bg
/
avr-crypto-lib
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

first impression of Rabbit

This commit is contained in:
bg 2011-07-12 17:01:41 +00:00
parent a012cfa921
commit 89bbbf7604
9 changed files with 2754 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
mkfiles/rabbit_c.mk Normal file
View File

@ -0,0 +1,13 @@
# Makefile for Rabbit
ALGO_NAME := RABBIT_C
# comment out the following line for removement of Rabbit from the build process
STREAM_CIPHERS += $(ALGO_NAME)
$(ALGO_NAME)_DIR := rabbit/
$(ALGO_NAME)_OBJ := rabbit_c.o
$(ALGO_NAME)_INCDIR := memxor/ scal/
$(ALGO_NAME)_TEST_BIN := main-rabbit-test.o $(CLI_STD) $(SCAL_STD) scal_rabbit.o
$(ALGO_NAME)_NESSIE_TEST := "nessie"
$(ALGO_NAME)_PERFORMANCE_TEST := "performance"

2
mkfiles/salsa20_c.mk
View File

@ -1,7 +1,7 @@
# Makefile for Salsa20
ALGO_NAME := SALSA20_C
# comment out the following line for removement of ARCFOUR from the build process
# comment out the following line for removement of Salsa20 from the build process
STREAM_CIPHERS += $(ALGO_NAME)
$(ALGO_NAME)_DIR := salsa20/

41
rabbit/rabbit.h Normal file
View File

@ -0,0 +1,41 @@
/* rabbit.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2011 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef RABBIT_H_
#define RABBIT_H_
#include <stdint.h>
typedef struct {
uint32_t x[8];
uint32_t c[8];
uint8_t buffer[16];
uint8_t carry;
uint8_t buffer_idx;
} rabbit_ctx_t;
void dump_ctx(rabbit_ctx_t* ctx);
uint8_t rabbit_gen(rabbit_ctx_t* ctx);
void rabbit_init(const void* key, uint16_t keysize_b,
const void* iv,
rabbit_ctx_t* ctx);
#endif /* RABBIT_H_ */

