+blake, bug compatibility by default off
This commit is contained in:
parent
2b8ac5e59c
commit
4e31ebdb05
|
@ -0,0 +1,53 @@
|
|||
/* blake_common.c */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/*
|
||||
* \file blake_common.c
|
||||
* \author Daniel Otte
|
||||
* \email daniel.otte@rub.de
|
||||
* \date 2009-05-08
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include <stdint.h>
|
||||
#include <avr/pgmspace.h>
|
||||
|
||||
uint8_t blake_sigma[] PROGMEM = {
|
||||
0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF,
|
||||
0xE, 0xA, 0x4, 0x8, 0x9, 0xF, 0xD, 0x6, 0x1, 0xC, 0x0, 0x2, 0xB, 0x7, 0x5, 0x3,
|
||||
0xB, 0x8, 0xC, 0x0, 0x5, 0x2, 0xF, 0xD, 0xA, 0xE, 0x3, 0x6, 0x7, 0x1, 0x9, 0x4,
|
||||
0x7, 0x9, 0x3, 0x1, 0xD, 0xC, 0xB, 0xE, 0x2, 0x6, 0x5, 0xA, 0x4, 0x0, 0xF, 0x8,
|
||||
0x9, 0x0, 0x5, 0x7, 0x2, 0x4, 0xA, 0xF, 0xE, 0x1, 0xB, 0xC, 0x6, 0x8, 0x3, 0xD,
|
||||
0x2, 0xC, 0x6, 0xA, 0x0, 0xB, 0x8, 0x3, 0x4, 0xD, 0x7, 0x5, 0xF, 0xE, 0x1, 0x9,
|
||||
0xC, 0x5, 0x1, 0xF, 0xE, 0xD, 0x4, 0xA, 0x0, 0x7, 0x6, 0x3, 0x9, 0x2, 0x8, 0xB,
|
||||
0xD, 0xB, 0x7, 0xE, 0xC, 0x1, 0x3, 0x9, 0x5, 0x0, 0xF, 0x4, 0x8, 0x6, 0x2, 0xA,
|
||||
0x6, 0xF, 0xE, 0x9, 0xB, 0x3, 0x0, 0x8, 0xC, 0x2, 0xD, 0x7, 0x1, 0x4, 0xA, 0x5,
|
||||
0xA, 0x2, 0x8, 0x4, 0x7, 0x6, 0x1, 0x5, 0xF, 0xB, 0x9, 0xE, 0x3, 0xC, 0xD, 0x0
|
||||
};
|
||||
|
||||
uint8_t blake_index_lut[] PROGMEM = {
|
||||
0x0, 0x4, 0x8, 0xC,
|
||||
0x1, 0x5, 0x9, 0xD,
|
||||
0x2, 0x6, 0xA, 0xE,
|
||||
0x3, 0x7, 0xB, 0xF,
|
||||
0x0, 0x5, 0xA, 0xF,
|
||||
0x1, 0x6, 0xB, 0xC,
|
||||
0x2, 0x7, 0x8, 0xD,
|
||||
0x3, 0x4, 0x9, 0xE
|
||||
};
|
|
@ -0,0 +1,38 @@
|
|||
/* blake_common.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/*
|
||||
* \file blake_common.h
|
||||
* \author Daniel Otte
|
||||
* \email daniel.otte@rub.de
|
||||
* \date 2009-05-08
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#ifndef BLAKE_COMMON_H_
|
||||
#define BLAKE_COMMON_H_
|
||||
|
||||
#include <stdint.h>
|
||||
#include <avr/pgmspace.h>
|
||||
|
||||
extern uint8_t blake_sigma[];
|
||||
extern uint8_t blake_index_lut[];
|
||||
|
||||
#endif /* BLAKE_COMMON_H_ */
|
|
@ -0,0 +1,329 @@
|
|||
/* blake_large.c */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/*
|
||||
* \file blake_large.c
|
||||
* \author Daniel Otte
|
||||
* \email daniel.otte@rub.de
|
||||
* \date 2009-05-08
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
#include <avr/pgmspace.h>
|
||||
#include "memxor.h"
|
||||
#include "blake_large.h"
|
||||
#include "blake_common.h"
|
||||
|
||||
#define DEBUG 0
|
||||
#define DEBUG_2 0
|
||||
|
||||
#define BUG_3 0 /* bug compatibility with reference code */
|
||||
#define BUG_4 0 /* bug compatibility with reference code */
|
||||
|
||||
#if DEBUG_2
|
||||
#include "cli.h"
|
||||
#endif
|
||||
|
||||
#if DEBUG
|
||||
#include "cli.h"
|
||||
void dump_v(uint64_t* v){
|
||||
uint8_t i;
|
||||
cli_putstr_P(PSTR("\r\n=== v dump ==="));
|
||||
for(i=0; i<16; ++i){
|
||||
if(i%4==0)
|
||||
cli_putstr_P(PSTR("\r\n\t"));
|
||||
cli_hexdump_rev(v+i, 8);
|
||||
cli_putc(' ');
|
||||
}
|
||||
}
|
||||
#else
|
||||
#define dump_v(v)
|
||||
#endif
|
||||
|
||||
uint64_t pgm_read_qword(void* p){
|
||||
union{
|
||||
uint64_t v64;
|
||||
uint32_t v32[2];
|
||||
}r;
|
||||
r.v32[0] = pgm_read_dword(p);
|
||||
r.v32[1] = pgm_read_dword((uint8_t*)p+4);
|
||||
return r.v64;
|
||||
}
|
||||
|
||||
static
|
||||
uint64_t blake_c[] PROGMEM = {
|
||||
0x243F6A8885A308D3LL, 0x13198A2E03707344LL,
|
||||
0xA4093822299F31D0LL, 0x082EFA98EC4E6C89LL,
|
||||
0x452821E638D01377LL, 0xBE5466CF34E90C6CLL,
|
||||
0xC0AC29B7C97C50DDLL, 0x3F84D5B5B5470917LL,
|
||||
0x9216D5D98979FB1BLL, 0xD1310BA698DFB5ACLL,
|
||||
0x2FFD72DBD01ADFB7LL, 0xB8E1AFED6A267E96LL,
|
||||
0xBA7C9045F12C7F99LL, 0x24A19947B3916CF7LL,
|
||||
0x0801F2E2858EFC16LL, 0x636920D871574E69LL
|
||||
|
||||
};
|
||||
|
||||
|
||||
|
||||
#define ROTL64(a, n) (((a)<<(n))|((a)>>(64-(n))))
|
||||
#define ROTR64(a, n) (((a)>>(n))|((a)<<(64-(n))))
|
||||
#define CHANGE_ENDIAN32(a) (((a)<<24)| \
|
||||
((0x0000ff00&(a))<<8)| \
|
||||
((0x00ff0000&(a))>>8)| \
|
||||
(a)>>24 )
|
||||
|
||||
void blake_large_g(uint8_t r, uint8_t i, uint64_t* v, const uint64_t* m){
|
||||
uint8_t a,b,c,d, s0, s1;
|
||||
a = pgm_read_byte(blake_index_lut+4*i+0);
|
||||
b = pgm_read_byte(blake_index_lut+4*i+1);
|
||||
c = pgm_read_byte(blake_index_lut+4*i+2);
|
||||
d = pgm_read_byte(blake_index_lut+4*i+3);
|
||||
s0 = pgm_read_byte(blake_sigma+16*r+2*i+0);
|
||||
s1 = pgm_read_byte(blake_sigma+16*r+2*i+1);
|
||||
#if DEBUG
|
||||
if(i==0){
|
||||
cli_putstr_P(PSTR("\r\n s0 = "));
|
||||
cli_hexdump(&s0, 1);
|
||||
cli_putstr_P(PSTR(" s1 = "));
