The SHA-224/256 Hash Engine is a hash calculation block which supports the 512bit block sized algorithms of the SHA-2 (fips180-3) specification:
The deliverable is Verilog (2001) RTL.
The hierarchy of the design is as illustrated within Fig 1:
The top level of the design has three key interfaces; Control & Status, Message Stream and Message Digest. The full signal port list is as tabulated below:
PORT WIDTH DIRECTION NOTE clk 1 Input Core clock resetn 1 Input Active low reset. Asynchronous assertion, syncronous de-assertion message_start 1 Input Calculation start request message_length 64 Input Message length (in bits) for processing digest_mode 1 Input Digest mode control. 1'b0: Sha-224,1'b1: Sha-256 idle 1 Output Calculation processing status indication message_data 32 Output Data word (from message stream) message_valid 1 Output Message word valid indication message_enable 1 Input Message Word enable indication digest 256 Output Digest result digest_valid 1 Output Digest result valid indication digest_enable 1 Input Digest result enable indication
Fig 2 details a typical interface sequence for a hash calculation:
- From the idle state (i.e. when the idle output is high), the digest_mode and message_length inputs are sampled when message_start is asserted.
- Once in the active state (i.e. when the idle output is low), the state of the message_start input is ignored until the module has reached idle again. Both digest_mode and message_length may be changed in value during this time.
- With the module in the active state, the message_enable output is asserted to allow reception of message data over the Message Stream interface.
- Message data may be presented within a single cycle via a valid /enable handshake protocol. I.e. when valid data is presented, it is only accepted if the enable output is asserted too. Fig 2 illustrates how there may be a delay after negation of the idle status before message_valid is asserted – however this is not an interface requirement. Valid data may be presented earlier – message_enable will only become asserted once the module is active.
- After the configured length of data for a given message has been received, the message_enable output will be negated and the hash calculation allowed to complete. Upon completion the resultant Message Digest will be presented for output – again via a valid / enable protocol.
- After the valid Message Digest has been enabled, the module will return to the idle state (i.e. idle is asserted again) and become ready to accept a new calculation request through a subsequent assertion of message_start.
The Message Length is presented as a 64 bit value, with the MSb in the bit position and the LSb within bit.
The Message Stream data is packed onto the message_data bus as per the SHA hash specification:
- The bit stream (from first bit towards last) is split into a series of 32bit words with the earliest bit in the MSb position, the most recent bit in the LSb position.
Message streams which complete on a non-aligned data word will be packed into the MSbits of the final 32 bit input word.
The Message Digest result is ordered as per the SHA hash specification:
- The H0 Word term will be presented in digest bits [255:224], followed by terms H1, H2, H3 etc through H7 (for SHA-256) within digest bits [31:0].