bg
/
arm-crypto-lib
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

AES added

This commit is contained in:
bg 2010-07-14 19:40:07 +02:00
parent 33a2839546
commit 3f2f2071c4
58 changed files with 4540 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
aes/aes.h Normal file
View File

@ -0,0 +1,43 @@
/* aes.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-30
* \license GPLv3 or later
*
*/
#ifndef AES_H_
#define AES_H_
#include <stdint.h>
#include "aes_types.h"
#include "aes128_enc.h"
#include "aes192_enc.h"
#include "aes256_enc.h"
#include "aes128_dec.h"
#include "aes192_dec.h"
#include "aes256_dec.h"
#include "aes_enc.h"
#include "aes_dec.h"
#include "aes_keyschedule.h"
#endif

34
aes/aes128_dec.c Normal file
View File

@ -0,0 +1,34 @@
/* aes128_dec.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes128_dec.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-30
* \license GPLv3 or later
*
*/
#include "aes.h"
#include "aes_dec.h"
void aes128_dec(void* buffer, aes128_ctx_t* ctx){
aes_decrypt_core(buffer, (aes_genctx_t*)ctx, 10);
}

46
aes/aes128_dec.h Normal file
View File

@ -0,0 +1,46 @@
/* aes128_dec.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes128_dec.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-30
* \license GPLv3 or later
* \ingroup AES
*/
#ifndef AES128_DEC_H_
#define AES128_DEC_H_
#include "aes_types.h"
#include "aes_dec.h"
/**
* \brief decrypt with 128 bit key.
*
* This function decrypts one block with the AES algorithm under control of
* a keyschedule produced from a 128 bit key.
* \param buffer pointer to the block to decrypt
* \param ctx pointer to the key schedule
*/
void aes128_dec(void* buffer, aes128_ctx_t* ctx);
#endif /* AES128_DEC_H_ */

34
aes/aes128_enc.c Normal file
View File

@ -0,0 +1,34 @@
/* aes128_enc.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes128_enc.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-30
* \license GPLv3 or later
*
*/
#include "aes.h"
#include "aes_enc.h"
void aes128_enc(void* buffer, aes128_ctx_t* ctx){
aes_encrypt_core(buffer, (aes_genctx_t*)ctx, 10);
}

47
aes/aes128_enc.h Normal file
View File

@ -0,0 +1,47 @@
/* aes128_enc.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes128_enc.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-30
* \license GPLv3 or later
* \ingroup AES
*/
#ifndef AES128_ENC_H_
#define AES128_ENC_H_
#include "aes_types.h"
#include "aes_enc.h"
/**
* \brief encrypt with 128 bit key.
*
* This function encrypts one block with the AES algorithm under control of
* a keyschedule produced from a 128 bit key.
* \param buffer pointer to the block to encrypt
* \param ctx pointer to the key schedule
*/
void aes128_enc(void* buffer, aes128_ctx_t* ctx);
#endif /* AES128_ENC_H_ */

34
aes/aes192_dec.c Normal file
View File

@ -0,0 +1,34 @@
/* aes192_dec.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes192_dec.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-31
* \license GPLv3 or later
*
*/
#include "aes.h"
#include "aes_dec.h"
void aes192_dec(void* buffer, aes192_ctx_t* ctx){
aes_decrypt_core(buffer, (aes_genctx_t*)ctx, 12);
}

46
aes/aes192_dec.h Normal file
View File

@ -0,0 +1,46 @@
/* aes192_dec.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes192_dec.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-31
* \license GPLv3 or later
* \ingroup AES
*/
#ifndef AES192_DEC_H_
#define AES192_DEC_H_
#include "aes_types.h"
#include "aes_dec.h"
/**
* \brief decrypt with 192 bit key.
*
* This function decrypts one block with the AES algorithm under control of
* a keyschedule produced from a 192 bit key.
* \param buffer pointer to the block to decrypt
* \param ctx pointer to the key schedule
*/
void aes192_dec(void* buffer, aes192_ctx_t* ctx);
#endif /* AES192_DEC_H_ */

34
aes/aes192_enc.c Normal file
View File

@ -0,0 +1,34 @@
/* aes192_enc.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes192_enc.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-31
* \license GPLv3 or later
*
*/
#include "aes.h"
#include "aes_enc.h"
void aes192_enc(void* buffer, aes192_ctx_t* ctx){
aes_encrypt_core(buffer, (aes_genctx_t*)ctx, 12);
}

47
aes/aes192_enc.h Normal file
View File

@ -0,0 +1,47 @@
/* aes192_enc.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes192_enc.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-31
* \license GPLv3 or later
* \ingroup AES
*/
#ifndef AES192_ENC_H_
#define AES192_ENC_H_
#include "aes_types.h"
#include "aes_enc.h"
/**
* \brief encrypt with 192 bit key.
*
* This function encrypts one block with the AES algorithm under control of
* a keyschedule produced from a 192 bit key.
* \param buffer pointer to the block to encrypt
* \param ctx pointer to the key schedule
*/
void aes192_enc(void* buffer, aes192_ctx_t* ctx);
#endif /* AES192_ENC_H_ */

34
aes/aes256_dec.c Normal file
View File

@ -0,0 +1,34 @@
/* aes256_dec.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes256_dec.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-31
* \license GPLv3 or later
*
*/
#include "aes.h"
#include "aes_dec.h"
void aes256_dec(void* buffer, aes256_ctx_t* ctx){
aes_decrypt_core(buffer, (aes_genctx_t*)ctx, 14);
}

46
aes/aes256_dec.h Normal file
View File

@ -0,0 +1,46 @@
/* aes256_dec.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes256_dec.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-31
* \license GPLv3 or later
* \ingroup AES
*/
#ifndef AES256_DEC_H_
#define AES256_DEC_H_
#include "aes_types.h"
#include "aes_dec.h"
/**
* \brief decrypt with 256 bit key.
*
* This function decrypts one block with the AES algorithm under control of
* a keyschedule produced from a 256 bit key.
* \param buffer pointer to the block to decrypt
* \param ctx pointer to the key schedule
*/
void aes256_dec(void* buffer, aes256_ctx_t* ctx);
#endif /* AES256_DEC_H_ */

34
aes/aes256_enc.c Normal file
View File

@ -0,0 +1,34 @@
/* aes256_enc.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes256_enc.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-31
* \license GPLv3 or later
*
*/
#include "aes.h"
#include "aes_enc.h"
void aes256_enc(void* buffer, aes256_ctx_t* ctx){
aes_encrypt_core(buffer, (aes_genctx_t*)ctx, 14);
}

47
aes/aes256_enc.h Normal file
View File

@ -0,0 +1,47 @@
/* aes256_enc.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes256_enc.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-31
* \license GPLv3 or later
* \ingroup AES
*/
#ifndef AES256_ENC_H_
#define AES256_ENC_H_
#include "aes_types.h"
#include "aes_enc.h"
/**
* \brief encrypt with 256 bit key.
*
* This function encrypts one block with the AES algorithm under control of
* a keyschedule produced from a 256 bit key.
* \param buffer pointer to the block to encrypt
* \param ctx pointer to the key schedule
*/
void aes256_enc(void* buffer, aes256_ctx_t* ctx);
#endif /* AES256_ENC_H_ */

130
aes/aes_dec.c Normal file
View File

@ -0,0 +1,130 @@
/* aes.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdint.h>
#include <string.h>
#include "gf256mul.h"
#include "aes.h"
#include "aes_invsbox.h"
#include "aes_dec.h"
void aes_invshiftrow(void* data, uint8_t shift){
uint8_t tmp[4];
tmp[0] = ((uint8_t*)data)[(4+0-shift)&3];
tmp[1] = ((uint8_t*)data)[(4+1-shift)&3];
tmp[2] = ((uint8_t*)data)[(4+2-shift)&3];
tmp[3] = ((uint8_t*)data)[(4+3-shift)&3];
memcpy(data, tmp, 4);
}
void aes_invshiftcol(void* data, uint8_t shift){
uint8_t tmp[4];
tmp[0] = ((uint8_t*)data)[ 0];
tmp[1] = ((uint8_t*)data)[ 4];
tmp[2] = ((uint8_t*)data)[ 8];
tmp[3] = ((uint8_t*)data)[12];
((uint8_t*)data)[ 0] = tmp[(4-shift+0)&3];
((uint8_t*)data)[ 4] = tmp[(4-shift+1)&3];
((uint8_t*)data)[ 8] = tmp[(4-shift+2)&3];
((uint8_t*)data)[12] = tmp[(4-shift+3)&3];
}
static
void aes_dec_round(aes_cipher_state_t* state, const aes_roundkey_t* k){
uint8_t tmp[16];
uint8_t i;
uint8_t t,u,v,w;
/* keyAdd */
for(i=0; i<16; ++i){
tmp[i] = state->s[i] ^ k->ks[i];
}
/* mixColums */
for(i=0; i<4; ++i){
t = tmp[4*i+3] ^ tmp[4*i+2];
u = tmp[4*i+1] ^ tmp[4*i+0];
v = t ^ u;
v = gf256mul(0x09, v, 0x1b);
w = v ^ gf256mul(0x04, tmp[4*i+2] ^ tmp[4*i+0], 0x1b);
v = v ^ gf256mul(0x04, tmp[4*i+3] ^ tmp[4*i+1], 0x1b);
state->s[4*i+3] = tmp[4*i+3] ^ v ^ gf256mul(0x02, tmp[4*i+0] ^ tmp[4*i+3], 0x1b);
state->s[4*i+2] = tmp[4*i+2] ^ w ^ gf256mul(0x02, t, 0x1b);
state->s[4*i+1] = tmp[4*i+1] ^ v ^ gf256mul(0x02, tmp[4*i+2] ^ tmp[4*i+1], 0x1b);
state->s[4*i+0] = tmp[4*i+0] ^ w ^ gf256mul(0x02, u, 0x1b);
/*
state->s[4*i+0] =
gf256mul(0xe, tmp[4*i+0], 0x1b)
^ gf256mul(0xb, tmp[4*i+1], 0x1b)
^ gf256mul(0xd, tmp[4*i+2], 0x1b)
^ gf256mul(0x9, tmp[4*i+3], 0x1b);
state->s[4*i+1] =
gf256mul(0x9, tmp[4*i+0], 0x1b)
^ gf256mul(0xe, tmp[4*i+1], 0x1b)
^ gf256mul(0xb, tmp[4*i+2], 0x1b)
^ gf256mul(0xd, tmp[4*i+3], 0x1b);
state->s[4*i+2] =
gf256mul(0xd, tmp[4*i+0], 0x1b)
^ gf256mul(0x9, tmp[4*i+1], 0x1b)
^ gf256mul(0xe, tmp[4*i+2], 0x1b)
^ gf256mul(0xb, tmp[4*i+3], 0x1b);
state->s[4*i+3] =
gf256mul(0xb, tmp[4*i+0], 0x1b)
^ gf256mul(0xd, tmp[4*i+1], 0x1b)
^ gf256mul(0x9, tmp[4*i+2], 0x1b)
^ gf256mul(0xe, tmp[4*i+3], 0x1b);
*/
}
/* shiftRows */
aes_invshiftcol(state->s+1, 1);
aes_invshiftcol(state->s+2, 2);
aes_invshiftcol(state->s+3, 3);
/* subBytes */
for(i=0; i<16; ++i){
state->s[i] = aes_invsbox[state->s[i]];
}
}
static
void aes_dec_firstround(aes_cipher_state_t* state, const aes_roundkey_t* k){
uint8_t i;
/* keyAdd */
for(i=0; i<16; ++i){
state->s[i] ^= k->ks[i];
}
/* shiftRows */
aes_invshiftcol(state->s+1, 1);
aes_invshiftcol(state->s+2, 2);
aes_invshiftcol(state->s+3, 3);
/* subBytes */
for(i=0; i<16; ++i){
state->s[i] = aes_invsbox[state->s[i]];
}
}
void aes_decrypt_core(aes_cipher_state_t* state, const aes_genctx_t* ks, uint8_t rounds){
uint8_t i;
aes_dec_firstround(state, &(ks->key[i=rounds]));
for(;rounds>1;--rounds){
--i;
aes_dec_round(state, &(ks->key[i]));
}
for(i=0; i<16; ++i){
state->s[i] ^= ks->key[0].ks[i];
}
}

36
aes/aes_dec.h Normal file
View File

@ -0,0 +1,36 @@
/* aes_dec.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes_dec.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-30
* \license GPLv3 or later
*
*/
#ifndef AES_DEC_H_
#define AES_DEC_H_
#include "aes_types.h"
#include <stdint.h>
void aes_decrypt_core(aes_cipher_state_t* state,const aes_genctx_t* ks, uint8_t rounds);
#endif

119
aes/aes_enc.c Normal file
View File

@ -0,0 +1,119 @@
/* aes_enc.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes_enc.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-30
* \license GPLv3 or later
*
*/
#include <stdint.h>
#include <string.h>
#include "aes.h"
#include "gf256mul.h"
#include "aes_sbox.h"
#include "aes_enc.h"
void aes_shiftcol(void* data, uint8_t shift){
uint8_t tmp[4];
tmp[0] = ((uint8_t*)data)[ 0];
tmp[1] = ((uint8_t*)data)[ 4];
tmp[2] = ((uint8_t*)data)[ 8];
tmp[3] = ((uint8_t*)data)[12];
((uint8_t*)data)[ 0] = tmp[(shift+0)&3];
((uint8_t*)data)[ 4] = tmp[(shift+1)&3];
((uint8_t*)data)[ 8] = tmp[(shift+2)&3];
((uint8_t*)data)[12] = tmp[(shift+3)&3];
}
#define GF256MUL_1(a) (a)
#define GF256MUL_2(a) (gf256mul(2, (a), 0x1b))
#define GF256MUL_3(a) (gf256mul(3, (a), 0x1b))
static
void aes_enc_round(aes_cipher_state_t* state, const aes_roundkey_t* k){
uint8_t tmp[16], t;
uint8_t i;
/* subBytes */
for(i=0; i<16; ++i){
tmp[i] = aes_sbox[state->s[i]];
}
/* shiftRows */
aes_shiftcol(tmp+1, 1);
aes_shiftcol(tmp+2, 2);
aes_shiftcol(tmp+3, 3);
/* mixColums */
for(i=0; i<4; ++i){
t = tmp[4*i+0] ^ tmp[4*i+1] ^ tmp[4*i+2] ^ tmp[4*i+3];
state->s[4*i+0] =
GF256MUL_2(tmp[4*i+0]^tmp[4*i+1])
^ tmp[4*i+0]
^ t;
state->s[4*i+1] =
GF256MUL_2(tmp[4*i+1]^tmp[4*i+2])
^ tmp[4*i+1]
^ t;
state->s[4*i+2] =
GF256MUL_2(tmp[4*i+2]^tmp[4*i+3])
^ tmp[4*i+2]
^ t;
state->s[4*i+3] =
GF256MUL_2(tmp[4*i+3]^tmp[4*i+0])
^ tmp[4*i+3]
^ t;
}
/* addKey */
for(i=0; i<16; ++i){
state->s[i] ^= k->ks[i];
}
}
static
void aes_enc_lastround(aes_cipher_state_t* state,const aes_roundkey_t* k){
uint8_t i;
/* subBytes */
for(i=0; i<16; ++i){
state->s[i] = aes_sbox[state->s[i]];
}
/* shiftRows */
aes_shiftcol(state->s+1, 1);
aes_shiftcol(state->s+2, 2);
aes_shiftcol(state->s+3, 3);
/* keyAdd */
for(i=0; i<16; ++i){
state->s[i] ^= k->ks[i];
}
}
void aes_encrypt_core(aes_cipher_state_t* state, const aes_genctx_t* ks, uint8_t rounds){
uint8_t i;
for(i=0; i<16; ++i){
state->s[i] ^= ks->key[0].ks[i];
}
i=1;
for(;rounds>1;--rounds){
aes_enc_round(state, &(ks->key[i]));
++i;
}
aes_enc_lastround(state, &(ks->key[i]));
}

