important fix for SHA1 (Asm) & SHA256 (Asm) and new MonteCarlo tests for hashes

2010-01-06 23:09:45 +00:00 · 2010-01-06 23:09:45 +00:00 · f26c4e0df2
parent 3602a99dd3
commit f26c4e0df2
6 changed files with 262 additions and 135 deletions
--- a/sha1/sha1-asm.S
+++ b/sha1/sha1-asm.S
@ -178,20 +178,19 @@ sha1_prolog:
 	push r13
 	push r16
 	push r17
-	in r16, SPL
-	in r17, SPH
-	subi r16, 5*4+8
-	sbci r17, 0
+	in r30, SPL
+	in r31, SPH
+	sbiw r30, 5*4+8
 	in r0, SREG
 	cli
-	out SPL, r16
-	out SPH, r17
+	out SPL, r30
 	out SREG, r0
+	out SPH, r31

 	push r25
 	push r24
-	inc r16
-	adc r17, r1
+	adiw r30, 1
+	movw r16, r30

 	movw r8, r18		/* backup of length*/
 	movw r10, r20
@ -203,19 +202,16 @@ sha1_prolog:
 	/* if length >= 512 */
 1:
 	tst r11
-	brne 4f
+	brne 2f
 	tst r10
-	brne 4f
-	mov r19, r9
-	cpi r19, 0x02
-	brlo 4f
-
+	breq 4f
+2:
 	movw r24, r16
 	movw r22, r12
 	rcall sha1_nextBlock
-	ldi r19, 0x64
-	add r22, r19
-	adc r23, r1
+	ldi r19, 64
+	add r12, r19
+	adc r13, r1
 	/* length -= 512 */
 	ldi r19, 0x02
 	sub r9, r19
@ -241,8 +237,8 @@ sha1_epilog:
 	in r0, SREG
 	cli
 	out SPL, r30
-	out SPH, r31
 	out SREG, r0
+	out SPH, r31
 	pop r17
 	pop r16
 	pop r13
@ -287,7 +283,9 @@ sha1_lastBlock:
 	pop r24
 	pop r25
 	subi r21, 2
-	subi r23, -2
+	ldi r19, 64
+	sub r22, r19
+	sbc r23, r1
 	rjmp sha1_lastBlock
 sha1_lastBlock_prolog:
 	/* allocate space on stack */
--- a/sha256/sha256-asm.S
+++ b/sha256/sha256-asm.S
@ -25,6 +25,7 @@
 SHA256_BLOCK_BITS = 512
 SHA256_HASH_BITS = 256

+
 .macro precall
 	/* push r18 - r27, r30 - r31*/
 	push r0
@ -160,21 +161,19 @@ sha256_prolog:
 	push r13
 	push r16
 	push r17
-	in r16, SPL
-	in r17, SPH
-	subi r16, 8*4+8 
-	sbci r17, 0	
+	in r30, SPL
+	in r31, SPH
+	sbiw r30, 8*4+8
 	in r0, SREG
 	cli
-	out SPL, r16
-	out SPH, r17
+	out SPL, r30
 	out SREG, r0
+	out SPH, r31

 	push r25
 	push r24
-	inc r16
-	adc r17, r1
-	
+	adiw r30, 1
+	movw r16, r30
 	movw r8, r18		/* backup of length*/
 	movw r10, r20

@ -182,22 +181,19 @@ sha256_prolog:

 	movw r24, r16
 	rcall sha256_init
-	/* if length >= 512 */
+	/* if length > 0xffff */
 1:
 	tst r11
-	brne 4f
+	brne 2f
 	tst r10
-	brne 4f
-	mov r19, r9
-	cpi r19, 0x02
-	brlo 4f
-	
+	breq 4f
+2:
 	movw r24, r16
 	movw r22, r12
 	rcall sha256_nextBlock
-	ldi r19, 0x64
-	add r22, r19
-	adc r23, r1
+	ldi r19, 64
+	add r12, r19
+	adc r13, r1
 	/* length -= 512 */
 	ldi r19, 0x02
 	sub r9, r19
@ -223,8 +219,8 @@ sha256_epilog:
 	in r0, SREG
 	cli
 	out SPL, r30
-	out SPH, r31
 	out SREG, r0
+	out SPH, r31
 	pop r17
 	pop r16
 	pop r13
@ -269,7 +265,9 @@ sha256_lastBlock:
 	pop r24
 	pop r25
 	subi r21, 0x02
-	subi r23, -2
+	ldi r19, 64
+	add r22, r19
+	adc r23, r1
 	rjmp sha256_lastBlock
 sha256_lastBlock_prolog:
 	/* allocate space on stack */
--- a/test_src/main-sha1-test.c
+++ b/test_src/main-sha1-test.c
@ -190,6 +190,7 @@ const char echo_str[]        PROGMEM = "echo";
 const char shavs_list_str[]  PROGMEM = "shavs_list";
 const char shavs_set_str[]   PROGMEM = "shavs_set";
 const char shavs_test1_str[] PROGMEM = "shavs_test1";
+const char shavs_test2_str[] PROGMEM = "shavs_test2";
 const char dump_str[]        PROGMEM = "dump";


