reginsel,wrregen,wrpckreg;
output [1:0] keyadsel;
output [3:0] krfaddr,wrsbaddr;
input clk,rst,load,keyexp,staenc,stadec;
input[4:0] address;
wire [3:0] wrkrfaddr,rdkrfaddre,rdkrfaddrd,encstate,decstate;
wire [1:0] keyadsele,keyadseld;
wire mixsele,reginsele,wrregene,encrdy,mixseld,reginseld,wrregend,decrdy;
assign krfaddr=(encstate != 4'd0)? rdkrfaddre:((decstate != 4'd0)?rdkrfaddrd:wrkrfaddr);
assign keyadsel=(encstate != 4'd0)? keyadsele:keyadseld;
assign mixsel=(encstate != 4'd0)? mixsele:mixseld;
assign reginsel=(encstate != 4'd0)? reginsele:reginseld;
assign wrregen=(encstate != 4'd0)? wrregene:wrregend;
assign encdecrdy=encrdy & decrdy;
keyexpfsm keyexpfsm(clk,rst,keyexp,keysel,rndkren,wrrndkrf,wrkrfaddr,rconen,keyexprdy);
encryfsm encryfsm(clk,rst,staenc,keyadsele,mixsele,reginsele,wrregene,rdkrfaddre,encrdy,encstate);
decryfsm decryfsm(clk,rst,stadec,keyadseld,mixseld,reginseld,wrregend,rdkrfaddrd,decrdy,decstate);
assign wrsben=load & ~address[4];
assign wrsbaddr=address[3:0];
assign wrpckreg=load & address[4] & ~address[3] & ~address[2] & ~address[1] & ~address[0];
endmodule
module keyexpfsm(clk,rst,keyexp,keysel,rndkren,wrrndkrf,wrkrfaddr,rconen,keyexprdy);
output keysel,rndkren,wrrndkrf,rconen,keyexprdy;
output [3:0] wrkrfaddr;
input clk,rst,keyexp;
reg [3:0] state,next_state,wrkrfaddr;
reg keysel,rndkren,keyexprdy;
always @(posedge clk)
begin
if(rst)
state<=4'd0;
else
state<=next_state;
end
always @ (state or keyexp)
case(state)
4'd0: if(keyexp == 1)
next_state = 4'd1;
else
next_state = 4'd0;
4'd1: next_state = 4'd2;
4'd2: next_state = 4'd3;
4'd3: next_state = 4'd4;
4'd4: next_state = 4'd5;
4'd5: next_state = 4'd6;
4'd6: next_state = 4'd7;
4'd7: next_state = 4'd8;
4'd8: next_state = 4'd9;
4'd9: next_state = 4'd10;
4'd10: next_state = 4'd11;
4'd11: next_state = 4'd0;
default: next_state = 4'd0;
endcase
always @ (state)
case(state)
4'd0: keysel=0;
4'd1: keysel=0;
4'd2: keysel=1;
4'd3: keysel=1;
4'd4: keysel=1;
4'd5: keysel=1;
4'd6: keysel=1;
4'd7: keysel=1;
4'd8: keysel=1;
4'd9: keysel=1;
4'd10: keysel=1;
4'd11: keysel=1;
default: keysel=0;
endcase
always @ (state)
case(state)
4'd0: rndkren=0;
4'd1: rndkren=1;
4'd2: rndkren=1;
4'd3: rndkren=1;
4'd4: rndkren=1;
4'd5: rndkren=1;
4'd6: rndkren=1;
4'd7: rndkren=1;
4'd8: rndkren=1;
4'd9: rndkren=1;
4'd10: rndkren=1;
4'd11: rndkren=1;
default: rndkren=0;
endcase
assign wrrndkrf=rndkren;
always @ (state)
case(state)
4'd0: wrkrfaddr=4'd0;
4'd1: wrkrfaddr=4'd0;
4'd2: wrkrfaddr=4'd1;
4'd3: wrkrfaddr=4'd2;
4'd4: wrkrfaddr=4'd3;
4'd5: wrkrfaddr=4'd4;
4'd6: wrkrfaddr=4'd5;
4'd7: wrkrfaddr=4'd6;
4'd8: wrkrfaddr=4'd7;
4'd9: wrkrfaddr=4'd8;
4'd10: wrkrfaddr=4'd9;
4'd11: wrkrfaddr=4'd10;
default: wrkrfaddr=4'd0;
endcase
assign rconen=keysel;
always @ (state)
case(state)
4'd0: keyexprdy=1;
default: keyexprdy=0;
endcase
endmodule
module encryfsm(clk,rst,staenc,keyadsel,mixsel,reginsel,wrregen,rdkrfaddr,encrdy,state);
output wrregen,mixsel,reginsel,encrdy,state;
output [1:0] keyadsel;
output [3:0] rdkrfaddr;
input clk,rst,staenc;
reg [3:0] state,next_state,rdkrfaddr;
reg wrregen,encrdy;
reg [1:0] keyadsel;
always @(posedge clk)
begin
if(rst)
state<=4'd0;
else
state<=next_state;
end
always @ (state or staenc)
case(state)
4'd0: if(staenc == 1)
next_state = 4'd1;
else
next_state = 4'd0;
4'd1: next_state = 4'd2;
4'd2: next_state = 4'd3;
4'd3: next_state = 4'd4;
4'd4: next_state = 4'd5;
4'd5: next_state = 4'd6;
4'd6: next_state = 4'd7;
4'd7: next_state = 4'd8;
4'd8: next_state = 4'd9;
4'd9: next_state = 4'd10;
4'd10: next_state = 4'd11;
4'd11: next_state = 4'd0;
default: next_state = 4'd0;
endcase
always @ (state)
case(state)
4'd0: wrregen=0;
4'd1: wrregen=1;
4'd2: wrregen=1;
4'd3: wrregen=1;
4'd4: wrregen=1;
4'd5: wrregen=1;
4'd6: wrregen=1;
4'd7: wrregen=1;
4'd8: wrregen=1;
4'd9: wrregen=1;
4'd10: wrregen=1;
4'd11: wrregen=1;
default: wrregen=0;
endcase
assign mixsel=0;
assign reginsel=0;
always @ (state)
case(state)
4'd0: keyadsel=2'b00;
4'd1: keyadsel=2'b00;
4'd2: keyadsel=2'b01;
4'd3: keyadsel=2'b01;
4'd4: keyadsel=2'b01;
4'd5: keyadsel=2'b01;
4'd6: keyadsel=2'b01;
4'd7: keyadsel=2'b01;
4'd8: keyadsel=2'b01;
4'd9: keyadsel=2'b01;
4'd10: keyadsel=2'b01;
4'd11: keyadsel=2'b10;
default: keyadsel=2'b00;
endcase
always @ (state)
case(state)
4'd0: rdkrfaddr=4'd0;
4'd1: rdkrfaddr=4'd0;
4'd2: rdkrfaddr=4'd1;
4'd3: rdkrfaddr=4'd2;
4'd4: rdkrfaddr=4'd3;
4'd5: rdkrfaddr=4'd4;
4'd6: rdkrfaddr=4'd5;
4'd7: rdkrfaddr=4'd6;
4'd8: rdkrfaddr=4'd7;
4'd9: rdkrfaddr=4'd8;
4'd10: rdkrfaddr=4'd9;
4'd11: rdkrfaddr=4'd10;
default: rdkrfaddr=4'd0;
endcase
always @ (state)
case(state)
4'd0: encrdy=1;
default: encrdy=0;
endcase
endmodule
module decryfsm(clk,rst,stadec,keyadsel,mixsel,reginsel,wrregen,rdkrfaddr,decrdy,state);
output wrregen,mixsel,reginsel,decrdy,state;
output [1:0] keyadsel;
output [3:0] rdkrfaddr;
input clk,rst,stadec;
reg [3:0] state,next_state,rdkrfaddr;
reg wrregen,decrdy,reginsel;
reg [1:0] keyadsel;
always @(posedge clk)
begin
if(rst)
state<=4'd0;
else
state<=next_state;
end
always @ (state or stadec)
case(state)
4'd0: if(stadec == 1)
next_state = 4'd1;
else
next_state = 4'd0;
4'd1: next_state = 4'd2;
4'd2: next_state = 4'd3;
4'd3: next_state = 4'd4;
4'd4: next_state = 4'd5;
4'd5: next_state = 4'd6;
4'd6: next_state = 4'd7;
4'd7: next_state = 4'd8;
4'd8: next_state = 4'd9;
4'd9: next_state = 4'd10;
4'd10: next_state = 4'd11;
4'd11: next_state = 4'd0;
default: next_state = 4'd0;
endcase
always @ (state)
case(state)
4'd0: wrregen=0;
4'd1: wrregen=1;
4'd2: wrregen=1;
4'd3: wrregen=1;
4'd4: wrregen=1;
4'd5: wrregen=1;
4'd6: wrregen=1;
4'd7: wrregen=1;
4'd8: wrregen=1;
4'd9: wrregen=1;
4'd10: wrregen=1;
4'd11: wrregen=1;
default: wrregen=0;
endcase
always @ (state)
case(state)
4'd0: reginsel=0;
4'd1: reginsel=0;
4'd2: reginsel=1;
4'd3: reginsel=1;
4'd4: reginsel=1;
4'd5: reginsel=1;
4'd6: reginsel=1;
4'd7: reginsel=1;
4'd8: reginsel=1;
4'd9: reginsel=1;
4'd10: reginsel=1;
4'd11: reginsel=0;
default: reginsel=0;
endcase
assign mixsel=reginsel;
always @ (state)
case(state)
4'd0: keyadsel=2'b00;
4'd1: keyadsel=2'b00;
4'd2: keyadsel=2'b11;
4'd3: keyadsel=2'b11;
4'd4: keyadsel=2'b11;
4'd5: keyadsel=2'b11;
4'd6: keyadsel=2'b11;
4'd7: keyadsel=2'b11;
4'd8: keyadsel=2'b11;
4'd9: keyadsel=2'b11;
4'd10: keyadsel=2'b11;
4'd11: keyadsel=2'b11;
default: keyadsel=2'b00;
endcase
always @ (state)
case(state)
4'd0: rdkrfaddr=4'd0;
4'd1: rdkrfaddr=4'd10;
4'd2: rdkrfaddr=4'd9;
4'd3: rdkrfaddr=4'd8;
4'd4: rdkrfaddr=4'd7;
4'd5: rdkrfaddr=4'd6;
4'd6: rdkrfaddr=4'd5;
4'd7: rdkrfaddr=4'd4;
4'd8: rdkrfaddr=4'd3;
4'd9: rdkrfaddr=4'd2;
4'd10: rdkrfaddr=4'd1;
4'd11: rdkrfaddr=4'd0;
default: rdkrfaddr=4'd0;
endcase
always @ (state)
case(state)
4'd0: decrdy=1;
default: decrdy=0;
endcase
endmodule
module keyexp(clk,rst,keysel,rndkren,wrrndkrf,addr,rconen,key,rndkrfout);
output[127:0] rndkrfout;
input clk,rst,keysel,rndkren,wrrndkrf,rconen;
input[3:0] addr;
input[127:0] key;
wire [127:0] rndkey,rndkrout,rndkrfout;
wire [31:0] w4,w5,w6,w7,rotword,subword,xorrcon;
wire [7:0] rconout;
assign rndkey=(keysel==0) ? key:{w4,w5,w6,w7};
reg_128 rndkreg(clk,rndkren,rndkey,rndkrout);
rndkrf rndkrf(clk,wrrndkrf,addr,rndkey,rndkrfout);
assign rotword={rndkrout[23:0],rndkrout[31:24]};
sbox_mux sbox0(rotword[31:24],subword[31:24]);
sbox_mux sbox1(rotword[23:16],subword[23:16]);
sbox_mux sbox2(rotword[15:8],subword[15:8]);
sbox_mux sbox3(rotword[7:0],subword[7:0]);
rcon rcon(clk,rst,rconen,rconout);
assign xorrcon=subword^{rconout,24'h000000};
assign w4=xorrcon^rndkrout[127:96];
assign w5=w4^rndkrout[95:64];
assign w6=w5^rndkrout[63:32];
assign w7=w6^rndkrout[31:0];
endmodule
module rndkrf(clk,wrrndkrf,addr,rndkey,rndkrfout);
input clk,wrrndkrf;
input [3:0] addr;
input [127:0] rndkey;
output [127:0] rndkrfout;
reg [10:0] decout;
wire [10:0] write_reg;
wire [127:0] reg0out,reg1out,reg2out,reg3out,reg4out,reg5out,reg6out,reg7out,reg8out,reg9out,reg10out;
reg [127:0] rndkrfout;
always @ (addr)
case(addr)
4'd0: decout=11'b000_0000_0001;
4'd1: decout=11'b000_0000_0010;
4'd2: decout=11'b000_0000_0100;
4'd3: decout=11'b000_0000_1000;
4'd4: decout=11'b000_0001_0000;
4'd5: decout=11'b000_0010_0000;
4'd6: decout=11'b000_0100_0000;
4'd7: decout=11'b000_1000_0000;
4'd8: decout=11'b001_0000_0000;
4'd9: decout=11'b010_0000_0000;
4'd10: decout=11'b100_0000_0000;
default: decout=11'b000_0000_0000;
endcase
assign write_reg=decout & {wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf};
reg_128 reg0(clk,write_reg[0],rndkey,reg0out);
reg_128 reg1(clk,write_reg[1],rndkey,reg1out);
reg_128 reg2(clk,write_reg[2],rndkey,reg2out);
reg_128 reg3(clk,write_reg[3],rndkey,reg3out);
reg_128 reg4(clk,write_reg[4],rndkey,reg4out);
reg_128 reg5(clk,write_reg[5],rndkey,reg5out);
reg_128 reg6(clk,write_reg[6],rndkey,reg6out);
reg_128 reg7(clk,write_reg[7],rndkey,reg7out);
reg_128 reg8(clk,write_reg[8],rndkey,reg8out);
reg_128 reg9(clk,write_reg[9],rndkey,reg9out);
reg_128 reg10(clk,write_reg[10],rndkey,reg10out);
always @(addr or reg0out or reg1out or reg2out or reg3out or reg4out or reg5out or reg6out or reg7out or reg8out or reg9out or reg10out)
case(addr)
4'd0: rndkrfout=reg0out;
4'd1: rndkrfout=reg1out;
4'd2: rndkrfout=reg2out;
4'd3: rndkrfout=reg3out;
4'd4: rndkrfout=reg4out;
4'd5: rndkrfout=reg5out;
4'd6: rndkrfout=reg6out;
4'd7: rndkrfout=reg7out;
4'd8: rndkrfout=reg8out;
4'd9: rndkrfout=reg9out;
4'd10: rndkrfout=reg10out;
default: rndkrfout=reg10out;
endcase
endmodule
module sbox_mux(in,out);
output[7:0] out;
input[7:0] in;
reg [7:0] out;
always@(in)
case(in)
8'h00: out=8'h63;
8'h01: out=8'h7c;
8'h02: out=8'h77;
8'h03: out=8'h7b;
8'h04: out=8'hf2;
8'h05: out=8'h6b;
8'h06: out=8'h6f;
8'h07: out=8'hc5;
8'h08: out=8'h30;
8'h09: out=8'h01;
8'h0a: out=8'h67;
8'h0b: out=8'h2b;
8'h0c: out=8'hfe;
8'h0d: out=8'hd7;
8'h0e: out=8'hab;
8'h0f: out=8'h76;
8'h10: out=8'hca;
8'h11: out=8'h82;
8'h12: out=8'hc9;
8'h13: out=8'h7d;
8'h14: out=8'hfa;
