bg
/
avr-crypto-lib
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

clean up

This commit is contained in:
bg 2010-09-25 12:04:19 +00:00
parent 02ac3b653f
commit 7b5401ab9c
346 changed files with 240 additions and 22899 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
aes/aes_dec.c
View File

@ -19,7 +19,7 @@
#include <stdint.h>
#include <string.h>
#include "gf256mul.h"
#include "gf256mul/gf256mul.h"
#include "aes.h"
#include "aes_invsbox.h"
#include "aes_dec.h"

2
aes/aes_enc.c
View File

@ -28,7 +28,7 @@
#include <stdint.h>
#include <string.h>
#include "aes.h"
#include "gf256mul.h"
#include "gf256mul/gf256mul.h"
#include "aes_sbox.h"
#include "aes_enc.h"
#include <avr/pgmspace.h>

82
aes/gf256mul.S
View File

@ -1,82 +0,0 @@
/* gf256mul.S */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*
* File: gf256mul.S
* Author: Daniel Otte
* Date: 2008-12-19
* License: GPLv3 or later
* Description: peasant's algorithm for multiplication in GF(2^8)
*
*/
#include <avr/io.h>
#define OPTIMIZE_SMALL_A
/*
* param a: r24
* param b: r22
* param reducer: r20
*/
A = 23
B = 22
P = 24
.global gf256mul
#ifdef OPTIMIZE_SMALL_A
gf256mul:
mov A, r24
clr r24
1:
lsr A
breq 4f
brcc 2f
eor P, B
2:
lsl B
brcc 3f
eor B, r20
3:
rjmp 1b
4:
brcc 2f
eor P, B
2:
ret
#else
gf256mul:
mov r21, r24
clr r24
ldi r25, 8
1:
lsr A
brcc 2f
eor P, B
2:
lsl B
brcc 3f
eor B, r20
3:
dec r25
brne 1b
ret
#endif

37
aes/gf256mul.h
View File

@ -1,37 +0,0 @@
/* gf256mul.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef GF256MUL_H_
#define GF256MUL_H_
/**
* \author Daniel Otte
* \email daniel.otte@rub.de
* \date 2008-12-19
* \license GPLv3
* \brief
*
*
*/
#include <stdint.h>
uint8_t gf256mul(uint8_t a, uint8_t b, uint8_t reducer);
#endif /* GF256MUL_H_ */

1
avr-makefile.inc
View File

@ -8,7 +8,6 @@ FLASHCMD = avrdude -p $(MCU_TARGET) -P /dev/ttyUSB0 -c $(PROGRAMMER) -U fl
DEP_DIR = deps/
TEST_DIR = test/
BIN_DIR = bin/
TESTBIN_DIR = test_bin/
TESTSRC_DIR = test_src/
#uisp -dprog=bsd -dlpt=/dev/parport1 --upload if=$(PRG).hex
ERASECMD =

94
bcal-basic.c
View File

@ -1,94 +0,0 @@
/* bcal-basic.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdlib.h>
#include <stdint.h>
#include <string.h>
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "keysize_descriptor.h"
uint8_t bcal_cipher_init(const bcdesc_t* cipher_descriptor,
const void* key, uint16_t keysize_b, bcgen_ctx_t* ctx){
if(!is_valid_keysize_P((PGM_VOID_P)pgm_read_word(&(cipher_descriptor->valid_keysize_desc)),
keysize_b)){
return 1;
}
uint8_t flags;
bc_init_fpt init_fpt;
ctx->desc_ptr = (bcdesc_t*)cipher_descriptor;
ctx->keysize = keysize_b;
flags = pgm_read_byte(cipher_descriptor->flags);
init_fpt.initvoid = (void_fpt)(pgm_read_word(&(cipher_descriptor->init.initvoid)));
if(init_fpt.initvoid == NULL){
if(!(ctx->ctx = malloc((keysize_b+7)/8)))
return 2;
memcpy(ctx->ctx, key, (keysize_b+7)/8);
return 0;
}
if(!(ctx->ctx = malloc(pgm_read_word(&(cipher_descriptor->ctxsize_B)))))
return 3;
if((flags&BC_INIT_TYPE)==BC_INIT_TYPE_1){
init_fpt.init1((void*)key, (ctx->ctx));
}else{
init_fpt.init2((void*)key, keysize_b, (ctx->ctx));
}
return 0;
}
void bcal_cipher_free(bcgen_ctx_t* ctx){
if(!ctx)
return;
bc_free_fpt free_fpt;
free_fpt = (bc_free_fpt)(pgm_read_word(&(ctx->desc_ptr->free)));
if(free_fpt)
free_fpt((ctx->ctx));
free(ctx->ctx);
}
void bcal_cipher_enc(void* block, const bcgen_ctx_t* ctx){
bc_enc_fpt enc_fpt;
enc_fpt.encvoid = (void_fpt)pgm_read_word(&(ctx->desc_ptr->enc.encvoid));
if(!enc_fpt.encvoid){
/* very bad error, no enciphering function specified */
return;
}
enc_fpt.enc1(block, (ctx->ctx));
}
void bcal_cipher_dec(void* block, const bcgen_ctx_t* ctx){
bc_dec_fpt dec_fpt;
dec_fpt.decvoid = (void_fpt)pgm_read_word(&(ctx->desc_ptr->dec.decvoid));
if(!dec_fpt.decvoid){
/* very bad error, no deciphering function specified */
return;
}
dec_fpt.dec1(block, (ctx->ctx));
}
uint16_t bcal_cipher_getBlocksize_b(const bcdesc_t* desc){
return pgm_read_word(&(desc->blocksize_b));
}
PGM_VOID_P bcal_cipher_getKeysizeDesc(const bcdesc_t* desc){
return (PGM_VOID_P)pgm_read_word(&(desc->valid_keysize_desc));
}

36
bcal-basic.h
View File

@ -1,36 +0,0 @@
/* bcal-basic.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2009 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BCAL_BASIC_H_
#define BCAL_BASIC_H_
#include <stdlib.h>
#include <stdint.h>
#include "blockcipher_descriptor.h"
#include "keysize_descriptor.h"
#include <avr/pgmspace.h>
uint8_t bcal_cipher_init(const bcdesc_t* cipher_descriptor,
const void* key, uint16_t keysize_b, bcgen_ctx_t* ctx);
void bcal_cipher_free(bcgen_ctx_t* ctx);
void bcal_cipher_enc(void* block, const bcgen_ctx_t* ctx);
void bcal_cipher_dec(void* block, const bcgen_ctx_t* ctx);
uint16_t bcal_cipher_getBlocksize_b(const bcdesc_t* desc);
PGM_VOID_P bcal_cipher_getKeysizeDesc(const bcdesc_t* desc);
#endif /* BCAL_BASIC_H_ */

84
bcal-cbc.c
View File

@ -1,84 +0,0 @@
/* bcal-cbc.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdint.h>
#include <string.h>
#include "bcal-cbc.h"
#include "bcal-basic.h"
#include "memxor.h"
uint8_t bcal_cbc_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_cbc_ctx_t* ctx){
ctx->desc = (bcdesc_t*)desc;
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
ctx->prev_block = malloc(ctx->blocksize_B);
if(ctx->prev_block==NULL){
return 0x11;
}
return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
}
void bcal_cbc_free(bcal_cbc_ctx_t* ctx){
bcal_cipher_free(&(ctx->cctx));
free(ctx->prev_block);
}
void bcal_cbc_loadIV(const void* iv, bcal_cbc_ctx_t* ctx){
if(iv){
memcpy(ctx->prev_block, iv, ctx->blocksize_B);
}
}
void bcal_cbc_encNext(void* block, bcal_cbc_ctx_t* ctx){
memxor(block, ctx->prev_block, ctx->blocksize_B);
bcal_cipher_enc(block, &(ctx->cctx));
memcpy(ctx->prev_block, block, ctx->blocksize_B);
}
void bcal_cbc_decNext(void* block, bcal_cbc_ctx_t* ctx){
uint8_t tmp[ctx->blocksize_B];
memcpy(tmp, block, ctx->blocksize_B);
bcal_cipher_dec(block, &(ctx->cctx));
memxor(block, ctx->prev_block, ctx->blocksize_B);
memcpy(ctx->prev_block, tmp, ctx->blocksize_B);
}
void bcal_cbc_decRand(void* block, const void* prev_block, bcal_cbc_ctx_t* ctx){
bcal_cipher_dec(block, &(ctx->cctx));
memxor(block, prev_block, ctx->blocksize_B);
}
void bcal_cbc_encMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cbc_ctx_t* ctx){
bcal_cbc_loadIV(iv, ctx);
while(msg_blocks--){
bcal_cbc_encNext(msg, ctx);
msg = (uint8_t*)msg + ctx->blocksize_B;
}
}
void bcal_cbc_decMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cbc_ctx_t* ctx){
msg=(uint8_t*)msg + (msg_blocks-1)*ctx->blocksize_B;
while(msg_blocks > 1){
bcal_cbc_decRand(msg, (uint8_t*)msg-ctx->blocksize_B, ctx);
msg_blocks -= 1;
msg=(uint8_t*)msg-ctx->blocksize_B;
}
bcal_cbc_decRand(msg, iv, ctx);
}

44
bcal-cbc.h
View File

@ -1,44 +0,0 @@
/* bcal-cbc.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BCALCBC_H_
#define BCALCBC_H_
#include <stdint.h>
#include "blockcipher_descriptor.h"
#include "bcal-basic.h"
typedef struct{
bcdesc_t* desc;
bcgen_ctx_t cctx;
uint8_t* prev_block;
uint8_t blocksize_B;
} bcal_cbc_ctx_t;
uint8_t bcal_cbc_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_cbc_ctx_t* ctx);
void bcal_cbc_free(bcal_cbc_ctx_t* ctx);
void bcal_cbc_loadIV(const void* iv, bcal_cbc_ctx_t* ctx);
void bcal_cbc_encNext(void* block, bcal_cbc_ctx_t* ctx);
void bcal_cbc_decNext(void* block, bcal_cbc_ctx_t* ctx);
void bcal_cbc_decRand(void* block, const void* prev_block, bcal_cbc_ctx_t* ctx);
void bcal_cbc_encMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cbc_ctx_t* ctx);
void bcal_cbc_decMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cbc_ctx_t* ctx);
#endif /* BCALCBC_H_ */

128
bcal-cfb_bit.c
View File

@ -1,128 +0,0 @@
/* bcal-cfb_bit.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdint.h>
#include <string.h>
#include "bcal-cfb_bit.h"
#include "bcal-basic.h"
static uint8_t read_bit(void* block, uint32_t index){
uint8_t r;
r=((uint8_t*)block)[index/8];
r=(r&(0x80>>(index&7)))?0xff:0x00;
return r;
}
static void write_bit(void* block, uint32_t index, uint8_t value){
if(value){
/* set bit */
((uint8_t*)block)[index/8] |= 0x80>>(index&7);
}else{
/* clear bit */
((uint8_t*)block)[index/8] &= ~(0x80>>(index&7));
}
}
uint8_t bcal_cfb_b_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, uint16_t size_b, bcal_cfb_b_ctx_t* ctx){
ctx->desc = (bcdesc_t*)desc;
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
ctx->in_block=malloc(ctx->blocksize_B);
if(ctx->in_block==NULL){
return 0x11;
}
if(size_b>bcal_cipher_getBlocksize_b(desc)){
return 0x12;
}
ctx->size_b = size_b;
return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
}
void bcal_cfb_b_free(bcal_cfb_b_ctx_t* ctx){
free(ctx->in_block);
bcal_cipher_free(&(ctx->cctx));
}
void bcal_cfb_b_loadIV(const void* iv, bcal_cfb_b_ctx_t* ctx){
if(iv){
memcpy(ctx->in_block, iv, ctx->blocksize_B);
}
}
void bcal_cfb_b_encNext(void* block, uint8_t offset, bcal_cfb_b_ctx_t* ctx){
uint8_t tmp[ctx->blocksize_B];
offset &= 7;
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
bcal_cipher_enc(tmp, &(ctx->cctx));
uint16_t i,j;
uint8_t a;
for(i=0; i<ctx->blocksize_B*8-ctx->size_b; ++i){
a = read_bit(ctx->in_block, i+ctx->size_b);
write_bit(ctx->in_block, i, a);
}
for(j=offset,i=0; i<ctx->size_b; ++i, ++j){
a = read_bit(tmp, i) ^ read_bit(block, j);
write_bit(ctx->in_block, ctx->blocksize_B*8-ctx->size_b+i, a);
write_bit(block, j, a);
}
}
void bcal_cfb_b_decNext(void* block, uint8_t offset, bcal_cfb_b_ctx_t* ctx){
uint8_t tmp[ctx->blocksize_B];
offset &= 7;
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
bcal_cipher_enc(tmp, &(ctx->cctx));
uint16_t i,j;
uint8_t a,b;
for(i=0; i<ctx->blocksize_B*8-ctx->size_b; ++i){
a = read_bit(ctx->in_block, i+ctx->size_b);
write_bit(ctx->in_block, i, a);
}
for(j=offset,i=0; i<ctx->size_b; ++i, ++j){
a = read_bit(tmp, i);
b = read_bit(block, j);
a ^= b;
write_bit(ctx->in_block, ctx->blocksize_B*8-ctx->size_b+i, b);
write_bit(block, j, a);
}
}
void bcal_cfb_b_encMsg(const void* iv, void* msg, uint8_t offset, uint32_t msg_blocks, bcal_cfb_b_ctx_t* ctx){
bcal_cfb_b_loadIV(iv, ctx);
uint32_t addr;
addr = ((uint16_t)msg)*8+offset;
while(msg_blocks--){
msg = (void*)((uint16_t)(addr/8));
offset = addr&7;
bcal_cfb_b_encNext(msg, offset, ctx);
addr += ctx->size_b;
}
}
void bcal_cfb_b_decMsg(const void* iv, void* msg, uint8_t offset, uint32_t msg_blocks, bcal_cfb_b_ctx_t* ctx){
bcal_cfb_b_loadIV(iv, ctx);
uint32_t addr;
addr = ((uint16_t)msg)*8+offset;
while(msg_blocks--){
msg = (void*)((uint16_t)(addr/8));
offset = addr&7;
bcal_cfb_b_decNext(msg, offset, ctx);
addr += ctx->size_b;
}
}

47
bcal-cfb_bit.h
View File

@ -1,47 +0,0 @@
/* bcal-cfb_bit.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BCALCFB_BIT_H_
#define BCALCFB_BIT_H_
#include <stdint.h>
#include "bcal-basic.h"
#include "blockcipher_descriptor.h"
typedef struct{
bcdesc_t* desc;
bcgen_ctx_t cctx;
uint8_t* in_block;
uint8_t blocksize_B;
uint16_t size_b;
} bcal_cfb_b_ctx_t;
uint8_t bcal_cfb_b_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, uint16_t size_b, bcal_cfb_b_ctx_t* ctx);
void bcal_cfb_b_free(bcal_cfb_b_ctx_t* ctx);
void bcal_cfb_b_loadIV(const void* iv, bcal_cfb_b_ctx_t* ctx);
void bcal_cfb_b_encNext(void* block, uint8_t offset, bcal_cfb_b_ctx_t* ctx);
void bcal_cfb_b_decNext(void* block, uint8_t offset, bcal_cfb_b_ctx_t* ctx);
void bcal_cfb_b_encMsg(const void* iv, void* msg, uint8_t offset, uint32_t msg_blocks, bcal_cfb_b_ctx_t* ctx);
void bcal_cfb_b_decMsg(const void* iv, void* msg, uint8_t offset, uint32_t msg_blocks, bcal_cfb_b_ctx_t* ctx);
#endif /* BCALCFB_BIT_H_ */

88
bcal-cfb_byte.c
View File

@ -1,88 +0,0 @@
/* bcal-cfb_byte.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdint.h>
#include <string.h>
#include "bcal-cfb_byte.h"
#include "bcal-basic.h"
#include "memxor.h"
uint8_t bcal_cfb_B_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, uint16_t size_b, bcal_cfb_B_ctx_t* ctx){
ctx->desc = (bcdesc_t*)desc;
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
ctx->in_block=malloc(ctx->blocksize_B);
if(ctx->in_block==NULL){
return 0x11;
}
if(size_b&7){
return 0x12;
}
ctx->size_B = size_b/8;
return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
}
void bcal_cfb_B_free(bcal_cfb_B_ctx_t* ctx){
free(ctx->in_block);
bcal_cipher_free(&(ctx->cctx));
}
void bcal_cfb_B_loadIV(const void* iv, bcal_cfb_B_ctx_t* ctx){
if(iv){
memcpy(ctx->in_block, iv, ctx->blocksize_B);
}
}
void bcal_cfb_B_encNext(void* block, bcal_cfb_B_ctx_t* ctx){
uint8_t tmp[ctx->blocksize_B];
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
bcal_cipher_enc(tmp, &(ctx->cctx));
memxor(block, tmp, ctx->size_B);
memmove(ctx->in_block, ctx->in_block+ctx->size_B, ctx->blocksize_B - ctx->size_B);
memcpy(ctx->in_block+ctx->blocksize_B-ctx->size_B, block, ctx->size_B);
}
void bcal_cfb_B_decNext(void* block, bcal_cfb_B_ctx_t* ctx){
uint8_t tmp[ctx->blocksize_B];
uint8_t xblock[ctx->size_B];
memcpy(xblock, block, ctx->size_B);
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
bcal_cipher_enc(tmp, &(ctx->cctx));
memxor(block, tmp, ctx->size_B);
memmove(ctx->in_block, ctx->in_block+ctx->size_B, ctx->blocksize_B - ctx->size_B);
memcpy(ctx->in_block+ctx->blocksize_B-ctx->size_B, xblock, ctx->size_B);
}
void bcal_cfb_B_encMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cfb_B_ctx_t* ctx){
bcal_cfb_B_loadIV(iv, ctx);
while(msg_blocks--){
bcal_cfb_B_encNext(msg, ctx);
msg = (uint8_t*)msg+ctx->size_B;
}
}
void bcal_cfb_B_decMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cfb_B_ctx_t* ctx){
bcal_cfb_B_loadIV(iv, ctx);
while(msg_blocks--){
bcal_cfb_B_decNext(msg, ctx);
msg = (uint8_t*)msg+ctx->size_B;
}
}

46
bcal-cfb_byte.h
View File

@ -1,46 +0,0 @@
/* bcal-cbc.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BCALCFB_BYTE_H_
#define BCALCFB_BYTE_H_
#include <stdint.h>
#include "bcal-basic.h"
#include "blockcipher_descriptor.h"
typedef struct{
bcdesc_t* desc;
bcgen_ctx_t cctx;
uint8_t* in_block;
uint8_t blocksize_B;
uint8_t size_B;
} bcal_cfb_B_ctx_t;
uint8_t bcal_cfb_B_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, uint16_t size_b, bcal_cfb_B_ctx_t* ctx);
void bcal_cfb_B_free(bcal_cfb_B_ctx_t* ctx);
void bcal_cfb_B_loadIV(const void* iv, bcal_cfb_B_ctx_t* ctx);
void bcal_cfb_B_encNext(void* block, bcal_cfb_B_ctx_t* ctx);
void bcal_cfb_B_decNext(void* block, bcal_cfb_B_ctx_t* ctx);
void bcal_cfb_B_encMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cfb_B_ctx_t* ctx);
void bcal_cfb_B_decMsg(const void* iv, void* msg, uint16_t msg_blocks, bcal_cfb_B_ctx_t* ctx);
#endif /* BCALCFB_BYTE_H_ */

