seed now in pure asm

2008-12-11 18:14:49 +00:00 · 2008-12-11 18:14:49 +00:00 · a1518b457d
parent fabad4ec56
commit a1518b457d
4 changed files with 175 additions and 176 deletions
--- a/mkfiles/seed.mk
+++ b/mkfiles/seed.mk
@ -4,7 +4,7 @@ ALGO_NAME := SEED
 # comment out the following line for removement of SEED from the build process
 BLOCK_CIPHERS += $(ALGO_NAME)

-$(ALGO_NAME)_OBJ      := seed-stub.o seed-asm.o
+$(ALGO_NAME)_OBJ      := seed-asm.o
 $(ALGO_NAME)_TEST_BIN := main-seed-test.o debug.o uart.o serial-tools.o \
                         nessie_bc_test.o nessie_common.o \
                         cli.o performance_test.o
--- a/seed-asm.S
+++ b/seed-asm.S
@ -27,36 +27,6 @@
 */
 #include "avr-asm-macros.S"

-.global bigendian_sum32
-; === bigendian_sum32 ===
-; function that adds two 32-bit words in the bigendian way and returns the result
-;  param1: the first 32-bit word
-;	given in r25,r24,r23,22 (r25 is most significant for little endian)
-;  param2: the second 32-bit word
-;	given in r21,r20,r19,18 (r21 is most significant for little endian)
-;  modifys: 
-bigendian_sum32:
-	add r25, r21
-	adc r24, r20
-	adc r23, r19
-	adc r22, r18
-	ret
-	
-.global bigendian_sub32
-; === bigendian_sub32 ===
-; function that subtracts a 32-bit words from another in the bigendian way and returns the result
-;  param1: the minuend 32-bit word
-;	given in r25,r24,r23,22 (r25 is most significant for little endian)
-;  param2: the subtrahend 32-bit word
-;	given in r21,r20,r19,18 (r21 is most significant for little endian)
-;  modifys: 
-bigendian_sub32:
-	sub r25, r21
-	sbc r24, r20
-	sbc r23, r19
-	sbc r22, r18
-	ret
-
 /******************************************************************************/	
 /*
 #define M0 0xfc
@ -112,7 +82,6 @@ T3 = X1
 *  X2 = R23
 *  X3 = R22
 */    
-.global seed_g_function
 seed_g_function:
 	ldi r30, lo8(seed_sbox1)
 	ldi r31, hi8(seed_sbox1)
@ -283,7 +252,6 @@ C2 = 14
 C3 = 15
 D2 = 16
 D3 = 17
-.global seed_f_function
 seed_f_function:
 	push_range 10, 17
 	movw r30, r24
@ -472,7 +440,6 @@ compute_keys:
 	mov r18, D0 
 	ret

-.global seed_getnextkeys
 seed_getnextkeys:
 	push_range 10, 17
 	push r28
@ -580,7 +547,6 @@ keypair_t getprevkeys(uint32_t *keystate, uint8_t curround){
 * param curround: r22
 */

-.global seed_getprevkeys
 seed_getprevkeys:
 	push_range 10, 17
 	push r28
@ -657,7 +623,6 @@ r_odd_round:

 /******************************************************************************/

-.global seed_kc
 seed_kc:
 .long   0xb979379e 
 .long   0x73f36e3c
@ -833,6 +798,160 @@ seed_enc:
 	pop_range 9, 17
 	ret

+/******************************************************************************/
+/*
+#define L (((uint64_t*)buffer)[0])
+#define R (((uint64_t*)buffer)[1])