@ -203,6 +204,7 @@ cmdlist_entry_t cmdlist[] PROGMEM = {
 	{ shavs_list_str,      NULL, shavs_listalgos},
 	{ shavs_set_str,   (void*)1, (void_fpt)shavs_setalgo},
 	{ shavs_test1_str,     NULL, shavs_test1},
+	{ shavs_test2_str,     NULL, shavs_test2},
 	{ dump_str,        (void*)1, (void_fpt)dump},
 	{ NULL,                NULL, NULL}
 };
--- a/test_src/main-sha256-test.c
+++ b/test_src/main-sha256-test.c
@ -59,27 +59,68 @@ void testrun_performance_sha256(void){
 	hfal_performance_multiple(algolist);
 }

+void test_monte(void){
+	uint8_t data1[] = {
+     0xF4, 0x1E, 0xCE, 0x26, 0x13, 0xE4, 0x57, 0x39,
+     0x15, 0x69, 0x6B, 0x5A, 0xDC, 0xD5, 0x1C, 0xA3,
+	 0x28, 0xBE, 0x3B, 0xF5, 0x66, 0xA9, 0xCA, 0x99,
+	 0xC9, 0xCE, 0xB0, 0x27, 0x9C, 0x1C, 0xB0, 0xA7,
+     0xF4, 0x1E, 0xCE, 0x26, 0x13, 0xE4, 0x57, 0x39,
+     0x15, 0x69, 0x6B, 0x5A, 0xDC, 0xD5, 0x1C, 0xA3,
+	 0x28, 0xBE, 0x3B, 0xF5, 0x66, 0xA9, 0xCA, 0x99,
+	 0xC9, 0xCE, 0xB0, 0x27, 0x9C, 0x1C, 0xB0, 0xA7,
+     0xF4, 0x1E, 0xCE, 0x26, 0x13, 0xE4, 0x57, 0x39,
+     0x15, 0x69, 0x6B, 0x5A, 0xDC, 0xD5, 0x1C, 0xA3,
+	 0x28, 0xBE, 0x3B, 0xF5, 0x66, 0xA9, 0xCA, 0x99,
+	 0xC9, 0xCE, 0xB0, 0x27, 0x9C, 0x1C, 0xB0, 0xA7 };
+
+   uint8_t data2[] = {
+     0xF4, 0x1E, 0xCE, 0x26, 0x13, 0xE4, 0x57, 0x39,
+     0x15, 0x69, 0x6B, 0x5A, 0xDC, 0xD5, 0x1C, 0xA3,
+	 0x28, 0xBE, 0x3B, 0xF5, 0x66, 0xA9, 0xCA, 0x99,
+	 0xC9, 0xCE, 0xB0, 0x27, 0x9C, 0x1C, 0xB0, 0xA7,
+     0xF4, 0x1E, 0xCE, 0x26, 0x13, 0xE4, 0x57, 0x39,
+     0x15, 0x69, 0x6B, 0x5A, 0xDC, 0xD5, 0x1C, 0xA3,
+	 0x28, 0xBE, 0x3B, 0xF5, 0x66, 0xA9, 0xCA, 0x99,
+	 0xC9, 0xCE, 0xB0, 0x27, 0x9C, 0x1C, 0xB0, 0xA7,
+     0xFD, 0xDF, 0x1B, 0x37, 0xDD, 0x34, 0xB3, 0xB2,
+     0x01, 0xD4, 0x3C, 0x57, 0xBC, 0xDE, 0x11, 0x58,
+     0x38, 0xF0, 0xDF, 0x70, 0x1D, 0xA9, 0x3C, 0x3B,
+     0xF2, 0xC9, 0xC8, 0x68, 0x96, 0xE7, 0xE6, 0xC7 };
+   uint8_t hash[SHA256_HASH_BYTES];
+   sha256(hash, data1, 3*32*8);
+   cli_putstr_P(PSTR("\r\n hash(data1) = "));
+   cli_hexdump(hash, 32);
+   sha256(hash, data2, 3*32*8);
+   cli_putstr_P(PSTR("\r\n hash(data2) = "));
+   cli_hexdump(hash, 32);
+}
+
 /*****************************************************************************
 *  main																	 *
 *****************************************************************************/

 const char nessie_str[]      PROGMEM = "nessie";
 const char test_str[]        PROGMEM = "test";
+const char monte_str[]       PROGMEM = "monte";
 const char performance_str[] PROGMEM = "performance";
 const char echo_str[]        PROGMEM = "echo";
 const char shavs_list_str[]  PROGMEM = "shavs_list";
 const char shavs_set_str[]   PROGMEM = "shavs_set";
 const char shavs_test1_str[] PROGMEM = "shavs_test1";
+const char shavs_test2_str[] PROGMEM = "shavs_test2";
 const char dump_str[]        PROGMEM = "dump";

