zecfoundation
/
zcash-fpga
mirror of https://github.com/ZcashFoundation/zcash-fpga.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Update inversion block and pairing engine to use external multiplier 

blocks.
This commit is contained in:
bsdevlin 2019-08-16 17:27:06 +08:00
parent 38b8284194
commit c579406f94
10 changed files with 404 additions and 347 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ip_cores/ec/src/rtl/ec_fe12_mul_s.sv
View File

@ -75,7 +75,7 @@ always_comb begin
case (i_sub_fe_if.ctl[OVR_WRT_BIT +: NUM_OVR_WRT]) inside
0: i_sub_fe_if.rdy = (sub_cnt >= 6) && (~o_sub_fe_if.val || (o_sub_fe_if.val && o_sub_fe_if.rdy));
1: i_sub_fe_if.rdy = (out_cnt >= 6) && (~o_mul_fe12_if.val || (o_mul_fe12_if.val && o_mul_fe12_if.rdy));
1: i_sub_fe_if.rdy = 1;
default: i_sub_fe_if.rdy = 0;
endcase
@ -182,6 +182,11 @@ always_ff @ (posedge i_clk) begin
if (i_add_fe_if.val && i_add_fe_if.rdy && i_add_fe_if.ctl[OVR_WRT_BIT +: NUM_OVR_WRT] == 0) begin
a0 <= {i_add_fe_if.dat, a0[5:1]};
end
if (i_sub_fe_if.val && i_sub_fe_if.rdy && i_sub_fe_if.ctl[OVR_WRT_BIT +: NUM_OVR_WRT] == 0) begin
a1 <= {i_sub_fe_if.dat, a1[5:1]};
if (i_sub_fe_if.eop) aa_val <= 1;
end
if (i_add_fe_if.val && i_add_fe_if.rdy && i_add_fe_if.ctl[OVR_WRT_BIT +: NUM_OVR_WRT] == 1) begin
b0 <= {i_add_fe_if.dat, b0[5:1]};
@ -251,7 +256,7 @@ always_ff @ (posedge i_clk) begin
// Sub input flow
case (sub_cnt) inside
0,1,2,3,4,5: fe6_sub(i_mul_fe6_if.val && i_mul_fe6_if.ctl[OVR_WRT_BIT +: NUM_OVR_WRT] == 2, i_mul_fe6_if.dat, aa[sub_cnt%6]);
6,7,8,9,10,11: fe6_sub(i_sub_fe_if.val, i_sub_fe_if.dat, b1[sub_cnt%6]);
6,7,8,9,10,11: fe6_sub(aa_val, a1[sub_cnt%6], b1[sub_cnt%6]);
endcase
// mnr flow

8
ip_cores/ec/src/tb/ec_fp2_point_mult_tb.sv
View File

@ -30,6 +30,8 @@ parameter type FE2_TYPE = bls12_381_pkg::fe2_t;
parameter KEY_BITS = bls12_381_pkg::DAT_BITS;
parameter P = bls12_381_pkg::P;
parameter CTL_BITS = 64;
`define MULT_FUNC(K, IN_POINT) fp2_point_mult(K, IN_POINT);
`define PRINT_FUNC(IN_POINT) print_fp2_jb_point(IN_POINT);
`define G_POINT bls12_381_pkg::g2_point
@ -95,7 +97,8 @@ ec_point_mult (
ec_fp2_point_add #(
.FP2_TYPE ( FP_TYPE ),
.FE_TYPE ( FE_TYPE ),
.FE2_TYPE ( FE2_TYPE )
.FE2_TYPE ( FE2_TYPE ),
.CTL_BITS ( CTL_BITS )
)
ec_fp2_point_add (
.i_clk ( clk ),
@ -121,7 +124,8 @@ ec_fp2_point_add (
ec_fp2_point_dbl #(
.FP2_TYPE ( FP_TYPE ),
.FE_TYPE ( FE_TYPE ),
.FE2_TYPE ( FE2_TYPE )
.FE2_TYPE ( FE2_TYPE ),
.CTL_BITS ( CTL_BITS )
)
ec_fp2_point_dbl (
.i_clk ( clk ),