152
bcal-cmac.c
View File

@ -1,152 +0,0 @@
/* bcal-omac.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdint.h>
#include <string.h>
#include "bcal-basic.h"
#include "bcal-cmac.h"
#include "memxor.h"
static uint8_t left_shift_be_block(void* block, uint8_t blocksize_B){
uint8_t c1=0, c2;
do{
--blocksize_B;
c2 = (((uint8_t*)block)[blocksize_B])>>7;
(((uint8_t*)block)[blocksize_B]) <<= 1;
(((uint8_t*)block)[blocksize_B]) |= c1;
c1 = c2;
}while(blocksize_B);
return c1;
}
static const uint8_t const_128 = 0x87;
static const uint8_t const_64 = 0x1b;
uint8_t bcal_cmac_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_cmac_ctx_t* ctx){
uint8_t r;
ctx->desc = (bcdesc_t*)desc;
ctx->blocksize_B = bcal_cipher_getBlocksize_b(desc)/8;
if (ctx->blocksize_B!=128/8 && ctx->blocksize_B!=64/8){
return 0x13;
}
ctx->accu = malloc(ctx->blocksize_B);
if(ctx->accu==NULL){
return 0x14;
}
ctx->k1 = malloc(ctx->blocksize_B);
if(ctx->k1==NULL){
return 0x15;
}
ctx->k2 = malloc(ctx->blocksize_B);
if(ctx->k2==NULL){
return 0x16;
}
ctx->lastblock = malloc(ctx->blocksize_B);
if(ctx->lastblock==NULL){
return 0x17;
}
r = bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
if(r){
return r;
}
if(ctx->blocksize_B==128/8){
r = const_128;
}else{
r = const_64;
}
/* subkey computation */
memset(ctx->accu, 0x00, ctx->blocksize_B);
memset(ctx->k1, 0x00, ctx->blocksize_B);
bcal_cipher_enc(ctx->k1, &(ctx->cctx));
if(left_shift_be_block(ctx->k1, ctx->blocksize_B)){
ctx->k1[ctx->blocksize_B-1] ^= r;
}
memcpy(ctx->k2, ctx->k1, ctx->blocksize_B);
if(left_shift_be_block(ctx->k2, ctx->blocksize_B)){
ctx->k2[ctx->blocksize_B-1] ^= r;
}
ctx->last_set=0;
return 0;
}
void bcal_cmac_free(bcal_cmac_ctx_t* ctx){
free(ctx->accu);
free(ctx->k1);
free(ctx->k2);
bcal_cipher_free(&(ctx->cctx));
}
void bcal_cmac_nextBlock (bcal_cmac_ctx_t* ctx, const void* block){
if(ctx->last_set){
memxor(ctx->accu, ctx->lastblock, ctx->blocksize_B);
bcal_cipher_enc(ctx->accu, &(ctx->cctx));
}
memcpy(ctx->lastblock, block, ctx->blocksize_B);
ctx->last_set=1;
}
void bcal_cmac_lastBlock(bcal_cmac_ctx_t* ctx, const void* block, uint16_t length_b){
uint16_t blocksize_b;
blocksize_b = ctx->blocksize_B*8;
while(length_b>=blocksize_b){
bcal_cmac_nextBlock(ctx, block);
block = (uint8_t*)block + ctx->blocksize_B;
length_b -= blocksize_b;
}
if(ctx->last_set==0){
memxor(ctx->accu, block, (length_b+7)/8);
memxor(ctx->accu, ctx->k2, ctx->blocksize_B);
ctx->accu[length_b/8] ^= 0x80>>(length_b&7);
}else{
if(length_b==0){
memxor(ctx->accu, ctx->lastblock, ctx->blocksize_B);
memxor(ctx->accu, ctx->k1, ctx->blocksize_B);
}else{
memxor(ctx->accu, ctx->lastblock, ctx->blocksize_B);
bcal_cipher_enc(ctx->accu, &(ctx->cctx));
memxor(ctx->accu, block, (length_b+7)/8);
memxor(ctx->accu, ctx->k2, ctx->blocksize_B);
ctx->accu[length_b/8] ^= 0x80>>(length_b&7);
}
}
bcal_cipher_enc(ctx->accu, &(ctx->cctx));
}
void bcal_cmac_ctx2mac(void* dest, uint16_t length_b, const bcal_cmac_ctx_t* ctx){
memcpy(dest, ctx->accu, length_b/8);
if(length_b&7){
((uint8_t*)dest)[length_b/8] &= 0xff>>(length_b&7);
((uint8_t*)dest)[length_b/8] |= (0xff00>>(length_b&7))&(ctx->accu[length_b/8]);
}
}
void bcal_cmac(void* dest, uint16_t out_length_b, const void* block, uint32_t length_b, bcal_cmac_ctx_t* ctx){
uint16_t blocksize_b;
blocksize_b = ctx->blocksize_B*8;
while(length_b>blocksize_b){
bcal_cmac_nextBlock(ctx, block);
block = (uint8_t*)block + ctx->blocksize_B;
length_b -= blocksize_b;
}
bcal_cmac_lastBlock(ctx, block, length_b);
bcal_cmac_ctx2mac(dest, out_length_b, ctx);
}

45
bcal-cmac.h
View File

@ -1,45 +0,0 @@
/* bcal-cmac.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BCALCMAC_H_
#define BCALCMAC_H_
#include <stdint.h>
#include "bcal-basic.h"
#include "blockcipher_descriptor.h"
typedef struct{
bcdesc_t* desc;
bcgen_ctx_t cctx;
uint8_t* accu;
uint8_t* k1;
uint8_t* k2;
uint8_t* lastblock;
uint8_t last_set;
uint8_t blocksize_B;
} bcal_cmac_ctx_t;
uint8_t bcal_cmac_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_cmac_ctx_t* ctx);
void bcal_cmac_free(bcal_cmac_ctx_t* ctx);
void bcal_cmac_nextBlock(bcal_cmac_ctx_t* ctx, const void* block);
void bcal_cmac_lastBlock(bcal_cmac_ctx_t* ctx, const void* block, uint16_t length_b);
void bcal_cmac_ctx2mac(void* dest, uint16_t length_b, const bcal_cmac_ctx_t* ctx);
void bcal_cmac(void* dest, uint16_t out_length_b, const void* block, uint32_t length_b, bcal_cmac_ctx_t* ctx);
#endif /* BCALCMAC_H_ */

95
bcal-ctr.c
View File

@ -1,95 +0,0 @@
/* bcal-ctr.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdint.h>
#include <string.h>
#include "bcal-basic.h"
#include "bcal-ctr.h"
#include "memxor.h"
static void increment_be(void* block, uint8_t size_B){
uint16_t c=1;
do{
--size_B;
c += ((uint8_t*)block)[size_B];
((uint8_t*)block)[size_B] = (uint8_t)c;
c>>=8;
}while(size_B);
}
uint8_t bcal_ctr_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, inc_fp_t inc_func, bcal_ctr_ctx_t* ctx){
ctx->desc = (bcdesc_t*)desc;
if(inc_func){
ctx->inc_func = inc_func;
}else{
ctx->inc_func = increment_be;
}
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
ctx->in_block=malloc(ctx->blocksize_B);
if(ctx->in_block==NULL){
return 0x11;
}
return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
}
void bcal_ctr_free(bcal_ctr_ctx_t* ctx){
free(ctx->in_block);
bcal_cipher_free(&(ctx->cctx));
}
void bcal_ctr_loadIV(const void* iv, bcal_ctr_ctx_t* ctx){
if(iv){
memcpy(ctx->in_block, iv, ctx->blocksize_B);
}
}
void bcal_ctr_encNext(void* block, bcal_ctr_ctx_t* ctx){
uint8_t tmp[ctx->blocksize_B];
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
bcal_cipher_enc(tmp, &(ctx->cctx));
memxor(block, tmp, ctx->blocksize_B);
ctx->inc_func(ctx->in_block, ctx->blocksize_B);
}
void bcal_ctr_decNext(void* block, bcal_ctr_ctx_t* ctx){
bcal_ctr_encNext(block, ctx);
}
void bcal_ctr_encMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ctr_ctx_t* ctx){
bcal_ctr_loadIV(iv, ctx);
uint16_t blocksize_b;
blocksize_b = ctx->blocksize_B*8;
while(msg_len_b>blocksize_b){
bcal_ctr_encNext(msg, ctx);
msg_len_b -= blocksize_b;
msg = (uint8_t*)msg + ctx->blocksize_B;
}
uint8_t tmp[ctx->blocksize_B];
memcpy(tmp, ctx->in_block, ctx->blocksize_B);
bcal_cipher_enc(tmp, &(ctx->cctx));
ctx->inc_func(ctx->in_block, ctx->blocksize_B);
tmp[msg_len_b/8] = 0xff00>>(msg_len_b&7);
memxor(msg, tmp, (msg_len_b+7)/8);
}
void bcal_ctr_decMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ctr_ctx_t* ctx){
bcal_ctr_encMsg(iv, msg, msg_len_b, ctx);
}

45
bcal-ctr.h
View File

@ -1,45 +0,0 @@
/* bcal-ctr.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BCALCTR_H_
#define BCALCTR_H_
#include <stdint.h>
#include "bcal-basic.h"
#include "blockcipher_descriptor.h"
typedef void(*inc_fp_t)(void* block, uint8_t size_B);
typedef struct{
bcdesc_t* desc;
bcgen_ctx_t cctx;
uint8_t* in_block;
inc_fp_t inc_func;
uint8_t blocksize_B;
} bcal_ctr_ctx_t;
uint8_t bcal_ctr_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, inc_fp_t inc_func, bcal_ctr_ctx_t* ctx);
void bcal_ctr_free(bcal_ctr_ctx_t* ctx);
void bcal_ctr_loadIV(const void* iv, bcal_ctr_ctx_t* ctx);
void bcal_ctr_encNext(void* block, bcal_ctr_ctx_t* ctx);
void bcal_ctr_decNext(void* block, bcal_ctr_ctx_t* ctx);
void bcal_ctr_encMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ctr_ctx_t* ctx);
void bcal_ctr_decMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ctr_ctx_t* ctx);
#endif /* BCALCTR_H_ */

119
bcal-eax.c
View File

@ -1,119 +0,0 @@
/* bca-eax.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdint.h>
#include "bcal-basic.h"
#include "blockcipher_descriptor.h"
#include "bcal-cmac.h"
#include "bcal-ctr.h"
#include "bcal-eax.h"
#include "memxor.h"
uint8_t bcal_eax_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_eax_ctx_t* ctx){
uint8_t r;
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
ctx->nonce = malloc(ctx->blocksize_B);
if(ctx->nonce==NULL){
return 0x81;
}
r = bcal_cmac_init(desc, key, keysize_b, &(ctx->ctag));
if(r){
return r;
}
r = bcal_cmac_init(desc, key, keysize_b, &(ctx->htag));
if(r){
return (r|0x10);
}
r = bcal_cmac_init(desc, key, keysize_b, &(ctx->ntag));
if(r){
return (r|0x20);
}
r = bcal_ctr_init(desc, key, keysize_b, NULL, &(ctx->cipher));
if(r){
return (r|0x30);
}
ctx->header_set=0;
uint8_t tmp[ctx->blocksize_B];
memset(tmp, 0, ctx->blocksize_B);
bcal_cmac_nextBlock(&(ctx->ntag), tmp);
tmp[ctx->blocksize_B-1]=1;
bcal_cmac_nextBlock(&(ctx->htag), tmp);
tmp[ctx->blocksize_B-1]=2;
bcal_cmac_nextBlock(&(ctx->ctag), tmp);
return 0;
}
void bcal_eax_free(bcal_eax_ctx_t* ctx){
bcal_ctr_free(&(ctx->cipher));
bcal_cmac_free(&(ctx->ctag));
bcal_cmac_free(&(ctx->htag));
bcal_cmac_free(&(ctx->ntag));
free(ctx->nonce);
}
void bcal_eax_loadNonce(const void* nonce, uint16_t length_b, bcal_eax_ctx_t* ctx){
bcal_cmac_lastBlock(&(ctx->ntag), nonce, length_b);
bcal_cmac_ctx2mac(ctx->nonce, ctx->blocksize_B*8, &(ctx->ntag));
bcal_ctr_loadIV(ctx->nonce, &(ctx->cipher));
}
void bcal_eax_addNextHeader(const void* header, bcal_eax_ctx_t* ctx){
bcal_cmac_nextBlock(&(ctx->htag), header);
}
void bcal_eax_addLastHeader(const void* header, uint16_t length_b, bcal_eax_ctx_t* ctx){
bcal_cmac_lastBlock(&(ctx->htag), header, length_b);
ctx->header_set = 1;
}
void bcal_eax_encNextBlock(void* block, bcal_eax_ctx_t* ctx){
bcal_ctr_encNext(block, &(ctx->cipher));
bcal_cmac_nextBlock(&(ctx->ctag), block);
}
void bcal_eax_encLastBlock(void* block, uint16_t length_b, bcal_eax_ctx_t* ctx){
bcal_ctr_encMsg(NULL, block, length_b, &(ctx->cipher));
bcal_cmac_lastBlock(&(ctx->ctag), block, length_b);
}
void bcal_eax_decNextBlock(void* block, bcal_eax_ctx_t* ctx){
bcal_cmac_nextBlock(&(ctx->ctag), block);
bcal_ctr_decNext(block, &(ctx->cipher));
}
void bcal_eax_decLastBlock(void* block, uint16_t length_b, bcal_eax_ctx_t* ctx){
bcal_cmac_lastBlock(&(ctx->ctag), block, length_b);
bcal_ctr_decMsg(NULL, block, length_b, &(ctx->cipher));
}
void bcal_eax_ctx2tag(void* dest, uint16_t length_b, bcal_eax_ctx_t* ctx){
uint8_t tmp[ctx->blocksize_B];
if(ctx->header_set==0){
bcal_cmac_lastBlock(&(ctx->htag), NULL, 0);
}
bcal_cmac_ctx2mac(tmp, ctx->blocksize_B*8, &(ctx->htag));
memxor(ctx->nonce, tmp, ctx->blocksize_B);
bcal_cmac_ctx2mac(tmp, ctx->blocksize_B*8, &(ctx->ctag));
memxor(ctx->nonce, tmp, ctx->blocksize_B);
memcpy(dest, ctx->nonce, (length_b+7)/8);
}

53
bcal-eax.h
View File

@ -1,53 +0,0 @@
/* bcal-eax.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BCALEAX_H_
#define BCALEAX_H_
#include <stdint.h>
#include <string.h>
#include "bcal-basic.h"
#include "blockcipher_descriptor.h"
#include "bcal-cmac.h"
#include "bcal-ctr.h"
typedef struct{
uint8_t* nonce;
bcal_cmac_ctx_t ntag;
bcal_cmac_ctx_t ctag;
bcal_cmac_ctx_t htag;
bcal_ctr_ctx_t cipher;
uint8_t blocksize_B;
uint8_t header_set;
} bcal_eax_ctx_t;
uint8_t bcal_eax_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_eax_ctx_t* ctx);
void bcal_eax_free(bcal_eax_ctx_t* ctx);
void bcal_eax_loadNonce(const void* nonce, uint16_t length_b, bcal_eax_ctx_t* ctx);
void bcal_eax_addNextHeader(const void* header, bcal_eax_ctx_t* ctx);
void bcal_eax_addLastHeader(const void* header, uint16_t length_b, bcal_eax_ctx_t* ctx);
void bcal_eax_encNextBlock(void* block, bcal_eax_ctx_t* ctx);
void bcal_eax_encLastBlock(void* block, uint16_t length_b, bcal_eax_ctx_t* ctx);
void bcal_eax_decNextBlock(void* block, bcal_eax_ctx_t* ctx);
void bcal_eax_decLastBlock(void* block, uint16_t length_b, bcal_eax_ctx_t* ctx);
void bcal_eax_ctx2tag(void* dest, uint16_t length_b, bcal_eax_ctx_t* ctx);
//void bcal_eax(void* dest, uint16_t out_length_b, const void* block, uint32_t length_b, bcal_eax_ctx_t* ctx);
#endif /* BCALEAX_H_ */

76
bcal-ofb.c
View File

@ -1,76 +0,0 @@
/* bcal-ofb.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdint.h>
#include <string.h>
#include "bcal-ofb.h"
#include "bcal-basic.h"
#include "memxor.h"
uint8_t bcal_ofb_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_ofb_ctx_t* ctx){
ctx->desc = (bcdesc_t*)desc;
ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
ctx->in_block=malloc(ctx->blocksize_B);
if(ctx->in_block==NULL){
return 0x11;
}
return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
}
void bcal_ofb_free(bcal_ofb_ctx_t* ctx){
free(ctx->in_block);
bcal_cipher_free(&(ctx->cctx));
}
void bcal_ofb_loadIV(const void* iv, bcal_ofb_ctx_t* ctx){
if(iv){
memcpy(ctx->in_block, iv, ctx->blocksize_B);
}
}
void bcal_ofb_encNext(void* block, bcal_ofb_ctx_t* ctx){
bcal_cipher_enc(ctx->in_block , &(ctx->cctx));
memxor(block, ctx->in_block, ctx->blocksize_B);
}
void bcal_ofb_decNext(void* block, bcal_ofb_ctx_t* ctx){
bcal_cipher_enc(ctx->in_block , &(ctx->cctx));
memxor(block, ctx->in_block, ctx->blocksize_B);
}
void bcal_ofb_encMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ofb_ctx_t* ctx){
uint16_t block_len_b;
block_len_b = ctx->blocksize_B*8;
bcal_ofb_loadIV(iv, ctx);
while(msg_len_b>block_len_b){
bcal_ofb_encNext(msg, ctx);
msg_len_b -= block_len_b;
msg = (uint8_t*)msg + ctx->blocksize_B;
}
bcal_cipher_enc(ctx->in_block, &(ctx->cctx));
ctx->in_block[msg_len_b/8] = 0xff00>>(msg_len_b&7);
memxor(msg, ctx->in_block, (msg_len_b+7)/8);
}
void bcal_ofb_decMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ofb_ctx_t* ctx){
bcal_ofb_encMsg(iv, msg, msg_len_b, ctx);
}

46
bcal-ofb.h
View File

@ -1,46 +0,0 @@
/* bcal-ofb.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BCALOFB_H_
#define BCALOFB_H_
#include <stdint.h>
#include "bcal-basic.h"
#include "blockcipher_descriptor.h"
typedef struct{
bcdesc_t* desc;
bcgen_ctx_t cctx;
uint8_t* in_block;
uint8_t blocksize_B;
} bcal_ofb_ctx_t;
uint8_t bcal_ofb_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_ofb_ctx_t* ctx);
void bcal_ofb_free(bcal_ofb_ctx_t* ctx);
void bcal_ofb_loadIV(const void* iv, bcal_ofb_ctx_t* ctx);
void bcal_ofb_encNext(void* block, bcal_ofb_ctx_t* ctx);
void bcal_ofb_decNext(void* block, bcal_ofb_ctx_t* ctx);
void bcal_ofb_encMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ofb_ctx_t* ctx);
void bcal_ofb_decMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ofb_ctx_t* ctx);
#endif /* BCALOFB_H_ */