8'h15: out=8'h59;
8'h16: out=8'h47;
8'h17: out=8'hf0;
8'h18: out=8'had;
8'h19: out=8'hd4;
8'h1a: out=8'ha2;
8'h1b: out=8'haf;
8'h1c: out=8'h9c;
8'h1d: out=8'ha4;
8'h1e: out=8'h72;
8'h1f: out=8'hc0;
8'h20: out=8'hb7;
8'h21: out=8'hfd;
8'h22: out=8'h93;
8'h23: out=8'h26;
8'h24: out=8'h36;
8'h25: out=8'h3f;
8'h26: out=8'hf7;
8'h27: out=8'hcc;
8'h28: out=8'h34;
8'h29: out=8'ha5;
8'h2a: out=8'he5;
8'h2b: out=8'hf1;
8'h2c: out=8'h71;
8'h2d: out=8'hd8;
8'h2e: out=8'h31;
8'h2f: out=8'h15;
8'h30: out=8'h04;
8'h31: out=8'hc7;
8'h32: out=8'h23;
8'h33: out=8'hc3;
8'h34: out=8'h18;
8'h35: out=8'h96;
8'h36: out=8'h05;
8'h37: out=8'h9a;
8'h38: out=8'h07;
8'h39: out=8'h12;
8'h3a: out=8'h80;
8'h3b: out=8'he2;
8'h3c: out=8'heb;
8'h3d: out=8'h27;
8'h3e: out=8'hb2;
8'h3f: out=8'h75;
8'h40: out=8'h09;
8'h41: out=8'h83;
8'h42: out=8'h2c;
8'h43: out=8'h1a;
8'h44: out=8'h1b;
8'h45: out=8'h6e;
8'h46: out=8'h5a;
8'h47: out=8'ha0;
8'h48: out=8'h52;
8'h49: out=8'h3b;
8'h4a: out=8'hd6;
8'h4b: out=8'hb3;
8'h4c: out=8'h29;
8'h4d: out=8'he3;
8'h4e: out=8'h2f;
8'h4f: out=8'h84;
8'h50: out=8'h53;
8'h51: out=8'hd1;
8'h52: out=8'h00;
8'h53: out=8'hed;
8'h54: out=8'h20;
8'h55: out=8'hfc;
8'h56: out=8'hb1;
8'h57: out=8'h5b;
8'h58: out=8'h6a;
8'h59: out=8'hcb;
8'h5a: out=8'hbe;
8'h5b: out=8'h39;
8'h5c: out=8'h4a;
8'h5d: out=8'h4c;
8'h5e: out=8'h58;
8'h5f: out=8'hcf;
8'h60: out=8'hd0;
8'h61: out=8'hef;
8'h62: out=8'haa;
8'h63: out=8'hfb;
8'h64: out=8'h43;
8'h65: out=8'h4d;
8'h66: out=8'h33;
8'h67: out=8'h85;
8'h68: out=8'h45;
8'h69: out=8'hf9;
8'h6a: out=8'h02;
8'h6b: out=8'h7f;
8'h6c: out=8'h50;
8'h6d: out=8'h3c;
8'h6e: out=8'h9f;
8'h6f: out=8'ha8;
8'h70: out=8'h51;
8'h71: out=8'ha3;
8'h72: out=8'h40;
8'h73: out=8'h8f;
8'h74: out=8'h92;
8'h75: out=8'h9d;
8'h76: out=8'h38;
8'h77: out=8'hf5;
8'h78: out=8'hbc;
8'h79: out=8'hb6;
8'h7a: out=8'hda;
8'h7b: out=8'h21;
8'h7c: out=8'h10;
8'h7d: out=8'hff;
8'h7e: out=8'hf3;
8'h7f: out=8'hd2;
8'h80: out=8'hcd;
8'h81: out=8'h0c;
8'h82: out=8'h13;
8'h83: out=8'hec;
8'h84: out=8'h5f;
8'h85: out=8'h97;
8'h86: out=8'h44;
8'h87: out=8'h17;
8'h88: out=8'hc4;
8'h89: out=8'ha7;
8'h8a: out=8'h7e;
8'h8b: out=8'h3d;
8'h8c: out=8'h64;
8'h8d: out=8'h5d;
8'h8e: out=8'h19;
8'h8f: out=8'h73;
8'h90: out=8'h60;
8'h91: out=8'h81;
8'h92: out=8'h4f;
8'h93: out=8'hdc;
8'h94: out=8'h22;
8'h95: out=8'h2a;
8'h96: out=8'h90;
8'h97: out=8'h88;
8'h98: out=8'h46;
8'h99: out=8'hee;
8'h9a: out=8'hb8;
8'h9b: out=8'h14;
8'h9c: out=8'hde;
8'h9d: out=8'h5e;
8'h9e: out=8'h0b;
8'h9f: out=8'hdb;
8'ha0: out=8'he0;
8'ha1: out=8'h32;
8'ha2: out=8'h3a;
8'ha3: out=8'h0a;
8'ha4: out=8'h49;
8'ha5: out=8'h06;
8'ha6: out=8'h24;
8'ha7: out=8'h5c;
8'ha8: out=8'hc2;
8'ha9: out=8'hd3;
8'haa: out=8'hac;
8'hab: out=8'h62;
8'hac: out=8'h91;
8'had: out=8'h95;
8'hae: out=8'he4;
8'haf: out=8'h79;
8'hb0: out=8'he7;
8'hb1: out=8'hc8;
8'hb2: out=8'h37;
8'hb3: out=8'h6d;
8'hb4: out=8'h8d;
8'hb5: out=8'hd5;
8'hb6: out=8'h4e;
8'hb7: out=8'ha9;
8'hb8: out=8'h6c;
8'hb9: out=8'h56;
8'hba: out=8'hf4;
8'hbb: out=8'hea;
8'hbc: out=8'h65;
8'hbd: out=8'h7a;
8'hbe: out=8'hae;
8'hbf: out=8'h08;
8'hc0: out=8'hba;
8'hc1: out=8'h78;
8'hc2: out=8'h25;
8'hc3: out=8'h2e;
8'hc4: out=8'h1c;
8'hc5: out=8'ha6;
8'hc6: out=8'hb4;
8'hc7: out=8'hc6;
8'hc8: out=8'he8;
8'hc9: out=8'hdd;
8'hca: out=8'h74;
8'hcb: out=8'h1f;
8'hcc: out=8'h4b;
8'hcd: out=8'hbd;
8'hce: out=8'h8b;
8'hcf: out=8'h8a;
8'hd0: out=8'h70;
8'hd1: out=8'h3e;
8'hd2: out=8'hb5;
8'hd3: out=8'h66;
8'hd4: out=8'h48;
8'hd5: out=8'h03;
8'hd6: out=8'hf6;
8'hd7: out=8'h0e;
8'hd8: out=8'h61;
8'hd9: out=8'h35;
8'hda: out=8'h57;
8'hdb: out=8'hb9;
8'hdc: out=8'h86;
8'hdd: out=8'hc1;
8'hde: out=8'h1d;
8'hdf: out=8'h9e;
8'he0: out=8'he1;
8'he1: out=8'hf8;
8'he2: out=8'h98;
8'he3: out=8'h11;
8'he4: out=8'h69;
8'he5: out=8'hd9;
8'he6: out=8'h8e;
8'he7: out=8'h94;
8'he8: out=8'h9b;
8'he9: out=8'h1e;
8'hea: out=8'h87;
8'heb: out=8'he9;
8'hec: out=8'hce;
8'hed: out=8'h55;
8'hee: out=8'h28;
8'hef: out=8'hdf;
8'hf0: out=8'h8c;
8'hf1: out=8'ha1;
8'hf2: out=8'h89;
8'hf3: out=8'h0d;
8'hf4: out=8'hbf;
8'hf5: out=8'he6;
8'hf6: out=8'h42;
8'hf7: out=8'h68;
8'hf8: out=8'h41;
8'hf9: out=8'h99;
8'hfa: out=8'h2d;
8'hfb: out=8'h0f;
8'hfc: out=8'hb0;
8'hfd: out=8'h54;
8'hfe: out=8'hbb;
8'hff: out=8'h16;
endcase
endmodule
module rcon(clk,rst,write,rconout);
output [7:0] rconout;
input clk,rst,write;
reg [7:0] rconout;
always @ (posedge clk)
begin
if(rst)
rconout<=8'h01;
else if(write)
rconout<=(rconout[7]==0)? (rconout<<1):((rconout<<1)^{8'h1b});
else
rconout<=rconout;
end
endmodule
module crydap(clk,wrsben,wrsbaddr,sbdata,keyadsel,mixsel,reginsel,wrregen,intxt,roundkey,outtxt);
output [127:0] outtxt;
input clk,wrsben,wrregen,mixsel,reginsel;
input [1:0] keyadsel;
input [3:0] wrsbaddr;
input [127:0] sbdata,intxt,roundkey;
wire [7:0] sb0out,sb1out,sb2out,sb3out,sb4out,sb5out,sb6out,sb7out;
wire [7:0] sb8out,sb9out,sb10out,sb11out,sb12out,sb13out,sb14out,sb15out;
wire [7:0] a0,b0,c0,a1,b1,c1,a2,b2,c2,a3,b3,c3,a4,b4,c4,a5,b5,c5;
wire [7:0] a6,b6,c6,a7,b7,c7,a8,b8,c8,a9,b9,c9,a10,b10,c10,a11,b11,c11;
wire [7:0] a12,b12,c12,a13,b13,c13,a14,b14,c14,a15,b15,c15;
wire [7:0] d0,d1,d2,d3,d4,d5,d6,d7,d8,d9,d10,d11,d12,d13,d14,d15;
wire [7:0] e0,e1,e2,e3,e4,e5,e6,e7,e8,e9,e10,e11,e12,e13,e14,e15;
wire [7:0] f0,f1,f2,f3,f4,f5,f6,f7,f8,f9,f10,f11,f12,f13,f14,f15;
wire [7:0] g0,g1,g2,g3,g4,g5,g6,g7,g8,g9,g10,g11,g12,g13,g14,g15;
wire [7:0] i0,i1,i2,i3,i4,i5,i6,i7,i8,i9,i10,i11,i12,i13,i14,i15;
wire [7:0] j0,j1,j2,j3,j4,j5,j6,j7,j8,j9,j10,j11,j12,j13,j14,j15;
wire [7:0] f002,f003,f009,f00b,f00d,f00e;
wire [7:0] f102,f103,f109,f10b,f10d,f10e;
wire [7:0] f202,f203,f209,f20b,f20d,f20e;
wire [7:0] f302,f303,f309,f30b,f30d,f30e;
wire [7:0] f402,f403,f409,f40b,f40d,f40e;
wire [7:0] f502,f503,f509,f50b,f50d,f50e;
wire [7:0] f602,f603,f609,f60b,f60d,f60e;
wire [7:0] f702,f703,f709,f70b,f70d,f70e;
wire [7:0] f802,f803,f809,f80b,f80d,f80e;
wire [7:0] f902,f903,f909,f90b,f90d,f90e;
wire [7:0] f1002,f1003,f1009,f100b,f100d,f100e;
wire [7:0] f1102,f1103,f1109,f110b,f110d,f110e;
wire [7:0] f1202,f1203,f1209,f120b,f120d,f120e;
wire [7:0] f1302,f1303,f1309,f130b,f130d,f130e;
wire [7:0] f1402,f1403,f1409,f140b,f140d,f140e;
wire [7:0] f1502,f1503,f1509,f150b,f150d,f150e;
wire [127:0] d,e,g,h;
sbox sbox0(clk,wrsben,wrsbaddr,sbdata,outtxt[127:120],sb0out);
sbox sbox1(clk,wrsben,wrsbaddr,sbdata,outtxt[119:112],sb1out);
sbox sbox2(clk,wrsben,wrsbaddr,sbdata,outtxt[111:104],sb2out);
sbox sbox3(clk,wrsben,wrsbaddr,sbdata,outtxt[103:96],sb3out);
sbox sbox4(clk,wrsben,wrsbaddr,sbdata,outtxt[95:88],sb4out);
sbox sbox5(clk,wrsben,wrsbaddr,sbdata,outtxt[87:80],sb5out);
sbox sbox6(clk,wrsben,wrsbaddr,sbdata,outtxt[79:72],sb6out);
sbox sbox7(clk,wrsben,wrsbaddr,sbdata,outtxt[71:64],sb7out);
sbox sbox8(clk,wrsben,wrsbaddr,sbdata,outtxt[63:56],sb8out);
sbox sbox9(clk,wrsben,wrsbaddr,sbdata,outtxt[55:48],sb9out);
sbox sbox10(clk,wrsben,wrsbaddr,sbdata,outtxt[47:40],sb10out);
sbox sbox11(clk,wrsben,wrsbaddr,sbdata,outtxt[39:32],sb11out);
sbox sbox12(clk,wrsben,wrsbaddr,sbdata,outtxt[31:24],sb12out);
sbox sbox13(clk,wrsben,wrsbaddr,sbdata,outtxt[23:16],sb13out);
sbox sbox14(clk,wrsben,wrsbaddr,sbdata,outtxt[15:8],sb14out);
sbox sbox15(clk,wrsben,wrsbaddr,sbdata,outtxt[7:0],sb15out);
mux21_8 mux21_8_0(mixsel,sb0out,e0,f0);
mux21_8 mux21_8_1(mixsel,sb1out,e1,f1);
mux21_8 mux21_8_2(mixsel,sb2out,e2,f2);
mux21_8 mux21_8_3(mixsel,sb3out,e3,f3);
mux21_8 mux21_8_4(mixsel,sb4out,e4,f4);
mux21_8 mux21_8_5(mixsel,sb5out,e5,f5);
mux21_8 mux21_8_6(mixsel,sb6out,e6,f6);
mux21_8 mux21_8_7(mixsel,sb7out,e7,f7);
mux21_8 mux21_8_8(mixsel,sb8out,e8,f8);
mux21_8 mux21_8_9(mixsel,sb9out,e9,f9);
mux21_8 mux21_8_10(mixsel,sb10out,e10,f10);
mux21_8 mux21_8_11(mixsel,sb11out,e11,f11);
mux21_8 mux21_8_12(mixsel,sb12out,e12,f12);
mux21_8 mux21_8_13(mixsel,sb13out,e13,f13);
mux21_8 mux21_8_14(mixsel,sb14out,e14,f14);
mux21_8 mux21_8_15(mixsel,sb15out,e15,f15);
byte0203 byte0203_0(f0,f002,f003);
byte0203 byte0203_1(f1,f102,f103);
byte0203 byte0203_2(f2,f202,f203);
byte0203 byte0203_3(f3,f302,f303);
byte0203 byte0203_4(f4,f402,f403);
byte0203 byte0203_5(f5,f502,f503);
byte0203 byte0203_6(f6,f602,f603);
byte0203 byte0203_7(f7,f702,f703);
byte0203 byte0203_8(f8,f802,f803);
byte0203 byte0203_9(f9,f902,f903);
byte0203 byte0203_10(f10,f1002,f1003);
byte0203 byte0203_11(f11,f1102,f1103);
byte0203 byte0203_12(f12,f1202,f1203);
byte0203 byte0203_13(f13,f1302,f1303);
byte0203 byte0203_14(f14,f1402,f1403);
byte0203 byte0203_15(f15,f1502,f1503);
byte9bde byte9bde_0(f0,f002,f003,f009,f00b,f00d,f00e);
byte9bde byte9bde_1(f1,f102,f103,f109,f10b,f10d,f10e);
byte9bde byte9bde_2(f2,f202,f203,f209,f20b,f20d,f20e);
byte9bde byte9bde_3(f3,f302,f303,f309,f30b,f30d,f30e);
byte9bde byte9bde_4(f4,f402,f403,f409,f40b,f40d,f40e);
byte9bde byte9bde_5(f5,f502,f503,f509,f50b,f50d,f50e);
byte9bde byte9bde_6(f6,f602,f603,f609,f60b,f60d,f60e);
byte9bde byte9bde_7(f7,f702,f703,f709,f70b,f70d,f70e);
byte9bde byte9bde_8(f8,f802,f803,f809,f80b,f80d,f80e);
byte9bde byte9bde_9(f9,f902,f903,f909,f90b,f90d,f90e);
byte9bde byte9bde_10(f10,f1002,f1003,f1009,f100b,f100d,f100e);
byte9bde byte9bde_11(f11,f1102,f1103,f1109,f110b,f110d,f110e);
byte9bde byte9bde_12(f12,f1202,f1203,f1209,f120b,f120d,f120e);
byte9bde byte9bde_13(f13,f1302,f1303,f1309,f130b,f130d,f130e);
byte9bde byte9bde_14(f14,f1402,f1403,f1409,f140b,f140d,f140e);
byte9bde byte9bde_15(f15,f1502,f1503,f1509,f150b,f150d,f150e);
assign a0=f002^f503;
assign b0=sb10out^sb15out;
assign c0=a0^b0;
mux41_8 mux41_8_0(keyadsel,intxt[127:120],c0,sb0out,sb0out,d0);
assign a1=sb0out^f502;
assign b1=f1003^sb15out;
assign c1=a1^b1;
mux41_8 mux41_8_1(keyadsel,intxt[119:112],c1,sb5out,sb13out,d1);
assign a2=sb0out^sb5out;
assign b2=f1002^f1503;
assign c2=a2^b2;
mux41_8 mux41_8_2(keyadsel,intxt[111:104],c2,sb10out,sb10out,d2);
assign a3=f003^sb5out;
assign b3=sb10out^f1502;
assign c3=a3^b3;
mux41_8 mux41_8_3(keyadsel,intxt[103:96],c3,sb15out,sb7out,d3);