+void seed_dec(void * buffer, seed_ctx_t * ctx){
+	int8_t r;
+	keypair_t k;
+	for(r=7; r>=0; --r){
+			k = seed_getprevkeys(ctx->k, 2*r+1);
+/ *
+	DEBUG_S("\r\n\tDBG ka,0: "); uart_hexdump(&k.k0, 4);
+	DEBUG_S("\r\n\tDBG ka,1: "); uart_hexdump(&k.k1, 4);
+	DEBUG_S("\r\n\t DBG L: "); uart_hexdump((uint8_t*)buffer+0, 8);
+	DEBUG_S("\r\n\t DBG R: "); uart_hexdump((uint8_t*)buffer+8, 8);
+* /
+			L ^= seed_f_function(&R,k.k0,k.k1);
+			
+			k = seed_getprevkeys(ctx->k, 2*r+0);
+/ *
+	DEBUG_S("\r\n\tDBG kb,0: "); uart_hexdump(&k.k0, 4);
+	DEBUG_S("\r\n\tDBG kb,1: "); uart_hexdump(&k.k1, 4);
+	DEBUG_S("\r\n\t DBG L: "); uart_hexdump((uint8_t*)buffer+8, 8);
+	DEBUG_S("\r\n\t DBG R: "); uart_hexdump((uint8_t*)buffer+0, 8);
+* /
+			R ^= seed_f_function(&L,k.k0,k.k1);
+	}
+	/ * just an exchange without temp. variable * /
+	L ^= R;
+	R ^= L;
+	L ^= R;
+}
+*/
+/*
+ * param buffer: r24:r25
+ * param ctx:    r22:r23
+ */
+CTR  = 9
+xLPTR = 10
+xRPTR = 12
+CPTR = 14

+.global seed_dec
+seed_dec:
+	push_range 9, 17
+	push r28
+	push r29	
+	ldi r16, 7
+	mov CTR, r16
+	movw xLPTR, r24
+	adiw r24, 8
+	movw xRPTR, r24		
+	movw CPTR, r22
+1:
+	movw r28, xLPTR
+	movw r24, CPTR
+	mov r22, CTR
+	lsl r22
+	inc r22
+	rcall seed_getprevkeys	
+
+	/* use pen & paper to understand the following permutation */
+	movw r16, r22
+	movw r22, r18
+	movw r18, r24
+	movw r24, r20
+	movw r20, r22
+	movw r22, r24
+	movw r24, xRPTR	
+
+	rcall seed_f_function
+
+	ld r0, Y
+	eor r0, r18
+	st Y+, r0
+	ld r0, Y
+	eor r0, r19
+	st Y+, r0
+	ld r0, Y
+	eor r0, r20
+	st Y+, r0
+	ld r0, Y
+	eor r0, r21
+	st Y+, r0
+	ld r0, Y
+	eor r0, r22
+	st Y+, r0
+	ld r0, Y
+	eor r0, r23
+	st Y+, r0
+	ld r0, Y
+	eor r0, r24
+	st Y+, r0
+	ld r0, Y
+	eor r0, r25
+	st Y+, r0
+	/* secound half */
+	movw r24, CPTR
+	mov r22, CTR
+	lsl r22
+	rcall seed_getprevkeys	
+
+	movw r16, r22
+	movw r22, r18
+	movw r18, r24
+	movw r24, r20
+	movw r20, r22
+	movw r22, r24
+	movw r24, xLPTR	
+	
+	rcall seed_f_function
+
+	ld r0, Y
+	eor r0, r18
+	st Y+, r0
+	ld r0, Y
+	eor r0, r19
+	st Y+, r0
+	ld r0, Y
+	eor r0, r20
+	st Y+, r0
+	ld r0, Y
+	eor r0, r21
+	st Y+, r0
+	ld r0, Y
+	eor r0, r22
+	st Y+, r0
+	ld r0, Y
+	eor r0, r23
+	st Y+, r0
+	ld r0, Y
+	eor r0, r24
+	st Y+, r0
+	ld r0, Y
+	eor r0, r25
+	st Y+, r0
+	
+	dec CTR
+	brmi 3f
+	rjmp 1b
+3:
+	movw r28, xLPTR
+	movw r30, xRPTR
+	ldi r17, 8
+4:
+	ld r10, Y
+	ld r11, Z
+	st Z+, r10
+	st Y+, r11
+	dec r17
+	brne 4b
+5:
+	pop r29
+	pop r28
+	pop_range 9, 17
+	ret

