bg
/
avr-crypto-lib
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

present looks better now (using unverified testvectors)

This commit is contained in:
bg 2012-04-25 22:36:52 +00:00
parent cc6b183296
commit 7715ef86b0
30 changed files with 12978 additions and 363 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
Makefile_main.inc
View File

@ -36,6 +36,8 @@ GLOBAL_INCDIR := ./ $(TESTSRC_DIR)
# inclusion of make stubs
include $(sort $(wildcard mkfiles/*.mk))
default: info
#-------------------------------------------------------------------------------
ALGORITHMS = $(BLOCK_CIPHERS) $(STREAM_CIPHERS) $(HASHES) $(PRNGS) $(MACS) \
$(ENCODINGS) $(SIGNATURE) $(PK_CIPHERS) $(AUX)
@ -62,7 +64,9 @@ $(foreach a, $(ALGORITHMS), $(eval $(call Assert_Template, \
#-------------------------------------------------------------------------------
define GenericTarget_Template
$(1): $(2)
endef
define TargetSource_Template
$(1): $(2)
@ -173,7 +177,7 @@ $(1):
@mkdir -p $(1)
endef
$(foreach d, DEP_DIR BIN_DIR TESTSRC_DIR TESTLOG_DIR SPEEDLOG_DIR SIZE_DIR LIST_DIR STAT_DIR AUTOASM_DIR, $(eval $(call MakeDir_TEMPLATE, \
$(foreach d, DEP_DIR BIN_DIR TESTSRC_DIR TESTLOG_DIR SPEEDLOG_DIR SIZE_DIR LIST_DIR STAT_DIR, $(eval $(call MakeDir_TEMPLATE, \
$($(d)) \
)))
@ -238,15 +242,26 @@ hash_speed: $(foreach algo, $(HASHES), $(algo)_SPEED)
blockcipher_speed: $(foreach algo, $(BLOCK_CIPHERS), $(algo)_SPEED)
#-------------------------------------------------------------------------------
define Size_Template
$(1): $(2)
@echo "[size] $(3)"
@mkdir -p $(dir $(1))
@$(SIZE) $(2) > $(1)
endef
$(foreach algo, $(ALGORITHMS), $(eval $(call Size_Template, \
$(strip $(SIZE_DIR))$(strip $(call lc, $(algo))).size,$($(algo)_BINOBJ),$(algo) \
)))
define Size_Template
$(1)_SIZE: $(2)
@echo "[size] $(1)"
$(SIZE) $(2) > $(strip $(SIZE_DIR))$(strip $(call lc, $(1))).size
@mkdir -p $(dir $(strip $(SIZE_DIR))$(strip $(call lc, $(1))).size)
@$(SIZE) $(2) > $(strip $(SIZE_DIR))$(strip $(call lc, $(1))).size
endef
$(foreach algo, $(ALGORITHMS), $(eval $(call Size_Template, \
$(strip $(algo)), $($(algo)_BINOBJ) \
$(foreach algo, $(ALGORITHMS), $(eval $(call GenericTarget_Template, \
$(strip $(algo))_SIZE,$(strip $(SIZE_DIR))$(strip $(call lc, $(algo))).size \
)))
.PHONY: hash_size
@ -255,6 +270,13 @@ hash_size: $(foreach algo, $(HASHES), $(algo)_SIZE)
.PHONY: blockcipher_size
blockcipher_size: $(foreach algo, $(BLOCK_CIPHERS), $(algo)_SIZE)
.PHONY: size
size: $(foreach algo, $(ALGORITHMS), $(algo)_SIZE)
.PHONY: size_clean
size_clean:
rm -vf $(strip $(SIZE_DIR))*.size
#-------------------------------------------------------------------------------
.PHONY: tests
@ -352,7 +374,7 @@ info:
@echo " cores - all algorithm cores"
@echo " listings - all algorithm core listings"
@echo " tests - all algorithm test programs"
@echo " stats - all algorithm size statistics"
@echo " size - all algorithm size statistics"
@echo " blockciphers - all blockcipher cores"
@echo " streamciphers - all streamcipher cores"
@echo " hashes - all hash cores"

4
Makefile_sys_conf.inc
View File

@ -24,9 +24,7 @@ SIZE_DIR = size_log/$(BOARD_NAME)/#
LIST_DIR = listings/$(BOARD_NAME)/#
LIST_OPT = -Wa,-adhln -g
STAT_DIR = stats/$(BOARD_NAME)/#
AUTOASM_DIR = autoasm/$(BOARD_NAME)/#
AUTOASM_OPT = -S
CC = avr-gcc
CC = avr-gcc
CSTD = gnu99
SIZESTAT_FILE = sizestats.txt

51
bcal/bcal_present128.c Normal file
View File

@ -0,0 +1,51 @@
/* bcal_present.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_present.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "present128.h"
#include "keysize_descriptor.h"
const char present128_str[] PROGMEM = "Present128";
const uint8_t present128_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(128),
KS_TYPE_TERMINATOR };
const bcdesc_t present128_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_2,
present128_str,
sizeof(present128_ctx_t),
64,
{(void_fpt)present128_init},
{(void_fpt)present128_enc},
{(void_fpt)present128_dec},
(bc_free_fpt)NULL,
present128_keysize_desc
};

33
bcal/bcal_present128.h Normal file
View File

@ -0,0 +1,33 @@
/* bcal_present.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_present.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "present128.h"
#include "keysize_descriptor.h"
extern const bcdesc_t present128_desc;

20
bcal/bcal_present.c → bcal/bcal_present80.c
View File

@ -28,25 +28,25 @@
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "present.h"
#include "present80.h"
#include "keysize_descriptor.h"
const char present_str[] PROGMEM = "Present";
const char present80_str[] PROGMEM = "Present80";
const uint8_t present_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(80),
const uint8_t present80_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(80),
KS_TYPE_TERMINATOR };
const bcdesc_t present_desc PROGMEM = {
const bcdesc_t present80_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_2,
present_str,
sizeof(present_ctx_t),
present80_str,
sizeof(present80_ctx_t),
64,
{(void_fpt)present_init},
{(void_fpt)present_enc},
{(void_fpt)present_dec},
{(void_fpt)present80_init},
{(void_fpt)present80_enc},
{(void_fpt)present80_dec},
(bc_free_fpt)NULL,
present_keysize_desc
present80_keysize_desc
};

4
bcal/bcal_present.h → bcal/bcal_present80.h
View File

@ -27,7 +27,7 @@
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "present.h"
#include "present80.h"
#include "keysize_descriptor.h"
extern const bcdesc_t present_desc;
extern const bcdesc_t present80_desc;

1
host/get_test.rb
View File

@ -80,6 +80,7 @@ def readTestVector(param)
end
puts("-> "+fname+"txt");
file=File.new(fname+"txt", "w");
file.sync = true
buffer+=lb;
file.write(buffer);
begin

1
host/rsa_pkcs1v15_check.rb
View File

@ -407,6 +407,7 @@ if opts['n']
end
$logfile = STDOUT if ! $logfile
$logfile.sync = true
reset_system()
if opts['s'] && ( m = opts['s'].match(/([\d]+)\.([\d]+)/) )

0
sumsize.rb → host/sumsize.rb
View File

2
mkfiles/hmac-md5.mk
View File

@ -1,4 +1,4 @@
# Makefile for HMAC-SHA256
# Makefile for HMAC-MD5
ALGO_NAME := HMAC-MD5
# comment out the following line for removement of HMAC-MD5 from the build process

2
mkfiles/hmac-sha1.mk
View File

@ -1,4 +1,4 @@
# Makefile for HMAC-SHA256
# Makefile for HMAC-SHA1
ALGO_NAME := HMAC-SHA1
# comment out the following line for removement of HMAC-SHA1 from the build process