238
rabbit/rabbit_c.c Normal file
View File

@ -0,0 +1,238 @@
/* rabbit_c.c */
/*
This file is part of the ARM-Crypto-Lib.
Copyright (C) 2006-2011 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <avr/pgmspace.h>
#include <string.h>
#include <stdint.h>
#include "rabbit.h"
#ifndef ESTREAM
#define ESTREAM 1
#endif
/*
void dump_ctx(rabbit_ctx_t* ctx){
uint8_t i=0;
cli_putstr_P(PSTR("\r\n --- ctx dump ---\r\n b = "));
cli_hexdump_byte(ctx->carry);
do{
if((i&3)==0){
cli_putstr_P(PSTR("\r\n"));
}
cli_putstr_P(PSTR(" X"));
cli_hexdump_byte(i);
cli_putstr_P(PSTR(" = 0x"));
cli_hexdump_rev(&(ctx->x[i]), 4);
}while(++i<8);
i=0;
do{
if((i&3)==0){
cli_putstr_P(PSTR("\r\n"));
}
cli_putstr_P(PSTR(" C"));
cli_hexdump_byte(i);
cli_putstr_P(PSTR(" = 0x"));
cli_hexdump_rev(&(ctx->c[i]), 4);
}while(++i<8);
}
*/
static
const uint32_t c_const[8] PROGMEM = {
0x4D34D34D, 0xD34D34D3,
0x34D34D34, 0x4D34D34D,
0xD34D34D3, 0x34D34D34,
0x4D34D34D, 0xD34D34D3
};
static
void gen_g(uint32_t* dest, rabbit_ctx_t* ctx){
uint8_t i=0;
uint64_t a;
uint32_t t, *x, *c;
x = ctx->x;
c = ctx->c;
do{
t = *x++ + *c++;
a = ((uint64_t)t)*((uint64_t)t);
dest[i] = (uint32_t)(a^(a>>32));
}while(++i<8);
}
static
void update_c(rabbit_ctx_t* ctx){
uint8_t i=0;
uint64_t a;
uint32_t *c;
const uint32_t *con;
c = ctx->c;
con = c_const;
a = ctx->carry;
do{
a += *c;
a += pgm_read_dword(con++);
*c++ = (uint32_t)a;
a >>= 32;
}while(++i<8);
ctx->carry = a?1:0;
}
#define ROT16(a) (((a)<<16) | ((a)>>16))
#define ROT8(a) (((a)<< 8) | ((a)>>24))
static
void step(rabbit_ctx_t* ctx){
uint32_t g[8];
uint8_t i=0;
update_c(ctx);
gen_g(g, ctx);
memcpy(ctx->x, g, 8*4);
do{
ctx->x[i] += ROT16(g[(i+8-1)%8]) + ROT16(g[(i+8-2)%8]);
++i;
ctx->x[i] += ROT8(g[(i+8-1)%8]) + g[(i+8-2)%8];
}while(++i<8);
}
static
void keysetup(rabbit_ctx_t* ctx, const void* key){
uint16_t *x, *c;
uint8_t i=0;
x = (uint16_t*)(ctx->x);
c = (uint16_t*)(ctx->c);
ctx->carry = 0;
do{
*x++ = ((uint16_t*)key)[i];
*x++ = ((uint16_t*)key)[(i+1)%8];
*c++ = ((uint16_t*)key)[(i+5)%8];
*c++ = ((uint16_t*)key)[(i+4)%8];
++i;
*x++ = ((uint16_t*)key)[(i+4)%8];
*x++ = ((uint16_t*)key)[(i+5)%8];
*c++ = ((uint16_t*)key)[(i+1)%8];
*c++ = ((uint16_t*)key)[i];
}while(++i<8);
i=0;
do{
step(ctx);
}while(++i<4);
i=0;
do{
ctx->c[i] ^= ctx->x[(i+4)%8];
}while(++i<8);
}
static
void ivsetup(rabbit_ctx_t* ctx, const void* iv){
uint8_t i;
uint32_t t;
uint8_t t_iv[8];
i=0;
#if ESTREAM
memcpy(t_iv, iv, 8);
#else
do{
t_iv[i] = ((uint8_t*)iv)[7-i];
t_iv[7-i] = ((uint8_t*)iv)[i];
}while(++i<4);
#endif
ctx->c[0] ^= *((uint32_t*)t_iv);
ctx->c[4] ^= *((uint32_t*)t_iv);
ctx->c[2] ^= ((uint32_t*)t_iv)[1];
ctx->c[6] ^= ((uint32_t*)t_iv)[1];
t = (( (uint32_t)((uint16_t*)t_iv)[3])<<16) | (((uint16_t*)t_iv)[1]);
ctx->c[1] ^= t;
ctx->c[5] ^= t;
t = (( (uint32_t)((uint16_t*)t_iv)[2])<<16) | (((uint16_t*)t_iv)[0]);
ctx->c[3] ^= t;
ctx->c[7] ^= t;
i=4;
do{
step(ctx);
}while(--i);
}
static
void extract(rabbit_ctx_t* ctx){
int8_t i=0;
uint8_t *t;
uint16_t v;
t = ctx->buffer;
i=6;
do{
v = ((uint16_t*)(ctx->x))[(2*(i+ 8)+1)%16]
^ ((uint16_t*)(ctx->x))[(2*(i+11)+0)%16];
*t++ = v>>8;
*t++ = (uint8_t)v;
v = ((uint16_t*)(ctx->x))[(2*(i+ 8)+0)%16]
^ ((uint16_t*)(ctx->x))[(2*(i+13)+1)%16];
*t++ = v>>8;
*t++ = (uint8_t)v;
i-=2;
}while(i>=0);
#if ESTREAM
uint8_t x;
i=0;
do{
x = ctx->buffer[i];
ctx->buffer[i] = ctx->buffer[15-i];
ctx->buffer[15-i] = x;
}while(++i<8);
#endif
}
static const uint8_t key80_pad[] PROGMEM = { 0xDE, 0x05, 0x6E, 0xAC, 0x8A, 0x11 };
void rabbit_init(const void* key, uint16_t keysize_b,
const void* iv,
rabbit_ctx_t* ctx){
uint8_t t_key[16];
if(keysize_b==80){
memcpy(t_key, key, 10);
memcpy_P(t_key+10, key80_pad, 6);
}else{
memcpy(t_key, key, 16);
}
#if !ESTREAM
uint8_t i=0, t;
do{
t = t_key[i];
t_key[i] = t_key[15-i];
t_key[15-i] = t;
}while(++i<8);
#endif
keysetup(ctx, t_key);
if(iv){
ivsetup(ctx, iv);
}
extract(ctx);
ctx->buffer_idx = 16;
}
uint8_t rabbit_gen(rabbit_ctx_t* ctx){
if(ctx->buffer_idx==16){
step(ctx);
extract(ctx);
ctx->buffer_idx = 0;
}
return ctx->buffer[ctx->buffer_idx++];
}