36
aes/aes_enc.h Normal file
View File

@ -0,0 +1,36 @@
/* aes_enc.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes_enc.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-30
* \license GPLv3 or later
*
*/
#ifndef AES_ENC_H_
#define AES_ENC_H_
#include "aes_types.h"
#include <stdint.h>
void aes_encrypt_core(aes_cipher_state_t* state, const aes_genctx_t* ks, uint8_t rounds);
#endif

22
aes/aes_invsbox.c Normal file
View File

@ -0,0 +1,22 @@
/* aes inverted sbox */
#include <stdint.h>
const uint8_t aes_invsbox[256] = {
0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,
0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,
0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,
0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
};

33
aes/aes_invsbox.h Normal file
View File

@ -0,0 +1,33 @@
/* aes_invsbox.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes_invsbox.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-30
* \license GPLv3 or later
*
*/
#ifndef AES_INVSBOX_H_
#define AES_INVSBOX_H_
#include <stdint.h>
extern uint8_t aes_invsbox[];
#endif

93
aes/aes_keyschedule.c Normal file
View File

@ -0,0 +1,93 @@
/* aes_keyschedule.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes_keyschedule.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-30
* \license GPLv3 or later
*
*/
#include <stdint.h>
#include "aes.h"
#include "aes_keyschedule.h"
#include "aes_sbox.h"
#include <string.h>
static
void aes_rotword(void* a){
uint8_t t;
t=((uint8_t*)a)[0];
((uint8_t*)a)[0] = ((uint8_t*)a)[1];
((uint8_t*)a)[1] = ((uint8_t*)a)[2];
((uint8_t*)a)[2] = ((uint8_t*)a)[3];
((uint8_t*)a)[3] = t;
}
uint8_t rc_tab[] = { 0x01, 0x02, 0x04, 0x08,
0x10, 0x20, 0x40, 0x80,
0x1b, 0x36 };
void aes_init(const void* key, uint16_t keysize_b, aes_genctx_t* ctx){
uint8_t hi,i,nk, next_nk;
uint8_t rc=0;
union {
uint32_t v32;
uint8_t v8[4];
} tmp;
nk=keysize_b>>5; /* 4, 6, 8 */
hi=4*(nk+6+1);
memcpy(ctx, key, keysize_b/8);
next_nk = nk;
for(i=nk;i<hi;++i){
tmp.v32 = ((uint32_t*)(ctx->key[0].ks))[i-1];
if(i!=next_nk){
if(nk==8 && i%8==4){
tmp.v8[0] = aes_sbox[tmp.v8[0]];
tmp.v8[1] = aes_sbox[tmp.v8[1]];
tmp.v8[2] = aes_sbox[tmp.v8[2]];
tmp.v8[3] = aes_sbox[tmp.v8[3]];
}
} else {
next_nk += nk;
aes_rotword(&(tmp.v32));
tmp.v8[0] = aes_sbox[tmp.v8[0]];
tmp.v8[1] = aes_sbox[tmp.v8[1]];
tmp.v8[2] = aes_sbox[tmp.v8[2]];
tmp.v8[3] = aes_sbox[tmp.v8[3]];
tmp.v8[0] ^= rc_tab[rc];
rc++;
}
((uint32_t*)(ctx->key[0].ks))[i] = ((uint32_t*)(ctx->key[0].ks))[i-nk]
^ tmp.v32;
}
}
void aes128_init(const void* key, aes128_ctx_t* ctx){
aes_init(key, 128, (aes_genctx_t*)ctx);
}
void aes192_init(const void* key, aes192_ctx_t* ctx){
aes_init(key, 192, (aes_genctx_t*)ctx);
}
void aes256_init(const void* key, aes256_ctx_t* ctx){
aes_init(key, 256, (aes_genctx_t*)ctx);
}

75
aes/aes_keyschedule.h Normal file
View File

@ -0,0 +1,75 @@
/* aes_keyschedule.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes_keyschedule.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-30
* \license GPLv3 or later
* \ingroup AES
*/
#ifndef AES_KEYSCHEDULE_H_
#define AES_KEYSCHEDULE_H_
#include "aes_types.h"
/**
* \brief initialize the keyschedule
*
* This function computes the keyschedule from a given key with a given length
* and stores it in the context variable
* \param key pointer to the key material
* \param keysize_b length of the key in bits (valid are 128, 192 and 256)
* \param ctx pointer to the context where the keyschedule should be stored
*/
void aes_init(const void* key, uint16_t keysize_b, aes_genctx_t* ctx);
/**
* \brief initialize the keyschedule for 128 bit key
*
* This function computes the keyschedule from a given 128 bit key
* and stores it in the context variable
* \param key pointer to the key material
* \param ctx pointer to the context where the keyschedule should be stored
*/
void aes128_init(const void* key, aes128_ctx_t* ctx);
/**
* \brief initialize the keyschedule for 192 bit key
*
* This function computes the keyschedule from a given 192 bit key
* and stores it in the context variable
* \param key pointer to the key material
* \param ctx pointer to the context where the keyschedule should be stored
*/
void aes192_init(const void* key, aes192_ctx_t* ctx);
/**
* \brief initialize the keyschedule for 256 bit key
*
* This function computes the keyschedule from a given 256 bit key
* and stores it in the context variable
* \param key pointer to the key material
* \param ctx pointer to the context where the keyschedule should be stored
*/
void aes256_init(const void* key, aes256_ctx_t* ctx);
#endif /* AES_KEYSCHEDULE_H_ */

39
aes/aes_sbox.c Normal file
View File

@ -0,0 +1,39 @@
/* aes sbox */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdint.h>
const uint8_t aes_sbox[256] = {
0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
};

33
aes/aes_sbox.h Normal file
View File

@ -0,0 +1,33 @@
/* aes_sbox.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes_sbox.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-30
* \license GPLv3 or later
*
*/
#ifndef AES_SBOX_H_
#define AES_SBOX_H_
#include <stdint.h>
extern uint8_t aes_sbox[];
#endif

56
aes/aes_types.h Normal file
View File

@ -0,0 +1,56 @@
/* aes.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes_types.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2008-12-30
* \license GPLv3 or later
*
*/
#ifndef AES_TYPES_H_
#define AES_TYPES_H_
#include <stdint.h>
typedef struct{
uint8_t ks[16];
} aes_roundkey_t;
typedef struct{
aes_roundkey_t key[10+1];
} aes128_ctx_t;
typedef struct{
aes_roundkey_t key[12+1];
} aes192_ctx_t;
typedef struct{
aes_roundkey_t key[14+1];
} aes256_ctx_t;
typedef struct{
aes_roundkey_t key[1]; /* just to avoid the warning */
} aes_genctx_t;
typedef struct{
uint8_t s[16];
} aes_cipher_state_t;
#endif

40
aes/gf256mul.c Normal file
View File

@ -0,0 +1,40 @@
/* gf256mul.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdint.h>
uint8_t gf256mul(uint8_t a, uint8_t b, uint8_t reducer){
uint8_t r=0;
while(a&0xFE){
if(a&1){
r ^= b;
}
a >>= 1;
if(b&0x80){
b <<= 1;
b ^= reducer;
}else{
b <<= 1;
}
}
if(a&1){
r ^= b;
}
return r;
}

37
aes/gf256mul.h Normal file
View File

@ -0,0 +1,37 @@
/* gf256mul.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef GF256MUL_H_
#define GF256MUL_H_
/**
* \author Daniel Otte
* \email daniel.otte@rub.de
* \date 2008-12-19
* \license GPLv3
* \brief
*
*
*/
#include <stdint.h>
uint8_t gf256mul(uint8_t a, uint8_t b, uint8_t reducer);
#endif /* GF256MUL_H_ */

12
aes/memxor.c Normal file
View File

@ -0,0 +1,12 @@
#include <stdint.h>
#include "memxor.h"
void memxor(void* dest, const void* src, uint16_t n){
while(n--){
*((uint8_t*)dest) ^= *((uint8_t*)src);
dest = (uint8_t*)dest +1;
src = (uint8_t*)src +1;
}
}

92
bcal-basic.c Normal file
View File

@ -0,0 +1,92 @@
/* bcal-basic.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdlib.h>
#include <stdint.h>
#include <string.h>
#include "blockcipher_descriptor.h"
#include "keysize_descriptor.h"
uint8_t bcal_cipher_init(const bcdesc_t* cipher_descriptor,
const void* key, uint16_t keysize_b, bcgen_ctx_t* ctx){
if(!is_valid_keysize_P(cipher_descriptor->valid_keysize_desc, keysize_b)){
return 1;
}
uint8_t flags;
bc_init_fpt init_fpt;
ctx->desc_ptr = (bcdesc_t*)cipher_descriptor;
ctx->keysize = keysize_b;
flags = cipher_descriptor->flags;
init_fpt.initvoid = (void_fpt)(cipher_descriptor->init.initvoid);
if(init_fpt.initvoid == NULL){
if(!(ctx->ctx = malloc((keysize_b+7)/8)))
return 2;
memcpy(ctx->ctx, key, (keysize_b+7)/8);
return 0;
}
if(!(ctx->ctx = malloc(cipher_descriptor->ctxsize_B)))
return 3;
if((flags&BC_INIT_TYPE)==BC_INIT_TYPE_1){
init_fpt.init1((void*)key, (ctx->ctx));
}else{
init_fpt.init2((void*)key, keysize_b, (ctx->ctx));
}
return 0;
}
void bcal_cipher_free(bcgen_ctx_t* ctx){
if(!ctx)
return;
bc_free_fpt free_fpt;
free_fpt = (bc_free_fpt)(ctx->desc_ptr->free);
if(free_fpt)
free_fpt((ctx->ctx));
free(ctx->ctx);
}
void bcal_cipher_enc(void* block, const bcgen_ctx_t* ctx){
bc_enc_fpt enc_fpt;
enc_fpt.encvoid = (void_fpt)(ctx->desc_ptr->enc.encvoid);
if(!enc_fpt.encvoid){
/* very bad error, no enciphering function specified */
return;
}
enc_fpt.enc1(block, (ctx->ctx));
}
void bcal_cipher_dec(void* block, const bcgen_ctx_t* ctx){
bc_dec_fpt dec_fpt;
dec_fpt.decvoid = (void_fpt)(ctx->desc_ptr->dec.decvoid);
if(!dec_fpt.decvoid){
/* very bad error, no deciphering function specified */
return;
}
dec_fpt.dec1(block, (ctx->ctx));
}
uint16_t bcal_cipher_getBlocksize_b(const bcdesc_t* desc){
return (desc->blocksize_b);
}
const void* bcal_cipher_getKeysizeDesc(const bcdesc_t* desc){
return (desc->valid_keysize_desc);
}

35
bcal-basic.h Normal file
View File

@ -0,0 +1,35 @@
/* bcal-basic.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BCAL_BASIC_H_
#define BCAL_BASIC_H_
#include <stdlib.h>
#include <stdint.h>
#include "blockcipher_descriptor.h"
#include "keysize_descriptor.h"
uint8_t bcal_cipher_init(const bcdesc_t* cipher_descriptor,
const void* key, uint16_t keysize_b, bcgen_ctx_t* ctx);
void bcal_cipher_free(bcgen_ctx_t* ctx);
void bcal_cipher_enc(void* block, const bcgen_ctx_t* ctx);
void bcal_cipher_dec(void* block, const bcgen_ctx_t* ctx);
uint16_t bcal_cipher_getBlocksize_b(const bcdesc_t* desc);
const void* bcal_cipher_getKeysizeDesc(const bcdesc_t* desc);
#endif /* BCAL_BASIC_H_ */

84
bcal-cbc.c Normal file
View File

@ -0,0 +1,84 @@
/* bcal-cbc.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdint.h>
#include <string.h>
#include "bcal-cbc.h"
#include "bcal-basic.h"
#include "memxor.h"
uint8_t bcal_cbc_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_cbc_ctx_t* ctx){
ctx->desc = (bcdesc_t*)desc;
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
ctx->prev_block = malloc(ctx->blocksize_B);
if(ctx->prev_block==NULL){
return 0x11;
}
return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
}
void bcal_cbc_free(bcal_cbc_ctx_t* ctx){
bcal_cipher_free(&(ctx->cctx));
free(ctx->prev_block);
}
void bcal_cbc_loadIV(const void* iv, bcal_cbc_ctx_t* ctx){
if(iv){
memcpy(ctx->prev_block, iv, ctx->blocksize_B);
}
}
void bcal_cbc_encNext(void* block, bcal_cbc_ctx_t* ctx){
memxor(block, ctx->prev_block, ctx->blocksize_B);
bcal_cipher_enc(block, &(ctx->cctx));
memcpy(ctx->prev_block, block, ctx->blocksize_B);
}
void bcal_cbc_decNext(void* block, bcal_cbc_ctx_t* ctx){
uint8_t tmp[ctx->blocksize_B];
memcpy(tmp, block, ctx->blocksize_B);
bcal_cipher_dec(block, &(ctx->cctx));
memxor(block, ctx->prev_block, ctx->blocksize_B);
memcpy(ctx->prev_block, tmp, ctx->blocksize_B);
}
void bcal_cbc_decRand(void* block, const void* prev_block, bcal_cbc_ctx_t* ctx){
bcal_cipher_dec(block, &(ctx->cctx));
memxor(block, prev_block, ctx->blocksize_B);
}
void bcal_cbc_encMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cbc_ctx_t* ctx){
bcal_cbc_loadIV(iv, ctx);
while(msg_blocks--){
bcal_cbc_encNext(msg, ctx);
msg = (uint8_t*)msg + ctx->blocksize_B;
}
}
void bcal_cbc_decMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cbc_ctx_t* ctx){
msg=(uint8_t*)msg + (msg_blocks-1)*ctx->blocksize_B;
while(msg_blocks > 1){
bcal_cbc_decRand(msg, (uint8_t*)msg-ctx->blocksize_B, ctx);
msg_blocks -= 1;
msg=(uint8_t*)msg-ctx->blocksize_B;
}
bcal_cbc_decRand(msg, iv, ctx);
}

44
bcal-cbc.h Normal file
View File

@ -0,0 +1,44 @@
/* bcal-cbc.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BCALCBC_H_
#define BCALCBC_H_
#include <stdint.h>
#include "blockcipher_descriptor.h"
#include "bcal-basic.h"
typedef struct{
bcdesc_t* desc;
bcgen_ctx_t cctx;
uint8_t* prev_block;
uint8_t blocksize_B;
} bcal_cbc_ctx_t;
uint8_t bcal_cbc_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_cbc_ctx_t* ctx);
void bcal_cbc_free(bcal_cbc_ctx_t* ctx);
void bcal_cbc_loadIV(const void* iv, bcal_cbc_ctx_t* ctx);
void bcal_cbc_encNext(void* block, bcal_cbc_ctx_t* ctx);
void bcal_cbc_decNext(void* block, bcal_cbc_ctx_t* ctx);
void bcal_cbc_decRand(void* block, const void* prev_block, bcal_cbc_ctx_t* ctx);
void bcal_cbc_encMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cbc_ctx_t* ctx);
void bcal_cbc_decMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cbc_ctx_t* ctx);
#endif /* BCALCBC_H_ */

