bg
/
avr-crypto-lib
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

changing hmac API + bug fixes

This commit is contained in:
bg 2009-02-26 14:44:17 +00:00
parent 83d0614d8b
commit 53f8a8d7ca
17 changed files with 17151 additions and 173 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
hmac-md5.c Normal file
View File

@ -0,0 +1,130 @@
/* hmac-md5.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
*
* implementation of HMAC as described in RFC2104
* Author: Daniel Otte
* email: daniel.otte@rub.de
* License: GPLv3 or later
**/
/*
* hmac = hash ( k^opad , hash( k^ipad , msg))
*/
#include <stdint.h>
#include <string.h>
#include "config.h"
#include "md5.h"
#include "hmac-md5.h"
#define IPAD 0x36
#define OPAD 0x5C
#ifndef HMAC_SHORTONLY
void hmac_md5_init(hmac_md5_ctx_t *s, void* key, uint16_t keylength_b){
uint8_t buffer[MD5_BLOCK_BYTES];
uint8_t i;
memset(buffer, 0, MD5_BLOCK_BYTES);
if (keylength_b > MD5_BLOCK_BITS){
md5((void*)buffer, key, keylength_b);
} else {
memcpy(buffer, key, (keylength_b+7)/8);
}
for (i=0; i<MD5_BLOCK_BYTES; ++i){
buffer[i] ^= IPAD;
}
md5_init(&(s->a));
md5_nextBlock(&(s->a), buffer);
for (i=0; i<MD5_BLOCK_BYTES; ++i){
buffer[i] ^= IPAD^OPAD;
}
md5_init(&(s->b));
md5_nextBlock(&(s->b), buffer);
#if defined SECURE_WIPE_BUFFER
memset(buffer, 0, MD5_BLOCK_BYTES);
#endif
}
void hmac_md5_nextBlock(hmac_md5_ctx_t *s, const void* block){
md5_nextBlock(&(s->a), block);
}
void hmac_md5_lastBlock(hmac_md5_ctx_t *s, const void* block, uint16_t length_b){
md5_lastBlock(&(s->a), block, length_b);
}
void hmac_md5_final(void* dest, hmac_md5_ctx_t *s){
md5_ctx2hash((md5_hash_t*)dest, &(s->a));
md5_lastBlock(&(s->b), dest, MD5_HASH_BITS);
md5_ctx2hash((md5_hash_t*)dest, &(s->b));
}
#endif
/*
void hmac_md5_nextBlock()
void hmac_md5_lastBlock()
*/
/*
* keylength in bits!
* message length in bits!
*/
void hmac_md5(void* dest, void* key, uint16_t keylength_b, void* msg, uint32_t msglength_b){ /* a one-shot*/
md5_ctx_t s;
uint8_t i;
uint8_t buffer[MD5_BLOCK_BYTES];
memset(buffer, 0, MD5_BLOCK_BYTES);
/* if key is larger than a block we have to hash it*/
if (keylength_b > MD5_BLOCK_BITS){
md5((void*)buffer, key, keylength_b);
} else {
memcpy(buffer, key, (keylength_b+7)/8);
}
for (i=0; i<MD5_BLOCK_BYTES; ++i){
buffer[i] ^= IPAD;
}
md5_init(&s);
md5_nextBlock(&s, buffer);
while (msglength_b >= MD5_BLOCK_BITS){
md5_nextBlock(&s, msg);
msg = (uint8_t*)msg + MD5_BLOCK_BYTES;
msglength_b -= MD5_BLOCK_BITS;
}
md5_lastBlock(&s, msg, msglength_b);
/* since buffer still contains key xor ipad we can do ... */
for (i=0; i<MD5_BLOCK_BYTES; ++i){
buffer[i] ^= IPAD ^ OPAD;
}
md5_ctx2hash(dest, &s); /* save inner hash temporary to dest */
md5_init(&s);
md5_nextBlock(&s, buffer);
md5_lastBlock(&s, dest, MD5_HASH_BITS);
md5_ctx2hash(dest, &s);
}

42
hmac-md5.h Normal file
View File

@ -0,0 +1,42 @@
/* hmac-md5.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef HMACMD5_H_
#define HMACMD5_H_
#include "md5.h"
#define HMAC_MD5_BITS MD5_HASH_BITS
#define HMAC_MD5_BYTES MD5_HASH_BYTES
#define HMAC_MD5_BLOCK_BITS MD5_BLOCK_BITS
#define HMAC_MD5_BLOCK_BYTES MD5_BLOCK_BYTES
typedef struct{
md5_ctx_t a,b;
} hmac_md5_ctx_t;
void hmac_md5_init(hmac_md5_ctx_t *s, void* key, uint16_t keylength_b);
void hmac_md5_nextBlock(hmac_md5_ctx_t *s, const void* block);
void hmac_md5_lastBlock(hmac_md5_ctx_t *s, const void* block, uint16_t length_b);
void hmac_md5_final(void* dest, hmac_md5_ctx_t *s);
void hmac_md5(void* dest, void* key, uint16_t keylength_b, void* msg, uint32_t msglength_b);
#endif /*HMACMD5_H_*/