56
scal/scal_rabbit.c Normal file
View File

@ -0,0 +1,56 @@
/* scal_rabbit.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2011 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdlib.h>
#include <avr/pgmspace.h>
#include <stdint.h>
#include "streamcipher_descriptor.h"
#include "keysize_descriptor.h"
#include "rabbit.h"
const char rabbit_str[] PROGMEM = "rabbit";
const uint8_t rabbit_keysize_desc[] PROGMEM = {
KS_TYPE_LIST, 2, KS_INT(128), KS_INT(80),
KS_TYPE_TERMINATOR };
const uint8_t rabbit_ivsize_desc[] PROGMEM = {
KS_TYPE_LIST, 1, KS_INT(64),
KS_TYPE_TERMINATOR };
const scdesc_t rabbit_desc PROGMEM = {
SCDESC_TYPE_STREAMCIPHER, /* abstraction layer type designator */
SC_INIT_TYPE_4|SC_GEN_TYPE_1, /* flags*/
rabbit_str, /* name string pointer */
sizeof(rabbit_ctx_t), /* size of context */
8, /* blocksize */
{(void_fpt)rabbit_init}, /* init function pointer */
{(void_fpt)rabbit_gen}, /* key stream generator function pointer */
{(void_fpt)NULL}, /* key stream generator for random access function pointer */
(sc_free_fpt)NULL, /* free function pointer */
rabbit_keysize_desc, /* key size descriptor pointer */
rabbit_ivsize_desc /* iv size descriptor pointer */
};

27
scal/scal_rabbit.h Normal file
View File

@ -0,0 +1,27 @@
/* scal_rabbit.h */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2011 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef SCAL_RABBIT_H_
#define SCAL_RABBIT_H_
#include "streamcipher_descriptor.h"
extern const scdesc_t rabbit_desc;
#endif /* SCAL_RABBIT_H_ */

202
test_src/main-rabbit-test.c Normal file
View File

@ -0,0 +1,202 @@
/* main-rabbit-test.c */
/*
This file is part of the AVR-Crypto-Lib.
Copyright (C) 2006-2011 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "config.h"
#include "uart_i.h"
#include "debug.h"
#include "rabbit.h"
#include "cli.h"
#include "performance_test.h"
#include "scal_rabbit.h"
#include "scal-basic.h"
#include "scal-nessie.h"
#include <stdlib.h>
#include <stdint.h>
#include <string.h>
char* algo_name = "Rabbit";
/*****************************************************************************
* additional validation-functions *
*****************************************************************************/
void test_vector(void* key, void* iv){
rabbit_ctx_t ctx;
cli_putstr_P(PSTR("\r\n testing with key: "));
cli_hexdump(key, 16);
cli_putstr_P(PSTR("\r\n iv: "));
if(iv){
cli_hexdump(iv, 8);
}else{
cli_putstr_P(PSTR("[no iv]"));
}
rabbit_init(key, 128, iv, &ctx);
cli_putstr_P(PSTR("\r\n S[0]: "));
rabbit_gen(&ctx);
cli_hexdump(ctx.buffer, 16);
cli_putstr_P(PSTR("\r\n S[1]: "));
ctx.buffer_idx=16;
rabbit_gen(&ctx);
cli_hexdump(ctx.buffer, 16);
cli_putstr_P(PSTR("\r\n S[2]: "));
ctx.buffer_idx=16;
rabbit_gen(&ctx);
cli_hexdump(ctx.buffer, 16);
// dump_ctx(&ctx);
ctx.buffer_idx=16;
rabbit_gen(&ctx);
// dump_ctx(&ctx);
cli_putstr_P(PSTR("\r\n S[3]: "));
cli_hexdump(ctx.buffer, 16);
ctx.buffer_idx=16;
rabbit_gen(&ctx);
cli_putstr_P(PSTR("\r\n S[4]: "));
cli_hexdump(ctx.buffer, 16);
cli_putstr_P(PSTR("\r\n"));
}
void nessie_first(void){
uint8_t key[16];
uint8_t iv[8];
memset(iv, 0, 8);
memset(key, 0, 16);
key[0] = 0x80;
test_vector(key, iv);
key[0] = 0x00;
key[15] = 0x80;
test_vector(key, iv);
}
const uint8_t spec_key1[] PROGMEM = {
0x91, 0x28, 0x13, 0x29, 0x2E, /* 0xED */ 0x3D, 0x36, 0xFE,
0x3B, 0xFC, 0x62, 0xF1, 0xDC, 0x51, 0xC3, 0xAC
};
const uint8_t spec_key2[] PROGMEM = {
0x83, 0x95, 0x74, 0x15, 0x87, 0xE0, 0xC7, 0x33,
0xE9, 0xE9, 0xAB, 0x01, 0xC0, 0x9B, 0x00, 0x43
};
const uint8_t spec_iv1[] PROGMEM = {
0xC3, 0x73, 0xF5, 0x75, 0xC1, 0x26, 0x7E, 0x59
};
const uint8_t spec_iv2[] PROGMEM = {
0xA6, 0xEB, 0x56, 0x1A, 0xD2, 0xF4, 0x17, 0x27
};
void spec_test(void){
uint8_t key[16];
uint8_t iv[8];
memset(key, 0, 16);
test_vector(key, NULL);
memcpy_P(key, spec_key1, 16);
test_vector(key, NULL);
memcpy_P(key, spec_key2, 16);
test_vector(key, NULL);
memset(key, 0, 16);
memset(iv, 0, 8);
test_vector(key, iv);
memcpy_P(iv, spec_iv1, 8);
test_vector(key, iv);
memcpy_P(iv, spec_iv2, 8);
test_vector(key, iv);
}
void testrun_nessie_rabbit(void){
scal_nessie_set_estream(1);
scal_nessie_run(&rabbit_desc);
}
void testrun_performance_rabbit(void){
uint64_t t;
char str[16];
uint8_t key[16];
rabbit_ctx_t ctx;
calibrateTimer();
print_overhead();
memset(key, 0, 16);
startTimer(1);
rabbit_init(key, 128, NULL, &ctx);
t = stopTimer();
cli_putstr_P(PSTR("\r\n\tctx-gen time: "));
ultoa((unsigned long)t, str, 10);
cli_putstr(str);
startTimer(1);
rabbit_gen(&ctx);
t = stopTimer();
cli_putstr_P(PSTR("\r\n\tencrypt time: "));
ultoa((unsigned long)t, str, 10);
cli_putstr(str);
cli_putstr_P(PSTR("\r\n"));
}
/*****************************************************************************
* main *
*****************************************************************************/
const char nessie_str[] PROGMEM = "nessie";
const char first_str[] PROGMEM = "first";
const char test_str[] PROGMEM = "test";
const char performance_str[] PROGMEM = "performance";
const char echo_str[] PROGMEM = "echo";
cmdlist_entry_t cmdlist[] PROGMEM = {
{ nessie_str, NULL, testrun_nessie_rabbit},
{ performance_str, NULL, testrun_performance_rabbit},
{ first_str, NULL, nessie_first},
{ test_str, NULL, spec_test},
{ echo_str, (void*)1, (void_fpt)echo_ctrl},
{ NULL, NULL, NULL}
};
int main (void){
DEBUG_INIT();
cli_rx = (cli_rx_fpt)uart0_getc;
cli_tx = (cli_tx_fpt)uart0_putc;
for(;;){
cli_putstr_P(PSTR("\r\n\r\nCrypto-VS ("));
cli_putstr(algo_name);
cli_putstr_P(PSTR(")\r\nloaded and running\r\n"));
cmd_interface(cmdlist);
}
}