|
||||
cli_hexdump(&s1, 1);
|
||||
cli_putstr_P(PSTR("\r\n m[s0] = "));
|
||||
cli_hexdump_rev(m+s0, 4);
|
||||
cli_putstr_P(PSTR("\r\n m[s1] = "));
|
||||
cli_hexdump_rev(m+s1, 4);
|
||||
}
|
||||
#endif
|
||||
v[a] += v[b] + (m[s0] ^ pgm_read_qword(&(blake_c[s1])));
|
||||
v[d] = ROTR64(v[d]^v[a], 32);
|
||||
v[c] += v[d];
|
||||
v[b] = ROTR64(v[b]^v[c], 25);
|
||||
v[a] += v[b] + (m[s1] ^ pgm_read_qword(&(blake_c[s0])));
|
||||
v[d] = ROTR64(v[d]^v[a], 16);
|
||||
v[c] += v[d];
|
||||
v[b] = ROTR64(v[b]^v[c], 11);
|
||||
|
||||
}
|
||||
|
||||
void blake_large_expand(uint64_t* v, const blake_large_ctx_t* ctx){
|
||||
uint8_t i;
|
||||
memcpy(v, ctx->h, 8*8);
|
||||
for(i=0; i<8; ++i){
|
||||
v[8+i] = pgm_read_qword(&(blake_c[i]));
|
||||
}
|
||||
memxor((uint8_t*)v+8, ctx->s, 4*8);
|
||||
|
||||
}
|
||||
|
||||
void blake_large_changeendian(void* dest, const void* src){
|
||||
uint8_t i;
|
||||
uint32_t tmp;
|
||||
for(i=0; i<32; i+=2){
|
||||
tmp = CHANGE_ENDIAN32(((uint32_t*)src)[i]);
|
||||
((uint32_t*)dest)[i] = CHANGE_ENDIAN32(((uint32_t*)src)[i+1]);
|
||||
((uint32_t*)dest)[i+1] = tmp;
|
||||
}
|
||||
}
|
||||
|
||||
void blake_large_compress(uint64_t* v,const void* m){
|
||||
uint8_t r,i;
|
||||
#if DEBUG
|
||||
cli_putstr_P(PSTR("\r\n== compress 64 =="));
|
||||
dump_v(v);
|
||||
#endif
|
||||
#if DEBUG_2
|
||||
cli_putstr_P(PSTR("\r\n=== message block ===\r\n m ="));
|
||||
cli_hexdump_block(m, 1024/8, 4, 16);
|
||||
#endif
|
||||
for(r=0; r<14; ++r){
|
||||
for(i=0; i<8; ++i){
|
||||
blake_large_g(r%10, i, v, (uint64_t*)m);
|
||||
#if DEBUG
|
||||
if(1){
|
||||
cli_putstr_P(PSTR("\r\n ROUND: "));
|
||||
cli_hexdump(&r,1);
|
||||
cli_putstr_P(PSTR(" I: "));
|
||||
cli_hexdump(&i,1);
|
||||
dump_v(v);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
void blake_large_collapse(blake_large_ctx_t* ctx, uint64_t* v){
|
||||
uint8_t i;
|
||||
for(i=0; i<8; ++i){
|
||||
ctx->h[i] ^= ctx->s[i%4] ^ v[i] ^ v[8+i];
|
||||
}
|
||||
}
|
||||
|
||||
void blake_large_nextBlock(blake_large_ctx_t* ctx, const void* msg){
|
||||
uint64_t v[16];
|
||||
uint64_t m[16];
|
||||
union {
|
||||
uint64_t v64;
|
||||
uint32_t v32[2];
|
||||
}ctr;
|
||||
blake_large_expand(v,ctx);
|
||||
ctx->counter++;
|
||||
ctr.v64 = ctx->counter*1024;
|
||||
v[12] ^= ctr.v64;
|
||||
v[13] ^= ctr.v64;
|
||||
blake_large_changeendian(m, msg);
|
||||
blake_large_compress(v, m);
|
||||
blake_large_collapse(ctx, v);
|
||||
}
|
||||
|
||||
void blake_large_lastBlock(blake_large_ctx_t* ctx, const void* msg, uint16_t length_b){
|
||||
while(length_b>=BLAKE_LARGE_BLOCKSIZE){
|
||||
blake_large_nextBlock(ctx, msg);
|
||||
msg = (uint8_t*)msg + BLAKE_LARGE_BLOCKSIZE_B;
|
||||
length_b -= BLAKE_LARGE_BLOCKSIZE;
|
||||
}
|
||||
uint8_t buffer[128];
|
||||
uint64_t v[16];
|
||||
uint64_t ctr;
|
||||
ctr = ctx->counter*1024+length_b;
|
||||
memset(buffer, 0, 128);
|
||||
memcpy(buffer, msg, (length_b+7)/8);
|
||||
buffer[length_b/8] |= 0x80 >> (length_b%8);
|
||||
blake_large_changeendian(buffer, buffer);
|
||||
blake_large_expand(v, ctx);
|
||||
#if BUG_3
|
||||
uint8_t x=0;
|
||||
if(length_b%1024<895 && length_b%8)
|
||||
x=0x40;
|
||||
v[12] ^= ctr + x;
|
||||
v[13] ^= ctr + x;
|
||||
|
||||
#else
|
||||
v[12] ^= ctr;
|
||||
v[13] ^= ctr;
|
||||
#endif
|
||||
if(length_b>1024-128-2){
|
||||
#if BUG_4
|
||||
if(length_b<1017){
|
||||
blake_large_compress(v, buffer);
|
||||
blake_large_collapse(ctx, v);
|
||||
}
|
||||
#else
|
||||
blake_large_compress(v, buffer);
|
||||
blake_large_collapse(ctx, v);
|
||||
#endif
|
||||
memset(buffer, 0, 128-8);
|
||||
blake_large_expand(v, ctx);
|
||||
}
|
||||
if(ctx->appendone)
|
||||
buffer[128-16-8] |= 0x01;
|
||||
*((uint64_t*)(&(buffer[128-8]))) = ctr;
|
||||
blake_large_compress(v, buffer);
|
||||
blake_large_collapse(ctx, v);
|
||||
|
||||
}
|
||||
|
||||
uint64_t blake64_iv[] PROGMEM = {
|
||||
0x6A09E667F3BCC908LL, 0xBB67AE8584CAA73BLL,
|
||||
0x3C6EF372FE94F82BLL, 0xA54FF53A5F1D36F1LL,
|
||||
0x510E527FADE682D1LL, 0x9B05688C2B3E6C1FLL,
|
||||
0x1F83D9ABFB41BD6BLL, 0x5BE0CD19137E2179LL
|
||||
};
|
||||
|
||||
void blake64_init(blake64_ctx_t* ctx){
|
||||
uint8_t i;
|
||||
for(i=0; i<8; ++i){
|
||||
ctx->h[i] = pgm_read_qword(&(blake64_iv[i]));
|
||||
}
|
||||
memset(ctx->s, 0, 4*8);
|
||||
ctx->counter = 0;
|
||||
ctx->appendone = 1;
|
||||
}
|
||||
|
||||
uint64_t blake48_iv[] PROGMEM = {
|
||||
0xCBBB9D5DC1059ED8LL, 0x629A292A367CD507LL,
|
||||
0x9159015A3070DD17LL, 0x152FECD8F70E5939LL,
|
||||
0x67332667FFC00B31LL, 0x8EB44A8768581511LL,
|
||||
0xDB0C2E0D64F98FA7LL, 0x47B5481DBEFA4FA4LL
|
||||
};
|
||||
|
||||
void blake48_init(blake48_ctx_t* ctx){
|
||||
uint8_t i;
|
||||
