AES added
This commit is contained in:
parent
33a2839546
commit
3f2f2071c4
|
@ -0,0 +1,43 @@
|
|||
/* aes.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-30
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
#ifndef AES_H_
|
||||
#define AES_H_
|
||||
|
||||
#include <stdint.h>
|
||||
|
||||
#include "aes_types.h"
|
||||
#include "aes128_enc.h"
|
||||
#include "aes192_enc.h"
|
||||
#include "aes256_enc.h"
|
||||
#include "aes128_dec.h"
|
||||
#include "aes192_dec.h"
|
||||
#include "aes256_dec.h"
|
||||
#include "aes_enc.h"
|
||||
#include "aes_dec.h"
|
||||
#include "aes_keyschedule.h"
|
||||
|
||||
#endif
|
|
@ -0,0 +1,34 @@
|
|||
/* aes128_dec.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes128_dec.c
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-30
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include "aes.h"
|
||||
#include "aes_dec.h"
|
||||
|
||||
void aes128_dec(void* buffer, aes128_ctx_t* ctx){
|
||||
aes_decrypt_core(buffer, (aes_genctx_t*)ctx, 10);
|
||||
}
|
||||
|
|
@ -0,0 +1,46 @@
|
|||
/* aes128_dec.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes128_dec.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-30
|
||||
* \license GPLv3 or later
|
||||
* \ingroup AES
|
||||
*/
|
||||
|
||||
#ifndef AES128_DEC_H_
|
||||
#define AES128_DEC_H_
|
||||
|
||||
#include "aes_types.h"
|
||||
#include "aes_dec.h"
|
||||
|
||||
/**
|
||||
* \brief decrypt with 128 bit key.
|
||||
*
|
||||
* This function decrypts one block with the AES algorithm under control of
|
||||
* a keyschedule produced from a 128 bit key.
|
||||
* \param buffer pointer to the block to decrypt
|
||||
* \param ctx pointer to the key schedule
|
||||
*/
|
||||
void aes128_dec(void* buffer, aes128_ctx_t* ctx);
|
||||
|
||||
|
||||
|
||||
#endif /* AES128_DEC_H_ */
|
|
@ -0,0 +1,34 @@
|
|||
/* aes128_enc.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes128_enc.c
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-30
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include "aes.h"
|
||||
#include "aes_enc.h"
|
||||
|
||||
void aes128_enc(void* buffer, aes128_ctx_t* ctx){
|
||||
aes_encrypt_core(buffer, (aes_genctx_t*)ctx, 10);
|
||||
}
|
||||
|
|
@ -0,0 +1,47 @@
|
|||
/* aes128_enc.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes128_enc.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-30
|
||||
* \license GPLv3 or later
|
||||
* \ingroup AES
|
||||
*/
|
||||
|
||||
#ifndef AES128_ENC_H_
|
||||
#define AES128_ENC_H_
|
||||
|
||||
#include "aes_types.h"
|
||||
#include "aes_enc.h"
|
||||
|
||||
|
||||
/**
|
||||
* \brief encrypt with 128 bit key.
|
||||
*
|
||||
* This function encrypts one block with the AES algorithm under control of
|
||||
* a keyschedule produced from a 128 bit key.
|
||||
* \param buffer pointer to the block to encrypt
|
||||
* \param ctx pointer to the key schedule
|
||||
*/
|
||||
void aes128_enc(void* buffer, aes128_ctx_t* ctx);
|
||||
|
||||
|
||||
|
||||
#endif /* AES128_ENC_H_ */
|
|
@ -0,0 +1,34 @@
|
|||
/* aes192_dec.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes192_dec.c
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-31
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include "aes.h"
|
||||
#include "aes_dec.h"
|
||||
|
||||
void aes192_dec(void* buffer, aes192_ctx_t* ctx){
|
||||
aes_decrypt_core(buffer, (aes_genctx_t*)ctx, 12);
|
||||
}
|
||||
|
|
@ -0,0 +1,46 @@
|
|||
/* aes192_dec.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes192_dec.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-31
|
||||
* \license GPLv3 or later
|
||||
* \ingroup AES
|
||||
*/
|
||||
|
||||
#ifndef AES192_DEC_H_
|
||||
#define AES192_DEC_H_
|
||||
|
||||
#include "aes_types.h"
|
||||
#include "aes_dec.h"
|
||||
|
||||
/**
|
||||
* \brief decrypt with 192 bit key.
|
||||
*
|
||||
* This function decrypts one block with the AES algorithm under control of
|
||||
* a keyschedule produced from a 192 bit key.
|
||||
* \param buffer pointer to the block to decrypt
|
||||
* \param ctx pointer to the key schedule
|
||||
*/
|
||||
void aes192_dec(void* buffer, aes192_ctx_t* ctx);
|
||||
|
||||
|
||||
|
||||
#endif /* AES192_DEC_H_ */
|
|
@ -0,0 +1,34 @@
|
|||
/* aes192_enc.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes192_enc.c
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-31
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include "aes.h"
|
||||
#include "aes_enc.h"
|
||||
|
||||
void aes192_enc(void* buffer, aes192_ctx_t* ctx){
|
||||
aes_encrypt_core(buffer, (aes_genctx_t*)ctx, 12);
|
||||
}
|
||||
|
|
@ -0,0 +1,47 @@
|
|||
/* aes192_enc.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes192_enc.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-31
|
||||
* \license GPLv3 or later
|
||||
* \ingroup AES
|
||||
*/
|
||||
|
||||
#ifndef AES192_ENC_H_
|
||||
#define AES192_ENC_H_
|
||||
|
||||
#include "aes_types.h"
|
||||
#include "aes_enc.h"
|
||||
|
||||
|
||||
/**
|
||||
* \brief encrypt with 192 bit key.
|
||||
*
|
||||
* This function encrypts one block with the AES algorithm under control of
|
||||
* a keyschedule produced from a 192 bit key.
|
||||
* \param buffer pointer to the block to encrypt
|
||||
* \param ctx pointer to the key schedule
|
||||
*/
|
||||
void aes192_enc(void* buffer, aes192_ctx_t* ctx);
|
||||
|
||||
|
||||
|
||||
#endif /* AES192_ENC_H_ */
|
|
@ -0,0 +1,34 @@
|
|||
/* aes256_dec.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes256_dec.c
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-31
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include "aes.h"
|
||||
#include "aes_dec.h"
|
||||
|
||||
void aes256_dec(void* buffer, aes256_ctx_t* ctx){
|
||||
aes_decrypt_core(buffer, (aes_genctx_t*)ctx, 14);
|
||||
}
|
||||
|
|
@ -0,0 +1,46 @@
|
|||
/* aes256_dec.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes256_dec.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-31
|
||||
* \license GPLv3 or later
|
||||
* \ingroup AES
|
||||
*/
|
||||
|
||||
#ifndef AES256_DEC_H_
|
||||
#define AES256_DEC_H_
|
||||
|
||||
#include "aes_types.h"
|
||||
#include "aes_dec.h"
|
||||
|
||||
/**
|
||||
* \brief decrypt with 256 bit key.
|
||||
*
|
||||
* This function decrypts one block with the AES algorithm under control of
|
||||
* a keyschedule produced from a 256 bit key.
|
||||
* \param buffer pointer to the block to decrypt
|
||||
* \param ctx pointer to the key schedule
|
||||
*/
|
||||
void aes256_dec(void* buffer, aes256_ctx_t* ctx);
|
||||
|
||||
|
||||
|
||||
#endif /* AES256_DEC_H_ */
|
|
@ -0,0 +1,34 @@
|
|||
/* aes256_enc.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes256_enc.c
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-31
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include "aes.h"
|
||||
#include "aes_enc.h"
|
||||
|
||||
void aes256_enc(void* buffer, aes256_ctx_t* ctx){
|
||||
aes_encrypt_core(buffer, (aes_genctx_t*)ctx, 14);
|
||||
}
|
||||
|
|
@ -0,0 +1,47 @@
|
|||
/* aes256_enc.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes256_enc.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-31
|
||||
* \license GPLv3 or later
|
||||
* \ingroup AES
|
||||
*/
|
||||
|
||||
#ifndef AES256_ENC_H_
|
||||
#define AES256_ENC_H_
|
||||
|
||||
#include "aes_types.h"
|
||||
#include "aes_enc.h"
|
||||
|
||||
|
||||
/**
|
||||
* \brief encrypt with 256 bit key.
|
||||
*
|
||||
* This function encrypts one block with the AES algorithm under control of
|
||||
* a keyschedule produced from a 256 bit key.
|
||||
* \param buffer pointer to the block to encrypt
|
||||
* \param ctx pointer to the key schedule
|
||||
*/
|
||||
void aes256_enc(void* buffer, aes256_ctx_t* ctx);
|
||||
|
||||
|
||||
|
||||
#endif /* AES256_ENC_H_ */
|
|
@ -0,0 +1,130 @@
|
|||
/* aes.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
#include "gf256mul.h"
|
||||
#include "aes.h"
|
||||
#include "aes_invsbox.h"
|
||||
#include "aes_dec.h"
|
||||
|
||||
void aes_invshiftrow(void* data, uint8_t shift){
|
||||
uint8_t tmp[4];
|
||||
tmp[0] = ((uint8_t*)data)[(4+0-shift)&3];
|
||||
tmp[1] = ((uint8_t*)data)[(4+1-shift)&3];
|
||||
tmp[2] = ((uint8_t*)data)[(4+2-shift)&3];
|
||||
tmp[3] = ((uint8_t*)data)[(4+3-shift)&3];
|
||||
memcpy(data, tmp, 4);
|
||||
}
|
||||
|
||||
void aes_invshiftcol(void* data, uint8_t shift){
|
||||
uint8_t tmp[4];
|
||||
tmp[0] = ((uint8_t*)data)[ 0];
|
||||
tmp[1] = ((uint8_t*)data)[ 4];
|
||||
tmp[2] = ((uint8_t*)data)[ 8];
|
||||
tmp[3] = ((uint8_t*)data)[12];
|
||||
((uint8_t*)data)[ 0] = tmp[(4-shift+0)&3];
|
||||
((uint8_t*)data)[ 4] = tmp[(4-shift+1)&3];
|
||||
((uint8_t*)data)[ 8] = tmp[(4-shift+2)&3];
|
||||
((uint8_t*)data)[12] = tmp[(4-shift+3)&3];
|
||||
}
|
||||
static
|
||||
void aes_dec_round(aes_cipher_state_t* state, const aes_roundkey_t* k){
|
||||
uint8_t tmp[16];
|
||||
uint8_t i;
|
||||
uint8_t t,u,v,w;
|
||||
/* keyAdd */
|
||||
for(i=0; i<16; ++i){
|
||||
tmp[i] = state->s[i] ^ k->ks[i];
|
||||
}
|
||||
/* mixColums */
|
||||
for(i=0; i<4; ++i){
|
||||
t = tmp[4*i+3] ^ tmp[4*i+2];
|
||||
u = tmp[4*i+1] ^ tmp[4*i+0];
|
||||
v = t ^ u;
|
||||
v = gf256mul(0x09, v, 0x1b);
|
||||
w = v ^ gf256mul(0x04, tmp[4*i+2] ^ tmp[4*i+0], 0x1b);
|
||||
v = v ^ gf256mul(0x04, tmp[4*i+3] ^ tmp[4*i+1], 0x1b);
|
||||
state->s[4*i+3] = tmp[4*i+3] ^ v ^ gf256mul(0x02, tmp[4*i+0] ^ tmp[4*i+3], 0x1b);
|
||||
state->s[4*i+2] = tmp[4*i+2] ^ w ^ gf256mul(0x02, t, 0x1b);
|
||||
state->s[4*i+1] = tmp[4*i+1] ^ v ^ gf256mul(0x02, tmp[4*i+2] ^ tmp[4*i+1], 0x1b);
|
||||
state->s[4*i+0] = tmp[4*i+0] ^ w ^ gf256mul(0x02, u, 0x1b);
|
||||
|
||||
/*
|
||||
state->s[4*i+0] =
|
||||
gf256mul(0xe, tmp[4*i+0], 0x1b)
|
||||
^ gf256mul(0xb, tmp[4*i+1], 0x1b)
|
||||
^ gf256mul(0xd, tmp[4*i+2], 0x1b)
|
||||
^ gf256mul(0x9, tmp[4*i+3], 0x1b);
|
||||
state->s[4*i+1] =
|
||||
gf256mul(0x9, tmp[4*i+0], 0x1b)
|
||||
^ gf256mul(0xe, tmp[4*i+1], 0x1b)
|
||||
^ gf256mul(0xb, tmp[4*i+2], 0x1b)
|
||||
^ gf256mul(0xd, tmp[4*i+3], 0x1b);
|
||||
state->s[4*i+2] =
|
||||
gf256mul(0xd, tmp[4*i+0], 0x1b)
|
||||
^ gf256mul(0x9, tmp[4*i+1], 0x1b)
|
||||
^ gf256mul(0xe, tmp[4*i+2], 0x1b)
|
||||
^ gf256mul(0xb, tmp[4*i+3], 0x1b);
|
||||
state->s[4*i+3] =
|
||||
gf256mul(0xb, tmp[4*i+0], 0x1b)
|
||||
^ gf256mul(0xd, tmp[4*i+1], 0x1b)
|
||||
^ gf256mul(0x9, tmp[4*i+2], 0x1b)
|
||||
^ gf256mul(0xe, tmp[4*i+3], 0x1b);
|
||||
*/
|
||||
}
|
||||
/* shiftRows */
|
||||
aes_invshiftcol(state->s+1, 1);
|
||||
aes_invshiftcol(state->s+2, 2);
|
||||
aes_invshiftcol(state->s+3, 3);
|
||||
/* subBytes */
|
||||
for(i=0; i<16; ++i){
|
||||
state->s[i] = aes_invsbox[state->s[i]];
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
static
|
||||
void aes_dec_firstround(aes_cipher_state_t* state, const aes_roundkey_t* k){
|
||||
uint8_t i;
|
||||
/* keyAdd */
|
||||
for(i=0; i<16; ++i){
|
||||
state->s[i] ^= k->ks[i];
|
||||
}
|
||||
/* shiftRows */
|
||||
aes_invshiftcol(state->s+1, 1);
|
||||
aes_invshiftcol(state->s+2, 2);
|
||||
aes_invshiftcol(state->s+3, 3);
|
||||
/* subBytes */
|
||||
for(i=0; i<16; ++i){
|
||||
state->s[i] = aes_invsbox[state->s[i]];
|
||||
}
|
||||
}
|
||||
|
||||
void aes_decrypt_core(aes_cipher_state_t* state, const aes_genctx_t* ks, uint8_t rounds){
|
||||
uint8_t i;
|
||||
aes_dec_firstround(state, &(ks->key[i=rounds]));
|
||||
for(;rounds>1;--rounds){
|
||||
--i;
|
||||
aes_dec_round(state, &(ks->key[i]));
|
||||
}
|
||||
for(i=0; i<16; ++i){
|
||||
state->s[i] ^= ks->key[0].ks[i];
|
||||
}
|
||||
}
|
|
@ -0,0 +1,36 @@
|
|||
/* aes_dec.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes_dec.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-30
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
#ifndef AES_DEC_H_
|
||||
#define AES_DEC_H_
|
||||
#include "aes_types.h"
|
||||
#include <stdint.h>
|
||||
|
||||
|
||||
void aes_decrypt_core(aes_cipher_state_t* state,const aes_genctx_t* ks, uint8_t rounds);
|
||||
|
||||
|
||||
#endif
|
|
@ -0,0 +1,119 @@
|
|||
/* aes_enc.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes_enc.c
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-30
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
#include "aes.h"
|
||||
#include "gf256mul.h"
|
||||
#include "aes_sbox.h"
|
||||
#include "aes_enc.h"
|
||||
|
||||
void aes_shiftcol(void* data, uint8_t shift){
|
||||
uint8_t tmp[4];
|
||||
tmp[0] = ((uint8_t*)data)[ 0];
|
||||
tmp[1] = ((uint8_t*)data)[ 4];
|
||||
tmp[2] = ((uint8_t*)data)[ 8];
|
||||
tmp[3] = ((uint8_t*)data)[12];
|
||||
((uint8_t*)data)[ 0] = tmp[(shift+0)&3];
|
||||
((uint8_t*)data)[ 4] = tmp[(shift+1)&3];
|
||||
((uint8_t*)data)[ 8] = tmp[(shift+2)&3];
|
||||
((uint8_t*)data)[12] = tmp[(shift+3)&3];
|
||||
}
|
||||
|
||||
#define GF256MUL_1(a) (a)
|
||||
#define GF256MUL_2(a) (gf256mul(2, (a), 0x1b))
|
||||
#define GF256MUL_3(a) (gf256mul(3, (a), 0x1b))
|
||||
|
||||
static
|
||||
void aes_enc_round(aes_cipher_state_t* state, const aes_roundkey_t* k){
|
||||
uint8_t tmp[16], t;
|
||||
uint8_t i;
|
||||
/* subBytes */
|
||||
for(i=0; i<16; ++i){
|
||||
tmp[i] = aes_sbox[state->s[i]];
|
||||
}
|
||||
/* shiftRows */
|
||||
aes_shiftcol(tmp+1, 1);
|
||||
aes_shiftcol(tmp+2, 2);
|
||||
aes_shiftcol(tmp+3, 3);
|
||||
/* mixColums */
|
||||
for(i=0; i<4; ++i){
|
||||
t = tmp[4*i+0] ^ tmp[4*i+1] ^ tmp[4*i+2] ^ tmp[4*i+3];
|
||||
state->s[4*i+0] =
|
||||
GF256MUL_2(tmp[4*i+0]^tmp[4*i+1])
|
||||
^ tmp[4*i+0]
|
||||
^ t;
|
||||
state->s[4*i+1] =
|
||||
GF256MUL_2(tmp[4*i+1]^tmp[4*i+2])
|
||||
^ tmp[4*i+1]
|
||||
^ t;
|
||||
state->s[4*i+2] =
|
||||
GF256MUL_2(tmp[4*i+2]^tmp[4*i+3])
|
||||
^ tmp[4*i+2]
|
||||
^ t;
|
||||
state->s[4*i+3] =
|
||||
GF256MUL_2(tmp[4*i+3]^tmp[4*i+0])
|
||||
^ tmp[4*i+3]
|
||||
^ t;
|
||||
}
|
||||
|
||||
/* addKey */
|
||||
for(i=0; i<16; ++i){
|
||||
state->s[i] ^= k->ks[i];
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
static
|
||||
void aes_enc_lastround(aes_cipher_state_t* state,const aes_roundkey_t* k){
|
||||
uint8_t i;
|
||||
/* subBytes */
|
||||
for(i=0; i<16; ++i){
|
||||
state->s[i] = aes_sbox[state->s[i]];
|
||||
}
|
||||
/* shiftRows */
|
||||
aes_shiftcol(state->s+1, 1);
|
||||
aes_shiftcol(state->s+2, 2);
|
||||
aes_shiftcol(state->s+3, 3);
|
||||
/* keyAdd */
|
||||
for(i=0; i<16; ++i){
|
||||
state->s[i] ^= k->ks[i];
|
||||
}
|
||||
}
|
||||
|
||||
void aes_encrypt_core(aes_cipher_state_t* state, const aes_genctx_t* ks, uint8_t rounds){
|
||||
uint8_t i;
|
||||
for(i=0; i<16; ++i){
|
||||
state->s[i] ^= ks->key[0].ks[i];