6
mkfiles/present.mk
View File

@ -5,9 +5,9 @@ ALGO_NAME := PRESENT
BLOCK_CIPHERS += $(ALGO_NAME)
$(ALGO_NAME)_DIR := present/
$(ALGO_NAME)_INCDIR := bcal/
$(ALGO_NAME)_OBJ := present.o
$(ALGO_NAME)_TESTBIN := main-present-test.o bcal_present.o $(CLI_STD) $(BCAL_STD)
$(ALGO_NAME)_INCDIR := bcal/ memxor/
$(ALGO_NAME)_OBJ := present_common.o present80.o present128.o memxor.o
$(ALGO_NAME)_TESTBIN := main-present-test.o bcal_present80.o bcal_present128.o $(CLI_STD) $(BCAL_STD)
$(ALGO_NAME)_NESSIE_TEST := "nessie"
$(ALGO_NAME)_PERFORMANCE_TEST := "performance"

135
present/present.c
View File

@ -1,135 +0,0 @@
/* present.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* present.c
* a implementation of the PRESENT block-cipher
* author: Daniel Otte
* email: daniel.otte@rub.de
* license: GPLv3
*
* */
#include <string.h>
#include <stdint.h>
#include "present.h"
static uint8_t sbox(uint8_t b){
uint8_t sb[]={0xC, 0x5, 0x6, 0xB,
0x9, 0x0, 0xA, 0xD,
0x3, 0xE, 0xF, 0x8,
0x4, 0x7, 0x1, 0x2 };
return (((sb[b>>4])<<4)|(sb[b&0xf]));
}
static uint8_t sbox_inv(uint8_t b){
uint8_t sb[]={0x5, 0xE, 0xF, 0x8,
0xC, 0x1, 0x2, 0xD,
0xB, 0x4, 0x6, 0x3,
0x0, 0x7, 0x9, 0xA };
return (((sb[b>>4])<<4)|(sb[b&0xf]));
}
#define SHR_O(a) c=(a)&1; (a)>>=1;
#define SHR_I(a) (a)=(c?0x8000:0x0000) | ((a)>>1);
static void p(uint16_t* o, uint8_t* i){
uint8_t c;
uint8_t m,n;
for(m=0; m<8; ++m){
for(n=0; n<2; ++n){
SHR_O(i[m]);
SHR_I(o[0]);
SHR_O(i[m]);
SHR_I(o[1]);
SHR_O(i[m]);
SHR_I(o[2]);
SHR_O(i[m]);
SHR_I(o[3]);
}
}
}
static void p_inv(uint8_t* o, uint8_t* i){
uint8_t tmp[8];
p((uint16_t*)tmp, i);
p((uint16_t*)o, tmp);
}
void present_init(const uint8_t* key, uint8_t keysize_b, present_ctx_t* ctx){
uint8_t tmp[2];
union __attribute__((packed)) {
uint8_t v8[10];
uint16_t v16[5];
uint64_t v64;
struct __attribute__((packed)) {
uint8_t padding;
union {
uint64_t v64;
uint16_t v16[4];
} y;
} x;
} b;
uint8_t i;
memcpy(b.v8, key, 10);
memcpy(&(ctx->k[0]), b.v8+2, 8);
for(i=1; i<32; ++i){
/* rotate buffer 19 right */
memcpy(tmp, b.v8, 2);
memmove(b.v8, b.v8+2, 8);
memcpy(b.v8+8, tmp, 2);
/* three shifts to do*/
tmp[1]=b.v8[0];
b.v64 >>= 3;
b.v16[4] >>= 3;
b.v8[9] |= tmp[1]<<5;
b.v8[7] |= tmp[0]<<5;
/* rotating done now substitution */
b.v8[9] = (sbox(b.v8[9])&0xF0) | ((b.v8[9])&0x0F);
/* xor with round counter */
b.x.y.v16[0] ^= (uint16_t)i<<7;
memcpy(&(ctx->k[i]), b.v8+2, 8);
}
}
void present_enc(void* buffer, present_ctx_t* ctx){
uint8_t i,j,tmp[8];
for(i=0; i<31; ++i){
*((uint64_t*)buffer) ^= ctx->k[i];
for(j=0; j<8; ++j){
tmp[j] = sbox(((uint8_t*)buffer)[j]);
}
p((uint16_t*)buffer, tmp);
}
*((uint64_t*)buffer) ^= ctx->k[31];
}
void present_dec(void* buffer, present_ctx_t* ctx){
uint8_t j,tmp[8];
int8_t i;
*((uint64_t*)buffer) ^= ctx->k[31];
for(i=30; i>=0; --i){
p_inv(tmp, (uint8_t*)buffer);
for(j=0; j<8; ++j){
((uint8_t*)buffer)[j] = sbox_inv(tmp[j]);
}
*((uint64_t*)buffer) ^= ctx->k[i];
}
}

146
present/present128.c Normal file
View File

@ -0,0 +1,146 @@
/* present128.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* present128.c
* a implementation of the PRESENT block-cipher
* author: Daniel Otte
* email: daniel.otte@rub.de
* license: GPLv3
*
* */
#include <string.h>
#include <stdint.h>
#include <avr/pgmspace.h>
#include "memxor.h"
#include "present_common.h"
#include "present128.h"
static
void key_update_128(uint8_t* buffer, uint8_t round){
uint8_t j;
uint8_t t8;
union __attribute__((packed)){
uint8_t v8[2];
uint16_t v16;
} tmp;
/* rotate buffer 67 right */
for(j=0; j<8; ++j){
tmp.v8[0] = buffer[j];
buffer[j] = buffer[j + 8];
buffer[j + 8] = tmp.v8[0];
}
j=0;
t8 = (uint16_t)buffer[15] << (5);
do{
tmp.v8[1] = buffer[j];
tmp.v16 >>= 3;
buffer[j] = tmp.v8[1] | t8;
t8 = tmp.v8[0] & 0xe0;
}while(++j<16);
/* rotating done now substitution */
buffer[0] = present_sbox(buffer[0]);
/* xor with round counter */
buffer[8] ^= round << 6;
buffer[7] ^= round >> 2;
}
static
void key_update_128_inv(uint8_t* buffer, uint8_t round){
uint8_t j;
uint8_t t8;
union __attribute__((packed)){
uint8_t v8[2];
uint16_t v16;
} tmp;
/* xor with round counter */
buffer[8] ^= round << 6;
buffer[7] ^= round >> 2;
/* rotating done now substitution */
buffer[0] = present_sbox_inv(buffer[0]);
/* rotate buffer 67 left */
for(j=0; j<8; ++j){
tmp.v8[0] = buffer[j];
buffer[j] = buffer[j + 8];
buffer[j + 8] = tmp.v8[0];
}
j=15;
t8 = (uint16_t)buffer[0] >> (5);
do{
tmp.v8[0] = buffer[j];
tmp.v16 <<= 3;
buffer[j] = tmp.v8[0] | t8;
t8 = tmp.v8[1] & 0x07;
}while(j--);
}
void present128_init(const uint8_t* key, uint8_t keysize_b, present128_ctx_t* ctx){
uint8_t i;
memcpy(ctx->fwd_key, key, 16);
memcpy(ctx->rev_key, key, 16);
for(i=1; i<32; ++i){
key_update_128(ctx->rev_key, i);
}
}
void present128_enc(void* buffer, present128_ctx_t* ctx){
present_generic_enc(buffer, (uint8_t*)ctx, 16, key_update_128);
}
void present128_dec(void* buffer, present128_ctx_t* ctx){
present_generic_dec(buffer, (uint8_t*)ctx, 16, key_update_128_inv);
}
/*
void present128_enc(void* buffer, present128_ctx_t* ctx){
uint8_t i,j,tmp[8], k[16];
memcpy(k, ctx->fwd_key, 16);
memxor(buffer, k, 8);
for(i=1; i<32; ++i){
j = 7;
do{
tmp[j] = present_sbox(((uint8_t*)buffer)[j]);
}while(j--);
present_p(buffer, tmp);
key_update_128(k, i);
memxor(buffer, k, 8);
}
}
void present128_dec(void* buffer, present128_ctx_t* ctx){
uint8_t j,tmp[8], k[16];
uint8_t i;
memcpy(k, ctx->rev_key, 16);
memxor(buffer, k, 8);
i = 31;
do{
present_p(tmp, buffer);
present_p(buffer, tmp);
j = 7;
do{
((uint8_t*)buffer)[j] = present_sbox_inv(((uint8_t*)buffer)[j]);
}while(j--);
key_update_128_inv(k, i);
memxor(buffer, k, 8);
}while(--i);
}
*/