304
zcash_fpga/src/rtl/bls12_381/bls12_381_fe12_inv_wrapper.sv
View File

@ -1,5 +1,7 @@
/*
This does the Fp12 inversion required in the final exponentiation.
This does the Fe12 inversion required in the final exponentiation.
Also provide inputs for Fe and Fe2 inversion so we can do point multiplication
and pairing inside FPGA.
Input is expected to be streamed in with Fp .c0 in the first clock cycle
@ -26,40 +28,49 @@ module bls12_381_fe12_inv_wrapper
parameter type FE2_TYPE = fe2_t,
parameter type FE6_TYPE = fe6_t,
parameter CTL_BITS = 12,
parameter OVR_WRT_BIT = 8 // Need 32 bits for control
parameter OVR_WRT_BIT = 8 // Need 13 bits for control
)(
input i_clk, i_rst,
// Input/Output interfaces for inversion result, FE_TYPE data width
// Input/Output interfaces for inversion, FE_TYPE data width
if_axi_stream.source o_inv_fe12_if,
if_axi_stream.sink i_inv_fe12_if,
if_axi_stream.source o_inv_fe2_if,
if_axi_stream.sink i_inv_fe2_if,
if_axi_stream.source o_inv_fe_if,
if_axi_stream.sink i_inv_fe_if,
// Interface to FE_TYPE mul (mod P), 2*FE_TYPE data width
if_axi_stream.source o_mul_fe_if,
if_axi_stream.sink i_mul_fe_if
if_axi_stream.sink i_mul_fe_if,
// Interface to FE2_TYPE mul (mod P), 2*FE_TYPE data width
if_axi_stream.source o_mul_fe2_if,
if_axi_stream.sink i_mul_fe2_if,
// Interface to FE2_TYPE mnr (mod P), FE_TYPE data width
if_axi_stream.source o_mnr_fe2_if,
if_axi_stream.sink i_mnr_fe2_if,
// Interface to FE6_TYPE mul (mod P), 2*FE_TYPE data width
if_axi_stream.source o_mul_fe6_if,
if_axi_stream.sink i_mul_fe6_if,
// Interface to FE6_TYPE mnr (mod P), FE_TYPE data width
if_axi_stream.source o_mnr_fe6_if,
if_axi_stream.sink i_mnr_fe6_if,
// Interface to FE_TYPE add (mod P), 2*FE_TYPE data width
if_axi_stream.source o_add_fe_if,
if_axi_stream.sink i_add_fe_if,
// Interface to FE_TYPE sub (mod P), 2*FE_TYPE data width
if_axi_stream.source o_sub_fe_if,
if_axi_stream.sink i_sub_fe_if
);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe_o_if [1:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe_i_if [1:0] (i_clk);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) add_fe_o_if [5:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) add_fe_i_if [5:0] (i_clk);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) sub_fe_o_if [6:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) sub_fe_i_if [6:0] (i_clk);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) add_fe_o_if [1:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) add_fe_i_if [1:0] (i_clk);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) sub_fe_o_if [2:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) sub_fe_i_if [2:0] (i_clk);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe2_o_if [2:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe2_i_if [2:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mnr_fe2_o_if [3:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mnr_fe2_i_if [3:0] (i_clk);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe6_o_if (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe6_i_if (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mnr_fe6_o_if (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mnr_fe6_i_if (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) inv_fe_o_if (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) inv_fe_i_if (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) inv_fe2_o_if (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) inv_fe2_i_if (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) inv_fe_o_if [1:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) inv_fe_i_if [1:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) inv_fe2_o_if [1:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) inv_fe2_i_if [1:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) inv_fe6_o_if (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) inv_fe6_i_if (i_clk);
@ -70,244 +81,137 @@ bin_inv_s #(
bin_inv_s (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.o_dat_if ( inv_fe_i_if ),
.i_dat_if ( inv_fe_o_if )
.o_dat_if ( inv_fe_i_if[1] ),
.i_dat_if ( inv_fe_o_if[1] )
);
ec_fe2_inv_s #(
.FE_TYPE ( FE_TYPE ),
.OVR_WRT_BIT ( OVR_WRT_BIT )
.OVR_WRT_BIT ( OVR_WRT_BIT ) // Needs 2 bits
)
ec_fe2_inv_s(
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.o_inv_fe2_if ( inv_fe2_i_if ),
.i_inv_fe2_if ( inv_fe2_o_if ),
.o_inv_fe_if ( inv_fe_o_if ),
.i_inv_fe_if ( inv_fe_i_if ),
.o_mul_fe_if ( mul_fe_o_if[0] ),
.i_mul_fe_if ( mul_fe_i_if[0] ),
.o_add_fe_if ( add_fe_o_if[0] ),
.i_add_fe_if ( add_fe_i_if[0] ),
.o_sub_fe_if ( sub_fe_o_if[0] ),
.i_sub_fe_if ( sub_fe_i_if[0] )
);
ec_fe2_mul_s #(
.FE_TYPE ( FE_TYPE ),
.CTL_BITS ( CTL_BITS )
)
ec_fe2_mul_s (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.o_mul_fe2_if ( mul_fe2_i_if[2] ),
.i_mul_fe2_if ( mul_fe2_o_if[2] ),
.o_add_fe_if ( add_fe_o_if[1] ),
.i_add_fe_if ( add_fe_i_if[1] ),
.o_sub_fe_if ( sub_fe_o_if[1] ),
.i_sub_fe_if ( sub_fe_i_if[1] ),
.o_mul_fe_if ( mul_fe_o_if[1] ),
.i_mul_fe_if ( mul_fe_i_if[1] )
);
fe2_mul_by_nonresidue_s #(
.FE_TYPE ( FE_TYPE )
)
fe2_mul_by_nonresidue_s (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.o_mnr_fe2_if ( mnr_fe2_i_if[3] ),
.i_mnr_fe2_if ( mnr_fe2_o_if[3] ),
.o_add_fe_if ( add_fe_o_if[2] ),
.i_add_fe_if ( add_fe_i_if[2] ),
.o_sub_fe_if ( sub_fe_o_if[2] ),
.i_sub_fe_if ( sub_fe_i_if[2] )
.o_inv_fe2_if ( inv_fe2_i_if[1] ) ,
.i_inv_fe2_if ( inv_fe2_o_if[1] ),
.o_inv_fe_if ( inv_fe_o_if[0] ),
.i_inv_fe_if ( inv_fe_i_if[0] ),
.o_mul_fe_if ( o_mul_fe_if ),
.i_mul_fe_if ( i_mul_fe_if ),
.o_add_fe_if ( add_fe_o_if[0] ),
.i_add_fe_if ( add_fe_i_if[0] ),
.o_sub_fe_if ( sub_fe_o_if[0] ),
.i_sub_fe_if ( sub_fe_i_if[0] )
);
ec_fe6_inv_s
#(
.FE_TYPE ( FE_TYPE ),
.FE2_TYPE ( FE2_TYPE ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 2 )