61
hmac-sha1.c
View File

@ -40,7 +40,7 @@
#ifndef HMAC_SHORTONLY
void hmac_sha1_init(hmac_sha1_ctx_t *s, void* key, uint16_t keylength_b){
void hmac_sha1_init(hmac_sha1_ctx_t *s, const void* key, uint16_t keylength_b){
uint8_t buffer[SHA1_BLOCK_BYTES];
uint8_t i;
@ -54,53 +54,46 @@ void hmac_sha1_init(hmac_sha1_ctx_t *s, void* key, uint16_t keylength_b){
for (i=0; i<SHA1_BLOCK_BYTES; ++i){
buffer[i] ^= IPAD;
}
sha1_init(s);
sha1_nextBlock(s, buffer);
#if defined SECURE_WIPE_BUFFER
memset(buffer, 0, SHA1_BLOCK_BYTES);
#endif
}
void hmac_sha1_final(hmac_sha1_ctx_t *s, void* key, uint16_t keylength_b){
uint8_t buffer[SHA1_BLOCK_BYTES];
uint8_t i;
sha1_ctx_t a;
memset(buffer, 0, SHA1_BLOCK_BYTES);
if (keylength_b > SHA1_BLOCK_BITS){
sha1((void*)buffer, key, keylength_b);
} else {
memcpy(buffer, key, (keylength_b+7)/8);
}
sha1_init(&(s->a));
sha1_nextBlock(&(s->a), buffer);
for (i=0; i<SHA1_BLOCK_BYTES; ++i){
buffer[i] ^= OPAD;
buffer[i] ^= IPAD^OPAD;
}
sha1_init(&(s->b));
sha1_nextBlock(&(s->b), buffer);
sha1_init(&a);
sha1_nextBlock(&a, buffer); /* hash key ^ opad */
sha1_ctx2hash((void*)buffer, s); /* copy hash(key ^ ipad, msg) to buffer */
sha1_lastBlock(&a, buffer, SHA1_HASH_BITS);
memcpy(s, &a, sizeof(sha1_ctx_t));
#if defined SECURE_WIPE_BUFFER
memset(buffer, 0, SHA1_BLOCK_BYTES);
memset(&a, 0, sizeof(sha1_ctx_t));
#endif
#endif
}
void hmac_sha1_nextBlock(hmac_sha1_ctx_t *s, const void* block){
sha1_nextBlock(&(s->a), block);
}
void hmac_sha1_lastBlock(hmac_sha1_ctx_t *s, const void* block, uint16_t length_b){
while(length_b>=SHA1_BLOCK_BITS){
sha1_nextBlock(&(s->a), block);
block = (uint8_t*)block + SHA1_BLOCK_BYTES;
length_b -= SHA1_BLOCK_BITS;
}
sha1_lastBlock(&(s->a), block, length_b);
}
void hmac_sha1_final(void* dest, hmac_sha1_ctx_t *s){
sha1_ctx2hash((sha1_hash_t*)dest, &(s->a));
sha1_lastBlock(&(s->b), dest, SHA1_HASH_BITS);
sha1_ctx2hash((sha1_hash_t*)dest, &(s->b));
}
#endif
/*
void hmac_sha1_nextBlock()
void hmac_sha1_lastBlock()
*/
/*
* keylength in bits!
* message length in bits!
*/
void hmac_sha1(void* dest, void* key, uint16_t keylength_b, void* msg, uint32_t msglength_b){ /* a one-shot*/
void hmac_sha1(void* dest, const void* key, uint16_t keylength_b, const void* msg, uint32_t msglength_b){ /* a one-shot*/
sha1_ctx_t s;
uint8_t i;
uint8_t buffer[SHA1_BLOCK_BYTES];

18
hmac-sha1.h
View File

@ -21,15 +21,21 @@
#include "sha1.h"
#define HMACSHA1_BITS SHA1_HASH_BITS
#define HMACSHA1_BYTES ((HMACSHA1_BITS+7)/8)
#define HMAC_SHA1_BITS SHA1_HASH_BITS
#define HMAC_SHA1_BYTES SHA1_HASH_BYTES
#define HMAC_SHA1_BLOCK_BITS SHA1_BLOCK_BITS
#define HMAC_SHA1_BLOCK_BYTES SHA1_BLOCK_BYTES
typedef sha1_ctx_t hmac_sha1_ctx_t;
typedef struct{
sha1_ctx_t a, b;
} hmac_sha1_ctx_t;
void hmac_sha1_init(hmac_sha1_ctx_t *s, void* key, uint16_t keylength_b);
void hmac_sha1_final(hmac_sha1_ctx_t *s, void* key, uint16_t keylength_b);
void hmac_sha1(void* dest, void* key, uint16_t keylength_b, void* msg, uint32_t msglength_b);
void hmac_sha1_init(hmac_sha1_ctx_t *s, const void* key, uint16_t keylength_b);
void hmac_sha1_nextBlock(hmac_sha1_ctx_t *s, const void* block);
void hmac_sha1_lastBlock(hmac_sha1_ctx_t *s, const void* block, uint16_t length_b);
void hmac_sha1_final(void* dest, hmac_sha1_ctx_t *s);
void hmac_sha1(void* dest, const void* key, uint16_t keylength_b, const void* msg, uint32_t msglength_b);
#endif /*HMACSHA1_H_*/