for(i=0; i<8; ++i){
|
||||
ctx->h[i] = pgm_read_qword(&(blake48_iv[i]));
|
||||
}
|
||||
memset(ctx->s, 0, 4*8);
|
||||
ctx->counter = 0;
|
||||
ctx->appendone = 0;
|
||||
}
|
||||
|
||||
void blake64_ctx2hash(void* dest, const blake64_ctx_t* ctx){
|
||||
uint8_t i;
|
||||
for(i=0; i<8; ++i){
|
||||
((uint32_t*)dest)[2*i+0] = CHANGE_ENDIAN32((ctx->h[i])>>32);
|
||||
((uint32_t*)dest)[2*i+1] = CHANGE_ENDIAN32((uint32_t)ctx->h[i]);
|
||||
}
|
||||
}
|
||||
|
||||
void blake48_ctx2hash(void* dest, const blake48_ctx_t* ctx){
|
||||
uint8_t i;
|
||||
for(i=0; i<6; ++i){
|
||||
((uint32_t*)dest)[2*i+0] = CHANGE_ENDIAN32((ctx->h[i])>>32);
|
||||
((uint32_t*)dest)[2*i+1] = CHANGE_ENDIAN32((uint32_t)ctx->h[i]);
|
||||
}
|
||||
}
|
||||
|
||||
void blake64_nextBlock(blake64_ctx_t* ctx, const void* block){
|
||||
blake_large_nextBlock(ctx, block);
|
||||
}
|
||||
|
||||
void blake48_nextBlock(blake48_ctx_t* ctx, const void* block){
|
||||
blake_large_nextBlock(ctx, block);
|
||||
}
|
||||
|
||||
void blake64_lastBlock(blake64_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||
blake_large_lastBlock(ctx, block, length_b);
|
||||
}
|
||||
|
||||
void blake48_lastBlock(blake48_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||
blake_large_lastBlock(ctx, block, length_b);
|
||||
}
|
||||
|
||||
void blake64(void* dest, const void* msg, uint32_t length_b){
|
||||
blake_large_ctx_t ctx;
|
||||
blake64_init(&ctx);
|
||||
while(length_b>=BLAKE_LARGE_BLOCKSIZE){
|
||||
blake_large_nextBlock(&ctx, msg);
|
||||
msg = (uint8_t*)msg + BLAKE_LARGE_BLOCKSIZE_B;
|
||||
length_b -= BLAKE_LARGE_BLOCKSIZE;
|
||||
}
|
||||
blake_large_lastBlock(&ctx, msg, length_b);
|
||||
blake64_ctx2hash(dest, &ctx);
|
||||
}
|
||||
|
||||
void blake48(void* dest, const void* msg, uint32_t length_b){
|
||||
blake_large_ctx_t ctx;
|
||||
blake48_init(&ctx);
|
||||
while(length_b>=BLAKE_LARGE_BLOCKSIZE){
|
||||
blake_large_nextBlock(&ctx, msg);
|
||||
msg = (uint8_t*)msg + BLAKE_LARGE_BLOCKSIZE_B;
|
||||
length_b -= BLAKE_LARGE_BLOCKSIZE;
|
||||
}
|
||||
blake_large_lastBlock(&ctx, msg, length_b);
|
||||
blake48_ctx2hash(dest, &ctx);
|
||||
}
|
|
@ -0,0 +1,67 @@
|
|||
/* blake_large.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/*
|
||||
* \file blake_large.h
|
||||
* \author Daniel Otte
|
||||
* \email daniel.otte@rub.de
|
||||
* \date 2009-05-08
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
#ifndef BLAKE_LARGE_H_
|
||||
#define BLAKE_LARGE_H_
|
||||
|
||||
#include <stdint.h>
|
||||
|
||||
#define BLAKE_LARGE_BLOCKSIZE 1024
|
||||
#define BLAKE_LARGE_BLOCKSIZE_B ((BLAKE_LARGE_BLOCKSIZE+7)/8)
|
||||
#define BLAKE48_BLOCKSIZE BLAKE_LARGE_BLOCKSIZE
|
||||
#define BLAKE48_BLOCKSIZE_B BLAKE_LARGE_BLOCKSIZE_B
|
||||
#define BLAKE64_BLOCKSIZE BLAKE_LARGE_BLOCKSIZE
|
||||
#define BLAKE64_BLOCKSIZE_B BLAKE_LARGE_BLOCKSIZE_B
|
||||
|
||||
typedef struct {
|
||||
uint64_t h[8];
|
||||
uint64_t s[4];
|
||||
uint32_t counter;
|
||||
uint8_t appendone;
|
||||
} blake_large_ctx_t;
|
||||
|
||||
typedef blake_large_ctx_t blake48_ctx_t;
|
||||
typedef blake_large_ctx_t blake64_ctx_t;
|
||||
|
||||
void blake48_init(blake48_ctx_t* ctx);
|
||||
void blake64_init(blake64_ctx_t* ctx);
|
||||
|
||||
void blake_large_nextBlock(blake_large_ctx_t* ctx, const void* block);
|
||||
void blake_large_lastBlock(blake_large_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||
|
||||
void blake48_nextBlock(blake48_ctx_t* ctx, const void* block);
|
||||
void blake48_lastBlock(blake48_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||
|
||||
void blake64_nextBlock(blake64_ctx_t* ctx, const void* block);
|
||||
void blake64_lastBlock(blake64_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||
|
||||
void blake48_ctx2hash(void* dest, const blake48_ctx_t* ctx);
|
||||
void blake64_ctx2hash(void* dest, const blake64_ctx_t* ctx);
|
||||
|
||||
void blake48(void* dest, const void* msg, uint32_t length_b);
|
||||
void blake64(void* dest, const void* msg, uint32_t length_b);
|
||||
|
||||
#endif /* BLAKE_LARGE_H_ */
|
|
@ -0,0 +1,323 @@
|
|||
/* blake_small.c */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/*
|
||||
* \file blake_small.c
|
||||
* \author Daniel Otte
|
||||
* \email daniel.otte@rub.de
|
||||
* \date 2009-05-04
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
#include <avr/pgmspace.h>
|
||||
#include "memxor.h"
|
||||
#include "blake_small.h"
|
||||
#include "blake_common.h"
|
||||
|
||||
#define DEBUG 0
|
||||
#define DEBUG_2 0
|
||||
|
||||
#define BUG_1 0 /* bug compatibility for zero length message */
|
||||
#define BUG_2 0 /* bug compatibility for messages of length%512=505...511 */
|
||||
|
||||
|
||||
#if DEBUG_2
|
||||