.OVR_WRT_BIT ( OVR_WRT_BIT + 2 ) // Needs 5 bits
)
ec_fe6_inv_s (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.o_mul_fe2_if ( mul_fe2_o_if[0] ),
.i_mul_fe2_if ( mul_fe2_i_if[0] ),
.o_add_fe_if ( add_fe_o_if[3] ),
.i_add_fe_if ( add_fe_i_if[3] ),
.o_sub_fe_if ( sub_fe_o_if[3] ),
.i_sub_fe_if ( sub_fe_i_if[3] ),
.o_mnr_fe2_if ( mnr_fe2_o_if[0] ),
.i_mnr_fe2_if ( mnr_fe2_i_if[0] ),
.o_inv_fe2_if ( inv_fe2_o_if ),
.i_inv_fe2_if ( inv_fe2_i_if ),
.o_mul_fe2_if ( o_mul_fe2_if ),
.i_mul_fe2_if ( i_mul_fe2_if ),
.o_add_fe_if ( add_fe_o_if[1] ),
.i_add_fe_if ( add_fe_i_if[1] ),
.o_sub_fe_if ( sub_fe_o_if[1] ),
.i_sub_fe_if ( sub_fe_i_if[1] ),
.o_mnr_fe2_if ( o_mnr_fe2_if ),
.i_mnr_fe2_if ( i_mnr_fe2_if ),
.o_inv_fe2_if ( inv_fe2_o_if[0] ),
.i_inv_fe2_if ( inv_fe2_i_if[0] ),
.o_inv_fe6_if ( inv_fe6_i_if ),
.i_inv_fe6_if ( inv_fe6_o_if )
);
ec_fe6_mul_s #(
.FE_TYPE ( FE_TYPE ),
.FE2_TYPE ( FE2_TYPE ),
.FE6_TYPE ( FE6_TYPE ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 7 )
)
ec_fe6_mul_s (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.o_mul_fe2_if ( mul_fe2_o_if[1] ),
.i_mul_fe2_if ( mul_fe2_i_if[1] ),
.o_add_fe_if ( add_fe_o_if[4] ),
.i_add_fe_if ( add_fe_i_if[4] ),
.o_sub_fe_if ( sub_fe_o_if[4] ),
.i_sub_fe_if ( sub_fe_i_if[4] ),
.o_mnr_fe2_if ( mnr_fe2_o_if[1] ),
.i_mnr_fe2_if ( mnr_fe2_i_if[1] ),
.o_mul_fe6_if ( mul_fe6_i_if ),
.i_mul_fe6_if ( mul_fe6_o_if )
);
fe6_mul_by_nonresidue_s #(
.FE_TYPE ( FE_TYPE )
)
fe6_mul_by_nonresidue_s (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.o_mnr_fe2_if ( mnr_fe2_o_if[2] ),
.i_mnr_fe2_if ( mnr_fe2_i_if[2] ),
.o_mnr_fe6_if ( mnr_fe6_i_if ),
.i_mnr_fe6_if ( mnr_fe6_o_if )
);
ec_fe12_inv_s #(
.FE_TYPE ( FE_TYPE ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 14 )
.FE_TYPE ( FE_TYPE ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 7 ) // Needs 3 bits
)
ec_fe12_inv_s (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.o_mul_fe6_if ( mul_fe6_o_if ),
.i_mul_fe6_if ( mul_fe6_i_if ),
.o_sub_fe_if ( sub_fe_o_if[5] ),
.i_sub_fe_if ( sub_fe_i_if[5] ),
.o_mnr_fe6_if ( mnr_fe6_o_if ),
.i_mnr_fe6_if ( mnr_fe6_i_if ),
.o_mul_fe6_if ( o_mul_fe6_if ),
.i_mul_fe6_if ( i_mul_fe6_if ),
.o_sub_fe_if ( sub_fe_o_if[2] ),
.i_sub_fe_if ( sub_fe_i_if[2] ),
.o_mnr_fe6_if ( o_mnr_fe6_if ),
.i_mnr_fe6_if ( i_mnr_fe6_if ),
.o_inv_fe6_if ( inv_fe6_o_if ),
.i_inv_fe6_if ( inv_fe6_i_if ),
.o_inv_fe12_if ( o_inv_fe12_if ),
.i_inv_fe12_if ( i_inv_fe12_if )
);
adder_pipe # (
.BITS ( bls12_381_pkg::DAT_BITS ),
.P ( bls12_381_pkg::P ),
.CTL_BITS ( CTL_BITS ),
.LEVEL ( 2 )
)
adder_pipe (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_add ( add_fe_o_if[5] ),
.o_add ( add_fe_i_if[5] )
);
subtractor_pipe # (
.BITS ( bls12_381_pkg::DAT_BITS ),
.P ( bls12_381_pkg::P ),
.CTL_BITS ( CTL_BITS ),
.LEVEL ( 2 )
)
subtractor_pipe (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_sub ( sub_fe_o_if[6] ),
.o_sub ( sub_fe_i_if[6] )
);
resource_share # (
.NUM_IN ( 5 ),
.NUM_IN ( 2 ),
.DAT_BITS ( 2*$bits(FE_TYPE) ),
.CTL_BITS ( CTL_BITS ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 18 ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 8 ),
.PIPELINE_IN ( 1 ),
.PIPELINE_OUT ( 1 )
)
resource_share_fe_add (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_axi ( add_fe_o_if[4:0] ),
.o_res ( add_fe_o_if[5] ),
.i_res ( add_fe_i_if[5] ),
.o_axi ( add_fe_i_if[4:0] )
);
resource_share # (
.NUM_IN ( 6 ),
.DAT_BITS ( 2*$bits(FE_TYPE) ),
.CTL_BITS ( CTL_BITS ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 18 ),
.PIPELINE_IN ( 1 ),
.PIPELINE_OUT ( 1 )
)
resource_share_fe_sub (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_axi ( sub_fe_o_if[5:0] ),
.o_res ( sub_fe_o_if[6] ),
.i_res ( sub_fe_i_if[6] ),
.o_axi ( sub_fe_i_if[5:0] )
);
resource_share # (
.NUM_IN ( 2 ),
.DAT_BITS ( 2*$bits(FE_TYPE) ),
.CTL_BITS ( CTL_BITS ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 18 ),
.PIPELINE_IN ( 1 ),
.PIPELINE_OUT ( 1 )
)
resource_share_fe_mul (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_axi ( mul_fe_o_if[1:0] ),
.o_res ( o_mul_fe_if ),
.i_res ( i_mul_fe_if ),
.o_axi ( mul_fe_i_if[1:0] )
.i_axi ( add_fe_o_if[1:0] ),
.o_res ( o_add_fe_if ),
.i_res ( i_add_fe_if ),
.o_axi ( add_fe_i_if[1:0] )
);
resource_share # (
.NUM_IN ( 3 ),
.DAT_BITS ( 2*$bits(FE_TYPE) ),
.CTL_BITS ( CTL_BITS ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 24 ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 10 ),
.PIPELINE_IN ( 1 ),
.PIPELINE_OUT ( 1 )
)
resource_share_fe2_mnr (
resource_share_fe_sub (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_axi ( mnr_fe2_o_if[2:0] ),
.o_res ( mnr_fe2_o_if[3] ),
.i_res ( mnr_fe2_i_if[3] ),
.o_axi ( mnr_fe2_i_if[2:0] )
.i_axi ( sub_fe_o_if[2:0] ),
.o_res ( o_sub_fe_if ),
.i_res ( i_sub_fe_if ),
.o_axi ( sub_fe_i_if[2:0] )
);
resource_share # (
.NUM_IN ( 2 ),
.DAT_BITS ( 2*$bits(FE_TYPE) ),
.DAT_BITS ( $bits(FE_TYPE) ),
.CTL_BITS ( CTL_BITS ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 24 ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 11 ),
.PIPELINE_IN ( 1 ),
.PIPELINE_OUT ( 1 )
)
resource_share_fe2_mul (
resource_share_fe_inv (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_axi ( mul_fe2_o_if[1:0] ),
.o_res ( mul_fe2_o_if[2] ),
.i_res ( mul_fe2_i_if[2] ),
.o_axi ( mul_fe2_i_if[1:0] )
.i_axi ( {i_inv_fe_if, inv_fe_o_if[0]} ),
.o_res ( inv_fe_o_if[1] ),
.i_res ( inv_fe_i_if[1] ),
.o_axi ( {o_inv_fe_if, inv_fe_i_if[0]} )
);
resource_share # (
.NUM_IN ( 2 ),
.DAT_BITS ( $bits(FE_TYPE) ),
.CTL_BITS ( CTL_BITS ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 12 ),
.PIPELINE_IN ( 1 ),
.PIPELINE_OUT ( 1 )
)
resource_share_fe2_inv (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_axi ( {i_inv_fe2_if, inv_fe2_o_if[0]} ),
.o_res ( inv_fe2_o_if[1] ),
.i_res ( inv_fe2_i_if[1] ),
.o_axi ( {o_inv_fe2_if, inv_fe2_i_if[0]} )
);
endmodule