89
hmac-sha256.c
View File

@ -32,80 +32,73 @@
#include <string.h>
#include "config.h"
#include "sha256.h"
#include "hmac-sha256.h"
#define IPAD 0x36
#define OPAD 0x5C
typedef sha256_ctx_t hmac_sha256_ctx_t;
#ifndef HMAC_SHA256_SHORTONLY
#ifndef HMAC_SHORTONLY
void hmac_sha256_init(hmac_sha256_ctx_t *s, void* key, uint16_t keylength_b){
uint8_t buffer[SHA256_HASH_BYTES];
void hmac_sha256_init(hmac_sha256_ctx_t *s, const void* key, uint16_t keylength_b){
uint8_t buffer[HMAC_SHA256_BLOCK_BYTES];
uint8_t i;
memset(buffer, 0, SHA256_HASH_BYTES);
if (keylength_b > SHA256_BLOCK_BITS){
memset(buffer, 0, HMAC_SHA256_BLOCK_BYTES);
if (keylength_b > HMAC_SHA256_BLOCK_BITS){
sha256((void*)buffer, key, keylength_b);
} else {
memcpy(buffer, key, (keylength_b+7)/8);
}
for (i=0; i<SHA256_HASH_BYTES; ++i){
for (i=0; i<HMAC_SHA256_BLOCK_BYTES; ++i){
buffer[i] ^= IPAD;
}
sha256_init(s);
sha256_nextBlock(s, buffer);
sha256_init(&(s->a));
sha256_nextBlock(&(s->a), buffer);
for (i=0; i<HMAC_SHA256_BLOCK_BYTES; ++i){
buffer[i] ^= IPAD^OPAD;
}
sha256_init(&(s->b));
sha256_nextBlock(&(s->b), buffer);
#if defined SECURE_WIPE_BUFFER
memset(buffer, 0, SHA256_HASH_BYTES);
memset(buffer, 0, SHA256_BLOCK_BYTES);
#endif
}
void hmac_sha256_final(hmac_sha256_ctx_t *s, void* key, uint16_t keylength_b){
uint8_t buffer[SHA256_HASH_BYTES];
uint8_t i;
sha256_ctx_t a;
memset(buffer, 0, SHA256_HASH_BYTES);
if (keylength_b > SHA256_BLOCK_BITS){
sha256((void*)buffer, key, keylength_b);
} else {
memcpy(buffer, key, (keylength_b+7)/8);
void hmac_sha256_nextBlock(hmac_sha256_ctx_t *s, const void* block){
sha256_nextBlock(&(s->a), block);
}
void hmac_sha256_lastBlock(hmac_sha256_ctx_t *s, const void* block, uint16_t length_b){
/* while(length_b>=SHA256_BLOCK_BITS){
sha256_nextBlock(&(s->a), block);
block = (uint8_t*)block + SHA256_BLOCK_BYTES;
length_b -= SHA256_BLOCK_BITS;
}
for (i=0; i<SHA256_HASH_BYTES; ++i){
buffer[i] ^= OPAD;
}
sha256_init(&a);
sha256_nextBlock(&a, buffer); /* hash key ^ opad */
sha256_ctx2hash((void*)buffer, s); /* copy hash(key ^ ipad, msg) to buffer */
sha256_lastBlock(&a, buffer, SHA256_HASH_BITS);
memcpy(s, &a, sizeof(sha256_ctx_t));
#if defined SECURE_WIPE_BUFFER
memset(buffer, 0, SHA256_HASH_BYTES);
memset(a.h, 0, 8*4);
#endif
*/ sha256_lastBlock(&(s->a), block, length_b);
}
void hmac_sha256_final(void* dest, hmac_sha256_ctx_t *s){
sha256_ctx2hash((sha256_hash_t*)dest, &(s->a));
sha256_lastBlock(&(s->b), dest, SHA256_HASH_BITS);
sha256_ctx2hash((sha256_hash_t*)dest, &(s->b));
}
#endif
/*
void hmac_sha256_nextBlock()
void hmac_sha256_lastBlock()
*/
/*
* keylength in bits!
* message length in bits!
*/
void hmac_sha256(void* dest, void* key, uint16_t keylength_b, void* msg, uint64_t msglength_b){ /* a one-shot*/
void hmac_sha256(void* dest, const void* key, uint16_t keylength_b, const void* msg, uint32_t msglength_b){ /* a one-shot*/
sha256_ctx_t s;
uint8_t i;
uint8_t buffer[SHA256_HASH_BYTES];
uint8_t buffer[HMAC_SHA256_BLOCK_BYTES];
memset(buffer, 0, SHA256_HASH_BYTES);
memset(buffer, 0, HMAC_SHA256_BLOCK_BYTES);
/* if key is larger than a block we have to hash it*/
if (keylength_b > SHA256_BLOCK_BITS){
@ -114,19 +107,19 @@ void hmac_sha256(void* dest, void* key, uint16_t keylength_b, void* msg, uint64_
memcpy(buffer, key, (keylength_b+7)/8);
}
for (i=0; i<SHA256_HASH_BYTES; ++i){
for (i=0; i<SHA256_BLOCK_BYTES; ++i){
buffer[i] ^= IPAD;
}
sha256_init(&s);
sha256_nextBlock(&s, buffer);
while (msglength_b >= SHA256_BLOCK_BITS){
while (msglength_b >= HMAC_SHA256_BLOCK_BITS){
sha256_nextBlock(&s, msg);
msg = (uint8_t*)msg + SHA256_HASH_BYTES;
msglength_b -= SHA256_BLOCK_BITS;
msg = (uint8_t*)msg + HMAC_SHA256_BLOCK_BYTES;
msglength_b -= HMAC_SHA256_BLOCK_BITS;
}
sha256_lastBlock(&s, msg, msglength_b);
/* since buffer still contains key xor ipad we can do ... */
for (i=0; i<SHA256_HASH_BYTES; ++i){
for (i=0; i<HMAC_SHA256_BLOCK_BYTES; ++i){
buffer[i] ^= IPAD ^ OPAD;
}
sha256_ctx2hash(dest, &s); /* save inner hash temporary to dest */

