Update vendored OpenTitan entropy IPs to Earlgrey-PROD-M5

src/aes/config/aes.vf

@@ -30,6 +30,7 @@ ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_mubi_pkg.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_cipher_pkg.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_pkg.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_sparse_fsm_pkg.sv
+${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_trivium_pkg.sv
 ${CALIPTRA_ROOT}/src/lc_ctrl/rtl/lc_ctrl_reg_pkg.sv
 ${CALIPTRA_ROOT}/src/lc_ctrl/rtl/lc_ctrl_state_pkg.sv
 ${CALIPTRA_ROOT}/src/lc_ctrl/rtl/lc_ctrl_pkg.sv
@@ -57,6 +58,7 @@ ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_subreg_arb.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_subreg.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_intr_hw.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_onehot_check.sv
+${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_onehot_enc.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_mubi8_sync.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_fifo_sync_cnt.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_buf.sv
@@ -69,6 +71,7 @@ ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_arbiter_ppc.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_sum_tree.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_subreg_ext.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_edge_detector.sv
+${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_trivium.sv
 ${CALIPTRA_ROOT}/src/aes/rtl/aes_reg_pkg.sv
 ${CALIPTRA_ROOT}/src/aes/rtl/aes_pkg.sv
 ${CALIPTRA_ROOT}/src/aes/rtl/aes_sbox_canright_pkg.sv

src/aes/config/aes_pkg.vf

@@ -30,6 +30,7 @@ ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_mubi_pkg.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_cipher_pkg.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_pkg.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_sparse_fsm_pkg.sv
+${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_trivium_pkg.sv
 ${CALIPTRA_ROOT}/src/lc_ctrl/rtl/lc_ctrl_reg_pkg.sv
 ${CALIPTRA_ROOT}/src/lc_ctrl/rtl/lc_ctrl_state_pkg.sv
 ${CALIPTRA_ROOT}/src/lc_ctrl/rtl/lc_ctrl_pkg.sv
@@ -57,6 +58,7 @@ ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_subreg_arb.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_subreg.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_intr_hw.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_onehot_check.sv
+${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_onehot_enc.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_mubi8_sync.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_fifo_sync_cnt.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_buf.sv
@@ -69,6 +71,7 @@ ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_arbiter_ppc.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_sum_tree.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_subreg_ext.sv
 ${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_edge_detector.sv
+${CALIPTRA_ROOT}/src/caliptra_prim/rtl/caliptra_prim_trivium.sv
 ${CALIPTRA_ROOT}/src/aes/rtl/aes_reg_pkg.sv
 ${CALIPTRA_ROOT}/src/aes/rtl/aes_pkg.sv
 ${CALIPTRA_ROOT}/src/aes/rtl/aes_sbox_canright_pkg.sv

src/aes/lint/aes.vlt

@@ -1,4 +1,4 @@
-// Copyright lowRISC contributors.
+// Copyright lowRISC contributors (OpenTitan project).
 // Licensed under the Apache License, Version 2.0, see LICENSE for details.
 // SPDX-License-Identifier: Apache-2.0
 //

src/aes/rtl/aes_cipher_control.sv

@@ -1,4 +1,4 @@
-// Copyright lowRISC contributors.
+// Copyright lowRISC contributors (OpenTitan project).
 // Licensed under the Apache License, Version 2.0, see LICENSE for details.
 // SPDX-License-Identifier: Apache-2.0
 //
@@ -12,8 +12,9 @@ module aes_cipher_control
   import aes_reg_pkg::*;
   import aes_pkg::*;
 #(
-  parameter bit         SecMasking  = 0,
-  parameter sbox_impl_e SecSBoxImpl = SBoxImplDom
+  parameter bit         CiphOpFwdOnly = 0,
+  parameter bit         SecMasking    = 0,
+  parameter sbox_impl_e SecSBoxImpl   = SBoxImplDom
 ) (
   input  logic                    clk_i,
   input  logic                    rst_ni,
@@ -371,8 +372,8 @@ module aes_cipher_control
   end
 
   // Use separate signal for key expand operation, forward round.
-  assign key_expand_op_o    = (dec_key_gen_d == SP2V_HIGH ||
-                               dec_key_gen_q == SP2V_HIGH) ? CIPH_FWD : op_i;
+  assign key_expand_op_o    = (dec_key_gen_d == SP2V_HIGH  ||
+                               dec_key_gen_q == SP2V_HIGH) || CiphOpFwdOnly ? CIPH_FWD : op_i;
   assign key_expand_round_o = rnd_ctr;
 
   // Let the main controller know whate we are doing.

src/aes/rtl/aes_cipher_control_fsm.sv

@@ -1,4 +1,4 @@
-// Copyright lowRISC contributors.
+// Copyright lowRISC contributors (OpenTitan project).
 // Licensed under the Apache License, Version 2.0, see LICENSE for details.
 // SPDX-License-Identifier: Apache-2.0
 //
@@ -187,7 +187,7 @@ module aes_cipher_control_fsm
 
             // Make the masking PRNG advance. The current pseudo-random data is used to mask the
             // input data.
-            prng_update_o = dec_key_gen_i ? 1'b0 : SecMasking;
+            prng_update_o = SecMasking;
 