assign a4=f402^f903;
assign b4=sb14out^sb3out;
assign c4=a4^b4;
mux41_8 mux41_8_4(keyadsel,intxt[95:88],c4,sb4out,sb4out,d4);
assign a5=sb4out^f902;
assign b5=f1403^sb3out;
assign c5=a5^b5;
mux41_8 mux41_8_5(keyadsel,intxt[87:80],c5,sb9out,sb1out,d5);
assign a6=sb4out^sb9out;
assign b6=f1402^f303;
assign c6=a6^b6;
mux41_8 mux41_8_6(keyadsel,intxt[79:72],c6,sb14out,sb14out,d6);
assign a7=f403^sb9out;
assign b7=sb14out^f302;
assign c7=a7^b7;
mux41_8 mux41_8_7(keyadsel,intxt[71:64],c7,sb3out,sb11out,d7);
assign a8=f802^f1303;
assign b8=sb2out^sb7out;
assign c8=a8^b8;
mux41_8 mux41_8_8(keyadsel,intxt[63:56],c8,sb8out,sb8out,d8);
assign a9=sb8out^f1302;
assign b9=f203^sb7out;
assign c9=a9^b9;
mux41_8 mux41_8_9(keyadsel,intxt[55:48],c9,sb13out,sb5out,d9);
assign a10=sb8out^sb13out;
assign b10=f202^f703;
assign c10=a10^b10;
mux41_8 mux41_8_10(keyadsel,intxt[47:40],c10,sb2out,sb2out,d10);
assign a11=f803^sb13out;
assign b11=sb2out^f702;
assign c11=a11^b11;
mux41_8 mux41_8_11(keyadsel,intxt[39:32],c11,sb7out,sb15out,d11);
assign a12=f1202^f103;
assign b12=sb6out^sb11out;
assign c12=a12^b12;
mux41_8 mux41_8_12(keyadsel,intxt[31:24],c12,sb12out,sb12out,d12);
assign a13=sb12out^f102;
assign b13=f603^sb11out;
assign c13=a13^b13;
mux41_8 mux41_8_13(keyadsel,intxt[23:16],c13,sb1out,sb9out,d13);
assign a14=sb12out^sb1out;
assign b14=f602^f1103;
assign c14=a14^b14;
mux41_8 mux41_8_14(keyadsel,intxt[15:8],c14,sb6out,sb6out,d14);
assign a15=f1203^sb1out;
assign b15=sb6out^f1102;
assign c15=a15^b15;
mux41_8 mux41_8_15(keyadsel,intxt[7:0],c15,sb11out,sb3out,d15);
assign d={d0,d1,d2,d3,d4,d5,d6,d7,d8,d9,d10,d11,d12,d13,d14,d15};
assign e={e0,e1,e2,e3,e4,e5,e6,e7,e8,e9,e10,e11,e12,e13,e14,e15};
assign g={g0,g1,g2,g3,g4,g5,g6,g7,g8,g9,g10,g11,g12,g13,g14,g15};
assign {e0,e1,e2,e3,e4,e5,e6,e7,e8,e9,e10,e11,e12,e13,e14,e15}=d^roundkey;
assign i0=f00e^f10b;
assign j0=f20d^f309;
assign g0=i0^j0;
assign i1=f009^f10e;
assign j1=f20b^f30d;
assign g1=i1^j1;
assign i2=f00d^f109;
assign j2=f20e^f30b;
assign g2=i2^j2;
assign i3=f00b^f10d;
assign j3=f209^f30e;
assign g3=i3^j3;
assign i4=f40e^f50b;
assign j4=f60d^f709;
assign g4=i4^j4;
assign i5=f409^f50e;
assign j5=f60b^f70d;
assign g5=i5^j5;
assign i6=f40d^f509;
assign j6=f60e^f70b;
assign g6=i6^j6;
assign i7=f40b^f50d;
assign j7=f609^f70e;
assign g7=i7^j7;
assign i8=f80e^f90b;
assign j8=f100d^f1109;
assign g8=i8^j8;
assign i9=f809^f90e;
assign j9=f100b^f110d;
assign g9=i9^j9;
assign i10=f80d^f909;
assign j10=f100e^f110b;
assign g10=i10^j10;
assign i11=f80b^f90d;
assign j11=f1009^f110e;
assign g11=i11^j11;
assign i12=f120e^f130b;
assign j12=f140d^f1509;
assign g12=i12^j12;
assign i13=f1209^f130e;
assign j13=f140b^f150d;
assign g13=i13^j13;
assign i14=f120d^f1309;
assign j14=f140e^f150b;
assign g14=i14^j14;
assign i15=f120b^f130d;
assign j15=f1409^f150e;
assign g15=i15^j15;
mux21_128 mux21_128_0(reginsel,e,g,h);
reg_128 resultreg(clk,wrregen,h,outtxt);
endmodule
module sbox(clk,write,wr_addr,din,rd_addr,dout);
input clk;
input write;
input [3:0] wr_addr;
input [127:0] din;
input [7:0] rd_addr;
output [7:0] dout;
reg [15:0] decout;
wire [15:0] write_reg;
wire [127:0] reg0out,reg1out,reg2out,reg3out,reg4out,reg5out,reg6out,reg7out,reg8out,reg9out,reg10out,reg11out,reg12out,reg13out,reg14out,reg15out;
reg [7:0] dout;
always @ (wr_addr)
case(wr_addr)
4'd0: decout=16'b0000_0000_0000_0001;
4'd1: decout=16'b0000_0000_0000_0010;
4'd2: decout=16'b0000_0000_0000_0100;
4'd3: decout=16'b0000_0000_0000_1000;
4'd4: decout=16'b0000_0000_0001_0000;
4'd5: decout=16'b0000_0000_0010_0000;
4'd6: decout=16'b0000_0000_0100_0000;
4'd7: decout=16'b0000_0000_1000_0000;
4'd8: decout=16'b0000_0001_0000_0000;
4'd9: decout=16'b0000_0010_0000_0000;
4'd10: decout=16'b0000_0100_0000_0000;
4'd11: decout=16'b0000_1000_0000_0000;
4'd12: decout=16'b0001_0000_0000_0000;
4'd13: decout=16'b0010_0000_0000_0000;
4'd14: decout=16'b0100_0000_0000_0000;
4'd15: decout=16'b1000_0000_0000_0000;
endcase
assign write_reg=decout & {write,write,write,write,write,write,write,write,write,write,write,write,write,write,write,write};
reg_128 reg0(clk,write_reg[0],din,reg0out);
reg_128 reg1(clk,write_reg[1],din,reg1out);
reg_128 reg2(clk,write_reg[2],din,reg2out);
reg_128 reg3(clk,write_reg[3],din,reg3out);
reg_128 reg4(clk,write_reg[4],din,reg4out);
reg_128 reg5(clk,write_reg[5],din,reg5out);
reg_128 reg6(clk,write_reg[6],din,reg6out);
reg_128 reg7(clk,write_reg[7],din,reg7out);
reg_128 reg8(clk,write_reg[8],din,reg8out);
reg_128 reg9(clk,write_reg[9],din,reg9out);
reg_128 reg10(clk,write_reg[10],din,reg10out);
reg_128 reg11(clk,write_reg[11],din,reg11out);
reg_128 reg12(clk,write_reg[12],din,reg12out);
reg_128 reg13(clk,write_reg[13],din,reg13out);
reg_128 reg14(clk,write_reg[14],din,reg14out);
reg_128 reg15(clk,write_reg[15],din,reg15out);
always @(rd_addr or reg0out or reg1out or reg2out or reg3out or reg4out or reg5out or reg6out or reg7out or reg8out or reg9out or reg10out or reg11out or reg12out or reg13out or reg14out or reg15out)
case(rd_addr)
8'd0: dout=reg0out[127:120];
8'd1: dout=reg0out[119:112];
8'd2: dout=reg0out[111:104];
8'd3: dout=reg0out[103:96];
8'd4: dout=reg0out[95:88];
8'd5: dout=reg0out[87:80];
8'd6: dout=reg0out[79:72];
8'd7: dout=reg0out[71:64];
8'd8: dout=reg0out[63:56];
8'd9: dout=reg0out[55:48];
8'd10: dout=reg0out[47:40];
8'd11: dout=reg0out[39:32];
8'd12: dout=reg0out[31:24];
8'd13: dout=reg0out[23:16];
8'd14: dout=reg0out[15:8];
8'd15: dout=reg0out[7:0];
8'd16: dout=reg1out[127:120];
8'd17: dout=reg1out[119:112];
8'd18: dout=reg1out[111:104];
8'd19: dout=reg1out[103:96];
8'd20: dout=reg1out[95:88];
8'd21: dout=reg1out[87:80];
8'd22: dout=reg1out[79:72];
8'd23: dout=reg1out[71:64];
8'd24: dout=reg1out[63:56];
8'd25: dout=reg1out[55:48];
8'd26: dout=reg1out[47:40];
8'd27: dout=reg1out[39:32];
8'd28: dout=reg1out[31:24];
8'd29: dout=reg1out[23:16];
8'd30: dout=reg1out[15:8];
8'd31: dout=reg1out[7:0];
8'd32: dout=reg2out[127:120];
8'd33: dout=reg2out[119:112];
8'd34: dout=reg2out[111:104];
8'd35: dout=reg2out[103:96];
8'd36: dout=reg2out[95:88];
8'd37: dout=reg2out[87:80];
8'd38: dout=reg2out[79:72];
8'd39: dout=reg2out[71:64];
8'd40: dout=reg2out[63:56];
8'd41: dout=reg2out[55:48];
8'd42: dout=reg2out[47:40];
8'd43: dout=reg2out[39:32];
8'd44: dout=reg2out[31:24];
8'd45: dout=reg2out[23:16];
8'd46: dout=reg2out[15:8];
8'd47: dout=reg2out[7:0];
8'd48: dout=reg3out[127:120];
8'd49: dout=reg3out[119:112];
8'd50: dout=reg3out[111:104];
8'd51: dout=reg3out[103:96];
8'd52: dout=reg3out[95:88];
8'd53: dout=reg3out[87:80];
8'd54: dout=reg3out[79:72];
8'd55: dout=reg3out[71:64];
8'd56: dout=reg3out[63:56];
8'd57: dout=reg3out[55:48];
8'd58: dout=reg3out[47:40];
8'd59: dout=reg3out[39:32];
8'd60: dout=reg3out[31:24];
8'd61: dout=reg3out[23:16];
8'd62: dout=reg3out[15:8];
8'd63: dout=reg3out[7:0];
8'd64: dout=reg4out[127:120];
8'd65: dout=reg4out[119:112];
8'd66: dout=reg4out[111:104];
8'd67: dout=reg4out[103:96];
8'd68: dout=reg4out[95:88];
8'd69: dout=reg4out[87:80];
8'd70: dout=reg4out[79:72];
8'd71: dout=reg4out[71:64];
8'd72: dout=reg4out[63:56];
8'd73: dout=reg4out[55:48];
8'd74: dout=reg4out[47:40];
8'd75: dout=reg4out[39:32];
8'd76: dout=reg4out[31:24];
8'd77: dout=reg4out[23:16];
8'd78: dout=reg4out[15:8];
8'd79: dout=reg4out[7:0];
8'd80: dout=reg5out[127:120];
8'd81: dout=reg5out[119:112];
8'd82: dout=reg5out[111:104];
8'd83: dout=reg5out[103:96];
8'd84: dout=reg5out[95:88];
8'd85: dout=reg5out[87:80];
8'd86: dout=reg5out[79:72];
8'd87: dout=reg5out[71:64];
8'd88: dout=reg5out[63:56];
8'd89: dout=reg5out[55:48];
8'd90: dout=reg5out[47:40];
8'd91: dout=reg5out[39:32];
8'd92: dout=reg5out[31:24];
8'd93: dout=reg5out[23:16];
8'd94: dout=reg5out[15:8];
8'd95: dout=reg5out[7:0];
8'd96: dout=reg6out[127:120];
8'd97: dout=reg6out[119:112];
8'd98: dout=reg6out[111:104];
8'd99: dout=reg6out[103:96];
8'd100: dout=reg6out[95:88];
8'd101: dout=reg6out[87:80];
8'd102: dout=reg6out[79:72];
8'd103: dout=reg6out[71:64];
8'd104: dout=reg6out[63:56];
8'd105: dout=reg6out[55:48];
8'd106: dout=reg6out[47:40];
8'd107: dout=reg6out[39:32];
8'd108: dout=reg6out[31:24];
8'd109: dout=reg6out[23:16];
8'd110: dout=reg6out[15:8];
8'd111: dout=reg6out[7:0];
8'd112: dout=reg7out[127:120];
8'd113: dout=reg7out[119:112];
8'd114: dout=reg7out[111:104];
8'd115: dout=reg7out[103:96];
8'd116: dout=reg7out[95:88];
8'd117: dout=reg7out[87:80];
8'd118: dout=reg7out[79:72];
8'd119: dout=reg7out[71:64];
8'd120: dout=reg7out[63:56];
8'd121: dout=reg7out[55:48];
8'd122: dout=reg7out[47:40];
8'd123: dout=reg7out[39:32];
8'd124: dout=reg7out[31:24];
8'd125: dout=reg7out[23:16];
8'd126: dout=reg7out[15:8];
8'd127: dout=reg7out[7:0];
8'd128: dout=reg8out[127:120];
8'd129: dout=reg8out[119:112];
8'd130: dout=reg8out[111:104];
8'd131: dout=reg8out[103:96];
8'd132: dout=reg8out[95:88];
8'd133: dout=reg8out[87:80];
8'd134: dout=reg8out[79:72];
8'd135: dout=reg8out[71:64];
8'd136: dout=reg8out[63:56];
8'd137: dout=reg8out[55:48];
8'd138: dout=reg8out[47:40];
8'd139: dout=reg8out[39:32];
8'd140: dout=reg8out[31:24];
8'd141: dout=reg8out[23:16];
8'd142: dout=reg8out[15:8];
8'd143: dout=reg8out[7:0];
8'd144: dout=reg9out[127:120];
8'd145: dout=reg9out[119:112];
8'd146: dout=reg9out[111:104];
8'd147: dout=reg9out[103:96];
8'd148: dout=reg9out[95:88];
8'd149: dout=reg9out[87:80];
8'd150: dout=reg9out[79:72];
8'd151: dout=reg9out[71:64];
8'd152: dout=reg9out[63:56];
8'd153: dout=reg9out[55:48];
8'd154: dout=reg9out[47:40];
8'd155: dout=reg9out[39:32];
8'd156: dout=reg9out[31:24];
8'd157: dout=reg9out[23:16];
8'd158: dout=reg9out[15:8];
8'd159: dout=reg9out[7:0];
8'd160: dout=reg10out[127:120];
8'd161: dout=reg10out[119:112];
8'd162: dout=reg10out[111:104];
8'd163: dout=reg10out[103:96];
8'd164: dout=reg10out[95:88];
8'd165: dout=reg10out[87:80];
8'd166: dout=reg10out[79:72];
8'd167: dout=reg10out[71:64];
8'd168: dout=reg10out[63:56];