22
hmac-sha256.h
View File

@ -21,15 +21,23 @@
#include "sha256.h"
#define HMAC_BITS SHA256_HASH_BITS
#define HMAC_BYTES ((HMAC_BITS+7)/8)
typedef sha256_ctx_t hmac_sha256_ctx_t;
#define HMAC_SHA256_BITS SHA256_HASH_BITS
#define HMAC_SHA256_BYTES SHA256_HASH_BYTES
#define HMAC_SHA256_BLOCK_BITS SHA256_BLOCK_BITS
#define HMAC_SHA256_BLOCK_BYTES SHA256_BLOCK_BYTES
void hmac_sha256_init(hmac_sha256_ctx_t *s, void* key, uint16_t keylength_b);
void hmac_sha256_final(hmac_sha256_ctx_t *s, void* key, uint16_t keylength_b);
void hmac_sha256(void* dest, void* key, uint16_t keylength_b, void* msg, uint64_t msglength_b);
typedef struct {
sha256_ctx_t a,b;
} hmac_sha256_ctx_t;
void hmac_sha256_init(hmac_sha256_ctx_t *s, const void* key, uint16_t keylength_b);
void hmac_sha256_nextBlock(hmac_sha256_ctx_t *s, const void* block);
void hmac_sha256_lastBlock(hmac_sha256_ctx_t *s, const void* block, uint16_t length_b);
void hmac_sha256_final(void* dest, hmac_sha256_ctx_t *s);
void hmac_sha256(void* dest, const void* key, uint16_t keylength_b, const void* msg, uint32_t msglength_b);
#endif /*HMACSHA256_H_*/

12
mkfiles/hmac-md5.mk Normal file
View File

@ -0,0 +1,12 @@
# Makefile for HMAC-SHA256
ALGO_NAME := HMAC-MD5
# comment out the following line for removement of HMAC-MD5 from the build process
MACS += $(ALGO_NAME)
$(ALGO_NAME)_OBJ := hmac-md5.o md5-asm.o
$(ALGO_NAME)_TEST_BIN := main-hmac-md5-test.o debug.o uart.o hexdigit_tab.o serial-tools.o cli.o string-extras.o \
nessie_mac_test.o nessie_common.o base64_enc.o base64_dec.o
$(ALGO_NAME)_NESSIE_TEST := "nessie"
$(ALGO_NAME)_PERFORMANCE_TEST := "performance"

13
sha1-asm.S
View File

@ -271,21 +271,24 @@ sha1_lastBlock_localSpace = (SHA1_BLOCK_BITS/8+1)
sha1_lastBlock:
tst r20
brne sha1_lastBlock_prolog
cpi r21, 0x02
brne sha1_lastBlock_prolog
brlo sha1_lastBlock_prolog
push r25
push r24
push r23
push r22
push r21
push r20
rcall sha1_nextBlock
pop r20
pop r21
pop r22
pop r23
pop r24
pop r25
clr r21
clr r22
subi r21, 2
subi r23, -2
rjmp sha1_lastBlock
sha1_lastBlock_prolog:
/* allocate space on stack */
in r30, SPL

6
sha1.c
View File

@ -88,7 +88,7 @@ uint32_t parity(uint32_t x, uint32_t y, uint32_t z){
typedef uint32_t (*pf_t)(uint32_t x, uint32_t y, uint32_t z);
void sha1_nextBlock (sha1_ctx_t *state, void* block){
void sha1_nextBlock (sha1_ctx_t *state, const void* block){
uint32_t a[5];
uint32_t w[16];
uint32_t temp;
@ -164,7 +164,7 @@ void sha1_nextBlock (sha1_ctx_t *state, void* block){
/********************************************************************************************************/
void sha1_lastBlock(sha1_ctx_t *state, void* block, uint16_t length){
void sha1_lastBlock(sha1_ctx_t *state, const void* block, uint16_t length){
uint8_t lb[SHA1_BLOCK_BITS/8]; /* local block */
state->length += length;
memcpy (&(lb[0]), block, length/8);
@ -219,7 +219,7 @@ void sha1_ctx2hash (sha1_hash_t *dest, sha1_ctx_t *state){
*
*
*/
void sha1 (sha1_hash_t *dest, void* msg, uint32_t length){
void sha1 (sha1_hash_t *dest, const void* msg, uint32_t length){
sha1_ctx_t s;
DEBUG_S("\r\nBLA BLUB");
sha1_init(&s);