#include "cli.h"
|
||||
#endif
|
||||
|
||||
#if DEBUG
|
||||
#include "cli.h"
|
||||
void dump_v(uint32_t* v){
|
||||
uint8_t i;
|
||||
cli_putstr_P(PSTR("\r\n=== v dump ==="));
|
||||
for(i=0; i<16; ++i){
|
||||
if(i%8==0)
|
||||
cli_putstr_P(PSTR("\r\n\t"));
|
||||
cli_hexdump_rev(v+i, 4);
|
||||
cli_putc(' ');
|
||||
}
|
||||
}
|
||||
#else
|
||||
#define dump_v(v)
|
||||
#endif
|
||||
|
||||
uint32_t blake_c[] PROGMEM = {
|
||||
0x243F6A88, 0x85A308D3,
|
||||
0x13198A2E, 0x03707344,
|
||||
0xA4093822, 0x299F31D0,
|
||||
0x082EFA98, 0xEC4E6C89,
|
||||
0x452821E6, 0x38D01377,
|
||||
0xBE5466CF, 0x34E90C6C,
|
||||
0xC0AC29B7, 0xC97C50DD,
|
||||
0x3F84D5B5, 0xB5470917
|
||||
};
|
||||
|
||||
#define ROTL32(a, n) (((a)<<(n))|((a)>>(32-(n))))
|
||||
#define ROTR32(a, n) (((a)>>(n))|((a)<<(32-(n))))
|
||||
#define CHANGE_ENDIAN32(a) (((a)<<24)| \
|
||||
((0x0000ff00&(a))<<8)| \
|
||||
((0x00ff0000&(a))>>8)| \
|
||||
(a)>>24 )
|
||||
|
||||
void blake_small_g(uint8_t r, uint8_t i, uint32_t* v, const uint32_t* m){
|
||||
uint8_t a,b,c,d, s0, s1;
|
||||
a = pgm_read_byte(blake_index_lut+4*i+0);
|
||||
b = pgm_read_byte(blake_index_lut+4*i+1);
|
||||
c = pgm_read_byte(blake_index_lut+4*i+2);
|
||||
d = pgm_read_byte(blake_index_lut+4*i+3);
|
||||
s0 = pgm_read_byte(blake_sigma+16*r+2*i+0);
|
||||
s1 = pgm_read_byte(blake_sigma+16*r+2*i+1);
|
||||
#if DEBUG
|
||||
if(i==0){
|
||||
cli_putstr_P(PSTR("\r\n s0 = "));
|
||||
cli_hexdump(&s0, 1);
|
||||
cli_putstr_P(PSTR(" s1 = "));
|
||||
cli_hexdump(&s1, 1);
|
||||
cli_putstr_P(PSTR("\r\n m[s0] = "));
|
||||
cli_hexdump_rev(m+s0, 4);
|
||||
cli_putstr_P(PSTR("\r\n m[s1] = "));
|
||||
cli_hexdump_rev(m+s1, 4);
|
||||
}
|
||||
#endif
|
||||
v[a] += v[b] + (m[s0] ^ pgm_read_dword(&(blake_c[s1])));
|
||||
v[d] = ROTR32(v[d]^v[a], 16);
|
||||
v[c] += v[d];
|
||||
v[b] = ROTR32(v[b]^v[c], 12);
|
||||
v[a] += v[b] + (m[s1] ^ pgm_read_dword(&(blake_c[s0])));
|
||||
v[d] = ROTR32(v[d]^v[a], 8);
|
||||
v[c] += v[d];
|
||||
v[b] = ROTR32(v[b]^v[c], 7);
|
||||
|
||||
}
|
||||
|
||||
void blake_small_expand(uint32_t* v, const blake_small_ctx_t* ctx){
|
||||
uint8_t i;
|
||||
memcpy(v, ctx->h, 8*4);
|
||||
for(i=0; i<8; ++i){
|
||||
v[8+i] = pgm_read_dword(&(blake_c[i]));
|
||||
}
|
||||
memxor((uint8_t*)v+8, ctx->s, 4*4);
|
||||
|
||||
}
|
||||
|
||||
void blake_small_changeendian(void* dest, const void* src){
|
||||
uint8_t i;
|
||||
for(i=0; i<16; ++i){
|
||||
((uint32_t*)dest)[i] = CHANGE_ENDIAN32(((uint32_t*)src)[i]);
|
||||
}
|
||||
}
|
||||
|
||||
void blake_small_compress(uint32_t* v,const void* m){
|
||||
uint8_t r,i;
|
||||
#if DEBUG
|
||||
cli_putstr_P(PSTR("\r\n== compress 32 =="));
|
||||
dump_v(v);
|
||||
#endif
|
||||
#if DEBUG_2
|
||||
cli_putstr_P(PSTR("\r\n=== message block ===\r\n m ="));
|
||||
cli_hexdump_block(m, 512/8, 4, 16);
|
||||
#endif
|
||||
for(r=0; r<10; ++r){
|
||||
for(i=0; i<8; ++i){
|
||||
blake_small_g(r, i, v, (uint32_t*)m);
|
||||
#if DEBUG
|
||||
if(1){
|
||||
cli_putstr_P(PSTR("\r\n ROUND: "));
|
||||
cli_hexdump(&r,1);
|
||||
cli_putstr_P(PSTR(" I: "));
|
||||
cli_hexdump(&i,1);
|
||||
dump_v(v);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
void blake_small_collapse(blake_small_ctx_t* ctx, uint32_t* v){
|
||||
uint8_t i;
|
||||
for(i=0; i<8; ++i){
|
||||
ctx->h[i] ^= ctx->s[i%4] ^ v[i] ^ v[8+i];
|
||||
}
|
||||
}
|
||||
|
||||
void blake_small_nextBlock(blake_small_ctx_t* ctx, const void* msg){
|
||||
uint32_t v[16];
|
||||
uint32_t m[16];
|
||||
union {
|
||||
uint64_t v64;
|
||||
uint32_t v32[2];
|
||||
}ctr;
|
||||
blake_small_expand(v,ctx);
|
||||
ctx->counter++;
|
||||
ctr.v64 = ctx->counter*512;
|
||||
v[12] ^= ctr.v32[0];
|
||||
v[13] ^= ctr.v32[0];
|
||||
v[14] ^= ctr.v32[1];
|
||||
v[15] ^= ctr.v32[1];
|
||||
blake_small_changeendian(m, msg);
|
||||
blake_small_compress(v, m);
|
||||
blake_small_collapse(ctx, v);
|
||||
}
|
||||
|
||||
void blake_small_lastBlock(blake_small_ctx_t* ctx, const void* msg, uint16_t length_b){
|
||||
while(length_b>=BLAKE_SMALL_BLOCKSIZE){
|
||||
blake_small_nextBlock(ctx, msg);
|
||||
msg = (uint8_t*)msg + BLAKE_SMALL_BLOCKSIZE_B;
|
||||
length_b -= BLAKE_SMALL_BLOCKSIZE;
|
||||
}
|
||||
uint8_t buffer[64];
|
||||
uint32_t v[16];
|
||||
#if BUG_2
|
||||
uint32_t tmp=0;
|
||||
#endif
|
||||
union {
|
||||
uint64_t v64;
|
||||
uint32_t v32[2];
|
||||
}ctr;
|
||||
ctr.v64 = ctx->counter*512+length_b;
|
||||
#if BUG_2
|
||||
if(length_b>=505){
|
||||
tmp =ctr.v32[0];
|
||||
ctr.v32[0] = ctx->counter*512;
|
||||
ctr.v32[0] |= 0x40+length_b-504;
|
||||
}
|
||||
#endif
|
||||
memset(buffer, 0, 64);
|
||||
memcpy(buffer, msg, (length_b+7)/8);
|
||||
buffer[length_b/8] |= 0x80 >> (length_b%8);