42
zcash_fpga/src/rtl/bls12_381/bls12_381_pairing.sv
View File

@ -45,6 +45,7 @@ module bls12_381_pairing
input G1_FP_AF_TYPE i_g1_af,
input G2_FP_AF_TYPE i_g2_af,
if_axi_stream.source o_fe12_if,
output G2_FP_JB_TYPE o_pt_jb,
// Interface to FE_TYPE multiplier (mod P)
if_axi_stream.source o_mul_fe_if,
if_axi_stream.sink i_mul_fe_if,
@ -103,11 +104,15 @@ if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) dbl_f12_o_if (
logic [$clog2(ATE_X_START)-1:0] ate_loop_cnt;
logic [1:0] miller_mult_cnt;
enum {IDLE, MILLER_LOOP, FINAL_EXP} pair_state;
enum {IDLE, POINT_MULT, MILLER_LOOP, FINAL_EXP} pair_state;
FE12_TYPE f;
logic f_val;
logic [3:0] out_cnt;
logic point_mul_mode;
FE_TYPE key;
logic [$bits(FE_TYPE)/32-1:0] key_zero;
always_comb begin
dbl_f12_o_if.rdy = f_val && (~mul_fe12_o_if[0].val || (mul_fe12_o_if[0].val && mul_fe12_o_if[0].rdy)) && ((out_cnt/2 == 0) || (out_cnt/2 == 1) || (out_cnt/2 == 4)); // As this is a sparse f12 using full f12_mul
@ -117,6 +122,8 @@ always_comb begin
final_exp_fe12_o_if.err = 0;
final_exp_fe12_o_if.ctl = 0;
final_exp_fe12_o_if.mod = 0;
o_pt_jb = g2_r_jb_i;
end
always_ff @ (posedge i_clk) begin
@ -140,6 +147,11 @@ always_ff @ (posedge i_clk) begin
f <= FE12_one;
f_val <= 0;
out_cnt <= 0;
point_mul_mode <= 0;
key <= 0;
key_zero <= 0;
end else begin
if (add_o_rdy) add_i_val <= 0;
@ -156,6 +168,7 @@ always_ff @ (posedge i_clk) begin
case(pair_state)
IDLE: begin
ate_loop_cnt <= ATE_X_START-1;
//for (int i = 0key <= ATE_X;
f <= FE12_one;
add_i_val <= 0;
dbl_i_val <= 0;
@ -167,6 +180,7 @@ always_ff @ (posedge i_clk) begin
miller_mult_cnt <= 0;
if (i_val && o_rdy) begin
pair_state <= MILLER_LOOP;
point_mul_mode <= 0;
o_rdy <= 0;
g1_af_i <= i_g1_af;
@ -186,6 +200,7 @@ always_ff @ (posedge i_clk) begin
if (wait_dbl && dbl_f12_o_if.val && dbl_f12_o_if.sop && dbl_f12_o_if.rdy) begin
g2_r_jb_i <= dbl_g2_o;
// key[0] == 1?
if (~wait_add && ATE_X[ate_loop_cnt] == 1) begin
add_i_val <= 1;
wait_add <= 1;
@ -228,6 +243,7 @@ always_ff @ (posedge i_clk) begin
f_val <= 0;
out_cnt <= 0;
miller_mult_cnt <= ATE_X[ate_loop_cnt] == 0 ? 3 : 2;
//key[0] == 0 ?
end
end
end
@ -262,6 +278,10 @@ always_ff @ (posedge i_clk) begin
f_val <= 0;
wait_add <= 0;
miller_mult_cnt <= 0;
key <= key >> 1;
if (&key_zero) begin
end
ate_loop_cnt <= ate_loop_cnt - 1;
if (ate_loop_cnt == 0) begin
pair_state <= FINAL_EXP;
@ -298,10 +318,11 @@ bls12_381_pairing_miller_dbl #(
bls12_381_pairing_miller_dbl (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_val ( dbl_i_val ),
.o_rdy ( dbl_o_rdy ),
.i_g1_af ( g1_af_i ),
.i_g2_jb ( g2_r_jb_i ),
.i_val ( dbl_i_val ),
.i_point_mul_mode ( point_mul_mode ),
.o_rdy ( dbl_o_rdy ),
.i_g1_af ( g1_af_i ),
.i_g2_jb ( g2_r_jb_i ),
.o_res_fe12_sparse_if ( dbl_f12_o_if ),
.o_g2_jb ( dbl_g2_o ),
.o_mul_fe2_if ( mul_fe2_i_if[0] ),
@ -325,11 +346,12 @@ bls12_381_pairing_miller_add #(
bls12_381_pairing_miller_add (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_val ( add_i_val ),
.o_rdy ( add_o_rdy ),
.i_g1_af ( g1_af_i ),
.i_g2_jb ( dbl_g2_o ),
.i_g2_q_af ( g2_af_i ),
.i_val ( add_i_val ),
.i_point_mul_mode ( point_mul_mode ),
.o_rdy ( add_o_rdy ),
.i_g1_af ( g1_af_i ),
.i_g2_jb ( dbl_g2_o ),
.i_g2_q_af ( g2_af_i ),
.o_res_fe12_sparse_if ( add_f12_o_if ),
.o_g2_jb ( add_g2_o ),
.o_mul_fe2_if ( mul_fe2_i_if[1] ),

