Echo384/512 implemented
This commit is contained in:
parent
b3be51454f
commit
2ba0b7c62e
133
echo/echo.c
133
echo/echo.c
|
@ -91,33 +91,31 @@ static void dump_state(void* s){
|
|||
}
|
||||
#endif
|
||||
|
||||
static void compress512(void* v, void* m, uint64_t* c, void* salt){
|
||||
uint8_t i, j, l;
|
||||
uint8_t s[16*16];
|
||||
static void echo_compress(uint8_t* s, uint8_t iterations, uint64_t* c, void* salt){
|
||||
uint8_t i, j;
|
||||
uint8_t k[16];
|
||||
|
||||
memcpy(s, v, 16*4); /* load v into state */
|
||||
memcpy(s+16*4, m, 16*12); /* load m into state */
|
||||
|
||||
#if DEBUG
|
||||
uint8_t round=0;
|
||||
#endif
|
||||
memcpy(k, c, 8);
|
||||
memset(k+8, 0, 8);
|
||||
for(i=0; i<8; ++i){
|
||||
do{
|
||||
/* BIG.SubWords */
|
||||
#if DEBUG
|
||||
cli_putstr_P(PSTR("\r\n === ROUND "));
|
||||
cli_putc('1'+i);
|
||||
cli_putc('0'+round);
|
||||
cli_putstr_P(PSTR(" ==="));
|
||||
if(i<DEBUG_DEPTH){
|
||||
if(round<DEBUG_DEPTH){
|
||||
dump_state(s);
|
||||
}
|
||||
#endif
|
||||
for(j=0; j<16; ++j){
|
||||
aes_encrypt_round(s+16*j, k);
|
||||
aes_encrypt_round(s+16*j, salt);
|
||||
for(i=0; i<16; ++i){
|
||||
aes_encrypt_round(s+16*i, k);
|
||||
aes_encrypt_round(s+16*i, salt);
|
||||
*((uint64_t*)(k)) += 1;
|
||||
}
|
||||
#if DEBUG
|
||||
if(i<DEBUG_DEPTH){
|
||||
if(round<DEBUG_DEPTH){
|
||||
cli_putstr_P(PSTR("\r\nAfter SubWords"));
|
||||
dump_state(s);
|
||||
}
|
||||
|
@ -144,24 +142,37 @@ static void compress512(void* v, void* m, uint64_t* c, void* salt){
|
|||
memcpy(s+INDEX(2, 3), s+INDEX(1, 3), 16);
|
||||
memcpy(s+INDEX(1, 3), t, 16);
|
||||
#if DEBUG
|
||||
if(i<DEBUG_DEPTH){
|
||||
if(round<DEBUG_DEPTH){
|
||||
cli_putstr_P(PSTR("\r\nAfter ShiftRows"));
|
||||
dump_state(s);
|
||||
}
|
||||
#endif
|
||||
/* BIG.MixColumns */
|
||||
for(j=0; j<4; j+=1){
|
||||
for(l=0; l<16; ++l){
|
||||
mixcol(s+j*64+l);
|
||||
for(i=0; i<4; i+=1){
|
||||
for(j=0; j<16; ++j){
|
||||
mixcol(s+i*64+j);
|
||||
}
|
||||
}
|
||||
#if DEBUG
|
||||
if(i<DEBUG_DEPTH){
|
||||
if(round<DEBUG_DEPTH){
|
||||
cli_putstr_P(PSTR("\r\nAfter MixColumns"));
|
||||
dump_state(s);
|
||||
}
|
||||
round++;
|
||||
#endif
|
||||
}
|
||||
}while(--iterations);
|
||||
|
||||
}
|
||||
|
||||
/******************************************************************************/
|
||||
|
||||
static void compress512(void* v, void* m, uint64_t* c, void* salt){
|
||||
uint8_t s[16*16];
|
||||
uint8_t i;
|
||||
memcpy(s, v, 16*4); /* load v into state */
|
||||
memcpy(s+16*4, m, 16*12); /* load m into state */
|
||||
|
||||
echo_compress(s, 8, c, salt);
|
||||
|
||||
/* BIG.Final */
|
||||
for(i=0; i<3; ++i){
|
||||
|