|
||||
blake_small_changeendian(buffer, buffer);
|
||||
blake_small_expand(v, ctx);
|
||||
v[12] ^= ctr.v32[0];
|
||||
v[13] ^= ctr.v32[0];
|
||||
v[14] ^= ctr.v32[1];
|
||||
v[15] ^= ctr.v32[1];
|
||||
#if BUG_2
|
||||
if(length_b>=505)
|
||||
ctr.v32[0] = tmp;
|
||||
#endif
|
||||
#if BUG_1
|
||||
if(length_b==0 && ctx->counter==0){
|
||||
v[14] ^= 1;
|
||||
v[15] ^= 1;
|
||||
}
|
||||
#endif
|
||||
if(length_b>512-64-2){
|
||||
blake_small_compress(v, buffer);
|
||||
blake_small_collapse(ctx, v);
|
||||
memset(buffer, 0, 64-8);
|
||||
blake_small_expand(v, ctx);
|
||||
}
|
||||
if(ctx->appendone)
|
||||
buffer[64-8-4] |= 0x01;
|
||||
*((uint32_t*)(&(buffer[64-8]))) = ctr.v32[1];
|
||||
*((uint32_t*)(&(buffer[64-4]))) = ctr.v32[0];
|
||||
blake_small_compress(v, buffer);
|
||||
blake_small_collapse(ctx, v);
|
||||
|
||||
}
|
||||
|
||||
uint32_t blake32_iv[] PROGMEM = {
|
||||
0x6A09E667L, 0xBB67AE85,
|
||||
0x3C6EF372L, 0xA54FF53A,
|
||||
0x510E527FL, 0x9B05688C,
|
||||
0x1F83D9ABL, 0x5BE0CD19
|
||||
};
|
||||
|
||||
void blake32_init(blake32_ctx_t* ctx){
|
||||
uint8_t i;
|
||||
for(i=0; i<8; ++i){
|
||||
ctx->h[i] = pgm_read_dword(&(blake32_iv[i]));
|
||||
}
|
||||
memset(ctx->s, 0, 4*4);
|
||||
ctx->counter = 0;
|
||||
ctx->appendone = 1;
|
||||
}
|
||||
|
||||
uint32_t blake28_iv[] PROGMEM = {
|
||||
0xC1059ED8, 0x367CD507,
|
||||
0x3070DD17, 0xF70E5939,
|
||||
0xFFC00B31, 0x68581511,
|
||||
0x64F98FA7, 0xBEFA4FA4
|
||||
};
|
||||
|
||||
void blake28_init(blake28_ctx_t* ctx){
|
||||
uint8_t i;
|
||||
for(i=0; i<8; ++i){
|
||||
ctx->h[i] = pgm_read_dword(&(blake28_iv[i]));
|
||||
}
|
||||
memset(ctx->s, 0, 4*4);
|
||||
ctx->counter = 0;
|
||||
ctx->appendone = 0;
|
||||
}
|
||||
|
||||
void blake32_ctx2hash(void* dest, const blake32_ctx_t* ctx){
|
||||
uint8_t i;
|
||||
for(i=0; i<8; ++i){
|
||||
((uint32_t*)dest)[i] = CHANGE_ENDIAN32(ctx->h[i]);
|
||||
}
|
||||
}
|
||||
|
||||
void blake28_ctx2hash(void* dest, const blake28_ctx_t* ctx){
|
||||
uint8_t i;
|
||||
for(i=0; i<7; ++i){
|
||||
((uint32_t*)dest)[i] = CHANGE_ENDIAN32(ctx->h[i]);
|
||||
}
|
||||
}
|
||||
|
||||
void blake32_nextBlock(blake32_ctx_t* ctx, const void* block){
|
||||
blake_small_nextBlock(ctx, block);
|
||||
}
|
||||
|
||||
void blake28_nextBlock(blake28_ctx_t* ctx, const void* block){
|
||||
blake_small_nextBlock(ctx, block);
|
||||
}
|
||||
|
||||
void blake32_lastBlock(blake32_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||
blake_small_lastBlock(ctx, block, length_b);
|
||||
}
|
||||
|
||||
void blake28_lastBlock(blake28_ctx_t* ctx, const void* block, uint16_t length_b){
|
||||
blake_small_lastBlock(ctx, block, length_b);
|
||||
}
|
||||
|
||||
void blake32(void* dest, const void* msg, uint32_t length_b){
|
||||
blake_small_ctx_t ctx;
|
||||
blake32_init(&ctx);
|
||||
while(length_b>=BLAKE_SMALL_BLOCKSIZE){
|
||||
blake_small_nextBlock(&ctx, msg);
|
||||
msg = (uint8_t*)msg + BLAKE_SMALL_BLOCKSIZE_B;
|
||||
length_b -= BLAKE_SMALL_BLOCKSIZE;
|
||||
}
|
||||
blake_small_lastBlock(&ctx, msg, length_b);
|
||||
blake32_ctx2hash(dest, &ctx);
|
||||
}
|
||||
|
||||
void blake28(void* dest, const void* msg, uint32_t length_b){
|
||||
blake_small_ctx_t ctx;
|
||||
blake28_init(&ctx);
|
||||
while(length_b>=BLAKE_SMALL_BLOCKSIZE){
|
||||
blake_small_nextBlock(&ctx, msg);
|
||||
msg = (uint8_t*)msg + BLAKE_SMALL_BLOCKSIZE_B;
|
||||
length_b -= BLAKE_SMALL_BLOCKSIZE;
|
||||
}
|
||||
blake_small_lastBlock(&ctx, msg, length_b);
|
||||
blake28_ctx2hash(dest, &ctx);
|
||||
}
|
|
@ -0,0 +1,67 @@
|
|||
/* blake_small.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/*
|
||||
* \file blake_small.h
|
||||
* \author Daniel Otte
|
||||
* \email daniel.otte@rub.de
|
||||
* \date 2009-04-27
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
#ifndef BLAKE_SMALL_H_
|
||||
#define BLAKE_SMALL_H_
|
||||
|
||||
#include <stdint.h>
|
||||
|
||||
#define BLAKE_SMALL_BLOCKSIZE 512
|
||||
#define BLAKE_SMALL_BLOCKSIZE_B ((BLAKE_SMALL_BLOCKSIZE+7)/8)
|
||||
#define BLAKE28_BLOCKSIZE BLAKE_SMALL_BLOCKSIZE
|
||||
#define BLAKE28_BLOCKSIZE_B BLAKE_SMALL_BLOCKSIZE_B
|
||||
#define BLAKE32_BLOCKSIZE BLAKE_SMALL_BLOCKSIZE
|
||||
#define BLAKE32_BLOCKSIZE_B BLAKE_SMALL_BLOCKSIZE_B
|
||||
|
||||
typedef struct {
|
||||
uint32_t h[8];
|
||||
uint32_t s[4];
|
||||
uint32_t counter;
|
||||
uint8_t appendone;
|
||||
} blake_small_ctx_t;
|
||||
|
||||
typedef blake_small_ctx_t blake28_ctx_t;
|
||||
typedef blake_small_ctx_t blake32_ctx_t;
|
||||
|
||||
void blake28_init(blake28_ctx_t* ctx);
|
||||
void blake32_init(blake32_ctx_t* ctx);
|
||||
|
||||
void blake_small_nextBlock(blake_small_ctx_t* ctx, const void* block);
|
||||