225
bcal-performance.c
View File

@ -1,225 +0,0 @@
/* bcal-performance.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*
* \file bcal-performance.c
* \author Daniel Otte
* \email daniel.otte@rub.de
* \date 2010-02-16
* \license GPLv3 or later
*
*/
#include "bcal-performance.h"
#include "keysize_descriptor.h"
#include "blockcipher_descriptor.h"
#include "performance_test.h"
#include "stack_measuring.h"
#include "cli.h"
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include <avr/pgmspace.h>
#define PATTERN_A 0xAA
#define PATTERN_B 0x55
static
void printvalue(unsigned long v){
char str[20];
int i;
ultoa(v, str, 10);
for(i=0; i<10-strlen(str); ++i){
cli_putc(' ');
}
cli_putstr(str);
}
void bcal_performance(const bcdesc_t* bcd){
bcdesc_t bc;
memcpy_P(&bc, bcd, sizeof(bcdesc_t));
uint8_t ctx[bc.ctxsize_B];
uint8_t data[(bc.blocksize_b+7)/8];
uint16_t keysize = get_keysize(bc.valid_keysize_desc);
uint8_t key[(keysize+7)/8];
uint64_t t;
uint8_t i;
if(bc.type!=BCDESC_TYPE_BLOCKCIPHER)
return;
calibrateTimer();
print_overhead();
cli_putstr_P(PSTR("\r\n\r\n === "));
cli_putstr_P(bc.name);
cli_putstr_P(PSTR(" performance === "
"\r\n type: blockcipher"
"\r\n keysize (bits): "));
printvalue(keysize);
cli_putstr_P(PSTR("\r\n ctxsize (bytes): "));
printvalue(bc.ctxsize_B);
cli_putstr_P(PSTR("\r\n blocksize (bits): "));
printvalue(bc.blocksize_b);
t=0;
if(bc.init.init1){
if((bc.flags&BC_INIT_TYPE)==BC_INIT_TYPE_1){
for(i=0; i<32; ++i){
startTimer(0);
START_TIMER;
(bc.init.init1)(key, &ctx);
STOP_TIMER;
t += stopTimer();
if(i!=31 && bc.free){
bc.free(&ctx);
}
}
} else {
for(i=0; i<32; ++i){
startTimer(0);
START_TIMER;
(bc.init.init2)(key, keysize, &ctx);
STOP_TIMER;
t += stopTimer();
if(i!=31 && bc.free){
bc.free(&ctx);
}
}
}
t>>=5;
cli_putstr_P(PSTR("\r\n init (cycles): "));
printvalue(t);
}
t=0;
for(i=0; i<32; ++i){
startTimer(0);
START_TIMER;
bc.enc.enc1(data, &ctx);
STOP_TIMER;
t += stopTimer();
}
t>>=5;
cli_putstr_P(PSTR("\r\n encrypt (cycles): "));
printvalue(t);
t=0;
for(i=0; i<32; ++i){
startTimer(0);
START_TIMER;
bc.dec.dec1(data, &ctx);
STOP_TIMER;
t += stopTimer();
}
t>>=5;
cli_putstr_P(PSTR("\r\n decrypt (cycles): "));
printvalue(t);
if(bc.free){
bc.free(&ctx);
}
}
void bcal_stacksize(const bcdesc_t* bcd){
bcdesc_t bc;
stack_measuring_ctx_t smctx;
memcpy_P(&bc, bcd, sizeof(bcdesc_t));
uint8_t ctx[bc.ctxsize_B];
uint8_t data[(bc.blocksize_b+7)/8];
uint16_t keysize = get_keysize(bc.valid_keysize_desc);
uint8_t key[(keysize+7)/8];
uint16_t t1, t2;
if(bc.type!=BCDESC_TYPE_BLOCKCIPHER)
return;
cli_putstr_P(PSTR("\r\n\r\n === "));
cli_putstr_P(bc.name);
cli_putstr_P(PSTR(" stack-usage === "));
if(bc.init.init1){
if((bc.flags&BC_INIT_TYPE)==BC_INIT_TYPE_1){
cli();
stack_measure_init(&smctx, PATTERN_A);
bc.init.init1(&ctx, key);
t1 = stack_measure_final(&smctx);
stack_measure_init(&smctx, PATTERN_B);
bc.init.init1(&ctx, key);
t2 = stack_measure_final(&smctx);
sei();
} else {
cli();
stack_measure_init(&smctx, PATTERN_A);
bc.init.init2(&ctx, keysize, key);
t1 = stack_measure_final(&smctx);
stack_measure_init(&smctx, PATTERN_B);
bc.init.init2(&ctx, keysize, key);
t2 = stack_measure_final(&smctx);
sei();
}
t1 = (t1>t2)?t1:t2;
cli_putstr_P(PSTR("\r\n init (bytes): "));
printvalue((unsigned long)t1);
}
cli();
stack_measure_init(&smctx, PATTERN_A);
bc.enc.enc1(data, &ctx);
t1 = stack_measure_final(&smctx);
stack_measure_init(&smctx, PATTERN_B);
bc.enc.enc1(data, &ctx);
t2 = stack_measure_final(&smctx);
sei();
t1 = (t1>t2)?t1:t2;
cli_putstr_P(PSTR("\r\n encBlock (bytes): "));
printvalue((unsigned long)t1);
cli();
stack_measure_init(&smctx, PATTERN_A);
bc.dec.dec1(data, &ctx);
t1 = stack_measure_final(&smctx);
stack_measure_init(&smctx, PATTERN_B);
bc.dec.dec1(data, &ctx);
t2 = stack_measure_final(&smctx);
sei();
t1 = (t1>t2)?t1:t2;
cli_putstr_P(PSTR("\r\n decBlock (bytes): "));
printvalue((unsigned long)t1);
if(bc.free){
bc.free(&ctx);
}
}
void bcal_performance_multiple(const bcdesc_t** bcd_list){
const bcdesc_t* bcd;
for(;;){
bcd = (void*)pgm_read_word(bcd_list);
if(!bcd){
cli_putstr_P(PSTR("\r\n\r\n End of performance figures\r\n"));
return;
}
bcal_performance(bcd);
bcal_stacksize(bcd);
bcd_list = (void*)((uint8_t*)bcd_list + 2);
}
}

38
bcal-performance.h
View File

@ -1,38 +0,0 @@
/* bcal-performance.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*
* \file bcal-performance.h
* \author Daniel Otte
* \email daniel.otte@rub.de
* \date 2010-02-16
* \license GPLv3 or later
*
*/
#ifndef BCAL_PERFORMANCE_H_
#define BCAL_PERFORMANCE_H_
#include "blockcipher_descriptor.h"
void bcal_performance(const bcdesc_t* hd);
void bcal_performance_multiple(const bcdesc_t** hd_list);
#endif /* BCAL_PERFORMANCE_H_ */

55
bcal_aes128.c
View File

@ -1,55 +0,0 @@
/* bcal_aes128.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_aes128.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-08
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "aes.h"
#include "aes128_enc.h"
#include "aes128_dec.h"
#include "aes_keyschedule.h"
#include "keysize_descriptor.h"
const char aes128_str[] PROGMEM = "AES-128";
const uint8_t aes128_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(128),
KS_TYPE_TERMINATOR };
const bcdesc_t aes128_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_1,
aes128_str,
sizeof(aes128_ctx_t),
128,
{(void_fpt)aes128_init},
{(void_fpt)aes128_enc},
{(void_fpt)aes128_dec},
(bc_free_fpt)NULL,
aes128_keysize_desc
};

35
bcal_aes128.h
View File

@ -1,35 +0,0 @@
/* bcal_aes128.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_aes128.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-08
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "aes.h"
#include "aes128_enc.h"
#include "aes128_dec.h"
#include "keysize_descriptor.h"
extern const bcdesc_t aes128_desc;

55
bcal_aes192.c
View File

@ -1,55 +0,0 @@
/* bcal_aes192.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_aes192.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-08
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "aes.h"
#include "aes192_enc.h"
#include "aes192_dec.h"
#include "aes_keyschedule.h"
#include "keysize_descriptor.h"
const char aes192_str[] PROGMEM = "AES-192";
const uint8_t aes192_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(192),
KS_TYPE_TERMINATOR };
const bcdesc_t aes192_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_1,
aes192_str,
sizeof(aes192_ctx_t),
128,
{(void_fpt)aes192_init},
{(void_fpt)aes192_enc},
{(void_fpt)aes192_dec},
(bc_free_fpt)NULL,
aes192_keysize_desc
};

35
bcal_aes192.h
View File

@ -1,35 +0,0 @@
/* bcal_aes192.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_aes192.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-08
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "aes.h"
#include "aes192_enc.h"
#include "aes192_dec.h"
#include "keysize_descriptor.h"
extern const bcdesc_t aes192_desc;

55
bcal_aes256.c
View File

@ -1,55 +0,0 @@
/* bcal_aes256.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_aes256.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-08
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "aes.h"
#include "aes256_enc.h"
#include "aes256_dec.h"
#include "aes_keyschedule.h"
#include "keysize_descriptor.h"
const char aes256_str[] PROGMEM = "AES-256";
const uint8_t aes256_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(256),
KS_TYPE_TERMINATOR };
const bcdesc_t aes256_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_1,
aes256_str,
sizeof(aes256_ctx_t),
128,
{(void_fpt)aes256_init},
{(void_fpt)aes256_enc},
{(void_fpt)aes256_dec},
(bc_free_fpt)NULL,
aes256_keysize_desc
};

35
bcal_aes256.h
View File

@ -1,35 +0,0 @@
/* bcal_aes256.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_aes256.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-08
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "aes.h"
#include "aes256_enc.h"
#include "aes256_dec.h"
#include "keysize_descriptor.h"
extern const bcdesc_t aes256_desc;

52
bcal_camellia128.c
View File

@ -1,52 +0,0 @@
/* bcal_camellia128.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_camellia128.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "camellia.h"
#include "keysize_descriptor.h"
const char camellia128_str[] PROGMEM = "Camellia-128";
const uint8_t camellia128_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(128),
KS_TYPE_TERMINATOR };
const bcdesc_t camellia128_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_2,
camellia128_str,
sizeof(camellia128_ctx_t),
128,
{(void_fpt)camellia128_init},
{(void_fpt)camellia128_enc},
{(void_fpt)camellia128_dec},
(bc_free_fpt)NULL,
camellia128_keysize_desc
};

33
bcal_camellia128.h
View File

@ -1,33 +0,0 @@
/* bcal_camellia128.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_camellia128.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "camellia.h"
#include "keysize_descriptor.h"
extern const bcdesc_t camellia128_desc;

52
bcal_cast5.c
View File

@ -1,52 +0,0 @@
/* bcal_cast5.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_cast5.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "cast5.h"
#include "keysize_descriptor.h"
const char cast5_str[] PROGMEM = "CAST5";
const uint8_t cast5_keysize_desc[] PROGMEM = { KS_TYPE_RANGE, KS_INT(0), KS_INT(128),
KS_TYPE_TERMINATOR };
const bcdesc_t cast5_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_2,
cast5_str,
sizeof(cast5_ctx_t),
128,
{(void_fpt)cast5_init},
{(void_fpt)cast5_enc},
{(void_fpt)cast5_dec},
(bc_free_fpt)NULL,
cast5_keysize_desc
};

33
bcal_cast5.h
View File

@ -1,33 +0,0 @@
/* bcal_cast5.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_cast5.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "cast5.h"
#include "keysize_descriptor.h"
extern const bcdesc_t cast5_desc;

52
bcal_cast6.c
View File

@ -1,52 +0,0 @@
/* bcal_cast6.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_cast6.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-04-03
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "cast6.h"
#include "keysize_descriptor.h"
const char cast6_str[] PROGMEM = "CAST-256";
const uint8_t cast6_keysize_desc[] PROGMEM = { KS_TYPE_RANGE, KS_INT(0), KS_INT(256),
KS_TYPE_TERMINATOR };
const bcdesc_t cast6_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_2,
cast6_str,
sizeof(cast6_ctx_t),
128,
{(void_fpt)cast6_init},
{(void_fpt)cast6_enc},
{(void_fpt)cast6_dec},
(bc_free_fpt)NULL,
cast6_keysize_desc
};

33
bcal_cast6.h
View File

@ -1,33 +0,0 @@
/* bcal_cast6.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_cast6.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-04-03
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "cast6.h"
#include "keysize_descriptor.h"
extern const bcdesc_t cast6_desc;

61
bcal_des.c
View File

@ -1,61 +0,0 @@
/* bcal_des.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_des.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "des.h"
#include "keysize_descriptor.h"
const char des_str[] PROGMEM = "DES";
const uint8_t des_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(64),
KS_TYPE_TERMINATOR };
static
void des_dummy_enc(void* block, void* key){
des_enc(block, block, key);
}
static
void des_dummy_dec(void* block, void* key){
des_dec(block, block, key);
}
const bcdesc_t des_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_1,
des_str,
8,
128,
{(void_fpt)NULL},
{(void_fpt)des_dummy_enc},
{(void_fpt)des_dummy_dec},
(bc_free_fpt)NULL,
des_keysize_desc
};

33
bcal_des.h
View File

@ -1,33 +0,0 @@
/* bcal_des.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_des.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "des.h"
#include "keysize_descriptor.h"
extern const bcdesc_t des_desc;

41
bcal_noekeon.c
View File

@ -1,41 +0,0 @@
/* bcal_noekeon.c */
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "noekeon.h"
#include "keysize_descriptor.h"
const char noekeon_direct_str[] PROGMEM = "Noekeon-Direct";
const char noekeon_indirect_str[] PROGMEM = "Noekeon-Indirect";
const uint8_t noekeon_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(128),
KS_TYPE_TERMINATOR };
const bcdesc_t noekeon_direct_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_ENC_TYPE_1,
noekeon_direct_str,
16,
128,
{(void_fpt)NULL},
{(void_fpt)noekeon_enc},
{(void_fpt)noekeon_dec},
(bc_free_fpt)NULL,
noekeon_keysize_desc
};
const bcdesc_t noekeon_indirect_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_1 | BC_ENC_TYPE_1,
noekeon_indirect_str,
16,
128,
{(void_fpt)noekeon_init},
{(void_fpt)noekeon_enc},
{(void_fpt)noekeon_dec},
(bc_free_fpt)NULL,
noekeon_keysize_desc
};

10
bcal_noekeon.h
View File

@ -1,10 +0,0 @@
/* bcal_noekeon.h */
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "noekeon.h"
#include "keysize_descriptor.h"
extern const bcdesc_t noekeon_direct_desc;
extern const bcdesc_t noekeon_indirect_desc;

52
bcal_present.c
View File

@ -1,52 +0,0 @@
/* bcal_present.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_present.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "present.h"
#include "keysize_descriptor.h"
const char present_str[] PROGMEM = "Present";
const uint8_t present_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(80),
KS_TYPE_TERMINATOR };
const bcdesc_t present_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_2,
present_str,
sizeof(present_ctx_t),
64,
{(void_fpt)present_init},
{(void_fpt)present_enc},
{(void_fpt)present_dec},
(bc_free_fpt)NULL,
present_keysize_desc
};

33
bcal_present.h
View File

@ -1,33 +0,0 @@
/* bcal_present.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_present.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "present.h"
#include "keysize_descriptor.h"
extern const bcdesc_t present_desc;

59
bcal_rc5.c
View File

@ -1,59 +0,0 @@
/* bcal_rc5.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_rc5.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "rc5.h"
#include "keysize_descriptor.h"
#define RC5_ROUNDS 12
const char rc5_str[] PROGMEM = "RC5";
const uint8_t rc5_keysize_desc[] PROGMEM = { KS_TYPE_RANGE, KS_INT(1), KS_INT(2040),
KS_TYPE_TERMINATOR };
static
void rc5_dummy_init(void* key, uint16_t keysize_b, void* ctx){
rc5_init(key, keysize_b, RC5_ROUNDS, ctx);
}
const bcdesc_t rc5_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_2,
rc5_str,
sizeof(rc5_ctx_t),
128,
{(void_fpt)rc5_dummy_init},
{(void_fpt)rc5_enc},
{(void_fpt)rc5_dec},
(bc_free_fpt)rc5_free,
rc5_keysize_desc
};

33
bcal_rc5.h
View File

@ -1,33 +0,0 @@
/* bcal_rc5.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_rc5.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "rc5.h"
#include "keysize_descriptor.h"
extern const bcdesc_t rc5_desc;

52
bcal_rc6.c
View File

@ -1,52 +0,0 @@
/* bcal_rc6.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_rc6.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "rc6.h"
#include "keysize_descriptor.h"
const char rc6_str[] PROGMEM = "RC6";
const uint8_t rc6_keysize_desc[] PROGMEM = { KS_TYPE_RANGE, KS_INT(1), KS_INT(2040),
KS_TYPE_TERMINATOR };
const bcdesc_t rc6_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_2,
rc6_str,
sizeof(rc6_ctx_t),
128,
{(void_fpt)rc6_init},
{(void_fpt)rc6_enc},
{(void_fpt)rc6_dec},
(bc_free_fpt)rc6_free,
rc6_keysize_desc
};

33
bcal_rc6.h
View File

@ -1,33 +0,0 @@
/* bcal_rc6.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_rc6.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "rc6.h"
#include "keysize_descriptor.h"
extern const bcdesc_t rc6_desc;

52
bcal_seed.c
View File

@ -1,52 +0,0 @@
/* bcal_seed.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_seed.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "seed.h"
#include "keysize_descriptor.h"
const char seed_str[] PROGMEM = "SEED";
const uint8_t seed_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(128),
KS_TYPE_TERMINATOR };
const bcdesc_t seed_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_1,
seed_str,
sizeof(seed_ctx_t),
128,
{(void_fpt)seed_init},
{(void_fpt)seed_enc},
{(void_fpt)seed_dec},
(bc_free_fpt)NULL,
seed_keysize_desc
};

33
bcal_seed.h
View File

@ -1,33 +0,0 @@
/* bcal_seed.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_seed.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "seed.h"
#include "keysize_descriptor.h"
extern const bcdesc_t seed_desc;

52
bcal_serpent.c
View File

@ -1,52 +0,0 @@
/* bcal_serpent.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_serpent.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "serpent.h"
#include "keysize_descriptor.h"
const char serpent_str[] PROGMEM = "serpent";
const uint8_t serpent_keysize_desc[] PROGMEM = { KS_TYPE_RANGE, KS_INT(1), KS_INT(256),
KS_TYPE_TERMINATOR };
const bcdesc_t serpent_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_2,
serpent_str,
sizeof(serpent_ctx_t),
128,
{(void_fpt)serpent_init},
{(void_fpt)serpent_enc},
{(void_fpt)serpent_dec},
(bc_free_fpt)NULL,
serpent_keysize_desc
};

33
bcal_serpent.h
View File

@ -1,33 +0,0 @@
/* bcal_serpent.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_serpent.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "serpent.h"
#include "keysize_descriptor.h"
extern const bcdesc_t serpent_desc;

52
bcal_skipjack.c
View File

@ -1,52 +0,0 @@
/* bcal_skipjack.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_skipjack.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "skipjack.h"
#include "keysize_descriptor.h"
const char skipjack_str[] PROGMEM = "Skipjack";
const uint8_t skipjack_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(80),
KS_TYPE_TERMINATOR };
const bcdesc_t skipjack_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_1,
skipjack_str,
10,
64,
{(void_fpt)NULL},
{(void_fpt)skipjack_enc},
{(void_fpt)skipjack_dec},
(bc_free_fpt)NULL,
skipjack_keysize_desc
};

33
bcal_skipjack.h
View File

@ -1,33 +0,0 @@
/* bcal_skipjack.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_skipjack.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "skipjack.h"
#include "keysize_descriptor.h"
extern const bcdesc_t skipjack_desc;

62
bcal_tdes.c
View File

@ -1,62 +0,0 @@
/* bcal_tdes.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_tdes.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "des.h"
#include "keysize_descriptor.h"
const char tdes_str[] PROGMEM = "TDES";
const uint8_t tdes_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(192),
KS_TYPE_TERMINATOR };
static
void tdes_dummy_enc(void* block, void* key){
tdes_enc(block, block, key);
}
static
void tdes_dummy_dec(void* block, void* key){
tdes_dec(block, block, key);
}
const bcdesc_t tdes_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_1,
tdes_str,
24,
64,
{(void_fpt)NULL},
{(void_fpt)tdes_dummy_enc},
{(void_fpt)tdes_dummy_dec},
(bc_free_fpt)NULL,
tdes_keysize_desc
};