12
sha1.h
View File

@ -75,16 +75,16 @@ typedef uint8_t sha1_hash_t[SHA1_HASH_BITS/8];
*/
void sha1_init(sha1_ctx_t *state);
/** \fn sha1_nextBlock(sha1_ctx_t *state, void* block)
/** \fn sha1_nextBlock(sha1_ctx_t *state, const void* block)
* \brief process one input block
* This function processes one input block and updates the hash context
* accordingly
* \param state pointer to the state variable to update
* \param block pointer to the message block to process
*/
void sha1_nextBlock (sha1_ctx_t *state, void* block);
void sha1_nextBlock (sha1_ctx_t *state, const void* block);
/** \fn sha1_lastBlock(sha1_ctx_t *state, void* block, uint16_t length_b)
/** \fn sha1_lastBlock(sha1_ctx_t *state, const void* block, uint16_t length_b)
* \brief processes the given block and finalizes the context
* This function processes the last block in a SHA-1 hashing process.
* The block should have a maximum length of a single input block.
@ -92,7 +92,7 @@ void sha1_nextBlock (sha1_ctx_t *state, void* block);
* \param block pointer to themessage block to process
* \param length_b length of the message block in bits
*/
void sha1_lastBlock (sha1_ctx_t *state, void* block, uint16_t length_b);
void sha1_lastBlock (sha1_ctx_t *state, const void* block, uint16_t length_b);
/** \fn sha1_ctx2hash(sha1_hash_t *dest, sha1_ctx_t *state)
* \brief convert a state variable into an actual hash value
@ -102,7 +102,7 @@ void sha1_lastBlock (sha1_ctx_t *state, void* block, uint16_t length_b);
*/
void sha1_ctx2hash (sha1_hash_t *dest, sha1_ctx_t *state);
/** \fn sha1(sha1_hash_t *dest, void* msg, uint32_t length_b)
/** \fn sha1(sha1_hash_t *dest, const void* msg, uint32_t length_b)
* \brief hashing a message which in located entirely in RAM
* This function automatically hashes a message which is entirely in RAM with
* the SHA-1 hashing algorithm.
@ -110,7 +110,7 @@ void sha1_ctx2hash (sha1_hash_t *dest, sha1_ctx_t *state);
* \param msg pointer to the message which should be hashed
* \param length_b length of the message in bits
*/
void sha1(sha1_hash_t *dest, void* msg, uint32_t length_b);
void sha1(sha1_hash_t *dest, const void* msg, uint32_t length_b);

13
sha256-asm.S
View File

@ -253,21 +253,24 @@ sha256_lastBlock_localSpace = (SHA256_BLOCK_BITS/8+1)
sha256_lastBlock:
tst r20
brne sha256_lastBlock_prolog
cpi r21, 0x02
brne sha256_lastBlock_prolog
brlo sha256_lastBlock_prolog
push r25
push r24
push r23
push r22
push r21
push r20
rcall sha256_nextBlock
pop r20
pop r21
pop r22
pop r23
pop r24
pop r25
clr r21
clr r22
subi r21, 0x02
subi r23, -2
rjmp sha256_lastBlock
sha256_lastBlock_prolog:
/* allocate space on stack */
in r30, SPL