|
||||
}
|
||||
i=1;
|
||||
for(;rounds>1;--rounds){
|
||||
aes_enc_round(state, &(ks->key[i]));
|
||||
++i;
|
||||
}
|
||||
aes_enc_lastround(state, &(ks->key[i]));
|
||||
}
|
|
@ -0,0 +1,36 @@
|
|||
/* aes_enc.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes_enc.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-30
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
#ifndef AES_ENC_H_
|
||||
#define AES_ENC_H_
|
||||
#include "aes_types.h"
|
||||
#include <stdint.h>
|
||||
|
||||
|
||||
void aes_encrypt_core(aes_cipher_state_t* state, const aes_genctx_t* ks, uint8_t rounds);
|
||||
|
||||
|
||||
#endif
|
|
@ -0,0 +1,22 @@
|
|||
/* aes inverted sbox */
|
||||
|
||||
#include <stdint.h>
|
||||
|
||||
const uint8_t aes_invsbox[256] = {
|
||||
0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,
|
||||
0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
|
||||
0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
|
||||
0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
|
||||
0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,
|
||||
0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
|
||||
0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,
|
||||
0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
|
||||
0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
|
||||
0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
|
||||
0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
|
||||
0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
|
||||
0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
|
||||
0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
|
||||
0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
|
||||
0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
|
||||
};
|
|
@ -0,0 +1,33 @@
|
|||
/* aes_invsbox.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes_invsbox.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-30
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
#ifndef AES_INVSBOX_H_
|
||||
#define AES_INVSBOX_H_
|
||||
#include <stdint.h>
|
||||
|
||||
extern uint8_t aes_invsbox[];
|
||||
|
||||
#endif
|
|
@ -0,0 +1,93 @@
|
|||
/* aes_keyschedule.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes_keyschedule.c
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-30
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include <stdint.h>
|
||||
#include "aes.h"
|
||||
#include "aes_keyschedule.h"
|
||||
#include "aes_sbox.h"
|
||||
#include <string.h>
|
||||
|
||||
static
|
||||
void aes_rotword(void* a){
|
||||
uint8_t t;
|
||||
t=((uint8_t*)a)[0];
|
||||
((uint8_t*)a)[0] = ((uint8_t*)a)[1];
|
||||
((uint8_t*)a)[1] = ((uint8_t*)a)[2];
|
||||
((uint8_t*)a)[2] = ((uint8_t*)a)[3];
|
||||
((uint8_t*)a)[3] = t;
|
||||
}
|
||||
|
||||
uint8_t rc_tab[] = { 0x01, 0x02, 0x04, 0x08,
|
||||
0x10, 0x20, 0x40, 0x80,
|
||||
0x1b, 0x36 };
|
||||
|
||||
void aes_init(const void* key, uint16_t keysize_b, aes_genctx_t* ctx){
|
||||
uint8_t hi,i,nk, next_nk;
|
||||
uint8_t rc=0;
|
||||
union {
|
||||
uint32_t v32;
|
||||
uint8_t v8[4];
|
||||
} tmp;
|
||||
nk=keysize_b>>5; /* 4, 6, 8 */
|
||||
hi=4*(nk+6+1);
|
||||
memcpy(ctx, key, keysize_b/8);
|
||||
next_nk = nk;
|
||||
for(i=nk;i<hi;++i){
|
||||
tmp.v32 = ((uint32_t*)(ctx->key[0].ks))[i-1];
|
||||
if(i!=next_nk){
|
||||
if(nk==8 && i%8==4){
|
||||
tmp.v8[0] = aes_sbox[tmp.v8[0]];
|
||||
tmp.v8[1] = aes_sbox[tmp.v8[1]];
|
||||
tmp.v8[2] = aes_sbox[tmp.v8[2]];
|
||||
tmp.v8[3] = aes_sbox[tmp.v8[3]];
|
||||
}
|
||||
} else {
|
||||
next_nk += nk;
|
||||
aes_rotword(&(tmp.v32));
|
||||
tmp.v8[0] = aes_sbox[tmp.v8[0]];
|
||||
tmp.v8[1] = aes_sbox[tmp.v8[1]];
|
||||
tmp.v8[2] = aes_sbox[tmp.v8[2]];
|
||||
tmp.v8[3] = aes_sbox[tmp.v8[3]];
|
||||
tmp.v8[0] ^= rc_tab[rc];
|
||||
rc++;
|
||||
}
|
||||
((uint32_t*)(ctx->key[0].ks))[i] = ((uint32_t*)(ctx->key[0].ks))[i-nk]
|
||||
^ tmp.v32;
|
||||
}
|
||||
}
|
||||
|
||||
void aes128_init(const void* key, aes128_ctx_t* ctx){
|
||||
aes_init(key, 128, (aes_genctx_t*)ctx);
|
||||
}
|
||||
|
||||
void aes192_init(const void* key, aes192_ctx_t* ctx){
|
||||
aes_init(key, 192, (aes_genctx_t*)ctx);
|
||||
}
|
||||
|
||||
void aes256_init(const void* key, aes256_ctx_t* ctx){
|
||||
aes_init(key, 256, (aes_genctx_t*)ctx);
|
||||
}
|
|
@ -0,0 +1,75 @@
|
|||
/* aes_keyschedule.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes_keyschedule.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-30
|
||||
* \license GPLv3 or later
|
||||
* \ingroup AES
|
||||
*/
|
||||
|
||||
|
||||
#ifndef AES_KEYSCHEDULE_H_
|
||||
#define AES_KEYSCHEDULE_H_
|
||||
|
||||
#include "aes_types.h"
|
||||
/**
|
||||
* \brief initialize the keyschedule
|
||||
*
|
||||
* This function computes the keyschedule from a given key with a given length
|
||||
* and stores it in the context variable
|
||||
* \param key pointer to the key material
|
||||
* \param keysize_b length of the key in bits (valid are 128, 192 and 256)
|
||||
* \param ctx pointer to the context where the keyschedule should be stored
|
||||
*/
|
||||
void aes_init(const void* key, uint16_t keysize_b, aes_genctx_t* ctx);
|
||||
|
||||
/**
|
||||
* \brief initialize the keyschedule for 128 bit key
|
||||
*
|
||||
* This function computes the keyschedule from a given 128 bit key
|
||||
* and stores it in the context variable
|
||||
* \param key pointer to the key material
|
||||
* \param ctx pointer to the context where the keyschedule should be stored
|
||||
*/
|
||||
void aes128_init(const void* key, aes128_ctx_t* ctx);
|
||||
|
||||
/**
|
||||
* \brief initialize the keyschedule for 192 bit key
|
||||
*
|
||||
* This function computes the keyschedule from a given 192 bit key
|
||||
* and stores it in the context variable
|
||||
* \param key pointer to the key material
|
||||
* \param ctx pointer to the context where the keyschedule should be stored
|
||||
*/
|
||||
void aes192_init(const void* key, aes192_ctx_t* ctx);
|
||||
|
||||
/**
|
||||
* \brief initialize the keyschedule for 256 bit key
|
||||
*
|
||||
* This function computes the keyschedule from a given 256 bit key
|
||||
* and stores it in the context variable
|
||||
* \param key pointer to the key material
|
||||
* \param ctx pointer to the context where the keyschedule should be stored
|
||||
*/
|
||||
void aes256_init(const void* key, aes256_ctx_t* ctx);
|
||||
|
||||
#endif /* AES_KEYSCHEDULE_H_ */
|
||||
|
|
@ -0,0 +1,39 @@
|
|||
/* aes sbox */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <stdint.h>
|
||||
const uint8_t aes_sbox[256] = {
|
||||
0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
|
||||
0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
|
||||
0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
|
||||
0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
|
||||
0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
|
||||
0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
|
||||
0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
|
||||
0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
|
||||
0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
|
||||
0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
|
||||
0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
|
||||
0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
|
||||
0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
|
||||
0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
|
||||
0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
|
||||
0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
|
||||
};
|
||||
|
|
@ -0,0 +1,33 @@
|
|||
/* aes_sbox.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes_sbox.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-30
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
#ifndef AES_SBOX_H_
|
||||
#define AES_SBOX_H_
|
||||
#include <stdint.h>
|
||||
|
||||
extern uint8_t aes_sbox[];
|
||||
|
||||
#endif
|
|
@ -0,0 +1,56 @@
|
|||
/* aes.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file aes_types.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2008-12-30
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
#ifndef AES_TYPES_H_
|
||||
#define AES_TYPES_H_
|
||||
|
||||
#include <stdint.h>
|
||||
|
||||
typedef struct{
|
||||
uint8_t ks[16];
|
||||
} aes_roundkey_t;
|
||||
|
||||
typedef struct{
|
||||
aes_roundkey_t key[10+1];
|
||||
} aes128_ctx_t;
|
||||
|
||||
typedef struct{
|
||||
aes_roundkey_t key[12+1];
|
||||
} aes192_ctx_t;
|
||||
|
||||
typedef struct{
|
||||
aes_roundkey_t key[14+1];
|
||||
} aes256_ctx_t;
|
||||
|
||||
typedef struct{
|
||||
aes_roundkey_t key[1]; /* just to avoid the warning */
|
||||
} aes_genctx_t;
|
||||
|
||||
typedef struct{
|
||||
uint8_t s[16];
|
||||
} aes_cipher_state_t;
|
||||
|
||||
#endif
|
|
@ -0,0 +1,40 @@
|
|||
/* gf256mul.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <stdint.h>
|
||||
|
||||
uint8_t gf256mul(uint8_t a, uint8_t b, uint8_t reducer){
|
||||
uint8_t r=0;
|
||||
while(a&0xFE){
|
||||
if(a&1){
|
||||
r ^= b;
|
||||
}
|
||||
a >>= 1;
|
||||
if(b&0x80){
|
||||
b <<= 1;
|
||||
b ^= reducer;
|
||||
}else{
|
||||
b <<= 1;
|
||||
}
|
||||
}
|
||||
if(a&1){
|
||||
r ^= b;
|
||||
}
|
||||
return r;
|
||||
}
|
|
@ -0,0 +1,37 @@
|
|||
/* gf256mul.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
#ifndef GF256MUL_H_
|
||||
#define GF256MUL_H_
|
||||
|
||||
/**
|
||||
* \author Daniel Otte
|
||||
* \email daniel.otte@rub.de
|
||||
* \date 2008-12-19
|
||||
* \license GPLv3
|
||||
* \brief
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
#include <stdint.h>
|
||||
|
||||
uint8_t gf256mul(uint8_t a, uint8_t b, uint8_t reducer);
|
||||
|
||||
#endif /* GF256MUL_H_ */
|
||||
|
|
@ -0,0 +1,12 @@
|
|||
#include <stdint.h>
|
||||
|
||||
#include "memxor.h"
|
||||
|
||||
void memxor(void* dest, const void* src, uint16_t n){
|
||||
while(n--){
|
||||
*((uint8_t*)dest) ^= *((uint8_t*)src);
|
||||
dest = (uint8_t*)dest +1;
|
||||
src = (uint8_t*)src +1;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,92 @@
|
|||
/* bcal-basic.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
#include "blockcipher_descriptor.h"
|
||||
#include "keysize_descriptor.h"
|
||||
|
||||
uint8_t bcal_cipher_init(const bcdesc_t* cipher_descriptor,
|
||||
const void* key, uint16_t keysize_b, bcgen_ctx_t* ctx){
|
||||
if(!is_valid_keysize_P(cipher_descriptor->valid_keysize_desc, keysize_b)){
|
||||
return 1;
|
||||
}
|
||||
uint8_t flags;
|
||||
bc_init_fpt init_fpt;
|
||||
ctx->desc_ptr = (bcdesc_t*)cipher_descriptor;
|
||||
ctx->keysize = keysize_b;
|
||||
flags = cipher_descriptor->flags;
|
||||
init_fpt.initvoid = (void_fpt)(cipher_descriptor->init.initvoid);
|
||||
if(init_fpt.initvoid == NULL){
|
||||
if(!(ctx->ctx = malloc((keysize_b+7)/8)))
|
||||
return 2;
|
||||
memcpy(ctx->ctx, key, (keysize_b+7)/8);
|
||||
return 0;
|
||||
}
|
||||
if(!(ctx->ctx = malloc(cipher_descriptor->ctxsize_B)))
|
||||
return 3;
|
||||
if((flags&BC_INIT_TYPE)==BC_INIT_TYPE_1){
|
||||
init_fpt.init1((void*)key, (ctx->ctx));
|
||||
}else{
|
||||
init_fpt.init2((void*)key, keysize_b, (ctx->ctx));
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
void bcal_cipher_free(bcgen_ctx_t* ctx){
|
||||
if(!ctx)
|
||||
return;
|
||||
bc_free_fpt free_fpt;
|
||||
free_fpt = (bc_free_fpt)(ctx->desc_ptr->free);
|
||||
if(free_fpt)
|
||||
free_fpt((ctx->ctx));
|
||||
free(ctx->ctx);
|
||||
}
|
||||
|
||||
void bcal_cipher_enc(void* block, const bcgen_ctx_t* ctx){
|
||||
bc_enc_fpt enc_fpt;
|
||||
enc_fpt.encvoid = (void_fpt)(ctx->desc_ptr->enc.encvoid);
|
||||
if(!enc_fpt.encvoid){
|
||||
/* very bad error, no enciphering function specified */
|
||||
return;
|
||||
}
|
||||
enc_fpt.enc1(block, (ctx->ctx));
|
||||
|
||||
}
|
||||
|
||||
void bcal_cipher_dec(void* block, const bcgen_ctx_t* ctx){
|
||||
bc_dec_fpt dec_fpt;
|
||||
dec_fpt.decvoid = (void_fpt)(ctx->desc_ptr->dec.decvoid);
|
||||
if(!dec_fpt.decvoid){
|
||||
/* very bad error, no deciphering function specified */
|
||||
return;
|
||||
}
|
||||
dec_fpt.dec1(block, (ctx->ctx));
|
||||
}
|
||||
|
||||
uint16_t bcal_cipher_getBlocksize_b(const bcdesc_t* desc){
|
||||
return (desc->blocksize_b);
|
||||
}
|
||||
|
||||
const void* bcal_cipher_getKeysizeDesc(const bcdesc_t* desc){
|
||||
return (desc->valid_keysize_desc);
|
||||
}
|
||||
|
||||
|
|
@ -0,0 +1,35 @@
|
|||
/* bcal-basic.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#ifndef BCAL_BASIC_H_
|
||||
#define BCAL_BASIC_H_
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <stdint.h>
|
||||
#include "blockcipher_descriptor.h"
|
||||
#include "keysize_descriptor.h"
|
||||
|
||||
uint8_t bcal_cipher_init(const bcdesc_t* cipher_descriptor,
|
||||
const void* key, uint16_t keysize_b, bcgen_ctx_t* ctx);
|
||||
void bcal_cipher_free(bcgen_ctx_t* ctx);
|
||||
void bcal_cipher_enc(void* block, const bcgen_ctx_t* ctx);
|
||||
void bcal_cipher_dec(void* block, const bcgen_ctx_t* ctx);
|
||||
uint16_t bcal_cipher_getBlocksize_b(const bcdesc_t* desc);
|
||||
const void* bcal_cipher_getKeysizeDesc(const bcdesc_t* desc);
|
||||
#endif /* BCAL_BASIC_H_ */
|
|
@ -0,0 +1,84 @@
|
|||
/* bcal-cbc.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
#include "bcal-cbc.h"
|
||||
#include "bcal-basic.h"
|
||||
#include "memxor.h"
|
||||
|
||||
uint8_t bcal_cbc_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_cbc_ctx_t* ctx){
|
||||
ctx->desc = (bcdesc_t*)desc;
|
||||
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
|
||||
ctx->prev_block = malloc(ctx->blocksize_B);
|
||||
|
||||
if(ctx->prev_block==NULL){
|
||||
return 0x11;
|
||||
}
|
||||
return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
|
||||
}
|
||||
|
||||
void bcal_cbc_free(bcal_cbc_ctx_t* ctx){
|
||||
bcal_cipher_free(&(ctx->cctx));
|
||||
free(ctx->prev_block);
|
||||
}
|
||||
|
||||
|
||||
void bcal_cbc_loadIV(const void* iv, bcal_cbc_ctx_t* ctx){
|
||||
if(iv){
|
||||
memcpy(ctx->prev_block, iv, ctx->blocksize_B);
|
||||
}
|
||||
}
|
||||
|
||||
void bcal_cbc_encNext(void* block, bcal_cbc_ctx_t* ctx){
|
||||
memxor(block, ctx->prev_block, ctx->blocksize_B);
|
||||
bcal_cipher_enc(block, &(ctx->cctx));
|
||||
memcpy(ctx->prev_block, block, ctx->blocksize_B);
|
||||
}
|
||||
|
||||
void bcal_cbc_decNext(void* block, bcal_cbc_ctx_t* ctx){
|
||||
uint8_t tmp[ctx->blocksize_B];
|
||||
memcpy(tmp, block, ctx->blocksize_B);
|
||||
bcal_cipher_dec(block, &(ctx->cctx));
|
||||
memxor(block, ctx->prev_block, ctx->blocksize_B);
|
||||