128
bcal-cfb_bit.c Normal file
View File

@ -0,0 +1,128 @@
/* bcal-cfb_bit.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdint.h>
#include <string.h>
#include "bcal-cfb_bit.h"
#include "bcal-basic.h"
static uint8_t read_bit(void* block, uint32_t index){
uint8_t r;
r=((uint8_t*)block)[index/8];
r=(r&(0x80>>(index&7)))?0xff:0x00;
return r;
}
static void write_bit(void* block, uint32_t index, uint8_t value){
if(value){
/* set bit */
((uint8_t*)block)[index/8] |= 0x80>>(index&7);
}else{
/* clear bit */
((uint8_t*)block)[index/8] &= ~(0x80>>(index&7));
}
}
uint8_t bcal_cfb_b_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, uint16_t size_b, bcal_cfb_b_ctx_t* ctx){
ctx->desc = (bcdesc_t*)desc;
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
ctx->in_block=malloc(ctx->blocksize_B);
if(ctx->in_block==NULL){
return 0x11;
}
if(size_b>bcal_cipher_getBlocksize_b(desc)){
return 0x12;
}
ctx->size_b = size_b;
return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
}
void bcal_cfb_b_free(bcal_cfb_b_ctx_t* ctx){
free(ctx->in_block);
bcal_cipher_free(&(ctx->cctx));
}
void bcal_cfb_b_loadIV(const void* iv, bcal_cfb_b_ctx_t* ctx){
if(iv){
memcpy(ctx->in_block, iv, ctx->blocksize_B);
}
}
void bcal_cfb_b_encNext(void* block, uint8_t offset, bcal_cfb_b_ctx_t* ctx){
uint8_t tmp[ctx->blocksize_B];
offset &= 7;
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
bcal_cipher_enc(tmp, &(ctx->cctx));
uint16_t i,j;
uint8_t a;
for(i=0; i<ctx->blocksize_B*8-ctx->size_b; ++i){
a = read_bit(ctx->in_block, i+ctx->size_b);
write_bit(ctx->in_block, i, a);
}
for(j=offset,i=0; i<ctx->size_b; ++i, ++j){
a = read_bit(tmp, i) ^ read_bit(block, j);
write_bit(ctx->in_block, ctx->blocksize_B*8-ctx->size_b+i, a);
write_bit(block, j, a);
}
}
void bcal_cfb_b_decNext(void* block, uint8_t offset, bcal_cfb_b_ctx_t* ctx){
uint8_t tmp[ctx->blocksize_B];
offset &= 7;
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
bcal_cipher_enc(tmp, &(ctx->cctx));
uint16_t i,j;
uint8_t a,b;
for(i=0; i<ctx->blocksize_B*8-ctx->size_b; ++i){
a = read_bit(ctx->in_block, i+ctx->size_b);
write_bit(ctx->in_block, i, a);
}
for(j=offset,i=0; i<ctx->size_b; ++i, ++j){
a = read_bit(tmp, i);
b = read_bit(block, j);
a ^= b;
write_bit(ctx->in_block, ctx->blocksize_B*8-ctx->size_b+i, b);
write_bit(block, j, a);
}
}
void bcal_cfb_b_encMsg(const void* iv, void* msg, uint8_t offset, uint32_t msg_blocks, bcal_cfb_b_ctx_t* ctx){
bcal_cfb_b_loadIV(iv, ctx);
uint64_t addr;
addr = ((uint32_t)msg)*8+offset;
while(msg_blocks--){
msg = (void*)((uint32_t)(addr/8));
offset = addr&7;
bcal_cfb_b_encNext(msg, offset, ctx);
addr += ctx->size_b;
}
}
void bcal_cfb_b_decMsg(const void* iv, void* msg, uint8_t offset, uint32_t msg_blocks, bcal_cfb_b_ctx_t* ctx){
bcal_cfb_b_loadIV(iv, ctx);
uint64_t addr;
addr = ((uint32_t)msg)*8+offset;
while(msg_blocks--){
msg = (void*)((uint32_t)(addr/8));
offset = addr&7;
bcal_cfb_b_decNext(msg, offset, ctx);
addr += ctx->size_b;
}
}

47
bcal-cfb_bit.h Normal file
View File

@ -0,0 +1,47 @@
/* bcal-cfb_bit.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BCALCFB_BIT_H_
#define BCALCFB_BIT_H_
#include <stdint.h>
#include "bcal-basic.h"
#include "blockcipher_descriptor.h"
typedef struct{
bcdesc_t* desc;
bcgen_ctx_t cctx;
uint8_t* in_block;
uint8_t blocksize_B;
uint16_t size_b;
} bcal_cfb_b_ctx_t;
uint8_t bcal_cfb_b_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, uint16_t size_b, bcal_cfb_b_ctx_t* ctx);
void bcal_cfb_b_free(bcal_cfb_b_ctx_t* ctx);
void bcal_cfb_b_loadIV(const void* iv, bcal_cfb_b_ctx_t* ctx);
void bcal_cfb_b_encNext(void* block, uint8_t offset, bcal_cfb_b_ctx_t* ctx);
void bcal_cfb_b_decNext(void* block, uint8_t offset, bcal_cfb_b_ctx_t* ctx);
void bcal_cfb_b_encMsg(const void* iv, void* msg, uint8_t offset, uint32_t msg_blocks, bcal_cfb_b_ctx_t* ctx);
void bcal_cfb_b_decMsg(const void* iv, void* msg, uint8_t offset, uint32_t msg_blocks, bcal_cfb_b_ctx_t* ctx);
#endif /* BCALCFB_BIT_H_ */

88
bcal-cfb_byte.c Normal file
View File

@ -0,0 +1,88 @@
/* bcal-cfb_byte.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdint.h>
#include <string.h>
#include "bcal-cfb_byte.h"
#include "bcal-basic.h"
#include "memxor.h"
uint8_t bcal_cfb_B_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, uint16_t size_b, bcal_cfb_B_ctx_t* ctx){
ctx->desc = (bcdesc_t*)desc;
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
ctx->in_block=malloc(ctx->blocksize_B);
if(ctx->in_block==NULL){
return 0x11;
}
if(size_b&7){
return 0x12;
}
ctx->size_B = size_b/8;
return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
}
void bcal_cfb_B_free(bcal_cfb_B_ctx_t* ctx){
free(ctx->in_block);
bcal_cipher_free(&(ctx->cctx));
}
void bcal_cfb_B_loadIV(const void* iv, bcal_cfb_B_ctx_t* ctx){
if(iv){
memcpy(ctx->in_block, iv, ctx->blocksize_B);
}
}
void bcal_cfb_B_encNext(void* block, bcal_cfb_B_ctx_t* ctx){
uint8_t tmp[ctx->blocksize_B];
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
bcal_cipher_enc(tmp, &(ctx->cctx));
memxor(block, tmp, ctx->size_B);
memmove(ctx->in_block, ctx->in_block+ctx->size_B, ctx->blocksize_B - ctx->size_B);
memcpy(ctx->in_block+ctx->blocksize_B-ctx->size_B, block, ctx->size_B);
}
void bcal_cfb_B_decNext(void* block, bcal_cfb_B_ctx_t* ctx){
uint8_t tmp[ctx->blocksize_B];
uint8_t xblock[ctx->size_B];
memcpy(xblock, block, ctx->size_B);
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
bcal_cipher_enc(tmp, &(ctx->cctx));
memxor(block, tmp, ctx->size_B);
memmove(ctx->in_block, ctx->in_block+ctx->size_B, ctx->blocksize_B - ctx->size_B);
memcpy(ctx->in_block+ctx->blocksize_B-ctx->size_B, xblock, ctx->size_B);
}
void bcal_cfb_B_encMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cfb_B_ctx_t* ctx){
bcal_cfb_B_loadIV(iv, ctx);
while(msg_blocks--){
bcal_cfb_B_encNext(msg, ctx);
msg = (uint8_t*)msg+ctx->size_B;
}
}
void bcal_cfb_B_decMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cfb_B_ctx_t* ctx){
bcal_cfb_B_loadIV(iv, ctx);
while(msg_blocks--){
bcal_cfb_B_decNext(msg, ctx);
msg = (uint8_t*)msg+ctx->size_B;
}
}

46
bcal-cfb_byte.h Normal file
View File

@ -0,0 +1,46 @@
/* bcal-cbc.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BCALCFB_BYTE_H_
#define BCALCFB_BYTE_H_
#include <stdint.h>
#include "bcal-basic.h"
#include "blockcipher_descriptor.h"
typedef struct{
bcdesc_t* desc;
bcgen_ctx_t cctx;
uint8_t* in_block;
uint8_t blocksize_B;
uint8_t size_B;
} bcal_cfb_B_ctx_t;
uint8_t bcal_cfb_B_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, uint16_t size_b, bcal_cfb_B_ctx_t* ctx);
void bcal_cfb_B_free(bcal_cfb_B_ctx_t* ctx);
void bcal_cfb_B_loadIV(const void* iv, bcal_cfb_B_ctx_t* ctx);
void bcal_cfb_B_encNext(void* block, bcal_cfb_B_ctx_t* ctx);
void bcal_cfb_B_decNext(void* block, bcal_cfb_B_ctx_t* ctx);
void bcal_cfb_B_encMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cfb_B_ctx_t* ctx);
void bcal_cfb_B_decMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cfb_B_ctx_t* ctx);
#endif /* BCALCFB_BYTE_H_ */

152
bcal-cmac.c Normal file
View File

@ -0,0 +1,152 @@
/* bcal-omac.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdint.h>
#include <string.h>
#include "bcal-basic.h"
#include "bcal-cmac.h"
#include "memxor.h"
static uint8_t left_shift_be_block(void* block, uint8_t blocksize_B){
uint8_t c1=0, c2;
do{
--blocksize_B;
c2 = (((uint8_t*)block)[blocksize_B])>>7;
(((uint8_t*)block)[blocksize_B]) <<= 1;
(((uint8_t*)block)[blocksize_B]) |= c1;
c1 = c2;
}while(blocksize_B);
return c1;
}
static const uint8_t const_128 = 0x87;
static const uint8_t const_64 = 0x1b;
uint8_t bcal_cmac_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_cmac_ctx_t* ctx){
uint8_t r;
ctx->desc = (bcdesc_t*)desc;
ctx->blocksize_B = bcal_cipher_getBlocksize_b(desc)/8;
if (ctx->blocksize_B!=128/8 && ctx->blocksize_B!=64/8){
return 0x13;
}
ctx->accu = malloc(ctx->blocksize_B);
if(ctx->accu==NULL){
return 0x14;
}
ctx->k1 = malloc(ctx->blocksize_B);
if(ctx->k1==NULL){
return 0x15;
}
ctx->k2 = malloc(ctx->blocksize_B);
if(ctx->k2==NULL){
return 0x16;
}
ctx->lastblock = malloc(ctx->blocksize_B);
if(ctx->lastblock==NULL){
return 0x17;
}
r = bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
if(r){
return r;
}
if(ctx->blocksize_B==128/8){
r = const_128;
}else{
r = const_64;
}
/* subkey computation */
memset(ctx->accu, 0x00, ctx->blocksize_B);
memset(ctx->k1, 0x00, ctx->blocksize_B);
bcal_cipher_enc(ctx->k1, &(ctx->cctx));
if(left_shift_be_block(ctx->k1, ctx->blocksize_B)){
ctx->k1[ctx->blocksize_B-1] ^= r;
}
memcpy(ctx->k2, ctx->k1, ctx->blocksize_B);
if(left_shift_be_block(ctx->k2, ctx->blocksize_B)){
ctx->k2[ctx->blocksize_B-1] ^= r;
}
ctx->last_set=0;
return 0;
}
void bcal_cmac_free(bcal_cmac_ctx_t* ctx){
free(ctx->accu);
free(ctx->k1);
free(ctx->k2);
bcal_cipher_free(&(ctx->cctx));
}
void bcal_cmac_nextBlock (bcal_cmac_ctx_t* ctx, const void* block){
if(ctx->last_set){
memxor(ctx->accu, ctx->lastblock, ctx->blocksize_B);
bcal_cipher_enc(ctx->accu, &(ctx->cctx));
}
memcpy(ctx->lastblock, block, ctx->blocksize_B);
ctx->last_set=1;
}
void bcal_cmac_lastBlock(bcal_cmac_ctx_t* ctx, const void* block, uint16_t length_b){
uint16_t blocksize_b;
blocksize_b = ctx->blocksize_B*8;
while(length_b>=blocksize_b){
bcal_cmac_nextBlock(ctx, block);
block = (uint8_t*)block + ctx->blocksize_B;
length_b -= blocksize_b;
}
if(ctx->last_set==0){
memxor(ctx->accu, block, (length_b+7)/8);
memxor(ctx->accu, ctx->k2, ctx->blocksize_B);
ctx->accu[length_b/8] ^= 0x80>>(length_b&7);
}else{
if(length_b==0){
memxor(ctx->accu, ctx->lastblock, ctx->blocksize_B);
memxor(ctx->accu, ctx->k1, ctx->blocksize_B);
}else{
memxor(ctx->accu, ctx->lastblock, ctx->blocksize_B);
bcal_cipher_enc(ctx->accu, &(ctx->cctx));
memxor(ctx->accu, block, (length_b+7)/8);
memxor(ctx->accu, ctx->k2, ctx->blocksize_B);
ctx->accu[length_b/8] ^= 0x80>>(length_b&7);
}
}
bcal_cipher_enc(ctx->accu, &(ctx->cctx));
}
void bcal_cmac_ctx2mac(void* dest, uint16_t length_b, const bcal_cmac_ctx_t* ctx){
memcpy(dest, ctx->accu, length_b/8);
if(length_b&7){
((uint8_t*)dest)[length_b/8] &= 0xff>>(length_b&7);
((uint8_t*)dest)[length_b/8] |= (0xff00>>(length_b&7))&(ctx->accu[length_b/8]);
}
}
void bcal_cmac(void* dest, uint16_t out_length_b, const void* block, uint32_t length_b, bcal_cmac_ctx_t* ctx){
uint16_t blocksize_b;
blocksize_b = ctx->blocksize_B*8;
while(length_b>blocksize_b){
bcal_cmac_nextBlock(ctx, block);
block = (uint8_t*)block + ctx->blocksize_B;
length_b -= blocksize_b;
}
bcal_cmac_lastBlock(ctx, block, length_b);
bcal_cmac_ctx2mac(dest, out_length_b, ctx);
}

45
bcal-cmac.h Normal file
View File

@ -0,0 +1,45 @@
/* bcal-cmac.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BCALCMAC_H_
#define BCALCMAC_H_
#include <stdint.h>
#include "bcal-basic.h"
#include "blockcipher_descriptor.h"
typedef struct{
bcdesc_t* desc;
bcgen_ctx_t cctx;
uint8_t* accu;
uint8_t* k1;
uint8_t* k2;
uint8_t* lastblock;
uint8_t last_set;
uint8_t blocksize_B;
} bcal_cmac_ctx_t;
uint8_t bcal_cmac_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_cmac_ctx_t* ctx);
void bcal_cmac_free(bcal_cmac_ctx_t* ctx);
void bcal_cmac_nextBlock(bcal_cmac_ctx_t* ctx, const void* block);
void bcal_cmac_lastBlock(bcal_cmac_ctx_t* ctx, const void* block, uint16_t length_b);
void bcal_cmac_ctx2mac(void* dest, uint16_t length_b, const bcal_cmac_ctx_t* ctx);
void bcal_cmac(void* dest, uint16_t out_length_b, const void* block, uint32_t length_b, bcal_cmac_ctx_t* ctx);
#endif /* BCALCMAC_H_ */