8'd169: dout=reg10out[55:48];
8'd170: dout=reg10out[47:40];
8'd171: dout=reg10out[39:32];
8'd172: dout=reg10out[31:24];
8'd173: dout=reg10out[23:16];
8'd174: dout=reg10out[15:8];
8'd175: dout=reg10out[7:0];
8'd176: dout=reg11out[127:120];
8'd177: dout=reg11out[119:112];
8'd178: dout=reg11out[111:104];
8'd179: dout=reg11out[103:96];
8'd180: dout=reg11out[95:88];
8'd181: dout=reg11out[87:80];
8'd182: dout=reg11out[79:72];
8'd183: dout=reg11out[71:64];
8'd184: dout=reg11out[63:56];
8'd185: dout=reg11out[55:48];
8'd186: dout=reg11out[47:40];
8'd187: dout=reg11out[39:32];
8'd188: dout=reg11out[31:24];
8'd189: dout=reg11out[23:16];
8'd190: dout=reg11out[15:8];
8'd191: dout=reg11out[7:0];
8'd192: dout=reg12out[127:120];
8'd193: dout=reg12out[119:112];
8'd194: dout=reg12out[111:104];
8'd195: dout=reg12out[103:96];
8'd196: dout=reg12out[95:88];
8'd197: dout=reg12out[87:80];
8'd198: dout=reg12out[79:72];
8'd199: dout=reg12out[71:64];
8'd200: dout=reg12out[63:56];
8'd201: dout=reg12out[55:48];
8'd202: dout=reg12out[47:40];
8'd203: dout=reg12out[39:32];
8'd204: dout=reg12out[31:24];
8'd205: dout=reg12out[23:16];
8'd206: dout=reg12out[15:8];
8'd207: dout=reg12out[7:0];
8'd208: dout=reg13out[127:120];
8'd209: dout=reg13out[119:112];
8'd210: dout=reg13out[111:104];
8'd211: dout=reg13out[103:96];
8'd212: dout=reg13out[95:88];
8'd213: dout=reg13out[87:80];
8'd214: dout=reg13out[79:72];
8'd215: dout=reg13out[71:64];
8'd216: dout=reg13out[63:56];
8'd217: dout=reg13out[55:48];
8'd218: dout=reg13out[47:40];
8'd219: dout=reg13out[39:32];
8'd220: dout=reg13out[31:24];
8'd221: dout=reg13out[23:16];
8'd222: dout=reg13out[15:8];
8'd223: dout=reg13out[7:0];
8'd224: dout=reg14out[127:120];
8'd225: dout=reg14out[119:112];
8'd226: dout=reg14out[111:104];
8'd227: dout=reg14out[103:96];
8'd228: dout=reg14out[95:88];
8'd229: dout=reg14out[87:80];
8'd230: dout=reg14out[79:72];
8'd231: dout=reg14out[71:64];
8'd232: dout=reg14out[63:56];
8'd233: dout=reg14out[55:48];
8'd234: dout=reg14out[47:40];
8'd235: dout=reg14out[39:32];
8'd236: dout=reg14out[31:24];
8'd237: dout=reg14out[23:16];
8'd238: dout=reg14out[15:8];
8'd239: dout=reg14out[7:0];
8'd240: dout=reg15out[127:120];
8'd241: dout=reg15out[119:112];
8'd242: dout=reg15out[111:104];
8'd243: dout=reg15out[103:96];
8'd244: dout=reg15out[95:88];
8'd245: dout=reg15out[87:80];
8'd246: dout=reg15out[79:72];
8'd247: dout=reg15out[71:64];
8'd248: dout=reg15out[63:56];
8'd249: dout=reg15out[55:48];
8'd250: dout=reg15out[47:40];
8'd251: dout=reg15out[39:32];
8'd252: dout=reg15out[31:24];
8'd253: dout=reg15out[23:16];
8'd254: dout=reg15out[15:8];
8'd255: dout=reg15out[7:0];
endcase
endmodule
module mux21_8(sel,a,b,c);
output[7:0] c;
input[7:0] a,b;
input sel;
reg [7:0] c;
always@(sel or a or b)
case(sel)
1'b0: c=a;
1'b1: c=b;
endcase
endmodule
module byte0203(a,a02,a03);
output[7:0] a02,a03;
input[7:0] a;
wire [7:0] b,c;
assign b={a[6:0],1'b0};
assign c=b^{8'h1b};
assign a02=(a[7]==0)? b:c;
assign a03=a02^a;
endmodule
module byte9bde(a,a02,a03,a09,a0b,a0d,a0e);
output[7:0] a09,a0b,a0d,a0e;
input[7:0] a,a02,a03;
wire [7:0] a04,a08,b,c;
byte02 byte02_0(a02,a04);
byte02 byte02_1(a04,a08);
assign a09=a08^a;
assign a0b=a08^a03;
assign b=a04^a;
assign c=a04^a02;
assign a0d=a08^b;
assign a0e=a08^c;
endmodule
module byte02(a,a02);
output[7:0] a02;
input[7:0] a;
wire [7:0] b,c;
assign b={a[6:0],1'b0};
assign c=b^{8'h1b};
assign a02=(a[7]==0)? b:c;
endmodule
module mux41_8(sel,a,b,c,d,e);
output[7:0] e;
input[7:0] a,b,c,d;
input [1:0] sel;
reg [7:0] e;
always@(sel or a or b or c or d)
case(sel)
2'b00: e=a;
2'b01: e=b;
2'b10: e=c;
2'b11: e=d;
endcase
endmodule
module mux21_128(sel,a,b,c);
output[127:0] c;
input[127:0] a,b;
input sel;
reg [127:0] c;
always@(sel or a or b)
case(sel)
1'b0: c=a;
1'b1: c=b;
endcase
endmodule
module aes_tb;
wire [127:0] dout;
wire keyexprdy,encdecrdy;
reg clk,rst,load,keyexpen,staenc,stadec;
reg [4:0] address;
reg [127:0] din;
aes aes(clk,rst,load,address,keyexpen,staenc,stadec,
din,keyexprdy,encdecrdy,dout);
//clock generation
initial clk = 1;
always #50 clk = ~clk;
initial
begin
#20 rst=1; //reset.
#200 rst=0; //load key.
load=1;
address=5'd16;
din=128'h2b7e1516_28aed2a6_abf71588_09cf4f3c;
keyexpen=0;
staenc=0;
stadec=0;
#100 rst=0;
load=0;
address=5'd0;
keyexpen=1; //key expansion.
staenc=0;
stadec=0;
#100 rst=0;
load=0;
address=5'd0;
keyexpen=0;
staenc=0;
stadec=0;
#1000 rst=0; //encryption sbox configuration.
load=1;
address=5'd0;
din=128'h637c777bf26b6fc53001672bfed7ab76;
keyexpen=0;
staenc=0;
stadec=0;
#100 address=5'd1;
din=128'hca82c97dfa5947f0add4a2af9ca472c0;
#100 address=5'd2;
din=128'hb7fd9326363ff7cc34a5e5f171d83115;
#100 address=5'd3;
din=128'h04c723c31896059a071280e2eb27b275;
#100 address=5'd4;
din=128'h09832c1a1b6e5aa0523bd6b329e32f84;
#100 address=5'd5;
din=128'h53d100ed20fcb15b6acbbe394a4c58cf;
#100 address=5'd6;
din=128'hd0efaafb434d338545f9027f503c9fa8;
#100 address=5'd7;
din=128'h51a3408f929d38f5bcb6da2110fff3d2;
#100 address=5'd8;
din=128'hcd0c13ec5f974417c4a77e3d645d1973;
#100 address=5'd9;
din=128'h60814fdc222a908846eeb814de5e0bdb;
#100 address=5'd10;
din=128'he0323a0a4906245cc2d3ac629195e479;
#100 address=5'd11;
din=128'he7c8376d8dd54ea96c56f4ea657aae08;
#100 address=5'd12;
din=128'hba78252e1ca6b4c6e8dd741f4bbd8b8a;
#100 address=5'd13;
din=128'h703eb5664803f60e613557b986c11d9e;
#100 address=5'd14;
din=128'he1f8981169d98e949b1e87e9ce5528df;
#100 address=5'd15;
din=128'h8ca1890dbfe6426841992d0fb054bb16;
#100 load=1;
address=5'd16; //load plain text.
din=128'h3243f6a8_885a308d_313198a2_e0370734;
#100 load=0;
staenc=1; // start encryption.
#100 staenc=0;
#1200 load=1; //decryption sbox configuration.
address=5'd0;
din=128'h52096ad53036a538bf40a39e81f3d7fb;
#100 address=5'd1;
din=128'h7ce339829b2fff87348e4344c4dee9cb;
#100 address=5'd2;
din=128'h547b9432a6c2233dee4c950b42fac34e;
#100 address=5'd3;
din=128'h082ea16628d924b2765ba2496d8bd125;
#100 address=5'd4;
din=128'h72f8f66486689816d4a45ccc5d65b692;
#100 address=5'd5;
din=128'h6c704850fdedb9da5e154657a78d9d84;
#100 address=5'd6;
din=128'h90d8ab008cbcd30af7e45805b8b34506;
#100 address=5'd7;
din=128'hd02c1e8fca3f0f02c1afbd0301138a6b;
#100 address=5'd8;
din=128'h3a9111414f67dcea97f2cfcef0b4e673;
#100 address=5'd9;
din=128'h96ac7422e7ad3585e2f937e81c75df6e;
#100 address=5'd10;
din=128'h47f11a711d29c5896fb7620eaa18be1b;
#100 address=5'd11;
din=128'hfc563e4bc6d279209adbc0fe78cd5af4;
#100 address=5'd12;
din=128'h1fdda8338807c731b11210592780ec5f;
#100 address=5'd13;
din=128'h60517fa919b54a0d2de57a9f93c99cef;
#100 address=5'd14;
din=128'ha0e03b4dae2af5b0c8ebbb3c83539961;
#100 address=5'd15;
din=128'h172b047eba77d626e169146355210c7d;
#100 load=1;
address=5'd16; //load cipher text.
din=128'h3925841d_02dc09fb_dc118597_196a0b32;
#100 load=0;
stadec=1; //start decryption.
#100 stadec=0;
#1500 $finish;
end
endmodule
3、设计AES密码处理器的测试文件1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
module aes_tb;
wire [127:0] dout;
wire keyexprdy,encdecrdy;
reg clk,rst,load,keyexpen,staenc,stadec;
reg [4:0] address;
reg [127:0] din;
aes aes(clk,rst,load,address,keyexpen,staenc,stadec,
din,keyexprdy,encdecrdy,dout);
//clock generation
initial clk = 1;
always #50 clk = ~clk;
initial
begin
#20 rst=1; //reset.
#200 rst=0; //load key.
load=1;
address=5'd16;
din=128'h2b7e1516_28aed2a6_abf71588_09cf4f3c;
keyexpen=0;
staenc=0;
stadec=0;
#100 rst=0;
load=0;
address=5'd0;
keyexpen=1; //key expansion.
staenc=0;
stadec=0;
#100 rst=0;
load=0;
address=5'd0;
keyexpen=0;
staenc=0;
stadec=0;
#1000 rst=0; //encryption sbox configuration.
load=1;
address=5'd0;
din=128'h637c777bf26b6fc53001672bfed7ab76;
keyexpen=0;
staenc=0;
stadec=0;
#100 address=5'd1;
din=128'hca82c97dfa5947f0add4a2af9ca472c0;
#100 address=5'd2;
din=128'hb7fd9326363ff7cc34a5e5f171d83115;
#100 address=5'd3;
din=128'h04c723c31896059a071280e2eb27b275;
#100 address=5'd4;
din=128'h09832c1a1b6e5aa0523bd6b329e32f84;
#100 address=5'd5;
din=128'h53d100ed20fcb15b6acbbe394a4c58cf;
#100 address=5'd6;
din=128'hd0efaafb434d338545f9027f503c9fa8;
#100 address=5'd7;
din=128'h51a3408f929d38f5bcb6da2110fff3d2;
#100 address=5'd8;
din=128'hcd0c13ec5f974417c4a77e3d645d1973;
#100 address=5'd9;
din=128'h60814fdc222a908846eeb814de5e0bdb;
#100 address=5'd10;
din=128'he0323a0a4906245cc2d3ac629195e479;
#100 address=5'd11;
din=128'he7c8376d8dd54ea96c56f4ea657aae08;
#100 address=5'd12;
din=128'hba78252e1ca6b4c6e8dd741f4bbd8b8a;
#100 address=5'd13;
din=128'h703eb5664803f60e613557b986c11d9e;
#100 address=5'd14;
din=128'he1f8981169d98e949b1e87e9ce5528df;
#100 address=5'd15;
din=128'h8ca1890dbfe6426841992d0fb054bb16;
#100 load=1;
address=5'd16; //load plain text.
din=128'h3243f6a8_885a308d_313198a2_e0370734;
#100 load=0;
staenc=1; // start encryption.
#100 staenc=0;
#1200 load=1; //decryption sbox configuration.
address=5'd0;
din=128'h52096ad53036a538bf40a39e81f3d7fb;
#100 address=5'd1;
din=128'h7ce339829b2fff87348e4344c4dee9cb;
#100 address=5'd2;
din=128'h547b9432a6c2233dee4c950b42fac34e;
#100 address=5'd3;
din=128'h082ea16628d924b2765ba2496d8bd125;
#100 address=5'd4;
din=128'h72f8f66486689816d4a45ccc5d65b692;
#100 address=5'd5;
din=128'h6c704850fdedb9da5e154657a78d9d84;
#100 address=5'd6;
din=128'h90d8ab008cbcd30af7e45805b8b34506;
#100 address=5'd7;
din=128'hd02c1e8fca3f0f02c1afbd0301138a6b;
#100 address=5'd8;
din=128'h3a9111414f67dcea97f2cfcef0b4e673;
#100 address=5'd9;
din=128'h96ac7422e7ad3585e2f937e81c75df6e;
#100 address=5'd10;
din=128'h47f11a711d29c5896fb7620eaa18be1b;
#100 address=5'd11;
din=128'hfc563e4bc6d279209adbc0fe78cd5af4;
#100 address=5'd12;
din=128'h1fdda8338807c731b11210592780ec5f;
#100 address=5'd13;
din=128'h60517fa919b54a0d2de57a9f93c99cef;
#100 address=5'd14;
din=128'ha0e03b4dae2af5b0c8ebbb3c83539961;
#100 address=5'd15;
din=128'h172b047eba77d626e169146355210c7d;
#100 load=1;
address=5'd16; //load cipher text.
din=128'h3925841d_02dc09fb_dc118597_196a0b32;
#100 load=0;
stadec=1; //start decryption.
