initial commit of a bunch of code
This commit is contained in:
commit
5f46191d26
|
@ -0,0 +1,61 @@
|
||||||
|
/* blake_common.c */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* \file blake_common.c
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \date 2009-05-08
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
const
|
||||||
|
uint8_t blake_sigma[] = {
|
||||||
|
0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF,
|
||||||
|
0xE, 0xA, 0x4, 0x8, 0x9, 0xF, 0xD, 0x6, 0x1, 0xC, 0x0, 0x2, 0xB, 0x7, 0x5, 0x3,
|
||||||
|
0xB, 0x8, 0xC, 0x0, 0x5, 0x2, 0xF, 0xD, 0xA, 0xE, 0x3, 0x6, 0x7, 0x1, 0x9, 0x4,
|
||||||
|
0x7, 0x9, 0x3, 0x1, 0xD, 0xC, 0xB, 0xE, 0x2, 0x6, 0x5, 0xA, 0x4, 0x0, 0xF, 0x8,
|
||||||
|
0x9, 0x0, 0x5, 0x7, 0x2, 0x4, 0xA, 0xF, 0xE, 0x1, 0xB, 0xC, 0x6, 0x8, 0x3, 0xD,
|
||||||
|
0x2, 0xC, 0x6, 0xA, 0x0, 0xB, 0x8, 0x3, 0x4, 0xD, 0x7, 0x5, 0xF, 0xE, 0x1, 0x9,
|
||||||
|
0xC, 0x5, 0x1, 0xF, 0xE, 0xD, 0x4, 0xA, 0x0, 0x7, 0x6, 0x3, 0x9, 0x2, 0x8, 0xB,
|
||||||
|
0xD, 0xB, 0x7, 0xE, 0xC, 0x1, 0x3, 0x9, 0x5, 0x0, 0xF, 0x4, 0x8, 0x6, 0x2, 0xA,
|
||||||
|
0x6, 0xF, 0xE, 0x9, 0xB, 0x3, 0x0, 0x8, 0xC, 0x2, 0xD, 0x7, 0x1, 0x4, 0xA, 0x5,
|
||||||
|
0xA, 0x2, 0x8, 0x4, 0x7, 0x6, 0x1, 0x5, 0xF, 0xB, 0x9, 0xE, 0x3, 0xC, 0xD, 0x0,
|
||||||
|
/* the following lines are for large blake (blake48 & blake64) */
|
||||||
|
0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF,
|
||||||
|
0xE, 0xA, 0x4, 0x8, 0x9, 0xF, 0xD, 0x6, 0x1, 0xC, 0x0, 0x2, 0xB, 0x7, 0x5, 0x3,
|
||||||
|
0xB, 0x8, 0xC, 0x0, 0x5, 0x2, 0xF, 0xD, 0xA, 0xE, 0x3, 0x6, 0x7, 0x1, 0x9, 0x4,
|
||||||
|
0x7, 0x9, 0x3, 0x1, 0xD, 0xC, 0xB, 0xE, 0x2, 0x6, 0x5, 0xA, 0x4, 0x0, 0xF, 0x8
|
||||||
|
};
|
||||||
|
|
||||||
|
const
|
||||||
|
uint8_t blake_index_lut[] = {
|
||||||
|
0x0, 0x4, 0x8, 0xC,
|
||||||
|
0x1, 0x5, 0x9, 0xD,
|
||||||
|
0x2, 0x6, 0xA, 0xE,
|
||||||
|
0x3, 0x7, 0xB, 0xF,
|
||||||
|
0x0, 0x5, 0xA, 0xF,
|
||||||
|
0x1, 0x6, 0xB, 0xC,
|
||||||
|
0x2, 0x7, 0x8, 0xD,
|
||||||
|
0x3, 0x4, 0x9, 0xE
|
||||||
|
};
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,37 @@
|
||||||
|
/* blake_common.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* \file blake_common.h
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \date 2009-05-08
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef BLAKE_COMMON_H_
|
||||||
|
#define BLAKE_COMMON_H_
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
extern const uint8_t blake_sigma[];
|
||||||
|
extern const uint8_t blake_index_lut[];
|
||||||
|
|
||||||
|
#endif /* BLAKE_COMMON_H_ */
|
|
@ -0,0 +1,258 @@
|
||||||
|
/* blake_large.c */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* \file blake_large.c
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \date 2009-05-08
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "memxor.h"
|
||||||
|
#include "blake_large.h"
|
||||||
|
#include "blake_common.h"
|
||||||
|
|
||||||
|
static const
|
||||||
|
uint64_t blake_c[] = {
|
||||||
|
0x243F6A8885A308D3LL, 0x13198A2E03707344LL,
|
||||||
|
0xA4093822299F31D0LL, 0x082EFA98EC4E6C89LL,
|
||||||
|
0x452821E638D01377LL, 0xBE5466CF34E90C6CLL,
|
||||||
|
0xC0AC29B7C97C50DDLL, 0x3F84D5B5B5470917LL,
|
||||||
|
0x9216D5D98979FB1BLL, 0xD1310BA698DFB5ACLL,
|
||||||
|
0x2FFD72DBD01ADFB7LL, 0xB8E1AFED6A267E96LL,
|
||||||
|
0xBA7C9045F12C7F99LL, 0x24A19947B3916CF7LL,
|
||||||
|
0x0801F2E2858EFC16LL, 0x636920D871574E69LL
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
#define ROTL64(a, n) (((a)<<(n))|((a)>>(64-(n))))
|
||||||
|
#define ROTR64(a, n) (((a)>>(n))|((a)<<(64-(n))))
|
||||||
|
#define CHANGE_ENDIAN32(a) (((a)<<24)| \
|
||||||
|
((0x0000ff00&(a))<<8)| \
|
||||||
|
((0x00ff0000&(a))>>8)| \
|
||||||
|
(a)>>24 )
|
||||||
|
|
||||||
|
static
|
||||||
|
void blake_large_expand(uint64_t* v, const blake_large_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
memcpy(v, ctx->h, 8*8);
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
v[8+i] = blake_c[i];
|
||||||
|
}
|
||||||
|
memxor((uint8_t*)v+8, ctx->s, 4*8);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
void blake_large_changeendian(void* dest, const void* src){
|
||||||
|
uint8_t i;
|
||||||
|
uint32_t tmp;
|
||||||
|
for(i=0; i<32; i+=2){
|
||||||
|
tmp = CHANGE_ENDIAN32(((uint32_t*)src)[i]);
|
||||||
|
((uint32_t*)dest)[i] = CHANGE_ENDIAN32(((uint32_t*)src)[i+1]);
|
||||||
|
((uint32_t*)dest)[i+1] = tmp;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#define A (v[idx.v8[0]])
|
||||||
|
#define B (v[idx.v8[1]])
|
||||||
|
#define C (v[idx.v8[2]])
|
||||||
|
#define D (v[idx.v8[3]])
|
||||||
|
|
||||||
|
static
|
||||||
|
void blake_large_compress(uint64_t* v,const void* m){
|
||||||
|
uint8_t r,i;
|
||||||
|
uint8_t s0, s1;
|
||||||
|
union {
|
||||||
|
uint32_t v32;
|
||||||
|
uint8_t v8[4];
|
||||||
|
}idx;
|
||||||
|
for(r=0; r<14; ++r){
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
idx.v32 = ((uint32_t*)blake_index_lut)[i];
|
||||||
|
s0 = blake_sigma[16*r+2*i+0];
|
||||||
|
s1 = blake_sigma[16*r+2*i+1];
|
||||||
|
A += B + (((uint64_t*)m)[s0] ^ blake_c[s1]);
|
||||||
|
D = ROTR64(D^A, 32);
|
||||||
|
C += D;
|
||||||
|
B = ROTR64(B^C, 25);
|
||||||
|
A += B + (((uint64_t*)m)[s1] ^ blake_c[s0]);
|
||||||
|
D = ROTR64(D^A, 16);
|
||||||
|
C += D;
|
||||||
|
B = ROTR64(B^C, 11);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
void blake_large_collapse(blake_large_ctx_t* ctx, uint64_t* v){
|
||||||
|
uint8_t i;
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
ctx->h[i] ^= ctx->s[i%4] ^ v[i] ^ v[8+i];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake_large_nextBlock(blake_large_ctx_t* ctx, const void* msg){
|
||||||
|
uint64_t v[16];
|
||||||
|
uint64_t m[16];
|
||||||
|
union {
|
||||||
|
uint64_t v64;
|
||||||
|
uint32_t v32[2];
|
||||||
|
}ctr;
|
||||||
|
blake_large_expand(v,ctx);
|
||||||
|
ctx->counter++;
|
||||||
|
ctr.v64 = ctx->counter*1024;
|
||||||
|
v[12] ^= ctr.v64;
|
||||||
|
v[13] ^= ctr.v64;
|
||||||
|
blake_large_changeendian(m, msg);
|
||||||
|
blake_large_compress(v, m);
|
||||||
|
blake_large_collapse(ctx, v);
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake_large_lastBlock(blake_large_ctx_t* ctx, const void* msg, uint16_t length_b){
|
||||||
|
while(length_b>=BLAKE_LARGE_BLOCKSIZE){
|
||||||
|
blake_large_nextBlock(ctx, msg);
|
||||||
|
msg = (uint8_t*)msg + BLAKE_LARGE_BLOCKSIZE_B;
|
||||||
|
length_b -= BLAKE_LARGE_BLOCKSIZE;
|
||||||
|
}
|
||||||
|
uint8_t buffer[128];
|
||||||
|
uint64_t v[16];
|
||||||
|
uint64_t ctr;
|
||||||
|
ctr = ctx->counter*1024+length_b;
|
||||||
|
memset(buffer, 0, 128);
|
||||||
|
memcpy(buffer, msg, (length_b+7)/8);
|
||||||
|
buffer[length_b/8] |= 0x80 >> (length_b&0x7);
|
||||||
|
blake_large_changeendian(buffer, buffer);
|
||||||
|
blake_large_expand(v, ctx);
|
||||||
|
if(length_b>1024-128-2){
|
||||||
|
v[12] ^= ctr;
|
||||||
|
v[13] ^= ctr;
|
||||||
|
blake_large_compress(v, buffer);
|
||||||
|
blake_large_collapse(ctx, v);
|
||||||
|
memset(buffer, 0, 128-8);
|
||||||
|
blake_large_expand(v, ctx);
|
||||||
|
} else {
|
||||||
|
if(length_b){
|
||||||
|
v[12] ^= ctr;
|
||||||
|
v[13] ^= ctr;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if(ctx->appendone)
|
||||||
|
buffer[128-16-8] |= 0x01;
|
||||||
|
*((uint64_t*)(&(buffer[128-8]))) = ctr;
|
||||||
|
blake_large_compress(v, buffer);
|
||||||
|
blake_large_collapse(ctx, v);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
static const
|
||||||
|
uint64_t blake64_iv[] = {
|
||||||
|
0x6A09E667F3BCC908LL, 0xBB67AE8584CAA73BLL,
|
||||||
|
0x3C6EF372FE94F82BLL, 0xA54FF53A5F1D36F1LL,
|
||||||
|
0x510E527FADE682D1LL, 0x9B05688C2B3E6C1FLL,
|
||||||
|
0x1F83D9ABFB41BD6BLL, 0x5BE0CD19137E2179LL
|
||||||
|
};
|
||||||
|
|
||||||
|
void blake64_init(blake64_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
ctx->h[i] = blake64_iv[i];
|
||||||
|
}
|
||||||
|
memset(ctx->s, 0, 4*8);
|
||||||
|
ctx->counter = 0;
|
||||||
|
ctx->appendone = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
static const
|
||||||
|
uint64_t blake48_iv[] = {
|
||||||
|
0xCBBB9D5DC1059ED8LL, 0x629A292A367CD507LL,
|
||||||
|
0x9159015A3070DD17LL, 0x152FECD8F70E5939LL,
|
||||||
|
0x67332667FFC00B31LL, 0x8EB44A8768581511LL,
|
||||||
|
0xDB0C2E0D64F98FA7LL, 0x47B5481DBEFA4FA4LL
|
||||||
|
};
|
||||||
|
|
||||||
|
void blake48_init(blake48_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
ctx->h[i] = blake48_iv[i];
|
||||||
|
}
|
||||||
|
memset(ctx->s, 0, 4*8);
|
||||||
|
ctx->counter = 0;
|
||||||
|
ctx->appendone = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake64_ctx2hash(void* dest, const blake64_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
((uint32_t*)dest)[2*i+0] = CHANGE_ENDIAN32((ctx->h[i])>>32);
|
||||||
|
((uint32_t*)dest)[2*i+1] = CHANGE_ENDIAN32((uint32_t)ctx->h[i]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake48_ctx2hash(void* dest, const blake48_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
for(i=0; i<6; ++i){
|
||||||
|
((uint32_t*)dest)[2*i+0] = CHANGE_ENDIAN32((ctx->h[i])>>32);
|
||||||
|
((uint32_t*)dest)[2*i+1] = CHANGE_ENDIAN32((uint32_t)ctx->h[i]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake64_nextBlock(blake64_ctx_t* ctx, const void* block){
|
||||||
|
blake_large_nextBlock(ctx, block);
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake48_nextBlock(blake48_ctx_t* ctx, const void* block){
|
||||||
|
blake_large_nextBlock(ctx, block);
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake64_lastBlock(blake64_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
blake_large_lastBlock(ctx, block, length_b);
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake48_lastBlock(blake48_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
blake_large_lastBlock(ctx, block, length_b);
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake64(void* dest, const void* msg, uint32_t length_b){
|
||||||
|
blake_large_ctx_t ctx;
|
||||||
|
blake64_init(&ctx);
|
||||||
|
while(length_b>=BLAKE_LARGE_BLOCKSIZE){
|
||||||
|
blake_large_nextBlock(&ctx, msg);
|
||||||
|
msg = (uint8_t*)msg + BLAKE_LARGE_BLOCKSIZE_B;
|
||||||
|
length_b -= BLAKE_LARGE_BLOCKSIZE;
|
||||||
|
}
|
||||||
|
blake_large_lastBlock(&ctx, msg, length_b);
|
||||||
|
blake64_ctx2hash(dest, &ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake48(void* dest, const void* msg, uint32_t length_b){
|
||||||
|
blake_large_ctx_t ctx;
|
||||||
|
blake48_init(&ctx);
|
||||||
|
while(length_b>=BLAKE_LARGE_BLOCKSIZE){
|
||||||
|
blake_large_nextBlock(&ctx, msg);
|
||||||
|
msg = (uint8_t*)msg + BLAKE_LARGE_BLOCKSIZE_B;
|
||||||
|
length_b -= BLAKE_LARGE_BLOCKSIZE;
|
||||||
|
}
|
||||||
|
blake_large_lastBlock(&ctx, msg, length_b);
|
||||||
|
blake48_ctx2hash(dest, &ctx);
|
||||||
|
}
|
|
@ -0,0 +1,67 @@
|
||||||
|
/* blake_large.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* \file blake_large.h
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \date 2009-05-08
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#ifndef BLAKE_LARGE_H_
|
||||||
|
#define BLAKE_LARGE_H_
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
#define BLAKE_LARGE_BLOCKSIZE 1024
|
||||||
|
#define BLAKE_LARGE_BLOCKSIZE_B ((BLAKE_LARGE_BLOCKSIZE+7)/8)
|
||||||
|
#define BLAKE48_BLOCKSIZE BLAKE_LARGE_BLOCKSIZE
|
||||||
|
#define BLAKE48_BLOCKSIZE_B BLAKE_LARGE_BLOCKSIZE_B
|
||||||
|
#define BLAKE64_BLOCKSIZE BLAKE_LARGE_BLOCKSIZE
|
||||||
|
#define BLAKE64_BLOCKSIZE_B BLAKE_LARGE_BLOCKSIZE_B
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
uint64_t h[8];
|
||||||
|
uint64_t s[4];
|
||||||
|
uint32_t counter;
|
||||||
|
uint8_t appendone;
|
||||||
|
} blake_large_ctx_t;
|
||||||
|
|
||||||
|
typedef blake_large_ctx_t blake48_ctx_t;
|
||||||
|
typedef blake_large_ctx_t blake64_ctx_t;
|
||||||
|
|
||||||
|
void blake48_init(blake48_ctx_t* ctx);
|
||||||
|
void blake64_init(blake64_ctx_t* ctx);
|
||||||
|
|
||||||
|
void blake_large_nextBlock(blake_large_ctx_t* ctx, const void* block);
|
||||||
|
void blake_large_lastBlock(blake_large_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void blake48_nextBlock(blake48_ctx_t* ctx, const void* block);
|
||||||
|
void blake48_lastBlock(blake48_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void blake64_nextBlock(blake64_ctx_t* ctx, const void* block);
|
||||||
|
void blake64_lastBlock(blake64_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void blake48_ctx2hash(void* dest, const blake48_ctx_t* ctx);
|
||||||
|
void blake64_ctx2hash(void* dest, const blake64_ctx_t* ctx);
|
||||||
|
|
||||||
|
void blake48(void* dest, const void* msg, uint32_t length_b);
|
||||||
|
void blake64(void* dest, const void* msg, uint32_t length_b);
|
||||||
|
|
||||||
|
#endif /* BLAKE_LARGE_H_ */
|
|
@ -0,0 +1,260 @@
|
||||||
|
/* blake_small.c */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* \file blake_small.c
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \date 2009-05-04
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "memxor.h"
|
||||||
|
#include "blake_small.h"
|
||||||
|
#include "blake_common.h"
|
||||||
|
|
||||||
|
static const
|
||||||
|
uint32_t blake_c[] = {
|
||||||
|
0x243F6A88, 0x85A308D3,
|
||||||
|
0x13198A2E, 0x03707344,
|
||||||
|
0xA4093822, 0x299F31D0,
|
||||||
|
0x082EFA98, 0xEC4E6C89,
|
||||||
|
0x452821E6, 0x38D01377,
|
||||||
|
0xBE5466CF, 0x34E90C6C,
|
||||||
|
0xC0AC29B7, 0xC97C50DD,
|
||||||
|
0x3F84D5B5, 0xB5470917
|
||||||
|
};
|
||||||
|
|
||||||
|
#define ROTL32(a, n) (((a)<<(n))|((a)>>(32-(n))))
|
||||||
|
#define ROTR32(a, n) (((a)>>(n))|((a)<<(32-(n))))
|
||||||
|
#define CHANGE_ENDIAN32(a) (((a)<<24)| \
|
||||||
|
((0x0000ff00&(a))<<8)| \
|
||||||
|
((0x00ff0000&(a))>>8)| \
|
||||||
|
(a)>>24 )
|
||||||
|
static
|
||||||
|
void blake_small_expand(uint32_t* v, const blake_small_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
memcpy(v, ctx->h, 8*4);
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
v[8+i] = blake_c[i];
|
||||||
|
}
|
||||||
|
memxor((uint8_t*)v+8, ctx->s, 4*4);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
void blake_small_changeendian(void* dest, const void* src){
|
||||||
|
uint8_t i;
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
((uint32_t*)dest)[i] = CHANGE_ENDIAN32(((uint32_t*)src)[i]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#define A (v[idx.v8[0]])
|
||||||
|
#define B (v[idx.v8[1]])
|
||||||
|
#define C (v[idx.v8[2]])
|
||||||
|
#define D (v[idx.v8[3]])
|
||||||
|
|
||||||
|
static
|
||||||
|
void blake_small_compress(uint32_t* v,const void* m){
|
||||||
|
uint8_t r,i;
|
||||||
|
uint8_t s0, s1;
|
||||||
|
union {
|
||||||
|
uint32_t v32;
|
||||||
|
uint8_t v8[4];
|
||||||
|
} idx;
|
||||||
|
for(r=0; r<10; ++r){
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
idx.v32 = ((uint32_t*)blake_index_lut)[i];
|
||||||
|
s0 = blake_sigma[16*r+2*i+0];
|
||||||
|
s1 = blake_sigma[16*r+2*i+1];
|
||||||
|
A += B + (((uint32_t*)m)[s0] ^ blake_c[s1]);
|
||||||
|
D = ROTR32(A^D, 16);
|
||||||
|
C += D;
|
||||||
|
B = ROTR32(B^C, 12);
|
||||||
|
A += B + (((uint32_t*)m)[s1] ^ blake_c[s0]);
|
||||||
|
D = ROTR32(A^D, 8);
|
||||||
|
C += D;
|
||||||
|
B = ROTR32(B^C, 7);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
void blake_small_collapse(blake_small_ctx_t* ctx, uint32_t* v){
|
||||||
|
uint8_t i;
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
ctx->h[i] ^= ctx->s[i%4] ^ v[i] ^ v[8+i];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake_small_nextBlock(blake_small_ctx_t* ctx, const void* msg){
|
||||||
|
uint32_t v[16];
|
||||||
|
uint32_t m[16];
|
||||||
|
union {
|
||||||
|
uint64_t v64;
|
||||||
|
uint32_t v32[2];
|
||||||
|
}ctr;
|
||||||
|
blake_small_expand(v,ctx);
|
||||||
|
ctx->counter++;
|
||||||
|
ctr.v64 = ctx->counter*512;
|
||||||
|
v[12] ^= ctr.v32[0];
|
||||||
|
v[13] ^= ctr.v32[0];
|
||||||
|
v[14] ^= ctr.v32[1];
|
||||||
|
v[15] ^= ctr.v32[1];
|
||||||
|
blake_small_changeendian(m, msg);
|
||||||
|
blake_small_compress(v, m);
|
||||||
|
blake_small_collapse(ctx, v);
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake_small_lastBlock(blake_small_ctx_t* ctx, const void* msg, uint16_t length_b){
|
||||||
|
while(length_b>=BLAKE_SMALL_BLOCKSIZE){
|
||||||
|
blake_small_nextBlock(ctx, msg);
|
||||||
|
msg = (uint8_t*)msg + BLAKE_SMALL_BLOCKSIZE_B;
|
||||||
|
length_b -= BLAKE_SMALL_BLOCKSIZE;
|
||||||
|
}
|
||||||
|
uint8_t buffer[64];
|
||||||
|
uint32_t v[16];
|
||||||
|
union {
|
||||||
|
uint64_t v64;
|
||||||
|
uint32_t v32[2];
|
||||||
|
}ctr;
|
||||||
|
ctr.v64 = ctx->counter*512+length_b;
|
||||||
|
memset(buffer, 0, 64);
|
||||||
|
memcpy(buffer, msg, (length_b+7)/8);
|
||||||
|
buffer[length_b/8] |= 0x80 >> (length_b&0x7);
|
||||||
|
blake_small_changeendian(buffer, buffer);
|
||||||
|
blake_small_expand(v, ctx);
|
||||||
|
if(length_b>512-64-2){
|
||||||
|
v[12] ^= ctr.v32[0];
|
||||||
|
v[13] ^= ctr.v32[0];
|
||||||
|
v[14] ^= ctr.v32[1];
|
||||||
|
v[15] ^= ctr.v32[1];
|
||||||
|
blake_small_compress(v, buffer);
|
||||||
|
blake_small_collapse(ctx, v);
|
||||||
|
memset(buffer, 0, 64-8);
|
||||||
|
blake_small_expand(v, ctx);
|
||||||
|
}else{
|
||||||
|
if(length_b){
|
||||||
|
v[12] ^= ctr.v32[0];
|
||||||
|
v[13] ^= ctr.v32[0];
|
||||||
|
v[14] ^= ctr.v32[1];
|
||||||
|
v[15] ^= ctr.v32[1];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if(ctx->appendone)
|
||||||
|
buffer[64-8-4] |= 0x01;
|
||||||
|
*((uint32_t*)(&(buffer[64-8]))) = ctr.v32[1];
|
||||||
|
*((uint32_t*)(&(buffer[64-4]))) = ctr.v32[0];
|
||||||
|
blake_small_compress(v, buffer);
|
||||||
|
blake_small_collapse(ctx, v);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
static const
|
||||||
|
uint32_t blake32_iv[] = {
|
||||||
|
0x6A09E667L, 0xBB67AE85,
|
||||||
|
0x3C6EF372L, 0xA54FF53A,
|
||||||
|
0x510E527FL, 0x9B05688C,
|
||||||
|
0x1F83D9ABL, 0x5BE0CD19
|
||||||
|
};
|
||||||
|
|
||||||
|
void blake32_init(blake32_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
ctx->h[i] = blake32_iv[i];
|
||||||
|
}
|
||||||
|
memset(ctx->s, 0, 4*4);
|
||||||
|
ctx->counter = 0;
|
||||||
|
ctx->appendone = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
static const
|
||||||
|
uint32_t blake28_iv[] = {
|
||||||
|
0xC1059ED8, 0x367CD507,
|
||||||
|
0x3070DD17, 0xF70E5939,
|
||||||
|
0xFFC00B31, 0x68581511,
|
||||||
|
0x64F98FA7, 0xBEFA4FA4
|
||||||
|
};
|
||||||
|
|
||||||
|
void blake28_init(blake28_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
ctx->h[i] = blake28_iv[i];
|
||||||
|
}
|
||||||
|
memset(ctx->s, 0, 4*4);
|
||||||
|
ctx->counter = 0;
|
||||||
|
ctx->appendone = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake32_ctx2hash(void* dest, const blake32_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
((uint32_t*)dest)[i] = CHANGE_ENDIAN32(ctx->h[i]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake28_ctx2hash(void* dest, const blake28_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
for(i=0; i<7; ++i){
|
||||||
|
((uint32_t*)dest)[i] = CHANGE_ENDIAN32(ctx->h[i]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake32_nextBlock(blake32_ctx_t* ctx, const void* block){
|
||||||
|
blake_small_nextBlock(ctx, block);
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake28_nextBlock(blake28_ctx_t* ctx, const void* block){
|
||||||
|
blake_small_nextBlock(ctx, block);
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake32_lastBlock(blake32_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
blake_small_lastBlock(ctx, block, length_b);
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake28_lastBlock(blake28_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
blake_small_lastBlock(ctx, block, length_b);
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake32(void* dest, const void* msg, uint32_t length_b){
|
||||||
|
blake_small_ctx_t ctx;
|
||||||
|
blake32_init(&ctx);
|
||||||
|
while(length_b>=BLAKE_SMALL_BLOCKSIZE){
|
||||||
|
blake_small_nextBlock(&ctx, msg);
|
||||||
|
msg = (uint8_t*)msg + BLAKE_SMALL_BLOCKSIZE_B;
|
||||||
|
length_b -= BLAKE_SMALL_BLOCKSIZE;
|
||||||
|
}
|
||||||
|
blake_small_lastBlock(&ctx, msg, length_b);
|
||||||
|
blake32_ctx2hash(dest, &ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void blake28(void* dest, const void* msg, uint32_t length_b){
|
||||||
|
blake_small_ctx_t ctx;
|
||||||
|
blake28_init(&ctx);
|
||||||
|
while(length_b>=BLAKE_SMALL_BLOCKSIZE){
|
||||||
|
blake_small_nextBlock(&ctx, msg);
|
||||||
|
msg = (uint8_t*)msg + BLAKE_SMALL_BLOCKSIZE_B;
|
||||||
|
length_b -= BLAKE_SMALL_BLOCKSIZE;
|
||||||
|
}
|
||||||
|
blake_small_lastBlock(&ctx, msg, length_b);
|
||||||
|
blake28_ctx2hash(dest, &ctx);
|
||||||
|
}
|
|
@ -0,0 +1,67 @@
|
||||||
|
/* blake_small.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* \file blake_small.h
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \date 2009-04-27
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#ifndef BLAKE_SMALL_H_
|
||||||
|
#define BLAKE_SMALL_H_
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
#define BLAKE_SMALL_BLOCKSIZE 512
|
||||||
|
#define BLAKE_SMALL_BLOCKSIZE_B ((BLAKE_SMALL_BLOCKSIZE+7)/8)
|
||||||
|
#define BLAKE28_BLOCKSIZE BLAKE_SMALL_BLOCKSIZE
|
||||||
|
#define BLAKE28_BLOCKSIZE_B BLAKE_SMALL_BLOCKSIZE_B
|
||||||
|
#define BLAKE32_BLOCKSIZE BLAKE_SMALL_BLOCKSIZE
|
||||||
|
#define BLAKE32_BLOCKSIZE_B BLAKE_SMALL_BLOCKSIZE_B
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
uint32_t h[8];
|
||||||
|
uint32_t s[4];
|
||||||
|
uint32_t counter;
|
||||||
|
uint8_t appendone;
|
||||||
|
} blake_small_ctx_t;
|
||||||
|
|
||||||
|
typedef blake_small_ctx_t blake28_ctx_t;
|
||||||
|
typedef blake_small_ctx_t blake32_ctx_t;
|
||||||
|
|
||||||
|
void blake28_init(blake28_ctx_t* ctx);
|
||||||
|
void blake32_init(blake32_ctx_t* ctx);
|
||||||
|
|
||||||
|
void blake_small_nextBlock(blake_small_ctx_t* ctx, const void* block);
|
||||||
|
void blake_small_lastBlock(blake_small_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void blake28_nextBlock(blake28_ctx_t* ctx, const void* block);
|
||||||
|
void blake28_lastBlock(blake28_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void blake32_nextBlock(blake32_ctx_t* ctx, const void* block);
|
||||||
|
void blake32_lastBlock(blake32_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void blake28_ctx2hash(void* dest, const blake28_ctx_t* ctx);
|
||||||
|
void blake32_ctx2hash(void* dest, const blake32_ctx_t* ctx);
|
||||||
|
|
||||||
|
void blake28(void* dest, const void* msg, uint32_t length_b);
|
||||||
|
void blake32(void* dest, const void* msg, uint32_t length_b);
|
||||||
|
|
||||||
|
#endif /* BLAKE_SMALL_H_ */
|
|
@ -0,0 +1,12 @@
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
#include "memxor.h"
|
||||||
|
|
||||||
|
void memxor(void* dest, const void* src, uint16_t n){
|
||||||
|
while(n--){
|
||||||
|
*((uint8_t*)dest) ^= *((uint8_t*)src);
|
||||||
|
dest = (uint8_t*)dest +1;
|
||||||
|
src = (uint8_t*)src +1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
#ifndef MEMXOR_H_
|
||||||
|
#define MEMXOR_H_
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
void memxor(void* dest, const void* src, uint16_t n);
|
||||||
|
|
||||||
|
#endif
|
|
@ -0,0 +1,623 @@
|
||||||
|
/* bmw_large.c */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* \file bmw_large.c
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \date 2009-04-27
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "bmw_large.h"
|
||||||
|
|
||||||
|
#define SHL64(a,n) shiftl64(a,n)
|
||||||
|
#define SHR64(a,n) shiftr64(a,n)
|
||||||
|
#define ROTL64(a,n) rotl64(a,n)
|
||||||
|
#define ROTR64(a,n) rotr64(a,n)
|
||||||
|
|
||||||
|
#define TWEAK 1
|
||||||
|
#define BUG24 0
|
||||||
|
#define F0_HACK 2
|
||||||
|
#define DEBUG 0
|
||||||
|
|
||||||
|
#if DEBUG
|
||||||
|
#include "cli.h"
|
||||||
|
|
||||||
|
void ctx_dump(const bmw_large_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
cli_putstr("\r\n==== ctx dump ====");
|
||||||
|
for(i=0; i<16;++i){
|
||||||
|
cli_putstr("\r\n h[");
|
||||||
|
cli_hexdump(&i, 1);
|
||||||
|
cli_putstr("] = ");
|
||||||
|
cli_hexdump_rev(&(ctx->h[i]), 8);
|
||||||
|
}
|
||||||
|
cli_putstr("\r\n counter = ");
|
||||||
|
cli_hexdump(&(ctx->counter), 4);
|
||||||
|
}
|
||||||
|
|
||||||
|
void dump_x(const uint64_t* q, uint8_t elements, char x){
|
||||||
|
uint8_t i;
|
||||||
|
cli_putstr("\r\n==== ");
|
||||||
|
cli_putc(x);
|
||||||
|
cli_putstr(" dump ====");
|
||||||
|
for(i=0; i<elements;++i){
|
||||||
|
cli_putstr("\r\n ");
|
||||||
|
cli_putc(x);
|
||||||
|
cli_putstr("[");
|
||||||
|
cli_hexdump(&i, 1);
|
||||||
|
cli_putstr("] = ");
|
||||||
|
cli_hexdump_rev(&(q[i]), 8);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#else
|
||||||
|
#define ctx_dump(x)
|
||||||
|
#define dump_x(a,b,c)
|
||||||
|
#endif
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t rotl64(uint64_t a, uint8_t r){
|
||||||
|
return (a<<r)|(a>>(64-r));
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t rotr64(uint64_t a, uint8_t r){
|
||||||
|
return (a>>r)|(a<<(64-r));
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t shiftl64(uint64_t a, uint8_t r){
|
||||||
|
return (a<<r);
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t shiftr64(uint64_t a, uint8_t r){
|
||||||
|
return (a>>r);
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t bmw_large_s0(uint64_t x){
|
||||||
|
uint64_t r;
|
||||||
|
r = SHR64(x, 1)
|
||||||
|
^ SHL64(x, 3)
|
||||||
|
^ ROTL64(x, 4)
|
||||||
|
^ ROTR64(x, 64-37);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t bmw_large_s1(uint64_t x){
|
||||||
|
uint64_t r;
|
||||||
|
r = SHR64(x, 1)
|
||||||
|
^ SHL64(x, 2)
|
||||||
|
^ ROTL64(x,13)
|
||||||
|
^ ROTR64(x,64-43);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t bmw_large_s2(uint64_t x){
|
||||||
|
uint64_t r;
|
||||||
|
r = SHR64(x, 2)
|
||||||
|
^ SHL64(x, 1)
|
||||||
|
^ ROTL64(x, 19)
|
||||||
|
^ ROTR64(x, 64-53);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t bmw_large_s3(uint64_t x){
|
||||||
|
uint64_t r;
|
||||||
|
r = SHR64(x, 2)
|
||||||
|
^ SHL64(x, 2)
|
||||||
|
^ ROTL64(x, 28)
|
||||||
|
^ ROTR64(x, 64-59);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t bmw_large_s4(uint64_t x){
|
||||||
|
uint64_t r;
|
||||||
|
r = SHR64(x, 1)
|
||||||
|
^ x;
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t bmw_large_s5(uint64_t x){
|
||||||
|
uint64_t r;
|
||||||
|
r = SHR64(x, 2)
|
||||||
|
^ x;
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t bmw_large_r1(uint64_t x){
|
||||||
|
uint64_t r;
|
||||||
|
r = ROTL64(x, 5);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t bmw_large_r2(uint64_t x){
|
||||||
|
uint64_t r;
|
||||||
|
r = ROTL64(x, 11);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t bmw_large_r3(uint64_t x){
|
||||||
|
uint64_t r;
|
||||||
|
r = ROTL64(x, 27);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t bmw_large_r4(uint64_t x){
|
||||||
|
uint64_t r;
|
||||||
|
r = ROTL64(x, 32);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t bmw_large_r5(uint64_t x){
|
||||||
|
uint64_t r;
|
||||||
|
r = ROTR64(x, 64-37);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t bmw_large_r6(uint64_t x){
|
||||||
|
uint64_t r;
|
||||||
|
r = ROTR64(x, 64-43);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t bmw_large_r7(uint64_t x){
|
||||||
|
uint64_t r;
|
||||||
|
r = ROTR64(x, 64-53);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
/*
|
||||||
|
#define K 0x0555555555555555LL
|
||||||
|
#define MASK 0xFFFFFFFFFFFFFFFFLL
|
||||||
|
static
|
||||||
|
uint64_t k_lut[] PROGMEM = {
|
||||||
|
16LL*K, 17LL*K, 18LL*K, 19LL*K,
|
||||||
|
20LL*K, 21LL*K, 22LL*K, 23LL*K,
|
||||||
|
24LL*K, 25LL*K, 26LL*K, 27LL*K,
|
||||||
|
28LL*K, 29LL*K, 30LL*K, 31LL*K };
|
||||||
|
*/
|
||||||
|
/* the same as above but precomputed to avoid compiler warnings */
|
||||||
|
static const
|
||||||
|
uint64_t k_lut[] = {
|
||||||
|
0x5555555555555550LL, 0x5aaaaaaaaaaaaaa5LL, 0x5ffffffffffffffaLL,
|
||||||
|
0x655555555555554fLL, 0x6aaaaaaaaaaaaaa4LL, 0x6ffffffffffffff9LL,
|
||||||
|
0x755555555555554eLL, 0x7aaaaaaaaaaaaaa3LL, 0x7ffffffffffffff8LL,
|
||||||
|
0x855555555555554dLL, 0x8aaaaaaaaaaaaaa2LL, 0x8ffffffffffffff7LL,
|
||||||
|
0x955555555555554cLL, 0x9aaaaaaaaaaaaaa1LL, 0x9ffffffffffffff6LL,
|
||||||
|
0xa55555555555554bLL };
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t bmw_large_expand1(uint8_t j, const uint64_t* q, const void* m, const void* h){
|
||||||
|
uint64_t(*s[])(uint64_t) = {bmw_large_s1, bmw_large_s2, bmw_large_s3, bmw_large_s0};
|
||||||
|
uint64_t a = 0;
|
||||||
|
union{
|
||||||
|
uint64_t v64;
|
||||||
|
uint32_t v32[2];
|
||||||
|
} r;
|
||||||
|
uint8_t i;
|
||||||
|
/* r = 0x0555555555555555LL*(j+16); */
|
||||||
|
r.v64 = k_lut[j];
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
a += s[i%4](q[j+i]);
|
||||||
|
}
|
||||||
|
#if TWEAK
|
||||||
|
a += ( ROTL64(((uint64_t*)m)[(j)&0xf], ((j+ 0)&0xf)+1)
|
||||||
|
+ ROTL64(((uint64_t*)m)[(j+3)&0xf], ((j+ 3)&0xf)+1)
|
||||||
|
+ r.v64
|
||||||
|
- ROTL64(((uint64_t*)m)[(j+10)&0xf],((j+10)&0xf)+1)
|
||||||
|
) ^ ((uint64_t*)h)[(j+7)&0xf];
|
||||||
|
#else
|
||||||
|
a += ((uint64_t*)m)[j&0xf];