35
present/present128.h Normal file
View File

@ -0,0 +1,35 @@
/* present128.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef PRESENT128_H_
#define PRESENT128_H_
#include <stdint.h>
typedef struct __attribute__((packed)) present128_ctx_st {
uint8_t fwd_key[16];
uint8_t rev_key[16];
} present128_ctx_t;
void present128_init(const uint8_t* key, uint8_t keysize_b, present128_ctx_t* ctx);
void present128_enc(void* buffer, present128_ctx_t* ctx);
void present128_dec(void* buffer, present128_ctx_t* ctx);
#endif /*PRESENT128_H_*/

145
present/present80.c Normal file
View File

@ -0,0 +1,145 @@
/* present80.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* present80.c
* a implementation of the PRESENT block-cipher
* author: Daniel Otte
* email: daniel.otte@rub.de
* license: GPLv3
*
* */
#include <string.h>
#include <stdint.h>
#include <avr/pgmspace.h>
#include "memxor.h"
#include "present_common.h"
#include "present80.h"
static
void key_update(uint8_t* buffer, uint8_t round){
uint8_t j;
union __attribute__((packed)){
uint8_t v8[2];
uint16_t v16;
} tmp;
/* rotate buffer 19 right */
tmp.v16 = ((uint16_t*)buffer)[4];
j=4;
do{
((uint16_t*)buffer)[j] = ((uint16_t*)buffer)[j-1];
}while(--j);
((uint16_t*)buffer)[0] = tmp.v16;
uint8_t t8;
j=0;
t8 = (uint16_t)buffer[9] << (5);
do{
tmp.v8[1] = buffer[j];
tmp.v16 >>= 3;
buffer[j] = tmp.v8[1] | t8;
t8 = tmp.v8[0] & 0xe0;
}while(++j<10);
/* rotating done now substitution */
buffer[0] = (present_sbox(buffer[0])&0xF0) | ((buffer[0])&0x0F);
/* xor with round counter */
buffer[8] ^= round << 7;
buffer[7] ^= round >> 1;
}
static
void key_update_inv(uint8_t* buffer, uint8_t round){
uint8_t j;
union __attribute__((packed)){
uint8_t v8[2];
uint16_t v16;
} tmp;
/* xor with round counter */
buffer[8] ^= round << 7;
buffer[7] ^= round >> 1;
/* rotating done now substitution */
buffer[0] = (present_sbox_inv(buffer[0])&0xF0) | ((buffer[0])&0x0F);
/* rotate buffer 19 left */
tmp.v16 = ((uint16_t*)buffer)[0];
j=0;
do{
((uint16_t*)buffer)[j] = ((uint16_t*)buffer)[j+1];
}while(++j<4);
((uint16_t*)buffer)[4] = tmp.v16;
uint8_t t8;
j=9;
t8 = (uint16_t)buffer[0] >> (5);
do{
tmp.v8[0] = buffer[j];
tmp.v16 <<= 3;
buffer[j] = tmp.v8[0] | t8;
t8 = tmp.v8[1] & 0x07;
}while(j--);
}
void present80_init(const uint8_t* key, uint8_t keysize_b, present80_ctx_t* ctx){
uint8_t i;
memcpy(ctx->fwd_key, key, 10);
memcpy(ctx->rev_key, key, 10);
for(i=1; i<32; ++i){
key_update(ctx->rev_key, i);
}
}
void present80_enc(void* buffer, present80_ctx_t* ctx){
present_generic_enc(buffer, (uint8_t*)ctx, 10, key_update);
}
void present80_dec(void* buffer, present80_ctx_t* ctx){
present_generic_dec(buffer, (uint8_t*)ctx, 10, key_update_inv);
}
/*
void present80_enc(void* buffer, present80_ctx_t* ctx){
uint8_t i,j,tmp[8], k[10];
memcpy(k, ctx->fwd_key, 10);
memxor(buffer, k, 8);
for(i=1; i<32; ++i){
j = 7;
do{
tmp[j] = present_sbox(((uint8_t*)buffer)[j]);
}while(j--);
present_p(buffer, tmp);
key_update(k, i);
memxor(buffer, k, 8);
}
}
void present80_dec(void* buffer, present80_ctx_t* ctx){
uint8_t j,tmp[8], k[10];
uint8_t i;
memcpy(k, ctx->rev_key, 10);
memxor(buffer, k, 8);
i = 31;
do{
present_p(tmp, buffer);
present_p(buffer, tmp);
j = 7;
do{
((uint8_t*)buffer)[j] = sbox_inv(((uint8_t*)buffer)[j]);
}while(j--);
key_update_inv(k, i);
memxor(buffer, k, 8);
}while(--i);
}
*/

34
present/present80.h Normal file
View File

@ -0,0 +1,34 @@
/* present.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef PRESENT80_COMMON_H_
#define PRESENT80_COMMON_H_
#include <stdint.h>
typedef struct __attribute__((packed)) present80_ctx_st {
uint8_t fwd_key[10];
uint8_t rev_key[10];
} present80_ctx_t;
void present80_init(const uint8_t* key, uint8_t keysize_b, present80_ctx_t* ctx);
void present80_enc(void* buffer, present80_ctx_t* ctx);
void present80_dec(void* buffer, present80_ctx_t* ctx);
#endif /*PRESENT80_H_*/