192
test_src/main-hmac-md5-test.c Normal file
View File

@ -0,0 +1,192 @@
/* main-hmac-md5-test.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*
* HMAC-MD5 test-suit
*
*/
#include "config.h"
#include "serial-tools.h"
#include "uart.h"
#include "debug.h"
#include "md5.h"
#include "hmac-md5.h"
#include "base64_enc.h"
#include "base64_dec.h"
#include "nessie_mac_test.h"
#include <stdint.h>
#include <string.h>
#include "cli.h"
char* algo_name = "HMAC-MD5";
/*****************************************************************************
* additional validation-functions *
*****************************************************************************/
void testrun_nessie_hmacmd5(void){
nessie_mac_ctx.macsize_b = HMAC_MD5_BITS;
nessie_mac_ctx.keysize_b = HMAC_MD5_BLOCK_BITS;
nessie_mac_ctx.blocksize_B = HMAC_MD5_BLOCK_BYTES;
nessie_mac_ctx.ctx_size_B = sizeof(hmac_md5_ctx_t);
nessie_mac_ctx.name = algo_name;
nessie_mac_ctx.mac_init = (nessie_mac_init_fpt)hmac_md5_init;
nessie_mac_ctx.mac_next = (nessie_mac_next_fpt)hmac_md5_nextBlock;
nessie_mac_ctx.mac_last = (nessie_mac_last_fpt)hmac_md5_lastBlock;
nessie_mac_ctx.mac_conv = (nessie_mac_conv_fpt)hmac_md5_final;
nessie_mac_run();
}
void testrun_test_hmacmd5(void){
uint8_t hmac[16];
uint8_t keys[][16] = {
{ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b },
{ 'J', 'e', 'f', 'e', },
{ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA }
};
uint8_t buffer[50];
cli_putstr_P(PSTR("\r\n hmac (1): "));
hmac_md5(hmac, keys[0], 128, "Hi There", 64);
cli_hexdump(hmac, 16);
cli_putstr_P(PSTR("\r\n hmac (2): "));
hmac_md5(hmac, keys[1], 4*8, "what do ya want for nothing?", 28*8);
cli_hexdump(hmac, 16);
cli_putstr_P(PSTR("\r\n hmac (3): "));
memset(buffer, 0xDD, 50);
hmac_md5(hmac, keys[2], 128, buffer, 50*8);
cli_hexdump(hmac, 16);
}
void hmacmd5_interactive(void){
char key[101];
char msg[101];
uint8_t hmac[HMAC_MD5_BYTES];
uint8_t key_len, msg_len;
cli_putstr_P(PSTR("\r\nHMAC-MD5:\r\nkey: "));
cli_getsn(key, 100);
key_len = strlen(key);
cli_putstr_P(PSTR("\r\nmsg: "));
cli_getsn(msg, 100);
msg_len = strlen(msg);
hmac_md5(hmac, key, key_len*8, msg, msg_len*8);
cli_putstr_P(PSTR("\r\nhmac-md5: "));
cli_hexdump(hmac, HMAC_MD5_BYTES);
}
void strhexdump(char* dest, void* src, uint16_t length){
char table[] = { '0', '1', '2', '3',
'4', '5', '6', '7',
'8', '9', 'a', 'b',
'c', 'd', 'e', 'f' };
while(length--){
*dest++ = table[(*((uint8_t*)src))>>4];
*dest++ = table[(*((uint8_t*)src))&0xf];
src = (uint8_t*)src +1;
}
}
void cram_md5_interactive(void){
char key[101];
char msg_b64[101];
char username[101];
uint8_t msg[100];
uint8_t hmac[HMAC_MD5_BYTES];
int key_len, msg_len;
int ul;
cli_putstr_P(PSTR("\r\nCRAM-MD5:\r\nkey: "));
cli_getsn(key, 100);
key_len = strlen(key);
cli_putstr_P(PSTR("\r\nusername: "));
cli_getsn(username, 60);
cli_putstr_P(PSTR("\r\nchallange: "));
cli_getsn(msg_b64, 100);
if((msg_len = base64_binlength(msg_b64, 1))==-1){
cli_putstr_P(PSTR("\r\nERROR in base64 encoding !\r\n"));
return;
}
base64dec(msg, msg_b64, 1);
hmac_md5(hmac, key, key_len*8, msg, msg_len*8);
ul=strlen(username);
username[ul]=' ';
strhexdump(username+ul+1, hmac, 128/8);
base64enc(msg_b64, username, ul+1+128/8*2);
cli_putstr_P(PSTR("\r\nresponse: "));
cli_hexdump(hmac, HMAC_MD5_BYTES);
cli_putstr_P(PSTR("\r\nresponse (b64): "));
cli_putstr(msg_b64);
}
void md5_interactive(void){
char msg[101];
uint8_t hash[MD5_HASH_BYTES];
uint8_t msg_len;
cli_putstr_P(PSTR("\r\nmsg: "));
cli_getsn(msg, 100);
msg_len = strlen(msg);
md5((void*)hash, msg, msg_len*8);
cli_putstr_P(PSTR("\r\nmd5: "));
cli_hexdump(hash, MD5_HASH_BYTES);
}
/*****************************************************************************
* main *
*****************************************************************************/
const char nessie_str[] PROGMEM = "nessie";
const char test_str[] PROGMEM = "test";
/* const char performance_str[] PROGMEM = "performance"; */
const char echo_str[] PROGMEM = "echo";
const char hmd5i_str[] PROGMEM = "hmac-md5";
const char crammd5i_str[] PROGMEM = "cram-md5";
const char md5i_str[] PROGMEM = "md5";
cmdlist_entry_t cmdlist[] PROGMEM = {
{ nessie_str, NULL, testrun_nessie_hmacmd5},
{ test_str, NULL, testrun_test_hmacmd5},
{ hmd5i_str, NULL, hmacmd5_interactive},
{ crammd5i_str, NULL, cram_md5_interactive},
{ md5i_str, NULL, md5_interactive},
/* { performance_str, NULL, testrun_performance_hmacmd5}, */
{ echo_str, (void*)1, (void_fpt)echo_ctrl},
{ NULL, NULL, NULL}
};
int main (void){
DEBUG_INIT();
cli_rx = uart_getc;
cli_tx = uart_putc;
for(;;){
cli_putstr_P(PSTR("\r\n\r\nCrypto-VS ("));
cli_putstr(algo_name);
cli_putstr_P(PSTR(")\r\nloaded and running\r\n"));
cmd_interface(cmdlist);
}
}

27
test_src/main-hmac-sha1-test.c
View File

@ -40,35 +40,22 @@ char* algo_name = "HMAC-SHA1";
/*****************************************************************************
* additional validation-functions *
*****************************************************************************/
void hmacsha1_next_dummy(void* buffer, void* ctx){
sha1_nextBlock(ctx, buffer);
}
void hmacsha1_init_dummy(void* key, uint16_t keysize_b, void* ctx){
hmac_sha1_init(ctx, key, keysize_b);
}
void hmacsha1_last_dummy(void* buffer, uint16_t size_b, void* key, uint16_t keysize_b, void* ctx){
sha1_lastBlock(ctx, buffer, size_b);
hmac_sha1_final(ctx, key, keysize_b);
}
void testrun_nessie_hmacsha1(void){
nessie_mac_ctx.macsize_b = 160;
nessie_mac_ctx.keysize_b = 512;
nessie_mac_ctx.blocksize_B = 512/8;
nessie_mac_ctx.macsize_b = HMAC_SHA1_BITS;
nessie_mac_ctx.keysize_b = HMAC_SHA1_BLOCK_BITS;
nessie_mac_ctx.blocksize_B = HMAC_SHA1_BLOCK_BYTES;
nessie_mac_ctx.ctx_size_B = sizeof(hmac_sha1_ctx_t);
nessie_mac_ctx.name = algo_name;
nessie_mac_ctx.mac_init = (nessie_mac_init_fpt)hmacsha1_init_dummy;
nessie_mac_ctx.mac_next = (nessie_mac_next_fpt)hmacsha1_next_dummy;
nessie_mac_ctx.mac_last = (nessie_mac_last_fpt)hmacsha1_last_dummy;
nessie_mac_ctx.mac_conv = (nessie_mac_conv_fpt)sha1_ctx2hash;
nessie_mac_ctx.mac_init = (nessie_mac_init_fpt)hmac_sha1_init;
nessie_mac_ctx.mac_next = (nessie_mac_next_fpt)hmac_sha1_nextBlock;
nessie_mac_ctx.mac_last = (nessie_mac_last_fpt)hmac_sha1_lastBlock;
nessie_mac_ctx.mac_conv = (nessie_mac_conv_fpt)hmac_sha1_final;
nessie_mac_run();
}
/*****************************************************************************
* main *
*****************************************************************************/