|
||||||
|
a += ((uint64_t*)m)[(j+3)&0xf];
|
||||||
|
a -= ((uint64_t*)m)[(j+10)&0xf];
|
||||||
|
a += r.v64;
|
||||||
|
#endif
|
||||||
|
return a;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint64_t bmw_large_expand2(uint8_t j, const uint64_t* q, const void* m, const void* h){
|
||||||
|
uint64_t(*rf[])(uint64_t) = {bmw_large_r1, bmw_large_r2, bmw_large_r3,
|
||||||
|
bmw_large_r4, bmw_large_r5, bmw_large_r6,
|
||||||
|
bmw_large_r7};
|
||||||
|
uint64_t a=0;
|
||||||
|
union{
|
||||||
|
uint64_t v64;
|
||||||
|
uint32_t v32[2];
|
||||||
|
} r;
|
||||||
|
uint8_t i;
|
||||||
|
/* r = 0x0555555555555555LL*(j+16); */
|
||||||
|
r.v64 = k_lut[j];
|
||||||
|
for(i=0; i<14; i+=2){
|
||||||
|
a += q[j+i];
|
||||||
|
}
|
||||||
|
for(i=0; i<14; i+=2){
|
||||||
|
a += rf[i/2](q[j+i+1]);
|
||||||
|
}
|
||||||
|
#if TWEAK
|
||||||
|
a += bmw_large_s4(q[j+14]);
|
||||||
|
a += bmw_large_s5(q[j+15]);
|
||||||
|
#else
|
||||||
|
a += bmw_large_s5(q[j+14]);
|
||||||
|
a += bmw_large_s4(q[j+15]);
|
||||||
|
#endif
|
||||||
|
#if TWEAK
|
||||||
|
/*
|
||||||
|
if(j==(22-16)){
|
||||||
|
uint64_t t;
|
||||||
|
cli_putstr("\n+++++++++ expand_2 ++++++++++++");
|
||||||
|
dump_x(&a, 1, 'a');
|
||||||
|
dump_x(&r, 1, 'r');
|
||||||
|
t=ROTL64(((uint64_t*)m)[j], ((j+ 0)&0xf)+1);
|
||||||
|
dump_x(&t, 1, '0');
|
||||||
|
t=ROTL64(((uint64_t*)m)[j], ((j+ 3)&0xf)+1);
|
||||||
|
dump_x(&t, 1, '0');
|
||||||
|
t=ROTL64(((uint64_t*)m)[j], ((j+ 0)&0xf)+1);
|
||||||
|
dump_x(&t, 1, '0');
|
||||||
|
|
||||||
|
}
|
||||||
|
*/
|
||||||
|
a += ( ROTL64(((uint64_t*)m)[(j)&0xf], ((j+ 0)&0xf)+1)
|
||||||
|
+ ROTL64(((uint64_t*)m)[(j+3)&0xf], ((j+ 3)&0xf)+1)
|
||||||
|
+ r.v64
|
||||||
|
- ROTL64(((uint64_t*)m)[(j+10)&0xf],((j+10)&0xf)+1)
|
||||||
|
) ^ ((uint64_t*)h)[(j+7)&0xf];
|
||||||
|
#else
|
||||||
|
a += ((uint64_t*)m)[j&0xf];
|
||||||
|
a += ((uint64_t*)m)[(j+3)&0xf];
|
||||||
|
a -= ((uint64_t*)m)[(j+10)&0xf];
|
||||||
|
a += r.v64;
|
||||||
|
#endif
|
||||||
|
return a;
|
||||||
|
}
|
||||||
|
|
||||||
|
#if F0_HACK==2
|
||||||
|
/* to understand this implementation take a look at f0-opt-table.txt */
|
||||||
|
static uint16_t hack_table[5] = { 0x0311, 0xDDB3, 0x2A79, 0x07AA, 0x51C2 };
|
||||||
|
static uint8_t offset_table[5] = { 4+16, 6+16, 9+16, 12+16, 13+16 };
|
||||||
|
|
||||||
|
|
||||||
|
static
|
||||||
|
void bmw_large_f0(uint64_t* q, const uint64_t* h, const void* m){
|
||||||
|
uint16_t hack_reg;
|
||||||
|
uint8_t i,j,c;
|
||||||
|
uint64_t(*s[])(uint64_t)={ bmw_large_s0, bmw_large_s1, bmw_large_s2,
|
||||||
|
bmw_large_s3, bmw_large_s4 };
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
((uint64_t*)h)[i] ^= ((uint64_t*)m)[i];
|
||||||
|
}
|
||||||
|
dump_x(h, 16, 'T');
|
||||||
|
memset(q, 0, 8*16);
|
||||||
|
c=4;
|
||||||
|
do{
|
||||||
|
i=15;
|
||||||
|
j = offset_table[c];
|
||||||
|
hack_reg = hack_table[c];
|
||||||
|
do{
|
||||||
|
if(hack_reg&1){
|
||||||
|
q[i]-= h[j&15];
|
||||||
|
}else{
|
||||||
|
q[i]+= h[j&15];
|
||||||
|
}
|
||||||
|
--j;
|
||||||
|
hack_reg>>= 1;
|
||||||
|
}while(i--!=0);
|
||||||
|
}while(c--!=0);
|
||||||
|
dump_x(q, 16, 'W');
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
q[i] = s[i%5](q[i]);
|
||||||
|
}
|
||||||
|
#if TWEAK
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
((uint64_t*)h)[i] ^= ((uint64_t*)m)[i];
|
||||||
|
}
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
q[i] += h[(i+1)&0xf];
|
||||||
|
}
|
||||||
|
#endif /* TWEAK */
|
||||||
|
}
|
||||||
|
#endif /* F0_HACK==2 */
|
||||||
|
|
||||||
|
#if F0_HACK==1
|
||||||
|
static
|
||||||
|
uint8_t f0_lut[] PROGMEM ={
|
||||||
|
5<<1, ( 7<<1)+1, (10<<1)+0, (13<<1)+0, (14<<1)+0,
|
||||||
|
6<<1, ( 8<<1)+1, (11<<1)+0, (14<<1)+0, (15<<1)+1,
|
||||||
|
0<<1, ( 7<<1)+0, ( 9<<1)+0, (12<<1)+1, (15<<1)+0,
|
||||||
|
0<<1, ( 1<<1)+1, ( 8<<1)+0, (10<<1)+1, (13<<1)+0,
|
||||||
|
1<<1, ( 2<<1)+0, ( 9<<1)+0, (11<<1)+1, (14<<1)+1,
|
||||||
|
3<<1, ( 2<<1)+1, (10<<1)+0, (12<<1)+1, (15<<1)+0,
|
||||||
|
4<<1, ( 0<<1)+1, ( 3<<1)+1, (11<<1)+1, (13<<1)+0,
|
||||||
|
1<<1, ( 4<<1)+1, ( 5<<1)+1, (12<<1)+1, (14<<1)+1,
|
||||||
|
2<<1, ( 5<<1)+1, ( 6<<1)+1, (13<<1)+0, (15<<1)+1,
|
||||||
|
0<<1, ( 3<<1)+1, ( 6<<1)+0, ( 7<<1)+1, (14<<1)+0,
|
||||||
|
8<<1, ( 1<<1)+1, ( 4<<1)+1, ( 7<<1)+1, (15<<1)+0,
|
||||||
|
8<<1, ( 0<<1)+1, ( 2<<1)+1, ( 5<<1)+1, ( 9<<1)+0,
|
||||||
|
1<<1, ( 3<<1)+0, ( 6<<1)+1, ( 9<<1)+1, (10<<1)+0,
|
||||||
|
2<<1, ( 4<<1)+0, ( 7<<1)+0, (10<<1)+0, (11<<1)+0,
|
||||||
|
3<<1, ( 5<<1)+1, ( 8<<1)+0, (11<<1)+1, (12<<1)+1,
|
||||||
|
12<<1, ( 4<<1)+1, ( 6<<1)+1, ( 9<<1)+1, (13<<1)+0
|
||||||
|
};
|
||||||
|
|
||||||
|
static
|
||||||
|
void bmw_large_f0(uint64_t* q, const uint64_t* h, const void* m){
|
||||||
|
uint8_t i,j=-1,v,sign,l=0;
|
||||||
|
uint64_t(*s[])(uint64_t)={ bmw_large_s0, bmw_large_s1, bmw_large_s2,
|
||||||
|
bmw_large_s3, bmw_large_s4 };
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
((uint64_t*)h)[i] ^= ((uint64_t*)m)[i];
|
||||||
|
}
|
||||||
|
dump_x(h, 16, 'T');
|
||||||
|
// memset(q, 0, 4*16);
|
||||||
|
for(i=0; i<5*16; ++i){
|
||||||
|
v = pgm_read_byte(f0_lut+i);
|
||||||
|
sign = v&1;
|
||||||
|
v >>=1;
|
||||||
|
if(i==l){
|
||||||
|
j++;
|
||||||
|
l+=5;
|
||||||
|
q[j] = h[v];
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if(sign){
|
||||||
|
q[j] -= h[v];
|
||||||
|
}else{
|
||||||
|
q[j] += h[v];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
dump_x(q, 16, 'W');
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
q[i] = s[i%5](q[i]);
|
||||||
|
}
|
||||||
|
#if TWEAK
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
((uint64_t*)h)[i] ^= ((uint64_t*)m)[i];
|
||||||
|
}
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
q[i] += h[(i+1)&0xf];
|
||||||
|
}
|
||||||
|
#endif /* TWEAK */
|
||||||
|
}
|
||||||
|
#endif /* F0_HACK==1 */
|
||||||
|
|
||||||
|
#if F0_HACK==0
|
||||||
|
static
|
||||||
|
void bmw_large_f0(uint64_t* q, const uint64_t* h, const void* m){
|
||||||
|
uint8_t i;
|
||||||
|
uint64_t(*s[])(uint64_t)={ bmw_large_s0, bmw_large_s1, bmw_large_s2,
|
||||||
|
bmw_large_s3, bmw_large_s4 };
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
((uint64_t*)h)[i] ^= ((uint64_t*)m)[i];
|
||||||
|
}
|
||||||
|
// dump_x(t, 16, 'T');
|
||||||
|
q[ 0] = (h[ 5] - h[ 7] + h[10] + h[13] + h[14]);
|
||||||
|
q[ 1] = (h[ 6] - h[ 8] + h[11] + h[14] - h[15]);
|
||||||
|
q[ 2] = (h[ 0] + h[ 7] + h[ 9] - h[12] + h[15]);
|
||||||
|
q[ 3] = (h[ 0] - h[ 1] + h[ 8] - h[10] + h[13]);
|
||||||
|
q[ 4] = (h[ 1] + h[ 2] + h[ 9] - h[11] - h[14]);
|
||||||
|
q[ 5] = (h[ 3] - h[ 2] + h[10] - h[12] + h[15]);
|
||||||
|
q[ 6] = (h[ 4] - h[ 0] - h[ 3] - h[11] + h[13]);
|
||||||
|
q[ 7] = (h[ 1] - h[ 4] - h[ 5] - h[12] - h[14]);
|
||||||
|
q[ 8] = (h[ 2] - h[ 5] - h[ 6] + h[13] - h[15]);
|
||||||
|
q[ 9] = (h[ 0] - h[ 3] + h[ 6] - h[ 7] + h[14]);
|
||||||
|
q[10] = (h[ 8] - h[ 1] - h[ 4] - h[ 7] + h[15]);
|
||||||
|
q[11] = (h[ 8] - h[ 0] - h[ 2] - h[ 5] + h[ 9]);
|
||||||
|
q[12] = (h[ 1] + h[ 3] - h[ 6] - h[ 9] + h[10]);
|
||||||
|
q[13] = (h[ 2] + h[ 4] + h[ 7] + h[10] + h[11]);
|
||||||
|
q[14] = (h[ 3] - h[ 5] + h[ 8] - h[11] - h[12]);
|
||||||
|
q[15] = (h[12] - h[ 4] - h[ 6] - h[ 9] + h[13]);
|
||||||
|
dump_x(q, 16, 'W');
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
q[i] = s[i%5](q[i]);
|
||||||
|
}
|
||||||
|
#if TWEAK
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
((uint64_t*)h)[i] ^= ((uint64_t*)m)[i];
|
||||||
|
}
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
q[i] += h[(i+1)&0xf];
|
||||||
|
}
|
||||||
|
#endif /* TWEAK */
|
||||||
|
|
||||||
|
}
|
||||||
|
#endif /* F0_HACK==0 */
|
||||||
|
|
||||||
|
static
|
||||||
|
void bmw_large_f1(uint64_t* q, const void* m, const uint64_t* h){
|
||||||
|
uint8_t i;
|
||||||
|
q[16] = bmw_large_expand1(0, q, m, h);
|
||||||
|
q[17] = bmw_large_expand1(1, q, m, h);
|
||||||
|
for(i=2; i<16; ++i){
|
||||||
|
q[16+i] = bmw_large_expand2(i, q, m, h);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
void bmw_large_f2(uint64_t* h, const uint64_t* q, const void* m){
|
||||||
|
uint64_t xl=0, xh;
|
||||||
|
uint8_t i;
|
||||||
|
for(i=16;i<24;++i){
|
||||||
|
xl ^= q[i];
|
||||||
|
}
|
||||||
|
xh = xl;
|
||||||
|
for(i=24;i<32;++i){
|
||||||
|
xh ^= q[i];
|
||||||
|
}
|
||||||
|
#if DEBUG
|
||||||
|
cli_putstr("\r\n XL = ");
|
||||||
|
cli_hexdump_rev(&xl, 4);
|
||||||
|
cli_putstr("\r\n XH = ");
|
||||||
|
cli_hexdump_rev(&xh, 4);
|
||||||
|
#endif
|
||||||
|
memcpy(h, m, 16*8);
|
||||||
|
h[0] ^= SHL64(xh, 5) ^ SHR64(q[16], 5);
|
||||||
|
h[1] ^= SHR64(xh, 7) ^ SHL64(q[17], 8);
|
||||||
|
h[2] ^= SHR64(xh, 5) ^ SHL64(q[18], 5);
|
||||||
|
h[3] ^= SHR64(xh, 1) ^ SHL64(q[19], 5);
|
||||||
|
h[4] ^= SHR64(xh, 3) ^ q[20];
|
||||||
|
h[5] ^= SHL64(xh, 6) ^ SHR64(q[21], 6);
|
||||||
|
h[6] ^= SHR64(xh, 4) ^ SHL64(q[22], 6);
|
||||||
|
h[7] ^= SHR64(xh,11) ^ SHL64(q[23], 2);
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
h[i] += xl ^ q[24+i] ^ q[i];
|
||||||
|
}
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
h[8+i] ^= xh ^ q[24+i];
|
||||||
|
h[8+i] += ROTL64(h[(4+i)%8],i+9);
|
||||||
|
}
|
||||||
|
h[ 8] += SHL64(xl, 8) ^ q[23] ^ q[ 8];
|
||||||
|
h[ 9] += SHR64(xl, 6) ^ q[16] ^ q[ 9];
|
||||||
|
h[10] += SHL64(xl, 6) ^ q[17] ^ q[10];
|
||||||
|
h[11] += SHL64(xl, 4) ^ q[18] ^ q[11];
|
||||||
|
h[12] += SHR64(xl, 3) ^ q[19] ^ q[12];
|
||||||
|
h[13] += SHR64(xl, 4) ^ q[20] ^ q[13];
|
||||||
|
h[14] += SHR64(xl, 7) ^ q[21] ^ q[14];
|
||||||
|
h[15] += SHR64(xl, 2) ^ q[22] ^ q[15];
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw_large_nextBlock(bmw_large_ctx_t* ctx, const void* block){
|
||||||
|
uint64_t q[32];
|
||||||
|
dump_x(block, 16, 'M');
|
||||||
|
bmw_large_f0(q, ctx->h, block);
|
||||||
|
dump_x(q, 16, 'Q');
|
||||||
|
bmw_large_f1(q, block, ctx->h);
|
||||||
|
dump_x(q, 32, 'Q');
|
||||||
|
bmw_large_f2(ctx->h, q, block);
|
||||||
|
ctx->counter += 1;
|
||||||
|
ctx_dump(ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw_large_lastBlock(bmw_large_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
uint8_t buffer[128];
|
||||||
|
while(length_b >= BMW_LARGE_BLOCKSIZE){
|
||||||
|
bmw_large_nextBlock(ctx, block);
|
||||||
|
length_b -= BMW_LARGE_BLOCKSIZE;
|
||||||
|
block = (uint8_t*)block + BMW_LARGE_BLOCKSIZE_B;
|
||||||
|
}
|
||||||
|
memset(buffer, 0, 128);
|
||||||
|
memcpy(buffer, block, (length_b+7)/8);
|
||||||
|
buffer[length_b>>3] |= 0x80 >> (length_b&0x07);
|
||||||
|
if(length_b+1>128*8-64){
|
||||||
|
bmw_large_nextBlock(ctx, buffer);
|
||||||
|
memset(buffer, 0, 128-8);
|
||||||
|
ctx->counter -= 1;
|
||||||
|
}
|
||||||
|
*((uint64_t*)&(buffer[128-8])) = (uint64_t)(ctx->counter*1024LL)+(uint64_t)length_b;
|
||||||
|
bmw_large_nextBlock(ctx, buffer);
|
||||||
|
#if TWEAK
|
||||||
|
uint8_t i;
|
||||||
|
uint64_t q[32];
|
||||||
|
memset(buffer, 0xaa, 128);
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
buffer[8*i] = i + 0xa0;
|
||||||
|
}
|
||||||
|
bmw_large_f0(q, (uint64_t*)buffer, ctx->h);
|
||||||
|
bmw_large_f1(q, ctx->h, (uint64_t*)buffer);
|
||||||
|
bmw_large_f2((uint64_t*)buffer, q, ctx->h);
|
||||||
|
memcpy(ctx->h, buffer, 128);
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw384_init(bmw384_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
ctx->h[0] = 0x0001020304050607LL;
|
||||||
|
for(i=1; i<16; ++i){
|
||||||
|
ctx->h[i] = ctx->h[i-1]+ 0x0808080808080808LL;
|
||||||
|
}
|
||||||
|
#if BUG24
|
||||||
|
ctx->h[6] = 0x3031323324353637LL;
|
||||||
|
#endif
|
||||||
|
ctx->counter=0;
|
||||||
|
ctx_dump(ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw512_init(bmw512_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
ctx->h[0] = 0x8081828384858687LL;
|
||||||
|
for(i=1; i<16; ++i){
|
||||||
|
ctx->h[i] = ctx->h[i-1]+ 0x0808080808080808LL;
|
||||||
|
}
|
||||||
|
ctx->counter=0;
|
||||||
|
ctx_dump(ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw384_nextBlock(bmw384_ctx_t* ctx, const void* block){
|
||||||
|
bmw_large_nextBlock(ctx, block);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw512_nextBlock(bmw512_ctx_t* ctx, const void* block){
|
||||||
|
bmw_large_nextBlock(ctx, block);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw384_lastBlock(bmw384_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
bmw_large_lastBlock(ctx, block, length_b);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw512_lastBlock(bmw512_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
bmw_large_lastBlock(ctx, block, length_b);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw384_ctx2hash(void* dest, const bmw384_ctx_t* ctx){
|
||||||
|
memcpy(dest, &(ctx->h[10]), 384/8);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw512_ctx2hash(void* dest, const bmw512_ctx_t* ctx){
|
||||||
|
memcpy(dest, &(ctx->h[8]), 512/8);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw384(void* dest, const void* msg, uint32_t length_b){
|
||||||
|
bmw_large_ctx_t ctx;
|
||||||
|
bmw384_init(&ctx);
|
||||||
|
while(length_b>=BMW_LARGE_BLOCKSIZE){
|
||||||
|
bmw_large_nextBlock(&ctx, msg);
|
||||||
|
length_b -= BMW_LARGE_BLOCKSIZE;
|
||||||
|
msg = (uint8_t*)msg + BMW_LARGE_BLOCKSIZE_B;
|
||||||
|
}
|
||||||
|
bmw_large_lastBlock(&ctx, msg, length_b);
|
||||||
|
bmw384_ctx2hash(dest, &ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw512(void* dest, const void* msg, uint32_t length_b){
|
||||||
|
bmw_large_ctx_t ctx;
|
||||||
|
bmw512_init(&ctx);
|
||||||
|
while(length_b>=BMW_LARGE_BLOCKSIZE){
|
||||||
|
bmw_large_nextBlock(&ctx, msg);
|
||||||
|
length_b -= BMW_LARGE_BLOCKSIZE;
|
||||||
|
msg = (uint8_t*)msg + BMW_LARGE_BLOCKSIZE_B;
|
||||||
|
}
|
||||||
|
bmw_large_lastBlock(&ctx, msg, length_b);
|
||||||
|
bmw512_ctx2hash(dest, &ctx);
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,65 @@
|
||||||
|
/* bmw_large.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* \file bmw_large.h
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \date 2009-04-27
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#ifndef BMW_LARGE_H_
|
||||||
|
#define BMW_LARGE_H_
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
#define BMW_LARGE_BLOCKSIZE 1024
|
||||||
|
#define BMW_LARGE_BLOCKSIZE_B ((BMW_LARGE_BLOCKSIZE+7)/8)
|
||||||
|
#define BMW384_BLOCKSIZE BMW_LARGE_BLOCKSIZE
|
||||||
|
#define BMW384_BLOCKSIZE_B BMW_LARGE_BLOCKSIZE_B
|
||||||
|
#define BMW512_BLOCKSIZE BMW_LARGE_BLOCKSIZE
|
||||||
|
#define BMW512_BLOCKSIZE_B BMW_LARGE_BLOCKSIZE_B
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
uint64_t h[16];
|
||||||
|
uint32_t counter;
|
||||||
|
} bmw_large_ctx_t;
|
||||||
|
|
||||||
|
typedef bmw_large_ctx_t bmw384_ctx_t;
|
||||||
|
typedef bmw_large_ctx_t bmw512_ctx_t;
|
||||||
|
|
||||||
|
void bmw384_init(bmw384_ctx_t* ctx);
|
||||||
|
void bmw512_init(bmw512_ctx_t* ctx);
|
||||||
|
|
||||||
|
void bmw_large_nextBlock(bmw_large_ctx_t* ctx, const void* block);
|
||||||
|
void bmw_large_lastBlock(bmw_large_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void bmw384_nextBlock(bmw384_ctx_t* ctx, const void* block);
|
||||||
|
void bmw384_lastBlock(bmw384_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void bmw512_nextBlock(bmw512_ctx_t* ctx, const void* block);
|
||||||
|
void bmw512_lastBlock(bmw512_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void bmw384_ctx2hash(void* dest, const bmw384_ctx_t* ctx);
|
||||||
|
void bmw512_ctx2hash(void* dest, const bmw512_ctx_t* ctx);
|
||||||
|
|
||||||
|
void bmw384(void* dest, const void* msg, uint32_t length_b);
|
||||||
|
void bmw512(void* dest, const void* msg, uint32_t length_b);
|
||||||
|
|
||||||
|
#endif /* BMW_LARGE_H_ */
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,605 @@
|
||||||
|
/* bmw_small.c */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* \file bmw_small.c
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \date 2009-04-27
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "bmw_small.h"
|
||||||
|
#include "memxor.h"
|
||||||
|
|
||||||
|
#define SHL32(a,n) ((a)<<(n))
|
||||||
|
#define SHR32(a,n) ((a)>>(n))
|
||||||
|
#define ROTL32(a,n) (((a)<<(n))|((a)>>(32-(n))))
|
||||||
|
#define ROTR32(a,n) (((a)>>(n))|((a)<<(32-(n))))
|
||||||
|
|
||||||
|
|
||||||
|
#define TWEAK 1
|
||||||
|
#if TWEAK
|
||||||
|
# define BUG24 0
|
||||||
|
#else
|
||||||
|
# define BUG24 1
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#define F0_HACK 2
|
||||||
|
|
||||||
|
#define DEBUG 0
|
||||||
|
|
||||||
|
#ifndef F0_HACK
|
||||||
|
# define F0_HACK 0
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if DEBUG
|
||||||
|
#include "cli.h"
|
||||||
|
|
||||||
|
void ctx_dump(const bmw_small_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
cli_putstr("\r\n==== ctx dump ====");
|
||||||
|
for(i=0; i<16;++i){
|
||||||
|
cli_putstr("\r\n h[");
|
||||||
|
cli_hexdump(&i, 1);
|
||||||
|
cli_putstr("] = ");
|
||||||
|
cli_hexdump_rev(&(ctx->h[i]), 4);
|
||||||
|
}
|
||||||
|
cli_putstr("\r\n counter = ");
|
||||||
|
cli_hexdump(&(ctx->counter), 4);
|
||||||
|
}
|
||||||
|
|
||||||
|
void dump_x(const uint32_t* q, uint8_t elements, char x){
|
||||||
|
uint8_t i;
|
||||||
|
cli_putstr("\r\n==== ");
|
||||||
|
cli_putc(x);
|
||||||
|
cli_putstr(" dump ====");
|
||||||
|
for(i=0; i<elements;++i){
|
||||||
|
cli_putstr("\r\n ");
|
||||||
|
cli_putc(x);
|
||||||
|
cli_putstr("[");
|
||||||
|
cli_hexdump(&i, 1);
|
||||||
|
cli_putstr("] = ");
|
||||||
|
cli_hexdump_rev(&(q[i]), 4);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#else
|
||||||
|
#define ctx_dump(x)
|
||||||
|
#define dump_x(a,b,c)
|
||||||
|
#endif
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t bmw_small_s0(uint32_t x){
|
||||||
|
uint32_t r;
|
||||||
|
r = SHR32(x, 1)
|
||||||
|
^ SHL32(x, 3)
|
||||||
|
^ ROTL32(x, 4)
|
||||||
|
^ ROTR32(x, 13);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t bmw_small_s1(uint32_t x){
|
||||||
|
uint32_t r;
|
||||||
|
r = SHR32(x, 1)
|
||||||
|
^ SHL32(x, 2)
|
||||||
|
^ ROTL32(x, 8)
|
||||||
|
^ ROTR32(x, 9);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t bmw_small_s2(uint32_t x){
|
||||||
|
uint32_t r;
|
||||||
|
r = SHR32(x, 2)
|
||||||
|
^ SHL32(x, 1)
|
||||||
|
^ ROTL32(x, 12)
|
||||||
|
^ ROTR32(x, 7);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t bmw_small_s3(uint32_t x){
|
||||||
|
uint32_t r;
|
||||||
|
r = SHR32(x, 2)
|
||||||
|
^ SHL32(x, 2)
|
||||||
|
^ ROTL32(x, 15)
|
||||||
|
^ ROTR32(x, 3);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t bmw_small_s4(uint32_t x){
|
||||||
|
uint32_t r;
|
||||||
|
r = SHR32(x, 1)
|
||||||
|
^ x;
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t bmw_small_s5(uint32_t x){
|
||||||
|
uint32_t r;
|
||||||
|
r = SHR32(x, 2)
|
||||||
|
^ x;
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t bmw_small_r1(uint32_t x){
|
||||||
|
uint32_t r;
|
||||||
|
r = ROTL32(x, 3);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t bmw_small_r2(uint32_t x){
|
||||||
|
uint32_t r;
|
||||||
|
r = ROTL32(x, 7);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t bmw_small_r3(uint32_t x){
|
||||||
|
uint32_t r;
|
||||||
|
r = ROTL32(x, 13);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t bmw_small_r4(uint32_t x){
|
||||||
|
uint32_t r;
|
||||||
|
r = ROTL32(x, 16);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t bmw_small_r5(uint32_t x){
|
||||||
|
uint32_t r;
|
||||||
|
r = ROTR32(x, 13);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t bmw_small_r6(uint32_t x){
|
||||||
|
uint32_t r;
|
||||||
|
r = ROTR32(x, 9);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t bmw_small_r7(uint32_t x){
|
||||||
|
uint32_t r;
|
||||||
|
r = ROTR32(x, 5);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
/*
|
||||||
|
#define K 0x05555555L
|
||||||
|
static
|
||||||
|
uint32_t k_lut[] PROGMEM = {
|
||||||
|
16L*K, 17L*K, 18L*K, 19L*K, 20L*K, 21L*K, 22L*K, 23L*K,
|
||||||
|
24L*K, 25L*K, 26L*K, 27L*K, 28L*K, 29L*K, 30L*K, 31L*K
|
||||||
|
};
|
||||||
|
*/
|
||||||
|
/* same as above but precomputed to avoid compiler warnings */
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t k_lut[] = {
|
||||||
|
0x55555550L, 0x5aaaaaa5L, 0x5ffffffaL,
|
||||||
|
0x6555554fL, 0x6aaaaaa4L, 0x6ffffff9L,
|
||||||
|
0x7555554eL, 0x7aaaaaa3L, 0x7ffffff8L,
|
||||||
|
0x8555554dL, 0x8aaaaaa2L, 0x8ffffff7L,
|
||||||
|
0x9555554cL, 0x9aaaaaa1L, 0x9ffffff6L,
|
||||||
|
0xa555554bL };
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t bmw_small_expand1(uint8_t j, const uint32_t* q, const void* m, const void* h){
|
||||||
|
uint32_t(*s[])(uint32_t) = {bmw_small_s1, bmw_small_s2, bmw_small_s3, bmw_small_s0};
|
||||||
|
uint32_t r;
|
||||||
|
uint8_t i;
|
||||||
|
/* r = 0x05555555*(j+16); */
|
||||||
|
|
||||||
|
#if TWEAK
|
||||||
|
r = ( ROTL32(((uint32_t*)m)[j&0xf], ((j+0)&0xf)+1 )
|
||||||
|
+ ROTL32(((uint32_t*)m)[(j+3)&0xf], ((j+3)&0xf)+1 )
|
||||||
|
- ROTL32(((uint32_t*)m)[(j+10)&0xf], ((j+10)&0xf)+1 )
|
||||||
|
+ k_lut[j]
|
||||||
|
) ^ ((uint32_t*)h)[(j+7)&0xf];
|
||||||
|
#else
|
||||||
|
r = k_lut[j];
|
||||||
|
r += ((uint32_t*)m)[j&0xf];
|
||||||
|
r += ((uint32_t*)m)[(j+3)&0xf];
|
||||||
|
r -= ((uint32_t*)m)[(j+10)&0xf];
|
||||||
|
#endif
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
r += s[i%4](q[j+i]);
|
||||||
|
}
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t bmw_small_expand2(uint8_t j, const uint32_t* q, const void* m, const void* h){
|
||||||
|
uint32_t(*rf[])(uint32_t) = {bmw_small_r1, bmw_small_r2, bmw_small_r3,
|
||||||
|
bmw_small_r4, bmw_small_r5, bmw_small_r6,
|
||||||
|
bmw_small_r7};
|
||||||
|
uint32_t r=0;
|
||||||
|
uint8_t i;
|
||||||
|
for(i=0; i<14; i+=2){
|
||||||
|
r += q[j+i];
|
||||||
|
}
|
||||||
|
for(i=0; i<14; i+=2){
|
||||||
|
r += rf[i/2](q[j+i+1]);
|
||||||
|
}
|
||||||
|
#if TWEAK
|
||||||
|
r += bmw_small_s4(q[j+14]);
|
||||||
|
r += bmw_small_s5(q[j+15]);
|
||||||
|
#else
|
||||||
|
r += bmw_small_s5(q[j+14]);
|
||||||
|
r += bmw_small_s4(q[j+15]);
|
||||||
|
#endif
|
||||||
|
#if TWEAK
|
||||||
|
r += ( ROTL32(((uint32_t*)m)[j&0xf], ((j+0)&0xf)+1 )
|
||||||
|
+ ROTL32(((uint32_t*)m)[(j+3)&0xf], ((j+3)&0xf)+1 )
|
||||||
|
- ROTL32(((uint32_t*)m)[(j+10)&0xf], ((j+10)&0xf)+1 )
|
||||||
|
+ k_lut[j]
|
||||||
|
) ^ ((uint32_t*)h)[(j+7)&0xf];
|
||||||
|
#else
|
||||||
|
r += k_lut[j];
|
||||||
|
r += ((uint32_t*)m)[j&0xf];
|
||||||
|
r += ((uint32_t*)m)[(j+3)&0xf];
|
||||||
|
r -= ((uint32_t*)m)[(j+10)&0xf];
|
||||||
|
#endif
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
#if F0_HACK==2
|
||||||
|
/* to understand this implementation take a look at f0-opt-table.txt */
|
||||||
|
static uint16_t hack_table[5] = { 0x0311, 0xDDB3, 0x2A79, 0x07AA, 0x51C2 };
|
||||||
|
static uint8_t offset_table[5] = { 4+16, 6+16, 9+16, 12+16, 13+16 };
|
||||||
|
|
||||||
|
static
|
||||||
|
void bmw_small_f0(uint32_t* q, uint32_t* h, const void* m){
|
||||||
|
uint16_t hack_reg;
|
||||||
|
uint8_t c,i,j;
|
||||||
|
uint32_t(*s[])(uint32_t)={ bmw_small_s0, bmw_small_s1, bmw_small_s2,
|
||||||
|
bmw_small_s3, bmw_small_s4 };
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
((uint32_t*)h)[i] ^= ((uint32_t*)m)[i];
|
||||||
|
}
|
||||||
|
dump_x(h, 16, 'T');
|
||||||
|
memset(q, 0, 4*16);
|
||||||
|
c=4;
|
||||||
|
do{
|
||||||
|
i=15;
|
||||||
|
j=offset_table[c];
|
||||||
|
hack_reg=hack_table[c];
|
||||||
|
do{
|
||||||
|
if(hack_reg&1){
|
||||||
|
q[i]-= h[j&15];
|
||||||
|
}else{
|
||||||
|
q[i]+= h[j&15];
|
||||||
|
}
|
||||||
|
--j;
|
||||||
|
hack_reg>>= 1;
|
||||||
|
}while(i--!=0);
|
||||||
|
}while(c--!=0);
|
||||||
|
dump_x(q, 16, 'W');
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
q[i] = s[i%5](q[i]);
|
||||||
|
}
|
||||||
|
#if TWEAK
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
((uint32_t*)h)[i] ^= ((uint32_t*)m)[i];
|
||||||
|
}
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
q[i] += h[(i+1)&0xf];
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
#endif /* F0_HACK==2*/
|
||||||
|
|
||||||
|
#if F0_HACK==1
|
||||||
|
static
|
||||||
|
uint8_t f0_lut[] PROGMEM = {
|
||||||
|
5<<1, ( 7<<1)+1, (10<<1)+0, (13<<1)+0, (14<<1)+0,
|
||||||
|
6<<1, ( 8<<1)+1, (11<<1)+0, (14<<1)+0, (15<<1)+1,
|
||||||
|
0<<1, ( 7<<1)+0, ( 9<<1)+0, (12<<1)+1, (15<<1)+0,
|
||||||
|
0<<1, ( 1<<1)+1, ( 8<<1)+0, (10<<1)+1, (13<<1)+0,
|
||||||
|
1<<1, ( 2<<1)+0, ( 9<<1)+0, (11<<1)+1, (14<<1)+1,
|
||||||
|
3<<1, ( 2<<1)+1, (10<<1)+0, (12<<1)+1, (15<<1)+0,
|
||||||
|
4<<1, ( 0<<1)+1, ( 3<<1)+1, (11<<1)+1, (13<<1)+0,
|
||||||
|
1<<1, ( 4<<1)+1, ( 5<<1)+1, (12<<1)+1, (14<<1)+1,
|
||||||
|
2<<1, ( 5<<1)+1, ( 6<<1)+1, (13<<1)+0, (15<<1)+1,
|
||||||
|
0<<1, ( 3<<1)+1, ( 6<<1)+0, ( 7<<1)+1, (14<<1)+0,
|
||||||
|
8<<1, ( 1<<1)+1, ( 4<<1)+1, ( 7<<1)+1, (15<<1)+0,
|
||||||
|
8<<1, ( 0<<1)+1, ( 2<<1)+1, ( 5<<1)+1, ( 9<<1)+0,
|
||||||
|
1<<1, ( 3<<1)+0, ( 6<<1)+1, ( 9<<1)+1, (10<<1)+0,
|
||||||
|
2<<1, ( 4<<1)+0, ( 7<<1)+0, (10<<1)+0, (11<<1)+0,
|
||||||
|
3<<1, ( 5<<1)+1, ( 8<<1)+0, (11<<1)+1, (12<<1)+1,
|
||||||
|
12<<1, ( 4<<1)+1, ( 6<<1)+1, ( 9<<1)+1, (13<<1)+0
|
||||||
|
};
|
||||||
|
|
||||||
|
static
|
||||||
|
void bmw_small_f0(uint32_t* q, uint32_t* h, const void* m){
|
||||||
|
uint8_t i,j=-1,v,sign,l=0;
|
||||||
|
uint32_t(*s[])(uint32_t)={ bmw_small_s0, bmw_small_s1, bmw_small_s2,
|
||||||
|
bmw_small_s3, bmw_small_s4 };
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
((uint32_t*)h)[i] ^= ((uint32_t*)m)[i];
|
||||||
|
}
|
||||||
|
dump_x(h, 16, 'T');
|
||||||
|
// memset(q, 0, 4*16);
|
||||||
|
for(i=0; i<5*16; ++i){
|
||||||
|
v = pgm_read_byte(f0_lut+i);
|
||||||
|
sign = v&1;
|
||||||
|
v >>=1;
|
||||||
|
if(i==l){
|
||||||
|
j++;
|
||||||
|
l+=5;
|
||||||
|
q[j] = h[v];
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if(sign){
|
||||||
|
q[j] -= h[v];
|
||||||
|
}else{
|
||||||
|
q[j] += h[v];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
dump_x(q, 16, 'W');
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
q[i] = s[i%5](q[i]);
|
||||||
|
}
|
||||||
|
#if TWEAK
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
((uint32_t*)h)[i] ^= ((uint32_t*)m)[i];
|
||||||
|
}
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
q[i] += h[(i+1)&0xf];
|
||||||
|
}
|
||||||
|
#endif /* TWEAK */
|
||||||
|
}
|
||||||
|
#endif /* F0_HACK==1 */
|
||||||
|
|
||||||
|
#if F0_HACK==0
|
||||||
|
static
|
||||||
|
void bmw_small_f0(uint32_t* q, uint32_t* h, const void* m){
|
||||||
|
uint8_t i;
|
||||||
|
uint32_t(*s[])(uint32_t)={ bmw_small_s0, bmw_small_s1, bmw_small_s2,
|
||||||
|
bmw_small_s3, bmw_small_s4 };
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
((uint32_t*)h)[i] ^= ((uint32_t*)m)[i];
|
||||||
|
}
|
||||||
|
dump_x(h, 16, 'T');
|
||||||
|
q[ 0] = (h[ 5] - h[ 7] + h[10] + h[13] + h[14]);
|
||||||
|
q[ 1] = (h[ 6] - h[ 8] + h[11] + h[14] - h[15]);
|
||||||
|
q[ 2] = (h[ 0] + h[ 7] + h[ 9] - h[12] + h[15]);
|
||||||
|
q[ 3] = (h[ 0] - h[ 1] + h[ 8] - h[10] + h[13]);
|
||||||
|
q[ 4] = (h[ 1] + h[ 2] + h[ 9] - h[11] - h[14]);
|
||||||
|
q[ 5] = (h[ 3] - h[ 2] + h[10] - h[12] + h[15]);
|
||||||
|
q[ 6] = (h[ 4] - h[ 0] - h[ 3] - h[11] + h[13]);
|
||||||
|
q[ 7] = (h[ 1] - h[ 4] - h[ 5] - h[12] - h[14]);
|
||||||
|
q[ 8] = (h[ 2] - h[ 5] - h[ 6] + h[13] - h[15]);
|
||||||
|
q[ 9] = (h[ 0] - h[ 3] + h[ 6] - h[ 7] + h[14]);
|
||||||
|
q[10] = (h[ 8] - h[ 1] - h[ 4] - h[ 7] + h[15]);
|
||||||
|
q[11] = (h[ 8] - h[ 0] - h[ 2] - h[ 5] + h[ 9]);
|
||||||
|
q[12] = (h[ 1] + h[ 3] - h[ 6] - h[ 9] + h[10]);
|
||||||
|
q[13] = (h[ 2] + h[ 4] + h[ 7] + h[10] + h[11]);
|
||||||
|
q[14] = (h[ 3] - h[ 5] + h[ 8] - h[11] - h[12]);
|
||||||
|
q[15] = (h[12] - h[ 4] - h[ 6] - h[ 9] + h[13]);
|
||||||
|
dump_x(q, 16, 'W');
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
q[i] = s[i%5](q[i]);
|
||||||
|
}
|
||||||
|
#if TWEAK
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
((uint32_t*)h)[i] ^= ((uint32_t*)m)[i];
|
||||||
|
}
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
q[i] += h[(i+1)&0xf];
|
||||||
|
}
|
||||||
|
#endif /* TWEAK */
|
||||||
|
}
|
||||||
|
#endif /* F0_HACK==0 */
|
||||||
|
|
||||||
|
static
|
||||||
|
void bmw_small_f1(uint32_t* q, const void* m, const void* h){
|
||||||
|
uint8_t i;
|
||||||
|
q[16] = bmw_small_expand1(0, q, m, h);
|
||||||
|
q[17] = bmw_small_expand1(1, q, m, h);
|
||||||
|
for(i=2; i<16; ++i){
|
||||||
|
q[16+i] = bmw_small_expand2(i, q, m, h);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
void bmw_small_f2(uint32_t* h, uint32_t* q, const void* m){
|
||||||
|
uint32_t xl=0, xh;
|
||||||
|
uint8_t i;
|
||||||
|
for(i=16;i<24;++i){
|
||||||
|
xl ^= q[i];
|
||||||
|
}
|
||||||
|
xh = xl;
|
||||||
|
for(i=24;i<32;++i){
|
||||||
|
xh ^= q[i];
|
||||||
|
}
|
||||||
|
#if DEBUG
|
||||||
|
cli_putstr("\r\n XL = ");
|
||||||
|
cli_hexdump_rev(&xl, 4);
|
||||||
|
cli_putstr("\r\n XH = ");
|
||||||
|
cli_hexdump_rev(&xh, 4);
|
||||||
|
#endif
|
||||||
|
memcpy(h, m, 16*4);
|
||||||
|
h[0] ^= SHL32(xh, 5) ^ SHR32(q[16], 5);
|
||||||
|
h[1] ^= SHR32(xh, 7) ^ SHL32(q[17], 8);
|
||||||
|
h[2] ^= SHR32(xh, 5) ^ SHL32(q[18], 5);
|
||||||
|
h[3] ^= SHR32(xh, 1) ^ SHL32(q[19], 5);
|
||||||
|
h[4] ^= SHR32(xh, 3) ^ q[20];
|
||||||
|