#100 stadec=0;
#1500 $finish;
end
endmodule
4、将AES密码处理器的设计文件和测试文件输入Modelsim仿真工具,并进行编译和功能仿真。
5、观察AES密码处理器的仿真波形图,分析结果是否正确。若有错误,则修改设计文件或测试文件,重新编译和仿真。
五、实验结果
参见Modelsim中的仿真波形图,列出下列实验结果表。
AES密码处理器系统集成仿真结果:
六、实验结论
本实验对AES密码处理器进行了系统集成,并选择了20组不同的密钥和明文对其进行了功能仿真,仿真结果全部正确,这说明所设计的AES密码处理器的功能是正确的。
七、推荐测试数据
表1:AES加密算法测试数据
表2:AES解密算法测试数据
AES密码处理器综合优化与仿真分析
一、实验目的
掌握超大规模集成电路(VLSI)设计流程中的综合优化、布局布线、静态时序分析、时序仿真等技术的思想、原理和方法,并学会使用相关的EDA工具软件。
二、实验内容
1、利用QuartusII软件对AES密码处理器的Verilog RTL模型进行基于FPGA的综合优化、布局布线、静态时序分析(全编译),生成布局布线后的电路网表和时序文件。
2、对第1步得到的资源占用报告、静态时序分析报告进行分析,确定电路的规模和性能是否满足要求。若不满足则通过修改约束条件、重新编译来对电路进行优化。
3、利用Modelsim或QuartusII软件对布局布线后的电路网表进行时序仿真(需要用到前面生成的时序文件),确定电路是否满足时序要求。
三、实验环境
PC机1台、QuartusII软件、Modelsim仿真软件。
四、实验步骤
1、建立AES密码处理器的Verilog RTL模型。1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385module aes(clk,rst,load,address,keyexpen,staenc,stadec,din,keyexprdy,encdecrdy,dout);
output [127:0] dout;
output keyexprdy,encdecrdy;
input clk,rst,load,keyexpen,staenc,stadec;
input [4:0] address;
input [127:0] din;
wire wrpckreg,keysel,rndkren,wrrndkrf,rconen,
wrsben,mixsel,reginsel,wrregen;
wire [127:0] pckregout,roundkey;
wire [3:0] krfaddr,wrsbaddr;
wire [1:0] keyadsel;
reg_128 pckreg(clk,wrpckreg,din,pckregout);
aescontrol control(clk,rst,load,address,keyexpen,staenc,stadec,
keyexprdy,encdecrdy,keysel,rndkren,
wrrndkrf,krfaddr,rconen,wrsben,wrsbaddr,
keyadsel,mixsel,reginsel,wrregen,wrpckreg);
keyexp keyexp(clk,rst,keysel,rndkren,wrrndkrf,krfaddr,
rconen,pckregout,roundkey);
crydap crydap(clk,wrsben,wrsbaddr,din,keyadsel,mixsel,
reginsel,wrregen,pckregout,roundkey,dout);
endmodule
module reg_128(clk,write,din,dout);
output [127:0] dout;
input clk,write;
input [127:0] din;
reg [127:0] dout;
always @ (posedge clk)
begin
if(write)
dout<=din;
else
dout<=dout;
end
endmodule
module aescontrol(clk,rst,load,address,keyexp,staenc,
stadec,keyexprdy,encdecrdy,keysel,rndkren,
wrrndkrf,krfaddr,rconen,wrsben,wrsbaddr,
keyadsel,mixsel,reginsel,wrregen,wrpckreg);
output keyexprdy,encdecrdy,keysel,rndkren,wrrndkrf,rconen;
output wrsben,mixsel,reginsel,wrregen,wrpckreg;
output [1:0] keyadsel;
output [3:0] krfaddr,wrsbaddr;
input clk,rst,load,keyexp,staenc,stadec;
input[4:0] address;
wire [3:0] wrkrfaddr,rdkrfaddre,rdkrfaddrd,encstate,decstate;
wire [1:0] keyadsele,keyadseld;
wire mixsele,reginsele,wrregene,encrdy,mixseld,reginseld,wrregend,decrdy;
assign krfaddr=(encstate != 4'd0)? rdkrfaddre:
((decstate != 4'd0)?rdkrfaddrd:wrkrfaddr);
assign keyadsel=(encstate != 4'd0)? keyadsele:keyadseld;
assign mixsel=(encstate != 4'd0)? mixsele:mixseld;
assign reginsel=(encstate != 4'd0)? reginsele:reginseld;
assign wrregen=(encstate != 4'd0)? wrregene:wrregend;
assign encdecrdy=encrdy & decrdy;
keyexpfsm keyexpfsm(clk,rst,keyexp,keysel,rndkren,
wrrndkrf,wrkrfaddr,rconen,keyexprdy);
encryfsm encryfsm(clk,rst,staenc,keyadsele,mixsele,
reginsele,wrregene,rdkrfaddre,encrdy,encstate);
decryfsm decryfsm(clk,rst,stadec,keyadseld,mixseld,
reginseld,wrregend,rdkrfaddrd,decrdy,decstate);
assign wrsben=load & ~address[4];
assign wrsbaddr=address[3:0];
assign wrpckreg=load & address[4] & ~address[3] & ~address[2]
& ~address[1] & ~address[0];
endmodule
module keyexpfsm(clk,rst,keyexp,keysel,rndkren,wrrndkrf,wrkrfaddr,rconen,keyexprdy);
output keysel,rndkren,wrrndkrf,rconen,keyexprdy;
output [3:0] wrkrfaddr;
input clk,rst,keyexp;
reg [3:0] state,next_state,wrkrfaddr;
reg keysel,rndkren,keyexprdy;
always @(posedge clk)
begin
if(rst)
state<=4'd0;
else
state<=next_state;
end
always @ (state or keyexp)
case(state)
4'd0: if(keyexp == 1)
next_state = 4'd1;
else
next_state = 4'd0;
4'd1: next_state = 4'd2;
4'd2: next_state = 4'd3;
4'd3: next_state = 4'd4;
4'd4: next_state = 4'd5;
4'd5: next_state = 4'd6;
4'd6: next_state = 4'd7;
4'd7: next_state = 4'd8;
4'd8: next_state = 4'd9;
4'd9: next_state = 4'd10;
4'd10: next_state = 4'd11;
4'd11: next_state = 4'd0;
default: next_state = 4'd0;
endcase
always @ (state)
case(state)
4'd0: keysel=0;
4'd1: keysel=0;
4'd2: keysel=1;
4'd3: keysel=1;
4'd4: keysel=1;
4'd5: keysel=1;
4'd6: keysel=1;
4'd7: keysel=1;
4'd8: keysel=1;
4'd9: keysel=1;
4'd10: keysel=1;
4'd11: keysel=1;
default: keysel=0;
endcase
always @ (state)
case(state)
4'd0: rndkren=0;
4'd1: rndkren=1;
4'd2: rndkren=1;
4'd3: rndkren=1;
4'd4: rndkren=1;
4'd5: rndkren=1;
4'd6: rndkren=1;
4'd7: rndkren=1;
4'd8: rndkren=1;
4'd9: rndkren=1;
4'd10: rndkren=1;
4'd11: rndkren=1;
default: rndkren=0;
endcase
assign wrrndkrf=rndkren;
always @ (state)
case(state)
4'd0: wrkrfaddr=4'd0;
4'd1: wrkrfaddr=4'd0;
4'd2: wrkrfaddr=4'd1;
4'd3: wrkrfaddr=4'd2;
4'd4: wrkrfaddr=4'd3;
4'd5: wrkrfaddr=4'd4;
4'd6: wrkrfaddr=4'd5;
4'd7: wrkrfaddr=4'd6;
4'd8: wrkrfaddr=4'd7;
4'd9: wrkrfaddr=4'd8;
4'd10: wrkrfaddr=4'd9;
4'd11: wrkrfaddr=4'd10;
default: wrkrfaddr=4'd0;
endcase
assign rconen=keysel;
always @ (state)
case(state)
4'd0: keyexprdy=1;
default: keyexprdy=0;
endcase
endmodule
module encryfsm(clk,rst,staenc,keyadsel,mixsel,reginsel,wrregen,rdkrfaddr,encrdy,state);
output wrregen,mixsel,reginsel,encrdy,state;
output [1:0] keyadsel;
output [3:0] rdkrfaddr;
input clk,rst,staenc;
reg [3:0] state,next_state,rdkrfaddr;
reg wrregen,encrdy;
reg [1:0] keyadsel;
always @(posedge clk)
begin
if(rst)
state<=4'd0;
else
state<=next_state;
end
always @ (state or staenc)
case(state)
4'd0: if(staenc == 1)
next_state = 4'd1;
else
next_state = 4'd0;
4'd1: next_state = 4'd2;
4'd2: next_state = 4'd3;
4'd3: next_state = 4'd4;
4'd4: next_state = 4'd5;
4'd5: next_state = 4'd6;
4'd6: next_state = 4'd7;
4'd7: next_state = 4'd8;
4'd8: next_state = 4'd9;
4'd9: next_state = 4'd10;
4'd10: next_state = 4'd11;
4'd11: next_state = 4'd0;
default: next_state = 4'd0;
endcase
always @ (state)
case(state)
4'd0: wrregen=0;
4'd1: wrregen=1;
4'd2: wrregen=1;
4'd3: wrregen=1;
4'd4: wrregen=1;
4'd5: wrregen=1;
4'd6: wrregen=1;
4'd7: wrregen=1;
4'd8: wrregen=1;
4'd9: wrregen=1;
4'd10: wrregen=1;
4'd11: wrregen=1;
default: wrregen=0;
endcase
assign mixsel=0;
assign reginsel=0;
always @ (state)
case(state)
4'd0: keyadsel=2'b00;
4'd1: keyadsel=2'b00;
4'd2: keyadsel=2'b01;
4'd3: keyadsel=2'b01;
4'd4: keyadsel=2'b01;
4'd5: keyadsel=2'b01;
4'd6: keyadsel=2'b01;
4'd7: keyadsel=2'b01;
4'd8: keyadsel=2'b01;
4'd9: keyadsel=2'b01;
4'd10: keyadsel=2'b01;
4'd11: keyadsel=2'b10;
default: keyadsel=2'b00;
endcase
always @ (state)
case(state)
4'd0: rdkrfaddr=4'd0;
4'd1: rdkrfaddr=4'd0;
4'd2: rdkrfaddr=4'd1;
4'd3: rdkrfaddr=4'd2;
4'd4: rdkrfaddr=4'd3;
4'd5: rdkrfaddr=4'd4;
4'd6: rdkrfaddr=4'd5;
4'd7: rdkrfaddr=4'd6;
4'd8: rdkrfaddr=4'd7;
4'd9: rdkrfaddr=4'd8;
4'd10: rdkrfaddr=4'd9;
4'd11: rdkrfaddr=4'd10;
default: rdkrfaddr=4'd0;
endcase
always @ (state)
case(state)
4'd0: encrdy=1;
default: encrdy=0;
endcase
endmodule
module decryfsm(clk,rst,stadec,keyadsel,mixsel,reginsel,wrregen,rdkrfaddr,decrdy,state);
output wrregen,mixsel,reginsel,decrdy,state;
output [1:0] keyadsel;
output [3:0] rdkrfaddr;
input clk,rst,stadec;
reg [3:0] state,next_state,rdkrfaddr;
reg wrregen,decrdy,reginsel;
reg [1:0] keyadsel;
always @(posedge clk)
begin
if(rst)
state<=4'd0;
else
state<=next_state;
end
always @ (state or stadec)
case(state)
4'd0: if(stadec == 1)
next_state = 4'd1;
else
next_state = 4'd0;
4'd1: next_state = 4'd2;
4'd2: next_state = 4'd3;
4'd3: next_state = 4'd4;
4'd4: next_state = 4'd5;
4'd5: next_state = 4'd6;
4'd6: next_state = 4'd7;
4'd7: next_state = 4'd8;
4'd8: next_state = 4'd9;
4'd9: next_state = 4'd10;
4'd10: next_state = 4'd11;
4'd11: next_state = 4'd0;
default: next_state = 4'd0;
endcase
always @ (state)
case(state)
4'd0: wrregen=0;
4'd1: wrregen=1;
4'd2: wrregen=1;
4'd3: wrregen=1;
4'd4: wrregen=1;
4'd5: wrregen=1;
4'd6: wrregen=1;
4'd7: wrregen=1;
4'd8: wrregen=1;
4'd9: wrregen=1;
4'd10: wrregen=1;
4'd11: wrregen=1;
default: wrregen=0;
endcase
always @ (state)
case(state)
4'd0: reginsel=0;
4'd1: reginsel=0;
4'd2: reginsel=1;
4'd3: reginsel=1;
4'd4: reginsel=1;
4'd5: reginsel=1;
4'd6: reginsel=1;
4'd7: reginsel=1;
4'd8: reginsel=1;
4'd9: reginsel=1;
4'd10: reginsel=1;
4'd11: reginsel=0;
default: reginsel=0;
endcase
assign mixsel=reginsel;
always @ (state)
case(state)
4'd0: keyadsel=2'b00;
4'd1: keyadsel=2'b00;
4'd2: keyadsel=2'b11;
4'd3: keyadsel=2'b11;
4'd4: keyadsel=2'b11;
4'd5: keyadsel=2'b11;
4'd6: keyadsel=2'b11;
4'd7: keyadsel=2'b11;
4'd8: keyadsel=2'b11;
4'd9: keyadsel=2'b11;
4'd10: keyadsel=2'b11;
4'd11: keyadsel=2'b11;
default: keyadsel=2'b00;
endcase
always @ (state)
case(state)
4'd0: rdkrfaddr=4'd0;
4'd1: rdkrfaddr=4'd10;
4'd2: rdkrfaddr=4'd9;
4'd3: rdkrfaddr=4'd8;
4'd4: rdkrfaddr=4'd7;
4'd5: rdkrfaddr=4'd6;
4'd6: rdkrfaddr=4'd5;
4'd7: rdkrfaddr=4'd4;
4'd8: rdkrfaddr=4'd3;
4'd9: rdkrfaddr=4'd2;
4'd10: rdkrfaddr=4'd1;
4'd11: rdkrfaddr=4'd0;
default: rdkrfaddr=4'd0;
endcase
always @ (state)
case(state)
4'd0: decrdy=1;
default: decrdy=0;
endcase
endmodule
module keyexp(clk,rst,keysel,rndkren,wrrndkrf,
addr,rconen,key,rndkrfout);
output[127:0] rndkrfout;
input clk,rst,keysel,rndkren,wrrndkrf,rconen;
input[3:0] addr;
input[127:0] key;
wire [127:0] rndkey,rndkrout,rndkrfout;
wire [31:0] w4,w5,w6,w7,rotword,subword,xorrcon;
wire [7:0] rconout;
assign rndkey=(keysel==0) ? key:{w4,w5,w6,w7};
reg_128 rndkreg(clk,rndkren,rndkey,rndkrout);
rndkrf rndkrf(clk,wrrndkrf,addr,rndkey,rndkrfout);
assign rotword={rndkrout[23:0],rndkrout[31:24]};
sbox_mux sbox0(rotword[31:24],subword[31:24]);
sbox_mux sbox1(rotword[23:16],subword[23:16]);
sbox_mux sbox2(rotword[15:8],subword[15:8]);
sbox_mux sbox3(rotword[7:0],subword[7:0]);
rcon rcon(clk,rst,rconen,rconout);
assign xorrcon=subword^{rconout,24'h000000};
assign w4=xorrcon^rndkrout[127:96];
assign w5=w4^rndkrout[95:64];
assign w6=w5^rndkrout[63:32];
assign w7=w6^rndkrout[31:0];
endmodule
module rndkrf(clk,wrrndkrf,addr,rndkey,rndkrfout);
input clk,wrrndkrf;
input [3:0] addr;