95
bcal-ctr.c Normal file
View File

@ -0,0 +1,95 @@
/* bcal-ctr.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdint.h>
#include <string.h>
#include "bcal-basic.h"
#include "bcal-ctr.h"
#include "memxor.h"
static void increment_be(void* block, uint8_t size_B){
uint16_t c=1;
do{
--size_B;
c += ((uint8_t*)block)[size_B];
((uint8_t*)block)[size_B] = (uint8_t)c;
c>>=8;
}while(size_B);
}
uint8_t bcal_ctr_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, inc_fp_t inc_func, bcal_ctr_ctx_t* ctx){
ctx->desc = (bcdesc_t*)desc;
if(inc_func){
ctx->inc_func = inc_func;
}else{
ctx->inc_func = increment_be;
}
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
ctx->in_block=malloc(ctx->blocksize_B);
if(ctx->in_block==NULL){
return 0x11;
}
return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
}
void bcal_ctr_free(bcal_ctr_ctx_t* ctx){
free(ctx->in_block);
bcal_cipher_free(&(ctx->cctx));
}
void bcal_ctr_loadIV(const void* iv, bcal_ctr_ctx_t* ctx){
if(iv){
memcpy(ctx->in_block, iv, ctx->blocksize_B);
}
}
void bcal_ctr_encNext(void* block, bcal_ctr_ctx_t* ctx){
uint8_t tmp[ctx->blocksize_B];
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
bcal_cipher_enc(tmp, &(ctx->cctx));
memxor(block, tmp, ctx->blocksize_B);
ctx->inc_func(ctx->in_block, ctx->blocksize_B);
}
void bcal_ctr_decNext(void* block, bcal_ctr_ctx_t* ctx){
bcal_ctr_encNext(block, ctx);
}
void bcal_ctr_encMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ctr_ctx_t* ctx){
bcal_ctr_loadIV(iv, ctx);
uint16_t blocksize_b;
blocksize_b = ctx->blocksize_B*8;
while(msg_len_b>blocksize_b){
bcal_ctr_encNext(msg, ctx);
msg_len_b -= blocksize_b;
msg = (uint8_t*)msg + ctx->blocksize_B;
}
uint8_t tmp[ctx->blocksize_B];
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
bcal_cipher_enc(tmp, &(ctx->cctx));
ctx->inc_func(ctx->in_block, ctx->blocksize_B);
tmp[msg_len_b/8] = 0xff00>>(msg_len_b&7);
memxor(msg, tmp, (msg_len_b+7)/8);
}
void bcal_ctr_decMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ctr_ctx_t* ctx){
bcal_ctr_encMsg(iv, msg, msg_len_b, ctx);
}

45
bcal-ctr.h Normal file
View File

@ -0,0 +1,45 @@
/* bcal-ctr.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BCALCTR_H_
#define BCALCTR_H_
#include <stdint.h>
#include "bcal-basic.h"
#include "blockcipher_descriptor.h"
typedef void(*inc_fp_t)(void* block, uint8_t size_B);
typedef struct{
bcdesc_t* desc;
bcgen_ctx_t cctx;
uint8_t* in_block;
inc_fp_t inc_func;
uint8_t blocksize_B;
} bcal_ctr_ctx_t;
uint8_t bcal_ctr_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, inc_fp_t inc_func, bcal_ctr_ctx_t* ctx);
void bcal_ctr_free(bcal_ctr_ctx_t* ctx);
void bcal_ctr_loadIV(const void* iv, bcal_ctr_ctx_t* ctx);
void bcal_ctr_encNext(void* block, bcal_ctr_ctx_t* ctx);
void bcal_ctr_decNext(void* block, bcal_ctr_ctx_t* ctx);
void bcal_ctr_encMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ctr_ctx_t* ctx);
void bcal_ctr_decMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ctr_ctx_t* ctx);
#endif /* BCALCTR_H_ */

119
bcal-eax.c Normal file
View File

@ -0,0 +1,119 @@
/* bca-eax.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdint.h>
#include "bcal-basic.h"
#include "blockcipher_descriptor.h"
#include "bcal-cmac.h"
#include "bcal-ctr.h"
#include "bcal-eax.h"
#include "memxor.h"
uint8_t bcal_eax_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_eax_ctx_t* ctx){
uint8_t r;
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
ctx->nonce = malloc(ctx->blocksize_B);
if(ctx->nonce==NULL){
return 0x81;
}
r = bcal_cmac_init(desc, key, keysize_b, &(ctx->ctag));
if(r){
return r;
}
r = bcal_cmac_init(desc, key, keysize_b, &(ctx->htag));
if(r){
return (r|0x10);
}
r = bcal_cmac_init(desc, key, keysize_b, &(ctx->ntag));
if(r){
return (r|0x20);
}
r = bcal_ctr_init(desc, key, keysize_b, NULL, &(ctx->cipher));
if(r){
return (r|0x30);
}
ctx->header_set=0;
uint8_t tmp[ctx->blocksize_B];
memset(tmp, 0, ctx->blocksize_B);
bcal_cmac_nextBlock(&(ctx->ntag), tmp);
tmp[ctx->blocksize_B-1]=1;
bcal_cmac_nextBlock(&(ctx->htag), tmp);
tmp[ctx->blocksize_B-1]=2;
bcal_cmac_nextBlock(&(ctx->ctag), tmp);
return 0;
}
void bcal_eax_free(bcal_eax_ctx_t* ctx){
bcal_ctr_free(&(ctx->cipher));
bcal_cmac_free(&(ctx->ctag));
bcal_cmac_free(&(ctx->htag));
bcal_cmac_free(&(ctx->ntag));
free(ctx->nonce);
}
void bcal_eax_loadNonce(const void* nonce, uint16_t length_b, bcal_eax_ctx_t* ctx){
bcal_cmac_lastBlock(&(ctx->ntag), nonce, length_b);
bcal_cmac_ctx2mac(ctx->nonce, ctx->blocksize_B*8, &(ctx->ntag));
bcal_ctr_loadIV(ctx->nonce, &(ctx->cipher));
}
void bcal_eax_addNextHeader(const void* header, bcal_eax_ctx_t* ctx){
bcal_cmac_nextBlock(&(ctx->htag), header);
}
void bcal_eax_addLastHeader(const void* header, uint16_t length_b, bcal_eax_ctx_t* ctx){
bcal_cmac_lastBlock(&(ctx->htag), header, length_b);
ctx->header_set = 1;
}
void bcal_eax_encNextBlock(void* block, bcal_eax_ctx_t* ctx){
bcal_ctr_encNext(block, &(ctx->cipher));
bcal_cmac_nextBlock(&(ctx->ctag), block);
}
void bcal_eax_encLastBlock(void* block, uint16_t length_b, bcal_eax_ctx_t* ctx){
bcal_ctr_encMsg(NULL, block, length_b, &(ctx->cipher));
bcal_cmac_lastBlock(&(ctx->ctag), block, length_b);
}
void bcal_eax_decNextBlock(void* block, bcal_eax_ctx_t* ctx){
bcal_cmac_nextBlock(&(ctx->ctag), block);
bcal_ctr_decNext(block, &(ctx->cipher));
}
void bcal_eax_decLastBlock(void* block, uint16_t length_b, bcal_eax_ctx_t* ctx){
bcal_cmac_lastBlock(&(ctx->ctag), block, length_b);
bcal_ctr_decMsg(NULL, block, length_b, &(ctx->cipher));
}
void bcal_eax_ctx2tag(void* dest, uint16_t length_b, bcal_eax_ctx_t* ctx){
uint8_t tmp[ctx->blocksize_B];
if(ctx->header_set==0){
bcal_cmac_lastBlock(&(ctx->htag), NULL, 0);
}
bcal_cmac_ctx2mac(tmp, ctx->blocksize_B*8, &(ctx->htag));
memxor(ctx->nonce, tmp, ctx->blocksize_B);
bcal_cmac_ctx2mac(tmp, ctx->blocksize_B*8, &(ctx->ctag));
memxor(ctx->nonce, tmp, ctx->blocksize_B);
memcpy(dest, ctx->nonce, (length_b+7)/8);
}

53
bcal-eax.h Normal file
View File

@ -0,0 +1,53 @@
/* bcal-eax.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BCALEAX_H_
#define BCALEAX_H_
#include <stdint.h>
#include <string.h>
#include "bcal-basic.h"
#include "blockcipher_descriptor.h"
#include "bcal-cmac.h"
#include "bcal-ctr.h"
typedef struct{
uint8_t* nonce;
bcal_cmac_ctx_t ntag;
bcal_cmac_ctx_t ctag;
bcal_cmac_ctx_t htag;
bcal_ctr_ctx_t cipher;
uint8_t blocksize_B;
uint8_t header_set;
} bcal_eax_ctx_t;
uint8_t bcal_eax_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_eax_ctx_t* ctx);
void bcal_eax_free(bcal_eax_ctx_t* ctx);
void bcal_eax_loadNonce(const void* nonce, uint16_t length_b, bcal_eax_ctx_t* ctx);
void bcal_eax_addNextHeader(const void* header, bcal_eax_ctx_t* ctx);
void bcal_eax_addLastHeader(const void* header, uint16_t length_b, bcal_eax_ctx_t* ctx);
void bcal_eax_encNextBlock(void* block, bcal_eax_ctx_t* ctx);
void bcal_eax_encLastBlock(void* block, uint16_t length_b, bcal_eax_ctx_t* ctx);
void bcal_eax_decNextBlock(void* block, bcal_eax_ctx_t* ctx);
void bcal_eax_decLastBlock(void* block, uint16_t length_b, bcal_eax_ctx_t* ctx);
void bcal_eax_ctx2tag(void* dest, uint16_t length_b, bcal_eax_ctx_t* ctx);
//void bcal_eax(void* dest, uint16_t out_length_b, const void* block, uint32_t length_b, bcal_eax_ctx_t* ctx);
#endif /* BCALEAX_H_ */

76
bcal-ofb.c Normal file
View File

@ -0,0 +1,76 @@
/* bcal-ofb.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdint.h>
#include <string.h>
#include "bcal-ofb.h"
#include "bcal-basic.h"
#include "memxor.h"
uint8_t bcal_ofb_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_ofb_ctx_t* ctx){
ctx->desc = (bcdesc_t*)desc;
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
ctx->in_block=malloc(ctx->blocksize_B);
if(ctx->in_block==NULL){
return 0x11;
}
return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
}
void bcal_ofb_free(bcal_ofb_ctx_t* ctx){
free(ctx->in_block);
bcal_cipher_free(&(ctx->cctx));
}
void bcal_ofb_loadIV(const void* iv, bcal_ofb_ctx_t* ctx){
if(iv){
memcpy(ctx->in_block, iv, ctx->blocksize_B);
}
}
void bcal_ofb_encNext(void* block, bcal_ofb_ctx_t* ctx){
bcal_cipher_enc(ctx->in_block , &(ctx->cctx));
memxor(block, ctx->in_block, ctx->blocksize_B);
}
void bcal_ofb_decNext(void* block, bcal_ofb_ctx_t* ctx){
bcal_cipher_enc(ctx->in_block , &(ctx->cctx));
memxor(block, ctx->in_block, ctx->blocksize_B);
}
void bcal_ofb_encMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ofb_ctx_t* ctx){
uint16_t block_len_b;
block_len_b = ctx->blocksize_B*8;
bcal_ofb_loadIV(iv, ctx);
while(msg_len_b>block_len_b){
bcal_ofb_encNext(msg, ctx);
msg_len_b -= block_len_b;
msg = (uint8_t*)msg + ctx->blocksize_B;
}
bcal_cipher_enc(ctx->in_block, &(ctx->cctx));
ctx->in_block[msg_len_b/8] = 0xff00>>(msg_len_b&7);
memxor(msg, ctx->in_block, (msg_len_b+7)/8);
}
void bcal_ofb_decMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ofb_ctx_t* ctx){
bcal_ofb_encMsg(iv, msg, msg_len_b, ctx);
}

46
bcal-ofb.h Normal file
View File

@ -0,0 +1,46 @@
/* bcal-ofb.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BCALOFB_H_
#define BCALOFB_H_
#include <stdint.h>
#include "bcal-basic.h"
#include "blockcipher_descriptor.h"
typedef struct{
bcdesc_t* desc;
bcgen_ctx_t cctx;
uint8_t* in_block;
uint8_t blocksize_B;
} bcal_ofb_ctx_t;
uint8_t bcal_ofb_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_ofb_ctx_t* ctx);
void bcal_ofb_free(bcal_ofb_ctx_t* ctx);
void bcal_ofb_loadIV(const void* iv, bcal_ofb_ctx_t* ctx);
void bcal_ofb_encNext(void* block, bcal_ofb_ctx_t* ctx);
void bcal_ofb_decNext(void* block, bcal_ofb_ctx_t* ctx);
void bcal_ofb_encMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ofb_ctx_t* ctx);
void bcal_ofb_decMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ofb_ctx_t* ctx);
#endif /* BCALOFB_H_ */

149
bcal-performance.c Normal file
View File

@ -0,0 +1,149 @@
/* bcal-performance.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*
* \file bcal-performance.c
* \author Daniel Otte
* \email daniel.otte@rub.de
* \date 2010-02-16
* \license GPLv3 or later
*
*/
#include "bcal-performance.h"
#include "keysize_descriptor.h"
#include "blockcipher_descriptor.h"
#include "performance_test.h"
#include "cli.h"
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
static
void printvalue(unsigned long v){
char str[20];
int i;
ultoa(v, str, 10);
for(i=0; i<10-strlen(str); ++i){
cli_putc(' ');
}
cli_putstr(str);
}
void bcal_performance(const bcdesc_t* bcd){
bcdesc_t bc;
memcpy(&bc, bcd, sizeof(bcdesc_t));
uint8_t ctx[bc.ctxsize_B];
uint8_t data[(bc.blocksize_b+7)/8];
uint16_t keysize = get_keysize(bc.valid_keysize_desc);
uint8_t key[(keysize+7)/8];
uint64_t t;
uint8_t i;
if(bc.type!=BCDESC_TYPE_BLOCKCIPHER)
return;
calibrateTimer();
print_overhead();
cli_putstr("\r\n\r\n === ");
cli_putstr(bc.name);
cli_putstr(" performance === "
"\r\n type: blockcipher"
"\r\n keysize (bits): ");
printvalue(keysize);
cli_putstr("\r\n ctxsize (bytes): ");
printvalue(bc.ctxsize_B);
cli_putstr("\r\n blocksize (bits): ");
printvalue(bc.blocksize_b);
t=0;
if(bc.init.init1){
if((bc.flags&BC_INIT_TYPE)==BC_INIT_TYPE_1){
for(i=0; i<32; ++i){
startTimer(0);
START_TIMER;
(bc.init.init1)(key, &ctx);
STOP_TIMER;
t += stopTimer();
if(i!=31 && bc.free){
bc.free(&ctx);
}
}
} else {
for(i=0; i<32; ++i){
startTimer(0);
START_TIMER;
(bc.init.init2)(key, keysize, &ctx);
STOP_TIMER;
t += stopTimer();
if(i!=31 && bc.free){
bc.free(&ctx);
}
}
}
t>>=5;
cli_putstr("\r\n init (cycles): ");
printvalue(t);
}
t=0;
for(i=0; i<32; ++i){
startTimer(0);
START_TIMER;
bc.enc.enc1(data, &ctx);
STOP_TIMER;
t += stopTimer();
}
t>>=5;
cli_putstr("\r\n encrypt (cycles): ");
printvalue(t);
t=0;
for(i=0; i<32; ++i){
startTimer(0);
START_TIMER;
bc.dec.dec1(data, &ctx);
STOP_TIMER;
t += stopTimer();
}
t>>=5;
cli_putstr("\r\n decrypt (cycles): ");
printvalue(t);
if(bc.free){
bc.free(&ctx);
}
}
void bcal_performance_multiple(const bcdesc_t** bcd_list){
const bcdesc_t* bcd;
for(;;){
bcd = *bcd_list;
if(!bcd){
cli_putstr("\r\n\r\n End of performance figures\r\n");
return;
}
bcal_performance(bcd++);
bcd_list++;
}
}