h[5] ^= SHL32(xh, 6) ^ SHR32(q[21], 6);
|
||||||
|
h[6] ^= SHR32(xh, 4) ^ SHL32(q[22], 6);
|
||||||
|
h[7] ^= SHR32(xh,11) ^ SHL32(q[23], 2);
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
h[i] += xl ^ q[24+i] ^ q[i];
|
||||||
|
}
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
h[8+i] ^= xh ^ q[24+i];
|
||||||
|
h[8+i] += ROTL32(h[(4+i)%8],i+9);
|
||||||
|
}
|
||||||
|
/*
|
||||||
|
h[ 8] += SHL32(xl, 8) ^ q[23] ^ q[ 8];
|
||||||
|
h[ 9] += SHR32(xl, 6) ^ q[16] ^ q[ 9];
|
||||||
|
h[10] += SHL32(xl, 6) ^ q[17] ^ q[10];
|
||||||
|
h[11] += SHL32(xl, 4) ^ q[18] ^ q[11];
|
||||||
|
h[12] += SHR32(xl, 3) ^ q[19] ^ q[12];
|
||||||
|
h[13] += SHR32(xl, 4) ^ q[20] ^ q[13];
|
||||||
|
h[14] += SHR32(xl, 7) ^ q[21] ^ q[14];
|
||||||
|
h[15] += SHR32(xl, 2) ^ q[22] ^ q[15];
|
||||||
|
*/
|
||||||
|
memxor(q+9, q+16, 7*4);
|
||||||
|
q[8] ^= q[23];
|
||||||
|
h[ 8] += SHL32(xl, 8) ^ q[ 8];
|
||||||
|
h[ 9] += SHR32(xl, 6) ^ q[ 9];
|
||||||
|
h[10] += SHL32(xl, 6) ^ q[10];
|
||||||
|
h[11] += SHL32(xl, 4) ^ q[11];
|
||||||
|
h[12] += SHR32(xl, 3) ^ q[12];
|
||||||
|
h[13] += SHR32(xl, 4) ^ q[13];
|
||||||
|
h[14] += SHR32(xl, 7) ^ q[14];
|
||||||
|
h[15] += SHR32(xl, 2) ^ q[15];
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw_small_nextBlock(bmw_small_ctx_t* ctx, const void* block){
|
||||||
|
uint32_t q[32];
|
||||||
|
dump_x(block, 16, 'M');
|
||||||
|
bmw_small_f0(q, ctx->h, block);
|
||||||
|
dump_x(q, 16, 'Q');
|
||||||
|
bmw_small_f1(q, block, ctx->h);
|
||||||
|
dump_x(q, 32, 'Q');
|
||||||
|
bmw_small_f2(ctx->h, q, block);
|
||||||
|
ctx->counter += 1;
|
||||||
|
ctx_dump(ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw_small_lastBlock(bmw_small_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
uint8_t buffer[64];
|
||||||
|
while(length_b >= BMW_SMALL_BLOCKSIZE){
|
||||||
|
bmw_small_nextBlock(ctx, block);
|
||||||
|
length_b -= BMW_SMALL_BLOCKSIZE;
|
||||||
|
block = (uint8_t*)block + BMW_SMALL_BLOCKSIZE_B;
|
||||||
|
}
|
||||||
|
memset(buffer, 0, 64);
|
||||||
|
memcpy(buffer, block, (length_b+7)/8);
|
||||||
|
buffer[length_b>>3] |= 0x80 >> (length_b&0x07);
|
||||||
|
if(length_b+1>64*8-64){
|
||||||
|
bmw_small_nextBlock(ctx, buffer);
|
||||||
|
memset(buffer, 0, 64-8);
|
||||||
|
ctx->counter -= 1;
|
||||||
|
}
|
||||||
|
*((uint64_t*)&(buffer[64-8])) = (uint64_t)(ctx->counter*512LL)+(uint64_t)length_b;
|
||||||
|
bmw_small_nextBlock(ctx, buffer);
|
||||||
|
#if TWEAK
|
||||||
|
uint8_t i;
|
||||||
|
uint32_t q[32];
|
||||||
|
memset(buffer, 0xaa, 64);
|
||||||
|
for(i=0; i<16;++i){
|
||||||
|
buffer[i*4] = i+0xa0;
|
||||||
|
}
|
||||||
|
// dump_x(buffer, 16, 'A');
|
||||||
|
dump_x(ctx->h, 16, 'M');
|
||||||
|
bmw_small_f0(q, (uint32_t*)buffer, ctx->h);
|
||||||
|
dump_x(buffer, 16, 'a');
|
||||||
|
dump_x(q, 16, 'Q');
|
||||||
|
bmw_small_f1(q, ctx->h, (uint32_t*)buffer);
|
||||||
|
dump_x(q, 32, 'Q');
|
||||||
|
bmw_small_f2((uint32_t*)buffer, q, ctx->h);
|
||||||
|
memcpy(ctx->h, buffer, 64);
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw224_init(bmw224_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
ctx->h[0] = 0x00010203;
|
||||||
|
for(i=1; i<16; ++i){
|
||||||
|
ctx->h[i] = ctx->h[i-1]+ 0x04040404;
|
||||||
|
}
|
||||||
|
#if BUG24
|
||||||
|
ctx->h[13] = 0x24353637;
|
||||||
|
#endif
|
||||||
|
ctx->counter=0;
|
||||||
|
ctx_dump(ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw256_init(bmw256_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
ctx->h[0] = 0x40414243;
|
||||||
|
for(i=1; i<16; ++i){
|
||||||
|
ctx->h[i] = ctx->h[i-1]+ 0x04040404;
|
||||||
|
}
|
||||||
|
ctx->counter=0;
|
||||||
|
ctx_dump(ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw224_nextBlock(bmw224_ctx_t* ctx, const void* block){
|
||||||
|
bmw_small_nextBlock(ctx, block);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw256_nextBlock(bmw256_ctx_t* ctx, const void* block){
|
||||||
|
bmw_small_nextBlock(ctx, block);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw224_lastBlock(bmw224_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
bmw_small_lastBlock(ctx, block, length_b);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw256_lastBlock(bmw256_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
bmw_small_lastBlock(ctx, block, length_b);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw224_ctx2hash(void* dest, const bmw224_ctx_t* ctx){
|
||||||
|
memcpy(dest, &(ctx->h[9]), 224/8);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw256_ctx2hash(void* dest, const bmw256_ctx_t* ctx){
|
||||||
|
memcpy(dest, &(ctx->h[8]), 256/8);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw224(void* dest, const void* msg, uint32_t length_b){
|
||||||
|
bmw_small_ctx_t ctx;
|
||||||
|
bmw224_init(&ctx);
|
||||||
|
while(length_b>=BMW_SMALL_BLOCKSIZE){
|
||||||
|
bmw_small_nextBlock(&ctx, msg);
|
||||||
|
length_b -= BMW_SMALL_BLOCKSIZE;
|
||||||
|
msg = (uint8_t*)msg + BMW_SMALL_BLOCKSIZE_B;
|
||||||
|
}
|
||||||
|
bmw_small_lastBlock(&ctx, msg, length_b);
|
||||||
|
bmw224_ctx2hash(dest, &ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw256(void* dest, const void* msg, uint32_t length_b){
|
||||||
|
bmw_small_ctx_t ctx;
|
||||||
|
bmw256_init(&ctx);
|
||||||
|
while(length_b>=BMW_SMALL_BLOCKSIZE){
|
||||||
|
bmw_small_nextBlock(&ctx, msg);
|
||||||
|
length_b -= BMW_SMALL_BLOCKSIZE;
|
||||||
|
msg = (uint8_t*)msg + BMW_SMALL_BLOCKSIZE_B;
|
||||||
|
}
|
||||||
|
bmw_small_lastBlock(&ctx, msg, length_b);
|
||||||
|
bmw256_ctx2hash(dest, &ctx);
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,65 @@
|
||||||
|
/* bmw_small.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* \file bmw_small.h
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \date 2009-04-27
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#ifndef BMW_SMALL_H_
|
||||||
|
#define BMW_SMALL_H_
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
#define BMW_SMALL_BLOCKSIZE 512
|
||||||
|
#define BMW_SMALL_BLOCKSIZE_B ((BMW_SMALL_BLOCKSIZE+7)/8)
|
||||||
|
#define BMW224_BLOCKSIZE BMW_SMALL_BLOCKSIZE
|
||||||
|
#define BMW224_BLOCKSIZE_B BMW_SMALL_BLOCKSIZE_B
|
||||||
|
#define BMW256_BLOCKSIZE BMW_SMALL_BLOCKSIZE
|
||||||
|
#define BMW256_BLOCKSIZE_B BMW_SMALL_BLOCKSIZE_B
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
uint32_t h[16];
|
||||||
|
uint32_t counter;
|
||||||
|
} bmw_small_ctx_t;
|
||||||
|
|
||||||
|
typedef bmw_small_ctx_t bmw224_ctx_t;
|
||||||
|
typedef bmw_small_ctx_t bmw256_ctx_t;
|
||||||
|
|
||||||
|
void bmw224_init(bmw224_ctx_t* ctx);
|
||||||
|
void bmw256_init(bmw256_ctx_t* ctx);
|
||||||
|
|
||||||
|
void bmw_small_nextBlock(bmw_small_ctx_t* ctx, const void* block);
|
||||||
|
void bmw_small_lastBlock(bmw_small_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void bmw224_nextBlock(bmw224_ctx_t* ctx, const void* block);
|
||||||
|
void bmw224_lastBlock(bmw224_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void bmw256_nextBlock(bmw256_ctx_t* ctx, const void* block);
|
||||||
|
void bmw256_lastBlock(bmw256_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void bmw224_ctx2hash(void* dest, const bmw224_ctx_t* ctx);
|
||||||
|
void bmw256_ctx2hash(void* dest, const bmw256_ctx_t* ctx);
|
||||||
|
|
||||||
|
void bmw224(void* dest, const void* msg, uint32_t length_b);
|
||||||
|
void bmw256(void* dest, const void* msg, uint32_t length_b);
|
||||||
|
|
||||||
|
#endif /* BMW_SMALL_H_ */
|
|
@ -0,0 +1,376 @@
|
||||||
|
/* bmw_small.c */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* \file bmw_small.c
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \date 2009-04-27
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "bmw_small.h"
|
||||||
|
#include "memxor.h"
|
||||||
|
|
||||||
|
#define SHL32(a,n) ((a)<<(n))
|
||||||
|
#define SHR32(a,n) ((a)>>(n))
|
||||||
|
#define ROTL32(a,n) (((a)<<(n))|((a)>>(32-(n))))
|
||||||
|
#define ROTR32(a,n) (((a)>>(n))|((a)<<(32-(n))))
|
||||||
|
|
||||||
|
|
||||||
|
#define DEBUG 0
|
||||||
|
|
||||||
|
|
||||||
|
#if DEBUG
|
||||||
|
#include "cli.h"
|
||||||
|
|
||||||
|
void ctx_dump(const bmw_small_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
cli_putstr("\r\n==== ctx dump ====");
|
||||||
|
for(i=0; i<16;++i){
|
||||||
|
cli_putstr("\r\n h[");
|
||||||
|
cli_hexdump(&i, 1);
|
||||||
|
cli_putstr("] = ");
|
||||||
|
cli_hexdump_rev(&(ctx->h[i]), 4);
|
||||||
|
}
|
||||||
|
cli_putstr("\r\n counter = ");
|
||||||
|
cli_hexdump(&(ctx->counter), 4);
|
||||||
|
}
|
||||||
|
|
||||||
|
void dump_x(const uint32_t* q, uint8_t elements, char x){
|
||||||
|
uint8_t i;
|
||||||
|
cli_putstr("\r\n==== ");
|
||||||
|
cli_putc(x);
|
||||||
|
cli_putstr(" dump ====");
|
||||||
|
for(i=0; i<elements;++i){
|
||||||
|
cli_putstr("\r\n ");
|
||||||
|
cli_putc(x);
|
||||||
|
cli_putstr("[");
|
||||||
|
cli_hexdump(&i, 1);
|
||||||
|
cli_putstr("] = ");
|
||||||
|
cli_hexdump_rev(&(q[i]), 4);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#else
|
||||||
|
#define ctx_dump(x)
|
||||||
|
#define dump_x(a,b,c)
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#define S32_0(x) ( (SHR32((x), 1)) ^ \
|
||||||
|
(SHL32((x), 3)) ^ \
|
||||||
|
(ROTL32((x), 4)) ^ \
|
||||||
|
(ROTR32((x), 13)) )
|
||||||
|
|
||||||
|
#define S32_1(x) ( (SHR32((x), 1)) ^ \
|
||||||
|
(SHL32((x), 2)) ^ \
|
||||||
|
(ROTL32((x), 8)) ^ \
|
||||||
|
(ROTR32((x), 9)) )
|
||||||
|
|
||||||
|
#define S32_2(x) ( (SHR32((x), 2)) ^ \
|
||||||
|
(SHL32((x), 1)) ^ \
|
||||||
|
(ROTL32((x), 12)) ^ \
|
||||||
|
(ROTR32((x), 7)) )
|
||||||
|
|
||||||
|
#define S32_3(x) ( (SHR32((x), 2)) ^ \
|
||||||
|
(SHL32((x), 2)) ^ \
|
||||||
|
(ROTL32((x), 15)) ^ \
|
||||||
|
(ROTR32((x), 3)) )
|
||||||
|
|
||||||
|
#define S32_4(x) ( (SHR32((x), 1)) ^ (x))
|
||||||
|
|
||||||
|
#define S32_5(x) ( (SHR32((x), 2)) ^ (x))
|
||||||
|
|
||||||
|
#define R32_1(x) (ROTL32((x), 3))
|
||||||
|
#define R32_2(x) (ROTL32((x), 7))
|
||||||
|
#define R32_3(x) (ROTL32((x), 13))
|
||||||
|
#define R32_4(x) (ROTL32((x), 16))
|
||||||
|
#define R32_5(x) (ROTR32((x), 13))
|
||||||
|
#define R32_6(x) (ROTR32((x), 9))
|
||||||
|
#define R32_7(x) (ROTR32((x), 5))
|
||||||
|
/*
|
||||||
|
#define K 0x05555555L
|
||||||
|
static
|
||||||
|
uint32_t k_lut[] PROGMEM = {
|
||||||
|
16L*K, 17L*K, 18L*K, 19L*K, 20L*K, 21L*K, 22L*K, 23L*K,
|
||||||
|
24L*K, 25L*K, 26L*K, 27L*K, 28L*K, 29L*K, 30L*K, 31L*K
|
||||||
|
};
|
||||||
|
*/
|
||||||
|
/* same as above but precomputed to avoid compiler warnings */
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t k_lut[] = {
|
||||||
|
0x55555550L, 0x5aaaaaa5L, 0x5ffffffaL,
|
||||||
|
0x6555554fL, 0x6aaaaaa4L, 0x6ffffff9L,
|
||||||
|
0x7555554eL, 0x7aaaaaa3L, 0x7ffffff8L,
|
||||||
|
0x8555554dL, 0x8aaaaaa2L, 0x8ffffff7L,
|
||||||
|
0x9555554cL, 0x9aaaaaa1L, 0x9ffffff6L,
|
||||||
|
0xa555554bL };
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t bmw_small_expand1(uint8_t j, const uint32_t* q, const void* m, const void* h){
|
||||||
|
uint32_t r;
|
||||||
|
/* r = 0x05555555*(j+16); */
|
||||||
|
r = ( ROTL32(((uint32_t*)m)[j&0xf], ((j+0)&0xf)+1 )
|
||||||
|
+ ROTL32(((uint32_t*)m)[(j+3)&0xf], ((j+3)&0xf)+1 )
|
||||||
|
- ROTL32(((uint32_t*)m)[(j+10)&0xf], ((j+10)&0xf)+1 )
|
||||||
|
+ k_lut[j]
|
||||||
|
) ^ ((uint32_t*)h)[(j+7)&0xf];
|
||||||
|
r += S32_1(q[j+ 0]) + S32_2(q[j+ 1]) + S32_3(q[j+ 2]) + S32_0(q[j+ 3]) +
|
||||||
|
S32_1(q[j+ 4]) + S32_2(q[j+ 5]) + S32_3(q[j+ 6]) + S32_0(q[j+ 7]) +
|
||||||
|
S32_1(q[j+ 8]) + S32_2(q[j+ 9]) + S32_3(q[j+10]) + S32_0(q[j+11]) +
|
||||||
|
S32_1(q[j+12]) + S32_2(q[j+13]) + S32_3(q[j+14]) + S32_0(q[j+15]);
|
||||||
|
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
uint32_t bmw_small_expand2(uint8_t j, const uint32_t* q, const void* m, const void* h){
|
||||||
|
uint32_t r;
|
||||||
|
r = ( ROTL32(((uint32_t*)m)[j&0xf], ((j+0)&0xf)+1 )
|
||||||
|
+ ROTL32(((uint32_t*)m)[(j+3)&0xf], ((j+3)&0xf)+1 )
|
||||||
|
- ROTL32(((uint32_t*)m)[(j+10)&0xf], ((j+10)&0xf)+1 )
|
||||||
|
+ k_lut[j]
|
||||||
|
) ^ ((uint32_t*)h)[(j+7)&0xf];
|
||||||
|
r += (q[j+ 0]) + R32_1(q[j+ 1]) + (q[j+ 2]) + R32_2(q[j+ 3]) +
|
||||||
|
(q[j+ 4]) + R32_3(q[j+ 5]) + (q[j+ 6]) + R32_4(q[j+ 7]) +
|
||||||
|
(q[j+ 8]) + R32_5(q[j+ 9]) + (q[j+10]) + R32_6(q[j+11]) +
|
||||||
|
(q[j+12]) + R32_7(q[j+13]) + S32_4(q[j+14]) + S32_5(q[j+15]);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static
|
||||||
|
void bmw_small_f0(uint32_t* q, uint32_t* h, const void* m){
|
||||||
|
uint8_t i;
|
||||||
|
i=15;
|
||||||
|
do{
|
||||||
|
((uint32_t*)h)[i] ^= ((uint32_t*)m)[i];
|
||||||
|
}while(i--);
|
||||||
|
dump_x(h, 16, 'T');
|
||||||
|
q[ 0] = (h[ 5] - h[ 7] + h[10] + h[13] + h[14]);
|
||||||
|
q[ 1] = (h[ 6] - h[ 8] + h[11] + h[14] - h[15]);
|
||||||
|
q[ 2] = (h[ 0] + h[ 7] + h[ 9] - h[12] + h[15]);
|
||||||
|
q[ 3] = (h[ 0] - h[ 1] + h[ 8] - h[10] + h[13]);
|
||||||
|
q[ 4] = (h[ 1] + h[ 2] + h[ 9] - h[11] - h[14]);
|
||||||
|
q[ 5] = (h[ 3] - h[ 2] + h[10] - h[12] + h[15]);
|
||||||
|
q[ 6] = (h[ 4] - h[ 0] - h[ 3] - h[11] + h[13]);
|
||||||
|
q[ 7] = (h[ 1] - h[ 4] - h[ 5] - h[12] - h[14]);
|
||||||
|
q[ 8] = (h[ 2] - h[ 5] - h[ 6] + h[13] - h[15]);
|
||||||
|
q[ 9] = (h[ 0] - h[ 3] + h[ 6] - h[ 7] + h[14]);
|
||||||
|
q[10] = (h[ 8] - h[ 1] - h[ 4] - h[ 7] + h[15]);
|
||||||
|
q[11] = (h[ 8] - h[ 0] - h[ 2] - h[ 5] + h[ 9]);
|
||||||
|
q[12] = (h[ 1] + h[ 3] - h[ 6] - h[ 9] + h[10]);
|
||||||
|
q[13] = (h[ 2] + h[ 4] + h[ 7] + h[10] + h[11]);
|
||||||
|
q[14] = (h[ 3] - h[ 5] + h[ 8] - h[11] - h[12]);
|
||||||
|
q[15] = (h[12] - h[ 4] - h[ 6] - h[ 9] + h[13]);
|
||||||
|
dump_x(q, 16, 'W');
|
||||||
|
q[ 0] = S32_0(q[ 0]); q[ 1] = S32_1(q[ 1]); q[ 2] = S32_2(q[ 2]); q[ 3] = S32_3(q[ 3]); q[ 4] = S32_4(q[ 4]);
|
||||||
|
q[ 5] = S32_0(q[ 5]); q[ 6] = S32_1(q[ 6]); q[ 7] = S32_2(q[ 7]); q[ 8] = S32_3(q[ 8]); q[ 9] = S32_4(q[ 9]);
|
||||||
|
q[10] = S32_0(q[10]); q[11] = S32_1(q[11]); q[12] = S32_2(q[12]); q[13] = S32_3(q[13]); q[14] = S32_4(q[14]);
|
||||||
|
q[15] = S32_0(q[15]);
|
||||||
|
i=15;
|
||||||
|
do{
|
||||||
|
q[(i+15)&15] += ((uint32_t*)h)[i] ^= ((uint32_t*)m)[i];
|
||||||
|
}while(i--);
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
void bmw_small_f1(uint32_t* q, const void* m, const void* h){
|
||||||
|
uint8_t i;
|
||||||
|
q[16] = bmw_small_expand1(0, q, m, h);
|
||||||
|
q[17] = bmw_small_expand1(1, q, m, h);
|
||||||
|
for(i=2; i<16; ++i){
|
||||||
|
q[16+i] = bmw_small_expand2(i, q, m, h);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
static
|
||||||
|
void bmw_small_f2(uint32_t* h, uint32_t* q, const void* m){
|
||||||
|
uint32_t xl=0, xh;
|
||||||
|
uint8_t i;
|
||||||
|
for(i=16;i<24;++i){
|
||||||
|
xl ^= q[i];
|
||||||
|
}
|
||||||
|
xh = xl;
|
||||||
|
for(i=24;i<32;++i){
|
||||||
|
xh ^= q[i];
|
||||||
|
}
|
||||||
|
#if DEBUG
|
||||||
|
cli_putstr("\r\n XL = ");
|
||||||
|
cli_hexdump_rev(&xl, 4);
|
||||||
|
cli_putstr("\r\n XH = ");
|
||||||
|
cli_hexdump_rev(&xh, 4);
|
||||||
|
#endif
|
||||||
|
memcpy(h, m, 16*4);
|
||||||
|
h[0] ^= SHL32(xh, 5) ^ SHR32(q[16], 5);
|
||||||
|
h[1] ^= SHR32(xh, 7) ^ SHL32(q[17], 8);
|
||||||
|
h[2] ^= SHR32(xh, 5) ^ SHL32(q[18], 5);
|
||||||
|
h[3] ^= SHR32(xh, 1) ^ SHL32(q[19], 5);
|
||||||
|
h[4] ^= SHR32(xh, 3) ^ q[20];
|
||||||
|
h[5] ^= SHL32(xh, 6) ^ SHR32(q[21], 6);
|
||||||
|
h[6] ^= SHR32(xh, 4) ^ SHL32(q[22], 6);
|
||||||
|
h[7] ^= SHR32(xh,11) ^ SHL32(q[23], 2);
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
h[i] += xl ^ q[24+i] ^ q[i];
|
||||||
|
}
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
h[8+i] ^= xh ^ q[24+i];
|
||||||
|
h[8+i] += ROTL32(h[(4+i)%8],i+9);
|
||||||
|
}
|
||||||
|
/*
|
||||||
|
h[ 8] += SHL32(xl, 8) ^ q[23] ^ q[ 8];
|
||||||
|
h[ 9] += SHR32(xl, 6) ^ q[16] ^ q[ 9];
|
||||||
|
h[10] += SHL32(xl, 6) ^ q[17] ^ q[10];
|
||||||
|
h[11] += SHL32(xl, 4) ^ q[18] ^ q[11];
|
||||||
|
h[12] += SHR32(xl, 3) ^ q[19] ^ q[12];
|
||||||
|
h[13] += SHR32(xl, 4) ^ q[20] ^ q[13];
|
||||||
|
h[14] += SHR32(xl, 7) ^ q[21] ^ q[14];
|
||||||
|
h[15] += SHR32(xl, 2) ^ q[22] ^ q[15];
|
||||||
|
*/
|
||||||
|
i=6;
|
||||||
|
do{
|
||||||
|
q[9+i] ^= q[16+i];
|
||||||
|
}while(i--);
|
||||||
|
q[8] ^= q[23];
|
||||||
|
h[ 8] += SHL32(xl, 8) ^ q[ 8];
|
||||||
|
h[ 9] += SHR32(xl, 6) ^ q[ 9];
|
||||||
|
h[10] += SHL32(xl, 6) ^ q[10];
|
||||||
|
h[11] += SHL32(xl, 4) ^ q[11];
|
||||||
|
h[12] += SHR32(xl, 3) ^ q[12];
|
||||||
|
h[13] += SHR32(xl, 4) ^ q[13];
|
||||||
|
h[14] += SHR32(xl, 7) ^ q[14];
|
||||||
|
h[15] += SHR32(xl, 2) ^ q[15];
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw_small_nextBlock(bmw_small_ctx_t* ctx, const void* block){
|
||||||
|
uint32_t q[32];
|
||||||
|
dump_x(block, 16, 'M');
|
||||||
|
bmw_small_f0(q, ctx->h, block);
|
||||||
|
dump_x(q, 16, 'Q');
|
||||||
|
bmw_small_f1(q, block, ctx->h);
|
||||||
|
dump_x(q, 32, 'Q');
|
||||||
|
bmw_small_f2(ctx->h, q, block);
|
||||||
|
ctx->counter += 1;
|
||||||
|
ctx_dump(ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw_small_lastBlock(bmw_small_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
uint8_t buffer[64];
|
||||||
|
while(length_b >= BMW_SMALL_BLOCKSIZE){
|
||||||
|
bmw_small_nextBlock(ctx, block);
|
||||||
|
length_b -= BMW_SMALL_BLOCKSIZE;
|
||||||
|
block = (uint8_t*)block + BMW_SMALL_BLOCKSIZE_B;
|
||||||
|
}
|
||||||
|
memset(buffer, 0, 64);
|
||||||
|
memcpy(buffer, block, (length_b+7)/8);
|
||||||
|
buffer[length_b>>3] |= 0x80 >> (length_b&0x07);
|
||||||
|
if(length_b+1>64*8-64){
|
||||||
|
bmw_small_nextBlock(ctx, buffer);
|
||||||
|
memset(buffer, 0, 64-8);
|
||||||
|
ctx->counter -= 1;
|
||||||
|
}
|
||||||
|
*((uint64_t*)&(buffer[64-8])) = (uint64_t)(ctx->counter*512LL)+(uint64_t)length_b;
|
||||||
|
bmw_small_nextBlock(ctx, buffer);
|
||||||
|
uint8_t i;
|
||||||
|
uint32_t q[32];
|
||||||
|
memset(buffer, 0xaa, 64);
|
||||||
|
for(i=0; i<16;++i){
|
||||||
|
buffer[i*4] = i+0xa0;
|
||||||
|
}
|
||||||
|
// dump_x(buffer, 16, 'A');
|
||||||
|
dump_x(ctx->h, 16, 'M');
|
||||||
|
bmw_small_f0(q, (uint32_t*)buffer, ctx->h);
|
||||||
|
dump_x(buffer, 16, 'a');
|
||||||
|
dump_x(q, 16, 'Q');
|
||||||
|
bmw_small_f1(q, ctx->h, (uint32_t*)buffer);
|
||||||
|
dump_x(q, 32, 'Q');
|
||||||
|
bmw_small_f2((uint32_t*)buffer, q, ctx->h);
|
||||||
|
memcpy(ctx->h, buffer, 64);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw224_init(bmw224_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
ctx->h[0] = 0x00010203;
|
||||||
|
for(i=1; i<16; ++i){
|
||||||
|
ctx->h[i] = ctx->h[i-1]+ 0x04040404;
|
||||||
|
}
|
||||||
|
ctx->counter=0;
|
||||||
|
ctx_dump(ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw256_init(bmw256_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
ctx->h[0] = 0x40414243;
|
||||||
|
for(i=1; i<16; ++i){
|
||||||
|
ctx->h[i] = ctx->h[i-1]+ 0x04040404;
|
||||||
|
}
|
||||||
|
ctx->counter=0;
|
||||||
|
ctx_dump(ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw224_nextBlock(bmw224_ctx_t* ctx, const void* block){
|
||||||
|
bmw_small_nextBlock(ctx, block);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw256_nextBlock(bmw256_ctx_t* ctx, const void* block){
|
||||||
|
bmw_small_nextBlock(ctx, block);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw224_lastBlock(bmw224_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
bmw_small_lastBlock(ctx, block, length_b);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw256_lastBlock(bmw256_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
bmw_small_lastBlock(ctx, block, length_b);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw224_ctx2hash(void* dest, const bmw224_ctx_t* ctx){
|
||||||
|
memcpy(dest, &(ctx->h[9]), 224/8);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw256_ctx2hash(void* dest, const bmw256_ctx_t* ctx){
|
||||||
|
memcpy(dest, &(ctx->h[8]), 256/8);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw224(void* dest, const void* msg, uint32_t length_b){
|
||||||
|
bmw_small_ctx_t ctx;
|
||||||
|
bmw224_init(&ctx);
|
||||||
|
while(length_b>=BMW_SMALL_BLOCKSIZE){
|
||||||
|
bmw_small_nextBlock(&ctx, msg);
|
||||||
|
length_b -= BMW_SMALL_BLOCKSIZE;
|
||||||
|
msg = (uint8_t*)msg + BMW_SMALL_BLOCKSIZE_B;
|
||||||
|
}
|
||||||
|
bmw_small_lastBlock(&ctx, msg, length_b);
|
||||||
|
bmw224_ctx2hash(dest, &ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void bmw256(void* dest, const void* msg, uint32_t length_b){
|
||||||
|
bmw_small_ctx_t ctx;
|
||||||
|
bmw256_init(&ctx);
|
||||||
|
while(length_b>=BMW_SMALL_BLOCKSIZE){
|
||||||
|
bmw_small_nextBlock(&ctx, msg);
|
||||||
|
length_b -= BMW_SMALL_BLOCKSIZE;
|
||||||
|
msg = (uint8_t*)msg + BMW_SMALL_BLOCKSIZE_B;
|
||||||
|
}
|
||||||
|
bmw_small_lastBlock(&ctx, msg, length_b);
|
||||||
|
bmw256_ctx2hash(dest, &ctx);
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,77 @@
|
||||||
|
|
||||||
|
|
||||||
|
q[ 0] = (+ h[ 5] - h[ 7] + h[10] + h[13] + h[14]);
|
||||||
|
q[ 1] = (+ h[ 6] - h[ 8] + h[11] + h[14] - h[15]);
|
||||||
|
q[ 2] = (+ h[ 7] + h[ 9] - h[12] + h[15] + h[ 0]);
|
||||||
|
q[ 3] = (+ h[ 8] - h[10] + h[13] + h[ 0] - h[ 1]);
|
||||||
|
q[ 4] = (+ h[ 9] - h[11] - h[14] + h[ 1] + h[ 2]);
|
||||||
|
q[ 5] = (+ h[10] - h[12] + h[15] - h[ 2] + h[ 3]);
|
||||||
|
q[ 6] = (- h[11] + h[13] - h[ 0] - h[ 3] + h[ 4]);
|
||||||
|
q[ 7] = (- h[12] - h[14] + h[ 1] - h[ 4] - h[ 5]);
|
||||||
|
q[ 8] = (+ h[13] - h[15] + h[ 2] - h[ 5] - h[ 6]);
|
||||||
|
q[ 9] = (+ h[14] + h[ 0] - h[ 3] + h[ 6] - h[ 7]);
|
||||||
|
q[10] = (+ h[15] - h[ 1] - h[ 4] - h[ 7] + h[ 8]);
|
||||||
|
q[11] = (- h[ 0] - h[ 2] - h[ 5] + h[ 8] + h[ 9]);
|
||||||
|
q[12] = (+ h[ 1] + h[ 3] - h[ 6] - h[ 9] + h[10]);
|
||||||
|
q[13] = (+ h[ 2] + h[ 4] + h[ 7] + h[10] + h[11]);
|
||||||
|
q[14] = (+ h[ 3] - h[ 5] + h[ 8] - h[11] - h[12]);
|
||||||
|
q[15] = (- h[ 4] - h[ 6] - h[ 9] + h[12] + h[13]);
|
||||||
|
|
||||||
|
##########################################################
|
||||||
|
|
||||||
|
1 := -
|
||||||
|
0 := +
|
||||||
|
|
||||||
|
|
||||||
|
+---------- 0x0311
|
||||||
|
| +-------- 0xDDB3
|
||||||
|
| | +------ 0x2A79
|
||||||
|
| | | +---- 0x07AA
|
||||||
|
| | | | +-- 0x51C2
|
||||||
|
| | | | |
|
||||||
|
---------------
|
||||||
|
0: 0 1 0 0 0 + - + + +
|
||||||
|
1: 0 1 0 0 1 + - + + -
|
||||||
|
2: 0 0 1 0 0 + + - + +
|
||||||
|
3: 0 1 0 0 1 + - + + -
|
||||||
|
---------------
|
||||||
|
4: 0 1 1 0 0 + - - + +
|
||||||
|
5: 0 1 0 1 0 + - + - +
|
||||||
|
6: 1 0 1 1 0 - + - - +
|
||||||
|
7: 1 1 0 1 1 - - + - -
|
||||||
|
---------------
|
||||||
|
8: 0 1 0 1 1 + - + - -
|
||||||
|
9: 0 0 1 0 1 + + - + -
|
||||||
|
10: 0 1 1 1 0 + - - - +
|
||||||
|
11: 1 1 1 0 0 - - - + +
|
||||||
|
---------------
|
||||||
|
12: 0 0 1 1 0 + + - - +
|
||||||
|
13: 0 0 0 0 0 + + + + +
|
||||||
|
14: 0 1 0 1 1 + - + - -
|
||||||
|
15: 1 1 1 0 0 - - - + +
|
||||||
|
---------------
|
||||||
|
| | | | |
|
||||||
|
| | | | +-- 0x438A
|
||||||
|
| | | +---- 0x55E0
|
||||||
|
| | +------ 0x9E54
|
||||||
|
| +-------- 0xCDBB
|
||||||
|
+---------- 0x88C0
|
||||||
|
|
||||||
|
####################################################
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,129 @@
|
||||||
|
/-------------- 3 --------------\
|
||||||
|
| |
|
||||||
|
+-- 2 --v-- 3 --v-- 3 --v-- 1 --+
|
||||||
|
| | | | |
|
||||||
|
q[ 0] = (+ h[ 5] - h[ 7] + h[10] + h[13] + h[14]);
|
||||||
|
q[ 1] = (+ h[ 6] - h[ 8] + h[11] + h[14] - h[15]);
|
||||||
|
q[ 2] = (+ h[ 7] + h[ 9] - h[12] + h[15] + h[ 0]);
|
||||||
|
q[ 3] = (+ h[ 8] - h[10] + h[13] + h[ 0] - h[ 1]);
|
||||||
|
q[ 4] = (+ h[ 9] - h[11] - h[14] + h[ 1] + h[ 2]);
|
||||||
|
q[ 5] = (+ h[10] - h[12] + h[15] - h[ 2] + h[ 3]);
|
||||||
|
q[ 6] = (- h[11] + h[13] - h[ 0] - h[ 3] + h[ 4]);
|
||||||
|
q[ 7] = (- h[12] - h[14] + h[ 1] - h[ 4] - h[ 5]);
|
||||||
|
q[ 8] = (+ h[13] - h[15] + h[ 2] - h[ 5] - h[ 6]);
|
||||||
|
q[ 9] = (+ h[14] + h[ 0] - h[ 3] + h[ 6] - h[ 7]);
|
||||||
|
q[10] = (+ h[15] - h[ 1] - h[ 4] - h[ 7] + h[ 8]);
|
||||||
|
q[11] = (- h[ 0] - h[ 2] - h[ 5] + h[ 8] + h[ 9]);
|
||||||
|
q[12] = (+ h[ 1] + h[ 3] - h[ 6] - h[ 9] + h[10]);
|
||||||
|
q[13] = (+ h[ 2] + h[ 4] + h[ 7] + h[10] + h[11]);
|
||||||
|
q[14] = (+ h[ 3] - h[ 5] + h[ 8] - h[11] - h[12]);
|
||||||
|
q[15] = (- h[ 4] - h[ 6] - h[ 9] + h[12] + h[13]);
|
||||||
|
|
||||||
|
A B C D E F G
|
||||||
|
q[ 0] = (+ h[ 5] - h[ 7] + h[10] + h[13] + h[14]);
|
||||||
|
q[ 3] = (+ h[ 8] - h[10] + h[13] + h[ 0] - h[ 1]);
|
||||||
|
q[ 6] = (- h[11] + h[13] - h[ 0] - h[ 3] + h[ 4]);
|
||||||
|
q[ 9] = (+ h[14] + h[ 0] - h[ 3] + h[ 6] - h[ 7]);
|
||||||
|
q[12] = (+ h[ 1] + h[ 3] - h[ 6] - h[ 9] + h[10]);
|
||||||
|
q[15] = (- h[ 4] - h[ 6] - h[ 9] + h[12] + h[13]);
|
||||||
|
q[ 2] = (+ h[ 7] + h[ 9] - h[12] + h[15] + h[ 0]);
|
||||||
|
q[ 5] = (+ h[10] - h[12] + h[15] - h[ 2] + h[ 3]);
|
||||||
|
q[ 8] = (+ h[13] - h[15] + h[ 2] - h[ 5] - h[ 6]);
|
||||||
|
q[11] = (- h[ 0] - h[ 2] - h[ 5] + h[ 8] + h[ 9]);
|
||||||
|
q[14] = (+ h[ 3] - h[ 5] + h[ 8] - h[11] - h[12]);
|
||||||
|
q[ 1] = (+ h[ 6] - h[ 8] + h[11] + h[14] - h[15]);
|
||||||
|
q[ 4] = (+ h[ 9] - h[11] - h[14] + h[ 1] + h[ 2]);
|
||||||
|
q[ 7] = (- h[12] - h[14] + h[ 1] - h[ 4] - h[ 5]);
|
||||||
|
q[10] = (+ h[15] - h[ 1] - h[ 4] - h[ 7] + h[ 8]);
|
||||||
|
q[13] = (+ h[ 2] + h[ 4] + h[ 7] + h[10] + h[11]);
|
||||||
|
;-- (1)
|
||||||
|
Q = 0; A=5; B=7; C=10; D=13; E=14; F=11; G=8;
|
||||||
|
Q = * A * B * C * D * E
|
||||||
|
Q+=3; A=G; G=F; F=E; E+=3; B=C; C=D; D+=3;
|
||||||
|
;-- (2)
|
||||||
|
G=5; F=8; E=11; C=7; D=10;
|
||||||
|
|
||||||
|
|
||||||
|
/* signs */
|
||||||
|
|
||||||
|
+-+++
|
||||||
|
+-++-
|
||||||
|
-+--+
|
||||||
|
++-+-
|
||||||
|
++--+
|
||||||
|
---++
|
||||||
|
++-++
|
||||||
|
+-+-+
|
||||||
|
+-+--
|
||||||
|
---++
|
||||||
|
+-+--
|
||||||
|
+-++-
|
||||||
|
+--++
|
||||||
|
--+--
|
||||||
|
+---+
|
||||||
|
+++++
|
||||||
|
|
||||||
|
+---------- 0x4222 / 0x2224
|
||||||
|
| +-------- 0x3AF7 / 0x7FA3
|
||||||
|
| | +------ 0xC725 / 0x527C
|
||||||
|
| | | +---- 0x4956 / 0x6594
|
||||||
|
| | | | +-- 0x50D2 / 0x2D05
|
||||||
|
| | | | |
|
||||||
|
;----------
|
||||||
|
0 1 0 0 0 -- 0x08
|
||||||
|
0 1 0 0 1 -- 0x09
|
||||||
|
1 0 1 1 0 -- 0x16
|
||||||
|
0 0 1 0 1 -- 0x05
|
||||||
|
;----------
|
||||||
|
0 0 1 1 0 -- 0x06
|
||||||
|
1 1 1 0 0 -- 0x1C
|
||||||
|
0 0 1 0 0 -- 0x04
|
||||||
|
0 1 0 1 0 -- 0x0A
|
||||||
|
;----------
|
||||||
|
0 1 0 1 1 -- 0x0B
|
||||||
|
1 1 1 0 0 -- 0x1C
|
||||||
|
0 1 0 1 1 -- 0x0B
|
||||||
|
0 1 0 0 1 -- 0x09
|
||||||
|
;----------
|
||||||
|
0 1 1 0 0 -- 0x0C
|
||||||
|
1 1 0 1 1 -- 0x1B
|
||||||
|
0 1 1 1 0 -- 0x0E
|
||||||
|
0 0 0 0 0 -- 0x00
|
||||||
|
;---------
|
||||||
|
|
||||||
|
/* signs (in order 0..15) */
|
||||||
|
+-+++
|
||||||
|
+-++-
|
||||||
|
++-++
|
||||||
|
+-++-
|
||||||
|
+--++
|
||||||
|
+-+-+
|
||||||
|
-+--+
|
||||||
|
--+--
|
||||||
|
+-+--
|
||||||
|
++-+-
|
||||||
|
+---+
|
||||||
|
---++
|
||||||
|
++--+
|
||||||
|
+++++
|
||||||
|
+-+--
|
||||||
|
---++
|
||||||
|
|
||||||
|
0 1 0 0 0 -- 0x08
|
||||||
|
0 1 0 0 1 -- 0x09
|
||||||
|
0 0 1 0 0 -- 0x04
|
||||||
|
0 1 0 0 1 -- 0x05
|
||||||
|
0 1 1 0 0 -- 0x0C
|
||||||
|
0 1 0 1 0 -- 0x0A
|
||||||
|
1 0 1 1 0 -- 0x16
|
||||||
|
1 1 0 1 1 -- 0x1D
|
||||||
|
0 1 0 1 1 -- 0x0D
|
||||||
|
0 0 1 0 1 -- 0x05
|
||||||
|
0 1 1 1 0 -- 0x0E
|
||||||
|
1 1 1 0 0 -- 0x1C
|
||||||
|
0 0 1 1 0 -- 0x06
|
||||||
|
0 0 0 0 0 -- 0x00
|
||||||
|
0 1 0 1 1 -- 0x0D
|
||||||
|
1 1 1 0 0 -- 0x1C
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,12 @@
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
#include "memxor.h"
|
||||||
|
|
||||||
|
void memxor(void* dest, const void* src, uint16_t n){
|
||||||
|
while(n--){
|
||||||
|
*((uint8_t*)dest) ^= *((uint8_t*)src);
|
||||||
|
dest = (uint8_t*)dest +1;
|
||||||
|
src = (uint8_t*)src +1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
#ifndef MEMXOR_H_
|
||||||
|
#define MEMXOR_H_
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
void memxor(void* dest, const void* src, uint16_t n);
|
||||||
|
|
||||||
|
#endif
|
|
@ -0,0 +1,181 @@
|
||||||
|
/* cubehash.c */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file cubehash.c
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2010-02-20
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#include "memxor.h"
|
||||||
|
#include "cubehash.h"
|
||||||
|
#include <string.h>
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
static uint32_t rol32(uint32_t a, uint8_t r){
|
||||||
|
return (a<<r)|(a>>(32-r));
|
||||||
|
}
|
||||||
|
/*
|
||||||
|
• Add x_0jklm into x_1jklm modulo 232 , for each (j, k, l, m).
|
||||||
|
• Rotate x_0jklm upwards by 7 bits, for each (j, k, l, m).
|
||||||
|
• Swap x_00klm with x_01klm , for each (k, l, m).
|
||||||
|
• Xor x_1jklm into x_0jklm , for each (j, k, l, m).
|
||||||
|
• Swap x_1jk0m with x_1jk1m , for each (j, k, m).
|
||||||
|
• Add x_0jklm into x_1jklm modulo 232 , for each (j, k, l, m).
|
||||||
|
• Rotate x_0jklm upwards by 11 bits, for each (j, k, l, m).
|
||||||
|
• Swap x_0j0lm with x_0j1lm , for each (j, l, m).
|
||||||
|
• Xor x_1jklm into x_0jklm , for each (j, k, l, m).
|
||||||
|
• Swap x_1jkl0 with x_1jkl1 , for each (j, k, l).