81
zcash_fpga/src/rtl/bls12_381/bls12_381_pairing_miller_add.sv
View File

@ -35,6 +35,7 @@ module bls12_381_pairing_miller_add
input i_clk, i_rst,
// Inputs
input i_val,
input i_point_mul_mode, // This will only enable the point mult logic
output logic o_rdy,
input G1_FP_AF_TYPE i_g1_af,
input G2_FP_JB_TYPE i_g2_jb,
@ -66,7 +67,7 @@ logic mul_en, add_en, sub_en;
logic o_rdy_l;
logic mul_cnt, add_cnt, sub_cnt;
logic [2:0] out_cnt;
logic point_mul_mode;
always_ff @ (posedge i_clk) begin
if (i_rst) begin
@ -95,8 +96,12 @@ always_ff @ (posedge i_clk) begin
{nxt_fe2_mul, nxt_fe_add, nxt_fe_sub} <= 0;
{mul_en, add_en, sub_en} <= 0;
point_mul_mode <= 0;
end else begin
point_mul_mode <= i_point_mul_mode;
i_mul_fe2_if.rdy <= 1;
i_add_fe_if.rdy <= 1;
i_sub_fe_if.rdy <= 1;
@ -110,7 +115,7 @@ always_ff @ (posedge i_clk) begin
if (o_res_fe12_sparse_if.rdy) o_res_fe12_sparse_if.val <= 0;
if (~o_res_fe12_sparse_if.val || (o_res_fe12_sparse_if.val && o_res_fe12_sparse_if.rdy)) begin
if (eq_val[39] && eq_val[40] && eq_val[41] && eq_val[36] && eq_val[42] &&
eq_val[19] && eq_val[23] && eq_val[30]) begin
o_res_fe12_sparse_if.val <= 1;
@ -124,7 +129,7 @@ always_ff @ (posedge i_clk) begin
2,3: o_res_fe12_sparse_if.dat <= t[1][out_cnt%2];
4,5: o_res_fe12_sparse_if.dat <= t[10][out_cnt%2];
endcase
if(out_cnt == 5) begin
eq_val <= 0;
eq_wait <= 0;
@ -136,13 +141,20 @@ always_ff @ (posedge i_clk) begin
{nxt_fe2_mul, nxt_fe_add, nxt_fe_sub} <= 0;
{mul_en, add_en, sub_en} <= 0;
end
if (point_mul_mode == 1 && eq_val[30] && eq_val[23] && eq_val[19] && out_cnt == 0) begin
o_res_fe12_sparse_if.val <= 1;
o_res_fe12_sparse_if.sop <= 1;
o_res_fe12_sparse_if.eop <= 1;
out_cnt <= 5;
end
end
if (eq_wait[39] && eq_wait[40] && eq_wait[41] && eq_wait[42] && ~o_rdy_l) begin
o_rdy <= 1;
o_rdy_l <= 1;
end
if (~sub_en) get_next_sub();
if (~add_en) get_next_add();
if (~mul_en) get_next_fe2_mul();
@ -221,7 +233,7 @@ always_ff @ (posedge i_clk) begin
default: o_res_fe12_sparse_if.err <= 1;
endcase
end
// Issue new multiplies
if (mul_en)
case (nxt_fe2_mul)
@ -242,7 +254,7 @@ always_ff @ (posedge i_clk) begin
28: fe2_multiply(28, i_g2_jb.y, t[5]);
31: fe2_multiply(31, t[10], t[10]);
endcase
if (add_en)
case (nxt_fe_add)
3: fe2_addition(3, i_g2_jb.z, i_g2_q_af.y);
@ -253,7 +265,7 @@ always_ff @ (posedge i_clk) begin
36: fe2_addition(36, o_g2_jb.z, o_g2_jb.z);
38: fe2_addition(38, t[6], t[6]);
endcase
if (sub_en)
case (nxt_fe_sub)
5: fe2_subtraction(5, t[1], ysquared);
@ -273,7 +285,7 @@ always_ff @ (posedge i_clk) begin
35: fe2_subtraction(35, t[9], t[10]);
37: fe2_subtraction(37, 0, t[6]);
endcase
// Issue final fe multiplications
if (~eq_wait[39] && eq_val[36]) begin
@ -383,20 +395,23 @@ task get_next_fe2_mul();
else if (~eq_wait[21] && eq_val[20])
nxt_fe2_mul <= 21;
else if (~eq_wait[24] && eq_val[23])
nxt_fe2_mul <= 24;
nxt_fe2_mul <= 24;
else if (~eq_wait[27] && eq_val[26] && eq_val[13])
nxt_fe2_mul <= 27;
else if (~eq_wait[28] && eq_val[11] && eq_wait[8])
nxt_fe2_mul <= 28;
else if(~eq_wait[31] && eq_val[25])
nxt_fe2_mul <= 31;
else if (~point_mul_mode)
if(~eq_wait[31] && eq_val[25])
nxt_fe2_mul <= 31;
else
mul_en <= 0;
else
mul_en <= 0;
endtask
task get_next_add();
add_en <= 1;
if (~eq_wait[3] && i_val)
if (~eq_wait[3] && i_val)
nxt_fe_add <= 3;
else if (~eq_wait[20] && eq_val[8])
nxt_fe_add <= 20;
@ -404,12 +419,15 @@ task get_next_add();
nxt_fe_add <= 25;
else if (~eq_wait[29] && eq_val[28])
nxt_fe_add <= 29;
else if (~eq_wait[34] && eq_val[14])
nxt_fe_add <= 34;
else if (~eq_wait[36] && eq_val[23] && eq_wait[35])
nxt_fe_add <= 36;
else if (~eq_wait[38] && eq_val[37])
nxt_fe_add <= 38;
else if (~point_mul_mode)
if (~eq_wait[34] && eq_val[14])
nxt_fe_add <= 34;
else if (~eq_wait[36] && eq_val[23] && eq_wait[35])
nxt_fe_add <= 36;
else if (~eq_wait[38] && eq_val[37])
nxt_fe_add <= 38;
else
add_en <= 0;
else
add_en <= 0;
endtask
@ -418,16 +436,16 @@ task get_next_sub();
sub_en <= 1;
if (~eq_wait[5] && eq_val[4] && eq_val[1])
nxt_fe_sub <= 5;
else if (~eq_wait[6] && eq_val[5] && eq_val[0])
else if (~eq_wait[6] && eq_val[5] && eq_val[0])
nxt_fe_sub <= 6;
else if (~eq_wait[8] && eq_val[2] && i_val)
nxt_fe_sub <= 8;
else if (~eq_wait[12] && eq_val[7])
else if (~eq_wait[12] && eq_val[7])
nxt_fe_sub <= 12;
else if (~eq_wait[13] && eq_val[12])
nxt_fe_sub <= 13;
nxt_fe_sub <= 13;
else if (~eq_wait[17] && eq_val[11] && eq_val[16])
nxt_fe_sub <= 17;