void blake_small_lastBlock(blake_small_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||
|
||||
void blake28_nextBlock(blake28_ctx_t* ctx, const void* block);
|
||||
void blake28_lastBlock(blake28_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||
|
||||
void blake32_nextBlock(blake32_ctx_t* ctx, const void* block);
|
||||
void blake32_lastBlock(blake32_ctx_t* ctx, const void* block, uint16_t length_b);
|
||||
|
||||
void blake28_ctx2hash(void* dest, const blake28_ctx_t* ctx);
|
||||
void blake32_ctx2hash(void* dest, const blake32_ctx_t* ctx);
|
||||
|
||||
void blake28(void* dest, const void* msg, uint32_t length_b);
|
||||
void blake32(void* dest, const void* msg, uint32_t length_b);
|
||||
|
||||
#endif /* BLAKE_SMALL_H_ */
|
|
@ -0,0 +1,67 @@
|
|||
/* hfal_blake_large.c */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file hfal_blake_large.c
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2009-05-08
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include <avr/pgmspace.h>
|
||||
#include <stdlib.h>
|
||||
#include "hashfunction_descriptor.h"
|
||||
#include "blake_large.h"
|
||||
|
||||
|
||||
static const char blake48_str[] PROGMEM = "Blake-48";
|
||||
static const char blake64_str[] PROGMEM = "Blake-64";
|
||||
|
||||
const hfdesc_t blake48_desc PROGMEM = {
|
||||
HFDESC_TYPE_HASHFUNCTION,
|
||||
0,
|
||||
blake48_str,
|
||||
sizeof(blake48_ctx_t),
|
||||
BLAKE48_BLOCKSIZE,
|
||||
384,
|
||||
(hf_init_fpt)blake48_init,
|
||||
(hf_nextBlock_fpt)blake48_nextBlock,
|
||||
(hf_lastBlock_fpt)blake48_lastBlock,
|
||||
(hf_ctx2hash_fpt)blake48_ctx2hash,
|
||||
(hf_free_fpt)NULL,
|
||||
(hf_mem_fpt)blake48
|
||||
};
|
||||
|
||||
const hfdesc_t blake64_desc PROGMEM = {
|
||||
HFDESC_TYPE_HASHFUNCTION,
|
||||
0,
|
||||
blake64_str,
|
||||
sizeof(blake64_ctx_t),
|
||||
BLAKE64_BLOCKSIZE,
|
||||
512,
|
||||
(hf_init_fpt)blake64_init,
|
||||
(hf_nextBlock_fpt)blake64_nextBlock,
|
||||
(hf_lastBlock_fpt)blake64_lastBlock,
|
||||
(hf_ctx2hash_fpt)blake64_ctx2hash,
|
||||
(hf_free_fpt)NULL,
|
||||
(hf_mem_fpt)blake64
|
||||
};
|
||||
|
||||
|
|
@ -0,0 +1,37 @@
|
|||
/* hfal_blake_large.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file hfal_blake_large.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2009-05-08
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef HFAL_BLAKE_LARGE_H_
|
||||
#define HFAL_BLAKE_LARGE_H_
|
||||
|
||||
#include <avr/pgmspace.h>
|
||||
#include "hashfunction_descriptor.h"
|
||||
|
||||
extern const hfdesc_t blake48_desc;
|
||||
extern const hfdesc_t blake64_desc;
|
||||
|
||||
#endif /* HFAL_BLAKE_LARGE_H_ */
|
|
@ -0,0 +1,67 @@
|
|||
/* hfal_blake_small.c */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file hfal_blake_small.c
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2009-05-05
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#include <avr/pgmspace.h>
|
||||
#include <stdlib.h>
|
||||
#include "hashfunction_descriptor.h"
|
||||
#include "blake_small.h"
|
||||
|
||||
|
||||
static const char blake28_str[] PROGMEM = "Blake-28";
|
||||
static const char blake32_str[] PROGMEM = "Blake-32";
|
||||
|
||||
const hfdesc_t blake28_desc PROGMEM = {
|
||||
HFDESC_TYPE_HASHFUNCTION,
|
||||
0,
|
||||
blake28_str,
|
||||
sizeof(blake28_ctx_t),
|
||||
BLAKE28_BLOCKSIZE,
|
||||
224,
|
||||
(hf_init_fpt)blake28_init,
|
||||
(hf_nextBlock_fpt)blake28_nextBlock,
|
||||
(hf_lastBlock_fpt)blake28_lastBlock,
|
||||
(hf_ctx2hash_fpt)blake28_ctx2hash,
|
||||
(hf_free_fpt)NULL,
|
||||
(hf_mem_fpt)blake28
|
||||
};
|
||||
|
||||
const hfdesc_t blake32_desc PROGMEM = {
|
||||
HFDESC_TYPE_HASHFUNCTION,
|
||||
0,
|
||||
blake32_str,
|
||||
sizeof(blake32_ctx_t),
|
||||
BLAKE32_BLOCKSIZE,
|
||||
256,
|
||||
(hf_init_fpt)blake32_init,
|
||||
(hf_nextBlock_fpt)blake32_nextBlock,
|
||||
(hf_lastBlock_fpt)blake32_lastBlock,
|
||||
(hf_ctx2hash_fpt)blake32_ctx2hash,
|
||||
(hf_free_fpt)NULL,
|
||||
(hf_mem_fpt)blake32
|
||||
};
|
||||
|
||||
|
|
@ -0,0 +1,37 @@
|
|||
/* hfal_blake_small.h */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/**
|
||||
* \file hfal_blake_small.h
|
||||
* \email daniel.otte@rub.de
|
||||
* \author Daniel Otte
|
||||
* \date 2009-05-05
|
||||
* \license GPLv3 or later
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef HFAL_BLAKE_SMALL_H_
|
||||
#define HFAL_BLAKE_SMALL_H_
|
||||
|
||||
#include <avr/pgmspace.h>
|
||||
#include "hashfunction_descriptor.h"
|
||||
|
||||
extern const hfdesc_t blake28_desc;
|
||||
extern const hfdesc_t blake32_desc;
|
||||
|
||||
#endif /* HFAL_BLAKE_SMALL_H_ */
|
|
@ -92,7 +92,7 @@ def run_test(filename)
|
|||
b = (/[\s]*MD[\s]*=[\s]*([0-9a-fA-F]*).*/.match(avr_md))[1];
|
||||
a.upcase!