38
bcal-performance.h Normal file
View File

@ -0,0 +1,38 @@
/* bcal-performance.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*
* \file bcal-performance.h
* \author Daniel Otte
* \email daniel.otte@rub.de
* \date 2010-02-16
* \license GPLv3 or later
*
*/
#ifndef BCAL_PERFORMANCE_H_
#define BCAL_PERFORMANCE_H_
#include "blockcipher_descriptor.h"
void bcal_performance(const bcdesc_t* hd);
void bcal_performance_multiple(const bcdesc_t** hd_list);
#endif /* BCAL_PERFORMANCE_H_ */

54
bcal_aes128.c Normal file
View File

@ -0,0 +1,54 @@
/* bcal_aes128.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_aes128.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-08
* \license GPLv3 or later
*
*/
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "aes.h"
#include "aes128_enc.h"
#include "aes128_dec.h"
#include "aes_keyschedule.h"
#include "keysize_descriptor.h"
const char aes128_str[] = "AES-128";
const uint8_t aes128_keysize_desc[] = { KS_TYPE_LIST, 1, KS_INT(128),
KS_TYPE_TERMINATOR };
const bcdesc_t aes128_desc = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_1,
aes128_str,
sizeof(aes128_ctx_t),
128,
{(void_fpt)aes128_init},
{(void_fpt)aes128_enc},
{(void_fpt)aes128_dec},
(bc_free_fpt)NULL,
aes128_keysize_desc
};

34
bcal_aes128.h Normal file
View File

@ -0,0 +1,34 @@
/* bcal_aes128.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_aes128.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-08
* \license GPLv3 or later
*
*/
#include "blockcipher_descriptor.h"
#include "aes.h"
#include "aes128_enc.h"
#include "aes128_dec.h"
#include "keysize_descriptor.h"
extern const bcdesc_t aes128_desc;

54
bcal_aes192.c Normal file
View File

@ -0,0 +1,54 @@
/* bcal_aes192.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_aes192.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-08
* \license GPLv3 or later
*
*/
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "aes.h"
#include "aes192_enc.h"
#include "aes192_dec.h"
#include "aes_keyschedule.h"
#include "keysize_descriptor.h"
const char aes192_str[] = "AES-192";
const uint8_t aes192_keysize_desc[] = { KS_TYPE_LIST, 1, KS_INT(192),
KS_TYPE_TERMINATOR };
const bcdesc_t aes192_desc = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_1,
aes192_str,
sizeof(aes192_ctx_t),
128,
{(void_fpt)aes192_init},
{(void_fpt)aes192_enc},
{(void_fpt)aes192_dec},
(bc_free_fpt)NULL,
aes192_keysize_desc
};

34
bcal_aes192.h Normal file
View File

@ -0,0 +1,34 @@
/* bcal_aes192.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_aes192.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-08
* \license GPLv3 or later
*
*/
#include "blockcipher_descriptor.h"
#include "aes.h"
#include "aes192_enc.h"
#include "aes192_dec.h"
#include "keysize_descriptor.h"
extern const bcdesc_t aes192_desc;

54
bcal_aes256.c Normal file
View File

@ -0,0 +1,54 @@
/* bcal_aes256.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_aes256.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-08
* \license GPLv3 or later
*
*/
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "aes.h"
#include "aes256_enc.h"
#include "aes256_dec.h"
#include "aes_keyschedule.h"
#include "keysize_descriptor.h"
const char aes256_str[] = "AES-256";
const uint8_t aes256_keysize_desc[] = { KS_TYPE_LIST, 1, KS_INT(256),
KS_TYPE_TERMINATOR };
const bcdesc_t aes256_desc = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_1,
aes256_str,
sizeof(aes256_ctx_t),
128,
{(void_fpt)aes256_init},
{(void_fpt)aes256_enc},
{(void_fpt)aes256_dec},
(bc_free_fpt)NULL,
aes256_keysize_desc
};

34
bcal_aes256.h Normal file
View File

@ -0,0 +1,34 @@
/* bcal_aes256.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_aes256.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-08
* \license GPLv3 or later
*
*/
#include "blockcipher_descriptor.h"
#include "aes.h"
#include "aes256_enc.h"
#include "aes256_dec.h"
#include "keysize_descriptor.h"
extern const bcdesc_t aes256_desc;

98
blockcipher_descriptor.h Normal file
View File

@ -0,0 +1,98 @@
/* blockcipher_descriptor.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file blockcipher_descriptor.h
* \author Daniel Otte
* \date 2009-02-04
*
* \license GPLv3 or later
*
*/
#ifndef BLOCKCIPHER_DESCRIPTOR_H_
#define BLOCKCIPHER_DESCRIPTOR_H_
#include <stdint.h>
#ifndef VOID_FPT
#define VOID_FPT
typedef void(*void_fpt)(void);
#endif
typedef void(*bc_init1_fpt)(void*, void*);
typedef void(*bc_init2_fpt)(void*, uint16_t,void*);
typedef void(*bc_enc1_fpt)(void*, void*);
typedef void(*bc_enc2_fpt)(void*, void*, void*);
typedef void(*bc_dec1_fpt)(void*, void*);
typedef void(*bc_dec2_fpt)(void*, void*, void*);
typedef void(*bc_free_fpt)(void*);
typedef union{
void_fpt initvoid;
bc_init1_fpt init1;
bc_init2_fpt init2;
} bc_init_fpt;
typedef union{
void_fpt encvoid;
bc_enc1_fpt enc1;
bc_enc2_fpt enc2;
} bc_enc_fpt;
typedef union{
void_fpt decvoid;
bc_dec1_fpt dec1;
bc_dec2_fpt dec2;
} bc_dec_fpt;
#define BC_INIT_TYPE 0x01
#define BC_INIT_TYPE_1 0x00
#define BC_INIT_TYPE_2 0x01
#define BC_ENC_TYPE 0x02
#define BC_ENC_TYPE_1 0x00
#define BC_ENC_TYPE_2 0x02
#
#define BC_DEC_TYPE 0x04
#define BC_DEC_TYPE_1 0x00
#define BC_DEC_TYPE_2 0x04
#define BCDESC_TYPE_BLOCKCIPHER 0x01
typedef struct {
uint8_t type; /* 1==blockcipher */
uint8_t flags;
const char* name;
uint16_t ctxsize_B;
uint16_t blocksize_b;
bc_init_fpt init;
bc_enc_fpt enc;
bc_dec_fpt dec;
bc_free_fpt free;
const void* valid_keysize_desc;
} bcdesc_t; /* blockcipher descriptor type */
typedef struct{
bcdesc_t* desc_ptr;
uint16_t keysize;
void* ctx;
} bcgen_ctx_t;
#endif /* BLOCKCIPHER_DESCRIPTOR_H_ */

1
host/get_test.rb
View File

@ -18,6 +18,7 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
=end
require 'rubygems'
require 'serialport'
def read_line(error_msg=true)

87
keysize_descriptor.c Normal file
View File

@ -0,0 +1,87 @@
/* keysize_descriptor.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file keysize_descriptor.c
* \author Daniel Otte
* \email daniel.otte@rub.de
* \date 2009-01-07
* \license GPLv3 or later
*/
#include <stdint.h>
#include "keysize_descriptor.h"
uint8_t is_valid_keysize_P(const void* ks_desc, uint16_t keysize){
uint8_t type;
type = *((uint8_t*)ks_desc);
ks_desc = (uint8_t*)ks_desc + 1;
if(type==KS_TYPE_TERMINATOR)
return 0;
if(type==KS_TYPE_LIST){
uint8_t items;
uint16_t item;
items = *((uint8_t*)ks_desc);
ks_desc = (uint8_t*)ks_desc + 1;
while(items--){
item = *((uint16_t*)ks_desc);
ks_desc = (uint8_t*)ks_desc + 2;
if(item==keysize)
return 1;
}
ks_desc = (uint8_t*)ks_desc - 2;
}
if(type==KS_TYPE_RANGE){
uint16_t max, min;
min = *((uint16_t*)ks_desc);
ks_desc = (uint8_t*)ks_desc + 2;
max = *((uint16_t*)ks_desc);
if(min<=keysize && keysize<=max)
return 1;
}
if(type==KS_TYPE_ARG_RANGE){
uint16_t max, min, dist, offset;
min = *((uint16_t*)ks_desc);
ks_desc = (uint8_t*)ks_desc + 2;
max = *((uint16_t*)ks_desc);
ks_desc = (uint8_t*)ks_desc + 2;
dist = *((uint16_t*)ks_desc);
ks_desc = (uint8_t*)ks_desc + 2;
offset = *((uint16_t*)ks_desc);
if(min<=keysize && keysize<=max && (keysize%dist==offset))
return 1;
}
if(type>KS_TYPE_ARG_RANGE){
/* bad error, you may insert a big warning message here */
return 0;
}
return is_valid_keysize_P((uint8_t*)ks_desc+1, keysize); /* search the next record */
}
uint16_t get_keysize(const void* ks_desc){
uint8_t type;
uint16_t keysize;
type = *((uint8_t*)ks_desc);
if(type==KS_TYPE_LIST)
ks_desc = (uint8_t*)ks_desc + 1;
ks_desc = (uint8_t*)ks_desc + 1;
keysize = *((uint16_t*)ks_desc);
return keysize;
}

58
keysize_descriptor.h Normal file
View File

@ -0,0 +1,58 @@
/* keysize_descriptor.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file keysize_descriptor.h
* \author Daniel Otte
* \email daniel.otte@rub.de
* \date 2009-01-07
* \license GPLv3 or later
*/
#ifndef KEYSIZE_DESCRIPTOR_H_
#define KEYSIZE_DESCRIPTOR_H_
#include <stdint.h>
#define KS_TYPE_TERMINATOR 0x00
#define KS_TYPE_LIST 0x01
#define KS_TYPE_RANGE 0x02
#define KS_TYPE_ARG_RANGE 0x03
#define KS_INT(a) ((a)&0xFF), ((a)>>8)
typedef struct{ /* keysize is valid if listed in items */
uint8_t n_items; /* number of items (value 0 is reserved) */
uint16_t items[]; /* list of valid lengths */
}keysize_desc_list_t;
typedef struct{ /* keysize is valid if min<=keysize<=max */
uint16_t min;
uint16_t max;
}keysize_desc_range_t;
typedef struct{ /* keysize is valid if min<=keysize<=max and if keysize mod distance == offset */
uint16_t min;
uint16_t max;
uint16_t distance;
uint16_t offset;
}keysize_desc_arg_range_t;
uint8_t is_valid_keysize_P(const void* ks_desc, uint16_t keysize);
uint16_t get_keysize(const void* ks_desc);
#endif /* KEYSIZE_DESCRIPTOR_H_ */