nxt_fe_sub <= 17;
else if (~eq_wait[18] && eq_val[17] && eq_val[10])
nxt_fe_sub <= 18;
else if (~eq_wait[19] && eq_val[18] && eq_val[15])
@ -440,14 +458,17 @@ task get_next_sub();
nxt_fe_sub <= 26;
else if (~eq_wait[30] && eq_val[29] && eq_val[27])
nxt_fe_sub <= 30;
else if (~eq_wait[32] && eq_val[31] && eq_val[1])
nxt_fe_sub <= 32;
else if (~eq_wait[33] && eq_val[32] && eq_val[24])
nxt_fe_sub <= 33;
else if (~eq_wait[35] && eq_val[34] && eq_val[33])
nxt_fe_sub <= 35;
else if (~eq_wait[37] && eq_wait[27])
nxt_fe_sub <= 37;
else if (~point_mul_mode)
if (~eq_wait[32] && eq_val[31] && eq_val[1])
nxt_fe_sub <= 32;
else if (~eq_wait[33] && eq_val[32] && eq_val[24])
nxt_fe_sub <= 33;
else if (~eq_wait[35] && eq_val[34] && eq_val[33])
nxt_fe_sub <= 35;
else if (~eq_wait[37] && eq_wait[27])
nxt_fe_sub <= 37;
else
sub_en <= 0;
else
sub_en <= 0;
endtask

64
zcash_fpga/src/rtl/bls12_381/bls12_381_pairing_miller_dbl.sv
View File

@ -36,6 +36,7 @@ module bls12_381_pairing_miller_dbl
input i_clk, i_rst,
// Inputs
input i_val,
input i_point_mul_mode, // This will only enable the point mult logic
output logic o_rdy,
input G1_FP_AF_TYPE i_g1_af,
input G2_FP_JB_TYPE i_g2_jb,
@ -67,6 +68,8 @@ FE2_TYPE [6:0] t;
logic o_rdy_l;
logic [2:0] out_cnt;
logic point_mul_mode;
always_ff @ (posedge i_clk) begin
if (i_rst) begin
o_mul_fe2_if.reset_source();
@ -93,8 +96,12 @@ always_ff @ (posedge i_clk) begin
{nxt_fe2_mul, nxt_fe_add, nxt_fe_sub} <= 0;
{mul_en, add_en, sub_en} <= 0;
point_mul_mode <= 0;
end else begin
point_mul_mode <= i_point_mul_mode;
i_mul_fe2_if.rdy <= 1;
i_add_fe_if.rdy <= 1;
i_sub_fe_if.rdy <= 1;
@ -108,7 +115,6 @@ always_ff @ (posedge i_clk) begin
if (i_val && o_rdy) o_rdy <= 0;
if (~o_res_fe12_sparse_if.val || (o_res_fe12_sparse_if.val && o_res_fe12_sparse_if.rdy)) begin
if (eq_val[33] && eq_val[34] && eq_val[35] && eq_val[36] && eq_val[30] &&
eq_val[14] && eq_val[18] && eq_val[22]) begin
o_res_fe12_sparse_if.val <= 1;
@ -133,6 +139,13 @@ always_ff @ (posedge i_clk) begin
out_cnt <= 0;
{mul_en, add_en, sub_en} <= 0;
end
if (point_mul_mode == 1 && eq_val[22] && eq_val[18] && eq_val[14] && out_cnt == 0) begin
o_res_fe12_sparse_if.val <= 1;
o_res_fe12_sparse_if.sop <= 1;
o_res_fe12_sparse_if.eop <= 1;
out_cnt <= 5;
end
end
if (eq_wait[33] && eq_wait[33] && eq_wait[33] && eq_wait[33] && ~o_rdy_l) begin
@ -359,14 +372,17 @@ task get_next_sub();
nxt_fe_sub <= 19;
else if (~eq_wait[22] && eq_val[20] && eq_val[21])
nxt_fe_sub <= 22;
else if (~eq_wait[25] && eq_val[24])
nxt_fe_sub <= 25;
else if (~eq_wait[27] && eq_val[26] && eq_val[1])
nxt_fe_sub <= 27;
else if (~eq_wait[28] && eq_val[27] && eq_val[12])
nxt_fe_sub <= 28;
else if (~eq_wait[30] && eq_val[29] && eq_val[28])
nxt_fe_sub <= 30;
else if (~point_mul_mode)
if (~eq_wait[25] && eq_val[24])
nxt_fe_sub <= 25;
else if (~eq_wait[27] && eq_val[26] && eq_val[1])
nxt_fe_sub <= 27;
else if (~eq_wait[28] && eq_val[27] && eq_val[12])
nxt_fe_sub <= 28;
else if (~eq_wait[30] && eq_val[29] && eq_val[28])
nxt_fe_sub <= 30;
else
sub_en <= 0;
else
sub_en <= 0;
endtask
@ -385,10 +401,13 @@ task get_next_add();
nxt_fe_add <= 11;
else if (~eq_wait[15] && i_val && eq_wait[0])
nxt_fe_add <= 15;
else if (~eq_wait[24] && eq_val[23])
nxt_fe_add <= 24;
else if (~eq_wait[32] && eq_val[31])
nxt_fe_add <= 32;
else if (~point_mul_mode)
if (~eq_wait[24] && eq_val[23])
nxt_fe_add <= 24;
else if (~eq_wait[32] && eq_val[31])
nxt_fe_add <= 32;
else
add_en <= 0;
else
add_en <= 0;
endtask
@ -413,14 +432,17 @@ task get_next_fe2_mul();
nxt_fe2_mul <= 20;
else if (~eq_wait[21] && eq_wait[9])
nxt_fe2_mul <= 21;
else if (~eq_wait[23] && eq_val[0] && eq_val[2] && eq_wait[14])
nxt_fe2_mul <= 23;
else if (~eq_wait[26] && eq_val[11])
nxt_fe2_mul <= 26;
else if (~eq_wait[29] && eq_wait[17] && eq_val[4] && eq_wait[5] && eq_wait[6])
nxt_fe2_mul <= 29;
else if (~eq_wait[31] && eq_val[0] && eq_val[18] && eq_wait[27] && eq_wait[2] && eq_wait[3] && eq_wait[8])
nxt_fe2_mul <= 31;
else if (~point_mul_mode)
if (~eq_wait[23] && eq_val[0] && eq_val[2] && eq_wait[14])
nxt_fe2_mul <= 23;
else if (~eq_wait[26] && eq_val[11])
nxt_fe2_mul <= 26;
else if (~eq_wait[29] && eq_wait[17] && eq_val[4] && eq_wait[5] && eq_wait[6])
nxt_fe2_mul <= 29;
else if (~eq_wait[31] && eq_val[0] && eq_val[18] && eq_wait[27] && eq_wait[2] && eq_wait[3] && eq_wait[8])
nxt_fe2_mul <= 31;
else
mul_en <= 0;
else
mul_en <= 0;
endtask