             // Init key expand
             key_expand_clear_o = 1'b1;
@@ -234,11 +234,11 @@ module aes_cipher_control_fsm
         if (key_len_i != AES_256) begin
           // Advance in sync with KeyExpand. Based on the S-Box implementation, it can take
           // multiple cycles to finish. Wait for handshake. The DOM S-Boxes consume fresh PRD
-          // only in the first clock cycle. By requesting the PRNG update in any clock cycle
-          // other than the last one, the PRD fed into the DOM S-Boxes is guaranteed to be stable.
-          // This is better in terms of SCA resistance. Request the PRNG update in the first cycle.
+          // only in the first clock cycle and that PRD is taken from the buffer stage updated
+          // based on key_full_we_o. The PRNG itself is updated in every clock cycle to increase
+          // the noise.
           advance         = key_expand_out_req_i & cyc_ctr_expr;
-          prng_update_o   = (SecSBoxImpl == SBoxImplDom) ? cyc_ctr_q == 3'd0 : SecMasking;
+          prng_update_o   = SecMasking;
           key_expand_en_o = 1'b1;
           if (advance) begin
             key_expand_out_ack_o = 1'b1;
@@ -249,6 +249,7 @@ module aes_cipher_control_fsm
             aes_cipher_ctrl_ns   = CIPHER_CTRL_ROUND;
           end
         end else begin
+          prng_update_o      = SecMasking;
           state_we_o         = ~dec_key_gen_q_i;
           rnd_ctr_d          = rnd_ctr_q + 4'b0001;
           cyc_ctr_d          = 3'd0;
@@ -276,12 +277,11 @@ module aes_cipher_control_fsm
 
         // Advance in sync with SubBytes and KeyExpand. Based on the S-Box implementation, both can
         // take multiple cycles to finish. Wait for handshake. The DOM S-Boxes consume fresh PRD
-        // only in the first clock cycle. By requesting the PRNG update in any clock cycle other
-        // than the last one, the PRD fed into the DOM S-Boxes is guaranteed to be stable. This is
-        // better in terms of SCA resistance. Request the PRNG update in the first cycle. Non-DOM
-        // S-Boxes need fresh PRD in every clock cycle.
+        // only in the first clock cycle and that PRD is taken from the buffer stages updated
+        // with state_we_o / based on key_full_we_o. The PRNG itself is updated in every clock
+        // cycle to increase the noise.
         advance = key_expand_out_req_i & cyc_ctr_expr & (dec_key_gen_q_i | sub_bytes_out_req_i);
-        prng_update_o   = (SecSBoxImpl == SBoxImplDom) ? cyc_ctr_q == 3'd0 : SecMasking;
+        prng_update_o   = SecMasking;
         sub_bytes_en_o  = ~dec_key_gen_q_i;
         key_expand_en_o = 1'b1;
 
@@ -358,14 +358,14 @@ module aes_cipher_control_fsm
         cyc_ctr_d =
             (SecSBoxImpl == SBoxImplDom) ? (!advance ? cyc_ctr_q + 3'd1 : cyc_ctr_q) : 3'd0;
 
-        // The DOM S-Boxes consume fresh PRD only in the first clock cycle. By requesting the PRNG
-        // update in any clock cycle other than the last one, the PRD fed into the DOM S-Boxes is
-        // guaranteed to be stable. This is better in terms of SCA resistance. Request the PRNG
-        // update in the first cycle. We update it only once and in the last cycle for non-DOM
-        // S-Boxes where otherwise updating the PRNG while being stalled would cause the S-Boxes
-        // to be re-evaluated, thereby creating additional SCA leakage.
+        // The DOM S-Boxes consume fresh PRD only in the first clock cycle and that PRD is taken
+        // from the buffer stages updated with state_we_o / based on key_full_we_o. The PRNG itself
+        // is updated in every but the last processing clock cycle to increase the noise. Once the
+        // processing is all done (e.g. if we're just waiting for the PRNG reseeding to finish or
+        // if we're waiting for out_ready_i), the PRNG is no longer updated to save power. In the
+        // very last clock cycle, we update the PRNG again to get ready for the next block.
         prng_update_o =
-            (SecSBoxImpl == SBoxImplDom) ? cyc_ctr_q == 3'd0 : out_valid_o & out_ready_i;
+            ((SecSBoxImpl == SBoxImplDom) ? !advance : 1'b0) | (out_valid_o & out_ready_i);
 
         if (out_valid_o && out_ready_i) begin
           sub_bytes_out_ack_o = ~dec_key_gen_q_i;
@@ -386,6 +386,9 @@ module aes_cipher_control_fsm
         // Keep requesting PRNG reseeding until it is acknowledged.
         prng_reseed_req_o = prng_reseed_q_i & ~prng_reseed_done_q;
 
+        // Don't update the cycle counter as we don't need it.
+        cyc_ctr_d = 3'd0;
+
         // Once we're done, wait for handshake.
         out_valid_o = prng_reseed_done_q;
         if (out_valid_o && out_ready_i) begin

src/aes/rtl/aes_cipher_control_fsm_n.sv

@@ -1,4 +1,4 @@
-// Copyright lowRISC contributors.
+// Copyright lowRISC contributors (OpenTitan project).
 // Licensed under the Apache License, Version 2.0, see LICENSE for details.
 // SPDX-License-Identifier: Apache-2.0
 //

src/aes/rtl/aes_cipher_control_fsm_p.sv

@@ -1,4 +1,4 @@
-// Copyright lowRISC contributors.
+// Copyright lowRISC contributors (OpenTitan project).
 // Licensed under the Apache License, Version 2.0, see LICENSE for details.
 // SPDX-License-Identifier: Apache-2.0
 //