@ -172,6 +183,21 @@ static void compress512(void* v, void* m, uint64_t* c, void* salt){
|
|||
}
|
||||
}
|
||||
|
||||
static void compress1024(void* v, void* m, uint64_t* c, void* salt){
|
||||
uint8_t s[16*16];
|
||||
memcpy(s, v, 16*8); /* load v into state */
|
||||
memcpy(s+16*8, m, 16*8); /* load m into state */
|
||||
|
||||
echo_compress(s, 10, c, salt);
|
||||
|
||||
/* BIG.Final */
|
||||
memxor(v, m, 16*8);
|
||||
memxor(v, s, 16*8);
|
||||
memxor(v, s+16*8, 16*8);
|
||||
}
|
||||
|
||||
/******************************************************************************/
|
||||
|
||||
void echo_small_nextBlock(echo_small_ctx_t* ctx, void* block){
|
||||
ctx->counter += ECHO_SMALL_BLOCKSIZE;
|
||||
compress512(ctx->v, block, &(ctx->counter), ctx->salt);
|
||||
|
@ -204,7 +230,38 @@ void echo_small_lastBlock(echo_small_ctx_t* ctx, void* block, uint16_t length_b)
|
|||
|
||||
/******************************************************************************/
|
||||
|
||||
void echo_small_ctx2hash(void* dest, uint16_t length_b, echo_small_ctx_t* ctx){
|
||||
void echo_large_nextBlock(echo_large_ctx_t* ctx, void* block){
|
||||
ctx->counter += ECHO_LARGE_BLOCKSIZE;
|
||||
compress1024(ctx->v, block, &(ctx->counter), ctx->salt);
|
||||
}
|
||||
|
||||
void echo_large_lastBlock(echo_large_ctx_t* ctx, void* block, uint16_t length_b){
|
||||
while(length_b>=ECHO_LARGE_BLOCKSIZE){
|
||||
echo_large_nextBlock(ctx, block);
|
||||
block = (uint8_t*)block + ECHO_LARGE_BLOCKSIZE_B;
|
||||
length_b -= ECHO_LARGE_BLOCKSIZE;
|
||||
}
|
||||
uint8_t buffer[ECHO_LARGE_BLOCKSIZE_B];
|
||||
uint64_t total_len;
|
||||
memset(buffer, 0, ECHO_LARGE_BLOCKSIZE_B);
|
||||
memcpy(buffer, block, (length_b+7)/8);
|
||||
buffer[length_b/8] |= 0x80 >> (length_b&7);
|
||||
total_len = (ctx->counter += length_b);
|
||||
if(length_b>=ECHO_LARGE_BLOCKSIZE-144){
|
||||
compress1024(ctx->v, buffer, &total_len, ctx->salt);
|
||||
memset(buffer, 0, ECHO_LARGE_BLOCKSIZE_B);
|
||||
ctx->counter = 0;
|
||||
}
|
||||
if(length_b==0){
|
||||
ctx->counter = 0;
|
||||
}
|
||||
memcpy(buffer+ECHO_LARGE_BLOCKSIZE_B-18, &(ctx->id), 2);
|
||||
memcpy(buffer+ECHO_LARGE_BLOCKSIZE_B-16, &total_len, 8);
|
||||
compress1024(ctx->v, buffer, &(ctx->counter), ctx->salt);
|
||||
}
|
||||
/******************************************************************************/
|
||||
|
||||
void echo_ctx2hash(void* dest, uint16_t length_b, echo_small_ctx_t* ctx){
|
||||
memcpy(dest, ctx->v, (length_b+7)/8);
|
||||
}
|
||||
|
||||
|
@ -218,6 +275,16 @@ void echo256_ctx2hash(void* dest, echo_small_ctx_t* ctx){
|
|||
|
||||
/******************************************************************************/