104
present/present_common.c Normal file
View File

@ -0,0 +1,104 @@
/* present_common.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* present_common.c
* a implementation of the PRESENT block-cipher
* author: Daniel Otte
* email: daniel.otte@rub.de
* license: GPLv3
*
* */
#include <string.h>
#include <stdint.h>
#include "memxor.h"
#include <avr/pgmspace.h>
uint8_t present_sbox(uint8_t b){
static const uint8_t sb[] PROGMEM = {
0xC, 0x5, 0x6, 0xB,
0x9, 0x0, 0xA, 0xD,
0x3, 0xE, 0xF, 0x8,
0x4, 0x7, 0x1, 0x2
};
return (pgm_read_byte(&sb[b >> 4]) << 4) | pgm_read_byte(&sb[b & 0xf]);
}
uint8_t present_sbox_inv(uint8_t b){
static const uint8_t sb[] PROGMEM = {
0x5, 0xE, 0xF, 0x8,
0xC, 0x1, 0x2, 0xD,
0xB, 0x4, 0x6, 0x3,
0x0, 0x7, 0x9, 0xA
};
return (pgm_read_byte(&sb[b >> 4]) << 4) | pgm_read_byte(&sb[b & 0xf]);
}
void present_p(uint8_t* o, uint8_t* i){
uint8_t m,n=0,idx=0;
for(m=0; m<64; ++m){
o[idx] <<= 1;
o[idx] |= i[n] >> 7;
i[n] <<= 1;
idx = (idx + 2) & 7;
if((m & 7) == 7){
++n;
}
if(m == 31){
idx += 1;
}
}
}
void present_generic_enc(void* buffer, uint8_t* ctx, uint8_t ksize_B,
void(*update)(uint8_t*, uint8_t)){
uint8_t i,j,tmp[8], k[ksize_B];
memcpy(k, ctx, ksize_B);
memxor(buffer, k, 8);
for(i=1; i<32; ++i){
j = 7;
do{
tmp[j] = present_sbox(((uint8_t*)buffer)[j]);
}while(j--);
present_p(buffer, tmp);
update(k, i);
memxor(buffer, k, 8);
}
}
void present_generic_dec(void* buffer, uint8_t* ctx, uint8_t ksize_B,
void(*update)(uint8_t*, uint8_t)){
uint8_t j,tmp[8], k[ksize_B];
uint8_t i;
memcpy(k, ctx + ksize_B, ksize_B);
memxor(buffer, k, 8);
i = 31;
do{
present_p(tmp, buffer);
present_p(buffer, tmp);
j = 7;
do{
((uint8_t*)buffer)[j] = present_sbox_inv(((uint8_t*)buffer)[j]);
}while(j--);
update(k, i);
memxor(buffer, k, 8);
}while(--i);
}

33
present/present_common.h Normal file
View File

@ -0,0 +1,33 @@
/* present_common.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef PRESENT_COMMON_H_
#define PRESENT_COMMON_H_
#include <stdint.h>
uint8_t present_sbox(uint8_t b);
uint8_t present_sbox_inv(uint8_t b);
void present_p(uint8_t* o, uint8_t* i);
void present_generic_enc(void* buffer, uint8_t* ctx, uint8_t ksize_B,
void(*update)(uint8_t*, uint8_t));
void present_generic_dec(void* buffer, uint8_t* ctx, uint8_t ksize_B,
void(*update)(uint8_t*, uint8_t));
#endif /*PRESENT_H_*/

103
present/present_speed.c Normal file
View File

@ -0,0 +1,103 @@
/* present.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* present.c
* a implementation of the PRESENT block-cipher
* author: Daniel Otte
* email: daniel.otte@rub.de
* license: GPLv3
*
* */
#include <string.h>
#include <stdint.h>
#include <avr/pgmspace.h>
#include "present_speed.h"
static
void key_update(uint8_t* buffer, uint8_t round){
uint8_t j;
union __attribute__((packed)){
uint8_t v8[2];
uint16_t v16;
} tmp;
/* rotate buffer 19 right */
tmp.v16 = ((uint16_t*)buffer)[4];
j=4;
do{
((uint16_t*)buffer)[j] = ((uint16_t*)buffer)[j-1];
}while(--j);
((uint16_t*)buffer)[0] = tmp.v16;
uint8_t t8;
j=0;
t8 = (uint16_t)buffer[9] << (5);
do{
tmp.v8[1] = buffer[j];
tmp.v16 >>= 3;
buffer[j] = tmp.v8[1] | t8;
t8 = tmp.v8[0] & 0xe0;
}while(++j<10);
/* rotating done now substitution */
buffer[0] = (present_sbox(buffer[0])&0xF0) | ((buffer[0])&0x0F);
/* xor with round counter */
buffer[8] ^= round << 7;
buffer[7] ^= round >> 1;
}
void present_init(const uint8_t* key, uint8_t keysize_b, present_ctx_t* ctx){
uint8_t i,key_buffer[10];
memcpy(key_buffer, key, 10);
memcpy(&(ctx->k[0]), key_buffer, 8);
for(i=1; i<32; ++i){
key_update(key_buffer, i);
memcpy(&(ctx->k[i]), key_buffer, 8);
}
}
void present_enc(void* buffer, present_ctx_t* ctx){
uint8_t i,j,tmp[8];
for(i=0; i<31; ++i){
*((uint64_t*)buffer) ^= ctx->k[i];
memxor(buffer, &ctx->k[i], 8);
j = 7;
do{
tmp[j] = present_sbox(((uint8_t*)buffer)[j]);
}while(j--);
present_p(buffer, tmp);
}
memxor(buffer, &ctx->k[31], 8);
}
void present_dec(void* buffer, present_ctx_t* ctx){
uint8_t j,tmp[8];
uint8_t i;
memxor(buffer, &ctx->k[31], 8);
i = 30;
do{
present_p(tmp, buffer);
present_p(buffer, tmp);
j = 7;
do{
((uint8_t*)buffer)[j] = present_sbox_inv(((uint8_t*)buffer)[j]);
}while(j--);
memxor(buffer, &ctx->k[i], 8);
}while(i--);
}

0
present/present.h → present/present_speed.h
View File

38
rsa/rsa_basic.c
View File

@ -39,7 +39,7 @@ void rsa_enc(bigint_t* data, rsa_publickey_t* key){
cli_putstr_P(PSTR("\r\n n = "));
bigint_print_hex(key->modulus);
*/
bigint_expmod_u(data, data, key->exponent, key->modulus);
bigint_expmod_u(data, data, &key->exponent, &key->modulus);
}
/*
@ -52,8 +52,8 @@ m = m2 + q * h
uint8_t rsa_dec_crt_mono(bigint_t* data, rsa_privatekey_t* key){
bigint_t m1, m2;
m1.wordv = malloc((key->components[0]->length_B + 1) * sizeof(bigint_word_t));
m2.wordv = malloc((key->components[1]->length_B + 1) * sizeof(bigint_word_t));
m1.wordv = malloc((key->components[0].length_B + 1) * sizeof(bigint_word_t));
m2.wordv = malloc((key->components[1].length_B + 1) * sizeof(bigint_word_t));
if(!m1.wordv || !m2.wordv){
#if DEBUG
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
@ -67,24 +67,24 @@ uint8_t rsa_dec_crt_mono(bigint_t* data, rsa_privatekey_t* key){
cli_putstr_P(PSTR("\r\nexpmod("));
bigint_print_hex(data);
cli_putc(',');
bigint_print_hex(key->components[2]);
bigint_print_hex(&(key->components[2]));
cli_putc(',');
bigint_print_hex(key->components[0]);
bigint_print_hex(&(key->components[0]));
cli_putstr_P(PSTR(") = "));
#endif
bigint_expmod_u(&m1, data, key->components[2], key->components[0]);
bigint_expmod_u(&m1, data, &(key->components[2]), &(key->components[0]));
#if DEBUG
bigint_print_hex(&m1);
cli_putstr_P(PSTR("expmod m2 ..."));
cli_putstr_P(PSTR("\r\nexpmod("));
bigint_print_hex(data);
cli_putc(',');
bigint_print_hex(key->components[3]);
bigint_print_hex(&(key->components[3]));
cli_putc(',');
bigint_print_hex(key->components[1]);
bigint_print_hex(&(key->components[1]));
cli_putstr_P(PSTR(") = "));
#endif
bigint_expmod_u(&m2, data, key->components[3], key->components[1]);
bigint_expmod_u(&m2, data, &(key->components[3]), &(key->components[1]));
#if DEBUG
bigint_print_hex(&m2);
cli_putstr_P(PSTR("\r\nDBG: sub ..."));
@ -105,44 +105,44 @@ uint8_t rsa_dec_crt_mono(bigint_t* data, rsa_privatekey_t* key){
cli_putstr_P(PSTR("\r\nDBG: to "));
bigint_print_hex(&m1);
#endif
bigint_add_s(&m1, &m1, key->components[0]);
bigint_add_s(&m1, &m1, &(key->components[0]));
}
#if DEBUG
cli_putstr_P(PSTR("\r\nDBG: reduce-mul ..."));
cli_putstr_P(PSTR("\r\nreduce("));
bigint_print_hex(&m1);
cli_putc(',');
bigint_print_hex(key->components[0]);
bigint_print_hex(&(key->components[0]));
cli_putstr_P(PSTR(") = "));
#endif
bigint_reduce(&m1, key->components[0]);
bigint_reduce(&m1, &(key->components[0]));
#if DEBUG
bigint_print_hex(&m1);
cli_putstr_P(PSTR("\r\nmul("));
bigint_print_hex(&m1);
cli_putc(',');
bigint_print_hex(key->components[4]);
bigint_print_hex(&(key->components[4]));
cli_putstr_P(PSTR(") = "));
#endif
bigint_mul_u(data, &m1, key->components[4]);
bigint_mul_u(data, &m1, &(key->components[4]));
#if DEBUG
bigint_print_hex(data);
cli_putstr_P(PSTR("\r\nreduce("));
bigint_print_hex(data);
cli_putc(',');
bigint_print_hex(key->components[0]);
bigint_print_hex(&(key->components[0]));
cli_putstr_P(PSTR(") = "));
#endif
bigint_reduce(data, key->components[0]);
bigint_reduce(data, &(key->components[0]));
#if DEBUG
bigint_print_hex(data);
cli_putstr_P(PSTR("\r\nmul("));
bigint_print_hex(data);
cli_putc(',');
bigint_print_hex(key->components[1]);
bigint_print_hex(&(key->components[1]));
cli_putstr_P(PSTR(") = "));
#endif
bigint_mul_u(data, data, key->components[1]);
bigint_mul_u(data, data, &(key->components[1]));
#if DEBUG
bigint_print_hex(data);
cli_putstr_P(PSTR("\r\nadd("));
@ -162,7 +162,7 @@ uint8_t rsa_dec_crt_mono(bigint_t* data, rsa_privatekey_t* key){
uint8_t rsa_dec(bigint_t* data, rsa_privatekey_t* key){
if(key->n == 1){
bigint_expmod_u(data, data, key->components[0], key->modulus);
bigint_expmod_u(data, data, &(key->components[0]), &key->modulus);
return 0;
}
if(key->n == 5){

