diff --git a/Makefile b/Makefile index ff74790..7ff77d8 100644 --- a/Makefile +++ b/Makefile @@ -1,16 +1,27 @@ -PRG = camellia +PRG = tdes-test # camellia # cryptotest - OBJ = main-camellia-test.o debug.o uart.o serial-tools.o camellia.o camellia-asm.o -# main-skipjack-test.o debug.o uart.o serial-tools.o skipjack.o -# main-sha1-test.o debug.o uart.o serial-tools.o sha1-asm.o -# main-md5-test.o debug.o uart.o serial-tools.o md5.o -# main-cast5-test.o debug.o uart.o serial-tools.o cast5.o -# OBJ = main-rc6-test.o debug.o uart.o serial-tools.o rc6.o -# main.o debug.o uart.o serial-tools.o sha256-asm.o xtea-asm.o arcfour-asm.o prng.o cast5.o +CAMELLIA_OBJ = main-camellia-test.o debug.o uart.o serial-tools.o camellia.o camellia-asm.o +SKIPJACK_OBJ = main-skipjack-test.o debug.o uart.o serial-tools.o skipjack.o +SHA1_OBJ = main-sha1-test.o debug.o uart.o serial-tools.o sha1-asm.o +MD5_OBJ = main-md5-test.o debug.o uart.o serial-tools.o md5.o +CAST5_OBJ = main-cast5-test.o debug.o uart.o serial-tools.o cast5.o +RC6_OBJ = main-rc6-test.o debug.o uart.o serial-tools.o rc6.o +Multi_OBJ = main.o debug.o uart.o serial-tools.o sha256-asm.o xtea-asm.o arcfour-asm.o prng.o cast5.o +DES_OBJ = main-des-test.o debug.o uart.o serial-tools.o des.o +TDES_OBJ = main-tdes-test.o debug.o uart.o serial-tools.o des.o +SEED_OBJ = main-seed-test.o debug.o uart.o serial-tools.o seed.o seed-asm.o +SHABEA_OBJ = main-shabea-test.o debug.o uart.o serial-tools.o shabea.o sha256-asm.o + +OBJ = $(TDES_OBJ) MCU_TARGET = atmega32 OPTIMIZE = -Os +FLASHCMD = avrdude -p $(MCU_TARGET) -P /dev/ttyUSB0 -c avr911 -U flash:w:$(PRG).hex +# -U eeprom:w:$(PRG)_eeprom.hex +#uisp -dprog=bsd -dlpt=/dev/parport1 --upload if=$(PRG).hex +ERASECMD = + DEFS = LIBS = @@ -20,7 +31,7 @@ CC = avr-gcc # Override is only needed by avr-lib build system. -override CFLAGS = -Wall -Wstrict-prototypes $(OPTIMIZE) -mmcu=$(MCU_TARGET) +override CFLAGS = -pedantic -std=c99 -Wall -Wstrict-prototypes $(OPTIMIZE) -mmcu=$(MCU_TARGET) $(DEFS) override LDFLAGS = -Wl,-Map,$(PRG).map override ASFLAGS = -mmcu=$(MCU_TARGET) @@ -39,6 +50,10 @@ clean: rm -rf *.o $(PRG).elf *.eps *.png *.pdf *.bak rm -rf *.lst *.map $(EXTRA_CLEAN_FILES) +flash: + $(ERASECMD) + $(FLASHCMD) + lst: $(PRG).lst %.lst: %.elf diff --git a/config.h b/config.h index f7013d3..5586a32 100644 --- a/config.h +++ b/config.h @@ -2,13 +2,13 @@ #define __CONFIG_H__ #include -#define F_CPU 16000000 // Oszillator-Frequenz in Hz +#define F_CPU 16000000 /* Oszillator-Frequenz in Hz */ #define DEBUG uart -//c uart.[ch] defines +/* uart.[ch] defines */ #define UART_INTERRUPT 1 -#define UART_BAUD_RATE 38400 +#define UART_BAUD_RATE 9600 #define UART_RXBUFSIZE 16 #define UART_TXBUFSIZE 16 #define UART_LINE_BUFFER_SIZE 40 diff --git a/des.c b/des.c new file mode 100644 index 0000000..0a47906 --- /dev/null +++ b/des.c @@ -0,0 +1,371 @@ +/** + * \file des.c + * \author Daniel Otte + * \date 2007-06-16 + * \brief DES and EDE-DES implementation + * \par License + * GPL + * + */ +#include "config.h" +#include "debug.h" +#include "uart.h" +#include +#include +#include + +prog_uint8_t sbox[256] = { + /* S-box 1 */ + 0xE4, 0xD1, 0x2F, 0xB8, 0x3A, 0x6C, 0x59, 0x07, + 0x0F, 0x74, 0xE2, 0xD1, 0xA6, 0xCB, 0x95, 0x38, + 0x41, 0xE8, 0xD6, 0x2B, 0xFC, 0x97, 0x3A, 0x50, + 0xFC, 0x82, 0x49, 0x17, 0x5B, 0x3E, 0xA0, 0x6D, + /* S-box 2 */ + 0xF1, 0x8E, 0x6B, 0x34, 0x97, 0x2D, 0xC0, 0x5A, + 0x3D, 0x47, 0xF2, 0x8E, 0xC0, 0x1A, 0x69, 0xB5, + 0x0E, 0x7B, 0xA4, 0xD1, 0x58, 0xC6, 0x93, 0x2F, + 0xD8, 0xA1, 0x3F, 0x42, 0xB6, 0x7C, 0x05, 0xE9, + /* S-box 3 */ + 0xA0, 0x9E, 0x63, 0xF5, 0x1D, 0xC7, 0xB4, 0x28, + 0xD7, 0x09, 0x34, 0x6A, 0x28, 0x5E, 0xCB, 0xF1, + 0xD6, 0x49, 0x8F, 0x30, 0xB1, 0x2C, 0x5A, 0xE7, + 0x1A, 0xD0, 0x69, 0x87, 0x4F, 0xE3, 0xB5, 0x2C, + /* S-box 4 */ + 0x7D, 0xE3, 0x06, 0x9A, 0x12, 0x85, 0xBC, 0x4F, + 0xD8, 0xB5, 0x6F, 0x03, 0x47, 0x2C, 0x1A, 0xE9, + 0xA6, 0x90, 0xCB, 0x7D, 0xF1, 0x3E, 0x52, 0x84, + 0x3F, 0x06, 0xA1, 0xD8, 0x94, 0x5B, 0xC7, 0x2E, + /* S-box 5 */ + 0x2C, 0x41, 0x7A, 0xB6, 0x85, 0x3F, 0xD0, 0xE9, + 0xEB, 0x2C, 0x47, 0xD1, 0x50, 0xFA, 0x39, 0x86, + 0x42, 0x1B, 0xAD, 0x78, 0xF9, 0xC5, 0x63, 0x0E, + 0xB8, 0xC7, 0x1E, 0x2D, 0x6F, 0x09, 0xA4, 0x53, + /* S-box 6 */ + 0xC1, 0xAF, 0x92, 0x68, 0x0D, 0x34, 0xE7, 0x5B, + 0xAF, 0x42, 0x7C, 0x95, 0x61, 0xDE, 0x0B, 0x38, + 0x9E, 0xF5, 0x28, 0xC3, 0x70, 0x4A, 0x1D, 0xB6, + 0x43, 0x2C, 0x95, 0xFA, 0xBE, 0x17, 0x60, 0x8D, + /* S-box 7 */ + 0x4B, 0x2E, 0xF0, 0x8D, 0x3C, 0x97, 0x5A, 0x61, + 0xD0, 0xB7, 0x49, 0x1A, 0xE3, 0x5C, 0x2F, 0x86, + 0x14, 0xBD, 0xC3, 0x7E, 0xAF, 0x68, 0x05, 0x92, + 0x6B, 0xD8, 0x14, 0xA7, 0x95, 0x0F, 0xE2, 0x3C, + /* S-box 8 */ + 0xD2, 0x84, 0x6F, 0xB1, 0xA9, 0x3E, 0x50, 0xC7, + 0x1F, 0xD8, 0xA3, 0x74, 0xC5, 0x6B, 0x0E, 0x92, + 0x7B, 0x41, 0x9C, 0xE2, 0x06, 0xAD, 0xF3, 0x58, + 0x21, 0xE7, 0x4A, 0x8D, 0xFC, 0x90, 0x35, 0x6B +}; + +prog_uint8_t e_permtab[] ={ + 4, 6, /* 4 bytes in 6 bytes out*/ + 32, 1, 2, 3, 4, 5, + 4, 5, 6, 7, 8, 9, + 8, 9, 10, 11, 12, 13, + 12, 13, 14, 15, 16, 17, + 16, 17, 18, 19, 20, 21, + 20, 21, 22, 23, 24, 25, + 24, 25, 26, 27, 28, 29, + 28, 29, 30, 31, 32, 1 +}; + +prog_uint8_t p_permtab[] ={ + 4, 4, /* 32 bit -> 32 bit */ + 16, 7, 20, 21, + 29, 12, 28, 17, + 1, 15, 23, 26, + 5, 18, 31, 10, + 2, 8, 24, 14, + 32, 27, 3, 9, + 19, 13, 30, 6, + 22, 11, 4, 25 +}; + +prog_uint8_t ip_permtab[] ={ + 8, 8, /* 64 bit -> 64 bit */ + 58, 50, 42, 34, 26, 18, 10, 2, + 60, 52, 44, 36, 28, 20, 12, 4, + 62, 54, 46, 38, 30, 22, 14, 6, + 64, 56, 48, 40, 32, 24, 16, 8, + 57, 49, 41, 33, 25, 17, 9, 1, + 59, 51, 43, 35, 27, 19, 11, 3, + 61, 53, 45, 37, 29, 21, 13, 5, + 63, 55, 47, 39, 31, 23, 15, 7 +}; + +prog_uint8_t inv_ip_permtab[] ={ + 8, 8, /* 64 bit -> 64 bit */ + 40, 8, 48, 16, 56, 24, 64, 32, + 39, 7, 47, 15, 55, 23, 63, 31, + 38, 6, 46, 14, 54, 22, 62, 30, + 37, 5, 45, 13, 53, 21, 61, 29, + 36, 4, 44, 12, 52, 20, 60, 28, + 35, 3, 43, 11, 51, 19, 59, 27, + 34, 2, 42, 10, 50, 18, 58, 26, + 33, 1, 41, 9, 49, 17, 57, 25 +}; + +prog_uint8_t pc1_permtab[] ={ + 8, 7, /* 64 bit -> 56 bit*/ + 57, 49, 41, 33, 25, 17, 9, + 1, 58, 50, 42, 34, 26, 18, + 10, 2, 59, 51, 43, 35, 27, + 19, 11, 3, 60, 52, 44, 36, + 63, 55, 47, 39, 31, 23, 15, + 7, 62, 54, 46, 38, 30, 22, + 14, 6, 61, 53, 45, 37, 29, + 21, 13, 5, 28, 20, 12, 4 +}; + +prog_uint8_t pc2_permtab[] ={ + 7, 6, /* 56 bit -> 