190
zcash_fpga/src/rtl/bls12_381/bls12_381_pairing_wrapper.sv
View File

@ -39,25 +39,31 @@ module bls12_381_pairing_wrapper
if_axi_stream.source o_fe12_if, // Result fe12 of ate pairing
// Interface to FE_TYPE multiplier (mod P)
if_axi_stream.source o_mul_fe_if,
if_axi_stream.sink i_mul_fe_if
if_axi_stream.sink i_mul_fe_if,
// We provide interfaces to the inversion module
if_axi_stream.source o_inv_fe2_if,
if_axi_stream.sink i_inv_fe2_if,
if_axi_stream.source o_inv_fe_if,
if_axi_stream.sink i_inv_fe_if
);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe_o_if [3:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe_i_if [3:0] (i_clk);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) add_fe_o_if [5:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) add_fe_i_if [5:0] (i_clk);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) sub_fe_o_if [6:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) sub_fe_i_if [6:0] (i_clk);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe_o_if [3:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe_i_if [3:0] (i_clk);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) add_fe_o_if [6:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) add_fe_i_if [6:0] (i_clk);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) sub_fe_o_if [7:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) sub_fe_i_if [7:0] (i_clk);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe2_o_if [3:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe2_i_if [3:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mnr_fe2_o_if [2:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mnr_fe2_i_if [2:0] (i_clk);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe2_o_if [4:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe2_i_if [4:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mnr_fe2_o_if [3:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mnr_fe2_i_if [3:0] (i_clk);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe6_o_if (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe6_i_if (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mnr_fe6_o_if (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mnr_fe6_i_if (i_clk);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe6_o_if [2:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe6_i_if [2:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mnr_fe6_o_if [2:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mnr_fe6_i_if [2:0] (i_clk);
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe12_o_if [2:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe12_i_if [2:0] (i_clk);
@ -131,10 +137,26 @@ bls12_381_fe12_inv_wrapper #(
bls12_381_fe12_inv_wrapper (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.o_inv_fe12_if ( inv_fe12_i_if ),
.i_inv_fe12_if ( inv_fe12_o_if ),
.o_mul_fe_if ( mul_fe_o_if[3] ),
.i_mul_fe_if ( mul_fe_i_if[3] )
.o_inv_fe12_if ( inv_fe12_i_if ),
.i_inv_fe12_if ( inv_fe12_o_if ),
.o_inv_fe2_if ( o_inv_fe2_if ),
.i_inv_fe2_if ( i_inv_fe2_if ),
.o_inv_fe_if ( o_inv_fe_if ),
.i_inv_fe_if ( i_inv_fe_if ),
.o_mul_fe_if ( mul_fe_o_if[3] ),
.i_mul_fe_if ( mul_fe_i_if[3] ),
.o_mul_fe2_if ( mul_fe2_o_if[3] ),
.i_mul_fe2_if ( mul_fe2_i_if[3] ),
.o_mnr_fe2_if ( mnr_fe2_o_if[2] ),
.i_mnr_fe2_if ( mnr_fe2_i_if[2] ),
.o_mul_fe6_if ( mul_fe6_o_if[1] ),
.i_mul_fe6_if ( mul_fe6_i_if[1] ),
.o_mnr_fe6_if ( mnr_fe6_o_if[1] ),
.i_mnr_fe6_if ( mnr_fe6_i_if[1] ),
.o_add_fe_if ( add_fe_o_if[5] ),
.i_add_fe_if ( add_fe_i_if[5] ),
.o_sub_fe_if ( sub_fe_o_if[6] ),
.i_sub_fe_if ( sub_fe_i_if[6] )
);
ec_fe12_pow_s #(
@ -161,8 +183,8 @@ ec_fe2_mul_s #(
ec_fe2_mul_s (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.o_mul_fe2_if ( mul_fe2_i_if[3] ),
.i_mul_fe2_if ( mul_fe2_o_if[3] ),
.o_mul_fe2_if ( mul_fe2_i_if[4] ),
.i_mul_fe2_if ( mul_fe2_o_if[4] ),
.o_add_fe_if ( add_fe_o_if[0] ),
.i_add_fe_if ( add_fe_i_if[0] ),
.o_sub_fe_if ( sub_fe_o_if[0] ),
@ -177,8 +199,8 @@ fe2_mul_by_nonresidue_s #(
fe2_mul_by_nonresidue_s (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.o_mnr_fe2_if ( mnr_fe2_i_if[2] ),
.i_mnr_fe2_if ( mnr_fe2_o_if[2] ),
.o_mnr_fe2_if ( mnr_fe2_i_if[3] ),
.i_mnr_fe2_if ( mnr_fe2_o_if[3] ),
.o_add_fe_if ( add_fe_o_if[1] ),
.i_add_fe_if ( add_fe_i_if[1] ),
.o_sub_fe_if ( sub_fe_o_if[1] ),
@ -202,8 +224,8 @@ ec_fe6_mul_s (
.i_sub_fe_if ( sub_fe_i_if[2] ),
.o_mnr_fe2_if ( mnr_fe2_o_if[0] ),
.i_mnr_fe2_if ( mnr_fe2_i_if[0] ),
.o_mul_fe6_if ( mul_fe6_i_if ),
.i_mul_fe6_if ( mul_fe6_o_if )
.o_mul_fe6_if ( mul_fe6_i_if[2] ),
.i_mul_fe6_if ( mul_fe6_o_if[2] )
);
fe6_mul_by_nonresidue_s #(
@ -214,8 +236,8 @@ fe6_mul_by_nonresidue_s (
.i_rst ( i_rst ),
.o_mnr_fe2_if ( mnr_fe2_o_if[1] ),
.i_mnr_fe2_if ( mnr_fe2_i_if[1] ),
.o_mnr_fe6_if ( mnr_fe6_i_if ),
.i_mnr_fe6_if ( mnr_fe6_o_if )
.o_mnr_fe6_if ( mnr_fe6_i_if[2] ),
.i_mnr_fe6_if ( mnr_fe6_o_if[2] )
);
ec_fe12_mul_s #(
@ -226,14 +248,14 @@ ec_fe12_mul_s #(
ec_fe12_mul_s (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.o_mul_fe6_if ( mul_fe6_o_if ),
.i_mul_fe6_if ( mul_fe6_i_if ),
.o_mul_fe6_if ( mul_fe6_o_if[0] ),
.i_mul_fe6_if ( mul_fe6_i_if[0] ),
.o_add_fe_if ( add_fe_o_if[3] ),
.i_add_fe_if ( add_fe_i_if[3] ),
.o_sub_fe_if ( sub_fe_o_if[3] ),
.i_sub_fe_if ( sub_fe_i_if[3] ),
.o_mnr_fe6_if ( mnr_fe6_o_if ),
.i_mnr_fe6_if ( mnr_fe6_i_if ),
.o_mnr_fe6_if ( mnr_fe6_o_if[0] ),
.i_mnr_fe6_if ( mnr_fe6_i_if[0] ),
.o_mul_fe12_if ( mul_fe12_i_if[2] ),
.i_mul_fe12_if ( mul_fe12_o_if[2] )
);
@ -247,8 +269,8 @@ adder_pipe # (
adder_pipe (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_add ( add_fe_o_if[5] ),
.o_add ( add_fe_i_if[5] )
.i_add ( add_fe_o_if[6] ),
.o_add ( add_fe_i_if[6] )
);
subtractor_pipe # (
@ -260,25 +282,8 @@ subtractor_pipe # (
subtractor_pipe (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_sub ( sub_fe_o_if[6] ),
.o_sub ( sub_fe_i_if[6] )
);
resource_share # (
.NUM_IN ( 5 ),
.DAT_BITS ( 2*$bits(FE_TYPE) ),
.CTL_BITS ( CTL_BITS ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 32 ), // 3 bits
.PIPELINE_IN ( 1 ),
.PIPELINE_OUT ( 1 )
)
resource_share_fe_add (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_axi ( add_fe_o_if[4:0] ),
.o_res ( add_fe_o_if[5] ),
.i_res ( add_fe_i_if[5] ),
.o_axi ( add_fe_i_if[4:0] )
.i_sub ( sub_fe_o_if[7] ),
.o_sub ( sub_fe_i_if[7] )
);
resource_share # (
@ -289,13 +294,30 @@ resource_share # (
.PIPELINE_IN ( 1 ),
.PIPELINE_OUT ( 1 )
)
resource_share_fe_add (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_axi ( add_fe_o_if[5:0] ),
.o_res ( add_fe_o_if[6] ),
.i_res ( add_fe_i_if[6] ),
.o_axi ( add_fe_i_if[5:0] )
);
resource_share # (
.NUM_IN ( 7 ),
.DAT_BITS ( 2*$bits(FE_TYPE) ),
.CTL_BITS ( CTL_BITS ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 32 ), // 3 bits
.PIPELINE_IN ( 1 ),
.PIPELINE_OUT ( 1 )
)
resource_share_fe_sub (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_axi ( sub_fe_o_if[5:0] ),
.o_res ( sub_fe_o_if[6] ),
.i_res ( sub_fe_i_if[6] ),
.o_axi ( sub_fe_i_if[5:0] )
.i_axi ( sub_fe_o_if[6:0] ),
.o_res ( sub_fe_o_if[7] ),
.i_res ( sub_fe_i_if[7] ),
.o_axi ( sub_fe_i_if[6:0] )
);
resource_share # (
@ -316,7 +338,7 @@ resource_share_fe_mul (
);
resource_share # (
.NUM_IN ( 3 ),
.NUM_IN ( 4 ),
.DAT_BITS ( 2*$bits(FE_TYPE) ),
.CTL_BITS ( CTL_BITS ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 38 ), // 2 bits
@ -326,10 +348,27 @@ resource_share # (
resource_share_fe2_mul (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_axi ( mul_fe2_o_if[2:0] ),
.o_res ( mul_fe2_o_if[3] ),
.i_res ( mul_fe2_i_if[3] ),
.o_axi ( mul_fe2_i_if[2:0] )
.i_axi ( mul_fe2_o_if[3:0] ),
.o_res ( mul_fe2_o_if[4] ),
.i_res ( mul_fe2_i_if[4] ),
.o_axi ( mul_fe2_i_if[3:0] )
);
resource_share # (
.NUM_IN ( 2 ),
.DAT_BITS ( 2*$bits(FE_TYPE) ),
.CTL_BITS ( CTL_BITS ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 38 ), // 2 bits
.PIPELINE_IN ( 1 ),
.PIPELINE_OUT ( 1 )
)
resource_share_fe6_mul (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_axi ( mul_fe6_o_if[1:0] ),
.o_res ( mul_fe6_o_if[2] ),
.i_res ( mul_fe6_i_if[2] ),
.o_axi ( mul_fe6_i_if[1:0] )
);
resource_share # (
@ -350,8 +389,8 @@ resource_share_fe12_mul (
);
resource_share # (
.NUM_IN ( 2 ),
.DAT_BITS ( 2*$bits(FE_TYPE) ),
.NUM_IN ( 3 ),
.DAT_BITS ( $bits(FE_TYPE) ),
.CTL_BITS ( CTL_BITS ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 46 ), // 2 bits
.PIPELINE_IN ( 1 ),
@ -360,10 +399,27 @@ resource_share # (
resource_share_fe2_mnr (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_axi ( mnr_fe2_o_if[1:0] ),
.o_res ( mnr_fe2_o_if[2] ),
.i_res ( mnr_fe2_i_if[2] ),
.o_axi ( mnr_fe2_i_if[1:0] )
.i_axi ( mnr_fe2_o_if[2:0] ),
.o_res ( mnr_fe2_o_if[3] ),
.i_res ( mnr_fe2_i_if[3] ),
.o_axi ( mnr_fe2_i_if[2:0] )
);
resource_share # (
.NUM_IN ( 2 ),
.DAT_BITS ( $bits(FE_TYPE) ),
.CTL_BITS ( CTL_BITS ),
.OVR_WRT_BIT ( OVR_WRT_BIT + 48 ), // 2 bits
.PIPELINE_IN ( 1 ),
.PIPELINE_OUT ( 1 )
)
resource_share_fe6_mnr (
.i_clk ( i_clk ),
.i_rst ( i_rst ),
.i_axi ( mnr_fe6_o_if[1:0] ),
.o_res ( mnr_fe6_o_if[2] ),
.i_res ( mnr_fe6_i_if[2] ),
.o_axi ( mnr_fe6_i_if[1:0] )
);
endmodule