33
bcal_tdes.h
View File

@ -1,33 +0,0 @@
/* bcal_tdes.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_tdes.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "des.h"
#include "keysize_descriptor.h"
extern const bcdesc_t tdes_desc;

70
bcal_tdes2.c
View File

@ -1,70 +0,0 @@
/* bcal_tdes2.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_tdes.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2010-02-02
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "des.h"
#include "keysize_descriptor.h"
const char tdes2_str[] PROGMEM = "TDES-2";
const uint8_t tdes2_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(128),
KS_TYPE_TERMINATOR };
static
void tdes_dummy_enc(void* block, void* key){
tdes_enc(block, block, key);
}
static
void tdes_dummy_dec(void* block, void* key){
tdes_dec(block, block, key);
}
static
void tdes2_init(void* key, void* ctx){
memcpy(ctx, key, 16);
memcpy((uint8_t*)ctx+16, key, 8);
}
const bcdesc_t tdes2_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_1,
tdes2_str,
24,
64,
{(void_fpt)tdes2_init},
{(void_fpt)tdes_dummy_enc},
{(void_fpt)tdes_dummy_dec},
(bc_free_fpt)NULL,
tdes2_keysize_desc
};

38
bcal_tdes2.h
View File

@ -1,38 +0,0 @@
/* bcal_tdes2.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_tdes.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#ifndef BCAL_TDES2_H_
#define BCAL_TDES2_H_
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "des.h"
#include "keysize_descriptor.h"
extern const bcdesc_t tdes2_desc;
#endif /* BCAL_TDES2_H_ */

56
bcal_threefish1024.c
View File

@ -1,56 +0,0 @@
/* bcal_threefish1024.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_threefish1024.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2010-02-20
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "threefish.h"
#include "keysize_descriptor.h"
const char threefish1024_str[] PROGMEM = "Threefish-1024";
const uint8_t threefish1024_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(1024),
KS_TYPE_TERMINATOR };
static void threefish1024_dummy_init(void* key, void* ctx){
threefish1024_init(key, NULL, ctx);
}
const bcdesc_t threefish1024_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_1,
threefish1024_str,
sizeof(threefish1024_ctx_t),
1024,
{(void_fpt)threefish1024_dummy_init},
{(void_fpt)threefish1024_enc},
{(void_fpt)threefish1024_dec},
(bc_free_fpt)NULL,
threefish1024_keysize_desc
};

33
bcal_threefish1024.h
View File

@ -1,33 +0,0 @@
/* bcal_threefis1024.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_threefish1024.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2010-02-20
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "threefish.h"
#include "keysize_descriptor.h"
extern const bcdesc_t threefish1024_desc;

56
bcal_threefish256.c
View File

@ -1,56 +0,0 @@
/* bcal_threefish256.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_threefish256.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2010-02-20
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "threefish.h"
#include "keysize_descriptor.h"
const char threefish256_str[] PROGMEM = "Threefish-256";
const uint8_t threefish256_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(256),
KS_TYPE_TERMINATOR };
static void threefish256_dummy_init(void* key, void* ctx){
threefish256_init(key, NULL, ctx);
}
const bcdesc_t threefish256_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_1,
threefish256_str,
sizeof(threefish256_ctx_t),
256,
{(void_fpt)threefish256_dummy_init},
{(void_fpt)threefish256_enc},
{(void_fpt)threefish256_dec},
(bc_free_fpt)NULL,
threefish256_keysize_desc
};

33
bcal_threefish256.h
View File

@ -1,33 +0,0 @@
/* bcal_threefis256.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_threefish256.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2010-02-20
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "threefish.h"
#include "keysize_descriptor.h"
extern const bcdesc_t threefish256_desc;

56
bcal_threefish512.c
View File

@ -1,56 +0,0 @@
/* bcal_threefish512.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_threefish512.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2010-02-20
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "threefish.h"
#include "keysize_descriptor.h"
const char threefish512_str[] PROGMEM = "Threefish-512";
const uint8_t threefish512_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(512),
KS_TYPE_TERMINATOR };
static void threefish512_dummy_init(void* key, void* ctx){
threefish512_init(key, NULL, ctx);
}
const bcdesc_t threefish512_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_1,
threefish512_str,
sizeof(threefish512_ctx_t),
512,
{(void_fpt)threefish512_dummy_init},
{(void_fpt)threefish512_enc},
{(void_fpt)threefish512_dec},
(bc_free_fpt)NULL,
threefish512_keysize_desc
};

33
bcal_threefish512.h
View File

@ -1,33 +0,0 @@
/* bcal_threefis512.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_threefish512.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2010-02-20
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "threefish.h"
#include "keysize_descriptor.h"
extern const bcdesc_t threefish512_desc;

62
bcal_xtea.c
View File

@ -1,62 +0,0 @@
/* bcal_xtea.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_xtea.c
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include <stdlib.h>
#include "blockcipher_descriptor.h"
#include "xtea.h"
#include "keysize_descriptor.h"
const char xtea_str[] PROGMEM = "XTEA";
const uint8_t xtea_keysize_desc[] PROGMEM = { KS_TYPE_LIST, 1, KS_INT(128),
KS_TYPE_TERMINATOR };
static
void xtea_dummy_enc(void* block, void* key){
xtea_enc(block, block, key);
}
static
void xtea_dummy_dec(void* block, void* key){
xtea_dec(block, block, key);
}
const bcdesc_t xtea_desc PROGMEM = {
BCDESC_TYPE_BLOCKCIPHER,
BC_INIT_TYPE_2,
xtea_str,
16,
64,
{(void_fpt)NULL},
{(void_fpt)xtea_dummy_enc},
{(void_fpt)xtea_dummy_dec},
(bc_free_fpt)NULL,
xtea_keysize_desc
};

33
bcal_xtea.h
View File

@ -1,33 +0,0 @@
/* bcal_xtea.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bcal_xtea.h
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-09
* \license GPLv3 or later
*
*/
#include <avr/pgmspace.h>
#include "blockcipher_descriptor.h"
#include "xtea.h"
#include "keysize_descriptor.h"
extern const bcdesc_t xtea_desc;

2
blake/blake_large.c
View File

@ -28,7 +28,7 @@
#include <stdint.h>
#include <string.h>
#include <avr/pgmspace.h>
#include "memxor.h"
#include "memxor/memxor.h"
#include "blake_large.h"
#include "blake_common.h"

2
blake/blake_small.c
View File

@ -28,7 +28,7 @@
#include <stdint.h>
#include <string.h>
#include <avr/pgmspace.h>
#include "memxor.h"
#include "memxor/memxor.h"
#include "blake_small.h"
#include "blake_common.h"

66
blake/memxor.S
View File

@ -1,66 +0,0 @@
/* memxor.S */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*
* File: memxor.S
* Author: Daniel Otte
* Date: 2008-08-07
* License: GPLv3 or later
* Description: memxor, XORing one block into another
*
*/
/*
* void memxor(void* dest, const void* src, uint16_t n);
*/
/*
* param dest is passed in r24:r25
* param src is passed in r22:r23
* param n is passed in r20:r21
*/
.global memxor
memxor:
movw r30, r24
movw r26, r22
movw r24, r20
adiw r24, 0
breq 2f
1:
ld r20, X+
ld r21, Z
eor r20, r21
st Z+, r20
sbiw r24, 1
brne 1b
2:
ret

7
blake/memxor.h
View File

@ -1,7 +0,0 @@
#ifndef MEMXOR_H_
#define MEMXOR_H_
#include <stdint.h>
void memxor(void* dest, const void* src, uint16_t n);
#endif

2
bmw/bmw_small.c
View File

@ -28,7 +28,7 @@
#include <stdint.h>
#include <string.h>
#include <avr/pgmspace.h>
#include "memxor.h"
#include "memxor/memxor.h"
#include "bmw_small.h"

66
bmw/memxor.S
View File

@ -1,66 +0,0 @@
/* memxor.S */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*
* File: memxor.S
* Author: Daniel Otte
* Date: 2008-08-07
* License: GPLv3 or later
* Description: memxor, XORing one block into another
*
*/
/*
* void memxor(void* dest, const void* src, uint16_t n);
*/
/*
* param dest is passed in r24:r25
* param src is passed in r22:r23
* param n is passed in r20:r21
*/
.global memxor
memxor:
movw r30, r24
movw r26, r22
movw r24, r20
adiw r24, 0
breq 2f
1:
ld r20, X+
ld r21, Z
eor r20, r21
st Z+, r20
sbiw r24, 1
brne 1b
2:
ret

7
bmw/memxor.h
View File

@ -1,7 +0,0 @@
#ifndef MEMXOR_H_
#define MEMXOR_H_
#include <stdint.h>
void memxor(void* dest, const void* src, uint16_t n);
#endif

2
cubehash/cubehash.c
View File

@ -26,7 +26,7 @@
*/
#include "memxor.h"
#include "memxor/memxor.h"
#include "cubehash.h"
#include "cubehash_rotates.h"
#include "xchg.h"

66
cubehash/memxor.S
View File

@ -1,66 +0,0 @@
/* memxor.S */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*
* File: memxor.S
* Author: Daniel Otte
* Date: 2008-08-07
* License: GPLv3 or later
* Description: memxor, XORing one block into another
*
*/
/*
* void memxor(void* dest, const void* src, uint16_t n);
*/
/*
* param dest is passed in r24:r25
* param src is passed in r22:r23
* param n is passed in r20:r21
*/
.global memxor
memxor:
movw r30, r24
movw r26, r22
movw r24, r20
adiw r24, 0
breq 2f
1:
ld r20, X+
ld r21, Z
eor r20, r21
st Z+, r20
sbiw r24, 1
brne 1b
2:
ret

7
cubehash/memxor.h
View File

@ -1,7 +0,0 @@
#ifndef MEMXOR_H_
#define MEMXOR_H_
#include <stdint.h>
void memxor(void* dest, const void* src, uint16_t n);
#endif

246
dsa/base64_dec.c
View File

@ -1,246 +0,0 @@
/* base64_dec.c */
/*
* This file is part of the AVR-Crypto-Lib.
* Copyright (C) 2006, 2007, 2008 Daniel Otte (daniel.otte@rub.de)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* base64 decoder (RFC3548)
* Author: Daniel Otte
* License: GPLv3
*
*
*/
#include <stdint.h>
#include "base64_dec.h"
#include "test_src/cli.h"
/*
#define USE_GCC_EXTENSION
*/
#if 1
#ifdef USE_GCC_EXTENSION
static
int ascii2bit6(char a){
switch(a){
case 'A'...'Z':
return a-'A';
case 'a'...'z':
return a-'a'+26;
case '0'...'9':
return a-'0'+52;
case '+':
case '-':
return 62;
case '/':
case '_':
return 63;
default:
return -1;
}
}
#else
static
uint8_t ascii2bit6(char a){
int r;
switch(a>>4){
case 0x5:
case 0x4:
r=a-'A';
if(r<0 || r>25){
return -1;
} else {
return r;
}
case 0x7:
case 0x6:
r=a-'a';
if(r<0 || r>25){
return -1;
} else {
return r+26;
}
break;
case 0x3:
if(a>'9')
return -1;
return a-'0'+52;
default:
break;
}
switch (a){
case '+':
case '-':
return 62;
case '/':
case '_':
return 63;
default:
return 0xff;
}
}
#endif
#else
static
uint8_t ascii2bit6(uint8_t a){
if(a>='A' && a<='Z'){
return a-'A';
} else {
if(a>='a' && a<= 'z'){
return a-'a'+26;
} else {
if(a>='0' && a<='9'){
return a-'0'+52;
} else {
if(a=='+' || a=='-'){
return 62;
} else {
if(a=='/' || a=='_'){
return 63;
} else {
return 0xff;
}
}
}
}
}
}
#endif
int base64_binlength(char* str, uint8_t strict){
int l=0;
uint8_t term=0;
for(;;){
if(*str=='\0')
break;
if(*str=='\n' || *str=='\r'){
str++;
continue;
}
if(*str=='='){
term++;
str++;
if(term==2){
break;
}
continue;
}
if(term)
return -1;
if(ascii2bit6(*str)==-1){
if(strict)
return -1;
} else {
l++;
}
str++;
}
switch(term){
case 0:
if(l%4!=0)
return -1;
return l/4*3;
case 1:
if(l%4!=3)
return -1;
return (l+1)/4*3-1;
case 2:
if(l%4!=2)
return -1;
return (l+2)/4*3-2;
default:
return -1;
}
}
/*
|543210543210543210543210|
|765432107654321076543210|
. . . .
|54321054|32105432|10543210|
|76543210|76543210|76543210|
*/
int base64dec(void* dest, const char* b64str, uint8_t strict){
uint8_t buffer[4];
uint8_t idx=0;
uint8_t term=0;
for(;;){
// cli_putstr_P(PSTR("\r\n DBG: got 0x"));
// cli_hexdump(b64str, 1);
buffer[idx]= ascii2bit6(*b64str);
// cli_putstr_P(PSTR(" --> 0x"));
// cli_hexdump(buffer+idx, 1);
if(buffer[idx]==0xFF){
if(*b64str=='='){
term++;
b64str++;
if(term==2)
goto finalize; /* definitly the end */
}else{
if(*b64str == '\0'){
goto finalize; /* definitly the end */
}else{
if(*b64str == '\r' || *b64str == '\n' || !(strict)){
b64str++; /* charcters that we simply ignore */
}else{
return -1;
}
}
}
}else{
if(term)
return -1; /* this happens if we get a '=' in the stream */
idx++;
b64str++;
}
if(idx==4){
((uint8_t*)dest)[0] = buffer[0]<<2 | buffer[1]>>4;
((uint8_t*)dest)[1] = buffer[1]<<4 | buffer[2]>>2;
((uint8_t*)dest)[2] = buffer[2]<<6 | buffer[3];
dest = (uint8_t*)dest +3;
idx=0;
}
}
finalize:
/* the final touch */
if(idx==0)
return 0;
if(term==1){
((uint8_t*)dest)[0] = buffer[0]<<2 | buffer[1]>>4;
((uint8_t*)dest)[1] = buffer[1]<<4 | buffer[2]>>2;
return 0;
}
if(term==2){
((uint8_t*)dest)[0] = buffer[0]<<2 | buffer[1]>>4;
return 0;
}
return -1;
}

29
dsa/base64_dec.h
View File

@ -1,29 +0,0 @@
/* base64_dec.h */
/*
* This file is part of the AVR-Crypto-Lib.
* Copyright (C) 2006, 2007, 2008 Daniel Otte (daniel.otte@rub.de)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BASE64_DEC_H_
#define BASE64_DEC_H_
#include <stdint.h>
int base64_binlength(char* str, uint8_t strict);
int base64dec(void* dest, const char* b64str, uint8_t strict);
#endif /*BASE64_DEC_H_*/

117
dsa/base64_enc.c
View File

@ -1,117 +0,0 @@
/* base64_enc.c */
/*
* This file is part of the AVR-Crypto-Lib.
* Copyright (C) 2006, 2007, 2008 Daniel Otte (daniel.otte@rub.de)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* base64 encoder (RFC3548)
* Author: Daniel Otte
* License: GPLv3
*
*
*/
#include <stdint.h>
#include "base64_enc.h"
#if 1
#include <avr/pgmspace.h>
char base64_alphabet[64] PROGMEM = {
'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H',
'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P',
'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X',
'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f',
'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n',
'o', 'p', 'q', 'r', 's', 't', 'u', 'v',
'w', 'x', 'y', 'z', '0', '1', '2', '3',
'4', '5', '6', '7', '8', '9', '+', '/' };
static
char bit6toAscii(uint8_t a){
a &= (uint8_t)0x3F;
return pgm_read_byte(base64_alphabet+a);
}
#else
static
char bit6toAscii(uint8_t a){
a &= (uint8_t)0x3F;
if(a<=25){
return a+'A';
} else {
if(a<=51){
return a-26+'a';
} else {
if(a<=61){
return a-52+'0';
} else {
if(a==62){
return '+';
} else {
return '/'; /* a == 63 */
}
}
}
}
}
#endif
void base64enc(char* dest,const void* src, uint16_t length){
uint16_t i,j;
uint8_t a[4];
for(i=0; i<length/3; ++i){
a[0]= (((uint8_t*)src)[i*3+0])>>2;
a[1]= (((((uint8_t*)src)[i*3+0])<<4) | ((((uint8_t*)src)[i*3+1])>>4)) & 0x3F;
a[2]= (((((uint8_t*)src)[i*3+1])<<2) | ((((uint8_t*)src)[i*3+2])>>6)) & 0x3F;
a[3]= (((uint8_t*)src)[i*3+2]) & 0x3F;
for(j=0; j<4; ++j){
*dest++=bit6toAscii(a[j]);
}
}
/* now we do the rest */
switch(length%3){
case 0:
break;
case 1:
a[0]=(((uint8_t*)src)[i*3+0])>>2;
a[1]=((((uint8_t*)src)[i*3+0])<<4)&0x3F;
*dest++ = bit6toAscii(a[0]);
*dest++ = bit6toAscii(a[1]);
*dest++ = '=';
*dest++ = '=';
break;
case 2:
a[0]= (((uint8_t*)src)[i*3+0])>>2;
a[1]= (((((uint8_t*)src)[i*3+0])<<4) | ((((uint8_t*)src)[i*3+1])>>4)) & 0x3F;
a[2]= ((((uint8_t*)src)[i*3+1])<<2) & 0x3F;
*dest++ = bit6toAscii(a[0]);
*dest++ = bit6toAscii(a[1]);
*dest++ = bit6toAscii(a[2]);
*dest++ = '=';
break;
default: /* this will not happen! */
break;
}
/* finalize: */
*dest='\0';
}

28
dsa/base64_enc.h
View File

@ -1,28 +0,0 @@
/* base64_enc.h */
/*
* This file is part of the AVR-Crypto-Lib.
* Copyright (C) 2006, 2007, 2008 Daniel Otte (daniel.otte@rub.de)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BASE64_ENC_H_
#define BASE64_ENC_H_
#include <stdint.h>
void base64enc(char* dest, const void* src, uint16_t length);
#endif /*BASE64_ENC_H_*/