8
rsa/rsa_basic.h
View File

@ -23,14 +23,14 @@
#include "bigint.h"
typedef struct {
bigint_t* exponent;
bigint_t* modulus;
bigint_t exponent;
bigint_t modulus;
} rsa_publickey_t;
typedef struct {
uint8_t n;
bigint_t* modulus;
bigint_t** components;
bigint_t modulus;
bigint_t* components;
} rsa_privatekey_t;

28
rsa/rsaes_oaep.c
View File

@ -63,16 +63,16 @@ uint8_t rsa_encrypt_oaep(void* dest, uint16_t* out_length,
label = &rsa_oaep_default_label;
}
uint16_t hv_len = (hfal_hash_getHashsize(p->hf)+7)/8;
if(length_B > bigint_length_B(key->modulus) - 2*hv_len - 2){
if(length_B > bigint_length_B(&key->modulus) - 2*hv_len - 2){
/* message too long */
return 1;
}
uint16_t buffer_len = bigint_length_B(key->modulus);
uint16_t buffer_len = bigint_length_B(&key->modulus);
#if DEBUG
cli_putstr("\r\n buffer_len = ");
cli_hexdump_rev(&buffer_len, 2);
cli_putstr("\r\n modulus_len = ");
cli_hexdump_rev(&key->modulus->length_B, 2);
cli_hexdump_rev(&key->modulus.length_B, 2);
#endif
uint8_t* buffer = (uint8_t*)dest;
uint8_t off;
@ -80,7 +80,7 @@ uint8_t rsa_encrypt_oaep(void* dest, uint16_t* out_length,
* off is the offset which is used for compensating the effect of
* changeendian() when it operates on multi-byte words.
* */
off = (sizeof(bigint_word_t) - (bigint_get_first_set_bit(key->modulus)/8+1) % sizeof(bigint_word_t))
off = (sizeof(bigint_word_t) - (bigint_get_first_set_bit(&key->modulus)/8+1) % sizeof(bigint_word_t))
% (sizeof(bigint_word_t));
buffer += off;
buffer_len -= off;
@ -110,7 +110,7 @@ uint8_t rsa_encrypt_oaep(void* dest, uint16_t* out_length,
}
#if DEBUG
cli_putstr("\r\n msg (raw, pre-feistel):\r\n");
cli_hexdump_block(dest, bigint_length_B(key->modulus), 4, 16);
cli_hexdump_block(dest, bigint_length_B(&key->modulus), 4, 16);
#endif
p->mgf(maskbuffer, seed_buffer, hv_len, db_len, p->mgf_parameter);
memxor(db, maskbuffer, db_len);
@ -118,13 +118,13 @@ uint8_t rsa_encrypt_oaep(void* dest, uint16_t* out_length,
memxor(seed_buffer, maskbuffer, hv_len);
#if DEBUG
cli_putstr("\r\n msg (raw, post-feistel):\r\n");
cli_hexdump_block(dest, bigint_length_B(key->modulus), 4, 16);
cli_hexdump_block(dest, bigint_length_B(&key->modulus), 4, 16);
#endif
x.info = 0;
x.length_B = key->modulus->length_B;
x.length_B = key->modulus.length_B;
x.wordv = dest;
bigint_adjust(&x);
rsa_os2ip(&x, NULL, bigint_length_B(key->modulus));
rsa_os2ip(&x, NULL, bigint_length_B(&key->modulus));
#if DEBUG
cli_putstr("\r\ninput-msg (pre enc):\r\n");
cli_hexdump_rev(&src, 2);
@ -156,27 +156,27 @@ uint8_t rsa_decrypt_oaep(void* dest, uint16_t* out_length,
bigint_t x;
uint16_t hv_len = hfal_hash_getHashsize(p->hf)/8;
uint8_t label_hv[hv_len];
uint16_t msg_len = bigint_get_first_set_bit(key->modulus) / 8 + 1;
uint16_t msg_len = bigint_get_first_set_bit(&key->modulus) / 8 + 1;
uint16_t db_len = msg_len - hv_len - 1;
uint8_t maskbuffer[db_len>hv_len?db_len:hv_len];
uint8_t *seed_buffer = dest;
uint8_t *db_buffer = seed_buffer + hv_len;
x_len = bigint_get_first_set_bit(key->modulus)/8;
memset(dest, 0, bigint_length_B(key->modulus) - length_B);
memcpy((uint8_t*)dest + bigint_length_B(key->modulus) - length_B, src, length_B);
x_len = bigint_get_first_set_bit(&key->modulus)/8;
memset(dest, 0, bigint_length_B(&key->modulus) - length_B);
memcpy((uint8_t*)dest + bigint_length_B(&key->modulus) - length_B, src, length_B);
// cli_putc('a'); uart_flush(0);
x.wordv = dest;
x.length_B = key->modulus->length_B;
x.length_B = key->modulus.length_B;
x.info = 0;
bigint_adjust(&x);
// cli_putc('b'); uart_flush(0);
rsa_os2ip(&x, NULL, bigint_length_B(key->modulus));
rsa_os2ip(&x, NULL, bigint_length_B(&key->modulus));
#if DEBUG
cli_putstr_P(PSTR("\r\n rsa decrypting ..."));
#endif