15
test_src/main-salsa20-test.c
View File

@ -232,12 +232,11 @@ void testrun_nessie_salsa20(void){
scal_nessie_run(&salsa20_desc);
}
/*
void testrun_performance_arcfour(void){
void testrun_performance_salsa20(void){
uint64_t t;
char str[16];
uint8_t key[16];
arcfour_ctx_t ctx;
uint8_t key[32];
salsa20_ctx_t ctx;
calibrateTimer();
print_overhead();
@ -245,14 +244,14 @@ void testrun_performance_arcfour(void){
memset(key, 0, 16);
startTimer(1);
arcfour_init(key, 16, &ctx);
salsa20_init(key, 128, NULL, &ctx);
t = stopTimer();
cli_putstr_P(PSTR("\r\n\tctx-gen time: "));
ultoa((unsigned long)t, str, 10);
cli_putstr(str);
startTimer(1);
arcfour_gen(&ctx);
salsa20_gen(&ctx);
t = stopTimer();
cli_putstr_P(PSTR("\r\n\tencrypt time: "));
ultoa((unsigned long)t, str, 10);
@ -260,7 +259,7 @@ void testrun_performance_arcfour(void){
cli_putstr_P(PSTR("\r\n"));
}
*/
/*****************************************************************************
* main *
@ -273,7 +272,7 @@ const char echo_str[] PROGMEM = "echo";
cmdlist_entry_t cmdlist[] PROGMEM = {
{ nessie_str, NULL, testrun_nessie_salsa20 },
// { performance_str, NULL, testrun_performance_arcfour},
{ performance_str, NULL, testrun_performance_salsa20},
{ test_str, NULL, spec_test},
{ echo_str, (void*)1, (void_fpt)echo_ctrl},
{ NULL, NULL, NULL}

2169
testvectors/rabbit-verified.test-vectors Normal file
View File

File diff suppressed because it is too large Load Diff