|
||||||
|
*/
|
||||||
|
|
||||||
|
static void cubehash_round(cubehash_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
uint32_t t;
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
ctx->a[i+16] += ctx->a[i];
|
||||||
|
}
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
ctx->a[i] = rol32(ctx->a[i], 7);
|
||||||
|
}
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
t = ctx->a[i];
|
||||||
|
ctx->a[i] = ctx->a[i+8];
|
||||||
|
ctx->a[i+8] = t;
|
||||||
|
}
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
ctx->a[i] ^= ctx->a[i+16];
|
||||||
|
}
|
||||||
|
for(i=16; i<4*4+16; i+=4){
|
||||||
|
t = ctx->a[i];
|
||||||
|
ctx->a[i] = ctx->a[i+2];
|
||||||
|
ctx->a[i+2] = t;
|
||||||
|
t = ctx->a[i+1];
|
||||||
|
ctx->a[i+1] = ctx->a[i+3];
|
||||||
|
ctx->a[i+3] = t;
|
||||||
|
}
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
ctx->a[i+16] += ctx->a[i];
|
||||||
|
}
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
ctx->a[i] = rol32(ctx->a[i], 11);
|
||||||
|
}
|
||||||
|
for(i=0; i<4; ++i){
|
||||||
|
t = ctx->a[i];
|
||||||
|
ctx->a[i] = ctx->a[i+4];
|
||||||
|
ctx->a[i+4] = t;
|
||||||
|
}
|
||||||
|
for(i=8; i<4+8; ++i){
|
||||||
|
t = ctx->a[i];
|
||||||
|
ctx->a[i] = ctx->a[i+4];
|
||||||
|
ctx->a[i+4] = t;
|
||||||
|
}
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
ctx->a[i] ^= ctx->a[i+16];
|
||||||
|
}
|
||||||
|
for(i=16; i<16+16; i+=2){
|
||||||
|
t = ctx->a[i];
|
||||||
|
ctx->a[i] = ctx->a[i+1];
|
||||||
|
ctx->a[i+1] = t;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void cubehash_init(uint8_t r, uint8_t b, uint16_t h, cubehash_ctx_t* ctx){
|
||||||
|
memset(ctx->a, 0, 32*4);
|
||||||
|
ctx->a[0] = h/8;
|
||||||
|
ctx->a[1] = b;
|
||||||
|
ctx->a[2] = r;
|
||||||
|
ctx->rounds = r;
|
||||||
|
ctx->blocksize_B = b;
|
||||||
|
for(b=0; b<10*r; ++b){
|
||||||
|
cubehash_round(ctx);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void cubehash_nextBlock(cubehash_ctx_t* ctx, void* block){
|
||||||
|
uint8_t i;
|
||||||
|
memxor(ctx->a, block, ctx->blocksize_B);
|
||||||
|
for(i=0; i<ctx->rounds; ++i){
|
||||||
|
cubehash_round(ctx);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void cubehash_lastBlock(cubehash_ctx_t* ctx, void* block, uint16_t length_b){
|
||||||
|
while(length_b>=ctx->blocksize_B*8){
|
||||||
|
cubehash_nextBlock(ctx, block);
|
||||||
|
block = (uint8_t*)block + ctx->blocksize_B;
|
||||||
|
length_b -= ctx->blocksize_B*8;
|
||||||
|
}
|
||||||
|
uint8_t buffer[ctx->blocksize_B];
|
||||||
|
uint8_t i;
|
||||||
|
memset(buffer, 0, ctx->blocksize_B);
|
||||||
|
memcpy(buffer, block, (length_b+7)/8);
|
||||||
|
buffer[length_b/8] |= 0x80 >> (length_b&7);
|
||||||
|
cubehash_nextBlock(ctx, buffer);
|
||||||
|
ctx->a[31] ^= 1;
|
||||||
|
for(i=0; i<10*(ctx->rounds); ++i){
|
||||||
|
cubehash_round(ctx);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void cubehash_ctx2hash(void* dest, uint16_t length_b, cubehash_ctx_t* ctx){
|
||||||
|
memcpy(dest, ctx->a, (length_b+7)/8);
|
||||||
|
}
|
||||||
|
|
||||||
|
/******************************************************************************/
|
||||||
|
|
||||||
|
void cubehash224_init(cubehash_ctx_t* ctx){
|
||||||
|
cubehash_init(16, 32, 224, ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void cubehash224_ctx2hash(void* dest, cubehash_ctx_t* ctx){
|
||||||
|
cubehash_ctx2hash(dest, 224, ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
/******************************************************************************/
|
||||||
|
|
||||||
|
void cubehash256_init(cubehash_ctx_t* ctx){
|
||||||
|
cubehash_init(16, 32, 256, ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void cubehash256_ctx2hash(void* dest, cubehash_ctx_t* ctx){
|
||||||
|
cubehash_ctx2hash(dest, 256, ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
/******************************************************************************/
|
||||||
|
|
||||||
|
void cubehash384_init(cubehash_ctx_t* ctx){
|
||||||
|
cubehash_init(16, 32, 384, ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void cubehash384_ctx2hash(void* dest, cubehash_ctx_t* ctx){
|
||||||
|
cubehash_ctx2hash(dest, 384, ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
/******************************************************************************/
|
||||||
|
|
||||||
|
void cubehash512_init(cubehash_ctx_t* ctx){
|
||||||
|
cubehash_init(16, 32, 512, ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void cubehash512_ctx2hash(void* dest, cubehash_ctx_t* ctx){
|
||||||
|
cubehash_ctx2hash(dest, 512, ctx);
|
||||||
|
}
|
|
@ -0,0 +1,57 @@
|
||||||
|
/* cubehash.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef CUBEHASH_H_
|
||||||
|
#define CUBEHASH_H_
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
#define CUBEHASH224_BLOCKSIZE 256
|
||||||
|
#define CUBEHASH224_BLOCKSIZE_B ((CUBEHASH224_BLOCKSIZE+7)/8)
|
||||||
|
#define CUBEHASH256_BLOCKSIZE 256
|
||||||
|
#define CUBEHASH256_BLOCKSIZE_B ((CUBEHASH256_BLOCKSIZE+7)/8)
|
||||||
|
#define CUBEHASH384_BLOCKSIZE 256
|
||||||
|
#define CUBEHASH384_BLOCKSIZE_B ((CUBEHASH284_BLOCKSIZE+7)/8)
|
||||||
|
#define CUBEHASH512_BLOCKSIZE 256
|
||||||
|
#define CUBEHASH512_BLOCKSIZE_B ((CUBEHASH512_BLOCKSIZE+7)/8)
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
uint32_t a[32];
|
||||||
|
uint8_t rounds;
|
||||||
|
uint8_t blocksize_B;
|
||||||
|
} cubehash_ctx_t;
|
||||||
|
|
||||||
|
void cubehash_init(uint8_t r, uint8_t b, uint16_t h, cubehash_ctx_t* ctx);
|
||||||
|
void cubehash_nextBlock(cubehash_ctx_t* ctx, void* block);
|
||||||
|
void cubehash_lastBlock(cubehash_ctx_t* ctx, void* block, uint16_t length_b);
|
||||||
|
void cubehash_ctx2hash(void* dest, uint16_t length_b, cubehash_ctx_t* ctx);
|
||||||
|
|
||||||
|
void cubehash224_init(cubehash_ctx_t* ctx);
|
||||||
|
void cubehash224_ctx2hash(void* dest, cubehash_ctx_t* ctx);
|
||||||
|
|
||||||
|
void cubehash256_init(cubehash_ctx_t* ctx);
|
||||||
|
void cubehash256_ctx2hash(void* dest, cubehash_ctx_t* ctx);
|
||||||
|
|
||||||
|
void cubehash384_init(cubehash_ctx_t* ctx);
|
||||||
|
void cubehash384_ctx2hash(void* dest, cubehash_ctx_t* ctx);
|
||||||
|
|
||||||
|
void cubehash512_init(cubehash_ctx_t* ctx);
|
||||||
|
void cubehash512_ctx2hash(void* dest, cubehash_ctx_t* ctx);
|
||||||
|
|
||||||
|
#endif /* CUBEHASH_H_ */
|
|
@ -0,0 +1,12 @@
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
#include "memxor.h"
|
||||||
|
|
||||||
|
void memxor(void* dest, const void* src, uint16_t n){
|
||||||
|
while(n--){
|
||||||
|
*((uint8_t*)dest) ^= *((uint8_t*)src);
|
||||||
|
dest = (uint8_t*)dest +1;
|
||||||
|
src = (uint8_t*)src +1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
#ifndef MEMXOR_H_
|
||||||
|
#define MEMXOR_H_
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
void memxor(void* dest, const void* src, uint16_t n);
|
||||||
|
|
||||||
|
#endif
|
|
@ -0,0 +1,78 @@
|
||||||
|
/* aes-round.c */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
#include "aes_enc_round.h"
|
||||||
|
#include "gf256mul.h"
|
||||||
|
#include "aes_sbox.h"
|
||||||
|
|
||||||
|
static
|
||||||
|
void aes_shiftcol(void* data, uint8_t shift){
|
||||||
|
uint8_t tmp[4];
|
||||||
|
tmp[0] = ((uint8_t*)data)[ 0];
|
||||||
|
tmp[1] = ((uint8_t*)data)[ 4];
|
||||||
|
tmp[2] = ((uint8_t*)data)[ 8];
|
||||||
|
tmp[3] = ((uint8_t*)data)[12];
|
||||||
|
((uint8_t*)data)[ 0] = tmp[(shift+0)&3];
|
||||||
|
((uint8_t*)data)[ 4] = tmp[(shift+1)&3];
|
||||||
|
((uint8_t*)data)[ 8] = tmp[(shift+2)&3];
|
||||||
|
((uint8_t*)data)[12] = tmp[(shift+3)&3];
|
||||||
|
}
|
||||||
|
|
||||||
|
#define GF256MUL_1(a) (a)
|
||||||
|
#define GF256MUL_2(a) (gf256mul(2, (a), 0x1b))
|
||||||
|
#define GF256MUL_3(a) (gf256mul(3, (a), 0x1b))
|
||||||
|
|
||||||
|
void aes_enc_round(aes_cipher_state_t* state, const aes_roundkey_t* k){
|
||||||
|
uint8_t tmp[16], t;
|
||||||
|
uint8_t i;
|
||||||
|
/* subBytes */
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
tmp[i] = aes_sbox[state->s[i]];
|
||||||
|
}
|
||||||
|
/* shiftRows */
|
||||||
|
aes_shiftcol(tmp+1, 1);
|
||||||
|
aes_shiftcol(tmp+2, 2);
|
||||||
|
aes_shiftcol(tmp+3, 3);
|
||||||
|
/* mixColums */
|
||||||
|
for(i=0; i<4; ++i){
|
||||||
|
t = tmp[4*i+0] ^ tmp[4*i+1] ^ tmp[4*i+2] ^ tmp[4*i+3];
|
||||||
|
state->s[4*i+0] =
|
||||||
|
GF256MUL_2(tmp[4*i+0]^tmp[4*i+1])
|
||||||
|
^ tmp[4*i+0]
|
||||||
|
^ t;
|
||||||
|
state->s[4*i+1] =
|
||||||
|
GF256MUL_2(tmp[4*i+1]^tmp[4*i+2])
|
||||||
|
^ tmp[4*i+1]
|
||||||
|
^ t;
|
||||||
|
state->s[4*i+2] =
|
||||||
|
GF256MUL_2(tmp[4*i+2]^tmp[4*i+3])
|
||||||
|
^ tmp[4*i+2]
|
||||||
|
^ t;
|
||||||
|
state->s[4*i+3] =
|
||||||
|
GF256MUL_2(tmp[4*i+3]^tmp[4*i+0])
|
||||||
|
^ tmp[4*i+3]
|
||||||
|
^ t;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* addKey */
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
state->s[i] ^= k->ks[i];
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,34 @@
|
||||||
|
/* aes_enc_round.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef AES_ENC_ROUND_H_
|
||||||
|
#define AES_ENC_ROUND_H_
|
||||||
|
|
||||||
|
typedef struct{
|
||||||
|
uint8_t s[16];
|
||||||
|
} aes_cipher_state_t;
|
||||||
|
|
||||||
|
typedef struct{
|
||||||
|
uint8_t ks[16];
|
||||||
|
} aes_roundkey_t;
|
||||||
|
|
||||||
|
void aes_enc_round(aes_cipher_state_t* state, const aes_roundkey_t* k);
|
||||||
|
|
||||||
|
|
||||||
|
#endif /* AES_ENC_ROUND_H_ */
|
|
@ -0,0 +1,39 @@
|
||||||
|
/* aes sbox */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
const uint8_t aes_sbox[256] = {
|
||||||
|
0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
|
||||||
|
0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
|
||||||
|
0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
|
||||||
|
0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
|
||||||
|
0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
|
||||||
|
0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
|
||||||
|
0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
|
||||||
|
0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
|
||||||
|
0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
|
||||||
|
0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
|
||||||
|
0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
|
||||||
|
0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
|
||||||
|
0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
|
||||||
|
0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
|
||||||
|
0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
|
||||||
|
0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
|
||||||
|
};
|
||||||
|
|
|
@ -0,0 +1,33 @@
|
||||||
|
/* aes_sbox.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file aes_sbox.h
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2008-12-30
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#ifndef AES_SBOX_H_
|
||||||
|
#define AES_SBOX_H_
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
extern const uint8_t aes_sbox[];
|
||||||
|
|
||||||
|
#endif
|
|
@ -0,0 +1,335 @@
|
||||||
|
/* echo.c */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#include "echo.h"
|
||||||
|
#include "gf256mul.h"
|
||||||
|
#include "memxor.h"
|
||||||
|
#include "aes_enc_round.h"
|
||||||
|
#include <stdint.h>
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
|
#ifdef DEBUG
|
||||||
|
#undef DEBUG
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#define DEBUG 0
|
||||||
|
|
||||||
|
#if DEBUG
|
||||||
|
#define DEBUG_DEPTH 2
|
||||||
|
#include "cli.h"
|
||||||
|
#endif
|
||||||
|
|
||||||
|
|
||||||
|
#define INDEX(c,r) ((c)*16*4+(r)*16)
|
||||||
|
|
||||||
|
#define GF256MUL_1(a) (a)
|
||||||
|
#define GF256MUL_2(a) (gf256mul(2, (a), 0x1b))
|
||||||
|
#define GF256MUL_3(a) (gf256mul(3, (a), 0x1b))
|
||||||
|
|
||||||
|
static void mixcol(uint8_t* s){
|
||||||
|
uint8_t t, tmp[4];
|
||||||
|
tmp[0] = *(s+16*0);
|
||||||
|
tmp[1] = *(s+16*1);
|
||||||
|
tmp[2] = *(s+16*2);
|
||||||
|
tmp[3] = *(s+16*3);
|
||||||
|
|
||||||
|
t = tmp[0] ^ tmp[1] ^ tmp[2] ^ tmp[3];
|
||||||
|
*(s+16*0) =
|
||||||
|
GF256MUL_2(tmp[0]^tmp[1])
|
||||||
|
^ tmp[0]
|
||||||
|
^ t;
|
||||||
|
*(s+16*1) =
|
||||||
|
GF256MUL_2(tmp[1]^tmp[2])
|
||||||
|
^ tmp[1]
|
||||||
|
^ t;
|
||||||
|
*(s+16*2) =
|
||||||
|
GF256MUL_2(tmp[2]^tmp[3])
|
||||||
|
^ tmp[2]
|
||||||
|
^ t;
|
||||||
|
*(s+16*3) =
|
||||||
|
GF256MUL_2(tmp[3]^tmp[0])
|
||||||
|
^ tmp[3]
|
||||||
|
^ t;
|
||||||
|
}
|
||||||
|
|
||||||
|
#if DEBUG
|
||||||
|
static void dump_state(void* s){
|
||||||
|
uint8_t row, col;
|
||||||
|
for(col=0; col<4; col++){
|
||||||
|
for(row=0; row<4; row++){
|
||||||
|
cli_putstr("\r\nrow ");
|
||||||
|
cli_putc('0'+row);
|
||||||
|
cli_putstr(", col ");
|
||||||
|
cli_putc('0'+col);
|
||||||
|
cli_putstr(": ");
|
||||||
|
cli_hexdump((uint8_t*)s+col*16*4+row*16, 4);
|
||||||
|
cli_putc(' ');
|
||||||
|
cli_hexdump((uint8_t*)s+col*16*4+row*16+ 4, 4);
|
||||||
|
cli_putc(' ');
|
||||||
|
cli_hexdump((uint8_t*)s+col*16*4+row*16+ 8, 4);
|
||||||
|
cli_putc(' ');
|
||||||
|
cli_hexdump((uint8_t*)s+col*16*4+row*16+12, 4);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
static void echo_compress(uint8_t* s, uint8_t iterations, uint64_t* c, void* salt){
|
||||||
|
uint8_t i, j;
|
||||||
|
uint8_t k[16];
|
||||||
|
#if DEBUG
|
||||||
|
uint8_t round=0;
|
||||||
|
#endif
|
||||||
|
memcpy(k, c, 8);
|
||||||
|
memset(k+8, 0, 8);
|
||||||
|
do{
|
||||||
|
/* BIG.SubWords */
|
||||||
|
#if DEBUG
|
||||||
|
cli_putstr("\r\n === ROUND ");
|
||||||
|
cli_putc('0'+round);
|
||||||
|
cli_putstr(" ===");
|
||||||
|
if(round<DEBUG_DEPTH){
|
||||||
|
dump_state(s);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
aes_enc_round((aes_cipher_state_t*)(s+16*i), (aes_roundkey_t*)k);
|
||||||
|
aes_enc_round((aes_cipher_state_t*)(s+16*i), (aes_roundkey_t*)salt);
|
||||||
|
*((uint64_t*)(k)) += 1;
|
||||||
|
}
|
||||||
|
#if DEBUG
|
||||||
|
if(round<DEBUG_DEPTH){
|
||||||
|
cli_putstr("\r\nAfter SubWords");
|
||||||
|
dump_state(s);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
/* BIG.ShiftRows */
|
||||||
|
uint8_t t[16];
|
||||||
|
/* "Row" 1 */
|
||||||
|
memcpy(t, s+INDEX(0, 1), 16);
|
||||||
|
memcpy(s+INDEX(0, 1), s+INDEX(1, 1), 16);
|
||||||
|
memcpy(s+INDEX(1, 1), s+INDEX(2, 1), 16);
|
||||||
|
memcpy(s+INDEX(2, 1), s+INDEX(3, 1), 16);
|
||||||
|
memcpy(s+INDEX(3, 1), t, 16);
|
||||||
|
/* "Row" 2 */
|
||||||
|
memcpy(t, s+INDEX(0, 2), 16);
|
||||||
|
memcpy(s+INDEX(0, 2), s+INDEX(2, 2), 16);
|
||||||
|
memcpy(s+INDEX(2, 2), t, 16);
|
||||||
|
memcpy(t, s+INDEX(1, 2), 16);
|
||||||
|
memcpy(s+INDEX(1, 2), s+INDEX(3, 2), 16);
|
||||||
|
memcpy(s+INDEX(3, 2), t, 16);
|
||||||
|
/* "Row" 3 */
|
||||||
|
memcpy(t, s+INDEX(0, 3), 16);
|
||||||
|
memcpy(s+INDEX(0, 3), s+INDEX(3, 3), 16);
|
||||||
|
memcpy(s+INDEX(3, 3), s+INDEX(2, 3), 16);
|
||||||
|
memcpy(s+INDEX(2, 3), s+INDEX(1, 3), 16);
|
||||||
|
memcpy(s+INDEX(1, 3), t, 16);
|
||||||
|
#if DEBUG
|
||||||
|
if(round<DEBUG_DEPTH){
|
||||||
|
cli_putstr("\r\nAfter ShiftRows");
|
||||||
|
dump_state(s);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
/* BIG.MixColumns */
|
||||||
|
for(i=0; i<4; i+=1){
|
||||||
|
for(j=0; j<16; ++j){
|
||||||
|
mixcol(s+i*64+j);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#if DEBUG
|
||||||
|
if(round<DEBUG_DEPTH){
|
||||||
|
cli_putstr("\r\nAfter MixColumns");
|
||||||
|
dump_state(s);
|
||||||
|
}
|
||||||
|
round++;
|
||||||
|
#endif
|
||||||
|
}while(--iterations);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/******************************************************************************/
|
||||||
|
|
||||||
|
static void compress512(void* v, void* m, uint64_t* c, void* salt){
|
||||||
|
uint8_t s[16*16];
|
||||||
|
uint8_t i;
|
||||||
|
memcpy(s, v, 16*4); /* load v into state */
|
||||||
|
memcpy(s+16*4, m, 16*12); /* load m into state */
|
||||||
|
|
||||||
|
echo_compress(s, 8, c, salt);
|
||||||
|
|
||||||
|
/* BIG.Final */
|
||||||
|
for(i=0; i<3; ++i){
|
||||||
|
memxor(v, (uint8_t*)m+4*16*i, 4*16);
|
||||||
|
}
|
||||||
|
for(i=0; i<4; ++i){
|
||||||
|
memxor(v, s+4*16*i, 4*16);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
static void compress1024(void* v, void* m, uint64_t* c, void* salt){
|
||||||
|
uint8_t s[16*16];
|
||||||
|
memcpy(s, v, 16*8); /* load v into state */
|
||||||
|
memcpy(s+16*8, m, 16*8); /* load m into state */
|
||||||
|
|
||||||
|
echo_compress(s, 10, c, salt);
|
||||||
|
|
||||||
|
/* BIG.Final */
|
||||||
|
memxor(v, m, 16*8);
|
||||||
|
memxor(v, s, 16*8);
|
||||||
|
memxor(v, s+16*8, 16*8);
|
||||||
|
}
|
||||||
|
|
||||||
|
/******************************************************************************/
|
||||||
|
|
||||||
|
void echo_small_nextBlock(echo_small_ctx_t* ctx, void* block){
|
||||||
|
ctx->counter += ECHO_SMALL_BLOCKSIZE;
|
||||||
|
compress512(ctx->v, block, &(ctx->counter), ctx->salt);
|
||||||
|
}
|
||||||
|
|
||||||
|
void echo_small_lastBlock(echo_small_ctx_t* ctx, void* block, uint16_t length_b){
|
||||||
|
while(length_b>=ECHO_SMALL_BLOCKSIZE){
|
||||||
|
echo_small_nextBlock(ctx, block);
|
||||||
|
block = (uint8_t*)block + ECHO_SMALL_BLOCKSIZE_B;
|
||||||
|
length_b -= ECHO_SMALL_BLOCKSIZE;
|
||||||
|
}
|
||||||
|
uint8_t buffer[ECHO_SMALL_BLOCKSIZE_B];
|
||||||
|
uint64_t total_len;
|
||||||
|
memset(buffer, 0, ECHO_SMALL_BLOCKSIZE_B);
|
||||||
|
memcpy(buffer, block, (length_b+7)/8);
|
||||||
|
buffer[length_b/8] |= 0x80 >> (length_b&7);
|
||||||
|
total_len = (ctx->counter += length_b);
|
||||||
|
if(length_b>=ECHO_SMALL_BLOCKSIZE-144){
|
||||||
|
compress512(ctx->v, buffer, &total_len, ctx->salt);
|
||||||
|
memset(buffer, 0, ECHO_SMALL_BLOCKSIZE_B);
|
||||||
|
ctx->counter = 0;
|
||||||
|
}
|
||||||
|
if(length_b==0){
|
||||||
|
ctx->counter = 0;
|
||||||
|
}
|
||||||
|
memcpy(buffer+ECHO_SMALL_BLOCKSIZE_B-18, &(ctx->id), 2);
|
||||||
|
memcpy(buffer+ECHO_SMALL_BLOCKSIZE_B-16, &total_len, 8);
|
||||||
|
compress512(ctx->v, buffer, &(ctx->counter), ctx->salt);
|
||||||
|
}
|
||||||
|
|
||||||
|
/******************************************************************************/
|
||||||
|
|
||||||
|
void echo_large_nextBlock(echo_large_ctx_t* ctx, void* block){
|
||||||
|
ctx->counter += ECHO_LARGE_BLOCKSIZE;
|
||||||
|
compress1024(ctx->v, block, &(ctx->counter), ctx->salt);
|
||||||
|
}
|
||||||
|
|
||||||
|
void echo_large_lastBlock(echo_large_ctx_t* ctx, void* block, uint16_t length_b){
|
||||||
|
while(length_b>=ECHO_LARGE_BLOCKSIZE){
|
||||||
|
echo_large_nextBlock(ctx, block);
|
||||||
|
block = (uint8_t*)block + ECHO_LARGE_BLOCKSIZE_B;
|
||||||
|
length_b -= ECHO_LARGE_BLOCKSIZE;
|
||||||
|
}
|
||||||
|
uint8_t buffer[ECHO_LARGE_BLOCKSIZE_B];
|
||||||
|
uint64_t total_len;
|
||||||
|
memset(buffer, 0, ECHO_LARGE_BLOCKSIZE_B);
|
||||||
|
memcpy(buffer, block, (length_b+7)/8);
|
||||||
|
buffer[length_b/8] |= 0x80 >> (length_b&7);
|
||||||
|
total_len = (ctx->counter += length_b);
|
||||||
|
if(length_b>=ECHO_LARGE_BLOCKSIZE-144){
|
||||||
|
compress1024(ctx->v, buffer, &total_len, ctx->salt);
|
||||||
|
memset(buffer, 0, ECHO_LARGE_BLOCKSIZE_B);
|
||||||
|
ctx->counter = 0;
|
||||||
|
}
|
||||||
|
if(length_b==0){
|
||||||
|
ctx->counter = 0;
|
||||||
|
}
|
||||||
|
memcpy(buffer+ECHO_LARGE_BLOCKSIZE_B-18, &(ctx->id), 2);
|
||||||
|
memcpy(buffer+ECHO_LARGE_BLOCKSIZE_B-16, &total_len, 8);
|
||||||
|
compress1024(ctx->v, buffer, &(ctx->counter), ctx->salt);
|
||||||
|
}
|
||||||
|
/******************************************************************************/
|
||||||
|
|
||||||
|
void echo_ctx2hash(void* dest, uint16_t length_b, echo_small_ctx_t* ctx){
|
||||||
|
memcpy(dest, ctx->v, (length_b+7)/8);
|
||||||
|
}
|
||||||
|
|
||||||
|
void echo224_ctx2hash(void* dest, echo_small_ctx_t* ctx){
|
||||||
|
memcpy(dest, ctx->v, 224/8);
|
||||||
|
}
|
||||||
|
|
||||||
|
void echo256_ctx2hash(void* dest, echo_small_ctx_t* ctx){
|
||||||
|
memcpy(dest, ctx->v, 256/8);
|
||||||
|
}
|
||||||
|
|
||||||
|
/******************************************************************************/
|
||||||
|
|
||||||
|
void echo384_ctx2hash(void* dest, echo_large_ctx_t* ctx){
|
||||||
|
memcpy(dest, ctx->v, 384/8);
|
||||||
|
}
|
||||||
|
|
||||||
|
void echo512_ctx2hash(void* dest, echo_large_ctx_t* ctx){
|
||||||
|
memcpy(dest, ctx->v, 512/8);
|
||||||
|
}
|
||||||
|
|
||||||
|
/******************************************************************************/
|
||||||
|
|
||||||
|
void echo224_init(echo_small_ctx_t* ctx){
|
||||||
|
memset(ctx->v, 0, 4*16);
|
||||||
|
ctx->counter = 0;
|
||||||
|
memset(ctx->salt, 0, 16);
|
||||||
|
ctx->id = 0x00E0;
|
||||||
|
ctx->v[0+16*0] = 0xE0;
|
||||||
|
ctx->v[0+16*1] = 0xE0;
|
||||||
|
ctx->v[0+16*2] = 0xE0;
|
||||||
|
ctx->v[0+16*3] = 0xE0;
|
||||||
|
}
|
||||||
|
|
||||||
|
void echo256_init(echo_small_ctx_t* ctx){
|
||||||
|
memset(ctx->v, 0, 4*16);
|
||||||
|
ctx->counter = 0;
|
||||||
|
memset(ctx->salt, 0, 16);
|
||||||
|
ctx->id = 0x0100;
|
||||||
|
ctx->v[1+16*0] = 0x01;
|
||||||
|
ctx->v[1+16*1] = 0x01;
|
||||||
|
ctx->v[1+16*2] = 0x01;
|
||||||
|
ctx->v[1+16*3] = 0x01;
|
||||||
|
}
|
||||||
|
|
||||||
|
/******************************************************************************/
|
||||||
|
|
||||||
|
void echo384_init(echo_large_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
memset(ctx->v, 0, 8*16);
|
||||||
|
ctx->counter = 0;
|
||||||
|
memset(ctx->salt, 0, 16);
|
||||||
|
ctx->id = 0x0180;
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
ctx->v[0+16*i] = 0x80;
|
||||||
|
ctx->v[1+16*i] = 0x01;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void echo512_init(echo_large_ctx_t* ctx){
|
||||||
|
uint8_t i;
|
||||||
|
memset(ctx->v, 0, 8*16);
|
||||||
|
ctx->counter = 0;
|
||||||
|
memset(ctx->salt, 0, 16);
|
||||||
|
ctx->id = 0x0200;
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
ctx->v[1+16*i] = 0x02;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/******************************************************************************/
|
|
@ -0,0 +1,69 @@
|
||||||
|
/* echo.h */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef ECHO_H_
|
||||||
|
#define ECHO_H_
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
#define ECHO_SMALL_BLOCKSIZE 1536
|
||||||
|
#define ECHO_SMALL_BLOCKSIZE_B ((ECHO_SMALL_BLOCKSIZE+7)/8)
|
||||||
|
#define ECHO_LARGE_BLOCKSIZE 1024
|
||||||
|
#define ECHO_LARGE_BLOCKSIZE_B ((ECHO_LARGE_BLOCKSIZE+7)/8)
|
||||||
|
|
||||||
|
#define ECHO224_BLOCKSIZE ECHO_SMALL_BLOCKSIZE
|
||||||
|
#define ECHO224_BLOCKSIZE_B ((ECHO224_BLOCKSIZE+7)/8)
|
||||||
|
#define ECHO256_BLOCKSIZE ECHO_SMALL_BLOCKSIZE
|
||||||
|
#define ECHO256_BLOCKSIZE_B ((ECHO256_BLOCKSIZE+7)/8)
|
||||||
|
#define ECHO384_BLOCKSIZE ECHO_LARGE_BLOCKSIZE
|
||||||
|
#define ECHO384_BLOCKSIZE_B ((ECHO384_BLOCKSIZE+7)/8)
|
||||||
|
#define ECHO512_BLOCKSIZE ECHO_LARGE_BLOCKSIZE
|
||||||
|
#define ECHO512_BLOCKSIZE_B ((ECHO512_BLOCKSIZE+7)/8)
|
||||||
|
|
||||||
|
typedef struct{
|
||||||
|
uint8_t v[4*16];
|
||||||
|
uint8_t salt[16];
|
||||||
|
uint64_t counter;
|
||||||
|
uint16_t id;
|
||||||
|
}echo_small_ctx_t;
|
||||||
|
|
||||||
|
typedef struct{
|
||||||
|
uint8_t v[8*16];
|
||||||
|
uint8_t salt[16];
|
||||||
|
uint64_t counter;
|
||||||
|
uint16_t id;
|
||||||
|
}echo_large_ctx_t;
|
||||||
|
|
||||||
|
void echo_small_nextBlock(echo_small_ctx_t* ctx, void* block);
|
||||||
|
void echo_small_lastBlock(echo_small_ctx_t* ctx, void* block, uint16_t length_b);
|
||||||
|
void echo_small_ctx2hash(void* dest, uint16_t length_b, echo_small_ctx_t* ctx);
|
||||||
|
void echo224_ctx2hash(void* dest, echo_small_ctx_t* ctx);
|
||||||
|
void echo256_ctx2hash(void* dest, echo_small_ctx_t* ctx);
|
||||||
|
void echo224_init(echo_small_ctx_t* ctx);
|
||||||
|
void echo256_init(echo_small_ctx_t* ctx);
|
||||||
|
|
||||||
|
void echo_large_nextBlock(echo_large_ctx_t* ctx, void* block);
|
||||||
|
void echo_large_lastBlock(echo_large_ctx_t* ctx, void* block, uint16_t length_b);
|
||||||
|
void echo_large_ctx2hash(void* dest, uint16_t length_b, echo_large_ctx_t* ctx);
|
||||||
|
void echo384_ctx2hash(void* dest, echo_large_ctx_t* ctx);
|
||||||
|
void echo512_ctx2hash(void* dest, echo_large_ctx_t* ctx);
|
||||||
|
void echo384_init(echo_large_ctx_t* ctx);
|
||||||
|
void echo512_init(echo_large_ctx_t* ctx);
|
||||||
|
|
||||||
|
#endif /* ECHO_H_ */
|
|
@ -0,0 +1,40 @@
|
||||||
|
/* gf256mul.c */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
uint8_t gf256mul(uint8_t a, uint8_t b, uint8_t reducer){
|
||||||
|
uint8_t r=0;
|
||||||
|
while(a&0xFE){
|
||||||
|
if(a&1){
|
||||||
|
r ^= b;
|
||||||
|
}
|
||||||
|
a >>= 1;
|
||||||
|
if(b&0x80){
|
||||||
|
b <<= 1;
|
||||||
|
b ^= reducer;
|
||||||
|
}else{
|
||||||
|
b <<= 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if(a&1){
|
||||||
|
r ^= b;
|
||||||
|
}
|
||||||
|
return r;
|
||||||
|
}
|
|
@ -0,0 +1,37 @@
|
||||||
|
/* gf256mul.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
#ifndef GF256MUL_H_
|
||||||
|
#define GF256MUL_H_
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \date 2008-12-19
|
||||||
|
* \license GPLv3
|
||||||
|
* \brief
|
||||||
|
*
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
uint8_t gf256mul(uint8_t a, uint8_t b, uint8_t reducer);
|
||||||
|
|
||||||
|
#endif /* GF256MUL_H_ */
|
||||||
|
|
|
@ -0,0 +1,12 @@
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
#include "memxor.h"
|
||||||
|
|
||||||
|
void memxor(void* dest, const void* src, uint16_t n){
|
||||||
|
while(n--){
|
||||||
|
*((uint8_t*)dest) ^= *((uint8_t*)src);
|
||||||
|
dest = (uint8_t*)dest +1;
|
||||||
|
src = (uint8_t*)src +1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
#ifndef MEMXOR_H_
|
||||||
|
#define MEMXOR_H_
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
void memxor(void* dest, const void* src, uint16_t n);
|
||||||
|
|
||||||
|
#endif
|
|
@ -0,0 +1,3 @@
|
||||||
|
target remote localhost:3333
|
||||||
|
set remote hardware-breakpoint-limit 6
|
||||||
|
set remote hardware-watchpoint-limit 4
|
|
@ -0,0 +1,7 @@
|
||||||
|
target remote localhost:3333
|
||||||
|
set remote hardware-breakpoint-limit 6
|
||||||
|
set remote hardware-watchpoint-limit 4
|
||||||
|
monitor reset halt
|
||||||
|
load
|
||||||
|
monitor reset
|
||||||
|
quit
|
|
@ -0,0 +1,39 @@
|
||||||
|
/* aes sbox */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
const uint8_t aes_sbox[256] = {
|
||||||
|
0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
|
||||||
|
0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
|
||||||
|
0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
|
||||||
|
0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
|
||||||
|
0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
|
||||||
|
0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
|
||||||
|
0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
|
||||||
|
0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
|
||||||
|
0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
|
||||||
|
0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
|
||||||
|
0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
|
||||||
|
0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
|
||||||
|
0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
|
||||||
|
0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
|
||||||
|
0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
|
||||||
|
0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
|
||||||
|
};
|
||||||
|
|
|
@ -0,0 +1,33 @@
|
||||||
|
/* aes_sbox.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file aes_sbox.h
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2008-12-30
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#ifndef AES_SBOX_H_
|
||||||
|
#define AES_SBOX_H_
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
extern uint8_t aes_sbox[];
|
||||||
|
|
||||||
|
#endif
|
|
@ -0,0 +1,40 @@
|
||||||
|
/* gf256mul.c */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
uint8_t gf256mul(uint8_t a, uint8_t b, uint8_t reducer){
|
||||||
|
uint8_t r=0;
|
||||||
|
while(a&0xFE){
|
||||||
|
if(a&1){
|
||||||
|
r ^= b;
|
||||||
|
}
|
||||||
|
a >>= 1;
|
||||||
|
if(b&0x80){
|
||||||
|
b <<= 1;
|
||||||
|
b ^= reducer;
|
||||||
|
}else{
|
||||||
|
b <<= 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if(a&1){
|
||||||
|
r ^= b;
|
||||||
|
}
|
||||||
|
return r;
|
||||||
|
}
|
|
@ -0,0 +1,37 @@
|
||||||
|
/* gf256mul.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
#ifndef GF256MUL_H_
|
||||||
|
#define GF256MUL_H_
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \date 2008-12-19
|
||||||
|
* \license GPLv3
|
||||||
|
* \brief
|
||||||
|
*
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
uint8_t gf256mul(uint8_t a, uint8_t b, uint8_t reducer);
|
||||||
|
|
||||||
|
#endif /* GF256MUL_H_ */
|
||||||
|
|
|
@ -0,0 +1,241 @@
|
||||||
|
/* groestl_large.c */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* \file groestl_large.c
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \date 2009-06-11
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "groestl_large.h"
|
||||||
|
#include "aes_sbox.h"
|
||||||
|
#include "gf256mul.h"
|
||||||
|
#include "memxor.h"
|
||||||
|
#include <stdint.h>
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
|
#define ROUNDS 14
|
||||||
|
#define POLYNOM 0x1b
|
||||||
|
|
||||||
|
#define DEBUG 0
|
||||||
|
|
||||||
|
#if DEBUG
|
||||||
|
#include "cli.h"
|
||||||
|
void dump_m(const uint8_t* m){
|
||||||
|
uint8_t i,j;
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
cli_putstr("\r\n");
|
||||||
|
for(j=0; j<8; ++j){
|
||||||
|
cli_putc(' ');
|
||||||
|
cli_hexdump(m+8*i+j, 1);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#else
|
||||||
|
#define dump_m(m)
|
||||||
|
#endif
|
||||||
|
|
||||||
|
static const uint8_t matrix[] = {
|
||||||
|
2, 2, 3, 4, 5, 3, 5, 7,
|
||||||
|
7, 2, 2, 3, 4, 5, 3, 5,
|
||||||
|
5, 7, 2, 2, 3, 4, 5, 3,
|
||||||
|
3, 5, 7, 2, 2, 3, 4, 5,
|
||||||
|
5, 3, 5, 7, 2, 2, 3, 4,
|
||||||
|
4, 5, 3, 5, 7, 2, 2, 3,
|
||||||
|
3, 4, 5, 3, 5, 7, 2, 2,
|
||||||
|
2, 3, 4, 5, 3, 5, 7, 2
|
||||||
|
};
|
||||||
|
|
||||||
|
void groestl_large_rounds(uint8_t *m, uint8_t q){
|
||||||
|
uint8_t r,i,j;
|
||||||
|
uint8_t tmp[16];
|
||||||
|
for(r=0; r<ROUNDS; ++r){
|
||||||
|
if(q){
|
||||||
|
m[7] ^= 0xff ^ r;
|
||||||
|
}else{
|
||||||
|
m[0] ^= r;
|
||||||
|
}
|
||||||
|
#if DEBUG
|
||||||
|
if(r<2){
|
||||||
|
cli_putstr("\r\npost add-const");
|
||||||
|
dump_m(m);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
for(i=0;i<16*8; ++i){
|
||||||
|
m[i] = aes_sbox[m[i]];
|
||||||
|
}
|
||||||
|
for(i=1; i<7; ++i){
|
||||||
|
for(j=0; j<16; ++j)
|
||||||
|
tmp[j] = m[i+8*j];
|
||||||
|
for(j=0; j<16; ++j){
|
||||||
|
m[i+((j-i+16)%16)*8] = tmp[j];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
for(j=0; j<16; ++j)
|
||||||
|
tmp[j] = m[7+8*j];
|
||||||
|
for(j=0; j<16; ++j){
|
||||||
|
m[7+((j-11+16)%16)*8] = tmp[j];
|
||||||
|
}
|
||||||
|
|
||||||
|
#if DEBUG
|
||||||
|
if(r<2){
|
||||||
|
cli_putstr("\r\npost shift-bytes");
|
||||||
|
dump_m(m);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
for(i=0; i<16; ++i){
|
||||||
|
memcpy(tmp, m+8*i, 8);
|
||||||
|
for(j=0; j<8; ++j){
|
||||||
|
m[j+i*8] = gf256mul(matrix[8*j+0],tmp[0], POLYNOM)
|
||||||
|
^ gf256mul(matrix[8*j+1],tmp[1], POLYNOM)
|
||||||
|
^ gf256mul(matrix[8*j+2],tmp[2], POLYNOM)
|
||||||
|
^ gf256mul(matrix[8*j+3],tmp[3], POLYNOM)
|
||||||
|
^ gf256mul(matrix[8*j+4],tmp[4], POLYNOM)
|
||||||
|
^ gf256mul(matrix[8*j+5],tmp[5], POLYNOM)
|
||||||
|
^ gf256mul(matrix[8*j+6],tmp[6], POLYNOM)
|
||||||
|
^ gf256mul(matrix[8*j+7],tmp[7], POLYNOM);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#if DEBUG
|
||||||
|
if(r<2){
|
||||||
|
cli_putstr("\r\npost mix-bytes");
|
||||||
|
dump_m(m);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl384_init(groestl384_ctx_t* ctx){
|
||||||
|
memset(ctx->h, 0, 16*8);
|
||||||
|
ctx->h[8*16-1] = (uint8_t)384;
|
||||||
|
ctx->h[8*16-2] = (uint8_t)(384>>8);
|
||||||
|
ctx->counter = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl512_init(groestl512_ctx_t* ctx){
|
||||||
|
memset(ctx->h, 0, 16*8);
|
||||||
|
ctx->h[8*16-2] = 2;
|
||||||
|
ctx->counter = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl_large_nextBlock(groestl_large_ctx_t* ctx, const void* block){
|
||||||
|
uint8_t tmp1[128], tmp2[128];
|
||||||
|
/*
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
for(j=0; j<8; ++j){
|
||||||
|
tmp1[j*8+i] = ((uint8_t*)block)[i*8+j];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
*/
|
||||||
|
memcpy(tmp1, block, 128);
|
||||||
|
memcpy(tmp2, tmp1, 128);
|
||||||
|
memxor(tmp1, ctx->h, 128);
|
||||||
|
groestl_large_rounds(tmp1, 0);
|
||||||
|
groestl_large_rounds(tmp2, 1);
|
||||||
|
memxor(ctx->h, tmp1, 128);
|
||||||
|
memxor(ctx->h, tmp2, 128);
|
||||||
|
ctx->counter++;
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl_large_lastBlock(groestl_large_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
uint8_t buffer[128];
|
||||||
|
while(length_b>=GROESTL_LARGE_BLOCKSIZE){
|
||||||
|
groestl_large_nextBlock(ctx, block);
|
||||||
|
length_b -= GROESTL_LARGE_BLOCKSIZE;
|
||||||
|
block = (uint8_t*)block + GROESTL_LARGE_BLOCKSIZE_B;
|
||||||
|
}
|
||||||
|
memset(buffer, 0, 128);
|
||||||
|
memcpy(buffer, block, (length_b+7)/8);
|
||||||
|
buffer[length_b/8] |= 0x80>>(length_b%8);
|
||||||
|
if(length_b>1024-65){
|
||||||
|
groestl_large_nextBlock(ctx, buffer);
|
||||||
|
memset(buffer, 0, 128-4);
|
||||||
|
}
|
||||||
|
ctx->counter++;
|
||||||
|
buffer[128-1] = (uint8_t)(ctx->counter);
|
||||||
|
buffer[128-2] = (uint8_t)((ctx->counter)>>8);
|
||||||
|
buffer[128-3] = (uint8_t)((ctx->counter)>>16);
|
||||||
|
buffer[128-4] = (uint8_t)((ctx->counter)>>24);
|
||||||
|
groestl_large_nextBlock(ctx, buffer);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl_large_ctx2hash(void* dest, const groestl_large_ctx_t* ctx, uint16_t outlength_b){
|
||||||
|
uint8_t tmp[128];
|
||||||
|
memcpy(tmp, ctx->h, 128);
|
||||||
|
groestl_large_rounds(tmp, 0);
|
||||||
|
memxor(tmp, ctx->h, 128);
|
||||||
|
#if DEBUG
|
||||||
|
cli_putstr("\r\npost finalisation");
|
||||||
|
dump_m(tmp);
|
||||||
|
#endif
|
||||||
|
memcpy(dest, tmp+128-outlength_b/8, outlength_b/8);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl384_ctx2hash(void* dest, const groestl384_ctx_t* ctx){
|
||||||
|
groestl_large_ctx2hash(dest, ctx, 384);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl512_ctx2hash(void* dest, const groestl512_ctx_t* ctx){
|
||||||
|
groestl_large_ctx2hash(dest, ctx, 512);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl384_nextBlock(groestl384_ctx_t* ctx, const void* block){
|
||||||
|
groestl_large_nextBlock(ctx, block);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl512_nextBlock(groestl512_ctx_t* ctx, const void* block){
|
||||||
|
groestl_large_nextBlock(ctx, block);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl384_lastBlock(groestl384_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
groestl_large_lastBlock(ctx, block, length_b);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl512_lastBlock(groestl512_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
groestl_large_lastBlock(ctx, block, length_b);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl384(void* dest, const void* msg, uint32_t length_b){
|
||||||
|
groestl_large_ctx_t ctx;
|
||||||
|
groestl384_init(&ctx);
|
||||||
|
while(length_b>=GROESTL_LARGE_BLOCKSIZE){
|
||||||
|
groestl_large_nextBlock(&ctx, msg);
|
||||||
|
length_b -= GROESTL_LARGE_BLOCKSIZE;
|
||||||
|
msg = (uint8_t*)msg + GROESTL_LARGE_BLOCKSIZE_B;
|
||||||
|
}
|
||||||
|
groestl_large_lastBlock(&ctx, msg, length_b);
|
||||||
|
groestl_large_ctx2hash(dest, &ctx, 384);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl512(void* dest, const void* msg, uint32_t length_b){
|
||||||
|
groestl_large_ctx_t ctx;
|
||||||
|
groestl512_init(&ctx);
|
||||||
|
while(length_b>=GROESTL_LARGE_BLOCKSIZE){
|
||||||
|
groestl_large_nextBlock(&ctx, msg);
|
||||||
|
length_b -= GROESTL_LARGE_BLOCKSIZE;
|
||||||
|
msg = (uint8_t*)msg + GROESTL_LARGE_BLOCKSIZE_B;
|
||||||
|
}
|
||||||
|
groestl_large_lastBlock(&ctx, msg, length_b);
|
||||||
|
groestl_large_ctx2hash(dest, &ctx, 512);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,65 @@
|
||||||
|
/* groestl_large.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* \file groestl_large.h
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \date 2009-05-19
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#ifndef GROESTL_LARGE_H_
|
||||||
|
#define GROESTL_LARGE_H_
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
#define GROESTL_LARGE_BLOCKSIZE 1024
|
||||||
|
#define GROESTL_LARGE_BLOCKSIZE_B ((GROESTL_LARGE_BLOCKSIZE+7)/8)
|
||||||
|
#define GROESTL384_BLOCKSIZE GROESTL_LARGE_BLOCKSIZE
|
||||||
|
#define GROESTL384_BLOCKSIZE_B GROESTL_LARGE_BLOCKSIZE_B
|
||||||
|
#define GROESTL512_BLOCKSIZE GROESTL_LARGE_BLOCKSIZE
|
||||||
|
#define GROESTL512_BLOCKSIZE_B GROESTL_LARGE_BLOCKSIZE_B
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
uint8_t h[8*16];
|
||||||
|
uint32_t counter;
|
||||||
|
} groestl_large_ctx_t;
|
||||||
|
|
||||||
|
typedef groestl_large_ctx_t groestl384_ctx_t;
|
||||||
|
typedef groestl_large_ctx_t groestl512_ctx_t;
|
||||||
|
|
||||||
|
void groestl384_init(groestl384_ctx_t* ctx);
|
||||||
|
void groestl512_init(groestl512_ctx_t* ctx);
|
||||||
|
|
||||||
|
void groestl_large_nextBlock(groestl_large_ctx_t* ctx, const void* block);
|
||||||
|
void groestl_large_lastBlock(groestl_large_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void groestl384_nextBlock(groestl384_ctx_t* ctx, const void* block);
|
||||||
|
void groestl384_lastBlock(groestl384_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void groestl512_nextBlock(groestl512_ctx_t* ctx, const void* block);
|
||||||
|
void groestl512_lastBlock(groestl512_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void groestl384_ctx2hash(void* dest, const groestl384_ctx_t* ctx);
|
||||||
|
void groestl512_ctx2hash(void* dest, const groestl512_ctx_t* ctx);
|
||||||
|
|
||||||
|
void groestl384(void* dest, const void* msg, uint32_t length_b);
|
||||||
|
void groestl512(void* dest, const void* msg, uint32_t length_b);
|
||||||
|
|
||||||
|
#endif /* GROESTL_GROESTL_H_ */
|
|
@ -0,0 +1,233 @@
|
||||||
|
/* groestl_small.c */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* \file groestl_small.c
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \date 2009-05-19
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "groestl_small.h"
|
||||||
|
#include "aes_sbox.h"
|
||||||
|
#include "gf256mul.h"
|
||||||
|
#include "memxor.h"
|
||||||
|
#include <stdint.h>
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
|
#define ROUNDS 10
|
||||||
|
#define POLYNOM 0x1b
|
||||||
|
|
||||||
|
#define DEBUG 0
|
||||||
|
|
||||||
|
#if DEBUG
|
||||||
|
#include "cli.h"
|
||||||
|
void dump_m(const uint8_t* m){
|
||||||
|
uint8_t i,j;
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
cli_putstr("\r\n");
|
||||||
|
for(j=0; j<8; ++j){
|
||||||
|
cli_putc(' ');
|
||||||
|
cli_hexdump(m+8*i+j, 1);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#else
|
||||||
|
#define dump_m(m)
|
||||||
|
#endif
|
||||||
|
|
||||||
|
static const uint8_t matrix[] = {
|
||||||
|
2, 2, 3, 4, 5, 3, 5, 7,
|
||||||
|
7, 2, 2, 3, 4, 5, 3, 5,
|
||||||
|
5, 7, 2, 2, 3, 4, 5, 3,
|
||||||
|
3, 5, 7, 2, 2, 3, 4, 5,
|
||||||
|
5, 3, 5, 7, 2, 2, 3, 4,
|
||||||
|
4, 5, 3, 5, 7, 2, 2, 3,
|
||||||
|
3, 4, 5, 3, 5, 7, 2, 2,