|
||||
|
||||
void echo384_ctx2hash(void* dest, echo_large_ctx_t* ctx){
|
||||
memcpy(dest, ctx->v, 384/8);
|
||||
}
|
||||
|
||||
void echo512_ctx2hash(void* dest, echo_large_ctx_t* ctx){
|
||||
memcpy(dest, ctx->v, 512/8);
|
||||
}
|
||||
|
||||
/******************************************************************************/
|
||||
|
||||
void echo224_init(echo_small_ctx_t* ctx){
|
||||
memset(ctx->v, 0, 4*16);
|
||||
ctx->counter = 0;
|
||||
|
@ -242,3 +309,27 @@ void echo256_init(echo_small_ctx_t* ctx){
|
|||
|
||||
/******************************************************************************/
|
||||
|
||||
void echo384_init(echo_large_ctx_t* ctx){
|
||||
uint8_t i;
|
||||
memset(ctx->v, 0, 8*16);
|
||||
ctx->counter = 0;
|
||||
memset(ctx->salt, 0, 16);
|
||||
ctx->id = 0x0180;
|
||||
for(i=0; i<8; ++i){
|
||||
ctx->v[0+16*i] = 0x80;
|
||||
ctx->v[1+16*i] = 0x01;
|
||||
}
|
||||
}
|
||||
|
||||
void echo512_init(echo_large_ctx_t* ctx){
|
||||
uint8_t i;
|
||||
memset(ctx->v, 0, 8*16);
|
||||
ctx->counter = 0;
|
||||
memset(ctx->salt, 0, 16);
|
||||
ctx->id = 0x0200;
|
||||
for(i=0; i<8; ++i){
|
||||
ctx->v[1+16*i] = 0x02;
|
||||
}
|
||||
}
|
||||
|
||||
/******************************************************************************/
|
||||
|
|
14
echo/echo.h
14
echo/echo.h
|
@ -43,6 +43,12 @@ typedef struct{
|
|||
uint16_t id;
|
||||
}echo_small_ctx_t;
|
||||
|
||||
typedef struct{
|
||||
uint8_t v[8*16];
|
||||
uint8_t salt[16];
|
||||
uint64_t counter;
|
||||
uint16_t id;
|
||||
}echo_large_ctx_t;
|
||||
|
||||
void echo_small_nextBlock(echo_small_ctx_t* ctx, void* block);
|
||||
void echo_small_lastBlock(echo_small_ctx_t* ctx, void* block, uint16_t length_b);
|
||||
|
@ -52,4 +58,12 @@ void echo256_ctx2hash(void* dest, echo_small_ctx_t* ctx);
|
|||
void echo224_init(echo_small_ctx_t* ctx);
|
||||
void echo256_init(echo_small_ctx_t* ctx);
|
||||
|
||||
void echo_large_nextBlock(echo_large_ctx_t* ctx, void* block);
|
||||
void echo_large_lastBlock(echo_large_ctx_t* ctx, void* block, uint16_t length_b);
|
||||
void echo_large_ctx2hash(void* dest, uint16_t length_b, echo_large_ctx_t* ctx);
|
||||
void echo384_ctx2hash(void* dest, echo_large_ctx_t* ctx);
|
||||
void echo512_ctx2hash(void* dest, echo_large_ctx_t* ctx);
|
||||
void echo384_init(echo_large_ctx_t* ctx);
|
||||
void echo512_init(echo_large_ctx_t* ctx);
|
||||
|
||||
#endif /* ECHO_H_ */
|
||||
|
|
|
@ -0,0 +1,99 @@
|
|||
/* hfal_echo.c */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file hfal_echo.c
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2010-02-21
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include <avr/pgmspace.h>