808
dsa/bigint.c
View File

@ -1,808 +0,0 @@
/* bigint.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bigint.c
* \author Daniel Otte
* \date 2010-02-22
*
* \license GPLv3 or later
*
*/
#define STRING2(x) #x
#define STRING(x) STRING2(x)
#define STR_LINE STRING(__LINE__)
#include "bigint.h"
#include <string.h>
/*
#include "cli.h"
#include "bigint_io.h"
*/
#ifndef MAX
#define MAX(a,b) (((a)>(b))?(a):(b))
#endif
#ifndef MIN
#define MIN(a,b) (((a)<(b))?(a):(b))
#endif
#define SET_FBS(a, v) do{(a)->info &=0xF8; (a)->info |= (v);}while(0)
#define GET_FBS(a) ((a)->info&BIGINT_FBS_MASK)
#define SET_NEG(a) (a)->info |= BIGINT_NEG_MASK
#define SET_POS(a) (a)->info &= ~BIGINT_NEG_MASK
#define XCHG(a,b) do{(a)^=(b); (b)^=(a); (a)^=(b);}while(0)
#define XCHG_PTR(a,b) do{ a = (void*)(((uint16_t)(a)) ^ ((uint16_t)(b))); \
b = (void*)(((uint16_t)(a)) ^ ((uint16_t)(b))); \
a = (void*)(((uint16_t)(a)) ^ ((uint16_t)(b)));}while(0)
#define GET_SIGN(a) ((a)->info&BIGINT_NEG_MASK)
/******************************************************************************/
void bigint_adjust(bigint_t* a){
while(a->length_B!=0 && a->wordv[a->length_B-1]==0){
a->length_B--;
}
if(a->length_B==0){
a->info=0;
return;
}
uint8_t t;
uint8_t i = 0x07;
t = a->wordv[a->length_B-1];
while((t&0x80)==0 && i){
t<<=1;
i--;
}
SET_FBS(a, i);
}
/******************************************************************************/
void bigint_copy(bigint_t* dest, const bigint_t* src){
memcpy(dest->wordv, src->wordv, src->length_B);
dest->length_B = src->length_B;
dest->info = src->info;
}
/******************************************************************************/
/* this should be implemented in assembly */
/*
void bigint_add_u(bigint_t* dest, const bigint_t* a, const bigint_t* b){
uint16_t t=0, i;
if(a->length_B < b->length_B){
XCHG_PTR(a,b);
}
for(i=0; i<b->length_B; ++i){
t = a->wordv[i] + b->wordv[i] + t;
dest->wordv[i] = (uint8_t)t;
t>>=8;
}
for(; i<a->length_B; ++i){
t = a->wordv[i] + t;
dest->wordv[i] = (uint8_t)t;
t>>=8;
}
dest->wordv[i++] = t;
dest->length_B = i;
bigint_adjust(dest);
}
*/
/******************************************************************************/
/* this should be implemented in assembly */
void bigint_add_scale_u(bigint_t* dest, const bigint_t* a, uint16_t scale){
uint16_t i,j=0;
uint16_t t=0;
if(scale>dest->length_B)
memset(dest->wordv+dest->length_B, 0, scale-dest->length_B);
for(i=scale; i<a->length_B+scale; ++i,++j){
t = a->wordv[j] + t;
if(dest->length_B>i){
t += dest->wordv[i];
}
dest->wordv[i] = (uint8_t)t;
t>>=8;
}
while(t){
if(dest->length_B>i){
t = dest->wordv[i] + t;
}
dest->wordv[i] = (uint8_t)t;
t>>=8;
++i;
}
if(dest->length_B < i){
dest->length_B = i;
}
bigint_adjust(dest);
}
/******************************************************************************/
/* this should be implemented in assembly */
void bigint_sub_u(bigint_t* dest, const bigint_t* a, const bigint_t* b){
int8_t borrow=0;
int8_t r;
int16_t t;
uint16_t i, min, max;
min = MIN(a->length_B, b->length_B);
max = MAX(a->length_B, b->length_B);
r = bigint_cmp_u(a,b);
if(r==0){
dest->length_B = 0;
dest->wordv[0] = 0;
bigint_adjust(dest);
return;
}
if(b->length_B==0){
dest->length_B = a->length_B;
memcpy(dest->wordv, a->wordv, a->length_B);
dest->info = a->info;
SET_POS(dest);
return;
}
if(a->length_B==0){
dest->length_B = b->length_B;
memcpy(dest->wordv, b->wordv, b->length_B);
dest->info = b->info;
SET_NEG(dest);
return;
}
if(r<0){
bigint_sub_u(dest, b, a);
SET_NEG(dest);
}else{
for(i=0; i<min; ++i){
t = a->wordv[i] - b->wordv[i] - borrow;
if(t<0){
borrow = 1;
dest->wordv[i]=(uint8_t)t;
}else{
borrow = 0;
dest->wordv[i]=(uint8_t)t;
}
}
for(;i<max; ++i){
t = a->wordv[i] - borrow;
if(t<0){
borrow = 1;
dest->wordv[i]=(uint8_t)t;
}else{
borrow = 0;
dest->wordv[i]=(uint8_t)t;
}
}
SET_POS(dest);
dest->length_B = i;
bigint_adjust(dest);
}
}
/******************************************************************************/
int8_t bigint_cmp_u(const bigint_t* a, const bigint_t* b){
if(a->length_B > b->length_B){
return 1;
}
if(a->length_B < b->length_B){
return -1;
}
if(a->length_B==0){
return 0;
}
uint16_t i;
i = a->length_B-1;
do{
if(a->wordv[i]!=b->wordv[i]){
if(a->wordv[i]>b->wordv[i]){
return 1;
}else{
return -1;
}
}
}while(i--);
return 0;
}
/******************************************************************************/
void bigint_add_s(bigint_t* dest, const bigint_t* a, const bigint_t* b){
uint8_t s;
s = GET_SIGN(a)?2:0;
s |= GET_SIGN(b)?1:0;
switch(s){
case 0: /* both positive */
bigint_add_u(dest, a,b);
SET_POS(dest);
break;
case 1: /* a positive, b negative */
bigint_sub_u(dest, a, b);
break;
case 2: /* a negative, b positive */
bigint_sub_u(dest, b, a);
break;
case 3: /* both negative */
bigint_add_u(dest, a, b);
SET_NEG(dest);
break;
default: /* how can this happen?*/
break;
}
}
/******************************************************************************/
void bigint_sub_s(bigint_t* dest, const bigint_t* a, const bigint_t* b){
uint8_t s;
s = GET_SIGN(a)?2:0;
s |= GET_SIGN(b)?1:0;
switch(s){
case 0: /* both positive */
bigint_sub_u(dest, a,b);
break;
case 1: /* a positive, b negative */
bigint_add_u(dest, a, b);
SET_POS(dest);
break;
case 2: /* a negative, b positive */
bigint_add_u(dest, a, b);
SET_NEG(dest);
break;
case 3: /* both negative */
bigint_sub_u(dest, b, a);
break;
default: /* how can this happen?*/
break;
}
}
/******************************************************************************/
int8_t bigint_cmp_s(const bigint_t* a, const bigint_t* b){
uint8_t s;
if(a->length_B==0 && b->length_B==0){
return 0;
}
s = GET_SIGN(a)?2:0;
s |= GET_SIGN(b)?1:0;
switch(s){
case 0: /* both positive */
return bigint_cmp_u(a, b);
break;
case 1: /* a positive, b negative */
return 1;
break;
case 2: /* a negative, b positive */
return -1;
break;
case 3: /* both negative */
return bigint_cmp_u(b, a);
break;
default: /* how can this happen?*/
break;
}
return 0; /* just to satisfy the compiler */
}
/******************************************************************************/
void bigint_shiftleft(bigint_t* a, uint16_t shift){
uint16_t byteshift;
uint16_t i;
uint8_t bitshift;
uint16_t t=0;
byteshift = (shift+3)/8;
bitshift = shift&7;
memmove(a->wordv+byteshift, a->wordv, a->length_B);
memset(a->wordv, 0, byteshift);
if(bitshift!=0){
if(bitshift<=4){ /* shift to the left */
for(i=byteshift; i<a->length_B+byteshift; ++i){
t |= (a->wordv[i])<<bitshift;
a->wordv[i] = (uint8_t)t;
t >>= 8;
}
a->wordv[i] = (uint8_t)t;
byteshift++;
}else{ /* shift to the right */
for(i=a->length_B+byteshift-1; i>byteshift-1; --i){
t |= (a->wordv[i])<<(bitshift);
a->wordv[i] = (uint8_t)(t>>8);
t <<= 8;
}
t |= (a->wordv[i])<<(bitshift);
a->wordv[i] = (uint8_t)(t>>8);
}
}
a->length_B += byteshift;
bigint_adjust(a);
}
/******************************************************************************/
void bigint_shiftright(bigint_t* a, uint16_t shift){
uint16_t byteshift;
uint16_t i;
uint8_t bitshift;
uint16_t t=0;
byteshift = shift/8;
bitshift = shift&7;
if(byteshift >= a->length_B){ /* we would shift out more than we have */
bigint_set_zero(a);
return;
}
if(byteshift == a->length_B-1 && bitshift>GET_FBS(a)){
bigint_set_zero(a);
return;
}
if(byteshift){
memmove(a->wordv, a->wordv+byteshift, a->length_B-byteshift);
memset(a->wordv+a->length_B-byteshift, 0, byteshift);
}
if(bitshift!=0){
/* shift to the right */
for(i=a->length_B-byteshift-1; i>0; --i){
t |= (a->wordv[i])<<(8-bitshift);
a->wordv[i] = (uint8_t)(t>>8);
t <<= 8;
}
t |= (a->wordv[0])<<(8-bitshift);
a->wordv[0] = (uint8_t)(t>>8);
}
a->length_B -= byteshift;
bigint_adjust(a);
}
/******************************************************************************/
void bigint_xor(bigint_t* dest, const bigint_t* a){
uint16_t i;
for(i=0; i<a->length_B; ++i){
dest->wordv[i] ^= a->wordv[i];
}
bigint_adjust(dest);
}
/******************************************************************************/
void bigint_set_zero(bigint_t* a){
a->length_B=0;
}
/******************************************************************************/
/* using the Karatsuba-Algorithm */
/* x*y = (xh*yh)*b**2n + ((xh+xl)*(yh+yl) - xh*yh - xl*yl)*b**n + yh*yl */
void bigint_mul_u(bigint_t* dest, const bigint_t* a, const bigint_t* b){
if(a->length_B==0 || b->length_B==0){
bigint_set_zero(dest);
return;
}
if(dest==a || dest==b){
bigint_t d;
uint8_t d_b[a->length_B+b->length_B];
d.wordv = d_b;
bigint_mul_u(&d, a, b);
bigint_copy(dest, &d);
return;
}
if(a->length_B==1 || b->length_B==1){
if(a->length_B!=1){
XCHG_PTR(a,b);
}
uint16_t i, t=0;
uint8_t x = a->wordv[0];
for(i=0; i<b->length_B; ++i){
t += b->wordv[i]*x;
dest->wordv[i] = (uint8_t)t;
t>>=8;
}
dest->wordv[i] = (uint8_t)t;
dest->length_B=i+1;
bigint_adjust(dest);
return;
}
if(a->length_B<=4 && b->length_B<=4){
uint32_t p=0, q=0;
uint64_t r;
memcpy(&p, a->wordv, a->length_B);
memcpy(&q, b->wordv, b->length_B);
r = (uint64_t)p*(uint64_t)q;
memcpy(dest->wordv, &r, a->length_B+b->length_B);
dest->length_B = a->length_B+b->length_B;
bigint_adjust(dest);
return;
}
bigint_set_zero(dest);
/* split a in xh & xl; split b in yh & yl */
uint16_t n;
n=(MAX(a->length_B, b->length_B)+1)/2;
bigint_t xl, xh, yl, yh;
xl.wordv = a->wordv;
yl.wordv = b->wordv;
if(a->length_B<=n){
xh.info=0;
xh.length_B = 0;
xl.length_B = a->length_B;
xl.info = 0;
}else{
xl.length_B=n;
xl.info = 0;
bigint_adjust(&xl);
xh.wordv = a->wordv+n;
xh.length_B = a->length_B-n;
xh.info = 0;
}
if(b->length_B<=n){
yh.info=0;
yh.length_B = 0;
yl.length_B = b->length_B;
yl.info = b->info;
}else{
yl.length_B=n;
yl.info = 0;
bigint_adjust(&yl);
yh.wordv = b->wordv+n;
yh.length_B = b->length_B-n;
yh.info = 0;
}
/* now we have split up a and b */
uint8_t tmp_b[2*n+2], m_b[2*(n+1)];
bigint_t tmp, tmp2, m;
tmp.wordv = tmp_b;
tmp2.wordv = tmp_b+n+1;
m.wordv = m_b;
bigint_mul_u(dest, &xl, &yl); /* dest <= xl*yl */
bigint_add_u(&tmp2, &xh, &xl); /* tmp2 <= xh+xl */
bigint_add_u(&tmp, &yh, &yl); /* tmp <= yh+yl */
bigint_mul_u(&m, &tmp2, &tmp); /* m <= tmp2*tmp */
bigint_mul_u(&tmp, &xh, &yh); /* h <= xh*yh */
bigint_sub_u(&m, &m, dest); /* m <= m-dest */
bigint_sub_u(&m, &m, &tmp); /* m <= m-h */
bigint_add_scale_u(dest, &m, n);
bigint_add_scale_u(dest, &tmp, 2*n);
}
/******************************************************************************/
void bigint_mul_s(bigint_t* dest, const bigint_t* a, const bigint_t* b){
uint8_t s;
s = GET_SIGN(a)?2:0;
s |= GET_SIGN(b)?1:0;
switch(s){
case 0: /* both positive */
bigint_mul_u(dest, a,b);
SET_POS(dest);
break;
case 1: /* a positive, b negative */
bigint_mul_u(dest, a,b);
SET_NEG(dest);
break;
case 2: /* a negative, b positive */
bigint_mul_u(dest, a,b);
SET_NEG(dest);
break;
case 3: /* both negative */
bigint_mul_u(dest, a,b);
SET_POS(dest);
break;
default: /* how can this happen?*/
break;
}
}
/******************************************************************************/
/* square */
/* (xh*b^n+xl)^2 = xh^2*b^2n + 2*xh*xl*b^n + xl^2 */
void bigint_square(bigint_t* dest, const bigint_t* a){
if(a->length_B<=4){
uint64_t r=0;
memcpy(&r, a->wordv, a->length_B);
r = r*r;
memcpy(dest->wordv, &r, 2*a->length_B);
SET_POS(dest);
dest->length_B=2*a->length_B;
bigint_adjust(dest);
return;
}
if(dest==a){
bigint_t d;
uint8_t d_b[a->length_B*2];
d.wordv = d_b;
bigint_square(&d, a);
bigint_copy(dest, &d);
return;
}
uint16_t n;
n=(a->length_B+1)/2;
bigint_t xh, xl, tmp; /* x-high, x-low, temp */
uint8_t buffer[2*n+1];
xl.wordv = a->wordv;
xl.length_B = n;
xh.wordv = a->wordv+n;
xh.length_B = a->length_B-n;
tmp.wordv = buffer;
bigint_square(dest, &xl);
bigint_square(&tmp, &xh);
bigint_add_scale_u(dest, &tmp, 2*n);
bigint_mul_u(&tmp, &xl, &xh);
bigint_shiftleft(&tmp, 1);
bigint_add_scale_u(dest, &tmp, n);
}
/******************************************************************************/
void bigint_sub_u_bitscale(bigint_t* a, const bigint_t* b, uint16_t bitscale){
bigint_t tmp;
uint8_t tmp_b[b->length_B+1];
uint16_t i,j,byteshift=bitscale/8;
uint8_t borrow=0;
int16_t t;
if(a->length_B < b->length_B+byteshift){
bigint_set_zero(a);
return;
}
tmp.wordv = tmp_b;
bigint_copy(&tmp, b);
bigint_shiftleft(&tmp, bitscale&7);
for(j=0,i=byteshift; i<tmp.length_B+byteshift; ++i, ++j){
t = a->wordv[i] - tmp.wordv[j] - borrow;
a->wordv[i] = (uint8_t)t;
if(t<0){
borrow = 1;
}else{
borrow = 0;
}
}
while(borrow){
if(i+1 > a->length_B){
bigint_set_zero(a);
return;
}
a->wordv[i] -= borrow;
if(a->wordv[i]!=0xff){
borrow=0;
}
++i;
}
bigint_adjust(a);
}
/******************************************************************************/
void bigint_reduce(bigint_t* a, const bigint_t* r){
// bigint_adjust(r);
uint8_t rfbs = GET_FBS(r);
if(r->length_B==0 || a->length_B==0){
return;
}
while(a->length_B > r->length_B){
bigint_sub_u_bitscale(a, r, (a->length_B-r->length_B)*8+GET_FBS(a)-rfbs-1);
}
while((GET_FBS(a) > rfbs+1) && (a->length_B == r->length_B)){
bigint_sub_u_bitscale(a, r, GET_FBS(a)-rfbs-1);
}
while(bigint_cmp_u(a,r)>=0){
bigint_sub_u(a,a,r);
}
bigint_adjust(a);
}
/******************************************************************************/
/* calculate dest = a**exp % r */
/* using square&multiply */
void bigint_expmod_u(bigint_t* dest, const bigint_t* a, const bigint_t* exp, const bigint_t* r){
if(a->length_B==0 || r->length_B==0){
return;
}
bigint_t res, base;
uint8_t base_b[MAX(a->length_B,r->length_B*2)], res_b[r->length_B*2];
uint16_t i;
uint8_t j, t;
res.wordv = res_b;
base.wordv = base_b;
bigint_copy(&base, a);
bigint_reduce(&base, r);
res.wordv[0]=1;
res.length_B=1;
res.info = 0;
bigint_adjust(&res);
for(i=0; i+1<exp->length_B; ++i){
t=exp->wordv[i];
for(j=0; j<8; ++j){
if(t&1){
bigint_mul_u(&res, &res, &base);
bigint_reduce(&res, r);
}
bigint_square(&base, &base);
bigint_reduce(&base, r);
t>>=1;
}
}
t=exp->wordv[i];
while(t){
if(t&1){
bigint_mul_u(&res, &res, &base);
bigint_reduce(&res, r);
}
bigint_square(&base, &base);
bigint_reduce(&base, r);
t>>=1;
}
SET_POS(&res);
bigint_copy(dest, &res);
}
/******************************************************************************/
/* gcd <-- gcd(x,y) a*x+b*y=gcd */
void bigint_gcdext(bigint_t* gcd, bigint_t* a, bigint_t* b, const bigint_t* x, const bigint_t* y){
bigint_t g, x_, y_, u, v, a_, b_, c_, d_;
volatile uint16_t i=0;
if(x->length_B==0 || y->length_B==0){
return;
}
while(x->wordv[i]==0 && y->wordv[i]==0){
++i;
}
uint8_t g_b[i+2], x_b[x->length_B-i], y_b[y->length_B-i];
uint8_t u_b[x->length_B-i], v_b[y->length_B-i];
uint8_t a_b[y->length_B+2], c_b[y->length_B+2];
uint8_t b_b[x->length_B+2], d_b[x->length_B+2];
g.wordv = g_b;
x_.wordv = x_b;
y_.wordv = y_b;
memset(g_b, 0, i);
g_b[i]=1;
g.length_B = i+1;
g.info=0;
x_.info = y_.info = 0;
x_.length_B = x->length_B-i;
y_.length_B = y->length_B-i;
memcpy(x_.wordv, x->wordv+i, x_.length_B);
memcpy(y_.wordv, y->wordv+i, y_.length_B);
for(i=0; (x_.wordv[0]&(1<<i))==0 && (y_.wordv[0]&(1<<i))==0; ++i){
}
bigint_adjust(&x_);
bigint_adjust(&y_);
if(i){
bigint_shiftleft(&g, i);
bigint_shiftright(&x_, i);
bigint_shiftright(&y_, i);
}
u.wordv = u_b;
v.wordv = v_b;
a_.wordv = a_b;
b_.wordv = b_b;
c_.wordv = c_b;
d_.wordv = d_b;
bigint_copy(&u, &x_);
bigint_copy(&v, &y_);
a_.wordv[0] = 1;
a_.length_B = 1;
a_.info = 0;
d_.wordv[0] = 1;
d_.length_B = 1;
d_.info = 0;
bigint_set_zero(&b_);
bigint_set_zero(&c_);
do{
while((u.wordv[0]&1)==0){
bigint_shiftright(&u, 1);
if((a_.wordv[0]&1) || (b_.wordv[0]&1)){
bigint_add_s(&a_, &a_, &y_);
bigint_sub_s(&b_, &b_, &x_);
}
bigint_shiftright(&a_, 1);
bigint_shiftright(&b_, 1);
}
while((v.wordv[0]&1)==0){
bigint_shiftright(&v, 1);
if((c_.wordv[0]&1) || (d_.wordv[0]&1)){
bigint_add_s(&c_, &c_, &y_);
bigint_sub_s(&d_, &d_, &x_);
}
bigint_shiftright(&c_, 1);
bigint_shiftright(&d_, 1);
}
if(bigint_cmp_u(&u, &v)>=0){
bigint_sub_u(&u, &u, &v);
bigint_sub_s(&a_, &a_, &c_);
bigint_sub_s(&b_, &b_, &d_);
}else{
bigint_sub_u(&v, &v, &u);
bigint_sub_s(&c_, &c_, &a_);
bigint_sub_s(&d_, &d_, &b_);
}
}while(u.length_B);
if(gcd){
bigint_mul_s(gcd, &v, &g);
}
if(a){
bigint_copy(a, &c_);
}
if(b){
bigint_copy(b, &d_);
}
}
/******************************************************************************/
void bigint_inverse(bigint_t* dest, const bigint_t* a, const bigint_t* m){
bigint_gcdext(NULL, dest, NULL, a, m);
while(dest->info&BIGINT_NEG_MASK){
bigint_add_s(dest, dest, m);
}
}
/******************************************************************************/
void bigint_changeendianess(bigint_t* a){
uint8_t t, *p, *q;
p = a->wordv;
q = p+a->length_B-1;
while(p<q){
t = *p;
*p = *q;
*q = t;
++p; --q;
}
}
/******************************************************************************/

