mixcolumns_fwd_rtl.vhd

VHDL实现128bitAES加密算法 LOW AREA节约成本的实现 DATA FLOW为8bits

-------------------------------------------------------------------------------
-- Title      : A compact 8bit AES encryption core
-------------------------------------------------------------------------------
-- File       : mixcolumns_fwd_rtl.vhd
-- Author     : Timo Alho  <timo.a.alho@tut.fi>
-- Date       : 27.2.2006
-------------------------------------------------------------------------------
-- Description: MixColumns architecture (forward operation only)
-------------------------------------------------------------------------------
-- Disclaimer: The AES encryption core provided here is distributed AS
-- IS without any warranty of any kind either expressed or implied,
-- including, without limitation, warranties of merchantability,
-- fitness for a particular purpose or non infringement of
-- intellectual property rights.
-------------------------------------------------------------------------------

library ieee;
use ieee.std_logic_1164.all;

-- fwd_rtl = forward only
architecture fwd_rtl of mixcolumns is

  -- GF(2^8) multiplication with constant: x
  -- reduction polynomial is x^8 + x^4 + x^3 + x + 1
  function gf256_mul2 (a : std_logic_vector(7 downto 0))
    return std_logic_vector is
    variable b : std_logic_vector(7 downto 0);
  begin
    b(0) := a(7);
    b(1) := a(0) xor a(7);
    b(2) := a(1);
    b(3) := a(2) xor a(7);
    b(4) := a(3) xor a(7);
    b(5) := a(4);
    b(6) := a(5);
    b(7) := a(6);
    return b;
  end;

  type   accum_array_t is array (0 to 3) of std_logic_vector(7 downto 0);
  signal accum_r : accum_array_t;

  signal prod2, prod3 : std_logic_vector(7 downto 0);
  signal x           : std_logic_vector(7 downto 0);

begin  -- rtl

  assert (inverse_in /= '1') report "this architecture supports only forward operation"
    severity failure;
  x <= data_in;

  prod2 <= gf256_mul2(x);
  prod3 <= prod2 xor x;


  -- forward transform:
  --
  -- x0   |02 03 01 01| y0
  -- x1 = |01 02 03 01|*y1 
  -- x2   |01 01 02 03| y2
  -- x3   |03 01 01 02| y3

  -- inverse transform
  -- y0   |0e 0b 0d 09| x0
  -- y1 = |09 0e 0b 0d|*x1 
  -- y2   |0d 09 0e 0b| x2
  -- y3   |0b 0d 09 0e| x3

  clocked : process (clk)
  begin  -- process clocked
    if rising_edge(clk) then            -- rising clock edge
      if (start_in = '1') then
        accum_r(0) <= x;
        accum_r(1) <= x;
        accum_r(2) <= prod3;
        accum_r(3) <= prod2;
      else
        accum_r(0) <= x xor accum_r(1);
        accum_r(1) <= x xor accum_r(2);
        accum_r(2) <= prod3 xor accum_r(3);
        accum_r(3) <= prod2 xor accum_r(0);
      end if;
    end if;
  end process clocked;

  data0_out <= accum_r(0);
  data1_out <= accum_r(1);
  data2_out <= accum_r(2);
  data3_out <= accum_r(3);
  
end fwd_rtl;