|
||||
#include <stdlib.h>
|
||||
#include "hashfunction_descriptor.h"
|
||||
#include "echo.h"
|
||||
|
||||
|
||||
static const char echo224_str[] PROGMEM = "ECHO-224";
|
||||
static const char echo256_str[] PROGMEM = "ECHO-256";
|
||||
static const char echo384_str[] PROGMEM = "ECHO-384";
|
||||
static const char echo512_str[] PROGMEM = "ECHO-512";
|
||||
|
||||
const hfdesc_t echo224_desc PROGMEM = {
|
||||
HFDESC_TYPE_HASHFUNCTION,
|
||||
0,
|
||||
echo224_str,
|
||||
sizeof(echo_small_ctx_t),
|
||||
ECHO224_BLOCKSIZE,
|
||||
224,
|
||||
(hf_init_fpt)echo224_init,
|
||||
(hf_nextBlock_fpt)echo_small_nextBlock,
|
||||
(hf_lastBlock_fpt)echo_small_lastBlock,
|
||||
(hf_ctx2hash_fpt)echo224_ctx2hash,
|
||||
(hf_free_fpt)NULL,
|
||||
(hf_mem_fpt)NULL
|
||||
};
|
||||
|
||||
const hfdesc_t echo256_desc PROGMEM = {
|
||||
HFDESC_TYPE_HASHFUNCTION,
|
||||
0,
|
||||
echo256_str,
|
||||
sizeof(echo_small_ctx_t),
|
||||
ECHO256_BLOCKSIZE,
|
||||
256,
|
||||
(hf_init_fpt)echo256_init,
|
||||
(hf_nextBlock_fpt)echo_small_nextBlock,
|
||||
(hf_lastBlock_fpt)echo_small_lastBlock,
|
||||
(hf_ctx2hash_fpt)echo256_ctx2hash,
|
||||
(hf_free_fpt)NULL,
|
||||
(hf_mem_fpt)NULL
|
||||
};
|
||||
|
||||
const hfdesc_t echo384_desc PROGMEM = {
|
||||
HFDESC_TYPE_HASHFUNCTION,
|
||||
0,
|
||||
echo384_str,
|
||||
sizeof(echo_large_ctx_t),
|
||||
ECHO384_BLOCKSIZE,
|
||||
384,
|
||||
(hf_init_fpt)echo384_init,
|
||||
(hf_nextBlock_fpt)echo_large_nextBlock,
|
||||
(hf_lastBlock_fpt)echo_large_lastBlock,
|
||||
(hf_ctx2hash_fpt)echo384_ctx2hash,
|
||||
(hf_free_fpt)NULL,
|
||||
(hf_mem_fpt)NULL
|
||||
};
|
||||
|
||||
const hfdesc_t echo512_desc PROGMEM = {
|
||||
HFDESC_TYPE_HASHFUNCTION,
|
||||
0,
|
||||
echo512_str,
|
||||
sizeof(echo_large_ctx_t),
|
||||
ECHO512_BLOCKSIZE,
|
||||
512,
|
||||
(hf_init_fpt)echo512_init,
|
||||
(hf_nextBlock_fpt)echo_large_nextBlock,
|
||||
(hf_lastBlock_fpt)echo_large_lastBlock,
|
||||
(hf_ctx2hash_fpt)echo512_ctx2hash,
|
||||
(hf_free_fpt)NULL,
|
||||
(hf_mem_fpt)NULL
|
||||
};
|
||||
|
||||
|
|
@ -0,0 +1,31 @@
|
|||
/* hfal_echo.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#ifndef HFAL_ECHO_H_
|
||||
#define HFAL_ECHO_H_
|
||||
|
||||
#include <avr/pgmspace.h>
|
||||
#include "hashfunction_descriptor.h"
|
||||
|
||||
extern const hfdesc_t echo224_desc;
|
||||
extern const hfdesc_t echo256_desc;
|
||||
extern const hfdesc_t echo384_desc;
|
||||
extern const hfdesc_t echo512_desc;
|
||||
|
||||
#endif /* HFAL_ECHO_H_ */
|
|
@ -45,6 +45,8 @@ char* algo_name = "CubeHash";
|
|||
const hfdesc_t* algolist[] PROGMEM = {
|
||||
(hfdesc_t*)&echo224_desc,
|
||||
(hfdesc_t*)&echo256_desc,