memcpy(ctx->prev_block, tmp, ctx->blocksize_B);
|
||||
}
|
||||
void bcal_cbc_decRand(void* block, const void* prev_block, bcal_cbc_ctx_t* ctx){
|
||||
bcal_cipher_dec(block, &(ctx->cctx));
|
||||
memxor(block, prev_block, ctx->blocksize_B);
|
||||
}
|
||||
|
||||
void bcal_cbc_encMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cbc_ctx_t* ctx){
|
||||
bcal_cbc_loadIV(iv, ctx);
|
||||
while(msg_blocks--){
|
||||
bcal_cbc_encNext(msg, ctx);
|
||||
msg = (uint8_t*)msg + ctx->blocksize_B;
|
||||
}
|
||||
}
|
||||
|
||||
void bcal_cbc_decMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cbc_ctx_t* ctx){
|
||||
msg=(uint8_t*)msg + (msg_blocks-1)*ctx->blocksize_B;
|
||||
while(msg_blocks > 1){
|
||||
bcal_cbc_decRand(msg, (uint8_t*)msg-ctx->blocksize_B, ctx);
|
||||
msg_blocks -= 1;
|
||||
msg=(uint8_t*)msg-ctx->blocksize_B;
|
||||
}
|
||||
bcal_cbc_decRand(msg, iv, ctx);
|
||||
}
|
||||
|
|
@ -0,0 +1,44 @@
|
|||
/* bcal-cbc.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#ifndef BCALCBC_H_
|
||||
#define BCALCBC_H_
|
||||
|
||||
#include <stdint.h>
|
||||
#include "blockcipher_descriptor.h"
|
||||
#include "bcal-basic.h"
|
||||
|
||||
typedef struct{
|
||||
bcdesc_t* desc;
|
||||
bcgen_ctx_t cctx;
|
||||
uint8_t* prev_block;
|
||||
uint8_t blocksize_B;
|
||||
} bcal_cbc_ctx_t;
|
||||
|
||||
uint8_t bcal_cbc_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_cbc_ctx_t* ctx);
|
||||
void bcal_cbc_free(bcal_cbc_ctx_t* ctx);
|
||||
void bcal_cbc_loadIV(const void* iv, bcal_cbc_ctx_t* ctx);
|
||||
void bcal_cbc_encNext(void* block, bcal_cbc_ctx_t* ctx);
|
||||
void bcal_cbc_decNext(void* block, bcal_cbc_ctx_t* ctx);
|
||||
void bcal_cbc_decRand(void* block, const void* prev_block, bcal_cbc_ctx_t* ctx);
|
||||
void bcal_cbc_encMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cbc_ctx_t* ctx);
|
||||
void bcal_cbc_decMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cbc_ctx_t* ctx);
|
||||
|
||||
|
||||
#endif /* BCALCBC_H_ */
|
|
@ -0,0 +1,128 @@
|
|||
/* bcal-cfb_bit.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
#include "bcal-cfb_bit.h"
|
||||
#include "bcal-basic.h"
|
||||
|
||||
static uint8_t read_bit(void* block, uint32_t index){
|
||||
uint8_t r;
|
||||
r=((uint8_t*)block)[index/8];
|
||||
r=(r&(0x80>>(index&7)))?0xff:0x00;
|
||||
return r;
|
||||
}
|
||||
|
||||
static void write_bit(void* block, uint32_t index, uint8_t value){
|
||||
if(value){
|
||||
/* set bit */
|
||||
((uint8_t*)block)[index/8] |= 0x80>>(index&7);
|
||||
}else{
|
||||
/* clear bit */
|
||||
((uint8_t*)block)[index/8] &= ~(0x80>>(index&7));
|
||||
}
|
||||
}
|
||||
|
||||
uint8_t bcal_cfb_b_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, uint16_t size_b, bcal_cfb_b_ctx_t* ctx){
|
||||
ctx->desc = (bcdesc_t*)desc;
|
||||
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
|
||||
ctx->in_block=malloc(ctx->blocksize_B);
|
||||
if(ctx->in_block==NULL){
|
||||
return 0x11;
|
||||
}
|
||||
if(size_b>bcal_cipher_getBlocksize_b(desc)){
|
||||
return 0x12;
|
||||
}
|
||||
ctx->size_b = size_b;
|
||||
return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
|
||||
}
|
||||
|
||||
void bcal_cfb_b_free(bcal_cfb_b_ctx_t* ctx){
|
||||
free(ctx->in_block);
|
||||
bcal_cipher_free(&(ctx->cctx));
|
||||
}
|
||||
|
||||
void bcal_cfb_b_loadIV(const void* iv, bcal_cfb_b_ctx_t* ctx){
|
||||
if(iv){
|
||||
memcpy(ctx->in_block, iv, ctx->blocksize_B);
|
||||
}
|
||||
}
|
||||
|
||||
void bcal_cfb_b_encNext(void* block, uint8_t offset, bcal_cfb_b_ctx_t* ctx){
|
||||
uint8_t tmp[ctx->blocksize_B];
|
||||
offset &= 7;
|
||||
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
|
||||
bcal_cipher_enc(tmp, &(ctx->cctx));
|
||||
uint16_t i,j;
|
||||
uint8_t a;
|
||||
for(i=0; i<ctx->blocksize_B*8-ctx->size_b; ++i){
|
||||
a = read_bit(ctx->in_block, i+ctx->size_b);
|
||||
write_bit(ctx->in_block, i, a);
|
||||
}
|
||||
for(j=offset,i=0; i<ctx->size_b; ++i, ++j){
|
||||
a = read_bit(tmp, i) ^ read_bit(block, j);
|
||||
write_bit(ctx->in_block, ctx->blocksize_B*8-ctx->size_b+i, a);
|
||||
write_bit(block, j, a);
|
||||
}
|
||||
}
|
||||
|
||||
void bcal_cfb_b_decNext(void* block, uint8_t offset, bcal_cfb_b_ctx_t* ctx){
|
||||
uint8_t tmp[ctx->blocksize_B];
|
||||
offset &= 7;
|
||||
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
|
||||
bcal_cipher_enc(tmp, &(ctx->cctx));
|
||||
uint16_t i,j;
|
||||
uint8_t a,b;
|
||||
for(i=0; i<ctx->blocksize_B*8-ctx->size_b; ++i){
|
||||
a = read_bit(ctx->in_block, i+ctx->size_b);
|
||||
write_bit(ctx->in_block, i, a);
|
||||
}
|
||||
for(j=offset,i=0; i<ctx->size_b; ++i, ++j){
|
||||
a = read_bit(tmp, i);
|
||||
b = read_bit(block, j);
|
||||
a ^= b;
|
||||
write_bit(ctx->in_block, ctx->blocksize_B*8-ctx->size_b+i, b);
|
||||
write_bit(block, j, a);
|
||||
}
|
||||
}
|
||||
|
||||
void bcal_cfb_b_encMsg(const void* iv, void* msg, uint8_t offset, uint32_t msg_blocks, bcal_cfb_b_ctx_t* ctx){
|
||||
bcal_cfb_b_loadIV(iv, ctx);
|
||||
uint64_t addr;
|
||||
addr = ((uint32_t)msg)*8+offset;
|
||||
while(msg_blocks--){
|
||||
msg = (void*)((uint32_t)(addr/8));
|
||||
offset = addr&7;
|
||||
bcal_cfb_b_encNext(msg, offset, ctx);
|
||||
addr += ctx->size_b;
|
||||
}
|
||||
}
|
||||
|
||||
void bcal_cfb_b_decMsg(const void* iv, void* msg, uint8_t offset, uint32_t msg_blocks, bcal_cfb_b_ctx_t* ctx){
|
||||
bcal_cfb_b_loadIV(iv, ctx);
|
||||
uint64_t addr;
|
||||
addr = ((uint32_t)msg)*8+offset;
|
||||
while(msg_blocks--){
|
||||
msg = (void*)((uint32_t)(addr/8));
|
||||
offset = addr&7;
|
||||
bcal_cfb_b_decNext(msg, offset, ctx);
|
||||
addr += ctx->size_b;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,47 @@
|
|||
/* bcal-cfb_bit.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
|
||||
#ifndef BCALCFB_BIT_H_
|
||||
#define BCALCFB_BIT_H_
|
||||
|
||||
#include <stdint.h>
|
||||
#include "bcal-basic.h"
|
||||
#include "blockcipher_descriptor.h"
|
||||
|
||||
|
||||
typedef struct{
|
||||
bcdesc_t* desc;
|
||||
bcgen_ctx_t cctx;
|
||||
uint8_t* in_block;
|
||||
uint8_t blocksize_B;
|
||||
uint16_t size_b;
|
||||
} bcal_cfb_b_ctx_t;
|
||||
|
||||
|
||||
uint8_t bcal_cfb_b_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, uint16_t size_b, bcal_cfb_b_ctx_t* ctx);
|
||||
void bcal_cfb_b_free(bcal_cfb_b_ctx_t* ctx);
|
||||
void bcal_cfb_b_loadIV(const void* iv, bcal_cfb_b_ctx_t* ctx);
|
||||
void bcal_cfb_b_encNext(void* block, uint8_t offset, bcal_cfb_b_ctx_t* ctx);
|
||||
void bcal_cfb_b_decNext(void* block, uint8_t offset, bcal_cfb_b_ctx_t* ctx);
|
||||
void bcal_cfb_b_encMsg(const void* iv, void* msg, uint8_t offset, uint32_t msg_blocks, bcal_cfb_b_ctx_t* ctx);
|
||||
void bcal_cfb_b_decMsg(const void* iv, void* msg, uint8_t offset, uint32_t msg_blocks, bcal_cfb_b_ctx_t* ctx);
|
||||
|
||||
|
||||
#endif /* BCALCFB_BIT_H_ */
|
|
@ -0,0 +1,88 @@
|
|||
/* bcal-cfb_byte.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
#include "bcal-cfb_byte.h"
|
||||
#include "bcal-basic.h"
|
||||
#include "memxor.h"
|
||||
|
||||
|
||||
uint8_t bcal_cfb_B_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, uint16_t size_b, bcal_cfb_B_ctx_t* ctx){
|
||||
ctx->desc = (bcdesc_t*)desc;
|
||||
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
|
||||
ctx->in_block=malloc(ctx->blocksize_B);
|
||||
if(ctx->in_block==NULL){
|
||||
return 0x11;
|
||||
}
|
||||
if(size_b&7){
|
||||
return 0x12;
|
||||
}
|
||||
ctx->size_B = size_b/8;
|
||||
return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
|
||||
}
|
||||
|
||||
void bcal_cfb_B_free(bcal_cfb_B_ctx_t* ctx){
|
||||
free(ctx->in_block);
|
||||
bcal_cipher_free(&(ctx->cctx));
|
||||
}
|
||||
|
||||
void bcal_cfb_B_loadIV(const void* iv, bcal_cfb_B_ctx_t* ctx){
|
||||
if(iv){
|
||||
memcpy(ctx->in_block, iv, ctx->blocksize_B);
|
||||
}
|
||||
}
|
||||
|
||||
void bcal_cfb_B_encNext(void* block, bcal_cfb_B_ctx_t* ctx){
|
||||
uint8_t tmp[ctx->blocksize_B];
|
||||
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
|
||||
bcal_cipher_enc(tmp, &(ctx->cctx));
|
||||
memxor(block, tmp, ctx->size_B);
|
||||
memmove(ctx->in_block, ctx->in_block+ctx->size_B, ctx->blocksize_B - ctx->size_B);
|
||||
memcpy(ctx->in_block+ctx->blocksize_B-ctx->size_B, block, ctx->size_B);
|
||||
}
|
||||
|
||||
void bcal_cfb_B_decNext(void* block, bcal_cfb_B_ctx_t* ctx){
|
||||
uint8_t tmp[ctx->blocksize_B];
|
||||
uint8_t xblock[ctx->size_B];
|
||||
memcpy(xblock, block, ctx->size_B);
|
||||
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
|
||||
bcal_cipher_enc(tmp, &(ctx->cctx));
|
||||
memxor(block, tmp, ctx->size_B);
|
||||
memmove(ctx->in_block, ctx->in_block+ctx->size_B, ctx->blocksize_B - ctx->size_B);
|
||||
memcpy(ctx->in_block+ctx->blocksize_B-ctx->size_B, xblock, ctx->size_B);
|
||||
}
|
||||
|
||||
void bcal_cfb_B_encMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cfb_B_ctx_t* ctx){
|
||||
bcal_cfb_B_loadIV(iv, ctx);
|
||||
while(msg_blocks--){
|
||||
bcal_cfb_B_encNext(msg, ctx);
|
||||
msg = (uint8_t*)msg+ctx->size_B;
|
||||
}
|
||||
}
|
||||
|
||||
void bcal_cfb_B_decMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cfb_B_ctx_t* ctx){
|
||||
bcal_cfb_B_loadIV(iv, ctx);
|
||||
while(msg_blocks--){
|
||||
bcal_cfb_B_decNext(msg, ctx);
|
||||
msg = (uint8_t*)msg+ctx->size_B;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,46 @@
|
|||
/* bcal-cbc.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#ifndef BCALCFB_BYTE_H_
|
||||
#define BCALCFB_BYTE_H_
|
||||
|
||||
#include <stdint.h>
|
||||
#include "bcal-basic.h"
|
||||
#include "blockcipher_descriptor.h"
|
||||
|
||||
|
||||
typedef struct{
|
||||
bcdesc_t* desc;
|
||||
bcgen_ctx_t cctx;
|
||||
uint8_t* in_block;
|
||||
uint8_t blocksize_B;
|
||||
uint8_t size_B;
|
||||
} bcal_cfb_B_ctx_t;
|
||||
|
||||
|
||||
uint8_t bcal_cfb_B_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, uint16_t size_b, bcal_cfb_B_ctx_t* ctx);
|
||||
void bcal_cfb_B_free(bcal_cfb_B_ctx_t* ctx);
|
||||
void bcal_cfb_B_loadIV(const void* iv, bcal_cfb_B_ctx_t* ctx);
|
||||
void bcal_cfb_B_encNext(void* block, bcal_cfb_B_ctx_t* ctx);
|
||||
void bcal_cfb_B_decNext(void* block, bcal_cfb_B_ctx_t* ctx);
|
||||
void bcal_cfb_B_encMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cfb_B_ctx_t* ctx);
|
||||
void bcal_cfb_B_decMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cfb_B_ctx_t* ctx);
|
||||
|
||||
|
||||
#endif /* BCALCFB_BYTE_H_ */
|
|
@ -0,0 +1,152 @@
|
|||
/* bcal-omac.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
#include "bcal-basic.h"
|
||||
#include "bcal-cmac.h"
|
||||
#include "memxor.h"
|
||||
|
||||
|
||||
static uint8_t left_shift_be_block(void* block, uint8_t blocksize_B){
|
||||
uint8_t c1=0, c2;
|
||||
do{
|
||||
--blocksize_B;
|
||||
c2 = (((uint8_t*)block)[blocksize_B])>>7;
|
||||
(((uint8_t*)block)[blocksize_B]) <<= 1;
|
||||
(((uint8_t*)block)[blocksize_B]) |= c1;
|
||||
c1 = c2;
|
||||
}while(blocksize_B);
|
||||
return c1;
|
||||
}
|
||||
|
||||
static const uint8_t const_128 = 0x87;
|
||||
static const uint8_t const_64 = 0x1b;
|
||||
|
||||
uint8_t bcal_cmac_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_cmac_ctx_t* ctx){
|
||||
uint8_t r;
|
||||
ctx->desc = (bcdesc_t*)desc;
|
||||
ctx->blocksize_B = bcal_cipher_getBlocksize_b(desc)/8;
|
||||
if (ctx->blocksize_B!=128/8 && ctx->blocksize_B!=64/8){
|
||||
return 0x13;
|
||||
}
|
||||
ctx->accu = malloc(ctx->blocksize_B);
|
||||
if(ctx->accu==NULL){
|
||||
return 0x14;
|
||||
}
|
||||
ctx->k1 = malloc(ctx->blocksize_B);
|
||||
if(ctx->k1==NULL){
|
||||
return 0x15;
|
||||
}
|
||||
ctx->k2 = malloc(ctx->blocksize_B);
|
||||
if(ctx->k2==NULL){
|
||||
return 0x16;
|
||||
}
|
||||
ctx->lastblock = malloc(ctx->blocksize_B);
|
||||
if(ctx->lastblock==NULL){
|
||||
return 0x17;
|
||||
}
|
||||
r = bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
|
||||
if(r){
|
||||
return r;
|
||||
}
|
||||
if(ctx->blocksize_B==128/8){
|
||||
r = const_128;
|
||||
}else{
|
||||
r = const_64;
|
||||
}
|
||||
/* subkey computation */
|
||||
memset(ctx->accu, 0x00, ctx->blocksize_B);
|
||||
memset(ctx->k1, 0x00, ctx->blocksize_B);
|
||||
bcal_cipher_enc(ctx->k1, &(ctx->cctx));
|
||||
if(left_shift_be_block(ctx->k1, ctx->blocksize_B)){
|
||||
ctx->k1[ctx->blocksize_B-1] ^= r;
|
||||
}
|
||||
memcpy(ctx->k2, ctx->k1, ctx->blocksize_B);
|
||||
if(left_shift_be_block(ctx->k2, ctx->blocksize_B)){
|
||||
ctx->k2[ctx->blocksize_B-1] ^= r;
|
||||
}
|
||||
ctx->last_set=0;
|
||||
return 0;
|
||||
}
|
||||
|
||||
void bcal_cmac_free(bcal_cmac_ctx_t* ctx){
|
||||
free(ctx->accu);
|
||||
free(ctx->k1);
|
||||
free(ctx->k2);
|
||||
bcal_cipher_free(&(ctx->cctx));
|
||||
}
|
||||
|
||||
void bcal_cmac_nextBlock (bcal_cmac_ctx_t* ctx, const void* block){
|
||||
if(ctx->last_set){
|
||||
memxor(ctx->accu, ctx->lastblock, ctx->blocksize_B);
|
||||
bcal_cipher_enc(ctx->accu, &(ctx->cctx));
|
||||
}
|
||||
memcpy(ctx->lastblock, block, ctx->blocksize_B);
|
||||
ctx->last_set=1;
|
||||
}
|
||||
|
||||
|
||||
void bcal_cmac_lastBlock(bcal_cmac_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||
uint16_t blocksize_b;
|
||||
blocksize_b = ctx->blocksize_B*8;
|
||||
while(length_b>=blocksize_b){
|
||||
bcal_cmac_nextBlock(ctx, block);
|
||||
block = (uint8_t*)block + ctx->blocksize_B;
|
||||
length_b -= blocksize_b;
|
||||
}
|
||||
if(ctx->last_set==0){
|
||||
memxor(ctx->accu, block, (length_b+7)/8);
|
||||
memxor(ctx->accu, ctx->k2, ctx->blocksize_B);
|
||||
ctx->accu[length_b/8] ^= 0x80>>(length_b&7);
|
||||
}else{
|
||||
if(length_b==0){
|
||||
memxor(ctx->accu, ctx->lastblock, ctx->blocksize_B);
|
||||
memxor(ctx->accu, ctx->k1, ctx->blocksize_B);
|
||||
}else{
|
||||
memxor(ctx->accu, ctx->lastblock, ctx->blocksize_B);
|
||||
bcal_cipher_enc(ctx->accu, &(ctx->cctx));
|
||||
memxor(ctx->accu, block, (length_b+7)/8);
|
||||
memxor(ctx->accu, ctx->k2, ctx->blocksize_B);
|
||||
ctx->accu[length_b/8] ^= 0x80>>(length_b&7);
|
||||
}
|
||||
}
|
||||
bcal_cipher_enc(ctx->accu, &(ctx->cctx));
|
||||
}
|
||||
|
||||
void bcal_cmac_ctx2mac(void* dest, uint16_t length_b, const bcal_cmac_ctx_t* ctx){
|
||||
memcpy(dest, ctx->accu, length_b/8);
|
||||
if(length_b&7){
|
||||
((uint8_t*)dest)[length_b/8] &= 0xff>>(length_b&7);
|
||||
((uint8_t*)dest)[length_b/8] |= (0xff00>>(length_b&7))&(ctx->accu[length_b/8]);
|
||||
}
|
||||
}
|
||||
|
||||
void bcal_cmac(void* dest, uint16_t out_length_b, const void* block, uint32_t length_b, bcal_cmac_ctx_t* ctx){
|
||||
uint16_t blocksize_b;
|
||||
