def synthesize(output_state, fsm_state, log, output, verbosity, unsat_core): syn = Synthesizer() xmem = createInputs(syn) # common signals. mem_op_bits = ast.Extract(3, 2, xmem.op) rd_en = ast.Equal(mem_op_bits, ast.BitVecVal(1, 2)) wr_en = ast.Equal(mem_op_bits, ast.BitVecVal(2, 2)) # aes. in_aes_range, aes_dataout = modelAES(syn, rd_en, wr_en, xmem) # sha. in_sha_range, sha_dataout = modelSHA(syn, rd_en, wr_en, xmem) # model for the xram. xram_dataout = ast.If(rd_en, ast.ReadMem(xmem.xram, xmem.addrin), ast.BitVecVal(0, 8)) xram = ast.If(ast.And(wr_en, ast.Not(in_aes_range), ast.Not(in_sha_range)), ast.WriteMem(xmem.xram, xmem.addrin, xmem.datain), xmem.xram) # combine everything. xmem.dataout = ast.If(in_aes_range, aes_dataout, ast.If(in_sha_range, sha_dataout, xram_dataout)) xmem.xram = xram syn.addOutput('dataout', xmem.dataout, Synthesizer.BITVEC) syn.addOutput('xram', xmem.xram, Synthesizer.MEM) syn.addOutput('aes_state', xmem.aes_state_next, Synthesizer.BITVEC) syn.addOutput('aes_addr', xmem.aes_addr_next, Synthesizer.BITVEC) syn.addOutput('aes_len', xmem.aes_len_next, Synthesizer.BITVEC) syn.addOutput('aes_ctr', xmem.aes_ctr_next, Synthesizer.BITVEC) syn.addOutput('aes_key0', xmem.aes_key0_next, Synthesizer.BITVEC) syn.addOutput('aes_key1', xmem.aes_key1_next, Synthesizer.BITVEC) syn.addOutput('aes_bytes_processed', xmem.aes_bytes_processed_next, Synthesizer.BITVEC) syn.addOutput('aes_read_data', xmem.aes_read_data_next, Synthesizer.BITVEC) syn.addOutput('aes_enc_data', xmem.aes_enc_data_next, Synthesizer.BITVEC) syn.addOutput('sha_state', xmem.sha_state_next, Synthesizer.BITVEC) syn.addOutput('sha_rdaddr', xmem.sha_rdaddr_next, Synthesizer.BITVEC) syn.addOutput('sha_wraddr', xmem.sha_wraddr_next, Synthesizer.BITVEC) syn.addOutput('sha_len', xmem.sha_len_next, Synthesizer.BITVEC) syn.addOutput('sha_bytes_processed', xmem.sha_bytes_processed_next, Synthesizer.BITVEC) syn.addOutput('sha_read_data', xmem.sha_read_data_next, Synthesizer.BITVEC) syn.addOutput('sha_digest', xmem.sha_digest_next, Synthesizer.BITVEC) if log == 'STDOUT': syn.logfile = sys.stdout elif log: syn.logfile = open(log, 'wt') syn.VERBOSITY = verbosity syn.unsat_core = unsat_core # syn.unsat_core = True aes_state = fsm_state & 0x3 sha_state = (fsm_state & 0xc) >> 2 param = ast.And(ast.Equal(xmem.aes_state, ast.BitVecVal(aes_state, 8)), ast.Equal(xmem.sha_state, ast.BitVecVal(sha_state, 8))) [a] = syn.synthesize([output_state], [param], evalxmm) if output: with open(output, 'wb') as f: pk = Pickler(f, -1) pk.dump(fsm_state) pk.dump(output_state) pk.dump(a) else: print '%s' % output_state print str(a) + '\n'
if op == 0: outputs['r'] = ((a + b) & 0xFF) if c == 227 else 0 else: outputs['r'] = (a + op) & 0xFF syn = Synthesizer() a = syn.addInput(ast.BitVecVar('a', 8)) b = syn.addInput(ast.BitVecVar('b', 8)) c = syn.addInput(ast.BitVecVar('c', 8)) r_add = ast.If( ast.Equal(c, ast.BVInRange('c', ast.BitVecVal(220, 8), ast.BitVecVal(230, 8))), ast.Add(a, b), ast.BitVecVal(0, 8)) r_inc = ast.Add( a, ast.BVInRange('inc', ast.BitVecVal(1, 8), ast.BitVecVal(11, 8))) r = ast.Choice('r', None, [r_add, r_inc]) syn.addOutput('r', r, Synthesizer.BITVEC) syn.VERBOSITY = 2 syn.logfile = sys.stdout [rsyn] = syn.synthesize(['r'], [ast.BoolVal(1)], lambda inp, out: eval(0, inp, out)) print rsyn