|
||||
(hfdesc_t*)&echo384_desc,
|
||||
(hfdesc_t*)&echo512_desc,
|
||||
NULL
|
||||
};
|
||||
|
||||
|
@ -77,6 +79,23 @@ uint8_t intermediate_data[] PROGMEM = {
|
|||
0xFD, 0x29, 0xD1, 0x04, 0xCE
|
||||
};
|
||||
|
||||
uint8_t intermediate_data2[] PROGMEM = {
|
||||
0x75, 0x8E, 0xA3, 0xFE, 0xA7, 0x38, 0x97, 0x3D,
|
||||
0xB0, 0xB8, 0xBE, 0x7E, 0x59, 0x9B, 0xBE, 0xF4,
|
||||
0x51, 0x93, 0x73, 0xD6, 0xE6, 0xDC, 0xD7, 0x19,
|
||||
0x5E, 0xA8, 0x85, 0xFC, 0x99, 0x1D, 0x89, 0x67,
|
||||
0x62, 0x99, 0x27, 0x59, 0xC2, 0xA0, 0x90, 0x02,
|
||||
0x91, 0x2F, 0xB0, 0x8E, 0x0C, 0xB5, 0xB7, 0x6F,
|
||||
0x49, 0x16, 0x2A, 0xEB, 0x8C, 0xF8, 0x7B, 0x17,
|
||||
0x2C, 0xF3, 0xAD, 0x19, 0x02, 0x53, 0xDF, 0x61,
|
||||
0x2F, 0x77, 0xB1, 0xF0, 0xC5, 0x32, 0xE3, 0xB5,
|
||||
0xFC, 0x99, 0xC2, 0xD3, 0x1F, 0x8F, 0x65, 0x01,
|
||||
0x16, 0x95, 0xA0, 0x87, 0xA3, 0x5E, 0xE4, 0xEE,
|
||||
0xE5, 0xE3, 0x34, 0xC3, 0x69, 0xD8, 0xEE, 0x5D,
|
||||
0x29, 0xF6, 0x95, 0x81, 0x5D, 0x86, 0x6D, 0xA9,
|
||||
0x9D, 0xF3, 0xF7, 0x94, 0x03
|
||||
};
|
||||
|
||||
void echo256_interm(void){
|
||||
echo_small_ctx_t ctx;
|
||||
uint8_t data[1384/8];
|
||||
|
@ -91,6 +110,20 @@ void echo256_interm(void){
|
|||
cli_hexdump(hash, 32);
|
||||
}
|
||||
|
||||
void echo512_interm(void){
|
||||
echo_large_ctx_t ctx;
|
||||
uint8_t data[872/8];
|
||||
uint8_t hash[64];
|
||||
echo512_init(&ctx);
|
||||
memcpy_P(data, intermediate_data2, 872/8);
|
||||
cli_putstr_P(PSTR("\r\ninit done "));
|
||||
echo_large_lastBlock(&ctx, data, 872);
|
||||
cli_putstr_P(PSTR("\r\nlastblock done "));
|
||||
echo512_ctx2hash(hash, &ctx);
|
||||
cli_putstr_P(PSTR("\r\nhash = "));
|
||||
cli_hexdump(hash, 64);
|
||||
}
|
||||
|
||||
void echo256_test0(void){
|
||||
echo_small_ctx_t ctx;
|
||||
uint8_t hash[32];
|
||||
|
@ -117,6 +150,7 @@ void testrun_nessie_echo(void){
|
|||
const char nessie_str[] PROGMEM = "nessie";
|
||||
const char test256_str[] PROGMEM = "test256";
|
||||
const char interm_str[] PROGMEM = "interm";
|
||||
const char interm2_str[] PROGMEM = "interm2";
|
||||
const char performance_str[] PROGMEM = "performance";
|
||||
const char echo_str[] PROGMEM = "echo";
|
||||
const char shavs_list_str[] PROGMEM = "shavs_list";
|
||||
|
@ -127,6 +161,7 @@ const char shavs_test3_str[] PROGMEM = "shavs_test3";
|
|||
cmdlist_entry_t cmdlist[] PROGMEM = {
|
||||
{ nessie_str, NULL, testrun_nessie_echo },
|
||||
{ interm_str, NULL, echo256_interm },
|
||||
{ interm2_str, NULL, echo512_interm },
|
||||
{ test256_str, NULL, echo256_test0 },
|
||||
{ performance_str, NULL, performance_echo },
|
||||
{ shavs_list_str, NULL, shavs_listalgos },
|
||||
|
|
Loading…
Reference in New Issue