blocksize_b = ctx->blocksize_B*8;
|
||||
while(length_b>blocksize_b){
|
||||
bcal_cmac_nextBlock(ctx, block);
|
||||
block = (uint8_t*)block + ctx->blocksize_B;
|
||||
length_b -= blocksize_b;
|
||||
}
|
||||
bcal_cmac_lastBlock(ctx, block, length_b);
|
||||
bcal_cmac_ctx2mac(dest, out_length_b, ctx);
|
||||
}
|
|
@ -0,0 +1,45 @@
|
|||
/* bcal-cmac.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#ifndef BCALCMAC_H_
|
||||
#define BCALCMAC_H_
|
||||
|
||||
#include <stdint.h>
|
||||
#include "bcal-basic.h"
|
||||
#include "blockcipher_descriptor.h"
|
||||
|
||||
typedef struct{
|
||||
bcdesc_t* desc;
|
||||
bcgen_ctx_t cctx;
|
||||
uint8_t* accu;
|
||||
uint8_t* k1;
|
||||
uint8_t* k2;
|
||||
uint8_t* lastblock;
|
||||
uint8_t last_set;
|
||||
uint8_t blocksize_B;
|
||||
} bcal_cmac_ctx_t;
|
||||
|
||||
uint8_t bcal_cmac_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_cmac_ctx_t* ctx);
|
||||
void bcal_cmac_free(bcal_cmac_ctx_t* ctx);
|
||||
void bcal_cmac_nextBlock(bcal_cmac_ctx_t* ctx, const void* block);
|
||||
void bcal_cmac_lastBlock(bcal_cmac_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||
void bcal_cmac_ctx2mac(void* dest, uint16_t length_b, const bcal_cmac_ctx_t* ctx);
|
||||
void bcal_cmac(void* dest, uint16_t out_length_b, const void* block, uint32_t length_b, bcal_cmac_ctx_t* ctx);
|
||||
|
||||
#endif /* BCALCMAC_H_ */
|
|
@ -0,0 +1,95 @@
|
|||
/* bcal-ctr.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
#include "bcal-basic.h"
|
||||
#include "bcal-ctr.h"
|
||||
#include "memxor.h"
|
||||
|
||||
static void increment_be(void* block, uint8_t size_B){
|
||||
uint16_t c=1;
|
||||
do{
|
||||
--size_B;
|
||||
c += ((uint8_t*)block)[size_B];
|
||||
((uint8_t*)block)[size_B] = (uint8_t)c;
|
||||
c>>=8;
|
||||
}while(size_B);
|
||||
}
|
||||
|
||||
uint8_t bcal_ctr_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, inc_fp_t inc_func, bcal_ctr_ctx_t* ctx){
|
||||
ctx->desc = (bcdesc_t*)desc;
|
||||
if(inc_func){
|
||||
ctx->inc_func = inc_func;
|
||||
}else{
|
||||
ctx->inc_func = increment_be;
|
||||
}
|
||||
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
|
||||
ctx->in_block=malloc(ctx->blocksize_B);
|
||||
if(ctx->in_block==NULL){
|
||||
return 0x11;
|
||||
}
|
||||
return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
|
||||
}
|
||||
|
||||
void bcal_ctr_free(bcal_ctr_ctx_t* ctx){
|
||||
free(ctx->in_block);
|
||||
bcal_cipher_free(&(ctx->cctx));
|
||||
}
|
||||
|
||||
void bcal_ctr_loadIV(const void* iv, bcal_ctr_ctx_t* ctx){
|
||||
if(iv){
|
||||
memcpy(ctx->in_block, iv, ctx->blocksize_B);
|
||||
}
|
||||
}
|
||||
|
||||
void bcal_ctr_encNext(void* block, bcal_ctr_ctx_t* ctx){
|
||||
uint8_t tmp[ctx->blocksize_B];
|
||||
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
|
||||
bcal_cipher_enc(tmp, &(ctx->cctx));
|
||||
memxor(block, tmp, ctx->blocksize_B);
|
||||
ctx->inc_func(ctx->in_block, ctx->blocksize_B);
|
||||
}
|
||||
|
||||
void bcal_ctr_decNext(void* block, bcal_ctr_ctx_t* ctx){
|
||||
bcal_ctr_encNext(block, ctx);
|
||||
}
|
||||
|
||||
void bcal_ctr_encMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ctr_ctx_t* ctx){
|
||||
bcal_ctr_loadIV(iv, ctx);
|
||||
uint16_t blocksize_b;
|
||||
blocksize_b = ctx->blocksize_B*8;
|
||||
while(msg_len_b>blocksize_b){
|
||||
bcal_ctr_encNext(msg, ctx);
|
||||
msg_len_b -= blocksize_b;
|
||||
msg = (uint8_t*)msg + ctx->blocksize_B;
|
||||
}
|
||||
uint8_t tmp[ctx->blocksize_B];
|
||||
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
|
||||
bcal_cipher_enc(tmp, &(ctx->cctx));
|
||||
ctx->inc_func(ctx->in_block, ctx->blocksize_B);
|
||||
tmp[msg_len_b/8] = 0xff00>>(msg_len_b&7);
|
||||
memxor(msg, tmp, (msg_len_b+7)/8);
|
||||
}
|
||||
|
||||
void bcal_ctr_decMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ctr_ctx_t* ctx){
|
||||
bcal_ctr_encMsg(iv, msg, msg_len_b, ctx);
|
||||
}
|
||||
|
|
@ -0,0 +1,45 @@
|
|||
/* bcal-ctr.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#ifndef BCALCTR_H_
|
||||
#define BCALCTR_H_
|
||||
|
||||
#include <stdint.h>
|
||||
#include "bcal-basic.h"
|
||||
#include "blockcipher_descriptor.h"
|
||||
|
||||
typedef void(*inc_fp_t)(void* block, uint8_t size_B);
|
||||
|
||||
typedef struct{
|
||||
bcdesc_t* desc;
|
||||
bcgen_ctx_t cctx;
|
||||
uint8_t* in_block;
|
||||
inc_fp_t inc_func;
|
||||
uint8_t blocksize_B;
|
||||
} bcal_ctr_ctx_t;
|
||||
|
||||
uint8_t bcal_ctr_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, inc_fp_t inc_func, bcal_ctr_ctx_t* ctx);
|
||||
void bcal_ctr_free(bcal_ctr_ctx_t* ctx);
|
||||
void bcal_ctr_loadIV(const void* iv, bcal_ctr_ctx_t* ctx);
|
||||
void bcal_ctr_encNext(void* block, bcal_ctr_ctx_t* ctx);
|
||||
void bcal_ctr_decNext(void* block, bcal_ctr_ctx_t* ctx);
|
||||
void bcal_ctr_encMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ctr_ctx_t* ctx);
|
||||
void bcal_ctr_decMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ctr_ctx_t* ctx);
|
||||
|
||||
#endif /* BCALCTR_H_ */
|
|
@ -0,0 +1,119 @@
|
|||
/* bca-eax.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
|
||||
#include <stdint.h>
|
||||
#include "bcal-basic.h"
|
||||
#include "blockcipher_descriptor.h"
|
||||
#include "bcal-cmac.h"
|
||||
#include "bcal-ctr.h"
|
||||
#include "bcal-eax.h"
|
||||
#include "memxor.h"
|
||||
|
||||
uint8_t bcal_eax_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_eax_ctx_t* ctx){
|
||||
uint8_t r;
|
||||
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
|
||||
ctx->nonce = malloc(ctx->blocksize_B);
|
||||
if(ctx->nonce==NULL){
|
||||
return 0x81;
|
||||
}
|
||||
r = bcal_cmac_init(desc, key, keysize_b, &(ctx->ctag));
|
||||
if(r){
|
||||
return r;
|
||||
}
|
||||
r = bcal_cmac_init(desc, key, keysize_b, &(ctx->htag));
|
||||
if(r){
|
||||
return (r|0x10);
|
||||
}
|
||||
r = bcal_cmac_init(desc, key, keysize_b, &(ctx->ntag));
|
||||
if(r){
|
||||
return (r|0x20);
|
||||
}
|
||||
r = bcal_ctr_init(desc, key, keysize_b, NULL, &(ctx->cipher));
|
||||
if(r){
|
||||
return (r|0x30);
|
||||
}
|
||||
ctx->header_set=0;
|
||||
uint8_t tmp[ctx->blocksize_B];
|
||||
memset(tmp, 0, ctx->blocksize_B);
|
||||
bcal_cmac_nextBlock(&(ctx->ntag), tmp);
|
||||
tmp[ctx->blocksize_B-1]=1;
|
||||
bcal_cmac_nextBlock(&(ctx->htag), tmp);
|
||||
tmp[ctx->blocksize_B-1]=2;
|
||||
bcal_cmac_nextBlock(&(ctx->ctag), tmp);
|
||||
return 0;
|
||||
}
|
||||
|
||||
void bcal_eax_free(bcal_eax_ctx_t* ctx){
|
||||
bcal_ctr_free(&(ctx->cipher));
|
||||
bcal_cmac_free(&(ctx->ctag));
|
||||
bcal_cmac_free(&(ctx->htag));
|
||||
bcal_cmac_free(&(ctx->ntag));
|
||||
free(ctx->nonce);
|
||||
}
|
||||
|
||||
void bcal_eax_loadNonce(const void* nonce, uint16_t length_b, bcal_eax_ctx_t* ctx){
|
||||
bcal_cmac_lastBlock(&(ctx->ntag), nonce, length_b);
|
||||
bcal_cmac_ctx2mac(ctx->nonce, ctx->blocksize_B*8, &(ctx->ntag));
|
||||
bcal_ctr_loadIV(ctx->nonce, &(ctx->cipher));
|
||||
}
|
||||
|
||||
void bcal_eax_addNextHeader(const void* header, bcal_eax_ctx_t* ctx){
|
||||
bcal_cmac_nextBlock(&(ctx->htag), header);
|
||||
}
|
||||
|
||||
void bcal_eax_addLastHeader(const void* header, uint16_t length_b, bcal_eax_ctx_t* ctx){
|
||||
bcal_cmac_lastBlock(&(ctx->htag), header, length_b);
|
||||
ctx->header_set = 1;
|
||||
}
|
||||
|
||||
void bcal_eax_encNextBlock(void* block, bcal_eax_ctx_t* ctx){
|
||||
bcal_ctr_encNext(block, &(ctx->cipher));
|
||||
bcal_cmac_nextBlock(&(ctx->ctag), block);
|
||||
}
|
||||
|
||||
void bcal_eax_encLastBlock(void* block, uint16_t length_b, bcal_eax_ctx_t* ctx){
|
||||
bcal_ctr_encMsg(NULL, block, length_b, &(ctx->cipher));
|
||||
bcal_cmac_lastBlock(&(ctx->ctag), block, length_b);
|
||||
}
|
||||
|
||||
void bcal_eax_decNextBlock(void* block, bcal_eax_ctx_t* ctx){
|
||||
bcal_cmac_nextBlock(&(ctx->ctag), block);
|
||||
bcal_ctr_decNext(block, &(ctx->cipher));
|
||||
}
|
||||
|
||||
void bcal_eax_decLastBlock(void* block, uint16_t length_b, bcal_eax_ctx_t* ctx){
|
||||
bcal_cmac_lastBlock(&(ctx->ctag), block, length_b);
|
||||
bcal_ctr_decMsg(NULL, block, length_b, &(ctx->cipher));
|
||||
}
|
||||
|
||||
void bcal_eax_ctx2tag(void* dest, uint16_t length_b, bcal_eax_ctx_t* ctx){
|
||||
uint8_t tmp[ctx->blocksize_B];
|
||||
if(ctx->header_set==0){
|
||||
bcal_cmac_lastBlock(&(ctx->htag), NULL, 0);
|
||||
}
|
||||
|
||||
bcal_cmac_ctx2mac(tmp, ctx->blocksize_B*8, &(ctx->htag));
|
||||
memxor(ctx->nonce, tmp, ctx->blocksize_B);
|
||||
|
||||
bcal_cmac_ctx2mac(tmp, ctx->blocksize_B*8, &(ctx->ctag));
|
||||
memxor(ctx->nonce, tmp, ctx->blocksize_B);
|
||||
memcpy(dest, ctx->nonce, (length_b+7)/8);
|
||||
}
|
||||
|
|
@ -0,0 +1,53 @@
|
|||
/* bcal-eax.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#ifndef BCALEAX_H_
|
||||
#define BCALEAX_H_
|
||||
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
#include "bcal-basic.h"
|
||||
#include "blockcipher_descriptor.h"
|
||||
#include "bcal-cmac.h"
|
||||
#include "bcal-ctr.h"
|
||||
|
||||
typedef struct{
|
||||
uint8_t* nonce;
|
||||
bcal_cmac_ctx_t ntag;
|
||||
bcal_cmac_ctx_t ctag;
|
||||
bcal_cmac_ctx_t htag;
|
||||
bcal_ctr_ctx_t cipher;
|
||||
uint8_t blocksize_B;
|
||||
uint8_t header_set;
|
||||
} bcal_eax_ctx_t;
|
||||
|
||||
uint8_t bcal_eax_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_eax_ctx_t* ctx);
|
||||
void bcal_eax_free(bcal_eax_ctx_t* ctx);
|
||||
void bcal_eax_loadNonce(const void* nonce, uint16_t length_b, bcal_eax_ctx_t* ctx);
|
||||
void bcal_eax_addNextHeader(const void* header, bcal_eax_ctx_t* ctx);
|
||||
void bcal_eax_addLastHeader(const void* header, uint16_t length_b, bcal_eax_ctx_t* ctx);
|
||||
void bcal_eax_encNextBlock(void* block, bcal_eax_ctx_t* ctx);
|
||||
void bcal_eax_encLastBlock(void* block, uint16_t length_b, bcal_eax_ctx_t* ctx);
|
||||
void bcal_eax_decNextBlock(void* block, bcal_eax_ctx_t* ctx);
|
||||
void bcal_eax_decLastBlock(void* block, uint16_t length_b, bcal_eax_ctx_t* ctx);
|
||||
void bcal_eax_ctx2tag(void* dest, uint16_t length_b, bcal_eax_ctx_t* ctx);
|
||||
//void bcal_eax(void* dest, uint16_t out_length_b, const void* block, uint32_t length_b, bcal_eax_ctx_t* ctx);
|
||||
|
||||
#endif /* BCALEAX_H_ */
|
||||
|
|
@ -0,0 +1,76 @@
|
|||
/* bcal-ofb.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
#include "bcal-ofb.h"
|
||||
#include "bcal-basic.h"
|
||||
#include "memxor.h"
|
||||
|
||||
|
||||
uint8_t bcal_ofb_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_ofb_ctx_t* ctx){
|
||||
ctx->desc = (bcdesc_t*)desc;
|
||||
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
|
||||
ctx->in_block=malloc(ctx->blocksize_B);
|
||||
if(ctx->in_block==NULL){
|
||||
return 0x11;
|
||||
}
|
||||
return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
|
||||
}
|
||||
|
||||
void bcal_ofb_free(bcal_ofb_ctx_t* ctx){
|
||||
free(ctx->in_block);
|
||||
bcal_cipher_free(&(ctx->cctx));
|
||||
}
|
||||
|
||||
void bcal_ofb_loadIV(const void* iv, bcal_ofb_ctx_t* ctx){
|
||||
if(iv){
|
||||
memcpy(ctx->in_block, iv, ctx->blocksize_B);
|
||||
}
|
||||
}
|
||||
|
||||
void bcal_ofb_encNext(void* block, bcal_ofb_ctx_t* ctx){
|
||||
bcal_cipher_enc(ctx->in_block , &(ctx->cctx));
|
||||
memxor(block, ctx->in_block, ctx->blocksize_B);
|
||||
}
|
||||
|
||||
void bcal_ofb_decNext(void* block, bcal_ofb_ctx_t* ctx){
|
||||
bcal_cipher_enc(ctx->in_block , &(ctx->cctx));
|
||||
memxor(block, ctx->in_block, ctx->blocksize_B);
|
||||
}
|
||||
|
||||
|
||||
void bcal_ofb_encMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ofb_ctx_t* ctx){
|
||||
uint16_t block_len_b;
|
||||
block_len_b = ctx->blocksize_B*8;
|
||||
bcal_ofb_loadIV(iv, ctx);
|
||||
while(msg_len_b>block_len_b){
|
||||
bcal_ofb_encNext(msg, ctx);
|
||||
msg_len_b -= block_len_b;
|
||||
msg = (uint8_t*)msg + ctx->blocksize_B;
|
||||
}
|
||||
bcal_cipher_enc(ctx->in_block, &(ctx->cctx));
|
||||
ctx->in_block[msg_len_b/8] = 0xff00>>(msg_len_b&7);
|
||||
memxor(msg, ctx->in_block, (msg_len_b+7)/8);
|
||||
}
|
||||
|
||||
void bcal_ofb_decMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ofb_ctx_t* ctx){
|
||||
bcal_ofb_encMsg(iv, msg, msg_len_b, ctx);
|
||||
}
|
||||
|
|
@ -0,0 +1,46 @@
|
|||
/* bcal-ofb.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
|
||||
#ifndef BCALOFB_H_
|
||||
#define BCALOFB_H_
|
||||
|
||||
#include <stdint.h>
|
||||
#include "bcal-basic.h"
|
||||
#include "blockcipher_descriptor.h"
|
||||
|
||||
|
||||
typedef struct{
|
||||
bcdesc_t* desc;
|
||||
bcgen_ctx_t cctx;
|
||||
uint8_t* in_block;
|
||||
uint8_t blocksize_B;
|
||||
} bcal_ofb_ctx_t;
|
||||
|
||||
|
||||
uint8_t bcal_ofb_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_ofb_ctx_t* ctx);
|
||||
void bcal_ofb_free(bcal_ofb_ctx_t* ctx);
|
||||
void bcal_ofb_loadIV(const void* iv, bcal_ofb_ctx_t* ctx);
|
||||
void bcal_ofb_encNext(void* block, bcal_ofb_ctx_t* ctx);
|
||||
void bcal_ofb_decNext(void* block, bcal_ofb_ctx_t* ctx);
|
||||
void bcal_ofb_encMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ofb_ctx_t* ctx);
|
||||
void bcal_ofb_decMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ofb_ctx_t* ctx);
|
||||
|
||||
|
||||
#endif /* BCALOFB_H_ */
|
|
@ -0,0 +1,149 @@
|
|||
/* bcal-performance.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
/*
|
||||
* \file bcal-performance.c
|
||||
* \author Daniel Otte
|
||||
* \email daniel.otte@rub.de
|
||||
* \date 2010-02-16
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include "bcal-performance.h"
|
||||
#include "keysize_descriptor.h"
|
||||
#include "blockcipher_descriptor.h"
|
||||
#include "performance_test.h"
|
||||
#include "cli.h"
|
||||
#include <stdint.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
|
||||
static
|
||||
void printvalue(unsigned long v){
|
||||
char str[20];
|
||||
int i;
|
||||
ultoa(v, str, 10);
|
||||
for(i=0; i<10-strlen(str); ++i){
|
||||
cli_putc(' ');
|
||||
}
|
||||
cli_putstr(str);
|
||||
}
|
||||
|
||||
void bcal_performance(const bcdesc_t* bcd){
|
||||
bcdesc_t bc;
|
||||
memcpy(&bc, bcd, sizeof(bcdesc_t));
|
||||
uint8_t ctx[bc.ctxsize_B];
|
||||
uint8_t data[(bc.blocksize_b+7)/8];
|
||||
uint16_t keysize = get_keysize(bc.valid_keysize_desc);
|
||||
uint8_t key[(keysize+7)/8];
|
||||
uint64_t t;
|
||||
uint8_t i;
|
||||
|
||||
if(bc.type!=BCDESC_TYPE_BLOCKCIPHER)
|
||||
return;
|
||||
calibrateTimer();
|
||||
print_overhead();
|
||||
cli_putstr("\r\n\r\n === ");
|
||||
cli_putstr(bc.name);
|
||||
cli_putstr(" performance === "
|
||||
"\r\n type: blockcipher"
|
||||
"\r\n keysize (bits): ");
|
||||
printvalue(keysize);
|