|
||||||
|
2, 3, 4, 5, 3, 5, 7, 2
|
||||||
|
};
|
||||||
|
|
||||||
|
void groestl_small_rounds(uint8_t *m, uint8_t q){
|
||||||
|
uint8_t r,i,j;
|
||||||
|
uint8_t tmp[8];
|
||||||
|
for(r=0; r<ROUNDS; ++r){
|
||||||
|
if(q){
|
||||||
|
m[7] ^= 0xff ^ r;
|
||||||
|
}else{
|
||||||
|
m[0] ^= r;
|
||||||
|
}
|
||||||
|
#if DEBUG
|
||||||
|
if(r<2){
|
||||||
|
cli_putstr("\r\npost add-const");
|
||||||
|
dump_m(m);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
for(i=0;i<8*8; ++i){
|
||||||
|
m[i] = aes_sbox[m[i]];
|
||||||
|
}
|
||||||
|
for(i=1; i<8; ++i){
|
||||||
|
for(j=0; j<8; ++j)
|
||||||
|
tmp[j] = m[i+8*j];
|
||||||
|
for(j=0; j<8; ++j){
|
||||||
|
m[i+((j-i+8)%8)*8] = tmp[j];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#if DEBUG
|
||||||
|
if(r<2){
|
||||||
|
cli_putstr("\r\npost shift-bytes");
|
||||||
|
dump_m(m);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
for(i=0; i<8; ++i){
|
||||||
|
memcpy(tmp, m+8*i, 8);
|
||||||
|
for(j=0; j<8; ++j){
|
||||||
|
m[j+i*8] = gf256mul(matrix[8*j+0],tmp[0], POLYNOM)
|
||||||
|
^ gf256mul(matrix[8*j+1],tmp[1], POLYNOM)
|
||||||
|
^ gf256mul(matrix[8*j+2],tmp[2], POLYNOM)
|
||||||
|
^ gf256mul(matrix[8*j+3],tmp[3], POLYNOM)
|
||||||
|
^ gf256mul(matrix[8*j+4],tmp[4], POLYNOM)
|
||||||
|
^ gf256mul(matrix[8*j+5],tmp[5], POLYNOM)
|
||||||
|
^ gf256mul(matrix[8*j+6],tmp[6], POLYNOM)
|
||||||
|
^ gf256mul(matrix[8*j+7],tmp[7], POLYNOM);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#if DEBUG
|
||||||
|
if(r<2){
|
||||||
|
cli_putstr("\r\npost mix-bytes");
|
||||||
|
dump_m(m);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl224_init(groestl224_ctx_t* ctx){
|
||||||
|
memset(ctx->h, 0, 8*8);
|
||||||
|
ctx->h[8*8-1] = 224;
|
||||||
|
ctx->counter = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl256_init(groestl256_ctx_t* ctx){
|
||||||
|
memset(ctx->h, 0, 8*8);
|
||||||
|
ctx->h[8*8-2] = 1;
|
||||||
|
ctx->counter = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl_small_nextBlock(groestl_small_ctx_t* ctx, const void* block){
|
||||||
|
uint8_t tmp1[64], tmp2[64];
|
||||||
|
/* for(i=0; i<8; ++i){
|
||||||
|
for(j=0; j<8; ++j){
|
||||||
|
tmp1[j*8+i] = ((uint8_t*)block)[i*8+j];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
*/
|
||||||
|
memcpy(tmp1, block, 64);
|
||||||
|
memcpy(tmp2, tmp1, 64);
|
||||||
|
memxor(tmp1, ctx->h, 64);
|
||||||
|
groestl_small_rounds(tmp1, 0);
|
||||||
|
groestl_small_rounds(tmp2, 1);
|
||||||
|
memxor(ctx->h, tmp1, 64);
|
||||||
|
memxor(ctx->h, tmp2, 64);
|
||||||
|
ctx->counter++;
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl_small_lastBlock(groestl_small_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
uint8_t buffer[64];
|
||||||
|
while(length_b>=GROESTL_SMALL_BLOCKSIZE){
|
||||||
|
groestl_small_nextBlock(ctx, block);
|
||||||
|
length_b -= GROESTL_SMALL_BLOCKSIZE;
|
||||||
|
block = (uint8_t*)block + GROESTL_SMALL_BLOCKSIZE_B;
|
||||||
|
}
|
||||||
|
memset(buffer, 0, 64);
|
||||||
|
memcpy(buffer, block, (length_b+7)/8);
|
||||||
|
buffer[length_b/8] |= 0x80>>(length_b&0x7);
|
||||||
|
if(length_b>512-65){
|
||||||
|
groestl_small_nextBlock(ctx, buffer);
|
||||||
|
memset(buffer, 0, 64-4);
|
||||||
|
}
|
||||||
|
// ctx->counter++;
|
||||||
|
buffer[64-1] = (uint8_t)(ctx->counter);
|
||||||
|
buffer[64-2] = (uint8_t)((ctx->counter)>>8);
|
||||||
|
buffer[64-3] = (uint8_t)((ctx->counter)>>16);
|
||||||
|
buffer[64-4] = (uint8_t)((ctx->counter)>>24);
|
||||||
|
groestl_small_nextBlock(ctx, buffer);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl_small_ctx2hash(void* dest, const groestl_small_ctx_t* ctx, uint16_t outlength_b){
|
||||||
|
uint8_t tmp[64];
|
||||||
|
memcpy(tmp, ctx->h, 64);
|
||||||
|
groestl_small_rounds(tmp, 0);
|
||||||
|
memxor(tmp, ctx->h, 64);
|
||||||
|
#if DEBUG
|
||||||
|
cli_putstr("\r\npost finalisation");
|
||||||
|
dump_m(tmp);
|
||||||
|
#endif
|
||||||
|
memcpy(dest, tmp+64-outlength_b/8, outlength_b/8);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl224_ctx2hash(void* dest, const groestl224_ctx_t* ctx){
|
||||||
|
groestl_small_ctx2hash(dest, ctx, 224);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl256_ctx2hash(void* dest, const groestl256_ctx_t* ctx){
|
||||||
|
groestl_small_ctx2hash(dest, ctx, 256);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl224_nextBlock(groestl224_ctx_t* ctx, const void* block){
|
||||||
|
groestl_small_nextBlock(ctx, block);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl256_nextBlock(groestl256_ctx_t* ctx, const void* block){
|
||||||
|
groestl_small_nextBlock(ctx, block);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl224_lastBlock(groestl224_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
groestl_small_lastBlock(ctx, block, length_b);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl256_lastBlock(groestl256_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
groestl_small_lastBlock(ctx, block, length_b);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl224(void* dest, const void* msg, uint32_t length_b){
|
||||||
|
groestl_small_ctx_t ctx;
|
||||||
|
groestl224_init(&ctx);
|
||||||
|
while(length_b>=GROESTL_SMALL_BLOCKSIZE){
|
||||||
|
groestl_small_nextBlock(&ctx, msg);
|
||||||
|
length_b -= GROESTL_SMALL_BLOCKSIZE;
|
||||||
|
msg = (uint8_t*)msg + GROESTL_SMALL_BLOCKSIZE_B;
|
||||||
|
}
|
||||||
|
groestl_small_lastBlock(&ctx, msg, length_b);
|
||||||
|
groestl_small_ctx2hash(dest, &ctx, 224);
|
||||||
|
}
|
||||||
|
|
||||||
|
void groestl256(void* dest, const void* msg, uint32_t length_b){
|
||||||
|
groestl_small_ctx_t ctx;
|
||||||
|
groestl256_init(&ctx);
|
||||||
|
while(length_b>=GROESTL_SMALL_BLOCKSIZE){
|
||||||
|
groestl_small_nextBlock(&ctx, msg);
|
||||||
|
length_b -= GROESTL_SMALL_BLOCKSIZE;
|
||||||
|
msg = (uint8_t*)msg + GROESTL_SMALL_BLOCKSIZE_B;
|
||||||
|
}
|
||||||
|
groestl_small_lastBlock(&ctx, msg, length_b);
|
||||||
|
groestl_small_ctx2hash(dest, &ctx, 256);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,65 @@
|
||||||
|
/* groestl_small.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* \file groestl_small.h
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \date 2009-05-19
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#ifndef GROESTL_SMALL_H_
|
||||||
|
#define GROESTL_SMALL_H_
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
#define GROESTL_SMALL_BLOCKSIZE 512
|
||||||
|
#define GROESTL_SMALL_BLOCKSIZE_B ((GROESTL_SMALL_BLOCKSIZE+7)/8)
|
||||||
|
#define GROESTL224_BLOCKSIZE GROESTL_SMALL_BLOCKSIZE
|
||||||
|
#define GROESTL224_BLOCKSIZE_B GROESTL_SMALL_BLOCKSIZE_B
|
||||||
|
#define GROESTL256_BLOCKSIZE GROESTL_SMALL_BLOCKSIZE
|
||||||
|
#define GROESTL256_BLOCKSIZE_B GROESTL_SMALL_BLOCKSIZE_B
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
uint8_t h[8*8];
|
||||||
|
uint32_t counter;
|
||||||
|
} groestl_small_ctx_t;
|
||||||
|
|
||||||
|
typedef groestl_small_ctx_t groestl224_ctx_t;
|
||||||
|
typedef groestl_small_ctx_t groestl256_ctx_t;
|
||||||
|
|
||||||
|
void groestl224_init(groestl224_ctx_t* ctx);
|
||||||
|
void groestl256_init(groestl256_ctx_t* ctx);
|
||||||
|
|
||||||
|
void groestl_small_nextBlock(groestl_small_ctx_t* ctx, const void* block);
|
||||||
|
void groestl_small_lastBlock(groestl_small_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void groestl224_nextBlock(groestl224_ctx_t* ctx, const void* block);
|
||||||
|
void groestl224_lastBlock(groestl224_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void groestl256_nextBlock(groestl256_ctx_t* ctx, const void* block);
|
||||||
|
void groestl256_lastBlock(groestl256_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void groestl224_ctx2hash(void* dest, const groestl224_ctx_t* ctx);
|
||||||
|
void groestl256_ctx2hash(void* dest, const groestl256_ctx_t* ctx);
|
||||||
|
|
||||||
|
void groestl224(void* dest, const void* msg, uint32_t length_b);
|
||||||
|
void groestl256(void* dest, const void* msg, uint32_t length_b);
|
||||||
|
|
||||||
|
#endif /* GROESTL_GROESTL_H_ */
|
|
@ -0,0 +1,12 @@
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
#include "memxor.h"
|
||||||
|
|
||||||
|
void memxor(void* dest, const void* src, uint16_t n){
|
||||||
|
while(n--){
|
||||||
|
*((uint8_t*)dest) ^= *((uint8_t*)src);
|
||||||
|
dest = (uint8_t*)dest +1;
|
||||||
|
src = (uint8_t*)src +1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
#ifndef MEMXOR_H_
|
||||||
|
#define MEMXOR_H_
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
void memxor(void* dest, const void* src, uint16_t n);
|
||||||
|
|
||||||
|
#endif
|
|
@ -0,0 +1,80 @@
|
||||||
|
/* hfal-basic.c */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
#include "hfal-basic.h"
|
||||||
|
#include <stdlib.h>
|
||||||
|
|
||||||
|
uint8_t hfal_hash_init(const hfdesc_t* hash_descriptor, hfgen_ctx_t* ctx){
|
||||||
|
ctx->desc_ptr = (hfdesc_t*)hash_descriptor;
|
||||||
|
if(!(ctx->ctx=malloc(hash_descriptor->ctxsize_B)))
|
||||||
|
return 3;
|
||||||
|
hash_descriptor->init(ctx->ctx);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
void hfal_hash_nextBlock(hfgen_ctx_t* ctx, const void* block){
|
||||||
|
ctx->desc_ptr->nextBlock(ctx->ctx, block);
|
||||||
|
}
|
||||||
|
|
||||||
|
void hfal_hash_lastBlock(hfgen_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
ctx->desc_ptr->lastBlock(ctx->ctx, block, length_b);
|
||||||
|
}
|
||||||
|
|
||||||
|
void hfal_hash_ctx2hash(void* dest, hfgen_ctx_t* ctx){
|
||||||
|
ctx->desc_ptr->ctx2hash(dest, ctx->ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void hfal_hash_free(hfgen_ctx_t* ctx){
|
||||||
|
hf_free_fpt f;
|
||||||
|
f = ctx->desc_ptr->free;
|
||||||
|
if(f)
|
||||||
|
f(ctx->ctx);
|
||||||
|
free(ctx->ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void hfal_hash_mem(const hfdesc_t* hash_descriptor, void* dest, const void* msg, uint32_t length_b){
|
||||||
|
void_fpt f;
|
||||||
|
f = (void_fpt)(hash_descriptor->mem);
|
||||||
|
if(f){
|
||||||
|
((hf_mem_fpt)f)(dest, msg, length_b);
|
||||||
|
}else{
|
||||||
|
uint16_t bs,bsb;
|
||||||
|
uint8_t ctx[hash_descriptor->ctxsize_B];
|
||||||
|
hash_descriptor->init(ctx);
|
||||||
|
bs = hash_descriptor->blocksize_b;
|
||||||
|
bsb=bs/8;
|
||||||
|
f=(void_fpt)(hash_descriptor->nextBlock);
|
||||||
|
while(length_b>bs){
|
||||||
|
((hf_nextBlock_fpt)f)(ctx, msg);
|
||||||
|
length_b -= bs;
|
||||||
|
msg = (uint8_t*)msg + bsb;
|
||||||
|
}
|
||||||
|
hash_descriptor->lastBlock(ctx, msg, length_b);
|
||||||
|
hash_descriptor->ctx2hash(dest, ctx);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
uint16_t hfal_hash_getBlocksize(const hfdesc_t* hash_descriptor){
|
||||||
|
return hash_descriptor->blocksize_b;
|
||||||
|
}
|
||||||
|
|
||||||
|
uint16_t hfal_hash_getHashsize(const hfdesc_t* hash_descriptor){
|
||||||
|
return hash_descriptor->hashsize_b;
|
||||||
|
}
|
|
@ -0,0 +1,34 @@
|
||||||
|
/* hfal-basic.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HFAL_BASIC_H_
|
||||||
|
#define HFAL_BASIC_H_
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
|
||||||
|
uint8_t hfal_hash_init(const hfdesc_t* hash_descriptor, hfgen_ctx_t* ctx);
|
||||||
|
void hfal_hash_nextBlock(hfgen_ctx_t* ctx, const void* block);
|
||||||
|
void hfal_hash_lastBlock(hfgen_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
void hfal_hash_ctx2hash(void* dest, hfgen_ctx_t* ctx);
|
||||||
|
void hfal_hash_free(hfgen_ctx_t* ctx);
|
||||||
|
void hfal_hash_mem(const hfdesc_t* hash_descriptor, void* dest, const void* msg, uint32_t length_b);
|
||||||
|
uint16_t hfal_hash_getBlocksize(const hfdesc_t* hash_descriptor);
|
||||||
|
uint16_t hfal_hash_getHashsize(const hfdesc_t* hash_descriptor);
|
||||||
|
|
||||||
|
#endif /* HFAL_BASIC_H_ */
|
|
@ -0,0 +1,66 @@
|
||||||
|
/* hfal_blake_large.c */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_blake_large.c
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-05-08
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
#include "blake_large.h"
|
||||||
|
|
||||||
|
|
||||||
|
static const char blake48_str[] = "Blake-48";
|
||||||
|
static const char blake64_str[] = "Blake-64";
|
||||||
|
|
||||||
|
const hfdesc_t blake48_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
blake48_str,
|
||||||
|
sizeof(blake48_ctx_t),
|
||||||
|
BLAKE48_BLOCKSIZE,
|
||||||
|
384,
|
||||||
|
(hf_init_fpt)blake48_init,
|
||||||
|
(hf_nextBlock_fpt)blake_large_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)blake_large_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)blake48_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)blake48
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t blake64_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
blake64_str,
|
||||||
|
sizeof(blake64_ctx_t),
|
||||||
|
BLAKE64_BLOCKSIZE,
|
||||||
|
512,
|
||||||
|
(hf_init_fpt)blake64_init,
|
||||||
|
(hf_nextBlock_fpt)blake_large_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)blake_large_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)blake64_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)blake64
|
||||||
|
};
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,36 @@
|
||||||
|
/* hfal_blake_large.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_blake_large.h
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-05-08
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HFAL_BLAKE_LARGE_H_
|
||||||
|
#define HFAL_BLAKE_LARGE_H_
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
|
||||||
|
extern const hfdesc_t blake48_desc;
|
||||||
|
extern const hfdesc_t blake64_desc;
|
||||||
|
|
||||||
|
#endif /* HFAL_BLAKE_LARGE_H_ */
|
|
@ -0,0 +1,66 @@
|
||||||
|
/* hfal_blake_small.c */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_blake_small.c
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-05-05
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
#include "blake_small.h"
|
||||||
|
|
||||||
|
|
||||||
|
static const char blake28_str[] = "Blake-28";
|
||||||
|
static const char blake32_str[] = "Blake-32";
|
||||||
|
|
||||||
|
const hfdesc_t blake28_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
blake28_str,
|
||||||
|
sizeof(blake28_ctx_t),
|
||||||
|
BLAKE28_BLOCKSIZE,
|
||||||
|
224,
|
||||||
|
(hf_init_fpt)blake28_init,
|
||||||
|
(hf_nextBlock_fpt)blake_small_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)blake_small_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)blake28_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)blake28
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t blake32_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
blake32_str,
|
||||||
|
sizeof(blake32_ctx_t),
|
||||||
|
BLAKE32_BLOCKSIZE,
|
||||||
|
256,
|
||||||
|
(hf_init_fpt)blake32_init,
|
||||||
|
(hf_nextBlock_fpt)blake_small_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)blake_small_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)blake32_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)blake32
|
||||||
|
};
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,36 @@
|
||||||
|
/* hfal_blake_small.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_blake_small.h
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-05-05
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HFAL_BLAKE_SMALL_H_
|
||||||
|
#define HFAL_BLAKE_SMALL_H_
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
|
||||||
|
extern const hfdesc_t blake28_desc;
|
||||||
|
extern const hfdesc_t blake32_desc;
|
||||||
|
|
||||||
|
#endif /* HFAL_BLAKE_SMALL_H_ */
|
|
@ -0,0 +1,66 @@
|
||||||
|
/* hfal_bmw_large.c */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_bmw_large.c
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-04-28
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
#include "bmw_large.h"
|
||||||
|
|
||||||
|
|
||||||
|
static const char bmw384_str[] = "BlueMidnightWish-384";
|
||||||
|
static const char bmw512_str[] = "BlueMidnightWish-512";
|
||||||
|
|
||||||
|
const hfdesc_t bmw384_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
bmw384_str,
|
||||||
|
sizeof(bmw384_ctx_t),
|
||||||
|
BMW384_BLOCKSIZE,
|
||||||
|
384,
|
||||||
|
(hf_init_fpt)bmw384_init,
|
||||||
|
(hf_nextBlock_fpt)bmw384_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)bmw384_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)bmw384_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)bmw384
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t bmw512_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
bmw512_str,
|
||||||
|
sizeof(bmw512_ctx_t),
|
||||||
|
BMW512_BLOCKSIZE,
|
||||||
|
512,
|
||||||
|
(hf_init_fpt)bmw512_init,
|
||||||
|
(hf_nextBlock_fpt)bmw512_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)bmw512_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)bmw512_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)bmw512
|
||||||
|
};
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,36 @@
|
||||||
|
/* hfal_bmw_large.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_bmw_large.h
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-04-28
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HFAL_BMW_LARGE_H_
|
||||||
|
#define HFAL_BMW_LARGE_H_
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
|
||||||
|
extern const hfdesc_t bmw384_desc;
|
||||||
|
extern const hfdesc_t bmw512_desc;
|
||||||
|
|
||||||
|
#endif /* HFAL_BMW_LARGE_H_ */
|
|
@ -0,0 +1,66 @@
|
||||||
|
/* hfal_bmw_small.c */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_bmw_small.c
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-04-28
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
#include "bmw_small.h"
|
||||||
|
|
||||||
|
|
||||||
|
static const char bmw224_str[] = "BlueMidnightWish-224";
|
||||||
|
static const char bmw256_str[] = "BlueMidnightWish-256";
|
||||||
|
|
||||||
|
const hfdesc_t bmw224_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
bmw224_str,
|
||||||
|
sizeof(bmw224_ctx_t),
|
||||||
|
BMW224_BLOCKSIZE,
|
||||||
|
224,
|
||||||
|
(hf_init_fpt)bmw224_init,
|
||||||
|
(hf_nextBlock_fpt)bmw224_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)bmw224_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)bmw224_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)bmw224
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t bmw256_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
bmw256_str,
|
||||||
|
sizeof(bmw256_ctx_t),
|
||||||
|
BMW256_BLOCKSIZE,
|
||||||
|
256,
|
||||||
|
(hf_init_fpt)bmw256_init,
|
||||||
|
(hf_nextBlock_fpt)bmw256_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)bmw256_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)bmw256_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)bmw256
|
||||||
|
};
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,36 @@
|
||||||
|
/* hfal_bmw_small.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_bmw_small.h
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-04-28
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HFAL_BMW_SMALL_H_
|
||||||
|
#define HFAL_BMW_SMALL_H_
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
|
||||||
|
extern const hfdesc_t bmw224_desc;
|
||||||
|
extern const hfdesc_t bmw256_desc;
|
||||||
|
|
||||||
|
#endif /* HFAL_BMW_SMALL_H_ */
|
|
@ -0,0 +1,98 @@
|
||||||
|
/* hfal_cubehash.c */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_cubehash.c
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2010-02-09
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
#include "cubehash.h"
|
||||||
|
|
||||||
|
|
||||||
|
static const char cubehash224_str[] = "CubeHash-224";
|
||||||
|
static const char cubehash256_str[] = "CubeHash-256";
|
||||||
|
static const char cubehash384_str[] = "CubeHash-384";
|
||||||
|
static const char cubehash512_str[] = "CubeHash-512";
|
||||||
|
|
||||||
|
const hfdesc_t cubehash224_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
cubehash224_str,
|
||||||
|
sizeof(cubehash_ctx_t),
|
||||||
|
CUBEHASH224_BLOCKSIZE,
|
||||||
|
224,
|
||||||
|
(hf_init_fpt)cubehash224_init,
|
||||||
|
(hf_nextBlock_fpt)cubehash_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)cubehash_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)cubehash224_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t cubehash256_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
cubehash256_str,
|
||||||
|
sizeof(cubehash_ctx_t),
|
||||||
|
CUBEHASH256_BLOCKSIZE,
|
||||||
|
256,
|
||||||
|
(hf_init_fpt)cubehash256_init,
|
||||||
|
(hf_nextBlock_fpt)cubehash_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)cubehash_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)cubehash256_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t cubehash384_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
cubehash384_str,
|
||||||
|
sizeof(cubehash_ctx_t),
|
||||||
|
CUBEHASH384_BLOCKSIZE,
|
||||||
|
384,
|
||||||
|
(hf_init_fpt)cubehash384_init,
|
||||||
|
(hf_nextBlock_fpt)cubehash_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)cubehash_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)cubehash384_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t cubehash512_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
cubehash512_str,
|
||||||
|
sizeof(cubehash_ctx_t),
|
||||||
|
CUBEHASH512_BLOCKSIZE,
|
||||||
|
512,
|
||||||
|
(hf_init_fpt)cubehash512_init,
|
||||||
|
(hf_nextBlock_fpt)cubehash_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)cubehash_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)cubehash512_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,31 @@
|
||||||
|
/* hfal_cubehash.h */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HFAL_CUBEHASH_H_
|
||||||
|
#define HFAL_CUBEHASH_H_
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
|
||||||
|
extern const hfdesc_t cubehash224_desc;
|
||||||
|
extern const hfdesc_t cubehash256_desc;
|
||||||
|
extern const hfdesc_t cubehash384_desc;
|
||||||
|
extern const hfdesc_t cubehash512_desc;
|
||||||
|
|
||||||
|
|
||||||
|
#endif /* HFAL_CUBEHASH_H_ */
|
|
@ -0,0 +1,98 @@
|
||||||
|
/* hfal_echo.c */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_echo.c
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2010-02-21
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
#include "echo.h"
|
||||||
|
|
||||||
|
|
||||||
|
static const char echo224_str[] = "ECHO-224";
|
||||||
|
static const char echo256_str[] = "ECHO-256";
|
||||||
|
static const char echo384_str[] = "ECHO-384";
|
||||||
|
static const char echo512_str[] = "ECHO-512";
|
||||||
|
|
||||||
|
const hfdesc_t echo224_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
echo224_str,
|
||||||
|
sizeof(echo_small_ctx_t),
|
||||||
|
ECHO224_BLOCKSIZE,
|
||||||
|
224,
|
||||||
|
(hf_init_fpt)echo224_init,
|
||||||
|
(hf_nextBlock_fpt)echo_small_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)echo_small_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)echo224_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t echo256_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
echo256_str,
|
||||||
|
sizeof(echo_small_ctx_t),
|
||||||
|
ECHO256_BLOCKSIZE,
|
||||||
|
256,
|
||||||
|
(hf_init_fpt)echo256_init,
|
||||||
|
(hf_nextBlock_fpt)echo_small_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)echo_small_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)echo256_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t echo384_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
echo384_str,
|
||||||
|
sizeof(echo_large_ctx_t),
|
||||||
|
ECHO384_BLOCKSIZE,
|
||||||
|
384,
|
||||||
|
(hf_init_fpt)echo384_init,
|
||||||
|
(hf_nextBlock_fpt)echo_large_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)echo_large_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)echo384_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t echo512_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
echo512_str,
|
||||||
|
sizeof(echo_large_ctx_t),
|
||||||
|
ECHO512_BLOCKSIZE,
|
||||||
|
512,
|
||||||
|
(hf_init_fpt)echo512_init,
|
||||||
|
(hf_nextBlock_fpt)echo_large_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)echo_large_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)echo512_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,30 @@
|
||||||
|
/* hfal_echo.h */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HFAL_ECHO_H_
|
||||||
|
#define HFAL_ECHO_H_
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
|
||||||
|
extern const hfdesc_t echo224_desc;
|
||||||
|
extern const hfdesc_t echo256_desc;
|
||||||
|
extern const hfdesc_t echo384_desc;
|
||||||
|
extern const hfdesc_t echo512_desc;
|
||||||
|
|
||||||
|
#endif /* HFAL_ECHO_H_ */
|
|
@ -0,0 +1,67 @@
|
||||||
|
/* hfal_groestl_large.c */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_groestl_large.c
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-05-05
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
#include "groestl_large.h"
|
||||||
|
#include "groestl_small.h"
|
||||||
|
|
||||||
|
|
||||||
|
static const char groestl384_str[] = "Groestl-384";
|
||||||
|
static const char groestl512_str[] = "Groestl-512";
|
||||||
|
|
||||||
|
const hfdesc_t groestl384_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
groestl384_str,
|
||||||
|
sizeof(groestl384_ctx_t),
|
||||||
|
GROESTL384_BLOCKSIZE,
|
||||||
|
384,
|
||||||
|
(hf_init_fpt)groestl384_init,
|
||||||
|
(hf_nextBlock_fpt)groestl_large_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)groestl_large_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)groestl384_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)groestl384
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t groestl512_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
groestl512_str,
|
||||||
|
sizeof(groestl512_ctx_t),
|
||||||
|
GROESTL512_BLOCKSIZE,
|
||||||
|
512,
|
||||||
|
(hf_init_fpt)groestl512_init,
|
||||||
|
(hf_nextBlock_fpt)groestl_large_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)groestl_large_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)groestl512_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)groestl512
|
||||||
|
};
|
||||||
|
|
|
@ -0,0 +1,37 @@
|
||||||
|
/* hfal_groestl_large.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_groestl_large.h
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-06-11
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HFAL_GROESTL_LARGE_H_
|
||||||
|
#define HFAL_GROESTL_LARGE_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
|
||||||
|
extern const hfdesc_t groestl384_desc;
|
||||||
|
extern const hfdesc_t groestl512_desc;
|
||||||
|
|
||||||
|
#endif /* HFAL_GROESTL_LARGE_H_ */
|
|
@ -0,0 +1,67 @@
|
||||||
|
/* hfal_groestl_small.c */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_groestl_small.c
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-05-05
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
#include "groestl_small.h"
|
||||||
|
|
||||||
|
|
||||||
|
static const char groestl224_str[] = "Groestl-224";
|
||||||
|
static const char groestl256_str[] = "Groestl-256";
|
||||||
|
|
||||||
|
const hfdesc_t groestl224_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
groestl224_str,
|
||||||
|
sizeof(groestl224_ctx_t),
|
||||||
|
GROESTL224_BLOCKSIZE,
|
||||||
|
224,
|
||||||
|
(hf_init_fpt)groestl224_init,
|
||||||
|
(hf_nextBlock_fpt)groestl_small_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)groestl_small_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)groestl224_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)groestl224
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t groestl256_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
groestl256_str,
|
||||||
|
sizeof(groestl256_ctx_t),
|
||||||
|
GROESTL256_BLOCKSIZE,
|
||||||
|
256,
|
||||||
|
(hf_init_fpt)groestl256_init,
|
||||||
|
(hf_nextBlock_fpt)groestl_small_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)groestl_small_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)groestl256_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)groestl256
|
||||||
|
};
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,37 @@
|
||||||
|
/* hfal_groestl_small.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_groestl_small.h
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-05-05
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HFAL_GROESTL_SMALL_H_
|
||||||
|
#define HFAL_GROESTL_SMALL_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
|
||||||
|
extern const hfdesc_t groestl224_desc;
|
||||||
|
extern const hfdesc_t groestl256_desc;
|
||||||
|
|
||||||
|
#endif /* HFAL_GROESTL_SMALL_H_ */
|
|
@ -0,0 +1,99 @@
|
||||||
|
/* hfal_keccak.c */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_keccak.c
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2010-02-09
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
#include "keccak.h"
|
||||||
|
|
||||||
|
|
||||||
|
static const char keccak224_str[] = "Keccak-224";
|
||||||
|
static const char keccak256_str[] = "Keccak-256";
|
||||||
|
static const char keccak384_str[] = "Keccak-384";
|
||||||
|
static const char keccak512_str[] = "Keccak-512";
|
||||||
|
|
||||||
|
const hfdesc_t keccak224_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
keccak224_str,
|
||||||
|
sizeof(keccak_ctx_t),
|
||||||
|
KECCAK224_BLOCKSIZE,
|
||||||
|
224,
|
||||||
|
(hf_init_fpt)keccak224_init,
|
||||||
|
(hf_nextBlock_fpt)keccak_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)keccak_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)keccak224_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t keccak256_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
keccak256_str,
|
||||||
|
sizeof(keccak_ctx_t),
|
||||||
|
KECCAK256_BLOCKSIZE,
|
||||||
|
256,
|
||||||
|
(hf_init_fpt)keccak256_init,
|
||||||
|
(hf_nextBlock_fpt)keccak_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)keccak_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)keccak256_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t keccak384_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
keccak384_str,
|
||||||
|
sizeof(keccak_ctx_t),
|
||||||
|
KECCAK384_BLOCKSIZE,
|
||||||
|
384,
|
||||||
|
(hf_init_fpt)keccak384_init,
|
||||||
|
(hf_nextBlock_fpt)keccak_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)keccak_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)keccak384_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t keccak512_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
keccak512_str,
|
||||||
|
sizeof(keccak_ctx_t),
|
||||||
|
KECCAK512_BLOCKSIZE,
|
||||||
|
512,
|
||||||
|
(hf_init_fpt)keccak512_init,
|
||||||
|
(hf_nextBlock_fpt)keccak_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)keccak_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)keccak512_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,39 @@
|
||||||
|
/* hfal_keccak.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_keccak.h
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2010-02-09
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HFAL_KECCAK_H_
|
||||||
|
#define HFAL_KECCAK_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
|
||||||
|
extern const hfdesc_t keccak224_desc;
|
||||||
|
extern const hfdesc_t keccak256_desc;
|
||||||
|
extern const hfdesc_t keccak384_desc;
|
||||||
|
extern const hfdesc_t keccak512_desc;
|
||||||
|
|
||||||
|
#endif /* HFAL_KECCAK_H_ */
|
|
@ -0,0 +1,49 @@
|
||||||
|
/* hfal_md5.c */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_md5.c
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-02-09
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
#include "md5.h"
|
||||||
|
|
||||||
|
static const char md5_str[] = "MD5";
|
||||||
|
|
||||||
|
const hfdesc_t md5_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
md5_str,
|
||||||
|
sizeof(md5_ctx_t),
|
||||||
|
512,
|
||||||
|
128,
|
||||||
|
(hf_init_fpt)md5_init,
|
||||||
|
(hf_nextBlock_fpt)md5_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)md5_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)md5_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)md5
|
||||||
|
};
|
||||||
|
|
|
@ -0,0 +1,36 @@
|
||||||
|
/* hfal_md5.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_md5.h
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-02-09
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HFAL_MD5_H_
|
||||||
|
#define HFAL_MD5_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
|
||||||
|
extern const hfdesc_t md5_desc;
|
||||||
|
|
||||||
|
#endif /* HFAL_MD5_H_ */
|
|
@ -0,0 +1,49 @@
|
||||||
|
/* hfal_sha1.c */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_sha1.c
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-02-04
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
#include "sha1.h"
|
||||||
|
|
||||||
|
static const char sha1_str[] = "SHA-1";
|
||||||
|
|
||||||
|
const hfdesc_t sha1_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
sha1_str,
|
||||||
|
sizeof(sha1_ctx_t),
|
||||||
|
512,
|
||||||
|
160,
|
||||||
|
(hf_init_fpt)sha1_init,
|
||||||
|
(hf_nextBlock_fpt)sha1_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)sha1_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)sha1_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)sha1
|
||||||
|
};
|
||||||
|
|
|
@ -0,0 +1,36 @@
|
||||||
|
/* hfal_sha1.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_sha1.h
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-02-04
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HFAL_SHA1_H_
|
||||||
|
#define HFAL_SHA1_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
|
||||||
|
extern const hfdesc_t sha1_desc;
|
||||||
|
|
||||||
|
#endif /* HFAL_SHA1_H_ */
|
|
@ -0,0 +1,49 @@
|
||||||
|
/* hfal_sha256.c */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_sha256.c
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-02-04
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
#include "sha256.h"
|
||||||
|
|
||||||
|
static const char sha256_str[] = "SHA-256";
|
||||||
|
|
||||||
|
const hfdesc_t sha256_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
sha256_str,
|
||||||
|
sizeof(sha256_ctx_t),
|
||||||
|
512,
|
||||||
|
256,
|
||||||
|
(hf_init_fpt)sha256_init,
|
||||||
|
(hf_nextBlock_fpt)sha256_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)sha256_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)sha256_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)sha256
|
||||||
|
};
|
||||||
|
|
|
@ -0,0 +1,36 @@
|
||||||
|
/* hfal_sha256.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_sha256.h
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-02-04
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HFAL_SHA256_H_
|
||||||
|
#define HFAL_SHA256_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
|
||||||
|
extern const hfdesc_t sha256_desc;
|
||||||
|
|
||||||
|
#endif /* HFAL_SHA256_H_ */
|
|
@ -0,0 +1,113 @@
|
||||||
|
/* hfal_shabal.c */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_shabal.c
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-04-20
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
#include "shabal.h"
|
||||||
|
|
||||||
|
|
||||||
|
static const char shabal192_str[] = "Shabal-192";
|
||||||
|
static const char shabal224_str[] = "Shabal-224";
|
||||||
|
static const char shabal256_str[] = "Shabal-256";
|
||||||
|
static const char shabal384_str[] = "Shabal-384";
|
||||||
|
static const char shabal512_str[] = "Shabal-512";
|
||||||
|
|
||||||
|
const hfdesc_t shabal192_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
shabal192_str,
|
||||||
|
sizeof(shabal_ctx_t),
|
||||||
|
SHABAL_BLOCKSIZE,
|
||||||
|
192,
|
||||||
|
(hf_init_fpt)shabal192_init,
|
||||||
|
(hf_nextBlock_fpt)shabal_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)shabal_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)shabal192_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)shabal192
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t shabal224_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
shabal224_str,
|
||||||
|
sizeof(shabal_ctx_t),
|
||||||
|
SHABAL_BLOCKSIZE,
|
||||||
|
224,
|
||||||
|
(hf_init_fpt)shabal224_init,
|
||||||
|
(hf_nextBlock_fpt)shabal_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)shabal_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)shabal224_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)shabal224
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t shabal256_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
shabal256_str,
|
||||||
|
sizeof(shabal_ctx_t),
|
||||||
|
SHABAL_BLOCKSIZE,
|
||||||
|
256,
|
||||||
|
(hf_init_fpt)shabal256_init,
|
||||||
|
(hf_nextBlock_fpt)shabal_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)shabal_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)shabal256_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)shabal256
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t shabal384_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
shabal384_str,
|
||||||
|
sizeof(shabal_ctx_t),
|
||||||
|
SHABAL_BLOCKSIZE,
|
||||||
|
384,
|
||||||
|
(hf_init_fpt)shabal384_init,
|
||||||
|
(hf_nextBlock_fpt)shabal_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)shabal_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)shabal384_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)shabal384
|
||||||
|
};
|
||||||
|
|
||||||
|
const hfdesc_t shabal512_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
shabal512_str,
|
||||||
|
sizeof(shabal_ctx_t),
|
||||||
|
SHABAL_BLOCKSIZE,
|
||||||
|
512,
|
||||||
|
(hf_init_fpt)shabal512_init,
|
||||||
|
(hf_nextBlock_fpt)shabal_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)shabal_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)shabal512_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)shabal512
|
||||||
|
};
|
|
@ -0,0 +1,40 @@
|
||||||
|
/* hfal_shabal.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_shabal.h
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-04-20
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HFAL_SHABAL_H_
|
||||||
|
#define HFAL_SHABAL_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
|
||||||
|
extern const hfdesc_t shabal192_desc;
|
||||||
|
extern const hfdesc_t shabal224_desc;
|
||||||
|
extern const hfdesc_t shabal256_desc;
|
||||||
|
extern const hfdesc_t shabal384_desc;
|
||||||
|
extern const hfdesc_t shabal512_desc;
|
||||||
|
|
||||||
|
#endif /* HFAL_SHABAL_H_ */
|
|
@ -0,0 +1,162 @@
|
||||||
|
/* hfal_skein1024.c */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_skein1024.c
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-03-13
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
#include "skein.h"
|
||||||
|
|
||||||
|
|
||||||
|
static const char skein1024_128_str[] = "Skein-1024-128";
|
||||||
|
static const char skein1024_160_str[] = "Skein-1024-160";
|
||||||
|
static const char skein1024_224_str[] = "Skein-1024-224";
|
||||||
|
static const char skein1024_256_str[] = "Skein-1024-256";
|
||||||
|
static const char skein1024_384_str[] = "Skein-1024-384";
|
||||||
|
static const char skein1024_512_str[] = "Skein-1024-512";
|
||||||
|
static const char skein1024_1024_str[] = "Skein-1024-1024";
|
||||||
|
|
||||||
|
void skein1024_128_init(skein1024_ctx_t* ctx){
|
||||||
|
skein1024_init(ctx, 128);
|
||||||
|
}
|
||||||
|
void skein1024_160_init(skein1024_ctx_t* ctx){
|
||||||
|
skein1024_init(ctx, 160);
|
||||||
|
}
|
||||||
|
void skein1024_224_init(skein1024_ctx_t* ctx){
|
||||||
|
skein1024_init(ctx, 224);
|
||||||
|
}
|
||||||
|
void skein1024_256_init(skein1024_ctx_t* ctx){
|
||||||
|
skein1024_init(ctx, 256);
|
||||||
|
}
|
||||||
|