586
test_src/cmacvs.c Normal file
View File

@ -0,0 +1,586 @@
/* cmacvs.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file cmacvs.c
* \author Daniel Otte
* \date 2010-02-02
* \license GPLv3 or later
*
*/
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include "blockcipher_descriptor.h"
#include "bcal-basic.h"
#include "bcal-cmac.h"
#include "cmacvs.h"
#include "string-extras.h"
#include "cli.h"
#ifdef DEBUG
# undef DEBUG
#endif
#define DEBUG 0
#if DEBUG
# include "config.h"
# include <util/delay.h>
#endif
bcdesc_t* cmacvs_algo=NULL;
bcdesc_t** cmacvs_algolist=NULL;
void cmacvs_listalgos(void){
char option = 'a';
bcdesc_t* t;
uint8_t i=0;
cli_putstr("\r\nthe following algorithms are available:\r\n");
while(option<='z' && (t=(bcdesc_t*)(cmacvs_algolist[i]))){
cli_putc('\t');
cli_putc((t==cmacvs_algo)?'*':' ');
cli_putc(option++);
cli_putstr(":\t");
cli_putstr(t->name);
cli_putstr("\r\n");
i++;
}
}
void cmacvs_setalgo(char* param){
param = strstrip(param);
if(param[1]=='\0'){ /* single letter specified */
uint8_t i,option = param[0]-'a';
if(!cmacvs_algolist){
cli_putstr("\r\nERROR: cmacvs_algolist not set!");
return;
}
for(i=0; i<=option; ++i){
if((cmacvs_algolist[i])==NULL){
cli_putstr("\r\nERROR: invalid selection!");
return;
}
}
cmacvs_algo=(bcdesc_t*)(cmacvs_algolist[option]);
} else { /* name specifyed */
bcdesc_t* t=NULL;
uint8_t i=0;
while((t=(bcdesc_t*)(cmacvs_algolist[i])) &&
strcasecmp(param, t->name))
++i;
if(t){
cmacvs_algo=t;
}else{
cli_putstr("\r\nERROR: could not find \"");
cli_putstr(param);
cli_putstr("\"!");
}
}
}
typedef struct {
uint16_t buffer_idx;
uint16_t buffersize_B;
uint32_t blocks;
bcal_cmac_ctx_t ctx;
uint8_t* buffer;
uint8_t in_byte;
} cmacvs_ctx_t;
static cmacvs_ctx_t cmacvs_ctx;
uint8_t buffer_add(char c){
uint8_t v,t;
if(cmacvs_ctx.buffer_idx==cmacvs_ctx.buffersize_B){
bcal_cmac_nextBlock(&(cmacvs_ctx.ctx), cmacvs_ctx.buffer);
++cmacvs_ctx.blocks;
cmacvs_ctx.buffer_idx=0;
cmacvs_ctx.in_byte=0;
cli_putc('.');
memset(cmacvs_ctx.buffer, 0, cmacvs_ctx.buffersize_B);
}
if(c>='0' && c<='9'){
v=c-'0';
}else{
c &= (uint8_t)~('a' ^ 'A');
if(c>='A' && c<='F'){
v=c-'A'+10;
}else{
return 1;
}
}
t=cmacvs_ctx.buffer[cmacvs_ctx.buffer_idx];
if(cmacvs_ctx.in_byte){
t |= v;
cmacvs_ctx.buffer[cmacvs_ctx.buffer_idx]=t;
cmacvs_ctx.buffer_idx++;
cmacvs_ctx.in_byte = 0;
}else{
t |= v<<4;
cmacvs_ctx.buffer[cmacvs_ctx.buffer_idx]=t;
cmacvs_ctx.in_byte = 1;
}
return 0;
}
int32_t getValue(char* key){
uint32_t val=0;
char instr[21];
char* str2;
for(;;){
memset(instr, 0, 21);
cli_getsn(instr, 20);
str2 = strstrip(instr);
if(!strncasecmp(str2, key, strlen(key))){
while(*str2 && *str2!='=')
str2++;
if(*str2=='='){
do{
str2++;
}while(*str2 && !isdigit(*str2));
val=(uint32_t)strtoul(str2, NULL, 10);
return val;
}
} else {
if(!strncasecmp(str2, "EXIT", 4)){
cli_putstr("\r\n got exit ...");
return -1;
}
}
}
return -2;
}
uint8_t getKey(void* key_buffer, uint8_t klen_B){
char c;
uint8_t v,i=0;
memset(key_buffer, 0x00, klen_B);
do{
c = cli_getc_cecho();
}while((c|('a'^'A'))!='k');
do{
c = cli_getc_cecho();
}while((c|('a'^'A'))!='e');
do{
c = cli_getc_cecho();
}while((c|('a'^'A'))!='y');
do{
c = cli_getc_cecho();
}while(c!='=');
klen_B *= 2;
while(klen_B){
v = 0x10;
c = cli_getc_cecho();
if(c>='0' && c<='9'){
v = c-'0';
}else{
c |= 'A'^'a';
if(c>='a' && c<='f'){
v= c-'a'+10;
}
}
if(v<0x10){
if((i&1)==0){
v<<=4;
}
((uint8_t*)key_buffer)[i/2] |= v;
++i;
--klen_B;
}
}
return 0;
}
uint8_t getMac(void* mac_buffer, uint8_t mlen_B){
char c;
uint8_t v,i=0;
memset(mac_buffer, 0x00, mlen_B);
do{
c = cli_getc_cecho();
}while((c|('a'^'A'))!='m');
do{
c = cli_getc_cecho();
}while((c|('a'^'A'))!='a');
do{
c = cli_getc_cecho();
}while((c|('a'^'A'))!='c');
do{
c = cli_getc_cecho();
}while(c!='=');
mlen_B *= 2;
while(mlen_B){
v = 0x10;
c = cli_getc_cecho();
if(c>='0' && c<='9'){
v = c-'0';
}else{
c |= 'A'^'a';
if(c>='a' && c<='f'){
v= c-'a'+10;
}
}
if(v<0x10){
if((i&1)==0){
v<<=4;
}
((uint8_t*)mac_buffer)[i/2] |= v;
++i;
--mlen_B;
}
}
return 0;
}
void cmacvs_test1(void){ /* Gen tests */
int32_t klen, mlen, tlen;
int32_t expect_input=0;
if(!cmacvs_algo){
cli_putstr("\r\nERROR: select algorithm first!");
return;
}
char c;
cmacvs_ctx.buffersize_B=(cmacvs_algo->blocksize_b)/8;
uint8_t tag[cmacvs_ctx.buffersize_B];
uint8_t buffer[cmacvs_ctx.buffersize_B+5];
cmacvs_ctx.buffer = buffer;
cli_putstr("\r\nbuffer_size = 0x");
cli_hexdump_rev(&(cmacvs_ctx.buffersize_B), 2);
cli_putstr(" bytes");
for(;;){
cmacvs_ctx.blocks = 0;
memset(buffer, 0, cmacvs_ctx.buffersize_B);
klen = getValue("Klen");
if(klen<0){
return;
}
mlen = getValue("Mlen");
if(mlen<0){
return;
}
tlen = getValue("Tlen");
if(tlen<0){
return;
}
uint8_t key_buffer[klen];
#if DEBUG
cli_putstr("\r\nKLen == ");
cli_hexdump_rev(&klen, 4);
cli_putstr("\r\nMLen == ");
cli_hexdump_rev(&mlen, 4);
cli_putstr("\r\nTLen == ");
cli_hexdump_rev(&tlen, 4);
#endif
getKey(key_buffer, klen);
if(mlen==0){
expect_input=2;
}else{
expect_input=mlen*2;
}
#if DEBUG
cli_putstr("\r\nexpected_input == ");
cli_hexdump_rev(&expect_input, 4);
if(expect_input==0)
cli_putstr("\r\nexpected_input == 0 !!!");
#endif
uint8_t ret;
#if DEBUG
cli_putstr("\r\n CMAC init");
cli_putstr("\r\n (2) expected_input == ");
cli_hexdump_rev(&expect_input, 4);
#endif
ret = bcal_cmac_init(cmacvs_algo, key_buffer, klen*8, &(cmacvs_ctx.ctx));
if(ret){
cli_putstr("\r\n bcal_cmac_init returned with: ");
cli_hexdump(&ret, 1);
return;
}
#if DEBUG
cli_putstr("\r\n (3) expected_input == ");
cli_hexdump_rev(&expect_input, 4);
cli_putstr("\r\n");
#endif
while((c=cli_getc_cecho())!='M' && c!='m'){
if(!isspace(c)){
cli_putstr("\r\nERROR: wrong input (1) [0x");
cli_hexdump(&c, 1);
cli_putstr("]!\r\n");
bcal_cmac_free(&(cmacvs_ctx.ctx));
return;
}
}
if((c=cli_getc_cecho())!='s' && c!='S'){
cli_putstr("\r\nERROR: wrong input (2)!\r\n");
bcal_cmac_free(&(cmacvs_ctx.ctx));
return;
}
if((c=cli_getc_cecho())!='g' && c!='G'){
cli_putstr("\r\nERROR: wrong input (3)!\r\n");
bcal_cmac_free(&(cmacvs_ctx.ctx));
return;
}
while((c=cli_getc_cecho())!='='){
if(!isspace(c)){
cli_putstr("\r\nERROR: wrong input (4)!\r\n");
bcal_cmac_free(&(cmacvs_ctx.ctx));
return;
}
}
#if DEBUG
cli_putstr("\r\nparsing started");
#endif
cmacvs_ctx.buffer_idx = 0;
cmacvs_ctx.in_byte = 0;
cmacvs_ctx.blocks = 0;
while(expect_input>0){
c=cli_getc_cecho();
#if DEBUG
cli_putstr("\r\n\t(");
cli_hexdump_rev(&expect_input, 4);
cli_putstr(") ");
_delay_ms(500);
#endif
if(buffer_add(c)==0){
--expect_input;
}else{
if(!isblank((uint16_t)c)){
cli_putstr("\r\nERROR: wrong input (5) (");
cli_putc(c);
cli_putstr(")!\r\n");
bcal_cmac_free(&(cmacvs_ctx.ctx));
return;
}
}
}
#if DEBUG
cli_putstr("\r\nBuffer-A:");
cli_hexdump_block(buffer, cmacvs_ctx.buffersize_B, 5, 8);
cli_putstr("\r\n starting finalisation");
cli_putstr("\r\n\tblocks == ");
cli_hexdump_rev(&(cmacvs_ctx.blocks),4);
cli_putstr("\r\n\tbuffer_idx == ");
cli_hexdump_rev(&(cmacvs_ctx.buffer_idx),2);
cli_putstr("\r\n\tin_byte == ");
cli_hexdump_rev(&(cmacvs_ctx.in_byte),1);
// _delay_ms(500);
cli_putstr("\r\n starting last block");
cli_putstr("\r\n\tlength == ");
cli_hexdump_rev(&mlen,4);
cli_putstr("\r\n\tbuffersize_B == ");
cli_hexdump_rev(&(cmacvs_ctx.buffersize_B),2);
uint16_t temp=(mlen-cmacvs_ctx.blocks*cmacvs_ctx.buffersize_B)*8;
cli_putstr("\r\n\t (temp) == ");
cli_hexdump_rev(&temp,2);
// _delay_ms(500);
#endif
uint16_t temp=(mlen-cmacvs_ctx.blocks*cmacvs_ctx.buffersize_B)*8;
bcal_cmac_lastBlock( &(cmacvs_ctx.ctx), buffer, /* be aware of freaking compilers!!! */
// length-(cmacvs_ctx.blocks)*((cmacvs_ctx.buffersize_B)*8));
temp );
#if DEBUG
cli_putstr("\r\n starting ctx2cmac");
_delay_ms(500);
#endif
bcal_cmac_ctx2mac(tag, tlen*8, &(cmacvs_ctx.ctx));
#if DEBUG
cli_putstr("\r\n starting cmac free");
#endif
bcal_cmac_free(&(cmacvs_ctx.ctx));
cli_putstr("\r\n Mac = ");
cli_hexdump(tag, tlen);
}
}
void cmacvs_test2(void){ /* Ver tests */
int32_t klen, mlen, tlen;
int32_t expect_input=0;
if(!cmacvs_algo){
cli_putstr("\r\nERROR: select algorithm first!");
return;
}
char c;
cmacvs_ctx.buffersize_B=(cmacvs_algo->blocksize_b)/8;
uint8_t tag[cmacvs_ctx.buffersize_B];
uint8_t tag_ref[cmacvs_ctx.buffersize_B];
uint8_t buffer[cmacvs_ctx.buffersize_B+5];
cmacvs_ctx.buffer = buffer;
cli_putstr("\r\nbuffer_size = 0x");
cli_hexdump_rev(&(cmacvs_ctx.buffersize_B), 2);
cli_putstr(" bytes");
for(;;){
cmacvs_ctx.blocks = 0;
memset(buffer, 0, cmacvs_ctx.buffersize_B);
klen = getValue("Klen");
if(klen<0){
return;
}
mlen = getValue("Mlen");
if(mlen<0){
return;
}
tlen = getValue("Tlen");
if(tlen<0){
return;
}
uint8_t key_buffer[klen];
#if DEBUG
cli_putstr("\r\nKLen == ");
cli_hexdump_rev(&klen, 4);
cli_putstr("\r\nMLen == ");
cli_hexdump_rev(&mlen, 4);
cli_putstr("\r\nTLen == ");
cli_hexdump_rev(&tlen, 4);
#endif
getKey(key_buffer, klen);
if(mlen==0){
expect_input=2;
}else{
expect_input=mlen*2;
}
#if DEBUG
cli_putstr("\r\nexpected_input == ");
cli_hexdump_rev(&expect_input, 4);
if(expect_input==0)
cli_putstr("\r\nexpected_input == 0 !!!");
#endif
uint8_t ret;
#if DEBUG
cli_putstr("\r\n CMAC init");
cli_putstr("\r\n (2) expected_input == ");
cli_hexdump_rev(&expect_input, 4);
#endif
ret = bcal_cmac_init(cmacvs_algo, key_buffer, klen*8, &(cmacvs_ctx.ctx));
if(ret){
cli_putstr("\r\n bcal_cmac_init returned with: ");
cli_hexdump(&ret, 1);
return;
}
#if DEBUG
cli_putstr("\r\n (3) expected_input == ");
cli_hexdump_rev(&expect_input, 4);
cli_putstr("\r\n");
#endif
while((c=cli_getc_cecho())!='M' && c!='m'){
if(!isspace(c)){
cli_putstr("\r\nERROR: wrong input (1) [0x");
cli_hexdump(&c, 1);
cli_putstr("]!\r\n");
bcal_cmac_free(&(cmacvs_ctx.ctx));
return;
}
}
if((c=cli_getc_cecho())!='s' && c!='S'){
cli_putstr("\r\nERROR: wrong input (2)!\r\n");
bcal_cmac_free(&(cmacvs_ctx.ctx));
return;
}
if((c=cli_getc_cecho())!='g' && c!='G'){
cli_putstr("\r\nERROR: wrong input (3)!\r\n");
bcal_cmac_free(&(cmacvs_ctx.ctx));
return;
}
while((c=cli_getc_cecho())!='='){
if(!isspace(c)){
cli_putstr("\r\nERROR: wrong input (4)!\r\n");
bcal_cmac_free(&(cmacvs_ctx.ctx));
return;
}
}
#if DEBUG
cli_putstr("\r\nparsing started");
#endif
cmacvs_ctx.buffer_idx = 0;
cmacvs_ctx.in_byte = 0;
cmacvs_ctx.blocks = 0;
while(expect_input>0){
c=cli_getc_cecho();
#if DEBUG
cli_putstr("\r\n\t(");
cli_hexdump_rev(&expect_input, 4);
cli_putstr(") ");
_delay_ms(500);
#endif
if(buffer_add(c)==0){
--expect_input;
}else{
if(!isblank((uint16_t)c)){
cli_putstr("\r\nERROR: wrong input (5) (");
cli_putc(c);
cli_putstr(")!\r\n");
bcal_cmac_free(&(cmacvs_ctx.ctx));
return;
}
}
}
#if DEBUG
cli_putstr("\r\nBuffer-A:");
cli_hexdump_block(buffer, cmacvs_ctx.buffersize_B, 5, 8);
cli_putstr("\r\n starting finalisation");
cli_putstr("\r\n\tblocks == ");
cli_hexdump_rev(&(cmacvs_ctx.blocks),4);
cli_putstr("\r\n\tbuffer_idx == ");
cli_hexdump_rev(&(cmacvs_ctx.buffer_idx),2);
cli_putstr("\r\n\tin_byte == ");
cli_hexdump_rev(&(cmacvs_ctx.in_byte),1);
// _delay_ms(500);
cli_putstr("\r\n starting last block");
cli_putstr("\r\n\tlength == ");
cli_hexdump_rev(&mlen,4);
cli_putstr("\r\n\tbuffersize_B == ");
cli_hexdump_rev(&(cmacvs_ctx.buffersize_B),2);
uint16_t temp=(mlen-cmacvs_ctx.blocks*cmacvs_ctx.buffersize_B)*8;
cli_putstr("\r\n\t (temp) == ");
cli_hexdump_rev(&temp,2);
// _delay_ms(500);
#endif
uint16_t temp=(mlen-cmacvs_ctx.blocks*cmacvs_ctx.buffersize_B)*8;
bcal_cmac_lastBlock( &(cmacvs_ctx.ctx), buffer, /* be aware of freaking compilers!!! */
// length-(cmacvs_ctx.blocks)*((cmacvs_ctx.buffersize_B)*8));
temp );
#if DEBUG
cli_putstr("\r\n starting ctx2cmac");
_delay_ms(500);
#endif
bcal_cmac_ctx2mac(tag, tlen*8, &(cmacvs_ctx.ctx));
#if DEBUG
cli_putstr("\r\n starting cmac free");
#endif
bcal_cmac_free(&(cmacvs_ctx.ctx));
cli_putstr("\r\n Mac = ");
cli_hexdump(tag, tlen);
getMac(tag_ref, tlen);
if(memcmp(tag, tag_ref, tlen)){
cli_putstr("\r\n Result = F");
}else{
cli_putstr("\r\n Result = P");
}
}
}

42
test_src/cmacvs.h Normal file
View File

@ -0,0 +1,42 @@
/* cmacvs.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file cmacvs.h
* \author Daniel Otte
* \date 2010-02-02
* \license GPLv3 or later
*
*/
#ifndef CMACVS_H_
#define CMACVS_H_
#include <stdlib.h>
#include "blockcipher_descriptor.h"
extern bcdesc_t* cmacvs_algo;
extern bcdesc_t** cmacvs_algolist;
void cmacvs_listalgos(void);
void cmacvs_setalgo(char* param);
void cmacvs_test1(void);
void cmacvs_test2(void);
#endif /* CMACVS_H_ */