||||
|
||||
cli_putstr("\r\n ctxsize (bytes): ");
|
||||
printvalue(bc.ctxsize_B);
|
||||
|
||||
cli_putstr("\r\n blocksize (bits): ");
|
||||
printvalue(bc.blocksize_b);
|
||||
|
||||
t=0;
|
||||
if(bc.init.init1){
|
||||
if((bc.flags&BC_INIT_TYPE)==BC_INIT_TYPE_1){
|
||||
for(i=0; i<32; ++i){
|
||||
startTimer(0);
|
||||
START_TIMER;
|
||||
(bc.init.init1)(key, &ctx);
|
||||
STOP_TIMER;
|
||||
t += stopTimer();
|
||||
if(i!=31 && bc.free){
|
||||
bc.free(&ctx);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
for(i=0; i<32; ++i){
|
||||
startTimer(0);
|
||||
START_TIMER;
|
||||
(bc.init.init2)(key, keysize, &ctx);
|
||||
STOP_TIMER;
|
||||
t += stopTimer();
|
||||
if(i!=31 && bc.free){
|
||||
bc.free(&ctx);
|
||||
}
|
||||
}
|
||||
}
|
||||
t>>=5;
|
||||
cli_putstr("\r\n init (cycles): ");
|
||||
printvalue(t);
|
||||
}
|
||||
|
||||
t=0;
|
||||
for(i=0; i<32; ++i){
|
||||
startTimer(0);
|
||||
START_TIMER;
|
||||
bc.enc.enc1(data, &ctx);
|
||||
STOP_TIMER;
|
||||
t += stopTimer();
|
||||
}
|
||||
t>>=5;
|
||||
cli_putstr("\r\n encrypt (cycles): ");
|
||||
printvalue(t);
|
||||
|
||||
t=0;
|
||||
for(i=0; i<32; ++i){
|
||||
startTimer(0);
|
||||
START_TIMER;
|
||||
bc.dec.dec1(data, &ctx);
|
||||
STOP_TIMER;
|
||||
t += stopTimer();
|
||||
}
|
||||
t>>=5;
|
||||
cli_putstr("\r\n decrypt (cycles): ");
|
||||
printvalue(t);
|
||||
|
||||
if(bc.free){
|
||||
bc.free(&ctx);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
void bcal_performance_multiple(const bcdesc_t** bcd_list){
|
||||
const bcdesc_t* bcd;
|
||||
for(;;){
|
||||
bcd = *bcd_list;
|
||||
if(!bcd){
|
||||
cli_putstr("\r\n\r\n End of performance figures\r\n");
|
||||
return;
|
||||
}
|
||||
bcal_performance(bcd++);
|
||||
bcd_list++;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,38 @@
|
|||
/* bcal-performance.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
/*
|
||||
* \file bcal-performance.h
|
||||
* \author Daniel Otte
|
||||
* \email daniel.otte@rub.de
|
||||
* \date 2010-02-16
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef BCAL_PERFORMANCE_H_
|
||||
#define BCAL_PERFORMANCE_H_
|
||||
|
||||
#include "blockcipher_descriptor.h"
|
||||
|
||||
void bcal_performance(const bcdesc_t* hd);
|
||||
void bcal_performance_multiple(const bcdesc_t** hd_list);
|
||||
|
||||
|
||||
#endif /* BCAL_PERFORMANCE_H_ */
|
|
@ -0,0 +1,54 @@
|
|||
/* bcal_aes128.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file bcal_aes128.c
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2009-01-08
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include <stdlib.h>
|
||||
#include "blockcipher_descriptor.h"
|
||||
#include "aes.h"
|
||||
#include "aes128_enc.h"
|
||||
#include "aes128_dec.h"
|
||||
#include "aes_keyschedule.h"
|
||||
#include "keysize_descriptor.h"
|
||||
|
||||
const char aes128_str[] = "AES-128";
|
||||
|
||||
const uint8_t aes128_keysize_desc[] = { KS_TYPE_LIST, 1, KS_INT(128),
|
||||
KS_TYPE_TERMINATOR };
|
||||
|
||||
const bcdesc_t aes128_desc = {
|
||||
BCDESC_TYPE_BLOCKCIPHER,
|
||||
BC_INIT_TYPE_1,
|
||||
aes128_str,
|
||||
sizeof(aes128_ctx_t),
|
||||
128,
|
||||
{(void_fpt)aes128_init},
|
||||
{(void_fpt)aes128_enc},
|
||||
{(void_fpt)aes128_dec},
|
||||
(bc_free_fpt)NULL,
|
||||
aes128_keysize_desc
|
||||
};
|
||||
|
||||
|
|
@ -0,0 +1,34 @@
|
|||
/* bcal_aes128.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file bcal_aes128.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2009-01-08
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include "blockcipher_descriptor.h"
|
||||
#include "aes.h"
|
||||
#include "aes128_enc.h"
|
||||
#include "aes128_dec.h"
|
||||
#include "keysize_descriptor.h"
|
||||
|
||||
extern const bcdesc_t aes128_desc;
|
|
@ -0,0 +1,54 @@
|
|||
/* bcal_aes192.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file bcal_aes192.c
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2009-01-08
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include <stdlib.h>
|
||||
#include "blockcipher_descriptor.h"
|
||||
#include "aes.h"
|
||||
#include "aes192_enc.h"
|
||||
#include "aes192_dec.h"
|
||||
#include "aes_keyschedule.h"
|
||||
#include "keysize_descriptor.h"
|
||||
|
||||
const char aes192_str[] = "AES-192";
|
||||
|
||||
const uint8_t aes192_keysize_desc[] = { KS_TYPE_LIST, 1, KS_INT(192),
|
||||
KS_TYPE_TERMINATOR };
|
||||
|
||||
const bcdesc_t aes192_desc = {
|
||||
BCDESC_TYPE_BLOCKCIPHER,
|
||||
BC_INIT_TYPE_1,
|
||||
aes192_str,
|
||||
sizeof(aes192_ctx_t),
|
||||
128,
|
||||
{(void_fpt)aes192_init},
|
||||
{(void_fpt)aes192_enc},
|
||||
{(void_fpt)aes192_dec},
|
||||
(bc_free_fpt)NULL,
|
||||
aes192_keysize_desc
|
||||
};
|
||||
|
||||
|
|
@ -0,0 +1,34 @@
|
|||
/* bcal_aes192.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file bcal_aes192.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2009-01-08
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include "blockcipher_descriptor.h"
|
||||
#include "aes.h"
|
||||
#include "aes192_enc.h"
|
||||
#include "aes192_dec.h"
|
||||
#include "keysize_descriptor.h"
|
||||
|
||||
extern const bcdesc_t aes192_desc;
|
|
@ -0,0 +1,54 @@
|
|||
/* bcal_aes256.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file bcal_aes256.c
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2009-01-08
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include <stdlib.h>
|
||||
#include "blockcipher_descriptor.h"
|
||||
#include "aes.h"
|
||||
#include "aes256_enc.h"
|
||||
#include "aes256_dec.h"
|
||||
#include "aes_keyschedule.h"
|
||||
#include "keysize_descriptor.h"
|
||||
|
||||
const char aes256_str[] = "AES-256";
|
||||
|
||||
const uint8_t aes256_keysize_desc[] = { KS_TYPE_LIST, 1, KS_INT(256),
|
||||
KS_TYPE_TERMINATOR };
|
||||
|
||||
const bcdesc_t aes256_desc = {
|
||||
BCDESC_TYPE_BLOCKCIPHER,
|
||||
BC_INIT_TYPE_1,
|
||||
aes256_str,
|
||||
sizeof(aes256_ctx_t),
|
||||
128,
|
||||
{(void_fpt)aes256_init},
|
||||
{(void_fpt)aes256_enc},
|
||||
{(void_fpt)aes256_dec},
|
||||
(bc_free_fpt)NULL,
|
||||
aes256_keysize_desc
|
||||
};
|
||||
|
||||
|
|
@ -0,0 +1,34 @@
|
|||
/* bcal_aes256.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file bcal_aes256.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2009-01-08
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include "blockcipher_descriptor.h"
|
||||
#include "aes.h"
|
||||
#include "aes256_enc.h"
|
||||
#include "aes256_dec.h"
|
||||
#include "keysize_descriptor.h"
|
||||
|
||||
extern const bcdesc_t aes256_desc;
|
|
@ -0,0 +1,98 @@
|
|||
/* blockcipher_descriptor.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file blockcipher_descriptor.h
|
||||
* \author Daniel Otte
|
||||
* \date 2009-02-04
|
||||
*
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef BLOCKCIPHER_DESCRIPTOR_H_
|
||||
#define BLOCKCIPHER_DESCRIPTOR_H_
|
||||
#include <stdint.h>
|
||||
|
||||
|
||||
#ifndef VOID_FPT
|
||||
#define VOID_FPT
|
||||
typedef void(*void_fpt)(void);
|
||||
#endif
|
||||
|
||||
typedef void(*bc_init1_fpt)(void*, void*);
|
||||
typedef void(*bc_init2_fpt)(void*, uint16_t,void*);
|
||||
typedef void(*bc_enc1_fpt)(void*, void*);
|
||||
typedef void(*bc_enc2_fpt)(void*, void*, void*);
|
||||
typedef void(*bc_dec1_fpt)(void*, void*);
|
||||
typedef void(*bc_dec2_fpt)(void*, void*, void*);
|
||||
typedef void(*bc_free_fpt)(void*);
|
||||
|
||||
typedef union{
|
||||
void_fpt initvoid;
|
||||
bc_init1_fpt init1;
|
||||
bc_init2_fpt init2;
|
||||
} bc_init_fpt;
|
||||
|
||||
typedef union{
|
||||
void_fpt encvoid;
|
||||
bc_enc1_fpt enc1;
|
||||
bc_enc2_fpt enc2;
|
||||
} bc_enc_fpt;
|
||||
|
||||
typedef union{
|
||||
void_fpt decvoid;
|
||||
bc_dec1_fpt dec1;
|
||||
bc_dec2_fpt dec2;
|
||||
} bc_dec_fpt;
|
||||
|
||||
#define BC_INIT_TYPE 0x01
|
||||
#define BC_INIT_TYPE_1 0x00
|
||||
#define BC_INIT_TYPE_2 0x01
|
||||
|
||||
#define BC_ENC_TYPE 0x02
|
||||
#define BC_ENC_TYPE_1 0x00
|
||||
#define BC_ENC_TYPE_2 0x02
|
||||
#
|
||||
#define BC_DEC_TYPE 0x04
|
||||
#define BC_DEC_TYPE_1 0x00
|
||||
#define BC_DEC_TYPE_2 0x04
|
||||
|
||||
#define BCDESC_TYPE_BLOCKCIPHER 0x01
|
||||
|
||||
typedef struct {
|
||||
uint8_t type; /* 1==blockcipher */
|
||||
uint8_t flags;
|
||||
const char* name;
|
||||
uint16_t ctxsize_B;
|
||||
uint16_t blocksize_b;
|
||||
bc_init_fpt init;
|
||||
bc_enc_fpt enc;
|
||||
bc_dec_fpt dec;
|
||||
bc_free_fpt free;
|
||||
const void* valid_keysize_desc;
|
||||
} bcdesc_t; /* blockcipher descriptor type */
|
||||
|
||||
typedef struct{
|
||||
bcdesc_t* desc_ptr;
|
||||
uint16_t keysize;
|
||||
void* ctx;
|
||||
} bcgen_ctx_t;
|
||||
|
||||
#endif /* BLOCKCIPHER_DESCRIPTOR_H_ */
|
||||
|
|
@ -18,6 +18,7 @@
|
|||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
=end
|
||||
|
||||
require 'rubygems'
|
||||
require 'serialport'
|
||||
|
||||
def read_line(error_msg=true)
|
||||
|
|
|
@ -0,0 +1,87 @@
|
|||
/* keysize_descriptor.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file keysize_descriptor.c
|
||||
* \author Daniel Otte
|
||||
* \email daniel.otte@rub.de
|
||||
* \date 2009-01-07
|
||||
* \license GPLv3 or later
|
||||
*/
|
||||
|
||||
#include <stdint.h>
|
||||
#include "keysize_descriptor.h"
|
||||
|
||||
uint8_t is_valid_keysize_P(const void* ks_desc, uint16_t keysize){
|
||||
uint8_t type;
|
||||
type = *((uint8_t*)ks_desc);
|
||||
ks_desc = (uint8_t*)ks_desc + 1;
|
||||
if(type==KS_TYPE_TERMINATOR)
|
||||
return 0;
|
||||
if(type==KS_TYPE_LIST){
|
||||
uint8_t items;
|
||||
uint16_t item;
|
||||
items = *((uint8_t*)ks_desc);
|
||||
ks_desc = (uint8_t*)ks_desc + 1;
|
||||
while(items--){
|
||||
item = *((uint16_t*)ks_desc);
|
||||
ks_desc = (uint8_t*)ks_desc + 2;
|
||||
if(item==keysize)
|
||||
return 1;
|
||||
}
|
||||
ks_desc = (uint8_t*)ks_desc - 2;
|
||||
}
|
||||
if(type==KS_TYPE_RANGE){
|
||||
uint16_t max, min;
|
||||
min = *((uint16_t*)ks_desc);
|
||||
ks_desc = (uint8_t*)ks_desc + 2;
|
||||
max = *((uint16_t*)ks_desc);
|
||||
if(min<=keysize && keysize<=max)
|
||||
return 1;
|
||||
}
|
||||
if(type==KS_TYPE_ARG_RANGE){
|
||||
uint16_t max, min, dist, offset;
|
||||
min = *((uint16_t*)ks_desc);
|
||||
ks_desc = (uint8_t*)ks_desc + 2;
|
||||
max = *((uint16_t*)ks_desc);
|
||||
ks_desc = (uint8_t*)ks_desc + 2;
|
||||
dist = *((uint16_t*)ks_desc);
|
||||
ks_desc = (uint8_t*)ks_desc + 2;
|
||||
offset = *((uint16_t*)ks_desc);
|
||||
if(min<=keysize && keysize<=max && (keysize%dist==offset))
|
||||
return 1;
|
||||
}
|
||||
if(type>KS_TYPE_ARG_RANGE){
|
||||
/* bad error, you may insert a big warning message here */
|
||||
return 0;
|
||||
}
|
||||
return is_valid_keysize_P((uint8_t*)ks_desc+1, keysize); /* search the next record */
|
||||
}
|
||||
|
||||
uint16_t get_keysize(const void* ks_desc){
|
||||
uint8_t type;
|
||||
uint16_t keysize;
|
||||
type = *((uint8_t*)ks_desc);
|
||||
if(type==KS_TYPE_LIST)
|
||||
ks_desc = (uint8_t*)ks_desc + 1;
|
||||
ks_desc = (uint8_t*)ks_desc + 1;
|
||||
keysize = *((uint16_t*)ks_desc);
|
||||
return keysize;
|
||||
}
|
||||
|
||||
|
|
@ -0,0 +1,58 @@
|
|||
/* keysize_descriptor.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file keysize_descriptor.h
|
||||
* \author Daniel Otte
|
||||
* \email daniel.otte@rub.de
|
||||
* \date 2009-01-07
|
||||
* \license GPLv3 or later
|
||||
*/
|
||||
|
||||
#ifndef KEYSIZE_DESCRIPTOR_H_
|
||||
#define KEYSIZE_DESCRIPTOR_H_
|
||||
|
||||
#include <stdint.h>
|
||||
|
||||
#define KS_TYPE_TERMINATOR 0x00
|
||||
#define KS_TYPE_LIST 0x01
|
||||
#define KS_TYPE_RANGE 0x02
|
||||
#define KS_TYPE_ARG_RANGE 0x03
|
||||
|
||||
#define KS_INT(a) ((a)&0xFF), ((a)>>8)
|
||||
|
||||
typedef struct{ /* keysize is valid if listed in items */
|
||||
uint8_t n_items; /* number of items (value 0 is reserved) */
|
||||
uint16_t items[]; /* list of valid lengths */
|
||||
}keysize_desc_list_t;
|
||||
|
||||
typedef struct{ /* keysize is valid if min<=keysize<=max */
|
||||
uint16_t min;
|
||||
uint16_t max;
|
||||
}keysize_desc_range_t;
|
||||
|
||||
typedef struct{ /* keysize is valid if min<=keysize<=max and if keysize mod distance == offset */
|
||||
uint16_t min;
|
||||
uint16_t max;
|
||||
uint16_t distance;
|
||||
uint16_t offset;
|
||||
}keysize_desc_arg_range_t;
|
||||
|
||||
uint8_t is_valid_keysize_P(const void* ks_desc, uint16_t keysize);
|
||||
uint16_t get_keysize(const void* ks_desc);
|
||||
#endif /* KEYSIZE_DESCRIPTOR_H_ */
|
|
@ -0,0 +1,586 @@
|
|||
/* cmacvs.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file cmacvs.c
|
||||
* \author Daniel Otte
|
||||
* \date 2010-02-02
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include <stdint.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <ctype.h>
|
||||
#include "blockcipher_descriptor.h"
|
||||
#include "bcal-basic.h"
|
||||
#include "bcal-cmac.h"
|
||||
#include "cmacvs.h"
|
||||
#include "string-extras.h"
|
||||
#include "cli.h"
|
||||
|
||||
|
||||
#ifdef DEBUG
|
||||
# undef DEBUG
|
||||
#endif
|
||||
|
||||
#define DEBUG 0
|
||||
|
||||
#if DEBUG
|
||||
# include "config.h"
|
||||
# include <util/delay.h>
|
||||
#endif
|
||||
|
||||
bcdesc_t* cmacvs_algo=NULL;
|
||||
bcdesc_t** cmacvs_algolist=NULL;
|
||||
|
||||
void cmacvs_listalgos(void){
|
||||
char option = 'a';
|
||||
|
||||
bcdesc_t* t;
|
||||
uint8_t i=0;
|
||||
cli_putstr("\r\nthe following algorithms are available:\r\n");
|
||||
while(option<='z' && (t=(bcdesc_t*)(cmacvs_algolist[i]))){
|
||||
cli_putc('\t');
|
||||
cli_putc((t==cmacvs_algo)?'*':' ');
|
||||
cli_putc(option++);
|
||||
cli_putstr(":\t");
|
||||
cli_putstr(t->name);
|
||||
cli_putstr("\r\n");
|
||||
i++;
|
||||
}
|
||||
}
|
||||
|
||||
void cmacvs_setalgo(char* param){
|
||||
param = strstrip(param);
|
||||
if(param[1]=='\0'){ /* single letter specified */
|
||||
uint8_t i,option = param[0]-'a';
|
||||
|
||||
if(!cmacvs_algolist){
|
||||
cli_putstr("\r\nERROR: cmacvs_algolist not set!");
|
||||
return;
|
||||
}
|
||||
for(i=0; i<=option; ++i){
|
||||
if((cmacvs_algolist[i])==NULL){
|
||||
cli_putstr("\r\nERROR: invalid selection!");
|
||||
return;
|
||||
}
|
||||
}
|
||||
cmacvs_algo=(bcdesc_t*)(cmacvs_algolist[option]);
|
||||
} else { /* name specifyed */
|
||||
bcdesc_t* t=NULL;
|
||||
uint8_t i=0;
|
||||
while((t=(bcdesc_t*)(cmacvs_algolist[i])) &&
|
||||
strcasecmp(param, t->name))
|
||||
++i;
|
||||
if(t){
|
||||
cmacvs_algo=t;
|
||||
}else{
|
||||
cli_putstr("\r\nERROR: could not find \"");
|
||||
cli_putstr(param);
|
||||
cli_putstr("\"!");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