void skein1024_384_init(skein1024_ctx_t* ctx){
|
||||||
|
skein1024_init(ctx, 384);
|
||||||
|
}
|
||||||
|
void skein1024_512_init(skein1024_ctx_t* ctx){
|
||||||
|
skein1024_init(ctx, 512);
|
||||||
|
}
|
||||||
|
void skein1024_1024_init(skein1024_ctx_t* ctx){
|
||||||
|
skein1024_init(ctx, 1024);
|
||||||
|
}
|
||||||
|
|
||||||
|
const hfdesc_t skein1024_128_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein1024_128_str,
|
||||||
|
sizeof(skein1024_ctx_t),
|
||||||
|
SKEIN1024_BLOCKSIZE,
|
||||||
|
128,
|
||||||
|
(hf_init_fpt)skein1024_128_init,
|
||||||
|
(hf_nextBlock_fpt)skein1024_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein1024_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein1024_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
const hfdesc_t skein1024_160_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein1024_160_str,
|
||||||
|
sizeof(skein1024_ctx_t),
|
||||||
|
SKEIN1024_BLOCKSIZE,
|
||||||
|
160,
|
||||||
|
(hf_init_fpt)skein1024_160_init,
|
||||||
|
(hf_nextBlock_fpt)skein1024_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein1024_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein1024_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
const hfdesc_t skein1024_224_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein1024_224_str,
|
||||||
|
sizeof(skein1024_ctx_t),
|
||||||
|
SKEIN1024_BLOCKSIZE,
|
||||||
|
224,
|
||||||
|
(hf_init_fpt)skein1024_224_init,
|
||||||
|
(hf_nextBlock_fpt)skein1024_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein1024_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein1024_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
const hfdesc_t skein1024_256_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein1024_256_str,
|
||||||
|
sizeof(skein1024_ctx_t),
|
||||||
|
SKEIN1024_BLOCKSIZE,
|
||||||
|
256,
|
||||||
|
(hf_init_fpt)skein1024_256_init,
|
||||||
|
(hf_nextBlock_fpt)skein1024_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein1024_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein1024_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
const hfdesc_t skein1024_384_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein1024_384_str,
|
||||||
|
sizeof(skein1024_ctx_t),
|
||||||
|
SKEIN1024_BLOCKSIZE,
|
||||||
|
384,
|
||||||
|
(hf_init_fpt)skein1024_384_init,
|
||||||
|
(hf_nextBlock_fpt)skein1024_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein1024_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein1024_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
const hfdesc_t skein1024_512_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein1024_512_str,
|
||||||
|
sizeof(skein1024_ctx_t),
|
||||||
|
SKEIN1024_BLOCKSIZE,
|
||||||
|
512,
|
||||||
|
(hf_init_fpt)skein1024_512_init,
|
||||||
|
(hf_nextBlock_fpt)skein1024_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein1024_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein1024_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
const hfdesc_t skein1024_1024_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein1024_1024_str,
|
||||||
|
sizeof(skein1024_ctx_t),
|
||||||
|
SKEIN1024_BLOCKSIZE,
|
||||||
|
1024,
|
||||||
|
(hf_init_fpt)skein1024_1024_init,
|
||||||
|
(hf_nextBlock_fpt)skein1024_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein1024_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein1024_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
|
|
@ -0,0 +1,42 @@
|
||||||
|
/* hfal_skein1024.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_skein1024.h
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-03-13
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HFAL_SKEIN1024_H_
|
||||||
|
#define HFAL_SKEIN1024_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
|
||||||
|
extern const hfdesc_t skein1024_128_desc;
|
||||||
|
extern const hfdesc_t skein1024_160_desc;
|
||||||
|
extern const hfdesc_t skein1024_224_desc;
|
||||||
|
extern const hfdesc_t skein1024_256_desc;
|
||||||
|
extern const hfdesc_t skein1024_384_desc;
|
||||||
|
extern const hfdesc_t skein1024_512_desc;
|
||||||
|
extern const hfdesc_t skein1024_1024_desc;
|
||||||
|
|
||||||
|
#endif /* HFAL_SHA1024_H_ */
|
|
@ -0,0 +1,143 @@
|
||||||
|
/* hfal_skein256.c */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_skein256.c
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-03-13
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
#include "skein.h"
|
||||||
|
|
||||||
|
|
||||||
|
static const char skein256_128_str[] = "Skein-256-128";
|
||||||
|
static const char skein256_160_str[] = "Skein-256-160";
|
||||||
|
static const char skein256_224_str[] = "Skein-256-224";
|
||||||
|
static const char skein256_256_str[] = "Skein-256-256";
|
||||||
|
static const char skein256_384_str[] = "Skein-256-384";
|
||||||
|
static const char skein256_512_str[] = "Skein-256-512";
|
||||||
|
|
||||||
|
void skein256_128_init(skein256_ctx_t* ctx){
|
||||||
|
skein256_init(ctx, 128);
|
||||||
|
}
|
||||||
|
void skein256_160_init(skein256_ctx_t* ctx){
|
||||||
|
skein256_init(ctx, 160);
|
||||||
|
}
|
||||||
|
void skein256_224_init(skein256_ctx_t* ctx){
|
||||||
|
skein256_init(ctx, 224);
|
||||||
|
}
|
||||||
|
void skein256_256_init(skein256_ctx_t* ctx){
|
||||||
|
skein256_init(ctx, 256);
|
||||||
|
}
|
||||||
|
void skein256_384_init(skein256_ctx_t* ctx){
|
||||||
|
skein256_init(ctx, 384);
|
||||||
|
}
|
||||||
|
void skein256_512_init(skein256_ctx_t* ctx){
|
||||||
|
skein256_init(ctx, 512);
|
||||||
|
}
|
||||||
|
|
||||||
|
const hfdesc_t skein256_128_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein256_128_str,
|
||||||
|
sizeof(skein256_ctx_t),
|
||||||
|
SKEIN256_BLOCKSIZE,
|
||||||
|
128,
|
||||||
|
(hf_init_fpt)skein256_128_init,
|
||||||
|
(hf_nextBlock_fpt)skein256_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein256_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein256_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
const hfdesc_t skein256_160_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein256_160_str,
|
||||||
|
sizeof(skein256_ctx_t),
|
||||||
|
SKEIN256_BLOCKSIZE,
|
||||||
|
160,
|
||||||
|
(hf_init_fpt)skein256_160_init,
|
||||||
|
(hf_nextBlock_fpt)skein256_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein256_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein256_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
const hfdesc_t skein256_224_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein256_224_str,
|
||||||
|
sizeof(skein256_ctx_t),
|
||||||
|
SKEIN256_BLOCKSIZE,
|
||||||
|
224,
|
||||||
|
(hf_init_fpt)skein256_224_init,
|
||||||
|
(hf_nextBlock_fpt)skein256_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein256_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein256_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
const hfdesc_t skein256_256_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein256_256_str,
|
||||||
|
sizeof(skein256_ctx_t),
|
||||||
|
SKEIN256_BLOCKSIZE,
|
||||||
|
256,
|
||||||
|
(hf_init_fpt)skein256_256_init,
|
||||||
|
(hf_nextBlock_fpt)skein256_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein256_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein256_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
const hfdesc_t skein256_384_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein256_384_str,
|
||||||
|
sizeof(skein256_ctx_t),
|
||||||
|
SKEIN256_BLOCKSIZE,
|
||||||
|
384,
|
||||||
|
(hf_init_fpt)skein256_384_init,
|
||||||
|
(hf_nextBlock_fpt)skein256_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein256_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein256_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
const hfdesc_t skein256_512_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein256_512_str,
|
||||||
|
sizeof(skein256_ctx_t),
|
||||||
|
SKEIN256_BLOCKSIZE,
|
||||||
|
512,
|
||||||
|
(hf_init_fpt)skein256_512_init,
|
||||||
|
(hf_nextBlock_fpt)skein256_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein256_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein256_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
|
@ -0,0 +1,41 @@
|
||||||
|
/* hfal_skein256.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_skein256.h
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-03-13
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HFAL_SKEIN256_H_
|
||||||
|
#define HFAL_SKEIN256_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
|
||||||
|
extern const hfdesc_t skein256_128_desc;
|
||||||
|
extern const hfdesc_t skein256_160_desc;
|
||||||
|
extern const hfdesc_t skein256_224_desc;
|
||||||
|
extern const hfdesc_t skein256_256_desc;
|
||||||
|
extern const hfdesc_t skein256_384_desc;
|
||||||
|
extern const hfdesc_t skein256_512_desc;
|
||||||
|
|
||||||
|
#endif /* HFAL_SKEIN256_H_ */
|
|
@ -0,0 +1,162 @@
|
||||||
|
/* hfal_skein512.c */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_skein512.c
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-03-13
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
#include "skein.h"
|
||||||
|
|
||||||
|
|
||||||
|
static const char skein512_128_str[] = "Skein-512-128";
|
||||||
|
static const char skein512_160_str[] = "Skein-512-160";
|
||||||
|
static const char skein512_224_str[] = "Skein-512-224";
|
||||||
|
static const char skein512_256_str[] = "Skein-512-256";
|
||||||
|
static const char skein512_384_str[] = "Skein-512-384";
|
||||||
|
static const char skein512_512_str[] = "Skein-512-512";
|
||||||
|
static const char skein512_1024_str[] = "Skein-512-1024";
|
||||||
|
|
||||||
|
void skein512_128_init(skein512_ctx_t* ctx){
|
||||||
|
skein512_init(ctx, 128);
|
||||||
|
}
|
||||||
|
void skein512_160_init(skein512_ctx_t* ctx){
|
||||||
|
skein512_init(ctx, 160);
|
||||||
|
}
|
||||||
|
void skein512_224_init(skein512_ctx_t* ctx){
|
||||||
|
skein512_init(ctx, 224);
|
||||||
|
}
|
||||||
|
void skein512_256_init(skein512_ctx_t* ctx){
|
||||||
|
skein512_init(ctx, 256);
|
||||||
|
}
|
||||||
|
void skein512_384_init(skein512_ctx_t* ctx){
|
||||||
|
skein512_init(ctx, 384);
|
||||||
|
}
|
||||||
|
void skein512_512_init(skein512_ctx_t* ctx){
|
||||||
|
skein512_init(ctx, 512);
|
||||||
|
}
|
||||||
|
void skein512_1024_init(skein512_ctx_t* ctx){
|
||||||
|
skein512_init(ctx, 1024);
|
||||||
|
}
|
||||||
|
|
||||||
|
const hfdesc_t skein512_128_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein512_128_str,
|
||||||
|
sizeof(skein512_ctx_t),
|
||||||
|
SKEIN512_BLOCKSIZE,
|
||||||
|
128,
|
||||||
|
(hf_init_fpt)skein512_128_init,
|
||||||
|
(hf_nextBlock_fpt)skein512_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein512_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein512_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
const hfdesc_t skein512_160_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein512_160_str,
|
||||||
|
sizeof(skein512_ctx_t),
|
||||||
|
SKEIN512_BLOCKSIZE,
|
||||||
|
160,
|
||||||
|
(hf_init_fpt)skein512_160_init,
|
||||||
|
(hf_nextBlock_fpt)skein512_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein512_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein512_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
const hfdesc_t skein512_224_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein512_224_str,
|
||||||
|
sizeof(skein512_ctx_t),
|
||||||
|
SKEIN512_BLOCKSIZE,
|
||||||
|
224,
|
||||||
|
(hf_init_fpt)skein512_224_init,
|
||||||
|
(hf_nextBlock_fpt)skein512_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein512_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein512_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
const hfdesc_t skein512_256_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein512_256_str,
|
||||||
|
sizeof(skein512_ctx_t),
|
||||||
|
SKEIN512_BLOCKSIZE,
|
||||||
|
256,
|
||||||
|
(hf_init_fpt)skein512_256_init,
|
||||||
|
(hf_nextBlock_fpt)skein512_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein512_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein512_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
const hfdesc_t skein512_384_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein512_384_str,
|
||||||
|
sizeof(skein512_ctx_t),
|
||||||
|
SKEIN512_BLOCKSIZE,
|
||||||
|
384,
|
||||||
|
(hf_init_fpt)skein512_384_init,
|
||||||
|
(hf_nextBlock_fpt)skein512_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein512_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein512_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
const hfdesc_t skein512_512_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein512_512_str,
|
||||||
|
sizeof(skein512_ctx_t),
|
||||||
|
SKEIN512_BLOCKSIZE,
|
||||||
|
512,
|
||||||
|
(hf_init_fpt)skein512_512_init,
|
||||||
|
(hf_nextBlock_fpt)skein512_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein512_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein512_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
const hfdesc_t skein512_1024_desc = {
|
||||||
|
HFDESC_TYPE_HASHFUNCTION,
|
||||||
|
0,
|
||||||
|
skein512_1024_str,
|
||||||
|
sizeof(skein512_ctx_t),
|
||||||
|
SKEIN512_BLOCKSIZE,
|
||||||
|
1024,
|
||||||
|
(hf_init_fpt)skein512_1024_init,
|
||||||
|
(hf_nextBlock_fpt)skein512_nextBlock,
|
||||||
|
(hf_lastBlock_fpt)skein512_lastBlock,
|
||||||
|
(hf_ctx2hash_fpt)skein512_ctx2hash,
|
||||||
|
(hf_free_fpt)NULL,
|
||||||
|
(hf_mem_fpt)NULL
|
||||||
|
};
|
||||||
|
|
|
@ -0,0 +1,42 @@
|
||||||
|
/* hfal_skein512.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
/**
|
||||||
|
* \file hfal_skein512.h
|
||||||
|
* \email daniel.otte@rub.de
|
||||||
|
* \author Daniel Otte
|
||||||
|
* \date 2009-03-13
|
||||||
|
* \license GPLv3 or later
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HFAL_SKEIN512_H_
|
||||||
|
#define HFAL_SKEIN512_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include "hashfunction_descriptor.h"
|
||||||
|
|
||||||
|
extern const hfdesc_t skein512_128_desc;
|
||||||
|
extern const hfdesc_t skein512_160_desc;
|
||||||
|
extern const hfdesc_t skein512_224_desc;
|
||||||
|
extern const hfdesc_t skein512_256_desc;
|
||||||
|
extern const hfdesc_t skein512_384_desc;
|
||||||
|
extern const hfdesc_t skein512_512_desc;
|
||||||
|
extern const hfdesc_t skein512_1024_desc;
|
||||||
|
|
||||||
|
#endif /* HFAL_SHA512_H_ */
|
|
@ -0,0 +1,742 @@
|
||||||
|
#!/usr/bin/ruby
|
||||||
|
# bigint_test.rb
|
||||||
|
=begin
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008, 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
=end
|
||||||
|
|
||||||
|
$debug = true
|
||||||
|
$debug = false
|
||||||
|
require 'rubygems'
|
||||||
|
require 'serialport'
|
||||||
|
require 'getopt/std'
|
||||||
|
require 'ftools'
|
||||||
|
require 'date'
|
||||||
|
$buffer_size = 0
|
||||||
|
$conffile_check = Hash.new
|
||||||
|
$conffile_check.default = 0
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# readconfigfile #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def readconfigfile(fname, conf)
|
||||||
|
return conf if $conffile_check[fname]==1
|
||||||
|
$conffile_check[fname]=1
|
||||||
|
section = "default"
|
||||||
|
if not File.exists?(fname)
|
||||||
|
return conf
|
||||||
|
end
|
||||||
|
file = File.open(fname, "r")
|
||||||
|
until file.eof
|
||||||
|
line = file.gets()
|
||||||
|
next if /[\s]*#/.match(line)
|
||||||
|
if m=/\[[\s]*([^\s]*)[\s]*\]/.match(line)
|
||||||
|
section=m[1]
|
||||||
|
conf[m[1]] = Hash.new
|
||||||
|
next
|
||||||
|
end
|
||||||
|
next if not /=/.match(line)
|
||||||
|
m=/[\s]*([^\s]*)[\s]*=[\s]*([^\s]*)/.match(line)
|
||||||
|
if m[1]=="include"
|
||||||
|
Dir.glob(m[2]){ |fn| conf = readconfigfile(fn, conf) }
|
||||||
|
else
|
||||||
|
conf[section][m[1]] = m[2]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
file.close()
|
||||||
|
return conf
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# expmod #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def expmod(base, power, mod)
|
||||||
|
result = 1
|
||||||
|
while power > 0
|
||||||
|
result = (result * base) % mod if power & 1 == 1
|
||||||
|
base = (base * base) % mod
|
||||||
|
power >>= 1;
|
||||||
|
end
|
||||||
|
return result
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# gcdext #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def gcdext(x,y)
|
||||||
|
g=1
|
||||||
|
while(x&1==0 && y&1==0) do
|
||||||
|
x>>=1
|
||||||
|
y>>=1
|
||||||
|
g<<=1
|
||||||
|
end
|
||||||
|
u=x; v=y; a=1; b=0; c=0; d=1
|
||||||
|
begin
|
||||||
|
while(u&1==0) do
|
||||||
|
if(a%2==1 || b%2==1)
|
||||||
|
a += y
|
||||||
|
b -= x
|
||||||
|
end
|
||||||
|
u>>=1; a>>=1; b>>=1
|
||||||
|
end
|
||||||
|
while(v&1==0) do
|
||||||
|
if(c%2==1 || d%2==1)
|
||||||
|
c += y
|
||||||
|
d -= x
|
||||||
|
end
|
||||||
|
v>>=1; c>>=1; d>>=1;
|
||||||
|
end
|
||||||
|
if(u>=v)
|
||||||
|
u -= v; a-=c; b-=d
|
||||||
|
else
|
||||||
|
v -= u; c-=a; d-=b
|
||||||
|
end
|
||||||
|
end while(u!=0)
|
||||||
|
return[g*v, c, d]
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# reset_system #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def reset_system
|
||||||
|
$sp.print("exit\r")
|
||||||
|
sleep 0.1
|
||||||
|
$sp.print("exit\r")
|
||||||
|
sleep 0.1
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# init_system #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def init_system(test_prog)
|
||||||
|
$sp.print("echo off \r")
|
||||||
|
print("DBG i: " + "echo off \r"+"\n") if $debug
|
||||||
|
sleep 0.1
|
||||||
|
$sp.print("#{test_prog}\r")
|
||||||
|
print("DBG i: " + "#{test_prog} \r"+"\n") if $debug
|
||||||
|
sleep 1
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# screen_progress #
|
||||||
|
################################################################################
|
||||||
|
def screen_progress(v)
|
||||||
|
if $linepos==0
|
||||||
|
printf("\n%5d [%04d]: ", $testno, $size)
|
||||||
|
end
|
||||||
|
putc((v)?('*'):('!'))
|
||||||
|
$testno += 1
|
||||||
|
$linepos = ($linepos+1)%$linewidth
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# add_test #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def add_test(a,b)
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not /[\s]*enter a:[\s]*/.match(line)
|
||||||
|
$sp.print(a.to_s(16)+" ")
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not /[\s]*enter b:[\s]*/.match(line)
|
||||||
|
$sp.print(b.to_s(16)+" ")
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not m=/[\s]*([-]?[0-9a-fA-F]*)[\s]+\+[\s]+([+-]?[0-9a-fA-F]*)[\s]*=[\s]*([+-]?[0-9a-fA-F]*)/.match(line)
|
||||||
|
a_ = m[1].to_i(16)
|
||||||
|
b_ = m[2].to_i(16)
|
||||||
|
c_ = m[3].to_i(16)
|
||||||
|
line.chomp!
|
||||||
|
if(a_== a && b_ == b && c_ == (a+b))
|
||||||
|
$logfile.printf("[pass]: %s\n", line)
|
||||||
|
return true
|
||||||
|
else
|
||||||
|
$logfile.printf("[fail (%s%s%s)]: %s", (a==a_)?"":"a", (b==b_)?"":"b", (c_==a+b)?"":"c",line)
|
||||||
|
$logfile.printf(" ; should %s + %s = %s\n", a.to_s(16), b.to_s(16), (a+b).to_s(16))
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# mul_test #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def mul_test(a,b)
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not /[\s]*enter a:[\s]*/.match(line)
|
||||||
|
$sp.print(a.to_s(16)+" ")
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not /[\s]*enter b:[\s]*/.match(line)
|
||||||
|
$sp.print(b.to_s(16)+" ")
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not m=/[\s]*([+-]?[0-9a-fA-F]*)[\s]+\*[\s]+([+-]?[0-9a-fA-F]*)[\s]*=[\s]*([+-]?[0-9a-fA-F]*)/.match(line)
|
||||||
|
a_ = m[1].to_i(16)
|
||||||
|
b_ = m[2].to_i(16)
|
||||||
|
c_ = m[3].to_i(16)
|
||||||
|
line.chomp!
|
||||||
|
if(a_== a && b_ == b && c_ == (a*b))
|
||||||
|
$logfile.printf("[pass]: %s\n", line)
|
||||||
|
return true
|
||||||
|
else
|
||||||
|
$logfile.printf("[fail (%s%s%s)]: %s", (a==a_)?"":"a", (b==b_)?"":"b", (c_==a*b)?"":"c",line)
|
||||||
|
$logfile.printf(" ; should %s * %s = %s\n", a.to_s(16), b.to_s(16), (a*b).to_s(16))
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# square_test #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def square_test(a)
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not /[\s]*enter a:[\s]*/.match(line)
|
||||||
|
$sp.print(a.to_s(16)+" ")
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not m=/[\s]*([+-]?[0-9a-fA-F]*)[\s]*\*\*2[\s]*=[\s]*([+-]?[0-9a-fA-F]*)/.match(line)
|
||||||
|
a_ = m[1].to_i(16)
|
||||||
|
c_ = m[2].to_i(16)
|
||||||
|
line.chomp!
|
||||||
|
if(a_== a && c_ == (a**2))
|
||||||
|
$logfile.printf("[pass]: %s\n", line)
|
||||||
|
return true
|
||||||
|
else
|
||||||
|
$logfile.printf("[fail (%s%s)]: %s", (a==a_)?"":"a", (c_==a**2)?"":"c",line)
|
||||||
|
$logfile.printf(" ; should %s **2 = %s\n", a.to_s(16), (a**2).to_s(16))
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# reduce_test #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def reduce_test(a,b)
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not /[\s]*enter a:[\s]*/.match(line)
|
||||||
|
$sp.print(a.to_s(16)+" ")
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not /[\s]*enter b:[\s]*/.match(line)
|
||||||
|
$sp.print(b.to_s(16)+" ")
|
||||||
|
line=''
|
||||||
|
begin
|
||||||
|
line_tmp = $sp.gets()
|
||||||
|
line_tmp = '' if line_tmp==nil
|
||||||
|
line += line_tmp
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not m=/[\s]*([+-]?[0-9a-fA-F]*)[\s]+%[\s]+([+-]?[0-9a-fA-F]*)[\s]*=[\s]*([+-]?[0-9a-fA-F]+)/.match(line)
|
||||||
|
a_ = m[1].to_i(16)
|
||||||
|
b_ = m[2].to_i(16)
|
||||||
|
c_ = m[3].to_i(16)
|
||||||
|
line.chomp!
|
||||||
|
if(a_== a && b_ == b && c_ == (a%b))
|
||||||
|
$logfile.printf("[pass]: %s\n", line)
|
||||||
|
return true
|
||||||
|
else
|
||||||
|
$logfile.printf("[fail (%s%s%s)]: %s", (a==a_)?"":"a", (b==b_)?"":"b", (c_==a%b)?"":"c",line)
|
||||||
|
$logfile.printf(" ; should %s %% %s = %s\n", a.to_s(16), b.to_s(16), (a%b).to_s(16))
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# expmod_test #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def expmod_test(a,b,c)
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not /[\s]*enter a:[\s]*/.match(line)
|
||||||
|
$sp.print(a.to_s(16)+" ")
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not /[\s]*enter b:[\s]*/.match(line)
|
||||||
|
$sp.print(b.to_s(16)+" ")
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not /[\s]*enter c:[\s]*/.match(line)
|
||||||
|
$sp.print(c.to_s(16)+" ")
|
||||||
|
line=''
|
||||||
|
begin
|
||||||
|
line_tmp = $sp.gets()
|
||||||
|
line_tmp = '' if line_tmp==nil
|
||||||
|
line += line_tmp
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not m=/[\s]*([+-]?[0-9a-fA-F]*)\*\*([+-]?[0-9a-fA-F]*)[\s]+%[\s]+([+-]?[0-9a-fA-F]*)[\s]*=[\s]*([+-]?[0-9a-fA-F]+)/.match(line)
|
||||||
|
a_ = m[1].to_i(16)
|
||||||
|
b_ = m[2].to_i(16)
|
||||||
|
c_ = m[3].to_i(16)
|
||||||
|
d_ = m[4].to_i(16)
|
||||||
|
line.chomp!
|
||||||
|
if(a_== a && b_ == b && c_ == c && d_ ==expmod(a,b,c) )
|
||||||
|
$logfile.printf("[pass]: %s\n", line)
|
||||||
|
return true
|
||||||
|
else
|
||||||
|
$logfile.printf("[fail (%s%s%s%s)]: %s", (a==a_)?'':'a', (b==b_)?'':'b', (c_==c)?'':'c', (d_==expmod(a,b,c))?'':'d',line)
|
||||||
|
$logfile.printf(" ; should %s**%s %% %s = %s\n", a.to_s(16), b.to_s(16), c.to_s(16), expmod(a,b,c).to_s(16))
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# gcdext_test #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def gcdext_test(a,b)
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not /[\s]*enter a:[\s]*/.match(line)
|
||||||
|
$sp.print(a.to_s(16)+" ")
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not /[\s]*enter b:[\s]*/.match(line)
|
||||||
|
$sp.print(b.to_s(16)+" ")
|
||||||
|
line=''
|
||||||
|
begin
|
||||||
|
line_tmp = $sp.gets()
|
||||||
|
line_tmp = '' if line_tmp==nil
|
||||||
|
line = '' if line.end_with?('\n')
|
||||||
|
line += line_tmp
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
if /^Error:.*/.match(line)
|
||||||
|
puts line
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
end while not m=/gcdext\([\s]*([+-]?[0-9a-fA-F]*)[\s]*,[\s]*([+-]?[0-9a-fA-F]*)[\s]*\)[\s]*=> a = ([+-]?[0-9a-fA-F]+); b = ([+-]?[0-9a-fA-F]+); gcd = ([+-]?[0-9a-fA-F]+)/.match(line)
|
||||||
|
a_ = m[1].to_i(16)
|
||||||
|
b_ = m[2].to_i(16)
|
||||||
|
c_ = m[3].to_i(16)
|
||||||
|
d_ = m[4].to_i(16)
|
||||||
|
e_ = m[5].to_i(16)
|
||||||
|
line.chomp!
|
||||||
|
line.gsub!("\r",'')
|
||||||
|
line.gsub!("\n",'')
|
||||||
|
ref = gcdext(a,b)
|
||||||
|
if(a_== a && b_ == b && c_ == ref[1] && d_ == ref[2] && e_== ref[0])
|
||||||
|
$logfile.printf("[pass]: %s\n", line)
|
||||||
|
return true
|
||||||
|
else
|
||||||
|
$logfile.printf("[fail (%s%s%s%s%s)]: %s", (a==a_)?'':'a', (b==b_)?'':'b',
|
||||||
|
(c_==ref[1])?'':'c', (d_==ref[2])?'':'d', (e_==ref[0])?'':'e', line)
|
||||||
|
$logfile.printf(" ; should gcdext( %s, %s) => a = %s; b = %s; gcd = %s\n",
|
||||||
|
a.to_s(16), b.to_s(16), ref[1].to_s(16), ref[2].to_s(16), ref[0].to_s(16))
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# run_test_add #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def run_test_add(skip=0)
|
||||||
|
length_a_B = skip+1
|
||||||
|
length_b_B = skip+1
|
||||||
|
begin
|
||||||
|
$size = length_a_B
|
||||||
|
(0..16).each do |i|
|
||||||
|
s_a = rand(2)*2-1
|
||||||
|
s_b = rand(2)*2-1
|
||||||
|
a = rand(256**length_a_B) * s_a
|
||||||
|
b = rand(256**length_a_B) * s_b
|
||||||
|
v = add_test(a, b)
|
||||||
|
screen_progress(v)
|
||||||
|
v = add_test(b, a)
|
||||||
|
screen_progress(v)
|
||||||
|
end
|
||||||
|
(0..16).each do |i|
|
||||||
|
s_a = rand(2)-1
|
||||||
|
s_b = rand(2)-1
|
||||||
|
b_size = rand(length_b_B+1)
|
||||||
|
a = rand(256**length_a_B) * s_a
|
||||||
|
b = rand(256**b_size) * s_b
|
||||||
|
v = add_test(a, b)
|
||||||
|
screen_progress(v)
|
||||||
|
v = add_test(b, a)
|
||||||
|
screen_progress(v)
|
||||||
|
|
||||||
|
end
|
||||||
|
length_a_B += 1
|
||||||
|
length_b_B += 1
|
||||||
|
end while length_a_B<4096/8
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# run_test_mul #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def run_test_mul(skip=0)
|
||||||
|
length_a_B = skip+1
|
||||||
|
length_b_B = skip+1
|
||||||
|
begin
|
||||||
|
$size = length_a_B
|
||||||
|
(0..16).each do |i|
|
||||||
|
s_a = rand(2)*2-1
|
||||||
|
s_b = rand(2)*2-1
|
||||||
|
a = rand(256**length_a_B) * s_a
|
||||||
|
b = rand(256**length_a_B) * s_b
|
||||||
|
v = mul_test(a, b)
|
||||||
|
screen_progress(v)
|
||||||
|
v = mul_test(b, a)
|
||||||
|
screen_progress(v)
|
||||||
|
end
|
||||||
|
(0..16).each do |i|
|
||||||
|
s_a = rand(2)-1
|
||||||
|
s_b = rand(2)-1
|
||||||
|
b_size = rand(length_b_B+1)
|
||||||
|
a = rand(256**length_a_B) * s_a
|
||||||
|
b = rand(256**b_size) * s_b
|
||||||
|
v = mul_test(a, b)
|
||||||
|
screen_progress(v)
|
||||||
|
v = mul_test(b, a)
|
||||||
|
screen_progress(v)
|
||||||
|
end
|
||||||
|
length_a_B += 1
|
||||||
|
length_b_B += 1
|
||||||
|
end while length_a_B<4096/8
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# run_test_square #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def run_test_square(skip=0)
|
||||||
|
length_a_B = skip+1
|
||||||
|
begin
|
||||||
|
$size = length_a_B
|
||||||
|
(0..16).each do |i|
|
||||||
|
a = rand(256**length_a_B)
|
||||||
|
v = square_test(a)
|
||||||
|
screen_progress(v)
|
||||||
|
end
|
||||||
|
length_a_B += 1
|
||||||
|
end while length_a_B<4096/8
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# run_test_reduce #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def run_test_reduce(skip=0)
|
||||||
|
length_a_B = skip+1
|
||||||
|
length_b_B = skip+1
|
||||||
|
begin
|
||||||
|
$size = length_a_B
|
||||||
|
(0..16).each do |i|
|
||||||
|
a = rand(256**length_a_B)
|
||||||
|
b = rand(256**length_a_B)+1
|
||||||
|
v = reduce_test(a, b)
|
||||||
|
screen_progress(v)
|
||||||
|
end
|
||||||
|
(0..16).each do |i|
|
||||||
|
b_size = rand(length_b_B+1)
|
||||||
|
a = rand(256**length_a_B)
|
||||||
|
b = rand(256**b_size)+1
|
||||||
|
v = reduce_test(a, b)
|
||||||
|
screen_progress(v)
|
||||||
|
end
|
||||||
|
length_a_B += 1
|
||||||
|
length_b_B += 1
|
||||||
|
end while length_a_B<4096/8
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# run_test_expmod #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def run_test_expmod(skip=0)
|
||||||
|
length_a_B = skip+1
|
||||||
|
length_b_B = skip+1
|
||||||
|
length_c_B = skip+1
|
||||||
|
begin
|
||||||
|
$size = length_a_B
|
||||||
|
(0..16).each do |i|
|
||||||
|
a = rand(256**length_a_B)
|
||||||
|
b = rand(256**length_b_B)+1
|
||||||
|
c = rand(256**length_c_B)+1
|
||||||
|
v = expmod_test(a, b, c)
|
||||||
|
screen_progress(v)
|
||||||
|
end
|
||||||
|
(0..16).each do |i|
|
||||||
|
b_size = rand(length_b_B+1)
|
||||||
|
a = rand(256**length_a_B)
|
||||||
|
b = rand(256**b_size)+1
|
||||||
|
c = rand(256**b_size)+1
|
||||||
|
v = expmod_test(a, b, c)
|
||||||
|
screen_progress(v)
|
||||||
|
end
|
||||||
|
length_a_B += 1
|
||||||
|
length_b_B += 1
|
||||||
|
end while length_a_B<4096/8
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# run_test_gcdext #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def run_test_gcdext(skip=0)
|
||||||
|
length_a_B = skip+1
|
||||||
|
length_b_B = skip+1
|
||||||
|
begin
|
||||||
|
$size = length_a_B
|
||||||
|
(0..16).each do |i|
|
||||||
|
a = rand(256**length_a_B)
|
||||||
|
b = rand(256**length_a_B)+1
|
||||||
|
v = gcdext_test(a, b)
|
||||||
|
$logfile.flush()
|
||||||
|
screen_progress(v)
|
||||||
|
end
|
||||||
|
(0..16).each do |i|
|
||||||
|
b_size = rand(length_b_B+1)
|
||||||
|
a = rand(256**length_a_B)
|
||||||
|
b = rand(256**b_size)+1
|
||||||
|
v = gcdext_test(a, b)
|
||||||
|
$logfile.flush()
|
||||||
|
screen_progress(v)
|
||||||
|
end
|
||||||
|
length_a_B += 1
|
||||||
|
length_b_B += 1
|
||||||
|
end while length_a_B<4096/8
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# MAIN #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
opts = Getopt::Std.getopts("s:f:i:a:hd")
|
||||||
|
|
||||||
|
conf = Hash.new
|
||||||
|
conf = readconfigfile("/etc/testport.conf", conf)
|
||||||
|
conf = readconfigfile("~/.testport.conf", conf)
|
||||||
|
conf = readconfigfile("testport.conf", conf)
|
||||||
|
conf = readconfigfile(opts["f"], conf) if opts["f"]
|
||||||
|
|
||||||
|
#puts conf.inspect
|
||||||
|
|
||||||
|
puts("serial port interface version: " + SerialPort::VERSION);
|
||||||
|
$linewidth = 64
|
||||||
|
$linepos = 0
|
||||||
|
$testno = 0
|
||||||
|
params = { "baud" => conf["PORT"]["baud"].to_i,
|
||||||
|
"data_bits" => conf["PORT"]["databits"].to_i,
|
||||||
|
"stop_bits" => conf["PORT"]["stopbits"].to_i,
|
||||||
|
"parity" => SerialPort::NONE }
|
||||||
|
params["paraty"] = SerialPort::ODD if conf["PORT"]["paraty"].downcase == "odd"
|
||||||
|
params["paraty"] = SerialPort::EVEN if conf["PORT"]["paraty"].downcase == "even"
|
||||||
|
params["paraty"] = SerialPort::MARK if conf["PORT"]["paraty"].downcase == "mark"
|
||||||
|
params["paraty"] = SerialPort::SPACE if conf["PORT"]["paraty"].downcase == "space"
|
||||||
|
|
||||||
|
puts("\nPort: "+conf["PORT"]["port"]+"@" +
|
||||||
|
params["baud"].to_s +
|
||||||
|
" " +
|
||||||
|
params["data_bits"].to_s +
|
||||||
|
conf["PORT"]["paraty"][0,1].upcase +
|
||||||
|
params["stop_bits"].to_s +
|
||||||
|
"\n")
|
||||||
|
|
||||||
|
$sp = SerialPort.new(conf["PORT"]["port"], params)
|
||||||
|
|
||||||
|
$sp.read_timeout=1000; # 5 minutes
|
||||||
|
$sp.flow_control = SerialPort::SOFT
|
||||||
|
|
||||||
|
reset_system()
|
||||||
|
|
||||||
|
if opts['d']
|
||||||
|
$debug = true
|
||||||
|
end
|
||||||
|
|
||||||
|
logfilename = conf['PORT']['testlogbase']+'bigint.txt'
|
||||||
|
if File.exists?(logfilename)
|
||||||
|
i=1
|
||||||
|
begin
|
||||||
|
logfilename = sprintf('%s%04d%s', conf['PORT']['testlogbase']+'bigint_',i,'.txt')
|
||||||
|
i+=1
|
||||||
|
end while(File.exists?(logfilename))
|
||||||
|
while(i>2) do
|
||||||
|
File.move(sprintf('%s%04d%s', conf['PORT']['testlogbase']+'bigint_',i-2,'.txt'),
|
||||||
|
sprintf('%s%04d%s', conf['PORT']['testlogbase']+'bigint_',i-1,'.txt'), true)
|
||||||
|
i-=1
|
||||||
|
end
|
||||||
|
File.move(sprintf('%s%s', conf['PORT']['testlogbase'],'bigint.txt'),
|
||||||
|
sprintf('%s%04d%s', conf['PORT']['testlogbase']+'bigint_',1,'.txt'), true)
|
||||||
|
logfilename = conf['PORT']['testlogbase']+'bigint.txt'
|
||||||
|
end
|
||||||
|
$logfile = File.open(logfilename, 'w')
|
||||||
|
printf("logfile: %s\n", logfilename)
|
||||||
|
|
||||||
|
$logfile.printf("bigint test from: %s\n", Time.now.to_s)
|
||||||
|
$logfile.printf("skip = %s\n", opts['s']) if opts['s']
|
||||||
|
$logfile.printf("seed = 0x%X\n", 0xdeadbeef)
|
||||||
|
|
||||||
|
tests = Hash.new
|
||||||
|
tests['a'] = proc {|x| run_test_add(x) }
|
||||||
|
tests['m'] = proc {|x| run_test_mul(x) }
|
||||||
|
tests['s'] = proc {|x| run_test_square(x) }
|
||||||
|
tests['r'] = proc {|x| run_test_reduce(x) }
|
||||||
|
tests['e'] = proc {|x| run_test_expmod(x) }
|
||||||
|
tests['g'] = proc {|x| run_test_gcdext(x) }
|
||||||
|
init_str = Hash.new
|
||||||
|
init_str['a'] = 'add-test'
|
||||||
|
init_str['m'] = 'mul-test'
|
||||||
|
init_str['s'] = 'square-test'
|
||||||
|
init_str['r'] = 'reduce-test'
|
||||||
|
init_str['e'] = 'expmod-test'
|
||||||
|
init_str['g'] = 'gcdext-test'
|
||||||
|
|
||||||
|
srand(0xdeadbeef)
|
||||||
|
|
||||||
|
if opts['a']
|
||||||
|
opts['a'].each_char do |x|
|
||||||
|
if tests[x]
|
||||||
|
puts init_str[x]
|
||||||
|
init_system(init_str[x])
|
||||||
|
tests[x].call(opts['s']?opts['s'].to_i():0)
|
||||||
|
else
|
||||||
|
puts "no test defiened for '#{x}'"
|
||||||
|
end
|
||||||
|
end
|
||||||
|
else
|
||||||
|
'amsre'.each_char do |x|
|
||||||
|
if tests[x]
|
||||||
|
puts init_str[x]
|
||||||
|
init_system(init_str[x])
|
||||||
|
tests[x].call(opts['s']?opts['s'].to_i():0)
|
||||||
|
else
|
||||||
|
puts "no test defiened for '#{x}'"
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
$logile.close()
|
|
@ -0,0 +1,26 @@
|
||||||
|
#!/usr/bin/ruby
|
||||||
|
#
|
||||||
|
#
|
||||||
|
|
||||||
|
while(!$stdin.eof) do
|
||||||
|
line = $stdin.readline
|
||||||
|
|
||||||
|
if match = /[\s]*((T|IN|OUT)[0-9]{1,2})[\s]*=[\s]*((T|IN|OUT)[0-9]{1,2})[\s]*([|^&])[\s]*((T|IN|OUT)[0-9]{1,2})[\s]*;/.match(line)
|
||||||
|
puts(" mov "+match[1]+", "+match[3])
|
||||||
|
case match[5]
|
||||||
|
when '|'
|
||||||
|
conductor = "or "
|
||||||
|
when '^'
|
||||||
|
conductor = "eor "
|
||||||
|
when '&'
|
||||||
|
conductor = "and "
|
||||||
|
else
|
||||||
|
fprintf($stderr,"ERROR")
|
||||||
|
end
|
||||||
|
puts(" "+conductor+match[1]+", "+match[6])
|
||||||
|
|
||||||
|
else
|
||||||
|
puts(line)
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
|
@ -0,0 +1,359 @@
|
||||||
|
#!/usr/bin/ruby
|
||||||
|
# cmacvs_test.rb
|
||||||
|
=begin
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008, 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
=end
|
||||||
|
|
||||||
|
$debug = true
|
||||||
|
$debug = false
|
||||||
|
require 'rubygems'
|
||||||
|
require 'serialport'
|
||||||
|
require 'getopt/std'
|
||||||
|
|
||||||
|
$buffer_size = 0
|
||||||
|
$conffile_check = Hash.new
|
||||||
|
$conffile_check.default = 0
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# readconfigfile #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def readconfigfile(fname, conf)
|
||||||
|
return conf if $conffile_check[fname]==1
|
||||||
|
$conffile_check[fname]=1
|
||||||
|
section = "default"
|
||||||
|
if not File.exists?(fname)
|
||||||
|
return conf
|
||||||
|
end
|
||||||
|
file = File.open(fname, "r")
|
||||||
|
until file.eof
|
||||||
|
line = file.gets()
|
||||||
|
next if /[\s]*#/.match(line)
|
||||||
|
if m=/\[[\s]*([^\s]*)[\s]*\]/.match(line)
|
||||||
|
section=m[1]
|
||||||
|
conf[m[1]] = Hash.new
|
||||||
|
next
|
||||||
|
end
|
||||||
|
next if not /=/.match(line)
|
||||||
|
m=/[\s]*([^\s]*)[\s]*=[\s]*([^\s]*)/.match(line)
|
||||||
|
if m[1]=="include"
|
||||||
|
Dir.glob(m[2]){ |fn| conf = readconfigfile(fn, conf) }
|
||||||
|
else
|
||||||
|
conf[section][m[1]] = m[2]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
file.close()
|
||||||
|
return conf
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# reset_system #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def reset_system
|
||||||
|
$sp.print("exit\r")
|
||||||
|
sleep 0.1
|
||||||
|
$sp.print("exit\r")
|
||||||
|
sleep 0.1
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# scan_system #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def scan_system
|
||||||
|
algos = Hash.new
|
||||||
|
$sp.print("cmacvs_list\r")
|
||||||
|
while true
|
||||||
|
line=$sp.gets()
|
||||||
|
return algos if /^>$/.match(line)
|
||||||
|
if m = /[\*\ ]([a-z]):[\s]*([a-zA-Z0-9+_-]+)/.match(line)
|
||||||
|
algos[m[2]]=m[1]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# init_system #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def init_system(algo_select, algo_id)
|
||||||
|
$sp.print("echo off \r")
|
||||||
|
print("DBG i: " + "echo off \r"+"\n") if $debug
|
||||||
|
sleep 1
|
||||||
|
$sp.print("cmacvs_set #{algo_select}\r")
|
||||||
|
print("DBG i: " + "cmacvs_set #{$algo_select} \r"+"\n") if $debug
|
||||||
|
sleep 1
|
||||||
|
$sp.print("cmacvs_test#{algo_id} \r")
|
||||||
|
print("DBG i: " + "cmacvs_test#{algo_id} \r"+"\n") if $debug
|
||||||
|
begin
|
||||||
|
line=$sp.gets()
|
||||||
|
end while not m=/buffer_size[\s]*=[\s]*0x([0-9A-Fa-f]*)/.match(line)
|
||||||
|
$buffer_size = m[1].to_i(16)
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# get_md #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def get_mac
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
end while not /[\s]*Mac[\s]*=.*/.match(line)
|
||||||
|
return line
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# get_result #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def get_result
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
end while not /[\s]*Result[\s]*=.*/.match(line)
|
||||||
|
puts "DBG i: got result: "+line if $debug
|
||||||
|
return line
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# send_md #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def send_test(klen, mlen, tlen, key, msg, mac=nil)
|
||||||
|
$sp.printf("Klen = %s\n\r", klen)
|
||||||
|
$sp.printf("Mlen = %s\n\r", mlen)
|
||||||
|
$sp.printf("Tlen = %s\n\r", tlen)
|
||||||
|
$sp.printf("Key = %s\n\r", key)
|
||||||
|
$sp.print("Msg = ")
|
||||||
|
for i in 0..msg.length-1
|
||||||
|
$sp.print(msg[i].chr)
|
||||||
|
# print("DBG s: "+ md_string[i].chr) if $debug
|
||||||
|
# sleep(0.001)
|
||||||
|
if((i%($buffer_size*2)==0)&&(i!=0))
|
||||||
|
begin
|
||||||
|
line=$sp.gets()
|
||||||
|
end while not /\./.match(line)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
$sp.printf("Mac = %s\n\r", mac) if mac
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# get_next_kv_pair #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def get_next_kv_pair(file)
|
||||||
|
loop do
|
||||||
|
return nil if file.eof
|
||||||
|
lb = file.gets()
|
||||||
|
m=lb.match(/[\s]*([\w\d_-]*)[\s]*=[\s]*([\w\d_-]*)/)
|
||||||
|
puts "DBG i: found #{m[1]} with value #{m[2]}" if m && $debug
|
||||||
|
return [m[1],m[2]] if m
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# run_test_gen #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def run_test_gen(filename, skip=0)
|
||||||
|
nerrors = 0
|
||||||
|
line=1
|
||||||
|
if not File.exist?(filename)
|
||||||
|
puts("ERROR file "+filename+" does not exist!")