 cmdlist_entry_t cmdlist[] PROGMEM = {
 	{ nessie_str,          NULL, testrun_nessie_sha256},
 	{ test_str,            NULL, testrun_nessie_sha256},
+	{ monte_str,           NULL, test_monte},
 	{ performance_str,     NULL, testrun_performance_sha256},
 	{ echo_str,        (void*)1, (void_fpt)echo_ctrl},
 	{ shavs_list_str,      NULL, shavs_listalgos},
 	{ shavs_set_str,   (void*)1, (void_fpt)shavs_setalgo},
 	{ shavs_test1_str,     NULL, shavs_test1},
+	{ shavs_test2_str,     NULL, shavs_test2},
 	{ dump_str,        (void*)1, (void_fpt)dump},
 	{ NULL,                NULL, NULL}
 };
--- a/test_src/shavs.c
+++ b/test_src/shavs.c
@ -170,7 +170,7 @@ int32_t getLength(void){
 	}
 }

-void shavs_test1(void){
+void shavs_test1(void){ /* KAT tests */
 	uint32_t length=0;
 	int32_t expect_input=0;

@ -179,7 +179,7 @@ void shavs_test1(void){
 		return;
 	}
 	char c;
-	uint8_t diggest[pgm_read_word(shavs_algo->hashsize_b)/8];
+	uint8_t diggest[pgm_read_word(&(shavs_algo->hashsize_b))/8];
 	shavs_ctx.buffersize_B=pgm_read_word(&(shavs_algo->blocksize_b))/8;
 	uint8_t buffer[shavs_ctx.buffersize_B+5];
 	shavs_ctx.buffer = buffer;
@ -325,3 +325,89 @@ void shavs_test1(void){
 	}
 }

+void shavs_test2(void){ /* MonteCarlo - tests */
+	uint16_t expected_input;
+	uint16_t count;
+	uint8_t v;
+	uint8_t index=0;
+	char c;
+	if(!shavs_algo){
+			cli_putstr_P(PSTR("\r\nERROR: select algorithm first!"));
+		return;
+	}
+	uint8_t ml=pgm_read_word(&(shavs_algo->hashsize_b))/8;
+	uint8_t m[ml*4+8];
+	for(;;){
+		while((c=cli_getc_cecho())!='S' && c!='s'){
+			if(!isblank(c)){
+				cli_putstr_P(PSTR("\r\nERROR: wrong input (1) [0x"));
+				cli_hexdump(&c, 1);
+				cli_putstr_P(PSTR("]!\r\n"));
+				return;
+			}
+		}
+		if((c=cli_getc_cecho())!='e' && c!='e'){
+				cli_putstr_P(PSTR("\r\nERROR: wrong input (2)!\r\n"));
+				return;
+		}
+		if((c=cli_getc_cecho())!='e' && c!='e'){
+				cli_putstr_P(PSTR("\r\nERROR: wrong input (3)!\r\n"));
+				return;
+		}
+		if((c=cli_getc_cecho())!='d' && c!='D'){
+				cli_putstr_P(PSTR("\r\nERROR: wrong input (4)!\r\n"));
+				return;
+		}
+		while((c=cli_getc_cecho())!='='){
+			if(!isblank(c)){
+				cli_putstr_P(PSTR("\r\nERROR: wrong input (5)!\r\n"));
+				return;
+			}
+		}
+		cli_putstr_P(PSTR("\r\n reading seed ml=0x"));
+		cli_hexdump_rev(&ml, 1);
+		expected_input = ml*2;
+		memset(m+2*ml, 0, ml);
+		do{
+			v=0xff;
+			c=cli_getc_cecho();
+			if(c>='0' && c<='9'){
+				v = c - '0';
+			}else{
+				c |= 'A'^'a';
+				if(c>='a' && c<='f'){
+					v = c - 'a' +10;
+				}
+			}
+			if(v<0x10){
+				c=m[ml*2+index/2];
+				if(index&1){
+					c |= v;
+				}else{
+					c |=v<<4;
+				}
+				m[ml*2+index/2]=c;
+				index++;
+				expected_input--;
+			}
+		}while(expected_input);
+		/* so we have the seed */
+		cli_putstr_P(PSTR("\r\nstarting processing"));
+		uint16_t j;
+		for(count=0; count<100; ++count){
+			memcpy(m, m+ml*2, ml);
+			memcpy(m+ml, m+ml*2, ml);
+			for(j=0; j<1000; ++j){
+				hfal_hash_mem(shavs_algo, m+ml*3, m, ml*3*8);
+				memmove(m, m+ml, 3*ml);
+			}
+			cli_putstr_P(PSTR("\r\n\r\nCOUNT = "));
+			if(count>10){
+				cli_putc(count/10+'0');
+			}
+			cli_putc(count%10+'0');
+			cli_putstr_P(PSTR("\r\nMD = "));
+			cli_hexdump(m+ml*2, ml);
+		}
+	}
+}
--- a/test_src/shavs.h
+++ b/test_src/shavs.h
@ -36,5 +36,7 @@ extern hfdesc_t** shavs_algolist;
 void shavs_listalgos(void);
 void shavs_setalgo(char* param);
 void shavs_test1(void);
+void shavs_test2(void);
+

 #endif /* SHAVS */