48 bit */ + 14, 17, 11, 24, 1, 5, + 3, 28, 15, 6, 21, 10, + 23, 19, 12, 4, 26, 8, + 16, 7, 27, 20, 13, 2, + 41, 52, 31, 37, 47, 55, + 30, 40, 51, 45, 33, 48, + 44, 49, 39, 56, 34, 53, + 46, 42, 50, 36, 29, 32 +}; + +prog_uint8_t splitin6bitword_permtab[] = { + 8, 8, /* 64 bit -> 64 bit */ + 64, 64, 1, 6, 2, 3, 4, 5, + 64, 64, 7, 12, 8, 9, 10, 11, + 64, 64, 13, 18, 14, 15, 16, 17, + 64, 64, 19, 24, 20, 21, 22, 23, + 64, 64, 25, 30, 26, 27, 28, 29, + 64, 64, 31, 36, 32, 33, 34, 35, + 64, 64, 37, 42, 38, 39, 40, 41, + 64, 64, 43, 48, 44, 45, 46, 47 +}; + +prog_uint8_t shiftkey_permtab[] = { + 7, 7, /* 56 bit -> 56 bit */ + 2, 3, 4, 5, 6, 7, 8, 9, + 10, 11, 12, 13, 14, 15, 16, 17, + 18, 19, 20, 21, 22, 23, 24, 25, + 26, 27, 28, 1, + 30, 31, 32, 33, 34, 35, 36, 37, + 38, 39, 40, 41, 42, 43, 44, 45, + 46, 47, 48, 49, 50, 51, 52, 53, + 54, 55, 56, 29 +}; + +prog_uint8_t shiftkeyinv_permtab[] = { + 7, 7, + 28, 1, 2, 3, 4, 5, 6, 7, + 8, 9, 10, 11, 12, 13, 14, 15, + 16, 17, 18, 19, 20, 21, 22, 23, + 24, 25, 26, 27, + 56, 29, 30, 31, 32, 33, 34, 35, + 36, 37, 38, 39, 40, 41, 42, 43, + 44, 45, 46, 47, 48, 49, 50, 51, + 52, 53, 54, 55 +}; + +/* +1 0 +1 0 +2 1 +2 1 +2 1 +2 1 +2 1 +2 1 +---- +1 0 +2 1 +2 1 +2 1 +2 1 +2 1 +2 1 +1 0 +*/ +#define ROTTABLE 0x7EFC +#define ROTTABLE_INV 0x3F7E +/******************************************************************************/ + +void permute(prog_uint8_t *ptable, uint8_t *in, uint8_t *out){ + uint8_t ib, ob; /* in-bytes and out-bytes */ + uint8_t byte, bit; /* counter for bit and byte */ + ib = pgm_read_byte(&(ptable[0])); + ob = pgm_read_byte(&(ptable[1])); + ptable = &(ptable[2]); + for(byte=0; byte>(x%8)) ){ + t|=0x01; + } + } + out[byte]=t; + } +} + +/******************************************************************************/ + +void changeendian32(uint32_t * a){ + *a = (*a & 0x000000FF) << 24 | + (*a & 0x0000FF00) << 8 | + (*a & 0x00FF0000) >> 8 | + (*a & 0xFF000000) >> 24; +} + +/******************************************************************************/ +static inline +void shiftkey(uint8_t *key){ + uint8_t k[7]; + memcpy(k, key, 7); + permute((prog_uint8_t*)shiftkey_permtab, k, key); +} + +/******************************************************************************/ +static inline +void shiftkey_inv(uint8_t *key){ + uint8_t k[7]; + memcpy(k, key, 7); + permute((prog_uint8_t*)shiftkeyinv_permtab, k, key); + +} + +/******************************************************************************/ +static inline +uint64_t splitin6bitwords(uint64_t a){ + uint64_t ret=0; + a &= 0x0000ffffffffffffLL; + permute((prog_uint8_t*)splitin6bitword_permtab, (uint8_t*)&a, (uint8_t*)&ret); + return ret; +} + +/******************************************************************************/ + +static inline +uint8_t substitute(uint8_t a, prog_uint8_t * sbp){ + uint8_t x; + x = pgm_read_byte(&(sbp[a>>1])); + x = (a&1)?x&0x0F:x>>4; + return x; + +} + +/******************************************************************************/ + +uint32_t des_f(uint32_t r, uint8_t* kr){ + uint8_t i; + uint32_t t=0,ret; + uint64_t data; + prog_uint8_t *sbp; /* sboxpointer */ + permute((prog_uint8_t*)e_permtab, (uint8_t*)&r, (uint8_t*)&data); + for(i=0; i<7; ++i) + ((uint8_t*)&data)[i] ^= kr[i]; + + /* Sbox substitution */ + data = splitin6bitwords(data); + sbp=(prog_uint8_t*)sbox; + for(i=0; i<8; ++i){ + uint8_t x; + x = substitute(((uint8_t*)&data)[i], sbp); + t<<=4; + t |= x; + sbp += 32; + } + changeendian32(&t); + + permute((prog_uint8_t*)p_permtab,(uint8_t*)&t, (uint8_t*)&ret); + + return ret; +} + +/******************************************************************************/ + +void des_encrypt(uint8_t* out, uint8_t* in, uint8_t* key){ +#define R *((uint32_t*)&(data[4])) +#define L *((uint32_t*)&(data[0])) + + uint8_t data[8],kr[6],k[7]; + uint8_t i; + + permute((prog_uint8_t*)ip_permtab, in, data); + permute((prog_uint8_t*)pc1_permtab, key, k); + for(i=0; i<8; ++i){ + shiftkey(k); + if(ROTTABLE&((1<<((i<<1)+0))) ) + shiftkey(k); + permute((prog_uint8_t*)pc2_permtab, k, kr); + L ^= des_f(R, kr); + + shiftkey(k); + if(ROTTABLE&((1<<((i<<1)+1))) ) + shiftkey(k); + permute((prog_uint8_t*)pc2_permtab, k, kr); + R ^= des_f(L, kr); + + } + /* L <-> R*/ + R ^= L; + L ^= R; + R ^= L; + + permute((prog_uint8_t*)inv_ip_permtab, data, out); +} + +/******************************************************************************/ + +void des_decrypt(uint8_t* out, uint8_t* in, uint8_t* key){ +#define R *((uint32_t*)&(data[4])) +#define L *((uint32_t*)&(data[0])) + + uint8_t data[8],kr[6],k[7]; + int8_t i; + + permute((prog_uint8_t*)ip_permtab, in, data); + permute((prog_uint8_t*)pc1_permtab, key, k); + for(i=7; i>=0; --i){ + + permute((prog_uint8_t*)pc2_permtab, k, kr); + L ^= des_f(R, kr); + shiftkey_inv(k); + if(ROTTABLE&((1<<((i<<1)+1))) ){ + shiftkey_inv(k); + } + + permute((prog_uint8_t*)pc2_permtab, k, kr); + R ^= des_f(L, kr); + shiftkey_inv(k); + if(ROTTABLE&((1<<((i<<1)+0))) ){ + shiftkey_inv(k); + } + + } + /* L <-> R*/ + R ^= L; + L ^= R; + R ^= L; + + permute((prog_uint8_t*)inv_ip_permtab, data, out); +} + +/******************************************************************************/ + +void tdes_encrypt(uint8_t* out, uint8_t* in, uint8_t* key){ + des_encrypt(out, in, key + 0); + des_decrypt(out, out, key + 8); + des_encrypt(out, out, key +16); +} + +/******************************************************************************/ + +void tdes_decrypt(uint8_t* out, uint8_t* in, uint8_t* key){ + des_decrypt(out, in, key + 0); + des_encrypt(out, out, key + 8); + des_decrypt(out, out, key +16); +} + +/******************************************************************************/ + + diff --git a/des.h b/des.h new file mode 100644 index 0000000..45b29b5 --- /dev/null +++ b/des.h @@ -0,0 +1,24 @@ +/** + * \file des.h + * \author Daniel Otte + * \date 2007-06-16 + * \brief des and tdes declarations + * \par License + * GPL + * + */ +#ifndef DES_H_ +#define DES_H_ + +#include +/* the FIPS 46-3 (1999-10-25) name for triple DES is triple data encrytion algorithm so TDEA. + * Also we only implement the three key mode */ +#define tdea_encrypt tdes_encrypt +#define tdea_decrypt tdes_decrypt + +void des_encrypt(uint8_t* out, uint8_t* in, uint8_t* key); +void des_decrypt(uint8_t* out, uint8_t* in, uint8_t* key); +void