input [127:0] rndkey;
output [127:0] rndkrfout;
reg [10:0] decout;
wire [10:0] write_reg;
wire [127:0] reg0out,reg1out,reg2out,reg3out,reg4out,reg5out,reg6out,reg7out,reg8out,reg9out,reg10out;
reg [127:0] rndkrfout;
always @ (addr)
case(addr)
4'd0: decout=11'b000_0000_0001;
4'd1: decout=11'b000_0000_0010;
4'd2: decout=11'b000_0000_0100;
4'd3: decout=11'b000_0000_1000;
4'd4: decout=11'b000_0001_0000;
4'd5: decout=11'b000_0010_0000;
4'd6: decout=11'b000_0100_0000;
4'd7: decout=11'b000_1000_0000;
4'd8: decout=11'b001_0000_0000;
4'd9: decout=11'b010_0000_0000;
4'd10: decout=11'b100_0000_0000;
default: decout=11'b000_0000_0000;
endcase
assign write_reg=decout & {wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf,wrrndkrf};
reg_128 reg0(clk,write_reg[0],rndkey,reg0out);
reg_128 reg1(clk,write_reg[1],rndkey,reg1out);
reg_128 reg2(clk,write_reg[2],rndkey,reg2out);
reg_128 reg3(clk,write_reg[3],rndkey,reg3out);
reg_128 reg4(clk,write_reg[4],rndkey,reg4out);
reg_128 reg5(clk,write_reg[5],rndkey,reg5out);
reg_128 reg6(clk,write_reg[6],rndkey,reg6out);
reg_128 reg7(clk,write_reg[7],rndkey,reg7out);
reg_128 reg8(clk,write_reg[8],rndkey,reg8out);
reg_128 reg9(clk,write_reg[9],rndkey,reg9out);
reg_128 reg10(clk,write_reg[10],rndkey,reg10out);
always @(addr or reg0out or reg1out or reg2out or reg3out or reg4out or reg5out or reg6out or reg7out or reg8out or reg9out or reg10out)
case(addr)
4'd0: rndkrfout=reg0out;
4'd1: rndkrfout=reg1out;
4'd2: rndkrfout=reg2out;
4'd3: rndkrfout=reg3out;
4'd4: rndkrfout=reg4out;
4'd5: rndkrfout=reg5out;
4'd6: rndkrfout=reg6out;
4'd7: rndkrfout=reg7out;
4'd8: rndkrfout=reg8out;
4'd9: rndkrfout=reg9out;
4'd10: rndkrfout=reg10out;
default: rndkrfout=reg10out;
endcase
endmodule
module sbox_mux(in,out);
output[7:0] out;
input[7:0] in;
reg [7:0] out;
always@(in)
case(in)
8'h00: out=8'h63;
8'h01: out=8'h7c;
8'h02: out=8'h77;
8'h03: out=8'h7b;
8'h04: out=8'hf2;
8'h05: out=8'h6b;
8'h06: out=8'h6f;
8'h07: out=8'hc5;
8'h08: out=8'h30;
8'h09: out=8'h01;
8'h0a: out=8'h67;
8'h0b: out=8'h2b;
8'h0c: out=8'hfe;
8'h0d: out=8'hd7;
8'h0e: out=8'hab;
8'h0f: out=8'h76;
8'h10: out=8'hca;
8'h11: out=8'h82;
8'h12: out=8'hc9;
8'h13: out=8'h7d;
8'h14: out=8'hfa;
8'h15: out=8'h59;
8'h16: out=8'h47;
8'h17: out=8'hf0;
8'h18: out=8'had;
8'h19: out=8'hd4;
8'h1a: out=8'ha2;
8'h1b: out=8'haf;
8'h1c: out=8'h9c;
8'h1d: out=8'ha4;
8'h1e: out=8'h72;
8'h1f: out=8'hc0;
8'h20: out=8'hb7;
8'h21: out=8'hfd;
8'h22: out=8'h93;
8'h23: out=8'h26;
8'h24: out=8'h36;
8'h25: out=8'h3f;
8'h26: out=8'hf7;
8'h27: out=8'hcc;
8'h28: out=8'h34;
8'h29: out=8'ha5;
8'h2a: out=8'he5;
8'h2b: out=8'hf1;
8'h2c: out=8'h71;
8'h2d: out=8'hd8;
8'h2e: out=8'h31;
8'h2f: out=8'h15;
8'h30: out=8'h04;
8'h31: out=8'hc7;
8'h32: out=8'h23;
8'h33: out=8'hc3;
8'h34: out=8'h18;
8'h35: out=8'h96;
8'h36: out=8'h05;
8'h37: out=8'h9a;
8'h38: out=8'h07;
8'h39: out=8'h12;
8'h3a: out=8'h80;
8'h3b: out=8'he2;
8'h3c: out=8'heb;
8'h3d: out=8'h27;
8'h3e: out=8'hb2;
8'h3f: out=8'h75;
8'h40: out=8'h09;
8'h41: out=8'h83;
8'h42: out=8'h2c;
8'h43: out=8'h1a;
8'h44: out=8'h1b;
8'h45: out=8'h6e;
8'h46: out=8'h5a;
8'h47: out=8'ha0;
8'h48: out=8'h52;
8'h49: out=8'h3b;
8'h4a: out=8'hd6;
8'h4b: out=8'hb3;
8'h4c: out=8'h29;
8'h4d: out=8'he3;
8'h4e: out=8'h2f;
8'h4f: out=8'h84;
8'h50: out=8'h53;
8'h51: out=8'hd1;
8'h52: out=8'h00;
8'h53: out=8'hed;
8'h54: out=8'h20;
8'h55: out=8'hfc;
8'h56: out=8'hb1;
8'h57: out=8'h5b;
8'h58: out=8'h6a;
8'h59: out=8'hcb;
8'h5a: out=8'hbe;
8'h5b: out=8'h39;
8'h5c: out=8'h4a;
8'h5d: out=8'h4c;
8'h5e: out=8'h58;
8'h5f: out=8'hcf;
8'h60: out=8'hd0;
8'h61: out=8'hef;
8'h62: out=8'haa;
8'h63: out=8'hfb;
8'h64: out=8'h43;
8'h65: out=8'h4d;
8'h66: out=8'h33;
8'h67: out=8'h85;
8'h68: out=8'h45;
8'h69: out=8'hf9;
8'h6a: out=8'h02;
8'h6b: out=8'h7f;
8'h6c: out=8'h50;
8'h6d: out=8'h3c;
8'h6e: out=8'h9f;
8'h6f: out=8'ha8;
8'h70: out=8'h51;
8'h71: out=8'ha3;
8'h72: out=8'h40;
8'h73: out=8'h8f;
8'h74: out=8'h92;
8'h75: out=8'h9d;
8'h76: out=8'h38;
8'h77: out=8'hf5;
8'h78: out=8'hbc;
8'h79: out=8'hb6;
8'h7a: out=8'hda;
8'h7b: out=8'h21;
8'h7c: out=8'h10;
8'h7d: out=8'hff;
8'h7e: out=8'hf3;
8'h7f: out=8'hd2;
8'h80: out=8'hcd;
8'h81: out=8'h0c;
8'h82: out=8'h13;
8'h83: out=8'hec;
8'h84: out=8'h5f;
8'h85: out=8'h97;
8'h86: out=8'h44;
8'h87: out=8'h17;
8'h88: out=8'hc4;
8'h89: out=8'ha7;
8'h8a: out=8'h7e;
8'h8b: out=8'h3d;
8'h8c: out=8'h64;
8'h8d: out=8'h5d;
8'h8e: out=8'h19;
8'h8f: out=8'h73;
8'h90: out=8'h60;
8'h91: out=8'h81;
8'h92: out=8'h4f;
8'h93: out=8'hdc;
8'h94: out=8'h22;
8'h95: out=8'h2a;
8'h96: out=8'h90;
8'h97: out=8'h88;
8'h98: out=8'h46;
8'h99: out=8'hee;
8'h9a: out=8'hb8;
8'h9b: out=8'h14;
8'h9c: out=8'hde;
8'h9d: out=8'h5e;
8'h9e: out=8'h0b;
8'h9f: out=8'hdb;
8'ha0: out=8'he0;
8'ha1: out=8'h32;
8'ha2: out=8'h3a;
8'ha3: out=8'h0a;
8'ha4: out=8'h49;
8'ha5: out=8'h06;
8'ha6: out=8'h24;
8'ha7: out=8'h5c;
8'ha8: out=8'hc2;
8'ha9: out=8'hd3;
8'haa: out=8'hac;
8'hab: out=8'h62;
8'hac: out=8'h91;
8'had: out=8'h95;
8'hae: out=8'he4;
8'haf: out=8'h79;
8'hb0: out=8'he7;
8'hb1: out=8'hc8;
8'hb2: out=8'h37;
8'hb3: out=8'h6d;
8'hb4: out=8'h8d;
8'hb5: out=8'hd5;
8'hb6: out=8'h4e;
8'hb7: out=8'ha9;
8'hb8: out=8'h6c;
8'hb9: out=8'h56;
8'hba: out=8'hf4;
8'hbb: out=8'hea;
8'hbc: out=8'h65;
8'hbd: out=8'h7a;
8'hbe: out=8'hae;
8'hbf: out=8'h08;
8'hc0: out=8'hba;
8'hc1: out=8'h78;
8'hc2: out=8'h25;
8'hc3: out=8'h2e;
8'hc4: out=8'h1c;
8'hc5: out=8'ha6;
8'hc6: out=8'hb4;
8'hc7: out=8'hc6;
8'hc8: out=8'he8;
8'hc9: out=8'hdd;
8'hca: out=8'h74;
8'hcb: out=8'h1f;
8'hcc: out=8'h4b;
8'hcd: out=8'hbd;
8'hce: out=8'h8b;
8'hcf: out=8'h8a;
8'hd0: out=8'h70;
8'hd1: out=8'h3e;
8'hd2: out=8'hb5;
8'hd3: out=8'h66;
8'hd4: out=8'h48;
8'hd5: out=8'h03;
8'hd6: out=8'hf6;
8'hd7: out=8'h0e;
8'hd8: out=8'h61;
8'hd9: out=8'h35;
8'hda: out=8'h57;
8'hdb: out=8'hb9;
8'hdc: out=8'h86;
8'hdd: out=8'hc1;
8'hde: out=8'h1d;
8'hdf: out=8'h9e;
8'he0: out=8'he1;
8'he1: out=8'hf8;
8'he2: out=8'h98;
8'he3: out=8'h11;
8'he4: out=8'h69;
8'he5: out=8'hd9;
8'he6: out=8'h8e;
8'he7: out=8'h94;
8'he8: out=8'h9b;
8'he9: out=8'h1e;
8'hea: out=8'h87;
8'heb: out=8'he9;
8'hec: out=8'hce;
8'hed: out=8'h55;
8'hee: out=8'h28;
8'hef: out=8'hdf;
8'hf0: out=8'h8c;
8'hf1: out=8'ha1;
8'hf2: out=8'h89;
8'hf3: out=8'h0d;
8'hf4: out=8'hbf;
8'hf5: out=8'he6;
8'hf6: out=8'h42;
8'hf7: out=8'h68;
8'hf8: out=8'h41;
8'hf9: out=8'h99;
8'hfa: out=8'h2d;
8'hfb: out=8'h0f;
8'hfc: out=8'hb0;
8'hfd: out=8'h54;
8'hfe: out=8'hbb;
8'hff: out=8'h16;
endcase
endmodule
module rcon(clk,rst,write,rconout);
output [7:0] rconout;
input clk,rst,write;
reg [7:0] rconout;
always @ (posedge clk)
begin
if(rst)
rconout<=8'h01;
else if(write)
rconout<=(rconout[7]==0)? (rconout<<1):((rconout<<1)^{8'h1b});
else
rconout<=rconout;
end
endmodule
module crydap(clk,wrsben,wrsbaddr,sbdata,keyadsel,
mixsel,reginsel,wrregen,intxt,roundkey,outtxt);
output [127:0] outtxt;
input clk,wrsben,wrregen,mixsel,reginsel;
input [1:0] keyadsel;
input [3:0] wrsbaddr;
input [127:0] sbdata,intxt,roundkey;
wire [7:0] sb0out,sb1out,sb2out,sb3out,sb4out,sb5out,sb6out,sb7out;
wire [7:0] sb8out,sb9out,sb10out,sb11out,sb12out,sb13out,
sb14out,sb15out;
wire [7:0] a0,b0,c0,a1,b1,c1,a2,b2,c2,a3,b3,c3,a4,b4,c4,a5,b5,c5;
wire [7:0] a6,b6,c6,a7,b7,c7,a8,b8,c8,a9,b9,c9,a10,b10,c10,a11,
b11,c11;
wire [7:0] a12,b12,c12,a13,b13,c13,a14,b14,c14,a15,b15,c15;
wire [7:0] d0,d1,d2,d3,d4,d5,d6,d7,d8,d9,d10,d11,d12,d13,d14,d15;
wire [7:0] e0,e1,e2,e3,e4,e5,e6,e7,e8,e9,e10,e11,e12,e13,e14,e15;
wire [7:0] f0,f1,f2,f3,f4,f5,f6,f7,f8,f9,f10,f11,f12,f13,f14,f15;
wire [7:0] g0,g1,g2,g3,g4,g5,g6,g7,g8,g9,g10,g11,g12,g13,g14,g15;
wire [7:0] i0,i1,i2,i3,i4,i5,i6,i7,i8,i9,i10,i11,i12,i13,i14,i15;
wire [7:0] j0,j1,j2,j3,j4,j5,j6,j7,j8,j9,j10,j11,j12,j13,j14,j15;
wire [7:0] f002,f003,f009,f00b,f00d,f00e;
wire [7:0] f102,f103,f109,f10b,f10d,f10e;
wire [7:0] f202,f203,f209,f20b,f20d,f20e;
wire [7:0] f302,f303,f309,f30b,f30d,f30e;
wire [7:0] f402,f403,f409,f40b,f40d,f40e;
wire [7:0] f502,f503,f509,f50b,f50d,f50e;
wire [7:0] f602,f603,f609,f60b,f60d,f60e;
wire [7:0] f702,f703,f709,f70b,f70d,f70e;
wire [7:0] f802,f803,f809,f80b,f80d,f80e;
wire [7:0] f902,f903,f909,f90b,f90d,f90e;
wire [7:0] f1002,f1003,f1009,f100b,f100d,f100e;
wire [7:0] f1102,f1103,f1109,f110b,f110d,f110e;
wire [7:0] f1202,f1203,f1209,f120b,f120d,f120e;
wire [7:0] f1302,f1303,f1309,f130b,f130d,f130e;
wire [7:0] f1402,f1403,f1409,f140b,f140d,f140e;
wire [7:0] f1502,f1503,f1509,f150b,f150d,f150e;
wire [127:0] d,e,g,h;
sbox sbox0(clk,wrsben,wrsbaddr,sbdata,outtxt[127:120],sb0out);
sbox sbox1(clk,wrsben,wrsbaddr,sbdata,outtxt[119:112],sb1out);
sbox sbox2(clk,wrsben,wrsbaddr,sbdata,outtxt[111:104],sb2out);
sbox sbox3(clk,wrsben,wrsbaddr,sbdata,outtxt[103:96],sb3out);
sbox sbox4(clk,wrsben,wrsbaddr,sbdata,outtxt[95:88],sb4out);
sbox sbox5(clk,wrsben,wrsbaddr,sbdata,outtxt[87:80],sb5out);
sbox sbox6(clk,wrsben,wrsbaddr,sbdata,outtxt[79:72],sb6out);
sbox sbox7(clk,wrsben,wrsbaddr,sbdata,outtxt[71:64],sb7out);
sbox sbox8(clk,wrsben,wrsbaddr,sbdata,outtxt[63:56],sb8out);
sbox sbox9(clk,wrsben,wrsbaddr,sbdata,outtxt[55:48],sb9out);
sbox sbox10(clk,wrsben,wrsbaddr,sbdata,outtxt[47:40],sb10out);
sbox sbox11(clk,wrsben,wrsbaddr,sbdata,outtxt[39:32],sb11out);
sbox sbox12(clk,wrsben,wrsbaddr,sbdata,outtxt[31:24],sb12out);
sbox sbox13(clk,wrsben,wrsbaddr,sbdata,outtxt[23:16],sb13out);
sbox sbox14(clk,wrsben,wrsbaddr,sbdata,outtxt[15:8],sb14out);
sbox sbox15(clk,wrsben,wrsbaddr,sbdata,outtxt[7:0],sb15out);
mux21_8 mux21_8_0(mixsel,sb0out,e0,f0);
mux21_8 mux21_8_1(mixsel,sb1out,e1,f1);
mux21_8 mux21_8_2(mixsel,sb2out,e2,f2);
mux21_8 mux21_8_3(mixsel,sb3out,e3,f3);
mux21_8 mux21_8_4(mixsel,sb4out,e4,f4);
mux21_8 mux21_8_5(mixsel,sb5out,e5,f5);
mux21_8 mux21_8_6(mixsel,sb6out,e6,f6);
mux21_8 mux21_8_7(mixsel,sb7out,e7,f7);
mux21_8 mux21_8_8(mixsel,sb8out,e8,f8);