41
test_src/main-hmac-sha256-test.c
View File

@ -40,29 +40,34 @@ char* algo_name = "HMAC-SHA256";
/*****************************************************************************
* additional validation-functions *
*****************************************************************************/
void hmacsha256_next_dummy(void* buffer, void* ctx){
sha256_nextBlock(ctx, buffer);
}
void hmacsha256_init_dummy(void* key, uint16_t keysize_b, void* ctx){
hmac_sha256_init(ctx, key, keysize_b);
}
void hmacsha256_last_dummy(void* buffer, uint16_t size_b, void* key, uint16_t keysize_b, void* ctx){
sha256_lastBlock(ctx, buffer, size_b);
hmac_sha256_final(ctx, key, keysize_b);
void testrun_hmacsha256(void){
uint8_t key[] = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF,
0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF,
0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF };
uint8_t msg[] = { 0x00 };
uint8_t mac[HMAC_SHA256_BYTES];
hmac_sha256(mac, key, 512, msg, 0);
cli_putstr_P(PSTR("\r\n quick hmac = "));
cli_hexdump(mac, HMAC_SHA256_BYTES);
cli_putstr_P(PSTR("\r\n"));
}
void testrun_nessie_hmacsha256(void){
nessie_mac_ctx.macsize_b = 256;
nessie_mac_ctx.keysize_b = 512;
nessie_mac_ctx.blocksize_B = 512/8;
nessie_mac_ctx.macsize_b = HMAC_SHA256_BITS;
nessie_mac_ctx.keysize_b = HMAC_SHA256_BLOCK_BITS;
nessie_mac_ctx.blocksize_B = HMAC_SHA256_BLOCK_BYTES;
nessie_mac_ctx.ctx_size_B = sizeof(hmac_sha256_ctx_t);
nessie_mac_ctx.name = algo_name;
nessie_mac_ctx.mac_init = (nessie_mac_init_fpt)hmacsha256_init_dummy;
nessie_mac_ctx.mac_next = (nessie_mac_next_fpt)hmacsha256_next_dummy;
nessie_mac_ctx.mac_last = (nessie_mac_last_fpt)hmacsha256_last_dummy;
nessie_mac_ctx.mac_conv = (nessie_mac_conv_fpt)sha256_ctx2hash;
nessie_mac_ctx.mac_init = (nessie_mac_init_fpt)hmac_sha256_init;
nessie_mac_ctx.mac_next = (nessie_mac_next_fpt)hmac_sha256_nextBlock;
nessie_mac_ctx.mac_last = (nessie_mac_last_fpt)hmac_sha256_lastBlock;
nessie_mac_ctx.mac_conv = (nessie_mac_conv_fpt)hmac_sha256_final;
nessie_mac_run();
}
@ -80,7 +85,7 @@ const char echo_str[] PROGMEM = "echo";
cmdlist_entry_t cmdlist[] PROGMEM = {
{ nessie_str, NULL, testrun_nessie_hmacsha256},
{ test_str, NULL, testrun_nessie_hmacsha256},
{ test_str, NULL, testrun_hmacsha256},
/* { performance_str, NULL, testrun_performance_hmacsha256}, */
{ echo_str, (void*)1, (void_fpt)echo_ctrl},
{ NULL, NULL, NULL}