typedef struct {
|
||||
uint16_t buffer_idx;
|
||||
uint16_t buffersize_B;
|
||||
uint32_t blocks;
|
||||
bcal_cmac_ctx_t ctx;
|
||||
uint8_t* buffer;
|
||||
uint8_t in_byte;
|
||||
} cmacvs_ctx_t;
|
||||
|
||||
static cmacvs_ctx_t cmacvs_ctx;
|
||||
|
||||
uint8_t buffer_add(char c){
|
||||
uint8_t v,t;
|
||||
if(cmacvs_ctx.buffer_idx==cmacvs_ctx.buffersize_B){
|
||||
bcal_cmac_nextBlock(&(cmacvs_ctx.ctx), cmacvs_ctx.buffer);
|
||||
++cmacvs_ctx.blocks;
|
||||
cmacvs_ctx.buffer_idx=0;
|
||||
cmacvs_ctx.in_byte=0;
|
||||
cli_putc('.');
|
||||
memset(cmacvs_ctx.buffer, 0, cmacvs_ctx.buffersize_B);
|
||||
}
|
||||
if(c>='0' && c<='9'){
|
||||
v=c-'0';
|
||||
}else{
|
||||
c &= (uint8_t)~('a' ^ 'A');
|
||||
if(c>='A' && c<='F'){
|
||||
v=c-'A'+10;
|
||||
}else{
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
t=cmacvs_ctx.buffer[cmacvs_ctx.buffer_idx];
|
||||
if(cmacvs_ctx.in_byte){
|
||||
t |= v;
|
||||
cmacvs_ctx.buffer[cmacvs_ctx.buffer_idx]=t;
|
||||
cmacvs_ctx.buffer_idx++;
|
||||
cmacvs_ctx.in_byte = 0;
|
||||
}else{
|
||||
t |= v<<4;
|
||||
cmacvs_ctx.buffer[cmacvs_ctx.buffer_idx]=t;
|
||||
cmacvs_ctx.in_byte = 1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
int32_t getValue(char* key){
|
||||
uint32_t val=0;
|
||||
char instr[21];
|
||||
char* str2;
|
||||
for(;;){
|
||||
memset(instr, 0, 21);
|
||||
cli_getsn(instr, 20);
|
||||
str2 = strstrip(instr);
|
||||
if(!strncasecmp(str2, key, strlen(key))){
|
||||
while(*str2 && *str2!='=')
|
||||
str2++;
|
||||
if(*str2=='='){
|
||||
do{
|
||||
str2++;
|
||||
}while(*str2 && !isdigit(*str2));
|
||||
val=(uint32_t)strtoul(str2, NULL, 10);
|
||||
return val;
|
||||
}
|
||||
} else {
|
||||
if(!strncasecmp(str2, "EXIT", 4)){
|
||||
cli_putstr("\r\n got exit ...");
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
}
|
||||
return -2;
|
||||
}
|
||||
|
||||
uint8_t getKey(void* key_buffer, uint8_t klen_B){
|
||||
char c;
|
||||
uint8_t v,i=0;
|
||||
memset(key_buffer, 0x00, klen_B);
|
||||
do{
|
||||
c = cli_getc_cecho();
|
||||
}while((c|('a'^'A'))!='k');
|
||||
do{
|
||||
c = cli_getc_cecho();
|
||||
}while((c|('a'^'A'))!='e');
|
||||
do{
|
||||
c = cli_getc_cecho();
|
||||
}while((c|('a'^'A'))!='y');
|
||||
do{
|
||||
c = cli_getc_cecho();
|
||||
}while(c!='=');
|
||||
klen_B *= 2;
|
||||
while(klen_B){
|
||||
v = 0x10;
|
||||
c = cli_getc_cecho();
|
||||
if(c>='0' && c<='9'){
|
||||
v = c-'0';
|
||||
}else{
|
||||
c |= 'A'^'a';
|
||||
if(c>='a' && c<='f'){
|
||||
v= c-'a'+10;
|
||||
}
|
||||
}
|
||||
if(v<0x10){
|
||||
if((i&1)==0){
|
||||
v<<=4;
|
||||
}
|
||||
((uint8_t*)key_buffer)[i/2] |= v;
|
||||
++i;
|
||||
--klen_B;
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
uint8_t getMac(void* mac_buffer, uint8_t mlen_B){
|
||||
char c;
|
||||
uint8_t v,i=0;
|
||||
memset(mac_buffer, 0x00, mlen_B);
|
||||
do{
|
||||
c = cli_getc_cecho();
|
||||
}while((c|('a'^'A'))!='m');
|
||||
do{
|
||||
c = cli_getc_cecho();
|
||||
}while((c|('a'^'A'))!='a');
|
||||
do{
|
||||
c = cli_getc_cecho();
|
||||
}while((c|('a'^'A'))!='c');
|
||||
do{
|
||||
c = cli_getc_cecho();
|
||||
}while(c!='=');
|
||||
mlen_B *= 2;
|
||||
while(mlen_B){
|
||||
v = 0x10;
|
||||
c = cli_getc_cecho();
|
||||
if(c>='0' && c<='9'){
|
||||
v = c-'0';
|
||||
}else{
|
||||
c |= 'A'^'a';
|
||||
if(c>='a' && c<='f'){
|
||||
v= c-'a'+10;
|
||||
}
|
||||
}
|
||||
if(v<0x10){
|
||||
if((i&1)==0){
|
||||
v<<=4;
|
||||
}
|
||||
((uint8_t*)mac_buffer)[i/2] |= v;
|
||||
++i;
|
||||
--mlen_B;
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
void cmacvs_test1(void){ /* Gen tests */
|
||||
int32_t klen, mlen, tlen;
|
||||
int32_t expect_input=0;
|
||||
|
||||
if(!cmacvs_algo){
|
||||
cli_putstr("\r\nERROR: select algorithm first!");
|
||||
return;
|
||||
}
|
||||
char c;
|
||||
cmacvs_ctx.buffersize_B=(cmacvs_algo->blocksize_b)/8;
|
||||
uint8_t tag[cmacvs_ctx.buffersize_B];
|
||||
uint8_t buffer[cmacvs_ctx.buffersize_B+5];
|
||||
cmacvs_ctx.buffer = buffer;
|
||||
cli_putstr("\r\nbuffer_size = 0x");
|
||||
cli_hexdump_rev(&(cmacvs_ctx.buffersize_B), 2);
|
||||
cli_putstr(" bytes");
|
||||
for(;;){
|
||||
cmacvs_ctx.blocks = 0;
|
||||
memset(buffer, 0, cmacvs_ctx.buffersize_B);
|
||||
klen = getValue("Klen");
|
||||
if(klen<0){
|
||||
return;
|
||||
}
|
||||
mlen = getValue("Mlen");
|
||||
if(mlen<0){
|
||||
return;
|
||||
}
|
||||
tlen = getValue("Tlen");
|
||||
if(tlen<0){
|
||||
return;
|
||||
}
|
||||
uint8_t key_buffer[klen];
|
||||
#if DEBUG
|
||||
cli_putstr("\r\nKLen == ");
|
||||
cli_hexdump_rev(&klen, 4);
|
||||
cli_putstr("\r\nMLen == ");
|
||||
cli_hexdump_rev(&mlen, 4);
|
||||
cli_putstr("\r\nTLen == ");
|
||||
cli_hexdump_rev(&tlen, 4);
|
||||
#endif
|
||||
getKey(key_buffer, klen);
|
||||
if(mlen==0){
|
||||
expect_input=2;
|
||||
}else{
|
||||
expect_input=mlen*2;
|
||||
}
|
||||
#if DEBUG
|
||||
cli_putstr("\r\nexpected_input == ");
|
||||
cli_hexdump_rev(&expect_input, 4);
|
||||
if(expect_input==0)
|
||||
cli_putstr("\r\nexpected_input == 0 !!!");
|
||||
#endif
|
||||
uint8_t ret;
|
||||
#if DEBUG
|
||||
cli_putstr("\r\n CMAC init");
|
||||
cli_putstr("\r\n (2) expected_input == ");
|
||||
cli_hexdump_rev(&expect_input, 4);
|
||||
#endif
|
||||
ret = bcal_cmac_init(cmacvs_algo, key_buffer, klen*8, &(cmacvs_ctx.ctx));
|
||||
if(ret){
|
||||
cli_putstr("\r\n bcal_cmac_init returned with: ");
|
||||
cli_hexdump(&ret, 1);
|
||||
return;
|
||||
}
|
||||
#if DEBUG
|
||||
cli_putstr("\r\n (3) expected_input == ");
|
||||
cli_hexdump_rev(&expect_input, 4);
|
||||
cli_putstr("\r\n");
|
||||
#endif
|
||||
while((c=cli_getc_cecho())!='M' && c!='m'){
|
||||
if(!isspace(c)){
|
||||
cli_putstr("\r\nERROR: wrong input (1) [0x");
|
||||
cli_hexdump(&c, 1);
|
||||
cli_putstr("]!\r\n");
|
||||
bcal_cmac_free(&(cmacvs_ctx.ctx));
|
||||
return;
|
||||
}
|
||||
}
|
||||
if((c=cli_getc_cecho())!='s' && c!='S'){
|
||||
cli_putstr("\r\nERROR: wrong input (2)!\r\n");
|
||||
bcal_cmac_free(&(cmacvs_ctx.ctx));
|
||||
return;
|
||||
}
|
||||
if((c=cli_getc_cecho())!='g' && c!='G'){
|
||||
cli_putstr("\r\nERROR: wrong input (3)!\r\n");
|
||||
bcal_cmac_free(&(cmacvs_ctx.ctx));
|
||||
return;
|
||||
}
|
||||
while((c=cli_getc_cecho())!='='){
|
||||
if(!isspace(c)){
|
||||
cli_putstr("\r\nERROR: wrong input (4)!\r\n");
|
||||
bcal_cmac_free(&(cmacvs_ctx.ctx));
|
||||
return;
|
||||
}
|
||||
}
|
||||
#if DEBUG
|
||||
cli_putstr("\r\nparsing started");
|
||||
#endif
|
||||
cmacvs_ctx.buffer_idx = 0;
|
||||
cmacvs_ctx.in_byte = 0;
|
||||
cmacvs_ctx.blocks = 0;
|
||||
while(expect_input>0){
|
||||
c=cli_getc_cecho();
|
||||
#if DEBUG
|
||||
cli_putstr("\r\n\t(");
|
||||
cli_hexdump_rev(&expect_input, 4);
|
||||
cli_putstr(") ");
|
||||
_delay_ms(500);
|
||||
#endif
|
||||
if(buffer_add(c)==0){
|
||||
--expect_input;
|
||||
}else{
|
||||
if(!isblank((uint16_t)c)){
|
||||
cli_putstr("\r\nERROR: wrong input (5) (");
|
||||
cli_putc(c);
|
||||
cli_putstr(")!\r\n");
|
||||
bcal_cmac_free(&(cmacvs_ctx.ctx));
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
#if DEBUG
|
||||
cli_putstr("\r\nBuffer-A:");
|
||||
cli_hexdump_block(buffer, cmacvs_ctx.buffersize_B, 5, 8);
|
||||
|
||||
cli_putstr("\r\n starting finalisation");
|
||||
cli_putstr("\r\n\tblocks == ");
|
||||
cli_hexdump_rev(&(cmacvs_ctx.blocks),4);
|
||||
cli_putstr("\r\n\tbuffer_idx == ");
|
||||
cli_hexdump_rev(&(cmacvs_ctx.buffer_idx),2);
|
||||
cli_putstr("\r\n\tin_byte == ");
|
||||
cli_hexdump_rev(&(cmacvs_ctx.in_byte),1);
|
||||
// _delay_ms(500);
|
||||
|
||||
cli_putstr("\r\n starting last block");
|
||||
cli_putstr("\r\n\tlength == ");
|
||||
cli_hexdump_rev(&mlen,4);
|
||||
cli_putstr("\r\n\tbuffersize_B == ");
|
||||
cli_hexdump_rev(&(cmacvs_ctx.buffersize_B),2);
|
||||
uint16_t temp=(mlen-cmacvs_ctx.blocks*cmacvs_ctx.buffersize_B)*8;
|
||||
cli_putstr("\r\n\t (temp) == ");
|
||||
cli_hexdump_rev(&temp,2);
|
||||
// _delay_ms(500);
|
||||
#endif
|
||||
uint16_t temp=(mlen-cmacvs_ctx.blocks*cmacvs_ctx.buffersize_B)*8;
|
||||
bcal_cmac_lastBlock( &(cmacvs_ctx.ctx), buffer, /* be aware of freaking compilers!!! */
|
||||
// length-(cmacvs_ctx.blocks)*((cmacvs_ctx.buffersize_B)*8));
|
||||
temp );
|
||||
#if DEBUG
|
||||
cli_putstr("\r\n starting ctx2cmac");
|
||||
_delay_ms(500);
|
||||
#endif
|
||||
bcal_cmac_ctx2mac(tag, tlen*8, &(cmacvs_ctx.ctx));
|
||||
#if DEBUG
|
||||
cli_putstr("\r\n starting cmac free");
|
||||
#endif
|
||||
bcal_cmac_free(&(cmacvs_ctx.ctx));
|
||||
cli_putstr("\r\n Mac = ");
|
||||
cli_hexdump(tag, tlen);
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
void cmacvs_test2(void){ /* Ver tests */
|
||||
int32_t klen, mlen, tlen;
|
||||
int32_t expect_input=0;
|
||||
|
||||
if(!cmacvs_algo){
|
||||
cli_putstr("\r\nERROR: select algorithm first!");
|
||||
return;
|
||||
}
|
||||
char c;
|
||||
cmacvs_ctx.buffersize_B=(cmacvs_algo->blocksize_b)/8;
|
||||
uint8_t tag[cmacvs_ctx.buffersize_B];
|
||||
uint8_t tag_ref[cmacvs_ctx.buffersize_B];
|
||||
uint8_t buffer[cmacvs_ctx.buffersize_B+5];
|
||||
cmacvs_ctx.buffer = buffer;
|
||||
cli_putstr("\r\nbuffer_size = 0x");
|
||||
cli_hexdump_rev(&(cmacvs_ctx.buffersize_B), 2);
|
||||
cli_putstr(" bytes");
|
||||
for(;;){
|
||||
cmacvs_ctx.blocks = 0;
|
||||
memset(buffer, 0, cmacvs_ctx.buffersize_B);
|
||||
klen = getValue("Klen");
|
||||
if(klen<0){
|
||||
return;
|
||||
}
|
||||
mlen = getValue("Mlen");
|
||||
if(mlen<0){
|
||||
return;
|
||||
}
|
||||
tlen = getValue("Tlen");
|
||||
if(tlen<0){
|
||||
return;
|
||||
}
|
||||
uint8_t key_buffer[klen];
|
||||
#if DEBUG
|
||||
cli_putstr("\r\nKLen == ");
|
||||
cli_hexdump_rev(&klen, 4);
|
||||
cli_putstr("\r\nMLen == ");
|
||||
cli_hexdump_rev(&mlen, 4);
|
||||
cli_putstr("\r\nTLen == ");
|
||||
cli_hexdump_rev(&tlen, 4);
|
||||
#endif
|
||||
getKey(key_buffer, klen);
|
||||
if(mlen==0){
|
||||
expect_input=2;
|
||||
}else{
|
||||
expect_input=mlen*2;
|
||||
}
|
||||
#if DEBUG
|
||||
cli_putstr("\r\nexpected_input == ");
|
||||
cli_hexdump_rev(&expect_input, 4);
|
||||
if(expect_input==0)
|
||||
cli_putstr("\r\nexpected_input == 0 !!!");
|
||||
#endif
|
||||
uint8_t ret;
|
||||
#if DEBUG
|
||||
cli_putstr("\r\n CMAC init");
|
||||
cli_putstr("\r\n (2) expected_input == ");
|
||||
cli_hexdump_rev(&expect_input, 4);
|
||||
#endif
|
||||
ret = bcal_cmac_init(cmacvs_algo, key_buffer, klen*8, &(cmacvs_ctx.ctx));
|
||||
if(ret){
|
||||
cli_putstr("\r\n bcal_cmac_init returned with: ");
|
||||
cli_hexdump(&ret, 1);
|
||||
return;
|
||||
}
|
||||
#if DEBUG
|
||||
cli_putstr("\r\n (3) expected_input == ");
|
||||
cli_hexdump_rev(&expect_input, 4);
|
||||
cli_putstr("\r\n");
|
||||
#endif
|
||||
while((c=cli_getc_cecho())!='M' && c!='m'){
|
||||
if(!isspace(c)){
|
||||
cli_putstr("\r\nERROR: wrong input (1) [0x");
|
||||
cli_hexdump(&c, 1);
|
||||
cli_putstr("]!\r\n");
|
||||
bcal_cmac_free(&(cmacvs_ctx.ctx));
|
||||
return;
|
||||
}
|
||||
}
|
||||
if((c=cli_getc_cecho())!='s' && c!='S'){
|
||||
cli_putstr("\r\nERROR: wrong input (2)!\r\n");
|
||||
bcal_cmac_free(&(cmacvs_ctx.ctx));
|
||||
return;
|
||||
}
|
||||
if((c=cli_getc_cecho())!='g' && c!='G'){
|
||||
cli_putstr("\r\nERROR: wrong input (3)!\r\n");
|
||||
bcal_cmac_free(&(cmacvs_ctx.ctx));
|
||||
return;
|
||||
}
|
||||
while((c=cli_getc_cecho())!='='){
|
||||
if(!isspace(c)){
|
||||
cli_putstr("\r\nERROR: wrong input (4)!\r\n");
|
||||
bcal_cmac_free(&(cmacvs_ctx.ctx));
|
||||
return;
|
||||
}
|
||||
}
|
||||
#if DEBUG
|
||||
cli_putstr("\r\nparsing started");
|
||||
#endif
|
||||
cmacvs_ctx.buffer_idx = 0;
|
||||
cmacvs_ctx.in_byte = 0;
|
||||
cmacvs_ctx.blocks = 0;
|
||||
while(expect_input>0){
|
||||
c=cli_getc_cecho();
|
||||
#if DEBUG
|
||||
cli_putstr("\r\n\t(");
|
||||
cli_hexdump_rev(&expect_input, 4);
|
||||
cli_putstr(") ");
|
||||
_delay_ms(500);
|
||||
#endif
|
||||
if(buffer_add(c)==0){
|
||||
--expect_input;
|
||||
}else{
|
||||
if(!isblank((uint16_t)c)){
|
||||
cli_putstr("\r\nERROR: wrong input (5) (");
|
||||
cli_putc(c);
|
||||
cli_putstr(")!\r\n");
|
||||
bcal_cmac_free(&(cmacvs_ctx.ctx));
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
#if DEBUG
|
||||
cli_putstr("\r\nBuffer-A:");
|
||||
cli_hexdump_block(buffer, cmacvs_ctx.buffersize_B, 5, 8);
|
||||
|
||||
cli_putstr("\r\n starting finalisation");
|
||||
cli_putstr("\r\n\tblocks == ");
|
||||
cli_hexdump_rev(&(cmacvs_ctx.blocks),4);
|
||||
cli_putstr("\r\n\tbuffer_idx == ");
|
||||
cli_hexdump_rev(&(cmacvs_ctx.buffer_idx),2);
|
||||
cli_putstr("\r\n\tin_byte == ");
|
||||
cli_hexdump_rev(&(cmacvs_ctx.in_byte),1);
|
||||
// _delay_ms(500);
|
||||
|
||||
cli_putstr("\r\n starting last block");
|
||||
cli_putstr("\r\n\tlength == ");
|
||||
cli_hexdump_rev(&mlen,4);
|
||||
cli_putstr("\r\n\tbuffersize_B == ");
|
||||
cli_hexdump_rev(&(cmacvs_ctx.buffersize_B),2);
|
||||
uint16_t temp=(mlen-cmacvs_ctx.blocks*cmacvs_ctx.buffersize_B)*8;
|
||||
cli_putstr("\r\n\t (temp) == ");
|
||||
cli_hexdump_rev(&temp,2);
|
||||
// _delay_ms(500);
|
||||
#endif
|
||||
uint16_t temp=(mlen-cmacvs_ctx.blocks*cmacvs_ctx.buffersize_B)*8;
|
||||
bcal_cmac_lastBlock( &(cmacvs_ctx.ctx), buffer, /* be aware of freaking compilers!!! */
|
||||
// length-(cmacvs_ctx.blocks)*((cmacvs_ctx.buffersize_B)*8));
|
||||
temp );
|
||||
#if DEBUG
|
||||
cli_putstr("\r\n starting ctx2cmac");
|
||||
_delay_ms(500);
|
||||
#endif
|
||||
bcal_cmac_ctx2mac(tag, tlen*8, &(cmacvs_ctx.ctx));
|
||||
#if DEBUG
|
||||
cli_putstr("\r\n starting cmac free");
|
||||
#endif
|
||||
bcal_cmac_free(&(cmacvs_ctx.ctx));
|
||||
cli_putstr("\r\n Mac = ");
|
||||
cli_hexdump(tag, tlen);
|
||||
getMac(tag_ref, tlen);
|
||||
if(memcmp(tag, tag_ref, tlen)){
|
||||
cli_putstr("\r\n Result = F");
|
||||
}else{
|
||||
cli_putstr("\r\n Result = P");
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,42 @@
|
|||
/* cmacvs.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file cmacvs.h
|
||||
* \author Daniel Otte
|
||||
* \date 2010-02-02
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef CMACVS_H_
|
||||
#define CMACVS_H_
|
||||
|
||||
#include <stdlib.h>
|
||||
#include "blockcipher_descriptor.h"
|
||||
|
||||
extern bcdesc_t* cmacvs_algo;
|
||||
extern bcdesc_t** cmacvs_algolist;
|
||||
|
||||
void cmacvs_listalgos(void);
|
||||
void cmacvs_setalgo(char* param);
|
||||
void cmacvs_test1(void);
|
||||
void cmacvs_test2(void);
|
||||
|
||||
|
||||
#endif /* CMACVS_H_ */
|
|
@ -0,0 +1,735 @@
|
|||
/* main-aes-test.c */
|
||||
/*
|
||||
This file is part of the ARM-Crypto-Lib.