735
test_src/main-aes-test.c Normal file
View File

@ -0,0 +1,735 @@
/* main-aes-test.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*
* AES test-suit
*
*/
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include "config.h"
#include "cli.h"
#include "dump.h"
#include "uart_lowlevel.h"
#include "sysclock.h"
#include "hw_gptm.h"
#include "aes/aes.h"
#include "nessie_bc_test.h"
#include "performance_test.h"
#include "bcal_aes128.h"
#include "bcal_aes192.h"
#include "bcal_aes256.h"
#include "bcal-cbc.h"
#include "bcal-cfb_byte.h"
#include "bcal-cfb_bit.h"
#include "bcal-ofb.h"
#include "bcal-ctr.h"
#include "bcal-cmac.h"
#include "bcal-eax.h"
#include "cmacvs.h"
#include "bcal-performance.h"
char* algo_name = "AES";
void uart0_putc(char byte){
uart_putc(UART_0, byte);
}
char uart0_getc(void){
return uart_getc(UART_0);
}
const bcdesc_t* algolist[] = {
(bcdesc_t*)&aes128_desc,
(bcdesc_t*)&aes192_desc,
(bcdesc_t*)&aes256_desc,
NULL
};
/*****************************************************************************
* additional validation-functions *
*****************************************************************************/
void testrun_nessie_aes(void){
nessie_bc_ctx.blocksize_B = 16;
nessie_bc_ctx.keysize_b = 128;
nessie_bc_ctx.name = algo_name;
nessie_bc_ctx.ctx_size_B = sizeof(aes128_ctx_t);
nessie_bc_ctx.cipher_enc = (nessie_bc_enc_fpt)aes128_enc;
nessie_bc_ctx.cipher_dec = (nessie_bc_dec_fpt)aes128_dec;
nessie_bc_ctx.cipher_genctx = (nessie_bc_gen_fpt)aes_init;
nessie_bc_run();
nessie_bc_ctx.keysize_b = 192;
nessie_bc_ctx.ctx_size_B = sizeof(aes192_ctx_t);
nessie_bc_ctx.cipher_enc = (nessie_bc_enc_fpt)aes192_enc;
nessie_bc_ctx.cipher_dec = (nessie_bc_dec_fpt)aes192_dec;
nessie_bc_run();
nessie_bc_ctx.keysize_b = 256;
nessie_bc_ctx.ctx_size_B = sizeof(aes256_ctx_t);
nessie_bc_ctx.cipher_enc = (nessie_bc_enc_fpt)aes256_enc;
nessie_bc_ctx.cipher_dec = (nessie_bc_dec_fpt)aes256_dec;
nessie_bc_run();
}
void testrun_test_aes(void){
uint8_t key[16] = { 0x2b, 0x7e, 0x15, 0x16,
0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88,
0x09, 0xcf, 0x4f, 0x3c };
uint8_t data[16] = { 0x32, 0x43, 0xf6, 0xa8,
0x88, 0x5a, 0x30, 0x8d,
0x31, 0x31, 0x98, 0xa2,
0xe0, 0x37, 0x07, 0x34 };
aes128_ctx_t ctx;
aes128_init(key, &ctx);
cli_putstr("\r\n\r\n cipher test (FIPS 197):\r\n key: ");
cli_hexdump(key, 16);
cli_putstr("\r\n plaintext: ");
cli_hexdump(data, 16);
aes128_enc(data, &ctx);
cli_putstr("\r\n ciphertext: ");
cli_hexdump(data, 16);
aes128_dec(data, &ctx);
cli_putstr("\r\n plaintext: ");
cli_hexdump(data, 16);
cli_putstr("\r\n testing bcal:");
bcgen_ctx_t bcal_ctx;
uint8_t r;
r = bcal_cipher_init(&aes128_desc, key, 128, &bcal_ctx);
cli_putstr("\r\n init = 0x");
cli_hexdump(&r, 1);
bcal_cipher_enc(data, &bcal_ctx);
cli_putstr("\r\n ciphertext: ");
cli_hexdump(data, 16);
bcal_cipher_dec(data, &bcal_ctx);
cli_putstr("\r\n plaintext: ");
cli_hexdump(data, 16);
bcal_cipher_free(&bcal_ctx);
}
void testrun_testkey_aes128(void){
uint8_t key[16] = { 0x2b, 0x7e, 0x15, 0x16,
0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88,
0x09, 0xcf, 0x4f, 0x3c};
aes128_ctx_t ctx;
uint8_t i;
aes128_init(key, &ctx);
cli_putstr("\r\n\r\n keyschedule test (FIPS 197):\r\n key: ");
cli_hexdump(key, 16);
for(i=0; i<11; ++i){
cli_putstr("\r\n index: ");
cli_putc('0'+i/10);
cli_putc('0'+i%10);
cli_putstr(" roundkey ");
cli_hexdump(ctx.key[i].ks, 16);
}
}
void testrun_testkey_aes192(void){
uint8_t key[24] = { 0x8e, 0x73, 0xb0, 0xf7,
0xda, 0x0e, 0x64, 0x52,
0xc8, 0x10, 0xf3, 0x2b,
0x80, 0x90, 0x79, 0xe5,
0x62, 0xf8, 0xea, 0xd2,
0x52, 0x2c, 0x6b, 0x7b};
aes192_ctx_t ctx;
uint8_t i;
memset(&ctx, 0, sizeof(aes192_ctx_t));
aes192_init(key, &ctx);
cli_putstr("\r\n\r\n keyschedule test (FIPS 197):\r\n key: ");
cli_hexdump(key, 24);
for(i=0; i<13; ++i){
cli_putstr("\r\n index: ");
cli_putc('0'+i/10);
cli_putc('0'+i%10);
cli_putstr(" roundkey ");
cli_hexdump(ctx.key[i].ks, 16);
}
}
void testrun_testkey_aes256(void){
uint8_t key[32] = { 0x60, 0x3d, 0xeb, 0x10,
0x15, 0xca, 0x71, 0xbe,
0x2b, 0x73, 0xae, 0xf0,
0x85, 0x7d, 0x77, 0x81,
0x1f, 0x35, 0x2c, 0x07,
0x3b, 0x61, 0x08, 0xd7,
0x2d, 0x98, 0x10, 0xa3,
0x09, 0x14, 0xdf, 0xf4};
aes256_ctx_t ctx;
uint8_t i;
memset(&ctx, 0, sizeof(aes256_ctx_t));
aes256_init(key, &ctx);
cli_putstr("\r\n\r\n keyschedule test (FIPS 197):\r\n key: ");
cli_hexdump(key, 32);
for(i=0; i<15; ++i){
cli_putstr("\r\n index: ");
cli_putc('0'+i/10);
cli_putc('0'+i%10);
cli_putstr(" roundkey ");
cli_hexdump(ctx.key[i].ks, 16);
}
}
void testrun_testkey_aes(void){
testrun_testkey_aes128();
testrun_testkey_aes192();
testrun_testkey_aes256();
}
const uint8_t modes_key[] = {
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
};
const uint8_t modes_iv[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
};
const uint8_t modes_ctriv[] = {
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
};
const uint8_t modes_plain[] = {
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
/* --- */
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
/* --- */
0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
/* --- */
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
};
void testrun_aes128_cbc(void){
uint8_t key[16];
uint8_t iv[16];
uint8_t plain[64];
bcal_cbc_ctx_t ctx;
uint8_t r;
memcpy(key, modes_key, 16);
memcpy(iv, modes_iv, 16);
memcpy(plain, modes_plain, 64);
cli_putstr("\r\n** AES128-CBC-TEST **");
r = bcal_cbc_init(&aes128_desc, key, 128, &ctx);
cli_putstr("\r\n init = 0x");
cli_hexdump(&r, 1);
cli_putstr("\r\n key: ");
cli_hexdump(key, 128/8);
cli_putstr("\r\n IV: ");
cli_hexdump(iv, 128/8);
cli_putstr("\r\n plaintext:");
cli_hexdump_block(plain, 4*128/8, 4, 16);
if(r)
return;
bcal_cbc_encMsg(iv, plain, 4, &ctx);
cli_putstr("\r\n ciphertext: ");
cli_hexdump_block(plain, 4*128/8, 4, 16);
bcal_cbc_decMsg(iv, plain, 4, &ctx);
cli_putstr("\r\n plaintext: ");
cli_hexdump_block(plain, 4*128/8, 4, 16);
bcal_cbc_free(&ctx);
}
void testrun_aes128_cfb8(void){
uint8_t key[16];
uint8_t iv[16];
uint8_t plain[64];
bcal_cfb_B_ctx_t ctx;
uint8_t r;
memcpy(key, modes_key, 16);
memcpy(iv, modes_iv, 16);
memcpy(plain, modes_plain, 64);
cli_putstr("\r\n** AES128-CFB8-TEST **");
r = bcal_cfb_B_init(&aes128_desc, key, 128, 8, &ctx);
cli_putstr("\r\n init = 0x");
cli_hexdump(&r, 1);
cli_putstr("\r\n key: ");
cli_hexdump(key, 128/8);
cli_putstr("\r\n IV: ");
cli_hexdump(iv, 128/8);
cli_putstr("\r\n plaintext:");
cli_hexdump_block(plain, 4*128/8, 4, 16);
if(r)
return;
bcal_cfb_B_encMsg(iv, plain, 64, &ctx);
cli_putstr("\r\n ciphertext: ");
cli_hexdump_block(plain, 64, 4, 16);
bcal_cfb_B_decMsg(iv, plain, 64, &ctx);
cli_putstr("\r\n plaintext: ");
cli_hexdump_block(plain, 64, 4, 16);
bcal_cfb_B_free(&ctx);
}
void testrun_aes128_cfb1(void){
uint8_t key[16];
uint8_t iv[16];
uint8_t plain[64];
bcal_cfb_b_ctx_t ctx;
uint8_t r;
memcpy(key, modes_key, 16);
memcpy(iv, modes_iv, 16);
memcpy(plain, modes_plain, 64);
cli_putstr("\r\n** AES128-CFB1-TEST **");
r = bcal_cfb_b_init(&aes128_desc, key, 128, 1, &ctx);
cli_putstr("\r\n init = 0x");
cli_hexdump(&r, 1);
cli_putstr("\r\n key: ");
cli_hexdump(key, 128/8);
cli_putstr("\r\n IV: ");
cli_hexdump(iv, 128/8);
cli_putstr("\r\n plaintext:");
cli_hexdump_block(plain, 2, 4, 16);
if(r)
return;
uint8_t i, bit_offset, byte_offset;
bcal_cfb_b_loadIV(iv, &ctx);
for(i=0; i<16; ++i){
byte_offset = i/8;
bit_offset = i&7;
cli_putstr("\r\n plain bit: ");
cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
bcal_cfb_b_encNext(plain+byte_offset, bit_offset, &ctx);
cli_putstr("\r\n cipher bit: ");
cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
}
cli_putstr("\r\n ciphertext: ");
cli_hexdump_block(plain, 2, 4, 16);
bcal_cfb_b_loadIV(iv, &ctx);
for(i=0; i<16; ++i){
byte_offset = i/8;
bit_offset = i&7;
cli_putstr("\r\n plain bit: ");
cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
bcal_cfb_b_decNext(plain+byte_offset, bit_offset, &ctx);
cli_putstr("\r\n cipher bit: ");
cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
}
cli_putstr("\r\n plaintext: ");
cli_hexdump_block(plain, 2, 4, 16);
bcal_cfb_b_encMsg(iv, plain, 0, 64*8, &ctx);
cli_putstr("\r\n ciphertext: ");
cli_hexdump_block(plain, 64, 4, 16);
bcal_cfb_b_decMsg(iv, plain, 0, 64*8, &ctx);
cli_putstr("\r\n plaintext: ");
cli_hexdump_block(plain, 64, 4, 16);
bcal_cfb_b_free(&ctx);
}
void testrun_aes128_ofb(void){
uint8_t key[16];
uint8_t iv[16];
uint8_t plain[64];
bcal_ofb_ctx_t ctx;
uint8_t r;
memcpy(key, modes_key, 16);
memcpy(iv, modes_iv, 16);
memcpy(plain, modes_plain, 64);
cli_putstr("\r\n** AES128-OFB-TEST **");
r = bcal_ofb_init(&aes128_desc, key, 128, &ctx);
cli_putstr("\r\n init = 0x");
cli_hexdump(&r, 1);
cli_putstr("\r\n key: ");
cli_hexdump(key, 128/8);
cli_putstr("\r\n IV: ");
cli_hexdump(iv, 128/8);
cli_putstr("\r\n plaintext:");
cli_hexdump_block(plain, 4*128/8, 4, 16);
if(r)
return;
bcal_ofb_encMsg(iv, plain, 4*128, &ctx);
cli_putstr("\r\n ciphertext: ");
cli_hexdump_block(plain, 4*128/8, 4, 16);
bcal_ofb_decMsg(iv, plain, 4*128, &ctx);
cli_putstr("\r\n plaintext: ");
cli_hexdump_block(plain, 4*128/8, 4, 16);
bcal_ofb_free(&ctx);
}
void testrun_aes128_ctr(void){
uint8_t key[16];
uint8_t iv[16];
uint8_t plain[64];
bcal_ctr_ctx_t ctx;
uint8_t r;
memcpy(key, modes_key, 16);
memcpy(iv, modes_ctriv, 16);
memcpy(plain, modes_plain, 64);
cli_putstr("\r\n** AES128-CTR-TEST **");
r = bcal_ctr_init(&aes128_desc, key, 128, NULL, &ctx);
cli_putstr("\r\n init = 0x");
cli_hexdump(&r, 1);
cli_putstr("\r\n key: ");
cli_hexdump(key, 128/8);
cli_putstr("\r\n IV: ");
cli_hexdump(iv, 128/8);
cli_putstr("\r\n plaintext:");
cli_hexdump_block(plain, 4*128/8, 4, 16);
if(r)
return;
bcal_ctr_encMsg(iv, plain, 4*128, &ctx);
cli_putstr("\r\n ciphertext: ");
cli_hexdump_block(plain, 4*128/8, 4, 16);
bcal_ctr_decMsg(iv, plain, 4*128, &ctx);
cli_putstr("\r\n plaintext: ");
cli_hexdump_block(plain, 4*128/8, 4, 16);
bcal_ctr_free(&ctx);
}
void testrun_aes128_cmac(void){
uint8_t key[16];
uint8_t tag[16];
uint8_t plain[64];
uint16_t length[] = { 0, 128, 320, 512 };
bcal_cmac_ctx_t ctx;
uint8_t r,i;
memcpy(key, modes_key, 16);
memcpy(plain, modes_plain, 64);