2
rsa/rsaes_pkcs1v15.c
View File

@ -41,7 +41,7 @@ uint8_t rsa_encrypt_pkcs1v15(void* dest, uint16_t* out_length, const void* src,
uint16_t length_B, rsa_publickey_t* key, const void* pad){
int16_t pad_length;
bigint_t x;
pad_length = rsa_pkcs1v15_compute_padlength_B(key->modulus, length_B);
pad_length = rsa_pkcs1v15_compute_padlength_B(&key->modulus, length_B);
if(pad_length<8){
#if DEBUG
cli_putstr_P(PSTR("\r\nERROR: pad_length<8; pad_length: "));

89
test_src/main-present-test.c
View File

@ -26,12 +26,14 @@
#include "uart_i.h"
#include "debug.h"
#include <present.h>
#include <present80.h>
#include <present128.h>
#include "cli.h"
#include "performance_test.h"
#include "bcal-performance.h"
#include "bcal-nessie.h"
#include "bcal_present.h"
#include "bcal_present80.h"
#include "bcal_present128.h"
#include <stdlib.h>
#include <stdint.h>
@ -40,56 +42,85 @@
char* algo_name = "Present";
const bcdesc_t* const algolist[] PROGMEM = {
(bcdesc_t*)&present_desc,
(bcdesc_t*)&present80_desc,
(bcdesc_t*)&present128_desc,
NULL
};
/*****************************************************************************
* additional validation-functions *
*****************************************************************************/
void present_genctx_dummy(uint8_t* key, uint16_t keysize_b, present_ctx_t* ctx){
present_init(key, keysize_b, ctx);
}
void testrun_nessie_present(void){
bcal_nessie_multiple(algolist);
}
void testrun_selfenc(uint8_t* key, uint8_t* buffer){
present_ctx_t ctx;
present80_ctx_t ctx;
cli_putstr_P(PSTR("\r\nkey : "));
cli_hexdump(key, 10);
cli_putstr_P(PSTR("\r\nplain : "));
cli_hexdump(buffer, 8);
present_init(key, 80, &ctx);
present_enc(buffer, &ctx);
present80_init(key, 80, &ctx);
present80_enc(buffer, &ctx);
cli_putstr_P(PSTR("\r\ncipher: "));
cli_hexdump(buffer, 8);
present_dec(buffer, &ctx);
present80_dec(buffer, &ctx);
cli_putstr_P(PSTR("\r\nplain : "));
cli_hexdump(buffer, 8);
cli_putstr_P(PSTR("\r\n"));
}
void testrun_selfenc_128(uint8_t* key, uint8_t* buffer){
present128_ctx_t ctx;
cli_putstr_P(PSTR("\r\nkey : "));
cli_hexdump(key, 16);
cli_putstr_P(PSTR("\r\nplain : "));
cli_hexdump(buffer, 8);
present128_init(key, 128, &ctx);
present128_enc(buffer, &ctx);
cli_putstr_P(PSTR("\r\ncipher: "));
cli_hexdump(buffer, 8);
present128_dec(buffer, &ctx);
cli_putstr_P(PSTR("\r\nplain : "));
cli_hexdump(buffer, 8);
cli_putstr_P(PSTR("\r\n"));
}
// void present_key_test(const uint8_t* key);
void testrun_self_present(void){
uint8_t buffer[8], key[10];
uint8_t buffer[8], key[10], i;
cli_putstr_P(PSTR("\r\n\r\n=== Testvectors from the paper ===\r\n"));
memset(buffer, 0, 8);
memset(key, 0, 10);
for(i=0; i<4; ++i){
memset(buffer, (i&2)?0xff:0x00, 8);
memset(key, (i&1)?0xff:0x00, 10);
testrun_selfenc(key, buffer);
}
memset(buffer, 0x00, 8);
memset(key, 0x00, 10);
key[0] = 0x80;
testrun_selfenc(key, buffer);
memset(buffer, 0, 8);
memset(key, 0xFF, 10);
testrun_selfenc(key, buffer);
memset(buffer, 0xFF, 8);
memset(key, 0, 10);
testrun_selfenc(key, buffer);
memset(buffer, 0xFF, 8);
memset(key, 0xFF, 10);
testrun_selfenc(key, buffer);
// present_key_test(key);
}
void testrun_self_present_128(void){
uint8_t buffer[8], key[16], i;
cli_putstr_P(PSTR("\r\n\r\n=== Testvectors from the paper ===\r\n"));
for(i=0; i<4; ++i){
memset(buffer, (i&2)?0xff:0x00, 8);
memset(key, (i&1)?0xff:0x00, 16);
testrun_selfenc_128(key, buffer);
}
memset(buffer, 0x00, 8);
memset(key, 0x00, 16);
key[0] = 0x80;
testrun_selfenc_128(key, buffer);
// present_key_test(key);
}
void testrun_performance_present(void){
@ -102,12 +133,14 @@ void testrun_performance_present(void){
const char nessie_str[] PROGMEM = "nessie";
const char test_str[] PROGMEM = "test";
const char test_128_str[] PROGMEM = "test-128";
const char performance_str[] PROGMEM = "performance";
const char echo_str[] PROGMEM = "echo";
const cmdlist_entry_t cmdlist[] PROGMEM = {
{ nessie_str, NULL, testrun_nessie_present},
{ test_str, NULL, testrun_self_present},
{ test_128_str, NULL, testrun_self_present_128},
{ performance_str, NULL, testrun_performance_present},
{ echo_str, (void*)1, (void_fpt)echo_ctrl},
{ NULL, NULL, NULL}