tdes_encrypt(uint8_t* out, uint8_t* in, uint8_t* key); +void tdes_decrypt(uint8_t* out, uint8_t* in, uint8_t* key); + +#endif /*DES_H_*/ diff --git a/main-des-test.c b/main-des-test.c new file mode 100644 index 0000000..22a8942 --- /dev/null +++ b/main-des-test.c @@ -0,0 +1,235 @@ +/** + * \file main-des-test.c + * \author Daniel Otte + * \date 2007-06-17 + * \brief test suit for DES + * \par License + * GPL + * + */ +#include "config.h" +#include "serial-tools.h" +#include "uart.h" +#include "debug.h" + +#include "des.h" + +#include +#include + + +/***************************************************************************** + * additional validation-functions * + *****************************************************************************/ + +/***************************************************************************** + * self tests * + *****************************************************************************/ + +void testencrypt(uint8_t* block, uint8_t* key){ + uart_putstr("\r\n==testy-encrypt==\r\n key: "); + uart_hexdump(key,8); + uart_putstr("\r\n plain: "); + uart_hexdump(block,8); + des_encrypt(block,block,key); + uart_putstr("\r\n crypt: "); + uart_hexdump(block,8); +} + +void testdecrypt(uint8_t* block, uint8_t* key){ + uart_putstr("\r\n==testy-decrypt==\r\n key: "); + uart_hexdump(key,8); + uart_putstr("\r\n crypt: "); + uart_hexdump(block,8); + des_decrypt(block,block,key); + uart_putstr("\r\n plain: "); + uart_hexdump(block,8); +} + +/******************************************************************************/ + +void testrun_des(void){ + +/* uint8_t key[]= { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; */ +/* uint8_t data[]={ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; */ + + + uint8_t key[] = { 0x3b, 0x38, 0x98, 0x37, 0x15, 0x20, 0xf7, 0x5e }; + uint8_t data[]= { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF }; + testencrypt(data,key); + testdecrypt(data,key); +} + +/******************************************************************************/ + +void nessie_testenc(uint8_t* data, uint8_t* key){ + uint16_t i; + uart_putstr("\r\n\t key = \t"); uart_hexdump(key, 8); + uart_putstr("\r\n\t plain = \t"); uart_hexdump(data, 8); + des_encrypt(data,data,key); + uart_putstr("\r\n\t cipher = \t"); uart_hexdump(data, 8); + des_decrypt(data,data,key); + uart_putstr("\r\n\t decrypted = \t"); uart_hexdump(data, 8); + + for(i=0;i<100; ++i) + des_encrypt(data,data,key); + uart_putstr("\r\n\tIterated 100 times = \t"); uart_hexdump(data, 8); + for(;i<1000; ++i) + des_encrypt(data,data,key); + uart_putstr("\r\n\tIterated 1000 times = \t"); uart_hexdump(data, 8); + +} + +/******************************************************************************/ +/* +Set 8, vector# 0: + key=0001020304050607 + cipher=0011223344556677 + plain=41AD068548809D02 + encrypted=0011223344556677 +*/ +void nessie_testdec(uint8_t* data, uint8_t* key){ + uint16_t i; + uart_putstr("\r\n\t key = \t"); uart_hexdump(key, 8); + uart_putstr("\r\n\t cipher = \t"); uart_hexdump(data, 8); + des_decrypt(data,data,key); + uart_putstr("\r\n\t plain = \t"); uart_hexdump(data, 8); + des_encrypt(data,data,key); + uart_putstr("\r\n\t encrypted = \t"); uart_hexdump(data, 8); +} + +/******************************************************************************/ + +void nessie_testrun(void){ + /* + Set 1, vector# 0: + key=8000000000000000 + plain=0000000000000000 + cipher=95A8D72813DAA94D + decrypted=0000000000000000 + Iterated 100 times=F749E1F8DEFAF605 + Iterated 1000 times=F396DD0B33D04244 + */ + uint8_t key[8]; + uint8_t data[8]; + uint16_t set=1, vector; + /* set 1 */ + for(vector=0;vector<64;++vector){ + memset(key, 0, 8); + memset(data, 0, 8); + key[vector/8] = 1<<(7-vector%8); + uart_putstr("\r\n Set "); uart_hexdump(&set, 1); + uart_putstr(", vector# "); uart_hexdump(&vector, 1); + nessie_testenc(data, key); + } + /* set 2 */ + set = 2; + for(vector=0;vector<64;++vector){ + memset(key, 0, 8); + memset(data, 0, 8); + data[vector/8] = 1<<(7-vector%8); + uart_putstr("\r\n Set "); uart_hexdump(&set, 1); + uart_putstr(", vector# "); uart_hexdump(&vector, 1); + nessie_testenc(data, key); + } + /* set 3 */ + set = 3; + for(vector=0;vector<256;++vector){ + memset(key, vector, 8); + memset(data, vector, 8); + uart_putstr("\r\n Set "); uart_hexdump(&set, 1); + uart_putstr(", vector# "); uart_hexdump(&vector, 2); + nessie_testenc(data, key); + } + /* set 4 */ + set = 4; + { uint8_t lk[2][8] = { /* local keys */ + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + { 0x2B, 0xD6, 0x45, 0x9F, 0x82, 0xC5, 0xB3, 0x00 } }; + uint8_t ld[2][8] = { /* local data */ + { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 }, + { 0xEA, 0x02, 0x47, 0x14, 0xAD, 0x5C, 0x4D, 0x84 } }; + + for(vector=0;vector<2;++vector){ + uart_putstr("\r\n Set "); uart_hexdump(&set, 1); + uart_putstr(", vector# "); uart_hexdump(&vector, 2); + nessie_testenc(ld[vector], lk[vector]); + } + } + /* set 5 */ + set = 5; + for(vector=0;vector<64;++vector){ + memset(key, 0, 8); + memset(data, 0, 8); + key[vector/8] = 1<<(7-vector%8); + uart_putstr("\r\n Set "); uart_hexdump(&set, 1); + uart_putstr(", vector# "); uart_hexdump(&vector, 1); + nessie_testdec(data, key); + } + /* set 6 */ + set = 6; + for(vector=0;vector<64;++vector){ + memset(key, 0, 8); + memset(data, 0, 8); + data[vector/8] = 1<<(7-vector%8); + uart_putstr("\r\n Set "); uart_hexdump(&set, 1); + uart_putstr(", vector# "); uart_hexdump(&vector, 1); + nessie_testdec(data, key); + } + /* set 7 */ + set = 7; + for(vector=0;vector<256;++vector){ + memset(key, vector, 8); + memset(data, vector, 8); + uart_putstr("\r\n Set "); uart_hexdump(&set, 1); + uart_putstr(", vector# "); uart_hexdump(&vector, 2); + nessie_testdec(data, key); + } + /* set 8 */ + set = 8; + { uint8_t lk[2][8] = { /* local keys */ + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + { 0x2B, 0xD6, 0x45, 0x9F, 0x82, 0xC5, 0xB3, 0x00 } }; + uint8_t ld[2][8] = { /* local data */ + { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 }, + { 0xEA, 0x02, 0x47, 0x14, 0xAD, 0x5C, 0x4D, 0x84 } }; + + for(vector=0;vector<2;++vector){ + uart_putstr("\r\n Set "); uart_hexdump(&set, 1); + uart_putstr(", vector# "); uart_hexdump(&vector, 2); + nessie_testdec(ld[vector], lk[vector]); + } + } + +} + +/***************************************************************************** + * main * + *****************************************************************************/ + +int main (void){ + char str[20]; + + DEBUG_INIT(); + uart_putstr("\r\n"); + + uart_putstr("\r\n\r\nCrypto-VS (DES; "); + uart_putstr(__DATE__);uart_putstr(", ");uart_putstr(__TIME__); + uart_putstr(")\r\nloaded and running\r\n"); + +restart: + while(1){ + if (!getnextwordn(str,20)) {DEBUG_S("DBG: W1\r\n"); goto error;} + if (!strcmp(str, "test")) { testrun_des(); } + else if (!strcmp(str, "nessie")) { nessie_testrun();} + else {DEBUG_S("DBG: 1b\r\n"); goto error;} + + goto restart; + continue; + error: + uart_putstr("ERROR\r\n"); + } + + +} + diff --git a/main-seed-test.c b/main-seed-test.c new file mode 100644 index 0000000..383c8fd --- /dev/null +++ b/main-seed-test.c @@ -0,0 +1,115 @@ +/** + * \file main-seed-test.c + * \author Daniel Otte + * \date 2007-06-01 + * \brief test suit for SEED + * \par License + * GPL + * + */ +#include "config.h" +#include "serial-tools.h" +#include "uart.h" +#include "debug.h" + +#include "seed.h" + +#include +#include +#include + +/***************************************************************************** + * additional validation-functions * + *****************************************************************************/ + +/***************************************************************************** + * self tests * + *****************************************************************************/ + +void testencrypt(uint8_t* block, uint8_t* key){ + seed_ctx_t ctx; + uart_putstr("\r\n==testy-encrypt==\r\n key: "); + uart_hexdump(key,16); + seed_init(&ctx, key); + uart_putstr("\r\n plain: "); + uart_hexdump(block,16); + _delay_ms(50); + seed_encrypt(&ctx, block); + uart_putstr("\r\n crypt: "); + uart_hexdump(block,16); +// uart_putstr("\r\n post-state: "); +// uart_hexdump(ctx.k,16); +} + +void testdecrypt(uint8_t* block, uint8_t* key){ + seed_ctx_t ctx; + uart_putstr("\r\n==testy-decrypt==\r\n key: "); + uart_hexdump(key,16); + seed_init(&ctx, key); + uart_putstr("\r\n crypt: "); + uart_hexdump(block,16); + _delay_ms(50); + seed_decrypt(&ctx, block); + uart_putstr("\r\n plain: "); + uart_hexdump(block,16); +// uart_putstr("\r\n post-state: "); +// uart_hexdump(ctx.k,16); +} + +void testrun_seed(void){ + uint8_t keys[4][16]= + { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, + { 0x47, 0x06, 0x48, 0x08, 0x51, 0xE6, 0x1B, 0xE8, + 0x5D, 0x74, 0xBF, 0xB3, 0xFD, 0x95, 0x61, 0x85 }, + { 0x28, 0xDB, 0xC3, 0xBC, 0x49, 0xFF, 0xD8, 0x7D, + 0xCF, 0xA5, 0x09, 0xB1, 0x1D, 0x42, 0x2B, 0xE7,} + }; + uint8_t datas[4][16]= + { { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x83, 0xA2, 0xF8, 0xA2, 0x88, 0x64, 0x1F, 0xB9, + 0xA4, 0xE9, 0xA5, 0xCC, 0x2F, 0x13, 0x1C, 0x7D }, + { 0xB4, 0x1E, 0x6B, 0xE2, 0xEB, 0xA8, 0x4A, 0x14, + 0x8E, 0x2E, 0xED, 0x84, 0x59, 0x3C, 0x5E, 0xC7 } + }; + uint8_t i=0; + for(i=0; i<4; ++i){ + testencrypt(datas[i],keys[i]); + testdecrypt(datas[i],keys[i]); + } +// testdecrypt(data,key); +} + + + +/***************************************************************************** + * main * + *****************************************************************************/ + +int main (void){ + char str[20]; + + DEBUG_INIT(); + uart_putstr("\r\n"); + + uart_putstr("\r\n\r\nCrypto-VS (seed)\r\nloaded and running\r\n"); + +restart: + while(1){ + if (!getnextwordn(str,20)) {DEBUG_S("DBG: W1\r\n"); goto error;} + if (strcmp(str, "test")) {DEBUG_S("DBG: 1b\r\n"); goto error;} + testrun_seed(); + goto restart; + continue; + error: + uart_putstr("ERROR\r\n"); + } + + +} + diff --git a/main-shabea-test.c b/main-shabea-test.c new file mode 100644 index 0000000..1fde509 --- /dev/null +++ b/main-shabea-test.c @@ -0,0 +1,108 @@ +/** + * \file main-shabea-test.c + * \author Daniel Otte + * \date 2007-06-07 + * \brief test suit for SHABEA + * \par License + * GPL + * + */ +#include "config.h" +#include "serial-tools.h" +#include "uart.h" +#include "debug.h" + +#include "shabea.h" + +#include +#include +#include + +/***************************************************************************** + * additional validation-functions * + *****************************************************************************/ + +/***************************************************************************** + * self tests * + *****************************************************************************/ + +void testencrypt(uint8_t* block, uint8_t* key){ + uart_putstr("\r\n==testy-encrypt==\r\n key: "); + uart_hexdump(key,16); + uart_putstr("\r\n plain: "); + uart_hexdump(block,16); + _delay_ms(50); + shabea128(block,key,128,1,16); + uart_putstr("\r\n crypt: "); + uart_hexdump(block,16); +} + +void testdecrypt(uint8_t* block, uint8_t* key){ + + uart_putstr("\r\n==testy-decrypt==\r\n key: "); + uart_hexdump(key,16); + uart_putstr("\r\n crypt: "); + uart_hexdump(block,16); + _delay_ms(50); + shabea128(block,key,128,0,16); + uart_putstr("\r\n plain: "); + uart_hexdump(block,16); +} + +void testrun_shabea(void){ + uint8_t keys[4][16]= + { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, + { 0x47, 0x06, 0x48, 0x08, 0x51, 0xE6, 0x1B, 0xE8, + 0x5D, 0x74, 0xBF, 0xB3, 0xFD, 0x95, 0x61, 0x85 }, + { 0x28, 0xDB, 0xC3, 0xBC, 0x49, 0xFF, 0xD8, 0x7D, + 0xCF, 0xA5, 0x09, 0xB1, 0x1D, 0x42, 0x2B, 0xE7,} + }; + uint8_t datas[4][16]= + { { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x83, 0xA2, 0xF8, 0xA2, 0x88, 0x64, 0x1F, 0xB9, + 0xA4, 0xE9, 0xA5, 0xCC, 0x2F, 0x13, 0x1C, 0x7D }, + { 0xB4, 0x1E, 0x6B, 0xE2, 0xEB, 0xA8, 0x4A, 0x14, + 0x8E, 0x2E, 0xED, 0x84, 0x59, 0x3C, 0x5E, 0xC7 } + }; + uint8_t i=0; + for(i=0; i<4; ++i){ + testencrypt(datas[i],keys[i]); + testdecrypt(datas[i],keys[i]); + } +// testdecrypt(data,key); +} + + + +/***************************************************************************** + * main * + *****************************************************************************/ + +int main (void){ + char str[20]; + + DEBUG_INIT(); + uart_putstr("\r\n"); + + uart_putstr("\r\n\r\nCrypto-VS (shabea)\r\nloaded and running\r\n"); + +restart: + while(1){ + if (!getnextwordn(str,20)) {DEBUG_S("DBG: W1\r\n"); goto error;} + if (strcmp(str, "test")) {DEBUG_S("DBG: 1b\r\n"); goto error;} + testrun_shabea(); + goto restart; + continue; + error: + uart_putstr("ERROR\r\n"); + } + + +} + diff --git a/main-tdes-test.c b/main-tdes-test.c new file mode 100644 index 0000000..fbb88d6 --- /dev/null +++ b/main-tdes-test.c @@ -0,0 +1,245 @@ +/** + * \file main-tdes-test.c + * \author Daniel Otte + * \date 2007-06-17 + * \brief test suit for TDES/TDEA + * \par License + * GPL + * + */ +#include "config.h" +#include "serial-tools.h" +#include "uart.h" +#include "debug.h" + +#include "des.h" + +#include +#include + + +/***************************************************************************** + * additional validation-functions * + *****************************************************************************/ + +/***************************************************************************** + * self tests * + *****************************************************************************/ + +void testencrypt(uint8_t* block, uint8_t* key){ + uart_putstr("\r\n==testy-encrypt==\r\n key: "); + uart_hexdump(key,8); + uart_putstr("\r\n plain: "); + uart_hexdump(block,8); + tdes_encrypt(block,block,key); + uart_putstr("\r\n crypt: "); + uart_hexdump(block,8); +} + +void testdecrypt(uint8_t* block, uint8_t* key){ + uart_putstr("\r\n==testy-decrypt==\r\n key: "); + uart_hexdump(key,8); + uart_putstr("\r\n crypt: "); + uart_hexdump(block,8); + tdes_decrypt(block,block,key); + uart_putstr("\r\n plain: "); + uart_hexdump(block,8); +} + +/******************************************************************************/ + +void testrun_des(void){ + +/* uint8_t key[]= { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; */ +/* uint8_t data[]={ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; */ + + + uint8_t key[] = { 0x3b, 0x38, 0x98, 0x37, 0x15, 0x20, 0xf7, 0x5e, + 0x92, 0x2f, 0xb5, 0x10, 0xc7, 0x1f, 0x43, 0x6e, + 0x3b, 0x38, 0x98, 0x37, 0x15, 0x20, 0xf7, 0x5e + }; + uint8_t data[]= { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF }; + testencrypt(data,key); + testdecrypt(data,key); +} + +/******************************************************************************/ + +void nessie_testenc(uint8_t* data, uint8_t* key){ + uint16_t i; + uart_putstr("\r\n\t key = \t"); uart_hexdump(key, 24); + uart_putstr("\r\n\t plain = \t"); uart_hexdump(data, 8); + tdes_encrypt(data,data,key); + uart_putstr("\r\n\t cipher = \t"); uart_hexdump(data, 8); + tdes_decrypt(data,data,key); + uart_putstr("\r\n\t decrypted = \t"); uart_hexdump(data, 8); + + for(i=0;i<100; ++i) + tdes_encrypt(data,data,key); + uart_putstr("\r\n\tIterated 100 times = \t"); uart_hexdump(data, 8); + for(;i<1000; ++i) + tdes_encrypt(data,data,key); + uart_putstr("\r\n\tIterated 1000 times = \t"); uart_hexdump(data, 8); + +} + +/******************************************************************************/ +/* +Set 8, vector# 0: + key=0001020304050607 + cipher=0011223344556677 + plain=41AD068548809D02 + encrypted=0011223344556677 +*/ +void nessie_testdec(uint8_t* data, uint8_t* key){ + uart_putstr("\r\n\t key = \t"); uart_hexdump(key, 24); + uart_putstr("\r\n\t cipher = \t"); uart_hexdump(data, 8); + tdes_decrypt(data,data,key); + uart_putstr("\r\n\t plain = \t"); uart_hexdump(data, 8); + tdes_encrypt(data,data,key); + uart_putstr("\r\n\t encrypted = \t"); uart_hexdump(data, 8); +} + +/******************************************************************************/ + +void nessie_testrun(void){ + /* + Set 1, vector# 0: + key=8000000000000000 + plain=0000000000000000 + cipher=95A8D72813DAA94D + decrypted=0000000000000000 + Iterated 100 times=F749E1F8DEFAF605 + Iterated 1000 times=F396DD0B33D04244 + */ + uint8_t key[24]; + uint8_t data[8]; + uint16_t set=1, vector; + /* set 1 */ + for(vector=0;vector<192;++vector){ + memset(key, 0, 24); + memset(data, 0, 8); + key[vector/8] = 1<<(7-vector%8); + uart_putstr("\r\n Set "); uart_hexdump(&set, 1); + uart_putstr(", vector# "); uart_hexdump(&vector, 1); + nessie_testenc(data, key); + } + /* set 2 */ + set = 2; + for(vector=0;vector<64;++vector){ + memset(key, 0, 24); + memset(data, 0, 8); + data[vector/8] = 1<<(7-vector%8); + uart_putstr("\r\n Set "); uart_hexdump(&set, 1); + uart_putstr(", vector# "); uart_hexdump(&vector, 1); + nessie_testenc(data, key); + } + /* set 3 */ + set = 3; + for(vector=0;vector<256;++vector){ + memset(key, vector, 24); + memset(data, vector, 8); + uart_putstr("\r\n Set "); uart_hexdump(&set, 1); + uart_putstr(", vector# "); uart_hexdump(&vector, 2); + nessie_testenc(data, key); + } + /* set 4 */ + set = 4; + { uint8_t lk[2][24] = { /* local keys */ + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 }, + { 0x2B, 0xD6, 0x45, 0x9F, 0x82, 0xC5, 0xB3, 0x00, + 0x95, 0x2C, 0x49, 0x10, 0x48, 0x81, 0xFF, 0x48, + 0x2B, 0xD6, 0x45, 0x9F, 0x82, 0xC5, 0xB3, 0x00 } }; + uint8_t ld[2][8] = { /* local data */ + { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 }, + { 0xEA, 0x02, 0x47, 0x14, 0xAD, 0x5C, 0x4D, 0x84 } }; + + for(vector=0;vector<2;++vector){ + uart_putstr("\r\n Set "); uart_hexdump(&set, 1); + uart_putstr(", vector# "); uart_hexdump(&vector, 2); + nessie_testenc(ld[vector], lk[vector]); + } + } + /* set 5 */ + set = 5; + for(vector=0;vector<192;++vector){ + memset(key, 0, 24); + memset(data, 0, 8); + key[vector/8] = 1<<(7-vector%8); + uart_putstr("\r\n Set "); uart_hexdump(&set, 1); + uart_putstr(", vector# "); uart_hexdump(&vector, 1); + nessie_testdec(data, key); + } + /* set 6 */ + set = 6; + for(vector=0;vector<64;++vector){ + memset(key, 0, 24); + memset(data, 0, 8); + data[vector/8] = 1<<(7-vector%8); + uart_putstr("\r\n Set "); uart_hexdump(&set, 1); + uart_putstr(", vector# "); uart_hexdump(&vector, 1); + nessie_testdec(data, key); + } + /* set 7 */ + set = 7; + for(vector=0;vector<256;++vector){ + memset(key, vector, 24); + memset(data, vector, 8); + uart_putstr("\r\n Set "); uart_hexdump(&set, 1); + uart_putstr(", vector# "); uart_hexdump(&vector, 2); + nessie_testdec(data, key); + } + /* set 8 */ + set = 8; + { uint8_t lk[2][24] = { + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 }, + { 0x2B, 0xD6, 0x45, 0x9F, 0x82, 0xC5, 0xB3, 0x00, + 0x95, 0x2C, 0x49, 0x10, 0x48, 0x81, 0xFF, 0x48, + 0x2B, 0xD6, 0x45, 0x9F, 0x82, 0xC5, 0xB3, 0x00 } }; + uint8_t ld[2][8] = { /* local data */ + { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 }, + { 0xEA, 0x02, 0x47, 0x14, 0xAD, 0x5C, 0x4D, 0x84 } }; + + for(vector=0;vector<2;++vector){ + uart_putstr("\r\n