68
dsa/bigint.h
View File

@ -1,68 +0,0 @@
/* bigint.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bigint.h
* \author Daniel Otte
* \date 2010-02-22
*
* \license GPLv3 or later
*
*/
#ifndef BIGINT_H_
#define BIGINT_H_
#include <stdint.h>
#define BIGINT_FBS_MASK 0x07 /* the last three bits indicate which is the first bit set */
#define BIGINT_NEG_MASK 0x80 /* this bit indicates a negative value */
typedef struct{
uint16_t length_B;
uint8_t info;
uint8_t *wordv; /* word vector, pointing to the LSB */
}bigint_t;
/******************************************************************************/
void bigint_adjust(bigint_t* a);
void bigint_copy(bigint_t* dest, const bigint_t* src);
void bigint_add_u(bigint_t* dest, const bigint_t* a, const bigint_t* b);
void bigint_add_scale_u(bigint_t* dest, const bigint_t* a, uint16_t scale);
void bigint_sub_u(bigint_t* dest, const bigint_t* a, const bigint_t* b);
int8_t bigint_cmp_u(const bigint_t * a, const bigint_t * b);
void bigint_add_s(bigint_t* dest, const bigint_t* a, const bigint_t* b);
void bigint_sub_s(bigint_t* dest, const bigint_t* a, const bigint_t* b);
int8_t bigint_cmp_s(const bigint_t* a, const bigint_t* b);
void bigint_shiftleft(bigint_t* a, uint16_t shift);
void bigint_shiftright(bigint_t* a, uint16_t shift);
void bigint_xor(bigint_t* dest, const bigint_t* a);
void bigint_set_zero(bigint_t* a);
void bigint_mul_u(bigint_t* dest, const bigint_t* a, const bigint_t* b);
void bigint_mul_s(bigint_t* dest, const bigint_t* a, const bigint_t* b);
void bigint_square(bigint_t* dest, const bigint_t* a);
void bigint_sub_u_bitscale(bigint_t* a, const bigint_t* b, uint16_t bitscale);
void bigint_reduce(bigint_t* a, const bigint_t* r);
void bigint_expmod_u(bigint_t* dest, const bigint_t* a, const bigint_t* exp, const bigint_t* r);
void bigint_gcdext(bigint_t* gcd, bigint_t* a, bigint_t* b, const bigint_t* x, const bigint_t* y);
void bigint_inverse(bigint_t* dest, const bigint_t* a, const bigint_t* m);
void bigint_changeendianess(bigint_t* a);
/******************************************************************************/
#endif /*BIGINT_H_*/

137
dsa/bigint_add_u.S
View File

@ -1,137 +0,0 @@
/* bigint_add_u.S */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file bigint_add_u.S
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2010-03-01
* \license GPLv3 or later
*
*/
#include "avr-asm-macros.S"
/*
param dest: r24:r25
param a: r22:r23
param b: r20:r21
*/
LEN_A_0 = 22
LEN_A_1 = 23
LEN_B_0 = 20
LEN_B_1 = 21
.global bigint_add_u
bigint_add_u:
push_range 28, 29
push_range 24, 25
movw r26, r24 ; X is our destination pointer
movw r30, r22 ; Z = a
movw r28, r20 ; Y = b
ldd LEN_A_0, Z+0
ldd LEN_A_1, Z+1
ldd LEN_B_0, Y+0
ldd LEN_B_1, Y+1
cp LEN_A_0, LEN_B_0
cpc LEN_A_1, LEN_B_1
brsh 3f
movw r18, LEN_A_0 ; swap length values
movw LEN_A_0, LEN_B_0
movw LEN_B_0, r18
movw r18, r30 ; swap pointers
movw r30, r28
movw r28, r18
3: ; now a is the longer integer
movw r24, LEN_A_0
adiw r24, 0
brne 4f
st X+, r1 ; store length
st X+, r1
st X+, r1 ; store 0 in info field
rjmp 9f
4:
adiw r24, 1
st X+, r24 ; store length
st X+, r25
st X+, r1 ; store 0 in info field
ld r18, X+
ld r19, X+
movw r26, r18
adiw r30, 3 ; adjust pointers to point at wordv
ld r18, Z+
ld r19, Z+
movw r30, r18
adiw r28, 3
ld r18, Y+
ld r19, Y+
movw r28, r18
sub LEN_A_0, LEN_B_0
sbc LEN_A_1, LEN_B_1
movw r24, LEN_B_0
clr r0
adiw r24, 0
breq 6f
clc
5:
ld r0, Z+
ld r1, Y+
adc r0, r1
st X+, r0
dec r24
brne 5b
rol r0 ; store carry bit
tst r25
breq 6f
dec r25
dec r24
ror r0 ; write carry back
rjmp 5b
6: /* the main part is done */
movw r24, LEN_A_0
clr r1
adiw r24, 0
breq 8f
62:
ror r0 ; write carry back
7:
ld r0, Z+
adc r0, r1
st X+, r0
dec r24
brne 7b
rol r0 ; store carry bit
tst r25
breq 8f
dec r25
dec r24
rjmp 62b
8:
ror r0
clr r0
rol r0
st X+, r0
9:
pop_range 24, 25
pop_range 28, 29
jmp bigint_adjust

135
dsa/bigint_io.c
View File

@ -1,135 +0,0 @@
/* bigint_io.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "cli.h"
#include "hexdigit_tab.h"
#include "bigint.h"
#include <avr/pgmspace.h>
#include <stdlib.h>
#include <string.h>
void bigint_print_hex(const bigint_t* a){
if(a->length_B==0){
cli_putc('0');
return;
}
if(a->info&BIGINT_NEG_MASK){
cli_putc('-');
}
// cli_putc((a->info&BIGINT_NEG_MASK)?'-':'+'); /* print sign */
if(a->wordv[a->length_B-1]<0x10){
cli_putc(pgm_read_byte(hexdigit_tab_uc_P+a->wordv[a->length_B-1]));
cli_hexdump_rev(a->wordv, a->length_B-1);
} else {
cli_hexdump_rev(a->wordv, a->length_B);
}
}
#define BLOCKSIZE 20
static uint8_t char2nibble(char c){
if(c>='0' && c <='9'){
return c-'0';
}
c |= 'A'^'a'; /* to lower case */
if(c>='a' && c <='f'){
return c-'a'+10;
}
return 0xff;
}
static uint16_t read_byte(void){
uint8_t t1, t2;
char c;
c = cli_getc_cecho();
if(c=='-'){
return 0x0500;
}
t1 = char2nibble(c);
if(t1 == 0xff){
return 0x0100;
}
c = cli_getc_cecho();
t2 = char2nibble(c);
if(t2 == 0xff){
return 0x0200|t1;
}
return (t1<<4)|t2;
}
uint8_t bigint_read_hex_echo(bigint_t* a){
uint16_t allocated=0;
uint8_t shift4=0;
uint16_t t;
a->length_B = 0;
a->wordv = NULL;
a->info = 0;
for(;;){
if(allocated-a->length_B < 1){
uint8_t *p;
p = realloc(a->wordv, allocated+=BLOCKSIZE);
if(p==NULL){
cli_putstr_P(PSTR("\r\nERROR: Out of memory!"));
free(a->wordv);
return 0xff;
}
a->wordv=p;
}
t = read_byte();
if(a->length_B==0){
if(t&0x0400){
/* got minus */
a->info |= BIGINT_NEG_MASK;
continue;
}else{
if(t==0x0100){
free(a->wordv);
a->wordv=NULL;
return 1;
}
}
}
if(t<=0x00ff){
a->wordv[a->length_B++] = (uint8_t)t;
}else{
if(t&0x0200){
shift4 = 1;
a->wordv[a->length_B++] = (uint8_t)((t&0x0f)<<4);
}
break;
}
}
/* we have to reverse the byte array */
uint8_t tmp;
uint8_t *p, *q;
p = a->wordv;
q = a->wordv+a->length_B-1;
while(q>p){
tmp = *p;
*p = *q;
*q = tmp;
p++; q--;
}
if(shift4){
bigint_adjust(a);
bigint_shiftright(a, 4);
}
bigint_adjust(a);
return 0;
}

28
dsa/bigint_io.h
View File

@ -1,28 +0,0 @@
/* bigint_io.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef BIGINT_IO_H_
#define BIGINT_IO_H_
#include "bigint.h"
void bigint_print_hex(const bigint_t* a);
uint8_t bigint_read_hex_echo(bigint_t* a);
#endif /* BIGINT_IO_H_ */

4
dsa/dsa.h
View File

@ -21,8 +21,8 @@
#define DSA_H_
#include <stdint.h>
#include "hfal-basic.h"
#include "bigint.h"
#include "hfal/hfal-basic.h"
#include "bigint/bigint.h"
typedef struct{
bigint_t p;

2
dsa/dsa_key_blob.c
View File

@ -22,7 +22,7 @@
#include <avr/pgmspace.h>
#include "cli.h"
#include "dsa.h"
#include "bigint.h"
#include "bigint/bigint.h"
#define DSA_KEY_BLOB_SIZE 1024

4
dsa/dsa_sign.c
View File

@ -19,10 +19,10 @@
#include <stdint.h>
#include "cli.h"
#include "bigint.h"
#include "bigint/bigint.h"
#include "dsa.h"
#include "hashfunction_descriptor.h"
#include "hfal-basic.h"
#include "hfal/hfal-basic.h"
uint8_t dsa_sign_bigint(dsa_signature_t* s, const bigint_t* m,
const dsa_ctx_t* ctx, const bigint_t* k){

4
dsa/dsa_verify.c
View File

@ -18,9 +18,9 @@
*/
#include <stdint.h>
#include "bigint.h"
#include "bigint/bigint.h"
#include "dsa.h"
#include "hfal-basic.h"
#include "hfal/hfal-basic.h"
uint8_t dsa_verify_bigint(const dsa_signature_t* s, const bigint_t* m,
const dsa_ctx_t* ctx){

66
dsa/memxor.S
View File

@ -1,66 +0,0 @@
/* memxor.S */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*
* File: memxor.S
* Author: Daniel Otte
* Date: 2008-08-07
* License: GPLv3 or later
* Description: memxor, XORing one block into another
*
*/
/*
* void memxor(void* dest, const void* src, uint16_t n);
*/
/*
* param dest is passed in r24:r25
* param src is passed in r22:r23
* param n is passed in r20:r21
*/
.global memxor
memxor:
movw r30, r24
movw r26, r22
movw r24, r20
adiw r24, 0
breq 2f
1:
ld r20, X+
ld r21, Z
eor r20, r21
st Z+, r20
sbiw r24, 1
brne 1b
2:
ret

7
dsa/memxor.h
View File

@ -1,7 +0,0 @@
#ifndef MEMXOR_H_
#define MEMXOR_H_
#include <stdint.h>
void memxor(void* dest, const void* src, uint16_t n);
#endif

85
dsa/noekeon.h
View File

@ -1,85 +0,0 @@
/* noekeon.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef NOEKEON_H_
#define NOEKEON_H_
/**
* \file noekeon.h
* \author Daniel Otte
* \email daniel.otte@rub.de
* \date 2008-04-11
* \license GPLv3 or later
* \brief Implementation of the Noekeon block cipher
* \ingroup Noekeon
* This is an implementation of the Noekeon block cipher.
* For more details on Noekeon see http://gro.noekeon.org/
*/
#include <stdint.h>
/** \typedef noekeon_ctx_t
* \brief holds key data for indirect mode
*
* A variable of this type may hold the key data for the indirect mode.
* For direct mode simply pass the key directly to the encryption or
* decryption function.
*/
typedef uint8_t noekeon_ctx_t[16];
/** \fn void noekeon_enc(void* buffer, const void* key)
* \brief noekeon encrytion funtion
*
* This function encrypts a block (64 bit = 8 byte) with the noekeon encrytion
* algorithm. Due to the two modes of noekeon (direct mode and indirect mode)
* the second parameter either points directly to the key (direct mode) or to a
* context generated by the noekeon_init() function (indirect mode).
* \param buffer pointer to the 64 bit (8 byte) block to encrypt
* \param key pointer to either the key (128 bit = 16 byte; direct mode) or
* to the context (indirect mode)
*/
void noekeon_enc(void* buffer, const void* key);
/** \fn void noekeon_dec(void* buffer, const void* key)
* \brief noekeon encrytion funtion
*
* This function decrypts a block (64 bit = 8 byte) encrypted with the noekeon
* encrytion algorithm. Due to the two modes of noekeon (direct mode and
* indirect mode) the second parameter either points directly to the key
* (direct mode) or to a context generated by the noekeon_init() function
* (indirect mode).
* \param buffer pointer to the 64 bit (8 byte) block to decrypt
* \param key pointer to either the key (128 bit = 16 byte; direct mode) or
* to the context (indirect mode)
*/
void noekeon_dec(void* buffer, const void* key);
/** \fn void noekeon_init(const void* key, noekeon_ctx_t* ctx)
* \brief noekeon context generation function for indirect mode
*
* This function generates a context from the supplied key for using
* noekeon in indirect mode. For using noekeon in direct mode supply the key
* direct to the noekeon_enc() and noekeon_dec() functions.
* \param key pointer to the key (128 bit = 16 byte)
* \param ctx pointer to the context to fill with key material
* to the context (indirect mode)
*/
void noekeon_init(const void* key, noekeon_ctx_t* ctx);
#endif /*NOEKEON_H_*/