--- a/seed-stub.c
+++ b/seed-stub.c
@ -1,120 +0,0 @@
-/* seed.c */
-/*
-    This file is part of the Crypto-avr-lib/microcrypt-lib.
-    Copyright (C) 2008  Daniel Otte (daniel.otte@rub.de)
-
-    This program is free software: you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation, either version 3 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License
-    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
- /**
- * \file	seed.c
- * \author	Daniel Otte 
- * \date	2007-06-1
- * \brief	SEED parts in C for AVR
- * \par License	
- * GPL
- * 
- */
-#include <stdint.h>
-#include <avr/pgmspace.h>
-#include <string.h>
-#include "seed.h"
-#include "uart.h"
-#include "debug.h"
-
-
-
-/******************************************************************************/
-typedef struct {
-	uint32_t k0, k1;
-} keypair_t;
-
-uint64_t  seed_f_function(const uint64_t* a, uint32_t k0, uint32_t k1);
-keypair_t seed_getnextkeys(uint32_t *keystate, uint8_t curround);
-keypair_t seed_getprevkeys(uint32_t *keystate, uint8_t curround);
-
-/******************************************************************************/
-#if 0
-#define L (((uint64_t*)buffer)[0])
-#define R (((uint64_t*)buffer)[1])
-
-void seed_enc(void * buffer, seed_ctx_t * ctx){
-	uint8_t r;
-	keypair_t k;
-	for(r=0; r<8; ++r){
-			k = seed_getnextkeys(ctx->k, 2*r);
-/*
-	DEBUG_S("\r\n\tDBG ka,0: "); uart_hexdump(&k.k0, 4);
-	DEBUG_S("\r\n\tDBG ka,1: "); uart_hexdump(&k.k1, 4);
-	DEBUG_S("\r\n\t DBG L:   "); uart_hexdump((uint8_t*)buffer+0, 8);
-	DEBUG_S("\r\n\t DBG R:   "); uart_hexdump((uint8_t*)buffer+8, 8);
-*/
-			L ^= seed_f_function(&R,k.k0,k.k1);
-			
-			k = seed_getnextkeys(ctx->k, 2*r+1);
-/*
-	DEBUG_S("\r\n\tDBG kb,0: "); uart_hexdump(&k.k0, 4);
-	DEBUG_S("\r\n\tDBG kb,1: "); uart_hexdump(&k.k1, 4);
-	DEBUG_S("\r\n\t DBG L:   "); uart_hexdump((uint8_t*)buffer+8, 8);
-	DEBUG_S("\r\n\t DBG R:   "); uart_hexdump((uint8_t*)buffer+0, 8);
-*/
-			R ^= seed_f_function(&L,k.k0,k.k1);
-	}
-	/* just an exchange without temp. variable */
-	L ^= R;
-	R ^= L;
-	L ^= R;
-}
-#endif
-
-/******************************************************************************/
-
-#define L (((uint64_t*)buffer)[0])
-#define R (((uint64_t*)buffer)[1])
-
-void seed_dec(void * buffer, seed_ctx_t * ctx){
-	int8_t r;
-	keypair_t k;
-	for(r=7; r>=0; --r){
-			k = seed_getprevkeys(ctx->k, 2*r+1);
-/*
-	DEBUG_S("\r\n\tDBG ka,0: "); uart_hexdump(&k.k0, 4);
-	DEBUG_S("\r\n\tDBG ka,1: "); uart_hexdump(&k.k1, 4);
-	DEBUG_S("\r\n\t DBG L: "); uart_hexdump((uint8_t*)buffer+0, 8);
-	DEBUG_S("\r\n\t DBG R: "); uart_hexdump((uint8_t*)buffer+8, 8);
-*/
-			L ^= seed_f_function(&R,k.k0,k.k1);
-			
-			k = seed_getprevkeys(ctx->k, 2*r+0);
-/*
-	DEBUG_S("\r\n\tDBG kb,0: "); uart_hexdump(&k.k0, 4);
-	DEBUG_S("\r\n\tDBG kb,1: "); uart_hexdump(&k.k1, 4);
-	DEBUG_S("\r\n\t DBG L: "); uart_hexdump((uint8_t*)buffer+8, 8);
-	DEBUG_S("\r\n\t DBG R: "); uart_hexdump((uint8_t*)buffer+0, 8);
-*/
-			R ^= seed_f_function(&L,k.k0,k.k1);
-	}
-	/* just an exchange without temp. variable */
-	L ^= R;
-	R ^= L;
-	L ^= R;
-}
-
-
-
-
-
-
-
-
-
--- a/test_src/main-seed-test.c
+++ b/test_src/main-seed-test.c
@ -107,7 +107,7 @@ void testrun_performance_seed(void){