|
||||
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/*
|
||||
* AES test-suit
|
||||
*
|
||||
*/
|
||||
#include <stdint.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include "config.h"
|
||||
#include "cli.h"
|
||||
#include "dump.h"
|
||||
#include "uart_lowlevel.h"
|
||||
#include "sysclock.h"
|
||||
#include "hw_gptm.h"
|
||||
|
||||
#include "aes/aes.h"
|
||||
|
||||
#include "nessie_bc_test.h"
|
||||
#include "performance_test.h"
|
||||
|
||||
#include "bcal_aes128.h"
|
||||
#include "bcal_aes192.h"
|
||||
#include "bcal_aes256.h"
|
||||
#include "bcal-cbc.h"
|
||||
#include "bcal-cfb_byte.h"
|
||||
#include "bcal-cfb_bit.h"
|
||||
#include "bcal-ofb.h"
|
||||
#include "bcal-ctr.h"
|
||||
#include "bcal-cmac.h"
|
||||
#include "bcal-eax.h"
|
||||
#include "cmacvs.h"
|
||||
#include "bcal-performance.h"
|
||||
|
||||
|
||||
char* algo_name = "AES";
|
||||
|
||||
void uart0_putc(char byte){
|
||||
uart_putc(UART_0, byte);
|
||||
}
|
||||
|
||||
char uart0_getc(void){
|
||||
return uart_getc(UART_0);
|
||||
}
|
||||
|
||||
const bcdesc_t* algolist[] = {
|
||||
(bcdesc_t*)&aes128_desc,
|
||||
(bcdesc_t*)&aes192_desc,
|
||||
(bcdesc_t*)&aes256_desc,
|
||||
NULL
|
||||
};
|
||||
|
||||
/*****************************************************************************
|
||||
* additional validation-functions *
|
||||
*****************************************************************************/
|
||||
|
||||
void testrun_nessie_aes(void){
|
||||
nessie_bc_ctx.blocksize_B = 16;
|
||||
nessie_bc_ctx.keysize_b = 128;
|
||||
nessie_bc_ctx.name = algo_name;
|
||||
nessie_bc_ctx.ctx_size_B = sizeof(aes128_ctx_t);
|
||||
nessie_bc_ctx.cipher_enc = (nessie_bc_enc_fpt)aes128_enc;
|
||||
nessie_bc_ctx.cipher_dec = (nessie_bc_dec_fpt)aes128_dec;
|
||||
nessie_bc_ctx.cipher_genctx = (nessie_bc_gen_fpt)aes_init;
|
||||
nessie_bc_run();
|
||||
|
||||
nessie_bc_ctx.keysize_b = 192;
|
||||
nessie_bc_ctx.ctx_size_B = sizeof(aes192_ctx_t);
|
||||
nessie_bc_ctx.cipher_enc = (nessie_bc_enc_fpt)aes192_enc;
|
||||
nessie_bc_ctx.cipher_dec = (nessie_bc_dec_fpt)aes192_dec;
|
||||
nessie_bc_run();
|
||||
|
||||
nessie_bc_ctx.keysize_b = 256;
|
||||
nessie_bc_ctx.ctx_size_B = sizeof(aes256_ctx_t);
|
||||
nessie_bc_ctx.cipher_enc = (nessie_bc_enc_fpt)aes256_enc;
|
||||
nessie_bc_ctx.cipher_dec = (nessie_bc_dec_fpt)aes256_dec;
|
||||
nessie_bc_run();
|
||||
}
|
||||
|
||||
void testrun_test_aes(void){
|
||||
uint8_t key[16] = { 0x2b, 0x7e, 0x15, 0x16,
|
||||
0x28, 0xae, 0xd2, 0xa6,
|
||||
0xab, 0xf7, 0x15, 0x88,
|
||||
0x09, 0xcf, 0x4f, 0x3c };
|
||||
uint8_t data[16] = { 0x32, 0x43, 0xf6, 0xa8,
|
||||
0x88, 0x5a, 0x30, 0x8d,
|
||||
0x31, 0x31, 0x98, 0xa2,
|
||||
0xe0, 0x37, 0x07, 0x34 };
|
||||
aes128_ctx_t ctx;
|
||||
aes128_init(key, &ctx);
|
||||
cli_putstr("\r\n\r\n cipher test (FIPS 197):\r\n key: ");
|
||||
cli_hexdump(key, 16);
|
||||
cli_putstr("\r\n plaintext: ");
|
||||
cli_hexdump(data, 16);
|
||||
aes128_enc(data, &ctx);
|
||||
cli_putstr("\r\n ciphertext: ");
|
||||
cli_hexdump(data, 16);
|
||||
aes128_dec(data, &ctx);
|
||||
cli_putstr("\r\n plaintext: ");
|
||||
cli_hexdump(data, 16);
|
||||
cli_putstr("\r\n testing bcal:");
|
||||
bcgen_ctx_t bcal_ctx;
|
||||
uint8_t r;
|
||||
r = bcal_cipher_init(&aes128_desc, key, 128, &bcal_ctx);
|
||||
cli_putstr("\r\n init = 0x");
|
||||
cli_hexdump(&r, 1);
|
||||
|
||||
bcal_cipher_enc(data, &bcal_ctx);
|
||||
cli_putstr("\r\n ciphertext: ");
|
||||
cli_hexdump(data, 16);
|
||||
bcal_cipher_dec(data, &bcal_ctx);
|
||||
cli_putstr("\r\n plaintext: ");
|
||||
cli_hexdump(data, 16);
|
||||
bcal_cipher_free(&bcal_ctx);
|
||||
}
|
||||
|
||||
void testrun_testkey_aes128(void){
|
||||
uint8_t key[16] = { 0x2b, 0x7e, 0x15, 0x16,
|
||||
0x28, 0xae, 0xd2, 0xa6,
|
||||
0xab, 0xf7, 0x15, 0x88,
|
||||
0x09, 0xcf, 0x4f, 0x3c};
|
||||
aes128_ctx_t ctx;
|
||||
uint8_t i;
|
||||
aes128_init(key, &ctx);
|
||||
cli_putstr("\r\n\r\n keyschedule test (FIPS 197):\r\n key: ");
|
||||
cli_hexdump(key, 16);
|
||||
for(i=0; i<11; ++i){
|
||||
cli_putstr("\r\n index: ");
|
||||
cli_putc('0'+i/10);
|
||||
cli_putc('0'+i%10);
|
||||
cli_putstr(" roundkey ");
|
||||
cli_hexdump(ctx.key[i].ks, 16);
|
||||
}
|
||||
}
|
||||
|
||||
void testrun_testkey_aes192(void){
|
||||
uint8_t key[24] = { 0x8e, 0x73, 0xb0, 0xf7,
|
||||
0xda, 0x0e, 0x64, 0x52,
|
||||
0xc8, 0x10, 0xf3, 0x2b,
|
||||
0x80, 0x90, 0x79, 0xe5,
|
||||
0x62, 0xf8, 0xea, 0xd2,
|
||||
0x52, 0x2c, 0x6b, 0x7b};
|
||||
aes192_ctx_t ctx;
|
||||
uint8_t i;
|
||||
memset(&ctx, 0, sizeof(aes192_ctx_t));
|
||||
aes192_init(key, &ctx);
|
||||
cli_putstr("\r\n\r\n keyschedule test (FIPS 197):\r\n key: ");
|
||||
cli_hexdump(key, 24);
|
||||
for(i=0; i<13; ++i){
|
||||
cli_putstr("\r\n index: ");
|
||||
cli_putc('0'+i/10);
|
||||
cli_putc('0'+i%10);
|
||||
cli_putstr(" roundkey ");
|
||||
cli_hexdump(ctx.key[i].ks, 16);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
void testrun_testkey_aes256(void){
|
||||
uint8_t key[32] = { 0x60, 0x3d, 0xeb, 0x10,
|
||||
0x15, 0xca, 0x71, 0xbe,
|
||||
0x2b, 0x73, 0xae, 0xf0,
|
||||
0x85, 0x7d, 0x77, 0x81,
|
||||
0x1f, 0x35, 0x2c, 0x07,
|
||||
0x3b, 0x61, 0x08, 0xd7,
|
||||
0x2d, 0x98, 0x10, 0xa3,
|
||||
0x09, 0x14, 0xdf, 0xf4};
|
||||
aes256_ctx_t ctx;
|
||||
uint8_t i;
|
||||
memset(&ctx, 0, sizeof(aes256_ctx_t));
|
||||
aes256_init(key, &ctx);
|
||||
cli_putstr("\r\n\r\n keyschedule test (FIPS 197):\r\n key: ");
|
||||
cli_hexdump(key, 32);
|
||||
for(i=0; i<15; ++i){
|
||||
cli_putstr("\r\n index: ");
|
||||
cli_putc('0'+i/10);
|
||||
cli_putc('0'+i%10);
|
||||
cli_putstr(" roundkey ");
|
||||
cli_hexdump(ctx.key[i].ks, 16);
|
||||
}
|
||||
}
|
||||
|
||||
void testrun_testkey_aes(void){
|
||||
testrun_testkey_aes128();
|
||||
testrun_testkey_aes192();
|
||||
testrun_testkey_aes256();
|
||||
}
|
||||
|
||||
const uint8_t modes_key[] = {
|
||||
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
|
||||
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
|
||||
0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
|
||||
0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
|
||||
};
|
||||
const uint8_t modes_iv[] = {
|
||||
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
|
||||
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
|
||||
};
|
||||
|
||||
const uint8_t modes_ctriv[] = {
|
||||
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
|
||||
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
|
||||
};
|
||||
|
||||
const uint8_t modes_plain[] = {
|
||||
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
|
||||
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
|
||||
/* --- */
|
||||
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
|
||||
0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
|
||||
/* --- */
|
||||
0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
|
||||
0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
|
||||
/* --- */
|
||||
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
|
||||
0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
|
||||
};
|
||||
|
||||
|
||||
void testrun_aes128_cbc(void){
|
||||
uint8_t key[16];
|
||||
uint8_t iv[16];
|
||||
uint8_t plain[64];
|
||||
|
||||
bcal_cbc_ctx_t ctx;
|
||||
uint8_t r;
|
||||
|
||||
memcpy(key, modes_key, 16);
|
||||
memcpy(iv, modes_iv, 16);
|
||||
memcpy(plain, modes_plain, 64);
|
||||
|
||||
cli_putstr("\r\n** AES128-CBC-TEST **");
|
||||
r = bcal_cbc_init(&aes128_desc, key, 128, &ctx);
|
||||
cli_putstr("\r\n init = 0x");
|
||||
cli_hexdump(&r, 1);
|
||||
cli_putstr("\r\n key: ");
|
||||
cli_hexdump(key, 128/8);
|
||||
cli_putstr("\r\n IV: ");
|
||||
cli_hexdump(iv, 128/8);
|
||||
cli_putstr("\r\n plaintext:");
|
||||
cli_hexdump_block(plain, 4*128/8, 4, 16);
|
||||
if(r)
|
||||
return;
|
||||
bcal_cbc_encMsg(iv, plain, 4, &ctx);
|
||||
cli_putstr("\r\n ciphertext: ");
|
||||
cli_hexdump_block(plain, 4*128/8, 4, 16);
|
||||
bcal_cbc_decMsg(iv, plain, 4, &ctx);
|
||||
cli_putstr("\r\n plaintext: ");
|
||||
cli_hexdump_block(plain, 4*128/8, 4, 16);
|
||||
bcal_cbc_free(&ctx);
|
||||
}
|
||||
|
||||
void testrun_aes128_cfb8(void){
|
||||
uint8_t key[16];
|
||||
uint8_t iv[16];
|
||||
uint8_t plain[64];
|
||||
|
||||
bcal_cfb_B_ctx_t ctx;
|
||||
uint8_t r;
|
||||
|
||||
memcpy(key, modes_key, 16);
|
||||
memcpy(iv, modes_iv, 16);
|
||||
memcpy(plain, modes_plain, 64);
|
||||
|
||||
cli_putstr("\r\n** AES128-CFB8-TEST **");
|
||||
r = bcal_cfb_B_init(&aes128_desc, key, 128, 8, &ctx);
|
||||
cli_putstr("\r\n init = 0x");
|
||||
cli_hexdump(&r, 1);
|
||||
cli_putstr("\r\n key: ");
|
||||
cli_hexdump(key, 128/8);
|
||||
cli_putstr("\r\n IV: ");
|
||||
cli_hexdump(iv, 128/8);
|
||||
cli_putstr("\r\n plaintext:");
|
||||
cli_hexdump_block(plain, 4*128/8, 4, 16);
|
||||
if(r)
|
||||
return;
|
||||
bcal_cfb_B_encMsg(iv, plain, 64, &ctx);
|
||||
cli_putstr("\r\n ciphertext: ");
|
||||
cli_hexdump_block(plain, 64, 4, 16);
|
||||
|
||||
bcal_cfb_B_decMsg(iv, plain, 64, &ctx);
|
||||
cli_putstr("\r\n plaintext: ");
|
||||
cli_hexdump_block(plain, 64, 4, 16);
|
||||
|
||||
bcal_cfb_B_free(&ctx);
|
||||
|
||||
}
|
||||
|
||||
void testrun_aes128_cfb1(void){
|
||||
uint8_t key[16];
|
||||
uint8_t iv[16];
|
||||
uint8_t plain[64];
|
||||
|
||||
bcal_cfb_b_ctx_t ctx;
|
||||
uint8_t r;
|
||||
|
||||
memcpy(key, modes_key, 16);
|
||||
memcpy(iv, modes_iv, 16);
|
||||
memcpy(plain, modes_plain, 64);
|
||||
|
||||
cli_putstr("\r\n** AES128-CFB1-TEST **");
|
||||
r = bcal_cfb_b_init(&aes128_desc, key, 128, 1, &ctx);
|
||||
cli_putstr("\r\n init = 0x");
|
||||
cli_hexdump(&r, 1);
|
||||
cli_putstr("\r\n key: ");
|
||||
cli_hexdump(key, 128/8);
|
||||
cli_putstr("\r\n IV: ");
|
||||
cli_hexdump(iv, 128/8);
|
||||
cli_putstr("\r\n plaintext:");
|
||||
cli_hexdump_block(plain, 2, 4, 16);
|
||||
if(r)
|
||||
return;
|
||||
uint8_t i, bit_offset, byte_offset;
|
||||
bcal_cfb_b_loadIV(iv, &ctx);
|
||||
for(i=0; i<16; ++i){
|
||||
byte_offset = i/8;
|
||||
bit_offset = i&7;
|
||||
cli_putstr("\r\n plain bit: ");
|
||||
cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
|
||||
bcal_cfb_b_encNext(plain+byte_offset, bit_offset, &ctx);
|
||||
cli_putstr("\r\n cipher bit: ");
|
||||
cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
|
||||
}
|
||||
cli_putstr("\r\n ciphertext: ");
|
||||
cli_hexdump_block(plain, 2, 4, 16);
|
||||
|
||||
bcal_cfb_b_loadIV(iv, &ctx);
|
||||
for(i=0; i<16; ++i){
|
||||
byte_offset = i/8;
|
||||
bit_offset = i&7;
|
||||
cli_putstr("\r\n plain bit: ");
|
||||
cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
|
||||
bcal_cfb_b_decNext(plain+byte_offset, bit_offset, &ctx);
|
||||
cli_putstr("\r\n cipher bit: ");
|
||||
cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
|
||||
}
|
||||
cli_putstr("\r\n plaintext: ");
|
||||
cli_hexdump_block(plain, 2, 4, 16);
|
||||
|
||||
|
||||
bcal_cfb_b_encMsg(iv, plain, 0, 64*8, &ctx);
|
||||
cli_putstr("\r\n ciphertext: ");
|
||||
cli_hexdump_block(plain, 64, 4, 16);
|
||||
|
||||
bcal_cfb_b_decMsg(iv, plain, 0, 64*8, &ctx);
|
||||
cli_putstr("\r\n plaintext: ");
|
||||
cli_hexdump_block(plain, 64, 4, 16);
|
||||
|
||||
bcal_cfb_b_free(&ctx);
|
||||
}
|
||||
|
||||
void testrun_aes128_ofb(void){
|
||||
uint8_t key[16];
|
||||
uint8_t iv[16];
|
||||
uint8_t plain[64];
|
||||
|
||||
bcal_ofb_ctx_t ctx;
|
||||
uint8_t r;
|
||||
|
||||
memcpy(key, modes_key, 16);
|
||||
memcpy(iv, modes_iv, 16);
|
||||
memcpy(plain, modes_plain, 64);
|
||||
|
||||
cli_putstr("\r\n** AES128-OFB-TEST **");
|
||||
r = bcal_ofb_init(&aes128_desc, key, 128, &ctx);
|
||||
cli_putstr("\r\n init = 0x");
|
||||
cli_hexdump(&r, 1);
|
||||
cli_putstr("\r\n key: ");
|
||||
cli_hexdump(key, 128/8);
|
||||
cli_putstr("\r\n IV: ");
|
||||
cli_hexdump(iv, 128/8);
|
||||
cli_putstr("\r\n plaintext:");
|
||||
cli_hexdump_block(plain, 4*128/8, 4, 16);
|
||||
if(r)
|
||||
return;
|
||||
bcal_ofb_encMsg(iv, plain, 4*128, &ctx);
|
||||
cli_putstr("\r\n ciphertext: ");
|
||||
cli_hexdump_block(plain, 4*128/8, 4, 16);
|
||||
bcal_ofb_decMsg(iv, plain, 4*128, &ctx);
|
||||
cli_putstr("\r\n plaintext: ");
|
||||
cli_hexdump_block(plain, 4*128/8, 4, 16);
|
||||
bcal_ofb_free(&ctx);
|
||||
}
|
||||
|
||||
void testrun_aes128_ctr(void){
|
||||
uint8_t key[16];
|
||||
uint8_t iv[16];
|
||||
uint8_t plain[64];
|
||||
|
||||
bcal_ctr_ctx_t ctx;
|
||||
uint8_t r;
|
||||
|
||||
memcpy(key, modes_key, 16);
|
||||
memcpy(iv, modes_ctriv, 16);
|
||||
memcpy(plain, modes_plain, 64);
|
||||
|
||||
cli_putstr("\r\n** AES128-CTR-TEST **");
|
||||
r = bcal_ctr_init(&aes128_desc, key, 128, NULL, &ctx);
|
||||
cli_putstr("\r\n init = 0x");
|
||||
cli_hexdump(&r, 1);
|
||||
cli_putstr("\r\n key: ");
|
||||
cli_hexdump(key, 128/8);
|
||||
cli_putstr("\r\n IV: ");
|
||||
cli_hexdump(iv, 128/8);
|
||||
cli_putstr("\r\n plaintext:");
|
||||
cli_hexdump_block(plain, 4*128/8, 4, 16);
|