162
test_src/main-rsaes_oaep-test.c
View File

@ -430,48 +430,24 @@ uint8_t read_bigint(bigint_t* a, char* prompt){
}
uint8_t pre_alloc_key_crt(void){
uint8_t c;
pub_key.modulus = malloc(sizeof(bigint_t));
if(!pub_key.modulus){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return 2;
}
priv_key.modulus = pub_key.modulus;
priv_key.n = 5;
priv_key.components = malloc(5 * sizeof(bigint_t*));
priv_key.components = malloc(5 * sizeof(bigint_t));
if(!priv_key.components){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return 2;
}
pub_key.exponent = malloc(sizeof(bigint_t));
if(!pub_key.exponent){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return 2;
}
for(c=0; c<5; ++c){
priv_key.components[c] = malloc(sizeof(bigint_t));
if(!priv_key.components[c]){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return 2;
}
}
return 0;
}
void free_key(void){
uint8_t c;
free(pub_key.modulus->wordv);
free(pub_key.exponent->wordv);
free(pub_key.modulus);
pub_key.modulus = priv_key.modulus = NULL;
free(pub_key.exponent);
pub_key.exponent = NULL;
free(pub_key.modulus.wordv);
free(pub_key.exponent.wordv);
for(c = 0; c < priv_key.n; ++c){
free(priv_key.components[c]->wordv);
free(priv_key.components[c]);
free(priv_key.components[c].wordv);
}
free(priv_key.components);
priv_key.components = NULL;
keys_allocated = 0;
}
uint8_t read_key_crt(void){
@ -479,109 +455,41 @@ uint8_t read_key_crt(void){
cli_putstr_P(PSTR("\r\n== reading key (crt) =="));
r = pre_alloc_key_crt();
if(r) return r;
r = read_bigint(pub_key.modulus,"\r\n = module =");
r = read_bigint(&pub_key.modulus,"\r\n = module =");
if(r) return r;
r = read_bigint(pub_key.exponent,"\r\n = public exponent =");
memcpy(&priv_key.modulus, &pub_key.modulus, sizeof(bigint_t));
r = read_bigint(&pub_key.exponent,"\r\n = public exponent =");
if(r) return r;
r = read_bigint(priv_key.components[0],"\r\n = p (first prime) =");
r = read_bigint(&(priv_key.components[0]),"\r\n = p (first prime) =");
if(r) return r;
r = read_bigint(priv_key.components[1],"\r\n = q (second prime) =");
r = read_bigint(&(priv_key.components[1]),"\r\n = q (second prime) =");
if(r) return r;
r = read_bigint(priv_key.components[2],"\r\n = dp (p's exponent) =");
r = read_bigint(&(priv_key.components[2]),"\r\n = dp (p's exponent) =");
if(r) return r;
r = read_bigint(priv_key.components[3],"\r\n = dq (q's exponent) =");
r = read_bigint(&(priv_key.components[3]),"\r\n = dq (q's exponent) =");
if(r) return r;
r = read_bigint(priv_key.components[4],"\r\n = qInv (q' coefficient) =");
r = read_bigint(&(priv_key.components[4]),"\r\n = qInv (q' coefficient) =");
return r;
}
uint8_t read_key_conv(void){
uint8_t r;
cli_putstr_P(PSTR("\r\n== reading key (crt) =="));
pub_key.modulus = malloc(sizeof(bigint_t));
if(!pub_key.modulus){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return 2;
}
r = read_bigint(pub_key.modulus,"\r\n = module =");
if(r) return r;
priv_key.modulus = pub_key.modulus;
priv_key.n = 1;
pub_key.exponent = malloc(sizeof(bigint_t));
if(!pub_key.exponent){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return 2;
}
priv_key.components = malloc(sizeof(bigint_t*));
priv_key.components = malloc(sizeof(bigint_t));
if(!priv_key.components){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return 2;
}
priv_key.components[0] = malloc(sizeof(bigint_t));
if(!priv_key.components[0]){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return 2;
}
r = read_bigint(pub_key.exponent,"\r\n = public exponent =");
cli_putstr_P(PSTR("\r\n== reading key (conv) =="));
r = read_bigint(&pub_key.modulus,"\r\n = module =");
if(r) return r;
r = read_bigint(priv_key.components[0],"\r\n = private exponent =");
memcpy(&priv_key.modulus, &pub_key.modulus, sizeof(bigint_t));
priv_key.n = 1;
r = read_bigint(&pub_key.exponent,"\r\n = public exponent =");
if(r) return r;
r = read_bigint(priv_key.components,"\r\n = private exponent =");
return r;
}
void load_priv_conventional(void){
bigint_t *epriv;
epriv = malloc(sizeof(bigint_t));
if(!epriv){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return;
}
epriv->length_B = (sizeof(PRIV_EXPONENT) + sizeof(bigint_word_t) - 1) / sizeof(bigint_word_t);
epriv->wordv = malloc(epriv->length_B * sizeof(bigint_word_t));
if(!epriv->wordv){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return;
}
memcpy(epriv->wordv, PRIV_EXPONENT, sizeof(PRIV_EXPONENT));
priv_key.components = malloc(sizeof(bigint_t*));
priv_key.components[0] = epriv;
priv_key.n = 1;
bigint_changeendianess(epriv);
bigint_adjust(epriv);
}
void load_priv_crt_mono(void){
bigint_t **v;
const uint8_t *bv[5] = {P,Q,DP,DQ,QINV};
uint16_t sv[5] = {sizeof(P), sizeof(Q), sizeof(DP), sizeof(DQ), sizeof(QINV)};
uint8_t i;
v = malloc(5 * sizeof(bigint_t));
if(!v){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return;
}
priv_key.components = malloc(5*sizeof(bigint_t*));
if(!priv_key.components){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return;
}
priv_key.n = 5;
for(i=0; i<5; ++i){
v[i] = malloc(sizeof(bigint_t));
v[i]->info = 0;
v[i]->length_B = (sv[i] + sizeof(bigint_word_t) - 1) / sizeof(bigint_word_t);
v[i]->wordv = calloc(v[i]->length_B , sizeof(bigint_word_t));
if(!v[i]->wordv){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return;
}
memcpy(v[i]->wordv, bv[i], sv[i]);
bigint_changeendianess(v[i]);
bigint_adjust(v[i]);
priv_key.components[i] = v[i];
}
}
uint8_t load_bigint_from_os(bigint_t* a, PGM_VOID_P os, uint16_t length_B){
a->length_B = BIGINT_CEIL(length_B) / sizeof(bigint_word_t);
a->wordv = malloc(BIGINT_CEIL(length_B));
@ -608,25 +516,23 @@ void load_fix_rsa(void){
return;
}
load_bigint_from_os(pub_key.modulus, MODULUS, sizeof(MODULUS));
load_bigint_from_os(pub_key.exponent, PUB_EXPONENT, sizeof(PUB_EXPONENT));
load_bigint_from_os(&pub_key.modulus, MODULUS, sizeof(MODULUS));
memcpy(&priv_key.modulus, &pub_key.modulus, sizeof(bigint_t));
load_bigint_from_os(&pub_key.exponent, PUB_EXPONENT, sizeof(PUB_EXPONENT));
priv_key.n = 5;
load_bigint_from_os(priv_key.components[0], P, sizeof(P));
load_bigint_from_os(priv_key.components[1], Q, sizeof(Q));
load_bigint_from_os(priv_key.components[2], DP, sizeof(DP));
load_bigint_from_os(priv_key.components[3], DQ, sizeof(DQ));
load_bigint_from_os(priv_key.components[4], QINV, sizeof(QINV));
// load_priv_conventional();
// load_priv_crt_mono();
load_bigint_from_os(&(priv_key.components[0]), P, sizeof(P));
load_bigint_from_os(&(priv_key.components[1]), Q, sizeof(Q));
load_bigint_from_os(&(priv_key.components[2]), DP, sizeof(DP));
load_bigint_from_os(&(priv_key.components[3]), DQ, sizeof(DQ));
load_bigint_from_os(&(priv_key.components[4]), QINV, sizeof(QINV));
}
void quick_test(void){
uint8_t *ciphertext, *plaintext, rc;
uint8_t seed[sizeof(SEED)];
uint16_t clen, plen;
ciphertext = malloc(clen = pub_key.modulus->length_B * sizeof(bigint_word_t));
plaintext = malloc(pub_key.modulus->length_B * sizeof(bigint_word_t));
ciphertext = malloc(clen = pub_key.modulus.length_B * sizeof(bigint_word_t));
plaintext = malloc(pub_key.modulus.length_B * sizeof(bigint_word_t));
memcpy_P(plaintext, MSG, sizeof(MSG));
memcpy_P(seed, SEED, sizeof(SEED));
cli_putstr_P(PSTR("\r\nplaintext:"));
@ -681,12 +587,12 @@ void run_seed_test(void){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return;
}
ciph = malloc(bigint_length_B(pub_key.modulus));
ciph = malloc(bigint_length_B(&pub_key.modulus));
if(!ciph){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return;
}
msg_ = malloc(bigint_length_B(pub_key.modulus) + sizeof(bigint_word_t));
msg_ = malloc(bigint_length_B(&pub_key.modulus) + sizeof(bigint_word_t));
if(!msg_){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return;
@ -764,7 +670,7 @@ void test_dump(void){
cli_putstr_P(PSTR("\r\ndumping 0x"));
cli_hexdump_rev(&len, 2);
cli_putstr_P(PSTR(" byte:"));
cli_hexdump_block(pub_key.modulus->wordv, len, 4, 8);
cli_hexdump_block(pub_key.modulus.wordv, len, 4, 8);
}
/*****************************************************************************