|
||||
b.upcase!
|
||||
printf("\n%4d: ", line) if (pos%$linewidth==0 and $linewidth!=0)
|
||||
printf("\n%4d (%4d): ", line, (line-1)*$linewidth) if (pos%$linewidth==0 and $linewidth!=0)
|
||||
line += 1 if (pos%$linewidth==0 and $linewidth!=0)
|
||||
#putc((a==b)?'*':'!')
|
||||
if(a==b)
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
# Makefile for Blake
|
||||
ALGO_NAME := BLAKE_C
|
||||
|
||||
# comment out the following line for removement of Blake from the build process
|
||||
HASHES += $(ALGO_NAME)
|
||||
|
||||
|
||||
$(ALGO_NAME)_OBJ := blake_small.o blake_large.o blake_common.o memxor.o
|
||||
$(ALGO_NAME)_TEST_BIN := main-blake-test.o debug.o uart.o hexdigit_tab.o \
|
||||
dbz_strings.o nessie_common.o cli.o string-extras.o performance_test.o \
|
||||
nessie_hash_test.o hfal-basic.o hfal_blake_small.o hfal_blake_large.o shavs.o
|
||||
$(ALGO_NAME)_NESSIE_TEST := test nessie
|
||||
$(ALGO_NAME)_PERFORMANCE_TEST := performance
|
||||
|
|
@ -0,0 +1,282 @@
|
|||
/* main-blake-test.c */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/*
|
||||
* blake test-suit
|
||||
*
|
||||
*/
|
||||
|
||||
#include "config.h"
|
||||
#include "serial-tools.h"
|
||||
#include "uart.h"
|
||||
#include "debug.h"
|
||||
|
||||
#include "blake_small.h"
|
||||
#include "blake_large.h"
|
||||
#include "hfal_blake_small.h"
|
||||
#include "hfal_blake_large.h"
|
||||
#include "shavs.h"
|
||||
#include "cli.h"
|
||||
#include "nessie_hash_test.h"
|
||||
#include "performance_test.h"
|
||||
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
char* algo_name = "Blake";
|
||||
|
||||
/*****************************************************************************
|
||||
* additional validation-functions *
|
||||
*****************************************************************************/
|
||||
|
||||
void testrun_nessie_blake(void){
|
||||
nessie_hash_ctx.hashsize_b = 224;
|
||||
nessie_hash_ctx.name = "Blake28";
|
||||
nessie_hash_ctx.blocksize_B = 512/8;
|
||||
nessie_hash_ctx.ctx_size_B = sizeof(blake28_ctx_t);
|
||||
nessie_hash_ctx.hash_init = (nessie_hash_init_fpt)blake28_init;
|
||||
nessie_hash_ctx.hash_next = (nessie_hash_next_fpt)blake28_nextBlock;
|
||||
nessie_hash_ctx.hash_last = (nessie_hash_last_fpt)blake28_lastBlock;
|
||||
nessie_hash_ctx.hash_conv = (nessie_hash_conv_fpt)blake28_ctx2hash;
|
||||
|
||||
nessie_hash_run();
|
||||
|
||||
nessie_hash_ctx.hashsize_b = 256;
|
||||
nessie_hash_ctx.name = "Blake32";
|
||||
nessie_hash_ctx.blocksize_B = 512/8;
|
||||
nessie_hash_ctx.ctx_size_B = sizeof(blake32_ctx_t);
|
||||
nessie_hash_ctx.hash_init = (nessie_hash_init_fpt)blake32_init;
|
||||
nessie_hash_ctx.hash_next = (nessie_hash_next_fpt)blake32_nextBlock;
|
||||
nessie_hash_ctx.hash_last = (nessie_hash_last_fpt)blake32_lastBlock;
|
||||
nessie_hash_ctx.hash_conv = (nessie_hash_conv_fpt)blake32_ctx2hash;
|
||||
|
||||
nessie_hash_run();
|
||||
}
|
||||
void blake28_test(void* msg, uint32_t length_b){
|
||||
uint8_t diggest[224/8];
|
||||
cli_putstr_P(PSTR("\r\n=== Blake28 test ===\r\n message:\r\n"));
|
||||
cli_hexdump_block(msg, (length_b+7)/8, 4, 16);
|
||||
blake28(diggest, msg, length_b);
|
||||
cli_putstr_P(PSTR("\r\n diggest:\r\n"));
|
||||
cli_hexdump_block(diggest, 224/8, 4, 16);
|
||||
}
|
||||
|
||||
void blake32_test(void* msg, uint32_t length_b){
|
||||
uint8_t diggest[256/8];
|
||||
cli_putstr_P(PSTR("\r\n=== Blake32 test ===\r\n message:\r\n"));
|
||||
cli_hexdump_block(msg, (length_b+7)/8, 4, 16);
|
||||
blake32(diggest, msg, length_b);
|
||||
cli_putstr_P(PSTR("\r\n diggest:\r\n"));
|
||||
cli_hexdump_block(diggest, 256/8, 4, 16);
|
||||
}
|
||||
|
||||
void blake48_test(void* msg, uint32_t length_b){
|
||||
uint8_t diggest[384/8];
|
||||
cli_putstr_P(PSTR("\r\n=== Blake48 test ===\r\n message:\r\n"));
|
||||
cli_hexdump_block(msg, (length_b+7)/8, 4, 16);
|
||||
blake48(diggest, msg, length_b);
|
||||
cli_putstr_P(PSTR("\r\n diggest:\r\n"));
|
||||
cli_hexdump_block(diggest, 384/8, 4, 16);
|
||||
}
|
||||
|
||||
void blake64_test(void* msg, uint32_t length_b){
|
||||
uint8_t diggest[512/8];
|
||||
cli_putstr_P(PSTR("\r\n=== Blake48 test ===\r\n message:\r\n"));
|
||||
cli_hexdump_block(msg, (length_b+7)/8, 4, 16);
|
||||
blake64(diggest, msg, length_b);
|
||||
cli_putstr_P(PSTR("\r\n diggest:\r\n"));
|
||||
cli_hexdump_block(diggest, 512/8, 4, 16);
|
||||
}
|
||||
void testrun_stdtest_blake(void){
|
||||
uint8_t msg1[144];
|
||||
memset(msg1, 0, 144);
|
||||
blake28_test("", 8);
|
||||
blake28_test(msg1, 576);
|
||||
blake32_test("", 8);
|
||||
blake32_test(msg1, 576);
|
||||
blake48_test("", 8);
|
||||
blake48_test(msg1, 1152);
|
||||
blake64_test("", 8);
|
||||
blake64_test(msg1, 1152);
|
||||
}
|
||||
|
||||
void testshort(void){
|
||||
blake32_test("", 8);
|
||||
}
|
||||
|
||||
void testlshort(void){
|
||||
blake64_test("", 8);
|
||||
}
|
||||
|
||||
void performance_blake(void){
|
||||
uint64_t t;
|
||||
char str[16];
|
||||
uint8_t data[64];
|
||||
uint8_t hash[512/8];
|
||||
blake_small_ctx_t ctx;
|
||||
blake_large_ctx_t ctx2;
|
||||
|
||||
calibrateTimer();