641
dsa/noekeon_asm.S
View File

@ -1,641 +0,0 @@
/* noekeon_asm.S */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*
* noekeon assembler implementation for avr
* author: Daniel Otte
* email: daniel.otte@rub.de
* license: GPLv3
*/
#include <avr/io.h>
.macro push_all
push r2
push r3
push r4
push r5
push r6
push r7
push r8
push r9
push r10
push r11
push r12
push r13
push r14
push r15
push r16
push r17
push r28
push r29
.endm
.macro pop_all
pop r29
pop r28
pop r17
pop r16
pop r15
pop r14
pop r13
pop r12
pop r11
pop r10
pop r9
pop r8
pop r7
pop r6
pop r5
pop r4
pop r3
pop r2
clr r1
.endm
push_all_func:
pop r31
pop r30
push_all
ijmp
pop_all_func:
pop r31
pop r30
pop_all
ijmp
.macro xchg a b
eor \a, \b
eor \b, \a
eor \a, \b
.endm
.macro op32 op a b
\op \a\()_0, \b\()_0
\op \a\()_1, \b\()_1
\op \a\()_2, \b\()_2
\op \a\()_3, \b\()_3
.endm
.macro op32_4t op a b c d w x y z
\op \a, \w
\op \b, \x
\op \c, \y
\op \d, \z
.endm
.macro op32_prefix op p q a b c d w x y z
\op \p\()\a, \q\()\w
\op \p\()\b, \q\()\x
\op \p\()\c, \q\()\y
\op \p\()\d, \q\()\z
.endm
; === bigendian_rotl32 ===
; this function rotates a 32bit bigendian word n bits to the left
; param1: the 32-bit value
; given in r25,r24,r23,r22 (r22 is most significant)
; param2: the 8-bit parameter giving the number of bits to rotate
; given in r20
; return: the rotatet 32-bit word
; given in r25,r24,r23,r22
bigendian_rotl32:
/* copy high bit of r22 to carry */
mov r1, r22
2:
rol r1
rol r25
rol r24
rol r23
rol r22
dec r20
brne 2b
bigendian_rotl32_exit:
clr r1
ret
/******************************************************************************/
; === bigendian_rotl32 ===
; this function rotates a 32bit bigendian word n bits to the right
; param1: the 32-bit value
; given in r25,r24,r23,r22 (r22 is most significant)
; param2: the 8-bit parameter giving the number of bits to rotate
; given in r20
; return: the rotatet 32-bit word
; given in r25,r24,r23,r22
bigendian_rotr32:
/* copy high bit of r25 to carry */
mov r1, r25
2:
ror r1
ror r22
ror r23
ror r24
ror r25
dec r20
brne 2b
bigendian_rotr32_exit:
clr r1
ret
/******************************************************************************/
/*
void theta(uint32_t* k, uint32_t* a){
uint32_t temp;
temp = a[0] ^ a[2]; temp ^= ROTR32(temp, 8) ^ ROTL32(temp, 8);
a[1] ^= temp;
a[3] ^= temp;
a[0] ^= k[0];
a[1] ^= k[1];
a[2] ^= k[2];
a[3] ^= k[3];
temp = a[1] ^ a[3]; temp ^= ROTR32(temp, 8) ^ ROTL32(temp, 8);
a[0] ^= temp;
a[2] ^= temp;
}
*/
round_const: .byte 0x1B, 0x36, 0x6C, 0xD8, 0xAB, 0x4D, 0x9A, \
0x2F, 0x5E, 0xBC, 0x63, 0xC6, 0x97, 0x35, 0x6A, \
0xD4
;-- a[0]
state0_0 = 2
state0_1 = 3
state0_2 = 4
state0_3 = 5
;-- a[1]
state1_0 = 6
state1_1 = 7
state1_2 = 8
state1_3 = 9
;-- a[2]
state2_0 = 10
state2_1 = 11
state2_2 = 12
state2_3 = 13
;-- a[3]
state3_0 = 14
state3_1 = 15
state3_2 = 16
state3_3 = 17
; === theta ===
;
; param1: the state in r2-r17
; param2: pointer to k in X (r26,r27)
;
temp_a = 18
temp_b = 19
temp_c = 20
temp_d = 21
theta:
/* temp = a[0] ^ a[2]; temp ^= temp>>>8 ^ temp<<<8 */
op32_prefix mov, temp_, state0_, a,b,c,d, 0,1,2,3
op32_prefix eor, temp_, state2_, a,b,c,d, 0,1,2,3
mov r1, temp_a
eor r1, temp_b
eor r1, temp_c
eor r1, temp_d
op32_prefix eor, temp_, r, a,b,c,d, 1,1,1,1
/* temp is know a little bit mixed c,d,a,b (if abcd is normal order) */
/* a[1] ^= temp */
eor state1_0, temp_c
eor state1_1, temp_d
eor state1_2, temp_a
eor state1_3, temp_b
/* a[3] ^= temp */
eor state3_0, temp_c
eor state3_1, temp_d
eor state3_2, temp_a
eor state3_3, temp_b
/* state ^ k (X points to K) */
ldi r28, 2
clr r29 /* Y points to r2 aka state0_0 */
ldi temp_a, 16
1:
ld r1, X+
ld r0, Y
eor r1, r0
st Y+, r1
dec temp_a
brne 1b
sbiw r26, 16 /* set X back to key */
mov temp_a, state1_0
mov temp_b, state1_1
mov temp_c, state1_2
mov temp_d, state1_3
eor temp_a, state3_0
eor temp_b, state3_1
eor temp_c, state3_2
eor temp_d, state3_3
mov r1, temp_a
eor r1, temp_b
eor r1, temp_c
eor r1, temp_d
eor temp_a, r1
eor temp_b, r1
eor temp_c, r1
eor temp_d, r1
/* temp is know a little bit mixed c,d,a,b (if abcd is normal order) */
/* a[0] ^= temp */
eor state0_0, temp_c
eor state0_1, temp_d
eor state0_2, temp_a
eor state0_3, temp_b
/* a[2] ^= temp */
eor state2_0, temp_c
eor state2_1, temp_d
eor state2_2, temp_a
eor state2_3, temp_b
clr r1
ret
/******************************************************************************/
#ifndef NOEKEON_NO_ENC
; === noekeon_enc ===
;
; param1: pointer to buffer (r24,r25)
; param2: pointer to k (r22,r23)
;
.global noekeon_enc
noekeon_enc:
rcall push_all_func
/* load state */
movw r26, r22
ldi r28, 2
clr r29 /* Y points at r2 aka state0_0 */
movw r30, r24 /* Z points at state */
push r30
push r31
ldi r22, 16
push r22 /* 16 is also the number of rounds and gets pushed here */
1:
ld r0, Z+
st Y+, r0
dec r22
brne 1b
/* state loaded */
push r1 /* push round constan2 (0x00) */
ldi r20, 0x80
push r20 /* push round constan2 (0x00) */
rjmp 3f
2:
ldi r30, lo8(round_const+15)
ldi r31, hi8(round_const+15)
sub r30, r22
sbci r31, 0
clr r1
push r1
lpm r0, Z
push r0
3:
rcall round /* pops rc2 & rc1 */
pop r22
dec r22
push r22
brne 2b
pop r22
ldi r22, 0xD4
eor state0_3, r22
rcall theta
pop r31
pop r30
clr r29
ldi r28, 2
ldi r22, 16
1:
ld r0, Y+
st Z+, r0
dec r22
brne 1b
rcall pop_all_func
ret
#endif
/******************************************************************************/
/******************************************************************************/
#ifndef NOEKEON_NO_DEC
; === noekeon_dec ===
;
; param1: pointer to buffer/state (r24,r25)
; param2: pointer to k (r22,r23)
;
.global noekeon_dec
noekeon_dec:
rcall push_all_func
/* allocate 16 bytes on the stack */
in r30, _SFR_IO_ADDR(SPL)
in r31, _SFR_IO_ADDR(SPH)
sbiw r30, 16
out _SFR_IO_ADDR(SPH), r31
out _SFR_IO_ADDR(SPL), r30
adiw r30, 1
/* push state pointer */
push r24
push r25
movw r26, r22 /* move key ptr to X */
/* set stackkey to zero */
ldi r22, 16
1: st Z+, r1
dec r22
brne 1b
/* copy key to state */
clr r29
ldi r28, 2
ldi r22, 16
1: ld r0, X+
st Y+, r0
dec r22
brne 1b
movw r26, r30
sbiw r26, 16 /* set X back to begining of stack key */
rcall theta
/* mov state to stackkey */
clr r29
ldi r28, 2
ldi r22, 16
1: ld r0, Y+
st X+, r0
dec r22
brne 1b
sbiw r26, 16 /* set X back to begining of stack key */
/* move data from stateptr to state */
pop r31
pop r30
push r30
push r31
clr r29
ldi r28, 2
ldi r22, 16
push r22
1: ld r0, Z+
st Y+, r0
dec r22
brne 1b
;--- snip 8< ----
ldi r20, 0xD4
push r20 /* push round constant2 (0xD4) */
push r22 /* push round constan1 (0x00) */
rjmp 3f
2:
ldi r30, lo8(round_const-1)
ldi r31, hi8(round_const-1)
clr r1
add r30, r22
adc r31, r1
lpm r0, Z
push r0
push r1
3:
rcall round /* pops rc2 & rc1 */
pop r22
dec r22
push r22
brne 2b
;----
pop r22
rcall theta
ldi r22, 0x80
eor state0_3, r22
write_state_back:
/* write state back */
pop r31 /* pop state pointer */
pop r30
clr r29
ldi r28, 2
ldi r22, 16
1:
ld r0, Y+
st Z+, r0
dec r22
brne 1b
/* remove key from stack */
in r30, _SFR_IO_ADDR(SPL)
in r31, _SFR_IO_ADDR(SPH)
adiw r30, 16
out _SFR_IO_ADDR(SPH), r31
out _SFR_IO_ADDR(SPL), r30
rcall pop_all_func
ret
#endif
/******************************************************************************/
round:
pop r24
pop r25
pop r1
eor state0_3, r1
rcall theta
pop r1
eor state0_3, r1
push r25
push r24
pi_gamma_pi:
ldi r30, pm_lo8(bigendian_rotl32)
ldi r31, pm_hi8(bigendian_rotl32)
rcall pi
/* pi1 done; now gamma */
rcall gamma_1
/* a[0] <-> a[3] */
xchg state0_0, state3_0
xchg state0_1, state3_1
xchg state0_2, state3_2
xchg state0_3, state3_3
/* a[2] ^= a[0] ^ a[1] ^ a[3] */
op32 eor, state2, state0
op32 eor, state2, state1
op32 eor, state2, state3
rcall gamma_1
ldi r30, pm_lo8(bigendian_rotr32)
ldi r31, pm_hi8(bigendian_rotr32)
rcall pi
ret
gamma_1:
/* a[1] ^= ~(a[3]|a[2])*/
mov r1, state3_0
or r1, state2_0
com r1
eor state1_0, r1
mov r1, state3_1
or r1, state2_1
com r1
eor state1_1, r1
mov r1, state3_2
or r1, state2_2
com r1
eor state1_2, r1
mov r1, state3_3
or r1, state2_3
com r1
eor state1_3, r1
/* a[0] ^= a[2]&a[1] */
mov r1, state2_0
and r1, state1_0
eor state0_0, r1
mov r1, state2_1
and r1, state1_1
eor state0_1, r1
mov r1, state2_2
and r1, state1_2
eor state0_2, r1
mov r1, state2_3
and r1, state1_3
eor state0_3, r1
ret
pi:
/* a[1] <<<= 1*/
mov r22, state1_0
mov r23, state1_1
mov r24, state1_2
mov r25, state1_3
ldi r20, 1
icall
mov state1_0, r22
mov state1_1, r23
mov state1_2, r24
mov state1_3, r25
/* a[2] <<<= 5*/
mov r22, state2_0
mov r23, state2_1
mov r24, state2_2
mov r25, state2_3
ldi r20, 5
icall
mov state2_0, r22
mov state2_1, r23
mov state2_2, r24
mov state2_3, r25
/* a[3] <<<= 2*/
mov r22, state3_0
mov r23, state3_1
mov r24, state3_2
mov r25, state3_3
ldi r20, 2
icall
mov state3_0, r22
mov state3_1, r23
mov state3_2, r24
mov state3_3, r25
ret
/******************************************************************************/
/*
void noekeon_init(void* key, noekeon_ctx_t* ctx){
uint8_t nullv[16];
memset(nullv, 0, 16);
memcpy(ctx, key, 16);
noekeon_enc(ctx, nullv);
}
*/
#ifndef NOEKEON_NO_INIT
.global noekeon_init
noekeon_init:
; === noekeon_init ===
;
; param1: pointer to key (r24,r25)
; param2: pointer to context (r22,r23)
;
in r30, _SFR_IO_ADDR(SPL)
in r31, _SFR_IO_ADDR(SPH)
sbiw r30, 16
out _SFR_IO_ADDR(SPH), r31
out _SFR_IO_ADDR(SPL), r30
movw r26, r22
adiw r30, 1
movw r22, r30
/* set nullv(stack) to zero */
ldi r20, 16
1: st Z+, r1
dec r20
brne 1b
/* copy key data to ctx */
movw r30, r24
ldi r20, 16
1: ld r1, Z+
st X+, r1
dec r20
brne 1b
clr r1
sbiw r26, 16
movw r24, r26
rcall noekeon_enc
in r30, _SFR_IO_ADDR(SPL)
in r31, _SFR_IO_ADDR(SPH)
adiw r30, 16
out _SFR_IO_ADDR(SPH), r31
out _SFR_IO_ADDR(SPL), r30
ret
#endif

75
dsa/noekeon_prng.c
View File

@ -1,75 +0,0 @@
/* noekeon_prng.c */
/*
* This file is part of the AVR-Crypto-Lib.
* Copyright (C) 2006, 2007, 2008 Daniel Otte (daniel.otte@rub.de)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \author Daniel Otte
* \date 2008-08-24
* \license GPLv3 or later
* \brief random number generator based on noekeon running in CFB-mode
*
*/
#include "noekeon.h"
#include "memxor.h"
#include <stdint.h>
#include <string.h>
static uint8_t random_state[16];
static uint8_t random_key[16];
static uint8_t i=0;
uint8_t random8(void){
static uint8_t sr[16];
if(i==0){
noekeon_enc(random_state, random_key);
memcpy(sr, random_state, 16);
i=15;
return sr[15];
}
--i;
return sr[i];
}
void random_block(void* dest){
i=0;
noekeon_enc(random_state, random_key);
memcpy(dest, random_state, 16);
}
void srandom32(uint32_t seed){
memcpy(random_key, &seed, 4);
memset(random_key+4, 0, 12);
memset(random_state, 0, 16);
i=0;
}
void random_seed(const void* buffer){
memcpy(random_key, buffer, 16);
memset(random_state, 0, 16);
i=0;
}
void random_add(const void* buffer){
i=0;
noekeon_enc(random_state, random_key);
memxor(random_key, random_state, 16);
memxor(random_key, buffer, 16);
}

40
dsa/noekeon_prng.h
View File

@ -1,40 +0,0 @@
/* noekeon_prng.h */
/*
* This file is part of the AVR-Crypto-Lib.
* Copyright (C) 2006, 2007, 2008 Daniel Otte (daniel.otte@rub.de)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \author Daniel Otte
* \date 2008-08-24
* \license GPLv3 or later
* \brief random number generator based on noekeon running in CFB-mode
*
*/
#ifndef PRNG_H_
#define PRNG_H_
#include <stdint.h>
uint8_t random8(void);
void random_block(void* dest);
void srandom32(uint32_t seed);
void random_seed(const void* buffer);
void random_add(const void* buffer);
#endif /* PRNG_H_*/