117
test_src/main-rsaes_pkcs1v15-test.c
View File

@ -247,6 +247,106 @@ uint8_t read_bigint(bigint_t* a, char* prompt){
return 0;
}
uint8_t pre_alloc_key_crt(void){
priv_key.n = 5;
priv_key.components = malloc(5 * sizeof(bigint_t));
if(!priv_key.components){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return 2;
}
return 0;
}
void free_key(void){
uint8_t c;
free(pub_key.modulus.wordv);
free(pub_key.exponent.wordv);
for(c = 0; c < priv_key.n; ++c){
free(priv_key.components[c].wordv);
}
free(priv_key.components);
keys_allocated = 0;
}
uint8_t read_key_crt(void){
uint8_t r;
cli_putstr_P(PSTR("\r\n== reading key (crt) =="));
r = pre_alloc_key_crt();
if(r) return r;
r = read_bigint(&pub_key.modulus,"\r\n = module =");
if(r) return r;
memcpy(&priv_key.modulus, &pub_key.modulus, sizeof(bigint_t));
r = read_bigint(&pub_key.exponent,"\r\n = public exponent =");
if(r) return r;
r = read_bigint(&(priv_key.components[0]),"\r\n = p (first prime) =");
if(r) return r;
r = read_bigint(&(priv_key.components[1]),"\r\n = q (second prime) =");
if(r) return r;
r = read_bigint(&(priv_key.components[2]),"\r\n = dp (p's exponent) =");
if(r) return r;
r = read_bigint(&(priv_key.components[3]),"\r\n = dq (q's exponent) =");
if(r) return r;
r = read_bigint(&(priv_key.components[4]),"\r\n = qInv (q' coefficient) =");
return r;
}
uint8_t read_key_conv(void){
uint8_t r;
priv_key.components = malloc(sizeof(bigint_t));
if(!priv_key.components){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return 2;
}
cli_putstr_P(PSTR("\r\n== reading key (conv) =="));
r = read_bigint(&pub_key.modulus,"\r\n = module =");
if(r) return r;
memcpy(&priv_key.modulus, &pub_key.modulus, sizeof(bigint_t));
priv_key.n = 1;
r = read_bigint(&pub_key.exponent,"\r\n = public exponent =");
if(r) return r;
r = read_bigint(priv_key.components,"\r\n = private exponent =");
return r;
}
uint8_t load_bigint_from_os(bigint_t* a, PGM_VOID_P os, uint16_t length_B){
a->length_B = BIGINT_CEIL(length_B) / sizeof(bigint_word_t);
a->wordv = malloc(BIGINT_CEIL(length_B));
if(!a->wordv){
cli_putstr_P(PSTR("\r\nOOM!\r\n"));
return 1;
}
memset(a->wordv, 0, sizeof(bigint_word_t));
memcpy_P((uint8_t*)a->wordv + BIGINT_OFF(length_B), os, length_B);
a->info = 0;
bigint_changeendianess(a);
bigint_adjust(a);
return 0;
}
void load_fix_rsa(void){
if(keys_allocated){
free_key();
}
keys_allocated = 1;
if(pre_alloc_key_crt()){
cli_putstr_P(PSTR("\r\nOOM!\r\n"));
return;
}
load_bigint_from_os(&pub_key.modulus, MODULUS, sizeof(MODULUS));
memcpy(&priv_key.modulus, &pub_key.modulus, sizeof(bigint_t));
load_bigint_from_os(&pub_key.exponent, PUB_EXPONENT, sizeof(PUB_EXPONENT));
priv_key.n = 5;
load_bigint_from_os(&(priv_key.components[0]), P, sizeof(P));
load_bigint_from_os(&(priv_key.components[1]), Q, sizeof(Q));
load_bigint_from_os(&(priv_key.components[2]), DP, sizeof(DP));
load_bigint_from_os(&(priv_key.components[3]), DQ, sizeof(DQ));
load_bigint_from_os(&(priv_key.components[4]), QINV, sizeof(QINV));
}
/*
uint8_t pre_alloc_key_crt(void){
uint8_t c;
pub_key.modulus = malloc(sizeof(bigint_t));
@ -459,6 +559,7 @@ void load_fix_rsa(void){
// load_priv_conventional();
// load_priv_crt_mono();
}
*/
void quick_test(void){
uint8_t *ciphertext, *plaintext, rc;
@ -467,8 +568,8 @@ void quick_test(void){
if(!keys_allocated){
load_fix_rsa();
}
ciphertext = malloc(clen = pub_key.modulus->length_B * sizeof(bigint_word_t));
plaintext = malloc(pub_key.modulus->length_B * sizeof(bigint_word_t));
ciphertext = malloc(clen = bigint_length_B(&pub_key.modulus));
plaintext = malloc(clen);
memcpy_P(plaintext, MSG, sizeof(MSG));
memcpy_P(seed, SEED, sizeof(SEED));
cli_putstr_P(PSTR("\r\nplaintext:"));
@ -525,7 +626,7 @@ void run_seed_test(void){
cli_putstr_P(PSTR("\r\n length: "));
cli_getsn(read_int_str, 16);
msg_len = own_atou(read_int_str);
seed_len = rsa_pkcs1v15_compute_padlength_B(pub_key.modulus, msg_len);
seed_len = rsa_pkcs1v15_compute_padlength_B(&pub_key.modulus, msg_len);
seed = malloc(seed_len);
#if DEBUG
cli_putstr_P(PSTR("\r\nDBG: @seed: 0x"));
@ -553,7 +654,7 @@ void run_seed_test(void){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return;
}
ciph = malloc(bigint_length_B(pub_key.modulus));
ciph = malloc(bigint_length_B(&pub_key.modulus));
#if DEBUG
cli_putstr_P(PSTR("\r\nDBG: @ciph: 0x"));
cli_hexdump_rev(&ciph, 2);
@ -562,7 +663,7 @@ void run_seed_test(void){
cli_putstr_P(PSTR("\r\nERROR: OOM!"));
return;
}
msg_ = malloc(bigint_length_B(pub_key.modulus) + sizeof(bigint_word_t));
msg_ = malloc(bigint_length_B(&pub_key.modulus) + sizeof(bigint_word_t));
#if DEBUG
cli_putstr_P(PSTR("\r\nDBG: @msg_: 0x"));
cli_hexdump_rev(&msg_, 2);
@ -587,14 +688,14 @@ void run_seed_test(void){
*/
#if DEBUG
cli_putstr_P(PSTR("\r\n first prime:"));
bigint_print_hex(priv_key.components[0]);
bigint_print_hex(&priv_key.components[0]);
#endif
rsa_encrypt_pkcs1v15(ciph, &ciph_len, msg, msg_len, &pub_key, seed);
cli_putstr_P(PSTR("\r\n ciphertext:"));
cli_hexdump_block(ciph, ciph_len, 4, 16);
#if DEBUG
cli_putstr_P(PSTR("\r\n first prime:"));
bigint_print_hex(priv_key.components[0]);
bigint_print_hex(&priv_key.components[0]);
#endif
cli_putstr_P(PSTR("\r\n decrypting ... "));
@ -671,7 +772,7 @@ void test_dump(void){
cli_putstr_P(PSTR("\r\ndumping 0x"));
cli_hexdump_rev(&len, 2);
cli_putstr_P(PSTR(" byte:"));
cli_hexdump_block(pub_key.modulus->wordv, len, 4, 8);
cli_hexdump_block(pub_key.modulus.wordv, len, 4, 8);
}
/*****************************************************************************

6338
testvectors/present/nessie-present-128_le.txt Normal file
View File

File diff suppressed because it is too large Load Diff

5666
testvectors/present/nessie-present-80_le.txt Normal file
View File

File diff suppressed because it is too large Load Diff