37
test_src/nessie_mac_test.c
View File

@ -49,14 +49,14 @@ void ascii_mac(char* data, char* desc, uint8_t* key){
NESSIE_PUTSTR_P(PSTR("\r\n message="));
NESSIE_PUTSTR(desc);
PRINTKEY;
nessie_mac_ctx.mac_init(key, nessie_mac_ctx.keysize_b, ctx);
nessie_mac_ctx.mac_init(ctx, key, nessie_mac_ctx.keysize_b);
sl = strlen(data);
while(sl>nessie_mac_ctx.blocksize_B){
nessie_mac_ctx.mac_next(data, ctx);
nessie_mac_ctx.mac_next(ctx, data);
data += nessie_mac_ctx.blocksize_B;
sl -= nessie_mac_ctx.blocksize_B;
}
nessie_mac_ctx.mac_last(data, sl*8, key, nessie_mac_ctx.keysize_b, ctx);
nessie_mac_ctx.mac_last(ctx, data, sl*8);
nessie_mac_ctx.mac_conv(mac, ctx);
PRINTMAC;
}
@ -76,13 +76,13 @@ void amillion_mac(uint8_t* key){
PRINTKEY;
memset(block, 'a', nessie_mac_ctx.blocksize_B);
nessie_mac_ctx.mac_init(key, nessie_mac_ctx.keysize_b, ctx);
while(n>nessie_mac_ctx.blocksize_B){
nessie_mac_ctx.mac_next(block, ctx);
nessie_mac_ctx.mac_init(ctx, key, nessie_mac_ctx.keysize_b);
while(n>=nessie_mac_ctx.blocksize_B){
nessie_mac_ctx.mac_next(ctx, block);
n -= nessie_mac_ctx.blocksize_B;
NESSIE_SEND_ALIVE_A(i++);
}
nessie_mac_ctx.mac_last(block, n*8, key, nessie_mac_ctx.keysize_b, ctx);
nessie_mac_ctx.mac_last(ctx, block, n*8);
nessie_mac_ctx.mac_conv(mac, ctx);
PRINTMAC;
}
@ -108,12 +108,12 @@ void zero_mac(uint16_t n, uint8_t* key){
PRINTKEY;
memset(block, 0, nessie_mac_ctx.blocksize_B);
nessie_mac_ctx.mac_init(key, nessie_mac_ctx.keysize_b,ctx);;
nessie_mac_ctx.mac_init(ctx, key, nessie_mac_ctx.keysize_b);
while(n>nessie_mac_ctx.blocksize_B*8){
nessie_mac_ctx.mac_next(block, ctx);
nessie_mac_ctx.mac_next(ctx, block);
n -= nessie_mac_ctx.blocksize_B*8;
}
nessie_mac_ctx.mac_last(block, n, key, nessie_mac_ctx.keysize_b, ctx);
nessie_mac_ctx.mac_last(ctx, block, n);
nessie_mac_ctx.mac_conv(mac, ctx);
PRINTMAC;
}
@ -153,13 +153,13 @@ void one_in512_mac(uint16_t pos, uint8_t* key){
block[pos>>3] = 0x80>>(pos&0x7);
uint8_t* bp;
bp = block;
nessie_mac_ctx.mac_init(key, nessie_mac_ctx.keysize_b, ctx);
nessie_mac_ctx.mac_init(ctx, key, nessie_mac_ctx.keysize_b);
while(n>nessie_mac_ctx.blocksize_B*8){
nessie_mac_ctx.mac_next(bp, ctx);
nessie_mac_ctx.mac_next(ctx, bp);
n -= nessie_mac_ctx.blocksize_B*8;
bp += nessie_mac_ctx.blocksize_B;
}
nessie_mac_ctx.mac_last(bp, n, key, nessie_mac_ctx.keysize_b, ctx);
nessie_mac_ctx.mac_last(ctx, bp, n);
nessie_mac_ctx.mac_conv(mac, ctx);
PRINTMAC;
}
@ -187,19 +187,20 @@ void tv4_mac(void){
for(i=0; i<KEYSIZE_B; ++i)
key[i] = core_key[i%(3*8)];
nessie_print_item("key", key, KEYSIZE_B);
nessie_mac_ctx.mac_init(key, nessie_mac_ctx.keysize_b, ctx);
nessie_mac_ctx.mac_init(ctx, key, nessie_mac_ctx.keysize_b);
while(n>nessie_mac_ctx.blocksize_B*8){
nessie_mac_ctx.mac_next(block, ctx);
nessie_mac_ctx.mac_next(ctx, block);
n -= nessie_mac_ctx.blocksize_B*8;
}
nessie_mac_ctx.mac_last(block, n, key, nessie_mac_ctx.keysize_b, ctx);
nessie_mac_ctx.mac_last(ctx, block, n);
nessie_mac_ctx.mac_conv(mac, ctx);
PRINTMAC;
for(i=1; i<100000L; ++i){ /* this assumes BLOCKSIZE >= HASHSIZE */
nessie_mac_ctx.mac_init(key, nessie_mac_ctx.keysize_b, ctx);;
nessie_mac_ctx.mac_last(mac, nessie_mac_ctx.macsize_b, key, nessie_mac_ctx.keysize_b, ctx);
nessie_mac_ctx.mac_init(ctx, key, nessie_mac_ctx.keysize_b);
nessie_mac_ctx.mac_last(ctx, mac, nessie_mac_ctx.macsize_b);
nessie_mac_ctx.mac_conv(mac, ctx);
NESSIE_SEND_ALIVE_A(i);
NESSIE_SEND_ALIVE_A(i+32);
}
nessie_print_item("iterated 100000 times", mac, MACSIZE_B);
}

6
test_src/nessie_mac_test.h
View File

@ -21,9 +21,9 @@
#include <stdint.h>
typedef void (*nessie_mac_init_fpt)(void* key, uint16_t keysize_b, void* ctx);
typedef void (*nessie_mac_next_fpt)(void* buffer, void* ctx);
typedef void (*nessie_mac_last_fpt)(void* buffer, uint16_t size_b, void* key, uint16_t keysize_b, void* ctx);
typedef void (*nessie_mac_init_fpt)(void* ctx, const void* key, uint16_t keysize_b);
typedef void (*nessie_mac_next_fpt)(void* ctx, const void* buffer);
typedef void (*nessie_mac_last_fpt)(void* ctx, const void* buffer, uint16_t size_b);
typedef void (*nessie_mac_conv_fpt)(void* buffer, void* ctx);

16603
testvectors/HMAC-Md5-512-128.unverified.test-vectors Normal file
View File

File diff suppressed because it is too large Load Diff