mux21_8 mux21_8_9(mixsel,sb9out,e9,f9);
mux21_8 mux21_8_10(mixsel,sb10out,e10,f10);
mux21_8 mux21_8_11(mixsel,sb11out,e11,f11);
mux21_8 mux21_8_12(mixsel,sb12out,e12,f12);
mux21_8 mux21_8_13(mixsel,sb13out,e13,f13);
mux21_8 mux21_8_14(mixsel,sb14out,e14,f14);
mux21_8 mux21_8_15(mixsel,sb15out,e15,f15);
byte0203 byte0203_0(f0,f002,f003);
byte0203 byte0203_1(f1,f102,f103);
byte0203 byte0203_2(f2,f202,f203);
byte0203 byte0203_3(f3,f302,f303);
byte0203 byte0203_4(f4,f402,f403);
byte0203 byte0203_5(f5,f502,f503);
byte0203 byte0203_6(f6,f602,f603);
byte0203 byte0203_7(f7,f702,f703);
byte0203 byte0203_8(f8,f802,f803);
byte0203 byte0203_9(f9,f902,f903);
byte0203 byte0203_10(f10,f1002,f1003);
byte0203 byte0203_11(f11,f1102,f1103);
byte0203 byte0203_12(f12,f1202,f1203);
byte0203 byte0203_13(f13,f1302,f1303);
byte0203 byte0203_14(f14,f1402,f1403);
byte0203 byte0203_15(f15,f1502,f1503);
byte9bde byte9bde_0(f0,f002,f003,f009,f00b,f00d,f00e);
byte9bde byte9bde_1(f1,f102,f103,f109,f10b,f10d,f10e);
byte9bde byte9bde_2(f2,f202,f203,f209,f20b,f20d,f20e);
byte9bde byte9bde_3(f3,f302,f303,f309,f30b,f30d,f30e);
byte9bde byte9bde_4(f4,f402,f403,f409,f40b,f40d,f40e);
byte9bde byte9bde_5(f5,f502,f503,f509,f50b,f50d,f50e);
byte9bde byte9bde_6(f6,f602,f603,f609,f60b,f60d,f60e);
byte9bde byte9bde_7(f7,f702,f703,f709,f70b,f70d,f70e);
byte9bde byte9bde_8(f8,f802,f803,f809,f80b,f80d,f80e);
byte9bde byte9bde_9(f9,f902,f903,f909,f90b,f90d,f90e);
byte9bde byte9bde_10(f10,f1002,f1003,f1009,f100b,f100d,f100e);
byte9bde byte9bde_11(f11,f1102,f1103,f1109,f110b,f110d,f110e);
byte9bde byte9bde_12(f12,f1202,f1203,f1209,f120b,f120d,f120e);
byte9bde byte9bde_13(f13,f1302,f1303,f1309,f130b,f130d,f130e);
byte9bde byte9bde_14(f14,f1402,f1403,f1409,f140b,f140d,f140e);
byte9bde byte9bde_15(f15,f1502,f1503,f1509,f150b,f150d,f150e);
assign a0=f002^f503;
assign b0=sb10out^sb15out;
assign c0=a0^b0;
mux41_8 mux41_8_0(keyadsel,intxt[127:120],c0,sb0out,sb0out,d0);
assign a1=sb0out^f502;
assign b1=f1003^sb15out;
assign c1=a1^b1;
mux41_8 mux41_8_1(keyadsel,intxt[119:112],c1,sb5out,sb13out,d1);
assign a2=sb0out^sb5out;
assign b2=f1002^f1503;
assign c2=a2^b2;
mux41_8 mux41_8_2(keyadsel,intxt[111:104],c2,sb10out,sb10out,d2);
assign a3=f003^sb5out;
assign b3=sb10out^f1502;
assign c3=a3^b3;
mux41_8 mux41_8_3(keyadsel,intxt[103:96],c3,sb15out,sb7out,d3);
assign a4=f402^f903;
assign b4=sb14out^sb3out;
assign c4=a4^b4;
mux41_8 mux41_8_4(keyadsel,intxt[95:88],c4,sb4out,sb4out,d4);
assign a5=sb4out^f902;
assign b5=f1403^sb3out;
assign c5=a5^b5;
mux41_8 mux41_8_5(keyadsel,intxt[87:80],c5,sb9out,sb1out,d5);
assign a6=sb4out^sb9out;
assign b6=f1402^f303;
assign c6=a6^b6;
mux41_8 mux41_8_6(keyadsel,intxt[79:72],c6,sb14out,sb14out,d6);
assign a7=f403^sb9out;
assign b7=sb14out^f302;
assign c7=a7^b7;
mux41_8 mux41_8_7(keyadsel,intxt[71:64],c7,sb3out,sb11out,d7);
assign a8=f802^f1303;
assign b8=sb2out^sb7out;
assign c8=a8^b8;
mux41_8 mux41_8_8(keyadsel,intxt[63:56],c8,sb8out,sb8out,d8);
assign a9=sb8out^f1302;
assign b9=f203^sb7out;
assign c9=a9^b9;
mux41_8 mux41_8_9(keyadsel,intxt[55:48],c9,sb13out,sb5out,d9);
assign a10=sb8out^sb13out;
assign b10=f202^f703;
assign c10=a10^b10;
mux41_8 mux41_8_10(keyadsel,intxt[47:40],c10,sb2out,sb2out,d10);
assign a11=f803^sb13out;
assign b11=sb2out^f702;
assign c11=a11^b11;
mux41_8 mux41_8_11(keyadsel,intxt[39:32],c11,sb7out,sb15out,d11);
assign a12=f1202^f103;
assign b12=sb6out^sb11out;
assign c12=a12^b12;
mux41_8 mux41_8_12(keyadsel,intxt[31:24],c12,sb12out,sb12out,d12);
assign a13=sb12out^f102;
assign b13=f603^sb11out;
assign c13=a13^b13;
mux41_8 mux41_8_13(keyadsel,intxt[23:16],c13,sb1out,sb9out,d13);
assign a14=sb12out^sb1out;
assign b14=f602^f1103;
assign c14=a14^b14;
mux41_8 mux41_8_14(keyadsel,intxt[15:8],c14,sb6out,sb6out,d14);
assign a15=f1203^sb1out;
assign b15=sb6out^f1102;
assign c15=a15^b15;
mux41_8 mux41_8_15(keyadsel,intxt[7:0],c15,sb11out,sb3out,d15);
assign d={d0,d1,d2,d3,d4,d5,d6,d7,d8,d9,d10,d11,d12,d13,d14,d15};
assign e={e0,e1,e2,e3,e4,e5,e6,e7,e8,e9,e10,e11,e12,e13,e14,e15};
assign g={g0,g1,g2,g3,g4,g5,g6,g7,g8,g9,g10,g11,g12,g13,g14,g15};
assign e=d^roundkey;
assign i0=f00e^f10b;
assign j0=f20d^f309;
assign g0=i0^j0;
assign i1=f009^f10e;
assign j1=f20b^f30d;
assign g1=i1^j1;
assign i2=f00d^f109;
assign j2=f20e^f30b;
assign g2=i2^j2;
assign i3=f00b^f10d;
assign j3=f209^f30e;
assign g3=i3^j3;
assign i4=f40e^f50b;
assign j4=f60d^f709;
assign g4=i4^j4;
assign i5=f409^f50e;
assign j5=f60b^f70d;
assign g5=i5^j5;
assign i6=f40d^f509;
assign j6=f60e^f70b;
assign g6=i6^j6;
assign i7=f40b^f50d;
assign j7=f609^f70e;
assign g7=i7^j7;
assign i8=f80e^f90b;
assign j8=f100d^f1109;
assign g8=i8^j8;
assign i9=f809^f90e;
assign j9=f100b^f110d;
assign g9=i9^j9;
assign i10=f80d^f909;
assign j10=f100e^f110b;
assign g10=i10^j10;
assign i11=f80b^f90d;
assign j11=f1009^f110e;
assign g11=i11^j11;
assign i12=f120e^f130b;
assign j12=f140d^f1509;
assign g12=i12^j12;
assign i13=f1209^f130e;
assign j13=f140b^f150d;
assign g13=i13^j13;
assign i14=f120d^f1309;
assign j14=f140e^f150b;
assign g14=i14^j14;
assign i15=f120b^f130d;
assign j15=f1409^f150e;
assign g15=i15^j15;
mux21_128 mux21_128_0(reginsel,e,g,h);
reg_128 resultreg(clk,wrregen,h,outtxt);
endmodule
module sbox(clk,write,wr_addr,din,rd_addr,dout);
input clk;
input write;
input [3:0] wr_addr;
input [127:0] din;
input [7:0] rd_addr;
output [7:0] dout;
reg [15:0] decout;
wire [15:0] write_reg;
wire [127:0] reg0out,reg1out,reg2out,reg3out,reg4out,reg5out,reg6out,reg7out,reg8out,reg9out,reg10out,reg11out,reg12out,reg13out,reg14out,reg15out;
reg [7:0] dout;
always @ (wr_addr)
case(wr_addr)
4'd0: decout=16'b0000_0000_0000_0001;
4'd1: decout=16'b0000_0000_0000_0010;
4'd2: decout=16'b0000_0000_0000_0100;
4'd3: decout=16'b0000_0000_0000_1000;
4'd4: decout=16'b0000_0000_0001_0000;
4'd5: decout=16'b0000_0000_0010_0000;
4'd6: decout=16'b0000_0000_0100_0000;
4'd7: decout=16'b0000_0000_1000_0000;
4'd8: decout=16'b0000_0001_0000_0000;
4'd9: decout=16'b0000_0010_0000_0000;
4'd10: decout=16'b0000_0100_0000_0000;
4'd11: decout=16'b0000_1000_0000_0000;
4'd12: decout=16'b0001_0000_0000_0000;
4'd13: decout=16'b0010_0000_0000_0000;
4'd14: decout=16'b0100_0000_0000_0000;
4'd15: decout=16'b1000_0000_0000_0000;
endcase
assign write_reg=decout & {write,write,write,write,write,write,write,write,write,write,write,write,write,write,write,write};
reg_128 reg0(clk,write_reg[0],din,reg0out);
reg_128 reg1(clk,write_reg[1],din,reg1out);
reg_128 reg2(clk,write_reg[2],din,reg2out);
reg_128 reg3(clk,write_reg[3],din,reg3out);
reg_128 reg4(clk,write_reg[4],din,reg4out);
reg_128 reg5(clk,write_reg[5],din,reg5out);
reg_128 reg6(clk,write_reg[6],din,reg6out);
reg_128 reg7(clk,write_reg[7],din,reg7out);
reg_128 reg8(clk,write_reg[8],din,reg8out);
reg_128 reg9(clk,write_reg[9],din,reg9out);
reg_128 reg10(clk,write_reg[10],din,reg10out);
reg_128 reg11(clk,write_reg[11],din,reg11out);
reg_128 reg12(clk,write_reg[12],din,reg12out);
reg_128 reg13(clk,write_reg[13],din,reg13out);
reg_128 reg14(clk,write_reg[14],din,reg14out);
reg_128 reg15(clk,write_reg[15],din,reg15out);
always @(rd_addr or reg0out or reg1out or reg2out or reg3out or reg4out or reg5out or reg6out or reg7out or reg8out or reg9out or reg10out or reg11out or reg12out or reg13out or reg14out or reg15out)
case(rd_addr)
8'd0: dout=reg0out[127:120];
8'd1: dout=reg0out[119:112];
8'd2: dout=reg0out[111:104];
8'd3: dout=reg0out[103:96];
8'd4: dout=reg0out[95:88];
8'd5: dout=reg0out[87:80];
8'd6: dout=reg0out[79:72];
8'd7: dout=reg0out[71:64];
8'd8: dout=reg0out[63:56];
8'd9: dout=reg0out[55:48];
8'd10: dout=reg0out[47:40];
8'd11: dout=reg0out[39:32];
8'd12: dout=reg0out[31:24];
8'd13: dout=reg0out[23:16];
8'd14: dout=reg0out[15:8];
8'd15: dout=reg0out[7:0];
8'd16: dout=reg1out[127:120];
8'd17: dout=reg1out[119:112];
8'd18: dout=reg1out[111:104];
8'd19: dout=reg1out[103:96];
8'd20: dout=reg1out[95:88];
8'd21: dout=reg1out[87:80];
8'd22: dout=reg1out[79:72];
8'd23: dout=reg1out[71:64];
8'd24: dout=reg1out[63:56];
8'd25: dout=reg1out[55:48];
8'd26: dout=reg1out[47:40];
8'd27: dout=reg1out[39:32];
8'd28: dout=reg1out[31:24];
8'd29: dout=reg1out[23:16];
8'd30: dout=reg1out[15:8];
8'd31: dout=reg1out[7:0];
8'd32: dout=reg2out[127:120];
8'd33: dout=reg2out[119:112];
8'd34: dout=reg2out[111:104];
8'd35: dout=reg2out[103:96];
8'd36: dout=reg2out[95:88];
8'd37: dout=reg2out[87:80];
8'd38: dout=reg2out[79:72];
8'd39: dout=reg2out[71:64];
8'd40: dout=reg2out[63:56];
8'd41: dout=reg2out[55:48];
8'd42: dout=reg2out[47:40];
8'd43: dout=reg2out[39:32];
8'd44: dout=reg2out[31:24];
8'd45: dout=reg2out[23:16];
8'd46: dout=reg2out[15:8];
8'd47: dout=reg2out[7:0];
8'd48: dout=reg3out[127:120];
8'd49: dout=reg3out[119:112];
8'd50: dout=reg3out[111:104];
8'd51: dout=reg3out[103:96];
8'd52: dout=reg3out[95:88];
8'd53: dout=reg3out[87:80];
8'd54: dout=reg3out[79:72];
8'd55: dout=reg3out[71:64];
8'd56: dout=reg3out[63:56];
8'd57: dout=reg3out[55:48];
8'd58: dout=reg3out[47:40];
8'd59: dout=reg3out[39:32];
8'd60: dout=reg3out[31:24];
8'd61: dout=reg3out[23:16];
8'd62: dout=reg3out[15:8];
8'd63: dout=reg3out[7:0];
8'd64: dout=reg4out[127:120];
8'd65: dout=reg4out[119:112];
8'd66: dout=reg4out[111:104];
8'd67: dout=reg4out[103:96];
8'd68: dout=reg4out[95:88];
8'd69: dout=reg4out[87:80];
8'd70: dout=reg4out[79:72];
8'd71: dout=reg4out[71:64];
8'd72: dout=reg4out[63:56];
8'd73: dout=reg4out[55:48];
8'd74: dout=reg4out[47:40];
8'd75: dout=reg4out[39:32];
8'd76: dout=reg4out[31:24];
8'd77: dout=reg4out[23:16];
8'd78: dout=reg4out[15:8];
8'd79: dout=reg4out[7:0];
8'd80: dout=reg5out[127:120];
8'd81: dout=reg5out[119:112];
8'd82: dout=reg5out[111:104];
8'd83: dout=reg5out[103:96];
8'd84: dout=reg5out[95:88];
8'd85: dout=reg5out[87:80];
8'd86: dout=reg5out[79:72];