cli_putstr("\r\n** AES128-CMAC-TEST **");
cli_putstr("\r\n key: ");
cli_hexdump(key, 128/8);
for(i=0; i<4; ++i){
r = bcal_cmac_init(&aes128_desc, key, 128, &ctx);
cli_putstr("\r\n init = 0x");
cli_hexdump(&r, 1);
cli_putstr("\r\n message: ");
cli_hexdump_block(plain, length[i]/8, 4, 16);
if(r)
return;
bcal_cmac(tag, 128, plain, length[i], &ctx);
cli_putstr("\r\n tag: ");
cli_hexdump_block(tag, 128/8, 4, 16);
bcal_cmac_free(&ctx);
}
}
/*
Klen = 16
Mlen = 18
Tlen = 2
Key = 3250974e306b4b678f914b514d1e90f6
Msg = cf132fd4ebc25fd3866f1a95a6193a1a9cdf
*/
void testrun_aes128_cmac72(void){
uint8_t key[16]= {
0x32, 0x50, 0x97, 0x4e, 0x30, 0x6b, 0x4b, 0x67,
0x8f, 0x91, 0x4b, 0x51, 0x4d, 0x1e, 0x90, 0xf6
};
uint8_t tag[2];
uint8_t plain[18] = {
0xcf, 0x13, 0x2f, 0xd4, 0xeb, 0xc2, 0x5f, 0xd3,
0x86, 0x6f, 0x1a, 0x95, 0xa6, 0x19, 0x3a, 0x1a,
0x9c, 0xdf,
};
bcal_cmac_ctx_t ctx;
uint8_t r;
cli_putstr("\r\n** AES128-CMAC-72-TEST **");
cli_putstr("\r\n key: ");
cli_hexdump(key, 128/8);
r = bcal_cmac_init(&aes128_desc, key, 128, &ctx);
cli_putstr("\r\n init = 0x");
cli_hexdump(&r, 1);
cli_putstr("\r\n message: ");
cli_hexdump_block(plain, 18, 4, 16);
if(r)
return;
bcal_cmac(tag, 16, plain, 18*8, &ctx);
cli_putstr("\r\n tag: ");
cli_hexdump_block(tag, 2, 4, 16);
bcal_cmac_free(&ctx);
}
/*
Count = 0
Klen = 24
Mlen = 0
Tlen = 2
Key = 2b2aaa666be161ed16648e862ac9bd1e317f71bc69e268b5
Msg = 00
*/
void testrun_aes192_cmac0(void){
uint8_t key[24]= {
0x2b, 0x2a, 0xaa, 0x66, 0x6b, 0xe1, 0x61, 0xed,
0x16, 0x64, 0x8e, 0x86, 0x2a, 0xc9, 0xbd, 0x1e,
0x31, 0x7f, 0x71, 0xbc, 0x69, 0xe2, 0x68, 0xb5
};
uint8_t tag[2];
uint8_t plain[1] = {
0x00
};
bcal_cmac_ctx_t ctx;
uint8_t r;
cli_putstr("\r\n** AES192-CMAC-0-TEST **");
cli_putstr("\r\n key: ");
cli_hexdump(key, 192/8);
r = bcal_cmac_init(&aes192_desc, key, 192, &ctx);
cli_putstr("\r\n init = 0x");
cli_hexdump(&r, 1);
if(r)
return;
bcal_cmac(tag, 16, plain, 0*8, &ctx);
cli_putstr("\r\n tag: ");
cli_hexdump_block(tag, 2, 4, 16);
bcal_cmac_free(&ctx);
}
const uint8_t eax_msg[] = {
0xF7, 0xFB,
0x1A, 0x47, 0xCB, 0x49, 0x33,
0x48, 0x1C, 0x9E, 0x39, 0xB1,
0x40, 0xD0, 0xC0, 0x7D, 0xA5, 0xE4,
0x4D, 0xE3, 0xB3, 0x5C, 0x3F, 0xC0, 0x39, 0x24, 0x5B, 0xD1, 0xFB, 0x7D,
0x8B, 0x0A, 0x79, 0x30, 0x6C, 0x9C, 0xE7, 0xED, 0x99, 0xDA, 0xE4, 0xF8, 0x7F, 0x8D, 0xD6, 0x16, 0x36,
0x1B, 0xDA, 0x12, 0x2B, 0xCE, 0x8A, 0x8D, 0xBA, 0xF1, 0x87, 0x7D, 0x96, 0x2B, 0x85, 0x92, 0xDD, 0x2D, 0x56,
0x6C, 0xF3, 0x67, 0x20, 0x87, 0x2B, 0x85, 0x13, 0xF6, 0xEA, 0xB1, 0xA8, 0xA4, 0x44, 0x38, 0xD5, 0xEF, 0x11,
0xCA, 0x40, 0xD7, 0x44, 0x6E, 0x54, 0x5F, 0xFA, 0xED, 0x3B, 0xD1, 0x2A, 0x74, 0x0A, 0x65, 0x9F, 0xFB, 0xBB, 0x3C, 0xEA, 0xB7
};
const uint8_t eax_msg_len[] = {0, 2, 5, 5, 6, 12, 17, 18, 18, 21};
const uint8_t eax_key[] = {
0x23, 0x39, 0x52, 0xDE, 0xE4, 0xD5, 0xED, 0x5F, 0x9B, 0x9C, 0x6D, 0x6F, 0xF8, 0x0F, 0xF4, 0x78,
0x91, 0x94, 0x5D, 0x3F, 0x4D, 0xCB, 0xEE, 0x0B, 0xF4, 0x5E, 0xF5, 0x22, 0x55, 0xF0, 0x95, 0xA4,
0x01, 0xF7, 0x4A, 0xD6, 0x40, 0x77, 0xF2, 0xE7, 0x04, 0xC0, 0xF6, 0x0A, 0xDA, 0x3D, 0xD5, 0x23,
0xD0, 0x7C, 0xF6, 0xCB, 0xB7, 0xF3, 0x13, 0xBD, 0xDE, 0x66, 0xB7, 0x27, 0xAF, 0xD3, 0xC5, 0xE8,
0x35, 0xB6, 0xD0, 0x58, 0x00, 0x05, 0xBB, 0xC1, 0x2B, 0x05, 0x87, 0x12, 0x45, 0x57, 0xD2, 0xC2,
0xBD, 0x8E, 0x6E, 0x11, 0x47, 0x5E, 0x60, 0xB2, 0x68, 0x78, 0x4C, 0x38, 0xC6, 0x2F, 0xEB, 0x22,
0x7C, 0x77, 0xD6, 0xE8, 0x13, 0xBE, 0xD5, 0xAC, 0x98, 0xBA, 0xA4, 0x17, 0x47, 0x7A, 0x2E, 0x7D,
0x5F, 0xFF, 0x20, 0xCA, 0xFA, 0xB1, 0x19, 0xCA, 0x2F, 0xC7, 0x35, 0x49, 0xE2, 0x0F, 0x5B, 0x0D,
0xA4, 0xA4, 0x78, 0x2B, 0xCF, 0xFD, 0x3E, 0xC5, 0xE7, 0xEF, 0x6D, 0x8C, 0x34, 0xA5, 0x61, 0x23,
0x83, 0x95, 0xFC, 0xF1, 0xE9, 0x5B, 0xEB, 0xD6, 0x97, 0xBD, 0x01, 0x0B, 0xC7, 0x66, 0xAA, 0xC3
};
const uint8_t eax_nonce[] = {
0x62, 0xEC, 0x67, 0xF9, 0xC3, 0xA4, 0xA4, 0x07, 0xFC, 0xB2, 0xA8, 0xC4, 0x90, 0x31, 0xA8, 0xB3,
0xBE, 0xCA, 0xF0, 0x43, 0xB0, 0xA2, 0x3D, 0x84, 0x31, 0x94, 0xBA, 0x97, 0x2C, 0x66, 0xDE, 0xBD,
0x70, 0xC3, 0xDB, 0x4F, 0x0D, 0x26, 0x36, 0x84, 0x00, 0xA1, 0x0E, 0xD0, 0x5D, 0x2B, 0xFF, 0x5E,
0x84, 0x08, 0xDF, 0xFF, 0x3C, 0x1A, 0x2B, 0x12, 0x92, 0xDC, 0x19, 0x9E, 0x46, 0xB7, 0xD6, 0x17,
0xFD, 0xB6, 0xB0, 0x66, 0x76, 0xEE, 0xDC, 0x5C, 0x61, 0xD7, 0x42, 0x76, 0xE1, 0xF8, 0xE8, 0x16,
0x6E, 0xAC, 0x5C, 0x93, 0x07, 0x2D, 0x8E, 0x85, 0x13, 0xF7, 0x50, 0x93, 0x5E, 0x46, 0xDA, 0x1B,
0x1A, 0x8C, 0x98, 0xDC, 0xD7, 0x3D, 0x38, 0x39, 0x3B, 0x2B, 0xF1, 0x56, 0x9D, 0xEE, 0xFC, 0x19,
0xDD, 0xE5, 0x9B, 0x97, 0xD7, 0x22, 0x15, 0x6D, 0x4D, 0x9A, 0xFF, 0x2B, 0xC7, 0x55, 0x98, 0x26,
0xB7, 0x81, 0xFC, 0xF2, 0xF7, 0x5F, 0xA5, 0xA8, 0xDE, 0x97, 0xA9, 0xCA, 0x48, 0xE5, 0x22, 0xEC,
0x22, 0xE7, 0xAD, 0xD9, 0x3C, 0xFC, 0x63, 0x93, 0xC5, 0x7E, 0xC0, 0xB3, 0xC1, 0x7D, 0x6B, 0x44
};
const uint8_t eax_header[] = {
0x6B, 0xFB, 0x91, 0x4F, 0xD0, 0x7E, 0xAE, 0x6B,
0xFA, 0x3B, 0xFD, 0x48, 0x06, 0xEB, 0x53, 0xFA,
0x23, 0x4A, 0x34, 0x63, 0xC1, 0x26, 0x4A, 0xC6,
0x33, 0xCC, 0xE2, 0xEA, 0xBF, 0xF5, 0xA7, 0x9D,
0xAE, 0xB9, 0x6E, 0xAE, 0xBE, 0x29, 0x70, 0xE9,
0xD4, 0x48, 0x2D, 0x1C, 0xA7, 0x8D, 0xCE, 0x0F,
0x65, 0xD2, 0x01, 0x79, 0x90, 0xD6, 0x25, 0x28,
0x54, 0xB9, 0xF0, 0x4E, 0x6A, 0x09, 0x18, 0x9A,
0x89, 0x9A, 0x17, 0x58, 0x97, 0x56, 0x1D, 0x7E,
0x12, 0x67, 0x35, 0xFC, 0xC3, 0x20, 0xD2, 0x5A
};
const uint8_t eax_cipher[] = {
0xE0, 0x37, 0x83, 0x0E, 0x83, 0x89, 0xF2, 0x7B, 0x02, 0x5A, 0x2D, 0x65, 0x27, 0xE7, 0x9D, 0x01,
0x19, 0xDD, 0x5C, 0x4C, 0x93, 0x31, 0x04, 0x9D, 0x0B, 0xDA, 0xB0, 0x27, 0x74, 0x08, 0xF6, 0x79, 0x67, 0xE5,
0xD8, 0x51, 0xD5, 0xBA, 0xE0, 0x3A, 0x59, 0xF2, 0x38, 0xA2, 0x3E, 0x39, 0x19, 0x9D, 0xC9, 0x26, 0x66, 0x26, 0xC4, 0x0F, 0x80,
0x63, 0x2A, 0x9D, 0x13, 0x1A, 0xD4, 0xC1, 0x68, 0xA4, 0x22, 0x5D, 0x8E, 0x1F, 0xF7, 0x55, 0x93, 0x99, 0x74, 0xA7, 0xBE, 0xDE,
0x07, 0x1D, 0xFE, 0x16, 0xC6, 0x75, 0xCB, 0x06, 0x77, 0xE5, 0x36, 0xF7, 0x3A, 0xFE, 0x6A, 0x14, 0xB7, 0x4E, 0xE4, 0x98, 0x44, 0xDD,
0x83, 0x5B, 0xB4, 0xF1, 0x5D, 0x74, 0x3E, 0x35, 0x0E, 0x72, 0x84, 0x14, 0xAB, 0xB8, 0x64, 0x4F, 0xD6, 0xCC, 0xB8, 0x69, 0x47, 0xC5, 0xE1, 0x05, 0x90, 0x21, 0x0A, 0x4F,
0x02, 0x08, 0x3E, 0x39, 0x79, 0xDA, 0x01, 0x48, 0x12, 0xF5, 0x9F, 0x11, 0xD5, 0x26, 0x30, 0xDA, 0x30, 0x13, 0x73, 0x27, 0xD1, 0x06, 0x49, 0xB0, 0xAA, 0x6E, 0x1C, 0x18, 0x1D, 0xB6, 0x17, 0xD7, 0xF2,
0x2E, 0xC4, 0x7B, 0x2C, 0x49, 0x54, 0xA4, 0x89, 0xAF, 0xC7, 0xBA, 0x48, 0x97, 0xED, 0xCD, 0xAE, 0x8C, 0xC3, 0x3B, 0x60, 0x45, 0x05, 0x99, 0xBD, 0x02, 0xC9, 0x63, 0x82, 0x90, 0x2A, 0xEF, 0x7F, 0x83, 0x2A,
0x0D, 0xE1, 0x8F, 0xD0, 0xFD, 0xD9, 0x1E, 0x7A, 0xF1, 0x9F, 0x1D, 0x8E, 0xE8, 0x73, 0x39, 0x38, 0xB1, 0xE8, 0xE7, 0xF6, 0xD2, 0x23, 0x16, 0x18, 0x10, 0x2F, 0xDB, 0x7F, 0xE5, 0x5F, 0xF1, 0x99, 0x17, 0x00,
0xCB, 0x89, 0x20, 0xF8, 0x7A, 0x6C, 0x75, 0xCF, 0xF3, 0x96, 0x27, 0xB5, 0x6E, 0x3E, 0xD1, 0x97, 0xC5, 0x52, 0xD2, 0x95, 0xA7, 0xCF, 0xC4, 0x6A, 0xFC, 0x25, 0x3B, 0x46, 0x52, 0xB1, 0xAF, 0x37, 0x95, 0xB1, 0x24, 0xAB, 0x6E
};
void testrun_aes128_eax(void){
uint8_t key[16];
uint8_t nonce[16];
uint8_t header[8];
uint8_t tag[16];
uint8_t msg[21];
uint8_t msg_len;
const void* msg_p;
const void* cipher_p;
uint8_t i, r;
bcal_eax_ctx_t ctx;
msg_p = eax_msg;
cipher_p = eax_cipher;
for(i=0; i<10; ++i){
cli_putstr("\r\n\r\n** AES128-EAX-TEST #");
cli_putc('0'+i);
cli_putstr(" **");
msg_len = eax_msg_len[i];
memcpy(key, eax_key+16*i, 16);
memcpy(nonce, eax_nonce+16*i, 16);
memcpy(header, eax_header+8*i, 8);
memcpy(msg, msg_p, msg_len);
msg_p = (uint8_t*)msg_p+msg_len;
cli_putstr("\r\n key: ");
cli_hexdump(key, 16);
cli_putstr("\r\n msg: ");
if(msg_len){
cli_hexdump(msg, msg_len);
}
cli_putstr("\r\n nonce: ");
cli_hexdump(nonce, 16);
cli_putstr("\r\n header: ");
cli_hexdump(header, 8);
r = bcal_eax_init(&aes128_desc, key, 128, &ctx);
cli_putstr("\r\n init = 0x");
cli_hexdump(&r, 1);
if(r)
return;
bcal_eax_loadNonce(nonce, 16*8, &ctx);
bcal_eax_addLastHeader(header, 8*8, &ctx);
bcal_eax_encLastBlock(msg, msg_len*8, &ctx);
bcal_eax_ctx2tag(tag, 128, &ctx);
cli_putstr("\r\n cipher: ");
cli_hexdump_block(msg, msg_len, 4, 16);
cli_putstr("\r\n tag: ");
cli_hexdump_block(tag, 16, 4, 16);
if(memcmp(msg, cipher_p, msg_len)){
cli_putstr("\r\n cipher: [fail]\r\n should: ");
memcpy(msg, cipher_p, msg_len);
cli_hexdump_block(msg, msg_len, 4, 16);
}else{
cli_putstr("\r\n cipher: [pass]");
}
cipher_p = ((uint8_t*)cipher_p)+msg_len;
// *
if(memcmp(tag, cipher_p, 16)){
cli_putstr("\r\n tag: [fail]");
}else{
cli_putstr("\r\n tag: [pass]");
}
cipher_p = ((uint8_t*)cipher_p)+16;
bcal_eax_free(&ctx);
}
}
/*****************************************************************************/
void testrun_performance_aes(void){
bcal_performance_multiple(algolist);
}
/*****************************************************************************
* main *
*****************************************************************************/
const cmdlist_entry_t cmdlist[] = {
{ "nessie", NULL, testrun_nessie_aes },
{ "test", NULL, testrun_test_aes },
{ "testkey", NULL, testrun_testkey_aes },
{ "testcbc", NULL, testrun_aes128_cbc },
{ "testcfb8", NULL, testrun_aes128_cfb8 },
{ "testcfb1", NULL, testrun_aes128_cfb1 },
{ "testofb", NULL, testrun_aes128_ofb },
{ "testctr", NULL, testrun_aes128_ctr },
{ "testcmac", NULL, testrun_aes128_cmac },
{ "testcmac72", NULL, testrun_aes128_cmac72 },
{ "testcmac0", NULL, testrun_aes192_cmac0 },
{ "testeax", NULL, testrun_aes128_eax },
{ "cmacvs_list", NULL, cmacvs_listalgos },
{ "cmacvs_set", (void*)1, (void_fpt)cmacvs_setalgo },
{ "cmacvs_test1", NULL, cmacvs_test1 },
{ "cmacvs_test2", NULL, cmacvs_test2 },
{ "performance", NULL, testrun_performance_aes },
{ "dump", (void*)1, (void_fpt)dump },
{ "echo", (void*)1, (void_fpt)echo_ctrl },
{ NULL, NULL, NULL }
};
int main (void){
sysclk_set_freq(SYS_FREQ);
sysclk_mosc_verify_enable();
uart_init(UART_0, 115200, 8, UART_PARATY_NONE, UART_STOPBITS_ONE);
gptm_set_timer_32periodic(TIMER0);
cli_rx = uart0_getc;
cli_tx = uart0_putc;
cmacvs_algolist=(bcdesc_t**)algolist;
cmacvs_algo=(bcdesc_t*)&aes128_desc;
for(;;){
cli_putstr("\r\n\r\nARM-Crypto-Lib VS (");
cli_putstr(algo_name);
cli_putstr("; ");
cli_putstr(__DATE__);
cli_putc(' ');
cli_putstr(__TIME__);
cli_putstr(")\r\nloaded and running\r\n");
cmd_interface(cmdlist);
}
}