• Multi-Mode Hash

    Overview

    The Multi-Mode Hash Engine is a generic hash calculation block which supports the 512bit block sized algorithms of:

    • MD5 (rfc1321)
    • SHA-1 (fips180-3)
    • SHA-224/256 (fips180-3)

    The deliverable is Verilog (2001) RTL.

    The hierarchy of the design is as illustrated within Fig 1:

    Fig 1: Multi-Mode Hash Hash Engine – RTL Hierarchy

    Port List

    The top level of the design has three key interfaces; Control & Status, Message Stream and Message Digest.  The full signal port list is as tabulated below:

    PORT WIDTH DIRECTION NOTE
    clk 1 Input Core Clock
    resetn 1 Input Active low reset. Asynchronous assertion - synchronous de-assertion.
    message_start 1 Input Calculation start request.
    message_length 64 Input Message length (in bits) for processing
    digest_mode 2 Input Calculation control. 2'b00: MD5, 2:b01: SHA-1, 2:b10: SHA-224, 2'b11: SHA-256
    idle 1 Output Calculation processing status indication.
    message_data 32 Input Data word (from message stream).
    message_valid 1 Input Data Word Valid indication.
    message_enable 1 Output Data Word Enable control.
    digest 256 Output Digest Result.
    digest_valid 1 Output Digest Result Valid indication.
    digest_enable 1 Input Digest Result Enable control.

    Signalling

    Fig 2 details a typical interface sequence for a hash calculation:

    • From the idle state (i.e. when the idle output is high), the digest_mode and message_length inputs are sampled when message_start is asserted.
    • Once in the active state (i.e. when the idle output is low), the state of the message_start input is ignored untill the module has reached idle again.  Both digest_mode and message_length may be changed in value during this time.
    • With the module in the active state, the message_enable output is asserted to allow reception of message data over the Message Stream interface.
    • Message data may be presented within a single cycle and is handshaked via a valid /enable protocol.  I.e. when valid data is presented, it is only accepted if the enable output is asserted too.  Fig 2 illustrates how there may be a delay after negation of the idle status before message_valid is asserted – however this is not an interface requirement.  Valid data may be presented earlier – message_enable will only become asserted once the module is active.
    • After the configured length of data for a given message has been received, the message_enable output will be negated and the hash calculation allowed to complete.  Upon completion the resultant Message Digest will be presented for output – again via a valid / enable protocol.
    • After the valid Message Digest has been enabled, the module will return to the idle state (i.e. idle is asserted again) and become ready to accept a new calculation request through a subsequent assertion of message_start.

    Fig 2: Interface Signal Sequencing (Typical)

    Data Alignment

    The Message Length is pressented as a 64 bit value, with the MSb in the bit[63] position and the LSb within bit[0].

    The Message Stream data is packed onto the message_data bus as per the appropriate hash specification:

    • In the case of a SHA operating mode the bit stream (from first bit towards last) is split into a series of 32bit words with the earliest bit in the MSb position, the most recent bit in the LSb position.
    • In the case of the MD5 operating mode the bit stream (from first bit towards last) is split into a series of 8 bit bytes with the earliest bit in the MSb position of each byte.  Bytes are then grouped in 4’s to achieve 32 bit words – with the earliest byte regarded as the LSB (but occupying bits [31:24] of the word) and the most recent byte regarded as the MSB (and occupying bits [7:0] of the word).

    Message streams which complete on a non-aligned data word will be packed into the MSbits of the final 32 bit input word.

    The Message Digest result is ordered as per the appropriate hash specification and packed from the MSB of the 256 bit digest output:

    • In the case of a SHA operating mode, the H0 Word term will be presented in digest bits [255:224], followed by terms H1, H2, H3 etc.
    • In the case of the MD5 operating mode, the A term is pressented (LSB first) in digest bits [255:224] followed by terms B, C and D (completing with the high orde Byte of term D within bits [135:128]).