8'd87: dout=reg5out[71:64];
8'd88: dout=reg5out[63:56];
8'd89: dout=reg5out[55:48];
8'd90: dout=reg5out[47:40];
8'd91: dout=reg5out[39:32];
8'd92: dout=reg5out[31:24];
8'd93: dout=reg5out[23:16];
8'd94: dout=reg5out[15:8];
8'd95: dout=reg5out[7:0];
8'd96: dout=reg6out[127:120];
8'd97: dout=reg6out[119:112];
8'd98: dout=reg6out[111:104];
8'd99: dout=reg6out[103:96];
8'd100: dout=reg6out[95:88];
8'd101: dout=reg6out[87:80];
8'd102: dout=reg6out[79:72];
8'd103: dout=reg6out[71:64];
8'd104: dout=reg6out[63:56];
8'd105: dout=reg6out[55:48];
8'd106: dout=reg6out[47:40];
8'd107: dout=reg6out[39:32];
8'd108: dout=reg6out[31:24];
8'd109: dout=reg6out[23:16];
8'd110: dout=reg6out[15:8];
8'd111: dout=reg6out[7:0];
8'd112: dout=reg7out[127:120];
8'd113: dout=reg7out[119:112];
8'd114: dout=reg7out[111:104];
8'd115: dout=reg7out[103:96];
8'd116: dout=reg7out[95:88];
8'd117: dout=reg7out[87:80];
8'd118: dout=reg7out[79:72];
8'd119: dout=reg7out[71:64];
8'd120: dout=reg7out[63:56];
8'd121: dout=reg7out[55:48];
8'd122: dout=reg7out[47:40];
8'd123: dout=reg7out[39:32];
8'd124: dout=reg7out[31:24];
8'd125: dout=reg7out[23:16];
8'd126: dout=reg7out[15:8];
8'd127: dout=reg7out[7:0];
8'd128: dout=reg8out[127:120];
8'd129: dout=reg8out[119:112];
8'd130: dout=reg8out[111:104];
8'd131: dout=reg8out[103:96];
8'd132: dout=reg8out[95:88];
8'd133: dout=reg8out[87:80];
8'd134: dout=reg8out[79:72];
8'd135: dout=reg8out[71:64];
8'd136: dout=reg8out[63:56];
8'd137: dout=reg8out[55:48];
8'd138: dout=reg8out[47:40];
8'd139: dout=reg8out[39:32];
8'd140: dout=reg8out[31:24];
8'd141: dout=reg8out[23:16];
8'd142: dout=reg8out[15:8];
8'd143: dout=reg8out[7:0];
8'd144: dout=reg9out[127:120];
8'd145: dout=reg9out[119:112];
8'd146: dout=reg9out[111:104];
8'd147: dout=reg9out[103:96];
8'd148: dout=reg9out[95:88];
8'd149: dout=reg9out[87:80];
8'd150: dout=reg9out[79:72];
8'd151: dout=reg9out[71:64];
8'd152: dout=reg9out[63:56];
8'd153: dout=reg9out[55:48];
8'd154: dout=reg9out[47:40];
8'd155: dout=reg9out[39:32];
8'd156: dout=reg9out[31:24];
8'd157: dout=reg9out[23:16];
8'd158: dout=reg9out[15:8];
8'd159: dout=reg9out[7:0];
8'd160: dout=reg10out[127:120];
8'd161: dout=reg10out[119:112];
8'd162: dout=reg10out[111:104];
8'd163: dout=reg10out[103:96];
8'd164: dout=reg10out[95:88];
8'd165: dout=reg10out[87:80];
8'd166: dout=reg10out[79:72];
8'd167: dout=reg10out[71:64];
8'd168: dout=reg10out[63:56];
8'd169: dout=reg10out[55:48];
8'd170: dout=reg10out[47:40];
8'd171: dout=reg10out[39:32];
8'd172: dout=reg10out[31:24];
8'd173: dout=reg10out[23:16];
8'd174: dout=reg10out[15:8];
8'd175: dout=reg10out[7:0];
8'd176: dout=reg11out[127:120];
8'd177: dout=reg11out[119:112];
8'd178: dout=reg11out[111:104];
8'd179: dout=reg11out[103:96];
8'd180: dout=reg11out[95:88];
8'd181: dout=reg11out[87:80];
8'd182: dout=reg11out[79:72];
8'd183: dout=reg11out[71:64];
8'd184: dout=reg11out[63:56];
8'd185: dout=reg11out[55:48];
8'd186: dout=reg11out[47:40];
8'd187: dout=reg11out[39:32];
8'd188: dout=reg11out[31:24];
8'd189: dout=reg11out[23:16];
8'd190: dout=reg11out[15:8];
8'd191: dout=reg11out[7:0];
8'd192: dout=reg12out[127:120];
8'd193: dout=reg12out[119:112];
8'd194: dout=reg12out[111:104];
8'd195: dout=reg12out[103:96];
8'd196: dout=reg12out[95:88];
8'd197: dout=reg12out[87:80];
8'd198: dout=reg12out[79:72];
8'd199: dout=reg12out[71:64];
8'd200: dout=reg12out[63:56];
8'd201: dout=reg12out[55:48];
8'd202: dout=reg12out[47:40];
8'd203: dout=reg12out[39:32];
8'd204: dout=reg12out[31:24];
8'd205: dout=reg12out[23:16];
8'd206: dout=reg12out[15:8];
8'd207: dout=reg12out[7:0];
8'd208: dout=reg13out[127:120];
8'd209: dout=reg13out[119:112];
8'd210: dout=reg13out[111:104];
8'd211: dout=reg13out[103:96];
8'd212: dout=reg13out[95:88];
8'd213: dout=reg13out[87:80];
8'd214: dout=reg13out[79:72];
8'd215: dout=reg13out[71:64];
8'd216: dout=reg13out[63:56];
8'd217: dout=reg13out[55:48];
8'd218: dout=reg13out[47:40];
8'd219: dout=reg13out[39:32];
8'd220: dout=reg13out[31:24];
8'd221: dout=reg13out[23:16];
8'd222: dout=reg13out[15:8];
8'd223: dout=reg13out[7:0];
8'd224: dout=reg14out[127:120];
8'd225: dout=reg14out[119:112];
8'd226: dout=reg14out[111:104];
8'd227: dout=reg14out[103:96];
8'd228: dout=reg14out[95:88];
8'd229: dout=reg14out[87:80];
8'd230: dout=reg14out[79:72];
8'd231: dout=reg14out[71:64];
8'd232: dout=reg14out[63:56];
8'd233: dout=reg14out[55:48];
8'd234: dout=reg14out[47:40];
8'd235: dout=reg14out[39:32];
8'd236: dout=reg14out[31:24];
8'd237: dout=reg14out[23:16];
8'd238: dout=reg14out[15:8];
8'd239: dout=reg14out[7:0];
8'd240: dout=reg15out[127:120];
8'd241: dout=reg15out[119:112];
8'd242: dout=reg15out[111:104];
8'd243: dout=reg15out[103:96];
8'd244: dout=reg15out[95:88];
8'd245: dout=reg15out[87:80];
8'd246: dout=reg15out[79:72];
8'd247: dout=reg15out[71:64];
8'd248: dout=reg15out[63:56];
8'd249: dout=reg15out[55:48];
8'd250: dout=reg15out[47:40];
8'd251: dout=reg15out[39:32];
8'd252: dout=reg15out[31:24];
8'd253: dout=reg15out[23:16];
8'd254: dout=reg15out[15:8];
8'd255: dout=reg15out[7:0];
endcase
endmodule
module mux21_8(sel,a,b,c);
output[7:0] c;
input[7:0] a,b;
input sel;
reg [7:0] c;
always@(sel or a or b)
case(sel)
1'b0: c=a;
1'b1: c=b;
endcase
endmodule
module byte0203(a,a02,a03);
output[7:0] a02,a03;
input[7:0] a;
wire [7:0] b,c;
assign b={a[6:0],1'b0};
assign c=b^{8'h1b};
assign a02=(a[7]==0)? b:c;
assign a03=a02^a;
endmodule
module byte9bde(a,a02,a03,a09,a0b,a0d,a0e);
output[7:0] a09,a0b,a0d,a0e;
input[7:0] a,a02,a03;
wire [7:0] a04,a08,b,c;
byte02 byte02_0(a02,a04);
byte02 byte02_1(a04,a08);
assign a09=a08^a;
assign a0b=a08^a03;
assign b=a04^a;
assign c=a04^a02;
assign a0d=a08^b;
assign a0e=a08^c;
endmodule
module byte02(a,a02);
output[7:0] a02;
input[7:0] a;
wire [7:0] b,c;
assign b={a[6:0],1'b0};
assign c=b^{8'h1b};
assign a02=(a[7]==0)? b:c;
endmodule
module mux41_8(sel,a,b,c,d,e);
output[7:0] e;
input[7:0] a,b,c,d;
input [1:0] sel;
reg [7:0] e;
always@(sel or a or b or c or d)
case(sel)
2'b00: e=a;
2'b01: e=b;
2'b10: e=c;
2'b11: e=d;
endcase
endmodule
module mux21_128(sel,a,b,c);
output[127:0] c;
input[127:0] a,b;
input sel;
reg [127:0] c;
always@(sel or a or b)
case(sel)
1'b0: c=a;
1'b1: c=b;
endcase
endmodule
2、建立QuartusII工程,将第1步建立的AES密码处理器的Verilog RTL模型中的全部Verilog文件添加到工程中。
3、设定约束条件,包括……
4、执行全编译,……
5、查看资源占用报告、时序分析报告、……,并进行分析。
6、若电路规模、性能达不到预期目标,则修改约束条件,重新执行编译。
7、进行时序仿真,设计AES密码处理器的测试文件。1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
module aes_tb;
wire [127:0] dout;
wire keyexprdy,encdecrdy;
reg clk,rst,load,keyexpen,staenc,stadec;
reg [4:0] address;
reg [127:0] din;
aes aes(clk,rst,load,address,keyexpen,staenc,stadec,
din,keyexprdy,encdecrdy,dout);
//clock generation
initial clk = 1;
always #50 clk = ~clk;
initial
begin
#20 rst=1; //reset.
#200 rst=0; //load key.
load=1;
address=5'd16;
din=128'h2b7e1516_28aed2a6_abf71588_09cf4f3c;
keyexpen=0;
staenc=0;
stadec=0;
#100 rst=0;
load=0;
address=5'd0;
keyexpen=1; //key expansion.
staenc=0;
stadec=0;
#100 rst=0;
load=0;
address=5'd0;
keyexpen=0;
staenc=0;
stadec=0;
#1000 rst=0; //encryption sbox configuration.
load=1;
address=5'd0;
din=128'h637c777bf26b6fc53001672bfed7ab76;
keyexpen=0;
staenc=0;
stadec=0;
#100 address=5'd1;
din=128'hca82c97dfa5947f0add4a2af9ca472c0;
#100 address=5'd2;
din=128'hb7fd9326363ff7cc34a5e5f171d83115;
#100 address=5'd3;
din=128'h04c723c31896059a071280e2eb27b275;
#100 address=5'd4;
din=128'h09832c1a1b6e5aa0523bd6b329e32f84;
#100 address=5'd5;
din=128'h53d100ed20fcb15b6acbbe394a4c58cf;
#100 address=5'd6;
din=128'hd0efaafb434d338545f9027f503c9fa8;
#100 address=5'd7;
din=128'h51a3408f929d38f5bcb6da2110fff3d2;
#100 address=5'd8;
din=128'hcd0c13ec5f974417c4a77e3d645d1973;
#100 address=5'd9;
din=128'h60814fdc222a908846eeb814de5e0bdb;
#100 address=5'd10;
din=128'he0323a0a4906245cc2d3ac629195e479;
#100 address=5'd11;
din=128'he7c8376d8dd54ea96c56f4ea657aae08;
#100 address=5'd12;
din=128'hba78252e1ca6b4c6e8dd741f4bbd8b8a;
#100 address=5'd13;
din=128'h703eb5664803f60e613557b986c11d9e;
#100 address=5'd14;
din=128'he1f8981169d98e949b1e87e9ce5528df;
#100 address=5'd15;
din=128'h8ca1890dbfe6426841992d0fb054bb16;
#100 load=1;
address=5'd16; //load plain text.
din=128'h3243f6a8_885a308d_313198a2_e0370734;
#100 load=0;
staenc=1; // start encryption.
#100 staenc=0;
#1200 load=1; //decryption sbox configuration.
address=5'd0;
din=128'h52096ad53036a538bf40a39e81f3d7fb;
#100 address=5'd1;
din=128'h7ce339829b2fff87348e4344c4dee9cb;
#100 address=5'd2;
din=128'h547b9432a6c2233dee4c950b42fac34e;
#100 address=5'd3;
din=128'h082ea16628d924b2765ba2496d8bd125;
#100 address=5'd4;
din=128'h72f8f66486689816d4a45ccc5d65b692;
#100 address=5'd5;
din=128'h6c704850fdedb9da5e154657a78d9d84;
#100 address=5'd6;
din=128'h90d8ab008cbcd30af7e45805b8b34506;
#100 address=5'd7;
din=128'hd02c1e8fca3f0f02c1afbd0301138a6b;
#100 address=5'd8;
din=128'h3a9111414f67dcea97f2cfcef0b4e673;
#100 address=5'd9;
din=128'h96ac7422e7ad3585e2f937e81c75df6e;
#100 address=5'd10;
din=128'h47f11a711d29c5896fb7620eaa18be1b;
#100 address=5'd11;
din=128'hfc563e4bc6d279209adbc0fe78cd5af4;
#100 address=5'd12;
din=128'h1fdda8338807c731b11210592780ec5f;
#100 address=5'd13;
din=128'h60517fa919b54a0d2de57a9f93c99cef;
#100 address=5'd14;
din=128'ha0e03b4dae2af5b0c8ebbb3c83539961;
#100 address=5'd15;
din=128'h172b047eba77d626e169146355210c7d;
#100 load=1;
address=5'd16; //load cipher text.
din=128'h3925841d_02dc09fb_dc118597_196a0b32;
#100 load=0;
stadec=1; //start decryption.
#100 stadec=0;
#1500 $finish;
end
endmodule
五、实验结果
1、电路规模和性能指标
2、时序仿真结果
AES密码处理器时序仿真结果:
六、实验结论
在前面几次的实验积累上整合了整个AES密码处理器的Verilog代码并先用Modelsim进行过综合验证,此次实验使用Quartusii对AES密码处理器进行整体综合与仿真,并对综合后的电路及其他数据进行分析,同时进行时序仿真,以验证AES密码处理器的正确性。
此次实验比较全面的整合了前面所学过的知识,并对Quartusii软件的操作进行了重温练习,并回顾各方面数据的分析方法。
能看到这里的兄弟也是很不容易了….加油!未来的世界需要你!
附件1:整体源码 - VHDL_AES_WholeCode.v
附件2:相关文档