Set "); uart_hexdump(&set, 1); + uart_putstr(", vector# "); uart_hexdump(&vector, 2); + nessie_testdec(ld[vector], lk[vector]); + } + } + +} + +/***************************************************************************** + * main * + *****************************************************************************/ + +int main (void){ + char str[20]; + + DEBUG_INIT(); + uart_putstr("\r\n"); + + uart_putstr("\r\n\r\nCrypto-VS (TDES/TDEA; "); + uart_putstr(__DATE__);uart_putstr(", ");uart_putstr(__TIME__); + uart_putstr(")\r\nloaded and running\r\n"); + +restart: + while(1){ + if (!getnextwordn(str,20)) {DEBUG_S("DBG: W1\r\n"); goto error;} + if (!strcmp(str, "test")) { testrun_des(); } + else if (!strcmp(str, "nessie")) { nessie_testrun();} + else {DEBUG_S("DBG: 1b\r\n"); goto error;} + + goto restart; + continue; + error: + uart_putstr("ERROR\r\n"); + } + + +} + diff --git a/main.c b/main.c index 81dae92..ad0fda4 100644 --- a/main.c +++ b/main.c @@ -83,6 +83,16 @@ void testrun_sha256(void){ sha256((void*)block, (void*)"\x00", 0); uart_hexdump(block, SHA256_HASH_BITS/8); + + uart_putstr("\r\nsha256(0x80, 8)= "); + sha256((void*)block, (void*)"\x80", 8); + uart_hexdump(block, SHA256_HASH_BITS/8); + + uart_putstr("\r\nsha256(0x02, 8)= "); + sha256((void*)block, (void*)"\x02", 8); + uart_hexdump(block, SHA256_HASH_BITS/8); + + uart_putstr("\r\nsha256(\"abc\", 24)= "); sha256((void*)block, (void*)"abc", 24); uart_hexdump(block, SHA256_HASH_BITS/8); diff --git a/seed-asm.S b/seed-asm.S new file mode 100644 index 0000000..3f757d8 --- /dev/null +++ b/seed-asm.S @@ -0,0 +1,90 @@ +/** + * \file seed-asm.S + * \author Daniel Otte + * \date 2007-06-1 + * \brief SEED parts in assembler for AVR + * \par License + * GPL + * + */ +SPL = 0x3D +SPH = 0x3E +SREG = 0x3F + + +/******************************************************************************* + + void changeendian32(uint32_t * a){ + *a = (*a & 0x000000FF) << 24 | + (*a & 0x0000FF00) << 8 | + (*a & 0x00FF0000) >> 8 | + (*a & 0xFF000000) >> 24; + } + +*/ +/* +.global changeendian32 +; === change_endian32 === +; function that changes the endianess of a 32-bit word +; param1: the 32-bit word +; given in r25,r24,r23,22 (r25 is most significant) +; modifys: r21, r22 +changeendian32: + movw r20, r22 ; (r22,r23) --> (r20,r21) + mov r22, r25 + mov r23, r24 + mov r24, r21 + mov r25, r20 + ret + +*/ + +/******************************************************************************* + uint32_t bigendian_sum32(uint32_t a, uint32_t b){ + changeendian32(&a); + changeendian32(&b); + a += b; + changeendian32(&a); + return a; + } +*/ + +.global bigendian_sum32 +; === bigendian_sum32 === +; function that adds two 32-bit words in the bigendian way and returns the result +; param1: the first 32-bit word +; given in r25,r24,r23,22 (r25 is most significant for little endian) +; param2: the second 32-bit word +; given in r21,r20,r19,18 (r21 is most significant for little endian) +; modifys: +bigendian_sum32: + add r25, r21 + adc r24, r20 + adc r23, r19 + adc r22, r18 + ret + +.global bigendian_sub32 +; === bigendian_sub32 === +; function that subtracts a 32-bit words from another in the bigendian way and returns the result +; param1: the minuend 32-bit word +; given in r25,r24,r23,22 (r25 is most significant for little endian) +; param2: the subtrahend 32-bit word +; given in r21,r20,r19,18 (r21 is most significant for little endian) +; modifys: +bigendian_sub32: + sub r25, r21 + sbc r24, r20 + sbc r23, r19 + sbc r22, r18 + ret + + + + + + + + + + \ No newline at end of file diff --git a/seed.c b/seed.c new file mode 100644 index 0000000..8568fdf --- /dev/null +++ b/seed.c @@ -0,0 +1,282 @@ + /** + * \file seed.c + * \author Daniel Otte + * \date 2007-06-1 + * \brief SEED parts in C for AVR + * \par License + * GPL + * + */ +#include +#include +#include +#include "seed_sbox.h" +#include "uart.h" +#include "debug.h" + + +static uint64_t f_function(uint64_t a, uint32_t k0, uint32_t k1); +static uint32_t g_function(uint32_t x); + +/******************************************************************************/ +/* +void changeendian32(uint32_t * a){ + *a = (*a & 0x000000FF) << 24 | + (*a & 0x0000FF00) << 8 | + (*a & 0x00FF0000) >> 8 | + (*a & 0xFF000000) >> 24; +} +*/ +/******************************************************************************/ +/* +void changeendian64(uint64_t * a){ + *a = (*a & 0x00000000000000FFLL) << 56 | + (*a & 0x000000000000FF00LL) << 40 | + (*a & 0x0000000000FF0000LL) << 24 | + (*a & 0x00000000FF000000LL) << 8 | + (*a & 0x000000FF00000000LL) >> 8 | + (*a & 0x0000FF0000000000LL) >> 24 | + (*a & 0x00FF000000000000LL) >> 40 | + (*a & 0xFF00000000000000LL) >> 56 ; +} +*/ +/******************************************************************************/ + +uint32_t bigendian_sum32(uint32_t a, uint32_t b);/*{ + changeendian32(&a); + changeendian32(&b); + a += b; + changeendian32(&a); + return a; +} + +/******************************************************************************/ +static +uint32_t bigendian_sub32(uint32_t a, uint32_t b);/*{ + changeendian32(&a); + changeendian32(&b); + a -= b; + changeendian32(&a); + return a; +} + +/******************************************************************************/ +static inline +uint64_t bigendian_rotl8_64(uint64_t a){ + /* + changeendian64(&a); + a = (a<<8) | (a>>(64-8)); + changeendian64(&a); + */ + a = (a>>8) | (a<<(64-8)); + return a; +} + +/******************************************************************************/ +static inline +uint64_t bigendian_rotr8_64(uint64_t a){ + /* + changeendian64(&a); + a = (a>>8) | (a<<(64-8)); + changeendian64(&a); + */ + a = (a<<8) | (a>>(64-8)); + return a; +} + +/******************************************************************************/ +static +uint64_t f_function(uint64_t a, uint32_t k0, uint32_t k1){ + uint32_t c,d; + + c = a & 0x00000000FFFFFFFFLL; + d = (a>>32) & 0x00000000FFFFFFFFLL; + + c ^= k0; d ^= k1; + d ^= c; + d = g_function(d); + c = bigendian_sum32(c,d); + c = g_function(c); + d = bigendian_sum32(c,d); + d = g_function(d); + c = bigendian_sum32(c,d); + a = ((uint64_t)d << 32) | c; + return a; +} + +/******************************************************************************/ +#define M0 0xfc +#define M1 0xf3 +#define M2 0xcf +#define M3 0x3f + +#define X3 (((uint8_t*)(&x))[0]) +#define X2 (((uint8_t*)(&x))[1]) +#define X1 (((uint8_t*)(&x))[2]) +#define X0 (((uint8_t*)(&x))[3]) + +#define Z3 (((uint8_t*)(&z))[0]) +#define Z2 (((uint8_t*)(&z))[1]) +#define Z1 (((uint8_t*)(&z))[2]) +#define Z0 (((uint8_t*)(&z))[3]) + +static +uint32_t g_function(uint32_t x){ + uint32_t z; + /* sbox substitution */ + X3 = pgm_read_byte(&(seed_sbox2[X3])); + X2 = pgm_read_byte(&(seed_sbox1[X2])); + X1 = pgm_read_byte(&(seed_sbox2[X1])); + X0 = pgm_read_byte(&(seed_sbox1[X0])); + /* now the permutation */ + Z0 = (X0 & M0) ^ (X1 & M1) ^ (X2 & M2) ^ (X3 & M3); + Z1 = (X0 & M1) ^ (X1 & M2) ^ (X2 & M3) ^ (X3 & M0); + Z2 = (X0 & M2) ^ (X1 & M3) ^ (X2 & M0) ^ (X3 & M1); + Z3 = (X0 & M3) ^ (X1 & M0) ^ (X2 & M1) ^ (X3 & M2); + return z; +} +/******************************************************************************/ +typedef struct { + uint32_t k0, k1; +} keypair_t; + +keypair_t getnextkeys(uint32_t *keystate, uint8_t curround){ + keypair_t ret; + if (curround>15){ + /* ERROR */ + } else { + /* ret.k0 = g_function(keystate[0] + keystate[2] - pgm_read_dword(&(seed_kc[curround]))); + ret.k1 = g_function(keystate[1] - keystate[3] + pgm_read_dword(&(seed_kc[curround]))); */ + ret.k0 = bigendian_sum32(keystate[0], keystate[2]); + ret.k0 = bigendian_sub32(ret.k0, pgm_read_dword(&(seed_kc[curround]))); + ret.k0 = g_function(ret.k0); + ret.k1 = bigendian_sub32(keystate[1], keystate[3]); + ret.k1 = bigendian_sum32(ret.k1, pgm_read_dword(&(seed_kc[curround]))); + ret.k1 = g_function(ret.k1); + + if (curround & 1){ + /* odd round (1,3,5, ...) */ + ((uint64_t*)keystate)[1] = bigendian_rotl8_64( ((uint64_t*)keystate)[1] ); + } else { + /* even round (0,2,4, ...) */ + ((uint64_t*)keystate)[0] = bigendian_rotr8_64(((uint64_t*)keystate)[0]); + } + } + return ret; +} + + +/******************************************************************************/ + +keypair_t getprevkeys(uint32_t *keystate, uint8_t curround){ + keypair_t ret; + if (curround>15){ + /* ERROR */ + } else { + if (curround & 1){ + /* odd round (1,3,5, ..., 15) */ + ((uint64_t*)keystate)[1] = bigendian_rotr8_64( ((uint64_t*)keystate)[1] ); + } else { + /* even round (0,2,4, ..., 14) */ + ((uint64_t*)keystate)[0] = bigendian_rotl8_64(((uint64_t*)keystate)[0]); + } + /* ret.k0 = g_function(keystate[0] + keystate[2] - pgm_read_dword(&(seed_kc[curround]))); + ret.k1 = g_function(keystate[1] - keystate[3] + pgm_read_dword(&(seed_kc[curround]))); */ + ret.k0 = bigendian_sum32(keystate[0], keystate[2]); + ret.k0 = bigendian_sub32(ret.k0, pgm_read_dword(&(seed_kc[curround]))); + ret.k0 = g_function(ret.k0); + ret.k1 = bigendian_sub32(keystate[1], keystate[3]); + ret.k1 = bigendian_sum32(ret.k1, pgm_read_dword(&(seed_kc[curround]))); + ret.k1 = g_function(ret.k1); + } + return ret; +} + +/******************************************************************************/ + +typedef struct{ + uint32_t k[4]; +} seed_ctx_t; + +/******************************************************************************/ + +void seed_init(seed_ctx_t * ctx, uint8_t * key){ + memcpy(ctx->k, key, 128/8); +} + +/******************************************************************************/ + +#define L (((uint64_t*)buffer)[0]) +#define R (((uint64_t*)buffer)[1]) + +void seed_encrypt(seed_ctx_t * ctx, void * buffer){ + uint8_t r; + keypair_t k; + for(r=0; r<8; ++r){ + k = getnextkeys(ctx->k, 2*r); +/* + DEBUG_S("\r\n\tDBG ka,0: "); uart_hexdump(&k.k0, 4); + DEBUG_S("\r\n\tDBG ka,1: "); uart_hexdump(&k.k1, 4); + DEBUG_S("\r\n\t DBG L: "); uart_hexdump((uint8_t*)buffer+0, 8); + DEBUG_S("\r\n\t DBG R: "); uart_hexdump((uint8_t*)buffer+8, 8); +*/ + L ^= f_function(R,k.k0,k.k1); + + k = getnextkeys(ctx->k, 2*r+1); +/* + DEBUG_S("\r\n\tDBG kb,0: "); uart_hexdump(&k.k0, 4); + DEBUG_S("\r\n\tDBG kb,1: "); uart_hexdump(&k.k1, 4); + DEBUG_S("\r\n\t DBG L: "); uart_hexdump((uint8_t*)buffer+8, 8); + DEBUG_S("\r\n\t DBG R: "); uart_hexdump((uint8_t*)buffer+0, 8); +*/ + R ^= f_function(L,k.k0,k.k1); + } + /* just an exchange without temp. variable */ + L ^= R; + R ^= L; + L ^= R; +} + +/******************************************************************************/ + +#define L (((uint64_t*)buffer)[0]) +#define R (((uint64_t*)buffer)[1]) + +void seed_decrypt(seed_ctx_t * ctx, void * buffer){ + int8_t r; + keypair_t k; + for(r=7; r>=0; --r){ + k = getprevkeys(ctx->k, 2*r+1); +/* + DEBUG_S("\r\n\tDBG ka,0: "); uart_hexdump(&k.k0, 4); + DEBUG_S("\r\n\tDBG ka,1: "); uart_hexdump(&k.k1, 4); + DEBUG_S("\r\n\t DBG L: "); uart_hexdump((uint8_t*)buffer+0, 8); + DEBUG_S("\r\n\t DBG R: "); uart_hexdump((uint8_t*)buffer+8, 8); +*/ + L ^= f_function(R,k.k0,k.k1); + + k = getprevkeys(ctx->k, 2*r+0); +/* + DEBUG_S("\r\n\tDBG kb,0: "); uart_hexdump(&k.k0, 4); + DEBUG_S("\r\n\tDBG kb,1: "); uart_hexdump(&k.k1, 4); + DEBUG_S("\r\n\t DBG L: "); uart_hexdump((uint8_t*)buffer+8, 8); + DEBUG_S("\r\n\t DBG R: "); uart_hexdump((uint8_t*)buffer+0, 8); +*/ + R ^= f_function(L,k.k0,k.k1); + } + /* just an exchange without temp. variable */ + L ^= R; + R ^= L; + L ^= R; +} + + + + + + + + + + + diff --git a/seed.h b/seed.h new file mode 100644 index 0000000..bdc935c --- /dev/null +++ b/seed.h @@ -0,0 +1,25 @@ +/** + * \file seed.h + * \author Daniel Otte + * \date 2007-06-1 + * \brief declarations for seed + * \par License + * GPL + * + */ +#ifndef SEED_H_ +#define SEED_H_ + +#include + +typedef struct{ + uint32_t k[4]; +} seed_ctx_t; + +/******************************************************************************/ + +void seed_init(seed_ctx_t * ctx, uint8_t * key); +void seed_encrypt(seed_ctx_t * ctx, void * buffer); +void seed_decrypt(seed_ctx_t * ctx, void * buffer); + +#endif /*SEED_H_*/ diff --git a/seed_sbox.h b/seed_sbox.h new file mode 100644 index 0000000..b2a7d12 --- /dev/null +++ b/seed_sbox.h @@ -0,0 +1,129 @@ +/** + * \file seed_sbox.h + * \author Daniel Otte + * \date 2007-06-1 + * \brief sboxes and constants for seed + * \par License + * GPL + * + */ + +#ifndef SEED_SBOX_H_ +#define SEED_SBOX_H_ + +#include +#include + +uint8_t seed_sbox1[256] PROGMEM ={ + 169, 133, 214, 211, 84, 29, 172, 37, + 93, 67, 24, 30, 81, 252, 202, 99, + 40, 68, 32, 157, 224, 226, 200, 23, + 165, 143, 3, 123, 187, 19, 210, 238, + 112, 140, 63, 168, 50, 221, 246, 116, + 236, 149, 11, 87, 92, 91, 189, 1, + 36, 28, 115, 152, 16, 204, 