|
||||
print_overhead();
|
||||
|
||||
memset(data, 0, 64);
|
||||
|
||||
|
||||
startTimer(1);
|
||||
blake28_init(&ctx);
|
||||
t = stopTimer();
|
||||
cli_putstr_P(PSTR("\r\n\tctx-gen time (224): "));
|
||||
ultoa((unsigned long)t, str, 10);
|
||||
cli_putstr(str);
|
||||
|
||||
startTimer(1);
|
||||
blake32_init(&ctx);
|
||||
t = stopTimer();
|
||||
cli_putstr_P(PSTR("\r\n\tctx-gen time (256): "));
|
||||
ultoa((unsigned long)t, str, 10);
|
||||
cli_putstr(str);
|
||||
|
||||
startTimer(1);
|
||||
blake48_init(&ctx2);
|
||||
t = stopTimer();
|
||||
cli_putstr_P(PSTR("\r\n\tctx-gen time (384): "));
|
||||
ultoa((unsigned long)t, str, 10);
|
||||
cli_putstr(str);
|
||||
|
||||
startTimer(1);
|
||||
blake64_init(&ctx2);
|
||||
t = stopTimer();
|
||||
cli_putstr_P(PSTR("\r\n\tctx-gen time (512): "));
|
||||
ultoa((unsigned long)t, str, 10);
|
||||
cli_putstr(str);
|
||||
|
||||
startTimer(1);
|
||||
blake_small_nextBlock(&ctx, data);
|
||||
t = stopTimer();
|
||||
cli_putstr_P(PSTR("\r\n\tone-block (small) time: "));
|
||||
ultoa((unsigned long)t, str, 10);
|
||||
cli_putstr(str);
|
||||
|
||||
startTimer(1);
|
||||
blake_large_nextBlock(&ctx2, data);
|
||||
t = stopTimer();
|
||||
cli_putstr_P(PSTR("\r\n\tone-block (large) time: "));
|
||||
ultoa((unsigned long)t, str, 10);
|
||||
cli_putstr(str);
|
||||
|
||||
startTimer(1);
|
||||
blake_small_lastBlock(&ctx, data, 0);
|
||||
t = stopTimer();
|
||||
cli_putstr_P(PSTR("\r\n\tlast block (small) time: "));
|
||||
ultoa((unsigned long)t, str, 10);
|
||||
cli_putstr(str);
|
||||
|
||||
startTimer(1);
|
||||
blake_large_lastBlock(&ctx2, data, 0);
|
||||
t = stopTimer();
|
||||
cli_putstr_P(PSTR("\r\n\tlast block (large) time: "));
|
||||
ultoa((unsigned long)t, str, 10);
|
||||
cli_putstr(str);
|
||||
|
||||
startTimer(1);
|
||||
blake28_ctx2hash(hash, &ctx);
|
||||
t = stopTimer();
|
||||
cli_putstr_P(PSTR("\r\n\tctx2hash time (224): "));
|
||||
ultoa((unsigned long)t, str, 10);
|
||||
cli_putstr(str);
|
||||
|
||||
startTimer(1);
|
||||
blake32_ctx2hash(hash, &ctx);
|
||||
t = stopTimer();
|
||||
cli_putstr_P(PSTR("\r\n\tctx2hash time (256): "));
|
||||
ultoa((unsigned long)t, str, 10);
|
||||
cli_putstr(str);
|
||||
|
||||
startTimer(1);
|
||||
blake48_ctx2hash(hash, &ctx2);
|
||||
t = stopTimer();
|
||||
cli_putstr_P(PSTR("\r\n\tctx2hash time (384): "));
|
||||
ultoa((unsigned long)t, str, 10);
|
||||
cli_putstr(str);
|
||||
|
||||
startTimer(1);
|
||||
blake64_ctx2hash(hash, &ctx2);
|
||||
t = stopTimer();
|
||||
cli_putstr_P(PSTR("\r\n\tctx2hash time (512): "));
|
||||
ultoa((unsigned long)t, str, 10);
|
||||
cli_putstr(str);
|
||||
|
||||
cli_putstr_P(PSTR("\r\n"));
|
||||
|
||||
}
|
||||
|
||||
/*****************************************************************************
|
||||
* main *
|
||||
*****************************************************************************/
|
||||
|
||||
const hfdesc_t* algolist[] PROGMEM = {
|
||||
(hfdesc_t*)&blake28_desc,
|
||||
(hfdesc_t*)&blake32_desc,
|
||||
(hfdesc_t*)&blake48_desc,
|
||||
(hfdesc_t*)&blake64_desc,
|
||||
NULL
|
||||
};
|
||||
|
||||
const char nessie_str[] PROGMEM = "nessie";
|
||||
const char test_str[] PROGMEM = "test";
|
||||
const char testshort_str[] PROGMEM = "short";
|
||||
const char testlshort_str[] PROGMEM = "lshort";
|
||||
const char performance_str[] PROGMEM = "performance";
|
||||
const char echo_str[] PROGMEM = "echo";
|
||||
const char shavs_list_str[] PROGMEM = "shavs_list";
|
||||
const char shavs_set_str[] PROGMEM = "shavs_set";
|
||||
const char shavs_test1_str[] PROGMEM = "shavs_test1";
|
||||
|
||||
cmdlist_entry_t cmdlist[] PROGMEM = {
|
||||
{ nessie_str, NULL, testrun_nessie_blake},
|
||||
{ test_str, NULL, testrun_stdtest_blake},
|
||||
{ testshort_str, NULL, testshort},
|
||||
{ testlshort_str, NULL, testlshort},
|
||||
{ performance_str, NULL, performance_blake},
|
||||
{ shavs_list_str, NULL, shavs_listalgos},
|
||||
{ shavs_set_str, (void*)1, (void_fpt)shavs_setalgo},
|
||||
{ shavs_test1_str, NULL, shavs_test1},
|
||||
{ echo_str, (void*)1, (void_fpt)echo_ctrl},
|
||||
{ NULL, NULL, NULL}
|
||||
};
|
||||
|
||||
int main (void){
|
||||
DEBUG_INIT();
|
||||
|
||||
cli_rx = uart_getc;
|
||||
cli_tx = uart_putc;
|
||||
shavs_algolist=(hfdesc_t**)algolist;
|
||||
shavs_algo=(hfdesc_t*)&blake32_desc;
|
||||
for(;;){
|
||||
cli_putstr_P(PSTR("\r\n\r\nCrypto-VS ("));
|
||||
cli_putstr(algo_name);
|
||||
cli_putstr_P(PSTR("; "));
|
||||
cli_putstr(__DATE__);
|
||||
cli_putstr_P(PSTR(" "));
|
||||
cli_putstr(__TIME__);
|
||||
cli_putstr_P(PSTR(")\r\nloaded and running\r\n"));
|
||||
|
||||
cmd_interface(cmdlist);
|
||||
}
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
/* main-shabal-test.c */
|
||||
/* main-bmw-test.c */
|
||||
/*
|
||||
This file is part of the AVR-Crypto-Lib.
|
||||
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
|
||||
|
@ -17,7 +17,7 @@
|
|||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/*
|
||||
* shabal test-suit
|
||||
* BlueMidnightWish test-suit
|
||||
*
|
||||
*/
|
||||
|
||||
|
|
Loading…
Reference in New Issue