35
zcash_fpga/src/rtl/bls12_381/bls12_381_top.sv
View File

@ -83,8 +83,10 @@ if_axi_stream #(.DAT_BITS($bits(bls12_381_pkg::fe_t)), .CTL_BITS(CTL_BITS)) ad
if_axi_stream #(.DAT_BITS(2*$bits(bls12_381_pkg::fe_t)), .CTL_BITS(CTL_BITS)) sub_in_if [3:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(bls12_381_pkg::fe_t)), .CTL_BITS(CTL_BITS)) sub_out_if [3:0] (i_clk);
if_axi_stream #(.DAT_BITS($bits(bls12_381_pkg::fe_t))) binv_i_if(i_clk);
if_axi_stream #(.DAT_BITS($bits(bls12_381_pkg::fe_t))) binv_o_if(i_clk);
if_axi_stream #(.DAT_BITS($bits(bls12_381_pkg::fe_t)), .CTL_BITS(CTL_BITS)) inv_fe_o_if (i_clk);
if_axi_stream #(.DAT_BITS($bits(bls12_381_pkg::fe_t)), .CTL_BITS(CTL_BITS)) inv_fe_i_if (i_clk);
if_axi_stream #(.DAT_BITS($bits(bls12_381_pkg::fe_t)), .CTL_BITS(CTL_BITS)) inv_fe2_o_if (i_clk);
if_axi_stream #(.DAT_BITS($bits(bls12_381_pkg::fe_t)), .CTL_BITS(CTL_BITS)) inv_fe2_i_if (i_clk);
logic pair_i_val, pair_o_rdy;
if_axi_stream #(.DAT_BITS($bits(bls12_381_pkg::fe_t))) pair_o_res_if (i_clk); ;
@ -122,8 +124,10 @@ always_ff @ (posedge i_clk) begin
inst_ram_read <= 0;
data_ram_read <= 0;
cnt <= 0;
binv_i_if.reset_source();
binv_o_if.rdy <= 0;
inv_fe_o_if.reset_source();
inv_fe_i_if.rdy <= 0;
inv_fe2_o_if.reset_source();
inv_fe2_i_if.rdy <= 0;
inst_state <= NOOP_WAIT;
pt_l <= SCALAR;
new_data <= 0;
@ -168,12 +172,13 @@ always_ff @ (posedge i_clk) begin
data_ram_sys_if.we <= 0;
data_ram_read <= data_ram_read << 1;
if (fp2_pt_mul_in_if.val && fp2_pt_mul_in_if.rdy) fp2_pt_mul_in_if.val <= 0;
if (binv_i_if.val && binv_i_if.rdy) binv_i_if.val <= 0;
if (add_in_if[2].val && add_in_if[2].rdy) add_in_if[2].val <= 0;
if (sub_in_if[2].val && sub_in_if[2].rdy) sub_in_if[2].val <= 0;
if (mul_in_if[2].val && mul_in_if[2].rdy) mul_in_if[2].val <= 0;
if (pair_i_val && pair_o_rdy) pair_i_val <= 0;
if (fp2_pt_mul_in_if.rdy) fp2_pt_mul_in_if.val <= 0;
if (inv_fe_o_if.rdy) inv_fe_o_if.val <= 0;
if (inv_fe2_o_if.rdy) inv_fe2_o_if.val <= 0;
if (add_in_if[2].rdy) add_in_if[2].val <= 0;
if (sub_in_if[2].rdy) sub_in_if[2].val <= 0;
if (mul_in_if[2].rdy) mul_in_if[2].val <= 0;
if (pair_o_rdy) pair_i_val <= 0;
fp2_pt_mul_out_if.rdy <= 1;
@ -354,9 +359,13 @@ bls12_381_pairing_wrapper (
.o_rdy ( pair_o_rdy ),
.i_g1_af ( pair_i_g1 ),
.i_g2_af ( pair_i_g2 ),
.o_fe12_if ( pair_o_res_if ),
.o_mul_fe_if ( mul_in_if[3] ),
.i_mul_fe_if ( mul_out_if[3] )
.o_fe12_if ( pair_o_res_if ),
.o_mul_fe_if ( mul_in_if[3] ),
.i_mul_fe_if ( mul_out_if[3] ),
.o_inv_fe2_if ( inv_fe2_i_if ),
.i_inv_fe2_if ( inv_fe2_o_if ),
.o_inv_fe_if ( inv_fe_i_if ),
.i_inv_fe_if ( inv_fe_o_if )
);
resource_share # (

15
zcash_fpga/src/tb/bls12_381_pairing_tb.sv
View File

@ -52,6 +52,11 @@ if_axi_stream #(.DAT_BYTS(($bits(FE_TYPE)+7)/8), .CTL_BITS(CTL_BITS)) out_if(clk
if_axi_stream #(.DAT_BITS(2*$bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe_o_if(clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) mul_fe_i_if(clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) inv_fe_o_if(clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) inv_fe_i_if(clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) inv_fe2_o_if(clk);
if_axi_stream #(.DAT_BITS($bits(FE_TYPE)), .CTL_BITS(CTL_BITS)) inv_fe2_i_if(clk);
ec_fp_mult_mod #(
.P ( P ),
.KARATSUBA_LVL ( 3 ),
@ -77,7 +82,11 @@ bls12_381_pairing_wrapper (
.i_g2_af ( in_if.dat[$bits(af_point_t) +: $bits(fp2_af_point_t)] ),
.o_fe12_if ( out_if ),
.o_mul_fe_if ( mul_fe_o_if ),
.i_mul_fe_if ( mul_fe_i_if )
.i_mul_fe_if ( mul_fe_i_if ),
.o_inv_fe2_if ( inv_fe2_i_if ),
.i_inv_fe2_if ( inv_fe2_o_if ),
.o_inv_fe_if ( inv_fe_i_if ),
.i_inv_fe_if ( inv_fe_o_if )
);
// This just tests our software model vs a known good result
@ -201,6 +210,10 @@ endtask;
initial begin
in_if.reset_source();
inv_fe2_o_if.reset_source();
inv_fe_o_if.reset_source();
inv_fe2_i_if.rdy = 0;
inv_fe_i_if.rdy = 0;
out_if.rdy = 0;
#100ns;

3
zcash_fpga/src/tb/bls12_381_top_tb.sv
View File

@ -708,12 +708,13 @@ begin
fe12_t f_out, f_exp;
af_point_t G1_p;
fp2_af_point_t G2_p;
fp2_jb_point_t R;
failed = 0;
G1_p = {Gy, Gx};
G2_p = {bls12_381_pkg::G2y, bls12_381_pkg::G2x};
miller_loop(G1_p, G2_p, f_exp);
miller_loop(G1_p, G2_p, f_exp, R);
$display("Running test_pairing...");
// See what current instruction pointer is