883
dsa/sha1-asm.S
View File

@ -1,883 +0,0 @@
/* sha1-asm.S */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*
* Author: Daniel Otte
*
* License: GPLv3 or later
*/
; SHA1 implementation in assembler for AVR
SHA1_BLOCK_BITS = 512
SHA1_HASH_BITS = 160
.macro precall
/* push r18 - r27, r30 - r31*/
push r0
push r1
push r18
push r19
push r20
push r21
push r22
push r23
push r24
push r25
push r26
push r27
push r30
push r31
clr r1
.endm
.macro postcall
pop r31
pop r30
pop r27
pop r26
pop r25
pop r24
pop r23
pop r22
pop r21
pop r20
pop r19
pop r18
pop r1
pop r0
.endm
.macro hexdump length
push r27
push r26
ldi r25, '\r'
mov r24, r25
call uart_putc
ldi r25, '\n'
mov r24, r25
call uart_putc
pop r26
pop r27
movw r24, r26
.if \length > 16
ldi r22, lo8(16)
ldi r23, hi8(16)
push r27
push r26
call uart_hexdump
pop r26
pop r27
adiw r26, 16
hexdump \length-16
.else
ldi r22, lo8(\length)
ldi r23, hi8(\length)
call uart_hexdump
.endif
.endm
.macro delay
/*
push r0
push r1
clr r0
1: clr r1
2: dec r1
brne 2b
dec r0
brne 1b
pop r1
pop r0 // */
.endm
/* X points to Block */
.macro dbg_hexdump length
/*
precall
hexdump \length
postcall
// */
.endm
.section .text
SPL = 0x3D
SPH = 0x3E
SREG = 0x3F
;
;sha1_ctx_t is:
;
; [h0][h1][h2][h3][h4][length]
; hn is 32 bit large, length is 64 bit large
;###########################################################
.global sha1_ctx2hash
; === sha1_ctx2hash ===
; this function converts a state into a normal hash (bytestring)
; param1: the 16-bit destination pointer
; given in r25,r24 (r25 is most significant)
; param2: the 16-bit pointer to sha1_ctx structure
; given in r23,r22
sha1_ctx2hash:
movw r26, r22
movw r30, r24
ldi r21, 5
sbiw r26, 4
1:
ldi r20, 4
adiw r26, 8
2:
ld r0, -X
st Z+, r0
dec r20
brne 2b
dec r21
brne 1b
ret
;###########################################################
.global sha1
; === sha1 ===
; this function calculates SHA-1 hashes from messages in RAM
; param1: the 16-bit hash destination pointer
; given in r25,r24 (r25 is most significant)
; param2: the 16-bit pointer to message
; given in r23,r22
; param3: 32-bit length value (length of message in bits)
; given in r21,r20,r19,r18
sha1:
sha1_prolog:
push r8
push r9
push r10
push r11
push r12
push r13
push r16
push r17
in r30, SPL
in r31, SPH
sbiw r30, 5*4+8
in r0, SREG
cli
out SPL, r30
out SREG, r0
out SPH, r31
push r25
push r24
adiw r30, 1
movw r16, r30
movw r8, r18 /* backup of length*/
movw r10, r20
movw r12, r22 /* backup pf msg-ptr */
movw r24, r16
rcall sha1_init
/* if length >= 512 */
1:
tst r11
brne 2f
tst r10
breq 4f
2:
movw r24, r16
movw r22, r12
rcall sha1_nextBlock
ldi r19, 64
add r12, r19
adc r13, r1
/* length -= 512 */
ldi r19, 0x02
sub r9, r19
sbc r10, r1
sbc r11, r1
rjmp 1b
4:
movw r24, r16
movw r22, r12
movw r20, r8
rcall sha1_lastBlock
pop r24
pop r25
movw r22, r16
rcall sha1_ctx2hash
sha1_epilog:
in r30, SPL
in r31, SPH
adiw r30, 5*4+8
in r0, SREG
cli
out SPL, r30
out SREG, r0
out SPH, r31
pop r17
pop r16
pop r13
pop r12
pop r11
pop r10
pop r9
pop r8
ret
;###########################################################
; block MUST NOT be larger than 64 bytes
.global sha1_lastBlock
; === sha1_lastBlock ===
; this function does padding & Co. for calculating SHA-1 hashes
; param1: the 16-bit pointer to sha1_ctx structure
; given in r25,r24 (r25 is most significant)
; param2: an 16-bit pointer to 64 byte block to hash
; given in r23,r22
; param3: an 16-bit integer specifing length of block in bits
; given in r21,r20
sha1_lastBlock_localSpace = (SHA1_BLOCK_BITS/8+1)
sha1_lastBlock:
cpi r21, 0x02
brlo sha1_lastBlock_prolog
push r25
push r24
push r23
push r22
push r21
push r20
rcall sha1_nextBlock
pop r20
pop r21
pop r22
pop r23
pop r24
pop r25
subi r21, 2
ldi r19, 64
sub r22, r19
sbc r23, r1
rjmp sha1_lastBlock
sha1_lastBlock_prolog:
/* allocate space on stack */
in r30, SPL
in r31, SPH
in r0, SREG
subi r30, lo8(64)
sbci r31, hi8(64) /* ??? */
cli
out SPL, r30
out SREG, r0
out SPH, r31
adiw r30, 1 /* SP points to next free byte on stack */
mov r18, r20 /* r20 = LSB(length) */
lsr r18
lsr r18
lsr r18
bst r21, 0 /* may be we should explain this ... */
bld r18, 5 /* now: r18 == length/8 (aka. length in bytes) */
movw r26, r22 /* X points to begin of msg */
tst r18
breq sha1_lastBlock_post_copy
mov r1, r18
sha1_lastBlock_copy_loop:
ld r0, X+
st Z+, r0
dec r1
brne sha1_lastBlock_copy_loop
sha1_lastBlock_post_copy:
sha1_lastBlock_insert_stuffing_bit:
ldi r19, 0x80
mov r0,r19
ldi r19, 0x07
and r19, r20 /* if we are in bitmode */
breq 2f /* no bitmode */
1:
lsr r0
dec r19
brne 1b
ld r19, X
/* maybe we should do some ANDing here, just for safety */
or r0, r19
2:
st Z+, r0
inc r18
/* checking stuff here */
cpi r18, 64-8+1
brsh 0f
rjmp sha1_lastBlock_insert_zeros
0:
/* oh shit, we landed here */
/* first we have to fill it up with zeros */
ldi r19, 64
sub r19, r18
breq 2f
1:
st Z+, r1
dec r19
brne 1b
2:
sbiw r30, 63
sbiw r30, 1
movw r22, r30
push r31
push r30
push r25
push r24
push r21
push r20
rcall sha1_nextBlock
pop r20
pop r21
pop r24
pop r25
pop r30
pop r31
/* now we should subtract 512 from length */
movw r26, r24
adiw r26, 4*5+1 /* we can skip the lowest byte */
ld r19, X
subi r19, hi8(512)
st X+, r19
ldi r18, 6
1:
ld r19, X
sbci r19, 0
st X+, r19
dec r18
brne 1b
; clr r18 /* not neccessary ;-) */
/* reset Z pointer to begin of block */
sha1_lastBlock_insert_zeros:
ldi r19, 64-8
sub r19, r18
breq sha1_lastBlock_insert_length
clr r1
1:
st Z+, r1 /* r1 is still zero */
dec r19
brne 1b
; rjmp sha1_lastBlock_epilog
sha1_lastBlock_insert_length:
movw r26, r24 /* X points to state */
adiw r26, 5*4 /* X points to (state.length) */
adiw r30, 8 /* Z points one after the last byte of block */
ld r0, X+
add r0, r20
st -Z, r0
ld r0, X+
adc r0, r21
st -Z, r0
ldi r19, 6
1:
ld r0, X+
adc r0, r1
st -Z, r0
dec r19
brne 1b
sbiw r30, 64-8
movw r22, r30
rcall sha1_nextBlock
sha1_lastBlock_epilog:
in r30, SPL
in r31, SPH
in r0, SREG
adiw r30, 63 ; lo8(64)
adiw r30, 1 ; hi8(64)
cli
out SPL, r30
out SREG, r0
out SPH, r31
clr r1
ret
/**/
;###########################################################
.global sha1_nextBlock
; === sha1_nextBlock ===
; this is the core function for calculating SHA-1 hashes
; param1: the 16-bit pointer to sha1_ctx structure
; given in r25,r24 (r25 is most significant)
; param2: an 16-bit pointer to 64 byte block to hash
; given in r23,r22
sha1_nextBlock_localSpace = (16+5+1)*4 ; 16 32-bit values for w array and 5 32-bit values for a array (total 84 byte)
xtmp = 0
xNULL = 1
W1 = 10
W2 = 11
T1 = 12
T2 = 13
T3 = 14
T4 = 15
LoopC = 16
S = 17
tmp1 = 18
tmp2 = 19
tmp3 = 20
tmp4 = 21
F1 = 22
F2 = 23
F3 = 24
F4 = 25
/* byteorder: high number <--> high significance */
sha1_nextBlock:
; initial, let's make some space ready for local vars
/* replace push & pop by mem ops? */
push r10
push r11
push r12
push r13
push r14
push r15
push r16
push r17
push r28
push r29
in r20, SPL
in r21, SPH
movw r18, r20 ;backup SP
; movw r26, r20 ; X points to free space on stack /* maybe removeable? */
movw r30, r22 ; Z points to message
subi r20, lo8(sha1_nextBlock_localSpace) ;sbiw can do only up to 63
sbci r21, hi8(sha1_nextBlock_localSpace)
movw r26, r20 ; X points to free space on stack
in r0, SREG
cli ; we want to be uninterrupted while updating SP
out SPL, r20
out SREG, r0
out SPH, r21
push r18
push r19 /* push old SP on new stack */
push r24
push r25 /* param1 will be needed later */
/* load a[] with state */
movw 28, r24 /* load pointer to state in Y */
adiw r26, 1 ; X++
ldi LoopC, 5*4
1: ld tmp1, Y+
st X+, tmp1
dec LoopC
brne 1b
movw W1, r26 /* save pointer to w[0] */
/* load w[] with endian fixed message */
/* we might also use the changeendian32() function at bottom */
movw r30, r22 /* mv param2 (ponter to msg) to Z */
ldi LoopC, 16
1:
ldd tmp1, Z+3
st X+, tmp1
ldd tmp1, Z+2
st X+, tmp1
ldd tmp1, Z+1
st X+, tmp1
ld tmp1, Z
st X+, tmp1
adiw r30, 4
dec LoopC
brne 1b
;clr LoopC /* LoopC is named t in FIPS 180-2 */
clr xtmp
sha1_nextBlock_mainloop:
mov S, LoopC
lsl S
lsl S
andi S, 0x3C /* S is a bytepointer so *4 */
/* load w[s] */
movw r26, W1
add r26, S /* X points at w[s] */
adc r27, xNULL
ld T1, X+
ld T2, X+
ld T3, X+
ld T4, X+
/*
push r26
push r27
push T4
push T3
push T2
push T1
in r26, SPL
in r27, SPH
adiw r26, 1
dbg_hexdump 4
pop T1
pop T2
pop T3
pop T4
pop r27
pop r26
*/
cpi LoopC, 16
brlt sha1_nextBlock_mainloop_core
/* update w[s] */
ldi tmp1, 2*4
rcall 1f
ldi tmp1, 8*4
rcall 1f
ldi tmp1, 13*4
rcall 1f
rjmp 2f
1: /* this might be "outsourced" to save the jump above */
add tmp1, S
andi tmp1, 0x3f
movw r26, W1
add r26, tmp1
adc r27, xNULL
ld tmp2, X+
eor T1, tmp2
ld tmp2, X+
eor T2, tmp2
ld tmp2, X+
eor T3, tmp2
ld tmp2, X+
eor T4, tmp2
ret
2: /* now we just hav to do a ROTL(T) and save T back */
mov tmp2, T4
rol tmp2
rol T1
rol T2
rol T3
rol T4
movw r26, W1
add r26, S
adc r27, xNULL
st X+, T1
st X+, T2
st X+, T3
st X+, T4
sha1_nextBlock_mainloop_core: /* ther core function; T=ROTL5(a) ....*/
/* T already contains w[s] */
movw r26, W1
sbiw r26, 4*1 /* X points at a[4] aka e */
ld tmp1, X+
add T1, tmp1
ld tmp1, X+
adc T2, tmp1
ld tmp1, X+
adc T3, tmp1
ld tmp1, X+
adc T4, tmp1 /* T = w[s]+e */
sbiw r26, 4*5 /* X points at a[0] aka a */
ld F1, X+
ld F2, X+
ld F3, X+
ld F4, X+
mov tmp1, F4 /* X points at a[1] aka b */
ldi tmp2, 5
1:
rol tmp1
rol F1
rol F2
rol F3
rol F4
dec tmp2
brne 1b
add T1, F1
adc T2, F2
adc T3, F3
adc T4, F4 /* T = ROTL(a,5) + e + w[s] */
/* now we have to do this fucking conditional stuff */
ldi r30, lo8(sha1_nextBlock_xTable)
ldi r31, hi8(sha1_nextBlock_xTable)
add r30, xtmp
adc r31, xNULL
lpm tmp1, Z
cp tmp1, LoopC
brne 1f
inc xtmp
1: ldi r30, lo8(sha1_nextBlock_KTable)
ldi r31, hi8(sha1_nextBlock_KTable)
lsl xtmp
lsl xtmp
add r30, xtmp
adc r31, xNULL
lsr xtmp
lsr xtmp
lpm tmp1, Z+
add T1, tmp1
lpm tmp1, Z+
adc T2, tmp1
lpm tmp1, Z+
adc T3, tmp1
lpm tmp1, Z+
adc T4, tmp1
/* T = ROTL(a,5) + e + kt + w[s] */
/* Z-4 is just pointing to kt ... */
movw r28, r26 /* copy X in Y */
adiw r30, 3*4 /* now Z points to the rigth locatin in our jump-vector-table */
lsr r31
ror r30
icall
mov F1, tmp1
icall
mov F2, tmp1
icall
mov F3, tmp1
icall
add T1, F1
adc T2, F2
adc T3, F3
adc T4, tmp1 /* T = ROTL5(a) + f_t(b,c,d) + e + k_t + w[s] */
/* X points still at a[1] aka b, Y points at a[2] aka c */
/* update a[] */
sha1_nextBlock_update_a:
/*first we move all vars in a[] "one up" e=d, d=c, c=b, b=a*/
//adiw r28, 3*4 /* Y should point at a[4] aka e */
movw r28, W1
sbiw r28, 4
ldi tmp2, 4*4
1:
ld tmp1, -Y
std Y+4, tmp1
dec tmp2
brne 1b
/* Y points at a[0] aka a*/
movw r28, W1
sbiw r28, 5*4
/* store T in a[0] aka a */
st Y+, T1
st Y+, T2
st Y+, T3
st Y+, T4
/* Y points at a[1] aka b*/
/* rotate c */
ldd T1, Y+1*4
ldd T2, Y+1*4+1
ldd T3, Y+1*4+2
ldd T4, Y+1*4+3
mov tmp1, T1
ldi tmp2, 2
1: ror tmp1
ror T4
ror T3
ror T2
ror T1
dec tmp2
brne 1b
std Y+1*4+0, T1
std Y+1*4+1, T2
std Y+1*4+2, T3
std Y+1*4+3, T4
/*
push r27
push r26
movw r26, W1
sbiw r26, 4*5
dbg_hexdump 4*5
pop r26
pop r27
*/
inc LoopC
cpi LoopC, 80
brge 1f
rjmp sha1_nextBlock_mainloop
/**************************************/
1:
/* littel patch */
sbiw r28, 4
/* add a[] to state and inc length */
pop r27
pop r26 /* now X points to state (and Y still at a[0]) */
ldi tmp4, 5
1: clc
ldi tmp3, 4
2: ld tmp1, X
ld tmp2, Y+
adc tmp1, tmp2
st X+, tmp1
dec tmp3
brne 2b
dec tmp4
brne 1b
/* now length += 512 */
adiw r26, 1 /* we skip the least significant byte */
ld tmp1, X
ldi tmp2, hi8(512) /* 2 */
add tmp1, tmp2
st X+, tmp1
ldi tmp2, 6
1:
ld tmp1, X
adc tmp1, xNULL
st X+, tmp1
dec tmp2
brne 1b
; EPILOG
sha1_nextBlock_epilog:
/* now we should clean up the stack */
pop r21
pop r20
in r0, SREG
cli ; we want to be uninterrupted while updating SP
out SPL, r20
out SREG, r0
out SPH, r21
clr r1
pop r29
pop r28
pop r17
pop r16
pop r15
pop r14
pop r13
pop r12
pop r11
pop r10
ret
sha1_nextBlock_xTable:
.byte 20,40,60,0
sha1_nextBlock_KTable:
.int 0x5a827999
.int 0x6ed9eba1
.int 0x8f1bbcdc
.int 0xca62c1d6
sha1_nextBlock_JumpTable:
rjmp sha1_nextBlock_Ch
nop
rjmp sha1_nextBlock_Parity
nop
rjmp sha1_nextBlock_Maj
nop
rjmp sha1_nextBlock_Parity
/* X and Y still point at a[1] aka b ; return value in tmp1 */
sha1_nextBlock_Ch:
ld tmp1, Y+
mov tmp2, tmp1
com tmp2
ldd tmp3, Y+3 /* load from c */
and tmp1, tmp3
ldd tmp3, Y+7 /* load from d */
and tmp2, tmp3
eor tmp1, tmp2
ret
sha1_nextBlock_Maj:
ld tmp1, Y+
mov tmp2, tmp1
ldd tmp3, Y+3 /* load from c */
and tmp1, tmp3
ldd tmp4, Y+7 /* load from d */
and tmp2, tmp4
eor tmp1, tmp2
and tmp3, tmp4
eor tmp1, tmp3
ret
sha1_nextBlock_Parity:
ld tmp1, Y+
ldd tmp2, Y+3 /* load from c */
eor tmp1, tmp2
ldd tmp2, Y+7 /* load from d */
eor tmp1, tmp2
ret
/*
ch_str: .asciz "\r\nCh"
maj_str: .asciz "\r\nMaj"
parity_str: .asciz "\r\nParity"
*/
;###########################################################
.global sha1_init
;void sha1_init(sha1_ctx_t *state){
; DEBUG_S("\r\nSHA1_INIT");
; state->h[0] = 0x67452301;
; state->h[1] = 0xefcdab89;
; state->h[2] = 0x98badcfe;
; state->h[3] = 0x10325476;
; state->h[4] = 0xc3d2e1f0;
; state->length = 0;
;}
; param1: (Func3,r24) 16-bit pointer to sha1_ctx_t struct in ram
; modifys: Z(r30,r31), Func1, r22
sha1_init:
movw r26, r24 ; (24,25) --> (26,27) load X with param1
ldi r30, lo8((sha1_init_vector))
ldi r31, hi8((sha1_init_vector))
ldi r22, 5*4 /* bytes to copy */
sha1_init_vloop:
lpm r23, Z+
st X+, r23
dec r22
brne sha1_init_vloop
ldi r22, 8
sha1_init_lloop:
st X+, r1
dec r22
brne sha1_init_lloop
ret
sha1_init_vector:
.int 0x67452301;
.int 0xefcdab89;
.int 0x98badcfe;
.int 0x10325476;
.int 0xc3d2e1f0;

117
dsa/sha1.h
View File

@ -1,117 +0,0 @@
/* sha1.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file sha1.h
* \author Daniel Otte
* \email daniel.otte@rub.de
* \date 2006-10-08
* \license GPLv3 or later
* \brief SHA-1 declaration.
* \ingroup SHA-1
*
*/
#ifndef SHA1_H_
#define SHA1_H_
#include <stdint.h>
/** \def SHA1_HASH_BITS
* definees the size of a SHA-1 hash in bits
*/
/** \def SHA1_HASH_BYTES
* definees the size of a SHA-1 hash in bytes
*/
/** \def SHA1_BLOCK_BITS
* definees the size of a SHA-1 input block in bits
*/
/** \def SHA1_BLOCK_BYTES
* definees the size of a SHA-1 input block in bytes
*/
#define SHA1_HASH_BITS 160
#define SHA1_HASH_BYTES (SHA1_HASH_BITS/8)
#define SHA1_BLOCK_BITS 512
#define SHA1_BLOCK_BYTES (SHA1_BLOCK_BITS/8)
/** \typedef sha1_ctx_t
* \brief SHA-1 context type
*
* A vatiable of this type may hold the state of a SHA-1 hashing process
*/
typedef struct {
uint32_t h[5];
uint64_t length;
} sha1_ctx_t;
/** \typedef sha1_hash_t
* \brief hash value type
* A variable of this type may hold a SHA-1 hash value
*/
typedef uint8_t sha1_hash_t[SHA1_HASH_BITS/8];
/** \fn sha1_init(sha1_ctx_t *state)
* \brief initializes a SHA-1 context
* This function sets a ::sha1_ctx_t variable to the initialization vector
* for SHA-1 hashing.
* \param state pointer to the SHA-1 context variable
*/
void sha1_init(sha1_ctx_t *state);
/** \fn sha1_nextBlock(sha1_ctx_t *state, const void* block)
* \brief process one input block
* This function processes one input block and updates the hash context
* accordingly
* \param state pointer to the state variable to update
* \param block pointer to the message block to process
*/
void sha1_nextBlock (sha1_ctx_t *state, const void* block);
/** \fn sha1_lastBlock(sha1_ctx_t *state, const void* block, uint16_t length_b)
* \brief processes the given block and finalizes the context
* This function processes the last block in a SHA-1 hashing process.
* The block should have a maximum length of a single input block.
* \param state pointer to the state variable to update and finalize
* \param block pointer to themessage block to process
* \param length_b length of the message block in bits
*/
void sha1_lastBlock (sha1_ctx_t *state, const void* block, uint16_t length_b);
/** \fn sha1_ctx2hash(sha1_hash_t *dest, sha1_ctx_t *state)
* \brief convert a state variable into an actual hash value
* Writes the hash value corresponding to the state to the memory pointed by dest.
* \param dest pointer to the hash value destination
* \param state pointer to the hash context
*/
void sha1_ctx2hash (sha1_hash_t *dest, sha1_ctx_t *state);
/** \fn sha1(sha1_hash_t *dest, const void* msg, uint32_t length_b)
* \brief hashing a message which in located entirely in RAM
* This function automatically hashes a message which is entirely in RAM with
* the SHA-1 hashing algorithm.
* \param dest pointer to the hash value destination
* \param msg pointer to the message which should be hashed
* \param length_b length of the message in bits
*/
void sha1(sha1_hash_t *dest, const void* msg, uint32_t length_b);
#endif /*SHA1_H_*/

1040
dsa/sha256-asm.S
View File

File diff suppressed because it is too large Load Diff

122
dsa/sha256.h
View File

@ -1,122 +0,0 @@
/* sha256.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file sha256.h
* \author Daniel Otte
* \date 2006-05-16
* \license GPLv3 or later
*
*/
#ifndef SHA256_H_
#define SHA256_H_
#define __LITTLE_ENDIAN__
#include <stdint.h>
/** \def SHA256_HASH_BITS
* defines the size of a SHA-256 hash value in bits
*/
/** \def SHA256_HASH_BYTES
* defines the size of a SHA-256 hash value in bytes
*/
/** \def SHA256_BLOCK_BITS
* defines the size of a SHA-256 input block in bits
*/
/** \def SHA256_BLOCK_BYTES
* defines the size of a SHA-256 input block in bytes
*/
#define SHA256_HASH_BITS 256
#define SHA256_HASH_BYTES (SHA256_HASH_BITS/8)
#define SHA256_BLOCK_BITS 512
#define SHA256_BLOCK_BYTES (SHA256_BLOCK_BITS/8)
/** \typedef sha256_ctx_t
* \brief SHA-256 context type
*
* A variable of this type may hold the state of a SHA-256 hashing process
*/
typedef struct {
uint32_t h[8];
uint64_t length;
} sha256_ctx_t;
/** \typedef sha256_hash_t
* \brief SHA-256 hash value type
*
* A variable of this type may hold the hash value produced by the
* sha256_ctx2hash(sha256_hash_t* dest, const sha256_ctx_t* state) function.
*/
typedef uint8_t sha256_hash_t[SHA256_HASH_BYTES];
/** \fn void sha256_init(sha256_ctx_t *state)
* \brief initialise a SHA-256 context
*
* This function sets a ::sha256_ctx_t to the initial values for hashing.
* \param state pointer to the SHA-256 hashing context
*/
void sha256_init(sha256_ctx_t *state);
/** \fn void sha256_nextBlock (sha256_ctx_t* state, const void* block)
* \brief update the context with a given block
*
* This function updates the SHA-256 hash context by processing the given block
* of fixed length.
* \param state pointer to the SHA-256 hash context
* \param block pointer to the block of fixed length (512 bit = 64 byte)
*/
void sha256_nextBlock (sha256_ctx_t* state, const void* block);
/** \fn void sha256_lastBlock(sha256_ctx_t* state, const void* block, uint16_t length_b)
* \brief finalize the context with the given block
*
* This function finalizes the SHA-256 hash context by processing the given block
* of variable length.
* \param state pointer to the SHA-256 hash context
* \param block pointer to the block of fixed length (512 bit = 64 byte)
* \param length_b the length of the block in bits
*/
void sha256_lastBlock(sha256_ctx_t* state, const void* block, uint16_t length_b);
/** \fn void sha256_ctx2hash(sha256_hash_t* dest, const sha256_ctx_t* state)
* \brief convert the hash state into the hash value
* This function reads the context and writes the hash value to the destination
* \param dest pointer to the location where the hash value should be written
* \param state pointer to the SHA-256 hash context
*/
void sha256_ctx2hash(sha256_hash_t* dest, const sha256_ctx_t* state);
/** \fn void sha256(sha256_hash_t* dest, const void* msg, uint32_t length_b)
* \brief simple SHA-256 hashing function for direct hashing
*
* This function automaticaly hashes a given message of arbitary length with
* the SHA-256 hashing algorithm.
* \param dest pointer to the location where the hash value is going to be written to
* \param msg pointer to the message thats going to be hashed
* \param length_b length of the message in bits
*/
void sha256(sha256_hash_t* dest, const void* msg, uint32_t length_b);
#endif /*SHA256_H_*/

47
echo/aes_sbox-asm.S
View File

@ -1,47 +0,0 @@
/* aes_sbox-asm.S */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008, 2009 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes_dec-asm.S
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-10
* \license GPLv3 or later
*
*/
.balign 256
.global aes_sbox
aes_sbox:
.byte 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
.byte 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
.byte 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
.byte 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
.byte 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
.byte 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
.byte 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
.byte 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
.byte 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
.byte 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
.byte 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
.byte 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
.byte 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
.byte 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
.byte 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
.byte 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16

4
echo/echo.c
View File

@ -19,8 +19,8 @@
#include "echo.h"
#include "gf256mul.h"
#include "memxor.h"
#include "gf256mul/gf256mul.h"
#include "memxor/memxor.h"
#include <stdint.h>
#include <string.h>

82
echo/gf256mul.S
View File

@ -1,82 +0,0 @@
/* gf256mul.S */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*
* File: gf256mul.S
* Author: Daniel Otte
* Date: 2008-12-19
* License: GPLv3 or later
* Description: peasant's algorithm for multiplication in GF(2^8)
*
*/
#include <avr/io.h>
#define OPTIMIZE_SMALL_A
/*
* param a: r24
* param b: r22
* param reducer: r20
*/
A = 23
B = 22
P = 24
.global gf256mul
#ifdef OPTIMIZE_SMALL_A
gf256mul:
mov A, r24
clr r24
1:
lsr A
breq 4f
brcc 2f
eor P, B
2:
lsl B
brcc 3f
eor B, r20
3:
rjmp 1b
4:
brcc 2f
eor P, B
2:
ret
#else
gf256mul:
mov r21, r24
clr r24
ldi r25, 8
1:
lsr A
brcc 2f
eor P, B
2:
lsl B
brcc 3f
eor B, r20
3:
dec r25
brne 1b
ret
#endif

37
echo/gf256mul.h
View File

@ -1,37 +0,0 @@
/* gf256mul.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef GF256MUL_H_
#define GF256MUL_H_
/**
* \author Daniel Otte
* \email daniel.otte@rub.de
* \date 2008-12-19
* \license GPLv3
* \brief
*
*
*/
#include <stdint.h>
uint8_t gf256mul(uint8_t a, uint8_t b, uint8_t reducer);
#endif /* GF256MUL_H_ */

Some files were not shown because too many files have changed in this diff Show More