||||
if(r)
|
||||
return;
|
||||
bcal_ctr_encMsg(iv, plain, 4*128, &ctx);
|
||||
cli_putstr("\r\n ciphertext: ");
|
||||
cli_hexdump_block(plain, 4*128/8, 4, 16);
|
||||
bcal_ctr_decMsg(iv, plain, 4*128, &ctx);
|
||||
cli_putstr("\r\n plaintext: ");
|
||||
cli_hexdump_block(plain, 4*128/8, 4, 16);
|
||||
bcal_ctr_free(&ctx);
|
||||
}
|
||||
|
||||
void testrun_aes128_cmac(void){
|
||||
uint8_t key[16];
|
||||
uint8_t tag[16];
|
||||
uint8_t plain[64];
|
||||
uint16_t length[] = { 0, 128, 320, 512 };
|
||||
bcal_cmac_ctx_t ctx;
|
||||
uint8_t r,i;
|
||||
|
||||
memcpy(key, modes_key, 16);
|
||||
memcpy(plain, modes_plain, 64);
|
||||
|
||||
cli_putstr("\r\n** AES128-CMAC-TEST **");
|
||||
|
||||
cli_putstr("\r\n key: ");
|
||||
cli_hexdump(key, 128/8);
|
||||
for(i=0; i<4; ++i){
|
||||
r = bcal_cmac_init(&aes128_desc, key, 128, &ctx);
|
||||
cli_putstr("\r\n init = 0x");
|
||||
cli_hexdump(&r, 1);
|
||||
cli_putstr("\r\n message: ");
|
||||
cli_hexdump_block(plain, length[i]/8, 4, 16);
|
||||
if(r)
|
||||
return;
|
||||
bcal_cmac(tag, 128, plain, length[i], &ctx);
|
||||
cli_putstr("\r\n tag: ");
|
||||
cli_hexdump_block(tag, 128/8, 4, 16);
|
||||
bcal_cmac_free(&ctx);
|
||||
}
|
||||
}
|
||||
/*
|
||||
Klen = 16
|
||||
Mlen = 18
|
||||
Tlen = 2
|
||||
Key = 3250974e306b4b678f914b514d1e90f6
|
||||
Msg = cf132fd4ebc25fd3866f1a95a6193a1a9cdf
|
||||
*/
|
||||
void testrun_aes128_cmac72(void){
|
||||
uint8_t key[16]= {
|
||||
0x32, 0x50, 0x97, 0x4e, 0x30, 0x6b, 0x4b, 0x67,
|
||||
0x8f, 0x91, 0x4b, 0x51, 0x4d, 0x1e, 0x90, 0xf6
|
||||
};
|
||||
uint8_t tag[2];
|
||||
uint8_t plain[18] = {
|
||||
0xcf, 0x13, 0x2f, 0xd4, 0xeb, 0xc2, 0x5f, 0xd3,
|
||||
0x86, 0x6f, 0x1a, 0x95, 0xa6, 0x19, 0x3a, 0x1a,
|
||||
0x9c, 0xdf,
|
||||
};
|
||||
bcal_cmac_ctx_t ctx;
|
||||
uint8_t r;
|
||||
|
||||
|
||||
cli_putstr("\r\n** AES128-CMAC-72-TEST **");
|
||||
|
||||
cli_putstr("\r\n key: ");
|
||||
cli_hexdump(key, 128/8);
|
||||
r = bcal_cmac_init(&aes128_desc, key, 128, &ctx);
|
||||
cli_putstr("\r\n init = 0x");
|
||||
cli_hexdump(&r, 1);
|
||||
cli_putstr("\r\n message: ");
|
||||
cli_hexdump_block(plain, 18, 4, 16);
|
||||
if(r)
|
||||
return;
|
||||
bcal_cmac(tag, 16, plain, 18*8, &ctx);
|
||||
cli_putstr("\r\n tag: ");
|
||||
cli_hexdump_block(tag, 2, 4, 16);
|
||||
bcal_cmac_free(&ctx);
|
||||
}
|
||||
/*
|
||||
Count = 0
|
||||
Klen = 24
|
||||
Mlen = 0
|
||||
Tlen = 2
|
||||
Key = 2b2aaa666be161ed16648e862ac9bd1e317f71bc69e268b5
|
||||
Msg = 00
|
||||
*/
|
||||
void testrun_aes192_cmac0(void){
|
||||
uint8_t key[24]= {
|
||||
0x2b, 0x2a, 0xaa, 0x66, 0x6b, 0xe1, 0x61, 0xed,
|
||||
0x16, 0x64, 0x8e, 0x86, 0x2a, 0xc9, 0xbd, 0x1e,
|
||||
0x31, 0x7f, 0x71, 0xbc, 0x69, 0xe2, 0x68, 0xb5
|
||||
};
|
||||
uint8_t tag[2];
|
||||
uint8_t plain[1] = {
|
||||
0x00
|
||||
};
|
||||
bcal_cmac_ctx_t ctx;
|
||||
uint8_t r;
|
||||
|
||||
|
||||
cli_putstr("\r\n** AES192-CMAC-0-TEST **");
|
||||
|
||||
cli_putstr("\r\n key: ");
|
||||
cli_hexdump(key, 192/8);
|
||||
r = bcal_cmac_init(&aes192_desc, key, 192, &ctx);
|
||||
cli_putstr("\r\n init = 0x");
|
||||
cli_hexdump(&r, 1);
|
||||
if(r)
|
||||
return;
|
||||
bcal_cmac(tag, 16, plain, 0*8, &ctx);
|
||||
cli_putstr("\r\n tag: ");
|
||||
cli_hexdump_block(tag, 2, 4, 16);
|
||||
bcal_cmac_free(&ctx);
|
||||
}
|
||||
|
||||
const uint8_t eax_msg[] = {
|
||||
0xF7, 0xFB,
|
||||
0x1A, 0x47, 0xCB, 0x49, 0x33,
|
||||
0x48, 0x1C, 0x9E, 0x39, 0xB1,
|
||||
0x40, 0xD0, 0xC0, 0x7D, 0xA5, 0xE4,
|
||||
0x4D, 0xE3, 0xB3, 0x5C, 0x3F, 0xC0, 0x39, 0x24, 0x5B, 0xD1, 0xFB, 0x7D,
|
||||
0x8B, 0x0A, 0x79, 0x30, 0x6C, 0x9C, 0xE7, 0xED, 0x99, 0xDA, 0xE4, 0xF8, 0x7F, 0x8D, 0xD6, 0x16, 0x36,
|
||||
0x1B, 0xDA, 0x12, 0x2B, 0xCE, 0x8A, 0x8D, 0xBA, 0xF1, 0x87, 0x7D, 0x96, 0x2B, 0x85, 0x92, 0xDD, 0x2D, 0x56,
|
||||
0x6C, 0xF3, 0x67, 0x20, 0x87, 0x2B, 0x85, 0x13, 0xF6, 0xEA, 0xB1, 0xA8, 0xA4, 0x44, 0x38, 0xD5, 0xEF, 0x11,
|
||||
0xCA, 0x40, 0xD7, 0x44, 0x6E, 0x54, 0x5F, 0xFA, 0xED, 0x3B, 0xD1, 0x2A, 0x74, 0x0A, 0x65, 0x9F, 0xFB, 0xBB, 0x3C, 0xEA, 0xB7
|
||||
};
|
||||
|
||||
const uint8_t eax_msg_len[] = {0, 2, 5, 5, 6, 12, 17, 18, 18, 21};
|
||||
|
||||
const uint8_t eax_key[] = {
|
||||
0x23, 0x39, 0x52, 0xDE, 0xE4, 0xD5, 0xED, 0x5F, 0x9B, 0x9C, 0x6D, 0x6F, 0xF8, 0x0F, 0xF4, 0x78,
|
||||
0x91, 0x94, 0x5D, 0x3F, 0x4D, 0xCB, 0xEE, 0x0B, 0xF4, 0x5E, 0xF5, 0x22, 0x55, 0xF0, 0x95, 0xA4,
|
||||
0x01, 0xF7, 0x4A, 0xD6, 0x40, 0x77, 0xF2, 0xE7, 0x04, 0xC0, 0xF6, 0x0A, 0xDA, 0x3D, 0xD5, 0x23,
|
||||
0xD0, 0x7C, 0xF6, 0xCB, 0xB7, 0xF3, 0x13, 0xBD, 0xDE, 0x66, 0xB7, 0x27, 0xAF, 0xD3, 0xC5, 0xE8,
|
||||
0x35, 0xB6, 0xD0, 0x58, 0x00, 0x05, 0xBB, 0xC1, 0x2B, 0x05, 0x87, 0x12, 0x45, 0x57, 0xD2, 0xC2,
|
||||
0xBD, 0x8E, 0x6E, 0x11, 0x47, 0x5E, 0x60, 0xB2, 0x68, 0x78, 0x4C, 0x38, 0xC6, 0x2F, 0xEB, 0x22,
|
||||
0x7C, 0x77, 0xD6, 0xE8, 0x13, 0xBE, 0xD5, 0xAC, 0x98, 0xBA, 0xA4, 0x17, 0x47, 0x7A, 0x2E, 0x7D,
|
||||
0x5F, 0xFF, 0x20, 0xCA, 0xFA, 0xB1, 0x19, 0xCA, 0x2F, 0xC7, 0x35, 0x49, 0xE2, 0x0F, 0x5B, 0x0D,
|
||||
0xA4, 0xA4, 0x78, 0x2B, 0xCF, 0xFD, 0x3E, 0xC5, 0xE7, 0xEF, 0x6D, 0x8C, 0x34, 0xA5, 0x61, 0x23,
|
||||
0x83, 0x95, 0xFC, 0xF1, 0xE9, 0x5B, 0xEB, 0xD6, 0x97, 0xBD, 0x01, 0x0B, 0xC7, 0x66, 0xAA, 0xC3
|
||||
};
|
||||
|
||||
const uint8_t eax_nonce[] = {
|
||||
0x62, 0xEC, 0x67, 0xF9, 0xC3, 0xA4, 0xA4, 0x07, 0xFC, 0xB2, 0xA8, 0xC4, 0x90, 0x31, 0xA8, 0xB3,
|
||||
0xBE, 0xCA, 0xF0, 0x43, 0xB0, 0xA2, 0x3D, 0x84, 0x31, 0x94, 0xBA, 0x97, 0x2C, 0x66, 0xDE, 0xBD,
|
||||
0x70, 0xC3, 0xDB, 0x4F, 0x0D, 0x26, 0x36, 0x84, 0x00, 0xA1, 0x0E, 0xD0, 0x5D, 0x2B, 0xFF, 0x5E,
|
||||
0x84, 0x08, 0xDF, 0xFF, 0x3C, 0x1A, 0x2B, 0x12, 0x92, 0xDC, 0x19, 0x9E, 0x46, 0xB7, 0xD6, 0x17,
|
||||
0xFD, 0xB6, 0xB0, 0x66, 0x76, 0xEE, 0xDC, 0x5C, 0x61, 0xD7, 0x42, 0x76, 0xE1, 0xF8, 0xE8, 0x16,
|
||||
0x6E, 0xAC, 0x5C, 0x93, 0x07, 0x2D, 0x8E, 0x85, 0x13, 0xF7, 0x50, 0x93, 0x5E, 0x46, 0xDA, 0x1B,
|
||||
0x1A, 0x8C, 0x98, 0xDC, 0xD7, 0x3D, 0x38, 0x39, 0x3B, 0x2B, 0xF1, 0x56, 0x9D, 0xEE, 0xFC, 0x19,
|
||||
0xDD, 0xE5, 0x9B, 0x97, 0xD7, 0x22, 0x15, 0x6D, 0x4D, 0x9A, 0xFF, 0x2B, 0xC7, 0x55, 0x98, 0x26,
|
||||
0xB7, 0x81, 0xFC, 0xF2, 0xF7, 0x5F, 0xA5, 0xA8, 0xDE, 0x97, 0xA9, 0xCA, 0x48, 0xE5, 0x22, 0xEC,
|
||||
0x22, 0xE7, 0xAD, 0xD9, 0x3C, 0xFC, 0x63, 0x93, 0xC5, 0x7E, 0xC0, 0xB3, 0xC1, 0x7D, 0x6B, 0x44
|
||||
};
|
||||
|
||||
const uint8_t eax_header[] = {
|
||||
0x6B, 0xFB, 0x91, 0x4F, 0xD0, 0x7E, 0xAE, 0x6B,
|
||||
0xFA, 0x3B, 0xFD, 0x48, 0x06, 0xEB, 0x53, 0xFA,
|
||||
0x23, 0x4A, 0x34, 0x63, 0xC1, 0x26, 0x4A, 0xC6,
|
||||
0x33, 0xCC, 0xE2, 0xEA, 0xBF, 0xF5, 0xA7, 0x9D,
|
||||
0xAE, 0xB9, 0x6E, 0xAE, 0xBE, 0x29, 0x70, 0xE9,
|
||||
0xD4, 0x48, 0x2D, 0x1C, 0xA7, 0x8D, 0xCE, 0x0F,
|
||||
0x65, 0xD2, 0x01, 0x79, 0x90, 0xD6, 0x25, 0x28,
|
||||
0x54, 0xB9, 0xF0, 0x4E, 0x6A, 0x09, 0x18, 0x9A,
|
||||
0x89, 0x9A, 0x17, 0x58, 0x97, 0x56, 0x1D, 0x7E,
|
||||
0x12, 0x67, 0x35, 0xFC, 0xC3, 0x20, 0xD2, 0x5A
|
||||
};
|
||||
|
||||
const uint8_t eax_cipher[] = {
|
||||
0xE0, 0x37, 0x83, 0x0E, 0x83, 0x89, 0xF2, 0x7B, 0x02, 0x5A, 0x2D, 0x65, 0x27, 0xE7, 0x9D, 0x01,
|
||||
0x19, 0xDD, 0x5C, 0x4C, 0x93, 0x31, 0x04, 0x9D, 0x0B, 0xDA, 0xB0, 0x27, 0x74, 0x08, 0xF6, 0x79, 0x67, 0xE5,
|
||||
0xD8, 0x51, 0xD5, 0xBA, 0xE0, 0x3A, 0x59, 0xF2, 0x38, 0xA2, 0x3E, 0x39, 0x19, 0x9D, 0xC9, 0x26, 0x66, 0x26, 0xC4, 0x0F, 0x80,
|
||||
0x63, 0x2A, 0x9D, 0x13, 0x1A, 0xD4, 0xC1, 0x68, 0xA4, 0x22, 0x5D, 0x8E, 0x1F, 0xF7, 0x55, 0x93, 0x99, 0x74, 0xA7, 0xBE, 0xDE,
|
||||
0x07, 0x1D, 0xFE, 0x16, 0xC6, 0x75, 0xCB, 0x06, 0x77, 0xE5, 0x36, 0xF7, 0x3A, 0xFE, 0x6A, 0x14, 0xB7, 0x4E, 0xE4, 0x98, 0x44, 0xDD,
|
||||
0x83, 0x5B, 0xB4, 0xF1, 0x5D, 0x74, 0x3E, 0x35, 0x0E, 0x72, 0x84, 0x14, 0xAB, 0xB8, 0x64, 0x4F, 0xD6, 0xCC, 0xB8, 0x69, 0x47, 0xC5, 0xE1, 0x05, 0x90, 0x21, 0x0A, 0x4F,
|
||||
0x02, 0x08, 0x3E, 0x39, 0x79, 0xDA, 0x01, 0x48, 0x12, 0xF5, 0x9F, 0x11, 0xD5, 0x26, 0x30, 0xDA, 0x30, 0x13, 0x73, 0x27, 0xD1, 0x06, 0x49, 0xB0, 0xAA, 0x6E, 0x1C, 0x18, 0x1D, 0xB6, 0x17, 0xD7, 0xF2,
|
||||
0x2E, 0xC4, 0x7B, 0x2C, 0x49, 0x54, 0xA4, 0x89, 0xAF, 0xC7, 0xBA, 0x48, 0x97, 0xED, 0xCD, 0xAE, 0x8C, 0xC3, 0x3B, 0x60, 0x45, 0x05, 0x99, 0xBD, 0x02, 0xC9, 0x63, 0x82, 0x90, 0x2A, 0xEF, 0x7F, 0x83, 0x2A,
|
||||
0x0D, 0xE1, 0x8F, 0xD0, 0xFD, 0xD9, 0x1E, 0x7A, 0xF1, 0x9F, 0x1D, 0x8E, 0xE8, 0x73, 0x39, 0x38, 0xB1, 0xE8, 0xE7, 0xF6, 0xD2, 0x23, 0x16, 0x18, 0x10, 0x2F, 0xDB, 0x7F, 0xE5, 0x5F, 0xF1, 0x99, 0x17, 0x00,
|
||||
0xCB, 0x89, 0x20, 0xF8, 0x7A, 0x6C, 0x75, 0xCF, 0xF3, 0x96, 0x27, 0xB5, 0x6E, 0x3E, 0xD1, 0x97, 0xC5, 0x52, 0xD2, 0x95, 0xA7, 0xCF, 0xC4, 0x6A, 0xFC, 0x25, 0x3B, 0x46, 0x52, 0xB1, 0xAF, 0x37, 0x95, 0xB1, 0x24, 0xAB, 0x6E
|
||||
};
|
||||
|
||||
void testrun_aes128_eax(void){
|
||||
uint8_t key[16];
|
||||
uint8_t nonce[16];
|
||||
uint8_t header[8];
|
||||
uint8_t tag[16];
|
||||
uint8_t msg[21];
|
||||
uint8_t msg_len;
|
||||
const void* msg_p;
|
||||
const void* cipher_p;
|
||||
uint8_t i, r;
|
||||
|
||||
bcal_eax_ctx_t ctx;
|
||||
|
||||
msg_p = eax_msg;
|
||||
cipher_p = eax_cipher;
|
||||
for(i=0; i<10; ++i){
|
||||
cli_putstr("\r\n\r\n** AES128-EAX-TEST #");
|
||||
cli_putc('0'+i);
|
||||
cli_putstr(" **");
|
||||
|
||||
msg_len = eax_msg_len[i];
|
||||
memcpy(key, eax_key+16*i, 16);
|
||||
memcpy(nonce, eax_nonce+16*i, 16);
|
||||
memcpy(header, eax_header+8*i, 8);
|
||||
memcpy(msg, msg_p, msg_len);
|
||||
msg_p = (uint8_t*)msg_p+msg_len;
|
||||
|
||||
cli_putstr("\r\n key: ");
|
||||
cli_hexdump(key, 16);
|
||||
cli_putstr("\r\n msg: ");
|
||||
if(msg_len){
|
||||
cli_hexdump(msg, msg_len);
|
||||
}
|
||||
cli_putstr("\r\n nonce: ");
|
||||
cli_hexdump(nonce, 16);
|
||||
cli_putstr("\r\n header: ");
|
||||
cli_hexdump(header, 8);
|
||||
|
||||
r = bcal_eax_init(&aes128_desc, key, 128, &ctx);
|
||||
cli_putstr("\r\n init = 0x");
|
||||
cli_hexdump(&r, 1);
|
||||
if(r)
|
||||
return;
|
||||
bcal_eax_loadNonce(nonce, 16*8, &ctx);
|
||||
bcal_eax_addLastHeader(header, 8*8, &ctx);
|
||||
bcal_eax_encLastBlock(msg, msg_len*8, &ctx);
|
||||
bcal_eax_ctx2tag(tag, 128, &ctx);
|
||||
|
||||
cli_putstr("\r\n cipher: ");
|
||||
cli_hexdump_block(msg, msg_len, 4, 16);
|
||||
|
||||
cli_putstr("\r\n tag: ");
|
||||
cli_hexdump_block(tag, 16, 4, 16);
|
||||
|
||||
if(memcmp(msg, cipher_p, msg_len)){
|
||||
cli_putstr("\r\n cipher: [fail]\r\n should: ");
|
||||
memcpy(msg, cipher_p, msg_len);
|
||||
cli_hexdump_block(msg, msg_len, 4, 16);
|
||||
}else{
|
||||
cli_putstr("\r\n cipher: [pass]");
|
||||
}
|
||||
cipher_p = ((uint8_t*)cipher_p)+msg_len;
|
||||
// *
|
||||
if(memcmp(tag, cipher_p, 16)){
|
||||
cli_putstr("\r\n tag: [fail]");
|
||||
}else{
|
||||
cli_putstr("\r\n tag: [pass]");
|
||||
}
|
||||
|
||||
cipher_p = ((uint8_t*)cipher_p)+16;
|
||||
bcal_eax_free(&ctx);
|
||||
}
|
||||
}
|
||||
|
||||
/*****************************************************************************/
|
||||
|
||||
void testrun_performance_aes(void){
|
||||
bcal_performance_multiple(algolist);
|
||||
}
|
||||
|
||||
/*****************************************************************************
|
||||
* main *
|
||||
*****************************************************************************/
|
||||
|
||||
const cmdlist_entry_t cmdlist[] = {
|
||||
{ "nessie", NULL, testrun_nessie_aes },
|
||||
{ "test", NULL, testrun_test_aes },
|
||||
{ "testkey", NULL, testrun_testkey_aes },
|
||||
{ "testcbc", NULL, testrun_aes128_cbc },
|
||||
{ "testcfb8", NULL, testrun_aes128_cfb8 },
|
||||
{ "testcfb1", NULL, testrun_aes128_cfb1 },
|
||||
{ "testofb", NULL, testrun_aes128_ofb },
|
||||
{ "testctr", NULL, testrun_aes128_ctr },
|
||||
{ "testcmac", NULL, testrun_aes128_cmac },
|
||||
{ "testcmac72", NULL, testrun_aes128_cmac72 },
|
||||
{ "testcmac0", NULL, testrun_aes192_cmac0 },
|
||||
{ "testeax", NULL, testrun_aes128_eax },
|
||||
{ "cmacvs_list", NULL, cmacvs_listalgos },
|
||||
{ "cmacvs_set", (void*)1, (void_fpt)cmacvs_setalgo },
|
||||
{ "cmacvs_test1", NULL, cmacvs_test1 },
|
||||
{ "cmacvs_test2", NULL, cmacvs_test2 },
|
||||
{ "performance", NULL, testrun_performance_aes },
|
||||
{ "dump", (void*)1, (void_fpt)dump },
|
||||
{ "echo", (void*)1, (void_fpt)echo_ctrl },
|
||||
{ NULL, NULL, NULL }
|
||||
};
|
||||
|
||||
|
||||
int main (void){
|
||||
sysclk_set_freq(SYS_FREQ);
|
||||
sysclk_mosc_verify_enable();
|
||||
uart_init(UART_0, 115200, 8, UART_PARATY_NONE, UART_STOPBITS_ONE);
|
||||
gptm_set_timer_32periodic(TIMER0);
|
||||
|
||||
cli_rx = uart0_getc;
|
||||
cli_tx = uart0_putc;
|
||||
|
||||
cmacvs_algolist=(bcdesc_t**)algolist;
|
||||
cmacvs_algo=(bcdesc_t*)&aes128_desc;
|
||||
|
||||
for(;;){
|
||||
cli_putstr("\r\n\r\nARM-Crypto-Lib VS (");
|
||||
cli_putstr(algo_name);
|
||||
cli_putstr("; ");
|
||||
cli_putstr(__DATE__);
|
||||
cli_putc(' ');
|
||||
cli_putstr(__TIME__);
|
||||
cli_putstr(")\r\nloaded and running\r\n");
|
||||
cmd_interface(cmdlist);
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue