bg
/
avr-crypto-lib
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Echo384/512 implemented

This commit is contained in:
bg 2010-02-22 14:12:20 +00:00
parent b3be51454f
commit 2ba0b7c62e
5 changed files with 291 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

133
echo/echo.c
View File

@ -91,33 +91,31 @@ static void dump_state(void* s){
}
#endif
static void compress512(void* v, void* m, uint64_t* c, void* salt){
uint8_t i, j, l;
uint8_t s[16*16];
static void echo_compress(uint8_t* s, uint8_t iterations, uint64_t* c, void* salt){
uint8_t i, j;
uint8_t k[16];
memcpy(s, v, 16*4); /* load v into state */
memcpy(s+16*4, m, 16*12); /* load m into state */
#if DEBUG
uint8_t round=0;
#endif
memcpy(k, c, 8);
memset(k+8, 0, 8);
for(i=0; i<8; ++i){
do{
/* BIG.SubWords */
#if DEBUG
cli_putstr_P(PSTR("\r\n === ROUND "));
cli_putc('1'+i);
cli_putc('0'+round);
cli_putstr_P(PSTR(" ==="));
if(i<DEBUG_DEPTH){
if(round<DEBUG_DEPTH){
dump_state(s);
}
#endif
for(j=0; j<16; ++j){
aes_encrypt_round(s+16*j, k);
aes_encrypt_round(s+16*j, salt);
for(i=0; i<16; ++i){
aes_encrypt_round(s+16*i, k);
aes_encrypt_round(s+16*i, salt);
*((uint64_t*)(k)) += 1;
}
#if DEBUG
if(i<DEBUG_DEPTH){
if(round<DEBUG_DEPTH){
cli_putstr_P(PSTR("\r\nAfter SubWords"));
dump_state(s);
}
@ -144,24 +142,37 @@ static void compress512(void* v, void* m, uint64_t* c, void* salt){
memcpy(s+INDEX(2, 3), s+INDEX(1, 3), 16);
memcpy(s+INDEX(1, 3), t, 16);
#if DEBUG
if(i<DEBUG_DEPTH){
if(round<DEBUG_DEPTH){
cli_putstr_P(PSTR("\r\nAfter ShiftRows"));
dump_state(s);
}
#endif
/* BIG.MixColumns */
for(j=0; j<4; j+=1){
for(l=0; l<16; ++l){
mixcol(s+j*64+l);
for(i=0; i<4; i+=1){
for(j=0; j<16; ++j){
mixcol(s+i*64+j);
}
}
#if DEBUG
if(i<DEBUG_DEPTH){
if(round<DEBUG_DEPTH){
cli_putstr_P(PSTR("\r\nAfter MixColumns"));
dump_state(s);
}
round++;
#endif
}
}while(--iterations);
}
/******************************************************************************/
static void compress512(void* v, void* m, uint64_t* c, void* salt){
uint8_t s[16*16];
uint8_t i;
memcpy(s, v, 16*4); /* load v into state */
memcpy(s+16*4, m, 16*12); /* load m into state */
echo_compress(s, 8, c, salt);
/* BIG.Final */
for(i=0; i<3; ++i){
@ -172,6 +183,21 @@ static void compress512(void* v, void* m, uint64_t* c, void* salt){
}
}
static void compress1024(void* v, void* m, uint64_t* c, void* salt){
uint8_t s[16*16];
memcpy(s, v, 16*8); /* load v into state */
memcpy(s+16*8, m, 16*8); /* load m into state */
echo_compress(s, 10, c, salt);
/* BIG.Final */
memxor(v, m, 16*8);
memxor(v, s, 16*8);
memxor(v, s+16*8, 16*8);
}
/******************************************************************************/
void echo_small_nextBlock(echo_small_ctx_t* ctx, void* block){
ctx->counter += ECHO_SMALL_BLOCKSIZE;
compress512(ctx->v, block, &(ctx->counter), ctx->salt);
@ -204,7 +230,38 @@ void echo_small_lastBlock(echo_small_ctx_t* ctx, void* block, uint16_t length_b)
/******************************************************************************/
void echo_small_ctx2hash(void* dest, uint16_t length_b, echo_small_ctx_t* ctx){
void echo_large_nextBlock(echo_large_ctx_t* ctx, void* block){
ctx->counter += ECHO_LARGE_BLOCKSIZE;
compress1024(ctx->v, block, &(ctx->counter), ctx->salt);
}
void echo_large_lastBlock(echo_large_ctx_t* ctx, void* block, uint16_t length_b){
while(length_b>=ECHO_LARGE_BLOCKSIZE){
echo_large_nextBlock(ctx, block);
block = (uint8_t*)block + ECHO_LARGE_BLOCKSIZE_B;
length_b -= ECHO_LARGE_BLOCKSIZE;
}
uint8_t buffer[ECHO_LARGE_BLOCKSIZE_B];
uint64_t total_len;
memset(buffer, 0, ECHO_LARGE_BLOCKSIZE_B);
memcpy(buffer, block, (length_b+7)/8);
buffer[length_b/8] |= 0x80 >> (length_b&7);
total_len = (ctx->counter += length_b);
if(length_b>=ECHO_LARGE_BLOCKSIZE-144){
compress1024(ctx->v, buffer, &total_len, ctx->salt);
memset(buffer, 0, ECHO_LARGE_BLOCKSIZE_B);
ctx->counter = 0;
}
if(length_b==0){
ctx->counter = 0;
}
memcpy(buffer+ECHO_LARGE_BLOCKSIZE_B-18, &(ctx->id), 2);
memcpy(buffer+ECHO_LARGE_BLOCKSIZE_B-16, &total_len, 8);
compress1024(ctx->v, buffer, &(ctx->counter), ctx->salt);
}
/******************************************************************************/
void echo_ctx2hash(void* dest, uint16_t length_b, echo_small_ctx_t* ctx){
memcpy(dest, ctx->v, (length_b+7)/8);
}
@ -218,6 +275,16 @@ void echo256_ctx2hash(void* dest, echo_small_ctx_t* ctx){
/******************************************************************************/
void echo384_ctx2hash(void* dest, echo_large_ctx_t* ctx){
memcpy(dest, ctx->v, 384/8);
}
void echo512_ctx2hash(void* dest, echo_large_ctx_t* ctx){
memcpy(dest, ctx->v, 512/8);
}
/******************************************************************************/
void echo224_init(echo_small_ctx_t* ctx){
memset(ctx->v, 0, 4*16);
ctx->counter = 0;
@ -242,3 +309,27 @@ void echo256_init(echo_small_ctx_t* ctx){
/******************************************************************************/
void echo384_init(echo_large_ctx_t* ctx){
uint8_t i;
memset(ctx->v, 0, 8*16);
ctx->counter = 0;
memset(ctx->salt, 0, 16);
ctx->id = 0x0180;
for(i=0; i<8; ++i){
ctx->v[0+16*i] = 0x80;
ctx->v[1+16*i] = 0x01;
}
}
void echo512_init(echo_large_ctx_t* ctx){
uint8_t i;
memset(ctx->v, 0, 8*16);
ctx->counter = 0;
memset(ctx->salt, 0, 16);
ctx->id = 0x0200;
for(i=0; i<8; ++i){
ctx->v[1+16*i] = 0x02;
}
}
/******************************************************************************/

14
echo/echo.h
View File

@ -43,6 +43,12 @@ typedef struct{
uint16_t id;
}echo_small_ctx_t;
typedef struct{
uint8_t v[8*16];
uint8_t salt[16];
uint64_t counter;
uint16_t id;
}echo_large_ctx_t;
void echo_small_nextBlock(echo_small_ctx_t* ctx, void* block);
void echo_small_lastBlock(echo_small_ctx_t* ctx, void* block, uint16_t length_b);
@ -52,4 +58,12 @@ void echo256_ctx2hash(void* dest, echo_small_ctx_t* ctx);
void echo224_init(echo_small_ctx_t* ctx);
void echo256_init(echo_small_ctx_t* ctx);
void echo_large_nextBlock(echo_large_ctx_t* ctx, void* block);
void echo_large_lastBlock(echo_large_ctx_t* ctx, void* block, uint16_t length_b);
void echo_large_ctx2hash(void* dest, uint16_t length_b, echo_large_ctx_t* ctx);
void echo384_ctx2hash(void* dest, echo_large_ctx_t* ctx);
void echo512_ctx2hash(void* dest, echo_large_ctx_t* ctx);
void echo384_init(echo_large_ctx_t* ctx);
void echo512_init(echo_large_ctx_t* ctx);
#endif /* ECHO_H_ */

99
hfal_echo.c Normal file
View File

@ -0,0 +1,99 @@
/* hfal_echo.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file hfal_echo.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2010-02-21
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "hashfunction_descriptor.h"
#include "echo.h"
static const char echo224_str[] PROGMEM = "ECHO-224";
static const char echo256_str[] PROGMEM = "ECHO-256";
static const char echo384_str[] PROGMEM = "ECHO-384";
static const char echo512_str[] PROGMEM = "ECHO-512";
const hfdesc_t echo224_desc PROGMEM = {
HFDESC_TYPE_HASHFUNCTION,
0,
echo224_str,
sizeof(echo_small_ctx_t),
ECHO224_BLOCKSIZE,
224,
(hf_init_fpt)echo224_init,
(hf_nextBlock_fpt)echo_small_nextBlock,
(hf_lastBlock_fpt)echo_small_lastBlock,
(hf_ctx2hash_fpt)echo224_ctx2hash,
(hf_free_fpt)NULL,
(hf_mem_fpt)NULL
};
const hfdesc_t echo256_desc PROGMEM = {
HFDESC_TYPE_HASHFUNCTION,
0,
echo256_str,
sizeof(echo_small_ctx_t),
ECHO256_BLOCKSIZE,
256,
(hf_init_fpt)echo256_init,
(hf_nextBlock_fpt)echo_small_nextBlock,
(hf_lastBlock_fpt)echo_small_lastBlock,
(hf_ctx2hash_fpt)echo256_ctx2hash,
(hf_free_fpt)NULL,
(hf_mem_fpt)NULL
};
const hfdesc_t echo384_desc PROGMEM = {
HFDESC_TYPE_HASHFUNCTION,
0,
echo384_str,
sizeof(echo_large_ctx_t),
ECHO384_BLOCKSIZE,
384,
(hf_init_fpt)echo384_init,
(hf_nextBlock_fpt)echo_large_nextBlock,
(hf_lastBlock_fpt)echo_large_lastBlock,
(hf_ctx2hash_fpt)echo384_ctx2hash,
(hf_free_fpt)NULL,
(hf_mem_fpt)NULL
};
const hfdesc_t echo512_desc PROGMEM = {
HFDESC_TYPE_HASHFUNCTION,
0,
echo512_str,
sizeof(echo_large_ctx_t),
ECHO512_BLOCKSIZE,
512,
(hf_init_fpt)echo512_init,
(hf_nextBlock_fpt)echo_large_nextBlock,
(hf_lastBlock_fpt)echo_large_lastBlock,
(hf_ctx2hash_fpt)echo512_ctx2hash,
(hf_free_fpt)NULL,
(hf_mem_fpt)NULL
};

31
hfal_echo.h Normal file
View File

@ -0,0 +1,31 @@
/* hfal_echo.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef HFAL_ECHO_H_
#define HFAL_ECHO_H_
#include <avr/pgmspace.h>
#include "hashfunction_descriptor.h"
extern const hfdesc_t echo224_desc;
extern const hfdesc_t echo256_desc;
extern const hfdesc_t echo384_desc;
extern const hfdesc_t echo512_desc;
#endif /* HFAL_ECHO_H_ */