|
||||||
|
return nerrors
|
||||||
|
end
|
||||||
|
pos = 0
|
||||||
|
file = File.new(filename, "r");
|
||||||
|
until file.eof
|
||||||
|
params = Hash.new
|
||||||
|
begin
|
||||||
|
m = get_next_kv_pair(file)
|
||||||
|
return nerrors if m==nil
|
||||||
|
params[m[0]] = m[1]
|
||||||
|
end until m[0]=='Mac'
|
||||||
|
if(skip>0)
|
||||||
|
skip -= 1
|
||||||
|
redo
|
||||||
|
end
|
||||||
|
puts("DBG sending: ") if $debug
|
||||||
|
send_test(params['Klen'], params['Mlen'], params['Tlen'], params['Key'], params['Msg'])
|
||||||
|
avr_md = get_mac()
|
||||||
|
a = params['Mac'];
|
||||||
|
b = (/[\s]*Mac[\s]*=[\s]*([0-9a-fA-F]*).*/.match(avr_md))[1];
|
||||||
|
a.upcase!
|
||||||
|
b.upcase!
|
||||||
|
printf("\n%4d (%4d) [%5d]: ", line, (line-1)*$linewidth, params['Count']) if (pos%$linewidth==0 and $linewidth!=0)
|
||||||
|
line += 1 if (pos%$linewidth==0 and $linewidth!=0)
|
||||||
|
#sleep(1)
|
||||||
|
#putc((a==b)?'*':'!')
|
||||||
|
if(a==b)
|
||||||
|
putc('*')
|
||||||
|
else
|
||||||
|
putc('!')
|
||||||
|
# printf("<%d>",len)
|
||||||
|
printf("\nError @%05d: %s [should]\n != %s [is]- ", params['Count'].to_i , a, b)
|
||||||
|
nerrors += 1
|
||||||
|
end
|
||||||
|
pos += 1
|
||||||
|
end
|
||||||
|
file.close()
|
||||||
|
return nerrors
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# run_test_ver #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def run_test_ver(filename, skip=0)
|
||||||
|
nerrors = 0
|
||||||
|
line=1
|
||||||
|
if not File.exist?(filename)
|
||||||
|
puts("ERROR file "+filename+" does not exist!")
|
||||||
|
return nerrors
|
||||||
|
end
|
||||||
|
pos = 0
|
||||||
|
file = File.new(filename, "r");
|
||||||
|
until file.eof
|
||||||
|
params = Hash.new
|
||||||
|
begin
|
||||||
|
m = get_next_kv_pair(file)
|
||||||
|
return nerrors if m==nil
|
||||||
|
params[m[0]] = m[1]
|
||||||
|
end until m[0]=='Result'
|
||||||
|
if(skip>0)
|
||||||
|
skip -= 1
|
||||||
|
redo
|
||||||
|
end
|
||||||
|
puts("DBG sending: ") if $debug
|
||||||
|
send_test(params['Klen'], params['Mlen'], params['Tlen'], params['Key'], params['Msg'], params['Mac'])
|
||||||
|
avr_res = get_result()
|
||||||
|
a = params['Result'].match(/[\s]*([PF])/)[1];
|
||||||
|
b = /[\s]*Result[\s]*=[\s]*([PF])/.match(avr_res)[1];
|
||||||
|
a.upcase!
|
||||||
|
b.upcase!
|
||||||
|
printf("\n%4d (%4d) [%5d]: ", line, (line-1)*$linewidth, params['Count']) if (pos%$linewidth==0 and $linewidth!=0)
|
||||||
|
line += 1 if (pos%$linewidth==0 and $linewidth!=0)
|
||||||
|
#sleep(1)
|
||||||
|
#putc((a==b)?'*':'!')
|
||||||
|
if(a==b)
|
||||||
|
putc('*')
|
||||||
|
else
|
||||||
|
putc('!')
|
||||||
|
# printf("<%d>",len)
|
||||||
|
printf("\nError @%05d: %s [should]\n != %s [is]- ", params['Count'].to_i , a, b)
|
||||||
|
nerrors += 1
|
||||||
|
end
|
||||||
|
pos += 1
|
||||||
|
end
|
||||||
|
file.close()
|
||||||
|
return nerrors
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# MAIN #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
opts = Getopt::Std.getopts("s:f:i:j:hdca")
|
||||||
|
|
||||||
|
conf = Hash.new
|
||||||
|
conf = readconfigfile("/etc/testport.conf", conf)
|
||||||
|
conf = readconfigfile("~/.testport.conf", conf)
|
||||||
|
conf = readconfigfile("testport.conf", conf)
|
||||||
|
conf = readconfigfile(opts["f"], conf) if opts["f"]
|
||||||
|
|
||||||
|
#puts conf.inspect
|
||||||
|
|
||||||
|
puts("serial port interface version: " + SerialPort::VERSION);
|
||||||
|
$linewidth = 64
|
||||||
|
params = { "baud" => conf["PORT"]["baud"].to_i,
|
||||||
|
"data_bits" => conf["PORT"]["databits"].to_i,
|
||||||
|
"stop_bits" => conf["PORT"]["stopbits"].to_i,
|
||||||
|
"parity" => SerialPort::NONE }
|
||||||
|
params["paraty"] = SerialPort::ODD if conf["PORT"]["paraty"].downcase == "odd"
|
||||||
|
params["paraty"] = SerialPort::EVEN if conf["PORT"]["paraty"].downcase == "even"
|
||||||
|
params["paraty"] = SerialPort::MARK if conf["PORT"]["paraty"].downcase == "mark"
|
||||||
|
params["paraty"] = SerialPort::SPACE if conf["PORT"]["paraty"].downcase == "space"
|
||||||
|
|
||||||
|
puts("\nPort: "+conf["PORT"]["port"]+"@" +
|
||||||
|
params["baud"].to_s +
|
||||||
|
" " +
|
||||||
|
params["data_bits"].to_s +
|
||||||
|
conf["PORT"]["paraty"][0,1].upcase +
|
||||||
|
params["stop_bits"].to_s +
|
||||||
|
"\n")
|
||||||
|
|
||||||
|
$sp = SerialPort.new(conf["PORT"]["port"], params)
|
||||||
|
|
||||||
|
$sp.read_timeout=1000; # 5 minutes
|
||||||
|
$sp.flow_control = SerialPort::SOFT
|
||||||
|
|
||||||
|
reset_system()
|
||||||
|
algos=scan_system()
|
||||||
|
#puts algos.inspect
|
||||||
|
|
||||||
|
if opts["d"]
|
||||||
|
$debug = true
|
||||||
|
end
|
||||||
|
|
||||||
|
if opts["s"]
|
||||||
|
algos_rev = algos.invert
|
||||||
|
algo_tasks = Array.new
|
||||||
|
opts["s"].each_byte{ |x|
|
||||||
|
if algos_rev[x.chr]
|
||||||
|
algo_tasks << [algos_rev[x.chr],x.chr]
|
||||||
|
end
|
||||||
|
}
|
||||||
|
else
|
||||||
|
algo_tasks=algos.sort
|
||||||
|
end
|
||||||
|
|
||||||
|
algo_tasks.each do |algoa|
|
||||||
|
algo = algoa[0]
|
||||||
|
if conf[algo]==nil
|
||||||
|
puts("No test-set defined for #{algo} \r\n")
|
||||||
|
next
|
||||||
|
else
|
||||||
|
i=0
|
||||||
|
i = opts["j"] if opts["j"]
|
||||||
|
logfile=File.open(conf["PORT"]["testlogbase"]+algo+".txt", "a")
|
||||||
|
while conf[algo]["file_#{i}"] != nil
|
||||||
|
puts("Testing #{algo} with #{conf[algo]["file_#{i}"]}")
|
||||||
|
reset_system()
|
||||||
|
init_system(algoa[1], (conf[algo]["file_#{i}_test"]=='gen')?'1':'2')
|
||||||
|
skip=0
|
||||||
|
skip=opts["i"].to_i if opts["i"]
|
||||||
|
nerrors=run_test_gen(conf[algo]["file_#{i}"], skip) if conf[algo]["file_#{i}_test"]=='gen'
|
||||||
|
nerrors=run_test_ver(conf[algo]["file_#{i}"], skip) if conf[algo]["file_#{i}_test"]=='ver'
|
||||||
|
if nerrors == 0
|
||||||
|
puts("\n[ok]")
|
||||||
|
logfile.puts("[ok] "+conf[algo]["file_#{i}"]+ " ("+Time.now.to_s()+")")
|
||||||
|
else
|
||||||
|
puts("\n[errors: "+ nerrors.to_s() +"]")
|
||||||
|
logfile.puts("[error] "+nerrors.to_s+" "+conf[algo]["file_#{i}"]+ " ("+Time.now.to_s()+")")
|
||||||
|
end
|
||||||
|
i += 1
|
||||||
|
end
|
||||||
|
logfile.close()
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,93 @@
|
||||||
|
#!/usr/bin/ruby
|
||||||
|
# create-algo-impl-relation.rb
|
||||||
|
=begin
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008, 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
=end
|
||||||
|
|
||||||
|
SPEED_DIR = 'speed_log/'
|
||||||
|
SIZE_DIR = 'size_log/'
|
||||||
|
OUT_DIR = 'algo_implementation/'
|
||||||
|
|
||||||
|
$debug = false
|
||||||
|
require 'rubygems'
|
||||||
|
require 'getopt/std'
|
||||||
|
require 'ftools'
|
||||||
|
|
||||||
|
def get_module_names(finname)
|
||||||
|
ret = Array.new
|
||||||
|
f = File.open(finname, 'r')
|
||||||
|
f.gets # first line is ignored
|
||||||
|
while(l=f.gets())
|
||||||
|
if m=l.match(/[\s]([^\s]*)$/)
|
||||||
|
ret << m[1]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
f.close()
|
||||||
|
return ret
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
def mkalgoimplrelation_file(foutname, finname, algos)
|
||||||
|
if algos==nil
|
||||||
|
puts "ERROR: algos==nil! fout=#{foutname} fin=#{finname}"
|
||||||
|
return
|
||||||
|
end
|
||||||
|
if File.exists?(foutname)
|
||||||
|
puts "File #{foutname} already exists!"
|
||||||
|
return
|
||||||
|
end
|
||||||
|
modules = get_module_names(finname).join(' ')
|
||||||
|
f = File.open(foutname, 'w')
|
||||||
|
algos.each do |algo|
|
||||||
|
f.puts(algo+': '+modules)
|
||||||
|
end
|
||||||
|
f.close()
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
if not File.directory?(SPEED_DIR)
|
||||||
|
puts "ERROR: #{SPEED_DIR} is no directory!"
|
||||||
|
return -1
|
||||||
|
end
|
||||||
|
|
||||||
|
if not File.directory?(SIZE_DIR)
|
||||||
|
puts "ERROR: #{SIZE_DIR} is no directory!"
|
||||||
|
return -1
|
||||||
|
end
|
||||||
|
|
||||||
|
if not File.directory?(OUT_DIR)
|
||||||
|
puts "ERROR: #{OUT_DIR} is no directory!"
|
||||||
|
return -1
|
||||||
|
end
|
||||||
|
|
||||||
|
list = Dir.entries(SPEED_DIR)
|
||||||
|
algo_list = Hash.new
|
||||||
|
list.each do |entry|
|
||||||
|
if m=entry.match(/([^.]*)\.([^.]*)\.txt/)
|
||||||
|
algo_list[m[2]] = Array.new if algo_list[m[2]]==nil
|
||||||
|
algo_list[m[2]] << m[1]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
list = Dir.entries(SIZE_DIR)
|
||||||
|
list.each do |entry|
|
||||||
|
if m=entry.match(/([^.]*)\.size/)
|
||||||
|
mkalgoimplrelation_file(OUT_DIR+m[1]+'.algos', SIZE_DIR+entry, algo_list[m[1]])
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,162 @@
|
||||||
|
#!/usr/bin/ruby
|
||||||
|
# performnce to wiki
|
||||||
|
|
||||||
|
=begin
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
=end
|
||||||
|
|
||||||
|
=begin
|
||||||
|
=== Twister-256 performance ===
|
||||||
|
type: hash
|
||||||
|
hashsize (bits): 256
|
||||||
|
ctxsize (bytes): 80
|
||||||
|
blocksize (bits): 512
|
||||||
|
init (cycles): 425
|
||||||
|
nextBlock (cycles): 36535
|
||||||
|
lastBlock (cycles): 8071
|
||||||
|
ctx2hash (cycles): 19431
|
||||||
|
|
||||||
|
text data bss dec hex filename
|
||||||
|
6801 32 0 6833 1ab1 bin/bmw_c/bmw_small.o
|
||||||
|
=end
|
||||||
|
|
||||||
|
def get_size_string(impl, algo)
|
||||||
|
fmap = File.open('algo_implementation/'+impl+'.algos', 'r')
|
||||||
|
fsize = File.open('size_log/'+impl+'.size', 'r')
|
||||||
|
modules = nil
|
||||||
|
while l=fmap.gets
|
||||||
|
if m=l.match(/^([^:]*):(.*)$/)
|
||||||
|
if m[1] == algo
|
||||||
|
modules = m[2].split(/[\s]+/)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
if modules==nil
|
||||||
|
puts("ERROR: no module list found for #{impl}/#{algo} !")
|
||||||
|
return nil
|
||||||
|
end
|
||||||
|
fmap.close()
|
||||||
|
str = ''
|
||||||
|
sum = 0
|
||||||
|
lb = fsize.gets()
|
||||||
|
while lb = fsize.gets()
|
||||||
|
m = lb.match(/[\s]*([\w]*)[\s]*([\w]*)[\s]*([\w]*)[\s]*([\w]*)[\s]*([\w]*)[\s]*([\w_\/-]*)/)
|
||||||
|
name = m[6]+'.o'
|
||||||
|
if modules.include?(name)
|
||||||
|
str += "<br> \n" + name+': '+m[4]
|
||||||
|
sum += m[4].to_i
|
||||||
|
end
|
||||||
|
end
|
||||||
|
fsize.close()
|
||||||
|
return sum
|
||||||
|
end
|
||||||
|
|
||||||
|
def process_hashfunction(fin, name, impl)
|
||||||
|
lb = fin.readline()
|
||||||
|
m = lb.match(/hashsize \(bits\):[\s]*([\d]*)/)
|
||||||
|
if(!m)
|
||||||
|
printf("unexpected string %s\n", lb)
|
||||||
|
end
|
||||||
|
hashsize = m[1].to_i()
|
||||||
|
lb = fin.readline()
|
||||||
|
m = lb.match(/ctxsize \(bytes\):[\s]*([\d]+)/)
|
||||||
|
ctxsize = m[1].to_i()
|
||||||
|
lb = fin.readline()
|
||||||
|
m = lb.match(/blocksize \(bits\):[\s]*([\d]+)/)
|
||||||
|
blocksize = m[1].to_i()
|
||||||
|
lb = fin.readline()
|
||||||
|
m = lb.match(/init \(cycles\):[\s]*([\d]+)/)
|
||||||
|
inittime = m[1].to_i()
|
||||||
|
lb = fin.readline()
|
||||||
|
m = lb.match(/nextBlock \(cycles\):[\s]*([\d]+)/)
|
||||||
|
nextblocktime = m[1].to_i()
|
||||||
|
lb = fin.readline()
|
||||||
|
m = lb.match(/lastBlock \(cycles\):[\s]*([\d]+)/)
|
||||||
|
lastblocktime = m[1].to_i()
|
||||||
|
lb = fin.readline()
|
||||||
|
m = lb.match(/ctx2hash \(cycles\):[\s]*([\d]+)/)
|
||||||
|
convtime = m[1].to_i()
|
||||||
|
begin
|
||||||
|
lb = fin.gets()
|
||||||
|
end until lb==nil || m = lb.match(/init \(bytes\):[\s]*([\d]*)/)
|
||||||
|
if lb
|
||||||
|
initstack = m[1].to_i()
|
||||||
|
lb = fin.readline()
|
||||||
|
m = lb.match(/nextBlock \(bytes\):[\s]*([\d]*)/)
|
||||||
|
nextblockstack = m[1].to_i()
|
||||||
|
lb = fin.readline()
|
||||||
|
m = lb.match(/lastBlock \(bytes\):[\s]*([\d]*)/)
|
||||||
|
lastblockstack = m[1].to_i()
|
||||||
|
lb = fin.readline()
|
||||||
|
m = lb.match(/ctx2hash \(bytes\):[\s]*([\d]*)/)
|
||||||
|
convstack = m[1].to_i()
|
||||||
|
s1 = (initstack>nextblockstack)?initstack:nextblockstack
|
||||||
|
s2 = (lastblockstack>convstack)?lastblockstack:convstack
|
||||||
|
stack = (s1>s2)?s1:s2
|
||||||
|
else
|
||||||
|
stack = 0
|
||||||
|
end
|
||||||
|
size = get_size_string(impl, name)
|
||||||
|
printf("| %20s || %3s || %3s || %6d || %7d || %7d || %7d || %7d ||" +
|
||||||
|
" %7d || %7d || %9.2f || %7d || || || \n|-\n" ,
|
||||||
|
name, $lang, $lang, size, ctxsize, stack, hashsize, blocksize,
|
||||||
|
inittime, nextblocktime, nextblocktime.to_f/(blocksize/8),
|
||||||
|
lastblocktime+convtime)
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
$handlers = Hash.new
|
||||||
|
$handlers.default = 0
|
||||||
|
$handlers["hashfunction"] = 1 #process_hashfunction
|
||||||
|
|
||||||
|
def process_file(fname)
|
||||||
|
fin = File.open(fname, "r")
|
||||||
|
$lang = "asm"
|
||||||
|
$lang = "C" if fname.match(/_c.txt$/)
|
||||||
|
impl = fname.match(/([^.]*).txt$/)[1]
|
||||||
|
begin
|
||||||
|
begin
|
||||||
|
if fin.eof()
|
||||||
|
return
|
||||||
|
end
|
||||||
|
lb = fin.readline()
|
||||||
|
end while !m=lb.match(/=== (.*) performance ===/)
|
||||||
|
name = m[1];
|
||||||
|
lb = fin.readline()
|
||||||
|
m = lb.match(/type:[\s]*([\w]*)/)
|
||||||
|
type = m[1]
|
||||||
|
if $handlers[type] != 0
|
||||||
|
# handlers[type](fin, name)
|
||||||
|
# puts "DBG: process "+'-'+name+'-'+impl
|
||||||
|
process_hashfunction(fin, name, impl)
|
||||||
|
else
|
||||||
|
printf("ERROR: unsupported type: %s !\n", type)
|
||||||
|
end
|
||||||
|
end while(true)
|
||||||
|
fin.close()
|
||||||
|
end
|
||||||
|
|
||||||
|
for i in (0..ARGV.size-1)
|
||||||
|
process_file(ARGV[i])
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,117 @@
|
||||||
|
#!/usr/bin/ruby
|
||||||
|
# shavs_test.rb
|
||||||
|
=begin
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
=end
|
||||||
|
|
||||||
|
require 'find'
|
||||||
|
|
||||||
|
def read_record(file)
|
||||||
|
record = Hash.new
|
||||||
|
lb = file.gets() until /[\s]*Set[\s]*[\d]+[\s]*,[\s]*vector#[\s]*[\d]+[\s]*:[\s]*/.match(lb)
|
||||||
|
term=false
|
||||||
|
lastkey=nil
|
||||||
|
begin
|
||||||
|
term = true
|
||||||
|
lb=file.gets();
|
||||||
|
if m=/[\s]*([^=]+)[\s]*=[\s]*(.*)/.match(lb)
|
||||||
|
lastkey=m[1]
|
||||||
|
record[m[1]] = m[2]
|
||||||
|
term = false
|
||||||
|
else
|
||||||
|
if m=/[\s]*([0-9a-fA-F]+)[\s]*/.match(lb) and lastkey!=nil
|
||||||
|
record[lastkey] += m[1]
|
||||||
|
term = false
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end until term
|
||||||
|
record
|
||||||
|
end
|
||||||
|
|
||||||
|
def check_match(fname1, fname2)
|
||||||
|
r1 = Hash.new
|
||||||
|
r2 = Hash.new
|
||||||
|
if File.directory?(fname1)
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
if File.directory?(fname2)
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
file1 = File.new(fname1, "r");
|
||||||
|
file2 = File.new(fname2, "r");
|
||||||
|
r1 = read_record(file1)
|
||||||
|
r2 = read_record(file2)
|
||||||
|
return r1==r2
|
||||||
|
end
|
||||||
|
|
||||||
|
def get_params_from_fn(fname)
|
||||||
|
params = Array.new
|
||||||
|
if not p = /[^\.]*\.(([\d]+)\.*).*/.match(fname)
|
||||||
|
return params
|
||||||
|
end
|
||||||
|
params = p[1].split(/\./)
|
||||||
|
return params
|
||||||
|
end
|
||||||
|
|
||||||
|
def get_params_from_fn2(fname)
|
||||||
|
params = Array.new
|
||||||
|
if not p = /[^\.]*\.((-([\d]+))*\.).*/.match(fname)
|
||||||
|
return params
|
||||||
|
end
|
||||||
|
params = p[1].split(/\./)
|
||||||
|
return params
|
||||||
|
end
|
||||||
|
|
||||||
|
def find_files(fname1, afnames)
|
||||||
|
files = Array.new
|
||||||
|
params = Array.new
|
||||||
|
params = get_params_from_fn(fname1)
|
||||||
|
afnames.each{ |fn|
|
||||||
|
p = get_params_from_fn2(fn)
|
||||||
|
puts("#{params} ?= #{p}")
|
||||||
|
if params.eql?(p)
|
||||||
|
files << fn
|
||||||
|
end
|
||||||
|
}
|
||||||
|
return files
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
if ARGV.size<2 or File.directory?(ARGV[0]) or (File.directory?(ARGV[1])==false)
|
||||||
|
STDERR.print <<EOF
|
||||||
|
Usage: ruby #{$0} file directory [formatstring]
|
||||||
|
|
||||||
|
EOF
|
||||||
|
exit(1)
|
||||||
|
end
|
||||||
|
|
||||||
|
fmt=String.new
|
||||||
|
if ARGV.size>=3
|
||||||
|
fmt=ARGV[2]
|
||||||
|
else
|
||||||
|
fmt = "%s --> %s\n"
|
||||||
|
end
|
||||||
|
files = Array.new
|
||||||
|
files = Dir.entries(ARGV[1])
|
||||||
|
files.each{ |fn|
|
||||||
|
if check_match(ARGV[0], ARGV[1]+fn)
|
||||||
|
printf(fmt, ARGV[0].to_s, ARGV[1]+fn.to_s)
|
||||||
|
puts ""
|
||||||
|
# puts("#{ARGV[0]} --> #{ARGV[1]+fn}")
|
||||||
|
end
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,82 @@
|
||||||
|
#!/usr/bin/ruby
|
||||||
|
# performnce to wiki
|
||||||
|
|
||||||
|
=begin
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
=end
|
||||||
|
|
||||||
|
|
||||||
|
require 'rubygems'
|
||||||
|
require 'getopt/std'
|
||||||
|
|
||||||
|
=begin
|
||||||
|
| Blake-28 || C || C
|
||||||
|
| 10916<br>
|
||||||
|
blake_small: 3494<br>
|
||||||
|
blake_large: 7142<br>
|
||||||
|
blake_common: 256<br>
|
||||||
|
memxor: 24
|
||||||
|
| 53 || || 224 || 512 || 386 || 71362 || 1115.03 || 71893 || || ||
|
||||||
|
|-
|
||||||
|
|
||||||
|
=end
|
||||||
|
|
||||||
|
|
||||||
|
def fix_file(fin, fout, supress)
|
||||||
|
loop do
|
||||||
|
return if fin.eof()
|
||||||
|
comp = Array.new
|
||||||
|
i = 0
|
||||||
|
lb1 = fin.readline()
|
||||||
|
lb2 = fin.readline()
|
||||||
|
begin
|
||||||
|
comp[i] = fin.readline()
|
||||||
|
i += 1
|
||||||
|
end until comp[i-1].match(/^\|/)
|
||||||
|
sum = 0
|
||||||
|
(i-1).times{ |j| sum += comp[j].match(/[^:]*:[\s]*([\d]*)/)[1].to_i}
|
||||||
|
fout.print(lb1.chomp)
|
||||||
|
if supress
|
||||||
|
fout.printf(" || %d |%s", sum, comp.last)
|
||||||
|
else
|
||||||
|
fout.printf("\n| %d <br>\n", sum)
|
||||||
|
comp.each{ |s| fout.puts(s)}
|
||||||
|
end
|
||||||
|
begin
|
||||||
|
lb1 = fin.readline()
|
||||||
|
fout.puts(lb1)
|
||||||
|
end until lb1.match(/^\|\-/)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# MAIN #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
fin = STDIN
|
||||||
|
fout = STDOUT
|
||||||
|
|
||||||
|
opts = Getopt::Std.getopts("s")
|
||||||
|
|
||||||
|
fin = File.open(ARGV[0], "r") if ARGV.size > 0
|
||||||
|
fout = File.open(ARGV[1], "w") if ARGV.size > 1
|
||||||
|
|
||||||
|
fix_file(fin, fout, opts["s"])
|
||||||
|
|
||||||
|
fin.close if ARGV.size > 0
|
||||||
|
fout.close if ARGV.size > 1
|
||||||
|
|
|
@ -0,0 +1,97 @@
|
||||||
|
#!/usr/bin/ruby
|
||||||
|
# gcdext-test.rb
|
||||||
|
=begin
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008, 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
=end
|
||||||
|
|
||||||
|
$debug = true
|
||||||
|
$debug = false
|
||||||
|
require 'rubygems'
|
||||||
|
require 'serialport'
|
||||||
|
require 'getopt/std'
|
||||||
|
require 'ftools'
|
||||||
|
require 'date'
|
||||||
|
|
||||||
|
def gcdext(x,y)
|
||||||
|
g=1
|
||||||
|
i=0
|
||||||
|
while(x&1==0 && y&1==0) do
|
||||||
|
x>>=1
|
||||||
|
y>>=1
|
||||||
|
g<<=1
|
||||||
|
i+=1
|
||||||
|
end
|
||||||
|
printf("DBG: initshift = %04X\n", i)
|
||||||
|
u=x; v=y; a=1; b=0; c=0; d=1
|
||||||
|
begin
|
||||||
|
printf(" while u%%2==0; u = %X\n", u)
|
||||||
|
printf("DBG: (10) a = %s\n", a.to_s(16).upcase)
|
||||||
|
printf("DBG: (10) b = %s\n", b.to_s(16).upcase)
|
||||||
|
printf("DBG: (10) c = %s\n", c.to_s(16).upcase)
|
||||||
|
printf("DBG: (10) d = %s\n", d.to_s(16).upcase)
|
||||||
|
while(u&1==0) do
|
||||||
|
if(a%2==1 || b%2==1)
|
||||||
|
a += y
|
||||||
|
b -= x
|
||||||
|
end
|
||||||
|
u>>=1; a>>=1; b>>=1
|
||||||
|
end
|
||||||
|
printf(" while v%%2==0; v = %X\n", v)
|
||||||
|
printf("DBG: (20) a = %s\n", a.to_s(16).upcase)
|
||||||
|
printf("DBG: (20) b = %s\n", b.to_s(16).upcase)
|
||||||
|
printf("DBG: (20) c = %s\n", c.to_s(16).upcase)
|
||||||
|
printf("DBG: (20) d = %s\n", d.to_s(16).upcase)
|
||||||
|
while(v&1==0) do
|
||||||
|
if(c%2==1 || d%2==1)
|
||||||
|
c += y
|
||||||
|
# printf("DBG: (qq) b = %s\n", b.to_s(16).upcase)
|
||||||
|
d -= x
|
||||||
|
end
|
||||||
|
printf("DBG: (xx) d = %s\n", d.to_s(16).upcase)
|
||||||
|
v>>=1; c>>=1; d>>=1;
|
||||||
|
end
|
||||||
|
|
||||||
|
printf(" if u>=v ...\n")
|
||||||
|
printf("DBG: (30) a = %s\n", a.to_s(16).upcase)
|
||||||
|
printf("DBG: (30) b = %s\n", b.to_s(16).upcase)
|
||||||
|
printf("DBG: (30) c = %s\n", c.to_s(16).upcase)
|
||||||
|
printf("DBG: (30) d = %s\n", d.to_s(16).upcase)
|
||||||
|
|
||||||
|
if(u>=v)
|
||||||
|
u -= v; a-=c; b-=d
|
||||||
|
else
|
||||||
|
v -= u; c-=a; d-=b
|
||||||
|
end
|
||||||
|
end while(u!=0)
|
||||||
|
return[g*v, c, d]
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
if ARGV.length==2
|
||||||
|
a = ARGV[0].to_i
|
||||||
|
b = ARGV[1].to_i
|
||||||
|
else
|
||||||
|
# CD319349, 9EFD76CC
|
||||||
|
# 1609000771, 6fac577d72
|
||||||
|
a = 0x1609000771
|
||||||
|
b = 0x6fac577d72
|
||||||
|
end
|
||||||
|
r = gcdext(a, b)
|
||||||
|
printf("gcdext( %s, %s) => a = %s; b = %s; gcd = %s\n",
|
||||||
|
a.to_s(16),b.to_s(16),r[1].to_s(16),r[2].to_s(16),r[0].to_s(16))
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,165 @@
|
||||||
|
#!/usr/bin/ruby
|
||||||
|
# get_performance.rb
|
||||||
|
=begin
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008, 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
=end
|
||||||
|
|
||||||
|
$debug = false
|
||||||
|
require 'rubygems'
|
||||||
|
require 'serialport'
|
||||||
|
require 'getopt/std'
|
||||||
|
$conffile_check = Hash.new
|
||||||
|
$conffile_check.default = 0
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# readconfigfile #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def readconfigfile(fname, conf)
|
||||||
|
return conf if $conffile_check[fname]==1
|
||||||
|
$conffile_check[fname]=1
|
||||||
|
section = "default"
|
||||||
|
if not File.exists?(fname)
|
||||||
|
return conf
|
||||||
|
end
|
||||||
|
file = File.open(fname, "r")
|
||||||
|
until file.eof
|
||||||
|
line = file.gets()
|
||||||
|
next if /[\s]*#/.match(line)
|
||||||
|
if m=/\[[\s]*([^\s]*)[\s]*\]/.match(line)
|
||||||
|
section=m[1]
|
||||||
|
conf[m[1]] = Hash.new
|
||||||
|
next
|
||||||
|
end
|
||||||
|
next if not /=/.match(line)
|
||||||
|
m=/[\s]*([^\s]*)[\s]*=[\s]*([^\s]*)/.match(line)
|
||||||
|
if m[1]=="include"
|
||||||
|
Dir.glob(m[2]){ |fn| conf = readconfigfile(fn, conf) }
|
||||||
|
else
|
||||||
|
conf[section][m[1]] = m[2]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
file.close()
|
||||||
|
return conf
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# read_line #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def read_line(error_msg=true)
|
||||||
|
i=$extended_wait
|
||||||
|
begin
|
||||||
|
s = $sp.gets()
|
||||||
|
end until s or i==0
|
||||||
|
if s==nil
|
||||||
|
puts("ERROR: read timeout!\n") if error_msg
|
||||||
|
return nil
|
||||||
|
end
|
||||||
|
s.gsub(/\006/, '');
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# readPerformanceVector #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def readPerformanceVector(param)
|
||||||
|
lb=""
|
||||||
|
fname=""
|
||||||
|
fout=0
|
||||||
|
begin
|
||||||
|
lb = read_line()
|
||||||
|
if lb.match(/End of performance figures/)
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
if m=lb.match(/=== (.*) performance ===/)
|
||||||
|
fout.close if fout!=0
|
||||||
|
fname=$dir+m[1]
|
||||||
|
fname+="."+param if param != ""
|
||||||
|
fname+=".txt"
|
||||||
|
fout = File.open(fname, "w+")
|
||||||
|
printf("> %s \n", fname)
|
||||||
|
fout.write(lb)
|
||||||
|
else
|
||||||
|
if fout!=0 && lb!=""
|
||||||
|
fout.write(lb)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end while true
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# MAIN #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
|
||||||
|
opts = Getopt::Std.getopts("f:c:t:a:d")
|
||||||
|
|
||||||
|
conf = Hash.new
|
||||||
|
conf = readconfigfile("/etc/testport.conf", conf)
|
||||||
|
conf = readconfigfile("~/.testport.conf", conf)
|
||||||
|
conf = readconfigfile("testport.conf", conf)
|
||||||
|
conf = readconfigfile(opts["f"], conf) if opts["f"]
|
||||||
|
|
||||||
|
#puts conf.inspect
|
||||||
|
|
||||||
|
puts("serial port interface version: " + SerialPort::VERSION);
|
||||||
|
$linewidth = 64
|
||||||
|
params = { "baud" => conf["PORT"]["baud"].to_i,
|
||||||
|
"data_bits" => conf["PORT"]["databits"].to_i,
|
||||||
|
"stop_bits" => conf["PORT"]["stopbits"].to_i,
|
||||||
|
"parity" => SerialPort::NONE }
|
||||||
|
params["paraty"] = SerialPort::ODD if conf["PORT"]["paraty"].downcase == "odd"
|
||||||
|
params["paraty"] = SerialPort::EVEN if conf["PORT"]["paraty"].downcase == "even"
|
||||||
|
params["paraty"] = SerialPort::MARK if conf["PORT"]["paraty"].downcase == "mark"
|
||||||
|
params["paraty"] = SerialPort::SPACE if conf["PORT"]["paraty"].downcase == "space"
|
||||||
|
|
||||||
|
puts("\nPort: "+conf["PORT"]["port"]+"@" +
|
||||||
|
params["baud"].to_s +
|
||||||
|
" " +
|
||||||
|
params["data_bits"].to_s +
|
||||||
|
conf["PORT"]["paraty"][0,1].upcase +
|
||||||
|
params["stop_bits"].to_s +
|
||||||
|
"\n")
|
||||||
|
|
||||||
|
$sp = SerialPort.new(conf["PORT"]["port"], params)
|
||||||
|
|
||||||
|
$sp.read_timeout=1000; # 5 minutes
|
||||||
|
$sp.flow_control = SerialPort::SOFT
|
||||||
|
=begin
|
||||||
|
if ARGV.size < 1
|
||||||
|
STDERR.print <<EOF
|
||||||
|
Usage: ruby #{$0} -c command [-t target_dir] [-a additional specifier]
|
||||||
|
EOF
|
||||||
|
exit(1)
|
||||||
|
end
|
||||||
|
=end
|
||||||
|
|
||||||
|
command=opts['c']+"\r";
|
||||||
|
$dir=(opts['t'])?opts['t']:"";
|
||||||
|
param=(opts['a'])?opts['a']:"";
|
||||||
|
|
||||||
|
$linewidth = 16
|
||||||
|
$extended_wait=100;
|
||||||
|
$sp.write(command);
|
||||||
|
|
||||||
|
while(readPerformanceVector(param))
|
||||||
|
end
|
||||||
|
|
||||||
|
exit(0);
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,52 @@
|
||||||
|
#!/usr/bin/ruby
|
||||||
|
# get_primes.rb
|
||||||
|
=begin
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
=end
|
||||||
|
|
||||||
|
$primes = [2,3,5]
|
||||||
|
|
||||||
|
def check_prime(a)
|
||||||
|
q = Math.sqrt(a)
|
||||||
|
$primes.each{ |p|
|
||||||
|
return true if p>q
|
||||||
|
return false if a%p==0
|
||||||
|
}
|
||||||
|
return true
|
||||||
|
end
|
||||||
|
|
||||||
|
def find_primes(n)
|
||||||
|
a = $primes.last+2
|
||||||
|
while $primes.size < n
|
||||||
|
if check_prime(a)
|
||||||
|
$primes << a
|
||||||
|
end
|
||||||
|
a += 2
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
if ARGV.size!=1
|
||||||
|
STDERR.print <<EOF
|
||||||
|
Usage: ruby #{$0} n
|
||||||
|
|
||||||
|
EOF
|
||||||
|
exit(1)
|
||||||
|
end
|
||||||
|
|
||||||
|
find_primes(ARGV[0].to_i);
|
||||||
|
print($primes.join(', '))
|
||||||
|
puts("")
|
|
@ -0,0 +1,128 @@
|
||||||
|
#!/usr/bin/ruby
|
||||||
|
# get_test.rb
|
||||||
|
=begin
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008, 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
=end
|
||||||
|
|
||||||
|
require 'serialport'
|
||||||
|
|
||||||
|
def read_line(error_msg=true)
|
||||||
|
s = $sp.gets()
|
||||||
|
if s==nil
|
||||||
|
puts("ERROR: read timeout!\n") if error_msg
|
||||||
|
return nil
|
||||||
|
end
|
||||||
|
s.gsub(/\006/, '');
|
||||||
|
end
|
||||||
|
|
||||||
|
def readTestVector(param)
|
||||||
|
fname=$dir;
|
||||||
|
lb="";
|
||||||
|
buffer="";
|
||||||
|
set=0;
|
||||||
|
vector=0;
|
||||||
|
begin
|
||||||
|
lb = read_line(false)
|
||||||
|
if (m=/unknown command/.match(lb) || m=/[Ee][Rr]{2}[Oo][Rr]/.match(lb))
|
||||||
|
puts("ERROR: "+lb);
|
||||||
|
exit(2);
|
||||||
|
end
|
||||||
|
if(lb==nil)
|
||||||
|
return false;
|
||||||
|
end
|
||||||
|
end while(m=/\*+/.match(lb));
|
||||||
|
|
||||||
|
buffer += lb;
|
||||||
|
begin
|
||||||
|
lb = read_line()
|
||||||
|
if(lb==nil)
|
||||||
|
return false;
|
||||||
|
end
|
||||||
|
buffer+=lb;
|
||||||
|
end while(m=/\*.*/.match(lb));
|
||||||
|
|
||||||
|
while(!(m=/Test vectors/.match(lb)))
|
||||||
|
m=/[^:]*:[\s]([A-Za-z0-9_-]*)/.match(lb);
|
||||||
|
if(m)
|
||||||
|
fname+=m[1]+".";
|
||||||
|
end
|
||||||
|
return false if lb==nil
|
||||||
|
buffer+=lb;
|
||||||
|
lb = read_line();
|
||||||
|
end
|
||||||
|
if(param!="")
|
||||||
|
fname+=param+".";
|
||||||
|
end
|
||||||
|
puts("-> "+fname+"txt");
|
||||||
|
file=File.new(fname+"txt", "w");
|
||||||
|
buffer+=lb;
|
||||||
|
file.write(buffer);
|
||||||
|
begin
|
||||||
|
if (m=/Test\ vectors\ \-\-\ set[\s]+([0-9]+)/.match(lb))
|
||||||
|
set=m[1].to_i;
|
||||||
|
print("\nSet "+m[1]+":");
|
||||||
|
end
|
||||||
|
if (m=/Set [0-9]*, vector#[\s]*([0-9]+):/.match(lb))
|
||||||
|
vector=m[1].to_i;
|
||||||
|
#print(" "+m[1]);
|
||||||
|
if(vector!=0 && vector % $linewidth==0)
|
||||||
|
print("\n ")
|
||||||
|
end
|
||||||
|
printf(" %4u", vector);
|
||||||
|
end
|
||||||
|
lb=read_line();
|
||||||
|
if(lb==nil)
|
||||||
|
file.close();
|
||||||
|
return false;
|
||||||
|
end
|
||||||
|
file.write(lb);
|
||||||
|
end while(!m=/End of test vectors/.match(lb));
|
||||||
|
puts("\n");
|
||||||
|
file.close();
|
||||||
|
return true
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
if ARGV.size < 5
|
||||||
|
STDERR.print <<EOF
|
||||||
|
Usage: ruby #{$0} port bps nbits stopb command [target_dir] [additional specifier]
|
||||||
|
EOF
|
||||||
|
exit(1)
|
||||||
|
end
|
||||||
|
|
||||||
|
command=ARGV[4]+"\r";
|
||||||
|
$dir=(ARGV.size>=6)?ARGV[5]:"";
|
||||||
|
param=(ARGV.size>=7)?ARGV[6]:"";
|
||||||
|
|
||||||
|
puts("\nPort: "+ARGV[0]+ "@"+ARGV[1]+" "+ARGV[2]+"N"+ARGV[3]+"\n");
|
||||||
|
$linewidth = 16
|
||||||
|
$sp = SerialPort.new(ARGV[0], ARGV[1].to_i, ARGV[2].to_i, ARGV[3].to_i, SerialPort::NONE);
|
||||||
|
$sp.read_timeout=1000; # 1 secound
|
||||||
|
$extended_wait=100;
|
||||||
|
$sp.write(command);
|
||||||
|
|
||||||
|
if(readTestVector(param)==false)
|
||||||
|
puts("ERROR: test seems not to be implemented");
|
||||||
|
exit(3);
|
||||||
|
end
|
||||||
|
|
||||||
|
while(readTestVector(param))
|
||||||
|
end
|
||||||
|
|
||||||
|
exit(0);
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,39 @@
|
||||||
|
#!/usr/bin/ruby
|
||||||
|
# bigint_test.rb
|
||||||
|
=begin
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008, 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
=end
|
||||||
|
|
||||||
|
$debug = true
|
||||||
|
$debug = false
|
||||||
|
require 'rubygems'
|
||||||
|
require 'serialport'
|
||||||
|
require 'getopt/std'
|
||||||
|
require 'ftools'
|
||||||
|
require 'date'
|
||||||
|
$buffer_size = 0
|
||||||
|
$conffile_check = Hash.new
|
||||||
|
$conffile_check.default = 0
|
||||||
|
|
||||||
|
def karatsuba_verbose(a,b)
|
||||||
|
a_s = a.to_s(16)
|
||||||
|
b_s = b.to_s(16)
|
||||||
|
len_a = floor((a_s.length+1)/2)
|
||||||
|
len_b = floor((b_s.length+1)/2)
|
||||||
|
n=floor((((len_a>len_b)?len_a:len_b)+1)/2)
|
||||||
|
|
||||||
|
end
|
|
@ -0,0 +1,124 @@
|
||||||
|
#!/usr/bin/ruby
|
||||||
|
# nessie_check.rb
|
||||||
|
=begin
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
=end
|
||||||
|
|
||||||
|
def skip_header(file)
|
||||||
|
begin
|
||||||
|
l = file.gets().strip
|
||||||
|
end until /[*]{10,}.*/.match(l)
|
||||||
|
begin
|
||||||
|
l = file.gets().strip
|
||||||
|
end until /[*]{10,}.*/.match(l)
|
||||||
|
begin
|
||||||
|
l = file.gets().strip
|
||||||
|
end until /[=]{5,}.*/.match(l)
|
||||||
|
begin
|
||||||
|
l = file.gets().strip
|
||||||
|
end until /[=]{5,}.*/.match(l)
|
||||||
|
end
|
||||||
|
|
||||||
|
def get_next_assign(file, i)
|
||||||
|
key = String.new
|
||||||
|
value = String.new
|
||||||
|
if($last_assign[i]==nil)
|
||||||
|
begin
|
||||||
|
return nil if file.eof
|
||||||
|
l = file.gets().strip()
|
||||||
|
end until m=/[\s]*([\w]*)[\s]*=[\s]*([0-9a-fA-F]*).*/.match(l)
|
||||||
|
value = m[2]
|
||||||
|
key = m[1]
|
||||||
|
begin
|
||||||
|
return nil if file.eof
|
||||||
|
l = file.gets().strip()
|
||||||
|
if not /[^=]+=[^=]+/.match(l)
|
||||||
|
value += l if /^[0-9A-Fa-f]{5}/.match(l)
|
||||||
|
end
|
||||||
|
end until /[^=]+=[^=]+/.match(l)
|
||||||
|
$last_assign[i] = l
|
||||||
|
else
|
||||||
|
m=/[\s]*([\w]*)[\s]*=[\s]*([0-9a-fA-F]*).*/.match($last_assign[i])
|
||||||
|
value = m[2]
|
||||||
|
key = m[1]
|
||||||
|
begin
|
||||||
|
return nil if file.eof
|
||||||
|
l = file.gets().strip()
|
||||||
|
if not /[^=]+=[^=]+/.match(l)
|
||||||
|
value += l if /^[0-9A-Fa-f]{5}/.match(l)
|
||||||
|
end
|
||||||
|
end until /[^=]+=[^=]+/.match(l)
|
||||||
|
$last_assign[i] = l
|
||||||
|
end
|
||||||
|
return [key, value]
|
||||||
|
end
|
||||||
|
|
||||||
|
def compare(fname1, fname2)
|
||||||
|
file1 = File.new(fname1, "r")
|
||||||
|
file2 = File.new(fname2, "r")
|
||||||
|
skip_header(file1)
|
||||||
|
skip_header(file2)
|
||||||
|
pos=0
|
||||||
|
begin
|
||||||
|
# puts("checking set")
|
||||||
|
a = get_next_assign(file1, 0)
|
||||||
|
b = get_next_assign(file2, 1)
|
||||||
|
return if(a==nil or b==nil)
|
||||||
|
if not $quiet
|
||||||
|
puts("") if pos%$linewidth==0 and pos!=0
|
||||||
|
putc((a==b)?'*':'!')