 void testencrypt(uint8_t* block, uint8_t* key){
 	seed_ctx_t ctx;
-	uart_putstr("\r\n==testy-encrypt==\r\n key: ");
+	uart_putstr("\r\n==testy-encrypt==\r\n key:   ");
 	uart_hexdump(key,16);
 	seed_init(key, &ctx);
 	uart_putstr("\r\n plain: ");
@ -119,7 +119,7 @@ void testencrypt(uint8_t* block, uint8_t* key){

 void testdecrypt(uint8_t* block, uint8_t* key){
 	seed_ctx_t ctx;
-	uart_putstr("\r\n==testy-decrypt==\r\n key: ");
+	uart_putstr("\r\n==testy-decrypt==\r\n key:   ");
 	uart_hexdump(key,16);
 	seed_init(key, &ctx);
 	uart_putstr("\r\n crypt: ");
@ -131,25 +131,25 @@ void testdecrypt(uint8_t* block, uint8_t* key){

 void testrun_seed(void){
 	uint8_t keys[4][16]=
-		{ {	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
-			0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-		  {	0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-			0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
-		  { 0x47, 0x06, 0x48, 0x08, 0x51, 0xE6, 0x1B, 0xE8,
-		  	0x5D, 0x74, 0xBF, 0xB3, 0xFD, 0x95, 0x61, 0x85 },
-		  { 0x28, 0xDB, 0xC3, 0xBC, 0x49, 0xFF, 0xD8, 0x7D,
-		  	0xCF, 0xA5, 0x09, 0xB1, 0x1D, 0x42, 0x2B, 0xE7,}
-		};
+                { {     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+                        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+                  {     0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+                        0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
+                  {     0x47, 0x06, 0x48, 0x08, 0x51, 0xE6, 0x1B, 0xE8,
+                        0x5D, 0x74, 0xBF, 0xB3, 0xFD, 0x95, 0x61, 0x85 },
+                  {     0x28, 0xDB, 0xC3, 0xBC, 0x49, 0xFF, 0xD8, 0x7D,
+                        0xCF, 0xA5, 0x09, 0xB1, 0x1D, 0x42, 0x2B, 0xE7,}
+                };
 	uint8_t datas[4][16]=
-		{ {	0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-			0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
-		  {	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
-			0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-		  { 0x83, 0xA2, 0xF8, 0xA2, 0x88, 0x64, 0x1F, 0xB9, 
-		  	0xA4, 0xE9, 0xA5, 0xCC, 0x2F, 0x13, 0x1C, 0x7D },
-		  { 0xB4, 0x1E, 0x6B, 0xE2, 0xEB, 0xA8, 0x4A, 0x14, 
-		  	0x8E, 0x2E, 0xED, 0x84, 0x59, 0x3C, 0x5E, 0xC7 }
-		};
+                { {     0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+                        0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
+                  {     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+                        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+                  {     0x83, 0xA2, 0xF8, 0xA2, 0x88, 0x64, 0x1F, 0xB9, 
+                        0xA4, 0xE9, 0xA5, 0xCC, 0x2F, 0x13, 0x1C, 0x7D },
+                  {     0xB4, 0x1E, 0x6B, 0xE2, 0xEB, 0xA8, 0x4A, 0x14, 
+                        0x8E, 0x2E, 0xED, 0x84, 0x59, 0x3C, 0x5E, 0xC7 }
+                };
 	uint8_t i=0;
 	for(i=0; i<4; ++i){
 		testencrypt(datas[i],keys[i]);