35
test_src/main-echo-test.c
View File

@ -45,6 +45,8 @@ char* algo_name = "CubeHash";
const hfdesc_t* algolist[] PROGMEM = {
(hfdesc_t*)&echo224_desc,
(hfdesc_t*)&echo256_desc,
(hfdesc_t*)&echo384_desc,
(hfdesc_t*)&echo512_desc,
NULL
};
@ -77,6 +79,23 @@ uint8_t intermediate_data[] PROGMEM = {
0xFD, 0x29, 0xD1, 0x04, 0xCE
};
uint8_t intermediate_data2[] PROGMEM = {
0x75, 0x8E, 0xA3, 0xFE, 0xA7, 0x38, 0x97, 0x3D,
0xB0, 0xB8, 0xBE, 0x7E, 0x59, 0x9B, 0xBE, 0xF4,
0x51, 0x93, 0x73, 0xD6, 0xE6, 0xDC, 0xD7, 0x19,
0x5E, 0xA8, 0x85, 0xFC, 0x99, 0x1D, 0x89, 0x67,
0x62, 0x99, 0x27, 0x59, 0xC2, 0xA0, 0x90, 0x02,
0x91, 0x2F, 0xB0, 0x8E, 0x0C, 0xB5, 0xB7, 0x6F,
0x49, 0x16, 0x2A, 0xEB, 0x8C, 0xF8, 0x7B, 0x17,
0x2C, 0xF3, 0xAD, 0x19, 0x02, 0x53, 0xDF, 0x61,
0x2F, 0x77, 0xB1, 0xF0, 0xC5, 0x32, 0xE3, 0xB5,
0xFC, 0x99, 0xC2, 0xD3, 0x1F, 0x8F, 0x65, 0x01,
0x16, 0x95, 0xA0, 0x87, 0xA3, 0x5E, 0xE4, 0xEE,
0xE5, 0xE3, 0x34, 0xC3, 0x69, 0xD8, 0xEE, 0x5D,
0x29, 0xF6, 0x95, 0x81, 0x5D, 0x86, 0x6D, 0xA9,
0x9D, 0xF3, 0xF7, 0x94, 0x03
};
void echo256_interm(void){
echo_small_ctx_t ctx;
uint8_t data[1384/8];
@ -91,6 +110,20 @@ void echo256_interm(void){
cli_hexdump(hash, 32);
}
void echo512_interm(void){
echo_large_ctx_t ctx;
uint8_t data[872/8];
uint8_t hash[64];
echo512_init(&ctx);
memcpy_P(data, intermediate_data2, 872/8);
cli_putstr_P(PSTR("\r\ninit done "));
echo_large_lastBlock(&ctx, data, 872);
cli_putstr_P(PSTR("\r\nlastblock done "));
echo512_ctx2hash(hash, &ctx);
cli_putstr_P(PSTR("\r\nhash = "));
cli_hexdump(hash, 64);
}
void echo256_test0(void){
echo_small_ctx_t ctx;
uint8_t hash[32];
@ -117,6 +150,7 @@ void testrun_nessie_echo(void){
const char nessie_str[] PROGMEM = "nessie";
const char test256_str[] PROGMEM = "test256";
const char interm_str[] PROGMEM = "interm";
const char interm2_str[] PROGMEM = "interm2";
const char performance_str[] PROGMEM = "performance";
const char echo_str[] PROGMEM = "echo";
const char shavs_list_str[] PROGMEM = "shavs_list";
@ -127,6 +161,7 @@ const char shavs_test3_str[] PROGMEM = "shavs_test3";
cmdlist_entry_t cmdlist[] PROGMEM = {
{ nessie_str, NULL, testrun_nessie_echo },
{ interm_str, NULL, echo256_interm },
{ interm2_str, NULL, echo512_interm },
{ test256_str, NULL, echo256_test0 },
{ performance_str, NULL, performance_echo },
{ shavs_list_str, NULL, shavs_listalgos },