242, 217, + 44, 231, 114, 131, 155, 209, 134, 201, + 96, 80, 163, 235, 13, 182, 158, 79, + 183, 90, 198, 120, 166, 18, 175, 213, + 97, 195, 180, 65, 82, 125, 141, 8, + 31, 153, 0, 25, 4, 83, 247, 225, + 253, 118, 47, 39, 176, 139, 14, 171, + 162, 110, 147, 77, 105, 124, 9, 10, + 191, 239, 243, 197, 135, 20, 254, 100, + 222, 46, 75, 26, 6, 33, 107, 102, + 2, 245, 146, 138, 12, 179, 126, 208, + 122, 71, 150, 229, 38, 128, 173, 223, + 161, 48, 55, 174, 54, 21, 34, 56, + 244, 167, 69, 76, 129, 233, 132, 151, + 53, 203, 206, 60, 113, 17, 199, 137, + 117, 251, 218, 248, 148, 89, 130, 196, + 255, 73, 57, 103, 192, 207, 215, 184, + 15, 142, 66, 35, 145, 108, 219, 164, + 52, 241, 72, 194, 111, 61, 45, 64, + 190, 62, 188, 193, 170, 186, 78, 85, + 59, 220, 104, 127, 156, 216, 74, 86, + 119, 160, 237, 70, 181, 43, 101, 250, + 227, 185, 177, 159, 94, 249, 230, 178, + 49, 234, 109, 95, 228, 240, 205, 136, + 22, 58, 88, 212, 98, 41, 7, 51, + 232, 27, 5, 121, 144, 106, 42, 154 +}; + +uint8_t seed_sbox2[256] PROGMEM ={ + 56, 232, 45, 166, 207, 222, 179, 184, + 175, 96, 85, 199, 68, 111, 107, 91, + 195, 98, 51, 181, 41, 160, 226, 167, + 211, 145, 17, 6, 28, 188, 54, 75, + 239, 136, 108, 168, 23, 196, 22, 244, + 194, 69, 225, 214, 63, 61, 142, 152, + 40, 78, 246, 62, 165, 249, 13, 223, + 216, 43, 102, 122, 39, 47, 241, 114, + 66, 212, 65, 192, 115, 103, 172, 139, + 247, 173, 128, 31, 202, 44, 170, 52, + 210, 11, 238, 233, 93, 148, 24, 248, + 87, 174, 8, 197, 19, 205, 134, 185, + 255, 125, 193, 49, 245, 138, 106, 177, + 209, 32, 215, 2, 34, 4, 104, 113, + 7, 219, 157, 153, 97, 190, 230, 89, + 221, 81, 144, 220, 154, 163, 171, 208, + 129, 15, 71, 26, 227, 236, 141, 191, + 150, 123, 92, 162, 161, 99, 35, 77, + 200, 158, 156, 58, 12, 46, 186, 110, + 159, 90, 242, 146, 243, 73, 120, 204, + 21, 251, 112, 117, 127, 53, 16, 3, + 100, 109, 198, 116, 213, 180, 234, 9, + 118, 25, 254, 64, 18, 224, 189, 5, + 250, 1, 240, 42, 94, 169, 86, 67, + 133, 20, 137, 155, 176, 229, 72, 121, + 151, 252, 30, 130, 33, 140, 27, 95, + 119, 84, 178, 29, 37, 79, 0, 70, + 237, 88, 82, 235, 126, 218, 201, 253, + 48, 149, 101, 60, 182, 228, 187, 124, + 14, 80, 57, 38, 50, 132, 105, 147, + 55, 231, 36, 164, 203, 83, 10, 135, + 217, 76, 131, 143, 206, 59, 74, 183 +}; + +/* key constants */ +/* +uint32_t seed_kc[16] PROGMEM ={ + 0x9e3779b9, + 0x3c6ef373, + 0x78dde6e6, + 0xf1bbcdcc, + 0xe3779b99, + 0xc6ef3733, + 0x8dde6e67, + 0x1bbcdccf, + 0x3779b99e, + 0x6ef3733c, + 0xdde6e678, + 0xbbcdccf1, + 0x779b99e3, + 0xef3733c6, + 0xde6e678d, + 0xbcdccf1b +}; +// */ +/* key constants (mal andersrum) */ +// /* +uint32_t seed_kc[16] PROGMEM ={ + 0xb979379e, + 0x73f36e3c, + 0xe6e6dd78, + 0xcccdbbf1, + 0x999b77e3, + 0x3337efc6, + 0x676ede8d, + 0xcfdcbc1b, + 0x9eb97937, + 0x3c73f36e, + 0x78e6e6dd, + 0xf1cccdbb, + 0xe3999b77, + 0xc63337ef, + 0x8d676ede, + 0x1bcfdcbc +}; +// */ +#endif /*SEED_SBOX_H_*/ diff --git a/sha256.h b/sha256.h index 7dc9eeb..5f2f275 100644 --- a/sha256.h +++ b/sha256.h @@ -1,7 +1,7 @@ /** * \file sha256-asm.h - * \author Daniel Otte - * \date 16.05.2006 + * \author Daniel Otte + * \date 2006-05-16 * \par License * GPL * @@ -36,6 +36,10 @@ void sha256_nextBlock (sha256_ctx_t *state, void* block); void sha256_lastBlock(sha256_ctx_t *state, void* block, uint16_t length); void sha256_ctx2hash(sha256_hash_t *dest, sha256_ctx_t *state); + +/* + * length in bits! + */ void sha256(sha256_hash_t *dest, void* msg, uint32_t length); uint32_t change_endian32(uint32_t x); diff --git a/shabea.c b/shabea.c new file mode 100644 index 0000000..f4f823c --- /dev/null +++ b/shabea.c @@ -0,0 +1,64 @@ +/** + * \file shabea.c + * \author Daniel Otte + * \date 2007-06-07 + * \brief SHABEA - a SHA Based Encrytion Algorithm implementation + * \par License + * GPL + * + * SHABEAn-r where n is the blocksize and r the number of round used + * + * + */ +#include +#include +#include "sha256.h" + +#include "config.h" +#include "uart.h" +#include "debug.h" +/* + * + */ +static +void memxor(uint8_t * dest, uint8_t * src, uint8_t length){ + while(length--){ + *dest++ ^= *src++; + } +} + +/* + * SHABEA128-16 + */ +#define L ((uint8_t*)block+0) +#define R ((uint8_t*)block+8) +void shabea128(void * block, void * key, uint16_t keysize, uint8_t enc, uint8_t rounds){ + int8_t r; /**/ + uint8_t *tb; /**/ + uint16_t kbs; /* bytes used for the key / temporary block */ + sha256_hash_t hash; + + r = (enc?0:(rounds-1)); + kbs = keysize/8 + ((keysize&7)?1:0); + tb = malloc(8+2+kbs); + memcpy(tb+8+2, key, kbs); + tb[8+0] = 0; + + for(;r!=(enc?(rounds):-1);enc?r++:r--){ /* enc: 0..(rounds-1) ; !enc: (rounds-1)..0 */ + memcpy(tb, R, 8); /* copy right half into tb */ + tb[8+1] = r; + sha256(hash, tb, 64+16+keysize); + if(!(r==(enc?(rounds-1):0))){ + /* swap */ + memxor(hash, L, 8); + memcpy(L, R, 8); + memcpy(R, hash, 8); + } else { + /* no swap */ + memxor(L, hash, 8); + } + } + free(tb); +} + + diff --git a/shabea.h b/shabea.h new file mode 100644 index 0000000..ceb7675 --- /dev/null +++ b/shabea.h @@ -0,0 +1,17 @@ +/** + * \file shabea.h + * \author Daniel Otte + * \date 2007-06-07 + * \brief SHABEA - a SHA Based Encrytion Algorithm declarations + * \par License + * GPL + * + * SHABEAn-r where n is the blocksize and r the number of round used + * + */ + +#ifndef SHABEA_H_ +#define SHABEA_H_ + +void shabea128(void * block, void * key, uint16_t keysize, uint8_t enc, uint8_t rounds); +#endif /*SHABEA_H_*/ diff --git a/uart.c b/uart.c index 45338b5..68aaac4 100644 --- a/uart.c +++ b/uart.c @@ -132,7 +132,7 @@ void uart_hexdump(void* buf, int len) uart_putc(table[((*((char*)buf))>>4)&0xf]); uart_putc(table[(*((char*)buf))&0xf]); uart_putc(' '); - ++buf; + buf=(char*)buf+1; } } diff --git a/uart.h b/uart.h index e8e3b20..a72b167 100644 --- a/uart.h +++ b/uart.h @@ -27,11 +27,13 @@ void uart_putstr_P(PGM_P str); void uart_hexdump(void* buf, int len); char uart_getc(void); -char uart_getc_nb(char *c); // returns 1 on success +char uart_getc_nb(char *c); /* returns 1 on success */ -//get one Cariage return terminated line -//echo charakters back on Uart -//returns buffer with zero terminated line on success, 0 pointer otherwise +/* + get one Cariage return terminated line + echo charakters back on Uart + returns buffer with zero terminated line on success, 0 pointer otherwise +*/ char * uart_getline_nb(void); #endif