|
||||||
|
pos +=1
|
||||||
|
end
|
||||||
|
if(a!=b and a!=nil and b!=nil)
|
||||||
|
$error += 1
|
||||||
|
# puts("a key: "+a[0]+" value: "+a[1])
|
||||||
|
# puts("b key: "+b[0]+" value: "+b[1])
|
||||||
|
end
|
||||||
|
end until a==nil or b==nil
|
||||||
|
end
|
||||||
|
|
||||||
|
$error = 0
|
||||||
|
$linewidth=64
|
||||||
|
$last_assign=[nil, nil]
|
||||||
|
|
||||||
|
if ARGV.size<2 or ARGV.size>3
|
||||||
|
STDERR.print <<EOF
|
||||||
|
Usage: ruby #{$0} [-q|-v] file1 file2
|
||||||
|
EOF
|
||||||
|
exit(1)
|
||||||
|
end
|
||||||
|
$quiet = false
|
||||||
|
if ARGV.size==3
|
||||||
|
f1 = ARGV[1]
|
||||||
|
f2 = ARGV[2]
|
||||||
|
if ARGV[0]=="-q"
|
||||||
|
$quiet=true
|
||||||
|
end
|
||||||
|
else
|
||||||
|
f1 = ARGV[0]
|
||||||
|
f2 = ARGV[1]
|
||||||
|
end
|
||||||
|
|
||||||
|
puts("compare("+f1+", "+f2+")")
|
||||||
|
compare(f1, f2)
|
||||||
|
if $error!=0
|
||||||
|
puts("[failed] ("+$error.to_s()+")")
|
||||||
|
else
|
||||||
|
puts("[ok]")
|
||||||
|
end
|
||||||
|
|
||||||
|
exit($error)
|
|
@ -0,0 +1,100 @@
|
||||||
|
#!/usr/bin/ruby
|
||||||
|
# shavs_test.rb
|
||||||
|
=begin
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
=end
|
||||||
|
|
||||||
|
shift_values = [ 5, 36, 13, 58, 26, 53, 11, 59,
|
||||||
|
56, 28, 46, 44, 20, 35, 42, 50,
|
||||||
|
|
||||||
|
38, 48, 34, 26, 33, 39, 29, 33,
|
||||||
|
30, 20, 14, 12, 49, 27, 26, 51,
|
||||||
|
50, 43, 15, 58, 8, 41, 11, 39,
|
||||||
|
53, 31, 27, 7, 42, 14, 9, 35,
|
||||||
|
|
||||||
|
55, 25, 33, 34, 28, 17, 58, 47,
|
||||||
|
43, 25, 8, 43, 7, 6, 7, 49,
|
||||||
|
37, 46, 18, 25, 47, 18, 32, 27,
|
||||||
|
40, 13, 57, 60, 48, 25, 45, 58,
|
||||||
|
16, 14, 21, 44, 51, 43, 19, 37,
|
||||||
|
22, 13, 12, 9, 9, 42, 18, 48,
|
||||||
|
38, 52, 32, 59, 35, 40, 2, 53,
|
||||||
|
12, 57, 54, 34, 41, 15, 56, 56 ]
|
||||||
|
|
||||||
|
def transform_shift(value)
|
||||||
|
byteshift = (value+3)/8
|
||||||
|
singleshift = value%8
|
||||||
|
if singleshift>4
|
||||||
|
# byteshift += 1
|
||||||
|
singleshift -= 8
|
||||||
|
end
|
||||||
|
return [singleshift, byteshift]
|
||||||
|
end
|
||||||
|
|
||||||
|
def transform_singleshift(value)
|
||||||
|
if(value>=0)
|
||||||
|
return value
|
||||||
|
end
|
||||||
|
return 0x08+(value*-1)
|
||||||
|
end
|
||||||
|
|
||||||
|
bs_hist = Hash.new
|
||||||
|
bs_hist.default = 0
|
||||||
|
ss_hist = Hash.new
|
||||||
|
ss_hist.default = 0
|
||||||
|
shift_values.each{|v|
|
||||||
|
|
||||||
|
a = transform_shift(v)
|
||||||
|
printf("%2d = %2d * 8 %+2d\n", v, a[1], a[0])
|
||||||
|
bs_hist[a[1]] += 1
|
||||||
|
ss_hist[a[0]] += 1
|
||||||
|
}
|
||||||
|
|
||||||
|
puts("byteshift histogram:")
|
||||||
|
for i in 0..7
|
||||||
|
printf("%d: %4d\n", i, bs_hist[i])
|
||||||
|
end
|
||||||
|
|
||||||
|
puts("singleshift histogram:")
|
||||||
|
for i in -3..4
|
||||||
|
printf("%+d: %4d\n", i, ss_hist[i])
|
||||||
|
end
|
||||||
|
|
||||||
|
puts "\ntransformed:"
|
||||||
|
(0..shift_values.length-1).each{|i|
|
||||||
|
puts " for 256 bit:" if i==0
|
||||||
|
puts " for 512 bit:" if i==16
|
||||||
|
puts " for 1024 bit:" if i==16+32
|
||||||
|
|
||||||
|
a = transform_shift(shift_values[i])
|
||||||
|
a[0] = transform_singleshift(a[0])
|
||||||
|
printf("0x%01x%01x, ", a[1], a[0])
|
||||||
|
puts("") if (i%8==7)
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
puts "\ntransformed (decryption):"
|
||||||
|
(0..shift_values.length-1).each{|i|
|
||||||
|
puts " for 256 bit:" if i==0
|
||||||
|
puts " for 512 bit:" if i==16
|
||||||
|
puts " for 1024 bit:" if i==16+32
|
||||||
|
|
||||||
|
a = transform_shift(shift_values[(i/8)*8+7-(i%8)])
|
||||||
|
a[0] = transform_singleshift(a[0])
|
||||||
|
printf("0x%01x%01x, ", a[1], a[0])
|
||||||
|
puts("") if (i%8==7)
|
||||||
|
}
|
|
@ -0,0 +1,305 @@
|
||||||
|
#!/usr/bin/ruby
|
||||||
|
# shavs_test.rb
|
||||||
|
=begin
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008, 2009 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
=end
|
||||||
|
|
||||||
|
$debug = true
|
||||||
|
$debug = false
|
||||||
|
require 'rubygems'
|
||||||
|
require 'serialport'
|
||||||
|
require 'getopt/std'
|
||||||
|
|
||||||
|
$buffer_size = 0
|
||||||
|
$conffile_check = Hash.new
|
||||||
|
$conffile_check.default = 0
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# readconfigfile #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def readconfigfile(fname, conf)
|
||||||
|
return conf if $conffile_check[fname]==1
|
||||||
|
$conffile_check[fname]=1
|
||||||
|
section = "default"
|
||||||
|
if not File.exists?(fname)
|
||||||
|
return conf
|
||||||
|
end
|
||||||
|
file = File.open(fname, "r")
|
||||||
|
until file.eof
|
||||||
|
line = file.gets()
|
||||||
|
next if /[\s]*#/.match(line)
|
||||||
|
if m=/\[[\s]*([^\s]*)[\s]*\]/.match(line)
|
||||||
|
section=m[1]
|
||||||
|
conf[m[1]] = Hash.new
|
||||||
|
next
|
||||||
|
end
|
||||||
|
next if not /=/.match(line)
|
||||||
|
m=/[\s]*([^\s]*)[\s]*=[\s]*([^\s]*)/.match(line)
|
||||||
|
if m[1]=="include"
|
||||||
|
Dir.glob(m[2]){ |fn| conf = readconfigfile(fn, conf) }
|
||||||
|
else
|
||||||
|
conf[section][m[1]] = m[2]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
file.close()
|
||||||
|
return conf
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# reset_system #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def reset_system
|
||||||
|
$sp.print("exit\r")
|
||||||
|
sleep 0.1
|
||||||
|
$sp.print("exit\r")
|
||||||
|
sleep 0.1
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# scan_system #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def scan_system
|
||||||
|
algos = Hash.new
|
||||||
|
$sp.print("shavs_list\r")
|
||||||
|
while true
|
||||||
|
line=$sp.gets()
|
||||||
|
return algos if /^>$/.match(line)
|
||||||
|
if m = /[\*\ ]([a-z]):[\s]*([a-zA-Z0-9+_-]+)/.match(line)
|
||||||
|
algos[m[2]]=m[1]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# init_system #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def init_system(algo_select)
|
||||||
|
$sp.print("echo off \r")
|
||||||
|
print("DBG i: " + "echo off \r"+"\n") if $debug
|
||||||
|
sleep 0.1
|
||||||
|
$sp.print("shavs_set #{algo_select}\r")
|
||||||
|
print("DBG i: " + "shavs_set #{$algo_select} \r"+"\n") if $debug
|
||||||
|
sleep 0.1
|
||||||
|
$sp.print("shavs_test1 \r")
|
||||||
|
print("DBG i: " + "shavs_test1 \r"+"\n") if $debug
|
||||||
|
begin
|
||||||
|
line=$sp.gets()
|
||||||
|
end while not m=/buffer_size[\s]*=[\s]*0x([0-9A-Fa-f]*)/.match(line)
|
||||||
|
$buffer_size = m[1].to_i(16)
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# get_md #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def get_md
|
||||||
|
begin
|
||||||
|
line = $sp.gets()
|
||||||
|
line = "" if line==nil
|
||||||
|
puts("DBG got: "+line) if $debug
|
||||||
|
end while not /[\s]*MD[\s]*=.*/.match(line)
|
||||||
|
return line
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# send_md #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def send_md(md_string)
|
||||||
|
$sp.print("Msg = ")
|
||||||
|
for i in 0..md_string.length-1
|
||||||
|
$sp.print(md_string[i].chr)
|
||||||
|
# print("DBG s: "+ md_string[i].chr) if $debug
|
||||||
|
# sleep(0.001)
|
||||||
|
if((i%($buffer_size*2)==0)&&(i!=0))
|
||||||
|
begin
|
||||||
|
line=$sp.gets()
|
||||||
|
end while not /\./.match(line)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# run_test #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
def run_test(filename, skip=0)
|
||||||
|
nerrors = 0
|
||||||
|
line=1
|
||||||
|
if not File.exist?(filename)
|
||||||
|
puts("ERROR file "+filename+" does not exist!")
|
||||||
|
return nerrors
|
||||||
|
end
|
||||||
|
pos = 0
|
||||||
|
file = File.new(filename, "r");
|
||||||
|
until file.eof
|
||||||
|
begin
|
||||||
|
lb=file.gets()
|
||||||
|
# printf("DBG info: file read: %s", lb)
|
||||||
|
end while not (file.eof or (/[\s]*Len[\s]*=/.match(lb)))
|
||||||
|
# puts("got ya")
|
||||||
|
if file.eof
|
||||||
|
file.close()
|
||||||
|
return nerrors
|
||||||
|
end
|
||||||
|
len = /[\s]*Len[\s]*=[\s]*([0-9]*)/.match(lb)[1].to_i
|
||||||
|
if(skip>0)
|
||||||
|
skip -= 1
|
||||||
|
redo
|
||||||
|
end
|
||||||
|
puts("DBG sending: "+lb) if $debug
|
||||||
|
$sp.print(lb.strip)
|
||||||
|
$sp.print("\r")
|
||||||
|
begin
|
||||||
|
lb=file.gets()
|
||||||
|
end while not (file.eof or (m=/[\s]*Msg[\s]*=[\s]*([0-9a-fA-F]*)/.match(lb)))
|
||||||
|
return if file.eof
|
||||||
|
puts("DBG sending: "+lb) if $debug
|
||||||
|
send_md(m[1])
|
||||||
|
avr_md = get_md()
|
||||||
|
begin
|
||||||
|
lb=file.gets()
|
||||||
|
end while not /[\s]*MD[\s]*=.*/.match(lb)
|
||||||
|
a = (/[\s]*MD[\s]*=[\s]*([0-9a-fA-F]*).*/.match(lb))[1];
|
||||||
|
b = (/[\s]*MD[\s]*=[\s]*([0-9a-fA-F]*).*/.match(avr_md))[1];
|
||||||
|
a.upcase!
|
||||||
|
b.upcase!
|
||||||
|
printf("\n%4d (%4d) [%5d]: ", line, (line-1)*$linewidth, len) if (pos%$linewidth==0 and $linewidth!=0)
|
||||||
|
line += 1 if (pos%$linewidth==0 and $linewidth!=0)
|
||||||
|
#sleep(1)
|
||||||
|
#putc((a==b)?'*':'!')
|
||||||
|
if(a==b)
|
||||||
|
putc('*')
|
||||||
|
else
|
||||||
|
putc('!')
|
||||||
|
# printf("<%d>",len)
|
||||||
|
printf("\nError @%05d: %s [should]\n != %s [is]- ",len, a, b)
|
||||||
|
nerrors += 1
|
||||||
|
end
|
||||||
|
pos += 1
|
||||||
|
end
|
||||||
|
file.close()
|
||||||
|
return nerrors
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# MAIN #
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
opts = Getopt::Std.getopts("s:f:i:j:hdca")
|
||||||
|
|
||||||
|
conf = Hash.new
|
||||||
|
conf = readconfigfile("/etc/testport.conf", conf)
|
||||||
|
conf = readconfigfile("~/.testport.conf", conf)
|
||||||
|
conf = readconfigfile("testport.conf", conf)
|
||||||
|
conf = readconfigfile(opts["f"], conf) if opts["f"]
|
||||||
|
|
||||||
|
#puts conf.inspect
|
||||||
|
|
||||||
|
puts("serial port interface version: " + SerialPort::VERSION);
|
||||||
|
$linewidth = 64
|
||||||
|
params = { "baud" => conf["PORT"]["baud"].to_i,
|
||||||
|
"data_bits" => conf["PORT"]["databits"].to_i,
|
||||||
|
"stop_bits" => conf["PORT"]["stopbits"].to_i,
|
||||||
|
"parity" => SerialPort::NONE }
|
||||||
|
params["paraty"] = SerialPort::ODD if conf["PORT"]["paraty"].downcase == "odd"
|
||||||
|
params["paraty"] = SerialPort::EVEN if conf["PORT"]["paraty"].downcase == "even"
|
||||||
|
params["paraty"] = SerialPort::MARK if conf["PORT"]["paraty"].downcase == "mark"
|
||||||
|
params["paraty"] = SerialPort::SPACE if conf["PORT"]["paraty"].downcase == "space"
|
||||||
|
|
||||||
|
puts("\nPort: "+conf["PORT"]["port"]+"@" +
|
||||||
|
params["baud"].to_s +
|
||||||
|
" " +
|
||||||
|
params["data_bits"].to_s +
|
||||||
|
conf["PORT"]["paraty"][0,1].upcase +
|
||||||
|
params["stop_bits"].to_s +
|
||||||
|
"\n")
|
||||||
|
|
||||||
|
$sp = SerialPort.new(conf["PORT"]["port"], params)
|
||||||
|
|
||||||
|
$sp.read_timeout=1000; # 5 minutes
|
||||||
|
$sp.flow_control = SerialPort::SOFT
|
||||||
|
|
||||||
|
reset_system()
|
||||||
|
algos=scan_system()
|
||||||
|
#puts algos.inspect
|
||||||
|
|
||||||
|
if opts["d"]
|
||||||
|
$debug = true
|
||||||
|
end
|
||||||
|
|
||||||
|
if opts["s"]
|
||||||
|
algos_rev = algos.invert
|
||||||
|
algo_tasks = Array.new
|
||||||
|
opts["s"].each_byte{ |x|
|
||||||
|
if algos_rev[x.chr]
|
||||||
|
algo_tasks << [algos_rev[x.chr],x.chr]
|
||||||
|
end
|
||||||
|
}
|
||||||
|
else
|
||||||
|
algo_tasks=algos.sort
|
||||||
|
end
|
||||||
|
|
||||||
|
algo_tasks.each do |algoa|
|
||||||
|
algo = algoa[0]
|
||||||
|
if conf[algo]==nil
|
||||||
|
puts("No test-set defined for #{algo} \r\n")
|
||||||
|
next
|
||||||
|
else
|
||||||
|
i=0
|
||||||
|
i = opts["j"] if opts["j"]
|
||||||
|
logfile=File.open(conf["PORT"]["testlogbase"]+algo+".txt", "a")
|
||||||
|
while conf[algo]["file_#{i}"] != nil
|
||||||
|
puts("Testing #{algo} with #{conf[algo]["file_#{i}"]}")
|
||||||
|
reset_system()
|
||||||
|
init_system(algoa[1])
|
||||||
|
skip=0
|
||||||
|
skip=opts["i"].to_i if opts["i"]
|
||||||
|
nerrors=run_test(conf[algo]["file_#{i}"], skip)
|
||||||
|
if nerrors == 0
|
||||||
|
puts("\n[ok]")
|
||||||
|
logfile.puts("[ok] "+conf[algo]["file_#{i}"]+ " ("+Time.now.to_s()+")")
|
||||||
|
else
|
||||||
|
puts("\n[errors: "+ nerrors.to_s() +"]")
|
||||||
|
logfile.puts("[error] "+nerrors.to_s+" "+conf[algo]["file_#{i}"]+ " ("+Time.now.to_s()+")")
|
||||||
|
end
|
||||||
|
i += 1
|
||||||
|
end
|
||||||
|
logfile.close()
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
=begin
|
||||||
|
nerrors = 0
|
||||||
|
for i in (5..(ARGV.size-1))
|
||||||
|
nerrors = run_test(ARGV[i])
|
||||||
|
if nerrors == 0
|
||||||
|
puts("\n[ok]")
|
||||||
|
else
|
||||||
|
puts("\n[errors: "+ nerrors.to_s() +"]")
|
||||||
|
end
|
||||||
|
end
|
||||||
|
$sp.print("EXIT\r");
|
||||||
|
|
||||||
|
#exit(0);
|
||||||
|
=end
|
||||||
|
|
|
@ -0,0 +1,14 @@
|
||||||
|
def a(n)
|
||||||
|
return (-n-65+512)%512
|
||||||
|
end
|
||||||
|
|
||||||
|
def b(n)
|
||||||
|
return (n+a(n)+65)%512
|
||||||
|
end
|
||||||
|
|
||||||
|
for i in (0..512)
|
||||||
|
puts("") if(i%32==0)
|
||||||
|
printf("%3d", b(i))
|
||||||
|
end
|
||||||
|
|
||||||
|
irb
|
|
@ -0,0 +1,28 @@
|
||||||
|
#!/usr/bin/ruby
|
||||||
|
#
|
||||||
|
|
||||||
|
(0..19).each { |s|
|
||||||
|
printf("0x%s%s, ", ((s+0)%5).to_s,((s+1)%5).to_s)
|
||||||
|
printf("0x%s%s, ", ((s+2)%5).to_s,((s+3)%5).to_s)
|
||||||
|
}
|
||||||
|
|
||||||
|
puts("\n or (5)\n")
|
||||||
|
(0..19+3).each { |s|
|
||||||
|
printf("0x%02x, ", ((s%5)*8))
|
||||||
|
}
|
||||||
|
|
||||||
|
puts("\n or (9)\n")
|
||||||
|
(0..19+7).each { |s|
|
||||||
|
printf("0x%02x, ", ((s%9)*8))
|
||||||
|
}
|
||||||
|
|
||||||
|
puts("\n or (17)\n")
|
||||||
|
(0..21+15).each { |s|
|
||||||
|
printf("0x%02x, ", ((s%17)*8))
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
puts("\n (3)\n")
|
||||||
|
(0..24).each { |s|
|
||||||
|
printf("0x%02x, ", ((s%3)*8))
|
||||||
|
}
|
|
@ -0,0 +1,233 @@
|
||||||
|
#!/usr/bin/ruby
|
||||||
|
# threefish_helper_rc.rb
|
||||||
|
=begin
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
=end
|
||||||
|
|
||||||
|
|
||||||
|
def convert(value)
|
||||||
|
byteshift = (value+3)/8
|
||||||
|
bitshift = value-byteshift*8
|
||||||
|
# printf("%d --> %d,%d\n", value,byteshift,bitshift)
|
||||||
|
if bitshift<0
|
||||||
|
bitshift *= -1
|
||||||
|
bitshift += 0x08
|
||||||
|
end
|
||||||
|
ret = byteshift*16+bitshift
|
||||||
|
return ret
|
||||||
|
end
|
||||||
|
|
||||||
|
r00 = [14, 52, 23, 5, 25, 46, 58, 32]
|
||||||
|
r01 = [16, 57, 40, 37, 33, 12, 22, 32]
|
||||||
|
|
||||||
|
r10 = [46, 33, 17, 44, 39, 13, 25, 8]
|
||||||
|
r11 = [36, 27, 49, 9, 30, 50, 29, 35]
|
||||||
|
r12 = [19, 14, 36, 54, 34, 10, 39, 56]
|
||||||
|
r13 = [37, 42, 39, 56, 24, 17, 43, 22]
|
||||||
|
|
||||||
|
r20 = [24, 38, 33, 5, 41, 16, 31, 9]
|
||||||
|
r21 = [13, 19, 4, 20, 9, 34, 44, 48]
|
||||||
|
r22 = [ 8, 10, 51, 48, 37, 56, 47, 35]
|
||||||
|
r23 = [47, 55, 13, 41, 31, 51, 46, 52]
|
||||||
|
r24 = [ 8, 49, 34, 47, 12, 4, 19, 23]
|
||||||
|
r25 = [17, 18, 41, 28, 47, 53, 42, 31]
|
||||||
|
r26 = [22, 23, 59, 16, 44, 42, 44, 37]
|
||||||
|
r27 = [37, 52, 17, 25, 30, 41, 25, 20]
|
||||||
|
|
||||||
|
#################################################
|
||||||
|
|
||||||
|
printf("threefish256_rc0: .byte ")
|
||||||
|
r00.each{ |x| printf("0x%2.2x, ",convert(x))}
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish256_rc1: .byte ")
|
||||||
|
r01.each{ |x| printf("0x%2.2x, ",convert(x))}
|
||||||
|
puts("\n\n")
|
||||||
|
|
||||||
|
#################################################
|
||||||
|
|
||||||
|
printf("threefish512_rc0: .byte ")
|
||||||
|
r10.each{ |x| printf("0x%2.2x, ",convert(x))}
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish512_rc1: .byte ")
|
||||||
|
r11.each{ |x| printf("0x%2.2x, ",convert(x))}
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish512_rc2: .byte ")
|
||||||
|
r12.each{ |x| printf("0x%2.2x, ",convert(x))}
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish512_rc3: .byte ")
|
||||||
|
r13.each{ |x| printf("0x%2.2x, ",convert(x))}
|
||||||
|
puts("\n\n")
|
||||||
|
|
||||||
|
#################################################
|
||||||
|
|
||||||
|
printf("threefish1024_rc0: .byte ")
|
||||||
|
r20.each{ |x| printf("0x%2.2x, ",convert(x))}
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish1024_rc1: .byte ")
|
||||||
|
r21.each{ |x| printf("0x%2.2x, ",convert(x))}
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish1024_rc2: .byte ")
|
||||||
|
r22.each{ |x| printf("0x%2.2x, ",convert(x))}
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish1024_rc3: .byte ")
|
||||||
|
r23.each{ |x| printf("0x%2.2x, ",convert(x))}
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish1024_rc4: .byte ")
|
||||||
|
r24.each{ |x| printf("0x%2.2x, ",convert(x))}
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish1024_rc5: .byte ")
|
||||||
|
r25.each{ |x| printf("0x%2.2x, ",convert(x))}
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish1024_rc6: .byte ")
|
||||||
|
r26.each{ |x| printf("0x%2.2x, ",convert(x))}
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish1024_rc7: .byte ")
|
||||||
|
r27.each{ |x| printf("0x%2.2x, ",convert(x))}
|
||||||
|
puts("\n\n")
|
||||||
|
|
||||||
|
#################################################
|
||||||
|
|
||||||
|
puts("REVERSE")
|
||||||
|
|
||||||
|
printf(" uint8_t rc0[8] = { ")
|
||||||
|
8.times{ |x| printf("%2.2d, ",r00[(7 - x)]) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf(" uint8_t rc1[8] = { ")
|
||||||
|
8.times{ |x| printf("%2.2d, ",r01[(7 - x)]) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish256_rc0: .byte ")
|
||||||
|
8.times{ |x| printf("0x%2.2x, ",convert(r00[(7 - x)]) ) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish256_rc1: .byte ")
|
||||||
|
8.times{ |x| printf("0x%2.2x, ",convert(r01[(7 - x)]) ) }
|
||||||
|
puts("\n\n")
|
||||||
|
|
||||||
|
#################################################
|
||||||
|
|
||||||
|
printf(" uint8_t rc0[8] = { ")
|
||||||
|
8.times{ |x| printf("%2.2d, ",r10[(7 - x)]) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf(" uint8_t rc1[8] = { ")
|
||||||
|
8.times{ |x| printf("%2.2d, ",r11[(7 - x)]) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf(" uint8_t rc2[8] = { ")
|
||||||
|
8.times{ |x| printf("%2.2d, ",r12[(7 - x)]) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf(" uint8_t rc3[8] = { ")
|
||||||
|
8.times{ |x| printf("%2.2d, ",r13[(7 - x)]) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
|
||||||
|
printf("threefish512_rc0: .byte ")
|
||||||
|
8.times{ |x| printf("0x%2.2x, ",convert(r10[(7 - x)]) ) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish512_rc1: .byte ")
|
||||||
|
8.times{ |x| printf("0x%2.2x, ",convert(r11[(7 - x)]) ) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish512_rc2: .byte ")
|
||||||
|
8.times{ |x| printf("0x%2.2x, ",convert(r12[(7 - x)]) ) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish512_rc3: .byte ")
|
||||||
|
8.times{ |x| printf("0x%2.2x, ",convert(r13[(7 - x)]) ) }
|
||||||
|
puts("\n\n")
|
||||||
|
|
||||||
|
#################################################
|
||||||
|
|
||||||
|
printf(" uint8_t rc0[8] = { ")
|
||||||
|
8.times{ |x| printf("%2.2d, ",r20[(7 - x)]) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf(" uint8_t rc1[8] = { ")
|
||||||
|
8.times{ |x| printf("%2.2d, ",r21[(7 - x)]) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf(" uint8_t rc2[8] = { ")
|
||||||
|
8.times{ |x| printf("%2.2d, ",r22[(7 - x)]) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf(" uint8_t rc3[8] = { ")
|
||||||
|
8.times{ |x| printf("%2.2d, ",r23[(7 - x)]) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf(" uint8_t rc4[8] = { ")
|
||||||
|
8.times{ |x| printf("%2.2d, ",r24[(7 - x)]) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf(" uint8_t rc5[8] = { ")
|
||||||
|
8.times{ |x| printf("%2.2d, ",r25[(7 - x)]) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf(" uint8_t rc6[8] = { ")
|
||||||
|
8.times{ |x| printf("%2.2d, ",r26[(7 - x)]) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf(" uint8_t rc7[8] = { ")
|
||||||
|
8.times{ |x| printf("%2.2d, ",r27[(7 - x)]) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish1024_rc0: .byte ")
|
||||||
|
8.times{ |x| printf("0x%2.2x, ",convert(r20[(7 - x)]) ) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish1024_rc1: .byte ")
|
||||||
|
8.times{ |x| printf("0x%2.2x, ",convert(r21[(7 - x)]) ) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish1024_rc2: .byte ")
|
||||||
|
8.times{ |x| printf("0x%2.2x, ",convert(r22[(7 - x)]) ) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish1024_rc3: .byte ")
|
||||||
|
8.times{ |x| printf("0x%2.2x, ",convert(r23[(7 - x)]) ) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish1024_rc4: .byte ")
|
||||||
|
8.times{ |x| printf("0x%2.2x, ",convert(r24[(7 - x)]) ) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish1024_rc5: .byte ")
|
||||||
|
8.times{ |x| printf("0x%2.2x, ",convert(r25[(7 - x)]) ) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish1024_rc6: .byte ")
|
||||||
|
8.times{ |x| printf("0x%2.2x, ",convert(r26[(7 - x)]) ) }
|
||||||
|
puts("")
|
||||||
|
|
||||||
|
printf("threefish1024_rc7: .byte ")
|
||||||
|
8.times{ |x| printf("0x%2.2x, ",convert(r27[(7 - x)]) ) }
|
||||||
|
puts("\n\n")
|
||||||
|
|
|
@ -0,0 +1,259 @@
|
||||||
|
/* keecak.c */
|
||||||
|
/*
|
||||||
|
This file is part of the ARM-Crypto-Lib.
|
||||||
|
Copyright (C) 2006-2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "memxor.h"
|
||||||
|
#include "keccak.h"
|
||||||
|
|
||||||
|
#ifdef DEBUG
|
||||||
|
# undef DEBUG
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#define DEBUG 0
|
||||||
|
|
||||||
|
#if DEBUG
|
||||||
|
#include "cli.h"
|
||||||
|
|
||||||
|
void keccak_dump_state(uint64_t a[5][5]){
|
||||||
|
uint8_t i,j;
|
||||||
|
for(i=0; i<5; ++i){
|
||||||
|
cli_putstr("\r\n");
|
||||||
|
cli_putc('0'+i);
|
||||||
|
cli_putstr(": ");
|
||||||
|
for(j=0; j<5; ++j){
|
||||||
|
cli_hexdump_rev(&(a[i][j]), 8);
|
||||||
|
cli_putc(' ');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void keccak_dump_ctx(keccak_ctx_t* ctx){
|
||||||
|
keccak_dump_state(ctx->a);
|
||||||
|
cli_putstr("\r\nDBG: r: ");
|
||||||
|
cli_hexdump_rev(&(ctx->r), 2);
|
||||||
|
cli_putstr("\t c: ");
|
||||||
|
cli_hexdump_rev(&(ctx->c), 2);
|
||||||
|
cli_putstr("\t d: ");
|
||||||
|
cli_hexdump(&(ctx->d), 1);
|
||||||
|
cli_putstr("\t bs: ");
|
||||||
|
cli_hexdump(&(ctx->bs), 1);
|
||||||
|
}
|
||||||
|
|
||||||
|
#endif
|
||||||
|
|
||||||
|
static const uint64_t rc[] = {
|
||||||
|
0x0000000000000001LL, 0x0000000000008082LL,
|
||||||
|
0x800000000000808ALL, 0x8000000080008000LL,
|
||||||
|
0x000000000000808BLL, 0x0000000080000001LL,
|
||||||
|
0x8000000080008081LL, 0x8000000000008009LL,
|
||||||
|
0x000000000000008ALL, 0x0000000000000088LL,
|
||||||
|
0x0000000080008009LL, 0x000000008000000ALL,
|
||||||
|
0x000000008000808BLL, 0x800000000000008BLL,
|
||||||
|
0x8000000000008089LL, 0x8000000000008003LL,
|
||||||
|
0x8000000000008002LL, 0x8000000000000080LL,
|
||||||
|
0x000000000000800ALL, 0x800000008000000ALL,
|
||||||
|
0x8000000080008081LL, 0x8000000000008080LL,
|
||||||
|
0x0000000080000001LL, 0x8000000080008008LL
|
||||||
|
};
|
||||||
|
|
||||||
|
uint64_t rotl64(uint64_t a, uint8_t r){
|
||||||
|
return (a<<r)|(a>>(64-r));
|
||||||
|
}
|
||||||
|
|
||||||
|
static const uint8_t r[5][5] = {
|
||||||
|
{ 0, 36, 3, 41, 18 },
|
||||||
|
{ 1, 44, 10, 45, 2 },
|
||||||
|
{ 62, 6, 43, 15, 61 },
|
||||||
|
{ 28, 55, 25, 21, 56 },
|
||||||
|
{ 27, 20, 39, 8, 14 }
|
||||||
|
};
|
||||||
|
|
||||||
|
void keccak_round(uint64_t a[5][5], uint8_t rci){
|
||||||
|
uint64_t b[5][5];
|
||||||
|
uint8_t i,j;
|
||||||
|
/* theta */
|
||||||
|
for(i=0; i<5; ++i){
|
||||||
|
b[i][0] = a[0][i] ^ a[1][i] ^ a[2][i] ^ a[3][i] ^ a[4][i];
|
||||||
|
}
|
||||||
|
for(i=0; i<5; ++i){
|
||||||
|
b[i][1] = b[(4+i)%5][0] ^ rotl64(b[(i+1)%5][0], 1);
|
||||||
|
}
|
||||||
|
for(i=0; i<5; ++i){
|
||||||
|
for(j=0; j<5; ++j){
|
||||||
|
a[j][i] ^= b[i][1];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#if DEBUG
|
||||||
|
cli_putstr("\r\nAfter theta:");
|
||||||
|
keccak_dump_state(a);
|
||||||
|
#endif
|
||||||
|
/* rho & pi */
|
||||||
|
for(i=0; i<5; ++i){
|
||||||
|
for(j=0; j<5; ++j){
|
||||||
|
b[(2*i+3*j)%5][j] = rotl64(a[j][i], r[i][j]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#if DEBUG
|
||||||
|
cli_putstr("\r\n--- after rho & pi ---");
|
||||||
|
keccak_dump_state(a);
|
||||||
|
#endif
|
||||||
|
/* chi */
|
||||||
|
for(i=0; i<5; ++i){
|
||||||
|
for(j=0; j<5; ++j){
|
||||||
|
a[j][i] = b[j][i] ^ ((~(b[j][(i+1)%5]))&(b[j][(i+2)%5]));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#if DEBUG
|
||||||
|
cli_putstr("\r\nAfter chi:");
|
||||||
|
keccak_dump_state(a);
|
||||||
|
#endif
|
||||||
|
/* iota */
|
||||||
|
uint64_t t;
|
||||||
|
t= rc[rci];
|
||||||
|
a[0][0] ^= t;
|
||||||
|
#if DEBUG
|
||||||
|
cli_putstr("\r\nAfter iota:");
|
||||||
|
keccak_dump_state(a);
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
void keccak_f1600(uint64_t a[5][5]){
|
||||||
|
uint8_t i=0;
|
||||||
|
do{
|
||||||
|
#if DEBUG
|
||||||
|
cli_putstr("\r\n\r\n--- Round ");
|
||||||
|
cli_hexdump(&i, 1);
|
||||||
|
cli_putstr(" ---");
|
||||||
|
#endif
|
||||||
|
keccak_round(a, i);
|
||||||
|
}while(++i<24);
|
||||||
|
}
|
||||||
|
|
||||||
|
void keccak_nextBlock(keccak_ctx_t* ctx, const void* block){
|
||||||
|
memxor(ctx->a, block, ctx->bs);
|
||||||
|
keccak_f1600(ctx->a);
|
||||||
|
}
|
||||||
|
|
||||||
|
void keccak_lastBlock(keccak_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||||
|
while(length_b>=ctx->r){
|
||||||
|
keccak_nextBlock(ctx, block);
|
||||||
|
block = (uint8_t*)block + ctx->bs;
|
||||||
|
length_b -= ctx->r;
|
||||||
|
}
|
||||||
|
uint8_t tmp[ctx->bs];
|
||||||
|
uint8_t pad[3];
|
||||||
|
memset(tmp, 0x00, ctx->bs);
|
||||||
|
memcpy(tmp, block, (length_b+7)/8);
|
||||||
|
/* appand 1 */
|
||||||
|
if(length_b&7){
|
||||||
|
/* we have some single bits */
|
||||||
|
uint8_t t;
|
||||||
|
t = tmp[length_b/8]>>(8-(length_b&7));
|
||||||
|
t |= 0x01<<(length_b&7);
|
||||||
|
tmp[length_b/8] = t;
|
||||||
|
}else{
|
||||||
|
tmp[length_b/8] = 0x01;
|
||||||
|
}
|
||||||
|
pad[0] = ctx->d;
|
||||||
|
pad[1] = ctx->bs;
|
||||||
|
pad[2] = 0x01;
|
||||||
|
if(length_b/8+1+3<=ctx->bs){
|
||||||
|
memcpy(tmp+length_b/8+1, pad, 3);
|
||||||
|
}else{
|
||||||
|
if(length_b/8+1+2<=ctx->bs){
|
||||||
|
memcpy(tmp+length_b/8+1, pad, 2);
|
||||||
|
keccak_nextBlock(ctx, tmp);
|
||||||
|
memset(tmp, 0x00, ctx->bs);
|
||||||
|
tmp[0]=0x01;
|
||||||
|
}else{
|
||||||
|
if(length_b/8+1+1<=ctx->bs){
|
||||||
|
memcpy(tmp+length_b/8+1, pad, 1);
|
||||||
|
keccak_nextBlock(ctx, tmp);
|
||||||
|
memset(tmp, 0x00, ctx->bs);
|
||||||
|
tmp[0] = ctx->bs;
|
||||||
|
tmp[1] = 0x01;
|
||||||
|
}else{
|
||||||
|
keccak_nextBlock(ctx, tmp);
|
||||||
|
memset(tmp, 0x00, ctx->bs);
|
||||||
|
tmp[0] = ctx->d;
|
||||||
|
tmp[1] = ctx->bs;
|
||||||
|
tmp[2] = 0x01;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
keccak_nextBlock(ctx, tmp);
|
||||||
|
}
|
||||||
|
|
||||||
|
void keccak_ctx2hash(void* dest, uint16_t length_b, keccak_ctx_t* ctx){
|
||||||
|
while(length_b>=ctx->r){
|
||||||
|
memcpy(dest, ctx->a, ctx->bs);
|
||||||
|
dest = (uint8_t*)dest + ctx->bs;
|
||||||
|
length_b -= ctx->r;
|
||||||
|
keccak_f1600(ctx->a);
|
||||||
|
}
|
||||||
|
memcpy(dest, ctx->a, (length_b+7)/8);
|
||||||
|
}
|
||||||
|
|
||||||
|
void keccak224_ctx2hash(void* dest, keccak_ctx_t* ctx){
|
||||||
|
keccak_ctx2hash(dest, 224, ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void keccak256_ctx2hash(void* dest, keccak_ctx_t* ctx){
|
||||||
|
keccak_ctx2hash(dest, 256, ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void keccak384_ctx2hash(void* dest, keccak_ctx_t* ctx){
|
||||||
|
keccak_ctx2hash(dest, 384, ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void keccak512_ctx2hash(void* dest, keccak_ctx_t* ctx){
|
||||||
|
keccak_ctx2hash(dest, 512, ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
1. SHA3-224: ⌊Keccak[r = 1152, c = 448, d = 28]⌋224
|
||||||
|
2. SHA3-256: ⌊Keccak[r = 1088, c = 512, d = 32]⌋256
|
||||||
|
3. SHA3-384: ⌊Keccak[r = 832, c = 768, d = 48]⌋384
|
||||||
|
4. SHA3-512: ⌊Keccak[r = 576, c = 1024, d = 64]⌋512
|
||||||
|
*/
|
||||||
|
void keccak_init(uint16_t r, uint16_t c, uint8_t d, keccak_ctx_t* ctx){
|
||||||
|
memset(ctx->a, 0x00, 5*5*8);
|
||||||
|
ctx->r = r;
|
||||||
|
ctx->c = c;
|
||||||
|
ctx->d = d;
|
||||||
|
ctx->bs = (uint8_t)(r/8);
|
||||||
|
}
|
||||||
|
|
||||||
|
void keccak224_init(keccak_ctx_t* ctx){
|
||||||
|
keccak_init(1152, 448, 28, ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void keccak256_init(keccak_ctx_t* ctx){
|
||||||
|
keccak_init(1088, 512, 32, ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void keccak384_init(keccak_ctx_t* ctx){
|
||||||
|
keccak_init( 832, 768, 48, ctx);
|
||||||
|
}
|
||||||
|
|
||||||
|
void keccak512_init(keccak_ctx_t* ctx){
|
||||||
|
keccak_init( 576, 1024, 64, ctx);
|
||||||
|
}
|
|
@ -0,0 +1,56 @@
|
||||||
|
/* keccak.h */
|
||||||
|
/*
|
||||||
|
This file is part of the AVR-Crypto-Lib.
|
||||||
|
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef KECCAK_H_
|
||||||
|
#define KECCAK_H_
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
#define KECCAK224_BLOCKSIZE 1152
|
||||||
|
#define KECCAK224_BLOCKSIZE_B (KECCAK224_BLOCKSIZE/8)
|
||||||
|
#define KECCAK256_BLOCKSIZE 1088
|
||||||
|
#define KECCAK256_BLOCKSIZE_B (KECCAK256_BLOCKSIZE/8)
|
||||||
|
#define KECCAK384_BLOCKSIZE 832
|
||||||
|
#define KECCAK384_BLOCKSIZE_B (KECCAK384_BLOCKSIZE/8)
|
||||||
|
#define KECCAK512_BLOCKSIZE 576
|
||||||
|
#define KECCAK512_BLOCKSIZE_B (KECCAK512_BLOCKSIZE/8)
|
||||||
|
|
||||||
|
typedef struct{
|
||||||
|
uint64_t a[5][5];
|
||||||
|
uint16_t r, c;
|
||||||
|
uint8_t d, bs;
|
||||||
|
} keccak_ctx_t;
|
||||||
|
|
||||||
|
|
||||||
|
void keccak_init(uint16_t r, uint16_t c, uint8_t d, keccak_ctx_t* ctx);
|
||||||
|
void keccak224_init(keccak_ctx_t* ctx);
|
||||||
|
void keccak256_init(keccak_ctx_t* ctx);
|
||||||
|
void keccak384_init(keccak_ctx_t* ctx);
|
||||||
|
void keccak512_init(keccak_ctx_t* ctx);
|
||||||
|
|
||||||
|
void keccak_nextBlock(keccak_ctx_t* ctx, const void* block);
|
||||||
|
void keccak_lastBlock(keccak_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||||
|
|
||||||
|
void keccak_ctx2hash(void* dest, uint16_t length_b, keccak_ctx_t* ctx);
|
||||||
|
void keccak224_ctx2hash(void* dest, keccak_ctx_t* ctx);
|
||||||
|
void keccak256_ctx2hash(void* dest, keccak_ctx_t* ctx);
|
||||||
|
void keccak384_ctx2hash(void* dest, keccak_ctx_t* ctx);
|
||||||
|
void keccak512_ctx2hash(void* dest, keccak_ctx_t* ctx);
|
||||||
|
|
||||||
|
#endif /* KECCAK_H_ */
|
|
@ -0,0 +1,12 @@
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
#include "memxor.h"
|
||||||
|
|
||||||
|
void memxor(void* dest, const void* src, uint16_t n){
|
||||||
|
while(n--){
|
||||||
|
*((uint8_t*)dest) ^= *((uint8_t*)src);
|
||||||
|
dest = (uint8_t*)dest +1;
|
||||||
|
src = (uint8_t*)src +1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
#ifndef MEMXOR_H_
|
||||||
|
#define MEMXOR_H_
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
void memxor(void* dest, const void* src, uint16_t n);
|
||||||
|
|
||||||
|
#endif
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue